diff --git a/.gitignore b/.gitignore deleted file mode 100644 index 1c3d2ce9c..000000000 --- a/.gitignore +++ /dev/null @@ -1,5 +0,0 @@ -*.swp -Gemfile.lock -.vendor -vendor -*/spec/* diff --git a/.gitreview b/.gitreview deleted file mode 100644 index a5fd69294..000000000 --- a/.gitreview +++ /dev/null @@ -1,4 +0,0 @@ -[gerrit] -host=review.gerrithub.io -port=29418 -project=redhat-openstack/openstack-puppet-modules diff --git a/.travis.sh b/.travis.sh deleted file mode 100755 index 85d923836..000000000 --- a/.travis.sh +++ /dev/null @@ -1,31 +0,0 @@ -#!/bin/bash -set -ev -MODS="$(git diff HEAD~1 Puppetfile | grep "^+" -B2 | grep mod | cut -d"'" -f2)" -ERRORS="" -PASSES="" -rake validate_puppetfile SPEC_OPTS='--format documentation --color --backtrace' || exit 1 -if [ "${MODS}" != "" ]; then - for module in ${MODS}; do - if [ -e ./${module}/Rakefile ]; then - rake test_modules[./${module}/Rakefile] SPEC_OPTS='--format documentation --color --backtrace' - ret=$? - if [[ $ret -eq 0 ]]; then - PASSES="${PASSES}\nPassed spec on module ${module}" - else - ERRORS="${ERRORS}\nFailed spec on module ${module}" - fi - else - ERRORS="${ERRORS}\nMissing ./${module}/Rakefile, not running spec tests. You have to manually check whether this is OK." - fi - done -else - echo "No changed module detected!" - git diff HEAD~1 Puppetfile - exit 0 -fi - -echo -e "\e[42m${PASSES}" -if [ "${ERRORS}" != "" ]; then - echo -e "\e[41m${ERRORS}" - exit 1 -fi diff --git a/.travis.yml b/.travis.yml deleted file mode 100644 index fb7a77e30..000000000 --- a/.travis.yml +++ /dev/null @@ -1,23 +0,0 @@ -language: ruby -install: -script: "./.travis.sh" -rvm: - - 2.0.0 -matrix: - fast_finish: true -env: - matrix: - - PUPPET_GEM_VERSION="~> 3.7.0" -notifications: - email: false - irc: - template: - - "%{repository}#%{build_number} (%{branch} - %{commit} : %{author}): %{message}" - - "Change view : %{compare_url}" - - "Build details : %{build_url}" - channels: - - "chat.freenode.net#packstack-dev" - on_success: always - on_failure: always - use_notice: true - skip_join: true diff --git a/BUILDING.md b/BUILDING.md deleted file mode 100644 index 3aa5b39b1..000000000 --- a/BUILDING.md +++ /dev/null @@ -1,59 +0,0 @@ -# Basics - -This is really more of a 'prep for building' document, as the actual build is -automated with [delorean](https://github.com/openstack-packages/delorean) once -the required steps have been taken. - -## Step 1 - Tag - -In order to generate a new release, the first step is to tag the upstream branch -(this is not needed for master), so for example: -``` - git checkout upstream-liberty - git tag {release-number} - git push origin {release-number} -``` - -## Step 2 - Rebase - -Next, we need to rebase the patches branch that matches the target release, -so in the above example, stable/liberty: -``` - git checkout stable/liberty - git fetch origin # assuming origin is the upstream repo location - git rebase -i origin/upstream-liberty -``` -This will give you a list of patches in stable to be applied on top of upstream, -and is where any can be dropped, if appropriate (the less, the better!). - -### Step 2a - Add new patches - -In the case where there is some new patch which needs to be added (not upstream -yet, but deemed worth backporting instead of waiting), the patch needs to be -generated and edited to apply to the opm repo instead of its target project. -This can be done like so (outside of the current directory): -``` - git clone {upstream repo} - git review -d {review number} - git format-patch -1 -``` -Now we have the messy part (this will go away in the near future for upcoming -releases). The paths in the patch all need to be munged to apply in the opm -repo - simply prepend the toplevel directory for the module here anywhere you -see 'a/' or 'b/', as well as the list of changed files. Now `git am` the -patch. Assuming it applies successfully, verify paths look correct and the -files you expect to be changed are actually changed. Use extra caution that -the changes get into the right subdirectory, rather than at the root level of -the project. - -## Step 3 - Push changes - -Once all looks correct, and the rebase is complete, we push the updated branch -via gerrit, often needing to force push, due to the patches in stable having -pointers changed in the rebase. -``` - git push gerrit stable/liberty # if needed, with --force -``` - -At this point, delorean will pick up the change and build an rpm to the matching -location for the Openstack version, as described in the [README](README.md). diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md deleted file mode 100644 index bb722ad9a..000000000 --- a/CONTRIBUTING.md +++ /dev/null @@ -1,64 +0,0 @@ -## Getting Started - -First, install [bade](https://github.com/paramite/bade), a utility -for managing Puppet modules using GIT subtrees: - -``` - git clone https://github.com/paramite/bade.git - cd bade - python setup.py develop -``` - -Then create a [fork](https://help.github.com/articles/fork-a-repo/) of the OpenStack Puppet Modules repository -and create a local [clone](https://help.github.com/articles/fork-a-repo/#step-2-create-a-local-clone-of-your-fork) of it. - -``` - git clone git@github.com:YOUR_USERNAME/openstack-puppet-modules.git - cd openstack-puppet-modules -``` - -Next, create a new [branch](http://git-scm.com/book/en/v2/Git-Branching-Basic-Branching-and-Merging) -in your local clone. - -``` - git checkout -b NAME_OF_TOPIC_BRANCH -``` - -## Using Bade - -### Adding a new Puppet module - -We will use `puppet-neutron` for this example: -``` - bade add --upstream https://github.com/openstack/puppet-neutron.git \ - --hash ${COMMIT_HASH} --commit -``` - -Add some more details (e.g. why you want to add this Puppet module) -to the commit message: -``` - git commit --amend -``` - -### Updating a module - -When updating, you use the name of the module as referenced in the -[Puppetfile](Puppetfile}, in this case 'neutron': - -``` - bade update --module ${module} --hash ${COMMIT_HASH} -``` - - -## Submitting your change. - -As mentioned in the [README.md](README.md), we use -[gerrithub](https://review.gerrithub.io/#/q/project:redhat-openstack/openstack-puppet-modules) -for our reviews. You should first make sure your topic branch is rebased and -current against the target version for your change. For example, if you wish to -update neutron above to the latest revision for master, you would rebase your -topic branch to upstream-master. Then, simply submit your review against that -branch like so: -``` - git review upstream-master -``` diff --git a/Gemfile b/Gemfile deleted file mode 100644 index b59363b38..000000000 --- a/Gemfile +++ /dev/null @@ -1,21 +0,0 @@ -source ENV['GEM_SOURCE'] || "https://rubygems.org" - -group :development, :test do - gem 'bundler' - gem 'r10k' - gem 'rake', '10.1.1' -end - -if facterversion = ENV['FACTER_GEM_VERSION'] - gem 'facter', facterversion, :require => false -else - gem 'facter', :require => false -end - -if puppetversion = ENV['PUPPET_GEM_VERSION'] - gem 'puppet', puppetversion, :require => false -else - gem 'puppet', :require => false -end - -# vim:ft=ruby diff --git a/Puppetfile b/Puppetfile deleted file mode 100644 index f8d802b98..000000000 --- a/Puppetfile +++ /dev/null @@ -1,280 +0,0 @@ -mod 'aodh', - :commit => '563010f1912dd6850a48153c9d0da9fb92c0e6a2', - :git => 'https://github.com/openstack/puppet-aodh.git' - -mod 'apache', - :commit => 'a13b5649830adbf671e21ee6086550fdfb568608', - :git => 'https://github.com/puppetlabs/puppetlabs-apache.git' - -mod 'cassandra', - :commit => 'b7526c4a8570696396d5f0151fdb9b3d1cbda598', - :git => 'https://github.com/locp/cassandra.git' - -mod 'ceilometer', - :commit => '2ad139fe16fbd673470366cb49717ae0e5de2e6f', - :git => 'https://github.com/openstack/puppet-ceilometer.git' - -mod 'ceph', - :commit => '5cff821f600bb21c3ce508855a72f60ea8e6ae86', - :git => 'https://github.com/openstack/puppet-ceph.git' - -mod 'certmonger', - :commit => '3f86b9973fc30c14a066b0f215023d5f1398b874', - :git => 'https://github.com/rcritten/puppet-certmonger.git' - -mod 'cinder', - :commit => 'deb381347190a80e42de751a3ed0d1883c763234', - :git => 'https://github.com/openstack/puppet-cinder.git' - -mod 'concat', - :commit => 'c307bee3933d88e6028274b0fa122a9b0c87b1d4', - :git => 'https://github.com/puppetlabs/puppetlabs-concat.git' - -mod 'contrail', - :commit => 'c0f7cde686c20ce139c184c688e9f7d13dcd0743', - :git => 'https://github.com/redhat-cip/puppet-contrail.git' - -mod 'corosync', - :commit => 'f0408cd231caa7009aa187112022a62ebb3b8925', - :git => 'https://github.com/puppetlabs/puppetlabs-corosync.git' - -mod 'datacat', - :commit => '5a6114cd41823160bdb01dad6eb0e2af85a8fa69', - :git => 'http://github.com/richardc/puppet-datacat' - -mod 'elasticsearch', - :commit => '36409eae08800fb2107d9ea4fef031f5348cb1ca', - :git => 'https://github.com/elastic/puppet-elasticsearch.git' - -mod 'firewall', - :commit => '9df7e883be758f8f340c720ef7d7022f10c4d842', - :git => 'https://github.com/puppetlabs/puppetlabs-firewall.git' - -mod 'fluentd', - :commit => 'bbbf775ffc112b11035cb1334a4ebfd2e97caa84', - :git => 'https://github.com/soylent/konstantin-fluentd.git' - -mod 'git', - :commit => '8e7f586', - :git => 'https://github.com/puppetlabs/puppetlabs-git.git' - -mod 'glance', - :commit => '9b06a7c8c25a5bd11e0257ea39c7a9680fbac9ab', - :git => 'https://github.com/openstack/puppet-glance.git' - -mod 'gnocchi', - :commit => 'b0100904b688946f0bf2a00ae67a74c15ed1d377', - :git => 'https://github.com/openstack/puppet-gnocchi.git' - -mod 'haproxy', - :commit => '8b7f2765f18222821d6ec2967e088522e4d64197', - :git => 'https://github.com/puppetlabs/puppetlabs-haproxy.git' - -mod 'heat', - :commit => '2c5dc330287e0d9300bc4917ed4058fa9a1fb6c4', - :git => 'https://github.com/openstack/puppet-heat.git' - -mod 'horizon', - :commit => '04526af55641aea146048e2340dab7a4628e35f7', - :git => 'https://github.com/openstack/puppet-horizon.git' - -mod 'inifile', - :commit => 'd31803cce628b1a7994b61158b627c88cab83ee4', - :git => 'https://github.com/puppetlabs/puppetlabs-inifile.git' - -mod 'ironic', - :commit => 'd244370d37255eb9400e718f42c8783bfbc339ab', - :git => 'https://github.com/openstack/puppet-ironic.git' - -mod 'java', - :commit => 'faede8c802c89ebe1f5e1a6c0f1b7b11d9cef996', - :git => 'http://github.com/puppetlabs/puppetlabs-java' - -mod 'kafka', - :commit => 'b27236dbc10715c0c473746f1d3b1e569644dff5', - :git => 'https://github.com/puppet-community/puppet-kafka.git' - -mod 'keepalived', - :commit => '24d523691b3581d4d0f662ffd10f1458014a9829', - :git => 'https://github.com/Unyonsys/puppet-module-keepalived.git' - -mod 'keystone', - :commit => 'c67d457c7e2b807921df61ccc9a367d138d9d159', - :git => 'https://github.com/openstack/puppet-keystone.git' - -mod 'kibana3', - :commit => '6ca9631fbe82766134f98e2e8780bb91e7cd3f0e', - :git => 'https://github.com/thejandroman/puppet-kibana3.git' - -mod 'kmod', - :commit => 'ea03df0eff7b7e5faccb9c4e386d451301468f04', - :git => 'https://github.com/camptocamp/puppet-kmod.git' - -mod 'manila', - :commit => '3d8244db11cb603f89980b8fbefc5dc228f0a7d8', - :git => 'https://github.com/openstack/puppet-manila.git' - -mod 'memcached', - :commit => '8e6fdfda7400c40176baa5063e05ff716cc5fd73', - :git => 'https://github.com/saz/puppet-memcached.git' - -mod 'midonet', - :commit => '5c7033eb9a83e8266b9ed277375cf795efa05c86', - :git => 'https://github.com/midonet/puppet-midonet.git' - -mod 'mistral', - :commit => '45e37b61bb62dd45c62e00c8dbb0ddf0a7b84ece', - :git => 'https://github.com/openstack/puppet-mistral.git' - -mod 'module-collectd', - :commit => '010a7b9f5a6939e001fe515224cb1be6d9cfdf88', - :git => 'https://github.com/pdxcat/puppet-module-collectd.git' - -mod 'module-data', - :commit => '324e79829b29734bd711a991baadb27ae5331642', - :git => 'https://github.com/ripienaar/puppet-module-data.git' - -mod 'mongodb', - :commit => '852b097d5499c67b7ffdf481cd44d7f3fdf624c5', - :git => 'https://github.com/puppetlabs/puppetlabs-mongodb.git' - -mod 'mysql', - :commit => 'a2044354f4705bd11de16746aed658aa2cdddaf7', - :git => 'https://github.com/puppetlabs/puppetlabs-mysql.git' - -mod 'n1k_vsm', - :commit => '91772fa53dd3ed2686d2e8b0303c77ea6faefe68', - :git => 'https://github.com/stackforge/puppet-n1k-vsm.git' - -mod 'nagios', - :commit => '56a1eee350c4600bb12e017d64238fb3f876abd4', - :git => 'https://github.com/gildub/puppet-nagios-openstack.git' - -mod 'neutron', - :commit => '3af5e9a40400bc7dc47cd7c265b5f126637c4ba3', - :git => 'https://github.com/openstack/puppet-neutron.git' - -mod 'nova', - :commit => '5f441dba2548569687359a8d5ca1884f26029ca6', - :git => 'https://github.com/openstack/puppet-nova.git' - -mod 'nssdb', - :commit => '2e163a21fb80d828afede2d4be6214f1171c4887', - :git => 'https://github.com/rcritten/puppet-nssdb.git' - -mod 'ntp', - :commit => 'ba4bb2648e129efade8ed7afd5489696c59156c8', - :git => 'https://github.com/puppetlabs/puppetlabs-ntp' - -mod 'opendaylight', - :commit => 'c6b6b924a5c54de8718294f30d0195ad272a6d3a', - :git => 'https://github.com/dfarrell07/puppet-opendaylight.git' - -mod 'openstack_extras', - :commit => '2f767ec0c43eda163b5e9f97f208e9db6cb23861', - :git => 'https://github.com/openstack/puppet-openstack_extras.git' - -mod 'openstacklib', - :commit => 'aab0b94f80412cc2983abb840a78b2bad77ac149', - :git => 'https://github.com/openstack/puppet-openstacklib.git' - -mod 'pacemaker', - :commit => 'e483cc0b8e290d761dbf1903097f9f1599e4262b', - :git => 'https://github.com/openstack/puppet-pacemaker.git' - -mod 'rabbitmq', - :commit => '51cc050a4e7e27e97ef04beb990e67f656222d95', - :git => 'https://github.com/puppetlabs/puppetlabs-rabbitmq.git' - -mod 'redis', - :commit => '62c0c71e59182ebc252a9405db68b7a1538a745e', - :git => 'https://github.com/arioch/puppet-redis.git' - -mod 'remote', - :commit => '35cc5571593d21408d625bd8ee35217345ec502a', - :git => 'https://github.com/paramite/puppet-remote.git' - -mod 'rsync', - :commit => 'f8081918a503a7301772c93373eb70b90d399538', - :git => 'https://github.com/puppetlabs/puppetlabs-rsync.git' - -mod 'sahara', - :commit => '5359ed0ddedba65c2edc1766904e81f079cc9d5a', - :git => 'https://github.com/openstack/puppet-sahara.git' - -mod 'sensu', - :commit => '1811dfeddeb886cd7048bb7aa3773c095c12e3a4', - :git => 'https://github.com/sensu/sensu-puppet.git' - -mod 'snmp', - :commit => '90254293f6bf097eca7096562ac63f31a0bc75f4', - :git => 'https://github.com/razorsedge/puppet-snmp.git' - -mod 'ssh', - :commit => 'd0c77c06b7d9e03c9c30f564605e07535ee8f5c9', - :git => 'https://github.com/saz/puppet-ssh.git' - -mod 'staging', - :commit => 'a71e7d6261616fdba9f5c9109c4ad41c120d91be', - :git => 'https://github.com/nanliu/puppet-staging.git' - -mod 'stdlib', - :commit => 'db2a321434768b6b97e8c1101f6465e43c774c6d', - :git => 'https://github.com/puppetlabs/puppetlabs-stdlib.git' - -mod 'swift', - :commit => '998abbc58f83feaffaa2cb62880e9ce2ae9bcabb', - :git => 'https://github.com/openstack/puppet-swift.git' - -mod 'sysctl', - :commit => '65ffe839a4ce785bc3901452488197a0ef158cd8', - :git => 'https://github.com/duritong/puppet-sysctl.git' - -mod 'tempest', - :commit => '75c6c639d0f74bf01ab66a7a546f2e2ae3f2b15c', - :git => 'https://github.com/openstack/puppet-tempest.git' - -mod 'timezone', - :commit => '734918982a512f51a3f1855396d2d7da3f37f53c', - :git => 'https://github.com/saz/puppet-timezone.git' - -mod 'tomcat', - :commit => '019772988b39cb259bf281ab9655e8a83c7bc2d8', - :git => 'https://github.com/puppetlabs/puppetlabs-tomcat.git' - -mod 'tripleo', - :commit => '648f2b5509a807483b218ddfaad21fd3b06a11ab', - :git => 'https://github.com/openstack/puppet-tripleo.git' - -mod 'trove', - :commit => 'f52f6cd3f3b91c87f567fcbd8f864bf0a557fbe8', - :git => 'https://github.com/openstack/puppet-trove' - -mod 'uchiwa', - :commit => 'a460563b969716496e0180b3f4dfe56335f1a1ae', - :git => 'https://github.com/Yelp/puppet-uchiwa.git' - -mod 'vcsrepo', - :commit => '99e8b2e28ce9541202b8b2438a92ee8ac2b03d6a', - :git => 'https://github.com/puppetlabs/puppetlabs-vcsrepo.git' - -mod 'vlan', - :commit => 'c937de75c28e63fba8d8738ad6a5f2ede517e53d', - :git => 'https://github.com/derekhiggins/puppet-vlan.git' - -mod 'vswitch', - :commit => 'e70e3592eb404ad28d31b86cbe2fdc05bfe470ba', - :git => 'https://github.com/openstack/puppet-vswitch.git' - -mod 'xinetd', - :commit => '749651ed7d4e8924bb701153f184a13af0a669a3', - :git => 'https://github.com/puppetlabs/puppetlabs-xinetd.git' - -mod 'zaqar', - :commit => '34feb324d6aa6bdb0ac0c528fca950f623f516bc', - :git => 'https://github.com/openstack/puppet-zaqar.git' - -mod 'zookeeper', - :commit => 'b1912045ac65f13e53d60f73515ad08fff4f4f25', - :git => 'https://github.com/deric/puppet-zookeeper.git' - diff --git a/README b/README new file mode 100644 index 000000000..41a79986f --- /dev/null +++ b/README @@ -0,0 +1,3 @@ +openstack-puppet-modules RPM in RDO Newton, Ocata and Pike +is a source-less metapackage: +see https://review.rdoproject.org/r/gitweb?p=openstack/openstack-puppet-modules-distgit.git;a=blob;f=openstack-puppet-modules.spec;hb=HEAD diff --git a/README.md b/README.md deleted file mode 100644 index 296478cec..000000000 --- a/README.md +++ /dev/null @@ -1,50 +0,0 @@ -# OpenStack Puppet Modules - -This repository contains a collection of -[Puppet](http://puppetlabs.com/puppet/puppet-open-source) modules shared between -several OpenStack installers, including: -* [Packstack](https://github.com/stackforge/packstack) -* [RDOManager](https://www.rdoproject.org/rdo-manager/) (upstream for OSPd) -* [OpenStack Foreman Installer](http://github,com/redhat-openstack/astapor/) (no - longer actively developed) - -These modules are included via git subtrees, which reference the various upstream -modules at a given revision, which can be found in the [Puppetfile](Puppetfile), and is -not really meant to be used directly, but rather to be utilized by a composition -layer, such as the above installers. We use -[gerrithub](https://review.gerrithub.io/#/q/project:redhat-openstack/openstack-puppet-modules) -for reviews, please see the [Contributing](CONTRIBUTING.md) document for more detail on the -process. - -The repository contains branches which map to OpenStack releases, as well as -branches that are basically upstream plus any required patches that have not yet -been merged (or can not be merged for some reason), but are needed by one or -more of the target installers in order for that installer to work properly. -This is a constantly moving target, and the goal is to eliminate as many of this -kind of patch as possible, with each release attempting to contain less of -these than the previous one. *UPDATE* From liberty forward, we carry no patches -that are not merged upstream, so the branch naming is more related to rdo -build automation than required by our codebase. - -The various releases map like this: - -OPM Branch | Openstack Release ----------------- | ------------------ -upstream-kilo | upstream kilo -stable/kilo | kilo + patches -upstream-liberty | upstream liberty -stable/liberty | upstream liberty -upstream-mitaka | upstream mitaka -stable/mitaka | upstream mitaka -upstream-master | upstream master -stable/master | upstream master - -Each time a change is pushed to a {version} + patches branch, and automated -build system generates rpms. These can be found in the follow places: -* [kilo](http://trunk.rdoproject.org/centos7-kilo/report.html) -* [liberty](http://trunk.rdoproject.org/centos7-liberty/report.html) -* [mitaka](http://trunk.rdoproject.org/centos7-mitaka/report.html) -* [master](http://trunk.rdoproject.org/centos7/report.html) - -Please see [Building.md](BUILDING.md) for more information on how this process works up to -the point that the automation takes over. diff --git a/Rakefile b/Rakefile deleted file mode 100644 index e5dfbc99b..000000000 --- a/Rakefile +++ /dev/null @@ -1,33 +0,0 @@ -task(:default).clear -task :default => :test - -desc 'Run Puppetfile Validation' -task :test => [:validate_puppetfile,:test_modules] - -desc "Validate the Puppetfile syntax" -task :validate_puppetfile do - $stderr.puts "---> syntax:puppetfile" - sh "r10k puppetfile check" -end - -desc "Run rspec test on specified modules" -task :test_modules, [:modules] do |t, args| - args.with_defaults(:modules => FileList["*/Rakefile"]) - Array(args[:modules]).each do |project| - dir = project.pathmap("%d") - Dir.chdir(dir) do - puts "======" - puts "= Running spec test for #{project}" - puts "======" - system('rm -Rf vendor/') - system('rm -Rf .bundle/') - FileUtils.mkdir 'vendor' - ENV['GEM_HOME'] = "vendor" - system('bundle install --path=vendor/ --gemfile=./Gemfile') - ENV['BUNDLE_GEMFILE'] = "./Gemfile" - system('bundle exec rake spec') - system('rm -Rf vendor') - system('rm -Rf .bundle/') - end - end -end diff --git a/aodh/.gitignore b/aodh/.gitignore deleted file mode 100644 index 61092bdaf..000000000 --- a/aodh/.gitignore +++ /dev/null @@ -1,15 +0,0 @@ -pkg/ -Gemfile.lock -vendor/ -spec/fixtures/ -.vagrant/ -.bundle/ -coverage/ -.idea/ -*.swp -*.iml -openstack/ - -# Files created by releasenotes build -releasenotes/build -.tox diff --git a/aodh/.gitreview b/aodh/.gitreview deleted file mode 100644 index 39ca15281..000000000 --- a/aodh/.gitreview +++ /dev/null @@ -1,5 +0,0 @@ -[gerrit] -host=review.openstack.org -port=29418 -project=openstack/puppet-aodh.git -defaultbranch=stable/mitaka diff --git a/aodh/CHANGELOG.md b/aodh/CHANGELOG.md deleted file mode 100644 index bdc9625cc..000000000 --- a/aodh/CHANGELOG.md +++ /dev/null @@ -1,10 +0,0 @@ -## 8.0.0 and beyond - -From 8.0.0 release and beyond, release notes are published on -[docs.openstack.org](http://docs.openstack.org/releasenotes/puppet-aodh/). - - -##2015-11-24 - 7.0.0 -###Summary - -- Initial release of the puppet-aodh module diff --git a/aodh/Gemfile b/aodh/Gemfile deleted file mode 100644 index 5728ff7e7..000000000 --- a/aodh/Gemfile +++ /dev/null @@ -1,22 +0,0 @@ -source ENV['GEM_SOURCE'] || "https://rubygems.org" - -group :development, :test, :system_tests do - gem 'puppet-openstack_spec_helper', - :git => 'https://git.openstack.org/openstack/puppet-openstack_spec_helper', - :branch => 'stable/mitaka', - :require => false -end - -if facterversion = ENV['FACTER_GEM_VERSION'] - gem 'facter', facterversion, :require => false -else - gem 'facter', :require => false -end - -if puppetversion = ENV['PUPPET_GEM_VERSION'] - gem 'puppet', puppetversion, :require => false -else - gem 'puppet', :require => false -end - -# vim:ft=ruby diff --git a/aodh/LICENSE b/aodh/LICENSE deleted file mode 100644 index 8c06f5ea0..000000000 --- a/aodh/LICENSE +++ /dev/null @@ -1,13 +0,0 @@ -Copyright 2015 OpenStack Foundation - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. diff --git a/aodh/README.md b/aodh/README.md deleted file mode 100644 index 87d3ef128..000000000 --- a/aodh/README.md +++ /dev/null @@ -1,79 +0,0 @@ -AODH -==== - -8.0.0 - 2016.1.0 - Mitaka - -#### Table of Contents - -1. [Overview - What is the AODH module?](#overview) -2. [Module Description - What does the module do?](#module-description) -3. [Setup - The basics of getting started with AODH](#setup) -4. [Implementation - An under-the-hood peek at what the module is doing](#implementation) -5. [Limitations - OS compatibility, etc.](#limitations) -6. [Development - Guide for contributing to the module](#development) -7. [Contributors - Those with commits](#contributors) - -Overview --------- - -The AODH module is a part of [OpenStack](https://github.com/openstack), an effort by the Openstack infrastructure team to provide continuous integration testing and code review for Openstack and Openstack community projects not part of the core software. The module its self is used to flexibly configure and manage the Alarming service for Openstack. - -Module Description ------------------- - -The AODH module is a thorough attempt to make Puppet capable of managing the entirety of AODH. This includes manifests to provision region specific endpoint and database connections. Types are shipped as part of the AODH module to assist in manipulation of configuration files. - -Setup ------ - -**What the AODH module affects** - -* [AODH](http://docs.openstack.org/developer/aodh/), the Alarming service for Openstack. - -### Installing AODH - - puppet module install openstack/aodh - -### Beginning with AODH - -To utilize the AODH module's functionality you will need to declare multiple resources. This is not an exhaustive list of all the components needed, we recommend you consult and understand the [core openstack](http://docs.openstack.org) documentation. - -Implementation --------------- - -### AODH - -AODH is a combination of Puppet manifest and ruby code to delivery configuration and extra functionality through types and providers. - -Limitations ------------- - -* All the AODH types use the CLI tools and so need to be ran on the AODH node. - -Beaker-Rspec ------------- - -This module has beaker-rspec tests - -To run the tests on the default vagrant node: - -```shell -bundle install -bundle exec rake acceptance -``` - -For more information on writing and running beaker-rspec tests visit the documentation: - -* https://github.com/puppetlabs/beaker/wiki/How-to-Write-a-Beaker-Test-for-a-Module - -Development ------------ - -Developer documentation for the entire puppet-openstack project. - -* https://wiki.openstack.org/wiki/Puppet-openstack#Developer_documentation - -Contributors ------------- - -* https://github.com/openstack/puppet-aodh/graphs/contributors diff --git a/aodh/Rakefile b/aodh/Rakefile deleted file mode 100644 index 168d10814..000000000 --- a/aodh/Rakefile +++ /dev/null @@ -1 +0,0 @@ -require 'puppet-openstack_spec_helper/rake_tasks' diff --git a/aodh/examples/aodh.pp b/aodh/examples/aodh.pp deleted file mode 100644 index 1dcb65eb8..000000000 --- a/aodh/examples/aodh.pp +++ /dev/null @@ -1,18 +0,0 @@ -class { '::aodh': } -class { '::aodh::api': - enabled => true, - keystone_password => 'a_big_secret', - keystone_identity_uri => 'http://127.0.0.1:35357/', - service_name => 'httpd', -} -include ::apache -class { '::aodh::wsgi::apache': - ssl => false, -} -class { '::aodh::auth': - auth_password => 'a_big_secret', -} -class { '::aodh::evaluator': } -class { '::aodh::notifier': } -class { '::aodh::listener': } -class { '::aodh::client': } diff --git a/aodh/lib/puppet/provider/aodh_config/ini_setting.rb b/aodh/lib/puppet/provider/aodh_config/ini_setting.rb deleted file mode 100644 index e4a2d3a32..000000000 --- a/aodh/lib/puppet/provider/aodh_config/ini_setting.rb +++ /dev/null @@ -1,10 +0,0 @@ -Puppet::Type.type(:aodh_config).provide( - :ini_setting, - :parent => Puppet::Type.type(:openstack_config).provider(:ini_setting) -) do - - def self.file_path - '/etc/aodh/aodh.conf' - end - -end diff --git a/aodh/lib/puppet/type/aodh_config.rb b/aodh/lib/puppet/type/aodh_config.rb deleted file mode 100644 index 58ebe2880..000000000 --- a/aodh/lib/puppet/type/aodh_config.rb +++ /dev/null @@ -1,51 +0,0 @@ -Puppet::Type.newtype(:aodh_config) do - - ensurable - - newparam(:name, :namevar => true) do - desc 'Section/setting name to manage from aodh.conf' - newvalues(/\S+\/\S+/) - end - - newproperty(:value) do - desc 'The value of the setting to be defined.' - munge do |value| - value = value.to_s.strip - value.capitalize! if value =~ /^(true|false)$/i - value - end - newvalues(/^[\S ]*$/) - - def is_to_s( currentvalue ) - if resource.secret? - return '[old secret redacted]' - else - return currentvalue - end - end - - def should_to_s( newvalue ) - if resource.secret? - return '[new secret redacted]' - else - return newvalue - end - end - end - - newparam(:secret, :boolean => true) do - desc 'Whether to hide the value from Puppet logs. Defaults to `false`.' - newvalues(:true, :false) - defaultto false - end - - newparam(:ensure_absent_val) do - desc 'A value that is specified as the value property will behave as if ensure => absent was specified' - defaultto('') - end - - autorequire(:package) do - 'aodh' - end - -end diff --git a/aodh/manifests/api.pp b/aodh/manifests/api.pp deleted file mode 100644 index 7d7f5044b..000000000 --- a/aodh/manifests/api.pp +++ /dev/null @@ -1,138 +0,0 @@ -# Installs & configure the aodh api service -# -# == Parameters -# -# [*enabled*] -# (optional) Should the service be enabled. -# Defaults to true -# -# [*manage_service*] -# (optional) Whether the service should be managed by Puppet. -# Defaults to true. -# -# [*keystone_user*] -# (optional) The name of the auth user -# Defaults to aodh -# -# [*keystone_tenant*] -# (optional) Tenant to authenticate with. -# Defaults to 'services'. -# -# [*keystone_password*] -# Password to authenticate with. -# Mandatory. -# -# [*keystone_auth_uri*] -# (optional) Public Identity API endpoint. -# Defaults to 'false'. -# -# [*keystone_identity_uri*] -# (optional) Complete admin Identity API endpoint. -# Defaults to: false -# -# [*host*] -# (optional) The aodh api bind address. -# Defaults to 0.0.0.0 -# -# [*port*] -# (optional) The aodh api port. -# Defaults to 8042 -# -# [*package_ensure*] -# (optional) ensure state for package. -# Defaults to 'present' -# -# [*service_name*] -# (optional) Name of the service that will be providing the -# server functionality of aodh-api. -# If the value is 'httpd', this means aodh-api will be a web -# service, and you must use another class to configure that -# web service. For example, use class { 'aodh::wsgi::apache'...} -# to make aodh-api be a web app using apache mod_wsgi. -# Defaults to '$::aodh::params::api_service_name' -# -class aodh::api ( - $manage_service = true, - $enabled = true, - $package_ensure = 'present', - $keystone_user = 'aodh', - $keystone_tenant = 'services', - $keystone_password = false, - $keystone_auth_uri = false, - $keystone_identity_uri = false, - $host = '0.0.0.0', - $port = '8042', - $service_name = $::aodh::params::api_service_name, -) inherits aodh::params { - - include ::aodh::params - include ::aodh::policy - - validate_string($keystone_password) - - Aodh_config<||> ~> Service[$service_name] - Class['aodh::policy'] ~> Service[$service_name] - - Package['aodh-api'] -> Service[$service_name] - Package['aodh-api'] -> Service['aodh-api'] - Package['aodh-api'] -> Class['aodh::policy'] - package { 'aodh-api': - ensure => $package_ensure, - name => $::aodh::params::api_package_name, - tag => ['openstack', 'aodh-package'], - } - - if $manage_service { - if $enabled { - $service_ensure = 'running' - } else { - $service_ensure = 'stopped' - } - } - - if $service_name == $::aodh::params::api_service_name { - service { 'aodh-api': - ensure => $service_ensure, - name => $::aodh::params::api_service_name, - enable => $enabled, - hasstatus => true, - hasrestart => true, - require => Class['aodh::db'], - tag => 'aodh-service', - } - } elsif $service_name == 'httpd' { - include ::apache::params - service { 'aodh-api': - ensure => 'stopped', - name => $::aodh::params::api_service_name, - enable => false, - tag => 'aodh-service', - } - Class['aodh::db'] -> Service[$service_name] - - # we need to make sure aodh-api/eventlet is stopped before trying to start apache - Service['aodh-api'] -> Service[$service_name] - } else { - fail('Invalid service_name. Either aodh/openstack-aodh-api for running as a standalone service, or httpd for being run by a httpd server') - } - - aodh_config { - 'keystone_authtoken/auth_uri' : value => $keystone_auth_uri; - 'keystone_authtoken/admin_tenant_name' : value => $keystone_tenant; - 'keystone_authtoken/admin_user' : value => $keystone_user; - 'keystone_authtoken/admin_password' : value => $keystone_password, secret => true; - 'api/host' : value => $host; - 'api/port' : value => $port; - } - - if $keystone_identity_uri { - aodh_config { - 'keystone_authtoken/identity_uri': value => $keystone_identity_uri; - } - } else { - aodh_config { - 'keystone_authtoken/identity_uri': ensure => absent; - } - } - -} diff --git a/aodh/manifests/auth.pp b/aodh/manifests/auth.pp deleted file mode 100644 index d83551f16..000000000 --- a/aodh/manifests/auth.pp +++ /dev/null @@ -1,73 +0,0 @@ -# The aodh::auth class helps configure auth settings -# -# == Parameters -# [*auth_url*] -# the keystone public endpoint -# Optional. Defaults to 'http://localhost:5000/v2.0' -# -# [*auth_region*] -# the keystone region of this node -# Optional. Defaults to 'RegionOne' -# -# [*auth_user*] -# the keystone user for aodh services -# Optional. Defaults to 'aodh' -# -# [*auth_password*] -# the keystone password for aodh services -# Required. -# -# [*auth_tenant_name*] -# the keystone tenant name for aodh services -# Optional. Defaults to 'services' -# -# [*auth_tenant_id*] -# the keystone tenant id for aodh services. -# Optional. Defaults to undef. -# -# [*auth_cacert*] -# Certificate chain for SSL validation. Optional; Defaults to 'undef' -# -# [*auth_endpoint_type*] -# Type of endpoint in Identity service catalog to use for -# communication with OpenStack services. -# Optional. Defaults to undef. -# -class aodh::auth ( - $auth_password, - $auth_url = 'http://localhost:5000/v2.0', - $auth_region = 'RegionOne', - $auth_user = 'aodh', - $auth_tenant_name = 'services', - $auth_tenant_id = undef, - $auth_cacert = undef, - $auth_endpoint_type = undef, -) { - - if $auth_cacert { - aodh_config { 'service_credentials/os_cacert': value => $auth_cacert } - } else { - aodh_config { 'service_credentials/os_cacert': ensure => absent } - } - - aodh_config { - 'service_credentials/os_auth_url' : value => $auth_url; - 'service_credentials/os_region_name' : value => $auth_region; - 'service_credentials/os_username' : value => $auth_user; - 'service_credentials/os_password' : value => $auth_password, secret => true; - 'service_credentials/os_tenant_name' : value => $auth_tenant_name; - } - - if $auth_tenant_id { - aodh_config { - 'service_credentials/os_tenant_id' : value => $auth_tenant_id; - } - } - - if $auth_endpoint_type { - aodh_config { - 'service_credentials/os_endpoint_type' : value => $auth_endpoint_type; - } - } - -} diff --git a/aodh/manifests/client.pp b/aodh/manifests/client.pp deleted file mode 100644 index 208792d00..000000000 --- a/aodh/manifests/client.pp +++ /dev/null @@ -1,21 +0,0 @@ -# -# Installs the aodh python library. -# -# == parameters -# [*ensure*] -# ensure state for pachage. -# -class aodh::client ( - $ensure = 'present' -) { - - include ::aodh::params - - package { 'python-aodhclient': - ensure => $ensure, - name => $::aodh::params::client_package_name, - tag => 'openstack', - } - -} - diff --git a/aodh/manifests/config.pp b/aodh/manifests/config.pp deleted file mode 100644 index 0d212ff69..000000000 --- a/aodh/manifests/config.pp +++ /dev/null @@ -1,30 +0,0 @@ -# == Class: aodh::config -# -# This class is used to manage arbitrary aodh configurations. -# -# === Parameters -# -# [*aodh_config*] -# (optional) Allow configuration of arbitrary aodh configurations. -# The value is an hash of aodh_config resources. Example: -# { 'DEFAULT/foo' => { value => 'fooValue'}, -# 'DEFAULT/bar' => { value => 'barValue'} -# } -# In yaml format, Example: -# aodh_config: -# DEFAULT/foo: -# value: fooValue -# DEFAULT/bar: -# value: barValue -# -# NOTE: The configuration MUST NOT be already handled by this module -# or Puppet catalog compilation will fail with duplicate resources. -# -class aodh::config ( - $aodh_config = {}, -) { - - validate_hash($aodh_config) - - create_resources('aodh_config', $aodh_config) -} diff --git a/aodh/manifests/db.pp b/aodh/manifests/db.pp deleted file mode 100644 index e8eb5ce97..000000000 --- a/aodh/manifests/db.pp +++ /dev/null @@ -1,104 +0,0 @@ -# == Class: aodh::db -# -# Configure the aodh database -# -# === Parameters -# -# [*database_connection*] -# Url used to connect to database. -# (Optional) Defaults to "sqlite:////var/lib/aodh/aodh.sqlite". -# -# [*database_idle_timeout*] -# Timeout when db connections should be reaped. -# (Optional) Defaults to 3600. -# -# [*database_max_retries*] -# Maximum number of database connection retries during startup. -# Setting -1 implies an infinite retry count. -# (Optional) Defaults to 10. -# -# [*database_retry_interval*] -# Interval between retries of opening a database connection. -# (Optional) Defaults to 10. -# -# [*database_min_pool_size*] -# Minimum number of SQL connections to keep open in a pool. -# (Optional) Defaults to 1. -# -# [*database_max_pool_size*] -# Maximum number of SQL connections to keep open in a pool. -# (Optional) Defaults to 10. -# -# [*database_max_overflow*] -# If set, use this value for max_overflow with sqlalchemy. -# (Optional) Defaults to 20. -# -class aodh::db ( - $database_connection = 'sqlite:////var/lib/aodh/aodh.sqlite', - $database_idle_timeout = 3600, - $database_min_pool_size = 1, - $database_max_pool_size = 10, - $database_max_retries = 10, - $database_retry_interval = 10, - $database_max_overflow = 20, -) { - - include ::aodh::params - - $database_connection_real = pick($::aodh::database_connection, $database_connection) - $database_idle_timeout_real = pick($::aodh::database_idle_timeout, $database_idle_timeout) - $database_min_pool_size_real = pick($::aodh::database_min_pool_size, $database_min_pool_size) - $database_max_pool_size_real = pick($::aodh::database_max_pool_size, $database_max_pool_size) - $database_max_retries_real = pick($::aodh::database_max_retries, $database_max_retries) - $database_retry_interval_real = pick($::aodh::database_retry_interval, $database_retry_interval) - $database_max_overflow_real = pick($::aodh::database_max_overflow, $database_max_overflow) - - validate_re($database_connection_real, - '^(sqlite|mysql(\+pymysql)?|postgresql|mongodb):\/\/(\S+:\S+@\S+\/\S+)?') - - if $database_connection_real { - case $database_connection_real { - /^mysql(\+pymysql)?:\/\//: { - require 'mysql::bindings' - require 'mysql::bindings::python' - if $database_connection_real =~ /^mysql\+pymysql/ { - $backend_package = $::aodh::params::pymysql_package_name - } else { - $backend_package = false - } - } - /^postgresql:\/\//: { - $backend_package = false - require 'postgresql::lib::python' - } - /^mongodb:\/\//: { - $backend_package = $::aodh::params::pymongo_package_name - } - /^sqlite:\/\//: { - $backend_package = $::aodh::params::sqlite_package_name - } - default: { - fail('Unsupported backend configured') - } - } - - if $backend_package and !defined(Package[$backend_package]) { - package {'aodh-backend-package': - ensure => present, - name => $backend_package, - tag => 'openstack', - } - } - - aodh_config { - 'database/connection': value => $database_connection_real, secret => true; - 'database/idle_timeout': value => $database_idle_timeout_real; - 'database/min_pool_size': value => $database_min_pool_size_real; - 'database/max_retries': value => $database_max_retries_real; - 'database/retry_interval': value => $database_retry_interval_real; - 'database/max_pool_size': value => $database_max_pool_size_real; - 'database/max_overflow': value => $database_max_overflow_real; - } - } - -} diff --git a/aodh/manifests/db/mysql.pp b/aodh/manifests/db/mysql.pp deleted file mode 100644 index c8261ef11..000000000 --- a/aodh/manifests/db/mysql.pp +++ /dev/null @@ -1,69 +0,0 @@ -# The aodh::db::mysql class implements mysql backend for aodh -# -# This class can be used to create tables, users and grant -# privileges for a mysql aodh database. -# -# == parameters -# -# [*password*] -# (Mandatory) Password to connect to the database. -# Defaults to 'false'. -# -# [*dbname*] -# (Optional) Name of the database. -# Defaults to 'aodh'. -# -# [*user*] -# (Optional) User to connect to the database. -# Defaults to 'aodh'. -# -# [*host*] -# (Optional) The default source host user is allowed to connect from. -# Defaults to '127.0.0.1' -# -# [*allowed_hosts*] -# (Optional) Other hosts the user is allowed to connect from. -# Defaults to 'undef'. -# -# [*charset*] -# (Optional) The database charset. -# Defaults to 'utf8' -# -# [*collate*] -# (Optional) The database collate. -# Only used with mysql modules >= 2.2. -# Defaults to 'utf8_general_ci' -# -# == Dependencies -# Class['mysql::server'] -# -# == Examples -# -# == Authors -# -# == Copyright -# -class aodh::db::mysql( - $password, - $dbname = 'aodh', - $user = 'aodh', - $host = '127.0.0.1', - $charset = 'utf8', - $collate = 'utf8_general_ci', - $allowed_hosts = undef -) { - - validate_string($password) - - ::openstacklib::db::mysql { 'aodh': - user => $user, - password_hash => mysql_password($password), - dbname => $dbname, - host => $host, - charset => $charset, - collate => $collate, - allowed_hosts => $allowed_hosts, - } - - ::Openstacklib::Db::Mysql['aodh'] ~> Exec<| title == 'aodh-db-sync' |> -} diff --git a/aodh/manifests/db/postgresql.pp b/aodh/manifests/db/postgresql.pp deleted file mode 100644 index d34aa9d93..000000000 --- a/aodh/manifests/db/postgresql.pp +++ /dev/null @@ -1,55 +0,0 @@ -# == Class: aodh::db::postgresql -# -# Class that configures postgresql for aodh -# Requires the Puppetlabs postgresql module. -# -# === Parameters -# -# [*password*] -# (Required) Password to connect to the database. -# -# [*dbname*] -# (Optional) Name of the database. -# Defaults to 'aodh'. -# -# [*user*] -# (Optional) User to connect to the database. -# Defaults to 'aodh'. -# -# [*encoding*] -# (Optional) The charset to use for the database. -# Default to undef. -# -# [*privileges*] -# (Optional) Privileges given to the database user. -# Default to 'ALL' -# -# == Dependencies -# -# == Examples -# -# == Authors -# -# == Copyright -# -class aodh::db::postgresql( - $password, - $dbname = 'aodh', - $user = 'aodh', - $encoding = undef, - $privileges = 'ALL', -) { - - Class['aodh::db::postgresql'] -> Service<| title == 'aodh' |> - - ::openstacklib::db::postgresql { 'aodh': - password_hash => postgresql_password($user, $password), - dbname => $dbname, - user => $user, - encoding => $encoding, - privileges => $privileges, - } - - ::Openstacklib::Db::Postgresql['aodh'] ~> Exec<| title == 'aodh-db-sync' |> - -} diff --git a/aodh/manifests/db/sync.pp b/aodh/manifests/db/sync.pp deleted file mode 100644 index a6566c741..000000000 --- a/aodh/manifests/db/sync.pp +++ /dev/null @@ -1,23 +0,0 @@ -# -# Class to execute "aodh-dbsync" -# -# [*user*] -# (optional) User to run dbsync command. -# Defaults to 'aodh' -# -class aodh::db::sync ( - $user = 'aodh', -){ - exec { 'aodh-db-sync': - command => 'aodh-dbsync --config-file /etc/aodh/aodh.conf', - path => '/usr/bin', - refreshonly => true, - user => $user, - logoutput => on_failure, - } - - Package<| tag == 'aodh-package' |> ~> Exec['aodh-db-sync'] - Exec['aodh-db-sync'] ~> Service<| tag == 'aodh-db-sync-service' |> - Aodh_config<||> ~> Exec['aodh-db-sync'] - Aodh_config<| title == 'database/connection' |> ~> Exec['aodh-db-sync'] -} diff --git a/aodh/manifests/evaluator.pp b/aodh/manifests/evaluator.pp deleted file mode 100644 index 7270b79b5..000000000 --- a/aodh/manifests/evaluator.pp +++ /dev/null @@ -1,60 +0,0 @@ -# Installs the aodh evaluator service -# -# == Params -# [*enabled*] -# (optional) Should the service be enabled. -# Defaults to true. -# -# [*manage_service*] -# (optional) Whether the service should be managed by Puppet. -# Defaults to true. -# -# [*package_ensure*] -# (optional) ensure state for package. -# Defaults to 'present' -# -# [*coordination_url*] -# (optional) The url to use for distributed group membership coordination. -# Defaults to undef. -# -class aodh::evaluator ( - $manage_service = true, - $enabled = true, - $package_ensure = 'present', - $coordination_url = undef, -) { - - include ::aodh::params - - Aodh_config<||> ~> Service['aodh-evaluator'] - - if $coordination_url { - aodh_config { - 'coordination/backend_url' : value => $coordination_url; - } - } - - Package[$::aodh::params::evaluator_package_name] -> Service['aodh-evaluator'] - ensure_resource( 'package', [$::aodh::params::evaluator_package_name], - { ensure => $package_ensure, - tag => ['openstack', 'aodh-package'] } - ) - - if $manage_service { - if $enabled { - $service_ensure = 'running' - } else { - $service_ensure = 'stopped' - } - } - - Package['aodh'] -> Service['aodh-evaluator'] - service { 'aodh-evaluator': - ensure => $service_ensure, - name => $::aodh::params::evaluator_service_name, - enable => $enabled, - hasstatus => true, - hasrestart => true, - tag => ['aodh-service','aodh-db-sync-service'] - } -} diff --git a/aodh/manifests/init.pp b/aodh/manifests/init.pp deleted file mode 100644 index 8daaaf6da..000000000 --- a/aodh/manifests/init.pp +++ /dev/null @@ -1,366 +0,0 @@ -# == Class: aodh -# -# Full description of class aodh here. -# -# === Parameters -# -# [*ensure_package*] -# (optional) The state of aodh packages -# Defaults to 'present' -# -# [*alarm_history_time_to_live*] -# (Optional) Number of seconds that alarm histories are kept in the database for -# (<= 0 means forever) -# Defaults to $::os_service_default -# -# [*rpc_backend*] -# (optional) The rpc backend implementation to use, can be: -# rabbit (for rabbitmq) -# qpid (for qpid) -# zmq (for zeromq) -# Defaults to 'rabbit' -# -# [*rabbit_host*] -# (optional) Location of rabbitmq installation. -# Defaults to 'localhost' -# -# [*rabbit_hosts*] -# (optional) List of clustered rabbit servers. -# Defaults to undef -# -# [*rabbit_port*] -# (optional) Port for rabbitmq instance. -# Defaults to '5672' -# -# [*rabbit_password*] -# (optional) Password used to connect to rabbitmq. -# Defaults to 'guest' -# -# [*rabbit_userid*] -# (optional) User used to connect to rabbitmq. -# Defaults to 'guest' -# -# [*rabbit_virtual_host*] -# (optional) The RabbitMQ virtual host. -# Defaults to '/' -# -# [*rabbit_use_ssl*] -# (optional) Connect over SSL for RabbitMQ -# Defaults to false -# -# [*rabbit_ha_queues*] -# (optional) Use HA queues in RabbitMQ. -# Defaults to undef -# -# [*rabbit_heartbeat_timeout_threshold*] -# (optional) Number of seconds after which the RabbitMQ broker is considered -# down if the heartbeat keepalive fails. Any value >0 enables heartbeats. -# Heartbeating helps to ensure the TCP connection to RabbitMQ isn't silently -# closed, resulting in missed or lost messages from the queue. -# (Requires kombu >= 3.0.7 and amqp >= 1.4.0) -# Defaults to 0 -# -# [*rabbit_heartbeat_rate*] -# (optional) How often during the rabbit_heartbeat_timeout_threshold period to -# check the heartbeat on RabbitMQ connection. (i.e. rabbit_heartbeat_rate=2 -# when rabbit_heartbeat_timeout_threshold=60, the heartbeat will be checked -# every 30 seconds. -# Defaults to 2 -# -# [*kombu_ssl_ca_certs*] -# (optional) SSL certification authority file (valid only if SSL enabled). -# Defaults to undef -# -# [*kombu_ssl_certfile*] -# (optional) SSL cert file (valid only if SSL enabled). -# Defaults to undef -# -# [*kombu_ssl_keyfile*] -# (optional) SSL key file (valid only if SSL enabled). -# Defaults to undef -# -# [*kombu_ssl_version*] -# (optional) SSL version to use (valid only if SSL enabled). -# Valid values are TLSv1, SSLv23 and SSLv3. SSLv2 may be -# available on some distributions. -# Defaults to 'TLSv1' -# -# [*kombu_reconnect_delay*] -# (optional) How long to wait before reconnecting in response to an AMQP -# consumer cancel notification. -# Defaults to '1.0' -# -# [*amqp_durable_queues*] -# (optional) Define queues as "durable" to rabbitmq. -# Defaults to false -# -# [*log_dir*] -# (optional) Directory where logs should be stored. -# If set to boolean false or the $::os_service_default, it will not log to -# any directory. -# Defaults to undef. -# -# [*state_path*] -# (optional) Directory for storing state. -# Defaults to '/var/lib/aodh' -# -# [*lock_path*] -# (optional) Directory for lock files. -# On RHEL will be '/var/lib/aodh/tmp' and on Debian '/var/lock/aodh' -# Defaults to $::aodh::params::lock_path -# -# [*verbose*] -# (optional) Set log output to verbose output. -# Defaults to undef -# -# [*debug*] -# (optional) Set log output to debug output. -# Defaults to undef -# -# [*use_syslog*] -# (optional) Use syslog for logging -# Defaults to undef -# -# [*use_stderr*] -# (optional) Use stderr for logging -# Defaults to undef -# -# [*log_facility*] -# (optional) Syslog facility to receive log lines. -# Defaults to undef -# -# [*notification_driver*] -# (optional) Driver or drivers to handle sending notifications. -# Value can be a string or a list. -# Defaults to undef -# -# [*notification_topics*] -# (optional) AMQP topic used for OpenStack notifications -# Defaults to 'notifications' -# -# [*database_connection*] -# (optional) Connection url for the aodh database. -# Defaults to undef. -# -# [*slave_connection*] -# (optional) Connection url to connect to aodh slave database (read-only). -# Defaults to undef. -# -# [*database_max_retries*] -# (optional) Maximum database connection retries during startup. -# Defaults to undef. -# -# [*database_idle_timeout*] -# (optional) Timeout before idle database connections are reaped. -# Defaults to undef. -# -# [*database_retry_interval*] -# (optional) Interval between retries of opening a database connection. -# Defaults to undef. -# -# [*database_min_pool_size*] -# (optional) Minimum number of SQL connections to keep open in a pool. -# Defaults to undef. -# -# [*database_max_pool_size*] -# (optional) Maximum number of SQL connections to keep open in a pool. -# Defaults to undef. -# -# [*database_max_overflow*] -# (optional) If set, use this value for max_overflow with sqlalchemy. -# Defaults to: undef. -# -# [*gnocchi_url*] -# (optional) URL to Gnocchi. -# Defaults to: $::os_service_default. -# -# DEPRECATED PARAMETERS -# -# [*qpid_hostname*] -# (optional) Location of qpid server -# Defaults to undef -# -# [*qpid_port*] -# (optional) Port for qpid server -# Defaults to undef -# -# [*qpid_username*] -# (optional) Username to use when connecting to qpid -# Defaults to undef -# -# [*qpid_password*] -# (optional) Password to use when connecting to qpid -# Defaults to undef -# -# [*qpid_heartbeat*] -# (optional) Seconds between connection keepalive heartbeats -# Defaults to undef -# -# [*qpid_protocol*] -# (optional) Transport to use, either 'tcp' or 'ssl'' -# Defaults to undef -# -# [*qpid_sasl_mechanisms*] -# (optional) Enable one or more SASL mechanisms -# Defaults to undef -# -# [*qpid_tcp_nodelay*] -# (optional) Disable Nagle algorithm -# Defaults to undef -# -class aodh ( - $ensure_package = 'present', - $alarm_history_time_to_live = $::os_service_default, - $rpc_backend = 'rabbit', - $rabbit_host = 'localhost', - $rabbit_hosts = undef, - $rabbit_password = 'guest', - $rabbit_port = '5672', - $rabbit_userid = 'guest', - $rabbit_virtual_host = '/', - $rabbit_use_ssl = false, - $rabbit_heartbeat_timeout_threshold = 0, - $rabbit_heartbeat_rate = 2, - $rabbit_ha_queues = undef, - $kombu_ssl_ca_certs = undef, - $kombu_ssl_certfile = undef, - $kombu_ssl_keyfile = undef, - $kombu_ssl_version = 'TLSv1', - $kombu_reconnect_delay = '1.0', - $amqp_durable_queues = false, - $verbose = undef, - $debug = undef, - $use_syslog = undef, - $use_stderr = undef, - $log_facility = undef, - $log_dir = undef, - $notification_driver = undef, - $notification_topics = 'notifications', - $database_connection = undef, - $slave_connection = undef, - $database_idle_timeout = undef, - $database_min_pool_size = undef, - $database_max_pool_size = undef, - $database_max_retries = undef, - $database_retry_interval = undef, - $database_max_overflow = undef, - $gnocchi_url = $::os_service_default, - # DEPRECATED PARAMETERS - $qpid_hostname = undef, - $qpid_port = undef, - $qpid_username = undef, - $qpid_password = undef, - $qpid_sasl_mechanisms = undef, - $qpid_heartbeat = undef, - $qpid_protocol = undef, - $qpid_tcp_nodelay = undef, -) inherits aodh::params { - - include ::aodh::db - include ::aodh::logging - - if $kombu_ssl_ca_certs and !$rabbit_use_ssl { - fail('The kombu_ssl_ca_certs parameter requires rabbit_use_ssl to be set to true') - } - if $kombu_ssl_certfile and !$rabbit_use_ssl { - fail('The kombu_ssl_certfile parameter requires rabbit_use_ssl to be set to true') - } - if $kombu_ssl_keyfile and !$rabbit_use_ssl { - fail('The kombu_ssl_keyfile parameter requires rabbit_use_ssl to be set to true') - } - if ($kombu_ssl_certfile and !$kombu_ssl_keyfile) or ($kombu_ssl_keyfile and !$kombu_ssl_certfile) { - fail('The kombu_ssl_certfile and kombu_ssl_keyfile parameters must be used together') - } - - package { 'aodh': - ensure => $ensure_package, - name => $::aodh::params::common_package_name, - tag => ['openstack', 'aodh-package'], - } - - if $rpc_backend == 'rabbit' { - # I may want to support exporting and collecting these - aodh_config { - 'oslo_messaging_rabbit/rabbit_password': value => $rabbit_password, secret => true; - 'oslo_messaging_rabbit/rabbit_userid': value => $rabbit_userid; - 'oslo_messaging_rabbit/rabbit_virtual_host': value => $rabbit_virtual_host; - 'oslo_messaging_rabbit/rabbit_use_ssl': value => $rabbit_use_ssl; - 'oslo_messaging_rabbit/heartbeat_timeout_threshold': value => $rabbit_heartbeat_timeout_threshold; - 'oslo_messaging_rabbit/heartbeat_rate': value => $rabbit_heartbeat_rate; - 'oslo_messaging_rabbit/kombu_reconnect_delay': value => $kombu_reconnect_delay; - 'DEFAULT/amqp_durable_queues': value => $amqp_durable_queues; - } - - if $rabbit_use_ssl { - - if $kombu_ssl_ca_certs { - aodh_config { 'oslo_messaging_rabbit/kombu_ssl_ca_certs': value => $kombu_ssl_ca_certs; } - } else { - aodh_config { 'oslo_messaging_rabbit/kombu_ssl_ca_certs': ensure => absent; } - } - - if $kombu_ssl_certfile or $kombu_ssl_keyfile { - aodh_config { - 'oslo_messaging_rabbit/kombu_ssl_certfile': value => $kombu_ssl_certfile; - 'oslo_messaging_rabbit/kombu_ssl_keyfile': value => $kombu_ssl_keyfile; - } - } else { - aodh_config { - 'oslo_messaging_rabbit/kombu_ssl_certfile': ensure => absent; - 'oslo_messaging_rabbit/kombu_ssl_keyfile': ensure => absent; - } - } - - if $kombu_ssl_version { - aodh_config { 'oslo_messaging_rabbit/kombu_ssl_version': value => $kombu_ssl_version; } - } else { - aodh_config { 'oslo_messaging_rabbit/kombu_ssl_version': ensure => absent; } - } - - } else { - aodh_config { - 'oslo_messaging_rabbit/kombu_ssl_ca_certs': ensure => absent; - 'oslo_messaging_rabbit/kombu_ssl_certfile': ensure => absent; - 'oslo_messaging_rabbit/kombu_ssl_keyfile': ensure => absent; - 'oslo_messaging_rabbit/kombu_ssl_version': ensure => absent; - } - } - - if $rabbit_hosts { - aodh_config { 'oslo_messaging_rabbit/rabbit_hosts': value => join($rabbit_hosts, ',') } - } else { - aodh_config { 'oslo_messaging_rabbit/rabbit_host': value => $rabbit_host } - aodh_config { 'oslo_messaging_rabbit/rabbit_port': value => $rabbit_port } - aodh_config { 'oslo_messaging_rabbit/rabbit_hosts': value => "${rabbit_host}:${rabbit_port}" } - } - - if $rabbit_ha_queues == undef { - if $rabbit_hosts { - aodh_config { 'oslo_messaging_rabbit/rabbit_ha_queues': value => true } - } else { - aodh_config { 'oslo_messaging_rabbit/rabbit_ha_queues': value => false } - } - } else { - aodh_config { 'oslo_messaging_rabbit/rabbit_ha_queues': value => $rabbit_ha_queues } - } - } - - if $rpc_backend == 'qpid' { - warning('Qpid driver was removed from Oslo.messaging in Mitaka release') - } - - if $notification_driver { - aodh_config { - 'DEFAULT/notification_driver': value => join(any2array($notification_driver), ','); - } - } else { - aodh_config { 'DEFAULT/notification_driver': ensure => absent; } - } - aodh_config { - 'DEFAULT/rpc_backend': value => $rpc_backend; - 'DEFAULT/notification_topics': value => $notification_topics; - 'DEFAULT/gnocchi_url': value => $gnocchi_url; - 'database/alarm_history_time_to_live': value => $alarm_history_time_to_live; - } - -} diff --git a/aodh/manifests/keystone/auth.pp b/aodh/manifests/keystone/auth.pp deleted file mode 100644 index d5f83fffc..000000000 --- a/aodh/manifests/keystone/auth.pp +++ /dev/null @@ -1,87 +0,0 @@ -# == Class: aodh::keystone::auth -# -# Configures Aodh user, service and endpoint in Keystone. -# -# === Parameters -# -# [*password*] -# (required) Password for aodh user. -# -# [*auth_name*] -# Username for aodh service. Defaults to 'aodh'. -# -# [*email*] -# Email for aodh user. Defaults to 'aodh@localhost'. -# -# [*tenant*] -# Tenant for aodh user. Defaults to 'services'. -# -# [*configure_endpoint*] -# Should aodh endpoint be configured? Defaults to 'true'. -# -# [*configure_user*] -# (Optional) Should the service user be configured? -# Defaults to 'true'. -# -# [*configure_user_role*] -# (Optional) Should the admin role be configured for the service user? -# Defaults to 'true'. -# -# [*service_type*] -# Type of service. Defaults to 'key-manager'. -# -# [*region*] -# Region for endpoint. Defaults to 'RegionOne'. -# -# [*service_name*] -# (optional) Name of the service. -# Defaults to the value of auth_name. -# -# [*public_url*] -# (optional) The endpoint's public url. (Defaults to 'http://127.0.0.1:8042') -# This url should *not* contain any trailing '/'. -# -# [*admin_url*] -# (optional) The endpoint's admin url. (Defaults to 'http://127.0.0.1:8042') -# This url should *not* contain any trailing '/'. -# -# [*internal_url*] -# (optional) The endpoint's internal url. (Defaults to 'http://127.0.0.1:8042') -# This url should *not* contain any trailing '/'. -# -class aodh::keystone::auth ( - $password, - $auth_name = 'aodh', - $email = 'aodh@localhost', - $tenant = 'services', - $configure_endpoint = true, - $configure_user = true, - $configure_user_role = true, - $service_name = undef, - $service_type = 'alarming', - $region = 'RegionOne', - $public_url = 'http://127.0.0.1:8042', - $internal_url = 'http://127.0.0.1:8042', - $admin_url = 'http://127.0.0.1:8042', -) { - - $real_service_name = pick($service_name, $auth_name) - - keystone::resource::service_identity { 'aodh': - configure_user => $configure_user, - configure_user_role => $configure_user_role, - configure_endpoint => $configure_endpoint, - service_name => $real_service_name, - service_type => $service_type, - service_description => 'OpenStack Alarming Service', - region => $region, - auth_name => $auth_name, - password => $password, - email => $email, - tenant => $tenant, - public_url => $public_url, - internal_url => $internal_url, - admin_url => $admin_url, - } - -} diff --git a/aodh/manifests/listener.pp b/aodh/manifests/listener.pp deleted file mode 100644 index 7de3b4b65..000000000 --- a/aodh/manifests/listener.pp +++ /dev/null @@ -1,49 +0,0 @@ -# Installs the aodh listener service -# -# == Params -# [*enabled*] -# (optional) Should the service be enabled. -# Defaults to true. -# -# [*manage_service*] -# (optional) Whether the service should be managed by Puppet. -# Defaults to true. -# -# [*package_ensure*] -# (optional) ensure state for package. -# Defaults to 'present' -# -class aodh::listener ( - $manage_service = true, - $enabled = true, - $package_ensure = 'present', -) { - - include ::aodh::params - - Aodh_config<||> ~> Service['aodh-listener'] - - Package[$::aodh::params::listener_package_name] -> Service['aodh-listener'] - ensure_resource( 'package', [$::aodh::params::listener_package_name], - { ensure => $package_ensure, - tag => ['openstack', 'aodh-package'] } - ) - - if $manage_service { - if $enabled { - $service_ensure = 'running' - } else { - $service_ensure = 'stopped' - } - } - - Package['aodh'] -> Service['aodh-listener'] - service { 'aodh-listener': - ensure => $service_ensure, - name => $::aodh::params::listener_service_name, - enable => $enabled, - hasstatus => true, - hasrestart => true, - tag => 'aodh-service', - } -} diff --git a/aodh/manifests/logging.pp b/aodh/manifests/logging.pp deleted file mode 100644 index 13ece3135..000000000 --- a/aodh/manifests/logging.pp +++ /dev/null @@ -1,148 +0,0 @@ -# Class aodh::logging -# -# aodh logging configuration -# -# == parameters -# -# [*verbose*] -# (Optional) Should the daemons log verbose messages -# Defaults to $::os_service_default -# -# [*debug*] -# (Optional) Should the daemons log debug messages -# Defaults to $::os_service_default -# -# [*use_syslog*] -# (Optional) Use syslog for logging. -# Defaults to $::os_service_default -# -# [*use_stderr*] -# (optional) Use stderr for logging -# Defaults to $::os_service_default -# -# [*log_facility*] -# (Optional) Syslog facility to receive log lines. -# Defaults to $::os_service_default -# -# [*log_dir*] -# (optional) Directory where logs should be stored. -# If set to boolean false or the $::os_service_default, it will not log to -# any directory. -# Defaults to '/var/log/aodh'. -# -# [*logging_context_format_string*] -# (optional) Format string to use for log messages with context. -# Defaults to $::os_service_default -# Example: '%(asctime)s.%(msecs)03d %(process)d %(levelname)s %(name)s\ -# [%(request_id)s %(user_identity)s] %(instance)s%(message)s' -# -# [*logging_default_format_string*] -# (optional) Format string to use for log messages without context. -# Defaults to $::os_service_default -# Example: '%(asctime)s.%(msecs)03d %(process)d %(levelname)s %(name)s\ -# [-] %(instance)s%(message)s' -# -# [*logging_debug_format_suffix*] -# (optional) Formatted data to append to log format when level is DEBUG. -# Defaults to $::os_service_default -# Example: '%(funcName)s %(pathname)s:%(lineno)d' -# -# [*logging_exception_prefix*] -# (optional) Prefix each line of exception output with this format. -# Defaults to $::os_service_default -# Example: '%(asctime)s.%(msecs)03d %(process)d TRACE %(name)s %(instance)s' -# -# [*log_config_append*] -# The name of an additional logging configuration file. -# Defaults to $::os_service_default -# See https://docs.python.org/2/howto/logging.html -# -# [*default_log_levels*] -# (optional) Hash of logger (keys) and level (values) pairs. -# Defaults to $::os_service_default -# Example: -# { 'amqp' => 'WARN', 'amqplib' => 'WARN', 'boto' => 'WARN', -# 'qpid' => 'WARN', 'sqlalchemy' => 'WARN', 'suds' => 'INFO', -# 'iso8601' => 'WARN', -# 'requests.packages.urllib3.connectionpool' => 'WARN' } -# -# [*publish_errors*] -# (optional) Publish error events (boolean value). -# Defaults to $::os_service_default -# -# [*fatal_deprecations*] -# (optional) Make deprecations fatal (boolean value) -# Defaults to $::os_service_default -# -# [*instance_format*] -# (optional) If an instance is passed with the log message, format it -# like this (string value). -# Defaults to $::os_service_default -# Example: '[instance: %(uuid)s] ' -# -# [*instance_uuid_format*] -# (optional) If an instance UUID is passed with the log message, format -# it like this (string value). -# Defaults to $::os_service_default -# Example: instance_uuid_format='[instance: %(uuid)s] ' - -# [*log_date_format*] -# (optional) Format string for %%(asctime)s in log records. -# Defaults to $::os_service_default -# Example: 'Y-%m-%d %H:%M:%S' - -class aodh::logging( - $use_syslog = $::os_service_default, - $use_stderr = $::os_service_default, - $log_facility = $::os_service_default, - $log_dir = '/var/log/aodh', - $verbose = $::os_service_default, - $debug = $::os_service_default, - $logging_context_format_string = $::os_service_default, - $logging_default_format_string = $::os_service_default, - $logging_debug_format_suffix = $::os_service_default, - $logging_exception_prefix = $::os_service_default, - $log_config_append = $::os_service_default, - $default_log_levels = $::os_service_default, - $publish_errors = $::os_service_default, - $fatal_deprecations = $::os_service_default, - $instance_format = $::os_service_default, - $instance_uuid_format = $::os_service_default, - $log_date_format = $::os_service_default, -) { - - # NOTE(spredzy): In order to keep backward compatibility we rely on the pick function - # to use aodh:: first then aodh::logging::. - $use_syslog_real = pick($::aodh::use_syslog,$use_syslog) - $use_stderr_real = pick($::aodh::use_stderr,$use_stderr) - $log_facility_real = pick($::aodh::log_facility,$log_facility) - $log_dir_real = pick($::aodh::log_dir,$log_dir) - $verbose_real = pick($::aodh::verbose,$verbose) - $debug_real = pick($::aodh::debug,$debug) - - if is_service_default($default_log_levels) { - $default_log_levels_real = $default_log_levels - } else { - $default_log_levels_real = join(sort(join_keys_to_values($default_log_levels, '=')), ',') - } - - aodh_config { - 'DEFAULT/debug' : value => $debug_real; - 'DEFAULT/verbose' : value => $verbose_real; - 'DEFAULT/use_stderr' : value => $use_stderr_real; - 'DEFAULT/use_syslog' : value => $use_syslog_real; - 'DEFAULT/log_dir' : value => $log_dir_real; - 'DEFAULT/syslog_log_facility' : value => $log_facility_real; - 'DEFAULT/logging_context_format_string' : value => $logging_context_format_string; - 'DEFAULT/logging_default_format_string' : value => $logging_default_format_string; - 'DEFAULT/logging_debug_format_suffix' : value => $logging_debug_format_suffix; - 'DEFAULT/logging_exception_prefix' : value => $logging_exception_prefix; - 'DEFAULT/log_config_append' : value => $log_config_append; - 'DEFAULT/default_log_levels' : value => $default_log_levels_real; - 'DEFAULT/publish_errors' : value => $publish_errors; - 'DEFAULT/fatal_deprecations' : value => $fatal_deprecations; - 'DEFAULT/instance_format' : value => $instance_format; - 'DEFAULT/instance_uuid_format' : value => $instance_uuid_format; - 'DEFAULT/log_date_format' : value => $log_date_format; - } -} diff --git a/aodh/manifests/notifier.pp b/aodh/manifests/notifier.pp deleted file mode 100644 index f4629738b..000000000 --- a/aodh/manifests/notifier.pp +++ /dev/null @@ -1,49 +0,0 @@ -# Installs the aodh notifier service -# -# == Params -# [*enabled*] -# (optional) Should the service be enabled. -# Defaults to true. -# -# [*manage_service*] -# (optional) Whether the service should be managed by Puppet. -# Defaults to true. -# -# [*package_ensure*] -# (optional) ensure state for package. -# Defaults to 'present' -# -class aodh::notifier ( - $manage_service = true, - $enabled = true, - $package_ensure = 'present', -) { - - include ::aodh::params - - Aodh_config<||> ~> Service['aodh-notifier'] - - Package[$::aodh::params::notifier_package_name] -> Service['aodh-notifier'] - ensure_resource( 'package', [$::aodh::params::notifier_package_name], - { ensure => $package_ensure, - tag => ['openstack', 'aodh-package'] } - ) - - if $manage_service { - if $enabled { - $service_ensure = 'running' - } else { - $service_ensure = 'stopped' - } - } - - Package['aodh'] -> Service['aodh-notifier'] - service { 'aodh-notifier': - ensure => $service_ensure, - name => $::aodh::params::notifier_service_name, - enable => $enabled, - hasstatus => true, - hasrestart => true, - tag => 'aodh-service', - } -} diff --git a/aodh/manifests/params.pp b/aodh/manifests/params.pp deleted file mode 100644 index 5ea82958e..000000000 --- a/aodh/manifests/params.pp +++ /dev/null @@ -1,59 +0,0 @@ -# Parameters for puppet-aodh -# -class aodh::params { - - $client_package_name = 'python-aodhclient' - - case $::osfamily { - 'RedHat': { - $common_package_name = 'openstack-aodh-common' - $psycopg_package_name = 'python-psycopg2' - $sqlite_package_name = undef - $api_package_name = 'openstack-aodh-api' - $api_service_name = 'openstack-aodh-api' - $notifier_package_name = 'openstack-aodh-notifier' - $notifier_service_name = 'openstack-aodh-notifier' - $evaluator_package_name = 'openstack-aodh-evaluator' - $evaluator_service_name = 'openstack-aodh-evaluator' - $expirer_package_name = 'openstack-aodh-expirer' - - # Deprecated in N, replaced with expirer_service_name - $expirer_package_serice = 'openstack-aodh-expirer' - - $expirer_service_name = 'openstack-aodh-expirer' - $listener_package_name = 'openstack-aodh-listener' - $listener_service_name = 'openstack-aodh-listener' - $pymongo_package_name = 'python-pymongo' - $pymysql_package_name = undef - $aodh_wsgi_script_path = '/var/www/cgi-bin/aodh' - $aodh_wsgi_script_source = '/usr/lib/python2.7/site-packages/aodh/api/app.wsgi' - } - 'Debian': { - $common_package_name = 'aodh-common' - $psycopg_package_name = 'python-psycopg2' - $sqlite_package_name = 'python-pysqlite2' - $api_package_name = 'aodh-api' - $api_service_name = 'aodh-api' - $notifier_package_name = 'aodh-notifier' - $notifier_service_name = 'aodh-notifier' - $evaluator_package_name = 'aodh-evaluator' - $evaluator_service_name = 'aodh-evaluator' - $expirer_package_name = 'aodh-expirer' - - # Deprecated in N, replaced with expirer_service_name - $expirer_package_serice = 'aodh-expirer' - - $expirer_service_name = 'aodh-expirer' - $listener_package_name = 'aodh-listener' - $listener_service_name = 'aodh-listener' - $pymongo_package_name = 'python-pymongo' - $pymysql_package_name = 'python-pymysql' - $aodh_wsgi_script_path = '/usr/lib/cgi-bin/aodh' - $aodh_wsgi_script_source = '/usr/share/aodh-common/app.wsgi' - } - default: { - fail("Unsupported osfamily: ${::osfamily} operatingsystem") - } - - } # Case $::osfamily -} diff --git a/aodh/manifests/policy.pp b/aodh/manifests/policy.pp deleted file mode 100644 index 6ee45259c..000000000 --- a/aodh/manifests/policy.pp +++ /dev/null @@ -1,39 +0,0 @@ -# == Class: aodh::policy -# -# Configure the aodh policies -# -# === Parameters -# -# [*policies*] -# (optional) Set of policies to configure for aodh -# Example : -# { -# 'aodh-context_is_admin' => { -# 'key' => 'context_is_admin', -# 'value' => 'true' -# }, -# 'aodh-default' => { -# 'key' => 'default', -# 'value' => 'rule:admin_or_owner' -# } -# } -# Defaults to empty hash. -# -# [*policy_path*] -# (optional) Path to the nova policy.json file -# Defaults to /etc/aodh/policy.json -# -class aodh::policy ( - $policies = {}, - $policy_path = '/etc/aodh/policy.json', -) { - - validate_hash($policies) - - Openstacklib::Policy::Base { - file_path => $policy_path, - } - - create_resources('openstacklib::policy::base', $policies) - -} diff --git a/aodh/manifests/wsgi/apache.pp b/aodh/manifests/wsgi/apache.pp deleted file mode 100644 index a9119b356..000000000 --- a/aodh/manifests/wsgi/apache.pp +++ /dev/null @@ -1,128 +0,0 @@ -# -# Copyright (C) 2015 eNovance SAS -# -# Author: Emilien Macchi -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. You may obtain -# a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the -# License for the specific language governing permissions and limitations -# under the License. -# -# Class to serve aodh API with apache mod_wsgi in place of aodh-api service. -# -# Serving aodh API from apache is the recommended way to go for production -# because of limited performance for concurrent accesses when running eventlet. -# -# When using this class you should disable your aodh-api service. -# -# == Parameters -# -# [*servername*] -# The servername for the virtualhost. -# Optional. Defaults to $::fqdn -# -# [*port*] -# The port. -# Optional. Defaults to 8042 -# -# [*bind_host*] -# The host/ip address Apache will listen on. -# Optional. Defaults to undef (listen on all ip addresses). -# -# [*path*] -# The prefix for the endpoint. -# Optional. Defaults to '/' -# -# [*ssl*] -# Use ssl ? (boolean) -# Optional. Defaults to true -# -# [*workers*] -# Number of WSGI workers to spawn. -# Optional. Defaults to 1 -# -# [*priority*] -# (optional) The priority for the vhost. -# Defaults to '10' -# -# [*threads*] -# (optional) The number of threads for the vhost. -# Defaults to $::processorcount -# -# [*ssl_cert*] -# [*ssl_key*] -# [*ssl_chain*] -# [*ssl_ca*] -# [*ssl_crl_path*] -# [*ssl_crl*] -# [*ssl_certs_dir*] -# apache::vhost ssl parameters. -# Optional. Default to apache::vhost 'ssl_*' defaults. -# -# == Dependencies -# -# requires Class['apache'] & Class['aodh'] -# -# == Examples -# -# include apache -# -# class { 'aodh::wsgi::apache': } -# -class aodh::wsgi::apache ( - $servername = $::fqdn, - $port = 8042, - $bind_host = undef, - $path = '/', - $ssl = true, - $workers = 1, - $ssl_cert = undef, - $ssl_key = undef, - $ssl_chain = undef, - $ssl_ca = undef, - $ssl_crl_path = undef, - $ssl_crl = undef, - $ssl_certs_dir = undef, - $threads = $::processorcount, - $priority = '10', -) { - - include ::aodh::params - include ::apache - include ::apache::mod::wsgi - if $ssl { - include ::apache::mod::ssl - } - - ::openstacklib::wsgi::apache { 'aodh_wsgi': - bind_host => $bind_host, - bind_port => $port, - group => 'aodh', - path => $path, - priority => $priority, - servername => $servername, - ssl => $ssl, - ssl_ca => $ssl_ca, - ssl_cert => $ssl_cert, - ssl_certs_dir => $ssl_certs_dir, - ssl_chain => $ssl_chain, - ssl_crl => $ssl_crl, - ssl_crl_path => $ssl_crl_path, - ssl_key => $ssl_key, - threads => $threads, - user => 'aodh', - workers => $workers, - wsgi_daemon_process => 'aodh', - wsgi_process_group => 'aodh', - wsgi_script_dir => $::aodh::params::aodh_wsgi_script_path, - wsgi_script_file => 'app', - wsgi_script_source => $::aodh::params::aodh_wsgi_script_source, - } -} diff --git a/aodh/metadata.json b/aodh/metadata.json deleted file mode 100644 index 02f3b29f2..000000000 --- a/aodh/metadata.json +++ /dev/null @@ -1,30 +0,0 @@ -{ - "name": "openstack-aodh", - "version": "8.1.0", - "author": "OpenStack Contributors", - "summary": "Puppet module for OpenStack Aodh", - "license": "Apache-2.0", - "source": "git://github.com/openstack/puppet-aodh.git", - "project_page": "https://launchpad.net/puppet-aodh", - "issues_url": "https://bugs.launchpad.net/puppet-aodh", - "requirements": [ - { "name": "pe", "version_requirement": ">= 3.2.0 <= 2016.1.0" }, - { "name": "puppet", "version_requirement": ">= 3.0.0 < 5.0.0" } - ], - "operatingsystem_support": [ - { - "operatingsystem": "RedHat", - "operatingsystemrelease": ["7"] - }, - { - "operatingsystem": "Ubuntu", - "operatingsystemrelease": ["14.04"] - } - ], - "description": "Installs and configures OpenStack Aodh.", - "dependencies": [ - { "name": "puppetlabs/inifile", "version_requirement": ">=1.4.0 <2.0.0" }, - { "name": "puppetlabs/stdlib", "version_requirement": ">= 4.9.0 <5.0.0" }, - { "name": "openstack/openstacklib", "version_requirement": ">=8.1.0 <9.0.0" } - ] -} diff --git a/aodh/releasenotes/notes/gnocchi-1aff76df364ba03a.yaml b/aodh/releasenotes/notes/gnocchi-1aff76df364ba03a.yaml deleted file mode 100644 index 1bd93516a..000000000 --- a/aodh/releasenotes/notes/gnocchi-1aff76df364ba03a.yaml +++ /dev/null @@ -1,3 +0,0 @@ ---- -features: - - Implement gnocchi_url parameter. diff --git a/aodh/releasenotes/notes/mitaka-dece9d43a565e6cb.yaml b/aodh/releasenotes/notes/mitaka-dece9d43a565e6cb.yaml deleted file mode 100644 index 3f1023478..000000000 --- a/aodh/releasenotes/notes/mitaka-dece9d43a565e6cb.yaml +++ /dev/null @@ -1,3 +0,0 @@ ---- -prelude: > - This is the first Mitaka release for puppet-aodh module. diff --git a/aodh/releasenotes/notes/mongodb_support-d32111a0380f0d21.yaml b/aodh/releasenotes/notes/mongodb_support-d32111a0380f0d21.yaml deleted file mode 100644 index 12d30e995..000000000 --- a/aodh/releasenotes/notes/mongodb_support-d32111a0380f0d21.yaml +++ /dev/null @@ -1,3 +0,0 @@ ---- -features: - - Support MongoDB as database backend. diff --git a/aodh/releasenotes/notes/pymysql-e57bf1f0289dd426.yaml b/aodh/releasenotes/notes/pymysql-e57bf1f0289dd426.yaml deleted file mode 100644 index 3556c0c8c..000000000 --- a/aodh/releasenotes/notes/pymysql-e57bf1f0289dd426.yaml +++ /dev/null @@ -1,3 +0,0 @@ ---- -features: - - Support of PyMySQL driver for MySQL backend. diff --git a/aodh/releasenotes/notes/remove_qpid-0b446db43fdea617.yaml b/aodh/releasenotes/notes/remove_qpid-0b446db43fdea617.yaml deleted file mode 100644 index c59a436d3..000000000 --- a/aodh/releasenotes/notes/remove_qpid-0b446db43fdea617.yaml +++ /dev/null @@ -1,5 +0,0 @@ ---- -deprecations: - - Remove QPID messaging support. - Qpid messaging driver is removed from oslo.messaging so we won't support - anymore. diff --git a/aodh/releasenotes/notes/use-reno-1caaec4ba5aa4285.yaml b/aodh/releasenotes/notes/use-reno-1caaec4ba5aa4285.yaml deleted file mode 100644 index 41cef2f11..000000000 --- a/aodh/releasenotes/notes/use-reno-1caaec4ba5aa4285.yaml +++ /dev/null @@ -1,4 +0,0 @@ ---- -features: - - Release notes are no longer maintained by hand, we now use the reno tool to - manage them. diff --git a/aodh/releasenotes/source/_static/.placeholder b/aodh/releasenotes/source/_static/.placeholder deleted file mode 100644 index e69de29bb..000000000 diff --git a/aodh/releasenotes/source/conf.py b/aodh/releasenotes/source/conf.py deleted file mode 100644 index 6697bfcb3..000000000 --- a/aodh/releasenotes/source/conf.py +++ /dev/null @@ -1,259 +0,0 @@ -# -*- coding: utf-8 -*- -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or -# implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -# If extensions (or modules to document with autodoc) are in another directory, -# add these directories to sys.path here. If the directory is relative to the -# documentation root, use os.path.abspath to make it absolute, like shown here. -#sys.path.insert(0, os.path.abspath('.')) - -# -- General configuration ------------------------------------------------ - -# If your documentation needs a minimal Sphinx version, state it here. -#needs_sphinx = '1.0' - -# Add any Sphinx extension module names here, as strings. They can be -# extensions coming with Sphinx (named 'sphinx.ext.*') or your custom -# ones. -extensions = [ - 'oslosphinx', - 'reno.sphinxext', -] - -# Add any paths that contain templates here, relative to this directory. -templates_path = ['_templates'] - -# The suffix of source filenames. -source_suffix = '.rst' - -# The encoding of source files. -#source_encoding = 'utf-8-sig' - -# The master toctree document. -master_doc = 'index' - -# General information about the project. -project = u'puppet-aodh Release Notes' -copyright = u'2016, Puppet OpenStack Developers' - -# The version info for the project you're documenting, acts as replacement for -# |version| and |release|, also used in various other places throughout the -# built documents. -# -# The short X.Y version. -version = '8.1.0' -# The full version, including alpha/beta/rc tags. -release = '8.1.0' - -# The language for content autogenerated by Sphinx. Refer to documentation -# for a list of supported languages. -#language = None - -# There are two options for replacing |today|: either, you set today to some -# non-false value, then it is used: -#today = '' -# Else, today_fmt is used as the format for a strftime call. -#today_fmt = '%B %d, %Y' - -# List of patterns, relative to source directory, that match files and -# directories to ignore when looking for source files. -exclude_patterns = [] - -# The reST default role (used for this markup: `text`) to use for all -# documents. -#default_role = None - -# If true, '()' will be appended to :func: etc. cross-reference text. -#add_function_parentheses = True - -# If true, the current module name will be prepended to all description -# unit titles (such as .. function::). -#add_module_names = True - -# If true, sectionauthor and moduleauthor directives will be shown in the -# output. They are ignored by default. -#show_authors = False - -# The name of the Pygments (syntax highlighting) style to use. -pygments_style = 'sphinx' - -# A list of ignored prefixes for module index sorting. -#modindex_common_prefix = [] - -# If true, keep warnings as "system message" paragraphs in the built documents. -#keep_warnings = False - - -# -- Options for HTML output ---------------------------------------------- - -# The theme to use for HTML and HTML Help pages. See the documentation for -# a list of builtin themes. -html_theme = 'default' - -# Theme options are theme-specific and customize the look and feel of a theme -# further. For a list of options available for each theme, see the -# documentation. -#html_theme_options = {} - -# Add any paths that contain custom themes here, relative to this directory. -#html_theme_path = [] - -# The name for this set of Sphinx documents. If None, it defaults to -# " v documentation". -#html_title = None - -# A shorter title for the navigation bar. Default is the same as html_title. -#html_short_title = None - -# The name of an image file (relative to this directory) to place at the top -# of the sidebar. -#html_logo = None - -# The name of an image file (within the static path) to use as favicon of the -# docs. This file should be a Windows icon file (.ico) being 16x16 or 32x32 -# pixels large. -#html_favicon = None - -# Add any paths that contain custom static files (such as style sheets) here, -# relative to this directory. They are copied after the builtin static files, -# so a file named "default.css" will overwrite the builtin "default.css". -html_static_path = ['_static'] - -# Add any extra paths that contain custom files (such as robots.txt or -# .htaccess) here, relative to this directory. These files are copied -# directly to the root of the documentation. -#html_extra_path = [] - -# If not '', a 'Last updated on:' timestamp is inserted at every page bottom, -# using the given strftime format. -#html_last_updated_fmt = '%b %d, %Y' - -# If true, SmartyPants will be used to convert quotes and dashes to -# typographically correct entities. -#html_use_smartypants = True - -# Custom sidebar templates, maps document names to template names. -#html_sidebars = {} - -# Additional templates that should be rendered to pages, maps page names to -# template names. -#html_additional_pages = {} - -# If false, no module index is generated. -#html_domain_indices = True - -# If false, no index is generated. -#html_use_index = True - -# If true, the index is split into individual pages for each letter. -#html_split_index = False - -# If true, links to the reST sources are added to the pages. -#html_show_sourcelink = True - -# If true, "Created using Sphinx" is shown in the HTML footer. Default is True. -#html_show_sphinx = True - -# If true, "(C) Copyright ..." is shown in the HTML footer. Default is True. -#html_show_copyright = True - -# If true, an OpenSearch description file will be output, and all pages will -# contain a tag referring to it. The value of this option must be the -# base URL from which the finished HTML is served. -#html_use_opensearch = '' - -# This is the file name suffix for HTML files (e.g. ".xhtml"). -#html_file_suffix = None - -# Output file base name for HTML help builder. -htmlhelp_basename = 'puppet-aodhReleaseNotesdoc' - - -# -- Options for LaTeX output --------------------------------------------- - -latex_elements = { -# The paper size ('letterpaper' or 'a4paper'). -#'papersize': 'letterpaper', - -# The font size ('10pt', '11pt' or '12pt'). -#'pointsize': '10pt', - -# Additional stuff for the LaTeX preamble. -#'preamble': '', -} - -# Grouping the document tree into LaTeX files. List of tuples -# (source start file, target name, title, -# author, documentclass [howto, manual, or own class]). -latex_documents = [ - ('index', 'puppet-aodhReleaseNotes.tex', u'puppet-aodh Release Notes Documentation', - u'2016, Puppet OpenStack Developers', 'manual'), -] - -# The name of an image file (relative to this directory) to place at the top of -# the title page. -#latex_logo = None - -# For "manual" documents, if this is true, then toplevel headings are parts, -# not chapters. -#latex_use_parts = False - -# If true, show page references after internal links. -#latex_show_pagerefs = False - -# If true, show URL addresses after external links. -#latex_show_urls = False - -# Documents to append as an appendix to all manuals. -#latex_appendices = [] - -# If false, no module index is generated. -#latex_domain_indices = True - - -# -- Options for manual page output --------------------------------------- - -# One entry per manual page. List of tuples -# (source start file, name, description, authors, manual section). -man_pages = [ - ('index', 'puppet-aodhreleasenotes', u'puppet-aodh Release Notes Documentation', - [u'2016, Puppet OpenStack Developers'], 1) -] - -# If true, show URL addresses after external links. -#man_show_urls = False - - -# -- Options for Texinfo output ------------------------------------------- - -# Grouping the document tree into Texinfo files. List of tuples -# (source start file, target name, title, author, -# dir menu entry, description, category) -texinfo_documents = [ - ('index', 'puppet-aodhReleaseNotes', u'puppet-aodh Release Notes Documentation', - u'2016, Puppet OpenStack Developers', 'puppet-aodhReleaseNotes', 'One line description of project.', - 'Miscellaneous'), -] - -# Documents to append as an appendix to all manuals. -#texinfo_appendices = [] - -# If false, no module index is generated. -#texinfo_domain_indices = True - -# How to display URL addresses: 'footnote', 'no', or 'inline'. -#texinfo_show_urls = 'footnote' - -# If true, do not generate a @detailmenu in the "Top" node's menu. -#texinfo_no_detailmenu = False diff --git a/aodh/releasenotes/source/index.rst b/aodh/releasenotes/source/index.rst deleted file mode 100644 index 047b47046..000000000 --- a/aodh/releasenotes/source/index.rst +++ /dev/null @@ -1,19 +0,0 @@ -===================================== -Welcome to puppet-aodh Release Notes! -===================================== - -Contents -======== - -.. toctree:: - :maxdepth: 2 - - mitaka - unreleased - - -Indices and tables -================== - -* :ref:`genindex` -* :ref:`search` diff --git a/aodh/releasenotes/source/mitaka.rst b/aodh/releasenotes/source/mitaka.rst deleted file mode 100644 index 97ab8d1d3..000000000 --- a/aodh/releasenotes/source/mitaka.rst +++ /dev/null @@ -1,6 +0,0 @@ -============================ - Mitaka Series Release Notes -============================ - -.. release-notes:: - :branch: origin/stable/mitaka diff --git a/aodh/releasenotes/source/unreleased.rst b/aodh/releasenotes/source/unreleased.rst deleted file mode 100644 index 2334dd5cf..000000000 --- a/aodh/releasenotes/source/unreleased.rst +++ /dev/null @@ -1,5 +0,0 @@ -============================== - Current Series Release Notes -============================== - - .. release-notes:: diff --git a/aodh/setup.cfg b/aodh/setup.cfg deleted file mode 100644 index 2f17d8d12..000000000 --- a/aodh/setup.cfg +++ /dev/null @@ -1,13 +0,0 @@ -[metadata] -name = puppet-aodh -summary = Puppet module for OpenStack Aodh -description-file = - README.md -author = Puppet Labs and OpenStack Contributors -author-email = openstack-dev@lists.openstack.org -home-page = http://www.openstack.org/ -classifier = - Intended Audience :: Developers - Intended Audience :: System Administrators - License :: OSI Approved :: Apache Software License - Operating System :: POSIX :: Linux diff --git a/aodh/setup.py b/aodh/setup.py deleted file mode 100644 index 70c2b3f32..000000000 --- a/aodh/setup.py +++ /dev/null @@ -1,22 +0,0 @@ -#!/usr/bin/env python -# Copyright (c) 2013 Hewlett-Packard Development Company, L.P. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or -# implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# THIS FILE IS MANAGED BY THE GLOBAL REQUIREMENTS REPO - DO NOT EDIT -import setuptools - -setuptools.setup( - setup_requires=['pbr'], - pbr=True) diff --git a/aodh/spec/acceptance/aodh_wsgi_apache_spec.rb b/aodh/spec/acceptance/aodh_wsgi_apache_spec.rb deleted file mode 100644 index 12d29e5d7..000000000 --- a/aodh/spec/acceptance/aodh_wsgi_apache_spec.rb +++ /dev/null @@ -1,83 +0,0 @@ -require 'spec_helper_acceptance' - -describe 'basic aodh' do - - context 'default parameters' do - - it 'should work with no errors' do - pp= <<-EOS - include ::openstack_integration - include ::openstack_integration::repos - include ::openstack_integration::rabbitmq - include ::openstack_integration::mysql - include ::openstack_integration::keystone - - rabbitmq_user { 'aodh': - admin => true, - password => 'an_even_bigger_secret', - provider => 'rabbitmqctl', - require => Class['rabbitmq'], - } - - rabbitmq_user_permissions { 'aodh@/': - configure_permission => '.*', - write_permission => '.*', - read_permission => '.*', - provider => 'rabbitmqctl', - require => Class['rabbitmq'], - } - - class { '::aodh': - rabbit_userid => 'aodh', - rabbit_password => 'an_even_bigger_secret', - verbose => true, - debug => true, - rabbit_host => '127.0.0.1', - database_connection => 'mysql://aodh:a_big_secret@127.0.0.1/aodh?charset=utf8', - } - class { '::aodh::db::mysql': - password => 'a_big_secret', - } - class { '::aodh::keystone::auth': - password => 'a_big_secret', - } - class { '::aodh::api': - enabled => true, - keystone_password => 'a_big_secret', - keystone_identity_uri => 'http://127.0.0.1:35357/', - service_name => 'httpd', - } - include ::apache - class { '::aodh::wsgi::apache': - ssl => false, - } - class { '::aodh::auth': - auth_url => 'http://127.0.0.1:5000/v2.0', - auth_password => 'a_big_secret', - } - class { '::aodh::client': } - class { '::aodh::notifier': } - class { '::aodh::listener': } - case $::osfamily { - 'Debian': { - warning('aodh-evaluator cannot be run on ubuntu system, package is broken. See LP#1508463') - } - 'RedHat': { - class { '::aodh::evaluator': } - class { '::aodh::db::sync': } - } - } - EOS - - - # Run it twice and test for idempotency - apply_manifest(pp, :catch_failures => true) - apply_manifest(pp, :catch_changes => true) - end - - describe port(8042) do - it { is_expected.to be_listening } - end - end - -end diff --git a/aodh/spec/acceptance/nodesets/centos-70-x64.yml b/aodh/spec/acceptance/nodesets/centos-70-x64.yml deleted file mode 100644 index 5f097e9fe..000000000 --- a/aodh/spec/acceptance/nodesets/centos-70-x64.yml +++ /dev/null @@ -1,11 +0,0 @@ -HOSTS: - centos-server-70-x64: - roles: - - master - platform: el-7-x86_64 - box: puppetlabs/centos-7.0-64-nocm - box_url: https://vagrantcloud.com/puppetlabs/centos-7.0-64-nocm - hypervisor: vagrant -CONFIG: - log_level: debug - type: foss diff --git a/aodh/spec/acceptance/nodesets/default.yml b/aodh/spec/acceptance/nodesets/default.yml deleted file mode 100644 index 486b6a34e..000000000 --- a/aodh/spec/acceptance/nodesets/default.yml +++ /dev/null @@ -1,10 +0,0 @@ -HOSTS: - ubuntu-server-14.04-amd64: - roles: - - master - platform: ubuntu-14.04-amd64 - box: puppetlabs/ubuntu-14.04-64-nocm - box_url: https://vagrantcloud.com/puppetlabs/ubuntu-14.04-64-nocm - hypervisor: vagrant -CONFIG: - type: foss diff --git a/aodh/spec/acceptance/nodesets/nodepool-centos7.yml b/aodh/spec/acceptance/nodesets/nodepool-centos7.yml deleted file mode 100644 index c55287420..000000000 --- a/aodh/spec/acceptance/nodesets/nodepool-centos7.yml +++ /dev/null @@ -1,10 +0,0 @@ -HOSTS: - centos-70-x64: - roles: - - master - platform: el-7-x86_64 - hypervisor: none - ip: 127.0.0.1 -CONFIG: - type: foss - set_env: false diff --git a/aodh/spec/acceptance/nodesets/nodepool-trusty.yml b/aodh/spec/acceptance/nodesets/nodepool-trusty.yml deleted file mode 100644 index 9fc624e24..000000000 --- a/aodh/spec/acceptance/nodesets/nodepool-trusty.yml +++ /dev/null @@ -1,10 +0,0 @@ -HOSTS: - ubuntu-14.04-amd64: - roles: - - master - platform: ubuntu-14.04-amd64 - hypervisor: none - ip: 127.0.0.1 -CONFIG: - type: foss - set_env: false diff --git a/aodh/spec/acceptance/nodesets/ubuntu-server-1404-x64.yml b/aodh/spec/acceptance/nodesets/ubuntu-server-1404-x64.yml deleted file mode 100644 index 8001929b2..000000000 --- a/aodh/spec/acceptance/nodesets/ubuntu-server-1404-x64.yml +++ /dev/null @@ -1,11 +0,0 @@ -HOSTS: - ubuntu-server-14.04-amd64: - roles: - - master - platform: ubuntu-14.04-amd64 - box: puppetlabs/ubuntu-14.04-64-nocm - box_url: https://vagrantcloud.com/puppetlabs/ubuntu-14.04-64-nocm - hypervisor: vagrant -CONFIG: - log_level: debug - type: foss diff --git a/aodh/spec/classes/aodh_api_spec.rb b/aodh/spec/classes/aodh_api_spec.rb deleted file mode 100644 index 3567e000c..000000000 --- a/aodh/spec/classes/aodh_api_spec.rb +++ /dev/null @@ -1,163 +0,0 @@ -require 'spec_helper' - -describe 'aodh::api' do - - let :pre_condition do - "class { 'aodh': } - include ::aodh::db" - end - - let :params do - { :enabled => true, - :manage_service => true, - :keystone_password => 'aodh-passw0rd', - :keystone_tenant => 'services', - :keystone_user => 'aodh', - :package_ensure => 'latest', - :port => '8042', - :host => '0.0.0.0', - } - end - - shared_examples_for 'aodh-api' do - - context 'without required parameter keystone_password' do - before { params.delete(:keystone_password) } - it { expect { is_expected.to raise_error(Puppet::Error) } } - end - - it { is_expected.to contain_class('aodh::params') } - it { is_expected.to contain_class('aodh::policy') } - - it 'installs aodh-api package' do - is_expected.to contain_package('aodh-api').with( - :ensure => 'latest', - :name => platform_params[:api_package_name], - :tag => ['openstack', 'aodh-package'], - ) - end - - it 'configures keystone authentication middleware' do - is_expected.to contain_aodh_config('keystone_authtoken/admin_tenant_name').with_value( params[:keystone_tenant] ) - is_expected.to contain_aodh_config('keystone_authtoken/admin_user').with_value( params[:keystone_user] ) - is_expected.to contain_aodh_config('keystone_authtoken/admin_password').with_value( params[:keystone_password] ) - is_expected.to contain_aodh_config('keystone_authtoken/admin_password').with_value( params[:keystone_password] ).with_secret(true) - is_expected.to contain_aodh_config('api/host').with_value( params[:host] ) - is_expected.to contain_aodh_config('api/port').with_value( params[:port] ) - end - - [{:enabled => true}, {:enabled => false}].each do |param_hash| - context "when service should be #{param_hash[:enabled] ? 'enabled' : 'disabled'}" do - before do - params.merge!(param_hash) - end - - it 'configures aodh-api service' do - is_expected.to contain_service('aodh-api').with( - :ensure => (params[:manage_service] && params[:enabled]) ? 'running' : 'stopped', - :name => platform_params[:api_service_name], - :enable => params[:enabled], - :hasstatus => true, - :hasrestart => true, - :require => 'Class[Aodh::Db]', - :tag => 'aodh-service', - ) - end - end - end - - context 'with disabled service managing' do - before do - params.merge!({ - :manage_service => false, - :enabled => false }) - end - - it 'configures aodh-api service' do - is_expected.to contain_service('aodh-api').with( - :ensure => nil, - :name => platform_params[:api_service_name], - :enable => false, - :hasstatus => true, - :hasrestart => true, - :tag => 'aodh-service', - ) - end - end - - context 'when running aodh-api in wsgi' do - before do - params.merge!({ :service_name => 'httpd' }) - end - - let :pre_condition do - "include ::apache - include ::aodh::db - class { 'aodh': }" - end - - it 'configures aodh-api service with Apache' do - is_expected.to contain_service('aodh-api').with( - :ensure => 'stopped', - :name => platform_params[:api_service_name], - :enable => false, - :tag => 'aodh-service', - ) - end - end - - context 'when service_name is not valid' do - before do - params.merge!({ :service_name => 'foobar' }) - end - - let :pre_condition do - "include ::apache - include ::aodh::db - class { 'aodh': }" - end - - it_raises 'a Puppet::Error', /Invalid service_name/ - end - - context "with custom keystone identity_uri and auth_uri" do - before do - params.merge!({ - :keystone_identity_uri => 'https://foo.bar:35357/', - :keystone_auth_uri => 'https://foo.bar:5000/v2.0/', - }) - end - it 'configures identity_uri and auth_uri but deprecates old auth settings' do - is_expected.to contain_aodh_config('keystone_authtoken/identity_uri').with_value("https://foo.bar:35357/"); - is_expected.to contain_aodh_config('keystone_authtoken/auth_uri').with_value("https://foo.bar:5000/v2.0/"); - end - end - end - - on_supported_os({ - :supported_os => OSDefaults.get_supported_os - }).each do |os,facts| - context "on #{os}" do - let (:facts) do - facts.merge!(OSDefaults.get_facts({ - :fqdn => 'some.host.tld', - :processorcount => 2, - :concat_basedir => '/var/lib/puppet/concat' - })) - end - - let(:platform_params) do - case facts[:osfamily] - when 'Debian' - { :api_package_name => 'aodh-api', - :api_service_name => 'aodh-api' } - when 'RedHat' - { :api_package_name => 'openstack-aodh-api', - :api_service_name => 'openstack-aodh-api' } - end - end - it_configures 'aodh-api' - end - end - -end diff --git a/aodh/spec/classes/aodh_auth_spec.rb b/aodh/spec/classes/aodh_auth_spec.rb deleted file mode 100644 index 2ff64a7c8..000000000 --- a/aodh/spec/classes/aodh_auth_spec.rb +++ /dev/null @@ -1,51 +0,0 @@ -require 'spec_helper' - -describe 'aodh::auth' do - - let :params do - { :auth_url => 'http://localhost:5000/v2.0', - :auth_region => 'RegionOne', - :auth_user => 'aodh', - :auth_password => 'password', - :auth_tenant_name => 'services', - } - end - - shared_examples_for 'aodh-auth' do - - it 'configures authentication' do - is_expected.to contain_aodh_config('service_credentials/os_auth_url').with_value('http://localhost:5000/v2.0') - is_expected.to contain_aodh_config('service_credentials/os_region_name').with_value('RegionOne') - is_expected.to contain_aodh_config('service_credentials/os_username').with_value('aodh') - is_expected.to contain_aodh_config('service_credentials/os_password').with_value('password') - is_expected.to contain_aodh_config('service_credentials/os_password').with_value(params[:auth_password]).with_secret(true) - is_expected.to contain_aodh_config('service_credentials/os_tenant_name').with_value('services') - is_expected.to contain_aodh_config('service_credentials/os_cacert').with(:ensure => 'absent') - end - - context 'when overriding parameters' do - before do - params.merge!( - :auth_cacert => '/tmp/dummy.pem', - :auth_endpoint_type => 'internalURL', - ) - end - it { is_expected.to contain_aodh_config('service_credentials/os_cacert').with_value(params[:auth_cacert]) } - it { is_expected.to contain_aodh_config('service_credentials/os_endpoint_type').with_value(params[:auth_endpoint_type]) } - end - - end - - on_supported_os({ - :supported_os => OSDefaults.get_supported_os - }).each do |os,facts| - context "on #{os}" do - let (:facts) do - facts.merge!(OSDefaults.get_facts()) - end - - it_configures 'aodh-auth' - end - end - -end diff --git a/aodh/spec/classes/aodh_client_spec.rb b/aodh/spec/classes/aodh_client_spec.rb deleted file mode 100644 index a9c5ec8c6..000000000 --- a/aodh/spec/classes/aodh_client_spec.rb +++ /dev/null @@ -1,30 +0,0 @@ -require 'spec_helper' - -describe 'aodh::client' do - - shared_examples_for 'aodh client' do - - it { is_expected.to contain_class('aodh::params') } - - it 'installs aodh client package' do - is_expected.to contain_package('python-aodhclient').with( - :ensure => 'present', - :name => 'python-aodhclient', - :tag => 'openstack', - ) - end - end - - on_supported_os({ - :supported_os => OSDefaults.get_supported_os - }).each do |os,facts| - context "on #{os}" do - let (:facts) do - facts.merge!(OSDefaults.get_facts()) - end - - it_configures 'aodh client' - end - end - -end diff --git a/aodh/spec/classes/aodh_db_mysql_spec.rb b/aodh/spec/classes/aodh_db_mysql_spec.rb deleted file mode 100644 index c5c5875e5..000000000 --- a/aodh/spec/classes/aodh_db_mysql_spec.rb +++ /dev/null @@ -1,62 +0,0 @@ -require 'spec_helper' - -describe 'aodh::db::mysql' do - - let :pre_condition do - [ - 'include mysql::server', - 'include aodh::db::sync' - ] - end - - let :facts do - { :osfamily => 'Debian' } - end - - let :params do - { - 'password' => 'fooboozoo_default_password', - } - end - - describe 'with only required params' do - it { is_expected.to contain_openstacklib__db__mysql('aodh').with( - 'user' => 'aodh', - 'password_hash' => '*3DDF34A86854A312A8E2C65B506E21C91800D206', - 'dbname' => 'aodh', - 'host' => '127.0.0.1', - 'charset' => 'utf8', - :collate => 'utf8_general_ci', - )} - end - - describe "overriding allowed_hosts param to array" do - let :params do - { - :password => 'aodhpass', - :allowed_hosts => ['127.0.0.1','%'] - } - end - - end - describe "overriding allowed_hosts param to string" do - let :params do - { - :password => 'aodhpass2', - :allowed_hosts => '192.168.1.1' - } - end - - end - - describe "overriding allowed_hosts param equals to host param " do - let :params do - { - :password => 'aodhpass2', - :allowed_hosts => '127.0.0.1' - } - end - - end - -end diff --git a/aodh/spec/classes/aodh_db_postgresql_spec.rb b/aodh/spec/classes/aodh_db_postgresql_spec.rb deleted file mode 100644 index 4f8686257..000000000 --- a/aodh/spec/classes/aodh_db_postgresql_spec.rb +++ /dev/null @@ -1,42 +0,0 @@ -require 'spec_helper' - -describe 'aodh::db::postgresql' do - - let :req_params do - { :password => 'pw' } - end - - let :pre_condition do - 'include postgresql::server' - end - - shared_examples 'aodh::db::postgresql' do - context 'with only required parameters' do - let :params do - req_params - end - - it { is_expected.to contain_postgresql__server__db('aodh').with( - :user => 'aodh', - :password => 'md534e5dd092d680f3d8c11c62951fb5c19' - )} - end - - end - - on_supported_os({ - :supported_os => OSDefaults.get_supported_os - }).each do |os,facts| - context "on #{os}" do - let (:facts) do - facts.merge!(OSDefaults.get_facts({ - :concat_basedir => '/var/lib/puppet/concat' - })) - end - - it_configures 'aodh::db::postgresql' - end - end - - -end diff --git a/aodh/spec/classes/aodh_db_spec.rb b/aodh/spec/classes/aodh_db_spec.rb deleted file mode 100644 index e78caa3cc..000000000 --- a/aodh/spec/classes/aodh_db_spec.rb +++ /dev/null @@ -1,148 +0,0 @@ -require 'spec_helper' - -describe 'aodh::db' do - - shared_examples 'aodh::db' do - - context 'with default parameters' do - - it { is_expected.to contain_class('aodh::params') } - it { is_expected.to contain_aodh_config('database/connection').with_value('sqlite:////var/lib/aodh/aodh.sqlite') } - it { is_expected.to contain_aodh_config('database/idle_timeout').with_value('3600') } - it { is_expected.to contain_aodh_config('database/min_pool_size').with_value('1') } - it { is_expected.to contain_aodh_config('database/max_retries').with_value('10') } - it { is_expected.to contain_aodh_config('database/retry_interval').with_value('10') } - - end - - context 'with specific parameters' do - let :params do - { :database_connection => 'mysql+pymysql://aodh:aodh@localhost/aodh', - :database_idle_timeout => '3601', - :database_min_pool_size => '2', - :database_max_retries => '11', - :database_retry_interval => '11', - } - end - - it { is_expected.to contain_class('aodh::params') } - it { is_expected.to contain_aodh_config('database/connection').with_value('mysql+pymysql://aodh:aodh@localhost/aodh').with_secret(true) } - it { is_expected.to contain_aodh_config('database/idle_timeout').with_value('3601') } - it { is_expected.to contain_aodh_config('database/min_pool_size').with_value('2') } - it { is_expected.to contain_aodh_config('database/max_retries').with_value('11') } - it { is_expected.to contain_aodh_config('database/retry_interval').with_value('11') } - - end - - context 'with postgresql backend' do - let :params do - { :database_connection => 'postgresql://localhost:1234/aodh', } - end - - it 'install the proper backend package' do - is_expected.to contain_package('python-psycopg2').with(:ensure => 'present') - end - - end - - context 'with MySQL-python library as backend package' do - let :params do - { :database_connection => 'mysql://aodh:aodh@localhost/aodh', } - end - - it { is_expected.to contain_package('python-mysqldb').with(:ensure => 'present') } - end - - context 'with mongodb backend' do - let :params do - { :database_connection => 'mongodb://localhost:1234/aodh', } - end - - it 'installs python-mongodb package' do - is_expected.to contain_package('aodh-backend-package').with( - :ensure => 'present', - :name => 'python-pymongo', - :tag => 'openstack' - ) - is_expected.to contain_aodh_config('database/connection').with_value('mongodb://localhost:1234/aodh') - is_expected.to contain_aodh_config('database/connection').with_value( params[:database_connection] ).with_secret(true) - end - - end - - context 'with incorrect database_connection string' do - let :params do - { :database_connection => 'redis://aodh:aodh@localhost/aodh', } - end - - it_raises 'a Puppet::Error', /validate_re/ - end - - context 'with incorrect pymysql database_connection string' do - let :params do - { :database_connection => 'foo+pymysql://aodh:aodh@localhost/aodh', } - end - - it_raises 'a Puppet::Error', /validate_re/ - end - end - - shared_examples_for 'aodh::db on Debian' do - context 'with sqlite backend' do - let :params do - { :database_connection => 'sqlite:///var/lib/aodh/aodh.sqlite', } - end - - it 'install the proper backend package' do - is_expected.to contain_package('aodh-backend-package').with( - :ensure => 'present', - :name => 'python-pysqlite2', - :tag => 'openstack' - ) - end - end - - context 'using pymysql driver' do - let :params do - { :database_connection => 'mysql+pymysql://aodh:aodh@localhost/aodh', } - end - - it 'install the proper backend package' do - is_expected.to contain_package('aodh-backend-package').with( - :ensure => 'present', - :name => 'python-pymysql', - :tag => 'openstack' - ) - end - end - end - - shared_examples_for 'aodh::db on RedHat' do - context 'using pymysql driver' do - let :params do - { :database_connection => 'mysql+pymysql://aodh:aodh@localhost/aodh', } - end - - it { is_expected.not_to contain_package('aodh-backend-package') } - end - end - - on_supported_os({ - :supported_os => OSDefaults.get_supported_os - }).each do |os,facts| - context "on #{os}" do - let (:facts) do - facts.merge!(OSDefaults.get_facts()) - end - - case facts[:osfamily] - when 'Debian' - it_configures 'aodh::db on Debian' - when 'RedHat' - it_configures 'aodh::db on RedHat' - end - it_configures 'aodh::db' - end - end -end - diff --git a/aodh/spec/classes/aodh_evaluator_spec.rb b/aodh/spec/classes/aodh_evaluator_spec.rb deleted file mode 100644 index 343fe0f58..000000000 --- a/aodh/spec/classes/aodh_evaluator_spec.rb +++ /dev/null @@ -1,113 +0,0 @@ -require 'spec_helper' - -describe 'aodh::evaluator' do - - let :pre_condition do - "class { '::aodh': }" - end - - let :params do - { :enabled => true } - end - - shared_examples_for 'aodh-evaluator' do - - context 'with coordination' do - before do - params.merge!({ :coordination_url => 'redis://localhost:6379' }) - end - - it 'configures backend_url' do - is_expected.to contain_aodh_config('coordination/backend_url').with_value('redis://localhost:6379') - end - end - - context 'when enabled' do - it { is_expected.to contain_class('aodh::params') } - - it 'installs aodh-evaluator package' do - is_expected.to contain_package(platform_params[:evaluator_package_name]).with( - :ensure => 'present', - :tag => ['openstack', 'aodh-package'] - ) - end - - it 'configures aodh-evaluator service' do - is_expected.to contain_service('aodh-evaluator').with( - :ensure => 'running', - :name => platform_params[:evaluator_service_name], - :enable => true, - :hasstatus => true, - :hasrestart => true, - :tag => ['aodh-service','aodh-db-sync-service'] - ) - end - - end - - context 'when disabled' do - let :params do - { :enabled => false } - end - - # Catalog compilation does not crash for lack of aodh::db - it { is_expected.to compile } - it 'configures aodh-evaluator service' do - is_expected.to contain_service('aodh-evaluator').with( - :ensure => 'stopped', - :name => platform_params[:evaluator_service_name], - :enable => false, - :hasstatus => true, - :hasrestart => true, - :tag => ['aodh-service','aodh-db-sync-service'] - ) - end - end - - context 'when service management is disabled' do - let :params do - { :enabled => false, - :manage_service => false } - end - - it 'configures aodh-evaluator service' do - is_expected.to contain_service('aodh-evaluator').with( - :ensure => nil, - :name => platform_params[:evaluator_service_name], - :enable => false, - :hasstatus => true, - :hasrestart => true, - :tag => ['aodh-service','aodh-db-sync-service'] - ) - end - end - end - - on_supported_os({ - :supported_os => OSDefaults.get_supported_os - }).each do |os,facts| - context "on #{os}" do - let (:facts) do - facts.merge!(OSDefaults.get_facts({ - :fqdn => 'some.host.tld', - :processorcount => 2, - :concat_basedir => '/var/lib/puppet/concat' - })) - end - - let(:platform_params) do - case facts[:osfamily] - when 'Debian' - { :evaluator_package_name => 'aodh-evaluator', - :evaluator_service_name => 'aodh-evaluator' } - when 'RedHat' - { :evaluator_package_name => 'openstack-aodh-evaluator', - :evaluator_service_name => 'openstack-aodh-evaluator' } - end - end - it_configures 'aodh-evaluator' - end - end - - -end diff --git a/aodh/spec/classes/aodh_init_spec.rb b/aodh/spec/classes/aodh_init_spec.rb deleted file mode 100644 index d593ff695..000000000 --- a/aodh/spec/classes/aodh_init_spec.rb +++ /dev/null @@ -1,242 +0,0 @@ -require 'spec_helper' - -describe 'aodh' do - - shared_examples 'aodh' do - - context 'with default parameters' do - it 'contains the logging class' do - is_expected.to contain_class('aodh::logging') - end - - it 'installs packages' do - is_expected.to contain_package('aodh').with( - :name => platform_params[:aodh_common_package], - :ensure => 'present', - :tag => ['openstack', 'aodh-package'] - ) - end - - it 'configures rabbit' do - is_expected.to contain_aodh_config('DEFAULT/rpc_backend').with_value('rabbit') - is_expected.to contain_aodh_config('oslo_messaging_rabbit/rabbit_host').with_value('localhost') - is_expected.to contain_aodh_config('oslo_messaging_rabbit/rabbit_password').with_value('guest').with_secret(true) - is_expected.to contain_aodh_config('oslo_messaging_rabbit/rabbit_port').with_value('5672') - is_expected.to contain_aodh_config('oslo_messaging_rabbit/rabbit_userid').with_value('guest') - is_expected.to contain_aodh_config('oslo_messaging_rabbit/rabbit_virtual_host').with_value('/') - is_expected.to contain_aodh_config('oslo_messaging_rabbit/heartbeat_timeout_threshold').with_value('0') - is_expected.to contain_aodh_config('oslo_messaging_rabbit/heartbeat_rate').with_value('2') - is_expected.to contain_aodh_config('DEFAULT/notification_driver').with_ensure('absent') - is_expected.to contain_aodh_config('database/alarm_history_time_to_live').with_value('') - end - end - - context 'with overridden parameters' do - let :params do - { :verbose => true, - :debug => true, - :rabbit_host => 'rabbit', - :rabbit_userid => 'rabbit_user', - :rabbit_port => '5673', - :rabbit_password => 'password', - :rabbit_ha_queues => 'undef', - :rabbit_heartbeat_timeout_threshold => '60', - :rabbit_heartbeat_rate => '10', - :ensure_package => '2012.1.1-15.el6', - :gnocchi_url => 'http://127.0.0.1:8041', - :notification_driver => 'ceilometer.compute.aodh_notifier', - :notification_topics => 'openstack', - :alarm_history_time_to_live => '604800', - } - end - - it 'configures rabbit' do - is_expected.to contain_aodh_config('DEFAULT/rpc_backend').with_value('rabbit') - is_expected.to contain_aodh_config('oslo_messaging_rabbit/rabbit_host').with_value('rabbit') - is_expected.to contain_aodh_config('oslo_messaging_rabbit/rabbit_password').with_value('password').with_secret(true) - is_expected.to contain_aodh_config('oslo_messaging_rabbit/rabbit_port').with_value('5673') - is_expected.to contain_aodh_config('oslo_messaging_rabbit/rabbit_userid').with_value('rabbit_user') - is_expected.to contain_aodh_config('oslo_messaging_rabbit/rabbit_virtual_host').with_value('/') - is_expected.to contain_aodh_config('oslo_messaging_rabbit/heartbeat_timeout_threshold').with_value('60') - is_expected.to contain_aodh_config('oslo_messaging_rabbit/heartbeat_rate').with_value('10') - is_expected.to contain_aodh_config('database/alarm_history_time_to_live').with_value('604800') - end - - it 'configures various things' do - is_expected.to contain_aodh_config('DEFAULT/notification_driver').with_value('ceilometer.compute.aodh_notifier') - is_expected.to contain_aodh_config('DEFAULT/notification_topics').with_value('openstack') - is_expected.to contain_aodh_config('DEFAULT/gnocchi_url').with_value('http://127.0.0.1:8041') - end - - context 'with multiple notification_driver' do - before { params.merge!( :notification_driver => ['ceilometer.compute.aodh_notifier', 'aodh.openstack.common.notifier.rpc_notifier']) } - - it { is_expected.to contain_aodh_config('DEFAULT/notification_driver').with_value( - 'ceilometer.compute.aodh_notifier,aodh.openstack.common.notifier.rpc_notifier' - ) } - end - - end - - context 'with rabbit_hosts parameter' do - let :params do - { :rabbit_hosts => ['rabbit:5673', 'rabbit2:5674'] } - end - - it 'configures rabbit' do - is_expected.to_not contain_aodh_config('oslo_messaging_rabbit/rabbit_host') - is_expected.to_not contain_aodh_config('oslo_messaging_rabbit/rabbit_port') - is_expected.to contain_aodh_config('oslo_messaging_rabbit/rabbit_hosts').with_value('rabbit:5673,rabbit2:5674') - is_expected.to contain_aodh_config('oslo_messaging_rabbit/rabbit_ha_queues').with_value(true) - is_expected.to contain_aodh_config('oslo_messaging_rabbit/rabbit_use_ssl').with_value(false) - is_expected.to contain_aodh_config('oslo_messaging_rabbit/kombu_reconnect_delay').with_value('1.0') - is_expected.to contain_aodh_config('DEFAULT/amqp_durable_queues').with_value(false) - is_expected.to contain_aodh_config('oslo_messaging_rabbit/kombu_ssl_ca_certs').with_ensure('absent') - is_expected.to contain_aodh_config('oslo_messaging_rabbit/kombu_ssl_certfile').with_ensure('absent') - is_expected.to contain_aodh_config('oslo_messaging_rabbit/kombu_ssl_keyfile').with_ensure('absent') - is_expected.to contain_aodh_config('oslo_messaging_rabbit/kombu_ssl_version').with_ensure('absent') - end - end - - context 'with rabbit_hosts parameter (one server)' do - let :params do - { :rabbit_hosts => ['rabbit:5673'] } - end - - it 'configures rabbit' do - is_expected.to_not contain_aodh_config('oslo_messaging_rabbit/rabbit_host') - is_expected.to_not contain_aodh_config('oslo_messaging_rabbit/rabbit_port') - is_expected.to contain_aodh_config('oslo_messaging_rabbit/rabbit_hosts').with_value('rabbit:5673') - is_expected.to contain_aodh_config('oslo_messaging_rabbit/rabbit_ha_queues').with_value(true) - is_expected.to contain_aodh_config('oslo_messaging_rabbit/rabbit_use_ssl').with_value(false) - is_expected.to contain_aodh_config('oslo_messaging_rabbit/kombu_reconnect_delay').with_value('1.0') - is_expected.to contain_aodh_config('DEFAULT/amqp_durable_queues').with_value(false) - end - end - - context 'with kombu_reconnect_delay set to 5.0' do - let :params do - { :kombu_reconnect_delay => '5.0' } - end - - it 'configures rabbit' do - is_expected.to contain_aodh_config('oslo_messaging_rabbit/kombu_reconnect_delay').with_value('5.0') - end - end - - context 'with rabbit_ha_queues set to true' do - let :params do - { :rabbit_ha_queues => 'true' } - end - - it 'configures rabbit' do - is_expected.to contain_aodh_config('oslo_messaging_rabbit/rabbit_ha_queues').with_value(true) - end - end - - context 'with rabbit_ha_queues set to false and with rabbit_hosts' do - let :params do - { :rabbit_ha_queues => 'false', - :rabbit_hosts => ['rabbit:5673'] } - end - - it 'configures rabbit' do - is_expected.to contain_aodh_config('oslo_messaging_rabbit/rabbit_ha_queues').with_value(false) - end - end - - context 'with amqp_durable_queues parameter' do - let :params do - { :rabbit_hosts => ['rabbit:5673'], - :amqp_durable_queues => 'true' } - end - - it 'configures rabbit' do - is_expected.to_not contain_aodh_config('oslo_messaging_rabbit/rabbit_host') - is_expected.to_not contain_aodh_config('oslo_messaging_rabbit/rabbit_port') - is_expected.to contain_aodh_config('oslo_messaging_rabbit/rabbit_hosts').with_value('rabbit:5673') - is_expected.to contain_aodh_config('oslo_messaging_rabbit/rabbit_ha_queues').with_value(true) - is_expected.to contain_aodh_config('oslo_messaging_rabbit/rabbit_use_ssl').with_value(false) - is_expected.to contain_aodh_config('DEFAULT/amqp_durable_queues').with_value(true) - is_expected.to contain_aodh_config('oslo_messaging_rabbit/kombu_ssl_ca_certs').with_ensure('absent') - is_expected.to contain_aodh_config('oslo_messaging_rabbit/kombu_ssl_certfile').with_ensure('absent') - is_expected.to contain_aodh_config('oslo_messaging_rabbit/kombu_ssl_keyfile').with_ensure('absent') - is_expected.to contain_aodh_config('oslo_messaging_rabbit/kombu_ssl_version').with_ensure('absent') - end - end - - context 'with rabbit ssl enabled with kombu' do - let :params do - { :rabbit_hosts => ['rabbit:5673'], - :rabbit_use_ssl => 'true', - :kombu_ssl_ca_certs => '/etc/ca.cert', - :kombu_ssl_certfile => '/etc/certfile', - :kombu_ssl_keyfile => '/etc/key', - :kombu_ssl_version => 'TLSv1', } - end - - it 'configures rabbit' do - is_expected.to contain_aodh_config('oslo_messaging_rabbit/rabbit_use_ssl').with_value(true) - is_expected.to contain_aodh_config('oslo_messaging_rabbit/kombu_ssl_ca_certs').with_value('/etc/ca.cert') - is_expected.to contain_aodh_config('oslo_messaging_rabbit/kombu_ssl_certfile').with_value('/etc/certfile') - is_expected.to contain_aodh_config('oslo_messaging_rabbit/kombu_ssl_keyfile').with_value('/etc/key') - is_expected.to contain_aodh_config('oslo_messaging_rabbit/kombu_ssl_version').with_value('TLSv1') - end - end - - context 'with rabbit ssl enabled without kombu' do - let :params do - { :rabbit_hosts => ['rabbit:5673'], - :rabbit_use_ssl => 'true', } - end - - it 'configures rabbit' do - is_expected.to contain_aodh_config('oslo_messaging_rabbit/rabbit_use_ssl').with_value(true) - is_expected.to contain_aodh_config('oslo_messaging_rabbit/kombu_ssl_ca_certs').with_ensure('absent') - is_expected.to contain_aodh_config('oslo_messaging_rabbit/kombu_ssl_certfile').with_ensure('absent') - is_expected.to contain_aodh_config('oslo_messaging_rabbit/kombu_ssl_keyfile').with_ensure('absent') - is_expected.to contain_aodh_config('oslo_messaging_rabbit/kombu_ssl_version').with_value('TLSv1') - end - end - - context 'with rabbit ssl disabled' do - let :params do - { - :rabbit_password => 'pass', - :rabbit_use_ssl => false, - :kombu_ssl_version => 'TLSv1', - } - end - - it 'configures rabbit' do - is_expected.to contain_aodh_config('oslo_messaging_rabbit/rabbit_use_ssl').with_value('false') - is_expected.to contain_aodh_config('oslo_messaging_rabbit/kombu_ssl_ca_certs').with_ensure('absent') - is_expected.to contain_aodh_config('oslo_messaging_rabbit/kombu_ssl_certfile').with_ensure('absent') - is_expected.to contain_aodh_config('oslo_messaging_rabbit/kombu_ssl_keyfile').with_ensure('absent') - is_expected.to contain_aodh_config('oslo_messaging_rabbit/kombu_ssl_version').with_ensure('absent') - end - end - end - - on_supported_os({ - :supported_os => OSDefaults.get_supported_os - }).each do |os,facts| - context "on #{os}" do - let (:facts) do - facts.merge!(OSDefaults.get_facts()) - end - - let(:platform_params) do - case facts[:osfamily] - when 'Debian' - { :aodh_common_package => 'aodh-common' } - when 'RedHat' - { :aodh_common_package => 'openstack-aodh-common' } - end - end - it_behaves_like 'aodh' - end - end - - -end diff --git a/aodh/spec/classes/aodh_keystone_auth_spec.rb b/aodh/spec/classes/aodh_keystone_auth_spec.rb deleted file mode 100644 index 457f7f03a..000000000 --- a/aodh/spec/classes/aodh_keystone_auth_spec.rb +++ /dev/null @@ -1,120 +0,0 @@ -# -# Unit tests for aodh::keystone::auth -# - -require 'spec_helper' - -describe 'aodh::keystone::auth' do - - let :facts do - { :osfamily => 'Debian' } - end - - describe 'with default class parameters' do - let :params do - { :password => 'aodh_password', - :tenant => 'foobar' } - end - - it { is_expected.to contain_keystone_user('aodh').with( - :ensure => 'present', - :password => 'aodh_password', - ) } - - it { is_expected.to contain_keystone_user_role('aodh@foobar').with( - :ensure => 'present', - :roles => ['admin'] - )} - - it { is_expected.to contain_keystone_service('aodh::alarming').with( - :ensure => 'present', - :description => 'OpenStack Alarming Service' - ) } - - it { is_expected.to contain_keystone_endpoint('RegionOne/aodh::alarming').with( - :ensure => 'present', - :public_url => 'http://127.0.0.1:8042', - :admin_url => 'http://127.0.0.1:8042', - :internal_url => 'http://127.0.0.1:8042', - ) } - end - - describe 'when overriding URL parameters' do - let :params do - { :password => 'aodh_password', - :public_url => 'https://10.10.10.10:80', - :internal_url => 'http://10.10.10.11:81', - :admin_url => 'http://10.10.10.12:81' } - end - - it { is_expected.to contain_keystone_endpoint('RegionOne/aodh::alarming').with( - :ensure => 'present', - :public_url => 'https://10.10.10.10:80', - :internal_url => 'http://10.10.10.11:81', - :admin_url => 'http://10.10.10.12:81' - ) } - end - - describe 'when overriding auth name' do - let :params do - { :password => 'foo', - :auth_name => 'aodhany' } - end - - it { is_expected.to contain_keystone_user('aodhany') } - it { is_expected.to contain_keystone_user_role('aodhany@services') } - it { is_expected.to contain_keystone_service('aodhany::alarming') } - it { is_expected.to contain_keystone_endpoint('RegionOne/aodhany::alarming') } - end - - describe 'when overriding service name' do - let :params do - { :service_name => 'aodh_service', - :auth_name => 'aodh', - :password => 'aodh_password' } - end - - it { is_expected.to contain_keystone_user('aodh') } - it { is_expected.to contain_keystone_user_role('aodh@services') } - it { is_expected.to contain_keystone_service('aodh_service::alarming') } - it { is_expected.to contain_keystone_endpoint('RegionOne/aodh_service::alarming') } - end - - describe 'when disabling user configuration' do - - let :params do - { - :password => 'aodh_password', - :configure_user => false - } - end - - it { is_expected.not_to contain_keystone_user('aodh') } - it { is_expected.to contain_keystone_user_role('aodh@services') } - it { is_expected.to contain_keystone_service('aodh::alarming').with( - :ensure => 'present', - :description => 'OpenStack Alarming Service' - ) } - - end - - describe 'when disabling user and user role configuration' do - - let :params do - { - :password => 'aodh_password', - :configure_user => false, - :configure_user_role => false - } - end - - it { is_expected.not_to contain_keystone_user('aodh') } - it { is_expected.not_to contain_keystone_user_role('aodh@services') } - it { is_expected.to contain_keystone_service('aodh::alarming').with( - :ensure => 'present', - :description => 'OpenStack Alarming Service' - ) } - - end - -end diff --git a/aodh/spec/classes/aodh_listener_spec.rb b/aodh/spec/classes/aodh_listener_spec.rb deleted file mode 100644 index da83ed987..000000000 --- a/aodh/spec/classes/aodh_listener_spec.rb +++ /dev/null @@ -1,95 +0,0 @@ -require 'spec_helper' - -describe 'aodh::listener' do - - let :pre_condition do - "class { '::aodh': }" - end - - shared_examples_for 'aodh-listener' do - - context 'when enabled' do - it { is_expected.to contain_class('aodh::params') } - - it 'installs aodh-listener package' do - is_expected.to contain_package(platform_params[:listener_package_name]).with( - :ensure => 'present', - :tag => ['openstack', 'aodh-package'] - ) - end - - it 'configures aodh-listener service' do - is_expected.to contain_service('aodh-listener').with( - :ensure => 'running', - :name => platform_params[:listener_service_name], - :enable => true, - :hasstatus => true, - :hasrestart => true, - :tag => 'aodh-service', - ) - end - - end - - context 'when disabled' do - let :params do - { :enabled => false } - end - - # Catalog compilation does not crash for lack of aodh::db - it { is_expected.to compile } - it 'configures aodh-listener service' do - is_expected.to contain_service('aodh-listener').with( - :ensure => 'stopped', - :name => platform_params[:listener_service_name], - :enable => false, - :hasstatus => true, - :hasrestart => true, - :tag => 'aodh-service', - ) - end - end - - context 'when service management is disabled' do - let :params do - { :enabled => false, - :manage_service => false } - end - - it 'configures aodh-listener service' do - is_expected.to contain_service('aodh-listener').with( - :ensure => nil, - :name => platform_params[:listener_service_name], - :enable => false, - :hasstatus => true, - :hasrestart => true, - :tag => 'aodh-service', - ) - end - end - end - - on_supported_os({ - :supported_os => OSDefaults.get_supported_os - }).each do |os,facts| - context "on #{os}" do - let (:facts) do - facts.merge!(OSDefaults.get_facts()) - end - - let(:platform_params) do - case facts[:osfamily] - when 'Debian' - { :listener_package_name => 'aodh-listener', - :listener_service_name => 'aodh-listener' } - when 'RedHat' - { :listener_package_name => 'openstack-aodh-listener', - :listener_service_name => 'openstack-aodh-listener' } - end - end - it_configures 'aodh-listener' - end - end - - -end diff --git a/aodh/spec/classes/aodh_logging_spec.rb b/aodh/spec/classes/aodh_logging_spec.rb deleted file mode 100644 index 1281e20dc..000000000 --- a/aodh/spec/classes/aodh_logging_spec.rb +++ /dev/null @@ -1,140 +0,0 @@ -require 'spec_helper' - -describe 'aodh::logging' do - - let :params do - { - } - end - - let :log_params do - { - :logging_context_format_string => '%(asctime)s.%(msecs)03d %(process)d %(levelname)s %(name)s [%(request_id)s %(user_identity)s] %(instance)s%(message)s', - :logging_default_format_string => '%(asctime)s.%(msecs)03d %(process)d %(levelname)s %(name)s [-] %(instance)s%(message)s', - :logging_debug_format_suffix => '%(funcName)s %(pathname)s:%(lineno)d', - :logging_exception_prefix => '%(asctime)s.%(msecs)03d %(process)d TRACE %(name)s %(instance)s', - :log_config_append => '/etc/aodh/logging.conf', - :publish_errors => true, - :default_log_levels => { - 'amqp' => 'WARN', 'amqplib' => 'WARN', 'boto' => 'WARN', - 'qpid' => 'WARN', 'sqlalchemy' => 'WARN', 'suds' => 'INFO', - 'iso8601' => 'WARN', - 'requests.packages.urllib3.connectionpool' => 'WARN' }, - :fatal_deprecations => true, - :instance_format => '[instance: %(uuid)s] ', - :instance_uuid_format => '[instance: %(uuid)s] ', - :log_date_format => '%Y-%m-%d %H:%M:%S', - :use_syslog => true, - :use_stderr => false, - :log_facility => 'LOG_FOO', - :log_dir => '/var/log', - :verbose => true, - :debug => true, - } - end - - shared_examples_for 'aodh-logging' do - - context 'with basic logging options and default settings' do - it_configures 'basic default logging settings' - end - - context 'with basic logging options and non-default settings' do - before { params.merge!( log_params ) } - it_configures 'basic non-default logging settings' - end - - context 'with extended logging options' do - before { params.merge!( log_params ) } - it_configures 'logging params set' - end - - context 'without extended logging options' do - it_configures 'logging params unset' - end - - end - - shared_examples 'basic default logging settings' do - it 'configures aodh logging settings with default values' do - is_expected.to contain_aodh_config('DEFAULT/use_syslog').with(:value => '') - is_expected.to contain_aodh_config('DEFAULT/use_stderr').with(:value => '') - is_expected.to contain_aodh_config('DEFAULT/syslog_log_facility').with(:value => '') - is_expected.to contain_aodh_config('DEFAULT/log_dir').with(:value => '/var/log/aodh') - is_expected.to contain_aodh_config('DEFAULT/verbose').with(:value => '') - is_expected.to contain_aodh_config('DEFAULT/debug').with(:value => '') - end - end - - shared_examples 'basic non-default logging settings' do - it 'configures aodh logging settins with non-default values' do - is_expected.to contain_aodh_config('DEFAULT/use_syslog').with(:value => 'true') - is_expected.to contain_aodh_config('DEFAULT/use_stderr').with(:value => 'false') - is_expected.to contain_aodh_config('DEFAULT/syslog_log_facility').with(:value => 'LOG_FOO') - is_expected.to contain_aodh_config('DEFAULT/log_dir').with(:value => '/var/log') - is_expected.to contain_aodh_config('DEFAULT/verbose').with(:value => 'true') - is_expected.to contain_aodh_config('DEFAULT/debug').with(:value => 'true') - end - end - - shared_examples_for 'logging params set' do - it 'enables logging params' do - is_expected.to contain_aodh_config('DEFAULT/logging_context_format_string').with_value( - '%(asctime)s.%(msecs)03d %(process)d %(levelname)s %(name)s [%(request_id)s %(user_identity)s] %(instance)s%(message)s') - - is_expected.to contain_aodh_config('DEFAULT/logging_default_format_string').with_value( - '%(asctime)s.%(msecs)03d %(process)d %(levelname)s %(name)s [-] %(instance)s%(message)s') - - is_expected.to contain_aodh_config('DEFAULT/logging_debug_format_suffix').with_value( - '%(funcName)s %(pathname)s:%(lineno)d') - - is_expected.to contain_aodh_config('DEFAULT/logging_exception_prefix').with_value( - '%(asctime)s.%(msecs)03d %(process)d TRACE %(name)s %(instance)s') - - is_expected.to contain_aodh_config('DEFAULT/log_config_append').with_value( - '/etc/aodh/logging.conf') - is_expected.to contain_aodh_config('DEFAULT/publish_errors').with_value( - true) - - is_expected.to contain_aodh_config('DEFAULT/default_log_levels').with_value( - 'amqp=WARN,amqplib=WARN,boto=WARN,iso8601=WARN,qpid=WARN,requests.packages.urllib3.connectionpool=WARN,sqlalchemy=WARN,suds=INFO') - - is_expected.to contain_aodh_config('DEFAULT/fatal_deprecations').with_value( - true) - - is_expected.to contain_aodh_config('DEFAULT/instance_format').with_value( - '[instance: %(uuid)s] ') - - is_expected.to contain_aodh_config('DEFAULT/instance_uuid_format').with_value( - '[instance: %(uuid)s] ') - - is_expected.to contain_aodh_config('DEFAULT/log_date_format').with_value( - '%Y-%m-%d %H:%M:%S') - end - end - - - shared_examples_for 'logging params unset' do - [ :logging_context_format_string, :logging_default_format_string, - :logging_debug_format_suffix, :logging_exception_prefix, - :log_config_append, :publish_errors, - :default_log_levels, :fatal_deprecations, - :instance_format, :instance_uuid_format, - :log_date_format, ].each { |param| - it { is_expected.to contain_aodh_config("DEFAULT/#{param}").with(:value => '') } - } - end - - on_supported_os({ - :supported_os => OSDefaults.get_supported_os - }).each do |os,facts| - context "on #{os}" do - let (:facts) do - facts.merge!(OSDefaults.get_facts()) - end - - it_configures 'aodh-logging' - end - end - -end diff --git a/aodh/spec/classes/aodh_notifier_spec.rb b/aodh/spec/classes/aodh_notifier_spec.rb deleted file mode 100644 index 14409a3b0..000000000 --- a/aodh/spec/classes/aodh_notifier_spec.rb +++ /dev/null @@ -1,94 +0,0 @@ -require 'spec_helper' - -describe 'aodh::notifier' do - - let :pre_condition do - "class { '::aodh': }" - end - - shared_examples_for 'aodh-notifier' do - - context 'when enabled' do - it { is_expected.to contain_class('aodh::params') } - - it 'installs aodh-notifier package' do - is_expected.to contain_package(platform_params[:notifier_package_name]).with( - :ensure => 'present', - :tag => ['openstack', 'aodh-package'] - ) - end - - it 'configures aodh-notifier service' do - is_expected.to contain_service('aodh-notifier').with( - :ensure => 'running', - :name => platform_params[:notifier_service_name], - :enable => true, - :hasstatus => true, - :hasrestart => true, - :tag => 'aodh-service', - ) - end - - end - - context 'when disabled' do - let :params do - { :enabled => false } - end - - # Catalog compilation does not crash for lack of aodh::db - it { is_expected.to compile } - it 'configures aodh-notifier service' do - is_expected.to contain_service('aodh-notifier').with( - :ensure => 'stopped', - :name => platform_params[:notifier_service_name], - :enable => false, - :hasstatus => true, - :hasrestart => true, - :tag => 'aodh-service', - ) - end - end - - context 'when service management is disabled' do - let :params do - { :enabled => false, - :manage_service => false } - end - - it 'configures aodh-notifier service' do - is_expected.to contain_service('aodh-notifier').with( - :ensure => nil, - :name => platform_params[:notifier_service_name], - :enable => false, - :hasstatus => true, - :hasrestart => true, - :tag => 'aodh-service', - ) - end - end - end - - on_supported_os({ - :supported_os => OSDefaults.get_supported_os - }).each do |os,facts| - context "on #{os}" do - let (:facts) do - facts.merge!(OSDefaults.get_facts()) - end - - let(:platform_params) do - case facts[:osfamily] - when 'Debian' - { :notifier_package_name => 'aodh-notifier', - :notifier_service_name => 'aodh-notifier' } - when 'RedHat' - { :notifier_package_name => 'openstack-aodh-notifier', - :notifier_service_name => 'openstack-aodh-notifier' } - end - end - it_configures 'aodh-notifier' - end - end - -end diff --git a/aodh/spec/classes/aodh_policy_spec.rb b/aodh/spec/classes/aodh_policy_spec.rb deleted file mode 100644 index 6a45d2b31..000000000 --- a/aodh/spec/classes/aodh_policy_spec.rb +++ /dev/null @@ -1,38 +0,0 @@ -require 'spec_helper' - -describe 'aodh::policy' do - - shared_examples_for 'aodh policies' do - let :params do - { - :policy_path => '/etc/aodh/policy.json', - :policies => { - 'context_is_admin' => { - 'key' => 'context_is_admin', - 'value' => 'foo:bar' - } - } - } - end - - it 'set up the policies' do - is_expected.to contain_openstacklib__policy__base('context_is_admin').with({ - :key => 'context_is_admin', - :value => 'foo:bar' - }) - end - end - - on_supported_os({ - :supported_os => OSDefaults.get_supported_os - }).each do |os,facts| - context "on #{os}" do - let (:facts) do - facts.merge!(OSDefaults.get_facts()) - end - - it_configures 'aodh policies' - end - end - -end diff --git a/aodh/spec/classes/aodh_wsgi_apache_spec.rb b/aodh/spec/classes/aodh_wsgi_apache_spec.rb deleted file mode 100644 index f6cfb6c62..000000000 --- a/aodh/spec/classes/aodh_wsgi_apache_spec.rb +++ /dev/null @@ -1,111 +0,0 @@ -require 'spec_helper' - -describe 'aodh::wsgi::apache' do - - shared_examples_for 'apache serving aodh with mod_wsgi' do - it { is_expected.to contain_service('httpd').with_name(platform_parameters[:httpd_service_name]) } - it { is_expected.to contain_class('aodh::params') } - it { is_expected.to contain_class('apache') } - it { is_expected.to contain_class('apache::mod::wsgi') } - - describe 'with default parameters' do - - it { is_expected.to contain_file("#{platform_parameters[:wsgi_script_path]}").with( - 'ensure' => 'directory', - 'owner' => 'aodh', - 'group' => 'aodh', - 'require' => 'Package[httpd]' - )} - - - it { is_expected.to contain_file('aodh_wsgi').with( - 'ensure' => 'file', - 'path' => "#{platform_parameters[:wsgi_script_path]}/app", - 'source' => platform_parameters[:wsgi_script_source], - 'owner' => 'aodh', - 'group' => 'aodh', - 'mode' => '0644' - )} - it { is_expected.to contain_file('aodh_wsgi').that_requires("File[#{platform_parameters[:wsgi_script_path]}]") } - - it { is_expected.to contain_apache__vhost('aodh_wsgi').with( - 'servername' => 'some.host.tld', - 'ip' => nil, - 'port' => '8042', - 'docroot' => "#{platform_parameters[:wsgi_script_path]}", - 'docroot_owner' => 'aodh', - 'docroot_group' => 'aodh', - 'ssl' => 'true', - 'wsgi_daemon_process' => 'aodh', - 'wsgi_process_group' => 'aodh', - 'wsgi_script_aliases' => { '/' => "#{platform_parameters[:wsgi_script_path]}/app" }, - 'require' => 'File[aodh_wsgi]' - )} - it { is_expected.to contain_file("#{platform_parameters[:httpd_ports_file]}") } - end - - describe 'when overriding parameters using different ports' do - let :params do - { - :servername => 'dummy.host', - :bind_host => '10.42.51.1', - :port => 12345, - :ssl => false, - :workers => 37, - } - end - - it { is_expected.to contain_apache__vhost('aodh_wsgi').with( - 'servername' => 'dummy.host', - 'ip' => '10.42.51.1', - 'port' => '12345', - 'docroot' => "#{platform_parameters[:wsgi_script_path]}", - 'docroot_owner' => 'aodh', - 'docroot_group' => 'aodh', - 'ssl' => 'false', - 'wsgi_daemon_process' => 'aodh', - 'wsgi_process_group' => 'aodh', - 'wsgi_script_aliases' => { '/' => "#{platform_parameters[:wsgi_script_path]}/app" }, - 'require' => 'File[aodh_wsgi]' - )} - - it { is_expected.to contain_file("#{platform_parameters[:httpd_ports_file]}") } - end - end - - on_supported_os({ - :supported_os => OSDefaults.get_supported_os - }).each do |os,facts| - context "on #{os}" do - let (:facts) do - facts.merge!(OSDefaults.get_facts({ - :processorcount => 42, - :concat_basedir => '/var/lib/puppet/concat', - :fqdn => 'some.host.tld' - })) - end - - let(:platform_parameters) do - case facts[:osfamily] - when 'Debian' - { - :httpd_service_name => 'apache2', - :httpd_ports_file => '/etc/apache2/ports.conf', - :wsgi_script_path => '/usr/lib/cgi-bin/aodh', - :wsgi_script_source => '/usr/share/aodh-common/app.wsgi' - } - when 'RedHat' - { - :httpd_service_name => 'httpd', - :httpd_ports_file => '/etc/httpd/conf/ports.conf', - :wsgi_script_path => '/var/www/cgi-bin/aodh', - :wsgi_script_source => '/usr/lib/python2.7/site-packages/aodh/api/app.wsgi' - } - - end - end - it_configures 'apache serving aodh with mod_wsgi' - end - end - -end diff --git a/aodh/spec/shared_examples.rb b/aodh/spec/shared_examples.rb deleted file mode 100644 index fec0eacc9..000000000 --- a/aodh/spec/shared_examples.rb +++ /dev/null @@ -1,5 +0,0 @@ -shared_examples_for "a Puppet::Error" do |description| - it "with message matching #{description.inspect}" do - expect { is_expected.to have_class_count(1) }.to raise_error(Puppet::Error, description) - end -end diff --git a/aodh/spec/spec_helper.rb b/aodh/spec/spec_helper.rb deleted file mode 100644 index c3bab73f8..000000000 --- a/aodh/spec/spec_helper.rb +++ /dev/null @@ -1,18 +0,0 @@ -require 'puppetlabs_spec_helper/module_spec_helper' -require 'shared_examples' - -require 'rspec-puppet-facts' -require 'puppet-openstack_spec_helper/defaults' -include RspecPuppetFacts - -RSpec.configure do |c| - c.alias_it_should_behave_like_to :it_configures, 'configures' - c.alias_it_should_behave_like_to :it_raises, 'raises' - # TODO(aschultz): remove this after all tests converted to use OSDefaults - # instead of referencing @default_facts - c.before :each do - @default_facts = OSDefaults.get_facts - end -end - -at_exit { RSpec::Puppet::Coverage.report! } diff --git a/aodh/spec/spec_helper_acceptance.rb b/aodh/spec/spec_helper_acceptance.rb deleted file mode 100644 index 9196bc99b..000000000 --- a/aodh/spec/spec_helper_acceptance.rb +++ /dev/null @@ -1 +0,0 @@ -require 'puppet-openstack_spec_helper/beaker_spec_helper' diff --git a/aodh/spec/unit/provider/aodh_config/ini_setting_spec.rb b/aodh/spec/unit/provider/aodh_config/ini_setting_spec.rb deleted file mode 100644 index e1d4554eb..000000000 --- a/aodh/spec/unit/provider/aodh_config/ini_setting_spec.rb +++ /dev/null @@ -1,68 +0,0 @@ -# -# these tests are a little concerning b/c they are hacking around the -# modulepath, so these tests will not catch issues that may eventually arise -# related to loading these plugins. -# I could not, for the life of me, figure out how to programatcally set the modulepath -$LOAD_PATH.push( - File.join( - File.dirname(__FILE__), - '..', - '..', - '..', - 'fixtures', - 'modules', - 'inifile', - 'lib') -) -$LOAD_PATH.push( - File.join( - File.dirname(__FILE__), - '..', - '..', - '..', - 'fixtures', - 'modules', - 'openstacklib', - 'lib') -) -require 'spec_helper' -provider_class = Puppet::Type.type(:aodh_config).provider(:ini_setting) -describe provider_class do - - it 'should default to the default setting when no other one is specified' do - resource = Puppet::Type::Aodh_config.new( - {:name => 'DEFAULT/foo', :value => 'bar'} - ) - provider = provider_class.new(resource) - expect(provider.section).to eq('DEFAULT') - expect(provider.setting).to eq('foo') - end - - it 'should allow setting to be set explicitly' do - resource = Puppet::Type::Aodh_config.new( - {:name => 'dude/foo', :value => 'bar'} - ) - provider = provider_class.new(resource) - expect(provider.section).to eq('dude') - expect(provider.setting).to eq('foo') - end - - it 'should ensure absent when is specified as a value' do - resource = Puppet::Type::Aodh_config.new( - {:name => 'dude/foo', :value => ''} - ) - provider = provider_class.new(resource) - provider.exists? - expect(resource[:ensure]).to eq :absent - end - - it 'should ensure absent when value matches ensure_absent_val' do - resource = Puppet::Type::Aodh_config.new( - {:name => 'dude/foo', :value => 'foo', :ensure_absent_val => 'foo' } - ) - provider = provider_class.new(resource) - provider.exists? - expect(resource[:ensure]).to eq :absent - end - -end diff --git a/aodh/spec/unit/type/aodh_config_spec.rb b/aodh/spec/unit/type/aodh_config_spec.rb deleted file mode 100644 index 401566763..000000000 --- a/aodh/spec/unit/type/aodh_config_spec.rb +++ /dev/null @@ -1,63 +0,0 @@ -require 'puppet' -require 'puppet/type/aodh_config' -describe 'Puppet::Type.type(:aodh_config)' do - before :each do - @aodh_config = Puppet::Type.type(:aodh_config).new(:name => 'DEFAULT/foo', :value => 'bar') - end - - it 'should require a name' do - expect { - Puppet::Type.type(:aodh_config).new({}) - }.to raise_error(Puppet::Error, 'Title or name must be provided') - end - - it 'should not expect a name with whitespace' do - expect { - Puppet::Type.type(:aodh_config).new(:name => 'f oo') - }.to raise_error(Puppet::Error, /Parameter name failed/) - end - - it 'should fail when there is no section' do - expect { - Puppet::Type.type(:aodh_config).new(:name => 'foo') - }.to raise_error(Puppet::Error, /Parameter name failed/) - end - - it 'should not require a value when ensure is absent' do - Puppet::Type.type(:aodh_config).new(:name => 'DEFAULT/foo', :ensure => :absent) - end - - it 'should accept a valid value' do - @aodh_config[:value] = 'bar' - expect(@aodh_config[:value]).to eq('bar') - end - - it 'should not accept a value with whitespace' do - @aodh_config[:value] = 'b ar' - expect(@aodh_config[:value]).to eq('b ar') - end - - it 'should accept valid ensure values' do - @aodh_config[:ensure] = :present - expect(@aodh_config[:ensure]).to eq(:present) - @aodh_config[:ensure] = :absent - expect(@aodh_config[:ensure]).to eq(:absent) - end - - it 'should not accept invalid ensure values' do - expect { - @aodh_config[:ensure] = :latest - }.to raise_error(Puppet::Error, /Invalid value/) - end - - it 'should autorequire the package that install the file' do - catalog = Puppet::Resource::Catalog.new - package = Puppet::Type.type(:package).new(:name => 'aodh') - catalog.add_resource package, @aodh_config - dependency = @aodh_config.autorequire - expect(dependency.size).to eq(1) - expect(dependency[0].target).to eq(@aodh_config) - expect(dependency[0].source).to eq(package) - end - -end diff --git a/aodh/test-requirements.txt b/aodh/test-requirements.txt deleted file mode 100644 index bedd66690..000000000 --- a/aodh/test-requirements.txt +++ /dev/null @@ -1,4 +0,0 @@ -# this is required for the docs build jobs -sphinx!=1.2.0,!=1.3b1,<1.3,>=1.1.2 -oslosphinx>=2.5.0 # Apache-2.0 -reno>=0.1.1 # Apache-2.0 diff --git a/aodh/tests/init.pp b/aodh/tests/init.pp deleted file mode 100644 index bc42394c7..000000000 --- a/aodh/tests/init.pp +++ /dev/null @@ -1,12 +0,0 @@ -# The baseline for module testing used by Puppet Labs is that each manifest -# should have a corresponding test manifest that declares that class or defined -# type. -# -# Tests are then run by using puppet apply --noop (to check for compilation -# errors and view a log of events) or by fully applying the test in a virtual -# environment (to compare the resulting system state to the desired state). -# -# Learn more about module testing here: -# http://docs.puppetlabs.com/guides/tests_smoke.html -# -include ::aodh diff --git a/aodh/tox.ini b/aodh/tox.ini deleted file mode 100644 index aea06c84f..000000000 --- a/aodh/tox.ini +++ /dev/null @@ -1,8 +0,0 @@ -[tox] -minversion = 1.6 -skipsdist = True -envlist = releasenotes - -[testenv:releasenotes] -deps = -rtest-requirements.txt -commands = sphinx-build -a -E -W -d releasenotes/build/doctrees -b html releasenotes/source releasenotes/build/html diff --git a/apache/.fixtures.yml b/apache/.fixtures.yml deleted file mode 100644 index 6eddf260f..000000000 --- a/apache/.fixtures.yml +++ /dev/null @@ -1,7 +0,0 @@ -fixtures: - repositories: - stdlib: "git://github.com/puppetlabs/puppetlabs-stdlib.git" - concat: "git://github.com/puppetlabs/puppetlabs-concat.git" - portage: "git://github.com/gentoo/puppet-portage.git" - symlinks: - apache: "#{source_dir}" diff --git a/apache/.geppetto-rc.json b/apache/.geppetto-rc.json deleted file mode 100644 index 7df232989..000000000 --- a/apache/.geppetto-rc.json +++ /dev/null @@ -1,9 +0,0 @@ -{ - "excludes": [ - "**/contrib/**", - "**/examples/**", - "**/tests/**", - "**/spec/**", - "**/pkg/**" - ] -} diff --git a/apache/.gitattributes b/apache/.gitattributes deleted file mode 100644 index 900ea0cbb..000000000 --- a/apache/.gitattributes +++ /dev/null @@ -1,5 +0,0 @@ -#This file is generated by ModuleSync, do not edit. -*.rb eol=lf -*.erb eol=lf -*.pp eol=lf -*.sh eol=lf diff --git a/apache/.gitignore b/apache/.gitignore deleted file mode 100644 index dd126f2fb..000000000 --- a/apache/.gitignore +++ /dev/null @@ -1,11 +0,0 @@ -#This file is generated by ModuleSync, do not edit. -pkg/ -Gemfile.lock -vendor/ -spec/fixtures/ -.vagrant/ -.bundle/ -coverage/ -log/ -.idea/ -*.iml diff --git a/apache/.nodeset.yml b/apache/.nodeset.yml deleted file mode 100644 index 767f9cd2f..000000000 --- a/apache/.nodeset.yml +++ /dev/null @@ -1,31 +0,0 @@ ---- -default_set: 'centos-64-x64' -sets: - 'centos-59-x64': - nodes: - "main.foo.vm": - prefab: 'centos-59-x64' - 'centos-64-x64': - nodes: - "main.foo.vm": - prefab: 'centos-64-x64' - 'fedora-18-x64': - nodes: - "main.foo.vm": - prefab: 'fedora-18-x64' - 'debian-607-x64': - nodes: - "main.foo.vm": - prefab: 'debian-607-x64' - 'debian-70rc1-x64': - nodes: - "main.foo.vm": - prefab: 'debian-70rc1-x64' - 'ubuntu-server-10044-x64': - nodes: - "main.foo.vm": - prefab: 'ubuntu-server-10044-x64' - 'ubuntu-server-12042-x64': - nodes: - "main.foo.vm": - prefab: 'ubuntu-server-12042-x64' diff --git a/apache/.puppet-lint.rc b/apache/.puppet-lint.rc deleted file mode 100644 index 0b3cfad25..000000000 --- a/apache/.puppet-lint.rc +++ /dev/null @@ -1,5 +0,0 @@ ---relative ---no-single_quote_string_with_variables-check ---no-80chars-check ---no-class_inherits_from_params_class-check ---no-documentation-check diff --git a/apache/.rspec b/apache/.rspec deleted file mode 100644 index 16f9cdb01..000000000 --- a/apache/.rspec +++ /dev/null @@ -1,2 +0,0 @@ ---color ---format documentation diff --git a/apache/.sync.yml b/apache/.sync.yml deleted file mode 100644 index e5f5f79ba..000000000 --- a/apache/.sync.yml +++ /dev/null @@ -1,7 +0,0 @@ ---- -.travis.yml: -Rakefile: - extra_disabled_lint_checks: - - 'disable_only_variable_string' -spec/spec_helper.rb: - unmanaged: true diff --git a/apache/.travis.yml b/apache/.travis.yml deleted file mode 100644 index 588fb5b00..000000000 --- a/apache/.travis.yml +++ /dev/null @@ -1,20 +0,0 @@ -#This file is generated by ModuleSync, do not edit. ---- -sudo: false -language: ruby -cache: bundler -bundler_args: --without system_tests -script: "bundle exec rake validate lint spec" -matrix: - fast_finish: true - include: - - rvm: 2.1.6 - env: PUPPET_GEM_VERSION="~> 4.0" STRICT_VARIABLES="yes" - - rvm: 2.1.5 - env: PUPPET_GEM_VERSION="~> 3.0" FUTURE_PARSER="yes" - - rvm: 2.1.5 - env: PUPPET_GEM_VERSION="~> 3.0" - - rvm: 1.9.3 - env: PUPPET_GEM_VERSION="~> 3.0" -notifications: - email: false diff --git a/apache/CHANGELOG.md b/apache/CHANGELOG.md deleted file mode 100644 index 58cd91ae6..000000000 --- a/apache/CHANGELOG.md +++ /dev/null @@ -1,645 +0,0 @@ -## Supported Release 1.8.1 -### Summary -This release includes bug fixes and a documentation update. - -#### Bugfixes -- Fixes a bug that occurs when using the module in combination with puppetlabs-concat 2.x. -- Fixes a bug where passenger.conf was vulnerable to purging. -- Removes the pin of the concat module dependency. - -## 2016-01-26 - Supported Release 1.8.0 -### Summary -This release includes a lot of bug fixes and feature updates, including support for Debian 8, as well as many test improvements. - -#### Features -- Debian 8 Support. -- Added the 'file_mode' property to allow a custom permission setting for config files. -- Enable 'PassengerMaxRequestQueueSize' to be set for mod_passenger. -- MODULES-2956: Enable options within location block on proxy_match. -- Support itk on redhat. -- Support the mod_ssl SSLProxyVerify directive. -- Support ProxPassReverseCookieDomain directive (mod_proxy). -- Support proxy provider for vhost directories. -- Added new 'apache::vhost::custom' resource. - -#### Bugfixes -- Fixed ProxyPassReverse configuration. -- Fixed error in Amazon operatingsystem detection. -- Fixed mod_security catalog ordering issues for RedHat 7. -- Fixed paths and packages for the shib2 apache module on Debian pre Jessie. -- Fixed EL7 directory path for apache modules. -- Fixed validation error when empty array is passed for the rewrites parameter. -- Idempotency fixes with regards to '::apache::mod_enable_dir'. -- ITK fixes. -- (MODULES-2865) fix $mpm_module logic for 'false'. -- Set SSLProxy directives even if ssl is false, due to issue with RewriteRules and ProxyPass directives. -- Enable setting LimitRequestFieldSize globally, and remove it from vhost. - -#### Improvements -- apache::mod::php now uses FilesMatch to configure the php handler. This is following the recommended upstream configuration guidelines (http://php.net/manual/en/install.unix.apache2.php#example-20) and distribution's default config (e.g.: http://bazaar.launchpad.net/~ubuntu-branches/ubuntu/vivid/php5/vivid/view/head:/debian/php5.conf). It avoids inadvertently exposing the PHP handler to executing uploads with names like 'file.php.jpg', but might impact setups with unusual requirements. -- Improved compatibility for Gentoo. -- Vhosts can now be supplied with a wildcard listen value. -- Numerous test improvements. -- Removed workarounds for https://bz.apache.org/bugzilla/show_bug.cgi?id=38864 as the issues have been fixed in Apache. -- Documentation updates. -- Ensureed order of ProxyPass and ProxyPassMatch parameters. -- Ensure that ProxyPreserveHost is set to off mode explicitly if not set in manifest. -- Put headers and request headers before proxy with regards to template generation. -- Added X-Forwarded-For into log_formats defaults. -- (MODULES-2703) Allow mod pagespeed to take an array of lines as additional_configuration. - -## Supported Release 1.7.1 -###Summary - -Small release for support of newer PE versions. This increments the version of PE in the metadata.json file. - -## 2015-11-17 - Supported Release 1.7.0 -### Summary -This release includes many new features and bugfixes. There are test, documentation and misc improvements. - -#### Features -- allow groups with - like vhost-users -- ability to enable/disable the secruleengine through a parameter -- add mod_auth_kerb parameters to vhost -- client auth for reverse proxy -- support for mod_auth_mellon -- change SSLProtocol in apache::vhost to be space separated -- RewriteLock support - -#### Bugfixes -- fix apache::mod::cgid so it can be used with the event MPM -- load unixd before fcgid on all operating systems -- fixes conditional in vhost aliases -- corrects mod_cgid worker/event defaults -- ProxyPassMatch parameters were ending up on a newline -- catch that mod_authz_default has been removed in Apache 2.4 -- mod::ssl fails on SLES -- fix typo of MPM_PREFORK for FreeBSD package install -- install all modules before adding custom configs -- fix acceptance testing for SSLProtocol behaviour for real -- fix ordering issue with conf_file and ports_file - -#### Known Issues -- mod_passenger is having issues installing on Redhat/Centos 6, This is due to package dependency issues. - -#### Improvements -- added docs for forcetype directive -- removes ruby 1.8.7 from the travisci test matrix -- readme reorganisation, minor fixups -- support the mod_proxy ProxyPassReverseCookiePath directive -- the purge_vhost_configs parameter is actually called purge_vhost_dir -- add ListenBacklog for mod worker -- deflate application/json by default -- install mod_authn_alias as default mod in debian for apache < 2.4 -- optionally set LimitRequestFieldSize on an apache::vhost -- add SecUploadDir parameter to support file uploads with mod_security -- optionally set parameters for mod_ext_filter module -- allow SetOutputFilter to be set on a directory -- RC4 is deprecated -- allow empty docroot -- add option to configure the include pattern for the vhost_enable dir -- allow multiple IP addresses per vhost -- default document root update for Ubuntu 14.04 and Debian 8 - -## 2015-07-28 - Supported Release 1.6.0 -### Summary -This release includes a couple of new features, along with test and documentation updates, and support for the latest AIO puppet builds. - -#### Features -- Add `scan_proxy_header_field` parameter to `apache::mod::geoip` -- Add `ssl_openssl_conf_cmd` parameter to `apache::vhost` and `apache::mod::ssl` -- Add `filters` parameter to `apache::vhost` - -#### Bugfixes -- Test updates -- Do not use systemd on Amazon Linux -- Add missing docs for `timeout` parameter (MODULES-2148) - -## 2015-06-11 - Supported Release 1.5.0 -### Summary -This release primarily adds Suse compatibility. It also adds a handful of other -parameters for greater configuration control. - -#### Features -- Add `apache::lib_path` parameter -- Add `apache::service_restart` parameter -- Add `apache::vhost::geoip_enable` parameter -- Add `apache::mod::geoip` class -- Add `apache::mod::remoteip` class -- Add parameters to `apache::mod::expires` class -- Add `index_style_sheet` handling to `apache::vhost::directories` -- Add some compatibility for SLES 11 -- Add `apache::mod::ssl::ssl_sessioncachetimeout` parameter -- Add `apache::mod::ssl::ssl_cryptodevice` parameter -- Add `apache::mod::ssl::ssl_honorcipherorder` parameter -- Add `apache::mod::userdir::options` parameter - -#### Bugfixes -- Document `apache::user` parameter -- Document `apache::group` parameter -- Fix apache::dev on FreeBSD -- Fix proxy\_connect on apache >= 2.2 -- Validate log levels better -- Fix `apache::apache_name` for package and vhost -- Fix Debian Jessie mod\_prefork package name -- Fix alias module being declared even when vhost is absent -- Fix proxy\_pass\_match handling in vhost's proxy template -- Fix userdir access permissions -- Fix issue where the module was trying to use systemd on Amazon Linux. - -## 2015-04-28 - Supported Release 1.4.1 - -This release corrects a metadata issue that has been present since release 1.2.0. The refactoring of `apache::vhost` to use `puppetlabs-concat` requires a version of concat newer than the version required in PE. If you are using PE 3.3.0 or earlier you will need to use version 1.1.1 or earlier of the `puppetlabs-apache` module. - -## 2015-03-17 - Supported Release 1.4.0 -###Summary - -This release fixes the issue where the docroot was still managed even if the default vhosts were disabled and has many other features and bugfixes including improved support for 'deny' and 'require' as arrays in the 'directories' parameter under `apache::vhost` - -#### Features -- New parameters to `apache` - - `default_charset` - - `default_type` -- New parameters to `apache::vhost` - - `proxy_error_override` - - `passenger_app_env` (MODULES-1776) - - `proxy_dest_match` - - `proxy_dest_reverse_match` - - `proxy_pass_match` - - `no_proxy_uris_match` -- New parameters to `apache::mod::passenger` - - `passenger_app_env` - - `passenger_min_instances` -- New parameter to `apache::mod::alias` - - `icons_options` -- New classes added under `apache::mod::*` - - `authn_file` - - `authz_default` - - `authz_user` -- Added support for 'deny' as an array in 'directories' under `apache::vhost` -- Added support for RewriteMap -- Improved support for FreeBSD. (Note: If using apache < 2.4.12, see the discussion [here](https://github.com/puppetlabs/puppetlabs-apache/pull/1030)) -- Added check for deprecated options in directories and fail when they are unsupported -- Added gentoo compatibility -- Added proper array support for `require` in the `directories` parameter in `apache::vhost` -- Added support for `setenv` inside proxy locations - -### Bugfixes -- Fix issue in `apache::vhost` that was preventing the scriptalias fragment from being included (MODULES-1784) -- Install required `mod_ldap` package for EL7 (MODULES-1779) -- Change default value of `maxrequestworkers` in `apache::mod::event` to be a multiple of the default `ThreadsPerChild` of 25. -- Use the correct `mod_prefork` package name for trusty and jessie -- Don't manage docroot when default vhosts are disabled -- Ensure resources notify `Class['Apache::Service']` instead of `Service['httpd']` (MODULES-1829) -- Change the loadfile name for `mod_passenger` so `mod_proxy` will load by default before `mod_passenger` -- Remove old Debian work-around that removed `passenger_extra.conf` - -## 2015-02-17 - Supported Release 1.3.0 -### Summary - -This release has many new features and bugfixes, including the ability to optionally not trigger service restarts on config changes. - -#### Features -- New parameters - `apache` - - `service_manage` - - `use_optional_includes` -- New parameters - `apache::service` - - `service_manage` -- New parameters - `apache::vhost` - - `access_logs` - - `php_flags` - - `php_values` - - `modsec_disable_vhost` - - `modsec_disable_ids` - - `modsec_disable_ips` - - `modsec_body_limit` -- Improved FreeBSD support -- Add ability to omit priority prefix if `$priority` is set to false -- Add `apache::security::rule_link` define -- Improvements to `apache::mod::*` - - Add `apache::mod::auth_cas` class - - Add `threadlimit`, `listenbacklog`, `maxrequestworkers`, `maxconnectionsperchild` parameters to `apache::mod::event` - - Add `apache::mod::filter` class - - Add `root_group` to `apache::mod::php` - - Add `apache::mod::proxy_connect` class - - Add `apache::mod::security` class - - Add `ssl_pass_phrase_dialog` and `ssl_random_seed_bytes parameters to `apache::mod::ssl` (MODULES-1719) - - Add `status_path` parameter to `apache::mod::status` - - Add `apache_version` parameter to `apache::mod::version` - - Add `package_name` and `mod_path` parameters to `apache::mod::wsgi` (MODULES-1458) -- Improved SCL support - - Add support for specifying the docroot -- Updated `_directories.erb` to add support for SetEnv -- Support multiple access log directives (MODULES-1382) -- Add passenger support for Debian Jessie -- Add support for not having puppet restart the apache service (MODULES-1559) - -#### Bugfixes -- For apache 2.4 `mod_itk` requires `mod_prefork` (MODULES-825) -- Allow SSLCACertificatePath to be unset in `apache::vhost` (MODULES-1457) -- Load fcgid after unixd on RHEL7 -- Allow disabling default vhost for Apache 2.4 -- Test fixes -- `mod_version` is now built-in (MODULES-1446) -- Sort LogFormats for idempotency -- `allow_encoded_slashes` was omitted from `apache::vhost` -- Fix documentation bug (MODULES-1403, MODULES-1510) -- Sort `wsgi_script_aliases` for idempotency (MODULES-1384) -- lint fixes -- Fix automatic version detection for Debian Jessie -- Fix error docs and icons path for RHEL7-based systems (MODULES-1554) -- Sort php_* hashes for idempotency (MODULES-1680) -- Ensure `mod::setenvif` is included if needed (MODULES-1696) -- Fix indentation in `vhost/_directories.erb` template (MODULES-1688) -- Create symlinks on all distros if `vhost_enable_dir` is specified - -## 2014-09-30 - Supported Release 1.2.0 -### Summary - -This release features many improvements and bugfixes, including several new defines, a reworking of apache::vhost for more extensibility, and many new parameters for more customization. This release also includes improved support for strict variables and the future parser. - -#### Features -- Convert apache::vhost to use concat for easier extensions -- Test improvements -- Synchronize files with modulesync -- Strict variable and future parser support -- Added apache::custom_config defined type to allow validation of configs before they are created -- Added bool2httpd function to convert true/false to apache 'On' and 'Off'. Intended for internal use in the module. -- Improved SCL support - - allow overriding of the mod_ssl package name -- Add support for reverse_urls/ProxyPassReverse in apache::vhost -- Add satisfy directive in apache::vhost::directories -- Add apache::fastcgi::server defined type -- New parameters - apache - - allow_encoded_slashes - - apache_name - - conf_dir - - default_ssl_crl_check - - docroot - - logroot_mode - - purge_vhost_dir -- New parameters - apache::vhost - - add_default_charset - - allow_encoded_slashes - - logroot_ensure - - logroot_mode - - manage_docroot - - passenger_app_root - - passenger_min_instances - - passenger_pre_start - - passenger_ruby - - passenger_start_timeout - - proxy_preserve_host - - redirectmatch_dest - - ssl_crl_check - - wsgi_chunked_request - - wsgi_pass_authorization -- Add support for ScriptAlias and ScriptAliasMatch in the apache::vhost::aliases parameter -- Add support for rewrites in the apache::vhost::directories parameter -- If the service_ensure parameter in apache::service is set to anything other than true, false, running, or stopped, ensure will not be passed to the service resource, allowing for the service to not be managed by puppet -- Turn of SSLv3 by default -- Improvements to apache::mod* - - Add restrict_access parameter to apache::mod::info - - Add force_language_priority and language_priority parameters to apache::mod::negotiation - - Add threadlimit parameter to apache::mod::worker - - Add content, template, and source parameters to apache::mod::php - - Add mod_authz_svn support via the authz_svn_enabled parameter in apache::mod::dav_svn - - Add loadfile_name parameter to apache::mod - - Add apache::mod::deflate class - - Add options parameter to apache::mod::fcgid - - Add timeouts parameter to apache::mod::reqtimeout - - Add apache::mod::shib - - Add apache_version parameter to apache::mod::ldap - - Add magic_file parameter to apache::mod::mime_magic - - Add apache_version parameter to apache::mod::pagespeed - - Add passenger_default_ruby parameter to apache::mod::passenger - - Add content, template, and source parameters to apache::mod::php - - Add apache_version parameter to apache::mod::proxy - - Add loadfiles parameter to apache::mod::proxy_html - - Add ssl_protocol and package_name parameters to apache::mod::ssl - - Add apache_version parameter to apache::mod::status - - Add apache_version parameter to apache::mod::userdir - - Add apache::mod::version class - -#### Bugfixes -- Set osfamily defaults for wsgi_socket_prefix -- Support multiple balancermembers with the same url -- Validate apache::vhost::custom_fragment -- Add support for itk with mod_php -- Allow apache::vhost::ssl_certs_dir to not be set -- Improved passenger support for Debian -- Improved 2.4 support without mod_access_compat -- Support for more than one 'Allow from'-directive in _directories.erb -- Don't load systemd on Amazon linux based on CentOS6 with apache 2.4 -- Fix missing newline in ModPagespeed filter and memcached servers directive -- Use interpolated strings instead of numbers where required by future parser -- Make auth_require take precedence over default with apache 2.4 -- Lint fixes -- Set default for php_admin_flags and php_admin_values to be empty hash instead of empty array -- Correct typo in mod::pagespeed -- spec_helper fixes -- Install mod packages before dealing with the configuration -- Use absolute scope to check class definition in apache::mod::php -- Fix dependency loop in apache::vhost -- Properly scope variables in the inline template in apache::balancer -- Documentation clarification, typos, and formatting -- Set apache::mod::ssl::ssl_mutex to default for debian on apache >= 2.4 -- Strict variables fixes -- Add authn_core mode to Ubuntu trusty defaults -- Keep default loadfile for authz_svn on Debian -- Remove '.conf' from the site-include regexp for better Ubuntu/Debian support -- Load unixd before fcgid for EL7 -- Fix RedirectMatch rules -- Fix misleading error message in apache::version - -#### Known Bugs -* By default, the version of Apache that ships with Ubuntu 10.04 does not work with `wsgi_import_script`. -* SLES is unsupported. - -## 2014-07-15 - Supported Release 1.1.1 -### Summary - -This release merely updates metadata.json so the module can be uninstalled and -upgraded via the puppet module command. - -## 2014-04-14 Supported Release 1.1.0 - -### Summary - -This release primarily focuses on extending the httpd 2.4 support, tested -through adding RHEL7 and Ubuntu 14.04 support. It also includes Passenger -4 support, as well as several new modules and important bugfixes. - -#### Features - -- Add support for RHEL7 and Ubuntu 14.04 -- More complete apache24 support -- Passenger 4 support -- Add support for max_keepalive_requests and log_formats parameters -- Add mod_pagespeed support -- Add mod_speling support -- Added several parameters for mod_passenger -- Added ssl_cipher parameter to apache::mod::ssl -- Improved examples in documentation -- Added docroot_mode, action, and suexec_user_group parameters to apache::vhost -- Add support for custom extensions for mod_php -- Improve proxy_html support for Debian - -#### Bugfixes - -- Remove NameVirtualHost directive for apache >= 2.4 -- Order proxy_set option so it doesn't change between runs -- Fix inverted SSL compression -- Fix missing ensure on concat::fragment resources -- Fix bad dependencies in apache::mod and apache::mod::mime - -#### Known Bugs -* By default, the version of Apache that ships with Ubuntu 10.04 does not work with `wsgi_import_script`. -* SLES is unsupported. - -## 2014-03-04 Supported Release 1.0.1 -### Summary - -This is a supported release. This release removes a testing symlink that can -cause trouble on systems where /var is on a seperate filesystem from the -modulepath. - -#### Features -#### Bugfixes -#### Known Bugs -* By default, the version of Apache that ships with Ubuntu 10.04 does not work with `wsgi_import_script`. -* SLES is unsupported. - -## 2014-03-04 Supported Release 1.0.0 -### Summary - -This is a supported release. This release introduces Apache 2.4 support for -Debian and RHEL based osfamilies. - -#### Features - -- Add apache24 support -- Add rewrite_base functionality to rewrites -- Updated README documentation -- Add WSGIApplicationGroup and WSGIImportScript directives - -#### Bugfixes - -- Replace mutating hashes with merge() for Puppet 3.5 -- Fix WSGI import_script and mod_ssl issues on Lucid - -#### Known Bugs -* By default, the version of Apache that ships with Ubuntu 10.04 does not work with `wsgi_import_script`. -* SLES is unsupported. - ---- - -## 2014-01-31 Release 0.11.0 -### Summary: - -This release adds preliminary support for Windows compatibility and multiple rewrite support. - -#### Backwards-incompatible Changes: - -- The rewrite_rule parameter is deprecated in favor of the new rewrite parameter - and will be removed in a future release. - -#### Features: - -- add Match directive -- quote paths for windows compatibility -- add auth_group_file option to README.md -- allow AuthGroupFile directive for vhosts -- Support Header directives in vhost context -- Don't purge mods-available dir when separate enable dir is used -- Fix the servername used in log file name -- Added support for mod_include -- Remove index parameters. -- Support environment variable control for CustomLog -- added redirectmatch support -- Setting up the ability to do multiple rewrites and conditions. -- Convert spec tests to beaker. -- Support php_admin_(flag|value)s - -#### Bugfixes: - -- directories are either a Hash or an Array of Hashes -- Configure Passenger in separate .conf file on RH so PassengerRoot isn't lost -- (docs) Update list of `apache::mod::[name]` classes -- (docs) Fix apache::namevirtualhost example call style -- Fix $ports_file reference in apache::listen. -- Fix $ports_file reference in Namevirtualhost. - - -## 2013-12-05 Release 0.10.0 -### Summary: - -This release adds FreeBSD osfamily support and various other improvements to some mods. - -#### Features: - -- Add suPHP_UserGroup directive to directory context -- Add support for ScriptAliasMatch directives -- Set SSLOptions StdEnvVars in server context -- No implicit entry for ScriptAlias path -- Add support for overriding ErrorDocument -- Add support for AliasMatch directives -- Disable default "allow from all" in vhost-directories -- Add WSGIPythonPath as an optional parameter to mod_wsgi. -- Add mod_rpaf support -- Add directives: IndexOptions, IndexOrderDefault -- Add ability to include additional external configurations in vhost -- need to use the provider variable not the provider key value from the directory hash for matches -- Support for FreeBSD and few other features -- Add new params to apache::mod::mime class -- Allow apache::mod to specify module id and path -- added $server_root parameter -- Add Allow and ExtendedStatus support to mod_status -- Expand vhost/_directories.pp directive support -- Add initial support for nss module (no directives in vhost template yet) -- added peruser and event mpms -- added $service_name parameter -- add parameter for TraceEnable -- Make LogLevel configurable for server and vhost -- Add documentation about $ip -- Add ability to pass ip (instead of wildcard) in default vhost files - -#### Bugfixes: - -- Don't listen on port or set NameVirtualHost for non-existent vhost -- only apply Directory defaults when provider is a directory -- Working mod_authnz_ldap support on Debian/Ubuntu - -## 2013-09-06 Release 0.9.0 -### Summary: -This release adds more parameters to the base apache class and apache defined -resource to make the module more flexible. It also adds or enhances SuPHP, -WSGI, and Passenger mod support, and support for the ITK mpm module. - -#### Backwards-incompatible Changes: -- Remove many default mods that are not normally needed. -- Remove `rewrite_base` `apache::vhost` parameter; did not work anyway. -- Specify dependencies on stdlib >=2.4.0 (this was already the case, but -making explicit) -- Deprecate `a2mod` in favor of the `apache::mod::*` classes and `apache::mod` -defined resource. - -#### Features: -- `apache` class - - Add `httpd_dir` parameter to change the location of the configuration - files. - - Add `logroot` parameter to change the logroot - - Add `ports_file` parameter to changes the `ports.conf` file location - - Add `keepalive` parameter to enable persistent connections - - Add `keepalive_timeout` parameter to change the timeout - - Update `default_mods` to be able to take an array of mods to enable. -- `apache::vhost` - - Add `wsgi_daemon_process`, `wsgi_daemon_process_options`, - `wsgi_process_group`, and `wsgi_script_aliases` parameters for per-vhost - WSGI configuration. - - Add `access_log_syslog` parameter to enable syslogging. - - Add `error_log_syslog` parameter to enable syslogging of errors. - - Add `directories` hash parameter. Please see README for documentation. - - Add `sslproxyengine` parameter to enable SSLProxyEngine - - Add `suphp_addhandler`, `suphp_engine`, and `suphp_configpath` for - configuring SuPHP. - - Add `custom_fragment` parameter to allow for arbitrary apache - configuration injection. (Feature pull requests are prefered over using - this, but it is available in a pinch.) -- Add `apache::mod::suphp` class for configuring SuPHP. -- Add `apache::mod::itk` class for configuring ITK mpm module. -- Update `apache::mod::wsgi` class for global WSGI configuration with -`wsgi_socket_prefix` and `wsgi_python_home` parameters. -- Add README.passenger.md to document the `apache::mod::passenger` usage. -Added `passenger_high_performance`, `passenger_pool_idle_time`, -`passenger_max_requests`, `passenger_stat_throttle_rate`, `rack_autodetect`, -and `rails_autodetect` parameters. -- Separate the httpd service resource into a new `apache::service` class for -dependency chaining of `Class['apache'] -> ~> -Class['apache::service']` -- Added `apache::mod::proxy_balancer` class for `apache::balancer` - -#### Bugfixes: -- Change dependency to puppetlabs-concat -- Fix ruby 1.9 bug for `a2mod` -- Change servername to be `$::hostname` if there is no `$::fqdn` -- Make `/etc/ssl/certs` the default ssl certs directory for RedHat non-5. -- Make `php` the default php package for RedHat non-5. -- Made `aliases` able to take a single alias hash instead of requiring an -array. - -## 2013-07-26 Release 0.8.1 -#### Bugfixes: -- Update `apache::mpm_module` detection for worker/prefork -- Update `apache::mod::cgi` and `apache::mod::cgid` detection for -worker/prefork - -## 2013-07-16 Release 0.8.0 -#### Features: -- Add `servername` parameter to `apache` class -- Add `proxy_set` parameter to `apache::balancer` define - -#### Bugfixes: -- Fix ordering for multiple `apache::balancer` clusters -- Fix symlinking for sites-available on Debian-based OSs -- Fix dependency ordering for recursive confdir management -- Fix `apache::mod::*` to notify the service on config change -- Documentation updates - -## 2013-07-09 Release 0.7.0 -#### Changes: -- Essentially rewrite the module -- too many to list -- `apache::vhost` has many abilities -- see README.md for details -- `apache::mod::*` classes provide httpd mod-loading capabilities -- `apache` base class is much more configurable - -#### Bugfixes: -- Many. And many more to come - -## 2013-03-2 Release 0.6.0 -- update travis tests (add more supported versions) -- add access log_parameter -- make purging of vhost dir configurable - -## 2012-08-24 Release 0.4.0 -#### Changes: -- `include apache` is now required when using `apache::mod::*` - -#### Bugfixes: -- Fix syntax for validate_re -- Fix formatting in vhost template -- Fix spec tests such that they pass - -## 2012-05-08 Puppet Labs - 0.0.4 -* e62e362 Fix broken tests for ssl, vhost, vhost::* -* 42c6363 Changes to match style guide and pass puppet-lint without error -* 42bc8ba changed name => path for file resources in order to name namevar by it's name -* 72e13de One end too much -* 0739641 style guide fixes: 'true' <> true, $operatingsystem needs to be $::operatingsystem, etc. -* 273f94d fix tests -* a35ede5 (#13860) Make a2enmod/a2dismo commands optional -* 98d774e (#13860) Autorequire Package['httpd'] -* 05fcec5 (#13073) Add missing puppet spec tests -* 541afda (#6899) Remove virtual a2mod definition -* 976cb69 (#13072) Move mod python and wsgi package names to params -* 323915a (#13060) Add .gitignore to repo -* fdf40af (#13060) Remove pkg directory from source tree -* fd90015 Add LICENSE file and update the ModuleFile -* d3d0d23 Re-enable local php class -* d7516c7 Make management of firewalls configurable for vhosts -* 60f83ba Explicitly lookup scope of apache_name in templates. -* f4d287f (#12581) Add explicit ordering for vdir directory -* 88a2ac6 (#11706) puppetlabs-apache depends on puppetlabs-firewall -* a776a8b (#11071) Fix to work with latest firewall module -* 2b79e8b (#11070) Add support for Scientific Linux -* 405b3e9 Fix for a2mod -* 57b9048 Commit apache::vhost::redirect Manifest -* 8862d01 Commit apache::vhost::proxy Manifest -* d5c1fd0 Commit apache::mod::wsgi Manifest -* a825ac7 Commit apache::mod::python Manifest -* b77062f Commit Templates -* 9a51b4a Vhost File Declarations -* 6cf7312 Defaults for Parameters -* 6a5b11a Ensure installed -* f672e46 a2mod fix -* 8a56ee9 add pthon support to apache diff --git a/apache/CONTRIBUTING.md b/apache/CONTRIBUTING.md deleted file mode 100644 index bfeaa701c..000000000 --- a/apache/CONTRIBUTING.md +++ /dev/null @@ -1,220 +0,0 @@ -Checklist (and a short version for the impatient) -================================================= - - * Commits: - - - Make commits of logical units. - - - Check for unnecessary whitespace with "git diff --check" before - committing. - - - Commit using Unix line endings (check the settings around "crlf" in - git-config(1)). - - - Do not check in commented out code or unneeded files. - - - The first line of the commit message should be a short - description (50 characters is the soft limit, excluding ticket - number(s)), and should skip the full stop. - - - Associate the issue in the message. The first line should include - the issue number in the form "(#XXXX) Rest of message". - - - The body should provide a meaningful commit message, which: - - - uses the imperative, present tense: "change", not "changed" or - "changes". - - - includes motivation for the change, and contrasts its - implementation with the previous behavior. - - - Make sure that you have tests for the bug you are fixing, or - feature you are adding. - - - Make sure the test suites passes after your commit: - `bundle exec rspec spec/acceptance` More information on [testing](#Testing) below - - - When introducing a new feature, make sure it is properly - documented in the README.md - - * Submission: - - * Pre-requisites: - - - Make sure you have a [GitHub account](https://github.com/join) - - - [Create a ticket](https://tickets.puppetlabs.com/secure/CreateIssue!default.jspa), or [watch the ticket](https://tickets.puppetlabs.com/browse/) you are patching for. - - * Preferred method: - - - Fork the repository on GitHub. - - - Push your changes to a topic branch in your fork of the - repository. (the format ticket/1234-short_description_of_change is - usually preferred for this project). - - - Submit a pull request to the repository in the puppetlabs - organization. - -The long version -================ - - 1. Make separate commits for logically separate changes. - - Please break your commits down into logically consistent units - which include new or changed tests relevant to the rest of the - change. The goal of doing this is to make the diff easier to - read for whoever is reviewing your code. In general, the easier - your diff is to read, the more likely someone will be happy to - review it and get it into the code base. - - If you are going to refactor a piece of code, please do so as a - separate commit from your feature or bug fix changes. - - We also really appreciate changes that include tests to make - sure the bug is not re-introduced, and that the feature is not - accidentally broken. - - Describe the technical detail of the change(s). If your - description starts to get too long, that is a good sign that you - probably need to split up your commit into more finely grained - pieces. - - Commits which plainly describe the things which help - reviewers check the patch and future developers understand the - code are much more likely to be merged in with a minimum of - bike-shedding or requested changes. Ideally, the commit message - would include information, and be in a form suitable for - inclusion in the release notes for the version of Puppet that - includes them. - - Please also check that you are not introducing any trailing - whitespace or other "whitespace errors". You can do this by - running "git diff --check" on your changes before you commit. - - 2. Sending your patches - - To submit your changes via a GitHub pull request, we _highly_ - recommend that you have them on a topic branch, instead of - directly on "master". - It makes things much easier to keep track of, especially if - you decide to work on another thing before your first change - is merged in. - - GitHub has some pretty good - [general documentation](http://help.github.com/) on using - their site. They also have documentation on - [creating pull requests](http://help.github.com/send-pull-requests/). - - In general, after pushing your topic branch up to your - repository on GitHub, you can switch to the branch in the - GitHub UI and click "Pull Request" towards the top of the page - in order to open a pull request. - - - 3. Update the related GitHub issue. - - If there is a GitHub issue associated with the change you - submitted, then you should update the ticket to include the - location of your branch, along with any other commentary you - may wish to make. - -Testing -======= - -Getting Started ---------------- - -Our puppet modules provide [`Gemfile`](./Gemfile)s which can tell a ruby -package manager such as [bundler](http://bundler.io/) what Ruby packages, -or Gems, are required to build, develop, and test this software. - -Please make sure you have [bundler installed](http://bundler.io/#getting-started) -on your system, then use it to install all dependencies needed for this project, -by running - -```shell -% bundle install -Fetching gem metadata from https://rubygems.org/........ -Fetching gem metadata from https://rubygems.org/.. -Using rake (10.1.0) -Using builder (3.2.2) --- 8><-- many more --><8 -- -Using rspec-system-puppet (2.2.0) -Using serverspec (0.6.3) -Using rspec-system-serverspec (1.0.0) -Using bundler (1.3.5) -Your bundle is complete! -Use `bundle show [gemname]` to see where a bundled gem is installed. -``` - -NOTE some systems may require you to run this command with sudo. - -If you already have those gems installed, make sure they are up-to-date: - -```shell -% bundle update -``` - -With all dependencies in place and up-to-date we can now run the tests: - -```shell -% bundle exec rake spec -``` - -This will execute all the [rspec tests](http://rspec-puppet.com/) tests -under [spec/defines](./spec/defines), [spec/classes](./spec/classes), -and so on. rspec tests may have the same kind of dependencies as the -module they are testing. While the module defines in its [Modulefile](./Modulefile), -rspec tests define them in [.fixtures.yml](./fixtures.yml). - -Some puppet modules also come with [beaker](https://github.com/puppetlabs/beaker) -tests. These tests spin up a virtual machine under -[VirtualBox](https://www.virtualbox.org/)) with, controlling it with -[Vagrant](http://www.vagrantup.com/) to actually simulate scripted test -scenarios. In order to run these, you will need both of those tools -installed on your system. - -You can run them by issuing the following command - -```shell -% bundle exec rake spec_clean -% bundle exec rspec spec/acceptance -``` - -This will now download a pre-fabricated image configured in the [default node-set](./spec/acceptance/nodesets/default.yml), -install puppet, copy this module and install its dependencies per [spec/spec_helper_acceptance.rb](./spec/spec_helper_acceptance.rb) -and then run all the tests under [spec/acceptance](./spec/acceptance). - -Writing Tests -------------- - -XXX getting started writing tests. - -If you have commit access to the repository -=========================================== - -Even if you have commit access to the repository, you will still need to -go through the process above, and have someone else review and merge -in your changes. The rule is that all changes must be reviewed by a -developer on the project (that did not write the code) to ensure that -all changes go through a code review process. - -Having someone other than the author of the topic branch recorded as -performing the merge is the record that they performed the code -review. - - -Additional Resources -==================== - -* [Getting additional help](http://puppetlabs.com/community/get-help) - -* [Writing tests](http://projects.puppetlabs.com/projects/puppet/wiki/Development_Writing_Tests) - -* [Patchwork](https://patchwork.puppetlabs.com) - -* [General GitHub documentation](http://help.github.com/) - -* [GitHub pull request documentation](http://help.github.com/send-pull-requests/) - diff --git a/apache/Gemfile b/apache/Gemfile deleted file mode 100644 index e490bc9b9..000000000 --- a/apache/Gemfile +++ /dev/null @@ -1,39 +0,0 @@ -#This file is generated by ModuleSync, do not edit. - -source ENV['GEM_SOURCE'] || "https://rubygems.org" - -def location_for(place, version = nil) - if place =~ /^(git[:@][^#]*)#(.*)/ - [version, { :git => $1, :branch => $2, :require => false}].compact - elsif place =~ /^file:\/\/(.*)/ - ['>= 0', { :path => File.expand_path($1), :require => false}] - else - [place, version, { :require => false}].compact - end -end - -group :development, :unit_tests do - gem 'json', :require => false - gem 'metadata-json-lint', :require => false - gem 'puppet_facts', :require => false - gem 'puppet-blacksmith', :require => false - gem 'puppetlabs_spec_helper', :require => false - gem 'rspec-puppet', '>= 2.3.2', :require => false - gem 'simplecov', :require => false -end -group :system_tests do - gem 'beaker-rspec', *location_for(ENV['BEAKER_RSPEC_VERSION'] || '>= 3.4') - gem 'beaker', *location_for(ENV['BEAKER_VERSION']) - gem 'serverspec', :require => false - gem 'beaker-puppet_install_helper', :require => false - gem 'master_manipulator', :require => false - gem 'beaker-hostgenerator', *location_for(ENV['BEAKER_HOSTGENERATOR_VERSION']) -end - -gem 'facter', *location_for(ENV['FACTER_GEM_VERSION']) -gem 'puppet', *location_for(ENV['PUPPET_GEM_VERSION']) - - -if File.exists? "#{__FILE__}.local" - eval(File.read("#{__FILE__}.local"), binding) -end diff --git a/apache/LICENSE b/apache/LICENSE deleted file mode 100644 index d64569567..000000000 --- a/apache/LICENSE +++ /dev/null @@ -1,202 +0,0 @@ - - Apache License - Version 2.0, January 2004 - http://www.apache.org/licenses/ - - TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION - - 1. Definitions. - - "License" shall mean the terms and conditions for use, reproduction, - and distribution as defined by Sections 1 through 9 of this document. - - "Licensor" shall mean the copyright owner or entity authorized by - the copyright owner that is granting the License. - - "Legal Entity" shall mean the union of the acting entity and all - other entities that control, are controlled by, or are under common - control with that entity. For the purposes of this definition, - "control" means (i) the power, direct or indirect, to cause the - direction or management of such entity, whether by contract or - otherwise, or (ii) ownership of fifty percent (50%) or more of the - outstanding shares, or (iii) beneficial ownership of such entity. - - "You" (or "Your") shall mean an individual or Legal Entity - exercising permissions granted by this License. - - "Source" form shall mean the preferred form for making modifications, - including but not limited to software source code, documentation - source, and configuration files. - - "Object" form shall mean any form resulting from mechanical - transformation or translation of a Source form, including but - not limited to compiled object code, generated documentation, - and conversions to other media types. - - "Work" shall mean the work of authorship, whether in Source or - Object form, made available under the License, as indicated by a - copyright notice that is included in or attached to the work - (an example is provided in the Appendix below). - - "Derivative Works" shall mean any work, whether in Source or Object - form, that is based on (or derived from) the Work and for which the - editorial revisions, annotations, elaborations, or other modifications - represent, as a whole, an original work of authorship. For the purposes - of this License, Derivative Works shall not include works that remain - separable from, or merely link (or bind by name) to the interfaces of, - the Work and Derivative Works thereof. - - "Contribution" shall mean any work of authorship, including - the original version of the Work and any modifications or additions - to that Work or Derivative Works thereof, that is intentionally - submitted to Licensor for inclusion in the Work by the copyright owner - or by an individual or Legal Entity authorized to submit on behalf of - the copyright owner. For the purposes of this definition, "submitted" - means any form of electronic, verbal, or written communication sent - to the Licensor or its representatives, including but not limited to - communication on electronic mailing lists, source code control systems, - and issue tracking systems that are managed by, or on behalf of, the - Licensor for the purpose of discussing and improving the Work, but - excluding communication that is conspicuously marked or otherwise - designated in writing by the copyright owner as "Not a Contribution." - - "Contributor" shall mean Licensor and any individual or Legal Entity - on behalf of whom a Contribution has been received by Licensor and - subsequently incorporated within the Work. - - 2. Grant of Copyright License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - copyright license to reproduce, prepare Derivative Works of, - publicly display, publicly perform, sublicense, and distribute the - Work and such Derivative Works in Source or Object form. - - 3. Grant of Patent License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - (except as stated in this section) patent license to make, have made, - use, offer to sell, sell, import, and otherwise transfer the Work, - where such license applies only to those patent claims licensable - by such Contributor that are necessarily infringed by their - Contribution(s) alone or by combination of their Contribution(s) - with the Work to which such Contribution(s) was submitted. If You - institute patent litigation against any entity (including a - cross-claim or counterclaim in a lawsuit) alleging that the Work - or a Contribution incorporated within the Work constitutes direct - or contributory patent infringement, then any patent licenses - granted to You under this License for that Work shall terminate - as of the date such litigation is filed. - - 4. Redistribution. You may reproduce and distribute copies of the - Work or Derivative Works thereof in any medium, with or without - modifications, and in Source or Object form, provided that You - meet the following conditions: - - (a) You must give any other recipients of the Work or - Derivative Works a copy of this License; and - - (b) You must cause any modified files to carry prominent notices - stating that You changed the files; and - - (c) You must retain, in the Source form of any Derivative Works - that You distribute, all copyright, patent, trademark, and - attribution notices from the Source form of the Work, - excluding those notices that do not pertain to any part of - the Derivative Works; and - - (d) If the Work includes a "NOTICE" text file as part of its - distribution, then any Derivative Works that You distribute must - include a readable copy of the attribution notices contained - within such NOTICE file, excluding those notices that do not - pertain to any part of the Derivative Works, in at least one - of the following places: within a NOTICE text file distributed - as part of the Derivative Works; within the Source form or - documentation, if provided along with the Derivative Works; or, - within a display generated by the Derivative Works, if and - wherever such third-party notices normally appear. The contents - of the NOTICE file are for informational purposes only and - do not modify the License. You may add Your own attribution - notices within Derivative Works that You distribute, alongside - or as an addendum to the NOTICE text from the Work, provided - that such additional attribution notices cannot be construed - as modifying the License. - - You may add Your own copyright statement to Your modifications and - may provide additional or different license terms and conditions - for use, reproduction, or distribution of Your modifications, or - for any such Derivative Works as a whole, provided Your use, - reproduction, and distribution of the Work otherwise complies with - the conditions stated in this License. - - 5. Submission of Contributions. Unless You explicitly state otherwise, - any Contribution intentionally submitted for inclusion in the Work - by You to the Licensor shall be under the terms and conditions of - this License, without any additional terms or conditions. - Notwithstanding the above, nothing herein shall supersede or modify - the terms of any separate license agreement you may have executed - with Licensor regarding such Contributions. - - 6. Trademarks. This License does not grant permission to use the trade - names, trademarks, service marks, or product names of the Licensor, - except as required for reasonable and customary use in describing the - origin of the Work and reproducing the content of the NOTICE file. - - 7. Disclaimer of Warranty. Unless required by applicable law or - agreed to in writing, Licensor provides the Work (and each - Contributor provides its Contributions) on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or - implied, including, without limitation, any warranties or conditions - of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A - PARTICULAR PURPOSE. You are solely responsible for determining the - appropriateness of using or redistributing the Work and assume any - risks associated with Your exercise of permissions under this License. - - 8. Limitation of Liability. In no event and under no legal theory, - whether in tort (including negligence), contract, or otherwise, - unless required by applicable law (such as deliberate and grossly - negligent acts) or agreed to in writing, shall any Contributor be - liable to You for damages, including any direct, indirect, special, - incidental, or consequential damages of any character arising as a - result of this License or out of the use or inability to use the - Work (including but not limited to damages for loss of goodwill, - work stoppage, computer failure or malfunction, or any and all - other commercial damages or losses), even if such Contributor - has been advised of the possibility of such damages. - - 9. Accepting Warranty or Additional Liability. While redistributing - the Work or Derivative Works thereof, You may choose to offer, - and charge a fee for, acceptance of support, warranty, indemnity, - or other liability obligations and/or rights consistent with this - License. However, in accepting such obligations, You may act only - on Your own behalf and on Your sole responsibility, not on behalf - of any other Contributor, and only if You agree to indemnify, - defend, and hold each Contributor harmless for any liability - incurred by, or claims asserted against, such Contributor by reason - of your accepting any such warranty or additional liability. - - END OF TERMS AND CONDITIONS - - APPENDIX: How to apply the Apache License to your work. - - To apply the Apache License to your work, attach the following - boilerplate notice, with the fields enclosed by brackets "[]" - replaced with your own identifying information. (Don't include - the brackets!) The text should be enclosed in the appropriate - comment syntax for the file format. We also recommend that a - file or class name and description of purpose be included on the - same "printed page" as the copyright notice for easier - identification within third-party archives. - - Copyright [yyyy] [name of copyright owner] - - Licensed under the Apache License, Version 2.0 (the "License"); - you may not use this file except in compliance with the License. - You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - - Unless required by applicable law or agreed to in writing, software - distributed under the License is distributed on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - See the License for the specific language governing permissions and - limitations under the License. diff --git a/apache/NOTICE b/apache/NOTICE deleted file mode 100644 index c07b29dc8..000000000 --- a/apache/NOTICE +++ /dev/null @@ -1,17 +0,0 @@ -apache puppet module - -Copyright (C) 2012-2016 Puppet Labs, Inc. - -Puppet Labs can be contacted at: info@puppetlabs.com - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. diff --git a/apache/README.md b/apache/README.md deleted file mode 100644 index cd2ac7c9a..000000000 --- a/apache/README.md +++ /dev/null @@ -1,3578 +0,0 @@ -# apache - -[Module description]: #module-description - -[Setup]: #setup -[Beginning with Apache]: #beginning-with-apache - -[Usage]: #usage -[Configuring virtual hosts]: #configuring-virtual-hosts -[Configuring virtual hosts with SSL]: #configuring-virtual-hosts-with-ssl -[Configuring virtual host port and address bindings]: #configuring-virtual-host-port-and-address-bindings -[Configuring virtual hosts for apps and processors]: #configuring-virtual-hosts-for-apps-and-processors -[Configuring IP-based virtual hosts]: #configuring-ip-based-virtual-hosts -[Installing Apache modules]: #installing-apache-modules -[Installing arbitrary modules]: #installing-arbitrary-modules -[Installing specific modules]: #installing-specific-modules -[Configuring FastCGI servers]: #configuring-fastcgi-servers-to-handle-php-files -[Load balancing examples]: #load-balancing-examples - -[Reference]: #reference -[Public classes]: #public-classes -[Private classes]: #private-classes -[Public defined types]: #public-defined-types -[Private defined types]: #private-defined-types -[Templates]: #templates - -[Limitations]: #limitations - -[Development]: #development -[Contributing]: #contributing -[Running tests]: #running-tests - -[`AddDefaultCharset`]: https://httpd.apache.org/docs/current/mod/core.html#adddefaultcharset -[`add_listen`]: #add_listen -[`Alias`]: https://httpd.apache.org/docs/current/mod/mod_alias.html#alias -[`AliasMatch`]: https://httpd.apache.org/docs/current/mod/mod_alias.html#aliasmatch -[aliased servers]: https://httpd.apache.org/docs/current/urlmapping.html -[`AllowEncodedSlashes`]: https://httpd.apache.org/docs/current/mod/core.html#allowencodedslashes -[`apache`]: #class-apache -[`apache_version`]: #apache_version -[`apache::balancer`]: #defined-type-apachebalancer -[`apache::balancermember`]: #defined-type-apachebalancermember -[`apache::fastcgi::server`]: #defined-type-apachefastcgiserver -[`apache::mod`]: #defined-type-apachemod -[`apache::mod::`]: #classes-apachemodmodule-name -[`apache::mod::alias`]: #class-apachemodalias -[`apache::mod::auth_cas`]: #class-apachemodauth_cas -[`apache::mod::auth_mellon`]: #class-apachemodauth_mellon -[`apache::mod::disk_cache`]: #class-apachemoddisk_cache -[`apache::mod::event`]: #class-apachemodevent -[`apache::mod::ext_filter`]: #class-apachemodext_filter -[`apache::mod::geoip`]: #class-apachemodgeoip -[`apache::mod::itk`]: #class-apachemoditk -[`apache::mod::ldap`]: #class-apachemodldap -[`apache::mod::passenger`]: #class-apachemodpassenger -[`apache::mod::peruser`]: #class-apachemodperuser -[`apache::mod::prefork`]: #class-apachemodprefork -[`apache::mod::proxy_html`]: #class-apachemodproxy_html -[`apache::mod::security`]: #class-apachemodsecurity -[`apache::mod::shib`]: #class-apachemodshib -[`apache::mod::ssl`]: #class-apachemodssl -[`apache::mod::status`]: #class-apachemodstatus -[`apache::mod::worker`]: #class-apachemodworker -[`apache::mod::wsgi`]: #class-apachemodwsgi -[`apache::params`]: #class-apacheparams -[`apache::version`]: #class-apacheversion -[`apache::vhost`]: #defined-type-apachevhost -[`apache::vhost::custom`]: #defined-type-apachevhostcustom -[`apache::vhost::WSGIImportScript`]: #wsgiimportscript -[Apache HTTP Server]: https://httpd.apache.org -[Apache modules]: https://httpd.apache.org/docs/current/mod/ -[array]: https://docs.puppetlabs.com/puppet/latest/reference/lang_data_array.html - -[audit log]: https://github.com/SpiderLabs/ModSecurity/wiki/ModSecurity-2-Data-Formats#audit-log - -[beaker-rspec]: https://github.com/puppetlabs/beaker-rspec - -[certificate revocation list]: https://httpd.apache.org/docs/current/mod/mod_ssl.html#sslcarevocationfile -[certificate revocation list path]: https://httpd.apache.org/docs/current/mod/mod_ssl.html#sslcarevocationpath -[common gateway interface]: https://httpd.apache.org/docs/current/howto/cgi.html -[`confd_dir`]: #confd_dir -[`content`]: #content -[custom error documents]: https://httpd.apache.org/docs/current/custom-error.html -[`custom_fragment`]: #custom_fragment - -[`default_mods`]: #default_mods -[`default_ssl_crl`]: #default_ssl_crl -[`default_ssl_crl_path`]: #default_ssl_crl_path -[`default_ssl_vhost`]: #default_ssl_vhost -[`dev_packages`]: #dev_packages -[`directory`]: #directory -[`directories`]: #parameter-directories-for-apachevhost -[`DirectoryIndex`]: https://httpd.apache.org/docs/current/mod/mod_dir.html#directoryindex -[`docroot`]: #docroot -[`docroot_owner`]: #docroot_owner -[`docroot_group`]: #docroot_group -[`DocumentRoot`]: https://httpd.apache.org/docs/current/mod/core.html#documentroot - -[`EnableSendfile`]: https://httpd.apache.org/docs/current/mod/core.html#enablesendfile -[enforcing mode]: http://selinuxproject.org/page/Guide/Mode -[`ensure`]: https://docs.puppetlabs.com/references/latest/type.html#package-attribute-ensure -[`error_log_file`]: #error_log_file -[`error_log_syslog`]: #error_log_syslog -[`error_log_pipe`]: #error_log_pipe -[`ExpiresByType`]: https://httpd.apache.org/docs/current/mod/mod_expires.html#expiresbytype -[exported resources]: http://docs.puppetlabs.com/latest/reference/lang_exported.md -[`ExtendedStatus`]: https://httpd.apache.org/docs/current/mod/core.html#extendedstatus - -[Facter]: http://docs.puppetlabs.com/facter/ -[FastCGI]: http://www.fastcgi.com/ -[FallbackResource]: https://httpd.apache.org/docs/current/mod/mod_dir.html#fallbackresource -[`fallbackresource`]: #fallbackresource -[filter rules]: https://httpd.apache.org/docs/current/filter.html -[`filters`]: #filters -[`ForceType`]: https://httpd.apache.org/docs/current/mod/core.html#forcetype - -[GeoIPScanProxyHeaders]: http://dev.maxmind.com/geoip/legacy/mod_geoip2/#Proxy-Related_Directives -[`gentoo/puppet-portage`]: https://github.com/gentoo/puppet-portage - -[Hash]: https://docs.puppetlabs.com/puppet/latest/reference/lang_data_hash.html - -[`IncludeOptional`]: https://httpd.apache.org/docs/current/mod/core.html#includeoptional -[`Include`]: https://httpd.apache.org/docs/current/mod/core.html#include -[interval syntax]: https://httpd.apache.org/docs/current/mod/mod_expires.html#AltSyn -[`ip`]: #ip -[`ip_based`]: #ip_based -[IP-based virtual hosts]: https://httpd.apache.org/docs/current/vhosts/ip-based.html - -[`KeepAlive`]: https://httpd.apache.org/docs/current/mod/core.html#keepalive -[`KeepAliveTimeout`]: https://httpd.apache.org/docs/current/mod/core.html#keepalivetimeout -[`keepalive` parameter]: #keepalive -[`keepalive_timeout`]: #keepalive_timeout -[`limitreqfieldsize`]: https://httpd.apache.org/docs/current/mod/core.html#limitrequestfieldsize - -[`lib`]: #lib -[`lib_path`]: #lib_path -[`Listen`]: https://httpd.apache.org/docs/current/bind.html -[`ListenBackLog`]: https://httpd.apache.org/docs/current/mod/mpm_common.html#listenbacklog -[`LoadFile`]: https://httpd.apache.org/docs/current/mod/mod_so.html#loadfile -[`LogFormat`]: https://httpd.apache.org/docs/current/mod/mod_log_config.html#logformat -[`logroot`]: #logroot -[Log security]: https://httpd.apache.org/docs/current/logs.html#security - -[`manage_docroot`]: #manage_docroot -[`manage_user`]: #manage_user -[`manage_group`]: #manage_group -[`MaxConnectionsPerChild`]: https://httpd.apache.org/docs/current/mod/mpm_common.html#maxconnectionsperchild -[`max_keepalive_requests`]: #max_keepalive_requests -[`MaxRequestWorkers`]: https://httpd.apache.org/docs/current/mod/mpm_common.html#maxrequestworkers -[`MaxSpareThreads`]: https://httpd.apache.org/docs/current/mod/mpm_common.html#maxsparethreads -[MIME `content-type`]: https://www.iana.org/assignments/media-types/media-types.xhtml -[`MinSpareThreads`]: https://httpd.apache.org/docs/current/mod/mpm_common.html#minsparethreads -[`mod_alias`]: https://httpd.apache.org/docs/current/mod/mod_alias.html -[`mod_auth_cas`]: https://github.com/Jasig/mod_auth_cas -[`mod_auth_kerb`]: http://modauthkerb.sourceforge.net/configure.html -[`mod_authnz_external`]: https://github.com/phokz/mod-auth-external -[`mod_auth_mellon`]: https://github.com/UNINETT/mod_auth_mellon -[`mod_disk_cache`]: https://httpd.apache.org/docs/2.2/mod/mod_disk_cache.html -[`mod_cache_disk`]: https://httpd.apache.org/docs/current/mod/mod_cache_disk.html -[`mod_expires`]: https://httpd.apache.org/docs/current/mod/mod_expires.html -[`mod_ext_filter`]: https://httpd.apache.org/docs/current/mod/mod_ext_filter.html -[`mod_fcgid`]: https://httpd.apache.org/mod_fcgid/mod/mod_fcgid.html -[`mod_geoip`]: http://dev.maxmind.com/geoip/legacy/mod_geoip2/ -[`mod_info`]: https://httpd.apache.org/docs/current/mod/mod_info.html -[`mod_ldap`]: https://httpd.apache.org/docs/2.2/mod/mod_ldap.html -[`mod_mpm_event`]: https://httpd.apache.org/docs/current/mod/event.html -[`mod_negotiation`]: https://httpd.apache.org/docs/current/mod/mod_negotiation.html -[`mod_pagespeed`]: https://developers.google.com/speed/pagespeed/module/?hl=en -[`mod_passenger`]: https://www.phusionpassenger.com/library/config/apache/reference/ -[`mod_php`]: http://php.net/manual/en/book.apache.php -[`mod_proxy`]: https://httpd.apache.org/docs/current/mod/mod_proxy.html -[`mod_proxy_balancer`]: https://httpd.apache.org/docs/current/mod/mod_proxy_balancer.html -[`mod_reqtimeout`]: https://httpd.apache.org/docs/current/mod/mod_reqtimeout.html -[`mod_rewrite`]: https://httpd.apache.org/docs/current/mod/mod_rewrite.html -[`mod_security`]: https://www.modsecurity.org/ -[`mod_ssl`]: https://httpd.apache.org/docs/current/mod/mod_ssl.html -[`mod_status`]: https://httpd.apache.org/docs/current/mod/mod_status.html -[`mod_version`]: https://httpd.apache.org/docs/current/mod/mod_version.html -[`mod_wsgi`]: https://modwsgi.readthedocs.org/en/latest/ -[module contribution guide]: https://docs.puppetlabs.com/forge/contributing.html -[`mpm_module`]: #mpm_module -[multi-processing module]: https://httpd.apache.org/docs/current/mpm.html - -[name-based virtual hosts]: https://httpd.apache.org/docs/current/vhosts/name-based.html -[`no_proxy_uris`]: #no_proxy_uris - -[open source Puppet]: https://docs.puppetlabs.com/puppet/ -[`Options`]: https://httpd.apache.org/docs/current/mod/core.html#options - -[`path`]: #path -[`Peruser`]: https://www.freebsd.org/cgi/url.cgi?ports/www/apache22-peruser-mpm/pkg-descr -[`port`]: #port -[`priority`]: #defined-types-apachevhost -[`proxy_dest`]: #proxy_dest -[`proxy_dest_match`]: #proxy_dest_match -[`proxy_pass`]: #proxy_pass -[`ProxyPass`]: https://httpd.apache.org/docs/current/mod/mod_proxy.html#proxypass -[`ProxySet`]: https://httpd.apache.org/docs/current/mod/mod_proxy.html#proxyset -[Puppet Enterprise]: https://docs.puppetlabs.com/pe/ -[Puppet Forge]: https://forge.puppetlabs.com -[Puppet Labs]: https://puppetlabs.com -[Puppet module]: https://docs.puppetlabs.com/puppet/latest/reference/modules_fundamentals.html -[Puppet module's code]: https://github.com/puppetlabs/puppetlabs-apache/blob/master/manifests/default_mods.pp -[`purge_configs`]: #purge_configs -[`purge_vhost_dir`]: #purge_vhost_dir -[Python]: https://www.python.org/ - -[Rack]: http://rack.github.io/ -[`rack_base_uris`]: #rack_base_uris -[RFC 2616]: https://www.ietf.org/rfc/rfc2616.txt -[`RequestReadTimeout`]: https://httpd.apache.org/docs/current/mod/mod_reqtimeout.html#requestreadtimeout -[rspec-puppet]: http://rspec-puppet.com/ - -[`ScriptAlias`]: https://httpd.apache.org/docs/current/mod/mod_alias.html#scriptalias -[`ScriptAliasMatch`]: https://httpd.apache.org/docs/current/mod/mod_alias.html#scriptaliasmatch -[`scriptalias`]: #scriptalias -[SELinux]: http://selinuxproject.org/ -[`ServerAdmin`]: https://httpd.apache.org/docs/current/mod/core.html#serveradmin -[`serveraliases`]: #serveraliases -[`ServerLimit`]: https://httpd.apache.org/docs/current/mod/mpm_common.html#serverlimit -[`ServerName`]: https://httpd.apache.org/docs/current/mod/core.html#servername -[`ServerRoot`]: https://httpd.apache.org/docs/current/mod/core.html#serverroot -[`ServerTokens`]: https://httpd.apache.org/docs/current/mod/core.html#servertokens -[`ServerSignature`]: https://httpd.apache.org/docs/current/mod/core.html#serversignature -[Service attribute restart]: http://docs.puppetlabs.com/references/latest/type.html#service-attribute-restart -[`source`]: #source -[`SSLCARevocationCheck`]: https://httpd.apache.org/docs/current/mod/mod_ssl.html#sslcarevocationcheck -[SSL certificate key file]: https://httpd.apache.org/docs/current/mod/mod_ssl.html#sslcertificatekeyfile -[SSL chain]: https://httpd.apache.org/docs/current/mod/mod_ssl.html#sslcertificatechainfile -[SSL encryption]: https://httpd.apache.org/docs/current/ssl/index.html -[`ssl`]: #ssl -[`ssl_cert`]: #ssl_cert -[`ssl_compression`]: #ssl_compression -[`ssl_key`]: #ssl_key -[`StartServers`]: https://httpd.apache.org/docs/current/mod/mpm_common.html#startservers -[suPHP]: http://www.suphp.org/Home.html -[`suphp_addhandler`]: #suphp_addhandler -[`suphp_configpath`]: #suphp_configpath -[`suphp_engine`]: #suphp_engine -[supported operating system]: https://forge.puppetlabs.com/supported#puppet-supported-modules-compatibility-matrix - -[`ThreadLimit`]: https://httpd.apache.org/docs/current/mod/mpm_common.html#threadlimit -[`ThreadsPerChild`]: https://httpd.apache.org/docs/current/mod/mpm_common.html#threadsperchild -[`TimeOut`]: https://httpd.apache.org/docs/current/mod/core.html#timeout -[template]: http://docs.puppetlabs.com/puppet/latest/reference/lang_template.html -[`TraceEnable`]: https://httpd.apache.org/docs/current/mod/core.html#traceenable - -[`verify_config`]: #verify_config -[`vhost`]: #defined-type-apachevhost -[`vhost_dir`]: #vhost_dir -[`virtual_docroot`]: #virtual_docroot - -[Web Server Gateway Interface]: https://www.python.org/dev/peps/pep-3333/#abstract -[`WSGIPythonPath`]: http://modwsgi.readthedocs.org/en/develop/configuration-directives/WSGIPythonPath.html -[`WSGIPythonHome`]: http://modwsgi.readthedocs.org/en/develop/configuration-directives/WSGIPythonHome.html - -#### Table of Contents - -1. [Module description - What is the apache module, and what does it do?][Module description] -2. [Setup - The basics of getting started with apache][Setup] - - [Beginning with Apache - Installation][Beginning with Apache] -3. [Usage - The classes and defined types available for configuration][Usage] - - [Configuring virtual hosts - Examples to help get started][Configuring virtual hosts] - - [Configuring FastCGI servers to handle PHP files][Configuring FastCGI servers] - - [Load balancing with exported and non-exported resources][Load balancing examples] -4. [Reference - An under-the-hood peek at what the module is doing and how][Reference] - - [Public classes][] - - [Private classes][] - - [Public defined types][] - - [Private defined types][] - - [Templates][] -5. [Limitations - OS compatibility, etc.][Limitations] -6. [Development - Guide for contributing to the module][Development] - - [Contributing to the apache module][Contributing] - - [Running tests - A quick guide][Running tests] - -## Module description - -[Apache HTTP Server][] (also called Apache HTTPD, or simply Apache) is a widely used web server. This [Puppet module][] simplifies the task of creating configurations to manage Apache servers in your infrastructure. It can configure and manage a range of virtual host setups and provides a streamlined way to install and configure [Apache modules][]. - -## Setup - -**What the apache Puppet module affects:** - -- Configuration files and directories (created and written to) - - **WARNING**: Configurations *not* managed by Puppet will be purged. -- Package/service/configuration files for Apache -- Apache modules -- Virtual hosts -- Listened-to ports -- `/etc/make.conf` on FreeBSD and Gentoo - -On Gentoo, this module depends on the [`gentoo/puppet-portage`][] Puppet module. Note that while several options apply or enable certain features and settings for Gentoo, it is not a [supported operating system][] for this module. - -> **Note**: This module modifies Apache configuration files and directories and purges any configuration not managed by Puppet. Apache configuration should be managed by Puppet, as unmanaged configuration files can cause unexpected failures. - -To temporarily disable full Puppet management, set the [`purge_configs`][] parameter in the [`apache`][] class declaration to false. We recommend using this only as a temporary means of saving and relocating customized configurations. - -### Beginning with Apache - -To have Puppet install Apache with the default parameters, declare the [`apache`][] class: - -``` puppet -class { 'apache': } -``` - -The Puppet module applies a default configuration based on your operating system; Debian, Red Hat, FreeBSD, and Gentoo systems each have unique default configurations. These defaults work in testing environments but are not suggested for production, and Puppet recommends customizing the class's parameters to suit your site. Use the [Reference](#reference) section to find information about the class's parameters and their default values. - -You can customize parameters when declaring the `apache` class. For instance, this declaration installs Apache without the apache module's [default virtual host configuration][Configuring virtual hosts], allowing you to customize all Apache virtual hosts: - -``` puppet -class { 'apache': - default_vhost => false, -} -``` - -## Usage - -### Configuring virtual hosts - -The default [`apache`][] class sets up a virtual host on port 80, listening on all interfaces and serving the [`docroot`][] parameter's default directory of `/var/www`. - -> **Note**: See the [`apache::vhost`][] defined type's reference for a list of all virtual host parameters. - -To configure basic [name-based virtual hosts][], specify the [`port`][] and [`docroot`][] parameters in the [`apache::vhost`][] defined type: - -``` puppet -apache::vhost { 'vhost.example.com': - port => '80', - docroot => '/var/www/vhost', -} -``` - -> **Note**: Apache processes virtual hosts in alphabetical order, and server administrators can prioritize Apache's virtual host processing by prefixing a virtual host's configuration file name with a number. The [`apache::vhost`][] defined type applies a default [`priority`][] of 15, which Puppet interprets by prefixing the virtual host's file name with `15-`. This all means that if multiple sites have the same priority, or if you disable priority numbers by setting the `priority` parameter's value to false, Apache still processes virtual hosts in alphabetical order. - -To configure user and group ownership for `docroot`, use the [`docroot_owner`][] and [`docroot_group`][] parameters: - -``` puppet -apache::vhost { 'user.example.com': - port => '80', - docroot => '/var/www/user', - docroot_owner => 'www-data', - docroot_group => 'www-data', -} -``` - -#### Configuring virtual hosts with SSL - -To configure a virtual host to use [SSL encryption][] and default SSL certificates, set the [`ssl`][] parameter. You must also specify the [`port`][] parameter, typically with a value of '443', to accommodate HTTPS requests: - -``` puppet -apache::vhost { 'ssl.example.com': - port => '443', - docroot => '/var/www/ssl', - ssl => true, -} -``` - -To configure a virtual host to use SSL and specific SSL certificates, use the paths to the certificate and key in the [`ssl_cert`][] and [`ssl_key`][] parameters, respectively: - -``` puppet -apache::vhost { 'cert.example.com': - port => '443', - docroot => '/var/www/cert', - ssl => true, - ssl_cert => '/etc/ssl/fourth.example.com.cert', - ssl_key => '/etc/ssl/fourth.example.com.key', -} -``` - -To configure a mix of SSL and unencrypted virtual hosts at the same domain, declare them with separate [`apache::vhost`][] defined types: - -``` puppet -# The non-ssl virtual host -apache::vhost { 'mix.example.com non-ssl': - servername => 'mix.example.com', - port => '80', - docroot => '/var/www/mix', -} - -# The SSL virtual host at the same domain -apache::vhost { 'mix.example.com ssl': - servername => 'mix.example.com', - port => '443', - docroot => '/var/www/mix', - ssl => true, -} -``` - -To configure a virtual host to redirect unencrypted connections to SSL, declare them with separate [`apache::vhost`][] defined types and redirect unencrypted requests to the virtual host with SSL enabled: - -``` puppet -apache::vhost { 'redirect.example.com non-ssl': - servername => 'redirect.example.com', - port => '80', - docroot => '/var/www/redirect', - redirect_status => 'permanent', - redirect_dest => 'https://redirect.example.com/' -} - -apache::vhost { 'redirect.example.com ssl': - servername => 'redirect.example.com', - port => '443', - docroot => '/var/www/redirect', - ssl => true, -} -``` - -#### Configuring virtual host port and address bindings - -Virtual hosts listen on all IP addresses ('\*') by default. To configure the virtual host to listen on a specific IP address, use the [`ip`][] parameter: - -``` puppet -apache::vhost { 'ip.example.com': - ip => '127.0.0.1', - port => '80', - docroot => '/var/www/ip', -} -``` - -It is also possible to configure more than one IP address per virtual host by using an array of IP addresses for the [`ip`][] parameter: - -``` puppet -apache::vhost { 'ip.example.com': - ip => ['127.0.0.1','169.254.1.1'], - port => '80', - docroot => '/var/www/ip', -} -``` - -To configure a virtual host with [aliased servers][], refer to the aliases using the [`serveraliases`][] parameter: - -``` puppet -apache::vhost { 'aliases.example.com': - serveraliases => [ - 'aliases.example.org', - 'aliases.example.net', - ], - port => '80', - docroot => '/var/www/aliases', -} -``` - -To set up a virtual host with a wildcard alias for the subdomain mapped to a same-named directory, such as 'http://example.com.loc' mapped to `/var/www/example.com`, define the wildcard alias using the [`serveraliases`][] parameter and the document root with the [`virtual_docroot`][] parameter: - -``` puppet -apache::vhost { 'subdomain.loc': - vhost_name => '*', - port => '80', - virtual_docroot => '/var/www/%-2+', - docroot => '/var/www', - serveraliases => ['*.loc',], -} -``` - -To configure a virtual host with [filter rules][], pass the filter directives as an [array][] using the [`filters`][] parameter: - -``` puppet -apache::vhost { 'subdomain.loc': - port => '80', - filters => [ - 'FilterDeclare COMPRESS', - 'FilterProvider COMPRESS DEFLATE resp=Content-Type $text/html', - 'FilterChain COMPRESS', - 'FilterProtocol COMPRESS DEFLATE change=yes;byteranges=no', - ], - docroot => '/var/www/html', -} -``` - -#### Configuring virtual hosts for apps and processors - -To set up a virtual host with [suPHP][], use the [`suphp_engine`][] parameter to enable the suPHP engine, [`suphp_addhandler`][] parameter to define a MIME type, [`suphp_configpath`][] to set which path suPHP passes to the PHP interpreter, and the [`directory`][] parameter to configure Directory, File, and Location directive blocks: - -``` puppet -apache::vhost { 'suphp.example.com': - port => '80', - docroot => '/home/appuser/myphpapp', - suphp_addhandler => 'x-httpd-php', - suphp_engine => 'on', - suphp_configpath => '/etc/php5/apache2', - directories => [ - { 'path' => '/home/appuser/myphpapp', - 'suphp' => { - user => 'myappuser', - group => 'myappgroup', - }, - }, - ], -} -``` - -You can use a set of parameters to configure a virtual host to use the [Web Server Gateway Interface][] (WSGI) for [Python][] applications: - -``` puppet -apache::vhost { 'wsgi.example.com': - port => '80', - docroot => '/var/www/pythonapp', - wsgi_application_group => '%{GLOBAL}', - wsgi_daemon_process => 'wsgi', - wsgi_daemon_process_options => { - processes => '2', - threads => '15', - display-name => '%{GROUP}', - }, - wsgi_import_script => '/var/www/demo.wsgi', - wsgi_import_script_options => { - process-group => 'wsgi', - application-group => '%{GLOBAL}', - }, - wsgi_process_group => 'wsgi', - wsgi_script_aliases => { '/' => '/var/www/demo.wsgi' }, -} -``` - -Starting in Apache 2.2.16, Apache supports [FallbackResource][], a simple replacement for common RewriteRules. You can set a FallbackResource using the [`fallbackresource`][] parameter: - -``` puppet -apache::vhost { 'wordpress.example.com': - port => '80', - docroot => '/var/www/wordpress', - fallbackresource => '/index.php', -} -``` - -> **Note**: The `fallbackresource` parameter only supports the 'disabled' value since Apache 2.2.24. - -To configure a virtual host with a designated directory for [Common Gateway Interface][] (CGI) files, use the [`scriptalias`][] parameter to define the `cgi-bin` path: - -``` puppet -apache::vhost { 'cgi.example.com': - port => '80', - docroot => '/var/www/cgi', - scriptalias => '/usr/lib/cgi-bin', -} -``` - -To configure a virtual host for [Rack][], use the [`rack_base_uris`][] parameter: - -``` puppet -apache::vhost { 'rack.example.com': - port => '80', - docroot => '/var/www/rack', - rack_base_uris => ['/rackapp1', '/rackapp2'], -} -``` - -#### Configuring IP-based virtual hosts - -You can configure [IP-based virtual hosts][] to listen on any port and have them respond to requests on specific IP addresses. In this example, we set the server to listen on ports 80 and 81 because the example virtual hosts are _not_ declared with a [`port`][] parameter: - -``` puppet -apache::listen { '80': } - -apache::listen { '81': } -``` - -Then we configure the IP-based virtual hosts with the [`ip_based`][] parameter: - -``` puppet -apache::vhost { 'first.example.com': - ip => '10.0.0.10', - docroot => '/var/www/first', - ip_based => true, -} - -apache::vhost { 'second.example.com': - ip => '10.0.0.11', - docroot => '/var/www/second', - ip_based => true, -} -``` - -You can also configure a mix of IP- and [name-based virtual hosts][], and in any combination of [SSL][SSL encryption] and unencrypted configurations. First, we add two IP-based virtual hosts on an IP address (in this example, 10.0.0.10). One uses SSL and the other is unencrypted: - -``` puppet -apache::vhost { 'The first IP-based virtual host, non-ssl': - servername => 'first.example.com', - ip => '10.0.0.10', - port => '80', - ip_based => true, - docroot => '/var/www/first', -} - -apache::vhost { 'The first IP-based vhost, ssl': - servername => 'first.example.com', - ip => '10.0.0.10', - port => '443', - ip_based => true, - docroot => '/var/www/first-ssl', - ssl => true, -} -``` - -Next, we add two name-based virtual hosts listening on a second IP address (10.0.0.20): - -``` puppet -apache::vhost { 'second.example.com': - ip => '10.0.0.20', - port => '80', - docroot => '/var/www/second', -} - -apache::vhost { 'third.example.com': - ip => '10.0.0.20', - port => '80', - docroot => '/var/www/third', -} -``` - -To add name-based virtual hosts that answer on either 10.0.0.10 or 10.0.0.20, you **must** set the [`add_listen`][] parameter to false to disable the default Apache setting of `Listen 80`, as it conflicts with the preceding IP-based virtual hosts. - -``` puppet -apache::vhost { 'fourth.example.com': - port => '80', - docroot => '/var/www/fourth', - add_listen => false, -} - -apache::vhost { 'fifth.example.com': - port => '80', - docroot => '/var/www/fifth', - add_listen => false, -} -``` - -### Installing Apache modules - -There are two ways to install [Apache modules][] using the Puppet apache module: - -- Use the [`apache::mod::`][] classes to [install specific Apache modules with parameters][Installing specific modules]. -- Use the [`apache::mod`][] defined type to [install arbitrary Apache modules][Installing arbitrary modules]. - -#### Installing specific modules - -The Puppet apache module supports installing many common [Apache modules][], often with parameterized configuration options. For a list of supported Apache modules, see the [`apache::mod::`][] class references. - -For example, you can install the `mod_ssl` Apache module with default settings by declaring the [`apache::mod::ssl`][] class: - -``` puppet -class { 'apache::mod::ssl': } -``` - -[`apache::mod::ssl`][] has several parameterized options that you can set when declaring it. For instance, to enable `mod_ssl` with compression enabled, set the [`ssl_compression`][] parameter to true: - -``` puppet -class { 'apache::mod::ssl': - ssl_compression => true, -} -``` - -Note that some modules have prerequisites, which are documented in their references under [`apache::mod::`][]. - -#### Installing arbitrary modules - -You can pass the name of any module that your operating system's package manager can install to the [`apache::mod`][] defined type to install it. Unlike the specific-module classes, the [`apache::mod`][] defined type doesn't tailor the installation based on other installed modules or with specific parameters---Puppet only grabs and installs the module's package, leaving detailed configuration up to you. - -For example, to install the [`mod_authnz_external`][] Apache module, declare the defined type with the 'mod_authnz_external' name: - -``` puppet -apache::mod { 'mod_authnz_external': } -``` - -There are several optional parameters you can specify when defining Apache modules this way. See the [defined type's reference][`apache::mod`] for details. - -### Configuring FastCGI servers to handle PHP files - -Add the [`apache::fastcgi::server`][] defined type to allow [FastCGI][] servers to handle requests for specific files. For example, the following defines a FastCGI server at 127.0.0.1 (localhost) on port 9000 to handle PHP requests: - -``` puppet -apache::fastcgi::server { 'php': - host => '127.0.0.1:9000', - timeout => 15, - flush => false, - faux_path => '/var/www/php.fcgi', - fcgi_alias => '/php.fcgi', - file_type => 'application/x-httpd-php' -} -``` - -You can then use the [`custom_fragment`][] parameter to configure the virtual host to have the FastCGI server handle the specified file type: - -``` puppet -apache::vhost { 'www': - ... - custom_fragment => 'AddType application/x-httpd-php .php' - ... -} -``` - -### Load balancing examples - -Apache supports load balancing across groups of servers through the [`mod_proxy`][] Apache module. Puppet supports configuring Apache load balancing groups (also known as balancer clusters) through the [`apache::balancer`][] and [`apache::balancermember`][] defined types. - -To enable load balancing with [exported resources][], export the [`apache::balancermember`][] defined type from the load balancer member server: - -``` puppet -@@apache::balancermember { "${::fqdn}-puppet00": - balancer_cluster => 'puppet00', - url => "ajp://${::fqdn}:8009", - options => ['ping=5', 'disablereuse=on', 'retry=5', 'ttl=120'], -} -``` - -Then, on the proxy server, create the load balancing group: - -``` puppet -apache::balancer { 'puppet00': } -``` - -To enable load balancing without exporting resources, declare the following on the proxy server: - -``` puppet -apache::balancer { 'puppet00': } - -apache::balancermember { "${::fqdn}-puppet00": - balancer_cluster => 'puppet00', - url => "ajp://${::fqdn}:8009", - options => ['ping=5', 'disablereuse=on', 'retry=5', 'ttl=120'], -} -``` - -Then declare the `apache::balancer` and `apache::balancermember` defined types on the proxy server. - -If you need to use the [ProxySet](https://httpd.apache.org/docs/current/mod/mod_proxy.html#proxyset) directive on the balancer, use the [`proxy_set`](#proxy_set) parameter of `apache::balancer`: - -``` puppet -apache::balancer { 'puppet01': - proxy_set => { - 'stickysession' => 'JSESSIONID', - }, -} -``` - -## Reference - -- [**Public classes**](#public-classes) - - [Class: apache](#class-apache) - - [Class: apache::dev](#class-apachedev) - - [Classes: apache::mod::\*](#classes-apachemodname) -- [**Private classes**](#private-classes) - - [Class: apache::confd::no_accf](#class-apacheconfdno_accf) - - [Class: apache::default_confd_files](#class-apachedefault_confd_files) - - [Class: apache::default_mods](#class-apachedefault_mods) - - [Class: apache::package](#class-apachepackage) - - [Class: apache::params](#class-apacheparams) - - [Class: apache::service](#class-apacheservice) - - [Class: apache::version](#class-apacheversion) -- [**Public defined types**](#public-defined-types) - - [Defined type: apache::balancer](#defined-type-apachebalancer) - - [Defined type: apache::balancermember](#defined-type-apachebalancermember) - - [Defined type: apache::custom_config](#defined-type-apachecustom_config) - - [Defined type: apache::fastcgi::server](#defined-type-fastcgi-server) - - [Defined type: apache::listen](#defined-type-apachelisten) - - [Defined type: apache::mod](#defined-type-apachemod) - - [Defined type: apache::namevirtualhost](#defined-type-apachenamevirtualhost) - - [Defined type: apache::vhost](#defined-type-apachevhost) - - [Defined type: apache::vhost::custom](#defined-type-apachevhostcustom) -- [**Private defined types**](#private-defined-types) - - [Defined type: apache::default_mods::load](#defined-type-default_mods-load) - - [Defined type: apache::peruser::multiplexer](#defined-type-apacheperusermultiplexer) - - [Defined type: apache::peruser::processor](#defined-type-apacheperuserprocessor) - - [Defined type: apache::security::file_link](#defined-type-apachesecurityfile_link) -- [**Templates**](#templates) - -### Public Classes - -#### Class: `apache` - -Guides the basic setup and installation of Apache on your system. - -When this class is declared with the default options, Puppet: - -- Installs the appropriate Apache software package and [required Apache modules](#default_mods) for your operating system. -- Places the required configuration files in a directory, with the [default location](#conf_dir) determined by your operating system. -- Configures the server with a default virtual host and standard port ('80') and address ('\*') bindings. -- Creates a document root directory determined by your operating system, typically `/var/www`. -- Starts the Apache service. - -You can simply declare the default `apache` class: - -``` puppet -class { 'apache': } -``` - -You can establish a default virtual host in this class, by using the [`apache::vhost`][] defined type, or both. You can also configure additional specific virtual hosts with the [`apache::vhost`][] defined type. Puppet recommends customizing the `apache` class's declaration with the following parameters, as its default settings are not optimized for production. - -**Parameters within `apache`:** - -##### `allow_encoded_slashes` - -Sets the server default for the [`AllowEncodedSlashes`][] declaration, which modifies the responses to URLs containing '\' and '/' characters. Valid options: 'on', 'off', 'nodecode'. Default: undef, which omits the declaration from the server's configuration and uses Apache's default setting of 'off'. - -##### `apache_version` - -Configures module template behavior, package names, and default Apache modules by defining the version of Apache to use. Default: Determined by your operating system family and release via the [`apache::version`][] class. Puppet recommends against manually configuring this parameter without reason. - -##### `conf_dir` - -Sets the directory where the Apache server's main configuration file is located. Default: Depends on your operating system. - -- **Debian**: `/etc/apache2` -- **FreeBSD**: `/usr/local/etc/apache22` -- **Gentoo**: `/etc/apache2` -- **Red Hat**: `/etc/httpd/conf` - -##### `conf_template` - -Defines the [template][] used for the main Apache configuration file. Default: `apache/httpd.conf.erb`. Modifying this parameter is potentially risky, as the apache Puppet module is designed to use a minimal configuration file customized by `conf.d` entries. - -##### `confd_dir` - -Sets the location of the Apache server's custom configuration directory. Default: Depends on your operating system. - -- **Debian**: `/etc/apache2/conf.d` -- **FreeBSD**: `/usr/local/etc/apache22` -- **Gentoo**: `/etc/apache2/conf.d` -- **Red Hat**: `/etc/httpd/conf.d` - -##### `default_charset` - -Used as the [`AddDefaultCharset`][] directive in the main configuration file. Default: undef. - -##### `default_confd_files` - -Determines whether Puppet generates a default set of includable Apache configuration files in the directory defined by the [`confd_dir`][] parameter. These configuration files correspond to what is typically installed with the Apache package on the server's operating system. Valid options: Boolean. Default: true. - -##### `default_mods` - -Determines whether to configure and enable a set of default [Apache modules][] depending on your operating system. Valid options: true, false, or an array of Apache module names. Default: true. - -If this parameter's value is false, Puppet includes only the Apache modules required to make the HTTP daemon work on your operating system, and you can declare any other modules separately using the [`apache::mod::`][] class or [`apache::mod`][] defined type. - -If true, Puppet installs additional modules, the list of which depends on the operating system as well as the [`apache_version`][] and [`mpm_module`][] parameters' values. As these lists of modules can change frequently, consult the [Puppet module's code][] for up-to-date lists. - -If this parameter contains an array, Puppet instead enables all passed Apache modules. - -##### `default_ssl_ca` - -Sets the default certificate authority for the Apache server. Default: undef. - -While this default value results in a functioning Apache server, you **must** update this parameter with your certificate authority information before deploying this server in a production environment. - -##### `default_ssl_cert` - -Sets the [SSL encryption][] certificate location. Default: Determined by your operating system. - -- **Debian**: `/etc/ssl/certs/ssl-cert-snakeoil.pem` -- **FreeBSD**: `/usr/local/etc/apache22/server.crt` -- **Gentoo**: `/etc/ssl/apache2/server.crt` -- **Red Hat**: `/etc/pki/tls/certs/localhost.crt` - -While the default value results in a functioning Apache server, you **must** update this parameter with your certificate location before deploying this server in a production environment. - -##### `default_ssl_chain` - -Sets the default [SSL chain][] location. Default: undef. - -While this default value results in a functioning Apache server, you **must** update this parameter with your SSL chain before deploying this server in a production environment. - -##### `default_ssl_crl` - -Sets the path of the default [certificate revocation list][] (CRL) file to use. Default: undef. - -While this default value results in a functioning Apache server, you **must** update this parameter with your CRL file's path before deploying this server in a production environment. You can use this parameter with or in place of the [`default_ssl_crl_path`][]. - -##### `default_ssl_crl_path` - -Sets the server's [certificate revocation list path][], which contains your CRLs. Default: undef. - -While this default value results in a functioning Apache server, you **must** update this parameter with the CRL path before deploying this server in a production environment. - -##### `default_ssl_crl_check` - -Sets the default certificate revocation check level via the [`SSLCARevocationCheck`][] directive. Default: undef. - -While this default value results in a functioning Apache server, you **must** specify this parameter when using certificate revocation lists in a production environment. - -This parameter only applies to Apache 2.4 or higher and is ignored on older versions. - -##### `default_ssl_key` - -Sets the [SSL certificate key file][] location. Default: Determined by your operating system. - -- **Debian**: `/etc/ssl/private/ssl-cert-snakeoil.key` -- **FreeBSD**: `/usr/local/etc/apache22/server.key` -- **Gentoo**: `/etc/ssl/apache2/server.key` -- **Red Hat**: `/etc/pki/tls/private/localhost.key` - -While these default values result in a functioning Apache server, you **must** update this parameter with your SSL key's location before deploying this server in a production environment. - -##### `default_ssl_vhost` - -Configures a default [SSL][SSL encryption] virtual host. Valid options: Boolean. Default: false. - -If true, Puppet automatically configures the following virtual host using the [`apache::vhost`][] defined type: - -``` puppet -apache::vhost { 'default-ssl': - port => 443, - ssl => true, - docroot => $docroot, - scriptalias => $scriptalias, - serveradmin => $serveradmin, - access_log_file => "ssl_${access_log_file}", - } -``` - -> **Note**: SSL virtual hosts only respond to HTTPS queries. - -##### `default_type` - -_Apache 2.2 only_. Sets the [MIME `content-type`][] sent if the server cannot otherwise determine an appropriate `content-type`. This directive is deprecated in Apache 2.4 and newer and only exists for backwards compatibility in configuration files. Default: undef. - -##### `default_vhost` - -Configures a default virtual host when the class is declared. Valid options: Boolean. Default: true. - -To configure [customized virtual hosts][Configuring virtual hosts], set this parameter's value to false. - -##### `dev_packages` - -Configures a specific dev package to use. Valid options: A string or array of strings. Default: Depends on the operating system. - -- **Red Hat:** 'httpd-devel' -- **Debian 8/Ubuntu 13.10 or newer:** ['libaprutil1-dev', 'libapr1-dev', 'apache2-dev'] -- **Older Debian/Ubuntu versions:** ['libaprutil1-dev', 'libapr1-dev', 'apache2-prefork-dev'] -- **FreeBSD, Gentoo:** undef -- **Suse:** ['libapr-util1-devel', 'libapr1-devel'] - -Example for using httpd 2.4 from the IUS yum repo: - -``` puppet -include ::apache::dev -class { 'apache': - apache_name => 'httpd24u', - dev_packages => 'httpd24u-devel', -} -``` - -##### `docroot` - -Sets the default [`DocumentRoot`][] location. Default: Determined by your operating system. - -- **Debian**: `/var/www/html` -- **FreeBSD**: `/usr/local/www/apache22/data` -- **Gentoo**: `/var/www/localhost/htdocs` -- **Red Hat**: `/var/www/html` - -##### `error_documents` - -Determines whether to enable [custom error documents][] on the Apache server. Valid options: Boolean. Default: false. - -##### `group` - -Sets the group ID that owns any Apache processes spawned to answer requests. - -By default, Puppet attempts to manage this group as a resource under the `apache` class, determining the group based on the operating system as detected by the [`apache::params`][] class. To to prevent the group resource from being created and use a group created by another Puppet module, set the [`manage_group`][] parameter's value to false. - -> **Note**: Modifying this parameter only changes the group ID that Apache uses to spawn child processes to access resources. It does not change the user that owns the parent server process. - -##### `httpd_dir` - -Sets the Apache server's base configuration directory. This is useful for specially repackaged Apache server builds but might have unintended consequences when combined with the default distribution packages. Default: Determined by your operating system. - -- **Debian**: `/etc/apache2` -- **FreeBSD**: `/usr/local/etc/apache22` -- **Gentoo**: `/etc/apache2` -- **Red Hat**: `/etc/httpd` - -##### `keepalive` - -Determines whether to enable persistent HTTP connections with the [`KeepAlive`][] directive. Valid options: 'Off', 'On'. Default: 'Off'. - -If 'On', use the [`keepalive_timeout`][] and [`max_keepalive_requests`][] parameters to set relevant options. - -##### `keepalive_timeout` - -Sets the [`KeepAliveTimeout`] directive, which determines the amount of time the Apache server waits for subsequent requests on a persistent HTTP connection. Default: '15'. - -This parameter is only relevant if the [`keepalive` parameter][] is enabled. - -##### `max_keepalive_requests` - -Limits the number of requests allowed per connection when the [`keepalive` parameter][] is enabled. Default: '100'. - -##### `lib_path` - -Specifies the location where [Apache module][Apache modules] files are stored. Default: Depends on the operating system. - -- **Debian** and **Gentoo**: `/usr/lib/apache2/modules` -- **FreeBSD**: `/usr/local/libexec/apache24` -- **Red Hat**: `modules` - -> **Note**: Do not configure this parameter manually without special reason. - -##### `loadfile_name` - -Sets the [`LoadFile`] directive's filename. Valid options: Filenames in the format `\*.load`. - -This can be used to set the module load order. - -##### `log_level` - -Changes the error log's verbosity. Valid options: 'alert', 'crit', 'debug', 'emerg', 'error', 'info', 'notice', 'warn'. Default: 'warn'. - -##### `log_formats` - -Define additional [`LogFormat`][] directives. Valid options: A [hash][], such as: - -``` puppet -$log_formats = { vhost_common => '%v %h %l %u %t \"%r\" %>s %b' } -``` - -There are a number of predefined `LogFormats` in the `httpd.conf` that Puppet creates: - -``` httpd -LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined -LogFormat "%h %l %u %t \"%r\" %>s %b" common -LogFormat "%{Referer}i -> %U" referer -LogFormat "%{User-agent}i" agent -LogFormat "%{X-Forwarded-For}i %l %u %t \"%r\" %s %b \"%{Referer}i\" \"%{User-agent}i\"" forwarded -``` - -If your `log_formats` parameter contains one of those, it will be overwritten with **your** definition. - -##### `logroot` - -Changes the directory of Apache log files for the virtual host. Default: Determined by your operating system. - -- **Debian**: `/var/log/apache2` -- **FreeBSD**: `/var/log/apache22` -- **Gentoo**: `/var/log/apache2` -- **Red Hat**: `/var/log/httpd` - -##### `logroot_mode` - -Overrides the default [`logroot`][] directory's mode. Default: undef. - -> **Note**: Do _not_ grant write access to the directory where the logs are stored without being aware of the consequences. See the [Apache documentation][Log security] for details. - -##### `manage_group` - -When false, stops Puppet from creating the group resource. Valid options: Boolean. Default: true. - -If you have a group created from another Puppet module that you want to use to run Apache, set this to false. Without this parameter, attempting to use a previously established group results in a duplicate resource error. - -##### `manage_user` - -When false, stops Puppet from creating the user resource. Valid options: Boolean. Default: true. - -This is for instances when you have a user, created from another Puppet module, you want to use to run Apache. Without this parameter, attempting to use a previously established user would result in a duplicate resource error. - -##### `mod_dir` - -Sets where Puppet places configuration files for your [Apache modules][]. Default: Determined by your operating system. - -- **Debian**: `/etc/apache2/mods-available` -- **FreeBSD**: `/usr/local/etc/apache22/Modules` -- **Gentoo**: `/etc/apache2/modules.d` -- **Red Hat**: `/etc/httpd/conf.d` - -##### `mpm_module` - -Determines which [multi-processing module][] (MPM) is loaded and configured for the HTTPD process. Valid options: 'event', 'itk', 'peruser', 'prefork', 'worker', or false. Default: Determined by your operating system. - -- **Debian**: 'worker' -- **FreeBSD, Gentoo, and Red Hat**: 'prefork' - -You must set this to false to explicitly declare the following classes with custom parameters: - -- [`apache::mod::event`][] -- [`apache::mod::itk`][] -- [`apache::mod::peruser`][] -- [`apache::mod::prefork`][] -- [`apache::mod::worker`][] - -> **Note**: Switching between different MPMs on FreeBSD is possible but quite difficult. Before changing `mpm_module`, you must uninstall all packages that depend on your installed Apache server. - -##### `package_ensure` - -Controls the `package` resource's [`ensure`][] attribute. Valid options: 'absent', 'installed' (or the equivalent 'present'), or a version string. Default: 'installed'. - -##### `pidfile` - -Allows settting a custom location for the pid file - useful if using a custom built Apache rpm. Default: Depends on operating system. - -- **Debian:** '\${APACHE_PID_FILE}' -- **FreeBSD:** '/var/run/httpd.pid' -- **Red Hat:** 'run/httpd.pid' - -##### `ports_file` - -Sets the path to the file containing Apache ports configuration. Default: '{$conf_dir}/ports.conf'. - -##### `purge_configs` - -Removes all other Apache configs and virtual hosts. Valid options: Boolean. Default: true. - -Setting this to false is a stopgap measure to allow the apache Puppet module to coexist with existing or unmanaged configurations. We recommend moving your configuration to resources within this module. For virtual host configurations, see [`purge_vhost_dir`][]. - -##### `purge_vhost_dir` - -If the [`vhost_dir`][] parameter's value differs from the [`confd_dir`][] parameter's, the Boolean parameter `purge_vhost_dir` determines whether Puppet removes any configurations inside `vhost_dir` _not_ managed by Puppet. Valid options: Boolean. Default: same as [`purge_configs`][]. - -Setting `purge_vhost_dir` to false is a stopgap measure to allow the apache Puppet module to coexist with existing or otherwise unmanaged configurations within `vhost_dir`. - -##### `rewrite_lock` - -Allows setting a custom location for a rewrite lock - considered best practice if using a RewriteMap of type prg in the [`rewrites`][] parameter of your virtual host. Default: undef. - -This parameter only applies to Apache version 2.2 or lower and is ignored on newer versions. - -##### `sendfile` - -Forces Apache to use the Linux kernel's `sendfile` support to serve static files, via the [`EnableSendfile`][] directive. Valid options: 'On', 'Off'. Default: 'On'. - -##### `serveradmin` - -Sets the Apache server administrator's contact information via Apache's [`ServerAdmin`][] directive. Default: 'root@localhost'. - -##### `servername` - -Sets the Apache server name via Apache's [`ServerName`][] directive. Default: the 'fqdn' fact reported by [Facter][]. - -Setting to false will not set ServerName at all. - -##### `server_root` - -Sets the Apache server's root directory via Apache's [`ServerRoot`][] directive. Default: determined by your operating system. - -- **Debian**: `/etc/apache2` -- **FreeBSD**: `/usr/local` -- **Gentoo**: `/var/www` -- **Red Hat**: `/etc/httpd` - -##### `server_signature` - -Configures a trailing footer line to display at the bottom of server-generated documents, such as error documents and output of certain [Apache modules][], via Apache's [`ServerSignature`][] directive. Valid options: 'Off', 'On'. Default: 'On'. - -##### `server_tokens` - -Controls how much information Apache sends to the browser about itself and the operating system, via Apache's [`ServerTokens`][] directive. Default: 'OS'. - -##### `service_enable` - -Determines whether Puppet enables the Apache HTTPD service when the system is booted. Valid options: Boolean. Default: true. - -##### `service_ensure` - -Determines whether Puppet should make sure the service is running. Valid options: 'true' (equivalent to 'running'), 'false' (equivalent to 'stopped'). Default: 'running'. - -The 'false' or 'stopped' values set the 'httpd' service resource's `ensure` parameter to 'false', which is useful when you want to let the service be managed by another application, such as Pacemaker. - -##### `service_name` - -Sets the name of the Apache service. Default: determined by your operating system. - -- **Debian and Gentoo**: 'apache2' -- **FreeBSD**: 'apache22' -- **Red Hat**: 'httpd' - -##### `service_manage` - -Determines whether Puppet manages the HTTPD service's state. Valid options: Boolean. Default: true. - -##### `service_restart` - -Determines whether Puppet should use a specific command to restart the HTTPD service. Valid options: a command to restart the Apache service. Default: undef, which uses the [default Puppet behavior][Service attribute restart]. - -##### `timeout` - -Sets Apache's [`TimeOut`][] directive, which defines the number of seconds Apache waits for certain events before failing a request. Default: 120. - -##### `trace_enable` - -Controls how Apache handles `TRACE` requests (per [RFC 2616][]) via the [`TraceEnable`][] directive. Valid options: 'Off', 'On'. Default: 'On'. - -##### `use_systemd` - -Controls whether the systemd module should be installed on Centos 7 servers, this is especially useful if using custom-built RPMs. Valid options: Boolean. Default: true. - -##### `file_mode` - -Sets the desired permissions mode for config files, in symbolic or numeric notation. Valid options: A string. Default: '0644'. - -##### `root_directory_options` - -Array of the desired options for the / directory in httpd.conf. Defaults to 'FollowSymLinks'. - -##### `vhost_dir` - -Changes your virtual host configuration files' location. Default: determined by your operating system. - -- **Debian**: `/etc/apache2/sites-available` -- **FreeBSD**: `/usr/local/etc/apache22/Vhosts` -- **Gentoo**: `/etc/apache2/vhosts.d` -- **Red Hat**: `/etc/httpd/conf.d` - -##### `vhost_include_pattern` - -Defines the pattern for files included from the `vhost_dir`. Default: '*', also for BC with previous versions of this module. - -However, you might want to set this to a value like '[^.#]\*.conf[^~]' to make sure files accidentally created in this directory (such as files created by version control systems or editor backups) are *not* included in your server configuration. - -Some operating systems ship with a value of '*.conf'. Also note that this module will, by default, create configuration files ending in '.conf'. - -##### `user` - -Changes the user Apache uses to answer requests. Apache's parent process will continue to be run as root, but child processes will access resources as the user defined by this parameter. - -Default: Puppet sets the default value via the [`apache::params`][] class, which manages the user based on your operating system: - -- **Debian**: 'www-data' -- **FreeBSD**: 'www' -- **Gentoo** and **Red Hat**: 'apache' - -To prevent Puppet from managing the user, set the [`manage_user`][] parameter to false. - -##### `apache_name` - -The name of the Apache package to install. Default: Puppet sets the default value via the [`apache::params`][] class, which manages the user based on your operating system: - -The default value is determined by your operating system: - -- **Debian**: 'apache2' -- **FreeBSD**: 'apache24' -- **Gentoo**: 'www-servers/apache' -- **Red Hat**: 'httpd' - -You might need to override this if you are using a non-standard Apache package, such as those from Red Hat's software collections. - -#### Class: `apache::dev` - -Installs Apache development libraries. By default, the package name is defined by the [`dev_packages`][] parameter of the [`apache::params`][] class based on your operating system: - -The default value is determined by your operating system: - -- **Debian** : 'libaprutil1-dev', 'libapr1-dev'; 'apache2-dev' on Ubuntu 13.10 and Debian 8; 'apache2-prefork-dev' on other versions -- **FreeBSD**: 'undef'; see note below -- **Gentoo**: 'undef' -- **Red Hat**: 'httpd-devel' - -> **Note**: On FreeBSD, you must declare the `apache::package` or `apache` classes before declaring `apache::dev`. - -#### Classes: `apache::mod::` - -Enables specific [Apache modules][]. You can enable and configure an Apache module by declaring its class. For example, to install and enable [`mod_alias`][] with no icons, you can declare the [`apache::mod::alias`][] class with the `icons_options` parameter set to 'None': - -``` puppet -class { 'apache::mod::alias': - icons_options => 'None', -} -``` - -The following Apache modules have supported classes, many of which allow for parameterized configuration. You can install other Apache modules with the [`apache::mod`][] defined type. - -* `actions` -* `alias` (see [`apache::mod::alias`][]) -* `auth_basic` -* `auth_cas`\* (see [`apache::mod::auth_cas`][]) -* `auth_mellon`\* (see [`apache::mod::auth_mellon`][]) -* `auth_kerb` -* `authn_core` -* `authn_file` -* `authnz_ldap`\* -* `authz_default` -* `authz_user` -* `autoindex` -* `cache` -* `cgi` -* `cgid` -* `dav` -* `dav_fs` -* `dav_svn`\* -* `deflate\` -* `dev` -* `dir`\* -* `disk_cache` (see [`apache::mod::disk_cache`][]) -* `event` (see [`apache::mod::event`][]) -* `expires` -* `ext_filter` (see [`apache::mod::ext_filter`][]) -* `fastcgi` -* `fcgid` -* `filter` -* `geoip` (see [`apache::mod::geoip`][]) -* `headers` -* `include` -* `info`\* -* `itk` -* `ldap` -* `mime` -* `mime_magic`\* -* `negotiation` -* `nss`\* -* `pagespeed` (see [`apache::mod::pagespeed`][]) -* `passenger`\* (see [`apache::mod::passenger`][]) -* `perl` -* `peruser` -* `php` (requires [`mpm_module`][] set to `prefork`) -* `prefork`\* -* `proxy`\* -* `proxy_ajp` -* `proxy_balancer` -* `proxy_html` (see [`apache::mod::proxy_html`][]) -* `proxy_http` -* `python` -* `reqtimeout` -* `remoteip`\* -* `rewrite` -* `rpaf`\* -* `setenvif` -* `security` -* `shib`\* (see [`apache::mod::shib`]) -* `speling` -* `ssl`\* (see [`apache::mod::ssl`][]) -* `status`\* (see [`apache::mod::status`][]) -* `suphp` -* `userdir`\* -* `version` -* `vhost_alias` -* `worker`\* -* `wsgi` (see [`apache::mod::wsgi`][]) -* `xsendfile` - -Modules noted with a * indicate that the module has settings and a template that includes parameters to configure the module. Most Apache module class parameters have default values and don't require configuration. For modules with templates, Puppet installs template files with the module; these template files are required for the module to work. - -##### Class: `apache::mod::alias` - -Installs and manages [`mod_alias`][]. - -**Parameters within `apache::mod::alias`**: - -* `icons_options`: Disables directory listings for the icons directory, via Apache [`Options`] directive. Default: 'Indexes MultiViews'. -* `icons_path`: Sets the local path for an `/icons/` Alias. Default: depends on your operating system. - -- **Debian**: `/usr/share/apache2/icons` -- **FreeBSD**: `/usr/local/www/apache24/icons` -- **Gentoo**: `/var/www/icons` -- **Red Hat**: `/var/www/icons`, except on Apache 2.4, where it's `/usr/share/httpd/icons` - -#### Class: `apache::mod::disk_cache` - -Installs and configures [`mod_disk_cache`][] on Apache 2.2, or [`mod_cache_disk`][] on Apache 2.4. The default cache root depends on the Apache version and operating system: - -- **Debian**: `/var/cache/apache2/mod_cache_disk` -- **FreeBSD**: `/var/cache/mod_cache_disk` -- **Red Hat, Apache 2.4**: `/var/cache/httpd/proxy` -- **Red Hat, Apache 2.2**: `/var/cache/mod_proxy` - -You can specify the cache root by passing a path as a string to the `cache_root` parameter. - -``` puppet -class {'::apache::mod::disk_cache': - cache_root => '/path/to/cache', -} -``` - -##### Class: `apache::mod::event` - -Installs and manages [`mod_mpm_event`][]. You can't include both `apache::mod::event` and [`apache::mod::itk`][], [`apache::mod::peruser`][], [`apache::mod::prefork`][], or [`apache::mod::worker`][] on the same server. - -**Parameters within `apache::mod::event`**: - -- `listenbacklog`: Sets the maximum length of the pending connections queue via the module's [`ListenBackLog`][] directive. Default: '511'. -- `maxclients` (_Apache 2.3.12 or older_: `maxrequestworkers`): Sets the maximum number of connections Apache can simultaneously process, via the module's [`MaxRequestWorkers`][] directive. Default: '150'. -- `maxconnectionsperchild` (_Apache 2.3.8 or older_: `maxrequestsperchild`): Limits the number of connections a child server handles during its life, via the module's [`MaxConnectionsPerChild`][] directive. Default: '0'. -- `maxsparethreads` and `minsparethreads`: Sets the maximum and minimum number of idle threads, via the [`MaxSpareThreads`][] and [`MinSpareThreads`][] directives. Default: '75' and '25', respectively. -- `serverlimit`: Limits the configurable number of processes via the [`ServerLimit`][] directive. Default: '25'. -- `startservers`: Sets the number of child server processes created at startup, via the module's [`StartServers`][] directive. Default: '2'. -- `threadlimit`: Limits the number of event threads via the module's [`ThreadLimit`][] directive. Default: '64'. -- `threadsperchild`: Sets the number of threads created by each child process, via the [`ThreadsPerChild`][] directive. Default: '25'. - -##### Class: `apache::mod::auth_cas` - -Installs and manages [`mod_auth_cas`][]. Its parameters share names with the Apache module's directives. - -The `cas_login_url` and `cas_validate_url` parameters are required; several other parameters have 'undef' default values. - -**Note**: The auth\_cas module isn't available on RH/CentOS without providing dependency packages provided by EPEL. See [https://github.com/Jasig/mod_auth_cas]() - -**Parameters within `apache::mod::auth_cas`**: - -- `cas_authoritative`: Determines whether an optional authorization directive is authoritative and binding. Default: undef. -- `cas_certificate_path`: Sets the path to the X509 certificate of the Certificate Authority for the server in `cas_login_url` and `cas_validate_url`. Default: undef. -- `cas_cache_clean_interval`: Sets the minimum number of seconds that must pass between cache cleanings. Default: undef. -- `cas_cookie_domain`: Sets the value of the `Domain=` parameter in the `Set-Cookie` HTTP header. Default: undef. -- `cas_cookie_entropy`: Sets the number of bytes to use when creating session identifiers. Default: undef. -- `cas_cookie_http_only`: Sets the optional `HttpOnly` flag when `mod_auth_cas` issues cookies. Default: undef. -- `cas_debug`: Determines whether to enable the module's debugging mode. Default: 'Off'. -- `cas_idle_timeout`: Default: undef. -- `cas_login_url`: **Required**. Sets the URL to which the module redirects users when they attempt to access a CAS-protected resource and don't have an active session. -- `cas_root_proxied_as`: Sets the URL end users see when access to this Apache server is proxied. Default: undef. -- `cas_timeout`: Limits the number of seconds a `mod_auth_cas` session can remain active. Default: undef. -- `cas_validate_depth`: Limits the depth for chained certificate validation. Default: undef. -- `cas_validate_url`: **Required**. Sets the URL to use when validating a client-presented ticket in an HTTP query string. -- `cas_version`: The CAS protocol version to adhere to. Valid options: '1', '2'. Default: '2'. - -##### Class: `apache::mod::auth_mellon` - -Installs and manages [`mod_auth_mellon`][]. Its parameters share names with the Apache module's directives. - -``` puppet -class{ 'apache::mod::auth_mellon': - mellon_cache_size => 101, -} -``` - -**Parameters within `apache::mod::auth_mellon`**: - -- `mellon_cache_entry_size`: Maximum size for a single session. Default: undef. -- `mellon_cache_size`: Size in megabytes of the mellon cache. Default: 100. -- `mellon_lock_file`: Location of lock file. Default: '`/run/mod_auth_mellon/lock`'. -- `mellon_post_directory`: Full path where post requests are saved. Default: '`/var/cache/apache2/mod_auth_mellon/`' -- `mellon_post_ttl`: Time to keep post requests. Default: undef. -- `mellon_post_size`: Maximum size of post requests. Default: undef. -- `mellon_post_count`: Maximum number of post requests. Default: undef. - -##### Class: `apache::mod::deflate` - -Installs and configures [`mod_deflate`][]. - -**Parameters within `apache::mod::deflate`**: - -- `types`: An [array][] of [MIME types][MIME `content-type`] to be deflated. Default: [ 'text/html text/plain text/xml', 'text/css', 'application/x-javascript application/javascript application/ecmascript', 'application/rss+xml', 'application/json' ]. -- `notes`: A [Hash][] where the key represents the type and the value represents the note name. Default: { 'Input' => 'instream', 'Output' => 'outstream', 'Ratio' => 'ratio' } - -##### Class: `apache::mod::expires` - -Installs [`mod_expires`][] and uses the `expires.conf.erb` template to generate its configuration. - -**Parameters within `apache::mod::expires`**: - -- `expires_active`: Enables generation of `Expires` headers for a document realm. Valid options: Boolean. Default: true. -- `expires_default`: Default algorithm for calculating expiration time using [`ExpiresByType`][] syntax or [interval syntax][]. Default: undef. -- `expires_by_type`: Describes a set of [MIME `content-type`][] and their expiration times. Valid options: An [array][] of [Hashes][Hash], with each Hash's key a valid MIME `content-type` (i.e. 'text/json') and its value following valid [interval syntax][]. Default: undef. - -##### Class: `apache::mod::ext_filter` - -Installs and configures [`mod_ext_filter`][]. - -``` puppet -class { 'apache::mod::ext_filter': - ext_filter_define => { - 'slowdown' => 'mode=output cmd=/bin/cat preservescontentlength', - 'puppetdb-strip' => 'mode=output outtype=application/json cmd="pdb-resource-filter"', - }, -} -``` - -**Parameters within `apache::mod::ext_filter`**: - -- `ext_filter_define`: A hash of filter names and their parameters. Default: undef. - -##### Class: `apache::mod::fcgid` - -Installs and configures [`mod_fcgid`][]. - -The class makes no effort to individually parameterize all available options. Instead, configure `mod_fcgid` using the `options` [hash][]. For example: - -``` puppet -class { 'apache::mod::fcgid': - options => { - 'FcgidIPCDir' => '/var/run/fcgidsock', - 'SharememPath' => '/var/run/fcgid_shm', - 'AddHandler' => 'fcgid-script .fcgi', - }, -} -``` - -For a full list of options, see the [official `mod_fcgid` documentation][`mod_fcgid`]. - -If you include `apache::mod::fcgid`, you can set the [`FcgidWrapper`][] per directory, per virtual host. The module must be loaded first; Puppet will not automatically enable it if you set the `fcgiwrapper` parameter in `apache::vhost`. - -``` puppet -include apache::mod::fcgid - -apache::vhost { 'example.org': - docroot => '/var/www/html', - directories => { - path => '/var/www/html', - fcgiwrapper => { - command => '/usr/local/bin/fcgiwrapper', - } - }, -} -``` - -##### Class: `apache::mod::geoip` - -Installs and manages [`mod_geoip`][]. - -**Parameters within `apache::mod::geoip`**: - -- `db_file`: Sets the path to your GeoIP database file. Valid options: a path, or an [array][] paths for multiple GeoIP database files. Default: `/usr/share/GeoIP/GeoIP.dat`. -- `enable`: Determines whether to globally enable [`mod_geoip`][]. Valid options: Boolean. Default: false. -- `flag`: Sets the GeoIP flag. Valid options: 'CheckCache', 'IndexCache', 'MemoryCache', 'Standard'. Default: 'Standard'. -- `output`: Defines which output variables to use. Valid options: 'All', 'Env', 'Request', 'Notes'. Default: 'All'. -- `enable_utf8`: Changes the output from ISO-8859-1 (Latin-1) to UTF-8. Valid options: Boolean. Default: undef. -- `scan_proxy_headers`: Enables the [GeoIPScanProxyHeaders][] option. Valid options: Boolean. Default: undef. -- `scan_proxy_header_field`: Specifies which header [`mod_geoip`][] should look at to determine the client's IP address. Default: undef. -- `use_last_xforwarededfor_ip` (sic): Determines whether to use the first or last IP address for the client's IP if a comma-separated list of IP addresses is found. Valid options: Boolean. Default: undef. - -##### Class: `apache::mod::info` - -Installs and manages [`mod_info`][], which provides a comprehensive overview of the server configuration. - -**Parameters within `apache::mod::info`**: - -- `allow_from`: Whitelist of IPv4 or IPv6 addresses or ranges that can access `/server-info`. Valid options: One or more octets of an IPv4 address, an IPv6 address or range, or an array of either. Default: ['127.0.0.1','::1']. -- `apache_version`: Apache's version number as a string, such as '2.2' or '2.4'. Default: the value of [`$::apache::apache_version`][`apache_version`]. -- `restrict_access`: Determines whether to enable access restrictions. If false, the `allow_from` whitelist is ignored and any IP address can access `/server-info`. Valid options: Boolean. Default: true. - -##### Class: `apache::mod::passenger` - -Installs and manages [`mod_passenger`][]. For RedHat based systems, please ensure that you meet the minimum requirements as described in the [passenger docs](https://www.phusionpassenger.com/library/install/apache/install/oss/el6/#step-1:-upgrade-your-kernel,-or-disable-selinux) - -**Parameters within `apache::mod::passenger`**: - -- `passenger_high_performance` Sets the [`PassengerHighPerformance`](https://www.phusionpassenger.com/library/config/apache/reference/#passengerhighperformance). Valid options: 'on', 'off'. Default: undef. -- `passenger_pool_idle_time` Sets the [`PassengerPoolIdleTime`](https://www.phusionpassenger.com/library/config/apache/reference/#passengerpoolidletime). Default: undef. -- `passenger_max_pool_size` Sets the [`PassengerMaxPoolSize`](https://www.phusionpassenger.com/library/config/apache/reference/#passengermaxpoolsize). Default: undef. -- `passenger_max_request_queue_size` Sets the [`PassengerMaxRequestQueueSize`](https://www.phusionpassenger.com/library/config/apache/reference/#passengermaxrequestqueuesize). Default: undef. -- `passenger_max_requests` Sets the [`PassengerMaxRequests`](https://www.phusionpassenger.com/library/config/apache/reference/#passengermaxrequests). Default: undef. - -##### Class: `apache::mod::ldap` - -Installs and configures [`mod_ldap`][], and allows you to modify the -[`LDAPTrustedGlobalCert`](https://httpd.apache.org/docs/current/mod/mod_ldap.html#ldaptrustedglobalcert) Directive: - -``` puppet -class { 'apache::mod::ldap': - ldap_trusted_global_cert_file => '/etc/pki/tls/certs/ldap-trust.crt', - ldap_trusted_global_cert_type => 'CA_DER', - ldap_shared_cache_size => '500000', - ldap_cache_entries => '1024', - ldap_cache_ttl => '600', - ldap_opcache_entries => '1024', - ldap_opcache_ttl => '600', -} -``` - -**Parameters within `apache::mod::ldap`:** - -- `ldap_trusted_global_cert_file`: Path and file name of the trusted CA certificates to use when establishing SSL or TLS connections to an LDAP server. -- `ldap_trusted_global_cert_type`: The global trust certificate format. Default: 'CA_BASE64'. -- `ldap_shared_cache_size`: Size in bytes of the shared-memory cache. -- `ldap_cache_entries`: Maximum number of entries in the primary LDAP cache. -- `ldap_cache_ttl`: Time that cached items remain valid. -- `ldap_opcache_entries`: Number of entries used to cache LDAP compare operations. -- `ldap_opcache_ttl`: Time that entries in the operation cache remain valid. - -##### Class: `apache::mod::negotiation` - -Installs and configures [`mod_negotiation`][]. - -**Parameters within `apache::mod::negotiation`:** - -- `force_language_priority`: Sets the `ForceLanguagePriority` option. Valid option: String. Default: `Prefer Fallback`. -- `language_priority`: An [array][] of languages to set the `LanguagePriority` option of the module. Default: [ 'en', 'ca', 'cs', 'da', 'de', 'el', 'eo', 'es', 'et', 'fr', 'he', 'hr', 'it', 'ja', 'ko', 'ltz', 'nl', 'nn', 'no', 'pl', 'pt', 'pt-BR', 'ru', 'sv', 'zh-CN', 'zh-TW' ] - -##### Class: `apache::mod::pagespeed` - -Installs and manages [`mod_pagespeed`][], a Google module that rewrites web pages to reduce latency and bandwidth. - -While this Apache module requires the `mod-pagespeed-stable` package, Puppet **doesn't** manage the software repositories required to automatically install the package. If you declare this class when the package is either not installed or not available to your package manager, your Puppet run will fail. - -**Parameters within `apache::mod::pagespeed`**: - -- `inherit_vhost_config`: Default: 'on'. -- `filter_xhtml`: Default: false. -- `cache_path`: Default: '/var/cache/mod\_pagespeed/'. -- `log_dir`: Default: '/var/log/pagespeed'. -- `memcache_servers`: Default: []. -- `rewrite_level`: Default: 'CoreFilters'. -- `disable_filters`: Default: []. -- `enable_filters`: Default: []. -- `forbid_filters`: Default: []. -- `rewrite_deadline_per_flush_ms`: Default: 10. -- `additional_domains`: Default: undef. -- `file_cache_size_kb`: Default: 102400. -- `file_cache_clean_interval_ms`: Default: 3600000. -- `lru_cache_per_process`: Default: 1024. -- `lru_cache_byte_limit`: Default: 16384. -- `css_flatten_max_bytes`: Default: 2048. -- `css_inline_max_bytes`: Default: 2048. -- `css_image_inline_max_bytes`: Default: 2048. -- `image_inline_max_bytes`: Default: 2048. -- `js_inline_max_bytes`: Default: 2048. -- `css_outline_min_bytes`: Default: 3000. -- `js_outline_min_bytes`: Default: 3000. -- `inode_limit`: Default: 500000. -- `image_max_rewrites_at_once`: Default: 8. -- `num_rewrite_threads`: Default: 4. -- `num_expensive_rewrite_threads`: Default: 4. -- `collect_statistics`: Default: 'on'. -- `statistics_logging`: Default: 'on'. -- `allow_view_stats`: Default: []. -- `allow_pagespeed_console`: Default: []. -- `allow_pagespeed_message`: Default: []. -- `message_buffer_size`: Default: 100000. -- `additional_configuration`: A hash of directive-value pairs or an array of lines to insert at the end of the pagespeed configuration. Default: '{ }'. - -The class's parameters correspond to the module's directives. See the [module's documentation][`mod_pagespeed`] for details. - -##### Class: `apache::mod::passenger` - -Installs and configures mod\_passenger - -**Parameters within `apache::mod::passenger`**: - -- `manage_repo`: Manage phusionpassenger.com repository. Default: true. - -TODO: The parameters section is incomplete. - -**Note**: The passenger module isn't available on RH/CentOS without providing dependency packages provided by EPEL and mod\_passengers own custom repository. See the `manage_repo` parameter above and [https://www.phusionpassenger.com/library/install/apache/install/oss/el7/]() - -##### Class: `apache::mod::php` - -Installs and configures [`mod_php`][]. - -**Parameters within `apache::mod::php`**: - -Default values depend on your operating system. - -> **Note**: This list is incomplete. Most of this class's parameters correspond to `mod_php` directives; see the [module's documentation][`mod_php`] for details. - -- `package_name`: Names the package that installs `mod_php`. -- `path`: Defines the path to the `mod_php` shared object (`.so`) file. -- `source`: Defines the path to the default configuration. Valid options include a `puppet:///` path. -- `template`: Defines the path to the `php.conf` template Puppet uses to generate the configuration file. -- `content`: Adds arbitrary content to `php.conf`. - -##### Class: `apache::mod::proxy_html` - -**Note**: There is no official package available for mod\_proxy\_html and thus it must be made available by means outside of the control of the apache module. - -##### Class: `apache::mod::reqtimeout` - -Installs and configures [`mod_reqtimeout`][]. - -**Parameters within `apache::mod::reqtimeout`**: - -- `timeouts`: A string or [array][] that sets the [`RequestReadTimeout`][] option. Default: ['header=20-40,MinRate=500', 'body=20,MinRate=500']. - -##### Class: `apache::mod::shib` - -Installs the [Shibboleth](http://shibboleth.net/) Apache module `mod_shib`, which enables SAML2 single sign-on (SSO) authentication by Shibboleth Identity Providers and Shibboleth Federations. This class only installs and configures the Apache components of a web application that consumes Shibboleth SSO identities, also known as a Shibboleth Service Provider. You can manage the Shibboleth configuration manually, with Puppet, or using a [Shibboleth Puppet Module](https://github.com/aethylred/puppet-shibboleth). - -Defining this class enables Shibboleth-specific parameters in `apache::vhost` instances. - -**Note**: The shibboleth module isn't available on RH/CentOS without providing dependency packages provided by Shibboleth's repositories. See [http://wiki.aaf.edu.au/tech-info/sp-install-guide]() - -##### Class: `apache::mod::ssl` - -Installs [Apache SSL features][`mod_ssl`] and uses the `ssl.conf.erb` template to generate its configuration. - -**Parameters within `apache::mod::ssl`**: - -- `ssl_cipher`: Default: 'HIGH:MEDIUM:!aNULL:!MD5:!RC4'. -- `ssl_compression`: Default: false. -- `ssl_cryptodevice`: Default: 'builtin'. -- `ssl_honorcipherorder`: Default: 'On'. -- `ssl_openssl_conf_cmd`: Default: undef. -- `ssl_options`: Default: [ 'StdEnvVars' ] -- `ssl_pass_phrase_dialog`: Default: 'builtin'. -- `ssl_protocol`: Default: [ 'all', '-SSLv2', '-SSLv3' ]. -- `ssl_random_seed_bytes`: Valid options: A string. Default: '512'. -- `ssl_sessioncachetimeout`: Valid options: A string. Default: '300'. -- `ssl_mutex`: Default: Determined based on the OS. Valid options: See [mod_ssl][mod_ssl] documentation. - - RedHat/FreeBSD/Suse/Gentoo: 'default' - - Debian/Ubuntu + Apache >= 2.4: 'default' - - Debian/Ubuntu + Apache < 2.4: 'file:\${APACHE_RUN_DIR}/ssl_mutex' - - Ubuntu 10.04: 'file:/var/run/apache2/ssl_mutex' - -To use SSL with a virtual host, you must either set the [`default_ssl_vhost`][] parameter in `::apache` to true **or** the [`ssl`][] parameter in [`apache::vhost`][] to true. - -##### Class: `apache::mod::status` - -Installs [`mod_status`][] and uses the `status.conf.erb` template to generate its configuration. - -**Parameters within `apache::mod::status`**: - -- `allow_from`: An [array][] of IPv4 or IPv6 addresses that can access `/server-status`. Default: ['127.0.0.1','::1']. -- `extended_status`: Determines whether to track extended status information for each request, via the [`ExtendedStatus`][] directive. Valid options: 'Off', 'On'. Default: 'On'. -- `status_path`: The server location of the status page. Default: '/server-status'. - -##### Class: `apache::mod::version` - -Installs [`mod_version`][] on many operating systems and Apache configurations. - -If Debian and Ubuntu systems with Apache 2.4 are classified with `apache::mod::version`, Puppet warns that `mod_version` is built-in and can't be loaded. - -##### Class: `apache::mod::security` - -Installs and configures Trustwave's [`mod_security`][]. It is enabled and runs by default on all virtual hosts. - -**Parameters within `apache::mod::security`**: - -- `activated_rules`: An [array][] of rules from the `modsec_crs_path` to activate via symlinks. Default: `modsec_default_rules` in [`apache::params`][]. -- `allowed_methods`: A space-separated list of allowed HTTP methods. Default: 'GET HEAD POST OPTIONS'. -- `content_types`: A list of one or more allowed [MIME types][MIME `content-type`]. Default: 'application/x-www-form-urlencoded|multipart/form-data|text/xml|application/xml|application/x-amf' -- `crs_package`: Names the package that installs CRS rules. Default: `modsec_crs_package` in [`apache::params`][]. -- `modsec_dir`: Defines the path where Puppet installs the modsec configuration and activated rules links. Default: 'On', set by `modsec_dir` in [`apache::params`][]. -${modsec\_dir}/activated\_rules. -- `modsec_secruleengine`: Configures the modsec rules engine. Valid options: 'On', 'Off', and 'DetectionOnly'. Default: `modsec_secruleengine` in [`apache::params`][]. -- `restricted_extensions`: A space-separated list of prohibited file extensions. Default: '.asa/ .asax/ .ascx/ .axd/ .backup/ .bak/ .bat/ .cdx/ .cer/ .cfg/ .cmd/ .com/ .config/ .conf/ .cs/ .csproj/ .csr/ .dat/ .db/ .dbf/ .dll/ .dos/ .htr/ .htw/ .ida/ .idc/ .idq/ .inc/ .ini/ .key/ .licx/ .lnk/ .log/ .mdb/ .old/ .pass/ .pdb/ .pol/ .printer/ .pwd/ .resources/ .resx/ .sql/ .sys/ .vb/ .vbs/ .vbproj/ .vsdisco/ .webinfo/ .xsd/ .xsx/'. -- `restricted_headers`: A list of restricted headers separated by slashes and spaces. Default: 'Proxy-Connection/ /Lock-Token/ /Content-Range/ /Translate/ /via/ /if/'. -- `secpcrematchlimit`: Sets the number for the match limit in the PCRE library. Default: '1500' -- `secpcrematchlimitrecursion`: Sets the number for the match limit recursion in the PCRE library. Default: '1500' -- `audit_log_parts`: Sets the sections to be put in the [audit log][]. Default: 'ABIJDEFHZ' - -##### Class: `apache::mod::wsgi` - -Enables Python support via [`mod_wsgi`][]. - -**Parameters within `apache::mod::wsgi`**: - -- `mod_path`: Defines the path to the `mod_wsgi` shared object (`.so`) file. Default: undef. - - If the `mod_path` parameter doesn't contain `/`, Puppet prefixes it with your operating system's default module path. -Otherwise, Puppet follows it literally. -- `package_name`: Names the package that installs `mod_wsgi`. Default: undef. -- `wsgi_python_home`: Defines the [`WSGIPythonHome`][] directive, such as '/path/to/venv'. Valid options: path. Default: undef. -- `wsgi_python_path`: Defines the [`WSGIPythonPath`][] directive, such as '/path/to/venv/site-packages'. Valid options: path. Default: undef. -- `wsgi_socket_prefix`: Defines the [`WSGISocketPrefix`][] directive, such as "\${APACHE\_RUN\_DIR}WSGI". Default: `wsgi_socket_prefix` in [`apache::params`][]. - -The class's parameters correspond to the module's directives. See the [module's documentation][`mod_wsgi`] for details. - -### Private Classes - -#### Class: `apache::confd::no_accf` - -Creates the `no-accf.conf` configuration file in `conf.d`, required by FreeBSD's Apache 2.4. - -#### Class: `apache::default_confd_files` - -Includes `conf.d` files for FreeBSD. - -#### Class: `apache::default_mods` - -Installs the Apache modules required to run the default configuration. See the `apache` class's [`default_mods`][] parameter for details. - -#### Class: `apache::package` - -Installs and configures basic Apache packages. - -#### Class: `apache::params` - -Manages Apache parameters for different operating systems. - -#### Class: `apache::service` - -Manages the Apache daemon. - -#### Class: `apache::version` - -Attempts to automatically detect the Apache version based on the operating system. - -### Public defined types - -#### Defined type: `apache::balancer` - -Creates an Apache load balancing group, also known as a balancer cluster, using [`mod_proxy`][]. Each load balancing group needs one or more balancer members, which you can declare in Puppet with the [`apache::balancermember`][] define. - -Declare one `apache::balancer` define for each Apache load balancing group. You can export `apache::balancermember` defined types for all balancer members and collect them on a single Apache load balancer server using [exported resources][]. - -**Parameters within `apache::balancer`**: - -##### `name` - -Sets the title of the balancer cluster and name of the `conf.d` file containing its configuration. - -##### `proxy_set` - -Configures key-value pairs as [`ProxySet`][] lines. Valid options: a [hash][]. Default: '{}'. - -##### `collect_exported` - -Determines whether to use [exported resources][]. Valid options: Boolean. Default: true. - -If you statically declare all of your backend servers, set this parameter to false to rely on existing, declared balancer member resources. Also, use `apache::balancermember` with [array][] arguments. - -To dynamically declare backend servers via exported resources collected on a central node, set this parameter to true to collect the balancer member resources exported by the balancer member nodes. - -If you don't use exported resources, a single Puppet run configures all balancer members. If you use exported resources, Puppet has to run on the balanced nodes first, then run on the balancer. - -#### Defined type: `apache::balancermember` - -Defines members of [`mod_proxy_balancer`][], which sets up a balancer member inside a listening service configuration block in the load balancer's `apache.cfg`. - -**Parameters within `apache::balancermember`**: - -##### `balancer_cluster` - -**Required**. Sets the Apache service's instance name, and must match the name of a declared [`apache::balancer`][] resource. - -##### `url` - -Specifies the URL used to contact the balancer member server. Default: 'http://${::fqdn}/'. - -##### `options` - -Specifies an [array][] of [options](https://httpd.apache.org/docs/current/mod/mod_proxy.html#balancermember) after the URL, and accepts any key-value pairs available to [`ProxyPass`][]. Default: an empty array. - -#### Defined type: `apache::custom_config` - -Adds a custom configuration file to the Apache server's `conf.d` directory. If the file is invalid and this defined type's [`verify_config`][] parameter's value is true, Puppet throws an error during a Puppet run. - -**Parameters within `apache::custom_config`**: - -##### `ensure` - -Specifies whether the configuration file should be present. Valid options: 'absent', 'present'. Default: 'present'. - -##### `confdir` - -Sets the directory in which Puppet places configuration files. Default: the value of [`$::apache::confd_dir`][`confd_dir`]. - -##### `content` - -Sets the configuration file's content. The `content` and [`source`][] parameters are exclusive of each other. - -##### `filename` - -Sets the name of the file under `confdir` in which Puppet stores the configuration. The default behavior is to generate the filename from the `priority` parameter and the resource name. - -##### `priority` - -Sets the configuration file's priority by prefixing its filename with this parameter's numeric value, as Apache processes configuration files in alphanumeric order. Default: '25'. - -To omit the priority prefix in the configuration file's name, set this parameter to false. - -##### `source` - -Points to the configuration file's source. The [`content`][] and `source` parameters are exclusive of each other. - -##### `verify_command` - -Specifies the command Puppet uses to verify the configuration file. Use a fully qualified command. Default: `/usr/sbin/apachectl -t`. - -This parameter is only used if the [`verify_config`][] parameter's value is 'true'. If the `verify_command` fails, the Puppet run deletes the configuration file, does not notify the Apache service, and raises an error. - -##### `verify_config` - -Specifies whether to validate the configuration file before notifying the Apache service. Valid options: Boolean. Default: true. - -#### Defined type: `apache::fastcgi::server` - -Defines one or more external FastCGI servers to handle specific file types. Use this defined type with [`mod_fastcgi`][FastCGI]. - -**Parameters within `apache::fastcgi::server`:** - -##### `host` - -Determines the FastCGI's hostname or IP address and TCP port number (1-65535). - -##### `timeout` - -Sets the number of seconds a [FastCGI][] application can be inactive before aborting the request and logging the event at the error LogLevel. The inactivity timer applies only as long as a connection is pending with the FastCGI application. If a request is queued to an application, but the application doesn't respond by writing and flushing within this period, the request is aborted. If communication is complete with the application but incomplete with the client (the response is buffered), the timeout does not apply. - -##### `flush` - -Forces [`mod_fastcgi`][FastCGI] to write to the client as data is received from the application. By default, `mod_fastcgi` buffers data in order to free the application as quickly as possible. - -##### `faux_path` - -Apache has [FastCGI][] handle URIs that resolve to this filename. The path set in this parameter does not have to exist in the local filesystem. - -##### `alias` - -Internally links actions with the FastCGI server. This alias must be unique. - -##### `file_type` - -Sets the [MIME `content-type`][] of the file to be processed by the FastCGI server. - -#### Defined type: `apache::listen` - -Adds [`Listen`][] directives to `ports.conf` in the Apache configuration directory that define the Apache server's or a virtual host's listening address and port. The [`apache::vhost`][] class uses this defined type, and titles take the form '', ':', or ':'. - -#### Defined type: `apache::mod` - -Installs packages for an Apache module that doesn't have a corresponding [`apache::mod::`][] class, and checks for or places the module's default configuration files in the Apache server's `module` and `enable` directories. The default locations depend on your operating system. - -**Parameters within `apache::mod`**: - -##### `package` - -**Required**. Names the package Puppet uses to install the Apache module. - -##### `package_ensure` - -Determines whether Puppet ensures the Apache module should be installed. Valid options: 'absent', 'present'. Default: 'present'. - -##### `lib` - -Defines the module's shared object name. Its default value is `mod_$name.so`, and it should not be configured manually without special reason. - -##### `lib_path` - -Specifies a path to the module's libraries. Default: the `apache` class's [`lib_path`][] parameter. - -Don't manually set this parameter without special reason. The [`path`][] parameter overrides this value. - -##### `loadfile_name` - -Sets the filename for the module's [`LoadFile`][] directive, which can also set the module load order as Apache processes them in alphanumeric order. Valid options: filenames formatted `\*.load`. Default: the resource's name followed by 'load', as in '$name.load'. - -##### `loadfiles` - -Specifies an array of [`LoadFile`][] directives. Default: undef. - -##### `path` - -Specifies a path to the module. Default: [`lib_path`][]/[`lib`][]. - -> **Note:** Don't manually set this parameter without a specific reason. - -#### Defined type: `apache::namevirtualhost` -Enables [name-based virtual hosts][] and adds all related directives to the `ports.conf` file in the Apache HTTPD configuration directory. Titles can take the forms '\*', '\*:\', '\_default\_:\, '\', or '\:\'. - - -#### Defined type: `apache::vhost` - -The Apache module allows a lot of flexibility in the setup and configuration of virtual hosts. This flexibility is due, in part, to `vhost` being a defined resource type, which allows Apache to evaluate it multiple times with different parameters. - -The `apache::vhost` defined type allows you to have specialized configurations for virtual hosts that have requirements outside the defaults. You can set up a default virtual host within the base `::apache` class, as well as set a customized virtual host as the default. Customized virtual hosts have a lower numeric [`priority`][] than the base class's, causing Apache to process the customized virtual host first. - -The `apache::vhost` defined type uses `concat::fragment` to build the configuration file. To inject custom fragments for pieces of the configuration that the defined type doesn't inherently support, add a custom fragment. - -For the custom fragment's `order` parameter, the `apache::vhost` defined type uses multiples of 10, so any `order` that isn't a multiple of 10 should work. - -**Parameters within `apache::vhost`**: - -##### `access_log` - -Determines whether to configure `*_access.log` directives (`*_file`,`*_pipe`, or `*_syslog`). Valid options: Boolean. Default: true. - -##### `access_log_env_var` - -Specifies that only requests with particular environment variables be logged. Default: undef. - -##### `access_log_file` - -Sets the filename of the `*_access.log` placed in [`logroot`][]. Given a virtual host---for instance, example.com---it defaults to 'example.com\_ssl.log' for [SSL-encrypted][SSL encryption] virtual hosts and 'example.com\_access.log' for unencrypted virtual hosts. - -##### `access_log_format` - -Specifies the use of either a [`LogFormat`][] nickname or a custom-formatted string for the access log. Default: 'combined'. - -##### `access_log_pipe` - -Specifies a pipe where Apache sends access log messages. Default: undef. - -##### `access_log_syslog` - -Sends all access log messages to syslog. Default: undef. - -##### `add_default_charset` - -Sets a default media charset value for the [`AddDefaultCharset`][] directive, which is added to `text/plain` and `text/html` responses. - -##### `add_listen` - -Determines whether the virtual host creates a [`Listen`][] statement. Valid options: Boolean. Default: true. - -Setting `add_listen` to false prevents the virtual host from creating a `Listen` statement. This is important when combining virtual hosts that aren't passed an `ip` parameter with those that are. - -##### `use_optional_includes` - -Specifies whether Apache uses the [`IncludeOptional`][] directive instead of [`Include`][] for `additional_includes` in Apache 2.4 or newer. Valid options: Boolean. Default: false. - -##### `additional_includes` - -Specifies paths to additional static, virtual host-specific Apache configuration files. You can use this parameter to implement a unique, custom configuration not supported by this module. Valid options: a string path or [array][] of them. Default: an empty array. - -##### `aliases` - -Passes a list of [hashes][hash] to the virtual host to create [`Alias`][], [`AliasMatch`][], [`ScriptAlias`][] or [`ScriptAliasMatch`][] directives as per the [`mod_alias`][] documentation. - -For example: - -``` puppet -aliases => [ - { aliasmatch => '^/image/(.*)\.jpg$', - path => '/files/jpg.images/$1.jpg', - }, - { alias => '/image', - path => '/ftp/pub/image', - }, - { scriptaliasmatch => '^/cgi-bin(.*)', - path => '/usr/local/share/cgi-bin$1', - }, - { scriptalias => '/nagios/cgi-bin/', - path => '/usr/lib/nagios/cgi-bin/', - }, - { alias => '/nagios', - path => '/usr/share/nagios/html', - }, -], -``` - -For the `alias`, `aliasmatch`, `scriptalias` and `scriptaliasmatch` keys to work, each needs a corresponding context, such as `` or ``. Puppet creates the directives in the order specified in the `aliases` parameter. As described in the [`mod_alias`][] documentation, add more specific `alias`, `aliasmatch`, `scriptalias` or `scriptaliasmatch` parameters before the more general ones to avoid shadowing. - -> **Note**: Use the `aliases` parameter instead of the `scriptaliases` parameter because you can precisely control the various alias directives' order. Defining `ScriptAliases` using the `scriptaliases` parameter means *all* `ScriptAlias` directives will come after *all* `Alias` directives, which can lead to `Alias` directives shadowing `ScriptAlias` directives. This often causes problems, for example with Nagios. - -If [`apache::mod::passenger`][] is loaded and `PassengerHighPerformance` is 'true', the `Alias` directive might not be able to honor the `PassengerEnabled => off` statement. See [this article](http://www.conandalton.net/2010/06/passengerenabled-off-not-working.html) for details. - -##### `allow_encoded_slashes` - -Sets the [`AllowEncodedSlashes`][] declaration for the virtual host, overriding the server default. This modifies the virtual host responses to URLs with `\` and `/` characters. Valid options: 'nodecode', 'off', 'on'. Default: undef, which omits the declaration from the server configuration and selects the Apache default setting of `Off`. - -##### `block` - -Specifies the list of things to which Apache blocks access. Valid option: 'scm', which blocks web access to `.svn`, `.git`, and `.bzr` directories. Default: an empty [array][]. - -##### `custom_fragment` - -Passes a string of custom configuration directives to place at the end of the virtual host configuration. Default: undef. - -##### `default_vhost` - -Sets a given `apache::vhost` defined type as the default to serve requests that do not match any other `apache::vhost` defined types. Default: false. - -##### `directories` - -See the [`directories`](#parameter-directories-for-apachevhost) section. - -##### `directoryindex` - -Sets the list of resources to look for when a client requests an index of the directory by specifying a '/' at the end of the directory name. See the [`DirectoryIndex`][] directive documentation for details. Default: undef. - -##### `docroot` - -**Required**. Sets the [`DocumentRoot`][] location, from which Apache serves files. - -If `docroot` and [`manage_docroot`][] are both set to false, no [`DocumentRoot`][] will be set and the accompanying `` block will not be created. - -##### `docroot_group` - -Sets group access to the [`docroot`][] directory. Valid options: A string representing a system group. Default: 'root'. - -##### `docroot_owner` - -Sets individual user access to the [`docroot`][] directory. Valid options: A string representing a user account. Default: 'root'. - -##### `docroot_mode` - -Sets access permissions for the [`docroot`][] directory, in numeric notation. Valid options: A string. Default: undef. - -##### `manage_docroot` - -Determines whether Puppet manages the [`docroot`][] directory. Valid options: Boolean. Default: true. - -##### `error_log` - -Specifies whether `*_error.log` directives should be configured. Valid options: Boolean. Default: true. - -##### `error_log_file` - -Points the virtual host's error logs to a `*_error.log` file. If this parameter is undefined, Puppet checks for values in [`error_log_pipe`][], then [`error_log_syslog`][]. - -If none of these parameters is set, given a virtual host `example.com`, Puppet defaults to '$logroot/example.com_error_ssl.log' for SSL virtual hosts and '$logroot/example.com_error.log' for non-SSL virtual hosts. - -##### `error_log_pipe` - -Specifies a pipe to send error log messages to. Default: undef. - -This parameter has no effect if the [`error_log_file`][] parameter has a value. If neither this parameter nor `error_log_file` has a value, Puppet then checks [`error_log_syslog`][]. - -##### `error_log_syslog` - -Determines whether to send all error log messages to syslog. Valid options: Boolean. Default: undef. - -This parameter has no effect if either of the [`error_log_file`][] or [`error_log_pipe`][] parameters has a value. If none of these parameters has a value, given a virtual host `example.com`, Puppet defaults to '$logroot/example.com_error_ssl.log' for SSL virtual hosts and '$logroot/example.com_error.log' for non-SSL virtual hosts. - -##### `error_documents` - -A list of hashes which can be used to override the [ErrorDocument](https://httpd.apache.org/docs/current/mod/core.html#errordocument) settings for this virtual host. Default: '[]'. - -An example: - -``` puppet -apache::vhost { 'sample.example.net': - error_documents => [ - { 'error_code' => '503', 'document' => '/service-unavail' }, - { 'error_code' => '407', 'document' => 'https://example.com/proxy/login' }, - ], -} -``` - -##### `ensure` - -Specifies if the virtual host is present or absent. Valid options: 'absent', 'present'. Default: 'present'. - -##### `fallbackresource` - -Sets the [FallbackResource](https://httpd.apache.org/docs/current/mod/mod_dir.html#fallbackresource) directive, which specifies an action to take for any URL that doesn't map to anything in your filesystem and would otherwise return 'HTTP 404 (Not Found)'. Valid options must either begin with a '/' or be 'disabled'. Default: undef. - -##### `filters` - -[Filters](https://httpd.apache.org/docs/current/mod/mod_filter.html) enable smart, context-sensitive configuration of output content filters. - -``` puppet -apache::vhost { "$::fqdn": - filters => [ - 'FilterDeclare COMPRESS', - 'FilterProvider COMPRESS DEFLATE resp=Content-Type $text/html', - 'FilterChain COMPRESS', - 'FilterProtocol COMPRESS DEFLATE change=yes;byteranges=no', - ], -} -``` - -##### `force_type` - -Sets the [`ForceType`][] directive, which forces Apache to serve all matching files with a [MIME `content-type`][] matching this parameter's value. - -##### `headers` - -Adds lines to replace, merge, or remove response headers. See [Apache's mod_headers documentation](https://httpd.apache.org/docs/current/mod/mod_headers.html#header) for more information. Valid options: A string, an array of strings, or undef. Default: undef. - -##### `ip` - -Sets the IP address the virtual host listens on. Valid options: Strings. Default: undef, which uses Apache's default behavior of listening on all IPs. - -##### `ip_based` - -Enables an [IP-based](https://httpd.apache.org/docs/current/vhosts/ip-based.html) virtual host. This parameter inhibits the creation of a NameVirtualHost directive, since those are used to funnel requests to name-based virtual hosts. Default: false. - -##### `itk` - -Configures [ITK](http://mpm-itk.sesse.net/) in a hash. Keys can be: - -* user + group -* `assignuseridexpr` -* `assigngroupidexpr` -* `maxclientvhost` -* `nice` -* `limituidrange` (Linux 3.5.0 or newer) -* `limitgidrange` (Linux 3.5.0 or newer) - -Usage typically looks like: - -``` puppet -apache::vhost { 'sample.example.net': - docroot => '/path/to/directory', - itk => { - user => 'someuser', - group => 'somegroup', - }, -} -``` - -##### `jk_mounts` - -Sets up a virtual host with 'JkMount' and 'JkUnMount' directives to handle the paths for URL mapping between Tomcat and Apache. Default: undef. - -The parameter must be an array of hashes where each hash must contain the 'worker' and either the 'mount' or 'unmount' keys. - -Usage typically looks like: - -``` puppet -apache::vhost { 'sample.example.net': - jk_mounts => [ - { mount => '/*', worker => 'tcnode1', }, - { unmount => '/*.jpg', worker => 'tcnode1', }, - ], -} -``` - -##### `auth_kerb` - -Enable [`mod_auth_kerb`][] parameters for a virtual host. Valid options: Boolean. Default: false. - -Usage typically looks like: - -``` puppet -apache::vhost { 'sample.example.net': - auth_kerb => true, - krb_method_negotiate => 'on', - krb_auth_realms => ['EXAMPLE.ORG'], - krb_local_user_mapping => 'on', - directories => { - path => '/var/www/html', - auth_name => 'Kerberos Login', - auth_type => 'Kerberos', - auth_require => 'valid-user', - }, -} -``` - -Related parameters follow the names of `mod_auth_kerb` directives: - -- `krb_method_negotiate`: Determines whether to use the Negotiate method. Default: 'on'. -- `krb_method_k5passwd`: Determines whether to use password-based authentication for Kerberos v5. Default: 'on'. -- `krb_authoritative`: If set to 'off', authentication controls can be passed on to another module. Default: 'on'. -- `krb_auth_realms`: Specifies an array of Kerberos realms to use for authentication. Default: '[]'. -- `krb_5keytab`: Specifies the Kerberos v5 keytab file's location. Default: undef. -- `krb_local_user_mapping`: Strips @REALM from usernames for further use. Default: undef. - -##### `krb_verify_kdc` - -This option can be used to disable the verification tickets against local keytab to prevent KDC spoofing attacks. Default: 'on'. - -##### `krb_servicename` - -Specifies the service name that will be used by Apache for authentication. Corresponding key of this name must be stored in the keytab. Default: 'HTTP'. - -##### `krb_save_credentials` - -This option enables credential saving functionality. Default is 'off' - -##### `logroot` - -Specifies the location of the virtual host's logfiles. Default: '/var/log//'. - -##### `$logroot_ensure` - -Determines whether or not to remove the logroot directory for a virtual host. Valid options: 'directory', 'absent'. - -##### `logroot_mode` - -Overrides the mode the logroot directory is set to. Default: undef. Do *not* grant write access to the directory the logs are stored in without being aware of the consequences; for more information, see [Apache's log security documentation](https://httpd.apache.org/docs/2.4/logs.html#security). - -##### `logroot_owner` - -Sets individual user access to the logroot directory. Defaults to 'undef'. - -##### `logroot_group` - -Sets group access to the [`logroot`][] directory. Defaults to 'undef'. - -##### `log_level` - -Specifies the verbosity of the error log. Valid options: 'emerg', 'alert', 'crit', 'error', 'warn', 'notice', 'info' or 'debug'. Default: 'warn' for the global server configuration, which can be overridden on a per-virtual host basis. - -###### `modsec_body_limit` - -Configures the maximum request body size (in bytes) ModSecurity will accept for buffering - -###### `modsec_disable_vhost` - -Disables [`mod_security`][] on a virtual host. Only valid if [`apache::mod::security`][] is included. Valid options: Boolean. Default: undef. - -###### `modsec_disable_ids` - -Array of mod_security IDs to remove from the virtual host. Also takes a hash allowing removal of an ID from a specific location. - -``` puppet -apache::vhost { 'sample.example.net': - modsec_disable_ids => [ 90015, 90016 ], -} -``` - -``` puppet -apache::vhost { 'sample.example.net': - modsec_disable_ids => { '/location1' => [ 90015, 90016 ] }, -} -``` - -###### `modsec_disable_ips` - -Specifies an array of IP addresses to exclude from [`mod_security`][] rule matching. Default: undef. - -##### `no_proxy_uris` - -Specifies URLs you do not want to proxy. This parameter is meant to be used in combination with [`proxy_dest`](#proxy_dest). - -##### `no_proxy_uris_match` - -This directive is equivalent to [`no_proxy_uris`][], but takes regular expressions. - -##### `proxy_preserve_host` - -Sets the [ProxyPreserveHost Directive](https://httpd.apache.org/docs/current/mod/mod_proxy.html#proxypreservehost). Valid options: Boolean. Default: false. - -Setting this parameter to true enables the `Host:` line from an incoming request to be proxied to the host instead of hostname. Setting it to false sets this directive to 'Off'. - -##### `proxy_error_override` - -Sets the [ProxyErrorOverride Directive](https://httpd.apache.org/docs/current/mod/mod_proxy.html#proxyerroroverride). This directive controls whether Apache should override error pages for proxied content. Default: false. - -##### `options` - -Sets the [`Options`][] for the specified virtual host. Default: ['Indexes','FollowSymLinks','MultiViews'], as demonstrated below: - -``` puppet -apache::vhost { 'site.name.fdqn': - … - options => ['Indexes','FollowSymLinks','MultiViews'], -} -``` - -> **Note**: If you use the [`directories`][] parameter of [`apache::vhost`][], 'Options', 'Override', and 'DirectoryIndex' are ignored because they are parameters within `directories`. - -##### `override` - -Sets the overrides for the specified virtual host. Accepts an array of [AllowOverride](https://httpd.apache.org/docs/current/mod/core.html#allowoverride) arguments. Default: '[none]'. - -##### `passenger_app_root` - -Sets [PassengerRoot](https://www.phusionpassenger.com/library/config/apache/reference/#passengerapproot), the location of the Passenger application root if different from the DocumentRoot. - -##### `passenger_app_env` - -Sets [PassengerAppEnv](https://www.phusionpassenger.com/library/config/apache/reference/#passengerappenv), the environment for the Passenger application. If not specifies, defaults to the global setting or 'production'. - -##### `passenger_log_file` - -By default, Passenger log messages are written to the Apache global error log. With [PassengerLogFile](https://www.phusionpassenger.com/library/config/apache/reference/#passengerlogfile), you can configure those messages to be logged to a different file. This option is only available since Passenger 5.0.5. - -##### `passenger_ruby` - -Sets [PassengerRuby](https://www.phusionpassenger.com/library/config/apache/reference/#passengerruby), the Ruby interpreter to use for the application, on this virtual host. - -##### `passenger_min_instances` - -Sets [PassengerMinInstances](https://www.phusionpassenger.com/library/config/apache/reference/#passengermininstances), the minimum number of application processes to run. - -##### `passenger_start_timeout` - -Sets [PassengerStartTimeout](https://www.phusionpassenger.com/library/config/apache/reference/#passengerstarttimeout), the timeout for the application startup. - -##### `passenger_pre_start` - -Sets [PassengerPreStart](https://www.phusionpassenger.com/library/config/apache/reference/#passengerprestart), the URL of the application if pre-starting is required. - -##### `passenger_user` - -Sets [PassengerUser](https://www.phusionpassenger.com/library/config/apache/reference/#passengeruser), the running user for sandboxing applications. - -##### `php_flags & values` - -Allows per-virtual host setting [`php_value`s or `php_flag`s](http://php.net/manual/en/configuration.changes.php). These flags or values can be overwritten by a user or an application. Default: '{}'. - -##### `php_admin_flags & values` - -Allows per-virtual host setting [`php_admin_value`s or `php_admin_flag`s](http://php.net/manual/en/configuration.changes.php). These flags or values cannot be overwritten by a user or an application. Default: '{}'. - -##### `port` - -Sets the port the host is configured on. The module's defaults ensure the host listens on port 80 for non-SSL virtual hosts and port 443 for SSL virtual hosts. The host only listens on the port set in this parameter. - -##### `priority` - -Sets the relative load-order for Apache HTTPD VirtualHost configuration files. Default: '25'. - -If nothing matches the priority, the first name-based virtual host is used. Likewise, passing a higher priority causes the alphabetically first name-based virtual host to be used if no other names match. - -> **Note:** You should not need to use this parameter. However, if you do use it, be aware that the `default_vhost` parameter for `apache::vhost` passes a priority of '15'. - -To omit the priority prefix in file names, pass a priority of false. - -##### `proxy_dest` - -Specifies the destination address of a [ProxyPass](https://httpd.apache.org/docs/current/mod/mod_proxy.html#proxypass) configuration. Default: undef. - -##### `proxy_pass` - -Specifies an array of `path => URI` values for a [ProxyPass](https://httpd.apache.org/docs/current/mod/mod_proxy.html#proxypass) configuration. Default: undef. Parameters and location options can optionally be added as an array. - -``` puppet -apache::vhost { 'site.name.fdqn': - … - proxy_pass => [ - { 'path' => '/a', 'url' => 'http://backend-a/' }, - { 'path' => '/b', 'url' => 'http://backend-b/' }, - { 'path' => '/c', 'url' => 'http://backend-a/c', 'params' => {'max'=>20, 'ttl'=>120, 'retry'=>300}}, - { 'path' => '/c', 'url' => 'http://backend-a/c', - 'options' => {'Require'=>'valid-user', 'AuthType'=>'Kerberos', 'AuthName'=>'Kerberos Login'}}, - { 'path' => '/l', 'url' => 'http://backend-xy', - 'reverse_urls' => ['http://backend-x', 'http://backend-y'] }, - { 'path' => '/d', 'url' => 'http://backend-a/d', - 'params' => { 'retry' => '0', 'timeout' => '5' }, }, - { 'path' => '/e', 'url' => 'http://backend-a/e', - 'keywords' => ['nocanon', 'interpolate'] }, - { 'path' => '/f', 'url' => 'http://backend-f/', - 'setenv' => ['proxy-nokeepalive 1','force-proxy-request-1.0 1']}, - { 'path' => '/g', 'url' => 'http://backend-g/', - 'reverse_cookies' => [{'path' => '/g', 'url' => 'http://backend-g/',}, {'domain' => 'http://backend-g', 'url' => 'http:://backend-g',},], }, - ], -} -``` - -* `reverse_urls`. *Optional.* This setting is useful when used with `mod_proxy_balancer`. Valid options: an array or string. -* `reverse_cookies`. *Optional.* Sets `ProxyPassReverseCookiePath` and `ProxyPassReverseCookieDomain`. -* `params`. *Optional.* Allows for ProxyPass key-value parameters, such as connection settings. -* `setenv`. *Optional.* Sets [environment variables](https://httpd.apache.org/docs/current/mod/mod_proxy.html#envsettings) for the proxy directive. Valid options: array. - -##### `proxy_dest_match` - -This directive is equivalent to [`proxy_dest`][], but takes regular expressions, see [ProxyPassMatch](https://httpd.apache.org/docs/current/mod/mod_proxy.html#proxypassmatch) for details. - -##### `proxy_dest_reverse_match` - -Allows you to pass a ProxyPassReverse if [`proxy_dest_match`][] is specified. See [ProxyPassReverse](https://httpd.apache.org/docs/current/mod/mod_proxy.html#proxypassreverse) for details. - -##### `proxy_pass_match` - -This directive is equivalent to [`proxy_pass`][], but takes regular expressions, see [ProxyPassMatch](https://httpd.apache.org/docs/current/mod/mod_proxy.html#proxypassmatch) for details. - -##### `rack_base_uris` - -Specifies the resource identifiers for a rack configuration. The file paths specified are listed as rack application roots for [Phusion Passenger](http://www.modrails.com/documentation/Users%20guide%20Apache.html#_railsbaseuri_and_rackbaseuri) in the _rack.erb template. Default: undef. - -#####`passenger_base_uris` - -Used to specify that the given URI is a Phusion Passenger-served application. The file paths specified are listed as passenger application roots for [Phusion Passenger](https://www.phusionpassenger.com/documentation/Users%20guide%20Apache.html#PassengerBaseURI) in the _passenger_base_uris.erb template. Default: undef. - -##### `redirect_dest` - -Specifies the address to redirect to. Default: undef. - -##### `redirect_source` - -Specifies the source URIs that redirect to the destination specified in `redirect_dest`. If more than one item for redirect is supplied, the source and destination must be the same length, and the items are order-dependent. - -``` puppet -apache::vhost { 'site.name.fdqn': - … - redirect_source => ['/images','/downloads'], - redirect_dest => ['http://img.example.com/','http://downloads.example.com/'], -} -``` - -##### `redirect_status` - -Specifies the status to append to the redirect. Default: undef. - -``` puppet -apache::vhost { 'site.name.fdqn': - … - redirect_status => ['temp','permanent'], -} -``` - -##### `redirectmatch_regexp` & `redirectmatch_status` & `redirectmatch_dest` - -Determines which server status should be raised for a given regular expression and where to forward the user to. Entered as arrays. Default: undef. - -``` puppet -apache::vhost { 'site.name.fdqn': - … - redirectmatch_status => ['404','404'], - redirectmatch_regexp => ['\.git(/.*|$)/','\.svn(/.*|$)'], - redirectmatch_dest => ['http://www.example.com/1','http://www.example.com/2'], -} -``` - -##### `request_headers` - -Modifies collected [request headers](https://httpd.apache.org/docs/current/mod/mod_headers.html#requestheader) in various ways, including adding additional request headers, removing request headers, etc. Default: undef. - -``` puppet -apache::vhost { 'site.name.fdqn': - … - request_headers => [ - 'append MirrorID "mirror 12"', - 'unset MirrorID', - ], -} -``` -##### `rewrites` - -Creates URL rewrite rules. Expects an array of hashes, and the hash keys can be any of 'comment', 'rewrite_base', 'rewrite_cond', 'rewrite_rule' or 'rewrite_map'. Default: undef. - -For example, you can specify that anyone trying to access index.html is served welcome.html - -``` puppet -apache::vhost { 'site.name.fdqn': - … - rewrites => [ { rewrite_rule => ['^index\.html$ welcome.html'] } ] -} -``` - -The parameter allows rewrite conditions that, when true, execute the associated rule. For instance, if you wanted to rewrite URLs only if the visitor is using IE - -``` puppet -apache::vhost { 'site.name.fdqn': - … - rewrites => [ - { - comment => 'redirect IE', - rewrite_cond => ['%{HTTP_USER_AGENT} ^MSIE'], - rewrite_rule => ['^index\.html$ welcome.html'], - }, - ], -} -``` - -You can also apply multiple conditions. For instance, rewrite index.html to welcome.html only when the browser is Lynx or Mozilla (version 1 or 2) - -``` puppet -apache::vhost { 'site.name.fdqn': - … - rewrites => [ - { - comment => 'Lynx or Mozilla v1/2', - rewrite_cond => ['%{HTTP_USER_AGENT} ^Lynx/ [OR]', '%{HTTP_USER_AGENT} ^Mozilla/[12]'], - rewrite_rule => ['^index\.html$ welcome.html'], - }, - ], -} -``` - -Multiple rewrites and conditions are also possible - -``` puppet -apache::vhost { 'site.name.fdqn': - … - rewrites => [ - { - comment => 'Lynx or Mozilla v1/2', - rewrite_cond => ['%{HTTP_USER_AGENT} ^Lynx/ [OR]', '%{HTTP_USER_AGENT} ^Mozilla/[12]'], - rewrite_rule => ['^index\.html$ welcome.html'], - }, - { - comment => 'Internet Explorer', - rewrite_cond => ['%{HTTP_USER_AGENT} ^MSIE'], - rewrite_rule => ['^index\.html$ /index.IE.html [L]'], - }, - { - rewrite_base => /apps/, - rewrite_rule => ['^index\.cgi$ index.php', '^index\.html$ index.php', '^index\.asp$ index.html'], - }, - { comment => 'Rewrite to lower case', - rewrite_cond => ['%{REQUEST_URI} [A-Z]'], - rewrite_map => ['lc int:tolower'], - rewrite_rule => ['(.*) ${lc:$1} [R=301,L]'], - }, - ], -} -``` - -Refer to the [`mod_rewrite` documentation][`mod_rewrite`] for more details on what is possible with rewrite rules and conditions. - -##### `scriptalias` - -Defines a directory of CGI scripts to be aliased to the path '/cgi-bin', such as '/usr/scripts'. Default: undef. - -##### `scriptaliases` - -> **Note**: This parameter is deprecated in favor of the `aliases` parameter. - -Passes an array of hashes to the virtual host to create either ScriptAlias or ScriptAliasMatch statements per the [`mod_alias` documentation][`mod_alias`]. - -``` puppet -scriptaliases => [ - { - alias => '/myscript', - path => '/usr/share/myscript', - }, - { - aliasmatch => '^/foo(.*)', - path => '/usr/share/fooscripts$1', - }, - { - aliasmatch => '^/bar/(.*)', - path => '/usr/share/bar/wrapper.sh/$1', - }, - { - alias => '/neatscript', - path => '/usr/share/neatscript', - }, -] -``` - -The ScriptAlias and ScriptAliasMatch directives are created in the order specified. As with [Alias and AliasMatch](#aliases) directives, specify more specific aliases before more general ones to avoid shadowing. - -##### `serveradmin` - -Specifies the email address Apache displays when it renders one of its error pages. Default: undef. - -##### `serveraliases` - -Sets the [ServerAliases](https://httpd.apache.org/docs/current/mod/core.html#serveralias) of the site. Default: '[]'. - -##### `servername` - -Sets the servername corresponding to the hostname you connect to the virtual host at. Default: the title of the resource. - -##### `setenv` - -Used by HTTPD to set environment variables for virtual hosts. Default: '[]'. - -Example: - -``` puppet -apache::vhost { 'setenv.example.com': - setenv => ['SPECIAL_PATH /foo/bin'], -} -``` - -##### `setenvif` - -Used by HTTPD to conditionally set environment variables for virtual hosts. Default: '[]'. - -##### `suphp_addhandler`, `suphp_configpath`, & `suphp_engine` - -Sets up a virtual host with [suPHP](http://suphp.org/DocumentationView.html?file=apache/CONFIG). - -* `suphp_addhandler`. Default: 'php5-script' on RedHat and FreeBSD, and 'x-httpd-php' on Debian and Gentoo. -* `suphp_configpath`. Default: undef on RedHat and FreeBSD, and '/etc/php5/apache2' on Debian and Gentoo. -* `suphp_engine`. Valid options: 'on' or 'off'. Default: 'off'. - -An example virtual host configuration with suPHP: - -``` puppet -apache::vhost { 'suphp.example.com': - port => '80', - docroot => '/home/appuser/myphpapp', - suphp_addhandler => 'x-httpd-php', - suphp_engine => 'on', - suphp_configpath => '/etc/php5/apache2', - directories => { path => '/home/appuser/myphpapp', - 'suphp' => { user => 'myappuser', group => 'myappgroup' }, - } -} -``` - -##### `vhost_name` - -Enables name-based virtual hosting. If no IP is passed to the virtual host, but the virtual host is assigned a port, then the virtual host name is 'vhost_name:port'. If the virtual host has no assigned IP or port, the virtual host name is set to the title of the resource. Default: '*'. - -##### `virtual_docroot` - -Sets up a virtual host with a wildcard alias subdomain mapped to a directory with the same name. For example, 'http://example.com' would map to '/var/www/example.com'. Default: false. - -``` puppet -apache::vhost { 'subdomain.loc': - vhost_name => '*', - port => '80', - virtual_docroot => '/var/www/%-2+', - docroot => '/var/www', - serveraliases => ['*.loc',], -} -``` - -##### `wsgi_daemon_process`, `wsgi_daemon_process_options`, `wsgi_process_group`, `wsgi_script_aliases`, & `wsgi_pass_authorization` - -Sets up a virtual host with [WSGI](https://github.com/GrahamDumpleton/mod_wsgi). - -* `wsgi_daemon_process`: A hash that sets the name of the WSGI daemon, accepting [certain keys](http://modwsgi.readthedocs.org/en/latest/configuration-directives/WSGIDaemonProcess.html). Default: undef. -* `wsgi_daemon_process_options`. _Optional._ Default: undef. -* `wsgi_process_group`: Sets the group ID that the virtual host runs under. Default: undef. -* `wsgi_script_aliases`: Requires a hash of web paths to filesystem .wsgi paths. Default: undef. -* `wsgi_pass_authorization`: Uses the WSGI application to handle authorization instead of Apache when set to 'On'. For more information, see [mod_wsgi's WSGIPassAuthorization documentation] (https://modwsgi.readthedocs.org/en/latest/configuration-directives/WSGIPassAuthorization.html). Default: undef, leading Apache to use its default value of 'Off'. -* `wsgi_chunked_request`: Enables support for chunked requests. Default: undef. - -An example virtual host configuration with WSGI: - -``` puppet -apache::vhost { 'wsgi.example.com': - port => '80', - docroot => '/var/www/pythonapp', - wsgi_daemon_process => 'wsgi', - wsgi_daemon_process_options => - { processes => '2', - threads => '15', - display-name => '%{GROUP}', - }, - wsgi_process_group => 'wsgi', - wsgi_script_aliases => { '/' => '/var/www/demo.wsgi' }, - wsgi_chunked_request => 'On', -} -``` - -#### Parameter `directories` for `apache::vhost` - -The `directories` parameter within the `apache::vhost` class passes an array of hashes to the virtual host to create [Directory](https://httpd.apache.org/docs/current/mod/core.html#directory), [File](https://httpd.apache.org/docs/current/mod/core.html#files), and [Location](https://httpd.apache.org/docs/current/mod/core.html#location) directive blocks. These blocks take the form, '< Directory /path/to/directory>...< /Directory>'. - -The `path` key sets the path for the directory, files, and location blocks. Its value must be a path for the 'directory', 'files', and 'location' providers, or a regex for the 'directorymatch', 'filesmatch', or 'locationmatch' providers. Each hash passed to `directories` **must** contain `path` as one of the keys. - -The `provider` key is optional. If missing, this key defaults to 'directory'. Valid options: 'directory', 'files', 'proxy', 'location', 'directorymatch', 'filesmatch', 'proxymatch' or 'locationmatch'. If you set `provider` to 'directorymatch', it uses the keyword 'DirectoryMatch' in the Apache config file. - -An example use of `directories`: - -``` puppet -apache::vhost { 'files.example.net': - docroot => '/var/www/files', - directories => [ - { 'path' => '/var/www/files', - 'provider' => 'files', - 'deny' => 'from all', - }, - ], -} -``` - -> **Note:** At least one directory should match the `docroot` parameter. After you start declaring directories, `apache::vhost` assumes that all required Directory blocks will be declared. If not defined, a single default Directory block is created that matches the `docroot` parameter. - -Available handlers, represented as keys, should be placed within the `directory`, `files`, or `location` hashes. This looks like - -``` puppet -apache::vhost { 'sample.example.net': - docroot => '/path/to/directory', - directories => [ { path => '/path/to/directory', handler => value } ], -} -``` - -Any handlers you do not set in these hashes are considered 'undefined' within Puppet and are not added to the virtual host, resulting in the module using their default values. Supported handlers are: - -###### `addhandlers` - -Sets [AddHandler](https://httpd.apache.org/docs/current/mod/mod_mime.html#addhandler) directives, which map filename extensions to the specified handler. Accepts a list of hashes, with `extensions` serving to list the extensions being managed by the handler, and takes the form: `{ handler => 'handler-name', extensions => ['extension'] }`. - -An example: - -``` puppet -apache::vhost { 'sample.example.net': - docroot => '/path/to/directory', - directories => [ - { path => '/path/to/directory', - addhandlers => [{ handler => 'cgi-script', extensions => ['.cgi']}], - }, - ], -} -``` - -###### `allow` - -Sets an [Allow](https://httpd.apache.org/docs/2.2/mod/mod_authz_host.html#allow) directive, which groups authorizations based on hostnames or IPs. **Deprecated:** This parameter is being deprecated due to a change in Apache. It only works with Apache 2.2 and lower. You can use it as a single string for one rule or as an array for more than one. - -``` puppet -apache::vhost { 'sample.example.net': - docroot => '/path/to/directory', - directories => [ - { path => '/path/to/directory', - allow => 'from example.org', - }, - ], -} -``` - -###### `allow_override` - -Sets the types of directives allowed in [.htaccess](https://httpd.apache.org/docs/current/mod/core.html#allowoverride) files. Accepts an array. - -``` puppet -apache::vhost { 'sample.example.net': - docroot => '/path/to/directory', - directories => [ - { path => '/path/to/directory', - allow_override => ['AuthConfig', 'Indexes'], - }, - ], -} -``` - -###### `auth_basic_authoritative` - -Sets the value for [AuthBasicAuthoritative](https://httpd.apache.org/docs/current/mod/mod_auth_basic.html#authbasicauthoritative), which determines whether authorization and authentication are passed to lower level Apache modules. - -###### `auth_basic_fake` - -Sets the value for [AuthBasicFake](https://httpd.apache.org/docs/current/mod/mod_auth_basic.html#authbasicfake), which statically configures authorization credentials for a given directive block. - -###### `auth_basic_provider` - -Sets the value for [AuthBasicProvider](https://httpd.apache.org/docs/current/mod/mod_auth_basic.html#authbasicprovider), which sets the authentication provider for a given location. - -###### `auth_digest_algorithm` - -Sets the value for [AuthDigestAlgorithm](https://httpd.apache.org/docs/current/mod/mod_auth_digest.html#authdigestalgorithm), which selects the algorithm used to calculate the challenge and response hashes. - -###### `auth_digest_domain` - -Sets the value for [AuthDigestDomain](https://httpd.apache.org/docs/current/mod/mod_auth_digest.html#authdigestdomain), which allows you to specify one or more URIs in the same protection space for digest authentication. - -###### `auth_digest_nonce_lifetime` - -Sets the value for [AuthDigestNonceLifetime](https://httpd.apache.org/docs/current/mod/mod_auth_digest.html#authdigestnoncelifetime), which controls how long the server nonce is valid. - -###### `auth_digest_provider` - -Sets the value for [AuthDigestProvider](https://httpd.apache.org/docs/current/mod/mod_auth_digest.html#authdigestprovider), which sets the authentication provider for a given location. - -###### `auth_digest_qop` - -Sets the value for [AuthDigestQop](https://httpd.apache.org/docs/current/mod/mod_auth_digest.html#authdigestqop), which determines the quality-of-protection to use in digest authentication. - -###### `auth_digest_shmem_size` - -Sets the value for [AuthAuthDigestShmemSize](https://httpd.apache.org/docs/current/mod/mod_auth_digest.html#authdigestshmemsize), which defines the amount of shared memory allocated to the server for keeping track of clients. - -###### `auth_group_file` - -Sets the value for [AuthGroupFile](https://httpd.apache.org/docs/current/mod/mod_authz_groupfile.html#authgroupfile), which sets the name of the text file containing the list of user groups for authorization. - -###### `auth_name` - -Sets the value for [AuthName](https://httpd.apache.org/docs/current/mod/mod_authn_core.html#authname), which sets the name of the authorization realm. - -###### `auth_require` - -Sets the entity name you're requiring to allow access. Read more about [Require](https://httpd.apache.org/docs/current/mod/mod_authz_host.html#requiredirectives). - -###### `auth_type` - -Sets the value for [AuthType](https://httpd.apache.org/docs/current/mod/mod_authn_core.html#authtype), which guides the type of user authentication. - -###### `auth_user_file` - -Sets the value for [AuthUserFile](https://httpd.apache.org/docs/current/mod/mod_authn_file.html#authuserfile), which sets the name of the text file containing the users/passwords for authentication. - -###### `custom_fragment` - -Pass a string of custom configuration directives to be placed at the end of the directory configuration. - -``` puppet -apache::vhost { 'monitor': - … - directories => [ - { - path => '/path/to/directory', - custom_fragment => ' - - SetHandler balancer-manager - Order allow,deny - Allow from all - - - SetHandler server-status - Order allow,deny - Allow from all - -ProxyStatus On', - }, - ] -} -``` - -###### `deny` - -Sets a [Deny](https://httpd.apache.org/docs/2.2/mod/mod_authz_host.html#deny) directive, specifying which hosts are denied access to the server. **Deprecated:** This parameter is being deprecated due to a change in Apache. It only works with Apache 2.2 and lower. You can use it as a single string for one rule or as an array for more than one. - -``` puppet -apache::vhost { 'sample.example.net': - docroot => '/path/to/directory', - directories => [ - { path => '/path/to/directory', - deny => 'from example.org', - }, - ], -} -``` - -###### `error_documents` - -An array of hashes used to override the [ErrorDocument](https://httpd.apache.org/docs/current/mod/core.html#errordocument) settings for the directory. - -``` puppet -apache::vhost { 'sample.example.net': - directories => [ - { path => '/srv/www', - error_documents => [ - { 'error_code' => '503', - 'document' => '/service-unavail', - }, - ], - }, - ], -} -``` - -###### `ext_filter_options` - -Sets the [ExtFilterOptions](https://httpd.apache.org/docs/current/mod/mod_ext_filter.html) directive. -Note that you must declare `class { 'apache::mod::ext_filter': }` before using this directive. - -``` puppet -apache::vhost { 'filter.example.org': - docroot => '/var/www/filter', - directories => [ - { path => '/var/www/filter', - ext_filter_options => 'LogStderr Onfail=abort', - }, - ], -} -``` - -###### `geoip_enable` - -Sets the [GeoIPEnable](http://dev.maxmind.com/geoip/legacy/mod_geoip2/#Configuration) directive. -Note that you must declare `class {'apache::mod::geoip': }` before using this directive. - -``` puppet -apache::vhost { 'first.example.com': - docroot => '/var/www/first', - directories => [ - { path => '/var/www/first', - geoip_enable => true, - }, - ], -} -``` - -###### `headers` - -Adds lines for [Header](https://httpd.apache.org/docs/current/mod/mod_headers.html#header) directives. - -``` puppet -apache::vhost { 'sample.example.net': - docroot => '/path/to/directory', - directories => { - path => '/path/to/directory', - headers => 'Set X-Robots-Tag "noindex, noarchive, nosnippet"', - }, -} -``` - -###### `index_options` - -Allows configuration settings for [directory indexing](https://httpd.apache.org/docs/current/mod/mod_autoindex.html#indexoptions). - -``` puppet -apache::vhost { 'sample.example.net': - docroot => '/path/to/directory', - directories => [ - { path => '/path/to/directory', - directoryindex => 'disabled', # this is needed on Apache 2.4 or mod_autoindex doesn't work - options => ['Indexes','FollowSymLinks','MultiViews'], - index_options => ['IgnoreCase', 'FancyIndexing', 'FoldersFirst', 'NameWidth=*', 'DescriptionWidth=*', 'SuppressHTMLPreamble'], - }, - ], -} -``` - -###### `index_order_default` - -Sets the [default ordering](https://httpd.apache.org/docs/current/mod/mod_autoindex.html#indexorderdefault) of the directory index. - -``` puppet -apache::vhost { 'sample.example.net': - docroot => '/path/to/directory', - directories => [ - { path => '/path/to/directory', - order => 'Allow,Deny', - index_order_default => ['Descending', 'Date'], - }, - ], -} -``` - -###### `index_style_sheet` - -Sets the [IndexStyleSheet](https://httpd.apache.org/docs/current/mod/mod_autoindex.html#indexstylesheet), which adds a CSS stylesheet to the directory index. - -``` puppet -apache::vhost { 'sample.example.net': - docroot => '/path/to/directory', - directories => [ - { path => '/path/to/directory', - options => ['Indexes','FollowSymLinks','MultiViews'], - index_options => ['FancyIndexing'], - index_style_sheet => '/styles/style.css', - }, - ], -} -``` - -###### `mellon_enable` - -Sets the [MellonEnable][`mod_auth_mellon`] directory to enable [`mod_auth_mellon`][]. You can use [`apache::mod::auth_mellon`][] to install `mod_auth_mellon`. - -``` puppet -apache::vhost { 'sample.example.net': - docroot => '/path/to/directory', - directories => [ - { path => '/', - provider => 'directory', - mellon_enable => 'info', - mellon_sp_private_key_file => '/etc/certs/${::fqdn}.key', - mellon_endpoint_path => '/mellon', - mellon_set_env_no_prefix => { 'ADFS_GROUP' => 'http://schemas.xmlsoap.org/claims/Group', - 'ADFS_EMAIL' => 'http://schemas.xmlsoap.org/claims/EmailAddress', }, - mellon_user => 'ADFS_LOGIN', - }, - { path => '/protected', - provider => 'location', - mellon_enable => 'auth', - auth_type => 'Mellon', - auth_require => 'valid-user', - mellon_cond => ['ADFS_LOGIN userA [MAP]','ADFS_LOGIN userB [MAP]'], - }, - ] -} -``` - -Related parameters follow the names of `mod_auth_mellon` directives: - -- `mellon_cond`: Takes an array of mellon conditions that must be met to grant access, and creates a [MellonCond][`mod_auth_mellon`] directive for each item in the array. -- `mellon_endpoint_path`: Sets the [MellonEndpointPath][`mod_auth_mellon`] to set the mellon endpoint path. -- `mellon_sp_metadata_file`: Sets the [MellonSPMetadataFile][`mod_auth_mellon`] location of the SP metadata file. -- `mellon_idp_metadata_file`: Sets the [MellonIDPMetadataFile][`mod_auth_mellon`] location of the IDP metadata file. -- `mellon_saml_rsponse_dump`: Sets the [MellonSamlResponseDump][`mod_auth_mellon`] directive to enable debug of SAML. -- `mellon_set_env_no_prefix`: Sets the [MellonSetEnvNoPrefix][`mod_auth_mellon`] directive to a hash of attribute names to map -to environment variables. -- `mellon_sp_private_key_file`: Sets the [MellonSPPrivateKeyFile][`mod_auth_mellon`] directive for the private key location of the service provider. -- `mellon_sp_cert_file`: Sets the [MellonSPCertFile][`mod_auth_mellon`] directive for the public key location of the service provider. -- `mellon_user`: Sets the [MellonUser][`mod_auth_mellon`] attribute to use for the username. - -###### `options` - -Lists the [Options](https://httpd.apache.org/docs/current/mod/core.html#options) for the given Directory block. - -``` puppet -apache::vhost { 'sample.example.net': - docroot => '/path/to/directory', - directories => [ - { path => '/path/to/directory', - options => ['Indexes','FollowSymLinks','MultiViews'], - }, - ], -} -``` - -###### `order` - -Sets the order of processing Allow and Deny statements as per [Apache core documentation](https://httpd.apache.org/docs/2.2/mod/mod_authz_host.html#order). **Deprecated:** This parameter is being deprecated due to a change in Apache. It only works with Apache 2.2 and lower. - -``` puppet -apache::vhost { 'sample.example.net': - docroot => '/path/to/directory', - directories => [ - { path => '/path/to/directory', - order => 'Allow,Deny', - }, - ], -} -``` - -###### `passenger_enabled` - -Sets the value for the [PassengerEnabled](http://www.modrails.com/documentation/Users%20guide%20Apache.html#PassengerEnabled) directive to 'on' or 'off'. Requires `apache::mod::passenger` to be included. - -``` puppet -apache::vhost { 'sample.example.net': - docroot => '/path/to/directory', - directories => [ - { path => '/path/to/directory', - passenger_enabled => 'on', - }, - ], -} -``` - -> **Note:** There is an [issue](http://www.conandalton.net/2010/06/passengerenabled-off-not-working.html) using the PassengerEnabled directive with the PassengerHighPerformance directive. - -###### `php_value` and `php_flag` - -`php_value` sets the value of the directory, and `php_flag` uses a boolean to configure the directory. Further information can be found [here](http://php.net/manual/en/configuration.changes.php). - -###### `php_admin_value` and `php_admin_flag` - -`php_admin_value` sets the value of the directory, and `php_admin_flag` uses a boolean to configure the directory. Further information can be found [here](http://php.net/manual/en/configuration.changes.php). - - -###### `require` - - -Sets a `Require` directive as per the [Apache Authz documentation](https://httpd.apache.org/docs/current/mod/mod_authz_core.html#require). If no `require` is set, it will default to `Require all granted`. - -``` puppet -apache::vhost { 'sample.example.net': - docroot => '/path/to/directory', - directories => [ - { path => '/path/to/directory', - require => 'IP 10.17.42.23', - } - ], -} -``` - -If `require` is set to `unmanaged` it will not be set at all. This is useful for complex authentication/authorization requirements which are handled in a custom fragment. - -``` puppet -apache::vhost { 'sample.example.net': - docroot => '/path/to/directory', - directories => [ - { path => '/path/to/directory', - require => 'unmanaged', - } - ], -} -``` - -###### `satisfy` - -Sets a `Satisfy` directive per the [Apache Core documentation](https://httpd.apache.org/docs/2.2/mod/core.html#satisfy). **Deprecated:** This parameter is deprecated due to a change in Apache and only works with Apache 2.2 and lower. - -``` puppet -apache::vhost { 'sample.example.net': - docroot => '/path/to/directory', - directories => [ - { path => '/path/to/directory', - satisfy => 'Any', - } - ], -} -``` - -###### `sethandler` - -Sets a `SetHandler` directive per the [Apache Core documentation](https://httpd.apache.org/docs/2.2/mod/core.html#sethandler). - -``` puppet -apache::vhost { 'sample.example.net': - docroot => '/path/to/directory', - directories => [ - { path => '/path/to/directory', - sethandler => 'None', - } - ], -} -``` - -###### `set_output_filter` - -Sets a `SetOutputFilter` directive per the [Apache Core documentation](https://httpd.apache.org/docs/current/mod/core.html#setoutputfilter). - -``` puppet -apache::vhost{ 'filter.example.net': - docroot => '/path/to/directory', - directories => [ - { path => '/path/to/directory', - set_output_filter => puppetdb-strip-resource-params, - }, - ], -} -``` - -###### `rewrites` - -Creates URL [`rewrites`](#rewrites) rules in virtual host directories. Expects an array of hashes, and the hash keys can be any of 'comment', 'rewrite_base', 'rewrite_cond', or 'rewrite_rule'. - -``` puppet -apache::vhost { 'secure.example.net': - docroot => '/path/to/directory', - directories => [ - { path => '/path/to/directory', - rewrites => [ { comment => 'Permalink Rewrites', - rewrite_base => '/' - }, - { rewrite_rule => [ '^index\.php$ - [L]' ] - }, - { rewrite_cond => [ '%{REQUEST_FILENAME} !-f', - '%{REQUEST_FILENAME} !-d', - ], - rewrite_rule => [ '. /index.php [L]' ], - } - ], - }, - ], -} -``` - -> **Note**: If you include rewrites in your directories, also include `apache::mod::rewrite` and consider setting the rewrites using the `rewrites` parameter in `apache::vhost` rather than setting the rewrites in the virtual host's directories. - -###### `shib_request_settings` - -Allows a valid content setting to be set or altered for the application request. This command takes two parameters: the name of the content setting, and the value to set it to. Check the Shibboleth [content setting documentation](https://wiki.shibboleth.net/confluence/display/SHIB2/NativeSPContentSettings) for valid settings. This key is disabled if `apache::mod::shib` is not defined. Check the [`mod_shib` documentation](https://wiki.shibboleth.net/confluence/display/SHIB2/NativeSPApacheConfig#NativeSPApacheConfig-Server/VirtualHostOptions) for more details. - -``` puppet -apache::vhost { 'secure.example.net': - docroot => '/path/to/directory', - directories => [ - { path => '/path/to/directory', - shib_request_settings => { 'requiresession' => 'On' }, - shib_use_headers => 'On', - }, - ], -} -``` - -###### `shib_use_headers` - -When set to 'On', this turns on the use of request headers to publish attributes to applications. Valid options for this key is 'On' or 'Off', and the default value is 'Off'. This key is disabled if `apache::mod::shib` is not defined. Check the [`mod_shib` documentation](https://wiki.shibboleth.net/confluence/display/SHIB2/NativeSPApacheConfig#NativeSPApacheConfig-Server/VirtualHostOptions) for more details. - -###### `ssl_options` - -String or list of [SSLOptions](https://httpd.apache.org/docs/current/mod/mod_ssl.html#ssloptions), which configure SSL engine run-time options. This handler takes precedence over SSLOptions set in the parent block of the virtual host. - -``` puppet -apache::vhost { 'secure.example.net': - docroot => '/path/to/directory', - directories => [ - { path => '/path/to/directory', - ssl_options => '+ExportCertData', - }, - { path => '/path/to/different/dir', - ssl_options => [ '-StdEnvVars', '+ExportCertData'], - }, - ], -} -``` - -###### `suphp` - -A hash containing the 'user' and 'group' keys for the [suPHP_UserGroup](http://www.suphp.org/DocumentationView.html?file=apache/CONFIG) setting. It must be used with `suphp_engine => on` in the virtual host declaration, and can only be passed within `directories`. - -``` puppet -apache::vhost { 'secure.example.net': - docroot => '/path/to/directory', - directories => [ - { path => '/path/to/directory', - suphp => { - user => 'myappuser', - group => 'myappgroup', - }, - }, - ], -} -``` - -#### SSL parameters for `apache::vhost` - -All of the SSL parameters for `::vhost` default to whatever is set in the base `apache` class. Use the below parameters to tweak individual SSL settings for specific virtual hosts. - -##### `ssl` - -Enables SSL for the virtual host. SSL virtual hosts only respond to HTTPS queries. Valid options: Boolean. Default: false. - -##### `ssl_ca` - -Specifies the SSL certificate authority. Default: undef. - -##### `ssl_cert` - -Specifies the SSL certification. Defaults are based on your OS: '/etc/pki/tls/certs/localhost.crt' for RedHat, '/etc/ssl/certs/ssl-cert-snakeoil.pem' for Debian, '/usr/local/etc/apache22/server.crt' for FreeBSD, and '/etc/ssl/apache2/server.crt' on Gentoo. - -##### `ssl_protocol` - -Specifies [SSLProtocol](https://httpd.apache.org/docs/current/mod/mod_ssl.html#sslprotocol). Expects an array or space separated string of accepted protocols. Defaults: 'all', '-SSLv2', '-SSLv3'. - -##### `ssl_cipher` - -Specifies [SSLCipherSuite](https://httpd.apache.org/docs/current/mod/mod_ssl.html#sslciphersuite). Default: 'HIGH:MEDIUM:!aNULL:!MD5'. - -##### `ssl_honorcipherorder` - -Sets [SSLHonorCipherOrder](https://httpd.apache.org/docs/current/mod/mod_ssl.html#sslhonorcipherorder), which is used to prefer the server's cipher preference order. Default: 'On' in the base `apache` config. - -##### `ssl_certs_dir` - -Specifies the location of the SSL certification directory. Default: Depends on the operating system. - -- **Debian:** '/etc/ssl/certs' -- **Red Hat:** '/etc/pki/tls/certs' -- **FreeBSD:** '/usr/local/etc/apache22' -- **Gentoo:** '/etc/ssl/apache2' - -##### `ssl_chain` - -Specifies the SSL chain. Default: undef. This default works out of the box, but it must be updated in the base `apache` class with your specific certificate information before being used in production. - -##### `ssl_crl` - -Specifies the certificate revocation list to use. Default: undef. (This default works out of the box but must be updated in the base `apache` class with your specific certificate information before being used in production.) - -##### `ssl_crl_path` - -Specifies the location of the certificate revocation list. Default: undef. (This default works out of the box but must be updated in the base `apache` class with your specific certificate information before being used in production.) - -##### `ssl_crl_check` - -Sets the certificate revocation check level via the [SSLCARevocationCheck directive](https://httpd.apache.org/docs/current/mod/mod_ssl.html#sslcarevocationcheck). Default: undef. This default works out of the box but must be specified when using CRLs in production. Only applicable to Apache 2.4 or higher; the value is ignored on older versions. - -##### `ssl_key` - -Specifies the SSL key. Defaults are based on your operating system: '/etc/pki/tls/private/localhost.key' for RedHat, '/etc/ssl/private/ssl-cert-snakeoil.key' for Debian, '/usr/local/etc/apache22/server.key' for FreeBSD, and '/etc/ssl/apache2/server.key' on Gentoo. (This default works out of the box but must be updated in the base `apache` class with your specific certificate information before being used in production.) - -##### `ssl_verify_client` - -Sets the [SSLVerifyClient](https://httpd.apache.org/docs/current/mod/mod_ssl.html#sslverifyclient) directive, which sets the certificate verification level for client authentication. Valid options are: 'none', 'optional', 'require', and 'optional_no_ca'. Default: undef. - -``` puppet -apache::vhost { 'sample.example.net': - … - ssl_verify_client => 'optional', -} -``` - -##### `ssl_verify_depth` - -Sets the [SSLVerifyDepth](https://httpd.apache.org/docs/current/mod/mod_ssl.html#sslverifydepth) directive, which specifies the maximum depth of CA certificates in client certificate verification. Default: undef. - -``` puppet -apache::vhost { 'sample.example.net': - … - ssl_verify_depth => 1, -} -``` -##### `ssl_proxy_protocol` - -Sets the [SSLProxyProtocol](https://httpd.apache.org/docs/current/mod/mod_ssl.html#sslproxyprotocol) directive, which controls the SSL protocol flavors mod_ssl should use when establishing its server environment for proxy. It will only connect to servers using one of the provided protocols. Default: undef. - - -##### `ssl_proxy_verify` - -Sets the [SSLProxyVerify](https://httpd.apache.org/docs/current/mod/mod_ssl.html#sslproxyverify) directive, which configures certificate verification of the remote server when a proxy is configured to forward requests to a remote SSL server. Default: undef. - -##### `ssl_proxy_machine_cert` - -Sets the [SSLProxyMachineCertificateFile](https://httpd.apache.org/docs/current/mod/mod_ssl.html#sslproxymachinecertificatefile) directive, which specifies an all-in-one file where you keep the certs and keys used for this server to authenticate itself to remote servers. This file should be a concatenation of the PEM-encoded certificate files in order of preference. Default: undef. - -``` puppet -apache::vhost { 'sample.example.net': - … - ssl_proxy_machine_cert => '/etc/httpd/ssl/client_certificate.pem', -} -``` - -##### `ssl_proxy_check_peer_cn` - -Sets the [SSLProxyMachinePeerCN](https://httpd.apache.org/docs/current/mod/mod_ssl.html#sslproxycheckpeercn) directive, which specifies whether the remote server certificate's CN field is compared against the hostname of the request URL. Valid options: 'on', 'off'. Default: undef. - -##### `ssl_proxy_check_peer_name` - -Sets the [SSLProxyMachinePeerName](https://httpd.apache.org/docs/current/mod/mod_ssl.html#sslproxycheckpeername) directive, which specifies whether the remote server certificate's CN field is compared against the hostname of the request URL. Valid options: 'on', 'off'. Default: undef. - -##### `ssl_options` - -Sets the [SSLOptions](https://httpd.apache.org/docs/current/mod/mod_ssl.html#ssloptions) directive, which configures various SSL engine run-time options. This is the global setting for the given virtual host and can be a string or an array. Default: undef. - -A string: - -``` puppet -apache::vhost { 'sample.example.net': - … - ssl_options => '+ExportCertData', -} -``` - -An array: - -``` puppet -apache::vhost { 'sample.example.net': - … - ssl_options => [ '+StrictRequire', '+ExportCertData' ], -} -``` - -##### `ssl_openssl_conf_cmd` - -Sets the [SSLOpenSSLConfCmd](https://httpd.apache.org/docs/current/mod/mod_ssl.html#sslopensslconfcmd) directive, which provides direct configuration of OpenSSL parameters. Default: undef. - -##### `ssl_proxyengine` - -Specifies whether or not to use [SSLProxyEngine](https://httpd.apache.org/docs/current/mod/mod_ssl.html#sslproxyengine). Valid options: Boolean. Default: true. - -#### Defined type: FastCGI Server - -This type is intended for use with mod\_fastcgi. It allows you to define one or more external FastCGI servers to handle specific file types. - -** Note ** If using Ubuntu 10.04+, you'll need to manually enable the multiverse repository. - -Ex: - -``` puppet -apache::fastcgi::server { 'php': - host => '127.0.0.1:9000', - timeout => 15, - flush => false, - faux_path => '/var/www/php.fcgi', - fcgi_alias => '/php.fcgi', - file_type => 'application/x-httpd-php', - pass_header => '' -} -``` - -Within your virtual host, you can then configure the specified file type to be handled by the fastcgi server specified above. - -``` puppet -apache::vhost { 'www': - ... - custom_fragment => 'AddType application/x-httpd-php .php' - ... -} -``` - -##### `host` - -The hostname or IP address and TCP port number (1-65535) of the FastCGI server. - -It is also possible to pass a unix socket: - -``` puppet -apache::fastcgi::server { 'php': - host => '/var/run/fcgi.sock', -} -``` - -##### `timeout` - -The number of seconds of FastCGI application inactivity allowed before the request is aborted and the event is logged (at the error LogLevel). The inactivity timer applies only as long as a connection is pending with the FastCGI application. If a request is queued to an application, but the application doesn't respond (by writing and flushing) within this period, the request is aborted. If communication is complete with the application but incomplete with the client (the response is buffered), the timeout does not apply. - -##### `flush` - -Force a write to the client as data is received from the application. By default, mod\_fastcgi buffers data in order to free the application as quickly as possible. - -##### `faux_path` - -`faux_path` does not have to exist in the local filesystem. URIs that Apache resolves to this filename are handled by this external FastCGI application. - -##### `alias` - -A unique alias. This is used internally to link the action with the FastCGI server. - -##### `file_type` - -The MIME-type of the file to be processed by the FastCGI server. - -##### `pass_header` - -The name of an HTTP Request Header to be passed in the request environment. This option makes available the contents of headers which are normally not available (e.g. Authorization) to a CGI environment. - -#### Defined type: `apache::vhost::custom` - -The `apache::vhost::custom` defined type is a thin wrapper around the `apache::custom_config` defined type, and simply overrides some of its default settings specific to the virtual host directory in Apache. - -**Parameters within `apache::vhost::custom`**: - -##### `content` - -Sets the configuration file's content. - -##### `ensure` - -Specifies if the virtual host file is present or absent. Valid options: 'absent', 'present'. Default: 'present'. - -##### `priority` - -Sets the relative load order for Apache HTTPD VirtualHost configuration files. Default: '25'. - -### Private defined types - -#### Defined type: `apache::peruser::multiplexer` - -This defined type checks if an Apache module has a class. If it does, it includes that class. If it does not, it passes the module name to the [`apache::mod`][] defined type. - -#### Defined type: `apache::peruser::multiplexer` - -Enables the [`Peruser`][] module for FreeBSD only. - -#### Defined type: `apache::peruser::processor` - -Enables the [`Peruser`][] module for FreeBSD only. - -#### Defined type: `apache::security::file_link` - -Links the `activated_rules` from [`apache::mod::security`][] to the respective CRS rules on disk. - -### Templates - -The Apache module relies heavily on templates to enable the [`apache::vhost`][] and [`apache::mod`][] defined types. These templates are built based on [Facter][] facts specific to your operating system. Unless explicitly called out, most templates are not meant for configuration. - -## Limitations - -### Ubuntu 10.04 - -The [`apache::vhost::WSGIImportScript`][] parameter creates a statement inside the virtual host that is unsupported on older versions of Apache, causing it to fail. This will be remedied in a future refactoring. - -### RHEL/CentOS 5 - -The [`apache::mod::passenger`][] and [`apache::mod::proxy_html`][] classes are untested since repositories are missing compatible packages. - -### RHEL/CentOS 6 - -The [`apache::mod::passenger`][] class is not installing as the the EL6 repository is missing compatible packages. - -### RHEL/CentOS 7 - -The [`apache::mod::passenger`][] class is untested as the EL7 repository is missing compatible packages, which also blocks us from testing the [`apache::vhost`][] defined type's [`rack_base_uris`][] parameter. - -### General - -This module is CI tested against both [open source Puppet][] and [Puppet Enterprise][] on: - -- CentOS 5 and 6 -- Ubuntu 12.04 and 14.04 -- Debian 7 -- RHEL 5, 6, and 7 - -This module also provides functions for other distributions and operating systems, such as FreeBSD, Gentoo, and Amazon Linux, but is not formally tested on them and are subject to regressions. - -### Ubuntu 10.04 - -The [`apache::vhost::wsgi_import_script`][] parameter creates a statement inside the virtual host that is unsupported on older versions of Apache, causing it to fail. This will be remedied in a future refactoring. - -### RHEL/CentOS -The [`apache::mod::auth_cas`][], [`apache::mod::passenger`][], [`apache::mod::proxy_html`][] and [`apache::mod::shib`][] classes are not functional on RH/CentOS without providing dependency packages from extra repositories. - -See their respective documentation above for related repositories and packages. - -### SELinux and custom paths - -If [SELinux][] is in [enforcing mode][] and you want to use custom paths for `logroot`, `mod_dir`, `vhost_dir`, and `docroot`, you need to manage the files' context yourself. - -You can do this with Puppet: - -``` puppet -exec { 'set_apache_defaults': - command => 'semanage fcontext -a -t httpd_sys_content_t "/custom/path(/.*)?"', - path => '/bin:/usr/bin/:/sbin:/usr/sbin', - require => Package['policycoreutils-python'], -} - -package { 'policycoreutils-python': - ensure => installed, -} - -exec { 'restorecon_apache': - command => 'restorecon -Rv /apache_spec', - path => '/bin:/usr/bin/:/sbin:/usr/sbin', - before => Class['Apache::Service'], - require => Class['apache'], -} - -class { 'apache': } - -host { 'test.server': - ip => '127.0.0.1', -} - -file { '/custom/path': - ensure => directory, -} - -file { '/custom/path/include': - ensure => present, - content => '#additional_includes', -} - -apache::vhost { 'test.server': - docroot => '/custom/path', - additional_includes => '/custom/path/include', -} -``` - -You need to set the contexts using `semanage fcontext` instead of `chcon` because Puppet's `file` resources reset the values' context in the database if the resource doesn't specify it. - -### FreeBSD - -In order to use this module on FreeBSD, you _must_ use apache24-2.4.12 (www/apache24) or newer. - -## Development - -### Contributing - -[Puppet Labs][] modules on the [Puppet Forge][] are open projects, and community contributions are essential for keeping them great. We can’t access the huge number of platforms and myriad hardware, software, and deployment configurations that Puppet is intended to serve. - -We want to make it as easy as possible to contribute changes so our modules work in your environment, but we also need contributors to follow a few guidelines to help us maintain and improve the modules' quality. - -For more information, please read the complete [module contribution guide][]. - -### Running tests - -This project contains tests for both [rspec-puppet][] and [beaker-rspec][] to verify functionality. For detailed information on using these tools, please see their respective documentation. - -#### Testing quickstart: Ruby > 1.8.7 - -``` -gem install bundler -bundle install -bundle exec rake spec -bundle exec rspec spec/acceptance -RS_DEBUG=yes bundle exec rspec spec/acceptance -``` - -#### Testing quickstart: Ruby = 1.8.7 - -``` -gem install bundler -bundle install --without system_tests -bundle exec rake spec -``` diff --git a/apache/Rakefile b/apache/Rakefile deleted file mode 100644 index 1e2be6663..000000000 --- a/apache/Rakefile +++ /dev/null @@ -1,43 +0,0 @@ -require 'puppet_blacksmith/rake_tasks' -require 'puppet-lint/tasks/puppet-lint' -require 'puppetlabs_spec_helper/rake_tasks' - -PuppetLint.configuration.fail_on_warnings = true -PuppetLint.configuration.send('relative') -PuppetLint.configuration.send('disable_80chars') -PuppetLint.configuration.send('disable_class_inherits_from_params_class') -PuppetLint.configuration.send('disable_documentation') -PuppetLint.configuration.send('disable_single_quote_string_with_variables') -PuppetLint.configuration.send('disable_only_variable_string') -PuppetLint.configuration.ignore_paths = ["spec/**/*.pp", "pkg/**/*.pp"] - -desc 'Generate pooler nodesets' -task :gen_nodeset do - require 'beaker-hostgenerator' - require 'securerandom' - require 'fileutils' - - agent_target = ENV['TEST_TARGET'] - if ! agent_target - STDERR.puts 'TEST_TARGET environment variable is not set' - STDERR.puts 'setting to default value of "redhat-64default."' - agent_target = 'redhat-64default.' - end - - master_target = ENV['MASTER_TEST_TARGET'] - if ! master_target - STDERR.puts 'MASTER_TEST_TARGET environment variable is not set' - STDERR.puts 'setting to default value of "redhat7-64mdcl"' - master_target = 'redhat7-64mdcl' - end - - targets = "#{master_target}-#{agent_target}" - cli = BeakerHostGenerator::CLI.new([targets]) - nodeset_dir = "tmp/nodesets" - nodeset = "#{nodeset_dir}/#{targets}-#{SecureRandom.uuid}.yaml" - FileUtils.mkdir_p(nodeset_dir) - File.open(nodeset, 'w') do |fh| - fh.print(cli.execute) - end - puts nodeset -end diff --git a/apache/examples/apache.pp b/apache/examples/apache.pp deleted file mode 100644 index 0d4543564..000000000 --- a/apache/examples/apache.pp +++ /dev/null @@ -1,6 +0,0 @@ -include apache -include apache::mod::php -include apache::mod::cgi -include apache::mod::userdir -include apache::mod::disk_cache -include apache::mod::proxy_http diff --git a/apache/examples/dev.pp b/apache/examples/dev.pp deleted file mode 100644 index 6c4f95571..000000000 --- a/apache/examples/dev.pp +++ /dev/null @@ -1 +0,0 @@ -include apache::mod::dev diff --git a/apache/examples/init.pp b/apache/examples/init.pp deleted file mode 100644 index b3f9f13aa..000000000 --- a/apache/examples/init.pp +++ /dev/null @@ -1 +0,0 @@ -include apache diff --git a/apache/examples/mod_load_params.pp b/apache/examples/mod_load_params.pp deleted file mode 100644 index 0e84c5efb..000000000 --- a/apache/examples/mod_load_params.pp +++ /dev/null @@ -1,11 +0,0 @@ -# Tests the path and identifier parameters for the apache::mod class - -# Base class for clarity: -class { 'apache': } - - -# Exaple parameter usage: -apache::mod { 'testmod': - path => '/usr/some/path/mod_testmod.so', - id => 'testmod_custom_name', -} diff --git a/apache/examples/mods.pp b/apache/examples/mods.pp deleted file mode 100644 index 59362bd9a..000000000 --- a/apache/examples/mods.pp +++ /dev/null @@ -1,9 +0,0 @@ -## Default mods - -# Base class. Declares default vhost on port 80 and default ssl -# vhost on port 443 listening on all interfaces and serving -# $apache::docroot, and declaring our default set of modules. -class { 'apache': - default_mods => true, -} - diff --git a/apache/examples/mods_custom.pp b/apache/examples/mods_custom.pp deleted file mode 100644 index 0ae699c73..000000000 --- a/apache/examples/mods_custom.pp +++ /dev/null @@ -1,16 +0,0 @@ -## custom mods - -# Base class. Declares default vhost on port 80 and default ssl -# vhost on port 443 listening on all interfaces and serving -# $apache::docroot, and declaring a custom set of modules. -class { 'apache': - default_mods => [ - 'info', - 'alias', - 'mime', - 'env', - 'setenv', - 'expires', - ], -} - diff --git a/apache/examples/php.pp b/apache/examples/php.pp deleted file mode 100644 index 1d926bfb4..000000000 --- a/apache/examples/php.pp +++ /dev/null @@ -1,4 +0,0 @@ -class { 'apache': - mpm_module => 'prefork', -} -include apache::mod::php diff --git a/apache/examples/vhost.pp b/apache/examples/vhost.pp deleted file mode 100644 index 486570f81..000000000 --- a/apache/examples/vhost.pp +++ /dev/null @@ -1,261 +0,0 @@ -## Default vhosts, and custom vhosts -# NB: Please see the other vhost_*.pp example files for further -# examples. - -# Base class. Declares default vhost on port 80 and default ssl -# vhost on port 443 listening on all interfaces and serving -# $apache::docroot -class { 'apache': } - -# Most basic vhost -apache::vhost { 'first.example.com': - port => '80', - docroot => '/var/www/first', -} - -# Vhost with different docroot owner/group/mode -apache::vhost { 'second.example.com': - port => '80', - docroot => '/var/www/second', - docroot_owner => 'third', - docroot_group => 'third', - docroot_mode => '0770', -} - -# Vhost with serveradmin -apache::vhost { 'third.example.com': - port => '80', - docroot => '/var/www/third', - serveradmin => 'admin@example.com', -} - -# Vhost with ssl (uses default ssl certs) -apache::vhost { 'ssl.example.com': - port => '443', - docroot => '/var/www/ssl', - ssl => true, -} - -# Vhost with ssl and specific ssl certs -apache::vhost { 'fourth.example.com': - port => '443', - docroot => '/var/www/fourth', - ssl => true, - ssl_cert => '/etc/ssl/fourth.example.com.cert', - ssl_key => '/etc/ssl/fourth.example.com.key', -} - -# Vhost with english title and servername parameter -apache::vhost { 'The fifth vhost': - servername => 'fifth.example.com', - port => '80', - docroot => '/var/www/fifth', -} - -# Vhost with server aliases -apache::vhost { 'sixth.example.com': - serveraliases => [ - 'sixth.example.org', - 'sixth.example.net', - ], - port => '80', - docroot => '/var/www/fifth', -} - -# Vhost with alternate options -apache::vhost { 'seventh.example.com': - port => '80', - docroot => '/var/www/seventh', - options => [ - 'Indexes', - 'MultiViews', - ], -} - -# Vhost with AllowOverride for .htaccess -apache::vhost { 'eighth.example.com': - port => '80', - docroot => '/var/www/eighth', - override => 'All', -} - -# Vhost with access and error logs disabled -apache::vhost { 'ninth.example.com': - port => '80', - docroot => '/var/www/ninth', - access_log => false, - error_log => false, -} - -# Vhost with custom access and error logs and logroot -apache::vhost { 'tenth.example.com': - port => '80', - docroot => '/var/www/tenth', - access_log_file => 'tenth_vhost.log', - error_log_file => 'tenth_vhost_error.log', - logroot => '/var/log', -} - -# Vhost with a cgi-bin -apache::vhost { 'eleventh.example.com': - port => '80', - docroot => '/var/www/eleventh', - scriptalias => '/usr/lib/cgi-bin', -} - -# Vhost with a proxypass configuration -apache::vhost { 'twelfth.example.com': - port => '80', - docroot => '/var/www/twelfth', - proxy_dest => 'http://internal.example.com:8080/twelfth', - no_proxy_uris => ['/login','/logout'], -} - -# Vhost to redirect /login and /logout -apache::vhost { 'thirteenth.example.com': - port => '80', - docroot => '/var/www/thirteenth', - redirect_source => [ - '/login', - '/logout', - ], - redirect_dest => [ - 'http://10.0.0.10/login', - 'http://10.0.0.10/logout', - ], -} - -# Vhost to permamently redirect -apache::vhost { 'fourteenth.example.com': - port => '80', - docroot => '/var/www/fourteenth', - redirect_source => '/blog', - redirect_dest => 'http://blog.example.com', - redirect_status => 'permanent', -} - -# Vhost with a rack configuration -apache::vhost { 'fifteenth.example.com': - port => '80', - docroot => '/var/www/fifteenth', - rack_base_uris => ['/rackapp1', '/rackapp2'], -} - - -# Vhost to redirect non-ssl to ssl -apache::vhost { 'sixteenth.example.com non-ssl': - servername => 'sixteenth.example.com', - port => '80', - docroot => '/var/www/sixteenth', - rewrites => [ - { - comment => 'redirect non-SSL traffic to SSL site', - rewrite_cond => ['%{HTTPS} off'], - rewrite_rule => ['(.*) https://%{HTTP_HOST}%{REQUEST_URI}'], - } - ] -} - -# Rewrite a URL to lower case -apache::vhost { 'sixteenth.example.com non-ssl': - servername => 'sixteenth.example.com', - port => '80', - docroot => '/var/www/sixteenth', - rewrites => [ - { comment => 'Rewrite to lower case', - rewrite_cond => ['%{REQUEST_URI} [A-Z]'], - rewrite_map => ['lc int:tolower'], - rewrite_rule => ['(.*) ${lc:$1} [R=301,L]'], - } - ] -} - -apache::vhost { 'sixteenth.example.com ssl': - servername => 'sixteenth.example.com', - port => '443', - docroot => '/var/www/sixteenth', - ssl => true, -} - -# Vhost to redirect non-ssl to ssl using old rewrite method -apache::vhost { 'sixteenth.example.com non-ssl old rewrite': - servername => 'sixteenth.example.com', - port => '80', - docroot => '/var/www/sixteenth', - rewrite_cond => '%{HTTPS} off', - rewrite_rule => '(.*) https://%{HTTP_HOST}%{REQUEST_URI}', -} -apache::vhost { 'sixteenth.example.com ssl old rewrite': - servername => 'sixteenth.example.com', - port => '443', - docroot => '/var/www/sixteenth', - ssl => true, -} - -# Vhost to block repository files -apache::vhost { 'seventeenth.example.com': - port => '80', - docroot => '/var/www/seventeenth', - block => 'scm', -} - -# Vhost with special environment variables -apache::vhost { 'eighteenth.example.com': - port => '80', - docroot => '/var/www/eighteenth', - setenv => ['SPECIAL_PATH /foo/bin','KILROY was_here'], -} - -apache::vhost { 'nineteenth.example.com': - port => '80', - docroot => '/var/www/nineteenth', - setenvif => 'Host "^([^\.]*)\.website\.com$" CLIENT_NAME=$1', -} - -# Vhost with additional include files -apache::vhost { 'twentyieth.example.com': - port => '80', - docroot => '/var/www/twelfth', - additional_includes => ['/tmp/proxy_group_a','/tmp/proxy_group_b'], -} - -# Vhost with alias for subdomain mapped to same named directory -# http://example.com.loc => /var/www/example.com -apache::vhost { 'subdomain.loc': - vhost_name => '*', - port => '80', - virtual_docroot => '/var/www/%-2+', - docroot => '/var/www', - serveraliases => ['*.loc',], -} - -# Vhost with SSLProtocol,SSLCipherSuite, SSLHonorCipherOrder -apache::vhost { 'securedomain.com': - priority => '10', - vhost_name => 'www.securedomain.com', - port => '443', - docroot => '/var/www/secure', - ssl => true, - ssl_cert => '/etc/ssl/securedomain.cert', - ssl_key => '/etc/ssl/securedomain.key', - ssl_chain => '/etc/ssl/securedomain.crt', - ssl_protocol => '-ALL +TLSv1', - ssl_cipher => 'ALL:!aNULL:!ADH:!eNULL:!LOW:!EXP:RC4+RSA:+HIGH:+MEDIUM', - ssl_honorcipherorder => 'On', - add_listen => false, -} - -# Vhost with access log environment variables writing control -apache::vhost { 'twentyfirst.example.com': - port => '80', - docroot => '/var/www/twentyfirst', - access_log_env_var => 'admin', -} - -# Vhost with a passenger_base configuration -apache::vhost { 'twentysecond.example.com': - port => '80', - docroot => '/var/www/twentysecond', - rack_base_uris => ['/passengerapp1', '/passengerapp2'], -} - diff --git a/apache/examples/vhost_directories.pp b/apache/examples/vhost_directories.pp deleted file mode 100644 index b8953ee32..000000000 --- a/apache/examples/vhost_directories.pp +++ /dev/null @@ -1,44 +0,0 @@ -# Base class. Declares default vhost on port 80 and default ssl -# vhost on port 443 listening on all interfaces and serving -# $apache::docroot -class { 'apache': } - -# Example from README adapted. -apache::vhost { 'readme.example.net': - docroot => '/var/www/readme', - directories => [ - { - 'path' => '/var/www/readme', - 'ServerTokens' => 'prod' , - }, - { - 'path' => '/usr/share/empty', - 'allow' => 'from all', - }, - ], -} - -# location test -apache::vhost { 'location.example.net': - docroot => '/var/www/location', - directories => [ - { - 'path' => '/location', - 'provider' => 'location', - 'ServerTokens' => 'prod' - }, - ], -} - -# files test, curedly disable access to accidental backup files. -apache::vhost { 'files.example.net': - docroot => '/var/www/files', - directories => [ - { - 'path' => '(\.swp|\.bak|~)$', - 'provider' => 'filesmatch', - 'deny' => 'from all' - }, - ], -} - diff --git a/apache/examples/vhost_filter.pp b/apache/examples/vhost_filter.pp deleted file mode 100644 index ca1a8bbe0..000000000 --- a/apache/examples/vhost_filter.pp +++ /dev/null @@ -1,17 +0,0 @@ -# Base class. Declares default vhost on port 80 with filters. -class { 'apache': } - -# Example from README adapted. -apache::vhost { 'readme.example.net': - docroot => '/var/www/html', - filters => [ - 'FilterDeclare COMPRESS', - 'FilterProvider COMPRESS DEFLATE resp=Content-Type $text/html', - 'FilterProvider COMPRESS DEFLATE resp=Content-Type $text/css', - 'FilterProvider COMPRESS DEFLATE resp=Content-Type $text/plain', - 'FilterProvider COMPRESS DEFLATE resp=Content-Type $text/xml', - 'FilterChain COMPRESS', - 'FilterProtocol COMPRESS DEFLATE change=yes;byteranges=no', - ], -} - diff --git a/apache/examples/vhost_ip_based.pp b/apache/examples/vhost_ip_based.pp deleted file mode 100644 index dc0fa4f33..000000000 --- a/apache/examples/vhost_ip_based.pp +++ /dev/null @@ -1,25 +0,0 @@ -## IP-based vhosts on any listen port -# IP-based vhosts respond to requests on specific IP addresses. - -# Base class. Turn off the default vhosts; we will be declaring -# all vhosts below. -class { 'apache': - default_vhost => false, -} - -# Listen on port 80 and 81; required because the following vhosts -# are not declared with a port parameter. -apache::listen { '80': } -apache::listen { '81': } - -# IP-based vhosts -apache::vhost { 'first.example.com': - ip => '10.0.0.10', - docroot => '/var/www/first', - ip_based => true, -} -apache::vhost { 'second.example.com': - ip => '10.0.0.11', - docroot => '/var/www/second', - ip_based => true, -} diff --git a/apache/examples/vhost_proxypass.pp b/apache/examples/vhost_proxypass.pp deleted file mode 100644 index e911f85f9..000000000 --- a/apache/examples/vhost_proxypass.pp +++ /dev/null @@ -1,66 +0,0 @@ -## vhost with proxyPass directive -# NB: Please see the other vhost_*.pp example files for further -# examples. - -# Base class. Declares default vhost on port 80 and default ssl -# vhost on port 443 listening on all interfaces and serving -# $apache::docroot -class { 'apache': } - -# Most basic vhost with proxy_pass -apache::vhost { 'first.example.com': - port => 80, - docroot => '/var/www/first', - proxy_pass => [ - { - 'path' => '/first', - 'url' => 'http://localhost:8080/first' - }, - ], -} - -# vhost with proxy_pass and parameters -apache::vhost { 'second.example.com': - port => 80, - docroot => '/var/www/second', - proxy_pass => [ - { - 'path' => '/second', - 'url' => 'http://localhost:8080/second', - 'params' => { - 'retry' => '0', - 'timeout' => '5' - } - }, - ], -} - -# vhost with proxy_pass and keywords -apache::vhost { 'third.example.com': - port => 80, - docroot => '/var/www/third', - proxy_pass => [ - { - 'path' => '/third', - 'url' => 'http://localhost:8080/third', - 'keywords' => ['noquery', 'interpolate'] - }, - ], -} - -# vhost with proxy_pass, parameters and keywords -apache::vhost { 'fourth.example.com': - port => 80, - docroot => '/var/www/fourth', - proxy_pass => [ - { - 'path' => '/fourth', - 'url' => 'http://localhost:8080/fourth', - 'params' => { - 'retry' => '0', - 'timeout' => '5' - }, - 'keywords' => ['noquery', 'interpolate'] - }, - ], -} diff --git a/apache/examples/vhost_ssl.pp b/apache/examples/vhost_ssl.pp deleted file mode 100644 index 8e7a2b279..000000000 --- a/apache/examples/vhost_ssl.pp +++ /dev/null @@ -1,23 +0,0 @@ -## SSL-enabled vhosts -# SSL-enabled vhosts respond only to HTTPS queries. - -# Base class. Turn off the default vhosts; we will be declaring -# all vhosts below. -class { 'apache': - default_vhost => false, -} - -# Non-ssl vhost -apache::vhost { 'first.example.com non-ssl': - servername => 'first.example.com', - port => '80', - docroot => '/var/www/first', -} - -# SSL vhost at the same domain -apache::vhost { 'first.example.com ssl': - servername => 'first.example.com', - port => '443', - docroot => '/var/www/first', - ssl => true, -} diff --git a/apache/examples/vhosts_without_listen.pp b/apache/examples/vhosts_without_listen.pp deleted file mode 100644 index e7d6cc036..000000000 --- a/apache/examples/vhosts_without_listen.pp +++ /dev/null @@ -1,53 +0,0 @@ -## Declare ip-based and name-based vhosts -# Mixing Name-based vhost with IP-specific vhosts requires `add_listen => -# 'false'` on the non-IP vhosts - -# Base class. Turn off the default vhosts; we will be declaring -# all vhosts below. -class { 'apache': - default_vhost => false, -} - - -# Add two an IP-based vhost on 10.0.0.10, ssl and non-ssl -apache::vhost { 'The first IP-based vhost, non-ssl': - servername => 'first.example.com', - ip => '10.0.0.10', - port => '80', - ip_based => true, - docroot => '/var/www/first', -} -apache::vhost { 'The first IP-based vhost, ssl': - servername => 'first.example.com', - ip => '10.0.0.10', - port => '443', - ip_based => true, - docroot => '/var/www/first-ssl', - ssl => true, -} - -# Two name-based vhost listening on 10.0.0.20 -apache::vhost { 'second.example.com': - ip => '10.0.0.20', - port => '80', - docroot => '/var/www/second', -} -apache::vhost { 'third.example.com': - ip => '10.0.0.20', - port => '80', - docroot => '/var/www/third', -} - -# Two name-based vhosts without IPs specified, so that they will answer on either 10.0.0.10 or 10.0.0.20 . It is requried to declare -# `add_listen => 'false'` to disable declaring "Listen 80" which will conflict -# with the IP-based preceeding vhosts. -apache::vhost { 'fourth.example.com': - port => '80', - docroot => '/var/www/fourth', - add_listen => false, -} -apache::vhost { 'fifth.example.com': - port => '80', - docroot => '/var/www/fifth', - add_listen => false, -} diff --git a/apache/files/httpd b/apache/files/httpd deleted file mode 100644 index d65a8d445..000000000 --- a/apache/files/httpd +++ /dev/null @@ -1,24 +0,0 @@ -# Configuration file for the httpd service. - -# -# The default processing model (MPM) is the process-based -# 'prefork' model. A thread-based model, 'worker', is also -# available, but does not work with some modules (such as PHP). -# The service must be stopped before changing this variable. -# -#HTTPD=/usr/sbin/httpd.worker - -# -# To pass additional options (for instance, -D definitions) to the -# httpd binary at startup, set OPTIONS here. -# -#OPTIONS= -#OPTIONS=-DDOWN - -# -# By default, the httpd process is started in the C locale; to -# change the locale in which the server runs, the HTTPD_LANG -# variable can be set. -# -#HTTPD_LANG=C -export SHORTHOST=`hostname -s` diff --git a/apache/lib/facter/apache_version.rb b/apache/lib/facter/apache_version.rb deleted file mode 100644 index b84d77615..000000000 --- a/apache/lib/facter/apache_version.rb +++ /dev/null @@ -1,8 +0,0 @@ -Facter.add(:apache_version) do - setcode do - if Facter::Util::Resolution.which('apachectl') - apache_version = Facter::Util::Resolution.exec('apachectl -v 2>&1') - %r{^Server version: Apache\/([\w\.]+) \(([\w ]+)\)}.match(apache_version)[1] - end - end -end diff --git a/apache/lib/puppet/parser/functions/bool2httpd.rb b/apache/lib/puppet/parser/functions/bool2httpd.rb deleted file mode 100644 index 5fb79f6f5..000000000 --- a/apache/lib/puppet/parser/functions/bool2httpd.rb +++ /dev/null @@ -1,30 +0,0 @@ -Puppet::Parser::Functions::newfunction(:bool2httpd, :type => :rvalue, :doc => <<-EOS -Transform a supposed boolean to On or Off. Pass all other values through. -Given a nil value (undef), bool2httpd will return 'Off' - -Example: - - $trace_enable = false - $server_signature = 'mail' - - bool2httpd($trace_enable) - # => 'Off' - bool2httpd($server_signature) - # => 'mail' - bool2httpd(undef) - # => 'Off' - -EOS -) do |args| - raise(Puppet::ParseError, "bool2httpd() wrong number of arguments. Given: #{args.size} for 1)") if args.size != 1 - - arg = args[0] - - if arg.nil? or arg == false or arg =~ /false/i or arg == :undef - return 'Off' - elsif arg == true or arg =~ /true/i - return 'On' - end - - return arg.to_s -end diff --git a/apache/lib/puppet/parser/functions/enclose_ipv6.rb b/apache/lib/puppet/parser/functions/enclose_ipv6.rb deleted file mode 100644 index 80ffc3aca..000000000 --- a/apache/lib/puppet/parser/functions/enclose_ipv6.rb +++ /dev/null @@ -1,45 +0,0 @@ -# -# enclose_ipv6.rb -# - -module Puppet::Parser::Functions - newfunction(:enclose_ipv6, :type => :rvalue, :doc => <<-EOS -Takes an array of ip addresses and encloses the ipv6 addresses with square brackets. - EOS - ) do |arguments| - - require 'ipaddr' - - rescuable_exceptions = [ ArgumentError ] - if defined?(IPAddr::InvalidAddressError) - rescuable_exceptions << IPAddr::InvalidAddressError - end - - if (arguments.size != 1) then - raise(Puppet::ParseError, "enclose_ipv6(): Wrong number of arguments "+ - "given #{arguments.size} for 1") - end - unless arguments[0].is_a?(String) or arguments[0].is_a?(Array) then - raise(Puppet::ParseError, "enclose_ipv6(): Wrong argument type "+ - "given #{arguments[0].class} expected String or Array") - end - - input = [arguments[0]].flatten.compact - result = [] - - input.each do |val| - unless val == '*' - begin - ip = IPAddr.new(val) - rescue *rescuable_exceptions - raise(Puppet::ParseError, "enclose_ipv6(): Wrong argument "+ - "given #{val} is not an ip address.") - end - val = "[#{ip.to_s}]" if ip.ipv6? - end - result << val - end - - return result.uniq - end -end diff --git a/apache/lib/puppet/parser/functions/validate_apache_log_level.rb b/apache/lib/puppet/parser/functions/validate_apache_log_level.rb deleted file mode 100644 index 8a1ade0be..000000000 --- a/apache/lib/puppet/parser/functions/validate_apache_log_level.rb +++ /dev/null @@ -1,27 +0,0 @@ -module Puppet::Parser::Functions - newfunction(:validate_apache_log_level, :doc => <<-'ENDHEREDOC') do |args| - Perform simple validation of a string against the list of known log - levels as per http://httpd.apache.org/docs/current/mod/core.html#loglevel - validate_apache_loglevel('info') - - Modules maybe specified with their own levels like these: - validate_apache_loglevel('warn ssl:info') - validate_apache_loglevel('warn mod_ssl.c:info') - validate_apache_loglevel('warn ssl_module:info') - - Expected to be used from the main or vhost. - - Might be used from directory too later as apaceh supports that - - ENDHEREDOC - if (args.size != 1) then - raise Puppet::ParseError, ("validate_apache_loglevel(): wrong number of arguments (#{args.length}; must be 1)") - end - - log_level = args[0] - msg = "Log level '${log_level}' is not one of the supported Apache HTTP Server log levels." - - raise Puppet::ParseError, (msg) unless log_level =~ Regexp.compile('(emerg|alert|crit|error|warn|notice|info|debug|trace[1-8])') - - end -end diff --git a/apache/lib/puppet/provider/a2mod.rb b/apache/lib/puppet/provider/a2mod.rb deleted file mode 100644 index 670aca3d0..000000000 --- a/apache/lib/puppet/provider/a2mod.rb +++ /dev/null @@ -1,34 +0,0 @@ -class Puppet::Provider::A2mod < Puppet::Provider - def self.prefetch(mods) - instances.each do |prov| - if mod = mods[prov.name] - mod.provider = prov - end - end - end - - def flush - @property_hash.clear - end - - def properties - if @property_hash.empty? - @property_hash = query || {:ensure => :absent} - @property_hash[:ensure] = :absent if @property_hash.empty? - end - @property_hash.dup - end - - def query - self.class.instances.each do |mod| - if mod.name == self.name or mod.name.downcase == self.name - return mod.properties - end - end - nil - end - - def exists? - properties[:ensure] != :absent - end -end diff --git a/apache/lib/puppet/provider/a2mod/a2mod.rb b/apache/lib/puppet/provider/a2mod/a2mod.rb deleted file mode 100644 index e257a579e..000000000 --- a/apache/lib/puppet/provider/a2mod/a2mod.rb +++ /dev/null @@ -1,35 +0,0 @@ -require 'puppet/provider/a2mod' - -Puppet::Type.type(:a2mod).provide(:a2mod, :parent => Puppet::Provider::A2mod) do - desc "Manage Apache 2 modules on Debian and Ubuntu" - - optional_commands :encmd => "a2enmod" - optional_commands :discmd => "a2dismod" - commands :apache2ctl => "apache2ctl" - - confine :osfamily => :debian - defaultfor :operatingsystem => [:debian, :ubuntu] - - def self.instances - modules = apache2ctl("-M").lines.collect { |line| - m = line.match(/(\w+)_module \(shared\)$/) - m[1] if m - }.compact - - modules.map do |mod| - new( - :name => mod, - :ensure => :present, - :provider => :a2mod - ) - end - end - - def create - encmd resource[:name] - end - - def destroy - discmd resource[:name] - end -end diff --git a/apache/lib/puppet/provider/a2mod/gentoo.rb b/apache/lib/puppet/provider/a2mod/gentoo.rb deleted file mode 100644 index 07319dfdc..000000000 --- a/apache/lib/puppet/provider/a2mod/gentoo.rb +++ /dev/null @@ -1,116 +0,0 @@ -require 'puppet/util/filetype' -Puppet::Type.type(:a2mod).provide(:gentoo, :parent => Puppet::Provider) do - desc "Manage Apache 2 modules on Gentoo" - - confine :operatingsystem => :gentoo - defaultfor :operatingsystem => :gentoo - - attr_accessor :property_hash - - def create - @property_hash[:ensure] = :present - end - - def exists? - (!(@property_hash[:ensure].nil?) and @property_hash[:ensure] == :present) - end - - def destroy - @property_hash[:ensure] = :absent - end - - def flush - self.class.flush - end - - class << self - attr_reader :conf_file - end - - def self.clear - @mod_resources = [] - @modules = [] - @other_args = "" - end - - def self.initvars - @conf_file = "/etc/conf.d/apache2" - @filetype = Puppet::Util::FileType.filetype(:flat).new(conf_file) - @mod_resources = [] - @modules = [] - @other_args = "" - end - - self.initvars - - # Retrieve an array of all existing modules - def self.modules - if @modules.length <= 0 - # Locate the APACHE_OPTS variable - records = filetype.read.split(/\n/) - apache2_opts = records.grep(/^\s*APACHE2_OPTS=/).first - - # Extract all defines - while apache2_opts.sub!(/-D\s+(\w+)/, '') - @modules << $1.downcase - end - - # Hang on to any remaining options. - if apache2_opts.match(/APACHE2_OPTS="(.+)"/) - @other_args = $1.strip - end - - @modules.sort!.uniq! - end - - @modules - end - - def self.prefetch(resources={}) - # Match resources with existing providers - instances.each do |provider| - if resource = resources[provider.name] - resource.provider = provider - end - end - - # Store all resources using this provider for flushing - resources.each do |name, resource| - @mod_resources << resource - end - end - - def self.instances - modules.map {|mod| new(:name => mod, :provider => :gentoo, :ensure => :present)} - end - - def self.flush - - mod_list = modules - mods_to_remove = @mod_resources.select {|mod| mod.should(:ensure) == :absent}.map {|mod| mod[:name]} - mods_to_add = @mod_resources.select {|mod| mod.should(:ensure) == :present}.map {|mod| mod[:name]} - - mod_list -= mods_to_remove - mod_list += mods_to_add - mod_list.sort!.uniq! - - if modules != mod_list - opts = @other_args + " " - opts << mod_list.map {|mod| "-D #{mod.upcase}"}.join(" ") - opts.strip! - opts.gsub!(/\s+/, ' ') - - apache2_opts = %Q{APACHE2_OPTS="#{opts}"} - Puppet.debug("Writing back \"#{apache2_opts}\" to #{conf_file}") - - records = filetype.read.split(/\n/) - - opts_index = records.find_index {|i| i.match(/^\s*APACHE2_OPTS/)} - records[opts_index] = apache2_opts - - filetype.backup - filetype.write(records.join("\n")) - @modules = mod_list - end - end -end diff --git a/apache/lib/puppet/provider/a2mod/modfix.rb b/apache/lib/puppet/provider/a2mod/modfix.rb deleted file mode 100644 index 8f35b2e4a..000000000 --- a/apache/lib/puppet/provider/a2mod/modfix.rb +++ /dev/null @@ -1,12 +0,0 @@ -Puppet::Type.type(:a2mod).provide :modfix do - desc "Dummy provider for A2mod. - - Fake nil resources when there is no crontab binary available. Allows - puppetd to run on a bootstrapped machine before a Cron package has been - installed. Workaround for: http://projects.puppetlabs.com/issues/2384 - " - - def self.instances - [] - end -end \ No newline at end of file diff --git a/apache/lib/puppet/provider/a2mod/redhat.rb b/apache/lib/puppet/provider/a2mod/redhat.rb deleted file mode 100644 index ea5494cb4..000000000 --- a/apache/lib/puppet/provider/a2mod/redhat.rb +++ /dev/null @@ -1,60 +0,0 @@ -require 'puppet/provider/a2mod' - -Puppet::Type.type(:a2mod).provide(:redhat, :parent => Puppet::Provider::A2mod) do - desc "Manage Apache 2 modules on RedHat family OSs" - - commands :apachectl => "apachectl" - - confine :osfamily => :redhat - defaultfor :osfamily => :redhat - - require 'pathname' - - # modpath: Path to default apache modules directory /etc/httpd/mod.d - # modfile: Path to module load configuration file; Default: resides under modpath directory - # libfile: Path to actual apache module library. Added in modfile LoadModule - - attr_accessor :modfile, :libfile - class << self - attr_accessor :modpath - def preinit - @modpath = "/etc/httpd/mod.d" - end - end - - self.preinit - - def create - File.open(modfile,'w') do |f| - f.puts "LoadModule #{resource[:identifier]} #{libfile}" - end - end - - def destroy - File.delete(modfile) - end - - def self.instances - modules = apachectl("-M").lines.collect { |line| - m = line.match(/(\w+)_module \(shared\)$/) - m[1] if m - }.compact - - modules.map do |mod| - new( - :name => mod, - :ensure => :present, - :provider => :redhat - ) - end - end - - def modfile - modfile ||= "#{self.class.modpath}/#{resource[:name]}.load" - end - - # Set libfile path: If absolute path is passed, then maintain it. Else, make it default from 'modules' dir. - def libfile - libfile = Pathname.new(resource[:lib]).absolute? ? resource[:lib] : "modules/#{resource[:lib]}" - end -end diff --git a/apache/lib/puppet/type/a2mod.rb b/apache/lib/puppet/type/a2mod.rb deleted file mode 100644 index 07a911e5e..000000000 --- a/apache/lib/puppet/type/a2mod.rb +++ /dev/null @@ -1,30 +0,0 @@ -Puppet::Type.newtype(:a2mod) do - @doc = "Manage Apache 2 modules" - - ensurable - - newparam(:name) do - Puppet.warning "The a2mod provider is deprecated, please use apache::mod instead" - desc "The name of the module to be managed" - - isnamevar - - end - - newparam(:lib) do - desc "The name of the .so library to be loaded" - - defaultto { "mod_#{@resource[:name]}.so" } - end - - newparam(:identifier) do - desc "Module identifier string used by LoadModule. Default: module-name_module" - - # http://httpd.apache.org/docs/2.2/mod/module-dict.html#ModuleIdentifier - - defaultto { "#{resource[:name]}_module" } - end - - autorequire(:package) { catalog.resource(:package, 'httpd')} - -end diff --git a/apache/manifests/balancer.pp b/apache/manifests/balancer.pp deleted file mode 100644 index a3534ded8..000000000 --- a/apache/manifests/balancer.pp +++ /dev/null @@ -1,92 +0,0 @@ -# == Define Resource Type: apache::balancer -# -# This type will create an apache balancer cluster file inside the conf.d -# directory. Each balancer cluster needs one or more balancer members (that can -# be declared with the apache::balancermember defined resource type). Using -# storeconfigs, you can export the apache::balancermember resources on all -# balancer members, and then collect them on a single apache load balancer -# server. -# -# === Requirement/Dependencies: -# -# Currently requires the puppetlabs/concat module on the Puppet Forge and uses -# storeconfigs on the Puppet Master to export/collect resources from all -# balancer members. -# -# === Parameters -# -# [*name*] -# The namevar of the defined resource type is the balancer clusters name. -# This name is also used in the name of the conf.d file -# -# [*proxy_set*] -# Hash, default empty. If given, each key-value pair will be used as a ProxySet -# line in the configuration. -# -# [*target*] -# String, default undef. If given, path to the file the balancer definition will -# be written. -# -# [*collect_exported*] -# Boolean, default 'true'. True means 'collect exported @@balancermember -# resources' (for the case when every balancermember node exports itself), -# false means 'rely on the existing declared balancermember resources' (for the -# case when you know the full set of balancermembers in advance and use -# apache::balancermember with array arguments, which allows you to deploy -# everything in 1 run) -# -# -# === Examples -# -# Exporting the resource for a balancer member: -# -# apache::balancer { 'puppet00': } -# -define apache::balancer ( - $proxy_set = {}, - $collect_exported = true, - $target = undef, -) { - include ::apache::mod::proxy_balancer - - if $target { - $_target = $target - } else { - $_target = "${::apache::params::confd_dir}/balancer_${name}.conf" - } - - concat { "apache_balancer_${name}": - owner => '0', - group => '0', - path => $_target, - mode => $::apache::file_mode, - notify => Class['Apache::Service'], - } - - concat::fragment { "00-${name}-header": - ensure => present, - target => "apache_balancer_${name}", - order => '01', - content => "\n", - } - - if $collect_exported { - Apache::Balancermember <<| balancer_cluster == $name |>> - } - # else: the resources have been created and they introduced their - # concat fragments. We don't have to do anything about them. - - concat::fragment { "01-${name}-proxyset": - ensure => present, - target => "apache_balancer_${name}", - order => '19', - content => inline_template("<% @proxy_set.keys.sort.each do |key| %> Proxyset <%= key %>=<%= @proxy_set[key] %>\n<% end %>"), - } - - concat::fragment { "01-${name}-footer": - ensure => present, - target => "apache_balancer_${name}", - order => '20', - content => "\n", - } -} diff --git a/apache/manifests/balancermember.pp b/apache/manifests/balancermember.pp deleted file mode 100644 index 78723043b..000000000 --- a/apache/manifests/balancermember.pp +++ /dev/null @@ -1,53 +0,0 @@ -# == Define Resource Type: apache::balancermember -# -# This type will setup a balancer member inside a listening service -# configuration block in /etc/apache/apache.cfg on the load balancer. -# currently it only has the ability to specify the instance name, url and an -# array of options. More features can be added as needed. The best way to -# implement this is to export this resource for all apache balancer member -# servers, and then collect them on the main apache load balancer. -# -# === Requirement/Dependencies: -# -# Currently requires the puppetlabs/concat module on the Puppet Forge and -# uses storeconfigs on the Puppet Master to export/collect resources -# from all balancer members. -# -# === Parameters -# -# [*name*] -# The title of the resource is arbitrary and only utilized in the concat -# fragment name. -# -# [*balancer_cluster*] -# The apache service's instance name (or, the title of the apache::balancer -# resource). This must match up with a declared apache::balancer resource. -# -# [*url*] -# The url used to contact the balancer member server. -# -# [*options*] -# An array of options to be specified after the url. -# -# === Examples -# -# Exporting the resource for a balancer member: -# -# @@apache::balancermember { 'apache': -# balancer_cluster => 'puppet00', -# url => "ajp://${::fqdn}:8009" -# options => ['ping=5', 'disablereuse=on', 'retry=5', 'ttl=120'], -# } -# -define apache::balancermember( - $balancer_cluster, - $url = "http://${::fqdn}/", - $options = [], -) { - - concat::fragment { "BalancerMember ${name}": - ensure => present, - target => "apache_balancer_${balancer_cluster}", - content => inline_template(" BalancerMember ${url} <%= @options.join ' ' %>\n"), - } -} diff --git a/apache/manifests/confd/no_accf.pp b/apache/manifests/confd/no_accf.pp deleted file mode 100644 index f35c0c8b9..000000000 --- a/apache/manifests/confd/no_accf.pp +++ /dev/null @@ -1,10 +0,0 @@ -class apache::confd::no_accf { - # Template uses no variables - file { 'no-accf.conf': - ensure => 'file', - path => "${::apache::confd_dir}/no-accf.conf", - content => template('apache/confd/no-accf.conf.erb'), - require => Exec["mkdir ${::apache::confd_dir}"], - before => File[$::apache::confd_dir], - } -} diff --git a/apache/manifests/custom_config.pp b/apache/manifests/custom_config.pp deleted file mode 100644 index d93c46892..000000000 --- a/apache/manifests/custom_config.pp +++ /dev/null @@ -1,73 +0,0 @@ -# See README.md for usage information -define apache::custom_config ( - $ensure = 'present', - $confdir = $::apache::confd_dir, - $content = undef, - $priority = '25', - $source = undef, - $verify_command = $::apache::params::verify_command, - $verify_config = true, - $filename = undef, -) { - - if $content and $source { - fail('Only one of $content and $source can be specified.') - } - - if $ensure == 'present' and ! $content and ! $source { - fail('One of $content and $source must be specified.') - } - - validate_re($ensure, '^(present|absent)$', - "${ensure} is not supported for ensure. - Allowed values are 'present' and 'absent'.") - - validate_bool($verify_config) - - if $filename { - $_filename = $filename - } else { - if $priority { - $priority_prefix = "${priority}-" - } else { - $priority_prefix = '' - } - - ## Apache include does not always work with spaces in the filename - $filename_middle = regsubst($name, ' ', '_', 'G') - $_filename = "${priority_prefix}${filename_middle}.conf" - } - - if ! $verify_config or $ensure == 'absent' { - $notifies = Class['Apache::Service'] - } else { - $notifies = undef - } - - file { "apache_${name}": - ensure => $ensure, - path => "${confdir}/${_filename}", - content => $content, - source => $source, - require => Package['httpd'], - notify => $notifies, - } - - if $ensure == 'present' and $verify_config { - exec { "syntax verification for ${name}": - command => $verify_command, - subscribe => File["apache_${name}"], - refreshonly => true, - notify => Class['Apache::Service'], - before => Exec["remove ${name} if invalid"], - require => Anchor['::apache::modules_set_up'] - } - - exec { "remove ${name} if invalid": - command => "/bin/rm ${confdir}/${_filename}", - unless => $verify_command, - subscribe => File["apache_${name}"], - refreshonly => true, - } - } -} diff --git a/apache/manifests/default_confd_files.pp b/apache/manifests/default_confd_files.pp deleted file mode 100644 index c06b30c83..000000000 --- a/apache/manifests/default_confd_files.pp +++ /dev/null @@ -1,15 +0,0 @@ -class apache::default_confd_files ( - $all = true, -) { - # The rest of the conf.d/* files only get loaded if we want them - if $all { - case $::osfamily { - 'freebsd': { - include ::apache::confd::no_accf - } - default: { - # do nothing - } - } - } -} diff --git a/apache/manifests/default_mods.pp b/apache/manifests/default_mods.pp deleted file mode 100644 index fd057d113..000000000 --- a/apache/manifests/default_mods.pp +++ /dev/null @@ -1,179 +0,0 @@ -class apache::default_mods ( - $all = true, - $mods = undef, - $apache_version = $::apache::apache_version, - $use_systemd = $::apache::use_systemd, -) { - # These are modules required to run the default configuration. - # They are not configurable at this time, so we just include - # them to make sure it works. - case $::osfamily { - 'redhat': { - ::apache::mod { 'log_config': } - if versioncmp($apache_version, '2.4') >= 0 { - # Lets fork it - # Do not try to load mod_systemd on RHEL/CentOS 6 SCL. - if ( !($::osfamily == 'redhat' and versioncmp($::operatingsystemrelease, '7.0') == -1) and !($::operatingsystem == 'Amazon') ) { - if ($use_systemd) { - ::apache::mod { 'systemd': } - } - } - ::apache::mod { 'unixd': } - } - } - 'freebsd': { - ::apache::mod { 'log_config': } - ::apache::mod { 'unixd': } - } - 'Suse': { - ::apache::mod { 'log_config': } - } - default: {} - } - case $::osfamily { - 'gentoo': {} - default: { - ::apache::mod { 'authz_host': } - } - } - # The rest of the modules only get loaded if we want all modules enabled - if $all { - case $::osfamily { - 'debian': { - include ::apache::mod::authn_core - include ::apache::mod::reqtimeout - if versioncmp($apache_version, '2.4') < 0 { - ::apache::mod { 'authn_alias': } - } - } - 'redhat': { - include ::apache::mod::actions - include ::apache::mod::authn_core - include ::apache::mod::cache - include ::apache::mod::ext_filter - include ::apache::mod::mime - include ::apache::mod::mime_magic - include ::apache::mod::rewrite - include ::apache::mod::speling - include ::apache::mod::suexec - include ::apache::mod::version - include ::apache::mod::vhost_alias - ::apache::mod { 'auth_digest': } - ::apache::mod { 'authn_anon': } - ::apache::mod { 'authn_dbm': } - ::apache::mod { 'authz_dbm': } - ::apache::mod { 'authz_owner': } - ::apache::mod { 'expires': } - ::apache::mod { 'include': } - ::apache::mod { 'logio': } - ::apache::mod { 'substitute': } - ::apache::mod { 'usertrack': } - - if versioncmp($apache_version, '2.4') < 0 { - ::apache::mod { 'authn_alias': } - ::apache::mod { 'authn_default': } - } - } - 'freebsd': { - include ::apache::mod::actions - include ::apache::mod::authn_core - include ::apache::mod::cache - include ::apache::mod::disk_cache - include ::apache::mod::headers - include ::apache::mod::info - include ::apache::mod::mime_magic - include ::apache::mod::reqtimeout - include ::apache::mod::rewrite - include ::apache::mod::userdir - include ::apache::mod::version - include ::apache::mod::vhost_alias - include ::apache::mod::speling - include ::apache::mod::filter - - ::apache::mod { 'asis': } - ::apache::mod { 'auth_digest': } - ::apache::mod { 'auth_form': } - ::apache::mod { 'authn_anon': } - ::apache::mod { 'authn_dbm': } - ::apache::mod { 'authn_socache': } - ::apache::mod { 'authz_dbd': } - ::apache::mod { 'authz_dbm': } - ::apache::mod { 'authz_owner': } - ::apache::mod { 'dumpio': } - ::apache::mod { 'expires': } - ::apache::mod { 'file_cache': } - ::apache::mod { 'imagemap':} - ::apache::mod { 'include': } - ::apache::mod { 'logio': } - ::apache::mod { 'request': } - ::apache::mod { 'session': } - ::apache::mod { 'unique_id': } - } - default: {} - } - case $::apache::mpm_module { - 'prefork': { - include ::apache::mod::cgi - } - 'worker': { - include ::apache::mod::cgid - } - default: { - # do nothing - } - } - include ::apache::mod::alias - include ::apache::mod::authn_file - include ::apache::mod::autoindex - include ::apache::mod::dav - include ::apache::mod::dav_fs - include ::apache::mod::deflate - include ::apache::mod::dir - include ::apache::mod::mime - include ::apache::mod::negotiation - include ::apache::mod::setenvif - ::apache::mod { 'auth_basic': } - - if versioncmp($apache_version, '2.4') >= 0 { - # filter is needed by mod_deflate - include ::apache::mod::filter - - # authz_core is needed for 'Require' directive - ::apache::mod { 'authz_core': - id => 'authz_core_module', - } - - # lots of stuff seems to break without access_compat - ::apache::mod { 'access_compat': } - } else { - include ::apache::mod::authz_default - } - - include ::apache::mod::authz_user - - ::apache::mod { 'authz_groupfile': } - ::apache::mod { 'env': } - } elsif $mods { - ::apache::default_mods::load { $mods: } - - if versioncmp($apache_version, '2.4') >= 0 { - # authz_core is needed for 'Require' directive - ::apache::mod { 'authz_core': - id => 'authz_core_module', - } - - # filter is needed by mod_deflate - include ::apache::mod::filter - } - } else { - if versioncmp($apache_version, '2.4') >= 0 { - # authz_core is needed for 'Require' directive - ::apache::mod { 'authz_core': - id => 'authz_core_module', - } - - # filter is needed by mod_deflate - include ::apache::mod::filter - } - } -} diff --git a/apache/manifests/default_mods/load.pp b/apache/manifests/default_mods/load.pp deleted file mode 100644 index 356e9fa00..000000000 --- a/apache/manifests/default_mods/load.pp +++ /dev/null @@ -1,8 +0,0 @@ -# private define -define apache::default_mods::load ($module = $title) { - if defined("apache::mod::${module}") { - include "::apache::mod::${module}" - } else { - ::apache::mod { $module: } - } -} diff --git a/apache/manifests/dev.pp b/apache/manifests/dev.pp deleted file mode 100644 index fdebf59f5..000000000 --- a/apache/manifests/dev.pp +++ /dev/null @@ -1,10 +0,0 @@ -class apache::dev { - include ::apache::params - $packages = $::apache::dev_packages - if $packages { # FreeBSD doesn't have dev packages to install - package { $packages: - ensure => present, - require => Package['httpd'], - } - } -} diff --git a/apache/manifests/fastcgi/server.pp b/apache/manifests/fastcgi/server.pp deleted file mode 100644 index 349319491..000000000 --- a/apache/manifests/fastcgi/server.pp +++ /dev/null @@ -1,29 +0,0 @@ -define apache::fastcgi::server ( - $host = '127.0.0.1:9000', - $timeout = 15, - $flush = false, - $faux_path = "/var/www/${name}.fcgi", - $fcgi_alias = "/${name}.fcgi", - $file_type = 'application/x-httpd-php', - $pass_header = undef, -) { - include apache::mod::fastcgi - - Apache::Mod['fastcgi'] -> Apache::Fastcgi::Server[$title] - - if is_absolute_path($host) { - $socket = $host - } - - file { "fastcgi-pool-${name}.conf": - ensure => present, - path => "${::apache::confd_dir}/fastcgi-pool-${name}.conf", - owner => 'root', - group => $::apache::params::root_group, - mode => $::apache::file_mode, - content => template('apache/fastcgi/server.erb'), - require => Exec["mkdir ${::apache::confd_dir}"], - before => File[$::apache::confd_dir], - notify => Class['apache::service'], - } -} diff --git a/apache/manifests/init.pp b/apache/manifests/init.pp deleted file mode 100644 index e8f6e6f9b..000000000 --- a/apache/manifests/init.pp +++ /dev/null @@ -1,415 +0,0 @@ -# Class: apache -# -# This class installs Apache -# -# Parameters: -# -# Actions: -# - Install Apache -# - Manage Apache service -# -# Requires: -# -# Sample Usage: -# -class apache ( - $apache_name = $::apache::params::apache_name, - $service_name = $::apache::params::service_name, - $default_mods = true, - $default_vhost = true, - $default_charset = undef, - $default_confd_files = true, - $default_ssl_vhost = false, - $default_ssl_cert = $::apache::params::default_ssl_cert, - $default_ssl_key = $::apache::params::default_ssl_key, - $default_ssl_chain = undef, - $default_ssl_ca = undef, - $default_ssl_crl_path = undef, - $default_ssl_crl = undef, - $default_ssl_crl_check = undef, - $default_type = 'none', - $dev_packages = $::apache::params::dev_packages, - $ip = undef, - $service_enable = true, - $service_manage = true, - $service_ensure = 'running', - $service_restart = undef, - $purge_configs = true, - $purge_vhost_dir = undef, - $purge_vdir = false, - $serveradmin = 'root@localhost', - $sendfile = 'On', - $error_documents = false, - $timeout = '120', - $httpd_dir = $::apache::params::httpd_dir, - $server_root = $::apache::params::server_root, - $conf_dir = $::apache::params::conf_dir, - $confd_dir = $::apache::params::confd_dir, - $vhost_dir = $::apache::params::vhost_dir, - $vhost_enable_dir = $::apache::params::vhost_enable_dir, - $vhost_include_pattern = $::apache::params::vhost_include_pattern, - $mod_dir = $::apache::params::mod_dir, - $mod_enable_dir = $::apache::params::mod_enable_dir, - $mpm_module = $::apache::params::mpm_module, - $lib_path = $::apache::params::lib_path, - $conf_template = $::apache::params::conf_template, - $servername = $::apache::params::servername, - $pidfile = $::apache::params::pidfile, - $rewrite_lock = undef, - $manage_user = true, - $manage_group = true, - $user = $::apache::params::user, - $group = $::apache::params::group, - $keepalive = $::apache::params::keepalive, - $keepalive_timeout = $::apache::params::keepalive_timeout, - $max_keepalive_requests = $::apache::params::max_keepalive_requests, - $limitreqfieldsize = '8190', - $logroot = $::apache::params::logroot, - $logroot_mode = $::apache::params::logroot_mode, - $log_level = $::apache::params::log_level, - $log_formats = {}, - $ports_file = $::apache::params::ports_file, - $docroot = $::apache::params::docroot, - $apache_version = $::apache::version::default, - $server_tokens = 'OS', - $server_signature = 'On', - $trace_enable = 'On', - $allow_encoded_slashes = undef, - $package_ensure = 'installed', - $use_optional_includes = $::apache::params::use_optional_includes, - $use_systemd = $::apache::params::use_systemd, - $mime_types_additional = $::apache::params::mime_types_additional, - $file_mode = $::apache::params::file_mode, - $root_directory_options = $::apache::params::root_directory_options, -) inherits ::apache::params { - validate_bool($default_vhost) - validate_bool($default_ssl_vhost) - validate_bool($default_confd_files) - # true/false is sufficient for both ensure and enable - validate_bool($service_enable) - validate_bool($service_manage) - validate_bool($use_optional_includes) - - $valid_mpms_re = $apache_version ? { - '2.4' => '(event|itk|peruser|prefork|worker)', - default => '(event|itk|prefork|worker)' - } - - if $mpm_module and $mpm_module != 'false' { # lint:ignore:quoted_booleans - validate_re($mpm_module, $valid_mpms_re) - } - - if $allow_encoded_slashes { - validate_re($allow_encoded_slashes, '(^on$|^off$|^nodecode$)', "${allow_encoded_slashes} is not permitted for allow_encoded_slashes. Allowed values are 'on', 'off' or 'nodecode'.") - } - - # NOTE: on FreeBSD it's mpm module's responsibility to install httpd package. - # NOTE: the same strategy may be introduced for other OSes. For this, you - # should delete the 'if' block below and modify all MPM modules' manifests - # such that they include apache::package class (currently event.pp, itk.pp, - # peruser.pp, prefork.pp, worker.pp). - if $::osfamily != 'FreeBSD' { - package { 'httpd': - ensure => $package_ensure, - name => $apache_name, - notify => Class['Apache::Service'], - } - } - validate_re($sendfile, [ '^[oO]n$' , '^[oO]ff$' ]) - - # declare the web server user and group - # Note: requiring the package means the package ought to create them and not puppet - validate_bool($manage_user) - if $manage_user { - user { $user: - ensure => present, - gid => $group, - require => Package['httpd'], - } - } - validate_bool($manage_group) - if $manage_group { - group { $group: - ensure => present, - require => Package['httpd'] - } - } - - validate_apache_log_level($log_level) - - class { '::apache::service': - service_name => $service_name, - service_enable => $service_enable, - service_manage => $service_manage, - service_ensure => $service_ensure, - service_restart => $service_restart, - } - - # Deprecated backwards-compatibility - if $purge_vdir { - warning('Class[\'apache\'] parameter purge_vdir is deprecated in favor of purge_configs') - $purge_confd = $purge_vdir - } else { - $purge_confd = $purge_configs - } - - # Set purge vhostd appropriately - if $purge_vhost_dir == undef { - $purge_vhostd = $purge_confd - } else { - $purge_vhostd = $purge_vhost_dir - } - - Exec { - path => '/bin:/sbin:/usr/bin:/usr/sbin', - } - - exec { "mkdir ${confd_dir}": - creates => $confd_dir, - require => Package['httpd'], - } - file { $confd_dir: - ensure => directory, - recurse => true, - purge => $purge_confd, - notify => Class['Apache::Service'], - require => Package['httpd'], - } - - if ! defined(File[$mod_dir]) { - exec { "mkdir ${mod_dir}": - creates => $mod_dir, - require => Package['httpd'], - } - # Don't purge available modules if an enable dir is used - $purge_mod_dir = $purge_configs and !$mod_enable_dir - file { $mod_dir: - ensure => directory, - recurse => true, - purge => $purge_mod_dir, - notify => Class['Apache::Service'], - require => Package['httpd'], - before => Anchor['::apache::modules_set_up'], - } - } - - if $mod_enable_dir and ! defined(File[$mod_enable_dir]) { - $mod_load_dir = $mod_enable_dir - exec { "mkdir ${mod_enable_dir}": - creates => $mod_enable_dir, - require => Package['httpd'], - } - file { $mod_enable_dir: - ensure => directory, - recurse => true, - purge => $purge_configs, - notify => Class['Apache::Service'], - require => Package['httpd'], - } - } else { - $mod_load_dir = $mod_dir - } - - if ! defined(File[$vhost_dir]) { - exec { "mkdir ${vhost_dir}": - creates => $vhost_dir, - require => Package['httpd'], - } - file { $vhost_dir: - ensure => directory, - recurse => true, - purge => $purge_vhostd, - notify => Class['Apache::Service'], - require => Package['httpd'], - } - } - - if $vhost_enable_dir and ! defined(File[$vhost_enable_dir]) { - $vhost_load_dir = $vhost_enable_dir - exec { "mkdir ${vhost_load_dir}": - creates => $vhost_load_dir, - require => Package['httpd'], - } - file { $vhost_enable_dir: - ensure => directory, - recurse => true, - purge => $purge_vhostd, - notify => Class['Apache::Service'], - require => Package['httpd'], - } - } else { - $vhost_load_dir = $vhost_dir - } - - concat { $ports_file: - owner => 'root', - group => $::apache::params::root_group, - mode => $::apache::file_mode, - notify => Class['Apache::Service'], - require => Package['httpd'], - } - concat::fragment { 'Apache ports header': - ensure => present, - target => $ports_file, - content => template('apache/ports_header.erb') - } - - if $::apache::conf_dir and $::apache::params::conf_file { - case $::osfamily { - 'debian': { - $error_log = 'error.log' - $scriptalias = '/usr/lib/cgi-bin' - $access_log_file = 'access.log' - } - 'redhat': { - $error_log = 'error_log' - $scriptalias = '/var/www/cgi-bin' - $access_log_file = 'access_log' - } - 'freebsd': { - $error_log = 'httpd-error.log' - $scriptalias = '/usr/local/www/apache24/cgi-bin' - $access_log_file = 'httpd-access.log' - } 'gentoo': { - $error_log = 'error.log' - $error_documents_path = '/usr/share/apache2/error' - $scriptalias = '/var/www/localhost/cgi-bin' - $access_log_file = 'access.log' - - if is_array($default_mods) { - if versioncmp($apache_version, '2.4') >= 0 { - if defined('apache::mod::ssl') { - ::portage::makeconf { 'apache2_modules': - content => concat($default_mods, [ 'authz_core', 'socache_shmcb' ]), - } - } else { - ::portage::makeconf { 'apache2_modules': - content => concat($default_mods, 'authz_core'), - } - } - } else { - ::portage::makeconf { 'apache2_modules': - content => $default_mods, - } - } - } - - file { [ - '/etc/apache2/modules.d/.keep_www-servers_apache-2', - '/etc/apache2/vhosts.d/.keep_www-servers_apache-2' - ]: - ensure => absent, - require => Package['httpd'], - } - } - 'Suse': { - $error_log = 'error.log' - $scriptalias = '/usr/lib/cgi-bin' - $access_log_file = 'access.log' - } - default: { - fail("Unsupported osfamily ${::osfamily}") - } - } - - $apxs_workaround = $::osfamily ? { - 'freebsd' => true, - default => false - } - - if $rewrite_lock { - validate_absolute_path($rewrite_lock) - } - - # Template uses: - # - $pidfile - # - $user - # - $group - # - $logroot - # - $error_log - # - $sendfile - # - $mod_dir - # - $ports_file - # - $confd_dir - # - $vhost_dir - # - $error_documents - # - $error_documents_path - # - $apxs_workaround - # - $keepalive - # - $keepalive_timeout - # - $max_keepalive_requests - # - $server_root - # - $server_tokens - # - $server_signature - # - $trace_enable - # - $rewrite_lock - file { "${::apache::conf_dir}/${::apache::params::conf_file}": - ensure => file, - content => template($conf_template), - notify => Class['Apache::Service'], - require => [Package['httpd'], Concat[$ports_file]], - } - - # preserve back-wards compatibility to the times when default_mods was - # only a boolean value. Now it can be an array (too) - if is_array($default_mods) { - class { '::apache::default_mods': - all => false, - mods => $default_mods, - } - } else { - class { '::apache::default_mods': - all => $default_mods, - } - } - class { '::apache::default_confd_files': - all => $default_confd_files - } - if $mpm_module and $mpm_module != 'false' { # lint:ignore:quoted_booleans - class { "::apache::mod::${mpm_module}": } - } - - $default_vhost_ensure = $default_vhost ? { - true => 'present', - false => 'absent' - } - $default_ssl_vhost_ensure = $default_ssl_vhost ? { - true => 'present', - false => 'absent' - } - - ::apache::vhost { 'default': - ensure => $default_vhost_ensure, - port => 80, - docroot => $docroot, - scriptalias => $scriptalias, - serveradmin => $serveradmin, - access_log_file => $access_log_file, - priority => '15', - ip => $ip, - logroot_mode => $logroot_mode, - manage_docroot => $default_vhost, - } - $ssl_access_log_file = $::osfamily ? { - 'freebsd' => $access_log_file, - default => "ssl_${access_log_file}", - } - ::apache::vhost { 'default-ssl': - ensure => $default_ssl_vhost_ensure, - port => 443, - ssl => true, - docroot => $docroot, - scriptalias => $scriptalias, - serveradmin => $serveradmin, - access_log_file => $ssl_access_log_file, - priority => '15', - ip => $ip, - logroot_mode => $logroot_mode, - manage_docroot => $default_ssl_vhost, - } - } - - # This anchor can be used as a reference point for things that need to happen *after* - # all modules have been put in place. - anchor { '::apache::modules_set_up': } -} diff --git a/apache/manifests/listen.pp b/apache/manifests/listen.pp deleted file mode 100644 index e6a8a3c76..000000000 --- a/apache/manifests/listen.pp +++ /dev/null @@ -1,10 +0,0 @@ -define apache::listen { - $listen_addr_port = $name - - # Template uses: $listen_addr_port - concat::fragment { "Listen ${listen_addr_port}": - ensure => present, - target => $::apache::ports_file, - content => template('apache/listen.erb'), - } -} diff --git a/apache/manifests/mod.pp b/apache/manifests/mod.pp deleted file mode 100644 index 014aa274a..000000000 --- a/apache/manifests/mod.pp +++ /dev/null @@ -1,170 +0,0 @@ -define apache::mod ( - $package = undef, - $package_ensure = 'present', - $lib = undef, - $lib_path = $::apache::lib_path, - $id = undef, - $path = undef, - $loadfile_name = undef, - $loadfiles = undef, -) { - if ! defined(Class['apache']) { - fail('You must include the apache base class before using any apache defined resources') - } - - $mod = $name - #include apache #This creates duplicate resources in rspec-puppet - $mod_dir = $::apache::mod_dir - - # Determine if we have special lib - $mod_libs = $::apache::params::mod_libs - if $lib { - $_lib = $lib - } elsif has_key($mod_libs, $mod) { # 2.6 compatibility hack - $_lib = $mod_libs[$mod] - } else { - $_lib = "mod_${mod}.so" - } - - # Determine if declaration specified a path to the module - if $path { - $_path = $path - } else { - $_path = "${lib_path}/${_lib}" - } - - if $id { - $_id = $id - } else { - $_id = "${mod}_module" - } - - if $loadfile_name { - $_loadfile_name = $loadfile_name - } else { - $_loadfile_name = "${mod}.load" - } - - # Determine if we have a package - $mod_packages = $::apache::params::mod_packages - if $package { - $_package = $package - } elsif has_key($mod_packages, $mod) { # 2.6 compatibility hack - $_package = $mod_packages[$mod] - } else { - $_package = undef - } - if $_package and ! defined(Package[$_package]) { - # note: FreeBSD/ports uses apxs tool to activate modules; apxs clutters - # httpd.conf with 'LoadModule' directives; here, by proper resource - # ordering, we ensure that our version of httpd.conf is reverted after - # the module gets installed. - $package_before = $::osfamily ? { - 'freebsd' => [ - File[$_loadfile_name], - File["${::apache::conf_dir}/${::apache::params::conf_file}"] - ], - default => [ - File[$_loadfile_name], - File[$::apache::confd_dir], - ], - } - # if there are any packages, they should be installed before the associated conf file - Package[$_package] -> File<| title == "${mod}.conf" |> - # $_package may be an array - package { $_package: - ensure => $package_ensure, - require => Package['httpd'], - before => $package_before, - } - } - - file { $_loadfile_name: - ensure => file, - path => "${mod_dir}/${_loadfile_name}", - owner => 'root', - group => $::apache::params::root_group, - mode => $::apache::file_mode, - content => template('apache/mod/load.erb'), - require => [ - Package['httpd'], - Exec["mkdir ${mod_dir}"], - ], - before => File[$mod_dir], - notify => Class['apache::service'], - } - - if $::osfamily == 'Debian' { - $enable_dir = $::apache::mod_enable_dir - file{ "${_loadfile_name} symlink": - ensure => link, - path => "${enable_dir}/${_loadfile_name}", - target => "${mod_dir}/${_loadfile_name}", - owner => 'root', - group => $::apache::params::root_group, - mode => $::apache::file_mode, - require => [ - File[$_loadfile_name], - Exec["mkdir ${enable_dir}"], - ], - before => File[$enable_dir], - notify => Class['apache::service'], - } - # Each module may have a .conf file as well, which should be - # defined in the class apache::mod::module - # Some modules do not require this file. - if defined(File["${mod}.conf"]) { - file{ "${mod}.conf symlink": - ensure => link, - path => "${enable_dir}/${mod}.conf", - target => "${mod_dir}/${mod}.conf", - owner => 'root', - group => $::apache::params::root_group, - mode => $::apache::file_mode, - require => [ - File["${mod}.conf"], - Exec["mkdir ${enable_dir}"], - ], - before => File[$enable_dir], - notify => Class['apache::service'], - } - } - } elsif $::osfamily == 'Suse' { - $enable_dir = $::apache::mod_enable_dir - file{ "${_loadfile_name} symlink": - ensure => link, - path => "${enable_dir}/${_loadfile_name}", - target => "${mod_dir}/${_loadfile_name}", - owner => 'root', - group => $::apache::params::root_group, - mode => $::apache::file_mode, - require => [ - File[$_loadfile_name], - Exec["mkdir ${enable_dir}"], - ], - before => File[$enable_dir], - notify => Class['apache::service'], - } - # Each module may have a .conf file as well, which should be - # defined in the class apache::mod::module - # Some modules do not require this file. - if defined(File["${mod}.conf"]) { - file{ "${mod}.conf symlink": - ensure => link, - path => "${enable_dir}/${mod}.conf", - target => "${mod_dir}/${mod}.conf", - owner => 'root', - group => $::apache::params::root_group, - mode => $::apache::file_mode, - require => [ - File["${mod}.conf"], - Exec["mkdir ${enable_dir}"], - ], - before => File[$enable_dir], - notify => Class['apache::service'], - } - } - } - - Apache::Mod[$name] -> Anchor['::apache::modules_set_up'] -} diff --git a/apache/manifests/mod/actions.pp b/apache/manifests/mod/actions.pp deleted file mode 100644 index 3b60f297f..000000000 --- a/apache/manifests/mod/actions.pp +++ /dev/null @@ -1,3 +0,0 @@ -class apache::mod::actions { - apache::mod { 'actions': } -} diff --git a/apache/manifests/mod/alias.pp b/apache/manifests/mod/alias.pp deleted file mode 100644 index 4eb42ac97..000000000 --- a/apache/manifests/mod/alias.pp +++ /dev/null @@ -1,23 +0,0 @@ -class apache::mod::alias( - $apache_version = undef, - $icons_options = 'Indexes MultiViews', - # set icons_path to false to disable the alias - $icons_path = $::apache::params::alias_icons_path, -) inherits ::apache::params { - include ::apache - $_apache_version = pick($apache_version, $apache::apache_version) - apache::mod { 'alias': } - - # Template uses $icons_path, $_apache_version - if $icons_path { - file { 'alias.conf': - ensure => file, - path => "${::apache::mod_dir}/alias.conf", - mode => $::apache::file_mode, - content => template('apache/mod/alias.conf.erb'), - require => Exec["mkdir ${::apache::mod_dir}"], - before => File[$::apache::mod_dir], - notify => Class['apache::service'], - } - } -} diff --git a/apache/manifests/mod/auth_basic.pp b/apache/manifests/mod/auth_basic.pp deleted file mode 100644 index cacfafa4d..000000000 --- a/apache/manifests/mod/auth_basic.pp +++ /dev/null @@ -1,3 +0,0 @@ -class apache::mod::auth_basic { - ::apache::mod { 'auth_basic': } -} diff --git a/apache/manifests/mod/auth_cas.pp b/apache/manifests/mod/auth_cas.pp deleted file mode 100644 index 2b5338d1e..000000000 --- a/apache/manifests/mod/auth_cas.pp +++ /dev/null @@ -1,50 +0,0 @@ -class apache::mod::auth_cas ( - $cas_login_url, - $cas_validate_url, - $cas_cookie_path = $::apache::params::cas_cookie_path, - $cas_version = 2, - $cas_debug = 'Off', - $cas_validate_depth = undef, - $cas_certificate_path = undef, - $cas_proxy_validate_url = undef, - $cas_root_proxied_as = undef, - $cas_cookie_entropy = undef, - $cas_timeout = undef, - $cas_idle_timeout = undef, - $cas_cache_clean_interval = undef, - $cas_cookie_domain = undef, - $cas_cookie_http_only = undef, - $cas_authoritative = undef, - $suppress_warning = false, -) inherits ::apache::params { - - validate_string($cas_login_url, $cas_validate_url, $cas_cookie_path) - - if $::osfamily == 'RedHat' and ! $suppress_warning { - warning('RedHat distributions do not have Apache mod_auth_cas in their default package repositories.') - } - - include ::apache - ::apache::mod { 'auth_cas': } - - file { $cas_cookie_path: - ensure => directory, - before => File['auth_cas.conf'], - mode => '0750', - owner => $apache::user, - group => $apache::group, - } - - # Template uses - # - All variables beginning with cas_ - file { 'auth_cas.conf': - ensure => file, - path => "${::apache::mod_dir}/auth_cas.conf", - mode => $::apache::file_mode, - content => template('apache/mod/auth_cas.conf.erb'), - require => [ Exec["mkdir ${::apache::mod_dir}"], ], - before => File[$::apache::mod_dir], - notify => Class['Apache::Service'], - } - -} diff --git a/apache/manifests/mod/auth_kerb.pp b/apache/manifests/mod/auth_kerb.pp deleted file mode 100644 index fe63d22d7..000000000 --- a/apache/manifests/mod/auth_kerb.pp +++ /dev/null @@ -1,6 +0,0 @@ -class apache::mod::auth_kerb { - include ::apache - ::apache::mod { 'auth_kerb': } -} - - diff --git a/apache/manifests/mod/auth_mellon.pp b/apache/manifests/mod/auth_mellon.pp deleted file mode 100644 index 5dbb6b577..000000000 --- a/apache/manifests/mod/auth_mellon.pp +++ /dev/null @@ -1,26 +0,0 @@ -class apache::mod::auth_mellon ( - $mellon_cache_size = $::apache::params::mellon_cache_size, - $mellon_lock_file = $::apache::params::mellon_lock_file, - $mellon_post_directory = $::apache::params::mellon_post_directory, - $mellon_cache_entry_size = undef, - $mellon_post_ttl = undef, - $mellon_post_size = undef, - $mellon_post_count = undef -) inherits ::apache::params { - - include ::apache - ::apache::mod { 'auth_mellon': } - - # Template uses - # - All variables beginning with mellon_ - file { 'auth_mellon.conf': - ensure => file, - path => "${::apache::mod_dir}/auth_mellon.conf", - mode => $::apache::file_mode, - content => template('apache/mod/auth_mellon.conf.erb'), - require => [ Exec["mkdir ${::apache::mod_dir}"], ], - before => File[$::apache::mod_dir], - notify => Class['Apache::Service'], - } - -} diff --git a/apache/manifests/mod/authn_core.pp b/apache/manifests/mod/authn_core.pp deleted file mode 100644 index c5ce5b107..000000000 --- a/apache/manifests/mod/authn_core.pp +++ /dev/null @@ -1,7 +0,0 @@ -class apache::mod::authn_core( - $apache_version = $::apache::apache_version -) { - if versioncmp($apache_version, '2.4') >= 0 { - ::apache::mod { 'authn_core': } - } -} diff --git a/apache/manifests/mod/authn_file.pp b/apache/manifests/mod/authn_file.pp deleted file mode 100644 index bc787244a..000000000 --- a/apache/manifests/mod/authn_file.pp +++ /dev/null @@ -1,3 +0,0 @@ -class apache::mod::authn_file { - ::apache::mod { 'authn_file': } -} diff --git a/apache/manifests/mod/authnz_ldap.pp b/apache/manifests/mod/authnz_ldap.pp deleted file mode 100644 index 45fcc997f..000000000 --- a/apache/manifests/mod/authnz_ldap.pp +++ /dev/null @@ -1,29 +0,0 @@ -class apache::mod::authnz_ldap ( - $verify_server_cert = true, - $verifyServerCert = undef, -) { - include ::apache - include '::apache::mod::ldap' - ::apache::mod { 'authnz_ldap': } - - if $verifyServerCert { - warning('Class[\'apache::mod::authnz_ldap\'] parameter verifyServerCert is deprecated in favor of verify_server_cert') - $_verify_server_cert = $verifyServerCert - } else { - $_verify_server_cert = $verify_server_cert - } - - validate_bool($_verify_server_cert) - - # Template uses: - # - $_verify_server_cert - file { 'authnz_ldap.conf': - ensure => file, - path => "${::apache::mod_dir}/authnz_ldap.conf", - mode => $::apache::file_mode, - content => template('apache/mod/authnz_ldap.conf.erb'), - require => Exec["mkdir ${::apache::mod_dir}"], - before => File[$::apache::mod_dir], - notify => Class['apache::service'], - } -} diff --git a/apache/manifests/mod/authz_default.pp b/apache/manifests/mod/authz_default.pp deleted file mode 100644 index e457774ae..000000000 --- a/apache/manifests/mod/authz_default.pp +++ /dev/null @@ -1,9 +0,0 @@ -class apache::mod::authz_default( - $apache_version = $::apache::apache_version -) { - if versioncmp($apache_version, '2.4') >= 0 { - warning('apache::mod::authz_default has been removed in Apache 2.4') - } else { - ::apache::mod { 'authz_default': } - } -} diff --git a/apache/manifests/mod/authz_user.pp b/apache/manifests/mod/authz_user.pp deleted file mode 100644 index 948a3e2c9..000000000 --- a/apache/manifests/mod/authz_user.pp +++ /dev/null @@ -1,3 +0,0 @@ -class apache::mod::authz_user { - ::apache::mod { 'authz_user': } -} diff --git a/apache/manifests/mod/autoindex.pp b/apache/manifests/mod/autoindex.pp deleted file mode 100644 index c8cd0658d..000000000 --- a/apache/manifests/mod/autoindex.pp +++ /dev/null @@ -1,13 +0,0 @@ -class apache::mod::autoindex { - ::apache::mod { 'autoindex': } - # Template uses no variables - file { 'autoindex.conf': - ensure => file, - path => "${::apache::mod_dir}/autoindex.conf", - mode => $::apache::file_mode, - content => template('apache/mod/autoindex.conf.erb'), - require => Exec["mkdir ${::apache::mod_dir}"], - before => File[$::apache::mod_dir], - notify => Class['apache::service'], - } -} diff --git a/apache/manifests/mod/cache.pp b/apache/manifests/mod/cache.pp deleted file mode 100644 index 4ab9f44ba..000000000 --- a/apache/manifests/mod/cache.pp +++ /dev/null @@ -1,3 +0,0 @@ -class apache::mod::cache { - ::apache::mod { 'cache': } -} diff --git a/apache/manifests/mod/cgi.pp b/apache/manifests/mod/cgi.pp deleted file mode 100644 index 91352e8c8..000000000 --- a/apache/manifests/mod/cgi.pp +++ /dev/null @@ -1,10 +0,0 @@ -class apache::mod::cgi { - case $::osfamily { - 'FreeBSD': {} - default: { - Class['::apache::mod::prefork'] -> Class['::apache::mod::cgi'] - } - } - - ::apache::mod { 'cgi': } -} diff --git a/apache/manifests/mod/cgid.pp b/apache/manifests/mod/cgid.pp deleted file mode 100644 index 891cdd75b..000000000 --- a/apache/manifests/mod/cgid.pp +++ /dev/null @@ -1,33 +0,0 @@ -class apache::mod::cgid { - case $::osfamily { - 'FreeBSD': {} - default: { - if defined(Class['::apache::mod::event']) { - Class['::apache::mod::event'] -> Class['::apache::mod::cgid'] - } else { - Class['::apache::mod::worker'] -> Class['::apache::mod::cgid'] - } - } - } - - # Debian specifies it's cgid sock path, but RedHat uses the default value - # with no config file - $cgisock_path = $::osfamily ? { - 'debian' => "\${APACHE_RUN_DIR}/cgisock", - 'freebsd' => 'cgisock', - default => undef, - } - ::apache::mod { 'cgid': } - if $cgisock_path { - # Template uses $cgisock_path - file { 'cgid.conf': - ensure => file, - path => "${::apache::mod_dir}/cgid.conf", - mode => $::apache::file_mode, - content => template('apache/mod/cgid.conf.erb'), - require => Exec["mkdir ${::apache::mod_dir}"], - before => File[$::apache::mod_dir], - notify => Class['apache::service'], - } - } -} diff --git a/apache/manifests/mod/dav.pp b/apache/manifests/mod/dav.pp deleted file mode 100644 index ade9c0809..000000000 --- a/apache/manifests/mod/dav.pp +++ /dev/null @@ -1,3 +0,0 @@ -class apache::mod::dav { - ::apache::mod { 'dav': } -} diff --git a/apache/manifests/mod/dav_fs.pp b/apache/manifests/mod/dav_fs.pp deleted file mode 100644 index f652d4c21..000000000 --- a/apache/manifests/mod/dav_fs.pp +++ /dev/null @@ -1,21 +0,0 @@ -class apache::mod::dav_fs { - $dav_lock = $::osfamily ? { - 'debian' => "\${APACHE_LOCK_DIR}/DAVLock", - 'freebsd' => '/usr/local/var/DavLock', - default => '/var/lib/dav/lockdb', - } - - Class['::apache::mod::dav'] -> Class['::apache::mod::dav_fs'] - ::apache::mod { 'dav_fs': } - - # Template uses: $dav_lock - file { 'dav_fs.conf': - ensure => file, - path => "${::apache::mod_dir}/dav_fs.conf", - mode => $::apache::file_mode, - content => template('apache/mod/dav_fs.conf.erb'), - require => Exec["mkdir ${::apache::mod_dir}"], - before => File[$::apache::mod_dir], - notify => Class['apache::service'], - } -} diff --git a/apache/manifests/mod/dav_svn.pp b/apache/manifests/mod/dav_svn.pp deleted file mode 100644 index 6d2912155..000000000 --- a/apache/manifests/mod/dav_svn.pp +++ /dev/null @@ -1,21 +0,0 @@ -class apache::mod::dav_svn ( - $authz_svn_enabled = false, -) { - Class['::apache::mod::dav'] -> Class['::apache::mod::dav_svn'] - include ::apache - include ::apache::mod::dav - ::apache::mod { 'dav_svn': } - - if $::osfamily == 'Debian' and ($::operatingsystemmajrelease != '6' and $::operatingsystemmajrelease != '10.04' and $::operatingsystemrelease != '10.04') { - $loadfile_name = undef - } else { - $loadfile_name = 'dav_svn_authz_svn.load' - } - - if $authz_svn_enabled { - ::apache::mod { 'authz_svn': - loadfile_name => $loadfile_name, - require => Apache::Mod['dav_svn'], - } - } -} diff --git a/apache/manifests/mod/deflate.pp b/apache/manifests/mod/deflate.pp deleted file mode 100644 index 21031c715..000000000 --- a/apache/manifests/mod/deflate.pp +++ /dev/null @@ -1,27 +0,0 @@ -class apache::mod::deflate ( - $types = [ - 'text/html text/plain text/xml', - 'text/css', - 'application/x-javascript application/javascript application/ecmascript', - 'application/rss+xml', - 'application/json' - ], - $notes = { - 'Input' => 'instream', - 'Output' => 'outstream', - 'Ratio' => 'ratio' - } -) { - include ::apache - ::apache::mod { 'deflate': } - - file { 'deflate.conf': - ensure => file, - path => "${::apache::mod_dir}/deflate.conf", - mode => $::apache::file_mode, - content => template('apache/mod/deflate.conf.erb'), - require => Exec["mkdir ${::apache::mod_dir}"], - before => File[$::apache::mod_dir], - notify => Class['apache::service'], - } -} diff --git a/apache/manifests/mod/dev.pp b/apache/manifests/mod/dev.pp deleted file mode 100644 index 5abdedd36..000000000 --- a/apache/manifests/mod/dev.pp +++ /dev/null @@ -1,5 +0,0 @@ -class apache::mod::dev { - # Development packages are not apache modules - warning('apache::mod::dev is deprecated; please use apache::dev') - include ::apache::dev -} diff --git a/apache/manifests/mod/dir.pp b/apache/manifests/mod/dir.pp deleted file mode 100644 index e41aa86ad..000000000 --- a/apache/manifests/mod/dir.pp +++ /dev/null @@ -1,23 +0,0 @@ -# Note: this sets the global DirectoryIndex directive, it may be necessary to consider being able to modify the apache::vhost to declare DirectoryIndex statements in a vhost configuration -# Parameters: -# - $indexes provides a string for the DirectoryIndex directive http://httpd.apache.org/docs/current/mod/mod_dir.html#directoryindex -class apache::mod::dir ( - $dir = 'public_html', - $indexes = ['index.html','index.html.var','index.cgi','index.pl','index.php','index.xhtml'], -) { - validate_array($indexes) - include ::apache - ::apache::mod { 'dir': } - - # Template uses - # - $indexes - file { 'dir.conf': - ensure => file, - path => "${::apache::mod_dir}/dir.conf", - mode => $::apache::file_mode, - content => template('apache/mod/dir.conf.erb'), - require => Exec["mkdir ${::apache::mod_dir}"], - before => File[$::apache::mod_dir], - notify => Class['apache::service'], - } -} diff --git a/apache/manifests/mod/disk_cache.pp b/apache/manifests/mod/disk_cache.pp deleted file mode 100644 index 051d69894..000000000 --- a/apache/manifests/mod/disk_cache.pp +++ /dev/null @@ -1,41 +0,0 @@ -class apache::mod::disk_cache ( - $cache_root = undef, -) { - if $cache_root { - $_cache_root = $cache_root - } - elsif versioncmp($::apache::apache_version, '2.4') >= 0 { - $_cache_root = $::osfamily ? { - 'debian' => '/var/cache/apache2/mod_cache_disk', - 'redhat' => '/var/cache/httpd/proxy', - 'freebsd' => '/var/cache/mod_cache_disk', - } - } - else { - $_cache_root = $::osfamily ? { - 'debian' => '/var/cache/apache2/mod_disk_cache', - 'redhat' => '/var/cache/mod_proxy', - 'freebsd' => '/var/cache/mod_disk_cache', - } - } - - if versioncmp($::apache::apache_version, '2.4') >= 0 { - apache::mod { 'cache_disk': } - } - else { - apache::mod { 'disk_cache': } - } - - Class['::apache::mod::cache'] -> Class['::apache::mod::disk_cache'] - - # Template uses $_cache_root - file { 'disk_cache.conf': - ensure => file, - path => "${::apache::mod_dir}/disk_cache.conf", - mode => $::apache::file_mode, - content => template('apache/mod/disk_cache.conf.erb'), - require => Exec["mkdir ${::apache::mod_dir}"], - before => File[$::apache::mod_dir], - notify => Class['apache::service'], - } -} diff --git a/apache/manifests/mod/event.pp b/apache/manifests/mod/event.pp deleted file mode 100644 index 6c70589a3..000000000 --- a/apache/manifests/mod/event.pp +++ /dev/null @@ -1,72 +0,0 @@ -class apache::mod::event ( - $startservers = '2', - $maxclients = '150', - $minsparethreads = '25', - $maxsparethreads = '75', - $threadsperchild = '25', - $maxrequestsperchild = '0', - $serverlimit = '25', - $apache_version = $::apache::apache_version, - $threadlimit = '64', - $listenbacklog = '511', - $maxrequestworkers = '250', - $maxconnectionsperchild = '0', -) { - if defined(Class['apache::mod::itk']) { - fail('May not include both apache::mod::event and apache::mod::itk on the same node') - } - if defined(Class['apache::mod::peruser']) { - fail('May not include both apache::mod::event and apache::mod::peruser on the same node') - } - if defined(Class['apache::mod::prefork']) { - fail('May not include both apache::mod::event and apache::mod::prefork on the same node') - } - if defined(Class['apache::mod::worker']) { - fail('May not include both apache::mod::event and apache::mod::worker on the same node') - } - File { - owner => 'root', - group => $::apache::params::root_group, - mode => $::apache::file_mode, - } - - # Template uses: - # - $startservers - # - $maxclients - # - $minsparethreads - # - $maxsparethreads - # - $threadsperchild - # - $maxrequestsperchild - # - $serverlimit - file { "${::apache::mod_dir}/event.conf": - ensure => file, - mode => $::apache::file_mode, - content => template('apache/mod/event.conf.erb'), - require => Exec["mkdir ${::apache::mod_dir}"], - before => File[$::apache::mod_dir], - notify => Class['apache::service'], - } - - case $::osfamily { - 'redhat': { - if versioncmp($apache_version, '2.4') >= 0 { - apache::mpm{ 'event': - apache_version => $apache_version, - } - } - } - 'debian','freebsd' : { - apache::mpm{ 'event': - apache_version => $apache_version, - } - } - 'gentoo': { - ::portage::makeconf { 'apache2_mpms': - content => 'event', - } - } - default: { - fail("Unsupported osfamily ${::osfamily}") - } - } -} diff --git a/apache/manifests/mod/expires.pp b/apache/manifests/mod/expires.pp deleted file mode 100644 index 07ec82e27..000000000 --- a/apache/manifests/mod/expires.pp +++ /dev/null @@ -1,22 +0,0 @@ -class apache::mod::expires ( - $expires_active = true, - $expires_default = undef, - $expires_by_type = undef, -) { - include ::apache - ::apache::mod { 'expires': } - - # Template uses - # $expires_active - # $expires_default - # $expires_by_type - file { 'expires.conf': - ensure => file, - path => "${::apache::mod_dir}/expires.conf", - mode => $::apache::file_mode, - content => template('apache/mod/expires.conf.erb'), - require => Exec["mkdir ${::apache::mod_dir}"], - before => File[$::apache::mod_dir], - notify => Class['apache::service'], - } -} diff --git a/apache/manifests/mod/ext_filter.pp b/apache/manifests/mod/ext_filter.pp deleted file mode 100644 index aa14c1025..000000000 --- a/apache/manifests/mod/ext_filter.pp +++ /dev/null @@ -1,25 +0,0 @@ -class apache::mod::ext_filter( - $ext_filter_define = undef -) { - include ::apache - if $ext_filter_define { - validate_hash($ext_filter_define) - } - - ::apache::mod { 'ext_filter': } - - # Template uses - # -$ext_filter_define - - if $ext_filter_define { - file { 'ext_filter.conf': - ensure => file, - path => "${::apache::mod_dir}/ext_filter.conf", - mode => $::apache::file_mode, - content => template('apache/mod/ext_filter.conf.erb'), - require => [ Exec["mkdir ${::apache::mod_dir}"], ], - before => File[$::apache::mod_dir], - notify => Class['Apache::Service'], - } - } -} diff --git a/apache/manifests/mod/fastcgi.pp b/apache/manifests/mod/fastcgi.pp deleted file mode 100644 index 543a32233..000000000 --- a/apache/manifests/mod/fastcgi.pp +++ /dev/null @@ -1,26 +0,0 @@ -class apache::mod::fastcgi { - include ::apache - - # Debian specifies it's fastcgi lib path, but RedHat uses the default value - # with no config file - $fastcgi_lib_path = $::apache::params::fastcgi_lib_path - - ::apache::mod { 'fastcgi': } - - if $fastcgi_lib_path { - # Template uses: - # - $fastcgi_server - # - $fastcgi_socket - # - $fastcgi_dir - file { 'fastcgi.conf': - ensure => file, - path => "${::apache::mod_dir}/fastcgi.conf", - mode => $::apache::file_mode, - content => template('apache/mod/fastcgi.conf.erb'), - require => Exec["mkdir ${::apache::mod_dir}"], - before => File[$::apache::mod_dir], - notify => Class['apache::service'], - } - } - -} diff --git a/apache/manifests/mod/fcgid.pp b/apache/manifests/mod/fcgid.pp deleted file mode 100644 index 0e99a9b79..000000000 --- a/apache/manifests/mod/fcgid.pp +++ /dev/null @@ -1,28 +0,0 @@ -class apache::mod::fcgid( - $options = {}, -) { - include ::apache - if ($::osfamily == 'RedHat' and $::operatingsystemmajrelease == '7') or $::osfamily == 'FreeBSD' { - $loadfile_name = 'unixd_fcgid.load' - $conf_name = 'unixd_fcgid.conf' - } else { - $loadfile_name = undef - $conf_name = 'fcgid.conf' - } - - ::apache::mod { 'fcgid': - loadfile_name => $loadfile_name, - } - - # Template uses: - # - $options - file { $conf_name: - ensure => file, - path => "${::apache::mod_dir}/${conf_name}", - mode => $::apache::file_mode, - content => template('apache/mod/fcgid.conf.erb'), - require => Exec["mkdir ${::apache::mod_dir}"], - before => File[$::apache::mod_dir], - notify => Class['apache::service'], - } -} diff --git a/apache/manifests/mod/filter.pp b/apache/manifests/mod/filter.pp deleted file mode 100644 index 26dc488b3..000000000 --- a/apache/manifests/mod/filter.pp +++ /dev/null @@ -1,3 +0,0 @@ -class apache::mod::filter { - ::apache::mod { 'filter': } -} diff --git a/apache/manifests/mod/geoip.pp b/apache/manifests/mod/geoip.pp deleted file mode 100644 index 2ff5d2191..000000000 --- a/apache/manifests/mod/geoip.pp +++ /dev/null @@ -1,32 +0,0 @@ -class apache::mod::geoip ( - $enable = false, - $db_file = '/usr/share/GeoIP/GeoIP.dat', - $flag = 'Standard', - $output = 'All', - $enable_utf8 = undef, - $scan_proxy_headers = undef, - $scan_proxy_header_field = undef, - $use_last_xforwarededfor_ip = undef, -) { - ::apache::mod { 'geoip': } - - # Template uses: - # - enable - # - db_file - # - flag - # - output - # - enable_utf8 - # - scan_proxy_headers - # - scan_proxy_header_field - # - use_last_xforwarededfor_ip - file { 'geoip.conf': - ensure => file, - path => "${::apache::mod_dir}/geoip.conf", - mode => $::apache::file_mode, - content => template('apache/mod/geoip.conf.erb'), - require => Exec["mkdir ${::apache::mod_dir}"], - before => File[$::apache::mod_dir], - notify => Class['apache::service'], - } - -} diff --git a/apache/manifests/mod/headers.pp b/apache/manifests/mod/headers.pp deleted file mode 100644 index d18c5e279..000000000 --- a/apache/manifests/mod/headers.pp +++ /dev/null @@ -1,3 +0,0 @@ -class apache::mod::headers { - ::apache::mod { 'headers': } -} diff --git a/apache/manifests/mod/include.pp b/apache/manifests/mod/include.pp deleted file mode 100644 index edbe81f32..000000000 --- a/apache/manifests/mod/include.pp +++ /dev/null @@ -1,3 +0,0 @@ -class apache::mod::include { - ::apache::mod { 'include': } -} diff --git a/apache/manifests/mod/info.pp b/apache/manifests/mod/info.pp deleted file mode 100644 index 2c477c748..000000000 --- a/apache/manifests/mod/info.pp +++ /dev/null @@ -1,19 +0,0 @@ -class apache::mod::info ( - $allow_from = ['127.0.0.1','::1'], - $apache_version = undef, - $restrict_access = true, -){ - include ::apache - $_apache_version = pick($apache_version, $apache::apache_version) - apache::mod { 'info': } - # Template uses $allow_from, $_apache_version - file { 'info.conf': - ensure => file, - path => "${::apache::mod_dir}/info.conf", - mode => $::apache::file_mode, - content => template('apache/mod/info.conf.erb'), - require => Exec["mkdir ${::apache::mod_dir}"], - before => File[$::apache::mod_dir], - notify => Class['apache::service'], - } -} diff --git a/apache/manifests/mod/itk.pp b/apache/manifests/mod/itk.pp deleted file mode 100644 index 2d5bf04c1..000000000 --- a/apache/manifests/mod/itk.pp +++ /dev/null @@ -1,92 +0,0 @@ -class apache::mod::itk ( - $startservers = '8', - $minspareservers = '5', - $maxspareservers = '20', - $serverlimit = '256', - $maxclients = '256', - $maxrequestsperchild = '4000', - $apache_version = $::apache::apache_version, -) { - if defined(Class['apache::mod::event']) { - fail('May not include both apache::mod::itk and apache::mod::event on the same node') - } - if defined(Class['apache::mod::peruser']) { - fail('May not include both apache::mod::itk and apache::mod::peruser on the same node') - } - if versioncmp($apache_version, '2.4') < 0 { - if defined(Class['apache::mod::prefork']) { - fail('May not include both apache::mod::itk and apache::mod::prefork on the same node') - } - } else { - # prefork is a requirement for itk in 2.4; except on FreeBSD and Gentoo, which are special - if $::osfamily =~ /^(FreeBSD|Gentoo)/ { - if defined(Class['apache::mod::prefork']) { - fail('May not include both apache::mod::itk and apache::mod::prefork on the same node') - } - } else { - if ! defined(Class['apache::mod::prefork']) { - fail('apache::mod::prefork is a prerequisite for apache::mod::itk, please arrange for it to be included.') - } - } - } - if defined(Class['apache::mod::worker']) { - fail('May not include both apache::mod::itk and apache::mod::worker on the same node') - } - File { - owner => 'root', - group => $::apache::params::root_group, - mode => $::apache::file_mode, - } - - # Template uses: - # - $startservers - # - $minspareservers - # - $maxspareservers - # - $serverlimit - # - $maxclients - # - $maxrequestsperchild - file { "${::apache::mod_dir}/itk.conf": - ensure => file, - mode => $::apache::file_mode, - content => template('apache/mod/itk.conf.erb'), - require => Exec["mkdir ${::apache::mod_dir}"], - before => File[$::apache::mod_dir], - notify => Class['apache::service'], - } - - case $::osfamily { - 'redhat': { - package { 'httpd-itk': - ensure => present, - } - if versioncmp($apache_version, '2.4') >= 0 { - ::apache::mpm{ 'itk': - apache_version => $apache_version, - } - } - else { - file_line { '/etc/sysconfig/httpd itk enable': - ensure => present, - path => '/etc/sysconfig/httpd', - line => 'HTTPD=/usr/sbin/httpd.itk', - match => '#?HTTPD=/usr/sbin/httpd.itk', - require => Package['httpd'], - notify => Class['apache::service'], - } - } - } - 'debian', 'freebsd': { - apache::mpm{ 'itk': - apache_version => $apache_version, - } - } - 'gentoo': { - ::portage::makeconf { 'apache2_mpms': - content => 'itk', - } - } - default: { - fail("Unsupported osfamily ${::osfamily}") - } - } -} diff --git a/apache/manifests/mod/ldap.pp b/apache/manifests/mod/ldap.pp deleted file mode 100644 index d84266836..000000000 --- a/apache/manifests/mod/ldap.pp +++ /dev/null @@ -1,27 +0,0 @@ -class apache::mod::ldap ( - $apache_version = undef, - $ldap_trusted_global_cert_file = undef, - $ldap_trusted_global_cert_type = 'CA_BASE64', - $ldap_shared_cache_size = undef, - $ldap_cache_entries = undef, - $ldap_cache_ttl = undef, - $ldap_opcache_entries = undef, - $ldap_opcache_ttl = undef, -){ - include ::apache - $_apache_version = pick($apache_version, $apache::apache_version) - if ($ldap_trusted_global_cert_file) { - validate_string($ldap_trusted_global_cert_type) - } - ::apache::mod { 'ldap': } - # Template uses $_apache_version - file { 'ldap.conf': - ensure => file, - path => "${::apache::mod_dir}/ldap.conf", - mode => $::apache::file_mode, - content => template('apache/mod/ldap.conf.erb'), - require => Exec["mkdir ${::apache::mod_dir}"], - before => File[$::apache::mod_dir], - notify => Class['apache::service'], - } -} diff --git a/apache/manifests/mod/mime.pp b/apache/manifests/mod/mime.pp deleted file mode 100644 index f68693093..000000000 --- a/apache/manifests/mod/mime.pp +++ /dev/null @@ -1,25 +0,0 @@ -class apache::mod::mime ( - $mime_support_package = $::apache::params::mime_support_package, - $mime_types_config = $::apache::params::mime_types_config, - $mime_types_additional = undef, -) inherits ::apache::params { - include ::apache - $_mime_types_additional = pick($mime_types_additional, $apache::mime_types_additional) - apache::mod { 'mime': } - # Template uses $_mime_types_config - file { 'mime.conf': - ensure => file, - path => "${::apache::mod_dir}/mime.conf", - mode => $::apache::file_mode, - content => template('apache/mod/mime.conf.erb'), - require => Exec["mkdir ${::apache::mod_dir}"], - before => File[$::apache::mod_dir], - notify => Class['apache::service'], - } - if $mime_support_package { - package { $mime_support_package: - ensure => 'installed', - before => File['mime.conf'], - } - } -} diff --git a/apache/manifests/mod/mime_magic.pp b/apache/manifests/mod/mime_magic.pp deleted file mode 100644 index ecc74cfdd..000000000 --- a/apache/manifests/mod/mime_magic.pp +++ /dev/null @@ -1,17 +0,0 @@ -class apache::mod::mime_magic ( - $magic_file = undef, -) { - include ::apache - $_magic_file = pick($magic_file, "${::apache::conf_dir}/magic") - apache::mod { 'mime_magic': } - # Template uses $magic_file - file { 'mime_magic.conf': - ensure => file, - path => "${::apache::mod_dir}/mime_magic.conf", - mode => $::apache::file_mode, - content => template('apache/mod/mime_magic.conf.erb'), - require => Exec["mkdir ${::apache::mod_dir}"], - before => File[$::apache::mod_dir], - notify => Class['apache::service'], - } -} diff --git a/apache/manifests/mod/negotiation.pp b/apache/manifests/mod/negotiation.pp deleted file mode 100644 index c7c34b81f..000000000 --- a/apache/manifests/mod/negotiation.pp +++ /dev/null @@ -1,27 +0,0 @@ -class apache::mod::negotiation ( - $force_language_priority = 'Prefer Fallback', - $language_priority = [ 'en', 'ca', 'cs', 'da', 'de', 'el', 'eo', 'es', 'et', - 'fr', 'he', 'hr', 'it', 'ja', 'ko', 'ltz', 'nl', 'nn', - 'no', 'pl', 'pt', 'pt-BR', 'ru', 'sv', 'zh-CN', - 'zh-TW' ], -) { - include ::apache - if !is_array($force_language_priority) and !is_string($force_language_priority) { - fail('force_languague_priority must be a string or array of strings') - } - if !is_array($language_priority) and !is_string($language_priority) { - fail('force_languague_priority must be a string or array of strings') - } - - ::apache::mod { 'negotiation': } - # Template uses no variables - file { 'negotiation.conf': - ensure => file, - mode => $::apache::file_mode, - path => "${::apache::mod_dir}/negotiation.conf", - content => template('apache/mod/negotiation.conf.erb'), - require => Exec["mkdir ${::apache::mod_dir}"], - before => File[$::apache::mod_dir], - notify => Class['apache::service'], - } -} diff --git a/apache/manifests/mod/nss.pp b/apache/manifests/mod/nss.pp deleted file mode 100644 index 16c285e93..000000000 --- a/apache/manifests/mod/nss.pp +++ /dev/null @@ -1,27 +0,0 @@ -class apache::mod::nss ( - $transfer_log = "${::apache::params::logroot}/access.log", - $error_log = "${::apache::params::logroot}/error.log", - $passwd_file = undef, - $port = 8443, -) { - include ::apache::mod::mime - - apache::mod { 'nss': } - - $httpd_dir = $::apache::httpd_dir - - # Template uses: - # $transfer_log - # $error_log - # $http_dir - # passwd_file - file { 'nss.conf': - ensure => file, - path => "${::apache::mod_dir}/nss.conf", - mode => $::apache::file_mode, - content => template('apache/mod/nss.conf.erb'), - require => Exec["mkdir ${::apache::mod_dir}"], - before => File[$::apache::mod_dir], - notify => Class['apache::service'], - } -} diff --git a/apache/manifests/mod/pagespeed.pp b/apache/manifests/mod/pagespeed.pp deleted file mode 100644 index a6506007b..000000000 --- a/apache/manifests/mod/pagespeed.pp +++ /dev/null @@ -1,58 +0,0 @@ -class apache::mod::pagespeed ( - $inherit_vhost_config = 'on', - $filter_xhtml = false, - $cache_path = '/var/cache/mod_pagespeed/', - $log_dir = '/var/log/pagespeed', - $memcache_servers = [], - $rewrite_level = 'CoreFilters', - $disable_filters = [], - $enable_filters = [], - $forbid_filters = [], - $rewrite_deadline_per_flush_ms = 10, - $additional_domains = undef, - $file_cache_size_kb = 102400, - $file_cache_clean_interval_ms = 3600000, - $lru_cache_per_process = 1024, - $lru_cache_byte_limit = 16384, - $css_flatten_max_bytes = 2048, - $css_inline_max_bytes = 2048, - $css_image_inline_max_bytes = 2048, - $image_inline_max_bytes = 2048, - $js_inline_max_bytes = 2048, - $css_outline_min_bytes = 3000, - $js_outline_min_bytes = 3000, - $inode_limit = 500000, - $image_max_rewrites_at_once = 8, - $num_rewrite_threads = 4, - $num_expensive_rewrite_threads = 4, - $collect_statistics = 'on', - $statistics_logging = 'on', - $allow_view_stats = [], - $allow_pagespeed_console = [], - $allow_pagespeed_message = [], - $message_buffer_size = 100000, - $additional_configuration = {}, - $apache_version = undef, -){ - include ::apache - $_apache_version = pick($apache_version, $apache::apache_version) - $_lib = $_apache_version ? { - '2.4' => 'mod_pagespeed_ap24.so', - default => undef - } - - apache::mod { 'pagespeed': - lib => $_lib, - } - - # Template uses $_apache_version - file { 'pagespeed.conf': - ensure => file, - path => "${::apache::mod_dir}/pagespeed.conf", - mode => $::apache::file_mode, - content => template('apache/mod/pagespeed.conf.erb'), - require => Exec["mkdir ${::apache::mod_dir}"], - before => File[$::apache::mod_dir], - notify => Class['apache::service'], - } -} diff --git a/apache/manifests/mod/passenger.pp b/apache/manifests/mod/passenger.pp deleted file mode 100644 index e97577d98..000000000 --- a/apache/manifests/mod/passenger.pp +++ /dev/null @@ -1,106 +0,0 @@ -class apache::mod::passenger ( - $passenger_conf_file = $::apache::params::passenger_conf_file, - $passenger_conf_package_file = $::apache::params::passenger_conf_package_file, - $passenger_high_performance = undef, - $passenger_pool_idle_time = undef, - $passenger_max_request_queue_size = undef, - $passenger_max_requests = undef, - $passenger_spawn_method = undef, - $passenger_stat_throttle_rate = undef, - $rack_autodetect = undef, - $rails_autodetect = undef, - $passenger_root = $::apache::params::passenger_root, - $passenger_ruby = $::apache::params::passenger_ruby, - $passenger_default_ruby = $::apache::params::passenger_default_ruby, - $passenger_max_pool_size = undef, - $passenger_min_instances = undef, - $passenger_use_global_queue = undef, - $passenger_app_env = undef, - $passenger_log_file = undef, - $manage_repo = true, - $mod_package = undef, - $mod_package_ensure = undef, - $mod_lib = undef, - $mod_lib_path = undef, - $mod_id = undef, - $mod_path = undef, -) inherits ::apache::params { - include ::apache - if $passenger_spawn_method { - validate_re($passenger_spawn_method, '(^smart$|^direct$|^smart-lv2$|^conservative$)', "${passenger_spawn_method} is not permitted for passenger_spawn_method. Allowed values are 'smart', 'direct', 'smart-lv2', or 'conservative'.") - } - if $passenger_log_file { - validate_absolute_path($passenger_log_file) - } - - # Managed by the package, but declare it to avoid purging - if $passenger_conf_package_file { - file { 'passenger_package.conf': - path => "${::apache::confd_dir}/${passenger_conf_package_file}", - } - } - - $_package = $mod_package - $_package_ensure = $mod_package_ensure - $_lib = $mod_lib - if $::osfamily == 'FreeBSD' { - if $mod_lib_path { - $_lib_path = $mod_lib_path - } else { - $_lib_path = "${passenger_root}/buildout/apache2" - } - } else { - $_lib_path = $mod_lib_path - } - - if $::osfamily == 'RedHat' and $manage_repo { - yumrepo { 'passenger': - ensure => 'present', - baseurl => 'https://oss-binaries.phusionpassenger.com/yum/passenger/el/$releasever/$basearch', - descr => 'passenger', - enabled => '1', - gpgcheck => '0', - gpgkey => 'https://packagecloud.io/gpg.key', - repo_gpgcheck => '1', - sslcacert => '/etc/pki/tls/certs/ca-bundle.crt', - sslverify => '1', - before => Apache::Mod['passenger'], - } - } - - $_id = $mod_id - $_path = $mod_path - ::apache::mod { 'passenger': - package => $_package, - package_ensure => $_package_ensure, - lib => $_lib, - lib_path => $_lib_path, - id => $_id, - path => $_path, - loadfile_name => 'zpassenger.load', - } - - # Template uses: - # - $passenger_root - # - $passenger_ruby - # - $passenger_default_ruby - # - $passenger_max_pool_size - # - $passenger_min_instances - # - $passenger_high_performance - # - $passenger_max_requests - # - $passenger_spawn_method - # - $passenger_stat_throttle_rate - # - $passenger_use_global_queue - # - $passenger_log_file - # - $passenger_app_env - # - $rack_autodetect - # - $rails_autodetect - file { 'passenger.conf': - ensure => file, - path => "${::apache::mod_dir}/${passenger_conf_file}", - content => template('apache/mod/passenger.conf.erb'), - require => Exec["mkdir ${::apache::mod_dir}"], - before => File[$::apache::mod_dir], - notify => Class['apache::service'], - } -} diff --git a/apache/manifests/mod/perl.pp b/apache/manifests/mod/perl.pp deleted file mode 100644 index 3bfeac977..000000000 --- a/apache/manifests/mod/perl.pp +++ /dev/null @@ -1,4 +0,0 @@ -class apache::mod::perl { - include ::apache - ::apache::mod { 'perl': } -} diff --git a/apache/manifests/mod/peruser.pp b/apache/manifests/mod/peruser.pp deleted file mode 100644 index e875a5afc..000000000 --- a/apache/manifests/mod/peruser.pp +++ /dev/null @@ -1,77 +0,0 @@ -class apache::mod::peruser ( - $minspareprocessors = '2', - $minprocessors = '2', - $maxprocessors = '10', - $maxclients = '150', - $maxrequestsperchild = '1000', - $idletimeout = '120', - $expiretimeout = '120', - $keepalive = 'Off', -) { - - case $::osfamily { - 'freebsd' : { - fail("Unsupported osfamily ${::osfamily}") - } - default: { - if $::osfamily == 'gentoo' { - ::portage::makeconf { 'apache2_mpms': - content => 'peruser', - } - } - - if defined(Class['apache::mod::event']) { - fail('May not include both apache::mod::peruser and apache::mod::event on the same node') - } - if defined(Class['apache::mod::itk']) { - fail('May not include both apache::mod::peruser and apache::mod::itk on the same node') - } - if defined(Class['apache::mod::prefork']) { - fail('May not include both apache::mod::peruser and apache::mod::prefork on the same node') - } - if defined(Class['apache::mod::worker']) { - fail('May not include both apache::mod::peruser and apache::mod::worker on the same node') - } - File { - owner => 'root', - group => $::apache::params::root_group, - mode => $::apache::file_mode, - } - - $mod_dir = $::apache::mod_dir - - # Template uses: - # - $minspareprocessors - # - $minprocessors - # - $maxprocessors - # - $maxclients - # - $maxrequestsperchild - # - $idletimeout - # - $expiretimeout - # - $keepalive - # - $mod_dir - file { "${::apache::mod_dir}/peruser.conf": - ensure => file, - mode => $::apache::file_mode, - content => template('apache/mod/peruser.conf.erb'), - require => Exec["mkdir ${::apache::mod_dir}"], - before => File[$::apache::mod_dir], - notify => Class['apache::service'], - } - file { "${::apache::mod_dir}/peruser": - ensure => directory, - require => File[$::apache::mod_dir], - } - file { "${::apache::mod_dir}/peruser/multiplexers": - ensure => directory, - require => File["${::apache::mod_dir}/peruser"], - } - file { "${::apache::mod_dir}/peruser/processors": - ensure => directory, - require => File["${::apache::mod_dir}/peruser"], - } - - ::apache::peruser::multiplexer { '01-default': } - } - } -} diff --git a/apache/manifests/mod/php.pp b/apache/manifests/mod/php.pp deleted file mode 100644 index 3d45f87a8..000000000 --- a/apache/manifests/mod/php.pp +++ /dev/null @@ -1,62 +0,0 @@ -class apache::mod::php ( - $package_name = undef, - $package_ensure = 'present', - $path = undef, - $extensions = ['.php'], - $content = undef, - $template = 'apache/mod/php5.conf.erb', - $source = undef, - $root_group = $::apache::params::root_group, -) inherits apache::params { - - if defined(Class['::apache::mod::prefork']) { - Class['::apache::mod::prefork']->File['php5.conf'] - } - elsif defined(Class['::apache::mod::itk']) { - Class['::apache::mod::itk']->File['php5.conf'] - } - else { - fail('apache::mod::php requires apache::mod::prefork or apache::mod::itk; please enable mpm_module => \'prefork\' or mpm_module => \'itk\' on Class[\'apache\']') - } - validate_array($extensions) - - if $source and ($content or $template != 'apache/mod/php5.conf.erb') { - warning('source and content or template parameters are provided. source parameter will be used') - } elsif $content and $template != 'apache/mod/php5.conf.erb' { - warning('content and template parameters are provided. content parameter will be used') - } - - $manage_content = $source ? { - undef => $content ? { - undef => template($template), - default => $content, - }, - default => undef, - } - - ::apache::mod { 'php5': - package => $package_name, - package_ensure => $package_ensure, - path => $path, - } - - include ::apache::mod::mime - include ::apache::mod::dir - Class['::apache::mod::mime'] -> Class['::apache::mod::dir'] -> Class['::apache::mod::php'] - - # Template uses $extensions - file { 'php5.conf': - ensure => file, - path => "${::apache::mod_dir}/php5.conf", - owner => 'root', - group => $root_group, - mode => $::apache::file_mode, - content => $manage_content, - source => $source, - require => [ - Exec["mkdir ${::apache::mod_dir}"], - ], - before => File[$::apache::mod_dir], - notify => Class['apache::service'], - } -} diff --git a/apache/manifests/mod/prefork.pp b/apache/manifests/mod/prefork.pp deleted file mode 100644 index 85d8b84d4..000000000 --- a/apache/manifests/mod/prefork.pp +++ /dev/null @@ -1,77 +0,0 @@ -class apache::mod::prefork ( - $startservers = '8', - $minspareservers = '5', - $maxspareservers = '20', - $serverlimit = '256', - $maxclients = '256', - $maxrequestsperchild = '4000', - $apache_version = $::apache::apache_version, -) { - if defined(Class['apache::mod::event']) { - fail('May not include both apache::mod::prefork and apache::mod::event on the same node') - } - if versioncmp($apache_version, '2.4') < 0 { - if defined(Class['apache::mod::itk']) { - fail('May not include both apache::mod::prefork and apache::mod::itk on the same node') - } - } - if defined(Class['apache::mod::peruser']) { - fail('May not include both apache::mod::prefork and apache::mod::peruser on the same node') - } - if defined(Class['apache::mod::worker']) { - fail('May not include both apache::mod::prefork and apache::mod::worker on the same node') - } - File { - owner => 'root', - group => $::apache::params::root_group, - mode => $::apache::file_mode, - } - - # Template uses: - # - $startservers - # - $minspareservers - # - $maxspareservers - # - $serverlimit - # - $maxclients - # - $maxrequestsperchild - file { "${::apache::mod_dir}/prefork.conf": - ensure => file, - content => template('apache/mod/prefork.conf.erb'), - require => Exec["mkdir ${::apache::mod_dir}"], - before => File[$::apache::mod_dir], - notify => Class['apache::service'], - } - - case $::osfamily { - 'redhat': { - if versioncmp($apache_version, '2.4') >= 0 { - ::apache::mpm{ 'prefork': - apache_version => $apache_version, - } - } - else { - file_line { '/etc/sysconfig/httpd prefork enable': - ensure => present, - path => '/etc/sysconfig/httpd', - line => '#HTTPD=/usr/sbin/httpd.worker', - match => '#?HTTPD=/usr/sbin/httpd.worker', - require => Package['httpd'], - notify => Class['apache::service'], - } - } - } - 'debian', 'freebsd', 'Suse' : { - ::apache::mpm{ 'prefork': - apache_version => $apache_version, - } - } - 'gentoo': { - ::portage::makeconf { 'apache2_mpms': - content => 'prefork', - } - } - default: { - fail("Unsupported osfamily ${::osfamily}") - } - } -} diff --git a/apache/manifests/mod/proxy.pp b/apache/manifests/mod/proxy.pp deleted file mode 100644 index 1f7093892..000000000 --- a/apache/manifests/mod/proxy.pp +++ /dev/null @@ -1,19 +0,0 @@ -class apache::mod::proxy ( - $proxy_requests = 'Off', - $allow_from = undef, - $apache_version = undef, -) { - include ::apache - $_apache_version = pick($apache_version, $apache::apache_version) - ::apache::mod { 'proxy': } - # Template uses $proxy_requests, $_apache_version - file { 'proxy.conf': - ensure => file, - path => "${::apache::mod_dir}/proxy.conf", - mode => $::apache::file_mode, - content => template('apache/mod/proxy.conf.erb'), - require => Exec["mkdir ${::apache::mod_dir}"], - before => File[$::apache::mod_dir], - notify => Class['apache::service'], - } -} diff --git a/apache/manifests/mod/proxy_ajp.pp b/apache/manifests/mod/proxy_ajp.pp deleted file mode 100644 index a011a1789..000000000 --- a/apache/manifests/mod/proxy_ajp.pp +++ /dev/null @@ -1,4 +0,0 @@ -class apache::mod::proxy_ajp { - Class['::apache::mod::proxy'] -> Class['::apache::mod::proxy_ajp'] - ::apache::mod { 'proxy_ajp': } -} diff --git a/apache/manifests/mod/proxy_balancer.pp b/apache/manifests/mod/proxy_balancer.pp deleted file mode 100644 index 5a0768d8d..000000000 --- a/apache/manifests/mod/proxy_balancer.pp +++ /dev/null @@ -1,10 +0,0 @@ -class apache::mod::proxy_balancer { - - include ::apache::mod::proxy - include ::apache::mod::proxy_http - - Class['::apache::mod::proxy'] -> Class['::apache::mod::proxy_balancer'] - Class['::apache::mod::proxy_http'] -> Class['::apache::mod::proxy_balancer'] - ::apache::mod { 'proxy_balancer': } - -} diff --git a/apache/manifests/mod/proxy_connect.pp b/apache/manifests/mod/proxy_connect.pp deleted file mode 100644 index cda5b89dc..000000000 --- a/apache/manifests/mod/proxy_connect.pp +++ /dev/null @@ -1,10 +0,0 @@ -class apache::mod::proxy_connect ( - $apache_version = undef, -) { - include ::apache - $_apache_version = pick($apache_version, $apache::apache_version) - if versioncmp($_apache_version, '2.2') >= 0 { - Class['::apache::mod::proxy'] -> Class['::apache::mod::proxy_connect'] - ::apache::mod { 'proxy_connect': } - } -} diff --git a/apache/manifests/mod/proxy_html.pp b/apache/manifests/mod/proxy_html.pp deleted file mode 100644 index cceaf0b75..000000000 --- a/apache/manifests/mod/proxy_html.pp +++ /dev/null @@ -1,39 +0,0 @@ -class apache::mod::proxy_html { - include ::apache - Class['::apache::mod::proxy'] -> Class['::apache::mod::proxy_html'] - Class['::apache::mod::proxy_http'] -> Class['::apache::mod::proxy_html'] - - # Add libxml2 - case $::osfamily { - /RedHat|FreeBSD|Gentoo/: { - ::apache::mod { 'xml2enc': } - $loadfiles = undef - } - 'Debian': { - $gnu_path = $::hardwaremodel ? { - 'i686' => 'i386', - default => $::hardwaremodel, - } - $loadfiles = $::apache::params::distrelease ? { - '6' => ['/usr/lib/libxml2.so.2'], - '10' => ['/usr/lib/libxml2.so.2'], - default => ["/usr/lib/${gnu_path}-linux-gnu/libxml2.so.2"], - } - } - } - - ::apache::mod { 'proxy_html': - loadfiles => $loadfiles, - } - - # Template uses $icons_path - file { 'proxy_html.conf': - ensure => file, - path => "${::apache::mod_dir}/proxy_html.conf", - mode => $::apache::file_mode, - content => template('apache/mod/proxy_html.conf.erb'), - require => Exec["mkdir ${::apache::mod_dir}"], - before => File[$::apache::mod_dir], - notify => Class['apache::service'], - } -} diff --git a/apache/manifests/mod/proxy_http.pp b/apache/manifests/mod/proxy_http.pp deleted file mode 100644 index 1579e68ee..000000000 --- a/apache/manifests/mod/proxy_http.pp +++ /dev/null @@ -1,4 +0,0 @@ -class apache::mod::proxy_http { - Class['::apache::mod::proxy'] -> Class['::apache::mod::proxy_http'] - ::apache::mod { 'proxy_http': } -} diff --git a/apache/manifests/mod/python.pp b/apache/manifests/mod/python.pp deleted file mode 100644 index 75af35011..000000000 --- a/apache/manifests/mod/python.pp +++ /dev/null @@ -1,6 +0,0 @@ -class apache::mod::python { - include ::apache - ::apache::mod { 'python': } -} - - diff --git a/apache/manifests/mod/remoteip.pp b/apache/manifests/mod/remoteip.pp deleted file mode 100644 index 92010cf96..000000000 --- a/apache/manifests/mod/remoteip.pp +++ /dev/null @@ -1,30 +0,0 @@ -class apache::mod::remoteip ( - $header = 'X-Forwarded-For', - $proxy_ips = [ '127.0.0.1' ], - $proxies_header = undef, - $trusted_proxy_ips = undef, - $apache_version = undef, -) { - include ::apache - $_apache_version = pick($apache_version, $apache::apache_version) - if versioncmp($_apache_version, '2.4') < 0 { - fail('mod_remoteip is only available in Apache 2.4') - } - - ::apache::mod { 'remoteip': } - - # Template uses: - # - $header - # - $proxy_ips - # - $proxies_header - # - $trusted_proxy_ips - file { 'remoteip.conf': - ensure => file, - path => "${::apache::mod_dir}/remoteip.conf", - mode => $::apache::file_mode, - content => template('apache/mod/remoteip.conf.erb'), - require => Exec["mkdir ${::apache::mod_dir}"], - before => File[$::apache::mod_dir], - notify => Service['httpd'], - } -} diff --git a/apache/manifests/mod/reqtimeout.pp b/apache/manifests/mod/reqtimeout.pp deleted file mode 100644 index f166f6d6f..000000000 --- a/apache/manifests/mod/reqtimeout.pp +++ /dev/null @@ -1,15 +0,0 @@ -class apache::mod::reqtimeout ( - $timeouts = ['header=20-40,minrate=500', 'body=10,minrate=500'] -){ - include ::apache - ::apache::mod { 'reqtimeout': } - # Template uses no variables - file { 'reqtimeout.conf': - ensure => file, - path => "${::apache::mod_dir}/reqtimeout.conf", - content => template('apache/mod/reqtimeout.conf.erb'), - require => Exec["mkdir ${::apache::mod_dir}"], - before => File[$::apache::mod_dir], - notify => Class['apache::service'], - } -} diff --git a/apache/manifests/mod/rewrite.pp b/apache/manifests/mod/rewrite.pp deleted file mode 100644 index 694f0b6f5..000000000 --- a/apache/manifests/mod/rewrite.pp +++ /dev/null @@ -1,4 +0,0 @@ -class apache::mod::rewrite { - include ::apache::params - ::apache::mod { 'rewrite': } -} diff --git a/apache/manifests/mod/rpaf.pp b/apache/manifests/mod/rpaf.pp deleted file mode 100644 index cb6548360..000000000 --- a/apache/manifests/mod/rpaf.pp +++ /dev/null @@ -1,22 +0,0 @@ -class apache::mod::rpaf ( - $sethostname = true, - $proxy_ips = [ '127.0.0.1' ], - $header = 'X-Forwarded-For' -) { - include ::apache - ::apache::mod { 'rpaf': } - - # Template uses: - # - $sethostname - # - $proxy_ips - # - $header - file { 'rpaf.conf': - ensure => file, - path => "${::apache::mod_dir}/rpaf.conf", - mode => $::apache::file_mode, - content => template('apache/mod/rpaf.conf.erb'), - require => Exec["mkdir ${::apache::mod_dir}"], - before => File[$::apache::mod_dir], - notify => Class['apache::service'], - } -} diff --git a/apache/manifests/mod/security.pp b/apache/manifests/mod/security.pp deleted file mode 100644 index 7cd7114c4..000000000 --- a/apache/manifests/mod/security.pp +++ /dev/null @@ -1,84 +0,0 @@ -class apache::mod::security ( - $crs_package = $::apache::params::modsec_crs_package, - $activated_rules = $::apache::params::modsec_default_rules, - $modsec_dir = $::apache::params::modsec_dir, - $modsec_secruleengine = $::apache::params::modsec_secruleengine, - $audit_log_parts = $::apache::params::modsec_audit_log_parts, - $secpcrematchlimit = $::apache::params::secpcrematchlimit, - $secpcrematchlimitrecursion = $::apache::params::secpcrematchlimitrecursion, - $allowed_methods = 'GET HEAD POST OPTIONS', - $content_types = 'application/x-www-form-urlencoded|multipart/form-data|text/xml|application/xml|application/x-amf', - $restricted_extensions = '.asa/ .asax/ .ascx/ .axd/ .backup/ .bak/ .bat/ .cdx/ .cer/ .cfg/ .cmd/ .com/ .config/ .conf/ .cs/ .csproj/ .csr/ .dat/ .db/ .dbf/ .dll/ .dos/ .htr/ .htw/ .ida/ .idc/ .idq/ .inc/ .ini/ .key/ .licx/ .lnk/ .log/ .mdb/ .old/ .pass/ .pdb/ .pol/ .printer/ .pwd/ .resources/ .resx/ .sql/ .sys/ .vb/ .vbs/ .vbproj/ .vsdisco/ .webinfo/ .xsd/ .xsx/', - $restricted_headers = '/Proxy-Connection/ /Lock-Token/ /Content-Range/ /Translate/ /via/ /if/', -) inherits ::apache::params { - include ::apache - - if $::osfamily == 'FreeBSD' { - fail('FreeBSD is not currently supported') - } - - ::apache::mod { 'security': - id => 'security2_module', - lib => 'mod_security2.so', - } - - ::apache::mod { 'unique_id_module': - id => 'unique_id_module', - lib => 'mod_unique_id.so', - } - - if $crs_package { - package { $crs_package: - ensure => 'latest', - before => File[$::apache::confd_dir], - } - } - - # Template uses: - # - $modsec_dir - # - $audit_log_parts - # - secpcrematchlimit - # - secpcrematchlimitrecursion - file { 'security.conf': - ensure => file, - content => template('apache/mod/security.conf.erb'), - mode => $::apache::file_mode, - path => "${::apache::mod_dir}/security.conf", - owner => $::apache::params::user, - group => $::apache::params::group, - require => Exec["mkdir ${::apache::mod_dir}"], - before => File[$::apache::mod_dir], - notify => Class['apache::service'], - } - - file { $modsec_dir: - ensure => directory, - owner => $::apache::params::user, - group => $::apache::params::group, - mode => '0555', - purge => true, - force => true, - recurse => true, - } - - file { "${modsec_dir}/activated_rules": - ensure => directory, - owner => $::apache::params::user, - group => $::apache::params::group, - mode => '0555', - purge => true, - force => true, - recurse => true, - notify => Class['apache::service'], - } - - file { "${modsec_dir}/security_crs.conf": - ensure => file, - content => template('apache/mod/security_crs.conf.erb'), - require => File[$modsec_dir], - notify => Class['apache::service'], - } - - apache::security::rule_link { $activated_rules: } - -} diff --git a/apache/manifests/mod/setenvif.pp b/apache/manifests/mod/setenvif.pp deleted file mode 100644 index 63d3e321b..000000000 --- a/apache/manifests/mod/setenvif.pp +++ /dev/null @@ -1,13 +0,0 @@ -class apache::mod::setenvif { - ::apache::mod { 'setenvif': } - # Template uses no variables - file { 'setenvif.conf': - ensure => file, - path => "${::apache::mod_dir}/setenvif.conf", - mode => $::apache::file_mode, - content => template('apache/mod/setenvif.conf.erb'), - require => Exec["mkdir ${::apache::mod_dir}"], - before => File[$::apache::mod_dir], - notify => Class['apache::service'], - } -} diff --git a/apache/manifests/mod/shib.pp b/apache/manifests/mod/shib.pp deleted file mode 100644 index 4b0088926..000000000 --- a/apache/manifests/mod/shib.pp +++ /dev/null @@ -1,15 +0,0 @@ -class apache::mod::shib ( - $suppress_warning = false, -) { - include ::apache - if $::osfamily == 'RedHat' and ! $suppress_warning { - warning('RedHat distributions do not have Apache mod_shib in their default package repositories.') - } - - $mod_shib = 'shib2' - - apache::mod {$mod_shib: - id => 'mod_shib', - } - -} diff --git a/apache/manifests/mod/speling.pp b/apache/manifests/mod/speling.pp deleted file mode 100644 index fbd19d373..000000000 --- a/apache/manifests/mod/speling.pp +++ /dev/null @@ -1,4 +0,0 @@ -class apache::mod::speling { - include ::apache - ::apache::mod { 'speling': } -} diff --git a/apache/manifests/mod/ssl.pp b/apache/manifests/mod/ssl.pp deleted file mode 100644 index 4cbddcbd6..000000000 --- a/apache/manifests/mod/ssl.pp +++ /dev/null @@ -1,88 +0,0 @@ -class apache::mod::ssl ( - $ssl_compression = false, - $ssl_cryptodevice = 'builtin', - $ssl_options = [ 'StdEnvVars' ], - $ssl_openssl_conf_cmd = undef, - $ssl_cipher = 'HIGH:MEDIUM:!aNULL:!MD5:!RC4', - $ssl_honorcipherorder = 'On', - $ssl_protocol = [ 'all', '-SSLv2', '-SSLv3' ], - $ssl_pass_phrase_dialog = 'builtin', - $ssl_random_seed_bytes = '512', - $ssl_sessioncachetimeout = '300', - $ssl_mutex = undef, - $apache_version = undef, - $package_name = undef, -) { - include ::apache - include ::apache::mod::mime - $_apache_version = pick($apache_version, $apache::apache_version) - if $ssl_mutex { - $_ssl_mutex = $ssl_mutex - } else { - case $::osfamily { - 'debian': { - if versioncmp($_apache_version, '2.4') >= 0 { - $_ssl_mutex = 'default' - } elsif $::operatingsystem == 'Ubuntu' and $::operatingsystemrelease == '10.04' { - $_ssl_mutex = 'file:/var/run/apache2/ssl_mutex' - } else { - $_ssl_mutex = "file:\${APACHE_RUN_DIR}/ssl_mutex" - } - } - 'redhat': { - $_ssl_mutex = 'default' - } - 'freebsd': { - $_ssl_mutex = 'default' - } - 'gentoo': { - $_ssl_mutex = 'default' - } - 'Suse': { - $_ssl_mutex = 'default' - } - default: { - fail("Unsupported osfamily ${::osfamily}, please explicitly pass in \$ssl_mutex") - } - } - } - - $session_cache = $::osfamily ? { - 'debian' => "\${APACHE_RUN_DIR}/ssl_scache(512000)", - 'redhat' => '/var/cache/mod_ssl/scache(512000)', - 'freebsd' => '/var/run/ssl_scache(512000)', - 'gentoo' => '/var/run/ssl_scache(512000)', - 'Suse' => '/var/lib/apache2/ssl_scache(512000)' - } - - ::apache::mod { 'ssl': - package => $package_name, - } - - if versioncmp($_apache_version, '2.4') >= 0 { - ::apache::mod { 'socache_shmcb': } - } - - # Template uses - # - # $ssl_compression - # $ssl_cryptodevice - # $ssl_cipher - # $ssl_honorcipherorder - # $ssl_options - # $ssl_openssl_conf_cmd - # $session_cache - # $ssl_mutex - # $ssl_random_seed_bytes - # $ssl_sessioncachetimeout - # $_apache_version - file { 'ssl.conf': - ensure => file, - path => "${::apache::mod_dir}/ssl.conf", - mode => $::apache::file_mode, - content => template('apache/mod/ssl.conf.erb'), - require => Exec["mkdir ${::apache::mod_dir}"], - before => File[$::apache::mod_dir], - notify => Class['apache::service'], - } -} diff --git a/apache/manifests/mod/status.pp b/apache/manifests/mod/status.pp deleted file mode 100644 index d30a690de..000000000 --- a/apache/manifests/mod/status.pp +++ /dev/null @@ -1,49 +0,0 @@ -# Class: apache::mod::status -# -# This class enables and configures Apache mod_status -# See: http://httpd.apache.org/docs/current/mod/mod_status.html -# -# Parameters: -# - $allow_from is an array of hosts, ip addresses, partial network numbers -# or networks in CIDR notation specifying what hosts can view the special -# /server-status URL. Defaults to ['127.0.0.1', '::1']. -# - $extended_status track and display extended status information. Valid -# values are 'On' or 'Off'. Defaults to 'On'. -# - $status_path is the path assigned to the Location directive which -# defines the URL to access the server status. Defaults to '/server-status'. -# -# Actions: -# - Enable and configure Apache mod_status -# -# Requires: -# - The apache class -# -# Sample Usage: -# -# # Simple usage allowing access from localhost and a private subnet -# class { 'apache::mod::status': -# $allow_from => ['127.0.0.1', '10.10.10.10/24'], -# } -# -class apache::mod::status ( - $allow_from = ['127.0.0.1','::1'], - $extended_status = 'On', - $apache_version = undef, - $status_path = '/server-status', -) inherits ::apache::params { - include ::apache - $_apache_version = pick($apache_version, $apache::apache_version) - validate_array($allow_from) - validate_re(downcase($extended_status), '^(on|off)$', "${extended_status} is not supported for extended_status. Allowed values are 'On' and 'Off'.") - ::apache::mod { 'status': } - # Template uses $allow_from, $extended_status, $_apache_version, $status_path - file { 'status.conf': - ensure => file, - path => "${::apache::mod_dir}/status.conf", - mode => $::apache::file_mode, - content => template('apache/mod/status.conf.erb'), - require => Exec["mkdir ${::apache::mod_dir}"], - before => File[$::apache::mod_dir], - notify => Class['apache::service'], - } -} diff --git a/apache/manifests/mod/suexec.pp b/apache/manifests/mod/suexec.pp deleted file mode 100644 index ded013d49..000000000 --- a/apache/manifests/mod/suexec.pp +++ /dev/null @@ -1,3 +0,0 @@ -class apache::mod::suexec { - ::apache::mod { 'suexec': } -} diff --git a/apache/manifests/mod/suphp.pp b/apache/manifests/mod/suphp.pp deleted file mode 100644 index 955bba302..000000000 --- a/apache/manifests/mod/suphp.pp +++ /dev/null @@ -1,16 +0,0 @@ -class apache::mod::suphp ( -){ - include ::apache - ::apache::mod { 'suphp': } - - file {'suphp.conf': - ensure => file, - path => "${::apache::mod_dir}/suphp.conf", - mode => $::apache::file_mode, - content => template('apache/mod/suphp.conf.erb'), - require => Exec["mkdir ${::apache::mod_dir}"], - before => File[$::apache::mod_dir], - notify => Class['apache::service'], - } -} - diff --git a/apache/manifests/mod/userdir.pp b/apache/manifests/mod/userdir.pp deleted file mode 100644 index 516bb1165..000000000 --- a/apache/manifests/mod/userdir.pp +++ /dev/null @@ -1,20 +0,0 @@ -class apache::mod::userdir ( - $home = '/home', - $dir = 'public_html', - $disable_root = true, - $apache_version = $::apache::apache_version, - $options = [ 'MultiViews', 'Indexes', 'SymLinksIfOwnerMatch', 'IncludesNoExec' ], -) { - ::apache::mod { 'userdir': } - - # Template uses $home, $dir, $disable_root, $apache_version - file { 'userdir.conf': - ensure => file, - path => "${::apache::mod_dir}/userdir.conf", - mode => $::apache::file_mode, - content => template('apache/mod/userdir.conf.erb'), - require => Exec["mkdir ${::apache::mod_dir}"], - before => File[$::apache::mod_dir], - notify => Class['apache::service'], - } -} diff --git a/apache/manifests/mod/version.pp b/apache/manifests/mod/version.pp deleted file mode 100644 index 1cc4412e1..000000000 --- a/apache/manifests/mod/version.pp +++ /dev/null @@ -1,10 +0,0 @@ -class apache::mod::version( - $apache_version = $::apache::apache_version -) { - - if ($::osfamily == 'debian' and versioncmp($apache_version, '2.4') >= 0) { - warning("${module_name}: module version_module is built-in and can't be loaded") - } else { - ::apache::mod { 'version': } - } -} diff --git a/apache/manifests/mod/vhost_alias.pp b/apache/manifests/mod/vhost_alias.pp deleted file mode 100644 index 30ae122e1..000000000 --- a/apache/manifests/mod/vhost_alias.pp +++ /dev/null @@ -1,3 +0,0 @@ -class apache::mod::vhost_alias { - ::apache::mod { 'vhost_alias': } -} diff --git a/apache/manifests/mod/worker.pp b/apache/manifests/mod/worker.pp deleted file mode 100644 index 9e417e0c4..000000000 --- a/apache/manifests/mod/worker.pp +++ /dev/null @@ -1,135 +0,0 @@ -# == Class: apache::mod::worker -# -# -# === Parameters -# -# [*startservers*] -# (optional) The number of child server processes created on startup -# Defaults is '2' -# -# [*maxclients*] -# (optional) The max number of simultaneous requests that will be served. -# This is the old name and is still supported. The new name is -# MaxRequestWorkers as of 2.3.13. -# Default is '150' -# -# [*minsparethreads*] -# (optional) Minimum number of idle threads to handle request spikes. -# Default is '25' -# -# [*maxsparethreads*] -# (optional) Maximum number of idle threads. -# Default is '75' -# -# [*threadsperchild*] -# (optional) The number of threads created by each child process. -# Default is '25' -# -# [*maxrequestsperchild*] -# (optional) Limit on the number of connectiojns an individual child server -# process will handle. This is the old name and is still supported. The new -# name is MaxConnectionsPerChild as of 2.3.9+. -# Default is '0' -# -# [*serverlimit*] -# (optional) With worker, use this directive only if your MaxRequestWorkers -# and ThreadsPerChild settings require more than 16 server processes -# (default). Do not set the value of this directive any higher than the -# number of server processes required by what you may want for -# MaxRequestWorkers and ThreadsPerChild. -# Default is '25' -# -# [*threadlimit*] -# (optional) This directive sets the maximum configured value for -# ThreadsPerChild for the lifetime of the Apache httpd process. -# Default is '64' -# -# [*listenbacklog*] -# (optional) Maximum length of the queue of pending connections. -# Defaults is '511' -# -# [*apache_version*] -# (optional) -# Default is $::apache::apache_version -# -class apache::mod::worker ( - $startservers = '2', - $maxclients = '150', - $minsparethreads = '25', - $maxsparethreads = '75', - $threadsperchild = '25', - $maxrequestsperchild = '0', - $serverlimit = '25', - $threadlimit = '64', - $listenbacklog = '511', - $apache_version = $::apache::apache_version, -) { - if defined(Class['apache::mod::event']) { - fail('May not include both apache::mod::worker and apache::mod::event on the same node') - } - if defined(Class['apache::mod::itk']) { - fail('May not include both apache::mod::worker and apache::mod::itk on the same node') - } - if defined(Class['apache::mod::peruser']) { - fail('May not include both apache::mod::worker and apache::mod::peruser on the same node') - } - if defined(Class['apache::mod::prefork']) { - fail('May not include both apache::mod::worker and apache::mod::prefork on the same node') - } - File { - owner => 'root', - group => $::apache::params::root_group, - mode => $::apache::file_mode, - } - - # Template uses: - # - $startservers - # - $maxclients - # - $minsparethreads - # - $maxsparethreads - # - $threadsperchild - # - $maxrequestsperchild - # - $serverlimit - # - $threadLimit - # - $listenbacklog - file { "${::apache::mod_dir}/worker.conf": - ensure => file, - content => template('apache/mod/worker.conf.erb'), - require => Exec["mkdir ${::apache::mod_dir}"], - before => File[$::apache::mod_dir], - notify => Class['apache::service'], - } - - case $::osfamily { - 'redhat': { - if versioncmp($apache_version, '2.4') >= 0 { - ::apache::mpm{ 'worker': - apache_version => $apache_version, - } - } - else { - file_line { '/etc/sysconfig/httpd worker enable': - ensure => present, - path => '/etc/sysconfig/httpd', - line => 'HTTPD=/usr/sbin/httpd.worker', - match => '#?HTTPD=/usr/sbin/httpd.worker', - require => Package['httpd'], - notify => Class['apache::service'], - } - } - } - 'debian', 'freebsd', 'Suse': { - ::apache::mpm{ 'worker': - apache_version => $apache_version, - } - } - 'gentoo': { - ::portage::makeconf { 'apache2_mpms': - content => 'worker', - } - } - default: { - fail("Unsupported osfamily ${::osfamily}") - } - } -} diff --git a/apache/manifests/mod/wsgi.pp b/apache/manifests/mod/wsgi.pp deleted file mode 100644 index e726bcfaa..000000000 --- a/apache/manifests/mod/wsgi.pp +++ /dev/null @@ -1,42 +0,0 @@ -class apache::mod::wsgi ( - $wsgi_socket_prefix = $::apache::params::wsgi_socket_prefix, - $wsgi_python_path = undef, - $wsgi_python_home = undef, - $package_name = undef, - $mod_path = undef, -) inherits ::apache::params { - include ::apache - if ($package_name != undef and $mod_path == undef) or ($package_name == undef and $mod_path != undef) { - fail('apache::mod::wsgi - both package_name and mod_path must be specified!') - } - - if $package_name != undef { - if $mod_path =~ /\// { - $_mod_path = $mod_path - } else { - $_mod_path = "${::apache::lib_path}/${mod_path}" - } - ::apache::mod { 'wsgi': - package => $package_name, - path => $_mod_path, - } - } - else { - ::apache::mod { 'wsgi': } - } - - # Template uses: - # - $wsgi_socket_prefix - # - $wsgi_python_path - # - $wsgi_python_home - file {'wsgi.conf': - ensure => file, - path => "${::apache::mod_dir}/wsgi.conf", - mode => $::apache::file_mode, - content => template('apache/mod/wsgi.conf.erb'), - require => Exec["mkdir ${::apache::mod_dir}"], - before => File[$::apache::mod_dir], - notify => Class['apache::service'], - } -} - diff --git a/apache/manifests/mod/xsendfile.pp b/apache/manifests/mod/xsendfile.pp deleted file mode 100644 index 7c5e88437..000000000 --- a/apache/manifests/mod/xsendfile.pp +++ /dev/null @@ -1,4 +0,0 @@ -class apache::mod::xsendfile { - include ::apache::params - ::apache::mod { 'xsendfile': } -} diff --git a/apache/manifests/mpm.pp b/apache/manifests/mpm.pp deleted file mode 100644 index 153540910..000000000 --- a/apache/manifests/mpm.pp +++ /dev/null @@ -1,127 +0,0 @@ -define apache::mpm ( - $lib_path = $::apache::lib_path, - $apache_version = $::apache::apache_version, -) { - if ! defined(Class['apache']) { - fail('You must include the apache base class before using any apache defined resources') - } - - $mpm = $name - $mod_dir = $::apache::mod_dir - - $_lib = "mod_mpm_${mpm}.so" - $_path = "${lib_path}/${_lib}" - $_id = "mpm_${mpm}_module" - - if versioncmp($apache_version, '2.4') >= 0 { - file { "${mod_dir}/${mpm}.load": - ensure => file, - path => "${mod_dir}/${mpm}.load", - content => "LoadModule ${_id} ${_path}\n", - require => [ - Package['httpd'], - Exec["mkdir ${mod_dir}"], - ], - before => File[$mod_dir], - notify => Class['apache::service'], - } - } - - case $::osfamily { - 'debian': { - file { "${::apache::mod_enable_dir}/${mpm}.conf": - ensure => link, - target => "${::apache::mod_dir}/${mpm}.conf", - require => Exec["mkdir ${::apache::mod_enable_dir}"], - before => File[$::apache::mod_enable_dir], - notify => Class['apache::service'], - } - - if versioncmp($apache_version, '2.4') >= 0 { - file { "${::apache::mod_enable_dir}/${mpm}.load": - ensure => link, - target => "${::apache::mod_dir}/${mpm}.load", - require => Exec["mkdir ${::apache::mod_enable_dir}"], - before => File[$::apache::mod_enable_dir], - notify => Class['apache::service'], - } - - if $mpm == 'itk' { - file { "${lib_path}/mod_mpm_itk.so": - ensure => link, - target => "${lib_path}/mpm_itk.so", - require => Package['httpd'], - before => Class['apache::service'], - } - } - } - - if $mpm == 'itk' and $::operatingsystem == 'Ubuntu' and $::operatingsystemrelease == '14.04' { - # workaround https://bugs.launchpad.net/ubuntu/+source/mpm-itk/+bug/1286882 - exec { - '/usr/sbin/a2dismod mpm_event': - onlyif => '/usr/bin/test -e /etc/apache2/mods-enabled/mpm_event.load', - require => Package['httpd'], - before => Package['apache2-mpm-itk'], - } - } - - if versioncmp($apache_version, '2.4') < 0 or $mpm == 'itk' { - package { "apache2-mpm-${mpm}": - ensure => present, - } - if $::apache::mod_enable_dir { - Package["apache2-mpm-${mpm}"] { - before => File[$::apache::mod_enable_dir], - } - } - } - } - 'freebsd': { - class { '::apache::package': - mpm_module => $mpm - } - } - 'gentoo': { - # so we don't fail - } - 'redhat': { - # so we don't fail - } - 'Suse': { - file { "${::apache::mod_enable_dir}/${mpm}.conf": - ensure => link, - target => "${::apache::mod_dir}/${mpm}.conf", - require => Exec["mkdir ${::apache::mod_enable_dir}"], - before => File[$::apache::mod_enable_dir], - notify => Class['apache::service'], - } - - if versioncmp($apache_version, '2.4') >= 0 { - file { "${::apache::mod_enable_dir}/${mpm}.load": - ensure => link, - target => "${::apache::mod_dir}/${mpm}.load", - require => Exec["mkdir ${::apache::mod_enable_dir}"], - before => File[$::apache::mod_enable_dir], - notify => Class['apache::service'], - } - - if $mpm == 'itk' { - file { "${lib_path}/mod_mpm_itk.so": - ensure => link, - target => "${lib_path}/mpm_itk.so" - } - } - } - - if versioncmp($apache_version, '2.4') < 0 { - package { "apache2-${mpm}": - ensure => present, - } - } - } - default: { - fail("Unsupported osfamily ${::osfamily}") - } - } -} diff --git a/apache/manifests/namevirtualhost.pp b/apache/manifests/namevirtualhost.pp deleted file mode 100644 index f8c3a80d8..000000000 --- a/apache/manifests/namevirtualhost.pp +++ /dev/null @@ -1,10 +0,0 @@ -define apache::namevirtualhost { - $addr_port = $name - - # Template uses: $addr_port - concat::fragment { "NameVirtualHost ${addr_port}": - ensure => present, - target => $::apache::ports_file, - content => template('apache/namevirtualhost.erb'), - } -} diff --git a/apache/manifests/package.pp b/apache/manifests/package.pp deleted file mode 100644 index 5c59f2546..000000000 --- a/apache/manifests/package.pp +++ /dev/null @@ -1,65 +0,0 @@ -class apache::package ( - $ensure = 'present', - $mpm_module = $::apache::params::mpm_module, -) inherits ::apache::params { - - # The base class must be included first because it is used by parameter defaults - if ! defined(Class['apache']) { - fail('You must include the apache base class before using any apache defined resources') - } - - case $::osfamily { - 'FreeBSD': { - case $mpm_module { - 'prefork': { - $set = 'MPM_PREFORK' - $unset = 'MPM_WORKER MPM_EVENT' - } - 'worker': { - $set = 'MPM_WORKER' - $unset = 'MPM_PREFORK MPM_EVENT' - } - 'event': { - $set = 'MPM_EVENT' - $unset = 'MPM_PREFORK MPM_WORKER' - } - 'itk': { - $set = undef - $unset = undef - package { 'www/mod_mpm_itk': - ensure => installed, - } - } - default: { fail("MPM module ${mpm_module} not supported on FreeBSD") } - } - - # Configure ports to have apache build options set correctly - if $set { - file_line { 'apache SET options in /etc/make.conf': - ensure => $ensure, - path => '/etc/make.conf', - line => "apache24_SET_FORCE=${set}", - match => '^apache24_SET_FORCE=.*', - before => Package['httpd'], - } - file_line { 'apache UNSET options in /etc/make.conf': - ensure => $ensure, - path => '/etc/make.conf', - line => "apache24_UNSET_FORCE=${unset}", - match => '^apache24_UNSET_FORCE=.*', - before => Package['httpd'], - } - } - $apache_package = $::apache::apache_name - } - default: { - $apache_package = $::apache::apache_name - } - } - - package { 'httpd': - ensure => $ensure, - name => $apache_package, - notify => Class['Apache::Service'], - } -} diff --git a/apache/manifests/params.pp b/apache/manifests/params.pp deleted file mode 100644 index 19b3d2a46..000000000 --- a/apache/manifests/params.pp +++ /dev/null @@ -1,559 +0,0 @@ -# Class: apache::params -# -# This class manages Apache parameters -# -# Parameters: -# - The $user that Apache runs as -# - The $group that Apache runs as -# - The $apache_name is the name of the package and service on the relevant -# distribution -# - The $php_package is the name of the package that provided PHP -# - The $ssl_package is the name of the Apache SSL package -# - The $apache_dev is the name of the Apache development libraries package -# - The $conf_contents is the contents of the Apache configuration file -# -# Actions: -# -# Requires: -# -# Sample Usage: -# -class apache::params inherits ::apache::version { - if($::fqdn) { - $servername = $::fqdn - } else { - $servername = $::hostname - } - - # The default error log level - $log_level = 'warn' - $use_optional_includes = false - - # Default mime types settings - $mime_types_additional = { - 'AddHandler' => { 'type-map' => 'var', }, - 'AddType' => { 'text/html' => '.shtml', }, - 'AddOutputFilter' => { 'INCLUDES' => '.shtml', }, - } - - # should we use systemd module? - $use_systemd = true - - # Default mode for files - $file_mode = '0644' - - # Default options for / directory - $root_directory_options = ['FollowSymLinks'] - - $vhost_include_pattern = '*' - - $modsec_audit_log_parts = 'ABIJDEFHZ' - - if $::operatingsystem == 'Ubuntu' and $::lsbdistrelease == '10.04' { - $verify_command = '/usr/sbin/apache2ctl -t' - } else { - $verify_command = '/usr/sbin/apachectl -t' - } - if $::osfamily == 'RedHat' or $::operatingsystem =~ /^[Aa]mazon$/ { - $user = 'apache' - $group = 'apache' - $root_group = 'root' - $apache_name = 'httpd' - $service_name = 'httpd' - $httpd_dir = '/etc/httpd' - $server_root = '/etc/httpd' - $conf_dir = "${httpd_dir}/conf" - $confd_dir = "${httpd_dir}/conf.d" - $mod_dir = $::apache::version::distrelease ? { - '7' => "${httpd_dir}/conf.modules.d", - default => "${httpd_dir}/conf.d", - } - $mod_enable_dir = undef - $vhost_dir = "${httpd_dir}/conf.d" - $vhost_enable_dir = undef - $conf_file = 'httpd.conf' - $ports_file = "${conf_dir}/ports.conf" - $pidfile = 'run/httpd.pid' - $logroot = '/var/log/httpd' - $logroot_mode = undef - $lib_path = 'modules' - $mpm_module = 'prefork' - $dev_packages = 'httpd-devel' - $default_ssl_cert = '/etc/pki/tls/certs/localhost.crt' - $default_ssl_key = '/etc/pki/tls/private/localhost.key' - $ssl_certs_dir = '/etc/pki/tls/certs' - $passenger_conf_file = 'passenger_extra.conf' - $passenger_conf_package_file = 'passenger.conf' - $passenger_root = undef - $passenger_ruby = undef - $passenger_default_ruby = undef - $suphp_addhandler = 'php5-script' - $suphp_engine = 'off' - $suphp_configpath = undef - $mod_packages = { - # NOTE: The auth_cas module isn't available on RH/CentOS without providing dependency packages provided by EPEL. - 'auth_cas' => 'mod_auth_cas', - 'auth_kerb' => 'mod_auth_kerb', - 'auth_mellon' => 'mod_auth_mellon', - 'authnz_ldap' => $::apache::version::distrelease ? { - '7' => 'mod_ldap', - default => 'mod_authz_ldap', - }, - 'fastcgi' => 'mod_fastcgi', - 'fcgid' => 'mod_fcgid', - 'geoip' => 'mod_geoip', - 'ldap' => $::apache::version::distrelease ? { - '7' => 'mod_ldap', - default => undef, - }, - 'pagespeed' => 'mod-pagespeed-stable', - # NOTE: The passenger module isn't available on RH/CentOS without - # providing dependency packages provided by EPEL and passenger - # repositories. See - # https://www.phusionpassenger.com/library/install/apache/install/oss/el7/ - 'passenger' => 'mod_passenger', - 'perl' => 'mod_perl', - 'php5' => $::apache::version::distrelease ? { - '5' => 'php53', - default => 'php', - }, - 'proxy_html' => 'mod_proxy_html', - 'python' => 'mod_python', - 'security' => 'mod_security', - # NOTE: The module for Shibboleth is not available on RH/CentOS without - # providing dependency packages provided by Shibboleth's repositories. - # See http://wiki.aaf.edu.au/tech-info/sp-install-guide - 'shibboleth' => 'shibboleth', - 'ssl' => 'mod_ssl', - 'wsgi' => 'mod_wsgi', - 'dav_svn' => 'mod_dav_svn', - 'suphp' => 'mod_suphp', - 'xsendfile' => 'mod_xsendfile', - 'nss' => 'mod_nss', - 'shib2' => 'shibboleth', - } - $mod_libs = { - 'php5' => 'libphp5.so', - 'nss' => 'libmodnss.so', - } - $conf_template = 'apache/httpd.conf.erb' - $keepalive = 'Off' - $keepalive_timeout = 15 - $max_keepalive_requests = 100 - $fastcgi_lib_path = undef - $mime_support_package = 'mailcap' - $mime_types_config = '/etc/mime.types' - $docroot = '/var/www/html' - $alias_icons_path = $::apache::version::distrelease ? { - '7' => '/usr/share/httpd/icons', - default => '/var/www/icons', - } - $error_documents_path = $::apache::version::distrelease ? { - '7' => '/usr/share/httpd/error', - default => '/var/www/error' - } - if $::osfamily == 'RedHat' { - $wsgi_socket_prefix = '/var/run/wsgi' - } else { - $wsgi_socket_prefix = undef - } - $cas_cookie_path = '/var/cache/mod_auth_cas/' - $mellon_lock_file = '/run/mod_auth_mellon/lock' - $mellon_cache_size = 100 - $mellon_post_directory = undef - $modsec_crs_package = 'mod_security_crs' - $modsec_crs_path = '/usr/lib/modsecurity.d' - $modsec_dir = '/etc/httpd/modsecurity.d' - $secpcrematchlimit = 1500 - $secpcrematchlimitrecursion = 1500 - $modsec_secruleengine = 'On' - $modsec_default_rules = [ - 'base_rules/modsecurity_35_bad_robots.data', - 'base_rules/modsecurity_35_scanners.data', - 'base_rules/modsecurity_40_generic_attacks.data', - 'base_rules/modsecurity_41_sql_injection_attacks.data', - 'base_rules/modsecurity_50_outbound.data', - 'base_rules/modsecurity_50_outbound_malware.data', - 'base_rules/modsecurity_crs_20_protocol_violations.conf', - 'base_rules/modsecurity_crs_21_protocol_anomalies.conf', - 'base_rules/modsecurity_crs_23_request_limits.conf', - 'base_rules/modsecurity_crs_30_http_policy.conf', - 'base_rules/modsecurity_crs_35_bad_robots.conf', - 'base_rules/modsecurity_crs_40_generic_attacks.conf', - 'base_rules/modsecurity_crs_41_sql_injection_attacks.conf', - 'base_rules/modsecurity_crs_41_xss_attacks.conf', - 'base_rules/modsecurity_crs_42_tight_security.conf', - 'base_rules/modsecurity_crs_45_trojans.conf', - 'base_rules/modsecurity_crs_47_common_exceptions.conf', - 'base_rules/modsecurity_crs_49_inbound_blocking.conf', - 'base_rules/modsecurity_crs_50_outbound.conf', - 'base_rules/modsecurity_crs_59_outbound_blocking.conf', - 'base_rules/modsecurity_crs_60_correlation.conf', - ] - } elsif $::osfamily == 'Debian' { - $user = 'www-data' - $group = 'www-data' - $root_group = 'root' - $apache_name = 'apache2' - $service_name = 'apache2' - $httpd_dir = '/etc/apache2' - $server_root = '/etc/apache2' - $conf_dir = $httpd_dir - $confd_dir = "${httpd_dir}/conf.d" - $mod_dir = "${httpd_dir}/mods-available" - $mod_enable_dir = "${httpd_dir}/mods-enabled" - $vhost_dir = "${httpd_dir}/sites-available" - $vhost_enable_dir = "${httpd_dir}/sites-enabled" - $conf_file = 'apache2.conf' - $ports_file = "${conf_dir}/ports.conf" - $pidfile = "\${APACHE_PID_FILE}" - $logroot = '/var/log/apache2' - $logroot_mode = undef - $lib_path = '/usr/lib/apache2/modules' - $mpm_module = 'worker' - $default_ssl_cert = '/etc/ssl/certs/ssl-cert-snakeoil.pem' - $default_ssl_key = '/etc/ssl/private/ssl-cert-snakeoil.key' - $ssl_certs_dir = '/etc/ssl/certs' - $suphp_addhandler = 'x-httpd-php' - $suphp_engine = 'off' - $suphp_configpath = '/etc/php5/apache2' - $mod_packages = { - 'auth_cas' => 'libapache2-mod-auth-cas', - 'auth_kerb' => 'libapache2-mod-auth-kerb', - 'auth_mellon' => 'libapache2-mod-auth-mellon', - 'dav_svn' => 'libapache2-svn', - 'fastcgi' => 'libapache2-mod-fastcgi', - 'fcgid' => 'libapache2-mod-fcgid', - 'geoip' => 'libapache2-mod-geoip', - 'nss' => 'libapache2-mod-nss', - 'pagespeed' => 'mod-pagespeed-stable', - 'passenger' => 'libapache2-mod-passenger', - 'perl' => 'libapache2-mod-perl2', - 'php5' => 'libapache2-mod-php5', - 'proxy_html' => 'libapache2-mod-proxy-html', - 'python' => 'libapache2-mod-python', - 'rpaf' => 'libapache2-mod-rpaf', - 'security' => 'libapache2-modsecurity', - 'shib2' => 'libapache2-mod-shib2', - 'suphp' => 'libapache2-mod-suphp', - 'wsgi' => 'libapache2-mod-wsgi', - 'xsendfile' => 'libapache2-mod-xsendfile', - 'shib2' => 'libapache2-mod-shib2', - } - if $::osfamily == 'Debian' and versioncmp($::operatingsystemrelease, '8') < 0 { - $shib2_lib = 'mod_shib_22.so' - } else { - $shib2_lib = 'mod_shib2.so' - } - $mod_libs = { - 'php5' => 'libphp5.so', - 'shib2' => $shib2_lib - } - $conf_template = 'apache/httpd.conf.erb' - $keepalive = 'Off' - $keepalive_timeout = 15 - $max_keepalive_requests = 100 - $fastcgi_lib_path = '/var/lib/apache2/fastcgi' - $mime_support_package = 'mime-support' - $mime_types_config = '/etc/mime.types' - if ($::operatingsystem == 'Ubuntu' and versioncmp($::operatingsystemrelease, '13.10') >= 0) or ($::operatingsystem == 'Debian' and versioncmp($::operatingsystemrelease, '8') >= 0) { - $docroot = '/var/www/html' - } else { - $docroot = '/var/www' - } - $cas_cookie_path = '/var/cache/apache2/mod_auth_cas/' - $mellon_lock_file = undef - $mellon_cache_size = undef - $mellon_post_directory = '/var/cache/apache2/mod_auth_mellon/' - $modsec_crs_package = 'modsecurity-crs' - $modsec_crs_path = '/usr/share/modsecurity-crs' - $modsec_dir = '/etc/modsecurity' - $secpcrematchlimit = 1500 - $secpcrematchlimitrecursion = 1500 - $modsec_secruleengine = 'On' - $modsec_default_rules = [ - 'base_rules/modsecurity_35_bad_robots.data', - 'base_rules/modsecurity_35_scanners.data', - 'base_rules/modsecurity_40_generic_attacks.data', - 'base_rules/modsecurity_41_sql_injection_attacks.data', - 'base_rules/modsecurity_50_outbound.data', - 'base_rules/modsecurity_50_outbound_malware.data', - 'base_rules/modsecurity_crs_20_protocol_violations.conf', - 'base_rules/modsecurity_crs_21_protocol_anomalies.conf', - 'base_rules/modsecurity_crs_23_request_limits.conf', - 'base_rules/modsecurity_crs_30_http_policy.conf', - 'base_rules/modsecurity_crs_35_bad_robots.conf', - 'base_rules/modsecurity_crs_40_generic_attacks.conf', - 'base_rules/modsecurity_crs_41_sql_injection_attacks.conf', - 'base_rules/modsecurity_crs_41_xss_attacks.conf', - 'base_rules/modsecurity_crs_42_tight_security.conf', - 'base_rules/modsecurity_crs_45_trojans.conf', - 'base_rules/modsecurity_crs_47_common_exceptions.conf', - 'base_rules/modsecurity_crs_49_inbound_blocking.conf', - 'base_rules/modsecurity_crs_50_outbound.conf', - 'base_rules/modsecurity_crs_59_outbound_blocking.conf', - 'base_rules/modsecurity_crs_60_correlation.conf', - ] - $alias_icons_path = '/usr/share/apache2/icons' - $error_documents_path = '/usr/share/apache2/error' - if ($::operatingsystem == 'Ubuntu' and versioncmp($::operatingsystemrelease, '13.10') >= 0) or ($::operatingsystem == 'Debian' and versioncmp($::operatingsystemrelease, '8') >= 0) { - $dev_packages = ['libaprutil1-dev', 'libapr1-dev', 'apache2-dev'] - } else { - $dev_packages = ['libaprutil1-dev', 'libapr1-dev', 'apache2-prefork-dev'] - } - - # - # Passenger-specific settings - # - - $passenger_conf_file = 'passenger.conf' - $passenger_conf_package_file = undef - - case $::operatingsystem { - 'Ubuntu': { - case $::lsbdistrelease { - '12.04': { - $passenger_root = '/usr' - $passenger_ruby = '/usr/bin/ruby' - $passenger_default_ruby = undef - } - '14.04': { - $passenger_root = '/usr/lib/ruby/vendor_ruby/phusion_passenger/locations.ini' - $passenger_ruby = undef - $passenger_default_ruby = '/usr/bin/ruby' - } - '16.04': { - $passenger_root = '/usr/lib/ruby/vendor_ruby/phusion_passenger/locations.ini' - $passenger_ruby = undef - $passenger_default_ruby = '/usr/bin/ruby' - } - default: { - # The following settings may or may not work on Ubuntu releases not - # supported by this module. - $passenger_root = '/usr' - $passenger_ruby = '/usr/bin/ruby' - $passenger_default_ruby = undef - } - } - } - 'Debian': { - case $::lsbdistcodename { - 'wheezy': { - $passenger_root = '/usr' - $passenger_ruby = '/usr/bin/ruby' - $passenger_default_ruby = undef - } - 'jessie': { - $passenger_root = '/usr/lib/ruby/vendor_ruby/phusion_passenger/locations.ini' - $passenger_ruby = undef - $passenger_default_ruby = '/usr/bin/ruby' - } - default: { - # The following settings may or may not work on Debian releases not - # supported by this module. - $passenger_root = '/usr' - $passenger_ruby = '/usr/bin/ruby' - $passenger_default_ruby = undef - } - } - } - } - $wsgi_socket_prefix = undef - } elsif $::osfamily == 'FreeBSD' { - $user = 'www' - $group = 'www' - $root_group = 'wheel' - $apache_name = 'apache24' - $service_name = 'apache24' - $httpd_dir = '/usr/local/etc/apache24' - $server_root = '/usr/local' - $conf_dir = $httpd_dir - $confd_dir = "${httpd_dir}/Includes" - $mod_dir = "${httpd_dir}/Modules" - $mod_enable_dir = undef - $vhost_dir = "${httpd_dir}/Vhosts" - $vhost_enable_dir = undef - $conf_file = 'httpd.conf' - $ports_file = "${conf_dir}/ports.conf" - $pidfile = '/var/run/httpd.pid' - $logroot = '/var/log/apache24' - $logroot_mode = undef - $lib_path = '/usr/local/libexec/apache24' - $mpm_module = 'prefork' - $dev_packages = undef - $default_ssl_cert = '/usr/local/etc/apache24/server.crt' - $default_ssl_key = '/usr/local/etc/apache24/server.key' - $ssl_certs_dir = '/usr/local/etc/apache24' - $passenger_conf_file = 'passenger.conf' - $passenger_conf_package_file = undef - $passenger_root = '/usr/local/lib/ruby/gems/2.0/gems/passenger-4.0.58' - $passenger_ruby = '/usr/local/bin/ruby' - $passenger_default_ruby = undef - $suphp_addhandler = 'php5-script' - $suphp_engine = 'off' - $suphp_configpath = undef - $mod_packages = { - # NOTE: I list here only modules that are not included in www/apache24 - # NOTE: 'passenger' needs to enable APACHE_SUPPORT in make config - # NOTE: 'php' needs to enable APACHE option in make config - # NOTE: 'dav_svn' needs to enable MOD_DAV_SVN make config - # NOTE: not sure where the shibboleth should come from - 'auth_kerb' => 'www/mod_auth_kerb2', - 'fcgid' => 'www/mod_fcgid', - 'passenger' => 'www/rubygem-passenger', - 'perl' => 'www/mod_perl2', - 'php5' => 'www/mod_php5', - 'proxy_html' => 'www/mod_proxy_html', - 'python' => 'www/mod_python3', - 'wsgi' => 'www/mod_wsgi', - 'dav_svn' => 'devel/subversion', - 'xsendfile' => 'www/mod_xsendfile', - 'rpaf' => 'www/mod_rpaf2', - 'shib2' => 'security/shibboleth2-sp', - } - $mod_libs = { - 'php5' => 'libphp5.so', - } - $conf_template = 'apache/httpd.conf.erb' - $keepalive = 'Off' - $keepalive_timeout = 15 - $max_keepalive_requests = 100 - $fastcgi_lib_path = undef # TODO: revisit - $mime_support_package = 'misc/mime-support' - $mime_types_config = '/usr/local/etc/mime.types' - $wsgi_socket_prefix = undef - $docroot = '/usr/local/www/apache24/data' - $alias_icons_path = '/usr/local/www/apache24/icons' - $error_documents_path = '/usr/local/www/apache24/error' - } elsif $::osfamily == 'Gentoo' { - $user = 'apache' - $group = 'apache' - $root_group = 'wheel' - $apache_name = 'www-servers/apache' - $service_name = 'apache2' - $httpd_dir = '/etc/apache2' - $server_root = '/var/www' - $conf_dir = $httpd_dir - $confd_dir = "${httpd_dir}/conf.d" - $mod_dir = "${httpd_dir}/modules.d" - $mod_enable_dir = undef - $vhost_dir = "${httpd_dir}/vhosts.d" - $vhost_enable_dir = undef - $conf_file = 'httpd.conf' - $ports_file = "${conf_dir}/ports.conf" - $logroot = '/var/log/apache2' - $logroot_mode = undef - $lib_path = '/usr/lib/apache2/modules' - $mpm_module = 'prefork' - $dev_packages = undef - $default_ssl_cert = '/etc/ssl/apache2/server.crt' - $default_ssl_key = '/etc/ssl/apache2/server.key' - $ssl_certs_dir = '/etc/ssl/apache2' - $passenger_root = '/usr' - $passenger_ruby = '/usr/bin/ruby' - $passenger_conf_file = 'passenger.conf' - $passenger_conf_package_file = undef - $passenger_default_ruby = undef - $suphp_addhandler = 'x-httpd-php' - $suphp_engine = 'off' - $suphp_configpath = '/etc/php5/apache2' - $mod_packages = { - # NOTE: I list here only modules that are not included in www-servers/apache - 'auth_kerb' => 'www-apache/mod_auth_kerb', - 'authnz_external' => 'www-apache/mod_authnz_external', - 'fcgid' => 'www-apache/mod_fcgid', - 'passenger' => 'www-apache/passenger', - 'perl' => 'www-apache/mod_perl', - 'php5' => 'dev-lang/php', - 'proxy_html' => 'www-apache/mod_proxy_html', - 'proxy_fcgi' => 'www-apache/mod_proxy_fcgi', - 'python' => 'www-apache/mod_python', - 'wsgi' => 'www-apache/mod_wsgi', - 'dav_svn' => 'dev-vcs/subversion', - 'xsendfile' => 'www-apache/mod_xsendfile', - 'rpaf' => 'www-apache/mod_rpaf', - 'xml2enc' => 'www-apache/mod_xml2enc', - } - $mod_libs = { - 'php5' => 'libphp5.so', - } - $conf_template = 'apache/httpd.conf.erb' - $keepalive = 'Off' - $keepalive_timeout = 15 - $max_keepalive_requests = 100 - $fastcgi_lib_path = undef # TODO: revisit - $mime_support_package = 'app-misc/mime-types' - $mime_types_config = '/etc/mime.types' - $wsgi_socket_prefix = undef - $docroot = '/var/www/localhost/htdocs' - $alias_icons_path = '/usr/share/apache2/icons' - $error_documents_path = '/usr/share/apache2/error' - } elsif $::osfamily == 'Suse' { - $user = 'wwwrun' - $group = 'wwwrun' - $root_group = 'root' - $apache_name = 'apache2' - $service_name = 'apache2' - $httpd_dir = '/etc/apache2' - $server_root = '/etc/apache2' - $conf_dir = $httpd_dir - $confd_dir = "${httpd_dir}/conf.d" - $mod_dir = "${httpd_dir}/mods-available" - $mod_enable_dir = "${httpd_dir}/mods-enabled" - $vhost_dir = "${httpd_dir}/sites-available" - $vhost_enable_dir = "${httpd_dir}/sites-enabled" - $conf_file = 'httpd.conf' - $ports_file = "${conf_dir}/ports.conf" - $pidfile = '/var/run/httpd2.pid' - $logroot = '/var/log/apache2' - $logroot_mode = undef - $lib_path = '/usr/lib64/apache2-prefork/' - $mpm_module = 'prefork' - $default_ssl_cert = '/etc/ssl/certs/ssl-cert-snakeoil.pem' - $default_ssl_key = '/etc/ssl/private/ssl-cert-snakeoil.key' - $ssl_certs_dir = '/etc/ssl/certs' - $suphp_addhandler = 'x-httpd-php' - $suphp_engine = 'off' - $suphp_configpath = '/etc/php5/apache2' - $mod_packages = { - 'auth_kerb' => 'apache2-mod_auth_kerb', - 'fcgid' => 'apache2-mod_fcgid', - 'perl' => 'apache2-mod_perl', - 'php5' => 'apache2-mod_php53', - 'python' => 'apache2-mod_python', - } - $mod_libs = { - 'php5' => 'libphp5.so', - } - $conf_template = 'apache/httpd.conf.erb' - $keepalive = 'Off' - $keepalive_timeout = 15 - $max_keepalive_requests = 100 - $fastcgi_lib_path = '/var/lib/apache2/fastcgi' - $mime_support_package = 'aaa_base' - $mime_types_config = '/etc/mime.types' - $docroot = '/srv/www' - $cas_cookie_path = '/var/cache/apache2/mod_auth_cas/' - $mellon_lock_file = undef - $mellon_cache_size = undef - $mellon_post_directory = undef - $alias_icons_path = '/usr/share/apache2/icons' - $error_documents_path = '/usr/share/apache2/error' - $dev_packages = ['libapr-util1-devel', 'libapr1-devel'] - - # - # Passenger-specific settings - # - - $passenger_conf_file = 'passenger.conf' - $passenger_conf_package_file = undef - - $passenger_root = '/usr' - $passenger_ruby = '/usr/bin/ruby' - $passenger_default_ruby = undef - $wsgi_socket_prefix = undef - - } else { - fail("Class['apache::params']: Unsupported osfamily: ${::osfamily}") - } -} diff --git a/apache/manifests/peruser/multiplexer.pp b/apache/manifests/peruser/multiplexer.pp deleted file mode 100644 index 97143a1d4..000000000 --- a/apache/manifests/peruser/multiplexer.pp +++ /dev/null @@ -1,17 +0,0 @@ -define apache::peruser::multiplexer ( - $user = $::apache::user, - $group = $::apache::group, - $file = undef, -) { - if ! $file { - $filename = "${name}.conf" - } else { - $filename = $file - } - file { "${::apache::mod_dir}/peruser/multiplexers/${filename}": - ensure => file, - content => "Multiplexer ${user} ${group}\n", - require => File["${::apache::mod_dir}/peruser/multiplexers"], - notify => Class['apache::service'], - } -} diff --git a/apache/manifests/peruser/processor.pp b/apache/manifests/peruser/processor.pp deleted file mode 100644 index 30de61d7c..000000000 --- a/apache/manifests/peruser/processor.pp +++ /dev/null @@ -1,17 +0,0 @@ -define apache::peruser::processor ( - $user, - $group, - $file = undef, -) { - if ! $file { - $filename = "${name}.conf" - } else { - $filename = $file - } - file { "${::apache::mod_dir}/peruser/processors/${filename}": - ensure => file, - content => "Processor ${user} ${group}\n", - require => File["${::apache::mod_dir}/peruser/processors"], - notify => Class['apache::service'], - } -} diff --git a/apache/manifests/php.pp b/apache/manifests/php.pp deleted file mode 100644 index 9fa9c682e..000000000 --- a/apache/manifests/php.pp +++ /dev/null @@ -1,18 +0,0 @@ -# Class: apache::php -# -# This class installs PHP for Apache -# -# Parameters: -# - $php_package -# -# Actions: -# - Install Apache PHP package -# -# Requires: -# -# Sample Usage: -# -class apache::php { - warning('apache::php is deprecated; please use apache::mod::php') - include ::apache::mod::php -} diff --git a/apache/manifests/proxy.pp b/apache/manifests/proxy.pp deleted file mode 100644 index 050f36c27..000000000 --- a/apache/manifests/proxy.pp +++ /dev/null @@ -1,15 +0,0 @@ -# Class: apache::proxy -# -# This class enabled the proxy module for Apache -# -# Actions: -# - Enables Apache Proxy module -# -# Requires: -# -# Sample Usage: -# -class apache::proxy { - warning('apache::proxy is deprecated; please use apache::mod::proxy') - include ::apache::mod::proxy -} diff --git a/apache/manifests/python.pp b/apache/manifests/python.pp deleted file mode 100644 index 723a753f8..000000000 --- a/apache/manifests/python.pp +++ /dev/null @@ -1,18 +0,0 @@ -# Class: apache::python -# -# This class installs Python for Apache -# -# Parameters: -# - $php_package -# -# Actions: -# - Install Apache Python package -# -# Requires: -# -# Sample Usage: -# -class apache::python { - warning('apache::python is deprecated; please use apache::mod::python') - include ::apache::mod::python -} diff --git a/apache/manifests/security/rule_link.pp b/apache/manifests/security/rule_link.pp deleted file mode 100644 index a56a2d97f..000000000 --- a/apache/manifests/security/rule_link.pp +++ /dev/null @@ -1,13 +0,0 @@ -define apache::security::rule_link () { - - $parts = split($title, '/') - $filename = $parts[-1] - - file { $filename: - ensure => 'link', - path => "${::apache::mod::security::modsec_dir}/activated_rules/${filename}", - target => "${::apache::params::modsec_crs_path}/${title}", - require => File["${::apache::mod::security::modsec_dir}/activated_rules"], - notify => Class['apache::service'], - } -} diff --git a/apache/manifests/service.pp b/apache/manifests/service.pp deleted file mode 100644 index 708027921..000000000 --- a/apache/manifests/service.pp +++ /dev/null @@ -1,49 +0,0 @@ -# Class: apache::service -# -# Manages the Apache daemon -# -# Parameters: -# -# Actions: -# - Manage Apache service -# -# Requires: -# -# Sample Usage: -# -# sometype { 'foo': -# notify => Class['apache::service'], -# } -# -# -class apache::service ( - $service_name = $::apache::params::service_name, - $service_enable = true, - $service_ensure = 'running', - $service_manage = true, - $service_restart = undef -) { - # The base class must be included first because parameter defaults depend on it - if ! defined(Class['apache::params']) { - fail('You must include the apache::params class before using any apache defined resources') - } - validate_bool($service_enable) - validate_bool($service_manage) - - case $service_ensure { - true, false, 'running', 'stopped': { - $_service_ensure = $service_ensure - } - default: { - $_service_ensure = undef - } - } - if $service_manage { - service { 'httpd': - ensure => $_service_ensure, - name => $service_name, - enable => $service_enable, - restart => $service_restart - } - } -} diff --git a/apache/manifests/ssl.pp b/apache/manifests/ssl.pp deleted file mode 100644 index d0b36593d..000000000 --- a/apache/manifests/ssl.pp +++ /dev/null @@ -1,18 +0,0 @@ -# Class: apache::ssl -# -# This class installs Apache SSL capabilities -# -# Parameters: -# - The $ssl_package name from the apache::params class -# -# Actions: -# - Install Apache SSL capabilities -# -# Requires: -# -# Sample Usage: -# -class apache::ssl { - warning('apache::ssl is deprecated; please use apache::mod::ssl') - include ::apache::mod::ssl -} diff --git a/apache/manifests/version.pp b/apache/manifests/version.pp deleted file mode 100644 index 527dc6d38..000000000 --- a/apache/manifests/version.pp +++ /dev/null @@ -1,45 +0,0 @@ -# Class: apache::version -# -# Try to automatically detect the version by OS -# -class apache::version { - # This will be 5 or 6 on RedHat, 6 or wheezy on Debian, 12 or quantal on Ubuntu, etc. - $osr_array = split($::operatingsystemrelease,'[\/\.]') - $distrelease = $osr_array[0] - if ! $distrelease { - fail("Class['apache::version']: Unparsable \$::operatingsystemrelease: ${::operatingsystemrelease}") - } - - case $::osfamily { - 'RedHat': { - if ($::operatingsystem == 'Amazon') { - $default = '2.2' - } elsif ($::operatingsystem == 'Fedora' and versioncmp($distrelease, '18') >= 0) or ($::operatingsystem != 'Fedora' and versioncmp($distrelease, '7') >= 0) { - $default = '2.4' - } else { - $default = '2.2' - } - } - 'Debian': { - if $::operatingsystem == 'Ubuntu' and versioncmp($::operatingsystemrelease, '13.10') >= 0 { - $default = '2.4' - } elsif $::operatingsystem == 'Debian' and versioncmp($distrelease, '8') >= 0 { - $default = '2.4' - } else { - $default = '2.2' - } - } - 'FreeBSD': { - $default = '2.4' - } - 'Gentoo': { - $default = '2.4' - } - 'Suse': { - $default = '2.2' - } - default: { - fail("Class['apache::version']: Unsupported osfamily: ${::osfamily}") - } - } -} diff --git a/apache/manifests/vhost.pp b/apache/manifests/vhost.pp deleted file mode 100644 index a02e25f14..000000000 --- a/apache/manifests/vhost.pp +++ /dev/null @@ -1,1018 +0,0 @@ -# See README.md for usage information -define apache::vhost( - $docroot, - $manage_docroot = true, - $virtual_docroot = false, - $port = undef, - $ip = undef, - $ip_based = false, - $add_listen = true, - $docroot_owner = 'root', - $docroot_group = $::apache::params::root_group, - $docroot_mode = undef, - $serveradmin = undef, - $ssl = false, - $ssl_cert = $::apache::default_ssl_cert, - $ssl_key = $::apache::default_ssl_key, - $ssl_chain = $::apache::default_ssl_chain, - $ssl_ca = $::apache::default_ssl_ca, - $ssl_crl_path = $::apache::default_ssl_crl_path, - $ssl_crl = $::apache::default_ssl_crl, - $ssl_crl_check = $::apache::default_ssl_crl_check, - $ssl_certs_dir = $::apache::params::ssl_certs_dir, - $ssl_protocol = undef, - $ssl_cipher = undef, - $ssl_honorcipherorder = undef, - $ssl_verify_client = undef, - $ssl_verify_depth = undef, - $ssl_proxy_verify = undef, - $ssl_proxy_check_peer_cn = undef, - $ssl_proxy_check_peer_name = undef, - $ssl_proxy_machine_cert = undef, - $ssl_proxy_protocol = undef, - $ssl_options = undef, - $ssl_openssl_conf_cmd = undef, - $ssl_proxyengine = false, - $priority = undef, - $default_vhost = false, - $servername = $name, - $serveraliases = [], - $options = ['Indexes','FollowSymLinks','MultiViews'], - $override = ['None'], - $directoryindex = '', - $vhost_name = '*', - $logroot = $::apache::logroot, - $logroot_ensure = 'directory', - $logroot_mode = undef, - $logroot_owner = undef, - $logroot_group = undef, - $log_level = undef, - $access_log = true, - $access_log_file = false, - $access_log_pipe = false, - $access_log_syslog = false, - $access_log_format = false, - $access_log_env_var = false, - $access_logs = undef, - $aliases = undef, - $directories = undef, - $error_log = true, - $error_log_file = undef, - $error_log_pipe = undef, - $error_log_syslog = undef, - $error_documents = [], - $fallbackresource = undef, - $scriptalias = undef, - $scriptaliases = [], - $proxy_dest = undef, - $proxy_dest_match = undef, - $proxy_dest_reverse_match = undef, - $proxy_pass = undef, - $proxy_pass_match = undef, - $suphp_addhandler = $::apache::params::suphp_addhandler, - $suphp_engine = $::apache::params::suphp_engine, - $suphp_configpath = $::apache::params::suphp_configpath, - $php_flags = {}, - $php_values = {}, - $php_admin_flags = {}, - $php_admin_values = {}, - $no_proxy_uris = [], - $no_proxy_uris_match = [], - $proxy_preserve_host = false, - $proxy_error_override = false, - $redirect_source = '/', - $redirect_dest = undef, - $redirect_status = undef, - $redirectmatch_status = undef, - $redirectmatch_regexp = undef, - $redirectmatch_dest = undef, - $rack_base_uris = undef, - $passenger_base_uris = undef, - $headers = undef, - $request_headers = undef, - $filters = undef, - $rewrites = undef, - $rewrite_base = undef, - $rewrite_rule = undef, - $rewrite_cond = undef, - $setenv = [], - $setenvif = [], - $block = [], - $ensure = 'present', - $wsgi_application_group = undef, - $wsgi_daemon_process = undef, - $wsgi_daemon_process_options = undef, - $wsgi_import_script = undef, - $wsgi_import_script_options = undef, - $wsgi_process_group = undef, - $wsgi_script_aliases = undef, - $wsgi_pass_authorization = undef, - $wsgi_chunked_request = undef, - $custom_fragment = undef, - $itk = undef, - $action = undef, - $fastcgi_server = undef, - $fastcgi_socket = undef, - $fastcgi_dir = undef, - $additional_includes = [], - $use_optional_includes = $::apache::use_optional_includes, - $apache_version = $::apache::apache_version, - $allow_encoded_slashes = undef, - $suexec_user_group = undef, - $passenger_app_root = undef, - $passenger_app_env = undef, - $passenger_ruby = undef, - $passenger_min_instances = undef, - $passenger_start_timeout = undef, - $passenger_pre_start = undef, - $passenger_user = undef, - $add_default_charset = undef, - $modsec_disable_vhost = undef, - $modsec_disable_ids = undef, - $modsec_disable_ips = undef, - $modsec_body_limit = undef, - $jk_mounts = undef, - $auth_kerb = false, - $krb_method_negotiate = 'on', - $krb_method_k5passwd = 'on', - $krb_authoritative = 'on', - $krb_auth_realms = [], - $krb_5keytab = undef, - $krb_local_user_mapping = undef, - $krb_verify_kdc = 'on', - $krb_servicename = 'HTTP', - $krb_save_credentials = 'off', -) { - # The base class must be included first because it is used by parameter defaults - if ! defined(Class['apache']) { - fail('You must include the apache base class before using any apache defined resources') - } - - $apache_name = $::apache::apache_name - - validate_re($ensure, '^(present|absent)$', - "${ensure} is not supported for ensure. - Allowed values are 'present' and 'absent'.") - validate_re($suphp_engine, '^(on|off)$', - "${suphp_engine} is not supported for suphp_engine. - Allowed values are 'on' and 'off'.") - validate_bool($ip_based) - validate_bool($access_log) - validate_bool($error_log) - validate_bool($ssl) - validate_bool($default_vhost) - validate_bool($ssl_proxyengine) - if $rewrites { - validate_array($rewrites) - unless empty($rewrites) { - validate_hash($rewrites[0]) - } - } - - # Input validation begins - - if $suexec_user_group { - validate_re($suexec_user_group, '^[\w-]+ [\w-]+$', - "${suexec_user_group} is not supported for suexec_user_group. Must be 'user group'.") - } - - if $wsgi_pass_authorization { - validate_re(downcase($wsgi_pass_authorization), '^(on|off)$', - "${wsgi_pass_authorization} is not supported for wsgi_pass_authorization. - Allowed values are 'on' and 'off'.") - } - - # Deprecated backwards-compatibility - if $rewrite_base { - warning('Apache::Vhost: parameter rewrite_base is deprecated in favor of rewrites') - } - if $rewrite_rule { - warning('Apache::Vhost: parameter rewrite_rule is deprecated in favor of rewrites') - } - if $rewrite_cond { - warning('Apache::Vhost parameter rewrite_cond is deprecated in favor of rewrites') - } - - if $wsgi_script_aliases { - validate_hash($wsgi_script_aliases) - } - if $wsgi_daemon_process_options { - validate_hash($wsgi_daemon_process_options) - } - if $wsgi_import_script_options { - validate_hash($wsgi_import_script_options) - } - if $itk { - validate_hash($itk) - } - - validate_re($logroot_ensure, '^(directory|absent)$', - "${logroot_ensure} is not supported for logroot_ensure. - Allowed values are 'directory' and 'absent'.") - - if $log_level { - validate_apache_log_level($log_level) - } - - if $access_log_file and $access_log_pipe { - fail("Apache::Vhost[${name}]: 'access_log_file' and 'access_log_pipe' cannot be defined at the same time") - } - - if $error_log_file and $error_log_pipe { - fail("Apache::Vhost[${name}]: 'error_log_file' and 'error_log_pipe' cannot be defined at the same time") - } - - if $fallbackresource { - validate_re($fallbackresource, '^/|disabled', 'Please make sure fallbackresource starts with a / (or is "disabled")') - } - - if $custom_fragment { - validate_string($custom_fragment) - } - - if $allow_encoded_slashes { - validate_re($allow_encoded_slashes, '(^on$|^off$|^nodecode$)', "${allow_encoded_slashes} is not permitted for allow_encoded_slashes. Allowed values are 'on', 'off' or 'nodecode'.") - } - - validate_bool($auth_kerb) - - # Validate the docroot as a string if: - # - $manage_docroot is true - if $manage_docroot { - validate_string($docroot) - } - - if $ssl_proxy_verify { - validate_re($ssl_proxy_verify,'^(none|optional|require|optional_no_ca)$',"${ssl_proxy_verify} is not permitted for ssl_proxy_verify. Allowed values are 'none', 'optional', 'require' or 'optional_no_ca'.") - } - - if $ssl_proxy_check_peer_cn { - validate_re($ssl_proxy_check_peer_cn,'(^on$|^off$)',"${ssl_proxy_check_peer_cn} is not permitted for ssl_proxy_check_peer_cn. Allowed values are 'on' or 'off'.") - } - if $ssl_proxy_check_peer_name { - validate_re($ssl_proxy_check_peer_name,'(^on$|^off$)',"${ssl_proxy_check_peer_name} is not permitted for ssl_proxy_check_peer_name. Allowed values are 'on' or 'off'.") - } - - # Input validation ends - - if $ssl and $ensure == 'present' { - include ::apache::mod::ssl - # Required for the AddType lines. - include ::apache::mod::mime - } - - if $auth_kerb and $ensure == 'present' { - include ::apache::mod::auth_kerb - } - - if $virtual_docroot { - include ::apache::mod::vhost_alias - } - - if $wsgi_daemon_process { - include ::apache::mod::wsgi - } - - if $suexec_user_group { - include ::apache::mod::suexec - } - - if $passenger_app_root or $passenger_app_env or $passenger_ruby or $passenger_min_instances or $passenger_start_timeout or $passenger_pre_start or $passenger_user { - include ::apache::mod::passenger - } - - # Configure the defaultness of a vhost - if $priority { - $priority_real = "${priority}-" - } elsif $priority == false { - $priority_real = '' - } elsif $default_vhost { - $priority_real = '10-' - } else { - $priority_real = '25-' - } - - ## Apache include does not always work with spaces in the filename - $filename = regsubst($name, ' ', '_', 'G') - - # This ensures that the docroot exists - # But enables it to be specified across multiple vhost resources - if $manage_docroot and $docroot and ! defined(File[$docroot]) { - file { $docroot: - ensure => directory, - owner => $docroot_owner, - group => $docroot_group, - mode => $docroot_mode, - require => Package['httpd'], - before => Concat["${priority_real}${filename}.conf"], - } - } - - # Same as above, but for logroot - if ! defined(File[$logroot]) { - file { $logroot: - ensure => $logroot_ensure, - owner => $logroot_owner, - group => $logroot_group, - mode => $logroot_mode, - require => Package['httpd'], - before => Concat["${priority_real}${filename}.conf"], - } - } - - - # Is apache::mod::passenger enabled (or apache::mod['passenger']) - $passenger_enabled = defined(Apache::Mod['passenger']) - - # Is apache::mod::shib enabled (or apache::mod['shib2']) - $shibboleth_enabled = defined(Apache::Mod['shib2']) - - if $access_log and !$access_logs { - if $access_log_file { - $_logs_dest = "${logroot}/${access_log_file}" - } elsif $access_log_pipe { - $_logs_dest = $access_log_pipe - } elsif $access_log_syslog { - $_logs_dest = $access_log_syslog - } else { - $_logs_dest = undef - } - $_access_logs = [{ - 'file' => $access_log_file, - 'pipe' => $access_log_pipe, - 'syslog' => $access_log_syslog, - 'format' => $access_log_format, - 'env' => $access_log_env_var - }] - } elsif $access_logs { - if !is_array($access_logs) { - fail("Apache::Vhost[${name}]: access_logs must be an array of hashes") - } - $_access_logs = $access_logs - } - - if $error_log_file { - $error_log_destination = "${logroot}/${error_log_file}" - } elsif $error_log_pipe { - $error_log_destination = $error_log_pipe - } elsif $error_log_syslog { - $error_log_destination = $error_log_syslog - } else { - if $ssl { - $error_log_destination = "${logroot}/${name}_error_ssl.log" - } else { - $error_log_destination = "${logroot}/${name}_error.log" - } - } - - if $ip { - $_ip = enclose_ipv6($ip) - if $port { - $listen_addr_port = suffix(any2array($_ip),":${port}") - $nvh_addr_port = suffix(any2array($_ip),":${port}") - } else { - $listen_addr_port = undef - $nvh_addr_port = $_ip - if ! $servername and ! $ip_based { - fail("Apache::Vhost[${name}]: must pass 'ip' and/or 'port' parameters for name-based vhosts") - } - } - } else { - if $port { - $listen_addr_port = $port - $nvh_addr_port = "${vhost_name}:${port}" - } else { - $listen_addr_port = undef - $nvh_addr_port = $name - if ! $servername { - fail("Apache::Vhost[${name}]: must pass 'ip' and/or 'port' parameters, and/or 'servername' parameter") - } - } - } - if $add_listen { - if $ip and defined(Apache::Listen["${port}"]) { - fail("Apache::Vhost[${name}]: Mixing IP and non-IP Listen directives is not possible; check the add_listen parameter of the apache::vhost define to disable this") - } - if $listen_addr_port and $ensure == 'present' { - ensure_resource('apache::listen', $listen_addr_port) - } - } - if ! $ip_based { - if $ensure == 'present' and (versioncmp($apache_version, '2.4') < 0) { - ensure_resource('apache::namevirtualhost', $nvh_addr_port) - } - } - - # Load mod_rewrite if needed and not yet loaded - if $rewrites or $rewrite_cond { - if ! defined(Class['apache::mod::rewrite']) { - include ::apache::mod::rewrite - } - } - - # Load mod_alias if needed and not yet loaded - if ($scriptalias or $scriptaliases != []) or ($aliases and $aliases != []) or ($redirect_source and $redirect_dest) { - if ! defined(Class['apache::mod::alias']) and ($ensure == 'present') { - include ::apache::mod::alias - } - } - - # Load mod_proxy if needed and not yet loaded - if ($proxy_dest or $proxy_pass or $proxy_pass_match or $proxy_dest_match) { - if ! defined(Class['apache::mod::proxy']) { - include ::apache::mod::proxy - } - if ! defined(Class['apache::mod::proxy_http']) { - include ::apache::mod::proxy_http - } - } - - # Load mod_passenger if needed and not yet loaded - if $rack_base_uris { - if ! defined(Class['apache::mod::passenger']) { - include ::apache::mod::passenger - } - } - - # Load mod_passenger if needed and not yet loaded - if $passenger_base_uris { - include ::apache::mod::passenger - } - - # Load mod_fastci if needed and not yet loaded - if $fastcgi_server and $fastcgi_socket { - if ! defined(Class['apache::mod::fastcgi']) { - include ::apache::mod::fastcgi - } - } - - # Check if mod_headers is required to process $headers/$request_headers - if $headers or $request_headers { - if ! defined(Class['apache::mod::headers']) { - include ::apache::mod::headers - } - } - - # Check if mod_filter is required to process $filters - if $filters { - if ! defined(Class['apache::mod::filter']) { - include ::apache::mod::filter - } - } - - if ($setenv and ! empty($setenv)) or ($setenvif and ! empty($setenvif)) { - if ! defined(Class['apache::mod::setenvif']) { - include ::apache::mod::setenvif - } - } - - ## Create a default directory list if none defined - if $directories { - if !is_hash($directories) and !(is_array($directories) and is_hash($directories[0])) { - fail("Apache::Vhost[${name}]: 'directories' must be either a Hash or an Array of Hashes") - } - $_directories = $directories - } elsif $docroot { - $_directory = { - provider => 'directory', - path => $docroot, - options => $options, - allow_override => $override, - directoryindex => $directoryindex, - } - - if versioncmp($apache_version, '2.4') >= 0 { - $_directory_version = { - require => 'all granted', - } - } else { - $_directory_version = { - order => 'allow,deny', - allow => 'from all', - } - } - - $_directories = [ merge($_directory, $_directory_version) ] - } - - ## Create a global LocationMatch if locations aren't defined - if $modsec_disable_ids { - if is_hash($modsec_disable_ids) { - $_modsec_disable_ids = $modsec_disable_ids - } elsif is_array($modsec_disable_ids) { - $_modsec_disable_ids = { '.*' => $modsec_disable_ids } - } else { - fail("Apache::Vhost[${name}]: 'modsec_disable_ids' must be either a Hash of location/IDs or an Array of IDs") - } - } - - concat { "${priority_real}${filename}.conf": - ensure => $ensure, - path => "${::apache::vhost_dir}/${priority_real}${filename}.conf", - owner => 'root', - group => $::apache::params::root_group, - mode => $::apache::file_mode, - order => 'numeric', - require => Package['httpd'], - notify => Class['apache::service'], - } - # NOTE(pabelanger): This code is duplicated in ::apache::vhost::custom and - # needs to be converted into something generic. - if $::apache::vhost_enable_dir { - $vhost_enable_dir = $::apache::vhost_enable_dir - $vhost_symlink_ensure = $ensure ? { - present => link, - default => $ensure, - } - file{ "${priority_real}${filename}.conf symlink": - ensure => $vhost_symlink_ensure, - path => "${vhost_enable_dir}/${priority_real}${filename}.conf", - target => "${::apache::vhost_dir}/${priority_real}${filename}.conf", - owner => 'root', - group => $::apache::params::root_group, - mode => $::apache::file_mode, - require => Concat["${priority_real}${filename}.conf"], - notify => Class['apache::service'], - } - } - - # Template uses: - # - $nvh_addr_port - # - $servername - # - $serveradmin - concat::fragment { "${name}-apache-header": - target => "${priority_real}${filename}.conf", - order => 0, - content => template('apache/vhost/_file_header.erb'), - } - - # Template uses: - # - $virtual_docroot - # - $docroot - if $docroot { - concat::fragment { "${name}-docroot": - target => "${priority_real}${filename}.conf", - order => 10, - content => template('apache/vhost/_docroot.erb'), - } - } - - # Template uses: - # - $aliases - if $aliases and ! empty($aliases) { - concat::fragment { "${name}-aliases": - target => "${priority_real}${filename}.conf", - order => 20, - content => template('apache/vhost/_aliases.erb'), - } - } - - # Template uses: - # - $itk - # - $::kernelversion - if $itk and ! empty($itk) { - concat::fragment { "${name}-itk": - target => "${priority_real}${filename}.conf", - order => 30, - content => template('apache/vhost/_itk.erb'), - } - } - - # Template uses: - # - $fallbackresource - if $fallbackresource { - concat::fragment { "${name}-fallbackresource": - target => "${priority_real}${filename}.conf", - order => 40, - content => template('apache/vhost/_fallbackresource.erb'), - } - } - - # Template uses: - # - $allow_encoded_slashes - if $allow_encoded_slashes { - concat::fragment { "${name}-allow_encoded_slashes": - target => "${priority_real}${filename}.conf", - order => 50, - content => template('apache/vhost/_allow_encoded_slashes.erb'), - } - } - - # Template uses: - # - $_directories - # - $docroot - # - $apache_version - # - $suphp_engine - # - $shibboleth_enabled - if $_directories and ! empty($_directories) { - concat::fragment { "${name}-directories": - target => "${priority_real}${filename}.conf", - order => 60, - content => template('apache/vhost/_directories.erb'), - } - } - - # Template uses: - # - $additional_includes - if $additional_includes and ! empty($additional_includes) { - concat::fragment { "${name}-additional_includes": - target => "${priority_real}${filename}.conf", - order => 70, - content => template('apache/vhost/_additional_includes.erb'), - } - } - - # Template uses: - # - $error_log - # - $log_level - # - $error_log_destination - # - $log_level - if $error_log or $log_level { - concat::fragment { "${name}-logging": - target => "${priority_real}${filename}.conf", - order => 80, - content => template('apache/vhost/_logging.erb'), - } - } - - # Template uses no variables - concat::fragment { "${name}-serversignature": - target => "${priority_real}${filename}.conf", - order => 90, - content => template('apache/vhost/_serversignature.erb'), - } - - # Template uses: - # - $access_log - # - $_access_log_env_var - # - $access_log_destination - # - $_access_log_format - # - $_access_log_env_var - # - $access_logs - if $access_log or $access_logs { - concat::fragment { "${name}-access_log": - target => "${priority_real}${filename}.conf", - order => 100, - content => template('apache/vhost/_access_log.erb'), - } - } - - # Template uses: - # - $action - if $action { - concat::fragment { "${name}-action": - target => "${priority_real}${filename}.conf", - order => 110, - content => template('apache/vhost/_action.erb'), - } - } - - # Template uses: - # - $block - # - $apache_version - if $block and ! empty($block) { - concat::fragment { "${name}-block": - target => "${priority_real}${filename}.conf", - order => 120, - content => template('apache/vhost/_block.erb'), - } - } - - # Template uses: - # - $error_documents - if $error_documents and ! empty($error_documents) { - concat::fragment { "${name}-error_document": - target => "${priority_real}${filename}.conf", - order => 130, - content => template('apache/vhost/_error_document.erb'), - } - } - - # Template uses: - # - $headers - if $headers and ! empty($headers) { - concat::fragment { "${name}-header": - target => "${priority_real}${filename}.conf", - order => 140, - content => template('apache/vhost/_header.erb'), - } - } - - # Template uses: - # - $request_headers - if $request_headers and ! empty($request_headers) { - concat::fragment { "${name}-requestheader": - target => "${priority_real}${filename}.conf", - order => 150, - content => template('apache/vhost/_requestheader.erb'), - } - } - - # Template uses: - # - $proxy_dest - # - $proxy_pass - # - $proxy_pass_match - # - $proxy_preserve_host - # - $no_proxy_uris - if $proxy_dest or $proxy_pass or $proxy_pass_match or $proxy_dest_match { - concat::fragment { "${name}-proxy": - target => "${priority_real}${filename}.conf", - order => 160, - content => template('apache/vhost/_proxy.erb'), - } - } - - # Template uses: - # - $rack_base_uris - if $rack_base_uris { - concat::fragment { "${name}-rack": - target => "${priority_real}${filename}.conf", - order => 170, - content => template('apache/vhost/_rack.erb'), - } - } - - # Template uses: - # - $passenger_base_uris - if $passenger_base_uris { - concat::fragment { "${name}-passenger_uris": - target => "${priority_real}${filename}.conf", - order => 175, - content => template('apache/vhost/_passenger_base_uris.erb'), - } - } - - # Template uses: - # - $redirect_source - # - $redirect_dest - # - $redirect_status - # - $redirect_dest_a - # - $redirect_source_a - # - $redirect_status_a - # - $redirectmatch_status - # - $redirectmatch_regexp - # - $redirectmatch_dest - # - $redirectmatch_status_a - # - $redirectmatch_regexp_a - # - $redirectmatch_dest - if ($redirect_source and $redirect_dest) or ($redirectmatch_regexp and $redirectmatch_dest) { - concat::fragment { "${name}-redirect": - target => "${priority_real}${filename}.conf", - order => 180, - content => template('apache/vhost/_redirect.erb'), - } - } - - # Template uses: - # - $rewrites - # - $rewrite_base - # - $rewrite_rule - # - $rewrite_cond - # - $rewrite_map - if $rewrites or $rewrite_rule { - concat::fragment { "${name}-rewrite": - target => "${priority_real}${filename}.conf", - order => 190, - content => template('apache/vhost/_rewrite.erb'), - } - } - - # Template uses: - # - $scriptaliases - # - $scriptalias - if ( $scriptalias or $scriptaliases != [] ) { - concat::fragment { "${name}-scriptalias": - target => "${priority_real}${filename}.conf", - order => 200, - content => template('apache/vhost/_scriptalias.erb'), - } - } - - # Template uses: - # - $serveraliases - if $serveraliases and ! empty($serveraliases) { - concat::fragment { "${name}-serveralias": - target => "${priority_real}${filename}.conf", - order => 210, - content => template('apache/vhost/_serveralias.erb'), - } - } - - # Template uses: - # - $setenv - # - $setenvif - if ($setenv and ! empty($setenv)) or ($setenvif and ! empty($setenvif)) { - concat::fragment { "${name}-setenv": - target => "${priority_real}${filename}.conf", - order => 220, - content => template('apache/vhost/_setenv.erb'), - } - } - - # Template uses: - # - $ssl - # - $ssl_cert - # - $ssl_key - # - $ssl_chain - # - $ssl_certs_dir - # - $ssl_ca - # - $ssl_crl_path - # - $ssl_crl - # - $ssl_crl_check - # - $ssl_protocol - # - $ssl_cipher - # - $ssl_honorcipherorder - # - $ssl_verify_client - # - $ssl_verify_depth - # - $ssl_options - # - $ssl_openssl_conf_cmd - # - $apache_version - if $ssl { - concat::fragment { "${name}-ssl": - target => "${priority_real}${filename}.conf", - order => 230, - content => template('apache/vhost/_ssl.erb'), - } - } - - # Template uses: - # - $ssl_proxyengine - # - $ssl_proxy_verify - # - $ssl_proxy_check_peer_cn - # - $ssl_proxy_check_peer_name - # - $ssl_proxy_machine_cert - # - $ssl_proxy_protocol - if $ssl_proxyengine { - concat::fragment { "${name}-sslproxy": - target => "${priority_real}${filename}.conf", - order => 230, - content => template('apache/vhost/_sslproxy.erb'), - } - } - - # Template uses: - # - $auth_kerb - # - $krb_method_negotiate - # - $krb_method_k5passwd - # - $krb_authoritative - # - $krb_auth_realms - # - $krb_5keytab - # - $krb_local_user_mapping - if $auth_kerb { - concat::fragment { "${name}-auth_kerb": - target => "${priority_real}${filename}.conf", - order => 230, - content => template('apache/vhost/_auth_kerb.erb'), - } - } - - # Template uses: - # - $suphp_engine - # - $suphp_addhandler - # - $suphp_configpath - if $suphp_engine == 'on' { - concat::fragment { "${name}-suphp": - target => "${priority_real}${filename}.conf", - order => 240, - content => template('apache/vhost/_suphp.erb'), - } - } - - # Template uses: - # - $php_values - # - $php_flags - if ($php_values and ! empty($php_values)) or ($php_flags and ! empty($php_flags)) { - concat::fragment { "${name}-php": - target => "${priority_real}${filename}.conf", - order => 240, - content => template('apache/vhost/_php.erb'), - } - } - - # Template uses: - # - $php_admin_values - # - $php_admin_flags - if ($php_admin_values and ! empty($php_admin_values)) or ($php_admin_flags and ! empty($php_admin_flags)) { - concat::fragment { "${name}-php_admin": - target => "${priority_real}${filename}.conf", - order => 250, - content => template('apache/vhost/_php_admin.erb'), - } - } - - # Template uses: - # - $wsgi_application_group - # - $wsgi_daemon_process - # - $wsgi_daemon_process_options - # - $wsgi_import_script - # - $wsgi_import_script_options - # - $wsgi_process_group - # - $wsgi_script_aliases - # - $wsgi_pass_authorization - if $wsgi_application_group or $wsgi_daemon_process or ($wsgi_import_script and $wsgi_import_script_options) or $wsgi_process_group or ($wsgi_script_aliases and ! empty($wsgi_script_aliases)) or $wsgi_pass_authorization { - concat::fragment { "${name}-wsgi": - target => "${priority_real}${filename}.conf", - order => 260, - content => template('apache/vhost/_wsgi.erb'), - } - } - - # Template uses: - # - $custom_fragment - if $custom_fragment { - concat::fragment { "${name}-custom_fragment": - target => "${priority_real}${filename}.conf", - order => 270, - content => template('apache/vhost/_custom_fragment.erb'), - } - } - - # Template uses: - # - $fastcgi_server - # - $fastcgi_socket - # - $fastcgi_dir - # - $apache_version - if $fastcgi_server or $fastcgi_dir { - concat::fragment { "${name}-fastcgi": - target => "${priority_real}${filename}.conf", - order => 280, - content => template('apache/vhost/_fastcgi.erb'), - } - } - - # Template uses: - # - $suexec_user_group - if $suexec_user_group { - concat::fragment { "${name}-suexec": - target => "${priority_real}${filename}.conf", - order => 290, - content => template('apache/vhost/_suexec.erb'), - } - } - - # Template uses: - # - $passenger_app_root - # - $passenger_app_env - # - $passenger_ruby - # - $passenger_min_instances - # - $passenger_start_timeout - # - $passenger_pre_start - # - $passenger_user - if $passenger_app_root or $passenger_app_env or $passenger_ruby or $passenger_min_instances or $passenger_start_timeout or $passenger_pre_start or $passenger_user { - concat::fragment { "${name}-passenger": - target => "${priority_real}${filename}.conf", - order => 300, - content => template('apache/vhost/_passenger.erb'), - } - } - - # Template uses: - # - $add_default_charset - if $add_default_charset { - concat::fragment { "${name}-charsets": - target => "${priority_real}${filename}.conf", - order => 310, - content => template('apache/vhost/_charsets.erb'), - } - } - - # Template uses: - # - $modsec_disable_vhost - # - $modsec_disable_ids - # - $modsec_disable_ips - # - $modsec_body_limit - if $modsec_disable_vhost or $modsec_disable_ids or $modsec_disable_ips { - concat::fragment { "${name}-security": - target => "${priority_real}${filename}.conf", - order => 320, - content => template('apache/vhost/_security.erb') - } - } - - # Template uses: - # - $filters - if $filters and ! empty($filters) { - concat::fragment { "${name}-filters": - target => "${priority_real}${filename}.conf", - order => 330, - content => template('apache/vhost/_filters.erb'), - } - } - - # Template uses: - # - $jk_mounts - if $jk_mounts and ! empty($jk_mounts) { - concat::fragment { "${name}-jk_mounts": - target => "${priority_real}${filename}.conf", - order => 340, - content => template('apache/vhost/_jk_mounts.erb'), - } - } - - # Template uses no variables - concat::fragment { "${name}-file_footer": - target => "${priority_real}${filename}.conf", - order => 999, - content => template('apache/vhost/_file_footer.erb'), - } -} diff --git a/apache/manifests/vhost/custom.pp b/apache/manifests/vhost/custom.pp deleted file mode 100644 index 12567f5db..000000000 --- a/apache/manifests/vhost/custom.pp +++ /dev/null @@ -1,37 +0,0 @@ -# See README.md for usage information -define apache::vhost::custom( - $content, - $ensure = 'present', - $priority = '25', -) { - include ::apache - - ## Apache include does not always work with spaces in the filename - $filename = regsubst($name, ' ', '_', 'G') - - ::apache::custom_config { $filename: - ensure => $ensure, - confdir => $::apache::vhost_dir, - content => $content, - priority => $priority, - } - - # NOTE(pabelanger): This code is duplicated in ::apache::vhost and needs to - # converted into something generic. - if $::apache::vhost_enable_dir { - $vhost_symlink_ensure = $ensure ? { - present => link, - default => $ensure, - } - - file { "${priority}-${filename}.conf symlink": - ensure => $vhost_symlink_ensure, - path => "${::apache::vhost_enable_dir}/${priority}-${filename}.conf", - target => "${::apache::vhost_dir}/${priority}-${filename}.conf", - owner => 'root', - group => $::apache::params::root_group, - mode => $::apache::file_mode, - require => Apache::Custom_config[$filename], - } - } -} diff --git a/apache/metadata.json b/apache/metadata.json deleted file mode 100644 index dde60f911..000000000 --- a/apache/metadata.json +++ /dev/null @@ -1,82 +0,0 @@ -{ - "name": "puppetlabs-apache", - "version": "1.8.1", - "author": "puppetlabs", - "summary": "Installs, configures, and manages Apache virtual hosts, web services, and modules.", - "license": "Apache-2.0", - "source": "git://github.com/puppetlabs/puppetlabs-apache.git", - "project_page": "https://github.com/puppetlabs/puppetlabs-apache", - "issues_url": "https://tickets.puppetlabs.com/browse/MODULES", - "dependencies": [ - {"name":"puppetlabs/stdlib","version_requirement":">= 2.4.0 < 5.0.0"}, - {"name":"puppetlabs/concat","version_requirement":">= 1.1.1 < 3.0.0"} - ], - "data_provider": null, - "operatingsystem_support": [ - { - "operatingsystem": "RedHat", - "operatingsystemrelease": [ - "5", - "6", - "7" - ] - }, - { - "operatingsystem": "CentOS", - "operatingsystemrelease": [ - "5", - "6", - "7" - ] - }, - { - "operatingsystem": "OracleLinux", - "operatingsystemrelease": [ - "6", - "7" - ] - }, - { - "operatingsystem": "Scientific", - "operatingsystemrelease": [ - "5", - "6", - "7" - ] - }, - { - "operatingsystem": "Debian", - "operatingsystemrelease": [ - "6", - "7", - "8" - ] - }, - { - "operatingsystem": "SLES", - "operatingsystemrelease": [ - "11 SP1" - ] - }, - { - "operatingsystem": "Ubuntu", - "operatingsystemrelease": [ - "10.04", - "12.04", - "14.04", - "16.04" - ] - } - ], - "requirements": [ - { - "name": "pe", - "version_requirement": ">= 3.7.0 < 2015.4.0" - }, - { - "name": "puppet", - "version_requirement": ">= 3.0.0 < 5.0.0" - } - ], - "description": "Module for Apache configuration" -} diff --git a/apache/spec/acceptance/apache_parameters_spec.rb b/apache/spec/acceptance/apache_parameters_spec.rb deleted file mode 100644 index 923df6666..000000000 --- a/apache/spec/acceptance/apache_parameters_spec.rb +++ /dev/null @@ -1,501 +0,0 @@ -require 'spec_helper_acceptance' -require_relative './version.rb' - -describe 'apache parameters' do - - # Currently this test only does something on FreeBSD. - describe 'default_confd_files => false' do - it 'doesnt do anything' do - pp = "class { 'apache': default_confd_files => false }" - apply_manifest(pp, :catch_failures => true) - end - - if fact('osfamily') == 'FreeBSD' - describe file("#{$confd_dir}/no-accf.conf.erb") do - it { is_expected.not_to be_file } - end - end - end - describe 'default_confd_files => true' do - it 'copies conf.d files' do - pp = "class { 'apache': default_confd_files => true }" - apply_manifest(pp, :catch_failures => true) - end - - if fact('osfamily') == 'FreeBSD' - describe file("#{$confd_dir}/no-accf.conf.erb") do - it { is_expected.to be_file } - end - end - end - - describe 'when set adds a listen statement' do - it 'applys cleanly' do - pp = "class { 'apache': ip => '10.1.1.1', service_ensure => stopped }" - apply_manifest(pp, :catch_failures => true) - end - - describe file($ports_file) do - it { is_expected.to be_file } - it { is_expected.to contain 'Listen 10.1.1.1' } - end - end - - describe 'service tests => true' do - it 'starts the service' do - pp = <<-EOS - class { 'apache': - service_enable => true, - service_manage => true, - service_ensure => running, - } - EOS - apply_manifest(pp, :catch_failures => true) - end - - describe service($service_name) do - it { is_expected.to be_running } - if (fact('operatingsystem') == 'Debian' && fact('operatingsystemmajrelease') == '8') - pending 'Should be enabled - Bug 760616 on Debian 8' - else - it { is_expected.to be_enabled } - end - end - end - - describe 'service tests => false' do - it 'stops the service' do - pp = <<-EOS - class { 'apache': - service_enable => false, - service_ensure => stopped, - } - EOS - apply_manifest(pp, :catch_failures => true) - end - - describe service($service_name) do - it { is_expected.not_to be_running } - if (fact('operatingsystem') == 'Debian' && fact('operatingsystemmajrelease') == '8') - pending 'Should be enabled - Bug 760616 on Debian 8' - else - it { is_expected.not_to be_enabled } - end - end - end - - describe 'service manage => false' do - it 'we dont manage the service, so it shouldnt start the service' do - pp = <<-EOS - class { 'apache': - service_enable => true, - service_manage => false, - service_ensure => true, - } - EOS - apply_manifest(pp, :catch_failures => true) - end - - describe service($service_name) do - it { is_expected.not_to be_running } - if (fact('operatingsystem') == 'Debian' && fact('operatingsystemmajrelease') == '8') - pending 'Should be enabled - Bug 760616 on Debian 8' - else - it { is_expected.not_to be_enabled } - end - end - end - - describe 'purge parameters => false' do - it 'applies cleanly' do - pp = <<-EOS - class { 'apache': - purge_configs => false, - purge_vhost_dir => false, - vhost_dir => "#{$confd_dir}.vhosts" - } - EOS - shell("touch #{$confd_dir}/test.conf") - shell("mkdir -p #{$confd_dir}.vhosts && touch #{$confd_dir}.vhosts/test.conf") - apply_manifest(pp, :catch_failures => true) - end - - # Ensure the files didn't disappear. - describe file("#{$confd_dir}/test.conf") do - it { is_expected.to be_file } - end - describe file("#{$confd_dir}.vhosts/test.conf") do - it { is_expected.to be_file } - end - end - - if fact('osfamily') != 'Debian' - describe 'purge parameters => true' do - it 'applies cleanly' do - pp = <<-EOS - class { 'apache': - purge_configs => true, - purge_vhost_dir => true, - vhost_dir => "#{$confd_dir}.vhosts" - } - EOS - shell("touch #{$confd_dir}/test.conf") - shell("mkdir -p #{$confd_dir}.vhosts && touch #{$confd_dir}.vhosts/test.conf") - apply_manifest(pp, :catch_failures => true) - end - - # File should be gone - describe file("#{$confd_dir}/test.conf") do - it { is_expected.not_to be_file } - end - describe file("#{$confd_dir}.vhosts/test.conf") do - it { is_expected.not_to be_file } - end - end - end - - describe 'serveradmin' do - it 'applies cleanly' do - pp = "class { 'apache': serveradmin => 'test@example.com' }" - apply_manifest(pp, :catch_failures => true) - end - - describe file($vhost) do - it { is_expected.to be_file } - it { is_expected.to contain 'ServerAdmin test@example.com' } - end - end - - describe 'sendfile' do - describe 'setup' do - it 'applies cleanly' do - pp = "class { 'apache': sendfile => 'On' }" - apply_manifest(pp, :catch_failures => true) - end - end - - describe file($conf_file) do - it { is_expected.to be_file } - it { is_expected.to contain 'EnableSendfile On' } - end - - describe 'setup' do - it 'applies cleanly' do - pp = "class { 'apache': sendfile => 'Off' }" - apply_manifest(pp, :catch_failures => true) - end - end - - describe file($conf_file) do - it { is_expected.to be_file } - it { is_expected.to contain 'Sendfile Off' } - end - end - - describe 'error_documents' do - describe 'setup' do - it 'applies cleanly' do - pp = "class { 'apache': error_documents => true }" - apply_manifest(pp, :catch_failures => true) - end - end - - describe file($conf_file) do - it { is_expected.to be_file } - it { is_expected.to contain 'Alias /error/' } - end - end - - describe 'timeout' do - describe 'setup' do - it 'applies cleanly' do - pp = "class { 'apache': timeout => '1234' }" - apply_manifest(pp, :catch_failures => true) - end - end - - describe file($conf_file) do - it { is_expected.to be_file } - it { is_expected.to contain 'Timeout 1234' } - end - end - - describe 'httpd_dir' do - describe 'setup' do - it 'applies cleanly' do - pp = <<-EOS - class { 'apache': httpd_dir => '/tmp', service_ensure => stopped } - include 'apache::mod::mime' - EOS - apply_manifest(pp, :catch_failures => true) - end - end - - describe file("#{$mod_dir}/mime.conf") do - it { is_expected.to be_file } - it { is_expected.to contain 'AddLanguage eo .eo' } - end - end - - describe 'server_root' do - describe 'setup' do - it 'applies cleanly' do - pp = "class { 'apache': server_root => '/tmp/root', service_ensure => stopped }" - apply_manifest(pp, :catch_failures => true) - end - end - - describe file($conf_file) do - it { is_expected.to be_file } - it { is_expected.to contain 'ServerRoot "/tmp/root"' } - end - end - - describe 'confd_dir' do - describe 'setup' do - it 'applies cleanly' do - pp = "class { 'apache': confd_dir => '/tmp/root', service_ensure => stopped, use_optional_includes => true }" - apply_manifest(pp, :catch_failures => true) - end - end - - if $apache_version == '2.4' - describe file($conf_file) do - it { is_expected.to be_file } - it { is_expected.to contain 'IncludeOptional "/tmp/root/*.conf"' } - end - else - describe file($conf_file) do - it { is_expected.to be_file } - it { is_expected.to contain 'Include "/tmp/root/*.conf"' } - end - end - end - - describe 'conf_template' do - describe 'setup' do - it 'applies cleanly' do - pp = "class { 'apache': conf_template => 'another/test.conf.erb', service_ensure => stopped }" - shell("mkdir -p #{default['distmoduledir']}/another/templates") - shell("echo 'testcontent' >> #{default['distmoduledir']}/another/templates/test.conf.erb") - apply_manifest(pp, :catch_failures => true) - end - end - - describe file($conf_file) do - it { is_expected.to be_file } - it { is_expected.to contain 'testcontent' } - end - end - - describe 'servername' do - describe 'setup' do - it 'applies cleanly' do - pp = "class { 'apache': servername => 'test.server', service_ensure => stopped }" - apply_manifest(pp, :catch_failures => true) - end - end - - describe file($conf_file) do - it { is_expected.to be_file } - it { is_expected.to contain 'ServerName "test.server"' } - end - end - - describe 'user' do - describe 'setup' do - it 'applies cleanly' do - pp = <<-EOS - class { 'apache': - manage_user => true, - manage_group => true, - user => 'testweb', - group => 'testweb', - } - EOS - apply_manifest(pp, :catch_failures => true) - end - end - - describe user('testweb') do - it { is_expected.to exist } - it { is_expected.to belong_to_group 'testweb' } - end - - describe group('testweb') do - it { is_expected.to exist } - end - end - - describe 'logformats' do - describe 'setup' do - it 'applies cleanly' do - pp = <<-EOS - class { 'apache': - log_formats => { - 'vhost_common' => '%v %h %l %u %t \\\"%r\\\" %>s %b', - 'vhost_combined' => '%v %h %l %u %t \\\"%r\\\" %>s %b \\\"%{Referer}i\\\" \\\"%{User-agent}i\\\"', - } - } - EOS - apply_manifest(pp, :catch_failures => true) - end - end - - describe file($conf_file) do - it { is_expected.to be_file } - it { is_expected.to contain 'LogFormat "%v %h %l %u %t \"%r\" %>s %b" vhost_common' } - it { is_expected.to contain 'LogFormat "%v %h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-agent}i\"" vhost_combined' } - end - end - - - describe 'keepalive' do - describe 'setup' do - it 'applies cleanly' do - pp = "class { 'apache': keepalive => 'On', keepalive_timeout => '30', max_keepalive_requests => '200' }" - apply_manifest(pp, :catch_failures => true) - end - end - - describe file($conf_file) do - it { is_expected.to be_file } - it { is_expected.to contain 'KeepAlive On' } - it { is_expected.to contain 'KeepAliveTimeout 30' } - it { is_expected.to contain 'MaxKeepAliveRequests 200' } - end - end - - describe 'limitrequestfieldsize' do - describe 'setup' do - it 'applies cleanly' do - pp = "class { 'apache': limitreqfieldsize => '16830' }" - apply_manifest(pp, :catch_failures => true) - end - end - - describe file($conf_file) do - it { is_expected.to be_file } - it { is_expected.to contain 'LimitRequestFieldSize 16830' } - end - end - - describe 'logging' do - describe 'setup' do - it 'applies cleanly' do - pp = <<-EOS - if $::osfamily == 'RedHat' and "$::selinux" == "true" { - $semanage_package = $::operatingsystemmajrelease ? { - '5' => 'policycoreutils', - default => 'policycoreutils-python', - } - - package { $semanage_package: ensure => installed } - exec { 'set_apache_defaults': - command => 'semanage fcontext -a -t httpd_log_t "/apache_spec(/.*)?"', - path => '/bin:/usr/bin/:/sbin:/usr/sbin', - require => Package[$semanage_package], - } - exec { 'restorecon_apache': - command => 'restorecon -Rv /apache_spec', - path => '/bin:/usr/bin/:/sbin:/usr/sbin', - before => Service['httpd'], - require => Class['apache'], - } - } - file { '/apache_spec': ensure => directory, } - class { 'apache': logroot => '/apache_spec' } - EOS - apply_manifest(pp, :catch_failures => true) - end - end - - describe file("/apache_spec/#{$error_log}") do - it { is_expected.to be_file } - end - end - - describe 'ports_file' do - it 'applys cleanly' do - pp = <<-EOS - file { '/apache_spec': ensure => directory, } - class { 'apache': - ports_file => '/apache_spec/ports_file', - ip => '10.1.1.1', - service_ensure => stopped - } - EOS - apply_manifest(pp, :catch_failures => true) - end - - describe file('/apache_spec/ports_file') do - it { is_expected.to be_file } - it { is_expected.to contain 'Listen 10.1.1.1' } - end - end - - describe 'server_tokens' do - it 'applys cleanly' do - pp = <<-EOS - class { 'apache': - server_tokens => 'Minor', - } - EOS - apply_manifest(pp, :catch_failures => true) - end - - describe file($conf_file) do - it { is_expected.to be_file } - it { is_expected.to contain 'ServerTokens Minor' } - end - end - - describe 'server_signature' do - it 'applys cleanly' do - pp = <<-EOS - class { 'apache': - server_signature => 'testsig', - service_ensure => stopped, - } - EOS - apply_manifest(pp, :catch_failures => true) - end - - describe file($conf_file) do - it { is_expected.to be_file } - it { is_expected.to contain 'ServerSignature testsig' } - end - end - - describe 'trace_enable' do - it 'applys cleanly' do - pp = <<-EOS - class { 'apache': - trace_enable => 'Off', - } - EOS - apply_manifest(pp, :catch_failures => true) - end - - describe file($conf_file) do - it { is_expected.to be_file } - it { is_expected.to contain 'TraceEnable Off' } - end - end - - describe 'package_ensure' do - it 'applys cleanly' do - pp = <<-EOS - class { 'apache': - package_ensure => present, - } - EOS - apply_manifest(pp, :catch_failures => true) - end - - describe package($package_name) do - it { is_expected.to be_installed } - end - end - -end diff --git a/apache/spec/acceptance/apache_ssl_spec.rb b/apache/spec/acceptance/apache_ssl_spec.rb deleted file mode 100644 index 5df551a41..000000000 --- a/apache/spec/acceptance/apache_ssl_spec.rb +++ /dev/null @@ -1,94 +0,0 @@ -require 'spec_helper_acceptance' -require_relative './version.rb' - -describe 'apache ssl' do - - describe 'ssl parameters' do - it 'runs without error' do - pp = <<-EOS - class { 'apache': - service_ensure => stopped, - default_ssl_vhost => true, - default_ssl_cert => '/tmp/ssl_cert', - default_ssl_key => '/tmp/ssl_key', - default_ssl_chain => '/tmp/ssl_chain', - default_ssl_ca => '/tmp/ssl_ca', - default_ssl_crl_path => '/tmp/ssl_crl_path', - default_ssl_crl => '/tmp/ssl_crl', - default_ssl_crl_check => 'chain', - } - EOS - apply_manifest(pp, :catch_failures => true) - end - - describe file("#{$vhost_dir}/15-default-ssl.conf") do - it { is_expected.to be_file } - it { is_expected.to contain 'SSLCertificateFile "/tmp/ssl_cert"' } - it { is_expected.to contain 'SSLCertificateKeyFile "/tmp/ssl_key"' } - it { is_expected.to contain 'SSLCertificateChainFile "/tmp/ssl_chain"' } - it { is_expected.to contain 'SSLCACertificateFile "/tmp/ssl_ca"' } - it { is_expected.to contain 'SSLCARevocationPath "/tmp/ssl_crl_path"' } - it { is_expected.to contain 'SSLCARevocationFile "/tmp/ssl_crl"' } - if $apache_version == '2.4' - it { is_expected.to contain 'SSLCARevocationCheck "chain"' } - else - it { is_expected.not_to contain 'SSLCARevocationCheck' } - end - end - end - - describe 'vhost ssl parameters' do - it 'runs without error' do - pp = <<-EOS - class { 'apache': - service_ensure => stopped, - } - - apache::vhost { 'test_ssl': - docroot => '/tmp/test', - ssl => true, - ssl_cert => '/tmp/ssl_cert', - ssl_key => '/tmp/ssl_key', - ssl_chain => '/tmp/ssl_chain', - ssl_ca => '/tmp/ssl_ca', - ssl_crl_path => '/tmp/ssl_crl_path', - ssl_crl => '/tmp/ssl_crl', - ssl_crl_check => 'chain', - ssl_certs_dir => '/tmp', - ssl_protocol => 'test', - ssl_cipher => 'test', - ssl_honorcipherorder => 'test', - ssl_verify_client => 'test', - ssl_verify_depth => 'test', - ssl_options => ['test', 'test1'], - ssl_proxyengine => true, - ssl_proxy_protocol => 'TLSv1.2', - } - EOS - apply_manifest(pp, :catch_failures => true) - end - - describe file("#{$vhost_dir}/25-test_ssl.conf") do - it { is_expected.to be_file } - it { is_expected.to contain 'SSLCertificateFile "/tmp/ssl_cert"' } - it { is_expected.to contain 'SSLCertificateKeyFile "/tmp/ssl_key"' } - it { is_expected.to contain 'SSLCertificateChainFile "/tmp/ssl_chain"' } - it { is_expected.to contain 'SSLCACertificateFile "/tmp/ssl_ca"' } - it { is_expected.to contain 'SSLCARevocationPath "/tmp/ssl_crl_path"' } - it { is_expected.to contain 'SSLCARevocationFile "/tmp/ssl_crl"' } - it { is_expected.to contain 'SSLProxyEngine On' } - it { is_expected.to contain 'SSLProtocol test' } - it { is_expected.to contain 'SSLCipherSuite test' } - it { is_expected.to contain 'SSLHonorCipherOrder test' } - it { is_expected.to contain 'SSLVerifyClient test' } - it { is_expected.to contain 'SSLVerifyDepth test' } - it { is_expected.to contain 'SSLOptions test test1' } - if $apache_version == '2.4' - it { is_expected.to contain 'SSLCARevocationCheck "chain"' } - else - it { is_expected.not_to contain 'SSLCARevocationCheck' } - end - end - end - -end diff --git a/apache/spec/acceptance/class_spec.rb b/apache/spec/acceptance/class_spec.rb deleted file mode 100644 index aff79eb08..000000000 --- a/apache/spec/acceptance/class_spec.rb +++ /dev/null @@ -1,79 +0,0 @@ -require 'spec_helper_acceptance' -require_relative './version.rb' - -describe 'apache class' do - context 'default parameters' do - let(:pp) do - <<-EOS - class { 'apache': } - EOS - end - # Run it twice and test for idempotency - it_behaves_like "a idempotent resource" - - describe package($package_name) do - it { is_expected.to be_installed } - end - - describe service($service_name) do - if (fact('operatingsystem') == 'Debian' && fact('operatingsystemmajrelease') == '8') - pending 'Should be enabled - Bug 760616 on Debian 8' - else - it { should be_enabled } - end - it { is_expected.to be_running } - end - - describe port(80) do - it { should be_listening } - end - end - - context 'custom site/mod dir parameters' do - # Using puppet_apply as a helper - let(:pp) do - <<-EOS - if $::osfamily == 'RedHat' and "$::selinux" == "true" { - $semanage_package = $::operatingsystemmajrelease ? { - '5' => 'policycoreutils', - default => 'policycoreutils-python', - } - - package { $semanage_package: ensure => installed } - exec { 'set_apache_defaults': - command => 'semanage fcontext -a -t httpd_sys_content_t "/apache_spec(/.*)?"', - path => '/bin:/usr/bin/:/sbin:/usr/sbin', - subscribe => Package[$semanage_package], - refreshonly => true, - } - exec { 'restorecon_apache': - command => 'restorecon -Rv /apache_spec', - path => '/bin:/usr/bin/:/sbin:/usr/sbin', - before => Service['httpd'], - require => Class['apache'], - subscribe => Exec['set_apache_defaults'], - refreshonly => true, - } - } - file { '/apache_spec': ensure => directory, } - file { '/apache_spec/apache_custom': ensure => directory, } - class { 'apache': - mod_dir => '/apache_spec/apache_custom/mods', - vhost_dir => '/apache_spec/apache_custom/vhosts', - } - EOS - end - - # Run it twice and test for idempotency - it_behaves_like "a idempotent resource" - - describe service($service_name) do - if (fact('operatingsystem') == 'Debian' && fact('operatingsystemmajrelease') == '8') - pending 'Should be enabled - Bug 760616 on Debian 8' - else - it { should be_enabled } - end - it { is_expected.to be_running } - end - end -end diff --git a/apache/spec/acceptance/custom_config_spec.rb b/apache/spec/acceptance/custom_config_spec.rb deleted file mode 100644 index c8e254e85..000000000 --- a/apache/spec/acceptance/custom_config_spec.rb +++ /dev/null @@ -1,94 +0,0 @@ -require 'spec_helper_acceptance' -require_relative './version.rb' - -describe 'apache::custom_config define' do - context 'invalid config' do - it 'should not add the config' do - pp = <<-EOS - class { 'apache': } - apache::custom_config { 'acceptance_test': - content => 'INVALID', - } - EOS - - apply_manifest(pp, :expect_failures => true) - end - - describe file("#{$confd_dir}/25-acceptance_test.conf") do - it { is_expected.not_to be_file } - end - end - - context 'valid config' do - it 'should add the config' do - pp = <<-EOS - class { 'apache': } - apache::custom_config { 'acceptance_test': - content => '# just a comment', - } - EOS - - apply_manifest(pp, :catch_failures => true) - end - - describe file("#{$confd_dir}/25-acceptance_test.conf") do - it { is_expected.to contain '# just a comment' } - end - end - - context 'with a custom filename' do - it 'should store content in the described file' do - pp = <<-EOS - class { 'apache': } - apache::custom_config { 'filename_test': - filename => 'custom_filename', - content => '# just another comment', - } - EOS - - apply_manifest(pp, :catch_failures => true) - end - - describe file("#{$confd_dir}/custom_filename") do - it { is_expected.to contain '# just another comment' } - end - end - - describe 'custom_config without priority prefix' do - it 'applies cleanly' do - pp = <<-EOS - class { 'apache': } - apache::custom_config { 'prefix_test': - priority => false, - content => '# just a comment', - } - EOS - apply_manifest(pp, :catch_failures => true) - end - - describe file("#{$confd_dir}/prefix_test.conf") do - it { is_expected.to be_file } - end - end - - describe 'custom_config only applied after configs are written' do - it 'applies in the right order' do - pp = <<-EOS - class { 'apache': } - - apache::custom_config { 'ordering_test': - content => '# just a comment', - } - - # Try to wedge the apache::custom_config call between when httpd.conf is written and - # ports.conf is written. This should trigger a dependency cycle - File["#{$conf_file}"] -> Apache::Custom_config['ordering_test'] -> Concat["#{$ports_file}"] - EOS - expect(apply_manifest(pp, :expect_failures => true).stderr).to match(/Found 1 dependency cycle/i) - end - - describe file("#{$confd_dir}/25-ordering_test.conf") do - it { is_expected.not_to be_file } - end - end -end diff --git a/apache/spec/acceptance/default_mods_spec.rb b/apache/spec/acceptance/default_mods_spec.rb deleted file mode 100644 index 3f2852696..000000000 --- a/apache/spec/acceptance/default_mods_spec.rb +++ /dev/null @@ -1,102 +0,0 @@ -require 'spec_helper_acceptance' -require_relative './version.rb' - -describe 'apache::default_mods class' do - describe 'no default mods' do - # Using puppet_apply as a helper - let(:pp) do - <<-EOS - class { 'apache': - default_mods => false, - } - EOS - end - - # Run it twice and test for idempotency - it_behaves_like "a idempotent resource" - describe service($service_name) do - it { is_expected.to be_running } - end - end - - describe 'no default mods and failing' do - # Using puppet_apply as a helper - it 'should apply with errors' do - pp = <<-EOS - class { 'apache': - default_mods => false, - } - apache::vhost { 'defaults.example.com': - docroot => '/var/www/defaults', - aliases => { - alias => '/css', - path => '/var/www/css', - }, - setenv => 'TEST1 one', - } - EOS - - apply_manifest(pp, { :expect_failures => true }) - end - - # Are these the same? - describe service($service_name) do - it { is_expected.not_to be_running } - end - describe "service #{$service_name}" do - it 'should not be running' do - shell("pidof #{$service_name}", {:acceptable_exit_codes => 1}) - end - end - end - - describe 'alternative default mods' do - # Using puppet_apply as a helper - let(:pp) do - <<-EOS - class { 'apache': - default_mods => [ - 'info', - 'alias', - 'mime', - 'env', - 'expires', - ], - } - apache::vhost { 'defaults.example.com': - docroot => '/var/www/defaults', - aliases => { - alias => '/css', - path => '/var/www/css', - }, - setenv => 'TEST1 one', - } - EOS - end - it_behaves_like "a idempotent resource" - - describe service($service_name) do - it { is_expected.to be_running } - end - end - - describe 'change loadfile name' do - let(:pp) do - <<-EOS - class { 'apache': default_mods => false } - ::apache::mod { 'auth_basic': - loadfile_name => 'zz_auth_basic.load', - } - EOS - end - # Run it twice and test for idempotency - it_behaves_like "a idempotent resource" - describe service($service_name) do - it { is_expected.to be_running } - end - - describe file("#{$mod_dir}/zz_auth_basic.load") do - it { is_expected.to be_file } - end - end -end diff --git a/apache/spec/acceptance/itk_spec.rb b/apache/spec/acceptance/itk_spec.rb deleted file mode 100644 index 059589a3f..000000000 --- a/apache/spec/acceptance/itk_spec.rb +++ /dev/null @@ -1,60 +0,0 @@ -require 'spec_helper_acceptance' - -case fact('osfamily') -when 'Debian' - service_name = 'apache2' - majrelease = fact('operatingsystemmajrelease') - if ['6', '7', '10.04', '12.04'].include?(majrelease) - variant = :itk_only - else - variant = :prefork - end -when 'RedHat' - unless fact('operatingsystemmajrelease') == '5' - service_name = 'httpd' - majrelease = fact('operatingsystemmajrelease') - if ['6'].include?(majrelease) - variant = :itk_only - else - variant = :prefork - end - end -when 'FreeBSD' - service_name = 'apache24' - majrelease = fact('operatingsystemmajrelease') - variant = :prefork -end - -describe 'apache::mod::itk class', :if => service_name do - describe 'running puppet code' do - # Using puppet_apply as a helper - let(:pp) do - case variant - when :prefork - <<-EOS - class { 'apache': - mpm_module => 'prefork', - } - class { 'apache::mod::itk': } - EOS - when :itk_only - <<-EOS - class { 'apache': - mpm_module => 'itk', - } - EOS - end - end - # Run it twice and test for idempotency - it_behaves_like "a idempotent resource" - end - - describe service(service_name) do - it { is_expected.to be_running } - if (fact('operatingsystem') == 'Debian' && fact('operatingsystemmajrelease') == '8') - pending 'Should be enabled - Bug 760616 on Debian 8' - else - it { should be_enabled } - end - end -end diff --git a/apache/spec/acceptance/mod_dav_svn_spec.rb b/apache/spec/acceptance/mod_dav_svn_spec.rb deleted file mode 100644 index 9abd12aed..000000000 --- a/apache/spec/acceptance/mod_dav_svn_spec.rb +++ /dev/null @@ -1,65 +0,0 @@ -require 'spec_helper_acceptance' -require_relative './version.rb' - -describe 'apache::mod::dav_svn class', :unless => (fact('operatingsystem') == 'OracleLinux' and fact('operatingsystemmajrelease') == '7') do - case fact('osfamily') - when 'Debian' - if fact('operatingsystemmajrelease') == '6' or fact('operatingsystemmajrelease') == '10.04' or fact('operatingsystemrelease') == '10.04' - authz_svn_load_file = 'dav_svn_authz_svn.load' - else - authz_svn_load_file = 'authz_svn.load' - end - when 'RedHat' - authz_svn_load_file = 'dav_svn_authz_svn.load' - when 'FreeBSD' - authz_svn_load_file = 'dav_svn_authz_svn.load' - end - - context "default dav_svn config" do - it 'succeeds in puppeting dav_svn' do - pp= <<-EOS - class { 'apache': } - include apache::mod::dav_svn - EOS - apply_manifest(pp, :catch_failures => true) - end - - describe service($service_name) do - if (fact('operatingsystem') == 'Debian' && fact('operatingsystemmajrelease') == '8') - pending 'Should be enabled - Bug 760616 on Debian 8' - else - it { should be_enabled } - end - it { is_expected.to be_running } - end - - describe file("#{$mod_dir}/dav_svn.load") do - it { is_expected.to contain "LoadModule dav_svn_module" } - end - end - - context "dav_svn with enabled authz_svn config" do - it 'succeeds in puppeting dav_svn' do - pp= <<-EOS - class { 'apache': } - class { 'apache::mod::dav_svn': - authz_svn_enabled => true, - } - EOS - apply_manifest(pp, :catch_failures => true) - end - - describe service($service_name) do - if (fact('operatingsystem') == 'Debian' && fact('operatingsystemmajrelease') == '8') - pending 'Should be enabled - Bug 760616 on Debian 8' - else - it { should be_enabled } - end - it { is_expected.to be_running } - end - - describe file("#{$mod_dir}/#{authz_svn_load_file}") do - it { is_expected.to contain "LoadModule authz_svn_module" } - end - end -end diff --git a/apache/spec/acceptance/mod_deflate_spec.rb b/apache/spec/acceptance/mod_deflate_spec.rb deleted file mode 100644 index 1b55e087a..000000000 --- a/apache/spec/acceptance/mod_deflate_spec.rb +++ /dev/null @@ -1,33 +0,0 @@ -require 'spec_helper_acceptance' -require_relative './version.rb' - -describe 'apache::mod::deflate class' do - context "default deflate config" do - it 'succeeds in puppeting deflate' do - pp= <<-EOS - class { 'apache': } - include apache::mod::deflate - EOS - apply_manifest(pp, :catch_failures => true) - end - - describe service($service_name) do - if (fact('operatingsystem') == 'Debian' && fact('operatingsystemmajrelease') == '8') - pending 'Should be enabled - Bug 760616 on Debian 8' - else - it { should be_enabled } - end - it { is_expected.to be_running } - end - - describe file("#{$mod_dir}/deflate.conf") do - it { is_expected.to contain "AddOutputFilterByType DEFLATE text/html text/plain text/xml" } - it { is_expected.to contain "AddOutputFilterByType DEFLATE text/css" } - it { is_expected.to contain "AddOutputFilterByType DEFLATE application/x-javascript application/javascript application/ecmascript" } - it { is_expected.to contain "AddOutputFilterByType DEFLATE application/rss+xml" } - it { is_expected.to contain "DeflateFilterNote Input instream" } - it { is_expected.to contain "DeflateFilterNote Output outstream" } - it { is_expected.to contain "DeflateFilterNote Ratio ratio" } - end - end -end diff --git a/apache/spec/acceptance/mod_fcgid_spec.rb b/apache/spec/acceptance/mod_fcgid_spec.rb deleted file mode 100644 index ce3b5b5b2..000000000 --- a/apache/spec/acceptance/mod_fcgid_spec.rb +++ /dev/null @@ -1,57 +0,0 @@ -require 'spec_helper_acceptance' - -describe 'apache::mod::fcgid class', :if => ((fact('osfamily') == 'RedHat' and fact('operatingsystemmajrelease') != '5') and !(fact('operatingsystem') == 'OracleLinux' and fact('operatingsystemmajrelease') == '7')) do - context "default fcgid config" do - it 'succeeds in puppeting fcgid' do - pp = <<-EOS - class { 'epel': } # mod_fcgid lives in epel - class { 'apache': } - class { 'apache::mod::php': } # For /usr/bin/php-cgi - class { 'apache::mod::fcgid': - options => { - 'FcgidIPCDir' => '/var/run/fcgidsock', - }, - } - apache::vhost { 'fcgid.example.com': - port => '80', - docroot => '/var/www/fcgid', - directories => { - path => '/var/www/fcgid', - options => '+ExecCGI', - addhandlers => { - handler => 'fcgid-script', - extensions => '.php', - }, - fcgiwrapper => { - command => '/usr/bin/php-cgi', - suffix => '.php', - } - }, - } - file { '/var/www/fcgid/index.php': - ensure => file, - owner => 'root', - group => 'root', - content => "\\n", - } - EOS - apply_manifest(pp, :catch_failures => true) - end - - describe service('httpd') do - it { is_expected.to be_enabled } - it { is_expected.to be_running } - end - - it 'should answer to fcgid.example.com' do - shell("/usr/bin/curl -H 'Host: fcgid.example.com' 127.0.0.1:80") do |r| - expect(r.stdout).to match(/^Hello world$/) - expect(r.exit_code).to eq(0) - end - end - - it 'should run a php-cgi process' do - shell("pgrep -u apache php-cgi", :acceptable_exit_codes => [0]) - end - end -end diff --git a/apache/spec/acceptance/mod_mime_spec.rb b/apache/spec/acceptance/mod_mime_spec.rb deleted file mode 100644 index f8bc7c15c..000000000 --- a/apache/spec/acceptance/mod_mime_spec.rb +++ /dev/null @@ -1,30 +0,0 @@ -require 'spec_helper_acceptance' -require_relative './version.rb' - -describe 'apache::mod::mime class' do - context "default mime config" do - it 'succeeds in puppeting mime' do - pp= <<-EOS - class { 'apache': } - include apache::mod::mime - EOS - apply_manifest(pp, :catch_failures => true) - end - - describe service($service_name) do - if (fact('operatingsystem') == 'Debian' && fact('operatingsystemmajrelease') == '8') - pending 'Should be enabled - Bug 760616 on Debian 8' - else - it { should be_enabled } - end - it { is_expected.to be_running } - end - - describe file("#{$mod_dir}/mime.conf") do - it { is_expected.to contain "AddType application/x-compress .Z" } - it { is_expected.to contain "AddHandler type-map var\n" } - it { is_expected.to contain "AddType text/html .shtml\n" } - it { is_expected.to contain "AddOutputFilter INCLUDES .shtml\n" } - end - end -end diff --git a/apache/spec/acceptance/mod_negotiation_spec.rb b/apache/spec/acceptance/mod_negotiation_spec.rb deleted file mode 100644 index 56c29e318..000000000 --- a/apache/spec/acceptance/mod_negotiation_spec.rb +++ /dev/null @@ -1,78 +0,0 @@ -require 'spec_helper_acceptance' -require_relative './version.rb' - -describe 'apache::mod::negotiation class' do - context "default negotiation config" do - it 'succeeds in puppeting negotiation' do - pp= <<-EOS - class { '::apache': default_mods => false } - class { '::apache::mod::negotiation': } - EOS - apply_manifest(pp, :catch_failures => true) - end - - describe file("#{$mod_dir}/negotiation.conf") do - it { should contain "LanguagePriority en ca cs da de el eo es et fr he hr it ja ko ltz nl nn no pl pt pt-BR ru sv zh-CN zh-TW -ForceLanguagePriority Prefer Fallback" } - end - - describe service($service_name) do - if (fact('operatingsystem') == 'Debian' && fact('operatingsystemmajrelease') == '8') - pending 'Should be enabled - Bug 760616 on Debian 8' - else - it { should be_enabled } - end - it { should be_running } - end - end - - context "with alternative force_language_priority" do - it 'succeeds in puppeting negotiation' do - pp= <<-EOS - class { '::apache': default_mods => false } - class { '::apache::mod::negotiation': - force_language_priority => 'Prefer', - } - EOS - apply_manifest(pp, :catch_failures => true) - end - - describe file("#{$mod_dir}/negotiation.conf") do - it { should contain "ForceLanguagePriority Prefer" } - end - - describe service($service_name) do - if (fact('operatingsystem') == 'Debian' && fact('operatingsystemmajrelease') == '8') - pending 'Should be enabled - Bug 760616 on Debian 8' - else - it { should be_enabled } - end - it { should be_running } - end - end - - context "with alternative language_priority" do - it 'succeeds in puppeting negotiation' do - pp= <<-EOS - class { '::apache': default_mods => false } - class { '::apache::mod::negotiation': - language_priority => [ 'en', 'es' ], - } - EOS - apply_manifest(pp, :catch_failures => true) - end - - describe file("#{$mod_dir}/negotiation.conf") do - it { should contain "LanguagePriority en es" } - end - - describe service($service_name) do - if (fact('operatingsystem') == 'Debian' && fact('operatingsystemmajrelease') == '8') - pending 'Should be enabled - Bug 760616 on Debian 8' - else - it { should be_enabled } - end - it { should be_running } - end - end -end diff --git a/apache/spec/acceptance/mod_pagespeed_spec.rb b/apache/spec/acceptance/mod_pagespeed_spec.rb deleted file mode 100644 index 009df6a10..000000000 --- a/apache/spec/acceptance/mod_pagespeed_spec.rb +++ /dev/null @@ -1,75 +0,0 @@ -require 'spec_helper_acceptance' -require_relative './version.rb' - -describe 'apache::mod::pagespeed class' do - context "default pagespeed config" do - it 'succeeds in puppeting pagespeed' do - pp= <<-EOS - if $::osfamily == 'Debian' { - class { 'apt': } - - apt::source { 'mod-pagespeed': - key => '7FAC5991', - key_server => 'pgp.mit.edu', - location => 'http://dl.google.com/linux/mod-pagespeed/deb/', - release => 'stable', - repos => 'main', - include_src => false, - before => Class['apache'], - } - } elsif $::osfamily == 'RedHat' { - yumrepo { 'mod-pagespeed': - baseurl => "http://dl.google.com/linux/mod-pagespeed/rpm/stable/$::architecture", - enabled => 1, - gpgcheck => 1, - gpgkey => 'https://dl-ssl.google.com/linux/linux_signing_key.pub', - before => Class['apache'], - } - } - - class { 'apache': - mpm_module => 'prefork', - } - class { 'apache::mod::pagespeed': - enable_filters => ['remove_comments'], - disable_filters => ['extend_cache'], - forbid_filters => ['rewrite_javascript'], - } - apache::vhost { 'pagespeed.example.com': - port => '80', - docroot => '/var/www/pagespeed', - } - host { 'pagespeed.example.com': ip => '127.0.0.1', } - file { '/var/www/pagespeed/index.html': - ensure => file, - content => "\n\n\n

Hello World!

\n\n", - } - EOS - apply_manifest(pp, :catch_failures => true) - end - - describe service($service_name) do - if (fact('operatingsystem') == 'Debian' && fact('operatingsystemmajrelease') == '8') - pending 'Should be enabled - Bug 760616 on Debian 8' - else - it { should be_enabled } - end - it { is_expected.to be_running } - end - - describe file("#{$mod_dir}/pagespeed.conf") do - it { is_expected.to contain "AddOutputFilterByType MOD_PAGESPEED_OUTPUT_FILTER text/html" } - it { is_expected.to contain "ModPagespeedEnableFilters remove_comments" } - it { is_expected.to contain "ModPagespeedDisableFilters extend_cache" } - it { is_expected.to contain "ModPagespeedForbidFilters rewrite_javascript" } - end - - it 'should answer to pagespeed.example.com and include and be stripped of comments by mod_pagespeed' do - shell("/usr/bin/curl pagespeed.example.com:80") do |r| - expect(r.stdout).to match(//) - expect(r.stdout).not_to match(//) - expect(r.exit_code).to eq(0) - end - end - end -end diff --git a/apache/spec/acceptance/mod_passenger_spec.rb b/apache/spec/acceptance/mod_passenger_spec.rb deleted file mode 100644 index 5798545ea..000000000 --- a/apache/spec/acceptance/mod_passenger_spec.rb +++ /dev/null @@ -1,199 +0,0 @@ -require 'spec_helper_acceptance' -require_relative './version.rb' - -describe 'apache::mod::passenger class' do - pending 'This cannot run in the same test run as apache::vhost with passenger - as the passenger.conf file is not yet managed by puppet and will be wiped out - between tests and not replaced' - case fact('osfamily') - when 'Debian' - conf_file = "#{$mod_dir}/passenger.conf" - load_file = "#{$mod_dir}/zpassenger.load" - - case fact('operatingsystem') - when 'Ubuntu' - case fact('lsbdistrelease') - when '10.04' - passenger_root = '/usr' - passenger_ruby = '/usr/bin/ruby' - when '12.04' - passenger_root = '/usr' - passenger_ruby = '/usr/bin/ruby' - when '14.04' - passenger_root = '/usr/lib/ruby/vendor_ruby/phusion_passenger/locations.ini' - passenger_ruby = '/usr/bin/ruby' - passenger_default_ruby = '/usr/bin/ruby' - else - # This may or may not work on Ubuntu releases other than the above - passenger_root = '/usr' - passenger_ruby = '/usr/bin/ruby' - end - when 'Debian' - case fact('lsbdistcodename') - when 'wheezy' - passenger_root = '/usr' - passenger_ruby = '/usr/bin/ruby' - when 'jessie' - passenger_root = '/usr/lib/ruby/vendor_ruby/phusion_passenger/locations.ini' - passenger_ruby = '/usr/bin/ruby' - passenger_default_ruby = '/usr/bin/ruby' - else - # This may or may not work on Debian releases other than the above - passenger_root = '/usr' - passenger_ruby = '/usr/bin/ruby' - end - end - - passenger_module_path = '/usr/lib/apache2/modules/mod_passenger.so' - rackapp_user = 'www-data' - rackapp_group = 'www-data' - when 'RedHat' - conf_file = "#{$mod_dir}/passenger.conf" - load_file = "#{$mod_dir}/zpassenger.load" - # sometimes installs as 3.0.12, sometimes as 3.0.19 - so just check for the stable part - passenger_root = '/usr/lib/ruby/vendor_ruby/phusion_passenger/locations.ini' - passenger_ruby = '/usr/bin/ruby' - passenger_module_path = 'modules/mod_passenger.so' - rackapp_user = 'apache' - rackapp_group = 'apache' - end - - pp_rackapp = <<-EOS - /* a simple ruby rack 'hello world' app */ - file { '/var/www/passenger': - ensure => directory, - owner => '#{rackapp_user}', - group => '#{rackapp_group}', - } - file { '/var/www/passenger/config.ru': - ensure => file, - owner => '#{rackapp_user}', - group => '#{rackapp_group}', - content => "app = proc { |env| [200, { \\"Content-Type\\" => \\"text/html\\" }, [\\"hello world\\"]] }\\nrun app", - } - apache::vhost { 'passenger.example.com': - port => '80', - docroot => '/var/www/passenger/public', - docroot_group => '#{rackapp_group}', - docroot_owner => '#{rackapp_user}', - require => File['/var/www/passenger/config.ru'], - } - host { 'passenger.example.com': ip => '127.0.0.1', } - EOS - - case fact('osfamily') - when 'Debian' - context "default passenger config" do - it 'succeeds in puppeting passenger' do - pp = <<-EOS - /* stock apache and mod_passenger */ - class { 'apache': } - class { 'apache::mod::passenger': } - #{pp_rackapp} - EOS - apply_manifest(pp, :catch_failures => true) - end - - describe service($service_name) do - if (fact('operatingsystem') == 'Debian' && fact('operatingsystemmajrelease') == '8') - pending 'Should be enabled - Bug 760616 on Debian 8' - else - it { should be_enabled } - end - it { is_expected.to be_running } - end - - describe file(conf_file) do - it { is_expected.to contain "PassengerRoot \"#{passenger_root}\"" } - - case fact('operatingsystem') - when 'Ubuntu' - case fact('lsbdistrelease') - when '10.04' - it { is_expected.to contain "PassengerRuby \"#{passenger_ruby}\"" } - it { is_expected.not_to contain "/PassengerDefaultRuby/" } - when '12.04' - it { is_expected.to contain "PassengerRuby \"#{passenger_ruby}\"" } - it { is_expected.not_to contain "/PassengerDefaultRuby/" } - when '14.04' - it { is_expected.to contain "PassengerDefaultRuby \"#{passenger_ruby}\"" } - it { is_expected.not_to contain "/PassengerRuby/" } - else - # This may or may not work on Ubuntu releases other than the above - it { is_expected.to contain "PassengerRuby \"#{passenger_ruby}\"" } - it { is_expected.not_to contain "/PassengerDefaultRuby/" } - end - when 'Debian' - case fact('lsbdistcodename') - when 'wheezy' - it { is_expected.to contain "PassengerRuby \"#{passenger_ruby}\"" } - it { is_expected.not_to contain "/PassengerDefaultRuby/" } - when 'jessie' - it { is_expected.to contain "PassengerDefaultRuby \"#{passenger_ruby}\"" } - it { is_expected.not_to contain "/PassengerRuby/" } - else - # This may or may not work on Debian releases other than the above - it { is_expected.to contain "PassengerRuby \"#{passenger_ruby}\"" } - it { is_expected.not_to contain "/PassengerDefaultRuby/" } - end - end - end - - describe file(load_file) do - it { is_expected.to contain "LoadModule passenger_module #{passenger_module_path}" } - end - - it 'should output status via passenger-memory-stats' do - shell("PATH=/usr/bin:$PATH /usr/sbin/passenger-memory-stats") do |r| - expect(r.stdout).to match(/Apache processes/) - expect(r.stdout).to match(/Nginx processes/) - expect(r.stdout).to match(/Passenger processes/) - - # passenger-memory-stats output on newer Debian/Ubuntu verions do not contain - # these two lines - unless ((fact('operatingsystem') == 'Ubuntu' && fact('operatingsystemrelease') == '14.04') or - (fact('operatingsystem') == 'Debian' && fact('operatingsystemmajrelease') == '8')) - expect(r.stdout).to match(/### Processes: [0-9]+/) - expect(r.stdout).to match(/### Total private dirty RSS: [0-9\.]+ MB/) - end - - expect(r.exit_code).to eq(0) - end - end - - # passenger-status fails under stock ubuntu-server-12042-x64 + mod_passenger, - # even when the passenger process is successfully installed and running - unless fact('operatingsystem') == 'Ubuntu' && fact('operatingsystemrelease') == '12.04' - it 'should output status via passenger-status' do - # xml output not available on ubunutu <= 10.04, so sticking with default pool output - shell("PATH=/usr/bin:$PATH /usr/sbin/passenger-status") do |r| - # spacing may vary - expect(r.stdout).to match(/[\-]+ General information [\-]+/) - if fact('operatingsystem') == 'Ubuntu' && fact('operatingsystemrelease') == '14.04' or - fact('operatingsystem') == 'Debian' && fact('operatingsystemmajrelease') == '8' - expect(r.stdout).to match(/Max pool size[ ]+: [0-9]+/) - expect(r.stdout).to match(/Processes[ ]+: [0-9]+/) - expect(r.stdout).to match(/Requests in top-level queue[ ]+: [0-9]+/) - else - expect(r.stdout).to match(/max[ ]+= [0-9]+/) - expect(r.stdout).to match(/count[ ]+= [0-9]+/) - expect(r.stdout).to match(/active[ ]+= [0-9]+/) - expect(r.stdout).to match(/inactive[ ]+= [0-9]+/) - expect(r.stdout).to match(/Waiting on global queue: [0-9]+/) - end - - expect(r.exit_code).to eq(0) - end - end - end - - it 'should answer to passenger.example.com' do - shell("/usr/bin/curl passenger.example.com:80") do |r| - expect(r.stdout).to match(/^hello world<\/b>$/) - expect(r.exit_code).to eq(0) - end - end - - end - end -end diff --git a/apache/spec/acceptance/mod_php_spec.rb b/apache/spec/acceptance/mod_php_spec.rb deleted file mode 100644 index f9919646f..000000000 --- a/apache/spec/acceptance/mod_php_spec.rb +++ /dev/null @@ -1,133 +0,0 @@ -require 'spec_helper_acceptance' -require_relative './version.rb' - -describe 'apache::mod::php class' do - context "default php config" do - it 'succeeds in puppeting php' do - pp= <<-EOS - class { 'apache': - mpm_module => 'prefork', - } - class { 'apache::mod::php': } - apache::vhost { 'php.example.com': - port => '80', - docroot => '/var/www/php', - } - host { 'php.example.com': ip => '127.0.0.1', } - file { '/var/www/php/index.php': - ensure => file, - content => "\\n", - } - EOS - apply_manifest(pp, :catch_failures => true) - end - - describe service($service_name) do - if (fact('operatingsystem') == 'Debian' && fact('operatingsystemmajrelease') == '8') - pending 'Should be enabled - Bug 760616 on Debian 8' - else - it { should be_enabled } - end - it { is_expected.to be_running } - end - - describe file("#{$mod_dir}/php5.conf") do - it { is_expected.to contain "DirectoryIndex index.php" } - end - - it 'should answer to php.example.com' do - shell("/usr/bin/curl php.example.com:80") do |r| - expect(r.stdout).to match(/PHP Version/) - expect(r.exit_code).to eq(0) - end - end - end - - context "custom extensions, php_flag, php_value, php_admin_flag, and php_admin_value" do - it 'succeeds in puppeting php' do - pp= <<-EOS - class { 'apache': - mpm_module => 'prefork', - } - class { 'apache::mod::php': - extensions => ['.php','.php5'], - } - apache::vhost { 'php.example.com': - port => '80', - docroot => '/var/www/php', - php_values => { 'include_path' => '.:/usr/share/pear:/usr/bin/php', }, - php_flags => { 'display_errors' => 'on', }, - php_admin_values => { 'open_basedir' => '/var/www/php/:/usr/share/pear/', }, - php_admin_flags => { 'engine' => 'on', }, - } - host { 'php.example.com': ip => '127.0.0.1', } - file { '/var/www/php/index.php5': - ensure => file, - content => "\\n", - } - EOS - apply_manifest(pp, :catch_failures => true) - end - - describe service($service_name) do - if (fact('operatingsystem') == 'Debian' && fact('operatingsystemmajrelease') == '8') - pending 'Should be enabled - Bug 760616 on Debian 8' - else - it { should be_enabled } - end - it { is_expected.to be_running } - end - - describe file("#{$vhost_dir}/25-php.example.com.conf") do - it { is_expected.to contain " php_flag display_errors on" } - it { is_expected.to contain " php_value include_path \".:/usr/share/pear:/usr/bin/php\"" } - it { is_expected.to contain " php_admin_flag engine on" } - it { is_expected.to contain " php_admin_value open_basedir /var/www/php/:/usr/share/pear/" } - end - - it 'should answer to php.example.com' do - shell("/usr/bin/curl php.example.com:80") do |r| - expect(r.stdout).to match(/\/usr\/share\/pear\//) - expect(r.exit_code).to eq(0) - end - end - end - - context "provide custom config file" do - it 'succeeds in puppeting php' do - pp= <<-EOS - class {'apache': - mpm_module => 'prefork', - } - class {'apache::mod::php': - content => '# somecontent', - } - EOS - apply_manifest(pp, :catch_failures => true) - end - - describe file("#{$mod_dir}/php5.conf") do - it { should contain "# somecontent" } - end - end - - context "provide content and template config file" do - it 'succeeds in puppeting php' do - pp= <<-EOS - class {'apache': - mpm_module => 'prefork', - } - class {'apache::mod::php': - content => '# somecontent', - template => 'apache/mod/php5.conf.erb', - } - EOS - apply_manifest(pp, :catch_failures => true) - end - - describe file("#{$mod_dir}/php5.conf") do - it { should contain "# somecontent" } - end - end - -end diff --git a/apache/spec/acceptance/mod_proxy_html_spec.rb b/apache/spec/acceptance/mod_proxy_html_spec.rb deleted file mode 100644 index f87d82583..000000000 --- a/apache/spec/acceptance/mod_proxy_html_spec.rb +++ /dev/null @@ -1,35 +0,0 @@ -require 'spec_helper_acceptance' -require_relative './version.rb' - -describe 'apache::mod::proxy_html class' do - context "default proxy_html config" do - if fact('osfamily') == 'RedHat' and fact('operatingsystemmajrelease') =~ /(5|6)/ - it 'adds epel' do - pp = "class { 'epel': }" - apply_manifest(pp, :catch_failures => true) - end - end - - it 'succeeds in puppeting proxy_html' do - pp= <<-EOS - class { 'apache': } - class { 'apache::mod::proxy': } - class { 'apache::mod::proxy_http': } - # mod_proxy_html doesn't exist in RHEL5 - if $::osfamily == 'RedHat' and $::operatingsystemmajrelease != '5' { - class { 'apache::mod::proxy_html': } - } - EOS - apply_manifest(pp, :catch_failures => true) - end - - describe service($service_name) do - if (fact('operatingsystem') == 'Debian' && fact('operatingsystemmajrelease') == '8') - pending 'Should be enabled - Bug 760616 on Debian 8' - else - it { should be_enabled } - end - it { is_expected.to be_running } - end - end -end diff --git a/apache/spec/acceptance/mod_security_spec.rb b/apache/spec/acceptance/mod_security_spec.rb deleted file mode 100644 index d6f2987df..000000000 --- a/apache/spec/acceptance/mod_security_spec.rb +++ /dev/null @@ -1,253 +0,0 @@ -require 'spec_helper_acceptance' -require_relative './version.rb' - -describe 'apache::mod::security class', :unless => (fact('osfamily') == 'Debian' and (fact('lsbdistcodename') == 'squeeze' or fact('lsbdistcodename') == 'lucid' or fact('lsbdistcodename') == 'precise' or fact('lsbdistcodename') == 'wheezy')) do - context "default mod_security config" do - if fact('osfamily') == 'RedHat' and fact('operatingsystemmajrelease') =~ /(5|6)/ - it 'adds epel' do - pp = "class { 'epel': }" - apply_manifest(pp, :catch_failures => true) - end - elsif fact('osfamily') == 'RedHat' and fact('operatingsystemmajrelease') == '7' - it 'changes obsoletes, per PUP-4497' do - pp = <<-EOS - ini_setting { 'obsoletes': - path => '/etc/yum.conf', - section => 'main', - setting => 'obsoletes', - value => '0', - } - EOS - apply_manifest(pp, :catch_failures => true) - end - end - - it 'succeeds in puppeting mod_security' do - pp= <<-EOS - host { 'modsec.example.com': ip => '127.0.0.1', } - class { 'apache': } - class { 'apache::mod::security': } - apache::vhost { 'modsec.example.com': - port => '80', - docroot => '/var/www/html', - } - file { '/var/www/html/index.html': - ensure => file, - content => 'Index page', - } - EOS - apply_manifest(pp, :catch_failures => true) - - #Need to add a short sleep here because on RHEL6 the service takes a bit longer to init - if fact('osfamily') == 'RedHat' and fact('operatingsystemmajrelease') =~ /(5|6)/ - sleep 5 - end - end - - describe service($service_name) do - if (fact('operatingsystem') == 'Debian' && fact('operatingsystemmajrelease') == '8') - pending 'Should be enabled - Bug 760616 on Debian 8' - else - it { should be_enabled } - end - it { is_expected.to be_running } - end - - describe package($package_name) do - it { is_expected.to be_installed } - end - - describe file("#{$mod_dir}/security.conf") do - it { is_expected.to contain "mod_security2.c" } - end - - describe 'should be listening on port 80' do - it 'should return index page' do - shell('/usr/bin/curl -A beaker modsec.example.com:80') do |r| - expect(r.stdout).to match(/Index page/) - expect(r.exit_code).to eq(0) - end - end - - it 'should block query with SQL' do - shell '/usr/bin/curl -A beaker -f modsec.example.com:80?SELECT%20*FROM%20mysql.users', :acceptable_exit_codes => [22] - end - end - - end #default mod_security config - - context "mod_security should allow disabling by vhost" do - it 'succeeds in puppeting mod_security' do - pp= <<-EOS - host { 'modsec.example.com': ip => '127.0.0.1', } - class { 'apache': } - class { 'apache::mod::security': } - apache::vhost { 'modsec.example.com': - port => '80', - docroot => '/var/www/html', - } - file { '/var/www/html/index.html': - ensure => file, - content => 'Index page', - } - EOS - apply_manifest(pp, :catch_failures => true) - end - - describe service($service_name) do - if (fact('operatingsystem') == 'Debian' && fact('operatingsystemmajrelease') == '8') - pending 'Should be enabled - Bug 760616 on Debian 8' - else - it { should be_enabled } - end - it { is_expected.to be_running } - end - - describe file("#{$mod_dir}/security.conf") do - it { is_expected.to contain "mod_security2.c" } - end - - it 'should block query with SQL' do - shell '/usr/bin/curl -A beaker -f modsec.example.com:80?SELECT%20*FROM%20mysql.users', :acceptable_exit_codes => [22] - end - - it 'should disable mod_security per vhost' do - pp= <<-EOS - class { 'apache': } - class { 'apache::mod::security': } - apache::vhost { 'modsec.example.com': - port => '80', - docroot => '/var/www/html', - modsec_disable_vhost => true, - } - EOS - apply_manifest(pp, :catch_failures => true) - end - - it 'should return index page' do - shell('/usr/bin/curl -A beaker -f modsec.example.com:80?SELECT%20*FROM%20mysql.users') do |r| - expect(r.stdout).to match(/Index page/) - expect(r.exit_code).to eq(0) - end - end - end #mod_security should allow disabling by vhost - - context "mod_security should allow disabling by ip" do - it 'succeeds in puppeting mod_security' do - pp= <<-EOS - host { 'modsec.example.com': ip => '127.0.0.1', } - class { 'apache': } - class { 'apache::mod::security': } - apache::vhost { 'modsec.example.com': - port => '80', - docroot => '/var/www/html', - } - file { '/var/www/html/index.html': - ensure => file, - content => 'Index page', - } - EOS - apply_manifest(pp, :catch_failures => true) - end - - describe service($service_name) do - if (fact('operatingsystem') == 'Debian' && fact('operatingsystemmajrelease') == '8') - pending 'Should be enabled - Bug 760616 on Debian 8' - else - it { should be_enabled } - end - it { is_expected.to be_running } - end - - describe file("#{$mod_dir}/security.conf") do - it { is_expected.to contain "mod_security2.c" } - end - - it 'should block query with SQL' do - shell '/usr/bin/curl -A beaker -f modsec.example.com:80?SELECT%20*FROM%20mysql.users', :acceptable_exit_codes => [22] - end - - it 'should disable mod_security per vhost' do - pp= <<-EOS - class { 'apache': } - class { 'apache::mod::security': } - apache::vhost { 'modsec.example.com': - port => '80', - docroot => '/var/www/html', - modsec_disable_ips => [ '127.0.0.1' ], - } - EOS - apply_manifest(pp, :catch_failures => true) - end - - it 'should return index page' do - shell('/usr/bin/curl -A beaker modsec.example.com:80') do |r| - expect(r.stdout).to match(/Index page/) - expect(r.exit_code).to eq(0) - end - end - end #mod_security should allow disabling by ip - - context "mod_security should allow disabling by id" do - it 'succeeds in puppeting mod_security' do - pp= <<-EOS - host { 'modsec.example.com': ip => '127.0.0.1', } - class { 'apache': } - class { 'apache::mod::security': } - apache::vhost { 'modsec.example.com': - port => '80', - docroot => '/var/www/html', - } - file { '/var/www/html/index.html': - ensure => file, - content => 'Index page', - } - file { '/var/www/html/index2.html': - ensure => file, - content => 'Page 2', - } - EOS - apply_manifest(pp, :catch_failures => true) - end - - describe service($service_name) do - if (fact('operatingsystem') == 'Debian' && fact('operatingsystemmajrelease') == '8') - pending 'Should be enabled - Bug 760616 on Debian 8' - else - it { should be_enabled } - end - it { is_expected.to be_running } - end - - describe file("#{$mod_dir}/security.conf") do - it { is_expected.to contain "mod_security2.c" } - end - - it 'should block query with SQL' do - shell '/usr/bin/curl -A beaker -f modsec.example.com:80?SELECT%20*FROM%20mysql.users', :acceptable_exit_codes => [22] - end - - it 'should disable mod_security per vhost' do - pp= <<-EOS - class { 'apache': } - class { 'apache::mod::security': } - apache::vhost { 'modsec.example.com': - port => '80', - docroot => '/var/www/html', - modsec_disable_ids => [ '950007' ], - } - EOS - apply_manifest(pp, :catch_failures => true) - end - - it 'should return index page' do - shell('/usr/bin/curl -A beaker -f modsec.example.com:80?SELECT%20*FROM%20mysql.users') do |r| - expect(r.stdout).to match(/Index page/) - expect(r.exit_code).to eq(0) - end - end - - end #mod_security should allow disabling by id - - -end #apache::mod::security class diff --git a/apache/spec/acceptance/mod_suphp_spec.rb b/apache/spec/acceptance/mod_suphp_spec.rb deleted file mode 100644 index fb23b504d..000000000 --- a/apache/spec/acceptance/mod_suphp_spec.rb +++ /dev/null @@ -1,57 +0,0 @@ -require 'spec_helper_acceptance' - -describe 'apache::mod::suphp class', :if => fact('operatingsystem') == 'Ubuntu' do - context "default suphp config" do - it 'succeeds in puppeting suphp' do - pp = <<-EOS -class { 'apache': - mpm_module => 'prefork', -} -host { 'suphp.example.com': ip => '127.0.0.1', } -apache::vhost { 'suphp.example.com': - port => '80', - docroot => '/var/www/suphp', -} -file { '/var/www/suphp/index.php': - ensure => file, - owner => 'daemon', - group => 'daemon', - content => "\\n", - require => File['/var/www/suphp'], - before => Class['apache::mod::php'], -} -class { 'apache::mod::php': } -class { 'apache::mod::suphp': } - EOS - apply_manifest(pp, :catch_failures => true) - end - - describe service('apache2') do - if (fact('operatingsystem') == 'Debian' && fact('operatingsystemmajrelease') == '8') - pending 'Should be enabled - Bug 760616 on Debian 8' - else - it { should be_enabled } - end - it { is_expected.to be_running } - end - - it 'should answer to suphp.example.com' do - timeout = 0 - loop do - r = shell('curl suphp.example.com:80') - timeout += 1 - break if r.stdout =~ /^daemon$/ - if timeout > 40 - expect(timeout < 40).to be true - break - end - sleep(1) - end - shell("/usr/bin/curl suphp.example.com:80") do |r| - expect(r.stdout).to match(/^daemon$/) - expect(r.exit_code).to eq(0) - end - end - - end -end diff --git a/apache/spec/acceptance/nodesets/centos-59-x64.yml b/apache/spec/acceptance/nodesets/centos-59-x64.yml deleted file mode 100644 index 2ad90b86a..000000000 --- a/apache/spec/acceptance/nodesets/centos-59-x64.yml +++ /dev/null @@ -1,10 +0,0 @@ -HOSTS: - centos-59-x64: - roles: - - master - platform: el-5-x86_64 - box : centos-59-x64-vbox4210-nocm - box_url : http://puppet-vagrant-boxes.puppetlabs.com/centos-59-x64-vbox4210-nocm.box - hypervisor : vagrant -CONFIG: - type: git diff --git a/apache/spec/acceptance/nodesets/centos-64-x64-pe.yml b/apache/spec/acceptance/nodesets/centos-64-x64-pe.yml deleted file mode 100644 index 7d9242f1b..000000000 --- a/apache/spec/acceptance/nodesets/centos-64-x64-pe.yml +++ /dev/null @@ -1,12 +0,0 @@ -HOSTS: - centos-64-x64: - roles: - - master - - database - - dashboard - platform: el-6-x86_64 - box : centos-64-x64-vbox4210-nocm - box_url : http://puppet-vagrant-boxes.puppetlabs.com/centos-64-x64-vbox4210-nocm.box - hypervisor : vagrant -CONFIG: - type: pe diff --git a/apache/spec/acceptance/nodesets/centos-65-x64.yml b/apache/spec/acceptance/nodesets/centos-65-x64.yml deleted file mode 100644 index 4e2cb809e..000000000 --- a/apache/spec/acceptance/nodesets/centos-65-x64.yml +++ /dev/null @@ -1,10 +0,0 @@ -HOSTS: - centos-65-x64: - roles: - - master - platform: el-6-x86_64 - box : centos-65-x64-vbox436-nocm - box_url : http://puppet-vagrant-boxes.puppetlabs.com/centos-65-x64-virtualbox-nocm.box - hypervisor : vagrant -CONFIG: - type: foss diff --git a/apache/spec/acceptance/nodesets/centos-70-x64.yml b/apache/spec/acceptance/nodesets/centos-70-x64.yml deleted file mode 100644 index 2ab005204..000000000 --- a/apache/spec/acceptance/nodesets/centos-70-x64.yml +++ /dev/null @@ -1,11 +0,0 @@ -HOSTS: - centos-70-x64: - roles: - - master - platform: el-7-x86_64 - box : puppetlabs/centos-7.0-64-nocm - box_url : https://vagrantcloud.com/puppetlabs/boxes/centos-7.0-64-nocm - hypervisor : vagrant -CONFIG: - log_level: verbose - type: foss diff --git a/apache/spec/acceptance/nodesets/debian-607-x64.yml b/apache/spec/acceptance/nodesets/debian-607-x64.yml deleted file mode 100644 index e642e0992..000000000 --- a/apache/spec/acceptance/nodesets/debian-607-x64.yml +++ /dev/null @@ -1,11 +0,0 @@ -HOSTS: - debian-607-x64: - roles: - - master - platform: debian-6-amd64 - box : debian-607-x64-vbox4210-nocm - box_url : http://puppet-vagrant-boxes.puppetlabs.com/debian-607-x64-vbox4210-nocm.box - hypervisor : vagrant -CONFIG: - log_level: debug - type: git diff --git a/apache/spec/acceptance/nodesets/debian-70rc1-x64.yml b/apache/spec/acceptance/nodesets/debian-70rc1-x64.yml deleted file mode 100644 index cbbbfb2cc..000000000 --- a/apache/spec/acceptance/nodesets/debian-70rc1-x64.yml +++ /dev/null @@ -1,11 +0,0 @@ -HOSTS: - debian-70rc1-x64: - roles: - - master - platform: debian-7-amd64 - box : debian-70rc1-x64-vbox4210-nocm - box_url : http://puppet-vagrant-boxes.puppetlabs.com/debian-70rc1-x64-vbox4210-nocm.box - hypervisor : vagrant -CONFIG: - log_level: debug - type: git diff --git a/apache/spec/acceptance/nodesets/debian-73-i386.yml b/apache/spec/acceptance/nodesets/debian-73-i386.yml deleted file mode 100644 index a38902d89..000000000 --- a/apache/spec/acceptance/nodesets/debian-73-i386.yml +++ /dev/null @@ -1,11 +0,0 @@ -HOSTS: - debian-73-i386: - roles: - - master - platform: debian-7-i386 - box : debian-73-i386-virtualbox-nocm - box_url : http://puppet-vagrant-boxes.puppetlabs.com/debian-73-i386-virtualbox-nocm.box - hypervisor : vagrant -CONFIG: - log_level: debug - type: git diff --git a/apache/spec/acceptance/nodesets/debian-73-x64.yml b/apache/spec/acceptance/nodesets/debian-73-x64.yml deleted file mode 100644 index f9cf0c9b8..000000000 --- a/apache/spec/acceptance/nodesets/debian-73-x64.yml +++ /dev/null @@ -1,11 +0,0 @@ -HOSTS: - debian-73-x64: - roles: - - master - platform: debian-7-amd64 - box : debian-73-x64-virtualbox-nocm - box_url : http://puppet-vagrant-boxes.puppetlabs.com/debian-73-x64-virtualbox-nocm.box - hypervisor : vagrant -CONFIG: - log_level: debug - type: git diff --git a/apache/spec/acceptance/nodesets/debian-82-x64.yml b/apache/spec/acceptance/nodesets/debian-82-x64.yml deleted file mode 100644 index 800c49aaa..000000000 --- a/apache/spec/acceptance/nodesets/debian-82-x64.yml +++ /dev/null @@ -1,10 +0,0 @@ -HOSTS: - debian-82: - roles: - - master - platform: debian-8-amd64 - box: puppetlabs/debian-8.2-64-nocm - hypervisor: vagrant -CONFIG: - log_level: debug - type: git diff --git a/apache/spec/acceptance/nodesets/default.yml b/apache/spec/acceptance/nodesets/default.yml deleted file mode 100644 index 00e141d09..000000000 --- a/apache/spec/acceptance/nodesets/default.yml +++ /dev/null @@ -1,10 +0,0 @@ -HOSTS: - centos-66-x64: - roles: - - master - platform: el-6-x86_64 - box : puppetlabs/centos-6.6-64-nocm - hypervisor : vagrant -CONFIG: - log_level: debug - type: git diff --git a/apache/spec/acceptance/nodesets/fedora-18-x64.yml b/apache/spec/acceptance/nodesets/fedora-18-x64.yml deleted file mode 100644 index 086cae995..000000000 --- a/apache/spec/acceptance/nodesets/fedora-18-x64.yml +++ /dev/null @@ -1,11 +0,0 @@ -HOSTS: - fedora-18-x64: - roles: - - master - platform: fedora-18-x86_64 - box : fedora-18-x64-vbox4210-nocm - box_url : http://puppet-vagrant-boxes.puppetlabs.com/fedora-18-x64-vbox4210-nocm.box - hypervisor : vagrant -CONFIG: - log_level: debug - type: git diff --git a/apache/spec/acceptance/nodesets/ubuntu-server-10044-x64.yml b/apache/spec/acceptance/nodesets/ubuntu-server-10044-x64.yml deleted file mode 100644 index 5ca1514e4..000000000 --- a/apache/spec/acceptance/nodesets/ubuntu-server-10044-x64.yml +++ /dev/null @@ -1,10 +0,0 @@ -HOSTS: - ubuntu-server-10044-x64: - roles: - - master - platform: ubuntu-10.04-amd64 - box : ubuntu-server-10044-x64-vbox4210-nocm - box_url : http://puppet-vagrant-boxes.puppetlabs.com/ubuntu-server-10044-x64-vbox4210-nocm.box - hypervisor : vagrant -CONFIG: - type: foss diff --git a/apache/spec/acceptance/nodesets/ubuntu-server-12042-x64.yml b/apache/spec/acceptance/nodesets/ubuntu-server-12042-x64.yml deleted file mode 100644 index d065b304f..000000000 --- a/apache/spec/acceptance/nodesets/ubuntu-server-12042-x64.yml +++ /dev/null @@ -1,10 +0,0 @@ -HOSTS: - ubuntu-server-12042-x64: - roles: - - master - platform: ubuntu-12.04-amd64 - box : ubuntu-server-12042-x64-vbox4210-nocm - box_url : http://puppet-vagrant-boxes.puppetlabs.com/ubuntu-server-12042-x64-vbox4210-nocm.box - hypervisor : vagrant -CONFIG: - type: foss diff --git a/apache/spec/acceptance/nodesets/ubuntu-server-1310-x64.yml b/apache/spec/acceptance/nodesets/ubuntu-server-1310-x64.yml deleted file mode 100644 index f4b2366f3..000000000 --- a/apache/spec/acceptance/nodesets/ubuntu-server-1310-x64.yml +++ /dev/null @@ -1,11 +0,0 @@ -HOSTS: - ubuntu-server-1310-x64: - roles: - - master - platform: ubuntu-13.10-amd64 - box : ubuntu-server-1310-x64-vbox4210-nocm - box_url : http://puppet-vagrant-boxes.puppetlabs.com/ubuntu-1310-x64-virtualbox-nocm.box - hypervisor : vagrant -CONFIG: - log_level : debug - type: git diff --git a/apache/spec/acceptance/nodesets/ubuntu-server-1404-x64.yml b/apache/spec/acceptance/nodesets/ubuntu-server-1404-x64.yml deleted file mode 100644 index cba1cd04c..000000000 --- a/apache/spec/acceptance/nodesets/ubuntu-server-1404-x64.yml +++ /dev/null @@ -1,11 +0,0 @@ -HOSTS: - ubuntu-server-1404-x64: - roles: - - master - platform: ubuntu-14.04-amd64 - box : puppetlabs/ubuntu-14.04-64-nocm - box_url : https://vagrantcloud.com/puppetlabs/ubuntu-14.04-64-nocm - hypervisor : vagrant -CONFIG: - log_level : debug - type: git diff --git a/apache/spec/acceptance/prefork_worker_spec.rb b/apache/spec/acceptance/prefork_worker_spec.rb deleted file mode 100644 index 668716144..000000000 --- a/apache/spec/acceptance/prefork_worker_spec.rb +++ /dev/null @@ -1,80 +0,0 @@ -require 'spec_helper_acceptance' -require_relative './version.rb' - -case fact('osfamily') -when 'FreeBSD' - describe 'apache::mod::event class' do - describe 'running puppet code' do - # Using puppet_apply as a helper - it 'should work with no errors' do - pp = <<-EOS - class { 'apache': - mpm_module => 'event', - } - EOS - - # Run it twice and test for idempotency - apply_manifest(pp, :catch_failures => true) - expect(apply_manifest(pp, :catch_failures => true).exit_code).to be_zero - end - end - - describe service($service_name) do - it { is_expected.to be_running } - if (fact('operatingsystem') == 'Debian' && fact('operatingsystemmajrelease') == '8') - pending 'Should be enabled - Bug 760616 on Debian 8' - else - it { should be_enabled } - end - end - end -end - -describe 'apache::mod::worker class' do - describe 'running puppet code' do - # Using puppet_apply as a helper - let(:pp) do - <<-EOS - class { 'apache': - mpm_module => 'worker', - } - EOS - end - - # Run it twice and test for idempotency - it_behaves_like "a idempotent resource" - end - - describe service($service_name) do - it { is_expected.to be_running } - if (fact('operatingsystem') == 'Debian' && fact('operatingsystemmajrelease') == '8') - pending 'Should be enabled - Bug 760616 on Debian 8' - else - it { should be_enabled } - end - end -end - -describe 'apache::mod::prefork class' do - describe 'running puppet code' do - # Using puppet_apply as a helper - let(:pp) do - <<-EOS - class { 'apache': - mpm_module => 'prefork', - } - EOS - end - # Run it twice and test for idempotency - it_behaves_like "a idempotent resource" - end - - describe service($service_name) do - it { is_expected.to be_running } - if (fact('operatingsystem') == 'Debian' && fact('operatingsystemmajrelease') == '8') - pending 'Should be enabled - Bug 760616 on Debian 8' - else - it { should be_enabled } - end - end -end diff --git a/apache/spec/acceptance/service_spec.rb b/apache/spec/acceptance/service_spec.rb deleted file mode 100644 index c62a34973..000000000 --- a/apache/spec/acceptance/service_spec.rb +++ /dev/null @@ -1,18 +0,0 @@ -require 'spec_helper_acceptance' - -describe 'apache::service class' do - describe 'adding dependencies in between the base class and service class' do - let(:pp) do - <<-EOS - class { 'apache': } - file { '/tmp/test': - require => Class['apache'], - notify => Class['apache::service'], - } - EOS - end - - # Run it twice and test for idempotency - it_behaves_like "a idempotent resource" - end -end diff --git a/apache/spec/acceptance/version.rb b/apache/spec/acceptance/version.rb deleted file mode 100644 index 88cf509b7..000000000 --- a/apache/spec/acceptance/version.rb +++ /dev/null @@ -1,76 +0,0 @@ -_osfamily = fact('osfamily') -_operatingsystem = fact('operatingsystem') -_operatingsystemrelease = fact('operatingsystemrelease').to_f - -case _osfamily -when 'RedHat' - $confd_dir = '/etc/httpd/conf.d' - $conf_file = '/etc/httpd/conf/httpd.conf' - $ports_file = '/etc/httpd/conf/ports.conf' - $vhost_dir = '/etc/httpd/conf.d' - $vhost = '/etc/httpd/conf.d/15-default.conf' - $run_dir = '/var/run/httpd' - $service_name = 'httpd' - $package_name = 'httpd' - $error_log = 'error_log' - $suphp_handler = 'php5-script' - $suphp_configpath = 'undef' - - if (_operatingsystem == 'Fedora' and _operatingsystemrelease >= 18) or (_operatingsystem != 'Fedora' and _operatingsystemrelease >= 7) - $apache_version = '2.4' - $mod_dir = '/etc/httpd/conf.modules.d' - else - $apache_version = '2.2' - $mod_dir = '/etc/httpd/conf.d' - end -when 'Debian' - $confd_dir = '/etc/apache2/conf.d' - $mod_dir = '/etc/apache2/mods-available' - $conf_file = '/etc/apache2/apache2.conf' - $ports_file = '/etc/apache2/ports.conf' - $vhost = '/etc/apache2/sites-available/15-default.conf' - $vhost_dir = '/etc/apache2/sites-enabled' - $run_dir = '/var/run/apache2' - $service_name = 'apache2' - $package_name = 'apache2' - $error_log = 'error.log' - $suphp_handler = 'x-httpd-php' - $suphp_configpath = '/etc/php5/apache2' - - if _operatingsystem == 'Ubuntu' and _operatingsystemrelease >= 13.10 - $apache_version = '2.4' - elsif _operatingsystem == 'Debian' and _operatingsystemrelease >= 8.0 - $apache_version = '2.4' - else - $apache_version = '2.2' - end -when 'FreeBSD' - $confd_dir = '/usr/local/etc/apache24/Includes' - $mod_dir = '/usr/local/etc/apache24/Modules' - $conf_file = '/usr/local/etc/apache24/httpd.conf' - $ports_file = '/usr/local/etc/apache24/Includes/ports.conf' - $vhost = '/usr/local/etc/apache24/Vhosts/15-default.conf' - $vhost_dir = '/usr/local/etc/apache24/Vhosts' - $run_dir = '/var/run/apache24' - $service_name = 'apache24' - $package_name = 'apache24' - $error_log = 'http-error.log' - - $apache_version = '2.2' -when 'Gentoo' - $confd_dir = '/etc/apache2/conf.d' - $mod_dir = '/etc/apache2/modules.d' - $conf_file = '/etc/apache2/httpd.conf' - $ports_file = '/etc/apache2/ports.conf' - $vhost = '/etc/apache2/vhosts.d/15-default.conf' - $vhost_dir = '/etc/apache2/vhosts.d' - $run_dir = '/var/run/apache2' - $service_name = 'apache2' - $package_name = 'www-servers/apache' - $error_log = 'http-error.log' - - $apache_version = '2.4' -else - $apache_version = '0' -end - diff --git a/apache/spec/acceptance/vhost_spec.rb b/apache/spec/acceptance/vhost_spec.rb deleted file mode 100644 index 36d4f42c5..000000000 --- a/apache/spec/acceptance/vhost_spec.rb +++ /dev/null @@ -1,1547 +0,0 @@ -require 'spec_helper_acceptance' -require_relative './version.rb' - -describe 'apache::vhost define' do - context 'no default vhosts' do - it 'should create no default vhosts' do - pp = <<-EOS - class { 'apache': - default_vhost => false, - default_ssl_vhost => false, - service_ensure => stopped - } - EOS - - apply_manifest(pp, :catch_failures => true) - end - - describe file("#{$vhost_dir}/15-default.conf") do - it { is_expected.not_to be_file } - end - - describe file("#{$vhost_dir}/15-default-ssl.conf") do - it { is_expected.not_to be_file } - end - end - - context "default vhost without ssl" do - it 'should create a default vhost config' do - pp = <<-EOS - class { 'apache': } - EOS - - apply_manifest(pp, :catch_failures => true) - end - - describe file("#{$vhost_dir}/15-default.conf") do - it { is_expected.to contain '' } - end - - describe file("#{$vhost_dir}/15-default-ssl.conf") do - it { is_expected.not_to be_file } - end - end - - context 'default vhost with ssl' do - it 'should create default vhost configs' do - pp = <<-EOS - file { '#{$run_dir}': - ensure => 'directory', - recurse => true, - } - - class { 'apache': - default_ssl_vhost => true, - require => File['#{$run_dir}'], - } - EOS - apply_manifest(pp, :catch_failures => true) - end - - describe file("#{$vhost_dir}/15-default.conf") do - it { is_expected.to contain '' } - end - - describe file("#{$vhost_dir}/15-default-ssl.conf") do - it { is_expected.to contain '' } - it { is_expected.to contain "SSLEngine on" } - end - end - - context 'new vhost on port 80' do - it 'should configure an apache vhost' do - pp = <<-EOS - class { 'apache': } - file { '#{$run_dir}': - ensure => 'directory', - recurse => true, - } - - apache::vhost { 'first.example.com': - port => '80', - docroot => '/var/www/first', - require => File['#{$run_dir}'], - } - EOS - apply_manifest(pp, :catch_failures => true) - end - - describe file("#{$vhost_dir}/25-first.example.com.conf") do - it { is_expected.to contain '' } - it { is_expected.to contain "ServerName first.example.com" } - end - end - - context 'new proxy vhost on port 80' do - it 'should configure an apache proxy vhost' do - pp = <<-EOS - class { 'apache': } - apache::vhost { 'proxy.example.com': - port => '80', - docroot => '/var/www/proxy', - proxy_pass => [ - { 'path' => '/foo', 'url' => 'http://backend-foo/'}, - ], - proxy_preserve_host => true, - proxy_error_override => true, - } - EOS - apply_manifest(pp, :catch_failures => true) - end - - describe file("#{$vhost_dir}/25-proxy.example.com.conf") do - it { is_expected.to contain '' } - it { is_expected.to contain "ServerName proxy.example.com" } - it { is_expected.to contain "ProxyPass" } - it { is_expected.to contain "ProxyPreserveHost On" } - it { is_expected.to contain "ProxyErrorOverride On" } - it { is_expected.not_to contain "" } - end - end - - context 'new proxy vhost on port 80' do - it 'should configure an apache proxy vhost' do - pp = <<-EOS - class { 'apache': } - apache::vhost { 'proxy.example.com': - port => '80', - docroot => '/var/www/proxy', - proxy_pass_match => [ - { 'path' => '/foo', 'url' => 'http://backend-foo/'}, - ], - proxy_preserve_host => true, - proxy_error_override => true, - } - EOS - apply_manifest(pp, :catch_failures => true) - end - - describe file("#{$vhost_dir}/25-proxy.example.com.conf") do - it { is_expected.to contain '' } - it { is_expected.to contain "ServerName proxy.example.com" } - it { is_expected.to contain "ProxyPassMatch /foo http://backend-foo/" } - it { is_expected.to contain "ProxyPreserveHost On" } - it { is_expected.to contain "ProxyErrorOverride On" } - it { is_expected.not_to contain "" } - end - end - - context 'new vhost on port 80' do - it 'should configure two apache vhosts' do - pp = <<-EOS - class { 'apache': } - apache::vhost { 'first.example.com': - port => '80', - docroot => '/var/www/first', - } - host { 'first.example.com': ip => '127.0.0.1', } - file { '/var/www/first/index.html': - ensure => file, - content => "Hello from first\\n", - } - apache::vhost { 'second.example.com': - port => '80', - docroot => '/var/www/second', - } - host { 'second.example.com': ip => '127.0.0.1', } - file { '/var/www/second/index.html': - ensure => file, - content => "Hello from second\\n", - } - EOS - apply_manifest(pp, :catch_failures => true) - end - - describe service($service_name) do - if (fact('operatingsystem') == 'Debian' && fact('operatingsystemmajrelease') == '8') - pending 'Should be enabled - Bug 760616 on Debian 8' - else - it { should be_enabled } - end - it { is_expected.to be_running } - end - - it 'should answer to first.example.com' do - shell("/usr/bin/curl first.example.com:80", {:acceptable_exit_codes => 0}) do |r| - expect(r.stdout).to eq("Hello from first\n") - end - end - - it 'should answer to second.example.com' do - shell("/usr/bin/curl second.example.com:80", {:acceptable_exit_codes => 0}) do |r| - expect(r.stdout).to eq("Hello from second\n") - end - end - end - - context 'new vhost with multiple IP addresses on port 80' do - it 'should configure one apache vhost with 2 ip addresses' do - pp = <<-EOS - class { 'apache': - default_vhost => false, - } - apache::vhost { 'example.com': - port => '80', - ip => ['127.0.0.1','127.0.0.2'], - ip_based => true, - docroot => '/var/www/html', - } - host { 'host1.example.com': ip => '127.0.0.1', } - host { 'host2.example.com': ip => '127.0.0.2', } - file { '/var/www/html/index.html': - ensure => file, - content => "Hello from vhost\\n", - } - EOS - apply_manifest(pp, :catch_failures => true) - end - - describe service($service_name) do - if (fact('operatingsystem') == 'Debian' && fact('operatingsystemmajrelease') == '8') - pending 'Should be enabled - Bug 760616 on Debian 8' - else - it { should be_enabled } - end - it { is_expected.to be_running } - end - - describe file("#{$vhost_dir}/25-example.com.conf") do - it { is_expected.to contain '' } - it { is_expected.to contain "ServerName example.com" } - end - - describe file($ports_file) do - it { is_expected.to be_file } - it { is_expected.to contain 'Listen 127.0.0.1:80' } - it { is_expected.to contain 'Listen 127.0.0.2:80' } - it { is_expected.not_to contain 'NameVirtualHost 127.0.0.1:80' } - it { is_expected.not_to contain 'NameVirtualHost 127.0.0.2:80' } - end - - it 'should answer to host1.example.com' do - shell("/usr/bin/curl host1.example.com:80", {:acceptable_exit_codes => 0}) do |r| - expect(r.stdout).to eq("Hello from vhost\n") - end - end - - it 'should answer to host2.example.com' do - shell("/usr/bin/curl host2.example.com:80", {:acceptable_exit_codes => 0}) do |r| - expect(r.stdout).to eq("Hello from vhost\n") - end - end - end - - context 'new vhost with IPv6 address on port 80', :ipv6 do - it 'should configure one apache vhost with an ipv6 address' do - pp = <<-EOS - class { 'apache': - default_vhost => false, - } - apache::vhost { 'example.com': - port => '80', - ip => '::1', - ip_based => true, - docroot => '/var/www/html', - } - host { 'ipv6.example.com': ip => '::1', } - file { '/var/www/html/index.html': - ensure => file, - content => "Hello from vhost\\n", - } - EOS - apply_manifest(pp, :catch_failures => true) - end - - describe service($service_name) do - if (fact('operatingsystem') == 'Debian' && fact('operatingsystemmajrelease') == '8') - pending 'Should be enabled - Bug 760616 on Debian 8' - else - it { should be_enabled } - end - it { is_expected.to be_running } - end - - describe file("#{$vhost_dir}/25-example.com.conf") do - it { is_expected.to contain '' } - it { is_expected.to contain "ServerName example.com" } - end - - describe file($ports_file) do - it { is_expected.to be_file } - it { is_expected.to contain 'Listen [::1]:80' } - it { is_expected.not_to contain 'NameVirtualHost [::1]:80' } - end - - it 'should answer to ipv6.example.com' do - shell("/usr/bin/curl ipv6.example.com:80", {:acceptable_exit_codes => 0}) do |r| - expect(r.stdout).to eq("Hello from vhost\n") - end - end - end - - context 'apache_directories' do - describe 'readme example, adapted' do - it 'should configure a vhost with Files' do - pp = <<-EOS - class { 'apache': } - - if versioncmp($apache::apache_version, '2.4') >= 0 { - $_files_match_directory = { 'path' => '(\.swp|\.bak|~)$', 'provider' => 'filesmatch', 'require' => 'all denied', } - } else { - $_files_match_directory = { 'path' => '(\.swp|\.bak|~)$', 'provider' => 'filesmatch', 'deny' => 'from all', } - } - - $_directories = [ - { 'path' => '/var/www/files', }, - $_files_match_directory, - ] - - apache::vhost { 'files.example.net': - docroot => '/var/www/files', - directories => $_directories, - } - file { '/var/www/files/index.html': - ensure => file, - content => "Hello World\\n", - } - file { '/var/www/files/index.html.bak': - ensure => file, - content => "Hello World\\n", - } - host { 'files.example.net': ip => '127.0.0.1', } - EOS - apply_manifest(pp, :catch_failures => true) - end - - describe service($service_name) do - if (fact('operatingsystem') == 'Debian' && fact('operatingsystemmajrelease') == '8') - pending 'Should be enabled - Bug 760616 on Debian 8' - else - it { should be_enabled } - end - it { is_expected.to be_running } - end - - it 'should answer to files.example.net' do - expect(shell("/usr/bin/curl -sSf files.example.net:80/index.html").stdout).to eq("Hello World\n") - expect(shell("/usr/bin/curl -sSf files.example.net:80/index.html.bak", {:acceptable_exit_codes => 22}).stderr).to match(/curl: \(22\) The requested URL returned error: 403/) - end - end - - describe 'other Directory options' do - it 'should configure a vhost with multiple Directory sections' do - pp = <<-EOS - class { 'apache': } - - if versioncmp($apache::apache_version, '2.4') >= 0 { - $_files_match_directory = { 'path' => 'private.html$', 'provider' => 'filesmatch', 'require' => 'all denied' } - } else { - $_files_match_directory = [ - { 'path' => 'private.html$', 'provider' => 'filesmatch', 'deny' => 'from all' }, - { 'path' => '/bar/bar.html', 'provider' => 'location', allow => [ 'from 127.0.0.1', ] }, - ] - } - - $_directories = [ - { 'path' => '/var/www/files', }, - { 'path' => '/foo/', 'provider' => 'location', 'directoryindex' => 'notindex.html', }, - $_files_match_directory, - ] - - apache::vhost { 'files.example.net': - docroot => '/var/www/files', - directories => $_directories, - } - file { '/var/www/files/foo': - ensure => directory, - } - file { '/var/www/files/foo/notindex.html': - ensure => file, - content => "Hello Foo\\n", - } - file { '/var/www/files/private.html': - ensure => file, - content => "Hello World\\n", - } - file { '/var/www/files/bar': - ensure => directory, - } - file { '/var/www/files/bar/bar.html': - ensure => file, - content => "Hello Bar\\n", - } - host { 'files.example.net': ip => '127.0.0.1', } - EOS - apply_manifest(pp, :catch_failures => true) - end - - describe service($service_name) do - if (fact('operatingsystem') == 'Debian' && fact('operatingsystemmajrelease') == '8') - pending 'Should be enabled - Bug 760616 on Debian 8' - else - it { should be_enabled } - end - it { is_expected.to be_running } - end - - it 'should answer to files.example.net' do - expect(shell("/usr/bin/curl -sSf files.example.net:80/").stdout).to eq("Hello World\n") - expect(shell("/usr/bin/curl -sSf files.example.net:80/foo/").stdout).to eq("Hello Foo\n") - expect(shell("/usr/bin/curl -sSf files.example.net:80/private.html", {:acceptable_exit_codes => 22}).stderr).to match(/curl: \(22\) The requested URL returned error: 403/) - expect(shell("/usr/bin/curl -sSf files.example.net:80/bar/bar.html").stdout).to eq("Hello Bar\n") - end - end - - describe 'SetHandler directive' do - it 'should configure a vhost with a SetHandler directive' do - pp = <<-EOS - class { 'apache': } - apache::mod { 'status': } - host { 'files.example.net': ip => '127.0.0.1', } - apache::vhost { 'files.example.net': - docroot => '/var/www/files', - directories => [ - { path => '/var/www/files', }, - { path => '/server-status', provider => 'location', sethandler => 'server-status', }, - ], - } - file { '/var/www/files/index.html': - ensure => file, - content => "Hello World\\n", - } - EOS - apply_manifest(pp, :catch_failures => true) - end - - describe service($service_name) do - if (fact('operatingsystem') == 'Debian' && fact('operatingsystemmajrelease') == '8') - pending 'Should be enabled - Bug 760616 on Debian 8' - else - it { should be_enabled } - end - it { is_expected.to be_running } - end - - it 'should answer to files.example.net' do - expect(shell("/usr/bin/curl -sSf files.example.net:80/index.html").stdout).to eq("Hello World\n") - expect(shell("/usr/bin/curl -sSf files.example.net:80/server-status?auto").stdout).to match(/Scoreboard: /) - end - end - - describe 'Satisfy and Auth directive', :unless => $apache_version == '2.4' do - it 'should configure a vhost with Satisfy and Auth directive' do - pp = <<-EOS - class { 'apache': } - host { 'files.example.net': ip => '127.0.0.1', } - apache::vhost { 'files.example.net': - docroot => '/var/www/files', - directories => [ - { - path => '/var/www/files/foo', - auth_type => 'Basic', - auth_name => 'Basic Auth', - auth_user_file => '/var/www/htpasswd', - auth_require => "valid-user", - }, - { - path => '/var/www/files/bar', - auth_type => 'Basic', - auth_name => 'Basic Auth', - auth_user_file => '/var/www/htpasswd', - auth_require => 'valid-user', - satisfy => 'Any', - }, - { - path => '/var/www/files/baz', - allow => 'from 10.10.10.10', - auth_type => 'Basic', - auth_name => 'Basic Auth', - auth_user_file => '/var/www/htpasswd', - auth_require => 'valid-user', - satisfy => 'Any', - }, - ], - } - file { '/var/www/files/foo': - ensure => directory, - } - file { '/var/www/files/bar': - ensure => directory, - } - file { '/var/www/files/baz': - ensure => directory, - } - file { '/var/www/files/foo/index.html': - ensure => file, - content => "Hello World\\n", - } - file { '/var/www/files/bar/index.html': - ensure => file, - content => "Hello World\\n", - } - file { '/var/www/files/baz/index.html': - ensure => file, - content => "Hello World\\n", - } - file { '/var/www/htpasswd': - ensure => file, - content => "login:IZ7jMcLSx0oQk", # "password" as password - } - EOS - apply_manifest(pp, :catch_failures => true) - end - - describe service($service_name) do - if (fact('operatingsystem') == 'Debian' && fact('operatingsystemmajrelease') == '8') - pending 'Should be enabled - Bug 760616 on Debian 8' - else - it { should be_enabled } - end - it { should be_running } - end - - it 'should answer to files.example.net' do - shell("/usr/bin/curl -sSf files.example.net:80/foo/index.html", {:acceptable_exit_codes => 22}).stderr.should match(/curl: \(22\) The requested URL returned error: 401/) - shell("/usr/bin/curl -sSf -u login:password files.example.net:80/foo/index.html").stdout.should eq("Hello World\n") - shell("/usr/bin/curl -sSf files.example.net:80/bar/index.html").stdout.should eq("Hello World\n") - shell("/usr/bin/curl -sSf -u login:password files.example.net:80/bar/index.html").stdout.should eq("Hello World\n") - shell("/usr/bin/curl -sSf files.example.net:80/baz/index.html", {:acceptable_exit_codes => 22}).stderr.should match(/curl: \(22\) The requested URL returned error: 401/) - shell("/usr/bin/curl -sSf -u login:password files.example.net:80/baz/index.html").stdout.should eq("Hello World\n") - end - end - end - - case fact('lsbdistcodename') - when 'precise', 'wheezy' - context 'vhost FallbackResource example' do - it 'should configure a vhost with FallbackResource' do - pp = <<-EOS - class { 'apache': } - apache::vhost { 'fallback.example.net': - docroot => '/var/www/fallback', - fallbackresource => '/index.html' - } - file { '/var/www/fallback/index.html': - ensure => file, - content => "Hello World\\n", - } - host { 'fallback.example.net': ip => '127.0.0.1', } - EOS - apply_manifest(pp, :catch_failures => true) - end - - describe service($service_name) do - if (fact('operatingsystem') == 'Debian' && fact('operatingsystemmajrelease') == '8') - pending 'Should be enabled - Bug 760616 on Debian 8' - else - it { should be_enabled } - end - it { is_expected.to be_running } - end - - it 'should answer to fallback.example.net' do - shell("/usr/bin/curl fallback.example.net:80/Does/Not/Exist") do |r| - expect(r.stdout).to eq("Hello World\n") - end - end - - end - else - # The current stable RHEL release (6.4) comes with Apache httpd 2.2.15 - # That was released March 6, 2010. - # FallbackResource was backported to 2.2.16, and released July 25, 2010. - # Ubuntu Lucid (10.04) comes with apache2 2.2.14, released October 3, 2009. - # https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x/STATUS - end - - context 'virtual_docroot hosting separate sites' do - it 'should configure a vhost with VirtualDocumentRoot' do - pp = <<-EOS - class { 'apache': } - apache::vhost { 'virt.example.com': - vhost_name => '*', - serveraliases => '*virt.example.com', - port => '80', - docroot => '/var/www/virt', - virtual_docroot => '/var/www/virt/%1', - } - host { 'virt.example.com': ip => '127.0.0.1', } - host { 'a.virt.example.com': ip => '127.0.0.1', } - host { 'b.virt.example.com': ip => '127.0.0.1', } - file { [ '/var/www/virt/a', '/var/www/virt/b', ]: ensure => directory, } - file { '/var/www/virt/a/index.html': ensure => file, content => "Hello from a.virt\\n", } - file { '/var/www/virt/b/index.html': ensure => file, content => "Hello from b.virt\\n", } - EOS - apply_manifest(pp, :catch_failures => true) - end - - describe service($service_name) do - if (fact('operatingsystem') == 'Debian' && fact('operatingsystemmajrelease') == '8') - pending 'Should be enabled - Bug 760616 on Debian 8' - else - it { should be_enabled } - end - it { is_expected.to be_running } - end - - it 'should answer to a.virt.example.com' do - shell("/usr/bin/curl a.virt.example.com:80", {:acceptable_exit_codes => 0}) do |r| - expect(r.stdout).to eq("Hello from a.virt\n") - end - end - - it 'should answer to b.virt.example.com' do - shell("/usr/bin/curl b.virt.example.com:80", {:acceptable_exit_codes => 0}) do |r| - expect(r.stdout).to eq("Hello from b.virt\n") - end - end - end - - context 'proxy_pass for alternative vhost' do - it 'should configure a local vhost and a proxy vhost' do - apply_manifest(%{ - class { 'apache': default_vhost => false, } - apache::vhost { 'localhost': - docroot => '/var/www/local', - ip => '127.0.0.1', - port => '8888', - } - apache::listen { '*:80': } - apache::vhost { 'proxy.example.com': - docroot => '/var/www', - port => '80', - add_listen => false, - proxy_pass => { - 'path' => '/', - 'url' => 'http://localhost:8888/subdir/', - }, - } - host { 'proxy.example.com': ip => '127.0.0.1', } - file { ['/var/www/local', '/var/www/local/subdir']: ensure => directory, } - file { '/var/www/local/subdir/index.html': - ensure => file, - content => "Hello from localhost\\n", - } - }, :catch_failures => true) - end - - describe service($service_name) do - if (fact('operatingsystem') == 'Debian' && fact('operatingsystemmajrelease') == '8') - pending 'Should be enabled - Bug 760616 on Debian 8' - else - it { should be_enabled } - end - it { is_expected.to be_running } - end - - it 'should get a response from the back end' do - shell("/usr/bin/curl --max-redirs 0 proxy.example.com:80") do |r| - expect(r.stdout).to eq("Hello from localhost\n") - expect(r.exit_code).to eq(0) - end - end - end - - context 'proxy_pass_match for alternative vhost' do - it 'should configure a local vhost and a proxy vhost' do - apply_manifest(%{ - class { 'apache': default_vhost => false, } - apache::vhost { 'localhost': - docroot => '/var/www/local', - ip => '127.0.0.1', - port => '8888', - } - apache::listen { '*:80': } - apache::vhost { 'proxy.example.com': - docroot => '/var/www', - port => '80', - add_listen => false, - proxy_pass_match => { - 'path' => '/', - 'url' => 'http://localhost:8888/subdir/', - }, - } - host { 'proxy.example.com': ip => '127.0.0.1', } - file { ['/var/www/local', '/var/www/local/subdir']: ensure => directory, } - file { '/var/www/local/subdir/index.html': - ensure => file, - content => "Hello from localhost\\n", - } - }, :catch_failures => true) - end - - describe service($service_name) do - if (fact('operatingsystem') == 'Debian' && fact('operatingsystemmajrelease') == '8') - pending 'Should be enabled - Bug 760616 on Debian 8' - else - it { should be_enabled } - end - it { is_expected.to be_running } - end - - it 'should get a response from the back end' do - shell("/usr/bin/curl --max-redirs 0 proxy.example.com:80") do |r| - expect(r.stdout).to eq("Hello from localhost\n") - expect(r.exit_code).to eq(0) - end - end - end - - describe 'ip_based' do - it 'applies cleanly' do - pp = <<-EOS - class { 'apache': } - host { 'test.server': ip => '127.0.0.1' } - apache::vhost { 'test.server': - docroot => '/tmp', - ip_based => true, - servername => 'test.server', - } - EOS - apply_manifest(pp, :catch_failures => true) - end - - describe file($ports_file) do - it { is_expected.to be_file } - it { is_expected.not_to contain 'NameVirtualHost test.server' } - end - end - - describe 'add_listen' do - it 'applies cleanly' do - pp = <<-EOS - class { 'apache': default_vhost => false } - host { 'testlisten.server': ip => '127.0.0.1' } - apache::listen { '81': } - apache::vhost { 'testlisten.server': - docroot => '/tmp', - port => '80', - add_listen => false, - servername => 'testlisten.server', - } - EOS - apply_manifest(pp, :catch_failures => true) - end - - describe file($ports_file) do - it { is_expected.to be_file } - it { is_expected.not_to contain 'Listen 80' } - it { is_expected.to contain 'Listen 81' } - end - end - - describe 'docroot' do - it 'applies cleanly' do - pp = <<-EOS - user { 'test_owner': ensure => present, } - group { 'test_group': ensure => present, } - class { 'apache': } - host { 'test.server': ip => '127.0.0.1' } - apache::vhost { 'test.server': - docroot => '/tmp/test', - docroot_owner => 'test_owner', - docroot_group => 'test_group', - docroot_mode => '0750', - } - EOS - apply_manifest(pp, :catch_failures => true) - end - - describe file('/tmp/test') do - it { is_expected.to be_directory } - it { is_expected.to be_owned_by 'test_owner' } - it { is_expected.to be_grouped_into 'test_group' } - it { is_expected.to be_mode 750 } - end - end - - describe 'default_vhost' do - it 'applies cleanly' do - pp = <<-EOS - class { 'apache': } - host { 'test.server': ip => '127.0.0.1' } - apache::vhost { 'test.server': - docroot => '/tmp', - default_vhost => true, - } - EOS - apply_manifest(pp, :catch_failures => true) - end - - describe file($ports_file) do - it { is_expected.to be_file } - if fact('osfamily') == 'RedHat' and fact('operatingsystemmajrelease') == '7' - it { is_expected.not_to contain 'NameVirtualHost test.server' } - elsif fact('operatingsystem') == 'Ubuntu' and fact('operatingsystemrelease') =~ /(14\.04|13\.10)/ - it { is_expected.not_to contain 'NameVirtualHost test.server' } - elsif fact('operatingsystem') == 'Debian' and fact('operatingsystemmajrelease') == '8' - it { is_expected.not_to contain 'NameVirtualHost test.server' } - else - it { is_expected.to contain 'NameVirtualHost test.server' } - end - end - - describe file("#{$vhost_dir}/10-test.server.conf") do - it { is_expected.to be_file } - end - end - - describe 'options' do - it 'applies cleanly' do - pp = <<-EOS - class { 'apache': } - host { 'test.server': ip => '127.0.0.1' } - apache::vhost { 'test.server': - docroot => '/tmp', - options => ['Indexes','FollowSymLinks', 'ExecCGI'], - } - EOS - apply_manifest(pp, :catch_failures => true) - end - - describe file("#{$vhost_dir}/25-test.server.conf") do - it { is_expected.to be_file } - it { is_expected.to contain 'Options Indexes FollowSymLinks ExecCGI' } - end - end - - describe 'override' do - it 'applies cleanly' do - pp = <<-EOS - class { 'apache': } - host { 'test.server': ip => '127.0.0.1' } - apache::vhost { 'test.server': - docroot => '/tmp', - override => ['All'], - } - EOS - apply_manifest(pp, :catch_failures => true) - end - - describe file("#{$vhost_dir}/25-test.server.conf") do - it { is_expected.to be_file } - it { is_expected.to contain 'AllowOverride All' } - end - end - - describe 'logroot' do - it 'applies cleanly' do - pp = <<-EOS - class { 'apache': } - host { 'test.server': ip => '127.0.0.1' } - apache::vhost { 'test.server': - docroot => '/tmp', - logroot => '/tmp', - } - EOS - apply_manifest(pp, :catch_failures => true) - end - - describe file("#{$vhost_dir}/25-test.server.conf") do - it { is_expected.to be_file } - it { is_expected.to contain ' CustomLog "/tmp' } - end - end - - ['access', 'error'].each do |logtype| - case logtype - when 'access' - logname = 'CustomLog' - when 'error' - logname = 'ErrorLog' - end - - describe "#{logtype}_log" do - it 'applies cleanly' do - pp = <<-EOS - class { 'apache': } - host { 'test.server': ip => '127.0.0.1' } - apache::vhost { 'test.server': - docroot => '/tmp', - logroot => '/tmp', - #{logtype}_log => false, - } - EOS - apply_manifest(pp, :catch_failures => true) - end - - describe file("#{$vhost_dir}/25-test.server.conf") do - it { is_expected.to be_file } - it { is_expected.not_to contain " #{logname} \"/tmp" } - end - end - - describe "#{logtype}_log_pipe" do - it 'applies cleanly' do - pp = <<-EOS - class { 'apache': } - host { 'test.server': ip => '127.0.0.1' } - apache::vhost { 'test.server': - docroot => '/tmp', - logroot => '/tmp', - #{logtype}_log_pipe => '|/bin/sh', - } - EOS - apply_manifest(pp, :catch_failures => true) - end - - describe file("#{$vhost_dir}/25-test.server.conf") do - it { is_expected.to be_file } - it { is_expected.to contain " #{logname} \"|/bin/sh" } - end - end - - describe "#{logtype}_log_syslog" do - it 'applies cleanly' do - pp = <<-EOS - class { 'apache': } - host { 'test.server': ip => '127.0.0.1' } - apache::vhost { 'test.server': - docroot => '/tmp', - logroot => '/tmp', - #{logtype}_log_syslog => 'syslog', - } - EOS - apply_manifest(pp, :catch_failures => true) - end - - describe file("#{$vhost_dir}/25-test.server.conf") do - it { is_expected.to be_file } - it { is_expected.to contain " #{logname} \"syslog\"" } - end - end - end - - describe 'access_log_format' do - it 'applies cleanly' do - pp = <<-EOS - class { 'apache': } - host { 'test.server': ip => '127.0.0.1' } - apache::vhost { 'test.server': - docroot => '/tmp', - logroot => '/tmp', - access_log_syslog => 'syslog', - access_log_format => '%h %l', - } - EOS - apply_manifest(pp, :catch_failures => true) - end - - describe file("#{$vhost_dir}/25-test.server.conf") do - it { is_expected.to be_file } - it { is_expected.to contain 'CustomLog "syslog" "%h %l"' } - end - end - - describe 'access_log_env_var' do - it 'applies cleanly' do - pp = <<-EOS - class { 'apache': } - host { 'test.server': ip => '127.0.0.1' } - apache::vhost { 'test.server': - docroot => '/tmp', - logroot => '/tmp', - access_log_syslog => 'syslog', - access_log_env_var => 'admin', - } - EOS - apply_manifest(pp, :catch_failures => true) - end - - describe file("#{$vhost_dir}/25-test.server.conf") do - it { is_expected.to be_file } - it { is_expected.to contain 'CustomLog "syslog" combined env=admin' } - end - end - - describe 'multiple access_logs' do - it 'applies cleanly' do - pp = <<-EOS - class { 'apache': } - host { 'test.server': ip => '127.0.0.1' } - apache::vhost { 'test.server': - docroot => '/tmp', - logroot => '/tmp', - access_logs => [ - {'file' => 'log1'}, - {'file' => 'log2', 'env' => 'admin' }, - {'file' => '/var/tmp/log3', 'format' => '%h %l'}, - {'syslog' => 'syslog' } - ] - } - EOS - apply_manifest(pp, :catch_failures => true) - end - - describe file("#{$vhost_dir}/25-test.server.conf") do - it { is_expected.to be_file } - it { is_expected.to contain 'CustomLog "/tmp/log1" combined' } - it { is_expected.to contain 'CustomLog "/tmp/log2" combined env=admin' } - it { is_expected.to contain 'CustomLog "/var/tmp/log3" "%h %l"' } - it { is_expected.to contain 'CustomLog "syslog" combined' } - end - end - - describe 'aliases' do - it 'applies cleanly' do - pp = <<-EOS - class { 'apache': } - host { 'test.server': ip => '127.0.0.1' } - apache::vhost { 'test.server': - docroot => '/tmp', - aliases => [ - { alias => '/image' , path => '/ftp/pub/image' } , - { scriptalias => '/myscript' , path => '/usr/share/myscript' } - ], - } - EOS - apply_manifest(pp, :catch_failures => true) - end - - describe file("#{$vhost_dir}/25-test.server.conf") do - it { is_expected.to be_file } - it { is_expected.to contain 'Alias /image "/ftp/pub/image"' } - it { is_expected.to contain 'ScriptAlias /myscript "/usr/share/myscript"' } - end - end - - describe 'scriptaliases' do - it 'applies cleanly' do - pp = <<-EOS - class { 'apache': } - host { 'test.server': ip => '127.0.0.1' } - apache::vhost { 'test.server': - docroot => '/tmp', - scriptaliases => [{ alias => '/myscript', path => '/usr/share/myscript', }], - } - EOS - apply_manifest(pp, :catch_failures => true) - end - - describe file("#{$vhost_dir}/25-test.server.conf") do - it { is_expected.to be_file } - it { is_expected.to contain 'ScriptAlias /myscript "/usr/share/myscript"' } - end - end - - describe 'proxy' do - it 'applies cleanly' do - pp = <<-EOS - class { 'apache': service_ensure => stopped, } - host { 'test.server': ip => '127.0.0.1' } - apache::vhost { 'test.server': - docroot => '/tmp', - proxy_dest => 'test2', - } - EOS - apply_manifest(pp, :catch_failures => true) - end - - describe file("#{$vhost_dir}/25-test.server.conf") do - it { is_expected.to be_file } - it { is_expected.to contain 'ProxyPass / test2/' } - end - end - - describe 'actions' do - it 'applies cleanly' do - pp = <<-EOS - class { 'apache': } - host { 'test.server': ip => '127.0.0.1' } - apache::vhost { 'test.server': - docroot => '/tmp', - action => 'php-fastcgi', - } - EOS - pp = pp + "\nclass { 'apache::mod::actions': }" if fact('osfamily') == 'Debian' - apply_manifest(pp, :catch_failures => true) - end - - describe file("#{$vhost_dir}/25-test.server.conf") do - it { is_expected.to be_file } - it { is_expected.to contain 'Action php-fastcgi /cgi-bin virtual' } - end - end - - describe 'suphp' do - it 'applies cleanly' do - pp = <<-EOS - class { 'apache': service_ensure => stopped, } - host { 'test.server': ip => '127.0.0.1' } - apache::vhost { 'test.server': - docroot => '/tmp', - suphp_addhandler => '#{$suphp_handler}', - suphp_engine => 'on', - suphp_configpath => '#{$suphp_configpath}', - } - EOS - apply_manifest(pp, :catch_failures => true) - end - - describe file("#{$vhost_dir}/25-test.server.conf") do - it { is_expected.to be_file } - it { is_expected.to contain "suPHP_AddHandler #{$suphp_handler}" } - it { is_expected.to contain 'suPHP_Engine on' } - it { is_expected.to contain "suPHP_ConfigPath \"#{$suphp_configpath}\"" } - end - end - - describe 'rack_base_uris' do - if (fact('osfamily') != 'RedHat') - it 'applies cleanly' do - test = lambda do - pp = <<-EOS - class { 'apache': } - host { 'test.server': ip => '127.0.0.1' } - apache::vhost { 'test.server': - docroot => '/tmp', - rack_base_uris => ['/test'], - } - EOS - apply_manifest(pp, :catch_failures => true) - end - test.call - end - end - end - - describe 'no_proxy_uris' do - it 'applies cleanly' do - pp = <<-EOS - class { 'apache': service_ensure => stopped, } - host { 'test.server': ip => '127.0.0.1' } - apache::vhost { 'test.server': - docroot => '/tmp', - proxy_dest => 'http://test2', - no_proxy_uris => [ 'http://test2/test' ], - } - EOS - apply_manifest(pp, :catch_failures => true) - end - - describe file("#{$vhost_dir}/25-test.server.conf") do - it { is_expected.to be_file } - it { is_expected.to contain 'ProxyPass http://test2/test !' } - it { is_expected.to contain 'ProxyPass / http://test2/' } - end - end - - describe 'redirect' do - it 'applies cleanly' do - pp = <<-EOS - class { 'apache': } - host { 'test.server': ip => '127.0.0.1' } - apache::vhost { 'test.server': - docroot => '/tmp', - redirect_source => ['/images'], - redirect_dest => ['http://test.server/'], - redirect_status => ['permanent'], - } - EOS - apply_manifest(pp, :catch_failures => true) - end - - describe file("#{$vhost_dir}/25-test.server.conf") do - it { is_expected.to be_file } - it { is_expected.to contain 'Redirect permanent /images http://test.server/' } - end - end - - describe 'request_headers' do - it 'applies cleanly' do - pp = <<-EOS - class { 'apache': } - host { 'test.server': ip => '127.0.0.1' } - apache::vhost { 'test.server': - docroot => '/tmp', - request_headers => ['append MirrorID "mirror 12"'], - } - EOS - apply_manifest(pp, :catch_failures => true) - end - - describe file("#{$vhost_dir}/25-test.server.conf") do - it { is_expected.to be_file } - it { is_expected.to contain 'append MirrorID "mirror 12"' } - end - end - - describe 'rewrite rules' do - it 'applies cleanly' do - pp = <<-EOS - class { 'apache': } - host { 'test.server': ip => '127.0.0.1' } - apache::vhost { 'test.server': - docroot => '/tmp', - rewrites => [ - { comment => 'test', - rewrite_cond => '%{HTTP_USER_AGENT} ^Lynx/ [OR]', - rewrite_rule => ['^index\.html$ welcome.html'], - rewrite_map => ['lc int:tolower'], - } - ], - } - EOS - apply_manifest(pp, :catch_failures => true) - end - - describe file("#{$vhost_dir}/25-test.server.conf") do - it { is_expected.to be_file } - it { is_expected.to contain '#test' } - it { is_expected.to contain 'RewriteCond %{HTTP_USER_AGENT} ^Lynx/ [OR]' } - it { is_expected.to contain 'RewriteRule ^index.html$ welcome.html' } - it { is_expected.to contain 'RewriteMap lc int:tolower' } - end - end - - describe 'directory rewrite rules' do - it 'applies cleanly' do - pp = <<-EOS - class { 'apache': } - host { 'test.server': ip => '127.0.0.1' } - if ! defined(Class['apache::mod::rewrite']) { - include ::apache::mod::rewrite - } - apache::vhost { 'test.server': - docroot => '/tmp', - directories => [ - { - path => '/tmp', - rewrites => [ - { - comment => 'Permalink Rewrites', - rewrite_base => '/', - }, - { rewrite_rule => [ '^index\\.php$ - [L]' ] }, - { rewrite_cond => [ - '%{REQUEST_FILENAME} !-f', - '%{REQUEST_FILENAME} !-d', ], rewrite_rule => [ '. /index.php [L]' ], } - ], - }, - ], - } - EOS - apply_manifest(pp, :catch_failures => true) - end - - describe file("#{$vhost_dir}/25-test.server.conf") do - it { should be_file } - it { should contain '#Permalink Rewrites' } - it { should contain 'RewriteEngine On' } - it { should contain 'RewriteBase /' } - it { should contain 'RewriteRule ^index\.php$ - [L]' } - it { should contain 'RewriteCond %{REQUEST_FILENAME} !-f' } - it { should contain 'RewriteCond %{REQUEST_FILENAME} !-d' } - it { should contain 'RewriteRule . /index.php [L]' } - end - end - - describe 'setenv/setenvif' do - it 'applies cleanly' do - pp = <<-EOS - class { 'apache': } - host { 'test.server': ip => '127.0.0.1' } - apache::vhost { 'test.server': - docroot => '/tmp', - setenv => ['TEST /test'], - setenvif => ['Request_URI "\.gif$" object_is_image=gif'] - } - EOS - apply_manifest(pp, :catch_failures => true) - end - - describe file("#{$vhost_dir}/25-test.server.conf") do - it { is_expected.to be_file } - it { is_expected.to contain 'SetEnv TEST /test' } - it { is_expected.to contain 'SetEnvIf Request_URI "\.gif$" object_is_image=gif' } - end - end - - describe 'block' do - it 'applies cleanly' do - pp = <<-EOS - class { 'apache': } - host { 'test.server': ip => '127.0.0.1' } - apache::vhost { 'test.server': - docroot => '/tmp', - block => 'scm', - } - EOS - apply_manifest(pp, :catch_failures => true) - end - - describe file("#{$vhost_dir}/25-test.server.conf") do - it { is_expected.to be_file } - it { is_expected.to contain '' } - end - end - - describe 'wsgi' do - context 'on lucid', :if => fact('lsbdistcodename') == 'lucid' do - it 'import_script applies cleanly' do - pp = <<-EOS - class { 'apache': } - class { 'apache::mod::wsgi': } - host { 'test.server': ip => '127.0.0.1' } - apache::vhost { 'test.server': - docroot => '/tmp', - wsgi_application_group => '%{GLOBAL}', - wsgi_daemon_process => 'wsgi', - wsgi_daemon_process_options => {processes => '2'}, - wsgi_process_group => 'nobody', - wsgi_script_aliases => { '/test' => '/test1' }, - wsgi_pass_authorization => 'On', - } - EOS - apply_manifest(pp, :catch_failures => true) - end - end - - context 'on everything but lucid', :unless => fact('lsbdistcodename') == 'lucid' do - it 'import_script applies cleanly' do - pp = <<-EOS - class { 'apache': } - class { 'apache::mod::wsgi': } - host { 'test.server': ip => '127.0.0.1' } - apache::vhost { 'test.server': - docroot => '/tmp', - wsgi_application_group => '%{GLOBAL}', - wsgi_daemon_process => 'wsgi', - wsgi_daemon_process_options => {processes => '2'}, - wsgi_import_script => '/test1', - wsgi_import_script_options => { application-group => '%{GLOBAL}', process-group => 'wsgi' }, - wsgi_process_group => 'nobody', - wsgi_script_aliases => { '/test' => '/test1' }, - wsgi_pass_authorization => 'On', - wsgi_chunked_request => 'On', - } - EOS - apply_manifest(pp, :catch_failures => true) - end - - describe file("#{$vhost_dir}/25-test.server.conf") do - it { is_expected.to be_file } - it { is_expected.to contain 'WSGIApplicationGroup %{GLOBAL}' } - it { is_expected.to contain 'WSGIDaemonProcess wsgi processes=2' } - it { is_expected.to contain 'WSGIImportScript /test1 application-group=%{GLOBAL} process-group=wsgi' } - it { is_expected.to contain 'WSGIProcessGroup nobody' } - it { is_expected.to contain 'WSGIScriptAlias /test "/test1"' } - it { is_expected.to contain 'WSGIPassAuthorization On' } - it { is_expected.to contain 'WSGIChunkedRequest On' } - end - end - end - - describe 'custom_fragment' do - it 'applies cleanly' do - pp = <<-EOS - class { 'apache': } - host { 'test.server': ip => '127.0.0.1' } - apache::vhost { 'test.server': - docroot => '/tmp', - custom_fragment => inline_template('#weird test string'), - } - EOS - apply_manifest(pp, :catch_failures => true) - end - - describe file("#{$vhost_dir}/25-test.server.conf") do - it { is_expected.to be_file } - it { is_expected.to contain '#weird test string' } - end - end - - describe 'itk' do - it 'applies cleanly' do - pp = <<-EOS - class { 'apache': } - host { 'test.server': ip => '127.0.0.1' } - apache::vhost { 'test.server': - docroot => '/tmp', - itk => { user => 'nobody', group => 'nobody' } - } - EOS - apply_manifest(pp, :catch_failures => true) - end - - describe file("#{$vhost_dir}/25-test.server.conf") do - it { is_expected.to be_file } - it { is_expected.to contain 'AssignUserId nobody nobody' } - end - end - - # Limit testing to Debian, since Centos does not have fastcgi package. - case fact('osfamily') - when 'Debian' - describe 'fastcgi' do - it 'applies cleanly' do - pp = <<-EOS - $_os = $::operatingsystem - - if $_os == 'Ubuntu' { - $_location = "http://archive.ubuntu.com/ubuntu/" - $_security_location = "http://archive.ubuntu.com/ubuntu/" - $_release = $::lsbdistcodename - $_release_security = "${_release}-security" - $_repos = "main universe multiverse" - } else { - $_location = "http://httpredir.debian.org/debian/" - $_security_location = "http://security.debian.org/" - $_release = $::lsbdistcodename - $_release_security = "${_release}/updates" - $_repos = "main contrib non-free" - } - - include ::apt - apt::source { "${_os}_${_release}": - location => $_location, - release => $_release, - repos => $_repos, - include_src => false, - } - - apt::source { "${_os}_${_release}-updates": - location => $_location, - release => "${_release}-updates", - repos => $_repos, - include_src => false, - } - - apt::source { "${_os}_${_release}-security": - location => $_security_location, - release => $_release_security, - repos => $_repos, - include_src => false, - } - EOS - - #apt-get update may not run clean here. Should be OK. - apply_manifest(pp, :catch_failures => false) - - pp2 = <<-EOS - class { 'apache': } - class { 'apache::mod::fastcgi': } - host { 'test.server': ip => '127.0.0.1' } - apache::vhost { 'test.server': - docroot => '/tmp', - fastcgi_server => 'localhost', - fastcgi_socket => '/tmp/fast/1234', - fastcgi_dir => '/tmp/fast', - } - EOS - apply_manifest(pp2, :catch_failures => true, :acceptable_exit_codes => [0, 2]) - end - - describe file("#{$vhost_dir}/25-test.server.conf") do - it { is_expected.to be_file } - it { is_expected.to contain 'FastCgiExternalServer localhost -socket /tmp/fast/1234' } - it { is_expected.to contain '' } - end - end - end - - describe 'additional_includes' do - it 'applies cleanly' do - pp = <<-EOS - if $::osfamily == 'RedHat' and "$::selinux" == "true" { - $semanage_package = $::operatingsystemmajrelease ? { - '5' => 'policycoreutils', - default => 'policycoreutils-python', - } - exec { 'set_apache_defaults': - command => 'semanage fcontext -a -t httpd_sys_content_t "/apache_spec(/.*)?"', - path => '/bin:/usr/bin/:/sbin:/usr/sbin', - require => Package[$semanage_package], - } - package { $semanage_package: ensure => installed } - exec { 'restorecon_apache': - command => 'restorecon -Rv /apache_spec', - path => '/bin:/usr/bin/:/sbin:/usr/sbin', - before => Service['httpd'], - require => Class['apache'], - } - } - class { 'apache': } - host { 'test.server': ip => '127.0.0.1' } - file { '/apache_spec': ensure => directory, } - file { '/apache_spec/include': ensure => present, content => '#additional_includes' } - apache::vhost { 'test.server': - docroot => '/apache_spec', - additional_includes => '/apache_spec/include', - } - EOS - apply_manifest(pp, :catch_failures => true) - end - - describe file("#{$vhost_dir}/25-test.server.conf") do - it { is_expected.to be_file } - it { is_expected.to contain 'Include "/apache_spec/include"' } - end - end - - describe 'virtualhost without priority prefix' do - it 'applies cleanly' do - pp = <<-EOS - class { 'apache': } - apache::vhost { 'test.server': - priority => false, - docroot => '/tmp' - } - EOS - apply_manifest(pp, :catch_failures => true) - end - - describe file("#{$vhost_dir}/test.server.conf") do - it { is_expected.to be_file } - end - end - - describe 'SSLProtocol directive' do - it 'applies cleanly' do - pp = <<-EOS - class { 'apache': } - apache::vhost { 'test.server': - docroot => '/tmp', - ssl => true, - ssl_protocol => ['All', '-SSLv2'], - } - apache::vhost { 'test2.server': - docroot => '/tmp', - ssl => true, - ssl_protocol => 'All -SSLv2', - } - EOS - apply_manifest(pp, :catch_failures => true) - end - - describe file("#{$vhost_dir}/25-test.server.conf") do - it { is_expected.to be_file } - it { is_expected.to contain 'SSLProtocol *All -SSLv2' } - end - - describe file("#{$vhost_dir}/25-test2.server.conf") do - it { is_expected.to be_file } - it { is_expected.to contain 'SSLProtocol *All -SSLv2' } - end - end -end diff --git a/apache/spec/classes/apache_spec.rb b/apache/spec/classes/apache_spec.rb deleted file mode 100644 index 2fe53f409..000000000 --- a/apache/spec/classes/apache_spec.rb +++ /dev/null @@ -1,892 +0,0 @@ -require 'spec_helper' - -describe 'apache', :type => :class do - context "on a Debian OS" do - let :facts do - { - :id => 'root', - :kernel => 'Linux', - :lsbdistcodename => 'squeeze', - :osfamily => 'Debian', - :operatingsystem => 'Debian', - :operatingsystemrelease => '6', - :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', - :concat_basedir => '/dne', - :is_pe => false, - } - end - it { is_expected.to contain_class("apache::params") } - it { is_expected.to contain_package("httpd").with( - 'notify' => 'Class[Apache::Service]', - 'ensure' => 'installed' - ) - } - it { is_expected.to contain_user("www-data") } - it { is_expected.to contain_group("www-data") } - it { is_expected.to contain_class("apache::service") } - it { is_expected.to contain_file("/var/www").with( - 'ensure' => 'directory' - ) - } - it { is_expected.to contain_file("/etc/apache2/sites-enabled").with( - 'ensure' => 'directory', - 'recurse' => 'true', - 'purge' => 'true', - 'notify' => 'Class[Apache::Service]', - 'require' => 'Package[httpd]' - ) - } - it { is_expected.to contain_file("/etc/apache2/mods-enabled").with( - 'ensure' => 'directory', - 'recurse' => 'true', - 'purge' => 'true', - 'notify' => 'Class[Apache::Service]', - 'require' => 'Package[httpd]' - ) - } - it { is_expected.to contain_file("/etc/apache2/mods-available").with( - 'ensure' => 'directory', - 'recurse' => 'true', - 'purge' => 'false', - 'notify' => 'Class[Apache::Service]', - 'require' => 'Package[httpd]' - ) - } - it { is_expected.to contain_concat("/etc/apache2/ports.conf").with( - 'owner' => 'root', - 'group' => 'root', - 'mode' => '0644', - 'notify' => 'Class[Apache::Service]' - ) - } - # Assert that load files are placed and symlinked for these mods, but no conf file. - [ - 'auth_basic', - 'authn_file', - 'authz_default', - 'authz_groupfile', - 'authz_host', - 'authz_user', - 'dav', - 'env' - ].each do |modname| - it { is_expected.to contain_file("#{modname}.load").with( - 'path' => "/etc/apache2/mods-available/#{modname}.load", - 'ensure' => 'file' - ) } - it { is_expected.to contain_file("#{modname}.load symlink").with( - 'path' => "/etc/apache2/mods-enabled/#{modname}.load", - 'ensure' => 'link', - 'target' => "/etc/apache2/mods-available/#{modname}.load" - ) } - it { is_expected.not_to contain_file("#{modname}.conf") } - it { is_expected.not_to contain_file("#{modname}.conf symlink") } - end - - context "with Apache version < 2.4" do - let :params do - { :apache_version => '2.2' } - end - - it { is_expected.to contain_file("/etc/apache2/apache2.conf").with_content %r{^Include "/etc/apache2/conf\.d/\*\.conf"$} } - end - - context "with Apache version >= 2.4" do - let :params do - { - :apache_version => '2.4', - :use_optional_includes => true - } - end - - it { is_expected.to contain_file("/etc/apache2/apache2.conf").with_content %r{^IncludeOptional "/etc/apache2/conf\.d/\*\.conf"$} } - end - - context "when specifying slash encoding behaviour" do - let :params do - { :allow_encoded_slashes => 'nodecode' } - end - - it { is_expected.to contain_file("/etc/apache2/apache2.conf").with_content %r{^AllowEncodedSlashes nodecode$} } - end - - context "when specifying default character set" do - let :params do - { :default_charset => 'none' } - end - - it { is_expected.to contain_file("/etc/apache2/apache2.conf").with_content %r{^AddDefaultCharset none$} } - end - - # Assert that both load files and conf files are placed and symlinked for these mods - [ - 'alias', - 'autoindex', - 'dav_fs', - 'deflate', - 'dir', - 'mime', - 'negotiation', - 'setenvif', - ].each do |modname| - it { is_expected.to contain_file("#{modname}.load").with( - 'path' => "/etc/apache2/mods-available/#{modname}.load", - 'ensure' => 'file' - ) } - it { is_expected.to contain_file("#{modname}.load symlink").with( - 'path' => "/etc/apache2/mods-enabled/#{modname}.load", - 'ensure' => 'link', - 'target' => "/etc/apache2/mods-available/#{modname}.load" - ) } - it { is_expected.to contain_file("#{modname}.conf").with( - 'path' => "/etc/apache2/mods-available/#{modname}.conf", - 'ensure' => 'file' - ) } - it { is_expected.to contain_file("#{modname}.conf symlink").with( - 'path' => "/etc/apache2/mods-enabled/#{modname}.conf", - 'ensure' => 'link', - 'target' => "/etc/apache2/mods-available/#{modname}.conf" - ) } - end - - describe "Check default type" do - context "with Apache version < 2.4" do - let :params do - { - :apache_version => '2.2', - } - end - - context "when default_type => 'none'" do - let :params do - { :default_type => 'none' } - end - - it { is_expected.to contain_file("/etc/apache2/apache2.conf").with_content %r{^DefaultType none$} } - end - context "when default_type => 'text/plain'" do - let :params do - { :default_type => 'text/plain' } - end - - it { is_expected.to contain_file("/etc/apache2/apache2.conf").with_content %r{^DefaultType text/plain$} } - end - end - - context "with Apache version >= 2.4" do - let :params do - { - :apache_version => '2.4', - } - end - it { is_expected.to contain_file("/etc/apache2/apache2.conf").without_content %r{^DefaultType [.]*$} } - end - end - - describe "Don't create user resource" do - context "when parameter manage_user is false" do - let :params do - { :manage_user => false } - end - - it { is_expected.not_to contain_user('www-data') } - it { is_expected.to contain_file("/etc/apache2/apache2.conf").with_content %r{^User www-data\n} } - end - end - describe "Don't create group resource" do - context "when parameter manage_group is false" do - let :params do - { :manage_group => false } - end - - it { is_expected.not_to contain_group('www-data') } - it { is_expected.to contain_file("/etc/apache2/apache2.conf").with_content %r{^Group www-data\n} } - end - end - - describe "Add extra LogFormats" do - context "When parameter log_formats is a hash" do - let :params do - { :log_formats => { - 'vhost_common' => "%v %h %l %u %t \"%r\" %>s %b", - 'vhost_combined' => "%v %h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-agent}i\"" - } } - end - - it { is_expected.to contain_file("/etc/apache2/apache2.conf").with_content %r{^LogFormat "%v %h %l %u %t \"%r\" %>s %b" vhost_common\n} } - it { is_expected.to contain_file("/etc/apache2/apache2.conf").with_content %r{^LogFormat "%v %h %l %u %t \"%r\" %>s %b \"%\{Referer\}i\" \"%\{User-agent\}i\"" vhost_combined\n} } - end - end - - describe "Override existing LogFormats" do - context "When parameter log_formats is a hash" do - let :params do - { :log_formats => { - 'common' => "%v %h %l %u %t \"%r\" %>s %b", - 'combined' => "%v %h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-agent}i\"" - } } - end - - it { is_expected.to contain_file("/etc/apache2/apache2.conf").with_content %r{^LogFormat "%v %h %l %u %t \"%r\" %>s %b" common\n} } - it { is_expected.to contain_file("/etc/apache2/apache2.conf").without_content %r{^LogFormat "%h %l %u %t \"%r\" %>s %b \"%\{Referer\}i\" \"%\{User-agent\}i\"" combined\n} } - it { is_expected.to contain_file("/etc/apache2/apache2.conf").with_content %r{^LogFormat "%v %h %l %u %t \"%r\" %>s %b" common\n} } - it { is_expected.to contain_file("/etc/apache2/apache2.conf").with_content %r{^LogFormat "%v %h %l %u %t \"%r\" %>s %b \"%\{Referer\}i\" \"%\{User-agent\}i\"" combined\n} } - it { is_expected.to contain_file("/etc/apache2/apache2.conf").without_content %r{^LogFormat "%h %l %u %t \"%r\" %>s %b \"%\{Referer\}i\" \"%\{User-agent\}i\"" combined\n} } - end - end - - context "8" do - let :facts do - super().merge({ - :lsbdistcodename => 'jessie', - :operatingsystemrelease => '8' - }) - end - it { is_expected.to contain_file("/var/www/html").with( - 'ensure' => 'directory' - ) - } - end - context "on Ubuntu" do - let :facts do - super().merge({ - :operatingsystem => 'Ubuntu' - }) - end - - context "14.04" do - let :facts do - super().merge({ - :lsbdistrelease => '14.04', - :operatingsystemrelease => '14.04' - }) - end - it { is_expected.to contain_file("/var/www/html").with( - 'ensure' => 'directory' - ) - } - end - context "13.10" do - let :facts do - super().merge({ - :lsbdistrelease => '13.10', - :operatingsystemrelease => '13.10' - }) - end - it { is_expected.to contain_class('apache').with_apache_version('2.4') } - end - context "12.04" do - let :facts do - super().merge({ - :lsbdistrelease => '12.04', - :operatingsystemrelease => '12.04' - }) - end - it { is_expected.to contain_class('apache').with_apache_version('2.2') } - end - context "13.04" do - let :facts do - super().merge({ - :lsbdistrelease => '13.04', - :operatingsystemrelease => '13.04' - }) - end - it { is_expected.to contain_class('apache').with_apache_version('2.2') } - end - end - end - context "on a RedHat 5 OS" do - let :facts do - { - :id => 'root', - :kernel => 'Linux', - :osfamily => 'RedHat', - :operatingsystem => 'RedHat', - :operatingsystemrelease => '5', - :concat_basedir => '/dne', - :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', - :is_pe => false, - } - end - it { is_expected.to contain_class("apache::params") } - it { is_expected.to contain_package("httpd").with( - 'notify' => 'Class[Apache::Service]', - 'ensure' => 'installed' - ) - } - it { is_expected.to contain_user("apache") } - it { is_expected.to contain_group("apache") } - it { is_expected.to contain_class("apache::service") } - it { is_expected.to contain_file("/var/www/html").with( - 'ensure' => 'directory' - ) - } - it { is_expected.to contain_file("/etc/httpd/conf.d").with( - 'ensure' => 'directory', - 'recurse' => 'true', - 'purge' => 'true', - 'notify' => 'Class[Apache::Service]', - 'require' => 'Package[httpd]' - ) - } - it { is_expected.to contain_concat("/etc/httpd/conf/ports.conf").with( - 'owner' => 'root', - 'group' => 'root', - 'mode' => '0644', - 'notify' => 'Class[Apache::Service]' - ) - } - describe "Alternate confd/mod/vhosts directory" do - let :params do - { - :vhost_dir => '/etc/httpd/site.d', - :confd_dir => '/etc/httpd/conf.d', - :mod_dir => '/etc/httpd/mod.d', - } - end - - ['mod.d','site.d','conf.d'].each do |dir| - it { is_expected.to contain_file("/etc/httpd/#{dir}").with( - 'ensure' => 'directory', - 'recurse' => 'true', - 'purge' => 'true', - 'notify' => 'Class[Apache::Service]', - 'require' => 'Package[httpd]' - ) } - end - - # Assert that load files are placed for these mods, but no conf file. - [ - 'auth_basic', - 'authn_file', - 'authz_default', - 'authz_groupfile', - 'authz_host', - 'authz_user', - 'dav', - 'env', - ].each do |modname| - it { is_expected.to contain_file("#{modname}.load").with_path( - "/etc/httpd/mod.d/#{modname}.load" - ) } - it { is_expected.not_to contain_file("#{modname}.conf").with_path( - "/etc/httpd/mod.d/#{modname}.conf" - ) } - end - - # Assert that both load files and conf files are placed for these mods - [ - 'alias', - 'autoindex', - 'dav_fs', - 'deflate', - 'dir', - 'mime', - 'negotiation', - 'setenvif', - ].each do |modname| - it { is_expected.to contain_file("#{modname}.load").with_path( - "/etc/httpd/mod.d/#{modname}.load" - ) } - it { is_expected.to contain_file("#{modname}.conf").with_path( - "/etc/httpd/mod.d/#{modname}.conf" - ) } - end - - context "with Apache version < 2.4" do - let :params do - { :apache_version => '2.2' } - end - - it { is_expected.to contain_file("/etc/httpd/conf/httpd.conf").with_content %r{^Include "/etc/httpd/conf\.d/\*\.conf"$} } - end - - context "with Apache version >= 2.4" do - let :params do - { - :apache_version => '2.4', - :use_optional_includes => true - } - end - - it { is_expected.to contain_file("/etc/httpd/conf/httpd.conf").with_content %r{^IncludeOptional "/etc/httpd/conf\.d/\*\.conf"$} } - end - - context "with Apache version < 2.4" do - let :params do - { - :apache_version => '2.2', - :rewrite_lock => '/var/lock/subsys/rewrite-lock' - } - end - - it { is_expected.to contain_file("/etc/httpd/conf/httpd.conf").with_content %r{^RewriteLock /var/lock/subsys/rewrite-lock$} } - end - - context "with Apache version < 2.4" do - let :params do - { - :apache_version => '2.2' - } - end - - it { is_expected.to contain_file("/etc/httpd/conf/httpd.conf").without_content %r{^RewriteLock [.]*$} } - end - - context "with Apache version >= 2.4" do - let :params do - { - :apache_version => '2.4', - :rewrite_lock => '/var/lock/subsys/rewrite-lock' - } - end - it { is_expected.to contain_file("/etc/httpd/conf/httpd.conf").without_content %r{^RewriteLock [.]*$} } - end - - context "when specifying slash encoding behaviour" do - let :params do - { :allow_encoded_slashes => 'nodecode' } - end - - it { is_expected.to contain_file("/etc/httpd/conf/httpd.conf").with_content %r{^AllowEncodedSlashes nodecode$} } - end - - context "when specifying default character set" do - let :params do - { :default_charset => 'none' } - end - - it { is_expected.to contain_file("/etc/httpd/conf/httpd.conf").with_content %r{^AddDefaultCharset none$} } - end - - context "with Apache version < 2.4" do - let :params do - { - :apache_version => '2.2', - } - end - - context "when default_type => 'none'" do - let :params do - { :default_type => 'none' } - end - - it { is_expected.to contain_file("/etc/httpd/conf/httpd.conf").with_content %r{^DefaultType none$} } - end - context "when default_type => 'text/plain'" do - let :params do - { :default_type => 'text/plain' } - end - - it { is_expected.to contain_file("/etc/httpd/conf/httpd.conf").with_content %r{^DefaultType text/plain$} } - end - end - - context "with Apache version >= 2.4" do - let :params do - { - :apache_version => '2.4', - } - end - it { is_expected.to contain_file("/etc/httpd/conf/httpd.conf").without_content %r{^DefaultType [.]*$} } - end - - it { is_expected.to contain_file("/etc/httpd/conf/httpd.conf").with_content %r{^Include "/etc/httpd/site\.d/\*"$} } - it { is_expected.to contain_file("/etc/httpd/conf/httpd.conf").with_content %r{^Include "/etc/httpd/mod\.d/\*\.conf"$} } - it { is_expected.to contain_file("/etc/httpd/conf/httpd.conf").with_content %r{^Include "/etc/httpd/mod\.d/\*\.load"$} } - end - - describe "Alternate conf directory" do - let :params do - { :conf_dir => '/opt/rh/root/etc/httpd/conf' } - end - - it { is_expected.to contain_file("/opt/rh/root/etc/httpd/conf/httpd.conf").with( - 'ensure' => 'file', - 'notify' => 'Class[Apache::Service]', - 'require' => ['Package[httpd]', 'Concat[/etc/httpd/conf/ports.conf]'], - ) } - end - - describe "Alternate conf.d directory" do - let :params do - { :confd_dir => '/etc/httpd/special_conf.d' } - end - - it { is_expected.to contain_file("/etc/httpd/special_conf.d").with( - 'ensure' => 'directory', - 'recurse' => 'true', - 'purge' => 'true', - 'notify' => 'Class[Apache::Service]', - 'require' => 'Package[httpd]' - ) } - end - - describe "Alternate mpm_modules" do - context "when declaring mpm_module is false" do - let :params do - { :mpm_module => false } - end - it 'should not declare mpm modules' do - is_expected.not_to contain_class('apache::mod::event') - is_expected.not_to contain_class('apache::mod::itk') - is_expected.not_to contain_class('apache::mod::peruser') - is_expected.not_to contain_class('apache::mod::prefork') - is_expected.not_to contain_class('apache::mod::worker') - end - end - context "when declaring mpm_module => prefork" do - let :params do - { :mpm_module => 'prefork' } - end - it { is_expected.to contain_class('apache::mod::prefork') } - it { is_expected.not_to contain_class('apache::mod::event') } - it { is_expected.not_to contain_class('apache::mod::itk') } - it { is_expected.not_to contain_class('apache::mod::peruser') } - it { is_expected.not_to contain_class('apache::mod::worker') } - end - context "when declaring mpm_module => worker" do - let :params do - { :mpm_module => 'worker' } - end - it { is_expected.to contain_class('apache::mod::worker') } - it { is_expected.not_to contain_class('apache::mod::event') } - it { is_expected.not_to contain_class('apache::mod::itk') } - it { is_expected.not_to contain_class('apache::mod::peruser') } - it { is_expected.not_to contain_class('apache::mod::prefork') } - end - context "when declaring mpm_module => breakme" do - let :params do - { :mpm_module => 'breakme' } - end - it { expect { catalogue }.to raise_error Puppet::Error, /does not match/ } - end - end - - describe "different templates for httpd.conf" do - context "with default" do - let :params do - { :conf_template => 'apache/httpd.conf.erb' } - end - it { is_expected.to contain_file("/etc/httpd/conf/httpd.conf").with_content %r{^# Security\n} } - end - context "with non-default" do - let :params do - { :conf_template => 'site_apache/fake.conf.erb' } - end - it { is_expected.to contain_file("/etc/httpd/conf/httpd.conf").with_content %r{^Fake template for rspec.$} } - end - end - - describe "default mods" do - context "without" do - let :params do - { :default_mods => false } - end - - it { is_expected.to contain_apache__mod('authz_host') } - it { is_expected.not_to contain_apache__mod('env') } - end - context "custom" do - let :params do - { :default_mods => [ - 'info', - 'alias', - 'mime', - 'env', - 'setenv', - 'expires', - ]} - end - - it { is_expected.to contain_apache__mod('authz_host') } - it { is_expected.to contain_apache__mod('env') } - it { is_expected.to contain_class('apache::mod::info') } - it { is_expected.to contain_class('apache::mod::mime') } - end - end - describe "Don't create user resource" do - context "when parameter manage_user is false" do - let :params do - { :manage_user => false } - end - - it { is_expected.not_to contain_user('apache') } - it { is_expected.to contain_file("/etc/httpd/conf/httpd.conf").with_content %r{^User apache\n} } - end - end - describe "Don't create group resource" do - context "when parameter manage_group is false" do - let :params do - { :manage_group => false } - end - - it { is_expected.not_to contain_group('apache') } - it { is_expected.to contain_file("/etc/httpd/conf/httpd.conf").with_content %r{^Group apache\n} } - - end - end - describe "sendfile" do - context "with invalid value" do - let :params do - { :sendfile => 'foo' } - end - it "should fail" do - expect do - catalogue - end.to raise_error(Puppet::Error, /"foo" does not match/) - end - end - context "On" do - let :params do - { :sendfile => 'On' } - end - it { is_expected.to contain_file("/etc/httpd/conf/httpd.conf").with_content %r{^EnableSendfile On\n} } - end - context "Off" do - let :params do - { :sendfile => 'Off' } - end - it { is_expected.to contain_file("/etc/httpd/conf/httpd.conf").with_content %r{^EnableSendfile Off\n} } - end - end - context "on Fedora" do - let :facts do - super().merge({ - :operatingsystem => 'Fedora' - }) - end - - context "21" do - let :facts do - super().merge({ - :lsbdistrelease => '21', - :operatingsystemrelease => '21' - }) - end - it { is_expected.to contain_class('apache').with_apache_version('2.4') } - end - context "Rawhide" do - let :facts do - super().merge({ - :lsbdistrelease => 'Rawhide', - :operatingsystemrelease => 'Rawhide' - }) - end - it { is_expected.to contain_class('apache').with_apache_version('2.4') } - end - # kinda obsolete - context "17" do - let :facts do - super().merge({ - :lsbdistrelease => '17', - :operatingsystemrelease => '17' - }) - end - it { is_expected.to contain_class('apache').with_apache_version('2.2') } - end - end - end - context "on a FreeBSD OS" do - let :facts do - { - :id => 'root', - :kernel => 'FreeBSD', - :osfamily => 'FreeBSD', - :operatingsystem => 'FreeBSD', - :operatingsystemrelease => '10', - :concat_basedir => '/dne', - :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', - :is_pe => false, - } - end - it { is_expected.to contain_class("apache::params") } - it { is_expected.to contain_class("apache::package").with({'ensure' => 'present'}) } - it { is_expected.to contain_user("www") } - it { is_expected.to contain_group("www") } - it { is_expected.to contain_class("apache::service") } - it { is_expected.to contain_file("/usr/local/www/apache24/data").with( - 'ensure' => 'directory' - ) - } - it { is_expected.to contain_file("/usr/local/etc/apache24/Vhosts").with( - 'ensure' => 'directory', - 'recurse' => 'true', - 'purge' => 'true', - 'notify' => 'Class[Apache::Service]', - 'require' => 'Package[httpd]' - ) } - it { is_expected.to contain_file("/usr/local/etc/apache24/Modules").with( - 'ensure' => 'directory', - 'recurse' => 'true', - 'purge' => 'true', - 'notify' => 'Class[Apache::Service]', - 'require' => 'Package[httpd]' - ) } - it { is_expected.to contain_concat("/usr/local/etc/apache24/ports.conf").with( - 'owner' => 'root', - 'group' => 'wheel', - 'mode' => '0644', - 'notify' => 'Class[Apache::Service]' - ) } - # Assert that load files are placed for these mods, but no conf file. - [ - 'auth_basic', - 'authn_core', - 'authn_file', - 'authz_groupfile', - 'authz_host', - 'authz_user', - 'dav', - 'env' - ].each do |modname| - it { is_expected.to contain_file("#{modname}.load").with( - 'path' => "/usr/local/etc/apache24/Modules/#{modname}.load", - 'ensure' => 'file' - ) } - it { is_expected.not_to contain_file("#{modname}.conf") } - end - - # Assert that both load files and conf files are placed for these mods - [ - 'alias', - 'autoindex', - 'dav_fs', - 'deflate', - 'dir', - 'mime', - 'negotiation', - 'setenvif', - ].each do |modname| - it { is_expected.to contain_file("#{modname}.load").with( - 'path' => "/usr/local/etc/apache24/Modules/#{modname}.load", - 'ensure' => 'file' - ) } - it { is_expected.to contain_file("#{modname}.conf").with( - 'path' => "/usr/local/etc/apache24/Modules/#{modname}.conf", - 'ensure' => 'file' - ) } - end - end - context "on a Gentoo OS" do - let :facts do - { - :id => 'root', - :kernel => 'Linux', - :osfamily => 'Gentoo', - :operatingsystem => 'Gentoo', - :operatingsystemrelease => '3.16.1-gentoo', - :concat_basedir => '/dne', - :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/opt/bin', - :is_pe => false, - } - end - it { is_expected.to contain_class("apache::params") } - it { is_expected.to contain_user("apache") } - it { is_expected.to contain_group("apache") } - it { is_expected.to contain_class("apache::service") } - it { is_expected.to contain_file("/var/www/localhost/htdocs").with( - 'ensure' => 'directory' - ) - } - it { is_expected.to contain_file("/etc/apache2/vhosts.d").with( - 'ensure' => 'directory', - 'recurse' => 'true', - 'purge' => 'true', - 'notify' => 'Class[Apache::Service]', - 'require' => 'Package[httpd]' - ) } - it { is_expected.to contain_file("/etc/apache2/modules.d").with( - 'ensure' => 'directory', - 'recurse' => 'true', - 'purge' => 'true', - 'notify' => 'Class[Apache::Service]', - 'require' => 'Package[httpd]' - ) } - it { is_expected.to contain_concat("/etc/apache2/ports.conf").with( - 'owner' => 'root', - 'group' => 'wheel', - 'mode' => '0644', - 'notify' => 'Class[Apache::Service]' - ) } - end - context 'on all OSes' do - let :facts do - { - :id => 'root', - :kernel => 'Linux', - :osfamily => 'RedHat', - :operatingsystem => 'RedHat', - :operatingsystemrelease => '6', - :concat_basedir => '/dne', - :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', - :is_pe => false, - } - end - context 'with a custom apache_name parameter' do - let :params do { - :apache_name => 'httpd24-httpd' - } - end - it { is_expected.to contain_package("httpd").with( - 'notify' => 'Class[Apache::Service]', - 'ensure' => 'installed', - 'name' => 'httpd24-httpd' - ) - } - end - context 'with a custom file_mode parameter' do - let :params do { - :file_mode => '0640' - } - end - it { is_expected.to contain_concat("/etc/httpd/conf/ports.conf").with( - 'mode' => '0640', - ) - } - end - context 'with a custom root_directory_options parameter' do - let :params do { - :root_directory_options => ['-Indexes', '-FollowSymLinks'] - } - end - it { is_expected.to contain_file("/etc/httpd/conf/httpd.conf").with_content %r{Options -Indexes -FollowSymLinks} } - end - context 'default vhost defaults' do - it { is_expected.to contain_apache__vhost('default').with_ensure('present') } - it { is_expected.to contain_apache__vhost('default-ssl').with_ensure('absent') } - it { is_expected.to contain_file("/etc/httpd/conf/httpd.conf").with_content %r{Options FollowSymLinks} } - end - context 'without default non-ssl vhost' do - let :params do { - :default_vhost => false - } - end - it { is_expected.to contain_apache__vhost('default').with_ensure('absent') } - it { is_expected.not_to contain_file('/var/www/html') } - end - context 'with default ssl vhost' do - let :params do { - :default_ssl_vhost => true - } - end - it { is_expected.to contain_apache__vhost('default-ssl').with_ensure('present') } - it { is_expected.to contain_file('/var/www/html') } - end - end - context 'with unsupported osfamily' do - let :facts do - { :osfamily => 'Darwin', - :operatingsystemrelease => '13.1.0', - :concat_basedir => '/dne', - :is_pe => false, - } - end - - it do - expect { - catalogue - }.to raise_error(Puppet::Error, /Unsupported osfamily/) - end - end -end diff --git a/apache/spec/classes/dev_spec.rb b/apache/spec/classes/dev_spec.rb deleted file mode 100644 index 933d67703..000000000 --- a/apache/spec/classes/dev_spec.rb +++ /dev/null @@ -1,89 +0,0 @@ -require 'spec_helper' - -describe 'apache::dev', :type => :class do - let(:pre_condition) {[ - 'include apache' - ]} - context "on a Debian OS" do - let :facts do - { - :lsbdistcodename => 'squeeze', - :osfamily => 'Debian', - :operatingsystem => 'Debian', - :operatingsystemrelease => '6', - :is_pe => false, - :concat_basedir => '/foo', - :id => 'root', - :path => '/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin', - :kernel => 'Linux' - } - end - it { is_expected.to contain_class("apache::params") } - it { is_expected.to contain_package("libaprutil1-dev") } - it { is_expected.to contain_package("libapr1-dev") } - it { is_expected.to contain_package("apache2-prefork-dev") } - end - context "on an Ubuntu 14 OS" do - let :facts do - { - :lsbdistrelease => '14.04', - :lsbdistcodename => 'trusty', - :osfamily => 'Debian', - :operatingsystem => 'Ubuntu', - :operatingsystemrelease => '14.04', - :is_pe => false, - :concat_basedir => '/foo', - :id => 'root', - :path => '/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin', - :kernel => 'Linux' - } - end - it { is_expected.to contain_package("apache2-dev") } - end - context "on a RedHat OS" do - let :facts do - { - :osfamily => 'RedHat', - :operatingsystem => 'RedHat', - :operatingsystemrelease => '6', - :is_pe => false, - :concat_basedir => '/foo', - :id => 'root', - :path => '/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin', - :kernel => 'Linux' - } - end - it { is_expected.to contain_class("apache::params") } - it { is_expected.to contain_package("httpd-devel") } - end - context "on a FreeBSD OS" do - let :facts do - { - :osfamily => 'FreeBSD', - :operatingsystem => 'FreeBSD', - :operatingsystemrelease => '9', - :is_pe => false, - :concat_basedir => '/foo', - :id => 'root', - :path => '/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin', - :kernel => 'FreeBSD' - } - end - it { is_expected.to contain_class("apache::params") } - end - context "on a Gentoo OS" do - let :facts do - { - :osfamily => 'Gentoo', - :operatingsystem => 'Gentoo', - :operatingsystemrelease => '3.16.1-gentoo', - :is_pe => false, - :concat_basedir => '/foo', - :id => 'root', - :path => '/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin', - :kernel => 'Linux' - } - end - it { is_expected.to contain_class("apache::params") } - end -end diff --git a/apache/spec/classes/mod/alias_spec.rb b/apache/spec/classes/mod/alias_spec.rb deleted file mode 100644 index 99854e818..000000000 --- a/apache/spec/classes/mod/alias_spec.rb +++ /dev/null @@ -1,97 +0,0 @@ -require 'spec_helper' - -describe 'apache::mod::alias', :type => :class do - it_behaves_like "a mod class, without including apache" - - context "default configuration with parameters" do - context "on a Debian OS", :compile do - let :facts do - { - :id => 'root', - :kernel => 'Linux', - :lsbdistcodename => 'squeeze', - :osfamily => 'Debian', - :operatingsystem => 'Debian', - :operatingsystemrelease => '6', - :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', - :concat_basedir => '/dne', - :is_pe => false, - } - end - it { is_expected.to contain_apache__mod("alias") } - it { is_expected.to contain_file("alias.conf").with(:content => /Alias \/icons\/ "\/usr\/share\/apache2\/icons\/"/) } - end - context "on a RedHat 6-based OS", :compile do - let :facts do - { - :id => 'root', - :kernel => 'Linux', - :osfamily => 'RedHat', - :operatingsystem => 'RedHat', - :operatingsystemrelease => '6', - :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', - :concat_basedir => '/dne', - :is_pe => false, - } - end - it { is_expected.to contain_apache__mod("alias") } - it { is_expected.to contain_file("alias.conf").with(:content => /Alias \/icons\/ "\/var\/www\/icons\/"/) } - end - context "on a RedHat 7-based OS", :compile do - let :facts do - { - :id => 'root', - :kernel => 'Linux', - :osfamily => 'RedHat', - :operatingsystem => 'RedHat', - :operatingsystemrelease => '7', - :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', - :concat_basedir => '/dne', - :is_pe => false, - } - end - it { is_expected.to contain_apache__mod("alias") } - it { is_expected.to contain_file("alias.conf").with(:content => /Alias \/icons\/ "\/usr\/share\/httpd\/icons\/"/) } - end - context "with icons options", :compile do - let :pre_condition do - 'class { apache: default_mods => false }' - end - let :facts do - { - :id => 'root', - :kernel => 'Linux', - :osfamily => 'RedHat', - :operatingsystem => 'RedHat', - :operatingsystemrelease => '7', - :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', - :concat_basedir => '/dne', - :is_pe => false, - } - end - let :params do - { - 'icons_options' => 'foo' - } - end - it { is_expected.to contain_apache__mod("alias") } - it { is_expected.to contain_file("alias.conf").with(:content => /Options foo/) } - end - context "on a FreeBSD OS", :compile do - let :facts do - { - :id => 'root', - :kernel => 'FreeBSD', - :osfamily => 'FreeBSD', - :operatingsystem => 'FreeBSD', - :operatingsystemrelease => '10', - :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', - :concat_basedir => '/dne', - :is_pe => false, - } - end - it { is_expected.to contain_apache__mod("alias") } - it { is_expected.to contain_file("alias.conf").with(:content => /Alias \/icons\/ "\/usr\/local\/www\/apache24\/icons\/"/) } - end - end -end diff --git a/apache/spec/classes/mod/auth_cas_spec.rb b/apache/spec/classes/mod/auth_cas_spec.rb deleted file mode 100644 index aee3f8c29..000000000 --- a/apache/spec/classes/mod/auth_cas_spec.rb +++ /dev/null @@ -1,64 +0,0 @@ -require 'spec_helper' - -describe 'apache::mod::auth_cas', :type => :class do - context "default params" do - let :params do - { - :cas_login_url => 'https://cas.example.com/login', - :cas_validate_url => 'https://cas.example.com/validate', - :cas_cookie_path => '/var/cache/apache2/mod_auth_cas/' - } - end - - it_behaves_like "a mod class, without including apache" - end - - context "default configuration with parameters" do - let :params do - { - :cas_login_url => 'https://cas.example.com/login', - :cas_validate_url => 'https://cas.example.com/validate', - } - end - - context "on a Debian OS", :compile do - let :facts do - { - :id => 'root', - :kernel => 'Linux', - :lsbdistcodename => 'squeeze', - :osfamily => 'Debian', - :operatingsystem => 'Debian', - :operatingsystemrelease => '6', - :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', - :concat_basedir => '/dne', - :is_pe => false, - } - end - it { is_expected.to contain_class("apache::params") } - it { is_expected.to contain_apache__mod("auth_cas") } - it { is_expected.to contain_package("libapache2-mod-auth-cas") } - it { is_expected.to contain_file("auth_cas.conf").with_path('/etc/apache2/mods-available/auth_cas.conf') } - it { is_expected.to contain_file("/var/cache/apache2/mod_auth_cas/").with_owner('www-data') } - end - context "on a RedHat OS", :compile do - let :facts do - { - :id => 'root', - :kernel => 'Linux', - :osfamily => 'RedHat', - :operatingsystem => 'RedHat', - :operatingsystemrelease => '6', - :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', - :concat_basedir => '/dne', - :is_pe => false, - } - end - it { is_expected.to contain_class("apache::params") } - it { is_expected.to contain_apache__mod("auth_cas") } - it { is_expected.to contain_package("mod_auth_cas") } - it { is_expected.to contain_file("auth_cas.conf").with_path('/etc/httpd/conf.d/auth_cas.conf') } - it { is_expected.to contain_file("/var/cache/mod_auth_cas/").with_owner('apache') } - end - end -end diff --git a/apache/spec/classes/mod/auth_kerb_spec.rb b/apache/spec/classes/mod/auth_kerb_spec.rb deleted file mode 100644 index 74b6827d0..000000000 --- a/apache/spec/classes/mod/auth_kerb_spec.rb +++ /dev/null @@ -1,77 +0,0 @@ -require 'spec_helper' - -describe 'apache::mod::auth_kerb', :type => :class do - it_behaves_like "a mod class, without including apache" - - context "default configuration with parameters" do - context "on a Debian OS", :compile do - let :facts do - { - :id => 'root', - :kernel => 'Linux', - :lsbdistcodename => 'squeeze', - :osfamily => 'Debian', - :operatingsystem => 'Debian', - :operatingsystemrelease => '6', - :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', - :concat_basedir => '/dne', - :is_pe => false, - } - end - it { is_expected.to contain_class("apache::params") } - it { is_expected.to contain_apache__mod("auth_kerb") } - it { is_expected.to contain_package("libapache2-mod-auth-kerb") } - end - context "on a RedHat OS", :compile do - let :facts do - { - :id => 'root', - :kernel => 'Linux', - :osfamily => 'RedHat', - :operatingsystem => 'RedHat', - :operatingsystemrelease => '6', - :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', - :concat_basedir => '/dne', - :is_pe => false, - } - end - it { is_expected.to contain_class("apache::params") } - it { is_expected.to contain_apache__mod("auth_kerb") } - it { is_expected.to contain_package("mod_auth_kerb") } - end - context "on a FreeBSD OS", :compile do - let :facts do - { - :id => 'root', - :kernel => 'FreeBSD', - :osfamily => 'FreeBSD', - :operatingsystem => 'FreeBSD', - :operatingsystemrelease => '9', - :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', - :concat_basedir => '/dne', - :is_pe => false, - } - end - it { is_expected.to contain_class("apache::params") } - it { is_expected.to contain_apache__mod("auth_kerb") } - it { is_expected.to contain_package("www/mod_auth_kerb2") } - end - context "on a Gentoo OS", :compile do - let :facts do - { - :id => 'root', - :kernel => 'Linux', - :osfamily => 'Gentoo', - :operatingsystem => 'Gentoo', - :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/opt/bin', - :operatingsystemrelease => '3.16.1-gentoo', - :concat_basedir => '/dne', - :is_pe => false, - } - end - it { is_expected.to contain_class("apache::params") } - it { is_expected.to contain_apache__mod("auth_kerb") } - it { is_expected.to contain_package("www-apache/mod_auth_kerb") } - end - end -end diff --git a/apache/spec/classes/mod/auth_mellon_spec.rb b/apache/spec/classes/mod/auth_mellon_spec.rb deleted file mode 100644 index 7d0826ff7..000000000 --- a/apache/spec/classes/mod/auth_mellon_spec.rb +++ /dev/null @@ -1,90 +0,0 @@ -require 'spec_helper' - -describe 'apache::mod::auth_mellon', :type => :class do - it_behaves_like "a mod class, without including apache" - - context "default configuration with parameters" do - context "on a Debian OS" do - let :facts do - { - :osfamily => 'Debian', - :operatingsystemrelease => '6', - :concat_basedir => '/dne', - :lsbdistcodename => 'squeeze', - :operatingsystem => 'Debian', - :id => 'root', - :kernel => 'Linux', - :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', - :fqdn => 'test.example.com', - :is_pe => false, - } - end - describe 'with no parameters' do - it { should contain_apache__mod('auth_mellon') } - it { should contain_package('libapache2-mod-auth-mellon') } - it { should contain_file('auth_mellon.conf').with_path('/etc/apache2/mods-available/auth_mellon.conf') } - it { should contain_file('auth_mellon.conf').with_content("MellonPostDirectory \"\/var\/cache\/apache2\/mod_auth_mellon\/\"\n") } - end - describe 'with parameters' do - let :params do - { :mellon_cache_size => '200', - :mellon_cache_entry_size => '2010', - :mellon_lock_file => '/tmp/junk', - :mellon_post_directory => '/tmp/post', - :mellon_post_ttl => '5', - :mellon_post_size => '8', - :mellon_post_count => '10' - } - end - it { should contain_file('auth_mellon.conf').with_content(/^MellonCacheSize\s+200$/) } - it { should contain_file('auth_mellon.conf').with_content(/^MellonCacheEntrySize\s+2010$/) } - it { should contain_file('auth_mellon.conf').with_content(/^MellonLockFile\s+"\/tmp\/junk"$/) } - it { should contain_file('auth_mellon.conf').with_content(/^MellonPostDirectory\s+"\/tmp\/post"$/) } - it { should contain_file('auth_mellon.conf').with_content(/^MellonPostTTL\s+5$/) } - it { should contain_file('auth_mellon.conf').with_content(/^MellonPostSize\s+8$/) } - it { should contain_file('auth_mellon.conf').with_content(/^MellonPostCount\s+10$/) } - end - - end - context "on a RedHat OS" do - let :facts do - { - :osfamily => 'RedHat', - :operatingsystemrelease => '6', - :concat_basedir => '/dne', - :operatingsystem => 'RedHat', - :id => 'root', - :kernel => 'Linux', - :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', - :fqdn => 'test.example.com', - :is_pe => false, - } - end - describe 'with no parameters' do - it { should contain_apache__mod('auth_mellon') } - it { should contain_package('mod_auth_mellon') } - it { should contain_file('auth_mellon.conf').with_path('/etc/httpd/conf.d/auth_mellon.conf') } - it { should contain_file('auth_mellon.conf').with_content("MellonCacheSize 100\nMellonLockFile \"/run/mod_auth_mellon/lock\"\n") } - end - describe 'with parameters' do - let :params do - { :mellon_cache_size => '200', - :mellon_cache_entry_size => '2010', - :mellon_lock_file => '/tmp/junk', - :mellon_post_directory => '/tmp/post', - :mellon_post_ttl => '5', - :mellon_post_size => '8', - :mellon_post_count => '10' - } - end - it { should contain_file('auth_mellon.conf').with_content(/^MellonCacheSize\s+200$/) } - it { should contain_file('auth_mellon.conf').with_content(/^MellonCacheEntrySize\s+2010$/) } - it { should contain_file('auth_mellon.conf').with_content(/^MellonLockFile\s+"\/tmp\/junk"$/) } - it { should contain_file('auth_mellon.conf').with_content(/^MellonPostDirectory\s+"\/tmp\/post"$/) } - it { should contain_file('auth_mellon.conf').with_content(/^MellonPostTTL\s+5$/) } - it { should contain_file('auth_mellon.conf').with_content(/^MellonPostSize\s+8$/) } - it { should contain_file('auth_mellon.conf').with_content(/^MellonPostCount\s+10$/) } - end - end - end -end diff --git a/apache/spec/classes/mod/authnz_ldap_spec.rb b/apache/spec/classes/mod/authnz_ldap_spec.rb deleted file mode 100644 index 7469d165e..000000000 --- a/apache/spec/classes/mod/authnz_ldap_spec.rb +++ /dev/null @@ -1,76 +0,0 @@ -require 'spec_helper' - -describe 'apache::mod::authnz_ldap', :type => :class do - it_behaves_like "a mod class, without including apache" - - context "default configuration with parameters" do - context "on a Debian OS" do - let :facts do - { - :lsbdistcodename => 'squeeze', - :osfamily => 'Debian', - :operatingsystemrelease => '6', - :concat_basedir => '/dne', - :id => 'root', - :kernel => 'Linux', - :operatingsystem => 'Debian', - :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', - :is_pe => false, - } - end - it { is_expected.to contain_class("apache::params") } - it { is_expected.to contain_class("apache::mod::ldap") } - it { is_expected.to contain_apache__mod('authnz_ldap') } - - context 'default verify_server_cert' do - it { is_expected.to contain_file('authnz_ldap.conf').with_content(/^LDAPVerifyServerCert On$/) } - end - - context 'verify_server_cert = false' do - let(:params) { { :verify_server_cert => false } } - it { is_expected.to contain_file('authnz_ldap.conf').with_content(/^LDAPVerifyServerCert Off$/) } - end - - context 'verify_server_cert = wrong' do - let(:params) { { :verify_server_cert => 'wrong' } } - it 'should raise an error' do - expect { is_expected.to raise_error Puppet::Error } - end - end - end #Debian - - context "on a RedHat OS" do - let :facts do - { - :osfamily => 'RedHat', - :operatingsystemrelease => '6', - :concat_basedir => '/dne', - :id => 'root', - :kernel => 'Linux', - :operatingsystem => 'RedHat', - :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', - :is_pe => false, - } - end - it { is_expected.to contain_class("apache::params") } - it { is_expected.to contain_class("apache::mod::ldap") } - it { is_expected.to contain_apache__mod('authnz_ldap') } - - context 'default verify_server_cert' do - it { is_expected.to contain_file('authnz_ldap.conf').with_content(/^LDAPVerifyServerCert On$/) } - end - - context 'verify_server_cert = false' do - let(:params) { { :verify_server_cert => false } } - it { is_expected.to contain_file('authnz_ldap.conf').with_content(/^LDAPVerifyServerCert Off$/) } - end - - context 'verify_server_cert = wrong' do - let(:params) { { :verify_server_cert => 'wrong' } } - it 'should raise an error' do - expect { is_expected.to raise_error Puppet::Error } - end - end - end # Redhat - end -end diff --git a/apache/spec/classes/mod/dav_svn_spec.rb b/apache/spec/classes/mod/dav_svn_spec.rb deleted file mode 100644 index 1f60e730b..000000000 --- a/apache/spec/classes/mod/dav_svn_spec.rb +++ /dev/null @@ -1,80 +0,0 @@ -require 'spec_helper' - -describe 'apache::mod::dav_svn', :type => :class do - it_behaves_like "a mod class, without including apache" - - context "default configuration with parameters" do - context "on a Debian OS" do - let :facts do - { - :lsbdistcodename => 'squeeze', - :osfamily => 'Debian', - :operatingsystemrelease => '6', - :operatingsystemmajrelease => '6', - :concat_basedir => '/dne', - :operatingsystem => 'Debian', - :id => 'root', - :kernel => 'Linux', - :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', - :is_pe => false, - } - end - it { is_expected.to contain_class("apache::params") } - it { is_expected.to contain_apache__mod('dav_svn') } - it { is_expected.to contain_package("libapache2-svn") } - end - context "on a RedHat OS" do - let :facts do - { - :osfamily => 'RedHat', - :operatingsystemrelease => '6', - :operatingsystemmajrelease => '6', - :concat_basedir => '/dne', - :operatingsystem => 'RedHat', - :id => 'root', - :kernel => 'Linux', - :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', - :is_pe => false, - } - end - it { is_expected.to contain_class("apache::params") } - it { is_expected.to contain_apache__mod('dav_svn') } - it { is_expected.to contain_package("mod_dav_svn") } - end - context "on a FreeBSD OS" do - let :facts do - { - :osfamily => 'FreeBSD', - :operatingsystemrelease => '9', - :operatingsystemmajrelease => '9', - :concat_basedir => '/dne', - :operatingsystem => 'FreeBSD', - :id => 'root', - :kernel => 'Linux', - :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', - :is_pe => false, - } - end - it { is_expected.to contain_class("apache::params") } - it { is_expected.to contain_apache__mod('dav_svn') } - it { is_expected.to contain_package("devel/subversion") } - end - context "on a Gentoo OS", :compile do - let :facts do - { - :id => 'root', - :operatingsystemrelease => '3.16.1-gentoo', - :concat_basedir => '/dne', - :kernel => 'Linux', - :osfamily => 'Gentoo', - :operatingsystem => 'Gentoo', - :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/opt/bin', - :is_pe => false, - } - end - it { is_expected.to contain_class("apache::params") } - it { is_expected.to contain_apache__mod('dav_svn') } - it { is_expected.to contain_package("dev-vcs/subversion") } - end - end -end diff --git a/apache/spec/classes/mod/deflate_spec.rb b/apache/spec/classes/mod/deflate_spec.rb deleted file mode 100644 index 264c70f36..000000000 --- a/apache/spec/classes/mod/deflate_spec.rb +++ /dev/null @@ -1,127 +0,0 @@ -require 'spec_helper' - -# This function is called inside the OS specific contexts -def general_deflate_specs - it { is_expected.to contain_apache__mod("deflate") } - - it do - is_expected.to contain_file("deflate.conf").with_content( - "AddOutputFilterByType DEFLATE text/css\n"\ - "AddOutputFilterByType DEFLATE text/html\n"\ - "\n"\ - "DeflateFilterNote Input instream\n"\ - "DeflateFilterNote Ratio ratio\n" - ) - end -end - -describe 'apache::mod::deflate', :type => :class do - it_behaves_like "a mod class, without including apache" - - context "default configuration with parameters" do - let :pre_condition do - 'class { "apache::mod::deflate": - types => [ "text/html", "text/css" ], - notes => { - "Input" => "instream", - "Ratio" => "ratio", - } - } - ' - end - - context "On a Debian OS with default params" do - let :facts do - { - :id => 'root', - :lsbdistcodename => 'squeeze', - :kernel => 'Linux', - :osfamily => 'Debian', - :operatingsystem => 'Debian', - :operatingsystemrelease => '6', - :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', - :concat_basedir => '/dne', - :is_pe => false, - } - end - - # Load the more generic tests for this context - general_deflate_specs() - - it { is_expected.to contain_file("deflate.conf").with({ - :ensure => 'file', - :path => '/etc/apache2/mods-available/deflate.conf', - } ) } - it { is_expected.to contain_file("deflate.conf symlink").with({ - :ensure => 'link', - :path => '/etc/apache2/mods-enabled/deflate.conf', - } ) } - end - - context "on a RedHat OS with default params" do - let :facts do - { - :id => 'root', - :kernel => 'Linux', - :osfamily => 'RedHat', - :operatingsystem => 'RedHat', - :operatingsystemrelease => '6', - :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', - :concat_basedir => '/dne', - :is_pe => false, - } - end - - # Load the more generic tests for this context - general_deflate_specs() - - it { is_expected.to contain_file("deflate.conf").with_path("/etc/httpd/conf.d/deflate.conf") } - end - - context "On a FreeBSD OS with default params" do - let :facts do - { - :id => 'root', - :kernel => 'FreeBSD', - :osfamily => 'FreeBSD', - :operatingsystem => 'FreeBSD', - :operatingsystemrelease => '9', - :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', - :concat_basedir => '/dne', - :is_pe => false, - } - end - - # Load the more generic tests for this context - general_deflate_specs() - - it { is_expected.to contain_file("deflate.conf").with({ - :ensure => 'file', - :path => '/usr/local/etc/apache24/Modules/deflate.conf', - } ) } - end - - context "On a Gentoo OS with default params" do - let :facts do - { - :id => 'root', - :kernel => 'Linux', - :osfamily => 'Gentoo', - :operatingsystem => 'Gentoo', - :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/opt/bin', - :operatingsystemrelease => '3.16.1-gentoo', - :concat_basedir => '/dne', - :is_pe => false, - } - end - - # Load the more generic tests for this context - general_deflate_specs() - - it { is_expected.to contain_file("deflate.conf").with({ - :ensure => 'file', - :path => '/etc/apache2/modules.d/deflate.conf', - } ) } - end - end -end diff --git a/apache/spec/classes/mod/dev_spec.rb b/apache/spec/classes/mod/dev_spec.rb deleted file mode 100644 index 29589f99f..000000000 --- a/apache/spec/classes/mod/dev_spec.rb +++ /dev/null @@ -1,28 +0,0 @@ -require 'spec_helper' - -describe 'apache::mod::dev', :type => :class do - it_behaves_like "a mod class, without including apache" - - [ - ['RedHat', '6', 'Santiago', 'Linux'], - ['Debian', '6', 'squeeze', 'Linux'], - ['FreeBSD', '9', 'FreeBSD', 'FreeBSD'], - ].each do |osfamily, operatingsystemrelease, lsbdistcodename, kernel| - context "on a #{osfamily} OS" do - let :facts do - { - :lsbdistcodename => lsbdistcodename, - :osfamily => osfamily, - :operatingsystem => osfamily, - :operatingsystemrelease => operatingsystemrelease, - :is_pe => false, - :concat_basedir => '/foo', - :id => 'root', - :path => '/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin', - :kernel => kernel - } - end - it { is_expected.to contain_class('apache::dev') } - end - end -end diff --git a/apache/spec/classes/mod/dir_spec.rb b/apache/spec/classes/mod/dir_spec.rb deleted file mode 100644 index 9aad0d3ff..000000000 --- a/apache/spec/classes/mod/dir_spec.rb +++ /dev/null @@ -1,137 +0,0 @@ -require 'spec_helper' - -describe 'apache::mod::dir', :type => :class do - it_behaves_like "a mod class, without including apache" - - context "default configuration with parameters" do - context "on a Debian OS" do - let :facts do - { - :osfamily => 'Debian', - :operatingsystemrelease => '6', - :concat_basedir => '/dne', - :operatingsystem => 'Debian', - :id => 'root', - :kernel => 'Linux', - :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', - :lsbdistcodename => 'squeeze', - :is_pe => false, - } - end - context "passing no parameters" do - it { is_expected.to contain_class("apache::params") } - it { is_expected.to contain_apache__mod('dir') } - it { is_expected.to contain_file('dir.conf').with_content(/^DirectoryIndex /) } - it { is_expected.to contain_file('dir.conf').with_content(/ index\.html /) } - it { is_expected.to contain_file('dir.conf').with_content(/ index\.html\.var /) } - it { is_expected.to contain_file('dir.conf').with_content(/ index\.cgi /) } - it { is_expected.to contain_file('dir.conf').with_content(/ index\.pl /) } - it { is_expected.to contain_file('dir.conf').with_content(/ index\.php /) } - it { is_expected.to contain_file('dir.conf').with_content(/ index\.xhtml$/) } - end - context "passing indexes => ['example.txt','fearsome.aspx']" do - let :params do - {:indexes => ['example.txt','fearsome.aspx']} - end - it { is_expected.to contain_file('dir.conf').with_content(/ example\.txt /) } - it { is_expected.to contain_file('dir.conf').with_content(/ fearsome\.aspx$/) } - end - end - context "on a RedHat OS" do - let :facts do - { - :osfamily => 'RedHat', - :operatingsystemrelease => '6', - :concat_basedir => '/dne', - :operatingsystem => 'Redhat', - :id => 'root', - :kernel => 'Linux', - :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', - :is_pe => false, - } - end - context "passing no parameters" do - it { is_expected.to contain_class("apache::params") } - it { is_expected.to contain_apache__mod('dir') } - it { is_expected.to contain_file('dir.conf').with_content(/^DirectoryIndex /) } - it { is_expected.to contain_file('dir.conf').with_content(/ index\.html /) } - it { is_expected.to contain_file('dir.conf').with_content(/ index\.html\.var /) } - it { is_expected.to contain_file('dir.conf').with_content(/ index\.cgi /) } - it { is_expected.to contain_file('dir.conf').with_content(/ index\.pl /) } - it { is_expected.to contain_file('dir.conf').with_content(/ index\.php /) } - it { is_expected.to contain_file('dir.conf').with_content(/ index\.xhtml$/) } - end - context "passing indexes => ['example.txt','fearsome.aspx']" do - let :params do - {:indexes => ['example.txt','fearsome.aspx']} - end - it { is_expected.to contain_file('dir.conf').with_content(/ example\.txt /) } - it { is_expected.to contain_file('dir.conf').with_content(/ fearsome\.aspx$/) } - end - end - context "on a FreeBSD OS" do - let :facts do - { - :osfamily => 'FreeBSD', - :operatingsystemrelease => '9', - :concat_basedir => '/dne', - :operatingsystem => 'FreeBSD', - :id => 'root', - :kernel => 'FreeBSD', - :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', - :is_pe => false, - } - end - context "passing no parameters" do - it { is_expected.to contain_class("apache::params") } - it { is_expected.to contain_apache__mod('dir') } - it { is_expected.to contain_file('dir.conf').with_content(/^DirectoryIndex /) } - it { is_expected.to contain_file('dir.conf').with_content(/ index\.html /) } - it { is_expected.to contain_file('dir.conf').with_content(/ index\.html\.var /) } - it { is_expected.to contain_file('dir.conf').with_content(/ index\.cgi /) } - it { is_expected.to contain_file('dir.conf').with_content(/ index\.pl /) } - it { is_expected.to contain_file('dir.conf').with_content(/ index\.php /) } - it { is_expected.to contain_file('dir.conf').with_content(/ index\.xhtml$/) } - end - context "passing indexes => ['example.txt','fearsome.aspx']" do - let :params do - {:indexes => ['example.txt','fearsome.aspx']} - end - it { is_expected.to contain_file('dir.conf').with_content(/ example\.txt /) } - it { is_expected.to contain_file('dir.conf').with_content(/ fearsome\.aspx$/) } - end - end - context "on a Gentoo OS" do - let :facts do - { - :osfamily => 'Gentoo', - :operatingsystem => 'Gentoo', - :operatingsystemrelease => '3.16.1-gentoo', - :concat_basedir => '/dne', - :id => 'root', - :kernel => 'Linux', - :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/opt/bin', - :is_pe => false, - } - end - context "passing no parameters" do - it { is_expected.to contain_class("apache::params") } - it { is_expected.to contain_apache__mod('dir') } - it { is_expected.to contain_file('dir.conf').with_content(/^DirectoryIndex /) } - it { is_expected.to contain_file('dir.conf').with_content(/ index\.html /) } - it { is_expected.to contain_file('dir.conf').with_content(/ index\.html\.var /) } - it { is_expected.to contain_file('dir.conf').with_content(/ index\.cgi /) } - it { is_expected.to contain_file('dir.conf').with_content(/ index\.pl /) } - it { is_expected.to contain_file('dir.conf').with_content(/ index\.php /) } - it { is_expected.to contain_file('dir.conf').with_content(/ index\.xhtml$/) } - end - context "passing indexes => ['example.txt','fearsome.aspx']" do - let :params do - {:indexes => ['example.txt','fearsome.aspx']} - end - it { is_expected.to contain_file('dir.conf').with_content(/ example\.txt /) } - it { is_expected.to contain_file('dir.conf').with_content(/ fearsome\.aspx$/) } - end - end - end -end diff --git a/apache/spec/classes/mod/disk_cache.rb b/apache/spec/classes/mod/disk_cache.rb deleted file mode 100644 index 263b4cac6..000000000 --- a/apache/spec/classes/mod/disk_cache.rb +++ /dev/null @@ -1,111 +0,0 @@ -require 'spec_helper' - -describe 'apache::mod::disk_cache', :type => :class do - let :pre_condition do - 'include apache' - end - context "on a Debian OS", :compile do - let :facts do - { - :id => 'root', - :kernel => 'Linux', - :lsbdistcodename => 'squeeze', - :osfamily => 'Debian', - :operatingsystem => 'Debian', - :operatingsystemrelease => '6', - :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', - :concat_basedir => '/dne', - :is_pe => false, - } - end - context "with Apache version < 2.4" do - let :params do - { - :apache_version => '2.2', - } - end - - it { is_expected.to contain_apache__mod("disk_cache") } - it { is_expected.to contain_file("disk_cache.conf").with(:content => /CacheEnable disk /\nCacheRoot \"\/var\/cache\/apache2\/mod_disk_cache\"\nCacheDirLevels 2\nCacheDirLength 1/) } - end - context "with Apache version >= 2.4" do - let :params do - { - :apache_version => '2.4', - } - end - - it { is_expected.to contain_apache__mod("cache_disk") } - it { is_expected.to contain_file("disk_cache.conf").with(:content => /CacheEnable disk /\nCacheRoot \"\/var\/cache\/apache2\/mod_cache_disk\"\nCacheDirLevels 2\nCacheDirLength 1/) } - end - end - - context "on a RedHat 6-based OS", :compile do - let :facts do - { - :id => 'root', - :kernel => 'Linux', - :osfamily => 'RedHat', - :operatingsystem => 'RedHat', - :operatingsystemrelease => '6', - :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', - :concat_basedir => '/dne', - :is_pe => false, - } - end - context "with Apache version < 2.4" do - let :params do - { - :apache_version => '2.2', - } - end - - it { is_expected.to contain_apache__mod("disk_cache") } - it { is_expected.to contain_file("disk_cache.conf").with(:content => /CacheEnable disk /\nCacheRoot \"\/var\/cache\/httpd\/proxy\"\nCacheDirLevels 2\nCacheDirLength 1/) } - end - context "with Apache version >= 2.4" do - let :params do - { - :apache_version => '2.4', - } - end - - it { is_expected.to contain_apache__mod("cache_disk") } - it { is_expected.to contain_file("disk_cache.conf").with(:content => /CacheEnable disk /\nCacheRoot \"\/var\/cache\/httpd\/proxy\"\nCacheDirLevels 2\nCacheDirLength 1/) } - end - end - context "on a FreeBSD OS", :compile do - let :facts do - { - :id => 'root', - :kernel => 'FreeBSD', - :osfamily => 'FreeBSD', - :operatingsystem => 'FreeBSD', - :operatingsystemrelease => '10', - :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', - :concat_basedir => '/dne', - :is_pe => false, - } - end - context "with Apache version < 2.4" do - let :params do - { - :apache_version => '2.2', - } - end - - it { is_expected.to contain_apache__mod("disk_cache") } - it { is_expected.to contain_file("disk_cache.conf").with(:content => /CacheEnable disk /\nCacheRoot \"\/var\/cache\/mod_cache_disk\"\nCacheDirLevels 2\nCacheDirLength 1/) } - end - context "with Apache version >= 2.4" do - let :params do - { - :apache_version => '2.4', - } - end - - it { is_expected.to contain_apache__mod("cache_disk") } - it { is_expected.to contain_file("disk_cache.conf").with(:content => /CacheEnable disk /\nCacheRoot \"\/var\/cache\/mod_cache_disk\"\nCacheDirLevels 2\nCacheDirLength 1/) } - end - end -end diff --git a/apache/spec/classes/mod/event_spec.rb b/apache/spec/classes/mod/event_spec.rb deleted file mode 100644 index dd0a427ea..000000000 --- a/apache/spec/classes/mod/event_spec.rb +++ /dev/null @@ -1,154 +0,0 @@ -require 'spec_helper' - -describe 'apache::mod::event', :type => :class do - let :pre_condition do - 'class { "apache": mpm_module => false, }' - end - context "on a FreeBSD OS" do - let :facts do - { - :osfamily => 'FreeBSD', - :operatingsystemrelease => '9', - :concat_basedir => '/dne', - :operatingsystem => 'FreeBSD', - :id => 'root', - :kernel => 'FreeBSD', - :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', - :is_pe => false, - } - end - it { is_expected.to contain_class("apache::params") } - it { is_expected.not_to contain_apache__mod('event') } - it { is_expected.to contain_file("/usr/local/etc/apache24/Modules/event.conf").with_ensure('file') } - end - context "on a Gentoo OS" do - let :facts do - { - :osfamily => 'Gentoo', - :operatingsystem => 'Gentoo', - :operatingsystemrelease => '3.16.1-gentoo', - :concat_basedir => '/dne', - :id => 'root', - :kernel => 'Linux', - :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/opt/bin', - :is_pe => false, - } - end - it { is_expected.to contain_class("apache::params") } - it { is_expected.not_to contain_apache__mod('event') } - it { is_expected.to contain_file("/etc/apache2/modules.d/event.conf").with_ensure('file') } - end - context "on a Debian OS" do - let :facts do - { - :lsbdistcodename => 'squeeze', - :osfamily => 'Debian', - :operatingsystemrelease => '6', - :concat_basedir => '/dne', - :operatingsystem => 'Debian', - :id => 'root', - :kernel => 'Linux', - :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', - :is_pe => false, - } - end - - - it { is_expected.to contain_class("apache::params") } - it { is_expected.not_to contain_apache__mod('event') } - it { is_expected.to contain_file("/etc/apache2/mods-available/event.conf").with_ensure('file') } - it { is_expected.to contain_file("/etc/apache2/mods-enabled/event.conf").with_ensure('link') } - - context "Test mpm_event params" do - let :params do - { - :serverlimit => '0', - :startservers => '1', - :maxclients => '2', - :minsparethreads => '3', - :maxsparethreads => '4', - :threadsperchild => '5', - :maxrequestsperchild => '6', - :threadlimit => '7', - :listenbacklog => '8', - :maxrequestworkers => '9', - :maxconnectionsperchild => '10', - } - end - - it { is_expected.to contain_file("/etc/apache2/mods-available/event.conf").with_ensure('file').with_content(/^\s*ServerLimit\s*0/) } - it { is_expected.to contain_file("/etc/apache2/mods-available/event.conf").with_ensure('file').with_content(/^\s*StartServers\s*1/) } - it { is_expected.to contain_file("/etc/apache2/mods-available/event.conf").with_ensure('file').with_content(/^\s*MaxClients\s*2/) } - it { is_expected.to contain_file("/etc/apache2/mods-available/event.conf").with_ensure('file').with_content(/^\s*MinSpareThreads\s*3/) } - it { is_expected.to contain_file("/etc/apache2/mods-available/event.conf").with_ensure('file').with_content(/^\s*MaxSpareThreads\s*4/) } - it { is_expected.to contain_file("/etc/apache2/mods-available/event.conf").with_ensure('file').with_content(/^\s*ThreadsPerChild\s*5/) } - it { is_expected.to contain_file("/etc/apache2/mods-available/event.conf").with_ensure('file').with_content(/^\s*MaxRequestsPerChild\s*6/) } - it { is_expected.to contain_file("/etc/apache2/mods-available/event.conf").with_ensure('file').with_content(/^\s*ThreadLimit\s*7/) } - it { is_expected.to contain_file("/etc/apache2/mods-available/event.conf").with_ensure('file').with_content(/^\s*ListenBacklog\s*8/) } - it { is_expected.to contain_file("/etc/apache2/mods-available/event.conf").with_ensure('file').with_content(/^\s*MaxRequestWorkers\s*9/) } - it { is_expected.to contain_file("/etc/apache2/mods-available/event.conf").with_ensure('file').with_content(/^\s*MaxConnectionsPerChild\s*10/) } - end - - context "with Apache version < 2.4" do - let :params do - { - :apache_version => '2.2', - } - end - - it { is_expected.not_to contain_file("/etc/apache2/mods-available/event.load") } - it { is_expected.not_to contain_file("/etc/apache2/mods-enabled/event.load") } - - it { is_expected.to contain_package("apache2-mpm-event") } - end - - context "with Apache version >= 2.4" do - let :params do - { - :apache_version => '2.4', - } - end - - it { is_expected.to contain_file("/etc/apache2/mods-available/event.load").with({ - 'ensure' => 'file', - 'content' => "LoadModule mpm_event_module /usr/lib/apache2/modules/mod_mpm_event.so\n" - }) - } - it { is_expected.to contain_file("/etc/apache2/mods-enabled/event.load").with_ensure('link') } - end - end - context "on a RedHat OS" do - let :facts do - { - :osfamily => 'RedHat', - :operatingsystemrelease => '6', - :concat_basedir => '/dne', - :operatingsystem => 'RedHat', - :id => 'root', - :kernel => 'Linux', - :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', - :is_pe => false, - } - end - - context "with Apache version >= 2.4" do - let :params do - { - :apache_version => '2.4', - } - end - - it { is_expected.to contain_class("apache::params") } - it { is_expected.not_to contain_apache__mod('worker') } - it { is_expected.not_to contain_apache__mod('prefork') } - - it { is_expected.to contain_file("/etc/httpd/conf.d/event.conf").with_ensure('file') } - - it { is_expected.to contain_file("/etc/httpd/conf.d/event.load").with({ - 'ensure' => 'file', - 'content' => "LoadModule mpm_event_module modules/mod_mpm_event.so\n", - }) - } - end - end -end diff --git a/apache/spec/classes/mod/expires_spec.rb b/apache/spec/classes/mod/expires_spec.rb deleted file mode 100644 index 397fee024..000000000 --- a/apache/spec/classes/mod/expires_spec.rb +++ /dev/null @@ -1,83 +0,0 @@ -require 'spec_helper' - -describe 'apache::mod::expires', :type => :class do - it_behaves_like "a mod class, without including apache" - - context "with expires active", :compile do - let :facts do - { - :id => 'root', - :kernel => 'Linux', - :lsbdistcodename => 'squeeze', - :osfamily => 'Debian', - :operatingsystem => 'Debian', - :operatingsystemrelease => '6', - :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', - :concat_basedir => '/dne', - :is_pe => false, - } - end - it { is_expected.to contain_apache__mod("expires") } - it { is_expected.to contain_file("expires.conf").with(:content => /ExpiresActive On\n/) } - end - context "with expires default", :compile do - let :pre_condition do - 'class { apache: default_mods => false }' - end - let :facts do - { - :id => 'root', - :kernel => 'Linux', - :osfamily => 'RedHat', - :operatingsystem => 'RedHat', - :operatingsystemrelease => '7', - :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', - :concat_basedir => '/dne', - :is_pe => false, - } - end - let :params do - { - 'expires_default' => 'access plus 1 month' - } - end - it { is_expected.to contain_apache__mod("expires") } - it { is_expected.to contain_file("expires.conf").with_content( - "ExpiresActive On\n" \ - "ExpiresDefault \"access plus 1 month\"\n" - ) - } - end - context "with expires by type", :compile do - let :pre_condition do - 'class { apache: default_mods => false }' - end - let :facts do - { - :id => 'root', - :kernel => 'Linux', - :osfamily => 'RedHat', - :operatingsystem => 'RedHat', - :operatingsystemrelease => '7', - :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', - :concat_basedir => '/dne', - :is_pe => false, - } - end - let :params do - { - 'expires_by_type' => [ - { 'text/json' => 'mod plus 1 day' }, - { 'text/html' => 'access plus 1 year' }, - ] - } - end - it { is_expected.to contain_apache__mod("expires") } - it { is_expected.to contain_file("expires.conf").with_content( - "ExpiresActive On\n" \ - "ExpiresByType text/json \"mod plus 1 day\"\n" \ - "ExpiresByType text/html \"access plus 1 year\"\n" - ) - } - end -end diff --git a/apache/spec/classes/mod/ext_filter_spec.rb b/apache/spec/classes/mod/ext_filter_spec.rb deleted file mode 100644 index a0cf37cec..000000000 --- a/apache/spec/classes/mod/ext_filter_spec.rb +++ /dev/null @@ -1,64 +0,0 @@ -require 'spec_helper' - -describe 'apache::mod::ext_filter', :type => :class do - it_behaves_like "a mod class, without including apache" - context "on a Debian OS" do - let :facts do - { - :osfamily => 'Debian', - :operatingsystemrelease => '6', - :concat_basedir => '/dne', - :lsbdistcodename => 'squeeze', - :operatingsystem => 'Debian', - :id => 'root', - :kernel => 'Linux', - :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', - :fqdn => 'test.example.com', - :is_pe => false, - } - end - describe 'with no parameters' do - it { is_expected.to contain_apache__mod('ext_filter') } - it { is_expected.not_to contain_file('ext_filter.conf') } - end - describe 'with parameters' do - let :params do - { :ext_filter_define => {'filtA' => 'input=A output=B', - 'filtB' => 'input=C cmd="C"' }, - } - end - it { is_expected.to contain_file('ext_filter.conf').with_content(/^ExtFilterDefine\s+filtA\s+input=A output=B$/) } - it { is_expected.to contain_file('ext_filter.conf').with_content(/^ExtFilterDefine\s+filtB\s+input=C cmd="C"$/) } - end - - end - context "on a RedHat OS" do - let :facts do - { - :osfamily => 'RedHat', - :operatingsystemrelease => '6', - :concat_basedir => '/dne', - :operatingsystem => 'RedHat', - :id => 'root', - :kernel => 'Linux', - :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', - :fqdn => 'test.example.com', - :is_pe => false, - } - end - describe 'with no parameters' do - it { is_expected.to contain_apache__mod('ext_filter') } - it { is_expected.not_to contain_file('ext_filter.conf') } - end - describe 'with parameters' do - let :params do - { :ext_filter_define => {'filtA' => 'input=A output=B', - 'filtB' => 'input=C cmd="C"' }, - } - end - it { is_expected.to contain_file('ext_filter.conf').with_path('/etc/httpd/conf.d/ext_filter.conf') } - it { is_expected.to contain_file('ext_filter.conf').with_content(/^ExtFilterDefine\s+filtA\s+input=A output=B$/) } - it { is_expected.to contain_file('ext_filter.conf').with_content(/^ExtFilterDefine\s+filtB\s+input=C cmd="C"$/) } - end - end -end diff --git a/apache/spec/classes/mod/fastcgi_spec.rb b/apache/spec/classes/mod/fastcgi_spec.rb deleted file mode 100644 index 778d27cff..000000000 --- a/apache/spec/classes/mod/fastcgi_spec.rb +++ /dev/null @@ -1,43 +0,0 @@ -require 'spec_helper' - -describe 'apache::mod::fastcgi', :type => :class do - it_behaves_like "a mod class, without including apache" - context "on a Debian OS" do - let :facts do - { - :osfamily => 'Debian', - :operatingsystemrelease => '6', - :concat_basedir => '/dne', - :lsbdistcodename => 'squeze', - :operatingsystem => 'Debian', - :id => 'root', - :kernel => 'Linux', - :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', - :is_pe => false, - } - end - it { is_expected.to contain_class("apache::params") } - it { is_expected.to contain_apache__mod('fastcgi') } - it { is_expected.to contain_package("libapache2-mod-fastcgi") } - it { is_expected.to contain_file('fastcgi.conf') } - end - - context "on a RedHat OS" do - let :facts do - { - :osfamily => 'RedHat', - :operatingsystemrelease => '6', - :concat_basedir => '/dne', - :operatingsystem => 'RedHat', - :id => 'root', - :kernel => 'Linux', - :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', - :is_pe => false, - } - end - it { is_expected.to contain_class("apache::params") } - it { is_expected.to contain_apache__mod('fastcgi') } - it { is_expected.to contain_package("mod_fastcgi") } - it { is_expected.not_to contain_file('fastcgi.conf') } - end -end diff --git a/apache/spec/classes/mod/fcgid_spec.rb b/apache/spec/classes/mod/fcgid_spec.rb deleted file mode 100644 index f08596be6..000000000 --- a/apache/spec/classes/mod/fcgid_spec.rb +++ /dev/null @@ -1,141 +0,0 @@ -require 'spec_helper' - -describe 'apache::mod::fcgid', :type => :class do - it_behaves_like "a mod class, without including apache" - - context "on a Debian OS" do - let :facts do - { - :osfamily => 'Debian', - :operatingsystemrelease => '6', - :operatingsystemmajrelease => '6', - :concat_basedir => '/dne', - :lsbdistcodename => 'squeeze', - :operatingsystem => 'Debian', - :id => 'root', - :kernel => 'Linux', - :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', - :is_pe => false, - } - end - it { is_expected.to contain_class("apache::params") } - it { is_expected.to contain_apache__mod('fcgid').with({ - 'loadfile_name' => nil - }) } - it { is_expected.to contain_package("libapache2-mod-fcgid") } - end - - context "on a RHEL6" do - let :facts do - { - :osfamily => 'RedHat', - :operatingsystemrelease => '6', - :operatingsystemmajrelease => '6', - :concat_basedir => '/dne', - :operatingsystem => 'RedHat', - :id => 'root', - :kernel => 'Linux', - :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', - :is_pe => false, - } - end - - describe 'without parameters' do - it { is_expected.to contain_class("apache::params") } - it { is_expected.to contain_apache__mod('fcgid').with({ - 'loadfile_name' => nil - }) } - it { is_expected.to contain_package("mod_fcgid") } - end - - describe 'with parameters' do - let :params do { - :options => { - 'FcgidIPCDir' => '/var/run/fcgidsock', - 'SharememPath' => '/var/run/fcgid_shm', - 'FcgidMinProcessesPerClass' => '0', - 'AddHandler' => 'fcgid-script .fcgi', - } - } end - - it 'should contain the correct config' do - content = catalogue.resource('file', 'fcgid.conf').send(:parameters)[:content] - expect(content.split("\n").reject { |c| c =~ /(^#|^$)/ }).to eq([ - '', - ' AddHandler fcgid-script .fcgi', - ' FcgidIPCDir /var/run/fcgidsock', - ' FcgidMinProcessesPerClass 0', - ' SharememPath /var/run/fcgid_shm', - '', - ]) - end - end - end - - context "on RHEL7" do - let :facts do - { - :osfamily => 'RedHat', - :operatingsystemrelease => '7', - :operatingsystemmajrelease => '7', - :concat_basedir => '/dne', - :operatingsystem => 'RedHat', - :id => 'root', - :kernel => 'Linux', - :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', - :is_pe => false, - } - end - - describe 'without parameters' do - it { is_expected.to contain_class("apache::params") } - it { is_expected.to contain_apache__mod('fcgid').with({ - 'loadfile_name' => 'unixd_fcgid.load' - }) } - it { is_expected.to contain_package("mod_fcgid") } - end - end - - context "on a FreeBSD OS" do - let :facts do - { - :osfamily => 'FreeBSD', - :operatingsystemrelease => '10', - :operatingsystemmajrelease => '10', - :concat_basedir => '/dne', - :operatingsystem => 'FreeBSD', - :id => 'root', - :kernel => 'FreeBSD', - :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', - :is_pe => false, - } - end - - it { is_expected.to contain_class("apache::params") } - it { is_expected.to contain_apache__mod('fcgid').with({ - 'loadfile_name' => 'unixd_fcgid.load' - }) } - it { is_expected.to contain_package("www/mod_fcgid") } - end - - context "on a Gentoo OS" do - let :facts do - { - :osfamily => 'Gentoo', - :operatingsystem => 'Gentoo', - :operatingsystemrelease => '3.16.1-gentoo', - :concat_basedir => '/dne', - :id => 'root', - :kernel => 'Linux', - :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/opt/bin', - :is_pe => false, - } - end - - it { is_expected.to contain_class("apache::params") } - it { is_expected.to contain_apache__mod('fcgid').with({ - 'loadfile_name' => nil, - }) } - it { is_expected.to contain_package("www-apache/mod_fcgid") } - end -end diff --git a/apache/spec/classes/mod/info_spec.rb b/apache/spec/classes/mod/info_spec.rb deleted file mode 100644 index 766a9e4fd..000000000 --- a/apache/spec/classes/mod/info_spec.rb +++ /dev/null @@ -1,222 +0,0 @@ -require 'spec_helper' - -# This function is called inside the OS specific contexts -def general_info_specs_22 - it { is_expected.to contain_apache__mod('info') } - - context 'passing no parameters' do - it { - is_expected.to contain_file('info.conf').with_content( - "\n"\ - " SetHandler server-info\n"\ - " Order deny,allow\n"\ - " Deny from all\n"\ - " Allow from 127.0.0.1\n"\ - " Allow from ::1\n"\ - "\n" - ) - } - end - context 'passing restrict_access => false' do - let :params do { - :restrict_access => false - } - end - it { - is_expected.to contain_file('info.conf').with_content( - "\n"\ - " SetHandler server-info\n"\ - "\n" - ) - } - end - context "passing allow_from => ['10.10.1.2', '192.168.1.2', '127.0.0.1']" do - let :params do - {:allow_from => ['10.10.1.2', '192.168.1.2', '127.0.0.1']} - end - it { - is_expected.to contain_file('info.conf').with_content( - "\n"\ - " SetHandler server-info\n"\ - " Order deny,allow\n"\ - " Deny from all\n"\ - " Allow from 10.10.1.2\n"\ - " Allow from 192.168.1.2\n"\ - " Allow from 127.0.0.1\n"\ - "\n" - ) - } - end - context 'passing both restrict_access and allow_from' do - let :params do - { - :restrict_access => false, - :allow_from => ['10.10.1.2', '192.168.1.2', '127.0.0.1'] - } - end - it { - is_expected.to contain_file('info.conf').with_content( - "\n"\ - " SetHandler server-info\n"\ - "\n" - ) - } - end -end - -def general_info_specs_24 - it { is_expected.to contain_apache__mod('info') } - - context 'passing no parameters' do - it { - is_expected.to contain_file('info.conf').with_content( - "\n"\ - " SetHandler server-info\n"\ - " Require ip 127.0.0.1 ::1\n"\ - "\n" - ) - } - end - context 'passing restrict_access => false' do - let :params do { - :restrict_access => false - } - end - it { - is_expected.to contain_file('info.conf').with_content( - "\n"\ - " SetHandler server-info\n"\ - "\n" - ) - } - end - context "passing allow_from => ['10.10.1.2', '192.168.1.2', '127.0.0.1']" do - let :params do - {:allow_from => ['10.10.1.2', '192.168.1.2', '127.0.0.1']} - end - it { - is_expected.to contain_file('info.conf').with_content( - "\n"\ - " SetHandler server-info\n"\ - " Require ip 10.10.1.2 192.168.1.2 127.0.0.1\n"\ - "\n" - ) - } - end - context 'passing both restrict_access and allow_from' do - let :params do - { - :restrict_access => false, - :allow_from => ['10.10.1.2', '192.168.1.2', '127.0.0.1'] - } - end - it { - is_expected.to contain_file('info.conf').with_content( - "\n"\ - " SetHandler server-info\n"\ - "\n" - ) - } - end -end - -describe 'apache::mod::info', :type => :class do - it_behaves_like "a mod class, without including apache" - - context 'On a Debian OS' do - let :facts do - { - :osfamily => 'Debian', - :operatingsystemrelease => '6', - :concat_basedir => '/dne', - :lsbdistcodename => 'squeeze', - :operatingsystem => 'Debian', - :id => 'root', - :kernel => 'Linux', - :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', - :is_pe => false, - } - end - - # Load the more generic tests for this context - general_info_specs_22() - - it { is_expected.to contain_file('info.conf').with({ - :ensure => 'file', - :path => '/etc/apache2/mods-available/info.conf', - } ) } - it { is_expected.to contain_file('info.conf symlink').with({ - :ensure => 'link', - :path => '/etc/apache2/mods-enabled/info.conf', - } ) } - end - - context 'on a RedHat OS' do - let :facts do - { - :osfamily => 'RedHat', - :operatingsystemrelease => '6', - :concat_basedir => '/dne', - :operatingsystem => 'RedHat', - :id => 'root', - :kernel => 'Linux', - :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', - :is_pe => false, - } - end - - # Load the more generic tests for this context - general_info_specs_22() - - it { is_expected.to contain_file('info.conf').with({ - :ensure => 'file', - :path => '/etc/httpd/conf.d/info.conf', - } ) } - end - - context 'on a FreeBSD OS' do - let :facts do - { - :osfamily => 'FreeBSD', - :operatingsystemrelease => '10', - :concat_basedir => '/dne', - :operatingsystem => 'FreeBSD', - :id => 'root', - :kernel => 'FreeBSD', - :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', - :is_pe => false, - } - end - - # Load the more generic tests for this context - general_info_specs_24() - - it { is_expected.to contain_file('info.conf').with({ - :ensure => 'file', - :path => '/usr/local/etc/apache24/Modules/info.conf', - } ) } - end - - context 'on a Gentoo OS' do - let :facts do - { - :osfamily => 'Gentoo', - :operatingsystem => 'Gentoo', - :operatingsystemrelease => '3.16.1-gentoo', - :concat_basedir => '/dne', - :id => 'root', - :kernel => 'Linux', - :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/opt/bin', - :is_pe => false, - } - end - - # Load the more generic tests for this context - general_info_specs_24() - - it { is_expected.to contain_file('info.conf').with({ - :ensure => 'file', - :path => '/etc/apache2/modules.d/info.conf', - } ) } - end -end diff --git a/apache/spec/classes/mod/itk_spec.rb b/apache/spec/classes/mod/itk_spec.rb deleted file mode 100644 index 27369f144..000000000 --- a/apache/spec/classes/mod/itk_spec.rb +++ /dev/null @@ -1,130 +0,0 @@ -require 'spec_helper' - -describe 'apache::mod::itk', :type => :class do - let :pre_condition do - 'class { "apache": mpm_module => false, }' - end - context "on a Debian OS" do - let :facts do - { - :osfamily => 'Debian', - :operatingsystemrelease => '6', - :concat_basedir => '/dne', - :lsbdistcodename => 'squeeze', - :operatingsystem => 'Debian', - :id => 'root', - :kernel => 'Linux', - :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', - :is_pe => false, - } - end - it { is_expected.to contain_class("apache::params") } - it { is_expected.not_to contain_apache__mod('itk') } - it { is_expected.to contain_file("/etc/apache2/mods-available/itk.conf").with_ensure('file') } - it { is_expected.to contain_file("/etc/apache2/mods-enabled/itk.conf").with_ensure('link') } - - context "with Apache version < 2.4" do - let :params do - { - :apache_version => '2.2', - } - end - - it { is_expected.not_to contain_file("/etc/apache2/mods-available/itk.load") } - it { is_expected.not_to contain_file("/etc/apache2/mods-enabled/itk.load") } - - it { is_expected.to contain_package("apache2-mpm-itk") } - end - - context "with Apache version >= 2.4" do - let :pre_condition do - 'class { "apache": mpm_module => prefork, }' - end - - let :params do - { - :apache_version => '2.4', - } - end - - it { is_expected.to contain_file("/etc/apache2/mods-available/itk.load").with({ - 'ensure' => 'file', - 'content' => "LoadModule mpm_itk_module /usr/lib/apache2/modules/mod_mpm_itk.so\n" - }) - } - it { is_expected.to contain_file("/etc/apache2/mods-enabled/itk.load").with_ensure('link') } - end - end - context "on a RedHat OS" do - let :facts do - { - :osfamily => 'RedHat', - :operatingsystemrelease => '6', - :concat_basedir => '/dne', - :operatingsystem => 'RedHat', - :id => 'root', - :kernel => 'Linux', - :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', - :is_pe => false, - } - end - it { is_expected.to contain_class("apache::params") } - it { is_expected.not_to contain_apache__mod('itk') } - it { is_expected.to contain_file("/etc/httpd/conf.d/itk.conf").with_ensure('file') } - it { is_expected.to contain_package("httpd-itk") } - - context "with Apache version < 2.4" do - let :params do - { - :apache_version => '2.2', - } - end - - it { is_expected.to contain_file_line("/etc/sysconfig/httpd itk enable").with({ - 'require' => 'Package[httpd]', - }) - } - end - - context "with Apache version >= 2.4" do - let :pre_condition do - 'class { "apache": mpm_module => prefork, }' - end - - let :params do - { - :apache_version => '2.4', - } - end - - it { is_expected.to contain_file("/etc/httpd/conf.d/itk.load").with({ - 'ensure' => 'file', - 'content' => "LoadModule mpm_itk_module modules/mod_mpm_itk.so\n" - }) - } - end - end - context "on a FreeBSD OS" do - let :pre_condition do - 'class { "apache": mpm_module => false, }' - end - - let :facts do - { - :osfamily => 'FreeBSD', - :operatingsystemrelease => '10', - :concat_basedir => '/dne', - :operatingsystem => 'FreeBSD', - :id => 'root', - :kernel => 'FreeBSD', - :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', - :is_pe => false, - :mpm_module => 'itk', - } - end - it { is_expected.to contain_class("apache::params") } - it { is_expected.not_to contain_apache__mod('itk') } - it { is_expected.to contain_file("/usr/local/etc/apache24/Modules/itk.conf").with_ensure('file') } - it { is_expected.to contain_package("www/mod_mpm_itk") } - end -end diff --git a/apache/spec/classes/mod/ldap_spec.rb b/apache/spec/classes/mod/ldap_spec.rb deleted file mode 100644 index 73c51adf2..000000000 --- a/apache/spec/classes/mod/ldap_spec.rb +++ /dev/null @@ -1,86 +0,0 @@ -require 'spec_helper' - -describe 'apache::mod::ldap', :type => :class do - it_behaves_like "a mod class, without including apache" - - context "on a Debian OS" do - let :facts do - { - :lsbdistcodename => 'squeeze', - :osfamily => 'Debian', - :operatingsystemrelease => '6', - :concat_basedir => '/dne', - :id => 'root', - :kernel => 'Linux', - :operatingsystem => 'Debian', - :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', - :is_pe => false, - } - end - it { is_expected.to contain_class("apache::params") } - it { is_expected.to contain_class("apache::mod::ldap") } - it { is_expected.to contain_apache__mod('ldap') } - - context 'default ldap_trusted_global_cert_file' do - it { is_expected.to contain_file('ldap.conf').without_content(/^LDAPTrustedGlobalCert/) } - end - - context 'ldap_trusted_global_cert_file param' do - let(:params) { { :ldap_trusted_global_cert_file => 'ca.pem' } } - it { is_expected.to contain_file('ldap.conf').with_content(/^LDAPTrustedGlobalCert CA_BASE64 ca\.pem$/) } - end - - context 'set multiple ldap params' do - let(:params) {{ - :ldap_trusted_global_cert_file => 'ca.pem', - :ldap_trusted_global_cert_type => 'CA_DER', - :ldap_shared_cache_size => '500000', - :ldap_cache_entries => '1024', - :ldap_cache_ttl => '600', - :ldap_opcache_entries => '1024', - :ldap_opcache_ttl => '600' - }} - it { is_expected.to contain_file('ldap.conf').with_content(/^LDAPTrustedGlobalCert CA_DER ca\.pem$/) } - it { is_expected.to contain_file('ldap.conf').with_content(/^LDAPSharedCacheSize 500000$/) } - it { is_expected.to contain_file('ldap.conf').with_content(/^LDAPCacheEntries 1024$/) } - it { is_expected.to contain_file('ldap.conf').with_content(/^LDAPCacheTTL 600$/) } - it { is_expected.to contain_file('ldap.conf').with_content(/^LDAPOpCacheEntries 1024$/) } - it { is_expected.to contain_file('ldap.conf').with_content(/^LDAPOpCacheTTL 600$/) } - end - end #Debian - - context "on a RedHat OS" do - let :facts do - { - :osfamily => 'RedHat', - :operatingsystemrelease => '6', - :concat_basedir => '/dne', - :id => 'root', - :kernel => 'Linux', - :operatingsystem => 'RedHat', - :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', - :is_pe => false, - } - end - it { is_expected.to contain_class("apache::params") } - it { is_expected.to contain_class("apache::mod::ldap") } - it { is_expected.to contain_apache__mod('ldap') } - - context 'default ldap_trusted_global_cert_file' do - it { is_expected.to contain_file('ldap.conf').without_content(/^LDAPTrustedGlobalCert/) } - end - - context 'ldap_trusted_global_cert_file param' do - let(:params) { { :ldap_trusted_global_cert_file => 'ca.pem' } } - it { is_expected.to contain_file('ldap.conf').with_content(/^LDAPTrustedGlobalCert CA_BASE64 ca\.pem$/) } - end - - context 'ldap_trusted_global_cert_file and ldap_trusted_global_cert_type params' do - let(:params) {{ - :ldap_trusted_global_cert_file => 'ca.pem', - :ldap_trusted_global_cert_type => 'CA_DER' - }} - it { is_expected.to contain_file('ldap.conf').with_content(/^LDAPTrustedGlobalCert CA_DER ca\.pem$/) } - end - end # Redhat -end diff --git a/apache/spec/classes/mod/mime_magic_spec.rb b/apache/spec/classes/mod/mime_magic_spec.rb deleted file mode 100644 index cf8f898aa..000000000 --- a/apache/spec/classes/mod/mime_magic_spec.rb +++ /dev/null @@ -1,110 +0,0 @@ -require 'spec_helper' - -# This function is called inside the OS specific contexts -def general_mime_magic_specs - it { is_expected.to contain_apache__mod("mime_magic") } -end - -describe 'apache::mod::mime_magic', :type => :class do - it_behaves_like "a mod class, without including apache" - - context "On a Debian OS with default params" do - let :facts do - { - :osfamily => 'Debian', - :operatingsystemrelease => '6', - :concat_basedir => '/dne', - :lsbdistcodename => 'squeeze', - :operatingsystem => 'Debian', - :id => 'root', - :kernel => 'Linux', - :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', - :is_pe => false, - } - end - - general_mime_magic_specs() - - it do - is_expected.to contain_file("mime_magic.conf").with_content( - "MIMEMagicFile \"/etc/apache2/magic\"\n" - ) - end - - it { is_expected.to contain_file("mime_magic.conf").with({ - :ensure => 'file', - :path => '/etc/apache2/mods-available/mime_magic.conf', - } ) } - it { is_expected.to contain_file("mime_magic.conf symlink").with({ - :ensure => 'link', - :path => '/etc/apache2/mods-enabled/mime_magic.conf', - } ) } - - context "with magic_file => /tmp/Debian_magic" do - let :params do - { :magic_file => "/tmp/Debian_magic" } - end - - it do - is_expected.to contain_file("mime_magic.conf").with_content( - "MIMEMagicFile \"/tmp/Debian_magic\"\n" - ) - end - end - - end - - context "on a RedHat OS with default params" do - let :facts do - { - :osfamily => 'RedHat', - :operatingsystemrelease => '6', - :concat_basedir => '/dne', - :operatingsystem => 'RedHat', - :id => 'root', - :kernel => 'Linux', - :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', - :is_pe => false, - } - end - - general_mime_magic_specs() - - it do - is_expected.to contain_file("mime_magic.conf").with_content( - "MIMEMagicFile \"/etc/httpd/conf/magic\"\n" - ) - end - - it { is_expected.to contain_file("mime_magic.conf").with_path("/etc/httpd/conf.d/mime_magic.conf") } - - end - - context "with magic_file => /tmp/magic" do - let :facts do - { - :osfamily => 'Debian', - :operatingsystemrelease => '6', - :concat_basedir => '/dne', - :lsbdistcodename => 'squeeze', - :operatingsystem => 'Debian', - :id => 'root', - :kernel => 'Linux', - :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', - :is_pe => false, - } - end - - let :params do - { :magic_file => "/tmp/magic" } - end - - it do - is_expected.to contain_file("mime_magic.conf").with_content( - "MIMEMagicFile \"/tmp/magic\"\n" - ) - end - end - - -end diff --git a/apache/spec/classes/mod/mime_spec.rb b/apache/spec/classes/mod/mime_spec.rb deleted file mode 100644 index b0675a3c0..000000000 --- a/apache/spec/classes/mod/mime_spec.rb +++ /dev/null @@ -1,52 +0,0 @@ -require 'spec_helper' - -# This function is called inside the OS specific conte, :compilexts -def general_mime_specs - it { is_expected.to contain_apache__mod("mime") } -end - -describe 'apache::mod::mime', :type => :class do - it_behaves_like "a mod class, without including apache" - - context "On a Debian OS with default params", :compile do - let :facts do - { - :osfamily => 'Debian', - :operatingsystemrelease => '6', - :concat_basedir => '/dne', - :lsbdistcodename => 'squeeze', - :operatingsystem => 'Debian', - :id => 'root', - :kernel => 'Linux', - :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', - :is_pe => false, - } - end - - general_mime_specs() - - it { is_expected.to contain_file("mime.conf").with_path('/etc/apache2/mods-available/mime.conf') } - - end - - context "on a RedHat OS with default params", :compile do - let :facts do - { - :osfamily => 'RedHat', - :operatingsystemrelease => '6', - :concat_basedir => '/dne', - :operatingsystem => 'RedHat', - :id => 'root', - :kernel => 'Linux', - :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', - :is_pe => false, - } - end - - general_mime_specs() - - it { is_expected.to contain_file("mime.conf").with_path("/etc/httpd/conf.d/mime.conf") } - - end - -end diff --git a/apache/spec/classes/mod/negotiation_spec.rb b/apache/spec/classes/mod/negotiation_spec.rb deleted file mode 100644 index 9dadb7651..000000000 --- a/apache/spec/classes/mod/negotiation_spec.rb +++ /dev/null @@ -1,56 +0,0 @@ -require 'spec_helper' - -describe 'apache::mod::negotiation', :type => :class do - it_behaves_like "a mod class, without including apache" - describe "OS independent tests" do - let :facts do - { - :osfamily => 'Debian', - :operatingsystem => 'Debian', - :kernel => 'Linux', - :lsbdistcodename => 'squeeze', - :operatingsystemrelease => '6', - :concat_basedir => '/dne', - :id => 'root', - :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', - :is_pe => false, - } - end - - context "default params" do - it { should contain_class("apache") } - it do - should contain_file('negotiation.conf').with( { - :ensure => 'file', - :content => 'LanguagePriority en ca cs da de el eo es et fr he hr it ja ko ltz nl nn no pl pt pt-BR ru sv zh-CN zh-TW -ForceLanguagePriority Prefer Fallback -', - } ) - end - end - - context 'with force_language_priority parameter' do - let :params do - { :force_language_priority => 'Prefer' } - end - it do - should contain_file('negotiation.conf').with( { - :ensure => 'file', - :content => /^ForceLanguagePriority Prefer$/, - } ) - end - end - - context 'with language_priority parameter' do - let :params do - { :language_priority => [ 'en', 'es' ] } - end - it do - should contain_file('negotiation.conf').with( { - :ensure => 'file', - :content => /^LanguagePriority en es$/, - } ) - end - end - end -end diff --git a/apache/spec/classes/mod/pagespeed_spec.rb b/apache/spec/classes/mod/pagespeed_spec.rb deleted file mode 100644 index 2cbc3d170..000000000 --- a/apache/spec/classes/mod/pagespeed_spec.rb +++ /dev/null @@ -1,51 +0,0 @@ -require 'spec_helper' - -describe 'apache::mod::pagespeed', :type => :class do - context "on a Debian OS" do - let :facts do - { - :osfamily => 'Debian', - :operatingsystemrelease => '6', - :concat_basedir => '/dne', - :lsbdistcodename => 'squeeze', - :operatingsystem => 'Debian', - :id => 'root', - :kernel => 'Linux', - :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', - :is_pe => false, - } - end - it { is_expected.to contain_class("apache::params") } - it { is_expected.to contain_apache__mod('pagespeed') } - it { is_expected.to contain_package("mod-pagespeed-stable") } - - context "when setting additional_configuration to a Hash" do - let :params do { :additional_configuration => { 'Key' => 'Value' } } end - it { is_expected.to contain_file('pagespeed.conf').with_content /Key Value/ } - end - - context "when setting additional_configuration to an Array" do - let :params do { :additional_configuration => [ 'Key Value' ] } end - it { is_expected.to contain_file('pagespeed.conf').with_content /Key Value/ } - end - end - - context "on a RedHat OS" do - let :facts do - { - :osfamily => 'RedHat', - :operatingsystemrelease => '6', - :concat_basedir => '/dne', - :operatingsystem => 'RedHat', - :id => 'root', - :kernel => 'Linux', - :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', - :is_pe => false, - } - end - it { is_expected.to contain_class("apache::params") } - it { is_expected.to contain_apache__mod('pagespeed') } - it { is_expected.to contain_package("mod-pagespeed-stable") } - it { is_expected.to contain_file('pagespeed.conf') } - end -end diff --git a/apache/spec/classes/mod/passenger_spec.rb b/apache/spec/classes/mod/passenger_spec.rb deleted file mode 100644 index 70ce4ea60..000000000 --- a/apache/spec/classes/mod/passenger_spec.rb +++ /dev/null @@ -1,325 +0,0 @@ -require 'spec_helper' - -describe 'apache::mod::passenger', :type => :class do - it_behaves_like "a mod class, without including apache" - context "on a Debian OS" do - let :facts do - { - :osfamily => 'Debian', - :operatingsystemrelease => '6', - :kernel => 'Linux', - :concat_basedir => '/dne', - :lsbdistcodename => 'squeeze', - :operatingsystem => 'Debian', - :id => 'root', - :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', - :is_pe => false, - } - end - it { is_expected.to contain_class("apache::params") } - it { is_expected.to contain_apache__mod('passenger') } - it { is_expected.to contain_package("libapache2-mod-passenger") } - it { is_expected.to contain_file('zpassenger.load').with({ - 'path' => '/etc/apache2/mods-available/zpassenger.load', - }) } - it { is_expected.to contain_file('passenger.conf').with({ - 'path' => '/etc/apache2/mods-available/passenger.conf', - }) } - describe "with passenger_root => '/usr/lib/example'" do - let :params do - { :passenger_root => '/usr/lib/example' } - end - it { is_expected.to contain_file('passenger.conf').with_content(%r{PassengerRoot "/usr/lib/example"}) } - end - describe "with passenger_ruby => /usr/lib/example/ruby" do - let :params do - { :passenger_ruby => '/usr/lib/example/ruby' } - end - it { is_expected.to contain_file('passenger.conf').with_content(%r{PassengerRuby "/usr/lib/example/ruby"}) } - end - describe "with passenger_default_ruby => /usr/lib/example/ruby1.9.3" do - let :params do - { :passenger_ruby => '/usr/lib/example/ruby1.9.3' } - end - it { is_expected.to contain_file('passenger.conf').with_content(%r{PassengerRuby "/usr/lib/example/ruby1.9.3"}) } - end - describe "with passenger_high_performance => on" do - let :params do - { :passenger_high_performance => 'on' } - end - it { is_expected.to contain_file('passenger.conf').with_content(/^ PassengerHighPerformance on$/) } - end - describe "with passenger_pool_idle_time => 1200" do - let :params do - { :passenger_pool_idle_time => 1200 } - end - it { is_expected.to contain_file('passenger.conf').with_content(/^ PassengerPoolIdleTime 1200$/) } - end - describe "with passenger_max_request_queue_size => 100" do - let :params do - { :passenger_max_request_queue_size => 100 } - end - it { is_expected.to contain_file('passenger.conf').with_content(/^ PassengerMaxRequestQueueSize 100$/) } - end - - describe "with passenger_max_requests => 20" do - let :params do - { :passenger_max_requests => 20 } - end - it { is_expected.to contain_file('passenger.conf').with_content(/^ PassengerMaxRequests 20$/) } - end - describe "with passenger_spawn_method => bogus" do - let :params do - { :passenger_spawn_method => 'bogus' } - end - it { is_expected.to raise_error(Puppet::Error, /not permitted for passenger_spawn_method/) } - end - describe "with passenger_spawn_method => direct" do - let :params do - { :passenger_spawn_method => 'direct' } - end - it { is_expected.to contain_file('passenger.conf').with_content(/^ PassengerSpawnMethod direct$/) } - end - describe "with passenger_stat_throttle_rate => 10" do - let :params do - { :passenger_stat_throttle_rate => 10 } - end - it { is_expected.to contain_file('passenger.conf').with_content(/^ PassengerStatThrottleRate 10$/) } - end - describe "with passenger_max_pool_size => 16" do - let :params do - { :passenger_max_pool_size => 16 } - end - it { is_expected.to contain_file('passenger.conf').with_content(/^ PassengerMaxPoolSize 16$/) } - end - describe "with passenger_min_instances => 5" do - let :params do - { :passenger_min_instances => 5 } - end - it { is_expected.to contain_file('passenger.conf').with_content(/^ PassengerMinInstances 5$/) } - end - describe "with rack_autodetect => on" do - let :params do - { :rack_autodetect => 'on' } - end - it { is_expected.to contain_file('passenger.conf').with_content(/^ RackAutoDetect on$/) } - end - describe "with rails_autodetect => on" do - let :params do - { :rails_autodetect => 'on' } - end - it { is_expected.to contain_file('passenger.conf').with_content(/^ RailsAutoDetect on$/) } - end - describe "with passenger_use_global_queue => on" do - let :params do - { :passenger_use_global_queue => 'on' } - end - it { is_expected.to contain_file('passenger.conf').with_content(/^ PassengerUseGlobalQueue on$/) } - end - describe "with passenger_app_env => 'foo'" do - let :params do - { :passenger_app_env => 'foo' } - end - it { is_expected.to contain_file('passenger.conf').with_content(/^ PassengerAppEnv foo$/) } - end - describe "with passenger_log_file => '/var/log/apache2/passenger.log'" do - let :params do - { :passenger_log_file => '/var/log/apache2/passenger.log' } - end - it { is_expected.to contain_file('passenger.conf').with_content(%r{^ PassengerLogFile /var/log/apache2/passenger.log$}) } - end - describe "with mod_path => '/usr/lib/foo/mod_foo.so'" do - let :params do - { :mod_path => '/usr/lib/foo/mod_foo.so' } - end - it { is_expected.to contain_file('zpassenger.load').with_content(/^LoadModule passenger_module \/usr\/lib\/foo\/mod_foo\.so$/) } - end - describe "with mod_lib_path => '/usr/lib/foo'" do - let :params do - { :mod_lib_path => '/usr/lib/foo' } - end - it { is_expected.to contain_file('zpassenger.load').with_content(/^LoadModule passenger_module \/usr\/lib\/foo\/mod_passenger\.so$/) } - end - describe "with mod_lib => 'mod_foo.so'" do - let :params do - { :mod_lib => 'mod_foo.so' } - end - it { is_expected.to contain_file('zpassenger.load').with_content(/^LoadModule passenger_module \/usr\/lib\/apache2\/modules\/mod_foo\.so$/) } - end - describe "with mod_id => 'mod_foo'" do - let :params do - { :mod_id => 'mod_foo' } - end - it { is_expected.to contain_file('zpassenger.load').with_content(/^LoadModule mod_foo \/usr\/lib\/apache2\/modules\/mod_passenger\.so$/) } - end - - context "with Ubuntu 12.04 defaults" do - let :facts do - { - :osfamily => 'Debian', - :operatingsystemrelease => '12.04', - :kernel => 'Linux', - :operatingsystem => 'Ubuntu', - :lsbdistrelease => '12.04', - :concat_basedir => '/dne', - :id => 'root', - :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', - :is_pe => false, - } - end - - it { is_expected.to contain_file('passenger.conf').with_content(%r{PassengerRoot "/usr"}) } - it { is_expected.to contain_file('passenger.conf').with_content(%r{PassengerRuby "/usr/bin/ruby"}) } - it { is_expected.to contain_file('passenger.conf').without_content(/PassengerDefaultRuby/) } - end - - context "with Ubuntu 14.04 defaults" do - let :facts do - { - :osfamily => 'Debian', - :operatingsystemrelease => '14.04', - :operatingsystem => 'Ubuntu', - :kernel => 'Linux', - :lsbdistrelease => '14.04', - :concat_basedir => '/dne', - :id => 'root', - :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', - :is_pe => false, - } - end - - it { is_expected.to contain_file('passenger.conf').with_content(%r{PassengerRoot "/usr/lib/ruby/vendor_ruby/phusion_passenger/locations.ini"}) } - it { is_expected.to contain_file('passenger.conf').without_content(/PassengerRuby/) } - it { is_expected.to contain_file('passenger.conf').with_content(%r{PassengerDefaultRuby "/usr/bin/ruby"}) } - end - - context "with Debian 7 defaults" do - let :facts do - { - :osfamily => 'Debian', - :operatingsystemrelease => '7.3', - :operatingsystem => 'Debian', - :kernel => 'Linux', - :lsbdistcodename => 'wheezy', - :concat_basedir => '/dne', - :id => 'root', - :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', - :is_pe => false, - } - end - - it { is_expected.to contain_file('passenger.conf').with_content(%r{PassengerRoot "/usr"}) } - it { is_expected.to contain_file('passenger.conf').with_content(%r{PassengerRuby "/usr/bin/ruby"}) } - it { is_expected.to contain_file('passenger.conf').without_content(/PassengerDefaultRuby/) } - end - - context "with Debian 8 defaults" do - let :facts do - { - :osfamily => 'Debian', - :operatingsystemrelease => '8.0', - :operatingsystem => 'Debian', - :kernel => 'Linux', - :lsbdistcodename => 'jessie', - :concat_basedir => '/dne', - :id => 'root', - :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', - :is_pe => false, - } - end - - it { is_expected.to contain_file('passenger.conf').with_content(%r{PassengerRoot "/usr/lib/ruby/vendor_ruby/phusion_passenger/locations.ini"}) } - it { is_expected.to contain_file('passenger.conf').without_content(/PassengerRuby/) } - it { is_expected.to contain_file('passenger.conf').with_content(%r{PassengerDefaultRuby "/usr/bin/ruby"}) } - end - end - - context "on a RedHat OS" do - let :rh_facts do - { - :osfamily => 'RedHat', - :concat_basedir => '/dne', - :operatingsystem => 'RedHat', - :id => 'root', - :kernel => 'Linux', - :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', - :is_pe => false, - } - end - - context "on EL6" do - let(:facts) { rh_facts.merge(:operatingsystemrelease => '6') } - - it { is_expected.to contain_class("apache::params") } - it { is_expected.to contain_apache__mod('passenger') } - it { is_expected.to contain_package("mod_passenger") } - it { is_expected.to contain_file('passenger_package.conf').with({ - 'path' => '/etc/httpd/conf.d/passenger.conf', - }) } - it { is_expected.to contain_file('passenger_package.conf').without_content } - it { is_expected.to contain_file('passenger_package.conf').without_source } - it { is_expected.to contain_file('zpassenger.load').with({ - 'path' => '/etc/httpd/conf.d/zpassenger.load', - }) } - it { is_expected.to contain_file('passenger.conf').without_content(/PassengerRoot/) } - it { is_expected.to contain_file('passenger.conf').without_content(/PassengerRuby/) } - describe "with passenger_root => '/usr/lib/example'" do - let :params do - { :passenger_root => '/usr/lib/example' } - end - it { is_expected.to contain_file('passenger.conf').with_content(/^ PassengerRoot "\/usr\/lib\/example"$/) } - end - describe "with passenger_ruby => /usr/lib/example/ruby" do - let :params do - { :passenger_ruby => '/usr/lib/example/ruby' } - end - it { is_expected.to contain_file('passenger.conf').with_content(/^ PassengerRuby "\/usr\/lib\/example\/ruby"$/) } - end - end - - context "on EL7" do - let(:facts) { rh_facts.merge(:operatingsystemrelease => '7') } - - it { is_expected.to contain_file('passenger_package.conf').with({ - 'path' => '/etc/httpd/conf.d/passenger.conf', - }) } - it { is_expected.to contain_file('zpassenger.load').with({ - 'path' => '/etc/httpd/conf.modules.d/zpassenger.load', - }) } - end - end - context "on a FreeBSD OS" do - let :facts do - { - :osfamily => 'FreeBSD', - :operatingsystemrelease => '9', - :concat_basedir => '/dne', - :operatingsystem => 'FreeBSD', - :id => 'root', - :kernel => 'FreeBSD', - :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', - :is_pe => false, - } - end - it { is_expected.to contain_class("apache::params") } - it { is_expected.to contain_apache__mod('passenger') } - it { is_expected.to contain_package("www/rubygem-passenger") } - end - context "on a Gentoo OS" do - let :facts do - { - :osfamily => 'Gentoo', - :operatingsystem => 'Gentoo', - :operatingsystemrelease => '3.16.1-gentoo', - :concat_basedir => '/dne', - :id => 'root', - :kernel => 'Linux', - :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/opt/bin', - :is_pe => false, - } - end - it { is_expected.to contain_class("apache::params") } - it { is_expected.to contain_apache__mod('passenger') } - it { is_expected.to contain_package("www-apache/passenger") } - end -end diff --git a/apache/spec/classes/mod/perl_spec.rb b/apache/spec/classes/mod/perl_spec.rb deleted file mode 100644 index f5b61fe0c..000000000 --- a/apache/spec/classes/mod/perl_spec.rb +++ /dev/null @@ -1,74 +0,0 @@ -require 'spec_helper' - -describe 'apache::mod::perl', :type => :class do - it_behaves_like "a mod class, without including apache" - context "on a Debian OS" do - let :facts do - { - :osfamily => 'Debian', - :operatingsystemrelease => '6', - :concat_basedir => '/dne', - :lsbdistcodename => 'squeeze', - :operatingsystem => 'Debian', - :id => 'root', - :kernel => 'Linux', - :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', - :is_pe => false, - } - end - it { is_expected.to contain_class("apache::params") } - it { is_expected.to contain_apache__mod('perl') } - it { is_expected.to contain_package("libapache2-mod-perl2") } - end - context "on a RedHat OS" do - let :facts do - { - :osfamily => 'RedHat', - :operatingsystemrelease => '6', - :concat_basedir => '/dne', - :operatingsystem => 'RedHat', - :id => 'root', - :kernel => 'Linux', - :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', - :is_pe => false, - } - end - it { is_expected.to contain_class("apache::params") } - it { is_expected.to contain_apache__mod('perl') } - it { is_expected.to contain_package("mod_perl") } - end - context "on a FreeBSD OS" do - let :facts do - { - :osfamily => 'FreeBSD', - :operatingsystemrelease => '9', - :concat_basedir => '/dne', - :operatingsystem => 'FreeBSD', - :id => 'root', - :kernel => 'FreeBSD', - :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', - :is_pe => false, - } - end - it { is_expected.to contain_class("apache::params") } - it { is_expected.to contain_apache__mod('perl') } - it { is_expected.to contain_package("www/mod_perl2") } - end - context "on a Gentoo OS" do - let :facts do - { - :osfamily => 'Gentoo', - :operatingsystemrelease => '3.16.1-gentoo', - :concat_basedir => '/dne', - :operatingsystem => 'Gentoo', - :id => 'root', - :kernel => 'Linux', - :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/opt/bin', - :is_pe => false, - } - end - it { is_expected.to contain_class("apache::params") } - it { is_expected.to contain_apache__mod('perl') } - it { is_expected.to contain_package("www-apache/mod_perl") } - end -end diff --git a/apache/spec/classes/mod/peruser_spec.rb b/apache/spec/classes/mod/peruser_spec.rb deleted file mode 100644 index 097a36fff..000000000 --- a/apache/spec/classes/mod/peruser_spec.rb +++ /dev/null @@ -1,43 +0,0 @@ -require 'spec_helper' - -describe 'apache::mod::peruser', :type => :class do - let :pre_condition do - 'class { "apache": mpm_module => false, }' - end - context "on a FreeBSD OS" do - let :facts do - { - :osfamily => 'FreeBSD', - :operatingsystemrelease => '10', - :concat_basedir => '/dne', - :operatingsystem => 'FreeBSD', - :id => 'root', - :kernel => 'FreeBSD', - :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', - :is_pe => false, - } - end - it do - expect { - catalogue - }.to raise_error(Puppet::Error, /Unsupported osfamily FreeBSD/) - end - end - context "on a Gentoo OS" do - let :facts do - { - :osfamily => 'Gentoo', - :operatingsystem => 'Gentoo', - :operatingsystemrelease => '3.16.1-gentoo', - :concat_basedir => '/dne', - :id => 'root', - :kernel => 'Linux', - :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/opt/bin', - :is_pe => false, - } - end - it { is_expected.to contain_class("apache::params") } - it { is_expected.not_to contain_apache__mod('peruser') } - it { is_expected.to contain_file("/etc/apache2/modules.d/peruser.conf").with_ensure('file') } - end -end diff --git a/apache/spec/classes/mod/php_spec.rb b/apache/spec/classes/mod/php_spec.rb deleted file mode 100644 index 3aaa3d329..000000000 --- a/apache/spec/classes/mod/php_spec.rb +++ /dev/null @@ -1,293 +0,0 @@ -require 'spec_helper' - -describe 'apache::mod::php', :type => :class do - describe "on a Debian OS" do - let :facts do - { - :osfamily => 'Debian', - :operatingsystemrelease => '6', - :concat_basedir => '/dne', - :lsbdistcodename => 'squeeze', - :operatingsystem => 'Debian', - :id => 'root', - :kernel => 'Linux', - :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', - :is_pe => false, - } - end - context "with mpm_module => prefork" do - let :pre_condition do - 'class { "apache": mpm_module => prefork, }' - end - it { is_expected.to contain_class("apache::params") } - it { is_expected.to contain_class("apache::mod::prefork") } - it { is_expected.to contain_apache__mod('php5') } - it { is_expected.to contain_package("libapache2-mod-php5") } - it { is_expected.to contain_file("php5.load").with( - :content => "LoadModule php5_module /usr/lib/apache2/modules/libphp5.so\n" - ) } - end - context "with mpm_module => itk" do - let :pre_condition do - 'class { "apache": mpm_module => itk, }' - end - it { is_expected.to contain_class("apache::params") } - it { is_expected.to contain_class("apache::mod::itk") } - it { is_expected.to contain_apache__mod('php5') } - it { is_expected.to contain_package("libapache2-mod-php5") } - it { is_expected.to contain_file("php5.load").with( - :content => "LoadModule php5_module /usr/lib/apache2/modules/libphp5.so\n" - ) } - end - end - describe "on a RedHat OS" do - let :facts do - { - :osfamily => 'RedHat', - :operatingsystemrelease => '6', - :concat_basedir => '/dne', - :operatingsystem => 'RedHat', - :id => 'root', - :kernel => 'Linux', - :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', - :is_pe => false, - } - end - context "with default params" do - let :pre_condition do - 'class { "apache": }' - end - it { is_expected.to contain_class("apache::params") } - it { is_expected.to contain_apache__mod('php5') } - it { is_expected.to contain_package("php") } - it { is_expected.to contain_file("php5.load").with( - :content => "LoadModule php5_module modules/libphp5.so\n" - ) } - end - context "with alternative package name" do let :pre_condition do - 'class { "apache": }' - end - let :params do - { :package_name => 'php54'} - end - it { is_expected.to contain_package("php54") } - end - context "with alternative path" do let :pre_condition do - 'class { "apache": }' - end - let :params do - { :path => 'alternative-path'} - end - it { is_expected.to contain_file("php5.load").with( - :content => "LoadModule php5_module alternative-path\n" - ) } - end - context "with alternative extensions" do let :pre_condition do - 'class { "apache": }' - end - let :params do - { :extensions => ['.php','.php5']} - end - it { is_expected.to contain_file("php5.conf").with_content(Regexp.new(Regexp.escape(''))) } - end - context "with specific version" do - let :pre_condition do - 'class { "apache": }' - end - let :params do - { :package_ensure => '5.3.13'} - end - it { is_expected.to contain_package("php").with( - :ensure => '5.3.13' - ) } - end - context "with mpm_module => prefork" do - let :pre_condition do - 'class { "apache": mpm_module => prefork, }' - end - it { is_expected.to contain_class("apache::params") } - it { is_expected.to contain_class("apache::mod::prefork") } - it { is_expected.to contain_apache__mod('php5') } - it { is_expected.to contain_package("php") } - it { is_expected.to contain_file("php5.load").with( - :content => "LoadModule php5_module modules/libphp5.so\n" - ) } - end - context "with mpm_module => itk" do - let :pre_condition do - 'class { "apache": mpm_module => itk, }' - end - it { is_expected.to contain_class("apache::params") } - it { is_expected.to contain_class("apache::mod::itk") } - it { is_expected.to contain_apache__mod('php5') } - it { is_expected.to contain_package("php") } - it { is_expected.to contain_file("php5.load").with( - :content => "LoadModule php5_module modules/libphp5.so\n" - ) } - end - end - describe "on a FreeBSD OS" do - let :facts do - { - :osfamily => 'FreeBSD', - :operatingsystemrelease => '10', - :concat_basedir => '/dne', - :operatingsystem => 'FreeBSD', - :id => 'root', - :kernel => 'FreeBSD', - :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', - :is_pe => false, - } - end - context "with mpm_module => prefork" do - let :pre_condition do - 'class { "apache": mpm_module => prefork, }' - end - it { is_expected.to contain_class('apache::params') } - it { is_expected.to contain_apache__mod('php5') } - it { is_expected.to contain_package("www/mod_php5") } - it { is_expected.to contain_file('php5.load') } - end - context "with mpm_module => itk" do - let :pre_condition do - 'class { "apache": mpm_module => itk, }' - end - it { is_expected.to contain_class('apache::params') } - it { is_expected.to contain_class('apache::mod::itk') } - it { is_expected.to contain_apache__mod('php5') } - it { is_expected.to contain_package("www/mod_php5") } - it { is_expected.to contain_file('php5.load') } - end - end - describe "on a Gentoo OS" do - let :facts do - { - :osfamily => 'Gentoo', - :operatingsystem => 'Gentoo', - :operatingsystemrelease => '3.16.1-gentoo', - :concat_basedir => '/dne', - :id => 'root', - :kernel => 'Linux', - :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/opt/bin', - :is_pe => false, - } - end - context "with mpm_module => prefork" do - let :pre_condition do - 'class { "apache": mpm_module => prefork, }' - end - it { is_expected.to contain_class('apache::params') } - it { is_expected.to contain_apache__mod('php5') } - it { is_expected.to contain_package("dev-lang/php") } - it { is_expected.to contain_file('php5.load') } - end - context "with mpm_module => itk" do - let :pre_condition do - 'class { "apache": mpm_module => itk, }' - end - it { is_expected.to contain_class('apache::params') } - it { is_expected.to contain_class('apache::mod::itk') } - it { is_expected.to contain_apache__mod('php5') } - it { is_expected.to contain_package("dev-lang/php") } - it { is_expected.to contain_file('php5.load') } - end - end - describe "OS independent tests" do - let :facts do - { - :osfamily => 'Debian', - :operatingsystem => 'Debian', - :operatingsystemrelease => '6', - :kernel => 'Linux', - :lsbdistcodename => 'squeeze', - :concat_basedir => '/dne', - :id => 'root', - :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', - :is_pe => false, - } - end - context 'with content param' do - let :pre_condition do - 'class { "apache": mpm_module => prefork, }' - end - let :params do - { :content => 'somecontent' } - end - it { should contain_file('php5.conf').with( - :content => 'somecontent' - ) } - end - context 'with template param' do - let :pre_condition do - 'class { "apache": mpm_module => prefork, }' - end - let :params do - { :template => 'apache/mod/php5.conf.erb' } - end - it { should contain_file('php5.conf').with( - :content => /^# PHP is an HTML-embedded scripting language which attempts to make it/ - ) } - end - context 'with source param' do - let :pre_condition do - 'class { "apache": mpm_module => prefork, }' - end - let :params do - { :source => 'some-path' } - end - it { should contain_file('php5.conf').with( - :source => 'some-path' - ) } - end - context 'content has priority over template' do - let :pre_condition do - 'class { "apache": mpm_module => prefork, }' - end - let :params do - { - :template => 'apache/mod/php5.conf.erb', - :content => 'somecontent' - } - end - it { should contain_file('php5.conf').with( - :content => 'somecontent' - ) } - end - context 'source has priority over template' do - let :pre_condition do - 'class { "apache": mpm_module => prefork, }' - end - let :params do - { - :template => 'apache/mod/php5.conf.erb', - :source => 'some-path' - } - end - it { should contain_file('php5.conf').with( - :source => 'some-path' - ) } - end - context 'source has priority over content' do - let :pre_condition do - 'class { "apache": mpm_module => prefork, }' - end - let :params do - { - :content => 'somecontent', - :source => 'some-path' - } - end - it { should contain_file('php5.conf').with( - :source => 'some-path' - ) } - end - context 'with mpm_module => worker' do - let :pre_condition do - 'class { "apache": mpm_module => worker, }' - end - it 'should raise an error' do - expect { expect(subject).to contain_apache__mod('php5') }.to raise_error Puppet::Error, /mpm_module => 'prefork' or mpm_module => 'itk'/ - end - end - end -end diff --git a/apache/spec/classes/mod/prefork_spec.rb b/apache/spec/classes/mod/prefork_spec.rb deleted file mode 100644 index 3e2954fc7..000000000 --- a/apache/spec/classes/mod/prefork_spec.rb +++ /dev/null @@ -1,134 +0,0 @@ -require 'spec_helper' - -describe 'apache::mod::prefork', :type => :class do - let :pre_condition do - 'class { "apache": mpm_module => false, }' - end - context "on a Debian OS" do - let :facts do - { - :osfamily => 'Debian', - :operatingsystemrelease => '6', - :concat_basedir => '/dne', - :lsbdistcodename => 'squeeze', - :operatingsystem => 'Debian', - :id => 'root', - :kernel => 'Linux', - :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', - :is_pe => false, - } - end - it { is_expected.to contain_class("apache::params") } - it { is_expected.not_to contain_apache__mod('prefork') } - it { is_expected.to contain_file("/etc/apache2/mods-available/prefork.conf").with_ensure('file') } - it { is_expected.to contain_file("/etc/apache2/mods-enabled/prefork.conf").with_ensure('link') } - - context "with Apache version < 2.4" do - let :params do - { - :apache_version => '2.2', - } - end - - it { is_expected.not_to contain_file("/etc/apache2/mods-available/prefork.load") } - it { is_expected.not_to contain_file("/etc/apache2/mods-enabled/prefork.load") } - - it { is_expected.to contain_package("apache2-mpm-prefork") } - end - - context "with Apache version >= 2.4" do - let :params do - { - :apache_version => '2.4', - } - end - - it { is_expected.to contain_file("/etc/apache2/mods-available/prefork.load").with({ - 'ensure' => 'file', - 'content' => "LoadModule mpm_prefork_module /usr/lib/apache2/modules/mod_mpm_prefork.so\n" - }) - } - it { is_expected.to contain_file("/etc/apache2/mods-enabled/prefork.load").with_ensure('link') } - end - end - context "on a RedHat OS" do - let :facts do - { - :osfamily => 'RedHat', - :operatingsystemrelease => '6', - :concat_basedir => '/dne', - :operatingsystem => 'RedHat', - :id => 'root', - :kernel => 'Linux', - :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', - :is_pe => false, - } - end - it { is_expected.to contain_class("apache::params") } - it { is_expected.not_to contain_apache__mod('prefork') } - it { is_expected.to contain_file("/etc/httpd/conf.d/prefork.conf").with_ensure('file') } - - context "with Apache version < 2.4" do - let :params do - { - :apache_version => '2.2', - } - end - - it { is_expected.to contain_file_line("/etc/sysconfig/httpd prefork enable").with({ - 'require' => 'Package[httpd]', - }) - } - end - - context "with Apache version >= 2.4" do - let :params do - { - :apache_version => '2.4', - } - end - - it { is_expected.not_to contain_apache__mod('event') } - - it { is_expected.to contain_file("/etc/httpd/conf.d/prefork.load").with({ - 'ensure' => 'file', - 'content' => "LoadModule mpm_prefork_module modules/mod_mpm_prefork.so\n", - }) - } - end - end - context "on a FreeBSD OS" do - let :facts do - { - :osfamily => 'FreeBSD', - :operatingsystemrelease => '9', - :concat_basedir => '/dne', - :operatingsystem => 'FreeBSD', - :id => 'root', - :kernel => 'FreeBSD', - :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', - :is_pe => false, - } - end - it { is_expected.to contain_class("apache::params") } - it { is_expected.not_to contain_apache__mod('prefork') } - it { is_expected.to contain_file("/usr/local/etc/apache24/Modules/prefork.conf").with_ensure('file') } - end - context "on a Gentoo OS" do - let :facts do - { - :osfamily => 'Gentoo', - :operatingsystem => 'Gentoo', - :operatingsystemrelease => '3.16.1-gentoo', - :concat_basedir => '/dne', - :id => 'root', - :kernel => 'Linux', - :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/opt/bin', - :is_pe => false, - } - end - it { is_expected.to contain_class("apache::params") } - it { is_expected.not_to contain_apache__mod('prefork') } - it { is_expected.to contain_file("/etc/apache2/modules.d/prefork.conf").with_ensure('file') } - end -end diff --git a/apache/spec/classes/mod/proxy_connect_spec.rb b/apache/spec/classes/mod/proxy_connect_spec.rb deleted file mode 100644 index 33059c07b..000000000 --- a/apache/spec/classes/mod/proxy_connect_spec.rb +++ /dev/null @@ -1,65 +0,0 @@ -require 'spec_helper' - -describe 'apache::mod::proxy_connect', :type => :class do - let :pre_condition do - [ - 'include apache::mod::proxy', - ] - end - it_behaves_like "a mod class, without including apache" - context 'on a Debian OS' do - let :facts do - { - :osfamily => 'Debian', - :concat_basedir => '/dne', - :operatingsystem => 'Debian', - :id => 'root', - :kernel => 'Linux', - :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', - :is_pe => false, - } - end - context 'with Apache version < 2.2' do - let :facts do - super().merge({ - :operatingsystemrelease => '7.0', - :lsbdistcodename => 'wheezy', - }) - end - let :params do - { - :apache_version => '2.1', - } - end - it { is_expected.not_to contain_apache__mod('proxy_connect') } - end - context 'with Apache version = 2.2' do - let :facts do - super().merge({ - :operatingsystemrelease => '7.0', - :lsbdistcodename => 'wheezy', - }) - end - let :params do - { - :apache_version => '2.2', - } - end - it { is_expected.to contain_apache__mod('proxy_connect') } - end - context 'with Apache version >= 2.4' do - let :facts do - super().merge({ - :operatingsystemrelease => '8.0', - :lsbdistcodename => 'jessie', - }) - end - let :params do - { - :apache_version => '2.4', - } - end - it { is_expected.to contain_apache__mod('proxy_connect') } - end - end -end diff --git a/apache/spec/classes/mod/proxy_html_spec.rb b/apache/spec/classes/mod/proxy_html_spec.rb deleted file mode 100644 index ffdaa243e..000000000 --- a/apache/spec/classes/mod/proxy_html_spec.rb +++ /dev/null @@ -1,105 +0,0 @@ -require 'spec_helper' - -describe 'apache::mod::proxy_html', :type => :class do - let :pre_condition do - [ - 'include apache::mod::proxy', - 'include apache::mod::proxy_http', - ] - end - it_behaves_like "a mod class, without including apache" - context "on a Debian OS" do - shared_examples "debian" do |loadfiles| - it { is_expected.to contain_class("apache::params") } - it { is_expected.to contain_apache__mod('proxy_html').with(:loadfiles => loadfiles) } - it { is_expected.to contain_package("libapache2-mod-proxy-html") } - end - let :facts do - { - :osfamily => 'Debian', - :concat_basedir => '/dne', - :architecture => 'i386', - :lsbdistcodename => 'squeeze', - :operatingsystem => 'Debian', - :id => 'root', - :kernel => 'Linux', - :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', - :hardwaremodel => 'i386', - :is_pe => false, - } - end - - context "on squeeze" do - let(:facts) { super().merge({ :operatingsystemrelease => '6' }) } - it_behaves_like "debian", ['/usr/lib/libxml2.so.2'] - end - context "on wheezy" do - let(:facts) { super().merge({ :operatingsystemrelease => '7' }) } - context "i386" do - let(:facts) { super().merge({ - :hardwaremodel => 'i686', - :architecture => 'i386' - })} - it_behaves_like "debian", ["/usr/lib/i386-linux-gnu/libxml2.so.2"] - end - context "x64" do - let(:facts) { super().merge({ - :hardwaremodel => 'x86_64', - :architecture => 'amd64' - })} - it_behaves_like "debian", ["/usr/lib/x86_64-linux-gnu/libxml2.so.2"] - end - end - end - context "on a RedHat OS", :compile do - let :facts do - { - :osfamily => 'RedHat', - :operatingsystemrelease => '6', - :concat_basedir => '/dne', - :operatingsystem => 'RedHat', - :id => 'root', - :kernel => 'Linux', - :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', - :is_pe => false, - } - end - it { is_expected.to contain_class("apache::params") } - it { is_expected.to contain_apache__mod('proxy_html').with(:loadfiles => nil) } - it { is_expected.to contain_package("mod_proxy_html") } - end - context "on a FreeBSD OS", :compile do - let :facts do - { - :osfamily => 'FreeBSD', - :operatingsystemrelease => '9', - :concat_basedir => '/dne', - :operatingsystem => 'FreeBSD', - :id => 'root', - :kernel => 'FreeBSD', - :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', - :is_pe => false, - } - end - it { is_expected.to contain_class("apache::params") } - it { is_expected.to contain_apache__mod('proxy_html').with(:loadfiles => nil) } - it { is_expected.to contain_package("www/mod_proxy_html") } - end - context "on a Gentoo OS", :compile do - let :facts do - { - :osfamily => 'Gentoo', - :operatingsystem => 'Gentoo', - :operatingsystemrelease => '3.16.1-gentoo', - :concat_basedir => '/dne', - :id => 'root', - :kernel => 'Linux', - :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/opt/bin', - :is_pe => false, - } - end - it { is_expected.to contain_class("apache::params") } - it { is_expected.to contain_apache__mod('proxy_html').with(:loadfiles => nil) } - it { is_expected.to contain_package("www-apache/mod_proxy_html") } - end -end diff --git a/apache/spec/classes/mod/python_spec.rb b/apache/spec/classes/mod/python_spec.rb deleted file mode 100644 index 1393293a9..000000000 --- a/apache/spec/classes/mod/python_spec.rb +++ /dev/null @@ -1,75 +0,0 @@ -require 'spec_helper' - -describe 'apache::mod::python', :type => :class do - it_behaves_like "a mod class, without including apache" - - context "on a Debian OS" do - let :facts do - { - :osfamily => 'Debian', - :operatingsystemrelease => '6', - :concat_basedir => '/dne', - :lsbdistcodename => 'squeeze', - :operatingsystem => 'Debian', - :id => 'root', - :kernel => 'Linux', - :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', - :is_pe => false, - } - end - it { is_expected.to contain_class("apache::params") } - it { is_expected.to contain_apache__mod("python") } - it { is_expected.to contain_package("libapache2-mod-python") } - end - context "on a RedHat OS" do - let :facts do - { - :osfamily => 'RedHat', - :operatingsystemrelease => '6', - :concat_basedir => '/dne', - :operatingsystem => 'RedHat', - :id => 'root', - :kernel => 'Linux', - :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', - :is_pe => false, - } - end - it { is_expected.to contain_class("apache::params") } - it { is_expected.to contain_apache__mod("python") } - it { is_expected.to contain_package("mod_python") } - end - context "on a FreeBSD OS" do - let :facts do - { - :osfamily => 'FreeBSD', - :operatingsystemrelease => '9', - :concat_basedir => '/dne', - :operatingsystem => 'FreeBSD', - :id => 'root', - :kernel => 'FreeBSD', - :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', - :is_pe => false, - } - end - it { is_expected.to contain_class("apache::params") } - it { is_expected.to contain_apache__mod("python") } - it { is_expected.to contain_package("www/mod_python3") } - end - context "on a Gentoo OS" do - let :facts do - { - :osfamily => 'Gentoo', - :operatingsystem => 'Gentoo', - :operatingsystemrelease => '3.16.1-gentoo', - :concat_basedir => '/dne', - :id => 'root', - :kernel => 'Linux', - :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/opt/bin', - :is_pe => false, - } - end - it { is_expected.to contain_class("apache::params") } - it { is_expected.to contain_apache__mod("python") } - it { is_expected.to contain_package("www-apache/mod_python") } - end -end diff --git a/apache/spec/classes/mod/remoteip_spec.rb b/apache/spec/classes/mod/remoteip_spec.rb deleted file mode 100644 index d75ea5603..000000000 --- a/apache/spec/classes/mod/remoteip_spec.rb +++ /dev/null @@ -1,48 +0,0 @@ -require 'spec_helper' - -describe 'apache::mod::remoteip', :type => :class do - context "on a Debian OS" do - let :facts do - { - :osfamily => 'Debian', - :operatingsystemrelease => '8', - :concat_basedir => '/dne', - :lsbdistcodename => 'jessie', - :operatingsystem => 'Debian', - :id => 'root', - :kernel => 'Linux', - :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', - } - end - let :params do - { :apache_version => '2.4' } - end - it { is_expected.to contain_class("apache::params") } - it { is_expected.to contain_apache__mod('remoteip') } - it { is_expected.to contain_file('remoteip.conf').with({ - 'path' => '/etc/apache2/mods-available/remoteip.conf', - }) } - - describe "with header X-Forwarded-For" do - let :params do - { :header => 'X-Forwarded-For' } - end - it { is_expected.to contain_file('remoteip.conf').with_content(/^RemoteIPHeader X-Forwarded-For$/) } - end - describe "with proxy_ips => [ 10.42.17.8, 10.42.18.99 ]" do - let :params do - { :proxy_ips => [ '10.42.17.8', '10.42.18.99' ] } - end - it { is_expected.to contain_file('remoteip.conf').with_content(/^RemoteIPInternalProxy 10.42.17.8$/) } - it { is_expected.to contain_file('remoteip.conf').with_content(/^RemoteIPInternalProxy 10.42.18.99$/) } - end - describe "with Apache version < 2.4" do - let :params do - { :apache_version => '2.2' } - end - it 'should fail' do - expect { catalogue }.to raise_error(Puppet::Error, /mod_remoteip is only available in Apache 2.4/) - end - end - end -end diff --git a/apache/spec/classes/mod/reqtimeout_spec.rb b/apache/spec/classes/mod/reqtimeout_spec.rb deleted file mode 100644 index c3a09777c..000000000 --- a/apache/spec/classes/mod/reqtimeout_spec.rb +++ /dev/null @@ -1,146 +0,0 @@ -require 'spec_helper' - -describe 'apache::mod::reqtimeout', :type => :class do - it_behaves_like "a mod class, without including apache" - context "on a Debian OS" do - let :facts do - { - :osfamily => 'Debian', - :operatingsystemrelease => '6', - :concat_basedir => '/dne', - :operatingsystem => 'Debian', - :id => 'root', - :kernel => 'Linux', - :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', - :lsbdistcodename => 'squeeze', - :is_pe => false, - } - end - context "passing no parameters" do - it { is_expected.to contain_class("apache::params") } - it { is_expected.to contain_apache__mod('reqtimeout') } - it { is_expected.to contain_file('reqtimeout.conf').with_content(/^RequestReadTimeout header=20-40,minrate=500\nRequestReadTimeout body=10,minrate=500$/) } - end - context "passing timeouts => ['header=20-60,minrate=600', 'body=60,minrate=600']" do - let :params do - {:timeouts => ['header=20-60,minrate=600', 'body=60,minrate=600']} - end - it { is_expected.to contain_class("apache::params") } - it { is_expected.to contain_apache__mod('reqtimeout') } - it { is_expected.to contain_file('reqtimeout.conf').with_content(/^RequestReadTimeout header=20-60,minrate=600\nRequestReadTimeout body=60,minrate=600$/) } - end - context "passing timeouts => 'header=20-60,minrate=600'" do - let :params do - {:timeouts => 'header=20-60,minrate=600'} - end - it { is_expected.to contain_class("apache::params") } - it { is_expected.to contain_apache__mod('reqtimeout') } - it { is_expected.to contain_file('reqtimeout.conf').with_content(/^RequestReadTimeout header=20-60,minrate=600$/) } - end - end - context "on a RedHat OS" do - let :facts do - { - :osfamily => 'RedHat', - :operatingsystemrelease => '6', - :concat_basedir => '/dne', - :operatingsystem => 'Redhat', - :id => 'root', - :kernel => 'Linux', - :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', - :is_pe => false, - } - end - context "passing no parameters" do - it { is_expected.to contain_class("apache::params") } - it { is_expected.to contain_apache__mod('reqtimeout') } - it { is_expected.to contain_file('reqtimeout.conf').with_content(/^RequestReadTimeout header=20-40,minrate=500\nRequestReadTimeout body=10,minrate=500$/) } - end - context "passing timeouts => ['header=20-60,minrate=600', 'body=60,minrate=600']" do - let :params do - {:timeouts => ['header=20-60,minrate=600', 'body=60,minrate=600']} - end - it { is_expected.to contain_class("apache::params") } - it { is_expected.to contain_apache__mod('reqtimeout') } - it { is_expected.to contain_file('reqtimeout.conf').with_content(/^RequestReadTimeout header=20-60,minrate=600\nRequestReadTimeout body=60,minrate=600$/) } - end - context "passing timeouts => 'header=20-60,minrate=600'" do - let :params do - {:timeouts => 'header=20-60,minrate=600'} - end - it { is_expected.to contain_class("apache::params") } - it { is_expected.to contain_apache__mod('reqtimeout') } - it { is_expected.to contain_file('reqtimeout.conf').with_content(/^RequestReadTimeout header=20-60,minrate=600$/) } - end - end - context "on a FreeBSD OS" do - let :facts do - { - :osfamily => 'FreeBSD', - :operatingsystemrelease => '9', - :concat_basedir => '/dne', - :operatingsystem => 'FreeBSD', - :id => 'root', - :kernel => 'FreeBSD', - :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', - :is_pe => false, - } - end - context "passing no parameters" do - it { is_expected.to contain_class("apache::params") } - it { is_expected.to contain_apache__mod('reqtimeout') } - it { is_expected.to contain_file('reqtimeout.conf').with_content(/^RequestReadTimeout header=20-40,minrate=500\nRequestReadTimeout body=10,minrate=500$/) } - end - context "passing timeouts => ['header=20-60,minrate=600', 'body=60,minrate=600']" do - let :params do - {:timeouts => ['header=20-60,minrate=600', 'body=60,minrate=600']} - end - it { is_expected.to contain_class("apache::params") } - it { is_expected.to contain_apache__mod('reqtimeout') } - it { is_expected.to contain_file('reqtimeout.conf').with_content(/^RequestReadTimeout header=20-60,minrate=600\nRequestReadTimeout body=60,minrate=600$/) } - end - context "passing timeouts => 'header=20-60,minrate=600'" do - let :params do - {:timeouts => 'header=20-60,minrate=600'} - end - it { is_expected.to contain_class("apache::params") } - it { is_expected.to contain_apache__mod('reqtimeout') } - it { is_expected.to contain_file('reqtimeout.conf').with_content(/^RequestReadTimeout header=20-60,minrate=600$/) } - end - end - context "on a Gentoo OS" do - let :facts do - { - :osfamily => 'Gentoo', - :operatingsystem => 'Gentoo', - :operatingsystemrelease => '3.16.1-gentoo', - :concat_basedir => '/dne', - :id => 'root', - :kernel => 'Linux', - :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/opt/bin', - :is_pe => false, - } - end - context "passing no parameters" do - it { is_expected.to contain_class("apache::params") } - it { is_expected.to contain_apache__mod('reqtimeout') } - it { is_expected.to contain_file('reqtimeout.conf').with_content(/^RequestReadTimeout header=20-40,minrate=500\nRequestReadTimeout body=10,minrate=500$/) } - end - context "passing timeouts => ['header=20-60,minrate=600', 'body=60,minrate=600']" do - let :params do - {:timeouts => ['header=20-60,minrate=600', 'body=60,minrate=600']} - end - it { is_expected.to contain_class("apache::params") } - it { is_expected.to contain_apache__mod('reqtimeout') } - it { is_expected.to contain_file('reqtimeout.conf').with_content(/^RequestReadTimeout header=20-60,minrate=600\nRequestReadTimeout body=60,minrate=600$/) } - end - context "passing timeouts => 'header=20-60,minrate=600'" do - let :params do - {:timeouts => 'header=20-60,minrate=600'} - end - it { is_expected.to contain_class("apache::params") } - it { is_expected.to contain_apache__mod('reqtimeout') } - it { is_expected.to contain_file('reqtimeout.conf').with_content(/^RequestReadTimeout header=20-60,minrate=600$/) } - end - end -end diff --git a/apache/spec/classes/mod/rpaf_spec.rb b/apache/spec/classes/mod/rpaf_spec.rb deleted file mode 100644 index ef41fcd35..000000000 --- a/apache/spec/classes/mod/rpaf_spec.rb +++ /dev/null @@ -1,126 +0,0 @@ -require 'spec_helper' - -describe 'apache::mod::rpaf', :type => :class do - it_behaves_like "a mod class, without including apache" - context "on a Debian OS" do - let :facts do - { - :osfamily => 'Debian', - :operatingsystemrelease => '6', - :concat_basedir => '/dne', - :lsbdistcodename => 'squeeze', - :operatingsystem => 'Debian', - :id => 'root', - :kernel => 'Linux', - :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', - :is_pe => false, - } - end - it { is_expected.to contain_class("apache::params") } - it { is_expected.to contain_apache__mod('rpaf') } - it { is_expected.to contain_package("libapache2-mod-rpaf") } - it { is_expected.to contain_file('rpaf.conf').with({ - 'path' => '/etc/apache2/mods-available/rpaf.conf', - }) } - it { is_expected.to contain_file('rpaf.conf').with_content(/^RPAF_enable On$/) } - - describe "with sethostname => true" do - let :params do - { :sethostname => 'true' } - end - it { is_expected.to contain_file('rpaf.conf').with_content(/^RPAF_sethostname On$/) } - end - describe "with proxy_ips => [ 10.42.17.8, 10.42.18.99 ]" do - let :params do - { :proxy_ips => [ '10.42.17.8', '10.42.18.99' ] } - end - it { is_expected.to contain_file('rpaf.conf').with_content(/^RPAF_proxyIPs 10.42.17.8 10.42.18.99$/) } - end - describe "with header => X-Real-IP" do - let :params do - { :header => 'X-Real-IP' } - end - it { is_expected.to contain_file('rpaf.conf').with_content(/^RPAF_header X-Real-IP$/) } - end - end - context "on a FreeBSD OS" do - let :facts do - { - :osfamily => 'FreeBSD', - :operatingsystemrelease => '9', - :concat_basedir => '/dne', - :operatingsystem => 'FreeBSD', - :id => 'root', - :kernel => 'FreeBSD', - :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', - :is_pe => false, - } - end - it { is_expected.to contain_class("apache::params") } - it { is_expected.to contain_apache__mod('rpaf') } - it { is_expected.to contain_package("www/mod_rpaf2") } - it { is_expected.to contain_file('rpaf.conf').with({ - 'path' => '/usr/local/etc/apache24/Modules/rpaf.conf', - }) } - it { is_expected.to contain_file('rpaf.conf').with_content(/^RPAF_enable On$/) } - - describe "with sethostname => true" do - let :params do - { :sethostname => 'true' } - end - it { is_expected.to contain_file('rpaf.conf').with_content(/^RPAF_sethostname On$/) } - end - describe "with proxy_ips => [ 10.42.17.8, 10.42.18.99 ]" do - let :params do - { :proxy_ips => [ '10.42.17.8', '10.42.18.99' ] } - end - it { is_expected.to contain_file('rpaf.conf').with_content(/^RPAF_proxyIPs 10.42.17.8 10.42.18.99$/) } - end - describe "with header => X-Real-IP" do - let :params do - { :header => 'X-Real-IP' } - end - it { is_expected.to contain_file('rpaf.conf').with_content(/^RPAF_header X-Real-IP$/) } - end - end - context "on a Gentoo OS" do - let :facts do - { - :osfamily => 'Gentoo', - :operatingsystem => 'Gentoo', - :operatingsystemrelease => '3.16.1-gentoo', - :concat_basedir => '/dne', - :id => 'root', - :kernel => 'Linux', - :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/opt/bin', - :is_pe => false, - } - end - it { is_expected.to contain_class("apache::params") } - it { is_expected.to contain_apache__mod('rpaf') } - it { is_expected.to contain_package("www-apache/mod_rpaf") } - it { is_expected.to contain_file('rpaf.conf').with({ - 'path' => '/etc/apache2/modules.d/rpaf.conf', - }) } - it { is_expected.to contain_file('rpaf.conf').with_content(/^RPAF_enable On$/) } - - describe "with sethostname => true" do - let :params do - { :sethostname => 'true' } - end - it { is_expected.to contain_file('rpaf.conf').with_content(/^RPAF_sethostname On$/) } - end - describe "with proxy_ips => [ 10.42.17.8, 10.42.18.99 ]" do - let :params do - { :proxy_ips => [ '10.42.17.8', '10.42.18.99' ] } - end - it { is_expected.to contain_file('rpaf.conf').with_content(/^RPAF_proxyIPs 10.42.17.8 10.42.18.99$/) } - end - describe "with header => X-Real-IP" do - let :params do - { :header => 'X-Real-IP' } - end - it { is_expected.to contain_file('rpaf.conf').with_content(/^RPAF_header X-Real-IP$/) } - end - end -end diff --git a/apache/spec/classes/mod/security_spec.rb b/apache/spec/classes/mod/security_spec.rb deleted file mode 100644 index 7a0ba8f29..000000000 --- a/apache/spec/classes/mod/security_spec.rb +++ /dev/null @@ -1,110 +0,0 @@ -require 'spec_helper' - -describe 'apache::mod::security', :type => :class do - it_behaves_like "a mod class, without including apache" - context "on RedHat based systems" do - let :facts do - { - :osfamily => 'RedHat', - :operatingsystem => 'CentOS', - :operatingsystemrelease => '7', - :kernel => 'Linux', - :id => 'root', - :concat_basedir => '/', - :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', - :is_pe => false, - } - end - it { should contain_apache__mod('security').with( - :id => 'security2_module', - :lib => 'mod_security2.so' - ) } - it { should contain_apache__mod('unique_id_module').with( - :id => 'unique_id_module', - :lib => 'mod_unique_id.so' - ) } - it { should contain_package('mod_security_crs') } - it { should contain_file('security.conf').with( - :path => '/etc/httpd/conf.modules.d/security.conf' - ) } - it { should contain_file('security.conf').with_content %r{^\s+SecAuditLogParts ABIJDEFHZ$} } - it { should contain_file('/etc/httpd/modsecurity.d').with( - :ensure => 'directory', - :path => '/etc/httpd/modsecurity.d', - :owner => 'apache', - :group => 'apache' - ) } - it { should contain_file('/etc/httpd/modsecurity.d/activated_rules').with( - :ensure => 'directory', - :path => '/etc/httpd/modsecurity.d/activated_rules', - :owner => 'apache', - :group => 'apache' - ) } - it { should contain_file('/etc/httpd/modsecurity.d/security_crs.conf').with( - :path => '/etc/httpd/modsecurity.d/security_crs.conf' - ) } - it { should contain_apache__security__rule_link('base_rules/modsecurity_35_bad_robots.data') } - - describe 'with parameters' do - let :params do - { :audit_log_parts => "ABCDZ" - } - end - it { should contain_file('security.conf').with_content %r{^\s+SecAuditLogParts ABCDZ$} } - end - end - - context "on Debian based systems" do - let :facts do - { - :osfamily => 'Debian', - :operatingsystem => 'Debian', - :operatingsystemrelease => '6', - :concat_basedir => '/', - :lsbdistcodename => 'squeeze', - :id => 'root', - :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', - :kernel => 'Linux', - :is_pe => false, - } - end - it { should contain_apache__mod('security').with( - :id => 'security2_module', - :lib => 'mod_security2.so' - ) } - it { should contain_apache__mod('unique_id_module').with( - :id => 'unique_id_module', - :lib => 'mod_unique_id.so' - ) } - it { should contain_package('modsecurity-crs') } - it { should contain_file('security.conf').with( - :path => '/etc/apache2/mods-available/security.conf' - ) } - it { should contain_file('security.conf').with_content %r{^\s+SecAuditLogParts ABIJDEFHZ$} } - it { should contain_file('/etc/modsecurity').with( - :ensure => 'directory', - :path => '/etc/modsecurity', - :owner => 'www-data', - :group => 'www-data' - ) } - it { should contain_file('/etc/modsecurity/activated_rules').with( - :ensure => 'directory', - :path => '/etc/modsecurity/activated_rules', - :owner => 'www-data', - :group => 'www-data' - ) } - it { should contain_file('/etc/modsecurity/security_crs.conf').with( - :path => '/etc/modsecurity/security_crs.conf' - ) } - it { should contain_apache__security__rule_link('base_rules/modsecurity_35_bad_robots.data') } - - describe 'with parameters' do - let :params do - { :audit_log_parts => "ACEZ" - } - end - it { should contain_file('security.conf').with_content %r{^\s+SecAuditLogParts ACEZ$} } - end - end - -end diff --git a/apache/spec/classes/mod/shib_spec.rb b/apache/spec/classes/mod/shib_spec.rb deleted file mode 100644 index a651c280a..000000000 --- a/apache/spec/classes/mod/shib_spec.rb +++ /dev/null @@ -1,42 +0,0 @@ -require 'spec_helper' - -describe 'apache::mod::shib', :type => :class do - it_behaves_like "a mod class, without including apache" - context "on a Debian OS" do - let :facts do - { - :osfamily => 'Debian', - :operatingsystemrelease => '6', - :concat_basedir => '/dne', - :lsbdistcodename => 'squeeze', - :operatingsystem => 'Debian', - :id => 'root', - :kernel => 'Linux', - :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', - :fqdn => 'test.example.com', - :is_pe => false, - } - end - describe 'with no parameters' do - it { should contain_apache__mod('shib2').with_id('mod_shib') } - end - end - context "on a RedHat OS" do - let :facts do - { - :osfamily => 'RedHat', - :operatingsystemrelease => '6', - :concat_basedir => '/dne', - :operatingsystem => 'RedHat', - :id => 'root', - :kernel => 'Linux', - :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', - :fqdn => 'test.example.com', - :is_pe => false, - } - end - describe 'with no parameters' do - it { should contain_apache__mod('shib2').with_id('mod_shib') } - end - end -end diff --git a/apache/spec/classes/mod/speling_spec.rb b/apache/spec/classes/mod/speling_spec.rb deleted file mode 100644 index b4844ec74..000000000 --- a/apache/spec/classes/mod/speling_spec.rb +++ /dev/null @@ -1,37 +0,0 @@ -require 'spec_helper' - -describe 'apache::mod::speling', :type => :class do - it_behaves_like "a mod class, without including apache" - context "on a Debian OS" do - let :facts do - { - :osfamily => 'Debian', - :operatingsystemrelease => '6', - :concat_basedir => '/dne', - :lsbdistcodename => 'squeeze', - :operatingsystem => 'Debian', - :id => 'root', - :kernel => 'Linux', - :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', - :is_pe => false, - } - end - it { is_expected.to contain_apache__mod('speling') } - end - - context "on a RedHat OS" do - let :facts do - { - :osfamily => 'RedHat', - :operatingsystemrelease => '6', - :concat_basedir => '/dne', - :operatingsystem => 'RedHat', - :id => 'root', - :kernel => 'Linux', - :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', - :is_pe => false, - } - end - it { is_expected.to contain_apache__mod('speling') } - end -end diff --git a/apache/spec/classes/mod/ssl_spec.rb b/apache/spec/classes/mod/ssl_spec.rb deleted file mode 100644 index f76377e85..000000000 --- a/apache/spec/classes/mod/ssl_spec.rb +++ /dev/null @@ -1,172 +0,0 @@ -require 'spec_helper' - -describe 'apache::mod::ssl', :type => :class do - it_behaves_like "a mod class, without including apache" - context 'on an unsupported OS' do - let :facts do - { - :osfamily => 'Magic', - :operatingsystemrelease => '0', - :concat_basedir => '/dne', - :operatingsystem => 'Magic', - :id => 'root', - :kernel => 'Linux', - :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', - :is_pe => false, - } - end - it { expect { catalogue }.to raise_error(Puppet::Error, /Unsupported osfamily:/) } - end - - context 'on a RedHat OS' do - let :facts do - { - :osfamily => 'RedHat', - :operatingsystemrelease => '6', - :concat_basedir => '/dne', - :operatingsystem => 'RedHat', - :id => 'root', - :kernel => 'Linux', - :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', - :is_pe => false, - } - end - it { is_expected.to contain_class('apache::params') } - it { is_expected.to contain_apache__mod('ssl') } - it { is_expected.to contain_package('mod_ssl') } - context 'with a custom package_name parameter' do - let :params do - { :package_name => 'httpd24-mod_ssl' } - end - it { is_expected.to contain_class('apache::params') } - it { is_expected.to contain_apache__mod('ssl') } - it { is_expected.to contain_package('httpd24-mod_ssl') } - it { is_expected.not_to contain_package('mod_ssl') } - end - end - - context 'on a Debian OS' do - let :facts do - { - :osfamily => 'Debian', - :operatingsystemrelease => '6', - :concat_basedir => '/dne', - :lsbdistcodename => 'squeeze', - :operatingsystem => 'Debian', - :id => 'root', - :kernel => 'Linux', - :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', - :is_pe => false, - } - end - it { is_expected.to contain_class('apache::params') } - it { is_expected.to contain_apache__mod('ssl') } - it { is_expected.not_to contain_package('libapache2-mod-ssl') } - end - - context 'on a FreeBSD OS' do - let :facts do - { - :osfamily => 'FreeBSD', - :operatingsystemrelease => '9', - :concat_basedir => '/dne', - :operatingsystem => 'FreeBSD', - :id => 'root', - :kernel => 'FreeBSD', - :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', - :is_pe => false, - } - end - it { is_expected.to contain_class('apache::params') } - it { is_expected.to contain_apache__mod('ssl') } - end - - context 'on a Gentoo OS' do - let :facts do - { - :osfamily => 'Gentoo', - :operatingsystem => 'Gentoo', - :operatingsystemrelease => '3.16.1-gentoo', - :concat_basedir => '/dne', - :id => 'root', - :kernel => 'Linux', - :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/opt/bin', - :is_pe => false, - } - end - it { is_expected.to contain_class('apache::params') } - it { is_expected.to contain_apache__mod('ssl') } - end - - context 'on a Suse OS' do - let :facts do - { - :osfamily => 'Suse', - :operatingsystem => 'SLES', - :operatingsystemrelease => '11.2', - :concat_basedir => '/dne', - :id => 'root', - :kernel => 'Linux', - :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/opt/bin', - :is_pe => false, - } - end - it { is_expected.to contain_class('apache::params') } - it { is_expected.to contain_apache__mod('ssl') } - end - # Template config doesn't vary by distro - context "on all distros" do - let :facts do - { - :osfamily => 'RedHat', - :operatingsystem => 'CentOS', - :operatingsystemrelease => '6', - :kernel => 'Linux', - :id => 'root', - :concat_basedir => '/dne', - :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', - :is_pe => false, - } - end - - context 'not setting ssl_pass_phrase_dialog' do - it { is_expected.to contain_file('ssl.conf').with_content(/^ SSLPassPhraseDialog builtin$/)} - end - - context 'setting ssl_pass_phrase_dialog' do - let :params do - { - :ssl_pass_phrase_dialog => 'exec:/path/to/program', - } - end - it { is_expected.to contain_file('ssl.conf').with_content(/^ SSLPassPhraseDialog exec:\/path\/to\/program$/)} - end - - context 'setting ssl_random_seed_bytes' do - let :params do - { - :ssl_random_seed_bytes => '1024', - } - end - it { is_expected.to contain_file('ssl.conf').with_content(%r{^ SSLRandomSeed startup file:/dev/urandom 1024$})} - end - - context 'setting ssl_openssl_conf_cmd' do - let :params do - { - :ssl_openssl_conf_cmd => 'DHParameters "foo.pem"', - } - end - it { is_expected.to contain_file('ssl.conf').with_content(/^\s+SSLOpenSSLConfCmd DHParameters "foo.pem"$/)} - end - - context 'setting ssl_mutex' do - let :params do - { - :ssl_mutex => 'posixsem', - } - end - it { is_expected.to contain_file('ssl.conf').with_content(%r{^ SSLMutex posixsem$})} - end - end -end diff --git a/apache/spec/classes/mod/status_spec.rb b/apache/spec/classes/mod/status_spec.rb deleted file mode 100644 index 7bc7831fb..000000000 --- a/apache/spec/classes/mod/status_spec.rb +++ /dev/null @@ -1,205 +0,0 @@ -require 'spec_helper' - -# Helper function for testing the contents of `status.conf` -def status_conf_spec(allow_from, extended_status, status_path) - it do - is_expected.to contain_file("status.conf").with_content( - "\n"\ - " SetHandler server-status\n"\ - " Order deny,allow\n"\ - " Deny from all\n"\ - " Allow from #{Array(allow_from).join(' ')}\n"\ - "\n"\ - "ExtendedStatus #{extended_status}\n"\ - "\n"\ - "\n"\ - " # Show Proxy LoadBalancer status in mod_status\n"\ - " ProxyStatus On\n"\ - "\n" - ) - end -end - -describe 'apache::mod::status', :type => :class do - it_behaves_like "a mod class, without including apache" - - context "default configuration with parameters" do - context "on a Debian OS with default params" do - let :facts do - { - :osfamily => 'Debian', - :operatingsystemrelease => '6', - :concat_basedir => '/dne', - :lsbdistcodename => 'squeeze', - :operatingsystem => 'Debian', - :id => 'root', - :kernel => 'Linux', - :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', - :is_pe => false, - } - end - - it { is_expected.to contain_apache__mod("status") } - - status_conf_spec(["127.0.0.1", "::1"], "On", "/server-status") - - it { is_expected.to contain_file("status.conf").with({ - :ensure => 'file', - :path => '/etc/apache2/mods-available/status.conf', - } ) } - - it { is_expected.to contain_file("status.conf symlink").with({ - :ensure => 'link', - :path => '/etc/apache2/mods-enabled/status.conf', - } ) } - - end - - context "on a RedHat OS with default params" do - let :facts do - { - :osfamily => 'RedHat', - :operatingsystemrelease => '6', - :concat_basedir => '/dne', - :operatingsystem => 'RedHat', - :id => 'root', - :kernel => 'Linux', - :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', - :is_pe => false, - } - end - - it { is_expected.to contain_apache__mod("status") } - - status_conf_spec(["127.0.0.1", "::1"], "On", "/server-status") - - it { is_expected.to contain_file("status.conf").with_path("/etc/httpd/conf.d/status.conf") } - - end - - context "with custom parameters $allow_from => ['10.10.10.10','11.11.11.11'], $extended_status => 'Off', $status_path => '/custom-status'" do - let :facts do - { - :osfamily => 'Debian', - :operatingsystemrelease => '6', - :concat_basedir => '/dne', - :lsbdistcodename => 'squeeze', - :operatingsystem => 'Debian', - :id => 'root', - :kernel => 'Linux', - :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', - :is_pe => false, - } - end - let :params do - { - :allow_from => ['10.10.10.10','11.11.11.11'], - :extended_status => 'Off', - :status_path => '/custom-status', - } - end - - status_conf_spec(["10.10.10.10", "11.11.11.11"], "Off", "/custom-status") - - end - - context "with valid parameter type $allow_from => ['10.10.10.10']" do - let :facts do - { - :osfamily => 'Debian', - :operatingsystemrelease => '6', - :concat_basedir => '/dne', - :lsbdistcodename => 'squeeze', - :operatingsystem => 'Debian', - :id => 'root', - :kernel => 'Linux', - :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', - :is_pe => false, - } - end - let :params do - { :allow_from => ['10.10.10.10'] } - end - it 'should expect to succeed array validation' do - expect { - is_expected.to contain_file("status.conf") - }.not_to raise_error() - end - end - - context "with invalid parameter type $allow_from => '10.10.10.10'" do - let :facts do - { - :osfamily => 'Debian', - :operatingsystemrelease => '6', - :concat_basedir => '/dne', - :operatingsystem => 'Debian', - :id => 'root', - :kernel => 'Linux', - :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', - :is_pe => false, - } - end - let :params do - { :allow_from => '10.10.10.10' } - end - it 'should expect to fail array validation' do - expect { - is_expected.to contain_file("status.conf") - }.to raise_error(Puppet::Error) - end - end - - # Only On or Off are valid options - ['On', 'Off'].each do |valid_param| - context "with valid value $extended_status => '#{valid_param}'" do - let :facts do - { - :osfamily => 'Debian', - :operatingsystemrelease => '6', - :concat_basedir => '/dne', - :lsbdistcodename => 'squeeze', - :operatingsystem => 'Debian', - :id => 'root', - :kernel => 'Linux', - :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', - :is_pe => false, - } - end - let :params do - { :extended_status => valid_param } - end - it 'should expect to succeed regular expression validation' do - expect { - is_expected.to contain_file("status.conf") - }.not_to raise_error() - end - end - end - - ['Yes', 'No'].each do |invalid_param| - context "with invalid value $extended_status => '#{invalid_param}'" do - let :facts do - { - :osfamily => 'Debian', - :operatingsystemrelease => '6', - :concat_basedir => '/dne', - :operatingsystem => 'Debian', - :id => 'root', - :kernel => 'Linux', - :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', - :is_pe => false, - } - end - let :params do - { :extended_status => invalid_param } - end - it 'should expect to fail regular expression validation' do - expect { - is_expected.to contain_file("status.conf") - }.to raise_error(Puppet::Error) - end - end - end - end -end diff --git a/apache/spec/classes/mod/suphp_spec.rb b/apache/spec/classes/mod/suphp_spec.rb deleted file mode 100644 index 71dbab30e..000000000 --- a/apache/spec/classes/mod/suphp_spec.rb +++ /dev/null @@ -1,38 +0,0 @@ -require 'spec_helper' - -describe 'apache::mod::suphp', :type => :class do - it_behaves_like "a mod class, without including apache" - context "on a Debian OS" do - let :facts do - { - :osfamily => 'Debian', - :operatingsystemrelease => '6', - :concat_basedir => '/dne', - :lsbdistcodename => 'squeeze', - :operatingsystem => 'Debian', - :id => 'root', - :kernel => 'Linux', - :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', - :is_pe => false, - } - end - it { is_expected.to contain_class("apache::params") } - it { is_expected.to contain_package("libapache2-mod-suphp") } - end - context "on a RedHat OS" do - let :facts do - { - :osfamily => 'RedHat', - :operatingsystemrelease => '6', - :concat_basedir => '/dne', - :operatingsystem => 'RedHat', - :id => 'root', - :kernel => 'Linux', - :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', - :is_pe => false, - } - end - it { is_expected.to contain_class("apache::params") } - it { is_expected.to contain_package("mod_suphp") } - end -end diff --git a/apache/spec/classes/mod/worker_spec.rb b/apache/spec/classes/mod/worker_spec.rb deleted file mode 100644 index 9d0d8e5e0..000000000 --- a/apache/spec/classes/mod/worker_spec.rb +++ /dev/null @@ -1,189 +0,0 @@ -require 'spec_helper' - -describe 'apache::mod::worker', :type => :class do - let :pre_condition do - 'class { "apache": mpm_module => false, }' - end - context "on a Debian OS" do - let :facts do - { - :osfamily => 'Debian', - :operatingsystemrelease => '6', - :concat_basedir => '/dne', - :lsbdistcodename => 'squeeze', - :operatingsystem => 'Debian', - :id => 'root', - :kernel => 'Linux', - :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', - :is_pe => false, - } - end - it { is_expected.to contain_class("apache::params") } - it { is_expected.not_to contain_apache__mod('worker') } - it { is_expected.to contain_file("/etc/apache2/mods-available/worker.conf").with_ensure('file') } - it { is_expected.to contain_file("/etc/apache2/mods-enabled/worker.conf").with_ensure('link') } - - context "with Apache version < 2.4" do - let :params do - { - :apache_version => '2.2', - } - end - - it { is_expected.not_to contain_file("/etc/apache2/mods-available/worker.load") } - it { is_expected.not_to contain_file("/etc/apache2/mods-enabled/worker.load") } - - it { is_expected.to contain_package("apache2-mpm-worker") } - end - - context "with Apache version >= 2.4" do - let :params do - { - :apache_version => '2.4', - } - end - - it { is_expected.to contain_file("/etc/apache2/mods-available/worker.load").with({ - 'ensure' => 'file', - 'content' => "LoadModule mpm_worker_module /usr/lib/apache2/modules/mod_mpm_worker.so\n" - }) - } - it { is_expected.to contain_file("/etc/apache2/mods-enabled/worker.load").with_ensure('link') } - end - end - context "on a RedHat OS" do - let :facts do - { - :osfamily => 'RedHat', - :operatingsystemrelease => '6', - :concat_basedir => '/dne', - :operatingsystem => 'RedHat', - :id => 'root', - :kernel => 'Linux', - :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', - :is_pe => false, - } - end - it { is_expected.to contain_class("apache::params") } - it { is_expected.not_to contain_apache__mod('worker') } - it { is_expected.to contain_file("/etc/httpd/conf.d/worker.conf").with_ensure('file') } - - context "with Apache version < 2.4" do - let :params do - { - :apache_version => '2.2', - } - end - - it { is_expected.to contain_file_line("/etc/sysconfig/httpd worker enable").with({ - 'require' => 'Package[httpd]', - }) - } - end - - context "with Apache version >= 2.4" do - let :params do - { - :apache_version => '2.4', - } - end - - it { is_expected.not_to contain_apache__mod('event') } - - it { is_expected.to contain_file("/etc/httpd/conf.d/worker.load").with({ - 'ensure' => 'file', - 'content' => "LoadModule mpm_worker_module modules/mod_mpm_worker.so\n", - }) - } - end - end - context "on a FreeBSD OS" do - let :facts do - { - :osfamily => 'FreeBSD', - :operatingsystemrelease => '9', - :concat_basedir => '/dne', - :operatingsystem => 'FreeBSD', - :id => 'root', - :kernel => 'FreeBSD', - :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', - :is_pe => false, - } - end - it { is_expected.to contain_class("apache::params") } - it { is_expected.not_to contain_apache__mod('worker') } - it { is_expected.to contain_file("/usr/local/etc/apache24/Modules/worker.conf").with_ensure('file') } - end - context "on a Gentoo OS" do - let :facts do - { - :osfamily => 'Gentoo', - :operatingsystem => 'Gentoo', - :operatingsystemrelease => '3.16.1-gentoo', - :concat_basedir => '/dne', - :id => 'root', - :kernel => 'Linux', - :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/opt/bin', - :is_pe => false, - } - end - it { is_expected.to contain_class("apache::params") } - it { is_expected.not_to contain_apache__mod('worker') } - it { is_expected.to contain_file("/etc/apache2/modules.d/worker.conf").with_ensure('file') } - end - - # Template config doesn't vary by distro - context "on all distros" do - let :facts do - { - :osfamily => 'RedHat', - :operatingsystem => 'CentOS', - :operatingsystemrelease => '6', - :kernel => 'Linux', - :id => 'root', - :concat_basedir => '/dne', - :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', - :is_pe => false, - } - end - - context 'defaults' do - it { should contain_file('/etc/httpd/conf.d/worker.conf').with(:content => /^$/) } - it { should contain_file('/etc/httpd/conf.d/worker.conf').with(:content => /^\s+ServerLimit\s+25$/) } - it { should contain_file('/etc/httpd/conf.d/worker.conf').with(:content => /^\s+StartServers\s+2$/) } - it { should contain_file('/etc/httpd/conf.d/worker.conf').with(:content => /^\s+MaxClients\s+150$/) } - it { should contain_file('/etc/httpd/conf.d/worker.conf').with(:content => /^\s+MinSpareThreads\s+25$/) } - it { should contain_file('/etc/httpd/conf.d/worker.conf').with(:content => /^\s+MaxSpareThreads\s+75$/) } - it { should contain_file('/etc/httpd/conf.d/worker.conf').with(:content => /^\s+ThreadsPerChild\s+25$/) } - it { should contain_file('/etc/httpd/conf.d/worker.conf').with(:content => /^\s+MaxRequestsPerChild\s+0$/) } - it { should contain_file('/etc/httpd/conf.d/worker.conf').with(:content => /^\s+ThreadLimit\s+64$/) } - it { should contain_file("/etc/httpd/conf.d/worker.conf").with(:content => /^\s*ListenBacklog\s*511/) } - end - - context 'setting params' do - let :params do - { - :serverlimit => 10, - :startservers => 11, - :maxclients => 12, - :minsparethreads => 13, - :maxsparethreads => 14, - :threadsperchild => 15, - :maxrequestsperchild => 16, - :threadlimit => 17, - :listenbacklog => 8, - } - end - it { should contain_file('/etc/httpd/conf.d/worker.conf').with(:content => /^$/) } - it { should contain_file('/etc/httpd/conf.d/worker.conf').with(:content => /^\s+ServerLimit\s+10$/) } - it { should contain_file('/etc/httpd/conf.d/worker.conf').with(:content => /^\s+StartServers\s+11$/) } - it { should contain_file('/etc/httpd/conf.d/worker.conf').with(:content => /^\s+MaxClients\s+12$/) } - it { should contain_file('/etc/httpd/conf.d/worker.conf').with(:content => /^\s+MinSpareThreads\s+13$/) } - it { should contain_file('/etc/httpd/conf.d/worker.conf').with(:content => /^\s+MaxSpareThreads\s+14$/) } - it { should contain_file('/etc/httpd/conf.d/worker.conf').with(:content => /^\s+ThreadsPerChild\s+15$/) } - it { should contain_file('/etc/httpd/conf.d/worker.conf').with(:content => /^\s+MaxRequestsPerChild\s+16$/) } - it { should contain_file('/etc/httpd/conf.d/worker.conf').with(:content => /^\s+ThreadLimit\s+17$/) } - it { should contain_file("/etc/httpd/conf.d/worker.conf").with(:content => /^\s*ListenBacklog\s*8/) } - end - end -end diff --git a/apache/spec/classes/mod/wsgi_spec.rb b/apache/spec/classes/mod/wsgi_spec.rb deleted file mode 100644 index 1d54c5408..000000000 --- a/apache/spec/classes/mod/wsgi_spec.rb +++ /dev/null @@ -1,145 +0,0 @@ -require 'spec_helper' - -describe 'apache::mod::wsgi', :type => :class do - it_behaves_like "a mod class, without including apache" - context "on a Debian OS" do - let :facts do - { - :osfamily => 'Debian', - :operatingsystemrelease => '6', - :concat_basedir => '/dne', - :lsbdistcodename => 'squeeze', - :operatingsystem => 'Debian', - :id => 'root', - :kernel => 'Linux', - :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', - :is_pe => false, - } - end - it { is_expected.to contain_class("apache::params") } - it { is_expected.to contain_class('apache::mod::wsgi').with( - 'wsgi_socket_prefix' => nil - ) - } - it { is_expected.to contain_package("libapache2-mod-wsgi") } - end - context "on a RedHat OS" do - let :facts do - { - :osfamily => 'RedHat', - :operatingsystemrelease => '6', - :concat_basedir => '/dne', - :operatingsystem => 'RedHat', - :id => 'root', - :kernel => 'Linux', - :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', - :is_pe => false, - } - end - it { is_expected.to contain_class("apache::params") } - it { is_expected.to contain_class('apache::mod::wsgi').with( - 'wsgi_socket_prefix' => '/var/run/wsgi' - ) - } - it { is_expected.to contain_package("mod_wsgi") } - - describe "with custom WSGISocketPrefix" do - let :params do - { :wsgi_socket_prefix => 'run/wsgi' } - end - it {is_expected.to contain_file('wsgi.conf').with_content(/^ WSGISocketPrefix run\/wsgi$/)} - end - describe "with custom WSGIPythonHome" do - let :params do - { :wsgi_python_home => '/path/to/virtenv' } - end - it {is_expected.to contain_file('wsgi.conf').with_content(/^ WSGIPythonHome "\/path\/to\/virtenv"$/)} - end - describe "with custom package_name and mod_path" do - let :params do - { - :package_name => 'mod_wsgi_package', - :mod_path => '/foo/bar/baz', - } - end - it { is_expected.to contain_apache__mod('wsgi').with({ - 'package' => 'mod_wsgi_package', - 'path' => '/foo/bar/baz', - }) - } - it { is_expected.to contain_package("mod_wsgi_package") } - it { is_expected.to contain_file('wsgi.load').with_content(%r"LoadModule wsgi_module /foo/bar/baz") } - end - describe "with custom mod_path not containing /" do - let :params do - { - :package_name => 'mod_wsgi_package', - :mod_path => 'wsgi_mod_name.so', - } - end - it { is_expected.to contain_apache__mod('wsgi').with({ - 'path' => 'modules/wsgi_mod_name.so', - 'package' => 'mod_wsgi_package', - }) - } - it { is_expected.to contain_file('wsgi.load').with_content(%r"LoadModule wsgi_module modules/wsgi_mod_name.so") } - - end - describe "with package_name but no mod_path" do - let :params do - { - :mod_path => '/foo/bar/baz', - } - end - it { expect { catalogue }.to raise_error Puppet::Error, /apache::mod::wsgi - both package_name and mod_path must be specified!/ } - end - describe "with mod_path but no package_name" do - let :params do - { - :package_name => '/foo/bar/baz', - } - end - it { expect { catalogue }.to raise_error Puppet::Error, /apache::mod::wsgi - both package_name and mod_path must be specified!/ } - end - end - context "on a FreeBSD OS" do - let :facts do - { - :osfamily => 'FreeBSD', - :operatingsystemrelease => '9', - :concat_basedir => '/dne', - :operatingsystem => 'FreeBSD', - :id => 'root', - :kernel => 'FreeBSD', - :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', - :is_pe => false, - } - end - it { is_expected.to contain_class("apache::params") } - it { is_expected.to contain_class('apache::mod::wsgi').with( - 'wsgi_socket_prefix' => nil - ) - } - it { is_expected.to contain_package("www/mod_wsgi") } - end - context "on a Gentoo OS" do - let :facts do - { - :osfamily => 'Gentoo', - :operatingsystem => 'Gentoo', - :operatingsystemrelease => '3.16.1-gentoo', - :concat_basedir => '/dne', - :id => 'root', - :kernel => 'Linux', - :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/opt/bin', - :is_pe => false, - } - end - it { is_expected.to contain_class("apache::params") } - it { is_expected.to contain_class('apache::mod::wsgi').with( - 'wsgi_socket_prefix' => nil - ) - } - it { is_expected.to contain_package("www-apache/mod_wsgi") } - end -end diff --git a/apache/spec/classes/params_spec.rb b/apache/spec/classes/params_spec.rb deleted file mode 100644 index d02209497..000000000 --- a/apache/spec/classes/params_spec.rb +++ /dev/null @@ -1,24 +0,0 @@ -require 'spec_helper' - -describe 'apache::params', :type => :class do - context "On a Debian OS" do - let :facts do - { - :osfamily => 'Debian', - :operatingsystemrelease => '6', - :concat_basedir => '/dne', - :lsbdistcodename => 'squeeze', - :operatingsystem => 'Debian', - :id => 'root', - :kernel => 'Linux', - :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', - :is_pe => false, - } - end - it { is_expected.to contain_apache__params } - - it "Should not contain any resources" do - should have_resource_count(0) - end - end -end diff --git a/apache/spec/classes/service_spec.rb b/apache/spec/classes/service_spec.rb deleted file mode 100644 index f53937a7f..000000000 --- a/apache/spec/classes/service_spec.rb +++ /dev/null @@ -1,173 +0,0 @@ -require 'spec_helper' - -describe 'apache::service', :type => :class do - let :pre_condition do - 'include apache::params' - end - context "on a Debian OS" do - let :facts do - { - :osfamily => 'Debian', - :operatingsystemrelease => '6', - :concat_basedir => '/dne', - :lsbdistcodename => 'squeeze', - :operatingsystem => 'Debian', - :id => 'root', - :kernel => 'Linux', - :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', - :is_pe => false, - } - end - it { is_expected.to contain_service("httpd").with( - 'name' => 'apache2', - 'ensure' => 'running', - 'enable' => 'true' - ) - } - - context "with $service_name => 'foo'" do - let (:params) {{ :service_name => 'foo' }} - it { is_expected.to contain_service("httpd").with( - 'name' => 'foo' - ) - } - end - - context "with $service_enable => true" do - let (:params) {{ :service_enable => true }} - it { is_expected.to contain_service("httpd").with( - 'name' => 'apache2', - 'ensure' => 'running', - 'enable' => 'true' - ) - } - end - - context "with $service_enable => false" do - let (:params) {{ :service_enable => false }} - it { is_expected.to contain_service("httpd").with( - 'name' => 'apache2', - 'ensure' => 'running', - 'enable' => 'false' - ) - } - end - - context "$service_enable must be a bool" do - let (:params) {{ :service_enable => 'not-a-boolean' }} - - it 'should fail' do - expect { catalogue }.to raise_error(Puppet::Error, /is not a boolean/) - end - end - - context "$service_manage must be a bool" do - let (:params) {{ :service_manage => 'not-a-boolean' }} - - it 'should fail' do - expect { catalogue }.to raise_error(Puppet::Error, /is not a boolean/) - end - end - - context "with $service_ensure => 'running'" do - let (:params) {{ :service_ensure => 'running', }} - it { is_expected.to contain_service("httpd").with( - 'ensure' => 'running', - 'enable' => 'true' - ) - } - end - - context "with $service_ensure => 'stopped'" do - let (:params) {{ :service_ensure => 'stopped', }} - it { is_expected.to contain_service("httpd").with( - 'ensure' => 'stopped', - 'enable' => 'true' - ) - } - end - - context "with $service_ensure => 'UNDEF'" do - let (:params) {{ :service_ensure => 'UNDEF' }} - it { is_expected.to contain_service("httpd").without_ensure } - end - - context "with $service_restart unset" do - it { is_expected.to contain_service("httpd").without_restart } - end - - context "with $service_restart => '/usr/sbin/apachectl graceful'" do - let (:params) {{ :service_restart => '/usr/sbin/apachectl graceful' }} - it { is_expected.to contain_service("httpd").with( - 'restart' => '/usr/sbin/apachectl graceful' - ) - } - end - end - - - context "on a RedHat 5 OS, do not manage service" do - let :facts do - { - :osfamily => 'RedHat', - :operatingsystemrelease => '5', - :concat_basedir => '/dne', - :operatingsystem => 'RedHat', - :id => 'root', - :kernel => 'Linux', - :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', - :is_pe => false, - } - end - let(:params) do - { - 'service_ensure' => 'running', - 'service_name' => 'httpd', - 'service_manage' => false - } - end - it { is_expected.not_to contain_service('httpd') } - end - - context "on a FreeBSD 5 OS" do - let :facts do - { - :osfamily => 'FreeBSD', - :operatingsystemrelease => '9', - :concat_basedir => '/dne', - :operatingsystem => 'FreeBSD', - :id => 'root', - :kernel => 'FreeBSD', - :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', - :is_pe => false, - } - end - it { is_expected.to contain_service("httpd").with( - 'name' => 'apache24', - 'ensure' => 'running', - 'enable' => 'true' - ) - } - end - - context "on a Gentoo OS" do - let :facts do - { - :osfamily => 'Gentoo', - :operatingsystem => 'Gentoo', - :operatingsystemrelease => '3.16.1-gentoo', - :concat_basedir => '/dne', - :id => 'root', - :kernel => 'Linux', - :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/opt/bin', - :is_pe => false, - } - end - it { is_expected.to contain_service("httpd").with( - 'name' => 'apache2', - 'ensure' => 'running', - 'enable' => 'true' - ) - } - end -end diff --git a/apache/spec/defines/balancer_spec.rb b/apache/spec/defines/balancer_spec.rb deleted file mode 100644 index 4a1477b13..000000000 --- a/apache/spec/defines/balancer_spec.rb +++ /dev/null @@ -1,33 +0,0 @@ -require 'spec_helper' - -describe 'apache::balancer', :type => :define do - let :pre_condition do - 'include apache' - end - let :facts do - { - :osfamily => 'Debian', - :operatingsystem => 'Debian', - :operatingsystemrelease => '6', - :lsbdistcodename => 'squeeze', - :id => 'root', - :concat_basedir => '/dne', - :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', - :kernel => 'Linux', - :is_pe => false, - } - end - describe "accept a target parameter and use it" do - let :title do - 'myapp' - end - let :params do - { - :target => '/tmp/myapp.conf' - } - end - it { should contain_concat('apache_balancer_myapp').with({ - :path => "/tmp/myapp.conf", - })} - end -end diff --git a/apache/spec/defines/balancermember_spec.rb b/apache/spec/defines/balancermember_spec.rb deleted file mode 100644 index d99f99686..000000000 --- a/apache/spec/defines/balancermember_spec.rb +++ /dev/null @@ -1,59 +0,0 @@ -require 'spec_helper' - -describe 'apache::balancermember', :type => :define do - let :pre_condition do - 'include apache' - end - let :facts do - { - :osfamily => 'Debian', - :operatingsystem => 'Debian', - :operatingsystemrelease => '6', - :lsbdistcodename => 'squeeze', - :id => 'root', - :concat_basedir => '/dne', - :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', - :kernel => 'Linux', - :is_pe => false, - } - end - describe "allows multiple balancermembers with the same url" do - let :pre_condition do - 'apache::balancer {"balancer":} - apache::balancer {"balancer-external":} - apache::balancermember {"http://127.0.0.1:8080-external": url => "http://127.0.0.1:8080/", balancer_cluster => "balancer-external"} - ' - end - let :title do - 'http://127.0.0.1:8080/' - end - let :params do - { - :options => [], - :url => 'http://127.0.0.1:8080/', - :balancer_cluster => 'balancer-internal' - } - end - it { should contain_concat__fragment('BalancerMember http://127.0.0.1:8080/') } - end - describe "allows balancermember with a different target" do - let :pre_condition do - 'apache::balancer {"balancername": target => "/etc/apache/balancer.conf"} - apache::balancermember {"http://127.0.0.1:8080-external": url => "http://127.0.0.1:8080/", balancer_cluster => "balancername"} - ' - end - let :title do - 'http://127.0.0.1:8080/' - end - let :params do - { - :options => [], - :url => 'http://127.0.0.1:8080/', - :balancer_cluster => 'balancername' - } - end - it { should contain_concat__fragment('BalancerMember http://127.0.0.1:8080/').with({ - :target => "apache_balancer_balancername", - })} - end -end diff --git a/apache/spec/defines/custom_config_spec.rb b/apache/spec/defines/custom_config_spec.rb deleted file mode 100644 index 7d566b071..000000000 --- a/apache/spec/defines/custom_config_spec.rb +++ /dev/null @@ -1,138 +0,0 @@ -require 'spec_helper' - -describe 'apache::custom_config', :type => :define do - let :pre_condition do - 'class { "apache": }' - end - let :title do - 'rspec' - end - let :facts do - { - :osfamily => 'Debian', - :operatingsystemrelease => '6', - :concat_basedir => '/', - :lsbdistcodename => 'squeeze', - :operatingsystem => 'Debian', - :id => 'root', - :kernel => 'Linux', - :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', - :is_pe => false, - } - end - context 'defaults with content' do - let :params do - { - 'content' => '# Test', - } - end - it { is_expected.to contain_exec("syntax verification for rspec").with({ - 'refreshonly' => 'true', - 'subscribe' => 'File[apache_rspec]', - 'command' => '/usr/sbin/apachectl -t', - 'notify' => 'Class[Apache::Service]', - 'before' => 'Exec[remove rspec if invalid]', - }) - } - it { is_expected.to contain_exec("remove rspec if invalid").with({ - 'unless' => '/usr/sbin/apachectl -t', - 'subscribe' => 'File[apache_rspec]', - 'refreshonly' => 'true', - }) - } - it { is_expected.to contain_file("apache_rspec").with({ - 'ensure' => 'present', - 'content' => '# Test', - 'require' => 'Package[httpd]', - }) - } - end - context 'set everything with source' do - let :params do - { - 'confdir' => '/dne', - 'priority' => '30', - 'source' => 'puppet:///modules/apache/test', - 'verify_command' => '/bin/true', - } - end - it { is_expected.to contain_exec("syntax verification for rspec").with({ - 'command' => '/bin/true', - }) - } - it { is_expected.to contain_exec("remove rspec if invalid").with({ - 'command' => '/bin/rm /dne/30-rspec.conf', - 'unless' => '/bin/true', - }) - } - it { is_expected.to contain_file("apache_rspec").with({ - 'path' => '/dne/30-rspec.conf', - 'ensure' => 'present', - 'source' => 'puppet:///modules/apache/test', - 'require' => 'Package[httpd]', - }) - } - end - context 'verify_config => false' do - let :params do - { - 'content' => '# test', - 'verify_config' => false, - } - end - it { is_expected.to_not contain_exec('syntax verification for rspec') } - it { is_expected.to_not contain_exec('remove rspec if invalid') } - it { is_expected.to contain_file('apache_rspec').with({ - 'notify' => 'Class[Apache::Service]' - }) - } - end - context 'ensure => absent' do - let :params do - { - 'ensure' => 'absent' - } - end - it { is_expected.to_not contain_exec('syntax verification for rspec') } - it { is_expected.to_not contain_exec('remove rspec if invalid') } - it { is_expected.to contain_file('apache_rspec').with({ - 'ensure' => 'absent', - }) - } - end - describe 'validation' do - context 'both content and source' do - let :params do - { - 'content' => 'foo', - 'source' => 'bar', - } - end - it do - expect { - catalogue - }.to raise_error(Puppet::Error, /Only one of \$content and \$source can be specified\./) - end - end - context 'neither content nor source' do - it do - expect { - catalogue - }.to raise_error(Puppet::Error, /One of \$content and \$source must be specified\./) - end - end - context 'bad ensure' do - let :params do - { - 'content' => 'foo', - 'ensure' => 'foo', - } - end - it do - expect { - catalogue - }.to raise_error(Puppet::Error, /is not supported for ensure/) - end - end - end -end diff --git a/apache/spec/defines/fastcgi_server_spec.rb b/apache/spec/defines/fastcgi_server_spec.rb deleted file mode 100644 index e415461cc..000000000 --- a/apache/spec/defines/fastcgi_server_spec.rb +++ /dev/null @@ -1,156 +0,0 @@ -require 'spec_helper' - -describe 'apache::fastcgi::server', :type => :define do - let :pre_condition do - 'include apache' - end - let :title do - 'www' - end - describe 'os-dependent items' do - context "on RedHat based systems" do - let :default_facts do - { - :osfamily => 'RedHat', - :operatingsystem => 'CentOS', - :operatingsystemrelease => '6', - :kernel => 'Linux', - :id => 'root', - :concat_basedir => '/dne', - :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', - :is_pe => false, - } - end - let :facts do default_facts end - it { should contain_class("apache") } - it { should contain_class("apache::mod::fastcgi") } - it { should contain_file("fastcgi-pool-#{title}.conf").with( - :ensure => 'present', - :path => "/etc/httpd/conf.d/fastcgi-pool-#{title}.conf" - ) } - end - context "on Debian based systems" do - let :default_facts do - { - :osfamily => 'Debian', - :operatingsystem => 'Debian', - :operatingsystemrelease => '6', - :lsbdistcodename => 'squeeze', - :kernel => 'Linux', - :id => 'root', - :concat_basedir => '/dne', - :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', - :is_pe => false, - } - end - let :facts do default_facts end - it { should contain_class("apache") } - it { should contain_class("apache::mod::fastcgi") } - it { should contain_file("fastcgi-pool-#{title}.conf").with( - :ensure => 'present', - :path => "/etc/apache2/conf.d/fastcgi-pool-#{title}.conf" - ) } - end - context "on FreeBSD systems" do - let :default_facts do - { - :osfamily => 'FreeBSD', - :operatingsystem => 'FreeBSD', - :operatingsystemrelease => '9', - :kernel => 'FreeBSD', - :id => 'root', - :concat_basedir => '/dne', - :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', - :is_pe => false, - } - end - let :facts do default_facts end - it { should contain_class("apache") } - it { should contain_class("apache::mod::fastcgi") } - it { should contain_file("fastcgi-pool-#{title}.conf").with( - :ensure => 'present', - :path => "/usr/local/etc/apache24/Includes/fastcgi-pool-#{title}.conf" - ) } - end - context "on Gentoo systems" do - let :default_facts do - { - :osfamily => 'Gentoo', - :operatingsystem => 'Gentoo', - :operatingsystemrelease => '3.16.1-gentoo', - :concat_basedir => '/dne', - :kernel => 'Linux', - :id => 'root', - :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/opt/bin', - :is_pe => false, - } - end - let :facts do default_facts end - it { should contain_class("apache") } - it { should contain_class("apache::mod::fastcgi") } - it { should contain_file("fastcgi-pool-#{title}.conf").with( - :ensure => 'present', - :path => "/etc/apache2/conf.d/fastcgi-pool-#{title}.conf" - ) } - end - end - describe 'os-independent items' do - let :facts do - { - :osfamily => 'Debian', - :operatingsystem => 'Debian', - :operatingsystemrelease => '6', - :lsbdistcodename => 'squeeze', - :kernel => 'Linux', - :id => 'root', - :concat_basedir => '/dne', - :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', - :is_pe => false, - } - end - describe ".conf content using TCP communication" do - let :params do - { - :host => '127.0.0.1:9001', - :timeout => 30, - :flush => true, - :faux_path => '/var/www/php-www.fcgi', - :fcgi_alias => '/php-www.fcgi', - :file_type => 'application/x-httpd-php', - :pass_header => 'Authorization' - } - end - let :expected do -'FastCGIExternalServer /var/www/php-www.fcgi -idle-timeout 30 -flush -host 127.0.0.1:9001 -pass-header Authorization -Alias /php-www.fcgi /var/www/php-www.fcgi -Action application/x-httpd-php /php-www.fcgi -' - end - it do - should contain_file("fastcgi-pool-www.conf").with_content(expected) - end - end - describe ".conf content using socket communication" do - let :params do - { - :host => '/var/run/fcgi.sock', - :timeout => 30, - :flush => true, - :faux_path => '/var/www/php-www.fcgi', - :fcgi_alias => '/php-www.fcgi', - :file_type => 'application/x-httpd-php' - } - end - let :expected do -'FastCGIExternalServer /var/www/php-www.fcgi -idle-timeout 30 -flush -socket /var/run/fcgi.sock -Alias /php-www.fcgi /var/www/php-www.fcgi -Action application/x-httpd-php /php-www.fcgi -' - end - it do - should contain_file("fastcgi-pool-www.conf").with_content(expected) - end - end - - end -end diff --git a/apache/spec/defines/mod_spec.rb b/apache/spec/defines/mod_spec.rb deleted file mode 100644 index 1697190a3..000000000 --- a/apache/spec/defines/mod_spec.rb +++ /dev/null @@ -1,166 +0,0 @@ -require 'spec_helper' - -describe 'apache::mod', :type => :define do - let :pre_condition do - 'include apache' - end - context "on a RedHat osfamily" do - let :facts do - { - :osfamily => 'RedHat', - :operatingsystemrelease => '6', - :concat_basedir => '/dne', - :operatingsystem => 'RedHat', - :id => 'root', - :kernel => 'Linux', - :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', - :is_pe => false, - } - end - - describe "for non-special modules" do - let :title do - 'spec_m' - end - it { is_expected.to contain_class("apache::params") } - it "should manage the module load file" do - is_expected.to contain_file('spec_m.load').with({ - :path => '/etc/httpd/conf.d/spec_m.load', - :content => "LoadModule spec_m_module modules/mod_spec_m.so\n", - :owner => 'root', - :group => 'root', - :mode => '0644', - } ) - end - end - - describe "with file_mode set" do - let :pre_condition do - "class {'::apache': file_mode => '0640'}" - end - let :title do - 'spec_m' - end - it "should manage the module load file" do - is_expected.to contain_file('spec_m.load').with({ - :mode => '0640', - } ) - end - end - - describe "with shibboleth module and package param passed" do - # name/title for the apache::mod define - let :title do - 'xsendfile' - end - # parameters - let(:params) { {:package => 'mod_xsendfile'} } - - it { is_expected.to contain_class("apache::params") } - it { is_expected.to contain_package('mod_xsendfile') } - end - end - - context "on a Debian osfamily" do - let :facts do - { - :osfamily => 'Debian', - :operatingsystemrelease => '6', - :concat_basedir => '/dne', - :lsbdistcodename => 'squeeze', - :operatingsystem => 'Debian', - :id => 'root', - :kernel => 'Linux', - :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', - :is_pe => false, - } - end - - describe "for non-special modules" do - let :title do - 'spec_m' - end - it { is_expected.to contain_class("apache::params") } - it "should manage the module load file" do - is_expected.to contain_file('spec_m.load').with({ - :path => '/etc/apache2/mods-available/spec_m.load', - :content => "LoadModule spec_m_module /usr/lib/apache2/modules/mod_spec_m.so\n", - :owner => 'root', - :group => 'root', - :mode => '0644', - } ) - end - it "should link the module load file" do - is_expected.to contain_file('spec_m.load symlink').with({ - :path => '/etc/apache2/mods-enabled/spec_m.load', - :target => '/etc/apache2/mods-available/spec_m.load', - :owner => 'root', - :group => 'root', - :mode => '0644', - } ) - end - end - end - - context "on a FreeBSD osfamily" do - let :facts do - { - :osfamily => 'FreeBSD', - :operatingsystemrelease => '9', - :concat_basedir => '/dne', - :operatingsystem => 'FreeBSD', - :id => 'root', - :kernel => 'FreeBSD', - :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', - :is_pe => false, - } - end - - describe "for non-special modules" do - let :title do - 'spec_m' - end - it { is_expected.to contain_class("apache::params") } - it "should manage the module load file" do - is_expected.to contain_file('spec_m.load').with({ - :path => '/usr/local/etc/apache24/Modules/spec_m.load', - :content => "LoadModule spec_m_module /usr/local/libexec/apache24/mod_spec_m.so\n", - :owner => 'root', - :group => 'wheel', - :mode => '0644', - } ) - end - end - end - - context "on a Gentoo osfamily" do - let :facts do - { - :osfamily => 'Gentoo', - :operatingsystem => 'Gentoo', - :operatingsystemrelease => '3.16.1-gentoo', - :concat_basedir => '/dne', - :id => 'root', - :kernel => 'Linux', - :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/opt/bin', - :is_pe => false, - } - end - - describe "for non-special modules" do - let :title do - 'spec_m' - end - it { is_expected.to contain_class("apache::params") } - it "should manage the module load file" do - is_expected.to contain_file('spec_m.load').with({ - :path => '/etc/apache2/modules.d/spec_m.load', - :content => "LoadModule spec_m_module /usr/lib/apache2/modules/mod_spec_m.so\n", - :owner => 'root', - :group => 'wheel', - :mode => '0644', - } ) - end - end - end -end diff --git a/apache/spec/defines/modsec_link_spec.rb b/apache/spec/defines/modsec_link_spec.rb deleted file mode 100644 index a5b4c5390..000000000 --- a/apache/spec/defines/modsec_link_spec.rb +++ /dev/null @@ -1,53 +0,0 @@ -require 'spec_helper' - -describe 'apache::security::rule_link', :type => :define do - let :pre_condition do - 'class { "apache": } - class { "apache::mod::security": activated_rules => [] } - ' - end - - let :title do - 'base_rules/modsecurity_35_bad_robots.data' - end - - context "on RedHat based systems" do - let :facts do - { - :osfamily => 'RedHat', - :operatingsystem => 'CentOS', - :operatingsystemrelease => '7', - :kernel => 'Linux', - :id => 'root', - :concat_basedir => '/', - :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', - :is_pe => false, - } - end - it { should contain_file('modsecurity_35_bad_robots.data').with( - :path => '/etc/httpd/modsecurity.d/activated_rules/modsecurity_35_bad_robots.data', - :target => '/usr/lib/modsecurity.d/base_rules/modsecurity_35_bad_robots.data' - ) } - end - - context "on Debian based systems" do - let :facts do - { - :osfamily => 'Debian', - :operatingsystem => 'Debian', - :operatingsystemrelease => '6', - :concat_basedir => '/', - :lsbdistcodename => 'squeeze', - :id => 'root', - :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', - :kernel => 'Linux', - :is_pe => false, - } - end - it { should contain_file('modsecurity_35_bad_robots.data').with( - :path => '/etc/modsecurity/activated_rules/modsecurity_35_bad_robots.data', - :target => '/usr/share/modsecurity-crs/base_rules/modsecurity_35_bad_robots.data' - ) } - end - -end diff --git a/apache/spec/defines/vhost_custom_spec.rb b/apache/spec/defines/vhost_custom_spec.rb deleted file mode 100644 index 804be86b8..000000000 --- a/apache/spec/defines/vhost_custom_spec.rb +++ /dev/null @@ -1,99 +0,0 @@ -require 'spec_helper' - -describe 'apache::vhost::custom', :type => :define do - let :title do - 'rspec.example.com' - end - let :default_params do - { - :content => 'foobar' - } - end - describe 'os-dependent items' do - context "on RedHat based systems" do - let :default_facts do - { - :osfamily => 'RedHat', - :operatingsystemrelease => '6', - :operatingsystem => 'RedHat', - :concat_basedir => '/dne', - :id => 'root', - :kernel => 'Linux', - :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', - :is_pe => false, - } - end - let :params do default_params end - let :facts do default_facts end - end - context "on Debian based systems" do - let :default_facts do - { - :osfamily => 'Debian', - :operatingsystemrelease => '6', - :lsbdistcodename => 'squeeze', - :operatingsystem => 'Debian', - :concat_basedir => '/dne', - :id => 'root', - :kernel => 'Linux', - :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', - :is_pe => false, - } - end - let :params do default_params end - let :facts do default_facts end - it { is_expected.to contain_file("apache_rspec.example.com").with( - :ensure => 'present', - :content => 'foobar', - :path => '/etc/apache2/sites-available/25-rspec.example.com.conf', - ) } - it { is_expected.to contain_file("25-rspec.example.com.conf symlink").with( - :ensure => 'link', - :path => '/etc/apache2/sites-enabled/25-rspec.example.com.conf', - :target => '/etc/apache2/sites-available/25-rspec.example.com.conf' - ) } - end - context "on FreeBSD systems" do - let :default_facts do - { - :osfamily => 'FreeBSD', - :operatingsystemrelease => '9', - :operatingsystem => 'FreeBSD', - :concat_basedir => '/dne', - :id => 'root', - :kernel => 'FreeBSD', - :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', - :is_pe => false, - } - end - let :params do default_params end - let :facts do default_facts end - it { is_expected.to contain_file("apache_rspec.example.com").with( - :ensure => 'present', - :content => 'foobar', - :path => '/usr/local/etc/apache24/Vhosts/25-rspec.example.com.conf', - ) } - end - context "on Gentoo systems" do - let :default_facts do - { - :osfamily => 'Gentoo', - :operatingsystem => 'Gentoo', - :operatingsystemrelease => '3.16.1-gentoo', - :concat_basedir => '/dne', - :id => 'root', - :kernel => 'Linux', - :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/opt/bin', - :is_pe => false, - } - end - let :params do default_params end - let :facts do default_facts end - it { is_expected.to contain_file("apache_rspec.example.com").with( - :ensure => 'present', - :content => 'foobar', - :path => '/etc/apache2/vhosts.d/25-rspec.example.com.conf', - ) } - end - end -end diff --git a/apache/spec/defines/vhost_spec.rb b/apache/spec/defines/vhost_spec.rb deleted file mode 100644 index 405c2a21e..000000000 --- a/apache/spec/defines/vhost_spec.rb +++ /dev/null @@ -1,1178 +0,0 @@ -require 'spec_helper' - -describe 'apache::vhost', :type => :define do - let :pre_condition do - 'class { "apache": default_vhost => false, default_mods => false, vhost_enable_dir => "/etc/apache2/sites-enabled"}' - end - let :title do - 'rspec.example.com' - end - let :default_params do - { - :docroot => '/rspec/docroot', - :port => '84', - } - end - describe 'os-dependent items' do - context "on RedHat based systems" do - let :default_facts do - { - :osfamily => 'RedHat', - :operatingsystemrelease => '6', - :concat_basedir => '/dne', - :operatingsystem => 'RedHat', - :id => 'root', - :kernel => 'Linux', - :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', - :is_pe => false, - } - end - let :params do default_params end - let :facts do default_facts end - it { is_expected.to contain_class("apache") } - it { is_expected.to contain_class("apache::params") } - end - context "on Debian based systems" do - let :default_facts do - { - :osfamily => 'Debian', - :operatingsystemrelease => '6', - :concat_basedir => '/dne', - :lsbdistcodename => 'squeeze', - :operatingsystem => 'Debian', - :id => 'root', - :kernel => 'Linux', - :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', - :is_pe => false, - } - end - let :params do default_params end - let :facts do default_facts end - it { is_expected.to contain_class("apache") } - it { is_expected.to contain_class("apache::params") } - it { is_expected.to contain_concat("25-rspec.example.com.conf").with( - :ensure => 'present', - :path => '/etc/apache2/sites-available/25-rspec.example.com.conf' - ) } - it { is_expected.to contain_file("25-rspec.example.com.conf symlink").with( - :ensure => 'link', - :path => '/etc/apache2/sites-enabled/25-rspec.example.com.conf', - :target => '/etc/apache2/sites-available/25-rspec.example.com.conf' - ) } - end - context "on FreeBSD systems" do - let :default_facts do - { - :osfamily => 'FreeBSD', - :operatingsystemrelease => '9', - :concat_basedir => '/dne', - :operatingsystem => 'FreeBSD', - :id => 'root', - :kernel => 'FreeBSD', - :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', - :is_pe => false, - } - end - let :params do default_params end - let :facts do default_facts end - it { is_expected.to contain_class("apache") } - it { is_expected.to contain_class("apache::params") } - it { is_expected.to contain_concat("25-rspec.example.com.conf").with( - :ensure => 'present', - :path => '/usr/local/etc/apache24/Vhosts/25-rspec.example.com.conf' - ) } - end - context "on Gentoo systems" do - let :default_facts do - { - :osfamily => 'Gentoo', - :operatingsystem => 'Gentoo', - :operatingsystemrelease => '3.16.1-gentoo', - :concat_basedir => '/dne', - :id => 'root', - :kernel => 'Linux', - :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/opt/bin', - :is_pe => false, - } - end - let :params do default_params end - let :facts do default_facts end - it { is_expected.to contain_class("apache") } - it { is_expected.to contain_class("apache::params") } - it { is_expected.to contain_concat("25-rspec.example.com.conf").with( - :ensure => 'present', - :path => '/etc/apache2/vhosts.d/25-rspec.example.com.conf' - ) } - end - end - describe 'os-independent items' do - let :facts do - { - :osfamily => 'Debian', - :operatingsystemrelease => '6', - :concat_basedir => '/dne', - :lsbdistcodename => 'squeeze', - :operatingsystem => 'Debian', - :id => 'root', - :kernel => 'Linux', - :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', - :is_pe => false, - } - end - describe 'basic assumptions' do - let :params do default_params end - it { is_expected.to contain_class("apache") } - it { is_expected.to contain_class("apache::params") } - it { is_expected.to contain_apache__listen(params[:port]) } - it { is_expected.to contain_apache__namevirtualhost("*:#{params[:port]}") } - end - context 'set everything!' do - let :params do - { - 'docroot' => '/var/www/foo', - 'manage_docroot' => false, - 'virtual_docroot' => true, - 'port' => '8080', - 'ip' => '127.0.0.1', - 'ip_based' => true, - 'add_listen' => false, - 'docroot_owner' => 'user', - 'docroot_group' => 'wheel', - 'docroot_mode' => '0664', - 'serveradmin' => 'foo@localhost', - 'ssl' => true, - 'ssl_cert' => '/ssl/cert', - 'ssl_key' => '/ssl/key', - 'ssl_chain' => '/ssl/chain', - 'ssl_crl_path' => '/ssl/crl', - 'ssl_crl' => 'foo.crl', - 'ssl_certs_dir' => '/ssl/certs', - 'ssl_protocol' => 'SSLv2', - 'ssl_cipher' => 'HIGH', - 'ssl_honorcipherorder' => 'Off', - 'ssl_verify_client' => 'optional', - 'ssl_verify_depth' => '3', - 'ssl_options' => '+ExportCertData', - 'ssl_openssl_conf_cmd' => 'DHParameters "foo.pem"', - 'ssl_proxy_verify' => 'require', - 'ssl_proxy_check_peer_cn' => 'on', - 'ssl_proxy_check_peer_name' => 'on', - 'ssl_proxyengine' => true, - 'ssl_proxy_protocol' => 'TLSv1.2', - - 'priority' => '30', - 'default_vhost' => true, - 'servername' => 'example.com', - 'serveraliases' => ['test-example.com'], - 'options' => ['MultiView'], - 'override' => ['All'], - 'directoryindex' => 'index.html', - 'vhost_name' => 'test', - 'logroot' => '/var/www/logs', - 'logroot_ensure' => 'directory', - 'logroot_mode' => '0600', - 'logroot_owner' => 'root', - 'logroot_group' => 'root', - 'log_level' => 'crit', - 'access_log' => false, - 'access_log_file' => 'httpd_access_log', - 'access_log_syslog' => true, - 'access_log_format' => '%h %l %u %t \"%r\" %>s %b', - 'access_log_env_var' => '', - 'aliases' => '/image', - 'directories' => [ - { - 'path' => '/var/www/files', - 'provider' => 'files', - 'require' => [ 'valid-user', 'all denied', ], - }, - { - 'path' => '/var/www/files', - 'provider' => 'files', - 'require' => 'all granted', - }, - { - 'path' => '*', - 'provider' => 'proxy', - }, - { 'path' => '/var/www/files/indexed_directory', - 'directoryindex' => 'disabled', - 'options' => ['Indexes','FollowSymLinks','MultiViews'], - 'index_options' => ['FancyIndexing'], - 'index_style_sheet' => '/styles/style.css', - }, - { 'path' => '/var/www/files/output_filtered', - 'set_output_filter' => 'output_filter', - }, - ], - 'error_log' => false, - 'error_log_file' => 'httpd_error_log', - 'error_log_syslog' => true, - 'error_documents' => 'true', - 'fallbackresource' => '/index.php', - 'scriptalias' => '/usr/lib/cgi-bin', - 'scriptaliases' => [ - { - 'alias' => '/myscript', - 'path' => '/usr/share/myscript', - }, - { - 'aliasmatch' => '^/foo(.*)', - 'path' => '/usr/share/fooscripts$1', - }, - ], - 'proxy_dest' => '/', - 'proxy_pass' => [ - { - 'path' => '/a', - 'url' => 'http://backend-a/', - 'keywords' => ['noquery', 'interpolate'], - 'reverse_cookies' => [ - { - 'path' => '/a', - 'url' => 'http://backend-a/', - }, - { - 'domain' => 'foo', - 'url' => 'http://foo', - } - ], - 'params' => { - 'retry' => '0', - 'timeout' => '5' - }, - 'options' => { - 'Require' =>'valid-user', - 'AuthType' =>'Kerberos', - 'AuthName' =>'"Kerberos Login"' - }, - 'setenv' => ['proxy-nokeepalive 1','force-proxy-request-1.0 1'], - } - ], - 'proxy_pass_match' => [ - { - 'path' => '/a', - 'url' => 'http://backend-a/', - 'keywords' => ['noquery', 'interpolate'], - 'params' => { - 'retry' => '0', - 'timeout' => '5' - }, - 'setenv' => ['proxy-nokeepalive 1','force-proxy-request-1.0 1'], - } - ], - 'suphp_addhandler' => 'foo', - 'suphp_engine' => 'on', - 'suphp_configpath' => '/var/www/html', - 'php_admin_flags' => ['foo', 'bar'], - 'php_admin_values' => ['true', 'false'], - 'no_proxy_uris' => '/foo', - 'no_proxy_uris_match' => '/foomatch', - 'proxy_preserve_host' => true, - 'proxy_error_override' => true, - 'redirect_source' => '/bar', - 'redirect_dest' => '/', - 'redirect_status' => 'temp', - 'redirectmatch_status' => ['404'], - 'redirectmatch_regexp' => ['\.git$'], - 'redirectmatch_dest' => ['http://www.example.com'], - 'rack_base_uris' => ['/rackapp1'], - 'passenger_base_uris' => ['/passengerapp1'], - 'headers' => 'Set X-Robots-Tag "noindex, noarchive, nosnippet"', - 'request_headers' => ['append MirrorID "mirror 12"'], - 'rewrites' => [ - { - 'rewrite_rule' => ['^index\.html$ welcome.html'] - } - ], - 'filters' => [ - 'FilterDeclare COMPRESS', - 'FilterProvider COMPRESS DEFLATE resp=Content-Type $text/html', - 'FilterProvider COMPRESS DEFLATE resp=Content-Type $text/css', - 'FilterProvider COMPRESS DEFLATE resp=Content-Type $text/plain', - 'FilterProvider COMPRESS DEFLATE resp=Content-Type $text/xml', - 'FilterChain COMPRESS', - 'FilterProtocol COMPRESS DEFLATE change=yes;byteranges=no', - ], - 'rewrite_base' => '/', - 'rewrite_rule' => '^index\.html$ welcome.html', - 'rewrite_cond' => '%{HTTP_USER_AGENT} ^MSIE', - 'setenv' => ['FOO=/bin/true'], - 'setenvif' => 'Request_URI "\.gif$" object_is_image=gif', - 'block' => 'scm', - 'wsgi_application_group' => '%{GLOBAL}', - 'wsgi_daemon_process' => 'wsgi', - 'wsgi_daemon_process_options' => { - 'processes' => '2', - 'threads' => '15', - 'display-name' => '%{GROUP}', - }, - 'wsgi_import_script' => '/var/www/demo.wsgi', - 'wsgi_import_script_options' => { - 'process-group' => 'wsgi', - 'application-group' => '%{GLOBAL}' - }, - 'wsgi_process_group' => 'wsgi', - 'wsgi_script_aliases' => { - '/' => '/var/www/demo.wsgi' - }, - 'wsgi_pass_authorization' => 'On', - 'custom_fragment' => '#custom string', - 'itk' => { - 'user' => 'someuser', - 'group' => 'somegroup' - }, - 'wsgi_chunked_request' => 'On', - 'action' => 'foo', - 'fastcgi_server' => 'localhost', - 'fastcgi_socket' => '/tmp/fastcgi.socket', - 'fastcgi_dir' => '/tmp', - 'additional_includes' => '/custom/path/includes', - 'apache_version' => '2.4', - 'use_optional_includes' => true, - 'suexec_user_group' => 'root root', - 'allow_encoded_slashes' => 'nodecode', - 'passenger_app_root' => '/usr/share/myapp', - 'passenger_app_env' => 'test', - 'passenger_ruby' => '/usr/bin/ruby1.9.1', - 'passenger_min_instances' => '1', - 'passenger_start_timeout' => '600', - 'passenger_pre_start' => 'http://localhost/myapp', - 'passenger_user' => 'sandbox', - 'add_default_charset' => 'UTF-8', - 'jk_mounts' => [ - { 'mount' => '/*', 'worker' => 'tcnode1', }, - { 'unmount' => '/*.jpg', 'worker' => 'tcnode1', }, - ], - 'auth_kerb' => true, - 'krb_method_negotiate' => 'off', - 'krb_method_k5passwd' => 'off', - 'krb_authoritative' => 'off', - 'krb_auth_realms' => ['EXAMPLE.ORG','EXAMPLE.NET'], - 'krb_5keytab' => '/tmp/keytab5', - 'krb_local_user_mapping' => 'off' - } - end - let :facts do - { - :osfamily => 'RedHat', - :operatingsystemrelease => '7', - :concat_basedir => '/dne', - :operatingsystem => 'RedHat', - :id => 'root', - :kernel => 'Linux', - :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', - :kernelversion => '3.6.2', - :is_pe => false, - } - end - - it { is_expected.to compile } - it { is_expected.to_not contain_file('/var/www/foo') } - it { is_expected.to contain_class('apache::mod::ssl') } - it { is_expected.to contain_file('ssl.conf').with( - :content => /^\s+SSLHonorCipherOrder On$/ ) } - it { is_expected.to contain_file('ssl.conf').with( - :content => /^\s+SSLPassPhraseDialog builtin$/ ) } - it { is_expected.to contain_file('ssl.conf').with( - :content => /^\s+SSLSessionCacheTimeout 300$/ ) } - it { is_expected.to contain_class('apache::mod::mime') } - it { is_expected.to contain_class('apache::mod::vhost_alias') } - it { is_expected.to contain_class('apache::mod::wsgi') } - it { is_expected.to contain_class('apache::mod::suexec') } - it { is_expected.to contain_class('apache::mod::passenger') } - it { is_expected.to contain_file('/var/www/logs').with({ - 'ensure' => 'directory', - 'mode' => '0600', - }) - } - it { is_expected.to contain_class('apache::mod::rewrite') } - it { is_expected.to contain_class('apache::mod::alias') } - it { is_expected.to contain_class('apache::mod::proxy') } - it { is_expected.to contain_class('apache::mod::proxy_http') } - it { is_expected.to contain_class('apache::mod::passenger') } - it { is_expected.to contain_class('apache::mod::passenger') } - it { is_expected.to contain_class('apache::mod::fastcgi') } - it { is_expected.to contain_class('apache::mod::headers') } - it { is_expected.to contain_class('apache::mod::filter') } - it { is_expected.to contain_class('apache::mod::setenvif') } - it { is_expected.to contain_concat('30-rspec.example.com.conf').with({ - 'owner' => 'root', - 'mode' => '0644', - 'require' => 'Package[httpd]', - 'notify' => 'Class[Apache::Service]', - }) - } - it { is_expected.to contain_file('30-rspec.example.com.conf symlink').with({ - 'ensure' => 'link', - 'path' => '/etc/apache2/sites-enabled/30-rspec.example.com.conf', - }) - } - it { is_expected.to contain_concat__fragment('rspec.example.com-apache-header') } - it { is_expected.to contain_concat__fragment('rspec.example.com-docroot') } - it { is_expected.to contain_concat__fragment('rspec.example.com-aliases') } - it { is_expected.to contain_concat__fragment('rspec.example.com-itk') } - it { is_expected.to contain_concat__fragment('rspec.example.com-fallbackresource') } - it { is_expected.to contain_concat__fragment('rspec.example.com-directories') } - it { is_expected.to contain_concat__fragment('rspec.example.com-directories').with( - :content => /^\s+$/ ) } - it { is_expected.to contain_concat__fragment('rspec.example.com-directories').with( - :content => /^\s+Require valid-user$/ ) } - it { is_expected.to contain_concat__fragment('rspec.example.com-directories').with( - :content => /^\s+Require all denied$/ ) } - it { is_expected.to contain_concat__fragment('rspec.example.com-directories').with( - :content => /^\s+Require all granted$/ ) } - it { is_expected.to contain_concat__fragment('rspec.example.com-directories').with( - :content => /^\s+Options\sIndexes\sFollowSymLinks\sMultiViews$/ ) } - it { is_expected.to contain_concat__fragment('rspec.example.com-directories').with( - :content => /^\s+IndexOptions\sFancyIndexing$/ ) } - it { is_expected.to contain_concat__fragment('rspec.example.com-directories').with( - :content => /^\s+IndexStyleSheet\s'\/styles\/style\.css'$/ ) } - it { is_expected.to contain_concat__fragment('rspec.example.com-directories').with( - :content => /^\s+DirectoryIndex\sdisabled$/ ) } - it { is_expected.to contain_concat__fragment('rspec.example.com-directories').with( - :content => /^\s+SetOutputFilter\soutput_filter$/ ) } - it { is_expected.to contain_concat__fragment('rspec.example.com-additional_includes') } - it { is_expected.to contain_concat__fragment('rspec.example.com-logging') } - it { is_expected.to contain_concat__fragment('rspec.example.com-serversignature') } - it { is_expected.to_not contain_concat__fragment('rspec.example.com-access_log') } - it { is_expected.to contain_concat__fragment('rspec.example.com-action') } - it { is_expected.to contain_concat__fragment('rspec.example.com-block') } - it { is_expected.to contain_concat__fragment('rspec.example.com-error_document') } - it { is_expected.to contain_concat__fragment('rspec.example.com-proxy').with_content( - /retry=0/) } - it { is_expected.to contain_concat__fragment('rspec.example.com-proxy').with_content( - /timeout=5/) } - it { is_expected.to contain_concat__fragment('rspec.example.com-proxy').with_content( - /SetEnv force-proxy-request-1.0 1/) } - it { is_expected.to contain_concat__fragment('rspec.example.com-proxy').with_content( - /SetEnv proxy-nokeepalive 1/) } - it { is_expected.to contain_concat__fragment('rspec.example.com-proxy').with_content( - /noquery interpolate/) } - it { is_expected.to contain_concat__fragment('rspec.example.com-proxy').with_content( - /ProxyPassReverseCookiePath\s+\/a\s+http:\/\//) } - it { is_expected.to contain_concat__fragment('rspec.example.com-proxy').with_content( - /ProxyPassReverseCookieDomain\s+foo\s+http:\/\/foo/) } - it { is_expected.to contain_concat__fragment('rspec.example.com-proxy').with_content( - /Require valid-user/) } - it { is_expected.to contain_concat__fragment('rspec.example.com-proxy').with_content( - /AuthType Kerberos/) } - it { is_expected.to contain_concat__fragment('rspec.example.com-proxy').with_content( - /AuthName "Kerberos Login"/) } - - it { is_expected.to contain_concat__fragment('rspec.example.com-rack') } - it { is_expected.to contain_concat__fragment('rspec.example.com-redirect') } - it { is_expected.to contain_concat__fragment('rspec.example.com-rewrite') } - it { is_expected.to contain_concat__fragment('rspec.example.com-scriptalias') } - it { is_expected.to contain_concat__fragment('rspec.example.com-serveralias') } - it { is_expected.to contain_concat__fragment('rspec.example.com-setenv') } - it { is_expected.to contain_concat__fragment('rspec.example.com-ssl') } - it { is_expected.to contain_concat__fragment('rspec.example.com-ssl').with( - :content => /^\s+SSLOpenSSLConfCmd\s+DHParameters "foo.pem"$/ ) } - it { is_expected.to contain_concat__fragment('rspec.example.com-sslproxy') } - it { is_expected.to contain_concat__fragment('rspec.example.com-sslproxy').with( - :content => /^\s+SSLProxyEngine On$/ ) } - it { is_expected.to contain_concat__fragment('rspec.example.com-sslproxy').with( - :content => /^\s+SSLProxyCheckPeerCN\s+on$/ ) } - it { is_expected.to contain_concat__fragment('rspec.example.com-sslproxy').with( - :content => /^\s+SSLProxyCheckPeerName\s+on$/ ) } - it { is_expected.to contain_concat__fragment('rspec.example.com-sslproxy').with( - :content => /^\s+SSLProxyProtocol\s+TLSv1.2$/ ) } - it { is_expected.to contain_concat__fragment('rspec.example.com-suphp') } - it { is_expected.to contain_concat__fragment('rspec.example.com-php_admin') } - it { is_expected.to contain_concat__fragment('rspec.example.com-header') } - it { is_expected.to contain_concat__fragment('rspec.example.com-filters').with( - :content => /^\s+FilterDeclare COMPRESS$/ ) } - it { is_expected.to contain_concat__fragment('rspec.example.com-requestheader') } - it { is_expected.to contain_concat__fragment('rspec.example.com-wsgi') } - it { is_expected.to contain_concat__fragment('rspec.example.com-custom_fragment') } - it { is_expected.to contain_concat__fragment('rspec.example.com-fastcgi') } - it { is_expected.to contain_concat__fragment('rspec.example.com-suexec') } - it { is_expected.to contain_concat__fragment('rspec.example.com-allow_encoded_slashes') } - it { is_expected.to contain_concat__fragment('rspec.example.com-passenger') } - it { is_expected.to contain_concat__fragment('rspec.example.com-charsets') } - it { is_expected.to contain_concat__fragment('rspec.example.com-file_footer') } - it { is_expected.to contain_concat__fragment('rspec.example.com-jk_mounts').with( - :content => /^\s+JkMount\s+\/\*\s+tcnode1$/)} - it { is_expected.to contain_concat__fragment('rspec.example.com-jk_mounts').with( - :content => /^\s+JkUnMount\s+\/\*\.jpg\s+tcnode1$/)} - it { is_expected.to contain_concat__fragment('rspec.example.com-auth_kerb').with( - :content => /^\s+KrbMethodNegotiate\soff$/)} - it { is_expected.to contain_concat__fragment('rspec.example.com-auth_kerb').with( - :content => /^\s+KrbAuthoritative\soff$/)} - it { is_expected.to contain_concat__fragment('rspec.example.com-auth_kerb').with( - :content => /^\s+KrbAuthRealms\sEXAMPLE.ORG\sEXAMPLE.NET$/)} - it { is_expected.to contain_concat__fragment('rspec.example.com-auth_kerb').with( - :content => /^\s+Krb5Keytab\s\/tmp\/keytab5$/)} - it { is_expected.to contain_concat__fragment('rspec.example.com-auth_kerb').with( - :content => /^\s+KrbLocalUserMapping\soff$/)} - it { is_expected.to contain_concat__fragment('rspec.example.com-auth_kerb').with( - :content => /^\s+KrbServiceName\sHTTP$/)} - it { is_expected.to contain_concat__fragment('rspec.example.com-auth_kerb').with( - :content => /^\s+KrbSaveCredentials\soff$/)} - it { is_expected.to contain_concat__fragment('rspec.example.com-auth_kerb').with( - :content => /^\s+KrbVerifyKDC\son$/)} - end - context 'vhost with multiple ip addresses' do - let :params do - { - 'port' => '80', - 'ip' => ['127.0.0.1','::1'], - 'ip_based' => true, - 'servername' => 'example.com', - 'docroot' => '/var/www/html', - 'add_listen' => true, - 'ensure' => 'present' - } - end - let :facts do - { - :osfamily => 'RedHat', - :operatingsystemrelease => '7', - :concat_basedir => '/dne', - :operatingsystem => 'RedHat', - :id => 'root', - :kernel => 'Linux', - :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', - :kernelversion => '3.6.2', - :is_pe => false, - } - end - - it { is_expected.to compile } - it { is_expected.to contain_concat__fragment('rspec.example.com-apache-header').with( - :content => /[.\/m]*[.\/m]*$/ ) } - it { is_expected.to contain_concat__fragment('Listen 127.0.0.1:80') } - it { is_expected.to contain_concat__fragment('Listen [::1]:80') } - it { is_expected.to_not contain_concat__fragment('NameVirtualHost 127.0.0.1:80') } - it { is_expected.to_not contain_concat__fragment('NameVirtualHost [::1]:80') } - end - - context 'vhost with ipv6 address' do - let :params do - { - 'port' => '80', - 'ip' => '::1', - 'ip_based' => true, - 'servername' => 'example.com', - 'docroot' => '/var/www/html', - 'add_listen' => true, - 'ensure' => 'present' - } - end - let :facts do - { - :osfamily => 'RedHat', - :operatingsystemrelease => '7', - :concat_basedir => '/dne', - :operatingsystem => 'RedHat', - :id => 'root', - :kernel => 'Linux', - :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', - :kernelversion => '3.6.2', - :is_pe => false, - } - end - - it { is_expected.to compile } - it { is_expected.to contain_concat__fragment('rspec.example.com-apache-header').with( - :content => /[.\/m]*[.\/m]*$/ ) } - it { is_expected.to contain_concat__fragment('Listen [::1]:80') } - it { is_expected.to_not contain_concat__fragment('NameVirtualHost [::1]:80') } - end - - context 'vhost with wildcard ip address' do - let :params do - { - 'port' => '80', - 'ip' => '*', - 'ip_based' => true, - 'servername' => 'example.com', - 'docroot' => '/var/www/html', - 'add_listen' => true, - 'ensure' => 'present' - } - end - let :facts do - { - :osfamily => 'RedHat', - :operatingsystemrelease => '7', - :concat_basedir => '/dne', - :operatingsystem => 'RedHat', - :id => 'root', - :kernel => 'Linux', - :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', - :kernelversion => '3.6.2', - :is_pe => false, - } - end - - it { is_expected.to compile } - it { is_expected.to contain_concat__fragment('rspec.example.com-apache-header').with( - :content => /[.\/m]*[.\/m]*$/ ) } - it { is_expected.to contain_concat__fragment('Listen *:80') } - it { is_expected.to_not contain_concat__fragment('NameVirtualHost *:80') } - end - - context 'set only aliases' do - let :params do - { - 'docroot' => '/rspec/docroot', - 'aliases' => [ - { - 'alias' => '/alias', - 'path' => '/rspec/docroot', - }, - ] - } - end - it { is_expected.to contain_class('apache::mod::alias')} - end - context 'proxy_pass_match' do - let :params do - { - 'docroot' => '/rspec/docroot', - 'proxy_pass_match' => [ - { - 'path' => '.*', - 'url' => 'http://backend-a/', - 'params' => { 'timeout' => 300 }, - } - ], - } - end - it { is_expected.to contain_concat__fragment('rspec.example.com-proxy').with_content( - /ProxyPassMatch .* http:\/\/backend-a\/ timeout=300/).with_content(/## Proxy rules/) } - end - context 'proxy_dest_match' do - let :params do - { - 'docroot' => '/rspec/docroot', - 'proxy_dest_match' => '/' - } - end - it { is_expected.to contain_concat__fragment('rspec.example.com-proxy').with_content(/## Proxy rules/) } - end - context 'not everything can be set together...' do - let :params do - { - 'access_log_pipe' => '/dev/null', - 'error_log_pipe' => '/dev/null', - 'docroot' => '/var/www/foo', - 'ensure' => 'absent', - 'manage_docroot' => true, - 'logroot' => '/tmp/logroot', - 'logroot_ensure' => 'absent', - 'directories' => [ - { - 'path' => '/var/www/files', - 'provider' => 'files', - 'allow' => [ 'from 127.0.0.1', 'from 127.0.0.2', ], - 'deny' => [ 'from 127.0.0.3', 'from 127.0.0.4', ], - 'satisfy' => 'any', - }, - { - 'path' => '/var/www/foo', - 'provider' => 'files', - 'allow' => 'from 127.0.0.5', - 'deny' => 'from all', - 'order' => 'deny,allow', - }, - ], - - } - end - let :facts do - { - :osfamily => 'RedHat', - :operatingsystemrelease => '6', - :concat_basedir => '/dne', - :operatingsystem => 'RedHat', - :id => 'root', - :kernel => 'Linux', - :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', - :kernelversion => '3.6.2', - :is_pe => false, - } - end - - it { is_expected.to compile } - it { is_expected.to_not contain_class('apache::mod::ssl') } - it { is_expected.to_not contain_class('apache::mod::mime') } - it { is_expected.to_not contain_class('apache::mod::vhost_alias') } - it { is_expected.to_not contain_class('apache::mod::wsgi') } - it { is_expected.to_not contain_class('apache::mod::passenger') } - it { is_expected.to_not contain_class('apache::mod::suexec') } - it { is_expected.to_not contain_class('apache::mod::rewrite') } - it { is_expected.to_not contain_class('apache::mod::alias') } - it { is_expected.to_not contain_class('apache::mod::proxy') } - it { is_expected.to_not contain_class('apache::mod::proxy_http') } - it { is_expected.to_not contain_class('apache::mod::passenger') } - it { is_expected.to_not contain_class('apache::mod::headers') } - it { is_expected.to contain_file('/var/www/foo') } - it { is_expected.to contain_file('/tmp/logroot').with({ - 'ensure' => 'absent', - }) - } - it { is_expected.to contain_concat('25-rspec.example.com.conf').with({ - 'ensure' => 'absent', - }) - } - it { is_expected.to contain_concat__fragment('rspec.example.com-apache-header') } - it { is_expected.to contain_concat__fragment('rspec.example.com-docroot') } - it { is_expected.to_not contain_concat__fragment('rspec.example.com-aliases') } - it { is_expected.to_not contain_concat__fragment('rspec.example.com-itk') } - it { is_expected.to_not contain_concat__fragment('rspec.example.com-fallbackresource') } - it { is_expected.to contain_concat__fragment('rspec.example.com-directories') } - it { is_expected.to contain_concat__fragment('rspec.example.com-directories').with( - :content => /^\s+Allow from 127\.0\.0\.1$/ ) } - it { is_expected.to contain_concat__fragment('rspec.example.com-directories').with( - :content => /^\s+Allow from 127\.0\.0\.2$/ ) } - it { is_expected.to contain_concat__fragment('rspec.example.com-directories').with( - :content => /^\s+Allow from 127\.0\.0\.5$/ ) } - it { is_expected.to contain_concat__fragment('rspec.example.com-directories').with( - :content => /^\s+Deny from 127\.0\.0\.3$/ ) } - it { is_expected.to contain_concat__fragment('rspec.example.com-directories').with( - :content => /^\s+Deny from 127\.0\.0\.4$/ ) } - it { is_expected.to contain_concat__fragment('rspec.example.com-directories').with( - :content => /^\s+Deny from all$/ ) } - it { is_expected.to contain_concat__fragment('rspec.example.com-directories').with( - :content => /^\s+Satisfy any$/ ) } - it { is_expected.to contain_concat__fragment('rspec.example.com-directories').with( - :content => /^\s+Order deny,allow$/ ) } - it { is_expected.to_not contain_concat__fragment('rspec.example.com-additional_includes') } - it { is_expected.to contain_concat__fragment('rspec.example.com-logging') } - it { is_expected.to contain_concat__fragment('rspec.example.com-serversignature') } - it { is_expected.to contain_concat__fragment('rspec.example.com-access_log') } - it { is_expected.to_not contain_concat__fragment('rspec.example.com-action') } - it { is_expected.to_not contain_concat__fragment('rspec.example.com-block') } - it { is_expected.to_not contain_concat__fragment('rspec.example.com-error_document') } - it { is_expected.to_not contain_concat__fragment('rspec.example.com-proxy') } - it { is_expected.to_not contain_concat__fragment('rspec.example.com-rack') } - it { is_expected.to_not contain_concat__fragment('rspec.example.com-redirect') } - it { is_expected.to_not contain_concat__fragment('rspec.example.com-rewrite') } - it { is_expected.to_not contain_concat__fragment('rspec.example.com-scriptalias') } - it { is_expected.to_not contain_concat__fragment('rspec.example.com-serveralias') } - it { is_expected.to_not contain_concat__fragment('rspec.example.com-setenv') } - it { is_expected.to_not contain_concat__fragment('rspec.example.com-ssl') } - it { is_expected.to_not contain_concat__fragment('rspec.example.com-sslproxy') } - it { is_expected.to_not contain_concat__fragment('rspec.example.com-suphp') } - it { is_expected.to_not contain_concat__fragment('rspec.example.com-php_admin') } - it { is_expected.to_not contain_concat__fragment('rspec.example.com-header') } - it { is_expected.to_not contain_concat__fragment('rspec.example.com-requestheader') } - it { is_expected.to_not contain_concat__fragment('rspec.example.com-wsgi') } - it { is_expected.to_not contain_concat__fragment('rspec.example.com-custom_fragment') } - it { is_expected.to_not contain_concat__fragment('rspec.example.com-fastcgi') } - it { is_expected.to_not contain_concat__fragment('rspec.example.com-suexec') } - it { is_expected.to_not contain_concat__fragment('rspec.example.com-charsets') } - it { is_expected.to_not contain_concat__fragment('rspec.example.com-limits') } - it { is_expected.to contain_concat__fragment('rspec.example.com-file_footer') } - end - context 'when not setting nor managing the docroot' do - let :params do - { - 'docroot' => false, - 'manage_docroot' => false, - } - end - it { is_expected.to compile } - it { is_expected.not_to contain_concat__fragment('rspec.example.com-docroot') } - end - context 'ssl_proxyengine without ssl' do - let :params do - { - 'docroot' => '/rspec/docroot', - 'ssl' => false, - 'ssl_proxyengine' => true, - } - end - it { is_expected.to compile } - it { is_expected.not_to contain_concat__fragment('rspec.example.com-ssl') } - it { is_expected.to contain_concat__fragment('rspec.example.com-sslproxy') } - end - context 'ssl_proxy_protocol without ssl_proxyengine' do - let :params do - { - 'docroot' => '/rspec/docroot', - 'ssl' => true, - 'ssl_proxyengine' => false, - 'ssl_proxy_protocol' => 'TLSv1.2', - } - end - it { is_expected.to compile } - it { is_expected.to contain_concat__fragment('rspec.example.com-ssl') } - it { is_expected.not_to contain_concat__fragment('rspec.example.com-sslproxy') } - end - end - describe 'access logs' do - let :facts do - { - :osfamily => 'RedHat', - :operatingsystemrelease => '6', - :concat_basedir => '/dne', - :operatingsystem => 'RedHat', - :id => 'root', - :kernel => 'Linux', - :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', - :is_pe => false, - } - end - context 'single log file' do - let(:params) do - { - 'docroot' => '/rspec/docroot', - 'access_log_file' => 'my_log_file', - } - end - it { is_expected.to contain_concat__fragment('rspec.example.com-access_log').with( - :content => /^\s+CustomLog.*my_log_file" combined\s*$/ - )} - end - context 'single log file with environment' do - let(:params) do - { - 'docroot' => '/rspec/docroot', - 'access_log_file' => 'my_log_file', - 'access_log_env_var' => 'prod' - } - end - it { is_expected.to contain_concat__fragment('rspec.example.com-access_log').with( - :content => /^\s+CustomLog.*my_log_file" combined\s+env=prod$/ - )} - end - context 'multiple log files' do - let(:params) do - { - 'docroot' => '/rspec/docroot', - 'access_logs' => [ - { 'file' => '/tmp/log1', 'env' => 'dev' }, - { 'file' => 'log2' }, - { 'syslog' => 'syslog', 'format' => '%h %l' } - ], - } - end - it { is_expected.to contain_concat__fragment('rspec.example.com-access_log').with( - :content => /^\s+CustomLog "\/tmp\/log1"\s+combined\s+env=dev$/ - )} - it { is_expected.to contain_concat__fragment('rspec.example.com-access_log').with( - :content => /^\s+CustomLog "\/var\/log\/httpd\/log2"\s+combined\s*$/ - )} - it { is_expected.to contain_concat__fragment('rspec.example.com-access_log').with( - :content => /^\s+CustomLog "syslog" "%h %l"\s*$/ - )} - end - end # access logs - describe 'validation' do - let :default_facts do - { - :osfamily => 'RedHat', - :operatingsystemrelease => '6', - :concat_basedir => '/dne', - :operatingsystem => 'RedHat', - :id => 'root', - :kernel => 'Linux', - :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', - :is_pe => false, - } - end - context 'bad ensure' do - let :params do - { - 'docroot' => '/rspec/docroot', - 'ensure' => 'bogus', - } - end - let :facts do default_facts end - it { expect { is_expected.to compile }.to raise_error } - end - context 'bad suphp_engine' do - let :params do - { - 'docroot' => '/rspec/docroot', - 'suphp_engine' => 'bogus', - } - end - let :facts do default_facts end - it { expect { is_expected.to compile }.to raise_error } - end - context 'bad ip_based' do - let :params do - { - 'docroot' => '/rspec/docroot', - 'ip_based' => 'bogus', - } - end - let :facts do default_facts end - it { expect { is_expected.to compile }.to raise_error } - end - context 'bad access_log' do - let :params do - { - 'docroot' => '/rspec/docroot', - 'access_log' => 'bogus', - } - end - let :facts do default_facts end - it { expect { is_expected.to compile }.to raise_error } - end - context 'bad error_log' do - let :params do - { - 'docroot' => '/rspec/docroot', - 'error_log' => 'bogus', - } - end - let :facts do default_facts end - it { expect { is_expected.to compile }.to raise_error } - end - context 'bad_ssl' do - let :params do - { - 'docroot' => '/rspec/docroot', - 'ssl' => 'bogus', - } - end - let :facts do default_facts end - it { expect { is_expected.to compile }.to raise_error } - end - context 'bad default_vhost' do - let :params do - { - 'docroot' => '/rspec/docroot', - 'default_vhost' => 'bogus', - } - end - let :facts do default_facts end - it { expect { is_expected.to compile }.to raise_error } - end - context 'bad ssl_proxyengine' do - let :params do - { - 'docroot' => '/rspec/docroot', - 'ssl_proxyengine' => 'bogus', - } - end - let :facts do default_facts end - it { expect { is_expected.to compile }.to raise_error } - end - context 'bad rewrites' do - let :params do - { - 'docroot' => '/rspec/docroot', - 'rewrites' => 'bogus', - } - end - let :facts do default_facts end - it { expect { is_expected.to compile }.to raise_error } - end - context 'bad rewrites 2' do - let :params do - { - 'docroot' => '/rspec/docroot', - 'rewrites' => ['bogus'], - } - end - let :facts do default_facts end - it { expect { is_expected.to compile }.to raise_error } - end - context 'empty rewrites' do - let :params do - { - 'docroot' => '/rspec/docroot', - 'rewrites' => [], - } - end - let :facts do default_facts end - it { is_expected.to compile } - end - context 'bad suexec_user_group' do - let :params do - { - 'docroot' => '/rspec/docroot', - 'suexec_user_group' => 'bogus', - } - end - let :facts do default_facts end - it { expect { is_expected.to compile }.to raise_error } - end - context 'bad wsgi_script_alias' do - let :params do - { - 'docroot' => '/rspec/docroot', - 'wsgi_script_alias' => 'bogus', - } - end - let :facts do default_facts end - it { expect { is_expected.to compile }.to raise_error } - end - context 'bad wsgi_daemon_process_options' do - let :params do - { - 'docroot' => '/rspec/docroot', - 'wsgi_daemon_process_options' => 'bogus', - } - end - let :facts do default_facts end - it { expect { is_expected.to compile }.to raise_error } - end - context 'bad wsgi_import_script_alias' do - let :params do - { - 'docroot' => '/rspec/docroot', - 'wsgi_import_script_alias' => 'bogus', - } - end - let :facts do default_facts end - it { expect { is_expected.to compile }.to raise_error } - end - context 'bad itk' do - let :params do - { - 'docroot' => '/rspec/docroot', - 'itk' => 'bogus', - } - end - let :facts do default_facts end - it { expect { is_expected.to compile }.to raise_error } - end - context 'bad logroot_ensure' do - let :params do - { - 'docroot' => '/rspec/docroot', - 'log_level' => 'bogus', - } - end - let :facts do default_facts end - it { expect { is_expected.to compile }.to raise_error } - end - context 'bad log_level' do - let :params do - { - 'docroot' => '/rspec/docroot', - 'log_level' => 'bogus', - } - end - let :facts do default_facts end - it { expect { is_expected.to compile }.to raise_error } - end - context 'access_log_file and access_log_pipe' do - let :params do - { - 'docroot' => '/rspec/docroot', - 'access_log_file' => 'bogus', - 'access_log_pipe' => 'bogus', - } - end - let :facts do default_facts end - it { expect { is_expected.to compile }.to raise_error } - end - context 'error_log_file and error_log_pipe' do - let :params do - { - 'docroot' => '/rspec/docroot', - 'error_log_file' => 'bogus', - 'error_log_pipe' => 'bogus', - } - end - let :facts do default_facts end - it { expect { is_expected.to compile }.to raise_error } - end - context 'bad fallbackresource' do - let :params do - { - 'docroot' => '/rspec/docroot', - 'fallbackresource' => 'bogus', - } - end - let :facts do default_facts end - it { expect { is_expected.to compile }.to raise_error } - end - context 'bad custom_fragment' do - let :params do - { - 'docroot' => '/rspec/docroot', - 'custom_fragment' => true, - } - end - let :facts do default_facts end - it { expect { is_expected.to compile }.to raise_error } - end - context 'bad access_logs' do - let :params do - { - 'docroot' => '/rspec/docroot', - 'access_logs' => '/var/log/somewhere', - } - end - let :facts do default_facts end - it { expect { is_expected.to compile }.to raise_error } - end - context 'default of require all granted' do - let :params do - { - 'docroot' => '/var/www/foo', - 'directories' => [ - { - 'path' => '/var/www/foo/files', - 'provider' => 'files', - }, - ], - - } - end - let :facts do - { - :osfamily => 'RedHat', - :operatingsystemrelease => '7', - :concat_basedir => '/dne', - :operatingsystem => 'RedHat', - :id => 'root', - :kernel => 'Linux', - :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', - :kernelversion => '3.19.2', - :is_pe => false, - } - end - - it { is_expected.to compile } - it { is_expected.to contain_concat('25-rspec.example.com.conf') } - it { is_expected.to contain_concat__fragment('rspec.example.com-directories') } - it { is_expected.to contain_concat__fragment('rspec.example.com-directories').with( - :content => /^\s+Require all granted$/ ) } - end - context 'require unmanaged' do - let :params do - { - 'docroot' => '/var/www/foo', - 'directories' => [ - { - 'path' => '/var/www/foo', - 'require' => 'unmanaged', - }, - ], - - } - end - let :facts do - { - :osfamily => 'RedHat', - :operatingsystemrelease => '7', - :concat_basedir => '/dne', - :operatingsystem => 'RedHat', - :id => 'root', - :kernel => 'Linux', - :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', - :kernelversion => '3.19.2', - :is_pe => false, - } - end - - it { is_expected.to compile } - it { is_expected.to contain_concat('25-rspec.example.com.conf') } - it { is_expected.to contain_concat__fragment('rspec.example.com-directories') } - it { is_expected.to_not contain_concat__fragment('rspec.example.com-directories').with( - :content => /^\s+Require all granted$/ ) - } - end - end -end diff --git a/apache/spec/fixtures/files/negotiation.conf b/apache/spec/fixtures/files/negotiation.conf deleted file mode 100644 index c0bb8b9fd..000000000 --- a/apache/spec/fixtures/files/negotiation.conf +++ /dev/null @@ -1,4 +0,0 @@ -# This is a file only for spec testing - -LanguagePriority en ca cs da de el eo es et fr he hr it ja ko ltz nl nn no pl pt pt-BR ru sv zh-CN zh-TW -ForceLanguagePriority Prefer Fallback diff --git a/apache/spec/fixtures/files/spec b/apache/spec/fixtures/files/spec deleted file mode 100644 index 76e9a1446..000000000 --- a/apache/spec/fixtures/files/spec +++ /dev/null @@ -1 +0,0 @@ -# This is a file only for spec testing diff --git a/apache/spec/fixtures/modules/site_apache/templates/fake.conf.erb b/apache/spec/fixtures/modules/site_apache/templates/fake.conf.erb deleted file mode 100644 index 019debfe4..000000000 --- a/apache/spec/fixtures/modules/site_apache/templates/fake.conf.erb +++ /dev/null @@ -1 +0,0 @@ -Fake template for rspec. diff --git a/apache/spec/fixtures/templates/negotiation.conf.erb b/apache/spec/fixtures/templates/negotiation.conf.erb deleted file mode 100644 index 557502246..000000000 --- a/apache/spec/fixtures/templates/negotiation.conf.erb +++ /dev/null @@ -1,4 +0,0 @@ -# This is a template only for spec testing - -LanguagePriority en ca cs da de el eo es et fr he hr it ja ko ltz nl nn no pl pt pt-BR ru sv zh-CN zh-TW -ForceLanguagePriority Prefer Fallback diff --git a/apache/spec/spec.opts b/apache/spec/spec.opts deleted file mode 100644 index 91cd6427e..000000000 --- a/apache/spec/spec.opts +++ /dev/null @@ -1,6 +0,0 @@ ---format -s ---colour ---loadby -mtime ---backtrace diff --git a/apache/spec/spec_helper.rb b/apache/spec/spec_helper.rb deleted file mode 100644 index c48f49b1b..000000000 --- a/apache/spec/spec_helper.rb +++ /dev/null @@ -1,40 +0,0 @@ -require 'puppetlabs_spec_helper/module_spec_helper' - -RSpec.configure do |c| - c.before :each do - # Ensure that we don't accidentally cache facts and environment - # between test cases. - Facter::Util::Loader.any_instance.stubs(:load_all) - Facter.clear - Facter.clear_messages - - # Store any environment variables away to be restored later - @old_env = {} - ENV.each_key {|k| @old_env[k] = ENV[k]} - - if ENV['STRICT_VARIABLES'] == 'yes' - Puppet.settings[:strict_variables]=true - end - end -end - -shared_examples :compile, :compile => true do - it { should compile.with_all_deps } -end - -shared_examples 'a mod class, without including apache' do - let :facts do - { - :id => 'root', - :lsbdistcodename => 'squeeze', - :kernel => 'Linux', - :osfamily => 'Debian', - :operatingsystem => 'Debian', - :operatingsystemrelease => '6', - :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', - :concat_basedir => '/dne', - :is_pe => false, - } - end - it { should compile.with_all_deps } -end diff --git a/apache/spec/spec_helper_acceptance.rb b/apache/spec/spec_helper_acceptance.rb deleted file mode 100644 index b6ec0b585..000000000 --- a/apache/spec/spec_helper_acceptance.rb +++ /dev/null @@ -1,80 +0,0 @@ -require 'beaker-rspec/spec_helper' -require 'beaker-rspec/helpers/serverspec' -require 'beaker/puppet_install_helper' - -run_puppet_install_helper - -RSpec.configure do |c| - # apache on Ubuntu 10.04 and 12.04 doesn't like IPv6 VirtualHosts, so we skip ipv6 tests on those systems - if fact('operatingsystem') == 'Ubuntu' and (fact('operatingsystemrelease') == '10.04' or fact('operatingsystemrelease') == '12.04') - c.filter_run_excluding :ipv6 => true - end - - # Project root - proj_root = File.expand_path(File.join(File.dirname(__FILE__), '..')) - - # Readable test descriptions - c.formatter = :documentation - - # detect the situation where PUP-5016 is triggered and skip the idempotency tests in that case - # also note how fact('puppetversion') is not available because of PUP-4359 - if fact('osfamily') == 'Debian' && fact('operatingsystemmajrelease') == '8' && shell('puppet --version').stdout =~ /^4\.2/ - c.filter_run_excluding :skip_pup_5016 => true - end - - # Configure all nodes in nodeset - c.before :suite do - # net-tools required for netstat utility being used by be_listening - if fact('osfamily') == 'RedHat' && fact('operatingsystemmajrelease') == '7' - pp = <<-EOS - package { 'net-tools': ensure => installed } - EOS - - apply_manifest_on(agents, pp, :catch_failures => false) - end - - if fact('osfamily') == 'Debian' - # Make sure snake-oil certs are installed. - shell 'apt-get install -y ssl-cert' - end - - # Install module and dependencies - hosts.each do |host| - copy_module_to(host, :source => proj_root, :module_name => 'apache') - - on host, puppet('module','install','puppetlabs-stdlib') - on host, puppet('module','install','puppetlabs-concat') - - # Required for mod_passenger tests. - if fact('osfamily') == 'RedHat' - on host, puppet('module','install','stahnma/epel') - on host, puppet('module','install','puppetlabs/inifile') - #we need epel installed, so we can get plugins, wsgi, mime ... - pp = <<-EOS - class { 'epel': } - EOS - - apply_manifest_on(host, pp, :catch_failures => true) - end - - # Required for manifest to make mod_pagespeed repository available - if fact('osfamily') == 'Debian' - on host, puppet('module','install','puppetlabs-apt') - end - - # Make sure selinux is disabled so the tests work. - on host, puppet('apply', '-e', - %{"exec { 'setenforce 0': path => '/bin:/sbin:/usr/bin:/usr/sbin', onlyif => 'which setenforce && getenforce | grep Enforcing', }"}) - end - end -end - -shared_examples "a idempotent resource" do - it 'should apply with no errors' do - apply_manifest(pp, :catch_failures => true) - end - - it 'should apply a second time without changes', :skip_pup_5016 do - apply_manifest(pp, :catch_changes => true) - end -end diff --git a/apache/spec/unit/apache_version_spec.rb b/apache/spec/unit/apache_version_spec.rb deleted file mode 100644 index 30f6ef991..000000000 --- a/apache/spec/unit/apache_version_spec.rb +++ /dev/null @@ -1,20 +0,0 @@ -require 'spec_helper' - -describe Facter::Util::Fact do - before do - Facter.clear - end - - describe 'apache_version' do - context 'with value' do - before :each do - Facter::Util::Resolution.stubs(:which).with('apachectl').returns(true) - Facter::Util::Resolution.stubs(:exec).with('apachectl -v 2>&1').returns('Server version: Apache/2.4.16 (Unix) - Server built: Jul 31 2015 15:53:26') - end - it do - expect(Facter.fact(:apache_version).value).to eq('2.4.16') - end - end - end -end diff --git a/apache/spec/unit/provider/a2mod/gentoo_spec.rb b/apache/spec/unit/provider/a2mod/gentoo_spec.rb deleted file mode 100644 index e472745e9..000000000 --- a/apache/spec/unit/provider/a2mod/gentoo_spec.rb +++ /dev/null @@ -1,182 +0,0 @@ -require 'spec_helper' - -provider_class = Puppet::Type.type(:a2mod).provider(:gentoo) - -describe provider_class do - before :each do - provider_class.clear - end - - [:conf_file, :instances, :modules, :initvars, :conf_file, :clear].each do |method| - it "should respond to the class method #{method}" do - expect(provider_class).to respond_to(method) - end - end - - describe "when fetching modules" do - before do - @filetype = mock() - end - - it "should return a sorted array of the defined parameters" do - @filetype.expects(:read).returns(%Q{APACHE2_OPTS="-D FOO -D BAR -D BAZ"\n}) - provider_class.expects(:filetype).returns(@filetype) - - expect(provider_class.modules).to eq(%w{bar baz foo}) - end - - it "should cache the module list" do - @filetype.expects(:read).once.returns(%Q{APACHE2_OPTS="-D FOO -D BAR -D BAZ"\n}) - provider_class.expects(:filetype).once.returns(@filetype) - - 2.times { expect(provider_class.modules).to eq(%w{bar baz foo}) } - end - - it "should normalize parameters" do - @filetype.expects(:read).returns(%Q{APACHE2_OPTS="-D FOO -D BAR -D BAR"\n}) - provider_class.expects(:filetype).returns(@filetype) - - expect(provider_class.modules).to eq(%w{bar foo}) - end - end - - describe "when prefetching" do - it "should match providers to resources" do - provider = mock("ssl_provider", :name => "ssl") - resource = mock("ssl_resource") - resource.expects(:provider=).with(provider) - - provider_class.expects(:instances).returns([provider]) - provider_class.prefetch("ssl" => resource) - end - end - - describe "when flushing" do - before :each do - @filetype = mock() - @filetype.stubs(:backup) - provider_class.expects(:filetype).at_least_once.returns(@filetype) - - @info = mock() - @info.stubs(:[]).with(:name).returns("info") - @info.stubs(:provider=) - - @mpm = mock() - @mpm.stubs(:[]).with(:name).returns("mpm") - @mpm.stubs(:provider=) - - @ssl = mock() - @ssl.stubs(:[]).with(:name).returns("ssl") - @ssl.stubs(:provider=) - end - - it "should add modules whose ensure is present" do - @filetype.expects(:read).at_least_once.returns(%Q{APACHE2_OPTS=""}) - @filetype.expects(:write).with(%Q{APACHE2_OPTS="-D INFO"}) - - @info.stubs(:should).with(:ensure).returns(:present) - provider_class.prefetch("info" => @info) - - provider_class.flush - end - - it "should remove modules whose ensure is present" do - @filetype.expects(:read).at_least_once.returns(%Q{APACHE2_OPTS="-D INFO"}) - @filetype.expects(:write).with(%Q{APACHE2_OPTS=""}) - - @info.stubs(:should).with(:ensure).returns(:absent) - @info.stubs(:provider=) - provider_class.prefetch("info" => @info) - - provider_class.flush - end - - it "should not modify providers without resources" do - @filetype.expects(:read).at_least_once.returns(%Q{APACHE2_OPTS="-D INFO -D MPM"}) - @filetype.expects(:write).with(%Q{APACHE2_OPTS="-D MPM -D SSL"}) - - @info.stubs(:should).with(:ensure).returns(:absent) - provider_class.prefetch("info" => @info) - - @ssl.stubs(:should).with(:ensure).returns(:present) - provider_class.prefetch("ssl" => @ssl) - - provider_class.flush - end - - it "should write the modules in sorted order" do - @filetype.expects(:read).at_least_once.returns(%Q{APACHE2_OPTS=""}) - @filetype.expects(:write).with(%Q{APACHE2_OPTS="-D INFO -D MPM -D SSL"}) - - @mpm.stubs(:should).with(:ensure).returns(:present) - provider_class.prefetch("mpm" => @mpm) - @info.stubs(:should).with(:ensure).returns(:present) - provider_class.prefetch("info" => @info) - @ssl.stubs(:should).with(:ensure).returns(:present) - provider_class.prefetch("ssl" => @ssl) - - provider_class.flush - end - - it "should write the records back once" do - @filetype.expects(:read).at_least_once.returns(%Q{APACHE2_OPTS=""}) - @filetype.expects(:write).once.with(%Q{APACHE2_OPTS="-D INFO -D SSL"}) - - @info.stubs(:should).with(:ensure).returns(:present) - provider_class.prefetch("info" => @info) - - @ssl.stubs(:should).with(:ensure).returns(:present) - provider_class.prefetch("ssl" => @ssl) - - provider_class.flush - end - - it "should only modify the line containing APACHE2_OPTS" do - @filetype.expects(:read).at_least_once.returns(%Q{# Comment\nAPACHE2_OPTS=""\n# Another comment}) - @filetype.expects(:write).once.with(%Q{# Comment\nAPACHE2_OPTS="-D INFO"\n# Another comment}) - - @info.stubs(:should).with(:ensure).returns(:present) - provider_class.prefetch("info" => @info) - provider_class.flush - end - - it "should restore any arbitrary arguments" do - @filetype.expects(:read).at_least_once.returns(%Q{APACHE2_OPTS="-Y -D MPM -X"}) - @filetype.expects(:write).once.with(%Q{APACHE2_OPTS="-Y -X -D INFO -D MPM"}) - - @info.stubs(:should).with(:ensure).returns(:present) - provider_class.prefetch("info" => @info) - provider_class.flush - end - - it "should backup the file once if changes were made" do - @filetype.expects(:read).at_least_once.returns(%Q{APACHE2_OPTS=""}) - @filetype.expects(:write).once.with(%Q{APACHE2_OPTS="-D INFO -D SSL"}) - - @info.stubs(:should).with(:ensure).returns(:present) - provider_class.prefetch("info" => @info) - - @ssl.stubs(:should).with(:ensure).returns(:present) - provider_class.prefetch("ssl" => @ssl) - - @filetype.unstub(:backup) - @filetype.expects(:backup) - provider_class.flush - end - - it "should not write the file or run backups if no changes were made" do - @filetype.expects(:read).at_least_once.returns(%Q{APACHE2_OPTS="-X -D INFO -D SSL -Y"}) - @filetype.expects(:write).never - - @info.stubs(:should).with(:ensure).returns(:present) - provider_class.prefetch("info" => @info) - - @ssl.stubs(:should).with(:ensure).returns(:present) - provider_class.prefetch("ssl" => @ssl) - - @filetype.unstub(:backup) - @filetype.expects(:backup).never - provider_class.flush - end - end -end diff --git a/apache/spec/unit/puppet/parser/functions/bool2httpd_spec.rb b/apache/spec/unit/puppet/parser/functions/bool2httpd_spec.rb deleted file mode 100644 index 19d35e592..000000000 --- a/apache/spec/unit/puppet/parser/functions/bool2httpd_spec.rb +++ /dev/null @@ -1,53 +0,0 @@ -require 'spec_helper' - -describe "the bool2httpd function" do - let(:scope) { PuppetlabsSpec::PuppetInternals.scope } - - it "should exist" do - expect(Puppet::Parser::Functions.function("bool2httpd")).to eq("function_bool2httpd") - end - - it "should raise a ParseError if there is less than 1 arguments" do - expect { scope.function_bool2httpd([]) }.to( raise_error(Puppet::ParseError)) - end - - it "should convert true to 'On'" do - result = scope.function_bool2httpd([true]) - expect(result).to(eq('On')) - end - - it "should convert true to a string" do - result = scope.function_bool2httpd([true]) - expect(result.class).to(eq(String)) - end - - it "should convert false to 'Off'" do - result = scope.function_bool2httpd([false]) - expect(result).to(eq('Off')) - end - - it "should convert false to a string" do - result = scope.function_bool2httpd([false]) - expect(result.class).to(eq(String)) - end - - it "should accept (and return) any string" do - result = scope.function_bool2httpd(["mail"]) - expect(result).to(eq('mail')) - end - - it "should accept a nil value (and return Off)" do - result = scope.function_bool2httpd([nil]) - expect(result).to(eq('Off')) - end - - it "should accept an undef value (and return 'Off')" do - result = scope.function_bool2httpd([:undef]) - expect(result).to(eq('Off')) - end - - it "should return a default value on non-matches" do - result = scope.function_bool2httpd(['foo']) - expect(result).to(eq('foo')) - end -end diff --git a/apache/spec/unit/puppet/parser/functions/enclose_ipv6_spec.rb b/apache/spec/unit/puppet/parser/functions/enclose_ipv6_spec.rb deleted file mode 100644 index b162127d0..000000000 --- a/apache/spec/unit/puppet/parser/functions/enclose_ipv6_spec.rb +++ /dev/null @@ -1,69 +0,0 @@ -#! /usr/bin/env ruby -S rspec -require 'spec_helper' - -describe "the enclose_ipv6 function" do - let(:scope) { PuppetlabsSpec::PuppetInternals.scope } - - it "should exist" do - expect(Puppet::Parser::Functions.function("enclose_ipv6")).to eq("function_enclose_ipv6") - end - - it "should raise a ParseError if there is less than 1 arguments" do - expect { scope.function_enclose_ipv6([]) }.to( raise_error(Puppet::ParseError) ) - end - - it "should raise a ParseError if there is more than 1 arguments" do - expect { scope.function_enclose_ipv6(['argument1','argument2']) }.to( raise_error(Puppet::ParseError) ) - end - - it "should raise a ParseError when given garbage" do - expect { scope.function_enclose_ipv6(['garbage']) }.to( raise_error(Puppet::ParseError) ) - end - - it "should raise a ParseError when given something else than a string or an array" do - expect { scope.function_enclose_ipv6([['1' => '127.0.0.1']]) }.to( raise_error(Puppet::ParseError) ) - end - - it "should not raise a ParseError when given a single ip string" do - expect { scope.function_enclose_ipv6(['127.0.0.1']) }.to_not raise_error - end - - it "should not raise a ParseError when given * as ip string" do - expect { scope.function_enclose_ipv6(['*']) }.to_not raise_error - end - - it "should not raise a ParseError when given an array of ip strings" do - expect { scope.function_enclose_ipv6([['127.0.0.1','fe80::1']]) }.to_not raise_error - end - - it "should not raise a ParseError when given differently notations of ip addresses" do - expect { scope.function_enclose_ipv6([['127.0.0.1','fe80::1','[fe80::1]']]) }.to_not raise_error - end - - it "should raise a ParseError when given a wrong ipv4 address" do - expect { scope.function_enclose_ipv6(['127..0.0.1']) }.to( raise_error(Puppet::ParseError) ) - end - - it "should raise a ParseError when given a ipv4 address with square brackets" do - expect { scope.function_enclose_ipv6(['[127.0.0.1]']) }.to( raise_error(Puppet::ParseError) ) - end - - it "should raise a ParseError when given a wrong ipv6 address" do - expect { scope.function_enclose_ipv6(['fe80:::1']) }.to( raise_error(Puppet::ParseError) ) - end - - it "should embrace ipv6 adresses within an array of ip addresses" do - result = scope.function_enclose_ipv6([['127.0.0.1','fe80::1','[fe80::2]']]) - expect(result).to(eq(['127.0.0.1','[fe80::1]','[fe80::2]'])) - end - - it "should embrace a single ipv6 adresse" do - result = scope.function_enclose_ipv6(['fe80::1']) - expect(result).to(eq(['[fe80::1]'])) - end - - it "should not embrace a single ipv4 adresse" do - result = scope.function_enclose_ipv6(['127.0.0.1']) - expect(result).to(eq(['127.0.0.1'])) - end -end diff --git a/apache/spec/unit/puppet/parser/functions/validate_apache_log_level.rb b/apache/spec/unit/puppet/parser/functions/validate_apache_log_level.rb deleted file mode 100644 index dfef66eea..000000000 --- a/apache/spec/unit/puppet/parser/functions/validate_apache_log_level.rb +++ /dev/null @@ -1,39 +0,0 @@ -#! /usr/bin/env ruby -S rspec -require 'spec_helper' - -describe "the validate_apache_log_level function" do - let(:scope) { PuppetlabsSpec::PuppetInternals.scope } - - it "should exist" do - expect(Puppet::Parser::Functions.function("validate_apache_log_level")).to eq("function_validate_apache_log_level") - end - - it "should raise a ParseError if there is less than 1 arguments" do - expect { scope.function_validate_apache_log_level([]) }.to( raise_error(Puppet::ParseError) ) - end - - it "should raise a ParseError when given garbage" do - expect { scope.function_validate_apache_log_level(['garbage']) }.to( raise_error(Puppet::ParseError) ) - end - - it "should not raise a ParseError when given a plain log level" do - expect { scope.function_validate_apache_log_level(['info']) }.to_not raise_error - end - - it "should not raise a ParseError when given a log level and module log level" do - expect { scope.function_validate_apache_log_level(['warn ssl:info']) }.to_not raise_error - end - - it "should not raise a ParseError when given a log level and module log level" do - expect { scope.function_validate_apache_log_level(['warn mod_ssl.c:info']) }.to_not raise_error - end - - it "should not raise a ParseError when given a log level and module log level" do - expect { scope.function_validate_apache_log_level(['warn ssl_module:info']) }.to_not raise_error - end - - it "should not raise a ParseError when given a trace level" do - expect { scope.function_validate_apache_log_level(['trace4']) }.to_not raise_error - end - -end diff --git a/apache/templates/confd/no-accf.conf.erb b/apache/templates/confd/no-accf.conf.erb deleted file mode 100644 index 10e51644c..000000000 --- a/apache/templates/confd/no-accf.conf.erb +++ /dev/null @@ -1,4 +0,0 @@ - - AcceptFilter http none - AcceptFilter https none - diff --git a/apache/templates/fastcgi/server.erb b/apache/templates/fastcgi/server.erb deleted file mode 100644 index bae56d48e..000000000 --- a/apache/templates/fastcgi/server.erb +++ /dev/null @@ -1,22 +0,0 @@ -<% - timeout = " -idle-timeout #{@timeout}" - flush = "" - if @flush - flush = " -flush" - end - if @socket - host_or_socket = " -socket #{@socket}" - else - host_or_socket = " -host #{@host}" - end - - pass_header = "" - if @pass_header and ! @pass_header.empty? - pass_header = " -pass-header #{@pass_header}" - end - - options = timeout + flush + host_or_socket + pass_header --%> -FastCGIExternalServer <%= @faux_path %><%= options %> -Alias <%= @fcgi_alias %> <%= @faux_path %> -Action <%= @file_type %> <%= @fcgi_alias %> diff --git a/apache/templates/httpd.conf.erb b/apache/templates/httpd.conf.erb deleted file mode 100644 index 448d1fec5..000000000 --- a/apache/templates/httpd.conf.erb +++ /dev/null @@ -1,138 +0,0 @@ -# Security -ServerTokens <%= @server_tokens %> -ServerSignature <%= scope.function_bool2httpd([@server_signature]) %> -TraceEnable <%= scope.function_bool2httpd([@trace_enable]) %> - -ServerName "<%= @servername %>" -ServerRoot "<%= @server_root %>" -PidFile <%= @pidfile %> -Timeout <%= @timeout %> -KeepAlive <%= @keepalive %> -MaxKeepAliveRequests <%= @max_keepalive_requests %> -KeepAliveTimeout <%= @keepalive_timeout %> -LimitRequestFieldSize <%= @limitreqfieldsize %> - -<%- if @rewrite_lock and scope.function_versioncmp([@apache_version, '2.2']) <= 0 -%> -RewriteLock <%= @rewrite_lock %> -<%- end -%> - -User <%= @user %> -Group <%= @group %> - -AccessFileName .htaccess - -<%- if scope.function_versioncmp([@apache_version, '2.4']) >= 0 -%> - Require all denied -<%- else -%> - Order allow,deny - Deny from all - Satisfy all -<%- end -%> - - - - Options <%= Array(@root_directory_options).join(' ') %> - AllowOverride None - - -<% if @default_charset -%> -AddDefaultCharset <%= @default_charset %> -<% end -%> - -<%- if scope.function_versioncmp([@apache_version, '2.4']) < 0 -%> -DefaultType <%= @default_type %> -<%- end -%> -HostnameLookups Off -ErrorLog "<%= @logroot %>/<%= @error_log %>" -LogLevel <%= @log_level %> -EnableSendfile <%= @sendfile %> -<%- if @allow_encoded_slashes -%> -AllowEncodedSlashes <%= @allow_encoded_slashes %> -<%- end -%> - -#Listen 80 - -<% if @apxs_workaround -%> -# Workaround: without this hack apxs would be confused about where to put -# LoadModule directives and fail entire procedure of apache package -# installation/reinstallation. This problem was observed on FreeBSD (apache22). -#LoadModule fake_module libexec/apache22/mod_fake.so -<% end -%> - -Include "<%= @mod_load_dir %>/*.load" -<% if @mod_load_dir != @confd_dir and @mod_load_dir != @vhost_load_dir -%> -Include "<%= @mod_load_dir %>/*.conf" -<% end -%> -Include "<%= @ports_file %>" - -<% unless @log_formats.has_key?('combined') -%> -LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined -<% end -%> -<% unless @log_formats.has_key?('common') -%> -LogFormat "%h %l %u %t \"%r\" %>s %b" common -<% end -%> -<% unless @log_formats.has_key?('referer') -%> -LogFormat "%{Referer}i -> %U" referer -<% end -%> -<% unless @log_formats.has_key?('agent') -%> -LogFormat "%{User-agent}i" agent -<% end -%> -<% unless @log_formats.has_key?('forwarded') -%> -LogFormat "%{X-Forwarded-For}i %l %u %t \"%r\" %s %b \"%{Referer}i\" \"%{User-agent}i\"" forwarded -<% end -%> -<% if @log_formats and !@log_formats.empty? -%> - <%- @log_formats.sort.each do |nickname,format| -%> -LogFormat "<%= format -%>" <%= nickname %> - <%- end -%> -<% end -%> - -<%- if scope.function_versioncmp([@apache_version, '2.4']) >= 0 -%> -IncludeOptional "<%= @confd_dir %>/*.conf" -<%- else -%> -Include "<%= @confd_dir %>/*.conf" -<%- end -%> -<% if @vhost_load_dir != @confd_dir -%> -<%- if scope.function_versioncmp([@apache_version, '2.4']) >= 0 -%> -IncludeOptional "<%= @vhost_load_dir %>/<%= @vhost_include_pattern %>" -<%- else -%> -Include "<%= @vhost_load_dir %>/<%= @vhost_include_pattern %>" -<%- end -%> -<% end -%> - -<% if @error_documents -%> -# /usr/share/apache2/error on debian -Alias /error/ "<%= @error_documents_path %>/" - -"> - AllowOverride None - Options IncludesNoExec - AddOutputFilter Includes html - AddHandler type-map var -<%- if scope.function_versioncmp([@apache_version, '2.4']) >= 0 -%> - Require all granted -<%- else -%> - Order allow,deny - Allow from all -<%- end -%> - LanguagePriority en cs de es fr it nl sv pt-br ro - ForceLanguagePriority Prefer Fallback - - -ErrorDocument 400 /error/HTTP_BAD_REQUEST.html.var -ErrorDocument 401 /error/HTTP_UNAUTHORIZED.html.var -ErrorDocument 403 /error/HTTP_FORBIDDEN.html.var -ErrorDocument 404 /error/HTTP_NOT_FOUND.html.var -ErrorDocument 405 /error/HTTP_METHOD_NOT_ALLOWED.html.var -ErrorDocument 408 /error/HTTP_REQUEST_TIME_OUT.html.var -ErrorDocument 410 /error/HTTP_GONE.html.var -ErrorDocument 411 /error/HTTP_LENGTH_REQUIRED.html.var -ErrorDocument 412 /error/HTTP_PRECONDITION_FAILED.html.var -ErrorDocument 413 /error/HTTP_REQUEST_ENTITY_TOO_LARGE.html.var -ErrorDocument 414 /error/HTTP_REQUEST_URI_TOO_LARGE.html.var -ErrorDocument 415 /error/HTTP_UNSUPPORTED_MEDIA_TYPE.html.var -ErrorDocument 500 /error/HTTP_INTERNAL_SERVER_ERROR.html.var -ErrorDocument 501 /error/HTTP_NOT_IMPLEMENTED.html.var -ErrorDocument 502 /error/HTTP_BAD_GATEWAY.html.var -ErrorDocument 503 /error/HTTP_SERVICE_UNAVAILABLE.html.var -ErrorDocument 506 /error/HTTP_VARIANT_ALSO_VARIES.html.var -<% end -%> diff --git a/apache/templates/listen.erb b/apache/templates/listen.erb deleted file mode 100644 index 8fc871b0a..000000000 --- a/apache/templates/listen.erb +++ /dev/null @@ -1,6 +0,0 @@ -<%# Listen should always be one of: - - - - : - - [ --%> -Listen <%= @listen_addr_port %> diff --git a/apache/templates/mod/alias.conf.erb b/apache/templates/mod/alias.conf.erb deleted file mode 100644 index 8580f707c..000000000 --- a/apache/templates/mod/alias.conf.erb +++ /dev/null @@ -1,13 +0,0 @@ - -Alias /icons/ "<%= @icons_path %>/" -"> - Options <%= @icons_options %> - AllowOverride None -<%- if scope.function_versioncmp([@_apache_version, '2.4']) >= 0 -%> - Require all granted -<%- else -%> - Order allow,deny - Allow from all -<%- end -%> - - diff --git a/apache/templates/mod/auth_cas.conf.erb b/apache/templates/mod/auth_cas.conf.erb deleted file mode 100644 index 926bd65f5..000000000 --- a/apache/templates/mod/auth_cas.conf.erb +++ /dev/null @@ -1,40 +0,0 @@ -CASCookiePath <%= @cas_cookie_path %> -CASLoginURL <%= @cas_login_url %> -CASValidateURL <%= @cas_validate_url %> - -CASVersion <%= @cas_version %> -CASDebug <%= @cas_debug %> - -<% if @cas_certificate_path -%> -CASCertificatePath <%= @cas_certificate_path %> -<% end -%> -<% if @cas_proxy_validate_url -%> -CASProxyValidateURL <%= @cas_proxy_validate_url %> -<% end -%> -<% if @cas_validate_depth -%> -CASValidateDepth <%= @cas_validate_depth %> -<% end -%> -<% if @cas_root_proxied_as -%> -CASRootProxiedAs <%= @cas_root_proxied_as %> -<% end -%> -<% if @cas_cookie_entropy -%> -CASCookieEntropy <%= @cas_cookie_entropy %> -<% end -%> -<% if @cas_timeout -%> -CASTimeout <%= @cas_timeout %> -<% end -%> -<% if @cas_idle_timeout -%> -CASIdleTimeout <%= @cas_idle_timeout %> -<% end -%> -<% if @cas_cache_clean_interval -%> -CASCacheCleanInterval <%= @cas_cache_clean_interval %> -<% end -%> -<% if @cas_cookie_domain -%> -CASCookieDomain <%= @cas_cookie_domain %> -<% end -%> -<% if @cas_cookie_http_only -%> -CASCookieHttpOnly <%= @cas_cookie_http_only %> -<% end -%> -<% if @cas_authoritative -%> -CASAuthoritative <%= @cas_authoritative %> -<% end -%> diff --git a/apache/templates/mod/auth_mellon.conf.erb b/apache/templates/mod/auth_mellon.conf.erb deleted file mode 100644 index e36a73390..000000000 --- a/apache/templates/mod/auth_mellon.conf.erb +++ /dev/null @@ -1,21 +0,0 @@ -<%- if @mellon_cache_size -%> -MellonCacheSize <%= @mellon_cache_size %> -<%- end -%> -<%- if @mellon_cache_entry_size -%> -MellonCacheEntrySize <%= @mellon_cache_entry_size %> -<%- end -%> -<%- if @mellon_lock_file -%> -MellonLockFile "<%= @mellon_lock_file %>" -<%- end -%> -<%- if @mellon_post_directory -%> -MellonPostDirectory "<%= @mellon_post_directory %>" -<%- end -%> -<%- if @mellon_post_ttl -%> -MellonPostTTL <%= @mellon_post_ttl %> -<%- end -%> -<%- if @mellon_post_size -%> -MellonPostSize <%= @mellon_post_size %> -<%- end -%> -<%- if @mellon_post_count -%> -MellonPostCount <%= @mellon_post_count %> -<%- end -%> diff --git a/apache/templates/mod/authnz_ldap.conf.erb b/apache/templates/mod/authnz_ldap.conf.erb deleted file mode 100644 index 8d73b239d..000000000 --- a/apache/templates/mod/authnz_ldap.conf.erb +++ /dev/null @@ -1,5 +0,0 @@ -<% if @_verify_server_cert == true -%> -LDAPVerifyServerCert On -<% else -%> -LDAPVerifyServerCert Off -<% end -%> diff --git a/apache/templates/mod/autoindex.conf.erb b/apache/templates/mod/autoindex.conf.erb deleted file mode 100644 index ef6bbebea..000000000 --- a/apache/templates/mod/autoindex.conf.erb +++ /dev/null @@ -1,56 +0,0 @@ -IndexOptions FancyIndexing VersionSort HTMLTable NameWidth=* DescriptionWidth=* Charset=UTF-8 -AddIconByEncoding (CMP,/icons/compressed.gif) x-compress x-gzip x-bzip2 - -AddIconByType (TXT,/icons/text.gif) text/* -AddIconByType (IMG,/icons/image2.gif) image/* -AddIconByType (SND,/icons/sound2.gif) audio/* -AddIconByType (VID,/icons/movie.gif) video/* - -AddIcon /icons/binary.gif .bin .exe -AddIcon /icons/binhex.gif .hqx -AddIcon /icons/tar.gif .tar -AddIcon /icons/world2.gif .wrl .wrl.gz .vrml .vrm .iv -AddIcon /icons/compressed.gif .Z .z .tgz .gz .zip -AddIcon /icons/a.gif .ps .ai .eps -AddIcon /icons/layout.gif .html .shtml .htm .pdf -AddIcon /icons/text.gif .txt -AddIcon /icons/c.gif .c -AddIcon /icons/p.gif .pl .py -AddIcon /icons/f.gif .for -AddIcon /icons/dvi.gif .dvi -AddIcon /icons/uuencoded.gif .uu -AddIcon /icons/script.gif .conf .sh .shar .csh .ksh .tcl -AddIcon /icons/tex.gif .tex -AddIcon /icons/bomb.gif /core -AddIcon (SND,/icons/sound2.gif) .ogg -AddIcon (VID,/icons/movie.gif) .ogm - -AddIcon /icons/back.gif .. -AddIcon /icons/hand.right.gif README -AddIcon /icons/folder.gif ^^DIRECTORY^^ -AddIcon /icons/blank.gif ^^BLANKICON^^ - -AddIcon /icons/odf6odt-20x22.png .odt -AddIcon /icons/odf6ods-20x22.png .ods -AddIcon /icons/odf6odp-20x22.png .odp -AddIcon /icons/odf6odg-20x22.png .odg -AddIcon /icons/odf6odc-20x22.png .odc -AddIcon /icons/odf6odf-20x22.png .odf -AddIcon /icons/odf6odb-20x22.png .odb -AddIcon /icons/odf6odi-20x22.png .odi -AddIcon /icons/odf6odm-20x22.png .odm - -AddIcon /icons/odf6ott-20x22.png .ott -AddIcon /icons/odf6ots-20x22.png .ots -AddIcon /icons/odf6otp-20x22.png .otp -AddIcon /icons/odf6otg-20x22.png .otg -AddIcon /icons/odf6otc-20x22.png .otc -AddIcon /icons/odf6otf-20x22.png .otf -AddIcon /icons/odf6oti-20x22.png .oti -AddIcon /icons/odf6oth-20x22.png .oth - -DefaultIcon /icons/unknown.gif -ReadmeName README.html -HeaderName HEADER.html - -IndexIgnore .??* *~ *# HEADER* README* RCS CVS *,v *,t diff --git a/apache/templates/mod/cgid.conf.erb b/apache/templates/mod/cgid.conf.erb deleted file mode 100644 index 5f82d7424..000000000 --- a/apache/templates/mod/cgid.conf.erb +++ /dev/null @@ -1 +0,0 @@ -ScriptSock "<%= @cgisock_path %>" diff --git a/apache/templates/mod/dav_fs.conf.erb b/apache/templates/mod/dav_fs.conf.erb deleted file mode 100644 index 3c53e9e14..000000000 --- a/apache/templates/mod/dav_fs.conf.erb +++ /dev/null @@ -1 +0,0 @@ -DAVLockDB "<%= @dav_lock %>" diff --git a/apache/templates/mod/deflate.conf.erb b/apache/templates/mod/deflate.conf.erb deleted file mode 100644 index ede8b2e76..000000000 --- a/apache/templates/mod/deflate.conf.erb +++ /dev/null @@ -1,7 +0,0 @@ -<%- @types.sort.each do |type| -%> -AddOutputFilterByType DEFLATE <%= type %> -<%- end -%> - -<%- @notes.sort.each do |type,note| -%> -DeflateFilterNote <%= type %> <%=note %> -<%- end -%> diff --git a/apache/templates/mod/dir.conf.erb b/apache/templates/mod/dir.conf.erb deleted file mode 100644 index 741f6ae03..000000000 --- a/apache/templates/mod/dir.conf.erb +++ /dev/null @@ -1 +0,0 @@ -DirectoryIndex <%= @indexes.join(' ') %> diff --git a/apache/templates/mod/disk_cache.conf.erb b/apache/templates/mod/disk_cache.conf.erb deleted file mode 100644 index b1b460e52..000000000 --- a/apache/templates/mod/disk_cache.conf.erb +++ /dev/null @@ -1,4 +0,0 @@ -CacheEnable disk / -CacheRoot "<%= @_cache_root %>" -CacheDirLevels 2 -CacheDirLength 1 diff --git a/apache/templates/mod/event.conf.erb b/apache/templates/mod/event.conf.erb deleted file mode 100644 index 970ce088c..000000000 --- a/apache/templates/mod/event.conf.erb +++ /dev/null @@ -1,13 +0,0 @@ - - ServerLimit <%= @serverlimit %> - StartServers <%= @startservers %> - MaxClients <%= @maxclients %> - MinSpareThreads <%= @minsparethreads %> - MaxSpareThreads <%= @maxsparethreads %> - ThreadsPerChild <%= @threadsperchild %> - MaxRequestsPerChild <%= @maxrequestsperchild %> - ThreadLimit <%= @threadlimit %> - ListenBacklog <%= @listenbacklog %> - MaxRequestWorkers <%= @maxrequestworkers %> - MaxConnectionsPerChild <%= @maxconnectionsperchild %> - diff --git a/apache/templates/mod/expires.conf.erb b/apache/templates/mod/expires.conf.erb deleted file mode 100644 index 7660cfcd0..000000000 --- a/apache/templates/mod/expires.conf.erb +++ /dev/null @@ -1,11 +0,0 @@ -ExpiresActive <%= scope.function_bool2httpd([@expires_active]) %> -<%- if ! @expires_default.nil? and ! @expires_default.empty? -%> -ExpiresDefault "<%= @expires_default %>" -<%- end -%> -<%- if ! @expires_by_type.nil? and ! @expires_by_type.empty? -%> -<%- [@expires_by_type].flatten.each do |line| -%> -<%- line.map do |type, seconds| -%> -ExpiresByType <%= type %> "<%= seconds -%>" -<%- end -%> -<%- end -%> -<%- end -%> diff --git a/apache/templates/mod/ext_filter.conf.erb b/apache/templates/mod/ext_filter.conf.erb deleted file mode 100644 index 67f98fd4c..000000000 --- a/apache/templates/mod/ext_filter.conf.erb +++ /dev/null @@ -1,6 +0,0 @@ -# mod_ext_filter definitions -<%- if @ext_filter_define.length >= 1 -%> -<%- @ext_filter_define.keys.sort.each do |name| -%> -ExtFilterDefine <%= name %> <%= @ext_filter_define[name] %> -<%- end -%> -<%- end -%> diff --git a/apache/templates/mod/fastcgi.conf.erb b/apache/templates/mod/fastcgi.conf.erb deleted file mode 100644 index 93c8d86ab..000000000 --- a/apache/templates/mod/fastcgi.conf.erb +++ /dev/null @@ -1,8 +0,0 @@ -# The Fastcgi Apache module configuration file is being -# managed by Puppet and changes will be overwritten. - - - SetHandler fastcgi-script - - FastCgiIpcDir "<%= @fastcgi_lib_path %>" - diff --git a/apache/templates/mod/fcgid.conf.erb b/apache/templates/mod/fcgid.conf.erb deleted file mode 100644 index a82bc30df..000000000 --- a/apache/templates/mod/fcgid.conf.erb +++ /dev/null @@ -1,5 +0,0 @@ - -<% @options.sort_by {|key, value| key}.each do |key, value| -%> - <%= key %> <%= value %> -<% end -%> - diff --git a/apache/templates/mod/geoip.conf.erb b/apache/templates/mod/geoip.conf.erb deleted file mode 100644 index 00e61d98b..000000000 --- a/apache/templates/mod/geoip.conf.erb +++ /dev/null @@ -1,25 +0,0 @@ -GeoIPEnable <%= scope.function_bool2httpd([@enable]) %> - -<%- if @db_file and ! [ false, 'false', '' ].include?(@db_file) -%> - <%- if @db_file.kind_of?(Array) -%> - <%- Array(@db_file).each do |file| -%> -GeoIPDBFile <%= file %> <%= @flag %> - <%- end -%> - <%- else -%> -GeoIPDBFile <%= @db_file %> <%= @flag %> - <%- end -%> -<%- end -%> -GeoIPOutput <%= @output %> -<% if ! @enable_utf8.nil? -%> -GeoIPEnableUTF8 <%= scope.function_bool2httpd([@enable_utf8]) %> -<% end -%> -<% if ! @scan_proxy_headers.nil? -%> -GeoIPScanProxyHeaders <%= scope.function_bool2httpd([@scan_proxy_headers]) %> -<% end -%> -<% if ! @scan_proxy_header_field.nil? -%> -GeoIPScanProxyHeaderField <%= @scan_proxy_header_field %> -<% end -%> -<% if ! @use_last_xforwarededfor_ip.nil? -%> -GeoIPUseLastXForwardedForIP <%= scope.function_bool2httpd([@use_last_xforwarededfor_ip]) %> -<% end -%> - diff --git a/apache/templates/mod/info.conf.erb b/apache/templates/mod/info.conf.erb deleted file mode 100644 index dd79ecea8..000000000 --- a/apache/templates/mod/info.conf.erb +++ /dev/null @@ -1,19 +0,0 @@ - - SetHandler server-info -<%- if @restrict_access -%> - <%- if scope.function_versioncmp([@_apache_version, '2.4']) >= 0 -%> - Require ip <%= Array(@allow_from).join(" ") %> - <%- else -%> - Order deny,allow - Deny from all - <%- if @allow_from and ! @allow_from.empty? -%> - <%- @allow_from.each do |allowed| -%> - Allow from <%= allowed %> - <%- end -%> - <%- else -%> - Allow from 127.0.0.1 - Allow from ::1 - <%- end -%> - <%- end -%> -<%- end -%> - diff --git a/apache/templates/mod/itk.conf.erb b/apache/templates/mod/itk.conf.erb deleted file mode 100644 index f45f2b35d..000000000 --- a/apache/templates/mod/itk.conf.erb +++ /dev/null @@ -1,8 +0,0 @@ - - StartServers <%= @startservers %> - MinSpareServers <%= @minspareservers %> - MaxSpareServers <%= @maxspareservers %> - ServerLimit <%= @serverlimit %> - MaxClients <%= @maxclients %> - MaxRequestsPerChild <%= @maxrequestsperchild %> - diff --git a/apache/templates/mod/ldap.conf.erb b/apache/templates/mod/ldap.conf.erb deleted file mode 100644 index 5ac0c1c54..000000000 --- a/apache/templates/mod/ldap.conf.erb +++ /dev/null @@ -1,29 +0,0 @@ - - SetHandler ldap-status - <%- if scope.function_versioncmp([@_apache_version, '2.4']) >= 0 -%> - Require ip 127.0.0.1 ::1 - <%- else -%> - Order deny,allow - Deny from all - Allow from 127.0.0.1 ::1 - Satisfy all - <%- end -%> - -<% if @ldap_trusted_global_cert_file -%> -LDAPTrustedGlobalCert <%= @ldap_trusted_global_cert_type %> <%= @ldap_trusted_global_cert_file %> -<% end -%> -<%- if @ldap_shared_cache_size -%> -LDAPSharedCacheSize <%= @ldap_shared_cache_size %> -<%- end -%> -<%- if @ldap_cache_entries -%> -LDAPCacheEntries <%= @ldap_cache_entries %> -<%- end -%> -<%- if @ldap_cache_ttl -%> -LDAPCacheTTL <%= @ldap_cache_ttl %> -<%- end -%> -<%- if @ldap_opcache_entries -%> -LDAPOpCacheEntries <%= @ldap_opcache_entries %> -<%- end -%> -<%- if @ldap_opcache_ttl -%> -LDAPOpCacheTTL <%= @ldap_opcache_ttl %> -<%- end -%> diff --git a/apache/templates/mod/load.erb b/apache/templates/mod/load.erb deleted file mode 100644 index 51f45edb2..000000000 --- a/apache/templates/mod/load.erb +++ /dev/null @@ -1,7 +0,0 @@ -<% if @loadfiles -%> -<% Array(@loadfiles).each do |loadfile| -%> -LoadFile <%= loadfile %> -<% end -%> - -<% end -%> -LoadModule <%= @_id %> <%= @_path %> diff --git a/apache/templates/mod/mime.conf.erb b/apache/templates/mod/mime.conf.erb deleted file mode 100644 index 46d021c21..000000000 --- a/apache/templates/mod/mime.conf.erb +++ /dev/null @@ -1,38 +0,0 @@ -TypesConfig <%= @mime_types_config %> - -AddType application/x-compress .Z -AddType application/x-gzip .gz .tgz -AddType application/x-bzip2 .bz2 - -AddLanguage ca .ca -AddLanguage cs .cz .cs -AddLanguage da .dk -AddLanguage de .de -AddLanguage el .el -AddLanguage en .en -AddLanguage eo .eo -AddLanguage es .es -AddLanguage et .et -AddLanguage fr .fr -AddLanguage he .he -AddLanguage hr .hr -AddLanguage it .it -AddLanguage ja .ja -AddLanguage ko .ko -AddLanguage ltz .ltz -AddLanguage nl .nl -AddLanguage nn .nn -AddLanguage no .no -AddLanguage pl .po -AddLanguage pt .pt -AddLanguage pt-BR .pt-br -AddLanguage ru .ru -AddLanguage sv .sv -AddLanguage zh-CN .zh-cn -AddLanguage zh-TW .zh-tw - -<%- @_mime_types_additional.sort.each do |add_mime, config| -%> - <%- config.each do |type, extension| %> -<%= add_mime %> <%= type %> <%= extension%> - <%- end -%> -<% end %> diff --git a/apache/templates/mod/mime_magic.conf.erb b/apache/templates/mod/mime_magic.conf.erb deleted file mode 100644 index cbc173deb..000000000 --- a/apache/templates/mod/mime_magic.conf.erb +++ /dev/null @@ -1 +0,0 @@ -MIMEMagicFile "<%= @_magic_file %>" diff --git a/apache/templates/mod/mpm_event.conf.erb b/apache/templates/mod/mpm_event.conf.erb deleted file mode 100644 index eb6f1ff5f..000000000 --- a/apache/templates/mod/mpm_event.conf.erb +++ /dev/null @@ -1,9 +0,0 @@ - - StartServers 2 - MinSpareThreads 25 - MaxSpareThreads 75 - ThreadLimit 64 - ThreadsPerChild 25 - MaxClients 150 - MaxRequestsPerChild 0 - diff --git a/apache/templates/mod/negotiation.conf.erb b/apache/templates/mod/negotiation.conf.erb deleted file mode 100644 index 2fb4700d6..000000000 --- a/apache/templates/mod/negotiation.conf.erb +++ /dev/null @@ -1,2 +0,0 @@ -LanguagePriority <%= Array(@language_priority).join(' ') %> -ForceLanguagePriority <%= Array(@force_language_priority).join(' ') %> diff --git a/apache/templates/mod/nss.conf.erb b/apache/templates/mod/nss.conf.erb deleted file mode 100644 index 36f83d865..000000000 --- a/apache/templates/mod/nss.conf.erb +++ /dev/null @@ -1,228 +0,0 @@ -# -# This is the Apache server configuration file providing SSL support using. -# the mod_nss plugin. It contains the configuration directives to instruct -# the server how to serve pages over an https connection. -# -# Do NOT simply read the instructions in here without understanding -# what they do. They're here only as hints or reminders. If you are unsure -# consult the online docs. You have been warned. -# - -#LoadModule nss_module modules/libmodnss.so - -# -# When we also provide SSL we have to listen to the -# standard HTTP port (see above) and to the HTTPS port -# -# Note: Configurations that use IPv6 but not IPv4-mapped addresses need two -# Listen directives: "Listen [::]:8443" and "Listen 0.0.0.0:443" -# -Listen <%= @port %> - -## -## SSL Global Context -## -## All SSL configuration in this context applies both to -## the main server and all SSL-enabled virtual hosts. -## - -# -# Some MIME-types for downloading Certificates and CRLs -# -AddType application/x-x509-ca-cert .crt -AddType application/x-pkcs7-crl .crl - -# Pass Phrase Dialog: -# Configure the pass phrase gathering process. -# The filtering dialog program (`builtin' is a internal -# terminal dialog) has to provide the pass phrase on stdout. -<% if @passwd_file -%> -NSSPassPhraseDialog "file:<%= @passwd_file %>" -<% else -%> -NSSPassPhraseDialog builtin -<% end -%> - -# Pass Phrase Helper: -# This helper program stores the token password pins between -# restarts of Apache. -NSSPassPhraseHelper /usr/sbin/nss_pcache - -# Configure the SSL Session Cache. -# NSSSessionCacheSize is the number of entries in the cache. -# NSSSessionCacheTimeout is the SSL2 session timeout (in seconds). -# NSSSession3CacheTimeout is the SSL3/TLS session timeout (in seconds). -NSSSessionCacheSize 10000 -NSSSessionCacheTimeout 100 -NSSSession3CacheTimeout 86400 - -# -# Pseudo Random Number Generator (PRNG): -# Configure one or more sources to seed the PRNG of the SSL library. -# The seed data should be of good random quality. -# WARNING! On some platforms /dev/random blocks if not enough entropy -# is available. Those platforms usually also provide a non-blocking -# device, /dev/urandom, which may be used instead. -# -# This does not support seeding the RNG with each connection. - -NSSRandomSeed startup builtin -#NSSRandomSeed startup file:/dev/random 512 -#NSSRandomSeed startup file:/dev/urandom 512 - -# -# TLS Negotiation configuration under RFC 5746 -# -# Only renegotiate if the peer's hello bears the TLS renegotiation_info -# extension. Default off. -NSSRenegotiation off - -# Peer must send Signaling Cipher Suite Value (SCSV) or -# Renegotiation Info (RI) extension in ALL handshakes. Default: off -NSSRequireSafeNegotiation off - -## -## SSL Virtual Host Context -## - -> - -# General setup for the virtual host -#DocumentRoot "/etc/httpd/htdocs" -#ServerName www.example.com:8443 -#ServerAdmin you@example.com - -# mod_nss can log to separate log files, you can choose to do that if you'd like -# LogLevel is not inherited from httpd.conf. -ErrorLog "<%= @error_log %>" -TransferLog "<%= @transfer_log %>" -LogLevel warn - -# SSL Engine Switch: -# Enable/Disable SSL for this virtual host. -NSSEngine on - -# SSL Cipher Suite: -# List the ciphers that the client is permitted to negotiate. -# See the mod_nss documentation for a complete list. - -# SSL 3 ciphers. SSL 2 is disabled by default. -NSSCipherSuite +rsa_rc4_128_md5,+rsa_rc4_128_sha,+rsa_3des_sha,-rsa_des_sha,-rsa_rc4_40_md5,-rsa_rc2_40_md5,-rsa_null_md5,-rsa_null_sha,+fips_3des_sha,-fips_des_sha,-fortezza,-fortezza_rc4_128_sha,-fortezza_null,-rsa_des_56_sha,-rsa_rc4_56_sha,+rsa_aes_128_sha,+rsa_aes_256_sha - -# SSL 3 ciphers + ECC ciphers. SSL 2 is disabled by default. -# -# Comment out the NSSCipherSuite line above and use the one below if you have -# ECC enabled NSS and mod_nss and want to use Elliptical Curve Cryptography -#NSSCipherSuite +rsa_rc4_128_md5,+rsa_rc4_128_sha,+rsa_3des_sha,-rsa_des_sha,-rsa_rc4_40_md5,-rsa_rc2_40_md5,-rsa_null_md5,-rsa_null_sha,+fips_3des_sha,-fips_des_sha,-fortezza,-fortezza_rc4_128_sha,-fortezza_null,-rsa_des_56_sha,-rsa_rc4_56_sha,+rsa_aes_128_sha,+rsa_aes_256_sha,-ecdh_ecdsa_null_sha,+ecdh_ecdsa_rc4_128_sha,+ecdh_ecdsa_3des_sha,+ecdh_ecdsa_aes_128_sha,+ecdh_ecdsa_aes_256_sha,-ecdhe_ecdsa_null_sha,+ecdhe_ecdsa_rc4_128_sha,+ecdhe_ecdsa_3des_sha,+ecdhe_ecdsa_aes_128_sha,+ecdhe_ecdsa_aes_256_sha,-ecdh_rsa_null_sha,+ecdh_rsa_128_sha,+ecdh_rsa_3des_sha,+ecdh_rsa_aes_128_sha,+ecdh_rsa_aes_256_sha,-echde_rsa_null,+ecdhe_rsa_rc4_128_sha,+ecdhe_rsa_3des_sha,+ecdhe_rsa_aes_128_sha,+ecdhe_rsa_aes_256_sha - -# SSL Protocol: -# Cryptographic protocols that provide communication security. -# NSS handles the specified protocols as "ranges", and automatically -# negotiates the use of the strongest protocol for a connection starting -# with the maximum specified protocol and downgrading as necessary to the -# minimum specified protocol that can be used between two processes. -# Since all protocol ranges are completely inclusive, and no protocol in the -# middle of a range may be excluded, the entry "NSSProtocol TLSv1.0,TLSv1.2" -# is identical to the entry "NSSProtocol TLSv1.0,TLSv1.1,TLSv1.2". -NSSProtocol TLSv1.0,TLSv1.1 - -# SSL Certificate Nickname: -# The nickname of the RSA server certificate you are going to use. -NSSNickname Server-Cert - -# SSL Certificate Nickname: -# The nickname of the ECC server certificate you are going to use, if you -# have an ECC-enabled version of NSS and mod_nss -#NSSECCNickname Server-Cert-ecc - -# Server Certificate Database: -# The NSS security database directory that holds the certificates and -# keys. The database consists of 3 files: cert8.db, key3.db and secmod.db. -# Provide the directory that these files exist. -NSSCertificateDatabase "<%= @httpd_dir -%>/alias" - -# Database Prefix: -# In order to be able to store multiple NSS databases in one directory -# they need unique names. This option sets the database prefix used for -# cert8.db and key3.db. -#NSSDBPrefix my-prefix- - -# Client Authentication (Type): -# Client certificate verification type. Types are none, optional and -# require. -#NSSVerifyClient none - -# -# Online Certificate Status Protocol (OCSP). -# Verify that certificates have not been revoked before accepting them. -#NSSOCSP off - -# -# Use a default OCSP responder. If enabled this will be used regardless -# of whether one is included in a client certificate. Note that the -# server certificate is verified during startup. -# -# NSSOCSPDefaultURL defines the service URL of the OCSP responder -# NSSOCSPDefaultName is the nickname of the certificate to trust to -# sign the OCSP responses. -#NSSOCSPDefaultResponder on -#NSSOCSPDefaultURL http://example.com/ocsp/status -#NSSOCSPDefaultName ocsp-nickname - -# Access Control: -# With SSLRequire you can do per-directory access control based -# on arbitrary complex boolean expressions containing server -# variable checks and other lookup directives. The syntax is a -# mixture between C and Perl. See the mod_nss documentation -# for more details. -# -#NSSRequire ( %{SSL_CIPHER} !~ m/^(EXP|NULL)/ \ -# and %{SSL_CLIENT_S_DN_O} eq "Snake Oil, Ltd." \ -# and %{SSL_CLIENT_S_DN_OU} in {"Staff", "CA", "Dev"} \ -# and %{TIME_WDAY} >= 1 and %{TIME_WDAY} <= 5 \ -# and %{TIME_HOUR} >= 8 and %{TIME_HOUR} <= 20 ) \ -# or %{REMOTE_ADDR} =~ m/^192\.76\.162\.[0-9]+$/ -# - -# SSL Engine Options: -# Set various options for the SSL engine. -# o FakeBasicAuth: -# Translate the client X.509 into a Basic Authorisation. This means that -# the standard Auth/DBMAuth methods can be used for access control. The -# user name is the `one line' version of the client's X.509 certificate. -# Note that no password is obtained from the user. Every entry in the user -# file needs this password: `xxj31ZMTZzkVA'. -# o ExportCertData: -# This exports two additional environment variables: SSL_CLIENT_CERT and -# SSL_SERVER_CERT. These contain the PEM-encoded certificates of the -# server (always existing) and the client (only existing when client -# authentication is used). This can be used to import the certificates -# into CGI scripts. -# o StdEnvVars: -# This exports the standard SSL/TLS related `SSL_*' environment variables. -# Per default this exportation is switched off for performance reasons, -# because the extraction step is an expensive operation and is usually -# useless for serving static content. So one usually enables the -# exportation for CGI and SSI requests only. -# o StrictRequire: -# This denies access when "NSSRequireSSL" or "NSSRequire" applied even -# under a "Satisfy any" situation, i.e. when it applies access is denied -# and no other module can change it. -# o OptRenegotiate: -# This enables optimized SSL connection renegotiation handling when SSL -# directives are used in per-directory context. -#NSSOptions +FakeBasicAuth +ExportCertData +CompatEnvVars +StrictRequire - - NSSOptions +StdEnvVars - - - NSSOptions +StdEnvVars - - -# Per-Server Logging: -# The home of a custom SSL log file. Use this when you want a -# compact non-error SSL logfile on a virtual host basis. -#CustomLog /home/rcrit/redhat/apache/logs/ssl_request_log \ -# "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b" - - - diff --git a/apache/templates/mod/pagespeed.conf.erb b/apache/templates/mod/pagespeed.conf.erb deleted file mode 100644 index d1ce64297..000000000 --- a/apache/templates/mod/pagespeed.conf.erb +++ /dev/null @@ -1,102 +0,0 @@ -ModPagespeed on - -ModPagespeedInheritVHostConfig <%= @inherit_vhost_config %> -AddOutputFilterByType MOD_PAGESPEED_OUTPUT_FILTER text/html -<% if @filter_xhtml -%> -AddOutputFilterByType MOD_PAGESPEED_OUTPUT_FILTER application/xhtml+xml -<% end -%> -ModPagespeedFileCachePath "<%= @cache_path %>" -ModPagespeedLogDir "<%= @log_dir %>" - -<% @memcache_servers.each do |server| -%> -ModPagespeedMemcachedServers <%= server %> -<% end -%> - -ModPagespeedRewriteLevel <%= @rewrite_level -%> - -<% @disable_filters.each do |filter| -%> -ModPagespeedDisableFilters <%= filter %> -<% end -%> - -<% @enable_filters.each do |filter| -%> -ModPagespeedEnableFilters <%= filter %> -<% end -%> - -<% @forbid_filters.each do |filter| -%> -ModPagespeedForbidFilters <%= filter %> -<% end -%> - -ModPagespeedRewriteDeadlinePerFlushMs <%= @rewrite_deadline_per_flush_ms %> - -<% if @additional_domains -%> -ModPagespeedDomain <%= @additional_domains -%> -<% end -%> - -ModPagespeedFileCacheSizeKb <%= @file_cache_size_kb %> -ModPagespeedFileCacheCleanIntervalMs <%= @file_cache_clean_interval_ms %> -ModPagespeedLRUCacheKbPerProcess <%= @lru_cache_per_process %> -ModPagespeedLRUCacheByteLimit <%= @lru_cache_byte_limit %> -ModPagespeedCssFlattenMaxBytes <%= @css_flatten_max_bytes %> -ModPagespeedCssInlineMaxBytes <%= @css_inline_max_bytes %> -ModPagespeedCssImageInlineMaxBytes <%= @css_image_inline_max_bytes %> -ModPagespeedImageInlineMaxBytes <%= @image_inline_max_bytes %> -ModPagespeedJsInlineMaxBytes <%= @js_inline_max_bytes %> -ModPagespeedCssOutlineMinBytes <%= @css_outline_min_bytes %> -ModPagespeedJsOutlineMinBytes <%= @js_outline_min_bytes %> - - -ModPagespeedFileCacheInodeLimit <%= @inode_limit %> -ModPagespeedImageMaxRewritesAtOnce <%= @image_max_rewrites_at_once %> - -ModPagespeedNumRewriteThreads <%= @num_rewrite_threads %> -ModPagespeedNumExpensiveRewriteThreads <%= @num_expensive_rewrite_threads %> - -ModPagespeedStatistics <%= @collect_statistics %> - - - # You may insert other "Allow from" lines to add hosts you want to - # allow to look at generated statistics. Another possibility is - # to comment out the "Order" and "Allow" options from the config - # file, to allow any client that can reach your server to examine - # statistics. This might be appropriate in an experimental setup or - # if the Apache server is protected by a reverse proxy that will - # filter URLs in some fashion. - <%- if scope.function_versioncmp([@_apache_version, '2.4']) >= 0 -%> - Require ip 127.0.0.1 ::1 <%= Array(@allow_view_stats).join(" ") %> - <%- else -%> - Order allow,deny - Allow from 127.0.0.1 ::1 <%= Array(@allow_view_stats).join(" ") %> - <%- end -%> - SetHandler mod_pagespeed_statistics - - -ModPagespeedStatisticsLogging <%= @statistics_logging %> - - <%- if scope.function_versioncmp([@_apache_version, '2.4']) >= 0 -%> - Require ip 127.0.0.1 ::1 <%= Array(@allow_pagespeed_console).join(" ") %> - <%- else -%> - Order allow,deny - Allow from 127.0.0.1 ::1 <%= Array(@allow_pagespeed_console).join(" ") %> - <%- end -%> - SetHandler pagespeed_console - - -ModPagespeedMessageBufferSize <%= @message_buffer_size %> - - - <%- if scope.function_versioncmp([@_apache_version, '2.4']) >= 0 -%> - Require ip 127.0.0.1 ::1 <%= Array(@allow_pagespeed_message).join(" ") %> - <%- else -%> - Order allow,deny - Allow from 127.0.0.1 ::1 <%= Array(@allow_pagespeed_message).join(" ") %> - <%- end -%> - SetHandler mod_pagespeed_message - - -<% if @additional_configuration.is_a? Array -%> -<%= @additional_configuration.join('\n') %> -<% else -%> -<% @additional_configuration.each_pair do |key, value| -%> -<%= key %> <%= value %> -<% end -%> -<% end -%> diff --git a/apache/templates/mod/passenger.conf.erb b/apache/templates/mod/passenger.conf.erb deleted file mode 100644 index 8a3e9d4f3..000000000 --- a/apache/templates/mod/passenger.conf.erb +++ /dev/null @@ -1,52 +0,0 @@ -# The Passenger Apache module configuration file is being -# managed by Puppet and changes will be overwritten. - - <%- if @passenger_root -%> - PassengerRoot "<%= @passenger_root %>" - <%- end -%> - <%- if @passenger_ruby -%> - PassengerRuby "<%= @passenger_ruby %>" - <%- end -%> - <%- if @passenger_default_ruby -%> - PassengerDefaultRuby "<%= @passenger_default_ruby %>" - <%- end -%> - <%- if @passenger_high_performance -%> - PassengerHighPerformance <%= @passenger_high_performance %> - <%- end -%> - <%- if @passenger_max_pool_size -%> - PassengerMaxPoolSize <%= @passenger_max_pool_size %> - <%- end -%> - <%- if @passenger_min_instances -%> - PassengerMinInstances <%= @passenger_min_instances %> - <%- end -%> - <%- if @passenger_pool_idle_time -%> - PassengerPoolIdleTime <%= @passenger_pool_idle_time %> - <%- end -%> - <%- if @passenger_max_request_queue_size -%> - PassengerMaxRequestQueueSize <%= @passenger_max_request_queue_size %> - <%- end -%> - <%- if @passenger_max_requests -%> - PassengerMaxRequests <%= @passenger_max_requests %> - <%- end -%> - <%- if @passenger_spawn_method -%> - PassengerSpawnMethod <%= @passenger_spawn_method %> - <%- end -%> - <%- if @passenger_stat_throttle_rate -%> - PassengerStatThrottleRate <%= @passenger_stat_throttle_rate %> - <%- end -%> - <%- if @rack_autodetect -%> - RackAutoDetect <%= @rack_autodetect %> - <%- end -%> - <%- if @rails_autodetect -%> - RailsAutoDetect <%= @rails_autodetect %> - <%- end -%> - <%- if @passenger_use_global_queue -%> - PassengerUseGlobalQueue <%= @passenger_use_global_queue %> - <%- end -%> - <%- if @passenger_app_env -%> - PassengerAppEnv <%= @passenger_app_env %> - <%- end -%> - <%- if @passenger_log_file -%> - PassengerLogFile <%= @passenger_log_file %> - <%- end -%> - diff --git a/apache/templates/mod/peruser.conf.erb b/apache/templates/mod/peruser.conf.erb deleted file mode 100644 index 13c8d708d..000000000 --- a/apache/templates/mod/peruser.conf.erb +++ /dev/null @@ -1,12 +0,0 @@ - - MinSpareProcessors <%= @minspareprocessors %> - MinProcessors <%= @minprocessors %> - MaxProcessors <%= @maxprocessors %> - MaxClients <%= @maxclients %> - MaxRequestsPerChild <%= @maxrequestsperchild %> - IdleTimeout <%= @idletimeout %> - ExpireTimeout <%= @expiretimeout %> - KeepAlive <%= @keepalive %> - Include "<%= @mod_dir %>/peruser/multiplexers/*.conf" - Include "<%= @mod_dir %>/peruser/processors/*.conf" - diff --git a/apache/templates/mod/php5.conf.erb b/apache/templates/mod/php5.conf.erb deleted file mode 100644 index 3fd100039..000000000 --- a/apache/templates/mod/php5.conf.erb +++ /dev/null @@ -1,31 +0,0 @@ -# -# PHP is an HTML-embedded scripting language which attempts to make it -# easy for developers to write dynamically generated webpages. -# -# -# LoadModule php5_module modules/libphp5.so -# -# -# # Use of the "ZTS" build with worker is experimental, and no shared -# # modules are supported. -# LoadModule php5_module modules/libphp5-zts.so -# - -# -# Cause the PHP interpreter to handle files with a .php extension. -# -)$"> - SetHandler php5-script - - -# -# Add index.php to the list of files that will be served as directory -# indexes. -# -DirectoryIndex index.php - -# -# Uncomment the following line to allow PHP to pretty-print .phps -# files as PHP source code: -# -#AddType application/x-httpd-php-source .phps diff --git a/apache/templates/mod/prefork.conf.erb b/apache/templates/mod/prefork.conf.erb deleted file mode 100644 index aabfdf7b2..000000000 --- a/apache/templates/mod/prefork.conf.erb +++ /dev/null @@ -1,8 +0,0 @@ - - StartServers <%= @startservers %> - MinSpareServers <%= @minspareservers %> - MaxSpareServers <%= @maxspareservers %> - ServerLimit <%= @serverlimit %> - MaxClients <%= @maxclients %> - MaxRequestsPerChild <%= @maxrequestsperchild %> - diff --git a/apache/templates/mod/proxy.conf.erb b/apache/templates/mod/proxy.conf.erb deleted file mode 100644 index 06fe54714..000000000 --- a/apache/templates/mod/proxy.conf.erb +++ /dev/null @@ -1,27 +0,0 @@ -# -# Proxy Server directives. Uncomment the following lines to -# enable the proxy server: -# - - # Do not enable proxying with ProxyRequests until you have secured your - # server. Open proxy servers are dangerous both to your network and to the - # Internet at large. - ProxyRequests <%= @proxy_requests %> - - <% if @proxy_requests != 'Off' or ( @allow_from and ! @allow_from.empty? ) -%> - - <%- if scope.function_versioncmp([@_apache_version, '2.4']) >= 0 -%> - Require ip <%= Array(@allow_from).join(" ") %> - <%- else -%> - Order deny,allow - Deny from all - Allow from <%= Array(@allow_from).join(" ") %> - <%- end -%> - - <% end -%> - - # Enable/disable the handling of HTTP/1.1 "Via:" headers. - # ("Full" adds the server version; "Block" removes all outgoing Via: headers) - # Set to one of: Off | On | Full | Block - ProxyVia On - diff --git a/apache/templates/mod/proxy_html.conf.erb b/apache/templates/mod/proxy_html.conf.erb deleted file mode 100644 index fea15f393..000000000 --- a/apache/templates/mod/proxy_html.conf.erb +++ /dev/null @@ -1,18 +0,0 @@ -ProxyHTMLLinks a href -ProxyHTMLLinks area href -ProxyHTMLLinks link href -ProxyHTMLLinks img src longdesc usemap -ProxyHTMLLinks object classid codebase data usemap -ProxyHTMLLinks q cite -ProxyHTMLLinks blockquote cite -ProxyHTMLLinks ins cite -ProxyHTMLLinks del cite -ProxyHTMLLinks form action -ProxyHTMLLinks input src usemap -ProxyHTMLLinks head profileProxyHTMLLinks base href -ProxyHTMLLinks script src for - -ProxyHTMLEvents onclick ondblclick onmousedown onmouseup \ - onmouseover onmousemove onmouseout onkeypress \ - onkeydown onkeyup onfocus onblur onload \ - onunload onsubmit onreset onselect onchange diff --git a/apache/templates/mod/remoteip.conf.erb b/apache/templates/mod/remoteip.conf.erb deleted file mode 100644 index b4518f9b0..000000000 --- a/apache/templates/mod/remoteip.conf.erb +++ /dev/null @@ -1,23 +0,0 @@ -# Declare the header field which should be parsed for useragent IP addresses -RemoteIPHeader <%= @header %> - -<%- if @proxy_ips -%> -# Declare client intranet IP addresses trusted to present -# the RemoteIPHeader value -<%- [@proxy_ips].flatten.each do |proxy| -%> -RemoteIPInternalProxy <%= proxy %> -<%- end -%> -<%- end -%> - -<%- if @proxies_header -%> -# Declare the header field which will record all intermediate IP addresses -RemoteIPProxiesHeader <%= @proxies_header %> -<%- end -%> - -<%- if @trusted_proxy_ips -%> -# Declare client intranet IP addresses trusted to present -# the RemoteIPHeader value - <%- [@trusted_proxy_ips].flatten.each do |proxy| -%> -RemoteIPTrustedProxy <%= proxy %> - <%- end -%> -<%- end -%> diff --git a/apache/templates/mod/reqtimeout.conf.erb b/apache/templates/mod/reqtimeout.conf.erb deleted file mode 100644 index 6ffc5ffe2..000000000 --- a/apache/templates/mod/reqtimeout.conf.erb +++ /dev/null @@ -1,3 +0,0 @@ -<% Array(@timeouts).each do |timeout| -%> -RequestReadTimeout <%= timeout %> -<%- end -%> diff --git a/apache/templates/mod/rpaf.conf.erb b/apache/templates/mod/rpaf.conf.erb deleted file mode 100644 index e0ed8dce8..000000000 --- a/apache/templates/mod/rpaf.conf.erb +++ /dev/null @@ -1,15 +0,0 @@ -# Enable reverse proxy add forward -RPAF_enable On -# RPAF_sethostname will, when enabled, take the incoming X-Host header and -# update the virtual host settings accordingly. This allows to have the same -# hostnames as in the "real" configuration for the forwarding proxy. -<% if @sethostname -%> -RPAF_sethostname On -<% else -%> -RPAF_sethostname Off -<% end -%> -# Which IPs are forwarding requests to us -RPAF_proxyIPs <%= Array(@proxy_ips).join(" ") %> -# Setting RPAF_header allows you to change the header name to parse from the -# default X-Forwarded-For to something of your choice. -RPAF_header <%= @header %> diff --git a/apache/templates/mod/security.conf.erb b/apache/templates/mod/security.conf.erb deleted file mode 100644 index 1ffd30bb9..000000000 --- a/apache/templates/mod/security.conf.erb +++ /dev/null @@ -1,71 +0,0 @@ - - # ModSecurity Core Rules Set configuration -<%- if scope.function_versioncmp([scope.lookupvar('::apache::apache_version'), '2.4']) >= 0 -%> - IncludeOptional <%= @modsec_dir %>/*.conf - IncludeOptional <%= @modsec_dir %>/activated_rules/*.conf -<%- else -%> - Include <%= @modsec_dir %>/*.conf - Include <%= @modsec_dir %>/activated_rules/*.conf -<%- end -%> - - # Default recommended configuration - SecRuleEngine <%= @modsec_secruleengine %> - SecRequestBodyAccess On - SecRule REQUEST_HEADERS:Content-Type "text/xml" \ - "id:'200000',phase:1,t:none,t:lowercase,pass,nolog,ctl:requestBodyProcessor=XML" - SecRequestBodyLimit 13107200 - SecRequestBodyNoFilesLimit 131072 - SecRequestBodyInMemoryLimit 131072 - SecRequestBodyLimitAction Reject - SecRule REQBODY_ERROR "!@eq 0" \ - "id:'200001', phase:2,t:none,log,deny,status:400,msg:'Failed to parse request body.',logdata:'%{reqbody_error_msg}',severity:2" - SecRule MULTIPART_STRICT_ERROR "!@eq 0" \ - "id:'200002',phase:2,t:none,log,deny,status:44,msg:'Multipart request body failed strict validation: \ - PE %{REQBODY_PROCESSOR_ERROR}, \ - BQ %{MULTIPART_BOUNDARY_QUOTED}, \ - BW %{MULTIPART_BOUNDARY_WHITESPACE}, \ - DB %{MULTIPART_DATA_BEFORE}, \ - DA %{MULTIPART_DATA_AFTER}, \ - HF %{MULTIPART_HEADER_FOLDING}, \ - LF %{MULTIPART_LF_LINE}, \ - SM %{MULTIPART_MISSING_SEMICOLON}, \ - IQ %{MULTIPART_INVALID_QUOTING}, \ - IP %{MULTIPART_INVALID_PART}, \ - IH %{MULTIPART_INVALID_HEADER_FOLDING}, \ - FL %{MULTIPART_FILE_LIMIT_EXCEEDED}'" - - SecRule MULTIPART_UNMATCHED_BOUNDARY "!@eq 0" \ - "id:'200003',phase:2,t:none,log,deny,status:44,msg:'Multipart parser detected a possible unmatched boundary.'" - - SecPcreMatchLimit <%= @secpcrematchlimit %> - SecPcreMatchLimitRecursion <%= @secpcrematchlimitrecursion %> - - SecRule TX:/^MSC_/ "!@streq 0" \ - "id:'200004',phase:2,t:none,deny,msg:'ModSecurity internal error flagged: %{MATCHED_VAR_NAME}'" - - SecResponseBodyAccess Off - SecResponseBodyMimeType text/plain text/html text/xml - SecResponseBodyLimit 524288 - SecResponseBodyLimitAction ProcessPartial - SecDebugLogLevel 0 - SecAuditEngine RelevantOnly - SecAuditLogRelevantStatus "^(?:5|4(?!04))" - SecAuditLogParts <%= @audit_log_parts %> - SecAuditLogType Serial - SecArgumentSeparator & - SecCookieFormat 0 -<%- if scope.lookupvar('::osfamily') == 'Debian' -%> - SecDebugLog /var/log/apache2/modsec_debug.log - SecAuditLog /var/log/apache2/modsec_audit.log - SecTmpDir /var/cache/modsecurity - SecDataDir /var/cache/modsecurity - SecUploadDir /var/cache/modsecurity -<% else -%> - SecDebugLog /var/log/httpd/modsec_debug.log - SecAuditLog /var/log/httpd/modsec_audit.log - SecTmpDir /var/lib/mod_security - SecDataDir /var/lib/mod_security - SecUploadDir /var/lib/mod_security -<% end -%> - SecUploadKeepFiles Off - diff --git a/apache/templates/mod/security_crs.conf.erb b/apache/templates/mod/security_crs.conf.erb deleted file mode 100644 index 016efc797..000000000 --- a/apache/templates/mod/security_crs.conf.erb +++ /dev/null @@ -1,428 +0,0 @@ -# --------------------------------------------------------------- -# Core ModSecurity Rule Set ver.2.2.6 -# Copyright (C) 2006-2012 Trustwave All rights reserved. -# -# The OWASP ModSecurity Core Rule Set is distributed under -# Apache Software License (ASL) version 2 -# Please see the enclosed LICENCE file for full details. -# --------------------------------------------------------------- - - -# -# -- [[ Recommended Base Configuration ]] ------------------------------------------------- -# -# The configuration directives/settings in this file are used to control -# the OWASP ModSecurity CRS. These settings do **NOT** configure the main -# ModSecurity settings such as: -# -# - SecRuleEngine -# - SecRequestBodyAccess -# - SecAuditEngine -# - SecDebugLog -# -# You should use the modsecurity.conf-recommended file that comes with the -# ModSecurity source code archive. -# -# Ref: http://mod-security.svn.sourceforge.net/viewvc/mod-security/m2/trunk/modsecurity.conf-recommended -# - - -# -# -- [[ Rule Version ]] ------------------------------------------------------------------- -# -# Rule version data is added to the "Producer" line of Section H of the Audit log: -# -# - Producer: ModSecurity for Apache/2.7.0-rc1 (http://www.modsecurity.org/); OWASP_CRS/2.2.4. -# -# Ref: https://sourceforge.net/apps/mediawiki/mod-security/index.php?title=Reference_Manual#SecComponentSignature -# -SecComponentSignature "OWASP_CRS/2.2.6" - - -# -# -- [[ Modes of Operation: Self-Contained vs. Collaborative Detection ]] ----------------- -# -# Each detection rule uses the "block" action which will inherit the SecDefaultAction -# specified below. Your settings here will determine which mode of operation you use. -# -# -- [[ Self-Contained Mode ]] -- -# Rules inherit the "deny" disruptive action. The first rule that matches will block. -# -# -- [[ Collaborative Detection Mode ]] -- -# This is a "delayed blocking" mode of operation where each matching rule will inherit -# the "pass" action and will only contribute to anomaly scores. Transactional blocking -# can be applied -# -# -- [[ Alert Logging Control ]] -- -# You have three options - -# -# - To log to both the Apache error_log and ModSecurity audit_log file use: "log" -# - To log *only* to the ModSecurity audit_log file use: "nolog,auditlog" -# - To log *only* to the Apache error_log file use: "log,noauditlog" -# -# Ref: http://blog.spiderlabs.com/2010/11/advanced-topic-of-the-week-traditional-vs-anomaly-scoring-detection-modes.html -# Ref: https://sourceforge.net/apps/mediawiki/mod-security/index.php?title=Reference_Manual#SecDefaultAction -# -SecDefaultAction "phase:1,deny,log" - - -# -# -- [[ Collaborative Detection Severity Levels ]] ---------------------------------------- -# -# These are the default scoring points for each severity level. You may -# adjust these to you liking. These settings will be used in macro expansion -# in the rules to increment the anomaly scores when rules match. -# -# These are the default Severity ratings (with anomaly scores) of the individual rules - -# -# - 2: Critical - Anomaly Score of 5. -# Is the highest severity level possible without correlation. It is -# normally generated by the web attack rules (40 level files). -# - 3: Error - Anomaly Score of 4. -# Is generated mostly from outbound leakage rules (50 level files). -# - 4: Warning - Anomaly Score of 3. -# Is generated by malicious client rules (35 level files). -# - 5: Notice - Anomaly Score of 2. -# Is generated by the Protocol policy and anomaly files. -# -SecAction \ - "id:'900001', \ - phase:1, \ - t:none, \ - setvar:tx.critical_anomaly_score=5, \ - setvar:tx.error_anomaly_score=4, \ - setvar:tx.warning_anomaly_score=3, \ - setvar:tx.notice_anomaly_score=2, \ - nolog, \ - pass" - - -# -# -- [[ Collaborative Detection Scoring Threshold Levels ]] ------------------------------ -# -# These variables are used in macro expansion in the 49 inbound blocking and 59 -# outbound blocking files. -# -# **MUST HAVE** ModSecurity v2.5.12 or higher to use macro expansion in numeric -# operators. If you have an earlier version, edit the 49/59 files directly to -# set the appropriate anomaly score levels. -# -# You should set the score to the proper threshold you would prefer. If set to "5" -# it will work similarly to previous Mod CRS rules and will create an event in the error_log -# file if there are any rules that match. If you would like to lessen the number of events -# generated in the error_log file, you should increase the anomaly score threshold to -# something like "20". This would only generate an event in the error_log file if -# there are multiple lower severity rule matches or if any 1 higher severity item matches. -# -SecAction \ - "id:'900002', \ - phase:1, \ - t:none, \ - setvar:tx.inbound_anomaly_score_level=5, \ - nolog, \ - pass" - - -SecAction \ - "id:'900003', \ - phase:1, \ - t:none, \ - setvar:tx.outbound_anomaly_score_level=4, \ - nolog, \ - pass" - - -# -# -- [[ Collaborative Detection Blocking ]] ----------------------------------------------- -# -# This is a collaborative detection mode where each rule will increment an overall -# anomaly score for the transaction. The scores are then evaluated in the following files: -# -# Inbound anomaly score - checked in the modsecurity_crs_49_inbound_blocking.conf file -# Outbound anomaly score - checked in the modsecurity_crs_59_outbound_blocking.conf file -# -# If you want to use anomaly scoring mode, then uncomment this line. -# -#SecAction \ - "id:'900004', \ - phase:1, \ - t:none, \ - setvar:tx.anomaly_score_blocking=on, \ - nolog, \ - pass" - - -# -# -- [[ GeoIP Database ]] ----------------------------------------------------------------- -# -# There are some rulesets that need to inspect the GEO data of the REMOTE_ADDR data. -# -# You must first download the MaxMind GeoIP Lite City DB - -# -# http://geolite.maxmind.com/download/geoip/database/GeoLiteCity.dat.gz -# -# You then need to define the proper path for the SecGeoLookupDb directive -# -# Ref: http://blog.spiderlabs.com/2010/10/detecting-malice-with-modsecurity-geolocation-data.html -# Ref: http://blog.spiderlabs.com/2010/11/detecting-malice-with-modsecurity-ip-forensics.html -# -#SecGeoLookupDb /opt/modsecurity/lib/GeoLiteCity.dat - -# -# -- [[ Regression Testing Mode ]] -------------------------------------------------------- -# -# If you are going to run the regression testing mode, you should uncomment the -# following rule. It will enable DetectionOnly mode for the SecRuleEngine and -# will enable Response Header tagging so that the client testing script can see -# which rule IDs have matched. -# -# You must specify the your source IP address where you will be running the tests -# from. -# -#SecRule REMOTE_ADDR "@ipMatch 192.168.1.100" \ - "id:'900005', \ - phase:1, \ - t:none, \ - ctl:ruleEngine=DetectionOnly, \ - setvar:tx.regression_testing=1, \ - nolog, \ - pass" - - -# -# -- [[ HTTP Policy Settings ]] ---------------------------------------------------------- -# -# Set the following policy settings here and they will be propagated to the 23 rules -# file (modsecurity_common_23_request_limits.conf) by using macro expansion. -# If you run into false positives, you can adjust the settings here. -# -# Only the max number of args is uncommented by default as there are a high rate -# of false positives. Uncomment the items you wish to set. -# -# -# -- Maximum number of arguments in request limited -SecAction \ - "id:'900006', \ - phase:1, \ - t:none, \ - setvar:tx.max_num_args=255, \ - nolog, \ - pass" - -# -# -- Limit argument name length -#SecAction \ - "id:'900007', \ - phase:1, \ - t:none, \ - setvar:tx.arg_name_length=100, \ - nolog, \ - pass" - -# -# -- Limit value name length -#SecAction \ - "id:'900008', \ - phase:1, \ - t:none, \ - setvar:tx.arg_length=400, \ - nolog, \ - pass" - -# -# -- Limit arguments total length -#SecAction \ - "id:'900009', \ - phase:1, \ - t:none, \ - setvar:tx.total_arg_length=64000, \ - nolog, \ - pass" - -# -# -- Individual file size is limited -#SecAction \ - "id:'900010', \ - phase:1, \ - t:none, \ - setvar:tx.max_file_size=1048576, \ - nolog, \ - pass" - -# -# -- Combined file size is limited -#SecAction \ - "id:'900011', \ - phase:1, \ - t:none, \ - setvar:tx.combined_file_sizes=1048576, \ - nolog, \ - pass" - - -# -# Set the following policy settings here and they will be propagated to the 30 rules -# file (modsecurity_crs_30_http_policy.conf) by using macro expansion. -# If you run into false positves, you can adjust the settings here. -# -SecAction \ - "id:'900012', \ - phase:1, \ - t:none, \ - setvar:'tx.allowed_methods=<%= @allowed_methods -%>', \ - setvar:'tx.allowed_request_content_type=<%= @content_types -%>', \ - setvar:'tx.allowed_http_versions=HTTP/0.9 HTTP/1.0 HTTP/1.1', \ - setvar:'tx.restricted_extensions=<%= @restricted_extensions -%>', \ - setvar:'tx.restricted_headers=<%= @restricted_headers -%>', \ - nolog, \ - pass" - - -# -# -- [[ Content Security Policy (CSP) Settings ]] ----------------------------------------- -# -# The purpose of these settings is to send CSP response headers to -# Mozilla FireFox users so that you can enforce how dynamic content -# is used. CSP usage helps to prevent XSS attacks against your users. -# -# Reference Link: -# -# https://developer.mozilla.org/en/Security/CSP -# -# Uncomment this SecAction line if you want use CSP enforcement. -# You need to set the appropriate directives and settings for your site/domain and -# and activate the CSP file in the experimental_rules directory. -# -# Ref: http://blog.spiderlabs.com/2011/04/modsecurity-advanced-topic-of-the-week-integrating-content-security-policy-csp.html -# -#SecAction \ - "id:'900013', \ - phase:1, \ - t:none, \ - setvar:tx.csp_report_only=1, \ - setvar:tx.csp_report_uri=/csp_violation_report, \ - setenv:'csp_policy=allow \'self\'; img-src *.yoursite.com; media-src *.yoursite.com; style-src *.yoursite.com; frame-ancestors *.yoursite.com; script-src *.yoursite.com; report-uri %{tx.csp_report_uri}', \ - nolog, \ - pass" - - -# -# -- [[ Brute Force Protection ]] --------------------------------------------------------- -# -# If you are using the Brute Force Protection rule set, then uncomment the following -# lines and set the following variables: -# - Protected URLs: resources to protect (e.g. login pages) - set to your login page -# - Burst Time Slice Interval: time interval window to monitor for bursts -# - Request Threshold: request # threshold to trigger a burst -# - Block Period: temporary block timeout -# -#SecAction \ - "id:'900014', \ - phase:1, \ - t:none, \ - setvar:'tx.brute_force_protected_urls=/login.jsp /partner_login.php', \ - setvar:'tx.brute_force_burst_time_slice=60', \ - setvar:'tx.brute_force_counter_threshold=10', \ - setvar:'tx.brute_force_block_timeout=300', \ - nolog, \ - pass" - - -# -# -- [[ DoS Protection ]] ---------------------------------------------------------------- -# -# If you are using the DoS Protection rule set, then uncomment the following -# lines and set the following variables: -# - Burst Time Slice Interval: time interval window to monitor for bursts -# - Request Threshold: request # threshold to trigger a burst -# - Block Period: temporary block timeout -# -#SecAction \ - "id:'900015', \ - phase:1, \ - t:none, \ - setvar:'tx.dos_burst_time_slice=60', \ - setvar:'tx.dos_counter_threshold=100', \ - setvar:'tx.dos_block_timeout=600', \ - nolog, \ - pass" - - -# -# -- [[ Check UTF enconding ]] ----------------------------------------------------------- -# -# We only want to apply this check if UTF-8 encoding is actually used by the site, otherwise -# it will result in false positives. -# -# Uncomment this line if your site uses UTF8 encoding -#SecAction \ - "id:'900016', \ - phase:1, \ - t:none, \ - setvar:tx.crs_validate_utf8_encoding=1, \ - nolog, \ - pass" - - -# -# -- [[ Enable XML Body Parsing ]] ------------------------------------------------------- -# -# The rules in this file will trigger the XML parser upon an XML request -# -# Initiate XML Processor in case of xml content-type -# -SecRule REQUEST_HEADERS:Content-Type "text/xml" \ - "id:'900017', \ - phase:1, \ - t:none,t:lowercase, \ - nolog, \ - pass, \ - chain" - SecRule REQBODY_PROCESSOR "!@streq XML" \ - "ctl:requestBodyProcessor=XML" - - -# -# -- [[ Global and IP Collections ]] ----------------------------------------------------- -# -# Create both Global and IP collections for rules to use -# There are some CRS rules that assume that these two collections -# have already been initiated. -# -SecRule REQUEST_HEADERS:User-Agent "^(.*)$" \ - "id:'900018', \ - phase:1, \ - t:none,t:sha1,t:hexEncode, \ - setvar:tx.ua_hash=%{matched_var}, \ - nolog, \ - pass" - - -SecRule REQUEST_HEADERS:x-forwarded-for "^\b(\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3})\b" \ - "id:'900019', \ - phase:1, \ - t:none, \ - capture, \ - setvar:tx.real_ip=%{tx.1}, \ - nolog, \ - pass" - - -SecRule &TX:REAL_IP "!@eq 0" \ - "id:'900020', \ - phase:1, \ - t:none, \ - initcol:global=global, \ - initcol:ip=%{tx.real_ip}_%{tx.ua_hash}, \ - nolog, \ - pass" - - -SecRule &TX:REAL_IP "@eq 0" \ - "id:'900021', \ - phase:1, \ - t:none, \ - initcol:global=global, \ - initcol:ip=%{remote_addr}_%{tx.ua_hash}, \ - nolog, \ - pass" diff --git a/apache/templates/mod/setenvif.conf.erb b/apache/templates/mod/setenvif.conf.erb deleted file mode 100644 index d31c79fe5..000000000 --- a/apache/templates/mod/setenvif.conf.erb +++ /dev/null @@ -1,34 +0,0 @@ -# -# The following directives modify normal HTTP response behavior to -# handle known problems with browser implementations. -# -BrowserMatch "Mozilla/2" nokeepalive -BrowserMatch "MSIE 4\.0b2;" nokeepalive downgrade-1.0 force-response-1.0 -BrowserMatch "RealPlayer 4\.0" force-response-1.0 -BrowserMatch "Java/1\.0" force-response-1.0 -BrowserMatch "JDK/1\.0" force-response-1.0 - -# -# The following directive disables redirects on non-GET requests for -# a directory that does not include the trailing slash. This fixes a -# problem with Microsoft WebFolders which does not appropriately handle -# redirects for folders with DAV methods. -# Same deal with Apple's DAV filesystem and Gnome VFS support for DAV. -# -BrowserMatch "Microsoft Data Access Internet Publishing Provider" redirect-carefully -BrowserMatch "MS FrontPage" redirect-carefully -BrowserMatch "^WebDrive" redirect-carefully -BrowserMatch "^WebDAVFS/1.[0123]" redirect-carefully -BrowserMatch "^gnome-vfs/1.0" redirect-carefully -BrowserMatch "^gvfs/1" redirect-carefully -BrowserMatch "^XML Spy" redirect-carefully -BrowserMatch "^Dreamweaver-WebDAV-SCM1" redirect-carefully -BrowserMatch " Konqueror/4" redirect-carefully - - - BrowserMatch "MSIE [2-6]" \ - nokeepalive ssl-unclean-shutdown \ - downgrade-1.0 force-response-1.0 - # MSIE 7 and newer should be able to use keepalive - BrowserMatch "MSIE [17-9]" ssl-unclean-shutdown - diff --git a/apache/templates/mod/ssl.conf.erb b/apache/templates/mod/ssl.conf.erb deleted file mode 100644 index 4ae29e40a..000000000 --- a/apache/templates/mod/ssl.conf.erb +++ /dev/null @@ -1,31 +0,0 @@ - - SSLRandomSeed startup builtin - SSLRandomSeed startup file:/dev/urandom <%= @ssl_random_seed_bytes %> - SSLRandomSeed connect builtin - SSLRandomSeed connect file:/dev/urandom <%= @ssl_random_seed_bytes %> - - AddType application/x-x509-ca-cert .crt - AddType application/x-pkcs7-crl .crl - - SSLPassPhraseDialog <%= @ssl_pass_phrase_dialog %> - SSLSessionCache "shmcb:<%= @session_cache %>" - SSLSessionCacheTimeout <%= @ssl_sessioncachetimeout %> -<% if @ssl_compression -%> - SSLCompression On -<% end -%> - <%- if scope.function_versioncmp([@_apache_version, '2.4']) >= 0 -%> - Mutex <%= @_ssl_mutex %> - <%- else -%> - SSLMutex <%= @_ssl_mutex %> - <%- end -%> - SSLCryptoDevice <%= @ssl_cryptodevice %> - SSLHonorCipherOrder <%= @ssl_honorcipherorder %> - SSLCipherSuite <%= @ssl_cipher %> - SSLProtocol <%= @ssl_protocol.compact.join(' ') %> -<% if @ssl_options -%> - SSLOptions <%= @ssl_options.compact.join(' ') %> -<% end -%> -<%- if @ssl_openssl_conf_cmd -%> - SSLOpenSSLConfCmd <%= @ssl_openssl_conf_cmd %> -<%- end -%> - diff --git a/apache/templates/mod/status.conf.erb b/apache/templates/mod/status.conf.erb deleted file mode 100644 index 6a6b3daa2..000000000 --- a/apache/templates/mod/status.conf.erb +++ /dev/null @@ -1,16 +0,0 @@ -> - SetHandler server-status - <%- if scope.function_versioncmp([@_apache_version, '2.4']) >= 0 -%> - Require ip <%= Array(@allow_from).join(" ") %> - <%- else -%> - Order deny,allow - Deny from all - Allow from <%= Array(@allow_from).join(" ") %> - <%- end -%> - -ExtendedStatus <%= @extended_status %> - - - # Show Proxy LoadBalancer status in mod_status - ProxyStatus On - diff --git a/apache/templates/mod/suphp.conf.erb b/apache/templates/mod/suphp.conf.erb deleted file mode 100644 index 95fbf97c7..000000000 --- a/apache/templates/mod/suphp.conf.erb +++ /dev/null @@ -1,19 +0,0 @@ - - AddType application/x-httpd-suphp .php .php3 .php4 .php5 .phtml - suPHP_AddHandler application/x-httpd-suphp - - - suPHP_Engine on - - - # By default, disable suPHP for debian packaged web applications as files - # are owned by root and cannot be executed by suPHP because of min_uid. - - suPHP_Engine off - - -# # Use a specific php config file (a dir which contains a php.ini file) -# suPHP_ConfigPath /etc/php4/cgi/suphp/ -# # Tells mod_suphp NOT to handle requests with the type . -# suPHP_RemoveHandler - diff --git a/apache/templates/mod/userdir.conf.erb b/apache/templates/mod/userdir.conf.erb deleted file mode 100644 index 83263c3d0..000000000 --- a/apache/templates/mod/userdir.conf.erb +++ /dev/null @@ -1,27 +0,0 @@ - -<% if @disable_root -%> - UserDir disabled root -<% end -%> - UserDir <%= @home %>/*/<%= @dir %> - - /*/<%= @dir %>"> - AllowOverride FileInfo AuthConfig Limit Indexes - Options <%= @options.join(' ') %> - - <%- if scope.function_versioncmp([@apache_version, '2.4']) >= 0 -%> - Require all granted - <%- else -%> - Order allow,deny - Allow from all - <%- end -%> - - - <%- if scope.function_versioncmp([@apache_version, '2.4']) >= 0 -%> - Require all granted - <%- else -%> - Order allow,deny - Allow from all - <%- end -%> - - - diff --git a/apache/templates/mod/worker.conf.erb b/apache/templates/mod/worker.conf.erb deleted file mode 100644 index 8ad6451c7..000000000 --- a/apache/templates/mod/worker.conf.erb +++ /dev/null @@ -1,11 +0,0 @@ - - ServerLimit <%= @serverlimit %> - StartServers <%= @startservers %> - ThreadLimit <%= @threadlimit %> - MaxClients <%= @maxclients %> - MinSpareThreads <%= @minsparethreads %> - MaxSpareThreads <%= @maxsparethreads %> - ThreadsPerChild <%= @threadsperchild %> - MaxRequestsPerChild <%= @maxrequestsperchild %> - ListenBacklog <%= @listenbacklog %> - diff --git a/apache/templates/mod/wsgi.conf.erb b/apache/templates/mod/wsgi.conf.erb deleted file mode 100644 index 18752d2c4..000000000 --- a/apache/templates/mod/wsgi.conf.erb +++ /dev/null @@ -1,13 +0,0 @@ -# The WSGI Apache module configuration file is being -# managed by Puppet an changes will be overwritten. - - <%- if @wsgi_socket_prefix -%> - WSGISocketPrefix <%= @wsgi_socket_prefix %> - <%- end -%> - <%- if @wsgi_python_home -%> - WSGIPythonHome "<%= @wsgi_python_home %>" - <%- end -%> - <%- if @wsgi_python_path -%> - WSGIPythonPath "<%= @wsgi_python_path %>" - <%- end -%> - diff --git a/apache/templates/namevirtualhost.erb b/apache/templates/namevirtualhost.erb deleted file mode 100644 index cf767680f..000000000 --- a/apache/templates/namevirtualhost.erb +++ /dev/null @@ -1,8 +0,0 @@ -<%# NameVirtualHost should always be one of: - - * - - *: - - _default_: - - - - : --%> -NameVirtualHost <%= @addr_port %> diff --git a/apache/templates/ports_header.erb b/apache/templates/ports_header.erb deleted file mode 100644 index 4908db4ad..000000000 --- a/apache/templates/ports_header.erb +++ /dev/null @@ -1,5 +0,0 @@ -# ************************************ -# Listen & NameVirtualHost resources in module puppetlabs-apache -# Managed by Puppet -# ************************************ - diff --git a/apache/templates/vhost/_access_log.erb b/apache/templates/vhost/_access_log.erb deleted file mode 100644 index 894daa7ce..000000000 --- a/apache/templates/vhost/_access_log.erb +++ /dev/null @@ -1,21 +0,0 @@ -<% @_access_logs.each do |log| -%> -<% env ||= "env=#{log['env']}" if log['env'] -%> -<% env ||= '' -%> -<% format ||= "\"#{log['format']}\"" if log['format'] -%> -<% format ||= 'combined' -%> -<% if log['file'] -%> -<% if log['file'].chars.first == '/' -%> -<% destination = "#{log['file']}" -%> -<% else -%> -<% destination = "#{@logroot}/#{log['file']}" -%> -<% end -%> -<% elsif log['syslog'] -%> -<% destination = log['syslog'] -%> -<% elsif log['pipe'] -%> -<% destination = log['pipe'] -%> -<% else -%> -<% destination ||= "#{@logroot}/#{@name}_access_ssl.log" if @ssl -%> -<% destination ||= "#{@logroot}/#{@name}_access.log" -%> -<% end -%> - CustomLog "<%= destination %>" <%= format %> <%= env %> -<% end -%> diff --git a/apache/templates/vhost/_action.erb b/apache/templates/vhost/_action.erb deleted file mode 100644 index 8a0229059..000000000 --- a/apache/templates/vhost/_action.erb +++ /dev/null @@ -1,4 +0,0 @@ -<% if @action -%> - - Action <%= @action %> /cgi-bin virtual -<% end -%> diff --git a/apache/templates/vhost/_additional_includes.erb b/apache/templates/vhost/_additional_includes.erb deleted file mode 100644 index a07bb8112..000000000 --- a/apache/templates/vhost/_additional_includes.erb +++ /dev/null @@ -1,9 +0,0 @@ -<% Array(@additional_includes).each do |include| -%> - - ## Load additional static includes -<%- if scope.function_versioncmp([@apache_version, '2.4']) >= 0 && @use_optional_includes -%> - IncludeOptional "<%= include %>" -<%- else -%> - Include "<%= include %>" -<%- end -%> -<% end -%> diff --git a/apache/templates/vhost/_aliases.erb b/apache/templates/vhost/_aliases.erb deleted file mode 100644 index f9771bc72..000000000 --- a/apache/templates/vhost/_aliases.erb +++ /dev/null @@ -1,16 +0,0 @@ -<% if @aliases and ! @aliases.empty? -%> - ## Alias declarations for resources outside the DocumentRoot - <%- [@aliases].flatten.compact.each do |alias_statement| -%> - <%- if alias_statement["path"] != '' -%> - <%- if alias_statement["alias"] and alias_statement["alias"] != '' -%> - Alias <%= alias_statement["alias"] %> "<%= alias_statement["path"] %>" - <%- elsif alias_statement["aliasmatch"] and alias_statement["aliasmatch"] != '' -%> - AliasMatch <%= alias_statement["aliasmatch"] %> "<%= alias_statement["path"] %>" - <%- elsif alias_statement["scriptalias"] and alias_statement["scriptalias"] != '' -%> - ScriptAlias <%= alias_statement["scriptalias"] %> "<%= alias_statement["path"] %>" - <%- elsif alias_statement["scriptaliasmatch"] and alias_statement["scriptaliasmatch"] != '' -%> - ScriptAliasMatch <%= alias_statement["scriptaliasmatch"] %> "<%= alias_statement["path"] %>" - <%- end -%> - <%- end -%> - <%- end -%> -<% end -%> diff --git a/apache/templates/vhost/_allow_encoded_slashes.erb b/apache/templates/vhost/_allow_encoded_slashes.erb deleted file mode 100644 index 40c73433b..000000000 --- a/apache/templates/vhost/_allow_encoded_slashes.erb +++ /dev/null @@ -1,4 +0,0 @@ -<%- if @allow_encoded_slashes -%> - - AllowEncodedSlashes <%= @allow_encoded_slashes %> -<%- end -%> diff --git a/apache/templates/vhost/_auth_kerb.erb b/apache/templates/vhost/_auth_kerb.erb deleted file mode 100644 index 97f4c1fc6..000000000 --- a/apache/templates/vhost/_auth_kerb.erb +++ /dev/null @@ -1,32 +0,0 @@ -<% if @auth_kerb -%> - - ## Kerberos directives - <%- if @krb_method_negotiate -%> - KrbMethodNegotiate <%= @krb_method_negotiate %> - <%- end -%> - <%- if @krb_method_k5passwd -%> - KrbMethodK5Passwd <%= @krb_method_k5passwd %> - <%- end -%> - <%- if @krb_authoritative -%> - KrbAuthoritative <%= @krb_authoritative %> - <%- end -%> - <%- if @krb_auth_realms and @krb_auth_realms.length >= 1 -%> - KrbAuthRealms <%= @krb_auth_realms.join(' ') %> - <%- end -%> - <%- if @krb_5keytab -%> - Krb5Keytab <%= @krb_5keytab %> - <%- end -%> - <%- if @krb_local_user_mapping -%> - KrbLocalUserMapping <%= @krb_local_user_mapping %> - <%- end -%> - <%- if @krb_verify_kdc -%> - KrbVerifyKDC <%= @krb_verify_kdc %> - <%- end -%> - <%- if @krb_servicename -%> - KrbServiceName <%= @krb_servicename %> - <%- end -%> - <%- if @krb_save_credentials -%> - KrbSaveCredentials <%= @krb_save_credentials -%> - <%- end -%> - -<% end -%> diff --git a/apache/templates/vhost/_block.erb b/apache/templates/vhost/_block.erb deleted file mode 100644 index d0776829d..000000000 --- a/apache/templates/vhost/_block.erb +++ /dev/null @@ -1,14 +0,0 @@ -<% if @block and ! @block.empty? -%> - - ## Block access statements -<% if @block.include? 'scm' -%> - # Block access to SCM directories. - - <%- if scope.function_versioncmp([@apache_version, '2.4']) >= 0 -%> - Require all denied - <%- else -%> - Deny From All - <%- end -%> - -<% end -%> -<% end -%> diff --git a/apache/templates/vhost/_charsets.erb b/apache/templates/vhost/_charsets.erb deleted file mode 100644 index ef83def4b..000000000 --- a/apache/templates/vhost/_charsets.erb +++ /dev/null @@ -1,4 +0,0 @@ -<% if @add_default_charset -%> - - AddDefaultCharset <%= @add_default_charset %> -<% end -%> diff --git a/apache/templates/vhost/_custom_fragment.erb b/apache/templates/vhost/_custom_fragment.erb deleted file mode 100644 index 35c264adb..000000000 --- a/apache/templates/vhost/_custom_fragment.erb +++ /dev/null @@ -1,5 +0,0 @@ -<% if @custom_fragment -%> - - ## Custom fragment - <%= @custom_fragment %> -<% end -%> diff --git a/apache/templates/vhost/_directories.erb b/apache/templates/vhost/_directories.erb deleted file mode 100644 index 9beb89865..000000000 --- a/apache/templates/vhost/_directories.erb +++ /dev/null @@ -1,303 +0,0 @@ -<% if @_directories and ! @_directories.empty? -%> - - ## Directories, there should at least be a declaration for <%= @docroot %> - <%- [@_directories].flatten.compact.each do |directory| -%> - <%- if scope.function_versioncmp([@apache_version, '2.4']) >= 0 -%> - <%- if directory['allow'] and ! [ false, 'false', '' ].include?(directory['allow']) -%> - <%- scope.function_warning(["Apache::Vhost: Using allow is deprecated in your Apache version"]) -%> - <%- end -%> - <%- if directory['deny'] and ! [ false, 'false', '' ].include?(directory['deny']) -%> - <%- scope.function_warning(["Apache::Vhost: Using deny is deprecated in your Apache version"]) -%> - <%- end -%> - <%- if directory['order'] and ! [ false, 'false', '' ].include?(directory['order']) -%> - <%- scope.function_warning(["Apache::Vhost: Using order is deprecated in your Apache version"]) -%> - <%- end -%> - <%- if directory['satisfy'] and ! [ false, 'false', '' ].include?(directory['satisfy']) -%> - <%- scope.function_warning(["Apache::Vhost: Using satisfy is deprecated in your Apache version"]) -%> - <%- end -%> - <%- end -%> - <%- if directory['path'] and directory['path'] != '' -%> - <%- if directory['provider'] and directory['provider'].match('(directory|location|files|proxy)') -%> - <%- if /^(.*)match$/ =~ directory['provider'] -%> - <%- provider = $1.capitalize + 'Match' -%> - <%- else -%> - <%- provider = directory['provider'].capitalize -%> - <%- end -%> - <%- else -%> - <%- provider = 'Directory' -%> - <%- end -%> - <%- path = directory['path'] -%> - - <<%= provider %> "<%= path %>"> - <%- if directory['headers'] -%> - <%- Array(directory['headers']).each do |header| -%> - Header <%= header %> - <%- end -%> - <%- end -%> - <%- if ! directory['geoip_enable'].nil? -%> - GeoIPEnable <%= scope.function_bool2httpd([directory['geoip_enable']]) %> - <%- end -%> - <%- if directory['options'] -%> - Options <%= Array(directory['options']).join(' ') %> - <%- end -%> - <%- if provider == 'Directory' -%> - <%- if directory['index_options'] -%> - IndexOptions <%= Array(directory['index_options']).join(' ') %> - <%- end -%> - <%- if directory['index_order_default'] -%> - IndexOrderDefault <%= Array(directory['index_order_default']).join(' ') %> - <%- end -%> - <%- if directory['index_style_sheet'] -%> - IndexStyleSheet '<%= directory['index_style_sheet'] %>' - <%- end -%> - <%- if directory['allow_override'] -%> - AllowOverride <%= Array(directory['allow_override']).join(' ') %> - <%- elsif provider == 'Directory' -%> - AllowOverride None - <%- end -%> - <%- end -%> - <%- if scope.function_versioncmp([@apache_version, '2.4']) >= 0 -%> - <%- if directory['require'] && directory['require'] != '' && directory['require'] !~ /unmanaged/i -%> - <%- Array(directory['require']).each do |req| -%> - Require <%= req %> - <%- end -%> - <%- end -%> - <%- if directory['auth_require'] -%> - Require <%= directory['auth_require'] %> - <%- end -%> - <%- if !(directory['require'] && directory['require'] != '') && directory['require'] !~ /unmanaged/i && !(directory['auth_require']) -%> - Require all granted - <%- end -%> - <%- else -%> - <%- if directory['auth_require'] -%> - Require <%= directory['auth_require'] %> - <%- end -%> - <%- if directory['order'] and directory['order'] != '' -%> - Order <%= Array(directory['order']).join(',') %> - <%- else -%> - Order allow,deny - <%- end -%> - <%- if directory['deny'] and ! [ false, 'false', '' ].include?(directory['deny']) -%> - <%- if directory['deny'].kind_of?(Array) -%> - <%- Array(directory['deny']).each do |restrict| -%> - Deny <%= restrict %> - <%- end -%> - <%- else -%> - Deny <%= directory['deny'] %> - <%- end -%> - <%- end -%> - <%- if directory['allow'] and ! [ false, 'false', '' ].include?(directory['allow']) -%> - <%- if directory['allow'].kind_of?(Array) -%> - <%- Array(directory['allow']).each do |access| -%> - Allow <%= access %> - <%- end -%> - <%- else -%> - Allow <%= directory['allow'] %> - <%- end -%> - <%- elsif [ 'from all', 'from All' ].include?(directory['deny']) -%> - <%- elsif ! directory['deny'] and [ false, 'false', '' ].include?(directory['allow']) -%> - Deny from all - <%- else -%> - Allow from all - <%- end -%> - <%- if directory['satisfy'] and directory['satisfy'] != '' -%> - Satisfy <%= directory['satisfy'] %> - <%- end -%> - <%- end -%> - <%- if directory['addhandlers'] and ! directory['addhandlers'].empty? -%> - <%- [directory['addhandlers']].flatten.compact.each do |addhandler| -%> - )$"> - SetHandler <%= addhandler['handler'] %> - - <%- end -%> - <%- end -%> - <%- if directory['sethandler'] and directory['sethandler'] != '' -%> - SetHandler <%= directory['sethandler'] %> - <%- end -%> - <%- if directory['passenger_enabled'] and directory['passenger_enabled'] != '' -%> - PassengerEnabled <%= directory['passenger_enabled'] %> - <%- end -%> - <%- if directory['php_flags'] and ! directory['php_flags'].empty? -%> - <%- directory['php_flags'].sort.each do |flag,value| -%> - <%- value = if value =~ /true|yes|on|1/i then 'on' else 'off' end -%> - php_flag <%= "#{flag} #{value}" %> - <%- end -%> - <%- end -%> - <%- if directory['php_values'] and ! directory['php_values'].empty? -%> - <%- directory['php_values'].sort.each do |key,value| -%> - php_value <%= "#{key} #{value}" %> - <%- end -%> - <%- end -%> - <%- if directory['php_admin_flags'] and ! directory['php_admin_flags'].empty? -%> - <%- directory['php_admin_flags'].sort.each do |flag,value| -%> - <%- value = if value =~ /true|yes|on|1/i then 'on' else 'off' end -%> - php_admin_flag <%= "#{flag} #{value}" %> - <%- end -%> - <%- end -%> - <%- if directory['php_admin_values'] and ! directory['php_admin_values'].empty? -%> - <%- directory['php_admin_values'].sort.each do |key,value| -%> - php_admin_value <%= "#{key} #{value}" %> - <%- end -%> - <%- end -%> - <%- if directory['directoryindex'] and directory['directoryindex'] != '' -%> - DirectoryIndex <%= directory['directoryindex'] %> - <%- end -%> - <%- if directory['error_documents'] and ! directory['error_documents'].empty? -%> - <%- [directory['error_documents']].flatten.compact.each do |error_document| -%> - ErrorDocument <%= error_document['error_code'] %> <%= error_document['document'] %> - <%- end -%> - <%- end -%> - <%- if directory['auth_type'] -%> - AuthType <%= directory['auth_type'] %> - <%- end -%> - <%- if directory['auth_name'] -%> - AuthName "<%= directory['auth_name'] %>" - <%- end -%> - <%- if directory['auth_digest_algorithm'] -%> - AuthDigestAlgorithm <%= directory['auth_digest_algorithm'] %> - <%- end -%> - <%- if directory['auth_digest_domain'] -%> - AuthDigestDomain <%= Array(directory['auth_digest_domain']).join(' ') %> - <%- end -%> - <%- if directory['auth_digest_nonce_lifetime'] -%> - AuthDigestNonceLifetime <%= directory['auth_digest_nonce_lifetime'] %> - <%- end -%> - <%- if directory['auth_digest_provider'] -%> - AuthDigestProvider <%= directory['auth_digest_provider'] %> - <%- end -%> - <%- if directory['auth_digest_qop'] -%> - AuthDigestQop <%= directory['auth_digest_qop'] %> - <%- end -%> - <%- if directory['auth_digest_shmem_size'] -%> - AuthDigestShmemSize <%= directory['auth_digest_shmem_size'] %> - <%- end -%> - <%- if directory['auth_basic_authoritative'] -%> - AuthBasicAuthoritative <%= directory['auth_basic_authoritative'] %> - <%- end -%> - <%- if directory['auth_basic_fake'] -%> - AuthBasicFake <%= directory['auth_basic_fake'] %> - <%- end -%> - <%- if directory['auth_basic_provider'] -%> - AuthBasicProvider <%= directory['auth_basic_provider'] %> - <%- end -%> - <%- if directory['auth_user_file'] -%> - AuthUserFile <%= directory['auth_user_file'] %> - <%- end -%> - <%- if directory['auth_group_file'] -%> - AuthGroupFile <%= directory['auth_group_file'] %> - <%- end -%> - <%- if directory['fallbackresource'] -%> - FallbackResource <%= directory['fallbackresource'] %> - <%- end -%> - <%- if directory['expires_active'] -%> - ExpiresActive <%= directory['expires_active'] %> - <%- end -%> - <%- if directory['expires_default'] -%> - ExpiresDefault <%= directory['expires_default'] %> - <%- end -%> - <%- if directory['expires_by_type'] -%> - <%- Array(directory['expires_by_type']).each do |rule| -%> - ExpiresByType <%= rule %> - <%- end -%> - <%- end -%> - <%- if directory['ext_filter_options'] -%> - ExtFilterOptions <%= directory['ext_filter_options'] %> - <%- end -%> - <%- if directory['force_type'] -%> - ForceType <%= directory['force_type'] %> - <%- end -%> - <%- if directory['ssl_options'] -%> - SSLOptions <%= Array(directory['ssl_options']).join(' ') %> - <%- end -%> - <%- if directory['suphp'] and @suphp_engine == 'on' -%> - suPHP_UserGroup <%= directory['suphp']['user'] %> <%= directory['suphp']['group'] %> - <%- end -%> - <%- if directory['fcgiwrapper'] -%> - FcgidWrapper <%= directory['fcgiwrapper']['command'] %> <%= directory['fcgiwrapper']['suffix'] %> <%= directory['fcgiwrapper']['virtual'] %> - <%- end -%> - <%- if directory['rewrites'] -%> - # Rewrite rules - RewriteEngine On - <%- directory['rewrites'].flatten.compact.each do |rewrite_details| -%> - <%- if rewrite_details['comment'] -%> - #<%= rewrite_details['comment'] %> - <%- end -%> - <%- if rewrite_details['rewrite_base'] -%> - RewriteBase <%= rewrite_details['rewrite_base'] %> - <%- end -%> - <%- if rewrite_details['rewrite_cond'] -%> - <%- Array(rewrite_details['rewrite_cond']).each do |commands| -%> - <%- Array(commands).each do |command| -%> - RewriteCond <%= command %> - <%- end -%> - <%- end -%> - <%- end -%> - <%- Array(rewrite_details['rewrite_rule']).each do |commands| -%> - <%- Array(commands).each do |command| -%> - RewriteRule <%= command %> - <%- end -%> - <%- end -%> - <%- end -%> - <%- end -%> - <%- if directory['setenv'] -%> - <%- Array(directory['setenv']).each do |setenv| -%> - SetEnv <%= setenv %> - <%- end -%> - <%- end -%> - <%- if directory['set_output_filter'] -%> - SetOutputFilter <%= directory['set_output_filter'] %> - <%- end -%> - <%- if @shibboleth_enabled -%> - <%- if directory['shib_require_session'] and ! directory['shib_require_session'].empty? -%> - ShibRequireSession <%= directory['shib_require_session'] %> - <%- end -%> - <%- if directory['shib_request_settings'] and ! directory['shib_request_settings'].empty? -%> - <%- directory['shib_request_settings'].each do |key,value| -%> - ShibRequestSetting <%= key %> <%= value %> - <%- end -%> - <%- end -%> - <%- if directory['shib_use_headers'] and ! directory['shib_use_headers'].empty? -%> - ShibUseHeaders <%= directory['shib_use_headers'] %> - <%- end -%> - <%- end -%> - <%- if directory['mellon_enable'] -%> - MellonEnable "<%= directory['mellon_enable'] %>" - <%- if directory['mellon_endpoint_path'] -%> - MellonEndpointPath "<%= directory['mellon_endpoint_path'] %>" - <%- end -%> - <%- if directory['mellon_sp_private_key_file'] -%> - MellonSPPrivateKeyFile "<%= directory['mellon_sp_private_key_file'] %>" - <%- end -%> - <%- if directory['mellon_sp_cert_file'] -%> - MellonSPCertFile "<%= directory['mellon_sp_cert_file'] %>" - <%- end -%> - <%- if directory['mellon_sp_metadata_file'] -%> - MellonSPMetadataFile "<%= directory['mellon_sp_metadata_file'] %>" - <%- end -%> - <%- if directory['mellon_idp_metadata_file'] -%> - MellonIDPMetadataFile "<%= directory['mellon_idp_metadata_file'] %>" - <%- end -%> - <%- if directory['mellon_set_env_no_prefix'] -%> - <%- directory['mellon_set_env_no_prefix'].each do |key, value| -%> - MellonSetEnvNoPrefix "<%= key %>" "<%= value %>" - <%- end -%> - <%- end -%> - <%- if directory['mellon_user'] -%> - MellonUser "<%= directory['mellon_user'] %>" - <%- end -%> - <%- if directory['mellon_saml_response_dump'] -%> - MellonSamlResponseDump "<%= directory['mellon_saml_response_dump'] %>" - <%- end -%> - <%- if directory['mellon_cond'] -%> - <%- Array(directory['mellon_cond']).each do |cond| -%> - MellonCond <%= cond %> - <%- end -%> - <%- end -%> - <%- end -%> - <%- if directory['custom_fragment'] -%> - <%= directory['custom_fragment'] %> - <%- end -%> - > - <%- end -%> - <%- end -%> -<% end -%> diff --git a/apache/templates/vhost/_docroot.erb b/apache/templates/vhost/_docroot.erb deleted file mode 100644 index b67998b4b..000000000 --- a/apache/templates/vhost/_docroot.erb +++ /dev/null @@ -1,7 +0,0 @@ - - ## Vhost docroot -<% if @virtual_docroot -%> - VirtualDocumentRoot "<%= @virtual_docroot %>" -<% elsif @docroot -%> - DocumentRoot "<%= @docroot %>" -<% end -%> diff --git a/apache/templates/vhost/_error_document.erb b/apache/templates/vhost/_error_document.erb deleted file mode 100644 index 654e72c67..000000000 --- a/apache/templates/vhost/_error_document.erb +++ /dev/null @@ -1,7 +0,0 @@ -<% if @error_documents and ! @error_documents.empty? -%> - <%- [@error_documents].flatten.compact.each do |error_document| -%> - <%- if error_document["error_code"] != '' and error_document["document"] != '' -%> - ErrorDocument <%= error_document["error_code"] %> <%= error_document["document"] %> - <%- end -%> - <%- end -%> -<% end -%> diff --git a/apache/templates/vhost/_fallbackresource.erb b/apache/templates/vhost/_fallbackresource.erb deleted file mode 100644 index f1e4c35dc..000000000 --- a/apache/templates/vhost/_fallbackresource.erb +++ /dev/null @@ -1,4 +0,0 @@ -<% if @fallbackresource -%> - - FallbackResource <%= @fallbackresource %> -<% end -%> diff --git a/apache/templates/vhost/_fastcgi.erb b/apache/templates/vhost/_fastcgi.erb deleted file mode 100644 index 3a2baa559..000000000 --- a/apache/templates/vhost/_fastcgi.erb +++ /dev/null @@ -1,22 +0,0 @@ -<% if @fastcgi_server -%> - - FastCgiExternalServer <%= @fastcgi_server %> -socket <%= @fastcgi_socket %> -<% end -%> -<% if @fastcgi_dir -%> - - "> - Options +ExecCGI - AllowOverride All - SetHandler fastcgi-script - <%- if scope.function_versioncmp([@apache_version, '2.4']) >= 0 -%> - Require all granted - <%- else -%> - Order allow,deny - Allow From All - <%- end -%> - AuthBasicAuthoritative Off - - - AllowEncodedSlashes On - ServerSignature Off -<% end -%> diff --git a/apache/templates/vhost/_file_footer.erb b/apache/templates/vhost/_file_footer.erb deleted file mode 100644 index 84035efa4..000000000 --- a/apache/templates/vhost/_file_footer.erb +++ /dev/null @@ -1 +0,0 @@ - diff --git a/apache/templates/vhost/_file_header.erb b/apache/templates/vhost/_file_header.erb deleted file mode 100644 index 5fd636a1e..000000000 --- a/apache/templates/vhost/_file_header.erb +++ /dev/null @@ -1,12 +0,0 @@ -# ************************************ -# Vhost template in module puppetlabs-apache -# Managed by Puppet -# ************************************ - -> -<% if @servername -%> - ServerName <%= @servername %> -<% end -%> -<% if @serveradmin -%> - ServerAdmin <%= @serveradmin %> -<% end -%> diff --git a/apache/templates/vhost/_filters.erb b/apache/templates/vhost/_filters.erb deleted file mode 100644 index b86259734..000000000 --- a/apache/templates/vhost/_filters.erb +++ /dev/null @@ -1,10 +0,0 @@ -<% if @filters and ! @filters.empty? -%> - - ## Filter module rules - ## as per http://httpd.apache.org/docs/2.2/mod/mod_filter.html - <%- Array(@filters).each do |filter| -%> - <%- if filter != '' -%> - <%= filter %> - <%- end -%> - <%- end -%> -<% end -%> diff --git a/apache/templates/vhost/_header.erb b/apache/templates/vhost/_header.erb deleted file mode 100644 index c0f68c825..000000000 --- a/apache/templates/vhost/_header.erb +++ /dev/null @@ -1,10 +0,0 @@ -<% if @headers and ! @headers.empty? -%> - - ## Header rules - ## as per http://httpd.apache.org/docs/2.2/mod/mod_headers.html#header - <%- Array(@headers).each do |header_statement| -%> - <%- if header_statement != '' -%> - Header <%= header_statement %> - <%- end -%> - <%- end -%> -<% end -%> diff --git a/apache/templates/vhost/_itk.erb b/apache/templates/vhost/_itk.erb deleted file mode 100644 index 803a73db7..000000000 --- a/apache/templates/vhost/_itk.erb +++ /dev/null @@ -1,29 +0,0 @@ -<% if @itk and ! @itk.empty? -%> - - ## ITK statement - - <%- if @itk["user"] and @itk["group"] -%> - AssignUserId <%= @itk["user"] %> <%= @itk["group"] %> - <%- end -%> - <%- if @itk["assignuseridexpr"] -%> - AssignUserIdExpr <%= @itk["assignuseridexpr"] %> - <%- end -%> - <%- if @itk["assigngroupidexpr"] -%> - AssignGroupIdExpr <%= @itk["assigngroupidexpr"] %> - <%- end -%> - <%- if @itk["maxclientvhost"] -%> - MaxClientsVHost <%= @itk["maxclientvhost"] %> - <%- end -%> - <%- if @itk["nice"] -%> - NiceValue <%= @itk["nice"] %> - <%- end -%> - <%- if @kernelversion >= '3.5.0' -%> - <%- if @itk["limituidrange"] -%> - LimitUIDRange <%= @itk["limituidrange"] %> - <%- end -%> - <%- if @itk["limitgidrange"] -%> - LimitGIDRange <%= @itk["limitgidrange"] %> - <%- end -%> - <%- end -%> - -<% end -%> diff --git a/apache/templates/vhost/_jk_mounts.erb b/apache/templates/vhost/_jk_mounts.erb deleted file mode 100644 index 8cb1d116b..000000000 --- a/apache/templates/vhost/_jk_mounts.erb +++ /dev/null @@ -1,12 +0,0 @@ -<% if @jk_mounts and not @jk_mounts.empty? -%> - - <%- @jk_mounts.each do |jk| -%> - <%- if jk.is_a?(Hash) -%> - <%- if jk.has_key?('mount') and jk.has_key?('worker') -%> - JkMount <%= jk['mount'] %> <%= jk['worker'] %> - <%- elsif jk.has_key?('unmount') and jk.has_key?('worker') -%> - JkUnMount <%= jk['unmount'] %> <%= jk['worker'] %> - <%- end -%> - <%- end -%> - <%- end -%> -<% end -%> diff --git a/apache/templates/vhost/_logging.erb b/apache/templates/vhost/_logging.erb deleted file mode 100644 index 35a924d29..000000000 --- a/apache/templates/vhost/_logging.erb +++ /dev/null @@ -1,10 +0,0 @@ -<% if @error_log or @log_level -%> - - ## Logging -<% end -%> -<% if @error_log -%> - ErrorLog "<%= @error_log_destination %>" -<% end -%> -<% if @log_level -%> - LogLevel <%= @log_level %> -<% end -%> diff --git a/apache/templates/vhost/_passenger.erb b/apache/templates/vhost/_passenger.erb deleted file mode 100644 index 91820d363..000000000 --- a/apache/templates/vhost/_passenger.erb +++ /dev/null @@ -1,21 +0,0 @@ -<% if @passenger_app_root -%> - PassengerAppRoot <%= @passenger_app_root %> -<% end -%> -<% if @passenger_app_env -%> - PassengerAppEnv <%= @passenger_app_env %> -<% end -%> -<% if @passenger_ruby -%> - PassengerRuby <%= @passenger_ruby %> -<% end -%> -<% if @passenger_min_instances -%> - PassengerMinInstances <%= @passenger_min_instances %> -<% end -%> -<% if @passenger_start_timeout -%> - PassengerStartTimeout <%= @passenger_start_timeout %> -<% end -%> -<% if @passenger_pre_start -%> - PassengerPreStart <%= @passenger_pre_start %> -<% end -%> -<% if @passenger_user -%> - PassengerUser <%= @passenger_user %> -<% end -%> diff --git a/apache/templates/vhost/_passenger_base_uris.erb b/apache/templates/vhost/_passenger_base_uris.erb deleted file mode 100644 index f3ef5aa0a..000000000 --- a/apache/templates/vhost/_passenger_base_uris.erb +++ /dev/null @@ -1,7 +0,0 @@ -<% if @passenger_base_uris -%> - - ## Enable passenger base uris -<% Array(@passenger_base_uris).each do |uri| -%> - PassengerBaseURI <%= uri %> -<% end -%> -<% end -%> diff --git a/apache/templates/vhost/_php.erb b/apache/templates/vhost/_php.erb deleted file mode 100644 index 8032a1ade..000000000 --- a/apache/templates/vhost/_php.erb +++ /dev/null @@ -1,16 +0,0 @@ -<% if @php_values and not @php_values.empty? -%> - <%- @php_values.sort.each do |key,value| -%> - <%- if value.is_a? String -%> - php_value <%= key %> "<%= value %>" - <%- else -%> - php_value <%= key %> <%= value %> - <%- end -%> - <%- end -%> -<% end -%> -<% if @php_flags and not @php_flags.empty? -%> - <%- @php_flags.sort.each do |key,flag| -%> - <%-# normalize flag -%> - <%- if flag =~ /true|yes|on|1/i then flag = 'on' else flag = 'off' end -%> - php_flag <%= key %> <%= flag %> - <%- end -%> -<% end -%> diff --git a/apache/templates/vhost/_php_admin.erb b/apache/templates/vhost/_php_admin.erb deleted file mode 100644 index c0c8dd60a..000000000 --- a/apache/templates/vhost/_php_admin.erb +++ /dev/null @@ -1,12 +0,0 @@ -<% if @php_admin_values and not @php_admin_values.empty? -%> - <%- @php_admin_values.sort.each do |key,value| -%> - php_admin_value <%= key %> <%= value %> - <%- end -%> -<% end -%> -<% if @php_admin_flags and not @php_admin_flags.empty? -%> - <%- @php_admin_flags.sort.each do |key,flag| -%> - <%-# normalize flag -%> - <%- if flag =~ /true|yes|on|1/i then flag = 'on' else flag = 'off' end -%> - php_admin_flag <%= key %> <%= flag %> - <%- end -%> -<% end -%> diff --git a/apache/templates/vhost/_proxy.erb b/apache/templates/vhost/_proxy.erb deleted file mode 100644 index 4e36361ca..000000000 --- a/apache/templates/vhost/_proxy.erb +++ /dev/null @@ -1,84 +0,0 @@ -<% if @proxy_dest or @proxy_pass or @proxy_pass_match or @proxy_dest_match -%> - - ## Proxy rules - ProxyRequests Off -<%- end -%> -<% if @proxy_preserve_host -%> - ProxyPreserveHost On -<% else -%> - ProxyPreserveHost Off -<%- end -%> -<% if @proxy_error_override -%> - ProxyErrorOverride On -<%- end -%> -<%- [@proxy_pass].flatten.compact.each do |proxy| -%> - ProxyPass <%= proxy['path'] %> <%= proxy['url'] -%> - <%- if proxy['params'] -%> - <%- proxy['params'].keys.sort.each do |key| -%> <%= key %>=<%= proxy['params'][key] -%> - <%- end -%> - <%- end -%> - <%- if proxy['keywords'] %> <%= proxy['keywords'].join(' ') -%> - <%- end %> - <%- if not proxy['reverse_cookies'].nil? -%> - <%- Array(proxy['reverse_cookies']).each do |reverse_cookies| -%> - <%- if reverse_cookies['path'] -%> - ProxyPassReverseCookiePath <%= reverse_cookies['path'] %> <%= reverse_cookies['url'] %> - <%- end -%> - <%- if reverse_cookies['domain'] -%> - ProxyPassReverseCookieDomain <%= reverse_cookies['domain'] %> <%= reverse_cookies['url'] %> - <%- end -%> - <%- end -%> - <%- end -%> - <%- if proxy['reverse_urls'].nil? -%> - ProxyPassReverse <%= proxy['path'] %> <%= proxy['url'] %> - <%- else -%> - <%- Array(proxy['reverse_urls']).each do |reverse_url| -%> - ProxyPassReverse <%= proxy['path'] %> <%= reverse_url %> - <%- end -%> - <%- end -%> - <%- if proxy['setenv'] -%> - <%- Array(proxy['setenv']).each do |setenv_var| -%> - SetEnv <%= setenv_var %> - <%- end -%> - <%- end -%> - <%- if proxy['options'] -%> - <%- proxy['options'].keys.sort.each do |key| -%> - <%= key %> <%= proxy['options'][key] %> - <%- end -%> - <%- end -%> -<% end -%> -<% [@proxy_pass_match].flatten.compact.each do |proxy| %> - ProxyPassMatch <%= proxy['path'] %> <%= proxy['url'] -%> - <%- if proxy['params'] -%> - <%- proxy['params'].keys.sort.each do |key| -%> <%= key %>=<%= proxy['params'][key] -%> - <%- end -%> - <%- end -%> - <%- if proxy['keywords'] %> <%= proxy['keywords'].join(' ') -%> - <%- end %> - <%- if proxy['reverse_urls'].nil? -%> - ProxyPassReverse <%= proxy['path'] %> <%= proxy['url'] %> - <%- else -%> - <%- Array(proxy['reverse_urls']).each do |reverse_url| -%> - ProxyPassReverse <%= proxy['path'] %> <%= reverse_url %> - <%- end -%> - <%- end -%> - <%- if proxy['setenv'] -%> - <%- Array(proxy['setenv']).each do |setenv_var| -%> - SetEnv <%= setenv_var %> - <%- end -%> - <%- end -%> -<% end -%> -<% if @proxy_dest -%> -<%- Array(@no_proxy_uris).each do |uri| -%> - ProxyPass <%= uri %> ! -<% end -%> - ProxyPass / <%= @proxy_dest %>/ - ProxyPassReverse / <%= @proxy_dest %>/ -<% end -%> -<% if @proxy_dest_match -%> -<%- Array(@no_proxy_uris_match).each do |uri| -%> - ProxyPassMatch <%= uri %> ! -<% end -%> - ProxyPassMatch / <%= @proxy_dest_match %>/ - ProxyPassReverse / <%= @proxy_dest_reverse_match %>/ -<% end -%> diff --git a/apache/templates/vhost/_rack.erb b/apache/templates/vhost/_rack.erb deleted file mode 100644 index 4a5b5f1cd..000000000 --- a/apache/templates/vhost/_rack.erb +++ /dev/null @@ -1,7 +0,0 @@ -<% if @rack_base_uris -%> - - ## Enable rack -<% Array(@rack_base_uris).each do |uri| -%> - RackBaseURI <%= uri %> -<% end -%> -<% end -%> diff --git a/apache/templates/vhost/_redirect.erb b/apache/templates/vhost/_redirect.erb deleted file mode 100644 index 209da646c..000000000 --- a/apache/templates/vhost/_redirect.erb +++ /dev/null @@ -1,35 +0,0 @@ -<% if @redirect_source and @redirect_dest -%> -<% @redirect_dest_a = Array(@redirect_dest) -%> -<% @redirect_source_a = Array(@redirect_source) -%> -<% @redirect_status_a = Array(@redirect_status) -%> - - ## Redirect rules - <%- @redirect_source_a.each_with_index do |source, i| -%> -<% @redirect_dest_a[i] ||= @redirect_dest_a[0] -%> -<% @redirect_status_a[i] ||= @redirect_status_a[0] -%> - Redirect <%= "#{@redirect_status_a[i]} " %><%= source %> <%= @redirect_dest_a[i] %> - <%- end -%> -<% end -%> -<%- if @redirectmatch_status and @redirectmatch_regexp and @redirectmatch_dest -%> -<% @redirectmatch_status_a = Array(@redirectmatch_status) -%> -<% @redirectmatch_regexp_a = Array(@redirectmatch_regexp) -%> -<% @redirectmatch_dest_a = Array(@redirectmatch_dest) -%> - - ## RedirectMatch rules - <%- @redirectmatch_status_a.each_with_index do |status, i| -%> -<% @redirectmatch_status_a[i] ||= @redirectmatch_status_a[0] -%> -<% @redirectmatch_regexp_a[i] ||= @redirectmatch_regexp_a[0] -%> -<% @redirectmatch_dest_a[i] ||= @redirectmatch_dest_a[0] -%> - RedirectMatch <%= "#{@redirectmatch_status_a[i]} " %> <%= @redirectmatch_regexp_a[i] %> <%= @redirectmatch_dest_a[i] %> - <%- end -%> -<%- elsif @redirectmatch_regexp and @redirectmatch_dest -%> -<% @redirectmatch_regexp_a = Array(@redirectmatch_regexp) -%> -<% @redirectmatch_dest_a = Array(@redirectmatch_dest) -%> - - ## RedirectMatch rules - <%- @redirectmatch_regexp_a.each_with_index do |status, i| -%> -<% @redirectmatch_regexp_a[i] ||= @redirectmatch_regexp_a[0] -%> -<% @redirectmatch_dest_a[i] ||= @redirectmatch_dest_a[0] -%> - RedirectMatch <%= @redirectmatch_regexp_a[i] %> <%= @redirectmatch_dest_a[i] %> - <%- end -%> -<% end -%> diff --git a/apache/templates/vhost/_requestheader.erb b/apache/templates/vhost/_requestheader.erb deleted file mode 100644 index 9f175052b..000000000 --- a/apache/templates/vhost/_requestheader.erb +++ /dev/null @@ -1,10 +0,0 @@ -<% if @request_headers and ! @request_headers.empty? -%> - - ## Request header rules - ## as per http://httpd.apache.org/docs/2.2/mod/mod_headers.html#requestheader - <%- Array(@request_headers).each do |request_statement| -%> - <%- if request_statement != '' -%> - RequestHeader <%= request_statement %> - <%- end -%> - <%- end -%> -<% end -%> diff --git a/apache/templates/vhost/_rewrite.erb b/apache/templates/vhost/_rewrite.erb deleted file mode 100644 index 81e3bc467..000000000 --- a/apache/templates/vhost/_rewrite.erb +++ /dev/null @@ -1,50 +0,0 @@ -<%- if @rewrites -%> - ## Rewrite rules - RewriteEngine On - <%- if @rewrite_base -%> - RewriteBase <%= @rewrite_base %> - <%- end -%> - - <%- [@rewrites].flatten.compact.each do |rewrite_details| -%> - <%- if rewrite_details['comment'] -%> - #<%= rewrite_details['comment'] %> - <%- end -%> - <%- if rewrite_details['rewrite_base'] -%> - RewriteBase <%= rewrite_details['rewrite_base'] %> - <%- end -%> - <%- if rewrite_details['rewrite_cond'] -%> - <%- Array(rewrite_details['rewrite_cond']).each do |commands| -%> - <%- Array(commands).each do |command| -%> - RewriteCond <%= command %> - <%- end -%> - <%- end -%> - <%- end -%> - <%- if rewrite_details['rewrite_map'] -%> - <%- Array(rewrite_details['rewrite_map']).each do |commands| -%> - <%- Array(commands).each do |command| -%> - RewriteMap <%= command %> - <%- end -%> - <%- end -%> - <%- end -%> - <%- Array(rewrite_details['rewrite_rule']).each do |commands| -%> - <%- Array(commands).each do |command| -%> - RewriteRule <%= command %> - <%- end -%> - - <%- end -%> - <%- end -%> -<%- end -%> -<%# reverse compatibility -%> -<% if @rewrite_rule and !@rewrites -%> - ## Rewrite rules - RewriteEngine On - <%- if @rewrite_base -%> - RewriteBase <%= @rewrite_base %> - <%- end -%> - <%- if @rewrite_cond -%> - <%- Array(@rewrite_cond).each do |cond| -%> - RewriteCond <%= cond %> - <%- end -%> - <%- end -%> - RewriteRule <%= @rewrite_rule %> -<%- end -%> diff --git a/apache/templates/vhost/_scriptalias.erb b/apache/templates/vhost/_scriptalias.erb deleted file mode 100644 index bb4f6b316..000000000 --- a/apache/templates/vhost/_scriptalias.erb +++ /dev/null @@ -1,24 +0,0 @@ -<%- if @scriptaliases.is_a?(Array) -%> -<%- aliases = @scriptaliases -%> -<%- elsif @scriptaliases.is_a?(Hash) -%> -<%- aliases = [@scriptaliases] -%> -<%- else -%> -<%- # Nothing to do with any other data type -%> -<%- aliases = [] -%> -<%- end -%> -<%- if @scriptalias or !aliases.empty? -%> - ## Script alias directives -<%# Combine scriptalais and scriptaliases into a single data structure -%> -<%# for backward compatibility and ease of implementation -%> -<%- aliases << { 'alias' => '/cgi-bin', 'path' => @scriptalias } if @scriptalias -%> -<%- aliases.flatten.compact! -%> -<%- aliases.each do |salias| -%> - <%- if salias["path"] != '' -%> - <%- if salias["alias"] and salias["alias"] != '' -%> - ScriptAlias <%= salias['alias'] %> "<%= salias['path'] %>" - <%- elsif salias["aliasmatch"] and salias["aliasmatch"] != '' -%> - ScriptAliasMatch <%= salias['aliasmatch'] %> "<%= salias['path'] %>" - <%- end -%> - <%- end -%> -<%- end -%> -<%- end -%> diff --git a/apache/templates/vhost/_security.erb b/apache/templates/vhost/_security.erb deleted file mode 100644 index 5ab0a5b5d..000000000 --- a/apache/templates/vhost/_security.erb +++ /dev/null @@ -1,20 +0,0 @@ -<% if @modsec_disable_vhost -%> - SecRuleEngine Off -<% end -%> -<% if @_modsec_disable_ids.is_a?(Hash) -%> -<% @_modsec_disable_ids.each do |location,rules| -%> - > -<% Array(rules).each do |rule| -%> - SecRuleRemoveById <%= rule %> -<% end -%> - -<% end -%> -<% end -%> -<% ips = Array(@modsec_disable_ips).join(',') %> -<% if ips != '' %> - SecRule REMOTE_ADDR "<%= ips %>" "nolog,allow,id:1234123455" - SecAction "phase:2,pass,nolog,id:1234123456" -<% end -%> -<% if @modsec_body_limit -%> - SecRequestBodyLimit <%= @modsec_body_limit %> -<% end -%> diff --git a/apache/templates/vhost/_serveralias.erb b/apache/templates/vhost/_serveralias.erb deleted file mode 100644 index e08a55e32..000000000 --- a/apache/templates/vhost/_serveralias.erb +++ /dev/null @@ -1,7 +0,0 @@ -<% if @serveraliases and ! @serveraliases.empty? -%> - - ## Server aliases - <%- Array(@serveraliases).each do |serveralias| -%> - ServerAlias <%= serveralias %> - <%- end -%> -<% end -%> diff --git a/apache/templates/vhost/_serversignature.erb b/apache/templates/vhost/_serversignature.erb deleted file mode 100644 index ff13aaf45..000000000 --- a/apache/templates/vhost/_serversignature.erb +++ /dev/null @@ -1 +0,0 @@ - ServerSignature Off diff --git a/apache/templates/vhost/_setenv.erb b/apache/templates/vhost/_setenv.erb deleted file mode 100644 index ce1fa955e..000000000 --- a/apache/templates/vhost/_setenv.erb +++ /dev/null @@ -1,12 +0,0 @@ -<% if @setenv and ! @setenv.empty? -%> - - ## SetEnv/SetEnvIf for environment variables - <%- Array(@setenv).each do |envvar| -%> - SetEnv <%= envvar %> - <%- end -%> -<% end -%> -<% if @setenvif and ! @setenvif.empty? -%> - <%- Array(@setenvif).each do |envifvar| -%> - SetEnvIf <%= envifvar %> - <%- end -%> -<% end -%> diff --git a/apache/templates/vhost/_ssl.erb b/apache/templates/vhost/_ssl.erb deleted file mode 100644 index 797435cc1..000000000 --- a/apache/templates/vhost/_ssl.erb +++ /dev/null @@ -1,46 +0,0 @@ -<% if @ssl -%> - - ## SSL directives - SSLEngine on - SSLCertificateFile "<%= @ssl_cert %>" - SSLCertificateKeyFile "<%= @ssl_key %>" - <%- if @ssl_chain -%> - SSLCertificateChainFile "<%= @ssl_chain %>" - <%- end -%> - <%- if @ssl_certs_dir && @ssl_certs_dir != '' -%> - SSLCACertificatePath "<%= @ssl_certs_dir %>" - <%- end -%> - <%- if @ssl_ca -%> - SSLCACertificateFile "<%= @ssl_ca %>" - <%- end -%> - <%- if @ssl_crl_path -%> - SSLCARevocationPath "<%= @ssl_crl_path %>" - <%- end -%> - <%- if @ssl_crl -%> - SSLCARevocationFile "<%= @ssl_crl %>" - <%- end -%> - <%- if @ssl_crl_check && scope.function_versioncmp([@apache_version, '2.4']) >= 0 -%> - SSLCARevocationCheck "<%= @ssl_crl_check %>" - <%- end -%> - <%- if @ssl_protocol -%> - SSLProtocol <%= [@ssl_protocol].flatten.compact.join(' ') %> - <%- end -%> - <%- if @ssl_cipher -%> - SSLCipherSuite <%= @ssl_cipher %> - <%- end -%> - <%- if @ssl_honorcipherorder -%> - SSLHonorCipherOrder <%= @ssl_honorcipherorder %> - <%- end -%> - <%- if @ssl_verify_client -%> - SSLVerifyClient <%= @ssl_verify_client %> - <%- end -%> - <%- if @ssl_verify_depth -%> - SSLVerifyDepth <%= @ssl_verify_depth %> - <%- end -%> - <%- if @ssl_options -%> - SSLOptions <%= Array(@ssl_options).join(' ') %> - <%- end -%> - <%- if @ssl_openssl_conf_cmd -%> - SSLOpenSSLConfCmd <%= @ssl_openssl_conf_cmd %> - <%- end -%> -<% end -%> diff --git a/apache/templates/vhost/_sslproxy.erb b/apache/templates/vhost/_sslproxy.erb deleted file mode 100644 index 0bc0a244a..000000000 --- a/apache/templates/vhost/_sslproxy.erb +++ /dev/null @@ -1,20 +0,0 @@ -<% if @ssl_proxyengine -%> - - # SSL Proxy directives - SSLProxyEngine On - <%- if @ssl_proxy_verify -%> - SSLProxyVerify <%= @ssl_proxy_verify %> - <%- end -%> - <%- if @ssl_proxy_check_peer_cn -%> - SSLProxyCheckPeerCN <%= @ssl_proxy_check_peer_cn %> - <%- end -%> - <%- if @ssl_proxy_check_peer_name -%> - SSLProxyCheckPeerName <%= @ssl_proxy_check_peer_name %> - <%- end -%> - <%- if @ssl_proxy_machine_cert -%> - SSLProxyMachineCertificateFile "<%= @ssl_proxy_machine_cert %>" - <%- end -%> - <%- if @ssl_proxy_protocol -%> - SSLProxyProtocol <%= [@ssl_proxy_protocol].flatten.compact.join(' ') %> - <%- end -%> -<% end -%> diff --git a/apache/templates/vhost/_suexec.erb b/apache/templates/vhost/_suexec.erb deleted file mode 100644 index 8a7ae0f17..000000000 --- a/apache/templates/vhost/_suexec.erb +++ /dev/null @@ -1,4 +0,0 @@ -<% if @suexec_user_group -%> - - SuexecUserGroup <%= @suexec_user_group %> -<% end -%> diff --git a/apache/templates/vhost/_suphp.erb b/apache/templates/vhost/_suphp.erb deleted file mode 100644 index e394b6f94..000000000 --- a/apache/templates/vhost/_suphp.erb +++ /dev/null @@ -1,11 +0,0 @@ -<% if @suphp_engine == 'on' -%> - <%- if @suphp_addhandler -%> - suPHP_AddHandler <%= @suphp_addhandler %> - <%- end -%> - <%- if @suphp_engine -%> - suPHP_Engine <%= @suphp_engine %> - <%- end -%> - <%- if @suphp_configpath -%> - suPHP_ConfigPath "<%= @suphp_configpath %>" - <%- end -%> -<% end -%> diff --git a/apache/templates/vhost/_wsgi.erb b/apache/templates/vhost/_wsgi.erb deleted file mode 100644 index 9f01d4091..000000000 --- a/apache/templates/vhost/_wsgi.erb +++ /dev/null @@ -1,27 +0,0 @@ -<% if @wsgi_application_group -%> - WSGIApplicationGroup <%= @wsgi_application_group %> -<% end -%> -<% if @wsgi_daemon_process and @wsgi_daemon_process_options -%> - WSGIDaemonProcess <%= @wsgi_daemon_process %> <%= @wsgi_daemon_process_options.collect { |k,v| "#{k}=#{v}"}.sort.join(' ') %> -<% elsif @wsgi_daemon_process and !@wsgi_daemon_process_options -%> - WSGIDaemonProcess <%= @wsgi_daemon_process %> -<% end -%> -<% if @wsgi_import_script and @wsgi_import_script_options -%> - WSGIImportScript <%= @wsgi_import_script %> <%= @wsgi_import_script_options.collect { |k,v| "#{k}=#{v}"}.sort.join(' ') %> -<% end -%> -<% if @wsgi_process_group -%> - WSGIProcessGroup <%= @wsgi_process_group %> -<% end -%> -<% if @wsgi_script_aliases and ! @wsgi_script_aliases.empty? -%> - <%- @wsgi_script_aliases.keys.sort.each do |key| -%> - <%- if key != '' and @wsgi_script_aliases[key] != ''-%> - WSGIScriptAlias <%= key %> "<%= @wsgi_script_aliases[key] %>" - <%- end -%> - <%- end -%> -<% end -%> -<% if @wsgi_pass_authorization -%> - WSGIPassAuthorization <%= @wsgi_pass_authorization %> -<% end -%> -<% if @wsgi_chunked_request -%> - WSGIChunkedRequest <%= @wsgi_chunked_request %> -<% end -%> diff --git a/cassandra/.fixtures.yml b/cassandra/.fixtures.yml deleted file mode 100644 index 56424bd79..000000000 --- a/cassandra/.fixtures.yml +++ /dev/null @@ -1,3 +0,0 @@ -fixtures: - symlinks: - cassandra: "#{source_dir}" diff --git a/cassandra/.gitignore b/cassandra/.gitignore deleted file mode 100644 index 1c714d86e..000000000 --- a/cassandra/.gitignore +++ /dev/null @@ -1,14 +0,0 @@ -.bundle/ -coverage/ -Gemfile.lock -.idea/ -*.iml -pkg/ -spec/fixtures/ -*.swn -*.swo -*.swp -.travis/secrets.tar -.vagrant/ -vendor/ -log/ diff --git a/cassandra/.travis.yml b/cassandra/.travis.yml deleted file mode 100644 index 173c5e5e5..000000000 --- a/cassandra/.travis.yml +++ /dev/null @@ -1,28 +0,0 @@ ---- -language: ruby -bundler_args: --without development -before_install: -- openssl aes-256-cbc -K $encrypted_aa8913b81047_key -iv $encrypted_aa8913b81047_iv - -in .travis/secrets.tar.enc -out secrets.tar -d -script: -- bundle exec rake lint -- bundle exec rake validate -- bundle exec rake spec SPEC_OPTS='--format documentation' -- sh .travis/acceptance.sh -notifications: - email: false - webhooks: - urls: - - https://webhooks.gitter.im/e/3477acef6dd93b015c9b - on_success: change - on_failure: always -sudo: false -matrix: - fast_finish: true - include: - - rvm: 1.9.3 - env: PUPPET_GEM_VERSION="~> 3.0" - - rvm: 2.1.5 - env: PUPPET_GEM_VERSION="~> 3.0" - - rvm: 2.1.6 - env: PUPPET_GEM_VERSION="~> 4.0" STRICT_VARIABLES="yes" diff --git a/cassandra/.travis/acceptance.sh b/cassandra/.travis/acceptance.sh deleted file mode 100755 index 2b1d24541..000000000 --- a/cassandra/.travis/acceptance.sh +++ /dev/null @@ -1,88 +0,0 @@ -#!/bin/bash -############################################################################# -# A shell script for running acceptance tests from travis via AWS. -############################################################################# - -# Setup global variables -#export DEBUG=1 -#export EXCON_DEBUG=1 -export FOG_RC=./secrets/fog.rc -export GITREPO='https://github.com/locp/cassandra.git' -export REMOTE_USER="ec2-user" - -echo "TRAVIS_BUILD_ID : $TRAVIS_BUILD_ID" -echo "TRAVIS_BUILD_NUMBER : $TRAVIS_BUILD_ID" -echo "TRAVIS_JOB_ID : $TRAVIS_JOB_ID" -echo "TRAVIS_JOB_NUMBER : $TRAVIS_JOB_NUMBER" -echo "TRAVIS_TEST_RESULT : $TRAVIS_TEST_RESULT" - -############################################################################# -# Check if we are to run this at all. -############################################################################# - -echo "$TRAVIS_BRANCH" | grep -q "^v[0-9]" - -if [ $? != 0 ]; then - echo "Not on a release branch, skipping acceptance tests." - exit 0 -fi - -if [ "$TRAVIS_PULL_REQUEST" != "false" ]; then - echo "This is a pull request, skipping acceptance tests." - exit 0 -fi - -sub_job_number=$( echo $TRAVIS_JOB_NUMBER | cut -d. -f2 ) - -if [ "$sub_job_number" != 1 ]; then - echo "Not the primary job, skipping acceptance tests." - exit 0 -fi - -if [ "$TRAVIS_TEST_RESULT" != 0 ]; then - echo "Travis has already detected a failure, skipping acceptance tests." - exit 0 -fi - -############################################################################# -# Provision the AWS node. -############################################################################# -tar xvf secrets.tar -instance_info=`ruby .travis/provision.rb` -instance_id=`echo $instance_info | cut -d: -f1` -instance_public_ip_address=`echo $instance_info | cut -d: -f2` - -# Strip whitespace -instance_id=`echo $instance_id` -instance_public_ip_address=`echo $instance_public_ip_address` - -echo "Instance ID : $instance_id" -echo "Instance Public IP Address: $instance_public_ip_address" - -# Upload Payload -ssh_retries=10 -ssh_attempt=1 -sleep_period=10 - -while [ $ssh_attempt -lt $ssh_retries ]; do - scp -i secrets/travis.pem -B -o "StrictHostKeyChecking no" \ - .travis/payload.sh $REMOTE_USER@${instance_public_ip_address}:/var/tmp - - if [ $? -ne 0 ]; then - echo "Attempt $ssh_attempt of $ssh_retries failed." - ssh_attempt=`expr $ssh_attempt + 1` - echo "Will retry in $sleep_period seconds." - sleep $sleep_period - else - break - fi -done - -# Execute Payload -ssh -i ./secrets/travis.pem -o "StrictHostKeyChecking no" \ - $REMOTE_USER@${instance_public_ip_address} /var/tmp/payload.sh \ - $GITREPO $TRAVIS_BRANCH -status=$? - -ruby .travis/destroy.rb $instance_id -exit $status diff --git a/cassandra/.travis/destroy.rb b/cassandra/.travis/destroy.rb deleted file mode 100644 index ff2ac2c89..000000000 --- a/cassandra/.travis/destroy.rb +++ /dev/null @@ -1,13 +0,0 @@ -require 'rubygems' -require 'fog' - -# create a connection -ec2 = Fog::Compute.new({ - :provider => 'AWS', - :region => 'eu-west-1', -}) - -instance_id = ARGV[0] -instance = ec2.servers.get(instance_id) -instance.destroy -instance.wait_for {state == 'terminated'} diff --git a/cassandra/.travis/payload.sh b/cassandra/.travis/payload.sh deleted file mode 100755 index 16880cc72..000000000 --- a/cassandra/.travis/payload.sh +++ /dev/null @@ -1,33 +0,0 @@ -#!/bin/bash -############################################################################# -# This script is executed on the remote AWS node to configure a test -# environment and ultimately run the test. -############################################################################# -GITREPO="$1" -GITBRANCH="$2" - -source $HOME/.rvm/scripts/rvm - -# Clone the repo and let's do this! -echo "Cloning the $GITBRANCH branch from $GITREPO into workspace." -git clone -b $GITBRANCH $GITREPO workspace -cd workspace -gem install --no-rdoc bundler rake -bundle install --without development -status=0 - -for node in $( bundle exec rake beaker_nodes ); do - BEAKER_set=$node bundle exec rake beaker - - if [ $? != 0 ]; then - status=1 - echo "$node: FAILED" >> /tmp/beaker-sumary.txt - else - echo "$node: OK" >> /tmp/beaker-sumary.txt - fi -done - -echo "Node Results Summary" -echo "====================" -cat /tmp/beaker-sumary.txt -exit $status diff --git a/cassandra/.travis/provision.rb b/cassandra/.travis/provision.rb deleted file mode 100644 index 7f1a597a2..000000000 --- a/cassandra/.travis/provision.rb +++ /dev/null @@ -1,22 +0,0 @@ -require 'rubygems' -require 'fog' - -# create a connection -ec2 = Fog::Compute.new({ - :provider => 'AWS', - :region => 'eu-west-1', -}) - -response = ec2.run_instances( - 'ami-6b17201c', - 1, - 1, - 'InstanceType' => 'c3.xlarge', - 'SecurityGroup' => 'ssh', - 'KeyName' => 'travis' -) - -instance_id = response.body["instancesSet"].first["instanceId"] -instance = ec2.servers.get(instance_id) -instance.wait_for { ready? } -puts instance_id,':',instance.public_ip_address diff --git a/cassandra/.travis/secrets.tar.enc b/cassandra/.travis/secrets.tar.enc deleted file mode 100644 index f5fa65e4a..000000000 Binary files a/cassandra/.travis/secrets.tar.enc and /dev/null differ diff --git a/cassandra/CHANGELOG.md b/cassandra/CHANGELOG.md deleted file mode 100644 index e09db2a94..000000000 --- a/cassandra/CHANGELOG.md +++ /dev/null @@ -1,421 +0,0 @@ -# Change Log for Puppet Module locp-cassandra - -##2015-10-25 - Release 1.9.0 ([diff](https://github.com/locp/cassandra/compare/1.8.1...1.9.0)) - -### Summary - -Added more features for the configuration of Cassandra, some improvements to -the testing carried out before a release and a minor correction to the -change log documentation. - -### Features - -* The following parameters have been added to the ::cassandra class to be - configured into the configuration file: - - * client_encryption_algorithm - * client_encryption_cipher_suites - * client_encryption_protocol - * client_encryption_require_client_auth - * client_encryption_store_type - * client_encryption_truststore - * client_encryption_truststore_password - * counter_cache_size_in_mb - * index_summary_capacity_in_mb - * key_cache_save_period - * key_cache_keys_to_save - * seed_provider_class_name - * server_encryption_algorithm - * server_encryption_cipher_suites - * server_encryption_protocol - * server_encryption_require_client_auth - * server_encryption_store_type - - Please see the README file for more details. - -### Bugfixes - -* Corrected an incorrect date (typo) in this document. - -### Improvements - -* There is now an automated test to mitigate the risk of unnecessarily - refreshes of the Cassandra service due to non-functional changes to the - configuration file. - -##2015-10-14 - Release 1.8.1 ([diff](https://github.com/locp/cassandra/compare/1.8.0...1.8.1)) - -### Summary - -A minor bug fix. - -### Features - -* N/A - -### Bugfixes - -* Fixed an edge case issue concerning users that may have been using the - fail_on_non_supported_os before it was fixed in 1.8.0. - -### Improvements - -* N/A - -##2015-10-06 - Release 1.8.0 ([diff](https://github.com/locp/cassandra/compare/1.7.1...1.8.0)) - -### Summary - -Some new features a minor bug fix and some non-functional improvements. - -### Features - -* Added the service_refresh and config_file_mode parameters to the Cassandra - class. - -### Bugfixes - -* The name of the fail_on_non_supported_os parameter has been corrected. - -### Improvements - -* Automated acceptance tests in preparation for a release now run faster. - -##1015-10-01 - Release 1.7.1 ([diff](https://github.com/locp/cassandra/compare/1.7.0...1.7.1)) - -### Summary - -A minor bug fix that incorrctly gave a failed build status for the module. - -### Features - -* N/A - -### Bugfixes - -* Fixed a problem that was showing the status of the module build as an - error since the release of the fog-google gem version 0.1.1. - -### Improvements - -* N/A - -##2015-10-01 - Release 1.7.0 ([diff](https://github.com/locp/cassandra/compare/1.6.0...1.7.0)) - -### Summary - -* Corrected a bug in how commitlog_sync has handled by Cassandra. -* Some non-functional improvements -* Additional features for the cassandra::datastax_repo class. - -### Features - -* Added the commitlog_segment_size_in_mb parameter to the cassandra class. -* Added the following fields to the cassandra::datastax_repo class: - - * descr - * key_id - * key_url - * pkg_url - * release - - This should make the configuring of repositories more flexible. - -### Bugfixes - -* Fixed a bug in how the commitlog_sync and the parameters that are - associated with it are handled - -### Improvements - -The following non-functional improvements were implemented: - -* Added tags to the module metadata. -* Migrated the acceptance tests from Vagrant to Docker. The associated - improvements to performance means that more rigorous acceptance tests can - be applied in a shorter time. For the first time as well, they are - visible on Travis. - -##2015-09-23 - Release 1.6.0 ([diff](https://github.com/locp/cassandra/compare/1.5.0...1.6.0)) - -### Summary - -More parameters for ::cassandra and ::cassandra::datastax_agent. Also some -non-functional improvements in the automated unit tests. - -### Features - -* The JAVA_HOME can now be set for the datastax_agent (see the - cassandra::datastax_agent => java_home parameter). -* The file mode for the directories can now be specified for the - commitlog_directory, data_file_directories and the saved_caches_directory - in the cassandra class. - -### Bugfixes - -* N/A - -### Improvements - -* Uncovered resources in the unit testing are now tested. - -##2015-09-21 - Release 1.5.0 ([diff](https://github.com/locp/cassandra/compare/1.4.2...1.5.0)) - -### Summary - -More parameters have been added that can be configured into the -cassandra.yaml file. - -### Features - -* The following parameters to the cassandra class can be configured into - the cassandra configuration: - * broadcast_address - * broadcast_rpc_address - * commitlog_sync - * commitlog_sync_batch_window_in_ms - * commitlog_total_space_in_mb - * concurrent_compactors - * counter_cache_keys_to_save - * file_cache_size_in_mb - * initial_token - * inter_dc_stream_throughput_outbound_megabits_per_sec - * internode_authenticator - * internode_recv_buff_size_in_bytes - * internode_send_buff_size_in_bytes - * memory_allocator - * memtable_cleanup_threshold - * memtable_flush_writers - * memtable_heap_space_in_mb - * memtable_offheap_space_in_mb - * native_transport_max_concurrent_connections - * native_transport_max_concurrent_connections_per_ip - * native_transport_max_frame_size_in_mb - * native_transport_max_threads - * permissions_update_interval_in_ms - * phi_convict_threshold - * request_scheduler_options_default_weight - * request_scheduler_options_throttle_limit - * row_cache_keys_to_save - * rpc_max_threads - * rpc_min_threads - * rpc_recv_buff_size_in_bytes - * rpc_send_buff_size_in_bytes - * streaming_socket_timeout_in_ms - * stream_throughput_outbound_megabits_per_sec - -### Bugfixes - -* N/A - -### Improvements - -* Clarity of changes per release in the change log (this document). - -##2015-09-15 - Release 1.4.2 ([diff](https://github.com/locp/cassandra/compare/1.4.1...1.4.2)) - -### Summary - -Fixed a problem identified whilst releasing 1.4.1 and a bug fixed by a -contributed pull request. - -### Features - -* n/a - -### Bugfixes - -* Fixed a problem with the acceptance tests. -* The datastax-agent service is restarted if the package is updated. - -### Improvements - -* n/a - - -##2015-09-15 - Release 1.4.1 ([diff](https://github.com/locp/cassandra/compare/1.4.0...1.4.1)) - -### Summary - -This release fixes a minor bug (possibly better described as a typing mistake) -and makes some non-functional improvements. It also allows the user to -override the default behaviour of failing on a non-supported operating system. - -### Features - -* A new flag called `fail_on_non_suppoted_os` has been added to the - `cassandra` class and can be set to **false** so that an attempt can be - made to use this module on an operating system that is not in the Debian - or Red Hat families. - -### Bugfixes - -* Changed the default value for the `package_name` of the - `cassandra::optutils` class from `'undef'` to *undef*. - -### Improvements - -* Clarified the expectations of submitted contributions. -* Unit test improvements. - -##2015-09-10 - Release 1.4.0 ([diff](https://github.com/locp/cassandra/compare/1.3.7...1.4.0)) - -* Ensured that directories specified in the directory parameters - are controlled with file resources. - -* Added the following parameters to the cassandra.yml file: - * batchlog_replay_throttle_in_kb - * cas_contention_timeout_in_ms - * column_index_size_in_kb - * commit_failure_policy - * compaction_throughput_mb_per_sec - * counter_cache_save_period - * counter_write_request_timeout_in_ms - * cross_node_timeout - * dynamic_snitch_badness_threshold - * dynamic_snitch_reset_interval_in_ms - * dynamic_snitch_update_interval_in_ms - * hinted_handoff_throttle_in_kb - * index_summary_resize_interval_in_minutes - * inter_dc_tcp_nodelay - * max_hints_delivery_threads - * max_hint_window_in_ms - * permissions_validity_in_ms - * range_request_timeout_in_ms - * read_request_timeout_in_ms - * request_scheduler - * request_timeout_in_ms - * row_cache_save_period - * row_cache_size_in_mb - * sstable_preemptive_open_interval_in_mb - * tombstone_failure_threshold - * tombstone_warn_threshold - * trickle_fsync - * trickle_fsync_interval_in_kb - * truncate_request_timeout_in_ms - * write_request_timeout_in_ms - -##2015-09-08 - Release 1.3.7 ([diff](https://github.com/locp/cassandra/compare/1.3.6...1.3.7)) -* Made the auto_bootstrap parameter available. - -##2015-09-03 - Release 1.3.6 ([diff](https://github.com/locp/cassandra/compare/1.3.5...1.3.6)) -* Fixed a bug, now allowing the user to set the enabled state of the Cassandra - service. -* More cleaning up of the README and more links in that file to allow - faster navigation. - -##2015-09-01 - Release 1.3.5 ([diff](https://github.com/locp/cassandra/compare/1.3.4...1.3.5)) -* Fixed a bug, now allowing the user to set the running state of the - Cassandra service. -* More automated testing with spec tests. -* A refactoring of the README. - -##2015-08-28 - Release 1.3.4 ([diff](https://github.com/locp/cassandra/compare/1.3.3...1.3.4)) -* Minor corrections to the README. -* The addition of the storage_cassandra_seed_hosts parameter to - cassandra::opscenter::cluster_name which is part of a bigger part of - work but is urgently require by a client. - -##2015-08-27 - Release 1.3.3 ([diff](https://github.com/locp/cassandra/compare/1.3.2...1.3.3)) -* Corrected dependency version for puppetlabs-apt. - -##2015-08-26 - Release 1.3.2 ([diff](https://github.com/locp/cassandra/compare/1.3.1...1.3.2)) -* Fixed bug in cassandra::opscenter::cluster_name. -* Fixed code in cassandra::firewall_ports::rule to avoid deprecation - warnings concerning the use of puppetlabs-firewall => port. -* Added more examples to the README - -##2015-08-22 - Release 1.3.1 ([diff](https://github.com/locp/cassandra/compare/1.3.0...1.3.1)) -This was mainly a non-functional change. The biggest thing to say is that -Debian 7 is now supported. - -##2015-08-19 - Release 1.3.0 ([diff](https://github.com/locp/cassandra/compare/1.2.0...1.3.0)) -* Allow additional TCP ports to be specified for the host based firewall. -* Fixed a problem where the client subnets were ignored by the firewall. -* Added more automated testing. -* Continued work on an ongoing improvement of the documentation. -* Added the ability to set the DC and RACK in the snitch properties. - -##2015-08-10 - Release 1.2.0 ([diff](https://github.com/locp/cassandra/compare/1.1.0...1.2.0)) -* Added the installation of Java Native Access (JNA) to cassandra::java -* For DataStax Enterprise, allow the remote storage of metric data with - cassandra::opscenter::cluster_name. - -##2015-08-03 - Release 1.1.0 ([diff](https://github.com/locp/cassandra/compare/1.0.1...1.1.0)) -* Provided the cassandra::firewall_ports class. -* All OpsCenter options are now configurable in opscenterd.conf. -* ssl_storage_port is now configurable. - -##2015-07-27 - Release 1.0.1 ([diff](https://github.com/locp/cassandra/compare/1.0.0...1.0.1)) -* Provided a workaround for - [CASSANDRA-9822](https://issues.apache.org/jira/browse/CASSANDRA-9822). - -##2015-07-25 - Release 1.0.0 ([diff](https://github.com/locp/cassandra/compare/0.4.3...1.0.0)) -* Changed the default installation from Cassandra 2.1 to 2.2. -* Fixed a bug that arose when the cassandra config_path was set. -* Created a workaround for - [PUP-3829](https://tickets.puppetlabs.com/browse/PUP-3829). -* Minor changes to the API (see the Upgrading section of the README). -* Allow a basic installation of OpsCenter. - -##2015-07-18 - Release 0.4.3 ([diff](https://github.com/locp/cassandra/compare/0.4.2...0.4.3)) -* Module dependency metadata was too strict. - -##2015-07-16 - Release 0.4.2 ([diff](https://github.com/locp/cassandra/compare/0.4.1...0.4.2)) - -* Some minor documentation changes. -* Fixed a problem with the module metadata that caused Puppetfile issues. -* Integrated with Coveralls (https://coveralls.io/github/locp/cassandra). -* Removed the deprecated config and install classes. These were private - so there is no change to the API. - -##2015-07-14 - Release 0.4.1 ([diff](https://github.com/locp/cassandra/compare/0.4.0...0.4.1)) - -* Fixed a resource ordering problem in the cassandra::datastax class. -* Tidied up the documentation a bit. -* Some refactoring of the spec tests. - -##2015-07-12 - Release 0.4.0 ([diff](https://github.com/locp/cassandra/compare/0.3.0...0.4.0)) -### Summary - -* Some major changes to the API on how Java, the optional Cassandra tools and - the DataStax agent are installed. See the Upgrading section of the README - file. -* Allowed the setting of the *stomp_interface* for the DataStax agent. -* Non-functionally, we have integrated with Travis CI (see - https://travis-ci.org/locp/cassandra for details) and thanks to those guys - for providing such a neat service. -* More spec tests. - -##2015-06-27 - Release 0.3.0 ([diff](https://github.com/locp/cassandra/compare/0.2.2...0.3.0)) -### Summary - -* Slight changes to the API. See the Upgrading section of the README file - for full details. -* Allow for the installation of the DataStax Agent. -* Improved automated testing (and fixed some bugs along the way). -* Confirmed Ubuntu 12.04 works OK with this module. -* A Cassandra 1.X template has been provided. -* Some smarter handling of the differences between Ubuntu/Debian and RedHat - derivatives. - -##2015-06-17 - Release 0.2.2 ([diff](https://github.com/locp/cassandra/compare/0.2.1...0.2.2)) -### Summary -A non-functional change to change the following: - -* Split the single manifest into multiple files. -* Implement automated testing. -* Test on additional operating systems. - -##2015-05-28 - Release 0.2.1 ([diff](https://github.com/locp/cassandra/compare/0.2.0...0.2.1)) -### Summary -A non-functional change to fix puppet-lint problems identified by Puppet -Forge. - -##2015-05-28 - Release 0.2.0 ([diff](https://github.com/locp/cassandra/compare/0.1.0...0.2.0)) -### Summary -Added more parameters and improved the module metadata. - -##2015-05-26 - Release 0.1.0 -### Summary -An initial release with **VERY** limited options. diff --git a/cassandra/CONTRIBUTING.md b/cassandra/CONTRIBUTING.md deleted file mode 100644 index b0e064420..000000000 --- a/cassandra/CONTRIBUTING.md +++ /dev/null @@ -1,42 +0,0 @@ -# Contributing - -Contributions will be gratefully accepted. Please go to the project page, fork -the project, make your changes locally and then raise a pull request. Details -on how to do this are available at -https://guides.github.com/activities/contributing-to-open-source. - -However, we do ask that: - -* All tests pass correctly (see below and also see - https://travis-ci.org/locp/cassandra/pull_requests). -* Unit test coverage does not drop as a result of a push of your branch (see - https://coveralls.io/github/locp/cassandra). -* Any parameters are documented. - -## Testing - -### Spec Tests (Unit Testing) - -At the very least, before submitting your pull request or patch, the following -tests should pass with no errors or warnings: - -```bash -bundle update # Update/install your bundle -bundle exec rake lint # Run puppet-lint -bundle exec rake validate # Check syntax of Ruby files and call :syntax and :metadata -bundle exec rake spec # Run spec tests in a clean fixtures directory -``` - -### Beaker Tests (Acceptance Testing) - -```bash -for node in $( bundle exec rake beaker_nodes ); do - export BEAKER_set=$node - BEAKER_destroy=onpass bundle exec rake beaker || break -done -``` - -## Preparing for a Release - -The notes for preparing for a release have been moved to -https://github.com/locp/cassandra/wiki/Preparing-for-a-Release diff --git a/cassandra/Gemfile b/cassandra/Gemfile deleted file mode 100644 index 93720326a..000000000 --- a/cassandra/Gemfile +++ /dev/null @@ -1,23 +0,0 @@ -source ENV['GEM_SOURCE'] || "https://rubygems.org" - -puppetversion = ENV.key?('PUPPET_GEM_VERSION') ? " #{ENV['PUPPET_GEM_VERSION']}" : ['>= 4.0'] -gem 'puppet', puppetversion -gem 'facter', '>= 1.7.0' - -group :system_tests do - gem 'coveralls', :require => false - gem 'docker-api', :require => false - gem 'beaker-rspec', :require => false - gem 'fog', :require => false - gem 'fog-google', '<= 0.0.9' - gem 'pry', :require => false - gem 'puppet-blacksmith', :require => false - gem 'puppetlabs_spec_helper', :require => false - gem 'rspec-puppet', :require => false - gem 'rspec-puppet-utils', :require => false - gem 'serverspec', :require => false - gem 'metadata-json-lint', :require => false - gem 'puppet-lint', :require => false - gem 'travis', :require => false - gem 'travis-lint', :require => false -end diff --git a/cassandra/LICENSE b/cassandra/LICENSE deleted file mode 100644 index 820059e80..000000000 --- a/cassandra/LICENSE +++ /dev/null @@ -1,13 +0,0 @@ -Copyright 2015 League of Crafty Programmers Ltd. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. diff --git a/cassandra/README.md b/cassandra/README.md deleted file mode 100644 index 0e02c4aad..000000000 --- a/cassandra/README.md +++ /dev/null @@ -1,2604 +0,0 @@ -# Cassandra -[![Puppet Forge](http://img.shields.io/puppetforge/v/locp/cassandra.svg)](https://forge.puppetlabs.com/locp/cassandra) -[![Github Tag](https://img.shields.io/github/tag/locp/cassandra.svg)](https://github.com/locp/cassandra) -[![Build Status](https://travis-ci.org/locp/cassandra.png?branch=master)](https://travis-ci.org/locp/cassandra) -[![Coverage Status](https://coveralls.io/repos/locp/cassandra/badge.svg?branch=master&service=github)](https://coveralls.io/github/locp/cassandra?branch=master) -[![Join the chat at https://gitter.im/locp/cassandra](https://badges.gitter.im/Join%20Chat.svg)](https://gitter.im/locp/cassandra?utm_source=badge&utm_medium=badge&utm_campaign=pr-badge&utm_content=badge) - -#### Table of Contents - -1. [Overview](#overview) -2. [Setup - The basics of getting started with Cassandra](#setup) - * [What Cassandra affects](#what-cassandra-affects) - * [Beginning with Cassandra](#beginning-with-cassandra) - * [Upgrading](#upgrading) -3. [Usage - Configuration options and additional functionality](#usage) - * [Create a Cluster in a Single Data Center](#create-a-cluster-in-a-single-data-center) - * [Create a Cluster in Multiple Data Centers](#create-a-cluster-in-multiple-data-centers) - * [OpsCenter](#opscenter) - * [DataStax Enterprise](#datastax-enterprise) -4. [Reference - An under-the-hood peek at what the module is doing and how](#reference) - * [cassandra](#class-cassandra) - * [cassandra::datastax_agent](#class-cassandradatastax_agent) - * [cassandra::datastax_repo](#class-cassandradatastax_repo) - * [cassandra::firewall_ports](#class-cassandrafirewall_ports) - * [cassandra::java](#class-cassandrajava) - * [cassandra::opscenter](#class-cassandraopscenter) - * [cassandra::opscenter::cluster_name](#defined-type-cassandraopscentercluster_name) - * [cassandra::opscenter::pycrypto](#class-cassandraopscenterpycrypto) - * [cassandra::optutils](#class-cassandraoptutils) - * [cassandra::opscenter::setting](#defined-type-cassandraopscentersetting) -5. [Limitations - OS compatibility, etc.](#limitations) -6. [Contributers](#contributers) - -## Overview - -A Puppet module to install and manage Cassandra, DataStax Agent & OpsCenter - -## Setup - -### What Cassandra affects - -#### What the Cassandra class affects - -* Installs the Cassandra package (default **dsc22**). -* Configures settings in *${config_path}/cassandra.yaml*. -* Optionally ensures that the Cassandra service is enabled and running. -* On Ubuntu systems, optionally replace ```/etc/init.d/cassandra``` with a - workaround for - [CASSANDRA-9822](https://issues.apache.org/jira/browse/CASSANDRA-9822). - -#### What the cassandra::datastax_agent class affects - -* Optionally installs the DataStax agent. -* Optionally sets JAVA_HOME in **/etc/default/datastax-agent**. - -#### What the cassandra::datastax_agent class affects - -* Optionally configures a Yum repository to install the Cassandra packages - from (on Red Hat). -* Optionally configures an Apt repository to install the Cassandra packages - from (on Ubuntu). - -#### What the cassandra::firewall_ports class affects - -* Optionally configures the firewall for the Cassandra related network - ports. - -#### What the cassandra::java class affects - -* Optionally installs a JRE/JDK package (e.g. java-1.7.0-openjdk) and the - Java Native Access (JNA). - -#### What the cassandra::opscenter class affects - -* Installs the OpsCenter package. -* Manages the content of the configuration file - (/etc/opscenter/opscenterd.conf). -* Manages the opscenterd service. - -#### What the cassandra::opscenter::cluster_name type affects - -* An optional type that allows DataStax OpsCenter to connect to a remote - key space for metrics storage. These files will be created in - /etc/opscenter/clusters. The module also creates this directory if - required. This functionality is only valid in DataStax Enterprise. - -#### What the cassandra::opscenter::pycrypto class affects - -* On the Red Hat family it installs the pycrypto library and it's - pre-requisites (the python-devel and python-pip packages). -* Optionally installs the Extra Packages for Enterprise Linux (EPEL) - repository. -* As a workaround for - [PUP-3829](https://tickets.puppetlabs.com/browse/PUP-3829) a symbolic - link is created from ```/usr/bin/pip``` to - ```/usr/bin/pip-python```. Hopefully this can be removed in the not - too distant future. - -#### What the cassandra::optutils class affects - -* Optionally installs the Cassandra support tools (e.g. cassandra22-tools). - -### Beginning with Cassandra - -A basic example is as follows: - -```puppet - class { 'cassandra': - cluster_name => 'MyCassandraCluster', - endpoint_snitch => 'GossipingPropertyFileSnitch', - listen_address => "${::ipaddress}", - seeds => '110.82.155.0,110.82.156.3' - } -``` - -### Upgrading - -#### Changes in 1.8.0 - -A somewhat embarrassing correction to the spelling of the -cassandra::fail_on_non_suppoted_os to cassandra::fail_on_non_supported_os. - -#### Issues when Upgrading to 1.4.0 - -Unfortunately both releases 1.3.7 and 1.4.0 have subsequently been found to -call a refresh service even when no changes had been made to the underlying -configuration. In release 1.8.0 (somewhat belatedly) the service_refresh -flag has been introduced to mitigate against similar problems. - -#### Issues When Upgrading to 1.3.7 - -* Please see the notes for 1.4.0. - -#### Changes in 1.0.0 - -* cassandra::cassandra_package_ensure has been renamed to - cassandra::package_ensure. -* cassandra::cassandra_package_name has been renamed to - cassandra::package_name. - -#### Changes in 0.4.0 - -There is now a cassandra::datastax_agent class, therefore: - -* cassandra::datastax_agent_package_ensure has now been replaced with - cassandra::datastax_agent::package_ensure. -* cassandra::datastax_agent_service_enable has now been replaced with - cassandra::datastax_agent::service_enable. -* cassandra::datastax_agent_service_ensure has now been replaced with - cassandra::datastax_agent::service_ensure. -* cassandra::datastax_agent_package_name has now been replaced with - cassandra::datastax_agent::package_name. -* cassandra::datastax_agent_service_name has now been replaced with - cassandra::datastax_agent::service_name. - -Likewise now there is a new class for handling the installation of Java: - -* cassandra::java_package_ensure has now been replaced with - cassandra::java::ensure. -* cassandra::java_package_name has now been replaced with - cassandra::java::package_name. - -Also there is now a class for installing the optional utilities: - -* cassandra::cassandra_opt_package_ensure has now been replaced with - cassandra::optutils:ensure. -* cassandra::cassandra_opt_package_name has now been replaced with - cassandra::optutils:package_name. - -#### Changes in 0.3.0 - -* cassandra_opt_package_ensure changed from 'present' to undef. - -* The manage_service option has been replaced with service_enable and - service_ensure. - -## Usage - -### Create a Cluster in a Single Data Center - -In the DataStax documentation _Initializing a multiple node cluster (single -data center)_ - -there is a basic example of a six node cluster with two seeds to be created in -a single data center spanning two racks. The nodes in the cluster are: - -**Node Name** | **IP Address** | ----------------|----------------| -node0 (seed 1) | 110.82.155.0 | -node1 | 110.82.155.1 | -node2 | 110.82.155.2 | -node3 (seed 2) | 110.82.156.3 | -node4 | 110.82.156.4 | -node5 | 110.82.156.5 | - -Each node is configured to use the GossipingPropertyFileSnitch and 256 virtual -nodes (vnodes). The name of the cluster is _MyCassandraCluster_. Also, -while building the initial cluster, we are setting the auto_bootstrap -to false. - -In this initial example, we are going to expand the example by: - -* Ensuring that the software is installed via the DataStax Community - repository by including `cassandra::datastax_repo`. This needs to be - executed before the Cassandra package is installed. -* That a suitable Java Runtime environment (JRE) is installed with Java Native - Access (JNA) by including `cassandra::java`. This need to be executed - before the Cassandra service is started. - -```puppet -node /^node\d+$/ { - class { 'cassandra::datastax_repo': - before => Class['cassandra'] - } - - class { 'cassandra::java': - before => Class['cassandra'] - } - - class { 'cassandra': - cluster_name => 'MyCassandraCluster', - endpoint_snitch => 'GossipingPropertyFileSnitch', - listen_address => "${::ipaddress}", - num_tokens => 256, - seeds => '110.82.155.0,110.82.156.3', - auto_bootstrap => false - } -} -``` - -The default value for the num_tokens is already 256, but it is -included in the example for clarity. Do not forget to either -set auto_bootstrap to true or not set the parameter at all -after initializing the cluster. - -### Create a Cluster in Multiple Data Centers - -To continue with the examples provided by DataStax, we look at the example -for a cluster across multiple data centers -. - -**Node Name** | **IP Address** | **Data Center** | **Rack** | ----------------|----------------|-----------------|----------| -node0 (seed 1) | 10.168.66.41 | DC1 | RAC1 | -node1 | 10.176.43.66 | DC1 | RAC1 | -node2 | 10.168.247.41 | DC1 | RAC1 | -node3 (seed 2) | 10.176.170.59 | DC2 | RAC1 | -node4 | 10.169.61.170 | DC2 | RAC1 | -node5 | 10.169.30.138 | DC2 | RAC1 | - -For the sake of simplicity, we will confine this example to the nodes: - -```puppet -node /^node[012]$/ { - class { 'cassandra': - cluster_name => 'MyCassandraCluster', - endpoint_snitch => 'GossipingPropertyFileSnitch', - listen_address => "${::ipaddress}", - num_tokens => 256, - seeds => '10.168.66.41,10.176.170.59', - dc => 'DC1', - auto_bootstrap => false - } -} - -node /^node[345]$/ { - class { 'cassandra': - cluster_name => 'MyCassandraCluster', - endpoint_snitch => 'GossipingPropertyFileSnitch', - listen_address => "${::ipaddress}", - num_tokens => 256, - seeds => '10.168.66.41,10.176.170.59', - dc => 'DC2', - auto_bootstrap => false - } -} -``` - -We don't need to specify the rack name (with the rack parameter) as RAC1 is -the default value. Again, do not forget to either set auto_bootstrap to -true or not set the parameter at all after initializing the cluster. - -### OpsCenter - -To continue with the original example within a single data center, say we -have an instance of OpsCenter running on a node called opscenter which has -an IP address of 110.82.157.6. We add the `cassandra::datastax_agent` to -the cassandra node to connect to OpsCenter: - -```puppet -node /^node\d+$/ { - class { 'cassandra::datastax_repo': - before => Class['cassandra'] - } -> - class { 'cassandra::java': - before => Class['cassandra'] - } -> - class { 'cassandra': - cluster_name => 'MyCassandraCluster', - endpoint_snitch => 'GossipingPropertyFileSnitch', - listen_address => "${::ipaddress}", - num_tokens => 256, - seeds => '110.82.155.0,110.82.156.3', - before => Class['cassandra::datastax_agent'] - } -> - class { 'cassandra::datastax_agent': - stomp_interface => '110.82.157.6' - } -} - -node /opscenter/ { - include '::cassandra::datastax_repo' -> - include '::cassandra' -> - include '::cassandra::opscenter' -} -``` - -We have also added the `cassandra::opscenter` class for the opscenter node. - -### DataStax Enterprise - -After configuring the relevant repository, the following snippet works on -CentOS 7 to install DSE Cassandra 4.7.0: - -```puppet -class { 'cassandra::datastax_repo': - descr => 'DataStax Repo for DataStax Enterprise', - pkg_url => 'https://username:password@rpm.datastax.com/enterprise', - before => Class['cassandra'], -} - -class { 'cassandra': - cluster_name => 'MyCassandraCluster', - config_path => '/etc/dse/cassandra', - package_ensure => '4.7.0-1', - package_name => 'dse-full', - service_name => 'dse', -} -``` - -Also with DSE, one can specify a remote keyspace for storing the metrics for -a cluster. An example is: - -```puppet -cassandra::opscenter::cluster_name { 'Cluster1': - cassandra_seed_hosts => 'host1,host2', - storage_cassandra_username => 'opsusr', - storage_cassandra_password => 'opscenter', - storage_cassandra_api_port => 9160, - storage_cassandra_cql_port => 9042, - storage_cassandra_keyspace => 'OpsCenter_Cluster1' -} -``` - -## Reference - -### Public Classes - -* [cassandra](#class-cassandra) -* [cassandra::datastax_agent](#class-cassandradatastax_agent) -* [cassandra::datastax_repo](#class-cassandradatastax_repo) -* [cassandra::firewall_ports](#class-cassandrafirewall_ports) -* [cassandra::java](#class-cassandrajava) -* [cassandra::opscenter](#class-cassandraopscenter) -* [cassandra::opscenter::pycrypto](#class-cassandraopscenterpycrypto) -* [cassandra::optutils](#class-cassandraoptutils) - -### Public Defined Types -* [cassandra::opscenter::cluster_name](#defined-type-cassandraopscentercluster_name) - -### Private Defined Types - -* cassandra::opscenter::setting -* cassandra::firewall_ports::rule - -### Class: cassandra - -A class for installing the Cassandra package and manipulate settings in the -configuration file. - -#### Parameters - -##### `authenticator` -This is passed to the -[cassandra.yaml](http://docs.datastax.com/en/cassandra/2.1/cassandra/configuration/configCassandra_yaml_r.html) file. -Default value: 'AllowAllAuthenticator. - -##### `authorizer` -This is passed to the -[cassandra.yaml](http://docs.datastax.com/en/cassandra/2.1/cassandra/configuration/configCassandra_yaml_r.html) file. -Default value: 'AllowAllAuthorizer' - -##### `auto_bootstrap` -This is passed to the -[cassandra.yaml](http://docs.datastax.com/en/cassandra/2.1/cassandra/configuration/configCassandra_yaml_r.html) file. -If left at the default value of *undef* then the entry in the configuration -file is absent or commented out. If a value is set, then the parameter -and variable are placed into the configuration file. -Default value: *undef* - -##### `auto_snapshot` -This is passed to the -[cassandra.yaml](http://docs.datastax.com/en/cassandra/2.1/cassandra/configuration/configCassandra_yaml_r.html) file. -Default value 'true' - -##### `batchlog_replay_throttle_in_kb` -This is passed to the -[cassandra.yaml](http://docs.datastax.com/en/cassandra/2.1/cassandra/configuration/configCassandra_yaml_r.html) file. -Default value: '1024' - -##### `batch_size_warn_threshold_in_kb` -This is passed to the -[cassandra.yaml](http://docs.datastax.com/en/cassandra/2.1/cassandra/configuration/configCassandra_yaml_r.html) file. -Default value 5 - -##### `broadcast_address` -This is passed to the -[cassandra.yaml](http://docs.datastax.com/en/cassandra/2.1/cassandra/configuration/configCassandra_yaml_r.html) file. -If left at the default value of *undef* then the entry in the configuration -file is absent or commented out. If a value is set, then the parameter -and variable are placed into the configuration file. -Default value: *undef* - -##### `broadcast_rpc_address` -This is passed to the -[cassandra.yaml](http://docs.datastax.com/en/cassandra/2.1/cassandra/configuration/configCassandra_yaml_r.html) file. -If left at the default value of *undef* then the entry in the configuration -file is absent or commented out. If a value is set, then the parameter -and variable are placed into the configuration file. -Default value: *undef* - -##### `cas_contention_timeout_in_ms` -This is passed to the -[cassandra.yaml](http://docs.datastax.com/en/cassandra/2.1/cassandra/configuration/configCassandra_yaml_r.html) file. -Default value: '1000' - -##### `cassandra_9822` -If set to true, this will apply a patch to the init file for the Cassandra -service as a workaround for -[CASSANDRA-9822](https://issues.apache.org/jira/browse/CASSANDRA-9822). This -option is silently ignored on the Red Hat family of operating systems as -this bug only affects Ubuntu systems. -Default value 'false' - -##### `cassandra_yaml_tmpl` -The path to the Puppet template for the Cassandra configuration file. This -allows the user to supply their own customized template. A Cassandra 1.X -compatible template called cassandra1.yaml.erb has been provided by @Spredzy. -Default value 'cassandra/cassandra.yaml.erb' - -##### `client_encryption_algorithm` -If left at the default value of *undef* then the entry in the configuration -file is absent or commented out. If a value is set, then the parameter -and variable are placed into the configuration file. -The field being set is `client_encryption_options -> algorithm`. -Default value: *undef* - -##### `client_encryption_cipher_suites` -If left at the default value of *undef* then the entry in the configuration -file is absent or commented out. If a value is set, then the parameter -and variable are placed into the configuration file. -The field being set is `client_encryption_options -> cipher_suites`. -Default value: *undef* - -##### `client_encryption_enabled` -This is passed to the -[cassandra.yaml](http://docs.datastax.com/en/cassandra/2.1/cassandra/configuration/configCassandra_yaml_r.html) file. -The field being set is `client_encryption_options -> enabled`. -Default value 'false' - -##### `client_encryption_keystore` -This is passed to the -[cassandra.yaml](http://docs.datastax.com/en/cassandra/2.1/cassandra/configuration/configCassandra_yaml_r.html) file. -The field being set is `client_encryption_options -> keystore`. -Default value 'conf/.keystore' - -##### `client_encryption_keystore_password` -This is passed to the -[cassandra.yaml](http://docs.datastax.com/en/cassandra/2.1/cassandra/configuration/configCassandra_yaml_r.html) file. -The field being set is `client_encryption_options -> keystore_password`. -Default value 'cassandra' - -##### `client_encryption_protocol` -If left at the default value of *undef* then the entry in the configuration -file is absent or commented out. If a value is set, then the parameter -and variable are placed into the configuration file. -The field being set is `client_encryption_options -> protocol`. -Default value: *undef* - -##### `client_encryption_require_client_auth` -If left at the default value of *undef* then the entry in the configuration -file is absent or commented out. If a value is set, then the parameter -and variable are placed into the configuration file. -The field being set is `client_encryption_options -> require_client_auth`. -Default value: *undef* - -##### `client_encryption_store_type` -If left at the default value of *undef* then the entry in the configuration -file is absent or commented out. If a value is set, then the parameter -and variable are placed into the configuration file. -The field being set is `client_encryption_options -> store_type`. -Default value: *undef* - -##### `client_encryption_truststore` -If left at the default value of *undef* then the entry in the configuration -file is absent or commented out. If a value is set, then the parameter -and variable are placed into the configuration file. -The field being set is `client_encryption_options -> truststore`. -Default value: *undef* - -##### `client_encryption_truststore_password` -If left at the default value of *undef* then the entry in the configuration -file is absent or commented out. If a value is set, then the parameter -and variable are placed into the configuration file. -The field being set is `client_encryption_options -> truststore_password`. -Default value: *undef* - -##### `cluster_name` -This is passed to the -[cassandra.yaml](http://docs.datastax.com/en/cassandra/2.1/cassandra/configuration/configCassandra_yaml_r.html) file. -Default value 'Test Cluster' - -##### `column_index_size_in_kb` -This is passed to the -[cassandra.yaml](http://docs.datastax.com/en/cassandra/2.1/cassandra/configuration/configCassandra_yaml_r.html) file. -Default value: '64' - -##### `commit_failure_policy` -This is passed to the -[cassandra.yaml](http://docs.datastax.com/en/cassandra/2.1/cassandra/configuration/configCassandra_yaml_r.html) file. -Default value: 'stop' - -##### `commitlog_directory` -This is passed to the -[cassandra.yaml](http://docs.datastax.com/en/cassandra/2.1/cassandra/configuration/configCassandra_yaml_r.html) file. -Default value '/var/lib/cassandra/commitlog' - -##### `commitlog_directory_mode` -The mode for the directory specified in `commitlog_directory`. -Default value '0750' - -##### `commitlog_segment_size_in_mb` -This is passed to the -[cassandra.yaml](http://docs.datastax.com/en/cassandra/2.1/cassandra/configuration/configCassandra_yaml_r.html) file. -Default value: 32 - -##### `commitlog_sync` -This is passed to the -[cassandra.yaml](http://docs.datastax.com/en/cassandra/2.1/cassandra/configuration/configCassandra_yaml_r.html) file. - -See also `commitlog_sync_batch_window_in_ms` and `commitlog_sync_period_in_ms`. -Default value: 'periodic' - -##### `commitlog_sync_batch_window_in_ms` -This is passed to the -[cassandra.yaml](http://docs.datastax.com/en/cassandra/2.1/cassandra/configuration/configCassandra_yaml_r.html) file. -If left at the default value of *undef* then the entry in the configuration -file is absent or commented out. If a value is set, then the parameter -and variable are placed into the configuration file. - -If `commitlog_sync` is set to 'batch' then this value should be set. -Otherwise it should be set to *undef*. -Default value: *undef* - -##### `commitlog_sync_period_in_ms` -This is passed to the -[cassandra.yaml](http://docs.datastax.com/en/cassandra/2.1/cassandra/configuration/configCassandra_yaml_r.html) file. -If set to a value of *undef* then the entry in the configuration -file is absent or commented out. If a value is set, then the parameter -and variable are placed into the configuration file. - -If `commitlog_sync` is set to 'periodic' then this value should be set. -Otherwise it should be set to *undef*. -Default value: 10000 - -##### `commitlog_total_space_in_mb` -This is passed to the -[cassandra.yaml](http://docs.datastax.com/en/cassandra/2.1/cassandra/configuration/configCassandra_yaml_r.html) file. -If left at the default value of *undef* then the entry in the configuration -file is absent or commented out. If a value is set, then the parameter -and variable are placed into the configuration file. -Default value: *undef* - -##### `compaction_throughput_mb_per_sec` -This is passed to the -[cassandra.yaml](http://docs.datastax.com/en/cassandra/2.1/cassandra/configuration/configCassandra_yaml_r.html) file. -Default value: '16' - -##### `concurrent_counter_writes` -This is passed to the -[cassandra.yaml](http://docs.datastax.com/en/cassandra/2.1/cassandra/configuration/configCassandra_yaml_r.html) file. -Default value '32' - -##### `concurrent_reads` -This is passed to the -[cassandra.yaml](http://docs.datastax.com/en/cassandra/2.1/cassandra/configuration/configCassandra_yaml_r.html) file. -Default value '32' - -##### `concurrent_writes` -This is passed to the -[cassandra.yaml](http://docs.datastax.com/en/cassandra/2.1/cassandra/configuration/configCassandra_yaml_r.html) file. -Default value '32' - -##### `config_file_mode` -The permissions mode of the cassandra configuration file. -Default value '0666' - -##### `config_path` -The path to the cassandra configuration file. If this is undef, it will be -changed to **/etc/cassandra/default.conf** on the Red Hat family of operating -systems or **/etc/cassandra** on Ubuntu. Otherwise the user can specify the -path name. -Default value *undef* - -##### `concurrent_compactors` -This is passed to the -[cassandra.yaml](http://docs.datastax.com/en/cassandra/2.1/cassandra/configuration/configCassandra_yaml_r.html) file. -If left at the default value of *undef* then the entry in the configuration -file is absent or commented out. If a value is set, then the parameter -and variable are placed into the configuration file. -Default value: *undef* - -##### `counter_cache_save_period` -This is passed to the -[cassandra.yaml](http://docs.datastax.com/en/cassandra/2.1/cassandra/configuration/configCassandra_yaml_r.html) file. -Default value: '7200' - -##### `counter_cache_keys_to_save` -This is passed to the -[cassandra.yaml](http://docs.datastax.com/en/cassandra/2.1/cassandra/configuration/configCassandra_yaml_r.html) file. -If left at the default value of *undef* then the entry in the configuration -file is absent or commented out. If a value is set, then the parameter -and variable are placed into the configuration file. -Default value: *undef* - -##### `counter_cache_size_in_mb` -This is passed to the -[cassandra.yaml](http://docs.datastax.com/en/cassandra/2.1/cassandra/configuration/configCassandra_yaml_r.html) file. -Default value: '' - -##### `counter_write_request_timeout_in_ms` -This is passed to the -[cassandra.yaml](http://docs.datastax.com/en/cassandra/2.1/cassandra/configuration/configCassandra_yaml_r.html) file. -Default value: '5000' - -##### `cross_node_timeout` -This is passed to the -[cassandra.yaml](http://docs.datastax.com/en/cassandra/2.1/cassandra/configuration/configCassandra_yaml_r.html) file. -Default value: 'false' - -##### `data_file_directories` -This is passed to the -[cassandra.yaml](http://docs.datastax.com/en/cassandra/2.1/cassandra/configuration/configCassandra_yaml_r.html) file. -Default value '['/var/lib/cassandra/data']' - -##### `data_file_directories_mode` -The mode for the directories specified in `data_file_directories`. -Default value '0750' - -##### `dc` -Sets the value for dc in *config_path*/*snitch_properties_file* see -http://docs.datastax.com/en/cassandra/2.1/cassandra/architecture/architectureSnitchesAbout_c.html -for more details. -Default value 'DC1' - -##### `dc_suffix` -Sets the value for dc_suffix in *config_path*/*snitch_properties_file* see -http://docs.datastax.com/en/cassandra/2.1/cassandra/architecture/architectureSnitchesAbout_c.html -for more details. If the value is *undef* then change will be made to the -snitch properties file for this setting. -Default value *undef* - -##### `disk_failure_policy` -This is passed to the -[cassandra.yaml](http://docs.datastax.com/en/cassandra/2.1/cassandra/configuration/configCassandra_yaml_r.html) file. -Default value 'stop' - -##### `dynamic_snitch_badness_threshold` -This is passed to the -[cassandra.yaml](http://docs.datastax.com/en/cassandra/2.1/cassandra/configuration/configCassandra_yaml_r.html) file. -Default value: '0.1' - -##### `dynamic_snitch_reset_interval_in_ms` -This is passed to the -[cassandra.yaml](http://docs.datastax.com/en/cassandra/2.1/cassandra/configuration/configCassandra_yaml_r.html) file. -Default value: '600000' - -##### `dynamic_snitch_update_interval_in_ms` -This is passed to the -[cassandra.yaml](http://docs.datastax.com/en/cassandra/2.1/cassandra/configuration/configCassandra_yaml_r.html) file. -Default value: '100' - -##### `endpoint_snitch` -This is passed to the -[cassandra.yaml](http://docs.datastax.com/en/cassandra/2.1/cassandra/configuration/configCassandra_yaml_r.html) file. -Default value 'SimpleSnitch' - -##### `fail_on_non_supported_os` -A flag that dictates if the module should fail if it is not RedHat or Debian. -If you set this option to false then you must also at least set the -`config_path` parameter as well. -Default value 'true' - -##### `file_cache_size_in_mb` -This is passed to the -[cassandra.yaml](http://docs.datastax.com/en/cassandra/2.1/cassandra/configuration/configCassandra_yaml_r.html) file. -If left at the default value of *undef* then the entry in the configuration -file is absent or commented out. If a value is set, then the parameter -and variable are placed into the configuration file. -Default value: *undef* - -##### `hinted_handoff_enabled` -This is passed to the -[cassandra.yaml](http://docs.datastax.com/en/cassandra/2.1/cassandra/configuration/configCassandra_yaml_r.html) file. -Default value 'true' - -##### `hinted_handoff_throttle_in_kb` -This is passed to the -[cassandra.yaml](http://docs.datastax.com/en/cassandra/2.1/cassandra/configuration/configCassandra_yaml_r.html) file. -Default value: '1024' - -##### `index_summary_capacity_in_mb` -This is passed to the -[cassandra.yaml](http://docs.datastax.com/en/cassandra/2.1/cassandra/configuration/configCassandra_yaml_r.html) file. -Default value: '' - -##### `index_summary_resize_interval_in_minutes` -This is passed to the -[cassandra.yaml](http://docs.datastax.com/en/cassandra/2.1/cassandra/configuration/configCassandra_yaml_r.html) file. -Default value: '60' - -##### `incremental_backups` -This is passed to the -[cassandra.yaml](http://docs.datastax.com/en/cassandra/2.1/cassandra/configuration/configCassandra_yaml_r.html) file. -Default value 'false' - -##### `initial_token` -This is passed to the -[cassandra.yaml](http://docs.datastax.com/en/cassandra/2.1/cassandra/configuration/configCassandra_yaml_r.html) file. -If left at the default value of *undef* then the entry in the configuration -file is absent or commented out. If a value is set, then the parameter -and variable are placed into the configuration file. -Default value: *undef* - -##### `inter_dc_tcp_nodelay` -This is passed to the -[cassandra.yaml](http://docs.datastax.com/en/cassandra/2.1/cassandra/configuration/configCassandra_yaml_r.html) file. -Default value: 'false' - -##### `internode_authenticator` -This is passed to the -[cassandra.yaml](http://docs.datastax.com/en/cassandra/2.1/cassandra/configuration/configCassandra_yaml_r.html) file. -If left at the default value of *undef* then the entry in the configuration -file is absent or commented out. If a value is set, then the parameter -and variable are placed into the configuration file. -Default value: *undef* - -##### `internode_compression` -This is passed to the -[cassandra.yaml](http://docs.datastax.com/en/cassandra/2.1/cassandra/configuration/configCassandra_yaml_r.html) file. -Default value 'all' - -##### `internode_recv_buff_size_in_bytes` -This is passed to the -[cassandra.yaml](http://docs.datastax.com/en/cassandra/2.1/cassandra/configuration/configCassandra_yaml_r.html) file. -If left at the default value of *undef* then the entry in the configuration -file is absent or commented out. If a value is set, then the parameter -and variable are placed into the configuration file. -Default value: *undef* - -##### `internode_send_buff_size_in_bytes` -This is passed to the -[cassandra.yaml](http://docs.datastax.com/en/cassandra/2.1/cassandra/configuration/configCassandra_yaml_r.html) file. -If left at the default value of *undef* then the entry in the configuration -file is absent or commented out. If a value is set, then the parameter -and variable are placed into the configuration file. -Default value: *undef* - -##### `key_cache_save_period` -This is passed to the -[cassandra.yaml](http://docs.datastax.com/en/cassandra/2.1/cassandra/configuration/configCassandra_yaml_r.html) file. -Default value: 14400 - -##### `key_cache_size_in_mb` -This is passed to the -[cassandra.yaml](http://docs.datastax.com/en/cassandra/2.1/cassandra/configuration/configCassandra_yaml_r.html) file. -Default value: '' - -##### `key_cache_keys_to_save` -This is passed to the -[cassandra.yaml](http://docs.datastax.com/en/cassandra/2.1/cassandra/configuration/configCassandra_yaml_r.html) file. -If left at the default value of *undef* then the entry in the configuration -file is absent or commented out. If a value is set, then the parameter -and variable are placed into the configuration file. -Default value: *undef* - -##### `listen_address` -This is passed to the -[cassandra.yaml](http://docs.datastax.com/en/cassandra/2.1/cassandra/configuration/configCassandra_yaml_r.html) file. -Default value 'localhost' - -##### `manage_dsc_repo` -DEPRECATION WARNING: This option is deprecated. Please include the -the ::cassandra::datastax_repo instead. - -If set to true then a repository will be setup so that packages can be -downloaded from DataStax community. -Default value 'false' - -##### `max_hints_delivery_threads` -This is passed to the -[cassandra.yaml](http://docs.datastax.com/en/cassandra/2.1/cassandra/configuration/configCassandra_yaml_r.html) file. -Default value: '2' - -##### `max_hint_window_in_ms` -This is passed to the -[cassandra.yaml](http://docs.datastax.com/en/cassandra/2.1/cassandra/configuration/configCassandra_yaml_r.html) file. -Default value: '10800000' - -##### `memory_allocator` -This is passed to the -[cassandra.yaml](http://docs.datastax.com/en/cassandra/2.1/cassandra/configuration/configCassandra_yaml_r.html) file. -If left at the default value of *undef* then the entry in the configuration -file is absent or commented out. If a value is set, then the parameter -and variable are placed into the configuration file. -Default value: *undef* - -##### `memtable_cleanup_threshold` -This is passed to the -[cassandra.yaml](http://docs.datastax.com/en/cassandra/2.1/cassandra/configuration/configCassandra_yaml_r.html) file. -If left at the default value of *undef* then the entry in the configuration -file is absent or commented out. If a value is set, then the parameter -and variable are placed into the configuration file. -Default value: *undef* - -##### `memtable_flush_writers` -This is passed to the -[cassandra.yaml](http://docs.datastax.com/en/cassandra/2.1/cassandra/configuration/configCassandra_yaml_r.html) file. -If left at the default value of *undef* then the entry in the configuration -file is absent or commented out. If a value is set, then the parameter -and variable are placed into the configuration file. -Default value: *undef* - -##### `memtable_heap_space_in_mb` -This is passed to the -[cassandra.yaml](http://docs.datastax.com/en/cassandra/2.1/cassandra/configuration/configCassandra_yaml_r.html) file. -If left at the default value of *undef* then the entry in the configuration -file is absent or commented out. If a value is set, then the parameter -and variable are placed into the configuration file. -Default value: *undef* - -##### `memtable_offheap_space_in_mb` -This is passed to the -[cassandra.yaml](http://docs.datastax.com/en/cassandra/2.1/cassandra/configuration/configCassandra_yaml_r.html) file. -If left at the default value of *undef* then the entry in the configuration -file is absent or commented out. If a value is set, then the parameter -and variable are placed into the configuration file. -Default value: *undef* - -##### `native_transport_max_concurrent_connections` -This is passed to the -[cassandra.yaml](http://docs.datastax.com/en/cassandra/2.1/cassandra/configuration/configCassandra_yaml_r.html) file. -If left at the default value of *undef* then the entry in the configuration -file is absent or commented out. If a value is set, then the parameter -and variable are placed into the configuration file. -Default value: *undef* - -##### `native_transport_max_concurrent_connections_per_ip` -This is passed to the -[cassandra.yaml](http://docs.datastax.com/en/cassandra/2.1/cassandra/configuration/configCassandra_yaml_r.html) file. -If left at the default value of *undef* then the entry in the configuration -file is absent or commented out. If a value is set, then the parameter -and variable are placed into the configuration file. -Default value: *undef* - -##### `native_transport_max_frame_size_in_mb` -This is passed to the -[cassandra.yaml](http://docs.datastax.com/en/cassandra/2.1/cassandra/configuration/configCassandra_yaml_r.html) file. -If left at the default value of *undef* then the entry in the configuration -file is absent or commented out. If a value is set, then the parameter -and variable are placed into the configuration file. -Default value: *undef* - -##### `native_transport_max_threads` -This is passed to the -[cassandra.yaml](http://docs.datastax.com/en/cassandra/2.1/cassandra/configuration/configCassandra_yaml_r.html) file. -If left at the default value of *undef* then the entry in the configuration -file is absent or commented out. If a value is set, then the parameter -and variable are placed into the configuration file. -Default value: *undef* - -##### `native_transport_port` -This is passed to the -[cassandra.yaml](http://docs.datastax.com/en/cassandra/2.1/cassandra/configuration/configCassandra_yaml_r.html) file. -Default value '9042' - -##### `num_tokens` -This is passed to the -[cassandra.yaml](http://docs.datastax.com/en/cassandra/2.1/cassandra/configuration/configCassandra_yaml_r.html) file. -Default value '256' - -##### `package_ensure` -The status of the package specified in **package_name**. Can be -*present*, *latest* or a specific version number. -Default value 'present' - -##### `package_name` -The name of the Cassandra package. Must be available from a repository. -Default value 'dsc22' - -##### `partitioner` -This is passed to the -[cassandra.yaml](http://docs.datastax.com/en/cassandra/2.1/cassandra/configuration/configCassandra_yaml_r.html) file. -Default value 'org.apache.cassandra.dht.Murmur3Partitioner' - -##### `permissions_update_interval_in_ms` -This is passed to the -[cassandra.yaml](http://docs.datastax.com/en/cassandra/2.1/cassandra/configuration/configCassandra_yaml_r.html) file. -If left at the default value of *undef* then the entry in the configuration -file is absent or commented out. If a value is set, then the parameter -and variable are placed into the configuration file. -Default value: *undef* - -##### `permissions_validity_in_ms` -This is passed to the -[cassandra.yaml](http://docs.datastax.com/en/cassandra/2.1/cassandra/configuration/configCassandra_yaml_r.html) file. -Default value: '2000' - -##### `phi_convict_threshold` -This is passed to the -[cassandra.yaml](http://docs.datastax.com/en/cassandra/2.1/cassandra/configuration/configCassandra_yaml_r.html) file. -If left at the default value of *undef* then the entry in the configuration -file is absent or commented out. If a value is set, then the parameter -and variable are placed into the configuration file. -Default value: *undef* - -##### `prefer_local` -Sets the value for prefer_local in *config_path*/*snitch_properties_file* see -http://docs.datastax.com/en/cassandra/2.1/cassandra/architecture/architectureSnitchesAbout_c.html -for more details. Valid values are true, false or *undef*. If the value is -*undef* then change will be made to the snitch properties file for this -setting. -Default value *undef* - -##### `rack` -Sets the value for rack in *config_path*/*snitch_properties_file* see -http://docs.datastax.com/en/cassandra/2.1/cassandra/architecture/architectureSnitchesAbout_c.html -for more details. -Default value 'RAC1' - -##### `range_request_timeout_in_ms` -This is passed to the -[cassandra.yaml](http://docs.datastax.com/en/cassandra/2.1/cassandra/configuration/configCassandra_yaml_r.html) file. -Default value: '10000' - -##### `read_request_timeout_in_ms` -This is passed to the -[cassandra.yaml](http://docs.datastax.com/en/cassandra/2.1/cassandra/configuration/configCassandra_yaml_r.html) file. -Default value: '5000' - -##### `request_scheduler` -This is passed to the -[cassandra.yaml](http://docs.datastax.com/en/cassandra/2.1/cassandra/configuration/configCassandra_yaml_r.html) file. -Default value: 'org.apache.cassandra.scheduler.NoScheduler' - -##### `request_scheduler_options_default_weight` -This is passed to the -[cassandra.yaml](http://docs.datastax.com/en/cassandra/2.1/cassandra/configuration/configCassandra_yaml_r.html) file. -If left at the default value of *undef* then the entry in the configuration -file is absent or commented out. If a value is set, then the parameter -and variable are placed into the configuration file. -Default value: *undef* - -##### `request_scheduler_options_throttle_limit` -This is passed to the -[cassandra.yaml](http://docs.datastax.com/en/cassandra/2.1/cassandra/configuration/configCassandra_yaml_r.html) file. -If left at the default value of *undef* then the entry in the configuration -file is absent or commented out. If a value is set, then the parameter -and variable are placed into the configuration file. -Default value: *undef* - -##### `request_timeout_in_ms` -This is passed to the -[cassandra.yaml](http://docs.datastax.com/en/cassandra/2.1/cassandra/configuration/configCassandra_yaml_r.html) file. -Default value: '10000' - -##### `row_cache_keys_to_save` -This is passed to the -[cassandra.yaml](http://docs.datastax.com/en/cassandra/2.1/cassandra/configuration/configCassandra_yaml_r.html) file. -If left at the default value of *undef* then the entry in the configuration -file is absent or commented out. If a value is set, then the parameter -and variable are placed into the configuration file. -Default value: *undef* - -##### `row_cache_save_period` -This is passed to the -[cassandra.yaml](http://docs.datastax.com/en/cassandra/2.1/cassandra/configuration/configCassandra_yaml_r.html) file. -Default value: '0' - -##### `row_cache_size_in_mb` -This is passed to the -[cassandra.yaml](http://docs.datastax.com/en/cassandra/2.1/cassandra/configuration/configCassandra_yaml_r.html) file. -Default value: '0' - -##### `rpc_address` -This is passed to the -[cassandra.yaml](http://docs.datastax.com/en/cassandra/2.1/cassandra/configuration/configCassandra_yaml_r.html) file. -Default value 'localhost' - -##### `rpc_max_threads` -This is passed to the -[cassandra.yaml](http://docs.datastax.com/en/cassandra/2.1/cassandra/configuration/configCassandra_yaml_r.html) file. -If left at the default value of *undef* then the entry in the configuration -file is absent or commented out. If a value is set, then the parameter -and variable are placed into the configuration file. -Default value: *undef* - -##### `rpc_min_threads` -This is passed to the -[cassandra.yaml](http://docs.datastax.com/en/cassandra/2.1/cassandra/configuration/configCassandra_yaml_r.html) file. -If left at the default value of *undef* then the entry in the configuration -file is absent or commented out. If a value is set, then the parameter -and variable are placed into the configuration file. -Default value: *undef* - -##### `rpc_port` -This is passed to the -[cassandra.yaml](http://docs.datastax.com/en/cassandra/2.1/cassandra/configuration/configCassandra_yaml_r.html) file. -Default value '9160' - -##### `rpc_recv_buff_size_in_bytes` -This is passed to the -[cassandra.yaml](http://docs.datastax.com/en/cassandra/2.1/cassandra/configuration/configCassandra_yaml_r.html) file. -If left at the default value of *undef* then the entry in the configuration -file is absent or commented out. If a value is set, then the parameter -and variable are placed into the configuration file. -Default value: *undef* - -##### `rpc_send_buff_size_in_bytes` -This is passed to the -[cassandra.yaml](http://docs.datastax.com/en/cassandra/2.1/cassandra/configuration/configCassandra_yaml_r.html) file. -If left at the default value of *undef* then the entry in the configuration -file is absent or commented out. If a value is set, then the parameter -and variable are placed into the configuration file. -Default value: *undef* - -##### `rpc_server_type` -This is passed to the -[cassandra.yaml](http://docs.datastax.com/en/cassandra/2.1/cassandra/configuration/configCassandra_yaml_r.html) file. -Default value 'sync' - -##### `saved_caches_directory` -This is passed to the -[cassandra.yaml](http://docs.datastax.com/en/cassandra/2.1/cassandra/configuration/configCassandra_yaml_r.html) file. -Default value '/var/lib/cassandra/saved_caches' - -##### `saved_caches_directory_mode` -The mode for the directory specified in `saved_caches_directory`. -Default value '0750' - -##### `seeds` -This is passed to the -[cassandra.yaml](http://docs.datastax.com/en/cassandra/2.1/cassandra/configuration/configCassandra_yaml_r.html) file. -The field being set is `seed_provider -> parameters -> seeds`. -Default value '127.0.0.1' - -##### `seed_provider_class_name` -This is passed to the -[cassandra.yaml](http://docs.datastax.com/en/cassandra/2.1/cassandra/configuration/configCassandra_yaml_r.html) file. -The field being set is `seed_provider -> class_name`. -Default value 'org.apache.cassandra.locator.SimpleSeedProvider' - -##### `server_encryption_algorithm` -If left at the default value of *undef* then the entry in the configuration -file is absent or commented out. If a value is set, then the parameter -and variable are placed into the configuration file. -The field being set is `server_encryption_options -> algorithm`. -Default value: *undef* - -##### `server_encryption_cipher_suites` -If left at the default value of *undef* then the entry in the configuration -file is absent or commented out. If a value is set, then the parameter -and variable are placed into the configuration file. -The field being set is `server_encryption_options -> cipher_suites`. -Default value: *undef* - -##### `server_encryption_internode` -This is passed to the -[cassandra.yaml](http://docs.datastax.com/en/cassandra/2.1/cassandra/configuration/configCassandra_yaml_r.html) file. -The field being set is `server_encryption_options -> internode_encryption`. -Default value 'none' - -##### `server_encryption_keystore` -This is passed to the -[cassandra.yaml](http://docs.datastax.com/en/cassandra/2.1/cassandra/configuration/configCassandra_yaml_r.html) file. -The field being set is `server_encryption_options -> keystore`. -Default value 'conf/.keystore' - -##### `server_encryption_keystore_password` -This is passed to the -[cassandra.yaml](http://docs.datastax.com/en/cassandra/2.1/cassandra/configuration/configCassandra_yaml_r.html) file. -The field being set is `server_encryption_options -> keystore_password`. -Default value 'cassandra' - -##### `server_encryption_protocol` -If left at the default value of *undef* then the entry in the configuration -file is absent or commented out. If a value is set, then the parameter -and variable are placed into the configuration file. -The field being set is `server_encryption_options -> protocol`. -Default value: *undef* - -##### `server_encryption_require_client_auth` -If left at the default value of *undef* then the entry in the configuration -file is absent or commented out. If a value is set, then the parameter -and variable are placed into the configuration file. -The field being set is `server_encryption_options -> require_client_auth`. -Default value: *undef* - -##### `server_encryption_store_type` -If left at the default value of *undef* then the entry in the configuration -file is absent or commented out. If a value is set, then the parameter -and variable are placed into the configuration file. -The field being set is `server_encryption_options -> store_type`. -Default value: *undef* - -##### `server_encryption_truststore` -This is passed to the -[cassandra.yaml](http://docs.datastax.com/en/cassandra/2.1/cassandra/configuration/configCassandra_yaml_r.html) file. -The field being set is `server_encryption_options -> truststore`. -Default value 'conf/.truststore' - -##### `server_encryption_truststore_password` -This is passed to the -[cassandra.yaml](http://docs.datastax.com/en/cassandra/2.1/cassandra/configuration/configCassandra_yaml_r.html) file. -The field being set is `server_encryption_options -> truststore_password`. -Default value 'cassandra' - -##### `service_enable` -Enable the Cassandra service to start at boot time. Valid values are true -or false. -Default value 'true' - -##### `service_ensure` -Ensure the Cassandra service is running. Valid values are running or stopped. -Default value 'running' - -##### `service_name` -The name of the service that runs the Cassandra software. -Default value 'cassandra' - -##### `service_refresh` -If set to true, changes to the Cassandra config file or the data directories -will ensure that Cassandra service is refreshed after the changes. Setting -this flag to false will disable this behaviour, therefore allowing the changes -to be made but allow the user to control when the service is restarted. -Default value true - -##### `snapshot_before_compaction` -This is passed to the -[cassandra.yaml](http://docs.datastax.com/en/cassandra/2.1/cassandra/configuration/configCassandra_yaml_r.html) file. -Default value 'false' - -##### `snitch_properties_file` -The name of the snitch properties file. The full path name would be -*config_path*/*snitch_properties_file*. -Default value 'cassandra-rackdc.properties' - -##### `ssl_storage_port` -This is passed to the -[cassandra.yaml](http://docs.datastax.com/en/cassandra/2.1/cassandra/configuration/configCassandra_yaml_r.html) file. -Default value '7001' - -##### `sstable_preemptive_open_interval_in_mb` -This is passed to the -[cassandra.yaml](http://docs.datastax.com/en/cassandra/2.1/cassandra/configuration/configCassandra_yaml_r.html) file. -Default value: '50' - -##### `start_native_transport` -This is passed to the -[cassandra.yaml](http://docs.datastax.com/en/cassandra/2.1/cassandra/configuration/configCassandra_yaml_r.html) file. -Default value 'true' - -##### `start_rpc` -This is passed to the -[cassandra.yaml](http://docs.datastax.com/en/cassandra/2.1/cassandra/configuration/configCassandra_yaml_r.html) file. -Default value 'true' - -##### `storage_port` -This is passed to the -[cassandra.yaml](http://docs.datastax.com/en/cassandra/2.1/cassandra/configuration/configCassandra_yaml_r.html) file. -Default value '7000' - -##### `streaming_socket_timeout_in_ms` -This is passed to the -[cassandra.yaml](http://docs.datastax.com/en/cassandra/2.1/cassandra/configuration/configCassandra_yaml_r.html) file. -If left at the default value of *undef* then the entry in the configuration -file is absent or commented out. If a value is set, then the parameter -and variable are placed into the configuration file. -Default value: *undef* - -##### `tombstone_failure_threshold` -This is passed to the -[cassandra.yaml](http://docs.datastax.com/en/cassandra/2.1/cassandra/configuration/configCassandra_yaml_r.html) file. -Default value: '100000' - -##### `tombstone_warn_threshold` -This is passed to the -[cassandra.yaml](http://docs.datastax.com/en/cassandra/2.1/cassandra/configuration/configCassandra_yaml_r.html) file. -Default value: '1000' - -##### `trickle_fsync` -This is passed to the -[cassandra.yaml](http://docs.datastax.com/en/cassandra/2.1/cassandra/configuration/configCassandra_yaml_r.html) file. -Default value: 'false' - -##### `trickle_fsync_interval_in_kb` -This is passed to the -[cassandra.yaml](http://docs.datastax.com/en/cassandra/2.1/cassandra/configuration/configCassandra_yaml_r.html) file. -Default value: '10240' - -##### `truncate_request_timeout_in_ms` -This is passed to the -[cassandra.yaml](http://docs.datastax.com/en/cassandra/2.1/cassandra/configuration/configCassandra_yaml_r.html) file. -Default value: '60000' - -##### `write_request_timeout_in_ms` -This is passed to the -[cassandra.yaml](http://docs.datastax.com/en/cassandra/2.1/cassandra/configuration/configCassandra_yaml_r.html) file. -Default value: '2000' - -### Class: cassandra::datastax_agent - -A class for installing the DataStax Agent and to point it at an OpsCenter -instance. - -#### Parameters - -##### `defaults_file` -The full path name to the file where `java_home` is set. -Default value '/etc/default/datastax-agent' - -##### `java_home` -If the value of this variable is left as *undef*, no action is taken. -Otherwise the value is set as JAVA_HOME in `defaults_file`. -Default value *undef* - -##### `package_ensure` -Is passed to the package reference. Valid values are **present** or a version -number. -Default value 'present' - -##### `package_name` -Is passed to the package reference. -Default value 'datastax-agent' - -##### `service_ensure` -Is passed to the service reference. -Default value 'running' - -##### `service_enable` -Is passed to the service reference. -Default value 'true' - -##### `service_name` -Is passed to the service reference. -Default value 'datastax-agent' - -##### `stomp_interface` -If the value is changed from the default of *undef* then this is what is -set as the stomp_interface setting in -**/var/lib/datastax-agent/conf/address.yaml** -which connects the agent to an OpsCenter instance. -Default value *undef* - -### Class: cassandra::datastax_repo - -An optional class that will allow a suitable repository to be configured -from which packages for DataStax Community can be downloaded. Changing -the defaults will allow any Debian Apt or Red Hat Yum repository to be -configured. - -#### Parameters - -##### `descr` -On the Red Hat family, this is passed as the `descr` parameter to a -`yumrepo` resource. On the Debian family, it is passed as the `comment` -parameter to an `apt::source` resource. -Default value 'DataStax Repo for Apache Cassandra' - -##### `key_id` -On the Debian family, this is passed as the `id` parameter to an `apt::key` -resource. On the Red Hat family, it is ignored. -Default value '7E41C00F85BFC1706C4FFFB3350200F2B999A372' - -##### `key_url` -On the Debian family, this is passed as the `source` parameter to an -`apt::key` resource. On the Red Hat family, it is ignored. -Default value 'http://debian.datastax.com/debian/repo_key' - -##### `pkg_url` -If left as the default, this will set the `baseurl` to -'http://rpm.datastax.com/community' on a `yumrepo` resource -on the Red Hat family. On the Debian family, leaving this as the default -will set the `location` parameter on an `apt::source` to -'http://debian.datastax.com/community'. Default value *undef* - -##### `release` -On the Debian family, this is passed as the `release` parameter to an -`apt::source` resource. On the Red Hat family, it is ignored. -Default value 'stable' - -### Class: cassandra::firewall_ports - -An optional class to configure incoming network ports on the host that are -relevant to the Cassandra installation. If firewalls are being managed -already, simply do not include this module in your manifest. - -IMPORTANT: The full list of which ports should be configured is assessed at -evaluation time of the configuration. Therefore if one is to use this class, -it must be the final cassandra class included in the manifest. - -#### Parameters - -##### `client_ports` -Only has any effect if the `cassandra` class is defined on the node. - -Allow these TCP ports to be opened for traffic -coming from the client subnets. -Default value '[9042, 9160]' - -##### `client_subnets` -Only has any effect if the `cassandra` class is defined on the node. - -An array of the list of subnets that are to allowed connection to -cassandra::native_transport_port and cassandra::rpc_port. -Default value '['0.0.0.0/0']' - -##### `inter_node_ports` -Only has any effect if the `cassandra` class is defined on the node. - -Allow these TCP ports to be opened for traffic -between the Cassandra nodes. -Default value '[7000, 7001, 7199]' - -##### `inter_node_subnets` -Only has any effect if the `cassandra` class is defined on the node. - -An array of the list of subnets that are to allowed connection to -cassandra::storage_port, cassandra::ssl_storage_port and port 7199 -for cassandra JMX monitoring. -Default value '['0.0.0.0/0']' - -##### `inter_node_ports` -Allow these TCP ports to be opened for traffic -coming from OpsCenter subnets. -Default value '[7000, 7001, 7199]' - -##### `public_ports` -Allow these TCP ports to be opened for traffic -coming from public subnets the port specified in `$ssh_port` will be -appended to this list. -Default value '[8888]' - -##### `public_subnets` -An array of the list of subnets that are to allowed connection to -cassandra::firewall_ports::ssh_port and if cassandra::opscenter has been -included, both cassandra::opscenter::webserver_port and -cassandra::opscenter::webserver_ssl_port. -Default value '['0.0.0.0/0']' - -##### `ssh_port` -Which port does SSH operate on. -Default value '22' - -##### `opscenter_ports` -Only has any effect if the `cassandra::datastax_agent` or -`cassandra::opscenter` classes are defined. - -Allow these TCP ports to be opened for traffic -coming to or from OpsCenter -appended to this list. -Default value '[61620, 61621]' - -##### `opscenter_subnets` -A list of subnets that are to be allowed connection to -port 61620 for nodes built with cassandra::opscenter and 61621 for nodes -built with cassandra::datastax_agent. -Default value '['0.0.0.0/0']' - -### Class: cassandra::java - -A class to install an appropriate Java package. - -#### Parameters - -##### `ensure` -Is passed to the package reference for the JRE/JDK package. Valid values are -**present** or a version number. -Default value 'present' - -##### `jna_ensure` -Is passed to the package reference for the JNA package. Valid values are -**present** or a version number. -Default value 'present' - -##### `jna_package_name` -If the default value of *undef* is left as it is, then a package called -jna or libjna-java will be installed on a Red Hat family or Ubuntu system -respectively. Alternatively, one can specify a package that is available in -a package repository to the node. -Default value *undef* - -##### `package_name` -If the default value of *undef* is left as it is, then a package called -java-1.8.0-openjdk-headless or openjdk-7-jre-headless will be installed -on a Red Hat family or Ubuntu system respectively. Alternatively, one -can specify a package that is available in a package repository to the -node. -Default value *undef* - -### Class: cassandra::opscenter - -This class installs and manages the DataStax OpsCenter. Leaving the defaults -as they are will provide a running OpsCenter without any authentication on -port 8888. - -#### Parameters - -##### `agents_agent_certfile` -This sets the agent_certfile setting in the agents section of the -OpsCenter configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html -for more details. A value of *undef* will ensure the setting is not present -in the file. Default value *undef* - -##### `agents_agent_keyfile` -This sets the agent_keyfile setting in the agents section of the -OpsCenter configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html -for more details. A value of *undef* will ensure the setting is not present -in the file. Default value *undef* - -##### `agents_agent_keyfile_raw` -This sets the agent_keyfile_raw setting in the agents section of the -OpsCenter configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html -for more details. A value of *undef* will ensure the setting is not present -in the file. Default value *undef* - -##### `agents_config_sleep` -This sets the config_sleep setting in the agents section of the -OpsCenter configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html -for more details. A value of *undef* will ensure the setting is not present -in the file. Default value *undef* - -##### `agents_fingerprint_throttle` -This sets the fingerprint_throttle setting in the agents section of the -OpsCenter configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html -for more details. A value of *undef* will ensure the setting is not present -in the file. Default value *undef* - -##### `agents_incoming_interface` -This sets the incoming_interface setting in the agents section of the -OpsCenter configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html -for more details. A value of *undef* will ensure the setting is not present -in the file. Default value *undef* - -##### `agents_incoming_port` -This sets the incoming_port setting in the agents section of the -OpsCenter configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html -for more details. A value of *undef* will ensure the setting is not present -in the file. Default value *undef* - -##### `agents_install_throttle` -This sets the install_throttle setting in the agents section of the -OpsCenter configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html -for more details. A value of *undef* will ensure the setting is not present -in the file. Default value *undef* - -##### `agents_not_seen_threshold` -This sets the not_seen_threshold setting in the agents section of the -OpsCenter configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html -for more details. A value of *undef* will ensure the setting is not present -in the file. Default value *undef* - -##### `agents_path_to_deb` -This sets the path_to_deb setting in the agents section of the -OpsCenter configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html -for more details. A value of *undef* will ensure the setting is not present -in the file. Default value *undef* - -##### `agents_path_to_find_java` -This sets the path_to_find_java setting in the agents section of the -OpsCenter configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html -for more details. A value of *undef* will ensure the setting is not present -in the file. Default value *undef* - -##### `agents_path_to_installscript` -This sets the path_to_installscript setting in the agents section of the -OpsCenter configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html -for more details. A value of *undef* will ensure the setting is not present -in the file. Default value *undef* - -##### `agents_path_to_rpm` -This sets the path_to_rpm setting in the agents section of the -OpsCenter configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html -for more details. A value of *undef* will ensure the setting is not present -in the file. Default value *undef* - -##### `agents_path_to_sudowrap` -This sets the path_to_sudowrap setting in the agents section of the -OpsCenter configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html -for more details. A value of *undef* will ensure the setting is not present -in the file. Default value *undef* - -##### `agents_reported_interface` -This sets the reported_interface setting in the agents section of the -OpsCenter configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html -for more details. A value of *undef* will ensure the setting is not present -in the file. Default value *undef* - -##### `agents_runs_sudo` -This sets the runs_sudo setting in the agents section of the -OpsCenter configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html -for more details. A value of *undef* will ensure the setting is not present -in the file. Default value *undef* - -##### `agents_scp_executable` -This sets the scp_executable setting in the agents section of the -OpsCenter configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html -for more details. A value of *undef* will ensure the setting is not present -in the file. Default value *undef* - -##### `agents_ssh_executable` -This sets the ssh_executable setting in the agents section of the -OpsCenter configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html -for more details. A value of *undef* will ensure the setting is not present -in the file. Default value *undef* - -##### `agents_ssh_keygen_executable` -This sets the ssh_keygen_executable setting in the agents section of the -OpsCenter configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html -for more details. A value of *undef* will ensure the setting is not present -in the file. Default value *undef* - -##### `agents_ssh_keyscan_executable` -This sets the ssh_keyscan_executable setting in the agents section of the -OpsCenter configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html -for more details. A value of *undef* will ensure the setting is not present -in the file. Default value *undef* - -##### `agents_ssh_port` -This sets the ssh_port setting in the agents section of the -OpsCenter configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html -for more details. A value of *undef* will ensure the setting is not present -in the file. Default value *undef* - -##### `agents_ssh_sys_known_hosts_file` -This sets the ssh_sys_known_hosts_file setting in the agents section of the -OpsCenter configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html -for more details. A value of *undef* will ensure the setting is not present -in the file. Default value *undef* - -##### `agents_ssh_user_known_hosts_file` -This sets the ssh_user_known_hosts_file setting in the agents section of the -OpsCenter configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html -for more details. A value of *undef* will ensure the setting is not present -in the file. Default value *undef* - -##### `agents_ssl_certfile` -This sets the ssl_certfile setting in the agents section of the -OpsCenter configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html -for more details. A value of *undef* will ensure the setting is not present -in the file. Default value *undef* - -##### `agents_ssl_keyfile` -This sets the ssl_keyfile setting in the agents section of the -OpsCenter configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html -for more details. A value of *undef* will ensure the setting is not present -in the file. Default value *undef* - -##### `agents_tmp_dir` -This sets the tmp_dir setting in the agents section of the -OpsCenter configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html -for more details. A value of *undef* will ensure the setting is not present -in the file. Default value *undef* - -##### `agents_use_ssl` -This sets the use_ssl setting in the agents section of the -OpsCenter configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html -for more details. A value of *undef* will ensure the setting is not present -in the file. Default value *undef* - -##### `authentication_audit_auth` -This sets the audit_auth setting in the authentication section of the -OpsCenter configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html -for more details. A value of *undef* will ensure the setting is not present -in the file. Default value *undef* - -##### `authentication_audit_pattern` -This sets the audit_pattern setting in the authentication section of the -OpsCenter configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html -for more details. A value of *undef* will ensure the setting is not present -in the file. Default value *undef* - -##### `authentication_method` -This sets the authentication_method setting in the authentication section of the -OpsCenter configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html -for more details. A value of *undef* will ensure the setting is not present -in the file. Default value *undef* - -##### `authentication_enabled` -This sets the enabled setting in the authentication section of the -OpsCenter configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html -for more details. A value of *undef* will ensure the setting is not present -in the file. Default value 'False' - -##### `authentication_passwd_db` -This sets the passwd_db setting in the authentication section of the -OpsCenter configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html -for more details. A value of *undef* will ensure the setting is not present -in the file. Default value *undef* - -##### `authentication_timeout` -This sets the timeout setting in the authentication section of the -OpsCenter configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html -for more details. A value of *undef* will ensure the setting is not present -in the file. Default value *undef* - -##### `cloud_accepted_certs` -This sets the accepted_certs setting in the cloud section of the -OpsCenter configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html -for more details. A value of *undef* will ensure the setting is not present -in the file. Default value *undef* - -##### `clusters_add_cluster_timeout` -This sets the add_cluster_timeout setting in the clusters section of the -OpsCenter configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html -for more details. A value of *undef* will ensure the setting is not present -in the file. Default value *undef* - -##### `clusters_startup_sleep` -This sets the startup_sleep setting in the clusters section of the -OpsCenter configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html -for more details. A value of *undef* will ensure the setting is not present -in the file. Default value *undef* - -##### `config_file` -The full path to the OpsCenter configuration file. -Default value '/etc/opscenter/opscenterd.conf' - -##### `definitions_auto_update` -This sets the auto_update setting in the definitions section of the -OpsCenter configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html -for more details. A value of *undef* will ensure the setting is not present -in the file. Default value *undef* - -##### `definitions_definitions_dir` -This sets the definitions_dir setting in the definitions section of the -OpsCenter configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html -for more details. A value of *undef* will ensure the setting is not present -in the file. Default value *undef* - -##### `definitions_download_filename` -This sets the download_filename setting in the definitions section of the -OpsCenter configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html -for more details. A value of *undef* will ensure the setting is not present -in the file. Default value *undef* - -##### `definitions_download_host` -This sets the download_host setting in the definitions section of the -OpsCenter configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html -for more details. A value of *undef* will ensure the setting is not present -in the file. Default value *undef* - -##### `definitions_download_port` -This sets the download_port setting in the definitions section of the -OpsCenter configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html -for more details. A value of *undef* will ensure the setting is not present -in the file. Default value *undef* - -##### `definitions_hash_filename` -This sets the hash_filename setting in the definitions section of the -OpsCenter configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html -for more details. A value of *undef* will ensure the setting is not present -in the file. Default value *undef* - -##### `definitions_sleep` -This sets the sleep setting in the definitions section of the -OpsCenter configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html -for more details. A value of *undef* will ensure the setting is not present -in the file. Default value *undef* - -##### `definitions_ssl_certfile` -This sets the ssl_certfile setting in the definitions section of the -OpsCenter configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html -for more details. A value of *undef* will ensure the setting is not present -in the file. Default value *undef* - -##### `definitions_use_ssl` -This sets the use_ssl setting in the definitions section of the -OpsCenter configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html -for more details. A value of *undef* will ensure the setting is not present -in the file. Default value *undef* - -##### `ensure` -This is passed to the package reference for **opscenter**. Valid values are -**present** or a version number. -Default value 'present' - -##### `failover_configuration_directory` -This sets the failover_configuration_directory setting in the failover section of the -OpsCenter configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html -for more details. A value of *undef* will ensure the setting is not present -in the file. Default value *undef* - -##### `failover_heartbeat_fail_window` -This sets the heartbeat_fail_window setting in the failover section of the -OpsCenter configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html -for more details. A value of *undef* will ensure the setting is not present -in the file. Default value *undef* - -##### `failover_heartbeat_period` -This sets the heartbeat_period setting in the failover section of the -OpsCenter configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html -for more details. A value of *undef* will ensure the setting is not present -in the file. Default value *undef* - -##### `failover_heartbeat_reply_period` -This sets the heartbeat_reply_period setting in the failover section of the -OpsCenter configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html -for more details. A value of *undef* will ensure the setting is not present -in the file. Default value *undef* - -##### `hadoop_base_job_tracker_proxy_port` -This sets the base_job_tracker_proxy_port setting in the hadoop section of the -OpsCenter configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html -for more details. A value of *undef* will ensure the setting is not present -in the file. Default value *undef* - -##### `ldap_admin_group_name` -This sets the admin_group_name setting in the ldap section of the -OpsCenter configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html -for more details. A value of *undef* will ensure the setting is not present -in the file. Default value *undef* - -##### `ldap_connection_timeout` -This sets the connection_timeout setting in the ldap section of the -OpsCenter configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html -for more details. A value of *undef* will ensure the setting is not present -in the file. Default value *undef* - -##### `ldap_debug_ssl` -This sets the debug_ssl setting in the ldap section of the -OpsCenter configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html -for more details. A value of *undef* will ensure the setting is not present -in the file. Default value *undef* - -##### `ldap_group_name_attribute` -This sets the group_name_attribute setting in the ldap section of the -OpsCenter configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html -for more details. A value of *undef* will ensure the setting is not present -in the file. Default value *undef* - -##### `ldap_group_search_base` -This sets the group_search_base setting in the ldap section of the -OpsCenter configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html -for more details. A value of *undef* will ensure the setting is not present -in the file. Default value *undef* - -##### `ldap_group_search_filter` -This sets the group_search_filter setting in the ldap section of the -OpsCenter configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html -for more details. A value of *undef* will ensure the setting is not present -in the file. Default value *undef* - -##### `ldap_group_search_type` -This sets the group_search_type setting in the ldap section of the -OpsCenter configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html -for more details. A value of *undef* will ensure the setting is not present -in the file. Default value *undef* - -##### `ldap_ldap_security` -This sets the ldap_security setting in the ldap section of the -OpsCenter configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html -for more details. A value of *undef* will ensure the setting is not present -in the file. Default value *undef* - -##### `ldap_opt_referrals` -This sets the opt_referrals setting in the ldap section of the -OpsCenter configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html -for more details. A value of *undef* will ensure the setting is not present -in the file. Default value *undef* - -##### `ldap_protocol_version` -This sets the protocol_version setting in the ldap section of the -OpsCenter configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html -for more details. A value of *undef* will ensure the setting is not present -in the file. Default value *undef* - -##### `ldap_search_dn` -This sets the search_dn setting in the ldap section of the -OpsCenter configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html -for more details. A value of *undef* will ensure the setting is not present -in the file. Default value *undef* - -##### `ldap_search_password` -This sets the search_password setting in the ldap section of the -OpsCenter configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html -for more details. A value of *undef* will ensure the setting is not present -in the file. Default value *undef* - -##### `ldap_server_host` -This sets the server_host setting in the ldap section of the -OpsCenter configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html -for more details. A value of *undef* will ensure the setting is not present -in the file. Default value *undef* - -##### `ldap_server_port` -This sets the server_port setting in the ldap section of the -OpsCenter configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html -for more details. A value of *undef* will ensure the setting is not present -in the file. Default value *undef* - -##### `ldap_ssl_cacert` -This sets the ssl_cacert setting in the ldap section of the -OpsCenter configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html -for more details. A value of *undef* will ensure the setting is not present -in the file. Default value *undef* - -##### `ldap_ssl_cert` -This sets the ssl_cert setting in the ldap section of the -OpsCenter configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html -for more details. A value of *undef* will ensure the setting is not present -in the file. Default value *undef* - -##### `ldap_ssl_key` -This sets the ssl_key setting in the ldap section of the -OpsCenter configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html -for more details. A value of *undef* will ensure the setting is not present -in the file. Default value *undef* - -##### `ldap_tls_demand` -This sets the tls_demand setting in the ldap section of the -OpsCenter configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html -for more details. A value of *undef* will ensure the setting is not present -in the file. Default value *undef* - -##### `ldap_tls_reqcert` -This sets the tls_reqcert setting in the ldap section of the -OpsCenter configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html -for more details. A value of *undef* will ensure the setting is not present -in the file. Default value *undef* - -##### `ldap_uri_scheme` -This sets the uri_scheme setting in the ldap section of the -OpsCenter configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html -for more details. A value of *undef* will ensure the setting is not present -in the file. Default value *undef* - -##### `ldap_user_memberof_attribute` -This sets the user_memberof_attribute setting in the ldap section of the -OpsCenter configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html -for more details. A value of *undef* will ensure the setting is not present -in the file. Default value *undef* - -##### `ldap_user_search_base` -This sets the user_search_base setting in the ldap section of the -OpsCenter configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html -for more details. A value of *undef* will ensure the setting is not present -in the file. Default value *undef* - -##### `ldap_user_search_filter` -This sets the user_search_filter setting in the ldap section of the -OpsCenter configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html -for more details. A value of *undef* will ensure the setting is not present -in the file. Default value *undef* - -##### `logging_level` -This sets the level setting in the logging section of the -OpsCenter configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html -for more details. A value of *undef* will ensure the setting is not present -in the file. Default value *undef* - -##### `logging_log_length` -This sets the log_length setting in the logging section of the -OpsCenter configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html -for more details. A value of *undef* will ensure the setting is not present -in the file. Default value *undef* - -##### `logging_log_path` -This sets the log_path setting in the logging section of the -OpsCenter configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html -for more details. A value of *undef* will ensure the setting is not present -in the file. Default value *undef* - -##### `logging_max_rotate` -This sets the max_rotate setting in the logging section of the -OpsCenter configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html -for more details. A value of *undef* will ensure the setting is not present -in the file. Default value *undef* - -##### `logging_resource_usage_interval` -This sets the resource_usage_interval setting in the logging section of the -OpsCenter configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html -for more details. A value of *undef* will ensure the setting is not present -in the file. Default value *undef* - -##### `package_name` -The name of the OpsCenter package. -Default value 'opscenter' - -##### `provisioning_agent_install_timeout` -This sets the agent_install_timeout setting in the provisioning section of the -OpsCenter configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html -for more details. A value of *undef* will ensure the setting is not present -in the file. Default value *undef* - -##### `provisioning_keyspace_timeout` -This sets the keyspace_timeout setting in the provisioning section of the -OpsCenter configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html -for more details. A value of *undef* will ensure the setting is not present -in the file. Default value *undef* - -##### `provisioning_private_key_dir` -This sets the private_key_dir setting in the provisioning section of the -OpsCenter configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html -for more details. A value of *undef* will ensure the setting is not present -in the file. Default value *undef* - -##### `repair_service_alert_on_repair_failure` -This sets the alert_on_repair_failure setting in the repair_service section of the -OpsCenter configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html -for more details. A value of *undef* will ensure the setting is not present -in the file. Default value *undef* - -##### `repair_service_cluster_stabilization_period` -This sets the cluster_stabilization_period setting in the repair_service section of the -OpsCenter configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html -for more details. A value of *undef* will ensure the setting is not present -in the file. Default value *undef* - -##### `repair_service_error_logging_window` -This sets the error_logging_window setting in the repair_service section of the -OpsCenter configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html -for more details. A value of *undef* will ensure the setting is not present -in the file. Default value *undef* - -##### `repair_service_incremental_err_alert_threshold` -This sets the incremental_err_alert_threshold setting in the repair_service section of the -OpsCenter configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html -for more details. A value of *undef* will ensure the setting is not present -in the file. Default value *undef* - -##### `repair_service_incremental_range_repair` -This sets the incremental_range_repair setting in the repair_service section of the -OpsCenter configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html -for more details. A value of *undef* will ensure the setting is not present -in the file. Default value *undef* - -##### `repair_service_incremental_repair_tables` -This sets the incremental_repair_tables setting in the repair_service section of the -OpsCenter configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html -for more details. A value of *undef* will ensure the setting is not present -in the file. Default value *undef* - -##### `repair_service_ks_update_period` -This sets the ks_update_period setting in the repair_service section of the -OpsCenter configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html -for more details. A value of *undef* will ensure the setting is not present -in the file. Default value *undef* - -##### `repair_service_log_directory` -This sets the log_directory setting in the repair_service section of the -OpsCenter configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html -for more details. A value of *undef* will ensure the setting is not present -in the file. Default value *undef* - -##### `repair_service_log_length` -This sets the log_length setting in the repair_service section of the -OpsCenter configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html -for more details. A value of *undef* will ensure the setting is not present -in the file. Default value *undef* - -##### `repair_service_max_err_threshold` -This sets the max_err_threshold setting in the repair_service section of the -OpsCenter configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html -for more details. A value of *undef* will ensure the setting is not present -in the file. Default value *undef* - -##### `repair_service_max_parallel_repairs` -This sets the max_parallel_repairs setting in the repair_service section of the -OpsCenter configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html -for more details. A value of *undef* will ensure the setting is not present -in the file. Default value *undef* - -##### `repair_service_max_pending_repairs` -This sets the max_pending_repairs setting in the repair_service section of the -OpsCenter configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html -for more details. A value of *undef* will ensure the setting is not present -in the file. Default value *undef* - -##### `repair_service_max_rotate` -This sets the max_rotate setting in the repair_service section of the -OpsCenter configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html -for more details. A value of *undef* will ensure the setting is not present -in the file. Default value *undef* - -##### `repair_service_min_repair_time` -This sets the min_repair_time setting in the repair_service section of the -OpsCenter configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html -for more details. A value of *undef* will ensure the setting is not present -in the file. Default value *undef* - -##### `repair_service_min_throughput` -This sets the min_throughput setting in the repair_service section of the -OpsCenter configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html -for more details. A value of *undef* will ensure the setting is not present -in the file. Default value *undef* - -##### `repair_service_num_recent_throughputs` -This sets the num_recent_throughputs setting in the repair_service section of the -OpsCenter configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html -for more details. A value of *undef* will ensure the setting is not present -in the file. Default value *undef* - -##### `repair_service_persist_directory` -This sets the persist_directory setting in the repair_service section of the -OpsCenter configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html -for more details. A value of *undef* will ensure the setting is not present -in the file. Default value *undef* - -##### `repair_service_persist_period` -This sets the persist_period setting in the repair_service section of the -OpsCenter configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html -for more details. A value of *undef* will ensure the setting is not present -in the file. Default value *undef* - -##### `repair_service_restart_period` -This sets the restart_period setting in the repair_service section of the -OpsCenter configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html -for more details. A value of *undef* will ensure the setting is not present -in the file. Default value *undef* - -##### `repair_service_single_repair_timeout` -This sets the single_repair_timeout setting in the repair_service section of the -OpsCenter configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html -for more details. A value of *undef* will ensure the setting is not present -in the file. Default value *undef* - -##### `repair_service_single_task_err_threshold` -This sets the single_task_err_threshold setting in the repair_service section of the -OpsCenter configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html -for more details. A value of *undef* will ensure the setting is not present -in the file. Default value *undef* - -##### `repair_service_snapshot_override` -This sets the snapshot_override setting in the repair_service section of the -OpsCenter configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html -for more details. A value of *undef* will ensure the setting is not present -in the file. Default value *undef* - -##### `request_tracker_queue_size` -This sets the queue_size setting in the request_tracker section of the -OpsCenter configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html -for more details. A value of *undef* will ensure the setting is not present -in the file. Default value *undef* - -##### `security_config_encryption_active` -This sets the config_encryption_active setting in the security section of the -OpsCenter configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html -for more details. A value of *undef* will ensure the setting is not present -in the file. Default value *undef* - -##### `security_config_encryption_key_name` -This sets the config_encryption_key_name setting in the security section of the -OpsCenter configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html -for more details. A value of *undef* will ensure the setting is not present -in the file. Default value *undef* - -##### `security_config_encryption_key_path` -This sets the config_encryption_key_path setting in the security section of the -OpsCenter configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html -for more details. A value of *undef* will ensure the setting is not present -in the file. Default value *undef* - -##### `service_enable` -Enable the OpsCenter service to start at boot time. Valid values are true -or false. -Default value 'true' - -##### `service_ensure` -Ensure the OpsCenter service is running. Valid values are running or stopped. -Default value 'running' - -##### `service_name` -The name of the service that runs the OpsCenter software. -Default value 'opscenterd' - -##### `spark_base_master_proxy_port` -This sets the base_master_proxy_port setting in the spark section of the -OpsCenter configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html -for more details. A value of *undef* will ensure the setting is not present -in the file. Default value *undef* - -##### `stat_reporter_initial_sleep` -This sets the initial_sleep setting in the stat_reporter section of the -OpsCenter configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html -for more details. A value of *undef* will ensure the setting is not present -in the file. Default value *undef* - -##### `stat_reporter_interval` -This sets the interval setting in the stat_reporter section of the -OpsCenter configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html -for more details. A value of *undef* will ensure the setting is not present -in the file. Default value *undef* - -##### `stat_reporter_report_file` -This sets the report_file setting in the stat_reporter section of the -OpsCenter configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html -for more details. A value of *undef* will ensure the setting is not present -in the file. Default value *undef* - -##### `stat_reporter_ssl_key` -This sets the ssl_key setting in the stat_reporter section of the -OpsCenter configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html -for more details. A value of *undef* will ensure the setting is not present -in the file. Default value *undef* - -##### `ui_default_api_timeout` -This sets the default_api_timeout setting in the ui section of the -OpsCenter configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html -for more details. A value of *undef* will ensure the setting is not present -in the file. Default value *undef* - -##### `ui_max_metrics_requests` -This sets the max_metrics_requests setting in the ui section of the -OpsCenter configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html -for more details. A value of *undef* will ensure the setting is not present -in the file. Default value *undef* - -##### `ui_node_detail_refresh_delay` -This sets the node_detail_refresh_delay setting in the ui section of the -OpsCenter configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html -for more details. A value of *undef* will ensure the setting is not present -in the file. Default value *undef* - -##### `ui_storagemap_ttl` -This sets the storagemap_ttl setting in the ui section of the -OpsCenter configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html -for more details. A value of *undef* will ensure the setting is not present -in the file. Default value *undef* - -##### `webserver_interface` -This sets the interface setting in the webserver section of the -OpsCenter configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html -for more details. A value of *undef* will ensure the setting is not present -in the file. Default value '0.0.0.0' - -##### `webserver_log_path` -This sets the log_path setting in the webserver section of the -OpsCenter configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html -for more details. A value of *undef* will ensure the setting is not present -in the file. Default value *undef* - -##### `webserver_port` -This sets the port setting in the webserver section of the -OpsCenter configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html -for more details. A value of *undef* will ensure the setting is not present -in the file. Default value '8888' - -##### `webserver_ssl_certfile` -This sets the ssl_certfile setting in the webserver section of the -OpsCenter configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html -for more details. A value of *undef* will ensure the setting is not present -in the file. Default value *undef* - -##### `webserver_ssl_keyfile` -This sets the ssl_keyfile setting in the webserver section of the -OpsCenter configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html -for more details. A value of *undef* will ensure the setting is not present -in the file. Default value *undef* - -##### `webserver_ssl_port` -This sets the ssl_port setting in the webserver section of the -OpsCenter configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html -for more details. A value of *undef* will ensure the setting is not present -in the file. Default value *undef* - -##### `webserver_staticdir` -This sets the staticdir setting in the webserver section of the -OpsCenter configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html -for more details. A value of *undef* will ensure the setting is not present -in the file. Default value *undef* - -##### `webserver_sub_process_timeout` -This sets the sub_process_timeout setting in the webserver section of the -OpsCenter configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html -for more details. A value of *undef* will ensure the setting is not present -in the file. Default value *undef* - -##### `webserver_tarball_process_timeout` -This sets the tarball_process_timeout setting in the webserver section of the -OpsCenter configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html -for more details. A value of *undef* will ensure the setting is not present -in the file. Default value *undef* - - -### Class: cassandra::opscenter::pycrypto - -On the Red Hat family of operating systems, if one intends to use encryption -for configuration values then the pycrypto library is required. This class -will install it for the user. See -http://docs.datastax.com/en/opscenter/5.2//opsc/configure/installPycrypto.html -for more details. - -This class has no effect when included on nodes that are not in the Red Hat -family. - -#### Parameters - -##### `ensure` -This is passed to the package reference for **pycrypto**. Valid values are -**present** or a version number. -Default value 'present' - -##### `manage_epel` -If set to true, the **epel-release** package will be installed. -Default value 'false' - -##### `package_name` -The name of the PyCrypto package. -Default value 'pycrypto' - -##### `provider` -The name of the provider of the pycrypto package. -Default value 'pip' - -##### `reqd_pckgs` -Packages that are required to install the pycrypto package. -Default value '['python-devel', 'python-pip' ]' - -### Class: cassandra::optutils - -A class to install the optional Cassandra tools package. - -#### Parameters - -##### `ensure` -Is passed to the package reference. Valid values are **present** or a version -number. -Default value 'present' - -##### `package_name` -If the default value of *undef* is left as it is, then a package called -cassandra22-tools or cassandra-tools will be installed -on a Red Hat family or Ubuntu system respectively. Alternatively, one -can specify a package that is available in a package repository to the -node. -Default value *undef* - -### Defined Type cassandra::opscenter::cluster_name - -With DataStax Enterprise, one can specify a remote keyspace for OpsCenter -to store metric data (this is not available in the DataStax Community Edition). - -#### Parameters - -##### `cassandra_seed_hosts` -This sets the seed_hosts setting in the cassandra section of the -_cluster_name_.conf configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscStoringCollectionDataDifferentCluster_t.html -for more details. A value of *undef* will ensure the setting is not -present in the file. Default value *undef* - -##### `storage_cassandra_api_port` -This sets the api_port setting in the storage_cassandra section of the -_cluster_name_.conf configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscStoringCollectionDataDifferentCluster_t.html -for more details. A value of *undef* will ensure the setting is not -present in the file. Default value *undef* - -##### `storage_cassandra_bind_interface` -This sets the bind_interface setting in the storage_cassandra section of the -_cluster_name_.conf configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscStoringCollectionDataDifferentCluster_t.html -for more details. A value of *undef* will ensure the setting is not -present in the file. Default value *undef* - -##### `storage_cassandra_connection_pool_size` -This sets the connection_pool_size setting in the storage_cassandra section of the -_cluster_name_.conf configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscStoringCollectionDataDifferentCluster_t.html -for more details. A value of *undef* will ensure the setting is not -present in the file. Default value *undef* - -##### `storage_cassandra_connect_timeout` -This sets the connect_timeout setting in the storage_cassandra section of the -_cluster_name_.conf configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscStoringCollectionDataDifferentCluster_t.html -for more details. A value of *undef* will ensure the setting is not -present in the file. Default value *undef* - -##### `storage_cassandra_cql_port` -This sets the cql_port setting in the storage_cassandra section of the -_cluster_name_.conf configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscStoringCollectionDataDifferentCluster_t.html -for more details. A value of *undef* will ensure the setting is not -present in the file. Default value *undef* - -##### `storage_cassandra_keyspace` -This sets the keyspace setting in the storage_cassandra section of the -_cluster_name_.conf configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscStoringCollectionDataDifferentCluster_t.html -for more details. A value of *undef* will ensure the setting is not -present in the file. Default value *undef* - -##### `storage_cassandra_local_dc_pref` -This sets the local_dc_pref setting in the storage_cassandra section of the -_cluster_name_.conf configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscStoringCollectionDataDifferentCluster_t.html -for more details. A value of *undef* will ensure the setting is not -present in the file. Default value *undef* - -##### `storage_cassandra_password` -This sets the password setting in the storage_cassandra section of the -_cluster_name_.conf configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscStoringCollectionDataDifferentCluster_t.html -for more details. A value of *undef* will ensure the setting is not -present in the file. Default value *undef* - -##### `storage_cassandra_retry_delay` -This sets the retry_delay setting in the storage_cassandra section of the -_cluster_name_.conf configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscStoringCollectionDataDifferentCluster_t.html -for more details. A value of *undef* will ensure the setting is not -present in the file. Default value *undef* - -##### `storage_cassandra_seed_hosts` -This sets the seed_hosts setting in the storage_cassandra section of the -_cluster_name_.conf configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscStoringCollectionDataDifferentCluster_t.html -for more details. A value of *undef* will ensure the setting is not -present in the file. Default value *undef* - -##### `storage_cassandra_send_rpc` -This sets the send_rpc setting in the storage_cassandra section of the -_cluster_name_.conf configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscStoringCollectionDataDifferentCluster_t.html -for more details. A value of *undef* will ensure the setting is not -present in the file. Default value *undef* - -##### `storage_cassandra_ssl_ca_certs` -This sets the ssl_ca_certs setting in the storage_cassandra section of the -_cluster_name_.conf configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscStoringCollectionDataDifferentCluster_t.html -for more details. A value of *undef* will ensure the setting is not -present in the file. Default value *undef* - -##### `storage_cassandra_ssl_client_key` -This sets the ssl_client_key setting in the storage_cassandra section of the -_cluster_name_.conf configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscStoringCollectionDataDifferentCluster_t.html -for more details. A value of *undef* will ensure the setting is not -present in the file. Default value *undef* - -##### `storage_cassandra_ssl_client_pem` -This sets the ssl_client_pem setting in the storage_cassandra section of the -_cluster_name_.conf configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscStoringCollectionDataDifferentCluster_t.html -for more details. A value of *undef* will ensure the setting is not -present in the file. Default value *undef* - -##### `storage_cassandra_ssl_validate` -This sets the ssl_validate setting in the storage_cassandra section of the -_cluster_name_.conf configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscStoringCollectionDataDifferentCluster_t.html -for more details. A value of *undef* will ensure the setting is not -present in the file. Default value *undef* - -##### `storage_cassandra_used_hosts_per_remote_dc` -This sets the used_hosts_per_remote_dc setting in the storage_cassandra section of the -_cluster_name_.conf configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscStoringCollectionDataDifferentCluster_t.html -for more details. A value of *undef* will ensure the setting is not -present in the file. Default value *undef* - -##### `storage_cassandra_username` -This sets the username setting in the storage_cassandra section of the -_cluster_name_.conf configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscStoringCollectionDataDifferentCluster_t.html -for more details. A value of *undef* will ensure the setting is not -present in the file. Default value *undef* - -### Defined Type cassandra::firewall_ports::rule - -A defined type to be used as a macro for setting host based firewall -rules. This is not intended to be used by a user (who should use the -API provided by cassandra::firewall_ports instead) but is documented -here for completeness. - -#### Parameters - -##### `title` -A text field that contains the protocol name and CIDR address of a subnet. - -##### `port` -The number(s) of the port(s) to be opened. - -### Defined Type cassandra::opscenter::setting - -A defined type to be used as a macro for settings in the OpsCenter -configuration file. This is not intended to be used by a user (who -should use the API provided by cassandra::opscenter instead) but is documented -here for completeness. - -#### Parameters - -##### `service_name` -The name of the service to be notified if a change is made to the -configuration file. Typically this would by **opscenterd**. - -##### `path` -The path to the configuration file. Typically this would by -**/etc/opscenter/opscenterd.conf**. - -##### `section` -The section in the configuration file to be added to (e.g. **webserver**). - -##### `setting` -The setting within the section of the configuration file to changed -(e.g. **port**). - -##### `value` -The setting value to be changed to (e.g. **8888**). - -## Limitations - -Tested on the Red Hat family versions 6 and 7, Ubuntu 12.04 and 14.04, -Debian 7 Puppet (CE) 3.7.5 and DSC 2. - -From release 1.6.0 of this module, regular updates of the Cassandra 1.X -template will cease and testing against this template will cease. Testing -against the template for versions of Cassandra >= 2.X will continue. - -## Contributers - -Contributions will be gratefully accepted. Please go to the project page, -fork the project, make your changes locally and then raise a pull request. -Details on how to do this are available at -https://guides.github.com/activities/contributing-to-open-source. - -Please also see the -[CONTRIBUTING.md](https://github.com/locp/cassandra/blob/master/CONTRIBUTING.md) -page for project specific requirements. - -### Additional Contributers - -* Yanis Guenane (GitHub [@spredzy](https://github.com/Spredzy)) provided the -Cassandra 1.x compatible template -(see [#11](https://github.com/locp/cassandra/pull/11)). - -* Amos Shapira (GitHub [@amosshapira](https://github.com/amosshapira)) fixed -a bug in the requirements metadata that caused a problem with Puppetfile -(see [#34](https://github.com/locp/cassandra/pull/34)). - -* Dylan Griffith (GitHub [@DylanGriffith](https://github.com/DylanGriffith)) -identified that the dependency for puppetlabs-apt was incorrect -(see [#87](https://github.com/locp/cassandra/pull/87)). - -* Sam Powers (GitHub [@sampowers](https://github.com/sampowers)) reported a -bug in the ability to set the running state of the Cassandra service and -subsequently submitted a pull request with a fix -(see [#93](https://github.com/locp/cassandra/issues/93)). - -* [@markasammut](https://github.com/markasammut) contributed a pull request -to set the batch_size_warn_threshold_in_kb parameter (see -[#100](https://github.com/locp/cassandra/pull/100)). - -* [@markasammut](https://github.com/markasammut) also contributed a pull -request to restart the service if the datastax-agent package is upgraded -(see [#110](https://github.com/locp/cassandra/pull/110)). diff --git a/cassandra/Rakefile b/cassandra/Rakefile deleted file mode 100644 index 7938b7afa..000000000 --- a/cassandra/Rakefile +++ /dev/null @@ -1,6 +0,0 @@ -require 'rubygems' -require 'puppetlabs_spec_helper/rake_tasks' -require 'puppet_blacksmith/rake_tasks' -Blacksmith::RakeTask.new do |t| - t.tag_pattern = "%s" # Use a custom pattern with git tag. %s is replaced with the version number. -end diff --git a/cassandra/files/CASSANDRA-9822/cassandra b/cassandra/files/CASSANDRA-9822/cassandra deleted file mode 100755 index 56eace68c..000000000 --- a/cassandra/files/CASSANDRA-9822/cassandra +++ /dev/null @@ -1,169 +0,0 @@ -#! /bin/sh -### BEGIN INIT INFO -# Provides: cassandra -# Required-Start: $remote_fs $network $named $time -# Required-Stop: $remote_fs $network $named $time -# Should-Start: ntp mdadm -# Should-Stop: ntp mdadm -# Default-Start: 2 3 4 5 -# Default-Stop: 0 1 6 -# Short-Description: distributed storage system for structured data -# Description: Cassandra is a distributed (peer-to-peer) system for -# the management and storage of structured data. -### END INIT INFO - -# Author: Eric Evans - -DESC="Cassandra" -NAME=cassandra -PIDFILE=/var/run/$NAME/$NAME.pid -SCRIPTNAME=/etc/init.d/$NAME -CONFDIR=/etc/cassandra -WAIT_FOR_START=10 -CASSANDRA_HOME=/usr/share/cassandra -FD_LIMIT=100000 - -[ -e /usr/share/cassandra/apache-cassandra.jar ] || exit 0 -[ -e /etc/cassandra/cassandra.yaml ] || exit 0 -[ -e /etc/cassandra/cassandra-env.sh ] || exit 0 - -# Read configuration variable file if it is present -[ -r /etc/default/$NAME ] && . /etc/default/$NAME - -# Read Cassandra environment file. -. /etc/cassandra/cassandra-env.sh - -if [ -z "$JVM_OPTS" ]; then - echo "Initialization failed; \$JVM_OPTS not set!" >&2 - exit 3 -fi - -export JVM_OPTS - -# Export JAVA_HOME, if set. -[ -n "$JAVA_HOME" ] && export JAVA_HOME - -# Load the VERBOSE setting and other rcS variables -. /lib/init/vars.sh - -# Define LSB log_* functions. -# Depend on lsb-base (>= 3.0-6) to ensure that this file is present. -. /lib/lsb/init-functions - -# -# Function that returns 0 if process is running, or nonzero if not. -# -# The nonzero value is 3 if the process is simply not running, and 1 if the -# process is not running but the pidfile exists (to match the exit codes for -# the "status" command; see LSB core spec 3.1, section 20.2) -# -CMD_PATT="cassandra" -is_running() -{ - if [ -f $PIDFILE ]; then - pid=`cat $PIDFILE` - grep -Eq "$CMD_PATT" "/proc/$pid/cmdline" 2>/dev/null && return 0 - return 1 - fi - return 3 -} - -# -# Function that starts the daemon/service -# -do_start() -{ - # Return - # 0 if daemon has been started - # 1 if daemon was already running - # 2 if daemon could not be started - - ulimit -l unlimited - ulimit -n "$FD_LIMIT" - - cassandra_home=`getent passwd cassandra | awk -F ':' '{ print $6; }'` - heap_dump_f="$cassandra_home/java_`date +%s`.hprof" - error_log_f="$cassandra_home/hs_err_`date +%s`.log" - - [ -e `dirname "$PIDFILE"` ] || \ - install -d -ocassandra -gcassandra -m755 `dirname $PIDFILE` - - - - start-stop-daemon -S -c cassandra -a /usr/sbin/cassandra -q -p "$PIDFILE" -t >/dev/null || return 1 - - start-stop-daemon -S -c cassandra -a /usr/sbin/cassandra -b -p "$PIDFILE" -- \ - -p "$PIDFILE" -H "$heap_dump_f" -E "$error_log_f" >/dev/null || return 2 - -} - -# -# Function that stops the daemon/service -# -do_stop() -{ - # Return - # 0 if daemon has been stopped - # 1 if daemon was already stopped - # 2 if daemon could not be stopped - # other if a failure occurred - start-stop-daemon -K -p "$PIDFILE" -R TERM/30/KILL/5 >/dev/null - RET=$? - rm -f "$PIDFILE" - return $RET -} - -case "$1" in - start) - [ "$VERBOSE" != no ] && log_daemon_msg "Starting $DESC" "$NAME" - do_start - case "$?" in - 0|1) [ "$VERBOSE" != no ] && log_end_msg 0 ;; - 2) [ "$VERBOSE" != no ] && log_end_msg 1 ;; - esac - ;; - stop) - [ "$VERBOSE" != no ] && log_daemon_msg "Stopping $DESC" "$NAME" - do_stop - case "$?" in - 0|1) [ "$VERBOSE" != no ] && log_end_msg 0 ;; - 2) [ "$VERBOSE" != no ] && log_end_msg 1 ;; - esac - ;; - restart|force-reload) - log_daemon_msg "Restarting $DESC" "$NAME" - do_stop - case "$?" in - 0|1) - do_start - case "$?" in - 0) log_end_msg 0 ;; - 1) log_end_msg 1 ;; # Old process is still running - *) log_end_msg 1 ;; # Failed to start - esac - ;; - *) - # Failed to stop - log_end_msg 1 - ;; - esac - ;; - status) - is_running - stat=$? - case "$stat" in - 0) log_success_msg "$DESC is running" ;; - 1) log_failure_msg "could not access pidfile for $DESC" ;; - *) log_success_msg "$DESC is not running" ;; - esac - exit "$stat" - ;; - *) - echo "Usage: $SCRIPTNAME {start|stop|restart|force-reload|status}" >&2 - exit 3 - ;; -esac - -: - -# vi:ai sw=4 ts=4 tw=0 et diff --git a/cassandra/images/bkg.png b/cassandra/images/bkg.png deleted file mode 100644 index d10e5caf1..000000000 Binary files a/cassandra/images/bkg.png and /dev/null differ diff --git a/cassandra/images/blacktocat.png b/cassandra/images/blacktocat.png deleted file mode 100644 index 9759d7762..000000000 Binary files a/cassandra/images/blacktocat.png and /dev/null differ diff --git a/cassandra/images/plantuml_2015-10-10T14-14-16.png b/cassandra/images/plantuml_2015-10-10T14-14-16.png deleted file mode 100644 index f82ee7203..000000000 Binary files a/cassandra/images/plantuml_2015-10-10T14-14-16.png and /dev/null differ diff --git a/cassandra/index.html b/cassandra/index.html deleted file mode 100644 index 0ce4166d9..000000000 --- a/cassandra/index.html +++ /dev/null @@ -1,3799 +0,0 @@ - - - - - - - - - - - Cassandra by locp - - - - -
-
-

Cassandra

-

Installs Cassandra, DataStax Agent & OpsCenter on RHEL/Ubuntu/Debian.

- -
- Download as .zip - Download as .tar.gz - View on GitHub -
-
-
- -
-
-

-Cassandra

- -

Puppet Forge -Github Tag -Build Status -Coverage Status -Join the chat at https://gitter.im/locp/cassandra

- -

-Table of Contents

- -
    -
  1. Overview
    2. -
  2. -Setup - The basics of getting started with Cassandra - - -
    3. -
  3. -Usage - Configuration options and additional functionality - - -
    4. -
  4. -Reference - An under-the-hood peek at what the module is doing and how - - -
    5. -
  5. Limitations - OS compatibility, etc.
    6. -
  6. Contributers
    7. -
- -

-Overview

- -

A Puppet module to install and manage Cassandra, DataStax Agent & OpsCenter

- -

-Setup

- -

-What Cassandra affects

- -

-What the Cassandra class affects

- -
    -
  • Installs the Cassandra package (default dsc22).
    • -
  • Configures settings in ${config_path}/cassandra.yaml.
    • -
  • Optionally ensures that the Cassandra service is enabled and running.
    • -
  • On Ubuntu systems, optionally replace /etc/init.d/cassandra with a -workaround for -CASSANDRA-9822.
    • -
- -

-What the cassandra::datastax_agent class affects

- -
    -
  • Optionally installs the DataStax agent.
    • -
  • Optionally sets JAVA_HOME in /etc/default/datastax-agent.
    • -
- -

-What the cassandra::datastax_agent class affects

- -
    -
  • Optionally configures a Yum repository to install the Cassandra packages -from (on Red Hat).
    • -
  • Optionally configures an Apt repository to install the Cassandra packages -from (on Ubuntu).
    • -
- -

-What the cassandra::firewall_ports class affects

- -
    -
  • Optionally configures the firewall for the Cassandra related network -ports.
    • -
- -

-What the cassandra::java class affects

- -
    -
  • Optionally installs a JRE/JDK package (e.g. java-1.7.0-openjdk) and the -Java Native Access (JNA).
    • -
- -

-What the cassandra::opscenter class affects

- -
    -
  • Installs the OpsCenter package.
    • -
  • Manages the content of the configuration file -(/etc/opscenter/opscenterd.conf).
    • -
  • Manages the opscenterd service.
    • -
- -

-What the cassandra::opscenter::cluster_name type affects

- -
    -
  • An optional type that allows DataStax OpsCenter to connect to a remote -key space for metrics storage. These files will be created in -/etc/opscenter/clusters. The module also creates this directory if -required. This functionality is only valid in DataStax Enterprise.
    • -
- -

-What the cassandra::opscenter::pycrypto class affects

- -
    -
  • On the Red Hat family it installs the pycrypto library and it's -pre-requisites (the python-devel and python-pip packages).
    • -
  • Optionally installs the Extra Packages for Enterprise Linux (EPEL) -repository.
    • -
  • As a workaround for -PUP-3829 a symbolic -link is created from /usr/bin/pip to -/usr/bin/pip-python. Hopefully this can be removed in the not -too distant future.
    • -
- -

-What the cassandra::optutils class affects

- -
    -
  • Optionally installs the Cassandra support tools (e.g. cassandra22-tools).
    • -
- -

-Beginning with Cassandra

- -

A basic example is as follows:

- -
  class { 'cassandra':
-    cluster_name    => 'MyCassandraCluster',
-    endpoint_snitch => 'GossipingPropertyFileSnitch',
-    listen_address  => "${::ipaddress}",
-    seeds           => '110.82.155.0,110.82.156.3'
-  }
- -

-Upgrading

- -

-Changes in 1.8.0

- -

A somewhat embarrassing correction to the spelling of the -cassandra::fail_on_non_suppoted_os to cassandra::fail_on_non_supported_os.

- -

-Issues when Upgrading to 1.4.0

- -

Unfortunately both releases 1.3.7 and 1.4.0 have subsequently been found to -call a refresh service even when no changes had been made to the underlying -configuration. In release 1.8.0 (somewhat belatedly) the service_refresh -flag has been introduced to mitigate against similar problems.

- -

-Issues When Upgrading to 1.3.7

- -
    -
  • Please see the notes for 1.4.0.
    • -
- -

-Changes in 1.0.0

- -
    -
  • cassandra::cassandra_package_ensure has been renamed to -cassandra::package_ensure.
    • -
  • cassandra::cassandra_package_name has been renamed to -cassandra::package_name.
    • -
- -

-Changes in 0.4.0

- -

There is now a cassandra::datastax_agent class, therefore:

- -
    -
  • cassandra::datastax_agent_package_ensure has now been replaced with -cassandra::datastax_agent::package_ensure.
    • -
  • cassandra::datastax_agent_service_enable has now been replaced with -cassandra::datastax_agent::service_enable.
    • -
  • cassandra::datastax_agent_service_ensure has now been replaced with -cassandra::datastax_agent::service_ensure.
    • -
  • cassandra::datastax_agent_package_name has now been replaced with -cassandra::datastax_agent::package_name.
    • -
  • cassandra::datastax_agent_service_name has now been replaced with -cassandra::datastax_agent::service_name.
    • -
- -

Likewise now there is a new class for handling the installation of Java:

- -
    -
  • cassandra::java_package_ensure has now been replaced with -cassandra::java::ensure.
    • -
  • cassandra::java_package_name has now been replaced with -cassandra::java::package_name.
    • -
- -

Also there is now a class for installing the optional utilities:

- -
    -
  • cassandra::cassandra_opt_package_ensure has now been replaced with -cassandra::optutils:ensure.
    • -
  • cassandra::cassandra_opt_package_name has now been replaced with -cassandra::optutils:package_name.
    • -
- -

-Changes in 0.3.0

- -
    -

  • cassandra_opt_package_ensure changed from 'present' to undef.

    • -

  • The manage_service option has been replaced with service_enable and -service_ensure.

    • -
- -

-Usage

- -

-Create a Cluster in a Single Data Center

- -

In the DataStax documentation Initializing a multiple node cluster (single -data center) -http://docs.datastax.com/en/cassandra/2.2/cassandra/initialize/initSingleDS.html -there is a basic example of a six node cluster with two seeds to be created in -a single data center spanning two racks. The nodes in the cluster are:

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Node NameIP Address
node0 (seed 1)110.82.155.0
node1110.82.155.1
node2110.82.155.2
node3 (seed 2)110.82.156.3
node4110.82.156.4
node5110.82.156.5
- -

Each node is configured to use the GossipingPropertyFileSnitch and 256 virtual -nodes (vnodes). The name of the cluster is MyCassandraCluster. Also, -while building the initial cluster, we are setting the auto_bootstrap -to false.

- -

In this initial example, we are going to expand the example by:

- -
    -
  • Ensuring that the software is installed via the DataStax Community -repository by including cassandra::datastax_repo. This needs to be -executed before the Cassandra package is installed.
    • -
  • That a suitable Java Runtime environment (JRE) is installed with Java Native -Access (JNA) by including cassandra::java. This need to be executed -before the Cassandra service is started.
    • -
- -
node /^node\d+$/ {
-  class { 'cassandra::datastax_repo':
-    before => Class['cassandra']
-  }
-
-  class { 'cassandra::java':
-    before => Class['cassandra']
-  }
-
-  class { 'cassandra':
-    cluster_name    => 'MyCassandraCluster',
-    endpoint_snitch => 'GossipingPropertyFileSnitch',
-    listen_address  => "${::ipaddress}",
-    num_tokens      => 256,
-    seeds           => '110.82.155.0,110.82.156.3',
-    auto_bootstrap  => false
-  }
-}
- -

The default value for the num_tokens is already 256, but it is -included in the example for clarity. Do not forget to either -set auto_bootstrap to true or not set the parameter at all -after initializing the cluster.

- -

-Create a Cluster in Multiple Data Centers

- -

To continue with the examples provided by DataStax, we look at the example -for a cluster across multiple data centers -http://docs.datastax.com/en/cassandra/2.2/cassandra/initialize/initMultipleDS.html.

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Node NameIP AddressData CenterRack
node0 (seed 1)10.168.66.41DC1RAC1
node110.176.43.66DC1RAC1
node210.168.247.41DC1RAC1
node3 (seed 2)10.176.170.59DC2RAC1
node410.169.61.170DC2RAC1
node510.169.30.138DC2RAC1
- -

For the sake of simplicity, we will confine this example to the nodes:

- -
node /^node[012]$/ {
-  class { 'cassandra':
-    cluster_name    => 'MyCassandraCluster',
-    endpoint_snitch => 'GossipingPropertyFileSnitch',
-    listen_address  => "${::ipaddress}",
-    num_tokens      => 256,
-    seeds           => '10.168.66.41,10.176.170.59',
-    dc              => 'DC1',
-    auto_bootstrap  => false
-  }
-}
-
-node /^node[345]$/ {
-  class { 'cassandra':
-    cluster_name    => 'MyCassandraCluster',
-    endpoint_snitch => 'GossipingPropertyFileSnitch',
-    listen_address  => "${::ipaddress}",
-    num_tokens      => 256,
-    seeds           => '10.168.66.41,10.176.170.59',
-    dc              => 'DC2',
-    auto_bootstrap  => false
-  }
-}
- -

We don't need to specify the rack name (with the rack parameter) as RAC1 is -the default value. Again, do not forget to either set auto_bootstrap to -true or not set the parameter at all after initializing the cluster.

- -

-OpsCenter

- -

To continue with the original example within a single data center, say we -have an instance of OpsCenter running on a node called opscenter which has -an IP address of 110.82.157.6. We add the cassandra::datastax_agent to -the cassandra node to connect to OpsCenter:

- -
node /^node\d+$/ {
-  class { 'cassandra::datastax_repo':
-    before => Class['cassandra']
-  } ->
-  class { 'cassandra::java':
-    before => Class['cassandra']
-  } ->
-  class { 'cassandra':
-    cluster_name    => 'MyCassandraCluster',
-    endpoint_snitch => 'GossipingPropertyFileSnitch',
-    listen_address  => "${::ipaddress}",
-    num_tokens      => 256,
-    seeds           => '110.82.155.0,110.82.156.3',
-    before          => Class['cassandra::datastax_agent']
-  } ->
-  class { 'cassandra::datastax_agent':
-    stomp_interface => '110.82.157.6'
-  }
-}
-
-node /opscenter/ {
-  include '::cassandra::datastax_repo' ->
-  include '::cassandra' ->
-  include '::cassandra::opscenter'
-}
- -

We have also added the cassandra::opscenter class for the opscenter node.

- -

-DataStax Enterprise

- -

After configuring the relevant repository, the following snippet works on -CentOS 7 to install DSE Cassandra 4.7.0:

- -
class { 'cassandra::datastax_repo':
-  descr   => 'DataStax Repo for DataStax Enterprise',
-  pkg_url => 'https://username:password@rpm.datastax.com/enterprise',
-  before  => Class['cassandra'],
-}
-
-class { 'cassandra':
-  cluster_name   => 'MyCassandraCluster',
-  config_path    => '/etc/dse/cassandra',
-  package_ensure => '4.7.0-1',
-  package_name   => 'dse-full',
-  service_name   => 'dse',
-}
- -

Also with DSE, one can specify a remote keyspace for storing the metrics for -a cluster. An example is:

- -
cassandra::opscenter::cluster_name { 'Cluster1':
-  cassandra_seed_hosts       => 'host1,host2',
-  storage_cassandra_username => 'opsusr',
-  storage_cassandra_password => 'opscenter',
-  storage_cassandra_api_port => 9160,
-  storage_cassandra_cql_port => 9042,
-  storage_cassandra_keyspace => 'OpsCenter_Cluster1'
-}
- -

-Reference

- -

-Public Classes

- - - -

-Public Defined Types

- - - -

-Private Defined Types

- -
    -
  • cassandra::opscenter::setting
    • -
  • cassandra::firewall_ports::rule
    • -
- -

-Class: cassandra

- -

A class for installing the Cassandra package and manipulate settings in the -configuration file.

- -

-Parameters

- -
-authenticator -
- -

This is passed to the -cassandra.yaml file. -Default value: 'AllowAllAuthenticator.

- -
-authorizer -
- -

This is passed to the -cassandra.yaml file. -Default value: 'AllowAllAuthorizer'

- -
-auto_bootstrap -
- -

This is passed to the -cassandra.yaml file. -If left at the default value of undef then the entry in the configuration -file is absent or commented out. If a value is set, then the parameter -and variable are placed into the configuration file. -Default value: undef

- -
-auto_snapshot -
- -

This is passed to the -cassandra.yaml file. -Default value 'true'

- -
-batchlog_replay_throttle_in_kb -
- -

This is passed to the -cassandra.yaml file. -Default value: '1024'

- -
-batch_size_warn_threshold_in_kb -
- -

This is passed to the -cassandra.yaml file. -Default value 5

- -
-broadcast_address -
- -

This is passed to the -cassandra.yaml file. -If left at the default value of undef then the entry in the configuration -file is absent or commented out. If a value is set, then the parameter -and variable are placed into the configuration file. -Default value: undef

- -
-broadcast_rpc_address -
- -

This is passed to the -cassandra.yaml file. -If left at the default value of undef then the entry in the configuration -file is absent or commented out. If a value is set, then the parameter -and variable are placed into the configuration file. -Default value: undef

- -
-cas_contention_timeout_in_ms -
- -

This is passed to the -cassandra.yaml file. -Default value: '1000'

- -
-cassandra_9822 -
- -

If set to true, this will apply a patch to the init file for the Cassandra -service as a workaround for -CASSANDRA-9822. This -option is silently ignored on the Red Hat family of operating systems as -this bug only affects Ubuntu systems. -Default value 'false'

- -
-cassandra_yaml_tmpl -
- -

The path to the Puppet template for the Cassandra configuration file. This -allows the user to supply their own customized template. A Cassandra 1.X -compatible template called cassandra1.yaml.erb has been provided by @Spredzy. -Default value 'cassandra/cassandra.yaml.erb'

- -
-client_encryption_algorithm -
- -

If left at the default value of undef then the entry in the configuration -file is absent or commented out. If a value is set, then the parameter -and variable are placed into the configuration file. -The field being set is client_encryption_options -> algorithm. -Default value: undef

- -
-client_encryption_cipher_suites -
- -

If left at the default value of undef then the entry in the configuration -file is absent or commented out. If a value is set, then the parameter -and variable are placed into the configuration file. -The field being set is client_encryption_options -> cipher_suites. -Default value: undef

- -
-client_encryption_enabled -
- -

This is passed to the -cassandra.yaml file. -The field being set is client_encryption_options -> enabled. -Default value 'false'

- -
-client_encryption_keystore -
- -

This is passed to the -cassandra.yaml file. -The field being set is client_encryption_options -> keystore. -Default value 'conf/.keystore'

- -
-client_encryption_keystore_password -
- -

This is passed to the -cassandra.yaml file. -The field being set is client_encryption_options -> keystore_password. -Default value 'cassandra'

- -
-client_encryption_protocol -
- -

If left at the default value of undef then the entry in the configuration -file is absent or commented out. If a value is set, then the parameter -and variable are placed into the configuration file. -The field being set is client_encryption_options -> protocol. -Default value: undef

- -
-client_encryption_require_client_auth -
- -

If left at the default value of undef then the entry in the configuration -file is absent or commented out. If a value is set, then the parameter -and variable are placed into the configuration file. -The field being set is client_encryption_options -> require_client_auth. -Default value: undef

- -
-client_encryption_store_type -
- -

If left at the default value of undef then the entry in the configuration -file is absent or commented out. If a value is set, then the parameter -and variable are placed into the configuration file. -The field being set is client_encryption_options -> store_type. -Default value: undef

- -
-client_encryption_truststore -
- -

If left at the default value of undef then the entry in the configuration -file is absent or commented out. If a value is set, then the parameter -and variable are placed into the configuration file. -The field being set is client_encryption_options -> truststore. -Default value: undef

- -
-client_encryption_truststore_password -
- -

If left at the default value of undef then the entry in the configuration -file is absent or commented out. If a value is set, then the parameter -and variable are placed into the configuration file. -The field being set is client_encryption_options -> truststore_password. -Default value: undef

- -
-cluster_name -
- -

This is passed to the -cassandra.yaml file. -Default value 'Test Cluster'

- -
-column_index_size_in_kb -
- -

This is passed to the -cassandra.yaml file. -Default value: '64'

- -
-commit_failure_policy -
- -

This is passed to the -cassandra.yaml file. -Default value: 'stop'

- -
-commitlog_directory -
- -

This is passed to the -cassandra.yaml file. -Default value '/var/lib/cassandra/commitlog'

- -
-commitlog_directory_mode -
- -

The mode for the directory specified in commitlog_directory. -Default value '0750'

- -
-commitlog_segment_size_in_mb -
- -

This is passed to the -cassandra.yaml file. -Default value: 32

- -
-commitlog_sync -
- -

This is passed to the -cassandra.yaml file.

- -

See also commitlog_sync_batch_window_in_ms and commitlog_sync_period_in_ms. -Default value: 'periodic'

- -
-commitlog_sync_batch_window_in_ms -
- -

This is passed to the -cassandra.yaml file. -If left at the default value of undef then the entry in the configuration -file is absent or commented out. If a value is set, then the parameter -and variable are placed into the configuration file.

- -

If commitlog_sync is set to 'batch' then this value should be set. -Otherwise it should be set to undef. -Default value: undef

- -
-commitlog_sync_period_in_ms -
- -

This is passed to the -cassandra.yaml file. -If set to a value of undef then the entry in the configuration -file is absent or commented out. If a value is set, then the parameter -and variable are placed into the configuration file.

- -

If commitlog_sync is set to 'periodic' then this value should be set. -Otherwise it should be set to undef. -Default value: 10000

- -
-commitlog_total_space_in_mb -
- -

This is passed to the -cassandra.yaml file. -If left at the default value of undef then the entry in the configuration -file is absent or commented out. If a value is set, then the parameter -and variable are placed into the configuration file. -Default value: undef

- -
-compaction_throughput_mb_per_sec -
- -

This is passed to the -cassandra.yaml file. -Default value: '16'

- -
-concurrent_counter_writes -
- -

This is passed to the -cassandra.yaml file. -Default value '32'

- -
-concurrent_reads -
- -

This is passed to the -cassandra.yaml file. -Default value '32'

- -
-concurrent_writes -
- -

This is passed to the -cassandra.yaml file. -Default value '32'

- -
-config_file_mode -
- -

The permissions mode of the cassandra configuration file. -Default value '0666'

- -
-config_path -
- -

The path to the cassandra configuration file. If this is undef, it will be -changed to /etc/cassandra/default.conf on the Red Hat family of operating -systems or /etc/cassandra on Ubuntu. Otherwise the user can specify the -path name. -Default value undef

- -
-concurrent_compactors -
- -

This is passed to the -cassandra.yaml file. -If left at the default value of undef then the entry in the configuration -file is absent or commented out. If a value is set, then the parameter -and variable are placed into the configuration file. -Default value: undef

- -
-counter_cache_save_period -
- -

This is passed to the -cassandra.yaml file. -Default value: '7200'

- -
-counter_cache_keys_to_save -
- -

This is passed to the -cassandra.yaml file. -If left at the default value of undef then the entry in the configuration -file is absent or commented out. If a value is set, then the parameter -and variable are placed into the configuration file. -Default value: undef

- -
-counter_cache_size_in_mb -
- -

This is passed to the -cassandra.yaml file. -Default value: ''

- -
-counter_write_request_timeout_in_ms -
- -

This is passed to the -cassandra.yaml file. -Default value: '5000'

- -
-cross_node_timeout -
- -

This is passed to the -cassandra.yaml file. -Default value: 'false'

- -
-data_file_directories -
- -

This is passed to the -cassandra.yaml file. -Default value '['/var/lib/cassandra/data']'

- -
-data_file_directories_mode -
- -

The mode for the directories specified in data_file_directories. -Default value '0750'

- -
-dc -
- -

Sets the value for dc in config_path/snitch_properties_file see -http://docs.datastax.com/en/cassandra/2.1/cassandra/architecture/architectureSnitchesAbout_c.html -for more details. -Default value 'DC1'

- -
-dc_suffix -
- -

Sets the value for dc_suffix in config_path/snitch_properties_file see -http://docs.datastax.com/en/cassandra/2.1/cassandra/architecture/architectureSnitchesAbout_c.html -for more details. If the value is undef then change will be made to the -snitch properties file for this setting. -Default value undef

- -
-disk_failure_policy -
- -

This is passed to the -cassandra.yaml file. -Default value 'stop'

- -
-dynamic_snitch_badness_threshold -
- -

This is passed to the -cassandra.yaml file. -Default value: '0.1'

- -
-dynamic_snitch_reset_interval_in_ms -
- -

This is passed to the -cassandra.yaml file. -Default value: '600000'

- -
-dynamic_snitch_update_interval_in_ms -
- -

This is passed to the -cassandra.yaml file. -Default value: '100'

- -
-endpoint_snitch -
- -

This is passed to the -cassandra.yaml file. -Default value 'SimpleSnitch'

- -
-fail_on_non_supported_os -
- -

A flag that dictates if the module should fail if it is not RedHat or Debian. -If you set this option to false then you must also at least set the -config_path parameter as well. -Default value 'true'

- -
-file_cache_size_in_mb -
- -

This is passed to the -cassandra.yaml file. -If left at the default value of undef then the entry in the configuration -file is absent or commented out. If a value is set, then the parameter -and variable are placed into the configuration file. -Default value: undef

- -
-hinted_handoff_enabled -
- -

This is passed to the -cassandra.yaml file. -Default value 'true'

- -
-hinted_handoff_throttle_in_kb -
- -

This is passed to the -cassandra.yaml file. -Default value: '1024'

- -
-index_summary_capacity_in_mb -
- -

This is passed to the -cassandra.yaml file. -Default value: ''

- -
-index_summary_resize_interval_in_minutes -
- -

This is passed to the -cassandra.yaml file. -Default value: '60'

- -
-incremental_backups -
- -

This is passed to the -cassandra.yaml file. -Default value 'false'

- -
-initial_token -
- -

This is passed to the -cassandra.yaml file. -If left at the default value of undef then the entry in the configuration -file is absent or commented out. If a value is set, then the parameter -and variable are placed into the configuration file. -Default value: undef

- -
-inter_dc_tcp_nodelay -
- -

This is passed to the -cassandra.yaml file. -Default value: 'false'

- -
-internode_authenticator -
- -

This is passed to the -cassandra.yaml file. -If left at the default value of undef then the entry in the configuration -file is absent or commented out. If a value is set, then the parameter -and variable are placed into the configuration file. -Default value: undef

- -
-internode_compression -
- -

This is passed to the -cassandra.yaml file. -Default value 'all'

- -
-internode_recv_buff_size_in_bytes -
- -

This is passed to the -cassandra.yaml file. -If left at the default value of undef then the entry in the configuration -file is absent or commented out. If a value is set, then the parameter -and variable are placed into the configuration file. -Default value: undef

- -
-internode_send_buff_size_in_bytes -
- -

This is passed to the -cassandra.yaml file. -If left at the default value of undef then the entry in the configuration -file is absent or commented out. If a value is set, then the parameter -and variable are placed into the configuration file. -Default value: undef

- -
-key_cache_save_period -
- -

This is passed to the -cassandra.yaml file. -Default value: 14400

- -
-key_cache_size_in_mb -
- -

This is passed to the -cassandra.yaml file. -Default value: ''

- -
-key_cache_keys_to_save -
- -

This is passed to the -cassandra.yaml file. -If left at the default value of undef then the entry in the configuration -file is absent or commented out. If a value is set, then the parameter -and variable are placed into the configuration file. -Default value: undef

- -
-listen_address -
- -

This is passed to the -cassandra.yaml file. -Default value 'localhost'

- -
-manage_dsc_repo -
- -

DEPRECATION WARNING: This option is deprecated. Please include the -the ::cassandra::datastax_repo instead.

- -

If set to true then a repository will be setup so that packages can be -downloaded from DataStax community. -Default value 'false'

- -
-max_hints_delivery_threads -
- -

This is passed to the -cassandra.yaml file. -Default value: '2'

- -
-max_hint_window_in_ms -
- -

This is passed to the -cassandra.yaml file. -Default value: '10800000'

- -
-memory_allocator -
- -

This is passed to the -cassandra.yaml file. -If left at the default value of undef then the entry in the configuration -file is absent or commented out. If a value is set, then the parameter -and variable are placed into the configuration file. -Default value: undef

- -
-memtable_cleanup_threshold -
- -

This is passed to the -cassandra.yaml file. -If left at the default value of undef then the entry in the configuration -file is absent or commented out. If a value is set, then the parameter -and variable are placed into the configuration file. -Default value: undef

- -
-memtable_flush_writers -
- -

This is passed to the -cassandra.yaml file. -If left at the default value of undef then the entry in the configuration -file is absent or commented out. If a value is set, then the parameter -and variable are placed into the configuration file. -Default value: undef

- -
-memtable_heap_space_in_mb -
- -

This is passed to the -cassandra.yaml file. -If left at the default value of undef then the entry in the configuration -file is absent or commented out. If a value is set, then the parameter -and variable are placed into the configuration file. -Default value: undef

- -
-memtable_offheap_space_in_mb -
- -

This is passed to the -cassandra.yaml file. -If left at the default value of undef then the entry in the configuration -file is absent or commented out. If a value is set, then the parameter -and variable are placed into the configuration file. -Default value: undef

- -
-native_transport_max_concurrent_connections -
- -

This is passed to the -cassandra.yaml file. -If left at the default value of undef then the entry in the configuration -file is absent or commented out. If a value is set, then the parameter -and variable are placed into the configuration file. -Default value: undef

- -
-native_transport_max_concurrent_connections_per_ip -
- -

This is passed to the -cassandra.yaml file. -If left at the default value of undef then the entry in the configuration -file is absent or commented out. If a value is set, then the parameter -and variable are placed into the configuration file. -Default value: undef

- -
-native_transport_max_frame_size_in_mb -
- -

This is passed to the -cassandra.yaml file. -If left at the default value of undef then the entry in the configuration -file is absent or commented out. If a value is set, then the parameter -and variable are placed into the configuration file. -Default value: undef

- -
-native_transport_max_threads -
- -

This is passed to the -cassandra.yaml file. -If left at the default value of undef then the entry in the configuration -file is absent or commented out. If a value is set, then the parameter -and variable are placed into the configuration file. -Default value: undef

- -
-native_transport_port -
- -

This is passed to the -cassandra.yaml file. -Default value '9042'

- -
-num_tokens -
- -

This is passed to the -cassandra.yaml file. -Default value '256'

- -
-package_ensure -
- -

The status of the package specified in package_name. Can be -present, latest or a specific version number. -Default value 'present'

- -
-package_name -
- -

The name of the Cassandra package. Must be available from a repository. -Default value 'dsc22'

- -
-partitioner -
- -

This is passed to the -cassandra.yaml file. -Default value 'org.apache.cassandra.dht.Murmur3Partitioner'

- -
-permissions_update_interval_in_ms -
- -

This is passed to the -cassandra.yaml file. -If left at the default value of undef then the entry in the configuration -file is absent or commented out. If a value is set, then the parameter -and variable are placed into the configuration file. -Default value: undef

- -
-permissions_validity_in_ms -
- -

This is passed to the -cassandra.yaml file. -Default value: '2000'

- -
-phi_convict_threshold -
- -

This is passed to the -cassandra.yaml file. -If left at the default value of undef then the entry in the configuration -file is absent or commented out. If a value is set, then the parameter -and variable are placed into the configuration file. -Default value: undef

- -
-prefer_local -
- -

Sets the value for prefer_local in config_path/snitch_properties_file see -http://docs.datastax.com/en/cassandra/2.1/cassandra/architecture/architectureSnitchesAbout_c.html -for more details. Valid values are true, false or undef. If the value is -undef then change will be made to the snitch properties file for this -setting. -Default value undef

- -
-rack -
- -

Sets the value for rack in config_path/snitch_properties_file see -http://docs.datastax.com/en/cassandra/2.1/cassandra/architecture/architectureSnitchesAbout_c.html -for more details. -Default value 'RAC1'

- -
-range_request_timeout_in_ms -
- -

This is passed to the -cassandra.yaml file. -Default value: '10000'

- -
-read_request_timeout_in_ms -
- -

This is passed to the -cassandra.yaml file. -Default value: '5000'

- -
-request_scheduler -
- -

This is passed to the -cassandra.yaml file. -Default value: 'org.apache.cassandra.scheduler.NoScheduler'

- -
-request_scheduler_options_default_weight -
- -

This is passed to the -cassandra.yaml file. -If left at the default value of undef then the entry in the configuration -file is absent or commented out. If a value is set, then the parameter -and variable are placed into the configuration file. -Default value: undef

- -
-request_scheduler_options_throttle_limit -
- -

This is passed to the -cassandra.yaml file. -If left at the default value of undef then the entry in the configuration -file is absent or commented out. If a value is set, then the parameter -and variable are placed into the configuration file. -Default value: undef

- -
-request_timeout_in_ms -
- -

This is passed to the -cassandra.yaml file. -Default value: '10000'

- -
-row_cache_keys_to_save -
- -

This is passed to the -cassandra.yaml file. -If left at the default value of undef then the entry in the configuration -file is absent or commented out. If a value is set, then the parameter -and variable are placed into the configuration file. -Default value: undef

- -
-row_cache_save_period -
- -

This is passed to the -cassandra.yaml file. -Default value: '0'

- -
-row_cache_size_in_mb -
- -

This is passed to the -cassandra.yaml file. -Default value: '0'

- -
-rpc_address -
- -

This is passed to the -cassandra.yaml file. -Default value 'localhost'

- -
-rpc_max_threads -
- -

This is passed to the -cassandra.yaml file. -If left at the default value of undef then the entry in the configuration -file is absent or commented out. If a value is set, then the parameter -and variable are placed into the configuration file. -Default value: undef

- -
-rpc_min_threads -
- -

This is passed to the -cassandra.yaml file. -If left at the default value of undef then the entry in the configuration -file is absent or commented out. If a value is set, then the parameter -and variable are placed into the configuration file. -Default value: undef

- -
-rpc_port -
- -

This is passed to the -cassandra.yaml file. -Default value '9160'

- -
-rpc_recv_buff_size_in_bytes -
- -

This is passed to the -cassandra.yaml file. -If left at the default value of undef then the entry in the configuration -file is absent or commented out. If a value is set, then the parameter -and variable are placed into the configuration file. -Default value: undef

- -
-rpc_send_buff_size_in_bytes -
- -

This is passed to the -cassandra.yaml file. -If left at the default value of undef then the entry in the configuration -file is absent or commented out. If a value is set, then the parameter -and variable are placed into the configuration file. -Default value: undef

- -
-rpc_server_type -
- -

This is passed to the -cassandra.yaml file. -Default value 'sync'

- -
-saved_caches_directory -
- -

This is passed to the -cassandra.yaml file. -Default value '/var/lib/cassandra/saved_caches'

- -
-saved_caches_directory_mode -
- -

The mode for the directory specified in saved_caches_directory. -Default value '0750'

- -
-seeds -
- -

This is passed to the -cassandra.yaml file. -The field being set is seed_provider -> parameters -> seeds. -Default value '127.0.0.1'

- -
-seed_provider_class_name -
- -

This is passed to the -cassandra.yaml file. -The field being set is seed_provider -> class_name. -Default value 'org.apache.cassandra.locator.SimpleSeedProvider'

- -
-server_encryption_algorithm -
- -

If left at the default value of undef then the entry in the configuration -file is absent or commented out. If a value is set, then the parameter -and variable are placed into the configuration file. -The field being set is server_encryption_options -> algorithm. -Default value: undef

- -
-server_encryption_cipher_suites -
- -

If left at the default value of undef then the entry in the configuration -file is absent or commented out. If a value is set, then the parameter -and variable are placed into the configuration file. -The field being set is server_encryption_options -> cipher_suites. -Default value: undef

- -
-server_encryption_internode -
- -

This is passed to the -cassandra.yaml file. -The field being set is server_encryption_options -> internode_encryption. -Default value 'none'

- -
-server_encryption_keystore -
- -

This is passed to the -cassandra.yaml file. -The field being set is server_encryption_options -> keystore. -Default value 'conf/.keystore'

- -
-server_encryption_keystore_password -
- -

This is passed to the -cassandra.yaml file. -The field being set is server_encryption_options -> keystore_password. -Default value 'cassandra'

- -
-server_encryption_protocol -
- -

If left at the default value of undef then the entry in the configuration -file is absent or commented out. If a value is set, then the parameter -and variable are placed into the configuration file. -The field being set is server_encryption_options -> protocol. -Default value: undef

- -
-server_encryption_require_client_auth -
- -

If left at the default value of undef then the entry in the configuration -file is absent or commented out. If a value is set, then the parameter -and variable are placed into the configuration file. -The field being set is server_encryption_options -> require_client_auth. -Default value: undef

- -
-server_encryption_store_type -
- -

If left at the default value of undef then the entry in the configuration -file is absent or commented out. If a value is set, then the parameter -and variable are placed into the configuration file. -The field being set is server_encryption_options -> store_type. -Default value: undef

- -
-server_encryption_truststore -
- -

This is passed to the -cassandra.yaml file. -The field being set is server_encryption_options -> truststore. -Default value 'conf/.truststore'

- -
-server_encryption_truststore_password -
- -

This is passed to the -cassandra.yaml file. -The field being set is server_encryption_options -> truststore_password. -Default value 'cassandra'

- -
-service_enable -
- -

Enable the Cassandra service to start at boot time. Valid values are true -or false. -Default value 'true'

- -
-service_ensure -
- -

Ensure the Cassandra service is running. Valid values are running or stopped. -Default value 'running'

- -
-service_name -
- -

The name of the service that runs the Cassandra software. -Default value 'cassandra'

- -
-service_refresh -
- -

If set to true, changes to the Cassandra config file or the data directories -will ensure that Cassandra service is refreshed after the changes. Setting -this flag to false will disable this behaviour, therefore allowing the changes -to be made but allow the user to control when the service is restarted. -Default value true

- -
-snapshot_before_compaction -
- -

This is passed to the -cassandra.yaml file. -Default value 'false'

- -
-snitch_properties_file -
- -

The name of the snitch properties file. The full path name would be -config_path/snitch_properties_file. -Default value 'cassandra-rackdc.properties'

- -
-ssl_storage_port -
- -

This is passed to the -cassandra.yaml file. -Default value '7001'

- -
-sstable_preemptive_open_interval_in_mb -
- -

This is passed to the -cassandra.yaml file. -Default value: '50'

- -
-start_native_transport -
- -

This is passed to the -cassandra.yaml file. -Default value 'true'

- -
-start_rpc -
- -

This is passed to the -cassandra.yaml file. -Default value 'true'

- -
-storage_port -
- -

This is passed to the -cassandra.yaml file. -Default value '7000'

- -
-streaming_socket_timeout_in_ms -
- -

This is passed to the -cassandra.yaml file. -If left at the default value of undef then the entry in the configuration -file is absent or commented out. If a value is set, then the parameter -and variable are placed into the configuration file. -Default value: undef

- -
-tombstone_failure_threshold -
- -

This is passed to the -cassandra.yaml file. -Default value: '100000'

- -
-tombstone_warn_threshold -
- -

This is passed to the -cassandra.yaml file. -Default value: '1000'

- -
-trickle_fsync -
- -

This is passed to the -cassandra.yaml file. -Default value: 'false'

- -
-trickle_fsync_interval_in_kb -
- -

This is passed to the -cassandra.yaml file. -Default value: '10240'

- -
-truncate_request_timeout_in_ms -
- -

This is passed to the -cassandra.yaml file. -Default value: '60000'

- -
-write_request_timeout_in_ms -
- -

This is passed to the -cassandra.yaml file. -Default value: '2000'

- -

-Class: cassandra::datastax_agent

- -

A class for installing the DataStax Agent and to point it at an OpsCenter -instance.

- -

-Parameters

- -
-defaults_file -
- -

The full path name to the file where java_home is set. -Default value '/etc/default/datastax-agent'

- -
-java_home -
- -

If the value of this variable is left as undef, no action is taken. -Otherwise the value is set as JAVA_HOME in defaults_file. -Default value undef

- -
-package_ensure -
- -

Is passed to the package reference. Valid values are present or a version -number. -Default value 'present'

- -
-package_name -
- -

Is passed to the package reference. -Default value 'datastax-agent'

- -
-service_ensure -
- -

Is passed to the service reference. -Default value 'running'

- -
-service_enable -
- -

Is passed to the service reference. -Default value 'true'

- -
-service_name -
- -

Is passed to the service reference. -Default value 'datastax-agent'

- -
-stomp_interface -
- -

If the value is changed from the default of undef then this is what is -set as the stomp_interface setting in -/var/lib/datastax-agent/conf/address.yaml -which connects the agent to an OpsCenter instance. -Default value undef

- -

-Class: cassandra::datastax_repo

- -

An optional class that will allow a suitable repository to be configured -from which packages for DataStax Community can be downloaded. Changing -the defaults will allow any Debian Apt or Red Hat Yum repository to be -configured.

- -

-Parameters

- -
-descr -
- -

On the Red Hat family, this is passed as the descr parameter to a -yumrepo resource. On the Debian family, it is passed as the comment -parameter to an apt::source resource. -Default value 'DataStax Repo for Apache Cassandra'

- -
-key_id -
- -

On the Debian family, this is passed as the id parameter to an apt::key -resource. On the Red Hat family, it is ignored. -Default value '7E41C00F85BFC1706C4FFFB3350200F2B999A372'

- -
-key_url -
- -

On the Debian family, this is passed as the source parameter to an -apt::key resource. On the Red Hat family, it is ignored. -Default value 'http://debian.datastax.com/debian/repo_key'

- -
-pkg_url -
- -

If left as the default, this will set the baseurl to -'http://rpm.datastax.com/community' on a yumrepo resource -on the Red Hat family. On the Debian family, leaving this as the default -will set the location parameter on an apt::source to -'http://debian.datastax.com/community'. Default value undef

- -
-release -
- -

On the Debian family, this is passed as the release parameter to an -apt::source resource. On the Red Hat family, it is ignored. -Default value 'stable'

- -

-Class: cassandra::firewall_ports

- -

An optional class to configure incoming network ports on the host that are -relevant to the Cassandra installation. If firewalls are being managed -already, simply do not include this module in your manifest.

- -

IMPORTANT: The full list of which ports should be configured is assessed at -evaluation time of the configuration. Therefore if one is to use this class, -it must be the final cassandra class included in the manifest.

- -

-Parameters

- -
-client_ports -
- -

Only has any effect if the cassandra class is defined on the node.

- -

Allow these TCP ports to be opened for traffic -coming from the client subnets. -Default value '[9042, 9160]'

- -
-client_subnets -
- -

Only has any effect if the cassandra class is defined on the node.

- -

An array of the list of subnets that are to allowed connection to -cassandra::native_transport_port and cassandra::rpc_port. -Default value '['0.0.0.0/0']'

- -
-inter_node_ports -
- -

Only has any effect if the cassandra class is defined on the node.

- -

Allow these TCP ports to be opened for traffic -between the Cassandra nodes. -Default value '[7000, 7001, 7199]'

- -
-inter_node_subnets -
- -

Only has any effect if the cassandra class is defined on the node.

- -

An array of the list of subnets that are to allowed connection to -cassandra::storage_port, cassandra::ssl_storage_port and port 7199 -for cassandra JMX monitoring. -Default value '['0.0.0.0/0']'

- -
-inter_node_ports -
- -

Allow these TCP ports to be opened for traffic -coming from OpsCenter subnets. -Default value '[7000, 7001, 7199]'

- -
-public_ports -
- -

Allow these TCP ports to be opened for traffic -coming from public subnets the port specified in $ssh_port will be -appended to this list. -Default value '[8888]'

- -
-public_subnets -
- -

An array of the list of subnets that are to allowed connection to -cassandra::firewall_ports::ssh_port and if cassandra::opscenter has been -included, both cassandra::opscenter::webserver_port and -cassandra::opscenter::webserver_ssl_port. -Default value '['0.0.0.0/0']'

- -
-ssh_port -
- -

Which port does SSH operate on. -Default value '22'

- -
-opscenter_ports -
- -

Only has any effect if the cassandra::datastax_agent or -cassandra::opscenter classes are defined.

- -

Allow these TCP ports to be opened for traffic -coming to or from OpsCenter -appended to this list. -Default value '[61620, 61621]'

- -
-opscenter_subnets -
- -

A list of subnets that are to be allowed connection to -port 61620 for nodes built with cassandra::opscenter and 61621 for nodes -built with cassandra::datastax_agent. -Default value '['0.0.0.0/0']'

- -

-Class: cassandra::java

- -

A class to install an appropriate Java package.

- -

-Parameters

- -
-ensure -
- -

Is passed to the package reference for the JRE/JDK package. Valid values are -present or a version number. -Default value 'present'

- -
-jna_ensure -
- -

Is passed to the package reference for the JNA package. Valid values are -present or a version number. -Default value 'present'

- -
-jna_package_name -
- -

If the default value of undef is left as it is, then a package called -jna or libjna-java will be installed on a Red Hat family or Ubuntu system -respectively. Alternatively, one can specify a package that is available in -a package repository to the node. -Default value undef

- -
-package_name -
- -

If the default value of undef is left as it is, then a package called -java-1.8.0-openjdk-headless or openjdk-7-jre-headless will be installed -on a Red Hat family or Ubuntu system respectively. Alternatively, one -can specify a package that is available in a package repository to the -node. -Default value undef

- -

-Class: cassandra::opscenter

- -

This class installs and manages the DataStax OpsCenter. Leaving the defaults -as they are will provide a running OpsCenter without any authentication on -port 8888.

- -

-Parameters

- -
-agents_agent_certfile -
- -

This sets the agent_certfile setting in the agents section of the -OpsCenter configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html -for more details. A value of undef will ensure the setting is not present -in the file. Default value undef

- -
-agents_agent_keyfile -
- -

This sets the agent_keyfile setting in the agents section of the -OpsCenter configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html -for more details. A value of undef will ensure the setting is not present -in the file. Default value undef

- -
-agents_agent_keyfile_raw -
- -

This sets the agent_keyfile_raw setting in the agents section of the -OpsCenter configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html -for more details. A value of undef will ensure the setting is not present -in the file. Default value undef

- -
-agents_config_sleep -
- -

This sets the config_sleep setting in the agents section of the -OpsCenter configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html -for more details. A value of undef will ensure the setting is not present -in the file. Default value undef

- -
-agents_fingerprint_throttle -
- -

This sets the fingerprint_throttle setting in the agents section of the -OpsCenter configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html -for more details. A value of undef will ensure the setting is not present -in the file. Default value undef

- -
-agents_incoming_interface -
- -

This sets the incoming_interface setting in the agents section of the -OpsCenter configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html -for more details. A value of undef will ensure the setting is not present -in the file. Default value undef

- -
-agents_incoming_port -
- -

This sets the incoming_port setting in the agents section of the -OpsCenter configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html -for more details. A value of undef will ensure the setting is not present -in the file. Default value undef

- -
-agents_install_throttle -
- -

This sets the install_throttle setting in the agents section of the -OpsCenter configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html -for more details. A value of undef will ensure the setting is not present -in the file. Default value undef

- -
-agents_not_seen_threshold -
- -

This sets the not_seen_threshold setting in the agents section of the -OpsCenter configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html -for more details. A value of undef will ensure the setting is not present -in the file. Default value undef

- -
-agents_path_to_deb -
- -

This sets the path_to_deb setting in the agents section of the -OpsCenter configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html -for more details. A value of undef will ensure the setting is not present -in the file. Default value undef

- -
-agents_path_to_find_java -
- -

This sets the path_to_find_java setting in the agents section of the -OpsCenter configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html -for more details. A value of undef will ensure the setting is not present -in the file. Default value undef

- -
-agents_path_to_installscript -
- -

This sets the path_to_installscript setting in the agents section of the -OpsCenter configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html -for more details. A value of undef will ensure the setting is not present -in the file. Default value undef

- -
-agents_path_to_rpm -
- -

This sets the path_to_rpm setting in the agents section of the -OpsCenter configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html -for more details. A value of undef will ensure the setting is not present -in the file. Default value undef

- -
-agents_path_to_sudowrap -
- -

This sets the path_to_sudowrap setting in the agents section of the -OpsCenter configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html -for more details. A value of undef will ensure the setting is not present -in the file. Default value undef

- -
-agents_reported_interface -
- -

This sets the reported_interface setting in the agents section of the -OpsCenter configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html -for more details. A value of undef will ensure the setting is not present -in the file. Default value undef

- -
-agents_runs_sudo -
- -

This sets the runs_sudo setting in the agents section of the -OpsCenter configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html -for more details. A value of undef will ensure the setting is not present -in the file. Default value undef

- -
-agents_scp_executable -
- -

This sets the scp_executable setting in the agents section of the -OpsCenter configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html -for more details. A value of undef will ensure the setting is not present -in the file. Default value undef

- -
-agents_ssh_executable -
- -

This sets the ssh_executable setting in the agents section of the -OpsCenter configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html -for more details. A value of undef will ensure the setting is not present -in the file. Default value undef

- -
-agents_ssh_keygen_executable -
- -

This sets the ssh_keygen_executable setting in the agents section of the -OpsCenter configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html -for more details. A value of undef will ensure the setting is not present -in the file. Default value undef

- -
-agents_ssh_keyscan_executable -
- -

This sets the ssh_keyscan_executable setting in the agents section of the -OpsCenter configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html -for more details. A value of undef will ensure the setting is not present -in the file. Default value undef

- -
-agents_ssh_port -
- -

This sets the ssh_port setting in the agents section of the -OpsCenter configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html -for more details. A value of undef will ensure the setting is not present -in the file. Default value undef

- -
-agents_ssh_sys_known_hosts_file -
- -

This sets the ssh_sys_known_hosts_file setting in the agents section of the -OpsCenter configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html -for more details. A value of undef will ensure the setting is not present -in the file. Default value undef

- -
-agents_ssh_user_known_hosts_file -
- -

This sets the ssh_user_known_hosts_file setting in the agents section of the -OpsCenter configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html -for more details. A value of undef will ensure the setting is not present -in the file. Default value undef

- -
-agents_ssl_certfile -
- -

This sets the ssl_certfile setting in the agents section of the -OpsCenter configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html -for more details. A value of undef will ensure the setting is not present -in the file. Default value undef

- -
-agents_ssl_keyfile -
- -

This sets the ssl_keyfile setting in the agents section of the -OpsCenter configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html -for more details. A value of undef will ensure the setting is not present -in the file. Default value undef

- -
-agents_tmp_dir -
- -

This sets the tmp_dir setting in the agents section of the -OpsCenter configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html -for more details. A value of undef will ensure the setting is not present -in the file. Default value undef

- -
-agents_use_ssl -
- -

This sets the use_ssl setting in the agents section of the -OpsCenter configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html -for more details. A value of undef will ensure the setting is not present -in the file. Default value undef

- -
-authentication_audit_auth -
- -

This sets the audit_auth setting in the authentication section of the -OpsCenter configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html -for more details. A value of undef will ensure the setting is not present -in the file. Default value undef

- -
-authentication_audit_pattern -
- -

This sets the audit_pattern setting in the authentication section of the -OpsCenter configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html -for more details. A value of undef will ensure the setting is not present -in the file. Default value undef

- -
-authentication_method -
- -

This sets the authentication_method setting in the authentication section of the -OpsCenter configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html -for more details. A value of undef will ensure the setting is not present -in the file. Default value undef

- -
-authentication_enabled -
- -

This sets the enabled setting in the authentication section of the -OpsCenter configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html -for more details. A value of undef will ensure the setting is not present -in the file. Default value 'False'

- -
-authentication_passwd_db -
- -

This sets the passwd_db setting in the authentication section of the -OpsCenter configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html -for more details. A value of undef will ensure the setting is not present -in the file. Default value undef

- -
-authentication_timeout -
- -

This sets the timeout setting in the authentication section of the -OpsCenter configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html -for more details. A value of undef will ensure the setting is not present -in the file. Default value undef

- -
-cloud_accepted_certs -
- -

This sets the accepted_certs setting in the cloud section of the -OpsCenter configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html -for more details. A value of undef will ensure the setting is not present -in the file. Default value undef

- -
-clusters_add_cluster_timeout -
- -

This sets the add_cluster_timeout setting in the clusters section of the -OpsCenter configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html -for more details. A value of undef will ensure the setting is not present -in the file. Default value undef

- -
-clusters_startup_sleep -
- -

This sets the startup_sleep setting in the clusters section of the -OpsCenter configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html -for more details. A value of undef will ensure the setting is not present -in the file. Default value undef

- -
-config_file -
- -

The full path to the OpsCenter configuration file. -Default value '/etc/opscenter/opscenterd.conf'

- -
-definitions_auto_update -
- -

This sets the auto_update setting in the definitions section of the -OpsCenter configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html -for more details. A value of undef will ensure the setting is not present -in the file. Default value undef

- -
-definitions_definitions_dir -
- -

This sets the definitions_dir setting in the definitions section of the -OpsCenter configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html -for more details. A value of undef will ensure the setting is not present -in the file. Default value undef

- -
-definitions_download_filename -
- -

This sets the download_filename setting in the definitions section of the -OpsCenter configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html -for more details. A value of undef will ensure the setting is not present -in the file. Default value undef

- -
-definitions_download_host -
- -

This sets the download_host setting in the definitions section of the -OpsCenter configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html -for more details. A value of undef will ensure the setting is not present -in the file. Default value undef

- -
-definitions_download_port -
- -

This sets the download_port setting in the definitions section of the -OpsCenter configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html -for more details. A value of undef will ensure the setting is not present -in the file. Default value undef

- -
-definitions_hash_filename -
- -

This sets the hash_filename setting in the definitions section of the -OpsCenter configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html -for more details. A value of undef will ensure the setting is not present -in the file. Default value undef

- -
-definitions_sleep -
- -

This sets the sleep setting in the definitions section of the -OpsCenter configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html -for more details. A value of undef will ensure the setting is not present -in the file. Default value undef

- -
-definitions_ssl_certfile -
- -

This sets the ssl_certfile setting in the definitions section of the -OpsCenter configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html -for more details. A value of undef will ensure the setting is not present -in the file. Default value undef

- -
-definitions_use_ssl -
- -

This sets the use_ssl setting in the definitions section of the -OpsCenter configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html -for more details. A value of undef will ensure the setting is not present -in the file. Default value undef

- -
-ensure -
- -

This is passed to the package reference for opscenter. Valid values are -present or a version number. -Default value 'present'

- -
-failover_configuration_directory -
- -

This sets the failover_configuration_directory setting in the failover section of the -OpsCenter configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html -for more details. A value of undef will ensure the setting is not present -in the file. Default value undef

- -
-failover_heartbeat_fail_window -
- -

This sets the heartbeat_fail_window setting in the failover section of the -OpsCenter configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html -for more details. A value of undef will ensure the setting is not present -in the file. Default value undef

- -
-failover_heartbeat_period -
- -

This sets the heartbeat_period setting in the failover section of the -OpsCenter configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html -for more details. A value of undef will ensure the setting is not present -in the file. Default value undef

- -
-failover_heartbeat_reply_period -
- -

This sets the heartbeat_reply_period setting in the failover section of the -OpsCenter configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html -for more details. A value of undef will ensure the setting is not present -in the file. Default value undef

- -
-hadoop_base_job_tracker_proxy_port -
- -

This sets the base_job_tracker_proxy_port setting in the hadoop section of the -OpsCenter configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html -for more details. A value of undef will ensure the setting is not present -in the file. Default value undef

- -
-ldap_admin_group_name -
- -

This sets the admin_group_name setting in the ldap section of the -OpsCenter configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html -for more details. A value of undef will ensure the setting is not present -in the file. Default value undef

- -
-ldap_connection_timeout -
- -

This sets the connection_timeout setting in the ldap section of the -OpsCenter configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html -for more details. A value of undef will ensure the setting is not present -in the file. Default value undef

- -
-ldap_debug_ssl -
- -

This sets the debug_ssl setting in the ldap section of the -OpsCenter configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html -for more details. A value of undef will ensure the setting is not present -in the file. Default value undef

- -
-ldap_group_name_attribute -
- -

This sets the group_name_attribute setting in the ldap section of the -OpsCenter configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html -for more details. A value of undef will ensure the setting is not present -in the file. Default value undef

- -
-ldap_group_search_base -
- -

This sets the group_search_base setting in the ldap section of the -OpsCenter configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html -for more details. A value of undef will ensure the setting is not present -in the file. Default value undef

- -
-ldap_group_search_filter -
- -

This sets the group_search_filter setting in the ldap section of the -OpsCenter configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html -for more details. A value of undef will ensure the setting is not present -in the file. Default value undef

- -
-ldap_group_search_type -
- -

This sets the group_search_type setting in the ldap section of the -OpsCenter configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html -for more details. A value of undef will ensure the setting is not present -in the file. Default value undef

- -
-ldap_ldap_security -
- -

This sets the ldap_security setting in the ldap section of the -OpsCenter configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html -for more details. A value of undef will ensure the setting is not present -in the file. Default value undef

- -
-ldap_opt_referrals -
- -

This sets the opt_referrals setting in the ldap section of the -OpsCenter configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html -for more details. A value of undef will ensure the setting is not present -in the file. Default value undef

- -
-ldap_protocol_version -
- -

This sets the protocol_version setting in the ldap section of the -OpsCenter configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html -for more details. A value of undef will ensure the setting is not present -in the file. Default value undef

- -
-ldap_search_dn -
- -

This sets the search_dn setting in the ldap section of the -OpsCenter configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html -for more details. A value of undef will ensure the setting is not present -in the file. Default value undef

- -
-ldap_search_password -
- -

This sets the search_password setting in the ldap section of the -OpsCenter configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html -for more details. A value of undef will ensure the setting is not present -in the file. Default value undef

- -
-ldap_server_host -
- -

This sets the server_host setting in the ldap section of the -OpsCenter configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html -for more details. A value of undef will ensure the setting is not present -in the file. Default value undef

- -
-ldap_server_port -
- -

This sets the server_port setting in the ldap section of the -OpsCenter configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html -for more details. A value of undef will ensure the setting is not present -in the file. Default value undef

- -
-ldap_ssl_cacert -
- -

This sets the ssl_cacert setting in the ldap section of the -OpsCenter configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html -for more details. A value of undef will ensure the setting is not present -in the file. Default value undef

- -
-ldap_ssl_cert -
- -

This sets the ssl_cert setting in the ldap section of the -OpsCenter configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html -for more details. A value of undef will ensure the setting is not present -in the file. Default value undef

- -
-ldap_ssl_key -
- -

This sets the ssl_key setting in the ldap section of the -OpsCenter configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html -for more details. A value of undef will ensure the setting is not present -in the file. Default value undef

- -
-ldap_tls_demand -
- -

This sets the tls_demand setting in the ldap section of the -OpsCenter configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html -for more details. A value of undef will ensure the setting is not present -in the file. Default value undef

- -
-ldap_tls_reqcert -
- -

This sets the tls_reqcert setting in the ldap section of the -OpsCenter configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html -for more details. A value of undef will ensure the setting is not present -in the file. Default value undef

- -
-ldap_uri_scheme -
- -

This sets the uri_scheme setting in the ldap section of the -OpsCenter configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html -for more details. A value of undef will ensure the setting is not present -in the file. Default value undef

- -
-ldap_user_memberof_attribute -
- -

This sets the user_memberof_attribute setting in the ldap section of the -OpsCenter configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html -for more details. A value of undef will ensure the setting is not present -in the file. Default value undef

- -
-ldap_user_search_base -
- -

This sets the user_search_base setting in the ldap section of the -OpsCenter configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html -for more details. A value of undef will ensure the setting is not present -in the file. Default value undef

- -
-ldap_user_search_filter -
- -

This sets the user_search_filter setting in the ldap section of the -OpsCenter configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html -for more details. A value of undef will ensure the setting is not present -in the file. Default value undef

- -
-logging_level -
- -

This sets the level setting in the logging section of the -OpsCenter configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html -for more details. A value of undef will ensure the setting is not present -in the file. Default value undef

- -
-logging_log_length -
- -

This sets the log_length setting in the logging section of the -OpsCenter configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html -for more details. A value of undef will ensure the setting is not present -in the file. Default value undef

- -
-logging_log_path -
- -

This sets the log_path setting in the logging section of the -OpsCenter configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html -for more details. A value of undef will ensure the setting is not present -in the file. Default value undef

- -
-logging_max_rotate -
- -

This sets the max_rotate setting in the logging section of the -OpsCenter configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html -for more details. A value of undef will ensure the setting is not present -in the file. Default value undef

- -
-logging_resource_usage_interval -
- -

This sets the resource_usage_interval setting in the logging section of the -OpsCenter configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html -for more details. A value of undef will ensure the setting is not present -in the file. Default value undef

- -
-package_name -
- -

The name of the OpsCenter package. -Default value 'opscenter'

- -
-provisioning_agent_install_timeout -
- -

This sets the agent_install_timeout setting in the provisioning section of the -OpsCenter configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html -for more details. A value of undef will ensure the setting is not present -in the file. Default value undef

- -
-provisioning_keyspace_timeout -
- -

This sets the keyspace_timeout setting in the provisioning section of the -OpsCenter configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html -for more details. A value of undef will ensure the setting is not present -in the file. Default value undef

- -
-provisioning_private_key_dir -
- -

This sets the private_key_dir setting in the provisioning section of the -OpsCenter configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html -for more details. A value of undef will ensure the setting is not present -in the file. Default value undef

- -
-repair_service_alert_on_repair_failure -
- -

This sets the alert_on_repair_failure setting in the repair_service section of the -OpsCenter configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html -for more details. A value of undef will ensure the setting is not present -in the file. Default value undef

- -
-repair_service_cluster_stabilization_period -
- -

This sets the cluster_stabilization_period setting in the repair_service section of the -OpsCenter configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html -for more details. A value of undef will ensure the setting is not present -in the file. Default value undef

- -
-repair_service_error_logging_window -
- -

This sets the error_logging_window setting in the repair_service section of the -OpsCenter configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html -for more details. A value of undef will ensure the setting is not present -in the file. Default value undef

- -
-repair_service_incremental_err_alert_threshold -
- -

This sets the incremental_err_alert_threshold setting in the repair_service section of the -OpsCenter configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html -for more details. A value of undef will ensure the setting is not present -in the file. Default value undef

- -
-repair_service_incremental_range_repair -
- -

This sets the incremental_range_repair setting in the repair_service section of the -OpsCenter configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html -for more details. A value of undef will ensure the setting is not present -in the file. Default value undef

- -
-repair_service_incremental_repair_tables -
- -

This sets the incremental_repair_tables setting in the repair_service section of the -OpsCenter configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html -for more details. A value of undef will ensure the setting is not present -in the file. Default value undef

- -
-repair_service_ks_update_period -
- -

This sets the ks_update_period setting in the repair_service section of the -OpsCenter configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html -for more details. A value of undef will ensure the setting is not present -in the file. Default value undef

- -
-repair_service_log_directory -
- -

This sets the log_directory setting in the repair_service section of the -OpsCenter configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html -for more details. A value of undef will ensure the setting is not present -in the file. Default value undef

- -
-repair_service_log_length -
- -

This sets the log_length setting in the repair_service section of the -OpsCenter configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html -for more details. A value of undef will ensure the setting is not present -in the file. Default value undef

- -
-repair_service_max_err_threshold -
- -

This sets the max_err_threshold setting in the repair_service section of the -OpsCenter configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html -for more details. A value of undef will ensure the setting is not present -in the file. Default value undef

- -
-repair_service_max_parallel_repairs -
- -

This sets the max_parallel_repairs setting in the repair_service section of the -OpsCenter configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html -for more details. A value of undef will ensure the setting is not present -in the file. Default value undef

- -
-repair_service_max_pending_repairs -
- -

This sets the max_pending_repairs setting in the repair_service section of the -OpsCenter configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html -for more details. A value of undef will ensure the setting is not present -in the file. Default value undef

- -
-repair_service_max_rotate -
- -

This sets the max_rotate setting in the repair_service section of the -OpsCenter configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html -for more details. A value of undef will ensure the setting is not present -in the file. Default value undef

- -
-repair_service_min_repair_time -
- -

This sets the min_repair_time setting in the repair_service section of the -OpsCenter configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html -for more details. A value of undef will ensure the setting is not present -in the file. Default value undef

- -
-repair_service_min_throughput -
- -

This sets the min_throughput setting in the repair_service section of the -OpsCenter configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html -for more details. A value of undef will ensure the setting is not present -in the file. Default value undef

- -
-repair_service_num_recent_throughputs -
- -

This sets the num_recent_throughputs setting in the repair_service section of the -OpsCenter configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html -for more details. A value of undef will ensure the setting is not present -in the file. Default value undef

- -
-repair_service_persist_directory -
- -

This sets the persist_directory setting in the repair_service section of the -OpsCenter configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html -for more details. A value of undef will ensure the setting is not present -in the file. Default value undef

- -
-repair_service_persist_period -
- -

This sets the persist_period setting in the repair_service section of the -OpsCenter configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html -for more details. A value of undef will ensure the setting is not present -in the file. Default value undef

- -
-repair_service_restart_period -
- -

This sets the restart_period setting in the repair_service section of the -OpsCenter configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html -for more details. A value of undef will ensure the setting is not present -in the file. Default value undef

- -
-repair_service_single_repair_timeout -
- -

This sets the single_repair_timeout setting in the repair_service section of the -OpsCenter configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html -for more details. A value of undef will ensure the setting is not present -in the file. Default value undef

- -
-repair_service_single_task_err_threshold -
- -

This sets the single_task_err_threshold setting in the repair_service section of the -OpsCenter configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html -for more details. A value of undef will ensure the setting is not present -in the file. Default value undef

- -
-repair_service_snapshot_override -
- -

This sets the snapshot_override setting in the repair_service section of the -OpsCenter configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html -for more details. A value of undef will ensure the setting is not present -in the file. Default value undef

- -
-request_tracker_queue_size -
- -

This sets the queue_size setting in the request_tracker section of the -OpsCenter configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html -for more details. A value of undef will ensure the setting is not present -in the file. Default value undef

- -
-security_config_encryption_active -
- -

This sets the config_encryption_active setting in the security section of the -OpsCenter configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html -for more details. A value of undef will ensure the setting is not present -in the file. Default value undef

- -
-security_config_encryption_key_name -
- -

This sets the config_encryption_key_name setting in the security section of the -OpsCenter configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html -for more details. A value of undef will ensure the setting is not present -in the file. Default value undef

- -
-security_config_encryption_key_path -
- -

This sets the config_encryption_key_path setting in the security section of the -OpsCenter configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html -for more details. A value of undef will ensure the setting is not present -in the file. Default value undef

- -
-service_enable -
- -

Enable the OpsCenter service to start at boot time. Valid values are true -or false. -Default value 'true'

- -
-service_ensure -
- -

Ensure the OpsCenter service is running. Valid values are running or stopped. -Default value 'running'

- -
-service_name -
- -

The name of the service that runs the OpsCenter software. -Default value 'opscenterd'

- -
-spark_base_master_proxy_port -
- -

This sets the base_master_proxy_port setting in the spark section of the -OpsCenter configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html -for more details. A value of undef will ensure the setting is not present -in the file. Default value undef

- -
-stat_reporter_initial_sleep -
- -

This sets the initial_sleep setting in the stat_reporter section of the -OpsCenter configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html -for more details. A value of undef will ensure the setting is not present -in the file. Default value undef

- -
-stat_reporter_interval -
- -

This sets the interval setting in the stat_reporter section of the -OpsCenter configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html -for more details. A value of undef will ensure the setting is not present -in the file. Default value undef

- -
-stat_reporter_report_file -
- -

This sets the report_file setting in the stat_reporter section of the -OpsCenter configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html -for more details. A value of undef will ensure the setting is not present -in the file. Default value undef

- -
-stat_reporter_ssl_key -
- -

This sets the ssl_key setting in the stat_reporter section of the -OpsCenter configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html -for more details. A value of undef will ensure the setting is not present -in the file. Default value undef

- -
-ui_default_api_timeout -
- -

This sets the default_api_timeout setting in the ui section of the -OpsCenter configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html -for more details. A value of undef will ensure the setting is not present -in the file. Default value undef

- -
-ui_max_metrics_requests -
- -

This sets the max_metrics_requests setting in the ui section of the -OpsCenter configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html -for more details. A value of undef will ensure the setting is not present -in the file. Default value undef

- -
-ui_node_detail_refresh_delay -
- -

This sets the node_detail_refresh_delay setting in the ui section of the -OpsCenter configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html -for more details. A value of undef will ensure the setting is not present -in the file. Default value undef

- -
-ui_storagemap_ttl -
- -

This sets the storagemap_ttl setting in the ui section of the -OpsCenter configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html -for more details. A value of undef will ensure the setting is not present -in the file. Default value undef

- -
-webserver_interface -
- -

This sets the interface setting in the webserver section of the -OpsCenter configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html -for more details. A value of undef will ensure the setting is not present -in the file. Default value '0.0.0.0'

- -
-webserver_log_path -
- -

This sets the log_path setting in the webserver section of the -OpsCenter configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html -for more details. A value of undef will ensure the setting is not present -in the file. Default value undef

- -
-webserver_port -
- -

This sets the port setting in the webserver section of the -OpsCenter configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html -for more details. A value of undef will ensure the setting is not present -in the file. Default value '8888'

- -
-webserver_ssl_certfile -
- -

This sets the ssl_certfile setting in the webserver section of the -OpsCenter configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html -for more details. A value of undef will ensure the setting is not present -in the file. Default value undef

- -
-webserver_ssl_keyfile -
- -

This sets the ssl_keyfile setting in the webserver section of the -OpsCenter configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html -for more details. A value of undef will ensure the setting is not present -in the file. Default value undef

- -
-webserver_ssl_port -
- -

This sets the ssl_port setting in the webserver section of the -OpsCenter configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html -for more details. A value of undef will ensure the setting is not present -in the file. Default value undef

- -
-webserver_staticdir -
- -

This sets the staticdir setting in the webserver section of the -OpsCenter configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html -for more details. A value of undef will ensure the setting is not present -in the file. Default value undef

- -
-webserver_sub_process_timeout -
- -

This sets the sub_process_timeout setting in the webserver section of the -OpsCenter configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html -for more details. A value of undef will ensure the setting is not present -in the file. Default value undef

- -
-webserver_tarball_process_timeout -
- -

This sets the tarball_process_timeout setting in the webserver section of the -OpsCenter configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html -for more details. A value of undef will ensure the setting is not present -in the file. Default value undef

- -

-Class: cassandra::opscenter::pycrypto

- -

On the Red Hat family of operating systems, if one intends to use encryption -for configuration values then the pycrypto library is required. This class -will install it for the user. See -http://docs.datastax.com/en/opscenter/5.2//opsc/configure/installPycrypto.html -for more details.

- -

This class has no effect when included on nodes that are not in the Red Hat -family.

- -

-Parameters

- -
-ensure -
- -

This is passed to the package reference for pycrypto. Valid values are -present or a version number. -Default value 'present'

- -
-manage_epel -
- -

If set to true, the epel-release package will be installed. -Default value 'false'

- -
-package_name -
- -

The name of the PyCrypto package. -Default value 'pycrypto'

- -
-provider -
- -

The name of the provider of the pycrypto package. -Default value 'pip'

- -
-reqd_pckgs -
- -

Packages that are required to install the pycrypto package. -Default value '['python-devel', 'python-pip' ]'

- -

-Class: cassandra::optutils

- -

A class to install the optional Cassandra tools package.

- -

-Parameters

- -
-ensure -
- -

Is passed to the package reference. Valid values are present or a version -number. -Default value 'present'

- -
-package_name -
- -

If the default value of undef is left as it is, then a package called -cassandra22-tools or cassandra-tools will be installed -on a Red Hat family or Ubuntu system respectively. Alternatively, one -can specify a package that is available in a package repository to the -node. -Default value undef

- -

-Defined Type cassandra::opscenter::cluster_name

- -

With DataStax Enterprise, one can specify a remote keyspace for OpsCenter -to store metric data (this is not available in the DataStax Community Edition).

- -

-Parameters

- -
-cassandra_seed_hosts -
- -

This sets the seed_hosts setting in the cassandra section of the -cluster_name.conf configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscStoringCollectionDataDifferentCluster_t.html -for more details. A value of undef will ensure the setting is not -present in the file. Default value undef

- -
-storage_cassandra_api_port -
- -

This sets the api_port setting in the storage_cassandra section of the -cluster_name.conf configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscStoringCollectionDataDifferentCluster_t.html -for more details. A value of undef will ensure the setting is not -present in the file. Default value undef

- -
-storage_cassandra_bind_interface -
- -

This sets the bind_interface setting in the storage_cassandra section of the -cluster_name.conf configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscStoringCollectionDataDifferentCluster_t.html -for more details. A value of undef will ensure the setting is not -present in the file. Default value undef

- -
-storage_cassandra_connection_pool_size -
- -

This sets the connection_pool_size setting in the storage_cassandra section of the -cluster_name.conf configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscStoringCollectionDataDifferentCluster_t.html -for more details. A value of undef will ensure the setting is not -present in the file. Default value undef

- -
-storage_cassandra_connect_timeout -
- -

This sets the connect_timeout setting in the storage_cassandra section of the -cluster_name.conf configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscStoringCollectionDataDifferentCluster_t.html -for more details. A value of undef will ensure the setting is not -present in the file. Default value undef

- -
-storage_cassandra_cql_port -
- -

This sets the cql_port setting in the storage_cassandra section of the -cluster_name.conf configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscStoringCollectionDataDifferentCluster_t.html -for more details. A value of undef will ensure the setting is not -present in the file. Default value undef

- -
-storage_cassandra_keyspace -
- -

This sets the keyspace setting in the storage_cassandra section of the -cluster_name.conf configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscStoringCollectionDataDifferentCluster_t.html -for more details. A value of undef will ensure the setting is not -present in the file. Default value undef

- -
-storage_cassandra_local_dc_pref -
- -

This sets the local_dc_pref setting in the storage_cassandra section of the -cluster_name.conf configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscStoringCollectionDataDifferentCluster_t.html -for more details. A value of undef will ensure the setting is not -present in the file. Default value undef

- -
-storage_cassandra_password -
- -

This sets the password setting in the storage_cassandra section of the -cluster_name.conf configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscStoringCollectionDataDifferentCluster_t.html -for more details. A value of undef will ensure the setting is not -present in the file. Default value undef

- -
-storage_cassandra_retry_delay -
- -

This sets the retry_delay setting in the storage_cassandra section of the -cluster_name.conf configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscStoringCollectionDataDifferentCluster_t.html -for more details. A value of undef will ensure the setting is not -present in the file. Default value undef

- -
-storage_cassandra_seed_hosts -
- -

This sets the seed_hosts setting in the storage_cassandra section of the -cluster_name.conf configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscStoringCollectionDataDifferentCluster_t.html -for more details. A value of undef will ensure the setting is not -present in the file. Default value undef

- -
-storage_cassandra_send_rpc -
- -

This sets the send_rpc setting in the storage_cassandra section of the -cluster_name.conf configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscStoringCollectionDataDifferentCluster_t.html -for more details. A value of undef will ensure the setting is not -present in the file. Default value undef

- -
-storage_cassandra_ssl_ca_certs -
- -

This sets the ssl_ca_certs setting in the storage_cassandra section of the -cluster_name.conf configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscStoringCollectionDataDifferentCluster_t.html -for more details. A value of undef will ensure the setting is not -present in the file. Default value undef

- -
-storage_cassandra_ssl_client_key -
- -

This sets the ssl_client_key setting in the storage_cassandra section of the -cluster_name.conf configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscStoringCollectionDataDifferentCluster_t.html -for more details. A value of undef will ensure the setting is not -present in the file. Default value undef

- -
-storage_cassandra_ssl_client_pem -
- -

This sets the ssl_client_pem setting in the storage_cassandra section of the -cluster_name.conf configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscStoringCollectionDataDifferentCluster_t.html -for more details. A value of undef will ensure the setting is not -present in the file. Default value undef

- -
-storage_cassandra_ssl_validate -
- -

This sets the ssl_validate setting in the storage_cassandra section of the -cluster_name.conf configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscStoringCollectionDataDifferentCluster_t.html -for more details. A value of undef will ensure the setting is not -present in the file. Default value undef

- -
-storage_cassandra_used_hosts_per_remote_dc -
- -

This sets the used_hosts_per_remote_dc setting in the storage_cassandra section of the -cluster_name.conf configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscStoringCollectionDataDifferentCluster_t.html -for more details. A value of undef will ensure the setting is not -present in the file. Default value undef

- -
-storage_cassandra_username -
- -

This sets the username setting in the storage_cassandra section of the -cluster_name.conf configuration file. See -http://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscStoringCollectionDataDifferentCluster_t.html -for more details. A value of undef will ensure the setting is not -present in the file. Default value undef

- -

-Defined Type cassandra::firewall_ports::rule

- -

A defined type to be used as a macro for setting host based firewall -rules. This is not intended to be used by a user (who should use the -API provided by cassandra::firewall_ports instead) but is documented -here for completeness.

- -

-Parameters

- -
-title -
- -

A text field that contains the protocol name and CIDR address of a subnet.

- -
-port -
- -

The number(s) of the port(s) to be opened.

- -

-Defined Type cassandra::opscenter::setting

- -

A defined type to be used as a macro for settings in the OpsCenter -configuration file. This is not intended to be used by a user (who -should use the API provided by cassandra::opscenter instead) but is documented -here for completeness.

- -

-Parameters

- -
-service_name -
- -

The name of the service to be notified if a change is made to the -configuration file. Typically this would by opscenterd.

- -
-path -
- -

The path to the configuration file. Typically this would by -/etc/opscenter/opscenterd.conf.

- -
-section -
- -

The section in the configuration file to be added to (e.g. webserver).

- -
-setting -
- -

The setting within the section of the configuration file to changed -(e.g. port).

- -
-value -
- -

The setting value to be changed to (e.g. 8888).

- -

-Limitations

- -

Tested on the Red Hat family versions 6 and 7, Ubuntu 12.04 and 14.04, -Debian 7 Puppet (CE) 3.7.5 and DSC 2.

- -

From release 1.6.0 of this module, regular updates of the Cassandra 1.X -template will cease and testing against this template will cease. Testing -against the template for versions of Cassandra >= 2.X will continue.

- -

-Contributers

- -

Contributions will be gratefully accepted. Please go to the project page, -fork the project, make your changes locally and then raise a pull request. -Details on how to do this are available at -https://guides.github.com/activities/contributing-to-open-source.

- -

Please also see the -CONTRIBUTING.md -page for project specific requirements.

- -

-Additional Contributers

- -
    -

  • Yanis Guenane (GitHub @spredzy) provided the -Cassandra 1.x compatible template -(see #11).

    • -

  • Amos Shapira (GitHub @amosshapira) fixed -a bug in the requirements metadata that caused a problem with Puppetfile -(see #34).

    • -

  • Dylan Griffith (GitHub @DylanGriffith) -identified that the dependency for puppetlabs-apt was incorrect -(see #87).

    • -

  • Sam Powers (GitHub @sampowers) reported a -bug in the ability to set the running state of the Cassandra service and -subsequently submitted a pull request with a fix -(see #93).

    • -

  • @markasammut contributed a pull request -to set the batch_size_warn_threshold_in_kb parameter (see -#100).

    • -

  • @markasammut also contributed a pull -request to restart the service if the datastax-agent package is upgraded -(see #110).

    • -
-
-
- - - - - - diff --git a/cassandra/javascripts/main.js b/cassandra/javascripts/main.js deleted file mode 100644 index d8135d37b..000000000 --- a/cassandra/javascripts/main.js +++ /dev/null @@ -1 +0,0 @@ -console.log('This would be the main JS file.'); diff --git a/cassandra/manifests/datastax_agent.pp b/cassandra/manifests/datastax_agent.pp deleted file mode 100644 index 950931cc8..000000000 --- a/cassandra/manifests/datastax_agent.pp +++ /dev/null @@ -1,51 +0,0 @@ -# Install and configure the optional DataStax agent. -class cassandra::datastax_agent ( - $defaults_file = '/etc/default/datastax-agent', - $java_home = undef, - $package_ensure = 'present', - $package_name = 'datastax-agent', - $service_ensure = 'running', - $service_enable = true, - $service_name = 'datastax-agent', - $stomp_interface = undef, - ){ - package { $package_name: - ensure => $package_ensure, - require => Class['cassandra'], - notify => Service[$service_name] - } - - if $stomp_interface != undef { - $ensure = present - } else { - $ensure = absent - } - - ini_setting { 'stomp_interface': - ensure => $ensure, - path => '/var/lib/datastax-agent/conf/address.yaml', - section => '', - key_val_separator => ': ', - setting => 'stomp_interface', - value => $stomp_interface, - require => Package[$package_name], - notify => Service[$service_name] - } - - if $java_home != undef { - ini_setting { 'java_home': - ensure => present, - path => $defaults_file, - section => '', - key_val_separator => '=', - setting => 'JAVA_HOME', - value => $java_home, - notify => Service[$service_name] - } - } - - service { $service_name: - ensure => $service_ensure, - enable => $service_enable, - } -} diff --git a/cassandra/manifests/datastax_repo.pp b/cassandra/manifests/datastax_repo.pp deleted file mode 100644 index a739e8471..000000000 --- a/cassandra/manifests/datastax_repo.pp +++ /dev/null @@ -1,66 +0,0 @@ -# == Class: cassandra::datastax_repo -# -# Please see the README for this module for full details of what this class -# does as part of the module and how to use it. -# -class cassandra::datastax_repo ( - $descr = 'DataStax Repo for Apache Cassandra', - $key_id = '7E41C00F85BFC1706C4FFFB3350200F2B999A372', - $key_url = 'http://debian.datastax.com/debian/repo_key', - $pkg_url = undef, - $release = 'stable' - ) { - case $::osfamily { - 'RedHat': { - if $pkg_url != undef { - $baseurl = $pkg_url - } else { - $baseurl = 'http://rpm.datastax.com/community' - } - - yumrepo { 'datastax': - ensure => present, - descr => $descr, - baseurl => $baseurl, - enabled => 1, - gpgcheck => 0, - } - } - 'Debian': { - include apt - include apt::update - - apt::key {'datastaxkey': - id => $key_id, - source => $key_url, - before => Apt::Source['datastax'] - } - - if $pkg_url != undef { - $location = $pkg_url - } else { - $location = 'http://debian.datastax.com/community' - } - - apt::source {'datastax': - location => $location, - comment => $descr, - release => $release, - include => { - 'src' => false - }, - notify => Exec['update-cassandra-repos'] - } - - # Required to wrap apt_update - exec {'update-cassandra-repos': - refreshonly => true, - command => '/bin/true', - require => Exec['apt_update'], - } - } - default: { - warning("OS family ${::osfamily} not supported") - } - } -} diff --git a/cassandra/manifests/firewall_ports.pp b/cassandra/manifests/firewall_ports.pp deleted file mode 100644 index 0ca9f6a9f..000000000 --- a/cassandra/manifests/firewall_ports.pp +++ /dev/null @@ -1,50 +0,0 @@ -# Allow a user to configure the cassandra specific firewall ports. -# -# See the module readme for more details. -class cassandra::firewall_ports ( - $client_ports = [9042, 9160], - $client_subnets = ['0.0.0.0/0'], - $inter_node_ports = [7000, 7001, 7199], - $inter_node_subnets = ['0.0.0.0/0'], - $public_ports = [8888], - $public_subnets = ['0.0.0.0/0'], - $ssh_port = 22, - $opscenter_ports = [61620, 61621], - $opscenter_subnets = ['0.0.0.0/0'] - ) { - # Public connections on any node. - $public_subnets_array = prefix($public_subnets, '200_Public_') - - cassandra::firewall_ports::rule { $public_subnets_array: - ports => concat($public_ports, [$ssh_port]) - } - - # If this is a Cassandra node. - if defined ( Class['::cassandra'] ) { - # Inter-node connections for Cassandra - $inter_node_subnets_array = prefix($inter_node_subnets, - '210_InterNode_') - - cassandra::firewall_ports::rule { $inter_node_subnets_array: - ports => $inter_node_ports - } - - # Client connections for Cassandra - $client_subnets_array = prefix($client_subnets, '220_Client_') - - cassandra::firewall_ports::rule {$client_subnets_array: - ports => $client_ports - } - } - - # Connections for DataStax Agent - if defined ( Class['::cassandra::datastax_agent'] ) or - defined ( Class['::cassandra::opscenter'] ) { - $opscenter_subnets_opc_agent = prefix($opscenter_subnets, - '230_OpsCenter_') - - cassandra::firewall_ports::rule { $opscenter_subnets_opc_agent: - ports => $opscenter_ports - } - } -} diff --git a/cassandra/manifests/firewall_ports/rule.pp b/cassandra/manifests/firewall_ports/rule.pp deleted file mode 100644 index b1b353901..000000000 --- a/cassandra/manifests/firewall_ports/rule.pp +++ /dev/null @@ -1,18 +0,0 @@ -# cassandra::firewall_ports::rule -define cassandra::firewall_ports::rule( - $ports - ) { - $array_var1 = split($title, '_') - $rule_number = $array_var1[0] - $rule_description = $array_var1[1] - $source = $array_var1[2] - - if size($ports) > 0 { - firewall { "${rule_number} - Cassandra (${rule_description}) - ${source}": - action => 'accept', - dport => $ports, - proto => 'tcp', - source => $source - } - } -} diff --git a/cassandra/manifests/init.pp b/cassandra/manifests/init.pp deleted file mode 100644 index a6970b28b..000000000 --- a/cassandra/manifests/init.pp +++ /dev/null @@ -1,330 +0,0 @@ -# == Class: cassandra -# -# Please see the README for this module for full details of what this class -# does as part of the module and how to use it. -# -class cassandra ( - $authenticator - = 'AllowAllAuthenticator', - $authorizer - = 'AllowAllAuthorizer', - $auto_bootstrap = undef, - $auto_snapshot = true, - $batchlog_replay_throttle_in_kb = 1024, - $batch_size_warn_threshold_in_kb = 5, - $broadcast_address = undef, - $broadcast_rpc_address = undef, - $cas_contention_timeout_in_ms = 1000, - $cassandra_9822 = false, - $cassandra_yaml_tmpl - = 'cassandra/cassandra.yaml.erb', - $client_encryption_algorithm = undef, - $client_encryption_cipher_suites = undef, - $client_encryption_enabled = false, - $client_encryption_keystore = 'conf/.keystore', - $client_encryption_keystore_password = 'cassandra', - $client_encryption_protocol = undef, - $client_encryption_require_client_auth = undef, - $client_encryption_store_type = undef, - $client_encryption_truststore = undef, - $client_encryption_truststore_password = undef, - $cluster_name = 'Test Cluster', - $column_index_size_in_kb = 64, - $commitlog_directory - = '/var/lib/cassandra/commitlog', - $commitlog_segment_size_in_mb = 32, - $commitlog_directory_mode = '0750', - $commitlog_sync_period_in_ms = 10000, - $commitlog_sync_batch_window_in_ms = undef, - $commitlog_sync = 'periodic', - $commitlog_total_space_in_mb = undef, - $commit_failure_policy = stop, - $compaction_throughput_mb_per_sec = 16, - $concurrent_compactors = undef, - $counter_cache_keys_to_save = undef, - $counter_cache_size_in_mb = '', - $concurrent_counter_writes = 32, - $concurrent_reads = 32, - $concurrent_writes = 32, - $config_file_mode = '0666', - $config_path = undef, - $counter_cache_save_period = 7200, - $counter_write_request_timeout_in_ms = 5000, - $cross_node_timeout = false, - $data_file_directories - = ['/var/lib/cassandra/data'], - $data_file_directories_mode = '0750', - $dc = 'DC1', - $dc_suffix = undef, - $disk_failure_policy = 'stop', - $dynamic_snitch_badness_threshold = 0.1, - $dynamic_snitch_reset_interval_in_ms = 600000, - $dynamic_snitch_update_interval_in_ms = 100, - $endpoint_snitch = 'SimpleSnitch', - $fail_on_non_supported_os = true, - $fail_on_non_suppoted_os = undef, - $file_cache_size_in_mb = undef, - $hinted_handoff_enabled = true, - $hinted_handoff_throttle_in_kb = 1024, - $incremental_backups = false, - $index_summary_capacity_in_mb = '', - $index_summary_resize_interval_in_minutes = 60, - $initial_token = undef, - $inter_dc_stream_throughput_outbound_megabits_per_sec = undef, - $inter_dc_tcp_nodelay = false, - $internode_authenticator = undef, - $internode_compression = 'all', - $internode_recv_buff_size_in_bytes = undef, - $internode_send_buff_size_in_bytes = undef, - $key_cache_keys_to_save = undef, - $key_cache_save_period = 14400, - $key_cache_size_in_mb = '', - $listen_address = 'localhost', - $manage_dsc_repo = false, - $max_hints_delivery_threads = 2, - $max_hint_window_in_ms = 10800000, - $memory_allocator = undef, - $memtable_cleanup_threshold = undef, - $memtable_flush_writers = undef, - $memtable_heap_space_in_mb = undef, - $memtable_offheap_space_in_mb = undef, - $native_transport_max_concurrent_connections = undef, - $native_transport_max_concurrent_connections_per_ip = undef, - $native_transport_max_frame_size_in_mb = undef, - $native_transport_max_threads = undef, - $native_transport_port = 9042, - $num_tokens = 256, - $package_ensure = 'present', - $package_name = 'dsc22', - $partitioner - = 'org.apache.cassandra.dht.Murmur3Partitioner', - $permissions_update_interval_in_ms = undef, - $permissions_validity_in_ms = 2000, - $phi_convict_threshold = undef, - $prefer_local = undef, - $rack = 'RAC1', - $range_request_timeout_in_ms = 10000, - $read_request_timeout_in_ms = 5000, - $request_scheduler - = 'org.apache.cassandra.scheduler.NoScheduler', - $request_scheduler_options_default_weight = undef, - $request_scheduler_options_throttle_limit = undef, - $request_timeout_in_ms = 10000, - $row_cache_keys_to_save = undef, - $row_cache_save_period = 0, - $row_cache_size_in_mb = 0, - $rpc_address = 'localhost', - $rpc_max_threads = undef, - $rpc_min_threads = undef, - $rpc_port = 9160, - $rpc_recv_buff_size_in_bytes = undef, - $rpc_send_buff_size_in_bytes = undef, - $rpc_server_type = 'sync', - $saved_caches_directory - = '/var/lib/cassandra/saved_caches', - $saved_caches_directory_mode = '0750', - $seed_provider_class_name - = 'org.apache.cassandra.locator.SimpleSeedProvider', - $seeds = '127.0.0.1', - $server_encryption_algorithm = undef, - $server_encryption_cipher_suites = undef, - $server_encryption_internode = 'none', - $server_encryption_keystore = 'conf/.keystore', - $server_encryption_keystore_password = 'cassandra', - $server_encryption_protocol = undef, - $server_encryption_require_client_auth = undef, - $server_encryption_store_type = undef, - $server_encryption_truststore = 'conf/.truststore', - $server_encryption_truststore_password = 'cassandra', - $service_enable = true, - $service_ensure = 'running', - $service_name = 'cassandra', - $service_refresh = true, - $snapshot_before_compaction = false, - $snitch_properties_file - = 'cassandra-rackdc.properties', - $ssl_storage_port = 7001, - $sstable_preemptive_open_interval_in_mb = 50, - $start_native_transport = true, - $start_rpc = true, - $storage_port = 7000, - $streaming_socket_timeout_in_ms = undef, - $stream_throughput_outbound_megabits_per_sec = undef, - $tombstone_failure_threshold = 100000, - $tombstone_warn_threshold = 1000, - $trickle_fsync = false, - $trickle_fsync_interval_in_kb = 10240, - $truncate_request_timeout_in_ms = 60000, - $write_request_timeout_in_ms = 2000 - ) { - if $manage_dsc_repo == true { - $dep_014_url = 'https://github.com/locp/cassandra/wiki/DEP-014' - require '::cassandra::datastax_repo' - warning ("manage_dsc_repo has been deprecated. See ${dep_014_url}") - } - - if $fail_on_non_suppoted_os != undef { - $dep_015_url = 'https://github.com/locp/cassandra/wiki/DEP-015' - $supported_os_only = $fail_on_non_suppoted_os - warning ("fail_on_non_suppoted_os has been deprecated. See ${dep_015_url}") - } else { - $supported_os_only = $fail_on_non_supported_os - } - - case $::osfamily { - 'RedHat': { - if $config_path == undef { - $cfg_path = '/etc/cassandra/default.conf' - } else { - $cfg_path = $config_path - } - } - 'Debian': { - if $config_path == undef { - $cfg_path = '/etc/cassandra' - } else { - $cfg_path = $config_path - } - - # A workaround for CASSANDRA-9822 - if $cassandra_9822 == true { - file { '/etc/init.d/cassandra': - source => 'puppet:///modules/cassandra/CASSANDRA-9822/cassandra' - } - } - } - default: { - if $supported_os_only { - fail("OS family ${::osfamily} not supported") - } else { - $cfg_path = $config_path - warning("OS family ${::osfamily} not supported") - } - } - } - - package { $package_name: - ensure => $package_ensure, - } - - $config_file = "${cfg_path}/cassandra.yaml" - - file { $config_file: - ensure => present, - owner => 'cassandra', - group => 'cassandra', - content => template($cassandra_yaml_tmpl), - mode => $config_file_mode, - require => Package[$package_name], - } - - file { $commitlog_directory: - ensure => directory, - owner => 'cassandra', - group => 'cassandra', - mode => $commitlog_directory_mode, - require => Package[$package_name] - } - - file { $data_file_directories: - ensure => directory, - owner => 'cassandra', - group => 'cassandra', - mode => $data_file_directories_mode, - require => Package[$package_name] - } - - file { $saved_caches_directory: - ensure => directory, - owner => 'cassandra', - group => 'cassandra', - mode => $saved_caches_directory_mode, - require => Package[$package_name] - } - - if $package_ensure != 'absent' - and $package_ensure != 'purged' { - if $service_refresh == true { - service { 'cassandra': - ensure => $service_ensure, - name => $service_name, - enable => $service_enable, - subscribe => [ - File[$commitlog_directory], - File[$config_file], - File[$data_file_directories], - File[$saved_caches_directory], - Ini_setting['rackdc.properties.dc'], - Ini_setting['rackdc.properties.rack'], - Package[$package_name], - ] - } - } else { - service { 'cassandra': - ensure => $service_ensure, - name => $service_name, - enable => $service_enable - } - } - } - - $dc_rack_properties_file = "${cfg_path}/${snitch_properties_file}" - - ini_setting { 'rackdc.properties.dc': - path => $dc_rack_properties_file, - section => '', - setting => 'dc', - value => $dc, - require => Package[$package_name], - } - - ini_setting { 'rackdc.properties.rack': - path => $dc_rack_properties_file, - section => '', - setting => 'rack', - value => $rack, - require => Package[$package_name], - } - - if $dc_suffix != undef { - if $service_refresh == true { - ini_setting { 'rackdc.properties.dc_suffix': - path => $dc_rack_properties_file, - section => '', - setting => 'dc_suffix', - value => $dc_suffix, - require => Package[$package_name], - notify => Service['cassandra'] - } - } else { - ini_setting { 'rackdc.properties.dc_suffix': - path => $dc_rack_properties_file, - section => '', - setting => 'dc_suffix', - value => $dc_suffix, - require => Package[$package_name], - } - } - } - - if $prefer_local != undef { - if $service_refresh == true { - ini_setting { 'rackdc.properties.prefer_local': - path => $dc_rack_properties_file, - section => '', - setting => 'prefer_local', - value => $prefer_local, - require => Package[$package_name], - notify => Service['cassandra'] - } - } else { - ini_setting { 'rackdc.properties.prefer_local': - path => $dc_rack_properties_file, - section => '', - setting => 'prefer_local', - value => $prefer_local, - require => Package[$package_name], - } - } - } -} diff --git a/cassandra/manifests/java.pp b/cassandra/manifests/java.pp deleted file mode 100644 index 4a5b824c2..000000000 --- a/cassandra/manifests/java.pp +++ /dev/null @@ -1,39 +0,0 @@ -# Please see the README file for the module. -class cassandra::java ( - $ensure = 'present', - $jna_ensure = 'present', - $jna_package_name = undef, - $package_name = undef - ) { - if $package_name == undef { - if $::osfamily == 'RedHat' { - $java_package_name = 'java-1.8.0-openjdk-headless' - } elsif $::osfamily == 'Debian' { - $java_package_name = 'openjdk-7-jre-headless' - } else { - fail("OS family ${::osfamily} not supported") - } - } else { - $java_package_name = $package_name - } - - if $jna_package_name == undef { - if $::osfamily == 'RedHat' { - $jna = 'jna' - } elsif $::osfamily == 'Debian' { - $jna = 'libjna-java' - } else { - fail("OS family ${::osfamily} not supported") - } - } else { - $jna = $jna_package_name - } - - package { $java_package_name: - ensure => $ensure, - } - - package { $jna: - ensure => $jna_ensure, - } -} diff --git a/cassandra/manifests/opscenter.pp b/cassandra/manifests/opscenter.pp deleted file mode 100644 index 87fac2369..000000000 --- a/cassandra/manifests/opscenter.pp +++ /dev/null @@ -1,1024 +0,0 @@ -# Install and configure DataStax OpsCenter -# -# See the module README for details on how to use. -class cassandra::opscenter ( - $agents_agent_certfile = undef, - $agents_agent_keyfile = undef, - $agents_agent_keyfile_raw = undef, - $agents_config_sleep = undef, - $agents_fingerprint_throttle = undef, - $agents_incoming_interface = undef, - $agents_incoming_port = undef, - $agents_install_throttle = undef, - $agents_not_seen_threshold = undef, - $agents_path_to_deb = undef, - $agents_path_to_find_java = undef, - $agents_path_to_installscript = undef, - $agents_path_to_rpm = undef, - $agents_path_to_sudowrap = undef, - $agents_reported_interface = undef, - $agents_runs_sudo = undef, - $agents_scp_executable = undef, - $agents_ssh_executable = undef, - $agents_ssh_keygen_executable = undef, - $agents_ssh_keyscan_executable = undef, - $agents_ssh_port = undef, - $agents_ssh_sys_known_hosts_file = undef, - $agents_ssh_user_known_hosts_file = undef, - $agents_ssl_certfile = undef, - $agents_ssl_keyfile = undef, - $agents_tmp_dir = undef, - $agents_use_ssl = undef, - $authentication_audit_auth = undef, - $authentication_audit_pattern = undef, - $authentication_enabled = 'False', - $authentication_method = undef, - $authentication_passwd_db = undef, - $authentication_timeout = undef, - $cloud_accepted_certs = undef, - $clusters_add_cluster_timeout = undef, - $clusters_startup_sleep = undef, - $config_file - = '/etc/opscenter/opscenterd.conf', - $definitions_auto_update = undef, - $definitions_definitions_dir = undef, - $definitions_download_filename = undef, - $definitions_download_host = undef, - $definitions_download_port = undef, - $definitions_hash_filename = undef, - $definitions_sleep = undef, - $definitions_ssl_certfile = undef, - $definitions_use_ssl = undef, - $ensure = present, - $failover_configuration_directory = undef, - $failover_heartbeat_fail_window = undef, - $failover_heartbeat_period = undef, - $failover_heartbeat_reply_period = undef, - $hadoop_base_job_tracker_proxy_port = undef, - $package_name = 'opscenter', - $provisioning_agent_install_timeout = undef, - $provisioning_keyspace_timeout = undef, - $provisioning_private_key_dir = undef, - $service_enable = true, - $service_ensure = 'running', - $service_name = 'opscenterd', - $ldap_admin_group_name = undef, - $ldap_connection_timeout = undef, - $ldap_debug_ssl = undef, - $ldap_group_name_attribute = undef, - $ldap_group_search_base = undef, - $ldap_group_search_filter = undef, - $ldap_group_search_type = undef, - $ldap_ldap_security = undef, - $ldap_opt_referrals = undef, - $ldap_protocol_version = undef, - $ldap_search_dn = undef, - $ldap_search_password = undef, - $ldap_server_host = undef, - $ldap_server_port = undef, - $ldap_ssl_cacert = undef, - $ldap_ssl_cert = undef, - $ldap_ssl_key = undef, - $ldap_tls_demand = undef, - $ldap_tls_reqcert = undef, - $ldap_uri_scheme = undef, - $ldap_user_memberof_attribute = undef, - $ldap_user_search_base = undef, - $ldap_user_search_filter = undef, - $logging_level = undef, - $logging_log_length = undef, - $logging_log_path = undef, - $logging_max_rotate = undef, - $logging_resource_usage_interval = undef, - $repair_service_alert_on_repair_failure = undef, - $repair_service_cluster_stabilization_period = undef, - $repair_service_error_logging_window = undef, - $repair_service_incremental_err_alert_threshold = undef, - $repair_service_incremental_range_repair = undef, - $repair_service_incremental_repair_tables = undef, - $repair_service_ks_update_period = undef, - $repair_service_log_directory = undef, - $repair_service_log_length = undef, - $repair_service_max_err_threshold = undef, - $repair_service_max_parallel_repairs = undef, - $repair_service_max_pending_repairs = undef, - $repair_service_max_rotate = undef, - $repair_service_min_repair_time = undef, - $repair_service_min_throughput = undef, - $repair_service_num_recent_throughputs = undef, - $repair_service_persist_directory = undef, - $repair_service_persist_period = undef, - $repair_service_restart_period = undef, - $repair_service_single_repair_timeout = undef, - $repair_service_single_task_err_threshold = undef, - $repair_service_snapshot_override = undef, - $request_tracker_queue_size = undef, - $security_config_encryption_active = undef, - $security_config_encryption_key_name = undef, - $security_config_encryption_key_path = undef, - $spark_base_master_proxy_port = undef, - $stat_reporter_initial_sleep = undef, - $stat_reporter_interval = undef, - $stat_reporter_report_file = undef, - $stat_reporter_ssl_key = undef, - $ui_default_api_timeout = undef, - $ui_max_metrics_requests = undef, - $ui_node_detail_refresh_delay = undef, - $ui_storagemap_ttl = undef, - $webserver_interface = '0.0.0.0', - $webserver_log_path = undef, - $webserver_port = 8888, - $webserver_ssl_certfile = undef, - $webserver_ssl_keyfile = undef, - $webserver_ssl_port = undef, - $webserver_staticdir = undef, - $webserver_sub_process_timeout = undef, - $webserver_tarball_process_timeout = undef - ) { - package { 'opscenter': - ensure => $ensure, - name => $package_name, - before => Service['opscenterd'] - } - - service { 'opscenterd': - ensure => $service_ensure, - name => $service_name, - enable => $service_enable, - } - - cassandra::opscenter::setting { 'agents agent_certfile': - path => $config_file, - section => 'agents', - setting => 'agent_certfile', - value => $agents_agent_certfile - } - - cassandra::opscenter::setting { 'agents agent_keyfile': - path => $config_file, - section => 'agents', - setting => 'agent_keyfile', - value => $agents_agent_keyfile - } - - cassandra::opscenter::setting { 'agents agent_keyfile_raw': - path => $config_file, - section => 'agents', - setting => 'agent_keyfile_raw', - value => $agents_agent_keyfile_raw - } - - cassandra::opscenter::setting { 'agents config_sleep': - path => $config_file, - section => 'agents', - setting => 'config_sleep', - value => $agents_config_sleep - } - - cassandra::opscenter::setting { 'agents fingerprint_throttle': - path => $config_file, - section => 'agents', - setting => 'fingerprint_throttle', - value => $agents_fingerprint_throttle - } - - cassandra::opscenter::setting { 'agents incoming_interface': - path => $config_file, - section => 'agents', - setting => 'incoming_interface', - value => $agents_incoming_interface - } - - cassandra::opscenter::setting { 'agents incoming_port': - path => $config_file, - section => 'agents', - setting => 'incoming_port', - value => $agents_incoming_port - } - - cassandra::opscenter::setting { 'agents install_throttle': - path => $config_file, - section => 'agents', - setting => 'install_throttle', - value => $agents_install_throttle - } - - cassandra::opscenter::setting { 'agents not_seen_threshold': - path => $config_file, - section => 'agents', - setting => 'not_seen_threshold', - value => $agents_not_seen_threshold - } - - cassandra::opscenter::setting { 'agents path_to_deb': - path => $config_file, - section => 'agents', - setting => 'path_to_deb', - value => $agents_path_to_deb - } - - cassandra::opscenter::setting { 'agents path_to_find_java': - path => $config_file, - section => 'agents', - setting => 'path_to_find_java', - value => $agents_path_to_find_java - } - - cassandra::opscenter::setting { 'agents path_to_installscript': - path => $config_file, - section => 'agents', - setting => 'path_to_installscript', - value => $agents_path_to_installscript - } - - cassandra::opscenter::setting { 'agents path_to_rpm': - path => $config_file, - section => 'agents', - setting => 'path_to_rpm', - value => $agents_path_to_rpm - } - - cassandra::opscenter::setting { 'agents path_to_sudowrap': - path => $config_file, - section => 'agents', - setting => 'path_to_sudowrap', - value => $agents_path_to_sudowrap - } - - cassandra::opscenter::setting { 'agents reported_interface': - path => $config_file, - section => 'agents', - setting => 'reported_interface', - value => $agents_reported_interface - } - - cassandra::opscenter::setting { 'agents runs_sudo': - path => $config_file, - section => 'agents', - setting => 'runs_sudo', - value => $agents_runs_sudo - } - - cassandra::opscenter::setting { 'agents scp_executable': - path => $config_file, - section => 'agents', - setting => 'scp_executable', - value => $agents_scp_executable - } - - cassandra::opscenter::setting { 'agents ssh_executable': - path => $config_file, - section => 'agents', - setting => 'ssh_executable', - value => $agents_ssh_executable - } - - cassandra::opscenter::setting { 'agents ssh_keygen_executable': - path => $config_file, - section => 'agents', - setting => 'ssh_keygen_executable', - value => $agents_ssh_keygen_executable - } - - cassandra::opscenter::setting { 'agents ssh_keyscan_executable': - path => $config_file, - section => 'agents', - setting => 'ssh_keyscan_executable', - value => $agents_ssh_keyscan_executable - } - - cassandra::opscenter::setting { 'agents ssh_port': - path => $config_file, - section => 'agents', - setting => 'ssh_port', - value => $agents_ssh_port - } - - cassandra::opscenter::setting { 'agents ssh_sys_known_hosts_file': - path => $config_file, - section => 'agents', - setting => 'ssh_sys_known_hosts_file', - value => $agents_ssh_sys_known_hosts_file - } - - cassandra::opscenter::setting { 'agents ssh_user_known_hosts_file': - path => $config_file, - section => 'agents', - setting => 'ssh_user_known_hosts_file', - value => $agents_ssh_user_known_hosts_file - } - - cassandra::opscenter::setting { 'agents ssl_certfile': - path => $config_file, - section => 'agents', - setting => 'ssl_certfile', - value => $agents_ssl_certfile - } - - cassandra::opscenter::setting { 'agents ssl_keyfile': - path => $config_file, - section => 'agents', - setting => 'ssl_keyfile', - value => $agents_ssl_keyfile - } - - cassandra::opscenter::setting { 'agents tmp_dir': - path => $config_file, - section => 'agents', - setting => 'tmp_dir', - value => $agents_tmp_dir - } - - cassandra::opscenter::setting { 'agents use_ssl': - path => $config_file, - section => 'agents', - setting => 'use_ssl', - value => $agents_use_ssl - } - - cassandra::opscenter::setting { 'authentication audit_auth': - path => $config_file, - section => 'authentication', - setting => 'audit_auth', - value => $authentication_audit_auth - } - - cassandra::opscenter::setting { 'authentication audit_pattern': - path => $config_file, - section => 'authentication', - setting => 'audit_pattern', - value => $authentication_audit_pattern - } - - cassandra::opscenter::setting { 'authentication authentication_method': - path => $config_file, - section => 'authentication', - setting => 'authentication_method', - value => $authentication_method - } - - cassandra::opscenter::setting { 'authentication enabled': - path => $config_file, - section => 'authentication', - setting => 'enabled', - value => $authentication_enabled - } - - cassandra::opscenter::setting { 'authentication passwd_db': - path => $config_file, - section => 'authentication', - setting => 'passwd_db', - value => $authentication_passwd_db - } - - cassandra::opscenter::setting { 'authentication timeout': - path => $config_file, - section => 'authentication', - setting => 'timeout', - value => $authentication_timeout - } - - cassandra::opscenter::setting { 'cloud accepted_certs': - path => $config_file, - section => 'cloud', - setting => 'accepted_certs', - value => $cloud_accepted_certs - } - - cassandra::opscenter::setting { 'clusters add_cluster_timeout': - path => $config_file, - section => 'clusters', - setting => 'add_cluster_timeout', - value => $clusters_add_cluster_timeout - } - - cassandra::opscenter::setting { 'clusters startup_sleep': - path => $config_file, - section => 'clusters', - setting => 'startup_sleep', - value => $clusters_startup_sleep - } - - cassandra::opscenter::setting { 'definitions auto_update': - path => $config_file, - section => 'definitions', - setting => 'auto_update', - value => $definitions_auto_update - } - - cassandra::opscenter::setting { 'definitions definitions_dir': - path => $config_file, - section => 'definitions', - setting => 'definitions_dir', - value => $definitions_definitions_dir - } - - cassandra::opscenter::setting { 'definitions download_filename': - path => $config_file, - section => 'definitions', - setting => 'download_filename', - value => $definitions_download_filename - } - - cassandra::opscenter::setting { 'definitions download_host': - path => $config_file, - section => 'definitions', - setting => 'download_host', - value => $definitions_download_host - } - - cassandra::opscenter::setting { 'definitions download_port': - path => $config_file, - section => 'definitions', - setting => 'download_port', - value => $definitions_download_port - } - - cassandra::opscenter::setting { 'definitions hash_filename': - path => $config_file, - section => 'definitions', - setting => 'hash_filename', - value => $definitions_hash_filename - } - - cassandra::opscenter::setting { 'definitions sleep': - path => $config_file, - section => 'definitions', - setting => 'sleep', - value => $definitions_sleep - } - - cassandra::opscenter::setting { 'definitions ssl_certfile': - path => $config_file, - section => 'definitions', - setting => 'ssl_certfile', - value => $definitions_ssl_certfile - } - - cassandra::opscenter::setting { 'definitions use_ssl': - path => $config_file, - section => 'definitions', - setting => 'use_ssl', - value => $definitions_use_ssl - } - - cassandra::opscenter::setting { 'failover failover_configuration_directory': - path => $config_file, - section => 'failover', - setting => 'failover_configuration_directory', - value => $failover_configuration_directory - } - - cassandra::opscenter::setting { 'failover heartbeat_fail_window': - path => $config_file, - section => 'failover', - setting => 'heartbeat_fail_window', - value => $failover_heartbeat_fail_window - } - - cassandra::opscenter::setting { 'failover heartbeat_period': - path => $config_file, - section => 'failover', - setting => 'heartbeat_period', - value => $failover_heartbeat_period - } - - cassandra::opscenter::setting { 'failover heartbeat_reply_period': - path => $config_file, - section => 'failover', - setting => 'heartbeat_reply_period', - value => $failover_heartbeat_reply_period - } - - cassandra::opscenter::setting { 'hadoop base_job_tracker_proxy_port': - path => $config_file, - section => 'hadoop', - setting => 'base_job_tracker_proxy_port', - value => $hadoop_base_job_tracker_proxy_port - } - - cassandra::opscenter::setting { 'ldap admin_group_name': - path => $config_file, - section => 'ldap', - setting => 'admin_group_name', - value => $ldap_admin_group_name - } - - cassandra::opscenter::setting { 'ldap connection_timeout': - path => $config_file, - section => 'ldap', - setting => 'connection_timeout', - value => $ldap_connection_timeout - } - - cassandra::opscenter::setting { 'ldap debug_ssl': - path => $config_file, - section => 'ldap', - setting => 'debug_ssl', - value => $ldap_debug_ssl - } - - cassandra::opscenter::setting { 'ldap group_name_attribute': - path => $config_file, - section => 'ldap', - setting => 'group_name_attribute', - value => $ldap_group_name_attribute - } - - cassandra::opscenter::setting { 'ldap group_search_base': - path => $config_file, - section => 'ldap', - setting => 'group_search_base', - value => $ldap_group_search_base - } - - cassandra::opscenter::setting { 'ldap group_search_filter': - path => $config_file, - section => 'ldap', - setting => 'group_search_filter', - value => $ldap_group_search_filter - } - - cassandra::opscenter::setting { 'ldap group_search_type': - path => $config_file, - section => 'ldap', - setting => 'group_search_type', - value => $ldap_group_search_type - } - - cassandra::opscenter::setting { 'ldap ldap_security': - path => $config_file, - section => 'ldap', - setting => 'ldap_security', - value => $ldap_ldap_security - } - - cassandra::opscenter::setting { 'ldap opt_referrals': - path => $config_file, - section => 'ldap', - setting => 'opt_referrals', - value => $ldap_opt_referrals - } - - cassandra::opscenter::setting { 'ldap protocol_version': - path => $config_file, - section => 'ldap', - setting => 'protocol_version', - value => $ldap_protocol_version - } - - cassandra::opscenter::setting { 'ldap search_dn': - path => $config_file, - section => 'ldap', - setting => 'search_dn', - value => $ldap_search_dn - } - - cassandra::opscenter::setting { 'ldap search_password': - path => $config_file, - section => 'ldap', - setting => 'search_password', - value => $ldap_search_password - } - - cassandra::opscenter::setting { 'ldap server_host': - path => $config_file, - section => 'ldap', - setting => 'server_host', - value => $ldap_server_host - } - - cassandra::opscenter::setting { 'ldap server_port': - path => $config_file, - section => 'ldap', - setting => 'server_port', - value => $ldap_server_port - } - - cassandra::opscenter::setting { 'ldap ssl_cacert': - path => $config_file, - section => 'ldap', - setting => 'ssl_cacert', - value => $ldap_ssl_cacert - } - - cassandra::opscenter::setting { 'ldap ssl_cert': - path => $config_file, - section => 'ldap', - setting => 'ssl_cert', - value => $ldap_ssl_cert - } - - cassandra::opscenter::setting { 'ldap ssl_key': - path => $config_file, - section => 'ldap', - setting => 'ssl_key', - value => $ldap_ssl_key - } - - cassandra::opscenter::setting { 'ldap tls_demand': - path => $config_file, - section => 'ldap', - setting => 'tls_demand', - value => $ldap_tls_demand - } - - cassandra::opscenter::setting { 'ldap tls_reqcert': - path => $config_file, - section => 'ldap', - setting => 'tls_reqcert', - value => $ldap_tls_reqcert - } - - cassandra::opscenter::setting { 'ldap uri_scheme': - path => $config_file, - section => 'ldap', - setting => 'uri_scheme', - value => $ldap_uri_scheme - } - - cassandra::opscenter::setting { 'ldap user_memberof_attribute': - path => $config_file, - section => 'ldap', - setting => 'user_memberof_attribute', - value => $ldap_user_memberof_attribute - } - - cassandra::opscenter::setting { 'ldap user_search_base': - path => $config_file, - section => 'ldap', - setting => 'user_search_base', - value => $ldap_user_search_base - } - - cassandra::opscenter::setting { 'ldap user_search_filter': - path => $config_file, - section => 'ldap', - setting => 'user_search_filter', - value => $ldap_user_search_filter - } - - cassandra::opscenter::setting { 'logging level': - path => $config_file, - section => 'logging', - setting => 'level', - value => $logging_level - } - - cassandra::opscenter::setting { 'logging log_length': - path => $config_file, - section => 'logging', - setting => 'log_length', - value => $logging_log_length - } - - cassandra::opscenter::setting { 'logging log_path': - path => $config_file, - section => 'logging', - setting => 'log_path', - value => $logging_log_path - } - - cassandra::opscenter::setting { 'logging max_rotate': - path => $config_file, - section => 'logging', - setting => 'max_rotate', - value => $logging_max_rotate - } - - cassandra::opscenter::setting { 'logging resource_usage_interval': - path => $config_file, - section => 'logging', - setting => 'resource_usage_interval', - value => $logging_resource_usage_interval - } - - cassandra::opscenter::setting { 'provisioning agent_install_timeout': - path => $config_file, - section => 'provisioning', - setting => 'agent_install_timeout', - value => $provisioning_agent_install_timeout - } - - cassandra::opscenter::setting { 'provisioning keyspace_timeout': - path => $config_file, - section => 'provisioning', - setting => 'keyspace_timeout', - value => $provisioning_keyspace_timeout - } - - cassandra::opscenter::setting { 'provisioning private_key_dir': - path => $config_file, - section => 'provisioning', - setting => 'private_key_dir', - value => $provisioning_private_key_dir - } - - cassandra::opscenter::setting { 'repair_service alert_on_repair_failure': - path => $config_file, - section => 'repair_service', - setting => 'alert_on_repair_failure', - value => $repair_service_alert_on_repair_failure - } - - cassandra::opscenter::setting { 'repair_service cluster_stabilization_period': - path => $config_file, - section => 'repair_service', - setting => 'cluster_stabilization_period', - value => $repair_service_cluster_stabilization_period - } - - cassandra::opscenter::setting { 'repair_service error_logging_window': - path => $config_file, - section => 'repair_service', - setting => 'error_logging_window', - value => $repair_service_error_logging_window - } - - cassandra::opscenter::setting { 'repair_service incremental_err_alert_threshold': - path => $config_file, - section => 'repair_service', - setting => 'incremental_err_alert_threshold', - value => $repair_service_incremental_err_alert_threshold - } - - cassandra::opscenter::setting { 'repair_service incremental_range_repair': - path => $config_file, - section => 'repair_service', - setting => 'incremental_range_repair', - value => $repair_service_incremental_range_repair - } - - cassandra::opscenter::setting { 'repair_service incremental_repair_tables': - path => $config_file, - section => 'repair_service', - setting => 'incremental_repair_tables', - value => $repair_service_incremental_repair_tables - } - - cassandra::opscenter::setting { 'repair_service ks_update_period': - path => $config_file, - section => 'repair_service', - setting => 'ks_update_period', - value => $repair_service_ks_update_period - } - - cassandra::opscenter::setting { 'repair_service log_directory': - path => $config_file, - section => 'repair_service', - setting => 'log_directory', - value => $repair_service_log_directory - } - - cassandra::opscenter::setting { 'repair_service log_length': - path => $config_file, - section => 'repair_service', - setting => 'log_length', - value => $repair_service_log_length - } - - cassandra::opscenter::setting { 'repair_service max_err_threshold': - path => $config_file, - section => 'repair_service', - setting => 'max_err_threshold', - value => $repair_service_max_err_threshold - } - - cassandra::opscenter::setting { 'repair_service max_parallel_repairs': - path => $config_file, - section => 'repair_service', - setting => 'max_parallel_repairs', - value => $repair_service_max_parallel_repairs - } - - cassandra::opscenter::setting { 'repair_service max_pending_repairs': - path => $config_file, - section => 'repair_service', - setting => 'max_pending_repairs', - value => $repair_service_max_pending_repairs - } - - cassandra::opscenter::setting { 'repair_service max_rotate': - path => $config_file, - section => 'repair_service', - setting => 'max_rotate', - value => $repair_service_max_rotate - } - - cassandra::opscenter::setting { 'repair_service min_repair_time': - path => $config_file, - section => 'repair_service', - setting => 'min_repair_time', - value => $repair_service_min_repair_time - } - - cassandra::opscenter::setting { 'repair_service min_throughput': - path => $config_file, - section => 'repair_service', - setting => 'min_throughput', - value => $repair_service_min_throughput - } - - cassandra::opscenter::setting { 'repair_service num_recent_throughputs': - path => $config_file, - section => 'repair_service', - setting => 'num_recent_throughputs', - value => $repair_service_num_recent_throughputs - } - - cassandra::opscenter::setting { 'repair_service persist_directory': - path => $config_file, - section => 'repair_service', - setting => 'persist_directory', - value => $repair_service_persist_directory - } - - cassandra::opscenter::setting { 'repair_service persist_period': - path => $config_file, - section => 'repair_service', - setting => 'persist_period', - value => $repair_service_persist_period - } - - cassandra::opscenter::setting { 'repair_service restart_period': - path => $config_file, - section => 'repair_service', - setting => 'restart_period', - value => $repair_service_restart_period - } - - cassandra::opscenter::setting { 'repair_service single_repair_timeout': - path => $config_file, - section => 'repair_service', - setting => 'single_repair_timeout', - value => $repair_service_single_repair_timeout - } - - cassandra::opscenter::setting { 'repair_service single_task_err_threshold': - path => $config_file, - section => 'repair_service', - setting => 'single_task_err_threshold', - value => $repair_service_single_task_err_threshold - } - - cassandra::opscenter::setting { 'repair_service snapshot_override': - path => $config_file, - section => 'repair_service', - setting => 'snapshot_override', - value => $repair_service_snapshot_override - } - - cassandra::opscenter::setting { 'request_tracker queue_size': - path => $config_file, - section => 'request_tracker', - setting => 'queue_size', - value => $request_tracker_queue_size - } - - cassandra::opscenter::setting { 'security config_encryption_active': - path => $config_file, - section => 'security', - setting => 'config_encryption_active', - value => $security_config_encryption_active - } - - cassandra::opscenter::setting { 'security config_encryption_key_name': - path => $config_file, - section => 'security', - setting => 'config_encryption_key_name', - value => $security_config_encryption_key_name - } - - cassandra::opscenter::setting { 'security config_encryption_key_path': - path => $config_file, - section => 'security', - setting => 'config_encryption_key_path', - value => $security_config_encryption_key_path - } - - cassandra::opscenter::setting { 'spark base_master_proxy_port': - path => $config_file, - section => 'spark', - setting => 'base_master_proxy_port', - value => $spark_base_master_proxy_port - } - - cassandra::opscenter::setting { 'stat_reporter initial_sleep': - path => $config_file, - section => 'stat_reporter', - setting => 'initial_sleep', - value => $stat_reporter_initial_sleep - } - - cassandra::opscenter::setting { 'stat_reporter interval': - path => $config_file, - section => 'stat_reporter', - setting => 'interval', - value => $stat_reporter_interval - } - - cassandra::opscenter::setting { 'stat_reporter report_file': - path => $config_file, - section => 'stat_reporter', - setting => 'report_file', - value => $stat_reporter_report_file - } - - cassandra::opscenter::setting { 'stat_reporter ssl_key': - path => $config_file, - section => 'stat_reporter', - setting => 'ssl_key', - value => $stat_reporter_ssl_key - } - - cassandra::opscenter::setting { 'ui default_api_timeout': - path => $config_file, - section => 'ui', - setting => 'default_api_timeout', - value => $ui_default_api_timeout - } - - cassandra::opscenter::setting { 'ui max_metrics_requests': - path => $config_file, - section => 'ui', - setting => 'max_metrics_requests', - value => $ui_max_metrics_requests - } - - cassandra::opscenter::setting { 'ui node_detail_refresh_delay': - path => $config_file, - section => 'ui', - setting => 'node_detail_refresh_delay', - value => $ui_node_detail_refresh_delay - } - - cassandra::opscenter::setting { 'ui storagemap_ttl': - path => $config_file, - section => 'ui', - setting => 'storagemap_ttl', - value => $ui_storagemap_ttl - } - - cassandra::opscenter::setting { 'webserver interface': - path => $config_file, - section => 'webserver', - setting => 'interface', - value => $webserver_interface - } - - cassandra::opscenter::setting { 'webserver log_path': - path => $config_file, - section => 'webserver', - setting => 'log_path', - value => $webserver_log_path - } - - cassandra::opscenter::setting { 'webserver port': - path => $config_file, - section => 'webserver', - setting => 'port', - value => $webserver_port - } - - cassandra::opscenter::setting { 'webserver ssl_certfile': - path => $config_file, - section => 'webserver', - setting => 'ssl_certfile', - value => $webserver_ssl_certfile - } - - cassandra::opscenter::setting { 'webserver ssl_keyfile': - path => $config_file, - section => 'webserver', - setting => 'ssl_keyfile', - value => $webserver_ssl_keyfile - } - - cassandra::opscenter::setting { 'webserver ssl_port': - path => $config_file, - section => 'webserver', - setting => 'ssl_port', - value => $webserver_ssl_port - } - - cassandra::opscenter::setting { 'webserver staticdir': - path => $config_file, - section => 'webserver', - setting => 'staticdir', - value => $webserver_staticdir - } - - cassandra::opscenter::setting { 'webserver sub_process_timeout': - path => $config_file, - section => 'webserver', - setting => 'sub_process_timeout', - value => $webserver_sub_process_timeout - } - - cassandra::opscenter::setting { 'webserver tarball_process_timeout': - path => $config_file, - section => 'webserver', - setting => 'tarball_process_timeout', - value => $webserver_tarball_process_timeout - } -} diff --git a/cassandra/manifests/opscenter/cluster_name.pp b/cassandra/manifests/opscenter/cluster_name.pp deleted file mode 100644 index 9195c1fb3..000000000 --- a/cassandra/manifests/opscenter/cluster_name.pp +++ /dev/null @@ -1,444 +0,0 @@ -# cassandra::opscenter::cluster_name -define cassandra::opscenter::cluster_name( - $cassandra_seed_hosts, - $config_path = '/etc/opscenter/clusters', - $storage_cassandra_api_port = undef, - $storage_cassandra_bind_interface = undef, - $storage_cassandra_connection_pool_size = undef, - $storage_cassandra_connect_timeout = undef, - $storage_cassandra_cql_port = undef, - $storage_cassandra_keyspace = undef, - $storage_cassandra_local_dc_pref = undef, - $storage_cassandra_password = undef, - $storage_cassandra_retry_delay = undef, - $storage_cassandra_seed_hosts = undef, - $storage_cassandra_send_rpc = undef, - $storage_cassandra_ssl_ca_certs = undef, - $storage_cassandra_ssl_client_key = undef, - $storage_cassandra_ssl_client_pem = undef, - $storage_cassandra_ssl_validate = undef, - $storage_cassandra_used_hosts_per_remote_dc = undef, - $storage_cassandra_username = undef, - ) { - if ! defined( File[$config_path] ) { - file { $config_path: - ensure => directory - } - } - - $cluster_file = "${config_path}/${title}.conf" - - if $cassandra_seed_hosts != undef { - ini_setting { "${title}:cassandra_seed_hosts": - ensure => present, - section => 'cassandra', - setting => 'seed_hosts', - value => $cassandra_seed_hosts, - path => $cluster_file, - key_val_separator => ' = ', - require => File[$config_path], - notify => Service['opscenterd'], - } - } else { - ini_setting { "${title}:cassandra_seed_hosts": - ensure => absent, - section => 'cassandra', - setting => 'seed_hosts', - path => $cluster_file, - key_val_separator => ' = ', - require => File[$config_path], - notify => Service['opscenterd'], - } - } - - if $storage_cassandra_api_port != undef { - ini_setting { "${title}:storage_cassandra_api_port": - ensure => present, - section => 'storage_cassandra', - setting => 'api_port', - value => $storage_cassandra_api_port, - path => $cluster_file, - key_val_separator => ' = ', - require => File[$config_path], - notify => Service['opscenterd'], - } - } else { - ini_setting { "${title}:storage_cassandra_api_port": - ensure => absent, - section => 'storage_cassandra', - setting => 'api_port', - path => $cluster_file, - key_val_separator => ' = ', - require => File[$config_path], - notify => Service['opscenterd'], - } - } - - if $storage_cassandra_bind_interface != undef { - ini_setting { "${title}:storage_cassandra_bind_interface": - ensure => present, - section => 'storage_cassandra', - setting => 'bind_interface', - value => $storage_cassandra_bind_interface, - path => $cluster_file, - key_val_separator => ' = ', - require => File[$config_path], - notify => Service['opscenterd'], - } - } else { - ini_setting { "${title}:storage_cassandra_bind_interface": - ensure => absent, - section => 'storage_cassandra', - setting => 'bind_interface', - path => $cluster_file, - key_val_separator => ' = ', - require => File[$config_path], - notify => Service['opscenterd'], - } - } - - if $storage_cassandra_connection_pool_size != undef { - ini_setting { "${title}:storage_cassandra_connection_pool_size": - ensure => present, - section => 'storage_cassandra', - setting => 'connection_pool_size', - value => $storage_cassandra_connection_pool_size, - path => $cluster_file, - key_val_separator => ' = ', - require => File[$config_path], - notify => Service['opscenterd'], - } - } else { - ini_setting { "${title}:storage_cassandra_connection_pool_size": - ensure => absent, - section => 'storage_cassandra', - setting => 'connection_pool_size', - path => $cluster_file, - key_val_separator => ' = ', - require => File[$config_path], - notify => Service['opscenterd'], - } - } - - if $storage_cassandra_connect_timeout != undef { - ini_setting { "${title}:storage_cassandra_connect_timeout": - ensure => present, - section => 'storage_cassandra', - setting => 'connect_timeout', - value => $storage_cassandra_connect_timeout, - path => $cluster_file, - key_val_separator => ' = ', - require => File[$config_path], - notify => Service['opscenterd'], - } - } else { - ini_setting { "${title}:storage_cassandra_connect_timeout": - ensure => absent, - section => 'storage_cassandra', - setting => 'connect_timeout', - path => $cluster_file, - key_val_separator => ' = ', - require => File[$config_path], - notify => Service['opscenterd'], - } - } - - if $storage_cassandra_cql_port != undef { - ini_setting { "${title}:storage_cassandra_cql_port": - ensure => present, - section => 'storage_cassandra', - setting => 'cql_port', - value => $storage_cassandra_cql_port, - path => $cluster_file, - key_val_separator => ' = ', - require => File[$config_path], - notify => Service['opscenterd'], - } - } else { - ini_setting { "${title}:storage_cassandra_cql_port": - ensure => absent, - section => 'storage_cassandra', - setting => 'cql_port', - path => $cluster_file, - key_val_separator => ' = ', - require => File[$config_path], - notify => Service['opscenterd'], - } - } - - if $storage_cassandra_keyspace != undef { - ini_setting { "${title}:storage_cassandra_keyspace": - ensure => present, - section => 'storage_cassandra', - setting => 'keyspace', - value => $storage_cassandra_keyspace, - path => $cluster_file, - key_val_separator => ' = ', - require => File[$config_path], - notify => Service['opscenterd'], - } - } else { - ini_setting { "${title}:storage_cassandra_keyspace": - ensure => absent, - section => 'storage_cassandra', - setting => 'keyspace', - path => $cluster_file, - key_val_separator => ' = ', - require => File[$config_path], - notify => Service['opscenterd'], - } - } - - if $storage_cassandra_local_dc_pref != undef { - ini_setting { "${title}:storage_cassandra_local_dc_pref": - ensure => present, - section => 'storage_cassandra', - setting => 'local_dc_pref', - value => $storage_cassandra_local_dc_pref, - path => $cluster_file, - key_val_separator => ' = ', - require => File[$config_path], - notify => Service['opscenterd'], - } - } else { - ini_setting { "${title}:storage_cassandra_local_dc_pref": - ensure => absent, - section => 'storage_cassandra', - setting => 'local_dc_pref', - path => $cluster_file, - key_val_separator => ' = ', - require => File[$config_path], - notify => Service['opscenterd'], - } - } - - if $storage_cassandra_password != undef { - ini_setting { "${title}:storage_cassandra_password": - ensure => present, - section => 'storage_cassandra', - setting => 'password', - value => $storage_cassandra_password, - path => $cluster_file, - key_val_separator => ' = ', - require => File[$config_path], - notify => Service['opscenterd'], - } - } else { - ini_setting { "${title}:storage_cassandra_password": - ensure => absent, - section => 'storage_cassandra', - setting => 'password', - path => $cluster_file, - key_val_separator => ' = ', - require => File[$config_path], - notify => Service['opscenterd'], - } - } - - if $storage_cassandra_retry_delay != undef { - ini_setting { "${title}:storage_cassandra_retry_delay": - ensure => present, - section => 'storage_cassandra', - setting => 'retry_delay', - value => $storage_cassandra_retry_delay, - path => $cluster_file, - key_val_separator => ' = ', - require => File[$config_path], - notify => Service['opscenterd'], - } - } else { - ini_setting { "${title}:storage_cassandra_retry_delay": - ensure => absent, - section => 'storage_cassandra', - setting => 'retry_delay', - path => $cluster_file, - key_val_separator => ' = ', - require => File[$config_path], - notify => Service['opscenterd'], - } - } - - if $storage_cassandra_seed_hosts != undef { - ini_setting { "${title}:storage_cassandra_seed_hosts": - ensure => present, - section => 'storage_cassandra', - setting => 'seed_hosts', - value => $storage_cassandra_seed_hosts, - path => $cluster_file, - key_val_separator => ' = ', - require => File[$config_path], - notify => Service['opscenterd'], - } - } else { - ini_setting { "${title}:storage_cassandra_seed_hosts": - ensure => absent, - section => 'storage_cassandra', - setting => 'seed_hosts', - path => $cluster_file, - key_val_separator => ' = ', - require => File[$config_path], - notify => Service['opscenterd'], - } - } - - if $storage_cassandra_send_rpc != undef { - ini_setting { "${title}:storage_cassandra_send_rpc": - ensure => present, - section => 'storage_cassandra', - setting => 'send_rpc', - value => $storage_cassandra_send_rpc, - path => $cluster_file, - key_val_separator => ' = ', - require => File[$config_path], - notify => Service['opscenterd'], - } - } else { - ini_setting { "${title}:storage_cassandra_send_rpc": - ensure => absent, - section => 'storage_cassandra', - setting => 'send_rpc', - path => $cluster_file, - key_val_separator => ' = ', - require => File[$config_path], - notify => Service['opscenterd'], - } - } - - if $storage_cassandra_ssl_ca_certs != undef { - ini_setting { "${title}:storage_cassandra_ssl_ca_certs": - ensure => present, - section => 'storage_cassandra', - setting => 'ssl_ca_certs', - value => $storage_cassandra_ssl_ca_certs, - path => $cluster_file, - key_val_separator => ' = ', - require => File[$config_path], - notify => Service['opscenterd'], - } - } else { - ini_setting { "${title}:storage_cassandra_ssl_ca_certs": - ensure => absent, - section => 'storage_cassandra', - setting => 'ssl_ca_certs', - path => $cluster_file, - key_val_separator => ' = ', - require => File[$config_path], - notify => Service['opscenterd'], - } - } - - if $storage_cassandra_ssl_client_key != undef { - ini_setting { "${title}:storage_cassandra_ssl_client_key": - ensure => present, - section => 'storage_cassandra', - setting => 'ssl_client_key', - value => $storage_cassandra_ssl_client_key, - path => $cluster_file, - key_val_separator => ' = ', - require => File[$config_path], - notify => Service['opscenterd'], - } - } else { - ini_setting { "${title}:storage_cassandra_ssl_client_key": - ensure => absent, - section => 'storage_cassandra', - setting => 'ssl_client_key', - path => $cluster_file, - key_val_separator => ' = ', - require => File[$config_path], - notify => Service['opscenterd'], - } - } - - if $storage_cassandra_ssl_client_pem != undef { - ini_setting { "${title}:storage_cassandra_ssl_client_pem": - ensure => present, - section => 'storage_cassandra', - setting => 'ssl_client_pem', - path => $cluster_file, - key_val_separator => ' = ', - require => File[$config_path], - notify => Service['opscenterd'], - value => $storage_cassandra_ssl_client_pem, - } - } else { - ini_setting { "${title}:storage_cassandra_ssl_client_pem": - ensure => absent, - section => 'storage_cassandra', - setting => 'ssl_client_pem', - path => $cluster_file, - key_val_separator => ' = ', - require => File[$config_path], - notify => Service['opscenterd'], - } - } - - if $storage_cassandra_ssl_validate != undef { - ini_setting { "${title}:storage_cassandra_ssl_validate": - ensure => present, - section => 'storage_cassandra', - setting => 'ssl_validate', - value => $storage_cassandra_ssl_validate, - path => $cluster_file, - key_val_separator => ' = ', - require => File[$config_path], - notify => Service['opscenterd'], - } - } else { - ini_setting { "${title}:storage_cassandra_ssl_validate": - ensure => absent, - section => 'storage_cassandra', - setting => 'ssl_validate', - path => $cluster_file, - key_val_separator => ' = ', - require => File[$config_path], - notify => Service['opscenterd'], - } - } - - if $storage_cassandra_used_hosts_per_remote_dc != undef { - ini_setting { "${title}:storage_cassandra_used_hosts_per_remote_dc": - ensure => present, - section => 'storage_cassandra', - setting => 'used_hosts_per_remote_dc', - value => $storage_cassandra_used_hosts_per_remote_dc, - path => $cluster_file, - key_val_separator => ' = ', - require => File[$config_path], - notify => Service['opscenterd'], - } - } else { - ini_setting { "${title}:storage_cassandra_used_hosts_per_remote_dc": - ensure => absent, - section => 'storage_cassandra', - setting => 'used_hosts_per_remote_dc', - path => $cluster_file, - key_val_separator => ' = ', - require => File[$config_path], - notify => Service['opscenterd'], - } - } - - if $storage_cassandra_username != undef { - ini_setting { "${title}:storage_cassandra_username": - ensure => present, - section => 'storage_cassandra', - setting => 'username', - value => $storage_cassandra_username, - path => $cluster_file, - key_val_separator => ' = ', - require => File[$config_path], - notify => Service['opscenterd'], - } - } else { - ini_setting { "${title}:storage_cassandra_username": - ensure => absent, - section => 'storage_cassandra', - setting => 'username', - path => $cluster_file, - key_val_separator => ' = ', - require => File[$config_path], - notify => Service['opscenterd'], - } - } -} diff --git a/cassandra/manifests/opscenter/pycrypto.pp b/cassandra/manifests/opscenter/pycrypto.pp deleted file mode 100644 index a76afa12e..000000000 --- a/cassandra/manifests/opscenter/pycrypto.pp +++ /dev/null @@ -1,42 +0,0 @@ -# Class ::cassandra::opscenter::pycrypto -# -# Please see the README for the module for details on usage. -class cassandra::opscenter::pycrypto ( - $ensure = 'present', - $manage_epel = false, - $package_name = 'pycrypto', - $provider = 'pip', - $reqd_pckgs = ['python-devel', 'python-pip' ], - ){ - if $::osfamily == 'RedHat' { - if $manage_epel == true { - package { 'epel-release': - ensure => 'present', - before => Package[ $reqd_pckgs ] - } - } - - package { $reqd_pckgs: - ensure => present, - before => Package[$package_name] - } - - ########################################################################## - # Nasty hack to workaround PUP-3829. Hopefully can be removed in the - # not too distant future. - file { '/usr/bin/pip-python': - ensure => 'link', - target => '/usr/bin/pip', - require => Package['python-pip'], - before => Package[$package_name] - } - # End of PUP-3829 hack. - ########################################################################## - - package { $package_name: - ensure => $ensure, - provider => $provider, - before => Package['opscenter'] - } - } -} diff --git a/cassandra/manifests/opscenter/setting.pp b/cassandra/manifests/opscenter/setting.pp deleted file mode 100644 index bf105c078..000000000 --- a/cassandra/manifests/opscenter/setting.pp +++ /dev/null @@ -1,29 +0,0 @@ -# cassandra::opscenter::setting -define cassandra::opscenter::setting ( - $path, - $section, - $setting, - $value = undef, - ) { - if $value != undef { - ini_setting { "${section} ${setting}": - path => $path, - section => $section, - setting => $setting, - key_val_separator => ' = ', - require => Package['opscenter'], - notify => Service['opscenterd'], - value => $value, - } - } else { - ini_setting { "${section} ${setting}": - ensure => absent, - path => $path, - section => $section, - setting => $setting, - key_val_separator => ' = ', - require => Package['opscenter'], - notify => Service['opscenterd'], - } - } -} diff --git a/cassandra/manifests/optutils.pp b/cassandra/manifests/optutils.pp deleted file mode 100644 index 5ecef8ed7..000000000 --- a/cassandra/manifests/optutils.pp +++ /dev/null @@ -1,22 +0,0 @@ -# Please see the README file for the module. -class cassandra::optutils ( - $ensure = 'present', - $package_name = undef - ) { - if $package_name == undef { - if $::osfamily == 'RedHat' { - $real_package_name = 'cassandra22-tools' - } elsif $::osfamily == 'Debian' { - $real_package_name = 'cassandra-tools' - } else { - fail("OS family ${::osfamily} not supported") - } - } else { - $real_package_name = $package_name - } - - package { $real_package_name: - ensure => $ensure, - require => Class['cassandra'] - } -} diff --git a/cassandra/metadata.json b/cassandra/metadata.json deleted file mode 100644 index 08becafc8..000000000 --- a/cassandra/metadata.json +++ /dev/null @@ -1,90 +0,0 @@ -{ - "name": "locp-cassandra", - "version": "1.9.0", - "author": "locp", - "summary": "Installs Cassandra, DataStax Agent & OpsCenter on RHEL/Ubuntu/Debian.", - "license": "Apache-2.0", - "source": "https://github.com/locp/cassandra", - "project_page": "http://locp.github.io/cassandra", - "issues_url": "https://github.com/locp/cassandra/issues", - "tags": [ - "cassandra", - "cluster", - "database", - "datastax", - "datastax-agent", - "nosql", - "opscenter" - ], - "requirements": [ - { - "name": "pe", - "version_requirement": ">= 3.7.0 < 2015.3.0" - }, - { - "name": "puppet", - "version_requirement": ">= 3.0.0 < 5.0.0" - } - ], - "dependencies": [ - { - "name": "puppetlabs-apt", - "version_requirement": ">= 2.0.0 < 3.0.0" - }, - { - "name": "puppetlabs-firewall", - "version_requirement": ">= 1.0.0 < 2.0.0" - }, - { - "name": "puppetlabs-inifile", - "version_requirement": ">= 1.0.0 < 2.0.0" - }, - { - "name": "puppetlabs-stdlib", - "version_requirement": ">= 3.0.0 < 5.0.0" - } - ], - "operatingsystem_support": [ - { - "operatingsystem": "CentOS", - "operatingsystemrelease": [ - "6", - "7" - ] - }, - { - "operatingsystem": "OracleLinux", - "operatingsystemrelease": [ - "6", - "7" - ] - }, - { - "operatingsystem": "RedHat", - "operatingsystemrelease": [ - "6", - "7" - ] - }, - { - "operatingsystem": "Debian", - "operatingsystemrelease": [ - "7" - ] - }, - { - "operatingsystem": "Scientific", - "operatingsystemrelease": [ - "6", - "7" - ] - }, - { - "operatingsystem": "Ubuntu", - "operatingsystemrelease": [ - "12.04", - "14.04" - ] - } - ] -} diff --git a/cassandra/params.json b/cassandra/params.json deleted file mode 100644 index 71257d185..000000000 --- a/cassandra/params.json +++ /dev/null @@ -1 +0,0 @@ -{"name":"Cassandra","tagline":"Installs Cassandra, DataStax Agent & OpsCenter on RHEL/Ubuntu/Debian.","body":"# Cassandra\r\n[![Puppet Forge](http://img.shields.io/puppetforge/v/locp/cassandra.svg)](https://forge.puppetlabs.com/locp/cassandra)\r\n[![Github Tag](https://img.shields.io/github/tag/locp/cassandra.svg)](https://github.com/locp/cassandra)\r\n[![Build Status](https://travis-ci.org/locp/cassandra.png?branch=master)](https://travis-ci.org/locp/cassandra)\r\n[![Coverage Status](https://coveralls.io/repos/locp/cassandra/badge.svg?branch=master&service=github)](https://coveralls.io/github/locp/cassandra?branch=master)\r\n[![Join the chat at https://gitter.im/locp/cassandra](https://badges.gitter.im/Join%20Chat.svg)](https://gitter.im/locp/cassandra?utm_source=badge&utm_medium=badge&utm_campaign=pr-badge&utm_content=badge)\r\n\r\n#### Table of Contents\r\n\r\n1. [Overview](#overview)\r\n2. [Setup - The basics of getting started with Cassandra](#setup)\r\n * [What Cassandra affects](#what-cassandra-affects)\r\n * [Beginning with Cassandra](#beginning-with-cassandra)\r\n * [Upgrading](#upgrading)\r\n3. [Usage - Configuration options and additional functionality](#usage)\r\n * [Create a Cluster in a Single Data Center](#create-a-cluster-in-a-single-data-center)\r\n * [Create a Cluster in Multiple Data Centers](#create-a-cluster-in-multiple-data-centers)\r\n * [OpsCenter](#opscenter)\r\n * [DataStax Enterprise](#datastax-enterprise)\r\n4. [Reference - An under-the-hood peek at what the module is doing and how](#reference)\r\n * [cassandra](#class-cassandra)\r\n * [cassandra::datastax_agent](#class-cassandradatastax_agent)\r\n * [cassandra::datastax_repo](#class-cassandradatastax_repo)\r\n * [cassandra::firewall_ports](#class-cassandrafirewall_ports)\r\n * [cassandra::java](#class-cassandrajava)\r\n * [cassandra::opscenter](#class-cassandraopscenter)\r\n * [cassandra::opscenter::cluster_name](#defined-type-cassandraopscentercluster_name)\r\n * [cassandra::opscenter::pycrypto](#class-cassandraopscenterpycrypto)\r\n * [cassandra::optutils](#class-cassandraoptutils)\r\n * [cassandra::opscenter::setting](#defined-type-cassandraopscentersetting)\r\n5. [Limitations - OS compatibility, etc.](#limitations)\r\n6. [Contributers](#contributers)\r\n\r\n## Overview\r\n\r\nA Puppet module to install and manage Cassandra, DataStax Agent & OpsCenter\r\n\r\n## Setup\r\n\r\n### What Cassandra affects\r\n\r\n#### What the Cassandra class affects\r\n\r\n* Installs the Cassandra package (default **dsc22**).\r\n* Configures settings in *${config_path}/cassandra.yaml*.\r\n* Optionally ensures that the Cassandra service is enabled and running.\r\n* On Ubuntu systems, optionally replace ```/etc/init.d/cassandra``` with a\r\n workaround for \r\n [CASSANDRA-9822](https://issues.apache.org/jira/browse/CASSANDRA-9822).\r\n\r\n#### What the cassandra::datastax_agent class affects\r\n\r\n* Optionally installs the DataStax agent.\r\n* Optionally sets JAVA_HOME in **/etc/default/datastax-agent**.\r\n\r\n#### What the cassandra::datastax_agent class affects\r\n\r\n* Optionally configures a Yum repository to install the Cassandra packages\r\n from (on Red Hat).\r\n* Optionally configures an Apt repository to install the Cassandra packages\r\n from (on Ubuntu).\r\n\r\n#### What the cassandra::firewall_ports class affects\r\n\r\n* Optionally configures the firewall for the Cassandra related network\r\n ports.\r\n\r\n#### What the cassandra::java class affects\r\n\r\n* Optionally installs a JRE/JDK package (e.g. java-1.7.0-openjdk) and the\r\n Java Native Access (JNA).\r\n\r\n#### What the cassandra::opscenter class affects\r\n\r\n* Installs the OpsCenter package.\r\n* Manages the content of the configuration file\r\n (/etc/opscenter/opscenterd.conf).\r\n* Manages the opscenterd service.\r\n\r\n#### What the cassandra::opscenter::cluster_name type affects\r\n\r\n* An optional type that allows DataStax OpsCenter to connect to a remote\r\n key space for metrics storage. These files will be created in\r\n /etc/opscenter/clusters. The module also creates this directory if\r\n required. This functionality is only valid in DataStax Enterprise.\r\n\r\n#### What the cassandra::opscenter::pycrypto class affects\r\n\r\n* On the Red Hat family it installs the pycrypto library and it's\r\n pre-requisites (the python-devel and python-pip packages).\r\n* Optionally installs the Extra Packages for Enterprise Linux (EPEL)\r\n repository.\r\n* As a workaround for\r\n [PUP-3829](https://tickets.puppetlabs.com/browse/PUP-3829) a symbolic\r\n link is created from ```/usr/bin/pip``` to\r\n ```/usr/bin/pip-python```. Hopefully this can be removed in the not\r\n too distant future.\r\n\r\n#### What the cassandra::optutils class affects\r\n\r\n* Optionally installs the Cassandra support tools (e.g. cassandra22-tools).\r\n\r\n### Beginning with Cassandra\r\n\r\nA basic example is as follows:\r\n\r\n```puppet\r\n class { 'cassandra':\r\n cluster_name => 'MyCassandraCluster',\r\n endpoint_snitch => 'GossipingPropertyFileSnitch',\r\n listen_address => \"${::ipaddress}\",\r\n seeds => '110.82.155.0,110.82.156.3'\r\n }\r\n```\r\n\r\n### Upgrading\r\n\r\n#### Changes in 1.8.0\r\n\r\nA somewhat embarrassing correction to the spelling of the\r\ncassandra::fail_on_non_suppoted_os to cassandra::fail_on_non_supported_os.\r\n\r\n#### Issues when Upgrading to 1.4.0\r\n\r\nUnfortunately both releases 1.3.7 and 1.4.0 have subsequently been found to\r\ncall a refresh service even when no changes had been made to the underlying\r\nconfiguration. In release 1.8.0 (somewhat belatedly) the service_refresh\r\nflag has been introduced to mitigate against similar problems.\r\n\r\n#### Issues When Upgrading to 1.3.7\r\n\r\n* Please see the notes for 1.4.0.\r\n\r\n#### Changes in 1.0.0\r\n\r\n* cassandra::cassandra_package_ensure has been renamed to\r\n cassandra::package_ensure.\r\n* cassandra::cassandra_package_name has been renamed to\r\n cassandra::package_name.\r\n\r\n#### Changes in 0.4.0\r\n\r\nThere is now a cassandra::datastax_agent class, therefore:\r\n\r\n* cassandra::datastax_agent_package_ensure has now been replaced with\r\n cassandra::datastax_agent::package_ensure.\r\n* cassandra::datastax_agent_service_enable has now been replaced with\r\n cassandra::datastax_agent::service_enable.\r\n* cassandra::datastax_agent_service_ensure has now been replaced with\r\n cassandra::datastax_agent::service_ensure.\r\n* cassandra::datastax_agent_package_name has now been replaced with\r\n cassandra::datastax_agent::package_name.\r\n* cassandra::datastax_agent_service_name has now been replaced with\r\n cassandra::datastax_agent::service_name.\r\n\r\nLikewise now there is a new class for handling the installation of Java:\r\n\r\n* cassandra::java_package_ensure has now been replaced with\r\n cassandra::java::ensure.\r\n* cassandra::java_package_name has now been replaced with\r\n cassandra::java::package_name.\r\n\r\nAlso there is now a class for installing the optional utilities:\r\n\r\n* cassandra::cassandra_opt_package_ensure has now been replaced with\r\n cassandra::optutils:ensure.\r\n* cassandra::cassandra_opt_package_name has now been replaced with\r\n cassandra::optutils:package_name.\r\n\r\n#### Changes in 0.3.0\r\n\r\n* cassandra_opt_package_ensure changed from 'present' to undef.\r\n\r\n* The manage_service option has been replaced with service_enable and\r\n service_ensure.\r\n\r\n## Usage\r\n\r\n### Create a Cluster in a Single Data Center\r\n\r\nIn the DataStax documentation _Initializing a multiple node cluster (single\r\ndata center)_\r\n\r\nthere is a basic example of a six node cluster with two seeds to be created in\r\na single data center spanning two racks. The nodes in the cluster are:\r\n\r\n**Node Name** | **IP Address** |\r\n---------------|----------------|\r\nnode0 (seed 1) | 110.82.155.0 |\r\nnode1 | 110.82.155.1 |\r\nnode2 | 110.82.155.2 |\r\nnode3 (seed 2) | 110.82.156.3 |\r\nnode4 | 110.82.156.4 |\r\nnode5 | 110.82.156.5 |\r\n\r\nEach node is configured to use the GossipingPropertyFileSnitch and 256 virtual\r\nnodes (vnodes). The name of the cluster is _MyCassandraCluster_. Also,\r\nwhile building the initial cluster, we are setting the auto_bootstrap\r\nto false.\r\n\r\nIn this initial example, we are going to expand the example by:\r\n\r\n* Ensuring that the software is installed via the DataStax Community\r\n repository by including `cassandra::datastax_repo`. This needs to be\r\n executed before the Cassandra package is installed.\r\n* That a suitable Java Runtime environment (JRE) is installed with Java Native\r\n Access (JNA) by including `cassandra::java`. This need to be executed\r\n before the Cassandra service is started.\r\n\r\n```puppet\r\nnode /^node\\d+$/ {\r\n class { 'cassandra::datastax_repo':\r\n before => Class['cassandra']\r\n }\r\n\r\n class { 'cassandra::java':\r\n before => Class['cassandra']\r\n }\r\n\r\n class { 'cassandra':\r\n cluster_name => 'MyCassandraCluster',\r\n endpoint_snitch => 'GossipingPropertyFileSnitch',\r\n listen_address => \"${::ipaddress}\",\r\n num_tokens => 256,\r\n seeds => '110.82.155.0,110.82.156.3',\r\n auto_bootstrap => false\r\n }\r\n}\r\n```\r\n\r\nThe default value for the num_tokens is already 256, but it is\r\nincluded in the example for clarity. Do not forget to either\r\nset auto_bootstrap to true or not set the parameter at all\r\nafter initializing the cluster.\r\n\r\n### Create a Cluster in Multiple Data Centers\r\n\r\nTo continue with the examples provided by DataStax, we look at the example\r\nfor a cluster across multiple data centers\r\n.\r\n\r\n**Node Name** | **IP Address** | **Data Center** | **Rack** |\r\n---------------|----------------|-----------------|----------|\r\nnode0 (seed 1) | 10.168.66.41 | DC1 | RAC1 |\r\nnode1 | 10.176.43.66 | DC1 | RAC1 |\r\nnode2 | 10.168.247.41 | DC1 | RAC1 |\r\nnode3 (seed 2) | 10.176.170.59 | DC2 | RAC1 |\r\nnode4 | 10.169.61.170 | DC2 | RAC1 |\r\nnode5 | 10.169.30.138 | DC2 | RAC1 |\r\n\r\nFor the sake of simplicity, we will confine this example to the nodes:\r\n\r\n```puppet\r\nnode /^node[012]$/ {\r\n class { 'cassandra':\r\n cluster_name => 'MyCassandraCluster',\r\n endpoint_snitch => 'GossipingPropertyFileSnitch',\r\n listen_address => \"${::ipaddress}\",\r\n num_tokens => 256,\r\n seeds => '10.168.66.41,10.176.170.59',\r\n dc => 'DC1',\r\n auto_bootstrap => false\r\n }\r\n}\r\n\r\nnode /^node[345]$/ {\r\n class { 'cassandra':\r\n cluster_name => 'MyCassandraCluster',\r\n endpoint_snitch => 'GossipingPropertyFileSnitch',\r\n listen_address => \"${::ipaddress}\",\r\n num_tokens => 256,\r\n seeds => '10.168.66.41,10.176.170.59',\r\n dc => 'DC2',\r\n auto_bootstrap => false\r\n }\r\n}\r\n```\r\n\r\nWe don't need to specify the rack name (with the rack parameter) as RAC1 is\r\nthe default value. Again, do not forget to either set auto_bootstrap to\r\ntrue or not set the parameter at all after initializing the cluster.\r\n\r\n### OpsCenter\r\n\r\nTo continue with the original example within a single data center, say we\r\nhave an instance of OpsCenter running on a node called opscenter which has\r\nan IP address of 110.82.157.6. We add the `cassandra::datastax_agent` to\r\nthe cassandra node to connect to OpsCenter:\r\n\r\n```puppet\r\nnode /^node\\d+$/ {\r\n class { 'cassandra::datastax_repo':\r\n before => Class['cassandra']\r\n } ->\r\n class { 'cassandra::java':\r\n before => Class['cassandra']\r\n } ->\r\n class { 'cassandra':\r\n cluster_name => 'MyCassandraCluster',\r\n endpoint_snitch => 'GossipingPropertyFileSnitch',\r\n listen_address => \"${::ipaddress}\",\r\n num_tokens => 256,\r\n seeds => '110.82.155.0,110.82.156.3',\r\n before => Class['cassandra::datastax_agent']\r\n } ->\r\n class { 'cassandra::datastax_agent':\r\n stomp_interface => '110.82.157.6'\r\n }\r\n}\r\n\r\nnode /opscenter/ {\r\n include '::cassandra::datastax_repo' ->\r\n include '::cassandra' ->\r\n include '::cassandra::opscenter'\r\n}\r\n```\r\n\r\nWe have also added the `cassandra::opscenter` class for the opscenter node.\r\n\r\n### DataStax Enterprise\r\n\r\nAfter configuring the relevant repository, the following snippet works on\r\nCentOS 7 to install DSE Cassandra 4.7.0:\r\n\r\n```puppet\r\nclass { 'cassandra::datastax_repo':\r\n descr => 'DataStax Repo for DataStax Enterprise',\r\n pkg_url => 'https://username:password@rpm.datastax.com/enterprise',\r\n before => Class['cassandra'],\r\n}\r\n\r\nclass { 'cassandra':\r\n cluster_name => 'MyCassandraCluster',\r\n config_path => '/etc/dse/cassandra',\r\n package_ensure => '4.7.0-1',\r\n package_name => 'dse-full',\r\n service_name => 'dse',\r\n}\r\n```\r\n\r\nAlso with DSE, one can specify a remote keyspace for storing the metrics for\r\na cluster. An example is:\r\n\r\n```puppet\r\ncassandra::opscenter::cluster_name { 'Cluster1':\r\n cassandra_seed_hosts => 'host1,host2',\r\n storage_cassandra_username => 'opsusr',\r\n storage_cassandra_password => 'opscenter',\r\n storage_cassandra_api_port => 9160,\r\n storage_cassandra_cql_port => 9042,\r\n storage_cassandra_keyspace => 'OpsCenter_Cluster1'\r\n}\r\n```\r\n\r\n## Reference\r\n\r\n### Public Classes\r\n\r\n* [cassandra](#class-cassandra)\r\n* [cassandra::datastax_agent](#class-cassandradatastax_agent)\r\n* [cassandra::datastax_repo](#class-cassandradatastax_repo)\r\n* [cassandra::firewall_ports](#class-cassandrafirewall_ports)\r\n* [cassandra::java](#class-cassandrajava)\r\n* [cassandra::opscenter](#class-cassandraopscenter)\r\n* [cassandra::opscenter::pycrypto](#class-cassandraopscenterpycrypto)\r\n* [cassandra::optutils](#class-cassandraoptutils)\r\n\r\n### Public Defined Types\r\n* [cassandra::opscenter::cluster_name](#defined-type-cassandraopscentercluster_name)\r\n\r\n### Private Defined Types\r\n\r\n* cassandra::opscenter::setting\r\n* cassandra::firewall_ports::rule\r\n\r\n### Class: cassandra\r\n\r\nA class for installing the Cassandra package and manipulate settings in the\r\nconfiguration file.\r\n\r\n#### Parameters\r\n\r\n##### `authenticator`\r\nThis is passed to the\r\n[cassandra.yaml](http://docs.datastax.com/en/cassandra/2.1/cassandra/configuration/configCassandra_yaml_r.html) file.\r\nDefault value: 'AllowAllAuthenticator.\r\n\r\n##### `authorizer`\r\nThis is passed to the\r\n[cassandra.yaml](http://docs.datastax.com/en/cassandra/2.1/cassandra/configuration/configCassandra_yaml_r.html) file.\r\nDefault value: 'AllowAllAuthorizer'\r\n\r\n##### `auto_bootstrap`\r\nThis is passed to the\r\n[cassandra.yaml](http://docs.datastax.com/en/cassandra/2.1/cassandra/configuration/configCassandra_yaml_r.html) file.\r\nIf left at the default value of *undef* then the entry in the configuration\r\nfile is absent or commented out. If a value is set, then the parameter\r\nand variable are placed into the configuration file.\r\nDefault value: *undef*\r\n\r\n##### `auto_snapshot`\r\nThis is passed to the\r\n[cassandra.yaml](http://docs.datastax.com/en/cassandra/2.1/cassandra/configuration/configCassandra_yaml_r.html) file.\r\nDefault value 'true'\r\n\r\n##### `batchlog_replay_throttle_in_kb`\r\nThis is passed to the\r\n[cassandra.yaml](http://docs.datastax.com/en/cassandra/2.1/cassandra/configuration/configCassandra_yaml_r.html) file.\r\nDefault value: '1024'\r\n\r\n##### `batch_size_warn_threshold_in_kb`\r\nThis is passed to the\r\n[cassandra.yaml](http://docs.datastax.com/en/cassandra/2.1/cassandra/configuration/configCassandra_yaml_r.html) file.\r\nDefault value 5\r\n\r\n##### `broadcast_address`\r\nThis is passed to the\r\n[cassandra.yaml](http://docs.datastax.com/en/cassandra/2.1/cassandra/configuration/configCassandra_yaml_r.html) file.\r\nIf left at the default value of *undef* then the entry in the configuration\r\nfile is absent or commented out. If a value is set, then the parameter\r\nand variable are placed into the configuration file.\r\nDefault value: *undef*\r\n\r\n##### `broadcast_rpc_address`\r\nThis is passed to the\r\n[cassandra.yaml](http://docs.datastax.com/en/cassandra/2.1/cassandra/configuration/configCassandra_yaml_r.html) file.\r\nIf left at the default value of *undef* then the entry in the configuration\r\nfile is absent or commented out. If a value is set, then the parameter\r\nand variable are placed into the configuration file.\r\nDefault value: *undef*\r\n\r\n##### `cas_contention_timeout_in_ms`\r\nThis is passed to the\r\n[cassandra.yaml](http://docs.datastax.com/en/cassandra/2.1/cassandra/configuration/configCassandra_yaml_r.html) file.\r\nDefault value: '1000'\r\n\r\n##### `cassandra_9822`\r\nIf set to true, this will apply a patch to the init file for the Cassandra\r\nservice as a workaround for\r\n[CASSANDRA-9822](https://issues.apache.org/jira/browse/CASSANDRA-9822). This\r\noption is silently ignored on the Red Hat family of operating systems as\r\nthis bug only affects Ubuntu systems.\r\nDefault value 'false'\r\n\r\n##### `cassandra_yaml_tmpl`\r\nThe path to the Puppet template for the Cassandra configuration file. This\r\nallows the user to supply their own customized template. A Cassandra 1.X\r\ncompatible template called cassandra1.yaml.erb has been provided by @Spredzy.\r\nDefault value 'cassandra/cassandra.yaml.erb'\r\n\r\n##### `client_encryption_algorithm`\r\nIf left at the default value of *undef* then the entry in the configuration\r\nfile is absent or commented out. If a value is set, then the parameter\r\nand variable are placed into the configuration file.\r\nThe field being set is `client_encryption_options -> algorithm`.\r\nDefault value: *undef*\r\n\r\n##### `client_encryption_cipher_suites`\r\nIf left at the default value of *undef* then the entry in the configuration\r\nfile is absent or commented out. If a value is set, then the parameter\r\nand variable are placed into the configuration file.\r\nThe field being set is `client_encryption_options -> cipher_suites`.\r\nDefault value: *undef*\r\n\r\n##### `client_encryption_enabled`\r\nThis is passed to the\r\n[cassandra.yaml](http://docs.datastax.com/en/cassandra/2.1/cassandra/configuration/configCassandra_yaml_r.html) file.\r\nThe field being set is `client_encryption_options -> enabled`.\r\nDefault value 'false'\r\n\r\n##### `client_encryption_keystore`\r\nThis is passed to the\r\n[cassandra.yaml](http://docs.datastax.com/en/cassandra/2.1/cassandra/configuration/configCassandra_yaml_r.html) file.\r\nThe field being set is `client_encryption_options -> keystore`.\r\nDefault value 'conf/.keystore'\r\n\r\n##### `client_encryption_keystore_password`\r\nThis is passed to the\r\n[cassandra.yaml](http://docs.datastax.com/en/cassandra/2.1/cassandra/configuration/configCassandra_yaml_r.html) file.\r\nThe field being set is `client_encryption_options -> keystore_password`.\r\nDefault value 'cassandra'\r\n\r\n##### `client_encryption_protocol`\r\nIf left at the default value of *undef* then the entry in the configuration\r\nfile is absent or commented out. If a value is set, then the parameter\r\nand variable are placed into the configuration file.\r\nThe field being set is `client_encryption_options -> protocol`.\r\nDefault value: *undef*\r\n\r\n##### `client_encryption_require_client_auth`\r\nIf left at the default value of *undef* then the entry in the configuration\r\nfile is absent or commented out. If a value is set, then the parameter\r\nand variable are placed into the configuration file.\r\nThe field being set is `client_encryption_options -> require_client_auth`.\r\nDefault value: *undef*\r\n\r\n##### `client_encryption_store_type`\r\nIf left at the default value of *undef* then the entry in the configuration\r\nfile is absent or commented out. If a value is set, then the parameter\r\nand variable are placed into the configuration file.\r\nThe field being set is `client_encryption_options -> store_type`.\r\nDefault value: *undef*\r\n\r\n##### `client_encryption_truststore`\r\nIf left at the default value of *undef* then the entry in the configuration\r\nfile is absent or commented out. If a value is set, then the parameter\r\nand variable are placed into the configuration file.\r\nThe field being set is `client_encryption_options -> truststore`.\r\nDefault value: *undef*\r\n\r\n##### `client_encryption_truststore_password`\r\nIf left at the default value of *undef* then the entry in the configuration\r\nfile is absent or commented out. If a value is set, then the parameter\r\nand variable are placed into the configuration file.\r\nThe field being set is `client_encryption_options -> truststore_password`.\r\nDefault value: *undef*\r\n\r\n##### `cluster_name`\r\nThis is passed to the\r\n[cassandra.yaml](http://docs.datastax.com/en/cassandra/2.1/cassandra/configuration/configCassandra_yaml_r.html) file.\r\nDefault value 'Test Cluster'\r\n\r\n##### `column_index_size_in_kb`\r\nThis is passed to the\r\n[cassandra.yaml](http://docs.datastax.com/en/cassandra/2.1/cassandra/configuration/configCassandra_yaml_r.html) file.\r\nDefault value: '64'\r\n\r\n##### `commit_failure_policy`\r\nThis is passed to the\r\n[cassandra.yaml](http://docs.datastax.com/en/cassandra/2.1/cassandra/configuration/configCassandra_yaml_r.html) file.\r\nDefault value: 'stop'\r\n\r\n##### `commitlog_directory`\r\nThis is passed to the\r\n[cassandra.yaml](http://docs.datastax.com/en/cassandra/2.1/cassandra/configuration/configCassandra_yaml_r.html) file.\r\nDefault value '/var/lib/cassandra/commitlog'\r\n\r\n##### `commitlog_directory_mode`\r\nThe mode for the directory specified in `commitlog_directory`.\r\nDefault value '0750'\r\n\r\n##### `commitlog_segment_size_in_mb`\r\nThis is passed to the\r\n[cassandra.yaml](http://docs.datastax.com/en/cassandra/2.1/cassandra/configuration/configCassandra_yaml_r.html) file.\r\nDefault value: 32\r\n\r\n##### `commitlog_sync`\r\nThis is passed to the\r\n[cassandra.yaml](http://docs.datastax.com/en/cassandra/2.1/cassandra/configuration/configCassandra_yaml_r.html) file.\r\n\r\nSee also `commitlog_sync_batch_window_in_ms` and `commitlog_sync_period_in_ms`.\r\nDefault value: 'periodic'\r\n\r\n##### `commitlog_sync_batch_window_in_ms`\r\nThis is passed to the\r\n[cassandra.yaml](http://docs.datastax.com/en/cassandra/2.1/cassandra/configuration/configCassandra_yaml_r.html) file.\r\nIf left at the default value of *undef* then the entry in the configuration\r\nfile is absent or commented out. If a value is set, then the parameter\r\nand variable are placed into the configuration file.\r\n\r\nIf `commitlog_sync` is set to 'batch' then this value should be set.\r\nOtherwise it should be set to *undef*.\r\nDefault value: *undef*\r\n\r\n##### `commitlog_sync_period_in_ms`\r\nThis is passed to the\r\n[cassandra.yaml](http://docs.datastax.com/en/cassandra/2.1/cassandra/configuration/configCassandra_yaml_r.html) file.\r\nIf set to a value of *undef* then the entry in the configuration\r\nfile is absent or commented out. If a value is set, then the parameter\r\nand variable are placed into the configuration file.\r\n\r\nIf `commitlog_sync` is set to 'periodic' then this value should be set.\r\nOtherwise it should be set to *undef*.\r\nDefault value: 10000\r\n\r\n##### `commitlog_total_space_in_mb`\r\nThis is passed to the\r\n[cassandra.yaml](http://docs.datastax.com/en/cassandra/2.1/cassandra/configuration/configCassandra_yaml_r.html) file.\r\nIf left at the default value of *undef* then the entry in the configuration\r\nfile is absent or commented out. If a value is set, then the parameter\r\nand variable are placed into the configuration file.\r\nDefault value: *undef*\r\n\r\n##### `compaction_throughput_mb_per_sec`\r\nThis is passed to the\r\n[cassandra.yaml](http://docs.datastax.com/en/cassandra/2.1/cassandra/configuration/configCassandra_yaml_r.html) file.\r\nDefault value: '16'\r\n\r\n##### `concurrent_counter_writes`\r\nThis is passed to the\r\n[cassandra.yaml](http://docs.datastax.com/en/cassandra/2.1/cassandra/configuration/configCassandra_yaml_r.html) file.\r\nDefault value '32'\r\n\r\n##### `concurrent_reads`\r\nThis is passed to the\r\n[cassandra.yaml](http://docs.datastax.com/en/cassandra/2.1/cassandra/configuration/configCassandra_yaml_r.html) file.\r\nDefault value '32'\r\n\r\n##### `concurrent_writes`\r\nThis is passed to the\r\n[cassandra.yaml](http://docs.datastax.com/en/cassandra/2.1/cassandra/configuration/configCassandra_yaml_r.html) file.\r\nDefault value '32'\r\n\r\n##### `config_file_mode`\r\nThe permissions mode of the cassandra configuration file.\r\nDefault value '0666'\r\n\r\n##### `config_path`\r\nThe path to the cassandra configuration file. If this is undef, it will be\r\nchanged to **/etc/cassandra/default.conf** on the Red Hat family of operating\r\nsystems or **/etc/cassandra** on Ubuntu. Otherwise the user can specify the\r\npath name.\r\nDefault value *undef*\r\n\r\n##### `concurrent_compactors`\r\nThis is passed to the\r\n[cassandra.yaml](http://docs.datastax.com/en/cassandra/2.1/cassandra/configuration/configCassandra_yaml_r.html) file.\r\nIf left at the default value of *undef* then the entry in the configuration\r\nfile is absent or commented out. If a value is set, then the parameter\r\nand variable are placed into the configuration file.\r\nDefault value: *undef*\r\n\r\n##### `counter_cache_save_period`\r\nThis is passed to the\r\n[cassandra.yaml](http://docs.datastax.com/en/cassandra/2.1/cassandra/configuration/configCassandra_yaml_r.html) file.\r\nDefault value: '7200'\r\n\r\n##### `counter_cache_keys_to_save`\r\nThis is passed to the\r\n[cassandra.yaml](http://docs.datastax.com/en/cassandra/2.1/cassandra/configuration/configCassandra_yaml_r.html) file.\r\nIf left at the default value of *undef* then the entry in the configuration\r\nfile is absent or commented out. If a value is set, then the parameter\r\nand variable are placed into the configuration file.\r\nDefault value: *undef*\r\n\r\n##### `counter_cache_size_in_mb`\r\nThis is passed to the\r\n[cassandra.yaml](http://docs.datastax.com/en/cassandra/2.1/cassandra/configuration/configCassandra_yaml_r.html) file.\r\nDefault value: ''\r\n\r\n##### `counter_write_request_timeout_in_ms`\r\nThis is passed to the\r\n[cassandra.yaml](http://docs.datastax.com/en/cassandra/2.1/cassandra/configuration/configCassandra_yaml_r.html) file.\r\nDefault value: '5000'\r\n\r\n##### `cross_node_timeout`\r\nThis is passed to the\r\n[cassandra.yaml](http://docs.datastax.com/en/cassandra/2.1/cassandra/configuration/configCassandra_yaml_r.html) file.\r\nDefault value: 'false'\r\n\r\n##### `data_file_directories`\r\nThis is passed to the\r\n[cassandra.yaml](http://docs.datastax.com/en/cassandra/2.1/cassandra/configuration/configCassandra_yaml_r.html) file.\r\nDefault value '['/var/lib/cassandra/data']'\r\n\r\n##### `data_file_directories_mode`\r\nThe mode for the directories specified in `data_file_directories`.\r\nDefault value '0750'\r\n\r\n##### `dc`\r\nSets the value for dc in *config_path*/*snitch_properties_file* see\r\nhttp://docs.datastax.com/en/cassandra/2.1/cassandra/architecture/architectureSnitchesAbout_c.html\r\nfor more details.\r\nDefault value 'DC1'\r\n\r\n##### `dc_suffix`\r\nSets the value for dc_suffix in *config_path*/*snitch_properties_file* see\r\nhttp://docs.datastax.com/en/cassandra/2.1/cassandra/architecture/architectureSnitchesAbout_c.html\r\nfor more details. If the value is *undef* then change will be made to the\r\nsnitch properties file for this setting.\r\nDefault value *undef*\r\n\r\n##### `disk_failure_policy`\r\nThis is passed to the\r\n[cassandra.yaml](http://docs.datastax.com/en/cassandra/2.1/cassandra/configuration/configCassandra_yaml_r.html) file.\r\nDefault value 'stop'\r\n\r\n##### `dynamic_snitch_badness_threshold`\r\nThis is passed to the\r\n[cassandra.yaml](http://docs.datastax.com/en/cassandra/2.1/cassandra/configuration/configCassandra_yaml_r.html) file.\r\nDefault value: '0.1'\r\n\r\n##### `dynamic_snitch_reset_interval_in_ms`\r\nThis is passed to the\r\n[cassandra.yaml](http://docs.datastax.com/en/cassandra/2.1/cassandra/configuration/configCassandra_yaml_r.html) file.\r\nDefault value: '600000'\r\n\r\n##### `dynamic_snitch_update_interval_in_ms`\r\nThis is passed to the\r\n[cassandra.yaml](http://docs.datastax.com/en/cassandra/2.1/cassandra/configuration/configCassandra_yaml_r.html) file.\r\nDefault value: '100'\r\n\r\n##### `endpoint_snitch`\r\nThis is passed to the\r\n[cassandra.yaml](http://docs.datastax.com/en/cassandra/2.1/cassandra/configuration/configCassandra_yaml_r.html) file.\r\nDefault value 'SimpleSnitch'\r\n\r\n##### `fail_on_non_supported_os`\r\nA flag that dictates if the module should fail if it is not RedHat or Debian.\r\nIf you set this option to false then you must also at least set the\r\n`config_path` parameter as well.\r\nDefault value 'true'\r\n\r\n##### `file_cache_size_in_mb`\r\nThis is passed to the\r\n[cassandra.yaml](http://docs.datastax.com/en/cassandra/2.1/cassandra/configuration/configCassandra_yaml_r.html) file.\r\nIf left at the default value of *undef* then the entry in the configuration\r\nfile is absent or commented out. If a value is set, then the parameter\r\nand variable are placed into the configuration file.\r\nDefault value: *undef*\r\n\r\n##### `hinted_handoff_enabled`\r\nThis is passed to the\r\n[cassandra.yaml](http://docs.datastax.com/en/cassandra/2.1/cassandra/configuration/configCassandra_yaml_r.html) file.\r\nDefault value 'true'\r\n\r\n##### `hinted_handoff_throttle_in_kb`\r\nThis is passed to the\r\n[cassandra.yaml](http://docs.datastax.com/en/cassandra/2.1/cassandra/configuration/configCassandra_yaml_r.html) file.\r\nDefault value: '1024'\r\n\r\n##### `index_summary_capacity_in_mb`\r\nThis is passed to the\r\n[cassandra.yaml](http://docs.datastax.com/en/cassandra/2.1/cassandra/configuration/configCassandra_yaml_r.html) file.\r\nDefault value: ''\r\n\r\n##### `index_summary_resize_interval_in_minutes`\r\nThis is passed to the\r\n[cassandra.yaml](http://docs.datastax.com/en/cassandra/2.1/cassandra/configuration/configCassandra_yaml_r.html) file.\r\nDefault value: '60'\r\n\r\n##### `incremental_backups`\r\nThis is passed to the\r\n[cassandra.yaml](http://docs.datastax.com/en/cassandra/2.1/cassandra/configuration/configCassandra_yaml_r.html) file.\r\nDefault value 'false'\r\n\r\n##### `initial_token`\r\nThis is passed to the\r\n[cassandra.yaml](http://docs.datastax.com/en/cassandra/2.1/cassandra/configuration/configCassandra_yaml_r.html) file.\r\nIf left at the default value of *undef* then the entry in the configuration\r\nfile is absent or commented out. If a value is set, then the parameter\r\nand variable are placed into the configuration file.\r\nDefault value: *undef*\r\n\r\n##### `inter_dc_tcp_nodelay`\r\nThis is passed to the\r\n[cassandra.yaml](http://docs.datastax.com/en/cassandra/2.1/cassandra/configuration/configCassandra_yaml_r.html) file.\r\nDefault value: 'false'\r\n\r\n##### `internode_authenticator`\r\nThis is passed to the\r\n[cassandra.yaml](http://docs.datastax.com/en/cassandra/2.1/cassandra/configuration/configCassandra_yaml_r.html) file.\r\nIf left at the default value of *undef* then the entry in the configuration\r\nfile is absent or commented out. If a value is set, then the parameter\r\nand variable are placed into the configuration file.\r\nDefault value: *undef*\r\n\r\n##### `internode_compression`\r\nThis is passed to the\r\n[cassandra.yaml](http://docs.datastax.com/en/cassandra/2.1/cassandra/configuration/configCassandra_yaml_r.html) file.\r\nDefault value 'all'\r\n\r\n##### `internode_recv_buff_size_in_bytes`\r\nThis is passed to the\r\n[cassandra.yaml](http://docs.datastax.com/en/cassandra/2.1/cassandra/configuration/configCassandra_yaml_r.html) file.\r\nIf left at the default value of *undef* then the entry in the configuration\r\nfile is absent or commented out. If a value is set, then the parameter\r\nand variable are placed into the configuration file.\r\nDefault value: *undef*\r\n\r\n##### `internode_send_buff_size_in_bytes`\r\nThis is passed to the\r\n[cassandra.yaml](http://docs.datastax.com/en/cassandra/2.1/cassandra/configuration/configCassandra_yaml_r.html) file.\r\nIf left at the default value of *undef* then the entry in the configuration\r\nfile is absent or commented out. If a value is set, then the parameter\r\nand variable are placed into the configuration file.\r\nDefault value: *undef*\r\n\r\n##### `key_cache_save_period`\r\nThis is passed to the\r\n[cassandra.yaml](http://docs.datastax.com/en/cassandra/2.1/cassandra/configuration/configCassandra_yaml_r.html) file.\r\nDefault value: 14400\r\n\r\n##### `key_cache_size_in_mb`\r\nThis is passed to the\r\n[cassandra.yaml](http://docs.datastax.com/en/cassandra/2.1/cassandra/configuration/configCassandra_yaml_r.html) file.\r\nDefault value: ''\r\n\r\n##### `key_cache_keys_to_save`\r\nThis is passed to the\r\n[cassandra.yaml](http://docs.datastax.com/en/cassandra/2.1/cassandra/configuration/configCassandra_yaml_r.html) file.\r\nIf left at the default value of *undef* then the entry in the configuration\r\nfile is absent or commented out. If a value is set, then the parameter\r\nand variable are placed into the configuration file.\r\nDefault value: *undef*\r\n\r\n##### `listen_address`\r\nThis is passed to the\r\n[cassandra.yaml](http://docs.datastax.com/en/cassandra/2.1/cassandra/configuration/configCassandra_yaml_r.html) file.\r\nDefault value 'localhost'\r\n\r\n##### `manage_dsc_repo`\r\nDEPRECATION WARNING: This option is deprecated. Please include the\r\nthe ::cassandra::datastax_repo instead.\r\n\r\nIf set to true then a repository will be setup so that packages can be\r\ndownloaded from DataStax community.\r\nDefault value 'false'\r\n\r\n##### `max_hints_delivery_threads`\r\nThis is passed to the\r\n[cassandra.yaml](http://docs.datastax.com/en/cassandra/2.1/cassandra/configuration/configCassandra_yaml_r.html) file.\r\nDefault value: '2'\r\n\r\n##### `max_hint_window_in_ms`\r\nThis is passed to the\r\n[cassandra.yaml](http://docs.datastax.com/en/cassandra/2.1/cassandra/configuration/configCassandra_yaml_r.html) file.\r\nDefault value: '10800000'\r\n\r\n##### `memory_allocator`\r\nThis is passed to the\r\n[cassandra.yaml](http://docs.datastax.com/en/cassandra/2.1/cassandra/configuration/configCassandra_yaml_r.html) file.\r\nIf left at the default value of *undef* then the entry in the configuration\r\nfile is absent or commented out. If a value is set, then the parameter\r\nand variable are placed into the configuration file.\r\nDefault value: *undef*\r\n\r\n##### `memtable_cleanup_threshold`\r\nThis is passed to the\r\n[cassandra.yaml](http://docs.datastax.com/en/cassandra/2.1/cassandra/configuration/configCassandra_yaml_r.html) file.\r\nIf left at the default value of *undef* then the entry in the configuration\r\nfile is absent or commented out. If a value is set, then the parameter\r\nand variable are placed into the configuration file.\r\nDefault value: *undef*\r\n\r\n##### `memtable_flush_writers`\r\nThis is passed to the\r\n[cassandra.yaml](http://docs.datastax.com/en/cassandra/2.1/cassandra/configuration/configCassandra_yaml_r.html) file.\r\nIf left at the default value of *undef* then the entry in the configuration\r\nfile is absent or commented out. If a value is set, then the parameter\r\nand variable are placed into the configuration file.\r\nDefault value: *undef*\r\n\r\n##### `memtable_heap_space_in_mb`\r\nThis is passed to the\r\n[cassandra.yaml](http://docs.datastax.com/en/cassandra/2.1/cassandra/configuration/configCassandra_yaml_r.html) file.\r\nIf left at the default value of *undef* then the entry in the configuration\r\nfile is absent or commented out. If a value is set, then the parameter\r\nand variable are placed into the configuration file.\r\nDefault value: *undef*\r\n\r\n##### `memtable_offheap_space_in_mb`\r\nThis is passed to the\r\n[cassandra.yaml](http://docs.datastax.com/en/cassandra/2.1/cassandra/configuration/configCassandra_yaml_r.html) file.\r\nIf left at the default value of *undef* then the entry in the configuration\r\nfile is absent or commented out. If a value is set, then the parameter\r\nand variable are placed into the configuration file.\r\nDefault value: *undef*\r\n\r\n##### `native_transport_max_concurrent_connections`\r\nThis is passed to the\r\n[cassandra.yaml](http://docs.datastax.com/en/cassandra/2.1/cassandra/configuration/configCassandra_yaml_r.html) file.\r\nIf left at the default value of *undef* then the entry in the configuration\r\nfile is absent or commented out. If a value is set, then the parameter\r\nand variable are placed into the configuration file.\r\nDefault value: *undef*\r\n\r\n##### `native_transport_max_concurrent_connections_per_ip`\r\nThis is passed to the\r\n[cassandra.yaml](http://docs.datastax.com/en/cassandra/2.1/cassandra/configuration/configCassandra_yaml_r.html) file.\r\nIf left at the default value of *undef* then the entry in the configuration\r\nfile is absent or commented out. If a value is set, then the parameter\r\nand variable are placed into the configuration file.\r\nDefault value: *undef*\r\n\r\n##### `native_transport_max_frame_size_in_mb`\r\nThis is passed to the\r\n[cassandra.yaml](http://docs.datastax.com/en/cassandra/2.1/cassandra/configuration/configCassandra_yaml_r.html) file.\r\nIf left at the default value of *undef* then the entry in the configuration\r\nfile is absent or commented out. If a value is set, then the parameter\r\nand variable are placed into the configuration file.\r\nDefault value: *undef*\r\n\r\n##### `native_transport_max_threads`\r\nThis is passed to the\r\n[cassandra.yaml](http://docs.datastax.com/en/cassandra/2.1/cassandra/configuration/configCassandra_yaml_r.html) file.\r\nIf left at the default value of *undef* then the entry in the configuration\r\nfile is absent or commented out. If a value is set, then the parameter\r\nand variable are placed into the configuration file.\r\nDefault value: *undef*\r\n\r\n##### `native_transport_port`\r\nThis is passed to the\r\n[cassandra.yaml](http://docs.datastax.com/en/cassandra/2.1/cassandra/configuration/configCassandra_yaml_r.html) file.\r\nDefault value '9042'\r\n\r\n##### `num_tokens`\r\nThis is passed to the\r\n[cassandra.yaml](http://docs.datastax.com/en/cassandra/2.1/cassandra/configuration/configCassandra_yaml_r.html) file.\r\nDefault value '256'\r\n\r\n##### `package_ensure`\r\nThe status of the package specified in **package_name**. Can be\r\n*present*, *latest* or a specific version number.\r\nDefault value 'present'\r\n\r\n##### `package_name`\r\nThe name of the Cassandra package. Must be available from a repository.\r\nDefault value 'dsc22'\r\n\r\n##### `partitioner`\r\nThis is passed to the\r\n[cassandra.yaml](http://docs.datastax.com/en/cassandra/2.1/cassandra/configuration/configCassandra_yaml_r.html) file.\r\nDefault value 'org.apache.cassandra.dht.Murmur3Partitioner'\r\n\r\n##### `permissions_update_interval_in_ms`\r\nThis is passed to the\r\n[cassandra.yaml](http://docs.datastax.com/en/cassandra/2.1/cassandra/configuration/configCassandra_yaml_r.html) file.\r\nIf left at the default value of *undef* then the entry in the configuration\r\nfile is absent or commented out. If a value is set, then the parameter\r\nand variable are placed into the configuration file.\r\nDefault value: *undef*\r\n\r\n##### `permissions_validity_in_ms`\r\nThis is passed to the\r\n[cassandra.yaml](http://docs.datastax.com/en/cassandra/2.1/cassandra/configuration/configCassandra_yaml_r.html) file.\r\nDefault value: '2000'\r\n\r\n##### `phi_convict_threshold`\r\nThis is passed to the\r\n[cassandra.yaml](http://docs.datastax.com/en/cassandra/2.1/cassandra/configuration/configCassandra_yaml_r.html) file.\r\nIf left at the default value of *undef* then the entry in the configuration\r\nfile is absent or commented out. If a value is set, then the parameter\r\nand variable are placed into the configuration file.\r\nDefault value: *undef*\r\n\r\n##### `prefer_local`\r\nSets the value for prefer_local in *config_path*/*snitch_properties_file* see\r\nhttp://docs.datastax.com/en/cassandra/2.1/cassandra/architecture/architectureSnitchesAbout_c.html\r\nfor more details. Valid values are true, false or *undef*. If the value is\r\n*undef* then change will be made to the snitch properties file for this\r\nsetting.\r\nDefault value *undef*\r\n\r\n##### `rack`\r\nSets the value for rack in *config_path*/*snitch_properties_file* see\r\nhttp://docs.datastax.com/en/cassandra/2.1/cassandra/architecture/architectureSnitchesAbout_c.html\r\nfor more details.\r\nDefault value 'RAC1'\r\n\r\n##### `range_request_timeout_in_ms`\r\nThis is passed to the\r\n[cassandra.yaml](http://docs.datastax.com/en/cassandra/2.1/cassandra/configuration/configCassandra_yaml_r.html) file.\r\nDefault value: '10000'\r\n\r\n##### `read_request_timeout_in_ms`\r\nThis is passed to the\r\n[cassandra.yaml](http://docs.datastax.com/en/cassandra/2.1/cassandra/configuration/configCassandra_yaml_r.html) file.\r\nDefault value: '5000'\r\n\r\n##### `request_scheduler`\r\nThis is passed to the\r\n[cassandra.yaml](http://docs.datastax.com/en/cassandra/2.1/cassandra/configuration/configCassandra_yaml_r.html) file.\r\nDefault value: 'org.apache.cassandra.scheduler.NoScheduler'\r\n\r\n##### `request_scheduler_options_default_weight`\r\nThis is passed to the\r\n[cassandra.yaml](http://docs.datastax.com/en/cassandra/2.1/cassandra/configuration/configCassandra_yaml_r.html) file.\r\nIf left at the default value of *undef* then the entry in the configuration\r\nfile is absent or commented out. If a value is set, then the parameter\r\nand variable are placed into the configuration file.\r\nDefault value: *undef*\r\n\r\n##### `request_scheduler_options_throttle_limit`\r\nThis is passed to the\r\n[cassandra.yaml](http://docs.datastax.com/en/cassandra/2.1/cassandra/configuration/configCassandra_yaml_r.html) file.\r\nIf left at the default value of *undef* then the entry in the configuration\r\nfile is absent or commented out. If a value is set, then the parameter\r\nand variable are placed into the configuration file.\r\nDefault value: *undef*\r\n\r\n##### `request_timeout_in_ms`\r\nThis is passed to the\r\n[cassandra.yaml](http://docs.datastax.com/en/cassandra/2.1/cassandra/configuration/configCassandra_yaml_r.html) file.\r\nDefault value: '10000'\r\n\r\n##### `row_cache_keys_to_save`\r\nThis is passed to the\r\n[cassandra.yaml](http://docs.datastax.com/en/cassandra/2.1/cassandra/configuration/configCassandra_yaml_r.html) file.\r\nIf left at the default value of *undef* then the entry in the configuration\r\nfile is absent or commented out. If a value is set, then the parameter\r\nand variable are placed into the configuration file.\r\nDefault value: *undef*\r\n\r\n##### `row_cache_save_period`\r\nThis is passed to the\r\n[cassandra.yaml](http://docs.datastax.com/en/cassandra/2.1/cassandra/configuration/configCassandra_yaml_r.html) file.\r\nDefault value: '0'\r\n\r\n##### `row_cache_size_in_mb`\r\nThis is passed to the\r\n[cassandra.yaml](http://docs.datastax.com/en/cassandra/2.1/cassandra/configuration/configCassandra_yaml_r.html) file.\r\nDefault value: '0'\r\n\r\n##### `rpc_address`\r\nThis is passed to the\r\n[cassandra.yaml](http://docs.datastax.com/en/cassandra/2.1/cassandra/configuration/configCassandra_yaml_r.html) file.\r\nDefault value 'localhost'\r\n\r\n##### `rpc_max_threads`\r\nThis is passed to the\r\n[cassandra.yaml](http://docs.datastax.com/en/cassandra/2.1/cassandra/configuration/configCassandra_yaml_r.html) file.\r\nIf left at the default value of *undef* then the entry in the configuration\r\nfile is absent or commented out. If a value is set, then the parameter\r\nand variable are placed into the configuration file.\r\nDefault value: *undef*\r\n\r\n##### `rpc_min_threads`\r\nThis is passed to the\r\n[cassandra.yaml](http://docs.datastax.com/en/cassandra/2.1/cassandra/configuration/configCassandra_yaml_r.html) file.\r\nIf left at the default value of *undef* then the entry in the configuration\r\nfile is absent or commented out. If a value is set, then the parameter\r\nand variable are placed into the configuration file.\r\nDefault value: *undef*\r\n\r\n##### `rpc_port`\r\nThis is passed to the\r\n[cassandra.yaml](http://docs.datastax.com/en/cassandra/2.1/cassandra/configuration/configCassandra_yaml_r.html) file.\r\nDefault value '9160'\r\n\r\n##### `rpc_recv_buff_size_in_bytes`\r\nThis is passed to the\r\n[cassandra.yaml](http://docs.datastax.com/en/cassandra/2.1/cassandra/configuration/configCassandra_yaml_r.html) file.\r\nIf left at the default value of *undef* then the entry in the configuration\r\nfile is absent or commented out. If a value is set, then the parameter\r\nand variable are placed into the configuration file.\r\nDefault value: *undef*\r\n\r\n##### `rpc_send_buff_size_in_bytes`\r\nThis is passed to the\r\n[cassandra.yaml](http://docs.datastax.com/en/cassandra/2.1/cassandra/configuration/configCassandra_yaml_r.html) file.\r\nIf left at the default value of *undef* then the entry in the configuration\r\nfile is absent or commented out. If a value is set, then the parameter\r\nand variable are placed into the configuration file.\r\nDefault value: *undef*\r\n\r\n##### `rpc_server_type`\r\nThis is passed to the\r\n[cassandra.yaml](http://docs.datastax.com/en/cassandra/2.1/cassandra/configuration/configCassandra_yaml_r.html) file.\r\nDefault value 'sync'\r\n\r\n##### `saved_caches_directory`\r\nThis is passed to the\r\n[cassandra.yaml](http://docs.datastax.com/en/cassandra/2.1/cassandra/configuration/configCassandra_yaml_r.html) file.\r\nDefault value '/var/lib/cassandra/saved_caches'\r\n\r\n##### `saved_caches_directory_mode`\r\nThe mode for the directory specified in `saved_caches_directory`.\r\nDefault value '0750'\r\n\r\n##### `seeds`\r\nThis is passed to the\r\n[cassandra.yaml](http://docs.datastax.com/en/cassandra/2.1/cassandra/configuration/configCassandra_yaml_r.html) file.\r\nThe field being set is `seed_provider -> parameters -> seeds`.\r\nDefault value '127.0.0.1'\r\n\r\n##### `seed_provider_class_name`\r\nThis is passed to the\r\n[cassandra.yaml](http://docs.datastax.com/en/cassandra/2.1/cassandra/configuration/configCassandra_yaml_r.html) file.\r\nThe field being set is `seed_provider -> class_name`.\r\nDefault value 'org.apache.cassandra.locator.SimpleSeedProvider'\r\n\r\n##### `server_encryption_algorithm`\r\nIf left at the default value of *undef* then the entry in the configuration\r\nfile is absent or commented out. If a value is set, then the parameter\r\nand variable are placed into the configuration file.\r\nThe field being set is `server_encryption_options -> algorithm`.\r\nDefault value: *undef*\r\n\r\n##### `server_encryption_cipher_suites`\r\nIf left at the default value of *undef* then the entry in the configuration\r\nfile is absent or commented out. If a value is set, then the parameter\r\nand variable are placed into the configuration file.\r\nThe field being set is `server_encryption_options -> cipher_suites`.\r\nDefault value: *undef*\r\n\r\n##### `server_encryption_internode`\r\nThis is passed to the\r\n[cassandra.yaml](http://docs.datastax.com/en/cassandra/2.1/cassandra/configuration/configCassandra_yaml_r.html) file.\r\nThe field being set is `server_encryption_options -> internode_encryption`.\r\nDefault value 'none'\r\n\r\n##### `server_encryption_keystore`\r\nThis is passed to the\r\n[cassandra.yaml](http://docs.datastax.com/en/cassandra/2.1/cassandra/configuration/configCassandra_yaml_r.html) file.\r\nThe field being set is `server_encryption_options -> keystore`.\r\nDefault value 'conf/.keystore'\r\n\r\n##### `server_encryption_keystore_password`\r\nThis is passed to the\r\n[cassandra.yaml](http://docs.datastax.com/en/cassandra/2.1/cassandra/configuration/configCassandra_yaml_r.html) file.\r\nThe field being set is `server_encryption_options -> keystore_password`.\r\nDefault value 'cassandra'\r\n\r\n##### `server_encryption_protocol`\r\nIf left at the default value of *undef* then the entry in the configuration\r\nfile is absent or commented out. If a value is set, then the parameter\r\nand variable are placed into the configuration file.\r\nThe field being set is `server_encryption_options -> protocol`.\r\nDefault value: *undef*\r\n\r\n##### `server_encryption_require_client_auth`\r\nIf left at the default value of *undef* then the entry in the configuration\r\nfile is absent or commented out. If a value is set, then the parameter\r\nand variable are placed into the configuration file.\r\nThe field being set is `server_encryption_options -> require_client_auth`.\r\nDefault value: *undef*\r\n\r\n##### `server_encryption_store_type`\r\nIf left at the default value of *undef* then the entry in the configuration\r\nfile is absent or commented out. If a value is set, then the parameter\r\nand variable are placed into the configuration file.\r\nThe field being set is `server_encryption_options -> store_type`.\r\nDefault value: *undef*\r\n\r\n##### `server_encryption_truststore`\r\nThis is passed to the\r\n[cassandra.yaml](http://docs.datastax.com/en/cassandra/2.1/cassandra/configuration/configCassandra_yaml_r.html) file.\r\nThe field being set is `server_encryption_options -> truststore`.\r\nDefault value 'conf/.truststore'\r\n\r\n##### `server_encryption_truststore_password`\r\nThis is passed to the\r\n[cassandra.yaml](http://docs.datastax.com/en/cassandra/2.1/cassandra/configuration/configCassandra_yaml_r.html) file.\r\nThe field being set is `server_encryption_options -> truststore_password`.\r\nDefault value 'cassandra'\r\n\r\n##### `service_enable`\r\nEnable the Cassandra service to start at boot time. Valid values are true\r\nor false.\r\nDefault value 'true'\r\n\r\n##### `service_ensure`\r\nEnsure the Cassandra service is running. Valid values are running or stopped.\r\nDefault value 'running'\r\n\r\n##### `service_name`\r\nThe name of the service that runs the Cassandra software.\r\nDefault value 'cassandra'\r\n\r\n##### `service_refresh`\r\nIf set to true, changes to the Cassandra config file or the data directories\r\nwill ensure that Cassandra service is refreshed after the changes. Setting\r\nthis flag to false will disable this behaviour, therefore allowing the changes\r\nto be made but allow the user to control when the service is restarted.\r\nDefault value true\r\n\r\n##### `snapshot_before_compaction`\r\nThis is passed to the\r\n[cassandra.yaml](http://docs.datastax.com/en/cassandra/2.1/cassandra/configuration/configCassandra_yaml_r.html) file.\r\nDefault value 'false'\r\n\r\n##### `snitch_properties_file`\r\nThe name of the snitch properties file. The full path name would be\r\n*config_path*/*snitch_properties_file*.\r\nDefault value 'cassandra-rackdc.properties'\r\n\r\n##### `ssl_storage_port`\r\nThis is passed to the\r\n[cassandra.yaml](http://docs.datastax.com/en/cassandra/2.1/cassandra/configuration/configCassandra_yaml_r.html) file.\r\nDefault value '7001'\r\n\r\n##### `sstable_preemptive_open_interval_in_mb`\r\nThis is passed to the\r\n[cassandra.yaml](http://docs.datastax.com/en/cassandra/2.1/cassandra/configuration/configCassandra_yaml_r.html) file.\r\nDefault value: '50'\r\n\r\n##### `start_native_transport`\r\nThis is passed to the\r\n[cassandra.yaml](http://docs.datastax.com/en/cassandra/2.1/cassandra/configuration/configCassandra_yaml_r.html) file.\r\nDefault value 'true'\r\n\r\n##### `start_rpc`\r\nThis is passed to the\r\n[cassandra.yaml](http://docs.datastax.com/en/cassandra/2.1/cassandra/configuration/configCassandra_yaml_r.html) file.\r\nDefault value 'true'\r\n\r\n##### `storage_port`\r\nThis is passed to the\r\n[cassandra.yaml](http://docs.datastax.com/en/cassandra/2.1/cassandra/configuration/configCassandra_yaml_r.html) file.\r\nDefault value '7000'\r\n\r\n##### `streaming_socket_timeout_in_ms`\r\nThis is passed to the\r\n[cassandra.yaml](http://docs.datastax.com/en/cassandra/2.1/cassandra/configuration/configCassandra_yaml_r.html) file.\r\nIf left at the default value of *undef* then the entry in the configuration\r\nfile is absent or commented out. If a value is set, then the parameter\r\nand variable are placed into the configuration file.\r\nDefault value: *undef*\r\n\r\n##### `tombstone_failure_threshold`\r\nThis is passed to the\r\n[cassandra.yaml](http://docs.datastax.com/en/cassandra/2.1/cassandra/configuration/configCassandra_yaml_r.html) file.\r\nDefault value: '100000'\r\n\r\n##### `tombstone_warn_threshold`\r\nThis is passed to the\r\n[cassandra.yaml](http://docs.datastax.com/en/cassandra/2.1/cassandra/configuration/configCassandra_yaml_r.html) file.\r\nDefault value: '1000'\r\n\r\n##### `trickle_fsync`\r\nThis is passed to the\r\n[cassandra.yaml](http://docs.datastax.com/en/cassandra/2.1/cassandra/configuration/configCassandra_yaml_r.html) file.\r\nDefault value: 'false'\r\n\r\n##### `trickle_fsync_interval_in_kb`\r\nThis is passed to the\r\n[cassandra.yaml](http://docs.datastax.com/en/cassandra/2.1/cassandra/configuration/configCassandra_yaml_r.html) file.\r\nDefault value: '10240'\r\n\r\n##### `truncate_request_timeout_in_ms`\r\nThis is passed to the\r\n[cassandra.yaml](http://docs.datastax.com/en/cassandra/2.1/cassandra/configuration/configCassandra_yaml_r.html) file.\r\nDefault value: '60000'\r\n\r\n##### `write_request_timeout_in_ms`\r\nThis is passed to the\r\n[cassandra.yaml](http://docs.datastax.com/en/cassandra/2.1/cassandra/configuration/configCassandra_yaml_r.html) file.\r\nDefault value: '2000'\r\n\r\n### Class: cassandra::datastax_agent\r\n\r\nA class for installing the DataStax Agent and to point it at an OpsCenter\r\ninstance.\r\n\r\n#### Parameters\r\n\r\n##### `defaults_file`\r\nThe full path name to the file where `java_home` is set.\r\nDefault value '/etc/default/datastax-agent'\r\n\r\n##### `java_home`\r\nIf the value of this variable is left as *undef*, no action is taken.\r\nOtherwise the value is set as JAVA_HOME in `defaults_file`.\r\nDefault value *undef*\r\n\r\n##### `package_ensure`\r\nIs passed to the package reference. Valid values are **present** or a version\r\nnumber.\r\nDefault value 'present'\r\n\r\n##### `package_name`\r\nIs passed to the package reference.\r\nDefault value 'datastax-agent'\r\n\r\n##### `service_ensure`\r\nIs passed to the service reference.\r\nDefault value 'running'\r\n\r\n##### `service_enable`\r\nIs passed to the service reference.\r\nDefault value 'true'\r\n\r\n##### `service_name`\r\nIs passed to the service reference.\r\nDefault value 'datastax-agent'\r\n\r\n##### `stomp_interface`\r\nIf the value is changed from the default of *undef* then this is what is\r\nset as the stomp_interface setting in\r\n**/var/lib/datastax-agent/conf/address.yaml**\r\nwhich connects the agent to an OpsCenter instance.\r\nDefault value *undef*\r\n\r\n### Class: cassandra::datastax_repo\r\n\r\nAn optional class that will allow a suitable repository to be configured\r\nfrom which packages for DataStax Community can be downloaded. Changing\r\nthe defaults will allow any Debian Apt or Red Hat Yum repository to be\r\nconfigured.\r\n\r\n#### Parameters\r\n\r\n##### `descr`\r\nOn the Red Hat family, this is passed as the `descr` parameter to a\r\n`yumrepo` resource. On the Debian family, it is passed as the `comment`\r\nparameter to an `apt::source` resource.\r\nDefault value 'DataStax Repo for Apache Cassandra'\r\n\r\n##### `key_id`\r\nOn the Debian family, this is passed as the `id` parameter to an `apt::key`\r\nresource. On the Red Hat family, it is ignored.\r\nDefault value '7E41C00F85BFC1706C4FFFB3350200F2B999A372'\r\n\r\n##### `key_url`\r\nOn the Debian family, this is passed as the `source` parameter to an\r\n`apt::key` resource. On the Red Hat family, it is ignored.\r\nDefault value 'http://debian.datastax.com/debian/repo_key'\r\n\r\n##### `pkg_url`\r\nIf left as the default, this will set the `baseurl` to\r\n'http://rpm.datastax.com/community' on a `yumrepo` resource\r\non the Red Hat family. On the Debian family, leaving this as the default\r\nwill set the `location` parameter on an `apt::source` to\r\n'http://debian.datastax.com/community'. Default value *undef*\r\n\r\n##### `release`\r\nOn the Debian family, this is passed as the `release` parameter to an\r\n`apt::source` resource. On the Red Hat family, it is ignored.\r\nDefault value 'stable'\r\n\r\n### Class: cassandra::firewall_ports\r\n\r\nAn optional class to configure incoming network ports on the host that are\r\nrelevant to the Cassandra installation. If firewalls are being managed \r\nalready, simply do not include this module in your manifest.\r\n\r\nIMPORTANT: The full list of which ports should be configured is assessed at\r\nevaluation time of the configuration. Therefore if one is to use this class,\r\nit must be the final cassandra class included in the manifest.\r\n\r\n#### Parameters\r\n\r\n##### `client_ports`\r\nOnly has any effect if the `cassandra` class is defined on the node.\r\n\r\nAllow these TCP ports to be opened for traffic\r\ncoming from the client subnets.\r\nDefault value '[9042, 9160]'\r\n\r\n##### `client_subnets`\r\nOnly has any effect if the `cassandra` class is defined on the node.\r\n\r\nAn array of the list of subnets that are to allowed connection to\r\ncassandra::native_transport_port and cassandra::rpc_port.\r\nDefault value '['0.0.0.0/0']'\r\n\r\n##### `inter_node_ports`\r\nOnly has any effect if the `cassandra` class is defined on the node.\r\n\r\nAllow these TCP ports to be opened for traffic\r\nbetween the Cassandra nodes.\r\nDefault value '[7000, 7001, 7199]'\r\n\r\n##### `inter_node_subnets`\r\nOnly has any effect if the `cassandra` class is defined on the node.\r\n\r\nAn array of the list of subnets that are to allowed connection to\r\ncassandra::storage_port, cassandra::ssl_storage_port and port 7199\r\nfor cassandra JMX monitoring.\r\nDefault value '['0.0.0.0/0']'\r\n\r\n##### `inter_node_ports`\r\nAllow these TCP ports to be opened for traffic\r\ncoming from OpsCenter subnets.\r\nDefault value '[7000, 7001, 7199]'\r\n\r\n##### `public_ports`\r\nAllow these TCP ports to be opened for traffic\r\ncoming from public subnets the port specified in `$ssh_port` will be\r\nappended to this list.\r\nDefault value '[8888]'\r\n\r\n##### `public_subnets`\r\nAn array of the list of subnets that are to allowed connection to\r\ncassandra::firewall_ports::ssh_port and if cassandra::opscenter has been\r\nincluded, both cassandra::opscenter::webserver_port and\r\ncassandra::opscenter::webserver_ssl_port.\r\nDefault value '['0.0.0.0/0']'\r\n\r\n##### `ssh_port`\r\nWhich port does SSH operate on.\r\nDefault value '22'\r\n\r\n##### `opscenter_ports`\r\nOnly has any effect if the `cassandra::datastax_agent` or\r\n`cassandra::opscenter` classes are defined.\r\n\r\nAllow these TCP ports to be opened for traffic\r\ncoming to or from OpsCenter\r\nappended to this list.\r\nDefault value '[61620, 61621]'\r\n\r\n##### `opscenter_subnets`\r\nA list of subnets that are to be allowed connection to\r\nport 61620 for nodes built with cassandra::opscenter and 61621 for nodes\r\nbuilt with cassandra::datastax_agent.\r\nDefault value '['0.0.0.0/0']'\r\n\r\n### Class: cassandra::java\r\n\r\nA class to install an appropriate Java package.\r\n\r\n#### Parameters\r\n\r\n##### `ensure`\r\nIs passed to the package reference for the JRE/JDK package. Valid values are\r\n**present** or a version number.\r\nDefault value 'present'\r\n\r\n##### `jna_ensure`\r\nIs passed to the package reference for the JNA package. Valid values are\r\n**present** or a version number.\r\nDefault value 'present'\r\n\r\n##### `jna_package_name`\r\nIf the default value of *undef* is left as it is, then a package called\r\njna or libjna-java will be installed on a Red Hat family or Ubuntu system\r\nrespectively. Alternatively, one can specify a package that is available in\r\na package repository to the node.\r\nDefault value *undef*\r\n\r\n##### `package_name`\r\nIf the default value of *undef* is left as it is, then a package called\r\njava-1.8.0-openjdk-headless or openjdk-7-jre-headless will be installed\r\non a Red Hat family or Ubuntu system respectively. Alternatively, one\r\ncan specify a package that is available in a package repository to the\r\nnode.\r\nDefault value *undef*\r\n\r\n### Class: cassandra::opscenter\r\n\r\nThis class installs and manages the DataStax OpsCenter. Leaving the defaults\r\nas they are will provide a running OpsCenter without any authentication on\r\nport 8888.\r\n\r\n#### Parameters\r\n\r\n##### `agents_agent_certfile`\r\nThis sets the agent_certfile setting in the agents section of the\r\nOpsCenter configuration file. See\r\nhttp://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html\r\nfor more details. A value of *undef* will ensure the setting is not present\r\nin the file. Default value *undef*\r\n\r\n##### `agents_agent_keyfile`\r\nThis sets the agent_keyfile setting in the agents section of the\r\nOpsCenter configuration file. See\r\nhttp://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html\r\nfor more details. A value of *undef* will ensure the setting is not present\r\nin the file. Default value *undef*\r\n\r\n##### `agents_agent_keyfile_raw`\r\nThis sets the agent_keyfile_raw setting in the agents section of the\r\nOpsCenter configuration file. See\r\nhttp://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html\r\nfor more details. A value of *undef* will ensure the setting is not present\r\nin the file. Default value *undef*\r\n\r\n##### `agents_config_sleep`\r\nThis sets the config_sleep setting in the agents section of the\r\nOpsCenter configuration file. See\r\nhttp://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html\r\nfor more details. A value of *undef* will ensure the setting is not present\r\nin the file. Default value *undef*\r\n\r\n##### `agents_fingerprint_throttle`\r\nThis sets the fingerprint_throttle setting in the agents section of the\r\nOpsCenter configuration file. See\r\nhttp://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html\r\nfor more details. A value of *undef* will ensure the setting is not present\r\nin the file. Default value *undef*\r\n\r\n##### `agents_incoming_interface`\r\nThis sets the incoming_interface setting in the agents section of the\r\nOpsCenter configuration file. See\r\nhttp://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html\r\nfor more details. A value of *undef* will ensure the setting is not present\r\nin the file. Default value *undef*\r\n\r\n##### `agents_incoming_port`\r\nThis sets the incoming_port setting in the agents section of the\r\nOpsCenter configuration file. See\r\nhttp://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html\r\nfor more details. A value of *undef* will ensure the setting is not present\r\nin the file. Default value *undef*\r\n\r\n##### `agents_install_throttle`\r\nThis sets the install_throttle setting in the agents section of the\r\nOpsCenter configuration file. See\r\nhttp://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html\r\nfor more details. A value of *undef* will ensure the setting is not present\r\nin the file. Default value *undef*\r\n\r\n##### `agents_not_seen_threshold`\r\nThis sets the not_seen_threshold setting in the agents section of the\r\nOpsCenter configuration file. See\r\nhttp://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html\r\nfor more details. A value of *undef* will ensure the setting is not present\r\nin the file. Default value *undef*\r\n\r\n##### `agents_path_to_deb`\r\nThis sets the path_to_deb setting in the agents section of the\r\nOpsCenter configuration file. See\r\nhttp://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html\r\nfor more details. A value of *undef* will ensure the setting is not present\r\nin the file. Default value *undef*\r\n\r\n##### `agents_path_to_find_java`\r\nThis sets the path_to_find_java setting in the agents section of the\r\nOpsCenter configuration file. See\r\nhttp://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html\r\nfor more details. A value of *undef* will ensure the setting is not present\r\nin the file. Default value *undef*\r\n\r\n##### `agents_path_to_installscript`\r\nThis sets the path_to_installscript setting in the agents section of the\r\nOpsCenter configuration file. See\r\nhttp://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html\r\nfor more details. A value of *undef* will ensure the setting is not present\r\nin the file. Default value *undef*\r\n\r\n##### `agents_path_to_rpm`\r\nThis sets the path_to_rpm setting in the agents section of the\r\nOpsCenter configuration file. See\r\nhttp://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html\r\nfor more details. A value of *undef* will ensure the setting is not present\r\nin the file. Default value *undef*\r\n\r\n##### `agents_path_to_sudowrap`\r\nThis sets the path_to_sudowrap setting in the agents section of the\r\nOpsCenter configuration file. See\r\nhttp://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html\r\nfor more details. A value of *undef* will ensure the setting is not present\r\nin the file. Default value *undef*\r\n\r\n##### `agents_reported_interface`\r\nThis sets the reported_interface setting in the agents section of the\r\nOpsCenter configuration file. See\r\nhttp://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html\r\nfor more details. A value of *undef* will ensure the setting is not present\r\nin the file. Default value *undef*\r\n\r\n##### `agents_runs_sudo`\r\nThis sets the runs_sudo setting in the agents section of the\r\nOpsCenter configuration file. See\r\nhttp://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html\r\nfor more details. A value of *undef* will ensure the setting is not present\r\nin the file. Default value *undef*\r\n\r\n##### `agents_scp_executable`\r\nThis sets the scp_executable setting in the agents section of the\r\nOpsCenter configuration file. See\r\nhttp://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html\r\nfor more details. A value of *undef* will ensure the setting is not present\r\nin the file. Default value *undef*\r\n\r\n##### `agents_ssh_executable`\r\nThis sets the ssh_executable setting in the agents section of the\r\nOpsCenter configuration file. See\r\nhttp://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html\r\nfor more details. A value of *undef* will ensure the setting is not present\r\nin the file. Default value *undef*\r\n\r\n##### `agents_ssh_keygen_executable`\r\nThis sets the ssh_keygen_executable setting in the agents section of the\r\nOpsCenter configuration file. See\r\nhttp://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html\r\nfor more details. A value of *undef* will ensure the setting is not present\r\nin the file. Default value *undef*\r\n\r\n##### `agents_ssh_keyscan_executable`\r\nThis sets the ssh_keyscan_executable setting in the agents section of the\r\nOpsCenter configuration file. See\r\nhttp://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html\r\nfor more details. A value of *undef* will ensure the setting is not present\r\nin the file. Default value *undef*\r\n\r\n##### `agents_ssh_port`\r\nThis sets the ssh_port setting in the agents section of the\r\nOpsCenter configuration file. See\r\nhttp://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html\r\nfor more details. A value of *undef* will ensure the setting is not present\r\nin the file. Default value *undef*\r\n\r\n##### `agents_ssh_sys_known_hosts_file`\r\nThis sets the ssh_sys_known_hosts_file setting in the agents section of the\r\nOpsCenter configuration file. See\r\nhttp://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html\r\nfor more details. A value of *undef* will ensure the setting is not present\r\nin the file. Default value *undef*\r\n\r\n##### `agents_ssh_user_known_hosts_file`\r\nThis sets the ssh_user_known_hosts_file setting in the agents section of the\r\nOpsCenter configuration file. See\r\nhttp://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html\r\nfor more details. A value of *undef* will ensure the setting is not present\r\nin the file. Default value *undef*\r\n\r\n##### `agents_ssl_certfile`\r\nThis sets the ssl_certfile setting in the agents section of the\r\nOpsCenter configuration file. See\r\nhttp://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html\r\nfor more details. A value of *undef* will ensure the setting is not present\r\nin the file. Default value *undef*\r\n\r\n##### `agents_ssl_keyfile`\r\nThis sets the ssl_keyfile setting in the agents section of the\r\nOpsCenter configuration file. See\r\nhttp://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html\r\nfor more details. A value of *undef* will ensure the setting is not present\r\nin the file. Default value *undef*\r\n\r\n##### `agents_tmp_dir`\r\nThis sets the tmp_dir setting in the agents section of the\r\nOpsCenter configuration file. See\r\nhttp://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html\r\nfor more details. A value of *undef* will ensure the setting is not present\r\nin the file. Default value *undef*\r\n\r\n##### `agents_use_ssl`\r\nThis sets the use_ssl setting in the agents section of the\r\nOpsCenter configuration file. See\r\nhttp://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html\r\nfor more details. A value of *undef* will ensure the setting is not present\r\nin the file. Default value *undef*\r\n\r\n##### `authentication_audit_auth`\r\nThis sets the audit_auth setting in the authentication section of the\r\nOpsCenter configuration file. See\r\nhttp://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html\r\nfor more details. A value of *undef* will ensure the setting is not present\r\nin the file. Default value *undef*\r\n\r\n##### `authentication_audit_pattern`\r\nThis sets the audit_pattern setting in the authentication section of the\r\nOpsCenter configuration file. See\r\nhttp://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html\r\nfor more details. A value of *undef* will ensure the setting is not present\r\nin the file. Default value *undef*\r\n\r\n##### `authentication_method`\r\nThis sets the authentication_method setting in the authentication section of the\r\nOpsCenter configuration file. See\r\nhttp://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html\r\nfor more details. A value of *undef* will ensure the setting is not present\r\nin the file. Default value *undef*\r\n\r\n##### `authentication_enabled`\r\nThis sets the enabled setting in the authentication section of the\r\nOpsCenter configuration file. See\r\nhttp://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html\r\nfor more details. A value of *undef* will ensure the setting is not present\r\nin the file. Default value 'False'\r\n\r\n##### `authentication_passwd_db`\r\nThis sets the passwd_db setting in the authentication section of the\r\nOpsCenter configuration file. See\r\nhttp://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html\r\nfor more details. A value of *undef* will ensure the setting is not present\r\nin the file. Default value *undef*\r\n\r\n##### `authentication_timeout`\r\nThis sets the timeout setting in the authentication section of the\r\nOpsCenter configuration file. See\r\nhttp://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html\r\nfor more details. A value of *undef* will ensure the setting is not present\r\nin the file. Default value *undef*\r\n\r\n##### `cloud_accepted_certs`\r\nThis sets the accepted_certs setting in the cloud section of the\r\nOpsCenter configuration file. See\r\nhttp://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html\r\nfor more details. A value of *undef* will ensure the setting is not present\r\nin the file. Default value *undef*\r\n\r\n##### `clusters_add_cluster_timeout`\r\nThis sets the add_cluster_timeout setting in the clusters section of the\r\nOpsCenter configuration file. See\r\nhttp://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html\r\nfor more details. A value of *undef* will ensure the setting is not present\r\nin the file. Default value *undef*\r\n\r\n##### `clusters_startup_sleep`\r\nThis sets the startup_sleep setting in the clusters section of the\r\nOpsCenter configuration file. See\r\nhttp://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html\r\nfor more details. A value of *undef* will ensure the setting is not present\r\nin the file. Default value *undef*\r\n\r\n##### `config_file`\r\nThe full path to the OpsCenter configuration file.\r\nDefault value '/etc/opscenter/opscenterd.conf'\r\n\r\n##### `definitions_auto_update`\r\nThis sets the auto_update setting in the definitions section of the\r\nOpsCenter configuration file. See\r\nhttp://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html\r\nfor more details. A value of *undef* will ensure the setting is not present\r\nin the file. Default value *undef*\r\n\r\n##### `definitions_definitions_dir`\r\nThis sets the definitions_dir setting in the definitions section of the\r\nOpsCenter configuration file. See\r\nhttp://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html\r\nfor more details. A value of *undef* will ensure the setting is not present\r\nin the file. Default value *undef*\r\n\r\n##### `definitions_download_filename`\r\nThis sets the download_filename setting in the definitions section of the\r\nOpsCenter configuration file. See\r\nhttp://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html\r\nfor more details. A value of *undef* will ensure the setting is not present\r\nin the file. Default value *undef*\r\n\r\n##### `definitions_download_host`\r\nThis sets the download_host setting in the definitions section of the\r\nOpsCenter configuration file. See\r\nhttp://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html\r\nfor more details. A value of *undef* will ensure the setting is not present\r\nin the file. Default value *undef*\r\n\r\n##### `definitions_download_port`\r\nThis sets the download_port setting in the definitions section of the\r\nOpsCenter configuration file. See\r\nhttp://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html\r\nfor more details. A value of *undef* will ensure the setting is not present\r\nin the file. Default value *undef*\r\n\r\n##### `definitions_hash_filename`\r\nThis sets the hash_filename setting in the definitions section of the\r\nOpsCenter configuration file. See\r\nhttp://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html\r\nfor more details. A value of *undef* will ensure the setting is not present\r\nin the file. Default value *undef*\r\n\r\n##### `definitions_sleep`\r\nThis sets the sleep setting in the definitions section of the\r\nOpsCenter configuration file. See\r\nhttp://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html\r\nfor more details. A value of *undef* will ensure the setting is not present\r\nin the file. Default value *undef*\r\n\r\n##### `definitions_ssl_certfile`\r\nThis sets the ssl_certfile setting in the definitions section of the\r\nOpsCenter configuration file. See\r\nhttp://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html\r\nfor more details. A value of *undef* will ensure the setting is not present\r\nin the file. Default value *undef*\r\n\r\n##### `definitions_use_ssl`\r\nThis sets the use_ssl setting in the definitions section of the\r\nOpsCenter configuration file. See\r\nhttp://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html\r\nfor more details. A value of *undef* will ensure the setting is not present\r\nin the file. Default value *undef*\r\n\r\n##### `ensure`\r\nThis is passed to the package reference for **opscenter**. Valid values are\r\n**present** or a version number.\r\nDefault value 'present'\r\n\r\n##### `failover_configuration_directory`\r\nThis sets the failover_configuration_directory setting in the failover section of the\r\nOpsCenter configuration file. See\r\nhttp://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html\r\nfor more details. A value of *undef* will ensure the setting is not present\r\nin the file. Default value *undef*\r\n\r\n##### `failover_heartbeat_fail_window`\r\nThis sets the heartbeat_fail_window setting in the failover section of the\r\nOpsCenter configuration file. See\r\nhttp://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html\r\nfor more details. A value of *undef* will ensure the setting is not present\r\nin the file. Default value *undef*\r\n\r\n##### `failover_heartbeat_period`\r\nThis sets the heartbeat_period setting in the failover section of the\r\nOpsCenter configuration file. See\r\nhttp://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html\r\nfor more details. A value of *undef* will ensure the setting is not present\r\nin the file. Default value *undef*\r\n\r\n##### `failover_heartbeat_reply_period`\r\nThis sets the heartbeat_reply_period setting in the failover section of the\r\nOpsCenter configuration file. See\r\nhttp://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html\r\nfor more details. A value of *undef* will ensure the setting is not present\r\nin the file. Default value *undef*\r\n\r\n##### `hadoop_base_job_tracker_proxy_port`\r\nThis sets the base_job_tracker_proxy_port setting in the hadoop section of the\r\nOpsCenter configuration file. See\r\nhttp://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html\r\nfor more details. A value of *undef* will ensure the setting is not present\r\nin the file. Default value *undef*\r\n\r\n##### `ldap_admin_group_name`\r\nThis sets the admin_group_name setting in the ldap section of the\r\nOpsCenter configuration file. See\r\nhttp://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html\r\nfor more details. A value of *undef* will ensure the setting is not present\r\nin the file. Default value *undef*\r\n\r\n##### `ldap_connection_timeout`\r\nThis sets the connection_timeout setting in the ldap section of the\r\nOpsCenter configuration file. See\r\nhttp://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html\r\nfor more details. A value of *undef* will ensure the setting is not present\r\nin the file. Default value *undef*\r\n\r\n##### `ldap_debug_ssl`\r\nThis sets the debug_ssl setting in the ldap section of the\r\nOpsCenter configuration file. See\r\nhttp://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html\r\nfor more details. A value of *undef* will ensure the setting is not present\r\nin the file. Default value *undef*\r\n\r\n##### `ldap_group_name_attribute`\r\nThis sets the group_name_attribute setting in the ldap section of the\r\nOpsCenter configuration file. See\r\nhttp://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html\r\nfor more details. A value of *undef* will ensure the setting is not present\r\nin the file. Default value *undef*\r\n\r\n##### `ldap_group_search_base`\r\nThis sets the group_search_base setting in the ldap section of the\r\nOpsCenter configuration file. See\r\nhttp://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html\r\nfor more details. A value of *undef* will ensure the setting is not present\r\nin the file. Default value *undef*\r\n\r\n##### `ldap_group_search_filter`\r\nThis sets the group_search_filter setting in the ldap section of the\r\nOpsCenter configuration file. See\r\nhttp://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html\r\nfor more details. A value of *undef* will ensure the setting is not present\r\nin the file. Default value *undef*\r\n\r\n##### `ldap_group_search_type`\r\nThis sets the group_search_type setting in the ldap section of the\r\nOpsCenter configuration file. See\r\nhttp://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html\r\nfor more details. A value of *undef* will ensure the setting is not present\r\nin the file. Default value *undef*\r\n\r\n##### `ldap_ldap_security`\r\nThis sets the ldap_security setting in the ldap section of the\r\nOpsCenter configuration file. See\r\nhttp://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html\r\nfor more details. A value of *undef* will ensure the setting is not present\r\nin the file. Default value *undef*\r\n\r\n##### `ldap_opt_referrals`\r\nThis sets the opt_referrals setting in the ldap section of the\r\nOpsCenter configuration file. See\r\nhttp://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html\r\nfor more details. A value of *undef* will ensure the setting is not present\r\nin the file. Default value *undef*\r\n\r\n##### `ldap_protocol_version`\r\nThis sets the protocol_version setting in the ldap section of the\r\nOpsCenter configuration file. See\r\nhttp://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html\r\nfor more details. A value of *undef* will ensure the setting is not present\r\nin the file. Default value *undef*\r\n\r\n##### `ldap_search_dn`\r\nThis sets the search_dn setting in the ldap section of the\r\nOpsCenter configuration file. See\r\nhttp://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html\r\nfor more details. A value of *undef* will ensure the setting is not present\r\nin the file. Default value *undef*\r\n\r\n##### `ldap_search_password`\r\nThis sets the search_password setting in the ldap section of the\r\nOpsCenter configuration file. See\r\nhttp://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html\r\nfor more details. A value of *undef* will ensure the setting is not present\r\nin the file. Default value *undef*\r\n\r\n##### `ldap_server_host`\r\nThis sets the server_host setting in the ldap section of the\r\nOpsCenter configuration file. See\r\nhttp://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html\r\nfor more details. A value of *undef* will ensure the setting is not present\r\nin the file. Default value *undef*\r\n\r\n##### `ldap_server_port`\r\nThis sets the server_port setting in the ldap section of the\r\nOpsCenter configuration file. See\r\nhttp://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html\r\nfor more details. A value of *undef* will ensure the setting is not present\r\nin the file. Default value *undef*\r\n\r\n##### `ldap_ssl_cacert`\r\nThis sets the ssl_cacert setting in the ldap section of the\r\nOpsCenter configuration file. See\r\nhttp://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html\r\nfor more details. A value of *undef* will ensure the setting is not present\r\nin the file. Default value *undef*\r\n\r\n##### `ldap_ssl_cert`\r\nThis sets the ssl_cert setting in the ldap section of the\r\nOpsCenter configuration file. See\r\nhttp://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html\r\nfor more details. A value of *undef* will ensure the setting is not present\r\nin the file. Default value *undef*\r\n\r\n##### `ldap_ssl_key`\r\nThis sets the ssl_key setting in the ldap section of the\r\nOpsCenter configuration file. See\r\nhttp://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html\r\nfor more details. A value of *undef* will ensure the setting is not present\r\nin the file. Default value *undef*\r\n\r\n##### `ldap_tls_demand`\r\nThis sets the tls_demand setting in the ldap section of the\r\nOpsCenter configuration file. See\r\nhttp://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html\r\nfor more details. A value of *undef* will ensure the setting is not present\r\nin the file. Default value *undef*\r\n\r\n##### `ldap_tls_reqcert`\r\nThis sets the tls_reqcert setting in the ldap section of the\r\nOpsCenter configuration file. See\r\nhttp://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html\r\nfor more details. A value of *undef* will ensure the setting is not present\r\nin the file. Default value *undef*\r\n\r\n##### `ldap_uri_scheme`\r\nThis sets the uri_scheme setting in the ldap section of the\r\nOpsCenter configuration file. See\r\nhttp://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html\r\nfor more details. A value of *undef* will ensure the setting is not present\r\nin the file. Default value *undef*\r\n\r\n##### `ldap_user_memberof_attribute`\r\nThis sets the user_memberof_attribute setting in the ldap section of the\r\nOpsCenter configuration file. See\r\nhttp://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html\r\nfor more details. A value of *undef* will ensure the setting is not present\r\nin the file. Default value *undef*\r\n\r\n##### `ldap_user_search_base`\r\nThis sets the user_search_base setting in the ldap section of the\r\nOpsCenter configuration file. See\r\nhttp://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html\r\nfor more details. A value of *undef* will ensure the setting is not present\r\nin the file. Default value *undef*\r\n\r\n##### `ldap_user_search_filter`\r\nThis sets the user_search_filter setting in the ldap section of the\r\nOpsCenter configuration file. See\r\nhttp://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html\r\nfor more details. A value of *undef* will ensure the setting is not present\r\nin the file. Default value *undef*\r\n\r\n##### `logging_level`\r\nThis sets the level setting in the logging section of the\r\nOpsCenter configuration file. See\r\nhttp://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html\r\nfor more details. A value of *undef* will ensure the setting is not present\r\nin the file. Default value *undef*\r\n\r\n##### `logging_log_length`\r\nThis sets the log_length setting in the logging section of the\r\nOpsCenter configuration file. See\r\nhttp://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html\r\nfor more details. A value of *undef* will ensure the setting is not present\r\nin the file. Default value *undef*\r\n\r\n##### `logging_log_path`\r\nThis sets the log_path setting in the logging section of the\r\nOpsCenter configuration file. See\r\nhttp://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html\r\nfor more details. A value of *undef* will ensure the setting is not present\r\nin the file. Default value *undef*\r\n\r\n##### `logging_max_rotate`\r\nThis sets the max_rotate setting in the logging section of the\r\nOpsCenter configuration file. See\r\nhttp://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html\r\nfor more details. A value of *undef* will ensure the setting is not present\r\nin the file. Default value *undef*\r\n\r\n##### `logging_resource_usage_interval`\r\nThis sets the resource_usage_interval setting in the logging section of the\r\nOpsCenter configuration file. See\r\nhttp://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html\r\nfor more details. A value of *undef* will ensure the setting is not present\r\nin the file. Default value *undef*\r\n\r\n##### `package_name`\r\nThe name of the OpsCenter package.\r\nDefault value 'opscenter'\r\n\r\n##### `provisioning_agent_install_timeout`\r\nThis sets the agent_install_timeout setting in the provisioning section of the\r\nOpsCenter configuration file. See\r\nhttp://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html\r\nfor more details. A value of *undef* will ensure the setting is not present\r\nin the file. Default value *undef*\r\n\r\n##### `provisioning_keyspace_timeout`\r\nThis sets the keyspace_timeout setting in the provisioning section of the\r\nOpsCenter configuration file. See\r\nhttp://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html\r\nfor more details. A value of *undef* will ensure the setting is not present\r\nin the file. Default value *undef*\r\n\r\n##### `provisioning_private_key_dir`\r\nThis sets the private_key_dir setting in the provisioning section of the\r\nOpsCenter configuration file. See\r\nhttp://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html\r\nfor more details. A value of *undef* will ensure the setting is not present\r\nin the file. Default value *undef*\r\n\r\n##### `repair_service_alert_on_repair_failure`\r\nThis sets the alert_on_repair_failure setting in the repair_service section of the\r\nOpsCenter configuration file. See\r\nhttp://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html\r\nfor more details. A value of *undef* will ensure the setting is not present\r\nin the file. Default value *undef*\r\n\r\n##### `repair_service_cluster_stabilization_period`\r\nThis sets the cluster_stabilization_period setting in the repair_service section of the\r\nOpsCenter configuration file. See\r\nhttp://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html\r\nfor more details. A value of *undef* will ensure the setting is not present\r\nin the file. Default value *undef*\r\n\r\n##### `repair_service_error_logging_window`\r\nThis sets the error_logging_window setting in the repair_service section of the\r\nOpsCenter configuration file. See\r\nhttp://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html\r\nfor more details. A value of *undef* will ensure the setting is not present\r\nin the file. Default value *undef*\r\n\r\n##### `repair_service_incremental_err_alert_threshold`\r\nThis sets the incremental_err_alert_threshold setting in the repair_service section of the\r\nOpsCenter configuration file. See\r\nhttp://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html\r\nfor more details. A value of *undef* will ensure the setting is not present\r\nin the file. Default value *undef*\r\n\r\n##### `repair_service_incremental_range_repair`\r\nThis sets the incremental_range_repair setting in the repair_service section of the\r\nOpsCenter configuration file. See\r\nhttp://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html\r\nfor more details. A value of *undef* will ensure the setting is not present\r\nin the file. Default value *undef*\r\n\r\n##### `repair_service_incremental_repair_tables`\r\nThis sets the incremental_repair_tables setting in the repair_service section of the\r\nOpsCenter configuration file. See\r\nhttp://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html\r\nfor more details. A value of *undef* will ensure the setting is not present\r\nin the file. Default value *undef*\r\n\r\n##### `repair_service_ks_update_period`\r\nThis sets the ks_update_period setting in the repair_service section of the\r\nOpsCenter configuration file. See\r\nhttp://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html\r\nfor more details. A value of *undef* will ensure the setting is not present\r\nin the file. Default value *undef*\r\n\r\n##### `repair_service_log_directory`\r\nThis sets the log_directory setting in the repair_service section of the\r\nOpsCenter configuration file. See\r\nhttp://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html\r\nfor more details. A value of *undef* will ensure the setting is not present\r\nin the file. Default value *undef*\r\n\r\n##### `repair_service_log_length`\r\nThis sets the log_length setting in the repair_service section of the\r\nOpsCenter configuration file. See\r\nhttp://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html\r\nfor more details. A value of *undef* will ensure the setting is not present\r\nin the file. Default value *undef*\r\n\r\n##### `repair_service_max_err_threshold`\r\nThis sets the max_err_threshold setting in the repair_service section of the\r\nOpsCenter configuration file. See\r\nhttp://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html\r\nfor more details. A value of *undef* will ensure the setting is not present\r\nin the file. Default value *undef*\r\n\r\n##### `repair_service_max_parallel_repairs`\r\nThis sets the max_parallel_repairs setting in the repair_service section of the\r\nOpsCenter configuration file. See\r\nhttp://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html\r\nfor more details. A value of *undef* will ensure the setting is not present\r\nin the file. Default value *undef*\r\n\r\n##### `repair_service_max_pending_repairs`\r\nThis sets the max_pending_repairs setting in the repair_service section of the\r\nOpsCenter configuration file. See\r\nhttp://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html\r\nfor more details. A value of *undef* will ensure the setting is not present\r\nin the file. Default value *undef*\r\n\r\n##### `repair_service_max_rotate`\r\nThis sets the max_rotate setting in the repair_service section of the\r\nOpsCenter configuration file. See\r\nhttp://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html\r\nfor more details. A value of *undef* will ensure the setting is not present\r\nin the file. Default value *undef*\r\n\r\n##### `repair_service_min_repair_time`\r\nThis sets the min_repair_time setting in the repair_service section of the\r\nOpsCenter configuration file. See\r\nhttp://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html\r\nfor more details. A value of *undef* will ensure the setting is not present\r\nin the file. Default value *undef*\r\n\r\n##### `repair_service_min_throughput`\r\nThis sets the min_throughput setting in the repair_service section of the\r\nOpsCenter configuration file. See\r\nhttp://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html\r\nfor more details. A value of *undef* will ensure the setting is not present\r\nin the file. Default value *undef*\r\n\r\n##### `repair_service_num_recent_throughputs`\r\nThis sets the num_recent_throughputs setting in the repair_service section of the\r\nOpsCenter configuration file. See\r\nhttp://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html\r\nfor more details. A value of *undef* will ensure the setting is not present\r\nin the file. Default value *undef*\r\n\r\n##### `repair_service_persist_directory`\r\nThis sets the persist_directory setting in the repair_service section of the\r\nOpsCenter configuration file. See\r\nhttp://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html\r\nfor more details. A value of *undef* will ensure the setting is not present\r\nin the file. Default value *undef*\r\n\r\n##### `repair_service_persist_period`\r\nThis sets the persist_period setting in the repair_service section of the\r\nOpsCenter configuration file. See\r\nhttp://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html\r\nfor more details. A value of *undef* will ensure the setting is not present\r\nin the file. Default value *undef*\r\n\r\n##### `repair_service_restart_period`\r\nThis sets the restart_period setting in the repair_service section of the\r\nOpsCenter configuration file. See\r\nhttp://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html\r\nfor more details. A value of *undef* will ensure the setting is not present\r\nin the file. Default value *undef*\r\n\r\n##### `repair_service_single_repair_timeout`\r\nThis sets the single_repair_timeout setting in the repair_service section of the\r\nOpsCenter configuration file. See\r\nhttp://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html\r\nfor more details. A value of *undef* will ensure the setting is not present\r\nin the file. Default value *undef*\r\n\r\n##### `repair_service_single_task_err_threshold`\r\nThis sets the single_task_err_threshold setting in the repair_service section of the\r\nOpsCenter configuration file. See\r\nhttp://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html\r\nfor more details. A value of *undef* will ensure the setting is not present\r\nin the file. Default value *undef*\r\n\r\n##### `repair_service_snapshot_override`\r\nThis sets the snapshot_override setting in the repair_service section of the\r\nOpsCenter configuration file. See\r\nhttp://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html\r\nfor more details. A value of *undef* will ensure the setting is not present\r\nin the file. Default value *undef*\r\n\r\n##### `request_tracker_queue_size`\r\nThis sets the queue_size setting in the request_tracker section of the\r\nOpsCenter configuration file. See\r\nhttp://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html\r\nfor more details. A value of *undef* will ensure the setting is not present\r\nin the file. Default value *undef*\r\n\r\n##### `security_config_encryption_active`\r\nThis sets the config_encryption_active setting in the security section of the\r\nOpsCenter configuration file. See\r\nhttp://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html\r\nfor more details. A value of *undef* will ensure the setting is not present\r\nin the file. Default value *undef*\r\n\r\n##### `security_config_encryption_key_name`\r\nThis sets the config_encryption_key_name setting in the security section of the\r\nOpsCenter configuration file. See\r\nhttp://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html\r\nfor more details. A value of *undef* will ensure the setting is not present\r\nin the file. Default value *undef*\r\n\r\n##### `security_config_encryption_key_path`\r\nThis sets the config_encryption_key_path setting in the security section of the\r\nOpsCenter configuration file. See\r\nhttp://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html\r\nfor more details. A value of *undef* will ensure the setting is not present\r\nin the file. Default value *undef*\r\n\r\n##### `service_enable`\r\nEnable the OpsCenter service to start at boot time. Valid values are true\r\nor false.\r\nDefault value 'true'\r\n\r\n##### `service_ensure`\r\nEnsure the OpsCenter service is running. Valid values are running or stopped.\r\nDefault value 'running'\r\n\r\n##### `service_name`\r\nThe name of the service that runs the OpsCenter software.\r\nDefault value 'opscenterd'\r\n\r\n##### `spark_base_master_proxy_port`\r\nThis sets the base_master_proxy_port setting in the spark section of the\r\nOpsCenter configuration file. See\r\nhttp://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html\r\nfor more details. A value of *undef* will ensure the setting is not present\r\nin the file. Default value *undef*\r\n\r\n##### `stat_reporter_initial_sleep`\r\nThis sets the initial_sleep setting in the stat_reporter section of the\r\nOpsCenter configuration file. See\r\nhttp://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html\r\nfor more details. A value of *undef* will ensure the setting is not present\r\nin the file. Default value *undef*\r\n\r\n##### `stat_reporter_interval`\r\nThis sets the interval setting in the stat_reporter section of the\r\nOpsCenter configuration file. See\r\nhttp://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html\r\nfor more details. A value of *undef* will ensure the setting is not present\r\nin the file. Default value *undef*\r\n\r\n##### `stat_reporter_report_file`\r\nThis sets the report_file setting in the stat_reporter section of the\r\nOpsCenter configuration file. See\r\nhttp://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html\r\nfor more details. A value of *undef* will ensure the setting is not present\r\nin the file. Default value *undef*\r\n\r\n##### `stat_reporter_ssl_key`\r\nThis sets the ssl_key setting in the stat_reporter section of the\r\nOpsCenter configuration file. See\r\nhttp://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html\r\nfor more details. A value of *undef* will ensure the setting is not present\r\nin the file. Default value *undef*\r\n\r\n##### `ui_default_api_timeout`\r\nThis sets the default_api_timeout setting in the ui section of the\r\nOpsCenter configuration file. See\r\nhttp://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html\r\nfor more details. A value of *undef* will ensure the setting is not present\r\nin the file. Default value *undef*\r\n\r\n##### `ui_max_metrics_requests`\r\nThis sets the max_metrics_requests setting in the ui section of the\r\nOpsCenter configuration file. See\r\nhttp://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html\r\nfor more details. A value of *undef* will ensure the setting is not present\r\nin the file. Default value *undef*\r\n\r\n##### `ui_node_detail_refresh_delay`\r\nThis sets the node_detail_refresh_delay setting in the ui section of the\r\nOpsCenter configuration file. See\r\nhttp://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html\r\nfor more details. A value of *undef* will ensure the setting is not present\r\nin the file. Default value *undef*\r\n\r\n##### `ui_storagemap_ttl`\r\nThis sets the storagemap_ttl setting in the ui section of the\r\nOpsCenter configuration file. See\r\nhttp://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html\r\nfor more details. A value of *undef* will ensure the setting is not present\r\nin the file. Default value *undef*\r\n\r\n##### `webserver_interface`\r\nThis sets the interface setting in the webserver section of the\r\nOpsCenter configuration file. See\r\nhttp://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html\r\nfor more details. A value of *undef* will ensure the setting is not present\r\nin the file. Default value '0.0.0.0'\r\n\r\n##### `webserver_log_path`\r\nThis sets the log_path setting in the webserver section of the\r\nOpsCenter configuration file. See\r\nhttp://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html\r\nfor more details. A value of *undef* will ensure the setting is not present\r\nin the file. Default value *undef*\r\n\r\n##### `webserver_port`\r\nThis sets the port setting in the webserver section of the\r\nOpsCenter configuration file. See\r\nhttp://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html\r\nfor more details. A value of *undef* will ensure the setting is not present\r\nin the file. Default value '8888'\r\n\r\n##### `webserver_ssl_certfile`\r\nThis sets the ssl_certfile setting in the webserver section of the\r\nOpsCenter configuration file. See\r\nhttp://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html\r\nfor more details. A value of *undef* will ensure the setting is not present\r\nin the file. Default value *undef*\r\n\r\n##### `webserver_ssl_keyfile`\r\nThis sets the ssl_keyfile setting in the webserver section of the\r\nOpsCenter configuration file. See\r\nhttp://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html\r\nfor more details. A value of *undef* will ensure the setting is not present\r\nin the file. Default value *undef*\r\n\r\n##### `webserver_ssl_port`\r\nThis sets the ssl_port setting in the webserver section of the\r\nOpsCenter configuration file. See\r\nhttp://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html\r\nfor more details. A value of *undef* will ensure the setting is not present\r\nin the file. Default value *undef*\r\n\r\n##### `webserver_staticdir`\r\nThis sets the staticdir setting in the webserver section of the\r\nOpsCenter configuration file. See\r\nhttp://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html\r\nfor more details. A value of *undef* will ensure the setting is not present\r\nin the file. Default value *undef*\r\n\r\n##### `webserver_sub_process_timeout`\r\nThis sets the sub_process_timeout setting in the webserver section of the\r\nOpsCenter configuration file. See\r\nhttp://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html\r\nfor more details. A value of *undef* will ensure the setting is not present\r\nin the file. Default value *undef*\r\n\r\n##### `webserver_tarball_process_timeout`\r\nThis sets the tarball_process_timeout setting in the webserver section of the\r\nOpsCenter configuration file. See\r\nhttp://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscConfigProps_r.html\r\nfor more details. A value of *undef* will ensure the setting is not present\r\nin the file. Default value *undef*\r\n\r\n\r\n### Class: cassandra::opscenter::pycrypto\r\n\r\nOn the Red Hat family of operating systems, if one intends to use encryption\r\nfor configuration values then the pycrypto library is required. This class\r\nwill install it for the user. See\r\nhttp://docs.datastax.com/en/opscenter/5.2//opsc/configure/installPycrypto.html\r\nfor more details.\r\n\r\nThis class has no effect when included on nodes that are not in the Red Hat\r\nfamily.\r\n\r\n#### Parameters\r\n\r\n##### `ensure`\r\nThis is passed to the package reference for **pycrypto**. Valid values are\r\n**present** or a version number.\r\nDefault value 'present'\r\n\r\n##### `manage_epel`\r\nIf set to true, the **epel-release** package will be installed.\r\nDefault value 'false'\r\n\r\n##### `package_name`\r\nThe name of the PyCrypto package.\r\nDefault value 'pycrypto'\r\n\r\n##### `provider`\r\nThe name of the provider of the pycrypto package.\r\nDefault value 'pip'\r\n\r\n##### `reqd_pckgs`\r\nPackages that are required to install the pycrypto package.\r\nDefault value '['python-devel', 'python-pip' ]'\r\n\r\n### Class: cassandra::optutils\r\n\r\nA class to install the optional Cassandra tools package.\r\n\r\n#### Parameters\r\n\r\n##### `ensure`\r\nIs passed to the package reference. Valid values are **present** or a version\r\nnumber.\r\nDefault value 'present'\r\n\r\n##### `package_name`\r\nIf the default value of *undef* is left as it is, then a package called\r\ncassandra22-tools or cassandra-tools will be installed\r\non a Red Hat family or Ubuntu system respectively. Alternatively, one\r\ncan specify a package that is available in a package repository to the\r\nnode.\r\nDefault value *undef*\r\n\r\n### Defined Type cassandra::opscenter::cluster_name\r\n\r\nWith DataStax Enterprise, one can specify a remote keyspace for OpsCenter\r\nto store metric data (this is not available in the DataStax Community Edition).\r\n\r\n#### Parameters\r\n\r\n##### `cassandra_seed_hosts`\r\nThis sets the seed_hosts setting in the cassandra section of the\r\n_cluster_name_.conf configuration file. See\r\nhttp://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscStoringCollectionDataDifferentCluster_t.html\r\nfor more details. A value of *undef* will ensure the setting is not\r\npresent in the file. Default value *undef*\r\n\r\n##### `storage_cassandra_api_port`\r\nThis sets the api_port setting in the storage_cassandra section of the\r\n_cluster_name_.conf configuration file. See\r\nhttp://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscStoringCollectionDataDifferentCluster_t.html\r\nfor more details. A value of *undef* will ensure the setting is not\r\npresent in the file. Default value *undef*\r\n\r\n##### `storage_cassandra_bind_interface`\r\nThis sets the bind_interface setting in the storage_cassandra section of the\r\n_cluster_name_.conf configuration file. See\r\nhttp://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscStoringCollectionDataDifferentCluster_t.html\r\nfor more details. A value of *undef* will ensure the setting is not\r\npresent in the file. Default value *undef*\r\n\r\n##### `storage_cassandra_connection_pool_size`\r\nThis sets the connection_pool_size setting in the storage_cassandra section of the\r\n_cluster_name_.conf configuration file. See\r\nhttp://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscStoringCollectionDataDifferentCluster_t.html\r\nfor more details. A value of *undef* will ensure the setting is not\r\npresent in the file. Default value *undef*\r\n\r\n##### `storage_cassandra_connect_timeout`\r\nThis sets the connect_timeout setting in the storage_cassandra section of the\r\n_cluster_name_.conf configuration file. See\r\nhttp://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscStoringCollectionDataDifferentCluster_t.html\r\nfor more details. A value of *undef* will ensure the setting is not\r\npresent in the file. Default value *undef*\r\n\r\n##### `storage_cassandra_cql_port`\r\nThis sets the cql_port setting in the storage_cassandra section of the\r\n_cluster_name_.conf configuration file. See\r\nhttp://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscStoringCollectionDataDifferentCluster_t.html\r\nfor more details. A value of *undef* will ensure the setting is not\r\npresent in the file. Default value *undef*\r\n\r\n##### `storage_cassandra_keyspace`\r\nThis sets the keyspace setting in the storage_cassandra section of the\r\n_cluster_name_.conf configuration file. See\r\nhttp://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscStoringCollectionDataDifferentCluster_t.html\r\nfor more details. A value of *undef* will ensure the setting is not\r\npresent in the file. Default value *undef*\r\n\r\n##### `storage_cassandra_local_dc_pref`\r\nThis sets the local_dc_pref setting in the storage_cassandra section of the\r\n_cluster_name_.conf configuration file. See\r\nhttp://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscStoringCollectionDataDifferentCluster_t.html\r\nfor more details. A value of *undef* will ensure the setting is not\r\npresent in the file. Default value *undef*\r\n\r\n##### `storage_cassandra_password`\r\nThis sets the password setting in the storage_cassandra section of the\r\n_cluster_name_.conf configuration file. See\r\nhttp://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscStoringCollectionDataDifferentCluster_t.html\r\nfor more details. A value of *undef* will ensure the setting is not\r\npresent in the file. Default value *undef*\r\n\r\n##### `storage_cassandra_retry_delay`\r\nThis sets the retry_delay setting in the storage_cassandra section of the\r\n_cluster_name_.conf configuration file. See\r\nhttp://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscStoringCollectionDataDifferentCluster_t.html\r\nfor more details. A value of *undef* will ensure the setting is not\r\npresent in the file. Default value *undef*\r\n\r\n##### `storage_cassandra_seed_hosts`\r\nThis sets the seed_hosts setting in the storage_cassandra section of the\r\n_cluster_name_.conf configuration file. See\r\nhttp://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscStoringCollectionDataDifferentCluster_t.html\r\nfor more details. A value of *undef* will ensure the setting is not\r\npresent in the file. Default value *undef*\r\n\r\n##### `storage_cassandra_send_rpc`\r\nThis sets the send_rpc setting in the storage_cassandra section of the\r\n_cluster_name_.conf configuration file. See\r\nhttp://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscStoringCollectionDataDifferentCluster_t.html\r\nfor more details. A value of *undef* will ensure the setting is not\r\npresent in the file. Default value *undef*\r\n\r\n##### `storage_cassandra_ssl_ca_certs`\r\nThis sets the ssl_ca_certs setting in the storage_cassandra section of the\r\n_cluster_name_.conf configuration file. See\r\nhttp://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscStoringCollectionDataDifferentCluster_t.html\r\nfor more details. A value of *undef* will ensure the setting is not\r\npresent in the file. Default value *undef*\r\n\r\n##### `storage_cassandra_ssl_client_key`\r\nThis sets the ssl_client_key setting in the storage_cassandra section of the\r\n_cluster_name_.conf configuration file. See\r\nhttp://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscStoringCollectionDataDifferentCluster_t.html\r\nfor more details. A value of *undef* will ensure the setting is not\r\npresent in the file. Default value *undef*\r\n\r\n##### `storage_cassandra_ssl_client_pem`\r\nThis sets the ssl_client_pem setting in the storage_cassandra section of the\r\n_cluster_name_.conf configuration file. See\r\nhttp://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscStoringCollectionDataDifferentCluster_t.html\r\nfor more details. A value of *undef* will ensure the setting is not\r\npresent in the file. Default value *undef*\r\n\r\n##### `storage_cassandra_ssl_validate`\r\nThis sets the ssl_validate setting in the storage_cassandra section of the\r\n_cluster_name_.conf configuration file. See\r\nhttp://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscStoringCollectionDataDifferentCluster_t.html\r\nfor more details. A value of *undef* will ensure the setting is not\r\npresent in the file. Default value *undef*\r\n\r\n##### `storage_cassandra_used_hosts_per_remote_dc`\r\nThis sets the used_hosts_per_remote_dc setting in the storage_cassandra section of the\r\n_cluster_name_.conf configuration file. See\r\nhttp://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscStoringCollectionDataDifferentCluster_t.html\r\nfor more details. A value of *undef* will ensure the setting is not\r\npresent in the file. Default value *undef*\r\n\r\n##### `storage_cassandra_username`\r\nThis sets the username setting in the storage_cassandra section of the\r\n_cluster_name_.conf configuration file. See\r\nhttp://docs.datastax.com/en/opscenter/5.2/opsc/configure/opscStoringCollectionDataDifferentCluster_t.html\r\nfor more details. A value of *undef* will ensure the setting is not\r\npresent in the file. Default value *undef*\r\n\r\n### Defined Type cassandra::firewall_ports::rule\r\n\r\nA defined type to be used as a macro for setting host based firewall\r\nrules. This is not intended to be used by a user (who should use the\r\nAPI provided by cassandra::firewall_ports instead) but is documented\r\nhere for completeness.\r\n\r\n#### Parameters\r\n\r\n##### `title`\r\nA text field that contains the protocol name and CIDR address of a subnet.\r\n\r\n##### `port`\r\nThe number(s) of the port(s) to be opened.\r\n\r\n### Defined Type cassandra::opscenter::setting\r\n\r\nA defined type to be used as a macro for settings in the OpsCenter\r\nconfiguration file. This is not intended to be used by a user (who\r\nshould use the API provided by cassandra::opscenter instead) but is documented\r\nhere for completeness.\r\n\r\n#### Parameters\r\n\r\n##### `service_name`\r\nThe name of the service to be notified if a change is made to the\r\nconfiguration file. Typically this would by **opscenterd**.\r\n\r\n##### `path`\r\nThe path to the configuration file. Typically this would by\r\n**/etc/opscenter/opscenterd.conf**.\r\n\r\n##### `section`\r\nThe section in the configuration file to be added to (e.g. **webserver**).\r\n\r\n##### `setting`\r\nThe setting within the section of the configuration file to changed\r\n(e.g. **port**).\r\n\r\n##### `value`\r\nThe setting value to be changed to (e.g. **8888**).\r\n\r\n## Limitations\r\n\r\nTested on the Red Hat family versions 6 and 7, Ubuntu 12.04 and 14.04,\r\nDebian 7 Puppet (CE) 3.7.5 and DSC 2.\r\n\r\nFrom release 1.6.0 of this module, regular updates of the Cassandra 1.X\r\ntemplate will cease and testing against this template will cease. Testing\r\nagainst the template for versions of Cassandra >= 2.X will continue.\r\n\r\n## Contributers\r\n\r\nContributions will be gratefully accepted. Please go to the project page,\r\nfork the project, make your changes locally and then raise a pull request.\r\nDetails on how to do this are available at\r\nhttps://guides.github.com/activities/contributing-to-open-source.\r\n\r\nPlease also see the\r\n[CONTRIBUTING.md](https://github.com/locp/cassandra/blob/master/CONTRIBUTING.md)\r\npage for project specific requirements.\r\n\r\n### Additional Contributers\r\n\r\n* Yanis Guenane (GitHub [@spredzy](https://github.com/Spredzy)) provided the\r\nCassandra 1.x compatible template\r\n(see [#11](https://github.com/locp/cassandra/pull/11)).\r\n\r\n* Amos Shapira (GitHub [@amosshapira](https://github.com/amosshapira)) fixed\r\na bug in the requirements metadata that caused a problem with Puppetfile\r\n(see [#34](https://github.com/locp/cassandra/pull/34)).\r\n\r\n* Dylan Griffith (GitHub [@DylanGriffith](https://github.com/DylanGriffith))\r\nidentified that the dependency for puppetlabs-apt was incorrect\r\n(see [#87](https://github.com/locp/cassandra/pull/87)).\r\n\r\n* Sam Powers (GitHub [@sampowers](https://github.com/sampowers)) reported a\r\nbug in the ability to set the running state of the Cassandra service and\r\nsubsequently submitted a pull request with a fix\r\n(see [#93](https://github.com/locp/cassandra/issues/93)).\r\n\r\n* [@markasammut](https://github.com/markasammut) contributed a pull request\r\nto set the batch_size_warn_threshold_in_kb parameter (see\r\n[#100](https://github.com/locp/cassandra/pull/100)).\r\n\r\n* [@markasammut](https://github.com/markasammut) also contributed a pull\r\nrequest to restart the service if the datastax-agent package is upgraded\r\n(see [#110](https://github.com/locp/cassandra/pull/110)).\r\n","google":"UA-6773548-6","note":"Don't delete this file! It's used internally to help with page regeneration."} \ No newline at end of file diff --git a/cassandra/spec/acceptance/cassandra_spec.rb b/cassandra/spec/acceptance/cassandra_spec.rb deleted file mode 100644 index 06ad6a81b..000000000 --- a/cassandra/spec/acceptance/cassandra_spec.rb +++ /dev/null @@ -1,167 +0,0 @@ -require 'spec_helper_acceptance' - -describe 'cassandra class' do - pre_req_install_pp = <<-EOS - include '::cassandra::datastax_repo' - include '::cassandra::java' - EOS - - describe 'Pre-requisits installation.' do - it 'should work with no errors' do - apply_manifest(pre_req_install_pp, :catch_failures => true) - end - it 'check code is idempotent' do - expect(apply_manifest(pre_req_install_pp, - :catch_failures => true).exit_code).to be_zero - end - end - - cassandra_install_pp = <<-EOS - class { 'cassandra': - cassandra_9822 => true, - commitlog_directory_mode => '0770', - data_file_directories_mode => '0770', - saved_caches_directory_mode => '0770' - } - EOS - - describe 'Cassandra installation.' do - it 'should work with no errors' do - apply_manifest(cassandra_install_pp, :catch_failures => true) - end - it 'check code is idempotent' do - expect(apply_manifest(cassandra_install_pp, - :catch_failures => true).exit_code).to be_zero - end - end - - optutils_install_pp = <<-EOS - class { 'cassandra': - cassandra_9822 => true, - commitlog_directory_mode => '0770', - data_file_directories_mode => '0770', - saved_caches_directory_mode => '0770' - } - include '::cassandra::optutils' - EOS - - describe 'Cassandra optional utilities installation.' do - it 'should work with no errors' do - apply_manifest(optutils_install_pp, :catch_failures => true) - end - it 'check code is idempotent' do - expect(apply_manifest(optutils_install_pp, - :catch_failures => true).exit_code).to be_zero - end - end - - datastax_agent_install_pp = <<-EOS - class { 'cassandra': - cassandra_9822 => true, - commitlog_directory_mode => '0770', - data_file_directories_mode => '0770', - saved_caches_directory_mode => '0770' - } - include '::cassandra::datastax_agent' - EOS - - describe 'DataStax agent installation.' do - it 'should work with no errors' do - apply_manifest(datastax_agent_install_pp, :catch_failures => true) - end - it 'check code is idempotent' do - expect(apply_manifest(datastax_agent_install_pp, - :catch_failures => true).exit_code).to be_zero - end - end - - opscenter_install_pp = <<-EOS - class { '::cassandra::opscenter::pycrypto': - manage_epel => true, - before => Class['::cassandra::opscenter'] - } - - include '::cassandra::opscenter' - EOS - - describe 'OpsCenter installation.' do - it 'should work with no errors' do - apply_manifest(opscenter_install_pp, :catch_failures => true) - end - it 'check code is idempotent' do - expect(apply_manifest(opscenter_install_pp, - :catch_failures => true).exit_code).to be_zero - end - end - - firewall_config_pp = <<-EOS - class { 'cassandra': - cassandra_9822 => true, - commitlog_directory_mode => '0770', - data_file_directories_mode => '0770', - saved_caches_directory_mode => '0770' - } - include '::cassandra::optutils' - include '::cassandra::datastax_agent' - include '::cassandra::opscenter' - include '::cassandra::opscenter::pycrypto' - - # This really sucks but Docker, CentOS 6 and iptables don't play nicely - # together. Therefore we can't test the firewall on this platform :-( - if $::operatingsystem != CentOS and $::operatingsystemmajrelease != 6 { - include '::cassandra::firewall_ports' - } - EOS - - describe 'Firewall configuration.' do - it 'should work with no errors' do - apply_manifest(firewall_config_pp, :catch_failures => true) - end - it 'check code is idempotent' do - expect(apply_manifest(firewall_config_pp, - :catch_failures => true).exit_code).to be_zero - end - end - - describe service('cassandra') do - it { is_expected.to be_running } - it { is_expected.to be_enabled } - end - - describe service('datastax-agent') do - it { is_expected.to be_running } - it { is_expected.to be_enabled } - end - - describe service('opscenterd') do - it { is_expected.to be_running } - it { is_expected.to be_enabled } - end - - check_against_previous_version_pp = <<-EOS - include cassandra - EOS - - describe 'Ensure config file does get updated unnecessarily.' do - it 'Initial install manifest again' do - apply_manifest(check_against_previous_version_pp, - :catch_failures => true) - end - it 'Copy the current module to the side without error.' do - shell("cp -R /etc/puppet/modules/cassandra /var/tmp", - :acceptable_exit_codes => 0) - end - it 'Remove the current module without error.' do - shell("puppet module uninstall locp-cassandra", - :acceptable_exit_codes => 0) - end - it 'Install the latest module from the forge.' do - shell("puppet module install locp-cassandra", - :acceptable_exit_codes => 0) - end - it 'check initial install works with no changes.' do - expect(apply_manifest(check_against_previous_version_pp, - :catch_failures => true).exit_code).to be_zero - end - end -end diff --git a/cassandra/spec/acceptance/nodesets/centos6.yml b/cassandra/spec/acceptance/nodesets/centos6.yml deleted file mode 100644 index 6ce4a54b2..000000000 --- a/cassandra/spec/acceptance/nodesets/centos6.yml +++ /dev/null @@ -1,13 +0,0 @@ -HOSTS: - centos-6-x64: - roles: - - master - platform: el-6-x86_64 - image: centos:6 - hypervisor: docker - docker_cmd: '["/sbin/init"]' - docker_image_commands: - - 'yum -y install gcc tar' -CONFIG: - type: foss - log_level: info diff --git a/cassandra/spec/acceptance/nodesets/centos7.yml b/cassandra/spec/acceptance/nodesets/centos7.yml deleted file mode 100644 index 0fbec5cb4..000000000 --- a/cassandra/spec/acceptance/nodesets/centos7.yml +++ /dev/null @@ -1,13 +0,0 @@ -HOSTS: - centos-7-x64: - roles: - - master - platform: el-7-x86_64 - image: centos:7 - hypervisor: docker - docker_cmd: '["/sbin/init"]' - docker_image_commands: - - 'yum -y install gcc tar' -CONFIG: - type: foss - log_level: info diff --git a/cassandra/spec/acceptance/nodesets/debian7.yml b/cassandra/spec/acceptance/nodesets/debian7.yml deleted file mode 100644 index b1cf4ffca..000000000 --- a/cassandra/spec/acceptance/nodesets/debian7.yml +++ /dev/null @@ -1,11 +0,0 @@ -HOSTS: - debian-server: - roles: - - master - platform: debian-7-amd64 - image: debian:7 - hypervisor: docker - docker_image_commands: - - 'apt-get install -y sudo ufw wget' -CONFIG: - type: foss diff --git a/cassandra/spec/acceptance/nodesets/ubuntu12.04.yml b/cassandra/spec/acceptance/nodesets/ubuntu12.04.yml deleted file mode 100644 index 73d6db20c..000000000 --- a/cassandra/spec/acceptance/nodesets/ubuntu12.04.yml +++ /dev/null @@ -1,13 +0,0 @@ -HOSTS: - ubuntu-server-1204-x64: - roles: - - master - platform: ubuntu-1204-amd64 - image: ubuntu-upstart:12.04 - hypervisor: docker - docker_cmd: '["/sbin/init"]' - docker_image_commands: - - 'apt-get install -y sudo ufw wget' -CONFIG: - type: foss - log_level: info diff --git a/cassandra/spec/acceptance/nodesets/ubuntu14.04.yml b/cassandra/spec/acceptance/nodesets/ubuntu14.04.yml deleted file mode 100644 index efcdedb26..000000000 --- a/cassandra/spec/acceptance/nodesets/ubuntu14.04.yml +++ /dev/null @@ -1,11 +0,0 @@ -HOSTS: - ubuntu-server: - roles: - - master - platform: ubuntu-14.04-x64 - image: ubuntu-upstart:14.04 - hypervisor: docker - docker_image_commands: - - 'apt-get install -y sudo ufw wget' -CONFIG: - type: foss diff --git a/cassandra/spec/classes/cassandra_debian_spec.rb b/cassandra/spec/classes/cassandra_debian_spec.rb deleted file mode 100644 index 830e9f46a..000000000 --- a/cassandra/spec/classes/cassandra_debian_spec.rb +++ /dev/null @@ -1,122 +0,0 @@ -require 'spec_helper' -describe 'cassandra' do - let(:pre_condition) { [ - 'class apt () {}', - 'class apt::update () {}', - 'define apt::key ($id, $source) {}', - 'define apt::source ($location, $comment, $release, $include) {}', - 'define ini_setting($ensure = nil, - $path, - $section, - $key_val_separator = nil, - $setting, - $value = nil) {}', - ] } - - context 'On a Debian OS with defaults for all parameters' do - let :facts do - { - :osfamily => 'Debian' - } - end - - it { should contain_class('cassandra') } - it { - should contain_service('cassandra').with({ - 'ensure' => 'running', - 'enable' => 'true' - }) - } - it { should contain_file('/etc/cassandra/cassandra.yaml') } - it { should contain_package('dsc22') } - it { is_expected.to contain_service('cassandra') } - it { is_expected.not_to contain_class('apt') } - it { is_expected.not_to contain_class('apt::update') } - it { is_expected.not_to contain_apt__key('datastaxkey') } - it { is_expected.not_to contain_apt__source('datastax') } - it { is_expected.not_to contain_exec('update-cassandra-repos') } - it { - should contain_ini_setting('rackdc.properties.dc').with({ - 'path' => '/etc/cassandra/cassandra-rackdc.properties', - 'section' => '', - 'setting' => 'dc', - 'value' => 'DC1' - }) - } - it { - should contain_ini_setting('rackdc.properties.rack').with({ - 'path' => '/etc/cassandra/cassandra-rackdc.properties', - 'section' => '', - 'setting' => 'rack', - 'value' => 'RAC1' - }) - } - end - - context 'On a Debian OS with manage_dsc_repo set to true' do - let :facts do - { - :osfamily => 'Debian', - :lsbdistid => 'Ubuntu', - :lsbdistrelease => '14.04' - } - end - - let :params do - { - :manage_dsc_repo => true, - :service_name => 'foobar_service' - } - end - - it { should contain_class('apt') } - it { should contain_class('apt::update') } - - it { - is_expected.to contain_apt__key('datastaxkey').with({ - 'id' => '7E41C00F85BFC1706C4FFFB3350200F2B999A372', - 'source' => 'http://debian.datastax.com/debian/repo_key', - }) - } - - it { - is_expected.to contain_apt__source('datastax').with({ - 'location' => 'http://debian.datastax.com/community', - 'comment' => 'DataStax Repo for Apache Cassandra', - 'release' => 'stable', - }) - } - - it { is_expected.to contain_exec('update-cassandra-repos') } - it { is_expected.to contain_service('cassandra') } - end - - context 'CASSANDRA-9822 not activated on Debian (default)' do - let :facts do - { - :osfamily => 'Debian', - :lsbdistid => 'Ubuntu', - :lsbdistrelease => '14.04' - } - end - it { is_expected.not_to contain_file('/etc/init.d/cassandra') } - end - - context 'CASSANDRA-9822 activated on Debian' do - let :facts do - { - :osfamily => 'Debian', - :lsbdistid => 'Ubuntu', - :lsbdistrelease => '14.04' - } - end - - let :params do - { - :cassandra_9822 => true - } - end - - it { is_expected.to contain_file('/etc/init.d/cassandra') } - end -end diff --git a/cassandra/spec/classes/cassandra_redhat_spec.rb b/cassandra/spec/classes/cassandra_redhat_spec.rb deleted file mode 100644 index 076eda18c..000000000 --- a/cassandra/spec/classes/cassandra_redhat_spec.rb +++ /dev/null @@ -1,130 +0,0 @@ -require 'spec_helper' -describe 'cassandra' do - let(:pre_condition) { [ - 'class apt () {}', - 'class apt::update () {}', - 'define apt::key ($id, $source) {}', - 'define apt::source ($location, $comment, $release, $include) {}', - 'define ini_setting($ensure = nil, - $path, - $section, - $key_val_separator = nil, - $setting, - $value = nil) {}', - ] } - - context 'On a RedHat OS with defaults for all parameters' do - let :facts do - { - :osfamily => 'RedHat' - } - end - - it { should contain_class('cassandra') } - it { should contain_file('/etc/cassandra/default.conf/cassandra.yaml') } - it { - should contain_service('cassandra').with({ - 'ensure' => 'running', - 'enable' => 'true' - }) - } - it { should contain_package('dsc22') } - it { is_expected.not_to contain_yumrepo('datastax') } - it { - should contain_ini_setting('rackdc.properties.dc').with({ - 'path' => '/etc/cassandra/default.conf/cassandra-rackdc.properties', - 'section' => '', - 'setting' => 'dc', - 'value' => 'DC1' - }) - } - it { - should contain_ini_setting('rackdc.properties.rack').with({ - 'path' => '/etc/cassandra/default.conf/cassandra-rackdc.properties', - 'section' => '', - 'setting' => 'rack', - 'value' => 'RAC1' - }) - } - it { - should contain_file('/var/lib/cassandra/data').with({ - 'ensure' => 'directory', - 'owner' => 'cassandra', - 'group' => 'cassandra', - 'mode' => '0750', - }) - } - it { - should contain_file('/var/lib/cassandra/commitlog').with({ - 'ensure' => 'directory', - 'owner' => 'cassandra', - 'group' => 'cassandra', - 'mode' => '0750', - }) - } - it { - should contain_file('/var/lib/cassandra/saved_caches').with({ - 'ensure' => 'directory', - 'owner' => 'cassandra', - 'group' => 'cassandra', - 'mode' => '0750', - }) - } - end - - context 'On a RedHat OS with manage_dsc_repo set to true' do - let :facts do - { - :osfamily => 'RedHat' - } - end - - let :params do - { - :manage_dsc_repo => true, - } - end - - it { should contain_yumrepo('datastax') } - end - - context 'Install DSE on a Red Hat family OS.' do - let :facts do - { - :osfamily => 'RedHat' - } - end - - let :params do - { - :package_ensure => '4.7.0-1', - :package_name => 'dse-full', - :cluster_name => 'DSE Cluster', - :config_path => '/etc/dse/cassandra', - :service_name => 'dse' - } - end - - it { - is_expected.to contain_file('/etc/dse/cassandra/cassandra.yaml') - is_expected.to contain_package('dse-full').with_ensure('4.7.0-1') - is_expected.to contain_service('cassandra').with_name('dse') - } - end - - context 'CASSANDRA-9822 activated on Red Hat' do - let :facts do - { - :osfamily => 'RedHat' - } - end - - let :params do - { - :cassandra_9822 => true - } - end - - it { is_expected.not_to contain_file('/etc/init.d/cassandra') } - end -end diff --git a/cassandra/spec/classes/cassandra_spec.rb b/cassandra/spec/classes/cassandra_spec.rb deleted file mode 100644 index 40b923797..000000000 --- a/cassandra/spec/classes/cassandra_spec.rb +++ /dev/null @@ -1,255 +0,0 @@ -require 'spec_helper' -describe 'cassandra' do - let(:pre_condition) { [ - 'class apt () {}', - 'class apt::update () {}', - 'define apt::key ($id, $source) {}', - 'define apt::source ($location, $comment, $release, $include) {}', - 'define ini_setting($ensure = nil, - $path, - $section, - $key_val_separator = nil, - $setting, - $value = nil) {}', - ] } - - context 'On an unknown OS with defaults for all parameters' do - let :facts do - { - :osfamily => 'Darwin' - } - end - - it { should raise_error(Puppet::Error) } - end - - context 'Test the default parameters' do - let :facts do - { - :osfamily => 'RedHat' - } - end - - it { - should contain_file('/etc/cassandra/default.conf/cassandra.yaml').with_content(/^key_cache_size_in_mb:$/) - } - - it { - should contain_class('cassandra').only_with( - 'authenticator' => 'AllowAllAuthenticator', - 'authorizer' => 'AllowAllAuthorizer', - 'auto_snapshot' => true, - 'batchlog_replay_throttle_in_kb' => 1024, - 'batch_size_warn_threshold_in_kb' => 5, - 'cas_contention_timeout_in_ms' => 1000, - 'cassandra_9822' => false, - 'cassandra_yaml_tmpl' => 'cassandra/cassandra.yaml.erb', - 'client_encryption_enabled' => false, - 'client_encryption_keystore' => 'conf/.keystore', - 'client_encryption_keystore_password' => 'cassandra', - 'cluster_name' => 'Test Cluster', - 'column_index_size_in_kb' => 64, - 'commitlog_directory' => '/var/lib/cassandra/commitlog', - 'commitlog_directory_mode' => '0750', - 'commitlog_segment_size_in_mb' => 32, - 'commitlog_sync' => 'periodic', - 'commitlog_sync_period_in_ms' => 10000, - 'commit_failure_policy' => 'stop', - 'compaction_throughput_mb_per_sec' => 16, - 'concurrent_counter_writes' => 32, - 'concurrent_reads' => 32, - 'concurrent_writes' => 32, - 'config_file_mode' => '0666', - 'config_path' => nil, - 'counter_cache_save_period' => 7200, - 'counter_cache_size_in_mb' => '', - 'counter_write_request_timeout_in_ms' => 5000, - 'cross_node_timeout' => false, - 'data_file_directories' => ['/var/lib/cassandra/data'], - 'data_file_directories_mode' => '0750', - 'dc' => 'DC1', - 'disk_failure_policy' => 'stop', - 'dynamic_snitch_badness_threshold' => 0.1, - 'dynamic_snitch_reset_interval_in_ms' => 600000, - 'dynamic_snitch_update_interval_in_ms' => 100, - 'endpoint_snitch' => 'SimpleSnitch', - 'fail_on_non_supported_os' => true, - 'hinted_handoff_enabled' => true, - 'hinted_handoff_throttle_in_kb' => 1024, - 'incremental_backups' => false, - 'index_summary_capacity_in_mb' => '', - 'index_summary_resize_interval_in_minutes' => 60, - 'inter_dc_tcp_nodelay' => false, - 'internode_compression' => 'all', - 'key_cache_save_period' => 14400, - 'key_cache_size_in_mb' => '', - 'listen_address' => 'localhost', - 'manage_dsc_repo' => false, - 'max_hints_delivery_threads' => 2, - 'max_hint_window_in_ms' => 10800000, - 'native_transport_port' => 9042, - 'num_tokens' => 256, - 'package_ensure' => 'present', - 'package_name' => 'dsc22', - 'partitioner' => 'org.apache.cassandra.dht.Murmur3Partitioner', - 'permissions_validity_in_ms' => 2000, - #'prefer_local' => nil, - 'rack' => 'RAC1', - 'range_request_timeout_in_ms' => 10000, - 'read_request_timeout_in_ms' => 5000, - 'request_scheduler' => 'org.apache.cassandra.scheduler.NoScheduler', - 'request_timeout_in_ms' => 10000, - 'row_cache_save_period' => 0, - 'row_cache_size_in_mb' => 0, - 'rpc_address' => 'localhost', - 'rpc_port' => 9160, - 'rpc_server_type' => 'sync', - 'saved_caches_directory' => '/var/lib/cassandra/saved_caches', - 'saved_caches_directory_mode' => '0750', - 'seed_provider_class_name' => 'org.apache.cassandra.locator.SimpleSeedProvider', - 'seeds' => '127.0.0.1', - 'server_encryption_internode' => 'none', - 'server_encryption_keystore' => 'conf/.keystore', - 'server_encryption_keystore_password' => 'cassandra', - 'server_encryption_truststore' => 'conf/.truststore', - 'server_encryption_truststore_password' => 'cassandra', - 'service_enable' => true, - 'service_ensure' => 'running', - 'service_name' => 'cassandra', - 'service_refresh' => true, - 'snapshot_before_compaction' => false, - 'snitch_properties_file' => 'cassandra-rackdc.properties', - 'ssl_storage_port' => 7001, - 'sstable_preemptive_open_interval_in_mb' => 50, - 'start_native_transport' => true, - 'start_rpc' => true, - 'storage_port' => 7000, - 'tombstone_failure_threshold' => 100000, - 'tombstone_warn_threshold' => 1000, - 'trickle_fsync' => false, - 'trickle_fsync_interval_in_kb' => 10240, - 'truncate_request_timeout_in_ms' => 60000, - 'write_request_timeout_in_ms' => 2000, - ) - } - end - - context 'On an unsupported OS pleading tolerance (with dyslexia)' do - let :facts do - { - :osfamily => 'Darwin' - } - end - let :params do - { - :config_file_mode => '0755', - :config_path => '/etc/cassandra', - :fail_on_non_suppoted_os => false - } - end - - it { should compile } - end - - context 'On an unsupported OS pleading tolerance' do - let :facts do - { - :osfamily => 'Darwin' - } - end - let :params do - { - :config_file_mode => '0755', - :config_path => '/etc/cassandra', - :fail_on_non_supported_os => false - } - end - - it { - should contain_file('/etc/cassandra/cassandra.yaml').with({ - 'mode' => '0755' - }) - } - it { should have_resource_count(8) } - end - - context 'Test the dc and rack properties.' do - let :facts do - { - :osfamily => 'RedHat' - } - end - - let :params do - { - :snitch_properties_file => 'cassandra-topology.properties', - :dc => 'NYC', - :rack => 'R101', - :dc_suffix => '_1_cassandra', - :prefer_local => 'true' - } - end - it { - should contain_ini_setting('rackdc.properties.dc').with({ - 'path' => '/etc/cassandra/default.conf/cassandra-topology.properties', - 'section' => '', - 'setting' => 'dc', - 'value' => 'NYC' - }) - } - it { - should contain_ini_setting('rackdc.properties.rack').with({ - 'path' => '/etc/cassandra/default.conf/cassandra-topology.properties', - 'section' => '', - 'setting' => 'rack', - 'value' => 'R101' - }) - } - it { - should contain_service('cassandra').that_subscribes_to('Ini_setting[rackdc.properties.dc_suffix]') - should contain_ini_setting('rackdc.properties.dc_suffix').with({ - 'path' => '/etc/cassandra/default.conf/cassandra-topology.properties', - 'section' => '', - 'setting' => 'dc_suffix', - 'value' => '_1_cassandra' - }) - } - it { - should contain_service('cassandra').that_subscribes_to('Ini_setting[rackdc.properties.prefer_local]') - should contain_ini_setting('rackdc.properties.prefer_local').with({ - 'path' => '/etc/cassandra/default.conf/cassandra-topology.properties', - 'section' => '', - 'setting' => 'prefer_local', - 'value' => 'true' - }) - } - end - - context 'Ensure cassandra service can be stopped and disabled.' do - let :facts do - { - :osfamily => 'Debian' - } - end - - let :params do - { - :service_ensure => 'stopped', - :service_enable => 'false' - } - end - it { - should contain_service('cassandra').with({ - 'ensure' => 'stopped', - 'name' => 'cassandra', - 'enable' => 'false' - }) - } - it { - should contain_service('cassandra').that_subscribes_to('File[/etc/cassandra/cassandra.yaml]') - should contain_service('cassandra').that_subscribes_to('Ini_setting[rackdc.properties.dc]') - should contain_service('cassandra').that_subscribes_to('Ini_setting[rackdc.properties.rack]') - should contain_service('cassandra').that_subscribes_to('Package[dsc22]') - } - end -end diff --git a/cassandra/spec/classes/cassandra_template2_spec.rb b/cassandra/spec/classes/cassandra_template2_spec.rb deleted file mode 100644 index d0eae31a1..000000000 --- a/cassandra/spec/classes/cassandra_template2_spec.rb +++ /dev/null @@ -1,281 +0,0 @@ -require 'spec_helper' -describe 'cassandra' do - let(:pre_condition) { [ - 'class apt () {}', - 'class apt::update () {}', - 'define apt::key ($id, $source) {}', - 'define apt::source ($location, $comment, $release, $include) {}', - 'define ini_setting($ensure = nil, - $path, - $section, - $key_val_separator = nil, - $setting, - $value = nil) {}', - ] } - - context 'Test the cassandra.yml temlate.' do - let :facts do - { - :osfamily => 'RedHat' - } - end - - let :params do - { - :authenticator => 'foo', - :authorizer => 'foo', - :auto_bootstrap => false, - :auto_snapshot => 'foo', - :batch_size_warn_threshold_in_kb => '42', - :client_encryption_enabled => 'foo', - :client_encryption_keystore => 'foo', - :client_encryption_keystore_password => 'foo', - :cluster_name => 'foo', - :concurrent_counter_writes => 'foo', - :concurrent_reads => 'foo', - :concurrent_writes => 'foo', - :config_path => '/etc', - :disk_failure_policy => 'foo', - :endpoint_snitch => 'foo', - :hinted_handoff_enabled => 'foo', - :incremental_backups => 'foo', - :internode_compression => 'foo', - :listen_address => 'foo', - :native_transport_port => 'foo', - :num_tokens => 'foo', - :partitioner => 'foo', - :rpc_address => 'foo', - :rpc_port => 'foo', - :rpc_server_type => 'foo', - :seeds => 'foo', - :server_encryption_internode => 'foo', - :server_encryption_keystore => 'foo', - :server_encryption_keystore_password => 'foo', - :server_encryption_truststore => 'foo', - :server_encryption_truststore_password => 'foo', - :snapshot_before_compaction => 'foo', - :ssl_storage_port => 'foo', - :start_native_transport => 'foo', - :start_rpc => 'foo', - :storage_port => 'foo', - :batchlog_replay_throttle_in_kb => 'batchlog_replay_throttle_in_kb', - :cas_contention_timeout_in_ms => 'cas_contention_timeout_in_ms', - :column_index_size_in_kb => 'column_index_size_in_kb', - :commit_failure_policy => 'commit_failure_policy', - :compaction_throughput_mb_per_sec => 'compaction_throughput_mb_per_sec', - :counter_cache_save_period => 'counter_cache_save_period', - :counter_write_request_timeout_in_ms => 'counter_write_request_timeout_in_ms', - :cross_node_timeout => 'cross_node_timeout', - :dynamic_snitch_badness_threshold => 'dynamic_snitch_badness_threshold', - :dynamic_snitch_reset_interval_in_ms => 'dynamic_snitch_reset_interval_in_ms', - :dynamic_snitch_update_interval_in_ms => 'dynamic_snitch_update_interval_in_ms', - :hinted_handoff_throttle_in_kb => 'hinted_handoff_throttle_in_kb', - :index_summary_resize_interval_in_minutes => 'index_summary_resize_interval_in_minutes', - :inter_dc_tcp_nodelay => 'inter_dc_tcp_nodelay', - :max_hints_delivery_threads => 'max_hints_delivery_threads', - :max_hint_window_in_ms => 'max_hint_window_in_ms', - :permissions_validity_in_ms => 'permissions_validity_in_ms', - :range_request_timeout_in_ms => 'range_request_timeout_in_ms', - :read_request_timeout_in_ms => 'read_request_timeout_in_ms', - :request_scheduler => 'request_scheduler', - :request_timeout_in_ms => 'request_timeout_in_ms', - :row_cache_save_period => 'row_cache_save_period', - :row_cache_size_in_mb => 'row_cache_size_in_mb', - :sstable_preemptive_open_interval_in_mb => 'sstable_preemptive_open_interval_in_mb', - :tombstone_failure_threshold => 'tombstone_failure_threshold', - :tombstone_warn_threshold => 'tombstone_warn_threshold', - :trickle_fsync => 'trickle_fsync', - :trickle_fsync_interval_in_kb => 'trickle_fsync_interval_in_kb', - :truncate_request_timeout_in_ms => 'truncate_request_timeout_in_ms', - :write_request_timeout_in_ms => 'write_request_timeout_in_ms', - :commitlog_directory => 'commitlog_directory', - :saved_caches_directory => 'saved_caches_directory', - :data_file_directories => ['datadir1', 'datadir2'], - :initial_token => 'initial_token', - :permissions_update_interval_in_ms => 'permissions_update_interval_in_ms', - :row_cache_keys_to_save => 'row_cache_keys_to_save', - :counter_cache_keys_to_save => 'counter_cache_keys_to_save', - :memory_allocator => 'memory_allocator', - :commitlog_sync => 'commitlog_sync', - :commitlog_sync_batch_window_in_ms => 'commitlog_sync_batch_window_in_ms', - :file_cache_size_in_mb => 'file_cache_size_in_mb', - :memtable_heap_space_in_mb => 'memtable_heap_space_in_mb', - :memtable_offheap_space_in_mb => 'memtable_offheap_space_in_mb', - :memtable_cleanup_threshold => 'memtable_cleanup_threshold', - :commitlog_total_space_in_mb => 'commitlog_total_space_in_mb', - :memtable_flush_writers => 'memtable_flush_writers', - :broadcast_address => 'broadcast_address', - :internode_authenticator => 'internode_authenticator', - :native_transport_max_threads => 'native_transport_max_threads', - :native_transport_max_frame_size_in_mb => 'native_transport_max_frame_size_in_mb', - :native_transport_max_concurrent_connections => 'native_transport_max_concurrent_connections', - :native_transport_max_concurrent_connections_per_ip => 'native_transport_max_concurrent_connections_per_ip', - :broadcast_rpc_address => 'broadcast_rpc_address', - :rpc_min_threads => 'rpc_min_threads', - :rpc_max_threads => 'rpc_max_threads', - :rpc_send_buff_size_in_bytes => 'rpc_send_buff_size_in_bytes', - :rpc_recv_buff_size_in_bytes => 'rpc_recv_buff_size_in_bytes', - :internode_send_buff_size_in_bytes => 'internode_send_buff_size_in_bytes', - :internode_recv_buff_size_in_bytes => 'internode_recv_buff_size_in_bytes', - :concurrent_compactors => 'concurrent_compactors', - :stream_throughput_outbound_megabits_per_sec => 'stream_throughput_outbound_megabits_per_sec', - :inter_dc_stream_throughput_outbound_megabits_per_sec => 'inter_dc_stream_throughput_outbound_megabits_per_sec', - :streaming_socket_timeout_in_ms => 'streaming_socket_timeout_in_ms', - :phi_convict_threshold => 'phi_convict_threshold', - :request_scheduler_options_throttle_limit => 'request_scheduler_options_throttle_limit', - :request_scheduler_options_default_weight => 'request_scheduler_options_default_weight', - :commitlog_sync_period_in_ms => 'commitlog_sync_period_in_ms', - :commitlog_segment_size_in_mb => 'commitlog_segment_size_in_mb', - :key_cache_size_in_mb => 'key_cache_size_in_mb', - :key_cache_save_period => 'key_cache_save_period', - :client_encryption_algorithm => 'client_encryption_algorithm', - :client_encryption_cipher_suites => 'client_encryption_cipher_suites', - :client_encryption_protocol => 'client_encryption_protocol', - :client_encryption_require_client_auth => 'client_encryption_require_client_auth', - :client_encryption_store_type => 'client_encryption_store_type', - :client_encryption_truststore_password => 'client_encryption_truststore_password', - :client_encryption_truststore => 'client_encryption_truststore', - :counter_cache_size_in_mb => 'counter_cache_size_in_mb', - :index_summary_capacity_in_mb => 'index_summary_capacity_in_mb', - :key_cache_keys_to_save => 'key_cache_keys_to_save', - :seed_provider_class_name => 'seed_provider_class_name', - :server_encryption_algorithm => 'server_encryption_algorithm', - :server_encryption_cipher_suites => 'server_encryption_cipher_suites', - :server_encryption_protocol => 'server_encryption_protocol', - :server_encryption_require_client_auth => 'server_encryption_require_client_auth', - :server_encryption_store_type => 'server_encryption_store_type', - } - end - - it { should contain_file('/etc/cassandra.yaml').with_content(/authenticator: foo/) } - it { should contain_file('/etc/cassandra.yaml').with_content(/authorizer: foo/) } - it { - should contain_file('/etc/cassandra.yaml').with_content(/auto_bootstrap: false/) - } - it { should contain_file('/etc/cassandra.yaml').with_content(/auto_snapshot: foo/) } - it { should contain_file('/etc/cassandra.yaml').with_content(/enabled: foo/) } - it { should contain_file('/etc/cassandra.yaml').with_content(/keystore: foo/) } - it { should contain_file('/etc/cassandra.yaml').with_content(/keystore_password: foo/) } - it { should contain_file('/etc/cassandra.yaml').with_content(/batch_size_warn_threshold_in_kb: 42/) } - it { should contain_file('/etc/cassandra.yaml').with_content(/cluster_name: 'foo'/) } - it { should contain_file('/etc/cassandra.yaml').with_content(/concurrent_counter_writes: foo/) } - it { should contain_file('/etc/cassandra.yaml').with_content(/concurrent_reads: foo/) } - it { should contain_file('/etc/cassandra.yaml').with_content(/concurrent_writes: foo/) } - it { should contain_file('/etc/cassandra.yaml').with_content(/disk_failure_policy: foo/) } - it { should contain_file('/etc/cassandra.yaml').with_content(/endpoint_snitch: foo/) } - it { should contain_file('/etc/cassandra.yaml').with_content(/hinted_handoff_enabled: foo/) } - it { should contain_file('/etc/cassandra.yaml').with_content(/incremental_backups: foo/) } - it { should contain_file('/etc/cassandra.yaml').with_content(/internode_compression: foo/) } - it { should contain_file('/etc/cassandra.yaml').with_content(/listen_address: foo/) } - it { should contain_file('/etc/cassandra.yaml').with_content(/native_transport_port: foo/) } - it { should contain_file('/etc/cassandra.yaml').with_content(/num_tokens: foo/) } - it { should contain_file('/etc/cassandra.yaml').with_content(/partitioner: foo/) } - it { should contain_file('/etc/cassandra.yaml').with_content(/rpc_address: foo/) } - it { should contain_file('/etc/cassandra.yaml').with_content(/rpc_port: foo/) } - it { should contain_file('/etc/cassandra.yaml').with_content(/rpc_server_type: foo/) } - it { should contain_file('/etc/cassandra.yaml').with_content(/ - seeds: "foo"/) } - it { should contain_file('/etc/cassandra.yaml').with_content(/internode_encryption: foo/) } - it { should contain_file('/etc/cassandra.yaml').with_content(/keystore: foo/) } - it { should contain_file('/etc/cassandra.yaml').with_content(/keystore_password: foo/) } - it { should contain_file('/etc/cassandra.yaml').with_content(/truststore: foo/) } - it { should contain_file('/etc/cassandra.yaml').with_content(/truststore_password: foo/) } - it { should contain_file('/etc/cassandra.yaml').with_content(/snapshot_before_compaction: foo/) } - it { should contain_file('/etc/cassandra.yaml').with_content(/ssl_storage_port: foo/) } - it { should contain_file('/etc/cassandra.yaml').with_content(/start_native_transport: foo/) } - it { should contain_file('/etc/cassandra.yaml').with_content(/start_rpc: foo/) } - it { should contain_file('/etc/cassandra.yaml').with_content(/storage_port: foo/) } - it { should contain_file('/etc/cassandra.yaml').with_content(/batchlog_replay_throttle_in_kb: batchlog_replay_throttle_in_kb/) } - it { should contain_file('/etc/cassandra.yaml').with_content(/cas_contention_timeout_in_ms: cas_contention_timeout_in_ms/) } - it { should contain_file('/etc/cassandra.yaml').with_content(/column_index_size_in_kb: column_index_size_in_kb/) } - it { should contain_file('/etc/cassandra.yaml').with_content(/commit_failure_policy: commit_failure_policy/) } - it { should contain_file('/etc/cassandra.yaml').with_content(/compaction_throughput_mb_per_sec: compaction_throughput_mb_per_sec/) } - it { should contain_file('/etc/cassandra.yaml').with_content(/counter_cache_save_period: counter_cache_save_period/) } - it { should contain_file('/etc/cassandra.yaml').with_content(/counter_write_request_timeout_in_ms: counter_write_request_timeout_in_ms/) } - it { should contain_file('/etc/cassandra.yaml').with_content(/cross_node_timeout: cross_node_timeout/) } - it { should contain_file('/etc/cassandra.yaml').with_content(/dynamic_snitch_badness_threshold: dynamic_snitch_badness_threshold/) } - it { should contain_file('/etc/cassandra.yaml').with_content(/dynamic_snitch_reset_interval_in_ms: dynamic_snitch_reset_interval_in_ms/) } - it { should contain_file('/etc/cassandra.yaml').with_content(/dynamic_snitch_update_interval_in_ms: dynamic_snitch_update_interval_in_ms/) } - it { should contain_file('/etc/cassandra.yaml').with_content(/hinted_handoff_throttle_in_kb: hinted_handoff_throttle_in_kb/) } - it { should contain_file('/etc/cassandra.yaml').with_content(/index_summary_resize_interval_in_minutes: index_summary_resize_interval_in_minutes/) } - it { should contain_file('/etc/cassandra.yaml').with_content(/inter_dc_tcp_nodelay: inter_dc_tcp_nodelay/) } - it { should contain_file('/etc/cassandra.yaml').with_content(/max_hints_delivery_threads: max_hints_delivery_threads/) } - it { should contain_file('/etc/cassandra.yaml').with_content(/max_hint_window_in_ms: max_hint_window_in_ms/) } - it { should contain_file('/etc/cassandra.yaml').with_content(/permissions_validity_in_ms: permissions_validity_in_ms/) } - it { should contain_file('/etc/cassandra.yaml').with_content(/range_request_timeout_in_ms: range_request_timeout_in_ms/) } - it { should contain_file('/etc/cassandra.yaml').with_content(/read_request_timeout_in_ms: read_request_timeout_in_ms/) } - it { should contain_file('/etc/cassandra.yaml').with_content(/request_scheduler: request_scheduler/) } - it { should contain_file('/etc/cassandra.yaml').with_content(/request_timeout_in_ms: request_timeout_in_ms/) } - it { should contain_file('/etc/cassandra.yaml').with_content(/row_cache_save_period: row_cache_save_period/) } - it { should contain_file('/etc/cassandra.yaml').with_content(/row_cache_size_in_mb: row_cache_size_in_mb/) } - it { should contain_file('/etc/cassandra.yaml').with_content(/sstable_preemptive_open_interval_in_mb: sstable_preemptive_open_interval_in_mb/) } - it { should contain_file('/etc/cassandra.yaml').with_content(/tombstone_failure_threshold: tombstone_failure_threshold/) } - it { should contain_file('/etc/cassandra.yaml').with_content(/tombstone_warn_threshold: tombstone_warn_threshold/) } - it { should contain_file('/etc/cassandra.yaml').with_content(/trickle_fsync: trickle_fsync/) } - it { should contain_file('/etc/cassandra.yaml').with_content(/trickle_fsync_interval_in_kb: trickle_fsync_interval_in_kb/) } - it { should contain_file('/etc/cassandra.yaml').with_content(/truncate_request_timeout_in_ms: truncate_request_timeout_in_ms/) } - it { should contain_file('/etc/cassandra.yaml').with_content(/write_request_timeout_in_ms: write_request_timeout_in_ms/) } - it { should contain_file('/etc/cassandra.yaml').with_content(/commitlog_directory: commitlog_directory/) } - it { should contain_file('/etc/cassandra.yaml').with_content(/saved_caches_directory: saved_caches_directory/) } - it { should contain_file('/etc/cassandra.yaml').with_content(/ - datadir1/) } - it { should contain_file('/etc/cassandra.yaml').with_content(/ - datadir2/) } - it { should contain_file('/etc/cassandra.yaml').with_content(/initial_token: initial_token/) } - it { should contain_file('/etc/cassandra.yaml').with_content(/permissions_update_interval_in_ms: permissions_update_interval_in_ms/) } - it { should contain_file('/etc/cassandra.yaml').with_content(/row_cache_keys_to_save: row_cache_keys_to_save/) } - it { should contain_file('/etc/cassandra.yaml').with_content(/counter_cache_keys_to_save: counter_cache_keys_to_save/) } - it { should contain_file('/etc/cassandra.yaml').with_content(/memory_allocator: memory_allocator/) } - it { should contain_file('/etc/cassandra.yaml').with_content(/commitlog_sync: commitlog_sync/) } - it { should contain_file('/etc/cassandra.yaml').with_content(/commitlog_sync_batch_window_in_ms: commitlog_sync_batch_window_in_ms/) } - it { should contain_file('/etc/cassandra.yaml').with_content(/file_cache_size_in_mb: file_cache_size_in_mb/) } - it { should contain_file('/etc/cassandra.yaml').with_content(/memtable_heap_space_in_mb: memtable_heap_space_in_mb/) } - it { should contain_file('/etc/cassandra.yaml').with_content(/memtable_offheap_space_in_mb: memtable_offheap_space_in_mb/) } - it { should contain_file('/etc/cassandra.yaml').with_content(/memtable_cleanup_threshold: memtable_cleanup_threshold/) } - it { should contain_file('/etc/cassandra.yaml').with_content(/commitlog_total_space_in_mb: commitlog_total_space_in_mb/) } - it { should contain_file('/etc/cassandra.yaml').with_content(/memtable_flush_writers: memtable_flush_writers/) } - it { should contain_file('/etc/cassandra.yaml').with_content(/broadcast_address: broadcast_address/) } - it { should contain_file('/etc/cassandra.yaml').with_content(/internode_authenticator: internode_authenticator/) } - it { should contain_file('/etc/cassandra.yaml').with_content(/native_transport_max_threads: native_transport_max_threads/) } - it { should contain_file('/etc/cassandra.yaml').with_content(/native_transport_max_frame_size_in_mb: native_transport_max_frame_size_in_mb/) } - it { should contain_file('/etc/cassandra.yaml').with_content(/native_transport_max_concurrent_connections: native_transport_max_concurrent_connections/) } - it { should contain_file('/etc/cassandra.yaml').with_content(/native_transport_max_concurrent_connections_per_ip: native_transport_max_concurrent_connections_per_ip/) } - it { should contain_file('/etc/cassandra.yaml').with_content(/broadcast_rpc_address: broadcast_rpc_address/) } - it { should contain_file('/etc/cassandra.yaml').with_content(/rpc_min_threads: rpc_min_threads/) } - it { should contain_file('/etc/cassandra.yaml').with_content(/rpc_max_threads: rpc_max_threads/) } - it { should contain_file('/etc/cassandra.yaml').with_content(/rpc_send_buff_size_in_bytes: rpc_send_buff_size_in_bytes/) } - it { should contain_file('/etc/cassandra.yaml').with_content(/rpc_recv_buff_size_in_bytes: rpc_recv_buff_size_in_bytes/) } - it { should contain_file('/etc/cassandra.yaml').with_content(/internode_send_buff_size_in_bytes: internode_send_buff_size_in_bytes/) } - it { should contain_file('/etc/cassandra.yaml').with_content(/internode_recv_buff_size_in_bytes: internode_recv_buff_size_in_bytes/) } - it { should contain_file('/etc/cassandra.yaml').with_content(/concurrent_compactors: concurrent_compactors/) } - it { should contain_file('/etc/cassandra.yaml').with_content(/stream_throughput_outbound_megabits_per_sec: stream_throughput_outbound_megabits_per_sec/) } - it { should contain_file('/etc/cassandra.yaml').with_content(/inter_dc_stream_throughput_outbound_megabits_per_sec: inter_dc_stream_throughput_outbound_megabits_per_sec/) } - it { should contain_file('/etc/cassandra.yaml').with_content(/streaming_socket_timeout_in_ms: streaming_socket_timeout_in_ms/) } - it { should contain_file('/etc/cassandra.yaml').with_content(/phi_convict_threshold: phi_convict_threshold/) } - it { should contain_file('/etc/cassandra.yaml').with_content(/request_scheduler_options_throttle_limit: request_scheduler_options_throttle_limit/) } - it { should contain_file('/etc/cassandra.yaml').with_content(/request_scheduler_options_default_weight: request_scheduler_options_default_weight/) } - it { should contain_file('/etc/cassandra.yaml').with_content(/commitlog_sync_period_in_ms: commitlog_sync_period_in_ms/) } - it { should contain_file('/etc/cassandra.yaml').with_content(/commitlog_segment_size_in_mb: commitlog_segment_size_in_mb/) } - it { should contain_file('/etc/cassandra.yaml').with_content(/key_cache_size_in_mb: key_cache_size_in_mb/) } - it { should contain_file('/etc/cassandra.yaml').with_content(/key_cache_save_period: key_cache_save_period/) } - - it { should contain_file('/etc/cassandra.yaml').with_content(/algorithm: client_encryption_algorithm/) } - it { should contain_file('/etc/cassandra.yaml').with_content(/cipher_suites: client_encryption_cipher_suites/) } - it { should contain_file('/etc/cassandra.yaml').with_content(/protocol: client_encryption_protocol/) } - it { should contain_file('/etc/cassandra.yaml').with_content(/require_client_auth: client_encryption_require_client_auth/) } - it { should contain_file('/etc/cassandra.yaml').with_content(/store_type: client_encryption_store_type/) } - it { should contain_file('/etc/cassandra.yaml').with_content(/truststore: client_encryption_truststore/) } - it { should contain_file('/etc/cassandra.yaml').with_content(/truststore_password: client_encryption_truststore_password/) } - it { should contain_file('/etc/cassandra.yaml').with_content(/counter_cache_size_in_mb: counter_cache_size_in_mb/) } - it { should contain_file('/etc/cassandra.yaml').with_content(/index_summary_capacity_in_mb: index_summary_capacity_in_mb/) } - it { should contain_file('/etc/cassandra.yaml').with_content(/key_cache_keys_to_save: key_cache_keys_to_save/) } - it { should contain_file('/etc/cassandra.yaml').with_content(/- class_name: seed_provider_class_name/) } - it { should contain_file('/etc/cassandra.yaml').with_content(/algorithm: server_encryption_algorithm/) } - it { should contain_file('/etc/cassandra.yaml').with_content(/cipher_suites: server_encryption_cipher_suites/) } - it { should contain_file('/etc/cassandra.yaml').with_content(/protocol: server_encryption_protocol/) } - it { should contain_file('/etc/cassandra.yaml').with_content(/require_client_auth: server_encryption_require_client_auth/) } - it { should contain_file('/etc/cassandra.yaml').with_content(/store_type: server_encryption_store_type/) } - - it { should contain_file('commitlog_directory') } - it { should contain_file('datadir1') } - it { should contain_file('datadir2') } - it { should contain_file('saved_caches_directory') } - end -end diff --git a/cassandra/spec/classes/datastax_agent_spec.rb b/cassandra/spec/classes/datastax_agent_spec.rb deleted file mode 100644 index c4284c21c..000000000 --- a/cassandra/spec/classes/datastax_agent_spec.rb +++ /dev/null @@ -1,63 +0,0 @@ -require 'spec_helper' -describe 'cassandra::datastax_agent' do - let(:pre_condition) { [ - 'define ini_setting ($ensure, $path, $section, $key_val_separator, $setting, $value) {}' - ] } - - context 'Test for cassandra::datastax_agent.' do - it { should have_resource_count(3) } - it { - should contain_class('cassandra::datastax_agent').only_with( - 'defaults_file' => '/etc/default/datastax-agent', - #'java_home' => nil, - 'package_ensure' => 'present', - 'package_name' => 'datastax-agent', - 'service_ensure' => 'running', - 'service_enable' => true, - 'service_name' => 'datastax-agent', - 'stomp_interface' => nil, - ) - } - it { - should contain_package('datastax-agent') - } - it { - should contain_service('datastax-agent') - } - end - - context 'Test that stomp_interface can be set.' do - let :params do - { - :stomp_interface => '192.168.0.1' - } - end - - it { should contain_ini_setting('stomp_interface').with_ensure('present') } - it { - should contain_ini_setting('stomp_interface').with_value('192.168.0.1') - } - end - - context 'Test that stomp_interface can be ignored.' do - it { - should contain_ini_setting('stomp_interface').with_ensure('absent') - } - end - - context 'Test that the JAVA_HOME can be set.' do - let :params do - { - :java_home => '/usr/lib/jvm/java-8-oracle' - } - end - - it { - should contain_ini_setting('java_home').with( - 'ensure' => 'present', - 'path' => '/etc/default/datastax-agent', - 'value' => '/usr/lib/jvm/java-8-oracle' - ) - } - end -end diff --git a/cassandra/spec/classes/datastax_repo_spec.rb b/cassandra/spec/classes/datastax_repo_spec.rb deleted file mode 100644 index 8d55d2306..000000000 --- a/cassandra/spec/classes/datastax_repo_spec.rb +++ /dev/null @@ -1,72 +0,0 @@ -require 'spec_helper' -describe 'cassandra::datastax_repo' do - let(:pre_condition) { [ - 'class apt () {}', - 'class apt::update () {}', - 'define apt::key ($id, $source) {}', - 'define apt::source ($location, $comment, $release, $include) {}', - ] } - - context 'Regardless of which OS' do - it { should compile } - it { - should contain_class('cassandra::datastax_repo').only_with({ - 'descr' => 'DataStax Repo for Apache Cassandra', - 'key_id' => '7E41C00F85BFC1706C4FFFB3350200F2B999A372', - 'key_url' => 'http://debian.datastax.com/debian/repo_key', - 'pkg_url' => nil, - 'release' => 'stable', - }) - } - end - - context 'On a RedHat OS with defaults for all parameters' do - let :facts do - { - :osfamily => 'RedHat' - } - end - - it { - should contain_yumrepo('datastax').with({ - 'ensure' => 'present', - 'descr' => 'DataStax Repo for Apache Cassandra', - 'baseurl' => 'http://rpm.datastax.com/community', - 'enabled' => 1, - 'gpgcheck' => 0 - }) - } - it { should have_resource_count(1) } - end - - context 'On a Debian OS with defaults for all parameters' do - let :facts do - { - :osfamily => 'Debian', - :lsbdistid => 'Ubuntu', - :lsbdistrelease => '14.04' - } - end - - it { should contain_class('apt') } - it { should contain_class('apt::update') } - - it { - should contain_apt__key('datastaxkey').with({ - 'id' => '7E41C00F85BFC1706C4FFFB3350200F2B999A372', - 'source' => 'http://debian.datastax.com/debian/repo_key' - }) - } - - it { - should contain_apt__source('datastax').with({ - 'location' => 'http://debian.datastax.com/community', - 'comment' => 'DataStax Repo for Apache Cassandra', - 'release' => 'stable' - }) - } - - it { should contain_exec('update-cassandra-repos') } - it { should have_resource_count(3) } - end -end diff --git a/cassandra/spec/classes/firewall_ports_spec.rb b/cassandra/spec/classes/firewall_ports_spec.rb deleted file mode 100644 index f927235f3..000000000 --- a/cassandra/spec/classes/firewall_ports_spec.rb +++ /dev/null @@ -1,50 +0,0 @@ -require 'spec_helper' -describe 'cassandra::firewall_ports' do - let(:pre_condition) { [ - 'class cassandra () {}', - 'define firewall ($action, $dport, $proto, $source) {}', - ] } - - let!(:stdlib_stubs) { - MockFunction.new('prefix') { |f| - f.stubbed.with(['0.0.0.0/0'], - '200_Public_').returns('200_Public_0.0.0.0/0') - f.stubbed.with(['0.0.0.0/0'], - '210_InterNode_').returns('210_InterNode__0.0.0.0/0') - f.stubbed.with(['0.0.0.0/0'], - '220_Client_').returns('220_Client__0.0.0.0/0') - } - MockFunction.new('concat') { |f| - f.stubbed().returns([8888, 22]) - } - MockFunction.new('size') { |f| - f.stubbed().returns(42) - } - } - - context 'Run with defaults.' do - it { should have_resource_count(2) } - - it { - should contain_class('cassandra::firewall_ports').with({ - 'client_ports' => [9042, 9160], - 'client_subnets' => ['0.0.0.0/0'], - 'inter_node_ports' => [7000, 7001, 7199], - 'inter_node_subnets' => ['0.0.0.0/0'], - 'public_ports' => [ 8888 ], - 'public_subnets' => ['0.0.0.0/0'], - 'ssh_port' => 22, - 'opscenter_ports' => [61620, 61621], - 'opscenter_subnets' => ['0.0.0.0/0'], - }) - } - - it { should contain_firewall('200 - Cassandra (Public) - 0.0.0.0/0') } - - it { - should contain_cassandra__firewall_ports__rule('200_Public_0.0.0.0/0').with({ - 'ports' => [8888, 22] - }) - } - end -end diff --git a/cassandra/spec/classes/java_spec.rb b/cassandra/spec/classes/java_spec.rb deleted file mode 100644 index 7c11fdc47..000000000 --- a/cassandra/spec/classes/java_spec.rb +++ /dev/null @@ -1,57 +0,0 @@ -require 'spec_helper' -describe 'cassandra::java' do - context 'On a RedHat OS with defaults for all parameters' do - let :facts do - { - :osfamily => 'RedHat' - } - end - - it { - should contain_class('cassandra::java').only_with({ - 'ensure' => 'present', - 'jna_ensure' => 'present', - #'jna_package_name' => nil, - 'package_name' => nil, - }) - } - it { should contain_package('java-1.8.0-openjdk-headless') } - it { should contain_package('jna') } - end - - context 'On a Debian OS with defaults for all parameters' do - let :facts do - { - :osfamily => 'Debian' - } - end - - it { should contain_class('cassandra::java') } - it { should contain_package('openjdk-7-jre-headless') } - it { should contain_package('libjna-java') } - it { should have_resource_count(2) } - end - - context 'With package names set to foobar' do - let :params do - { - :package_name => 'foobar-java', - :ensure => '42', - :jna_package_name => 'foobar-jna', - :jna_ensure => 'latest', - } - end - - it { - should contain_package('foobar-java').with({ - :ensure => 42, - }) - } - - it { - should contain_package('foobar-jna').with({ - :ensure => 'latest', - }) - } - end -end diff --git a/cassandra/spec/classes/opscenter/pycyrpto_spec.rb b/cassandra/spec/classes/opscenter/pycyrpto_spec.rb deleted file mode 100644 index 8632f8bf5..000000000 --- a/cassandra/spec/classes/opscenter/pycyrpto_spec.rb +++ /dev/null @@ -1,39 +0,0 @@ -require 'spec_helper' -describe 'cassandra::opscenter::pycrypto' do - context 'Test for cassandra::opscenter::pycrypto on Red Hat.' do - let :facts do - { - :osfamily => 'RedHat' - } - end - - it { should have_resource_count(4) } - it { - should contain_class('cassandra::opscenter::pycrypto').with({ - 'ensure' => 'present', - 'manage_epel' => false, - 'package_name' => 'pycrypto', - 'provider' => 'pip', - 'reqd_pckgs' => ['python-devel', 'python-pip'], - }) - } - it { should contain_package('pycrypto') } - it { should contain_file('/usr/bin/pip-python') } - it { should contain_package('python-devel') } - it { should contain_package('python-pip') } - end - - context 'Test for cassandra::opscenter::pycrypto on Debian.' do - let :facts do - { - :osfamily => 'Debian' - } - end - - it { should contain_class('cassandra::opscenter::pycrypto') } - it { should contain_class('cassandra::opscenter::pycrypto').with_package_name('pycrypto') } - it { should contain_class('cassandra::opscenter::pycrypto').with_ensure('present') } - it { should contain_class('cassandra::opscenter::pycrypto').with_provider('pip') } - it { should_not contain_package('pycrypto') } - end -end diff --git a/cassandra/spec/classes/opscenter_spec.rb b/cassandra/spec/classes/opscenter_spec.rb deleted file mode 100644 index a4476ec86..000000000 --- a/cassandra/spec/classes/opscenter_spec.rb +++ /dev/null @@ -1,558 +0,0 @@ -require 'spec_helper' -describe 'cassandra::opscenter' do - let(:pre_condition) { [ - 'define ini_setting ($ensure = nil, - $path, - $section, - $key_val_separator = nil, - $setting, - $value = nil) {}' - ] } - - context 'Test params for cassandra::opscenter defaults.' do - it { - should contain_class('cassandra::opscenter').with({ - 'authentication_enabled' => 'False', - 'ensure' => 'present', - 'config_file' => '/etc/opscenter/opscenterd.conf', - 'package_name' => 'opscenter', - 'service_enable' => 'true', - 'service_ensure' => 'running', - 'service_name' => 'opscenterd', - 'webserver_interface' => '0.0.0.0', - 'webserver_port' => 8888, - }) - } - - it { should have_resource_count(252) } - - it { - should contain_cassandra__opscenter__setting('agents agent_certfile') - } - - it { - should contain_cassandra__opscenter__setting('agents agent_keyfile') - } - - it { - should contain_cassandra__opscenter__setting('agents agent_keyfile_raw') - } - - it { - should contain_cassandra__opscenter__setting('agents config_sleep') - } - - it { - should contain_cassandra__opscenter__setting('agents fingerprint_throttle') - } - - it { - should contain_cassandra__opscenter__setting('agents incoming_interface') - } - - it { - should contain_cassandra__opscenter__setting('agents incoming_port') - } - - it { - should contain_cassandra__opscenter__setting('agents install_throttle') - } - - it { - should contain_cassandra__opscenter__setting('agents not_seen_threshold') - } - - it { - should contain_cassandra__opscenter__setting('agents path_to_deb') - } - - it { - should contain_cassandra__opscenter__setting('agents path_to_find_java') - } - - it { - should contain_cassandra__opscenter__setting('agents path_to_installscript') - } - - it { - should contain_cassandra__opscenter__setting('agents path_to_rpm') - } - - it { - should contain_cassandra__opscenter__setting('agents path_to_sudowrap') - } - - it { - should contain_cassandra__opscenter__setting('agents reported_interface') - } - - it { - should contain_cassandra__opscenter__setting('agents runs_sudo') - } - - it { - should contain_cassandra__opscenter__setting('agents scp_executable') - } - - it { - should contain_cassandra__opscenter__setting('agents ssh_executable') - } - - it { - should contain_cassandra__opscenter__setting('agents ssh_keygen_executable') - } - - it { - should contain_cassandra__opscenter__setting('agents ssh_keyscan_executable') - } - - it { - should contain_cassandra__opscenter__setting('agents ssh_port') - } - - it { - should contain_cassandra__opscenter__setting('agents ssh_sys_known_hosts_file') - } - - it { - should contain_cassandra__opscenter__setting('agents ssh_user_known_hosts_file') - } - - it { - should contain_cassandra__opscenter__setting('agents ssl_certfile') - } - - it { - should contain_cassandra__opscenter__setting('agents ssl_keyfile') - } - - it { - should contain_cassandra__opscenter__setting('agents tmp_dir') - } - - it { - should contain_cassandra__opscenter__setting('agents use_ssl') - } - - it { - should contain_cassandra__opscenter__setting('authentication audit_auth') - } - - it { - should contain_cassandra__opscenter__setting('authentication audit_pattern') - } - - it { - should contain_cassandra__opscenter__setting('authentication authentication_method') - } - - it { - should contain_cassandra__opscenter__setting('authentication enabled') - } - - it { - should contain_cassandra__opscenter__setting('authentication passwd_db') - } - - it { - should contain_cassandra__opscenter__setting('authentication timeout') - } - - it { - should contain_cassandra__opscenter__setting('cloud accepted_certs') - } - - it { - should contain_cassandra__opscenter__setting('clusters add_cluster_timeout') - } - - it { - should contain_cassandra__opscenter__setting('clusters startup_sleep') - } - - it { - should contain_cassandra__opscenter__setting('definitions auto_update') - } - - it { - should contain_cassandra__opscenter__setting('definitions definitions_dir') - } - - it { - should contain_cassandra__opscenter__setting('definitions download_filename') - } - - it { - should contain_cassandra__opscenter__setting('definitions download_host') - } - - it { - should contain_cassandra__opscenter__setting('definitions download_port') - } - - it { - should contain_cassandra__opscenter__setting('definitions hash_filename') - } - - it { - should contain_cassandra__opscenter__setting('definitions sleep') - } - - it { - should contain_cassandra__opscenter__setting('definitions ssl_certfile') - } - - it { - should contain_cassandra__opscenter__setting('definitions use_ssl') - } - - it { - should contain_cassandra__opscenter__setting('failover failover_configuration_directory') - } - - it { - should contain_cassandra__opscenter__setting('failover heartbeat_fail_window') - } - - it { - should contain_cassandra__opscenter__setting('failover heartbeat_period') - } - - it { - should contain_cassandra__opscenter__setting('failover heartbeat_reply_period') - } - - it { - should contain_cassandra__opscenter__setting('hadoop base_job_tracker_proxy_port') - } - - it { - should contain_cassandra__opscenter__setting('ldap admin_group_name') - } - - it { - should contain_cassandra__opscenter__setting('ldap connection_timeout') - } - - it { - should contain_cassandra__opscenter__setting('ldap debug_ssl') - } - - it { - should contain_cassandra__opscenter__setting('ldap group_name_attribute') - } - - it { - should contain_cassandra__opscenter__setting('ldap group_search_base') - } - - it { - should contain_cassandra__opscenter__setting('ldap group_search_filter') - } - - it { - should contain_cassandra__opscenter__setting('ldap group_search_type') - } - - it { - should contain_cassandra__opscenter__setting('ldap ldap_security') - } - - it { - should contain_cassandra__opscenter__setting('ldap opt_referrals') - } - - it { - should contain_cassandra__opscenter__setting('ldap protocol_version') - } - - it { - should contain_cassandra__opscenter__setting('ldap search_dn') - } - - it { - should contain_cassandra__opscenter__setting('ldap search_password') - } - - it { - should contain_cassandra__opscenter__setting('ldap server_host') - } - - it { - should contain_cassandra__opscenter__setting('ldap server_port') - } - - it { - should contain_cassandra__opscenter__setting('ldap ssl_cacert') - } - - it { - should contain_cassandra__opscenter__setting('ldap ssl_cert') - } - - it { - should contain_cassandra__opscenter__setting('ldap ssl_key') - } - - it { - should contain_cassandra__opscenter__setting('ldap tls_demand') - } - - it { - should contain_cassandra__opscenter__setting('ldap tls_reqcert') - } - - it { - should contain_cassandra__opscenter__setting('ldap uri_scheme') - } - - it { - should contain_cassandra__opscenter__setting('ldap user_memberof_attribute') - } - - it { - should contain_cassandra__opscenter__setting('ldap user_search_base') - } - - it { - should contain_cassandra__opscenter__setting('ldap user_search_filter') - } - - it { - should contain_cassandra__opscenter__setting('logging level') - } - - it { - should contain_cassandra__opscenter__setting('logging log_length') - } - - it { - should contain_cassandra__opscenter__setting('logging log_path') - } - - it { - should contain_cassandra__opscenter__setting('logging max_rotate') - } - - it { - should contain_cassandra__opscenter__setting('logging resource_usage_interval') - } - - it { - should contain_cassandra__opscenter__setting('provisioning agent_install_timeout') - } - - it { - should contain_cassandra__opscenter__setting('provisioning keyspace_timeout') - } - - it { - should contain_cassandra__opscenter__setting('provisioning private_key_dir') - } - - it { - should contain_cassandra__opscenter__setting('repair_service alert_on_repair_failure') - } - - it { - should contain_cassandra__opscenter__setting('repair_service cluster_stabilization_period') - } - - it { - should contain_cassandra__opscenter__setting('repair_service error_logging_window') - } - - it { - should contain_cassandra__opscenter__setting('repair_service incremental_err_alert_threshold') - } - - it { - should contain_cassandra__opscenter__setting('repair_service incremental_range_repair') - } - - it { - should contain_cassandra__opscenter__setting('repair_service incremental_repair_tables') - } - - it { - should contain_cassandra__opscenter__setting('repair_service ks_update_period') - } - - it { - should contain_cassandra__opscenter__setting('repair_service log_directory') - } - - it { - should contain_cassandra__opscenter__setting('repair_service log_length') - } - - it { - should contain_cassandra__opscenter__setting('repair_service max_err_threshold') - } - - it { - should contain_cassandra__opscenter__setting('repair_service max_parallel_repairs') - } - - it { - should contain_cassandra__opscenter__setting('repair_service max_pending_repairs') - } - - it { - should contain_cassandra__opscenter__setting('repair_service max_rotate') - } - - it { - should contain_cassandra__opscenter__setting('repair_service min_repair_time') - } - - it { - should contain_cassandra__opscenter__setting('repair_service min_throughput') - } - - it { - should contain_cassandra__opscenter__setting('repair_service num_recent_throughputs') - } - - it { - should contain_cassandra__opscenter__setting('repair_service persist_directory') - } - - it { - should contain_cassandra__opscenter__setting('repair_service persist_period') - } - - it { - should contain_cassandra__opscenter__setting('repair_service restart_period') - } - - it { - should contain_cassandra__opscenter__setting('repair_service single_repair_timeout') - } - - it { - should contain_cassandra__opscenter__setting('repair_service single_task_err_threshold') - } - - it { - should contain_cassandra__opscenter__setting('repair_service snapshot_override') - } - - it { - should contain_cassandra__opscenter__setting('request_tracker queue_size') - } - - it { - should contain_cassandra__opscenter__setting('security config_encryption_active') - } - - it { - should contain_cassandra__opscenter__setting('security config_encryption_key_name') - } - - it { - should contain_cassandra__opscenter__setting('security config_encryption_key_path') - } - - it { - should contain_cassandra__opscenter__setting('spark base_master_proxy_port') - } - - it { - should contain_cassandra__opscenter__setting('stat_reporter initial_sleep') - } - - it { - should contain_cassandra__opscenter__setting('stat_reporter interval') - } - - it { - should contain_cassandra__opscenter__setting('stat_reporter report_file') - } - - it { - should contain_cassandra__opscenter__setting('stat_reporter ssl_key') - } - - it { - should contain_cassandra__opscenter__setting('ui default_api_timeout') - } - - it { - should contain_cassandra__opscenter__setting('ui max_metrics_requests') - } - - it { - should contain_cassandra__opscenter__setting('ui node_detail_refresh_delay') - } - - it { - should contain_cassandra__opscenter__setting('ui storagemap_ttl') - } - - it { - should contain_cassandra__opscenter__setting('webserver interface') - } - - it { - should contain_cassandra__opscenter__setting('webserver log_path') - } - - it { - should contain_cassandra__opscenter__setting('webserver port') - } - - it { - should contain_cassandra__opscenter__setting('webserver ssl_certfile') - } - - it { - should contain_cassandra__opscenter__setting('webserver ssl_keyfile') - } - - it { - should contain_cassandra__opscenter__setting('webserver ssl_port') - } - - it { - should contain_cassandra__opscenter__setting('webserver staticdir') - } - - it { - should contain_cassandra__opscenter__setting('webserver sub_process_timeout') - } - - it { - should contain_cassandra__opscenter__setting('webserver tarball_process_timeout') - } - - end - - context 'Test params for cassandra::opscenter special cases.' do - let :params do - { - :authentication_method => 42, - :failover_configuration_directory => '/path/to', - } - end - - it { - should contain_class('cassandra::opscenter').with({ - 'authentication_method' => 42, - 'failover_configuration_directory' => '/path/to', - }) - } - end - - context 'Test for cassandra::opscenter package.' do - it { - should contain_package('opscenter') - } - end - - context 'Test for cassandra::opscenter service.' do - it { - should contain_service('opscenterd') - } - end -end diff --git a/cassandra/spec/classes/optutils_spec.rb b/cassandra/spec/classes/optutils_spec.rb deleted file mode 100644 index 636eeffe8..000000000 --- a/cassandra/spec/classes/optutils_spec.rb +++ /dev/null @@ -1,46 +0,0 @@ -require 'spec_helper' -describe 'cassandra::optutils' do - - context 'On a RedHat OS with defaults for all parameters' do - let :facts do - { - :osfamily => 'RedHat' - } - end - - it { should have_resource_count(1) } - it { - should contain_class('cassandra::optutils').with({ - 'ensure' => 'present', - 'package_name' => nil, - }) - } - it { should contain_package('cassandra22-tools') } - end - - context 'On a Debian OS with defaults for all parameters' do - let :facts do - { - :osfamily => 'Debian' - } - end - - it { should contain_class('cassandra::optutils') } - it { should contain_package('cassandra-tools') } - end - - context 'With java_package_name set to foobar' do - let :params do - { - :package_name => 'foobar-java', - :ensure => '42', - } - end - - it { - should contain_package('foobar-java').with({ - :ensure => 42, - }) - } - end -end diff --git a/cassandra/spec/defines/firewall_ports/rule_spec.rb b/cassandra/spec/defines/firewall_ports/rule_spec.rb deleted file mode 100644 index dd6d98c65..000000000 --- a/cassandra/spec/defines/firewall_ports/rule_spec.rb +++ /dev/null @@ -1,35 +0,0 @@ -require 'spec_helper' -describe 'cassandra::firewall_ports::rule' do - let(:pre_condition) { [ - 'define firewall ($action, $dport, $proto, $source) {}', - ] } - - let!(:stdlib_stubs) { - MockFunction.new('prefix') { |f| - f.stubbed.with(['0.0.0.0/0'], - '200_Public_').returns('200_Public_0.0.0.0/0') - f.stubbed.with(['0.0.0.0/0'], - '210_InterNode_').returns('210_InterNode__0.0.0.0/0') - f.stubbed.with(['0.0.0.0/0'], - '220_Client_').returns('220_Client__0.0.0.0/0') - } - MockFunction.new('concat') { |f| - f.stubbed().returns([8888, 22]) - } - MockFunction.new('size') { |f| - f.stubbed().returns(42) - } - } - - context 'Test that rules can be set.' do - let(:title) { '200_Public_0.0.0.0/0' } - let :params do - { - :ports => [8888, 22], - } - end - - it { should contain_firewall('200 - Cassandra (Public) - 0.0.0.0/0') } - it { should have_resource_count(2) } - end -end diff --git a/cassandra/spec/defines/opscenter/cluster_name_spec.rb b/cassandra/spec/defines/opscenter/cluster_name_spec.rb deleted file mode 100644 index 30ae3b0f4..000000000 --- a/cassandra/spec/defines/opscenter/cluster_name_spec.rb +++ /dev/null @@ -1,156 +0,0 @@ -require 'spec_helper' -describe 'cassandra::opscenter::cluster_name' do - let(:pre_condition) { [ - 'define ini_setting($ensure = nil, - $path, - $section, - $key_val_separator = nil, - $setting, - $value = nil) {}' - ] } - - context 'Called with defaults.' do - let(:title) { 'MyCluster' } - let :params do - { - :cassandra_seed_hosts => 'host1,host2', - } - end - it { should contain_cassandra__opscenter__cluster_name('MyCluster') } - it { should have_resource_count(20) } - end - - context 'Test that settings can be set.' do - let(:title) { 'MyCluster' } - let :params do - { - :cassandra_seed_hosts => 'host1,host2', - :storage_cassandra_keyspace => 'MyCluster_opc_keyspace', - :storage_cassandra_seed_hosts => 'host1,host2', - } - end - - it { - should contain_file('/etc/opscenter/clusters').with({ - 'ensure' => 'directory', - }) - } - - it { - should contain_ini_setting('MyCluster:cassandra_seed_hosts').with({ - 'ensure' => 'present', - 'section' => 'cassandra', - 'setting' => 'seed_hosts', - 'value' => 'host1,host2', - }) - } - - it { - should contain_ini_setting('MyCluster:storage_cassandra_keyspace').with({ - 'ensure' => 'present', - 'section' => 'storage_cassandra', - 'setting' => 'keyspace', - 'value' => 'MyCluster_opc_keyspace', - }) - } - - it { - should contain_ini_setting('MyCluster:storage_cassandra_seed_hosts').with({ - 'ensure' => 'present', - 'section' => 'storage_cassandra', - 'setting' => 'seed_hosts', - 'value' => 'host1,host2', - }) - } - - it { - should contain_ini_setting('MyCluster:storage_cassandra_api_port').with({ - 'ensure' => 'absent', - }) - } - - it { - should contain_ini_setting('MyCluster:storage_cassandra_bind_interface').with({ - 'ensure' => 'absent', - }) - } - - it { - should contain_ini_setting('MyCluster:storage_cassandra_connection_pool_size').with({ - 'ensure' => 'absent', - }) - } - - it { - should contain_ini_setting('MyCluster:storage_cassandra_connect_timeout').with({ - 'ensure' => 'absent', - }) - } - - it { - should contain_ini_setting('MyCluster:storage_cassandra_cql_port').with({ - 'ensure' => 'absent', - }) - } - - it { - should contain_ini_setting('MyCluster:storage_cassandra_local_dc_pref').with({ - 'ensure' => 'absent', - }) - } - - it { - should contain_ini_setting('MyCluster:storage_cassandra_password').with({ - 'ensure' => 'absent', - }) - } - - it { - should contain_ini_setting('MyCluster:storage_cassandra_retry_delay').with({ - 'ensure' => 'absent', - }) - } - - it { - should contain_ini_setting('MyCluster:storage_cassandra_send_rpc').with({ - 'ensure' => 'absent', - }) - } - - it { - should contain_ini_setting('MyCluster:storage_cassandra_ssl_ca_certs').with({ - 'ensure' => 'absent', - }) - } - - it { - should contain_ini_setting('MyCluster:storage_cassandra_ssl_client_key').with({ - 'ensure' => 'absent', - }) - } - - it { - should contain_ini_setting('MyCluster:storage_cassandra_ssl_client_pem').with({ - 'ensure' => 'absent', - }) - } - - it { - should contain_ini_setting('MyCluster:storage_cassandra_ssl_validate').with({ - 'ensure' => 'absent', - }) - } - - it { - should contain_ini_setting('MyCluster:storage_cassandra_used_hosts_per_remote_dc').with({ - 'ensure' => 'absent', - }) - } - - it { - should contain_ini_setting('MyCluster:storage_cassandra_username').with({ - 'ensure' => 'absent', - }) - } - end -end diff --git a/cassandra/spec/defines/opscenter/setting_spec.rb b/cassandra/spec/defines/opscenter/setting_spec.rb deleted file mode 100644 index 7a36bb139..000000000 --- a/cassandra/spec/defines/opscenter/setting_spec.rb +++ /dev/null @@ -1,2513 +0,0 @@ -require 'spec_helper' -describe 'cassandra::opscenter::setting' do - let(:pre_condition) { [ - 'define ini_setting($ensure = nil, - $path = nil, - $section = nil, - $key_val_separator = nil, - $setting = nil, - $value = nil) {}' - ] } - - context 'agents agent_certfile' do - let(:title) { 'agents agent_certfile' } - let :params do - { - :path => '/path/to/file', - :section => 'agents', - :setting => 'agent_certfile', - } - end - - it { should have_resource_count(2) } - - it { - should contain_ini_setting('agents agent_certfile').with({ - 'ensure' => 'absent', - 'path' => '/path/to/file', - 'section' => 'agents', - 'setting' => 'agent_certfile', - }) - } - end - - context 'agents agent_keyfile' do - let(:title) { 'agents agent_keyfile' } - let :params do - { - :path => '/path/to/file', - :section => 'agents', - :setting => 'agent_keyfile', - } - end - - it { - should contain_ini_setting('agents agent_keyfile').with({ - 'ensure' => 'absent', - 'path' => '/path/to/file', - 'section' => 'agents', - 'setting' => 'agent_keyfile', - }) - } - end - - context 'agents agent_keyfile_raw' do - let(:title) { 'agents agent_keyfile_raw' } - let :params do - { - :path => '/path/to/file', - :section => 'agents', - :setting => 'agent_keyfile_raw', - } - end - - it { - should contain_ini_setting('agents agent_keyfile_raw').with({ - 'ensure' => 'absent', - 'path' => '/path/to/file', - 'section' => 'agents', - 'setting' => 'agent_keyfile_raw', - }) - } - end - - context 'agents config_sleep' do - let(:title) { 'agents config_sleep' } - let :params do - { - :path => '/path/to/file', - :section => 'agents', - :setting => 'config_sleep', - } - end - - it { - should contain_ini_setting('agents config_sleep').with({ - 'ensure' => 'absent', - 'path' => '/path/to/file', - 'section' => 'agents', - 'setting' => 'config_sleep', - }) - } - end - - context 'agents fingerprint_throttle' do - let(:title) { 'agents fingerprint_throttle' } - let :params do - { - :path => '/path/to/file', - :section => 'agents', - :setting => 'fingerprint_throttle', - } - end - - it { - should contain_ini_setting('agents fingerprint_throttle').with({ - 'ensure' => 'absent', - 'path' => '/path/to/file', - 'section' => 'agents', - 'setting' => 'fingerprint_throttle', - }) - } - end - - context 'agents incoming_interface' do - let(:title) { 'agents incoming_interface' } - let :params do - { - :path => '/path/to/file', - :section => 'agents', - :setting => 'incoming_interface', - } - end - - it { - should contain_ini_setting('agents incoming_interface').with({ - 'ensure' => 'absent', - 'path' => '/path/to/file', - 'section' => 'agents', - 'setting' => 'incoming_interface', - }) - } - end - - context 'agents incoming_port' do - let(:title) { 'agents incoming_port' } - let :params do - { - :path => '/path/to/file', - :section => 'agents', - :setting => 'incoming_port', - } - end - - it { - should contain_ini_setting('agents incoming_port').with({ - 'ensure' => 'absent', - 'path' => '/path/to/file', - 'section' => 'agents', - 'setting' => 'incoming_port', - }) - } - end - - context 'agents install_throttle' do - let(:title) { 'agents install_throttle' } - let :params do - { - :path => '/path/to/file', - :section => 'agents', - :setting => 'install_throttle', - } - end - - it { - should contain_ini_setting('agents install_throttle').with({ - 'ensure' => 'absent', - 'path' => '/path/to/file', - 'section' => 'agents', - 'setting' => 'install_throttle', - }) - } - end - - context 'agents not_seen_threshold' do - let(:title) { 'agents not_seen_threshold' } - let :params do - { - :path => '/path/to/file', - :section => 'agents', - :setting => 'not_seen_threshold', - } - end - - it { - should contain_ini_setting('agents not_seen_threshold').with({ - 'ensure' => 'absent', - 'path' => '/path/to/file', - 'section' => 'agents', - 'setting' => 'not_seen_threshold', - }) - } - end - - context 'agents path_to_deb' do - let(:title) { 'agents path_to_deb' } - let :params do - { - :path => '/path/to/file', - :section => 'agents', - :setting => 'path_to_deb', - } - end - - it { - should contain_ini_setting('agents path_to_deb').with({ - 'ensure' => 'absent', - 'path' => '/path/to/file', - 'section' => 'agents', - 'setting' => 'path_to_deb', - }) - } - end - - context 'agents path_to_find_java' do - let(:title) { 'agents path_to_find_java' } - let :params do - { - :path => '/path/to/file', - :section => 'agents', - :setting => 'path_to_find_java', - } - end - - it { - should contain_ini_setting('agents path_to_find_java').with({ - 'ensure' => 'absent', - 'path' => '/path/to/file', - 'section' => 'agents', - 'setting' => 'path_to_find_java', - }) - } - end - - context 'agents path_to_installscript' do - let(:title) { 'agents path_to_installscript' } - let :params do - { - :path => '/path/to/file', - :section => 'agents', - :setting => 'path_to_installscript', - } - end - - it { - should contain_ini_setting('agents path_to_installscript').with({ - 'ensure' => 'absent', - 'path' => '/path/to/file', - 'section' => 'agents', - 'setting' => 'path_to_installscript', - }) - } - end - - context 'agents path_to_rpm' do - let(:title) { 'agents path_to_rpm' } - let :params do - { - :path => '/path/to/file', - :section => 'agents', - :setting => 'path_to_rpm', - } - end - - it { - should contain_ini_setting('agents path_to_rpm').with({ - 'ensure' => 'absent', - 'path' => '/path/to/file', - 'section' => 'agents', - 'setting' => 'path_to_rpm', - }) - } - end - - context 'agents path_to_sudowrap' do - let(:title) { 'agents path_to_sudowrap' } - let :params do - { - :path => '/path/to/file', - :section => 'agents', - :setting => 'path_to_sudowrap', - } - end - - it { - should contain_ini_setting('agents path_to_sudowrap').with({ - 'ensure' => 'absent', - 'path' => '/path/to/file', - 'section' => 'agents', - 'setting' => 'path_to_sudowrap', - }) - } - end - - context 'agents reported_interface' do - let(:title) { 'agents reported_interface' } - let :params do - { - :path => '/path/to/file', - :section => 'agents', - :setting => 'reported_interface', - } - end - - it { - should contain_ini_setting('agents reported_interface').with({ - 'ensure' => 'absent', - 'path' => '/path/to/file', - 'section' => 'agents', - 'setting' => 'reported_interface', - }) - } - end - - context 'agents runs_sudo' do - let(:title) { 'agents runs_sudo' } - let :params do - { - :path => '/path/to/file', - :section => 'agents', - :setting => 'runs_sudo', - } - end - - it { - should contain_ini_setting('agents runs_sudo').with({ - 'ensure' => 'absent', - 'path' => '/path/to/file', - 'section' => 'agents', - 'setting' => 'runs_sudo', - }) - } - end - - context 'agents scp_executable' do - let(:title) { 'agents scp_executable' } - let :params do - { - :path => '/path/to/file', - :section => 'agents', - :setting => 'scp_executable', - } - end - - it { - should contain_ini_setting('agents scp_executable').with({ - 'ensure' => 'absent', - 'path' => '/path/to/file', - 'section' => 'agents', - 'setting' => 'scp_executable', - }) - } - end - - context 'agents ssh_executable' do - let(:title) { 'agents ssh_executable' } - let :params do - { - :path => '/path/to/file', - :section => 'agents', - :setting => 'ssh_executable', - } - end - - it { - should contain_ini_setting('agents ssh_executable').with({ - 'ensure' => 'absent', - 'path' => '/path/to/file', - 'section' => 'agents', - 'setting' => 'ssh_executable', - }) - } - end - - context 'agents ssh_keygen_executable' do - let(:title) { 'agents ssh_keygen_executable' } - let :params do - { - :path => '/path/to/file', - :section => 'agents', - :setting => 'ssh_keygen_executable', - } - end - - it { - should contain_ini_setting('agents ssh_keygen_executable').with({ - 'ensure' => 'absent', - 'path' => '/path/to/file', - 'section' => 'agents', - 'setting' => 'ssh_keygen_executable', - }) - } - end - - context 'agents ssh_keyscan_executable' do - let(:title) { 'agents ssh_keyscan_executable' } - let :params do - { - :path => '/path/to/file', - :section => 'agents', - :setting => 'ssh_keyscan_executable', - } - end - - it { - should contain_ini_setting('agents ssh_keyscan_executable').with({ - 'ensure' => 'absent', - 'path' => '/path/to/file', - 'section' => 'agents', - 'setting' => 'ssh_keyscan_executable', - }) - } - end - - context 'agents ssh_port' do - let(:title) { 'agents ssh_port' } - let :params do - { - :path => '/path/to/file', - :section => 'agents', - :setting => 'ssh_port', - } - end - - it { - should contain_ini_setting('agents ssh_port').with({ - 'ensure' => 'absent', - 'path' => '/path/to/file', - 'section' => 'agents', - 'setting' => 'ssh_port', - }) - } - end - - context 'agents ssh_sys_known_hosts_file' do - let(:title) { 'agents ssh_sys_known_hosts_file' } - let :params do - { - :path => '/path/to/file', - :section => 'agents', - :setting => 'ssh_sys_known_hosts_file', - } - end - - it { - should contain_ini_setting('agents ssh_sys_known_hosts_file').with({ - 'ensure' => 'absent', - 'path' => '/path/to/file', - 'section' => 'agents', - 'setting' => 'ssh_sys_known_hosts_file', - }) - } - end - - context 'agents ssh_user_known_hosts_file' do - let(:title) { 'agents ssh_user_known_hosts_file' } - let :params do - { - :path => '/path/to/file', - :section => 'agents', - :setting => 'ssh_user_known_hosts_file', - } - end - - it { - should contain_ini_setting('agents ssh_user_known_hosts_file').with({ - 'ensure' => 'absent', - 'path' => '/path/to/file', - 'section' => 'agents', - 'setting' => 'ssh_user_known_hosts_file', - }) - } - end - - context 'agents ssl_certfile' do - let(:title) { 'agents ssl_certfile' } - let :params do - { - :path => '/path/to/file', - :section => 'agents', - :setting => 'ssl_certfile', - } - end - - it { - should contain_ini_setting('agents ssl_certfile').with({ - 'ensure' => 'absent', - 'path' => '/path/to/file', - 'section' => 'agents', - 'setting' => 'ssl_certfile', - }) - } - end - - context 'agents ssl_keyfile' do - let(:title) { 'agents ssl_keyfile' } - let :params do - { - :path => '/path/to/file', - :section => 'agents', - :setting => 'ssl_keyfile', - } - end - - it { - should contain_ini_setting('agents ssl_keyfile').with({ - 'ensure' => 'absent', - 'path' => '/path/to/file', - 'section' => 'agents', - 'setting' => 'ssl_keyfile', - }) - } - end - - context 'agents tmp_dir' do - let(:title) { 'agents tmp_dir' } - let :params do - { - :path => '/path/to/file', - :section => 'agents', - :setting => 'tmp_dir', - } - end - - it { - should contain_ini_setting('agents tmp_dir').with({ - 'ensure' => 'absent', - 'path' => '/path/to/file', - 'section' => 'agents', - 'setting' => 'tmp_dir', - }) - } - end - - context 'agents use_ssl' do - let(:title) { 'agents use_ssl' } - let :params do - { - :path => '/path/to/file', - :section => 'agents', - :setting => 'use_ssl', - } - end - - it { - should contain_ini_setting('agents use_ssl').with({ - 'ensure' => 'absent', - 'path' => '/path/to/file', - 'section' => 'agents', - 'setting' => 'use_ssl', - }) - } - end - - context 'authentication audit_auth' do - let(:title) { 'authentication audit_auth' } - let :params do - { - :path => '/path/to/file', - :section => 'authentication', - :setting => 'audit_auth', - } - end - - it { - should contain_ini_setting('authentication audit_auth').with({ - 'ensure' => 'absent', - 'path' => '/path/to/file', - 'section' => 'authentication', - 'setting' => 'audit_auth', - }) - } - end - - context 'authentication audit_pattern' do - let(:title) { 'authentication audit_pattern' } - let :params do - { - :path => '/path/to/file', - :section => 'authentication', - :setting => 'audit_pattern', - } - end - - it { - should contain_ini_setting('authentication audit_pattern').with({ - 'ensure' => 'absent', - 'path' => '/path/to/file', - 'section' => 'authentication', - 'setting' => 'audit_pattern', - }) - } - end - - context 'authentication authentication_method' do - let(:title) { 'authentication authentication_method' } - let :params do - { - :path => '/path/to/file', - :section => 'authentication', - :setting => 'authentication_method', - } - end - - it { - should contain_ini_setting('authentication authentication_method').with({ - 'ensure' => 'absent', - 'path' => '/path/to/file', - 'section' => 'authentication', - 'setting' => 'authentication_method', - }) - } - end - - context 'authentication enabled' do - let(:title) { 'authentication enabled' } - let :params do - { - :path => '/path/to/file', - :section => 'authentication', - :setting => 'enabled', - } - end - - it { - should contain_ini_setting('authentication enabled').with({ - 'ensure' => 'absent', - 'path' => '/path/to/file', - 'section' => 'authentication', - 'setting' => 'enabled', - }) - } - end - - context 'authentication passwd_db' do - let(:title) { 'authentication passwd_db' } - let :params do - { - :path => '/path/to/file', - :section => 'authentication', - :setting => 'passwd_db', - } - end - - it { - should contain_ini_setting('authentication passwd_db').with({ - 'ensure' => 'absent', - 'path' => '/path/to/file', - 'section' => 'authentication', - 'setting' => 'passwd_db', - }) - } - end - - context 'authentication timeout' do - let(:title) { 'authentication timeout' } - let :params do - { - :path => '/path/to/file', - :section => 'authentication', - :setting => 'timeout', - } - end - - it { - should contain_ini_setting('authentication timeout').with({ - 'ensure' => 'absent', - 'path' => '/path/to/file', - 'section' => 'authentication', - 'setting' => 'timeout', - }) - } - end - - context 'cloud accepted_certs' do - let(:title) { 'cloud accepted_certs' } - let :params do - { - :path => '/path/to/file', - :section => 'cloud', - :setting => 'accepted_certs', - } - end - - it { - should contain_ini_setting('cloud accepted_certs').with({ - 'ensure' => 'absent', - 'path' => '/path/to/file', - 'section' => 'cloud', - 'setting' => 'accepted_certs', - }) - } - end - - context 'clusters add_cluster_timeout' do - let(:title) { 'clusters add_cluster_timeout' } - let :params do - { - :path => '/path/to/file', - :section => 'clusters', - :setting => 'add_cluster_timeout', - } - end - - it { - should contain_ini_setting('clusters add_cluster_timeout').with({ - 'ensure' => 'absent', - 'path' => '/path/to/file', - 'section' => 'clusters', - 'setting' => 'add_cluster_timeout', - }) - } - end - - context 'clusters startup_sleep' do - let(:title) { 'clusters startup_sleep' } - let :params do - { - :path => '/path/to/file', - :section => 'clusters', - :setting => 'startup_sleep', - } - end - - it { - should contain_ini_setting('clusters startup_sleep').with({ - 'ensure' => 'absent', - 'path' => '/path/to/file', - 'section' => 'clusters', - 'setting' => 'startup_sleep', - }) - } - end - - context 'definitions auto_update' do - let(:title) { 'definitions auto_update' } - let :params do - { - :path => '/path/to/file', - :section => 'definitions', - :setting => 'auto_update', - } - end - - it { - should contain_ini_setting('definitions auto_update').with({ - 'ensure' => 'absent', - 'path' => '/path/to/file', - 'section' => 'definitions', - 'setting' => 'auto_update', - }) - } - end - - context 'definitions definitions_dir' do - let(:title) { 'definitions definitions_dir' } - let :params do - { - :path => '/path/to/file', - :section => 'definitions', - :setting => 'definitions_dir', - } - end - - it { - should contain_ini_setting('definitions definitions_dir').with({ - 'ensure' => 'absent', - 'path' => '/path/to/file', - 'section' => 'definitions', - 'setting' => 'definitions_dir', - }) - } - end - - context 'definitions download_filename' do - let(:title) { 'definitions download_filename' } - let :params do - { - :path => '/path/to/file', - :section => 'definitions', - :setting => 'download_filename', - } - end - - it { - should contain_ini_setting('definitions download_filename').with({ - 'ensure' => 'absent', - 'path' => '/path/to/file', - 'section' => 'definitions', - 'setting' => 'download_filename', - }) - } - end - - context 'definitions download_host' do - let(:title) { 'definitions download_host' } - let :params do - { - :path => '/path/to/file', - :section => 'definitions', - :setting => 'download_host', - } - end - - it { - should contain_ini_setting('definitions download_host').with({ - 'ensure' => 'absent', - 'path' => '/path/to/file', - 'section' => 'definitions', - 'setting' => 'download_host', - }) - } - end - - context 'definitions download_port' do - let(:title) { 'definitions download_port' } - let :params do - { - :path => '/path/to/file', - :section => 'definitions', - :setting => 'download_port', - } - end - - it { - should contain_ini_setting('definitions download_port').with({ - 'ensure' => 'absent', - 'path' => '/path/to/file', - 'section' => 'definitions', - 'setting' => 'download_port', - }) - } - end - - context 'definitions hash_filename' do - let(:title) { 'definitions hash_filename' } - let :params do - { - :path => '/path/to/file', - :section => 'definitions', - :setting => 'hash_filename', - } - end - - it { - should contain_ini_setting('definitions hash_filename').with({ - 'ensure' => 'absent', - 'path' => '/path/to/file', - 'section' => 'definitions', - 'setting' => 'hash_filename', - }) - } - end - - context 'definitions sleep' do - let(:title) { 'definitions sleep' } - let :params do - { - :path => '/path/to/file', - :section => 'definitions', - :setting => 'sleep', - } - end - - it { - should contain_ini_setting('definitions sleep').with({ - 'ensure' => 'absent', - 'path' => '/path/to/file', - 'section' => 'definitions', - 'setting' => 'sleep', - }) - } - end - - context 'definitions ssl_certfile' do - let(:title) { 'definitions ssl_certfile' } - let :params do - { - :path => '/path/to/file', - :section => 'definitions', - :setting => 'ssl_certfile', - } - end - - it { - should contain_ini_setting('definitions ssl_certfile').with({ - 'ensure' => 'absent', - 'path' => '/path/to/file', - 'section' => 'definitions', - 'setting' => 'ssl_certfile', - }) - } - end - - context 'definitions use_ssl' do - let(:title) { 'definitions use_ssl' } - let :params do - { - :path => '/path/to/file', - :section => 'definitions', - :setting => 'use_ssl', - } - end - - it { - should contain_ini_setting('definitions use_ssl').with({ - 'ensure' => 'absent', - 'path' => '/path/to/file', - 'section' => 'definitions', - 'setting' => 'use_ssl', - }) - } - end - - context 'failover failover_configuration_directory' do - let(:title) { 'failover failover_configuration_directory' } - let :params do - { - :path => '/path/to/file', - :section => 'failover', - :setting => 'failover_configuration_directory', - } - end - - it { - should contain_ini_setting('failover failover_configuration_directory').with({ - 'ensure' => 'absent', - 'path' => '/path/to/file', - 'section' => 'failover', - 'setting' => 'failover_configuration_directory', - }) - } - end - - context 'failover heartbeat_fail_window' do - let(:title) { 'failover heartbeat_fail_window' } - let :params do - { - :path => '/path/to/file', - :section => 'failover', - :setting => 'heartbeat_fail_window', - } - end - - it { - should contain_ini_setting('failover heartbeat_fail_window').with({ - 'ensure' => 'absent', - 'path' => '/path/to/file', - 'section' => 'failover', - 'setting' => 'heartbeat_fail_window', - }) - } - end - - context 'failover heartbeat_period' do - let(:title) { 'failover heartbeat_period' } - let :params do - { - :path => '/path/to/file', - :section => 'failover', - :setting => 'heartbeat_period', - } - end - - it { - should contain_ini_setting('failover heartbeat_period').with({ - 'ensure' => 'absent', - 'path' => '/path/to/file', - 'section' => 'failover', - 'setting' => 'heartbeat_period', - }) - } - end - - context 'failover heartbeat_reply_period' do - let(:title) { 'failover heartbeat_reply_period' } - let :params do - { - :path => '/path/to/file', - :section => 'failover', - :setting => 'heartbeat_reply_period', - } - end - - it { - should contain_ini_setting('failover heartbeat_reply_period').with({ - 'ensure' => 'absent', - 'path' => '/path/to/file', - 'section' => 'failover', - 'setting' => 'heartbeat_reply_period', - }) - } - end - - context 'hadoop base_job_tracker_proxy_port' do - let(:title) { 'hadoop base_job_tracker_proxy_port' } - let :params do - { - :path => '/path/to/file', - :section => 'hadoop', - :setting => 'base_job_tracker_proxy_port', - } - end - - it { - should contain_ini_setting('hadoop base_job_tracker_proxy_port').with({ - 'ensure' => 'absent', - 'path' => '/path/to/file', - 'section' => 'hadoop', - 'setting' => 'base_job_tracker_proxy_port', - }) - } - end - - context 'ldap admin_group_name' do - let(:title) { 'ldap admin_group_name' } - let :params do - { - :path => '/path/to/file', - :section => 'ldap', - :setting => 'admin_group_name', - } - end - - it { - should contain_ini_setting('ldap admin_group_name').with({ - 'ensure' => 'absent', - 'path' => '/path/to/file', - 'section' => 'ldap', - 'setting' => 'admin_group_name', - }) - } - end - - context 'ldap connection_timeout' do - let(:title) { 'ldap connection_timeout' } - let :params do - { - :path => '/path/to/file', - :section => 'ldap', - :setting => 'connection_timeout', - } - end - - it { - should contain_ini_setting('ldap connection_timeout').with({ - 'ensure' => 'absent', - 'path' => '/path/to/file', - 'section' => 'ldap', - 'setting' => 'connection_timeout', - }) - } - end - - context 'ldap debug_ssl' do - let(:title) { 'ldap debug_ssl' } - let :params do - { - :path => '/path/to/file', - :section => 'ldap', - :setting => 'debug_ssl', - } - end - - it { - should contain_ini_setting('ldap debug_ssl').with({ - 'ensure' => 'absent', - 'path' => '/path/to/file', - 'section' => 'ldap', - 'setting' => 'debug_ssl', - }) - } - end - - context 'ldap group_name_attribute' do - let(:title) { 'ldap group_name_attribute' } - let :params do - { - :path => '/path/to/file', - :section => 'ldap', - :setting => 'group_name_attribute', - } - end - - it { - should contain_ini_setting('ldap group_name_attribute').with({ - 'ensure' => 'absent', - 'path' => '/path/to/file', - 'section' => 'ldap', - 'setting' => 'group_name_attribute', - }) - } - end - - context 'ldap group_search_base' do - let(:title) { 'ldap group_search_base' } - let :params do - { - :path => '/path/to/file', - :section => 'ldap', - :setting => 'group_search_base', - } - end - - it { - should contain_ini_setting('ldap group_search_base').with({ - 'ensure' => 'absent', - 'path' => '/path/to/file', - 'section' => 'ldap', - 'setting' => 'group_search_base', - }) - } - end - - context 'ldap group_search_filter' do - let(:title) { 'ldap group_search_filter' } - let :params do - { - :path => '/path/to/file', - :section => 'ldap', - :setting => 'group_search_filter', - } - end - - it { - should contain_ini_setting('ldap group_search_filter').with({ - 'ensure' => 'absent', - 'path' => '/path/to/file', - 'section' => 'ldap', - 'setting' => 'group_search_filter', - }) - } - end - - context 'ldap group_search_type' do - let(:title) { 'ldap group_search_type' } - let :params do - { - :path => '/path/to/file', - :section => 'ldap', - :setting => 'group_search_type', - } - end - - it { - should contain_ini_setting('ldap group_search_type').with({ - 'ensure' => 'absent', - 'path' => '/path/to/file', - 'section' => 'ldap', - 'setting' => 'group_search_type', - }) - } - end - - context 'ldap ldap_security' do - let(:title) { 'ldap ldap_security' } - let :params do - { - :path => '/path/to/file', - :section => 'ldap', - :setting => 'ldap_security', - } - end - - it { - should contain_ini_setting('ldap ldap_security').with({ - 'ensure' => 'absent', - 'path' => '/path/to/file', - 'section' => 'ldap', - 'setting' => 'ldap_security', - }) - } - end - - context 'ldap opt_referrals' do - let(:title) { 'ldap opt_referrals' } - let :params do - { - :path => '/path/to/file', - :section => 'ldap', - :setting => 'opt_referrals', - } - end - - it { - should contain_ini_setting('ldap opt_referrals').with({ - 'ensure' => 'absent', - 'path' => '/path/to/file', - 'section' => 'ldap', - 'setting' => 'opt_referrals', - }) - } - end - - context 'ldap protocol_version' do - let(:title) { 'ldap protocol_version' } - let :params do - { - :path => '/path/to/file', - :section => 'ldap', - :setting => 'protocol_version', - } - end - - it { - should contain_ini_setting('ldap protocol_version').with({ - 'ensure' => 'absent', - 'path' => '/path/to/file', - 'section' => 'ldap', - 'setting' => 'protocol_version', - }) - } - end - - context 'ldap search_dn' do - let(:title) { 'ldap search_dn' } - let :params do - { - :path => '/path/to/file', - :section => 'ldap', - :setting => 'search_dn', - } - end - - it { - should contain_ini_setting('ldap search_dn').with({ - 'ensure' => 'absent', - 'path' => '/path/to/file', - 'section' => 'ldap', - 'setting' => 'search_dn', - }) - } - end - - context 'ldap search_password' do - let(:title) { 'ldap search_password' } - let :params do - { - :path => '/path/to/file', - :section => 'ldap', - :setting => 'search_password', - } - end - - it { - should contain_ini_setting('ldap search_password').with({ - 'ensure' => 'absent', - 'path' => '/path/to/file', - 'section' => 'ldap', - 'setting' => 'search_password', - }) - } - end - - context 'ldap server_host' do - let(:title) { 'ldap server_host' } - let :params do - { - :path => '/path/to/file', - :section => 'ldap', - :setting => 'server_host', - } - end - - it { - should contain_ini_setting('ldap server_host').with({ - 'ensure' => 'absent', - 'path' => '/path/to/file', - 'section' => 'ldap', - 'setting' => 'server_host', - }) - } - end - - context 'ldap server_port' do - let(:title) { 'ldap server_port' } - let :params do - { - :path => '/path/to/file', - :section => 'ldap', - :setting => 'server_port', - } - end - - it { - should contain_ini_setting('ldap server_port').with({ - 'ensure' => 'absent', - 'path' => '/path/to/file', - 'section' => 'ldap', - 'setting' => 'server_port', - }) - } - end - - context 'ldap ssl_cacert' do - let(:title) { 'ldap ssl_cacert' } - let :params do - { - :path => '/path/to/file', - :section => 'ldap', - :setting => 'ssl_cacert', - } - end - - it { - should contain_ini_setting('ldap ssl_cacert').with({ - 'ensure' => 'absent', - 'path' => '/path/to/file', - 'section' => 'ldap', - 'setting' => 'ssl_cacert', - }) - } - end - - context 'ldap ssl_cert' do - let(:title) { 'ldap ssl_cert' } - let :params do - { - :path => '/path/to/file', - :section => 'ldap', - :setting => 'ssl_cert', - } - end - - it { - should contain_ini_setting('ldap ssl_cert').with({ - 'ensure' => 'absent', - 'path' => '/path/to/file', - 'section' => 'ldap', - 'setting' => 'ssl_cert', - }) - } - end - - context 'ldap ssl_key' do - let(:title) { 'ldap ssl_key' } - let :params do - { - :path => '/path/to/file', - :section => 'ldap', - :setting => 'ssl_key', - } - end - - it { - should contain_ini_setting('ldap ssl_key').with({ - 'ensure' => 'absent', - 'path' => '/path/to/file', - 'section' => 'ldap', - 'setting' => 'ssl_key', - }) - } - end - - context 'ldap tls_demand' do - let(:title) { 'ldap tls_demand' } - let :params do - { - :path => '/path/to/file', - :section => 'ldap', - :setting => 'tls_demand', - } - end - - it { - should contain_ini_setting('ldap tls_demand').with({ - 'ensure' => 'absent', - 'path' => '/path/to/file', - 'section' => 'ldap', - 'setting' => 'tls_demand', - }) - } - end - - context 'ldap tls_reqcert' do - let(:title) { 'ldap tls_reqcert' } - let :params do - { - :path => '/path/to/file', - :section => 'ldap', - :setting => 'tls_reqcert', - } - end - - it { - should contain_ini_setting('ldap tls_reqcert').with({ - 'ensure' => 'absent', - 'path' => '/path/to/file', - 'section' => 'ldap', - 'setting' => 'tls_reqcert', - }) - } - end - - context 'ldap uri_scheme' do - let(:title) { 'ldap uri_scheme' } - let :params do - { - :path => '/path/to/file', - :section => 'ldap', - :setting => 'uri_scheme', - } - end - - it { - should contain_ini_setting('ldap uri_scheme').with({ - 'ensure' => 'absent', - 'path' => '/path/to/file', - 'section' => 'ldap', - 'setting' => 'uri_scheme', - }) - } - end - - context 'ldap user_memberof_attribute' do - let(:title) { 'ldap user_memberof_attribute' } - let :params do - { - :path => '/path/to/file', - :section => 'ldap', - :setting => 'user_memberof_attribute', - } - end - - it { - should contain_ini_setting('ldap user_memberof_attribute').with({ - 'ensure' => 'absent', - 'path' => '/path/to/file', - 'section' => 'ldap', - 'setting' => 'user_memberof_attribute', - }) - } - end - - context 'ldap user_search_base' do - let(:title) { 'ldap user_search_base' } - let :params do - { - :path => '/path/to/file', - :section => 'ldap', - :setting => 'user_search_base', - } - end - - it { - should contain_ini_setting('ldap user_search_base').with({ - 'ensure' => 'absent', - 'path' => '/path/to/file', - 'section' => 'ldap', - 'setting' => 'user_search_base', - }) - } - end - - context 'ldap user_search_filter' do - let(:title) { 'ldap user_search_filter' } - let :params do - { - :path => '/path/to/file', - :section => 'ldap', - :setting => 'user_search_filter', - } - end - - it { - should contain_ini_setting('ldap user_search_filter').with({ - 'ensure' => 'absent', - 'path' => '/path/to/file', - 'section' => 'ldap', - 'setting' => 'user_search_filter', - }) - } - end - - context 'logging level' do - let(:title) { 'logging level' } - let :params do - { - :path => '/path/to/file', - :section => 'logging', - :setting => 'level', - } - end - - it { - should contain_ini_setting('logging level').with({ - 'ensure' => 'absent', - 'path' => '/path/to/file', - 'section' => 'logging', - 'setting' => 'level', - }) - } - end - - context 'logging log_length' do - let(:title) { 'logging log_length' } - let :params do - { - :path => '/path/to/file', - :section => 'logging', - :setting => 'log_length', - } - end - - it { - should contain_ini_setting('logging log_length').with({ - 'ensure' => 'absent', - 'path' => '/path/to/file', - 'section' => 'logging', - 'setting' => 'log_length', - }) - } - end - - context 'logging log_path' do - let(:title) { 'logging log_path' } - let :params do - { - :path => '/path/to/file', - :section => 'logging', - :setting => 'log_path', - } - end - - it { - should contain_ini_setting('logging log_path').with({ - 'ensure' => 'absent', - 'path' => '/path/to/file', - 'section' => 'logging', - 'setting' => 'log_path', - }) - } - end - - context 'logging max_rotate' do - let(:title) { 'logging max_rotate' } - let :params do - { - :path => '/path/to/file', - :section => 'logging', - :setting => 'max_rotate', - } - end - - it { - should contain_ini_setting('logging max_rotate').with({ - 'ensure' => 'absent', - 'path' => '/path/to/file', - 'section' => 'logging', - 'setting' => 'max_rotate', - }) - } - end - - context 'logging resource_usage_interval' do - let(:title) { 'logging resource_usage_interval' } - let :params do - { - :path => '/path/to/file', - :section => 'logging', - :setting => 'resource_usage_interval', - } - end - - it { - should contain_ini_setting('logging resource_usage_interval').with({ - 'ensure' => 'absent', - 'path' => '/path/to/file', - 'section' => 'logging', - 'setting' => 'resource_usage_interval', - }) - } - end - - context 'provisioning agent_install_timeout' do - let(:title) { 'provisioning agent_install_timeout' } - let :params do - { - :path => '/path/to/file', - :section => 'provisioning', - :setting => 'agent_install_timeout', - } - end - - it { - should contain_ini_setting('provisioning agent_install_timeout').with({ - 'ensure' => 'absent', - 'path' => '/path/to/file', - 'section' => 'provisioning', - 'setting' => 'agent_install_timeout', - }) - } - end - - context 'provisioning keyspace_timeout' do - let(:title) { 'provisioning keyspace_timeout' } - let :params do - { - :path => '/path/to/file', - :section => 'provisioning', - :setting => 'keyspace_timeout', - } - end - - it { - should contain_ini_setting('provisioning keyspace_timeout').with({ - 'ensure' => 'absent', - 'path' => '/path/to/file', - 'section' => 'provisioning', - 'setting' => 'keyspace_timeout', - }) - } - end - - context 'provisioning private_key_dir' do - let(:title) { 'provisioning private_key_dir' } - let :params do - { - :path => '/path/to/file', - :section => 'provisioning', - :setting => 'private_key_dir', - } - end - - it { - should contain_ini_setting('provisioning private_key_dir').with({ - 'ensure' => 'absent', - 'path' => '/path/to/file', - 'section' => 'provisioning', - 'setting' => 'private_key_dir', - }) - } - end - - context 'repair_service alert_on_repair_failure' do - let(:title) { 'repair_service alert_on_repair_failure' } - let :params do - { - :path => '/path/to/file', - :section => 'repair_service', - :setting => 'alert_on_repair_failure', - } - end - - it { - should contain_ini_setting('repair_service alert_on_repair_failure').with({ - 'ensure' => 'absent', - 'path' => '/path/to/file', - 'section' => 'repair_service', - 'setting' => 'alert_on_repair_failure', - }) - } - end - - context 'repair_service cluster_stabilization_period' do - let(:title) { 'repair_service cluster_stabilization_period' } - let :params do - { - :path => '/path/to/file', - :section => 'repair_service', - :setting => 'cluster_stabilization_period', - } - end - - it { - should contain_ini_setting('repair_service cluster_stabilization_period').with({ - 'ensure' => 'absent', - 'path' => '/path/to/file', - 'section' => 'repair_service', - 'setting' => 'cluster_stabilization_period', - }) - } - end - - context 'repair_service error_logging_window' do - let(:title) { 'repair_service error_logging_window' } - let :params do - { - :path => '/path/to/file', - :section => 'repair_service', - :setting => 'error_logging_window', - } - end - - it { - should contain_ini_setting('repair_service error_logging_window').with({ - 'ensure' => 'absent', - 'path' => '/path/to/file', - 'section' => 'repair_service', - 'setting' => 'error_logging_window', - }) - } - end - - context 'repair_service incremental_err_alert_threshold' do - let(:title) { 'repair_service incremental_err_alert_threshold' } - let :params do - { - :path => '/path/to/file', - :section => 'repair_service', - :setting => 'incremental_err_alert_threshold', - } - end - - it { - should contain_ini_setting('repair_service incremental_err_alert_threshold').with({ - 'ensure' => 'absent', - 'path' => '/path/to/file', - 'section' => 'repair_service', - 'setting' => 'incremental_err_alert_threshold', - }) - } - end - - context 'repair_service incremental_range_repair' do - let(:title) { 'repair_service incremental_range_repair' } - let :params do - { - :path => '/path/to/file', - :section => 'repair_service', - :setting => 'incremental_range_repair', - } - end - - it { - should contain_ini_setting('repair_service incremental_range_repair').with({ - 'ensure' => 'absent', - 'path' => '/path/to/file', - 'section' => 'repair_service', - 'setting' => 'incremental_range_repair', - }) - } - end - - context 'repair_service incremental_repair_tables' do - let(:title) { 'repair_service incremental_repair_tables' } - let :params do - { - :path => '/path/to/file', - :section => 'repair_service', - :setting => 'incremental_repair_tables', - } - end - - it { - should contain_ini_setting('repair_service incremental_repair_tables').with({ - 'ensure' => 'absent', - 'path' => '/path/to/file', - 'section' => 'repair_service', - 'setting' => 'incremental_repair_tables', - }) - } - end - - context 'repair_service ks_update_period' do - let(:title) { 'repair_service ks_update_period' } - let :params do - { - :path => '/path/to/file', - :section => 'repair_service', - :setting => 'ks_update_period', - } - end - - it { - should contain_ini_setting('repair_service ks_update_period').with({ - 'ensure' => 'absent', - 'path' => '/path/to/file', - 'section' => 'repair_service', - 'setting' => 'ks_update_period', - }) - } - end - - context 'repair_service log_directory' do - let(:title) { 'repair_service log_directory' } - let :params do - { - :path => '/path/to/file', - :section => 'repair_service', - :setting => 'log_directory', - } - end - - it { - should contain_ini_setting('repair_service log_directory').with({ - 'ensure' => 'absent', - 'path' => '/path/to/file', - 'section' => 'repair_service', - 'setting' => 'log_directory', - }) - } - end - - context 'repair_service log_length' do - let(:title) { 'repair_service log_length' } - let :params do - { - :path => '/path/to/file', - :section => 'repair_service', - :setting => 'log_length', - } - end - - it { - should contain_ini_setting('repair_service log_length').with({ - 'ensure' => 'absent', - 'path' => '/path/to/file', - 'section' => 'repair_service', - 'setting' => 'log_length', - }) - } - end - - context 'repair_service max_err_threshold' do - let(:title) { 'repair_service max_err_threshold' } - let :params do - { - :path => '/path/to/file', - :section => 'repair_service', - :setting => 'max_err_threshold', - } - end - - it { - should contain_ini_setting('repair_service max_err_threshold').with({ - 'ensure' => 'absent', - 'path' => '/path/to/file', - 'section' => 'repair_service', - 'setting' => 'max_err_threshold', - }) - } - end - - context 'repair_service max_parallel_repairs' do - let(:title) { 'repair_service max_parallel_repairs' } - let :params do - { - :path => '/path/to/file', - :section => 'repair_service', - :setting => 'max_parallel_repairs', - } - end - - it { - should contain_ini_setting('repair_service max_parallel_repairs').with({ - 'ensure' => 'absent', - 'path' => '/path/to/file', - 'section' => 'repair_service', - 'setting' => 'max_parallel_repairs', - }) - } - end - - context 'repair_service max_pending_repairs' do - let(:title) { 'repair_service max_pending_repairs' } - let :params do - { - :path => '/path/to/file', - :section => 'repair_service', - :setting => 'max_pending_repairs', - } - end - - it { - should contain_ini_setting('repair_service max_pending_repairs').with({ - 'ensure' => 'absent', - 'path' => '/path/to/file', - 'section' => 'repair_service', - 'setting' => 'max_pending_repairs', - }) - } - end - - context 'repair_service max_rotate' do - let(:title) { 'repair_service max_rotate' } - let :params do - { - :path => '/path/to/file', - :section => 'repair_service', - :setting => 'max_rotate', - } - end - - it { - should contain_ini_setting('repair_service max_rotate').with({ - 'ensure' => 'absent', - 'path' => '/path/to/file', - 'section' => 'repair_service', - 'setting' => 'max_rotate', - }) - } - end - - context 'repair_service min_repair_time' do - let(:title) { 'repair_service min_repair_time' } - let :params do - { - :path => '/path/to/file', - :section => 'repair_service', - :setting => 'min_repair_time', - } - end - - it { - should contain_ini_setting('repair_service min_repair_time').with({ - 'ensure' => 'absent', - 'path' => '/path/to/file', - 'section' => 'repair_service', - 'setting' => 'min_repair_time', - }) - } - end - - context 'repair_service min_throughput' do - let(:title) { 'repair_service min_throughput' } - let :params do - { - :path => '/path/to/file', - :section => 'repair_service', - :setting => 'min_throughput', - } - end - - it { - should contain_ini_setting('repair_service min_throughput').with({ - 'ensure' => 'absent', - 'path' => '/path/to/file', - 'section' => 'repair_service', - 'setting' => 'min_throughput', - }) - } - end - - context 'repair_service num_recent_throughputs' do - let(:title) { 'repair_service num_recent_throughputs' } - let :params do - { - :path => '/path/to/file', - :section => 'repair_service', - :setting => 'num_recent_throughputs', - } - end - - it { - should contain_ini_setting('repair_service num_recent_throughputs').with({ - 'ensure' => 'absent', - 'path' => '/path/to/file', - 'section' => 'repair_service', - 'setting' => 'num_recent_throughputs', - }) - } - end - - context 'repair_service persist_directory' do - let(:title) { 'repair_service persist_directory' } - let :params do - { - :path => '/path/to/file', - :section => 'repair_service', - :setting => 'persist_directory', - } - end - - it { - should contain_ini_setting('repair_service persist_directory').with({ - 'ensure' => 'absent', - 'path' => '/path/to/file', - 'section' => 'repair_service', - 'setting' => 'persist_directory', - }) - } - end - - context 'repair_service persist_period' do - let(:title) { 'repair_service persist_period' } - let :params do - { - :path => '/path/to/file', - :section => 'repair_service', - :setting => 'persist_period', - } - end - - it { - should contain_ini_setting('repair_service persist_period').with({ - 'ensure' => 'absent', - 'path' => '/path/to/file', - 'section' => 'repair_service', - 'setting' => 'persist_period', - }) - } - end - - context 'repair_service restart_period' do - let(:title) { 'repair_service restart_period' } - let :params do - { - :path => '/path/to/file', - :section => 'repair_service', - :setting => 'restart_period', - } - end - - it { - should contain_ini_setting('repair_service restart_period').with({ - 'ensure' => 'absent', - 'path' => '/path/to/file', - 'section' => 'repair_service', - 'setting' => 'restart_period', - }) - } - end - - context 'repair_service single_repair_timeout' do - let(:title) { 'repair_service single_repair_timeout' } - let :params do - { - :path => '/path/to/file', - :section => 'repair_service', - :setting => 'single_repair_timeout', - } - end - - it { - should contain_ini_setting('repair_service single_repair_timeout').with({ - 'ensure' => 'absent', - 'path' => '/path/to/file', - 'section' => 'repair_service', - 'setting' => 'single_repair_timeout', - }) - } - end - - context 'repair_service single_task_err_threshold' do - let(:title) { 'repair_service single_task_err_threshold' } - let :params do - { - :path => '/path/to/file', - :section => 'repair_service', - :setting => 'single_task_err_threshold', - } - end - - it { - should contain_ini_setting('repair_service single_task_err_threshold').with({ - 'ensure' => 'absent', - 'path' => '/path/to/file', - 'section' => 'repair_service', - 'setting' => 'single_task_err_threshold', - }) - } - end - - context 'repair_service snapshot_override' do - let(:title) { 'repair_service snapshot_override' } - let :params do - { - :path => '/path/to/file', - :section => 'repair_service', - :setting => 'snapshot_override', - } - end - - it { - should contain_ini_setting('repair_service snapshot_override').with({ - 'ensure' => 'absent', - 'path' => '/path/to/file', - 'section' => 'repair_service', - 'setting' => 'snapshot_override', - }) - } - end - - context 'request_tracker queue_size' do - let(:title) { 'request_tracker queue_size' } - let :params do - { - :path => '/path/to/file', - :section => 'request_tracker', - :setting => 'queue_size', - } - end - - it { - should contain_ini_setting('request_tracker queue_size').with({ - 'ensure' => 'absent', - 'path' => '/path/to/file', - 'section' => 'request_tracker', - 'setting' => 'queue_size', - }) - } - end - - context 'security config_encryption_active' do - let(:title) { 'security config_encryption_active' } - let :params do - { - :path => '/path/to/file', - :section => 'security', - :setting => 'config_encryption_active', - } - end - - it { - should contain_ini_setting('security config_encryption_active').with({ - 'ensure' => 'absent', - 'path' => '/path/to/file', - 'section' => 'security', - 'setting' => 'config_encryption_active', - }) - } - end - - context 'security config_encryption_key_name' do - let(:title) { 'security config_encryption_key_name' } - let :params do - { - :path => '/path/to/file', - :section => 'security', - :setting => 'config_encryption_key_name', - } - end - - it { - should contain_ini_setting('security config_encryption_key_name').with({ - 'ensure' => 'absent', - 'path' => '/path/to/file', - 'section' => 'security', - 'setting' => 'config_encryption_key_name', - }) - } - end - - context 'security config_encryption_key_path' do - let(:title) { 'security config_encryption_key_path' } - let :params do - { - :path => '/path/to/file', - :section => 'security', - :setting => 'config_encryption_key_path', - } - end - - it { - should contain_ini_setting('security config_encryption_key_path').with({ - 'ensure' => 'absent', - 'path' => '/path/to/file', - 'section' => 'security', - 'setting' => 'config_encryption_key_path', - }) - } - end - - context 'spark base_master_proxy_port' do - let(:title) { 'spark base_master_proxy_port' } - let :params do - { - :path => '/path/to/file', - :section => 'spark', - :setting => 'base_master_proxy_port', - } - end - - it { - should contain_ini_setting('spark base_master_proxy_port').with({ - 'ensure' => 'absent', - 'path' => '/path/to/file', - 'section' => 'spark', - 'setting' => 'base_master_proxy_port', - }) - } - end - - context 'stat_reporter initial_sleep' do - let(:title) { 'stat_reporter initial_sleep' } - let :params do - { - :path => '/path/to/file', - :section => 'stat_reporter', - :setting => 'initial_sleep', - } - end - - it { - should contain_ini_setting('stat_reporter initial_sleep').with({ - 'ensure' => 'absent', - 'path' => '/path/to/file', - 'section' => 'stat_reporter', - 'setting' => 'initial_sleep', - }) - } - end - - context 'stat_reporter interval' do - let(:title) { 'stat_reporter interval' } - let :params do - { - :path => '/path/to/file', - :section => 'stat_reporter', - :setting => 'interval', - } - end - - it { - should contain_ini_setting('stat_reporter interval').with({ - 'ensure' => 'absent', - 'path' => '/path/to/file', - 'section' => 'stat_reporter', - 'setting' => 'interval', - }) - } - end - - context 'stat_reporter report_file' do - let(:title) { 'stat_reporter report_file' } - let :params do - { - :path => '/path/to/file', - :section => 'stat_reporter', - :setting => 'report_file', - } - end - - it { - should contain_ini_setting('stat_reporter report_file').with({ - 'ensure' => 'absent', - 'path' => '/path/to/file', - 'section' => 'stat_reporter', - 'setting' => 'report_file', - }) - } - end - - context 'stat_reporter ssl_key' do - let(:title) { 'stat_reporter ssl_key' } - let :params do - { - :path => '/path/to/file', - :section => 'stat_reporter', - :setting => 'ssl_key', - } - end - - it { - should contain_ini_setting('stat_reporter ssl_key').with({ - 'ensure' => 'absent', - 'path' => '/path/to/file', - 'section' => 'stat_reporter', - 'setting' => 'ssl_key', - }) - } - end - - context 'ui default_api_timeout' do - let(:title) { 'ui default_api_timeout' } - let :params do - { - :path => '/path/to/file', - :section => 'ui', - :setting => 'default_api_timeout', - } - end - - it { - should contain_ini_setting('ui default_api_timeout').with({ - 'ensure' => 'absent', - 'path' => '/path/to/file', - 'section' => 'ui', - 'setting' => 'default_api_timeout', - }) - } - end - - context 'ui max_metrics_requests' do - let(:title) { 'ui max_metrics_requests' } - let :params do - { - :path => '/path/to/file', - :section => 'ui', - :setting => 'max_metrics_requests', - } - end - - it { - should contain_ini_setting('ui max_metrics_requests').with({ - 'ensure' => 'absent', - 'path' => '/path/to/file', - 'section' => 'ui', - 'setting' => 'max_metrics_requests', - }) - } - end - - context 'ui node_detail_refresh_delay' do - let(:title) { 'ui node_detail_refresh_delay' } - let :params do - { - :path => '/path/to/file', - :section => 'ui', - :setting => 'node_detail_refresh_delay', - } - end - - it { - should contain_ini_setting('ui node_detail_refresh_delay').with({ - 'ensure' => 'absent', - 'path' => '/path/to/file', - 'section' => 'ui', - 'setting' => 'node_detail_refresh_delay', - }) - } - end - - context 'ui storagemap_ttl' do - let(:title) { 'ui storagemap_ttl' } - let :params do - { - :path => '/path/to/file', - :section => 'ui', - :setting => 'storagemap_ttl', - } - end - - it { - should contain_ini_setting('ui storagemap_ttl').with({ - 'ensure' => 'absent', - 'path' => '/path/to/file', - 'section' => 'ui', - 'setting' => 'storagemap_ttl', - }) - } - end - - context 'webserver interface' do - let(:title) { 'webserver interface' } - let :params do - { - :path => '/path/to/file', - :section => 'webserver', - :setting => 'interface', - } - end - - it { - should contain_ini_setting('webserver interface').with({ - 'ensure' => 'absent', - 'path' => '/path/to/file', - 'section' => 'webserver', - 'setting' => 'interface', - }) - } - end - - context 'webserver log_path' do - let(:title) { 'webserver log_path' } - let :params do - { - :path => '/path/to/file', - :section => 'webserver', - :setting => 'log_path', - } - end - - it { - should contain_ini_setting('webserver log_path').with({ - 'ensure' => 'absent', - 'path' => '/path/to/file', - 'section' => 'webserver', - 'setting' => 'log_path', - }) - } - end - - context 'webserver port' do - let(:title) { 'webserver port' } - let :params do - { - :path => '/path/to/file', - :section => 'webserver', - :setting => 'port', - } - end - - it { - should contain_ini_setting('webserver port').with({ - 'ensure' => 'absent', - 'path' => '/path/to/file', - 'section' => 'webserver', - 'setting' => 'port', - }) - } - end - - context 'webserver ssl_certfile' do - let(:title) { 'webserver ssl_certfile' } - let :params do - { - :path => '/path/to/file', - :section => 'webserver', - :setting => 'ssl_certfile', - } - end - - it { - should contain_ini_setting('webserver ssl_certfile').with({ - 'ensure' => 'absent', - 'path' => '/path/to/file', - 'section' => 'webserver', - 'setting' => 'ssl_certfile', - }) - } - end - - context 'webserver ssl_keyfile' do - let(:title) { 'webserver ssl_keyfile' } - let :params do - { - :path => '/path/to/file', - :section => 'webserver', - :setting => 'ssl_keyfile', - } - end - - it { - should contain_ini_setting('webserver ssl_keyfile').with({ - 'ensure' => 'absent', - 'path' => '/path/to/file', - 'section' => 'webserver', - 'setting' => 'ssl_keyfile', - }) - } - end - - context 'webserver ssl_port' do - let(:title) { 'webserver ssl_port' } - let :params do - { - :path => '/path/to/file', - :section => 'webserver', - :setting => 'ssl_port', - } - end - - it { - should contain_ini_setting('webserver ssl_port').with({ - 'ensure' => 'absent', - 'path' => '/path/to/file', - 'section' => 'webserver', - 'setting' => 'ssl_port', - }) - } - end - - context 'webserver staticdir' do - let(:title) { 'webserver staticdir' } - let :params do - { - :path => '/path/to/file', - :section => 'webserver', - :setting => 'staticdir', - } - end - - it { - should contain_ini_setting('webserver staticdir').with({ - 'ensure' => 'absent', - 'path' => '/path/to/file', - 'section' => 'webserver', - 'setting' => 'staticdir', - }) - } - end - - context 'webserver sub_process_timeout' do - let(:title) { 'webserver sub_process_timeout' } - let :params do - { - :path => '/path/to/file', - :section => 'webserver', - :setting => 'sub_process_timeout', - } - end - - it { - should contain_ini_setting('webserver sub_process_timeout').with({ - 'ensure' => 'absent', - 'path' => '/path/to/file', - 'section' => 'webserver', - 'setting' => 'sub_process_timeout', - }) - } - end - - context 'webserver tarball_process_timeout' do - let(:title) { 'webserver tarball_process_timeout' } - let :params do - { - :path => '/path/to/file', - :section => 'webserver', - :setting => 'tarball_process_timeout', - } - end - - it { - should contain_ini_setting('webserver tarball_process_timeout').with({ - 'ensure' => 'absent', - 'path' => '/path/to/file', - 'section' => 'webserver', - 'setting' => 'tarball_process_timeout', - }) - } - end -end diff --git a/cassandra/spec/spec_helper.rb b/cassandra/spec/spec_helper.rb deleted file mode 100644 index b268c3267..000000000 --- a/cassandra/spec/spec_helper.rb +++ /dev/null @@ -1,14 +0,0 @@ -require 'rubygems' -require 'rspec-puppet' -require 'rspec-puppet-utils' -require 'puppetlabs_spec_helper/module_spec_helper' -require 'coveralls' - -fixture_path = File.expand_path(File.join(__FILE__, '..', 'fixtures')) - -RSpec.configure do |c| - c.module_path = File.join(fixture_path, 'modules') - c.manifest_dir = File.join(fixture_path, 'manifests') -end -Coveralls.wear! -at_exit { RSpec::Puppet::Coverage.report! } diff --git a/cassandra/spec/spec_helper_acceptance.rb b/cassandra/spec/spec_helper_acceptance.rb deleted file mode 100644 index 59b64cee2..000000000 --- a/cassandra/spec/spec_helper_acceptance.rb +++ /dev/null @@ -1,25 +0,0 @@ -require 'beaker-rspec' -require 'pry' - -hosts.each do |host| - # Install Puppet - on host, install_puppet -end - -RSpec.configure do |c| - module_root = File.expand_path(File.join(File.dirname(__FILE__), '..')) - - c.formatter = :documentation - - # Configure all nodes in nodeset - c.before :suite do - # Install module - puppet_module_install(:source => module_root, :module_name => 'cassandra') - hosts.each do |host| - on host, puppet('module','install','puppetlabs-apt'), { :acceptable_exit_codes => [0,1] } - on host, puppet('module','install','puppetlabs-firewall'), { :acceptable_exit_codes => [0,1] } - on host, puppet('module','install','puppetlabs-inifile'), { :acceptable_exit_codes => [0,1] } - on host, puppet('module','install','puppetlabs-stdlib'), { :acceptable_exit_codes => [0,1] } - end - end -end diff --git a/cassandra/stylesheets/github-dark.css b/cassandra/stylesheets/github-dark.css deleted file mode 100644 index 0c393bfa4..000000000 --- a/cassandra/stylesheets/github-dark.css +++ /dev/null @@ -1,116 +0,0 @@ -/* - Copyright 2014 GitHub Inc. - - Licensed under the Apache License, Version 2.0 (the "License"); - you may not use this file except in compliance with the License. - You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - - Unless required by applicable law or agreed to in writing, software - distributed under the License is distributed on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - See the License for the specific language governing permissions and - limitations under the License. - -*/ - -.pl-c /* comment */ { - color: #969896; -} - -.pl-c1 /* constant, markup.raw, meta.diff.header, meta.module-reference, meta.property-name, support, support.constant, support.variable, variable.other.constant */, -.pl-s .pl-v /* string variable */ { - color: #0099cd; -} - -.pl-e /* entity */, -.pl-en /* entity.name */ { - color: #9774cb; -} - -.pl-s .pl-s1 /* string source */, -.pl-smi /* storage.modifier.import, storage.modifier.package, storage.type.java, variable.other, variable.parameter.function */ { - color: #ddd; -} - -.pl-ent /* entity.name.tag */ { - color: #7bcc72; -} - -.pl-k /* keyword, storage, storage.type */ { - color: #cc2372; -} - -.pl-pds /* punctuation.definition.string, string.regexp.character-class */, -.pl-s /* string */, -.pl-s .pl-pse .pl-s1 /* string punctuation.section.embedded source */, -.pl-sr /* string.regexp */, -.pl-sr .pl-cce /* string.regexp constant.character.escape */, -.pl-sr .pl-sra /* string.regexp string.regexp.arbitrary-repitition */, -.pl-sr .pl-sre /* string.regexp source.ruby.embedded */ { - color: #3c66e2; -} - -.pl-v /* variable */ { - color: #fb8764; -} - -.pl-id /* invalid.deprecated */ { - color: #e63525; -} - -.pl-ii /* invalid.illegal */ { - background-color: #e63525; - color: #f8f8f8; -} - -.pl-sr .pl-cce /* string.regexp constant.character.escape */ { - color: #7bcc72; - font-weight: bold; -} - -.pl-ml /* markup.list */ { - color: #c26b2b; -} - -.pl-mh /* markup.heading */, -.pl-mh .pl-en /* markup.heading entity.name */, -.pl-ms /* meta.separator */ { - color: #264ec5; - font-weight: bold; -} - -.pl-mq /* markup.quote */ { - color: #00acac; -} - -.pl-mi /* markup.italic */ { - color: #ddd; - font-style: italic; -} - -.pl-mb /* markup.bold */ { - color: #ddd; - font-weight: bold; -} - -.pl-md /* markup.deleted, meta.diff.header.from-file */ { - background-color: #ffecec; - color: #bd2c00; -} - -.pl-mi1 /* markup.inserted, meta.diff.header.to-file */ { - background-color: #eaffea; - color: #55a532; -} - -.pl-mdr /* meta.diff.range */ { - color: #9774cb; - font-weight: bold; -} - -.pl-mo /* meta.output */ { - color: #264ec5; -} - diff --git a/cassandra/stylesheets/github-light.css b/cassandra/stylesheets/github-light.css deleted file mode 100644 index 872a6f4b2..000000000 --- a/cassandra/stylesheets/github-light.css +++ /dev/null @@ -1,116 +0,0 @@ -/* - Copyright 2014 GitHub Inc. - - Licensed under the Apache License, Version 2.0 (the "License"); - you may not use this file except in compliance with the License. - You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - - Unless required by applicable law or agreed to in writing, software - distributed under the License is distributed on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - See the License for the specific language governing permissions and - limitations under the License. - -*/ - -.pl-c /* comment */ { - color: #969896; -} - -.pl-c1 /* constant, markup.raw, meta.diff.header, meta.module-reference, meta.property-name, support, support.constant, support.variable, variable.other.constant */, -.pl-s .pl-v /* string variable */ { - color: #0086b3; -} - -.pl-e /* entity */, -.pl-en /* entity.name */ { - color: #795da3; -} - -.pl-s .pl-s1 /* string source */, -.pl-smi /* storage.modifier.import, storage.modifier.package, storage.type.java, variable.other, variable.parameter.function */ { - color: #333; -} - -.pl-ent /* entity.name.tag */ { - color: #63a35c; -} - -.pl-k /* keyword, storage, storage.type */ { - color: #a71d5d; -} - -.pl-pds /* punctuation.definition.string, string.regexp.character-class */, -.pl-s /* string */, -.pl-s .pl-pse .pl-s1 /* string punctuation.section.embedded source */, -.pl-sr /* string.regexp */, -.pl-sr .pl-cce /* string.regexp constant.character.escape */, -.pl-sr .pl-sra /* string.regexp string.regexp.arbitrary-repitition */, -.pl-sr .pl-sre /* string.regexp source.ruby.embedded */ { - color: #183691; -} - -.pl-v /* variable */ { - color: #ed6a43; -} - -.pl-id /* invalid.deprecated */ { - color: #b52a1d; -} - -.pl-ii /* invalid.illegal */ { - background-color: #b52a1d; - color: #f8f8f8; -} - -.pl-sr .pl-cce /* string.regexp constant.character.escape */ { - color: #63a35c; - font-weight: bold; -} - -.pl-ml /* markup.list */ { - color: #693a17; -} - -.pl-mh /* markup.heading */, -.pl-mh .pl-en /* markup.heading entity.name */, -.pl-ms /* meta.separator */ { - color: #1d3e81; - font-weight: bold; -} - -.pl-mq /* markup.quote */ { - color: #008080; -} - -.pl-mi /* markup.italic */ { - color: #333; - font-style: italic; -} - -.pl-mb /* markup.bold */ { - color: #333; - font-weight: bold; -} - -.pl-md /* markup.deleted, meta.diff.header.from-file */ { - background-color: #ffecec; - color: #bd2c00; -} - -.pl-mi1 /* markup.inserted, meta.diff.header.to-file */ { - background-color: #eaffea; - color: #55a532; -} - -.pl-mdr /* meta.diff.range */ { - color: #795da3; - font-weight: bold; -} - -.pl-mo /* meta.output */ { - color: #1d3e81; -} - diff --git a/cassandra/stylesheets/normalize.css b/cassandra/stylesheets/normalize.css deleted file mode 100644 index 30366a6e9..000000000 --- a/cassandra/stylesheets/normalize.css +++ /dev/null @@ -1,424 +0,0 @@ -/*! normalize.css v3.0.2 | MIT License | git.io/normalize */ - -/** - * 1. Set default font family to sans-serif. - * 2. Prevent iOS text size adjust after orientation change, without disabling - * user zoom. - */ - -html { - font-family: sans-serif; /* 1 */ - -ms-text-size-adjust: 100%; /* 2 */ - -webkit-text-size-adjust: 100%; /* 2 */ -} - -/** - * Remove default margin. - */ - -body { - margin: 0; -} - -/* HTML5 display definitions - ========================================================================== */ - -/** - * Correct `block` display not defined for any HTML5 element in IE 8/9. - * Correct `block` display not defined for `details` or `summary` in IE 10/11 - * and Firefox. - * Correct `block` display not defined for `main` in IE 11. - */ - -article, -aside, -details, -figcaption, -figure, -footer, -header, -hgroup, -main, -menu, -nav, -section, -summary { - display: block; -} - -/** - * 1. Correct `inline-block` display not defined in IE 8/9. - * 2. Normalize vertical alignment of `progress` in Chrome, Firefox, and Opera. - */ - -audio, -canvas, -progress, -video { - display: inline-block; /* 1 */ - vertical-align: baseline; /* 2 */ -} - -/** - * Prevent modern browsers from displaying `audio` without controls. - * Remove excess height in iOS 5 devices. - */ - -audio:not([controls]) { - display: none; - height: 0; -} - -/** - * Address `[hidden]` styling not present in IE 8/9/10. - * Hide the `template` element in IE 8/9/11, Safari, and Firefox < 22. - */ - -[hidden], -template { - display: none; -} - -/* Links - ========================================================================== */ - -/** - * Remove the gray background color from active links in IE 10. - */ - -a { - background-color: transparent; -} - -/** - * Improve readability when focused and also mouse hovered in all browsers. - */ - -a:active, -a:hover { - outline: 0; -} - -/* Text-level semantics - ========================================================================== */ - -/** - * Address styling not present in IE 8/9/10/11, Safari, and Chrome. - */ - -abbr[title] { - border-bottom: 1px dotted; -} - -/** - * Address style set to `bolder` in Firefox 4+, Safari, and Chrome. - */ - -b, -strong { - font-weight: bold; -} - -/** - * Address styling not present in Safari and Chrome. - */ - -dfn { - font-style: italic; -} - -/** - * Address variable `h1` font-size and margin within `section` and `article` - * contexts in Firefox 4+, Safari, and Chrome. - */ - -h1 { - font-size: 2em; - margin: 0.67em 0; -} - -/** - * Address styling not present in IE 8/9. - */ - -mark { - background: #ff0; - color: #000; -} - -/** - * Address inconsistent and variable font size in all browsers. - */ - -small { - font-size: 80%; -} - -/** - * Prevent `sub` and `sup` affecting `line-height` in all browsers. - */ - -sub, -sup { - font-size: 75%; - line-height: 0; - position: relative; - vertical-align: baseline; -} - -sup { - top: -0.5em; -} - -sub { - bottom: -0.25em; -} - -/* Embedded content - ========================================================================== */ - -/** - * Remove border when inside `a` element in IE 8/9/10. - */ - -img { - border: 0; -} - -/** - * Correct overflow not hidden in IE 9/10/11. - */ - -svg:not(:root) { - overflow: hidden; -} - -/* Grouping content - ========================================================================== */ - -/** - * Address margin not present in IE 8/9 and Safari. - */ - -figure { - margin: 1em 40px; -} - -/** - * Address differences between Firefox and other browsers. - */ - -hr { - box-sizing: content-box; - height: 0; -} - -/** - * Contain overflow in all browsers. - */ - -pre { - overflow: auto; -} - -/** - * Address odd `em`-unit font size rendering in all browsers. - */ - -code, -kbd, -pre, -samp { - font-family: monospace, monospace; - font-size: 1em; -} - -/* Forms - ========================================================================== */ - -/** - * Known limitation: by default, Chrome and Safari on OS X allow very limited - * styling of `select`, unless a `border` property is set. - */ - -/** - * 1. Correct color not being inherited. - * Known issue: affects color of disabled elements. - * 2. Correct font properties not being inherited. - * 3. Address margins set differently in Firefox 4+, Safari, and Chrome. - */ - -button, -input, -optgroup, -select, -textarea { - color: inherit; /* 1 */ - font: inherit; /* 2 */ - margin: 0; /* 3 */ -} - -/** - * Address `overflow` set to `hidden` in IE 8/9/10/11. - */ - -button { - overflow: visible; -} - -/** - * Address inconsistent `text-transform` inheritance for `button` and `select`. - * All other form control elements do not inherit `text-transform` values. - * Correct `button` style inheritance in Firefox, IE 8/9/10/11, and Opera. - * Correct `select` style inheritance in Firefox. - */ - -button, -select { - text-transform: none; -} - -/** - * 1. Avoid the WebKit bug in Android 4.0.* where (2) destroys native `audio` - * and `video` controls. - * 2. Correct inability to style clickable `input` types in iOS. - * 3. Improve usability and consistency of cursor style between image-type - * `input` and others. - */ - -button, -html input[type="button"], /* 1 */ -input[type="reset"], -input[type="submit"] { - -webkit-appearance: button; /* 2 */ - cursor: pointer; /* 3 */ -} - -/** - * Re-set default cursor for disabled elements. - */ - -button[disabled], -html input[disabled] { - cursor: default; -} - -/** - * Remove inner padding and border in Firefox 4+. - */ - -button::-moz-focus-inner, -input::-moz-focus-inner { - border: 0; - padding: 0; -} - -/** - * Address Firefox 4+ setting `line-height` on `input` using `!important` in - * the UA stylesheet. - */ - -input { - line-height: normal; -} - -/** - * It's recommended that you don't attempt to style these elements. - * Firefox's implementation doesn't respect box-sizing, padding, or width. - * - * 1. Address box sizing set to `content-box` in IE 8/9/10. - * 2. Remove excess padding in IE 8/9/10. - */ - -input[type="checkbox"], -input[type="radio"] { - box-sizing: border-box; /* 1 */ - padding: 0; /* 2 */ -} - -/** - * Fix the cursor style for Chrome's increment/decrement buttons. For certain - * `font-size` values of the `input`, it causes the cursor style of the - * decrement button to change from `default` to `text`. - */ - -input[type="number"]::-webkit-inner-spin-button, -input[type="number"]::-webkit-outer-spin-button { - height: auto; -} - -/** - * 1. Address `appearance` set to `searchfield` in Safari and Chrome. - * 2. Address `box-sizing` set to `border-box` in Safari and Chrome - * (include `-moz` to future-proof). - */ - -input[type="search"] { - -webkit-appearance: textfield; /* 1 */ /* 2 */ - box-sizing: content-box; -} - -/** - * Remove inner padding and search cancel button in Safari and Chrome on OS X. - * Safari (but not Chrome) clips the cancel button when the search input has - * padding (and `textfield` appearance). - */ - -input[type="search"]::-webkit-search-cancel-button, -input[type="search"]::-webkit-search-decoration { - -webkit-appearance: none; -} - -/** - * Define consistent border, margin, and padding. - */ - -fieldset { - border: 1px solid #c0c0c0; - margin: 0 2px; - padding: 0.35em 0.625em 0.75em; -} - -/** - * 1. Correct `color` not being inherited in IE 8/9/10/11. - * 2. Remove padding so people aren't caught out if they zero out fieldsets. - */ - -legend { - border: 0; /* 1 */ - padding: 0; /* 2 */ -} - -/** - * Remove default vertical scrollbar in IE 8/9/10/11. - */ - -textarea { - overflow: auto; -} - -/** - * Don't inherit the `font-weight` (applied by a rule above). - * NOTE: the default cannot safely be changed in Chrome and Safari on OS X. - */ - -optgroup { - font-weight: bold; -} - -/* Tables - ========================================================================== */ - -/** - * Remove most spacing between table cells. - */ - -table { - border-collapse: collapse; - border-spacing: 0; -} - -td, -th { - padding: 0; -} diff --git a/cassandra/stylesheets/stylesheet.css b/cassandra/stylesheets/stylesheet.css deleted file mode 100644 index a54a6397e..000000000 --- a/cassandra/stylesheets/stylesheet.css +++ /dev/null @@ -1,247 +0,0 @@ -body { - margin: 0; - padding: 0; - background: #151515 url("../images/bkg.png") 0 0; - color: #eaeaea; - font: 16px; - line-height: 1.5; - font-family: Monaco, "Bitstream Vera Sans Mono", "Lucida Console", Terminal, monospace; -} - -/* General & 'Reset' Stuff */ - -.container { - width: 90%; - max-width: 600px; - margin: 0 auto; -} - -section { - display: block; - margin: 0 0 20px 0; -} - -h1, h2, h3, h4, h5, h6 { - margin: 0 0 20px; -} - -li { - line-height: 1.4 ; -} - -/* Header,
- header - container - h1 - project name - h2 - project description -*/ - -header { - background: rgba(0, 0, 0, 0.1); - width: 100%; - border-bottom: 1px dashed #b5e853; - padding: 20px 0; - margin: 0 0 40px 0; -} - -header h1 { - font-size: 30px; - line-height: 1.5; - margin: 0 0 0 -40px; - font-weight: bold; - font-family: Monaco, "Bitstream Vera Sans Mono", "Lucida Console", Terminal, monospace; - color: #b5e853; - text-shadow: 0 1px 1px rgba(0, 0, 0, 0.1), - 0 0 5px rgba(181, 232, 83, 0.1), - 0 0 10px rgba(181, 232, 83, 0.1); - letter-spacing: -1px; - -webkit-font-smoothing: antialiased; -} - -header h1:before { - content: "./ "; - font-size: 24px; -} - -header h2 { - font-size: 18px; - font-weight: 300; - color: #666; -} - -#downloads .btn { - display: inline-block; - text-align: center; - margin: 0; -} - -/* Main Content -*/ - -#main_content { - width: 100%; - -webkit-font-smoothing: antialiased; -} -section img { - max-width: 100% -} - -h1, h2, h3, h4, h5, h6 { - font-weight: normal; - font-family: Monaco, "Bitstream Vera Sans Mono", "Lucida Console", Terminal, monospace; - color: #b5e853; - letter-spacing: -0.03em; - text-shadow: 0 1px 1px rgba(0, 0, 0, 0.1), - 0 0 5px rgba(181, 232, 83, 0.1), - 0 0 10px rgba(181, 232, 83, 0.1); -} - -#main_content h1 { - font-size: 30px; -} - -#main_content h2 { - font-size: 24px; -} - -#main_content h3 { - font-size: 18px; -} - -#main_content h4 { - font-size: 14px; -} - -#main_content h5 { - font-size: 12px; - text-transform: uppercase; - margin: 0 0 5px 0; -} - -#main_content h6 { - font-size: 12px; - text-transform: uppercase; - color: #999; - margin: 0 0 5px 0; -} - -dt { - font-style: italic; - font-weight: bold; -} - -ul li { - list-style: none; -} - -ul li:before { - content: ">>"; - font-family: Monaco, "Bitstream Vera Sans Mono", "Lucida Console", Terminal, monospace; - font-size: 13px; - color: #b5e853; - margin-left: -37px; - margin-right: 21px; - line-height: 16px; -} - -blockquote { - color: #aaa; - padding-left: 10px; - border-left: 1px dotted #666; -} - -pre { - background: rgba(0, 0, 0, 0.9); - border: 1px solid rgba(255, 255, 255, 0.15); - padding: 10px; - font-size: 14px; - color: #b5e853; - border-radius: 2px; - -moz-border-radius: 2px; - -webkit-border-radius: 2px; - text-wrap: normal; - overflow: auto; - overflow-y: hidden; -} - -table { - width: 100%; - margin: 0 0 20px 0; -} - -th { - text-align: left; - border-bottom: 1px dashed #b5e853; - padding: 5px 10px; -} - -td { - padding: 5px 10px; -} - -hr { - height: 0; - border: 0; - border-bottom: 1px dashed #b5e853; - color: #b5e853; -} - -/* Buttons -*/ - -.btn { - display: inline-block; - background: -webkit-linear-gradient(top, rgba(40, 40, 40, 0.3), rgba(35, 35, 35, 0.3) 50%, rgba(10, 10, 10, 0.3) 50%, rgba(0, 0, 0, 0.3)); - padding: 8px 18px; - border-radius: 50px; - border: 2px solid rgba(0, 0, 0, 0.7); - border-bottom: 2px solid rgba(0, 0, 0, 0.7); - border-top: 2px solid rgba(0, 0, 0, 1); - color: rgba(255, 255, 255, 0.8); - font-family: Helvetica, Arial, sans-serif; - font-weight: bold; - font-size: 13px; - text-decoration: none; - text-shadow: 0 -1px 0 rgba(0, 0, 0, 0.75); - box-shadow: inset 0 1px 0 rgba(255, 255, 255, 0.05); -} - -.btn:hover { - background: -webkit-linear-gradient(top, rgba(40, 40, 40, 0.6), rgba(35, 35, 35, 0.6) 50%, rgba(10, 10, 10, 0.8) 50%, rgba(0, 0, 0, 0.8)); -} - -.btn .icon { - display: inline-block; - width: 16px; - height: 16px; - margin: 1px 8px 0 0; - float: left; -} - -.btn-github .icon { - opacity: 0.6; - background: url("../images/blacktocat.png") 0 0 no-repeat; -} - -/* Links - a, a:hover, a:visited -*/ - -a { - color: #63c0f5; - text-shadow: 0 0 5px rgba(104, 182, 255, 0.5); -} - -/* Clearfix */ - -.cf:before, .cf:after { - content:""; - display:table; -} - -.cf:after { - clear:both; -} - -.cf { - zoom:1; -} \ No newline at end of file diff --git a/cassandra/templates/cassandra.yaml.erb b/cassandra/templates/cassandra.yaml.erb deleted file mode 100755 index 8a3198456..000000000 --- a/cassandra/templates/cassandra.yaml.erb +++ /dev/null @@ -1,800 +0,0 @@ -# Cassandra storage config YAML - -# NOTE: -# See http://wiki.apache.org/cassandra/StorageConfiguration for -# full explanations of configuration directives -# /NOTE - -# The name of the cluster. This is mainly used to prevent machines in -# one logical cluster from joining another. -cluster_name: '<%= @cluster_name %>' - -# This defines the number of tokens randomly assigned to this node on the ring -# The more tokens, relative to other nodes, the larger the proportion of data -# that this node will store. You probably want all nodes to have the same number -# of tokens assuming they have equal hardware capability. -# -# If you leave this unspecified, Cassandra will use the default of 1 token for legacy compatibility, -# and will use the initial_token as described below. -# -# Specifying initial_token will override this setting on the node's initial start, -# on subsequent starts, this setting will apply even if initial token is set. -# -# If you already have a cluster with 1 token per node, and wish to migrate to -# multiple tokens per node, see http://wiki.apache.org/cassandra/Operations -num_tokens: <%= @num_tokens %> - -# initial_token allows you to specify tokens manually. While you can use # it with -# vnodes (num_tokens > 1, above) -- in which case you should provide a -# comma-separated list -- it's primarily used when adding nodes # to legacy clusters -# that do not have vnodes enabled. -<% if @initial_token != nil %>initial_token: <%= @initial_token %><% else %># initial_token:<% end %> - -# See http://wiki.apache.org/cassandra/HintedHandoff -# May either be "true" or "false" to enable globally, or contain a list -# of data centers to enable per-datacenter. -# hinted_handoff_enabled: DC1,DC2 -hinted_handoff_enabled: <%= @hinted_handoff_enabled %> -# this defines the maximum amount of time a dead host will have hints -# generated. After it has been dead this long, new hints for it will not be -# created until it has been seen alive and gone down again. -max_hint_window_in_ms: <%= @max_hint_window_in_ms %> # 3 hours -# Maximum throttle in KBs per second, per delivery thread. This will be -# reduced proportionally to the number of nodes in the cluster. (If there -# are two nodes in the cluster, each delivery thread will use the maximum -# rate; if there are three, each will throttle to half of the maximum, -# since we expect two nodes to be delivering hints simultaneously.) -hinted_handoff_throttle_in_kb: <%= @hinted_handoff_throttle_in_kb %> -# Number of threads with which to deliver hints; -# Consider increasing this number when you have multi-dc deployments, since -# cross-dc handoff tends to be slower -max_hints_delivery_threads: <%= @max_hints_delivery_threads %> - -# Maximum throttle in KBs per second, total. This will be -# reduced proportionally to the number of nodes in the cluster. -batchlog_replay_throttle_in_kb: <%= @batchlog_replay_throttle_in_kb %> - -# Authentication backend, implementing IAuthenticator; used to identify users -# Out of the box, Cassandra provides org.apache.cassandra.auth.{AllowAllAuthenticator, -# PasswordAuthenticator}. -# -# - AllowAllAuthenticator performs no checks - set it to disable authentication. -# - PasswordAuthenticator relies on username/password pairs to authenticate -# users. It keeps usernames and hashed passwords in system_auth.credentials table. -# Please increase system_auth keyspace replication factor if you use this authenticator. -authenticator: <%= @authenticator %> - -# Authorization backend, implementing IAuthorizer; used to limit access/provide permissions -# Out of the box, Cassandra provides org.apache.cassandra.auth.{AllowAllAuthorizer, -# CassandraAuthorizer}. -# -# - AllowAllAuthorizer allows any action to any user - set it to disable authorization. -# - CassandraAuthorizer stores permissions in system_auth.permissions table. Please -# increase system_auth keyspace replication factor if you use this authorizer. -authorizer: <%= @authorizer %> - -# Validity period for permissions cache (fetching permissions can be an -# expensive operation depending on the authorizer, CassandraAuthorizer is -# one example). Defaults to 2000, set to 0 to disable. -# Will be disabled automatically for AllowAllAuthorizer. -permissions_validity_in_ms: <%= @permissions_validity_in_ms %> - -# Refresh interval for permissions cache (if enabled). -# After this interval, cache entries become eligible for refresh. Upon next -# access, an async reload is scheduled and the old value returned until it -# completes. If permissions_validity_in_ms is non-zero, then this must be -# also. -# Defaults to the same value as permissions_validity_in_ms. -<% if @permissions_update_interval_in_ms != nil %>permissions_update_interval_in_ms: <%= @permissions_update_interval_in_ms %><% else %># permissions_update_interval_in_ms: 1000<% end %> - -# The partitioner is responsible for distributing groups of rows (by -# partition key) across nodes in the cluster. You should leave this -# alone for new clusters. The partitioner can NOT be changed without -# reloading all data, so when upgrading you should set this to the -# same partitioner you were already using. -# -# Besides Murmur3Partitioner, partitioners included for backwards -# compatibility include RandomPartitioner, ByteOrderedPartitioner, and -# OrderPreservingPartitioner. -# -partitioner: <%= @partitioner %> - -# Directories where Cassandra should store data on disk. Cassandra -# will spread data evenly across them, subject to the granularity of -# the configured compaction strategy. -# If not set, the default directory is $CASSANDRA_HOME/data/data. -data_file_directories: -<% @data_file_directories.each do |val| -%> - - <%= val %> -<% end -%> - -# commit log. when running on magnetic HDD, this should be a -# separate spindle than the data directories. -# If not set, the default directory is $CASSANDRA_HOME/data/commitlog. -commitlog_directory: <%= @commitlog_directory %> - -# policy for data disk failures: -# die: shut down gossip and Thrift and kill the JVM for any fs errors or -# single-sstable errors, so the node can be replaced. -# stop_paranoid: shut down gossip and Thrift even for single-sstable errors. -# stop: shut down gossip and Thrift, leaving the node effectively dead, but -# can still be inspected via JMX. -# best_effort: stop using the failed disk and respond to requests based on -# remaining available sstables. This means you WILL see obsolete -# data at CL.ONE! -# ignore: ignore fatal errors and let requests fail, as in pre-1.2 Cassandra -disk_failure_policy: <%= @disk_failure_policy %> - -# policy for commit disk failures: -# die: shut down gossip and Thrift and kill the JVM, so the node can be replaced. -# stop: shut down gossip and Thrift, leaving the node effectively dead, but -# can still be inspected via JMX. -# stop_commit: shutdown the commit log, letting writes collect but -# continuing to service reads, as in pre-2.0.5 Cassandra -# ignore: ignore fatal errors and let the batches fail -commit_failure_policy: <%= @commit_failure_policy %> - -# Maximum size of the key cache in memory. -# -# Each key cache hit saves 1 seek and each row cache hit saves 2 seeks at the -# minimum, sometimes more. The key cache is fairly tiny for the amount of -# time it saves, so it's worthwhile to use it at large numbers. -# The row cache saves even more time, but must contain the entire row, -# so it is extremely space-intensive. It's best to only use the -# row cache if you have hot rows or static rows. -# -# NOTE: if you reduce the size, you may not get you hottest keys loaded on startup. -# -# Default value is empty to make it "auto" (min(5% of Heap (in MB), 100MB)). Set to 0 to disable key cache. -<% if @key_cache_size_in_mb != '' %>key_cache_size_in_mb: <%= @key_cache_size_in_mb %><% else %>key_cache_size_in_mb:<% end %> - -# Duration in seconds after which Cassandra should -# save the key cache. Caches are saved to saved_caches_directory as -# specified in this configuration file. -# -# Saved caches greatly improve cold-start speeds, and is relatively cheap in -# terms of I/O for the key cache. Row cache saving is much more expensive and -# has limited use. -# -# Default is 14400 or 4 hours. -key_cache_save_period: <%= @key_cache_save_period %> - -# Number of keys from the key cache to save -# Disabled by default, meaning all keys are going to be saved -<% if @key_cache_keys_to_save != nil %>key_cache_keys_to_save: <%= @key_cache_keys_to_save %><% else %># key_cache_keys_to_save: 100<% end %> - -# Maximum size of the row cache in memory. -# NOTE: if you reduce the size, you may not get you hottest keys loaded on startup. -# -# Default value is 0, to disable row caching. -row_cache_size_in_mb: <%= @row_cache_size_in_mb %> - -# Duration in seconds after which Cassandra should -# save the row cache. Caches are saved to saved_caches_directory as specified -# in this configuration file. -# -# Saved caches greatly improve cold-start speeds, and is relatively cheap in -# terms of I/O for the key cache. Row cache saving is much more expensive and -# has limited use. -# -# Default is 0 to disable saving the row cache. -row_cache_save_period: <%= @row_cache_save_period %> - -# Number of keys from the row cache to save -# Disabled by default, meaning all keys are going to be saved -<% if @row_cache_keys_to_save != nil %>row_cache_keys_to_save: <%= @row_cache_keys_to_save %><% else %># row_cache_keys_to_save: 100<% end %> - -# Maximum size of the counter cache in memory. -# -# Counter cache helps to reduce counter locks' contention for hot counter cells. -# In case of RF = 1 a counter cache hit will cause Cassandra to skip the read before -# write entirely. With RF > 1 a counter cache hit will still help to reduce the duration -# of the lock hold, helping with hot counter cell updates, but will not allow skipping -# the read entirely. Only the local (clock, count) tuple of a counter cell is kept -# in memory, not the whole counter, so it's relatively cheap. -# -# NOTE: if you reduce the size, you may not get you hottest keys loaded on startup. -# -# Default value is empty to make it "auto" (min(2.5% of Heap (in MB), 50MB)). Set to 0 to disable counter cache. -# NOTE: if you perform counter deletes and rely on low gcgs, you should disable the counter cache. -<% if @counter_cache_size_in_mb != '' %>counter_cache_size_in_mb: <%= @counter_cache_size_in_mb %><% else %>counter_cache_size_in_mb:<% end %> - -# Duration in seconds after which Cassandra should -# save the counter cache (keys only). Caches are saved to saved_caches_directory as -# specified in this configuration file. -# -# Default is 7200 or 2 hours. -counter_cache_save_period: <%= @counter_cache_save_period %> - -# Number of keys from the counter cache to save -# Disabled by default, meaning all keys are going to be saved -<% if @counter_cache_keys_to_save != nil %>counter_cache_keys_to_save: <%= @counter_cache_keys_to_save %><% else %># counter_cache_keys_to_save: 100<% end %> - -# The off-heap memory allocator. Affects storage engine metadata as -# well as caches. Experiments show that JEMAlloc saves some memory -# than the native GCC allocator (i.e., JEMalloc is more -# fragmentation-resistant). -# -# Supported values are: NativeAllocator, JEMallocAllocator -# -# If you intend to use JEMallocAllocator you have to install JEMalloc as library and -# modify cassandra-env.sh as directed in the file. -# -# Defaults to NativeAllocator -<% if @memory_allocator != nil %>memory_allocator: <%= @memory_allocator %><% else %># memory_allocator: NativeAllocator<% end %> - -# saved caches -# If not set, the default directory is $CASSANDRA_HOME/data/saved_caches. -saved_caches_directory: <%= @saved_caches_directory %> - -# commitlog_sync may be either "periodic" or "batch." -# When in batch mode, Cassandra won't ack writes until the commit log -# has been fsynced to disk. It will wait up to -# commitlog_sync_batch_window_in_ms milliseconds for other writes, before -# performing the sync. -# -# commitlog_sync: batch -<% if @commitlog_sync_batch_window_in_ms != nil %>commitlog_sync_batch_window_in_ms: <%= @commitlog_sync_batch_window_in_ms %><% else %># commitlog_sync_batch_window_in_ms: 50<% end %> -# -# the other option is "periodic" where writes may be acked immediately -# and the CommitLog is simply synced every commitlog_sync_period_in_ms -# milliseconds. -<% if @commitlog_sync != nil %>commitlog_sync: <%= @commitlog_sync %><% else %># commitlog_sync: periodic<% end %> -<% if @commitlog_sync_period_in_ms != nil %>commitlog_sync_period_in_ms: <%= @commitlog_sync_period_in_ms %><% else %># commitlog_sync_period_in_ms: 10000<% end %> - -# The size of the individual commitlog file segments. A commitlog -# segment may be archived, deleted, or recycled once all the data -# in it (potentially from each columnfamily in the system) has been -# flushed to sstables. -# -# The default size is 32, which is almost always fine, but if you are -# archiving commitlog segments (see commitlog_archiving.properties), -# then you probably want a finer granularity of archiving; 8 or 16 MB -# is reasonable. -commitlog_segment_size_in_mb: <%= @commitlog_segment_size_in_mb %> - -# any class that implements the SeedProvider interface and has a -# constructor that takes a Map of parameters will do. -seed_provider: - # Addresses of hosts that are deemed contact points. - # Cassandra nodes use this list of hosts to find each other and learn - # the topology of the ring. You must change this if you are running - # multiple nodes! - - class_name: <%= @seed_provider_class_name %> - parameters: - # seeds is actually a comma-delimited list of addresses. - # Ex: ",," - - seeds: "<%= @seeds %>" - -# For workloads with more data than can fit in memory, Cassandra's -# bottleneck will be reads that need to fetch data from -# disk. "concurrent_reads" should be set to (16 * number_of_drives) in -# order to allow the operations to enqueue low enough in the stack -# that the OS and drives can reorder them. Same applies to -# "concurrent_counter_writes", since counter writes read the current -# values before incrementing and writing them back. -# -# On the other hand, since writes are almost never IO bound, the ideal -# number of "concurrent_writes" is dependent on the number of cores in -# your system; (8 * number_of_cores) is a good rule of thumb. -concurrent_reads: <%= @concurrent_reads %> -concurrent_writes: <%= @concurrent_writes %> -concurrent_counter_writes: <%= @concurrent_counter_writes %> - -# Total memory to use for sstable-reading buffers. Defaults to -# the smaller of 1/4 of heap or 512MB. -<% if @file_cache_size_in_mb != nil %>file_cache_size_in_mb: <%= @file_cache_size_in_mb %><% else %># file_cache_size_in_mb: 512<% end %> - -# Total permitted memory to use for memtables. Cassandra will stop -# accepting writes when the limit is exceeded until a flush completes, -# and will trigger a flush based on memtable_cleanup_threshold -# If omitted, Cassandra will set both to 1/4 the size of the heap. -<% if @memtable_heap_space_in_mb != nil %>memtable_heap_space_in_mb: <%= @memtable_heap_space_in_mb %><% else %># memtable_heap_space_in_mb: 2048<% end %> -<% if @memtable_offheap_space_in_mb != nil %>memtable_offheap_space_in_mb: <%= @memtable_offheap_space_in_mb %><% else %># memtable_offheap_space_in_mb: 2048<% end %> - -# Ratio of occupied non-flushing memtable size to total permitted size -# that will trigger a flush of the largest memtable. Lager mct will -# mean larger flushes and hence less compaction, but also less concurrent -# flush activity which can make it difficult to keep your disks fed -# under heavy write load. -# -# memtable_cleanup_threshold defaults to 1 / (memtable_flush_writers + 1) -<% if @memtable_cleanup_threshold != nil %>memtable_cleanup_threshold: <%= @memtable_cleanup_threshold %><% else %># memtable_cleanup_threshold: 0.11<% end %> - -# Specify the way Cassandra allocates and manages memtable memory. -# Options are: -# heap_buffers: on heap nio buffers -# offheap_buffers: off heap (direct) nio buffers -# offheap_objects: native memory, eliminating nio buffer heap overhead -memtable_allocation_type: heap_buffers - -# Total space to use for commitlogs. Since commitlog segments are -# mmapped, and hence use up address space, the default size is 32 -# on 32-bit JVMs, and 8192 on 64-bit JVMs. -# -# If space gets above this value (it will round up to the next nearest -# segment multiple), Cassandra will flush every dirty CF in the oldest -# segment and remove it. So a small total commitlog space will tend -# to cause more flush activity on less-active columnfamilies. -<% if @commitlog_total_space_in_mb != nil %>commitlog_total_space_in_mb: <%= @commitlog_total_space_in_mb %><% else %># commitlog_total_space_in_mb: 8192<% end %> - -# This sets the amount of memtable flush writer threads. These will -# be blocked by disk io, and each one will hold a memtable in memory -# while blocked. -# -# memtable_flush_writers defaults to the smaller of (number of disks, -# number of cores), with a minimum of 2 and a maximum of 8. -# -# If your data directories are backed by SSD, you should increase this -# to the number of cores. -<% if @memtable_flush_writers != nil %>memtable_flush_writers: <%= @memtable_flush_writers %><% else %>#memtable_flush_writers: 8<% end %> - -# A fixed memory pool size in MB for for SSTable index summaries. If left -# empty, this will default to 5% of the heap size. If the memory usage of -# all index summaries exceeds this limit, SSTables with low read rates will -# shrink their index summaries in order to meet this limit. However, this -# is a best-effort process. In extreme conditions Cassandra may need to use -# more than this amount of memory. -<% if @index_summary_capacity_in_mb != '' %>index_summary_capacity_in_mb: <%= @index_summary_capacity_in_mb %><% else %>index_summary_capacity_in_mb:<% end %> - -# How frequently index summaries should be resampled. This is done -# periodically to redistribute memory from the fixed-size pool to sstables -# proportional their recent read rates. Setting to -1 will disable this -# process, leaving existing index summaries at their current sampling level. -index_summary_resize_interval_in_minutes: <%= @index_summary_resize_interval_in_minutes %> - -# Whether to, when doing sequential writing, fsync() at intervals in -# order to force the operating system to flush the dirty -# buffers. Enable this to avoid sudden dirty buffer flushing from -# impacting read latencies. Almost always a good idea on SSDs; not -# necessarily on platters. -trickle_fsync: <%= @trickle_fsync %> -trickle_fsync_interval_in_kb: <%= @trickle_fsync_interval_in_kb %> - -# TCP port, for commands and data -# For security reasons, you should not expose this port to the internet. Firewall it if needed. -storage_port: <%= @storage_port %> - -# SSL port, for encrypted communication. Unused unless enabled in -# encryption_options -# For security reasons, you should not expose this port to the internet. Firewall it if needed. -ssl_storage_port: <%= @ssl_storage_port %> - -# Address or interface to bind to and tell other Cassandra nodes to connect to. -# You _must_ change this if you want multiple nodes to be able to communicate! -# -# Set listen_address OR listen_interface, not both. Interfaces must correspond -# to a single address, IP aliasing is not supported. -# -# Leaving it blank leaves it up to InetAddress.getLocalHost(). This -# will always do the Right Thing _if_ the node is properly configured -# (hostname, name resolution, etc), and the Right Thing is to use the -# address associated with the hostname (it might not be). -# -# Setting listen_address to 0.0.0.0 is always wrong. -# -# If you choose to specify the interface by name and the interface has an ipv4 and an ipv6 address -# you can specify which should be chosen using listen_interface_prefer_ipv6. If false the first ipv4 -# address will be used. If true the first ipv6 address will be used. Defaults to false preferring -# ipv4. If there is only one address it will be selected regardless of ipv4/ipv6. -listen_address: <%= @listen_address %> -# listen_interface: eth0 -# listen_interface_prefer_ipv6: false - -# Address to broadcast to other Cassandra nodes -# Leaving this blank will set it to the same value as listen_address -<% if @broadcast_address != nil %>broadcast_address: <%= @broadcast_address %><% else %># broadcast_address: 1.2.3.4<% end %> - -# Internode authentication backend, implementing IInternodeAuthenticator; -# used to allow/disallow connections from peer nodes. -<% if @internode_authenticator != nil %>internode_authenticator: <%= @internode_authenticator %><% else %># internode_authenticator: org.apache.cassandra.auth.AllowAllInternodeAuthenticator<% end %> - -# Whether to start the native transport server. -# Please note that the address on which the native transport is bound is the -# same as the rpc_address. The port however is different and specified below. -start_native_transport: <%= @start_native_transport %> -# port for the CQL native transport to listen for clients on -# For security reasons, you should not expose this port to the internet. Firewall it if needed. -native_transport_port: <%= @native_transport_port %> -# The maximum threads for handling requests when the native transport is used. -# This is similar to rpc_max_threads though the default differs slightly (and -# there is no native_transport_min_threads, idle threads will always be stopped -# after 30 seconds). -<% if @native_transport_max_threads != nil %>native_transport_max_threads: <%= @native_transport_max_threads %><% else %># native_transport_max_threads: 128<% end %> -# -# The maximum size of allowed frame. Frame (requests) larger than this will -# be rejected as invalid. The default is 256MB. -<% if @native_transport_max_frame_size_in_mb != nil %>native_transport_max_frame_size_in_mb: <%= @native_transport_max_frame_size_in_mb %><% else %># native_transport_max_frame_size_in_mb: 256<% end %> - -# The maximum number of concurrent client connections. -# The default is -1, which means unlimited. -<% if @native_transport_max_concurrent_connections != nil %>native_transport_max_concurrent_connections: <%= @native_transport_max_concurrent_connections %><% else %># native_transport_max_concurrent_connections: -1<% end %> - -# The maximum number of concurrent client connections per source ip. -# The default is -1, which means unlimited. -<% if @native_transport_max_concurrent_connections_per_ip != nil %>native_transport_max_concurrent_connections_per_ip: <%= @native_transport_max_concurrent_connections_per_ip %><% else %># native_transport_max_concurrent_connections_per_ip: -1<% end %> - -# Whether to start the thrift rpc server. -start_rpc: <%= @start_rpc %> - -# The address or interface to bind the Thrift RPC service and native transport -# server to. -# -# Set rpc_address OR rpc_interface, not both. Interfaces must correspond -# to a single address, IP aliasing is not supported. -# -# Leaving rpc_address blank has the same effect as on listen_address -# (i.e. it will be based on the configured hostname of the node). -# -# Note that unlike listen_address, you can specify 0.0.0.0, but you must also -# set broadcast_rpc_address to a value other than 0.0.0.0. -# -# For security reasons, you should not expose this port to the internet. Firewall it if needed. -# -# If you choose to specify the interface by name and the interface has an ipv4 and an ipv6 address -# you can specify which should be chosen using rpc_interface_prefer_ipv6. If false the first ipv4 -# address will be used. If true the first ipv6 address will be used. Defaults to false preferring -# ipv4. If there is only one address it will be selected regardless of ipv4/ipv6. -rpc_address: <%= @rpc_address %> -# rpc_interface: eth1 -# rpc_interface_prefer_ipv6: false - -# port for Thrift to listen for clients on -rpc_port: <%= @rpc_port %> - -# RPC address to broadcast to drivers and other Cassandra nodes. This cannot -# be set to 0.0.0.0. If left blank, this will be set to the value of -# rpc_address. If rpc_address is set to 0.0.0.0, broadcast_rpc_address must -# be set. -<% if @broadcast_rpc_address != nil %>broadcast_rpc_address: <%= @broadcast_rpc_address %><% else %># broadcast_rpc_address: 1.2.3.4<% end %> - -# enable or disable keepalive on rpc/native connections -rpc_keepalive: true - -# Cassandra provides two out-of-the-box options for the RPC Server: -# -# sync -> One thread per thrift connection. For a very large number of clients, memory -# will be your limiting factor. On a 64 bit JVM, 180KB is the minimum stack size -# per thread, and that will correspond to your use of virtual memory (but physical memory -# may be limited depending on use of stack space). -# -# hsha -> Stands for "half synchronous, half asynchronous." All thrift clients are handled -# asynchronously using a small number of threads that does not vary with the amount -# of thrift clients (and thus scales well to many clients). The rpc requests are still -# synchronous (one thread per active request). If hsha is selected then it is essential -# that rpc_max_threads is changed from the default value of unlimited. -# -# The default is sync because on Windows hsha is about 30% slower. On Linux, -# sync/hsha performance is about the same, with hsha of course using less memory. -# -# Alternatively, can provide your own RPC server by providing the fully-qualified class name -# of an o.a.c.t.TServerFactory that can create an instance of it. -rpc_server_type: <%= @rpc_server_type %> - -# Uncomment rpc_min|max_thread to set request pool size limits. -# -# Regardless of your choice of RPC server (see above), the number of maximum requests in the -# RPC thread pool dictates how many concurrent requests are possible (but if you are using the sync -# RPC server, it also dictates the number of clients that can be connected at all). -# -# The default is unlimited and thus provides no protection against clients overwhelming the server. You are -# encouraged to set a maximum that makes sense for you in production, but do keep in mind that -# rpc_max_threads represents the maximum number of client requests this server may execute concurrently. -# -<% if @rpc_min_threads != nil %>rpc_min_threads: <%= @rpc_min_threads %><% else %># rpc_min_threads: 16<% end %> -<% if @rpc_max_threads != nil %>rpc_max_threads: <%= @rpc_max_threads %><% else %># rpc_max_threads: 2048<% end %> - -# uncomment to set socket buffer sizes on rpc connections -<% if @rpc_send_buff_size_in_bytes != nil %>rpc_send_buff_size_in_bytes: <%= @rpc_send_buff_size_in_bytes %><% else %># rpc_send_buff_size_in_bytes:<% end %> -<% if @rpc_recv_buff_size_in_bytes != nil %>rpc_recv_buff_size_in_bytes: <%= @rpc_recv_buff_size_in_bytes %><% else %># rpc_recv_buff_size_in_bytes:<% end %> - -# Uncomment to set socket buffer size for internode communication -# Note that when setting this, the buffer size is limited by net.core.wmem_max -# and when not setting it it is defined by net.ipv4.tcp_wmem -# See: -# /proc/sys/net/core/wmem_max -# /proc/sys/net/core/rmem_max -# /proc/sys/net/ipv4/tcp_wmem -# /proc/sys/net/ipv4/tcp_wmem -# and: man tcp -<% if @internode_send_buff_size_in_bytes != nil %>internode_send_buff_size_in_bytes: <%= @internode_send_buff_size_in_bytes %><% else %># internode_send_buff_size_in_bytes:<% end %> -<% if @internode_recv_buff_size_in_bytes != nil %>internode_recv_buff_size_in_bytes: <%= @internode_recv_buff_size_in_bytes %><% else %># internode_recv_buff_size_in_bytes:<% end %> - -# Frame size for thrift (maximum message length). -thrift_framed_transport_size_in_mb: 15 - -# Set to true to have Cassandra create a hard link to each sstable -# flushed or streamed locally in a backups/ subdirectory of the -# keyspace data. Removing these links is the operator's -# responsibility. -incremental_backups: <%= @incremental_backups %> - -# Whether or not to take a snapshot before each compaction. Be -# careful using this option, since Cassandra won't clean up the -# snapshots for you. Mostly useful if you're paranoid when there -# is a data format change. -snapshot_before_compaction: <%= @snapshot_before_compaction %> - -# Whether or not a snapshot is taken of the data before keyspace truncation -# or dropping of column families. The STRONGLY advised default of true -# should be used to provide data safety. If you set this flag to false, you will -# lose data on truncation or drop. -auto_snapshot: <%= @auto_snapshot %> - -# When executing a scan, within or across a partition, we need to keep the -# tombstones seen in memory so we can return them to the coordinator, which -# will use them to make sure other replicas also know about the deleted rows. -# With workloads that generate a lot of tombstones, this can cause performance -# problems and even exaust the server heap. -# (http://www.datastax.com/dev/blog/cassandra-anti-patterns-queues-and-queue-like-datasets) -# Adjust the thresholds here if you understand the dangers and want to -# scan more tombstones anyway. These thresholds may also be adjusted at runtime -# using the StorageService mbean. -tombstone_warn_threshold: <%= @tombstone_warn_threshold %> -tombstone_failure_threshold: <%= @tombstone_failure_threshold %> - -# Granularity of the collation index of rows within a partition. -# Increase if your rows are large, or if you have a very large -# number of rows per partition. The competing goals are these: -# 1) a smaller granularity means more index entries are generated -# and looking up rows withing the partition by collation column -# is faster -# 2) but, Cassandra will keep the collation index in memory for hot -# rows (as part of the key cache), so a larger granularity means -# you can cache more hot rows -column_index_size_in_kb: <%= @column_index_size_in_kb %> - - -# Log WARN on any batch size exceeding this value. 5kb per batch by default. -# Caution should be taken on increasing the size of this threshold as it can lead to node instability. -batch_size_warn_threshold_in_kb: <%= @batch_size_warn_threshold_in_kb %> - -# Number of simultaneous compactions to allow, NOT including -# validation "compactions" for anti-entropy repair. Simultaneous -# compactions can help preserve read performance in a mixed read/write -# workload, by mitigating the tendency of small sstables to accumulate -# during a single long running compactions. The default is usually -# fine and if you experience problems with compaction running too -# slowly or too fast, you should look at -# compaction_throughput_mb_per_sec first. -# -# concurrent_compactors defaults to the smaller of (number of disks, -# number of cores), with a minimum of 2 and a maximum of 8. -# -# If your data directories are backed by SSD, you should increase this -# to the number of cores. -<% if @concurrent_compactors != nil %>concurrent_compactors: <%= @concurrent_compactors %><% else %>#concurrent_compactors: 1<% end %> - -# Throttles compaction to the given total throughput across the entire -# system. The faster you insert data, the faster you need to compact in -# order to keep the sstable count down, but in general, setting this to -# 16 to 32 times the rate you are inserting data is more than sufficient. -# Setting this to 0 disables throttling. Note that this account for all types -# of compaction, including validation compaction. -compaction_throughput_mb_per_sec: <%= @compaction_throughput_mb_per_sec %> - -# When compacting, the replacement sstable(s) can be opened before they -# are completely written, and used in place of the prior sstables for -# any range that has been written. This helps to smoothly transfer reads -# between the sstables, reducing page cache churn and keeping hot rows hot -sstable_preemptive_open_interval_in_mb: <%= @sstable_preemptive_open_interval_in_mb %> - -# Throttles all outbound streaming file transfers on this node to the -# given total throughput in Mbps. This is necessary because Cassandra does -# mostly sequential IO when streaming data during bootstrap or repair, which -# can lead to saturating the network connection and degrading rpc performance. -# When unset, the default is 200 Mbps or 25 MB/s. -<% if @stream_throughput_outbound_megabits_per_sec != nil %>stream_throughput_outbound_megabits_per_sec: <%= @stream_throughput_outbound_megabits_per_sec %><% else %># stream_throughput_outbound_megabits_per_sec: 200<% end %> - -# Throttles all streaming file transfer between the datacenters, -# this setting allows users to throttle inter dc stream throughput in addition -# to throttling all network stream traffic as configured with -# stream_throughput_outbound_megabits_per_sec -<% if @inter_dc_stream_throughput_outbound_megabits_per_sec != nil %>inter_dc_stream_throughput_outbound_megabits_per_sec: <%= @inter_dc_stream_throughput_outbound_megabits_per_sec %><% else %># inter_dc_stream_throughput_outbound_megabits_per_sec:<% end %> - -# How long the coordinator should wait for read operations to complete -read_request_timeout_in_ms: <%= @read_request_timeout_in_ms %> -# How long the coordinator should wait for seq or index scans to complete -range_request_timeout_in_ms: <%= @range_request_timeout_in_ms %> -# How long the coordinator should wait for writes to complete -write_request_timeout_in_ms: <%= @write_request_timeout_in_ms %> -# How long the coordinator should wait for counter writes to complete -counter_write_request_timeout_in_ms: <%= @counter_write_request_timeout_in_ms %> -# How long a coordinator should continue to retry a CAS operation -# that contends with other proposals for the same row -cas_contention_timeout_in_ms: <%= @cas_contention_timeout_in_ms %> -# How long the coordinator should wait for truncates to complete -# (This can be much longer, because unless auto_snapshot is disabled -# we need to flush first so we can snapshot before removing the data.) -truncate_request_timeout_in_ms: <%= @truncate_request_timeout_in_ms %> -# The default timeout for other, miscellaneous operations -request_timeout_in_ms: <%= @request_timeout_in_ms %> - -# Enable operation timeout information exchange between nodes to accurately -# measure request timeouts. If disabled, replicas will assume that requests -# were forwarded to them instantly by the coordinator, which means that -# under overload conditions we will waste that much extra time processing -# already-timed-out requests. -# -# Warning: before enabling this property make sure to ntp is installed -# and the times are synchronized between the nodes. -cross_node_timeout: <%= @cross_node_timeout %> - -# Enable socket timeout for streaming operation. -# When a timeout occurs during streaming, streaming is retried from the start -# of the current file. This _can_ involve re-streaming an important amount of -# data, so you should avoid setting the value too low. -# Default value is 0, which never timeout streams. -<% if @streaming_socket_timeout_in_ms != nil %>streaming_socket_timeout_in_ms: <%= @streaming_socket_timeout_in_ms %><% else %># streaming_socket_timeout_in_ms: 0<% end %> - -# phi value that must be reached for a host to be marked down. -# most users should never need to adjust this. -<% if @phi_convict_threshold != nil %>phi_convict_threshold: <%= @phi_convict_threshold %><% else %># phi_convict_threshold: 8<% end %> - -# endpoint_snitch -- Set this to a class that implements -# IEndpointSnitch. The snitch has two functions: -# - it teaches Cassandra enough about your network topology to route -# requests efficiently -# - it allows Cassandra to spread replicas around your cluster to avoid -# correlated failures. It does this by grouping machines into -# "datacenters" and "racks." Cassandra will do its best not to have -# more than one replica on the same "rack" (which may not actually -# be a physical location) -# -# IF YOU CHANGE THE SNITCH AFTER DATA IS INSERTED INTO THE CLUSTER, -# YOU MUST RUN A FULL REPAIR, SINCE THE SNITCH AFFECTS WHERE REPLICAS -# ARE PLACED. -# -# Out of the box, Cassandra provides -# - SimpleSnitch: -# Treats Strategy order as proximity. This can improve cache -# locality when disabling read repair. Only appropriate for -# single-datacenter deployments. -# - GossipingPropertyFileSnitch -# This should be your go-to snitch for production use. The rack -# and datacenter for the local node are defined in -# cassandra-rackdc.properties and propagated to other nodes via -# gossip. If cassandra-topology.properties exists, it is used as a -# fallback, allowing migration from the PropertyFileSnitch. -# - PropertyFileSnitch: -# Proximity is determined by rack and data center, which are -# explicitly configured in cassandra-topology.properties. -# - Ec2Snitch: -# Appropriate for EC2 deployments in a single Region. Loads Region -# and Availability Zone information from the EC2 API. The Region is -# treated as the datacenter, and the Availability Zone as the rack. -# Only private IPs are used, so this will not work across multiple -# Regions. -# - Ec2MultiRegionSnitch: -# Uses public IPs as broadcast_address to allow cross-region -# connectivity. (Thus, you should set seed addresses to the public -# IP as well.) You will need to open the storage_port or -# ssl_storage_port on the public IP firewall. (For intra-Region -# traffic, Cassandra will switch to the private IP after -# establishing a connection.) -# - RackInferringSnitch: -# Proximity is determined by rack and data center, which are -# assumed to correspond to the 3rd and 2nd octet of each node's IP -# address, respectively. Unless this happens to match your -# deployment conventions, this is best used as an example of -# writing a custom Snitch class and is provided in that spirit. -# -# You can use a custom Snitch by setting this to the full class name -# of the snitch, which will be assumed to be on your classpath. -endpoint_snitch: <%= @endpoint_snitch %> - -# controls how often to perform the more expensive part of host score -# calculation -dynamic_snitch_update_interval_in_ms: <%= @dynamic_snitch_update_interval_in_ms %> -# controls how often to reset all host scores, allowing a bad host to -# possibly recover -dynamic_snitch_reset_interval_in_ms: <%= @dynamic_snitch_reset_interval_in_ms %> -# if set greater than zero and read_repair_chance is < 1.0, this will allow -# 'pinning' of replicas to hosts in order to increase cache capacity. -# The badness threshold will control how much worse the pinned host has to be -# before the dynamic snitch will prefer other replicas over it. This is -# expressed as a double which represents a percentage. Thus, a value of -# 0.2 means Cassandra would continue to prefer the static snitch values -# until the pinned host was 20% worse than the fastest. -dynamic_snitch_badness_threshold: <%= @dynamic_snitch_badness_threshold %> - -# request_scheduler -- Set this to a class that implements -# RequestScheduler, which will schedule incoming client requests -# according to the specific policy. This is useful for multi-tenancy -# with a single Cassandra cluster. -# NOTE: This is specifically for requests from the client and does -# not affect inter node communication. -# org.apache.cassandra.scheduler.NoScheduler - No scheduling takes place -# org.apache.cassandra.scheduler.RoundRobinScheduler - Round robin of -# client requests to a node with a separate queue for each -# request_scheduler_id. The scheduler is further customized by -# request_scheduler_options as described below. -request_scheduler: <%= @request_scheduler %> - -# Scheduler Options vary based on the type of scheduler -# NoScheduler - Has no options -# RoundRobin -# - throttle_limit -- The throttle_limit is the number of in-flight -# requests per client. Requests beyond -# that limit are queued up until -# running requests can complete. -# The value of 80 here is twice the number of -# concurrent_reads + concurrent_writes. -# - default_weight -- default_weight is optional and allows for -# overriding the default which is 1. -# - weights -- Weights are optional and will default to 1 or the -# overridden default_weight. The weight translates into how -# many requests are handled during each turn of the -# RoundRobin, based on the scheduler id. -# -# request_scheduler_options: -<% if @request_scheduler_options_throttle_limit != nil %>request_scheduler_options_throttle_limit: <%= @request_scheduler_options_throttle_limit %><% else %># throttle_limit: 80<% end %> -<% if @request_scheduler_options_default_weight != nil %>request_scheduler_options_default_weight: <%= @request_scheduler_options_default_weight %><% else %># default_weight: 5<% end %> -# weights: -# Keyspace1: 1 -# Keyspace2: 5 - -# request_scheduler_id -- An identifier based on which to perform -# the request scheduling. Currently the only valid option is keyspace. -# request_scheduler_id: keyspace - -# Enable or disable inter-node encryption -# Default settings are TLS v1, RSA 1024-bit keys (it is imperative that -# users generate their own keys) TLS_RSA_WITH_AES_128_CBC_SHA as the cipher -# suite for authentication, key exchange and encryption of the actual data transfers. -# Use the DHE/ECDHE ciphers if running in FIPS 140 compliant mode. -# NOTE: No custom encryption options are enabled at the moment -# The available internode options are : all, none, dc, rack -# -# If set to dc cassandra will encrypt the traffic between the DCs -# If set to rack cassandra will encrypt the traffic between the racks -# -# The passwords used in these options must match the passwords used when generating -# the keystore and truststore. For instructions on generating these files, see: -# http://download.oracle.com/javase/6/docs/technotes/guides/security/jsse/JSSERefGuide.html#CreateKeystore -# -server_encryption_options: - internode_encryption: <%= @server_encryption_internode %> - keystore: <%= @server_encryption_keystore %> - keystore_password: <%= @server_encryption_keystore_password %> - truststore: <%= @server_encryption_truststore %> - truststore_password: <%= @server_encryption_truststore_password %> - # More advanced defaults below: -<% if @server_encryption_protocol != nil %> protocol: <%= @server_encryption_protocol %><% else %> # protocol: TLS<% end %> -<% if @server_encryption_algorithm != nil %> algorithm: <%= @server_encryption_algorithm %><% else %> # algorithm: SunX509<% end %> -<% if @server_encryption_store_type != nil %> store_type: <%= @server_encryption_store_type %><% else %> # store_type: JKS<% end %> -<% if @server_encryption_cipher_suites != nil %> cipher_suites: <%= @server_encryption_cipher_suites %><% else %> # cipher_suites: [TLS_RSA_WITH_AES_128_CBC_SHA,TLS_RSA_WITH_AES_256_CBC_SHA,TLS_DHE_RSA_WITH_AES_128_CBC_SHA,TLS_DHE_RSA_WITH_AES_256_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA]<% end %> -<% if @server_encryption_require_client_auth != nil %> require_client_auth: <%= @server_encryption_require_client_auth %><% else %> # require_client_auth: false<% end %> - -# enable or disable client/server encryption. -client_encryption_options: - enabled: <%= @client_encryption_enabled %> - keystore: <%= @client_encryption_keystore %> - keystore_password: <%= @client_encryption_keystore_password %> -<% if @client_encryption_require_client_auth != nil %> require_client_auth: <%= @client_encryption_require_client_auth %><% else %> # require_client_auth: false<% end %> - # Set trustore and truststore_password if require_client_auth is true -<% if @client_encryption_truststore != nil %> truststore: <%= @client_encryption_truststore %><% else %> # truststore: conf/.truststore<% end %> -<% if @client_encryption_truststore_password != nil %> truststore_password: <%= @client_encryption_truststore_password %><% else %> # truststore_password: cassandra<% end %> - # More advanced defaults below: -<% if @client_encryption_protocol != nil %> protocol: <%= @client_encryption_protocol %><% else %> # protocol: TLS<% end %> -<% if @client_encryption_algorithm != nil %> algorithm: <%= @client_encryption_algorithm %><% else %> # algorithm: SunX509<% end %> -<% if @client_encryption_store_type != nil %> store_type: <%= @client_encryption_store_type %><% else %> # store_type: JKS<% end %> -<% if @client_encryption_cipher_suites != nil %> cipher_suites: <%= @client_encryption_cipher_suites %><% else %> # cipher_suites: [TLS_RSA_WITH_AES_128_CBC_SHA,TLS_RSA_WITH_AES_256_CBC_SHA,TLS_DHE_RSA_WITH_AES_128_CBC_SHA,TLS_DHE_RSA_WITH_AES_256_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA]<% end %> - -# internode_compression controls whether traffic between nodes is -# compressed. -# can be: all - all traffic is compressed -# dc - traffic between different datacenters is compressed -# none - nothing is compressed. -internode_compression: <%= @internode_compression %> - -# Enable or disable tcp_nodelay for inter-dc communication. -# Disabling it will result in larger (but fewer) network packets being sent, -# reducing overhead from the TCP protocol itself, at the cost of increasing -# latency if you block for cross-datacenter responses. -inter_dc_tcp_nodelay: <%= @inter_dc_tcp_nodelay %> - -# This setting has been removed from default configuration. It makes new -# (non-seed) nodes automatically migrate the right data to themselves. When -# initializing a fresh cluster without data, add auto_bootstrap: false. -<% if @auto_bootstrap != nil %>auto_bootstrap: <%= @auto_bootstrap %><% else %>#auto_bootstrap: true<% end %> diff --git a/cassandra/templates/cassandra1.yaml.erb b/cassandra/templates/cassandra1.yaml.erb deleted file mode 100755 index c066e14f4..000000000 --- a/cassandra/templates/cassandra1.yaml.erb +++ /dev/null @@ -1,710 +0,0 @@ -# Cassandra storage config YAML - -# NOTE: -# See http://wiki.apache.org/cassandra/StorageConfiguration for -# full explanations of configuration directives -# /NOTE - -# The name of the cluster. This is mainly used to prevent machines in -# one logical cluster from joining another. -cluster_name: '<%= @cluster_name %>' - -# This defines the number of tokens randomly assigned to this node on the ring -# The more tokens, relative to other nodes, the larger the proportion of data -# that this node will store. You probably want all nodes to have the same number -# of tokens assuming they have equal hardware capability. -# -# If you leave this unspecified, Cassandra will use the default of 1 token for legacy compatibility, -# and will use the initial_token as described below. -# -# Specifying initial_token will override this setting. -# -# If you already have a cluster with 1 token per node, and wish to migrate to -# multiple tokens per node, see http://wiki.apache.org/cassandra/Operations -num_tokens: <%= @num_tokens %> - -# If you haven't specified num_tokens, or have set it to the default of 1 then -# you should always specify InitialToken when setting up a production -# cluster for the first time, and often when adding capacity later. -# The principle is that each node should be given an equal slice of -# the token ring; see http://wiki.apache.org/cassandra/Operations -# for more details. -# -# If blank, Cassandra will request a token bisecting the range of -# the heaviest-loaded existing node. If there is no load information -# available, such as is the case with a new cluster, it will pick -# a random token, which will lead to hot spots. -<% if @initial_token != nil %>initial_token: <%= @initial_token %><% else %># initial_token:<% end %> - -# See http://wiki.apache.org/cassandra/HintedHandoff -hinted_handoff_enabled: <%= @hinted_handoff_enabled %> -# this defines the maximum amount of time a dead host will have hints -# generated. After it has been dead this long, new hints for it will not be -# created until it has been seen alive and gone down again. -max_hint_window_in_ms: <%= @max_hint_window_in_ms %> # 3 hours -# Maximum throttle in KBs per second, per delivery thread. This will be -# reduced proportionally to the number of nodes in the cluster. (If there -# are two nodes in the cluster, each delivery thread will use the maximum -# rate; if there are three, each will throttle to half of the maximum, -# since we expect two nodes to be delivering hints simultaneously.) -hinted_handoff_throttle_in_kb: <%= @hinted_handoff_throttle_in_kb %> -# Number of threads with which to deliver hints; -# Consider increasing this number when you have multi-dc deployments, since -# cross-dc handoff tends to be slower -max_hints_delivery_threads: <%= @max_hints_delivery_threads %> - -# The following setting populates the page cache on memtable flush and compaction -# WARNING: Enable this setting only when the whole node's data fits in memory. -# Defaults to: false -# populate_io_cache_on_flush: false - -# Authentication backend, implementing IAuthenticator; used to identify users -# Out of the box, Cassandra provides org.apache.cassandra.auth.{AllowAllAuthenticator, -# PasswordAuthenticator}. -# -# - AllowAllAuthenticator performs no checks - set it to disable authentication. -# - PasswordAuthenticator relies on username/password pairs to authenticate -# users. It keeps usernames and hashed passwords in system_auth.credentials table. -# Please increase system_auth keyspace replication factor if you use this authenticator. -authenticator: <%= @authenticator %> - -# Authorization backend, implementing IAuthorizer; used to limit access/provide permissions -# Out of the box, Cassandra provides org.apache.cassandra.auth.{AllowAllAuthorizer, -# CassandraAuthorizer}. -# -# - AllowAllAuthorizer allows any action to any user - set it to disable authorization. -# - CassandraAuthorizer stores permissions in system_auth.permissions table. Please -# increase system_auth keyspace replication factor if you use this authorizer. -authorizer: <%= @authorizer %> - -# Validity period for permissions cache (fetching permissions can be an -# expensive operation depending on the authorizer, CassandraAuthorizer is -# one example). Defaults to 2000, set to 0 to disable. -# Will be disabled automatically for AllowAllAuthorizer. -permissions_validity_in_ms: <%= @permissions_validity_in_ms %> - -# The partitioner is responsible for distributing rows (by key) across -# nodes in the cluster. Any IPartitioner may be used, including your -# own as long as it is on the classpath. Out of the box, Cassandra -# provides org.apache.cassandra.dht.{Murmur3Partitioner, RandomPartitioner -# ByteOrderedPartitioner, OrderPreservingPartitioner (deprecated)}. -# -# - RandomPartitioner distributes rows across the cluster evenly by md5. -# This is the default prior to 1.2 and is retained for compatibility. -# - Murmur3Partitioner is similar to RandomPartioner but uses Murmur3_128 -# Hash Function instead of md5. When in doubt, this is the best option. -# - ByteOrderedPartitioner orders rows lexically by key bytes. BOP allows -# scanning rows in key order, but the ordering can generate hot spots -# for sequential insertion workloads. -# - OrderPreservingPartitioner is an obsolete form of BOP, that stores -# - keys in a less-efficient format and only works with keys that are -# UTF8-encoded Strings. -# - CollatingOPP collates according to EN,US rules rather than lexical byte -# ordering. Use this as an example if you need custom collation. -# -# See http://wiki.apache.org/cassandra/Operations for more on -# partitioners and token selection. -partitioner: <%= @partitioner %> - -# Directories where Cassandra should store data on disk. Cassandra -# will spread data evenly across them, subject to the granularity of -# the configured compaction strategy. -data_file_directories: -<% @data_file_directories.each do |val| -%> - - <%= val %> -<% end -%> - -commitlog_directory: <%= @commitlog_directory %> - -# policy for data disk failures: -# stop: shut down gossip and Thrift, leaving the node effectively dead, but -# can still be inspected via JMX. -# best_effort: stop using the failed disk and respond to requests based on -# remaining available sstables. This means you WILL see obsolete -# data at CL.ONE! -# ignore: ignore fatal errors and let requests fail, as in pre-1.2 Cassandra -disk_failure_policy: <%= @disk_failure_policy %> - -# Maximum size of the key cache in memory. -# -# Each key cache hit saves 1 seek and each row cache hit saves 2 seeks at the -# minimum, sometimes more. The key cache is fairly tiny for the amount of -# time it saves, so it's worthwhile to use it at large numbers. -# The row cache saves even more time, but must contain the entire row, -# so it is extremely space-intensive. It's best to only use the -# row cache if you have hot rows or static rows. -# -# NOTE: if you reduce the size, you may not get you hottest keys loaded on startup. -# -# Default value is empty to make it "auto" (min(5% of Heap (in MB), 100MB)). Set to 0 to disable key cache. -key_cache_size_in_mb: - -# Duration in seconds after which Cassandra should -# save the key cache. Caches are saved to saved_caches_directory as -# specified in this configuration file. -# -# Saved caches greatly improve cold-start speeds, and is relatively cheap in -# terms of I/O for the key cache. Row cache saving is much more expensive and -# has limited use. -# -# Default is 14400 or 4 hours. -key_cache_save_period: 14400 - -# Number of keys from the key cache to save -# Disabled by default, meaning all keys are going to be saved -# key_cache_keys_to_save: 100 - -# Maximum size of the row cache in memory. -# NOTE: if you reduce the size, you may not get you hottest keys loaded on startup. -# -# Default value is 0, to disable row caching. -row_cache_size_in_mb: <%= @row_cache_size_in_mb %> - -# Duration in seconds after which Cassandra should -# safe the row cache. Caches are saved to saved_caches_directory as specified -# in this configuration file. -# -# Saved caches greatly improve cold-start speeds, and is relatively cheap in -# terms of I/O for the key cache. Row cache saving is much more expensive and -# has limited use. -# -# Default is 0 to disable saving the row cache. -row_cache_save_period: <%= @row_cache_save_period %> - -# Number of keys from the row cache to save -# Disabled by default, meaning all keys are going to be saved -<% if @row_cache_keys_to_save != nil %>row_cache_keys_to_save: <%= @row_cache_keys_to_save %><% else %># row_cache_keys_to_save: 100<% end %> - -# The provider for the row cache to use. -# -# Supported values are: ConcurrentLinkedHashCacheProvider, SerializingCacheProvider -# -# SerializingCacheProvider serialises the contents of the row and stores -# it in native memory, i.e., off the JVM Heap. Serialized rows take -# significantly less memory than "live" rows in the JVM, so you can cache -# more rows in a given memory footprint. And storing the cache off-heap -# means you can use smaller heap sizes, reducing the impact of GC pauses. -# Note however that when a row is requested from the row cache, it must be -# deserialized into the heap for use. -# -# It is also valid to specify the fully-qualified class name to a class -# that implements org.apache.cassandra.cache.IRowCacheProvider. -# -# Defaults to SerializingCacheProvider -row_cache_provider: SerializingCacheProvider - -# saved caches -saved_caches_directory: <%= @saved_caches_directory %> - -# commitlog_sync may be either "periodic" or "batch." -# When in batch mode, Cassandra won't ack writes until the commit log -# has been fsynced to disk. It will wait up to -# commitlog_sync_batch_window_in_ms milliseconds for other writes, before -# performing the sync. -# -<% if @commitlog_sync != nil %>commitlog_sync: <%= @commitlog_sync %><% else %># commitlog_sync: batch<% end %> -<% if @commitlog_sync_batch_window_in_ms != nil %>commitlog_sync_batch_window_in_ms: <%= @commitlog_sync_batch_window_in_ms %><% else %># commitlog_sync_batch_window_in_ms: 50<% end %> -# -# the other option is "periodic" where writes may be acked immediately -# and the CommitLog is simply synced every commitlog_sync_period_in_ms -# milliseconds. By default this allows 1024*(CPU cores) pending -# entries on the commitlog queue. If you are writing very large blobs, -# you should reduce that; 16*cores works reasonably well for 1MB blobs. -# It should be at least as large as the concurrent_writes setting. -commitlog_sync: periodic -commitlog_sync_period_in_ms: 10000 -# commitlog_periodic_queue_size: - -# The size of the individual commitlog file segments. A commitlog -# segment may be archived, deleted, or recycled once all the data -# in it (potentially from each columnfamily in the system) has been -# flushed to sstables. -# -# The default size is 32, which is almost always fine, but if you are -# archiving commitlog segments (see commitlog_archiving.properties), -# then you probably want a finer granularity of archiving; 8 or 16 MB -# is reasonable. -commitlog_segment_size_in_mb: 32 - -# any class that implements the SeedProvider interface and has a -# constructor that takes a Map of parameters will do. -seed_provider: - # Addresses of hosts that are deemed contact points. - # Cassandra nodes use this list of hosts to find each other and learn - # the topology of the ring. You must change this if you are running - # multiple nodes! - - class_name: org.apache.cassandra.locator.SimpleSeedProvider - parameters: - # seeds is actually a comma-delimited list of addresses. - # Ex: ",," - - seeds: "<%= @seeds %>" - -# emergency pressure valve: each time heap usage after a full (CMS) -# garbage collection is above this fraction of the max, Cassandra will -# flush the largest memtables. -# -# Set to 1.0 to disable. Setting this lower than -# CMSInitiatingOccupancyFraction is not likely to be useful. -# -# RELYING ON THIS AS YOUR PRIMARY TUNING MECHANISM WILL WORK POORLY: -# it is most effective under light to moderate load, or read-heavy -# workloads; under truly massive write load, it will often be too -# little, too late. -flush_largest_memtables_at: 0.75 - -# emergency pressure valve #2: the first time heap usage after a full -# (CMS) garbage collection is above this fraction of the max, -# Cassandra will reduce cache maximum _capacity_ to the given fraction -# of the current _size_. Should usually be set substantially above -# flush_largest_memtables_at, since that will have less long-term -# impact on the system. -# -# Set to 1.0 to disable. Setting this lower than -# CMSInitiatingOccupancyFraction is not likely to be useful. -reduce_cache_sizes_at: 0.85 -reduce_cache_capacity_to: 0.6 - -# For workloads with more data than can fit in memory, Cassandra's -# bottleneck will be reads that need to fetch data from -# disk. "concurrent_reads" should be set to (16 * number_of_drives) in -# order to allow the operations to enqueue low enough in the stack -# that the OS and drives can reorder them. -# -# On the other hand, since writes are almost never IO bound, the ideal -# number of "concurrent_writes" is dependent on the number of cores in -# your system; (8 * number_of_cores) is a good rule of thumb. -concurrent_reads: 32 -concurrent_writes: 32 - -# Total memory to use for memtables. Cassandra will flush the largest -# memtable when this much memory is used. -# If omitted, Cassandra will set it to 1/3 of the heap. -# memtable_total_space_in_mb: 2048 - -# Total space to use for commitlogs. Since commitlog segments are -# mmapped, and hence use up address space, the default size is 32 -# on 32-bit JVMs, and 1024 on 64-bit JVMs. -# -# If space gets above this value (it will round up to the next nearest -# segment multiple), Cassandra will flush every dirty CF in the oldest -# segment and remove it. So a small total commitlog space will tend -# to cause more flush activity on less-active columnfamilies. -<% if @commitlog_total_space_in_mb != nil %>commitlog_total_space_in_mb: <%= @commitlog_total_space_in_mb %><% else %># commitlog_total_space_in_mb: 8192<% end %> - -# This sets the amount of memtable flush writer threads. These will -# be blocked by disk io, and each one will hold a memtable in memory -# while blocked. If you have a large heap and many data directories, -# you can increase this value for better flush performance. -# By default this will be set to the amount of data directories defined. -<% if @memtable_flush_writers != nil %>memtable_flush_writers: <%= @memtable_flush_writers %><% else %>#memtable_flush_writers: 8<% end %> - -# the number of full memtables to allow pending flush, that is, -# waiting for a writer thread. At a minimum, this should be set to -# the maximum number of secondary indexes created on a single CF. -memtable_flush_queue_size: 4 - -# Whether to, when doing sequential writing, fsync() at intervals in -# order to force the operating system to flush the dirty -# buffers. Enable this to avoid sudden dirty buffer flushing from -# impacting read latencies. Almost always a good idea on SSDs; not -# necessarily on platters. -trickle_fsync: <%= @trickle_fsync %> -trickle_fsync_interval_in_kb: <%= @trickle_fsync_interval_in_kb %> - -# TCP port, for commands and data -storage_port: <%= @storage_port %> - -# SSL port, for encrypted communication. Unused unless enabled in -# encryption_options -ssl_storage_port: <%= @ssl_storage_port %> - -# Address to bind to and tell other Cassandra nodes to connect to. You -# _must_ change this if you want multiple nodes to be able to -# communicate! -# -# Leaving it blank leaves it up to InetAddress.getLocalHost(). This -# will always do the Right Thing _if_ the node is properly configured -# (hostname, name resolution, etc), and the Right Thing is to use the -# address associated with the hostname (it might not be). -# -# Setting this to 0.0.0.0 is always wrong. -listen_address: <%= @listen_address %> - -# Address to broadcast to other Cassandra nodes -# Leaving this blank will set it to the same value as listen_address -<% if @broadcast_address != nil %>broadcast_address: <%= @broadcast_address %><% else %># broadcast_address: 1.2.3.4<% end %> - -# Internode authentication backend, implementing IInternodeAuthenticator; -# used to allow/disallow connections from peer nodes. -<% if @internode_authenticator != nil %>internode_authenticator: <%= @internode_authenticator %><% else %># internode_authenticator: org.apache.cassandra.auth.AllowAllInternodeAuthenticator<% end %> - -# Whether to start the native transport server. -# Please note that the address on which the native transport is bound is the -# same as the rpc_address. The port however is different and specified below. -start_native_transport: <%= @start_native_transport %> -# port for the CQL native transport to listen for clients on -native_transport_port: <%= @native_transport_port %> -# The minimum and maximum threads for handling requests when the native -# transport is used. They are similar to rpc_min_threads and rpc_max_threads, -# though the defaults differ slightly. -# NOTE: native_transport_min_threads is now deprecated and ignored (but kept -# in the 1.2.x series for compatibility sake). -# native_transport_min_threads: 16 -<% if @native_transport_max_threads != nil %>native_transport_max_threads: <%= @native_transport_max_threads %><% else %># native_transport_max_threads: 128<% end %> - -# Whether to start the thrift rpc server. -start_rpc: <%= @start_rpc %> - -# The address to bind the Thrift RPC service and native transport -# server -- clients connect here. -# -# Leaving this blank has the same effect it does for ListenAddress, -# (i.e. it will be based on the configured hostname of the node). -# -# Note that unlike ListenAddress above, it is allowed to specify 0.0.0.0 -# here if you want to listen on all interfaces, but that will break clients -# that rely on node auto-discovery. -rpc_address: <%= @rpc_address %> -# port for Thrift to listen for clients on -rpc_port: <%= @rpc_port %> - -# enable or disable keepalive on rpc connections -rpc_keepalive: true - -# Cassandra provides three out-of-the-box options for the RPC Server: -# -# sync -> One thread per thrift connection. For a very large number of clients, memory -# will be your limiting factor. On a 64 bit JVM, 180KB is the minimum stack size -# per thread, and that will correspond to your use of virtual memory (but physical memory -# may be limited depending on use of stack space). -# -# hsha -> Stands for "half synchronous, half asynchronous." All thrift clients are handled -# asynchronously using a small number of threads that does not vary with the amount -# of thrift clients (and thus scales well to many clients). The rpc requests are still -# synchronous (one thread per active request). -# -# The default is sync because on Windows hsha is about 30% slower. On Linux, -# sync/hsha performance is about the same, with hsha of course using less memory. -# -# Alternatively, can provide your own RPC server by providing the fully-qualified class name -# of an o.a.c.t.TServerFactory that can create an instance of it. -rpc_server_type: <%= @rpc_server_type %> - -# Uncomment rpc_min|max_thread to set request pool size limits. -# -# Regardless of your choice of RPC server (see above), the number of maximum requests in the -# RPC thread pool dictates how many concurrent requests are possible (but if you are using the sync -# RPC server, it also dictates the number of clients that can be connected at all). -# -# The default is unlimited and thus provides no protection against clients overwhelming the server. You are -# encouraged to set a maximum that makes sense for you in production, but do keep in mind that -# rpc_max_threads represents the maximum number of client requests this server may execute concurrently. -# -<% if @rpc_min_threads != nil %>rpc_min_threads: <%= @rpc_min_threads %><% else %># rpc_min_threads: 16<% end %> -<% if @rpc_max_threads != nil %>rpc_max_threads: <%= @rpc_max_threads %><% else %># rpc_max_threads: 2048<% end %> - -# uncomment to set socket buffer sizes on rpc connections -<% if @rpc_send_buff_size_in_bytes != nil %>rpc_send_buff_size_in_bytes: <%= @rpc_send_buff_size_in_bytes %><% else %># rpc_send_buff_size_in_bytes:<% end %> -<% if @rpc_recv_buff_size_in_bytes != nil %>rpc_recv_buff_size_in_bytes: <%= @rpc_recv_buff_size_in_bytes %><% else %># rpc_recv_buff_size_in_bytes:<% end %> - -# Uncomment to set socket buffer size for internode communication -# Note that when setting this, the buffer size is limited by net.core.wmem_max -# and when not setting it it is defined by net.ipv4.tcp_wmem -# See: -# /proc/sys/net/core/wmem_max -# /proc/sys/net/core/rmem_max -# /proc/sys/net/ipv4/tcp_wmem -# /proc/sys/net/ipv4/tcp_wmem -# and: man tcp -<% if @internode_send_buff_size_in_bytes != nil %>internode_send_buff_size_in_bytes: <%= @internode_send_buff_size_in_bytes %><% else %># internode_send_buff_size_in_bytes:<% end %> -<% if @internode_recv_buff_size_in_bytes != nil %>internode_recv_buff_size_in_bytes: <%= @internode_recv_buff_size_in_bytes %><% else %># internode_recv_buff_size_in_bytes:<% end %> - -# Frame size for thrift (maximum message length). -thrift_framed_transport_size_in_mb: 15 - -# Set to true to have Cassandra create a hard link to each sstable -# flushed or streamed locally in a backups/ subdirectory of the -# keyspace data. Removing these links is the operator's -# responsibility. -incremental_backups: <%= @incremental_backups %> - -# Whether or not to take a snapshot before each compaction. Be -# careful using this option, since Cassandra won't clean up the -# snapshots for you. Mostly useful if you're paranoid when there -# is a data format change. -snapshot_before_compaction: <%= @snapshot_before_compaction %> - -# Whether or not a snapshot is taken of the data before keyspace truncation -# or dropping of column families. The STRONGLY advised default of true -# should be used to provide data safety. If you set this flag to false, you will -# lose data on truncation or drop. -auto_snapshot: <%= @auto_snapshot %> - -# Log a debug message if more than this many tombstones are scanned -# in a single-partition query. Set the threshold on SliceQueryFilter -# to debug to enable. -tombstone_debug_threshold: 10000 - -# Add column indexes to a row after its contents reach this size. -# Increase if your column values are large, or if you have a very large -# number of columns. The competing causes are, Cassandra has to -# deserialize this much of the row to read a single column, so you want -# it to be small - at least if you do many partial-row reads - but all -# the index data is read for each access, so you don't want to generate -# that wastefully either. -column_index_size_in_kb: <%= @column_index_size_in_kb %> - -# Size limit for rows being compacted in memory. Larger rows will spill -# over to disk and use a slower two-pass compaction process. A message -# will be logged specifying the row key. -in_memory_compaction_limit_in_mb: 64 - -# Number of simultaneous compactions to allow, NOT including -# validation "compactions" for anti-entropy repair. Simultaneous -# compactions can help preserve read performance in a mixed read/write -# workload, by mitigating the tendency of small sstables to accumulate -# during a single long running compactions. The default is usually -# fine and if you experience problems with compaction running too -# slowly or too fast, you should look at -# compaction_throughput_mb_per_sec first. -# -# concurrent_compactors defaults to the number of cores. -# Uncomment to make compaction mono-threaded, the pre-0.8 default. -<% if @concurrent_compactors != nil %>concurrent_compactors: <%= @concurrent_compactors %><% else %>#concurrent_compactors: 1<% end %> - -# Multi-threaded compaction. When enabled, each compaction will use -# up to one thread per core, plus one thread per sstable being merged. -# This is usually only useful for SSD-based hardware: otherwise, -# your concern is usually to get compaction to do LESS i/o (see: -# compaction_throughput_mb_per_sec), not more. -multithreaded_compaction: false - -# Throttles compaction to the given total throughput across the entire -# system. The faster you insert data, the faster you need to compact in -# order to keep the sstable count down, but in general, setting this to -# 16 to 32 times the rate you are inserting data is more than sufficient. -# Setting this to 0 disables throttling. Note that this account for all types -# of compaction, including validation compaction. -compaction_throughput_mb_per_sec: <%= @compaction_throughput_mb_per_sec %> - -# Track cached row keys during compaction, and re-cache their new -# positions in the compacted sstable. Disable if you use really large -# key caches. -compaction_preheat_key_cache: true - -# Throttles all outbound streaming file transfers on this node to the -# given total throughput in Mbps. This is necessary because Cassandra does -# mostly sequential IO when streaming data during bootstrap or repair, which -# can lead to saturating the network connection and degrading rpc performance. -# When unset, the default is 200 Mbps or 25 MB/s. -<% if @stream_throughput_outbound_megabits_per_sec != nil %>stream_throughput_outbound_megabits_per_sec: <%= @stream_throughput_outbound_megabits_per_sec %><% else %># stream_throughput_outbound_megabits_per_sec: 200<% end %> - -# How long the coordinator should wait for read operations to complete -read_request_timeout_in_ms: <%= @read_request_timeout_in_ms %> -# How long the coordinator should wait for seq or index scans to complete -range_request_timeout_in_ms: <%= @range_request_timeout_in_ms %> -# How long the coordinator should wait for writes to complete -write_request_timeout_in_ms: <%= @write_request_timeout_in_ms %> -# How long the coordinator should wait for truncates to complete -# (This can be much longer, because unless auto_snapshot is disabled -# we need to flush first so we can snapshot before removing the data.) -truncate_request_timeout_in_ms: <%= @truncate_request_timeout_in_ms %> -# The default timeout for other, miscellaneous operations -request_timeout_in_ms: <%= @request_timeout_in_ms %> - -# Enable operation timeout information exchange between nodes to accurately -# measure request timeouts, If disabled cassandra will assuming the request -# was forwarded to the replica instantly by the coordinator -# -# Warning: before enabling this property make sure to ntp is installed -# and the times are synchronized between the nodes. -cross_node_timeout: <%= @cross_node_timeout %> - -# Enable socket timeout for streaming operation. -# When a timeout occurs during streaming, streaming is retried from the start -# of the current file. This _can_ involve re-streaming an important amount of -# data, so you should avoid setting the value too low. -# Default value is 0, which never timeout streams. -<% if @streaming_socket_timeout_in_ms != nil %>streaming_socket_timeout_in_ms: <%= @streaming_socket_timeout_in_ms %><% else %># streaming_socket_timeout_in_ms: 0<% end %> - -# phi value that must be reached for a host to be marked down. -# most users should never need to adjust this. -<% if @phi_convict_threshold != nil %>phi_convict_threshold: <%= @phi_convict_threshold %><% else %># phi_convict_threshold: 8<% end %> - -# endpoint_snitch -- Set this to a class that implements -# IEndpointSnitch. The snitch has two functions: -# - it teaches Cassandra enough about your network topology to route -# requests efficiently -# - it allows Cassandra to spread replicas around your cluster to avoid -# correlated failures. It does this by grouping machines into -# "datacenters" and "racks." Cassandra will do its best not to have -# more than one replica on the same "rack" (which may not actually -# be a physical location) -# -# IF YOU CHANGE THE SNITCH AFTER DATA IS INSERTED INTO THE CLUSTER, -# YOU MUST RUN A FULL REPAIR, SINCE THE SNITCH AFFECTS WHERE REPLICAS -# ARE PLACED. -# -# Out of the box, Cassandra provides -# - SimpleSnitch: -# Treats Strategy order as proximity. This improves cache locality -# when disabling read repair, which can further improve throughput. -# Only appropriate for single-datacenter deployments. -# - PropertyFileSnitch: -# Proximity is determined by rack and data center, which are -# explicitly configured in cassandra-topology.properties. -# - GossipingPropertyFileSnitch -# The rack and datacenter for the local node are defined in -# cassandra-rackdc.properties and propagated to other nodes via gossip. If -# cassandra-topology.properties exists, it is used as a fallback, allowing -# migration from the PropertyFileSnitch. -# - RackInferringSnitch: -# Proximity is determined by rack and data center, which are -# assumed to correspond to the 3rd and 2nd octet of each node's -# IP address, respectively. Unless this happens to match your -# deployment conventions (as it did Facebook's), this is best used -# as an example of writing a custom Snitch class. -# - Ec2Snitch: -# Appropriate for EC2 deployments in a single Region. Loads Region -# and Availability Zone information from the EC2 API. The Region is -# treated as the datacenter, and the Availability Zone as the rack. -# Only private IPs are used, so this will not work across multiple -# Regions. -# - Ec2MultiRegionSnitch: -# Uses public IPs as broadcast_address to allow cross-region -# connectivity. (Thus, you should set seed addresses to the public -# IP as well.) You will need to open the storage_port or -# ssl_storage_port on the public IP firewall. (For intra-Region -# traffic, Cassandra will switch to the private IP after -# establishing a connection.) -# -# You can use a custom Snitch by setting this to the full class name -# of the snitch, which will be assumed to be on your classpath. -endpoint_snitch: <%= @endpoint_snitch %> - -# controls how often to perform the more expensive part of host score -# calculation -dynamic_snitch_update_interval_in_ms: <%= @dynamic_snitch_update_interval_in_ms %> -# controls how often to reset all host scores, allowing a bad host to -# possibly recover -dynamic_snitch_reset_interval_in_ms: <%= @dynamic_snitch_reset_interval_in_ms %> -# if set greater than zero and read_repair_chance is < 1.0, this will allow -# 'pinning' of replicas to hosts in order to increase cache capacity. -# The badness threshold will control how much worse the pinned host has to be -# before the dynamic snitch will prefer other replicas over it. This is -# expressed as a double which represents a percentage. Thus, a value of -# 0.2 means Cassandra would continue to prefer the static snitch values -# until the pinned host was 20% worse than the fastest. -dynamic_snitch_badness_threshold: <%= @dynamic_snitch_badness_threshold %> - -# request_scheduler -- Set this to a class that implements -# RequestScheduler, which will schedule incoming client requests -# according to the specific policy. This is useful for multi-tenancy -# with a single Cassandra cluster. -# NOTE: This is specifically for requests from the client and does -# not affect inter node communication. -# org.apache.cassandra.scheduler.NoScheduler - No scheduling takes place -# org.apache.cassandra.scheduler.RoundRobinScheduler - Round robin of -# client requests to a node with a separate queue for each -# request_scheduler_id. The scheduler is further customized by -# request_scheduler_options as described below. -request_scheduler: <%= @request_scheduler %> - -# Scheduler Options vary based on the type of scheduler -# NoScheduler - Has no options -# RoundRobin -# - throttle_limit -- The throttle_limit is the number of in-flight -# requests per client. Requests beyond -# that limit are queued up until -# running requests can complete. -# The value of 80 here is twice the number of -# concurrent_reads + concurrent_writes. -# - default_weight -- default_weight is optional and allows for -# overriding the default which is 1. -# - weights -- Weights are optional and will default to 1 or the -# overridden default_weight. The weight translates into how -# many requests are handled during each turn of the -# RoundRobin, based on the scheduler id. -# -# request_scheduler_options: -# throttle_limit: 80 -# default_weight: 5 -# weights: -# Keyspace1: 1 -# Keyspace2: 5 - -# request_scheduler_id -- An identifier based on which to perform -# the request scheduling. Currently the only valid option is keyspace. -# request_scheduler_id: keyspace - -# index_interval controls the sampling of entries from the primrary -# row index in terms of space versus time. The larger the interval, -# the smaller and less effective the sampling will be. In technicial -# terms, the interval coresponds to the number of index entries that -# are skipped between taking each sample. All the sampled entries -# must fit in memory. Generally, a value between 128 and 512 here -# coupled with a large key cache size on CFs results in the best trade -# offs. This value is not often changed, however if you have many -# very small rows (many to an OS page), then increasing this will -# often lower memory usage without a impact on performance. -index_interval: 128 - -# Enable or disable inter-node encryption -# Default settings are TLS v1, RSA 1024-bit keys (it is imperative that -# users generate their own keys) TLS_RSA_WITH_AES_128_CBC_SHA as the cipher -# suite for authentication, key exchange and encryption of the actual data transfers. -# NOTE: No custom encryption options are enabled at the moment -# The available internode options are : all, none, dc, rack -# -# If set to dc cassandra will encrypt the traffic between the DCs -# If set to rack cassandra will encrypt the traffic between the racks -# -# The passwords used in these options must match the passwords used when generating -# the keystore and truststore. For instructions on generating these files, see: -# http://download.oracle.com/javase/6/docs/technotes/guides/security/jsse/JSSERefGuide.html#CreateKeystore -# -server_encryption_options: - internode_encryption: <%= @server_encryption_internode %> - keystore: <%= @server_encryption_keystore %> - keystore_password: <%= @server_encryption_keystore_password %> - truststore: <%= @server_encryption_truststore %> - truststore_password: <%= @server_encryption_truststore_password %> - # More advanced defaults below: - # protocol: TLS - # algorithm: SunX509 - # store_type: JKS - # cipher_suites: [TLS_RSA_WITH_AES_128_CBC_SHA,TLS_RSA_WITH_AES_256_CBC_SHA] - # require_client_auth: false - -# enable or disable client/server encryption. -client_encryption_options: - enabled: <%= @client_encryption_enabled %> - keystore: <%= @client_encryption_keystore %> - keystore_password: <%= @client_encryption_keystore_password %> - # require_client_auth: false - # Set trustore and truststore_password if require_client_auth is true - # truststore: conf/.truststore - # truststore_password: cassandra - # More advanced defaults below: - # protocol: TLS - # algorithm: SunX509 - # store_type: JKS - # cipher_suites: [TLS_RSA_WITH_AES_128_CBC_SHA,TLS_RSA_WITH_AES_256_CBC_SHA] - -# internode_compression controls whether traffic between nodes is -# compressed. -# can be: all - all traffic is compressed -# dc - traffic between different datacenters is compressed -# none - nothing is compressed. -internode_compression: <%= @internode_compression %> - -# Enable or disable tcp_nodelay for inter-dc communication. -# Disabling it will result in larger (but fewer) network packets being sent, -# reducing overhead from the TCP protocol itself, at the cost of increasing -# latency if you block for cross-datacenter responses. -inter_dc_tcp_nodelay: <%= @inter_dc_tcp_nodelay %> - -# This setting has been removed from default configuration. It makes new -# (non-seed) nodes automatically migrate the right data to themselves. When -# initializing a fresh cluster without data, add auto_bootstrap: false. -<% if @auto_bootstrap != nil %>auto_bootstrap: <%= @auto_bootstrap %><% else %>#auto_bootstrap: true<% end %> diff --git a/ceilometer/.gitignore b/ceilometer/.gitignore deleted file mode 100644 index 61092bdaf..000000000 --- a/ceilometer/.gitignore +++ /dev/null @@ -1,15 +0,0 @@ -pkg/ -Gemfile.lock -vendor/ -spec/fixtures/ -.vagrant/ -.bundle/ -coverage/ -.idea/ -*.swp -*.iml -openstack/ - -# Files created by releasenotes build -releasenotes/build -.tox diff --git a/ceilometer/.gitreview b/ceilometer/.gitreview deleted file mode 100644 index e97254a18..000000000 --- a/ceilometer/.gitreview +++ /dev/null @@ -1,5 +0,0 @@ -[gerrit] -host=review.openstack.org -port=29418 -project=openstack/puppet-ceilometer.git -defaultbranch=stable/mitaka diff --git a/ceilometer/.travis.yml b/ceilometer/.travis.yml deleted file mode 100644 index 63844457d..000000000 --- a/ceilometer/.travis.yml +++ /dev/null @@ -1,28 +0,0 @@ -language: ruby -bundler_args: --without development -before_script: - - echo $PUPPET_GEM_VERSION | grep '2.6' && git clone git://github.com/puppetlabs/puppetlabs-create_resources.git spec/fixtures/modules/create_resources || true -script: "bundle exec rake spec SPEC_OPTS='--format documentation'" -rvm: - - 1.8.7 - - 1.9.3 - - ruby-head -env: - - PUPPET_GEM_VERSION="~> 2.6" - - PUPPET_GEM_VERSION="~> 2.7" - - PUPPET_GEM_VERSION="~> 3.0" - - PUPPET_GEM_VERSION="~> 3.1" -matrix: - allow_failures: - - rvm: ruby-head - exclude: - - rvm: 1.9.3 - env: PUPPET_GEM_VERSION="~> 2.7" - - rvm: ruby-head - env: PUPPET_GEM_VERSION="~> 2.7" - - rvm: 1.9.3 - env: PUPPET_GEM_VERSION="~> 2.6" - - rvm: ruby-head - env: PUPPET_GEM_VERSION="~> 2.6" -notifications: - email: false diff --git a/ceilometer/CHANGELOG.md b/ceilometer/CHANGELOG.md deleted file mode 100644 index 1ae3a5b89..000000000 --- a/ceilometer/CHANGELOG.md +++ /dev/null @@ -1,220 +0,0 @@ -## 8.0.0 and beyond - -From 8.0.0 release and beyond, release notes are published on -[docs.openstack.org](http://docs.openstack.org/releasenotes/puppet-ceilometer/). - -##2015-11-25 - 7.0.0 -###Summary - -This is a backwards-incompatible major release for OpenStack Liberty. - -####Backwards-incompatible changes -- change section name for AMQP qpid parameters -- remove deprecated mysql_module - -####Features -- keystone/auth: make service description configurable -- add support for RabbitMQ connection heartbeat -- simplify parameters for rpc_backend -- add tag to package and service resources -- enable support for memcached_servers -- add ability to specify ttl and timeout parameters -- add ability to manage use_stderr parameter -- creation of ceilometer::db::sync -- reflect provider change in puppet-openstacklib -- make 'alarm_history_time_to_live' parameter configurable -- update ceilometer::db class to match other module pattern -- implement auth_endpoint_type parameter -- stop managing File resources -- put all the logging related parameters to the logging class -- add mongodb_replica_set option -- allow customization of db sync command line - -####Bugfixes -- rely on autorequire for config resource ordering -- compute agent: do not try to configure nova.conf -- agent/auth: bring consistent how we manage empty parameters -- remove the api service subscription on db sync -- wsgi: make sure eventlet process is stopped before httpd -- auth: drop service dependency for Keystone_user_role - -####Maintenance -- fix rspec 3.x syntax -- initial msync run for all Puppet OpenStack modules -- acceptance: enable debug & verbosity for OpenStack logs -- acceptance/eventlet: make sure apache is stopped -- acceptance: use common bits from puppet-openstack-integration -- rspec: run tests for ::ceilometer::agent::auth -- try to use zuul-cloner to prepare fixtures -- spec: Enable webmock connect to IPv4 link-local -- db: Use postgresql lib class for psycopg package -- remove class_parameter_defaults puppet-lint check - -##2015-10-10 - 6.1.0 -###Summary - -This is a feature and bugfix release in the Kilo series. - -####Bugfixes -- WSGI: make it work, and test it with acceptance - -####Maintenance -- acceptance: checkout stable/kilo puppet modules - - -##2015-07-08 - 6.0.0 -###Summary - -This is a backwards-incompatible major release for OpenStack Kilo. - -####Backwards-incompatible changes -- Move rabbit/kombu settings to oslo_messaging_rabbit section - -####Features -- Puppet 4.x support -- make crontab for expirer optional -- Refactorise Keystone resources management -- db: Added postgresql backend using openstacklib helper -- Implement Ceilometer-API as a WSGI process support -- Add support for ceilometer-polling agent -- Add support for identity_uri -- Tag all Ceilometer packages -- Add udp_address/udp_port parameters for collector. -- Deprecate old public, internal and admin parameters - -####Bugfixes -- Ensure python-mysqldb is installed before MySQL db_sync -- Fix dependency on nova-common package - -####Maintenance -- Acceptance tests with Beaker -- Fix spec tests for RSpec 3.x and Puppet 4.x - - -##2015-06-17 - 5.1.0 -###Summary - -This is a feature and bugfix release in the Juno series. - -####Features -- Add support for configuring coordination/backend_url -- Implement Ceilometer-API as a WSGI process support -- Switch to TLSv1 - -####Bugfixes -- crontab: ensure the script is run with shell -- Change default MySQL collate to utf8_general_ci - -####Maintenance -- Pin puppetlabs-concat to 1.2.1 in fixtures -- Update .gitreview file for project rename -- spec: updates for rspec-puppet 2.x and rspec 3.x - -##2014-11-20 - 5.0.0 -###Summary - -This is a backwards-incompatible major release for OpenStack Juno. - -####Backwards-incompatible changes -- Migrate the mysql backend to use openstacklib::db::mysql, adding dependency - on puppet-openstacklib -- Bumped stdlib dependency to >=4.0.0 -- Removed deprecation notices for sectionless ceilometer_config types for Juno - release - -####Features -- Added ability to hide secrets from puppet logs -- Add package_ensure parameters to various classes to control package - installation -- Add ceilometer::policy to control policy.json -- Update validate_re expressions for Puppet 3.7 -- Add manage_service parameters to various classes to control whether the - service was managed, as well as added enabled parameters where not already - present -- Add parameters to control whether to configure keystone users -- Add the ability to override the keystone service name in - ceilometer::keystone::auth - deprecated the mysql_module parameter - -####Bugfixes -- Fix ceilometer-notification package name for RHEL - -##2014-10-16 - 4.2.0 -###Summary - -This is a feature and bugfix release in the Icehouse series. - -####Features -- Add new class for extended logging options - -####Bugfixes -- Fix dependency on nova-common package -- Fix ssl parameter requirements for kombu and rabbit -- Fix mysql_grant call -- Fix ceilometer-collecter service relationships when service is disabled - -##2014-06-19 - 4.1.0 -###Summary - -This is a feature and bigfix release in the Icehouse series. - -####Features -- Add RabbitMQ SSL Support - -####Bugfixes -- Fix dependency cycle bug -- Fix agent_notification_service_name -- Change default mysql charset to UTF8 - -####Maintenance -- Pin major gems - -##2014-01-05 - 4.0.0 -###Summary - -This is a major release for OpenStack Icehouse but contains no API-breaking -changes. - -####Backwards-incompatible changes - -None - -####Features -- Add ability to override notification topics -- Implement notification agent service -- Add support for puppetlabs-mysql 2.2 and greater -- Introduce ceilometer::config to handle additional custom options - -####Bugfixes -- Fix region name configuration -- Fix ensure packages bug - -##2014-03-26 - 3.1.1 -###Summary - -This is a bugfix release in the Havana series. - -####Bugfixes -- Remove enforcement of glance_control_exchange -- Fix user reference in db.pp -- Allow db fields configuration without need for dbsync for better replicaset - support -- Fix alarm package parameters Debian/Ubuntu - -##2014-02-14 - 3.1.0 -###Summary - -This is a feature and bugfix release in the Havana series. - -####Features -- Remove log_dir from params and make logs configurable in init - -####Bugfixes -- Fix package ceilometer-alarm type error on Debian -- Remove glance_notifications from notification_topic -- Don't match commented [DEFAULT] section - -##2014-01-17 - 3.0.0 -###Summary - -- Initial release of the puppet-ceilometer module diff --git a/ceilometer/Gemfile b/ceilometer/Gemfile deleted file mode 100644 index 5728ff7e7..000000000 --- a/ceilometer/Gemfile +++ /dev/null @@ -1,22 +0,0 @@ -source ENV['GEM_SOURCE'] || "https://rubygems.org" - -group :development, :test, :system_tests do - gem 'puppet-openstack_spec_helper', - :git => 'https://git.openstack.org/openstack/puppet-openstack_spec_helper', - :branch => 'stable/mitaka', - :require => false -end - -if facterversion = ENV['FACTER_GEM_VERSION'] - gem 'facter', facterversion, :require => false -else - gem 'facter', :require => false -end - -if puppetversion = ENV['PUPPET_GEM_VERSION'] - gem 'puppet', puppetversion, :require => false -else - gem 'puppet', :require => false -end - -# vim:ft=ruby diff --git a/ceilometer/LICENSE b/ceilometer/LICENSE deleted file mode 100644 index 88a11a0e7..000000000 --- a/ceilometer/LICENSE +++ /dev/null @@ -1,13 +0,0 @@ -Copyright 2012 OpenStack Foundation - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. diff --git a/ceilometer/README.md b/ceilometer/README.md deleted file mode 100644 index 0d8d865d8..000000000 --- a/ceilometer/README.md +++ /dev/null @@ -1,131 +0,0 @@ -Ceilometer -========== - -#### Table of Contents - -1. [Overview - What is the ceilometer module?](#overview) -2. [Module Description - What does the module do?](#module-description) -3. [Setup - The basics of getting started with ceilometer](#setup) -4. [Implementation - An under-the-hood peek at what the module is doing](#implementation) -5. [Limitations - OS compatibility, etc.](#limitations) -6. [Development - Guide for contributing to the module](#development) -7. [Contributors - Those with commits](#contributors) - -Overview --------- - -The ceilometer module is part of [OpenStack](https://github.com/openstack), an effort by the -OpenStack infrastructure team to provice continuous integration testing and code review for -OpenStack and OpenStack community projects as part of the core software. The module itself -is used to flexibly configure and manage the metering service for OpenStack. - -Module Description ------------------- - -The ceilometer module is an attempt to make Puppet capable of managing the entirety of ceilometer. -This includes manifests to provision the ceilometer api, agents, and database stores. A -ceilometer_config type is supplied to assist in the manipulation of configuration files. - -Setup ------ - -**What the ceilometer module affects** - -* [Ceilometer](https://wiki.openstack.org/wiki/Ceilometer), the metering service for OpenStack - -### Installing ceilometer - - puppet module install openstack/ceilometer - -### Beginning with ceilometer - -To utilize the ceilometer module's functionality you will need to declare multiple resources. This is not an exhaustive list of all the components needed. We recommend that you consult and understand the [core openstack](http://docs.openstack.org) documentation to assist you in understanding the available deployment options. - -```puppet -class { '::ceilometer': - metering_secret => 'secrete', - rabbit_userid => 'ceilometer', - rabbit_password => 'an_even_bigger_secret', - rabbit_host => '127.0.0.1', -} -class { '::ceilometer::client': } -class { '::ceilometer::collector': } -class { '::ceilometer::expirer': } -class { '::ceilometer::agent::central': } -class { '::ceilometer::agent::notification': } -class { '::ceilometer::db': } -class { '::ceilometer::api': - enabled => true, - keystone_password => 'a_big_secret', - keystone_identity_uri => 'http://127.0.0.1:35357/', -} -``` - -Implementation --------------- - -### ceilometer - -ceilometer is a combination of Puppet manifests and Ruby code to deliver configuration and -extra functionality through types and providers. - -### Types - -#### ceilometer_config - -The `ceilometer_config` provider is a children of the ini_setting provider. It allows one to write an entry in the `/etc/ceilometer/ceilometer.conf` file. - -```puppet -ceilometer_config { 'DEFAULT/verbose' : - value => true, -} -``` - -This will write `verbose=true` in the `[DEFAULT]` section. - -##### name - -Section/setting name to manage from `ceilometer.conf` - -##### value - -The value of the setting to be defined. - -##### secret - -Whether to hide the value from Puppet logs. Defaults to `false`. - -##### ensure_absent_val - -If value is equal to ensure_absent_val then the resource will behave as if `ensure => absent` was specified. Defaults to `` - -Limitations ------------ - -* The ceilometer modules have only been tested on RedHat and Ubuntu family systems. - -Beaker-Rspec ------------- - -This module has beaker-rspec tests - -To run: - -``shell -bundle install -bundle exec rspec spec/acceptance -`` - -Development ------------ - -Developer documentation for the entire puppet-openstack project - -* https://wiki.openstack.org/wiki/Puppet-openstack#Developer_documentation - -Contributors ------------- - -* https://github.com/openstack/puppet-ceilometer/graphs/contributors - -This is the ceilometer module. diff --git a/ceilometer/Rakefile b/ceilometer/Rakefile deleted file mode 100644 index 168d10814..000000000 --- a/ceilometer/Rakefile +++ /dev/null @@ -1 +0,0 @@ -require 'puppet-openstack_spec_helper/rake_tasks' diff --git a/ceilometer/examples/ceilometer_with_gnocchi.pp b/ceilometer/examples/ceilometer_with_gnocchi.pp deleted file mode 100644 index bf47a6170..000000000 --- a/ceilometer/examples/ceilometer_with_gnocchi.pp +++ /dev/null @@ -1,40 +0,0 @@ -class { '::ceilometer': - metering_secret => 'secrete', - rabbit_userid => 'ceilometer', - rabbit_password => 'an_even_bigger_secret', - rabbit_host => '127.0.0.1', -} -class { '::ceilometer::db::mysql': - password => 'a_big_secret', -} -class { '::ceilometer::db': - database_connection => 'mysql://ceilometer:a_big_secret@127.0.0.1/ceilometer?charset=utf8', -} -class { '::ceilometer::keystone::auth': - password => 'a_big_secret', -} -class { '::ceilometer::client': } -class { '::ceilometer::expirer': } -class { '::ceilometer::agent::central': } -class { '::ceilometer::agent::notification': } -class { '::ceilometer::api': - enabled => true, - keystone_password => 'a_big_secret', - keystone_identity_uri => 'http://127.0.0.1:35357/', - service_name => 'httpd', -} -include ::apache -class { '::ceilometer::wsgi::apache': - ssl => false, -} - -class { '::ceilometer::collector': - meter_dispatcher => ['gnocchi'], -} -class { '::ceilometer::dispatcher::gnocchi': - filter_service_activity => false, - filter_project => 'gnocchi_swift', - url => 'https://gnocchi:8041', - archive_policy => 'high', - resources_definition_file => 'gnocchi.yaml', -} diff --git a/ceilometer/examples/site.pp b/ceilometer/examples/site.pp deleted file mode 100644 index 3d3616e77..000000000 --- a/ceilometer/examples/site.pp +++ /dev/null @@ -1,84 +0,0 @@ -node default { - Exec { - path => ['/usr/bin', '/bin', '/usr/sbin', '/sbin'] - } - - # First, install a mysql server - class { '::mysql::server': } - # And create the database - class { '::ceilometer::db::mysql': - password => 'ceilometer', - } - - # Add the base ceilometer class & parameters - # This class is required by ceilometer agents & api classes - # The metering_secret parameter is mandatory - class { '::ceilometer': - metering_secret => 'darksecret' - } - - # Configure the ceilometer database - # Only needed if ceilometer::agent::central or ceilometer::api are declared - class { '::ceilometer::db': - } - - # Configure ceilometer database with mongodb - - # class { '::ceilometer::db': - # database_connection => 'mongodb://localhost:27017/ceilometer', - # require => Class['mongodb'], - # } - - # Install the ceilometer-api service - # The keystone_password parameter is mandatory - class { '::ceilometer::api': - keystone_password => 'tralalayouyou' - } - - # Set common auth parameters used by all agents (compute/central) - class { '::ceilometer::agent::auth': - auth_url => 'http://localhost:35357/v2.0', - auth_password => 'tralalerotralala' - } - - # Install polling agent - # Can be used instead of central, compute or ipmi agent - # class { 'ceilometer::agent::polling': - # central_namespace => true, - # compute_namespace => false, - # ipmi_namespace => false - # } - # class { 'ceilometer::agent::polling': - # central_namespace => false, - # compute_namespace => true, - # ipmi_namespace => false - # } - # class { 'ceilometer::agent::polling': - # central_namespace => false, - # compute_namespace => false, - # ipmi_namespace => true - # } - # As default use central and compute polling namespaces - class { '::ceilometer::agent::polling': - central_namespace => true, - compute_namespace => true, - ipmi_namespace => false, - } - - # Install compute agent (deprecated) - # default: enable - # class { 'ceilometer::agent::compute': - # } - - # Install central agent (deprecated) - # class { 'ceilometer::agent::central': - # } - - # Purge old meters - class { '::ceilometer::expirer': } - - # Install notification agent - class { '::ceilometer::agent::notification': - } - -} diff --git a/ceilometer/lib/puppet/provider/ceilometer_api_paste_ini/ini_setting.rb b/ceilometer/lib/puppet/provider/ceilometer_api_paste_ini/ini_setting.rb deleted file mode 100644 index 5ff506b3f..000000000 --- a/ceilometer/lib/puppet/provider/ceilometer_api_paste_ini/ini_setting.rb +++ /dev/null @@ -1,27 +0,0 @@ -Puppet::Type.type(:ceilometer_api_paste_ini).provide( - :ini_setting, - :parent => Puppet::Type.type(:ini_setting).provider(:ruby) -) do - - def section - resource[:name].split('/', 2).first - end - - def setting - resource[:name].split('/', 2).last - end - - def separator - '=' - end - - def self.file_path - '/etc/ceilometer/api-paste.ini' - end - - # added for backwards compatibility with older versions of inifile - def file_path - self.class.file_path - end - -end diff --git a/ceilometer/lib/puppet/provider/ceilometer_config/openstackconfig.rb b/ceilometer/lib/puppet/provider/ceilometer_config/openstackconfig.rb deleted file mode 100644 index bce4c3b45..000000000 --- a/ceilometer/lib/puppet/provider/ceilometer_config/openstackconfig.rb +++ /dev/null @@ -1,13 +0,0 @@ -Puppet::Type.type(:ceilometer_config).provide( - :openstackconfig, - :parent => Puppet::Type.type(:openstack_config).provider(:ruby) -) do - - def self.file_path - '/etc/ceilometer/ceilometer.conf' - end - - def file_path - self.class.file_path - end -end diff --git a/ceilometer/lib/puppet/type/ceilometer_api_paste_ini.rb b/ceilometer/lib/puppet/type/ceilometer_api_paste_ini.rb deleted file mode 100644 index ad0ebf2e9..000000000 --- a/ceilometer/lib/puppet/type/ceilometer_api_paste_ini.rb +++ /dev/null @@ -1,52 +0,0 @@ -Puppet::Type.newtype(:ceilometer_api_paste_ini) do - - ensurable - - newparam(:name, :namevar => true) do - desc 'Section/setting name to manage from /etc/ceilometer/api-paste.ini' - newvalues(/\S+\/\S+/) - end - - newproperty(:value) do - desc 'The value of the setting to be defined.' - munge do |value| - value = value.to_s.strip - value.capitalize! if value =~ /^(true|false)$/i - value - end - - def is_to_s( currentvalue ) - if resource.secret? - return '[old secret redacted]' - else - return currentvalue - end - end - - def should_to_s( newvalue ) - if resource.secret? - return '[new secret redacted]' - else - return newvalue - end - end - end - - newparam(:secret, :boolean => true) do - desc 'Whether to hide the value from Puppet logs. Defaults to `false`.' - - newvalues(:true, :false) - - defaultto false - end - - newparam(:ensure_absent_val) do - desc 'A value that is specified as the value property will behave as if ensure => absent was specified' - defaultto('') - end - - autorequire(:package) do - 'ceilometer' - end - -end diff --git a/ceilometer/lib/puppet/type/ceilometer_config.rb b/ceilometer/lib/puppet/type/ceilometer_config.rb deleted file mode 100644 index 404551ce2..000000000 --- a/ceilometer/lib/puppet/type/ceilometer_config.rb +++ /dev/null @@ -1,65 +0,0 @@ -Puppet::Type.newtype(:ceilometer_config) do - - ensurable - - newparam(:name, :namevar => true) do - desc 'Section/setting name to manage from ceilometer.conf' - newvalues(/\S+\/\S+/) - end - - newproperty(:value, :array_matching => :all) do - desc 'The value of the setting to be defined.' - def insync?(is) - puts is - return true if @should.empty? - return false unless is.is_a? Array - return false unless is.length == @should.length - # we don't care about the order of items in array, hence - # it is necessary to override insync - return ( - is & @should == is or - is & @should.map(&:to_s) == is - ) - end - munge do |value| - value = value.to_s.strip - value.capitalize! if value =~ /^(true|false)$/i - value - end - newvalues(/^[\S ]*$/) - - def is_to_s( currentvalue ) - if resource.secret? - return '[old secret redacted]' - else - return currentvalue - end - end - - def should_to_s( newvalue ) - if resource.secret? - return '[new secret redacted]' - else - return newvalue - end - end - end - - newparam(:secret, :boolean => true) do - desc 'Whether to hide the value from Puppet logs. Defaults to `false`.' - - newvalues(:true, :false) - - defaultto false - end - - newparam(:ensure_absent_val) do - desc 'A value that is specified as the value property will behave as if ensure => absent was specified' - defaultto('') - end - - autorequire(:package) do - 'ceilometer-common' - end - -end diff --git a/ceilometer/manifests/agent/auth.pp b/ceilometer/manifests/agent/auth.pp deleted file mode 100644 index db14d557d..000000000 --- a/ceilometer/manifests/agent/auth.pp +++ /dev/null @@ -1,94 +0,0 @@ -# == Class: ceilometer::agent::auth -# -# The ceilometer::agent::auth class helps configure common -# auth settings for the agents. -# -# === Parameters: -# -# [*auth_url*] -# (Optional) the keystone public endpoint -# Defaults to 'http://localhost:5000'. -# -# [*auth_region*] -# (Optional) the keystone region of this node -# Defaults to $::os_service_default. -# -# [*auth_user*] -# (Optional) the keystone user for ceilometer services -# Defaults to 'ceilometer'. -# -# [*auth_password*] -# (Required) the keystone password for ceilometer services -# -# [*auth_tenant_name*] -# (Optional) the keystone tenant name for ceilometer services -# Defaults to 'services'. -# -# [*auth_tenant_id*] -# (Optional) the keystone tenant id for ceilometer services. -# Defaults to undef. -# -# [*auth_cacert*] -# (Optional) Certificate chain for SSL validation. -# Defaults to 'None'. -# -# [*auth_endpoint_type*] -# (Optional) Type of endpoint in Identity service catalog to use for -# communication with OpenStack services. -# Defaults to undef. -# -# [*auth_user_domain_name*] -# (Optional) domain name for auth user. -# Defaults to 'Default'. -# -# [*auth_project_domain_name*] -# (Optional) domain name for auth project. -# Defaults to 'Default'. -# -# [*auth_type*] -# (Optional) Authentication type to load. -# Defaults to 'password'. -# -class ceilometer::agent::auth ( - $auth_password, - $auth_url = 'http://localhost:5000', - $auth_region = $::os_service_default, - $auth_user = 'ceilometer', - $auth_tenant_name = 'services', - $auth_tenant_id = undef, - $auth_cacert = undef, - $auth_endpoint_type = undef, - $auth_user_domain_name = 'Default', - $auth_project_domain_name = 'Default', - $auth_type = 'password', -) { - - if ! $auth_cacert { - ceilometer_config { 'service_credentials/ca_file': ensure => absent } - } else { - ceilometer_config { 'service_credentials/ca_file': value => $auth_cacert } - } - - ceilometer_config { - 'service_credentials/auth_url' : value => $auth_url; - 'service_credentials/region_name' : value => $auth_region; - 'service_credentials/username' : value => $auth_user; - 'service_credentials/password' : value => $auth_password, secret => true; - 'service_credentials/project_name' : value => $auth_tenant_name; - 'service_credentials/user_domain_name' : value => $auth_user_domain_name; - 'service_credentials/project_domain_name': value => $auth_project_domain_name; - 'service_credentials/auth_type' : value => $auth_type; - } - - if $auth_tenant_id { - ceilometer_config { - 'service_credentials/project_id' : value => $auth_tenant_id; - } - } - - if $auth_endpoint_type { - ceilometer_config { - 'service_credentials/interface' : value => $auth_endpoint_type; - } - } -} diff --git a/ceilometer/manifests/agent/central.pp b/ceilometer/manifests/agent/central.pp deleted file mode 100644 index 11c214896..000000000 --- a/ceilometer/manifests/agent/central.pp +++ /dev/null @@ -1,64 +0,0 @@ -# == Class: ceilometer::agent::central -# -# Installs/configures the ceilometer central agent -# -# === Parameters: -# -# [*enabled*] -# (Optional) Should the service be enabled. -# Defaults to true. -# -# [*manage_service*] -# (Optional) Whether the service should be managed by Puppet. -# Defaults to true. -# -# [*package_ensure*] -# (Optional) ensure state for package. -# Defaults to 'present'. -# -# [*coordination_url*] -# (Optional) The url to use for distributed group membership coordination. -# Defaults to undef. -# - -class ceilometer::agent::central ( - $manage_service = true, - $enabled = true, - $package_ensure = 'present', - $coordination_url = undef, -) { - - include ::ceilometer::params - - Ceilometer_config<||> ~> Service['ceilometer-agent-central'] - - Package['ceilometer-agent-central'] -> Service['ceilometer-agent-central'] - package { 'ceilometer-agent-central': - ensure => $package_ensure, - name => $::ceilometer::params::agent_central_package_name, - tag => ['openstack', 'ceilometer-package'], - } - - if $manage_service { - if $enabled { - $service_ensure = 'running' - } else { - $service_ensure = 'stopped' - } - } - - Package['ceilometer-common'] -> Service['ceilometer-agent-central'] - service { 'ceilometer-agent-central': - ensure => $service_ensure, - name => $::ceilometer::params::agent_central_service_name, - enable => $enabled, - hasstatus => true, - hasrestart => true, - tag => 'ceilometer-service', - } - - if $coordination_url { - ensure_resource('ceilometer_config', 'coordination/backend_url', - {'value' => $coordination_url}) - } -} diff --git a/ceilometer/manifests/agent/compute.pp b/ceilometer/manifests/agent/compute.pp deleted file mode 100644 index 0f3a5081b..000000000 --- a/ceilometer/manifests/agent/compute.pp +++ /dev/null @@ -1,67 +0,0 @@ -# == Class: ceilometer::agent::compute -# -# The ceilometer::agent::compute class installs the ceilometer compute agent -# Include this class on all nova compute nodes -# -# === Parameters: -# -# [*enabled*] -# (Optional) Should the service be enabled. -# Defaults to true. -# -# [*manage_service*] -# (Optional) Whether the service should be managed by Puppet. -# Defaults to true. -# -# [*package_ensure*] -# (Optional) ensure state for package. -# Defaults to 'present'. -# -class ceilometer::agent::compute ( - $manage_service = true, - $enabled = true, - $package_ensure = 'present', -) inherits ceilometer { - - warning('This class is deprecated. Please use ceilometer::agent::polling with compute namespace instead.') - - include ::ceilometer::params - - Ceilometer_config<||> ~> Service['ceilometer-agent-compute'] - - Package['ceilometer-agent-compute'] -> Service['ceilometer-agent-compute'] - package { 'ceilometer-agent-compute': - ensure => $package_ensure, - name => $::ceilometer::params::agent_compute_package_name, - tag => ['openstack', 'ceilometer-package'], - } - - if $::ceilometer::params::libvirt_group { - User['ceilometer'] { - groups => ['nova', $::ceilometer::params::libvirt_group] - } - } else { - User['ceilometer'] { - groups => ['nova'] - } - } - - if $manage_service { - if $enabled { - $service_ensure = 'running' - } else { - $service_ensure = 'stopped' - } - } - - Package <| title == 'nova-common' |> -> Package['ceilometer-common'] -> Service['ceilometer-agent-compute'] - service { 'ceilometer-agent-compute': - ensure => $service_ensure, - name => $::ceilometer::params::agent_compute_service_name, - enable => $enabled, - hasstatus => true, - hasrestart => true, - tag => 'ceilometer-service', - } - -} diff --git a/ceilometer/manifests/agent/notification.pp b/ceilometer/manifests/agent/notification.pp deleted file mode 100644 index 3b896cc51..000000000 --- a/ceilometer/manifests/agent/notification.pp +++ /dev/null @@ -1,110 +0,0 @@ -# -# Copyright (C) 2014 eNovance SAS -# -# Author: Emilien Macchi -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. You may obtain -# a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the -# License for the specific language governing permissions and limitations -# under the License. -# -# == Class: ceilometer::agent::notification -# -# Configure the ceilometer notification agent. -# This configures the plugin for the API server, but does nothing -# about configuring the agents that must also run and share a config -# file with the OVS plugin if both are on the same machine. -# -# === Parameters: -# -# [*enabled*] -# (Optional) Should the service be enabled. -# Defaults to true. -# -# [*manage_service*] -# (Optional) Whether the service should be managed by Puppet. -# Defaults to true. -# -# [*ack_on_event_error*] -# (Optional) Acknowledge message when event persistence fails. -# Defaults to true. -# -# [*store_events*] -# (Optional) Save event details. -# Defaults to false. -# -# [*disable_non_metric_meters*] -# (Optional) Disable or enable the collection of non-metric meters. -# Default to $::os_service_default. -# -# [*notification_workers*] -# (Optional) Number of workers for notification service (integer value). -# Defaults to $::os_service_default. -# -# [*messaging_urls*] -# (Optional) Messaging urls to listen for notifications. (Array of urls) -# The format should be transport://user:pass@host1:port[,hostN:portN]/virtual_host -# Defaults to $::os_service_default. -# -# [*package_ensure*] -# (Optional) ensure state for package. -# Defaults to 'present'. -# -class ceilometer::agent::notification ( - $manage_service = true, - $enabled = true, - $ack_on_event_error = true, - $store_events = false, - $disable_non_metric_meters = $::os_service_default, - $notification_workers = $::os_service_default, - $messaging_urls = $::os_service_default, - $package_ensure = 'present', -) { - - include ::ceilometer::params - - Ceilometer_config<||> ~> Service['ceilometer-agent-notification'] - - Package[$::ceilometer::params::agent_notification_package_name] -> - Service['ceilometer-agent-notification'] - - ensure_resource('package', [$::ceilometer::params::agent_notification_package_name], - { - ensure => $package_ensure, - tag => 'openstack' - } - ) - - if $manage_service { - if $enabled { - $service_ensure = 'running' - } else { - $service_ensure = 'stopped' - } - } - - Package['ceilometer-common'] -> Service['ceilometer-agent-notification'] - service { 'ceilometer-agent-notification': - ensure => $service_ensure, - name => $::ceilometer::params::agent_notification_service_name, - enable => $enabled, - hasstatus => true, - hasrestart => true, - tag => 'ceilometer-service' - } - - ceilometer_config { - 'notification/ack_on_event_error' : value => $ack_on_event_error; - 'notification/store_events' : value => $store_events; - 'notification/disable_non_metric_meters': value => $disable_non_metric_meters; - 'notification/workers' : value => $notification_workers; - 'notification/messaging_urls' : value => $messaging_urls; - } -} diff --git a/ceilometer/manifests/agent/polling.pp b/ceilometer/manifests/agent/polling.pp deleted file mode 100644 index 63317fd32..000000000 --- a/ceilometer/manifests/agent/polling.pp +++ /dev/null @@ -1,112 +0,0 @@ -# == Class: ceilometer::agent::polling -# -# Installs/configures the ceilometer polling agent -# -# === Parameters: -# -# [*enabled*] -# (Optional) Should the service be enabled. -# Defaults to true. -# -# [*manage_service*] -# (Optional) Whether the service should be managed by Puppet. -# Defaults to true. -# -# [*package_ensure*] -# (Optional) ensure state for package. -# Defaults to 'present' -# -# [*central_namespace*] -# (Optional) Use central namespace for polling agent. -# Defaults to true. -# -# [*compute_namespace*] -# (Optional) Use compute namespace for polling agent. -# Defaults to true. -# -# [*ipmi_namespace*] -# (Optional) Use ipmi namespace for polling agent. -# Defaults to true. -# -# [*coordination_url*] -# (Optional) The url to use for distributed group membership coordination. -# Defaults to undef. -# -class ceilometer::agent::polling ( - $manage_service = true, - $enabled = true, - $package_ensure = 'present', - $central_namespace = true, - $compute_namespace = true, - $ipmi_namespace = true, - $coordination_url = undef, -) inherits ceilometer { - - include ::ceilometer::params - - if $central_namespace { - $central_namespace_name = 'central' - } - - if $compute_namespace { - if $::ceilometer::params::libvirt_group { - User['ceilometer'] { - groups => ['nova', $::ceilometer::params::libvirt_group] - } - } else { - User['ceilometer'] { - groups => ['nova'] - } - } - - $compute_namespace_name = 'compute' - - Package <| title == 'nova-common' |> -> Package['ceilometer-common'] - } - - if $ipmi_namespace { - $ipmi_namespace_name = 'ipmi' - } - - if $manage_service { - if $enabled { - $service_ensure = 'running' - } else { - $service_ensure = 'stopped' - } - } - - $namespaces = [$central_namespace_name, $compute_namespace_name, $ipmi_namespace_name] - $namespaces_real = inline_template('<%= @namespaces.find_all {|x| x !~ /^undef/ }.join "," %>') - - package { 'ceilometer-polling': - ensure => $package_ensure, - name => $::ceilometer::params::agent_polling_package_name, - tag => ['openstack', 'ceilometer-package'], - } - - if $namespaces_real { - ceilometer_config { - 'DEFAULT/polling_namespaces': value => $namespaces_real - } - } - - Ceilometer_config<||> ~> Service['ceilometer-polling'] - Package['ceilometer-polling'] -> Service['ceilometer-polling'] - Package['ceilometer-common'] -> Service['ceilometer-polling'] - - service { 'ceilometer-polling': - ensure => $service_ensure, - name => $::ceilometer::params::agent_polling_service_name, - enable => $enabled, - hasstatus => true, - hasrestart => true, - tag => 'ceilometer-service', - } - - if $coordination_url { - ceilometer_config { - 'coordination/backend_url': value => $coordination_url - } - } -} diff --git a/ceilometer/manifests/alarm/evaluator.pp b/ceilometer/manifests/alarm/evaluator.pp deleted file mode 100644 index 1c1dcd71b..000000000 --- a/ceilometer/manifests/alarm/evaluator.pp +++ /dev/null @@ -1,47 +0,0 @@ -# == Deprecated class: ceilometer::alarm::evaluator -# -# Installs the ceilometer alarm evaluator service -# -# === Parameters: -# -# [*enabled*] -# (Optional) Should the service be enabled. -# Defaults to undef. -# -# [*manage_service*] -# (Optional) Whether the service should be managed by Puppet. -# Defaults to undef. -# -# [*evaluation_interval*] -# (Optional) Define the time interval for the alarm evaluator -# Defaults to undef. -# -# [*evaluation_service*] -# (Optional) Define which service use for the evaluator -# Defaults to undef. -# -# [*partition_rpc_topic*] -# (Optional) Define which topic the alarm evaluator should access -# Defaults to undef. -# -# [*record_history*] -# (Optional) Record alarm change events -# Defaults to undef. -# -# [*coordination_url*] -# (Optional) The url to use for distributed group membership coordination. -# Defaults to undef. -# -class ceilometer::alarm::evaluator ( - $manage_service = undef, - $enabled = undef, - $evaluation_interval = undef, - $evaluation_service = undef, - $partition_rpc_topic = undef, - $record_history = undef, - $coordination_url = undef, -) { - - warning('Class is deprecated and will be removed. Use Aodh module to deploy Alarm Evaluator service') - -} diff --git a/ceilometer/manifests/alarm/notifier.pp b/ceilometer/manifests/alarm/notifier.pp deleted file mode 100644 index c90f6d4a7..000000000 --- a/ceilometer/manifests/alarm/notifier.pp +++ /dev/null @@ -1,42 +0,0 @@ -# == Deprecated class: ceilometer::alarm::notifier -# -# Installs the ceilometer alarm notifier service -# -# === Parameters: -# -# [*enabled*] -# (Optional) Should the service be enabled. -# Defaults to undef. -# -# [*manage_service*] -# (Optional) Whether the service should be managed by Puppet. -# Defaults to undef. -# -# [*notifier_rpc_topic*] -# (Optional) Define on which topic the notifier will have access. -# Defaults to undef. -# -# [*rest_notifier_certificate_key*] -# (Optional) Define the certificate key for the rest service. -# Defaults to undef. -# -# [*rest_notifier_certificate_file*] -# (optional) Define the certificate file for the rest service. -# Defaults to undef. -# -# [*rest_notifier_ssl_verify*] -# (optional) Should the ssl verify parameter be enabled. -# Defaults to undef. -# -class ceilometer::alarm::notifier ( - $manage_service = undef, - $enabled = undef, - $notifier_rpc_topic = undef, - $rest_notifier_certificate_key = undef, - $rest_notifier_certificate_file = undef, - $rest_notifier_ssl_verify = undef, -) { - - warning('Class is deprecated and will be removed. Use Aodh module to deploy Alarm Notifier service') - -} diff --git a/ceilometer/manifests/api.pp b/ceilometer/manifests/api.pp deleted file mode 100644 index 5f43e4bd9..000000000 --- a/ceilometer/manifests/api.pp +++ /dev/null @@ -1,171 +0,0 @@ -# == Class: ceilometer::api -# -# Installs & configure the Ceilometer api service -# -# === Parameters -# -# [*enabled*] -# (Optional) Should the service be enabled. -# Defaults to true. -# -# [*manage_service*] -# (Optional) Whether the service should be managed by Puppet. -# Defaults to true. -# -# [*keystone_user*] -# (optional) The name of the auth user -# Defaults to ceilometer. -# -# [*keytone_user*] -# (Optional) User to authenticate with. -# Defaults to 'ceilometer'. -# -# [*keystone_tenant*] -# (Optional) Tenant to authenticate with. -# Defaults to 'services'. -# -# [*keystone_password*] -# (Required) Password to authenticate with. -# -# [*auth_uri*] -# (Optional) Public Identity API endpoint. -# Defaults to 'http://127.0.0.1:5000/'. -# -# [*identity_uri*] -# (Optional) Complete admin Identity API endpoint. -# Defaults to 'http://127.0.0.1:35357/'. -# -# [*host*] -# (Optional) The ceilometer api bind address. -# Defaults to '0.0.0.0'. -# -# [*port*] -# (Optional) The ceilometer api port. -# Defaults to 8777. -# -# [*package_ensure*] -# (Optional) ensure state for package. -# Defaults to 'present'. -# -# [*service_name*] -# (Optional) Name of the service that will be providing the -# server functionality of ceilometer-api. -# If the value is 'httpd', this means ceilometer-api will be a web -# service, and you must use another class to configure that -# web service. For example, use class { 'ceilometer::wsgi::apache'...} -# to make ceilometer-api be a web app using apache mod_wsgi. -# Defaults to '$::ceilometer::params::api_service_name'. -# -# [*api_workers*] -# (Optional) Number of workers for Ceilometer API server (integer value). -# Defaults to $::os_service_default. -# -# [*keystone_auth_uri*] -# (optional) DEPRECATED Public Identity API endpoint. -# Defaults to false. -# Use auth_uri instead. -# -# [*keystone_identity_uri*] -# (optional) DEPRECATED Complete admin Identity API endpoint. -# Defaults to false. -# Use identity_uri instead. -# -class ceilometer::api ( - $manage_service = true, - $enabled = true, - $package_ensure = 'present', - $keystone_user = 'ceilometer', - $keystone_tenant = 'services', - $keystone_password = false, - $auth_uri = 'http://127.0.0.1:5000/', - $identity_uri = 'http://127.0.0.1:35357/', - $host = '0.0.0.0', - $port = '8777', - $service_name = $::ceilometer::params::api_service_name, - $api_workers = $::os_service_default, - # DEPRECATED PARAMETERS - $keystone_auth_uri = false, - $keystone_identity_uri = false, -) inherits ceilometer::params { - - include ::ceilometer::params - include ::ceilometer::policy - - validate_string($keystone_password) - - Ceilometer_config<||> ~> Service[$service_name] - Class['ceilometer::policy'] ~> Service[$service_name] - - Package['ceilometer-api'] -> Service[$service_name] - Package['ceilometer-api'] -> Class['ceilometer::policy'] - package { 'ceilometer-api': - ensure => $package_ensure, - name => $::ceilometer::params::api_package_name, - tag => ['openstack', 'ceilometer-package'], - } - - if $manage_service { - if $enabled { - $service_ensure = 'running' - } else { - $service_ensure = 'stopped' - } - } - - Package['ceilometer-common'] -> Service[$service_name] - - if $service_name == $::ceilometer::params::api_service_name { - service { 'ceilometer-api': - ensure => $service_ensure, - name => $::ceilometer::params::api_service_name, - enable => $enabled, - hasstatus => true, - hasrestart => true, - require => Class['ceilometer::db'], - tag => 'ceilometer-service', - } - } elsif $service_name == 'httpd' { - include ::apache::params - service { 'ceilometer-api': - ensure => 'stopped', - name => $::ceilometer::params::api_service_name, - enable => false, - tag => 'ceilometer-service', - } - Class['ceilometer::db'] -> Service[$service_name] - - # we need to make sure ceilometer-api/eventlet is stopped before trying to start apache - Service['ceilometer-api'] -> Service[$service_name] - } else { - fail('Invalid service_name. Either ceilometer/openstack-ceilometer-api for running as a standalone service, or httpd for being run by a httpd server') - } - - ceilometer_config { - 'api/workers' : value => $api_workers; - 'keystone_authtoken/admin_tenant_name' : value => $keystone_tenant; - 'keystone_authtoken/admin_user' : value => $keystone_user; - 'keystone_authtoken/admin_password' : value => $keystone_password, secret => true; - 'api/host' : value => $host; - 'api/port' : value => $port; - } - - if $keystone_auth_uri { - warning('The keystone_auth_uri parameter is deprecated. Please use auth_uri instead.') - $auth_uri_real = $keystone_auth_uri - } else { - $auth_uri_real = $auth_uri - } - - if $keystone_identity_uri { - warning('The keystone_identity_uri parameter is deprecated. Please use identity_uri instead.') - $identity_uri_real = $keystone_identity_uri - } else { - $identity_uri_real = $identity_uri - } - - ceilometer_config { - 'keystone_authtoken/auth_uri' : value => $auth_uri_real; - 'keystone_authtoken/identity_uri' : value => $identity_uri_real; - } - -} diff --git a/ceilometer/manifests/client.pp b/ceilometer/manifests/client.pp deleted file mode 100644 index 4e8425f7c..000000000 --- a/ceilometer/manifests/client.pp +++ /dev/null @@ -1,24 +0,0 @@ -# == Class: ceilometer::client -# -# Installs the ceilometer python library. -# -# === Parameters: -# -# [*ensure*] -# (Optional) Ensure state for pachage. -# Defaults to 'present'. -# -class ceilometer::client ( - $ensure = 'present' -) { - - include ::ceilometer::params - - package { 'python-ceilometerclient': - ensure => $ensure, - name => $::ceilometer::params::client_package_name, - tag => 'openstack', - } - -} - diff --git a/ceilometer/manifests/collector.pp b/ceilometer/manifests/collector.pp deleted file mode 100644 index 10d3d8a90..000000000 --- a/ceilometer/manifests/collector.pp +++ /dev/null @@ -1,93 +0,0 @@ -# == Class: ceilometer::params -# -# Installs the ceilometer collector service -# -# === Parameters: -# -# [*enabled*] -# (Optional) Should the service be enabled. -# Defaults to true. -# -# [*manage_service*] -# (Optional) Whether the service should be managed by Puppet. -# Defaults to true. -# -# [*package_ensure*] -# (Optional) ensure state for package. -# Defaults to 'present'. -# -# [*udp_address*] -# (Optional) the ceilometer collector udp bind address. -# Set it empty to disable the collector listener. -# Defaults to '0.0.0.0'. -# -# [*udp_port*] -# (Optional) the ceilometer collector udp bind port. -# Defaults to '4952'. -# -# [*meter_dispatcher*] -# (Optional) dispatcher driver(s) to process meter data. -# Can be an array or a string. -# Defaults to 'database'. -# -# [*event_dispatcher*] -# (Optional) dispatcher driver(s) to process event data. -# Can be an array or a string. -# Defaults to 'database'. -# -# [*collector_workers*] -# (Optional) Number of workers for collector service (integer value). -# Defaults to $::os_service_default. -# -class ceilometer::collector ( - $manage_service = true, - $enabled = true, - $package_ensure = 'present', - $udp_address = '0.0.0.0', - $udp_port = '4952', - $collector_workers = $::os_service_default, - $meter_dispatcher = 'database', - $event_dispatcher = 'database', -) { - - include ::ceilometer::params - - Ceilometer_config<||> ~> Service['ceilometer-collector'] - - # We accept udp_address to be set to empty instead of the usual undef to stay - # close to the "strange" upstream interface. - if (is_ip_address($udp_address) != true and $udp_address != '' ){ - fail("${udp_address} is not a valid ip and is not empty") - } - - ceilometer_config { - 'collector/udp_address': value => $udp_address; - 'collector/udp_port': value => $udp_port; - 'collector/workers': value => $collector_workers; - 'DEFAULT/meter_dispatchers': value => join(any2array($meter_dispatcher), ','); - 'DEFAULT/event_dispatchers': value => join(any2array($event_dispatcher), ','); - } - - Package[$::ceilometer::params::collector_package_name] -> Service['ceilometer-collector'] - ensure_resource( 'package', [$::ceilometer::params::collector_package_name], - { ensure => $package_ensure } - ) - - if $manage_service { - if $enabled { - $service_ensure = 'running' - } else { - $service_ensure = 'stopped' - } - } - - Package['ceilometer-common'] -> Service['ceilometer-collector'] - service { 'ceilometer-collector': - ensure => $service_ensure, - name => $::ceilometer::params::collector_service_name, - enable => $enabled, - hasstatus => true, - hasrestart => true, - tag => 'ceilometer-service' - } -} diff --git a/ceilometer/manifests/config.pp b/ceilometer/manifests/config.pp deleted file mode 100644 index 255dab208..000000000 --- a/ceilometer/manifests/config.pp +++ /dev/null @@ -1,38 +0,0 @@ -# == Class: ceilometer::config -# -# This class is used to manage arbitrary ceilometer configurations. -# -# === Parameters -# -# [*ceilometer_config*] -# (optional) Allow configuration of ceilometer.conf. -# -# The value is an hash of ceilometer_config resource. Example: -# { 'DEFAULT/foo' => { value => 'fooValue'}, -# 'DEFAULT/bar' => { value => 'barValue'} -# } -# -# In yaml format, Example: -# ceilometer_config: -# DEFAULT/foo: -# value: fooValue -# DEFAULT/bar: -# value: barValue -# -# [*ceilometer_api_paste_ini*] -# (optional) Allow configuration of /etc/ceilometer/api-paste.ini options. -# -# NOTE: The configuration MUST NOT be already handled by this module -# or Puppet catalog compilation will fail with duplicate resources. -# -class ceilometer::config ( - $ceilometer_config = {}, - $ceilometer_api_paste_ini = {}, -) { - - validate_hash($ceilometer_config) - validate_hash($ceilometer_api_paste_ini) - - create_resources('ceilometer_config', $ceilometer_config) - create_resources('ceilometer_api_paste_ini', $ceilometer_api_paste_ini) -} diff --git a/ceilometer/manifests/db.pp b/ceilometer/manifests/db.pp deleted file mode 100644 index 4818ddd9f..000000000 --- a/ceilometer/manifests/db.pp +++ /dev/null @@ -1,119 +0,0 @@ -# == Class: ceilometer::db -# -# Configures the ceilometer database -# This class will install the required libraries depending on the driver -# specified in the connection_string parameter -# -# === Parameters: -# -# [*database_connection*] -# (Optional) Url used to connect to database. -# Defaults to 'mysql://ceilometer:ceilometer@localhost/ceilometer'. -# -# [*database_idle_timeout*] -# (Optional) Timeout when db connections should be reaped. -# Defaults to $::os_service_default. -# -# [*database_min_pool_size*] -# (Optional) Minimum number of SQL connections to keep open in a pool. -# Defaults to $::os_service_default. -# -# [*database_max_pool_size*] -# (Optional) Maximum number of SQL connections to keep open in a pool. -# Defaults to $::os_service_default. -# -# [*database_max_retries*] -# (Optional) Maximum db connection retries during startup. -# Setting -1 implies an infinite retry count. -# Defaults to $::os_service_default. -# -# [*database_retry_interval*] -# (Optional) Interval between retries of opening a sql connection. -# Defaults to $::os_service_default. -# -# [*database_max_overflow*] -# (Optional) If set, use this value for max_overflow with sqlalchemy. -# Defaults to $::os_service_default. -# -# [*mongodb_replica_set*] -# (Optional) DEPRECATED. The name of the replica set which is used to connect to MongoDB -# database. If it is set, MongoReplicaSetClient will be used instead -# of MongoClient. -# Defaults to undef (string value). -# -# [*sync_db*] -# (Optional) enable dbsync. -# Defaults to true. -# -class ceilometer::db ( - $database_connection = 'mysql://ceilometer:ceilometer@localhost/ceilometer', - $database_idle_timeout = $::os_service_default, - $database_min_pool_size = $::os_service_default, - $database_max_pool_size = $::os_service_default, - $database_max_retries = $::os_service_default, - $database_retry_interval = $::os_service_default, - $database_max_overflow = $::os_service_default, - $sync_db = true, - # DEPRECATED PARAMETERS - $mongodb_replica_set = undef, -) { - - include ::ceilometer::params - - Package<| title == 'ceilometer-common' |> -> Class['ceilometer::db'] - - if $mongodb_replica_set { - warning('mongodb_replica_set parameter is deprecated in Mitaka and has no effect. Add ?replicaSet=myreplicatset in database_connection instead.') - } - - validate_re($database_connection, - '^(sqlite|mysql(\+pymysql)?|postgresql|mongodb):\/\/(\S+:\S+@\S+\/\S+)?') - - case $database_connection { - /^mysql(\+pymysql)?:\/\//: { - require 'mysql::bindings' - require 'mysql::bindings::python' - if $database_connection =~ /^mysql\+pymysql/ { - $backend_package = $::ceilometer::params::pymysql_package_name - } else { - $backend_package = false - } - } - /^postgresql:\/\//: { - $backend_package = false - require 'postgresql::lib::python' - } - /^mongodb:\/\//: { - $backend_package = $::ceilometer::params::pymongo_package_name - } - /^sqlite:\/\//: { - $backend_package = $::ceilometer::params::sqlite_package_name - } - default: { - fail('Unsupported backend configured') - } - } - - if $backend_package and !defined(Package[$backend_package]) { - package {'ceilometer-backend-package': - ensure => present, - name => $backend_package, - tag => 'openstack', - } - } - - ceilometer_config { - 'database/connection': value => $database_connection, secret => true; - 'database/idle_timeout': value => $database_idle_timeout; - 'database/min_pool_size': value => $database_min_pool_size; - 'database/max_retries': value => $database_max_retries; - 'database/retry_interval': value => $database_retry_interval; - 'database/max_pool_size': value => $database_max_pool_size; - 'database/max_overflow': value => $database_max_overflow; - } - - if $sync_db { - include ::ceilometer::db::sync - } - -} diff --git a/ceilometer/manifests/db/mysql.pp b/ceilometer/manifests/db/mysql.pp deleted file mode 100644 index 9268c4a78..000000000 --- a/ceilometer/manifests/db/mysql.pp +++ /dev/null @@ -1,58 +0,0 @@ -# == Class: ceilometer::db::mysql -# -# The ceilometer::db::mysql class creates a MySQL database for ceilometer. -# It must be used on the MySQL server -# -# === Parameters: -# -# [*password*] -# (Required) password to connect to the database. -# -# [*dbname*] -# (Optional) name of the database. -# Defaults to ceilometer. -# -# [*user*] -# (Optional) user to connect to the database. -# Defaults to ceilometer. -# -# [*host*] -# (Optional) the default source host user is allowed to connect from. -# Defaults to '127.0.0.1'. -# -# [*allowed_hosts*] -# (Optional) other hosts the user is allowd to connect from. -# Defaults to undef. -# -# [*charset*] -# (Optional) the database charset. -# Defaults to 'utf8'. -# -# [*collate*] -# (Optional) the database collation. -# Defaults to 'utf8_general_ci'. -# -class ceilometer::db::mysql( - $password = false, - $dbname = 'ceilometer', - $user = 'ceilometer', - $host = '127.0.0.1', - $allowed_hosts = undef, - $charset = 'utf8', - $collate = 'utf8_general_ci', -) { - - validate_string($password) - - ::openstacklib::db::mysql { 'ceilometer': - user => $user, - password_hash => mysql_password($password), - dbname => $dbname, - host => $host, - charset => $charset, - collate => $collate, - allowed_hosts => $allowed_hosts, - } - - ::Openstacklib::Db::Mysql['ceilometer'] ~> Exec<| title == 'ceilometer-dbsync' |> -} diff --git a/ceilometer/manifests/db/postgresql.pp b/ceilometer/manifests/db/postgresql.pp deleted file mode 100644 index 851abdd83..000000000 --- a/ceilometer/manifests/db/postgresql.pp +++ /dev/null @@ -1,45 +0,0 @@ -# == Class: ceilometer::db::postgresql -# -# Class that configures postgresql for ceilometer -# Requires the Puppetlabs postgresql module. -# -# === Parameters: -# -# [*password*] -# (Required) Password to connect to the database. -# -# [*dbname*] -# (Optional) Name of the database. -# Defaults to 'ceilometer'. -# -# [*user*] -# (Optional) User to connect to the database. -# Defaults to 'ceilometer'. -# -# [*encoding*] -# (Optional) The charset to use for the database. -# Default to undef. -# -# [*privileges*] -# (Optional) Privileges given to the database user. -# Default to 'ALL'. -# -class ceilometer::db::postgresql( - $password, - $dbname = 'ceilometer', - $user = 'ceilometer', - $encoding = undef, - $privileges = 'ALL', -) { - - ::openstacklib::db::postgresql { 'ceilometer': - password_hash => postgresql_password($user, $password), - dbname => $dbname, - user => $user, - encoding => $encoding, - privileges => $privileges, - } - - ::Openstacklib::Db::Postgresql['ceilometer'] ~> Exec<| title == 'ceilometer-dbsync' |> - -} diff --git a/ceilometer/manifests/db/sync.pp b/ceilometer/manifests/db/sync.pp deleted file mode 100644 index 067af68dd..000000000 --- a/ceilometer/manifests/db/sync.pp +++ /dev/null @@ -1,32 +0,0 @@ -# == Class: ceilometer::db::sync -# -# Class to execute ceilometer dbsync -# -# === Parameters: -# -# [*extra_params*] -# (Optional) String of extra command line parameters -# to append to the ceilometer-dbsync command. -# Defaults to undef. -# -class ceilometer::db::sync( - $extra_params = undef, -) { - - include ::ceilometer::params - - Package<| tag == 'ceilometer-package' |> ~> Exec['ceilometer-dbsync'] - Exec['ceilometer-dbsync'] ~> Service <| tag == 'ceilometer-service' |> - - Ceilometer_config<||> -> Exec['ceilometer-dbsync'] - Ceilometer_config<| title == 'database/connection' |> ~> Exec['ceilometer-dbsync'] - - exec { 'ceilometer-dbsync': - command => "${::ceilometer::params::dbsync_command} ${extra_params}", - path => '/usr/bin', - user => $::ceilometer::params::user, - refreshonly => true, - logoutput => on_failure, - } - -} diff --git a/ceilometer/manifests/dispatcher/gnocchi.pp b/ceilometer/manifests/dispatcher/gnocchi.pp deleted file mode 100644 index 15e8d5061..000000000 --- a/ceilometer/manifests/dispatcher/gnocchi.pp +++ /dev/null @@ -1,45 +0,0 @@ -# == Class: ceilometer::dispatcher::gnocchi -# -# Configure Gnocchi dispatcher for Ceilometer -# -# === Parameters: -# -# [*filter_service_activity*] -# (Optional) Filter out samples generated by Gnocchi service activity. -# Defaults to $::os_service_default. -# -# [*filter_project*] -# (Optional) Gnocchi project used to filter out samples -# generated by Gnocchi service activity -# Defaults to $::os_service_default. -# -# [*url*] -# (Optional) Gnocchi URL -# Defaults to $::os_service_default. -# -# [*archive_policy*] -# (Optional) The archive policy to use when the dispatcher -# Defaults to $::os_service_default. -# -# [*resources_definition_file*] -# (Optional) The Yaml file that defines mapping between samples -# and gnocchi resources/metrics. -# Defaults to $::os_service_default. -# -class ceilometer::dispatcher::gnocchi ( - $filter_service_activity = $::os_service_default, - $filter_project = $::os_service_default, - $url = $::os_service_default, - $archive_policy = $::os_service_default, - $resources_definition_file = $::os_service_default, -) { - - ceilometer_config { - 'dispatcher_gnocchi/filter_service_activity': value => $filter_service_activity; - 'dispatcher_gnocchi/filter_project': value => $filter_project; - 'dispatcher_gnocchi/url': value => $url; - 'dispatcher_gnocchi/archive_policy': value => $archive_policy; - 'dispatcher_gnocchi/resources_definition_file': value => $resources_definition_file; - } - -} diff --git a/ceilometer/manifests/expirer.pp b/ceilometer/manifests/expirer.pp deleted file mode 100644 index 4e2ae5fda..000000000 --- a/ceilometer/manifests/expirer.pp +++ /dev/null @@ -1,70 +0,0 @@ -# -# Copyright (C) 2013 eNovance SAS -# -# Author: Emilien Macchi -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. You may obtain -# a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the -# License for the specific language governing permissions and limitations -# under the License. -# -# == Class: ceilometer::expirer -# -# Setups Ceilometer Expirer service to enable TTL feature. -# -# === Parameters -# -# [*enable_cron*] -# (optional) Whether to configure a crontab entry to run the expiry. -# Defaults to true. -# -# [*minute*] -# (optional) Defaults to '1'. -# -# [*hour*] -# (optional) Defaults to '0'. -# -# [*monthday*] -# (optional) Defaults to '*'. -# -# [*month*] -# (optional) Defaults to '*'. -# -# [*weekday*] -# (optional) Defaults to '*'. -# - -class ceilometer::expirer ( - $enable_cron = true, - $minute = 1, - $hour = 0, - $monthday = '*', - $month = '*', - $weekday = '*', -) { - - include ::ceilometer::params - - Package<| title == 'ceilometer-common' |> -> Class['ceilometer::expirer'] - - if $enable_cron { - cron { 'ceilometer-expirer': - command => $ceilometer::params::expirer_command, - environment => 'PATH=/bin:/usr/bin:/usr/sbin SHELL=/bin/sh', - user => 'ceilometer', - minute => $minute, - hour => $hour, - monthday => $monthday, - month => $month, - weekday => $weekday - } - } - -} diff --git a/ceilometer/manifests/init.pp b/ceilometer/manifests/init.pp deleted file mode 100644 index 2cee6b9a7..000000000 --- a/ceilometer/manifests/init.pp +++ /dev/null @@ -1,342 +0,0 @@ -# == Class: ceilometer -# -# This class is used to specify configuration parameters that are common -# across all ceilometer services. -# -# === Parameters: -# -# [*http_timeout*] -# (Optional) Timeout seconds for HTTP requests. -# Defaults to 600. -# -# [*event_time_to_live*] -# (Optional) Number of seconds that events are kept in the database for -# (<= 0 means forever) -# Defaults to -1. -# -# [*metering_time_to_live*] -# (Optional) Number of seconds that samples are kept in the database for -# (<= 0 means forever) -# Defaults to -1. -# -# [*metering_secret*] -# (Required) Secret key for signing messages. -# -# [*notification_topics*] -# (Optional) AMQP topic used for OpenStack notifications (list value) -# Defaults to 'notifications'. -# -# [*package_ensure*] -# (Optional) ensure state for package. -# Defaults to 'present'. -# -# [*debug*] -# (Optional) Should the daemons log debug messages. -# Defaults to undef. -# -# [*log_dir*] -# (Optional) Directory to which ceilometer logs are sent. -# If set to boolean false, it will not log to any directory. -# Defaults to undef. -# -# [*verbose*] -# (Optional) should the daemons log verbose messages. -# Defaults to undef. -# -# [*use_syslog*] -# (Optional) Use syslog for logging -# Defaults to undef. -# -# [*use_stderr*] -# (Optional) Use stderr for logging -# Defaults to undef. -# -# [*log_facility*] -# (Optional) Syslog facility to receive log lines. -# Defaults to undef. -# -# [*rpc_backend*] -# (Optional) what rpc/queuing service to use -# Defaults to 'rabbit'. -# -# [*rabbit_host*] -# (Optional) ip or hostname of the rabbit server. -# Defaults to '127.0.0.1'. -# -# [*rabbit_port*] -# (Optional) port of the rabbit server. -# Defaults to 5672. -# -# [*rabbit_hosts*] -# (Optional) array of host:port (used with HA queues). -# If defined, will remove rabbit_host & rabbit_port parameters from config -# Defaults to undef. -# -# [*rabbit_userid*] -# (Optional) user to connect to the rabbit server. -# Defaults to 'guest'. -# -# [*rabbit_password*] -# (Optional) password to connect to the rabbit_server. -# Defaults to empty. -# -# [*rabbit_virtual_host*] -# (Optional) virtualhost to use. -# Defaults to '/'. -# -# [*rabbit_ha_queues*] -# (Optional) Use HA queues in RabbitMQ (x-ha-policy: all). -# Defaults to undef. -# -# [*rabbit_heartbeat_timeout_threshold*] -# (Optional) Number of seconds after which the RabbitMQ broker is considered -# down if the heartbeat keepalive fails. Any value >0 enables heartbeats. -# Heartbeating helps to ensure the TCP connection to RabbitMQ isn't silently -# closed, resulting in missed or lost messages from the queue. -# (Requires kombu >= 3.0.7 and amqp >= 1.4.0) -# Defaults to 0. -# -# [*rabbit_heartbeat_rate*] -# (Optional) How often during the rabbit_heartbeat_timeout_threshold period to -# check the heartbeat on RabbitMQ connection. (i.e. rabbit_heartbeat_rate=2 -# when rabbit_heartbeat_timeout_threshold=60, the heartbeat will be checked -# every 30 seconds. -# Defaults to 2. -# -# [*rabbit_use_ssl*] -# (Optional) Connect over SSL for RabbitMQ -# Defaults to false. -# -# [*amqp_durable_queues*] -# (optional) Define queues as "durable" to rabbitmq. -# Defaults to $::os_service_default -# -# [*kombu_ssl_ca_certs*] -# (Optional) SSL certification authority file (valid only if SSL enabled). -# Defaults to undef. -# -# [*kombu_ssl_certfile*] -# (Optional) SSL cert file (valid only if SSL enabled). -# Defaults to undef. -# -# [*kombu_ssl_keyfile*] -# (Optional) SSL key file (valid only if SSL enabled). -# Defaults to undef. -# -# [*kombu_ssl_version*] -# (Optional) SSL version to use (valid only if SSL enabled). -# Valid values are TLSv1, SSLv23 and SSLv3. SSLv2 may be -# available on some distributions. -# Defaults to 'TLSv1'. -# -# [*memcached_servers*] -# (Optional) A list of memcached server(s) to use for caching. -# Defaults to undef. -# -# === DEPRECATED PARAMETERS: -# -# [*alarm_history_time_to_live*] -# [*qpid_hostname*] -# [*qpid_port*] -# [*qpid_username*] -# [*qpid_password*] -# [*qpid_heartbeat*] -# [*qpid_protocol*] -# [*qpid_tcp_nodelay*] -# [*qpid_reconnect*] -# [*qpid_reconnect_timeout*] -# [*qpid_reconnect_limit*] -# [*qpid_reconnect_interval*] -# [*qpid_reconnect_interval_min*] -# [*qpid_reconnect_interval_max*] -# -class ceilometer( - $http_timeout = '600', - $event_time_to_live = '-1', - $metering_time_to_live = '-1', - $metering_secret = false, - $notification_topics = ['notifications'], - $package_ensure = 'present', - $debug = undef, - $log_dir = undef, - $verbose = undef, - $use_syslog = undef, - $use_stderr = undef, - $log_facility = undef, - $rpc_backend = 'rabbit', - $rabbit_host = '127.0.0.1', - $rabbit_port = 5672, - $rabbit_hosts = undef, - $rabbit_userid = 'guest', - $rabbit_password = '', - $rabbit_virtual_host = '/', - $rabbit_ha_queues = undef, - $rabbit_heartbeat_timeout_threshold = 0, - $rabbit_heartbeat_rate = 2, - $amqp_durable_queues = $::os_service_default, - $rabbit_use_ssl = false, - $kombu_ssl_ca_certs = undef, - $kombu_ssl_certfile = undef, - $kombu_ssl_keyfile = undef, - $kombu_ssl_version = 'TLSv1', - $memcached_servers = undef, - # DEPRECATED PARAMETERS - $alarm_history_time_to_live = undef, - $qpid_hostname = undef, - $qpid_port = undef, - $qpid_username = undef, - $qpid_password = undef, - $qpid_heartbeat = undef, - $qpid_protocol = undef, - $qpid_tcp_nodelay = undef, - $qpid_reconnect = undef, - $qpid_reconnect_timeout = undef, - $qpid_reconnect_limit = undef, - $qpid_reconnect_interval_min = undef, - $qpid_reconnect_interval_max = undef, - $qpid_reconnect_interval = undef, -) { - - validate_string($metering_secret) - - include ::ceilometer::logging - include ::ceilometer::params - - if $kombu_ssl_ca_certs and !$rabbit_use_ssl { - fail('The kombu_ssl_ca_certs parameter requires rabbit_use_ssl to be set to true') - } - if $kombu_ssl_certfile and !$rabbit_use_ssl { - fail('The kombu_ssl_certfile parameter requires rabbit_use_ssl to be set to true') - } - if $kombu_ssl_keyfile and !$rabbit_use_ssl { - fail('The kombu_ssl_keyfile parameter requires rabbit_use_ssl to be set to true') - } - if ($kombu_ssl_certfile and !$kombu_ssl_keyfile) or ($kombu_ssl_keyfile and !$kombu_ssl_certfile) { - fail('The kombu_ssl_certfile and kombu_ssl_keyfile parameters must be used together') - } - - if $alarm_history_time_to_live { - warning('alarm_history_time_to_live parameter is deprecated. It should be configured for Aodh.') - } - - group { 'ceilometer': - name => 'ceilometer', - require => Package['ceilometer-common'], - } - - user { 'ceilometer': - name => 'ceilometer', - gid => 'ceilometer', - system => true, - require => Package['ceilometer-common'], - } - - package { 'ceilometer-common': - ensure => $package_ensure, - name => $::ceilometer::params::common_package_name, - tag => ['openstack', 'ceilometer-package'], - } - - # we keep "ceilometer.openstack.common.rpc.impl_kombu" for backward compatibility - if $rpc_backend == 'ceilometer.openstack.common.rpc.impl_kombu' or $rpc_backend == 'rabbit' { - - if $rabbit_hosts { - ceilometer_config { 'oslo_messaging_rabbit/rabbit_host': ensure => absent } - ceilometer_config { 'oslo_messaging_rabbit/rabbit_port': ensure => absent } - ceilometer_config { 'oslo_messaging_rabbit/rabbit_hosts': - value => join($rabbit_hosts, ',') - } - } else { - ceilometer_config { 'oslo_messaging_rabbit/rabbit_host': value => $rabbit_host } - ceilometer_config { 'oslo_messaging_rabbit/rabbit_port': value => $rabbit_port } - ceilometer_config { 'oslo_messaging_rabbit/rabbit_hosts': - value => "${rabbit_host}:${rabbit_port}" - } - } - - if $rabbit_ha_queues == undef { - if size($rabbit_hosts) > 1 { - ceilometer_config { 'oslo_messaging_rabbit/rabbit_ha_queues': value => true } - } else { - ceilometer_config { 'oslo_messaging_rabbit/rabbit_ha_queues': value => false } - } - } else { - ceilometer_config { 'oslo_messaging_rabbit/rabbit_ha_queues': value => $rabbit_ha_queues } - } - - ceilometer_config { - 'oslo_messaging_rabbit/rabbit_userid': value => $rabbit_userid; - 'oslo_messaging_rabbit/rabbit_password': value => $rabbit_password, secret => true; - 'oslo_messaging_rabbit/rabbit_virtual_host': value => $rabbit_virtual_host; - 'oslo_messaging_rabbit/rabbit_use_ssl': value => $rabbit_use_ssl; - 'oslo_messaging_rabbit/heartbeat_timeout_threshold': value => $rabbit_heartbeat_timeout_threshold; - 'oslo_messaging_rabbit/heartbeat_rate': value => $rabbit_heartbeat_rate; - 'oslo_messaging_rabbit/amqp_durable_queues': value => $amqp_durable_queues; - } - - if $rabbit_use_ssl { - - if $kombu_ssl_ca_certs { - ceilometer_config { 'oslo_messaging_rabbit/kombu_ssl_ca_certs': value => $kombu_ssl_ca_certs; } - } else { - ceilometer_config { 'oslo_messaging_rabbit/kombu_ssl_ca_certs': ensure => absent; } - } - - if $kombu_ssl_certfile or $kombu_ssl_keyfile { - ceilometer_config { - 'oslo_messaging_rabbit/kombu_ssl_certfile': value => $kombu_ssl_certfile; - 'oslo_messaging_rabbit/kombu_ssl_keyfile': value => $kombu_ssl_keyfile; - } - } else { - ceilometer_config { - 'oslo_messaging_rabbit/kombu_ssl_certfile': ensure => absent; - 'oslo_messaging_rabbit/kombu_ssl_keyfile': ensure => absent; - } - } - - if $kombu_ssl_version { - ceilometer_config { 'oslo_messaging_rabbit/kombu_ssl_version': value => $kombu_ssl_version; } - } else { - ceilometer_config { 'oslo_messaging_rabbit/kombu_ssl_version': ensure => absent; } - } - - } else { - ceilometer_config { - 'oslo_messaging_rabbit/kombu_ssl_ca_certs': ensure => absent; - 'oslo_messaging_rabbit/kombu_ssl_certfile': ensure => absent; - 'oslo_messaging_rabbit/kombu_ssl_keyfile': ensure => absent; - 'oslo_messaging_rabbit/kombu_ssl_version': ensure => absent; - } - } - - } - - # we keep "ceilometer.openstack.common.rpc.impl_qpid" for backward compatibility - if $rpc_backend == 'ceilometer.openstack.common.rpc.impl_qpid' or $rpc_backend == 'qpid' { - warning('Qpid driver is removed from Oslo.messaging in the Mitaka release') - } - - # Once we got here, we can act as an honey badger on the rpc used. - ceilometer_config { - 'DEFAULT/http_timeout' : value => $http_timeout; - 'DEFAULT/rpc_backend' : value => $rpc_backend; - 'publisher/metering_secret' : value => $metering_secret, secret => true; - 'DEFAULT/notification_topics' : value => join($notification_topics, ','); - 'database/event_time_to_live' : value => $event_time_to_live; - 'database/metering_time_to_live' : value => $metering_time_to_live; - } - - if $memcached_servers { - validate_array($memcached_servers) - } - - if $memcached_servers { - ceilometer_config { - 'DEFAULT/memcached_servers': value => join($memcached_servers, ',') - } - } else { - ceilometer_config { - 'DEFAULT/memcached_servers': ensure => absent; - } - } -} diff --git a/ceilometer/manifests/keystone/auth.pp b/ceilometer/manifests/keystone/auth.pp deleted file mode 100644 index c699d12e9..000000000 --- a/ceilometer/manifests/keystone/auth.pp +++ /dev/null @@ -1,231 +0,0 @@ -# == Class: ceilometer::keystone::auth -# -# Configures Ceilometer user, service and endpoint in Keystone. -# -# === Parameters: -# -# [*password*] -# (Required) Password for Ceilometer user. -# -# [*email*] -# (Optional) Email for Ceilometer user. -# Defaults to 'ceilometer@localhost'. -# -# [*auth_name*] -# (Optional) Username for Ceilometer service. -# Defaults to 'ceilometer'. -# -# [*configure_endpoint*] -# (Optional) Should Ceilometer endpoint be configured. -# Defaults to true. -# -# [*configure_user*] -# (Optional) Should Ceilometer service user be configured? -# Defaults to true. -# -# [*configure_user_role*] -# (Optional) Should roles be configured on Ceilometer service user? -# Defaults to true. -# -# [*service_name*] -# (Optional) Name of the service. -# Defaults to value of auth_name. -# -# [*service_type*] -# (Optional) Type of service. Optional. -# Defaults to 'metering'. -# -# [*service_description*] -# (Optional) Description for keystone service. -# Defaults to 'Openstack Metering Service'. -# -# [*region*] -# (Optional) Region for endpoint. -# Defaults to 'RegionOne'. -# -# [*tenant*] -# (Optional) Tenant for Ceilometer user. -# Defaults to 'services'. -# -# [*public_url*] -# (Optional) The endpoint's public url. -# This url should *not* contain any trailing '/'. -# Defaults to 'http://127.0.0.1:8777'. -# -# [*admin_url*] -# (Optional) The endpoint's admin url. -# This url should *not* contain any trailing '/'. -# Defaults to 'http://127.0.0.1:8777'. -# -# [*internal_url*] -# (Optional) The endpoint's internal url. -# This url should *not* contain any trailing '/'. -# Defaults to 'http://127.0.0.1:8777'. -# -# [*port*] -# (Optional) DEPRECATED: Use public_url, internal_url and admin_url instead. -# Setting this parameter overrides public_url, internal_url and admin_url parameters. -# Default port for endpoints. -# Defaults to 8777. -# -# [*public_protocol*] -# (Optional) DEPRECATED: Use public_url instead. -# Protocol for public endpoint. -# Setting this parameter overrides public_url parameter. -# Defaults to 'http'. -# -# [*public_address*] -# (Optional) DEPRECATED: Use public_url instead. -# Public address for endpoint. -# Setting this parameter overrides public_url parameter. -# Defaults to '127.0.0.1'. -# -# [*internal_protocol*] -# (Optional) DEPRECATED: Use internal_url instead. -# Protocol for internal endpoint. -# Setting this parameter overrides internal_url parameter. -# Defaults to 'http'. -# -# [*internal_address*] -# (Optional) DEPRECATED: Use internal_url instead. -# Internal address for endpoint. -# Setting this parameter overrides internal_url parameter. -# Defaults to '127.0.0.1'. -# -# [*admin_protocol*] -# (Optional) DEPRECATED: Use admin_url instead. -# Protocol for admin endpoint. -# Setting this parameter overrides admin_url parameter. -# Defaults to 'http'. -# -# [*admin_address*] -# (Optional) DEPRECATED: Use admin_url instead. -# Admin address for endpoint. -# Setting this parameter overrides admin_url parameter. -# Defaults to '127.0.0.1'. -# -# === Deprecation notes: -# -# If any value is provided for public_protocol, public_address or port parameters, -# public_url will be completely ignored. The same applies for internal and admin parameters. -# -# === Examples: -# -# class { 'ceilometer::keystone::auth': -# public_url => 'https://10.0.0.10:8777', -# internal_url => 'https://10.0.0.11:8777', -# admin_url => 'https://10.0.0.11:8777', -# } -# -class ceilometer::keystone::auth ( - $password = false, - $email = 'ceilometer@localhost', - $auth_name = 'ceilometer', - $configure_user = true, - $configure_user_role = true, - $service_name = undef, - $service_type = 'metering', - $service_description = 'Openstack Metering Service', - $region = 'RegionOne', - $tenant = 'services', - $configure_endpoint = true, - $public_url = 'http://127.0.0.1:8777', - $admin_url = 'http://127.0.0.1:8777', - $internal_url = 'http://127.0.0.1:8777', - # DEPRECATED PARAMETERS - $port = undef, - $public_protocol = undef, - $public_address = undef, - $internal_protocol = undef, - $internal_address = undef, - $admin_protocol = undef, - $admin_address = undef, -) { - - validate_string($password) - - if $port { - warning('The port parameter is deprecated, use public_url, internal_url and admin_url instead.') - } - - if $public_protocol { - warning('The public_protocol parameter is deprecated, use public_url instead.') - } - - if $internal_protocol { - warning('The internal_protocol parameter is deprecated, use internal_url instead.') - } - - if $admin_protocol { - warning('The admin_protocol parameter is deprecated, use admin_url instead.') - } - - if $public_address { - warning('The public_address parameter is deprecated, use public_url instead.') - } - - if $internal_address { - warning('The internal_address parameter is deprecated, use internal_url instead.') - } - - if $admin_address { - warning('The admin_address parameter is deprecated, use admin_url instead.') - } - - $service_name_real = pick($service_name, $auth_name) - - if ($public_protocol or $public_address or $port) { - $public_url_real = sprintf('%s://%s:%s', - pick($public_protocol, 'http'), - pick($public_address, '127.0.0.1'), - pick($port, '8777')) - } else { - $public_url_real = $public_url - } - - if ($admin_protocol or $admin_address or $port) { - $admin_url_real = sprintf('%s://%s:%s', - pick($admin_protocol, 'http'), - pick($admin_address, '127.0.0.1'), - pick($port, '8777')) - } else { - $admin_url_real = $admin_url - } - - if ($internal_protocol or $internal_address or $port) { - $internal_url_real = sprintf('%s://%s:%s', - pick($internal_protocol, 'http'), - pick($internal_address, '127.0.0.1'), - pick($port, '8777')) - } else { - $internal_url_real = $internal_url - } - - ::keystone::resource::service_identity { $auth_name: - configure_user => $configure_user, - configure_user_role => $configure_user_role, - configure_endpoint => $configure_endpoint, - service_type => $service_type, - service_description => $service_description, - service_name => $service_name_real, - region => $region, - password => $password, - email => $email, - tenant => $tenant, - roles => ['admin', 'ResellerAdmin'], - public_url => $public_url_real, - admin_url => $admin_url_real, - internal_url => $internal_url_real, - } - - if $configure_user_role { - if !defined(Keystone_role['ResellerAdmin']) { - keystone_role { 'ResellerAdmin': - ensure => present, - } - } - Keystone_role['ResellerAdmin'] -> Keystone_user_role["${auth_name}@${tenant}"] - } - -} - diff --git a/ceilometer/manifests/logging.pp b/ceilometer/manifests/logging.pp deleted file mode 100644 index 9122f723c..000000000 --- a/ceilometer/manifests/logging.pp +++ /dev/null @@ -1,147 +0,0 @@ -# == Class: ceilometer::logging -# -# ceilometer logging configuration -# -# === Parameters: -# -# [*verbose*] -# (Optional) Should the daemons log verbose messages -# Defaults to $::os_service_default. -# -# [*debug*] -# (Optional) Should the daemons log debug messages -# Defaults to $::os_service_default. -# -# [*use_syslog*] -# (Optional) Use syslog for logging. -# Defaults to $::os_service_default. -# -# [*use_stderr*] -# (Optional) Use stderr for logging -# Defaults to $::os_service_default. -# -# [*log_facility*] -# (Optional) Syslog facility to receive log lines. -# Defaults to $::os_service_default. -# -# [*log_dir*] -# (Optional) Directory where logs should be stored. -# If set to boolean false, it will not log to any directory. -# Defaults to '/var/log/ceilometer'. -# -# [*logging_context_format_string*] -# (Optional) Format string to use for log messages with context. -# Defaults to $::os_service_default. -# Example: '%(asctime)s.%(msecs)03d %(process)d %(levelname)s %(name)s\ -# [%(request_id)s %(user_identity)s] %(instance)s%(message)s' -# -# [*logging_default_format_string*] -# (Optional) Format string to use for log messages without context. -# Defaults to $::os_service_default. -# Example: '%(asctime)s.%(msecs)03d %(process)d %(levelname)s %(name)s\ -# [-] %(instance)s%(message)s' -# -# [*logging_debug_format_suffix*] -# (Optional) Formatted data to append to log format when level is DEBUG. -# Defaults to $::os_service_default. -# Example: '%(funcName)s %(pathname)s:%(lineno)d' -# -# [*logging_exception_prefix*] -# (Optional) Prefix each line of exception output with this format. -# Defaults to $::os_service_default. -# Example: '%(asctime)s.%(msecs)03d %(process)d TRACE %(name)s %(instance)s' -# -# [*log_config_append*] -# (Optional) The name of an additional logging configuration file. -# Defaults to $::os_service_default. -# Example: https://docs.python.org/2/howto/logging.html -# -# [*default_log_levels*] -# (Optional) Hash of logger (keys) and level (values) pairs. -# Defaults to $::os_service_default. -# Example: -# { 'amqp' => 'WARN', 'amqplib' => 'WARN', 'boto' => 'WARN', -# 'qpid' => 'WARN', 'sqlalchemy' => 'WARN', 'suds' => 'INFO', -# 'iso8601' => 'WARN', -# 'requests.packages.urllib3.connectionpool' => 'WARN' } -# -# [*publish_errors*] -# (Optional) Publish error events (boolean value). -# Defaults to $::os_service_default. -# -# [*fatal_deprecations*] -# (Optional) Make deprecations fatal (boolean value) -# Defaults to $::os_service_default. -# -# [*instance_format*] -# (Optional) If an instance is passed with the log message, format it -# like this (string value). -# Defaults to $::os_service_default. -# Example: '[instance: %(uuid)s] ' -# -# [*instance_uuid_format*] -# (Optional) If an instance UUID is passed with the log message, format -# it like this (string value). -# Defaults to $::os_service_default. -# Example: instance_uuid_format='[instance: %(uuid)s] ' -# -# [*log_date_format*] -# (Optional) Format string for %%(asctime)s in log records. -# Defaults to $::os_service_default. -# Example: 'Y-%m-%d %H:%M:%S' -# -class ceilometer::logging( - $use_syslog = $::os_service_default, - $use_stderr = $::os_service_default, - $log_facility = $::os_service_default, - $log_dir = '/var/log/ceilometer', - $verbose = $::os_service_default, - $debug = $::os_service_default, - $logging_context_format_string = $::os_service_default, - $logging_default_format_string = $::os_service_default, - $logging_debug_format_suffix = $::os_service_default, - $logging_exception_prefix = $::os_service_default, - $log_config_append = $::os_service_default, - $default_log_levels = $::os_service_default, - $publish_errors = $::os_service_default, - $fatal_deprecations = $::os_service_default, - $instance_format = $::os_service_default, - $instance_uuid_format = $::os_service_default, - $log_date_format = $::os_service_default, -) { - - # NOTE(spredzy): In order to keep backward compatibility we rely on the pick function - # to use ceilometer:: first then ceilometer::logging::. - $use_syslog_real = pick($::ceilometer::use_syslog,$use_syslog) - $use_stderr_real = pick($::ceilometer::use_stderr,$use_stderr) - $log_facility_real = pick($::ceilometer::log_facility,$log_facility) - $log_dir_real = pick($::ceilometer::log_dir,$log_dir) - $verbose_real = pick($::ceilometer::verbose,$verbose) - $debug_real = pick($::ceilometer::debug,$debug) - - if is_service_default($default_log_levels) { - $default_log_levels_real = $default_log_levels - } else { - $default_log_levels_real = join(sort(join_keys_to_values($default_log_levels, '=')), ',') - } - - ceilometer_config { - 'DEFAULT/debug': value => $debug_real; - 'DEFAULT/verbose': value => $verbose_real; - 'DEFAULT/use_stderr': value => $use_stderr_real; - 'DEFAULT/use_syslog': value => $use_syslog_real; - 'DEFAULT/log_dir': value => $log_dir_real; - 'DEFAULT/syslog_log_facility': value => $log_facility_real; - 'DEFAULT/logging_context_format_string': value => $logging_context_format_string; - 'DEFAULT/logging_default_format_string': value => $logging_default_format_string; - 'DEFAULT/logging_debug_format_suffix': value => $logging_debug_format_suffix; - 'DEFAULT/logging_exception_prefix': value => $logging_exception_prefix; - 'DEFAULT/log_config_append': value => $log_config_append; - 'DEFAULT/default_log_levels': value => $default_log_levels_real; - 'DEFAULT/publish_errors': value => $publish_errors; - 'DEFAULT/fatal_deprecations': value => $fatal_deprecations; - 'DEFAULT/instance_format': value => $instance_format; - 'DEFAULT/instance_uuid_format': value => $instance_uuid_format; - 'DEFAULT/log_date_format': value => $log_date_format; - } -} diff --git a/ceilometer/manifests/params.pp b/ceilometer/manifests/params.pp deleted file mode 100644 index 749916d3b..000000000 --- a/ceilometer/manifests/params.pp +++ /dev/null @@ -1,76 +0,0 @@ -# == Class: ceilometer::params -# -# These parameters need to be accessed from several locations and -# should be considered to be constant -# -class ceilometer::params { - - $dbsync_command = 'ceilometer-dbsync --config-file=/etc/ceilometer/ceilometer.conf' - $expirer_command = 'ceilometer-expirer' - $user = 'ceilometer' - - case $::osfamily { - 'RedHat': { - # package names - $agent_central_package_name = 'openstack-ceilometer-central' - $agent_compute_package_name = 'openstack-ceilometer-compute' - $agent_polling_package_name = 'openstack-ceilometer-polling' - $api_package_name = 'openstack-ceilometer-api' - $collector_package_name = 'openstack-ceilometer-collector' - $agent_notification_package_name = 'openstack-ceilometer-notification' - $common_package_name = 'openstack-ceilometer-common' - $client_package_name = 'python-ceilometerclient' - # service names - $agent_central_service_name = 'openstack-ceilometer-central' - $agent_compute_service_name = 'openstack-ceilometer-compute' - $agent_polling_service_name = 'openstack-ceilometer-polling' - $api_service_name = 'openstack-ceilometer-api' - $collector_service_name = 'openstack-ceilometer-collector' - $pymongo_package_name = 'python-pymongo' - $agent_notification_service_name = 'openstack-ceilometer-notification' - $ceilometer_wsgi_script_path = '/var/www/cgi-bin/ceilometer' - $ceilometer_wsgi_script_source = '/usr/lib/python2.7/site-packages/ceilometer/api/app.wsgi' - $sqlite_package_name = undef - $pymysql_package_name = undef - } - 'Debian': { - # package names - $agent_central_package_name = 'ceilometer-agent-central' - $agent_compute_package_name = 'ceilometer-agent-compute' - $agent_polling_package_name = 'ceilometer-polling' - $api_package_name = 'ceilometer-api' - $collector_package_name = 'ceilometer-collector' - $agent_notification_package_name = 'ceilometer-agent-notification' - $common_package_name = 'ceilometer-common' - $client_package_name = 'python-ceilometerclient' - # service names - $agent_central_service_name = 'ceilometer-agent-central' - $agent_compute_service_name = 'ceilometer-agent-compute' - $agent_polling_service_name = 'ceilometer-polling' - $collector_service_name = 'ceilometer-collector' - $api_service_name = 'ceilometer-api' - $agent_notification_service_name = 'ceilometer-agent-notification' - # db packages - $pymongo_package_name = 'python-pymongo' - $sqlite_package_name = 'python-pysqlite2' - $pymysql_package_name = 'python-pymysql' - - # Operating system specific - case $::operatingsystem { - 'Ubuntu': { - $libvirt_group = 'libvirtd' - } - default: { - $libvirt_group = 'libvirt' - } - } - $ceilometer_wsgi_script_path = '/usr/lib/cgi-bin/ceilometer' - $ceilometer_wsgi_script_source = '/usr/lib/python2.7/dist-packages/ceilometer/api/app.wsgi' - } - default: { - fail("Unsupported osfamily: ${::osfamily} operatingsystem: \ -${::operatingsystem}, module ${module_name} only support osfamily \ -RedHat and Debian") - } - } -} diff --git a/ceilometer/manifests/policy.pp b/ceilometer/manifests/policy.pp deleted file mode 100644 index e9be473e4..000000000 --- a/ceilometer/manifests/policy.pp +++ /dev/null @@ -1,29 +0,0 @@ -# == Class: ceilometer::policy -# -# Configure the ceilometer policies -# -# === Parameters: -# -# [*policies*] -# (Optional) Set of policies to configure for ceilometer -# Example : { 'ceilometer-context_is_admin' => {'context_is_admin' => 'true'}, 'ceilometer-default' => {'default' => 'rule:admin_or_owner'} } -# Defaults to empty hash. -# -# [*policy_path*] -# (Optional) Path to the ceilometer policy.json file -# Defaults to /etc/ceilometer/policy.json -# -class ceilometer::policy ( - $policies = {}, - $policy_path = '/etc/ceilometer/policy.json', -) { - - validate_hash($policies) - - Openstacklib::Policy::Base { - file_path => $policy_path, - } - - create_resources('openstacklib::policy::base', $policies) - -} diff --git a/ceilometer/manifests/wsgi/apache.pp b/ceilometer/manifests/wsgi/apache.pp deleted file mode 100644 index e6e0c638a..000000000 --- a/ceilometer/manifests/wsgi/apache.pp +++ /dev/null @@ -1,130 +0,0 @@ -# -# Copyright (C) 2015 eNovance SAS -# -# Author: Emilien Macchi -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. You may obtain -# a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the -# License for the specific language governing permissions and limitations -# under the License. -# -# == Class: ceilometer::wsgi::apache -# -# Class to serve Ceilometer API with apache mod_wsgi in place of ceilometer-api service. -# -# Serving Ceilometer API from apache is the recommended way to go for production -# because of limited performance for concurrent accesses when running eventlet. -# -# When using this class you should disable your ceilometer-api service. -# -# === Parameters: -# -# [*servername*] -# (Optional) The servername for the virtualhost. -# Defaults to $::fqdn. -# -# [*port*] -# (Optional) The port. -# Defaults to 8777. -# -# [*bind_host*] -# (Optional) The host/ip address Apache will listen on. -# Defaults to undef (listen on all ip addresses). -# -# [*path*] -# (Optional) The prefix for the endpoint. -# Defaults to '/'. -# -# [*ssl*] -# (Optional) Use ssl ? (boolean) -# Defaults to true. -# -# [*workers*] -# (Optional) Number of WSGI workers to spawn. -# Defaults to 1. -# -# [*priority*] -# (Optional) The priority for the vhost. -# Defaults to '10'. -# -# [*threads*] -# (Optional) The number of threads for the vhost. -# Defaults to $::processorcount. -# -# [*ssl_cert*] -# [*ssl_key*] -# [*ssl_chain*] -# [*ssl_ca*] -# [*ssl_crl_path*] -# [*ssl_crl*] -# [*ssl_certs_dir*] -# (Optional) apache::vhost ssl parameters. -# Default to apache::vhost 'ssl_*' defaults. -# -# === Dependencies: -# -# requires Class['apache'] & Class['ceilometer'] -# -# === Examples: -# -# include apache -# -# class { 'ceilometer::wsgi::apache': } -# -class ceilometer::wsgi::apache ( - $servername = $::fqdn, - $port = 8777, - $bind_host = undef, - $path = '/', - $ssl = true, - $workers = 1, - $ssl_cert = undef, - $ssl_key = undef, - $ssl_chain = undef, - $ssl_ca = undef, - $ssl_crl_path = undef, - $ssl_crl = undef, - $ssl_certs_dir = undef, - $threads = $::processorcount, - $priority = '10', -) { - - include ::ceilometer::params - include ::apache - include ::apache::mod::wsgi - if $ssl { - include ::apache::mod::ssl - } - - ::openstacklib::wsgi::apache { 'ceilometer_wsgi': - bind_host => $bind_host, - bind_port => $port, - group => 'ceilometer', - path => $path, - priority => $priority, - servername => $servername, - ssl => $ssl, - ssl_ca => $ssl_ca, - ssl_cert => $ssl_cert, - ssl_certs_dir => $ssl_certs_dir, - ssl_chain => $ssl_chain, - ssl_crl => $ssl_crl, - ssl_crl_path => $ssl_crl_path, - ssl_key => $ssl_key, - threads => $threads, - user => 'ceilometer', - workers => $workers, - wsgi_daemon_process => 'ceilometer', - wsgi_process_group => 'ceilometer', - wsgi_script_dir => $::ceilometer::params::ceilometer_wsgi_script_path, - wsgi_script_file => 'app', - wsgi_script_source => $::ceilometer::params::ceilometer_wsgi_script_source, - } -} diff --git a/ceilometer/metadata.json b/ceilometer/metadata.json deleted file mode 100644 index 61eca27de..000000000 --- a/ceilometer/metadata.json +++ /dev/null @@ -1,32 +0,0 @@ -{ - "name": "openstack-ceilometer", - "version": "8.1.0", - "author": "eNovance and OpenStack Contributors", - "summary": "Puppet module for OpenStack Ceilometer", - "license": "Apache-2.0", - "source": "git://github.com/openstack/puppet-ceilometer.git", - "project_page": "https://launchpad.net/puppet-ceilometer", - "issues_url": "https://bugs.launchpad.net/puppet-ceilometer", - "requirements": [ - { "name": "pe", "version_requirement": ">= 3.2.0 <= 2016.1.0" }, - { "name": "puppet", "version_requirement": ">= 3.0.0 < 5.0.0" } - ], - "operatingsystem_support": [ - { - "operatingsystem": "RedHat", - "operatingsystemrelease": ["7"] - }, - { - "operatingsystem": "Ubuntu", - "operatingsystemrelease": ["14.04"] - } - ], - "description": "Installs and configures OpenStack Ceilometer (Telemetry).", - "dependencies": [ - { "name": "puppetlabs/apache", "version_requirement": ">=1.8.0 <2.0.0" }, - { "name": "puppetlabs/inifile", "version_requirement": ">=1.4.0 <2.0.0" }, - { "name": "openstack/keystone", "version_requirement": ">=8.1.0 <9.0.0" }, - { "name": "puppetlabs/stdlib", "version_requirement": ">=4.9.0 <5.0.0" }, - { "name": "openstack/openstacklib", "version_requirement": ">=8.1.0 <9.0.0" } - ] -} diff --git a/ceilometer/releasenotes/notes/added_messaging_urls-fbf1309bf1bfafa4.yaml b/ceilometer/releasenotes/notes/added_messaging_urls-fbf1309bf1bfafa4.yaml deleted file mode 100644 index 0234226b1..000000000 --- a/ceilometer/releasenotes/notes/added_messaging_urls-fbf1309bf1bfafa4.yaml +++ /dev/null @@ -1,4 +0,0 @@ ---- -features: - - Added messaging_urls parameter to ceilometer agents notification. - The parameter accepts an array. diff --git a/ceilometer/releasenotes/notes/ceilometer_notifications_messaging_urls-62b27d617a49c609.yaml b/ceilometer/releasenotes/notes/ceilometer_notifications_messaging_urls-62b27d617a49c609.yaml deleted file mode 100644 index 736637a85..000000000 --- a/ceilometer/releasenotes/notes/ceilometer_notifications_messaging_urls-62b27d617a49c609.yaml +++ /dev/null @@ -1,6 +0,0 @@ ---- -features: - - Switched ceilometer_config from ini_setting type to openstack_config type. - - Added the ability to pass in messaging_urls into notifications agent. This - will allow a user to configure ceilometer to talk to different virtualhosts - or entirely different messaging queues. diff --git a/ceilometer/releasenotes/notes/deprecate_alarm-273cc49b689fe0a8.yaml b/ceilometer/releasenotes/notes/deprecate_alarm-273cc49b689fe0a8.yaml deleted file mode 100644 index 632355a47..000000000 --- a/ceilometer/releasenotes/notes/deprecate_alarm-273cc49b689fe0a8.yaml +++ /dev/null @@ -1,5 +0,0 @@ ---- -deprecations: - - Deprecate Ceilometer alarm classes. - Alarming services (evaluator and notifier) in Mitaka - were moved to Aodh OpenStack project. diff --git a/ceilometer/releasenotes/notes/deprecate_old_mongo-5909886c13013bde.yaml b/ceilometer/releasenotes/notes/deprecate_old_mongo-5909886c13013bde.yaml deleted file mode 100644 index 5a5434360..000000000 --- a/ceilometer/releasenotes/notes/deprecate_old_mongo-5909886c13013bde.yaml +++ /dev/null @@ -1,3 +0,0 @@ ---- -deprecations: - - Deprecate mongodb_replica_set parameter. diff --git a/ceilometer/releasenotes/notes/gnocchi-22478d430337227c.yaml b/ceilometer/releasenotes/notes/gnocchi-22478d430337227c.yaml deleted file mode 100644 index c11322d3d..000000000 --- a/ceilometer/releasenotes/notes/gnocchi-22478d430337227c.yaml +++ /dev/null @@ -1,6 +0,0 @@ ---- -features: - - Implement Gnocchi dispatcher configuration - Add dispatcher options to ceilometer::collector and - create ceilometer::dispatcher::gnocchi class, with current - upstream options. diff --git a/ceilometer/releasenotes/notes/keystone_auth-b821f96e020f9048.yaml b/ceilometer/releasenotes/notes/keystone_auth-b821f96e020f9048.yaml deleted file mode 100644 index 4b6f87d60..000000000 --- a/ceilometer/releasenotes/notes/keystone_auth-b821f96e020f9048.yaml +++ /dev/null @@ -1,3 +0,0 @@ ---- -deprecations: - - Use identity_uri and auth_uri by default. diff --git a/ceilometer/releasenotes/notes/mitaka-dece9d43a565e6cb.yaml b/ceilometer/releasenotes/notes/mitaka-dece9d43a565e6cb.yaml deleted file mode 100644 index d36183fe1..000000000 --- a/ceilometer/releasenotes/notes/mitaka-dece9d43a565e6cb.yaml +++ /dev/null @@ -1,3 +0,0 @@ ---- -prelude: > - This is the first Mitaka release for puppet-ceilometer module. diff --git a/ceilometer/releasenotes/notes/password_auth_type-810a86921a846b2f.yaml b/ceilometer/releasenotes/notes/password_auth_type-810a86921a846b2f.yaml deleted file mode 100644 index c580c3328..000000000 --- a/ceilometer/releasenotes/notes/password_auth_type-810a86921a846b2f.yaml +++ /dev/null @@ -1,5 +0,0 @@ ---- -upgrade: - - Update auth_type value to 'password' to use keystone auth - plugin by default instead of ceilometer legacy keystone loader. - - Remove hard-coded API version from auth url diff --git a/ceilometer/releasenotes/notes/pymysql-e57bf1f0289dd426.yaml b/ceilometer/releasenotes/notes/pymysql-e57bf1f0289dd426.yaml deleted file mode 100644 index 3556c0c8c..000000000 --- a/ceilometer/releasenotes/notes/pymysql-e57bf1f0289dd426.yaml +++ /dev/null @@ -1,3 +0,0 @@ ---- -features: - - Support of PyMySQL driver for MySQL backend. diff --git a/ceilometer/releasenotes/notes/remove_qpid-0b446db43fdea617.yaml b/ceilometer/releasenotes/notes/remove_qpid-0b446db43fdea617.yaml deleted file mode 100644 index c59a436d3..000000000 --- a/ceilometer/releasenotes/notes/remove_qpid-0b446db43fdea617.yaml +++ /dev/null @@ -1,5 +0,0 @@ ---- -deprecations: - - Remove QPID messaging support. - Qpid messaging driver is removed from oslo.messaging so we won't support - anymore. diff --git a/ceilometer/releasenotes/notes/use-reno-1caaec4ba5aa4285.yaml b/ceilometer/releasenotes/notes/use-reno-1caaec4ba5aa4285.yaml deleted file mode 100644 index 41cef2f11..000000000 --- a/ceilometer/releasenotes/notes/use-reno-1caaec4ba5aa4285.yaml +++ /dev/null @@ -1,4 +0,0 @@ ---- -features: - - Release notes are no longer maintained by hand, we now use the reno tool to - manage them. diff --git a/ceilometer/releasenotes/notes/workers-2ce7d757e90b0c84.yaml b/ceilometer/releasenotes/notes/workers-2ce7d757e90b0c84.yaml deleted file mode 100644 index 4f60f1544..000000000 --- a/ceilometer/releasenotes/notes/workers-2ce7d757e90b0c84.yaml +++ /dev/null @@ -1,3 +0,0 @@ ---- -features: - - Ability to configure api, collector and notification workers. diff --git a/ceilometer/releasenotes/source/_static/.placeholder b/ceilometer/releasenotes/source/_static/.placeholder deleted file mode 100644 index e69de29bb..000000000 diff --git a/ceilometer/releasenotes/source/conf.py b/ceilometer/releasenotes/source/conf.py deleted file mode 100644 index bb961c5d7..000000000 --- a/ceilometer/releasenotes/source/conf.py +++ /dev/null @@ -1,259 +0,0 @@ -# -*- coding: utf-8 -*- -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or -# implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -# If extensions (or modules to document with autodoc) are in another directory, -# add these directories to sys.path here. If the directory is relative to the -# documentation root, use os.path.abspath to make it absolute, like shown here. -#sys.path.insert(0, os.path.abspath('.')) - -# -- General configuration ------------------------------------------------ - -# If your documentation needs a minimal Sphinx version, state it here. -#needs_sphinx = '1.0' - -# Add any Sphinx extension module names here, as strings. They can be -# extensions coming with Sphinx (named 'sphinx.ext.*') or your custom -# ones. -extensions = [ - 'oslosphinx', - 'reno.sphinxext', -] - -# Add any paths that contain templates here, relative to this directory. -templates_path = ['_templates'] - -# The suffix of source filenames. -source_suffix = '.rst' - -# The encoding of source files. -#source_encoding = 'utf-8-sig' - -# The master toctree document. -master_doc = 'index' - -# General information about the project. -project = u'puppet-ceilometer Release Notes' -copyright = u'2016, Puppet OpenStack Developers' - -# The version info for the project you're documenting, acts as replacement for -# |version| and |release|, also used in various other places throughout the -# built documents. -# -# The short X.Y version. -version = '8.1.0' -# The full version, including alpha/beta/rc tags. -release = '8.1.0' - -# The language for content autogenerated by Sphinx. Refer to documentation -# for a list of supported languages. -#language = None - -# There are two options for replacing |today|: either, you set today to some -# non-false value, then it is used: -#today = '' -# Else, today_fmt is used as the format for a strftime call. -#today_fmt = '%B %d, %Y' - -# List of patterns, relative to source directory, that match files and -# directories to ignore when looking for source files. -exclude_patterns = [] - -# The reST default role (used for this markup: `text`) to use for all -# documents. -#default_role = None - -# If true, '()' will be appended to :func: etc. cross-reference text. -#add_function_parentheses = True - -# If true, the current module name will be prepended to all description -# unit titles (such as .. function::). -#add_module_names = True - -# If true, sectionauthor and moduleauthor directives will be shown in the -# output. They are ignored by default. -#show_authors = False - -# The name of the Pygments (syntax highlighting) style to use. -pygments_style = 'sphinx' - -# A list of ignored prefixes for module index sorting. -#modindex_common_prefix = [] - -# If true, keep warnings as "system message" paragraphs in the built documents. -#keep_warnings = False - - -# -- Options for HTML output ---------------------------------------------- - -# The theme to use for HTML and HTML Help pages. See the documentation for -# a list of builtin themes. -html_theme = 'default' - -# Theme options are theme-specific and customize the look and feel of a theme -# further. For a list of options available for each theme, see the -# documentation. -#html_theme_options = {} - -# Add any paths that contain custom themes here, relative to this directory. -#html_theme_path = [] - -# The name for this set of Sphinx documents. If None, it defaults to -# " v documentation". -#html_title = None - -# A shorter title for the navigation bar. Default is the same as html_title. -#html_short_title = None - -# The name of an image file (relative to this directory) to place at the top -# of the sidebar. -#html_logo = None - -# The name of an image file (within the static path) to use as favicon of the -# docs. This file should be a Windows icon file (.ico) being 16x16 or 32x32 -# pixels large. -#html_favicon = None - -# Add any paths that contain custom static files (such as style sheets) here, -# relative to this directory. They are copied after the builtin static files, -# so a file named "default.css" will overwrite the builtin "default.css". -html_static_path = ['_static'] - -# Add any extra paths that contain custom files (such as robots.txt or -# .htaccess) here, relative to this directory. These files are copied -# directly to the root of the documentation. -#html_extra_path = [] - -# If not '', a 'Last updated on:' timestamp is inserted at every page bottom, -# using the given strftime format. -#html_last_updated_fmt = '%b %d, %Y' - -# If true, SmartyPants will be used to convert quotes and dashes to -# typographically correct entities. -#html_use_smartypants = True - -# Custom sidebar templates, maps document names to template names. -#html_sidebars = {} - -# Additional templates that should be rendered to pages, maps page names to -# template names. -#html_additional_pages = {} - -# If false, no module index is generated. -#html_domain_indices = True - -# If false, no index is generated. -#html_use_index = True - -# If true, the index is split into individual pages for each letter. -#html_split_index = False - -# If true, links to the reST sources are added to the pages. -#html_show_sourcelink = True - -# If true, "Created using Sphinx" is shown in the HTML footer. Default is True. -#html_show_sphinx = True - -# If true, "(C) Copyright ..." is shown in the HTML footer. Default is True. -#html_show_copyright = True - -# If true, an OpenSearch description file will be output, and all pages will -# contain a tag referring to it. The value of this option must be the -# base URL from which the finished HTML is served. -#html_use_opensearch = '' - -# This is the file name suffix for HTML files (e.g. ".xhtml"). -#html_file_suffix = None - -# Output file base name for HTML help builder. -htmlhelp_basename = 'puppet-ceilometerReleaseNotesdoc' - - -# -- Options for LaTeX output --------------------------------------------- - -latex_elements = { -# The paper size ('letterpaper' or 'a4paper'). -#'papersize': 'letterpaper', - -# The font size ('10pt', '11pt' or '12pt'). -#'pointsize': '10pt', - -# Additional stuff for the LaTeX preamble. -#'preamble': '', -} - -# Grouping the document tree into LaTeX files. List of tuples -# (source start file, target name, title, -# author, documentclass [howto, manual, or own class]). -latex_documents = [ - ('index', 'puppet-ceilometerReleaseNotes.tex', u'puppet-ceilometer Release Notes Documentation', - u'2016, Puppet OpenStack Developers', 'manual'), -] - -# The name of an image file (relative to this directory) to place at the top of -# the title page. -#latex_logo = None - -# For "manual" documents, if this is true, then toplevel headings are parts, -# not chapters. -#latex_use_parts = False - -# If true, show page references after internal links. -#latex_show_pagerefs = False - -# If true, show URL addresses after external links. -#latex_show_urls = False - -# Documents to append as an appendix to all manuals. -#latex_appendices = [] - -# If false, no module index is generated. -#latex_domain_indices = True - - -# -- Options for manual page output --------------------------------------- - -# One entry per manual page. List of tuples -# (source start file, name, description, authors, manual section). -man_pages = [ - ('index', 'puppet-ceilometerreleasenotes', u'puppet-ceilometer Release Notes Documentation', - [u'2016, Puppet OpenStack Developers'], 1) -] - -# If true, show URL addresses after external links. -#man_show_urls = False - - -# -- Options for Texinfo output ------------------------------------------- - -# Grouping the document tree into Texinfo files. List of tuples -# (source start file, target name, title, author, -# dir menu entry, description, category) -texinfo_documents = [ - ('index', 'puppet-ceilometerReleaseNotes', u'puppet-ceilometer Release Notes Documentation', - u'2016, Puppet OpenStack Developers', 'puppet-ceilometerReleaseNotes', 'One line description of project.', - 'Miscellaneous'), -] - -# Documents to append as an appendix to all manuals. -#texinfo_appendices = [] - -# If false, no module index is generated. -#texinfo_domain_indices = True - -# How to display URL addresses: 'footnote', 'no', or 'inline'. -#texinfo_show_urls = 'footnote' - -# If true, do not generate a @detailmenu in the "Top" node's menu. -#texinfo_no_detailmenu = False diff --git a/ceilometer/releasenotes/source/index.rst b/ceilometer/releasenotes/source/index.rst deleted file mode 100644 index 54fddf731..000000000 --- a/ceilometer/releasenotes/source/index.rst +++ /dev/null @@ -1,19 +0,0 @@ -=========================================== -Welcome to puppet-ceilometer Release Notes! -=========================================== - -Contents -======== - -.. toctree:: - :maxdepth: 2 - - mitaka - unreleased - - -Indices and tables -================== - -* :ref:`genindex` -* :ref:`search` diff --git a/ceilometer/releasenotes/source/mitaka.rst b/ceilometer/releasenotes/source/mitaka.rst deleted file mode 100644 index 97ab8d1d3..000000000 --- a/ceilometer/releasenotes/source/mitaka.rst +++ /dev/null @@ -1,6 +0,0 @@ -============================ - Mitaka Series Release Notes -============================ - -.. release-notes:: - :branch: origin/stable/mitaka diff --git a/ceilometer/releasenotes/source/unreleased.rst b/ceilometer/releasenotes/source/unreleased.rst deleted file mode 100644 index 2334dd5cf..000000000 --- a/ceilometer/releasenotes/source/unreleased.rst +++ /dev/null @@ -1,5 +0,0 @@ -============================== - Current Series Release Notes -============================== - - .. release-notes:: diff --git a/ceilometer/setup.cfg b/ceilometer/setup.cfg deleted file mode 100644 index ed0c677de..000000000 --- a/ceilometer/setup.cfg +++ /dev/null @@ -1,13 +0,0 @@ -[metadata] -name = puppet-ceilometer -summary = Puppet module for OpenStack Ceilometer -description-file = - README.md -author = Puppet Labs and OpenStack Contributors -author-email = openstack-dev@lists.openstack.org -home-page = http://www.openstack.org/ -classifier = - Intended Audience :: Developers - Intended Audience :: System Administrators - License :: OSI Approved :: Apache Software License - Operating System :: POSIX :: Linux diff --git a/ceilometer/setup.py b/ceilometer/setup.py deleted file mode 100644 index 70c2b3f32..000000000 --- a/ceilometer/setup.py +++ /dev/null @@ -1,22 +0,0 @@ -#!/usr/bin/env python -# Copyright (c) 2013 Hewlett-Packard Development Company, L.P. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or -# implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# THIS FILE IS MANAGED BY THE GLOBAL REQUIREMENTS REPO - DO NOT EDIT -import setuptools - -setuptools.setup( - setup_requires=['pbr'], - pbr=True) diff --git a/ceilometer/spec/acceptance/ceilometer_with_mysql_spec.rb b/ceilometer/spec/acceptance/ceilometer_with_mysql_spec.rb deleted file mode 100644 index 0172962b8..000000000 --- a/ceilometer/spec/acceptance/ceilometer_with_mysql_spec.rb +++ /dev/null @@ -1,102 +0,0 @@ -require 'spec_helper_acceptance' - -describe 'ceilometer with mysql' do - - context 'default parameters' do - - it 'should work with no errors' do - pp= <<-EOS - # make sure apache is stopped before ceilometer-api eventlet - # in case of wsgi was run before - class { '::apache': - service_ensure => 'stopped', - } - Service['httpd'] -> Service['keystone'] - - include ::openstack_integration - include ::openstack_integration::repos - include ::openstack_integration::rabbitmq - include ::openstack_integration::mysql - - rabbitmq_user { 'ceilometer': - admin => true, - password => 'an_even_bigger_secret', - provider => 'rabbitmqctl', - require => Class['rabbitmq'], - } - - rabbitmq_user_permissions { 'ceilometer@/': - configure_permission => '.*', - write_permission => '.*', - read_permission => '.*', - provider => 'rabbitmqctl', - require => Class['rabbitmq'], - } - - # Keystone resources, needed by Ceilometer to run - class { '::keystone::db::mysql': - password => 'keystone', - } - class { '::keystone': - verbose => true, - debug => true, - database_connection => 'mysql+pymysql://keystone:keystone@127.0.0.1/keystone', - admin_token => 'admin_token', - enabled => true, - } - class { '::keystone::roles::admin': - email => 'test@example.tld', - password => 'a_big_secret', - } - class { '::keystone::endpoint': - public_url => "https://${::fqdn}:5000/", - admin_url => "https://${::fqdn}:35357/", - } - - # Ceilometer resources - class { '::ceilometer': - metering_secret => 'secrete', - rabbit_userid => 'ceilometer', - rabbit_password => 'an_even_bigger_secret', - rabbit_host => '127.0.0.1', - debug => true, - verbose => true, - } - class { '::ceilometer::db::mysql': - password => 'a_big_secret', - } - class { '::ceilometer::db': - database_connection => 'mysql+pymysql://ceilometer:a_big_secret@127.0.0.1/ceilometer?charset=utf8', - } - class { '::ceilometer::keystone::auth': - password => 'a_big_secret', - } - class { '::ceilometer::client': } - class { '::ceilometer::collector': } - class { '::ceilometer::expirer': } - class { '::ceilometer::agent::central': } - class { '::ceilometer::agent::notification': } - class { '::ceilometer::api': - enabled => true, - keystone_password => 'a_big_secret', - keystone_identity_uri => 'http://127.0.0.1:35357/', - } - class { '::ceilometer::dispatcher::gnocchi': } - EOS - - - # Run it twice and test for idempotency - apply_manifest(pp, :catch_failures => true) - apply_manifest(pp, :catch_changes => true) - end - - describe port(8777) do - it { is_expected.to be_listening.with('tcp') } - end - - describe cron do - it { is_expected.to have_entry('1 0 * * * ceilometer-expirer').with_user('ceilometer') } - end - - end -end diff --git a/ceilometer/spec/acceptance/ceilometer_wsgi_apache_spec.rb b/ceilometer/spec/acceptance/ceilometer_wsgi_apache_spec.rb deleted file mode 100644 index 546229ed6..000000000 --- a/ceilometer/spec/acceptance/ceilometer_wsgi_apache_spec.rb +++ /dev/null @@ -1,79 +0,0 @@ -require 'spec_helper_acceptance' - -describe 'ceilometer with mysql' do - - context 'default parameters' do - - it 'should work with no errors' do - pp= <<-EOS - include ::openstack_integration - include ::openstack_integration::repos - include ::openstack_integration::rabbitmq - include ::openstack_integration::mysql - include ::openstack_integration::keystone - - rabbitmq_user { 'ceilometer': - admin => true, - password => 'an_even_bigger_secret', - provider => 'rabbitmqctl', - require => Class['rabbitmq'], - } - - rabbitmq_user_permissions { 'ceilometer@/': - configure_permission => '.*', - write_permission => '.*', - read_permission => '.*', - provider => 'rabbitmqctl', - require => Class['rabbitmq'], - } - - # Ceilometer resources - class { '::ceilometer': - metering_secret => 'secrete', - rabbit_userid => 'ceilometer', - rabbit_password => 'an_even_bigger_secret', - rabbit_host => '127.0.0.1', - } - class { '::ceilometer::db::mysql': - password => 'a_big_secret', - } - class { '::ceilometer::db': - database_connection => 'mysql+pymysql://ceilometer:a_big_secret@127.0.0.1/ceilometer?charset=utf8', - } - class { '::ceilometer::keystone::auth': - password => 'a_big_secret', - } - class { '::ceilometer::client': } - class { '::ceilometer::collector': } - class { '::ceilometer::expirer': } - class { '::ceilometer::agent::central': } - class { '::ceilometer::agent::notification': } - class { '::ceilometer::api': - enabled => true, - keystone_password => 'a_big_secret', - keystone_identity_uri => 'http://127.0.0.1:35357/', - service_name => 'httpd', - } - include ::apache - class { '::ceilometer::wsgi::apache': - ssl => false, - } - class { '::ceilometer::dispatcher::gnocchi': } - EOS - - - # Run it twice and test for idempotency - apply_manifest(pp, :catch_failures => true) - apply_manifest(pp, :catch_changes => true) - end - - describe port(8777) do - it { is_expected.to be_listening } - end - - describe cron do - it { is_expected.to have_entry('1 0 * * * ceilometer-expirer').with_user('ceilometer') } - end - - end -end diff --git a/ceilometer/spec/acceptance/nodesets/centos-70-x64.yml b/ceilometer/spec/acceptance/nodesets/centos-70-x64.yml deleted file mode 100644 index 5f097e9fe..000000000 --- a/ceilometer/spec/acceptance/nodesets/centos-70-x64.yml +++ /dev/null @@ -1,11 +0,0 @@ -HOSTS: - centos-server-70-x64: - roles: - - master - platform: el-7-x86_64 - box: puppetlabs/centos-7.0-64-nocm - box_url: https://vagrantcloud.com/puppetlabs/centos-7.0-64-nocm - hypervisor: vagrant -CONFIG: - log_level: debug - type: foss diff --git a/ceilometer/spec/acceptance/nodesets/default.yml b/ceilometer/spec/acceptance/nodesets/default.yml deleted file mode 100644 index 486b6a34e..000000000 --- a/ceilometer/spec/acceptance/nodesets/default.yml +++ /dev/null @@ -1,10 +0,0 @@ -HOSTS: - ubuntu-server-14.04-amd64: - roles: - - master - platform: ubuntu-14.04-amd64 - box: puppetlabs/ubuntu-14.04-64-nocm - box_url: https://vagrantcloud.com/puppetlabs/ubuntu-14.04-64-nocm - hypervisor: vagrant -CONFIG: - type: foss diff --git a/ceilometer/spec/acceptance/nodesets/nodepool-centos7.yml b/ceilometer/spec/acceptance/nodesets/nodepool-centos7.yml deleted file mode 100644 index c55287420..000000000 --- a/ceilometer/spec/acceptance/nodesets/nodepool-centos7.yml +++ /dev/null @@ -1,10 +0,0 @@ -HOSTS: - centos-70-x64: - roles: - - master - platform: el-7-x86_64 - hypervisor: none - ip: 127.0.0.1 -CONFIG: - type: foss - set_env: false diff --git a/ceilometer/spec/acceptance/nodesets/nodepool-trusty.yml b/ceilometer/spec/acceptance/nodesets/nodepool-trusty.yml deleted file mode 100644 index 9fc624e24..000000000 --- a/ceilometer/spec/acceptance/nodesets/nodepool-trusty.yml +++ /dev/null @@ -1,10 +0,0 @@ -HOSTS: - ubuntu-14.04-amd64: - roles: - - master - platform: ubuntu-14.04-amd64 - hypervisor: none - ip: 127.0.0.1 -CONFIG: - type: foss - set_env: false diff --git a/ceilometer/spec/acceptance/nodesets/ubuntu-server-1404-x64.yml b/ceilometer/spec/acceptance/nodesets/ubuntu-server-1404-x64.yml deleted file mode 100644 index 8001929b2..000000000 --- a/ceilometer/spec/acceptance/nodesets/ubuntu-server-1404-x64.yml +++ /dev/null @@ -1,11 +0,0 @@ -HOSTS: - ubuntu-server-14.04-amd64: - roles: - - master - platform: ubuntu-14.04-amd64 - box: puppetlabs/ubuntu-14.04-64-nocm - box_url: https://vagrantcloud.com/puppetlabs/ubuntu-14.04-64-nocm - hypervisor: vagrant -CONFIG: - log_level: debug - type: foss diff --git a/ceilometer/spec/classes/ceilometer_agent_auth_spec.rb b/ceilometer/spec/classes/ceilometer_agent_auth_spec.rb deleted file mode 100644 index b64f8b309..000000000 --- a/ceilometer/spec/classes/ceilometer_agent_auth_spec.rb +++ /dev/null @@ -1,68 +0,0 @@ -require 'spec_helper' - -describe 'ceilometer::agent::auth' do - - let :pre_condition do - "class { 'ceilometer': metering_secret => 's3cr3t' }" - end - - let :params do - { :auth_url => 'http://localhost:5000', - :auth_region => '', - :auth_user => 'ceilometer', - :auth_password => 'password', - :auth_tenant_name => 'services', - } - end - - shared_examples_for 'ceilometer-agent-auth' do - - it 'configures authentication' do - is_expected.to contain_ceilometer_config('service_credentials/auth_url').with_value('http://localhost:5000') - is_expected.to contain_ceilometer_config('service_credentials/region_name').with_value('') - is_expected.to contain_ceilometer_config('service_credentials/username').with_value('ceilometer') - is_expected.to contain_ceilometer_config('service_credentials/password').with_value('password') - is_expected.to contain_ceilometer_config('service_credentials/password').with_value(params[:auth_password]).with_secret(true) - is_expected.to contain_ceilometer_config('service_credentials/project_name').with_value('services') - is_expected.to contain_ceilometer_config('service_credentials/ca_file').with(:ensure => 'absent') - is_expected.to contain_ceilometer_config('service_credentials/user_domain_name').with_value('Default') - is_expected.to contain_ceilometer_config('service_credentials/project_domain_name').with_value('Default') - is_expected.to contain_ceilometer_config('service_credentials/auth_type').with_value('password') - end - - context 'when overriding parameters' do - before do - params.merge!( - :auth_cacert => '/tmp/dummy.pem', - :auth_endpoint_type => 'internalURL', - :auth_type => 'password', - :auth_user_domain_name => 'MyDomain', - :auth_project_domain_name => 'MyProjDomain', - ) - end - it { is_expected.to contain_ceilometer_config('service_credentials/ca_file').with_value(params[:auth_cacert]) } - it { is_expected.to contain_ceilometer_config('service_credentials/interface').with_value(params[:auth_endpoint_type]) } - it { is_expected.to contain_ceilometer_config('service_credentials/user_domain_name').with_value(params[:auth_user_domain_name]) } - it { is_expected.to contain_ceilometer_config('service_credentials/project_domain_name').with_value(params[:auth_project_domain_name]) } - it { is_expected.to contain_ceilometer_config('service_credentials/auth_type').with_value(params[:auth_type]) } - end - - end - - context 'on Debian platforms' do - let :facts do - @default_facts.merge({ :osfamily => 'Debian' }) - end - - it_configures 'ceilometer-agent-auth' - end - - context 'on RedHat platforms' do - let :facts do - @default_facts.merge({ :osfamily => 'RedHat' }) - end - - it_configures 'ceilometer-agent-auth' - end - -end diff --git a/ceilometer/spec/classes/ceilometer_agent_central_spec.rb b/ceilometer/spec/classes/ceilometer_agent_central_spec.rb deleted file mode 100644 index b165bc853..000000000 --- a/ceilometer/spec/classes/ceilometer_agent_central_spec.rb +++ /dev/null @@ -1,105 +0,0 @@ -require 'spec_helper' - -describe 'ceilometer::agent::central' do - - let :pre_condition do - "class { 'ceilometer': metering_secret => 's3cr3t' }" - end - - let :params do - { :enabled => true, - :manage_service => true, - :package_ensure => 'latest', - :coordination_url => 'redis://localhost:6379' - } - end - - shared_examples_for 'ceilometer-agent-central' do - - it { is_expected.to contain_class('ceilometer::params') } - - it 'installs ceilometer-agent-central package' do - is_expected.to contain_package('ceilometer-agent-central').with( - :ensure => 'latest', - :name => platform_params[:agent_package_name], - :before => ['Service[ceilometer-agent-central]'], - :tag => ['openstack', 'ceilometer-package'], - ) - end - - it 'ensures ceilometer-common is installed before the service' do - is_expected.to contain_package('ceilometer-common').with( - :before => /Service\[ceilometer-agent-central\]/ - ) - end - - [{:enabled => true}, {:enabled => false}].each do |param_hash| - context "when service should be #{param_hash[:enabled] ? 'enabled' : 'disabled'}" do - before do - params.merge!(param_hash) - end - - it 'configures ceilometer-agent-central service' do - is_expected.to contain_service('ceilometer-agent-central').with( - :ensure => (params[:manage_service] && params[:enabled]) ? 'running' : 'stopped', - :name => platform_params[:agent_service_name], - :enable => params[:enabled], - :hasstatus => true, - :hasrestart => true, - :tag => 'ceilometer-service', - ) - end - end - end - - it 'configures central agent' do - is_expected.to contain_ceilometer_config('coordination/backend_url').with_value( params[:coordination_url] ) - end - - context 'with disabled service managing' do - before do - params.merge!({ - :manage_service => false, - :enabled => false }) - end - - it 'configures ceilometer-agent-central service' do - is_expected.to contain_service('ceilometer-agent-central').with( - :ensure => nil, - :name => platform_params[:agent_service_name], - :enable => false, - :hasstatus => true, - :hasrestart => true, - :tag => 'ceilometer-service', - ) - end - end - - end - - context 'on Debian platforms' do - let :facts do - @default_facts.merge({ :osfamily => 'Debian' }) - end - - let :platform_params do - { :agent_package_name => 'ceilometer-agent-central', - :agent_service_name => 'ceilometer-agent-central' } - end - - it_configures 'ceilometer-agent-central' - end - - context 'on RedHat platforms' do - let :facts do - @default_facts.merge({ :osfamily => 'RedHat' }) - end - - let :platform_params do - { :agent_package_name => 'openstack-ceilometer-central', - :agent_service_name => 'openstack-ceilometer-central' } - end - - it_configures 'ceilometer-agent-central' - end -end diff --git a/ceilometer/spec/classes/ceilometer_agent_compute_spec.rb b/ceilometer/spec/classes/ceilometer_agent_compute_spec.rb deleted file mode 100644 index bf51310f6..000000000 --- a/ceilometer/spec/classes/ceilometer_agent_compute_spec.rb +++ /dev/null @@ -1,131 +0,0 @@ -require 'spec_helper' - -describe 'ceilometer::agent::compute' do - - let :pre_condition do - "include nova\n" + - "include nova::compute\n" + - "class { 'ceilometer': metering_secret => 's3cr3t' }" - end - - let :params do - { :enabled => true, - :manage_service => true, - :package_ensure => 'installed' } - end - - shared_examples_for 'ceilometer-agent-compute' do - - it { is_expected.to contain_class('ceilometer::params') } - - it 'installs ceilometer-agent-compute package' do - is_expected.to contain_package('ceilometer-agent-compute').with( - :ensure => 'installed', - :name => platform_params[:agent_package_name], - :before => ['Service[ceilometer-agent-compute]'], - :tag => ['openstack', 'ceilometer-package'], - ) - end - - it 'adds ceilometer user to nova group and, if required, to libvirt group' do - if platform_params[:libvirt_group] - is_expected.to contain_user('ceilometer').with_groups(['nova', "#{platform_params[:libvirt_group]}"]) - else - is_expected.to contain_user('ceilometer').with_groups(['nova']) - end - end - - it 'ensures ceilometer-common is installed before the service' do - is_expected.to contain_package('ceilometer-common').with( - :before => /Service\[ceilometer-agent-compute\]/ - ) - end - - it 'ensures nova-common is installed before the package ceilometer-common' do - is_expected.to contain_package('nova-common').with( - :before => /Package\[ceilometer-common\]/ - ) - end - - [{:enabled => true}, {:enabled => false}].each do |param_hash| - context "when service should be #{param_hash[:enabled] ? 'enabled' : 'disabled'}" do - before do - params.merge!(param_hash) - end - - it 'configures ceilometer-agent-compute service' do - - is_expected.to contain_service('ceilometer-agent-compute').with( - :ensure => (params[:manage_service] && params[:enabled]) ? 'running' : 'stopped', - :name => platform_params[:agent_service_name], - :enable => params[:enabled], - :hasstatus => true, - :hasrestart => true, - :tag => 'ceilometer-service', - ) - end - end - end - - context 'with disabled service managing' do - before do - params.merge!({ - :manage_service => false, - :enabled => false }) - end - - it 'configures ceilometer-agent-compute service' do - is_expected.to contain_service('ceilometer-agent-compute').with( - :ensure => nil, - :name => platform_params[:agent_service_name], - :enable => false, - :hasstatus => true, - :hasrestart => true, - :tag => 'ceilometer-service', - ) - end - end - - end - - context 'on Debian platforms' do - let :facts do - @default_facts.merge({ :osfamily => 'Debian' }) - end - - let :platform_params do - { :agent_package_name => 'ceilometer-agent-compute', - :agent_service_name => 'ceilometer-agent-compute' } - end - - context 'on Ubuntu operating systems' do - before do - facts.merge!( :operatingsystem => 'Ubuntu' ) - platform_params.merge!( :libvirt_group => 'libvirtd' ) - end - - it_configures 'ceilometer-agent-compute' - end - - context 'on other operating systems' do - before do - platform_params.merge!( :libvirt_group => 'libvirt' ) - end - - it_configures 'ceilometer-agent-compute' - end - end - - context 'on RedHat platforms' do - let :facts do - @default_facts.merge({ :osfamily => 'RedHat' }) - end - - let :platform_params do - { :agent_package_name => 'openstack-ceilometer-compute', - :agent_service_name => 'openstack-ceilometer-compute' } - end - - it_configures 'ceilometer-agent-compute' - end -end diff --git a/ceilometer/spec/classes/ceilometer_agent_notification_spec.rb b/ceilometer/spec/classes/ceilometer_agent_notification_spec.rb deleted file mode 100644 index 5e24bdf8c..000000000 --- a/ceilometer/spec/classes/ceilometer_agent_notification_spec.rb +++ /dev/null @@ -1,206 +0,0 @@ -# -# Copyright (C) 2014 eNovance SAS -# -# Author: Emilien Macchi -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. You may obtain -# a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the -# License for the specific language governing permissions and limitations -# under the License. -# -# Unit tests for ceilometer::agent::notification -# - -require 'spec_helper' - -describe 'ceilometer::agent::notification' do - - let :pre_condition do - "class { 'ceilometer': metering_secret => 's3cr3t' }" - end - - let :params do - { :manage_service => true, - :enabled => true, - :ack_on_event_error => true, - :store_events => false } - end - - shared_examples_for 'ceilometer-agent-notification' do - - it { is_expected.to contain_class('ceilometer::params') } - - it 'installs ceilometer agent notification package' do - is_expected.to contain_package(platform_params[:agent_notification_package_name]).with( - :ensure => 'present', - :tag => 'openstack' - ) - end - - it 'configures notifications parameters in ceilometer.conf' do - is_expected.to contain_ceilometer_config('notification/workers').with_value('') - is_expected.to contain_ceilometer_config('notification/ack_on_event_error').with_value( params[:ack_on_event_error] ) - is_expected.to contain_ceilometer_config('notification/store_events').with_value( params[:store_events] ) - is_expected.to contain_ceilometer_config('notification/disable_non_metric_meters').with_value('') - end - - context 'with disabled non-metric meters' do - before do - params.merge!({ :disable_non_metric_meters => true }) - end - it 'disables non-metric meters' do - is_expected.to contain_ceilometer_config('notification/disable_non_metric_meters').with_value(params[:disable_non_metric_meters]) - end - end - - [{:enabled => true}, {:enabled => false}].each do |param_hash| - context "when service should be #{param_hash[:enabled] ? 'enabled' : 'disabled'}" do - before do - params.merge!(param_hash) - end - - it 'configures ceilometer agent notification service' do - is_expected.to contain_service('ceilometer-agent-notification').with( - :ensure => (params[:manage_service] && params[:enabled]) ? 'running' : 'stopped', - :name => platform_params[:agent_notification_service_name], - :enable => params[:enabled], - :hasstatus => true, - :hasrestart => true, - :tag => 'ceilometer-service' - ) - end - end - end - - context 'with disabled service managing' do - before do - params.merge!({ - :manage_service => false, - :enabled => false }) - end - - it 'configures ceilometer-agent-notification service' do - is_expected.to contain_service('ceilometer-agent-notification').with( - :ensure => nil, - :name => platform_params[:agent_notification_service_name], - :enable => false, - :hasstatus => true, - :hasrestart => true, - :tag => 'ceilometer-service' - ) - end - end - - context 'with multiple messaging urls' do - before do - params.merge!({ - :messaging_urls => ['rabbit://rabbit_user:password@localhost/nova', - 'rabbit://rabbit_user:password@localhost/neutron'] }) - end - - it 'configures two messaging urls' do - is_expected.to contain_ceilometer_config('notification/messaging_urls').with_value( - ['rabbit://rabbit_user:password@localhost/nova', 'rabbit://rabbit_user:password@localhost/neutron'] - ) - end - end - end - - context 'on Debian platforms' do - let :facts do - @default_facts.merge({ :osfamily => 'Debian' }) - end - - let :platform_params do - { :agent_notification_package_name => 'ceilometer-agent-notification', - :agent_notification_service_name => 'ceilometer-agent-notification' } - end - - it_configures 'ceilometer-agent-notification' - end - - context 'on RedHat platforms' do - let :facts do - @default_facts.merge({ :osfamily => 'RedHat' }) - end - - let :platform_params do - { :agent_notification_package_name => 'openstack-ceilometer-notification', - :agent_notification_service_name => 'openstack-ceilometer-notification' } - end - - it_configures 'ceilometer-agent-notification' - end - - context 'on RHEL 7' do - let :facts do - @default_facts.merge({ :osfamily => 'RedHat', - :operatingsystem => 'RedHat', - :operatingsystemmajrelease => 7 - }) - end - - let :platform_params do - { :agent_notification_package_name => 'openstack-ceilometer-notification', - :agent_notification_service_name => 'openstack-ceilometer-notification' } - end - - it_configures 'ceilometer-agent-notification' - end - - context 'on CentOS 7' do - let :facts do - @default_facts.merge({ :osfamily => 'RedHat', - :operatingsystem => 'CentOS', - :operatingsystemmajrelease => 7 - }) - end - - let :platform_params do - { :agent_notification_package_name => 'openstack-ceilometer-notification', - :agent_notification_service_name => 'openstack-ceilometer-notification' } - end - - it_configures 'ceilometer-agent-notification' - end - - context 'on Scientific 7' do - let :facts do - @default_facts.merge({ :osfamily => 'RedHat', - :operatingsystem => 'Scientific', - :operatingsystemmajrelease => 7 - }) - end - - let :platform_params do - { :agent_notification_package_name => 'openstack-ceilometer-notification', - :agent_notification_service_name => 'openstack-ceilometer-notification' } - end - - it_configures 'ceilometer-agent-notification' - end - - context 'on Fedora 20' do - let :facts do - @default_facts.merge({ :osfamily => 'RedHat', - :operatingsystem => 'Fedora', - :operatingsystemrelease => 20 - }) - end - - let :platform_params do - { :agent_notification_package_name => 'openstack-ceilometer-notification', - :agent_notification_service_name => 'openstack-ceilometer-notification' } - end - - it_configures 'ceilometer-agent-notification' - end - -end diff --git a/ceilometer/spec/classes/ceilometer_agent_polling_spec.rb b/ceilometer/spec/classes/ceilometer_agent_polling_spec.rb deleted file mode 100644 index 52bb60fab..000000000 --- a/ceilometer/spec/classes/ceilometer_agent_polling_spec.rb +++ /dev/null @@ -1,146 +0,0 @@ -require 'spec_helper' - -describe 'ceilometer::agent::polling' do - - let :pre_condition do - "include nova\n" + - "include nova::compute\n" + - "class { 'ceilometer': metering_secret => 's3cr3t' }" - end - - let :params do - { :enabled => true, - :manage_service => true, - :package_ensure => 'latest', - :central_namespace => true, - :compute_namespace => true, - :ipmi_namespace => true, - :coordination_url => 'redis://localhost:6379', - } - end - - shared_examples_for 'ceilometer-polling' do - - it { is_expected.to contain_class('ceilometer::params') } - - context 'when compute_namespace => true' do - it 'adds ceilometer user to nova group and, if required, to libvirt group' do - if platform_params[:libvirt_group] - is_expected.to contain_user('ceilometer').with_groups(['nova', "#{platform_params[:libvirt_group]}"]) - else - is_expected.to contain_user('ceilometer').with_groups(['nova']) - end - end - - it 'ensures nova-common is installed before the package ceilometer-common' do - is_expected.to contain_package('nova-common').with( - :before => /Package\[ceilometer-common\]/ - ) - end - end - - it 'installs ceilometer-polling package' do - is_expected.to contain_package('ceilometer-polling').with( - :ensure => 'latest', - :name => platform_params[:agent_package_name], - :before => ['Service[ceilometer-polling]'], - :tag => ['openstack', 'ceilometer-package'], - ) - end - - it 'configures central agent' do - is_expected.to contain_ceilometer_config('DEFAULT/polling_namespaces').with_value('central,compute,ipmi') - end - - it 'ensures ceilometer-common is installed before the service' do - is_expected.to contain_package('ceilometer-common').with( - :before => /Service\[ceilometer-polling\]/ - ) - end - - [{:enabled => true}, {:enabled => false}].each do |param_hash| - context "when service should be #{param_hash[:enabled] ? 'enabled' : 'disabled'}" do - before do - params.merge!(param_hash) - end - - it 'configures ceilometer-polling service' do - is_expected.to contain_service('ceilometer-polling').with( - :ensure => (params[:manage_service] && params[:enabled]) ? 'running' : 'stopped', - :name => platform_params[:agent_service_name], - :enable => params[:enabled], - :hasstatus => true, - :hasrestart => true, - :tag => 'ceilometer-service', - ) - end - end - end - - context 'with disabled service managing' do - before do - params.merge!({ - :manage_service => false, - :enabled => false }) - end - - it 'configures ceilometer-polling service' do - is_expected.to contain_service('ceilometer-polling').with( - :ensure => nil, - :name => platform_params[:agent_service_name], - :enable => false, - :hasstatus => true, - :hasrestart => true, - :tag => 'ceilometer-service', - ) - end - end - - it 'configures central agent' do - is_expected.to contain_ceilometer_config('coordination/backend_url').with_value( params[:coordination_url] ) - end - - end - - context 'on Debian platforms' do - let :facts do - @default_facts.merge({ :osfamily => 'Debian' }) - end - - let :platform_params do - { :agent_package_name => 'ceilometer-polling', - :agent_service_name => 'ceilometer-polling' } - end - - context 'on Ubuntu operating systems' do - before do - facts.merge!( :operatingsystem => 'Ubuntu' ) - platform_params.merge!( :libvirt_group => 'libvirtd' ) - end - - it_configures 'ceilometer-polling' - end - - context 'on other operating systems' do - before do - platform_params.merge!( :libvirt_group => 'libvirt' ) - end - - it_configures 'ceilometer-polling' - end - - end - - context 'on RedHat platforms' do - let :facts do - @default_facts.merge({ :osfamily => 'RedHat' }) - end - - let :platform_params do - { :agent_package_name => 'openstack-ceilometer-polling', - :agent_service_name => 'openstack-ceilometer-polling' } - end - - it_configures 'ceilometer-polling' - end -end diff --git a/ceilometer/spec/classes/ceilometer_api_spec.rb b/ceilometer/spec/classes/ceilometer_api_spec.rb deleted file mode 100644 index 145787dd5..000000000 --- a/ceilometer/spec/classes/ceilometer_api_spec.rb +++ /dev/null @@ -1,196 +0,0 @@ -require 'spec_helper' - -describe 'ceilometer::api' do - - let :pre_condition do - "class { 'ceilometer': metering_secret => 's3cr3t' } - include ::ceilometer::db" - end - - let :params do - { :enabled => true, - :manage_service => true, - :keystone_user => 'ceilometer', - :keystone_password => 'ceilometer-passw0rd', - :keystone_tenant => 'services', - :host => '0.0.0.0', - :port => '8777', - :package_ensure => 'latest', - } - end - - shared_examples_for 'ceilometer-api' do - - context 'without required parameter keystone_password' do - before { params.delete(:keystone_password) } - it { expect { is_expected.to raise_error(Puppet::Error) } } - end - - it { is_expected.to contain_class('ceilometer::params') } - it { is_expected.to contain_class('ceilometer::policy') } - - it 'installs ceilometer-api package' do - is_expected.to contain_package('ceilometer-api').with( - :ensure => 'latest', - :name => platform_params[:api_package_name], - :tag => ['openstack', 'ceilometer-package'], - ) - end - - it 'configures keystone authentication middleware' do - is_expected.to contain_ceilometer_config('keystone_authtoken/admin_tenant_name').with_value( params[:keystone_tenant] ) - is_expected.to contain_ceilometer_config('keystone_authtoken/admin_user').with_value( params[:keystone_user] ) - is_expected.to contain_ceilometer_config('keystone_authtoken/admin_password').with_value( params[:keystone_password] ) - is_expected.to contain_ceilometer_config('keystone_authtoken/admin_password').with_value( params[:keystone_password] ).with_secret(true) - is_expected.to contain_ceilometer_config('keystone_authtoken/auth_uri').with_value("http://127.0.0.1:5000/") - is_expected.to contain_ceilometer_config('keystone_authtoken/identity_uri').with_value("http://127.0.0.1:35357/") - is_expected.to contain_ceilometer_config('api/host').with_value( params[:host] ) - is_expected.to contain_ceilometer_config('api/port').with_value( params[:port] ) - is_expected.to contain_ceilometer_config('api/workers').with_value('') - end - - [{:enabled => true}, {:enabled => false}].each do |param_hash| - context "when service should be #{param_hash[:enabled] ? 'enabled' : 'disabled'}" do - before do - params.merge!(param_hash) - end - - it 'configures ceilometer-api service' do - is_expected.to contain_service('ceilometer-api').with( - :ensure => (params[:manage_service] && params[:enabled]) ? 'running' : 'stopped', - :name => platform_params[:api_service_name], - :enable => params[:enabled], - :hasstatus => true, - :hasrestart => true, - :require => 'Class[Ceilometer::Db]', - :tag => 'ceilometer-service', - ) - end - end - end - - context 'with disabled service managing' do - before do - params.merge!({ - :manage_service => false, - :enabled => false }) - end - - it 'configures ceilometer-api service' do - is_expected.to contain_service('ceilometer-api').with( - :ensure => nil, - :name => platform_params[:api_service_name], - :enable => false, - :hasstatus => true, - :hasrestart => true, - :tag => 'ceilometer-service', - ) - end - end - - context 'when running ceilometer-api in wsgi' do - before do - params.merge!({ :service_name => 'httpd' }) - end - - let :pre_condition do - "include ::apache - include ::ceilometer::db - class { 'ceilometer': metering_secret => 's3cr3t' }" - end - - it 'configures ceilometer-api service with Apache' do - is_expected.to contain_service('ceilometer-api').with( - :ensure => 'stopped', - :name => platform_params[:api_service_name], - :enable => false, - :tag => 'ceilometer-service', - ) - end - end - - context 'when service_name is not valid' do - before do - params.merge!({ :service_name => 'foobar' }) - end - - let :pre_condition do - "include ::apache - include ::ceilometer::db - class { 'ceilometer': metering_secret => 's3cr3t' }" - end - - it_raises 'a Puppet::Error', /Invalid service_name/ - end - end - - context 'on Debian platforms' do - let :facts do - @default_facts.merge({ :osfamily => 'Debian', - :operatingsystem => 'Debian', - :operatingsystemrelease => '8.0', - :concat_basedir => '/var/lib/puppet/concat', - :fqdn => 'some.host.tld', - :processorcount => 2 }) - end - - let :platform_params do - { :api_package_name => 'ceilometer-api', - :api_service_name => 'ceilometer-api' } - end - - it_configures 'ceilometer-api' - end - - context 'on RedHat platforms' do - let :facts do - @default_facts.merge({ :osfamily => 'RedHat', - :operatingsystem => 'RedHat', - :operatingsystemrelease => '7.1', - :operatingsystemmajrelease => '7', - :fqdn => 'some.host.tld', - :concat_basedir => '/var/lib/puppet/concat', - :processorcount => 2 }) - end - - let :platform_params do - { :api_package_name => 'openstack-ceilometer-api', - :api_service_name => 'openstack-ceilometer-api' } - end - - it_configures 'ceilometer-api' - end - - describe "with deprecated custom keystone_identity_uri and keystone_auth_uri" do - let :facts do - @default_facts.merge({ :osfamily => 'RedHat' }) - end - before do - params.merge!({ - :keystone_identity_uri => 'https://foo.bar:35357/', - :keystone_auth_uri => 'https://foo.bar:5000/', - }) - end - it 'configures identity_uri and auth_uri but deprecates old auth settings' do - is_expected.to contain_ceilometer_config('keystone_authtoken/identity_uri').with_value("https://foo.bar:35357/"); - is_expected.to contain_ceilometer_config('keystone_authtoken/auth_uri').with_value("https://foo.bar:5000/"); - end - end - - describe "with custom keystone identity_uri and auth_uri" do - let :facts do - @default_facts.merge({ :osfamily => 'RedHat' }) - end - before do - params.merge!({ - :identity_uri => 'https://foo.bar:35357/', - :auth_uri => 'https://foo.bar:5000/', - }) - end - it 'configures identity_uri and auth_uri but deprecates old auth settings' do - is_expected.to contain_ceilometer_config('keystone_authtoken/identity_uri').with_value("https://foo.bar:35357/"); - is_expected.to contain_ceilometer_config('keystone_authtoken/auth_uri').with_value("https://foo.bar:5000/"); - end - end - -end diff --git a/ceilometer/spec/classes/ceilometer_client_spec.rb b/ceilometer/spec/classes/ceilometer_client_spec.rb deleted file mode 100644 index 99f2e2915..000000000 --- a/ceilometer/spec/classes/ceilometer_client_spec.rb +++ /dev/null @@ -1,41 +0,0 @@ -require 'spec_helper' - -describe 'ceilometer::client' do - - shared_examples_for 'ceilometer client' do - - it { is_expected.to contain_class('ceilometer::params') } - - it 'installs ceilometer client package' do - is_expected.to contain_package('python-ceilometerclient').with( - :ensure => 'present', - :name => platform_params[:client_package_name], - :tag => 'openstack', - ) - end - end - - context 'on Debian platforms' do - let :facts do - @default_facts.merge({ :osfamily => 'Debian' }) - end - - let :platform_params do - { :client_package_name => 'python-ceilometerclient' } - end - - it_configures 'ceilometer client' - end - - context 'on RedHat platforms' do - let :facts do - @default_facts.merge({ :osfamily => 'RedHat' }) - end - - let :platform_params do - { :client_package_name => 'python-ceilometerclient' } - end - - it_configures 'ceilometer client' - end -end diff --git a/ceilometer/spec/classes/ceilometer_collector_spec.rb b/ceilometer/spec/classes/ceilometer_collector_spec.rb deleted file mode 100644 index 6c74e2ba0..000000000 --- a/ceilometer/spec/classes/ceilometer_collector_spec.rb +++ /dev/null @@ -1,141 +0,0 @@ -require 'spec_helper' - -describe 'ceilometer::collector' do - - let :pre_condition do - "class { 'ceilometer': metering_secret => 's3cr3t' }" - end - - shared_examples_for 'ceilometer-collector' do - - context 'when invalid ip is passed' do - let :params do - { :udp_address => '300.0.0.0' } - end - it 'should fail' do - is_expected.to raise_error(Puppet::Error, /is not a valid ip and is not empty/) - end - end - - context 'when a valid ipv6 is passed' do - before do - pre_condition << "class { 'ceilometer::db': }" - end - let :params do - { :udp_address => '::1' } - end - it 'shouldn\'t fail' do - is_expected.to_not raise_error - end - end - - context 'when an empty string passed' do - before do - pre_condition << "class { 'ceilometer::db': }" - end - let :params do - { :udp_address => '' } - end - it 'should disable the listener' do - is_expected.to contain_ceilometer_config('collector/udp_address').with_value( '' ) - end - end - - context 'when enabled' do - before do - pre_condition << "class { 'ceilometer::db': }" - end - - it { is_expected.to contain_class('ceilometer::params') } - - it 'configures ceilometer-collector server' do - is_expected.to contain_ceilometer_config('collector/udp_address').with_value( '0.0.0.0' ) - is_expected.to contain_ceilometer_config('collector/udp_port').with_value( '4952' ) - is_expected.to contain_ceilometer_config('collector/workers').with_value('') - is_expected.to contain_ceilometer_config('DEFAULT/meter_dispatchers').with_value( 'database' ) - is_expected.to contain_ceilometer_config('DEFAULT/event_dispatchers').with_value( 'database' ) - end - - it 'installs ceilometer-collector package' do - is_expected.to contain_package(platform_params[:collector_package_name]).with( - :ensure => 'present' - ) - end - - it 'configures ceilometer-collector service' do - is_expected.to contain_service('ceilometer-collector').with( - :ensure => 'running', - :name => platform_params[:collector_service_name], - :enable => true, - :hasstatus => true, - :hasrestart => true, - :tag => 'ceilometer-service' - ) - end - - end - - context 'when disabled' do - let :params do - { :enabled => false } - end - - # Catalog compilation does not crash for lack of ceilometer::db - it { is_expected.to compile } - it 'configures ceilometer-collector service' do - is_expected.to contain_service('ceilometer-collector').with( - :ensure => 'stopped', - :name => platform_params[:collector_service_name], - :enable => false, - :hasstatus => true, - :hasrestart => true, - :tag => 'ceilometer-service' - ) - end - end - - context 'when service management is disabled' do - let :params do - { :enabled => false, - :manage_service => false } - end - - it 'configures ceilometer-collector service' do - is_expected.to contain_service('ceilometer-collector').with( - :ensure => nil, - :name => platform_params[:collector_service_name], - :enable => false, - :hasstatus => true, - :hasrestart => true, - :tag => 'ceilometer-service' - ) - end - end - end - - context 'on Debian platforms' do - let :facts do - @default_facts.merge({ :osfamily => 'Debian' }) - end - - let :platform_params do - { :collector_package_name => 'ceilometer-collector', - :collector_service_name => 'ceilometer-collector' } - end - - it_configures 'ceilometer-collector' - end - - context 'on RedHat platforms' do - let :facts do - @default_facts.merge({ :osfamily => 'RedHat' }) - end - - let :platform_params do - { :collector_package_name => 'openstack-ceilometer-collector', - :collector_service_name => 'openstack-ceilometer-collector' } - end - - it_configures 'ceilometer-collector' - end -end diff --git a/ceilometer/spec/classes/ceilometer_config_spec.rb b/ceilometer/spec/classes/ceilometer_config_spec.rb deleted file mode 100644 index 44fdbba1e..000000000 --- a/ceilometer/spec/classes/ceilometer_config_spec.rb +++ /dev/null @@ -1,29 +0,0 @@ -require 'spec_helper' - -describe 'ceilometer::config' do - - let :params do - { :ceilometer_config => { - 'api/host' => { 'value' => '0.0.0.0'}, - 'api/port' => { 'value' => '8777'}, - }, - } - end - - it 'with [api] options ceilometer_config ' do - is_expected.to contain_ceilometer_config('api/host').with_value('0.0.0.0') - is_expected.to contain_ceilometer_config('api/port').with_value('8777') - end - - describe 'with [rpc_notifier2] options ceilometer_config' do - before do - params.merge!({ - :ceilometer_config => { 'rpc_notifier2/topics' => { 'value' => 'notifications'},}, - }) - end - it 'should configure rpc_notifier2 topics correctly' do - is_expected.to contain_ceilometer_config('rpc_notifier2/topics').with_value('notifications') - end - - end -end diff --git a/ceilometer/spec/classes/ceilometer_db_mysql_spec.rb b/ceilometer/spec/classes/ceilometer_db_mysql_spec.rb deleted file mode 100644 index 610f4fc53..000000000 --- a/ceilometer/spec/classes/ceilometer_db_mysql_spec.rb +++ /dev/null @@ -1,90 +0,0 @@ -require 'spec_helper' - -describe 'ceilometer::db::mysql' do - - let :pre_condition do - 'include mysql::server' - end - - let :params do - { :password => 's3cr3t', - :dbname => 'ceilometer', - :user => 'ceilometer', - :host => 'localhost', - :charset => 'utf8', - :collate => 'utf8_general_ci', - } - end - - shared_examples_for 'ceilometer mysql database' do - - context 'when omiting the required parameter password' do - before { params.delete(:password) } - it { expect { is_expected.to raise_error(Puppet::Error) } } - end - - it 'creates a mysql database' do - is_expected.to contain_openstacklib__db__mysql( params[:dbname] ).with( - :user => params[:user], - :password_hash => '*58C036CDA51D8E8BBBBF2F9EA5ABF111ADA444F0', - :host => params[:host], - :charset => params[:charset] - ) - end - end - - context 'on Debian platforms' do - let :facts do - @default_facts.merge({ :osfamily => 'Debian' }) - end - - it_configures 'ceilometer mysql database' - end - - context 'on RedHat platforms' do - let :facts do - @default_facts.merge({ :osfamily => 'RedHat' }) - end - - it_configures 'ceilometer mysql database' - end - - describe "overriding allowed_hosts param to array" do - let :facts do - @default_facts.merge({ :osfamily => "Debian" }) - end - let :params do - { - :password => 'ceilometerpass', - :allowed_hosts => ['localhost','%'] - } - end - - end - - describe "overriding allowed_hosts param to string" do - let :facts do - @default_facts.merge({ :osfamily => 'RedHat' }) - end - let :params do - { - :password => 'ceilometerpass2', - :allowed_hosts => '192.168.1.1' - } - end - - end - - describe "overriding allowed_hosts param equals to host param " do - let :facts do - @default_facts.merge({ :osfamily => 'RedHat' }) - end - let :params do - { - :password => 'ceilometerpass2', - :allowed_hosts => 'localhost' - } - end - - end -end diff --git a/ceilometer/spec/classes/ceilometer_db_postgresql_spec.rb b/ceilometer/spec/classes/ceilometer_db_postgresql_spec.rb deleted file mode 100644 index bec9dad0f..000000000 --- a/ceilometer/spec/classes/ceilometer_db_postgresql_spec.rb +++ /dev/null @@ -1,58 +0,0 @@ -require 'spec_helper' - -describe 'ceilometer::db::postgresql' do - - let :req_params do - { :password => 'pw' } - end - - let :pre_condition do - 'include postgresql::server' - end - - context 'on a RedHat osfamily' do - let :facts do - @default_facts.merge({ - :osfamily => 'RedHat', - :operatingsystemrelease => '7.0', - :concat_basedir => '/var/lib/puppet/concat' - }) - end - - context 'with only required parameters' do - let :params do - req_params - end - - it { is_expected.to contain_postgresql__server__db('ceilometer').with( - :user => 'ceilometer', - :password => 'md52899c518e96bce6633ab342b0ca38292' - )} - end - - end - - context 'on a Debian osfamily' do - let :facts do - @default_facts.merge({ - :operatingsystemrelease => '7.8', - :operatingsystem => 'Debian', - :osfamily => 'Debian', - :concat_basedir => '/var/lib/puppet/concat' - }) - end - - context 'with only required parameters' do - let :params do - req_params - end - - it { is_expected.to contain_postgresql__server__db('ceilometer').with( - :user => 'ceilometer', - :password => 'md52899c518e96bce6633ab342b0ca38292' - )} - end - - end - -end diff --git a/ceilometer/spec/classes/ceilometer_db_spec.rb b/ceilometer/spec/classes/ceilometer_db_spec.rb deleted file mode 100644 index c56d25446..000000000 --- a/ceilometer/spec/classes/ceilometer_db_spec.rb +++ /dev/null @@ -1,150 +0,0 @@ -require 'spec_helper' - -describe 'ceilometer::db' do - - shared_examples 'ceilometer::db' do - - context 'with default parameters' do - - it { is_expected.to contain_class('ceilometer::params') } - it { is_expected.to contain_class('ceilometer::db::sync') } - it { is_expected.to contain_ceilometer_config('database/connection').with_value('mysql://ceilometer:ceilometer@localhost/ceilometer').with_secret(true) } - it { is_expected.to contain_ceilometer_config('database/idle_timeout').with_value('') } - it { is_expected.to contain_ceilometer_config('database/min_pool_size').with_value('') } - it { is_expected.to contain_ceilometer_config('database/max_retries').with_value('') } - it { is_expected.to contain_ceilometer_config('database/retry_interval').with_value('') } - - end - - context 'with specific parameters' do - let :params do - { :database_connection => 'mongodb://localhost:1234/ceilometer', - :database_idle_timeout => '3601', - :database_min_pool_size => '2', - :database_max_retries => '11', - :database_retry_interval => '11', - :sync_db => false } - end - - it { is_expected.to contain_class('ceilometer::params') } - it { is_expected.not_to contain_class('ceilometer::db::sync') } - it { is_expected.to contain_ceilometer_config('database/connection').with_value('mongodb://localhost:1234/ceilometer').with_secret(true) } - it { is_expected.to contain_ceilometer_config('database/idle_timeout').with_value('3601') } - it { is_expected.to contain_ceilometer_config('database/min_pool_size').with_value('2') } - it { is_expected.to contain_ceilometer_config('database/max_retries').with_value('11') } - it { is_expected.to contain_ceilometer_config('database/retry_interval').with_value('11') } - - end - - context 'with pymysql connection' do - let :params do - { :database_connection => 'mysql+pymysql://ceilometer:ceilometer@localhost/ceilometer' } - end - - it { is_expected.to contain_class('ceilometer::params') } - it { is_expected.to contain_class('ceilometer::db::sync') } - it { is_expected.to contain_ceilometer_config('database/connection').with_value('mysql+pymysql://ceilometer:ceilometer@localhost/ceilometer').with_secret(true) } - end - - context 'with mongodb backend' do - let :params do - { :database_connection => 'mongodb://localhost:1234/ceilometer' } - end - - it 'install the proper backend package' do - is_expected.to contain_package('ceilometer-backend-package').with( - :ensure => 'present', - :name => 'python-pymongo', - :tag => 'openstack' - ) - end - end - - context 'with incorrect database_connection string' do - let :params do - { :database_connection => 'redis://ceilometer:ceilometer@localhost/ceilometer', } - end - - it_raises 'a Puppet::Error', /validate_re/ - end - - context 'with postgresql backend' do - let :params do - { :database_connection => 'postgresql://ceilometer:ceilometer@localhost/ceilometer', } - end - - it 'install the proper backend package' do - is_expected.to contain_package('python-psycopg2').with(:ensure => 'present') - end - end - - context 'with incorrect pymysql database_connection string' do - let :params do - { :database_connection => 'foo+pymysql://ceilometer:ceilometer@localhost/ceilometer', } - end - - it_raises 'a Puppet::Error', /validate_re/ - end - - end - - context 'on Debian platforms' do - let :facts do - @default_facts.merge({ :osfamily => 'Debian', - :operatingsystem => 'Debian', - :operatingsystemrelease => 'jessie', - }) - end - - it_configures 'ceilometer::db' - - context 'using pymysql driver' do - let :params do - { :database_connection => 'mysql+pymysql:///ceilometer:ceilometer@localhost/ceilometer', } - end - - it 'install the proper backend package' do - is_expected.to contain_package('ceilometer-backend-package').with( - :ensure => 'present', - :name => 'python-pymysql', - :tag => 'openstack' - ) - end - end - - context 'with sqlite backend' do - let :params do - { :database_connection => 'sqlite:///var/lib/ceilometer.db', } - end - - it 'install the proper backend package' do - is_expected.to contain_package('ceilometer-backend-package').with( - :ensure => 'present', - :name => 'python-pysqlite2', - :tag => 'openstack' - ) - end - - end - end - - context 'on Redhat platforms' do - let :facts do - @default_facts.merge({ :osfamily => 'RedHat', - :operatingsystemrelease => '7.1', - }) - end - - it_configures 'ceilometer::db' - - context 'using pymysql driver' do - let :params do - { :database_connection => 'mysql+pymysql:///ceilometer:ceilometer@localhost/ceilometer', } - end - - it { is_expected.not_to contain_package('ceilometer-backend-package') } - end - end - -end - diff --git a/ceilometer/spec/classes/ceilometer_db_sync_spec.rb b/ceilometer/spec/classes/ceilometer_db_sync_spec.rb deleted file mode 100644 index 79f3186d0..000000000 --- a/ceilometer/spec/classes/ceilometer_db_sync_spec.rb +++ /dev/null @@ -1,62 +0,0 @@ -require 'spec_helper' - -describe 'ceilometer::db::sync' do - - shared_examples_for 'ceilometer-dbsync' do - - it 'runs ceilometer-dbsync' do - is_expected.to contain_exec('ceilometer-dbsync').with( - :command => 'ceilometer-dbsync --config-file=/etc/ceilometer/ceilometer.conf ', - :path => '/usr/bin', - :refreshonly => 'true', - :user => 'ceilometer', - :logoutput => 'on_failure' - ) - end - - describe 'overriding extra_params' do - let :params do - { - :extra_params => '--config-file=/etc/ceilometer/ceilometer_01.conf', - } - end - - it { is_expected.to contain_exec('ceilometer-dbsync').with( - :command => 'ceilometer-dbsync --config-file=/etc/ceilometer/ceilometer.conf --config-file=/etc/ceilometer/ceilometer_01.conf', - :path => '/usr/bin', - :user => 'ceilometer', - :refreshonly => 'true', - :logoutput => 'on_failure' - ) - } - end - - end - - - context 'on a RedHat osfamily' do - let :facts do - @default_facts.merge({ - :osfamily => 'RedHat', - :operatingsystemrelease => '7.0', - :concat_basedir => '/var/lib/puppet/concat' - }) - end - - it_configures 'ceilometer-dbsync' - end - - context 'on a Debian osfamily' do - let :facts do - { - :operatingsystemrelease => '7.8', - :operatingsystem => 'Debian', - :osfamily => 'Debian', - :concat_basedir => '/var/lib/puppet/concat' - } - end - - it_configures 'ceilometer-dbsync' - end - -end diff --git a/ceilometer/spec/classes/ceilometer_dispatcher_gnocchi_spec.rb b/ceilometer/spec/classes/ceilometer_dispatcher_gnocchi_spec.rb deleted file mode 100644 index 96d5dcbf8..000000000 --- a/ceilometer/spec/classes/ceilometer_dispatcher_gnocchi_spec.rb +++ /dev/null @@ -1,54 +0,0 @@ -require 'spec_helper' - -describe 'ceilometer::dispatcher::gnocchi' do - - let :pre_condition do - "class { 'ceilometer': metering_secret => 's3cr3t' }" - end - - let :params do - {} - end - - shared_examples_for 'ceilometer-gnocchi-dispatcher' do - it 'configures gnocchi dispatcher' do - is_expected.to contain_ceilometer_config('dispatcher_gnocchi/filter_service_activity').with_value('') - is_expected.to contain_ceilometer_config('dispatcher_gnocchi/filter_project').with_value('') - is_expected.to contain_ceilometer_config('dispatcher_gnocchi/url').with_value('') - is_expected.to contain_ceilometer_config('dispatcher_gnocchi/archive_policy').with_value('') - is_expected.to contain_ceilometer_config('dispatcher_gnocchi/resources_definition_file').with_value('') - end - - context 'when overriding parameters' do - before do - params.merge!(:filter_service_activity => false, - :filter_project => 'gnocchi_swift', - :url => 'http://foo', - :archive_policy => 'high', - :resources_definition_file => 'foo') - end - it { is_expected.to contain_ceilometer_config('dispatcher_gnocchi/filter_service_activity').with_value('false') } - it { is_expected.to contain_ceilometer_config('dispatcher_gnocchi/filter_project').with_value('gnocchi_swift') } - it { is_expected.to contain_ceilometer_config('dispatcher_gnocchi/url').with_value('http://foo') } - it { is_expected.to contain_ceilometer_config('dispatcher_gnocchi/archive_policy').with_value('high') } - it { is_expected.to contain_ceilometer_config('dispatcher_gnocchi/resources_definition_file').with_value('foo') } - end - end - - context 'on Debian platforms' do - let :facts do - @default_facts.merge({ :osfamily => 'Debian' }) - end - - it_configures 'ceilometer-gnocchi-dispatcher' - end - - context 'on RedHat platforms' do - let :facts do - @default_facts.merge({ :osfamily => 'RedHat' }) - end - - it_configures 'ceilometer-gnocchi-dispatcher' - end - -end diff --git a/ceilometer/spec/classes/ceilometer_expirer_spec.rb b/ceilometer/spec/classes/ceilometer_expirer_spec.rb deleted file mode 100644 index 765e613f1..000000000 --- a/ceilometer/spec/classes/ceilometer_expirer_spec.rb +++ /dev/null @@ -1,91 +0,0 @@ -# -# Copyright (C) 2013 eNovance SAS -# -# Author: Emilien Macchi -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. You may obtain -# a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the -# License for the specific language governing permissions and limitations -# under the License. -# -# Unit tests for ceilometer::expirer -# - -require 'spec_helper' - -describe 'ceilometer::expirer' do - - let :pre_condition do - "class { 'ceilometer': metering_secret => 's3cr3t' }" - end - - let :params do - {} - end - - shared_examples_for 'ceilometer-expirer' do - - it { is_expected.to contain_class('ceilometer::params') } - - it 'installs ceilometer common package' do - is_expected.to contain_package('ceilometer-common').with( - :ensure => 'present', - :name => platform_params[:common_package_name] - ) - end - - it 'configures a cron' do - is_expected.to contain_cron('ceilometer-expirer').with( - :command => 'ceilometer-expirer', - :environment => 'PATH=/bin:/usr/bin:/usr/sbin SHELL=/bin/sh', - :user => 'ceilometer', - :minute => 1, - :hour => 0, - :monthday => '*', - :month => '*', - :weekday => '*' - ) - end - - context 'with cron not enabled' do - before do - params.merge!({ - :enable_cron => false }) - end - it { is_expected.to_not contain_cron('ceilometer-expirer') } - end - - end - - context 'on Debian platforms' do - let :facts do - @default_facts.merge({ :osfamily => 'Debian' }) - end - - let :platform_params do - { :common_package_name => 'ceilometer-common' } - end - - it_configures 'ceilometer-expirer' - end - - context 'on RedHat platforms' do - let :facts do - @default_facts.merge({ :osfamily => 'RedHat' }) - end - - let :platform_params do - { :common_package_name => 'openstack-ceilometer-common' } - end - - it_configures 'ceilometer-expirer' - end - -end diff --git a/ceilometer/spec/classes/ceilometer_init_spec.rb b/ceilometer/spec/classes/ceilometer_init_spec.rb deleted file mode 100644 index 55f97ae4f..000000000 --- a/ceilometer/spec/classes/ceilometer_init_spec.rb +++ /dev/null @@ -1,300 +0,0 @@ -require 'spec_helper' - -describe 'ceilometer' do - - let :params do - { - :http_timeout => '600', - :event_time_to_live => '604800', - :metering_time_to_live => '604800', - :metering_secret => 'metering-s3cr3t', - :package_ensure => 'present', - :debug => 'False', - :log_dir => '/var/log/ceilometer', - :verbose => 'False', - :use_stderr => 'True', - } - end - - let :rabbit_params do - { - :rabbit_host => '127.0.0.1', - :rabbit_port => 5672, - :rabbit_userid => 'guest', - :rabbit_password => '', - :rabbit_virtual_host => '/', - } - end - - shared_examples_for 'ceilometer' do - - it 'configures time to live for events and meters' do - is_expected.to contain_ceilometer_config('database/event_time_to_live').with_value( params[:event_time_to_live] ) - is_expected.to contain_ceilometer_config('database/metering_time_to_live').with_value( params[:metering_time_to_live] ) - end - - it 'configures timeout for HTTP requests' do - is_expected.to contain_ceilometer_config('DEFAULT/http_timeout').with_value(params[:http_timeout]) - end - - context 'with rabbit_host parameter' do - before { params.merge!( rabbit_params ) } - it_configures 'a ceilometer base installation' - it_configures 'rabbit with SSL support' - it_configures 'rabbit without HA support (with backward compatibility)' - it_configures 'rabbit with connection heartbeats' - - context 'with rabbit_ha_queues' do - before { params.merge!( rabbit_params ).merge!( :rabbit_ha_queues => true ) } - it_configures 'rabbit with rabbit_ha_queues' - end - - end - - context 'with rabbit_hosts parameter' do - context 'with one server' do - before { params.merge!( rabbit_params ).merge!( :rabbit_hosts => ['127.0.0.1:5672'] ) } - it_configures 'a ceilometer base installation' - it_configures 'rabbit with SSL support' - it_configures 'rabbit without HA support (without backward compatibility)' - end - - context 'with multiple servers' do - before { params.merge!( rabbit_params ).merge!( :rabbit_hosts => ['rabbit1:5672', 'rabbit2:5672'] ) } - it_configures 'a ceilometer base installation' - it_configures 'rabbit with SSL support' - it_configures 'rabbit with HA support' - end - - context("with legacy rpc_backend value") do - before { params.merge!( rabbit_params ).merge!(:rpc_backend => 'ceilometer.openstack.common.rpc.impl_kombu') } - it { is_expected.to contain_ceilometer_config('DEFAULT/rpc_backend').with_value('ceilometer.openstack.common.rpc.impl_kombu') } - end - end - - end - - shared_examples_for 'a ceilometer base installation' do - - it { is_expected.to contain_class('ceilometer::logging') } - it { is_expected.to contain_class('ceilometer::params') } - - it 'configures ceilometer group' do - is_expected.to contain_group('ceilometer').with( - :name => 'ceilometer', - :require => 'Package[ceilometer-common]' - ) - end - - it 'configures ceilometer user' do - is_expected.to contain_user('ceilometer').with( - :name => 'ceilometer', - :gid => 'ceilometer', - :system => true, - :require => 'Package[ceilometer-common]' - ) - end - - it 'installs ceilometer common package' do - is_expected.to contain_package('ceilometer-common').with( - :ensure => 'present', - :name => platform_params[:common_package_name], - :tag => ['openstack', 'ceilometer-package'], - ) - end - - it 'configures required metering_secret' do - is_expected.to contain_ceilometer_config('publisher/metering_secret').with_value('metering-s3cr3t') - is_expected.to contain_ceilometer_config('publisher/metering_secret').with_value( params[:metering_secret] ).with_secret(true) - end - - context 'without the required metering_secret' do - before { params.delete(:metering_secret) } - it { expect { is_expected.to raise_error(Puppet::Error) } } - end - - it 'configures notification_topics' do - is_expected.to contain_ceilometer_config('DEFAULT/notification_topics').with_value('notifications') - end - - context 'with rabbitmq durable queues configured' do - before { params.merge!( :amqp_durable_queues => true ) } - it_configures 'rabbit with durable queues' - end - - context 'with overriden notification_topics parameter' do - before { params.merge!( :notification_topics => ['notifications', 'custom']) } - - it 'configures notification_topics' do - is_expected.to contain_ceilometer_config('DEFAULT/notification_topics').with_value('notifications,custom') - end - end - end - - shared_examples_for 'rabbit without HA support (with backward compatibility)' do - - it 'configures rabbit' do - is_expected.to contain_ceilometer_config('oslo_messaging_rabbit/rabbit_userid').with_value( params[:rabbit_userid] ) - is_expected.to contain_ceilometer_config('oslo_messaging_rabbit/rabbit_password').with_value( params[:rabbit_password] ) - is_expected.to contain_ceilometer_config('oslo_messaging_rabbit/rabbit_password').with_value( params[:rabbit_password] ).with_secret(true) - is_expected.to contain_ceilometer_config('oslo_messaging_rabbit/rabbit_virtual_host').with_value( params[:rabbit_virtual_host] ) - is_expected.to contain_ceilometer_config('oslo_messaging_rabbit/heartbeat_timeout_threshold').with_value('0') - is_expected.to contain_ceilometer_config('oslo_messaging_rabbit/heartbeat_rate').with_value('2') - end - - it { is_expected.to contain_ceilometer_config('oslo_messaging_rabbit/rabbit_host').with_value( params[:rabbit_host] ) } - it { is_expected.to contain_ceilometer_config('oslo_messaging_rabbit/rabbit_port').with_value( params[:rabbit_port] ) } - it { is_expected.to contain_ceilometer_config('oslo_messaging_rabbit/rabbit_hosts').with_value( "#{params[:rabbit_host]}:#{params[:rabbit_port]}" ) } - it { is_expected.to contain_ceilometer_config('oslo_messaging_rabbit/rabbit_ha_queues').with_value('false') } - - end - - shared_examples_for 'rabbit without HA support (without backward compatibility)' do - - it 'configures rabbit' do - is_expected.to contain_ceilometer_config('oslo_messaging_rabbit/rabbit_userid').with_value( params[:rabbit_userid] ) - is_expected.to contain_ceilometer_config('oslo_messaging_rabbit/rabbit_password').with_value( params[:rabbit_password] ) - is_expected.to contain_ceilometer_config('oslo_messaging_rabbit/rabbit_password').with_value( params[:rabbit_password] ).with_secret(true) - is_expected.to contain_ceilometer_config('oslo_messaging_rabbit/rabbit_virtual_host').with_value( params[:rabbit_virtual_host] ) - is_expected.to contain_ceilometer_config('oslo_messaging_rabbit/heartbeat_timeout_threshold').with_value('0') - is_expected.to contain_ceilometer_config('oslo_messaging_rabbit/heartbeat_rate').with_value('2') - end - - it { is_expected.to contain_ceilometer_config('oslo_messaging_rabbit/rabbit_host').with_ensure('absent') } - it { is_expected.to contain_ceilometer_config('oslo_messaging_rabbit/rabbit_port').with_ensure('absent') } - it { is_expected.to contain_ceilometer_config('oslo_messaging_rabbit/rabbit_hosts').with_value( params[:rabbit_hosts].join(',') ) } - it { is_expected.to contain_ceilometer_config('oslo_messaging_rabbit/rabbit_ha_queues').with_value('false') } - - end - - shared_examples_for 'rabbit with rabbit_ha_queues' do - - it 'configures rabbit' do - is_expected.to contain_ceilometer_config('oslo_messaging_rabbit/rabbit_ha_queues').with_value( params[:rabbit_ha_queues] ) - end - end - - shared_examples_for 'rabbit with HA support' do - - it 'configures rabbit' do - is_expected.to contain_ceilometer_config('oslo_messaging_rabbit/rabbit_userid').with_value( params[:rabbit_userid] ) - is_expected.to contain_ceilometer_config('oslo_messaging_rabbit/rabbit_password').with_value( params[:rabbit_password] ) - is_expected.to contain_ceilometer_config('oslo_messaging_rabbit/rabbit_password').with_value( params[:rabbit_password] ).with_secret(true) - is_expected.to contain_ceilometer_config('oslo_messaging_rabbit/rabbit_virtual_host').with_value( params[:rabbit_virtual_host] ) - is_expected.to contain_ceilometer_config('oslo_messaging_rabbit/heartbeat_timeout_threshold').with_value('0') - is_expected.to contain_ceilometer_config('oslo_messaging_rabbit/heartbeat_rate').with_value('2') - end - - it { is_expected.to contain_ceilometer_config('oslo_messaging_rabbit/rabbit_host').with_ensure('absent') } - it { is_expected.to contain_ceilometer_config('oslo_messaging_rabbit/rabbit_port').with_ensure('absent') } - it { is_expected.to contain_ceilometer_config('oslo_messaging_rabbit/rabbit_hosts').with_value( params[:rabbit_hosts].join(',') ) } - it { is_expected.to contain_ceilometer_config('oslo_messaging_rabbit/rabbit_ha_queues').with_value('true') } - - end - shared_examples_for 'rabbit with durable queues' do - it 'in ceilometer' do - is_expected.to contain_ceilometer_config('oslo_messaging_rabbit/amqp_durable_queues').with_value(true) - end - end - - shared_examples_for 'rabbit with connection heartbeats' do - context "with heartbeat configuration" do - before { params.merge!( - :rabbit_heartbeat_timeout_threshold => '60', - :rabbit_heartbeat_rate => '10' - ) } - - it { is_expected.to contain_ceilometer_config('oslo_messaging_rabbit/heartbeat_timeout_threshold').with_value('60') } - it { is_expected.to contain_ceilometer_config('oslo_messaging_rabbit/heartbeat_rate').with_value('10') } - end - end - - shared_examples_for 'rabbit with SSL support' do - context "with default parameters" do - it { is_expected.to contain_ceilometer_config('oslo_messaging_rabbit/rabbit_use_ssl').with_value('false') } - it { is_expected.to contain_ceilometer_config('oslo_messaging_rabbit/kombu_ssl_ca_certs').with_ensure('absent') } - it { is_expected.to contain_ceilometer_config('oslo_messaging_rabbit/kombu_ssl_certfile').with_ensure('absent') } - it { is_expected.to contain_ceilometer_config('oslo_messaging_rabbit/kombu_ssl_keyfile').with_ensure('absent') } - it { is_expected.to contain_ceilometer_config('oslo_messaging_rabbit/kombu_ssl_version').with_ensure('absent') } - end - - context "with SSL enabled with kombu" do - before { params.merge!( - :rabbit_use_ssl => 'true', - :kombu_ssl_ca_certs => '/path/to/ca.crt', - :kombu_ssl_certfile => '/path/to/cert.crt', - :kombu_ssl_keyfile => '/path/to/cert.key', - :kombu_ssl_version => 'TLSv1' - ) } - - it { is_expected.to contain_ceilometer_config('oslo_messaging_rabbit/rabbit_use_ssl').with_value('true') } - it { is_expected.to contain_ceilometer_config('oslo_messaging_rabbit/kombu_ssl_ca_certs').with_value('/path/to/ca.crt') } - it { is_expected.to contain_ceilometer_config('oslo_messaging_rabbit/kombu_ssl_certfile').with_value('/path/to/cert.crt') } - it { is_expected.to contain_ceilometer_config('oslo_messaging_rabbit/kombu_ssl_keyfile').with_value('/path/to/cert.key') } - it { is_expected.to contain_ceilometer_config('oslo_messaging_rabbit/kombu_ssl_version').with_value('TLSv1') } - end - - context "with SSL enabled without kombu" do - before { params.merge!( - :rabbit_use_ssl => 'true' - ) } - - it { is_expected.to contain_ceilometer_config('oslo_messaging_rabbit/rabbit_use_ssl').with_value('true') } - it { is_expected.to contain_ceilometer_config('oslo_messaging_rabbit/kombu_ssl_ca_certs').with_ensure('absent') } - it { is_expected.to contain_ceilometer_config('oslo_messaging_rabbit/kombu_ssl_certfile').with_ensure('absent') } - it { is_expected.to contain_ceilometer_config('oslo_messaging_rabbit/kombu_ssl_keyfile').with_ensure('absent') } - it { is_expected.to contain_ceilometer_config('oslo_messaging_rabbit/kombu_ssl_version').with_value('TLSv1') } - end - - context "with SSL wrongly configured" do - context 'with kombu_ssl_ca_certs parameter' do - before { params.merge!(:kombu_ssl_ca_certs => '/path/to/ca.crt') } - it_raises 'a Puppet::Error', /The kombu_ssl_ca_certs parameter requires rabbit_use_ssl to be set to true/ - end - - context 'with kombu_ssl_certfile parameter' do - before { params.merge!(:kombu_ssl_certfile => '/path/to/ssl/cert/file') } - it_raises 'a Puppet::Error', /The kombu_ssl_certfile parameter requires rabbit_use_ssl to be set to true/ - end - - context 'with kombu_ssl_keyfile parameter' do - before { params.merge!(:kombu_ssl_keyfile => '/path/to/ssl/keyfile') } - it_raises 'a Puppet::Error', /The kombu_ssl_keyfile parameter requires rabbit_use_ssl to be set to true/ - end - end - end - - shared_examples_for 'memcached support' do - context "with memcached enabled" do - before { params.merge!( - :memcached_servers => ['1.2.3.4','1.2.3.5'] - ) } - - it { is_expected.to contain_ceilometer_config('DEFAULT/memcached_servers').with_value('1.2.3.4,1.2.3.5') } - end - end - - context 'on Debian platforms' do - let :facts do - @default_facts.merge({ :osfamily => 'Debian' }) - end - - let :platform_params do - { :common_package_name => 'ceilometer-common' } - end - - it_configures 'ceilometer' - end - - context 'on RedHat platforms' do - let :facts do - @default_facts.merge({ :osfamily => 'RedHat' }) - end - - let :platform_params do - { :common_package_name => 'openstack-ceilometer-common' } - end - - it_configures 'ceilometer' - end -end diff --git a/ceilometer/spec/classes/ceilometer_keystone_auth_spec.rb b/ceilometer/spec/classes/ceilometer_keystone_auth_spec.rb deleted file mode 100644 index 1b85b99cd..000000000 --- a/ceilometer/spec/classes/ceilometer_keystone_auth_spec.rb +++ /dev/null @@ -1,212 +0,0 @@ -require 'spec_helper' - -describe 'ceilometer::keystone::auth' do - - let :default_params do - { - :email => 'ceilometer@localhost', - :auth_name => 'ceilometer', - :configure_endpoint => true, - :service_type => 'metering', - :region => 'RegionOne', - :tenant => 'services', - :public_url => 'http://127.0.0.1:8777', - :admin_url => 'http://127.0.0.1:8777', - :internal_url => 'http://127.0.0.1:8777', - } - end - - shared_examples_for 'ceilometer keystone auth' do - - context 'without the required password parameter' do - it { expect { is_expected.to raise_error(Puppet::Error) } } - end - - let :params do - { :password => 'ceil0met3r-passZord' } - end - - context 'with the required parameters' do - it 'configures ceilometer user' do - is_expected.to contain_keystone_user( default_params[:auth_name] ).with( - :ensure => 'present', - :password => params[:password], - :email => default_params[:email], - ) - end - - it 'configures ceilometer user roles' do - is_expected.to contain_keystone_user_role("#{default_params[:auth_name]}@#{default_params[:tenant]}").with( - :ensure => 'present', - :roles => ['admin','ResellerAdmin'] - ) - end - - it 'configures ceilometer service' do - is_expected.to contain_keystone_service("#{default_params[:auth_name]}::#{default_params[:service_type]}").with( - :ensure => 'present', - :description => 'Openstack Metering Service' - ) - end - - it 'configure ceilometer endpoints' do - is_expected.to contain_keystone_endpoint("#{default_params[:region]}/#{default_params[:auth_name]}::#{default_params[:service_type]}").with( - :ensure => 'present', - :public_url => default_params[:public_url], - :admin_url => default_params[:admin_url], - :internal_url => default_params[:internal_url] - ) - end - end - - context 'with overridden parameters' do - before do - params.merge!({ - :email => 'mighty-ceilometer@remotehost', - :auth_name => 'mighty-ceilometer', - :service_type => 'cloud-measuring', - :region => 'RegionFortyTwo', - :tenant => 'mighty-services', - :public_url => 'https://public.host:443/ceilometer_pub', - :admin_url => 'https://admin.host/ceilometer_adm', - :internal_url => 'http://internal.host:80/ceilometer_int', - }) - end - - it 'configures ceilometer user' do - is_expected.to contain_keystone_user( params[:auth_name] ).with( - :ensure => 'present', - :password => params[:password], - :email => params[:email], - ) - end - - it 'configures ceilometer user roles' do - is_expected.to contain_keystone_user_role("#{params[:auth_name]}@#{params[:tenant]}").with( - :ensure => 'present', - :roles => ['admin','ResellerAdmin'] - ) - end - - it 'configures ceilometer service' do - is_expected.to contain_keystone_service("#{params[:auth_name]}::#{params[:service_type]}").with( - :ensure => 'present', - :description => 'Openstack Metering Service' - ) - end - - it 'configure ceilometer endpoints' do - is_expected.to contain_keystone_endpoint("#{params[:region]}/#{params[:auth_name]}::#{params[:service_type]}").with( - :ensure => 'present', - :public_url => params[:public_url], - :admin_url => params[:admin_url], - :internal_url => params[:internal_url] - ) - end - - context 'with configure_endpoint = false' do - before do - params.delete!(:configure_endpoint) - it 'does not configure ceilometer endpoints' do - is_expected.to_not contain_keystone_endpoint("#{params[:region]}/#{params[:auth_name]}::#{params[:service_type]}") - end - end - end - end - - context 'with deprecated parameters' do - before do - params.merge!({ - :auth_name => 'mighty-ceilometer', - :region => 'RegionFortyTwo', - :public_address => '10.0.0.1', - :admin_address => '10.0.0.2', - :internal_address => '10.0.0.3', - :port => '65001', - :public_protocol => 'https', - :admin_protocol => 'ftp', - :internal_protocol => 'gopher', - :service_type => 'metering', - }) - end - - it 'configure ceilometer endpoints' do - is_expected.to contain_keystone_endpoint("#{params[:region]}/#{params[:auth_name]}::#{params[:service_type]}").with( - :ensure => 'present', - :public_url => "#{params[:public_protocol]}://#{params[:public_address]}:#{params[:port]}", - :admin_url => "#{params[:admin_protocol]}://#{params[:admin_address]}:#{params[:port]}", - :internal_url => "#{params[:internal_protocol]}://#{params[:internal_address]}:#{params[:port]}" - ) - end - end - - context 'when overriding service name' do - before do - params.merge!({ - :service_name => 'ceilometer_service' - }) - end - it 'configures correct user name' do - is_expected.to contain_keystone_user('ceilometer') - end - it 'configures correct user role' do - is_expected.to contain_keystone_user_role('ceilometer@services') - end - it 'configures correct service name' do - is_expected.to contain_keystone_service('ceilometer_service::metering') - end - it 'configures correct endpoint name' do - is_expected.to contain_keystone_endpoint('RegionOne/ceilometer_service::metering') - end - end - - context 'when disabling user configuration' do - before do - params.merge!( :configure_user => false ) - end - - it { is_expected.to_not contain_keystone_user('ceilometer') } - it { is_expected.to contain_keystone_user_role('ceilometer@services') } - - it { is_expected.to contain_keystone_service('ceilometer::metering').with( - :ensure => 'present', - :description => 'Openstack Metering Service' - )} - end - - context 'when disabling user and role configuration' do - before do - params.merge!( - :configure_user => false, - :configure_user_role => false - ) - end - - it { is_expected.to_not contain_keystone_user('ceilometer') } - it { is_expected.to_not contain_keystone_user_role('ceilometer@services') } - - it { is_expected.to contain_keystone_service('ceilometer::metering').with( - :ensure => 'present', - :description => 'Openstack Metering Service' - )} - end - - end - - context 'on Debian platforms' do - let :facts do - @default_facts.merge({ :osfamily => 'Debian' }) - end - - it_configures 'ceilometer keystone auth' - end - - context 'on RedHat platforms' do - let :facts do - @default_facts.merge({ :osfamily => 'RedHat' }) - end - - it_configures 'ceilometer keystone auth' - end - -end diff --git a/ceilometer/spec/classes/ceilometer_logging_spec.rb b/ceilometer/spec/classes/ceilometer_logging_spec.rb deleted file mode 100644 index 94e37b482..000000000 --- a/ceilometer/spec/classes/ceilometer_logging_spec.rb +++ /dev/null @@ -1,143 +0,0 @@ -require 'spec_helper' - -describe 'ceilometer::logging' do - - let :params do - { - } - end - - let :log_params do - { - :logging_context_format_string => '%(asctime)s.%(msecs)03d %(process)d %(levelname)s %(name)s [%(request_id)s %(user_identity)s] %(instance)s%(message)s', - :logging_default_format_string => '%(asctime)s.%(msecs)03d %(process)d %(levelname)s %(name)s [-] %(instance)s%(message)s', - :logging_debug_format_suffix => '%(funcName)s %(pathname)s:%(lineno)d', - :logging_exception_prefix => '%(asctime)s.%(msecs)03d %(process)d TRACE %(name)s %(instance)s', - :log_config_append => '/etc/ceilometer/logging.conf', - :publish_errors => true, - :default_log_levels => { - 'amqp' => 'WARN', 'amqplib' => 'WARN', 'boto' => 'WARN', - 'qpid' => 'WARN', 'sqlalchemy' => 'WARN', 'suds' => 'INFO', - 'iso8601' => 'WARN', - 'requests.packages.urllib3.connectionpool' => 'WARN' }, - :fatal_deprecations => true, - :instance_format => '[instance: %(uuid)s] ', - :instance_uuid_format => '[instance: %(uuid)s] ', - :log_date_format => '%Y-%m-%d %H:%M:%S', - :use_syslog => true, - :use_stderr => false, - :log_facility => 'LOG_FOO', - :log_dir => '/var/log', - :verbose => true, - :debug => true, - } - end - - shared_examples_for 'ceilometer-logging' do - - context 'with basic logging options and default settings' do - it_configures 'basic default logging settings' - end - - context 'with basic logging options and non-default settings' do - before { params.merge!( log_params ) } - it_configures 'basic non-default logging settings' - end - - context 'with extended logging options' do - before { params.merge!( log_params ) } - it_configures 'logging params set' - end - - context 'without extended logging options' do - it_configures 'logging params unset' - end - - end - - shared_examples 'basic default logging settings' do - it 'configures ceilometer logging settins with default values' do - is_expected.to contain_ceilometer_config('DEFAULT/use_syslog').with(:value => '') - is_expected.to contain_ceilometer_config('DEFAULT/use_stderr').with(:value => '') - is_expected.to contain_ceilometer_config('DEFAULT/log_dir').with(:value => '/var/log/ceilometer') - is_expected.to contain_ceilometer_config('DEFAULT/verbose').with(:value => '') - is_expected.to contain_ceilometer_config('DEFAULT/debug').with(:value => '') - end - end - - shared_examples 'basic non-default logging settings' do - it 'configures ceilometer logging settins with non-default values' do - is_expected.to contain_ceilometer_config('DEFAULT/use_syslog').with(:value => 'true') - is_expected.to contain_ceilometer_config('DEFAULT/use_stderr').with(:value => 'false') - is_expected.to contain_ceilometer_config('DEFAULT/syslog_log_facility').with(:value => 'LOG_FOO') - is_expected.to contain_ceilometer_config('DEFAULT/log_dir').with(:value => '/var/log') - is_expected.to contain_ceilometer_config('DEFAULT/verbose').with(:value => 'true') - is_expected.to contain_ceilometer_config('DEFAULT/debug').with(:value => 'true') - end - end - - shared_examples_for 'logging params set' do - it 'enables logging params' do - is_expected.to contain_ceilometer_config('DEFAULT/logging_context_format_string').with_value( - '%(asctime)s.%(msecs)03d %(process)d %(levelname)s %(name)s [%(request_id)s %(user_identity)s] %(instance)s%(message)s') - - is_expected.to contain_ceilometer_config('DEFAULT/logging_default_format_string').with_value( - '%(asctime)s.%(msecs)03d %(process)d %(levelname)s %(name)s [-] %(instance)s%(message)s') - - is_expected.to contain_ceilometer_config('DEFAULT/logging_debug_format_suffix').with_value( - '%(funcName)s %(pathname)s:%(lineno)d') - - is_expected.to contain_ceilometer_config('DEFAULT/logging_exception_prefix').with_value( - '%(asctime)s.%(msecs)03d %(process)d TRACE %(name)s %(instance)s') - - is_expected.to contain_ceilometer_config('DEFAULT/log_config_append').with_value( - '/etc/ceilometer/logging.conf') - is_expected.to contain_ceilometer_config('DEFAULT/publish_errors').with_value( - true) - - is_expected.to contain_ceilometer_config('DEFAULT/default_log_levels').with_value( - 'amqp=WARN,amqplib=WARN,boto=WARN,iso8601=WARN,qpid=WARN,requests.packages.urllib3.connectionpool=WARN,sqlalchemy=WARN,suds=INFO') - - is_expected.to contain_ceilometer_config('DEFAULT/fatal_deprecations').with_value( - true) - - is_expected.to contain_ceilometer_config('DEFAULT/instance_format').with_value( - '[instance: %(uuid)s] ') - - is_expected.to contain_ceilometer_config('DEFAULT/instance_uuid_format').with_value( - '[instance: %(uuid)s] ') - - is_expected.to contain_ceilometer_config('DEFAULT/log_date_format').with_value( - '%Y-%m-%d %H:%M:%S') - end - end - - - shared_examples_for 'logging params unset' do - [ :logging_context_format_string, :logging_default_format_string, - :logging_debug_format_suffix, :logging_exception_prefix, - :log_config_append, :publish_errors, - :default_log_levels, :fatal_deprecations, - :instance_format, :instance_uuid_format, - :log_date_format, ].each { |param| - it { is_expected.to contain_ceilometer_config("DEFAULT/#{param}").with_value('') } - } - end - - context 'on Debian platforms' do - let :facts do - @default_facts.merge({ :osfamily => 'Debian' }) - end - - it_configures 'ceilometer-logging' - end - - context 'on RedHat platforms' do - let :facts do - @default_facts.merge({ :osfamily => 'RedHat' }) - end - - it_configures 'ceilometer-logging' - end - -end diff --git a/ceilometer/spec/classes/ceilometer_policy_spec.rb b/ceilometer/spec/classes/ceilometer_policy_spec.rb deleted file mode 100644 index 7c1b5b0ef..000000000 --- a/ceilometer/spec/classes/ceilometer_policy_spec.rb +++ /dev/null @@ -1,41 +0,0 @@ -require 'spec_helper' - -describe 'ceilometer::policy' do - - shared_examples_for 'ceilometer policies' do - let :params do - { - :policy_path => '/etc/ceilometer/policy.json', - :policies => { - 'context_is_admin' => { - 'key' => 'context_is_admin', - 'value' => 'foo:bar' - } - } - } - end - - it 'set up the policies' do - is_expected.to contain_openstacklib__policy__base('context_is_admin').with({ - :key => 'context_is_admin', - :value => 'foo:bar' - }) - end - end - - context 'on Debian platforms' do - let :facts do - @default_facts.merge({ :osfamily => 'Debian' }) - end - - it_configures 'ceilometer policies' - end - - context 'on RedHat platforms' do - let :facts do - @default_facts.merge({ :osfamily => 'RedHat' }) - end - - it_configures 'ceilometer policies' - end -end diff --git a/ceilometer/spec/classes/ceilometer_wsgi_apache_spec.rb b/ceilometer/spec/classes/ceilometer_wsgi_apache_spec.rb deleted file mode 100644 index 54fcfb3a5..000000000 --- a/ceilometer/spec/classes/ceilometer_wsgi_apache_spec.rb +++ /dev/null @@ -1,128 +0,0 @@ -require 'spec_helper' - -describe 'ceilometer::wsgi::apache' do - - let :global_facts do - { - :processorcount => 42, - :concat_basedir => '/var/lib/puppet/concat', - :fqdn => 'some.host.tld' - } - end - - let :pre_condition do - "class { 'ceilometer': metering_secret => 's3cr3t' }" - end - - shared_examples_for 'apache serving ceilometer with mod_wsgi' do - it { is_expected.to contain_service('httpd').with_name(platform_parameters[:httpd_service_name]) } - it { is_expected.to contain_class('ceilometer::params') } - it { is_expected.to contain_class('apache') } - it { is_expected.to contain_class('apache::mod::wsgi') } - - describe 'with default parameters' do - - it { is_expected.to contain_file("#{platform_parameters[:wsgi_script_path]}").with( - 'ensure' => 'directory', - 'owner' => 'ceilometer', - 'group' => 'ceilometer', - 'require' => 'Package[httpd]' - )} - - - it { is_expected.to contain_file('ceilometer_wsgi').with( - 'ensure' => 'file', - 'path' => "#{platform_parameters[:wsgi_script_path]}/app", - 'source' => platform_parameters[:wsgi_script_source], - 'owner' => 'ceilometer', - 'group' => 'ceilometer', - 'mode' => '0644' - )} - it { is_expected.to contain_file('ceilometer_wsgi').that_requires("File[#{platform_parameters[:wsgi_script_path]}]") } - - it { is_expected.to contain_apache__vhost('ceilometer_wsgi').with( - 'servername' => 'some.host.tld', - 'ip' => nil, - 'port' => '8777', - 'docroot' => "#{platform_parameters[:wsgi_script_path]}", - 'docroot_owner' => 'ceilometer', - 'docroot_group' => 'ceilometer', - 'ssl' => 'true', - 'wsgi_daemon_process' => 'ceilometer', - 'wsgi_process_group' => 'ceilometer', - 'wsgi_script_aliases' => { '/' => "#{platform_parameters[:wsgi_script_path]}/app" }, - 'require' => 'File[ceilometer_wsgi]' - )} - it { is_expected.to contain_file("#{platform_parameters[:httpd_ports_file]}") } - end - - describe 'when overriding parameters using different ports' do - let :params do - { - :servername => 'dummy.host', - :bind_host => '10.42.51.1', - :port => 12345, - :ssl => false, - :workers => 37, - } - end - - it { is_expected.to contain_apache__vhost('ceilometer_wsgi').with( - 'servername' => 'dummy.host', - 'ip' => '10.42.51.1', - 'port' => '12345', - 'docroot' => "#{platform_parameters[:wsgi_script_path]}", - 'docroot_owner' => 'ceilometer', - 'docroot_group' => 'ceilometer', - 'ssl' => 'false', - 'wsgi_daemon_process' => 'ceilometer', - 'wsgi_process_group' => 'ceilometer', - 'wsgi_script_aliases' => { '/' => "#{platform_parameters[:wsgi_script_path]}/app" }, - 'require' => 'File[ceilometer_wsgi]' - )} - - it { is_expected.to contain_file("#{platform_parameters[:httpd_ports_file]}") } - end - end - - context 'on RedHat platforms' do - let :facts do - @default_facts.merge(global_facts.merge({ - :osfamily => 'RedHat', - :operatingsystemrelease => '7.0' - })) - end - - let :platform_parameters do - { - :httpd_service_name => 'httpd', - :httpd_ports_file => '/etc/httpd/conf/ports.conf', - :wsgi_script_path => '/var/www/cgi-bin/ceilometer', - :wsgi_script_source => '/usr/lib/python2.7/site-packages/ceilometer/api/app.wsgi' - } - end - - it_configures 'apache serving ceilometer with mod_wsgi' - end - - context 'on Debian platforms' do - let :facts do - @default_facts.merge(global_facts.merge({ - :osfamily => 'Debian', - :operatingsystem => 'Debian', - :operatingsystemrelease => '7.0' - })) - end - - let :platform_parameters do - { - :httpd_service_name => 'apache2', - :httpd_ports_file => '/etc/apache2/ports.conf', - :wsgi_script_path => '/usr/lib/cgi-bin/ceilometer', - :wsgi_script_source => '/usr/lib/python2.7/dist-packages/ceilometer/api/app.wsgi' - } - end - - it_configures 'apache serving ceilometer with mod_wsgi' - end -end diff --git a/ceilometer/spec/shared_examples.rb b/ceilometer/spec/shared_examples.rb deleted file mode 100644 index fec0eacc9..000000000 --- a/ceilometer/spec/shared_examples.rb +++ /dev/null @@ -1,5 +0,0 @@ -shared_examples_for "a Puppet::Error" do |description| - it "with message matching #{description.inspect}" do - expect { is_expected.to have_class_count(1) }.to raise_error(Puppet::Error, description) - end -end diff --git a/ceilometer/spec/spec_helper.rb b/ceilometer/spec/spec_helper.rb deleted file mode 100644 index be3811cf2..000000000 --- a/ceilometer/spec/spec_helper.rb +++ /dev/null @@ -1,18 +0,0 @@ -require 'puppetlabs_spec_helper/module_spec_helper' -require 'shared_examples' - -require 'puppet-openstack_spec_helper/defaults' -require 'rspec-puppet-facts' -include RspecPuppetFacts - -RSpec.configure do |c| - c.alias_it_should_behave_like_to :it_configures, 'configures' - c.alias_it_should_behave_like_to :it_raises, 'raises' - # TODO(aschultz): remove this after all tests converted to use OSDefaults - # instead of referencing @default_facts - c.before :each do - @default_facts = OSDefaults.get_facts - end -end - -at_exit { RSpec::Puppet::Coverage.report! } diff --git a/ceilometer/spec/spec_helper_acceptance.rb b/ceilometer/spec/spec_helper_acceptance.rb deleted file mode 100644 index 9196bc99b..000000000 --- a/ceilometer/spec/spec_helper_acceptance.rb +++ /dev/null @@ -1 +0,0 @@ -require 'puppet-openstack_spec_helper/beaker_spec_helper' diff --git a/ceilometer/spec/unit/provider/ceilometer_api_paste_ini/ini_setting_spec.rb b/ceilometer/spec/unit/provider/ceilometer_api_paste_ini/ini_setting_spec.rb deleted file mode 100644 index b52a2c3c8..000000000 --- a/ceilometer/spec/unit/provider/ceilometer_api_paste_ini/ini_setting_spec.rb +++ /dev/null @@ -1,28 +0,0 @@ -# these tests are a little concerning b/c they are hacking around the -# modulepath, so these tests will not catch issues that may eventually arise -# related to loading these plugins. -# I could not, for the life of me, figure out how to programatcally set the modulepath -$LOAD_PATH.push( - File.join( - File.dirname(__FILE__), - '..', - '..', - '..', - 'fixtures', - 'modules', - 'inifile', - 'lib') -) -require 'spec_helper' -provider_class = Puppet::Type.type(:ceilometer_api_paste_ini).provider(:ini_setting) -describe provider_class do - - it 'should allow setting to be set explicitly' do - resource = Puppet::Type::Ceilometer_api_paste_ini.new( - {:name => 'dude/foo', :value => 'bar'} - ) - provider = provider_class.new(resource) - expect(provider.section).to eq('dude') - expect(provider.setting).to eq('foo') - end -end diff --git a/ceilometer/spec/unit/provider/ceilometer_config/openstackconfig_spec.rb b/ceilometer/spec/unit/provider/ceilometer_config/openstackconfig_spec.rb deleted file mode 100644 index dd5e5d498..000000000 --- a/ceilometer/spec/unit/provider/ceilometer_config/openstackconfig_spec.rb +++ /dev/null @@ -1,72 +0,0 @@ -$LOAD_PATH.push( - File.join( - File.dirname(__FILE__), - '..', - '..', - '..', - 'fixtures', - 'modules', - 'inifile', - 'lib') -) -$LOAD_PATH.push( - File.join( - File.dirname(__FILE__), - '..', - '..', - '..', - 'fixtures', - 'modules', - 'openstacklib', - 'lib') -) - -require 'spec_helper' - -provider_class = Puppet::Type.type(:ceilometer_config).provider(:openstackconfig) - -describe provider_class do - - it 'should default to the default setting when no other one is specified' do - resource = Puppet::Type::Ceilometer_config.new( - { - :name => 'DEFAULT/foo', - :value => 'bar' - } - ) - provider = provider_class.new(resource) - expect(provider.section).to eq('DEFAULT') - expect(provider.setting).to eq('foo') - end - - it 'should allow setting to be set explicitly' do - resource = Puppet::Type::Ceilometer_config.new( - { - :name => 'dude/foo', - :value => 'bar' - } - ) - provider = provider_class.new(resource) - expect(provider.section).to eq('dude') - expect(provider.setting).to eq('foo') - end - - it 'should ensure absent when is specified as a value' do - resource = Puppet::Type::Ceilometer_config.new( - {:name => 'dude/foo', :value => ''} - ) - provider = provider_class.new(resource) - provider.exists? - expect(resource[:ensure]).to eq :absent - end - - it 'should ensure absent when value matches ensure_absent_val' do - resource = Puppet::Type::Ceilometer_config.new( - {:name => 'dude/foo', :value => 'foo', :ensure_absent_val => 'foo' } - ) - provider = provider_class.new(resource) - provider.exists? - expect(resource[:ensure]).to eq :absent - end - -end diff --git a/ceilometer/spec/unit/type/ceilometer_api_paste_ini_spec.rb b/ceilometer/spec/unit/type/ceilometer_api_paste_ini_spec.rb deleted file mode 100644 index ca5713991..000000000 --- a/ceilometer/spec/unit/type/ceilometer_api_paste_ini_spec.rb +++ /dev/null @@ -1,34 +0,0 @@ -require 'spec_helper' -# this hack is required for now to ensure that the path is set up correctly -# to retrive the parent provider -$LOAD_PATH.push( - File.join( - File.dirname(__FILE__), - '..', - '..', - 'fixtures', - 'modules', - 'inifile', - 'lib') -) -require 'puppet/type/ceilometer_api_paste_ini' -describe 'Puppet::Type.type(:ceilometer_api_paste_ini)' do - before :each do - @ceilometer_api_paste_ini = Puppet::Type.type(:ceilometer_api_paste_ini).new(:name => 'DEFAULT/foo', :value => 'bar') - end - it 'should accept a valid value' do - @ceilometer_api_paste_ini[:value] = 'bar' - expect(@ceilometer_api_paste_ini[:value]).to eq('bar') - end - - it 'should autorequire the package that install the file' do - catalog = Puppet::Resource::Catalog.new - package = Puppet::Type.type(:package).new(:name => 'ceilometer') - catalog.add_resource package, @ceilometer_api_paste_ini - dependency = @ceilometer_api_paste_ini.autorequire - expect(dependency.size).to eq(1) - expect(dependency[0].target).to eq(@ceilometer_api_paste_ini) - expect(dependency[0].source).to eq(package) - end - -end diff --git a/ceilometer/spec/unit/type/ceilometer_config_spec.rb b/ceilometer/spec/unit/type/ceilometer_config_spec.rb deleted file mode 100644 index 8ccfd8681..000000000 --- a/ceilometer/spec/unit/type/ceilometer_config_spec.rb +++ /dev/null @@ -1,64 +0,0 @@ -require 'puppet' -require 'puppet/type/ceilometer_config' - -describe 'Puppet::Type.type(:ceilometer_config)' do - before :each do - @ceilometer_config = Puppet::Type.type(:ceilometer_config).new(:name => 'DEFAULT/foo', :value => 'bar') - end - - it 'should require a name' do - expect { - Puppet::Type.type(:ceilometer_config).new({}) - }.to raise_error(Puppet::Error, 'Title or name must be provided') - end - - it 'should not expect a name with whitespace' do - expect { - Puppet::Type.type(:ceilometer_config).new(:name => 'f oo') - }.to raise_error(Puppet::Error, /Parameter name failed/) - end - - it 'should fail when there is no section' do - expect { - Puppet::Type.type(:ceilometer_config).new(:name => 'foo') - }.to raise_error(Puppet::Error, /Parameter name failed/) - end - - it 'should not require a value when ensure is absent' do - Puppet::Type.type(:ceilometer_config).new(:name => 'DEFAULT/foo', :ensure => :absent) - end - - it 'should accept a valid value' do - @ceilometer_config[:value] = 'bar' - expect(@ceilometer_config[:value]).to eq(['bar']) - end - - it 'should not accept a value with whitespace' do - @ceilometer_config[:value] = 'b ar' - expect(@ceilometer_config[:value]).to eq(['b ar']) - end - - it 'should accept valid ensure values' do - @ceilometer_config[:ensure] = :present - expect(@ceilometer_config[:ensure]).to eq(:present) - @ceilometer_config[:ensure] = :absent - expect(@ceilometer_config[:ensure]).to eq(:absent) - end - - it 'should not accept invalid ensure values' do - expect { - @ceilometer_config[:ensure] = :latest - }.to raise_error(Puppet::Error, /Invalid value/) - end - - it 'should autorequire the package that install the file' do - catalog = Puppet::Resource::Catalog.new - package = Puppet::Type.type(:package).new(:name => 'ceilometer-common') - catalog.add_resource package, @ceilometer_config - dependency = @ceilometer_config.autorequire - expect(dependency.size).to eq(1) - expect(dependency[0].target).to eq(@ceilometer_config) - expect(dependency[0].source).to eq(package) - end - -end diff --git a/ceilometer/test-requirements.txt b/ceilometer/test-requirements.txt deleted file mode 100644 index bedd66690..000000000 --- a/ceilometer/test-requirements.txt +++ /dev/null @@ -1,4 +0,0 @@ -# this is required for the docs build jobs -sphinx!=1.2.0,!=1.3b1,<1.3,>=1.1.2 -oslosphinx>=2.5.0 # Apache-2.0 -reno>=0.1.1 # Apache-2.0 diff --git a/ceilometer/tox.ini b/ceilometer/tox.ini deleted file mode 100644 index aea06c84f..000000000 --- a/ceilometer/tox.ini +++ /dev/null @@ -1,8 +0,0 @@ -[tox] -minversion = 1.6 -skipsdist = True -envlist = releasenotes - -[testenv:releasenotes] -deps = -rtest-requirements.txt -commands = sphinx-build -a -E -W -d releasenotes/build/doctrees -b html releasenotes/source releasenotes/build/html diff --git a/ceph/.fixtures.yml b/ceph/.fixtures.yml deleted file mode 100644 index 6a6786fc1..000000000 --- a/ceph/.fixtures.yml +++ /dev/null @@ -1,16 +0,0 @@ -fixtures: - repositories: - 'stdlib': 'git://github.com/puppetlabs/puppetlabs-stdlib' - 'apt': - repo: 'git://github.com/puppetlabs/puppetlabs-apt.git' - ref: '2.2.1' - 'inifile': 'git://github.com/puppetlabs/puppetlabs-inifile' - 'apache': - repo: 'git://github.com/puppetlabs/puppetlabs-apache' - ref: '1.4.1' - 'concat': - repo: 'git://github.com/puppetlabs/puppetlabs-concat' - ref: '2.1.0' - - symlinks: - 'ceph': "#{source_dir}" diff --git a/ceph/.gitignore b/ceph/.gitignore deleted file mode 100644 index 9b59f5cb6..000000000 --- a/ceph/.gitignore +++ /dev/null @@ -1,11 +0,0 @@ -*.swp -*~ -.project -spec/fixtures/modules/* -pkg -Gemfile.lock -.bundle -vendor -.vagrant/* -log -.bundled_gems/ diff --git a/ceph/.gitreview b/ceph/.gitreview deleted file mode 100644 index 4b4f9449a..000000000 --- a/ceph/.gitreview +++ /dev/null @@ -1,5 +0,0 @@ -[gerrit] -host=review.openstack.org -port=29418 -project=openstack/puppet-ceph.git -defaultbranch=stable/hammer \ No newline at end of file diff --git a/ceph/.nodeset.yml b/ceph/.nodeset.yml deleted file mode 100644 index c72757976..000000000 --- a/ceph/.nodeset.yml +++ /dev/null @@ -1,109 +0,0 @@ -default_set: 'two-ubuntu-server-12042-x64' -sets: - 'two-ubuntu-server-1404-x64': - default_node: 'first' - nodes: - 'first': - prefab: 'ubuntu-server-1404-x64' - options: - ip: '10.11.12.2' - idedisk: 10 - 'second': - prefab: 'ubuntu-server-1404-x64' - options: - ip: '10.11.12.3' - idedisk: 10 - 'ubuntu-server-1404-x64': - nodes: - 'first': - prefab: 'ubuntu-server-1404-x64' - options: - ip: '10.11.12.2' - idedisk: 10 - 'two-ubuntu-server-1204-x64': - default_node: 'first' - nodes: - 'first': - prefab: 'ubuntu-server-1204-x64' - options: - ip: '10.11.12.2' - idedisk: 10 - 'second': - prefab: 'ubuntu-server-1204-x64' - options: - ip: '10.11.12.3' - idedisk: 10 - 'ubuntu-server-1204-x64': - nodes: - 'first': - prefab: 'ubuntu-server-1204-x64' - options: - ip: '10.11.12.2' - idedisk: 10 - 'two-ubuntu-server-12042-x64': - default_node: 'first' - nodes: - 'first': - prefab: 'ubuntu-server-12042-x64' - options: - ip: '10.11.12.2' - disk: 10 - 'second': - prefab: 'ubuntu-server-12042-x64' - options: - ip: '10.11.12.3' - disk: 10 - 'two-centos-70-x64': - default_node: 'first' - nodes: - 'first': - prefab: 'centos-70-x64' - options: - ip: '10.11.12.2' - idedisk: 10 - 'second': - prefab: 'centos-70-x64' - options: - ip: '10.11.12.3' - idedisk: 10 - 'centos-70-x64': - nodes: - 'first': - prefab: 'centos-70-x64' - options: - ip: '10.11.12.2' - idedisk: 10 - 'two-centos-66-x64': - default_node: 'first' - nodes: - 'first': - prefab: 'centos-66-x64' - options: - ip: '10.11.12.2' - idedisk: 10 - 'second': - prefab: 'centos-66-x64' - options: - ip: '10.11.12.3' - idedisk: 10 - 'centos-66-x64': - nodes: - 'first': - prefab: 'centos-66-x64' - options: - ip: '10.11.12.2' - idedisk: 10 - 'two-centos-65-x64': - default_node: 'first' - nodes: - 'first': - prefab: 'centos-65-x64' - options: - ip: '10.11.12.2' - idedisk: 10 - 'second': - prefab: 'centos-65-x64' - options: - ip: '10.11.12.3' - idedisk: 10 - diff --git a/ceph/.prefabs.yml b/ceph/.prefabs.yml deleted file mode 100644 index 5fddcb033..000000000 --- a/ceph/.prefabs.yml +++ /dev/null @@ -1,134 +0,0 @@ ---- -'ubuntu-server-1404-x64': - description: "" - facts: - architecture: amd64 - kernel: Linux - operatingsystem: Ubuntu - lsbdistid: Ubuntu - facterversion: "2.4.1" - kernelmajversion: "3.13" - kernelrelease: "3.13.0-24-generic" - kernelversion: "3.13.0" - lsbdistcodename: trusty - lsbdistdescription: "Ubuntu 14.04 LTS" - lsbdistrelease: "14.04" - lsbmajdistrelease: "14.04" - operatingsystemrelease: "14.04" - osfamily: Debian - rubyversion: "1.9.3" - provider_specifics: - vagrant_virtualbox: - box: 'puppetlabs/ubuntu-14.04-64-nocm' - box_url: 'https://vagrantcloud.com/puppetlabs/boxes/ubuntu-14.04-64-nocm' - vagrant_vmware_fusion: - box: 'puppetlabs/ubuntu-14.04-64-nocm' - box_url: 'https://vagrantcloud.com/puppetlabs/boxes/ubuntu-14.04-64-nocm' - vsphere: - template: 'ubuntu-1404-x86_64' -'ubuntu-server-1204-x64': - description: "" - facts: - architecture: amd64 - kernel: Linux - operatingsystem: Ubuntu - lsbdistid: Ubuntu - facterversion: "2.4.1" - kernelmajversion: "3.11" - kernelrelease: "3.11.0-15-generic" - kernelversion: "3.11.0" - lsbdistcodename: precise - lsbdistdescription: "Ubuntu 12.04.4 LTS" - lsbdistrelease: "12.04" - lsbmajdistrelease: "12.04" - operatingsystemrelease: "12.04" - osfamily: Debian - rubyversion: "1.8.7" - provider_specifics: - vagrant_virtualbox: - box: 'puppetlabs/ubuntu-12.04-64-nocm' - box_url: 'https://vagrantcloud.com/puppetlabs/boxes/ubuntu-12.04-64-nocm' - vagrant_vmware_fusion: - box: 'puppetlabs/ubuntu-12.04-64-nocm' - box_url: 'https://vagrantcloud.com/puppetlabs/boxes/ubuntu-12.04-64-nocm' - vsphere: - template: 'ubuntu-1402-x86_64' -'centos-70-x64': - description: "" - facts: - kernelrelease: "3.10.0-123.el7.x86_64" - operatingsystem: CentOS - kernelmajversion: "3.10" - architecture: x86_64 - facterversion: "2.4.1" - kernelversion: "3.10.0" - operatingsystemrelease: "7.0.1406" - osfamily: RedHat - lsbmajdistrelease: "7" - lsbdistcodename: Core - lsbdistdescription: "CentOS Linux release 7.0.1406 (Core)" - lsbdistid: CentOS - lsbdistrelease: "7.0.1406" - kernel: Linux - rubyversion: "2.0.0" - provider_specifics: - vagrant_virtualbox: - box: 'puppetlabs/centos-7.0-64-nocm' - box_url: 'https://atlas.hashicorp.com/puppetlabs/boxes/centos-7.0-64-nocm' - vagrant_vmware_fusion: - box: 'puppetlabs/centos-7.0-64-nocm' - box_url: 'https://atlas.hashicorp.com/puppetlabs/boxes/centos-7.0-64-nocm' - vsphere: - template: 'centos-7-x86_64' -'centos-66-x64': - description: "" - facts: - kernelrelease: "2.6.32-504.8.1.el6.x86_64" - operatingsystem: CentOS - kernelmajversion: "2.6" - architecture: x86_64 - facterversion: "2.4.1" - kernelversion: "2.6.32" - operatingsystemrelease: "6.6" - osfamily: RedHat - lsbmajdistrelease: "6" - lsbdistcodename: Final - lsbdistdescription: "CentOS release 6.6 (Final)" - lsbdistid: CentOS - lsbdistrelease: "6.6" - kernel: Linux - rubyversion: "1.8.7" - provider_specifics: - vagrant_virtualbox: - box: 'puppetlabs/centos-6.6-64-nocm' - box_url: 'https://atlas.hashicorp.com/puppetlabs/boxes/centos-6.6-64-nocm' - vagrant_vmware_fusion: - box: 'puppetlabs/centos-6.6-64-nocm' - box_url: 'https://atlas.hashicorp.com/puppetlabs/boxes/centos-6.6-64-nocm' - vsphere: - template: 'centos-6-x86_64' -'centos-65-x64': - description: "" - facts: - kernelrelease: "2.6.32-431.el6.x86_64" - operatingsystem: CentOS - kernelmajversion: "2.6" - architecture: x86_64 - facterversion: "2.4.1" - kernelversion: "2.6.32" - operatingsystemrelease: "6.5" - osfamily: RedHat - lsbmajdistrelease: "6" - lsbdistcodename: Final - lsbdistdescription: "CentOS release 6.5 (Final)" - lsbdistid: CentOS - lsbdistrelease: "6.5" - kernel: Linux - rubyversion: "1.8.7" - provider_specifics: - vagrant_virtualbox: - box: 'puppetlabs/centos-6.5-64-nocm' - vagrant_vmware_fusion: - box: 'puppetlabs/centos-6.5-64-nocm' - vsphere: - template: 'centos-6-x86_64' diff --git a/ceph/Gemfile b/ceph/Gemfile deleted file mode 100644 index 5728ff7e7..000000000 --- a/ceph/Gemfile +++ /dev/null @@ -1,22 +0,0 @@ -source ENV['GEM_SOURCE'] || "https://rubygems.org" - -group :development, :test, :system_tests do - gem 'puppet-openstack_spec_helper', - :git => 'https://git.openstack.org/openstack/puppet-openstack_spec_helper', - :branch => 'stable/mitaka', - :require => false -end - -if facterversion = ENV['FACTER_GEM_VERSION'] - gem 'facter', facterversion, :require => false -else - gem 'facter', :require => false -end - -if puppetversion = ENV['PUPPET_GEM_VERSION'] - gem 'puppet', puppetversion, :require => false -else - gem 'puppet', :require => false -end - -# vim:ft=ruby diff --git a/ceph/LICENSE b/ceph/LICENSE deleted file mode 100644 index 8d968b6cb..000000000 --- a/ceph/LICENSE +++ /dev/null @@ -1,201 +0,0 @@ - Apache License - Version 2.0, January 2004 - http://www.apache.org/licenses/ - - TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION - - 1. Definitions. - - "License" shall mean the terms and conditions for use, reproduction, - and distribution as defined by Sections 1 through 9 of this document. - - "Licensor" shall mean the copyright owner or entity authorized by - the copyright owner that is granting the License. - - "Legal Entity" shall mean the union of the acting entity and all - other entities that control, are controlled by, or are under common - control with that entity. For the purposes of this definition, - "control" means (i) the power, direct or indirect, to cause the - direction or management of such entity, whether by contract or - otherwise, or (ii) ownership of fifty percent (50%) or more of the - outstanding shares, or (iii) beneficial ownership of such entity. - - "You" (or "Your") shall mean an individual or Legal Entity - exercising permissions granted by this License. - - "Source" form shall mean the preferred form for making modifications, - including but not limited to software source code, documentation - source, and configuration files. - - "Object" form shall mean any form resulting from mechanical - transformation or translation of a Source form, including but - not limited to compiled object code, generated documentation, - and conversions to other media types. - - "Work" shall mean the work of authorship, whether in Source or - Object form, made available under the License, as indicated by a - copyright notice that is included in or attached to the work - (an example is provided in the Appendix below). - - "Derivative Works" shall mean any work, whether in Source or Object - form, that is based on (or derived from) the Work and for which the - editorial revisions, annotations, elaborations, or other modifications - represent, as a whole, an original work of authorship. For the purposes - of this License, Derivative Works shall not include works that remain - separable from, or merely link (or bind by name) to the interfaces of, - the Work and Derivative Works thereof. - - "Contribution" shall mean any work of authorship, including - the original version of the Work and any modifications or additions - to that Work or Derivative Works thereof, that is intentionally - submitted to Licensor for inclusion in the Work by the copyright owner - or by an individual or Legal Entity authorized to submit on behalf of - the copyright owner. For the purposes of this definition, "submitted" - means any form of electronic, verbal, or written communication sent - to the Licensor or its representatives, including but not limited to - communication on electronic mailing lists, source code control systems, - and issue tracking systems that are managed by, or on behalf of, the - Licensor for the purpose of discussing and improving the Work, but - excluding communication that is conspicuously marked or otherwise - designated in writing by the copyright owner as "Not a Contribution." - - "Contributor" shall mean Licensor and any individual or Legal Entity - on behalf of whom a Contribution has been received by Licensor and - subsequently incorporated within the Work. - - 2. Grant of Copyright License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - copyright license to reproduce, prepare Derivative Works of, - publicly display, publicly perform, sublicense, and distribute the - Work and such Derivative Works in Source or Object form. - - 3. Grant of Patent License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - (except as stated in this section) patent license to make, have made, - use, offer to sell, sell, import, and otherwise transfer the Work, - where such license applies only to those patent claims licensable - by such Contributor that are necessarily infringed by their - Contribution(s) alone or by combination of their Contribution(s) - with the Work to which such Contribution(s) was submitted. If You - institute patent litigation against any entity (including a - cross-claim or counterclaim in a lawsuit) alleging that the Work - or a Contribution incorporated within the Work constitutes direct - or contributory patent infringement, then any patent licenses - granted to You under this License for that Work shall terminate - as of the date such litigation is filed. - - 4. Redistribution. You may reproduce and distribute copies of the - Work or Derivative Works thereof in any medium, with or without - modifications, and in Source or Object form, provided that You - meet the following conditions: - - (a) You must give any other recipients of the Work or - Derivative Works a copy of this License; and - - (b) You must cause any modified files to carry prominent notices - stating that You changed the files; and - - (c) You must retain, in the Source form of any Derivative Works - that You distribute, all copyright, patent, trademark, and - attribution notices from the Source form of the Work, - excluding those notices that do not pertain to any part of - the Derivative Works; and - - (d) If the Work includes a "NOTICE" text file as part of its - distribution, then any Derivative Works that You distribute must - include a readable copy of the attribution notices contained - within such NOTICE file, excluding those notices that do not - pertain to any part of the Derivative Works, in at least one - of the following places: within a NOTICE text file distributed - as part of the Derivative Works; within the Source form or - documentation, if provided along with the Derivative Works; or, - within a display generated by the Derivative Works, if and - wherever such third-party notices normally appear. The contents - of the NOTICE file are for informational purposes only and - do not modify the License. You may add Your own attribution - notices within Derivative Works that You distribute, alongside - or as an addendum to the NOTICE text from the Work, provided - that such additional attribution notices cannot be construed - as modifying the License. - - You may add Your own copyright statement to Your modifications and - may provide additional or different license terms and conditions - for use, reproduction, or distribution of Your modifications, or - for any such Derivative Works as a whole, provided Your use, - reproduction, and distribution of the Work otherwise complies with - the conditions stated in this License. - - 5. Submission of Contributions. Unless You explicitly state otherwise, - any Contribution intentionally submitted for inclusion in the Work - by You to the Licensor shall be under the terms and conditions of - this License, without any additional terms or conditions. - Notwithstanding the above, nothing herein shall supersede or modify - the terms of any separate license agreement you may have executed - with Licensor regarding such Contributions. - - 6. Trademarks. This License does not grant permission to use the trade - names, trademarks, service marks, or product names of the Licensor, - except as required for reasonable and customary use in describing the - origin of the Work and reproducing the content of the NOTICE file. - - 7. Disclaimer of Warranty. Unless required by applicable law or - agreed to in writing, Licensor provides the Work (and each - Contributor provides its Contributions) on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or - implied, including, without limitation, any warranties or conditions - of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A - PARTICULAR PURPOSE. You are solely responsible for determining the - appropriateness of using or redistributing the Work and assume any - risks associated with Your exercise of permissions under this License. - - 8. Limitation of Liability. In no event and under no legal theory, - whether in tort (including negligence), contract, or otherwise, - unless required by applicable law (such as deliberate and grossly - negligent acts) or agreed to in writing, shall any Contributor be - liable to You for damages, including any direct, indirect, special, - incidental, or consequential damages of any character arising as a - result of this License or out of the use or inability to use the - Work (including but not limited to damages for loss of goodwill, - work stoppage, computer failure or malfunction, or any and all - other commercial damages or losses), even if such Contributor - has been advised of the possibility of such damages. - - 9. Accepting Warranty or Additional Liability. While redistributing - the Work or Derivative Works thereof, You may choose to offer, - and charge a fee for, acceptance of support, warranty, indemnity, - or other liability obligations and/or rights consistent with this - License. However, in accepting such obligations, You may act only - on Your own behalf and on Your sole responsibility, not on behalf - of any other Contributor, and only if You agree to indemnify, - defend, and hold each Contributor harmless for any liability - incurred by, or claims asserted against, such Contributor by reason - of your accepting any such warranty or additional liability. - - END OF TERMS AND CONDITIONS - - APPENDIX: How to apply the Apache License to your work. - - To apply the Apache License to your work, attach the following - boilerplate notice, with the fields enclosed by brackets "[]" - replaced with your own identifying information. (Don't include - the brackets!) The text should be enclosed in the appropriate - comment syntax for the file format. We also recommend that a - file or class name and description of purpose be included on the - same "printed page" as the copyright notice for easier - identification within third-party archives. - - Copyright [yyyy] [name of copyright owner] - - Licensed under the Apache License, Version 2.0 (the "License"); - you may not use this file except in compliance with the License. - You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - - Unless required by applicable law or agreed to in writing, software - distributed under the License is distributed on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - See the License for the specific language governing permissions and - limitations under the License. diff --git a/ceph/README.md b/ceph/README.md deleted file mode 100644 index f141985e6..000000000 --- a/ceph/README.md +++ /dev/null @@ -1,112 +0,0 @@ -ceph -==== - -#### Table of Contents - -1. [Overview - What is the ceph module?](#overview) -2. [Module Description - What does the module do?](#module-description) -3. [Setup - The basics of getting started with ceph](#setup) -4. [Implementation - An under-the-hood peek at what the module is doing](#implementation) -5. [Limitations - OS compatibility, etc.](#limitations) -6. [Use Cases - Examples of how to use this module](#limitations) -7. [Development - Guide for contributing to the module](#development) -8. [Beaker Integration Tests - Apply the module and test restults](#integration-tests) -9. [Contributors - Those with commits](#contributors) -10. [Release Notes - Notes on the most recent updates to the module](#release-notes) - -Overview --------- - -The ceph module is intended to leverage all [Ceph](http://ceph.com/) has to offer and allow for a wide range of use case. Although hosted on the OpenStack infrastructure, it does not require to sign a CLA nor is it restricted to OpenStack users. It benefits from a structured development process that helps federate the development effort. Each feature is tested with integration tests involving virtual machines to show that it performs as expected when used with a realistic scenario. - -Module Description ------------------- - -The ceph module deploys a [Ceph](http://ceph.com/) cluster ( MON, OSD ), the [Cephfs](http://ceph.com/docs/next/cephfs/) file system and the [RadosGW](http://ceph.com/docs/next/radosgw/) object store. It provides integration with various environments ( OpenStack ... ) and components to be used by third party puppet modules that depend on a Ceph cluster. - -Setup ------ - -Implementation --------------- - -A [blueprint](https://wiki.openstack.org/wiki/Puppet-openstack/ceph-blueprint) contains an inventory of what is desirable. It was decided to start from scratch and implement one module at a time. - -Limitations ------------ - -We follow the OS compatibility of Ceph. With the release of infernalis this is currently: - -* CentOS 7 or later -* Debian Jessie 8.x or later -* Ubuntu Trusty 14.04 or later -* Fedora 22 or later - -Use Cases ---------- - -* [I want to try this module, heard of ceph, want to see it in action](USECASES.md#i-want-to-try-this-module,-heard-of-ceph,-want-to-see-it-in-action) -* [I want to operate a production cluster](USECASES.md#i-want-to-operate-a-production-cluster) -* [I want to run benchmarks on three new machines](USECASES.md#i-want-to-run-benchmarks-on-three-new-machines) - -Development ------------ - -``` -git clone https://github.com/openstack/puppet-ceph.git -cd puppet-ceph -sudo gem install bundler -bundle install -``` - -The developer documentation of the puppet-openstack project is the reference: - -* https://wiki.openstack.org/wiki/Puppet#Developer_documentation - -Mailing lists: - -* [puppet-openstack](https://groups.google.com/a/puppetlabs.com/forum/#!forum/puppet-openstack) -* [ceph-devel](http://ceph.com/resources/mailing-list-irc/) - -IRC channels: - -* irc.freenode.net#puppet-openstack -* irc.oftc.net#ceph-devel - -Beaker Integration Tests ------------------------- - -Relies on -[rspec-beaker](https://github.com/puppetlabs/beaker-rspec) -and tests are in spec/acceptance. -It also requires [Vagrant and Virtualbox](http://docs-v1.vagrantup.com/v1/docs/getting-started/) -. - -``` -bundle install -bundle exec rspec spec/acceptance -``` - -The BEAKER_set environment variable contains the resource set of linux -distribution configurations for which integration tests are going -to be run. Available values are - -* two-centos-70-x64 -* centos-70-x64 -* two-ubuntu-server-1404-x64 -* ubuntu-server-1404-x64 - -The default is - -``` -BEAKER_set=two-ubuntu-server-1404-x64 \ -bundle exec rspec spec/acceptance -``` - -Contributors ------------- - -* https://github.com/openstack/puppet-ceph/graphs/contributors - -Release Notes -------------- diff --git a/ceph/Rakefile b/ceph/Rakefile deleted file mode 100644 index 69a1e2ae5..000000000 --- a/ceph/Rakefile +++ /dev/null @@ -1,12 +0,0 @@ -require 'puppetlabs_spec_helper/rake_tasks' -require 'puppet-lint/tasks/puppet-lint' -require 'metadata-json-lint/rake_task' - -begin - require 'rspec-system/rake_task' -rescue LoadError - # don't warn anymore as rspec-system is deprecated -end - -PuppetLint.configuration.fail_on_warnings = true -PuppetLint.configuration.send('disable_80chars') diff --git a/ceph/USECASES.md b/ceph/USECASES.md deleted file mode 100644 index 3a8cbabd6..000000000 --- a/ceph/USECASES.md +++ /dev/null @@ -1,179 +0,0 @@ -Use Cases -========= - -I want to try this module, heard of ceph, want to see it in action ------------------------------------------------------------------- - -I want to run it on a virtual machine, all in one. The **ceph::repo** class will enable the official ceph repository with the most current branch selected. The **ceph** class will create a configuration file with no authentication enabled. The **ceph::mon** resource configures and runs a monitor to which a **ceph::osd** daemon will connect to provide disk storage backed by the /srv/data folder (note that storing OSD data on an existing filesystem is only recommended for simple tests like this one). - -* install puppet and this module and its dependences (see metadata.json) -* paste the snippet above into /tmp/ceph.puppet -* `puppet apply /tmp/ceph.puppet` -* `ceph -s`: it will connect to the monitor and report that the cluster is ready to be used - -``` - class { 'ceph::repo': } - class { 'ceph': - fsid => generate('/usr/bin/uuidgen'), - mon_host => $::ipaddress, - authentication_type => 'none', - osd_pool_default_size => '1', - osd_pool_default_min_size => '1', - } - ceph_config { - 'global/osd_journal_size': value => '100'; - } - ceph::mon { 'a': - public_addr => $::ipaddress, - authentication_type => 'none', - } - ceph::osd { '/srv/data': } -``` - -I want to operate a production cluster --------------------------------------- - -_Notice : Please note that the code below is a sample which is not expected to work without further configuration. You will need to at least adapt the hostnames, the IP addresses of the monitor hosts and the OSD disks to your setup._ - -On all machines: -* install puppet and this module and its dependences (see metadata.json) -* paste the snippet below into /tmp/ceph.puppet - -On the monitor hosts: -* `puppet apply /tmp/ceph.puppet` (please note that you will need to run this on all monitor hosts at the same time, as they need to connect to each other to finish setting up) - -On all other hosts: -* `puppet apply /tmp/ceph.puppet` - -Enjoy your ceph cluster! - -``` - $admin_key = 'AQCTg71RsNIHORAAW+O6FCMZWBjmVfMIPk3MhQ==' - $mon_key = 'AQDesGZSsC7KJBAAw+W/Z4eGSQGAIbxWjxjvfw==' - $bootstrap_osd_key = 'AQABsWZSgEDmJhAAkAGSOOAJwrMHrM5Pz5On1A==' - $fsid = '066F558C-6789-4A93-AAF1-5AF1BA01A3AD' - - node /mon[123]/ { - class { 'ceph::repo': } - class { 'ceph': - fsid => $fsid, - mon_initial_members => 'mon1,mon2,mon3', - mon_host => ',,', - } - ceph::mon { $::hostname: - key => $mon_key, - } - Ceph::Key { - inject => true, - inject_as_id => 'mon.', - inject_keyring => "/var/lib/ceph/mon/ceph-${::hostname}/keyring", - } - ceph::key { 'client.admin': - secret => $admin_key, - cap_mon => 'allow *', - cap_osd => 'allow *', - cap_mds => 'allow', - } - ceph::key { 'client.bootstrap-osd': - secret => $bootstrap_osd_key, - cap_mon => 'allow profile bootstrap-osd', - } - } - - node /osd*/ { - class { 'ceph::repo': } - class { 'ceph': - fsid => $fsid, - mon_initial_members => 'mon1,mon2,mon3', - mon_host => ',,', - } - ceph::osd { - '': - journal => ''; - '': - journal => ''; - } - ceph::key {'client.bootstrap-osd': - keyring_path => '/var/lib/ceph/bootstrap-osd/ceph.keyring', - secret => $bootstrap_osd_key, - } - } - - node /client/ { - class { 'ceph::repo': } - class { 'ceph': - fsid => $fsid, - mon_initial_members => 'mon1,mon2,mon3', - mon_host => ',,', - } - ceph::key { 'client.admin': - secret => $admin_key - } - } -``` - -I want to run benchmarks on three new machines ----------------------------------------------- - -_Notice : Please note that the code below is a sample which is not expected to work without further configuration. You will need to at least adapt the hostnames, the IP address of the monitor host and the OSD disks to your setup._ - -There are four machines, 3 OSDs, one of which also doubles as the single monitor and one machine that is the client from which the user runs the benchmark. - -On all four machines: -* install puppet and this module and its dependences (see metadata.json) -* paste the snippet below into /tmp/ceph.puppet -* `puppet apply /tmp/ceph.puppet` - -On the client: -* `rados bench` -* interpret the results - -``` - $fsid = '066F558C-6789-4A93-AAF1-5AF1BA01A3AD' - - node /node1/ { - class { 'ceph::repo': } - class { 'ceph': - fsid => $fsid, - mon_host => '', - mon_initial_members => 'node1', - authentication_type => 'none', - } - ceph::mon { $::hostname: - authentication_type => 'none', - } - ceph::osd { - '': - journal => ''; - '': - journal => ''; - } - } - - node /node[23]/ { - class { 'ceph::repo': } - class { 'ceph': - fsid => $fsid, - mon_host => '', - mon_initial_members => 'node1', - authentication_type => 'none', - } - ceph::osd { - '': - journal => ''; - '': - journal => ''; - } - } - - node /client/ { - class { 'ceph::repo': } - class { 'ceph': - fsid => $fsid, - mon_host => '', - mon_initial_members => 'node1', - authentication_type => 'none', - } - } -``` - diff --git a/ceph/examples/common.yaml b/ceph/examples/common.yaml deleted file mode 100644 index 4244dc063..000000000 --- a/ceph/examples/common.yaml +++ /dev/null @@ -1,49 +0,0 @@ ---- -######## Ceph -ceph::profile::params::release: 'hammer' - -######## Ceph.conf -ceph::profile::params::fsid: '4b5c8c0a-ff60-454b-a1b4-9747aa737d19' -ceph::profile::params::authentication_type: 'cephx' -ceph::profile::params::mon_initial_members: 'first, second' -ceph::profile::params::mon_host: '10.11.12.2:6789, 10.11.12.3:6789' -ceph::profile::params::osd_journal_size: '4096' -ceph::profile::params::osd_pool_default_pg_num: '200' -ceph::profile::params::osd_pool_default_pgp_num: '200' -ceph::profile::params::osd_pool_default_size: '2' -ceph::profile::params::osd_pool_default_min_size: '1' -ceph::profile::params::cluster_network: '10.12.13.0/24' -ceph::profile::params::public_network: '10.11.12.0/24' - -######## Keys -ceph::profile::params::mon_key: 'AQATGHJTUCBqIBAA7M2yafV1xctn1pgr3GcKPg==' -# as an alternative to specifying the mon key you can provide an exising keyring -#ceph::profile::params::mon_keyring: '/etc/ceph/ceph.mon.keyring' -ceph::profile::params::client_keys: - 'client.admin': - secret: 'AQBMGHJTkC8HKhAAJ7NH255wYypgm1oVuV41MA==' - mode: '0600' - cap_mon: 'allow *' - cap_osd: 'allow *' - cap_mds: 'allow *' - 'client.bootstrap-osd': - secret: 'AQARG3JTsDDEHhAAVinHPiqvJkUi5Mww/URupw==' - keyring_path: '/var/lib/ceph/bootstrap-osd/ceph.keyring' - cap_mon: 'allow profile bootstrap-osd' - 'client.bootstrap-mds': - secret: 'AQCztJdSyNb0NBAASA2yPZPuwXeIQnDJ9O8gVw==' - keyring_path: '/var/lib/ceph/bootstrap-mds/ceph.keyring' - cap_mon: 'allow profile bootstrap-mds' - 'client.volumes': - secret: 'AQA4MPZTOGU0ARAAXH9a0fXxVq0X25n2yPREDw==' - mode: '0600' - user: 'cinder' - group: 'cinder' - cap_mon: 'allow r' - cap_osd: 'allow class-read object_prefix rbd_children, allow rwx pool=volumes' - -ceph::profile::params::osds: - '/dev/sdc': - journal: '/dev/sdb' - '/dev/sdd': - journal: '/dev/sdb' diff --git a/ceph/examples/hiera.yaml b/ceph/examples/hiera.yaml deleted file mode 100644 index 81c0fc9e0..000000000 --- a/ceph/examples/hiera.yaml +++ /dev/null @@ -1,8 +0,0 @@ ---- -:backends: - - yaml -:yaml: - :datadir: /var/lib/hiera -:hierarchy: - - "nodes/%{::hostname}" - - common diff --git a/ceph/examples/nodes/client.yaml b/ceph/examples/nodes/client.yaml deleted file mode 100644 index 5a45476de..000000000 --- a/ceph/examples/nodes/client.yaml +++ /dev/null @@ -1,9 +0,0 @@ ---- -ceph::profile::params::client_keys: - 'client.volumes': - secret: 'AQA4MPZTOGU0ARAAXH9a0fXxVq0X25n2yPREDw==' - mode: '0644' - user: 'root' - group: 'root' - cap_mon: 'allow r' - cap_osd: 'allow class-read object_prefix rbd_children, allow rwx pool=volumes' diff --git a/ceph/examples/nodes/first.yaml b/ceph/examples/nodes/first.yaml deleted file mode 100644 index 02ea11dbb..000000000 --- a/ceph/examples/nodes/first.yaml +++ /dev/null @@ -1,6 +0,0 @@ ---- -######## OSD -ceph::profile::params::osds: - '/dev/sdb': - journal: '/srv/journal' - diff --git a/ceph/examples/nodes/second.yaml b/ceph/examples/nodes/second.yaml deleted file mode 100644 index 02ea11dbb..000000000 --- a/ceph/examples/nodes/second.yaml +++ /dev/null @@ -1,6 +0,0 @@ ---- -######## OSD -ceph::profile::params::osds: - '/dev/sdb': - journal: '/srv/journal' - diff --git a/ceph/lib/puppet/provider/ceph_config/ini_setting.rb b/ceph/lib/puppet/provider/ceph_config/ini_setting.rb deleted file mode 100644 index 71abca94d..000000000 --- a/ceph/lib/puppet/provider/ceph_config/ini_setting.rb +++ /dev/null @@ -1,50 +0,0 @@ -# Copyright (C) Dan Bode -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# Author: Dan Bode -# Author: Andrew Woodward - -Puppet::Type.type(:ceph_config).provide( - :ini_setting, - :parent => Puppet::Type.type(:ini_setting).provider(:ruby) -) do - - def section - resource[:name].split('/', 2).first - end - - def setting - resource[:name].split('/', 2).last - end - - def separator - ' = ' - end - - def self.file_path - '/etc/ceph/ceph.conf' - end - - # required to be able to hack the path in unit tests - # also required if a user wants to otherwise overwrite the default file_path - # Note: purge will not work on over-ridden file_path - def file_path - if not resource[:path] - self.class.file_path - else - resource[:path] - end - end - -end diff --git a/ceph/lib/puppet/type/ceph_config.rb b/ceph/lib/puppet/type/ceph_config.rb deleted file mode 100644 index 5a44472d5..000000000 --- a/ceph/lib/puppet/type/ceph_config.rb +++ /dev/null @@ -1,49 +0,0 @@ -# Copyright (C) Dan Bode -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# Author: Dan Bode -# Author: Mathieu Gagne - - -Puppet::Type.newtype(:ceph_config) do - - ensurable - - newparam(:name, :namevar => true) do - desc 'Section/setting name to manage from ./ceph.conf' - newvalues(/\S+\/\S+/) - end - - # required in order to be able to unit test file contents - # Note: purge will not work on over-ridden file_path - # lifted from ini_file - newparam(:path) do - desc 'A file path to over ride the default file path if necessary' - validate do |value| - unless (Puppet.features.posix? and value =~ /^\//) or (Puppet.features.microsoft_windows? and (value =~ /^.:\// or value =~ /^\/\/[^\/]+\/[^\/]+/)) - raise(Puppet::Error, "File paths must be fully qualified, not '#{value}'") - end - end - defaultto false - end - - newproperty(:value) do - desc 'The value of the setting to be defined.' - munge do |value| - value = value.to_s.strip - value.capitalize! if value =~ /^(true|false)$/i - value - end - end -end diff --git a/ceph/manifests/conf.pp b/ceph/manifests/conf.pp deleted file mode 100644 index 2e51942fe..000000000 --- a/ceph/manifests/conf.pp +++ /dev/null @@ -1,32 +0,0 @@ -# -# Copyright (C) 2013 Cloudwatt -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# Author: Loic Dachary -# -# == Class: ceph::conf -# -# Class wrapper for the benefit of scenario_node_terminus -# -# === Parameters: -# -# [*args*] A Ceph config hash. -# Optional. -# -# [*defaults*] A config hash -# Optional. Defaults to a empty hash -# -class ceph::conf($args = {}, $defaults = {}) { - create_resources(ceph_config, $args, $defaults) -} diff --git a/ceph/manifests/init.pp b/ceph/manifests/init.pp deleted file mode 100644 index 6e685c157..000000000 --- a/ceph/manifests/init.pp +++ /dev/null @@ -1,175 +0,0 @@ -# Copyright (C) 2013, 2014 iWeb Technologies Inc. -# Copyright (C) 2014 Nine Internet Solutions AG -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# Author: David Moreau Simard -# Author: David Gurtner -# -# == Class: ceph -# -# init takes care of installing/configuring the common dependencies across classes -# it also takes care of the global configuration values -# -# === Parameters: -# -# [*fsid*] The cluster's fsid. -# Mandatory. Get one with `uuidgen -r`. -# -# [*ensure*] Installs ( present ) or removes ( absent ) ceph. -# Optional. Defaults to present. -# -# [*authentication_type*] Authentication type. -# Optional. none or 'cephx'. Defaults to 'cephx'. -# -# [*keyring*] The location of the keyring retrieved by default -# Optional. Defaults to /etc/ceph/keyring. -# -# [*osd_journal_size*] The size of the journal file/device. -# Optional. Integer. Default provided by Ceph. -# -# [*osd_pool_default_pg_num*] The default number of PGs per pool. -# Optional. Integer. Default provided by Ceph. -# -# [*osd_pool_default_pgp_num*] The default flags for new pools. -# Optional. Integer. Default provided by Ceph. -# -# [*osd_pool_default_size*] Number of replicas for objects in the pool -# Optional. Integer. Default provided by Ceph. -# -# [*osd_pool_default_min_size*] The default minimum num of replicas. -# Optional. Integer. Default provided by Ceph. -# -# [*osd_pool_default_crush_rule*] The default CRUSH ruleset to use -# when creating a pool. -# Optional. Integer. Default provided by Ceph. -# -# [*mon_osd_full_ratio*] Percentage of disk space used before -# an OSD considered full -# Optional. Integer e.g. 95, NOTE: ends in config as .95 -# Default provided by Ceph. -# -# [*mon_osd_nearfull_ratio*] Percentage of disk space used before -# an OSD considered nearfull -# Optional. Float e.g. 90, NOTE: ends in config as .90 -# Default provided by Ceph. -# -# [*mon_initial_members*] The IDs of initial MONs in the cluster during startup. -# Optional. String like e.g. 'a, b, c'. -# -# [*mon_host*] The fqdn of MONs in the cluster. They can also be declared -# individually through ceph::mon. -# Optional. String like e.g. 'a, b, c'. -# -# [*ms_bind_ipv6*] Enables Ceph daemons to bind to IPv6 addresses. -# Optional. Boolean. Default provided by Ceph. -# -# [*require_signatures*] If Ceph requires signatures on all -# message traffic (client<->cluster and between cluster daemons). -# Optional. Boolean. Default provided by Ceph. -# -# [*cluster_require_signatures*] If Ceph requires signatures on all -# message traffic between the cluster daemons. -# Optional. Boolean. Default provided by Ceph. -# -# [*service_require_signatures*] If Ceph requires signatures on all -# message traffic between clients and the cluster. -# Optional. Boolean. Default provided by Ceph. -# -# [*sign_messages*] If all ceph messages should be signed. -# Optional. Boolean. Default provided by Ceph. -# -# [*cluster_network*] The address of the cluster network. -# Optional. {cluster-network-ip/netmask} -# -# [*public_network*] The address of the public network. -# Optional. {public-network-ip/netmask} -# -# [*public_addr*] The address of the node (on public network.) -# Optional. {public-network-ip} -# -class ceph ( - $fsid, - $ensure = present, - $authentication_type = 'cephx', - $keyring = undef, - $osd_journal_size = undef, - $osd_pool_default_pg_num = undef, - $osd_pool_default_pgp_num = undef, - $osd_pool_default_size = undef, - $osd_pool_default_min_size = undef, - $osd_pool_default_crush_rule= undef, - $mon_osd_full_ratio = undef, - $mon_osd_nearfull_ratio = undef, - $mon_initial_members = undef, - $mon_host = undef, - $ms_bind_ipv6 = undef, - $require_signatures = undef, - $cluster_require_signatures = undef, - $service_require_signatures = undef, - $sign_messages = undef, - $cluster_network = undef, - $public_network = undef, - $public_addr = undef, -) { - include ::ceph::params - - package { $::ceph::params::packages : - ensure => $ensure, - tag => 'ceph' - } - - if $ensure !~ /(absent|purged)/ { - # Make sure ceph is installed before managing the configuration - Package<| tag == 'ceph' |> -> Ceph_config<| |> - # [global] - ceph_config { - 'global/fsid': value => $fsid; - 'global/keyring': value => $keyring; - 'global/osd_pool_default_pg_num': value => $osd_pool_default_pg_num; - 'global/osd_pool_default_pgp_num': value => $osd_pool_default_pgp_num; - 'global/osd_pool_default_size': value => $osd_pool_default_size; - 'global/osd_pool_default_min_size': value => $osd_pool_default_min_size; - 'global/osd_pool_default_crush_rule': value => $osd_pool_default_crush_rule; - 'global/mon_osd_full_ratio': value => $mon_osd_full_ratio; - 'global/mon_osd_nearfull_ratio': value => $mon_osd_nearfull_ratio; - 'global/mon_initial_members': value => $mon_initial_members; - 'global/mon_host': value => $mon_host; - 'global/ms_bind_ipv6': value => $ms_bind_ipv6; - 'global/require_signatures': value => $require_signatures; - 'global/cluster_require_signatures': value => $cluster_require_signatures; - 'global/service_require_signatures': value => $service_require_signatures; - 'global/sign_messages': value => $sign_messages; - 'global/cluster_network': value => $cluster_network; - 'global/public_network': value => $public_network; - 'global/public_addr': value => $public_addr; - 'osd/osd_journal_size': value => $osd_journal_size; - } - - if $authentication_type == 'cephx' { - ceph_config { - 'global/auth_cluster_required': value => 'cephx'; - 'global/auth_service_required': value => 'cephx'; - 'global/auth_client_required': value => 'cephx'; - 'global/auth_supported': value => 'cephx'; - } - } else { - ceph_config { - 'global/auth_cluster_required': value => 'none'; - 'global/auth_service_required': value => 'none'; - 'global/auth_client_required': value => 'none'; - 'global/auth_supported': value => 'none'; - } - } - } -} diff --git a/ceph/manifests/key.pp b/ceph/manifests/key.pp deleted file mode 100644 index 0a116be58..000000000 --- a/ceph/manifests/key.pp +++ /dev/null @@ -1,158 +0,0 @@ -# -# Copyright (C) 2014 Catalyst IT Limited. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# Author: Ricardo Rocha -# -# Handles ceph keys (cephx), generates keys, creates keyring files, injects -# keys into or delete keys from the cluster/keyring via ceph and ceph-authtool -# tools. -# -# == Define: ceph::key -# -# The full ceph ID name, e.g. 'client.admin' or 'mon.'. -# -# === Parameters: -# -# [*secret*] Key secret. -# Mandatory. Can be created with ceph-authtool --gen-print-key. -# -# [*cluster*] The ceph cluster -# Optional. Same default as ceph. -# -# [*keyring_path*] Path to the keyring file. -# Optional. Absolute path to the keyring file, including the file name. -# Defaults to /etc/ceph/ceph.${name}.keyring. -# -# [*cap_mon*] cephx capabilities for MON access. -# Optional. e.g. 'allow *' -# Defaults to 'undef'. -# -# [*cap_osd*] cephx capabilities for OSD access. -# Optional. e.g. 'allow *' -# Defaults to 'undef'. -# -# [*cap_mds*] cephx capabilities for MDS access. -# Optional. e.g. 'allow *' -# Defaults to 'undef'. -# -# [*user*] Owner of the *keyring_path* file. -# Optional. Defaults to 'root'. -# -# [*group*] Group of the *keyring_path* file. -# Optional. Defaults to 'root'. -# -# [*mode*] Mode (permissions) of the *keyring_path* file. -# Optional. Defaults to 0600. -# -# [*inject*] True if the key should be injected into the cluster. -# Optional. Boolean value (true to inject the key). -# Default to false. -# -# [*inject_as_id*] the ceph ID used to inject the key Optional. Only -# taken into account if 'inject' was set to true, in which case it -# overrides the ceph default if set to a value other than -# undef. Default to undef. -# -# [*inject_keyring*] keyring file with injection credentials -# Optional. Only taken into account if 'inject' was set to true. If -# set to a value other than undef, it overrides the ceph default -# inferred from the client name. Default to undef. -# -define ceph::key ( - $secret, - $cluster = undef, - $keyring_path = "/etc/ceph/ceph.${name}.keyring", - $cap_mon = undef, - $cap_osd = undef, - $cap_mds = undef, - $user = 'root', - $group = 'root', - $mode = '0600', - $inject = false, - $inject_as_id = undef, - $inject_keyring = undef, -) { - - if $cluster { - $cluster_option = "--cluster ${cluster}" - } - - if $cap_mon { - $mon_caps = "--cap mon '${cap_mon}' " - } - if $cap_osd { - $osd_caps = "--cap osd '${cap_osd}' " - } - if $cap_mds { - $mds_caps = "--cap mds '${cap_mds}' " - } - $caps = "${mon_caps}${osd_caps}${mds_caps}" - - # this allows multiple defines for the same 'keyring file', - # which is supported by ceph-authtool - if ! defined(File[$keyring_path]) { - file { $keyring_path: - ensure => file, - owner => $user, - group => $group, - mode => $mode, - require => Package['ceph'], - } - } - - # ceph-authtool --add-key is idempotent, will just update pre-existing keys - exec { "ceph-key-${name}": - command => "/bin/true # comment to satisfy puppet syntax requirements -set -ex -ceph-authtool ${keyring_path} --name '${name}' --add-key '${secret}' ${caps}", - onlyif => "/bin/true # comment to satisfy puppet syntax requirements -set -ex -NEW_KEYRING=\$(mktemp) -ceph-authtool \$NEW_KEYRING --name '${name}' --add-key '${secret}' ${caps} -diff -N \$NEW_KEYRING ${keyring_path} | grep '<' -rm \$NEW_KEYRING", - require => [ Package['ceph'], File[$keyring_path], ], - logoutput => true, - } - - if $inject { - - if $inject_as_id { - $inject_id_option = " --name '${inject_as_id}' " - } - - if $inject_keyring { - $inject_keyring_option = " --keyring '${inject_keyring}' " - } - - Ceph_config<||> -> Exec["ceph-injectkey-${name}"] - Ceph::Mon<||> -> Exec["ceph-injectkey-${name}"] - # ceph auth import is idempotent, will just update pre-existing keys - exec { "ceph-injectkey-${name}": - command => "/bin/true # comment to satisfy puppet syntax requirements -set -ex -ceph ${cluster_option} ${inject_id_option} ${inject_keyring_option} auth import -i ${keyring_path}", - onlyif => "/bin/true # comment to satisfy puppet syntax requirements -set -ex -OLD_KEYRING=\$(mktemp) -ceph ${cluster_option} ${inject_id_option} ${inject_keyring_option} auth get ${name} -o \$OLD_KEYRING || true -diff -N \$OLD_KEYRING ${keyring_path} | grep '>' -rm \$OLD_KEYRING", - require => [ Package['ceph'], Exec["ceph-key-${name}"], ], - logoutput => true, - } - - } -} diff --git a/ceph/manifests/keys.pp b/ceph/manifests/keys.pp deleted file mode 100644 index 6c7bdcc52..000000000 --- a/ceph/manifests/keys.pp +++ /dev/null @@ -1,32 +0,0 @@ -# -# Copyright (C) 2014 Nine Internet Solutions -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# Author: David Gurtner -# -# == Class: ceph::keys -# -# Class wrapper for the benefit of scenario_node_terminus -# -# === Parameters: -# -# [*args*] A Ceph keys config hash -# Optional. -# -# [*defaults*] A keys config hash -# Optional. Defaults to a empty hash. -# -class ceph::keys($args = {}, $defaults = {}) { - create_resources(ceph::key, $args, $defaults) -} diff --git a/ceph/manifests/mds.pp b/ceph/manifests/mds.pp deleted file mode 100644 index 93c781af1..000000000 --- a/ceph/manifests/mds.pp +++ /dev/null @@ -1,50 +0,0 @@ -# Copyright (C) 2013, 2014 iWeb Technologies Inc. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# Author: David Moreau Simard -# -# == Class: ceph::mds -# -# Installs and configures MDSs (ceph metadata servers) -# -# === Parameters: -# -# [*mds_activate*] Switch to activate the '[mds]' section in the config. -# Optional. Defaults to 'true'. -# -# [*mds_data*] The path to the MDS data. -# Optional. Default provided by Ceph is '/var/lib/ceph/mds/$cluster-$id'. -# -# [*keyring*] The location of the keyring used by MDSs -# Optional. Defaults to /var/lib/ceph/mds/$cluster-$id/keyring. -# -class ceph::mds ( - $mds_activate = true, - $mds_data = '/var/lib/ceph/mds/$cluster-$id', - $keyring = '/var/lib/ceph/mds/$cluster-$id/keyring', -) { - - # [mds] - if $mds_activate { - ceph_config { - 'mds/mds_data': value => $mds_data; - 'mds/keyring': value => $keyring; - } - } else { - ceph_config { - 'mds/mds_data': ensure => absent; - 'mds/keyring': ensure => absent; - } - } -} diff --git a/ceph/manifests/mon.pp b/ceph/manifests/mon.pp deleted file mode 100644 index 89e68bdf6..000000000 --- a/ceph/manifests/mon.pp +++ /dev/null @@ -1,233 +0,0 @@ -# -# Copyright (C) 2013 Cloudwatt -# Copyright (C) 2013, 2014 iWeb Technologies Inc. -# Copyright (C) 2014 Nine Internet Solutions AG -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# Author: Loic Dachary -# Author: David Moreau Simard -# Author: David Gurtner -# -# == Define: ceph::mon -# -# Installs and configures MONs (ceph monitors) -# -# === Parameters: -# -# [*title*] The MON id. -# Mandatory. An alphanumeric string uniquely identifying the MON. -# -# [*ensure*] Installs ( present ) or remove ( absent ) a MON -# Optional. Defaults to present. -# If set to absent, it will stop the MON service and remove -# the associated data directory. -# -# [*public_addr*] The bind IP address. -# Optional. The IPv(4|6) address on which MON binds itself. -# -# [*cluster*] The ceph cluster -# Optional. Same default as ceph. -# -# [*authentication_type*] Activate or deactivate authentication -# Optional. Default to cephx. -# Authentication is activated if the value is 'cephx' and deactivated -# if the value is 'none'. If the value is 'cephx', at least one of -# key or keyring must be provided. -# -# [*key*] Authentication key for [mon.] -# Optional. $key and $keyring are mutually exclusive. -# -# [*keyring*] Path of the [mon.] keyring file -# Optional. $key and $keyring are mutually exclusive. -# -# [*exec_timeout*] The default exec resource timeout, in seconds -# Optional. Defaults to $::ceph::params::exec_timeout -# -define ceph::mon ( - $ensure = present, - $public_addr = undef, - $cluster = undef, - $authentication_type = 'cephx', - $key = undef, - $keyring = undef, - $exec_timeout = $::ceph::params::exec_timeout, - ) { - - include ::stdlib - - # a puppet name translates into a ceph id, the meaning is different - $id = $name - - if $cluster { - $cluster_name = $cluster - $cluster_option = "--cluster ${cluster_name}" - } else { - $cluster_name = 'ceph' - } - - # if Ubuntu does not use systemd - if $::service_provider == 'upstart' { - $init = 'upstart' - Service { - name => "ceph-mon-${id}", - provider => $::ceph::params::service_provider, - start => "start ceph-mon id=${id}", - stop => "stop ceph-mon id=${id}", - status => "status ceph-mon id=${id}", - } - # Everything else that is supported by puppet-ceph should run systemd. - } else { - $init = 'sysvinit' - Service { - name => "ceph-mon-${id}", - provider => $::ceph::params::service_provider, - start => "service ceph start mon.${id}", - stop => "service ceph stop mon.${id}", - status => "service ceph status mon.${id}", - } - } - - $mon_service = "ceph-mon-${id}" - - if $ensure == present { - - $ceph_mkfs = "ceph-mon-mkfs-${id}" - - if $authentication_type == 'cephx' { - if ! $key and ! $keyring { - fail("authentication_type ${authentication_type} requires either key or keyring to be set but both are undef") - } - if $key and $keyring { - fail("key (set to ${key}) and keyring (set to ${keyring}) are mutually exclusive") - } - if $key { - $keyring_path = "/tmp/ceph-mon-keyring-${id}" - - Ceph_config<||> -> - exec { "create-keyring-${id}": - command => "/bin/true # comment to satisfy puppet syntax requirements -set -ex -cat > ${keyring_path} << EOF -[mon.] - key = ${key} - caps mon = \"allow *\" -EOF - -chmod 0444 ${keyring_path} -", - unless => "/bin/true # comment to satisfy puppet syntax requirements -set -ex -mon_data=\$(ceph-mon ${cluster_option} --id ${id} --show-config-value mon_data) || exit 1 # if ceph-mon fails then the mon is probably not configured yet -test -e \$mon_data/done -", - } - - Exec["create-keyring-${id}"] -> Exec[$ceph_mkfs] - - } else { - $keyring_path = $keyring - } - - } else { - $keyring_path = '/dev/null' - } - - if $public_addr { - ceph_config { - "mon.${id}/public_addr": value => $public_addr; - } - } - - Ceph_config<||> -> - # prevent automatic creation of the client.admin key by ceph-create-keys - exec { "ceph-mon-${cluster_name}.client.admin.keyring-${id}": - command => "/bin/true # comment to satisfy puppet syntax requirements -set -ex -touch /etc/ceph/${cluster_name}.client.admin.keyring", - unless => "/bin/true # comment to satisfy puppet syntax requirements -set -ex -test -e /etc/ceph/${cluster_name}.client.admin.keyring", - } - -> - exec { $ceph_mkfs: - command => "/bin/true # comment to satisfy puppet syntax requirements -set -ex -mon_data=\$(ceph-mon ${cluster_option} --id ${id} --show-config-value mon_data) -if [ ! -d \$mon_data ] ; then - mkdir -p \$mon_data - if ceph-mon ${cluster_option} \ - --mkfs \ - --id ${id} \ - --keyring ${keyring_path} ; then - touch \$mon_data/done \$mon_data/${init} \$mon_data/keyring - else - rm -fr \$mon_data - fi -fi -", - unless => "/bin/true # comment to satisfy puppet syntax requirements -set -ex -mon_data=\$(ceph-mon ${cluster_option} --id ${id} --show-config-value mon_data) -test -d \$mon_data -", - logoutput => true, - timeout => $exec_timeout, - }-> - service { $mon_service: - ensure => running, - } - - # if the service is running before we setup the configs, notify service - Ceph_config<||> ~> - Service[$mon_service] - - if $authentication_type == 'cephx' { - if $key { - Exec[$ceph_mkfs] -> Exec["rm-keyring-${id}"] - - exec { "rm-keyring-${id}": - command => "/bin/rm ${keyring_path}", - unless => "/bin/true # comment to satisfy puppet syntax requirements -set -ex -test ! -e ${keyring_path} -", - } - } - } - - } else { - service { $mon_service: - ensure => stopped - } - -> - exec { "remove-mon-${id}": - command => "/bin/true # comment to satisfy puppet syntax requirements -set -ex -mon_data=\$(ceph-mon ${cluster_option} --id ${id} --show-config-value mon_data) -rm -fr \$mon_data -", - unless => "/bin/true # comment to satisfy puppet syntax requirements -set -ex -which ceph-mon || exit 0 # if ceph-mon is not available we already uninstalled ceph and there is nothing to do -mon_data=\$(ceph-mon ${cluster_option} --id ${id} --show-config-value mon_data) -test ! -d \$mon_data -", - logoutput => true, - timeout => $exec_timeout, - } -> - ceph_config { - "mon.${id}/public_addr": ensure => absent; - } -> Package<| tag == 'ceph' |> - } - } diff --git a/ceph/manifests/mons.pp b/ceph/manifests/mons.pp deleted file mode 100644 index c71ac8b0c..000000000 --- a/ceph/manifests/mons.pp +++ /dev/null @@ -1,32 +0,0 @@ -# -# Copyright (C) 2013 Cloudwatt -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# Author: Loic Dachary -# -# == Class: ceph::mons -# -# Class wrapper for the benefit of scenario_node_terminus -# -# === Parameters: -# -# [*args*] A Ceph mons config hash -# Optional. -# -# [*defaults*] A config hash -# Optional. Defaults to a empty hash -# -class ceph::mons($args = {}, $defaults = {}) { - create_resources(ceph::mon, $args, $defaults) -} diff --git a/ceph/manifests/osd.pp b/ceph/manifests/osd.pp deleted file mode 100644 index cc2b8205a..000000000 --- a/ceph/manifests/osd.pp +++ /dev/null @@ -1,170 +0,0 @@ -# -# Copyright (C) 2014 Cloudwatt -# Copyright (C) 2014 Nine Internet Solutions AG -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# Author: Loic Dachary -# Author: David Gurtner -# -# == Define: ceph::osd -# -# Install and configure a ceph OSD -# -# === Parameters: -# -# [*title*] The OSD data path. -# Mandatory. A path in which the OSD data is to be stored. -# -# [*ensure*] Installs ( present ) or remove ( absent ) an OSD -# Optional. Defaults to present. -# If set to absent, it will stop the OSD service and remove -# the associated data directory. -# -# [*journal*] The OSD journal path. -# Optional. Defaults to co-locating the journal with the data -# defined by *title*. -# -# [*cluster*] The ceph cluster -# Optional. Same default as ceph. -# -# [*exec_timeout*] The default exec resource timeout, in seconds -# Optional. Defaults to $::ceph::params::exec_timeout -# -define ceph::osd ( - $ensure = present, - $journal = undef, - $cluster = undef, - $exec_timeout = $::ceph::params::exec_timeout, - ) { - - $data = $name - - if $cluster { - $cluster_option = "--cluster ${cluster}" - $cluster_name = $cluster - } else { - $cluster_name = 'ceph' - } - - if $ensure == present { - - $ceph_check_udev = "ceph-osd-check-udev-${name}" - $ceph_prepare = "ceph-osd-prepare-${name}" - $ceph_activate = "ceph-osd-activate-${name}" - - Package<| tag == 'ceph' |> -> Exec[$ceph_check_udev] - Ceph_config<||> -> Exec[$ceph_prepare] - Ceph::Mon<||> -> Exec[$ceph_prepare] - Ceph::Key<||> -> Exec[$ceph_prepare] - - $udev_rules_file = '/usr/lib/udev/rules.d/95-ceph-osd.rules' - exec { $ceph_check_udev: - command => "/bin/true # comment to satisfy puppet syntax requirements -# Before Infernalis the udev rules race causing the activation to fail so we -# disable them. More at: http://www.spinics.net/lists/ceph-devel/msg28436.html -mv -f ${udev_rules_file} ${udev_rules_file}.disabled && udevadm control --reload || true -", - onlyif => "/bin/true # comment to satisfy puppet syntax requirements -set -ex -DISABLE_UDEV=\$(ceph --version | awk 'match(\$3, /[0-9]\\.[0-9]+/) {if (substr(\$3, RSTART, RLENGTH) <= 0.94) {print 1}}') -test -f ${udev_rules_file} && test \$DISABLE_UDEV -eq 1 -", - logoutput => true, - } - - Exec[$ceph_check_udev] -> Exec[$ceph_prepare] - # ceph-disk: prepare should be idempotent http://tracker.ceph.com/issues/7475 - exec { $ceph_prepare: - command => "/bin/true # comment to satisfy puppet syntax requirements -set -ex -if ! test -b ${data} ; then - mkdir -p ${data} -fi -ceph-disk prepare ${cluster_option} ${data} ${journal} -udevadm settle -", - unless => "/bin/true # comment to satisfy puppet syntax requirements -set -ex -ceph-disk list | grep -E ' *${data}1? .*ceph data, (prepared|active)' || -{ test -f ${data}/fsid && test -f ${data}/ceph_fsid && test -f ${data}/magic ;} -", - logoutput => true, - timeout => $exec_timeout, - } - - Exec[$ceph_prepare] -> Exec[$ceph_activate] - exec { $ceph_activate: - command => "/bin/true # comment to satisfy puppet syntax requirements -set -ex -if ! test -b ${data} ; then - mkdir -p ${data} -fi -# activate happens via udev when using the entire device -if ! test -b ${data} || ! test -b ${data}1 ; then - ceph-disk activate ${data} || true -fi -if test -f ${udev_rules_file}.disabled && test -b ${data}1 ; then - ceph-disk activate ${data}1 || true -fi -", - unless => "/bin/true # comment to satisfy puppet syntax requirements -set -ex -ls -ld /var/lib/ceph/osd/${cluster_name}-* | grep ' ${data}\$' -", - logoutput => true, - } - - } else { - - # ceph-disk: support osd removal http://tracker.ceph.com/issues/7454 - exec { "remove-osd-${name}": - command => "/bin/true # comment to satisfy puppet syntax requirements -set -ex -if [ -z \"\$id\" ] ; then - id=\$(ceph-disk list | sed -nEe 's:^ *${data}1? .*(ceph data|mounted on).*osd\\.([0-9]+).*:\\2:p') -fi -if [ -z \"\$id\" ] ; then - id=\$(ls -ld /var/lib/ceph/osd/${cluster_name}-* | sed -nEe 's:.*/${cluster_name}-([0-9]+) *-> *${data}\$:\\1:p' || true) -fi -if [ \"\$id\" ] ; then - stop ceph-osd cluster=${cluster_name} id=\$id || true - service ceph stop osd.\$id || true - ceph ${cluster_option} osd crush remove osd.\$id - ceph ${cluster_option} auth del osd.\$id - ceph ${cluster_option} osd rm \$id - rm -fr /var/lib/ceph/osd/${cluster_name}-\$id/* - umount /var/lib/ceph/osd/${cluster_name}-\$id || true - rm -fr /var/lib/ceph/osd/${cluster_name}-\$id -fi -", - unless => "/bin/true # comment to satisfy puppet syntax requirements -set -ex -if [ -z \"\$id\" ] ; then - id=\$(ceph-disk list | sed -nEe 's:^ *${data}1? .*(ceph data|mounted on).*osd\\.([0-9]+).*:\\2:p') -fi -if [ -z \"\$id\" ] ; then - id=\$(ls -ld /var/lib/ceph/osd/${cluster_name}-* | sed -nEe 's:.*/${cluster_name}-([0-9]+) *-> *${data}\$:\\1:p' || true) -fi -if [ \"\$id\" ] ; then - test ! -d /var/lib/ceph/osd/${cluster_name}-\$id -else - true # if there is no id we do nothing -fi -", - logoutput => true, - timeout => $exec_timeout, - } -> Ceph::Mon<| ensure == absent |> - } - -} diff --git a/ceph/manifests/osds.pp b/ceph/manifests/osds.pp deleted file mode 100644 index f20b60355..000000000 --- a/ceph/manifests/osds.pp +++ /dev/null @@ -1,32 +0,0 @@ -# -# Copyright (C) 2014 Nine Internet Solutions AG -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# Author: David Gurtner -# -# == Class: ceph::osds -# -# Class wrapper for the benefit of scenario_node_terminus -# -# === Parameters: -# -# [*args*] A Ceph osds config hash -# Optional. -# -# [*defaults*] A config hash -# Optional. Defaults to a empty hash -# -class ceph::osds($args = {}, $defaults = {}) { - create_resources(ceph::osd, $args, $defaults) -} diff --git a/ceph/manifests/params.pp b/ceph/manifests/params.pp deleted file mode 100644 index fb0f41d3d..000000000 --- a/ceph/manifests/params.pp +++ /dev/null @@ -1,61 +0,0 @@ -# Copyright (C) 2013, 2014 iWeb Technologies Inc. -# Copyright (C) 2014 Nine Internet Solutions AG -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# Author: David Moreau Simard -# Author: David Gurtner -# -# == Class: ceph::params -# -# these parameters need to be accessed from several locations and -# should be considered to be constant -# -# === Parameters: -# [*exec_timeout*] The default exec resource timeout, in seconds -# Optional. Defaults to 600 -# -# [*packages*] The ceph package name -# Optional. Defaults to 'ceph' -# -# [*rgw_socket_path*] The socket path of the rados gateway -# Optional. Defaults to '/tmp/radosgw.sock' -# -class ceph::params ( - $exec_timeout = 600, - $packages = 'ceph', # just provide the minimum per default - $rgw_socket_path = '/tmp/radosgw.sock', -) { - - case $::osfamily { - 'Debian': { - $pkg_radosgw = 'radosgw' - $user_radosgw = 'www-data' - $pkg_fastcgi = 'libapache2-mod-fastcgi' - $pkg_nsstools = 'libnss3-tools' - $service_provider = 'debian' - } - - 'RedHat': { - $pkg_radosgw = 'ceph-radosgw' - $user_radosgw = 'apache' - $pkg_fastcgi = 'mod_fastcgi' - $pkg_nsstools = 'nss-tools' - $service_provider = 'redhat' - } - - default: { - fail("Unsupported osfamily: ${::osfamily} operatingsystem: ${::operatingsystem}, module ${module_name} only supports osfamily Debian or RedHat") - } - } -} diff --git a/ceph/manifests/pool.pp b/ceph/manifests/pool.pp deleted file mode 100644 index 70e19d0ae..000000000 --- a/ceph/manifests/pool.pp +++ /dev/null @@ -1,127 +0,0 @@ -# -# Copyright (C) 2014 Catalyst IT Limited. -# Copyright (C) 2014 Nine Internet Solutions AG -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# Author: Ricardo Rocha -# Author: David Gurtner -# -# Manages operations on the pools in the cluster, such as creating or deleting -# pools, setting PG/PGP numbers, number of replicas, ... -# -# == Define: ceph::pool -# -# The name of the pool. -# -# === Parameters: -# -# [*ensure*] Creates ( present ) or removes ( absent ) a pool. -# Optional. Defaults to present. -# If set to absent, it will drop the pool and all its data. -# -# [*pg_num*] Number of PGs for the pool. -# Optional. Default is 64 ( but you probably want to pass a value here ). -# Number of Placement Groups (PGs) for a pool, if the pool already -# exists this may increase the number of PGs if the current value is lower. -# Check http://ceph.com/docs/master/rados/operations/placement-groups/. -# -# [*pgp_num*] Same as for pg_num. -# Optional. Default is undef. -# -# [*size*] Replica level for the pool. -# Optional. Default is undef. -# Increase or decrease the replica level of a pool. -# -# [*exec_timeout*] The default exec resource timeout, in seconds -# Optional. Defaults to $::ceph::params::exec_timeout -# -define ceph::pool ( - $ensure = present, - $pg_num = 64, - $pgp_num = undef, - $size = undef, - $exec_timeout = $::ceph::params::exec_timeout, -) { - - if $ensure == present { - - Ceph_config<||> -> Exec["create-${name}"] - Ceph::Mon<||> -> Exec["create-${name}"] - Ceph::Key<||> -> Exec["create-${name}"] - exec { "create-${name}": - command => "/bin/true # comment to satisfy puppet syntax requirements -set -ex -ceph osd pool create ${name} ${pg_num}", - unless => "/bin/true # comment to satisfy puppet syntax requirements -set -ex -ceph osd lspools | grep ' ${name},'", - timeout => $exec_timeout, - } - - exec { "set-${name}-pg_num": - command => "/bin/true # comment to satisfy puppet syntax requirements -set -ex -ceph osd pool set ${name} pg_num ${pg_num}", - unless => "/bin/true # comment to satisfy puppet syntax requirements -set -ex -test $(ceph osd pool get ${name} pg_num | sed 's/.*:\s*//g') -ge ${pg_num}", - require => Exec["create-${name}"], - timeout => $exec_timeout, - } - - if $pgp_num { - exec { "set-${name}-pgp_num": - command => "/bin/true # comment to satisfy puppet syntax requirements -set -ex -ceph osd pool set ${name} pgp_num ${pgp_num}", - unless => "/bin/true # comment to satisfy puppet syntax requirements -set -ex -test $(ceph osd pool get ${name} pgp_num | sed 's/.*:\s*//g') -ge ${pgp_num}", - require => Exec["create-${name}"], - timeout => $exec_timeout, - } - } - - if $size { - exec { "set-${name}-size": - command => "/bin/true # comment to satisfy puppet syntax requirements -set -ex -ceph osd pool set ${name} size ${size}", - unless => "/bin/true # comment to satisfy puppet syntax requirements -set -ex -test $(ceph osd pool get ${name} size | sed 's/.*:\s*//g') -eq ${size}", - require => Exec["create-${name}"], - timeout => $exec_timeout, - } - } - - } elsif $ensure == absent { - - exec { "delete-${name}": - command => "/bin/true # comment to satisfy puppet syntax requirements -set -ex -ceph osd pool delete ${name} ${name} --yes-i-really-really-mean-it", - onlyif => "/bin/true # comment to satisfy puppet syntax requirements -set -ex -ceph osd lspools | grep ${name}", - timeout => $exec_timeout, - } -> Ceph::Mon<| ensure == absent |> - - } else { - - fail("*ensure* must be either present or absent - was '${ensure}'") - - } - -} diff --git a/ceph/manifests/profile/base.pp b/ceph/manifests/profile/base.pp deleted file mode 100644 index 8a4b648e7..000000000 --- a/ceph/manifests/profile/base.pp +++ /dev/null @@ -1,47 +0,0 @@ -# -# Copyright (C) 2014 Nine Internet Solutions AG -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# Author: David Gurtner -# -# == Class: ceph::profile::base -# -# Base profile to install ceph and configure /etc/ceph/ceph.conf -# -class ceph::profile::base { - include ::ceph::profile::params - - if ( $ceph::profile::params::manage_repo ) { - Class['ceph::repo'] -> Class['ceph'] - - class { '::ceph::repo': - release => $ceph::profile::params::release, - } - } - - class { '::ceph': - fsid => $ceph::profile::params::fsid, - authentication_type => $ceph::profile::params::authentication_type, - osd_journal_size => $ceph::profile::params::osd_journal_size, - osd_pool_default_pg_num => $ceph::profile::params::osd_pool_default_pg_num, - osd_pool_default_pgp_num => $ceph::profile::params::osd_pool_default_pgp_num, - osd_pool_default_size => $ceph::profile::params::osd_pool_default_size, - osd_pool_default_min_size => $ceph::profile::params::osd_pool_default_min_size, - mon_initial_members => $ceph::profile::params::mon_initial_members, - mon_host => $ceph::profile::params::mon_host, - ms_bind_ipv6 => $ceph::profile::params::ms_bind_ipv6, - cluster_network => $ceph::profile::params::cluster_network, - public_network => $ceph::profile::params::public_network, - } -} diff --git a/ceph/manifests/profile/client.pp b/ceph/manifests/profile/client.pp deleted file mode 100644 index fd3d722d8..000000000 --- a/ceph/manifests/profile/client.pp +++ /dev/null @@ -1,35 +0,0 @@ -# -# Copyright (C) 2014 Nine Internet Solutions AG -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# Author: David Gurtner -# Author: David Moreau Simard -# -# == Class: ceph::profile::client -# -# Profile for a Ceph client -# -class ceph::profile::client { - require ::ceph::profile::base - - # If the same server is hosting a mon, osd and client, the key resource is - # ultimately handled by the mon class. - if ! defined(Class['ceph::keys']) { - if !empty($ceph::profile::params::client_keys) { - class { '::ceph::keys': - args => $ceph::profile::params::client_keys - } - } - } -} diff --git a/ceph/manifests/profile/mon.pp b/ceph/manifests/profile/mon.pp deleted file mode 100644 index c680bef5a..000000000 --- a/ceph/manifests/profile/mon.pp +++ /dev/null @@ -1,45 +0,0 @@ -# -# Copyright (C) 2014 Nine Internet Solutions AG -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# Author: David Gurtner -# Author: David Moreau Simard -# -# == Class: ceph::profile::mon -# -# Profile for a Ceph mon -# -class ceph::profile::mon { - require ::ceph::profile::base - - ceph::mon { $::hostname: - authentication_type => $ceph::profile::params::authentication_type, - key => $ceph::profile::params::mon_key, - keyring => $ceph::profile::params::mon_keyring, - public_addr => $ceph::profile::params::public_addr, - } - - $defaults = { - inject => true, - inject_as_id => 'mon.', - inject_keyring => "/var/lib/ceph/mon/ceph-${::hostname}/keyring", - } - - if !empty($ceph::profile::params::client_keys) { - class { '::ceph::keys': - args => $ceph::profile::params::client_keys, - defaults => $defaults - } - } -} diff --git a/ceph/manifests/profile/osd.pp b/ceph/manifests/profile/osd.pp deleted file mode 100644 index 4f57f3d35..000000000 --- a/ceph/manifests/profile/osd.pp +++ /dev/null @@ -1,29 +0,0 @@ -# -# Copyright (C) 2014 Nine Internet Solutions AG -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# Author: David Gurtner -# Author: David Moreau Simard -# -# Class: ceph::profle::osd -# -# Profile for a Ceph osd -# -class ceph::profile::osd { - require ::ceph::profile::client - - class { '::ceph::osds': - args => $ceph::profile::params::osds, - } -} diff --git a/ceph/manifests/profile/params.pp b/ceph/manifests/profile/params.pp deleted file mode 100644 index 9fd533c91..000000000 --- a/ceph/manifests/profile/params.pp +++ /dev/null @@ -1,150 +0,0 @@ -# -# Copyright (C) 2014 Nine Internet Solutions AG -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# Author: David Gurtner -# Author: David Moreau Simard -# -# == Class: ceph::profile::params -# -# Extract the data from hiera where available -# -# === Parameters: -# -# [*fsid*] The cluster's fsid. -# Mandatory. Get one with `uuidgen -r`. -# -# [*release*] The name of the Ceph release to install. -# Optional. -# -# [*authentication_type*] Authentication type. -# Optional. none or 'cephx'. Defaults to 'undef'. -# -# [*mon_initial_members*] The IDs of initial MONs in the cluster during startup. -# Optional. String like e.g. 'a, b, c'. -# -# [*mon_host*] The fqdn of MONs in the cluster. They can also be declared -# individually through ceph::mon. -# Optional. String like e.g. 'a, b, c'. -# -# [*ms_bind_ipv6*] Enables Ceph daemons to bind to IPv6 addresses. -# Optional. Boolean. Default provided by Ceph. -# -# [*osd_journal_size*] The size of the journal file/device. -# Optional. Integer. Default provided by Ceph. -# -# [*osd_pool_default_pg_num*] The default number of PGs per pool. -# Optional. Integer. Default provided by Ceph. -# -# [*osd_pool_default_pgp_num*] The default flags for new pools. -# Optional. Integer. Default provided by Ceph. -# -# [*osd_pool_default_size*] Number of replicas for objects in the pool -# Optional. Integer. Default provided by Ceph. -# -# [*osd_pool_default_min_size*] The default minimum num of replicas. -# Optional. Integer. Default provided by Ceph. -# -# [*osd_pool_default_crush_rule*] The default CRUSH ruleset to use -# when creating a pool. -# Optional. Integer. Default provided by Ceph. -# -# [*mon_osd_full_ratio*] Percentage of disk space used before -# an OSD considered full -# Optional. Integer e.g. 95, NOTE: ends in config as .95 -# Default provided by Ceph. -# -# [*mon_osd_nearfull_ratio*] Percentage of disk space used before -# an OSD considered nearfull -# Optional. Float e.g. 90, NOTE: ends in config as .90 -# Default provided by Ceph. -# -# [*cluster_network*] The address of the cluster network. -# Optional. {cluster-network-ip/netmask} -# -# [*public_network*] The address of the public network. -# Optional. {public-network-ip/netmask} -# -# [*public_addr*] The MON bind IP address. -# Optional. The IPv(4|6) address on which MON binds itself. -# This is useful when not specifying public_network or when there is more than one IP address on -# the same network and you want to be specific about the IP to bind the MON on. -# -# [*mon_key*] The mon secret key. -# Optional. Either mon_key or mon_keyring need to be set when using cephx. -# -# [*mon_keyring*] The location of the keyring retrieved by default -# Optional. Either mon_key or mon_keyring need to be set when using cephx -# -# [*client_keys*] A hash of client keys that will be passed to ceph::keys. -# Optional but required when using cephx. -# See ceph::key for hash parameters andstructure. -# -# [*osds*] A Ceph osd hash -# Optional. -# -# [*manage_repo*] Whether we should manage the local repository (true) or depend -# on what is available (false). Set this to false when you want to manage the -# the repo by yourself. -# Optional. Defaults to true -# -# [*rgw_name*] the name for the radosgw cluster. Must be in the format -# "radosgw.${name}" where name is whatever you want -# Optional. -# -# [*rgw_user*] the user ID radosgw should run as. -# Optional. -# -# [*rgw_print_continue*] should http 100 continue be used -# Optional. -# -# [*frontend_type*] What type of frontend to use -# Optional. Options are apache-fastcgi, apache-proxy-fcgi or civetweb -# -# [*rgw_frontends*] Arguments to the rgw frontend -# Optional. Example: "civetweb port=7480" -# - -class ceph::profile::params ( - $fsid = undef, - $release = undef, - $authentication_type = undef, - $mon_initial_members = undef, - $mon_host = undef, - $ms_bind_ipv6 = undef, - $osd_journal_size = undef, - $osd_pool_default_pg_num = undef, - $osd_pool_default_pgp_num = undef, - $osd_pool_default_size = undef, - $osd_pool_default_min_size = undef, - $cluster_network = undef, - $public_network = undef, - $public_addr = undef, - $mon_key = undef, - $mon_keyring = undef, - $client_keys = {}, - $osds = undef, - $manage_repo = true, - $rgw_name = undef, - $rgw_user = undef, - $rgw_print_continue = undef, - $frontend_type = undef, - $rgw_frontends = undef, -) { - validate_hash($client_keys) - - if $authentication_type == 'cephx' and empty($client_keys) { - fail("client_keys must be provided when using authentication_type = 'cephx'") - } -} diff --git a/ceph/manifests/profile/rgw.pp b/ceph/manifests/profile/rgw.pp deleted file mode 100644 index 4bc45493a..000000000 --- a/ceph/manifests/profile/rgw.pp +++ /dev/null @@ -1,34 +0,0 @@ -# -# Copyright (C) 2016 Keith Schincke -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# Author: Keith Schincke -# -# == Class: ceph::profile::rgw -# -# Profile for Ceph rgw -# -class ceph::profile::rgw { - require ::ceph::profile::base - $rgw_name = $::ceph::profile::params::rgw_name ? { - undef => 'radosgw.gateway', - default => $::ceph::profile::params::rgw_name, - } - ceph::rgw { $rgw_name: - user => $::ceph::profile::params::rgw_user, - rgw_print_continue => $::ceph::profile::params::rgw_print_continue, - frontend_type => $::ceph::profile::params::frontend_type, - rgw_frontends => $::ceph::profile::params::rgw_frontends, - } -} diff --git a/ceph/manifests/repo.pp b/ceph/manifests/repo.pp deleted file mode 100644 index 433754de1..000000000 --- a/ceph/manifests/repo.pp +++ /dev/null @@ -1,236 +0,0 @@ -# Copyright (C) 2013, 2014 iWeb Technologies Inc. -# Copyright (C) 2013 Cloudwatt -# Copyright (C) 2014 Nine Internet Solutions AG -# Copyright (C) 2014 Catalyst IT Limited -# Copyright (C) 2015 Red Hat -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# Author: Loic Dachary -# Author: Francois Charlier -# Author: David Moreau Simard -# Author: Andrew Woodward -# Author: David Gurtner -# Author: Ricardo Rocha -# Author: Emilien Macchi -# -# == Class: ceph::repo -# -# Configure ceph APT repo for Ceph -# -# === Parameters: -# -# [*ensure*] The ensure state for package ressources. -# Optional. Defaults to 'present'. -# -# [*release*] The name of the Ceph release to install -# Optional. Default to 'hammer'. -# -# [*fastcgi*] Install Ceph fastcgi apache module for Ceph -# Optional. Defaults to 'false' -# -# [*proxy*] Proxy URL to be used for the yum repository, useful if you're behind a corporate firewall -# Optional. Defaults to 'undef' -# -# [*proxy_username*] The username to be used for the proxy if one should be required -# Optional. Defaults to 'undef' -# -# [*proxy_password*] The password to be used for the proxy if one should be required -# Optional. Defaults to 'undef' -# -# [*enable_epel*] Whether or not enable EPEL repository. -# Optional. Defaults to True -# -# [*enable_sig*] Whether or not enable SIG repository. -# CentOS SIG repository contains Ceph packages built by CentOS community. -# https://wiki.centos.org/SpecialInterestGroup/Storage/ -# Optional. Defaults to False -# -class ceph::repo ( - $ensure = present, - $release = 'hammer', - $fastcgi = false, - $proxy = undef, - $proxy_username = undef, - $proxy_password = undef, - $enable_epel = true, - $enable_sig = false, -) { - case $::osfamily { - 'Debian': { - include ::apt - - apt::key { 'ceph': - ensure => $ensure, - id => '08B73419AC32B4E966C1A330E84AC2C0460F3994', - source => 'https://download.ceph.com/keys/release.asc', - } - - apt::source { 'ceph': - ensure => $ensure, - location => "http://download.ceph.com/debian-${release}/", - release => $::lsbdistcodename, - require => Apt::Key['ceph'], - tag => 'ceph', - } - - if $fastcgi { - - apt::key { 'ceph-gitbuilder': - ensure => $ensure, - id => 'FCC5CB2ED8E6F6FB79D5B3316EAEAE2203C3951A', - server => 'keyserver.ubuntu.com', - } - - apt::source { 'ceph-fastcgi': - ensure => $ensure, - location => "http://gitbuilder.ceph.com/libapache-mod-fastcgi-deb-${::lsbdistcodename}-${::hardwaremodel}-basic/ref/master", - release => $::lsbdistcodename, - require => Apt::Key['ceph-gitbuilder'], - } - - } - - Apt::Source<| tag == 'ceph' |> -> Package<| tag == 'ceph' |> - Exec['apt_update'] -> Package<| tag == 'ceph' |> - } - - 'RedHat': { - $enabled = $ensure ? { 'present' => '1', 'absent' => '0', default => absent, } - - # If you want to deploy Ceph using packages provided by CentOS SIG - # https://wiki.centos.org/SpecialInterestGroup/Storage/ - if $enable_sig { - if $::operatingsystem != 'CentOS' { - warning("CentOS SIG repository is only supported on CentOS operating system, not on ${::operatingsystem}, which can lead to packaging issues.") - } - exec { 'installing_centos-release-ceph': - command => '/usr/bin/yum install -y centos-release-ceph-hammer', - logoutput => 'on_failure', - tries => 3, - try_sleep => 1, - unless => '/usr/bin/rpm -qa | /usr/bin/grep -q centos-release-ceph-hammer', - } -> - exec { 'installing_yum-plugin-priorities': - command => '/usr/bin/yum install -y yum-plugin-priorities', - logoutput => 'on_failure', - tries => 3, - try_sleep => 1, - unless => '/usr/bin/rpm -qa | /usr/bin/grep -q yum-plugin-priorities', - } -> - file_line { 'priority ceph repo': - ensure => $ensure, - path => '/etc/yum.repos.d/CentOS-Ceph-Hammer.repo', - after => '^\[centos-ceph-hammer\]$', - line => 'priority=1', - } - # Make sure we install the repo and configure priorities before install ceph - File_line['priority ceph repo'] -> Package<| tag == 'ceph' |> - } else { - # If you want to deploy Ceph using packages provided by ceph.com repositories. - if ((($::operatingsystem == 'RedHat' or $::operatingsystem == 'CentOS') and (versioncmp($::operatingsystemmajrelease, '7') < 0)) or ($::operatingsystem == 'Fedora' and (versioncmp($::operatingsystemmajrelease, '19') < 0))) { - $el = '6' - } else { - $el = '7' - } - - # Firefly is the last ceph.com supported release which conflicts with - # the CentOS 7 base channel. Therefore make sure to only exclude the - # conflicting packages in the exact combination of CentOS7 and Firefly. - # TODO: Remove this once Firefly becomes EOL - if ($::operatingsystem == 'CentOS' and $el == '7' and $release == 'firefly') { - file_line { 'exclude base': - ensure => $ensure, - path => '/etc/yum.repos.d/CentOS-Base.repo', - after => '^\[base\]$', - line => 'exclude=python-ceph-compat python-rbd python-rados python-cephfs', - } -> Package<| tag == 'ceph' |> - } - - Yumrepo { - proxy => $proxy, - proxy_username => $proxy_username, - proxy_password => $proxy_password, - } - - - yumrepo { 'ext-ceph': - # puppet versions prior to 3.5 do not support ensure, use enabled instead - enabled => $enabled, - descr => "External Ceph ${release}", - name => "ext-ceph-${release}", - baseurl => "http://download.ceph.com/rpm-${release}/el${el}/\$basearch", - gpgcheck => '1', - gpgkey => 'https://download.ceph.com/keys/release.asc', - mirrorlist => absent, - priority => '10', # prefer ceph repos over EPEL - tag => 'ceph', - } - - yumrepo { 'ext-ceph-noarch': - # puppet versions prior to 3.5 do not support ensure, use enabled instead - enabled => $enabled, - descr => 'External Ceph noarch', - name => "ext-ceph-${release}-noarch", - baseurl => "http://download.ceph.com/rpm-${release}/el${el}/noarch", - gpgcheck => '1', - gpgkey => 'https://download.ceph.com/keys/release.asc', - mirrorlist => absent, - priority => '10', # prefer ceph repos over EPEL - tag => 'ceph', - } - - if $fastcgi { - yumrepo { 'ext-ceph-fastcgi': - enabled => $enabled, - descr => 'FastCGI basearch packages for Ceph', - name => 'ext-ceph-fastcgi', - baseurl => "http://gitbuilder.ceph.com/mod_fastcgi-rpm-rhel${el}-x86_64-basic/ref/master", - gpgcheck => '1', - gpgkey => 'https://download.ceph.com/keys/autobuild.asc', - mirrorlist => absent, - priority => '20', # prefer ceph repos over EPEL - tag => 'ceph', - } - } - - # prefer ceph.com repos over EPEL - package { 'yum-plugin-priorities': - ensure => present, - } - } - - if $enable_epel { - yumrepo { "ext-epel-${el}": - # puppet versions prior to 3.5 do not support ensure, use enabled instead - enabled => $enabled, - descr => "External EPEL ${el}", - name => "ext-epel-${el}", - baseurl => absent, - gpgcheck => '1', - gpgkey => "https://dl.fedoraproject.org/pub/epel/RPM-GPG-KEY-EPEL-${el}", - mirrorlist => "http://mirrors.fedoraproject.org/metalink?repo=epel-${el}&arch=\$basearch", - priority => '20', # prefer ceph repos over EPEL - tag => 'ceph', - exclude => 'python-ceph-compat python-rbd python-rados python-cephfs', - } - } - - Yumrepo<| tag == 'ceph' |> -> Package<| tag == 'ceph' |> - } - - default: { - fail("Unsupported osfamily: ${::osfamily} operatingsystem: ${::operatingsystem}, module ${module_name} only supports osfamily Debian and RedHat") - } - } -} diff --git a/ceph/manifests/rgw.pp b/ceph/manifests/rgw.pp deleted file mode 100644 index 27bd6ccae..000000000 --- a/ceph/manifests/rgw.pp +++ /dev/null @@ -1,209 +0,0 @@ -# -# Copyright (C) 2014 Catalyst IT Limited. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# Author: Ricardo Rocha -# Author: Oleksiy Molchanov -# -# Configures a ceph radosgw. -# -# == Define: ceph::rgw -# -# The RGW id. An alphanumeric string uniquely identifying the RGW. -# ( example: radosgw.gateway ) -# -# === Parameters: -# -# [*pkg_radosgw*] Package name for the ceph radosgw. -# Optional. Default is osfamily dependent (check ceph::params). -# -# [*rgw_ensure*] Whether to start radosgw service. -# Optional. Default is running. -# -# [*rgw_enable*] Whether to enable radosgw service on boot. -# Optional. Default is true. -# -# [*rgw_data*] The path where the radosgw data should be stored. -# Optional. Default is '/var/lib/ceph/radosgw/${cluster}-${name}. -# -# [*user*] User running the web frontend. -# Optional. Default is 'www-data'. -# -# [*keyring_path*] Location of keyring. -# Optional. Default is '/etc/ceph/${name}.keyring'. -# -# [*log_file*] Log file to write to. -# Optional. Default is '/var/log/ceph/radosgw.log'. -# -# [*rgw_dns_name*] Hostname to use for the service. -# Optional. Default is $fqdn. -# -# [*rgw_socket_path*] Path to socket file. -# Optional. Default is '/tmp/radosgw.sock'. -# -# [*rgw_print_continue*] True to send 100 codes to the client. -# Optional. Default is false. -# -# [*rgw_port*] Port the rados gateway listens. -# Optional. Default is undef. -# -# [*frontend_type*] What type of frontend to use -# Optional. Default is apache-fastcgi. Other options are apache-proxy-fcgi or civetweb -# -# [*rgw_frontends*] Arguments to the rgw frontend -# Optional. Default is 'fastcgi socket_port=9000 socket_host=127.0.0.1'. Example: "civetweb port=7480" -# -# [*syslog*] Whether or not to log to syslog. -# Optional. Default is true. -# -define ceph::rgw ( - $pkg_radosgw = $::ceph::params::pkg_radosgw, - $rgw_ensure = 'running', - $rgw_enable = true, - $rgw_data = "/var/lib/ceph/radosgw/ceph-${name}", - $user = $::ceph::params::user_radosgw, - $keyring_path = "/etc/ceph/ceph.client.${name}.keyring", - $log_file = '/var/log/ceph/radosgw.log', - $rgw_dns_name = $::fqdn, - $rgw_socket_path = $::ceph::params::rgw_socket_path, - $rgw_print_continue = false, - $rgw_port = undef, - $frontend_type = 'apache-fastcgi', - $rgw_frontends = 'fastcgi socket_port=9000 socket_host=127.0.0.1', - $syslog = true, -) { - - include ::stdlib - - unless $name =~ /^radosgw\..+/ { - fail("Define name must be started with 'radosgw.'") - } - - ceph_config { - "client.${name}/host": value => $::hostname; - "client.${name}/keyring": value => $keyring_path; - "client.${name}/log_file": value => $log_file; - "client.${name}/user": value => $user; - } - - if($frontend_type == 'civetweb') - { - if( $rgw_frontends =~ /civetweb/ ) - { - ceph::rgw::civetweb { $name: - rgw_frontends => $rgw_frontends, - } - } - } - elsif ( ( $frontend_type == 'apache-fastcgi' ) or ( $frontend_type == 'apache-proxy-fcgi' ) ) - { - ceph_config { - "client.${name}/rgw_dns_name": value => $rgw_dns_name; - "client.${name}/rgw_print_continue": value => $rgw_print_continue; - "client.${name}/rgw_socket_path": value => $rgw_socket_path; - } - if $frontend_type == 'apache-fastcgi' { - ceph_config { - "client.${name}/rgw_port": value => $rgw_port; - } - } elsif $frontend_type == 'apache-proxy-fcgi' { - ceph_config { - "client.${name}/rgw_frontends": value => $rgw_frontends; - } - } - } - else - { - fail("Unsupported frontend_type: ${frontend_type}") - } - - package { $pkg_radosgw: - ensure => installed, - tag => 'ceph', - } - - # Data directory for radosgw - file { '/var/lib/ceph/radosgw': # missing in redhat pkg - ensure => directory, - mode => '0755', - } - file { $rgw_data: - ensure => directory, - owner => 'root', - group => 'root', - mode => '0750', - } - - # Log file for radosgw (ownership) - file { $log_file: - ensure => present, - owner => $user, - mode => '0640', - } - - # service definition - # if Ubuntu does not use systemd - if $::service_provider == 'upstart' { - if $rgw_enable { - file { "${rgw_data}/done": - ensure => present, - before => Service["radosgw-${name}"], - } - } - - Service { - name => "radosgw-${name}", - start => "start radosgw id=${name}", - stop => "stop radosgw id=${name}", - status => "status radosgw id=${name}", - provider => $::ceph::params::service_provider, - } - # Everything else that is supported by puppet-ceph should run systemd. - } else { - if $rgw_enable { - file { "${rgw_data}/sysvinit": - ensure => present, - before => Service["radosgw-${name}"], - } - } - - Service { - name => "radosgw-${name}", - start => 'service radosgw start', - stop => 'service radosgw stop', - status => 'service radosgw status', - provider => $::ceph::params::service_provider, - } - } - - #for RHEL/CentOS7, systemctl needs to reload to pickup the ceph-radosgw init file - if (($::operatingsystem == 'RedHat' or $::operatingsystem == 'CentOS') and (versioncmp($::operatingsystemmajrelease, '7') >= 0)) - { - exec { 'systemctl-reload-from-rgw': #needed for the new init file - command => '/usr/bin/systemctl daemon-reload', - } - } - service { "radosgw-${name}": - ensure => $rgw_ensure, - } - - Ceph_config<||> -> Service["radosgw-${name}"] - Package<| tag == 'ceph' |> -> File['/var/lib/ceph/radosgw'] - Package<| tag == 'ceph' |> -> File[$log_file] - File['/var/lib/ceph/radosgw'] - -> File[$rgw_data] - -> Service["radosgw-${name}"] - File[$log_file] -> Service["radosgw-${name}"] - Ceph::Pool<||> -> Service["radosgw-${name}"] -} diff --git a/ceph/manifests/rgw/apache.pp b/ceph/manifests/rgw/apache.pp deleted file mode 100644 index d17e51ec8..000000000 --- a/ceph/manifests/rgw/apache.pp +++ /dev/null @@ -1,76 +0,0 @@ -# -# Copyright (C) 2014 Catalyst IT Limited. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# Author: Ricardo Rocha -# -# Configures a ceph radosgw apache frontend. -# -## == Define: ceph::rgw::apache -# -# The RGW id. An alphanumeric string uniquely identifying the RGW. -# ( example: radosgw.gateway ) -# -### == Parameters -# -# [*admin_email*] Admin email for the radosgw reports. -# Optional. Default is 'root@localhost'. -# -# [*docroot*] Location of the apache docroot. -# Optional. Default is '/var/www'. -# -# [*fcgi_file*] Path to the fcgi file. -# Optional. Default is '/var/www/s3gw.cgi'. -# -# [*rgw_port*] Port the rados gateway listens. -# Optional. Default is 80. -# -# [*rgw_dns_name*] Hostname to use for the service. -# Optional. Default is $fqdn. -# -# [*rgw_socket_path*] Path to socket file. -# Optional. Default is '/tmp/radosgw.sock'. -# -# [*syslog*] Whether or not to log to syslog. -# Optional. Default is true. -# -# [*ceph_apache_repo*] Whether to require the CEPH apache repo (ceph::repo::fastcgi). -# Optional. Default is true. Check: -# http://ceph.com/docs/master/install/install-ceph-gateway/ -# for more info on repository recommendations. -# -define ceph::rgw::apache ( - $admin_email = 'root@localhost', - $docroot = '/var/www', - $fcgi_file = '/var/www/s3gw.fcgi', - $rgw_dns_name = $::fqdn, - $rgw_port = 80, - $rgw_socket_path = $::ceph::params::rgw_socket_path, - $syslog = true, - $ceph_apache_repo = true, -) { - - warning ('Class rgw::apache is deprecated in favor of rgw::apache_fastcgi') - - ceph::rgw::apache_fastcgi { $name: - admin_email => $admin_email, - docroot => $docroot, - fcgi_file => $fcgi_file, - rgw_dns_name => $rgw_dns_name, - rgw_port => $rgw_port, - rgw_socket_path => $rgw_socket_path, - syslog => $syslog, - ceph_apache_repo => $ceph_apache_repo, - } -} diff --git a/ceph/manifests/rgw/apache_fastcgi.pp b/ceph/manifests/rgw/apache_fastcgi.pp deleted file mode 100644 index 7aa20d223..000000000 --- a/ceph/manifests/rgw/apache_fastcgi.pp +++ /dev/null @@ -1,148 +0,0 @@ -# -# Copyright (C) 2014 Catalyst IT Limited. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# Author: Ricardo Rocha -# -# Configures a ceph radosgw apache frontend with mod_fastcgi. -# -## == Define: ceph::rgw::apache_fastcgi -# -# The RGW id. An alphanumeric string uniquely identifying the RGW. -# ( example: radosgw.gateway ) -# -### == Parameters -# -# [*admin_email*] Admin email for the radosgw reports. -# Optional. Default is 'root@localhost'. -# -# [*docroot*] Location of the apache docroot. -# Optional. Default is '/var/www'. -# -# [*fcgi_file*] Path to the fcgi file. -# Optional. Default is '/var/www/s3gw.cgi'. -# -# [*rgw_port*] Port the rados gateway listens. -# Optional. Default is 80. -# -# [*rgw_dns_name*] Hostname to use for the service. -# Optional. Default is $fqdn. -# -# [*rgw_socket_path*] Path to socket file. -# Optional. Default is '/tmp/radosgw.sock'. -# -# [*syslog*] Whether or not to log to syslog. -# Optional. Default is true. -# -# [*ceph_apache_repo*] Whether to require the CEPH apache repo (ceph::repo::fastcgi). -# Optional. Default is true. Check: -# http://ceph.com/docs/master/install/install-ceph-gateway/ -# for more info on repository recommendations. -# -# [*apache_mods*] Whether to configure and enable a set of default Apache modules. -# Optional. Defaults to false. -# -# [*apache_vhost*] Configures a default virtual host. -# Optional. Defaults to false. -# -# [*apache_purge_configs*] Removes all other Apache configs and virtual hosts. -# Optional. Defaults to true. -# -# [*apache_purge_vhost*] Whether to remove any configurations inside vhost_dir not managed -# by Puppet. -# Optional. Defaults to true. -# -# [*custom_apache_ports*] Array of ports to listen by Apache. -# Optional. Works only if custom_apache set to true. Default is undef. -# -define ceph::rgw::apache_fastcgi ( - $admin_email = 'root@localhost', - $docroot = '/var/www', - $fcgi_file = '/var/www/s3gw.fcgi', - $rgw_dns_name = $::fqdn, - $rgw_port = '80', - $rgw_socket_path = $::ceph::params::rgw_socket_path, - $syslog = true, - $ceph_apache_repo = true, - $apache_mods = false, - $apache_vhost = false, - $apache_purge_configs = true, - $apache_purge_vhost = true, - $custom_apache_ports = undef, -) { - - class { '::apache': - default_mods => $apache_mods, - default_vhost => $apache_vhost, - purge_configs => $apache_purge_configs, - purge_vhost_dir => $apache_purge_vhost, - } - - if $custom_apache_ports { - apache::listen { $custom_apache_ports: } - } - - if !$apache_mods { - include ::apache::mod::auth_basic - } - - include ::apache::mod::alias - include ::apache::mod::mime - include ::apache::mod::rewrite - - apache::vhost { "${rgw_dns_name}-radosgw": - servername => $rgw_dns_name, - serveradmin => $admin_email, - port => $rgw_port, - docroot => $docroot, - rewrite_rule => '^/([a-zA-Z0-9-_.]*)([/]?.*) /s3gw.fcgi?page=$1¶ms=$2&%{QUERY_STRING} [E=HTTP_AUTHORIZATION:%{HTTP:Authorization},L]', - access_log => $syslog, - error_log => $syslog, - fastcgi_server => $fcgi_file, - fastcgi_socket => $rgw_socket_path, - fastcgi_dir => $docroot, - } - - # radosgw fast-cgi script - file { $fcgi_file: - ensure => file, - owner => 'root', - group => 'root', - mode => '0750', - content => "#!/bin/sh -exec /usr/bin/radosgw -c /etc/ceph/ceph.conf -n ${name}", - } - - File[$fcgi_file] - ~> Service['httpd'] - - # dependency on ceph apache repo if set - $pkg_fastcgi = $::apache::params::mod_packages['fastcgi'] - if $ceph_apache_repo { - case $::osfamily { - 'Debian': { - Apt::Source['ceph-fastcgi'] - -> Package[$pkg_fastcgi] - } - 'RedHat': { - Yumrepo['ext-ceph-fastcgi'] - -> Package[$pkg_fastcgi] - } - default: { - fail("Unsupported osfamily: ${::osfamily} operatingsystem: ${::operatingsystem}, module ${module_name} only supports osfamily Debian and RedHat") - } - } - } - -} diff --git a/ceph/manifests/rgw/apache_proxy_fcgi.pp b/ceph/manifests/rgw/apache_proxy_fcgi.pp deleted file mode 100644 index 89bbec2ae..000000000 --- a/ceph/manifests/rgw/apache_proxy_fcgi.pp +++ /dev/null @@ -1,115 +0,0 @@ -# -# Copyright (C) 2016 Mirantis Inc. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# Author: Oleksiy Molchanov -# -# Configures a ceph radosgw apache frontend with mod_proxy. -# -## == Define: ceph::rgw::apache_proxy_fcgi -# -# The RGW id. An alphanumeric string uniquely identifying the RGW. -# ( example: radosgw.gateway ) -# -### == Parameters -# -# [*admin_email*] Admin email for the radosgw reports. -# Optional. Default is 'root@localhost'. -# -# [*docroot*] Location of the apache docroot. -# Optional. Default is '/var/www'. -# -# [*rgw_port*] Port the rados gateway listens. -# Optional. Default is 80. -# -# [*rgw_dns_name*] Hostname to use for the service. -# Optional. Default is $fqdn. -# -# [*rewrite_rule*] RewriteRule for the apache config. -# Optional. Default is '.* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization},L]'. -# -# [*setenv*] String or aray for the apache setenv directive. -# Optional. Default is 'proxy-nokeepalive 1'. -# -# [*proxy_pass*] Hash that contains local virtual path and remote url. -# Optional. Default is {'path' => '/', 'url' => 'fcgi://127.0.0.1:9000/'}. -# -# [*syslog*] Whether or not to log to syslog. -# Optional. Default is true. -# -# [*apache_mods*] Whether to configure and enable a set of default Apache modules. -# Optional. Defaults to false. -# -# [*apache_vhost*] Configures a default virtual host. -# Optional. Defaults to false. -# -# [*apache_purge_configs*] Removes all other Apache configs and virtual hosts. -# Optional. Defaults to true. -# -# [*apache_purge_vhost*] Whether to remove any configurations inside vhost_dir not managed -# by Puppet. -# Optional. Defaults to true. -# -# [*custom_apache_ports*] Array of ports to listen by Apache. -# Optional. Works only if custom_apache set to true. Default is undef. -# -define ceph::rgw::apache_proxy_fcgi ( - $admin_email = 'root@localhost', - $docroot = '/var/www', - $rgw_dns_name = $::fqdn, - $rgw_port = '80', - $rewrite_rule = '.* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization},L]', - $setenv = 'proxy-nokeepalive 1', - $proxy_pass = {'path' => '/', 'url' => 'fcgi://127.0.0.1:9000/'}, - $syslog = true, - $apache_mods = false, - $apache_vhost = false, - $apache_purge_configs = true, - $apache_purge_vhost = true, - $custom_apache_ports = undef, -) { - - class { '::apache': - default_mods => $apache_mods, - default_vhost => $apache_vhost, - purge_configs => $apache_purge_configs, - purge_vhost_dir => $apache_purge_vhost, - } - - if $custom_apache_ports { - apache::listen { $custom_apache_ports: } - } - - if !$apache_mods { - include ::apache::mod::auth_basic - ::apache::mod { 'env': } - } - include ::apache::mod::alias - include ::apache::mod::mime - include ::apache::mod::rewrite - include ::apache::mod::proxy - ::apache::mod { 'proxy_fcgi': } - - apache::vhost { "${rgw_dns_name}-radosgw": - servername => $rgw_dns_name, - serveradmin => $admin_email, - docroot => $docroot, - access_log => $syslog, - error_log => $syslog, - port => $rgw_port, - rewrite_rule => $rewrite_rule, - setenv => $setenv, - proxy_pass => $proxy_pass, - } -} diff --git a/ceph/manifests/rgw/civetweb.pp b/ceph/manifests/rgw/civetweb.pp deleted file mode 100644 index 29403860b..000000000 --- a/ceph/manifests/rgw/civetweb.pp +++ /dev/null @@ -1,35 +0,0 @@ -# -# Copyright (C) 2016 Keith Schincke -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# Author: Keith Schincke -# -# Configures a ceph radosgw using civetweb. -# -# == Define: ceph::rgw::civetweb -# [*rgw_frontends*] Arguments to the rgw frontend -# Optional. Default is undef. Example: "civetweb port=7480" -# -define ceph::rgw::civetweb ( - $rgw_frontends = undef, -) { - - unless $name =~ /^radosgw\..+/ { - fail("Define name must be started with 'radosgw.'") - } - - ceph_config { - "client.${name}/rgw_frontends": value => $rgw_frontends; - } -} diff --git a/ceph/manifests/rgw/keystone.pp b/ceph/manifests/rgw/keystone.pp deleted file mode 100644 index 5dd62b7e6..000000000 --- a/ceph/manifests/rgw/keystone.pp +++ /dev/null @@ -1,121 +0,0 @@ -# -# Copyright (C) 2014 Catalyst IT Limited. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# Author: Ricardo Rocha -# -# Configures keystone auth/authz for the ceph radosgw. -# -### == Name -# # The RGW id. An alphanumeric string uniquely identifying the RGW. -# ( example: radosgw.gateway ) -# -### == Parameters -# -# [*rgw_keystone_admin_token*] The keystone admin token. -# Mandatory. -# -# [*rgw_keystone_url*] The internal or admin url for keystone. -# Optional. Default is 'http://127.0.0.1:5000' -# -# [*rgw_keystone_version*] The api version for keystone. -# Optional. Default is 'v2.0' -# -# [*rgw_keystone_accepted_roles*] Roles to accept from keystone. -# Optional. Default is '_member_, Member'. -# Comma separated list of roles. -# -# [*rgw_keystone_token_cache_size*] How many tokens to keep cached. -# Optional. Default is 500. -# Not useful when using PKI as every token is checked. -# -# [*rgw_keystone_revocation_interval*] Interval to check for expired tokens. -# Optional. Default is 600 (seconds). -# Not useful if not using PKI tokens (if not, set to high value). -# -# [*nss_db_path*] Path to NSS < - > keystone tokens db files. -# Optional. Default is undef. -# -# [*user*] User running the web frontend. -# Optional. Default is 'www-data'. -# -define ceph::rgw::keystone ( - $rgw_keystone_admin_token, - $rgw_keystone_url = 'http://127.0.0.1:5000', - $rgw_keystone_version = 'v2.0', - $rgw_keystone_accepted_roles = '_member_, Member', - $rgw_keystone_token_cache_size = 500, - $rgw_keystone_revocation_interval = 600, - $nss_db_path = '/var/lib/ceph/nss', - $user = $::ceph::params::user_radosgw, -) { - - unless $name =~ /^radosgw\..+/ { - fail("Define name must be started with 'radosgw.'") - } - - ceph_config { - "client.${name}/rgw_keystone_admin_token": value => $rgw_keystone_admin_token; - "client.${name}/rgw_keystone_url": value => $rgw_keystone_url; - "client.${name}/rgw_keystone_accepted_roles": value => $rgw_keystone_accepted_roles; - "client.${name}/rgw_keystone_token_cache_size": value => $rgw_keystone_token_cache_size; - "client.${name}/rgw_keystone_revocation_interval": value => $rgw_keystone_revocation_interval; - "client.${name}/rgw_s3_auth_use_keystone": value => true; - "client.${name}/nss_db_path": value => $nss_db_path; - } - - # fetch the keystone signing cert, add to nss db - $pkg_nsstools = $::ceph::params::pkg_nsstools - ensure_resource('package', $pkg_nsstools, {'ensure' => 'present'}) - - file { $nss_db_path: - ensure => directory, - owner => $user, - group => 'root', - } - - exec { "${name}-nssdb-ca": - command => "/bin/true # comment to satisfy puppet syntax requirements -set -ex -wget --no-check-certificate ${rgw_keystone_url}/${rgw_keystone_version}/certificates/ca -O /tmp/ca -openssl x509 -in /tmp/ca -pubkey | certutil -A -d ${nss_db_path} -n ca -t \"TCu,Cu,Tuw\" -", - unless => "/bin/true # comment to satisfy puppet syntax requirements -set -ex -certutil -d ${nss_db_path} -L | grep ^ca -", - user => $user, - } - - exec { "${name}-nssdb-signing": - command => "/bin/true # comment to satisfy puppet syntax requirements -set -ex -wget --no-check-certificate ${rgw_keystone_url}/${rgw_keystone_version}/certificates/signing -O /tmp/signing -openssl x509 -in /tmp/signing -pubkey | certutil -A -d ${nss_db_path} -n signing_cert -t \"P,P,P\" -", - unless => "/bin/true # comment to satisfy puppet syntax requirements -set -ex -certutil -d ${nss_db_path} -L | grep ^signing_cert -", - user => $user, - } - - Package[$pkg_nsstools] - -> Package[$::ceph::params::packages] - -> File[$nss_db_path] - -> Exec["${name}-nssdb-ca"] - -> Exec["${name}-nssdb-signing"] - ~> Service["radosgw-${name}"] - -} diff --git a/ceph/metadata.json b/ceph/metadata.json deleted file mode 100644 index ba5312427..000000000 --- a/ceph/metadata.json +++ /dev/null @@ -1,40 +0,0 @@ -{ - "name": "openstack-ceph", - "version": "1.0.0", - "author": "Puppet Ceph community and OpenStack (StackForge) Contributors", - "summary": "Community Developed Ceph Module", - "license": "Apache-2.0", - "source": "git://github.com/openstack/puppet-ceph.git", - "project_page": "https://launchpad.net/puppet-ceph", - "issues_url": "https://bugs.launchpad.net/puppet-ceph", - "requirements": [ - { "name": "pe","version_requirement": "3.x" }, - { "name": "puppet","version_requirement": "3.x" } - ], - "operatingsystem_support": [ - { - "operatingsystem": "Debian", - "operatingsystemrelease": ["8"] - }, - { - "operatingsystem": "Fedora", - "operatingsystemrelease": ["22","23"] - }, - { - "operatingsystem": "RedHat", - "operatingsystemrelease": ["7"] - }, - { - "operatingsystem": "Ubuntu", - "operatingsystemrelease": ["14.04"] - } - ], - "description": "Installs and configures Ceph.", - "dependencies": [ - { "name": "puppetlabs/apt", "version_requirement": ">=2.0.0 <3.0.0" }, - { "name": "puppetlabs/apache", "version_requirement": ">=1.4.1 <2.0.0" }, - { "name": "puppetlabs/concat", "version_requirement": ">=1.2.1 <3.0.0" }, - { "name": "puppetlabs/inifile", "version_requirement": ">=1.0.0 <2.0.0" }, - { "name": "puppetlabs/stdlib", "version_requirement": ">=4.0.0 <5.0.0" } - ] -} diff --git a/ceph/releasenotes/notes/first_release-a7268e1c8959eca3.yaml b/ceph/releasenotes/notes/first_release-a7268e1c8959eca3.yaml deleted file mode 100644 index 7356b17c1..000000000 --- a/ceph/releasenotes/notes/first_release-a7268e1c8959eca3.yaml +++ /dev/null @@ -1,3 +0,0 @@ ---- -prelude: > - First release of pupper-ceph, where Hammer is the official supported release (LTS). diff --git a/ceph/releasenotes/notes/systemd-8b86dee2f9df5a14.yaml b/ceph/releasenotes/notes/systemd-8b86dee2f9df5a14.yaml deleted file mode 100644 index 981ef94c6..000000000 --- a/ceph/releasenotes/notes/systemd-8b86dee2f9df5a14.yaml +++ /dev/null @@ -1,3 +0,0 @@ ---- -features: - - Allow deployments on Ubuntu Xenial (systemd). diff --git a/ceph/releasenotes/source/_static/.placeholder b/ceph/releasenotes/source/_static/.placeholder deleted file mode 100644 index e69de29bb..000000000 diff --git a/ceph/releasenotes/source/conf.py b/ceph/releasenotes/source/conf.py deleted file mode 100644 index 758c805e3..000000000 --- a/ceph/releasenotes/source/conf.py +++ /dev/null @@ -1,259 +0,0 @@ -# -*- coding: utf-8 -*- -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or -# implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -# If extensions (or modules to document with autodoc) are in another directory, -# add these directories to sys.path here. If the directory is relative to the -# documentation root, use os.path.abspath to make it absolute, like shown here. -#sys.path.insert(0, os.path.abspath('.')) - -# -- General configuration ------------------------------------------------ - -# If your documentation needs a minimal Sphinx version, state it here. -#needs_sphinx = '1.0' - -# Add any Sphinx extension module names here, as strings. They can be -# extensions coming with Sphinx (named 'sphinx.ext.*') or your custom -# ones. -extensions = [ - 'oslosphinx', - 'reno.sphinxext', -] - -# Add any paths that contain templates here, relative to this directory. -templates_path = ['_templates'] - -# The suffix of source filenames. -source_suffix = '.rst' - -# The encoding of source files. -#source_encoding = 'utf-8-sig' - -# The master toctree document. -master_doc = 'index' - -# General information about the project. -project = u'puppet-ceph Release Notes' -copyright = u'2016, Puppet OpenStack Developers' - -# The version info for the project you're documenting, acts as replacement for -# |version| and |release|, also used in various other places throughout the -# built documents. -# -# The short X.Y version. -version = '1.0.0' -# The full version, including alpha/beta/rc tags. -release = '1.0.0' - -# The language for content autogenerated by Sphinx. Refer to documentation -# for a list of supported languages. -#language = None - -# There are two options for replacing |today|: either, you set today to some -# non-false value, then it is used: -#today = '' -# Else, today_fmt is used as the format for a strftime call. -#today_fmt = '%B %d, %Y' - -# List of patterns, relative to source directory, that match files and -# directories to ignore when looking for source files. -exclude_patterns = [] - -# The reST default role (used for this markup: `text`) to use for all -# documents. -#default_role = None - -# If true, '()' will be appended to :func: etc. cross-reference text. -#add_function_parentheses = True - -# If true, the current module name will be prepended to all description -# unit titles (such as .. function::). -#add_module_names = True - -# If true, sectionauthor and moduleauthor directives will be shown in the -# output. They are ignored by default. -#show_authors = False - -# The name of the Pygments (syntax highlighting) style to use. -pygments_style = 'sphinx' - -# A list of ignored prefixes for module index sorting. -#modindex_common_prefix = [] - -# If true, keep warnings as "system message" paragraphs in the built documents. -#keep_warnings = False - - -# -- Options for HTML output ---------------------------------------------- - -# The theme to use for HTML and HTML Help pages. See the documentation for -# a list of builtin themes. -html_theme = 'default' - -# Theme options are theme-specific and customize the look and feel of a theme -# further. For a list of options available for each theme, see the -# documentation. -#html_theme_options = {} - -# Add any paths that contain custom themes here, relative to this directory. -#html_theme_path = [] - -# The name for this set of Sphinx documents. If None, it defaults to -# " v documentation". -#html_title = None - -# A shorter title for the navigation bar. Default is the same as html_title. -#html_short_title = None - -# The name of an image file (relative to this directory) to place at the top -# of the sidebar. -#html_logo = None - -# The name of an image file (within the static path) to use as favicon of the -# docs. This file should be a Windows icon file (.ico) being 16x16 or 32x32 -# pixels large. -#html_favicon = None - -# Add any paths that contain custom static files (such as style sheets) here, -# relative to this directory. They are copied after the builtin static files, -# so a file named "default.css" will overwrite the builtin "default.css". -html_static_path = ['_static'] - -# Add any extra paths that contain custom files (such as robots.txt or -# .htaccess) here, relative to this directory. These files are copied -# directly to the root of the documentation. -#html_extra_path = [] - -# If not '', a 'Last updated on:' timestamp is inserted at every page bottom, -# using the given strftime format. -#html_last_updated_fmt = '%b %d, %Y' - -# If true, SmartyPants will be used to convert quotes and dashes to -# typographically correct entities. -#html_use_smartypants = True - -# Custom sidebar templates, maps document names to template names. -#html_sidebars = {} - -# Additional templates that should be rendered to pages, maps page names to -# template names. -#html_additional_pages = {} - -# If false, no module index is generated. -#html_domain_indices = True - -# If false, no index is generated. -#html_use_index = True - -# If true, the index is split into individual pages for each letter. -#html_split_index = False - -# If true, links to the reST sources are added to the pages. -#html_show_sourcelink = True - -# If true, "Created using Sphinx" is shown in the HTML footer. Default is True. -#html_show_sphinx = True - -# If true, "(C) Copyright ..." is shown in the HTML footer. Default is True. -#html_show_copyright = True - -# If true, an OpenSearch description file will be output, and all pages will -# contain a tag referring to it. The value of this option must be the -# base URL from which the finished HTML is served. -#html_use_opensearch = '' - -# This is the file name suffix for HTML files (e.g. ".xhtml"). -#html_file_suffix = None - -# Output file base name for HTML help builder. -htmlhelp_basename = 'puppet-cephReleaseNotesdoc' - - -# -- Options for LaTeX output --------------------------------------------- - -latex_elements = { -# The paper size ('letterpaper' or 'a4paper'). -#'papersize': 'letterpaper', - -# The font size ('10pt', '11pt' or '12pt'). -#'pointsize': '10pt', - -# Additional stuff for the LaTeX preamble. -#'preamble': '', -} - -# Grouping the document tree into LaTeX files. List of tuples -# (source start file, target name, title, -# author, documentclass [howto, manual, or own class]). -latex_documents = [ - ('index', 'puppet-cephReleaseNotes.tex', u'puppet-ceph Release Notes Documentation', - u'2016, Puppet OpenStack Developers', 'manual'), -] - -# The name of an image file (relative to this directory) to place at the top of -# the title page. -#latex_logo = None - -# For "manual" documents, if this is true, then toplevel headings are parts, -# not chapters. -#latex_use_parts = False - -# If true, show page references after internal links. -#latex_show_pagerefs = False - -# If true, show URL addresses after external links. -#latex_show_urls = False - -# Documents to append as an appendix to all manuals. -#latex_appendices = [] - -# If false, no module index is generated. -#latex_domain_indices = True - - -# -- Options for manual page output --------------------------------------- - -# One entry per manual page. List of tuples -# (source start file, name, description, authors, manual section). -man_pages = [ - ('index', 'puppet-cephreleasenotes', u'puppet-ceph Release Notes Documentation', - [u'2016, Puppet OpenStack Developers'], 1) -] - -# If true, show URL addresses after external links. -#man_show_urls = False - - -# -- Options for Texinfo output ------------------------------------------- - -# Grouping the document tree into Texinfo files. List of tuples -# (source start file, target name, title, author, -# dir menu entry, description, category) -texinfo_documents = [ - ('index', 'puppet-cephReleaseNotes', u'puppet-ceph Release Notes Documentation', - u'2016, Puppet OpenStack Developers', 'puppet-cephReleaseNotes', 'One line description of project.', - 'Miscellaneous'), -] - -# Documents to append as an appendix to all manuals. -#texinfo_appendices = [] - -# If false, no module index is generated. -#texinfo_domain_indices = True - -# How to display URL addresses: 'footnote', 'no', or 'inline'. -#texinfo_show_urls = 'footnote' - -# If true, do not generate a @detailmenu in the "Top" node's menu. -#texinfo_no_detailmenu = False diff --git a/ceph/releasenotes/source/hammer.rst b/ceph/releasenotes/source/hammer.rst deleted file mode 100644 index 207c1538d..000000000 --- a/ceph/releasenotes/source/hammer.rst +++ /dev/null @@ -1,6 +0,0 @@ -============================ - Hammer Series Release Notes -============================ - -.. release-notes:: - :branch: origin/stable/hammer diff --git a/ceph/releasenotes/source/index.rst b/ceph/releasenotes/source/index.rst deleted file mode 100644 index 12b0cfeeb..000000000 --- a/ceph/releasenotes/source/index.rst +++ /dev/null @@ -1,19 +0,0 @@ -======================================== -Welcome to puppet-ceph Release Notes! -======================================== - -Contents -======== - -.. toctree:: - :maxdepth: 2 - - hammer - unreleased - - -Indices and tables -================== - -* :ref:`genindex` -* :ref:`search` diff --git a/ceph/releasenotes/source/unreleased.rst b/ceph/releasenotes/source/unreleased.rst deleted file mode 100644 index 2334dd5cf..000000000 --- a/ceph/releasenotes/source/unreleased.rst +++ /dev/null @@ -1,5 +0,0 @@ -============================== - Current Series Release Notes -============================== - - .. release-notes:: diff --git a/ceph/setup.cfg b/ceph/setup.cfg deleted file mode 100644 index f8482b4da..000000000 --- a/ceph/setup.cfg +++ /dev/null @@ -1,13 +0,0 @@ -[metadata] -name = puppet-ceph -summary = Puppet module for Ceph -description-file = - README.md -author = OpenStack Contributors -author-email = openstack-dev@lists.openstack.org -home-page = http://www.openstack.org/ -classifier = - Intended Audience :: Developers - Intended Audience :: System Administrators - License :: OSI Approved :: Apache Software License - Operating System :: POSIX :: Linux diff --git a/ceph/setup.py b/ceph/setup.py deleted file mode 100644 index 70c2b3f32..000000000 --- a/ceph/setup.py +++ /dev/null @@ -1,22 +0,0 @@ -#!/usr/bin/env python -# Copyright (c) 2013 Hewlett-Packard Development Company, L.P. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or -# implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# THIS FILE IS MANAGED BY THE GLOBAL REQUIREMENTS REPO - DO NOT EDIT -import setuptools - -setuptools.setup( - setup_requires=['pbr'], - pbr=True) diff --git a/ceph/spec/acceptance/ceph_rgw_civet_spec.rb b/ceph/spec/acceptance/ceph_rgw_civet_spec.rb deleted file mode 100644 index c2b1fb8e9..000000000 --- a/ceph/spec/acceptance/ceph_rgw_civet_spec.rb +++ /dev/null @@ -1,237 +0,0 @@ -# -# Copyright (C) 2016 Keith Schincke -# -# Author: Keith Schincke -# forked from: -# Author: David Gurtner -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -require 'spec_helper_acceptance' - -describe 'ceph rgw/civetweb' do - - release = 'hammer' - fsid = 'a4807c9a-e76f-4666-a297-6d6cbc922e3a' - mon_key ='AQCztJdSyNb0NBAASA2yPZPuwXeIQnDJ9O8gVw==' - admin_key = 'AQA0TVRTsP/aHxAAFBvntu1dSEJHxtJeFFrRsg==' - radosgw_key = 'AQA0TVRTsP/aHxAAFBvntu1dSEJHxtJeFFrRwg==' - # passing it directly as unqoted array is not supported everywhere - packages = "[ 'python-ceph', 'ceph-common', 'librados2', 'librbd1', 'libcephfs1' ]" - - test_user = 'testuser' - test_password = '123456' - test_email = 'testuser@example.com' - - describe 'ceph::rgw::civetweb' do - - it 'should install one monitor/osd with a rgw/civetweb' do - pp = <<-EOS - $user = 'root' - - case $::osfamily { - 'Debian': { - include ::apt - apt::source { 'cloudarchive-juno': - location => 'http://ubuntu-cloud.archive.canonical.com/ubuntu', - release => 'trusty-updates/juno', - repos => 'main', - include_src => false, - required_packages => 'ubuntu-cloud-keyring', - } - } - 'RedHat': { - # ceph-radosgw expects open file limit of 32768 - file { '/etc/security/limits.d/80-nofile.conf': - content => '* hard nofile 32768', - } - yumrepo { 'openstack-juno': - descr => 'OpenStack Juno Repository', - baseurl => 'http://mirror.centos.org/centos/7/cloud/x86_64/openstack-kilo/', - enabled => '1', - gpgcheck => '0', - gpgkey => 'https://raw.githubusercontent.com/redhat-openstack/rdo-release/kilo/RPM-GPG-KEY-CentOS-SIG-Cloud', - priority => '15', # prefer over EPEL, but below ceph - } - Yumrepo<||> -> Package['python-swiftclient'] - } - default: { - fail ("Unsupported OS family ${::osfamily}") - } - } - - # ceph setup - class { 'ceph::repo': - ensure => present, - release => '#{release}', - } - -> - class { 'ceph': - fsid => '#{fsid}', - mon_host => $::ipaddress, - mon_initial_members => 'a', - osd_pool_default_size => '1', - osd_pool_default_min_size => '1', - } - ceph::mon { 'a': - public_addr => $::ipaddress, - key => '#{mon_key}', - } - ceph::key { 'client.admin': - secret => '#{admin_key}', - cap_mon => 'allow *', - cap_osd => 'allow *', - cap_mds => 'allow *', - inject => true, - inject_as_id => 'mon.', - inject_keyring => '/var/lib/ceph/mon/ceph-a/keyring', - } - -> - ceph::key { 'client.radosgw.gateway': - user => $apache_user, - secret => '#{radosgw_key}', - cap_mon => 'allow rwx', - cap_osd => 'allow rwx', - inject => true, - } - -> - exec { 'bootstrap-key': - command => '/usr/sbin/ceph-create-keys --id a', - } - -> - ceph::osd { '/srv/data': } - - # setup ceph radosgw - host { $::fqdn: # workaround for bad 'hostname -f' in vagrant box - ip => $ipaddress, - host_aliases => [$::hostname], - } - -> - file { '/var/run/ceph': # workaround for bad sysvinit script (ignores socket) - ensure => directory, - owner => $user, - } - -> - ceph::rgw { 'radosgw.gateway': - user => $user, - frontend_type => 'civetweb', - rgw_frontends => 'civetweb port=80', - } - Ceph::Osd['/srv/data'] -> Service['radosgw-radosgw.gateway'] - - package { 'python-swiftclient': # required for tests below - ensure => present, - } - ceph_config { - 'global/mon_data_avail_warn': value => 10; # workaround for health warn in mon - 'global/osd_journal_size': value => 100; - } - - EOS - - osfamily = fact 'osfamily' - - servicequery = { - 'Debian' => 'status radosgw id=radosgw.gateway', - 'RedHat' => 'service ceph-radosgw status id=radosgw.gateway', - } - - apply_manifest(pp, :catch_failures => true) - # Enable as soon as remaining changes are fixed - #apply_manifest(pp, :catch_changes => true) - - shell servicequery[osfamily] do |r| - expect(r.exit_code).to be_zero - end - - shell "/usr/bin/radosgw-admin user create --uid=#{test_user} --email=#{test_email} --secret=#{test_password} --display-name=\"Test User\"" do |r| - expect(r.exit_code).to be_zero - end - - shell "/usr/bin/radosgw-admin subuser create --uid=#{test_user} --subuser=#{test_user}:swift --access=full" do |r| - expect(r.exit_code).to be_zero - end - - shell "/usr/bin/radosgw-admin key create --subuser=#{test_user}:swift --key-type=swift --secret=#{test_password}" do |r| - expect(r.exit_code).to be_zero - end - - #shell "swift -A http://127.0.0.1:7480/auth/1.0 -U #{test_user}:swift -K #{test_password} stat" do |r| - shell "swift -A http://127.0.0.1:80/auth/1.0 -U #{test_user}:swift -K #{test_password} stat" do |r| - expect(r.exit_code).to be_zero - expect(r.stdout).to match(/Content-Type: text\/plain; charset=utf-8/) - expect(r.stdout).not_to match(/401 Unauthorized/) - end - end - - it 'should purge everything' do - purge = <<-EOS - $radosgw = $::osfamily ? { - 'RedHat' => 'ceph-radosgw', - default => 'radosgw', - } - ceph::osd { '/srv/data': - ensure => absent, - } - -> - ceph::mon { 'a': ensure => absent } - -> - file { [ - '/var/lib/ceph/bootstrap-osd/ceph.keyring', - '/var/lib/ceph/bootstrap-mds/ceph.keyring', - '/var/lib/ceph/nss/cert8.db', - '/var/lib/ceph/nss/key3.db', - '/var/lib/ceph/nss/secmod.db', - '/var/lib/ceph/radosgw/ceph-radosgw.gateway', - '/var/lib/ceph/radosgw', - '/var/lib/ceph/nss', - '/etc/ceph/ceph.client.admin.keyring', - '/etc/ceph/ceph.client.radosgw.gateway', - '/var/lib/ceph', - '/srv/data', - ]: - ensure => absent, - recurse => true, - purge => true, - force => true, - } - -> - package { $radosgw: ensure => purged } - -> - package { #{packages}: - ensure => purged - } - class { 'ceph::repo': - ensure => absent, - release => '#{release}', - fastcgi => false, - } - EOS - - osfamily = fact 'osfamily' - - # RGW on CentOS is currently broken, so lets disable tests for now. - #if osfamily != 'RedHat' - apply_manifest(purge, :catch_failures => true) - #end - end - end -end -# Local Variables: -# compile-command: "cd ../.. -# BUNDLE_PATH=/tmp/vendor bundle install -# BEAKER_set=ubuntu-server-1404-x64 \ -# BUNDLE_PATH=/tmp/vendor \ -# bundle exec rspec spec/acceptance/ceph_usecases_spec.rb -# " -# End: diff --git a/ceph/spec/acceptance/ceph_rgw_spec.rb b/ceph/spec/acceptance/ceph_rgw_spec.rb deleted file mode 100644 index 7decbafee..000000000 --- a/ceph/spec/acceptance/ceph_rgw_spec.rb +++ /dev/null @@ -1,731 +0,0 @@ -# -# Copyright (C) 2015 David Gurtner -# -# Author: David Gurtner -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -require 'spec_helper_acceptance' - -describe 'ceph rgw' do - - release = 'hammer' - fsid = 'a4807c9a-e76f-4666-a297-6d6cbc922e3a' - mon_key ='AQCztJdSyNb0NBAASA2yPZPuwXeIQnDJ9O8gVw==' - admin_key = 'AQA0TVRTsP/aHxAAFBvntu1dSEJHxtJeFFrRsg==' - radosgw_key = 'AQA0TVRTsP/aHxAAFBvntu1dSEJHxtJeFFrRwg==' - # passing it directly as unqoted array is not supported everywhere - packages = "[ 'python-ceph', 'ceph-common', 'librados2', 'librbd1', 'libcephfs1' ]" - - keystone_admin_token = 'keystonetoken' - keystone_password = '123456' - - test_user = 'testuser' - test_password = '123456' - test_email = 'testuser@example.com' - test_tenant = 'openstack' - - describe 'ceph::rgw::keystone' do - - it 'should install one monitor/osd with cephx keys for rgw-fcgi' do - pp = <<-EOS - if $::osfamily == 'Debian' { - #trusty ships with pbr 0.7 - #openstackclient.shell raises an requiring pbr!=0.7,<1.0,>=0.6' - #the latest is 0.10 - package { 'python-pbr': - ensure => 'latest', - } - } - $apache_user = $::osfamily ? { - 'RedHat' => 'apache', - default => 'www-data', - } - - class { 'ceph::repo': - release => '#{release}', - fastcgi => true, - } - -> - class { 'ceph': - fsid => '#{fsid}', - mon_host => $::ipaddress, - mon_initial_members => 'a', - osd_pool_default_size => '1', - osd_pool_default_min_size => '1', - } - ceph_config { - 'global/mon_data_avail_warn': value => 10; # workaround for health warn in mon - 'global/osd_journal_size': value => 100; - } - ceph::mon { 'a': - public_addr => $::ipaddress, - key => '#{mon_key}', - } - ceph::key { 'client.admin': - secret => '#{admin_key}', - cap_mon => 'allow *', - cap_osd => 'allow *', - cap_mds => 'allow *', - inject => true, - inject_as_id => 'mon.', - inject_keyring => '/var/lib/ceph/mon/ceph-a/keyring', - } - -> - ceph::key { 'client.radosgw.gateway': - user => $apache_user, - secret => '#{radosgw_key}', - cap_mon => 'allow rwx', - cap_osd => 'allow rwx', - inject => true, - } - ~> - exec { 'bootstrap-key': - command => '/usr/sbin/ceph-create-keys --id a', - refreshonly => true, - } - -> - ceph::osd { '/srv/data': } - EOS - - osfamily = fact 'osfamily' - - # RGW on CentOS is currently broken, so lets disable tests for now. - if osfamily != 'RedHat' - apply_manifest(pp, :catch_failures => true) - apply_manifest(pp, :catch_changes => true) - - shell 'sleep 10' # we need to wait a bit until the OSD is up - - shell 'ceph -s', { :acceptable_exit_codes => [0] } do |r| - expect(r.stdout).to match(/1 mons at/) - expect(r.stderr).to be_empty - end - - shell 'ceph osd tree', { :acceptable_exit_codes => [0] } do |r| - expect(r.stdout).to match(/osd.0/) - expect(r.stderr).to be_empty - end - end - end - - it 'should install a radosgw with fcgi' do - pp = <<-EOS - # ceph::repo and ceph are needed as dependencies in the catalog - class { 'ceph::repo': - release => '#{release}', - fastcgi => true, - } - class { 'ceph': - fsid => '#{fsid}', - mon_host => $::ipaddress, - mon_initial_members => 'a', - osd_pool_default_size => '1', - osd_pool_default_min_size => '1', - } - - $apache_user = $::osfamily ? { - 'RedHat' => 'apache', - default => 'www-data', - } - - host { $::fqdn: # workaround for bad 'hostname -f' in vagrant box - ip => $ipaddress, - host_aliases => [$::hostname], - } - -> - file { '/var/run/ceph': # workaround for bad sysvinit script (ignores socket) - ensure => directory, - owner => $apache_user, - } - -> - ceph::rgw { 'radosgw.gateway': - rgw_socket_path => '/var/run/ceph/ceph-client.radosgw.gateway.asok', - } - - ceph::rgw::apache_fastcgi { 'radosgw.gateway': - rgw_port => '8080', - rgw_socket_path => '/var/run/ceph/ceph-client.radosgw.gateway.asok', - } - EOS - - osfamily = fact 'osfamily' - - servicequery = { - 'Debian' => 'status radosgw id=radosgw.gateway', - 'RedHat' => 'service ceph-radosgw status id=radosgw.gateway', - } - - # RGW on CentOS is currently broken, so lets disable tests for now. - if osfamily != 'RedHat' - apply_manifest(pp, :catch_failures => true) - # Enable as soon as remaining changes are fixed - #apply_manifest(pp, :catch_changes => true) - - shell servicequery[osfamily] do |r| - expect(r.exit_code).to be_zero - end - - shell "radosgw-admin user create --uid=#{test_user} --display-name=#{test_user}" - - shell "radosgw-admin subuser create --uid=#{test_user} --subuser=#{test_user}:swift --access=full" - - shell "radosgw-admin key create --subuser=#{test_user}:swift --key-type=swift --secret='#{test_password}'" - - shell "curl -i -H 'X-Auth-User: #{test_user}:swift' -H 'X-Auth-Key: #{test_password}' http://127.0.0.1:8080/auth/v1.0/" do |r| - expect(r.exit_code).to be_zero - expect(r.stdout).to match(/HTTP\/1\.1 204 No Content/) - expect(r.stdout).not_to match(/401 Unauthorized/) - end - end - end - - it 'should configure keystone and rgw-fcgi keystone integration' do - pp = <<-EOS - # ceph::repo and ceph are needed as dependencies in the catalog - class { 'ceph::repo': - release => '#{release}', - fastcgi => true, - } - class { 'ceph': - fsid => '#{fsid}', - mon_host => $::ipaddress, - mon_initial_members => 'a', - osd_pool_default_size => '1', - osd_pool_default_min_size => '1', - } - - # this is needed for the refresh triggered by ceph::rgw::keystone - ceph::rgw { 'radosgw.gateway': - rgw_socket_path => '/var/run/ceph/ceph-client.radosgw.gateway.asok', - } - - case $::osfamily { - 'Debian': { - include ::apt - apt::source { 'cloudarchive-juno': - location => 'http://ubuntu-cloud.archive.canonical.com/ubuntu', - release => 'trusty-updates/juno', - repos => 'main', - include => { - 'src' => 'false', - }, - } - package { 'ubuntu-cloud-keyring': - ensure => present, - } - Apt::Source['cloudarchive-juno'] -> Package['ubuntu-cloud-keyring'] - Package['ubuntu-cloud-keyring'] -> Package['keystone','python-swiftclient'] - Exec['apt_update'] -> Package['keystone','python-swiftclient'] - } - 'RedHat': { - yumrepo { 'openstack-juno': - descr => 'OpenStack Juno Repository', - baseurl => 'http://repos.fedorapeople.org/repos/openstack/openstack-juno/epel-7/', - enabled => '1', - gpgcheck => '1', - gpgkey => 'https://raw.githubusercontent.com/redhat-openstack/rdo-release/juno/RPM-GPG-KEY-RDO-Juno', - priority => '15', # prefer over EPEL, but below ceph - } - Yumrepo<||> -> Package['python-swiftclient','keystone'] - } - } - - class { 'keystone': - verbose => true, - catalog_type => 'sql', - admin_token => '#{keystone_admin_token}', - admin_endpoint => "http://${::ipaddress}:35357", - } - -> - class { 'keystone::roles::admin': - email => 'admin@example.com', - password => '#{keystone_password}', - } - -> - class { 'keystone::endpoint': - public_url => "http://${::ipaddress}:5000", - admin_url => "http://${::ipaddress}:35357", - internal_url => "http://${::ipaddress}:5000", - region => 'example-1', - } - Service['keystone'] -> Ceph::Rgw::Keystone['radosgw.gateway'] - - keystone_service { 'swift': - ensure => present, - type => 'object-store', - description => 'Openstack Object Storage Service', - } - Keystone_service<||> -> Ceph::Rgw::Keystone['radosgw.gateway'] - keystone_endpoint { 'example-1/swift': - ensure => present, - public_url => "http://${::fqdn}:8080/swift/v1", - admin_url => "http://${::fqdn}:8080/swift/v1", - internal_url => "http://${::fqdn}:8080/swift/v1", - } - Keystone_endpoint<||> -> Ceph::Rgw::Keystone['radosgw.gateway'] - - # add a testuser for validation below - keystone_user { '#{test_user}': - ensure => present, - enabled => true, - email => '#{test_email}', - password => '#{test_password}', - tenant => '#{test_tenant}', - } - Keystone_user<||> -> Ceph::Rgw::Keystone['radosgw.gateway'] - keystone_user_role { 'testuser@openstack': - ensure => present, - roles => ['_member_'], - } - Keystone_user_role<||> -> Ceph::Rgw::Keystone['radosgw.gateway'] - - package { 'python-swiftclient': # required for tests below - ensure => present, - } - - ceph::rgw::keystone { 'radosgw.gateway': - rgw_keystone_url => "http://${::ipaddress}:5000", - rgw_keystone_admin_token => '#{keystone_admin_token}', - } - EOS - - osfamily = fact 'osfamily' - - servicequery = { - 'Debian' => 'status radosgw id=radosgw.gateway', - 'RedHat' => 'service ceph-radosgw status id=radosgw.gateway', - } - - # RGW on CentOS is currently broken, so lets disable tests for now. - if osfamily != 'RedHat' - apply_manifest(pp, :catch_failures => true) - # Enable as soon as remaining changes are fixed - #apply_manifest(pp, :catch_changes => true) - - shell servicequery[osfamily] do |r| - expect(r.exit_code).to be_zero - end - - shell "swift -V 2.0 -A http://127.0.0.1:5000/v2.0 -U #{test_tenant}:#{test_user} -K #{test_password} stat" do |r| - expect(r.exit_code).to be_zero - expect(r.stdout).to match(/Content-Type: text\/plain; charset=utf-8/) - expect(r.stdout).not_to match(/401 Unauthorized/) - end - end - end - - it 'should purge everything' do - purge = <<-EOS - $radosgw = $::osfamily ? { - 'RedHat' => 'ceph-radosgw', - default => 'radosgw', - } - class { 'keystone': - admin_token => 'keystonetoken', - enabled => false, - } - -> - ceph::osd { '/srv/data': - ensure => absent, - } - -> - ceph::mon { 'a': ensure => absent } - -> - file { [ - '/var/lib/ceph/bootstrap-osd/ceph.keyring', - '/var/lib/ceph/bootstrap-mds/ceph.keyring', - '/var/lib/ceph/nss/cert8.db', - '/var/lib/ceph/nss/key3.db', - '/var/lib/ceph/nss/secmod.db', - '/var/lib/ceph/radosgw/ceph-radosgw.gateway', - '/var/lib/ceph/radosgw', - '/var/lib/ceph/nss', - '/etc/ceph/ceph.client.admin.keyring', - '/etc/ceph/ceph.client.radosgw.gateway', - '/var/lib/ceph', - '/srv/data', - ]: - ensure => absent, - recurse => true, - purge => true, - force => true, - } - -> - package { $radosgw: ensure => purged } - -> - package { #{packages}: - ensure => purged - } - class { 'ceph::repo': - release => '#{release}', - fastcgi => true, - ensure => absent, - } - class { 'apache': - service_ensure => stopped, - service_enable => false, - } - apache::vhost { "$fqdn-radosgw": - ensure => absent, - docroot => '/var/www', - } - EOS - - osfamily = fact 'osfamily' - - # RGW on CentOS is currently broken, so lets disable tests for now. - if osfamily != 'RedHat' - apply_manifest(purge, :catch_failures => true) - end - end - - it 'should install one monitor/osd with cephx keys for rgw-proxy' do - pp = <<-EOS - class { 'ceph::repo': - release => '#{release}', - fastcgi => true, - } - -> - class { 'ceph': - fsid => '#{fsid}', - mon_host => $::ipaddress, - mon_initial_members => 'a', - osd_pool_default_size => '1', - osd_pool_default_min_size => '1', - } - ceph_config { - 'global/mon_data_avail_warn': value => 10; # workaround for health warn in mon - 'global/osd_journal_size': value => 100; - } - ceph::mon { 'a': - public_addr => $::ipaddress, - key => '#{mon_key}', - } - ceph::key { 'client.admin': - secret => '#{admin_key}', - cap_mon => 'allow *', - cap_osd => 'allow *', - cap_mds => 'allow *', - inject => true, - inject_as_id => 'mon.', - inject_keyring => '/var/lib/ceph/mon/ceph-a/keyring', - } - -> - ceph::key { 'client.radosgw.gateway': - user => $apache_user, - secret => '#{radosgw_key}', - cap_mon => 'allow rwx', - cap_osd => 'allow rwx', - inject => true, - } - -> - exec { 'bootstrap-key': - command => '/usr/sbin/ceph-create-keys --id a', - } - -> - ceph::osd { '/srv/data': } - EOS - - osfamily = fact 'osfamily' - - # RGW on CentOS is currently broken, so lets disable tests for now. - if osfamily != 'RedHat' - apply_manifest(pp, :catch_failures => true) - # Enable as soon as remaining changes are fixed - #apply_manifest(pp, :catch_changes => true) - - shell 'sleep 10' # we need to wait a bit until the OSD is up - - shell 'ceph -s', { :acceptable_exit_codes => [0] } do |r| - expect(r.stdout).to match(/1 mons at/) - expect(r.stderr).to be_empty - end - - shell 'ceph osd tree', { :acceptable_exit_codes => [0] } do |r| - expect(r.stdout).to match(/osd.0/) - expect(r.stderr).to be_empty - end - end - end - - it 'should install a radosgw with mod_proxy' do - pp = <<-EOS - # ceph::repo and ceph are needed as dependencies in the catalog - class { 'ceph::repo': - release => '#{release}', - fastcgi => true, - } - class { 'ceph': - fsid => '#{fsid}', - mon_host => $::ipaddress, - mon_initial_members => 'a', - osd_pool_default_size => '1', - osd_pool_default_min_size => '1', - } - - $apache_user = $::osfamily ? { - 'RedHat' => 'apache', - default => 'www-data', - } - - host { $::fqdn: # workaround for bad 'hostname -f' in vagrant box - ip => $ipaddress, - host_aliases => [$::hostname], - } - -> - file { '/var/run/ceph': # workaround for bad sysvinit script (ignores socket) - ensure => directory, - owner => $apache_user, - } - -> - ceph::rgw { 'radosgw.gateway': - frontend_type => 'apache-proxy-fcgi', - rgw_socket_path => '/var/run/ceph/ceph-client.radosgw.gateway.asok', - } - - ceph::rgw::apache_proxy_fcgi { 'radosgw.gateway': - rgw_port => '8080', - proxy_pass => {'path' => '/', 'url' => 'fcgi://127.0.0.1:9000/', 'params' => { 'retry' => '0' }}, - } - EOS - - osfamily = fact 'osfamily' - - servicequery = { - 'Debian' => 'status radosgw id=radosgw.gateway', - 'RedHat' => 'service ceph-radosgw status id=radosgw.gateway', - } - - # RGW on CentOS is currently broken, so lets disable tests for now. - if osfamily != 'RedHat' - apply_manifest(pp, :catch_failures => true) - # Enable as soon as remaining changes are fixed - #apply_manifest(pp, :catch_changes => true) - - shell servicequery[osfamily] do |r| - expect(r.exit_code).to be_zero - end - - shell "radosgw-admin user create --uid=#{test_user} --display-name=#{test_user}" - - shell "radosgw-admin subuser create --uid=#{test_user} --subuser=#{test_user}:swift --access=full" - - shell "radosgw-admin key create --subuser=#{test_user}:swift --key-type=swift --secret='#{test_password}'" - - shell "curl -i -H 'X-Auth-User: #{test_user}:swift' -H 'X-Auth-Key: #{test_password}' http://127.0.0.1:8080/auth/v1.0/" do |r| - expect(r.exit_code).to be_zero - expect(r.stdout).to match(/HTTP\/1\.1 204 No Content/) - expect(r.stdout).not_to match(/401 Unauthorized/) - end - end - end - - it 'should configure keystone and rgw-proxy keystone integration' do - pp = <<-EOS - # ceph::repo and ceph are needed as dependencies in the catalog - class { 'ceph::repo': - release => '#{release}', - fastcgi => true, - } - class { 'ceph': - fsid => '#{fsid}', - mon_host => $::ipaddress, - mon_initial_members => 'a', - osd_pool_default_size => '1', - osd_pool_default_min_size => '1', - } - - # this is needed for the refresh triggered by ceph::rgw::keystone - ceph::rgw { 'radosgw.gateway': - rgw_socket_path => '/var/run/ceph/ceph-client.radosgw.gateway.asok', - } - - case $::osfamily { - 'Debian': { - include ::apt - apt::source { 'cloudarchive-juno': - location => 'http://ubuntu-cloud.archive.canonical.com/ubuntu', - release => 'trusty-updates/juno', - repos => 'main', - include_src => false, - required_packages => 'ubuntu-cloud-keyring', - } - Apt::Source['cloudarchive-juno'] -> Package['keystone','python-swiftclient'] - Exec['apt_update'] -> Package['keystone','python-swiftclient'] - } - 'RedHat': { - yumrepo { 'openstack-juno': - descr => 'OpenStack Juno Repository', - baseurl => 'http://repos.fedorapeople.org/repos/openstack/openstack-juno/epel-7/', - enabled => '1', - gpgcheck => '1', - gpgkey => 'https://raw.githubusercontent.com/redhat-openstack/rdo-release/juno/RPM-GPG-KEY-RDO-Juno', - priority => '15', # prefer over EPEL, but below ceph - } - Yumrepo<||> -> Package['python-swiftclient','keystone'] - } - } - - class { 'keystone': - verbose => true, - catalog_type => 'sql', - admin_token => '#{keystone_admin_token}', - admin_endpoint => "http://${::ipaddress}:35357", - } - -> - class { 'keystone::roles::admin': - email => 'admin@example.com', - password => '#{keystone_password}', - } - -> - class { 'keystone::endpoint': - public_url => "http://${::ipaddress}:5000", - admin_url => "http://${::ipaddress}:35357", - internal_url => "http://${::ipaddress}:5000", - region => 'example-1', - } - Service['keystone'] -> Ceph::Rgw::Keystone['radosgw.gateway'] - - keystone_service { 'swift': - ensure => present, - type => 'object-store', - description => 'Openstack Object Storage Service', - } - Keystone_service<||> -> Ceph::Rgw::Keystone['radosgw.gateway'] - keystone_endpoint { 'example-1/swift': - ensure => present, - public_url => "http://${::fqdn}:8080/swift/v1", - admin_url => "http://${::fqdn}:8080/swift/v1", - internal_url => "http://${::fqdn}:8080/swift/v1", - } - Keystone_endpoint<||> -> Ceph::Rgw::Keystone['radosgw.gateway'] - - # add a testuser for validation below - keystone_user { '#{test_user}': - ensure => present, - enabled => true, - email => '#{test_email}', - password => '#{test_password}', - tenant => '#{test_tenant}', - } - Keystone_user<||> -> Ceph::Rgw::Keystone['radosgw.gateway'] - keystone_user_role { 'testuser@openstack': - ensure => present, - roles => ['_member_'], - } - Keystone_user_role<||> -> Ceph::Rgw::Keystone['radosgw.gateway'] - - package { 'python-swiftclient': # required for tests below - ensure => present, - } - - ceph::rgw::keystone { 'radosgw.gateway': - rgw_keystone_url => "http://${::ipaddress}:5000", - rgw_keystone_admin_token => '#{keystone_admin_token}', - } - EOS - - osfamily = fact 'osfamily' - - servicequery = { - 'Debian' => 'status radosgw id=radosgw.gateway', - 'RedHat' => 'service ceph-radosgw status id=radosgw.gateway', - } - - # RGW on CentOS is currently broken, so lets disable tests for now. - if osfamily != 'RedHat' - apply_manifest(pp, :catch_failures => true) - # Enable as soon as remaining changes are fixed - #apply_manifest(pp, :catch_changes => true) - - shell servicequery[osfamily] do |r| - expect(r.exit_code).to be_zero - end - - shell "swift -V 2.0 -A http://127.0.0.1:5000/v2.0 -U #{test_tenant}:#{test_user} -K #{test_password} stat" do |r| - expect(r.exit_code).to be_zero - expect(r.stdout).to match(/Content-Type: text\/plain; charset=utf-8/) - expect(r.stdout).not_to match(/401 Unauthorized/) - end - end - end - - it 'should purge everything again' do - purge = <<-EOS - $radosgw = $::osfamily ? { - 'RedHat' => 'ceph-radosgw', - default => 'radosgw', - } - class { 'keystone': - admin_token => 'keystonetoken', - enabled => false, - } - -> - ceph::osd { '/srv/data': - ensure => absent, - } - -> - ceph::mon { 'a': ensure => absent } - -> - file { [ - '/var/lib/ceph/bootstrap-osd/ceph.keyring', - '/var/lib/ceph/bootstrap-mds/ceph.keyring', - '/var/lib/ceph/nss/cert8.db', - '/var/lib/ceph/nss/key3.db', - '/var/lib/ceph/nss/secmod.db', - '/var/lib/ceph/radosgw/ceph-radosgw.gateway', - '/var/lib/ceph/radosgw', - '/var/lib/ceph/nss', - '/etc/ceph/ceph.client.admin.keyring', - '/etc/ceph/ceph.client.radosgw.gateway', - ]: - ensure => absent - } - -> - package { $radosgw: ensure => purged } - -> - package { #{packages}: - ensure => purged - } - class { 'ceph::repo': - release => '#{release}', - ensure => absent, - } - class { 'apache': - service_ensure => stopped, - service_enable => false, - } - apache::vhost { "$fqdn-radosgw": - ensure => absent, - docroot => '/var/www', - } - EOS - - osfamily = fact 'osfamily' - - # RGW on CentOS is currently broken, so lets disable tests for now. - if osfamily != 'RedHat' - apply_manifest(purge, :catch_failures => true) - end - end - end -end -# Local Variables: -# compile-command: "cd ../.. -# BUNDLE_PATH=/tmp/vendor bundle install -# BEAKER_set=ubuntu-server-1204-x64 \ -# BUNDLE_PATH=/tmp/vendor \ -# bundle exec rspec spec/acceptance/ceph_usecases_spec.rb -# " -# End: diff --git a/ceph/spec/acceptance/ceph_usecases_spec.rb b/ceph/spec/acceptance/ceph_usecases_spec.rb deleted file mode 100644 index 7b4d9fc8e..000000000 --- a/ceph/spec/acceptance/ceph_usecases_spec.rb +++ /dev/null @@ -1,144 +0,0 @@ -# -# Copyright (C) 2015 David Gurtner -# -# Author: David Gurtner -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -require 'spec_helper_acceptance' - -describe 'ceph usecases' do - - # passing it directly as unqoted array is not supported everywhere - packages = "[ 'python-ceph', 'ceph-common', 'librados2', 'librbd1', 'libcephfs1' ]" - - describe 'I want to try this module, heard of ceph, want to see it in action' do - - it 'should install one monitor and one OSD on /srv/data' do - pp = <<-EOS - class { 'ceph::repo': } - class { 'ceph': - fsid => '82274746-9a2c-426b-8c51-107fb0d890c6', - mon_host => $::ipaddress, - authentication_type => 'none', - osd_pool_default_size => '1', - osd_pool_default_min_size => '1', - } - ceph_config { - 'global/osd_journal_size': value => '100'; - } - ceph::mon { 'a': - public_addr => $::ipaddress, - authentication_type => 'none', - } - ceph::osd { '/srv/data': } - EOS - - apply_manifest(pp, :catch_failures => true) - apply_manifest(pp, :catch_changes => true) - - shell 'sleep 10' # we need to wait a bit until the OSD is up - - shell 'ceph -s', { :acceptable_exit_codes => [0] } do |r| - expect(r.stdout).to match(/1 mons at/) - expect(r.stderr).to be_empty - end - - shell 'ceph osd tree | grep osd.0', { :acceptable_exit_codes => [0] } do |r| - expect(r.stdout).to match(/up/) - expect(r.stderr).to be_empty - end - end - - it 'should uninstall one osd' do - shell 'ceph osd tree | grep osd.0', { :acceptable_exit_codes => [0] } do |r| - expect(r.stdout).to match(/up/) - expect(r.stderr).to be_empty - end - - pp = <<-EOS - ceph::osd { '/srv/data': - ensure => absent, - } - EOS - - apply_manifest(pp, :catch_failures => true) - apply_manifest(pp, :catch_changes => true) - - shell 'sleep 10' # we need to wait a bit until the OSD is down - - shell 'ceph osd tree | grep osd.0', { :acceptable_exit_codes => [1] } - end - - it 'should uninstall one monitor' do - pp = <<-EOS - ceph::mon { 'a': - ensure => absent, - } - EOS - - apply_manifest(pp, :catch_failures => true) - apply_manifest(pp, :catch_changes => true) - - osfamily = fact 'osfamily' - operatingsystem = fact 'operatingsystem' - - if osfamily == 'Debian' && operatingsystem == 'Ubuntu' - shell 'status ceph-mon id=a', { :acceptable_exit_codes => [1] } do |r| - expect(r.stdout).to be_empty - expect(r.stderr).to match(/Unknown instance: ceph.a/) - end - end - if osfamily == 'RedHat' - shell 'service ceph status mon.a', { :acceptable_exit_codes => [1] } do |r| - expect(r.stdout).to match(/mon.a not found/) - expect(r.stderr).to be_empty - end - end - end - - it 'should purge all packages' do - pp = <<-EOS - package { #{packages}: - ensure => purged - } - class { 'ceph::repo': - ensure => absent, - } - file { [ - '/var/lib/ceph', - '/srv/data', - ]: - ensure => absent, - recurse => true, - purge => true, - force => true, - } - - EOS - - apply_manifest(pp, :catch_failures => true) - # can't check for idempotency because of https://tickets.puppetlabs.com/browse/PUP-1198 - #apply_manifest(pp, :catch_changes => true) - apply_manifest(pp, :catch_failures => true) - end - end -end -# Local Variables: -# compile-command: "cd ../.. -# BUNDLE_PATH=/tmp/vendor bundle install -# BEAKER_set=ubuntu-server-1204-x64 \ -# BUNDLE_PATH=/tmp/vendor \ -# bundle exec rspec spec/acceptance/ceph_usecases_spec.rb -# " -# End: diff --git a/ceph/spec/acceptance/nodesets/centos-70-x64.yml b/ceph/spec/acceptance/nodesets/centos-70-x64.yml deleted file mode 100644 index b75c1f17d..000000000 --- a/ceph/spec/acceptance/nodesets/centos-70-x64.yml +++ /dev/null @@ -1,15 +0,0 @@ -HOSTS: - first: - roles: - - master - - mon - - osd - - client - platform: el-7-x86_64 - box: puppetlabs/centos-7.0-64-nocm - box_url: https://atlas.hashicorp.com/puppetlabs/boxes/centos-7.0-64-nocm - hypervisor: vagrant - ip: 10.11.12.2 -CONFIG: - type: foss - set_env: false diff --git a/ceph/spec/acceptance/nodesets/default.yml b/ceph/spec/acceptance/nodesets/default.yml deleted file mode 100644 index 1cdca667c..000000000 --- a/ceph/spec/acceptance/nodesets/default.yml +++ /dev/null @@ -1,22 +0,0 @@ -HOSTS: - first: - roles: - - master - - mon - platform: ubuntu-1404-amd64 - box: puppetlabs/ubuntu-14.04-64-nocm - box_url: https://vagrantcloud.com/puppetlabs/boxes/ubuntu-14.04-64-nocm - hypervisor: vagrant - ip: 10.11.12.2 - second: - roles: - - osd - - client - platform: ubuntu-1404-amd64 - box: puppetlabs/ubuntu-14.04-64-nocm - box_url: https://vagrantcloud.com/puppetlabs/boxes/ubuntu-14.04-64-nocm - hypervisor: vagrant - ip: 10.11.12.3 -CONFIG: - type: foss - set_env: false diff --git a/ceph/spec/acceptance/nodesets/nodepool-centos7.yml b/ceph/spec/acceptance/nodesets/nodepool-centos7.yml deleted file mode 100644 index d52883df5..000000000 --- a/ceph/spec/acceptance/nodesets/nodepool-centos7.yml +++ /dev/null @@ -1,13 +0,0 @@ -HOSTS: - first: - roles: - - master - - mon - - osd - - client - platform: el-7-x86_64 - hypervisor: none - ip: 127.0.0.1 -CONFIG: - type: foss - set_env: false diff --git a/ceph/spec/acceptance/nodesets/nodepool-trusty.yml b/ceph/spec/acceptance/nodesets/nodepool-trusty.yml deleted file mode 100644 index dc22d561a..000000000 --- a/ceph/spec/acceptance/nodesets/nodepool-trusty.yml +++ /dev/null @@ -1,13 +0,0 @@ -HOSTS: - first: - roles: - - master - - mon - - osd - - client - platform: ubuntu-14.04-amd64 - hypervisor: none - ip: 127.0.0.1 -CONFIG: - type: foss - set_env: false diff --git a/ceph/spec/acceptance/nodesets/two-centos-70-x64.yml b/ceph/spec/acceptance/nodesets/two-centos-70-x64.yml deleted file mode 100644 index d2607a381..000000000 --- a/ceph/spec/acceptance/nodesets/two-centos-70-x64.yml +++ /dev/null @@ -1,22 +0,0 @@ -HOSTS: - first: - roles: - - master - - mon - platform: el-7-x86_64 - box: puppetlabs/centos-7.0-64-nocm - box_url: https://atlas.hashicorp.com/puppetlabs/boxes/centos-7.0-64-nocm - hypervisor: vagrant - ip: 10.11.12.2 - second: - roles: - - osd - - client - platform: el-7-x86_64 - box: puppetlabs/centos-7.0-64-nocm - box_url: https://atlas.hashicorp.com/puppetlabs/boxes/centos-7.0-64-nocm - hypervisor: vagrant - ip: 10.11.12.3 -CONFIG: - type: foss - set_env: false diff --git a/ceph/spec/acceptance/nodesets/two-ubuntu-server-1404-x64.yml b/ceph/spec/acceptance/nodesets/two-ubuntu-server-1404-x64.yml deleted file mode 100644 index 1cdca667c..000000000 --- a/ceph/spec/acceptance/nodesets/two-ubuntu-server-1404-x64.yml +++ /dev/null @@ -1,22 +0,0 @@ -HOSTS: - first: - roles: - - master - - mon - platform: ubuntu-1404-amd64 - box: puppetlabs/ubuntu-14.04-64-nocm - box_url: https://vagrantcloud.com/puppetlabs/boxes/ubuntu-14.04-64-nocm - hypervisor: vagrant - ip: 10.11.12.2 - second: - roles: - - osd - - client - platform: ubuntu-1404-amd64 - box: puppetlabs/ubuntu-14.04-64-nocm - box_url: https://vagrantcloud.com/puppetlabs/boxes/ubuntu-14.04-64-nocm - hypervisor: vagrant - ip: 10.11.12.3 -CONFIG: - type: foss - set_env: false diff --git a/ceph/spec/acceptance/nodesets/ubuntu-server-1404-x64.yml b/ceph/spec/acceptance/nodesets/ubuntu-server-1404-x64.yml deleted file mode 100644 index ff0792750..000000000 --- a/ceph/spec/acceptance/nodesets/ubuntu-server-1404-x64.yml +++ /dev/null @@ -1,15 +0,0 @@ -HOSTS: - first: - roles: - - master - - mon - - osd - - client - platform: ubuntu-1404-amd64 - box: puppetlabs/ubuntu-14.04-64-nocm - box_url: https://vagrantcloud.com/puppetlabs/boxes/ubuntu-14.04-64-nocm - hypervisor: vagrant - ip: 10.11.12.2 -CONFIG: - type: foss - set_env: false diff --git a/ceph/spec/classes/ceph_conf_spec.rb b/ceph/spec/classes/ceph_conf_spec.rb deleted file mode 100644 index 830f0f326..000000000 --- a/ceph/spec/classes/ceph_conf_spec.rb +++ /dev/null @@ -1,49 +0,0 @@ -# -# Copyright (C) 2013 Cloudwatt -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# Author: Loic Dachary -# -require 'spec_helper' - -describe 'ceph::conf' do - - let :params do - { - :args => { - 'A' => { - 'value' => 'AA VALUE', - }, - 'B' => { } - }, - :defaults => { - 'value' => 'DEFAULT', - }, - } - end - - it { - is_expected.to contain_ceph_config('A').with('value' => "AA VALUE") - is_expected.to contain_ceph_config('B').with('value' => "DEFAULT") - } - -end - -# Local Variables: -# compile-command: "cd ../.. ; -# export BUNDLE_PATH=/tmp/vendor ; -# bundle install ; -# bundle exec rake spec -# " -# End: diff --git a/ceph/spec/classes/ceph_init_spec.rb b/ceph/spec/classes/ceph_init_spec.rb deleted file mode 100644 index ae2c187cf..000000000 --- a/ceph/spec/classes/ceph_init_spec.rb +++ /dev/null @@ -1,144 +0,0 @@ -# Copyright (C) 2013, 2014 iWeb Technologies Inc. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# Author: David Moreau Simard - -require 'spec_helper' - -describe 'ceph' do - - shared_examples_for 'ceph' do - describe "with default params and specified fsid" do - let :params do - { - :fsid => 'd5252e7d-75bc-4083-85ed-fe51fa83f62b', - } - end - - it { is_expected.to contain_package('ceph').with( - 'name' => 'ceph', - 'ensure' => 'present') } - - it { is_expected.to contain_ceph_config('global/fsid').with_value('d5252e7d-75bc-4083-85ed-fe51fa83f62b') } - it { is_expected.to_not contain_ceph_config('global/keyring').with_value('/etc/ceph/keyring') } - it { is_expected.to_not contain_ceph_config('global/osd_pool_default_pg_num').with_value('128') } - it { is_expected.to_not contain_ceph_config('global/osd_pool_default_pgp_num').with_value('128') } - it { is_expected.to_not contain_ceph_config('global/osd_pool_default_size').with_value('3') } - it { is_expected.to_not contain_ceph_config('global/osd_pool_default_min_size').with_value('2') } - it { is_expected.to_not contain_ceph_config('global/osd_pool_default_crush_rule').with_value('0') } - it { is_expected.to_not contain_ceph_config('global/mon_osd_full_ratio').with_value('90') } - it { is_expected.to_not contain_ceph_config('global/mon_osd_nearfull_ratio').with_value('85') } - it { is_expected.to_not contain_ceph_config('global/mon_initial_members').with_value('mon.01') } - it { is_expected.to_not contain_ceph_config('global/mon_host').with_value('mon01.ceph, mon02.ceph') } - it { is_expected.to_not contain_ceph_config('global/ms_bind_ipv6').with_value('false') } - it { is_expected.to_not contain_ceph_config('global/require_signatures').with_value('false') } - it { is_expected.to_not contain_ceph_config('global/cluster_require_signatures').with_value('false') } - it { is_expected.to_not contain_ceph_config('global/service_require_signatures').with_value('false') } - it { is_expected.to_not contain_ceph_config('global/sign_messages').with_value('true') } - it { is_expected.to_not contain_ceph_config('global/cluster_network').with_value('10.0.0.0/24') } - it { is_expected.to_not contain_ceph_config('global/public_network').with_value('192.168.0.0/24') } - it { is_expected.to_not contain_ceph_config('global/public_addr').with_value('192.168.0.2') } - it { is_expected.to_not contain_ceph_config('osd/osd_journal_size').with_value('4096') } - it { is_expected.to contain_ceph_config('global/auth_cluster_required').with_value('cephx') } - it { is_expected.to contain_ceph_config('global/auth_service_required').with_value('cephx') } - it { is_expected.to contain_ceph_config('global/auth_client_required').with_value('cephx') } - it { is_expected.to contain_ceph_config('global/auth_supported').with_value('cephx') } - it { is_expected.to_not contain_ceph_config('global/auth_cluster_required').with_value('none') } - it { is_expected.to_not contain_ceph_config('global/auth_service_required').with_value('none') } - it { is_expected.to_not contain_ceph_config('global/auth_client_required').with_value('none') } - it { is_expected.to_not contain_ceph_config('global/auth_supported').with_value('none') } - end - - describe "with custom params and specified fsid" do - let :params do - { - :fsid => 'd5252e7d-75bc-4083-85ed-fe51fa83f62b', - :authentication_type => 'none', - :keyring => '/usr/local/ceph/etc/keyring', - :osd_journal_size => '1024', - :osd_pool_default_pg_num => '256', - :osd_pool_default_pgp_num => '256', - :osd_pool_default_size => '2', - :osd_pool_default_min_size => '1', - :osd_pool_default_crush_rule => '10', - :mon_osd_full_ratio => '95', - :mon_osd_nearfull_ratio => '90', - :mon_initial_members => 'mon.01', - :mon_host => 'mon01.ceph, mon02.ceph', - :ms_bind_ipv6 => 'true', - :require_signatures => 'true', - :cluster_require_signatures => 'true', - :service_require_signatures => 'true', - :sign_messages => 'false', - :cluster_network => '10.0.0.0/24', - :public_network => '192.168.0.0/24', - :public_addr => '192.168.0.2', - } - end - - it { is_expected.to contain_package('ceph').with( - 'name' => 'ceph', - 'ensure' => 'present') } - - it { is_expected.to contain_ceph_config('global/fsid').with_value('d5252e7d-75bc-4083-85ed-fe51fa83f62b') } - it { is_expected.to contain_ceph_config('global/keyring').with_value('/usr/local/ceph/etc/keyring') } - it { is_expected.to contain_ceph_config('global/osd_pool_default_pg_num').with_value('256') } - it { is_expected.to contain_ceph_config('global/osd_pool_default_pgp_num').with_value('256') } - it { is_expected.to contain_ceph_config('global/osd_pool_default_size').with_value('2') } - it { is_expected.to contain_ceph_config('global/osd_pool_default_min_size').with_value('1') } - it { is_expected.to contain_ceph_config('global/osd_pool_default_crush_rule').with_value('10') } - it { is_expected.to contain_ceph_config('global/mon_osd_full_ratio').with_value('95') } - it { is_expected.to contain_ceph_config('global/mon_osd_nearfull_ratio').with_value('90') } - it { is_expected.to contain_ceph_config('global/mon_initial_members').with_value('mon.01') } - it { is_expected.to contain_ceph_config('global/mon_host').with_value('mon01.ceph, mon02.ceph') } - it { is_expected.to contain_ceph_config('global/ms_bind_ipv6').with_value('true') } - it { is_expected.to contain_ceph_config('global/require_signatures').with_value('true') } - it { is_expected.to contain_ceph_config('global/cluster_require_signatures').with_value('true') } - it { is_expected.to contain_ceph_config('global/service_require_signatures').with_value('true') } - it { is_expected.to contain_ceph_config('global/sign_messages').with_value('false') } - it { is_expected.to contain_ceph_config('global/cluster_network').with_value('10.0.0.0/24') } - it { is_expected.to contain_ceph_config('global/public_network').with_value('192.168.0.0/24') } - it { is_expected.to contain_ceph_config('global/public_addr').with_value('192.168.0.2') } - it { is_expected.to contain_ceph_config('osd/osd_journal_size').with_value('1024') } - it { is_expected.to_not contain_ceph_config('global/auth_cluster_required').with_value('cephx') } - it { is_expected.to_not contain_ceph_config('global/auth_service_required').with_value('cephx') } - it { is_expected.to_not contain_ceph_config('global/auth_client_required').with_value('cephx') } - it { is_expected.to_not contain_ceph_config('global/auth_supported').with_value('cephx') } - it { is_expected.to contain_ceph_config('global/auth_cluster_required').with_value('none') } - it { is_expected.to contain_ceph_config('global/auth_service_required').with_value('none') } - it { is_expected.to contain_ceph_config('global/auth_client_required').with_value('none') } - it { is_expected.to contain_ceph_config('global/auth_supported').with_value('none') } - end - end - - describe 'Debian Family' do - let :facts do - { - :osfamily => 'Debian', - } - end - - it_configures 'ceph' - end - - describe 'RedHat Family' do - let :facts do - { - :osfamily => 'RedHat', - } - end - - it_configures 'ceph' - end -end diff --git a/ceph/spec/classes/ceph_mds_spec.rb b/ceph/spec/classes/ceph_mds_spec.rb deleted file mode 100644 index 0723f3a2c..000000000 --- a/ceph/spec/classes/ceph_mds_spec.rb +++ /dev/null @@ -1,77 +0,0 @@ -# Copyright (C) 2013, 2014 iWeb Technologies Inc. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# Author: David Moreau Simard - -require 'spec_helper' - -describe 'ceph::mds' do - - shared_examples_for 'ceph mds' do - describe "activated with default params" do - - it { is_expected.to contain_ceph_config('mds/mds_data').with_value('/var/lib/ceph/mds/$cluster-$id') } - it { is_expected.to contain_ceph_config('mds/keyring').with_value('/var/lib/ceph/mds/$cluster-$id/keyring') } - - end - - describe "activated with custom params" do - let :params do - { - :mds_data => '/usr/local/ceph/var/lib/mds/_cluster-_id', - :keyring => '/usr/local/ceph/var/lib/mds/_cluster-_id/keyring' - } - end - - it { is_expected.to contain_ceph_config('mds/mds_data').with_value('/usr/local/ceph/var/lib/mds/_cluster-_id') } - it { is_expected.to contain_ceph_config('mds/keyring').with_value('/usr/local/ceph/var/lib/mds/_cluster-_id/keyring') } - - end - - describe "not activated" do - let :params do - { - :mds_activate => false - } - end - - it { is_expected.to_not contain_ceph_config('mds/mds_data').with_value('/var/lib/ceph/mds/_cluster-_id') } - it { is_expected.to_not contain_ceph_config('mds/keyring').with_value('/var/lib/ceph/mds/_cluster-_id/keyring') } - it { is_expected.to contain_ceph_config('mds/mds_data').with_ensure('absent') } - it { is_expected.to contain_ceph_config('mds/keyring').with_ensure('absent') } - - end - end - - describe 'Debian Family' do - let :facts do - { - :osfamily => 'Debian', - } - end - - it_configures 'ceph mds' - end - - describe 'RedHat Family' do - let :facts do - { - :osfamily => 'RedHat', - } - end - - it_configures 'ceph mds' - end - -end diff --git a/ceph/spec/classes/ceph_mons_spec.rb b/ceph/spec/classes/ceph_mons_spec.rb deleted file mode 100644 index 72230310b..000000000 --- a/ceph/spec/classes/ceph_mons_spec.rb +++ /dev/null @@ -1,90 +0,0 @@ -# -# Copyright (C) 2013 Cloudwatt -# Copyright (C) 2014 Nine Internet Solutions AG -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# Author: Loic Dachary -# Author: David Gurtner -# -require 'spec_helper' - -describe 'ceph::mons' do - - shared_examples_for 'ceph mons' do - let :params do - { - :args => { - 'A' => { - 'public_addr' => '1.2.3.4', - 'authentication_type' => 'none', - }, - 'B' => { - 'public_addr' => '1.2.3.4', - 'authentication_type' => 'none', - }, - }, - :defaults => { - 'cluster' => 'CLUSTER', - }, - } - end - - it { - is_expected.to contain_service('ceph-mon-A').with('ensure' => "running") - is_expected.to contain_service('ceph-mon-B').with('ensure' => "running") - } - end - - describe 'Ubuntu' do - let :facts do - { - :osfamily => 'Debian', - :operatingsystem => 'Ubuntu', - } - end - - it_configures 'ceph mons' - end - - describe 'Debian' do - let :facts do - { - :osfamily => 'Debian', - :operatingsystem => 'Debian', - } - end - - it_configures 'ceph mons' - end - - describe 'RHEL7' do - let :facts do - { - :osfamily => 'RedHat', - :operatingsystemmajrelease => '7', - } - end - - it_configures 'ceph mons' - end - -end - -# Local Variables: -# compile-command: "cd ../.. ; -# export BUNDLE_PATH=/tmp/vendor ; -# bundle install ; -# bundle exec rake spec -# " -# End: diff --git a/ceph/spec/classes/ceph_osds_spec.rb b/ceph/spec/classes/ceph_osds_spec.rb deleted file mode 100644 index 33ba80282..000000000 --- a/ceph/spec/classes/ceph_osds_spec.rb +++ /dev/null @@ -1,89 +0,0 @@ -# -# Copyright (C) 2014 Nine Internet Solutions AG -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# Author: David Gurtner -# -require 'spec_helper' - -describe 'ceph::osds' do - - shared_examples_for 'ceph osds' do - let :params do - { - :args => { - '/dev/sdb' => { - 'journal' => '/srv/journal', - }, - '/srv/data' => { - }, - }, - :defaults => { - 'cluster' => 'CLUSTER', - }, - } - end - - it { - is_expected.to contain_ceph__osd('/dev/sdb').with( - :ensure => 'present', - :journal => '/srv/journal', - :cluster => 'CLUSTER' - ) - is_expected.to contain_ceph__osd('/srv/data').with( - :ensure => 'present', - :cluster => 'CLUSTER') - } - end - - describe 'Ubuntu' do - let :facts do - { - :osfamily => 'Debian', - :operatingsystem => 'Ubuntu', - } - end - - it_configures 'ceph osds' - end - - describe 'Debian' do - let :facts do - { - :osfamily => 'Debian', - :operatingsystem => 'Debian', - } - end - - it_configures 'ceph osds' - end - - describe 'RedHat' do - let :facts do - { - :osfamily => 'RedHat', - :operatingsystem => 'RedHat', - } - end - - it_configures 'ceph osds' - end -end - -# Local Variables: -# compile-command: "cd ../..; -# bundle install --path=vendor; -# bundle exec rake spec -# " -# End: diff --git a/ceph/spec/classes/ceph_profile_base_spec.rb b/ceph/spec/classes/ceph_profile_base_spec.rb deleted file mode 100644 index bfb8ea79b..000000000 --- a/ceph/spec/classes/ceph_profile_base_spec.rb +++ /dev/null @@ -1,80 +0,0 @@ -# -# Copyright (C) 2014 Nine Internet Solutions AG -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# Author: David Gurtner -# -require 'spec_helper' - -describe 'ceph::profile::base' do - - shared_examples_for 'ceph profile base' do - describe "with default params" do - it { is_expected.to contain_class('ceph::profile::params') } - it { is_expected.to contain_class('ceph::repo') } - it { is_expected.to contain_class('ceph') } - end - - describe "with custom param manage_repo false" do - let :pre_condition do - "class { 'ceph::profile::params': manage_repo => false }" - end - it { is_expected.to contain_class('ceph::profile::params') } - it { is_expected.to_not contain_class('ceph::repo') } - it { is_expected.to contain_class('ceph') } - end - end - - context 'on Debian' do - - let :facts do - { - :osfamily => 'Debian', - :lsbdistid => 'Debian', - :lsbdistcodename => 'jessie' - } - end - - it_configures 'ceph profile base' - end - - context 'on Ubuntu' do - - let :facts do - { - :osfamily => 'Debian', - :lsbdistid => 'Ubuntu', - :lsbdistcodename => 'trusty' - } - end - - it_configures 'ceph profile base' - end - - context 'on RHEL7' do - - let :facts do - { :osfamily => 'RedHat', - :operatingsystemmajrelease => '7' } - end - - it_configures 'ceph profile base' - end -end -# Local Variables: -# compile-command: "cd ../.. ; -# BUNDLE_PATH=/tmp/vendor bundle install ; -# BUNDLE_PATH=/tmp/vendor bundle exec rake spec -# " -# End: diff --git a/ceph/spec/classes/ceph_profile_client_spec.rb b/ceph/spec/classes/ceph_profile_client_spec.rb deleted file mode 100644 index f89b580cb..000000000 --- a/ceph/spec/classes/ceph_profile_client_spec.rb +++ /dev/null @@ -1,136 +0,0 @@ -# -# Copyright (C) 2014 Nine Internet Solutions AG -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# Author: David Gurtner -# Author: David Moreau Simard -# -require 'spec_helper' - -describe 'ceph::profile::client' do - - shared_examples_for 'ceph profile client' do - context 'with the default client keys defined in common.yaml' do - - it { is_expected.to contain_class('ceph::profile::base') } - it { is_expected.to contain_class('ceph::keys').with( - 'args' => { - 'client.admin' => { - 'secret' => 'AQBMGHJTkC8HKhAAJ7NH255wYypgm1oVuV41MA==', - 'mode' => '0600', - 'cap_mon' => 'allow *', - 'cap_osd' => 'allow *', - 'cap_mds' => 'allow *' - }, - 'client.bootstrap-osd' => { - 'secret' => 'AQARG3JTsDDEHhAAVinHPiqvJkUi5Mww/URupw==', - 'keyring_path' => '/var/lib/ceph/bootstrap-osd/ceph.keyring', - 'cap_mon' => 'allow profile bootstrap-osd' - }, - 'client.bootstrap-mds' => { - 'secret' => 'AQCztJdSyNb0NBAASA2yPZPuwXeIQnDJ9O8gVw==', - 'keyring_path' => '/var/lib/ceph/bootstrap-mds/ceph.keyring', - 'cap_mon' => 'allow profile bootstrap-mds' - }, - 'client.volumes' => { - 'secret' => 'AQA4MPZTOGU0ARAAXH9a0fXxVq0X25n2yPREDw==', - 'mode' => '0644', - 'user' => 'root', - 'group' => 'root', - 'cap_mon' => 'allow r', - 'cap_osd' => 'allow class-read object_prefix rbd_children, allow rwx pool=volumes' - } - } - )} - end - - context 'with the specific client keys defined in client.yaml' do - - before :each do - facts.merge!( :hostname => 'client') - end - - it { is_expected.to contain_class('ceph::profile::base') } - it { is_expected.to contain_class('ceph::keys').with( - 'args' => { - 'client.volumes' => { - 'secret' => 'AQA4MPZTOGU0ARAAXH9a0fXxVq0X25n2yPREDw==', - 'mode' => '0644', - 'user' => 'root', - 'group' => 'root', - 'cap_mon' => 'allow r', - 'cap_osd' => 'allow class-read object_prefix rbd_children, allow rwx pool=volumes' - } - } - )} - end - - context 'without cephx and client_keys' do - let :pre_condition do - "class { 'ceph::profile::params': - authentication_type => 'undef', - client_keys => {} - }" - end - - it { is_expected.to contain_class('ceph::profile::base') } - it { is_expected.to_not contain_class('ceph::keys') } - end - end - - context 'on Debian' do - - let :facts do - { - :osfamily => 'Debian', - :lsbdistid => 'Debian', - :lsbdistcodename => 'jessie', - :operatingsystem => 'Debian', - } - end - - it_configures 'ceph profile client' - end - - context 'on Ubuntu' do - - let :facts do - { - :osfamily => 'Debian', - :lsbdistid => 'Ubuntu', - :lsbdistcodename => 'trusty', - :operatingsystem => 'Ubuntu', - } - end - - it_configures 'ceph profile client' - end - - context 'on RHEL7' do - - let :facts do - { :osfamily => 'RedHat', - :operatingsystemmajrelease => '7' } - end - - - it_configures 'ceph profile client' - end -end -# Local Variables: -# compile-command: "cd ../.. ; -# BUNDLE_PATH=/tmp/vendor bundle install ; -# BUNDLE_PATH=/tmp/vendor bundle exec rake spec -# " -# End: diff --git a/ceph/spec/classes/ceph_profile_mon_spec.rb b/ceph/spec/classes/ceph_profile_mon_spec.rb deleted file mode 100644 index 6386c3ba8..000000000 --- a/ceph/spec/classes/ceph_profile_mon_spec.rb +++ /dev/null @@ -1,112 +0,0 @@ -# -# Copyright (C) 2014 Nine Internet Solutions AG -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# Author: David Gurtner -# -require 'spec_helper' - -describe 'ceph::profile::mon' do - - shared_examples_for 'ceph profile mon' do - - it { is_expected.to contain_ceph__mon('first').with( - :authentication_type => 'cephx', - :key => 'AQATGHJTUCBqIBAA7M2yafV1xctn1pgr3GcKPg==', - :public_addr => '10.11.12.2') - } - it { is_expected.to contain_class('ceph::keys').with( - 'args' => { - 'client.admin' => { - 'secret' => 'AQBMGHJTkC8HKhAAJ7NH255wYypgm1oVuV41MA==', - 'mode' => '0600', - 'cap_mon' => 'allow *', - 'cap_osd' => 'allow *', - 'cap_mds' => 'allow *' - }, - 'client.bootstrap-osd' => { - 'secret' => 'AQARG3JTsDDEHhAAVinHPiqvJkUi5Mww/URupw==', - 'keyring_path' => '/var/lib/ceph/bootstrap-osd/ceph.keyring', - 'cap_mon' => 'allow profile bootstrap-osd' - }, - 'client.bootstrap-mds' => { - 'secret' => 'AQCztJdSyNb0NBAASA2yPZPuwXeIQnDJ9O8gVw==', - 'keyring_path' => '/var/lib/ceph/bootstrap-mds/ceph.keyring', - 'cap_mon' => 'allow profile bootstrap-mds' - }, - 'client.volumes' => { - 'secret' => 'AQA4MPZTOGU0ARAAXH9a0fXxVq0X25n2yPREDw==', - 'mode' => '0644', - 'user' => 'root', - 'group' => 'root', - 'cap_mon' => 'allow r', - 'cap_osd' => 'allow class-read object_prefix rbd_children, allow rwx pool=volumes' - } - }, - 'defaults' => { - 'inject' => true, - 'inject_as_id' => 'mon.', - 'inject_keyring' => '/var/lib/ceph/mon/ceph-first/keyring' - } - )} - end - - context 'on Debian' do - - let :facts do - { - :osfamily => 'Debian', - :lsbdistid => 'Debian', - :lsbdistcodename => 'jessie', - :operatingsystem => 'Debian', - :hostname => 'first', - } - end - - it_configures 'ceph profile mon' - end - - context 'on Ubuntu' do - - let :facts do - { - :osfamily => 'Debian', - :lsbdistid => 'Ubuntu', - :lsbdistcodename => 'trusty', - :operatingsystem => 'Ubuntu', - :hostname => 'first', - } - end - - it_configures 'ceph profile mon' - end - - context 'on RHEL7' do - - let :facts do - { :osfamily => 'RedHat', - :hostname => 'first', - :operatingsystemmajrelease => '7' } - end - - it_configures 'ceph profile mon' - end - -end -# Local Variables: -# compile-command: "cd ../.. ; -# BUNDLE_PATH=/tmp/vendor bundle install ; -# BUNDLE_PATH=/tmp/vendor bundle exec rake spec -# " -# End: diff --git a/ceph/spec/classes/ceph_profile_osd_spec.rb b/ceph/spec/classes/ceph_profile_osd_spec.rb deleted file mode 100644 index 1aa97abe2..000000000 --- a/ceph/spec/classes/ceph_profile_osd_spec.rb +++ /dev/null @@ -1,88 +0,0 @@ -# -# Copyright (C) 2014 Nine Internet Solutions AG -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# Author: David Gurtner -# -require 'spec_helper' - -describe 'ceph::profile::osd' do - - shared_examples_for 'ceph profile osd' do - context 'with the default osd defined in common.yaml' do - - before :each do - facts.merge!( :hostname => 'osd') - end - - it { is_expected.to contain_class('ceph::profile::client') } - it { is_expected.to contain_ceph__osd('/dev/sdc').with(:journal => '/dev/sdb') } - it { is_expected.to contain_ceph__osd('/dev/sdd').with(:journal => '/dev/sdb') } - end - - context 'with the host specific first.yaml' do - - before :each do - facts.merge!( :hostname => 'first') - end - - it { is_expected.to contain_class('ceph::profile::client') } - it { is_expected.to contain_ceph__osd('/dev/sdb').with( :journal => '/srv/journal') } - end - end - - describe 'on Debian' do - - let :facts do - { - :osfamily => 'Debian', - :lsbdistid => 'Debian', - :lsbdistcodename => 'jessie', - :operatingsystem => 'Debian', - } - end - - it_configures 'ceph profile osd' - end - - describe 'on Ubuntu' do - - let :facts do - { - :osfamily => 'Debian', - :lsbdistid => 'Ubuntu', - :lsbdistcodename => 'trusty', - :operatingsystem => 'Ubuntu', - } - end - - it_configures 'ceph profile osd' - end - - describe 'on RHEL7' do - - let :facts do - { :osfamily => 'RedHat', - :operatingsystemmajrelease => '7' } - end - - it_configures 'ceph profile osd' - end -end -# Local Variables: -# compile-command: "cd ../.. ; -# BUNDLE_PATH=/tmp/vendor bundle install ; -# BUNDLE_PATH=/tmp/vendor bundle exec rake spec -# " -# End: diff --git a/ceph/spec/classes/ceph_profile_params_spec.rb b/ceph/spec/classes/ceph_profile_params_spec.rb deleted file mode 100644 index 2eabc7dc0..000000000 --- a/ceph/spec/classes/ceph_profile_params_spec.rb +++ /dev/null @@ -1,90 +0,0 @@ -# -# Copyright (C) 2015 iWeb Technologies Inc. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# Author: David Moreau Simard -# -require 'spec_helper' - -describe 'ceph::profile::params' do - - shared_examples_for 'ceph profile params' do - describe "should fail when client_keys is not a hash" do - - let :pre_condition do - "class { 'ceph::profile::params': - client_keys => 'client.admin' - }" - end - - it { is_expected.to raise_error Puppet::Error, /is not a Hash/ } - end - - describe "should fail when using cephx without client_keys" do - - let :pre_condition do - "class { 'ceph::profile::params': - authentication_type => 'cephx', - client_keys => {} - }" - end - - it { is_expected.to raise_error Puppet::Error, - /client_keys must be provided when using authentication_type = 'cephx'/ - } - end - end - - context 'on Debian' do - - let :facts do - { - :osfamily => 'Debian', - :lsbdistcodename => 'jessie' - } - end - - it_configures 'ceph profile params' - end - - context 'on Ubuntu' do - - let :facts do - { - :osfamily => 'Debian', - :lsbdistcodename => 'trusty' - } - end - - it_configures 'ceph profile params' - end - - context 'on RHEL7' do - - let :facts do - { - :osfamily => 'RedHat', - :operatingsystemmajrelease => '7' - } - end - - it_configures 'ceph profile params' - end -end -# Local Variables: -# compile-command: "cd ../.. ; -# BUNDLE_PATH=/tmp/vendor bundle install ; -# BUNDLE_PATH=/tmp/vendor bundle exec rake spec -# " -# End: diff --git a/ceph/spec/classes/ceph_repo_spec.rb b/ceph/spec/classes/ceph_repo_spec.rb deleted file mode 100644 index 8853501e4..000000000 --- a/ceph/spec/classes/ceph_repo_spec.rb +++ /dev/null @@ -1,663 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright (C) iWeb Technologies Inc. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# Author: Francois Charlier -# Author: David Moreau Simard -# Author: Andrew Woodward - -require 'spec_helper' - -describe 'ceph::repo' do - - describe 'Debian' do - - let :facts do - { - :osfamily => 'Debian', - :lsbdistid => 'Debian', - :lsbdistcodename => 'jessie', - } - end - - describe "with default params" do - - it { is_expected.to contain_apt__key('ceph').with( - :id => '08B73419AC32B4E966C1A330E84AC2C0460F3994', - :source => 'https://download.ceph.com/keys/release.asc' - ) } - - it { is_expected.to contain_apt__source('ceph').with( - :location => 'http://download.ceph.com/debian-hammer/', - :release => 'jessie', - :require => 'Apt::Key[ceph]' - ) } - - end - - describe "when overriding ceph release" do - let :params do - { - :release => 'firefly' - } - end - - it { is_expected.to contain_apt__source('ceph').with( - :location => 'http://download.ceph.com/debian-firefly/', - :release => 'jessie', - :require => 'Apt::Key[ceph]' - ) } - end - - end - - describe 'Ubuntu' do - - let :facts do - { - :osfamily => 'Debian', - :lsbdistid => 'Ubuntu', - :lsbdistcodename => 'trusty', - :hardwaremodel => 'x86_64', - } - end - - describe "with default params" do - - it { is_expected.to contain_apt__key('ceph').with( - :id => '08B73419AC32B4E966C1A330E84AC2C0460F3994', - :source => 'https://download.ceph.com/keys/release.asc' - ) } - - it { is_expected.to contain_apt__source('ceph').with( - :location => 'http://download.ceph.com/debian-hammer/', - :release => 'trusty', - :require => 'Apt::Key[ceph]' - ) } - - end - - describe "when overriding ceph release" do - let :params do - { - :release => 'firefly' - } - end - - it { is_expected.to contain_apt__source('ceph').with( - :location => 'http://download.ceph.com/debian-firefly/', - :release => 'trusty', - :require => 'Apt::Key[ceph]' - ) } - end - - describe "when wanting fast-cgi" do - let :params do - { - :fastcgi => true - } - end - - it { is_expected.to contain_apt__key('ceph-gitbuilder').with( - :id => 'FCC5CB2ED8E6F6FB79D5B3316EAEAE2203C3951A', - :server => 'keyserver.ubuntu.com' - ) } - - it { is_expected.to contain_apt__source('ceph').with( - :location => 'http://download.ceph.com/debian-hammer/', - :release => 'trusty', - :require => 'Apt::Key[ceph]' - ) } - - it { is_expected.to contain_apt__source('ceph-fastcgi').with( - :ensure => 'present', - :location => 'http://gitbuilder.ceph.com/libapache-mod-fastcgi-deb-trusty-x86_64-basic/ref/master', - :release => 'trusty', - :require => 'Apt::Key[ceph-gitbuilder]' - ) } - - end - - describe "with ensure => absent to disable" do - let :params do - { - :ensure => 'absent', - :fastcgi => true - } - end - - it { is_expected.to contain_apt__source('ceph').with( - :ensure => 'absent', - :location => 'http://download.ceph.com/debian-hammer/', - :release => 'trusty', - :require => 'Apt::Key[ceph]' - ) } - - it { is_expected.to contain_apt__source('ceph-fastcgi').with( - :ensure => 'absent', - :location => 'http://gitbuilder.ceph.com/libapache-mod-fastcgi-deb-trusty-x86_64-basic/ref/master', - :release => 'trusty', - :require => 'Apt::Key[ceph-gitbuilder]' - ) } - - end - - end - - describe 'RHEL7' do - - let :facts do - { - :osfamily => 'RedHat', - :operatingsystem => 'RedHat', - :operatingsystemmajrelease => '7', - } - end - - describe "with default params" do - - it { is_expected.not_to contain_file_line('exclude base') } - - it { is_expected.to contain_yumrepo('ext-epel-7').with( - :enabled => '1', - :descr => 'External EPEL 7', - :name => 'ext-epel-7', - :baseurl => 'absent', - :gpgcheck => '1', - :gpgkey => 'https://dl.fedoraproject.org/pub/epel/RPM-GPG-KEY-EPEL-7', - :mirrorlist => 'http://mirrors.fedoraproject.org/metalink?repo=epel-7&arch=$basearch', - :priority => '20', - :exclude => 'python-ceph-compat python-rbd python-rados python-cephfs', - ) } - - it { is_expected.to contain_yumrepo('ext-ceph').with( - :enabled => '1', - :descr => 'External Ceph hammer', - :name => 'ext-ceph-hammer', - :baseurl => 'http://download.ceph.com/rpm-hammer/el7/$basearch', - :gpgcheck => '1', - :gpgkey => 'https://download.ceph.com/keys/release.asc', - :mirrorlist => 'absent', - :priority => '10' - ) } - - it { is_expected.to contain_yumrepo('ext-ceph-noarch').with( - :enabled => '1', - :descr => 'External Ceph noarch', - :name => 'ext-ceph-hammer-noarch', - :baseurl => 'http://download.ceph.com/rpm-hammer/el7/noarch', - :gpgcheck => '1', - :gpgkey => 'https://download.ceph.com/keys/release.asc', - :mirrorlist => 'absent', - :priority => '10' - ) } - end - - describe "when overriding ceph release" do - let :params do - { - :release => 'firefly' - } - end - - it { is_expected.not_to contain_file_line('exclude base') } - - it { is_expected.to contain_yumrepo('ext-epel-7').with( - :enabled => '1', - :descr => 'External EPEL 7', - :name => 'ext-epel-7', - :baseurl => 'absent', - :gpgcheck => '1', - :gpgkey => 'https://dl.fedoraproject.org/pub/epel/RPM-GPG-KEY-EPEL-7', - :mirrorlist => 'http://mirrors.fedoraproject.org/metalink?repo=epel-7&arch=$basearch', - :priority => '20', - :exclude => 'python-ceph-compat python-rbd python-rados python-cephfs', - ) } - - it { is_expected.to contain_yumrepo('ext-ceph').with( - :enabled => '1', - :descr => 'External Ceph firefly', - :name => 'ext-ceph-firefly', - :baseurl => 'http://download.ceph.com/rpm-firefly/el7/$basearch', - :gpgcheck => '1', - :gpgkey => 'https://download.ceph.com/keys/release.asc', - :mirrorlist => 'absent', - :priority => '10' - ) } - - it { is_expected.to contain_yumrepo('ext-ceph-noarch').with( - :enabled => '1', - :descr => 'External Ceph noarch', - :name => 'ext-ceph-firefly-noarch', - :baseurl => 'http://download.ceph.com/rpm-firefly/el7/noarch', - :gpgcheck => '1', - :gpgkey => 'https://download.ceph.com/keys/release.asc', - :mirrorlist => 'absent', - :priority => '10' - ) } - end - - describe "when disabling EPEL" do - let :params do - { - :enable_epel => false, - } - end - - it { is_expected.to_not contain_yumrepo('ext-epel-7') } - end - - describe "when using a proxy for yum repositories" do - let :params do - { - :proxy => 'http://someproxy.com:8080/', - :proxy_username => 'proxyuser', - :proxy_password => 'proxypassword' - } - end - - it { is_expected.not_to contain_file_line('exclude base') } - - it { is_expected.to contain_yumrepo('ext-epel-7').with( - :enabled => '1', - :descr => 'External EPEL 7', - :name => 'ext-epel-7', - :baseurl => 'absent', - :gpgcheck => '1', - :gpgkey => 'https://dl.fedoraproject.org/pub/epel/RPM-GPG-KEY-EPEL-7', - :mirrorlist => 'http://mirrors.fedoraproject.org/metalink?repo=epel-7&arch=$basearch', - :priority => '20', - :exclude => 'python-ceph-compat python-rbd python-rados python-cephfs', - :proxy => 'http://someproxy.com:8080/', - :proxy_username => 'proxyuser', - :proxy_password => 'proxypassword', - ) } - - it { is_expected.to contain_yumrepo('ext-ceph').with( - :enabled => '1', - :descr => 'External Ceph hammer', - :name => 'ext-ceph-hammer', - :baseurl => 'http://download.ceph.com/rpm-hammer/el7/$basearch', - :gpgcheck => '1', - :gpgkey => 'https://download.ceph.com/keys/release.asc', - :mirrorlist => 'absent', - :priority => '10', - :proxy => 'http://someproxy.com:8080/', - :proxy_username => 'proxyuser', - :proxy_password => 'proxypassword', - ) } - - it { is_expected.to contain_yumrepo('ext-ceph-noarch').with( - :enabled => '1', - :descr => 'External Ceph noarch', - :name => 'ext-ceph-hammer-noarch', - :baseurl => 'http://download.ceph.com/rpm-hammer/el7/noarch', - :gpgcheck => '1', - :gpgkey => 'https://download.ceph.com/keys/release.asc', - :mirrorlist => 'absent', - :priority => '10', - :proxy => 'http://someproxy.com:8080/', - :proxy_username => 'proxyuser', - :proxy_password => 'proxypassword', - ) } - end - - describe "with ensure => absent to disable" do - let :params do - { - :ensure => 'absent', - :fastcgi => true - } - end - - it { is_expected.not_to contain_file_line('exclude base') } - - it { is_expected.to contain_yumrepo('ext-epel-7').with( - :enabled => '0', - :descr => 'External EPEL 7', - :name => 'ext-epel-7', - :baseurl => 'absent', - :gpgcheck => '1', - :gpgkey => 'https://dl.fedoraproject.org/pub/epel/RPM-GPG-KEY-EPEL-7', - :mirrorlist => 'http://mirrors.fedoraproject.org/metalink?repo=epel-7&arch=$basearch', - :priority => '20', - :exclude => 'python-ceph-compat python-rbd python-rados python-cephfs', - ) } - - it { is_expected.to contain_yumrepo('ext-ceph').with( - :enabled => '0', - :descr => 'External Ceph hammer', - :name => 'ext-ceph-hammer', - :baseurl => 'http://download.ceph.com/rpm-hammer/el7/$basearch', - :gpgcheck => '1', - :gpgkey => 'https://download.ceph.com/keys/release.asc', - :mirrorlist => 'absent', - :priority => '10' - ) } - - it { is_expected.to contain_yumrepo('ext-ceph-noarch').with( - :enabled => '0', - :descr => 'External Ceph noarch', - :name => 'ext-ceph-hammer-noarch', - :baseurl => 'http://download.ceph.com/rpm-hammer/el7/noarch', - :gpgcheck => '1', - :gpgkey => 'https://download.ceph.com/keys/release.asc', - :mirrorlist => 'absent', - :priority => '10' - ) } - - it { is_expected.to contain_yumrepo('ext-ceph-fastcgi').with( - :enabled => '0', - :descr => 'FastCGI basearch packages for Ceph', - :name => 'ext-ceph-fastcgi', - :baseurl => 'http://gitbuilder.ceph.com/mod_fastcgi-rpm-rhel7-x86_64-basic/ref/master', - :gpgcheck => '1', - :gpgkey => 'https://download.ceph.com/keys/autobuild.asc', - :mirrorlist => 'absent', - :priority => '20' - ) } - - end - - describe "with ceph fast-cgi" do - let :params do - { - :fastcgi => true - } - end - - it { is_expected.not_to contain_file_line('exclude base') } - - it { is_expected.to contain_yumrepo('ext-epel-7').with( - :enabled => '1', - :descr => 'External EPEL 7', - :name => 'ext-epel-7', - :baseurl => 'absent', - :gpgcheck => '1', - :gpgkey => 'https://dl.fedoraproject.org/pub/epel/RPM-GPG-KEY-EPEL-7', - :mirrorlist => 'http://mirrors.fedoraproject.org/metalink?repo=epel-7&arch=$basearch', - :priority => '20', - :exclude => 'python-ceph-compat python-rbd python-rados python-cephfs', - ) } - - it { is_expected.to contain_yumrepo('ext-ceph').with( - :enabled => '1', - :descr => 'External Ceph hammer', - :name => 'ext-ceph-hammer', - :baseurl => 'http://download.ceph.com/rpm-hammer/el7/$basearch', - :gpgcheck => '1', - :gpgkey => 'https://download.ceph.com/keys/release.asc', - :mirrorlist => 'absent', - :priority => '10' - ) } - - it { is_expected.to contain_yumrepo('ext-ceph-noarch').with( - :enabled => '1', - :descr => 'External Ceph noarch', - :name => 'ext-ceph-hammer-noarch', - :baseurl => 'http://download.ceph.com/rpm-hammer/el7/noarch', - :gpgcheck => '1', - :gpgkey => 'https://download.ceph.com/keys/release.asc', - :mirrorlist => 'absent', - :priority => '10' - ) } - - it { is_expected.to contain_yumrepo('ext-ceph-fastcgi').with( - :enabled => '1', - :descr => 'FastCGI basearch packages for Ceph', - :name => 'ext-ceph-fastcgi', - :baseurl => 'http://gitbuilder.ceph.com/mod_fastcgi-rpm-rhel7-x86_64-basic/ref/master', - :gpgcheck => '1', - :gpgkey => 'https://download.ceph.com/keys/autobuild.asc', - :mirrorlist => 'absent', - :priority => '20' - ) } - - end - end - - describe 'CentOS7' do - - let :facts do - { - :osfamily => 'RedHat', - :operatingsystem => 'CentOS', - :operatingsystemmajrelease => '7', - } - end - - describe "with default params" do - - it { is_expected.not_to contain_file_line('exclude base') } - - it { is_expected.to contain_yumrepo('ext-epel-7').with( - :enabled => '1', - :descr => 'External EPEL 7', - :name => 'ext-epel-7', - :baseurl => 'absent', - :gpgcheck => '1', - :gpgkey => 'https://dl.fedoraproject.org/pub/epel/RPM-GPG-KEY-EPEL-7', - :mirrorlist => 'http://mirrors.fedoraproject.org/metalink?repo=epel-7&arch=$basearch', - :priority => '20', - :exclude => 'python-ceph-compat python-rbd python-rados python-cephfs', - ) } - - it { is_expected.to contain_yumrepo('ext-ceph').with( - :enabled => '1', - :descr => 'External Ceph hammer', - :name => 'ext-ceph-hammer', - :baseurl => 'http://download.ceph.com/rpm-hammer/el7/$basearch', - :gpgcheck => '1', - :gpgkey => 'https://download.ceph.com/keys/release.asc', - :mirrorlist => 'absent', - :priority => '10' - ) } - - it { is_expected.to contain_yumrepo('ext-ceph-noarch').with( - :enabled => '1', - :descr => 'External Ceph noarch', - :name => 'ext-ceph-hammer-noarch', - :baseurl => 'http://download.ceph.com/rpm-hammer/el7/noarch', - :gpgcheck => '1', - :gpgkey => 'https://download.ceph.com/keys/release.asc', - :mirrorlist => 'absent', - :priority => '10' - ) } - end - - describe "when overriding ceph release" do - let :params do - { - :release => 'firefly' - } - end - - it { is_expected.to contain_file_line('exclude base').with( - :ensure => 'present', - :path => '/etc/yum.repos.d/CentOS-Base.repo', - :after => '^\[base\]$', - :line => 'exclude=python-ceph-compat python-rbd python-rados python-cephfs', - ) } - - it { is_expected.to contain_yumrepo('ext-epel-7').with( - :enabled => '1', - :descr => 'External EPEL 7', - :name => 'ext-epel-7', - :baseurl => 'absent', - :gpgcheck => '1', - :gpgkey => 'https://dl.fedoraproject.org/pub/epel/RPM-GPG-KEY-EPEL-7', - :mirrorlist => 'http://mirrors.fedoraproject.org/metalink?repo=epel-7&arch=$basearch', - :priority => '20', - :exclude => 'python-ceph-compat python-rbd python-rados python-cephfs', - ) } - - it { is_expected.to contain_yumrepo('ext-ceph').with( - :enabled => '1', - :descr => 'External Ceph firefly', - :name => 'ext-ceph-firefly', - :baseurl => 'http://download.ceph.com/rpm-firefly/el7/$basearch', - :gpgcheck => '1', - :gpgkey => 'https://download.ceph.com/keys/release.asc', - :mirrorlist => 'absent', - :priority => '10' - ) } - - it { is_expected.to contain_yumrepo('ext-ceph-noarch').with( - :enabled => '1', - :descr => 'External Ceph noarch', - :name => 'ext-ceph-firefly-noarch', - :baseurl => 'http://download.ceph.com/rpm-firefly/el7/noarch', - :gpgcheck => '1', - :gpgkey => 'https://download.ceph.com/keys/release.asc', - :mirrorlist => 'absent', - :priority => '10' - ) } - end - - describe "when using CentOS SIG repository" do - let :params do - { - :enable_sig => true, - } - end - - it { is_expected.to_not contain_file_line('exclude base') } - it { is_expected.to_not contain_yumrepo('ext-epel-7') } - it { is_expected.to_not contain_yumrepo('ext-ceph') } - it { is_expected.to_not contain_yumrepo('ext-ceph-noarch') } - it { is_expected.to contain_exec('installing_centos-release-ceph').with( - :command => '/usr/bin/yum install -y centos-release-ceph-hammer', - :logoutput => 'on_failure', - :tries => 3, - :try_sleep => 1, - :unless => '/usr/bin/rpm -qa | /usr/bin/grep -q centos-release-ceph-hammer', - ) } - it { is_expected.to contain_file_line('priority ceph repo') } - end - - describe "with ensure => absent to disable" do - let :params do - { - :ensure => 'absent', - :fastcgi => true - } - end - - it { is_expected.not_to contain_file_line('exclude base') } - - it { is_expected.to contain_yumrepo('ext-epel-7').with( - :enabled => '0', - :descr => 'External EPEL 7', - :name => 'ext-epel-7', - :baseurl => 'absent', - :gpgcheck => '1', - :gpgkey => 'https://dl.fedoraproject.org/pub/epel/RPM-GPG-KEY-EPEL-7', - :mirrorlist => 'http://mirrors.fedoraproject.org/metalink?repo=epel-7&arch=$basearch', - :priority => '20', - :exclude => 'python-ceph-compat python-rbd python-rados python-cephfs', - ) } - - it { is_expected.to contain_yumrepo('ext-ceph').with( - :enabled => '0', - :descr => 'External Ceph hammer', - :name => 'ext-ceph-hammer', - :baseurl => 'http://download.ceph.com/rpm-hammer/el7/$basearch', - :gpgcheck => '1', - :gpgkey => 'https://download.ceph.com/keys/release.asc', - :mirrorlist => 'absent', - :priority => '10' - ) } - - it { is_expected.to contain_yumrepo('ext-ceph-noarch').with( - :enabled => '0', - :descr => 'External Ceph noarch', - :name => 'ext-ceph-hammer-noarch', - :baseurl => 'http://download.ceph.com/rpm-hammer/el7/noarch', - :gpgcheck => '1', - :gpgkey => 'https://download.ceph.com/keys/release.asc', - :mirrorlist => 'absent', - :priority => '10' - ) } - - it { is_expected.to contain_yumrepo('ext-ceph-fastcgi').with( - :enabled => '0', - :descr => 'FastCGI basearch packages for Ceph', - :name => 'ext-ceph-fastcgi', - :baseurl => 'http://gitbuilder.ceph.com/mod_fastcgi-rpm-rhel7-x86_64-basic/ref/master', - :gpgcheck => '1', - :gpgkey => 'https://download.ceph.com/keys/autobuild.asc', - :mirrorlist => 'absent', - :priority => '20' - ) } - - end - - describe "with ceph fast-cgi" do - let :params do - { - :fastcgi => true - } - end - - it { is_expected.not_to contain_file_line('exclude base') } - - it { is_expected.to contain_yumrepo('ext-epel-7').with( - :enabled => '1', - :descr => 'External EPEL 7', - :name => 'ext-epel-7', - :baseurl => 'absent', - :gpgcheck => '1', - :gpgkey => 'https://dl.fedoraproject.org/pub/epel/RPM-GPG-KEY-EPEL-7', - :mirrorlist => 'http://mirrors.fedoraproject.org/metalink?repo=epel-7&arch=$basearch', - :priority => '20', - :exclude => 'python-ceph-compat python-rbd python-rados python-cephfs', - ) } - - it { is_expected.to contain_yumrepo('ext-ceph').with( - :enabled => '1', - :descr => 'External Ceph hammer', - :name => 'ext-ceph-hammer', - :baseurl => 'http://download.ceph.com/rpm-hammer/el7/$basearch', - :gpgcheck => '1', - :gpgkey => 'https://download.ceph.com/keys/release.asc', - :mirrorlist => 'absent', - :priority => '10' - ) } - - it { is_expected.to contain_yumrepo('ext-ceph-noarch').with( - :enabled => '1', - :descr => 'External Ceph noarch', - :name => 'ext-ceph-hammer-noarch', - :baseurl => 'http://download.ceph.com/rpm-hammer/el7/noarch', - :gpgcheck => '1', - :gpgkey => 'https://download.ceph.com/keys/release.asc', - :mirrorlist => 'absent', - :priority => '10' - ) } - - it { is_expected.to contain_yumrepo('ext-ceph-fastcgi').with( - :enabled => '1', - :descr => 'FastCGI basearch packages for Ceph', - :name => 'ext-ceph-fastcgi', - :baseurl => 'http://gitbuilder.ceph.com/mod_fastcgi-rpm-rhel7-x86_64-basic/ref/master', - :gpgcheck => '1', - :gpgkey => 'https://download.ceph.com/keys/autobuild.asc', - :mirrorlist => 'absent', - :priority => '20' - ) } - - end - end - -end diff --git a/ceph/spec/classes/ceph_spec.rb b/ceph/spec/classes/ceph_spec.rb deleted file mode 100644 index e69de29bb..000000000 diff --git a/ceph/spec/defines/ceph_key_spec.rb b/ceph/spec/defines/ceph_key_spec.rb deleted file mode 100644 index 105931ef7..000000000 --- a/ceph/spec/defines/ceph_key_spec.rb +++ /dev/null @@ -1,87 +0,0 @@ -# -# Copyright (C) 2014 Catalyst IT Limited. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# Author: Ricardo Rocha -# - -require 'spec_helper' - -describe 'ceph::key' do - - shared_examples_for 'ceph key' do - - describe "with custom params" do - - let :title do - 'client.admin' - end - - let :params do - { - :secret => 'supersecret', - :user => 'nobody', - :group => 'nogroup', - :cap_mon => 'allow *', - :cap_osd => 'allow rw', - :inject => true, - } - end - - it { - is_expected.to contain_exec('ceph-key-client.admin').with( - 'command' => "/bin/true # comment to satisfy puppet syntax requirements\nset -ex\nceph-authtool /etc/ceph/ceph.client.admin.keyring --name 'client.admin' --add-key 'supersecret' --cap mon 'allow *' --cap osd 'allow rw' " - ) - is_expected.to contain_file('/etc/ceph/ceph.client.admin.keyring').with( - 'owner' => 'nobody', - 'group' => 'nogroup', - 'mode' => '0600' - ) - is_expected.to contain_exec('ceph-injectkey-client.admin').with( - 'command' => "/bin/true # comment to satisfy puppet syntax requirements\nset -ex\nceph auth import -i /etc/ceph/ceph.client.admin.keyring" - ) - } - - end - end - - describe 'Debian Family' do - - let :facts do - { - :osfamily => 'Debian', - } - end - - it_configures 'ceph key' - end - - describe 'RedHat Family' do - - let :facts do - { - :osfamily => 'RedHat', - } - end - - it_configures 'ceph key' - end -end - -# Local Variables: -# compile-command: "cd ../.. ; -# bundle install ; -# bundle exec rake spec -# " -# End: diff --git a/ceph/spec/defines/ceph_mon_spec.rb b/ceph/spec/defines/ceph_mon_spec.rb deleted file mode 100644 index 13f94b141..000000000 --- a/ceph/spec/defines/ceph_mon_spec.rb +++ /dev/null @@ -1,599 +0,0 @@ -# Copyright (C) 2013 Cloudwatt -# Copyright (C) 2013, 2014 iWeb Technologies Inc. -# Copyright (C) 2014 Nine Internet Solutions AG -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# Author: Loic Dachary -# Author: David Moreau Simard -# Author: David Gurtner -# -require 'spec_helper' - -describe 'ceph::mon' do - - context 'Ubuntu 14.04' do - - let :facts do - { - :osfamily => 'Debian', - :operatingsystem => 'Ubuntu', - :operatingsystemrelease => '14.04', - :service_provider => 'upstart', - } - end - - describe 'with default params' do - - let :title do - 'A' - end - - it { - expect { - is_expected.to contain_service('ceph-mon-A').with('ensure' => 'running') - }.to raise_error(Puppet::Error, /authentication_type cephx requires either key or keyring to be set but both are undef/) - } - end - - describe 'with key' do - - let :title do - 'A' - end - - let :params do - { - :key => 'AQATGHJTUCBqIBAA7M2yafV1xctn1pgr3GcKPg==', - } - end - - it { is_expected.to contain_service('ceph-mon-A').with('ensure' => 'running') } - it { is_expected.to contain_exec('create-keyring-A').with( - 'command' => '/bin/true # comment to satisfy puppet syntax requirements -set -ex -cat > /tmp/ceph-mon-keyring-A << EOF -[mon.] - key = AQATGHJTUCBqIBAA7M2yafV1xctn1pgr3GcKPg== - caps mon = "allow *" -EOF - -chmod 0444 /tmp/ceph-mon-keyring-A -', - 'unless' => '/bin/true # comment to satisfy puppet syntax requirements -set -ex -mon_data=$(ceph-mon --id A --show-config-value mon_data) || exit 1 # if ceph-mon fails then the mon is probably not configured yet -test -e $mon_data/done -') } - it { is_expected.to contain_exec('ceph-mon-ceph.client.admin.keyring-A').with( - 'command' => '/bin/true # comment to satisfy puppet syntax requirements -set -ex -touch /etc/ceph/ceph.client.admin.keyring' - ) } - it { is_expected.to contain_exec('ceph-mon-mkfs-A').with( - 'command' => "/bin/true # comment to satisfy puppet syntax requirements -set -ex -mon_data=\$(ceph-mon --id A --show-config-value mon_data) -if [ ! -d \$mon_data ] ; then - mkdir -p \$mon_data - if ceph-mon \ - --mkfs \ - --id A \ - --keyring /tmp/ceph-mon-keyring-A ; then - touch \$mon_data/done \$mon_data/upstart \$mon_data/keyring - else - rm -fr \$mon_data - fi -fi -", - 'logoutput' => true) } - it { is_expected.to contain_exec('rm-keyring-A').with('command' => '/bin/rm /tmp/ceph-mon-keyring-A') } - end - - describe 'with keyring' do - - let :title do - 'A' - end - - let :params do - { - :keyring => '/etc/ceph/ceph.mon.keyring', - } - end - - it { is_expected.to contain_service('ceph-mon-A').with('ensure' => 'running') } - it { is_expected.to contain_exec('ceph-mon-ceph.client.admin.keyring-A').with( - 'command' => '/bin/true # comment to satisfy puppet syntax requirements -set -ex -touch /etc/ceph/ceph.client.admin.keyring' - ) } - it { is_expected.to contain_exec('ceph-mon-mkfs-A').with( - 'command' => "/bin/true # comment to satisfy puppet syntax requirements -set -ex -mon_data=\$(ceph-mon --id A --show-config-value mon_data) -if [ ! -d \$mon_data ] ; then - mkdir -p \$mon_data - if ceph-mon \ - --mkfs \ - --id A \ - --keyring /etc/ceph/ceph.mon.keyring ; then - touch \$mon_data/done \$mon_data/upstart \$mon_data/keyring - else - rm -fr \$mon_data - fi -fi -", - 'logoutput' => true) } - end - - describe 'with custom params' do - - let :title do - 'A' - end - - let :params do - { - :public_addr => '127.0.0.1', - :authentication_type => 'none', - :cluster => 'testcluster', - } - end - - it { is_expected.to contain_service('ceph-mon-A').with('ensure' => 'running') } - it { is_expected.to contain_ceph_config('mon.A/public_addr').with_value("127.0.0.1") } - it { is_expected.to contain_exec('ceph-mon-testcluster.client.admin.keyring-A').with( - 'command' => '/bin/true # comment to satisfy puppet syntax requirements -set -ex -touch /etc/ceph/testcluster.client.admin.keyring' - ) } - it { is_expected.to contain_exec('ceph-mon-mkfs-A').with( - 'command' => "/bin/true # comment to satisfy puppet syntax requirements -set -ex -mon_data=\$(ceph-mon --cluster testcluster --id A --show-config-value mon_data) -if [ ! -d \$mon_data ] ; then - mkdir -p \$mon_data - if ceph-mon --cluster testcluster \ - --mkfs \ - --id A \ - --keyring /dev/null ; then - touch \$mon_data/done \$mon_data/upstart \$mon_data/keyring - else - rm -fr \$mon_data - fi -fi -", - 'logoutput' => true) } - end - - describe 'with ensure absent' do - - let :title do - 'A' - end - - let :params do - { - :ensure => 'absent', - :public_addr => '127.0.0.1', - :authentication_type => 'none', - :cluster => 'testcluster', - } - end - - it { is_expected.to contain_service('ceph-mon-A').with('ensure' => 'stopped') } - it { is_expected.to contain_exec('remove-mon-A').with( - 'command' => "/bin/true # comment to satisfy puppet syntax requirements -set -ex -mon_data=\$(ceph-mon --cluster testcluster --id A --show-config-value mon_data) -rm -fr \$mon_data -", - 'unless' => "/bin/true # comment to satisfy puppet syntax requirements -set -ex -which ceph-mon || exit 0 # if ceph-mon is not available we already uninstalled ceph and there is nothing to do -mon_data=\$(ceph-mon --cluster testcluster --id A --show-config-value mon_data) -test ! -d \$mon_data -", - 'logoutput' => true) } - end - end - - context 'Ubuntu 16.04' do - - let :facts do - { - :osfamily => 'Debian', - :operatingsystem => 'Ubuntu', - :operatingsystemrelease => '16.04', - :service_provider => 'systemd', - } - end - - describe 'with default params' do - - let :title do - 'A' - end - - it { - expect { - is_expected.to contain_service('ceph-mon-A').with('ensure' => 'running') - }.to raise_error(Puppet::Error, /authentication_type cephx requires either key or keyring to be set but both are undef/) - } - end - - describe 'with key' do - - let :title do - 'A' - end - - let :params do - { - :key => 'AQATGHJTUCBqIBAA7M2yafV1xctn1pgr3GcKPg==', - } - end - - it { is_expected.to contain_service('ceph-mon-A').with('ensure' => 'running') } - it { is_expected.to contain_exec('create-keyring-A').with( - 'command' => '/bin/true # comment to satisfy puppet syntax requirements -set -ex -cat > /tmp/ceph-mon-keyring-A << EOF -[mon.] - key = AQATGHJTUCBqIBAA7M2yafV1xctn1pgr3GcKPg== - caps mon = "allow *" -EOF - -chmod 0444 /tmp/ceph-mon-keyring-A -', - 'unless' => '/bin/true # comment to satisfy puppet syntax requirements -set -ex -mon_data=$(ceph-mon --id A --show-config-value mon_data) || exit 1 # if ceph-mon fails then the mon is probably not configured yet -test -e $mon_data/done -') } - it { is_expected.to contain_exec('ceph-mon-ceph.client.admin.keyring-A').with( - 'command' => '/bin/true # comment to satisfy puppet syntax requirements -set -ex -touch /etc/ceph/ceph.client.admin.keyring' - ) } - it { is_expected.to contain_exec('ceph-mon-mkfs-A').with( - 'command' => "/bin/true # comment to satisfy puppet syntax requirements -set -ex -mon_data=\$(ceph-mon --id A --show-config-value mon_data) -if [ ! -d \$mon_data ] ; then - mkdir -p \$mon_data - if ceph-mon \ - --mkfs \ - --id A \ - --keyring /tmp/ceph-mon-keyring-A ; then - touch \$mon_data/done \$mon_data/sysvinit \$mon_data/keyring - else - rm -fr \$mon_data - fi -fi -", - 'logoutput' => true) } - it { is_expected.to contain_exec('rm-keyring-A').with('command' => '/bin/rm /tmp/ceph-mon-keyring-A') } - end - - describe 'with keyring' do - - let :title do - 'A' - end - - let :params do - { - :keyring => '/etc/ceph/ceph.mon.keyring', - } - end - - it { is_expected.to contain_service('ceph-mon-A').with('ensure' => 'running') } - it { is_expected.to contain_exec('ceph-mon-ceph.client.admin.keyring-A').with( - 'command' => '/bin/true # comment to satisfy puppet syntax requirements -set -ex -touch /etc/ceph/ceph.client.admin.keyring' - ) } - it { is_expected.to contain_exec('ceph-mon-mkfs-A').with( - 'command' => "/bin/true # comment to satisfy puppet syntax requirements -set -ex -mon_data=\$(ceph-mon --id A --show-config-value mon_data) -if [ ! -d \$mon_data ] ; then - mkdir -p \$mon_data - if ceph-mon \ - --mkfs \ - --id A \ - --keyring /etc/ceph/ceph.mon.keyring ; then - touch \$mon_data/done \$mon_data/sysvinit \$mon_data/keyring - else - rm -fr \$mon_data - fi -fi -", - 'logoutput' => true) } - end - - describe 'with custom params' do - - let :title do - 'A' - end - - let :params do - { - :public_addr => '127.0.0.1', - :authentication_type => 'none', - :cluster => 'testcluster', - } - end - - it { is_expected.to contain_service('ceph-mon-A').with('ensure' => 'running') } - it { is_expected.to contain_ceph_config('mon.A/public_addr').with_value("127.0.0.1") } - it { is_expected.to contain_exec('ceph-mon-testcluster.client.admin.keyring-A').with( - 'command' => '/bin/true # comment to satisfy puppet syntax requirements -set -ex -touch /etc/ceph/testcluster.client.admin.keyring' - ) } - it { is_expected.to contain_exec('ceph-mon-mkfs-A').with( - 'command' => "/bin/true # comment to satisfy puppet syntax requirements -set -ex -mon_data=\$(ceph-mon --cluster testcluster --id A --show-config-value mon_data) -if [ ! -d \$mon_data ] ; then - mkdir -p \$mon_data - if ceph-mon --cluster testcluster \ - --mkfs \ - --id A \ - --keyring /dev/null ; then - touch \$mon_data/done \$mon_data/sysvinit \$mon_data/keyring - else - rm -fr \$mon_data - fi -fi -", - 'logoutput' => true) } - end - - describe 'with ensure absent' do - - let :title do - 'A' - end - - let :params do - { - :ensure => 'absent', - :public_addr => '127.0.0.1', - :authentication_type => 'none', - :cluster => 'testcluster', - } - end - - it { is_expected.to contain_service('ceph-mon-A').with('ensure' => 'stopped') } - it { is_expected.to contain_exec('remove-mon-A').with( - 'command' => "/bin/true # comment to satisfy puppet syntax requirements -set -ex -mon_data=\$(ceph-mon --cluster testcluster --id A --show-config-value mon_data) -rm -fr \$mon_data -", - 'unless' => "/bin/true # comment to satisfy puppet syntax requirements -set -ex -which ceph-mon || exit 0 # if ceph-mon is not available we already uninstalled ceph and there is nothing to do -mon_data=\$(ceph-mon --cluster testcluster --id A --show-config-value mon_data) -test ! -d \$mon_data -", - 'logoutput' => true) } - end - end - - context 'RHEL7' do - - let :facts do - { - :osfamily => 'RedHat', - :operatingsystem => 'RHEL7', - } - end - - describe 'with default params' do - - let :title do - 'A' - end - - it { - expect { - is_expected.to contain_service('ceph-mon-A').with('ensure' => 'running') - }.to raise_error(Puppet::Error, /authentication_type cephx requires either key or keyring to be set but both are undef/) - } - end - - describe 'with key' do - - let :title do - 'A' - end - - let :params do - { - :key => 'AQATGHJTUCBqIBAA7M2yafV1xctn1pgr3GcKPg==', - } - end - - it { is_expected.to contain_service('ceph-mon-A').with('ensure' => 'running') } - it { is_expected.to contain_exec('create-keyring-A').with( - 'command' => '/bin/true # comment to satisfy puppet syntax requirements -set -ex -cat > /tmp/ceph-mon-keyring-A << EOF -[mon.] - key = AQATGHJTUCBqIBAA7M2yafV1xctn1pgr3GcKPg== - caps mon = "allow *" -EOF - -chmod 0444 /tmp/ceph-mon-keyring-A -', - 'unless' => '/bin/true # comment to satisfy puppet syntax requirements -set -ex -mon_data=$(ceph-mon --id A --show-config-value mon_data) || exit 1 # if ceph-mon fails then the mon is probably not configured yet -test -e $mon_data/done -') } - it { is_expected.to contain_exec('ceph-mon-ceph.client.admin.keyring-A').with( - 'command' => '/bin/true # comment to satisfy puppet syntax requirements -set -ex -touch /etc/ceph/ceph.client.admin.keyring', - 'unless' => '/bin/true # comment to satisfy puppet syntax requirements -set -ex -test -e /etc/ceph/ceph.client.admin.keyring' - ) } - it { is_expected.to contain_exec('ceph-mon-mkfs-A').with( - 'command' => "/bin/true # comment to satisfy puppet syntax requirements -set -ex -mon_data=\$(ceph-mon --id A --show-config-value mon_data) -if [ ! -d \$mon_data ] ; then - mkdir -p \$mon_data - if ceph-mon \ - --mkfs \ - --id A \ - --keyring /tmp/ceph-mon-keyring-A ; then - touch \$mon_data/done \$mon_data/sysvinit \$mon_data/keyring - else - rm -fr \$mon_data - fi -fi -", - 'logoutput' => true) } - it { is_expected.to contain_exec('rm-keyring-A').with( - 'command' => '/bin/rm /tmp/ceph-mon-keyring-A', - 'unless' => '/bin/true # comment to satisfy puppet syntax requirements -set -ex -test ! -e /tmp/ceph-mon-keyring-A -') } - end - - describe 'with keyring' do - - let :title do - 'A' - end - - let :params do - { - :keyring => '/etc/ceph/ceph.mon.keyring', - } - end - - it { is_expected.to contain_service('ceph-mon-A').with('ensure' => 'running') } - it { is_expected.to contain_exec('ceph-mon-ceph.client.admin.keyring-A').with( - 'command' => '/bin/true # comment to satisfy puppet syntax requirements -set -ex -touch /etc/ceph/ceph.client.admin.keyring' - ) } - it { is_expected.to contain_exec('ceph-mon-mkfs-A').with( - 'command' => "/bin/true # comment to satisfy puppet syntax requirements -set -ex -mon_data=\$(ceph-mon --id A --show-config-value mon_data) -if [ ! -d \$mon_data ] ; then - mkdir -p \$mon_data - if ceph-mon \ - --mkfs \ - --id A \ - --keyring /etc/ceph/ceph.mon.keyring ; then - touch \$mon_data/done \$mon_data/sysvinit \$mon_data/keyring - else - rm -fr \$mon_data - fi -fi -", - 'logoutput' => true) } - end - - describe 'with custom params' do - - let :title do - 'A' - end - - let :params do - { - :public_addr => '127.0.0.1', - :authentication_type => 'none', - :cluster => 'testcluster', - } - end - - it { is_expected.to contain_service('ceph-mon-A').with('ensure' => 'running') } - it { is_expected.to contain_ceph_config('mon.A/public_addr').with_value("127.0.0.1") } - it { is_expected.to contain_exec('ceph-mon-testcluster.client.admin.keyring-A').with( - 'command' => '/bin/true # comment to satisfy puppet syntax requirements -set -ex -touch /etc/ceph/testcluster.client.admin.keyring' - ) } - it { is_expected.to contain_exec('ceph-mon-mkfs-A').with( - 'command' => "/bin/true # comment to satisfy puppet syntax requirements -set -ex -mon_data=\$(ceph-mon --cluster testcluster --id A --show-config-value mon_data) -if [ ! -d \$mon_data ] ; then - mkdir -p \$mon_data - if ceph-mon --cluster testcluster \ - --mkfs \ - --id A \ - --keyring /dev/null ; then - touch \$mon_data/done \$mon_data/sysvinit \$mon_data/keyring - else - rm -fr \$mon_data - fi -fi -", - 'logoutput' => true) } - end - - describe 'with ensure absent' do - - let :title do - 'A' - end - - let :params do - { - :ensure => 'absent', - :public_addr => '127.0.0.1', - :authentication_type => 'none', - :cluster => 'testcluster', - } - end - - it { is_expected.to contain_service('ceph-mon-A').with('ensure' => 'stopped') } - it { is_expected.to contain_exec('remove-mon-A').with( - 'command' => "/bin/true # comment to satisfy puppet syntax requirements -set -ex -mon_data=\$(ceph-mon --cluster testcluster --id A --show-config-value mon_data) -rm -fr \$mon_data -", - 'unless' => "/bin/true # comment to satisfy puppet syntax requirements -set -ex -which ceph-mon || exit 0 # if ceph-mon is not available we already uninstalled ceph and there is nothing to do -mon_data=\$(ceph-mon --cluster testcluster --id A --show-config-value mon_data) -test ! -d \$mon_data -", - 'logoutput' => true) } - end - end -end - -# Local Variables: -# compile-command: "cd ../.. ; -# export BUNDLE_PATH=/tmp/vendor ; -# bundle install ; -# bundle exec rake spec -# " -# End: diff --git a/ceph/spec/defines/ceph_osd_spec.rb b/ceph/spec/defines/ceph_osd_spec.rb deleted file mode 100644 index 3d8325699..000000000 --- a/ceph/spec/defines/ceph_osd_spec.rb +++ /dev/null @@ -1,225 +0,0 @@ -# -# Copyright (C) 2014 Cloudwatt -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# Author: Loic Dachary -# Author: David Gurtner -# - -require 'spec_helper' - -describe 'ceph::osd' do - - shared_examples_for 'ceph osd' do - - describe "with default params" do - - let :title do - '/srv' - end - - it { is_expected.to contain_exec('ceph-osd-check-udev-/srv').with( - 'command' => "/bin/true # comment to satisfy puppet syntax requirements -# Before Infernalis the udev rules race causing the activation to fail so we -# disable them. More at: http://www.spinics.net/lists/ceph-devel/msg28436.html -mv -f /usr/lib/udev/rules.d/95-ceph-osd.rules /usr/lib/udev/rules.d/95-ceph-osd.rules.disabled && udevadm control --reload || true -", - 'onlyif' => "/bin/true # comment to satisfy puppet syntax requirements -set -ex -DISABLE_UDEV=\$(ceph --version | awk 'match(\$3, /[0-9]\\.[0-9]+/) {if (substr(\$3, RSTART, RLENGTH) <= 0.94) {print 1}}') -test -f /usr/lib/udev/rules.d/95-ceph-osd.rules && test \$DISABLE_UDEV -eq 1 -", - 'logoutput' => true, - ) } - it { is_expected.to contain_exec('ceph-osd-prepare-/srv').with( - 'command' => "/bin/true # comment to satisfy puppet syntax requirements -set -ex -if ! test -b /srv ; then - mkdir -p /srv -fi -ceph-disk prepare /srv -udevadm settle -", - 'unless' => "/bin/true # comment to satisfy puppet syntax requirements -set -ex -ceph-disk list | grep -E ' */srv1? .*ceph data, (prepared|active)' || -{ test -f /srv/fsid && test -f /srv/ceph_fsid && test -f /srv/magic ;} -", - 'logoutput' => true - ) } - it { is_expected.to contain_exec('ceph-osd-activate-/srv').with( - 'command' => "/bin/true # comment to satisfy puppet syntax requirements -set -ex -if ! test -b /srv ; then - mkdir -p /srv -fi -# activate happens via udev when using the entire device -if ! test -b /srv || ! test -b /srv1 ; then - ceph-disk activate /srv || true -fi -if test -f /usr/lib/udev/rules.d/95-ceph-osd.rules.disabled && test -b /srv1 ; then - ceph-disk activate /srv1 || true -fi -", - 'unless' => "/bin/true # comment to satisfy puppet syntax requirements -set -ex -ls -ld /var/lib/ceph/osd/ceph-* | grep ' /srv\$' -", - 'logoutput' => true - ) } - end - - describe "with custom params" do - - let :title do - '/srv/data' - end - - let :params do - { - :cluster => 'testcluster', - :journal => '/srv/journal', - } - end - - it { is_expected.to contain_exec('ceph-osd-check-udev-/srv/data').with( - 'command' => "/bin/true # comment to satisfy puppet syntax requirements -# Before Infernalis the udev rules race causing the activation to fail so we -# disable them. More at: http://www.spinics.net/lists/ceph-devel/msg28436.html -mv -f /usr/lib/udev/rules.d/95-ceph-osd.rules /usr/lib/udev/rules.d/95-ceph-osd.rules.disabled && udevadm control --reload || true -", - 'onlyif' => "/bin/true # comment to satisfy puppet syntax requirements -set -ex -DISABLE_UDEV=\$(ceph --version | awk 'match(\$3, /[0-9]\\.[0-9]+/) {if (substr(\$3, RSTART, RLENGTH) <= 0.94) {print 1}}') -test -f /usr/lib/udev/rules.d/95-ceph-osd.rules && test \$DISABLE_UDEV -eq 1 -", - 'logoutput' => true, - ) } - it { is_expected.to contain_exec('ceph-osd-prepare-/srv/data').with( - 'command' => "/bin/true # comment to satisfy puppet syntax requirements -set -ex -if ! test -b /srv/data ; then - mkdir -p /srv/data -fi -ceph-disk prepare --cluster testcluster /srv/data /srv/journal -udevadm settle -", - 'unless' => "/bin/true # comment to satisfy puppet syntax requirements -set -ex -ceph-disk list | grep -E ' */srv/data1? .*ceph data, (prepared|active)' || -{ test -f /srv/data/fsid && test -f /srv/data/ceph_fsid && test -f /srv/data/magic ;} -", - 'logoutput' => true - ) } - it { is_expected.to contain_exec('ceph-osd-activate-/srv/data').with( - 'command' => "/bin/true # comment to satisfy puppet syntax requirements -set -ex -if ! test -b /srv/data ; then - mkdir -p /srv/data -fi -# activate happens via udev when using the entire device -if ! test -b /srv/data || ! test -b /srv/data1 ; then - ceph-disk activate /srv/data || true -fi -if test -f /usr/lib/udev/rules.d/95-ceph-osd.rules.disabled && test -b /srv/data1 ; then - ceph-disk activate /srv/data1 || true -fi -", - 'unless' => "/bin/true # comment to satisfy puppet syntax requirements -set -ex -ls -ld /var/lib/ceph/osd/testcluster-* | grep ' /srv/data\$' -", - 'logoutput' => true - ) } - end - - describe "with ensure absent" do - - let :title do - '/srv' - end - - let :params do - { - :ensure => 'absent', - } - end - - it { is_expected.to contain_exec('remove-osd-/srv').with( - 'command' => "/bin/true # comment to satisfy puppet syntax requirements -set -ex -if [ -z \"\$id\" ] ; then - id=\$(ceph-disk list | sed -nEe 's:^ */srv1? .*(ceph data|mounted on).*osd\\.([0-9]+).*:\\2:p') -fi -if [ -z \"\$id\" ] ; then - id=\$(ls -ld /var/lib/ceph/osd/ceph-* | sed -nEe 's:.*/ceph-([0-9]+) *-> */srv\$:\\1:p' || true) -fi -if [ \"\$id\" ] ; then - stop ceph-osd cluster=ceph id=\$id || true - service ceph stop osd.\$id || true - ceph osd crush remove osd.\$id - ceph auth del osd.\$id - ceph osd rm \$id - rm -fr /var/lib/ceph/osd/ceph-\$id/* - umount /var/lib/ceph/osd/ceph-\$id || true - rm -fr /var/lib/ceph/osd/ceph-\$id -fi -", - 'unless' => "/bin/true # comment to satisfy puppet syntax requirements -set -ex -if [ -z \"\$id\" ] ; then - id=\$(ceph-disk list | sed -nEe 's:^ */srv1? .*(ceph data|mounted on).*osd\\.([0-9]+).*:\\2:p') -fi -if [ -z \"\$id\" ] ; then - id=\$(ls -ld /var/lib/ceph/osd/ceph-* | sed -nEe 's:.*/ceph-([0-9]+) *-> */srv\$:\\1:p' || true) -fi -if [ \"\$id\" ] ; then - test ! -d /var/lib/ceph/osd/ceph-\$id -else - true # if there is no id we do nothing -fi -", - 'logoutput' => true - ) } - end - end - - context 'Debian Family' do - let :facts do - { - :osfamily => 'Debian', - } - end - - it_configures 'ceph osd' - end - - context 'RedHat Family' do - - let :facts do - { - :osfamily => 'RedHat', - } - end - - it_configures 'ceph osd' - end -end - -# Local Variables: -# compile-command: "cd ../.. ; -# bundle install ; -# bundle exec rake spec -# " -# End: diff --git a/ceph/spec/defines/ceph_pool_spec.rb b/ceph/spec/defines/ceph_pool_spec.rb deleted file mode 100644 index 97e171588..000000000 --- a/ceph/spec/defines/ceph_pool_spec.rb +++ /dev/null @@ -1,107 +0,0 @@ -# -# Copyright (C) 2014 Catalyst IT Limited. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# Author: Ricardo Rocha -# - -require 'spec_helper' - -describe 'ceph::pool' do - - shared_examples_for 'ceph pool' do - describe "create with custom params" do - - let :title do - 'volumes' - end - - let :params do - { - :ensure => 'present', - :pg_num => 3, - :pgp_num => 4, - :size => 2, - } - end - - it { - is_expected.to contain_exec('create-volumes').with( - 'command' => "/bin/true # comment to satisfy puppet syntax requirements\nset -ex\nceph osd pool create volumes 3" - ) - is_expected.to contain_exec('set-volumes-pg_num').with( - 'command' => "/bin/true # comment to satisfy puppet syntax requirements\nset -ex\nceph osd pool set volumes pg_num 3" - ) - is_expected.to contain_exec('set-volumes-pgp_num').with( - 'command' => "/bin/true # comment to satisfy puppet syntax requirements\nset -ex\nceph osd pool set volumes pgp_num 4" - ) - is_expected.to contain_exec('set-volumes-size').with( - 'command' => "/bin/true # comment to satisfy puppet syntax requirements\nset -ex\nceph osd pool set volumes size 2" - ) - is_expected.not_to contain_exec('delete-volumes') - } - - end - - describe "delete with custom params" do - - let :title do - 'volumes' - end - - let :params do - { - :ensure => 'absent', - } - end - - it { - is_expected.not_to contain_exec('create-volumes') - is_expected.to contain_exec('delete-volumes').with( - 'command' => "/bin/true # comment to satisfy puppet syntax requirements\nset -ex\nceph osd pool delete volumes volumes --yes-i-really-really-mean-it" - ) - } - - end - end - - describe 'Debian Family' do - - let :facts do - { - :osfamily => 'Debian', - } - end - - it_configures 'ceph pool' - end - - describe 'RedHat Family' do - - let :facts do - { - :osfamily => 'RedHat', - } - end - - it_configures 'ceph pool' - end -end - -# Local Variables: -# compile-command: "cd ../.. ; -# bundle install ; -# bundle exec rake spec -# " -# End: diff --git a/ceph/spec/defines/ceph_rgw_apache_fastcgi_spec.rb b/ceph/spec/defines/ceph_rgw_apache_fastcgi_spec.rb deleted file mode 100644 index 2ac9d2725..000000000 --- a/ceph/spec/defines/ceph_rgw_apache_fastcgi_spec.rb +++ /dev/null @@ -1,249 +0,0 @@ -# -# Copyright (C) 2014 Catalyst IT Limited. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# Author: Ricardo Rocha -# Author: David Gurtner -# -require 'spec_helper' - -describe 'ceph::rgw::apache_fastcgi' do - - let :pre_condition do - "include ceph::params - class { 'ceph::repo': - fastcgi => true, - }" - end - - describe 'Debian Family' do - - let :facts do - { - :concat_basedir => '/var/lib/puppet/concat', - :fqdn => 'myhost.domain', - :hostname => 'myhost', - :osfamily => 'Debian', - :operatingsystem => 'Ubuntu', - :lsbdistid => 'Ubuntu', - :operatingsystemrelease => '14.04', - :lsbdistcodename => 'trusty', - :pkg_fastcgi => 'libapache2-mod-fastcgi', - } - end - - describe 'activated with default params' do - - let :title do - 'radosgw.gateway' - end - - it { is_expected.to contain_apache__vhost('myhost.domain-radosgw').with( { - 'servername' => 'myhost.domain', - 'serveradmin' => 'root@localhost', - 'port' => 80, - 'docroot' => '/var/www', - 'rewrite_rule' => '^/([a-zA-Z0-9-_.]*)([/]?.*) /s3gw.fcgi?page=$1¶ms=$2&%{QUERY_STRING} [E=HTTP_AUTHORIZATION:%{HTTP:Authorization},L]', - 'access_log' => true, - 'error_log' => true, - 'fastcgi_server' => '/var/www/s3gw.fcgi', - 'fastcgi_socket' => '/tmp/radosgw.sock', - 'fastcgi_dir' => '/var/www', - })} - - it { is_expected.to contain_class('apache').with( - 'default_mods' => false, - 'default_vhost' => false, - 'purge_configs' => true, - 'purge_vhost_dir' => true, - )} - it { is_expected.to contain_class('apache::mod::alias') } - it { is_expected.to contain_class('apache::mod::auth_basic') } - it { is_expected.to contain_class('apache::mod::fastcgi') } - it { is_expected.to contain_class('apache::mod::mime') } - it { is_expected.to contain_class('apache::mod::rewrite') } - - it { is_expected.to contain_file('/var/www/s3gw.fcgi').with({ - 'ensure' => 'file', - 'owner' => 'root', - 'group' => 'root', - 'mode' => '0750', - 'content' => "#!/bin/sh -exec /usr/bin/radosgw -c /etc/ceph/ceph.conf -n radosgw.gateway", - })} - - end - - describe "activated with custom params" do - - let :title do - 'myid' - end - - let :params do - { - :rgw_dns_name => 'mydns.hostname', - :rgw_socket_path => '/some/location/radosgw.sock', - :rgw_port => 1111, - :admin_email => 'admin@hostname', - :fcgi_file => '/some/fcgi/filepath', - :syslog => false, - :apache_mods => true, - :apache_vhost => true, - :apache_purge_configs => false, - :apache_purge_vhost => false, - :custom_apache_ports => '8888', - } - end - - it { is_expected.to contain_apache__vhost('mydns.hostname-radosgw').with( { - 'servername' => 'mydns.hostname', - 'serveradmin' => 'admin@hostname', - 'port' => 1111, - 'docroot' => '/var/www', - 'rewrite_rule' => '^/([a-zA-Z0-9-_.]*)([/]?.*) /s3gw.fcgi?page=$1¶ms=$2&%{QUERY_STRING} [E=HTTP_AUTHORIZATION:%{HTTP:Authorization},L]', - 'access_log' => false, - 'error_log' => false, - 'fastcgi_server' => '/some/fcgi/filepath', - 'fastcgi_socket' => '/some/location/radosgw.sock', - 'fastcgi_dir' => '/var/www', - } ) } - - it { is_expected.to contain_class('apache').with( - 'default_mods' => true, - 'default_vhost' => true, - 'purge_configs' => false, - 'purge_vhost_dir' => false, - )} - it { is_expected.to contain_apache__listen('8888') } - it { is_expected.to contain_class('apache::mod::alias') } - it { is_expected.to contain_class('apache::mod::fastcgi') } - it { is_expected.to contain_class('apache::mod::mime') } - it { is_expected.to contain_class('apache::mod::rewrite') } - - it { is_expected.to contain_file('/some/fcgi/filepath') } - - end - end - - describe 'RedHat Family' do - - let :facts do - { - :concat_basedir => '/var/lib/puppet/concat', - :fqdn => 'myhost.domain', - :hostname => 'myhost', - :osfamily => 'RedHat', - :operatingsystem => 'RedHat', - :operatingsystemrelease => '7.2', - :operatingsystemmajrelease => '7', - :pkg_fastcgi => 'libapache2-mod-fastcgi', - } - end - - describe 'activated with default params' do - - let :title do - 'radosgw.gateway' - end - - it { is_expected.to contain_apache__vhost('myhost.domain-radosgw').with( { - 'servername' => 'myhost.domain', - 'serveradmin' => 'root@localhost', - 'port' => 80, - 'docroot' => '/var/www', - 'rewrite_rule' => '^/([a-zA-Z0-9-_.]*)([/]?.*) /s3gw.fcgi?page=$1¶ms=$2&%{QUERY_STRING} [E=HTTP_AUTHORIZATION:%{HTTP:Authorization},L]', - 'access_log' => true, - 'error_log' => true, - 'fastcgi_server' => '/var/www/s3gw.fcgi', - 'fastcgi_socket' => '/tmp/radosgw.sock', - 'fastcgi_dir' => '/var/www', - })} - - it { is_expected.to contain_class('apache').with( - 'default_mods' => false, - 'default_vhost' => false, - 'purge_configs' => true, - 'purge_vhost_dir' => true, - )} - it { is_expected.to contain_class('apache::mod::alias') } - it { is_expected.to contain_class('apache::mod::auth_basic') } - it { is_expected.to contain_class('apache::mod::fastcgi') } - it { is_expected.to contain_class('apache::mod::mime') } - it { is_expected.to contain_class('apache::mod::rewrite') } - - it { is_expected.to contain_file('/var/www/s3gw.fcgi').with({ - 'ensure' => 'file', - 'owner' => 'root', - 'group' => 'root', - 'mode' => '0750', - 'content' => "#!/bin/sh -exec /usr/bin/radosgw -c /etc/ceph/ceph.conf -n radosgw.gateway", - })} - - end - - describe "activated with custom params" do - - let :title do - 'myid' - end - - let :params do - { - :rgw_dns_name => 'mydns.hostname', - :rgw_socket_path => '/some/location/radosgw.sock', - :rgw_port => 1111, - :admin_email => 'admin@hostname', - :fcgi_file => '/some/fcgi/filepath', - :syslog => false, - :apache_mods => true, - :apache_vhost => true, - :apache_purge_configs => false, - :apache_purge_vhost => false, - :custom_apache_ports => '8888', - } - end - - it { is_expected.to contain_class('apache').with( - 'default_mods' => true, - 'default_vhost' => true, - 'purge_configs' => false, - 'purge_vhost_dir' => false, - )} - it { is_expected.to contain_apache__listen('8888') } - it { is_expected.to contain_apache__vhost('mydns.hostname-radosgw').with( { - 'servername' => 'mydns.hostname', - 'serveradmin' => 'admin@hostname', - 'port' => 1111, - 'docroot' => '/var/www', - 'rewrite_rule' => '^/([a-zA-Z0-9-_.]*)([/]?.*) /s3gw.fcgi?page=$1¶ms=$2&%{QUERY_STRING} [E=HTTP_AUTHORIZATION:%{HTTP:Authorization},L]', - 'access_log' => false, - 'error_log' => false, - 'fastcgi_server' => '/some/fcgi/filepath', - 'fastcgi_socket' => '/some/location/radosgw.sock', - 'fastcgi_dir' => '/var/www', - } ) } - - it { is_expected.to contain_class('apache::mod::alias') } - it { is_expected.to contain_class('apache::mod::fastcgi') } - it { is_expected.to contain_class('apache::mod::mime') } - it { is_expected.to contain_class('apache::mod::rewrite') } - - it { is_expected.to contain_file('/some/fcgi/filepath') } - - end - end - -end diff --git a/ceph/spec/defines/ceph_rgw_apache_proxy_fcgi_spec.rb b/ceph/spec/defines/ceph_rgw_apache_proxy_fcgi_spec.rb deleted file mode 100644 index 7b965e6fd..000000000 --- a/ceph/spec/defines/ceph_rgw_apache_proxy_fcgi_spec.rb +++ /dev/null @@ -1,213 +0,0 @@ -# -# Copyright (C) 2014 Catalyst IT Limited. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# Author: Ricardo Rocha -# Author: David Gurtner -# Author: Oleksiy Molchanov -# -require 'spec_helper' - -describe 'ceph::rgw::apache_proxy_fcgi' do - - describe 'Debian Family' do - - let :facts do - { - :concat_basedir => '/var/lib/puppet/concat', - :fqdn => 'myhost.domain', - :hostname => 'myhost', - :osfamily => 'Debian', - :operatingsystem => 'Ubuntu', - :lsbdistid => 'Ubuntu', - :operatingsystemrelease => '14.04', - :lsbdistcodename => 'trusty', - } - end - - describe 'activated with default params' do - - let :title do - 'radosgw.gateway' - end - - it { is_expected.to contain_apache__vhost('myhost.domain-radosgw').with( { - 'servername' => 'myhost.domain', - 'serveradmin' => 'root@localhost', - 'port' => 80, - 'docroot' => '/var/www', - 'access_log' => true, - 'error_log' => true, - 'rewrite_rule' => '.* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization},L]', - 'setenv' => 'proxy-nokeepalive 1', - 'proxy_pass' => {'path' => '/', 'url' => 'fcgi://127.0.0.1:9000/'}, - })} - - it { is_expected.to contain_class('apache').with( - 'default_mods' => false, - 'default_vhost' => false, - 'purge_configs' => true, - 'purge_vhost_dir' => true, - )} - it { is_expected.to contain_class('apache::mod::alias') } - it { is_expected.to contain_class('apache::mod::auth_basic') } - it { is_expected.to contain_class('apache::mod::proxy') } - it { is_expected.to contain_class('apache::mod::mime') } - it { is_expected.to contain_class('apache::mod::rewrite') } - - end - - describe "activated with custom params" do - - let :title do - 'myid' - end - - let :params do - { - :rgw_dns_name => 'mydns.hostname', - :rgw_port => 1111, - :admin_email => 'admin@hostname', - :syslog => false, - :proxy_pass => {'path' => '/', 'url' => 'fcgi://127.0.0.1:9999/'}, - :apache_mods => true, - :apache_vhost => true, - :apache_purge_configs => false, - :apache_purge_vhost => false, - :custom_apache_ports => '8888', - } - end - - it { is_expected.to contain_class('apache').with( - 'default_mods' => true, - 'default_vhost' => true, - 'purge_configs' => false, - 'purge_vhost_dir' => false, - )} - it { is_expected.to contain_apache__listen('8888') } - it { is_expected.to contain_apache__vhost('mydns.hostname-radosgw').with( { - 'servername' => 'mydns.hostname', - 'serveradmin' => 'admin@hostname', - 'port' => 1111, - 'docroot' => '/var/www', - 'access_log' => false, - 'error_log' => false, - 'rewrite_rule' => '.* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization},L]', - 'setenv' => 'proxy-nokeepalive 1', - 'proxy_pass' => {'path' => '/', 'url' => 'fcgi://127.0.0.1:9999/'}, - } ) } - - it { is_expected.to contain_class('apache::mod::alias') } - it { is_expected.to contain_class('apache::mod::proxy') } - it { is_expected.to contain_class('apache::mod::mime') } - it { is_expected.to contain_class('apache::mod::rewrite') } - - end - end - - describe 'RedHat Family' do - - let :facts do - { - :concat_basedir => '/var/lib/puppet/concat', - :fqdn => 'myhost.domain', - :hostname => 'myhost', - :osfamily => 'RedHat', - :operatingsystem => 'RedHat', - :operatingsystemrelease => '7.2', - :operatingsystemmajrelease => '7', - } - end - - describe 'activated with default params' do - - let :title do - 'radosgw.gateway' - end - - it { is_expected.to contain_apache__vhost('myhost.domain-radosgw').with( { - 'servername' => 'myhost.domain', - 'serveradmin' => 'root@localhost', - 'port' => 80, - 'docroot' => '/var/www', - 'access_log' => true, - 'error_log' => true, - 'rewrite_rule' => '.* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization},L]', - 'setenv' => 'proxy-nokeepalive 1', - 'proxy_pass' => {'path' => '/', 'url' => 'fcgi://127.0.0.1:9000/'}, - })} - - it { is_expected.to contain_class('apache').with( - 'default_mods' => false, - 'default_vhost' => false, - 'purge_configs' => true, - 'purge_vhost_dir' => true, - )} - it { is_expected.to contain_class('apache::mod::alias') } - it { is_expected.to contain_class('apache::mod::auth_basic') } - it { is_expected.to contain_class('apache::mod::proxy') } - it { is_expected.to contain_class('apache::mod::mime') } - it { is_expected.to contain_class('apache::mod::rewrite') } - - end - - describe "activated with custom params" do - - let :title do - 'myid' - end - - let :params do - { - :rgw_dns_name => 'mydns.hostname', - :rgw_port => 1111, - :admin_email => 'admin@hostname', - :syslog => false, - :proxy_pass => {'path'=>'/', 'url'=>'fcgi://127.0.0.1:9999/'}, - :apache_mods => true, - :apache_vhost => true, - :apache_purge_configs => false, - :apache_purge_vhost => false, - :custom_apache_ports => '8888', - } - end - - it { is_expected.to contain_class('apache').with( - 'default_mods' => true, - 'default_vhost' => true, - 'purge_configs' => false, - 'purge_vhost_dir' => false, - )} - it { is_expected.to contain_apache__listen('8888') } - it { is_expected.to contain_apache__vhost('mydns.hostname-radosgw').with( { - 'servername' => 'mydns.hostname', - 'serveradmin' => 'admin@hostname', - 'port' => 1111, - 'docroot' => '/var/www', - 'access_log' => false, - 'error_log' => false, - 'rewrite_rule' => '.* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization},L]', - 'setenv' => 'proxy-nokeepalive 1', - 'proxy_pass' => {'path' => '/', 'url' => 'fcgi://127.0.0.1:9999/'}, - } ) } - - it { is_expected.to contain_class('apache::mod::alias') } - it { is_expected.to contain_class('apache::mod::proxy') } - it { is_expected.to contain_class('apache::mod::mime') } - it { is_expected.to contain_class('apache::mod::rewrite') } - - end - end - -end diff --git a/ceph/spec/defines/ceph_rgw_apache_spec.rb b/ceph/spec/defines/ceph_rgw_apache_spec.rb deleted file mode 100644 index 5a4e45dbf..000000000 --- a/ceph/spec/defines/ceph_rgw_apache_spec.rb +++ /dev/null @@ -1,218 +0,0 @@ -# Copyright (C) 2014 Catalyst IT Limited. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# Author: Ricardo Rocha -# Author: David Gurtner -# -require 'spec_helper' - -describe 'ceph::rgw::apache' do - - let :pre_condition do - "include ceph::params - class { 'ceph::repo': - fastcgi => true, - }" - end - - describe 'Debian Family' do - - let :facts do - { - :concat_basedir => '/var/lib/puppet/concat', - :fqdn => 'myhost.domain', - :hostname => 'myhost', - :osfamily => 'Debian', - :operatingsystem => 'Ubuntu', - :operatingsystemrelease => '14.04', - :lsbdistid => 'Ubuntu', - :lsbdistcodename => 'trusty', - :pkg_fastcgi => 'libapache2-mod-fastcgi', - } - end - - describe 'activated with default params' do - - let :title do - 'radosgw.gateway' - end - - it { is_expected.to contain_apache__vhost('myhost.domain-radosgw').with( { - 'servername' => 'myhost.domain', - 'serveradmin' => 'root@localhost', - 'port' => 80, - 'docroot' => '/var/www', - 'rewrite_rule' => '^/([a-zA-Z0-9-_.]*)([/]?.*) /s3gw.fcgi?page=$1¶ms=$2&%{QUERY_STRING} [E=HTTP_AUTHORIZATION:%{HTTP:Authorization},L]', - 'access_log' => true, - 'error_log' => true, - 'fastcgi_server' => '/var/www/s3gw.fcgi', - 'fastcgi_socket' => '/tmp/radosgw.sock', - 'fastcgi_dir' => '/var/www', - })} - - it { is_expected.to contain_class('apache') } - it { is_expected.to contain_class('apache::mod::alias') } - it { is_expected.to contain_class('apache::mod::auth_basic') } - it { is_expected.to contain_class('apache::mod::fastcgi') } - it { is_expected.to contain_class('apache::mod::mime') } - it { is_expected.to contain_class('apache::mod::rewrite') } - - it { is_expected.to contain_file('/var/www/s3gw.fcgi').with({ - 'ensure' => 'file', - 'owner' => 'root', - 'group' => 'root', - 'mode' => '0750', - 'content' => "#!/bin/sh -exec /usr/bin/radosgw -c /etc/ceph/ceph.conf -n radosgw.gateway", - })} - - end - - describe "activated with custom params" do - - let :title do - 'myid' - end - - let :params do - { - :rgw_dns_name => 'mydns.hostname', - :rgw_socket_path => '/some/location/radosgw.sock', - :rgw_port => 1111, - :admin_email => 'admin@hostname', - :fcgi_file => '/some/fcgi/filepath', - :syslog => false, - } - end - - it { is_expected.to contain_apache__vhost('mydns.hostname-radosgw').with( { - 'servername' => 'mydns.hostname', - 'serveradmin' => 'admin@hostname', - 'port' => 1111, - 'docroot' => '/var/www', - 'rewrite_rule' => '^/([a-zA-Z0-9-_.]*)([/]?.*) /s3gw.fcgi?page=$1¶ms=$2&%{QUERY_STRING} [E=HTTP_AUTHORIZATION:%{HTTP:Authorization},L]', - 'access_log' => false, - 'error_log' => false, - 'fastcgi_server' => '/some/fcgi/filepath', - 'fastcgi_socket' => '/some/location/radosgw.sock', - 'fastcgi_dir' => '/var/www', - } ) } - - it { is_expected.to contain_class('apache') } - it { is_expected.to contain_class('apache::mod::alias') } - it { is_expected.to contain_class('apache::mod::auth_basic') } - it { is_expected.to contain_class('apache::mod::fastcgi') } - it { is_expected.to contain_class('apache::mod::mime') } - it { is_expected.to contain_class('apache::mod::rewrite') } - - it { is_expected.to contain_file('/some/fcgi/filepath') } - - end - end - - describe 'RedHat Family' do - - let :facts do - { - :concat_basedir => '/var/lib/puppet/concat', - :fqdn => 'myhost.domain', - :hostname => 'myhost', - :osfamily => 'RedHat', - :operatingsystem => 'RedHat', - :operatingsystemrelease => '7.2', - :operatingsystemmajrelease => '7', - :pkg_fastcgi => 'libapache2-mod-fastcgi', - } - end - - describe 'activated with default params' do - - let :title do - 'radosgw.gateway' - end - - it { is_expected.to contain_apache__vhost('myhost.domain-radosgw').with( { - 'servername' => 'myhost.domain', - 'serveradmin' => 'root@localhost', - 'port' => 80, - 'docroot' => '/var/www', - 'rewrite_rule' => '^/([a-zA-Z0-9-_.]*)([/]?.*) /s3gw.fcgi?page=$1¶ms=$2&%{QUERY_STRING} [E=HTTP_AUTHORIZATION:%{HTTP:Authorization},L]', - 'access_log' => true, - 'error_log' => true, - 'fastcgi_server' => '/var/www/s3gw.fcgi', - 'fastcgi_socket' => '/tmp/radosgw.sock', - 'fastcgi_dir' => '/var/www', - })} - - it { is_expected.to contain_class('apache') } - it { is_expected.to contain_class('apache::mod::alias') } - it { is_expected.to contain_class('apache::mod::auth_basic') } - it { is_expected.to contain_class('apache::mod::fastcgi') } - it { is_expected.to contain_class('apache::mod::mime') } - it { is_expected.to contain_class('apache::mod::rewrite') } - - it { is_expected.to contain_file('/var/www/s3gw.fcgi').with({ - 'ensure' => 'file', - 'owner' => 'root', - 'group' => 'root', - 'mode' => '0750', - 'content' => "#!/bin/sh -exec /usr/bin/radosgw -c /etc/ceph/ceph.conf -n radosgw.gateway", - })} - - end - - describe "activated with custom params" do - - let :title do - 'myid' - end - - let :params do - { - :rgw_dns_name => 'mydns.hostname', - :rgw_socket_path => '/some/location/radosgw.sock', - :rgw_port => 1111, - :admin_email => 'admin@hostname', - :fcgi_file => '/some/fcgi/filepath', - :syslog => false, - } - end - - it { is_expected.to contain_apache__vhost('mydns.hostname-radosgw').with( { - 'servername' => 'mydns.hostname', - 'serveradmin' => 'admin@hostname', - 'port' => 1111, - 'docroot' => '/var/www', - 'rewrite_rule' => '^/([a-zA-Z0-9-_.]*)([/]?.*) /s3gw.fcgi?page=$1¶ms=$2&%{QUERY_STRING} [E=HTTP_AUTHORIZATION:%{HTTP:Authorization},L]', - 'access_log' => false, - 'error_log' => false, - 'fastcgi_server' => '/some/fcgi/filepath', - 'fastcgi_socket' => '/some/location/radosgw.sock', - 'fastcgi_dir' => '/var/www', - } ) } - - it { is_expected.to contain_class('apache') } - it { is_expected.to contain_class('apache::mod::alias') } - it { is_expected.to contain_class('apache::mod::auth_basic') } - it { is_expected.to contain_class('apache::mod::fastcgi') } - it { is_expected.to contain_class('apache::mod::mime') } - it { is_expected.to contain_class('apache::mod::rewrite') } - - it { is_expected.to contain_file('/some/fcgi/filepath') } - - end - end - -end diff --git a/ceph/spec/defines/ceph_rgw_civetweb_spec.rb b/ceph/spec/defines/ceph_rgw_civetweb_spec.rb deleted file mode 100644 index d1a59b450..000000000 --- a/ceph/spec/defines/ceph_rgw_civetweb_spec.rb +++ /dev/null @@ -1,111 +0,0 @@ -# -# Copyright (C) 2016 Keith Schincke -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# Author: Keith Schincke -# -require 'spec_helper' - -describe 'ceph::rgw' do - - let :pre_condition do - 'include ceph::params' - end - - shared_examples_for 'ceph rgw civetweb' do - - describe "activated with civetweb params" do - let :title do - 'radosgw.civetweb' - end - let :params do - { - :frontend_type => 'civetweb', - } - end - it { is_expected.to contain_ceph_config('client.radosgw.civetweb/user').with_value("#{default_params[:user]}") } - it { is_expected.to contain_ceph_config('client.radosgw.civetweb/host').with_value('myhost') } - it { is_expected.to contain_ceph_config('client.radosgw.civetweb/keyring').with_value('/etc/ceph/ceph.client.radosgw.civetweb.keyring') } - it { is_expected.to contain_ceph_config('client.radosgw.civetweb/log_file').with_value('/var/log/ceph/radosgw.log') } - it { is_expected.to_not contain_ceph_config('client.radosgw.civetweb/rgw_frontends') } - end - - describe "activated with custom civetweb params" do - let :title do - 'radosgw.custom' - end - let :params do - { - :frontend_type => 'civetweb', - :rgw_frontends => 'civetweb port=7481', - :user => 'root', - } - end - it { is_expected.to contain_ceph_config('client.radosgw.custom/rgw_frontends').with_value('civetweb port=7481') } - it { is_expected.to contain_ceph_config('client.radosgw.custom/user').with_value('root') } - it { is_expected.to contain_ceph_config('client.radosgw.custom/host').with_value('myhost') } - it { is_expected.to contain_ceph_config('client.radosgw.custom/keyring').with_value('/etc/ceph/ceph.client.radosgw.custom.keyring') } - it { is_expected.to contain_ceph_config('client.radosgw.custom/log_file').with_value('/var/log/ceph/radosgw.log') } - end - - end - - describe 'Debian Family' do - - let :facts do - { - :concat_basedir => '/var/lib/puppet/concat', - :fqdn => 'myhost.domain', - :hostname => 'myhost', - :osfamily => 'Debian', - :operatingsystem => 'Ubuntu', - :operatingsystemrelease => '14.04', - } - end - - let :default_params do - { - :pkg_radosgw => 'radosgw', - :user => 'www-data', - } - end - - it_configures 'ceph rgw civetweb' - end - - describe 'RedHat Family' do - - let :facts do - { - :concat_basedir => '/var/lib/puppet/concat', - :fqdn => 'myhost.domain', - :hostname => 'myhost', - :osfamily => 'RedHat', - :operatingsystem => 'RedHat', - :operatingsystemrelease => '7.2', - :operatingsystemmajrelease => '7', - } - end - - let :default_params do - { - :pkg_radosgw => 'ceph-radosgw', - :user => 'apache', - } - end - - it_configures 'ceph rgw civetweb' - end - -end diff --git a/ceph/spec/defines/ceph_rgw_keystone_spec.rb b/ceph/spec/defines/ceph_rgw_keystone_spec.rb deleted file mode 100644 index 8c5e27d47..000000000 --- a/ceph/spec/defines/ceph_rgw_keystone_spec.rb +++ /dev/null @@ -1,265 +0,0 @@ -# -# Copyright (C) 2014 Catalyst IT Limited. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# Author: Ricardo Rocha -# - -require 'spec_helper' - -describe 'ceph::rgw::keystone' do - - describe 'Debian Family' do - - let :facts do - { - :concat_basedir => '/var/lib/puppet/concat', - :fqdn => 'myhost.domain', - :hostname => 'myhost', - :lsbdistid => 'Ubuntu', - :lsbdistcodename => 'trusty', - :osfamily => 'Debian', - :operatingsystem => 'Ubuntu', - :operatingsystemrelease => '14.04', - } - end - - describe "create with default params" do - - let :pre_condition do - " - include ceph::params - class { 'ceph': fsid => 'd5252e7d-75bc-4083-85ed-fe51fa83f62b' } - class { 'ceph::repo': fastcgi => true, } - include ceph - ceph::rgw { 'radosgw.gateway': } - ceph::rgw::apache_fastcgi { 'radosgw.gateway': } - " - end - - let :title do - 'radosgw.gateway' - end - - let :params do - { - :rgw_keystone_url => 'http://keystone.default:5000', - :rgw_keystone_admin_token => 'defaulttoken', - } - end - - it { is_expected.to contain_ceph_config('client.radosgw.gateway/rgw_keystone_url').with_value('http://keystone.default:5000') } - it { is_expected.to contain_ceph_config('client.radosgw.gateway/rgw_keystone_admin_token').with_value('defaulttoken') } - it { is_expected.to contain_ceph_config('client.radosgw.gateway/rgw_keystone_accepted_roles').with_value('_member_, Member') } - it { is_expected.to contain_ceph_config('client.radosgw.gateway/rgw_keystone_token_cache_size').with_value(500) } - it { is_expected.to contain_ceph_config('client.radosgw.gateway/rgw_keystone_revocation_interval').with_value(600) } - it { is_expected.to contain_ceph_config('client.radosgw.gateway/nss_db_path').with_value('/var/lib/ceph/nss') } - - it { is_expected.to contain_exec('radosgw.gateway-nssdb-ca').with( - 'command' => "/bin/true # comment to satisfy puppet syntax requirements -set -ex -wget --no-check-certificate http://keystone.default:5000/v2.0/certificates/ca -O /tmp/ca -openssl x509 -in /tmp/ca -pubkey | certutil -A -d /var/lib/ceph/nss -n ca -t \"TCu,Cu,Tuw\" -", - 'user' => 'www-data', - ) } - it { is_expected.to contain_exec('radosgw.gateway-nssdb-signing').with( - 'command' => "/bin/true # comment to satisfy puppet syntax requirements -set -ex -wget --no-check-certificate http://keystone.default:5000/v2.0/certificates/signing -O /tmp/signing -openssl x509 -in /tmp/signing -pubkey | certutil -A -d /var/lib/ceph/nss -n signing_cert -t \"P,P,P\" -", - 'user' => 'www-data', - ) } - - end - - describe "create with custom params" do - - let :pre_condition do - " - include ceph::params - class { 'ceph': fsid => 'd5252e7d-75bc-4083-85ed-fe51fa83f62b' } - class { 'ceph::repo': fastcgi => true, } - ceph::rgw { 'radosgw.custom': } - ceph::rgw::apache_fastcgi { 'radosgw.custom': } - " - end - - let :title do - 'radosgw.custom' - end - - let :params do - { - :rgw_keystone_url => 'http://keystone.custom:5000', - :rgw_keystone_admin_token => 'mytoken', - :rgw_keystone_accepted_roles => '_role1_,role2', - :rgw_keystone_token_cache_size => 100, - :rgw_keystone_revocation_interval => 200, - :nss_db_path => '/some/path/to/nss', - } - end - - it { is_expected.to contain_ceph_config('client.radosgw.custom/rgw_keystone_url').with_value('http://keystone.custom:5000') } - it { is_expected.to contain_ceph_config('client.radosgw.custom/rgw_keystone_admin_token').with_value('mytoken') } - it { is_expected.to contain_ceph_config('client.radosgw.custom/rgw_keystone_accepted_roles').with_value('_role1_,role2') } - it { is_expected.to contain_ceph_config('client.radosgw.custom/rgw_keystone_token_cache_size').with_value(100) } - it { is_expected.to contain_ceph_config('client.radosgw.custom/rgw_keystone_revocation_interval').with_value(200) } - it { is_expected.to contain_ceph_config('client.radosgw.custom/nss_db_path').with_value('/some/path/to/nss') } - - it { is_expected.to contain_exec('radosgw.custom-nssdb-ca').with( - 'command' => "/bin/true # comment to satisfy puppet syntax requirements -set -ex -wget --no-check-certificate http://keystone.custom:5000/v2.0/certificates/ca -O /tmp/ca -openssl x509 -in /tmp/ca -pubkey | certutil -A -d /some/path/to/nss -n ca -t \"TCu,Cu,Tuw\" -", - 'user' => 'www-data', - ) } - it { is_expected.to contain_exec('radosgw.custom-nssdb-signing').with( - 'command' => "/bin/true # comment to satisfy puppet syntax requirements -set -ex -wget --no-check-certificate http://keystone.custom:5000/v2.0/certificates/signing -O /tmp/signing -openssl x509 -in /tmp/signing -pubkey | certutil -A -d /some/path/to/nss -n signing_cert -t \"P,P,P\" -", - 'user' => 'www-data', - ) } - - end end - - describe 'RedHat Family' do - - let :facts do - { - :concat_basedir => '/var/lib/puppet/concat', - :fqdn => 'myhost.domain', - :hostname => 'myhost', - :lsbdistcodename => 'Maipo', - :osfamily => 'RedHat', - :operatingsystem => 'RedHat', - :operatingsystemrelease => '7.2', - :operatingsystemmajrelease => '7', - } - end - - describe "create with default params" do - - let :pre_condition do - " - include ceph::params - class { 'ceph': fsid => 'd5252e7d-75bc-4083-85ed-fe51fa83f62b' } - class { 'ceph::repo': fastcgi => true, } - include ceph - ceph::rgw { 'radosgw.gateway': } - ceph::rgw::apache_fastcgi { 'radosgw.gateway': } - " - end - - let :title do - 'radosgw.gateway' - end - - let :params do - { - :rgw_keystone_url => 'http://keystone.default:5000', - :rgw_keystone_admin_token => 'defaulttoken', - } - end - - it { is_expected.to contain_ceph_config('client.radosgw.gateway/rgw_keystone_url').with_value('http://keystone.default:5000') } - it { is_expected.to contain_ceph_config('client.radosgw.gateway/rgw_keystone_admin_token').with_value('defaulttoken') } - it { is_expected.to contain_ceph_config('client.radosgw.gateway/rgw_keystone_accepted_roles').with_value('_member_, Member') } - it { is_expected.to contain_ceph_config('client.radosgw.gateway/rgw_keystone_token_cache_size').with_value(500) } - it { is_expected.to contain_ceph_config('client.radosgw.gateway/rgw_keystone_revocation_interval').with_value(600) } - it { is_expected.to contain_ceph_config('client.radosgw.gateway/nss_db_path').with_value('/var/lib/ceph/nss') } - - it { is_expected.to contain_exec('radosgw.gateway-nssdb-ca').with( - 'command' => "/bin/true # comment to satisfy puppet syntax requirements -set -ex -wget --no-check-certificate http://keystone.default:5000/v2.0/certificates/ca -O /tmp/ca -openssl x509 -in /tmp/ca -pubkey | certutil -A -d /var/lib/ceph/nss -n ca -t \"TCu,Cu,Tuw\" -", - 'user' => 'apache', - ) } - it { is_expected.to contain_exec('radosgw.gateway-nssdb-signing').with( - 'command' => "/bin/true # comment to satisfy puppet syntax requirements -set -ex -wget --no-check-certificate http://keystone.default:5000/v2.0/certificates/signing -O /tmp/signing -openssl x509 -in /tmp/signing -pubkey | certutil -A -d /var/lib/ceph/nss -n signing_cert -t \"P,P,P\" -", - 'user' => 'apache', - ) } - - end - - describe "create with custom params" do - - let :pre_condition do - " - include ceph::params - class { 'ceph': fsid => 'd5252e7d-75bc-4083-85ed-fe51fa83f62b' } - class { 'ceph::repo': fastcgi => true, } - ceph::rgw { 'radosgw.custom': } - ceph::rgw::apache_fastcgi { 'radosgw.custom': } - " - end - - let :title do - 'radosgw.custom' - end - - let :params do - { - :rgw_keystone_url => 'http://keystone.custom:5000', - :rgw_keystone_admin_token => 'mytoken', - :rgw_keystone_accepted_roles => '_role1_,role2', - :rgw_keystone_token_cache_size => 100, - :rgw_keystone_revocation_interval => 200, - :nss_db_path => '/some/path/to/nss', - } - end - - it { is_expected.to contain_ceph_config('client.radosgw.custom/rgw_keystone_url').with_value('http://keystone.custom:5000') } - it { is_expected.to contain_ceph_config('client.radosgw.custom/rgw_keystone_admin_token').with_value('mytoken') } - it { is_expected.to contain_ceph_config('client.radosgw.custom/rgw_keystone_accepted_roles').with_value('_role1_,role2') } - it { is_expected.to contain_ceph_config('client.radosgw.custom/rgw_keystone_token_cache_size').with_value(100) } - it { is_expected.to contain_ceph_config('client.radosgw.custom/rgw_keystone_revocation_interval').with_value(200) } - it { is_expected.to contain_ceph_config('client.radosgw.custom/nss_db_path').with_value('/some/path/to/nss') } - - it { is_expected.to contain_exec('radosgw.custom-nssdb-ca').with( - 'command' => "/bin/true # comment to satisfy puppet syntax requirements -set -ex -wget --no-check-certificate http://keystone.custom:5000/v2.0/certificates/ca -O /tmp/ca -openssl x509 -in /tmp/ca -pubkey | certutil -A -d /some/path/to/nss -n ca -t \"TCu,Cu,Tuw\" -", - 'user' => 'apache', - ) } - it { is_expected.to contain_exec('radosgw.custom-nssdb-signing').with( - 'command' => "/bin/true # comment to satisfy puppet syntax requirements -set -ex -wget --no-check-certificate http://keystone.custom:5000/v2.0/certificates/signing -O /tmp/signing -openssl x509 -in /tmp/signing -pubkey | certutil -A -d /some/path/to/nss -n signing_cert -t \"P,P,P\" -", - 'user' => 'apache', - ) } - - end end -end - -# Local Variables: -# compile-command: "cd ../.. ; -# bundle install ; -# bundle exec rake spec -# " -# End: diff --git a/ceph/spec/defines/ceph_rgw_spec.rb b/ceph/spec/defines/ceph_rgw_spec.rb deleted file mode 100644 index 001cd9e19..000000000 --- a/ceph/spec/defines/ceph_rgw_spec.rb +++ /dev/null @@ -1,309 +0,0 @@ -# -# Copyright (C) 2014 Catalyst IT Limited. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# Author: Ricardo Rocha -# -require 'spec_helper' - -describe 'ceph::rgw' do - - let :pre_condition do - 'include ceph::params' - end - - describe 'Ubuntu 14.04' do - - let :facts do - { - :concat_basedir => '/var/lib/puppet/concat', - :fqdn => 'myhost.domain', - :hostname => 'myhost', - :osfamily => 'Debian', - :operatingsystem => 'Ubuntu', - :operatingsystemrelease => '14.04', - :service_provider => 'upstart', - } - end - - describe "activated with default params" do - - let :title do - 'radosgw.gateway' - end - - it { is_expected.to contain_package('radosgw').with('ensure' => 'installed') } - it { is_expected.to contain_ceph_config('client.radosgw.gateway/user').with_value('www-data') } - it { is_expected.to contain_ceph_config('client.radosgw.gateway/host').with_value('myhost') } - it { is_expected.to contain_ceph_config('client.radosgw.gateway/keyring').with_value('/etc/ceph/ceph.client.radosgw.gateway.keyring') } - it { is_expected.to contain_ceph_config('client.radosgw.gateway/log_file').with_value('/var/log/ceph/radosgw.log') } - it { is_expected.to contain_ceph_config('client.radosgw.gateway/rgw_dns_name').with_value('myhost.domain') } - it { is_expected.to contain_ceph_config('client.radosgw.gateway/rgw_print_continue').with_value(false) } - it { is_expected.to contain_ceph_config('client.radosgw.gateway/rgw_socket_path').with_value('/tmp/radosgw.sock') } - - it { is_expected.to contain_file('/var/lib/ceph/radosgw').with({ - 'ensure' => 'directory', - 'mode' => '0755', - })} - - it { is_expected.to contain_file('/var/lib/ceph/radosgw/ceph-radosgw.gateway').with({ - 'ensure' => 'directory', - 'owner' => 'root', - 'group' => 'root', - 'mode' => '0750', - })} - - it { is_expected.to contain_file('/var/lib/ceph/radosgw/ceph-radosgw.gateway/done') } - - it { is_expected.to contain_service('radosgw-radosgw.gateway') } - - end - - describe "activated with custom params" do - - let :title do - 'radosgw.custom' - end - - let :params do - { - :pkg_radosgw => 'pkgradosgw', - :rgw_ensure => 'stopped', - :rgw_enable => false, - :rgw_data => "/var/lib/ceph/radosgw/ceph-radosgw.custom", - :user => 'wwwuser', - :keyring_path => "/etc/ceph/ceph.radosgw.custom.keyring", - :log_file => '/var/log/ceph/mylogfile.log', - :rgw_dns_name => 'mydns.hostname', - :rgw_socket_path => '/some/location/radosgw.sock', - :rgw_print_continue => true, - :rgw_port => 1111, - :syslog => false, - } - end - - it { is_expected.to contain_package('pkgradosgw').with('ensure' => 'installed') } - - it { is_expected.to contain_ceph_config('client.radosgw.custom/host').with_value('myhost') } - it { is_expected.to contain_ceph_config('client.radosgw.custom/keyring').with_value('/etc/ceph/ceph.radosgw.custom.keyring') } - it { is_expected.to contain_ceph_config('client.radosgw.custom/log_file').with_value('/var/log/ceph/mylogfile.log') } - it { is_expected.to contain_ceph_config('client.radosgw.custom/rgw_dns_name').with_value('mydns.hostname') } - it { is_expected.to contain_ceph_config('client.radosgw.custom/rgw_print_continue').with_value(true) } - it { is_expected.to contain_ceph_config('client.radosgw.custom/rgw_socket_path').with_value('/some/location/radosgw.sock') } - it { is_expected.to contain_ceph_config('client.radosgw.custom/rgw_port').with_value(1111) } - it { is_expected.to contain_ceph_config('client.radosgw.custom/user').with_value('wwwuser') } - - it { is_expected.to contain_file('/var/lib/ceph/radosgw/ceph-radosgw.custom').with( { - 'ensure' => 'directory', - 'owner' => 'root', - 'group' => 'root', - 'mode' => '0750', - } ) } - - it { is_expected.to_not contain_file('/var/lib/ceph/radosgw/ceph-radosgw.gateway/done') } - - it { is_expected.to contain_service('radosgw-radosgw.custom').with('ensure' => 'stopped' ) } - - end - end - - describe 'Ubuntu 16.04' do - - let :facts do - { - :concat_basedir => '/var/lib/puppet/concat', - :fqdn => 'myhost.domain', - :hostname => 'myhost', - :osfamily => 'Debian', - :operatingsystem => 'Ubuntu', - :operatingsystemrelease => '16.04', - :service_provider => 'systemd', - } - end - - describe "activated with default params" do - - let :title do - 'radosgw.gateway' - end - - it { is_expected.to contain_package('radosgw').with('ensure' => 'installed') } - it { is_expected.to contain_ceph_config('client.radosgw.gateway/user').with_value('www-data') } - it { is_expected.to contain_ceph_config('client.radosgw.gateway/host').with_value('myhost') } - it { is_expected.to contain_ceph_config('client.radosgw.gateway/keyring').with_value('/etc/ceph/ceph.client.radosgw.gateway.keyring') } - it { is_expected.to contain_ceph_config('client.radosgw.gateway/log_file').with_value('/var/log/ceph/radosgw.log') } - it { is_expected.to contain_ceph_config('client.radosgw.gateway/rgw_dns_name').with_value('myhost.domain') } - it { is_expected.to contain_ceph_config('client.radosgw.gateway/rgw_print_continue').with_value(false) } - it { is_expected.to contain_ceph_config('client.radosgw.gateway/rgw_socket_path').with_value('/tmp/radosgw.sock') } - - it { is_expected.to contain_file('/var/lib/ceph/radosgw').with({ - 'ensure' => 'directory', - 'mode' => '0755', - })} - - it { is_expected.to contain_file('/var/lib/ceph/radosgw/ceph-radosgw.gateway').with({ - 'ensure' => 'directory', - 'owner' => 'root', - 'group' => 'root', - 'mode' => '0750', - })} - - it { is_expected.to contain_service('radosgw-radosgw.gateway') } - - end - - describe "activated with custom params" do - - let :title do - 'radosgw.custom' - end - - let :params do - { - :pkg_radosgw => 'pkgradosgw', - :rgw_ensure => 'stopped', - :rgw_enable => false, - :rgw_data => "/var/lib/ceph/radosgw/ceph-radosgw.custom", - :user => 'wwwuser', - :keyring_path => "/etc/ceph/ceph.radosgw.custom.keyring", - :log_file => '/var/log/ceph/mylogfile.log', - :rgw_dns_name => 'mydns.hostname', - :rgw_socket_path => '/some/location/radosgw.sock', - :rgw_print_continue => true, - :rgw_port => 1111, - :syslog => false, - } - end - - it { is_expected.to contain_package('pkgradosgw').with('ensure' => 'installed') } - - it { is_expected.to contain_ceph_config('client.radosgw.custom/host').with_value('myhost') } - it { is_expected.to contain_ceph_config('client.radosgw.custom/keyring').with_value('/etc/ceph/ceph.radosgw.custom.keyring') } - it { is_expected.to contain_ceph_config('client.radosgw.custom/log_file').with_value('/var/log/ceph/mylogfile.log') } - it { is_expected.to contain_ceph_config('client.radosgw.custom/rgw_dns_name').with_value('mydns.hostname') } - it { is_expected.to contain_ceph_config('client.radosgw.custom/rgw_print_continue').with_value(true) } - it { is_expected.to contain_ceph_config('client.radosgw.custom/rgw_socket_path').with_value('/some/location/radosgw.sock') } - it { is_expected.to contain_ceph_config('client.radosgw.custom/rgw_port').with_value(1111) } - it { is_expected.to contain_ceph_config('client.radosgw.custom/user').with_value('wwwuser') } - - it { is_expected.to contain_file('/var/lib/ceph/radosgw/ceph-radosgw.custom').with( { - 'ensure' => 'directory', - 'owner' => 'root', - 'group' => 'root', - 'mode' => '0750', - } ) } - - it { is_expected.to_not contain_file('/var/lib/ceph/radosgw/ceph-radosgw.gateway/done') } - - it { is_expected.to contain_service('radosgw-radosgw.custom').with('ensure' => 'stopped' ) } - - end - end - - describe 'RedHat Family' do - - let :facts do - { - :concat_basedir => '/var/lib/puppet/concat', - :fqdn => 'myhost.domain', - :hostname => 'myhost', - :osfamily => 'RedHat', - :operatingsystem => 'RedHat', - :operatingsystemrelease => '7.2', - :operatingsystemmajrelease => '7', - } - end - - describe "activated with default params" do - - let :title do - 'radosgw.gateway' - end - - it { is_expected.to contain_package('ceph-radosgw').with('ensure' => 'installed') } - it { is_expected.to contain_ceph_config('client.radosgw.gateway/user').with_value('apache') } - it { is_expected.to contain_ceph_config('client.radosgw.gateway/host').with_value('myhost') } - it { is_expected.to contain_ceph_config('client.radosgw.gateway/keyring').with_value('/etc/ceph/ceph.client.radosgw.gateway.keyring') } - it { is_expected.to contain_ceph_config('client.radosgw.gateway/log_file').with_value('/var/log/ceph/radosgw.log') } - it { is_expected.to contain_ceph_config('client.radosgw.gateway/rgw_dns_name').with_value('myhost.domain') } - it { is_expected.to contain_ceph_config('client.radosgw.gateway/rgw_print_continue').with_value(false) } - it { is_expected.to contain_ceph_config('client.radosgw.gateway/rgw_socket_path').with_value('/tmp/radosgw.sock') } - - it { is_expected.to contain_file('/var/lib/ceph/radosgw').with({ - 'ensure' => 'directory', - 'mode' => '0755', - })} - - it { is_expected.to contain_file('/var/lib/ceph/radosgw/ceph-radosgw.gateway').with({ - 'ensure' => 'directory', - 'owner' => 'root', - 'group' => 'root', - 'mode' => '0750', - })} - - it { is_expected.to contain_file('/var/lib/ceph/radosgw/ceph-radosgw.gateway/sysvinit') } - - it { is_expected.to contain_service('radosgw-radosgw.gateway') } - - end - - describe "activated with custom params" do - - let :title do - 'radosgw.custom' - end - - let :params do - { - :pkg_radosgw => 'pkgradosgw', - :rgw_ensure => 'stopped', - :rgw_enable => false, - :rgw_data => "/var/lib/ceph/radosgw/ceph-radosgw.custom", - :user => 'wwwuser', - :keyring_path => "/etc/ceph/ceph.radosgw.custom.keyring", - :log_file => '/var/log/ceph/mylogfile.log', - :rgw_dns_name => 'mydns.hostname', - :rgw_socket_path => '/some/location/radosgw.sock', - :rgw_print_continue => true, - :rgw_port => 1111, - :syslog => false, - } - end - - it { is_expected.to contain_package('pkgradosgw').with('ensure' => 'installed') } - - it { is_expected.to contain_ceph_config('client.radosgw.custom/host').with_value('myhost') } - it { is_expected.to contain_ceph_config('client.radosgw.custom/keyring').with_value('/etc/ceph/ceph.radosgw.custom.keyring') } - it { is_expected.to contain_ceph_config('client.radosgw.custom/log_file').with_value('/var/log/ceph/mylogfile.log') } - it { is_expected.to contain_ceph_config('client.radosgw.custom/rgw_dns_name').with_value('mydns.hostname') } - it { is_expected.to contain_ceph_config('client.radosgw.custom/rgw_print_continue').with_value(true) } - it { is_expected.to contain_ceph_config('client.radosgw.custom/rgw_socket_path').with_value('/some/location/radosgw.sock') } - it { is_expected.to contain_ceph_config('client.radosgw.custom/rgw_port').with_value(1111) } - it { is_expected.to contain_ceph_config('client.radosgw.custom/user').with_value('wwwuser') } - - it { is_expected.to contain_file('/var/lib/ceph/radosgw/ceph-radosgw.custom').with( { - 'ensure' => 'directory', - 'owner' => 'root', - 'group' => 'root', - 'mode' => '0750', - } ) } - - it { is_expected.to_not contain_file('/var/lib/ceph/radosgw/ceph-radosgw.gateway/sysvinit') } - - it { is_expected.to contain_service('radosgw-radosgw.custom').with('ensure' => 'stopped' ) } - - end - end - -end diff --git a/ceph/spec/fixtures/hieradata/common.yaml b/ceph/spec/fixtures/hieradata/common.yaml deleted file mode 100644 index 3393a3912..000000000 --- a/ceph/spec/fixtures/hieradata/common.yaml +++ /dev/null @@ -1,47 +0,0 @@ ---- -######## Ceph -ceph::profile::params::release: 'hammer' - -######## Ceph.conf -ceph::profile::params::fsid: '4b5c8c0a-ff60-454b-a1b4-9747aa737d19' -ceph::profile::params::authentication_type: 'cephx' -ceph::profile::params::mon_initial_members: 'first, second' -ceph::profile::params::mon_host: '10.11.12.2:6789, 10.11.12.3:6789' -ceph::profile::params::osd_journal_size: '4096' -ceph::profile::params::osd_pool_default_pg_num: '200' -ceph::profile::params::osd_pool_default_pgp_num: '200' -ceph::profile::params::osd_pool_default_size: '2' -ceph::profile::params::osd_pool_default_min_size: '1' -ceph::profile::params::cluster_network: '10.12.13.0/24' -ceph::profile::params::public_network: '10.11.12.0/24' -ceph::profile::params::public_addr: '10.11.12.2' - -######## Keys -ceph::profile::params::mon_key: 'AQATGHJTUCBqIBAA7M2yafV1xctn1pgr3GcKPg==' -ceph::profile::params::client_keys: - 'client.admin': - secret: 'AQBMGHJTkC8HKhAAJ7NH255wYypgm1oVuV41MA==' - mode: '0600' - cap_mon: 'allow *' - cap_osd: 'allow *' - cap_mds: 'allow *' - 'client.bootstrap-osd': - secret: 'AQARG3JTsDDEHhAAVinHPiqvJkUi5Mww/URupw==' - keyring_path: '/var/lib/ceph/bootstrap-osd/ceph.keyring' - cap_mon: 'allow profile bootstrap-osd' - 'client.bootstrap-mds': - secret: 'AQCztJdSyNb0NBAASA2yPZPuwXeIQnDJ9O8gVw==' - keyring_path: '/var/lib/ceph/bootstrap-mds/ceph.keyring' - cap_mon: 'allow profile bootstrap-mds' - 'client.volumes': - secret: 'AQA4MPZTOGU0ARAAXH9a0fXxVq0X25n2yPREDw==' - mode: '0644' - user: 'root' - group: 'root' - cap_mon: 'allow r' - cap_osd: 'allow class-read object_prefix rbd_children, allow rwx pool=volumes' -ceph::profile::params::osds: - '/dev/sdc': - journal: '/dev/sdb' - '/dev/sdd': - journal: '/dev/sdb' diff --git a/ceph/spec/fixtures/hieradata/hiera.yaml b/ceph/spec/fixtures/hieradata/hiera.yaml deleted file mode 100644 index 81c0fc9e0..000000000 --- a/ceph/spec/fixtures/hieradata/hiera.yaml +++ /dev/null @@ -1,8 +0,0 @@ ---- -:backends: - - yaml -:yaml: - :datadir: /var/lib/hiera -:hierarchy: - - "nodes/%{::hostname}" - - common diff --git a/ceph/spec/fixtures/hieradata/nodes/client.yaml b/ceph/spec/fixtures/hieradata/nodes/client.yaml deleted file mode 100644 index 5a45476de..000000000 --- a/ceph/spec/fixtures/hieradata/nodes/client.yaml +++ /dev/null @@ -1,9 +0,0 @@ ---- -ceph::profile::params::client_keys: - 'client.volumes': - secret: 'AQA4MPZTOGU0ARAAXH9a0fXxVq0X25n2yPREDw==' - mode: '0644' - user: 'root' - group: 'root' - cap_mon: 'allow r' - cap_osd: 'allow class-read object_prefix rbd_children, allow rwx pool=volumes' diff --git a/ceph/spec/fixtures/hieradata/nodes/first.yaml b/ceph/spec/fixtures/hieradata/nodes/first.yaml deleted file mode 100644 index 02ea11dbb..000000000 --- a/ceph/spec/fixtures/hieradata/nodes/first.yaml +++ /dev/null @@ -1,6 +0,0 @@ ---- -######## OSD -ceph::profile::params::osds: - '/dev/sdb': - journal: '/srv/journal' - diff --git a/ceph/spec/spec_helper.rb b/ceph/spec/spec_helper.rb deleted file mode 100644 index 6e4b47b96..000000000 --- a/ceph/spec/spec_helper.rb +++ /dev/null @@ -1,38 +0,0 @@ -# -# Copyright (C) 2014 Nine Internet Solutions AG -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# Author: David Gurtner -# -require 'puppetlabs_spec_helper/module_spec_helper' - -RSpec.configure do |c| - fixture_path = File.expand_path(File.join(File.dirname(__FILE__), 'fixtures')) - - c.hiera_config = File.join(fixture_path, 'hieradata/hiera.yaml') - - c.alias_it_should_behave_like_to(:it_configures, 'configures') - - c.before(:all) do - data = YAML.load_file(c.hiera_config) - data[:yaml][:datadir] = File.join(fixture_path, 'hieradata') - File.open(c.hiera_config, 'w') do |f| - f.write data.to_yaml - end - end - - c.after(:all) do - `git checkout -- #{c.hiera_config}` - end -end diff --git a/ceph/spec/spec_helper_acceptance.rb b/ceph/spec/spec_helper_acceptance.rb deleted file mode 100644 index a94b18b54..000000000 --- a/ceph/spec/spec_helper_acceptance.rb +++ /dev/null @@ -1,60 +0,0 @@ -# -# Copyright (C) 2015 David Gurtner -# -# Author: David Gurtner -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -require 'minitest' -require 'beaker-rspec' - -RSpec.configure do |c| - # Project root - proj_root = File.expand_path(File.join(File.dirname(__FILE__), '..')) - - hosts.each do |host| - install_puppet - # clean out any module cruft - shell('rm -fr /etc/puppet/modules/*') - on host, "mkdir -p #{host['distmoduledir']}" - # we will provide our own epel, but excluding the ceph packages later - shell('rm -f /etc/yum.repos.d/epel.repo') - end - - c.formatter = :documentation - - c.before :suite do - hosts.each do |host| - scp_to hosts, File.join(proj_root, 'spec/fixtures/hieradata/hiera.yaml'), '/etc/puppet/hiera.yaml' - # https://tickets.puppetlabs.com/browse/PUP-2566 - on host, 'sed -i "/templatedir/d" /etc/puppet/puppet.conf' - install_package host, 'git' - on host, puppet('module install puppetlabs/stdlib --version ">=4.0.0 <5.0.0"'), { :acceptable_exit_codes => [0,1] } - on host, puppet('module install puppetlabs/inifile --version ">=1.0.0 <2.0.0"'), { :acceptable_exit_codes => [0,1] } - on host, puppet('module install puppetlabs/apt --version ">=2.0.0 <3.0.0"'), { :acceptable_exit_codes => [0,1] } - on host, puppet('module install puppetlabs/concat --version ">=1.2.1 <3.0.0"'), { :acceptable_exit_codes => [0,1] } - on host, puppet('module install puppetlabs/apache --version ">=1.4.1 <2.0.0"'), { :acceptable_exit_codes => [0,1] } - on host, puppet('module install stackforge/keystone --version ">=5.1.0 <6.0.0"'), { :acceptable_exit_codes => [0,1] } # keystone >=5.1.0 <6.0.0 is not present in openstack/keystone - puppet_module_install(:source => proj_root, :module_name => 'ceph') - # Flush the firewall - flushfw = <<-EOS - iptables -F - iptables -X - iptables -P INPUT ACCEPT - iptables -P OUTPUT ACCEPT - iptables -P FORWARD ACCEPT - EOS - on host, flushfw - end - end -end diff --git a/ceph/spec/unit/provider/ceph_config/ini_setting_spec.rb b/ceph/spec/unit/provider/ceph_config/ini_setting_spec.rb deleted file mode 100644 index f47ce5632..000000000 --- a/ceph/spec/unit/provider/ceph_config/ini_setting_spec.rb +++ /dev/null @@ -1,71 +0,0 @@ -# Copyright (C) 2013 Mirantis Inc. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# Author: Andrew Woodward - -# This is aparently one of the few ways to do this load -# see https://github.com/openstack/puppet-nova/blob/master/spec/unit/provider/nova_config/ini_setting_spec.rb -$LOAD_PATH.push( - File.join( - File.dirname(__FILE__), - '..', - '..', - '..', - 'fixtures', - 'modules', - 'inifile', - 'lib') -) - -require 'spec_helper' -require 'puppet' - -provider_class = Puppet::Type.type(:ceph_config).provider(:ini_setting) - -describe provider_class do - include PuppetlabsSpec::Files - - let(:tmpfile) { tmpfilename("ceph_config_test") } - - let(:params) { { - :path => tmpfile, - } } - - def validate(expected) - expect(File.read(tmpfile)).to eq(expected) - end - - it 'should create keys = value and ensure space around equals' do - resource = Puppet::Type::Ceph_config.new(params.merge( - :name => 'global/ceph_is_foo', :value => 'bar')) - provider = provider_class.new(resource) - expect(provider.exists?).to be_falsey - provider.create - expect(provider.exists?).to be_truthy - validate(<<-EOS - -[global] -ceph_is_foo = bar - EOS - ) - end - - it 'should default to file_path if param path is not passed' do - resource = Puppet::Type::Ceph_config.new( - :name => 'global/ceph_is_foo', :value => 'bar') - provider = provider_class.new(resource) - expect(provider.file_path).to eq('/etc/ceph/ceph.conf') - end - -end diff --git a/ceph/spec/unit/type/ceph_config_spec.rb b/ceph/spec/unit/type/ceph_config_spec.rb deleted file mode 100644 index c78dfb684..000000000 --- a/ceph/spec/unit/type/ceph_config_spec.rb +++ /dev/null @@ -1,41 +0,0 @@ -# Copyright (C) 2013 Mirantis Inc. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# Author: Andrew Woodward - -require 'puppet' -require 'puppet/type/ceph_config' - -describe 'Puppet::Type.type(:ceph_config)' do - - before :each do - @ceph_config = Puppet::Type.type(:ceph_config).new( - :name => 'global/ceph_is_foo', :value => 'bar') - end - - it 'should work bascily' do - @ceph_config[:value] = 'max' - expect(@ceph_config[:value]).to eq('max') - end - - it 'should convert true to True' do - @ceph_config[:value] = 'tRuE' - expect(@ceph_config[:value]).to eq('True') - end - - it 'should convert false to False' do - @ceph_config[:value] = 'fAlSe' - expect(@ceph_config[:value]).to eq('False') - end -end \ No newline at end of file diff --git a/ceph/test-requirements.txt b/ceph/test-requirements.txt deleted file mode 100644 index bedd66690..000000000 --- a/ceph/test-requirements.txt +++ /dev/null @@ -1,4 +0,0 @@ -# this is required for the docs build jobs -sphinx!=1.2.0,!=1.3b1,<1.3,>=1.1.2 -oslosphinx>=2.5.0 # Apache-2.0 -reno>=0.1.1 # Apache-2.0 diff --git a/ceph/tox.ini b/ceph/tox.ini deleted file mode 100644 index aea06c84f..000000000 --- a/ceph/tox.ini +++ /dev/null @@ -1,8 +0,0 @@ -[tox] -minversion = 1.6 -skipsdist = True -envlist = releasenotes - -[testenv:releasenotes] -deps = -rtest-requirements.txt -commands = sphinx-build -a -E -W -d releasenotes/build/doctrees -b html releasenotes/source releasenotes/build/html diff --git a/certmonger/LICENSE b/certmonger/LICENSE deleted file mode 100644 index 3fa0da30c..000000000 --- a/certmonger/LICENSE +++ /dev/null @@ -1,13 +0,0 @@ -Copyright 2013 Red Hat, Inc. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. diff --git a/certmonger/Modulefile b/certmonger/Modulefile deleted file mode 100644 index 5ec7c4b56..000000000 --- a/certmonger/Modulefile +++ /dev/null @@ -1,10 +0,0 @@ -name 'rcritten/certmonger' -version '1.0.3' -source 'git://github.com/rcritten/puppet-certmonger.git' -author 'Rob Crittenden ' -license 'Apache' -summary 'Certmonger Puppet Module' -description 'This module tracks certificates using certmonger.' -project_page 'https://github.com/rcritten/puppet-certmonger' - -dependency 'puppetlabs/stdlib', '>= 0.0.1' diff --git a/certmonger/README.md b/certmonger/README.md deleted file mode 100644 index edcb46d38..000000000 --- a/certmonger/README.md +++ /dev/null @@ -1,34 +0,0 @@ -# certmonger puppet module - -very simple puppet module to request IPA certs via certmonger. - -This requires that the machine already be enrolled in an IPA server - -When using an NSS database this has a side-effect of creating a file -in the enrolled subdirectory of the NSS database named after the principal. -This is an indicator that the certificate has already been requested. - -Be aware of SELinux too. You can't just put NSS databases in any directory -you want. The certmonger status will probably be in NEED_KEY_PAIR in the -case of a AVC. - -certmonger uses the host principal on the machine to communicate with IPA. -By default, host principals do not have permission to add new services. -This means you'll probably need to pre-create the services, otherwise -you'll get a status like this: - -Request ID '20130823131914': - status: CA_REJECTED - ca-error: Server denied our request, giving up: 2100 (RPC failed at server. Insufficient access: You need to be a member of the serviceadmin role to add services). - -When generating an OpenSSL certificate we need to let certmonger create the -key and cert files. If puppet does it first then certmonger will think that -the user provided a key to use (a blank file) and things fail. The current -workaround is to call getcert -f /path/to/cert to make sure the key exists. - -TESTING - -Between OpenSSL invocations you'll want to clean up. This is what I do: - -getcert stop-tracking -i `getcert list -f /tmp/test.crt |grep ID |cut -d\' -f2` -rm -f /tmp/test.key /tmp/test.crt diff --git a/certmonger/manifests/request_ipa_cert.pp b/certmonger/manifests/request_ipa_cert.pp deleted file mode 100644 index c3f63b716..000000000 --- a/certmonger/manifests/request_ipa_cert.pp +++ /dev/null @@ -1,121 +0,0 @@ -# Request a new certificate from IPA using certmonger -# -# Parameters: -# $dbname - required for nss, unused for openssl. The directory -# to store the db -# $seclib, - required - select nss or openssl -# $principal - required - the IPA principal to associate the -# certificate with -# $nickname - required for nss, unused for openssl. The NSS -# certificate nickname -# $cert - required for openssl, unused for nss. The full file -# path to store the certificate in. -# $key - required for openssl, unused for nss. The full file -# path to store the key in -# $basedir - The base directory for $dbname, defaults -# to '/etc/pki'. Not used with openssl. -# $owner_id - owner of OpenSSL cert and key files -# $group_id - group of OpenSSL cert and key files -# $hostname - hostname in the subject of the certificate. -# defaults to current fqdn. -# -# Actions: -# Submits a certificate request to an IPA server for a new certificate. -# -# Requires: -# The NSS db must already exist. It can be created using the nssdb -# module. -# -# Sample Usage: -# -# NSS: -# certmonger::request_ipa_cert {'test': -# seclib => "nss", -# nickname => "broker", -# principal => "qpid/${fqdn}"} -# -# OpenSSL: -# certmonger::request_ipa_cert {'test': -# seclib => "openssl", -# principal => "qpid/${fqdn}", -# key => "/etc/pki/test2/test2.key", -# cert => "/etc/pki/test2/test2.crt", -# owner_id => 'qpidd', -# group_id => 'qpidd'} - -define certmonger::request_ipa_cert ( - $dbname = $title, - $seclib, - $principal, - $nickname = undef, - $cert = undef, - $key = undef, - $basedir = '/etc/pki', - $owner_id = undef, - $group_id = undef, - $hostname = undef -) { - include certmonger::server - - $principal_no_slash = regsubst($principal, '\/', '_') - - # Only execute certmonger if IPA client is configured - $onlyif = "/usr/bin/test -s /etc/ipa/default.conf" - - if $hostname == undef { - $subject = '' - } else { - $subject = "-N cn=${hostname}" - } - - if $seclib == 'nss' { - $options = "-d ${basedir}/${dbname} -n ${nickname} -p ${basedir}/${dbname}/password.conf" - $unless = "/usr/bin/getcert list -d ${basedir}/${dbname} -n ${nickname}" - - exec {"get_cert_nss_${title}": - command => "/usr/bin/ipa-getcert request ${options} -K ${principal} ${subject}", - onlyif => "${onlyif}", - unless => "${unless}", - require => [ - Service['certmonger'], - File["${basedir}/${dbname}/password.conf"], - ], - } - } - elsif $seclib == 'openssl' { - - $options = "-k ${key} -f ${cert}" - $unless = "/usr/bin/getcert list -f ${cert}" - - exec {"get_cert_openssl_${title}": - command => "/usr/bin/ipa-getcert request ${options} -K ${principal} ${subject}", - onlyif => "${onlyif}", - unless => "${unless}", - require => [ - Service['certmonger'], - ], - notify => Exec["wait_for_certmonger_${title}"], - } - - # We need certmonger to finish creating the key before we - # can proceed. Use onlyif as a way to execute multiple - # commands without restorting to shipping a shell script. - # This will call getcert to check the status of our cert - # 5 times. This doesn't short circuit though, so all 5 will - # always run, causing a 5-second delay. - exec {"wait_for_certmonger_${title}": - command => "true", - onlyif => [ - "sleep 1 && getcert list -f ${cert}", - "sleep 1 && getcert list -f ${cert}", - "sleep 1 && getcert list -f ${cert}", - "sleep 1 && getcert list -f ${cert}", - "sleep 1 && getcert list -f ${cert}", - ], - path => "/usr/bin:/bin", - refreshonly => true, - } - } else { - fail("Unrecognized security library: ${seclib}") - } -} diff --git a/certmonger/manifests/server.pp b/certmonger/manifests/server.pp deleted file mode 100644 index 0755f1b5e..000000000 --- a/certmonger/manifests/server.pp +++ /dev/null @@ -1,11 +0,0 @@ -class certmonger::server { - - package { 'certmonger': ensure => present } - - service { 'certmonger': - name => 'certmonger', - ensure => running, - enable => true, - require => Package['certmonger'], - } -} diff --git a/certmonger/tests/nss_ipa.pp b/certmonger/tests/nss_ipa.pp deleted file mode 100644 index 1b8de5f93..000000000 --- a/certmonger/tests/nss_ipa.pp +++ /dev/null @@ -1,6 +0,0 @@ -certmonger::request_ipa_cert {'test': - seclib => "nss", - nickname => "Server-Cert", - principal => "nss_test/${fqdn}", - basedir => '/tmp/nssdb', -} diff --git a/certmonger/tests/openssl_ipa.pp b/certmonger/tests/openssl_ipa.pp deleted file mode 100644 index 80e843d21..000000000 --- a/certmonger/tests/openssl_ipa.pp +++ /dev/null @@ -1,8 +0,0 @@ -certmonger::request_ipa_cert {'test': - seclib => "openssl", - principal => "openssl_test/${fqdn}", - key => "/tmp/test.key", - cert => "/tmp/test.crt", - owner_id => 'rcrit', - group_id => 'rcrit' -} diff --git a/cinder/.gitignore b/cinder/.gitignore deleted file mode 100644 index 61092bdaf..000000000 --- a/cinder/.gitignore +++ /dev/null @@ -1,15 +0,0 @@ -pkg/ -Gemfile.lock -vendor/ -spec/fixtures/ -.vagrant/ -.bundle/ -coverage/ -.idea/ -*.swp -*.iml -openstack/ - -# Files created by releasenotes build -releasenotes/build -.tox diff --git a/cinder/.gitreview b/cinder/.gitreview deleted file mode 100644 index 238ead17c..000000000 --- a/cinder/.gitreview +++ /dev/null @@ -1,5 +0,0 @@ -[gerrit] -host=review.openstack.org -port=29418 -project=openstack/puppet-cinder.git -defaultbranch=stable/mitaka diff --git a/cinder/CHANGELOG.md b/cinder/CHANGELOG.md deleted file mode 100644 index e3c4ebfe1..000000000 --- a/cinder/CHANGELOG.md +++ /dev/null @@ -1,315 +0,0 @@ -## 8.0.0 and beyond - -From 8.0.0 release and beyond, release notes are published on -[docs.openstack.org](http://docs.openstack.org/releasenotes/puppet-cinder/). - -##2015-11-25 - 7.0.0 -###Summary - -This is a backwards-incompatible major release for OpenStack Liberty. - -####Backwards-incompatible changes -- rabbitmq: do not manage rabbitmq service anymore -- remove deprecated mysql_module -- change section name for AMQP qpid parameters -- change section name for AMQP rabbit parameters - -####Features -- make it possible to have multiple type_sets with the same value -- keystone/auth: make service description configurable -- add support for RabbitMQ connection heartbeat -- add tag to package and service resources -- sync cinder::db::sync with new standard -- set parameter host in vmdk backend -- add lock_path to cinder config -- add 'host' parameter to cinder.conf -- add an ability to manage use_stderr parameter -- reflect provider change in puppet-openstacklib -- introduce cinder::db class -- add support for Pure Volume Drivers -- implement class and defined type for cinder GPFS driver -- allow RBD host to be configurable -- add posibility to specify privileged user for Cinder -- switch cinder to use os_service_default -- simplify rpc_backend parameter -- put all the logging related parameters to the logging class -- specify a dedicated keystone user for cinderv2 -- db: Use postgresql lib class for psycopg package -- add kombu_reconnect_delay parameter to cinder -- allow customization of db sync command line -- add possibility to use list of qpid hosts in cinder - -####Bugfixes -- rely on autorequire for config resource ordering -- dont run losetup if it's been done already -- don't run vgcreate if vg exists -- make sure cinder user is created before creating Cinder::Type -- type: Add retry to Exec resource - -####Maintenance -- fix rspec 3.x syntax -- initial msync run for all Puppet OpenStack modules -- acceptance: enable debug & verbosity for OpenStack logs -- try to use zuul-cloner to prepare fixtures -- remove class_parameter_defaults puppet-lint check -- add test coverage for cinder::db::mysql -- acceptance: use common bits from puppet-openstack-integration - -##2015-10-10 - 6.1.0 -###Summary - -This is a feature and bugfix release in the Kilo series. - -####Features -- Add ability to search nova in the service catalog -- DB purge cron job - -####Bugfixes -- Update default notification_driver for ceilometer - -####Maintenance -- acceptance: checkout stable/kilo puppet modules - - -##2015-07-08 - 6.0.0 -###Summary - -This is a backwards-incompatible major release for OpenStack Kilo. - -####Backwards-incompatible changes -- Iscsi: Change default $volume_driver -- Switch to TLSv1 as SSLv3 is considered insecure and is disabled by default -- Remove POSIX users, groups, and file modes -- Move rabbit/kombu settings to oslo_messaging_rabbit section -- Also removed deprecated parameters - -####Features -- Puppet 4.x support -- Refactorise Keystone resources management -- Add an option to not configure RabbitMQ service -- Run db_sync when upgrading packages -- Makes kombu_ssl_* parameters optional when rabbit_use_ssl => true -- Adds ability to override service name for service catalog -- Support the enable_v*_api settings -- Support iSER driver within the ISCSITarget flow -- ISCSI: Allow one to specify volumes_dir path -- Backends: Add an extra_options door -- Support identity_uri and auth_uri properly -- Make scheduler_driver option can be cleaned up -- Tag all Cinder packages -- Adds OracleLinux support -- Create a sync_db boolean for Cinder -- Update NetApp params for Kilo -- Add nfs_mount_options variable when backend is NetApp -- Add support for NFS Backup -- Decouple $sync_db from $enabled -- Add backup compression parameter -- Introduce public_url, internal_url and admin_url -- Added support for DellStorageCenter ISCSI cinder driver -- Add cinder::scheduler::filter for managing scheduler.filter -- NetApp: use $name for configuration group name (allows to run multiple NetApp - backends) -- Lint documentation parameters -- HP 3par iscsi backend module -- MySQL: change default MySQL collate to utf8_general_ci - -####Bugfixes -- Fix db_sync dependencies - -####Maintenance -- Acceptance tests with Beaker -- Fix spec tests for RSpec 3.x and Puppet 4.x - -##2015-06-17 - 5.1.0 -###Summary - -This is a feature and bugfix release in the Juno series. - -####Features -- Service Validation for Cinder-API -- Automate generation of NFS config file -- Make kombu_ssl_* parameters optional when rabbit_use_ssl => true -- Switch to TLSv1 -- Add nfs_mount_options variable when backend is NetApp -- Add configuration helpers for Quobyte -- Implement HP 3par iscsi backend module - -####Bugfixes -- Switch to using the new SolidFire driver name -- Create type-key only if it doesn't exist -- use lioadm on Fedora -- Change default MySQL collate to utf8_general_ci - -####Maintenance -- spec: pin rspec-puppet to 1.0.1 -- Pin puppetlabs-concat to 1.2.1 in fixtures -- Update .gitreview file for project rename - -##2014-11-20 - 5.0.0 -###Summary - -This is a backwards-incompatible major release for OpenStack Juno. - -####Backwards-incompatible changes -- Change the default value of the san_thin_provision parameter for eqlx -- Migrate the mysql backend to use openstacklib::db::mysql, adding dependency - on puppet-openstacklib - -####Features -- Add class to manage policy.json -- Add database tuning parameters -- Made keystone user creation optional when creating a service -- Add ability to hide secrets from logs -- Add parameters for netapp and and cinder-api workers -- Add support for the EMC VNX direct driver -- Add support for availability zones - -####Bugfixes -- Correct the package name for cinder backup - -##2014-10-16 - 4.2.0 -###Summary - -This is a feature and bugfix release in the Icehouse series. - -####Features -- Add parameters to set cinder volume driver -- Add class for extended logging options -- Add option to specify endpoint protocol -- Add option to specify cinder volume path -- Add option to configure os_region_name in the cinder config - -####Bugfixes -- Fix cinder type path issues -- Fix targetcli package dependency on target service -- Fix os version fact comparison for RedHat-based operating systems for - specifying service provider - -##2014-06-19 - 4.1.0 -###Summary - -This is a feature and bugfix release in the Icehouse series. - -####Features -- Add Cinder v2 endpoint support -- Add SSL support for Cinder API -- Add RabbitMQ SSL support - -####Bugfixes -- Move default_volume_type to cinder::api -- Remove warnings for existing Cinder volumes - -####Maintenance -- Pin major gems - -##2014-01-29 - 4.0.0 -###Summary - -This is a backwards-incompatible major release for OpenStack Icehouse. - -####Backwards-incompatible changes -- Remove control exchange flag -- Remove deprecated cinder::base class -- Update NetApp unified driver config options - -####Features -- Update support for latest RabbitMQ module -- Add Glance support -- Add GlusterFS driver support -- Add region support -- Add support for MySQL module (>= 2.2) -- Add support for Swift and Ceph backup backend -- Add cinder::config to handle additional custom options -- Refactor duplicate code for single and multiple backends - -####Bugfixes - -None - -##2014-04-15 - 3.1.1 -###Summary - -This is a bugfix release in the Havana series. - -####Bugfixes -- Fix resource duplication bug - -##2014-03-26 - 3.1.0 -###Summary - -This is a feature and bugfix release in the Havana series. - -####Features -- Add default_volume_type as a Cinder API parameter -- Add parameter for endpoint protocols -- Deprecate glance_api_version -- Add support for VMDK -- Add support for Cinder multi backend -- Add support for https authentication endpoints - -####Bugfixes -- Replace pip with native package manager (VMDK) - -##2014-01-13 - 3.0.0 -###Summary - -This is a major release for OpenStack Havana but contains no API-breaking -changes. - -####Features -- Add support for SolidFire -- Add support for ceilometer - -####Bugfixes -- Fix bug for cinder-volume requirement - -##2013-10-07 - 2.2.0 -###Summary - -This is a feature and bugfix release in the Grizzly series. - -####Features -- Add support for rate limiting via api-paste.ini -- Add support to configure control_exchange -- Add parameter check to enable or disable db_sync -- Add syslog support -- Add default auth_uri setting for auth token -- Set package defaults to present - -####Bugfixes -- Fix a bug to create empty init script when necessary - -####Maintenance -- Various lint fixes - -##2013-08-07 - 2.1.0 -###Summary - -This is a feature and bugfix release in the Grizzly series. - -####Features -- Add configuration of Cinder quotas -- Add support for NetApp direct driver backend -- Add support for ceph backend -- Add support for SQL idle timeout -- Add support for RabbitMQ clustering with single IP - -####Bugfixes -- Fix allowed_hosts/database connection bug -- Fix lvm2 setup failure for Ubuntu -- Remove unnecessary mysql::server dependency - -####Maintenance -- Pinned RabbitMQ and database module versions -- Various lint and bug fixes - -##2013-06-24 - 2.0.0 -###Summary - -Initial release on Stackforge. - -####Features -- Nexenta, NFS, and SAN support added as cinder volume drivers -- Postgres support added -- The Apache Qpid and the RabbitMQ message brokers available as RPC backends -- Configurability of scheduler_driver diff --git a/cinder/Gemfile b/cinder/Gemfile deleted file mode 100644 index 5728ff7e7..000000000 --- a/cinder/Gemfile +++ /dev/null @@ -1,22 +0,0 @@ -source ENV['GEM_SOURCE'] || "https://rubygems.org" - -group :development, :test, :system_tests do - gem 'puppet-openstack_spec_helper', - :git => 'https://git.openstack.org/openstack/puppet-openstack_spec_helper', - :branch => 'stable/mitaka', - :require => false -end - -if facterversion = ENV['FACTER_GEM_VERSION'] - gem 'facter', facterversion, :require => false -else - gem 'facter', :require => false -end - -if puppetversion = ENV['PUPPET_GEM_VERSION'] - gem 'puppet', puppetversion, :require => false -else - gem 'puppet', :require => false -end - -# vim:ft=ruby diff --git a/cinder/LICENSE b/cinder/LICENSE deleted file mode 100644 index 88a11a0e7..000000000 --- a/cinder/LICENSE +++ /dev/null @@ -1,13 +0,0 @@ -Copyright 2012 OpenStack Foundation - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. diff --git a/cinder/README.md b/cinder/README.md deleted file mode 100644 index e578c64a9..000000000 --- a/cinder/README.md +++ /dev/null @@ -1,229 +0,0 @@ -cinder -======= - -#### Table of Contents - -1. [Overview - What is the cinder module?](#overview) -2. [Module Description - What does the module do?](#module-description) -3. [Setup - The basics of getting started with cinder](#setup) -4. [Implementation - An under-the-hood peek at what the module is doing](#implementation) -5. [Limitations - OS compatibility, etc.](#limitations) -6. [Development - Guide for contributing to the module](#development) -7. [Contributors - Those with commits](#contributors) - -Overview --------- - -The cinder module is a part of [OpenStack](https://www.openstack.org), -an effort by the OpenStack infrastructure team to provide continuous -integration testing and code review for OpenStack and OpenStack community -projects as part of the core software. The module its self is used to flexibly -configure and manage the block storage service for OpenStack. - -Module Description ------------------- - -The cinder module is a thorough attempt to make Puppet capable of managing -the entirety of cinder. This includes manifests to provision such things as -keystone endpoints, RPC configurations specific to cinder, and database -connections. Types are shipped as part of the cinder module to assist in -manipulation of configuration files. - -This module is tested in combination with other modules needed to build -and leverage an entire OpenStack software stack. - -Setup ------ - -**What the cinder module affects** - -* [Cinder](https://wiki.openstack.org/wiki/Cinder), the block storage service - for OpenStack. - -### Installing cinder - - puppet module install openstack/cinder - -### Beginning with cinder - -To utilize the cinder module's functionality you will need to declare -multiple resources. This is not an exhaustive list of all the components -needed, we recommend you consult and understand the -[core OpenStack](http://docs.openstack.org) documentation. - -**Define a cinder control node** - -```puppet -class { 'cinder': - database_connection => 'mysql://cinder:secret_block_password@openstack-controller.example.com/cinder', - rabbit_password => 'secret_rpc_password_for_blocks', - rabbit_host => 'openstack-controller.example.com', - verbose => true, -} - -class { 'cinder::api': - keystone_password => $keystone_password, - keystone_enabled => $keystone_enabled, - keystone_user => $keystone_user, - keystone_auth_host => $keystone_auth_host, - keystone_auth_port => $keystone_auth_port, - keystone_auth_protocol => $keystone_auth_protocol, - service_port => $keystone_service_port, - package_ensure => $cinder_api_package_ensure, - bind_host => $cinder_bind_host, - enabled => $cinder_api_enabled, -} - -class { 'cinder::scheduler': } -``` - -**Define a cinder storage node** - -```puppet -class { 'cinder': - database_connection => 'mysql://cinder:secret_block_password@openstack-controller.example.com/cinder', - rabbit_password => 'secret_rpc_password_for_blocks', - rabbit_host => 'openstack-controller.example.com', - verbose => true, -} - -class { 'cinder::volume': } - -class { 'cinder::volume::iscsi': - iscsi_ip_address => '10.0.0.2', -} -``` - -**Define a cinder storage node with multiple backends ** - -```puppet -class { 'cinder': - database_connection => 'mysql://cinder:secret_block_password@openstack-controller.example.com/cinder', - rabbit_password => 'secret_rpc_password_for_blocks', - rabbit_host => 'openstack-controller.example.com', - verbose => true, -} - -class { 'cinder::volume': } - -cinder::backend::iscsi {'iscsi1': - iscsi_ip_address => '10.0.0.2', -} - -cinder::backend::iscsi {'iscsi2': - iscsi_ip_address => '10.0.0.3', -} - -cinder::backend::iscsi {'iscsi3': - iscsi_ip_address => '10.0.0.4', - volume_backend_name => 'iscsi', -} - -cinder::backend::iscsi {'iscsi4': - iscsi_ip_address => '10.0.0.5', - volume_backend_name => 'iscsi', -} - -cinder::backend::rbd {'rbd-images': - rbd_pool => 'images', - rbd_user => 'images', -} - -cinder_type {'iscsi': - ensure => present, - properties => ['volume_backend_name=iscsi,iscsi1,iscsi2'], -} - -cinder_type {'rbd-images': - ensure => present, - properties => ['volume_backend_name=rbd-images'], -} - -class { 'cinder::backends': - enabled_backends => ['iscsi1', 'iscsi2', 'rbd-images'] -} -``` - -Note: that the name passed to any backend resource must be unique accross all - backends otherwise a duplicate resource will be defined. - -** Using cinder_type ** - -Cinder allows for the usage of type to set extended information that can be -used for various reasons. We have resource provider for ``cinder_type`` -and if you want create some cinder type, you should set ensure to absent. -Properties field is optional and should be an array. All items of array -should match pattern key=value1[,value2 ...]. In case when you want to -delete some type - set ensure to absent. - - -Implementation --------------- - -### cinder - -cinder is a combination of Puppet manifest and ruby code to delivery -configuration and extra functionality through types and providers. - -### Types - -#### cinder_config - -The `cinder_config` provider is a children of the ini_setting provider. -It allows one to write an entry in the `/etc/cinder/cinder.conf` file. - -```puppet -cinder_config { 'DEFAULT/verbose' : - value => true, -} -``` - -This will write `verbose=true` in the `[DEFAULT]` section. - -##### name - -Section/setting name to manage from `cinder.conf` - -##### value - -The value of the setting to be defined. - -##### secret - -Whether to hide the value from Puppet logs. Defaults to `false`. - -##### ensure_absent_val - -If value is equal to ensure_absent_val then the resource will behave as if -`ensure => absent` was specified. Defaults to `` - -Limitations ------------- - -* Setup of storage nodes is limited to Linux and LVM, i.e. Puppet won't - configure a Nexenta appliance but nova can be configured to use the Nexenta - driver with Class['cinder::volume::nexenta']. - -Beaker-Rspec ------------- - -This module has beaker-rspec tests - -To run: - -``shell -bundle install -bundle exec rspec spec/acceptance -`` - -Development ------------ - -Developer documentation for the entire puppet-openstack project. - -* https://wiki.openstack.org/wiki/Puppet-openstack#Developer_documentation - -Contributors ------------- - -* https://github.com/openstack/puppet-cinder/graphs/contributors diff --git a/cinder/Rakefile b/cinder/Rakefile deleted file mode 100644 index 168d10814..000000000 --- a/cinder/Rakefile +++ /dev/null @@ -1 +0,0 @@ -require 'puppet-openstack_spec_helper/rake_tasks' diff --git a/cinder/examples/cinder_volume_with_pacemaker.pp b/cinder/examples/cinder_volume_with_pacemaker.pp deleted file mode 100644 index 8f36986e1..000000000 --- a/cinder/examples/cinder_volume_with_pacemaker.pp +++ /dev/null @@ -1,39 +0,0 @@ -# Example: managing cinder controller services with pacemaker -# -# By setting enabled to false, these services will not be started at boot. By setting -# manage_service to false, puppet will not kill these services on every run. This -# allows the Pacemaker resource manager to dynamically determine on which node each -# service should run. -# -# The puppet commands below would ideally be applied to at least three nodes. -# -# Note that cinder-api is associated with the virtual IP address as -# it is called from external services. The remaining services connect to the -# database and/or message broker independently. -# -# Example pacemaker resource configuration commands (configured once per cluster): -# -# sudo pcs resource create cinder_vip ocf:heartbeat:IPaddr2 params ip=192.0.2.3 \ -# cidr_netmask=24 op monitor interval=10s -# -# sudo pcs resource create cinder_api_service lsb:openstack-cinder-api -# sudo pcs resource create cinder_scheduler_service lsb:openstack-cinder-scheduler -# -# sudo pcs constraint colocation add cinder_api_service with cinder_vip - -class { '::cinder': - database_connection => 'mysql://cinder:secret_block_password@openstack-controller.example.com/cinder', -} - -class { '::cinder::api': - keystone_password => 'CINDER_PW', - keystone_user => 'cinder', - enabled => false, - manage_service => false, -} - -class { '::cinder::scheduler': - enabled => false, - manage_service => false, -} - diff --git a/cinder/lib/puppet/provider/cinder.rb b/cinder/lib/puppet/provider/cinder.rb deleted file mode 100644 index ffb98f021..000000000 --- a/cinder/lib/puppet/provider/cinder.rb +++ /dev/null @@ -1,90 +0,0 @@ -require 'puppet/util/inifile' -require 'puppet/provider/openstack' -require 'puppet/provider/openstack/auth' -require 'puppet/provider/openstack/credentials' - -class Puppet::Provider::Cinder < Puppet::Provider::Openstack - - extend Puppet::Provider::Openstack::Auth - - def self.conf_filename - '/etc/cinder/cinder.conf' - end - - def self.cinder_conf - return @cinder_conf if @cinder_conf - @cinder_conf = Puppet::Util::IniConfig::File.new - @cinder_conf.read(conf_filename) - @cinder_conf - end - - def self.request(service, action, properties=nil) - begin - super - rescue Puppet::Error::OpenstackAuthInputError, Puppet::Error::OpenstackUnauthorizedError => error - cinder_request(service, action, error, properties) - end - end - - def self.cinder_request(service, action, error, properties=nil) - properties ||= [] - @credentials.username = cinder_credentials['admin_user'] - @credentials.password = cinder_credentials['admin_password'] - @credentials.project_name = cinder_credentials['admin_tenant_name'] - @credentials.auth_url = auth_endpoint - if @credentials.version == '3' - @credentials.user_domain_name = cinder_credentials['user_domain_name'] - @credentials.project_domain_name = cinder_credentials['project_domain_name'] - end - raise error unless @credentials.set? - Puppet::Provider::Openstack.request(service, action, properties, @credentials) - end - - def self.cinder_credentials - @cinder_credentials ||= get_cinder_credentials - end - - def cinder_credentials - self.class.cinder_credentials - end - - def self.get_cinder_credentials - auth_keys = ['auth_uri', 'admin_tenant_name', 'admin_user', - 'admin_password'] - conf = cinder_conf - if conf and conf['keystone_authtoken'] and - auth_keys.all?{|k| !conf['keystone_authtoken'][k].nil?} - creds = Hash[ auth_keys.map \ - { |k| [k, conf['keystone_authtoken'][k].strip] } ] - if conf['project_domain_name'] - creds['project_domain_name'] = conf['project_domain_name'] - else - creds['project_domain_name'] = 'Default' - end - if conf['user_domain_name'] - creds['user_domain_name'] = conf['user_domain_name'] - else - creds['user_domain_name'] = 'Default' - end - return creds - else - raise(Puppet::Error, "File: #{conf_filename} does not contain all " + - "required sections. Cinder types will not work if cinder is not " + - "correctly configured.") - end - end - - def self.get_auth_endpoint - q = cinder_credentials - "#{q['auth_uri']}" - end - - def self.auth_endpoint - @auth_endpoint ||= get_auth_endpoint - end - - def self.reset - @cinder_conf = nil - @cinder_credentials = nil - end -end diff --git a/cinder/lib/puppet/provider/cinder_api_paste_ini/ini_setting.rb b/cinder/lib/puppet/provider/cinder_api_paste_ini/ini_setting.rb deleted file mode 100644 index 26c3b528d..000000000 --- a/cinder/lib/puppet/provider/cinder_api_paste_ini/ini_setting.rb +++ /dev/null @@ -1,27 +0,0 @@ -Puppet::Type.type(:cinder_api_paste_ini).provide( - :ini_setting, - :parent => Puppet::Type.type(:ini_setting).provider(:ruby) -) do - - def section - resource[:name].split('/', 2).first - end - - def setting - resource[:name].split('/', 2).last - end - - def separator - '=' - end - - def self.file_path - '/etc/cinder/api-paste.ini' - end - - # added for backwards compatibility with older versions of inifile - def file_path - self.class.file_path - end - -end diff --git a/cinder/lib/puppet/provider/cinder_config/ini_setting.rb b/cinder/lib/puppet/provider/cinder_config/ini_setting.rb deleted file mode 100644 index 749fb16ed..000000000 --- a/cinder/lib/puppet/provider/cinder_config/ini_setting.rb +++ /dev/null @@ -1,10 +0,0 @@ -Puppet::Type.type(:cinder_config).provide( - :ini_setting, - :parent => Puppet::Type.type(:openstack_config).provider(:ini_setting) -) do - - def self.file_path - '/etc/cinder/cinder.conf' - end - -end diff --git a/cinder/lib/puppet/provider/cinder_type/openstack.rb b/cinder/lib/puppet/provider/cinder_type/openstack.rb deleted file mode 100644 index 9aa31c5bf..000000000 --- a/cinder/lib/puppet/provider/cinder_type/openstack.rb +++ /dev/null @@ -1,70 +0,0 @@ -require File.join(File.dirname(__FILE__), '..','..','..', 'puppet/provider/cinder') - -Puppet::Type.type(:cinder_type).provide( - :openstack, - :parent => Puppet::Provider::Cinder -) do - - desc 'Provider for cinder types.' - - @credentials = Puppet::Provider::Openstack::CredentialsV3.new - - mk_resource_methods - - def create - properties = [] - resource[:properties].each do |item| - properties << '--property' << item - end - properties << name - self.class.request('volume type', 'create', properties) - @property_hash[:ensure] = :present - @property_hash[:properties] = resource[:properties] - @property_hash[:name] = name - end - - def destroy - self.class.request('volume type', 'delete', name) - @property_hash.clear - end - - def exists? - @property_hash[:ensure] == :present - end - - def properties=(value) - properties = [] - (value - @property_hash[:properties]).each do |item| - properties << '--property' << item - end - unless properties.empty? - self.class.request('volume type', 'set', [properties, name]) - @property_hash[:properties] = value - end - end - - def self.instances - list = request('volume type', 'list', '--long') - list.collect do |type| - new({ - :name => type[:name], - :ensure => :present, - :id => type[:id], - :properties => string2array(type[:properties]) - }) - end - end - - def self.prefetch(resources) - types = instances - resources.keys.each do |name| - if provider = types.find{ |type| type.name == name } - resources[name].provider = provider - end - end - end - - def self.string2array(input) - return input.delete("'").split(/,\s/) - end -end diff --git a/cinder/lib/puppet/type/cinder_api_paste_ini.rb b/cinder/lib/puppet/type/cinder_api_paste_ini.rb deleted file mode 100644 index ca2e04570..000000000 --- a/cinder/lib/puppet/type/cinder_api_paste_ini.rb +++ /dev/null @@ -1,52 +0,0 @@ -Puppet::Type.newtype(:cinder_api_paste_ini) do - - ensurable - - newparam(:name, :namevar => true) do - desc 'Section/setting name to manage from /etc/cinder/api-paste.ini' - newvalues(/\S+\/\S+/) - end - - newproperty(:value) do - desc 'The value of the setting to be defined.' - munge do |value| - value = value.to_s.strip - value.capitalize! if value =~ /^(true|false)$/i - value - end - - def is_to_s( currentvalue ) - if resource.secret? - return '[old secret redacted]' - else - return currentvalue - end - end - - def should_to_s( newvalue ) - if resource.secret? - return '[new secret redacted]' - else - return newvalue - end - end - end - - newparam(:secret, :boolean => true) do - desc 'Whether to hide the value from Puppet logs. Defaults to `false`.' - - newvalues(:true, :false) - - defaultto false - end - - newparam(:ensure_absent_val) do - desc 'A value that is specified as the value property will behave as if ensure => absent was specified' - defaultto('') - end - - autorequire(:package) do - 'cinder' - end - -end diff --git a/cinder/lib/puppet/type/cinder_config.rb b/cinder/lib/puppet/type/cinder_config.rb deleted file mode 100644 index 3eb3a1f93..000000000 --- a/cinder/lib/puppet/type/cinder_config.rb +++ /dev/null @@ -1,53 +0,0 @@ -Puppet::Type.newtype(:cinder_config) do - - ensurable - - newparam(:name, :namevar => true) do - desc 'Section/setting name to manage from cinder.conf' - newvalues(/\S+\/\S+/) - end - - newproperty(:value) do - desc 'The value of the setting to be defined.' - munge do |value| - value = value.to_s.strip - value.capitalize! if value =~ /^(true|false)$/i - value - end - newvalues(/^[\S ]*$/) - - def is_to_s( currentvalue ) - if resource.secret? - return '[old secret redacted]' - else - return currentvalue - end - end - - def should_to_s( newvalue ) - if resource.secret? - return '[new secret redacted]' - else - return newvalue - end - end - end - - newparam(:secret, :boolean => true) do - desc 'Whether to hide the value from Puppet logs. Defaults to `false`.' - - newvalues(:true, :false) - - defaultto false - end - - newparam(:ensure_absent_val) do - desc 'A value that is specified as the value property will behave as if ensure => absent was specified' - defaultto('') - end - - autorequire(:package) do - 'cinder' - end - -end diff --git a/cinder/lib/puppet/type/cinder_type.rb b/cinder/lib/puppet/type/cinder_type.rb deleted file mode 100644 index 8976f9eef..000000000 --- a/cinder/lib/puppet/type/cinder_type.rb +++ /dev/null @@ -1,26 +0,0 @@ -Puppet::Type.newtype(:cinder_type) do - - desc 'Type for managing cinder types.' - - ensurable - - newparam(:name, :namevar => true) do - newvalues(/\S+/) - end - - newproperty(:properties, :array_matching => :all) do - desc 'The properties of the cinder type. Should be an array, all items should match pattern ' - def insync?(is) - return false unless is.is_a? Array - is.sort == should.sort - end - validate do |value| - raise ArgumentError, "Properties doesn't match" unless value.match(/^\s*[^=\s]+=[^=\s]+$/) - end - end - - autorequire(:service) do - 'cinder-api' - end - -end diff --git a/cinder/manifests/api.pp b/cinder/manifests/api.pp deleted file mode 100644 index 776d8015c..000000000 --- a/cinder/manifests/api.pp +++ /dev/null @@ -1,285 +0,0 @@ -# == Class: cinder::api -# -# Setup and configure the cinder API endpoint -# -# === Parameters -# -# [*keystone_password*] -# The password to use for authentication (keystone) -# -# [*keystone_enabled*] -# (optional) Use keystone for authentification -# Defaults to true -# -# [*keystone_tenant*] -# (optional) The tenant of the auth user -# Defaults to services -# -# [*keystone_user*] -# (optional) The name of the auth user -# Defaults to cinder -# -# [*privileged_user*] -# (optional) Enables OpenStack privileged account. -# Defaults to false. -# -# [*os_privileged_user_name*] -# (optional) OpenStack privileged account username. Used for requests to -# other services (such as Nova) that require an account with -# special rights. -# Defaults to $::os_service_default. -# -# [*os_privileged_user_password*] -# (optional) Password associated with the OpenStack privileged account. -# Defaults to $::os_service_default. -# -# [*os_privileged_user_tenant*] -# (optional) Tenant name associated with the OpenStack privileged account. -# Defaults to $::os_service_default. -# -# [*os_privileged_user_auth_url*] -# (optional) Auth URL associated with the OpenStack privileged account. -# Defaults to $::os_service_default. -# -# [*keymgr_encryption_auth_url*] -# (optional) Auth URL for keymgr authentication. Should be in format -# http://auth_url:5000/v3 -# Defaults to $::os_service_default. -# -# [*os_region_name*] -# (optional) Some operations require cinder to make API requests -# to Nova. This sets the keystone region to be used for these -# requests. For example, boot-from-volume. -# Defaults to $::os_service_default -# -# [*nova_catalog_info*] -# (optional) Match this value when searching for nova in the service -# catalog. -# Defaults to 'compute:Compute Service:publicURL' -# -# [*nova_catalog_admin_info*] -# (optional) Same as nova_catalog_info, but for admin endpoint. -# Defaults to 'compute:Compute Service:adminURL' -# -# [*auth_uri*] -# (optional) Public Identity API endpoint. -# Defaults to 'http://localhost:5000/'. -# -# [*identity_uri*] -# (optional) Complete admin Identity API endpoint. -# Defaults to: 'http://localhost:35357/'. -# -# [*service_workers*] -# (optional) Number of cinder-api workers -# Defaults to $::processorcount -# -# [*package_ensure*] -# (optional) The state of the package -# Defaults to present -# -# [*bind_host*] -# (optional) The cinder api bind address -# Defaults to 0.0.0.0 -# -# [*enabled*] -# (optional) The state of the service -# Defaults to true -# -# [*manage_service*] -# (optional) Whether to start/stop the service -# Defaults to true -# -# [*ratelimits*] -# (optional) The state of the service -# Defaults to $::os_service_default. If undefined the default ratelimiting values are used. -# -# [*ratelimits_factory*] -# (optional) Factory to use for ratelimiting -# Defaults to 'cinder.api.v1.limits:RateLimitingMiddleware.factory' -# -# [*default_volume_type*] -# (optional) default volume type to use. -# This should contain the name of the default volume type to use. -# If not configured, it produces an error when creating a volume -# without specifying a type. -# Defaults to $::os_service_default. -# -# [*validate*] -# (optional) Whether to validate the service is working after any service refreshes -# Defaults to false -# -# [*validation_options*] -# (optional) Service validation options -# Should be a hash of options defined in openstacklib::service_validation -# If empty, defaults values are taken from openstacklib function. -# Default command list volumes. -# Require validate set at True. -# Example: -# glance::api::validation_options: -# glance-api: -# command: check_cinder-api.py -# path: /usr/bin:/bin:/usr/sbin:/sbin -# provider: shell -# tries: 5 -# try_sleep: 10 -# Defaults to {} -# -# [*sync_db*] -# (Optional) Run db sync on the node. -# Defaults to true -# -# [*public_endpoint*] -# (Optional) Public url to use for versions endpoint. -# Defaults to $::os_service_default -# -# [*osapi_volume_base_url*] -# (Optional) Base URL that will be presented to users in links to the OpenStack Volume API. -# Defaults to $::os_service_default -# -# [*osapi_max_limit*] -# (Optional) The maximum number of items that a collection resource -# returns in a single response (integer value) -# Defaults to $::os_service_default -# -class cinder::api ( - $keystone_password, - $keystone_enabled = true, - $keystone_tenant = 'services', - $keystone_user = 'cinder', - $auth_uri = 'http://localhost:5000/', - $identity_uri = 'http://localhost:35357/', - $nova_catalog_info = 'compute:Compute Service:publicURL', - $nova_catalog_admin_info = 'compute:Compute Service:adminURL', - $os_region_name = $::os_service_default, - $privileged_user = false, - $os_privileged_user_name = $::os_service_default, - $os_privileged_user_password = $::os_service_default, - $os_privileged_user_tenant = $::os_service_default, - $os_privileged_user_auth_url = $::os_service_default, - $keymgr_encryption_auth_url = $::os_service_default, - $service_workers = $::processorcount, - $package_ensure = 'present', - $bind_host = '0.0.0.0', - $enabled = true, - $manage_service = true, - $ratelimits = $::os_service_default, - $default_volume_type = $::os_service_default, - $ratelimits_factory = - 'cinder.api.v1.limits:RateLimitingMiddleware.factory', - $validate = false, - $sync_db = true, - $public_endpoint = $::os_service_default, - $osapi_volume_base_url = $::os_service_default, - $osapi_max_limit = $::os_service_default, - # DEPRECATED PARAMETERS - $validation_options = {}, -) { - - include ::cinder::params - include ::cinder::policy - - Cinder_config<||> ~> Service['cinder-api'] - Cinder_api_paste_ini<||> ~> Service['cinder-api'] - Class['cinder::policy'] ~> Service['cinder-api'] - - if $::cinder::params::api_package { - Package['cinder-api'] -> Class['cinder::policy'] - Package['cinder-api'] -> Service['cinder-api'] - Package['cinder-api'] ~> Exec<| title == 'cinder-manage db_sync' |> - package { 'cinder-api': - ensure => $package_ensure, - name => $::cinder::params::api_package, - tag => ['openstack', 'cinder-package'], - } - } - - if $sync_db { - include ::cinder::db::sync - } - - if $enabled { - if $manage_service { - $ensure = 'running' - } - } else { - if $manage_service { - $ensure = 'stopped' - } - } - - service { 'cinder-api': - ensure => $ensure, - name => $::cinder::params::api_service, - enable => $enabled, - hasstatus => true, - require => Package['cinder'], - tag => 'cinder-service', - } - - cinder_config { - 'DEFAULT/osapi_volume_listen': value => $bind_host; - 'DEFAULT/osapi_volume_workers': value => $service_workers; - 'DEFAULT/os_region_name': value => $os_region_name; - 'DEFAULT/default_volume_type': value => $default_volume_type; - 'DEFAULT/public_endpoint': value => $public_endpoint; - 'DEFAULT/osapi_volume_base_URL': value => $osapi_volume_base_url; - 'DEFAULT/osapi_max_limit': value => $osapi_max_limit; - } - - cinder_config { - 'DEFAULT/nova_catalog_info': value => $nova_catalog_info; - 'DEFAULT/nova_catalog_admin_info': value => $nova_catalog_admin_info; - } - - if $privileged_user { - if is_service_default($os_privileged_user_name) { - fail('The os_privileged_user_name parameter is required when privileged_user is set to true') - } - if is_service_default($os_privileged_user_password) { - fail('The os_privileged_user_password parameter is required when privileged_user is set to true') - } - if is_service_default($os_privileged_user_tenant) { - fail('The os_privileged_user_tenant parameter is required when privileged_user is set to true') - } - } - - cinder_config { - 'DEFAULT/os_privileged_user_password': value => $os_privileged_user_password; - 'DEFAULT/os_privileged_user_tenant': value => $os_privileged_user_tenant; - 'DEFAULT/os_privileged_user_name': value => $os_privileged_user_name; - 'DEFAULT/os_privileged_user_auth_url': value => $os_privileged_user_auth_url; - } - - cinder_config { - 'keystone_authtoken/auth_uri' : value => $auth_uri; - 'keystone_authtoken/identity_uri' : value => $identity_uri; - 'keymgr/encryption_auth_url' : value => $keymgr_encryption_auth_url; - } - - if $keystone_enabled { - cinder_config { - 'DEFAULT/auth_strategy': value => 'keystone' ; - 'keystone_authtoken/admin_tenant_name': value => $keystone_tenant; - 'keystone_authtoken/admin_user': value => $keystone_user; - 'keystone_authtoken/admin_password': value => $keystone_password, secret => true; - } - } - - if (!is_service_default($ratelimits)) { - cinder_api_paste_ini { - 'filter:ratelimit/paste.filter_factory': value => $ratelimits_factory; - 'filter:ratelimit/limits': value => $ratelimits; - } - } - - if $validate { - $defaults = { - 'cinder-api' => { - 'command' => "cinder --os-auth-url ${auth_uri} --os-tenant-name ${keystone_tenant} --os-username ${keystone_user} --os-password ${keystone_password} list", - } - } - $validation_options_hash = merge ($defaults, $validation_options) - create_resources('openstacklib::service_validation', $validation_options_hash, {'subscribe' => 'Service[cinder-api]'}) - } - -} diff --git a/cinder/manifests/backend/bdd.pp b/cinder/manifests/backend/bdd.pp deleted file mode 100644 index 883269194..000000000 --- a/cinder/manifests/backend/bdd.pp +++ /dev/null @@ -1,126 +0,0 @@ -# -# Define: cinder::backend::bdd -# -# This class activate Cinder Block Device driver backend -# -# === Parameters: -# -# [*iscsi_ip_address*] -# (Required) The IP address that the iSCSI daemon is listening on -# -# [*available_devices*] -# (Required) List of all available devices. Real hard disks. -# Should be a string. -# -# [*volume_backend_name*] -# (optional) Allows for the volume_backend_name to be separate of $name. -# Defaults to: $name -# -# [*volume_driver*] -# (Optional) Driver to use for volume creation -# Defaults to 'cinder.volume.drivers.block_device.BlockDeviceDriver'. -# -# [*volume_group*] -# (Optional) Name for the VG that will contain exported volumes -# Defaults to $::os_service_default -# -# [*volumes_dir*] -# (Optional) Volume configuration file storage directory -# Defaults to '/var/lib/cinder/volumes'. -# -# [*iscsi_helper*] -# (Optional) iSCSI target user-land tool to use. -# Defaults to tgtadm. -# -# [*iscsi_protocol*] -# (Optional) Protocol to use as iSCSI driver -# Defaults to $::os_service_default. -# -# [*volume_clear*] -# (Optional) Method used to wipe old volumes -# Defaults to $::os_service_default. -# -# [*extra_options*] -# (optional) Hash of extra options to pass to the backend -# Defaults to: {} -# Example : -# { 'bdd_backend/param1' => { 'value' => value1 } } -# -# === Examples -# -# cinder::backend::bdd { 'myBDDbackend': -# iscsi_ip_address => '10.20.0.2', -# available_devices => '/dev/sda,/dev/sdb' -# } -# -# === Authors -# -# Denis Egorenko -# -define cinder::backend::bdd ( - $iscsi_ip_address, - $available_devices, - $volume_backend_name = $name, - $volume_driver = 'cinder.volume.drivers.block_device.BlockDeviceDriver', - $volume_group = $::os_service_default, - $volumes_dir = '/var/lib/cinder/volumes', - $iscsi_helper = 'tgtadm', - $iscsi_protocol = $::os_service_default, - $volume_clear = $::os_service_default, - $extra_options = {}, -) { - - include ::cinder::params - - cinder_config { - "${name}/available_devices": value => $available_devices; - "${name}/volume_backend_name": value => $volume_backend_name; - "${name}/volume_driver": value => $volume_driver; - "${name}/iscsi_ip_address": value => $iscsi_ip_address; - "${name}/iscsi_helper": value => $iscsi_helper; - "${name}/volume_group": value => $volume_group; - "${name}/volumes_dir": value => $volumes_dir; - "${name}/iscsi_protocol": value => $iscsi_protocol; - "${name}/volume_clear": value => $volume_clear; - } - - create_resources('cinder_config', $extra_options) - - case $iscsi_helper { - 'tgtadm': { - ensure_packages('tgt', { - ensure => present, - name => $::cinder::params::tgt_package_name}) - - ensure_resource('service', 'tgtd', { - ensure => running, - name => $::cinder::params::tgt_service_name, - require => Package['tgt']}) - - if($::osfamily == 'RedHat') { - ensure_resource('file_line', 'cinder include', { - path => '/etc/tgt/targets.conf', - line => "include ${volumes_dir}/*", - match => '#?include /', - require => Package['tgt'], - notify => Service['tgtd']}) - } - } - - 'lioadm': { - ensure_packages('targetcli', { - ensure => present, - name => $::cinder::params::lio_package_name}) - - ensure_resource('service', 'target', { - ensure => running, - enable => true, - require => Package['targetcli']}) - } - - default: { - fail("Unsupported iscsi helper: ${iscsi_helper}.") - } - } - -} diff --git a/cinder/manifests/backend/dellsc_iscsi.pp b/cinder/manifests/backend/dellsc_iscsi.pp deleted file mode 100644 index 9c7d3f272..000000000 --- a/cinder/manifests/backend/dellsc_iscsi.pp +++ /dev/null @@ -1,93 +0,0 @@ -# == define: cinder::backend::dellsc_iscsi -# -# Configure the Dell Storage Center ISCSI Driver for cinder. -# -# === Parameters -# -# [*san_ip*] -# (required) IP address of Enterprise Manager. -# -# [*san_login*] -# (required) Enterprise Manager user name. -# -# [*san_password*] -# (required) Enterprise Manager user password. -# -# [*iscsi_ip_address*] -# (required) The Storage Center iSCSI IP address. -# -# [*dell_sc_ssn*] -# (required) The Storage Center serial number to use. -# -# [*volume_backend_name*] -# (optional) The storage backend name. -# Defaults to the name of the backend -# -# [*dell_sc_api_port*] -# (optional) The Enterprise Manager API port. -# Defaults to $::os_service_default -# -# [*dell_sc_server_folder*] -# (optional) Name of the server folder to use on the Storage Center. -# Defaults to 'srv' -# -# [*dell_sc_verify_cert*] -# (optional) Enable HTTPS SC ceritifcate verification -# Defaults to $::os_service_default -# -# [*dell_sc_volume_folder*] -# (optional) Name of the volume folder to use on the Storage Center. -# Defaults to 'vol' -# -# [*iscsi_port*] -# (optional) The ISCSI IP Port of the Storage Center. -# Defaults to $::os_service_default -# -# [*extra_options*] -# (optional) Hash of extra options to pass to the backend stanza. -# Defaults to: {} -# Example: -# { 'dellsc_iscsi_backend/param1' => { 'value' => value1 } } -# -define cinder::backend::dellsc_iscsi ( - $san_ip, - $san_login, - $san_password, - $iscsi_ip_address, - $dell_sc_ssn, - $volume_backend_name = $name, - $dell_sc_api_port = $::os_service_default, - $dell_sc_server_folder = 'srv', - $dell_sc_verify_cert = $::os_service_default, - $dell_sc_volume_folder = 'vol', - $iscsi_port = $::os_service_default, - $extra_options = {}, -) { - - if $dell_sc_server_folder == 'srv' { - warning('The OpenStack default value of dell_sc_server_folder differs from the puppet module default of "srv" and will be changed to the upstream OpenStack default in N-release.') - } - - if $dell_sc_volume_folder == 'vol' { - warning('The OpenStack default value of dell_sc_volume_folder differs from the puppet module default of "vol" and will be changed to the upstream OpenStack default in N-release.') - } - - $driver = 'dell.dell_storagecenter_iscsi.DellStorageCenterISCSIDriver' - cinder_config { - "${name}/volume_backend_name": value => $volume_backend_name; - "${name}/volume_driver": value => "cinder.volume.drivers.${driver}"; - "${name}/san_ip": value => $san_ip; - "${name}/san_login": value => $san_login; - "${name}/san_password": value => $san_password, secret => true; - "${name}/iscsi_ip_address": value => $iscsi_ip_address; - "${name}/dell_sc_ssn": value => $dell_sc_ssn; - "${name}/dell_sc_api_port": value => $dell_sc_api_port; - "${name}/dell_sc_server_folder": value => $dell_sc_server_folder; - "${name}/dell_sc_verify_cert": value => $dell_sc_verify_cert; - "${name}/dell_sc_volume_folder": value => $dell_sc_volume_folder; - "${name}/iscsi_port": value => $iscsi_port; - } - - create_resources('cinder_config', $extra_options) - -} diff --git a/cinder/manifests/backend/emc_vnx.pp b/cinder/manifests/backend/emc_vnx.pp deleted file mode 100644 index 411b2607a..000000000 --- a/cinder/manifests/backend/emc_vnx.pp +++ /dev/null @@ -1,77 +0,0 @@ -# -# == Define: cinder::backend::emc_vnx -# -# Setup Cinder to use the EMC VNX driver. -# Compatible for multiple backends -# -# == Parameters -# -# [*volume_backend_name*] -# (optional) Allows for the volume_backend_name to be separate of $name. -# Defaults to: $name -# -# [*iscsi_ip_address*] -# (Required) The IP address that the iSCSI daemon is listening on -# -# [*san_ip*] -# (required) IP address of SAN controller. -# -# [*san_password*] -# (required) Password of SAN controller. -# -# [*san_login*] -# (optional) Login of SAN controller. -# Defaults to : 'admin' -# -# [*storage_vnx_pool_name*] -# (required) Storage pool name. -# -# [*default_timeout*] -# (optional) Default timeout for CLI operations in minutes. -# Defaults to: '10' -# -# [*max_luns_per_storage_group*] -# (optional) Default max number of LUNs in a storage group. -# Defaults to: '256' -# -# [*package_ensure*] -# (optional) The state of the package -# Defaults to: 'present' -# -# [*extra_options*] -# (optional) Hash of extra options to pass to the backend stanza -# Defaults to: {} -# Example : -# { 'emc_vnx_backend/param1' => { 'value' => value1 } } -# -define cinder::backend::emc_vnx ( - $iscsi_ip_address, - $san_ip, - $san_password, - $storage_vnx_pool_name, - $default_timeout = '10', - $max_luns_per_storage_group = '256', - $package_ensure = 'present', - $san_login = 'admin', - $volume_backend_name = $name, - $extra_options = {}, -) { - - include ::cinder::params - - cinder_config { - "${name}/default_timeout": value => $default_timeout; - "${name}/iscsi_ip_address": value => $iscsi_ip_address; - "${name}/max_luns_per_storage_group": value => $max_luns_per_storage_group; - "${name}/naviseccli_path": value => '/opt/Navisphere/bin/naviseccli'; - "${name}/san_ip": value => $san_ip; - "${name}/san_login": value => $san_login; - "${name}/san_password": value => $san_password; - "${name}/storage_vnx_pool_name": value => $storage_vnx_pool_name; - "${name}/volume_backend_name": value => $volume_backend_name; - "${name}/volume_driver": value => 'cinder.volume.drivers.emc.emc_cli_iscsi.EMCCLIISCSIDriver'; - } - - create_resources('cinder_config', $extra_options) - -} diff --git a/cinder/manifests/backend/eqlx.pp b/cinder/manifests/backend/eqlx.pp deleted file mode 100644 index bc7c7b3bb..000000000 --- a/cinder/manifests/backend/eqlx.pp +++ /dev/null @@ -1,118 +0,0 @@ -# == define: cinder::backend::eqlx -# -# Configure the Dell EqualLogic driver for cinder. -# -# === Parameters -# -# [*san_ip*] -# (required) The IP address of the Dell EqualLogic array. -# -# [*san_login*] -# (required) The account to use for issuing SSH commands. -# -# [*san_password*] -# (required) The password for the specified SSH account. -# -# [*san_thin_provision*] -# (optional) Boolean. Whether or not to use thin provisioning for volumes. The -# default value in OpenStack is true. -# Defaults to $::os_service_default -# -# [*volume_backend_name*] -# (optional) The backend name. -# Defaults to the name of the resource -# -# [*eqlx_group_name*] -# (optional) The CLI prompt message without '>'. -# Defaults to $::os_service_default -# -# [*eqlx_pool*] -# (optional) The pool in which volumes will be created. -# Defaults to $::os_service_default -# -# [*eqlx_use_chap*] -# (optional) Boolean. Use CHAP authentification for targets. The default -# value in OpenStack is assumed to be false for this. -# Defaults to $::os_service_default -# -# [*eqlx_chap_login*] -# (optional) An existing CHAP account name. -# Defaults to 'chapadmin' -# -# [*eqlx_chap_password*] -# (optional) The password for the specified CHAP account name. -# Defaults to '12345' -# -# [*eqlx_cli_timeout*] -# (optional) The timeout for the Group Manager cli command execution. -# Defaults to $::os_service_default -# -# [*eqlx_cli_max_retries*] -# (optional) The maximum retry count for reconnection. -# Defaults to $:os_service_default -# -# [*extra_options*] -# (optional) Hash of extra options to pass to the backend stanza -# Defaults to: {} -# Example : -# { 'eqlx_backend/param1' => { 'value' => value1 } } -# -define cinder::backend::eqlx ( - $san_ip, - $san_login, - $san_password, - $san_thin_provision = $::os_service_default, - $volume_backend_name = $name, - $eqlx_group_name = $::os_service_default, - $eqlx_pool = $::os_service_default, - $eqlx_use_chap = $::os_service_default, # false - $eqlx_chap_login = 'chapadmin', - $eqlx_chap_password = '12345', - $eqlx_cli_timeout = $::os_service_default, - $eqlx_cli_max_retries = $::os_service_default, - $extra_options = {}, -) { - - if !is_service_default($san_thin_provision) { - validate_bool($san_thin_provision) - } - - if !is_service_default($eqlx_use_chap) { - validate_bool($eqlx_use_chap) - } - - if $eqlx_chap_login == 'chapadmin' { - warning('The OpenStack default value of eqlx_chap_login differs from the puppet module default of "chapadmin" and will be changed to the upstream OpenStack default in N-release.') - } - - if $eqlx_chap_password == '12345' { - warning('The OpenStack default value of eqlx_chap_password differs from the puppet module default of "12345" and will be changed to the upstream OpenStack default in N-release.') - } - - - - cinder_config { - "${name}/volume_backend_name": value => $volume_backend_name; - "${name}/volume_driver": value => 'cinder.volume.drivers.eqlx.DellEQLSanISCSIDriver'; - "${name}/san_ip": value => $san_ip; - "${name}/san_login": value => $san_login; - "${name}/san_password": value => $san_password, secret => true; - "${name}/san_thin_provision": value => $san_thin_provision; - "${name}/eqlx_group_name": value => $eqlx_group_name; - "${name}/eqlx_use_chap": value => $eqlx_use_chap; - "${name}/eqlx_cli_timeout": value => $eqlx_cli_timeout; - "${name}/eqlx_cli_max_retries": value => $eqlx_cli_max_retries; - "${name}/eqlx_pool": value => $eqlx_pool; - } - - # the default for this is false - if !is_service_default($eqlx_use_chap) and $eqlx_use_chap == true { - cinder_config { - "${name}/eqlx_chap_login": value => $eqlx_chap_login; - "${name}/eqlx_chap_password": value => $eqlx_chap_password, secret => true; - } - } - - create_resources('cinder_config', $extra_options) - -} diff --git a/cinder/manifests/backend/glusterfs.pp b/cinder/manifests/backend/glusterfs.pp deleted file mode 100644 index f03081ee2..000000000 --- a/cinder/manifests/backend/glusterfs.pp +++ /dev/null @@ -1,82 +0,0 @@ -# -# == Class: cinder::backend::glusterfs -# -# Configures Cinder to use GlusterFS as a volume driver -# -# === Parameters -# -# [*glusterfs_shares*] -# (required) An array of GlusterFS volume locations. -# Must be an array even if there is only one volume. -# -# [*volume_backend_name*] -# (optional) Allows for the volume_backend_name to be separate of $name. -# Defaults to: $name -# -# [*glusterfs_backup_mount_point*] -# (optional) Base dir containing mount point for gluster share. -# Defaults to $::os_service_default -# -# [*glusterfs_backup_share*] -# (optonal) GlusterFS share in : -# format. Eg: 1.2.3.4:backup_vol -# Defaults to $::os_service_default -# -# [*glusterfs_sparsed_volumes*] -# (optional) Whether or not to use sparse (thin) volumes. -# Defaults to $::os_service_default which uses the driver's default of "true". -# -# [*glusterfs_mount_point_base*] -# (optional) Where to mount the Gluster volumes. -# Defaults to $::os_service_default which uses the driver's default of -# "$state_path/mnt". -# -# [*glusterfs_shares_config*] -# (optional) The config file to store the given $glusterfs_shares. -# Defaults to '/etc/cinder/shares.conf' -# -# [*extra_options*] -# (optional) Hash of extra options to pass to the backend stanza -# Defaults to: {} -# Example : -# { 'glusterfs_backend/param1' => { 'value' => value1 } } -# -# === Examples -# -# cinder::backend::glusterfs { 'myGluster': -# glusterfs_shares = ['192.168.1.1:/volumes'], -# } -# -define cinder::backend::glusterfs ( - $glusterfs_shares, - $volume_backend_name = $name, - $glusterfs_backup_mount_point = $::os_service_default, - $glusterfs_backup_share = $::os_service_default, - $glusterfs_sparsed_volumes = $::os_service_default, - $glusterfs_mount_point_base = $::os_service_default, - $glusterfs_shares_config = '/etc/cinder/shares.conf', - $extra_options = {}, -) { - - $content = join($glusterfs_shares, "\n") - - file { $glusterfs_shares_config: - content => "${content}\n", - require => Package['cinder'], - notify => Service['cinder-volume'] - } - - cinder_config { - "${name}/volume_backend_name": value => $volume_backend_name; - "${name}/volume_driver": value => - 'cinder.volume.drivers.glusterfs.GlusterfsDriver'; - "${name}/glusterfs_backup_mount_point": value => $glusterfs_backup_mount_point; - "${name}/glusterfs_backup_share": value => $glusterfs_backup_share; - "${name}/glusterfs_shares_config": value => $glusterfs_shares_config; - "${name}/glusterfs_sparsed_volumes": value => $glusterfs_sparsed_volumes; - "${name}/glusterfs_mount_point_base": value => $glusterfs_mount_point_base; - } - - create_resources('cinder_config', $extra_options) - -} diff --git a/cinder/manifests/backend/gpfs.pp b/cinder/manifests/backend/gpfs.pp deleted file mode 100644 index ef3433267..000000000 --- a/cinder/manifests/backend/gpfs.pp +++ /dev/null @@ -1,91 +0,0 @@ -# == define: cinder::backend::gpfs -# -# Configures Cinder to use the IBM GPFS Driver -# -# === Parameters -# -# [*gpfs_mount_point_base*] -# (required) Specifies the path of the GPFS directory where Block Storage -# volume and snapshot files are stored. -# -# [*gpfs_images_dir*] -# (optional) Specifies the path of the Image service repository in GPFS. -# Leave undefined if not storing images in GPFS. Defaults to "None" via -# driver. -# Defaults to -# -# [*gpfs_images_share_mode*] -# (optional) Specifies the type of image copy to be used. Set this when the -# Image service repository also uses GPFS so that image files can be -# transferred efficiently from the Image service to the Block Storage -# service. There are two valid values: "copy" specifies that a full copy of -# the image is made; "copy_on_write" specifies that copy-on-write -# optimization strategy is used and unmodified blocks of the image file are -# shared efficiently. Defaults to "None" via driver. -# Defaults to -# -# [*gpfs_max_clone_depth*] -# (optional) Specifies an upper limit on the number of indirections required -# to reach a specific block due to snapshots or clones. A lengthy chain of -# copy-on-write snapshots or clones can have a negative impact on -# performance, but improves space utilization. 0 indicates unlimited clone -# depth. Defaults to "0" via driver implementation -# Defaults to -# -# [*gpfs_sparse_volumes*] -# (optional) Specifies that volumes are created as sparse files which -# initially consume no space. If set to False, the volume is created as a -# fully allocated file, in which case, creation may take a significantly -# longer time. Defaults to "True" via driver. -# Defaults to -# -# [*gpfs_storage_pool*] -# (optional) Specifies the storage pool that volumes are assigned to. By -# default, the system storage pool is used. Defaults to "system" via driver. -# Defaults to -# -# [*extra_options*] -# (optional) Hash of extra options to pass to the backend stanza -# Defaults to: {} -# Example : -# { 'gpfs_backend/param1' => { 'value' => value1 } } -# -# === Authors -# -# Benedikt von St. Vieth -# -# === Copyright -# -# Copyright 2015 -# -define cinder::backend::gpfs ( - $gpfs_mount_point_base, - $gpfs_images_dir = $::os_service_default, - $gpfs_images_share_mode = $::os_service_default, - $gpfs_max_clone_depth = $::os_service_default, - $gpfs_sparse_volumes = $::os_service_default, - $gpfs_storage_pool = $::os_service_default, - $extra_options = {}, -) { - - if ! ($gpfs_images_share_mode in ['copy', 'copy_on_write', $::os_service_default]) { - fail('gpfs_images_share_mode only support `copy` or `copy_on_write`') - } - if $gpfs_images_share_mode in ['copy', 'copy_on_write'] and is_service_default($gpfs_images_dir) { - fail('gpfs_images_share_mode only in conjunction with gpfs_images_dir') - } - - cinder_config { - "${name}/volume_driver": - value => 'cinder.volume.drivers.ibm.gpfs.GPFSDriver'; - "${name}/gpfs_max_clone_depth": value => $gpfs_max_clone_depth; - "${name}/gpfs_mount_point_base": value => $gpfs_mount_point_base; - "${name}/gpfs_sparse_volumes": value => $gpfs_sparse_volumes; - "${name}/gpfs_storage_pool": value => $gpfs_storage_pool; - "${name}/gpfs_images_share_mode": value => $gpfs_images_share_mode; - "${name}/gpfs_images_dir": value => $gpfs_images_dir; - } - - create_resources('cinder_config', $extra_options) - -} diff --git a/cinder/manifests/backend/hp3par_iscsi.pp b/cinder/manifests/backend/hp3par_iscsi.pp deleted file mode 100644 index d93088f9d..000000000 --- a/cinder/manifests/backend/hp3par_iscsi.pp +++ /dev/null @@ -1,101 +0,0 @@ -# Configures Cinder volume HP 3par ISCSI driver. -# Parameters are particular to each volume driver. -# -# === Parameters -# -# [*hp3par_api_url*] -# (required) url for api access to 3par - example https://10.x.x.x:8080/api/v1 -# -# [*hp3par_username*] -# (required) Username for HP3par admin user -# -# [*hp3par_password*] -# (required) Password for hp3par_username -# -# [*san_ip*] -# (required) IP address of HP 3par service processor. -# -# [*san_login*] -# (required) Username for HP 3par account. -# -# [*san_password*] -# (required) Password for HP 3par account. -# -# [*hp3par_iscsi_ips*] -# (required) iscsi IP addresses for the HP 3par array -# This is a list of IPs with ports in a string, for example: -# '1.2.3.4:3261, 5.6.7.8:3261' -# -# [*volume_backend_name*] -# (optional) Allows for the volume_backend_name to be separate of $name. -# Defaults to: $name -# -# [*volume_driver*] -# (optional) Setup cinder-volume to use HP 3par volume driver. -# Defaults to 'cinder.volume.drivers.san.hp.hp_3par_iscsi.HP3PARISCSIDriver' -# -# [*hp3par_iscsi_chap_enabled*] -# (required) setting to false by default -# -# [*hp3par_iscsi_chap_enabled -# (required) setting to false by default -# -# [*hp3par_snap_cpg*] -# (optional) set to hp3par_cfg by default in the cinder driver -# -# [*hp3par_snapshot_retention*] -# (required) Time in hours for snapshot retention. Must be less -# than hp3par_snapshot_expiration. -# Defaults to 48. -# -# [*hp3par_snapshot_expiration*] -# (required) Time in hours until a snapshot expires. Must be more -# than hp3par_snapshot_retention. -# Defaults to 72. -# -# [*extra_options*] -# (optional) Hash of extra options to pass to the backend stanza -# Defaults to: {} -# Example : -# { 'h3par_iscsi_backend/param1' => { 'value' => value1 } } -# -define cinder::backend::hp3par_iscsi( - $hp3par_api_url, - $hp3par_username, - $hp3par_password, - $san_ip, - $san_login, - $san_password, - $hp3par_iscsi_ips, - $volume_backend_name = $name, - $volume_driver = 'cinder.volume.drivers.san.hp.hp_3par_iscsi.HP3PARISCSIDriver', - $hp3par_iscsi_chap_enabled = false, - $hp3par_snap_cpg = 'OpenstackCPG', - $hp3par_snapshot_retention = 48, - $hp3par_snapshot_expiration = 72, - $extra_options = {}, -) { - - if ($hp3par_snapshot_expiration <= $hp3par_snapshot_retention) { - fail ('hp3par_snapshot_expiration must be greater than hp3par_snapshot_retention') - } - - cinder_config { - "${name}/volume_backend_name": value => $volume_backend_name; - "${name}/volume_driver": value => $volume_driver; - "${name}/hp3par_username": value => $hp3par_username; - "${name}/hp3par_password": value => $hp3par_password, secret => true; - "${name}/san_ip": value => $san_ip; - "${name}/san_login": value => $san_login; - "${name}/san_password": value => $san_password, secret => true; - "${name}/hp3par_iscsi_ips": value => $hp3par_iscsi_ips; - "${name}/hp3par_api_url": value => $hp3par_api_url; - "${name}/hp3par_iscsi_chap_enabled": value => $hp3par_iscsi_chap_enabled; - "${name}/hp3par_snap_cpg": value => $hp3par_snap_cpg; - "${name}/hp3par_snapshot_retention": value => $hp3par_snapshot_retention; - "${name}/hp3par_snapshot_expiration": value => $hp3par_snapshot_expiration; - } - - create_resources('cinder_config', $extra_options) - -} diff --git a/cinder/manifests/backend/iscsi.pp b/cinder/manifests/backend/iscsi.pp deleted file mode 100644 index b5846b40f..000000000 --- a/cinder/manifests/backend/iscsi.pp +++ /dev/null @@ -1,107 +0,0 @@ -# -# Define: cinder::backend::iscsi -# -# === Parameters: -# -# [*iscsi_ip_address*] -# (Required) The IP address that the iSCSI daemon is listening on -# -# [*volume_backend_name*] -# (optional) Allows for the volume_backend_name to be separate of $name. -# Defaults to: $name -# -# [*volume_driver*] -# (Optional) Driver to use for volume creation -# Defaults to 'cinder.volume.drivers.lvm.LVMVolumeDriver'. -# -# [*volume_group*] -# (Optional) Name for the VG that will contain exported volumes -# Defaults to $::os_service_default -# -# [*volumes_dir*] -# (Optional) Volume configuration file storage directory -# Defaults to '/var/lib/cinder/volumes'. -# -# [*iscsi_helper*] -# (Optional) iSCSI target user-land tool to use. -# Defaults to '$::cinder::params::iscsi_helper'. -# -# [*iscsi_protocol*] -# (Optional) Protocol to use as iSCSI driver -# Defaults to $::os_service_default. -# -# [*extra_options*] -# (optional) Hash of extra options to pass to the backend stanza -# Defaults to: {} -# Example : -# { 'iscsi_backend/param1' => { 'value' => value1 } } -# -define cinder::backend::iscsi ( - $iscsi_ip_address, - $volume_backend_name = $name, - $volume_driver = 'cinder.volume.drivers.lvm.LVMVolumeDriver', - $volume_group = $::os_service_default, - $volumes_dir = '/var/lib/cinder/volumes', - $iscsi_helper = $::cinder::params::iscsi_helper, - $iscsi_protocol = $::os_service_default, - $extra_options = {}, -) { - - include ::cinder::params - - cinder_config { - "${name}/volume_backend_name": value => $volume_backend_name; - "${name}/volume_driver": value => $volume_driver; - "${name}/iscsi_ip_address": value => $iscsi_ip_address; - "${name}/iscsi_helper": value => $iscsi_helper; - "${name}/volume_group": value => $volume_group; - "${name}/volumes_dir": value => $volumes_dir; - "${name}/iscsi_protocol": value => $iscsi_protocol; - } - - create_resources('cinder_config', $extra_options) - - case $iscsi_helper { - 'tgtadm': { - package { 'tgt': - ensure => present, - name => $::cinder::params::tgt_package_name, - } - - if($::osfamily == 'RedHat') { - file_line { 'cinder include': - path => '/etc/tgt/targets.conf', - line => "include ${volumes_dir}/*", - match => '#?include /', - require => Package['tgt'], - notify => Service['tgtd'], - } - } - - service { 'tgtd': - ensure => running, - name => $::cinder::params::tgt_service_name, - enable => true, - require => Class['cinder::volume'], - } - } - - 'lioadm': { - service { 'target': - ensure => running, - enable => true, - require => Package['targetcli'], - } - - package { 'targetcli': - ensure => present, - name => $::cinder::params::lio_package_name, - } - } - - default: { - fail("Unsupported iscsi helper: ${iscsi_helper}.") - } - } - -} diff --git a/cinder/manifests/backend/netapp.pp b/cinder/manifests/backend/netapp.pp deleted file mode 100644 index a6b5cd99c..000000000 --- a/cinder/manifests/backend/netapp.pp +++ /dev/null @@ -1,255 +0,0 @@ -# == define: cinder::backend::netapp -# -# Configures Cinder to use the NetApp unified volume driver -# Compatible for multiple backends -# -# === Parameters -# -# [*volume_backend_name*] -# (optional) The name of the cinder::backend::netapp ressource -# Defaults to $name. -# -# [*netapp_login*] -# (required) Administrative user account name used to access the storage -# system or proxy server. -# -# [*netapp_password*] -# (required) Password for the administrative user account specified in the -# netapp_login option. -# -# [*netapp_server_hostname*] -# (required) The hostname (or IP address) for the storage system or proxy -# server. -# -# [*netapp_server_port*] -# (optional) The TCP port to use for communication with the storage -# system or proxy. If not specified, Data ONTAP drivers will use 80 -# for HTTP and 443 for HTTPS; E-Series will use 8080 for HTTP and -# 8443 for HTTPS. -# Defaults to 80 -# -# [*netapp_size_multiplier*] -# (optional) The quantity to be multiplied by the requested volume size to -# ensure enough space is available on the virtual storage server (Vserver) to -# fulfill the volume creation request. -# Defaults to 1.2 -# -# [*netapp_storage_family*] -# (optional) The storage family type used on the storage system; valid values -# are ontap_7mode for using Data ONTAP operating in 7-Mode, ontap_cluster -# for using clustered Data ONTAP, or eseries for NetApp E-Series. -# Defaults to ontap_cluster -# -# [*netapp_storage_protocol*] -# (optional) The storage protocol to be used on the data path with the storage -# system. Valid values are iscsi, fc, nfs. -# Defaults to nfs -# -# [*netapp_transport_type*] -# (optional) The transport protocol used when communicating with the storage -# system or proxy server. Valid values are http or https. -# Defaults to http -# -# [*netapp_vfiler*] -# (optional) The vFiler unit on which provisioning of block storage volumes -# will be done. This parameter is only used by the driver when connecting to -# an instance with a storage family of Data ONTAP operating in 7-Mode. Only -# use this parameter when utilizing the MultiStore feature on the NetApp -# storage system. -# Defaults to undef -# -# [*netapp_volume_list*] -# (optional) This parameter is only utilized when the storage protocol is -# configured to use iSCSI or FC. This parameter is used to restrict -# provisioning to the specified controller volumes. Specify the value of -# this parameter to be a comma separated list of NetApp controller volume -# names to be used for provisioning. -# Defaults to undef -# -# [*netapp_vserver*] -# (optional) This option specifies the virtual storage server (Vserver) -# name on the storage cluster on which provisioning of block storage volumes -# should occur. -# Defaults to undef -# -# [*netapp_partner_backend_name*] -# (optional) The name of the config.conf stanza for a Data ONTAP (7-mode) -# HA partner. This option is only used by the driver when connecting to an -# instance with a storage family of Data ONTAP operating in 7-Mode, and it is -# required if the storage protocol selected is FC. -# Defaults to undef -# -# [*expiry_thres_minutes*] -# (optional) This parameter specifies the threshold for last access time for -# images in the NFS image cache. When a cache cleaning cycle begins, images -# in the cache that have not been accessed in the last M minutes, where M is -# the value of this parameter, will be deleted from the cache to create free -# space on the NFS share. -# Defaults to 720 -# -# [*thres_avl_size_perc_start*] -# (optional) If the percentage of available space for an NFS share has -# dropped below the value specified by this parameter, the NFS image cache -# will be cleaned. -# Defaults to 20 -# -# [*thres_avl_size_perc_stop*] -# (optional) When the percentage of available space on an NFS share has -# reached the percentage specified by this parameter, the driver will stop -# clearing files from the NFS image cache that have not been accessed in the -# last M minutes, where M is the value of the expiry_thres_minutes parameter. -# Defaults to 60 -# -# [*nfs_shares*] -# (optional) Array of NFS exports in the form of host:/share; will be written into -# file specified in nfs_shares_config -# Defaults to undef -# -# [*nfs_shares_config*] -# (optional) File with the list of available NFS shares -# Defaults to '/etc/cinder/shares.conf' -# -# [*nfs_mount_options*] -# (optional) Mount options passed to the nfs client. See section -# of the nfs man page for details. -# Defaults to $::os_service_default -# -# [*netapp_copyoffload_tool_path*] -# (optional) This option specifies the path of the NetApp Copy Offload tool -# binary. Ensure that the binary has execute permissions set which allow the -# effective user of the cinder-volume process to execute the file. -# Defaults to undef -# -# [*netapp_controller_ips*] -# (optional) This option is only utilized when the storage family is -# configured to eseries. This option is used to restrict provisioning to the -# specified controllers. Specify the value of this option to be a comma -# separated list of controller hostnames or IP addresses to be used for -# provisioning. -# Defaults to undef -# -# [*netapp_sa_password*] -# (optional) Password for the NetApp E-Series storage array. -# Defaults to undef -# -# [*netapp_storage_pools*] -# (optional) This option is used to restrict provisioning to the specified -# storage pools. Only dynamic disk pools are currently supported. Specify the -# value of this option to be a comma separated list of disk pool names to be -# used for provisioning. -# Defaults to undef -# -# [*netapp_eseries_host_type*] -# (optional) This option is used to define how the controllers in the -# E-Series storage array will work with the particular operating system on -# the hosts that are connected to it. -# Defaults to 'linux_dm_mp' -# -# [*netapp_webservice_path*] -# (optional) This option is used to specify the path to the E-Series proxy -# application on a proxy server. The value is combined with the value of the -# netapp_transport_type, netapp_server_hostname, and netapp_server_port -# options to create the URL used by the driver to connect to the proxy -# application. -# Defaults to '/devmgr/v2' -# -# [*extra_options*] -# (optional) Hash of extra options to pass to the backend stanza -# Defaults to: {} -# Example : -# { 'netapp_backend/param1' => { 'value' => value1 } } -# -# === Examples -# -# cinder::backend::netapp { 'myBackend': -# netapp_login => 'clusterAdmin', -# netapp_password => 'password', -# netapp_server_hostname => 'netapp.mycorp.com', -# netapp_server_port => '443', -# netapp_transport_type => 'https', -# netapp_vserver => 'openstack-vserver', -# } -# -# === Authors -# -# Bob Callaway -# -# === Copyright -# -# Copyright 2014 NetApp, Inc. -# -define cinder::backend::netapp ( - $netapp_login, - $netapp_password, - $netapp_server_hostname, - $volume_backend_name = $name, - $netapp_server_port = '80', - $netapp_size_multiplier = '1.2', - $netapp_storage_family = 'ontap_cluster', - $netapp_storage_protocol = 'nfs', - $netapp_transport_type = 'http', - $netapp_vfiler = undef, - $netapp_volume_list = undef, - $netapp_vserver = undef, - $netapp_partner_backend_name = undef, - $expiry_thres_minutes = '720', - $thres_avl_size_perc_start = '20', - $thres_avl_size_perc_stop = '60', - $nfs_shares = undef, - $nfs_shares_config = '/etc/cinder/shares.conf', - $nfs_mount_options = $::os_service_default, - $netapp_copyoffload_tool_path = undef, - $netapp_controller_ips = undef, - $netapp_sa_password = undef, - $netapp_storage_pools = undef, - $netapp_eseries_host_type = 'linux_dm_mp', - $netapp_webservice_path = '/devmgr/v2', - $extra_options = {}, -) { - - if $nfs_shares { - validate_array($nfs_shares) - file {$nfs_shares_config: - content => join($nfs_shares, "\n"), - require => Package['cinder'], - notify => Service['cinder-volume'] - } - } - - cinder_config { - "${name}/nfs_mount_options": value => $nfs_mount_options; - "${name}/volume_backend_name": value => $volume_backend_name; - "${name}/volume_driver": value => 'cinder.volume.drivers.netapp.common.NetAppDriver'; - "${name}/netapp_login": value => $netapp_login; - "${name}/netapp_password": value => $netapp_password, secret => true; - "${name}/netapp_server_hostname": value => $netapp_server_hostname; - "${name}/netapp_server_port": value => $netapp_server_port; - "${name}/netapp_size_multiplier": value => $netapp_size_multiplier; - "${name}/netapp_storage_family": value => $netapp_storage_family; - "${name}/netapp_storage_protocol": value => $netapp_storage_protocol; - "${name}/netapp_transport_type": value => $netapp_transport_type; - "${name}/netapp_vfiler": value => $netapp_vfiler; - "${name}/netapp_volume_list": value => $netapp_volume_list; - "${name}/netapp_vserver": value => $netapp_vserver; - "${name}/netapp_partner_backend_name": value => $netapp_partner_backend_name; - "${name}/expiry_thres_minutes": value => $expiry_thres_minutes; - "${name}/thres_avl_size_perc_start": value => $thres_avl_size_perc_start; - "${name}/thres_avl_size_perc_stop": value => $thres_avl_size_perc_stop; - "${name}/nfs_shares_config": value => $nfs_shares_config; - "${name}/netapp_copyoffload_tool_path": value => $netapp_copyoffload_tool_path; - "${name}/netapp_controller_ips": value => $netapp_controller_ips; - "${name}/netapp_sa_password": value => $netapp_sa_password, secret => true; - "${name}/netapp_storage_pools": value => $netapp_storage_pools; - "${name}/netapp_eseries_host_type": value => $netapp_eseries_host_type; - "${name}/netapp_webservice_path": value => $netapp_webservice_path; - } - - if $netapp_storage_family == 'eseries' { - cinder_config { - "${name}/use_multipath_for_image_xfer": value => true; - } - } - - create_resources('cinder_config', $extra_options) - -} diff --git a/cinder/manifests/backend/nexenta.pp b/cinder/manifests/backend/nexenta.pp deleted file mode 100644 index 0b3227618..000000000 --- a/cinder/manifests/backend/nexenta.pp +++ /dev/null @@ -1,69 +0,0 @@ -# == Class: cinder::backend::nexenta -# -# Setups Cinder with Nexenta volume driver. -# -# === Parameters -# -# [*nexenta_user*] -# (required) User name to connect to Nexenta SA. -# -# [*nexenta_password*] -# (required) Password to connect to Nexenta SA. -# -# [*nexenta_host*] -# (required) IP address of Nexenta SA. -# -# [*volume_backend_name*] -# (optional) Allows for the volume_backend_name to be separate of $name. -# Defaults to: $name -# -# [*nexenta_volume*] -# (optional) Pool on SA that will hold all volumes. Defaults to 'cinder'. -# -# [*nexenta_target_prefix*] -# (optional) IQN prefix for iSCSI targets. Defaults to 'iqn:'. -# -# [*nexenta_target_group_prefix*] -# (optional) Prefix for iSCSI target groups on SA. Defaults to 'cinder/'. -# -# [*nexenta_blocksize*] -# (optional) Block size for volumes. Defaults to '8k'. -# -# [*nexenta_sparse*] -# (optional) Flag to create sparse volumes. Defaults to true. -# -# [*extra_options*] -# (optional) Hash of extra options to pass to the backend stanza -# Defaults to: {} -# Example : -# { 'nexenta_backend/param1' => { 'value' => value1 } } -# -define cinder::backend::nexenta ( - $nexenta_user, - $nexenta_password, - $nexenta_host, - $volume_backend_name = $name, - $nexenta_volume = 'cinder', - $nexenta_target_prefix = 'iqn:', - $nexenta_target_group_prefix = 'cinder/', - $nexenta_blocksize = '8k', - $nexenta_sparse = true, - $extra_options = {}, -) { - - cinder_config { - "${name}/volume_backend_name": value => $volume_backend_name; - "${name}/nexenta_user": value => $nexenta_user; - "${name}/nexenta_password": value => $nexenta_password, secret => true; - "${name}/nexenta_host": value => $nexenta_host; - "${name}/nexenta_volume": value => $nexenta_volume; - "${name}/nexenta_target_prefix": value => $nexenta_target_prefix; - "${name}/nexenta_target_group_prefix": value => $nexenta_target_group_prefix; - "${name}/nexenta_blocksize": value => $nexenta_blocksize; - "${name}/nexenta_sparse": value => $nexenta_sparse; - "${name}/volume_driver": value => 'cinder.volume.drivers.nexenta.volume.NexentaDriver'; - } - - create_resources('cinder_config', $extra_options) - -} diff --git a/cinder/manifests/backend/nfs.pp b/cinder/manifests/backend/nfs.pp deleted file mode 100644 index 3921fde6a..000000000 --- a/cinder/manifests/backend/nfs.pp +++ /dev/null @@ -1,94 +0,0 @@ -# == Define: cinder::backend::nfs -# -# === Parameters -# -# [*volume_backend_name*] -# (optional) Allows for the volume_backend_name to be separate of $name. -# Defaults to: $name -# -# [*nfs_servers*] -# (Required) Description -# Defaults to '[]' -# -# [*nfs_mount_attempts*] -# (optional) The number of attempts to mount nfs shares before raising an -# error. At least one attempt will be made to mount an nfs share, regardless -# of the value specified. -# Defaults to $::os_service_default -# -# [*nfs_mount_options*] -# (Optional) Mount options passed to the nfs client. -# Defaults to $::os_service_default -# -# [*nfs_disk_util*] -# (Optional) TODO -# Defaults to $::os_service_default -# -# [*nfs_sparsed_volumes*] -# (Optional) Create volumes as sparsed files which take no space. -# If set to False volume is created as regular file. -# In such case volume creation takes a lot of time. -# Defaults to $::os_service_default -# -# [*nfs_mount_point_base*] -# (Optional) Base dir containing mount points for nfs shares. -# Defaults to $::os_service_default -# -# [*nfs_shares_config*] -# (Optional) File with the list of available nfs shares. -# Defaults to '/etc/cinder/shares.conf'. -# -# [*nfs_used_ratio*] -# (Optional) Percent of ACTUAL usage of the underlying volume before no new -# volumes can be allocated to the volume destination. -# Defaults to $::os_service_default -# -# [*nfs_oversub_ratio*] -# (Optional) This will compare the allocated to available space on the volume -# destination. If the ratio exceeds this number, the destination will no -# longer be valid. -# Defaults to $::os_service_default -# -# [*extra_options*] -# (optional) Hash of extra options to pass to the backend stanza -# Defaults to: {} -# Example : -# { 'nfs_backend/param1' => { 'value' => value1 } } -# -define cinder::backend::nfs ( - $volume_backend_name = $name, - $nfs_servers = [], - $nfs_mount_attempts = $::os_service_default, - $nfs_mount_options = $::os_service_default, - $nfs_disk_util = $::os_service_default, - $nfs_sparsed_volumes = $::os_service_default, - $nfs_mount_point_base = $::os_service_default, - $nfs_shares_config = '/etc/cinder/shares.conf', - $nfs_used_ratio = $::os_service_default, - $nfs_oversub_ratio = $::os_service_default, - $extra_options = {}, -) { - - file {$nfs_shares_config: - content => join($nfs_servers, "\n"), - require => Package['cinder'], - notify => Service['cinder-volume'] - } - - cinder_config { - "${name}/volume_backend_name": value => $volume_backend_name; - "${name}/volume_driver": value => - 'cinder.volume.drivers.nfs.NfsDriver'; - "${name}/nfs_shares_config": value => $nfs_shares_config; - "${name}/nfs_mount_attempts": value => $nfs_mount_attempts; - "${name}/nfs_mount_options": value => $nfs_mount_options; - "${name}/nfs_disk_util": value => $nfs_disk_util; - "${name}/nfs_sparsed_volumes": value => $nfs_sparsed_volumes; - "${name}/nfs_mount_point_base": value => $nfs_mount_point_base; - "${name}/nfs_used_ratio": value => $nfs_used_ratio; - "${name}/nfs_oversub_ratio": value => $nfs_oversub_ratio; - } - - create_resources('cinder_config', $extra_options) - -} diff --git a/cinder/manifests/backend/pure.pp b/cinder/manifests/backend/pure.pp deleted file mode 100644 index 7ecc6b2a0..000000000 --- a/cinder/manifests/backend/pure.pp +++ /dev/null @@ -1,62 +0,0 @@ -# == Class: cinder::backend::pure -# -# Configures Cinder volume PureStorage driver. -# Parameters are particular to each volume driver. -# -# === Parameters -# -# [*san_ip*] -# (required) IP address of PureStorage management VIP. -# -# [*pure_api_token*] -# (required) API token for management of PureStorage array. -# -# [*volume_backend_name*] -# (optional) Allows for the volume_backend_name to be separate of $name. -# Defaults to: $name -# -# [*pure_storage_protocol*] -# (optional) Must be either 'iSCSI' or 'FC'. This will determine -# which Volume Driver will be configured; PureISCSIDriver or PureFCDriver. -# Defaults to 'iSCSI' -# -# [*use_multipath_for_image_xfer*] -# (optional) . -# Defaults to True -# -# [*use_chap_auth*] -# (optional) Only affects the PureISCSIDriver. -# Defaults to False -# -# [*extra_options*] -# (optional) Hash of extra options to pass to the backend stanza. -# Defaults to: {} -# Example : -# { 'pure_backend/param1' => { 'value' => value1 } } -# -define cinder::backend::pure( - $san_ip, - $pure_api_token, - $volume_backend_name = $name, - $pure_storage_protocol = 'iSCSI', - $use_chap_auth = false, - $use_multipath_for_image_xfer = true, - $extra_options = {}, -) { - - $volume_driver = $pure_storage_protocol ? { - 'FC' => 'cinder.volume.drivers.pure.PureFCDriver', - 'iSCSI' => 'cinder.volume.drivers.pure.PureISCSIDriver' - } - - cinder_config { - "${name}/volume_backend_name": value => $volume_backend_name; - "${name}/volume_driver": value => $volume_driver; - "${name}/san_ip": value => $san_ip; - "${name}/pure_api_token": value => $pure_api_token, secret => true; - "${name}/use_chap_auth": value => $use_chap_auth; - "${name}/use_multipath_for_image_xfer": value => $use_multipath_for_image_xfer ; - } - - create_resources('cinder_config', $extra_options) -} diff --git a/cinder/manifests/backend/quobyte.pp b/cinder/manifests/backend/quobyte.pp deleted file mode 100644 index 234c5334a..000000000 --- a/cinder/manifests/backend/quobyte.pp +++ /dev/null @@ -1,63 +0,0 @@ -# -# == Class: cinder::backend::quobyte -# -# Configures Cinder to use Quobyte USP as a volume driver -# -# === Parameters -# -# [*quobyte_volume_url*] -# (required) The URL of the Quobyte volume to use. -# Not an array as a Quobyte driver instance supports exactly one volume -# at a time - but you can load the driver more than once. -# Example: quobyte://quobyte.cluster.example.com/volume-name -# -# [*quobyte_client_cfg*] -# (optional) Path to a Quobyte client configuration file. -# This is needed if client certificate authentication is enabled on the -# Quobyte cluster. The config file includes the certificate and key. -# -# [*quobyte_qcow2_volumes*] -# (optional) Boolean if volumes should be created as qcow2 volumes. -# Defaults to True. qcow2 volumes allow snapshots, at the cost of a small -# performance penalty. If False, raw volumes will be used. -# -# [*quobyte_sparsed_volumes*] -# (optional) Boolean if raw volumes should be created as sparse files. -# Defaults to True. Non-sparse volumes may have a very small performance -# benefit, but take a long time to create. -# -# [*quobyte_mount_point_base*] -# (optional) Path where the driver should create mountpoints. -# Defaults to a subdirectory "mnt" under the Cinder state directory. -# -# [*volume_backend_name*] -# (optional) Allows for the volume_backend_name to be separate of $name. -# Defaults to: $name -# -# === Examples -# -# cinder::backend::quobyte { 'quobyte1': -# quobyte_volume_url => 'quobyte://quobyte.cluster.example.com/volume-name', -# } -# -define cinder::backend::quobyte ( - $quobyte_volume_url, - $quobyte_client_cfg = undef, - $quobyte_qcow2_volumes = undef, - $quobyte_sparsed_volumes = undef, - $quobyte_mount_point_base = undef, - $volume_backend_name = $name, -) { - - cinder_config { - "${name}/volume_backend_name": value => $volume_backend_name; - "${name}/volume_driver": value => - 'cinder.volume.drivers.quobyte.QuobyteDriver'; - "${name}/quobyte_volume_url": value => $quobyte_volume_url; - "${name}/quobyte_client_cfg": value => $quobyte_client_cfg; - "${name}/quobyte_qcow2_volumes": value => $quobyte_qcow2_volumes; - "${name}/quobyte_sparsed_volumes": value => $quobyte_sparsed_volumes; - "${name}/quobyte_mount_point_base": value => $quobyte_mount_point_base; - } - -} diff --git a/cinder/manifests/backend/rbd.pp b/cinder/manifests/backend/rbd.pp deleted file mode 100644 index bd51bfe60..000000000 --- a/cinder/manifests/backend/rbd.pp +++ /dev/null @@ -1,148 +0,0 @@ -# == define: cinder::backend::rbd -# -# Setup Cinder to use the RBD driver. -# Compatible for multiple backends -# -# === Parameters -# -# [*rbd_pool*] -# (required) Specifies the pool name for the block device driver. -# -# [*rbd_user*] -# (required) A required parameter to configure OS init scripts and cephx. -# -# [*backend_host*] -# (optional) Allows specifying the hostname/key used for the owner of volumes -# created. This must be set to the same value on all nodes in a multi-node -# environment. -# Defaults to 'rbd:' -# -# [*volume_backend_name*] -# (optional) Allows for the volume_backend_name to be separate of $name. -# Defaults to: $name -# -# [*rbd_ceph_conf*] -# (optional) Path to the ceph configuration file to use -# Defaults to '/etc/ceph/ceph.conf' -# -# [*rbd_flatten_volume_from_snapshot*] -# (optional) Enable flatten volumes created from snapshots. -# Defaults to false -# -# [*rbd_secret_uuid*] -# (optional) A required parameter to use cephx. -# Defaults to $::os_service_default -# -# [*rbd_max_clone_depth*] -# (optional) Maximum number of nested clones that can be taken of a -# volume before enforcing a flatten prior to next clone. -# A value of zero disables cloning -# Defaults to $::os_service_default -# -# [*rados_connect_timeout*] -# (optional) Timeout value (in seconds) used when connecting to ceph cluster. -# If value < 0, no timeout is set and default librados value is used. -# Defaults to $::os_service_default -# -# [*rados_connection_interval*] -# (optional) Interval value (in seconds) between connection retries to ceph -# cluster. -# Defaults to $::os_service_default -# -# [*rados_connection_retries*] -# (optional) Number of retries if connection to ceph cluster failed. -# Defaults to $::os_service_default -# -# [*rbd_store_chunk_size*] -# (optional) Volumes will be chunked into objects of this size (in megabytes). -# Defaults to $::os_service_default -# -# [*extra_options*] -# (optional) Hash of extra options to pass to the backend stanza -# Defaults to: {} -# Example : -# { 'rbd_backend/param1' => { 'value' => value1 } } -# -# === Deprecated Parameters -# -# [*volume_tmp_dir*] -# (deprecated by image_conversion_dir) Location to store temporary image files -# if the volume driver does not write them directly to the volumea. -# Defaults to false -# -define cinder::backend::rbd ( - $rbd_pool, - $rbd_user, - $backend_host = undef, - $volume_backend_name = $name, - $rbd_ceph_conf = '/etc/ceph/ceph.conf', - $rbd_flatten_volume_from_snapshot = $::os_service_default, - $rbd_secret_uuid = $::os_service_default, - $rbd_max_clone_depth = $::os_service_default, - $rados_connect_timeout = $::os_service_default, - $rados_connection_interval = $::os_service_default, - $rados_connection_retries = $::os_service_default, - $rbd_store_chunk_size = $::os_service_default, - $extra_options = {}, - # DEPRECATED PARAMETERS - $volume_tmp_dir = false, -) { - - include ::cinder::params - - cinder_config { - "${name}/volume_backend_name": value => $volume_backend_name; - "${name}/volume_driver": value => 'cinder.volume.drivers.rbd.RBDDriver'; - "${name}/rbd_ceph_conf": value => $rbd_ceph_conf; - "${name}/rbd_user": value => $rbd_user; - "${name}/rbd_pool": value => $rbd_pool; - "${name}/rbd_max_clone_depth": value => $rbd_max_clone_depth; - "${name}/rbd_flatten_volume_from_snapshot": value => $rbd_flatten_volume_from_snapshot; - "${name}/rbd_secret_uuid": value => $rbd_secret_uuid; - "${name}/rados_connect_timeout": value => $rados_connect_timeout; - "${name}/rados_connection_interval": value => $rados_connection_interval; - "${name}/rados_connection_retries": value => $rados_connection_retries; - "${name}/rbd_store_chunk_size": value => $rbd_store_chunk_size; - } - - if $backend_host { - cinder_config { - "${name}/backend_host": value => $backend_host; - } - } else { - cinder_config { - "${name}/backend_host": value => "rbd:${rbd_pool}"; - } - } - - if $volume_tmp_dir { - cinder_config {"${name}/volume_tmp_dir": value => $volume_tmp_dir;} - warning('The rbd volume_tmp_dir parameter is deprecated. Please use image_conversion_dir in the cinder base class instead.') - } - - create_resources('cinder_config', $extra_options) - - case $::osfamily { - 'Debian': { - $override_line = "env CEPH_ARGS=\"--id ${rbd_user}\"" - $override_match = '^env CEPH_ARGS=' - } - 'RedHat': { - $override_line = "export CEPH_ARGS=\"--id ${rbd_user}\"" - $override_match = '^export CEPH_ARGS=' - } - default: { - fail("unsupported osfamily ${::osfamily}, currently Debian and Redhat are the only supported platforms") - } - } - - # Creates an empty file if it doesn't yet exist - ensure_resource('file', $::cinder::params::ceph_init_override, {'ensure' => 'present'}) - - file_line { "set initscript env ${name}": - line => $override_line, - path => $::cinder::params::ceph_init_override, - notify => Service['cinder-volume'], - } - -} diff --git a/cinder/manifests/backend/san.pp b/cinder/manifests/backend/san.pp deleted file mode 100644 index 1e46a0b31..000000000 --- a/cinder/manifests/backend/san.pp +++ /dev/null @@ -1,94 +0,0 @@ -# == Class: cinder::backend::san -# -# Configures Cinder volume SAN driver. -# Parameters are particular to each volume driver. -# -# === Parameters -# -# [*volume_driver*] -# (required) Setup cinder-volume to use volume driver. -# -# [*volume_backend_name*] -# (optional) Allows for the volume_backend_name to be separate of $name. -# Defaults to: $name -# -# [*san_thin_provision*] -# (optional) Use thin provisioning for SAN volumes? Defaults to true. -# -# [*san_ip*] -# (optional) IP address of SAN controller. -# -# [*san_login*] -# (optional) Username for SAN controller. Defaults to 'admin'. -# -# [*san_password*] -# (optional) Password for SAN controller. -# -# [*san_private_key*] -# (optional) Filename of private key to use for SSH authentication. -# -# [*san_clustername*] -# (optional) Cluster name to use for creating volumes. -# -# [*san_ssh_port*] -# (optional) SSH port to use with SAN. Defaults to 22. -# -# [*san_is_local*] -# (optional) Execute commands locally instead of over SSH -# use if the volume service is running on the SAN device. -# -# [*ssh_conn_timeout*] -# (optional) SSH connection timeout in seconds. Defaults to 30. -# -# [*ssh_min_pool_conn*] -# (optional) Minimum ssh connections in the pool. -# -# [*ssh_min_pool_conn*] -# (optional) Maximum ssh connections in the pool. -# -# [*ssh_max_pool_conn*] -# (Optional) Maximum ssh connections in the pool. -# Defaults to '5'. -# -# [*extra_options*] -# (optional) Hash of extra options to pass to the backend stanza -# Defaults to: {} -# Example : -# { 'san_backend/param1' => { 'value' => value1 } } -# -define cinder::backend::san ( - $volume_driver, - $volume_backend_name = $name, - $san_thin_provision = true, - $san_ip = undef, - $san_login = 'admin', - $san_password = undef, - $san_private_key = undef, - $san_clustername = undef, - $san_ssh_port = 22, - $san_is_local = false, - $ssh_conn_timeout = 30, - $ssh_min_pool_conn = 1, - $ssh_max_pool_conn = 5, - $extra_options = {}, -) { - - cinder_config { - "${name}/volume_backend_name": value => $volume_backend_name; - "${name}/volume_driver": value => $volume_driver; - "${name}/san_thin_provision": value => $san_thin_provision; - "${name}/san_ip": value => $san_ip; - "${name}/san_login": value => $san_login; - "${name}/san_password": value => $san_password, secret => true; - "${name}/san_private_key": value => $san_private_key; - "${name}/san_clustername": value => $san_clustername; - "${name}/san_ssh_port": value => $san_ssh_port; - "${name}/san_is_local": value => $san_is_local; - "${name}/ssh_conn_timeout": value => $ssh_conn_timeout; - "${name}/ssh_min_pool_conn": value => $ssh_min_pool_conn; - "${name}/ssh_max_pool_conn": value => $ssh_max_pool_conn; - } - - create_resources('cinder_config', $extra_options) - -} diff --git a/cinder/manifests/backend/solidfire.pp b/cinder/manifests/backend/solidfire.pp deleted file mode 100644 index 6517ad861..000000000 --- a/cinder/manifests/backend/solidfire.pp +++ /dev/null @@ -1,118 +0,0 @@ -# == Class: cinder::backend::solidfire -# -# Configures Cinder volume SolidFire driver. -# Parameters are particular to each volume driver. -# -# === Parameters -# -# [*volume_backend_name*] -# (optional) Allows for the volume_backend_name to be separate of $name. -# Defaults to: $name -# -# [*volume_driver*] -# (optional) Setup cinder-volume to use SolidFire volume driver. -# Defaults to 'cinder.volume.drivers.solidfire.SolidFireDriver' -# -# [*san_ip*] -# (required) IP address of SolidFire clusters MVIP. -# -# [*san_login*] -# (required) Username for SolidFire admin account. -# -# [*san_password*] -# (required) Password for SolidFire admin account. -# -# [*sf_emulate_512*] -# (optional) Use 512 byte emulation for volumes. -# Defaults to True -# -# [*sf_allow_tenant_qos*] -# (optional) Allow tenants to specify QoS via volume metadata. -# Defaults to False -# -# [*sf_account_prefix*] -# (optional) Prefix to use when creating tenant accounts on SolidFire Cluster. -# Defaults to None, so account name is simply the tenant-uuid -# -# [*sf_template_account_name*] -# (optional) Account name on the SolidFire Cluster to use as owner of -# template/cache volumes (created if does not exist) -# Defaults to openstack-vtemplate -# -# [*sf_allow_template_caching*] -# (optional) Create an internal cache of copy of images when a bootable -# volume is created to eliminate fetch from glance and qemu- -# conversion on subsequent calls. -# Defaults to false -# -# [*sf_api_port*] -# (optional) Port ID to use to connect to SolidFire API. -# Defaults to 443 -# -# [*sf_volume_prefix*] -# (optional) Create SolidFire volumes with this prefix. Volume names -# are of the form . -# Defaults to UUID- -# -# [*sf_svip*] -# (optional) Overrides default cluster SVIP with the one specified. -# This is required or deployments that have implemented the use of -# VLANs for iSCSI networks in their cloud. -# Defaults to none -# -# [*sf_enable_volume_mapping*] -# (optional) Create an internal mapping of volume IDs and account. -# Optimizes lookups and performance at the expense of memory, very -# large deployments may want to consider setting to False. -# Defaults to true -# -# [*sf_enable_vag*] -# (optional) Utilize volume access groups on a per-tenant basis. -# Defaults to false -# -# [*extra_options*] -# (optional) Hash of extra options to pass to the backend stanza -# Defaults to: {} -# Example : -# { 'solidfire_backend/param1' => { 'value' => value1 } } -# -define cinder::backend::solidfire( - $san_ip, - $san_login, - $san_password, - $volume_backend_name = $name, - $volume_driver = 'cinder.volume.drivers.solidfire.SolidFireDriver', - $sf_emulate_512 = true, - $sf_allow_tenant_qos = false, - $sf_account_prefix = '', - $sf_template_account_name = 'openstack-vtemplate', - $sf_allow_template_caching = false, - $sf_api_port = '443', - $sf_volume_prefix = 'UUID-', - $sf_svip = '', - $sf_enable_volume_mapping = true, - $sf_enable_vag = false, - $extra_options = {}, -) { - - cinder_config { - "${name}/volume_backend_name": value => $volume_backend_name; - "${name}/volume_driver": value => $volume_driver; - "${name}/san_ip": value => $san_ip; - "${name}/san_login": value => $san_login; - "${name}/san_password": value => $san_password, secret => true; - "${name}/sf_emulate_512": value => $sf_emulate_512; - "${name}/sf_allow_tenant_qos": value => $sf_allow_tenant_qos; - "${name}/sf_account_prefix": value => $sf_account_prefix; - "${name}/sf_template_account_name": value => $sf_template_account_name; - "${name}/sf_allow_template_caching": value => $sf_allow_template_caching; - "${name}/sf_api_port": value => $sf_api_port; - "${name}/sf_volume_prefix": value => $sf_volume_prefix; - "${name}/sf_svip": value => $sf_svip; - "${name}/sf_enable_volume_mapping": value => $sf_enable_volume_mapping; - "${name}/sf_enable_vag": value => $sf_enable_vag; - } - - create_resources('cinder_config', $extra_options) - -} diff --git a/cinder/manifests/backend/vmdk.pp b/cinder/manifests/backend/vmdk.pp deleted file mode 100644 index d0fef7b49..000000000 --- a/cinder/manifests/backend/vmdk.pp +++ /dev/null @@ -1,101 +0,0 @@ -# == define: cinder::backend::vmdk -# -# Configure the VMware VMDK driver for cinder. -# -# === Parameters -# -# [*host_ip*] -# The IP address of the VMware vCenter server. -# -# [*host_username*] -# The username for connection to VMware vCenter server. -# -# [*host_password*] -# The password for connection to VMware vCenter server. -# -# [*volume_backend_name*] -# Used to set the volume_backend_name in multiple backends. -# Defaults to $name as passed in the title. -# -# [*api_retry_count*] -# (optional) The number of times we retry on failures, -# e.g., socket error, etc. -# Defaults to $::os_service_default. -# -# [*max_object_retrieval*] -# (optional) The maximum number of ObjectContent data objects that should -# be returned in a single result. A positive value will cause -# the operation to suspend the retrieval when the count of -# objects reaches the specified maximum. The server may still -# limit the count to something less than the configured value. -# Any remaining objects may be retrieved with additional requests. -# Defaults to $::os_service_default -# -# [*task_poll_interval*] -# (optional) The interval in seconds used for polling of remote tasks. -# Defaults to 5. -# -# [*image_transfer_timeout_secs*] -# (optional) The timeout in seconds for VMDK volume transfer between Cinder and Glance. -# Defaults to $::os_service_default -# -# [*wsdl_location*] -# (optional) VIM Service WSDL Location e.g -# http:///vimService.wsdl. Optional over-ride to -# default location for bug work-arounds. -# Defaults to $::os_service_default. -# -# [*volume_folder*] -# (optional) The name for the folder in the VC datacenter that will contain cinder volumes. -# Defaults to 'cinder-volumes'. -# -# [*extra_options*] -# (optional) Hash of extra options to pass to the backend stanza -# Defaults to: {} -# Example : -# { 'vmdk_backend/param1' => { 'value' => value1 } } -# -define cinder::backend::vmdk ( - $host_ip, - $host_username, - $host_password, - $volume_backend_name = $name, - $volume_folder = 'cinder-volumes', - $api_retry_count = $::os_service_default, - $max_object_retrieval = $::os_service_default, - $task_poll_interval = 5, - $image_transfer_timeout_secs = $::os_service_default, - $wsdl_location = $::os_service_default, - $extra_options = {}, - ) { - - if $volume_folder == 'cinder-volumes' { - warning('The OpenStack default value of volume_folder differs from the puppet module default of "cinder-volumes" and will be changed to the upstream OpenStack default in N-release.') - } - - if $task_poll_interval == 5 { - warning('The OpenStack default value of task_poll_interval differs from the puppet module default of "5" and will be changed to the upstream OpenStack default in N-release.') - } - - cinder_config { - "${name}/volume_backend_name": value => $volume_backend_name; - "${name}/volume_driver": value => 'cinder.volume.drivers.vmware.vmdk.VMwareVcVmdkDriver'; - "${name}/vmware_host_ip": value => $host_ip; - "${name}/vmware_host_username": value => $host_username; - "${name}/vmware_host_password": value => $host_password, secret => true; - "${name}/vmware_volume_folder": value => $volume_folder; - "${name}/vmware_api_retry_count": value => $api_retry_count; - "${name}/vmware_max_object_retrieval": value => $max_object_retrieval; - "${name}/vmware_task_poll_interval": value => $task_poll_interval; - "${name}/vmware_image_transfer_timeout_secs": value => $image_transfer_timeout_secs; - "${name}/vmware_wsdl_location": value => $wsdl_location; - "${name}/host": value => "vmdk:${host_ip}-${volume_folder}"; - } - - package { 'python-suds': - ensure => present - } - - create_resources('cinder_config', $extra_options) - -} diff --git a/cinder/manifests/backends.pp b/cinder/manifests/backends.pp deleted file mode 100644 index 959d31350..000000000 --- a/cinder/manifests/backends.pp +++ /dev/null @@ -1,21 +0,0 @@ -# == Class: cinder::backends -# -# Class to set the enabled_backends list -# -# === Parameters -# -# [*enabled_backends*] -# (Required) a list of ini sections to enable. -# This should contain names used in ceph::backend::* resources. -# Example: ['volume1', 'volume2', 'sata3'] -# -# Author: Andrew Woodward -class cinder::backends ( - $enabled_backends = undef, -) { - - # Maybe this could be extented to dynamicly find the enabled names - cinder_config { - 'DEFAULT/enabled_backends': value => join($enabled_backends, ','); - } -} diff --git a/cinder/manifests/backup.pp b/cinder/manifests/backup.pp deleted file mode 100644 index beeb7c5b1..000000000 --- a/cinder/manifests/backup.pp +++ /dev/null @@ -1,98 +0,0 @@ -# == Class: cinder::backup -# -# Setup Cinder backup service -# -# === Parameters -# -# [*enabled*] -# (Optional) Should the service be enabled. -# Defaults to 'true'. -# -# [*package_ensure*] -# (Optional) Ensure state for package. -# Defaults to 'present'. -# -# [*backup_topic*] -# (optional) The topic volume backup nodes listen on. -# Defaults to $::os_service_default -# -# [*backup_manager*] -# (optional) Full class name for the Manager for volume backup. -# Defaults to $::os_service_default -# -# [*backup_api_class*] -# (optional) The full class name of the volume backup API class. -# Defaults to $::os_service_default -# -# [*backup_name_template*] -# (optional) Template string to be used to generate backup names. -# Defaults to $::os_service_default -# -# === Author(s) -# -# Emilien Macchi -# -# === Copyright -# -# Copyright (C) 2013 eNovance SAS -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. You may obtain -# a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the -# License for the specific language governing permissions and limitations -# under the License. -# -# -class cinder::backup ( - $enabled = true, - $package_ensure = 'present', - $backup_topic = $::os_service_default, - $backup_manager = $::os_service_default, - $backup_api_class = $::os_service_default, - $backup_name_template = $::os_service_default, -) { - - include ::cinder::params - - Cinder_config<||> ~> Service['cinder-backup'] - Exec<| title == 'cinder-manage db_sync' |> ~> Service['cinder-backup'] - - if $::cinder::params::backup_package { - Package['cinder-backup'] -> Service['cinder-backup'] - Package['cinder-backup'] ~> Exec<| title == 'cinder-manage db_sync' |> - package { 'cinder-backup': - ensure => $package_ensure, - name => $::cinder::params::backup_package, - tag => ['openstack', 'cinder-package'], - } - } - - if $enabled { - $ensure = 'running' - } else { - $ensure = 'stopped' - } - - service { 'cinder-backup': - ensure => $ensure, - name => $::cinder::params::backup_service, - enable => $enabled, - hasstatus => true, - require => Package['cinder'], - tag => 'cinder-service', - } - - cinder_config { - 'DEFAULT/backup_topic': value => $backup_topic; - 'DEFAULT/backup_manager': value => $backup_manager; - 'DEFAULT/backup_api_class': value => $backup_api_class; - 'DEFAULT/backup_name_template': value => $backup_name_template; - } - -} diff --git a/cinder/manifests/backup/ceph.pp b/cinder/manifests/backup/ceph.pp deleted file mode 100644 index dac0adc8b..000000000 --- a/cinder/manifests/backup/ceph.pp +++ /dev/null @@ -1,80 +0,0 @@ -# -# Copyright (C) 2013 eNovance SAS -# -# Author: Emilien Macchi -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. You may obtain -# a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the -# License for the specific language governing permissions and limitations -# under the License. -# -# == Class: cinder::backup::ceph -# -# Setup Cinder to backup volumes into Ceph -# -# === Parameters -# -# [*backup_driver*] -# (optional) Which cinder backup driver to use -# Defaults to 'cinder.backup.drivers.ceph' -# -# [*backup_ceph_conf*] -# (optional) Ceph config file to use. -# Should be a valid ceph configuration file -# Defaults to '/etc/ceph/ceph.conf' -# -# [*backup_ceph_user*] -# (optional) The Ceph user to connect with. -# Should be a valid user -# Defaults to 'cinder' -# -# [*backup_ceph_chunk_size*] -# (optional) The chunk size in bytes that a backup will be broken into -# before transfer to backup store. -# Should be a valid integer -# Defaults to '134217728' -# -# [*backup_ceph_pool*] -# (optional) The Ceph pool to backup to. -# Should be a valid ceph pool -# Defaults to 'backups' -# -# [*backup_ceph_stripe_unit*] -# (optional) RBD stripe unit to use when creating a backup image. -# Should be a valid integer -# Defaults to '0' -# -# [*backup_ceph_stripe_count*] -# (optional) RBD stripe count to use when creating a backup image. -# Should be a valid integer -# Defaults to '0' -# - -class cinder::backup::ceph ( - $backup_driver = 'cinder.backup.drivers.ceph', - $backup_ceph_conf = '/etc/ceph/ceph.conf', - $backup_ceph_user = 'cinder', - $backup_ceph_chunk_size = '134217728', - $backup_ceph_pool = 'backups', - $backup_ceph_stripe_unit = '0', - $backup_ceph_stripe_count = '0' -) { - - cinder_config { - 'DEFAULT/backup_driver': value => $backup_driver; - 'DEFAULT/backup_ceph_conf': value => $backup_ceph_conf; - 'DEFAULT/backup_ceph_user': value => $backup_ceph_user; - 'DEFAULT/backup_ceph_chunk_size': value => $backup_ceph_chunk_size; - 'DEFAULT/backup_ceph_pool': value => $backup_ceph_pool; - 'DEFAULT/backup_ceph_stripe_unit': value => $backup_ceph_stripe_unit; - 'DEFAULT/backup_ceph_stripe_count': value => $backup_ceph_stripe_count; - } - -} diff --git a/cinder/manifests/backup/nfs.pp b/cinder/manifests/backup/nfs.pp deleted file mode 100644 index 575aff546..000000000 --- a/cinder/manifests/backup/nfs.pp +++ /dev/null @@ -1,97 +0,0 @@ -# == Class: cinder::backup::nfs -# -# Setup Cinder to backup volumes into NFS -# -# === Parameters -# -# [*backup_share*] -# (required) The NFS share to attach to, to be specified in -# fqdn:path, ipv4addr:path, or "[ipv6addr]:path" format. -# -# [*backup_driver*] -# (optional) The backup driver for NFS back-end. -# Defaults to 'cinder.backup.drivers.nfs'. -# -# [*backup_file_size*] -# (optional) The maximum size in bytes of the files used to hold -# backups. If the volume being backed up exceeds this size, then -# it will be backed up into multiple files. This must be a multiple -# of the backup_sha_block_size_bytes parameter. -# Defaults to $::os_service_default -# -# [*backup_sha_block_size_bytes*] -# (optional) The size in bytes that changes are tracked for -# incremental backups. -# Defaults to $::os_service_default -# -# [*backup_enable_progress_timer*] -# (optional) Enable or Disable the timer to send the periodic -# progress notifications to Ceilometer when backing up the volume -# to the backend storage. -# Defaults to $::os_service_default -# -# [*backup_mount_point_base*] -# (optional) The base directory containing the mount point for the -# NFS share. -# Defaults to $::os_service_default -# -# [*backup_mount_options*] -# (optional) The mount options that are passed to the NFS client. -# Defaults to $::os_service_default -# -# [*backup_container*] -# (optional) Custom container to use for backups. -# Defaults to $::os_service_default -# -# [*backup_compression_algorithm*] -# (optional) Compression algorithm to use when writing backup data. -# Defaults to $::os_service_default -# -# === Author(s) -# -# Ryan Hefner -# -# === Copyright -# -# Copyright (C) 2015 Ryan Hefner -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. You may obtain -# a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the -# License for the specific language governing permissions and limitations -# under the License. -# -# -class cinder::backup::nfs ( - $backup_share, - $backup_driver = 'cinder.backup.drivers.nfs', - $backup_file_size = $::os_service_default, - $backup_sha_block_size_bytes = $::os_service_default, - $backup_enable_progress_timer = $::os_service_default, - $backup_mount_point_base = $::os_service_default, - $backup_mount_options = $::os_service_default, - $backup_container = $::os_service_default, - $backup_compression_algorithm = $::os_service_default, -) { - - validate_string($backup_share) - - cinder_config { - 'DEFAULT/backup_mount_options': value => $backup_mount_options; - 'DEFAULT/backup_share': value => $backup_share; - 'DEFAULT/backup_driver': value => $backup_driver; - 'DEFAULT/backup_file_size': value => $backup_file_size; - 'DEFAULT/backup_sha_block_size_bytes': value => $backup_sha_block_size_bytes; - 'DEFAULT/backup_enable_progress_timer': value => $backup_enable_progress_timer; - 'DEFAULT/backup_mount_point_base': value => $backup_mount_point_base; - 'DEFAULT/backup_container': value => $backup_container; - 'DEFAULT/backup_compression_algorithm': value => $backup_compression_algorithm; - } - -} diff --git a/cinder/manifests/backup/swift.pp b/cinder/manifests/backup/swift.pp deleted file mode 100644 index e1f84443b..000000000 --- a/cinder/manifests/backup/swift.pp +++ /dev/null @@ -1,88 +0,0 @@ -# == Class: cinder::backup::swift -# -# Setup Cinder to backup volumes into Swift -# -# === Parameters -# -# [*backup_driver*] -# (Optional) The backup driver for Swift back-end. -# Defaults to 'cinder.backup.drivers.swift'. -# -# [*backup_swift_url*] -# (optional) The URL of the Swift endpoint. -# Should be a valid Swift URL -# Defaults to 'http://localhost:8080/v1/AUTH_' -# -# [*backup_swift_auth_url*] -# (optional) The URL of the Keystone endpoint for authentication. -# Defaults to 'http://127.0.0.1:5000/v2.0/' -# -# [*backup_swift_container*] -# (optional) The default Swift container to use. -# Defaults to 'volumes_backup' -# -# [*backup_swift_object_size*] -# (optional) The size in bytes of Swift backup objects. -# Defaults to $::os_service_default -# -# [*backup_swift_retry_attempts*] -# (optional) The number of retries to make for Swift operations. -# Defaults to $::os_service_default -# -# [*backup_swift_retry_backoff*] -# (optional) The backoff time in seconds between Swift retries. -# Defaults to $::os_service_default -# -# [*backup_compression_algorithm*] -# (optional) The compression algorithm for the chunks sent to swift -# Defaults to $::os_service_default -# set to None to disable compression -# -# === Author(s) -# -# Emilien Macchi -# -# === Copyright -# -# Copyright (C) 2013 eNovance SAS -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. You may obtain -# a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the -# License for the specific language governing permissions and limitations -# under the License. -# -# -class cinder::backup::swift ( - $backup_driver = 'cinder.backup.drivers.swift', - $backup_swift_url = 'http://localhost:8080/v1/AUTH_', - $backup_swift_auth_url = 'http://127.0.0.1:5000/v2.0/', - $backup_swift_container = 'volumes_backup', - $backup_swift_object_size = $::os_service_default, - $backup_swift_retry_attempts = $::os_service_default, - $backup_swift_retry_backoff = $::os_service_default, - $backup_compression_algorithm = $::os_service_default, -) { - - if ($backup_swift_container == 'volumes_backup') { - warning('The OpenStack default value of backup_swift_container differs from the puppet module default of "volumes_backup" and will be changed to the upstream OpenStack default in N-release.') - } - - cinder_config { - 'DEFAULT/backup_driver': value => $backup_driver; - 'DEFAULT/backup_swift_url': value => $backup_swift_url; - 'DEFAULT/backup_swift_auth_url': value => $backup_swift_auth_url; - 'DEFAULT/backup_swift_container': value => $backup_swift_container; - 'DEFAULT/backup_swift_object_size': value => $backup_swift_object_size; - 'DEFAULT/backup_swift_retry_attempts': value => $backup_swift_retry_attempts; - 'DEFAULT/backup_swift_retry_backoff': value => $backup_swift_retry_backoff; - 'DEFAULT/backup_compression_algorithm': value => $backup_compression_algorithm; - } - -} diff --git a/cinder/manifests/ceilometer.pp b/cinder/manifests/ceilometer.pp deleted file mode 100644 index c13374b35..000000000 --- a/cinder/manifests/ceilometer.pp +++ /dev/null @@ -1,23 +0,0 @@ -# == Class: cinder::ceilometer -# -# Setup Cinder to enable ceilometer can retrieve volume samples -# Ref: http://docs.openstack.org/developer/ceilometer/install/manual.html -# -# === Parameters -# -# [*notification_driver*] -# (option) Driver or drivers to handle sending notifications. -# The default value of 'messagingv2' is for enabling notifications via -# oslo.messaging. 'cinder.openstack.common.notifier.rpc_notifier' is the -# backwards compatible option that will be deprecated. Prior to Grizzly, -# 'cinder.openstack.common.notifier.rabbit_notifier' was used. oslo.messaging -# was adopted in icehouse/juno. See LP#1425713. -# -class cinder::ceilometer ( - $notification_driver = 'messagingv2', -) { - - cinder_config { - 'DEFAULT/notification_driver': value => $notification_driver; - } -} diff --git a/cinder/manifests/client.pp b/cinder/manifests/client.pp deleted file mode 100644 index bdc633258..000000000 --- a/cinder/manifests/client.pp +++ /dev/null @@ -1,22 +0,0 @@ -# == Class: cinder::client -# -# Installs Cinder python client. -# -# === Parameters -# -# [*package_ensure*] -# (Optional) Ensure state for package. -# Defaults to 'present'. -# -class cinder::client( - $package_ensure = 'present' -) { - - include ::cinder::params - - package { 'python-cinderclient': - ensure => $package_ensure, - name => $::cinder::params::client_package, - tag => 'openstack', - } -} diff --git a/cinder/manifests/config.pp b/cinder/manifests/config.pp deleted file mode 100644 index c54473f95..000000000 --- a/cinder/manifests/config.pp +++ /dev/null @@ -1,40 +0,0 @@ -# == Class: cinder::config -# -# This class is used to manage arbitrary cinder configurations. -# -# === Parameters -# -# [*xxx_config*] -# (optional) Allow configuration of arbitrary cinder configurations. -# The value is a hash of xxx_config resources. Example: -# { 'DEFAULT/foo' => { value => 'fooValue'}, -# 'DEFAULT/bar' => { value => 'barValue'} -# } -# -# In yaml format, Example: -# xxx_config: -# DEFAULT/foo: -# value: fooValue -# DEFAULT/bar: -# value: barValue -# -# [*cinder_config*] -# (optional) Allow configuration of cinder.conf configurations. -# Defaults to empty hash'{}' -# -# [*api_paste_ini_config*] -# (optional) Allow configuration of /etc/cinder/api-paste.ini configurations. -# -# NOTE: The configuration MUST NOT be already handled by this module -# or Puppet catalog compilation will fail with duplicate resources. -# -class cinder::config ( - $cinder_config = {}, - $api_paste_ini_config = {}, -) { - validate_hash($cinder_config) - validate_hash($api_paste_ini_config) - - create_resources('cinder_config', $cinder_config) - create_resources('cinder_api_paste_ini', $api_paste_ini_config) -} diff --git a/cinder/manifests/cron/db_purge.pp b/cinder/manifests/cron/db_purge.pp deleted file mode 100644 index 559f7848e..000000000 --- a/cinder/manifests/cron/db_purge.pp +++ /dev/null @@ -1,76 +0,0 @@ -# -# Copyright (C) 2015 Red Hat Inc. -# -# Author: Martin Magr -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. You may obtain -# a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the -# License for the specific language governing permissions and limitations -# under the License. -# -# == Class: cinder::cron::db_purge -# -# Move deleted instances to another table that you don't have to backup -# unless you have data retention policies. -# -# === Parameters -# -# [*minute*] -# (optional) Defaults to '1'. -# -# [*hour*] -# (optional) Defaults to '0'. -# -# [*monthday*] -# (optional) Defaults to '*'. -# -# [*month*] -# (optional) Defaults to '*'. -# -# [*weekday*] -# (optional) Defaults to '*'. -# -# [*user*] -# (optional) User with access to cinder files. -# Defaults to 'cinder'. -# -# [*age*] -# (optional) Number of days prior to today for deletion, -# e.g. value 60 means to purge deleted rows that have the "deleted_at" -# column greater than 60 days ago. -# Defaults to 30 -# -# [*destination*] -# (optional) Path to file to which rows should be archived -# Defaults to '/var/log/cinder/cinder-rowsflush.log'. -# -class cinder::cron::db_purge ( - $minute = 1, - $hour = 0, - $monthday = '*', - $month = '*', - $weekday = '*', - $user = 'cinder', - $age = 30, - $destination = '/var/log/cinder/cinder-rowsflush.log' -) { - - cron { 'cinder-manage db purge': - command => "cinder-manage db purge ${age} >>${destination} 2>&1", - environment => 'PATH=/bin:/usr/bin:/usr/sbin SHELL=/bin/sh', - user => $user, - minute => $minute, - hour => $hour, - monthday => $monthday, - month => $month, - weekday => $weekday, - require => Package['cinder'], - } -} diff --git a/cinder/manifests/db.pp b/cinder/manifests/db.pp deleted file mode 100644 index 0c35d6b40..000000000 --- a/cinder/manifests/db.pp +++ /dev/null @@ -1,101 +0,0 @@ -# == Class: cinder::db -# -# Configure the Cinder database -# -# === Parameters -# -# [*database_connection*] -# Url used to connect to database. -# (Optional) Defaults to 'sqlite:////var/lib/cinder/cinder.sqlite' -# -# [*database_idle_timeout*] -# Timeout when db connections should be reaped. -# (Optional) Defaults to $::os_service_default -# -# [*database_min_pool_size*] -# Minimum number of SQL connections to keep open in a pool. -# (Optional) Defaults to $::os_service_default -# -# [*database_max_pool_size*] -# Maximum number of SQL connections to keep open in a pool. -# (Optional) Defaults to $::os_service_default -# -# [*database_max_retries*] -# Maximum db connection retries during startup. -# Setting -1 implies an infinite retry count. -# (Optional) Defaults to $::os_service_default -# -# [*database_retry_interval*] -# Interval between retries of opening a sql connection. -# (Optional) Defaults to $::os_service_default -# -# [*database_max_overflow*] -# If set, use this value for max_overflow with sqlalchemy. -# (Optional) Defaults to $::os_service_default -# -class cinder::db ( - $database_connection = 'sqlite:////var/lib/cinder/cinder.sqlite', - $database_idle_timeout = $::os_service_default, - $database_min_pool_size = $::os_service_default, - $database_max_pool_size = $::os_service_default, - $database_max_retries = $::os_service_default, - $database_retry_interval = $::os_service_default, - $database_max_overflow = $::os_service_default, -) { - - include ::cinder::params - - # NOTE(spredzy): In order to keep backward compatibility we rely on the pick function - # to use cinder:: if cinder::db:: isn't specified. - $database_connection_real = pick($::cinder::database_connection,$database_connection) - $database_idle_timeout_real = pick($::cinder::database_idle_timeout,$database_idle_timeout) - $database_min_pool_size_real = pick($::cinder::database_min_pool_size,$database_min_pool_size) - $database_max_pool_size_real = pick($::cinder::database_max_pool_size,$database_max_pool_size) - $database_max_retries_real = pick($::cinder::database_max_retries,$database_max_retries) - $database_retry_interval_real = pick($::cinder::database_retry_interval,$database_retry_interval) - $database_max_overflow_real = pick($::cinder::database_max_overflow,$database_max_overflow) - - validate_re($database_connection_real, - '^(sqlite|mysql(\+pymysql)?|postgresql):\/\/(\S+:\S+@\S+\/\S+)?') - - case $database_connection_real { - /^mysql(\+pymysql)?:\/\//: { - require 'mysql::bindings' - require 'mysql::bindings::python' - if $database_connection_real =~ /^mysql\+pymysql/ { - $backend_package = $::cinder::params::pymysql_package_name - } else { - $backend_package = false - } - } - /^postgresql:\/\//: { - $backend_package = false - require 'postgresql::lib::python' - } - /^sqlite:\/\//: { - $backend_package = $::cinder::params::sqlite_package_name - } - default: { - fail('Unsupported backend configured') - } - } - - if $backend_package and !defined(Package[$backend_package]) { - package {'cinder-backend-package': - ensure => present, - name => $backend_package, - tag => 'openstack', - } - } - - cinder_config { - 'database/connection': value => $database_connection_real, secret => true; - 'database/idle_timeout': value => $database_idle_timeout_real; - 'database/min_pool_size': value => $database_min_pool_size_real; - 'database/max_retries': value => $database_max_retries_real; - 'database/retry_interval': value => $database_retry_interval_real; - 'database/max_pool_size': value => $database_max_pool_size_real; - 'database/max_overflow': value => $database_max_overflow_real; - } - -} diff --git a/cinder/manifests/db/mysql.pp b/cinder/manifests/db/mysql.pp deleted file mode 100644 index 49265d348..000000000 --- a/cinder/manifests/db/mysql.pp +++ /dev/null @@ -1,64 +0,0 @@ -# == Class: cinder::db::mysql -# -# The cinder::db::mysql class creates a MySQL database for cinder. -# It must be used on the MySQL server -# -# === Parameters -# -# [*password*] -# password to connect to the database. Mandatory. -# -# [*dbname*] -# name of the database. Optional. Defaults to cinder. -# -# [*user*] -# user to connect to the database. Optional. Defaults to cinder. -# -# [*host*] -# the default source host user is allowed to connect from. -# Optional. Defaults to 'localhost' -# -# [*allowed_hosts*] -# other hosts the user is allowd to connect from. -# Optional. Defaults to undef. -# -# [*charset*] -# the database charset. Optional. Defaults to 'utf8' -# -# [*collate*] -# the database collation. Optional. Defaults to 'utf8_general_ci' -# -# === Deprecated Parameters -# -# [*cluster_id*] -# Unused. No effect. -# -class cinder::db::mysql ( - $password, - $dbname = 'cinder', - $user = 'cinder', - $host = '127.0.0.1', - $allowed_hosts = undef, - $charset = 'utf8', - $collate = 'utf8_general_ci', - $cluster_id = 'localzone', -) { - - validate_string($password) - - if $cluster_id != 'localzone' { - warning('The cluster_id parameter is deprecated and has no affect. It will be completely removed from puppet-cinder in the N-release') - } - - ::openstacklib::db::mysql { 'cinder': - user => $user, - password_hash => mysql_password($password), - dbname => $dbname, - host => $host, - charset => $charset, - collate => $collate, - allowed_hosts => $allowed_hosts, - } - - ::Openstacklib::Db::Mysql['cinder'] ~> Exec<| title == 'cinder-manage db_sync' |> -} diff --git a/cinder/manifests/db/postgresql.pp b/cinder/manifests/db/postgresql.pp deleted file mode 100644 index 58c613ab6..000000000 --- a/cinder/manifests/db/postgresql.pp +++ /dev/null @@ -1,45 +0,0 @@ -# == Class: cinder::db::postgresql -# -# Class that configures postgresql for cinder -# Requires the Puppetlabs postgresql module. -# -# === Parameters -# -# [*password*] -# (Required) Password to connect to the database. -# -# [*dbname*] -# (Optional) Name of the database. -# Defaults to 'cinder'. -# -# [*user*] -# (Optional) User to connect to the database. -# Defaults to 'cinder'. -# -# [*encoding*] -# (Optional) The charset to use for the database. -# Default to undef. -# -# [*privileges*] -# (Optional) Privileges given to the database user. -# Default to 'ALL' -# -class cinder::db::postgresql( - $password, - $dbname = 'cinder', - $user = 'cinder', - $encoding = undef, - $privileges = 'ALL', -) { - - ::openstacklib::db::postgresql { 'cinder': - password_hash => postgresql_password($user, $password), - dbname => $dbname, - user => $user, - encoding => $encoding, - privileges => $privileges, - } - - ::Openstacklib::Db::Postgresql['cinder'] ~> Exec<| title == 'cinder-manage db_sync' |> - -} diff --git a/cinder/manifests/db/sync.pp b/cinder/manifests/db/sync.pp deleted file mode 100644 index 40552e23b..000000000 --- a/cinder/manifests/db/sync.pp +++ /dev/null @@ -1,32 +0,0 @@ -# -# Class to execute cinder dbsync -# -# == Parameters -# -# [*extra_params*] -# (optional) String of extra command line parameters to append -# to the cinder-manage db sync command. These will be inserted -# in the command line between 'cinder-manage' and 'db sync'. -# Defaults to undef -# -class cinder::db::sync( - $extra_params = undef, -) { - - include ::cinder::params - - Package <| tag == 'cinder-package' |> ~> Exec['cinder-manage db_sync'] - Exec['cinder-manage db_sync'] ~> Service <| tag == 'cinder-service' |> - - Cinder_config <||> ~> Exec['cinder-manage db_sync'] - Cinder_config <| title == 'database/connection' |> ~> Exec['cinder-manage db_sync'] - - exec { 'cinder-manage db_sync': - command => "cinder-manage ${extra_params} db sync", - path => '/usr/bin', - user => 'cinder', - refreshonly => true, - logoutput => 'on_failure', - } - -} diff --git a/cinder/manifests/glance.pp b/cinder/manifests/glance.pp deleted file mode 100644 index b4ebf0242..000000000 --- a/cinder/manifests/glance.pp +++ /dev/null @@ -1,75 +0,0 @@ -# == Class: cinder::glance -# -# Glance drive Cinder as a block storage backend to store image data. -# -# === Parameters -# -# [*glance_api_servers*] -# (optional) A list of the glance api servers available to cinder. -# Should be an array with [hostname|ip]:port -# Defaults to undef -# -# [*glance_api_version*] -# (optional) Glance API version. -# Should be 1 or 2 -# Defaults to 2 (current version) -# -# [*glance_num_retries*] -# (optional) Number retries when downloading an image from glance. -# Defaults to $::os_service_default -# -# [*glance_api_insecure*] -# (optional) Allow to perform insecure SSL (https) requests to glance. -# Defaults to $::os_service_default -# -# [*glance_api_ssl_compression*] -# (optional) Whether to attempt to negotiate SSL layer compression when -# using SSL (https) requests. Set to False to disable SSL -# layer compression. In some cases disabling this may improve -# data throughput, eg when high network bandwidth is available -# and you are using already compressed image formats such as qcow2. -# Defaults to $::os_service_default -# -# [*glance_request_timeout*] -# (optional) http/https timeout value for glance operations. -# Defaults to $::os_service_default -# -# === Author(s) -# -# Emilien Macchi -# -# === Copyright -# -# Copyright (C) 2013 eNovance SAS -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. You may obtain -# a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the -# License for the specific language governing permissions and limitations -# under the License. -# -class cinder::glance ( - $glance_api_servers = undef, - $glance_api_version = '2', - $glance_num_retries = $::os_service_default, - $glance_api_insecure = $::os_service_default, - $glance_api_ssl_compression = $::os_service_default, - $glance_request_timeout = $::os_service_default, -) { - - cinder_config { - 'DEFAULT/glance_api_servers': value => join(any2array($glance_api_servers), ','); - 'DEFAULT/glance_api_version': value => $glance_api_version; - 'DEFAULT/glance_num_retries': value => $glance_num_retries; - 'DEFAULT/glance_api_insecure': value => $glance_api_insecure; - 'DEFAULT/glance_api_ssl_compression': value => $glance_api_ssl_compression; - 'DEFAULT/glance_request_timeout': value => $glance_request_timeout; - } - -} diff --git a/cinder/manifests/init.pp b/cinder/manifests/init.pp deleted file mode 100644 index 0f671ada6..000000000 --- a/cinder/manifests/init.pp +++ /dev/null @@ -1,449 +0,0 @@ -# == Class: cinder -# -# Cinder base package & configuration -# -# === Parameters -# -# [*package_ensure*] -# (Optional) Ensure state for package. -# Defaults to 'present' -# -# [*verbose*] -# (Optional) Should the daemons log verbose messages -# Defaults to undef. -# -# [*debug*] -# (Optional) Should the daemons log debug messages -# Defaults to undef. -# -# [*rpc_backend*] -# (Optional) Use these options to configure the RabbitMQ message system. -# Defaults to 'rabbit' -# -# [*control_exchange*] -# (Optional) -# Defaults to 'openstack'. -# -# [*rabbit_host*] -# (Optional) IP or hostname of the rabbit server. -# Defaults to '127.0.0.1' -# -# [*rabbit_port*] -# (Optional) Port of the rabbit server. -# Defaults to 5672. -# -# [*rabbit_hosts*] -# (Optional) Array of host:port (used with HA queues). -# If defined, will remove rabbit_host & rabbit_port parameters from config -# Defaults to undef. -# -# [*rabbit_userid*] -# (Optional) User to connect to the rabbit server. -# Defaults to 'guest' -# -# [*rabbit_password*] -# (Required) Password to connect to the rabbit_server. -# Defaults to empty. Required if using the Rabbit (kombu) -# backend. -# -# [*rabbit_virtual_host*] -# (Optional) Virtual_host to use. -# Defaults to '/' -# -# [*rabbit_ha_queues*] -# (optional) Use HA queues in RabbitMQ (x-ha-policy: all). -# Defaults to undef -# -# [*rabbit_heartbeat_timeout_threshold*] -# (optional) Number of seconds after which the RabbitMQ broker is considered -# down if the heartbeat keepalive fails. Any value >0 enables heartbeats. -# Heartbeating helps to ensure the TCP connection to RabbitMQ isn't silently -# closed, resulting in missed or lost messages from the queue. -# (Requires kombu >= 3.0.7 and amqp >= 1.4.0) -# Defaults to 0 -# -# [*rabbit_heartbeat_rate*] -# (optional) How often during the rabbit_heartbeat_timeout_threshold period to -# check the heartbeat on RabbitMQ connection. (i.e. rabbit_heartbeat_rate=2 -# when rabbit_heartbeat_timeout_threshold=60, the heartbeat will be checked -# every 30 seconds. -# Defaults to 2 -# -# [*rabbit_use_ssl*] -# (optional) Connect over SSL for RabbitMQ -# Defaults to false -# -# [*report_interval*] -# (optional) Interval, in seconds, between nodes reporting state to -# datastore (integer value). -# Defaults to $::os_service_default -# -# [*service_down_time*] -# (optional) Maximum time since last check-in for a service to be -# considered up (integer value). -# Defaults to $::os_service_default -# -# [*kombu_ssl_ca_certs*] -# (optional) SSL certification authority file (valid only if SSL enabled). -# Defaults to $::os_service_default -# -# [*kombu_ssl_certfile*] -# (optional) SSL cert file (valid only if SSL enabled). -# Defaults to $::os_service_default -# -# [*kombu_ssl_keyfile*] -# (optional) SSL key file (valid only if SSL enabled). -# Defaults to $::os_service_default -# -# [*kombu_ssl_version*] -# (optional) SSL version to use (valid only if SSL enabled). -# Valid values are TLSv1, SSLv23 and SSLv3. SSLv2 may be -# available on some distributions. -# Defaults to $::os_service_default -# -# [*kombu_reconnect_delay*] -# (optional) How long to wait before reconnecting in response to an AMQP -# consumer cancel notification. -# Defaults to $::os_service_default -# -# [*amqp_durable_queues*] -# Use durable queues in amqp. -# (Optional) Defaults to false. -# -# [*use_syslog*] -# (Optional) Use syslog for logging. -# Defaults to undef. -# -# [*database_connection*] -# Url used to connect to database. -# (Optional) Defaults to undef. -# -# [*database_idle_timeout*] -# Timeout when db connections should be reaped. -# (Optional) Defaults to undef. -# -# [*database_min_pool_size*] -# Minimum number of SQL connections to keep open in a pool. -# (Optional) Defaults to undef. -# -# [*database_max_pool_size*] -# Maximum number of SQL connections to keep open in a pool. -# (Optional) Defaults to undef. -# -# [*database_max_retries*] -# Maximum db connection retries during startup. -# Setting -1 implies an infinite retry count. -# (Optional) Defaults to undef. -# -# [*database_retry_interval*] -# Interval between retries of opening a sql connection. -# (Optional) Defaults to underf. -# -# [*database_max_overflow*] -# If set, use this value for max_overflow with sqlalchemy. -# (Optional) Defaults to undef. -# -# [*use_stderr*] -# (optional) Use stderr for logging -# Defaults to undef. -# -# [*log_facility*] -# (Optional) Syslog facility to receive log lines. -# Defaults to undef. -# -# [*log_dir*] -# (optional) Directory where logs should be stored. -# If set to boolean false or the $::os_service_default, it will not log to -# any directory. -# Defaults to '/var/log/cinder'. -# -# [*use_ssl*] -# (optional) Enable SSL on the API server -# Defaults to false, not set -# -# [*cert_file*] -# (optinal) Certificate file to use when starting API server securely -# Defaults to false, not set -# -# [*key_file*] -# (optional) Private key file to use when starting API server securely -# Defaults to false, not set -# -# [*ca_file*] -# (optional) CA certificate file to use to verify connecting clients -# Defaults to $::os_service_default -# -# [*storage_availability_zone*] -# (optional) Availability zone of the node. -# Defaults to 'nova' -# -# [*default_availability_zone*] -# (optional) Default availability zone for new volumes. -# If not set, the storage_availability_zone option value is used as -# the default for new volumes. -# Defaults to false -# -# [*api_paste_config*] -# (Optional) -# Defaults to '/etc/cinder/api-paste.ini', -# -# [*enable_v1_api*] -# (Optional) Whether to enable the v1 API (true/false). -# This will be deprecated in Kilo. -# Defaults to 'true'. -# -# [*enable_v2_api*] -# (Optional) Whether to enable the v2 API (true/false). -# Defaults to 'true'. -# -# [*enable_v3_api*] -# (Optional) Whether to enable the v3 API (true/false). -# Defaults to 'true'. -# -# [*lock_path*] -# (optional) Where to store lock files. This directory must be writeable -# by the user executing the agent -# Defaults to: $::cinder::params::lock_path -# -# [*image_conversion_dir*] -# (optional) Location to store temporary image files if the volume -# driver does not write them directly to the volume and the volume conversion -# needs to be performed. This parameter replaces the -# 'cinder::backend::rdb::volume_tmp_dir' parameter. -# Defaults to $::os_service_default -# -# [*host*] -# (optional) Name of this node. This can be an opaque identifier. It is -# not necessarily a host name, FQDN, or IP address. -# Defaults to $::os_service_default -# -# === Deprecated Parameters -# -# [*qpid_hostname*] -# (Optional) Location of qpid server -# Defaults to undef. -# -# [*qpid_port*] -# (Optional) Port for qpid server. -# Defaults to undef. -# -# [*qpid_hosts*] -# (Optional) Qpid HA cluster host:port pairs. (list value) -# Defaults to undef. -# -# [*qpid_username*] -# (Optional) Username to use when connecting to qpid. -# Defaults to undef. -# -# [*qpid_password*] -# (Optional) Password to use when connecting to qpid. -# Defaults to undef. -# -# [*qpid_sasl_mechanisms*] -# (Optional) ENable one or more SASL mechanisms. -# Defaults to undef. -# -# [*qpid_heartbeat*] -# (Optional) Seconds between connection keepalive heartbeats. -# Defaults to undef. -# -# [*qpid_protocol*] -# (Optional) Transport to use, either 'tcp' or 'ssl'. -# Defaults to undef. -# -# [*qpid_tcp_nodelay*] -# (Optional) Disable Nagle Algorithm. -# Defaults to undef. -# -# [*qpid_reconnect*] -# -# [*qpid_reconnect_timeout*] -# -# [*qpid_reconnect_limit*] -# -# [*qpid_reconnect_interval*] -# -# [*qpid_reconnect_interval_min*] -# -# [*qpid_reconnect_interval_max*] -# -class cinder ( - $database_connection = undef, - $database_idle_timeout = undef, - $database_min_pool_size = undef, - $database_max_pool_size = undef, - $database_max_retries = undef, - $database_retry_interval = undef, - $database_max_overflow = undef, - $rpc_backend = 'rabbit', - $control_exchange = 'openstack', - $rabbit_host = '127.0.0.1', - $rabbit_port = 5672, - $rabbit_hosts = undef, - $rabbit_virtual_host = '/', - $rabbit_ha_queues = undef, - $rabbit_heartbeat_timeout_threshold = 0, - $rabbit_heartbeat_rate = 2, - $rabbit_userid = 'guest', - $rabbit_password = false, - $rabbit_use_ssl = false, - $service_down_time = $::os_service_default, - $report_interval = $::os_service_default, - $kombu_ssl_ca_certs = $::os_service_default, - $kombu_ssl_certfile = $::os_service_default, - $kombu_ssl_keyfile = $::os_service_default, - $kombu_ssl_version = $::os_service_default, - $kombu_reconnect_delay = $::os_service_default, - $amqp_durable_queues = false, - $package_ensure = 'present', - $use_ssl = false, - $ca_file = $::os_service_default, - $cert_file = false, - $key_file = false, - $api_paste_config = '/etc/cinder/api-paste.ini', - $use_syslog = undef, - $use_stderr = undef, - $log_facility = undef, - $log_dir = '/var/log/cinder', - $verbose = undef, - $debug = undef, - $storage_availability_zone = 'nova', - $default_availability_zone = false, - $enable_v1_api = true, - $enable_v2_api = true, - $enable_v3_api = true, - $lock_path = $::cinder::params::lock_path, - $image_conversion_dir = $::os_service_default, - $host = $::os_service_default, - # DEPRECATED PARAMETERS - $qpid_hostname = undef, - $qpid_port = undef, - $qpid_hosts = undef, - $qpid_username = undef, - $qpid_password = undef, - $qpid_sasl_mechanisms = undef, - $qpid_reconnect = undef, - $qpid_reconnect_timeout = undef, - $qpid_reconnect_limit = undef, - $qpid_reconnect_interval_min = undef, - $qpid_reconnect_interval_max = undef, - $qpid_reconnect_interval = undef, - $qpid_heartbeat = undef, - $qpid_protocol = undef, - $qpid_tcp_nodelay = undef, - -) inherits cinder::params { - - include ::cinder::db - include ::cinder::logging - - if $use_ssl { - if !$cert_file { - fail('The cert_file parameter is required when use_ssl is set to true') - } - if !$key_file { - fail('The key_file parameter is required when use_ssl is set to true') - } - } - - # this anchor is used to simplify the graph between cinder components by - # allowing a resource to serve as a point where the configuration of cinder begins - anchor { 'cinder-start': } - - package { 'cinder': - ensure => $package_ensure, - name => $::cinder::params::package_name, - tag => ['openstack', 'cinder-package'], - require => Anchor['cinder-start'], - } - - if $rpc_backend == 'cinder.openstack.common.rpc.impl_kombu' or $rpc_backend == 'rabbit' { - - if ! $rabbit_password { - fail('Please specify a rabbit_password parameter.') - } - - cinder_config { - 'oslo_messaging_rabbit/rabbit_password': value => $rabbit_password, secret => true; - 'oslo_messaging_rabbit/rabbit_userid': value => $rabbit_userid; - 'oslo_messaging_rabbit/rabbit_virtual_host': value => $rabbit_virtual_host; - 'oslo_messaging_rabbit/rabbit_use_ssl': value => $rabbit_use_ssl; - 'oslo_messaging_rabbit/kombu_ssl_version': value => $kombu_ssl_version; - 'oslo_messaging_rabbit/kombu_ssl_ca_certs': value => $kombu_ssl_ca_certs; - 'oslo_messaging_rabbit/kombu_ssl_certfile': value => $kombu_ssl_certfile; - 'oslo_messaging_rabbit/kombu_ssl_keyfile': value => $kombu_ssl_keyfile; - 'oslo_messaging_rabbit/kombu_reconnect_delay': value => $kombu_reconnect_delay; - 'oslo_messaging_rabbit/heartbeat_timeout_threshold': value => $rabbit_heartbeat_timeout_threshold; - 'oslo_messaging_rabbit/heartbeat_rate': value => $rabbit_heartbeat_rate; - 'DEFAULT/control_exchange': value => $control_exchange; - 'DEFAULT/report_interval': value => $report_interval; - 'DEFAULT/service_down_time': value => $service_down_time; - 'oslo_messaging_rabbit/amqp_durable_queues': value => $amqp_durable_queues; - } - - if $rabbit_hosts { - cinder_config { 'oslo_messaging_rabbit/rabbit_hosts': value => join(any2array($rabbit_hosts), ',') } - cinder_config { 'oslo_messaging_rabbit/rabbit_host': ensure => absent } - cinder_config { 'oslo_messaging_rabbit/rabbit_port': ensure => absent } - } else { - cinder_config { 'oslo_messaging_rabbit/rabbit_host': value => $rabbit_host } - cinder_config { 'oslo_messaging_rabbit/rabbit_port': value => $rabbit_port } - cinder_config { 'oslo_messaging_rabbit/rabbit_hosts': value => "${rabbit_host}:${rabbit_port}" } - } - - # By default rabbit_ha_queues is undef - if $rabbit_ha_queues == undef { - if size($rabbit_hosts) > 1 { - cinder_config { 'oslo_messaging_rabbit/rabbit_ha_queues': value => true } - } else { - cinder_config { 'oslo_messaging_rabbit/rabbit_ha_queues': value => false } - } - } else { - cinder_config { 'oslo_messaging_rabbit/rabbit_ha_queues': value => $rabbit_ha_queues } - } - - } - - if $rpc_backend == 'cinder.openstack.common.rpc.impl_qpid' or $rpc_backend == 'qpid' { - warning('Qpid driver is removed from Oslo.messaging in the Mitaka release and puppet-cinder no longer attempts to configure it. All qpid related parameters will be removed from puppet-cinder in the N-release.') - } - - if ! $default_availability_zone { - $default_availability_zone_real = $storage_availability_zone - } else { - $default_availability_zone_real = $default_availability_zone - } - - cinder_config { - 'DEFAULT/api_paste_config': value => $api_paste_config; - 'DEFAULT/rpc_backend': value => $rpc_backend; - 'DEFAULT/storage_availability_zone': value => $storage_availability_zone; - 'DEFAULT/default_availability_zone': value => $default_availability_zone_real; - 'DEFAULT/image_conversion_dir': value => $image_conversion_dir; - 'DEFAULT/host': value => $host; - } - - # SSL Options - if $use_ssl { - cinder_config { - 'DEFAULT/ssl_cert_file' : value => $cert_file; - 'DEFAULT/ssl_key_file' : value => $key_file; - 'DEFAULT/ssl_ca_file' : value => $ca_file; - } - } else { - cinder_config { - 'DEFAULT/ssl_cert_file' : ensure => absent; - 'DEFAULT/ssl_key_file' : ensure => absent; - 'DEFAULT/ssl_ca_file' : ensure => absent; - } - } - - # V1/V2/V3 APIs - cinder_config { - 'DEFAULT/enable_v1_api': value => $enable_v1_api; - 'DEFAULT/enable_v2_api': value => $enable_v2_api; - 'DEFAULT/enable_v3_api': value => $enable_v3_api; - 'oslo_concurrency/lock_path': value => $lock_path; - } - -} diff --git a/cinder/manifests/keystone/auth.pp b/cinder/manifests/keystone/auth.pp deleted file mode 100644 index 9cc65efb0..000000000 --- a/cinder/manifests/keystone/auth.pp +++ /dev/null @@ -1,264 +0,0 @@ -# == Class: cinder::keystone::auth -# -# Configures Cinder user, service and endpoint in Keystone. -# -# === Parameters -# -# [*password*] -# Password for Cinder user. Required. -# -# [*email*] -# Email for Cinder user. Optional. Defaults to 'cinder@localhost'. -# -# [*password_user_v2*] -# Password for Cinder v2 user. Optional. Defaults to undef. -# -# [*email_user_v2*] -# Email for Cinder v2 user. Optional. Defaults to 'cinderv2@localhost'. -# -# [*password_user_v3*] -# Password for Cinder v3 user. Optional. Defaults to undef. -# -# [*email_user_v3*] -# Email for Cinder v3 user. Optional. Defaults to 'cinderv3@localhost'. -# -# [*auth_name*] -# Username for Cinder service. Optional. Defaults to 'cinder'. -# -# [*auth_name_v2*] -# Username for Cinder v2 service. Optional. Defaults to 'cinderv2'. -# -# [*auth_name_v3*] -# Username for Cinder v3 service. Optional. Defaults to 'cinderv3'. -# -# [*configure_endpoint*] -# Should Cinder endpoint be configured? Optional. Defaults to 'true'. -# API v1 endpoint should be enabled in Icehouse for compatibility with Nova. -# -# [*configure_endpoint_v2*] -# Should Cinder v2 endpoint be configured? Optional. Defaults to 'true'. -# -# [*configure_endpoint_v3*] -# Should Cinder v3 endpoint be configured? Optional. Defaults to 'true'. -# -# [*configure_user*] -# Should the service user be configured? Optional. Defaults to 'true'. -# -# [*configure_user_v2*] -# Should the service user be configured for cinder v2? Optional. Defaults to 'false'. -# -# [*configure_user_v3*] -# Should the service user be configured for cinder v3? Optional. Defaults to 'false'. -# -# [*configure_user_role*] -# Should the admin role be configured for the service user? -# Optional. Defaults to 'true'. -# -# [*configure_user_role_v2*] -# Should the admin role be configured for the service user for cinder v2? -# Optional. Defaults to 'false'. -# -# [*configure_user_role_v3*] -# Should the admin role be configured for the service user for cinder v3? -# Optional. Defaults to 'false'. -# -# [*service_name*] -# (optional) Name of the service. -# Defaults to the value of auth_name, but must differ from the value -# of service_name_v2. -# -# [*service_name_v2*] -# (optional) Name of the v2 service. -# Defaults to the value of auth_name_v2, but must differ from the value -# of service_name. -# -# [*service_name_v3*] -# (optional) Name of the v3 service. -# Defaults to the value of auth_name_v3, but must differ from the value -# of service_name. -# -# [*service_type*] -# Type of service. Optional. Defaults to 'volume'. -# -# [*service_type_v2*] -# Type of API v2 service. Optional. Defaults to 'volumev2'. -# -# [*service_type_v3*] -# Type of API v3 service. Optional. Defaults to 'volumev3'. -# -# [*service_description*] -# (optional) Description for keystone service. -# Defaults to 'Cinder Service'. -# -# [*service_description_v2*] -# (optional) Description for keystone v2 service. -# Defaults to 'Cinder Service v2'. -# -# [*service_description_v3*] -# (optional) Description for keystone v3 service. -# Defaults to 'Cinder Service v3'. -# -# [*region*] -# Region for endpoint. Optional. Defaults to 'RegionOne'. -# -# [*tenant*] -# Tenant for Cinder user. Optional. Defaults to 'services'. -# -# [*tenant_user_v2*] -# Tenant for Cinder v2 user. Optional. Defaults to 'services'. -# -# [*tenant_user_v3*] -# Tenant for Cinder v3 user. Optional. Defaults to 'services'. -# -# [*public_url*] -# (optional) The endpoint's public url. (Defaults to 'http://127.0.0.1:8776/v1/%(tenant_id)s') -# This url should *not* contain any trailing '/'. -# -# [*internal_url*] -# (optional) The endpoint's internal url. (Defaults to 'http://127.0.0.1:8776/v1/%(tenant_id)s') -# This url should *not* contain any trailing '/'. -# -# [*admin_url*] -# (optional) The endpoint's admin url. (Defaults to 'http://127.0.0.1:8776/v1/%(tenant_id)s') -# This url should *not* contain any trailing '/'. -# -# [*public_url_v2*] -# (optional) The v2 endpoint's public url. (Defaults to 'http://127.0.0.1:8776/v2/%(tenant_id)s') -# This url should *not* contain any trailing '/'. -# -# [*internal_url_v2*] -# (optional) The v2 endpoint's internal url. (Defaults to 'http://127.0.0.1:8776/v2/%(tenant_id)s') -# This url should *not* contain any trailing '/'. -# -# [*admin_url_v2*] -# (optional) The v2 endpoint's admin url. (Defaults to 'http://127.0.0.1:8776/v2/%(tenant_id)s') -# This url should *not* contain any trailing '/'. -# -# [*public_url_v3*] -# (optional) The v3 endpoint's public url. (Defaults to 'http://127.0.0.1:8776/v3/%(tenant_id)s') -# This url should *not* contain any trailing '/'. -# -# [*internal_url_v3*] -# (optional) The v3 endpoint's internal url. (Defaults to 'http://127.0.0.1:8776/v3/%(tenant_id)s') -# This url should *not* contain any trailing '/'. -# -# [*admin_url_v3*] -# (optional) The v3 endpoint's admin url. (Defaults to 'http://127.0.0.1:8776/v3/%(tenant_id)s') -# This url should *not* contain any trailing '/'. -# -# === Examples -# -# class { 'cinder::keystone::auth': -# public_url => 'https://10.0.0.10:8776/v1/%(tenant_id)s', -# internal_url => 'https://10.0.0.20:8776/v1/%(tenant_id)s', -# admin_url => 'https://10.0.0.30:8776/v1/%(tenant_id)s', -# } -# -class cinder::keystone::auth ( - $password, - $password_user_v2 = undef, - $password_user_v3 = undef, - $auth_name = 'cinder', - $auth_name_v2 = 'cinderv2', - $auth_name_v3 = 'cinderv3', - $tenant = 'services', - $tenant_user_v2 = 'services', - $tenant_user_v3 = 'services', - $email = 'cinder@localhost', - $email_user_v2 = 'cinderv2@localhost', - $email_user_v3 = 'cinderv3@localhost', - $public_url = 'http://127.0.0.1:8776/v1/%(tenant_id)s', - $internal_url = 'http://127.0.0.1:8776/v1/%(tenant_id)s', - $admin_url = 'http://127.0.0.1:8776/v1/%(tenant_id)s', - $public_url_v2 = 'http://127.0.0.1:8776/v2/%(tenant_id)s', - $internal_url_v2 = 'http://127.0.0.1:8776/v2/%(tenant_id)s', - $admin_url_v2 = 'http://127.0.0.1:8776/v2/%(tenant_id)s', - $public_url_v3 = 'http://127.0.0.1:8776/v3/%(tenant_id)s', - $internal_url_v3 = 'http://127.0.0.1:8776/v3/%(tenant_id)s', - $admin_url_v3 = 'http://127.0.0.1:8776/v3/%(tenant_id)s', - $configure_endpoint = true, - $configure_endpoint_v2 = true, - $configure_endpoint_v3 = true, - $configure_user = true, - $configure_user_v2 = false, - $configure_user_v3 = false, - $configure_user_role = true, - $configure_user_role_v2 = false, - $configure_user_role_v3 = false, - $service_name = undef, - $service_name_v2 = undef, - $service_name_v3 = undef, - $service_type = 'volume', - $service_type_v2 = 'volumev2', - $service_type_v3 = 'volumev3', - $service_description = 'Cinder Service', - $service_description_v2 = 'Cinder Service v2', - $service_description_v3 = 'Cinder Service v3', - $region = 'RegionOne', -) { - - $real_service_name = pick($service_name, $auth_name) - $real_service_name_v2 = pick($service_name_v2, $auth_name_v2) - $real_service_name_v3 = pick($service_name_v3, $auth_name_v3) - - if $real_service_name == $real_service_name_v2 { - fail('cinder::keystone::auth parameters service_name and service_name_v2 must be different.') - } - - keystone::resource::service_identity { 'cinder': - configure_user => $configure_user, - configure_user_role => $configure_user_role, - configure_endpoint => $configure_endpoint, - service_type => $service_type, - service_description => $service_description, - service_name => $real_service_name, - region => $region, - auth_name => $auth_name, - password => $password, - email => $email, - tenant => $tenant, - public_url => $public_url, - admin_url => $admin_url, - internal_url => $internal_url, - } - - keystone::resource::service_identity { 'cinderv2': - configure_user => $configure_user_v2, - configure_user_role => $configure_user_role_v2, - configure_endpoint => $configure_endpoint_v2, - service_type => $service_type_v2, - service_description => $service_description_v2, - service_name => $real_service_name_v2, - region => $region, - auth_name => $auth_name_v2, - password => $password_user_v2, - email => $email_user_v2, - tenant => $tenant_user_v2, - public_url => $public_url_v2, - admin_url => $admin_url_v2, - internal_url => $internal_url_v2, - } - - keystone::resource::service_identity { 'cinderv3': - configure_user => $configure_user_v3, - configure_user_role => $configure_user_role_v3, - configure_endpoint => $configure_endpoint_v3, - service_type => $service_type_v3, - service_description => $service_description_v3, - service_name => $real_service_name_v3, - region => $region, - auth_name => $auth_name_v3, - password => $password_user_v3, - email => $email_user_v3, - tenant => $tenant_user_v3, - public_url => $public_url_v3, - admin_url => $admin_url_v3, - internal_url => $internal_url_v3, - } - - if $configure_user_role { - Keystone_user_role["${auth_name}@${tenant}"] ~> Service <| name == 'cinder-api' |> - Keystone_user_role["${auth_name}@${tenant}"] -> Cinder_type <| |> - } - -} diff --git a/cinder/manifests/logging.pp b/cinder/manifests/logging.pp deleted file mode 100644 index 6623cf24e..000000000 --- a/cinder/manifests/logging.pp +++ /dev/null @@ -1,149 +0,0 @@ -# == Class: cinder::logging -# -# Cinder logging configuration -# -# === Parameters -# -# [*verbose*] -# (Optional) Should the daemons log verbose messages -# Defaults to $::os_service_default -# -# [*debug*] -# (Optional) Should the daemons log debug messages -# Defaults to $::os_service_default -# -# [*use_syslog*] -# (Optional) Use syslog for logging. -# Defaults to $::os_service_default -# -# [*use_stderr*] -# (optional) Use stderr for logging -# Defaults to $::os_service_default -# -# [*log_facility*] -# (Optional) Syslog facility to receive log lines. -# Defaults to $::os_service_default -# -# [*log_dir*] -# (optional) Directory where logs should be stored. -# If set to boolean false or $::os_service_default, it will not log to any -# directory. -# Defaults to '/var/log/cinder' -# -# [*logging_context_format_string*] -# (Optional) Format string to use for log messages with context. -# Defaults to $::os_service_default -# Example: '%(asctime)s.%(msecs)03d %(process)d %(levelname)s %(name)s\ -# [%(request_id)s %(user_identity)s] %(instance)s%(message)s' -# -# [*logging_default_format_string*] -# (Optional) Format string to use for log messages without context. -# Defaults to $::os_service_default -# Example: '%(asctime)s.%(msecs)03d %(process)d %(levelname)s %(name)s\ -# [-] %(instance)s%(message)s' -# -# [*logging_debug_format_suffix*] -# (Optional) Formatted data to append to log format when level is DEBUG. -# Defaults to $::os_service_default -# Example: '%(funcName)s %(pathname)s:%(lineno)d' -# -# [*logging_exception_prefix*] -# (Optional) Prefix each line of exception output with this format. -# Defaults to $::os_service_default -# Example: '%(asctime)s.%(msecs)03d %(process)d TRACE %(name)s %(instance)s' -# -# [*log_config_append*] -# The name of an additional logging configuration file. -# Defaults to $::os_service_default -# See https://docs.python.org/2/howto/logging.html -# -# [*default_log_levels*] -# (optional) Hash of logger (keys) and level (values) pairs. -# Defaults to $::os_service_default. -# Example: -# { 'amqp' => 'WARN', 'amqplib' => 'WARN', 'boto' => 'WARN', -# 'qpid' => 'WARN', 'sqlalchemy' => 'WARN', 'suds' => 'INFO', -# 'iso8601' => 'WARN', -# 'requests.packages.urllib3.connectionpool' => 'WARN' } -# -# [*publish_errors*] -# (optional) Publish error events (boolean value). -# Defaults to $::os_service_default -# -# [*fatal_deprecations*] -# (optional) Make deprecations fatal (boolean value) -# Defaults to $::os_service_default -# -# [*instance_format*] -# (optional) If an instance is passed with the log message, format it -# like this (string value). -# Defaults to $::os_service_default -# Example: '[instance: %(uuid)s] ' -# -# [*instance_uuid_format*] -# (optional) If an instance UUID is passed with the log message, format -# it like this (string value). -# Defaults to $::os_service_default -# Example: instance_uuid_format='[instance: %(uuid)s] ' -# -# [*log_date_format*] -# (optional) Format string for %%(asctime)s in log records. -# Defaults to $::os_service_default -# Example: 'Y-%m-%d %H:%M:%S' -# -class cinder::logging( - $use_syslog = $::os_service_default, - $use_stderr = $::os_service_default, - $log_facility = $::os_service_default, - $log_dir = '/var/log/cinder', - $verbose = $::os_service_default, - $debug = $::os_service_default, - $logging_context_format_string = $::os_service_default, - $logging_default_format_string = $::os_service_default, - $logging_debug_format_suffix = $::os_service_default, - $logging_exception_prefix = $::os_service_default, - $log_config_append = $::os_service_default, - $default_log_levels = $::os_service_default, - $publish_errors = $::os_service_default, - $fatal_deprecations = $::os_service_default, - $instance_format = $::os_service_default, - $instance_uuid_format = $::os_service_default, - $log_date_format = $::os_service_default, -) { - - # NOTE(spredzy): In order to keep backward compatibility we rely on the pick function - # to use cinder:: if cinder::logging:: isn't specified. - $use_syslog_real = pick($::cinder::use_syslog,$use_syslog) - $use_stderr_real = pick($::cinder::use_stderr,$use_stderr) - $log_facility_real = pick($::cinder::log_facility,$log_facility) - $log_dir_real = pick($::cinder::log_dir,$log_dir) - $verbose_real = pick($::cinder::verbose,$verbose) - $debug_real = pick($::cinder::debug,$debug) - - if is_service_default($default_log_levels) { - $default_log_levels_real = $default_log_levels - } else { - $default_log_levels_real = join(sort(join_keys_to_values($default_log_levels, '=')), ',') - } - - cinder_config { - 'DEFAULT/use_syslog' : value => $use_syslog_real; - 'DEFAULT/use_stderr' : value => $use_stderr_real; - 'DEFAULT/syslog_log_facility' : value => $log_facility_real; - 'DEFAULT/log_dir' : value => $log_dir_real; - 'DEFAULT/verbose' : value => $verbose_real; - 'DEFAULT/debug' : value => $debug_real; - 'DEFAULT/default_log_levels' : value => $default_log_levels_real; - 'DEFAULT/logging_context_format_string' : value => $logging_context_format_string; - 'DEFAULT/logging_default_format_string' : value => $logging_default_format_string; - 'DEFAULT/logging_debug_format_suffix' : value => $logging_debug_format_suffix; - 'DEFAULT/logging_exception_prefix' : value => $logging_exception_prefix; - 'DEFAULT/log_config_append' : value => $log_config_append; - 'DEFAULT/publish_errors' : value => $publish_errors; - 'DEFAULT/fatal_deprecations' : value => $fatal_deprecations; - 'DEFAULT/instance_format' : value => $instance_format; - 'DEFAULT/instance_uuid_format' : value => $instance_uuid_format; - 'DEFAULT/log_date_format' : value => $log_date_format; - } - -} diff --git a/cinder/manifests/params.pp b/cinder/manifests/params.pp deleted file mode 100644 index 8d2c6db09..000000000 --- a/cinder/manifests/params.pp +++ /dev/null @@ -1,63 +0,0 @@ -# == Class: cinder::params -# -class cinder::params { - - if $::osfamily == 'Debian' { - $package_name = 'cinder-common' - $client_package = 'python-cinderclient' - $api_package = 'cinder-api' - $api_service = 'cinder-api' - $backup_package = 'cinder-backup' - $backup_service = 'cinder-backup' - $scheduler_package = 'cinder-scheduler' - $scheduler_service = 'cinder-scheduler' - $volume_package = 'cinder-volume' - $volume_service = 'cinder-volume' - $db_sync_command = 'cinder-manage db sync' - $tgt_package_name = 'tgt' - $tgt_service_name = 'tgt' - $ceph_init_override = '/etc/init/cinder-volume.override' - $iscsi_helper = 'tgtadm' - $lio_package_name = 'targetcli' - $lock_path = '/var/lock/cinder' - $sqlite_package_name = 'python-pysqlite2' - $pymysql_package_name = 'python-pymysql' - - } elsif($::osfamily == 'RedHat') { - - $package_name = 'openstack-cinder' - $client_package = 'python-cinderclient' - $api_package = false - $api_service = 'openstack-cinder-api' - $backup_package = false - $backup_service = 'openstack-cinder-backup' - $scheduler_package = false - $scheduler_service = 'openstack-cinder-scheduler' - $volume_package = false - $volume_service = 'openstack-cinder-volume' - $db_sync_command = 'cinder-manage db sync' - $tgt_package_name = 'scsi-target-utils' - $tgt_service_name = 'tgtd' - $ceph_init_override = '/etc/sysconfig/openstack-cinder-volume' - $lio_package_name = 'targetcli' - $lock_path = '/var/lib/cinder/tmp' - $sqlite_package_name = undef - $pymysql_package_name = undef - - case $::operatingsystem { - 'RedHat', 'CentOS', 'Scientific', 'OracleLinux': { - if (versioncmp($::operatingsystemmajrelease, '7') >= 0) { - $iscsi_helper = 'lioadm' - } else { - $iscsi_helper = 'tgtadm' - } - } - default: { - $iscsi_helper = 'lioadm' - } - } - - } else { - fail("unsupported osfamily ${::osfamily}, currently Debian and Redhat are the only supported platforms") - } -} diff --git a/cinder/manifests/policy.pp b/cinder/manifests/policy.pp deleted file mode 100644 index 9abaeb4e7..000000000 --- a/cinder/manifests/policy.pp +++ /dev/null @@ -1,33 +0,0 @@ -# == Class: cinder::policy -# -# Configure the cinder policies -# -# === Parameters -# -# [*policies*] -# (optional) Set of policies to configure for cinder -# Example : -# { -# 'cinder-context_is_admin' => {'context_is_admin' => 'true'}, -# 'cinder-default' => {'default' => 'rule:admin_or_owner'} -# } -# Defaults to empty hash. -# -# [*policy_path*] -# (optional) Path to the cinder policy.json file -# Defaults to /etc/cinder/policy.json -# -class cinder::policy ( - $policies = {}, - $policy_path = '/etc/cinder/policy.json', -) { - - validate_hash($policies) - - Openstacklib::Policy::Base { - file_path => $policy_path, - } - - create_resources('openstacklib::policy::base', $policies) - -} diff --git a/cinder/manifests/qpid.pp b/cinder/manifests/qpid.pp deleted file mode 100644 index 6e84f1be4..000000000 --- a/cinder/manifests/qpid.pp +++ /dev/null @@ -1,36 +0,0 @@ -# == Class: cinder::qpid -# -# Deprecated class for installing qpid server for cinder -# -# === Parameters -# -# [*enabled*] -# (Optional) Whether to enable the qpid service. -# Defaults to undef. -# -# [*user*] -# (Optional) The username to use when connecting to qpid. -# Defaults to undef. -# -# [*password*] -# (Optional) The password to use when connecting to qpid -# Defaults to undef. -# -# [*file*] -# (Optional) The SASL database. -# Defaults to undef. -# -# [*realm*] -# (Optional) The Realm for qpid. -# Defaults to undef. -# -class cinder::qpid ( - $enabled = undef, - $user = undef, - $password = undef, - $file = undef, - $realm = undef -) { - - warning('Qpid driver is removed from Oslo.messaging in the Mitaka release and puppet-cinder no longer attempts to configure it. This class will be completely removed from puppet-cinder in the N-release.') -} diff --git a/cinder/manifests/quota.pp b/cinder/manifests/quota.pp deleted file mode 100644 index 41dbbe9fd..000000000 --- a/cinder/manifests/quota.pp +++ /dev/null @@ -1,37 +0,0 @@ -# == Class: cinder::quota -# -# Setup and configure Cinder quotas. -# -# === Parameters -# -# [*quota_volumes*] -# (Optional) Number of volumes allowed per project. -# Defaults to $::os_service_default -# -# [*quota_snapshots*] -# (Optional) Number of volume snapshots allowed per project. -# Defaults to $::os_service_default -# -# [*quota_gigabytes*] -# (Optional) Number of volume gigabytes (snapshots are also included) -# allowed per project. -# Defaults to $::os_service_default. -# -# [*quota_driver*] -# (Optional) Default driver to use for quota checks. -# Defaults to $::os_service_default. -# -class cinder::quota ( - $quota_volumes = $::os_service_default, - $quota_snapshots = $::os_service_default, - $quota_gigabytes = $::os_service_default, - $quota_driver = $::os_service_default, -) { - - cinder_config { - 'DEFAULT/quota_volumes': value => $quota_volumes; - 'DEFAULT/quota_snapshots': value => $quota_snapshots; - 'DEFAULT/quota_gigabytes': value => $quota_gigabytes; - 'DEFAULT/quota_driver': value => $quota_driver; - } -} diff --git a/cinder/manifests/quota_set.pp b/cinder/manifests/quota_set.pp deleted file mode 100644 index cec059f0f..000000000 --- a/cinder/manifests/quota_set.pp +++ /dev/null @@ -1,86 +0,0 @@ -# == Class: cinder::quota_set -# -# Setup and configure Cinder quotas per volume type. -# -# === Parameters -# -# [*os_password*] -# (Required) The keystone tenant:username password. -# -# [*os_tenant_name*] -# (Optional) The keystone tenant name. -# Defaults to 'admin'. -# -# [*os_username*] -# (Optional) The keystone user name. -# Defaults to 'admin'. -# -# [*os_auth_url*] -# (Optional) The keystone auth url. -# Defaults to 'http://127.0.0.1:5000/v2.0/'. -# -# [*os_region_name*] -# (Optional) The keystone region name. -# Default is unset. -# -# [*quota_volumes*] -# (Optional) Number of volumes allowed per project. -# Defaults to 10. -# -# [*quota_snapshots*] -# (Optional) Number of volume snapshots allowed per project. -# Defaults to 10. -# -# [*quota_gigabytes*] -# (Optional) Number of volume gigabytes (snapshots are also included) -# allowed per project. -# Defaults to 1000. -# -# [*class_name*] -# (Optional) Quota class to use. -# Defaults to 'default'. -# -# [*volume_type*] -# volume type that will have quota changed -# Defaults to $name -# - -define cinder::quota_set ( - $os_password, - $os_tenant_name = 'admin', - $os_username = 'admin', - $os_auth_url = 'http://127.0.0.1:5000/v2.0/', - $os_region_name = undef, - $quota_volumes = 10, - $quota_snapshots = 10, - $quota_gigabytes = 1000, - $class_name = 'default', - $volume_type = $name, -) { - - if $os_region_name { - $cinder_env = [ - "OS_TENANT_NAME=${os_tenant_name}", - "OS_USERNAME=${os_username}", - "OS_PASSWORD=${os_password}", - "OS_AUTH_URL=${os_auth_url}", - "OS_REGION_NAME=${os_region_name}", - ] - } - else { - $cinder_env = [ - "OS_TENANT_NAME=${os_tenant_name}", - "OS_USERNAME=${os_username}", - "OS_PASSWORD=${os_password}", - "OS_AUTH_URL=${os_auth_url}", - ] - } - - exec {"cinder quota-class-update ${class_name}": - command => "cinder quota-class-update ${class_name} --volumes ${quota_volumes} --snapshots ${quota_snapshots} --gigabytes ${quota_gigabytes} --volume-type '${volume_type}'", - onlyif => 'cinder quota-class-show default | grep -qP -- -1', - environment => $cinder_env, - require => Package['python-cinderclient'], - path => ['/usr/bin', '/bin'], - } -} diff --git a/cinder/manifests/rabbitmq.pp b/cinder/manifests/rabbitmq.pp deleted file mode 100644 index 31a8d21b2..000000000 --- a/cinder/manifests/rabbitmq.pp +++ /dev/null @@ -1,51 +0,0 @@ -# == Class: cinder::rabbitmq -# -# Installs and manages rabbitmq server for cinder -# -# == Parameters: -# -# [*userid*] -# (optional) The username to use when connecting to Rabbit -# Defaults to 'guest' -# -# [*password*] -# (optional) The password to use when connecting to Rabbit -# Defaults to 'guest' -# -# [*port*] -# (optional) Deprecated. The port to use when connecting to Rabbit -# This parameter keeps backward compatibility when we used to manage -# RabbitMQ service. -# Defaults to '5672' -# -# [*virtual_host*] -# (optional) The virtual host to use when connecting to Rabbit -# Defaults to '/' -# -class cinder::rabbitmq( - $userid = 'guest', - $password = 'guest', - $virtual_host = '/', -) { - - if $userid == 'guest' { - $delete_guest_user = false - } else { - $delete_guest_user = true - rabbitmq_user { $userid: - admin => true, - password => $password, - provider => 'rabbitmqctl', - } - # I need to figure out the appropriate permissions - rabbitmq_user_permissions { "${userid}@${virtual_host}": - configure_permission => '.*', - write_permission => '.*', - read_permission => '.*', - provider => 'rabbitmqctl', - }->Anchor<| title == 'cinder-start' |> - } - rabbitmq_vhost { $virtual_host: - provider => 'rabbitmqctl', - } -} diff --git a/cinder/manifests/scheduler.pp b/cinder/manifests/scheduler.pp deleted file mode 100644 index 08f1732f2..000000000 --- a/cinder/manifests/scheduler.pp +++ /dev/null @@ -1,64 +0,0 @@ -# == Class: cinder::scheduler -# -# Scheduler class for cinder. -# -# === Parameters -# -# [*scheduler_driver*] -# (Optional) Default scheduler driver to use -# Defaults to $::os_service_default. -# -# [*package_ensure*] -# (Optioanl) The state of the package. -# Defaults to 'present'. -# -# [*enabled*] -# (Optional) The state of the service -# Defaults to 'true'. -# -# [*manage_service*] -# (Optional) Whether to start/stop the service -# Defaults to 'true'. -# -# -class cinder::scheduler ( - $scheduler_driver = $::os_service_default, - $package_ensure = 'present', - $enabled = true, - $manage_service = true -) { - - include ::cinder::params - - Cinder_config<||> ~> Service['cinder-scheduler'] - Cinder_api_paste_ini<||> ~> Service['cinder-scheduler'] - Exec<| title == 'cinder-manage db_sync' |> ~> Service['cinder-scheduler'] - - cinder_config { 'DEFAULT/scheduler_driver': value => $scheduler_driver; } - - if $::cinder::params::scheduler_package { - Package['cinder-scheduler'] -> Service['cinder-scheduler'] - package { 'cinder-scheduler': - ensure => $package_ensure, - name => $::cinder::params::scheduler_package, - tag => ['openstack', 'cinder-package'], - } - } - - if $manage_service { - if $enabled { - $ensure = 'running' - } else { - $ensure = 'stopped' - } - } - - service { 'cinder-scheduler': - ensure => $ensure, - name => $::cinder::params::scheduler_service, - enable => $enabled, - hasstatus => true, - require => Package['cinder'], - tag => 'cinder-service', - } -} diff --git a/cinder/manifests/scheduler/filter.pp b/cinder/manifests/scheduler/filter.pp deleted file mode 100644 index 75a68b6f3..000000000 --- a/cinder/manifests/scheduler/filter.pp +++ /dev/null @@ -1,25 +0,0 @@ -# == Class: cinder:scheduler::filter -# -# This class is aim to configure cinder.scheduler filter -# -# === Parameters: -# -# [*scheduler_default_filters*] -# A comma separated list of filters to be used by default -# Defaults to $::os_service_default - -class cinder::scheduler::filter ( - $scheduler_default_filters = $::os_service_default, -) { - - if (!is_service_default($scheduler_default_filters)) { - cinder_config { - 'DEFAULT/scheduler_default_filters': value => join(any2array($scheduler_default_filters),',') - } - } else { - cinder_config { - 'DEFAULT/scheduler_default_filters': ensure => absent - } - } - -} diff --git a/cinder/manifests/setup_test_volume.pp b/cinder/manifests/setup_test_volume.pp deleted file mode 100644 index f5e5bdeca..000000000 --- a/cinder/manifests/setup_test_volume.pp +++ /dev/null @@ -1,59 +0,0 @@ -# == Class: cinder::setup_test_volume -# -# Setup a volume group on a loop device for test purposes. -# -# === Parameters -# -# [*volume_name*] -# Volume group name. Defaults to 'cinder-volumes'. -# -# [*size*] -# Volume group size. Defaults to '4G'. -# -# [*loopback_device*] -# Loop device name. Defaults to '/dev/loop2'. -# -# [*volume_path*] -# Volume image location. Defaults to '/var/lib/cinder'. -class cinder::setup_test_volume( - $volume_name = 'cinder-volumes', - $volume_path = '/var/lib/cinder', - $size = '4G', - $loopback_device = '/dev/loop2' -) { - - package { 'lvm2': - ensure => present, - require => Package['cinder'], - } ~> - - exec { "create_${volume_path}/${volume_name}": - command => "dd if=/dev/zero of=\"${volume_path}/${volume_name}\" bs=1 count=0 seek=${size}", - path => ['/bin','/usr/bin','/sbin','/usr/sbin'], - unless => "stat ${volume_path}/${volume_name}", - } ~> - - file { "${volume_path}/${volume_name}": - mode => '0640', - } ~> - - exec { "losetup ${loopback_device} ${volume_path}/${volume_name}": - path => ['/bin','/usr/bin','/sbin','/usr/sbin'], - unless => "losetup ${loopback_device}", - refreshonly => true, - } ~> - - exec { "pvcreate ${loopback_device}": - path => ['/bin','/usr/bin','/sbin','/usr/sbin'], - unless => "pvdisplay | grep ${volume_name}", - refreshonly => true, - } ~> - - exec { "vgcreate ${volume_name} ${loopback_device}": - path => ['/bin','/usr/bin','/sbin','/usr/sbin'], - unless => "vgdisplay | grep ${volume_name}", - refreshonly => true, - } - -} - diff --git a/cinder/manifests/type.pp b/cinder/manifests/type.pp deleted file mode 100644 index e94a84e6c..000000000 --- a/cinder/manifests/type.pp +++ /dev/null @@ -1,72 +0,0 @@ -# == Define: cinder::type -# -# Creates cinder type and assigns backends. -# Deprecated class. -# -# === Parameters -# -# [*os_password*] -# (Required) The keystone tenant:username password. -# -# [*set_key*] -# (Optional) Must be used with set_value. Accepts a single string be used -# as the key in type_set -# Defaults to 'undef'. -# -# [*set_value*] -# (optional) Accepts list of strings or singular string. A list of values -# passed to type_set -# Defaults to 'undef'. -# -# === DEPRECATED PARAMETERS -# -# [*os_tenant_name*] -# (Optional) The keystone tenant name. -# Defaults to undef. -# -# [*os_username*] -# (Optional) The keystone user name. -# Defaults to undef. -# -# [*os_auth_url*] -# (Optional) The keystone auth url. -# Defaults to undef. -# -# [*os_region_name*] -# (Optional) The keystone region name. -# Default is undef. -# -# Author: Andrew Woodward -# -define cinder::type ( - $set_key = undef, - $set_value = undef, - # DEPRECATED PARAMETERS - $os_password = undef, - $os_tenant_name = undef, - $os_username = undef, - $os_auth_url = undef, - $os_region_name = undef, - ) { - - if $os_password or $os_region_name or $os_tenant_name or $os_username or $os_auth_url { - warning('Parameters $os_password/$os_region_name/$os_tenant_name/$os_username/$os_auth_url are not longer required') - warning('Auth creds will be used from env or /root/openrc file or cinder.conf') - } - - if ($set_value and $set_key) { - if is_array($set_value) { - $value = join($set_value, ',') - } else { - $value = $set_value - } - cinder_type { $name: - ensure => present, - properties => ["${set_key}=${value}"], - } - } else { - cinder_type { $name: - ensure => present, - } - } -} diff --git a/cinder/manifests/type_set.pp b/cinder/manifests/type_set.pp deleted file mode 100644 index 696a20192..000000000 --- a/cinder/manifests/type_set.pp +++ /dev/null @@ -1,58 +0,0 @@ -# ==Define: cinder::type_set -# -# Assigns keys after the volume type is set. -# Deprecated class. -# -# === Parameters -# -# [*type*] -# (required) Accepts single name of type to set. -# -# [*key*] -# (required) the key name that we are setting the value for. -# -# [*value*] -# the value that we are setting. Defaults to content of namevar. -# -# === Deprecated parameters -# -# [*os_password*] -# (optional) DEPRECATED: The keystone tenant:username password. -# Defaults to undef. -# -# [*os_tenant_name*] -# (optional) DEPRECATED: The keystone tenant name. Defaults to undef. -# -# [*os_username*] -# (optional) DEPRECATED: The keystone user name. Defaults to undef. -# -# [*os_auth_url*] -# (optional) DEPRECATED: The keystone auth url. Defaults to undef. -# -# [*os_region_name*] -# (optional) DEPRECATED: The keystone region name. Default is undef. -# -# Author: Andrew Woodward -# -define cinder::type_set ( - $type, - $key, - $value = $name, - # DEPRECATED PARAMETERS - $os_password = undef, - $os_tenant_name = undef, - $os_username = undef, - $os_auth_url = undef, - $os_region_name = undef, - ) { - - if $os_password or $os_region_name or $os_tenant_name or $os_username or $os_auth_url { - warning('Parameters $os_password/$os_region_name/$os_tenant_name/$os_username/$os_auth_url are not longer required.') - warning('Auth creds will be used from env or /root/openrc file or cinder.conf') - } - - cinder_type { $type: - ensure => present, - properties => ["${key}=${value}"], - } -} diff --git a/cinder/manifests/vmware.pp b/cinder/manifests/vmware.pp deleted file mode 100644 index 39ce6dd64..000000000 --- a/cinder/manifests/vmware.pp +++ /dev/null @@ -1,59 +0,0 @@ -# == Class: cinder::vmware -# -# Creates vmdk specific disk file type & clone type. -# -# === Parameters -# -# [*os_password*] -# DEPRECATED. The keystone tenant:username password. -# Defaults to undef. -# -# [*os_tenant_name*] -# DEPRECATED. The keystone tenant name. -# Defaults to undef. -# -# [*os_username*] -# DEPRECATED. The keystone user name. -# Defaults to undef. -# -# [*os_auth_url*] -# DEPRECATED. The keystone auth url. -# Defaults to undef. -# -class cinder::vmware ( - $os_password = undef, - $os_tenant_name = undef, - $os_username = undef, - $os_auth_url = undef -) { - - if $os_password or $os_tenant_name or $os_username or $os_auth_url { - warning('Parameters $os_password/$os_tenant_name/$os_username/$os_auth_url are not longer required.') - warning('Auth creds will be used from env or /root/openrc file or cinder.conf') - } - - cinder_type { 'vmware-thin': - ensure => present, - properties => ['vmware:vmdk_type=thin'] - } - - cinder_type { 'vmware-thick': - ensure => present, - properties => ['vmware:vmdk_type=thick'] - } - - cinder_type { 'vmware-eagerZeroedThick': - ensure => present, - properties => ['vmware:vmdk_type=eagerZeroedThick'] - } - - cinder_type { 'vmware-full': - ensure => present, - properties => ['vmware:clone_type=full'] - } - - cinder_type { 'vmware-linked': - ensure => present, - properties => ['vmware:clone_type=linked'] - } -} diff --git a/cinder/manifests/volume.pp b/cinder/manifests/volume.pp deleted file mode 100644 index 0a3d7db6e..000000000 --- a/cinder/manifests/volume.pp +++ /dev/null @@ -1,79 +0,0 @@ -# == Class: cinder::volume -# -# === Parameters -# -# [*package_ensure*] -# (Optional) The state of the package. -# Defaults to 'present'. -# -# [*enabled*] -# (Optional) The state of the service -# Defaults to 'true'. -# -# [*manage_service*] -# (Optional) Whether to start/stop the service. -# Defaults to 'true'. -# -# [*volume_clear*] -# (Optional) Method used to wipe old volumes. -# Defaults to $::os_service_default. -# -# [*volume_clear_size*] -# (Optional) Size in MiB to wipe at start of old volumes. -# Set to '0' means all. -# Defaults to $::os_service_default. -# -# [*volume_clear_ionice*] -# (Optional) The flag to pass to ionice to alter the i/o priority -# of the process used to zero a volume after deletion, -# for example "-c3" for idle only priority. -# Defaults to $::os_service_default. -# -class cinder::volume ( - $package_ensure = 'present', - $enabled = true, - $manage_service = true, - $volume_clear = $::os_service_default, - $volume_clear_size = $::os_service_default, - $volume_clear_ionice = $::os_service_default, -) { - - include ::cinder::params - - Cinder_config<||> ~> Service['cinder-volume'] - Cinder_api_paste_ini<||> ~> Service['cinder-volume'] - Exec<| title == 'cinder-manage db_sync' |> ~> Service['cinder-volume'] - - if $::cinder::params::volume_package { - Package['cinder'] -> Package['cinder-volume'] - Package['cinder-volume'] -> Service['cinder-volume'] - package { 'cinder-volume': - ensure => $package_ensure, - name => $::cinder::params::volume_package, - tag => ['openstack', 'cinder-package'], - } - } - - if $manage_service { - if $enabled { - $ensure = 'running' - } else { - $ensure = 'stopped' - } - } - - service { 'cinder-volume': - ensure => $ensure, - name => $::cinder::params::volume_service, - enable => $enabled, - hasstatus => true, - require => Package['cinder'], - tag => 'cinder-service', - } - - cinder_config { - 'DEFAULT/volume_clear': value => $volume_clear; - 'DEFAULT/volume_clear_size': value => $volume_clear_size; - 'DEFAULT/volume_clear_ionice': value => $volume_clear_ionice; - } -} diff --git a/cinder/manifests/volume/dellsc_iscsi.pp b/cinder/manifests/volume/dellsc_iscsi.pp deleted file mode 100644 index e470f9567..000000000 --- a/cinder/manifests/volume/dellsc_iscsi.pp +++ /dev/null @@ -1,74 +0,0 @@ -# == define: cinder::volume::dellsc_iscsi -# -# Configure the Dell Storage Center ISCSI driver for cinder. -# -# === Parameters -# -# [*san_ip*] -# (required) IP address of Enterprise Manager. -# -# [*san_login*] -# (required) Enterprise Manager user name. -# -# [*san_password*] -# (required) Enterprise Manager user password. -# -# [*iscsi_ip_address*] -# (required) The Storage Center iSCSI IP address. -# -# [*dell_sc_ssn*] -# (required) The Storage Center serial number to use. -# -# [*dell_sc_api_port*] -# (optional) The Enterprise Manager API port. -# Defaults to $::os_service_default -# -# [*dell_sc_server_folder*] -# (optional) Name of the server folder to use on the Storage Center. -# Defaults to 'srv' -# -# [*dell_sc_verify_cert*] -# (optional) Enable HTTPS SC certificate verification -# Defaults to $:os_service_default -# -# [*dell_sc_volume_folder*] -# (optional) Name of the volume folder to use on the Storage Center. -# Defaults to 'vol' -# -# [*iscsi_port*] -# (optional) The Storage Center iSCSI IP port. -# Defaults to $::os_service_default -# -# [*extra_options*] -# (optional) Hash of extra options to pass to the backend stanza. -# Defaults to: {} -# Example: -# { 'dellsc_iscsi_backend/param1' => { 'value' => value1 } } -# -class cinder::volume::dellsc_iscsi ( - $san_ip, - $san_login, - $san_password, - $iscsi_ip_address, - $dell_sc_ssn, - $dell_sc_api_port = $::os_service_default, - $dell_sc_server_folder = 'srv', - $dell_sc_verify_cert = $::os_service_default, - $dell_sc_volume_folder = 'vol', - $iscsi_port = $::os_service_default, - $extra_options = {}, -) { - cinder::backend::dellsc_iscsi { 'DEFAULT': - san_ip => $san_ip, - san_login => $san_login, - san_password => $san_password, - iscsi_ip_address => $iscsi_ip_address, - dell_sc_ssn => $dell_sc_ssn, - dell_sc_api_port => $dell_sc_api_port, - dell_sc_server_folder => $dell_sc_server_folder, - dell_sc_verify_cert => $dell_sc_verify_cert, - dell_sc_volume_folder => $dell_sc_volume_folder, - iscsi_port => $iscsi_port, - extra_options => $extra_options, - } -} diff --git a/cinder/manifests/volume/emc_vnx.pp b/cinder/manifests/volume/emc_vnx.pp deleted file mode 100644 index 3679cd8d4..000000000 --- a/cinder/manifests/volume/emc_vnx.pp +++ /dev/null @@ -1,66 +0,0 @@ -# == Class: cinder::volume::emc_enx -# -# Configures Cinder volume EMC VNX driver. -# Parameters are particular to each volume driver. -# -# === Parameters -# -# [*package_ensure*] -# (Optional) State of the package -# Defaults to 'present'. -# -# [*iscsi_ip_address*] -# (Required) The IP address that the iSCSI daemon is listening on -# -# [*san_ip*] -# (Required) IP address of SAN controller. -# -# [*san_password*] -# (Required) Password of SAN controller. -# -# [*san_login*] -# (Optional) Login of SAN controller. -# Defaults to : 'admin' -# -# [*storage_vnx_pool_name*] -# (Required) Storage pool name. -# -# [*default_timeout*] -# (Optonal) Default timeout for CLI operations in minutes. -# Defaults to: '10' -# -# [*max_luns_per_storage_group*] -# (Optonal) Default max number of LUNs in a storage group. -# Defaults to: '256' -# -# [*extra_options*] -# (optional) Hash of extra options to pass to the backend stanza -# Defaults to: {} -# Example : -# { 'emc_vnx_backend/param1' => { 'value' => value1 } } -# -class cinder::volume::emc_vnx( - $iscsi_ip_address, - $san_ip, - $san_password, - $storage_vnx_pool_name, - $default_timeout = '10', - $max_luns_per_storage_group = '256', - $package_ensure = 'present', - $san_login = 'admin', - $extra_options = {}, -) { - - cinder::backend::emc_vnx { 'DEFAULT': - default_timeout => $default_timeout, - iscsi_ip_address => $iscsi_ip_address, - max_luns_per_storage_group => $max_luns_per_storage_group, - package_ensure => $package_ensure, - san_ip => $san_ip, - san_login => $san_login, - san_password => $san_password, - storage_vnx_pool_name => $storage_vnx_pool_name, - extra_options => $extra_options, - } - -} diff --git a/cinder/manifests/volume/eqlx.pp b/cinder/manifests/volume/eqlx.pp deleted file mode 100644 index 7c315f2b4..000000000 --- a/cinder/manifests/volume/eqlx.pp +++ /dev/null @@ -1,82 +0,0 @@ -# == define: cinder::volume::eqlx -# -# Configure the Dell EqualLogic driver for cinder. -# -# === Parameters -# -# [*san_ip*] -# (required) The IP address of the Dell EqualLogic array. -# -# [*san_login*] -# (required) The account to use for issuing SSH commands. -# -# [*san_password*] -# (required) The password for the specified SSH account. -# -# [*san_thin_provision*] -# (optional) Whether or not to use thin provisioning for volumes. -# Defaults to $::os_service_default -# -# [*eqlx_group_name*] -# (optional) The CLI prompt message without '>'. -# Defaults to $::os_service_default -# -# [*eqlx_pool*] -# (optional) The pool in which volumes will be created. -# Defaults to $::os_service_default -# -# [*eqlx_use_chap*] -# (optional) Use CHAP authentification for targets? -# Defaults to $::os_service_default -# -# [*eqlx_chap_login*] -# (optional) An existing CHAP account name. -# Defaults to 'chapadmin' -# -# [*eqlx_chap_password*] -# (optional) The password for the specified CHAP account name. -# Defaults to '12345' -# -# [*eqlx_cli_timeout*] -# (optional) The timeout for the Group Manager cli command execution. -# Defaults to $::os_service_default -# -# [*eqlx_cli_max_retries*] -# (optional) The maximum retry count for reconnection. -# Defaults to $::os_service_default -# -# [*extra_options*] -# (optional) Hash of extra options to pass to the backend stanza -# Defaults to: {} -# Example : -# { 'eqlx_backend/param1' => { 'value' => value1 } } -# -class cinder::volume::eqlx ( - $san_ip, - $san_login, - $san_password, - $san_thin_provision = $::os_service_default, - $eqlx_group_name = $::os_service_default, - $eqlx_pool = $::os_service_default, - $eqlx_use_chap = $::os_service_default, - $eqlx_chap_login = 'chapadmin', - $eqlx_chap_password = '12345', - $eqlx_cli_timeout = $::os_service_default, - $eqlx_cli_max_retries = $::os_service_default, - $extra_options = {}, -) { - cinder::backend::eqlx { 'DEFAULT': - san_ip => $san_ip, - san_login => $san_login, - san_password => $san_password, - san_thin_provision => $san_thin_provision, - eqlx_group_name => $eqlx_group_name, - eqlx_pool => $eqlx_pool, - eqlx_use_chap => $eqlx_use_chap, - eqlx_chap_login => $eqlx_chap_login, - eqlx_chap_password => $eqlx_chap_password, - eqlx_cli_timeout => $eqlx_cli_timeout, - eqlx_cli_max_retries => $eqlx_cli_max_retries, - extra_options => $extra_options, - } -} diff --git a/cinder/manifests/volume/glusterfs.pp b/cinder/manifests/volume/glusterfs.pp deleted file mode 100644 index c763a4664..000000000 --- a/cinder/manifests/volume/glusterfs.pp +++ /dev/null @@ -1,64 +0,0 @@ -# -# == Class: cinder::volume::glusterfs -# -# Configures Cinder to use GlusterFS as a volume driver -# -# === Parameters -# -# [*glusterfs_shares*] -# (required) An array of GlusterFS volume locations. -# Must be an array even if there is only one volume. -# -# [*glusterfs_backup_mount_point*] -# (optional) Base dir containing mount point for gluster share. -# Defaults to $::os_service_default -# -# [*glusterfs_backup_share*] -# (optonal) GlusterFS share in : -# format. Eg: 1.2.3.4:backup_vol -# Defaults to $::os_service_default -# -# [*glusterfs_sparsed_volumes*] -# (optional) Whether or not to use sparse (thin) volumes. -# Defaults to $::os_service_default which uses the driver's default of "true". -# -# [*glusterfs_mount_point_base*] -# (optional) Where to mount the Gluster volumes. -# Defaults to $::os_service_default which uses the driver's default of "$state_path/mnt". -# -# [*glusterfs_shares_config*] -# (optional) The config file to store the given $glusterfs_shares. -# Defaults to '/etc/cinder/shares.conf' -# -# [*extra_options*] -# (optional) Hash of extra options to pass to the backend stanza -# Defaults to: {} -# Example : -# { 'glusterfs_backend/param1' => { 'value' => value1 } } -# -# === Examples -# -# class { 'cinder::volume::glusterfs': -# glusterfs_shares = ['192.168.1.1:/volumes'], -# } -# -class cinder::volume::glusterfs ( - $glusterfs_shares, - $glusterfs_backup_mount_point = $::os_service_default, - $glusterfs_backup_share = $::os_service_default, - $glusterfs_sparsed_volumes = $::os_service_default, - $glusterfs_mount_point_base = $::os_service_default, - $glusterfs_shares_config = '/etc/cinder/shares.conf', - $extra_options = {}, -) { - - cinder::backend::glusterfs { 'DEFAULT': - glusterfs_shares => $glusterfs_shares, - glusterfs_backup_mount_point => $glusterfs_backup_mount_point, - glusterfs_backup_share => $glusterfs_backup_share, - glusterfs_sparsed_volumes => $glusterfs_sparsed_volumes, - glusterfs_mount_point_base => $glusterfs_mount_point_base, - glusterfs_shares_config => $glusterfs_shares_config, - extra_options => $extra_options, - } -} diff --git a/cinder/manifests/volume/gpfs.pp b/cinder/manifests/volume/gpfs.pp deleted file mode 100644 index d6f9288c2..000000000 --- a/cinder/manifests/volume/gpfs.pp +++ /dev/null @@ -1,79 +0,0 @@ -# == Class: cinder::volume::gpfs -# -# Configures Cinder to use the IBM GPFS Driver -# -# === Parameters -# -# [*gpfs_mount_point_base*] -# (required) Specifies the path of the GPFS directory where Block Storage -# volume and snapshot files are stored. -# -# [*gpfs_images_dir*] -# (optional) Specifies the path of the Image service repository in GPFS. -# Leave undefined if not storing images in GPFS. Defaults to "None" via -# driver. -# Defaults to $::os_service_default -# -# [*gpfs_images_share_mode*] -# (optional) Specifies the type of image copy to be used. Set this when the -# Image service repository also uses GPFS so that image files can be -# transferred efficiently from the Image service to the Block Storage -# service. There are two valid values: "copy" specifies that a full copy of -# the image is made; "copy_on_write" specifies that copy-on-write -# optimization strategy is used and unmodified blocks of the image file are -# shared efficiently. Defaults to "None" via driver. -# Defaults to $::os_service_default -# -# [*gpfs_max_clone_depth*] -# (optional) Specifies an upper limit on the number of indirections required -# to reach a specific block due to snapshots or clones. A lengthy chain of -# copy-on-write snapshots or clones can have a negative impact on -# performance, but improves space utilization. 0 indicates unlimited clone -# depth. Defaults to "0" via driver implementation -# Defaults to $::os_service_default -# -# [*gpfs_sparse_volumes*] -# (optional) Specifies that volumes are created as sparse files which -# initially consume no space. If set to False, the volume is created as a -# fully allocated file, in which case, creation may take a significantly -# longer time. Defaults to "True" via driver. -# Defaults to $::os_service_default -# -# [*gpfs_storage_pool*] -# (optional) Specifies the storage pool that volumes are assigned to. By -# default, the system storage pool is used. Defaults to "system" via driver. -# Defaults to $::os_service_default -# -# [*extra_options*] -# (optional) Hash of extra options to pass to the backend stanza -# Defaults to: {} -# Example : -# { 'gpfs_backend/param1' => { 'value' => value1 } } -# -# === Authors -# -# Benedikt von St. Vieth -# -# === Copyright -# -# Copyright 2015 -# -class cinder::volume::gpfs( - $gpfs_mount_point_base, - $gpfs_images_dir = $::os_service_default, - $gpfs_images_share_mode = $::os_service_default, - $gpfs_max_clone_depth = $::os_service_default, - $gpfs_sparse_volumes = $::os_service_default, - $gpfs_storage_pool = $::os_service_default, - $extra_options = {} -) { - cinder::backend::gpfs { 'DEFAULT': - gpfs_mount_point_base => $gpfs_mount_point_base, - gpfs_images_dir => $gpfs_images_dir, - gpfs_images_share_mode => $gpfs_images_share_mode, - gpfs_max_clone_depth => $gpfs_max_clone_depth, - gpfs_sparse_volumes => $gpfs_sparse_volumes, - gpfs_storage_pool => $gpfs_storage_pool, - extra_options => $extra_options, - } -} diff --git a/cinder/manifests/volume/hp3par_iscsi.pp b/cinder/manifests/volume/hp3par_iscsi.pp deleted file mode 100644 index 069c7b747..000000000 --- a/cinder/manifests/volume/hp3par_iscsi.pp +++ /dev/null @@ -1,81 +0,0 @@ -# == Class: cinder::volume::hp3par -# -# Configures Cinder volume HP 3par driver. -# Parameters are particular to each volume driver. -# -# === Parameters -# -# [*volume_driver*] -# (optional) Setup cinder-volume to use HP 3par volume driver. -# Defaults to 'cinder.volume.drivers.san.hp.hp_3par_iscsi.HP3PARISCSIDriver' -# -# [*san_ip*] -# (required) IP address of HP 3par service processor. -# -# [*san_login*] -# (required) Username for HP 3par account. -# -# [*san_password*] -# (required) Password for HP 3par account. -# -# [*hp3par_api_url*] -# (required) url for api access to 3par - expample https://10.x.x.x:8080/api/v1 -# -# [*hp3par_username*] -# (required) Username for HP3par admin user -# -# [*hp3par_password*] -# (required) Password for hp3par_username -# -# [*hp3par_iscsi_ips*] -# (required) iscsi ip addresses for the HP 3par array -# -# [*hp3par_iscsi_chap_enabled*] -# (required) setting to false by default -# -# [*hp3par_snap_cpg*] -# (optional) set to hp3par_cfg by default in the cinder driver -# -# [*hp3par_snapshot_retention*] -# (required) setting to 48 hours as default expiration - ensures snapshot cannot be deleted prior to expiration -# -# [*hp3par_snapshot_expiration*] -# (required) setting to 72 hours as default (must be larger than retention) -# -# [*extra_options*] -# (optional) Hash of extra options to pass to the backend stanza -# Defaults to: {} -# Example : -# { 'h3par_iscsi_backend/param1' => { 'value' => value1 } } -# -class cinder::volume::hp3par_iscsi( - $hp3par_api_url, - $hp3par_username, - $hp3par_password, - $hp3par_iscsi_ips, - $san_ip, - $san_login, - $san_password, - $volume_driver = 'cinder.volume.drivers.san.hp.hp_3par_iscsi.HP3PARISCSIDriver', - $hp3par_iscsi_chap_enabled = false, - $hp3par_snap_cpg = 'OpenstackCPG', - $hp3par_snapshot_retention = 48, - $hp3par_snapshot_expiration = 72, - $extra_options = {}, -) { - - cinder::backend::hp3par_iscsi { 'DEFAULT': - volume_driver => $volume_driver, - hp3par_username => $hp3par_username, - hp3par_password => $hp3par_password, - san_ip => $san_ip, - san_login => $san_login, - san_password => $san_password, - hp3par_iscsi_ips => $hp3par_iscsi_ips, - hp3par_api_url => $hp3par_api_url, - hp3par_snap_cpg => $hp3par_snap_cpg, - hp3par_snapshot_retention => $hp3par_snapshot_retention, - hp3par_snapshot_expiration => $hp3par_snapshot_expiration, - extra_options => $extra_options, - } -} diff --git a/cinder/manifests/volume/iscsi.pp b/cinder/manifests/volume/iscsi.pp deleted file mode 100644 index 367ea579d..000000000 --- a/cinder/manifests/volume/iscsi.pp +++ /dev/null @@ -1,57 +0,0 @@ -# == Class: cinder::volume::iscsi -# -# Configures Cinder volume ISCSI driver. -# -# === Parameters -# -# [*iscsi_ip_address*] -# (Required) The IP address that the iSCSI daemon is listening on -# -# [*volume_driver*] -# (Optional) Driver to use for volume creation -# Defaults to 'cinder.volume.drivers.lvm.LVMVolumeDriver'. -# -# [*volume_group*] -# (Optional) Name for the VG that will contain exported volumes -# Defaults to $::os_service_default. -# -# [*volumes_dir*] -# (Optional) Volume configuration file storage directory -# Defaults to '/var/lib/cinder/volumes'. -# -# [*iscsi_helper*] -# (Optional) iSCSI target user-land tool to use. -# Defaults to '$::cinder::params::iscsi_helper'. -# -# [*iscsi_protocol*] -# (Optional) Protocol to use as iSCSI driver -# Defaults to $::os_service_default. -# -# [*extra_options*] -# (optional) Hash of extra options to pass to the backend stanza -# Defaults to: {} -# Example : -# { 'iscsi_backend/param1' => { 'value' => value1 } } -# -class cinder::volume::iscsi ( - $iscsi_ip_address, - $volume_driver = 'cinder.volume.drivers.lvm.LVMVolumeDriver', - $volume_group = $::os_service_default, - $volumes_dir = '/var/lib/cinder/volumes', - $iscsi_helper = $::cinder::params::iscsi_helper, - $iscsi_protocol = $::os_service_default, - $extra_options = {}, -) { - - include ::cinder::params - - cinder::backend::iscsi { 'DEFAULT': - iscsi_ip_address => $iscsi_ip_address, - volume_driver => $volume_driver, - volume_group => $volume_group, - volumes_dir => $volumes_dir, - iscsi_helper => $iscsi_helper, - iscsi_protocol => $iscsi_protocol, - extra_options => $extra_options, - } -} diff --git a/cinder/manifests/volume/netapp.pp b/cinder/manifests/volume/netapp.pp deleted file mode 100644 index 660ca36f6..000000000 --- a/cinder/manifests/volume/netapp.pp +++ /dev/null @@ -1,231 +0,0 @@ -# == Class: cinder::volume::netapp -# -# Configures Cinder to use the NetApp unified volume driver -# -# === Parameters -# -# [*netapp_login*] -# (required) Administrative user account name used to access the storage -# system or proxy server. -# -# [*netapp_password*] -# (required) Password for the administrative user account specified in the -# netapp_login option. -# -# [*netapp_server_hostname*] -# (required) The hostname (or IP address) for the storage system or proxy -# server. -# -# [*netapp_server_port*] -# (optional) The TCP port to use for communication with the storage -# system or proxy. If not specified, Data ONTAP drivers will use 80 -# for HTTP and 443 for HTTPS; E-Series will use 8080 for HTTP and -# 8443 for HTTPS. -# Defaults to 80 -# -# [*netapp_size_multiplier*] -# (optional) The quantity to be multiplied by the requested volume size to -# ensure enough space is available on the virtual storage server (Vserver) to -# fulfill the volume creation request. -# Defaults to 1.2 -# -# [*netapp_storage_family*] -# (optional) The storage family type used on the storage system; valid values -# are ontap_7mode for using Data ONTAP operating in 7-Mode, ontap_cluster -# for using clustered Data ONTAP, or eseries for NetApp E-Series. -# Defaults to ontap_cluster -# -# [*netapp_storage_protocol*] -# (optional) The storage protocol to be used on the data path with the storage -# system. Valid values are iscsi, fc, nfs. -# Defaults to nfs -# -# [*netapp_transport_type*] -# (optional) The transport protocol used when communicating with the storage -# system or proxy server. Valid values are http or https. -# Defaults to http -# -# [*netapp_vfiler*] -# (optional) The vFiler unit on which provisioning of block storage volumes -# will be done. This parameter is only used by the driver when connecting to -# an instance with a storage family of Data ONTAP operating in 7-Mode. Only -# use this parameter when utilizing the MultiStore feature on the NetApp -# storage system. -# Defaults to undef -# -# [*netapp_volume_list*] -# (optional) This parameter is only utilized when the storage protocol is -# configured to use iSCSI or FC. This parameter is used to restrict -# provisioning to the specified controller volumes. Specify the value of -# this parameter to be a comma separated list of NetApp controller volume -# names to be used for provisioning. -# Defaults to undef -# -# [*netapp_vserver*] -# (optional) This option specifies the virtual storage server (Vserver) -# name on the storage cluster on which provisioning of block storage volumes -# should occur. -# Defaults to undef -# -# [*netapp_partner_backend_name*] -# (optional) The name of the config.conf stanza for a Data ONTAP (7-mode) -# HA partner. This option is only used by the driver when connecting to an -# instance with a storage family of Data ONTAP operating in 7-Mode, and it is -# required if the storage protocol selected is FC. -# Defaults to undef -# -# [*expiry_thres_minutes*] -# (optional) This parameter specifies the threshold for last access time for -# images in the NFS image cache. When a cache cleaning cycle begins, images -# in the cache that have not been accessed in the last M minutes, where M is -# the value of this parameter, will be deleted from the cache to create free -# space on the NFS share. -# Defaults to 720 -# -# [*thres_avl_size_perc_start*] -# (optional) If the percentage of available space for an NFS share has -# dropped below the value specified by this parameter, the NFS image cache -# will be cleaned. -# Defaults to 20 -# -# [*thres_avl_size_perc_stop*] -# (optional) When the percentage of available space on an NFS share has -# reached the percentage specified by this parameter, the driver will stop -# clearing files from the NFS image cache that have not been accessed in the -# last M minutes, where M is the value of the expiry_thres_minutes parameter. -# Defaults to 60 -# -# [*nfs_shares*] -# (optional) Array of NFS exports in the form of host:/share; will be written into -# file specified in nfs_shares_config -# Defaults to undef -# -# [*nfs_shares_config*] -# (optional) File with the list of available NFS shares -# Defaults to '/etc/cinder/shares.conf' -# -# [*nfs_mount_options*] -# (optional) Mount options passed to the nfs client. See section -# of the nfs man page for details. -# Defaults to undef -# -# [*netapp_copyoffload_tool_path*] -# (optional) This option specifies the path of the NetApp Copy Offload tool -# binary. Ensure that the binary has execute permissions set which allow the -# effective user of the cinder-volume process to execute the file. -# Defaults to undef -# -# [*netapp_controller_ips*] -# (optional) This option is only utilized when the storage family is -# configured to eseries. This option is used to restrict provisioning to the -# specified controllers. Specify the value of this option to be a comma -# separated list of controller hostnames or IP addresses to be used for -# provisioning. -# Defaults to undef -# -# [*netapp_sa_password*] -# (optional) Password for the NetApp E-Series storage array. -# Defaults to undef -# -# [*netapp_storage_pools*] -# (optional) This option is used to restrict provisioning to the specified -# storage pools. Only dynamic disk pools are currently supported. Specify the -# value of this option to be a comma separated list of disk pool names to be -# used for provisioning. -# Defaults to undef -# -# [*netapp_eseries_host_type*] -# (optional) This option is used to define how the controllers in the -# E-Series storage array will work with the particular operating system on -# the hosts that are connected to it. -# Defaults to 'linux_dm_mp' -# -# [*netapp_webservice_path*] -# (optional) This option is used to specify the path to the E-Series proxy -# application on a proxy server. The value is combined with the value of the -# netapp_transport_type, netapp_server_hostname, and netapp_server_port -# options to create the URL used by the driver to connect to the proxy -# application. -# Defaults to '/devmgr/v2' -# -# [*extra_options*] -# (optional) Hash of extra options to pass to the backend stanza -# Defaults to: {} -# Example : -# { 'netapp_backend/param1' => { 'value' => value1 } } -# -# === Examples -# -# class { 'cinder::volume::netapp': -# netapp_login => 'clusterAdmin', -# netapp_password => 'password', -# netapp_server_hostname => 'netapp.mycorp.com', -# netapp_server_port => '443', -# netapp_transport_type => 'https', -# netapp_vserver => 'openstack-vserver', -# } -# -# === Authors -# -# Bob Callaway -# -# === Copyright -# -# Copyright 2013 NetApp, Inc. -# -class cinder::volume::netapp ( - $netapp_login, - $netapp_password, - $netapp_server_hostname, - $netapp_server_port = '80', - $netapp_size_multiplier = '1.2', - $netapp_storage_family = 'ontap_cluster', - $netapp_storage_protocol = 'nfs', - $netapp_transport_type = 'http', - $netapp_vfiler = undef, - $netapp_volume_list = undef, - $netapp_vserver = undef, - $netapp_partner_backend_name = undef, - $expiry_thres_minutes = '720', - $thres_avl_size_perc_start = '20', - $thres_avl_size_perc_stop = '60', - $nfs_shares = undef, - $nfs_shares_config = '/etc/cinder/shares.conf', - $netapp_copyoffload_tool_path = undef, - $netapp_controller_ips = undef, - $netapp_sa_password = undef, - $netapp_storage_pools = undef, - $netapp_eseries_host_type = 'linux_dm_mp', - $netapp_webservice_path = '/devmgr/v2', - $nfs_mount_options = undef, - $extra_options = {}, -) { - - cinder::backend::netapp { 'DEFAULT': - netapp_login => $netapp_login, - netapp_password => $netapp_password, - netapp_server_hostname => $netapp_server_hostname, - netapp_server_port => $netapp_server_port, - netapp_size_multiplier => $netapp_size_multiplier, - netapp_storage_family => $netapp_storage_family, - netapp_storage_protocol => $netapp_storage_protocol, - netapp_transport_type => $netapp_transport_type, - netapp_vfiler => $netapp_vfiler, - netapp_volume_list => $netapp_volume_list, - netapp_vserver => $netapp_vserver, - netapp_partner_backend_name => $netapp_partner_backend_name, - expiry_thres_minutes => $expiry_thres_minutes, - thres_avl_size_perc_start => $thres_avl_size_perc_start, - thres_avl_size_perc_stop => $thres_avl_size_perc_stop, - nfs_shares => $nfs_shares, - nfs_shares_config => $nfs_shares_config, - netapp_copyoffload_tool_path => $netapp_copyoffload_tool_path, - netapp_controller_ips => $netapp_controller_ips, - netapp_sa_password => $netapp_sa_password, - netapp_storage_pools => $netapp_storage_pools, - netapp_eseries_host_type => $netapp_eseries_host_type, - netapp_webservice_path => $netapp_webservice_path, - nfs_mount_options => $nfs_mount_options, - extra_options => $extra_options, - } -} diff --git a/cinder/manifests/volume/nexenta.pp b/cinder/manifests/volume/nexenta.pp deleted file mode 100644 index a2278c408..000000000 --- a/cinder/manifests/volume/nexenta.pp +++ /dev/null @@ -1,60 +0,0 @@ -# == Class: cinder::volume::nexenta -# -# Setups Cinder with Nexenta volume driver. -# -# === Parameters -# -# [*nexenta_user*] -# (required) User name to connect to Nexenta SA. -# -# [*nexenta_password*] -# (required) Password to connect to Nexenta SA. -# -# [*nexenta_host*] -# (required) IP address of Nexenta SA. -# -# [*nexenta_volume*] -# (optional) Pool on SA that will hold all volumes. Defaults to 'cinder'. -# -# [*nexenta_target_prefix*] -# (optional) IQN prefix for iSCSI targets. Defaults to 'iqn:'. -# -# [*nexenta_target_group_prefix*] -# (optional) Prefix for iSCSI target groups on SA. Defaults to 'cinder/'. -# -# [*nexenta_blocksize*] -# (optional) Block size for volumes. Defaults to '8k'. -# -# [*nexenta_sparse*] -# (optional) Flag to create sparse volumes. Defaults to true. -# -# [*extra_options*] -# (optional) Hash of extra options to pass to the backend stanza -# Defaults to: {} -# Example : -# { 'nexenta_backend/param1' => { 'value' => value1 } } -# -class cinder::volume::nexenta ( - $nexenta_user, - $nexenta_password, - $nexenta_host, - $nexenta_volume = 'cinder', - $nexenta_target_prefix = 'iqn:', - $nexenta_target_group_prefix = 'cinder/', - $nexenta_blocksize = '8k', - $nexenta_sparse = true, - $extra_options = {}, -) { - - cinder::backend::nexenta { 'DEFAULT': - nexenta_user => $nexenta_user, - nexenta_password => $nexenta_password, - nexenta_host => $nexenta_host, - nexenta_volume => $nexenta_volume, - nexenta_target_prefix => $nexenta_target_prefix, - nexenta_target_group_prefix => $nexenta_target_group_prefix, - nexenta_blocksize => $nexenta_blocksize, - nexenta_sparse => $nexenta_sparse, - extra_options => $extra_options, - } -} diff --git a/cinder/manifests/volume/nfs.pp b/cinder/manifests/volume/nfs.pp deleted file mode 100644 index 63889a6f9..000000000 --- a/cinder/manifests/volume/nfs.pp +++ /dev/null @@ -1,80 +0,0 @@ -# == Class: cinder::volume::nfs -# -# -# === Parameters -# -# [*nfs_servers*] -# (Required) Description -# Defaults to '[]' -# -# [*nfs_mount_attempts*] -# (optional) The number of attempts to mount nfs shares before raising an -# error. At least one attempt will be made to mount an nfs share, regardless -# of the value specified. -# Defaults to $::os_service_default -# -# [*nfs_mount_options*] -# (Optional) Mount options passed to the nfs client. -# Defaults to $::os_service_default. -# -# [*nfs_disk_util*] -# (Optional) TODO -# Defaults to $::os_service_default. -# -# [*nfs_sparsed_volumes*] -# (Optional) Create volumes as sparsed files which take no space. -# If set to False volume is created as regular file. -# In such case volume creation takes a lot of time. -# Defaults to $::os_service_default. -# -# [*nfs_mount_point_base*] -# (Optional) Base dir containing mount points for nfs shares. -# Defaults to $::os_service_default. -# -# [*nfs_shares_config*] -# (Optional) File with the list of available nfs shares. -# Defaults to '/etc/cinder/shares.conf'. -# -# [*nfs_used_ratio*] -# (Optional) Percent of ACTUAL usage of the underlying volume before no new -# volumes can be allocated to the volume destination. -# Defaults to $::os_service_default. -# -# [*nfs_oversub_ratio*] -# (Optional) This will compare the allocated to available space on the volume -# destination. If the ratio exceeds this number, the destination will no -# longer be valid. -# Defaults to $::os_service_default. -# -# [*extra_options*] -# (optional) Hash of extra options to pass to the backend stanza -# Defaults to: {} -# Example : -# { 'nfs_backend/param1' => { 'value' => value1 } } -# -class cinder::volume::nfs ( - $nfs_servers = [], - $nfs_mount_attempts = $::os_service_default, - $nfs_mount_options = $::os_service_default, - $nfs_disk_util = $::os_service_default, - $nfs_sparsed_volumes = $::os_service_default, - $nfs_mount_point_base = $::os_service_default, - $nfs_shares_config = '/etc/cinder/shares.conf', - $nfs_used_ratio = $::os_service_default, - $nfs_oversub_ratio = $::os_service_default, - $extra_options = {}, -) { - - cinder::backend::nfs { 'DEFAULT': - nfs_servers => $nfs_servers, - nfs_mount_attempts => $nfs_mount_attempts, - nfs_mount_options => $nfs_mount_options, - nfs_disk_util => $nfs_disk_util, - nfs_sparsed_volumes => $nfs_sparsed_volumes, - nfs_mount_point_base => $nfs_mount_point_base, - nfs_shares_config => $nfs_shares_config, - nfs_used_ratio => $nfs_used_ratio, - nfs_oversub_ratio => $nfs_oversub_ratio, - extra_options => $extra_options, - } -} diff --git a/cinder/manifests/volume/pure.pp b/cinder/manifests/volume/pure.pp deleted file mode 100644 index 38ed84acd..000000000 --- a/cinder/manifests/volume/pure.pp +++ /dev/null @@ -1,56 +0,0 @@ -# == Class: cinder::volume::pure -# -# Configures Cinder volume PureStorage driver. -# Parameters are particular to each volume driver. -# -# === Parameters -# -# [*san_ip*] -# (required) IP address of PureStorage management VIP. -# -# [*pure_api_token*] -# (required) API token for management of PureStorage array. -# -# [*volume_backend_name*] -# (optional) Allows for the volume_backend_name to be separate of $name. -# Defaults to: $name -# -# [*pure_storage_protocol*] -# (optional) Must be either 'iSCSI' or 'FC'. This will determine -# which Volume Driver will be configured; PureISCSIDriver or PureFCDriver. -# Defaults to 'iSCSI' -# -# [*use_multipath_for_image_xfer*] -# (optional) . -# Defaults to True -# -# [*use_chap_auth*] -# (optional) Only affects the PureISCSIDriver. -# Defaults to False -# -# [*extra_options*] -# (optional) Hash of extra options to pass to the backend stanza. -# Defaults to: {} -# Example : -# { 'pure_backend/param1' => { 'value' => value1 } } -# -class cinder::volume::pure( - $san_ip, - $pure_api_token, - $use_chap_auth = false, - $volume_backend_name = '', - $use_multipath_for_image_xfer = true, - $pure_storage_protocol = 'iSCSI', - $extra_options = {}, -) { - - cinder::backend::pure { 'DEFAULT': - san_ip => $san_ip, - pure_api_token => $pure_api_token, - pure_storage_protocol => $pure_storage_protocol, - use_chap_auth => $use_chap_auth, - use_multipath_for_image_xfer => $use_multipath_for_image_xfer, - volume_backend_name => $volume_backend_name, - extra_options => $extra_options, - } -} diff --git a/cinder/manifests/volume/quobyte.pp b/cinder/manifests/volume/quobyte.pp deleted file mode 100644 index 9f045a6c3..000000000 --- a/cinder/manifests/volume/quobyte.pp +++ /dev/null @@ -1,55 +0,0 @@ -# -# == Class: cinder::volume::quobyte -# -# Configures Cinder to use Quobyte USP as a volume driver -# -# === Parameters -# -# [*quobyte_volume_url*] -# (required) The URL of the Quobyte volume to use. -# Not an array as a Quobyte driver instance supports exactly one volume -# at a time - but you can load the driver more than once. -# Example: quobyte://quobyte.cluster.example.com/volume-name -# -# [*quobyte_client_cfg*] -# (optional) Path to a Quobyte client configuration file. -# This is needed if client certificate authentication is enabled on the -# Quobyte cluster. The config file includes the certificate and key. -# -# [*quobyte_qcow2_volumes*] -# (optional) Boolean if volumes should be created as qcow2 volumes. -# Defaults to True. qcow2 volumes allow snapshots, at the cost of a small -# performance penalty. If False, raw volumes will be used. -# -# [*quobyte_sparsed_volumes*] -# (optional) Boolean if raw volumes should be created as sparse files. -# Defaults to True. Non-sparse volumes may have a very small performance -# benefit, but take a long time to create. -# -# [*quobyte_mount_point_base*] -# (optional) Path where the driver should create mountpoints. -# Defaults to a subdirectory "mnt" under the Cinder state directory. -# -# === Examples -# -# class { 'cinder::volume::quobyte': -# quobyte_volume_url => 'quobyte://quobyte.cluster.example.com/volume-name', -# } -# -class cinder::volume::quobyte ( - $quobyte_volume_url, - $quobyte_client_cfg = undef, - $quobyte_qcow2_volumes = undef, - $quobyte_sparsed_volumes = undef, - $quobyte_mount_point_base = undef, -) { - - cinder::backend::quobyte { 'DEFAULT': - quobyte_volume_url => $quobyte_volume_url, - quobyte_client_cfg => $quobyte_client_cfg, - quobyte_qcow2_volumes => $quobyte_qcow2_volumes, - quobyte_sparsed_volumes => $quobyte_sparsed_volumes, - quobyte_mount_point_base => $quobyte_mount_point_base, - } - -} diff --git a/cinder/manifests/volume/rbd.pp b/cinder/manifests/volume/rbd.pp deleted file mode 100644 index 2cd012e46..000000000 --- a/cinder/manifests/volume/rbd.pp +++ /dev/null @@ -1,92 +0,0 @@ -# == Class: cinder::volume::rbd -# -# Setup Cinder to use the RBD driver. -# -# === Parameters -# -# [*rbd_pool*] -# (required) Specifies the pool name for the block device driver. -# -# [*rbd_user*] -# (required) A required parameter to configure OS init scripts and cephx. -# -# [*rbd_ceph_conf*] -# (optional) Path to the ceph configuration file to use -# Defaults to '/etc/ceph/ceph.conf' -# -# [*rbd_flatten_volume_from_snapshot*] -# (optional) Enable flatten volumes created from snapshots. -# Defaults to $::os_service_default -# -# [*rbd_secret_uuid*] -# (optional) A required parameter to use cephx. -# Defaults to $::os_service_default -# -# [*rbd_max_clone_depth*] -# (optional) Maximum number of nested clones that can be taken of a -# volume before enforcing a flatten prior to next clone. -# A value of zero disables cloning -# Defaults to $::os_service_default -# -# [*rados_connect_timeout*] -# (optional) Timeout value (in seconds) used when connecting to ceph cluster. -# If value < 0, no timeout is set and default librados value is used. -# Defaults to $::os_service_default -# -# [*rados_connection_interval*] -# (optional) Interval value (in seconds) between connection retries to ceph -# cluster. -# Defaults to $::os_service_default -# -# [*rados_connection_retries*] -# (optional) Number of retries if connection to ceph cluster failed. -# Defaults to $::os_service_default -# -# [*rbd_store_chunk_size*] -# (optional) Volumes will be chunked into objects of this size (in megabytes). -# Defaults to $::os_service_default -# -# [*extra_options*] -# (optional) Hash of extra options to pass to the backend stanza -# Defaults to: {} -# Example : -# { 'rbd_backend/param1' => { 'value' => value1 } } -# -# === Deprecated Parameters -# -# [*volume_tmp_dir*] -# (deprecated by image_conversion_dir) Location to store temporary image files -# if the volume driver does not write them directly to the volume -# Defaults to false -# -class cinder::volume::rbd ( - $rbd_pool, - $rbd_user, - $rbd_ceph_conf = '/etc/ceph/ceph.conf', - $rbd_flatten_volume_from_snapshot = $::os_service_default, - $rbd_secret_uuid = $::os_service_default, - $rbd_max_clone_depth = $::os_service_default, - $rados_connect_timeout = $::os_service_default, - $rados_connection_interval = $::os_service_default, - $rados_connection_retries = $::os_service_default, - $rbd_store_chunk_size = $::os_service_default, - $extra_options = {}, - # DEPRECATED PARAMETERS - $volume_tmp_dir = false, -) { - - cinder::backend::rbd { 'DEFAULT': - rbd_pool => $rbd_pool, - rbd_user => $rbd_user, - rbd_ceph_conf => $rbd_ceph_conf, - rbd_flatten_volume_from_snapshot => $rbd_flatten_volume_from_snapshot, - rbd_secret_uuid => $rbd_secret_uuid, - volume_tmp_dir => $volume_tmp_dir, - rbd_max_clone_depth => $rbd_max_clone_depth, - rados_connect_timeout => $rados_connect_timeout, - rados_connection_interval => $rados_connection_interval, - rados_connection_retries => $rados_connection_retries, - rbd_store_chunk_size => $rbd_store_chunk_size, - extra_options => $extra_options, - } -} diff --git a/cinder/manifests/volume/san.pp b/cinder/manifests/volume/san.pp deleted file mode 100644 index bb177e6e0..000000000 --- a/cinder/manifests/volume/san.pp +++ /dev/null @@ -1,89 +0,0 @@ -# == Class: cinder::volume::san -# -# Configures Cinder volume SAN driver. -# Parameters are particular to each volume driver. -# -# === Parameters -# -# [*volume_driver*] -# (required) Setup cinder-volume to use volume driver. -# -# [*san_thin_provision*] -# (Optional) Use thin provisioning for SAN volumes? -# Defaults to true. -# -# [*san_ip*] -# (Optional) IP address of SAN controller. -# -# [*san_login*] -# (Optional) Username for SAN controller. -# Defaults to 'admin'. -# -# [*san_password*] -# (Optional) Password for SAN controller. -# -# [*san_private_key*] -# (Optional) Filename of private key to use for SSH authentication. -# -# [*san_clustername*] -# (Optional) Cluster name to use for creating volumes. -# -# [*san_ssh_port*] -# (Optional) SSH port to use with SAN. -# Defaults to 22. -# -# [*san_is_local*] -# (Optional) Execute commands locally instead of over SSH -# use if the volume service is running on the SAN device. -# Defaults to 'false'. -# -# [*ssh_conn_timeout*] -# (Optional) SSH connection timeout in seconds. -# Defaults to '30'. -# -# [*ssh_min_pool_conn*] -# (Optional) Minimum ssh connections in the pool. -# Defaults to '1'. -# -# [*ssh_max_pool_conn*] -# (Optional) Maximum ssh connections in the pool. -# Defaults to '5'. -# -# [*extra_options*] -# (optional) Hash of extra options to pass to the backend stanza -# Defaults to: {} -# Example : -# { 'san_backend/param1' => { 'value' => value1 } } -# -class cinder::volume::san ( - $volume_driver, - $san_thin_provision = true, - $san_ip = undef, - $san_login = 'admin', - $san_password = undef, - $san_private_key = undef, - $san_clustername = undef, - $san_ssh_port = 22, - $san_is_local = false, - $ssh_conn_timeout = 30, - $ssh_min_pool_conn = 1, - $ssh_max_pool_conn = 5, - $extra_options = {}, -) { - - cinder::backend::san { 'DEFAULT': - volume_driver => $volume_driver, - san_thin_provision => $san_thin_provision, - san_ip => $san_ip, - san_login => $san_login, - san_password => $san_password, - san_private_key => $san_private_key, - san_clustername => $san_clustername, - san_ssh_port => $san_ssh_port, - san_is_local => $san_is_local, - ssh_conn_timeout => $ssh_conn_timeout, - ssh_min_pool_conn => $ssh_min_pool_conn, - ssh_max_pool_conn => $ssh_max_pool_conn, - extra_options => $extra_options, - } -} diff --git a/cinder/manifests/volume/solidfire.pp b/cinder/manifests/volume/solidfire.pp deleted file mode 100644 index dcb095f34..000000000 --- a/cinder/manifests/volume/solidfire.pp +++ /dev/null @@ -1,81 +0,0 @@ -# == Class: cinder::volume::solidfire -# -# Configures Cinder volume SolidFire driver. -# Parameters are particular to each volume driver. -# -# === Parameters -# -# [*volume_driver*] -# (optional) Setup cinder-volume to use SolidFire volume driver. -# Defaults to 'cinder.volume.drivers.solidfire.SolidFireDriver' -# -# [*san_ip*] -# (required) IP address of SolidFire clusters MVIP. -# -# [*san_login*] -# (required) Username for SolidFire admin account. -# -# [*san_password*] -# (required) Password for SolidFire admin account. -# -# [*sf_emulate_512*] -# (optional) Use 512 byte emulation for volumes. -# Defaults to True -# -# [*sf_allow_tenant_qos*] -# (optional) Allow tenants to specify QoS via volume metadata. -# Defaults to False -# -# [*sf_account_prefix*] -# (optional) Prefix to use when creating tenant accounts on SolidFire Cluster. -# Defaults to None, so account name is simply the tenant-uuid -# -# [*sf_template_account_name*] -# (optional) Account name on the SolidFire Cluster to use as owner of -# template/cache volumes (created if does not exist) -# Defaults to openstack-vtemplate -# -# [*sf_allow_template_caching*] -# (optional) Create an internal cache of copy of images when a bootable -# volume is created to eliminate fetch from glance and qemu- -# conversion on subsequent calls. -# Defaults to false -# -# [*sf_api_port*] -# (optional) Port ID to use to connect to SolidFire API. -# Defaults to 443 -# -# [*extra_options*] -# (optional) Hash of extra options to pass to the backend stanza -# Defaults to: {} -# Example : -# { 'solidfire_backend/param1' => { 'value' => value1 } } -# -class cinder::volume::solidfire( - $san_ip, - $san_login, - $san_password, - $volume_driver = 'cinder.volume.drivers.solidfire.SolidFireDriver', - $sf_emulate_512 = true, - $sf_allow_tenant_qos = false, - $sf_account_prefix = '', - $sf_template_account_name = 'openstack-vtemplate', - $sf_allow_template_caching = false, - $sf_api_port = '443', - $extra_options = {}, -) { - - cinder::backend::solidfire { 'DEFAULT': - san_ip => $san_ip, - san_login => $san_login, - san_password => $san_password, - volume_driver => $volume_driver, - sf_emulate_512 => $sf_emulate_512, - sf_allow_tenant_qos => $sf_allow_tenant_qos, - sf_account_prefix => $sf_account_prefix, - sf_template_account_name => $sf_template_account_name, - sf_allow_template_caching => $sf_allow_template_caching, - sf_api_port => $sf_api_port, - extra_options => $extra_options, - } -} diff --git a/cinder/manifests/volume/vmdk.pp b/cinder/manifests/volume/vmdk.pp deleted file mode 100644 index ffd85ec77..000000000 --- a/cinder/manifests/volume/vmdk.pp +++ /dev/null @@ -1,79 +0,0 @@ -# == define: cinder::volume::vmdk -# -# Configure the VMware VMDK driver for cinder. -# -# === Parameters -# -# [*host_ip*] -# The IP address of the VMware vCenter server. -# -# [*host_username*] -# The username for connection to VMware vCenter server. -# -# [*host_password*] -# The password for connection to VMware vCenter server. -# -# [*api_retry_count*] -# (optional) The number of times we retry on failures, -# e.g., socket error, etc. -# Defaults to 10. -# -# [*max_object_retrieval*] -# (optional) The maximum number of ObjectContent data objects that should -# be returned in a single result. A positive value will cause -# the operation to suspend the retrieval when the count of -# objects reaches the specified maximum. The server may still -# limit the count to something less than the configured value. -# Any remaining objects may be retrieved with additional requests. -# Defaults to 100. -# -# [*task_poll_interval*] -# (optional) The interval in seconds used for polling of remote tasks. -# Defaults to 5. -# -# [*image_transfer_timeout_secs*] -# (optional) The timeout in seconds for VMDK volume transfer between Cinder and Glance. -# Defaults to 7200. -# -# [*wsdl_location*] -# (optional) VIM Service WSDL Location e.g -# http:///vimService.wsdl. Optional over-ride to -# default location for bug work-arounds. -# Defaults to None. -# -# [*volume_folder*] -# (optional) The name for the folder in the VC datacenter that will contain cinder volumes. -# Defaults to 'cinder-volumes'. -# -# [*extra_options*] -# (optional) Hash of extra options to pass to the backend stanza -# Defaults to: {} -# Example : -# { 'vmdk_backend/param1' => { 'value' => value1 } } -# -class cinder::volume::vmdk( - $host_ip, - $host_username, - $host_password, - $volume_folder = 'cinder-volumes', - $api_retry_count = 10, - $max_object_retrieval = 100, - $task_poll_interval = 5, - $image_transfer_timeout_secs = 7200, - $wsdl_location = undef, - $extra_options = {}, -) { - - cinder::backend::vmdk { 'DEFAULT': - host_ip => $host_ip, - host_username => $host_username, - host_password => $host_password, - volume_folder => $volume_folder, - api_retry_count => $api_retry_count, - max_object_retrieval => $max_object_retrieval, - task_poll_interval => $task_poll_interval, - image_transfer_timeout_secs => $image_transfer_timeout_secs, - wsdl_location => $wsdl_location, - extra_options => $extra_options, - } -} diff --git a/cinder/metadata.json b/cinder/metadata.json deleted file mode 100644 index ad330accc..000000000 --- a/cinder/metadata.json +++ /dev/null @@ -1,32 +0,0 @@ -{ - "name": "openstack-cinder", - "version": "8.1.0", - "author": "Puppet Labs and OpenStack Contributors", - "summary": "Puppet module for OpenStack Cinder", - "license": "Apache-2.0", - "source": "git://github.com/openstack/puppet-cinder.git", - "project_page": "https://launchpad.net/puppet-cinder", - "issues_url": "https://bugs.launchpad.net/puppet-cinder", - "requirements": [ - { "name": "pe", "version_requirement": ">= 3.2.0 <= 2016.1.0" }, - { "name": "puppet", "version_requirement": ">= 3.0.0 < 5.0.0" } - ], - "operatingsystem_support": [ - { - "operatingsystem": "RedHat", - "operatingsystemrelease": ["7"] - }, - { - "operatingsystem": "Ubuntu", - "operatingsystemrelease": ["14.04"] - } - ], - "description": "Installs and configures OpenStack Cinder (Block Storage).", - "dependencies": [ - { "name": "puppetlabs/inifile", "version_requirement": ">=1.4.0 <2.0.0" }, - { "name": "openstack/keystone", "version_requirement": ">=8.1.0 <9.0.0" }, - { "name": "puppetlabs/rabbitmq", "version_requirement": ">=5.3.1 <6.0.0" }, - { "name": "puppetlabs/stdlib", "version_requirement": ">=4.9.0 <5.0.0" }, - { "name": "openstack/openstacklib", "version_requirement": ">=8.1.0 <9.0.0" } - ] -} diff --git a/cinder/releasenotes/notes/Test-volume-permissions-7ca9964fdb8491a2.yaml b/cinder/releasenotes/notes/Test-volume-permissions-7ca9964fdb8491a2.yaml deleted file mode 100644 index d2807857a..000000000 --- a/cinder/releasenotes/notes/Test-volume-permissions-7ca9964fdb8491a2.yaml +++ /dev/null @@ -1,5 +0,0 @@ ---- -security: - - Set the permissions of the file used as backend - for the test volume to 0640, to avoid giving read - permissions to any user on created volumes. diff --git a/cinder/releasenotes/notes/block_device_backend-877dc1cd0ffab684.yaml b/cinder/releasenotes/notes/block_device_backend-877dc1cd0ffab684.yaml deleted file mode 100644 index 010ccc60b..000000000 --- a/cinder/releasenotes/notes/block_device_backend-877dc1cd0ffab684.yaml +++ /dev/null @@ -1,3 +0,0 @@ ---- -features: - - Add support of Block Device backend for Cinder. diff --git a/cinder/releasenotes/notes/cinder_v3-aacaa1f385aab7c4.yaml b/cinder/releasenotes/notes/cinder_v3-aacaa1f385aab7c4.yaml deleted file mode 100644 index 8486dd31f..000000000 --- a/cinder/releasenotes/notes/cinder_v3-aacaa1f385aab7c4.yaml +++ /dev/null @@ -1,6 +0,0 @@ ---- -features: - - Add Cinder API v3 support. - It will activate v2 Keystone resources by default from now, - allow to activate cinder v3 api, enabled by default, - allow to manage Keystone resources for Cinder v3 API, enabled by default. diff --git a/cinder/releasenotes/notes/deprecate_auth_params-e34ba5123cee9060.yaml b/cinder/releasenotes/notes/deprecate_auth_params-e34ba5123cee9060.yaml deleted file mode 100644 index 5dc1e2503..000000000 --- a/cinder/releasenotes/notes/deprecate_auth_params-e34ba5123cee9060.yaml +++ /dev/null @@ -1,4 +0,0 @@ ---- -deprecations: - - Drop deprecated parameters for authentification to use identity_uri - and auth_uri by default. diff --git a/cinder/releasenotes/notes/deprecate_cluster_id-8d9838a9ef8932bf.yaml b/cinder/releasenotes/notes/deprecate_cluster_id-8d9838a9ef8932bf.yaml deleted file mode 100644 index f9ef9c69f..000000000 --- a/cinder/releasenotes/notes/deprecate_cluster_id-8d9838a9ef8932bf.yaml +++ /dev/null @@ -1,3 +0,0 @@ ---- -deprecations: - - cluster_id parameter is deprecated. diff --git a/cinder/releasenotes/notes/deprecate_liberty-192d873c0d039e21.yaml b/cinder/releasenotes/notes/deprecate_liberty-192d873c0d039e21.yaml deleted file mode 100644 index 1d29b3633..000000000 --- a/cinder/releasenotes/notes/deprecate_liberty-192d873c0d039e21.yaml +++ /dev/null @@ -1,3 +0,0 @@ ---- -deprecations: - - Remove code deprecated in liberty cycle. diff --git a/cinder/releasenotes/notes/fix_multiple_rbd-e70b48e788387fa8.yaml b/cinder/releasenotes/notes/fix_multiple_rbd-e70b48e788387fa8.yaml deleted file mode 100644 index 07c233fd7..000000000 --- a/cinder/releasenotes/notes/fix_multiple_rbd-e70b48e788387fa8.yaml +++ /dev/null @@ -1,5 +0,0 @@ ---- -fixes: - - Fixes `bug 1526533 - `__ so we're - able to deploy multiple RBD backends with multiple users. diff --git a/cinder/releasenotes/notes/host_config-d58e1bb4c2aff303.yaml b/cinder/releasenotes/notes/host_config-d58e1bb4c2aff303.yaml deleted file mode 100644 index 6069f75f5..000000000 --- a/cinder/releasenotes/notes/host_config-d58e1bb4c2aff303.yaml +++ /dev/null @@ -1,3 +0,0 @@ ---- -features: - - Allow customization of DEFAULT/host. diff --git a/cinder/releasenotes/notes/keystone-v3-support-cinder_type-09357cfcf7834e80.yaml b/cinder/releasenotes/notes/keystone-v3-support-cinder_type-09357cfcf7834e80.yaml deleted file mode 100644 index 399cf7538..000000000 --- a/cinder/releasenotes/notes/keystone-v3-support-cinder_type-09357cfcf7834e80.yaml +++ /dev/null @@ -1,4 +0,0 @@ ---- -features: - - Keystone v3 support is added to the cinder_type - provider. diff --git a/cinder/releasenotes/notes/mitaka-dece9d43a565e6cb.yaml b/cinder/releasenotes/notes/mitaka-dece9d43a565e6cb.yaml deleted file mode 100644 index 1ffa2be02..000000000 --- a/cinder/releasenotes/notes/mitaka-dece9d43a565e6cb.yaml +++ /dev/null @@ -1,3 +0,0 @@ ---- -prelude: > - This is the first Mitaka release for puppet-cinder module. diff --git a/cinder/releasenotes/notes/pymysql-e57bf1f0289dd426.yaml b/cinder/releasenotes/notes/pymysql-e57bf1f0289dd426.yaml deleted file mode 100644 index 3556c0c8c..000000000 --- a/cinder/releasenotes/notes/pymysql-e57bf1f0289dd426.yaml +++ /dev/null @@ -1,3 +0,0 @@ ---- -features: - - Support of PyMySQL driver for MySQL backend. diff --git a/cinder/releasenotes/notes/remove_qpid-0b446db43fdea617.yaml b/cinder/releasenotes/notes/remove_qpid-0b446db43fdea617.yaml deleted file mode 100644 index c59a436d3..000000000 --- a/cinder/releasenotes/notes/remove_qpid-0b446db43fdea617.yaml +++ /dev/null @@ -1,5 +0,0 @@ ---- -deprecations: - - Remove QPID messaging support. - Qpid messaging driver is removed from oslo.messaging so we won't support - anymore. diff --git a/cinder/releasenotes/notes/solidfire_glance-e3bc65c5ff6a634d.yaml b/cinder/releasenotes/notes/solidfire_glance-e3bc65c5ff6a634d.yaml deleted file mode 100644 index 3738e7ea0..000000000 --- a/cinder/releasenotes/notes/solidfire_glance-e3bc65c5ff6a634d.yaml +++ /dev/null @@ -1,3 +0,0 @@ ---- -features: - - Add glance caching options for soldifire. diff --git a/cinder/releasenotes/notes/type_providers-4f316d6b119c4d38.yaml b/cinder/releasenotes/notes/type_providers-4f316d6b119c4d38.yaml deleted file mode 100644 index 323d0647f..000000000 --- a/cinder/releasenotes/notes/type_providers-4f316d6b119c4d38.yaml +++ /dev/null @@ -1,4 +0,0 @@ ---- -other: - - Replace defines for managing cinder types with providers. - It replaces Exec resources bu Ruby providers using openstacklib. diff --git a/cinder/releasenotes/notes/use-reno-1caaec4ba5aa4285.yaml b/cinder/releasenotes/notes/use-reno-1caaec4ba5aa4285.yaml deleted file mode 100644 index 41cef2f11..000000000 --- a/cinder/releasenotes/notes/use-reno-1caaec4ba5aa4285.yaml +++ /dev/null @@ -1,4 +0,0 @@ ---- -features: - - Release notes are no longer maintained by hand, we now use the reno tool to - manage them. diff --git a/cinder/releasenotes/source/_static/.placeholder b/cinder/releasenotes/source/_static/.placeholder deleted file mode 100644 index e69de29bb..000000000 diff --git a/cinder/releasenotes/source/conf.py b/cinder/releasenotes/source/conf.py deleted file mode 100644 index 073c0b716..000000000 --- a/cinder/releasenotes/source/conf.py +++ /dev/null @@ -1,259 +0,0 @@ -# -*- coding: utf-8 -*- -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or -# implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -# If extensions (or modules to document with autodoc) are in another directory, -# add these directories to sys.path here. If the directory is relative to the -# documentation root, use os.path.abspath to make it absolute, like shown here. -#sys.path.insert(0, os.path.abspath('.')) - -# -- General configuration ------------------------------------------------ - -# If your documentation needs a minimal Sphinx version, state it here. -#needs_sphinx = '1.0' - -# Add any Sphinx extension module names here, as strings. They can be -# extensions coming with Sphinx (named 'sphinx.ext.*') or your custom -# ones. -extensions = [ - 'oslosphinx', - 'reno.sphinxext', -] - -# Add any paths that contain templates here, relative to this directory. -templates_path = ['_templates'] - -# The suffix of source filenames. -source_suffix = '.rst' - -# The encoding of source files. -#source_encoding = 'utf-8-sig' - -# The master toctree document. -master_doc = 'index' - -# General information about the project. -project = u'puppet-cinder Release Notes' -copyright = u'2016, Puppet OpenStack Developers' - -# The version info for the project you're documenting, acts as replacement for -# |version| and |release|, also used in various other places throughout the -# built documents. -# -# The short X.Y version. -version = '8.1.0' -# The full version, including alpha/beta/rc tags. -release = '8.1.0' - -# The language for content autogenerated by Sphinx. Refer to documentation -# for a list of supported languages. -#language = None - -# There are two options for replacing |today|: either, you set today to some -# non-false value, then it is used: -#today = '' -# Else, today_fmt is used as the format for a strftime call. -#today_fmt = '%B %d, %Y' - -# List of patterns, relative to source directory, that match files and -# directories to ignore when looking for source files. -exclude_patterns = [] - -# The reST default role (used for this markup: `text`) to use for all -# documents. -#default_role = None - -# If true, '()' will be appended to :func: etc. cross-reference text. -#add_function_parentheses = True - -# If true, the current module name will be prepended to all description -# unit titles (such as .. function::). -#add_module_names = True - -# If true, sectionauthor and moduleauthor directives will be shown in the -# output. They are ignored by default. -#show_authors = False - -# The name of the Pygments (syntax highlighting) style to use. -pygments_style = 'sphinx' - -# A list of ignored prefixes for module index sorting. -#modindex_common_prefix = [] - -# If true, keep warnings as "system message" paragraphs in the built documents. -#keep_warnings = False - - -# -- Options for HTML output ---------------------------------------------- - -# The theme to use for HTML and HTML Help pages. See the documentation for -# a list of builtin themes. -html_theme = 'default' - -# Theme options are theme-specific and customize the look and feel of a theme -# further. For a list of options available for each theme, see the -# documentation. -#html_theme_options = {} - -# Add any paths that contain custom themes here, relative to this directory. -#html_theme_path = [] - -# The name for this set of Sphinx documents. If None, it defaults to -# " v documentation". -#html_title = None - -# A shorter title for the navigation bar. Default is the same as html_title. -#html_short_title = None - -# The name of an image file (relative to this directory) to place at the top -# of the sidebar. -#html_logo = None - -# The name of an image file (within the static path) to use as favicon of the -# docs. This file should be a Windows icon file (.ico) being 16x16 or 32x32 -# pixels large. -#html_favicon = None - -# Add any paths that contain custom static files (such as style sheets) here, -# relative to this directory. They are copied after the builtin static files, -# so a file named "default.css" will overwrite the builtin "default.css". -html_static_path = ['_static'] - -# Add any extra paths that contain custom files (such as robots.txt or -# .htaccess) here, relative to this directory. These files are copied -# directly to the root of the documentation. -#html_extra_path = [] - -# If not '', a 'Last updated on:' timestamp is inserted at every page bottom, -# using the given strftime format. -#html_last_updated_fmt = '%b %d, %Y' - -# If true, SmartyPants will be used to convert quotes and dashes to -# typographically correct entities. -#html_use_smartypants = True - -# Custom sidebar templates, maps document names to template names. -#html_sidebars = {} - -# Additional templates that should be rendered to pages, maps page names to -# template names. -#html_additional_pages = {} - -# If false, no module index is generated. -#html_domain_indices = True - -# If false, no index is generated. -#html_use_index = True - -# If true, the index is split into individual pages for each letter. -#html_split_index = False - -# If true, links to the reST sources are added to the pages. -#html_show_sourcelink = True - -# If true, "Created using Sphinx" is shown in the HTML footer. Default is True. -#html_show_sphinx = True - -# If true, "(C) Copyright ..." is shown in the HTML footer. Default is True. -#html_show_copyright = True - -# If true, an OpenSearch description file will be output, and all pages will -# contain a tag referring to it. The value of this option must be the -# base URL from which the finished HTML is served. -#html_use_opensearch = '' - -# This is the file name suffix for HTML files (e.g. ".xhtml"). -#html_file_suffix = None - -# Output file base name for HTML help builder. -htmlhelp_basename = 'puppet-cinderReleaseNotesdoc' - - -# -- Options for LaTeX output --------------------------------------------- - -latex_elements = { -# The paper size ('letterpaper' or 'a4paper'). -#'papersize': 'letterpaper', - -# The font size ('10pt', '11pt' or '12pt'). -#'pointsize': '10pt', - -# Additional stuff for the LaTeX preamble. -#'preamble': '', -} - -# Grouping the document tree into LaTeX files. List of tuples -# (source start file, target name, title, -# author, documentclass [howto, manual, or own class]). -latex_documents = [ - ('index', 'puppet-cinderReleaseNotes.tex', u'puppet-cinder Release Notes Documentation', - u'2016, Puppet OpenStack Developers', 'manual'), -] - -# The name of an image file (relative to this directory) to place at the top of -# the title page. -#latex_logo = None - -# For "manual" documents, if this is true, then toplevel headings are parts, -# not chapters. -#latex_use_parts = False - -# If true, show page references after internal links. -#latex_show_pagerefs = False - -# If true, show URL addresses after external links. -#latex_show_urls = False - -# Documents to append as an appendix to all manuals. -#latex_appendices = [] - -# If false, no module index is generated. -#latex_domain_indices = True - - -# -- Options for manual page output --------------------------------------- - -# One entry per manual page. List of tuples -# (source start file, name, description, authors, manual section). -man_pages = [ - ('index', 'puppet-cinderreleasenotes', u'puppet-cinder Release Notes Documentation', - [u'2016, Puppet OpenStack Developers'], 1) -] - -# If true, show URL addresses after external links. -#man_show_urls = False - - -# -- Options for Texinfo output ------------------------------------------- - -# Grouping the document tree into Texinfo files. List of tuples -# (source start file, target name, title, author, -# dir menu entry, description, category) -texinfo_documents = [ - ('index', 'puppet-cinderReleaseNotes', u'puppet-cinder Release Notes Documentation', - u'2016, Puppet OpenStack Developers', 'puppet-cinderReleaseNotes', 'One line description of project.', - 'Miscellaneous'), -] - -# Documents to append as an appendix to all manuals. -#texinfo_appendices = [] - -# If false, no module index is generated. -#texinfo_domain_indices = True - -# How to display URL addresses: 'footnote', 'no', or 'inline'. -#texinfo_show_urls = 'footnote' - -# If true, do not generate a @detailmenu in the "Top" node's menu. -#texinfo_no_detailmenu = False diff --git a/cinder/releasenotes/source/index.rst b/cinder/releasenotes/source/index.rst deleted file mode 100644 index 3206ab9e8..000000000 --- a/cinder/releasenotes/source/index.rst +++ /dev/null @@ -1,19 +0,0 @@ -======================================= -Welcome to puppet-cinder Release Notes! -======================================= - -Contents -======== - -.. toctree:: - :maxdepth: 2 - - mitaka - unreleased - - -Indices and tables -================== - -* :ref:`genindex` -* :ref:`search` diff --git a/cinder/releasenotes/source/mitaka.rst b/cinder/releasenotes/source/mitaka.rst deleted file mode 100644 index 97ab8d1d3..000000000 --- a/cinder/releasenotes/source/mitaka.rst +++ /dev/null @@ -1,6 +0,0 @@ -============================ - Mitaka Series Release Notes -============================ - -.. release-notes:: - :branch: origin/stable/mitaka diff --git a/cinder/releasenotes/source/unreleased.rst b/cinder/releasenotes/source/unreleased.rst deleted file mode 100644 index 2334dd5cf..000000000 --- a/cinder/releasenotes/source/unreleased.rst +++ /dev/null @@ -1,5 +0,0 @@ -============================== - Current Series Release Notes -============================== - - .. release-notes:: diff --git a/cinder/setup.cfg b/cinder/setup.cfg deleted file mode 100644 index 9a56f56fe..000000000 --- a/cinder/setup.cfg +++ /dev/null @@ -1,13 +0,0 @@ -[metadata] -name = puppet-cinder -summary = Puppet module for OpenStack Cinder -description-file = - README.md -author = Puppet Labs and OpenStack Contributors -author-email = openstack-dev@lists.openstack.org -home-page = http://www.openstack.org/ -classifier = - Intended Audience :: Developers - Intended Audience :: System Administrators - License :: OSI Approved :: Apache Software License - Operating System :: POSIX :: Linux diff --git a/cinder/setup.py b/cinder/setup.py deleted file mode 100644 index 70c2b3f32..000000000 --- a/cinder/setup.py +++ /dev/null @@ -1,22 +0,0 @@ -#!/usr/bin/env python -# Copyright (c) 2013 Hewlett-Packard Development Company, L.P. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or -# implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# THIS FILE IS MANAGED BY THE GLOBAL REQUIREMENTS REPO - DO NOT EDIT -import setuptools - -setuptools.setup( - setup_requires=['pbr'], - pbr=True) diff --git a/cinder/spec/acceptance/basic_cinder_spec.rb b/cinder/spec/acceptance/basic_cinder_spec.rb deleted file mode 100644 index eeaf6ebde..000000000 --- a/cinder/spec/acceptance/basic_cinder_spec.rb +++ /dev/null @@ -1,77 +0,0 @@ -require 'spec_helper_acceptance' - -describe 'basic cinder' do - - context 'default parameters' do - - it 'should work with no errors' do - pp= <<-EOS - include ::openstack_integration - include ::openstack_integration::repos - include ::openstack_integration::rabbitmq - include ::openstack_integration::mysql - include ::openstack_integration::keystone - - rabbitmq_user { 'cinder': - admin => true, - password => 'an_even_bigger_secret', - provider => 'rabbitmqctl', - require => Class['rabbitmq'], - } - - rabbitmq_user_permissions { 'cinder@/': - configure_permission => '.*', - write_permission => '.*', - read_permission => '.*', - provider => 'rabbitmqctl', - require => Class['rabbitmq'], - } - - # Cinder resources - class { '::cinder': - database_connection => 'mysql+pymysql://cinder:a_big_secret@127.0.0.1/cinder?charset=utf8', - rabbit_userid => 'cinder', - rabbit_password => 'an_even_bigger_secret', - rabbit_host => '127.0.0.1', - debug => true, - verbose => true, - } - class { '::cinder::keystone::auth': - password => 'a_big_secret', - } - class { '::cinder::db::mysql': - password => 'a_big_secret', - } - class { '::cinder::api': - keystone_password => 'a_big_secret', - identity_uri => 'http://127.0.0.1:35357/', - default_volume_type => 'iscsi_backend', - } - class { '::cinder::backup': } - class { '::cinder::ceilometer': } - class { '::cinder::client': } - class { '::cinder::quota': } - class { '::cinder::scheduler': } - class { '::cinder::scheduler::filter': } - class { '::cinder::volume': } - class { '::cinder::cron::db_purge': } - # TODO: create a backend and spawn a volume - EOS - - - # Run it twice to test for idempotency - apply_manifest(pp, :catch_failures => true) - apply_manifest(pp, :catch_changes => true) - end - - describe port(8776) do - it { is_expected.to be_listening.with('tcp') } - end - - describe cron do - it { is_expected.to have_entry('1 0 * * * cinder-manage db purge 30 >>/var/log/cinder/cinder-rowsflush.log 2>&1').with_user('cinder') } - end - - - end -end diff --git a/cinder/spec/acceptance/nodesets/centos-70-x64.yml b/cinder/spec/acceptance/nodesets/centos-70-x64.yml deleted file mode 100644 index 5f097e9fe..000000000 --- a/cinder/spec/acceptance/nodesets/centos-70-x64.yml +++ /dev/null @@ -1,11 +0,0 @@ -HOSTS: - centos-server-70-x64: - roles: - - master - platform: el-7-x86_64 - box: puppetlabs/centos-7.0-64-nocm - box_url: https://vagrantcloud.com/puppetlabs/centos-7.0-64-nocm - hypervisor: vagrant -CONFIG: - log_level: debug - type: foss diff --git a/cinder/spec/acceptance/nodesets/default.yml b/cinder/spec/acceptance/nodesets/default.yml deleted file mode 100644 index 486b6a34e..000000000 --- a/cinder/spec/acceptance/nodesets/default.yml +++ /dev/null @@ -1,10 +0,0 @@ -HOSTS: - ubuntu-server-14.04-amd64: - roles: - - master - platform: ubuntu-14.04-amd64 - box: puppetlabs/ubuntu-14.04-64-nocm - box_url: https://vagrantcloud.com/puppetlabs/ubuntu-14.04-64-nocm - hypervisor: vagrant -CONFIG: - type: foss diff --git a/cinder/spec/acceptance/nodesets/nodepool-centos7.yml b/cinder/spec/acceptance/nodesets/nodepool-centos7.yml deleted file mode 100644 index c55287420..000000000 --- a/cinder/spec/acceptance/nodesets/nodepool-centos7.yml +++ /dev/null @@ -1,10 +0,0 @@ -HOSTS: - centos-70-x64: - roles: - - master - platform: el-7-x86_64 - hypervisor: none - ip: 127.0.0.1 -CONFIG: - type: foss - set_env: false diff --git a/cinder/spec/acceptance/nodesets/nodepool-trusty.yml b/cinder/spec/acceptance/nodesets/nodepool-trusty.yml deleted file mode 100644 index 9fc624e24..000000000 --- a/cinder/spec/acceptance/nodesets/nodepool-trusty.yml +++ /dev/null @@ -1,10 +0,0 @@ -HOSTS: - ubuntu-14.04-amd64: - roles: - - master - platform: ubuntu-14.04-amd64 - hypervisor: none - ip: 127.0.0.1 -CONFIG: - type: foss - set_env: false diff --git a/cinder/spec/acceptance/nodesets/ubuntu-server-1404-x64.yml b/cinder/spec/acceptance/nodesets/ubuntu-server-1404-x64.yml deleted file mode 100644 index 8001929b2..000000000 --- a/cinder/spec/acceptance/nodesets/ubuntu-server-1404-x64.yml +++ /dev/null @@ -1,11 +0,0 @@ -HOSTS: - ubuntu-server-14.04-amd64: - roles: - - master - platform: ubuntu-14.04-amd64 - box: puppetlabs/ubuntu-14.04-64-nocm - box_url: https://vagrantcloud.com/puppetlabs/ubuntu-14.04-64-nocm - hypervisor: vagrant -CONFIG: - log_level: debug - type: foss diff --git a/cinder/spec/classes/cinder_api_spec.rb b/cinder/spec/classes/cinder_api_spec.rb deleted file mode 100644 index c0d13fe26..000000000 --- a/cinder/spec/classes/cinder_api_spec.rb +++ /dev/null @@ -1,319 +0,0 @@ -require 'spec_helper' - -describe 'cinder::api' do - - shared_examples_for 'cinder api' do - let :req_params do - {:keystone_password => 'foo'} - end - - describe 'with only required params' do - let :params do - req_params - end - - it { is_expected.to contain_service('cinder-api').with( - 'hasstatus' => true, - 'ensure' => 'running', - 'tag' => 'cinder-service', - )} - - it 'should configure cinder api correctly' do - is_expected.to contain_cinder_config('DEFAULT/auth_strategy').with( - :value => 'keystone' - ) - is_expected.to contain_cinder_config('DEFAULT/osapi_volume_listen').with( - :value => '0.0.0.0' - ) - is_expected.to contain_cinder_config('DEFAULT/osapi_volume_workers').with( - :value => '8' - ) - is_expected.to contain_cinder_config('DEFAULT/nova_catalog_info').with( - :value => 'compute:Compute Service:publicURL' - ) - is_expected.to contain_cinder_config('DEFAULT/nova_catalog_admin_info').with( - :value => 'compute:Compute Service:adminURL' - ) - is_expected.to contain_cinder_config('DEFAULT/default_volume_type').with( - :value => '' - ) - is_expected.to contain_cinder_config('DEFAULT/public_endpoint').with( - :value => '' - ) - is_expected.to contain_cinder_config('DEFAULT/osapi_volume_base_URL').with( - :value => '' - ) - is_expected.to contain_cinder_config('DEFAULT/osapi_max_limit').with( - :value => '' - ) - is_expected.to contain_cinder_config('DEFAULT/os_region_name').with( - :value => '' - ) - is_expected.to contain_cinder_config('keystone_authtoken/auth_uri').with( - :value => 'http://localhost:5000/' - ) - is_expected.to contain_cinder_config('keystone_authtoken/identity_uri').with( - :value => 'http://localhost:35357/' - ) - is_expected.to contain_cinder_config('keystone_authtoken/admin_tenant_name').with( - :value => 'services' - ) - is_expected.to contain_cinder_config('keystone_authtoken/admin_user').with( - :value => 'cinder' - ) - is_expected.to contain_cinder_config('keystone_authtoken/admin_password').with( - :value => 'foo' - ) - - is_expected.to contain_cinder_config('DEFAULT/os_privileged_user_name').with_value('') - is_expected.to contain_cinder_config('DEFAULT/os_privileged_user_password').with_value('') - is_expected.to contain_cinder_config('DEFAULT/os_privileged_user_tenant').with_value('') - is_expected.to contain_cinder_config('DEFAULT/os_privileged_user_auth_url').with_value('') - is_expected.to contain_cinder_config('keymgr/encryption_auth_url').with_value('') - end - end - - describe 'with a custom nova_catalog params' do - let :params do - req_params.merge({ - 'nova_catalog_admin_info' => 'compute:nova:adminURL', - 'nova_catalog_info' => 'compute:nova:publicURL', - }) - end - it { is_expected.to contain_cinder_config('DEFAULT/nova_catalog_admin_info').with_value('compute:nova:adminURL') } - it { is_expected.to contain_cinder_config('DEFAULT/nova_catalog_info').with_value('compute:nova:publicURL') } - end - - describe 'with a custom region for nova' do - let :params do - req_params.merge({'os_region_name' => 'MyRegion'}) - end - it 'should configure the region for nova' do - is_expected.to contain_cinder_config('DEFAULT/os_region_name').with( - :value => 'MyRegion' - ) - end - end - - describe 'with an OpenStack privileged account' do - - context 'with all needed params' do - let :params do - req_params.merge({ - 'privileged_user' => 'true', - 'os_privileged_user_name' => 'admin', - 'os_privileged_user_password' => 'password', - 'os_privileged_user_tenant' => 'admin', - 'os_privileged_user_auth_url' => 'http://localhost:8080', - }) - end - - it { is_expected.to contain_cinder_config('DEFAULT/os_privileged_user_name').with_value('admin') } - it { is_expected.to contain_cinder_config('DEFAULT/os_privileged_user_password').with_value('password') } - it { is_expected.to contain_cinder_config('DEFAULT/os_privileged_user_tenant').with_value('admin') } - it { is_expected.to contain_cinder_config('DEFAULT/os_privileged_user_auth_url').with_value('http://localhost:8080') } - end - - context 'without os_privileged_user_auth_url' do - let :params do - req_params.merge({ - 'privileged_user' => 'true', - 'os_privileged_user_name' => 'admin', - 'os_privileged_user_password' => 'password', - 'os_privileged_user_tenant' => 'admin', - }) - end - - it { is_expected.to contain_cinder_config('DEFAULT/os_privileged_user_name').with_value('admin') } - it { is_expected.to contain_cinder_config('DEFAULT/os_privileged_user_password').with_value('password') } - it { is_expected.to contain_cinder_config('DEFAULT/os_privileged_user_tenant').with_value('admin') } - it { is_expected.to contain_cinder_config('DEFAULT/os_privileged_user_auth_url').with_value('') } - end - - context 'without os_privileged_user' do - let :params do - req_params.merge({ - 'privileged_user' => 'true', - }) - end - - it_raises 'a Puppet::Error', /The os_privileged_user_name parameter is required when privileged_user is set to true/ - end - - context 'without os_privileged_user_password' do - let :params do - req_params.merge({ - 'privileged_user' => 'true', - 'os_privileged_user_name' => 'admin', - }) - end - - it_raises 'a Puppet::Error', /The os_privileged_user_password parameter is required when privileged_user is set to true/ - end - - context 'without os_privileged_user_tenant' do - let :params do - req_params.merge({ - 'privileged_user' => 'true', - 'os_privileged_user_name' => 'admin', - 'os_privileged_user_password' => 'password', - }) - end - - it_raises 'a Puppet::Error', /The os_privileged_user_tenant parameter is required when privileged_user is set to true/ - end - end - - describe 'with a default volume type' do - let :params do - req_params.merge({'default_volume_type' => 'foo'}) - end - it 'should configure the default volume type for cinder' do - is_expected.to contain_cinder_config('DEFAULT/default_volume_type').with( - :value => 'foo' - ) - end - end - - describe 'with only required params' do - let :params do - req_params.merge({'bind_host' => '192.168.1.3'}) - end - it 'should configure cinder api correctly' do - is_expected.to contain_cinder_config('DEFAULT/osapi_volume_listen').with( - :value => '192.168.1.3' - ) - end - end - - describe 'with sync_db set to false' do - let :params do - { - :keystone_password => 'dummy', - :enabled => 'true', - :sync_db => false, - } - end - it { is_expected.not_to contain_class('cinder::db::sync') } - end - - describe 'with enabled false' do - let :params do - req_params.merge({'enabled' => false}) - end - it 'should stop the service' do - is_expected.to contain_service('cinder-api').with_ensure('stopped') - end - it 'includes cinder::db::sync' do - is_expected.to contain_class('cinder::db::sync') - end - end - - describe 'with manage_service false' do - let :params do - req_params.merge({'manage_service' => false}) - end - it 'should not change the state of the service' do - is_expected.to contain_service('cinder-api').without_ensure - end - it 'includes cinder::db::sync' do - is_expected.to contain_class('cinder::db::sync') - end - end - - describe 'with ratelimits' do - let :params do - req_params.merge({ :ratelimits => '(GET, "*", .*, 100, MINUTE);(POST, "*", .*, 200, MINUTE)' }) - end - - it { is_expected.to contain_cinder_api_paste_ini('filter:ratelimit/limits').with( - :value => '(GET, "*", .*, 100, MINUTE);(POST, "*", .*, 200, MINUTE)' - )} - end - - describe 'with encryption_auth_url' do - let :params do - req_params.merge({ :keymgr_encryption_auth_url => 'http://localhost:5000/v3' }) - end - - it { is_expected.to contain_cinder_config('keymgr/encryption_auth_url').with( - :value => 'http://localhost:5000/v3' - )} - end - - describe 'while validating the service with default command' do - let :params do - req_params.merge({ - :validate => true, - }) - end - it { is_expected.to contain_exec('execute cinder-api validation').with( - :path => '/usr/bin:/bin:/usr/sbin:/sbin', - :provider => 'shell', - :tries => '10', - :try_sleep => '2', - :command => 'cinder --os-auth-url http://localhost:5000/ --os-tenant-name services --os-username cinder --os-password foo list', - )} - - it { is_expected.to contain_anchor('create cinder-api anchor').with( - :require => 'Exec[execute cinder-api validation]', - )} - end - - describe 'while validating the service with custom command' do - let :params do - req_params.merge({ - :validate => true, - :validation_options => { 'cinder-api' => { 'command' => 'my-script' } } - }) - end - it { is_expected.to contain_exec('execute cinder-api validation').with( - :path => '/usr/bin:/bin:/usr/sbin:/sbin', - :provider => 'shell', - :tries => '10', - :try_sleep => '2', - :command => 'my-script', - )} - - it { is_expected.to contain_anchor('create cinder-api anchor').with( - :require => 'Exec[execute cinder-api validation]', - )} - end - - describe "with custom keystone identity_uri and auth_uri" do - let :params do - req_params.merge({ - :identity_uri => 'https://localhost:35357/', - :auth_uri => 'https://localhost:5000/', - }) - end - it 'configures identity_uri and auth_uri but deprecates old auth settings' do - is_expected.to contain_cinder_config('keystone_authtoken/identity_uri').with_value("https://localhost:35357/") - is_expected.to contain_cinder_config('keystone_authtoken/auth_uri').with_value("https://localhost:5000/") - end - end - - describe 'with a custom osapi_max_limit' do - let :params do - req_params.merge({'osapi_max_limit' => '10000'}) - end - it 'should configure the osapi_max_limit to 10000' do - is_expected.to contain_cinder_config('DEFAULT/osapi_max_limit').with( - :value => '10000' - ) - end - end - end - - on_supported_os({ - :supported_os => OSDefaults.get_supported_os - }).each do |os,facts| - context "on #{os}" do - let (:facts) do - facts.merge(OSDefaults.get_facts({:processorcount => 8})) - end - - it_configures 'cinder api' - end - end -end diff --git a/cinder/spec/classes/cinder_backends_spec.rb b/cinder/spec/classes/cinder_backends_spec.rb deleted file mode 100644 index c6006150e..000000000 --- a/cinder/spec/classes/cinder_backends_spec.rb +++ /dev/null @@ -1,64 +0,0 @@ -# -# Copyright (C) 2014 eNovance SAS -# -# Author: Emilien Macchi -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. You may obtain -# a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the -# License for the specific language governing permissions and limitations -# under the License. -# -# Unit tests for cinder::backends class -# - -require 'spec_helper' - -describe 'cinder::backends' do - - let :default_params do - {} - end - - let :params do - {} - end - - shared_examples_for 'cinder backends' do - - let :p do - default_params.merge(params) - end - - context 'configure cinder with default parameters' do - before :each do - params.merge!( - :enabled_backends => ['lowcost', 'regular', 'premium'], - ) - end - - it 'configures cinder.conf with default params' do - is_expected.to contain_cinder_config('DEFAULT/enabled_backends').with_value(p[:enabled_backends].join(',')) - end - end - end - - on_supported_os({ - :supported_os => OSDefaults.get_supported_os - }).each do |os,facts| - context "on #{os}" do - let (:facts) do - facts.merge!(OSDefaults.get_facts) - end - - it_configures 'cinder backends' - end - end - -end diff --git a/cinder/spec/classes/cinder_backup_ceph_spec.rb b/cinder/spec/classes/cinder_backup_ceph_spec.rb deleted file mode 100644 index 52b7df408..000000000 --- a/cinder/spec/classes/cinder_backup_ceph_spec.rb +++ /dev/null @@ -1,84 +0,0 @@ -# -# Copyright (C) 2013 eNovance SAS -# -# Author: Emilien Macchi -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. You may obtain -# a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the -# License for the specific language governing permissions and limitations -# under the License. -# -# Unit tests for cinder::ceph class -# - -require 'spec_helper' - -describe 'cinder::backup::ceph' do - - let :default_params do - { :backup_ceph_conf => '/etc/ceph/ceph.conf', - :backup_ceph_user => 'cinder', - :backup_ceph_chunk_size => '134217728', - :backup_ceph_pool => 'backups', - :backup_ceph_stripe_unit => '0', - :backup_ceph_stripe_count => '0' } - end - - let :params do - {} - end - - shared_examples_for 'cinder backup with ceph' do - let :p do - default_params.merge(params) - end - - it 'configures cinder.conf' do - is_expected.to contain_cinder_config('DEFAULT/backup_driver').with_value('cinder.backup.drivers.ceph') - is_expected.to contain_cinder_config('DEFAULT/backup_ceph_conf').with_value(p[:backup_ceph_conf]) - is_expected.to contain_cinder_config('DEFAULT/backup_ceph_user').with_value(p[:backup_ceph_user]) - is_expected.to contain_cinder_config('DEFAULT/backup_ceph_chunk_size').with_value(p[:backup_ceph_chunk_size]) - is_expected.to contain_cinder_config('DEFAULT/backup_ceph_pool').with_value(p[:backup_ceph_pool]) - is_expected.to contain_cinder_config('DEFAULT/backup_ceph_stripe_unit').with_value(p[:backup_ceph_stripe_unit]) - is_expected.to contain_cinder_config('DEFAULT/backup_ceph_stripe_count').with_value(p[:backup_ceph_stripe_count]) - end - - context 'when overriding default parameters' do - before :each do - params.merge!(:backup_ceph_conf => '/tmp/ceph.conf') - params.merge!(:backup_ceph_user => 'toto') - params.merge!(:backup_ceph_chunk_size => '123') - params.merge!(:backup_ceph_pool => 'foo') - params.merge!(:backup_ceph_stripe_unit => '56') - params.merge!(:backup_ceph_stripe_count => '67') - end - it 'should replace default parameters with new values' do - is_expected.to contain_cinder_config('DEFAULT/backup_ceph_conf').with_value(p[:backup_ceph_conf]) - is_expected.to contain_cinder_config('DEFAULT/backup_ceph_user').with_value(p[:backup_ceph_user]) - is_expected.to contain_cinder_config('DEFAULT/backup_ceph_chunk_size').with_value(p[:backup_ceph_chunk_size]) - is_expected.to contain_cinder_config('DEFAULT/backup_ceph_pool').with_value(p[:backup_ceph_pool]) - is_expected.to contain_cinder_config('DEFAULT/backup_ceph_stripe_unit').with_value(p[:backup_ceph_stripe_unit]) - is_expected.to contain_cinder_config('DEFAULT/backup_ceph_stripe_count').with_value(p[:backup_ceph_stripe_count]) - end - end - end - - on_supported_os({ - :supported_os => OSDefaults.get_supported_os - }).each do |os,facts| - context "on #{os}" do - let (:facts) do - facts.merge(OSDefaults.get_facts({})) - end - - it_configures 'cinder backup with ceph' - end - end -end diff --git a/cinder/spec/classes/cinder_backup_nfs_spec.rb b/cinder/spec/classes/cinder_backup_nfs_spec.rb deleted file mode 100644 index 94dbfdcbb..000000000 --- a/cinder/spec/classes/cinder_backup_nfs_spec.rb +++ /dev/null @@ -1,81 +0,0 @@ -# === Author(s) -# -# Ryan Hefner -# -# === Copyright -# -# Copyright (C) 2015 Ryan Hefner -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. You may obtain -# a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the -# License for the specific language governing permissions and limitations -# under the License. -# -# - -require 'spec_helper' - -describe 'cinder::backup::nfs' do - - let :params do - { - :backup_share => '10.0.0.1:/nfs_backup', - } - end - - let :default_params do - { - :backup_driver => 'cinder.backup.drivers.nfs', - :backup_file_size => '', - :backup_sha_block_size_bytes => '', - :backup_enable_progress_timer => '', - :backup_mount_point_base => '', - :backup_mount_options => '', - :backup_container => '', - :backup_compression_algorithm => '', - } - end - - shared_examples_for 'cinder backup with nfs' do - let :all_params do - default_params.merge(params) - end - - it 'configures cinder.conf' do - all_params.each_pair do |config,value| - is_expected.to contain_cinder_config("DEFAULT/#{config}").with_value( value ) - end - end - - context 'with optional parameters' do - let (:all_params) { params.merge!({ - :backup_mount_options => 'sec=sys', - :backup_container => 'container', - }) } - - it 'should include optional values' do - is_expected.to contain_cinder_config('DEFAULT/backup_mount_options').with_value(all_params[:backup_mount_options]) - is_expected.to contain_cinder_config('DEFAULT/backup_container').with_value(all_params[:backup_container]) - end - end - end - - on_supported_os({ - :supported_os => OSDefaults.get_supported_os - }).each do |os,facts| - context "on #{os}" do - let (:facts) do - facts.merge(OSDefaults.get_facts({:processorcount => 8})) - end - - it_configures 'cinder backup with nfs' - end - end -end diff --git a/cinder/spec/classes/cinder_backup_spec.rb b/cinder/spec/classes/cinder_backup_spec.rb deleted file mode 100644 index 7d0790305..000000000 --- a/cinder/spec/classes/cinder_backup_spec.rb +++ /dev/null @@ -1,99 +0,0 @@ -# -# Copyright (C) 2013 eNovance SAS -# -# Author: Emilien Macchi -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. You may obtain -# a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the -# License for the specific language governing permissions and limitations -# under the License. -# -# Unit tests for cinder::backup class -# - -require 'spec_helper' - -describe 'cinder::backup' do - - let :default_params do - { :enable => true, - :backup_topic => '', - :backup_manager => '', - :backup_api_class => '', - :backup_name_template => '' } - end - - let :params do - {} - end - - shared_examples_for 'cinder backup' do - let :p do - default_params.merge(params) - end - - it { is_expected.to contain_class('cinder::params') } - - it 'installs cinder backup package' do - if platform_params.has_key?(:backup_package) - is_expected.to contain_package('cinder-backup').with( - :name => platform_params[:backup_package], - :ensure => 'present', - :tag => ['openstack', 'cinder-package'], - ) - is_expected.to contain_package('cinder-backup').with_before(/Service\[cinder-backup\]/) - end - end - - it 'ensure cinder backup service is running' do - is_expected.to contain_service('cinder-backup').with( - 'hasstatus' => true, - 'tag' => 'cinder-service', - ) - end - - it 'configures cinder.conf' do - is_expected.to contain_cinder_config('DEFAULT/backup_topic').with_value(p[:backup_topic]) - is_expected.to contain_cinder_config('DEFAULT/backup_manager').with_value(p[:backup_manager]) - is_expected.to contain_cinder_config('DEFAULT/backup_api_class').with_value(p[:backup_api_class]) - is_expected.to contain_cinder_config('DEFAULT/backup_name_template').with_value(p[:backup_name_template]) - end - - context 'when overriding backup_name_template' do - before :each do - params.merge!(:backup_name_template => 'foo-bar-%s') - end - it 'should replace default parameter with new value' do - is_expected.to contain_cinder_config('DEFAULT/backup_name_template').with_value(p[:backup_name_template]) - end - end - end - - on_supported_os({ - :supported_os => OSDefaults.get_supported_os - }).each do |os,facts| - context "on #{os}" do - let (:facts) do - facts.merge(OSDefaults.get_facts({:processorcount => 8})) - end - - let :platform_params do - if facts[:osfamily] == 'Debian' - { :backup_package => 'cinder-backup', - :backup_service => 'cinder-backup' } - else - { :backup_service => 'opentack-cinder-backup' } - end - end - - it_configures 'cinder backup' - end - end -end diff --git a/cinder/spec/classes/cinder_backup_swift_spec.rb b/cinder/spec/classes/cinder_backup_swift_spec.rb deleted file mode 100644 index 80d03d7d5..000000000 --- a/cinder/spec/classes/cinder_backup_swift_spec.rb +++ /dev/null @@ -1,89 +0,0 @@ -# -# Copyright (C) 2013 eNovance SAS -# -# Author: Emilien Macchi -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. You may obtain -# a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the -# License for the specific language governing permissions and limitations -# under the License. -# -# Unit tests for cinder::backup::swift class -# - -require 'spec_helper' - -describe 'cinder::backup::swift' do - - let :default_params do - { :backup_swift_url => 'http://localhost:8080/v1/AUTH_', - :backup_swift_auth_url => 'http://127.0.0.1:5000/v2.0/', - :backup_swift_container => 'volumes_backup', - :backup_swift_object_size => '', - :backup_swift_retry_attempts => '', - :backup_swift_retry_backoff => '', - :backup_compression_algorithm => '' } - end - - let :params do - {} - end - - shared_examples_for 'cinder backup with swift' do - let :p do - default_params.merge(params) - end - - it 'configures cinder.conf' do - is_expected.to contain_cinder_config('DEFAULT/backup_driver').with_value('cinder.backup.drivers.swift') - is_expected.to contain_cinder_config('DEFAULT/backup_swift_url').with_value(p[:backup_swift_url]) - is_expected.to contain_cinder_config('DEFAULT/backup_swift_auth_url').with_value(p[:backup_swift_auth_url]) - is_expected.to contain_cinder_config('DEFAULT/backup_swift_container').with_value(p[:backup_swift_container]) - is_expected.to contain_cinder_config('DEFAULT/backup_swift_object_size').with_value(p[:backup_swift_object_size]) - is_expected.to contain_cinder_config('DEFAULT/backup_swift_retry_attempts').with_value(p[:backup_swift_retry_attempts]) - is_expected.to contain_cinder_config('DEFAULT/backup_swift_retry_backoff').with_value(p[:backup_swift_retry_backoff]) - is_expected.to contain_cinder_config('DEFAULT/backup_compression_algorithm').with_value(p[:backup_compression_algorithm]) - end - - context 'when overriding default parameters' do - before :each do - params.merge!(:backup_swift_url => 'https://controller2:8080/v1/AUTH_') - params.merge!(:backup_swift_auth_url => 'https://controller2:35357') - params.merge!(:backup_swift_container => 'toto') - params.merge!(:backup_swift_object_size => '123') - params.merge!(:backup_swift_retry_attempts => '99') - params.merge!(:backup_swift_retry_backoff => '56') - params.merge!(:backup_compression_algorithm => 'None') - end - it 'should replace default parameters with new values' do - is_expected.to contain_cinder_config('DEFAULT/backup_swift_url').with_value(p[:backup_swift_url]) - is_expected.to contain_cinder_config('DEFAULT/backup_swift_auth_url').with_value(p[:backup_swift_auth_url]) - is_expected.to contain_cinder_config('DEFAULT/backup_swift_container').with_value(p[:backup_swift_container]) - is_expected.to contain_cinder_config('DEFAULT/backup_swift_object_size').with_value(p[:backup_swift_object_size]) - is_expected.to contain_cinder_config('DEFAULT/backup_swift_retry_attempts').with_value(p[:backup_swift_retry_attempts]) - is_expected.to contain_cinder_config('DEFAULT/backup_swift_retry_backoff').with_value(p[:backup_swift_retry_backoff]) - is_expected.to contain_cinder_config('DEFAULT/backup_compression_algorithm').with_value(p[:backup_compression_algorithm]) - end - end - end - - on_supported_os({ - :supported_os => OSDefaults.get_supported_os - }).each do |os,facts| - context "on #{os}" do - let (:facts) do - facts.merge(OSDefaults.get_facts({:processorcount => 8})) - end - - it_configures 'cinder backup with swift' - end - end - -end diff --git a/cinder/spec/classes/cinder_ceilometer_spec.rb b/cinder/spec/classes/cinder_ceilometer_spec.rb deleted file mode 100644 index 1d268c1a7..000000000 --- a/cinder/spec/classes/cinder_ceilometer_spec.rb +++ /dev/null @@ -1,11 +0,0 @@ -require 'spec_helper' - -describe 'cinder::ceilometer' do - - describe 'with default parameters' do - it 'contains default values' do - is_expected.to contain_cinder_config('DEFAULT/notification_driver').with( - :value => 'messagingv2') - end - end -end diff --git a/cinder/spec/classes/cinder_client_spec.rb b/cinder/spec/classes/cinder_client_spec.rb deleted file mode 100644 index 283a4e6a6..000000000 --- a/cinder/spec/classes/cinder_client_spec.rb +++ /dev/null @@ -1,41 +0,0 @@ -require 'spec_helper' - -describe 'cinder::client' do - - let :params do - {} - end - - let :default_params do - { :package_ensure => 'present' } - end - - shared_examples_for 'cinder client' do - let :p do - default_params.merge(params) - end - - it { is_expected.to contain_class('cinder::params') } - - it 'installs cinder client package' do - is_expected.to contain_package('python-cinderclient').with( - :name => 'python-cinderclient', - :ensure => p[:package_ensure], - :tag => 'openstack' - ) - end - - end - - on_supported_os({ - :supported_os => OSDefaults.get_supported_os - }).each do |os,facts| - context "on #{os}" do - let (:facts) do - facts.merge(OSDefaults.get_facts({:processorcount => 8})) - end - - it_configures 'cinder client' - end - end -end diff --git a/cinder/spec/classes/cinder_cron_db_purge_spec.rb b/cinder/spec/classes/cinder_cron_db_purge_spec.rb deleted file mode 100644 index f78e9a7bc..000000000 --- a/cinder/spec/classes/cinder_cron_db_purge_spec.rb +++ /dev/null @@ -1,33 +0,0 @@ -require 'spec_helper' - -describe 'cinder::cron::db_purge' do - - let :facts do - { :osfamily => 'RedHat' } - end - - let :params do - { :minute => 1, - :hour => 0, - :monthday => '*', - :month => '*', - :weekday => '*', - :user => 'cinder', - :age => '30', - :destination => '/var/log/cinder/cinder-rowsflush.log' } - end - - it 'configures a cron' do - is_expected.to contain_cron('cinder-manage db purge').with( - :command => "cinder-manage db purge #{params[:age]} >>#{params[:destination]} 2>&1", - :environment => 'PATH=/bin:/usr/bin:/usr/sbin SHELL=/bin/sh', - :user => params[:user], - :minute => params[:minute], - :hour => params[:hour], - :monthday => params[:monthday], - :month => params[:month], - :weekday => params[:weekday], - :require => 'Package[cinder]', - ) - end -end diff --git a/cinder/spec/classes/cinder_db_mysql_spec.rb b/cinder/spec/classes/cinder_db_mysql_spec.rb deleted file mode 100644 index b34216268..000000000 --- a/cinder/spec/classes/cinder_db_mysql_spec.rb +++ /dev/null @@ -1,88 +0,0 @@ -require 'spec_helper' - -describe 'cinder::db::mysql' do - - let :req_params do - {:password => 'pw', - } - end - - let :facts do - {:osfamily => 'Debian'} - end - - let :pre_condition do - 'include mysql::server' - end - - describe 'with only required params' do - let :params do - req_params - end - it { is_expected.to contain_openstacklib__db__mysql('cinder').with( - :user => 'cinder', - :password_hash => '*D821809F681A40A6E379B50D0463EFAE20BDD122', - :host => '127.0.0.1', - :charset => 'utf8', - :collate => 'utf8_general_ci', - ) } - end - - describe "overriding allowed_hosts param to array" do - let :params do - { - :password => 'cinderpass', - :allowed_hosts => ['127.0.0.1','%'] - } - end - - it { is_expected.to contain_openstacklib__db__mysql('cinder').with( - :user => 'cinder', - :password_hash => '*1C8A189441ED992638DD234B6711CD5064DA8C6E', - :host => '127.0.0.1', - :charset => 'utf8', - :collate => 'utf8_general_ci', - :allowed_hosts => ['127.0.0.1', '%'] - ) } - - end - - describe "overriding allowed_hosts param to string" do - let :params do - { - :password => 'cinderpass2', - :allowed_hosts => '192.168.1.1' - } - end - - it { is_expected.to contain_openstacklib__db__mysql('cinder').with( - :user => 'cinder', - :password_hash => '*0E9E710049E74D36D29D615DFC55F3FFD45413BC', - :host => '127.0.0.1', - :charset => 'utf8', - :collate => 'utf8_general_ci', - :allowed_hosts => '192.168.1.1', - ) } - - end - - describe "overriding allowed_hosts param equals to host param " do - let :params do - { - :password => 'cinderpass2', - :allowed_hosts => '127.0.0.1' - } - end - - it { is_expected.to contain_openstacklib__db__mysql('cinder').with( - :user => 'cinder', - :password_hash => '*0E9E710049E74D36D29D615DFC55F3FFD45413BC', - :host => '127.0.0.1', - :charset => 'utf8', - :collate => 'utf8_general_ci', - :allowed_hosts => '127.0.0.1', - ) } - - end - -end diff --git a/cinder/spec/classes/cinder_db_postgresql_spec.rb b/cinder/spec/classes/cinder_db_postgresql_spec.rb deleted file mode 100644 index a949f6598..000000000 --- a/cinder/spec/classes/cinder_db_postgresql_spec.rb +++ /dev/null @@ -1,58 +0,0 @@ -require 'spec_helper' - -describe 'cinder::db::postgresql' do - - let :req_params do - { :password => 'pw' } - end - - let :pre_condition do - 'include postgresql::server' - end - - context 'on a RedHat osfamily' do - let :facts do - { - :osfamily => 'RedHat', - :operatingsystemrelease => '7.0', - :concat_basedir => '/var/lib/puppet/concat' - } - end - - context 'with only required parameters' do - let :params do - req_params - end - - it { is_expected.to contain_postgresql__server__db('cinder').with( - :user => 'cinder', - :password => 'md506736c3030793e09882cc536063d433f' - )} - end - - end - - context 'on a Debian osfamily' do - let :facts do - { - :operatingsystemrelease => '7.8', - :operatingsystem => 'Debian', - :osfamily => 'Debian', - :concat_basedir => '/var/lib/puppet/concat' - } - end - - context 'with only required parameters' do - let :params do - req_params - end - - it { is_expected.to contain_postgresql__server__db('cinder').with( - :user => 'cinder', - :password => 'md506736c3030793e09882cc536063d433f' - )} - end - - end - -end diff --git a/cinder/spec/classes/cinder_db_spec.rb b/cinder/spec/classes/cinder_db_spec.rb deleted file mode 100644 index daaad619e..000000000 --- a/cinder/spec/classes/cinder_db_spec.rb +++ /dev/null @@ -1,115 +0,0 @@ -require 'spec_helper' - -describe 'cinder::db' do - - shared_examples 'cinder::db' do - - context 'with default parameters' do - - it { is_expected.to contain_cinder_config('database/connection').with_value('sqlite:////var/lib/cinder/cinder.sqlite').with_secret(true) } - it { is_expected.to contain_cinder_config('database/idle_timeout').with_value('') } - it { is_expected.to contain_cinder_config('database/min_pool_size').with_value('') } - it { is_expected.to contain_cinder_config('database/max_retries').with_value('') } - it { is_expected.to contain_cinder_config('database/retry_interval').with_value('') } - - end - - context 'with specific parameters' do - let :params do - { :database_connection => 'mysql+pymysql://cinder:cinder@localhost/cinder', - :database_idle_timeout => '3601', - :database_min_pool_size => '2', - :database_max_retries => '11', - :database_retry_interval => '11', } - end - - it { is_expected.to contain_cinder_config('database/connection').with_value('mysql+pymysql://cinder:cinder@localhost/cinder').with_secret(true) } - it { is_expected.to contain_cinder_config('database/idle_timeout').with_value('3601') } - it { is_expected.to contain_cinder_config('database/min_pool_size').with_value('2') } - it { is_expected.to contain_cinder_config('database/max_retries').with_value('11') } - it { is_expected.to contain_cinder_config('database/retry_interval').with_value('11') } - end - - context 'with postgresql backend' do - let :params do - { :database_connection => 'postgresql://cinder:cinder@localhost/cinder', } - end - - it 'install the proper backend package' do - is_expected.to contain_package('python-psycopg2').with(:ensure => 'present') - end - - end - - context 'with MySQL-python library as backend package' do - let :params do - { :database_connection => 'mysql://cinder:cinder@localhost/cinder', } - end - - it { is_expected.to contain_package('python-mysqldb').with(:ensure => 'present') } - end - - context 'with incorrect database_connection string' do - let :params do - { :database_connection => 'redis://cinder:cinder@localhost/cinder', } - end - - it_raises 'a Puppet::Error', /validate_re/ - end - - context 'with incorrect pymysql database_connection string' do - let :params do - { :database_connection => 'foo+pymysql://cinder:cinder@localhost/cinder', } - end - - it_raises 'a Puppet::Error', /validate_re/ - end - - end - - context 'on Debian platforms' do - let :facts do - OSDefaults.get_facts({ - :osfamily => 'Debian', - :operatingsystem => 'Debian', - :operatingsystemrelease => 'jessie' - }) - end - - it_configures 'cinder::db' - - context 'using pymysql driver' do - let :params do - { :database_connection => 'mysql+pymysql://cinder:cinder@localhost/cinder', } - end - - it 'install the proper backend package' do - is_expected.to contain_package('cinder-backend-package').with( - :ensure => 'present', - :name => 'python-pymysql', - :tag => 'openstack' - ) - end - end - end - - context 'on Redhat platforms' do - let :facts do - OSDefaults.get_facts({ - :osfamily => 'RedHat', - :operatingsystemrelease => '7.1', - }) - end - - it_configures 'cinder::db' - - context 'using pymysql driver' do - let :params do - { :database_connection => 'mysql+pymysql://cinder:cinder@localhost/cinder', } - end - - it { is_expected.not_to contain_package('cinder-backend-package') } - end - end - -end diff --git a/cinder/spec/classes/cinder_db_sync_spec.rb b/cinder/spec/classes/cinder_db_sync_spec.rb deleted file mode 100644 index 6823a4ca4..000000000 --- a/cinder/spec/classes/cinder_db_sync_spec.rb +++ /dev/null @@ -1,52 +0,0 @@ -require 'spec_helper' - -describe 'cinder::db::sync' do - - shared_examples_for 'cinder-dbsync' do - - it 'runs cinder-manage db_sync' do - is_expected.to contain_exec('cinder-manage db_sync').with( - :command => 'cinder-manage db sync', - :user => 'cinder', - :path => '/usr/bin', - :refreshonly => 'true', - :logoutput => 'on_failure' - ) - end - - describe "overriding extra_params" do - let :params do - { - :extra_params => '--config-file /etc/cinder/cinder.conf', - } - end - - it { - is_expected.to contain_exec('cinder-manage db_sync').with( - :command => 'cinder-manage --config-file /etc/cinder/cinder.conf db sync', - :user => 'cinder', - :path => '/usr/bin', - :refreshonly => 'true', - :logoutput => 'on_failure' - ) - } - end - - end - - on_supported_os({ - :supported_os => OSDefaults.get_supported_os - }).each do |os,facts| - context "on #{os}" do - let (:facts) do - facts.merge(OSDefaults.get_facts({ - :processorcount => 8, - :concat_basedir => '/var/lib/puppet/concat' - })) - end - - it_configures 'cinder-dbsync' - end - end - -end diff --git a/cinder/spec/classes/cinder_glance_spec.rb b/cinder/spec/classes/cinder_glance_spec.rb deleted file mode 100644 index 8b709f4fa..000000000 --- a/cinder/spec/classes/cinder_glance_spec.rb +++ /dev/null @@ -1,81 +0,0 @@ -# -# Copyright (C) 2013 eNovance SAS -# -# Author: Emilien Macchi -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. You may obtain -# a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the -# License for the specific language governing permissions and limitations -# under the License. -# -# Unit tests for cinder::glance class -# - -require 'spec_helper' - -describe 'cinder::glance' do - - let :default_params do - { :glance_api_version => '2', - :glance_num_retries => '', - :glance_api_insecure => '', - :glance_api_ssl_compression => '', - :glance_request_timeout => '' } - end - - let :params do - {} - end - - shared_examples_for 'cinder with glance' do - let :p do - default_params.merge(params) - end - - it 'configures cinder.conf with default params' do - is_expected.to contain_cinder_config('DEFAULT/glance_api_version').with_value(p[:glance_api_version]) - is_expected.to contain_cinder_config('DEFAULT/glance_num_retries').with_value(p[:glance_num_retries]) - is_expected.to contain_cinder_config('DEFAULT/glance_api_insecure').with_value(p[:glance_api_insecure]) - is_expected.to contain_cinder_config('DEFAULT/glance_api_ssl_compression').with_value(p[:glance_api_ssl_compression]) - is_expected.to contain_cinder_config('DEFAULT/glance_request_timeout').with_value(p[:glance_request_timeout]) - end - - context 'configure cinder with one glance server' do - before :each do - params.merge!(:glance_api_servers => '10.0.0.1:9292') - end - it 'should configure one glance server' do - is_expected.to contain_cinder_config('DEFAULT/glance_api_servers').with_value(p[:glance_api_servers]) - end - end - - context 'configure cinder with two glance servers' do - before :each do - params.merge!(:glance_api_servers => ['10.0.0.1:9292','10.0.0.2:9292']) - end - it 'should configure two glance servers' do - is_expected.to contain_cinder_config('DEFAULT/glance_api_servers').with_value(p[:glance_api_servers].join(',')) - end - end - end - - on_supported_os({ - :supported_os => OSDefaults.get_supported_os - }).each do |os,facts| - context "on #{os}" do - let (:facts) do - facts.merge(OSDefaults.get_facts({:processorcount => 8})) - end - - it_configures 'cinder with glance' - end - end - -end diff --git a/cinder/spec/classes/cinder_keystone_auth_spec.rb b/cinder/spec/classes/cinder_keystone_auth_spec.rb deleted file mode 100644 index 3e761e89e..000000000 --- a/cinder/spec/classes/cinder_keystone_auth_spec.rb +++ /dev/null @@ -1,202 +0,0 @@ -require 'spec_helper' - -describe 'cinder::keystone::auth' do - - let :params do - {:password => 'pw'} - end - - context 'with required parameters' do - - it 'configures keystone user and service' do - - is_expected.to contain_keystone_user('cinder').with( - :ensure => 'present', - :password => 'pw', - :email => 'cinder@localhost', - ) - is_expected.to contain_keystone_user_role('cinder@services').with( - :ensure => 'present', - :roles => ['admin'] - ) - is_expected.to contain_keystone_service('cinder::volume').with( - :ensure => 'present', - :description => 'Cinder Service' - ) - is_expected.to contain_keystone_service('cinderv2::volumev2').with( - :ensure => 'present', - :description => 'Cinder Service v2' - ) - is_expected.to contain_keystone_service('cinderv3::volumev3').with( - :ensure => 'present', - :description => 'Cinder Service v3' - ) - - end - - it 'configures keystone endpoints' do - is_expected.to contain_keystone_endpoint('RegionOne/cinder::volume').with( - :ensure => 'present', - :public_url => 'http://127.0.0.1:8776/v1/%(tenant_id)s', - :admin_url => 'http://127.0.0.1:8776/v1/%(tenant_id)s', - :internal_url => 'http://127.0.0.1:8776/v1/%(tenant_id)s' - ) - - is_expected.to contain_keystone_endpoint('RegionOne/cinderv2::volumev2').with( - :ensure => 'present', - :public_url => 'http://127.0.0.1:8776/v2/%(tenant_id)s', - :admin_url => 'http://127.0.0.1:8776/v2/%(tenant_id)s', - :internal_url => 'http://127.0.0.1:8776/v2/%(tenant_id)s' - ) - - is_expected.to contain_keystone_endpoint('RegionOne/cinderv3::volumev3').with( - :ensure => 'present', - :public_url => 'http://127.0.0.1:8776/v3/%(tenant_id)s', - :admin_url => 'http://127.0.0.1:8776/v3/%(tenant_id)s', - :internal_url => 'http://127.0.0.1:8776/v3/%(tenant_id)s' - ) - end - end - - context 'when overriding parameters' do - before do - params.merge!({ - :region => 'RegionThree', - :public_url => 'https://10.0.42.1:4242/v41/%(tenant_id)s', - :admin_url => 'https://10.0.42.2:4242/v41/%(tenant_id)s', - :internal_url => 'https://10.0.42.3:4242/v41/%(tenant_id)s', - :public_url_v2 => 'https://10.0.42.1:4242/v42/%(tenant_id)s', - :admin_url_v2 => 'https://10.0.42.2:4242/v42/%(tenant_id)s', - :internal_url_v2 => 'https://10.0.42.3:4242/v42/%(tenant_id)s', - :public_url_v3 => 'https://10.0.42.1:4242/v43/%(tenant_id)s', - :admin_url_v3 => 'https://10.0.42.2:4242/v43/%(tenant_id)s', - :internal_url_v3 => 'https://10.0.42.3:4242/v43/%(tenant_id)s' - }) - end - - it 'configures keystone endpoints' do - is_expected.to contain_keystone_endpoint('RegionThree/cinder::volume').with( - :ensure => 'present', - :public_url => 'https://10.0.42.1:4242/v41/%(tenant_id)s', - :admin_url => 'https://10.0.42.2:4242/v41/%(tenant_id)s', - :internal_url => 'https://10.0.42.3:4242/v41/%(tenant_id)s' - ) - - is_expected.to contain_keystone_endpoint('RegionThree/cinderv2::volumev2').with( - :ensure => 'present', - :public_url => 'https://10.0.42.1:4242/v42/%(tenant_id)s', - :admin_url => 'https://10.0.42.2:4242/v42/%(tenant_id)s', - :internal_url => 'https://10.0.42.3:4242/v42/%(tenant_id)s' - ) - - is_expected.to contain_keystone_endpoint('RegionThree/cinderv3::volumev3').with( - :ensure => 'present', - :public_url => 'https://10.0.42.1:4242/v43/%(tenant_id)s', - :admin_url => 'https://10.0.42.2:4242/v43/%(tenant_id)s', - :internal_url => 'https://10.0.42.3:4242/v43/%(tenant_id)s' - ) - end - end - - describe 'when endpoint is_expected.to not be configured' do - before do - params.merge!( - :configure_endpoint => false, - :configure_endpoint_v2 => false, - :configure_endpoint_v3 => false - ) - end - it { is_expected.to_not contain_keystone_endpoint('RegionOne/cinder::volume') } - it { is_expected.to_not contain_keystone_endpoint('RegionOne/cinderv2::volumev2') } - it { is_expected.to_not contain_keystone_endpoint('RegionOne/cinderv3::volumev3') } - end - - describe 'when user is_expected.to not be configured' do - before do - params.merge!( - :configure_user => false - ) - end - - it { is_expected.to_not contain_keystone_user('cinder') } - it { is_expected.to contain_keystone_user_role('cinder@services') } - it { is_expected.to contain_keystone_service('cinder::volume').with( - :ensure => 'present', - :description => 'Cinder Service' - ) } - - end - - describe 'when user and user role is_expected.to not be configured' do - before do - params.merge!( - :configure_user => false, - :configure_user_role => false - ) - end - - it { is_expected.to_not contain_keystone_user('cinder') } - it { is_expected.to_not contain_keystone_user_role('cinder@services') } - it { is_expected.to contain_keystone_service('cinder::volume').with( - :ensure => 'present', - :description => 'Cinder Service' - ) } - - end - - describe 'when user and user role for v2 is_expected.to be configured' do - before do - params.merge!( - :configure_user_v2 => true, - :configure_user_role_v2 => true, - ) - end - - it { is_expected.to contain_keystone__resource__service_identity('cinderv2').with( - :configure_user => true, - :configure_user_role => true, - :email => 'cinderv2@localhost', - :tenant => 'services' - ) } - - end - - describe 'when user and user role for v3 is_expected.to be configured' do - before do - params.merge!( - :configure_user_v3 => true, - :configure_user_role_v3 => true, - ) - end - - it { is_expected.to contain_keystone__resource__service_identity('cinderv3').with( - :configure_user => true, - :configure_user_role => true, - :email => 'cinderv3@localhost', - :tenant => 'services' - ) } - - end - - describe 'when overriding service names' do - - before do - params.merge!( - :service_name => 'cinder_service', - :service_name_v2 => 'cinder_service_v2', - :service_name_v3 => 'cinder_service_v3', - ) - end - - it { is_expected.to contain_keystone_user('cinder') } - it { is_expected.to contain_keystone_user_role('cinder@services') } - it { is_expected.to contain_keystone_service('cinder_service::volume') } - it { is_expected.to contain_keystone_service('cinder_service_v2::volumev2') } - it { is_expected.to contain_keystone_service('cinder_service_v3::volumev3') } - it { is_expected.to contain_keystone_endpoint('RegionOne/cinder_service::volume') } - it { is_expected.to contain_keystone_endpoint('RegionOne/cinder_service_v2::volumev2') } - it { is_expected.to contain_keystone_endpoint('RegionOne/cinder_service_v3::volumev3') } - - end - -end diff --git a/cinder/spec/classes/cinder_logging_spec.rb b/cinder/spec/classes/cinder_logging_spec.rb deleted file mode 100644 index f7a6f8469..000000000 --- a/cinder/spec/classes/cinder_logging_spec.rb +++ /dev/null @@ -1,124 +0,0 @@ -require 'spec_helper' - -describe 'cinder::logging' do - - let :params do - { - } - end - - let :log_params do - { - :logging_context_format_string => '%(asctime)s.%(msecs)03d %(process)d %(levelname)s %(name)s [%(request_id)s %(user_identity)s] %(instance)s%(message)s', - :logging_default_format_string => '%(asctime)s.%(msecs)03d %(process)d %(levelname)s %(name)s [-] %(instance)s%(message)s', - :logging_debug_format_suffix => '%(funcName)s %(pathname)s:%(lineno)d', - :logging_exception_prefix => '%(asctime)s.%(msecs)03d %(process)d TRACE %(name)s %(instance)s', - :log_config_append => '/etc/cinder/logging.conf', - :publish_errors => true, - :default_log_levels => { - 'amqp' => 'WARN', 'amqplib' => 'WARN', 'boto' => 'WARN', - 'qpid' => 'WARN', 'sqlalchemy' => 'WARN', 'suds' => 'INFO', - 'iso8601' => 'WARN', - 'requests.packages.urllib3.connectionpool' => 'WARN' }, - :fatal_deprecations => true, - :instance_format => '[instance: %(uuid)s] ', - :instance_uuid_format => '[instance: %(uuid)s] ', - :log_date_format => '%Y-%m-%d %H:%M:%S', - :use_syslog => false, - :use_stderr => false, - :log_facility => 'LOG_USER', - :log_dir => '/var/log', - :verbose => true, - :debug => true, - } - end - - shared_examples_for 'cinder-logging' do - - context 'with basic logging options and default settings' do - it_configures 'basic default logging settings' - end - - context 'with basic logging options and non-default settings' do - before { params.merge!( log_params ) } - it_configures 'basic non-default logging settings' - end - - context 'with extended logging options' do - before { params.merge!( log_params ) } - it_configures 'logging params set' - end - - end - - shared_examples 'basic default logging settings' do - it 'configures cinder logging settins with default values' do - is_expected.to contain_cinder_config('DEFAULT/use_syslog').with(:value => '') - is_expected.to contain_cinder_config('DEFAULT/use_stderr').with(:value => '') - is_expected.to contain_cinder_config('DEFAULT/syslog_log_facility').with(:value => '') - is_expected.to contain_cinder_config('DEFAULT/log_dir').with(:value => '/var/log/cinder') - is_expected.to contain_cinder_config('DEFAULT/verbose').with(:value => '') - is_expected.to contain_cinder_config('DEFAULT/debug').with(:value => '') - end - end - - shared_examples 'basic non-default logging settings' do - it 'configures cinder logging settins with non-default values' do - is_expected.to contain_cinder_config('DEFAULT/use_syslog').with(:value => 'false') - is_expected.to contain_cinder_config('DEFAULT/use_stderr').with(:value => 'false') - is_expected.to contain_cinder_config('DEFAULT/syslog_log_facility').with(:value => 'LOG_USER') - is_expected.to contain_cinder_config('DEFAULT/log_dir').with(:value => '/var/log') - is_expected.to contain_cinder_config('DEFAULT/verbose').with(:value => 'true') - is_expected.to contain_cinder_config('DEFAULT/debug').with(:value => 'true') - end - end - - shared_examples_for 'logging params set' do - it 'enables logging params' do - is_expected.to contain_cinder_config('DEFAULT/logging_context_format_string').with_value( - '%(asctime)s.%(msecs)03d %(process)d %(levelname)s %(name)s [%(request_id)s %(user_identity)s] %(instance)s%(message)s') - - is_expected.to contain_cinder_config('DEFAULT/logging_default_format_string').with_value( - '%(asctime)s.%(msecs)03d %(process)d %(levelname)s %(name)s [-] %(instance)s%(message)s') - - is_expected.to contain_cinder_config('DEFAULT/logging_debug_format_suffix').with_value( - '%(funcName)s %(pathname)s:%(lineno)d') - - is_expected.to contain_cinder_config('DEFAULT/logging_exception_prefix').with_value( - '%(asctime)s.%(msecs)03d %(process)d TRACE %(name)s %(instance)s') - - is_expected.to contain_cinder_config('DEFAULT/log_config_append').with_value( - '/etc/cinder/logging.conf') - is_expected.to contain_cinder_config('DEFAULT/publish_errors').with_value( - true) - - is_expected.to contain_cinder_config('DEFAULT/default_log_levels').with_value( - 'amqp=WARN,amqplib=WARN,boto=WARN,iso8601=WARN,qpid=WARN,requests.packages.urllib3.connectionpool=WARN,sqlalchemy=WARN,suds=INFO') - - is_expected.to contain_cinder_config('DEFAULT/fatal_deprecations').with_value( - true) - - is_expected.to contain_cinder_config('DEFAULT/instance_format').with_value( - '[instance: %(uuid)s] ') - - is_expected.to contain_cinder_config('DEFAULT/instance_uuid_format').with_value( - '[instance: %(uuid)s] ') - - is_expected.to contain_cinder_config('DEFAULT/log_date_format').with_value( - '%Y-%m-%d %H:%M:%S') - end - end - - on_supported_os({ - :supported_os => OSDefaults.get_supported_os - }).each do |os,facts| - context "on #{os}" do - let (:facts) do - facts.merge(OSDefaults.get_facts({:processorcount => 8})) - end - - it_configures 'cinder-logging' - end - end - -end diff --git a/cinder/spec/classes/cinder_params_spec.rb b/cinder/spec/classes/cinder_params_spec.rb deleted file mode 100644 index 306ce1811..000000000 --- a/cinder/spec/classes/cinder_params_spec.rb +++ /dev/null @@ -1,12 +0,0 @@ -require 'spec_helper' - -describe 'cinder::params' do - - let :facts do - {:osfamily => 'Debian'} - end - it 'should compile' do - subject - end - -end diff --git a/cinder/spec/classes/cinder_policy_spec.rb b/cinder/spec/classes/cinder_policy_spec.rb deleted file mode 100644 index 24229e763..000000000 --- a/cinder/spec/classes/cinder_policy_spec.rb +++ /dev/null @@ -1,38 +0,0 @@ -require 'spec_helper' - -describe 'cinder::policy' do - - shared_examples_for 'cinder policies' do - let :params do - { - :policy_path => '/etc/cinder/policy.json', - :policies => { - 'context_is_admin' => { - 'key' => 'context_is_admin', - 'value' => 'foo:bar' - } - } - } - end - - it 'set up the policies' do - is_expected.to contain_openstacklib__policy__base('context_is_admin').with({ - :key => 'context_is_admin', - :value => 'foo:bar' - }) - end - end - - on_supported_os({ - :supported_os => OSDefaults.get_supported_os - }).each do |os,facts| - context "on #{os}" do - let (:facts) do - facts.merge(OSDefaults.get_facts({:processorcount => 8})) - end - - it_configures 'cinder policies' - end - end - -end diff --git a/cinder/spec/classes/cinder_quota_spec.rb b/cinder/spec/classes/cinder_quota_spec.rb deleted file mode 100644 index d022ea1a1..000000000 --- a/cinder/spec/classes/cinder_quota_spec.rb +++ /dev/null @@ -1,56 +0,0 @@ -require 'spec_helper' - -describe 'cinder::quota' do - let :default_params do - { :quota_volumes => '', - :quota_snapshots => '', - :quota_gigabytes => '', - :quota_driver => '' } - end - - let :params do - {} - end - - shared_examples_for 'cinder quota' do - - let :p do - default_params.merge(params) - end - - it 'contains default values' do - is_expected.to contain_cinder_config('DEFAULT/quota_volumes').with_value(p[:quota_volumes]) - is_expected.to contain_cinder_config('DEFAULT/quota_snapshots').with_value(p[:quota_snapshots]) - is_expected.to contain_cinder_config('DEFAULT/quota_gigabytes').with_value(p[:quota_gigabytes]) - is_expected.to contain_cinder_config('DEFAULT/quota_driver').with_value(p[:quota_driver]) - end - - context 'configure quota with parameters' do - before :each do - params.merge!({ :quota_volumes => 1000, - :quota_snapshots => 1000, - :quota_gigabytes => 100000 }) - end - - it 'contains overrided values' do - is_expected.to contain_cinder_config('DEFAULT/quota_volumes').with_value(p[:quota_volumes]) - is_expected.to contain_cinder_config('DEFAULT/quota_snapshots').with_value(p[:quota_snapshots]) - is_expected.to contain_cinder_config('DEFAULT/quota_gigabytes').with_value(p[:quota_gigabytes]) - is_expected.to contain_cinder_config('DEFAULT/quota_driver').with_value(p[:quota_driver]) - end - end - end - - on_supported_os({ - :supported_os => OSDefaults.get_supported_os - }).each do |os,facts| - context "on #{os}" do - let (:facts) do - facts.merge(OSDefaults.get_facts({:processorcount => 8})) - end - - it_configures 'cinder quota' - end - end - -end diff --git a/cinder/spec/classes/cinder_rabbitmq_spec.rb b/cinder/spec/classes/cinder_rabbitmq_spec.rb deleted file mode 100644 index bccea7bef..000000000 --- a/cinder/spec/classes/cinder_rabbitmq_spec.rb +++ /dev/null @@ -1,50 +0,0 @@ -require 'spec_helper' - -describe 'cinder::rabbitmq' do - - let :facts do - { - :osfamily => 'Debian', - } - end - - describe 'with defaults' do - - it 'should contain all of the default resources' do - - is_expected.to contain_rabbitmq_vhost('/').with( - :provider => 'rabbitmqctl' - ) - end - - end - - describe 'when a rabbitmq user is specified' do - - let :params do - { - :userid => 'dan', - :password => 'pass' - } - end - - it 'should contain user and permissions' do - - is_expected.to contain_rabbitmq_user('dan').with( - :admin => true, - :password => 'pass', - :provider => 'rabbitmqctl' - ) - - is_expected.to contain_rabbitmq_user_permissions('dan@/').with( - :configure_permission => '.*', - :write_permission => '.*', - :read_permission => '.*', - :provider => 'rabbitmqctl' - ) - - end - - end - -end diff --git a/cinder/spec/classes/cinder_scheduler_filter_spec.rb b/cinder/spec/classes/cinder_scheduler_filter_spec.rb deleted file mode 100644 index 68e2649a7..000000000 --- a/cinder/spec/classes/cinder_scheduler_filter_spec.rb +++ /dev/null @@ -1,61 +0,0 @@ -require 'spec_helper' - -describe 'cinder::scheduler::filter' do - - let :default_params do - { :scheduler_default_filters => '' } - end - - let :params do - {} - end - - shared_examples_for 'cinder scheduler filter' do - - let :p do - default_params.merge(params) - end - - it 'contains default values' do - is_expected.to contain_cinder_config('DEFAULT/scheduler_default_filters').with_ensure('absent') - end - - context 'configure filters with array' do - before :each do - params.merge!({ - :scheduler_default_filters => ['AvailabilityZoneFilter', 'CapacityFilter', 'CapabilitiesFilter'] - }) - end - - it 'contains overrided values' do - is_expected.to contain_cinder_config('DEFAULT/scheduler_default_filters').with_value(p[:scheduler_default_filters].join(',')) - end - end - - context 'configure filters with string' do - before :each do - params.merge!({ - :scheduler_default_filters => 'AvailabilityZoneFilter,CapacityFilter,CapabilitiesFilter' - }) - end - - it 'contains overrided values' do - is_expected.to contain_cinder_config('DEFAULT/scheduler_default_filters').with_value(p[:scheduler_default_filters]) - end - end - - end - - on_supported_os({ - :supported_os => OSDefaults.get_supported_os - }).each do |os,facts| - context "on #{os}" do - let (:facts) do - facts.merge(OSDefaults.get_facts({:processorcount => 8})) - end - - it_configures 'cinder scheduler filter' - end - end - -end diff --git a/cinder/spec/classes/cinder_scheduler_spec.rb b/cinder/spec/classes/cinder_scheduler_spec.rb deleted file mode 100644 index 34dbfff34..000000000 --- a/cinder/spec/classes/cinder_scheduler_spec.rb +++ /dev/null @@ -1,84 +0,0 @@ -require 'spec_helper' - -describe 'cinder::scheduler' do - - describe 'on debian platforms' do - - let :facts do - OSDefaults.get_facts({ :osfamily => 'Debian' }) - end - - describe 'with default parameters' do - - it { is_expected.to contain_class('cinder::params') } - it { is_expected.to contain_cinder_config('DEFAULT/scheduler_driver').with_value('') } - - it { is_expected.to contain_package('cinder-scheduler').with( - :name => 'cinder-scheduler', - :ensure => 'present', - :before => ['Service[cinder-scheduler]'], - :tag => ['openstack', 'cinder-package'], - ) } - - it { is_expected.to contain_service('cinder-scheduler').with( - :name => 'cinder-scheduler', - :enable => true, - :ensure => 'running', - :require => 'Package[cinder]', - :hasstatus => true, - :tag => 'cinder-service', - ) } - end - - describe 'with parameters' do - - let :params do - { :scheduler_driver => 'cinder.scheduler.filter_scheduler.FilterScheduler', - :package_ensure => 'present' - } - end - - it { is_expected.to contain_cinder_config('DEFAULT/scheduler_driver').with_value('cinder.scheduler.filter_scheduler.FilterScheduler') } - it { is_expected.to contain_package('cinder-scheduler').with_ensure('present') } - end - - describe 'with manage_service false' do - let :params do - { 'manage_service' => false - } - end - it 'should not change the state of the service' do - is_expected.to contain_service('cinder-scheduler').without_ensure - end - end - end - - - describe 'on rhel platforms' do - - let :facts do - OSDefaults.get_facts({ :osfamily => 'RedHat' }) - end - - describe 'with default parameters' do - - it { is_expected.to contain_class('cinder::params') } - - it { is_expected.to contain_service('cinder-scheduler').with( - :name => 'openstack-cinder-scheduler', - :enable => true, - :ensure => 'running', - :require => 'Package[cinder]' - ) } - end - - describe 'with parameters' do - - let :params do - { :scheduler_driver => 'cinder.scheduler.filter_scheduler.FilterScheduler' } - end - - it { is_expected.to contain_cinder_config('DEFAULT/scheduler_driver').with_value('cinder.scheduler.filter_scheduler.FilterScheduler') } - end - end -end diff --git a/cinder/spec/classes/cinder_setup_test_volume_spec.rb b/cinder/spec/classes/cinder_setup_test_volume_spec.rb deleted file mode 100644 index 6be9f7bf5..000000000 --- a/cinder/spec/classes/cinder_setup_test_volume_spec.rb +++ /dev/null @@ -1,24 +0,0 @@ -require 'spec_helper' - -describe 'cinder::setup_test_volume' do - - it { is_expected.to contain_package('lvm2').with( - :ensure => 'present', - :require => 'Package[cinder]' - ) } - - it 'should contain volume creation execs' do - is_expected.to contain_exec('create_/var/lib/cinder/cinder-volumes').with( - :command => 'dd if=/dev/zero of="/var/lib/cinder/cinder-volumes" bs=1 count=0 seek=4G' - ) - is_expected.to contain_exec('losetup /dev/loop2 /var/lib/cinder/cinder-volumes') - is_expected.to contain_exec('pvcreate /dev/loop2') - is_expected.to contain_exec('vgcreate cinder-volumes /dev/loop2') - end - - it 'should set 0640 permissions for cinder-volumes' do - is_expected.to contain_file('/var/lib/cinder/cinder-volumes').with( - :mode => '0640' - ) - end -end diff --git a/cinder/spec/classes/cinder_spec.rb b/cinder/spec/classes/cinder_spec.rb deleted file mode 100644 index b7855dec6..000000000 --- a/cinder/spec/classes/cinder_spec.rb +++ /dev/null @@ -1,269 +0,0 @@ -require 'spec_helper' -describe 'cinder' do - let :req_params do - { - :rabbit_password => 'guest', - :database_connection => 'mysql://user:password@host/database', - :lock_path => '/var/lock/cinder', - } - end - - let :facts do - OSDefaults.get_facts({ - :osfamily => 'Debian', - :operatingsystem => 'Debian', - :operatingsystemrelease => 'jessie', - }) - end - - describe 'with only required params' do - let :params do - req_params - end - - it { is_expected.to contain_class('cinder::logging') } - it { is_expected.to contain_class('cinder::params') } - it { is_expected.to contain_class('mysql::bindings::python') } - - it 'should contain default config' do - is_expected.to contain_cinder_config('DEFAULT/rpc_backend').with(:value => 'rabbit') - is_expected.to contain_cinder_config('DEFAULT/control_exchange').with(:value => 'openstack') - is_expected.to contain_cinder_config('DEFAULT/report_interval').with(:value => '') - is_expected.to contain_cinder_config('DEFAULT/service_down_time').with(:value => '') - is_expected.to contain_cinder_config('oslo_messaging_rabbit/rabbit_password').with(:value => 'guest', :secret => true) - is_expected.to contain_cinder_config('oslo_messaging_rabbit/rabbit_host').with(:value => '127.0.0.1') - is_expected.to contain_cinder_config('oslo_messaging_rabbit/rabbit_port').with(:value => '5672') - is_expected.to contain_cinder_config('oslo_messaging_rabbit/rabbit_hosts').with(:value => '127.0.0.1:5672') - is_expected.to contain_cinder_config('oslo_messaging_rabbit/rabbit_ha_queues').with(:value => false) - is_expected.to contain_cinder_config('oslo_messaging_rabbit/rabbit_virtual_host').with(:value => '/') - is_expected.to contain_cinder_config('oslo_messaging_rabbit/heartbeat_timeout_threshold').with_value('0') - is_expected.to contain_cinder_config('oslo_messaging_rabbit/heartbeat_rate').with_value('2') - is_expected.to contain_cinder_config('oslo_messaging_rabbit/rabbit_userid').with(:value => 'guest') - is_expected.to contain_cinder_config('oslo_messaging_rabbit/kombu_reconnect_delay').with(:value => '') - is_expected.to contain_cinder_config('DEFAULT/storage_availability_zone').with(:value => 'nova') - is_expected.to contain_cinder_config('DEFAULT/default_availability_zone').with(:value => 'nova') - is_expected.to contain_cinder_config('DEFAULT/api_paste_config').with(:value => '/etc/cinder/api-paste.ini') - is_expected.to contain_cinder_config('oslo_concurrency/lock_path').with(:value => '/var/lock/cinder') - end - - end - describe 'with modified rabbit_hosts' do - let :params do - req_params.merge({'rabbit_hosts' => ['rabbit1:5672', 'rabbit2:5672']}) - end - - it 'should contain many' do - is_expected.to contain_cinder_config('oslo_messaging_rabbit/rabbit_host').with(:value => nil) - is_expected.to contain_cinder_config('oslo_messaging_rabbit/rabbit_port').with(:value => nil) - is_expected.to contain_cinder_config('oslo_messaging_rabbit/rabbit_hosts').with(:value => 'rabbit1:5672,rabbit2:5672') - is_expected.to contain_cinder_config('oslo_messaging_rabbit/rabbit_ha_queues').with(:value => true) - end - end - - describe 'with a single rabbit_hosts entry' do - let :params do - req_params.merge({'rabbit_hosts' => ['rabbit1:5672']}) - end - - it 'should contain many' do - is_expected.to contain_cinder_config('oslo_messaging_rabbit/rabbit_host').with(:value => nil) - is_expected.to contain_cinder_config('oslo_messaging_rabbit/rabbit_port').with(:value => nil) - is_expected.to contain_cinder_config('oslo_messaging_rabbit/rabbit_hosts').with(:value => 'rabbit1:5672') - is_expected.to contain_cinder_config('oslo_messaging_rabbit/rabbit_ha_queues').with(:value => false) - end - end - - describe 'a single rabbit_host with enable ha queues' do - let :params do - req_params.merge({'rabbit_ha_queues' => true}) - end - - it 'should contain rabbit_ha_queues' do - is_expected.to contain_cinder_config('oslo_messaging_rabbit/rabbit_ha_queues').with(:value => true) - end - end - - describe 'with rabbitmq heartbeats' do - let :params do - req_params.merge({'rabbit_heartbeat_timeout_threshold' => '60', 'rabbit_heartbeat_rate' => '10'}) - end - - it 'should contain heartbeat config' do - is_expected.to contain_cinder_config('oslo_messaging_rabbit/heartbeat_timeout_threshold').with_value('60') - is_expected.to contain_cinder_config('oslo_messaging_rabbit/heartbeat_rate').with_value('10') - end - end - - describe 'with SSL enabled with kombu' do - let :params do - req_params.merge!({ - :rabbit_use_ssl => true, - :kombu_ssl_ca_certs => '/path/to/ssl/ca/certs', - :kombu_ssl_certfile => '/path/to/ssl/cert/file', - :kombu_ssl_keyfile => '/path/to/ssl/keyfile', - :kombu_ssl_version => 'TLSv1' - }) - end - - it do - is_expected.to contain_cinder_config('oslo_messaging_rabbit/rabbit_use_ssl').with_value('true') - is_expected.to contain_cinder_config('oslo_messaging_rabbit/kombu_ssl_ca_certs').with_value('/path/to/ssl/ca/certs') - is_expected.to contain_cinder_config('oslo_messaging_rabbit/kombu_ssl_certfile').with_value('/path/to/ssl/cert/file') - is_expected.to contain_cinder_config('oslo_messaging_rabbit/kombu_ssl_keyfile').with_value('/path/to/ssl/keyfile') - is_expected.to contain_cinder_config('oslo_messaging_rabbit/kombu_ssl_version').with_value('TLSv1') - end - end - - describe 'with SSL enabled without kombu' do - let :params do - req_params.merge!({ - :rabbit_use_ssl => true, - }) - end - - it do - is_expected.to contain_cinder_config('oslo_messaging_rabbit/rabbit_use_ssl').with_value('true') - is_expected.to contain_cinder_config('oslo_messaging_rabbit/kombu_ssl_ca_certs').with_value('') - is_expected.to contain_cinder_config('oslo_messaging_rabbit/kombu_ssl_certfile').with_value('') - is_expected.to contain_cinder_config('oslo_messaging_rabbit/kombu_ssl_keyfile').with_value('') - is_expected.to contain_cinder_config('oslo_messaging_rabbit/kombu_ssl_version').with_value('') - end - end - - describe 'with SSL disabled' do - let :params do - req_params.merge!({ - :rabbit_use_ssl => false, - :kombu_ssl_ca_certs => '', - :kombu_ssl_certfile => '', - :kombu_ssl_keyfile => '', - :kombu_ssl_version => '' - }) - end - - it do - is_expected.to contain_cinder_config('oslo_messaging_rabbit/rabbit_use_ssl').with_value('false') - is_expected.to contain_cinder_config('oslo_messaging_rabbit/kombu_ssl_ca_certs').with_value('') - is_expected.to contain_cinder_config('oslo_messaging_rabbit/kombu_ssl_certfile').with_value('') - is_expected.to contain_cinder_config('oslo_messaging_rabbit/kombu_ssl_keyfile').with_value('') - is_expected.to contain_cinder_config('oslo_messaging_rabbit/kombu_ssl_version').with_value('') - end - end - - describe 'with different lock_path' do - let(:params) { req_params.merge!({:lock_path => '/var/run/cinder.locks'}) } - it { is_expected.to contain_cinder_config('oslo_concurrency/lock_path').with_value('/var/run/cinder.locks') } - end - - describe 'with amqp_durable_queues disabled' do - let :params do - req_params - end - - it { is_expected.to contain_cinder_config('oslo_messaging_rabbit/amqp_durable_queues').with_value(false) } - end - - describe 'with amqp_durable_queues enabled' do - let :params do - req_params.merge({ - :amqp_durable_queues => true, - }) - end - - it { is_expected.to contain_cinder_config('oslo_messaging_rabbit/amqp_durable_queues').with_value(true) } - end - - describe 'with postgresql' do - let :params do - { - :database_connection => 'postgresql://user:drowssap@host/database', - :rabbit_password => 'guest', - } - end - - it { is_expected.to_not contain_class('mysql::python') } - it { is_expected.to_not contain_class('mysql::bindings') } - it { is_expected.to_not contain_class('mysql::bindings::python') } - end - - describe 'with SSL socket options set' do - let :params do - { - :use_ssl => true, - :cert_file => '/path/to/cert', - :ca_file => '/path/to/ca', - :key_file => '/path/to/key', - :rabbit_password => 'guest', - } - end - - it { is_expected.to contain_cinder_config('DEFAULT/ssl_ca_file').with_value('/path/to/ca') } - it { is_expected.to contain_cinder_config('DEFAULT/ssl_cert_file').with_value('/path/to/cert') } - it { is_expected.to contain_cinder_config('DEFAULT/ssl_key_file').with_value('/path/to/key') } - end - - describe 'with SSL socket options set to false' do - let :params do - { - :use_ssl => false, - :cert_file => false, - :ca_file => false, - :key_file => false, - :rabbit_password => 'guest', - } - end - - it { is_expected.to contain_cinder_config('DEFAULT/ssl_ca_file').with_ensure('absent') } - it { is_expected.to contain_cinder_config('DEFAULT/ssl_cert_file').with_ensure('absent') } - it { is_expected.to contain_cinder_config('DEFAULT/ssl_key_file').with_ensure('absent') } - end - - describe 'with SSL socket options set wrongly configured' do - let :params do - { - :use_ssl => true, - :ca_file => '/path/to/ca', - :key_file => '/path/to/key', - :rabbit_password => 'guest', - } - end - - it_raises 'a Puppet::Error', /The cert_file parameter is required when use_ssl is set to true/ - end - - describe 'with APIs set for Mitaka (proposed)' do - let :params do - { - :enable_v1_api => false, - :enable_v2_api => true, - :enable_v3_api => true, - :rabbit_password => 'guest', - } - end - - it { is_expected.to contain_cinder_config('DEFAULT/enable_v1_api').with_value(false) } - it { is_expected.to contain_cinder_config('DEFAULT/enable_v2_api').with_value(true) } - it { is_expected.to contain_cinder_config('DEFAULT/enable_v3_api').with_value(true) } - - end - - describe 'with image_conversion_dir' do - let :params do - req_params.merge({ - :image_conversion_dir => '/tmp/foo', - }) - end - - it { is_expected.to contain_cinder_config('DEFAULT/image_conversion_dir').with_value('/tmp/foo') } - end - - describe 'with host' do - let :params do - req_params.merge({ - :host => 'mystring', - }) - end - - it { is_expected.to contain_cinder_config('DEFAULT/host').with_value('mystring') } - end -end diff --git a/cinder/spec/classes/cinder_vmware_spec.rb b/cinder/spec/classes/cinder_vmware_spec.rb deleted file mode 100644 index 99e5ff518..000000000 --- a/cinder/spec/classes/cinder_vmware_spec.rb +++ /dev/null @@ -1,28 +0,0 @@ -require 'spec_helper' - -describe 'cinder::vmware' do - - describe 'with defaults' do - it 'should create vmware special types' do - is_expected.to contain_cinder_type('vmware-thin').with( - :ensure => :present, - :properties => ['vmware:vmdk_type=thin']) - - is_expected.to contain_cinder_type('vmware-thick').with( - :ensure => :present, - :properties => ['vmware:vmdk_type=thick']) - - is_expected.to contain_cinder_type('vmware-eagerZeroedThick').with( - :ensure => :present, - :properties => ['vmware:vmdk_type=eagerZeroedThick']) - - is_expected.to contain_cinder_type('vmware-full').with( - :ensure => :present, - :properties => ['vmware:clone_type=full']) - - is_expected.to contain_cinder_type('vmware-linked').with( - :ensure => :present, - :properties => ['vmware:clone_type=linked']) - end - end -end diff --git a/cinder/spec/classes/cinder_volume_dellsc_iscsi_spec.rb b/cinder/spec/classes/cinder_volume_dellsc_iscsi_spec.rb deleted file mode 100644 index ffa61723b..000000000 --- a/cinder/spec/classes/cinder_volume_dellsc_iscsi_spec.rb +++ /dev/null @@ -1,62 +0,0 @@ -require 'spec_helper' - -describe 'cinder::volume::dellsc_iscsi' do - - let :params do - { - :san_ip => '172.23.8.101', - :san_login => 'Admin', - :san_password => '12345', - :iscsi_ip_address => '192.168.0.20', - :dell_sc_ssn => '64720', - } - end - - let :default_params do - { - :dell_sc_api_port => '', - :dell_sc_server_folder => 'srv', - :dell_sc_verify_cert => '', - :dell_sc_volume_folder => 'vol', - :iscsi_port => '', - } - end - - let :facts do - OSDefaults.get_facts({}) - end - - shared_examples_for 'dellsc_iscsi volume driver' do - let :params_hash do - default_params.merge(params) - end - - it 'configures cinder volume driver' do - params_hash.each_pair do |config,value| - is_expected.to contain_cinder_config("DEFAULT/#{config}").with_value( value ) - end - end - - it 'marks san_password as secret' do - is_expected.to contain_cinder_config('DEFAULT/san_password').with_secret( true ) - end - - end - - context 'with parameters' do - it_configures 'dellsc_iscsi volume driver' - end - - context 'dellsc_iscsi volume driver with additional configuration' do - before :each do - params.merge!({:extra_options => { 'dellsc_iscsi_backend/param1' => {'value' => 'value1'}}}) - end - - it 'configure dellsc_iscsi volume with additional configuration' do - is_expected.to contain_cinder__backend__dellsc_iscsi('DEFAULT').with({ - :extra_options => {'dellsc_iscsi_backend/param1' => {'value' => 'value1'}} - }) - end - - end -end diff --git a/cinder/spec/classes/cinder_volume_emc_vnx_spec.rb b/cinder/spec/classes/cinder_volume_emc_vnx_spec.rb deleted file mode 100644 index c7fdaa398..000000000 --- a/cinder/spec/classes/cinder_volume_emc_vnx_spec.rb +++ /dev/null @@ -1,46 +0,0 @@ -require 'spec_helper' - -describe 'cinder::volume::emc_vnx' do - let :req_params do - { - :san_ip => '127.0.0.2', - :san_login => 'emc', - :san_password => 'password', - :iscsi_ip_address => '127.0.0.3', - :storage_vnx_pool_name => 'emc-storage-pool' - } - end - - let :facts do - {:osfamily => 'Redhat' } - end - - let :params do - req_params - end - - describe 'emc vnx volume driver' do - it 'configure emc vnx volume driver' do - is_expected.to contain_cinder_config('DEFAULT/volume_driver').with_value('cinder.volume.drivers.emc.emc_cli_iscsi.EMCCLIISCSIDriver') - is_expected.to contain_cinder_config('DEFAULT/san_ip').with_value('127.0.0.2') - is_expected.to contain_cinder_config('DEFAULT/san_login').with_value('emc') - is_expected.to contain_cinder_config('DEFAULT/san_password').with_value('password') - is_expected.to contain_cinder_config('DEFAULT/iscsi_ip_address').with_value('127.0.0.3') - is_expected.to contain_cinder_config('DEFAULT/storage_vnx_pool_name').with_value('emc-storage-pool') - end - end - - describe 'emc vnx volume driver with additional configuration' do - before :each do - params.merge!({:extra_options => {'emc_vnx_backend/param1' => {'value' => 'value1'}}}) - end - - it 'configure emc vnx volume with additional configuration' do - is_expected.to contain_cinder__backend__emc_vnx('DEFAULT').with({ - :extra_options => {'emc_vnx_backend/param1' => {'value' => 'value1'}} - }) - end - end - - -end diff --git a/cinder/spec/classes/cinder_volume_eqlx_spec.rb b/cinder/spec/classes/cinder_volume_eqlx_spec.rb deleted file mode 100644 index ac9b46fdc..000000000 --- a/cinder/spec/classes/cinder_volume_eqlx_spec.rb +++ /dev/null @@ -1,52 +0,0 @@ -require 'spec_helper' - -describe 'cinder::volume::eqlx' do - - let :params do { - :san_ip => '192.168.100.10', - :san_login => 'grpadmin', - :san_password => '12345', - :san_thin_provision => true, - :eqlx_group_name => 'group-a', - :eqlx_pool => 'apool', - :eqlx_use_chap => true, - :eqlx_chap_login => 'chapadm', - :eqlx_chap_password => '56789', - :eqlx_cli_timeout => 31, - :eqlx_cli_max_retries => 6, - } - end - - let :facts do - OSDefaults.get_facts({}) - end - - describe 'eqlx volume driver' do - it 'configures eqlx volume driver' do - is_expected.to contain_cinder_config('DEFAULT/volume_driver').with_value('cinder.volume.drivers.eqlx.DellEQLSanISCSIDriver') - is_expected.to contain_cinder_config('DEFAULT/volume_backend_name').with_value('DEFAULT') - - params.each_pair do |config,value| - is_expected.to contain_cinder_config("DEFAULT/#{config}").with_value(value) - end - end - - it 'marks eqlx_chap_password as secret' do - is_expected.to contain_cinder_config('DEFAULT/eqlx_chap_password').with_secret( true ) - end - - end - - describe 'eqlx volume driver with additional configuration' do - before :each do - params.merge!({:extra_options => {'eqlx_backend/param1' => {'value' => 'value1'}}}) - end - - it 'configure eqlx volume with additional configuration' do - is_expected.to contain_cinder__backend__eqlx('DEFAULT').with({ - :extra_options => {'eqlx_backend/param1' => {'value' => 'value1'}} - }) - end - end - -end diff --git a/cinder/spec/classes/cinder_volume_glusterfs_spec.rb b/cinder/spec/classes/cinder_volume_glusterfs_spec.rb deleted file mode 100644 index 17625656a..000000000 --- a/cinder/spec/classes/cinder_volume_glusterfs_spec.rb +++ /dev/null @@ -1,55 +0,0 @@ -require 'spec_helper' - -describe 'cinder::volume::glusterfs' do - - shared_examples_for 'glusterfs volume driver' do - let :params do - { - :glusterfs_shares => ['10.10.10.10:/volumes', '10.10.10.11:/volumes'], - :glusterfs_shares_config => '/etc/cinder/other_shares.conf', - :glusterfs_sparsed_volumes => true, - :glusterfs_mount_point_base => '/cinder_mount_point', - } - end - - it 'configures glusterfs volume driver' do - is_expected.to contain_cinder_config('DEFAULT/volume_driver').with_value('cinder.volume.drivers.glusterfs.GlusterfsDriver') - is_expected.to contain_cinder_config('DEFAULT/glusterfs_shares_config').with_value('/etc/cinder/other_shares.conf') - is_expected.to contain_cinder_config('DEFAULT/glusterfs_sparsed_volumes').with_value(true) - is_expected.to contain_cinder_config('DEFAULT/glusterfs_mount_point_base').with_value('/cinder_mount_point') - is_expected.to contain_cinder_config('DEFAULT/glusterfs_backup_mount_point').with_value('') - is_expected.to contain_cinder_config('DEFAULT/glusterfs_backup_share').with_value('') - is_expected.to contain_file('/etc/cinder/other_shares.conf').with( - :content => "10.10.10.10:/volumes\n10.10.10.11:/volumes\n", - :require => 'Package[cinder]', - :notify => 'Service[cinder-volume]' - ) - end - - context 'glusterfs volume driver with additional configuration' do - before do - params.merge!({:extra_options => {'glusterfs_backend/param1' => { 'value' => 'value1' }}}) - end - - it 'configure glusterfs volume with additional configuration' do - is_expected.to contain_cinder__backend__glusterfs('DEFAULT').with({ - :extra_options => {'glusterfs_backend/param1' => {'value' => 'value1'}} - }) - end - - end - end - - on_supported_os({ - :supported_os => OSDefaults.get_supported_os - }).each do |os,facts| - context "on #{os}" do - let (:facts) do - facts.merge(OSDefaults.get_facts({:processorcount => 8})) - end - - it_configures 'glusterfs volume driver' - end - end - -end diff --git a/cinder/spec/classes/cinder_volume_gpfs_spec.rb b/cinder/spec/classes/cinder_volume_gpfs_spec.rb deleted file mode 100644 index 3d6c08452..000000000 --- a/cinder/spec/classes/cinder_volume_gpfs_spec.rb +++ /dev/null @@ -1,21 +0,0 @@ -require 'spec_helper' - -describe 'cinder::volume::gpfs' do - - let :params do - { - :gpfs_mount_point_base => '/opt/gpfs/cinder/volumes', - } - end - - let :facts do - OSDefaults.get_facts({}) - end - context 'gpfs volume driver' do - - it 'checks gpfs backend availability' do - is_expected.to contain_cinder__backend__gpfs('DEFAULT') - end - end - -end diff --git a/cinder/spec/classes/cinder_volume_hp3par_iscsi_spec.rb b/cinder/spec/classes/cinder_volume_hp3par_iscsi_spec.rb deleted file mode 100644 index 5ac83d25e..000000000 --- a/cinder/spec/classes/cinder_volume_hp3par_iscsi_spec.rb +++ /dev/null @@ -1,45 +0,0 @@ -require 'spec_helper' - -describe 'cinder::volume::hp3par_iscsi' do - let :req_params do - { - :hp3par_api_url => 'https://172.0.0.2:8080/api/v1', - :hp3par_username => '3paradm', - :hp3par_password => 'password', - :hp3par_iscsi_ips => '172.0.0.3', - :san_ip => '172.0.0.2', - :san_login => '3paradm', - :san_password => 'password', - } - end - - let :params do - req_params - end - - describe 'hp3par_iscsi volume driver' do - it 'configure hp3par_iscsi volume driver' do - is_expected.to contain_cinder_config('DEFAULT/volume_driver').with_value('cinder.volume.drivers.san.hp.hp_3par_iscsi.HP3PARISCSIDriver') - is_expected.to contain_cinder_config('DEFAULT/hp3par_api_url').with_value('https://172.0.0.2:8080/api/v1') - is_expected.to contain_cinder_config('DEFAULT/hp3par_username').with_value('3paradm') - is_expected.to contain_cinder_config('DEFAULT/hp3par_password').with_value('password') - is_expected.to contain_cinder_config('DEFAULT/hp3par_iscsi_ips').with_value('172.0.0.3') - is_expected.to contain_cinder_config('DEFAULT/san_ip').with_value('172.0.0.2') - is_expected.to contain_cinder_config('DEFAULT/san_login').with_value('3paradm') - is_expected.to contain_cinder_config('DEFAULT/san_password').with_value('password') - end - end - - describe 'hp3par_iscsi volume driver with additional configuration' do - before :each do - params.merge!({:extra_options => {'hp3par_iscsi_backend/param1' => {'value' => 'value1'}}}) - end - - it 'configure hp3par_iscsi volume with additional configuration' do - is_expected.to contain_cinder__backend__hp3par_iscsi('DEFAULT').with({ - :extra_options => {'hp3par_iscsi_backend/param1' => {'value' => 'value1'}} - }) - end - end - -end diff --git a/cinder/spec/classes/cinder_volume_iscsi_spec.rb b/cinder/spec/classes/cinder_volume_iscsi_spec.rb deleted file mode 100644 index 8733254e7..000000000 --- a/cinder/spec/classes/cinder_volume_iscsi_spec.rb +++ /dev/null @@ -1,100 +0,0 @@ -require 'spec_helper' - -describe 'cinder::volume::iscsi' do - - let :req_params do - {:iscsi_ip_address => '127.0.0.2'} - end - - let :facts do - OSDefaults.get_facts({:osfamily => 'Debian'}) - end - - describe 'with default params' do - - let :params do - req_params - end - - it { is_expected.to contain_cinder_config('DEFAULT/volume_driver').with( - :value => 'cinder.volume.drivers.lvm.LVMVolumeDriver')} - it { is_expected.to contain_cinder_config('DEFAULT/iscsi_ip_address').with(:value => '127.0.0.2')} - it { is_expected.to contain_cinder_config('DEFAULT/iscsi_helper').with(:value => 'tgtadm')} - it { is_expected.to contain_cinder_config('DEFAULT/volume_group').with(:value => '')} - it { is_expected.to contain_cinder_config('DEFAULT/volumes_dir').with(:value => '/var/lib/cinder/volumes')} - it { is_expected.to contain_cinder_config('DEFAULT/iscsi_protocol').with(:value => '')} - - end - - describe 'with a non-default $volumes_dir' do - let(:params) { req_params.merge(:volumes_dir => '/etc/cinder/volumes')} - - it 'should contain a cinder::backend::iscsi resource with /etc/cinder/volumes as $volumes dir' do - is_expected.to contain_cinder__backend__iscsi('DEFAULT').with({ - :volumes_dir => '/etc/cinder/volumes' - }) - end - - end - - describe 'with an unsupported iscsi helper' do - let(:params) { req_params.merge(:iscsi_helper => 'fooboozoo')} - - it_raises 'a Puppet::Error', /Unsupported iscsi helper: fooboozoo/ - end - - describe 'on RHEL Platforms' do - - let :params do - req_params - end - - let :facts do - @default_facts.merge({:osfamily => 'RedHat', - :operatingsystem => 'RedHat', - :operatingsystemrelease => 6.5, - :operatingsystemmajrelease => '6'}) - end - - it { is_expected.to contain_file_line('cinder include').with( - :line => 'include /var/lib/cinder/volumes/*', - :path => '/etc/tgt/targets.conf' - ) } - - end - - describe 'with lioadm' do - - let :params do { - :iscsi_ip_address => '127.0.0.2', - :iscsi_helper => 'lioadm' - } - end - - let :facts do - @default_facts.merge({:osfamily => 'RedHat', - :operatingsystem => 'RedHat', - :operatingsystemrelease => 7.0, - :operatingsystemmajrelease => '7'}) - end - - it { is_expected.to contain_package('targetcli').with_ensure('present')} - it { is_expected.to contain_service('target').with( - :ensure => 'running', - :enable => 'true', - :require => 'Package[targetcli]' - ) } - - end - - describe 'iscsi volume driver with additional configuration' do - let(:params) { req_params.merge({:extra_options => {'iscsi_backend/param1' => {'value' => 'value1'}}}) } - - it 'configure iscsi volume with additional configuration' do - is_expected.to contain_cinder__backend__iscsi('DEFAULT').with({ - :extra_options => {'iscsi_backend/param1' => {'value' => 'value1'}} - }) - end - end - -end diff --git a/cinder/spec/classes/cinder_volume_netapp_spec.rb b/cinder/spec/classes/cinder_volume_netapp_spec.rb deleted file mode 100644 index 83bd519f4..000000000 --- a/cinder/spec/classes/cinder_volume_netapp_spec.rb +++ /dev/null @@ -1,102 +0,0 @@ -require 'spec_helper' - -describe 'cinder::volume::netapp' do - - let :facts do - OSDefaults.get_facts({}) - end - - let :params do - { - :netapp_login => 'netapp', - :netapp_password => 'password', - :netapp_server_hostname => '127.0.0.2', - :netapp_vfiler => 'netapp_vfiler', - :netapp_volume_list => 'vol1,vol2', - :netapp_vserver => 'netapp_vserver', - :netapp_partner_backend_name => 'fc2', - :netapp_copyoffload_tool_path => '/tmp/na_copyoffload_64', - :netapp_controller_ips => '10.0.0.2,10.0.0.3', - :netapp_sa_password => 'password', - :netapp_storage_pools => 'pool1,pool2', - } - end - - let :default_params do - { - :netapp_server_port => '80', - :netapp_size_multiplier => '1.2', - :netapp_storage_family => 'ontap_cluster', - :netapp_storage_protocol => 'nfs', - :netapp_transport_type => 'http', - :expiry_thres_minutes => '720', - :thres_avl_size_perc_start => '20', - :thres_avl_size_perc_stop => '60', - :nfs_shares_config => '/etc/cinder/shares.conf', - :netapp_eseries_host_type => 'linux_dm_mp', - :nfs_mount_options => '', - :netapp_webservice_path => '/devmgr/v2', - } - end - - - shared_examples_for 'netapp volume driver' do - let :params_hash do - default_params.merge(params) - end - - it 'configures netapp volume driver' do - is_expected.to contain_cinder_config('DEFAULT/volume_driver').with_value( - 'cinder.volume.drivers.netapp.common.NetAppDriver') - params_hash.each_pair do |config,value| - is_expected.to contain_cinder_config("DEFAULT/#{config}").with_value( value ) - end - end - - it 'marks netapp_password as secret' do - is_expected.to contain_cinder_config('DEFAULT/netapp_password').with_secret( true ) - end - - it 'marks netapp_sa_password as secret' do - is_expected.to contain_cinder_config('DEFAULT/netapp_sa_password').with_secret( true ) - end - end - - - context 'with default parameters' do - before do - params = {} - end - - it_configures 'netapp volume driver' - end - - context 'with provided parameters' do - it_configures 'netapp volume driver' - end - - context 'with NFS shares provided' do - let (:req_params) { params.merge!({ - :nfs_shares => ['10.0.0.1:/test1', '10.0.0.2:/test2'], - :nfs_shares_config => '/etc/cinder/shares.conf', - }) } - - it 'writes NFS shares to file' do - is_expected.to contain_file("#{req_params[:nfs_shares_config]}") - .with_content("10.0.0.1:/test1\n10.0.0.2:/test2") - end - end - - context 'with netapp volume drivers additional configuration' do - before do - params.merge!({:extra_options => {'netapp_backend/param1' => { 'value' => 'value1' }}}) - end - - it 'configure netapp volume with additional configuration' do - is_expected.to contain_cinder__backend__netapp('DEFAULT').with({ - :extra_options => {'netapp_backend/param1' => {'value' => 'value1'}} - }) - end - end - -end diff --git a/cinder/spec/classes/cinder_volume_nexenta_spec.rb b/cinder/spec/classes/cinder_volume_nexenta_spec.rb deleted file mode 100644 index c11965765..000000000 --- a/cinder/spec/classes/cinder_volume_nexenta_spec.rb +++ /dev/null @@ -1,58 +0,0 @@ -# author 'Aimon Bustardo ' -# license 'Apache License 2.0' -# description 'configures openstack cinder nexenta driver' -require 'spec_helper' - -describe 'cinder::volume::nexenta' do - - let :params do - { :nexenta_user => 'nexenta', - :nexenta_password => 'password', - :nexenta_host => '127.0.0.2', - } - end - - let :default_params do - { :nexenta_volume => 'cinder', - :nexenta_target_prefix => 'iqn:', - :nexenta_target_group_prefix => 'cinder/', - :nexenta_blocksize => '8k', - :nexenta_sparse => true } - end - - - let :facts do - { :osfamily => 'Debian' } - end - - - context 'with required params' do - let :params_hash do - default_params.merge(params) - end - - it 'configures nexenta volume driver' do - params_hash.each_pair do |config, value| - is_expected.to contain_cinder_config("DEFAULT/#{config}").with_value(value) - end - end - - it 'marks nexenta_password as secret' do - is_expected.to contain_cinder_config('DEFAULT/nexenta_password').with_secret( true ) - end - - end - - context 'nexenta volume drive with additional configuration' do - before :each do - params.merge!({:extra_options => {'nexenta_backend/param1' => {'value' => 'value1'}}}) - end - - it 'configure nexenta volume with additional configuration' do - is_expected.to contain_cinder__backend__nexenta('DEFAULT').with({ - :extra_options => {'nexenta_backend/param1' => {'value' => 'value1'}} - }) - end - - end -end diff --git a/cinder/spec/classes/cinder_volume_nfs_spec.rb b/cinder/spec/classes/cinder_volume_nfs_spec.rb deleted file mode 100644 index eb14c19ca..000000000 --- a/cinder/spec/classes/cinder_volume_nfs_spec.rb +++ /dev/null @@ -1,64 +0,0 @@ -require 'spec_helper' - -describe 'cinder::volume::nfs' do - - let :params do - { - :nfs_servers => ['10.10.10.10:/shares', '10.10.10.10:/shares2'], - :nfs_mount_options => 'vers=3', - :nfs_shares_config => '/etc/cinder/other_shares.conf', - :nfs_disk_util => 'du', - :nfs_sparsed_volumes => true, - :nfs_mount_point_base => '/cinder_mount_point', - :nfs_used_ratio => '0.95', - :nfs_oversub_ratio => '1.0', - } - end - - let :facts do - OSDefaults.get_facts({}) - end - - describe 'nfs volume driver' do - it 'configures nfs volume driver' do - is_expected.to contain_cinder_config('DEFAULT/volume_driver').with_value( - 'cinder.volume.drivers.nfs.NfsDriver') - is_expected.to contain_cinder_config('DEFAULT/nfs_shares_config').with_value( - '/etc/cinder/other_shares.conf') - is_expected.to contain_cinder_config('DEFAULT/nfs_mount_options').with_value( - 'vers=3') - is_expected.to contain_cinder_config('DEFAULT/nfs_sparsed_volumes').with_value( - true) - is_expected.to contain_cinder_config('DEFAULT/nfs_mount_point_base').with_value( - '/cinder_mount_point') - is_expected.to contain_cinder_config('DEFAULT/nfs_disk_util').with_value( - 'du') - is_expected.to contain_cinder_config('DEFAULT/nfs_used_ratio').with_value( - '0.95') - is_expected.to contain_cinder_config('DEFAULT/nfs_oversub_ratio').with_value( - '1.0') - is_expected.to contain_file('/etc/cinder/other_shares.conf').with( - :content => "10.10.10.10:/shares\n10.10.10.10:/shares2", - :require => 'Package[cinder]', - :notify => 'Service[cinder-volume]' - ) - end - end - - describe 'nfs volume driver with additional configuration' do - before :each do - params.merge!({ - :nfs_mount_attempts => 4, - :extra_options => {'nfs_backend/param1' => {'value' => 'value1'}}}) - end - - it 'configure nfs volume with additional configuration' do - is_expected.to contain_cinder__backend__nfs('DEFAULT').with({ - :nfs_mount_attempts => params[:nfs_mount_attempts], - :extra_options => {'nfs_backend/param1' => {'value' => 'value1'}} - }) - end - end - - -end diff --git a/cinder/spec/classes/cinder_volume_pure_spec.rb b/cinder/spec/classes/cinder_volume_pure_spec.rb deleted file mode 100644 index 09209fdb2..000000000 --- a/cinder/spec/classes/cinder_volume_pure_spec.rb +++ /dev/null @@ -1,62 +0,0 @@ -require 'spec_helper' - -describe 'cinder::volume::pure' do - - let :req_params do - { - :san_ip => '127.0.0.2', - :pure_api_token => 'abc123def456ghi789' - } - end - - describe 'pure volume driver defaults' do - let :params do - req_params - end - - it 'configure pure volume driver' do - is_expected.to contain_cinder__backend__pure('DEFAULT') - end - end - - describe 'pure iscsi volume driver' do - let :params do - req_params.merge({ - 'pure_storage_protocol' => 'iSCSI', - 'use_chap_auth' => 'true' - }) - end - - it 'configure pure volume driver' do - is_expected.to contain_cinder__backend__pure('DEFAULT').with({ - :pure_storage_protocol => 'iSCSI', - :use_chap_auth => 'true' - }) - end - end - - describe 'pure fc volume driver' do - let :params do - req_params.merge({'pure_storage_protocol' => 'FC'}) - end - - it 'configure pure volume driver' do - is_expected.to contain_cinder__backend__pure('DEFAULT').with({ - :pure_storage_protocol => 'FC' - }) - end - end - - describe 'pure volume driver with additional configuration' do - let :params do - req_params.merge({:extra_options => {'pure_backend/param1' => {'value' => 'value1'}}}) - end - - it 'configure pure volume with additional configuration' do - is_expected.to contain_cinder__backend__pure('DEFAULT').with({ - :extra_options => {'pure_backend/param1' => {'value' => 'value1'}} - }) - end - end - -end diff --git a/cinder/spec/classes/cinder_volume_quobyte_spec.rb b/cinder/spec/classes/cinder_volume_quobyte_spec.rb deleted file mode 100644 index d9d8c0119..000000000 --- a/cinder/spec/classes/cinder_volume_quobyte_spec.rb +++ /dev/null @@ -1,39 +0,0 @@ -require 'spec_helper' - -describe 'cinder::volume::quobyte' do - - shared_examples_for 'quobyte volume driver' do - let :params do - { - :quobyte_volume_url => 'quobyte://quobyte.cluster.example.com/volume-name', - :quobyte_qcow2_volumes => false, - :quobyte_sparsed_volumes => true, - } - end - - it 'configures quobyte volume driver' do - is_expected.to contain_cinder_config('DEFAULT/volume_driver').with_value( - 'cinder.volume.drivers.quobyte.QuobyteDriver') - is_expected.to contain_cinder_config('DEFAULT/quobyte_volume_url').with_value( - 'quobyte://quobyte.cluster.example.com/volume-name') - is_expected.to contain_cinder_config('DEFAULT/quobyte_qcow2_volumes').with_value( - false) - is_expected.to contain_cinder_config('DEFAULT/quobyte_sparsed_volumes').with_value( - true) - end - - end - - on_supported_os({ - :supported_os => OSDefaults.get_supported_os - }).each do |os,facts| - context "on #{os}" do - let (:facts) do - facts.merge(OSDefaults.get_facts({:processorcount => 8})) - end - - it_configures 'quobyte volume driver' - end - end - -end diff --git a/cinder/spec/classes/cinder_volume_rbd_spec.rb b/cinder/spec/classes/cinder_volume_rbd_spec.rb deleted file mode 100644 index 3899be642..000000000 --- a/cinder/spec/classes/cinder_volume_rbd_spec.rb +++ /dev/null @@ -1,90 +0,0 @@ -require 'spec_helper' - -describe 'cinder::volume::rbd' do - - let :req_params do - { - :rbd_pool => 'volumes', - :rbd_user => 'test', - :rbd_secret_uuid => '', - :rbd_ceph_conf => '/foo/boo/zoo/ceph.conf', - :rbd_flatten_volume_from_snapshot => true, - :volume_tmp_dir => '', - :rbd_max_clone_depth => '0', - :rados_connect_timeout => '', - :rados_connection_interval => '', - :rados_connection_retries => '', - :rbd_store_chunk_size => '' - } - end - - it { is_expected.to contain_class('cinder::params') } - - let :params do - req_params - end - - let :facts do - OSDefaults.get_facts({:osfamily => 'Debian'}) - end - - describe 'rbd volume driver' do - it 'configure rbd volume driver' do - is_expected.to contain_cinder_config('DEFAULT/volume_driver').with_value('cinder.volume.drivers.rbd.RBDDriver') - - is_expected.to contain_cinder_config('DEFAULT/rbd_ceph_conf').with_value(req_params[:rbd_ceph_conf]) - is_expected.to contain_cinder_config('DEFAULT/rbd_flatten_volume_from_snapshot').with_value(req_params[:rbd_flatten_volume_from_snapshot]) - is_expected.to contain_cinder_config('DEFAULT/volume_tmp_dir').with_value(req_params[:volume_tmp_dir]) - is_expected.to contain_cinder_config('DEFAULT/rbd_max_clone_depth').with_value(req_params[:rbd_max_clone_depth]) - is_expected.to contain_cinder_config('DEFAULT/rbd_pool').with_value(req_params[:rbd_pool]) - is_expected.to contain_cinder_config('DEFAULT/rbd_user').with_value(req_params[:rbd_user]) - is_expected.to contain_cinder_config('DEFAULT/rbd_secret_uuid').with_value(req_params[:rbd_secret_uuid]) - is_expected.to contain_cinder_config('DEFAULT/rados_connect_timeout').with_value(req_params[:rados_connect_timeout]) - is_expected.to contain_cinder_config('DEFAULT/rados_connection_interval').with_value(req_params[:rados_connection_interval]) - is_expected.to contain_cinder_config('DEFAULT/rados_connection_retries').with_value(req_params[:rados_connection_retries]) - is_expected.to contain_cinder_config('DEFAULT/rbd_store_chunk_size').with_value(req_params[:rbd_store_chunk_size]) - is_expected.to contain_file('/etc/init/cinder-volume.override').with(:ensure => 'present') - is_expected.to contain_file_line('set initscript env DEFAULT').with( - :line => /env CEPH_ARGS=\"--id test\"/, - :path => '/etc/init/cinder-volume.override', - :notify => 'Service[cinder-volume]') - end - - end - - describe 'rbd volume driver with additional configuration' do - before :each do - params.merge!({:extra_options => {'rbd_backend/param1' => {'value' => 'value1'}}}) - end - it 'configure rbd volume with additional configuration' do - is_expected.to contain_cinder__backend__rbd('DEFAULT').with({ - :extra_options => {'rbd_backend/param1' => {'value' => 'value1'}} - }) - end - end - - describe 'with RedHat' do - let :facts do - @default_facts.merge({ :osfamily => 'RedHat' }) - end - - let :params do - req_params - end - - it 'should ensure that the cinder-volume sysconfig file is present' do - is_expected.to contain_file('/etc/sysconfig/openstack-cinder-volume').with( - :ensure => 'present' - ) - end - - it 'should configure RedHat init override' do - is_expected.to contain_file_line('set initscript env DEFAULT').with( - :line => /export CEPH_ARGS=\"--id test\"/, - :path => '/etc/sysconfig/openstack-cinder-volume', - :notify => 'Service[cinder-volume]') - end - end - -end - diff --git a/cinder/spec/classes/cinder_volume_san_spec.rb b/cinder/spec/classes/cinder_volume_san_spec.rb deleted file mode 100644 index e899173ef..000000000 --- a/cinder/spec/classes/cinder_volume_san_spec.rb +++ /dev/null @@ -1,58 +0,0 @@ -require 'spec_helper' - -describe 'cinder::volume::san' do - - let :params do - { :volume_driver => 'cinder.volume.san.SolarisISCSIDriver', - :san_ip => '127.0.0.1', - :san_login => 'cluster_operator', - :san_password => '007', - :san_clustername => 'storage_cluster', - } - end - - let :default_params do - { :san_thin_provision => true, - :san_login => 'admin', - :san_ssh_port => 22, - :san_is_local => false, - :ssh_conn_timeout => 30, - :ssh_min_pool_conn => 1, - :ssh_max_pool_conn => 5 } - end - - shared_examples_for 'a san volume driver' do - let :params_hash do - default_params.merge(params) - end - - it 'configures cinder volume driver' do - params_hash.each_pair do |config,value| - is_expected.to contain_cinder_config("DEFAULT/#{config}").with_value( value ) - end - end - - it 'marks san_password as secret' do - is_expected.to contain_cinder_config('DEFAULT/san_password').with_secret( true ) - end - - end - - - context 'with parameters' do - it_configures 'a san volume driver' - end - - context 'san volume driver with additional configuration' do - before :each do - params.merge!({:extra_options => { 'san_backend/param1' => {'value' => 'value1'}}}) - end - - it 'configure san volume with additional configuration' do - is_expected.to contain_cinder__backend__san('DEFAULT').with({ - :extra_options => {'san_backend/param1' => {'value' => 'value1'}} - }) - end - - end -end diff --git a/cinder/spec/classes/cinder_volume_solidfire_spec.rb b/cinder/spec/classes/cinder_volume_solidfire_spec.rb deleted file mode 100644 index e71df76c9..000000000 --- a/cinder/spec/classes/cinder_volume_solidfire_spec.rb +++ /dev/null @@ -1,70 +0,0 @@ -require 'spec_helper' - -describe 'cinder::volume::solidfire' do - let :req_params do - { - :san_ip => '127.0.0.2', - :san_login => 'solidfire_login', - :san_password => 'password', - } - end - - let :params do - req_params - end - - shared_examples_for 'solidfire volume driver' do - it 'configure solidfire volume driver' do - is_expected.to contain_cinder_config('DEFAULT/volume_driver' - ).with_value('cinder.volume.drivers.solidfire.SolidFireDriver') - is_expected.to contain_cinder_config('DEFAULT/san_ip' - ).with_value('127.0.0.2') - is_expected.to contain_cinder_config('DEFAULT/san_login' - ).with_value('solidfire_login') - is_expected.to contain_cinder_config('DEFAULT/san_password' - ).with_value('password') - is_expected.to contain_cinder_config('DEFAULT/sf_template_account_name' - ).with_value('openstack-vtemplate') - is_expected.to contain_cinder_config('DEFAULT/sf_allow_template_caching' - ).with_value(false) - is_expected.to contain_cinder_config('DEFAULT/volume_backend_name' - ).with_value('solidfire') - is_expected.to contain_cinder_config('DEFAULT/sf_emulate_512' - ).with_value(true) - is_expected.to contain_cinder_config('DEFAULT/sf_allow_tenant_qos' - ).with_value(false) - is_expected.to contain_cinder_config('DEFAULT/sf_account_prefix' - ).with_value('') - is_expected.to contain_cinder_config('DEFAULT/sf_api_port' - ).with_value('443') - is_expected.to contain_cinder_config('DEFAULT/sf_volume_prefix' - ).with_value('UUID-') - is_expected.to contain_cinder_config('DEFAULT/sf_svip' - ).with_value('') - is_expected.to contain_cinder_config('DEFAULT/sf_enable_volume_mapping' - ).with_value(true) - is_expected.to contain_cinder_config('DEFAULT/sf_enable_vag' - ).with_value(false) - end - - it 'marks san_password as secret' do - is_expected.to contain_cinder_config('DEFAULT/san_password' - ).with_secret( true ) - end - - end - - context 'with solidfire volume drivers additional configuration' do - before do - params.merge!({:extra_options => {'solidfire_backend/param1' => - { 'value' => 'value1' }}}) - end - - it 'configure solidfire volume with additional configuration' do - is_expected.to contain_cinder__backend__solidfire('DEFAULT').with({ - :extra_options => {'solidfire_backend/param1' => {'value' => 'value1'}} - }) - end - end - -end diff --git a/cinder/spec/classes/cinder_volume_spec.rb b/cinder/spec/classes/cinder_volume_spec.rb deleted file mode 100644 index aaed49ff5..000000000 --- a/cinder/spec/classes/cinder_volume_spec.rb +++ /dev/null @@ -1,45 +0,0 @@ -require 'spec_helper' - -describe 'cinder::volume' do - - let :pre_condition do - 'class { "cinder": rabbit_password => "fpp", database_connection => "mysql://a:b@c/d" }' - end - - let :facts do - OSDefaults.get_facts({:osfamily => 'Debian'}) - end - - it { is_expected.to contain_package('cinder-volume').with_ensure('present') } - it { is_expected.to contain_service('cinder-volume').with( - 'hasstatus' => true, - 'tag' => 'cinder-service', - )} - it { is_expected.to contain_cinder_config('DEFAULT/volume_clear').with_value('') } - it { is_expected.to contain_cinder_config('DEFAULT/volume_clear_size').with_value('') } - it { is_expected.to contain_cinder_config('DEFAULT/volume_clear_ionice').with_value('') } - - describe 'with manage_service false' do - let :params do - { 'manage_service' => false } - end - it 'should not change the state of the service' do - is_expected.to contain_service('cinder-volume').without_ensure - end - end - - describe 'with volume_clear parameters' do - let :params do - { - 'volume_clear' => 'none', - 'volume_clear_size' => '10', - 'volume_clear_ionice' => '-c3', - } - end - it 'should set volume_clear parameters' do - is_expected.to contain_cinder_config('DEFAULT/volume_clear').with_value('none') - is_expected.to contain_cinder_config('DEFAULT/volume_clear_size').with_value('10') - is_expected.to contain_cinder_config('DEFAULT/volume_clear_ionice').with_value('-c3') - end - end -end diff --git a/cinder/spec/classes/cinder_volume_vmdk_spec.rb b/cinder/spec/classes/cinder_volume_vmdk_spec.rb deleted file mode 100644 index 856521e3f..000000000 --- a/cinder/spec/classes/cinder_volume_vmdk_spec.rb +++ /dev/null @@ -1,80 +0,0 @@ -require 'spec_helper' - -describe 'cinder::volume::vmdk' do - - let :facts do - OSDefaults.get_facts({:osfamily => 'Debian'}) - end - - let :params do - { - :host_ip => '172.16.16.16', - :host_password => 'asdf', - :host_username => 'user' - } - end - - let :optional_params do - { - :volume_folder => 'cinder-volume-folder', - :api_retry_count => 5, - :max_object_retrieval => 200, - :task_poll_interval => 10, - :image_transfer_timeout_secs => 3600, - :wsdl_location => 'http://127.0.0.1:8080/vmware/SDK/wsdl/vim25/vimService.wsdl', - :extra_options => { 'vmdk_backend/param1' => { 'value' => 'value1' }} - } - end - - it 'should configure vmdk driver in cinder.conf' do - is_expected.to contain_cinder_config('DEFAULT/volume_driver').with_value('cinder.volume.drivers.vmware.vmdk.VMwareVcVmdkDriver') - is_expected.to contain_cinder_config('DEFAULT/vmware_host_ip').with_value(params[:host_ip]) - is_expected.to contain_cinder_config('DEFAULT/vmware_host_username').with_value(params[:host_username]) - is_expected.to contain_cinder_config('DEFAULT/vmware_host_password').with_value(params[:host_password]) - is_expected.to contain_cinder_config('DEFAULT/vmware_volume_folder').with_value('cinder-volumes') - is_expected.to contain_cinder_config('DEFAULT/vmware_api_retry_count').with_value(10) - is_expected.to contain_cinder_config('DEFAULT/vmware_max_object_retrieval').with_value(100) - is_expected.to contain_cinder_config('DEFAULT/vmware_task_poll_interval').with_value(5) - is_expected.to contain_cinder_config('DEFAULT/vmware_image_transfer_timeout_secs').with_value(7200) - is_expected.to contain_cinder_config('DEFAULT/vmware_wsdl_location').with_value('') - end - - it 'marks vmware_host_password as secret' do - is_expected.to contain_cinder_config('DEFAULT/vmware_host_password').with_secret( true ) - end - - it 'installs vmdk python driver' do - is_expected.to contain_package('python-suds').with( - :ensure => 'present' - ) - end - - context 'with optional parameters' do - before :each do - params.merge!(optional_params) - end - - it 'should configure vmdk driver in cinder.conf' do - is_expected.to contain_cinder_config('DEFAULT/vmware_volume_folder').with_value(params[:volume_folder]) - is_expected.to contain_cinder_config('DEFAULT/vmware_api_retry_count').with_value(params[:api_retry_count]) - is_expected.to contain_cinder_config('DEFAULT/vmware_max_object_retrieval').with_value(params[:max_object_retrieval]) - is_expected.to contain_cinder_config('DEFAULT/vmware_task_poll_interval').with_value(params[:task_poll_interval]) - is_expected.to contain_cinder_config('DEFAULT/vmware_image_transfer_timeout_secs').with_value(params[:image_transfer_timeout_secs]) - is_expected.to contain_cinder_config('DEFAULT/vmware_wsdl_location').with_value(params[:wsdl_location]) - end - end - - context 'vmdk volume driver with additional configuration' do - before :each do - params.merge!({:extra_options => { 'vmdk_backend/param1' => { 'value' => 'value1' }}}) - end - - it 'configure vmdk volume with additional configuration' do - is_expected.to contain_cinder__backend__vmdk('DEFAULT').with({ - :extra_options => {'vmdk_backend/param1' => {'value' => 'value1'}} - }) - end - - end - -end diff --git a/cinder/spec/defines/cinder_backend_bdd_spec.rb b/cinder/spec/defines/cinder_backend_bdd_spec.rb deleted file mode 100644 index 65b183a8e..000000000 --- a/cinder/spec/defines/cinder_backend_bdd_spec.rb +++ /dev/null @@ -1,103 +0,0 @@ -require 'spec_helper' - -describe 'cinder::backend::bdd' do - - let(:title) { 'hippo' } - - let :params do { - :iscsi_ip_address => '127.0.0.2', - :available_devices => '/dev/sda', - } - end - - shared_examples_for 'cinder block device' do - context 'with default parameters' do - it 'should configure bdd driver in cinder.conf with defaults' do - should contain_cinder_config('hippo/volume_backend_name').with_value('hippo') - should contain_cinder_config('hippo/volume_driver').with_value('cinder.volume.drivers.block_device.BlockDeviceDriver') - should contain_cinder_config('hippo/available_devices').with_value('/dev/sda') - should contain_cinder_config('hippo/iscsi_helper').with_value('tgtadm') - should contain_cinder_config('hippo/volumes_dir').with_value('/var/lib/cinder/volumes') - should contain_cinder_config('hippo/iscsi_ip_address').with_value('127.0.0.2') - should contain_cinder_config('hippo/volume_group').with_value('') - should contain_cinder_config('hippo/iscsi_protocol').with_value('') - should contain_cinder_config('hippo/volume_clear').with_value('') - end - end - - context 'with optional parameters' do - before :each do - params.merge!({ - :iscsi_ip_address => '10.20.0.2', - :available_devices => '/dev/sdb,/dev/sdc', - :volumes_dir => '/var/lib/cinder/bdd-volumes', - :volume_clear => 'zero', - :volume_group => 'cinder', - :iscsi_helper => 'lioadm', - }) - end - - it 'should configure bdd driver in cinder.conf' do - should contain_cinder_config('hippo/available_devices').with_value('/dev/sdb,/dev/sdc') - should contain_cinder_config('hippo/volumes_dir').with_value('/var/lib/cinder/bdd-volumes') - should contain_cinder_config('hippo/iscsi_ip_address').with_value('10.20.0.2') - should contain_cinder_config('hippo/iscsi_helper').with_value('lioadm') - should contain_cinder_config('hippo/volume_group').with_value('cinder') - should contain_cinder_config('hippo/volume_clear').with_value('zero') - end - end - - context 'block device backend with additional configuration' do - before do - params.merge!({:extra_options => {'hippo/param1' => { 'value' => 'value1' }}}) - end - - it 'configure vmdk backend with additional configuration' do - is_expected.to contain_cinder_config('hippo/param1').with({ - :value => 'value1' - }) - end - end - end - - shared_examples_for 'check needed daemons' do - context 'tgtadm helper' do - it 'is expected to have tgtd daemon' do - is_expected.to contain_package('tgt').with(:ensure => :present) - is_expected.to contain_service('tgtd').with(:ensure => :running) - end - end - - context 'lioadm helper' do - before do - params.merge!({:iscsi_helper => 'lioadm'}) - end - it 'is expected to have target daemon' do - is_expected.to contain_package('targetcli').with(:ensure => :present) - is_expected.to contain_service('target').with(:ensure => :running) - end - end - - context 'wrong helper' do - before do - params.merge!({:iscsi_helper => 'fake'}) - end - it 'is expected to raise error' do - is_expected.to raise_error(Puppet::Error, /Unsupported iscsi helper: fake/) - end - end - end - - on_supported_os({ - :supported_os => OSDefaults.get_supported_os - }).each do |os,facts| - context "on #{os}" do - let (:facts) do - facts.merge!(OSDefaults.get_facts()) - end - - it_configures 'cinder block device' - it_configures 'check needed daemons' - end - end -end diff --git a/cinder/spec/defines/cinder_backend_dellsc_iscsi_spec.rb b/cinder/spec/defines/cinder_backend_dellsc_iscsi_spec.rb deleted file mode 100644 index 1ab3f4dd7..000000000 --- a/cinder/spec/defines/cinder_backend_dellsc_iscsi_spec.rb +++ /dev/null @@ -1,63 +0,0 @@ -require 'spec_helper' - -describe 'cinder::backend::dellsc_iscsi' do - - let (:config_group_name) { 'dellsc_iscsi' } - - let (:title) { config_group_name } - - let :params do - { - :san_ip => '172.23.8.101', - :san_login => 'Admin', - :san_password => '12345', - :iscsi_ip_address => '192.168.0.20', - :dell_sc_ssn => '64720', - } - end - - let :default_params do - { - :dell_sc_api_port => '', - :dell_sc_server_folder => 'srv', - :dell_sc_verify_cert => '', - :dell_sc_volume_folder => 'vol', - :iscsi_port => '', - } - end - - let :facts do - OSDefaults.get_facts({}) - end - - shared_examples_for 'dellsc_iscsi volume driver' do - let :params_hash do - default_params.merge(params) - end - - it 'configures cinder volume driver' do - is_expected.to contain_cinder__backend__dellsc_iscsi(config_group_name) - params_hash.each_pair do |config,value| - is_expected.to contain_cinder_config("#{config_group_name}/#{config}").with_value( value ) - end - end - end - - - context 'with parameters' do - it_configures 'dellsc_iscsi volume driver' - end - - context 'dellsc_iscsi backend with additional configuration' do - before do - params.merge!({:extra_options => {'dellsc_iscsi/param1' => { 'value' => 'value1' }}}) - end - - it 'configure dellsc_iscsi backend with additional configuration' do - is_expected.to contain_cinder_config('dellsc_iscsi/param1').with({ - :value => 'value1' - }) - end - end - -end diff --git a/cinder/spec/defines/cinder_backend_emc_vnx_spec.rb b/cinder/spec/defines/cinder_backend_emc_vnx_spec.rb deleted file mode 100644 index 996dd02c4..000000000 --- a/cinder/spec/defines/cinder_backend_emc_vnx_spec.rb +++ /dev/null @@ -1,47 +0,0 @@ -require 'spec_helper' - -describe 'cinder::backend::emc_vnx' do - let (:title) { 'emc' } - - let :req_params do - { - :san_ip => '127.0.0.2', - :san_login => 'emc', - :san_password => 'password', - :iscsi_ip_address => '127.0.0.3', - :storage_vnx_pool_name => 'emc-storage-pool' - } - end - - let :facts do - {:osfamily => 'Redhat' } - end - - let :params do - req_params - end - - describe 'emc vnx volume driver' do - it 'configure emc vnx volume driver' do - is_expected.to contain_cinder_config('emc/volume_driver').with_value('cinder.volume.drivers.emc.emc_cli_iscsi.EMCCLIISCSIDriver') - is_expected.to contain_cinder_config('emc/san_ip').with_value('127.0.0.2') - is_expected.to contain_cinder_config('emc/san_login').with_value('emc') - is_expected.to contain_cinder_config('emc/san_password').with_value('password') - is_expected.to contain_cinder_config('emc/iscsi_ip_address').with_value('127.0.0.3') - is_expected.to contain_cinder_config('emc/storage_vnx_pool_name').with_value('emc-storage-pool') - end - end - - describe 'emc vnx backend with additional configuration' do - before :each do - params.merge!({:extra_options => {'emc/param1' => {'value' => 'value1'}}}) - end - - it 'configure emc vnx backend with additional configuration' do - is_expected.to contain_cinder_config('emc/param1').with({ - :value => 'value1', - }) - end - end - -end diff --git a/cinder/spec/defines/cinder_backend_eqlx_spec.rb b/cinder/spec/defines/cinder_backend_eqlx_spec.rb deleted file mode 100644 index d19940e90..000000000 --- a/cinder/spec/defines/cinder_backend_eqlx_spec.rb +++ /dev/null @@ -1,62 +0,0 @@ -require 'spec_helper' - -describe 'cinder::backend::eqlx' do - let (:config_group_name) { 'eqlx-1' } - - let (:title) { config_group_name } - - let :params do - { - :san_ip => '192.168.100.10', - :san_login => 'grpadmin', - :san_password => '12345', - :volume_backend_name => 'Dell_EQLX', - :san_thin_provision => '', - :eqlx_group_name => '', - :eqlx_pool => 'apool', - :eqlx_use_chap => true, - :eqlx_chap_login => 'chapadm', - :eqlx_chap_password => '56789', - :eqlx_cli_timeout => 31, - :eqlx_cli_max_retries => 6, - } - end - - shared_examples_for 'eqlx volume driver' do - it 'configure eqlx volume driver' do - is_expected.to contain_cinder__backend__eqlx(config_group_name) - is_expected.to contain_cinder_config( - "#{config_group_name}/volume_driver").with_value( - 'cinder.volume.drivers.eqlx.DellEQLSanISCSIDriver') - params.each_pair do |config,value| - is_expected.to contain_cinder_config( - "#{config_group_name}/#{config}").with_value(value) - end - end - end - - describe 'eqlx backend with additional configuration' do - before :each do - params.merge!({:extra_options => {'eqlx-1/param1' => {'value' => 'value1'}}}) - end - - it 'configure eqlx backend with additional configuration' do - is_expected.to contain_cinder_config('eqlx-1/param1').with({ - :value => 'value1', - }) - end - end - - context 'eqlx backend with chap' do - before :each do - params.merge!({ - :eqlx_use_chap => true, - :eqlx_chap_login => 'myuser', - :eqlx_chap_password => 'mypass' - }) - end - it_configures 'eqlx volume driver' - end - - -end diff --git a/cinder/spec/defines/cinder_backend_glusterfs_spec.rb b/cinder/spec/defines/cinder_backend_glusterfs_spec.rb deleted file mode 100644 index 2475cdbbb..000000000 --- a/cinder/spec/defines/cinder_backend_glusterfs_spec.rb +++ /dev/null @@ -1,66 +0,0 @@ -require 'spec_helper' - -describe 'cinder::backend::glusterfs' do - - shared_examples_for 'glusterfs volume driver' do - let(:title) {'mygluster'} - - let :facts do - OSDefaults.get_facts({}) - end - - let :params do - { - :glusterfs_shares => ['10.10.10.10:/volumes', '10.10.10.11:/volumes'], - :glusterfs_shares_config => '/etc/cinder/other_shares.conf', - :glusterfs_sparsed_volumes => true, - :glusterfs_mount_point_base => '/cinder_mount_point', - } - end - - it 'configures glusterfs volume driver' do - is_expected.to contain_cinder_config('mygluster/volume_driver').with_value( - 'cinder.volume.drivers.glusterfs.GlusterfsDriver') - is_expected.to contain_cinder_config('mygluster/glusterfs_backup_mount_point').with_value( - '') - is_expected.to contain_cinder_config('mygluster/glusterfs_backup_share').with_value( - '') - is_expected.to contain_cinder_config('mygluster/glusterfs_shares_config').with_value( - '/etc/cinder/other_shares.conf') - is_expected.to contain_cinder_config('mygluster/glusterfs_sparsed_volumes').with_value( - true) - is_expected.to contain_cinder_config('mygluster/glusterfs_mount_point_base').with_value( - '/cinder_mount_point') - is_expected.to contain_file('/etc/cinder/other_shares.conf').with( - :content => "10.10.10.10:/volumes\n10.10.10.11:/volumes\n", - :require => 'Package[cinder]', - :notify => 'Service[cinder-volume]' - ) - end - - context 'glusterfs backend with additional configuration' do - before do - params.merge!({:extra_options => {'mygluster/param1' => { 'value' => 'value1' }}}) - end - - it 'configure glusterfs backend with additional configuration' do - is_expected.to contain_cinder_config('mygluster/param1').with({ - :value => 'value1' - }) - end - - end - end - - on_supported_os({ - :supported_os => OSDefaults.get_supported_os - }).each do |os,facts| - context "on #{os}" do - let (:facts) do - facts.merge(OSDefaults.get_facts({:processorcount => 8})) - end - - it_configures 'glusterfs volume driver' - end - end -end diff --git a/cinder/spec/defines/cinder_backend_gpfs_spec.rb b/cinder/spec/defines/cinder_backend_gpfs_spec.rb deleted file mode 100644 index 8810aa737..000000000 --- a/cinder/spec/defines/cinder_backend_gpfs_spec.rb +++ /dev/null @@ -1,99 +0,0 @@ -require 'spec_helper' - -describe 'cinder::backend::gpfs' do - - let (:title) { 'gpfs' } - - let :params do - { - :gpfs_mount_point_base => '/opt/gpfs/cinder/volumes', - } - end - - let :default_params do - { - :gpfs_max_clone_depth => '', - :gpfs_sparse_volumes => '', - :gpfs_storage_pool => '', - :gpfs_images_dir => '', - :gpfs_images_share_mode => '', - } - end - - let :custom_params do - { - :gpfs_max_clone_depth => 1, - :gpfs_sparse_volumes => false, - :gpfs_storage_pool => 'foo', - } - end - - let :facts do - OSDefaults.get_facts({}) - end - - shared_examples_for 'gpfs volume driver' do - let :params_hash do - default_params.merge(params) - end - - it 'configures gpfs volume driver' do - is_expected.to contain_cinder_config('gpfs/volume_driver').with_value( - 'cinder.volume.drivers.ibm.gpfs.GPFSDriver') - params_hash.each_pair do |config,value| - is_expected.to contain_cinder_config("gpfs/#{config}").with_value( value ) - end - end - end - - context 'with default parameters' do - it_configures 'gpfs volume driver' - end - - context 'with additional image parameters' do - before do - params.merge!({ - :gpfs_images_dir => '/gpfs/glance/images', - :gpfs_images_share_mode => 'copy_on_write', - }) - end - it_configures 'gpfs volume driver' - end - - context 'with custom parameters' do - before do - params.merge(custom_params) - end - it_configures 'gpfs volume driver' - end - - context 'with image share mode but without image path' do - before do - params.merge!({ - :gpfs_images_share_mode => 'copy_on_write', - }) - end - it_raises 'a Puppet::Error', /gpfs_images_share_mode only in conjunction with gpfs_images_dir/ - end - - context 'with wrong gpfs_images_share_mode' do - before do - params.merge!({ - :gpfs_images_share_mode => 'foo', - }) - end - it_raises 'a Puppet::Error', /gpfs_images_share_mode only support `copy` or `copy_on_write`/ - end - - context 'gpfs backend with additional configuration' do - before do - params.merge!({:extra_options => {'gpfs/param1' => { 'value' => 'value1' }}}) - end - - it 'configure gpfs backend with additional configuration' do - is_expected.to contain_cinder_config('gpfs/param1').with({ - :value => 'value1' - }) - end - end -end diff --git a/cinder/spec/defines/cinder_backend_hp3par_iscsi_spec.rb b/cinder/spec/defines/cinder_backend_hp3par_iscsi_spec.rb deleted file mode 100644 index 06c68f71f..000000000 --- a/cinder/spec/defines/cinder_backend_hp3par_iscsi_spec.rb +++ /dev/null @@ -1,47 +0,0 @@ -require 'spec_helper' - -describe 'cinder::backend::hp3par_iscsi' do - let (:title) { 'hp3par_iscsi' } - - let :req_params do - { - :hp3par_api_url => 'https://172.0.0.2:8080/api/v1', - :hp3par_username => '3paradm', - :hp3par_password => 'password', - :hp3par_iscsi_ips => '172.0.0.3', - :san_ip => '172.0.0.2', - :san_login => '3paradm', - :san_password => 'password', - } - end - - let :params do - req_params - end - - describe 'hp3par_iscsi volume driver' do - it 'configure hp3par_iscsi volume driver' do - is_expected.to contain_cinder_config('hp3par_iscsi/volume_driver').with_value('cinder.volume.drivers.san.hp.hp_3par_iscsi.HP3PARISCSIDriver') - is_expected.to contain_cinder_config('hp3par_iscsi/hp3par_api_url').with_value('https://172.0.0.2:8080/api/v1') - is_expected.to contain_cinder_config('hp3par_iscsi/hp3par_username').with_value('3paradm') - is_expected.to contain_cinder_config('hp3par_iscsi/hp3par_password').with_value('password') - is_expected.to contain_cinder_config('hp3par_iscsi/hp3par_iscsi_ips').with_value('172.0.0.3') - is_expected.to contain_cinder_config('hp3par_iscsi/san_ip').with_value('172.0.0.2') - is_expected.to contain_cinder_config('hp3par_iscsi/san_login').with_value('3paradm') - is_expected.to contain_cinder_config('hp3par_iscsi/san_password').with_value('password') - end - end - - describe 'hp3par_iscsi backend with additional configuration' do - before :each do - params.merge!({:extra_options => {'hp3par_iscsi/param1' => {'value' => 'value1'}}}) - end - - it 'configure hp3par_iscsi backend with additional configuration' do - is_expected.to contain_cinder_config('hp3par_iscsi/param1').with({ - :value => 'value1', - }) - end - end - -end diff --git a/cinder/spec/defines/cinder_backend_iscsi_spec.rb b/cinder/spec/defines/cinder_backend_iscsi_spec.rb deleted file mode 100644 index 0451a77d6..000000000 --- a/cinder/spec/defines/cinder_backend_iscsi_spec.rb +++ /dev/null @@ -1,96 +0,0 @@ -require 'spec_helper' - -describe 'cinder::backend::iscsi' do - - let(:title) {'hippo'} - - let :req_params do { - :iscsi_ip_address => '127.0.0.2', - :iscsi_helper => 'tgtadm', - } - end - - let :facts do - OSDefaults.get_facts({:osfamily => 'Debian'}) - end - - let :params do - req_params - end - - let :iser_params do - {:iscsi_protocol => 'iser'} - end - - let :volumes_dir_params do - {:volumes_dir => '/etc/cinder/volumes'} - end - - describe 'with default params' do - - it 'should configure iscsi driver' do - is_expected.to contain_cinder_config('hippo/volume_backend_name').with( - :value => 'hippo') - is_expected.to contain_cinder_config('hippo/volume_driver').with( - :value => 'cinder.volume.drivers.lvm.LVMVolumeDriver') - is_expected.to contain_cinder_config('hippo/iscsi_ip_address').with( - :value => '127.0.0.2') - is_expected.to contain_cinder_config('hippo/iscsi_helper').with( - :value => 'tgtadm') - is_expected.to contain_cinder_config('hippo/volume_group').with( - :value => '') - is_expected.to contain_cinder_config('hippo/volumes_dir').with( - :value => '/var/lib/cinder/volumes') - is_expected.to contain_cinder_config('hippo/iscsi_protocol').with( - :value => '') - end - end - - describe 'with iser protocol' do - before :each do - params.merge!(iser_params) - end - - it 'should configure iscsi driver with iser protocol' do - is_expected.to contain_cinder_config('hippo/iscsi_protocol').with( - :value => 'iser') - end - end - - describe 'with non-default $volumes_dir' do - before :each do - params.merge!(volumes_dir_params) - end - - it 'should configure iscsi driver with /etc/cinder/volumes as volumes_dir' do - is_expected.to contain_cinder_config('hippo/volumes_dir').with( - :value => '/etc/cinder/volumes' - ) - end - end - - describe 'iscsi backend with additional configuration' do - before :each do - params.merge!({:extra_options => {'hippo/param1' => {'value' => 'value1'}}}) - end - - it 'configure iscsi backend with additional configuration' do - is_expected.to contain_cinder_config('hippo/param1').with({ - :value => 'value1', - }) - end - end - - describe 'with RedHat' do - - let :facts do - {:osfamily => 'RedHat'} - end - - it { is_expected.to contain_file_line('cinder include').with( - :line => 'include /var/lib/cinder/volumes/*', - :path => '/etc/tgt/targets.conf' - ) } - - end -end diff --git a/cinder/spec/defines/cinder_backend_netapp_spec.rb b/cinder/spec/defines/cinder_backend_netapp_spec.rb deleted file mode 100644 index 5a818f6be..000000000 --- a/cinder/spec/defines/cinder_backend_netapp_spec.rb +++ /dev/null @@ -1,138 +0,0 @@ -require 'spec_helper' - -describe 'cinder::backend::netapp' do - - let(:title) {'netapp'} - - let :facts do - OSDefaults.get_facts({}) - end - - let :params do - { - :volume_backend_name => 'netapp-cdot-nfs', - :netapp_login => 'netapp', - :netapp_password => 'password', - :netapp_server_hostname => '127.0.0.2', - :netapp_vfiler => 'netapp_vfiler', - :netapp_volume_list => 'vol1,vol2', - :netapp_vserver => 'netapp_vserver', - :netapp_partner_backend_name => 'fc2', - :netapp_copyoffload_tool_path => '/tmp/na_copyoffload_64', - :netapp_controller_ips => '10.0.0.2,10.0.0.3', - :netapp_sa_password => 'password', - :netapp_storage_pools => 'pool1,pool2', - } - end - - let :default_params do - { - :netapp_server_port => '80', - :netapp_size_multiplier => '1.2', - :netapp_storage_family => 'ontap_cluster', - :netapp_storage_protocol => 'nfs', - :netapp_transport_type => 'http', - :expiry_thres_minutes => '720', - :thres_avl_size_perc_start => '20', - :thres_avl_size_perc_stop => '60', - :nfs_shares_config => '/etc/cinder/shares.conf', - :netapp_eseries_host_type => 'linux_dm_mp', - :nfs_mount_options => '', - :netapp_webservice_path => '/devmgr/v2', - } - end - - shared_examples_for 'netapp volume driver' do - let :params_hash do - default_params.merge(params) - end - - it 'configures netapp volume driver' do - is_expected.to contain_cinder_config('netapp/volume_driver').with_value( - 'cinder.volume.drivers.netapp.common.NetAppDriver') - params_hash.each_pair do |config,value| - is_expected.to contain_cinder_config("netapp/#{config}").with_value( value ) - end - end - - it 'marks netapp_password as secret' do - is_expected.to contain_cinder_config('netapp/netapp_password').with_secret( true ) - end - - it 'marks netapp_sa_password as secret' do - is_expected.to contain_cinder_config('netapp/netapp_sa_password').with_secret( true ) - end - end - - context 'with default parameters' do - before do - params = {} - end - - it_configures 'netapp volume driver' - end - - context 'with provided parameters' do - it_configures 'netapp volume driver' - end - - context 'with netapp_storage_family eseries' do - before do - params.merge!(:netapp_storage_family => 'eseries') - end - - it 'sets use_multipath_for_image_xfer to true' do - is_expected.to contain_cinder_config('netapp/use_multipath_for_image_xfer').with({ - :value => 'true' - }) - end - end - - context 'with nfs_mount_options' do - before do - params.merge!(:nfs_mount_options => 'rw,proto=tcp,sec=sys') - end - - it 'sets the nfs mount options' do - is_expected.to contain_cinder_config('netapp/nfs_mount_options').with({ - :value => 'rw,proto=tcp,sec=sys' - }) - end - end - - context 'netapp backend with additional configuration' do - before do - params.merge!({:extra_options => {'netapp/param1' => { 'value' => 'value1' }}}) - end - - it 'configure netapp backend with additional configuration' do - is_expected.to contain_cinder_config('netapp/param1').with({ - :value => 'value1' - }) - end - end - - context 'with NFS shares provided' do - let (:req_params) { params.merge!({ - :nfs_shares => ['10.0.0.1:/test1', '10.0.0.2:/test2'], - :nfs_shares_config => '/etc/cinder/shares.conf', - }) } - - it 'writes NFS shares to file' do - is_expected.to contain_file("#{req_params[:nfs_shares_config]}") \ - .with_content("10.0.0.1:/test1\n10.0.0.2:/test2") - end - end - - context 'with invalid NFS shares provided' do - before do - params.merge!({ - :nfs_shares => "not an array", - :nfs_shares_config => '/etc/cinder/shares.conf', - }) - end - - it_raises 'a Puppet::Error', /"not an array" is not an Array. It looks to be a String/ - end - -end diff --git a/cinder/spec/defines/cinder_backend_nexenta_spec.rb b/cinder/spec/defines/cinder_backend_nexenta_spec.rb deleted file mode 100644 index 52acc4ff9..000000000 --- a/cinder/spec/defines/cinder_backend_nexenta_spec.rb +++ /dev/null @@ -1,52 +0,0 @@ -# author 'Aimon Bustardo ' -# license 'Apache License 2.0' -# description 'configures openstack cinder nexenta driver' -require 'spec_helper' - -describe 'cinder::backend::nexenta' do - let (:title) { 'nexenta' } - - let :params do - { :nexenta_user => 'nexenta', - :nexenta_password => 'password', - :nexenta_host => '127.0.0.2' } - end - - let :default_params do - { :nexenta_volume => 'cinder', - :nexenta_target_prefix => 'iqn:', - :nexenta_target_group_prefix => 'cinder/', - :nexenta_blocksize => '8k', - :nexenta_sparse => true } - end - - let :facts do - { :osfamily => 'Debian' } - end - - - context 'with required params' do - let :params_hash do - default_params.merge(params) - end - - it 'configures nexenta volume driver' do - params_hash.each_pair do |config, value| - is_expected.to contain_cinder_config("nexenta/#{config}").with_value(value) - end - end - end - - context 'nexenta backend with additional configuration' do - before do - params.merge!({:extra_options => {'nexenta/param1' => { 'value' => 'value1' }}}) - end - - it 'configure nexenta backend with additional configuration' do - is_expected.to contain_cinder_config('nexenta/param1').with({ - :value => 'value1' - }) - end - end - -end diff --git a/cinder/spec/defines/cinder_backend_nfs_spec.rb b/cinder/spec/defines/cinder_backend_nfs_spec.rb deleted file mode 100644 index 61f8da20c..000000000 --- a/cinder/spec/defines/cinder_backend_nfs_spec.rb +++ /dev/null @@ -1,64 +0,0 @@ -require 'spec_helper' - -describe 'cinder::backend::nfs' do - - let(:title) {'hippo'} - - let :params do - { - :nfs_servers => ['10.10.10.10:/shares', '10.10.10.10:/shares2'], - :nfs_mount_attempts => '4', - :nfs_mount_options => 'vers=3', - :nfs_shares_config => '/etc/cinder/other_shares.conf', - :nfs_disk_util => 'du', - :nfs_sparsed_volumes => true, - :nfs_mount_point_base => '/cinder_mount_point', - :nfs_used_ratio => '0.7', - :nfs_oversub_ratio => '0.9' - } - end - - describe 'nfs volume driver' do - - it 'configures nfs volume driver' do - is_expected.to contain_cinder_config('hippo/volume_backend_name').with( - :value => 'hippo') - is_expected.to contain_cinder_config('hippo/volume_driver').with_value( - 'cinder.volume.drivers.nfs.NfsDriver') - is_expected.to contain_cinder_config('hippo/nfs_shares_config').with_value( - '/etc/cinder/other_shares.conf') - is_expected.to contain_cinder_config('hippo/nfs_mount_attempts').with_value( - '4') - is_expected.to contain_cinder_config('hippo/nfs_mount_options').with_value( - 'vers=3') - is_expected.to contain_cinder_config('hippo/nfs_sparsed_volumes').with_value( - true) - is_expected.to contain_cinder_config('hippo/nfs_mount_point_base').with_value( - '/cinder_mount_point') - is_expected.to contain_cinder_config('hippo/nfs_disk_util').with_value( - 'du') - is_expected.to contain_cinder_config('hippo/nfs_used_ratio').with_value( - '0.7') - is_expected.to contain_cinder_config('hippo/nfs_oversub_ratio').with_value( - '0.9') - is_expected.to contain_file('/etc/cinder/other_shares.conf').with( - :content => "10.10.10.10:/shares\n10.10.10.10:/shares2", - :require => 'Package[cinder]', - :notify => 'Service[cinder-volume]' - ) - end - end - - describe 'nfs backend with additional configuration' do - before :each do - params.merge!({:extra_options => {'hippo/param1' => {'value' => 'value1'}}}) - end - - it 'configure nfs backend with additional configuration' do - is_expected.to contain_cinder_config('hippo/param1').with({ - :value => 'value1', - }) - end - end - -end diff --git a/cinder/spec/defines/cinder_backend_pure_spec.rb b/cinder/spec/defines/cinder_backend_pure_spec.rb deleted file mode 100644 index 3a8ae9a2a..000000000 --- a/cinder/spec/defines/cinder_backend_pure_spec.rb +++ /dev/null @@ -1,70 +0,0 @@ -require 'spec_helper' - -describe 'cinder::backend::pure' do - let (:title) { 'pure' } - - let :req_params do - { - :san_ip => '127.0.0.2', - :pure_api_token => 'abc123def456ghi789' - } - end - - describe 'pure volume driver defaults' do - let :params do - req_params - end - - it 'configure pure volume driver' do - is_expected.to contain_cinder_config('pure/volume_driver').with_value('cinder.volume.drivers.pure.PureISCSIDriver') - is_expected.to contain_cinder_config('pure/san_ip').with_value('127.0.0.2') - is_expected.to contain_cinder_config('pure/pure_api_token').with_value('abc123def456ghi789') - is_expected.to contain_cinder_config('pure/use_multipath_for_image_xfer').with_value('true') - is_expected.to contain_cinder_config('pure/use_chap_auth').with_value('false') - end - end - - describe 'pure iscsi volume driver' do - let :params do - req_params.merge({ - 'pure_storage_protocol' => 'iSCSI', - 'use_chap_auth' => 'true' - }) - end - - it 'configure pure volume driver' do - is_expected.to contain_cinder_config('pure/volume_driver').with_value('cinder.volume.drivers.pure.PureISCSIDriver') - is_expected.to contain_cinder_config('pure/san_ip').with_value('127.0.0.2') - is_expected.to contain_cinder_config('pure/pure_api_token').with_value('abc123def456ghi789') - is_expected.to contain_cinder_config('pure/use_multipath_for_image_xfer').with_value('true') - is_expected.to contain_cinder_config('pure/use_chap_auth').with_value('true') - end - end - - describe 'pure fc volume driver' do - let :params do - req_params.merge({'pure_storage_protocol' => 'FC'}) - end - - it 'configure pure volume driver' do - is_expected.to contain_cinder_config('pure/volume_driver').with_value('cinder.volume.drivers.pure.PureFCDriver') - is_expected.to contain_cinder_config('pure/san_ip').with_value('127.0.0.2') - is_expected.to contain_cinder_config('pure/pure_api_token').with_value('abc123def456ghi789') - is_expected.to contain_cinder_config('pure/use_multipath_for_image_xfer').with_value('true') - is_expected.to contain_cinder_config('pure/use_chap_auth').with_value('false') - end - end - - describe 'pure volume driver with additional configuration' do - let :params do - req_params.merge({:extra_options => {'pure_backend/param1' => {'value' => 'value1'}}}) - end - - it 'configure pure volume with additional configuration' do - is_expected.to contain_cinder__backend__pure('pure').with({ - :extra_options => {'pure_backend/param1' => {'value' => 'value1'}} - }) - end - end - -end diff --git a/cinder/spec/defines/cinder_backend_quobyte_spec.rb b/cinder/spec/defines/cinder_backend_quobyte_spec.rb deleted file mode 100644 index 7473cf95f..000000000 --- a/cinder/spec/defines/cinder_backend_quobyte_spec.rb +++ /dev/null @@ -1,41 +0,0 @@ -require 'spec_helper' - -describe 'cinder::backend::quobyte' do - - shared_examples_for 'quobyte volume driver' do - let(:title) {'myquobyte'} - - let :params do - { - :quobyte_volume_url => 'quobyte://quobyte.cluster.example.com/volume-name', - :quobyte_qcow2_volumes => false, - :quobyte_sparsed_volumes => true, - } - end - - it 'configures quobyte volume driver' do - is_expected.to contain_cinder_config('myquobyte/volume_driver').with_value( - 'cinder.volume.drivers.quobyte.QuobyteDriver') - is_expected.to contain_cinder_config('myquobyte/quobyte_volume_url').with_value( - 'quobyte://quobyte.cluster.example.com/volume-name') - is_expected.to contain_cinder_config('myquobyte/quobyte_qcow2_volumes').with_value( - false) - is_expected.to contain_cinder_config('myquobyte/quobyte_sparsed_volumes').with_value( - true) - end - - end - - on_supported_os({ - :supported_os => OSDefaults.get_supported_os - }).each do |os,facts| - context "on #{os}" do - let (:facts) do - facts.merge(OSDefaults.get_facts({:processorcount => 8})) - end - - it_configures 'quobyte volume driver' - end - end - -end diff --git a/cinder/spec/defines/cinder_backend_rbd_spec.rb b/cinder/spec/defines/cinder_backend_rbd_spec.rb deleted file mode 100644 index f52b7a326..000000000 --- a/cinder/spec/defines/cinder_backend_rbd_spec.rb +++ /dev/null @@ -1,125 +0,0 @@ -require 'spec_helper' - -describe 'cinder::backend::rbd' do - - let(:title) {'rbd-ssd'} - - let :facts do - OSDefaults.get_facts({}) - end - - let :req_params do - { - :volume_backend_name => 'rbd-ssd', - :rbd_pool => 'volumes', - :rbd_user => 'test', - :rbd_secret_uuid => '', - :rbd_ceph_conf => '/foo/boo/zoo/ceph.conf', - :rbd_flatten_volume_from_snapshot => true, - :volume_tmp_dir => '', - :rbd_max_clone_depth => '0', - :rados_connect_timeout => '', - :rados_connection_interval => '', - :rados_connection_retries => '', - :rbd_store_chunk_size => '' - } - end - - it { is_expected.to contain_class('cinder::params') } - - let :params do - req_params - end - - let :facts do - @default_facts.merge({:osfamily => 'Debian'}) - end - - describe 'rbd backend volume driver' do - it 'configure rbd volume driver' do - is_expected.to contain_cinder_config("#{req_params[:volume_backend_name]}/volume_backend_name").with_value(req_params[:volume_backend_name]) - is_expected.to contain_cinder_config("#{req_params[:volume_backend_name]}/volume_driver").with_value('cinder.volume.drivers.rbd.RBDDriver') - is_expected.to contain_cinder_config("#{req_params[:volume_backend_name]}/rbd_ceph_conf").with_value(req_params[:rbd_ceph_conf]) - is_expected.to contain_cinder_config("#{req_params[:volume_backend_name]}/rbd_flatten_volume_from_snapshot").with_value(req_params[:rbd_flatten_volume_from_snapshot]) - is_expected.to contain_cinder_config("#{req_params[:volume_backend_name]}/volume_tmp_dir").with_value(req_params[:volume_tmp_dir]) - is_expected.to contain_cinder_config("#{req_params[:volume_backend_name]}/rbd_max_clone_depth").with_value(req_params[:rbd_max_clone_depth]) - is_expected.to contain_cinder_config("#{req_params[:volume_backend_name]}/rbd_pool").with_value(req_params[:rbd_pool]) - is_expected.to contain_cinder_config("#{req_params[:volume_backend_name]}/rbd_user").with_value(req_params[:rbd_user]) - is_expected.to contain_cinder_config("#{req_params[:volume_backend_name]}/rbd_secret_uuid").with_value(req_params[:rbd_secret_uuid]) - is_expected.to contain_cinder_config("#{req_params[:volume_backend_name]}/backend_host").with_value('rbd:'"#{req_params[:rbd_pool]}") - is_expected.to contain_cinder_config("#{req_params[:volume_backend_name]}/rados_connect_timeout").with_value(req_params[:rados_connect_timeout]) - is_expected.to contain_cinder_config("#{req_params[:volume_backend_name]}/rados_connection_interval").with_value(req_params[:rados_connection_interval]) - is_expected.to contain_cinder_config("#{req_params[:volume_backend_name]}/rados_connection_retries").with_value(req_params[:rados_connection_retries]) - is_expected.to contain_cinder_config("#{req_params[:volume_backend_name]}/rbd_store_chunk_size").with_value(req_params[:rbd_store_chunk_size]) - is_expected.to contain_file('/etc/init/cinder-volume.override').with(:ensure => 'present') - is_expected.to contain_file_line('set initscript env rbd-ssd').with( - :line => /env CEPH_ARGS=\"--id test\"/, - :path => '/etc/init/cinder-volume.override', - :notify => 'Service[cinder-volume]') - end - - context 'with another RBD backend' do - let :pre_condition do - "cinder::backend::rbd { 'ceph2': - rbd_pool => 'volumes2', - rbd_user => 'test2' - }" - end - it { is_expected.to contain_cinder_config("#{req_params[:volume_backend_name]}/volume_driver").with_value('cinder.volume.drivers.rbd.RBDDriver') } - it { is_expected.to contain_cinder_config("#{req_params[:volume_backend_name]}/rbd_pool").with_value(req_params[:rbd_pool]) } - it { is_expected.to contain_cinder_config("#{req_params[:volume_backend_name]}/rbd_user").with_value(req_params[:rbd_user]) } - it { is_expected.to contain_cinder_config("ceph2/volume_driver").with_value('cinder.volume.drivers.rbd.RBDDriver') } - it { is_expected.to contain_cinder_config("ceph2/rbd_pool").with_value('volumes2') } - it { is_expected.to contain_cinder_config("ceph2/rbd_user").with_value('test2') } - end - - context 'rbd backend with additional configuration' do - before do - params.merge!({:extra_options => {'rbd-ssd/param1' => { 'value' => 'value1' }}}) - end - - it 'configure rbd backend with additional configuration' do - is_expected.to contain_cinder_config('rbd-ssd/param1').with({ - :value => 'value1' - }) - end - end - - context 'override backend_host parameter' do - before do - params.merge!({:backend_host => 'test_host.fqdn.com' }) - end - - it 'configure rbd backend with specific hostname' do - is_expected.to contain_cinder_config('rbd-ssd/backend_host').with({ - :value => 'test_host.fqdn.com', - }) - end - end - - end - - describe 'with RedHat' do - let :facts do - @default_facts.merge({ :osfamily => 'RedHat' }) - end - - let :params do - req_params - end - - it 'should ensure that the cinder-volume sysconfig file is present' do - is_expected.to contain_file('/etc/sysconfig/openstack-cinder-volume').with( - :ensure => 'present' - ) - end - - it 'should configure RedHat init override' do - is_expected.to contain_file_line('set initscript env rbd-ssd').with( - :line => /export CEPH_ARGS=\"--id test\"/, - :path => '/etc/sysconfig/openstack-cinder-volume', - :notify => 'Service[cinder-volume]') - end - end - -end diff --git a/cinder/spec/defines/cinder_backend_san_spec.rb b/cinder/spec/defines/cinder_backend_san_spec.rb deleted file mode 100644 index c0647e862..000000000 --- a/cinder/spec/defines/cinder_backend_san_spec.rb +++ /dev/null @@ -1,53 +0,0 @@ -require 'spec_helper' - -describe 'cinder::backend::san' do - let (:title) { 'mysan' } - - let :params do - { :volume_driver => 'cinder.volume.san.SolarisISCSIDriver', - :san_ip => '127.0.0.1', - :san_login => 'cluster_operator', - :san_password => '007', - :san_clustername => 'storage_cluster' } - end - - let :default_params do - { :san_thin_provision => true, - :san_login => 'admin', - :san_ssh_port => 22, - :san_is_local => false, - :ssh_conn_timeout => 30, - :ssh_min_pool_conn => 1, - :ssh_max_pool_conn => 5 } - end - - shared_examples_for 'a san volume driver' do - let :params_hash do - default_params.merge(params) - end - - it 'configures cinder volume driver' do - params_hash.each_pair do |config,value| - is_expected.to contain_cinder_config("mysan/#{config}").with_value( value ) - end - end - end - - - context 'with parameters' do - it_configures 'a san volume driver' - end - - context 'san backend with additional configuration' do - before do - params.merge!({:extra_options => {'mysan/param1' => { 'value' => 'value1' }}}) - end - - it 'configure san backend with additional configuration' do - is_expected.to contain_cinder_config('mysan/param1').with({ - :value => 'value1' - }) - end - end - -end diff --git a/cinder/spec/defines/cinder_backend_solidfire_spec.rb b/cinder/spec/defines/cinder_backend_solidfire_spec.rb deleted file mode 100644 index 4ed536364..000000000 --- a/cinder/spec/defines/cinder_backend_solidfire_spec.rb +++ /dev/null @@ -1,72 +0,0 @@ -require 'spec_helper' - -describe 'cinder::backend::solidfire' do - let (:title) { 'solidfire' } - - let :req_params do - { - :san_ip => '127.0.0.2', - :san_login => 'solidfire_login', - :san_password => 'password', - } - end - - let :params do - req_params - end - - describe 'solidfire volume driver' do - it 'configure solidfire volume driver' do - is_expected.to contain_cinder_config('solidfire/volume_driver' - ).with_value('cinder.volume.drivers.solidfire.SolidFireDriver') - is_expected.to contain_cinder_config('solidfire/san_ip' - ).with_value('127.0.0.2') - is_expected.to contain_cinder_config('solidfire/san_login' - ).with_value('solidfire_login') - is_expected.to contain_cinder_config('solidfire/san_password' - ).with_value('password') - is_expected.to contain_cinder_config('solidfire/sf_template_account_name' - ).with_value('openstack-vtemplate') - is_expected.to contain_cinder_config('solidfire/sf_allow_template_caching' - ).with_value(false) - is_expected.to contain_cinder_config('solidfire/volume_backend_name' - ).with_value('solidfire') - is_expected.to contain_cinder_config('solidfire/sf_emulate_512' - ).with_value(true) - is_expected.to contain_cinder_config('solidfire/sf_allow_tenant_qos' - ).with_value(false) - is_expected.to contain_cinder_config('solidfire/sf_account_prefix' - ).with_value('') - is_expected.to contain_cinder_config('solidfire/sf_api_port' - ).with_value('443') - is_expected.to contain_cinder_config('solidfire/sf_volume_prefix' - ).with_value('UUID-') - is_expected.to contain_cinder_config('solidfire/sf_svip' - ).with_value('') - is_expected.to contain_cinder_config('solidfire/sf_enable_volume_mapping' - ).with_value(true) - is_expected.to contain_cinder_config('solidfire/sf_enable_vag' - ).with_value(false) - end - - it 'marks san_password as secret' do - is_expected.to contain_cinder_config('solidfire/san_password' - ).with_secret( true ) - end - - end - - describe 'solidfire backend with additional configuration' do - before :each do - params.merge!({:extra_options => - {'solidfire/param1' => {'value' => 'value1'}}}) - end - - it 'configure solidfire backend with additional configuration' do - is_expected.to contain_cinder_config('solidfire/param1').with({ - :value => 'value1', - }) - end - end - -end diff --git a/cinder/spec/defines/cinder_backend_vmdk_spec.rb b/cinder/spec/defines/cinder_backend_vmdk_spec.rb deleted file mode 100644 index 90cb0f7c3..000000000 --- a/cinder/spec/defines/cinder_backend_vmdk_spec.rb +++ /dev/null @@ -1,80 +0,0 @@ -require 'spec_helper' - -describe 'cinder::backend::vmdk' do - - let(:title) { 'hippo' } - - let :facts do - OSDefaults.get_facts({}) - end - - let :params do - { - :host_ip => '172.16.16.16', - :host_password => 'asdf', - :host_username => 'user', - :api_retry_count => '', - :max_object_retrieval => '', - :image_transfer_timeout_secs => '' - } - end - - let :optional_params do - { - :volume_folder => 'cinder-volume-folder', - :api_retry_count => 5, - :max_object_retrieval => 200, - :task_poll_interval => 10, - :image_transfer_timeout_secs => 3600, - :wsdl_location => 'http://127.0.0.1:8080/vmware/SDK/wsdl/vim25/vimService.wsdl' - } - end - - it 'should configure vmdk driver in cinder.conf' do - is_expected.to contain_cinder_config('hippo/volume_backend_name').with_value('hippo') - is_expected.to contain_cinder_config('hippo/volume_driver').with_value('cinder.volume.drivers.vmware.vmdk.VMwareVcVmdkDriver') - is_expected.to contain_cinder_config('hippo/vmware_host_ip').with_value(params[:host_ip]) - is_expected.to contain_cinder_config('hippo/vmware_host_username').with_value(params[:host_username]) - is_expected.to contain_cinder_config('hippo/vmware_host_password').with_value(params[:host_password]) - is_expected.to contain_cinder_config('hippo/vmware_volume_folder').with_value('cinder-volumes') - is_expected.to contain_cinder_config('hippo/vmware_api_retry_count').with_value(params[:api_retry_count]) - is_expected.to contain_cinder_config('hippo/vmware_max_object_retrieval').with_value(params[:max_object_retrieval]) - is_expected.to contain_cinder_config('hippo/vmware_task_poll_interval').with_value(5) - is_expected.to contain_cinder_config('hippo/vmware_image_transfer_timeout_secs').with_value(params[:image_transfer_timeout_secs]) - is_expected.to contain_cinder_config('hippo/vmware_wsdl_location').with_value('') - end - - it 'installs suds python package' do - is_expected.to contain_package('python-suds').with( - :ensure => 'present') - end - - context 'with optional parameters' do - before :each do - params.merge!(optional_params) - end - - it 'should configure vmdk driver in cinder.conf' do - is_expected.to contain_cinder_config('hippo/vmware_volume_folder').with_value(params[:volume_folder]) - is_expected.to contain_cinder_config('hippo/vmware_api_retry_count').with_value(params[:api_retry_count]) - is_expected.to contain_cinder_config('hippo/vmware_max_object_retrieval').with_value(params[:max_object_retrieval]) - is_expected.to contain_cinder_config('hippo/vmware_task_poll_interval').with_value(params[:task_poll_interval]) - is_expected.to contain_cinder_config('hippo/vmware_image_transfer_timeout_secs').with_value(params[:image_transfer_timeout_secs]) - is_expected.to contain_cinder_config('hippo/vmware_wsdl_location').with_value(params[:wsdl_location]) - is_expected.to contain_cinder_config('hippo/host').with_value("vmdk:#{params[:host_ip]}-#{params[:volume_folder]}") - end - end - - context 'vmdk backend with additional configuration' do - before do - params.merge!({:extra_options => {'hippo/param1' => { 'value' => 'value1' }}}) - end - - it 'configure vmdk backend with additional configuration' do - is_expected.to contain_cinder_config('hippo/param1').with({ - :value => 'value1' - }) - end - end - -end diff --git a/cinder/spec/defines/cinder_quota_set_spec.rb b/cinder/spec/defines/cinder_quota_set_spec.rb deleted file mode 100644 index df82b2d44..000000000 --- a/cinder/spec/defines/cinder_quota_set_spec.rb +++ /dev/null @@ -1,64 +0,0 @@ -#Author: Craig DeLatte - -require 'spec_helper' - -describe 'cinder::quota_set' do - - let(:title) {'hippo'} - - let :params do { - :os_password => 'asdf', - :os_tenant_name => 'admin', - :os_username => 'admin', - :os_auth_url => 'http://127.127.127.1:5000/v2.0/', - :quota_volumes => '10', - :quota_snapshots => '10', - :quota_gigabytes => '1000', - :class_name => 'default', - } - end - - shared_examples_for 'cinder_quota_set' do - [{}, - { :os_region_name => 'test' } - ].each do |param_set| - describe "when #{param_set == {} ? 'using default' : 'specifying'} class parameters" do - before do - params.merge!(param_set) - end - it do - is_expected.to contain_exec('cinder quota-class-update default').with( - :command => "cinder quota-class-update default --volumes 10 --snapshots 10 --gigabytes 1000 --volume-type 'hippo'", - :environment => (param_set == {}) ? - ['OS_TENANT_NAME=admin', - 'OS_USERNAME=admin', - 'OS_PASSWORD=asdf', - 'OS_AUTH_URL=http://127.127.127.1:5000/v2.0/'] : - ['OS_TENANT_NAME=admin', - 'OS_USERNAME=admin', - 'OS_PASSWORD=asdf', - 'OS_AUTH_URL=http://127.127.127.1:5000/v2.0/', - 'OS_REGION_NAME=test'], - :onlyif => 'cinder quota-class-show default | grep -qP -- -1', - :require => 'Package[python-cinderclient]') - end - end - end - end - - context 'on Debian platforms' do - let :facts do - { :operatingsystem => 'Ubuntu', - :osfamily => 'Debian' } - end - it_configures 'cinder_quota_set' - end - - context 'on Redhat platforms' do - let :facts do - { :operatingsystem => 'Redhat', - :osfamily => 'Redhat' } - end - it_configures 'cinder_quota_set' - end -end diff --git a/cinder/spec/defines/cinder_type_set_spec.rb b/cinder/spec/defines/cinder_type_set_spec.rb deleted file mode 100644 index c77186bce..000000000 --- a/cinder/spec/defines/cinder_type_set_spec.rb +++ /dev/null @@ -1,30 +0,0 @@ -#Author: Andrew Woodward - -require 'spec_helper' - -describe 'cinder::type_set' do - - let(:title) {'hippo'} - - let :default_params do { - :type => 'sith', - :key => 'monchichi', - } - end - - describe 'by default' do - let(:params){ default_params } - it 'should create type with properties' do - should contain_cinder_type('sith').with(:ensure => :present, :properties => ['monchichi=hippo']) - end - end - - describe 'with a different value' do - let(:params){ - default_params.merge({:value => 'hippi'}) - } - it 'should create type with properties' do - should contain_cinder_type('sith').with(:ensure => :present, :properties => ['monchichi=hippi']) - end - end -end diff --git a/cinder/spec/defines/cinder_type_spec.rb b/cinder/spec/defines/cinder_type_spec.rb deleted file mode 100644 index b572698bc..000000000 --- a/cinder/spec/defines/cinder_type_spec.rb +++ /dev/null @@ -1,25 +0,0 @@ -#Author: Andrew Woodward - -require 'spec_helper' - -describe 'cinder::type' do - - let(:title) {'hippo'} - - context 'default creation' do - it 'should create type basic' do - should contain_cinder_type('hippo').with(:ensure => :present) - end - end - - context 'creation with properties' do - let :params do { - :set_value => ['name1','name2'], - :set_key => 'volume_backend_name', - } - end - it 'should create type with properties' do - should contain_cinder_type('hippo').with(:ensure => :present, :properties => ['volume_backend_name=name1,name2']) - end - end -end diff --git a/cinder/spec/shared_examples.rb b/cinder/spec/shared_examples.rb deleted file mode 100644 index fec0eacc9..000000000 --- a/cinder/spec/shared_examples.rb +++ /dev/null @@ -1,5 +0,0 @@ -shared_examples_for "a Puppet::Error" do |description| - it "with message matching #{description.inspect}" do - expect { is_expected.to have_class_count(1) }.to raise_error(Puppet::Error, description) - end -end diff --git a/cinder/spec/spec_helper.rb b/cinder/spec/spec_helper.rb deleted file mode 100644 index be3811cf2..000000000 --- a/cinder/spec/spec_helper.rb +++ /dev/null @@ -1,18 +0,0 @@ -require 'puppetlabs_spec_helper/module_spec_helper' -require 'shared_examples' - -require 'puppet-openstack_spec_helper/defaults' -require 'rspec-puppet-facts' -include RspecPuppetFacts - -RSpec.configure do |c| - c.alias_it_should_behave_like_to :it_configures, 'configures' - c.alias_it_should_behave_like_to :it_raises, 'raises' - # TODO(aschultz): remove this after all tests converted to use OSDefaults - # instead of referencing @default_facts - c.before :each do - @default_facts = OSDefaults.get_facts - end -end - -at_exit { RSpec::Puppet::Coverage.report! } diff --git a/cinder/spec/spec_helper_acceptance.rb b/cinder/spec/spec_helper_acceptance.rb deleted file mode 100644 index 9196bc99b..000000000 --- a/cinder/spec/spec_helper_acceptance.rb +++ /dev/null @@ -1 +0,0 @@ -require 'puppet-openstack_spec_helper/beaker_spec_helper' diff --git a/cinder/spec/unit/provider/cinder_api_paste_ini/ini_setting_spec.rb b/cinder/spec/unit/provider/cinder_api_paste_ini/ini_setting_spec.rb deleted file mode 100644 index 967ec1c6d..000000000 --- a/cinder/spec/unit/provider/cinder_api_paste_ini/ini_setting_spec.rb +++ /dev/null @@ -1,29 +0,0 @@ -# -# these tests are a little concerning b/c they are hacking around the -# modulepath, so these tests will not catch issues that may eventually arise -# related to loading these plugins. -# I could not, for the life of me, figure out how to programatcally set the modulepath -$LOAD_PATH.push( - File.join( - File.dirname(__FILE__), - '..', - '..', - '..', - 'fixtures', - 'modules', - 'inifile', - 'lib') -) -require 'spec_helper' -provider_class = Puppet::Type.type(:cinder_api_paste_ini).provider(:ini_setting) -describe provider_class do - - it 'should allow setting to be set explicitly' do - resource = Puppet::Type::Cinder_api_paste_ini.new( - {:name => 'dude/foo', :value => 'bar'} - ) - provider = provider_class.new(resource) - expect(provider.section).to eq('dude') - expect(provider.setting).to eq('foo') - end -end diff --git a/cinder/spec/unit/provider/cinder_config/ini_setting_spec.rb b/cinder/spec/unit/provider/cinder_config/ini_setting_spec.rb deleted file mode 100644 index b4ebf99d7..000000000 --- a/cinder/spec/unit/provider/cinder_config/ini_setting_spec.rb +++ /dev/null @@ -1,72 +0,0 @@ -$LOAD_PATH.push( - File.join( - File.dirname(__FILE__), - '..', - '..', - '..', - 'fixtures', - 'modules', - 'inifile', - 'lib') -) -$LOAD_PATH.push( - File.join( - File.dirname(__FILE__), - '..', - '..', - '..', - 'fixtures', - 'modules', - 'openstacklib', - 'lib') -) - -require 'spec_helper' - -provider_class = Puppet::Type.type(:cinder_config).provider(:ini_setting) - -describe provider_class do - - it 'should default to the default setting when no other one is specified' do - resource = Puppet::Type::Cinder_config.new( - { - :name => 'DEFAULT/foo', - :value => 'bar' - } - ) - provider = provider_class.new(resource) - expect(provider.section).to eq('DEFAULT') - expect(provider.setting).to eq('foo') - end - - it 'should allow setting to be set explicitly' do - resource = Puppet::Type::Cinder_config.new( - { - :name => 'dude/foo', - :value => 'bar' - } - ) - provider = provider_class.new(resource) - expect(provider.section).to eq('dude') - expect(provider.setting).to eq('foo') - end - - it 'should ensure absent when is specified as a value' do - resource = Puppet::Type::Cinder_config.new( - {:name => 'dude/foo', :value => ''} - ) - provider = provider_class.new(resource) - provider.exists? - expect(resource[:ensure]).to eq :absent - end - - it 'should ensure absent when value matches ensure_absent_val' do - resource = Puppet::Type::Cinder_config.new( - {:name => 'dude/foo', :value => 'foo', :ensure_absent_val => 'foo' } - ) - provider = provider_class.new(resource) - provider.exists? - expect(resource[:ensure]).to eq :absent - end - -end diff --git a/cinder/spec/unit/provider/cinder_spec.rb b/cinder/spec/unit/provider/cinder_spec.rb deleted file mode 100644 index 246ae58df..000000000 --- a/cinder/spec/unit/provider/cinder_spec.rb +++ /dev/null @@ -1,48 +0,0 @@ -require 'puppet' -require 'spec_helper' -require 'puppet/provider/cinder' -require 'tempfile' - -klass = Puppet::Provider::Cinder - -describe Puppet::Provider::Cinder do - - after :each do - klass.reset - end - - describe 'when retrieving the auth credentials' do - - it 'should fail if no auth params are passed and the glance config file does not have the expected contents' do - mock = {} - Puppet::Util::IniConfig::File.expects(:new).returns(mock) - mock.expects(:read).with('/etc/cinder/cinder.conf') - expect do - klass.cinder_credentials - end.to raise_error(Puppet::Error, /Cinder types will not work/) - end - - it 'should read conf file with all sections' do - creds_hash = { - 'auth_uri' => 'https://192.168.56.210:35357/v2.0/', - 'admin_tenant_name' => 'admin_tenant', - 'admin_user' => 'admin', - 'admin_password' => 'password', - 'project_domain_name' => 'Default', - 'user_domain_name' => 'Default', - } - mock = { - 'keystone_authtoken' => { - 'auth_uri' => 'https://192.168.56.210:35357/v2.0/', - 'admin_tenant_name' => 'admin_tenant', - 'admin_user' => 'admin', - 'admin_password' => 'password', - } - } - Puppet::Util::IniConfig::File.expects(:new).returns(mock) - mock.expects(:read).with('/etc/cinder/cinder.conf') - expect(klass.cinder_credentials).to eq(creds_hash) - end - - end -end diff --git a/cinder/spec/unit/provider/cinder_type/openstack_spec.rb b/cinder/spec/unit/provider/cinder_type/openstack_spec.rb deleted file mode 100644 index 1dcc5b7fd..000000000 --- a/cinder/spec/unit/provider/cinder_type/openstack_spec.rb +++ /dev/null @@ -1,83 +0,0 @@ -require 'puppet' -require 'puppet/provider/cinder_type/openstack' - -provider_class = Puppet::Type.type(:cinder_type).provider(:openstack) - -describe provider_class do - - let(:set_creds_env) do - ENV['OS_USERNAME'] = 'test' - ENV['OS_PASSWORD'] = 'abc123' - ENV['OS_PROJECT_NAME'] = 'test' - ENV['OS_AUTH_URL'] = 'http://127.0.0.1:5000' - end - - let(:type_attributes) do - { - :name => 'Backend_1', - :ensure => :present, - :properties => ['key=value', 'new_key=new_value'], - } - end - - let(:resource) do - Puppet::Type::Cinder_type.new(type_attributes) - end - - let(:provider) do - provider_class.new(resource) - end - - before(:each) { set_creds_env } - - after(:each) do - Puppet::Type.type(:cinder_type).provider(:openstack).reset - provider_class.reset - end - - describe 'managing type' do - describe '#create' do - it 'creates a type' do - provider_class.expects(:openstack) - .with('volume type', 'create', '--format', 'shell', ['--property', 'key=value', '--property', 'new_key=new_value', 'Backend_1']) - .returns('id="90e19aff-1b35-4d60-9ee3-383c530275ab" -name="Backend_1" -properties="key=\'value\', new_key=\'new_value\'" -') - provider.create - expect(provider.exists?).to be_truthy - end - end - - describe '#destroy' do - it 'destroys a type' do - provider_class.expects(:openstack) - .with('volume type', 'delete', 'Backend_1') - provider.destroy - expect(provider.exists?).to be_falsey - end - end - - describe '#instances' do - it 'finds types' do - provider_class.expects(:openstack) - .with('volume type', 'list', '--quiet', '--format', 'csv', '--long') - .returns('"ID","Name","Properties" -"28b632e8-6694-4bba-bf68-67b19f619019","type-1","key1=\'value1\'" -"4f992f69-14ec-4132-9313-55cc06a6f1f6","type-2","key2=\'value2\'" -') - instances = provider_class.instances - expect(instances.count).to eq(2) - expect(instances[0].name).to eq('type-1') - expect(instances[1].name).to eq('type-2') - end - end - - describe '#string2array' do - it 'should return an array with key-value' do - s = "key='value', key2='value2'" - expect(provider_class.string2array(s)).to eq(['key=value', 'key2=value2']) - end - end - end -end diff --git a/cinder/spec/unit/type/cinder_api_paste_spec.rb b/cinder/spec/unit/type/cinder_api_paste_spec.rb deleted file mode 100644 index 83db1bfcf..000000000 --- a/cinder/spec/unit/type/cinder_api_paste_spec.rb +++ /dev/null @@ -1,34 +0,0 @@ -require 'spec_helper' -# this hack is required for now to ensure that the path is set up correctly -# to retrive the parent provider -$LOAD_PATH.push( - File.join( - File.dirname(__FILE__), - '..', - '..', - 'fixtures', - 'modules', - 'inifile', - 'lib') -) -require 'puppet/type/cinder_api_paste_ini' -describe 'Puppet::Type.type(:cinder_api_paste_ini)' do - before :each do - @cinder_api_paste_ini = Puppet::Type.type(:cinder_api_paste_ini).new(:name => 'DEFAULT/foo', :value => 'bar') - end - it 'should accept a valid value' do - @cinder_api_paste_ini[:value] = 'bar' - expect(@cinder_api_paste_ini[:value]).to eq('bar') - end - - it 'should autorequire the package that install the file' do - catalog = Puppet::Resource::Catalog.new - package = Puppet::Type.type(:package).new(:name => 'cinder') - catalog.add_resource package, @cinder_api_paste_ini - dependency = @cinder_api_paste_ini.autorequire - expect(dependency.size).to eq(1) - expect(dependency[0].target).to eq(@cinder_api_paste_ini) - expect(dependency[0].source).to eq(package) - end - -end diff --git a/cinder/spec/unit/type/cinder_config_spec.rb b/cinder/spec/unit/type/cinder_config_spec.rb deleted file mode 100644 index 615898905..000000000 --- a/cinder/spec/unit/type/cinder_config_spec.rb +++ /dev/null @@ -1,19 +0,0 @@ -require 'puppet' -require 'puppet/type/cinder_config' - -describe 'Puppet::Type.type(:cinder_config)' do - before :each do - @cinder_config = Puppet::Type.type(:cinder_config).new(:name => 'DEFAULT/foo', :value => 'bar') - end - - it 'should autorequire the package that install the file' do - catalog = Puppet::Resource::Catalog.new - package = Puppet::Type.type(:package).new(:name => 'cinder') - catalog.add_resource package, @cinder_config - dependency = @cinder_config.autorequire - expect(dependency.size).to eq(1) - expect(dependency[0].target).to eq(@cinder_config) - expect(dependency[0].source).to eq(package) - end - -end diff --git a/cinder/spec/unit/type/cinder_type_spec.rb b/cinder/spec/unit/type/cinder_type_spec.rb deleted file mode 100644 index c9b0a0caa..000000000 --- a/cinder/spec/unit/type/cinder_type_spec.rb +++ /dev/null @@ -1,32 +0,0 @@ -require 'puppet' -require 'puppet/type/cinder_type' - -describe Puppet::Type.type(:cinder_type) do - - before :each do - Puppet::Type.rmtype(:cinder_type) - end - - it 'should reject an invalid propertie value' do - incorrect_input = { - :name => 'test_type', - :properties => ['some_key1 = some_value2'] - } - expect { Puppet::Type.type(:cinder_type).new(incorrect_input) }.to raise_error(Puppet::ResourceError, /Parameter properties failed/) - end - - it 'should autorequire cinder-api service' do - catalog = Puppet::Resource::Catalog.new - service = Puppet::Type.type(:service).new(:name => 'cinder-api') - correct_input = { - :name => 'test_type', - :properties => ['some_key1=value', 'some_key2=value1,value2'] - } - cinder_type = Puppet::Type.type(:cinder_type).new(correct_input) - catalog.add_resource service, cinder_type - dependency = cinder_type.autorequire - expect(dependency.size).to eq(1) - expect(dependency[0].target).to eq(cinder_type) - expect(dependency[0].source).to eq(service) - end -end diff --git a/cinder/test-requirements.txt b/cinder/test-requirements.txt deleted file mode 100644 index bedd66690..000000000 --- a/cinder/test-requirements.txt +++ /dev/null @@ -1,4 +0,0 @@ -# this is required for the docs build jobs -sphinx!=1.2.0,!=1.3b1,<1.3,>=1.1.2 -oslosphinx>=2.5.0 # Apache-2.0 -reno>=0.1.1 # Apache-2.0 diff --git a/cinder/tox.ini b/cinder/tox.ini deleted file mode 100644 index aea06c84f..000000000 --- a/cinder/tox.ini +++ /dev/null @@ -1,8 +0,0 @@ -[tox] -minversion = 1.6 -skipsdist = True -envlist = releasenotes - -[testenv:releasenotes] -deps = -rtest-requirements.txt -commands = sphinx-build -a -E -W -d releasenotes/build/doctrees -b html releasenotes/source releasenotes/build/html diff --git a/concat/.fixtures.yml b/concat/.fixtures.yml deleted file mode 100644 index 67added0a..000000000 --- a/concat/.fixtures.yml +++ /dev/null @@ -1,7 +0,0 @@ -fixtures: - repositories: - 'stdlib': - repo: 'git://github.com/puppetlabs/puppetlabs-stdlib.git' - ref: '4.2.0' - symlinks: - 'concat': '#{source_dir}' diff --git a/concat/.gitattributes b/concat/.gitattributes deleted file mode 100644 index 2e05fd47d..000000000 --- a/concat/.gitattributes +++ /dev/null @@ -1 +0,0 @@ -*.sh eol=lf diff --git a/concat/.gitignore b/concat/.gitignore deleted file mode 100644 index 874db461f..000000000 --- a/concat/.gitignore +++ /dev/null @@ -1,10 +0,0 @@ -pkg/ -Gemfile.lock -vendor/ -spec/fixtures/ -.vagrant/ -.bundle/ -coverage/ -.idea/ -*.iml -log/ diff --git a/concat/.sync.yml b/concat/.sync.yml deleted file mode 100644 index 08e91a74a..000000000 --- a/concat/.sync.yml +++ /dev/null @@ -1,9 +0,0 @@ ---- -.travis.yml: - includes: - - rvm: 1.8.7 - env: PUPPET_GEM_VERSION="~> 3.0" - - rvm: 1.9.3 - env: PUPPET_GEM_VERSION="~> 3.0" - - rvm: 2.0.0 - env: PUPPET_GEM_VERSION="~> 3.0" diff --git a/concat/.travis.yml b/concat/.travis.yml deleted file mode 100644 index 001fb8582..000000000 --- a/concat/.travis.yml +++ /dev/null @@ -1,18 +0,0 @@ ---- -sudo: false -language: ruby -bundler_args: --without system_tests -script: "bundle exec rake validate && bundle exec rake lint && bundle exec rake spec SPEC_OPTS='--format documentation'" -matrix: - fast_finish: true - include: - - rvm: 1.8.7 - env: PUPPET_GEM_VERSION="~> 3.0" - - rvm: 1.9.3 - env: PUPPET_GEM_VERSION="~> 3.0" - - rvm: 2.0.0 - env: PUPPET_GEM_VERSION="~> 3.0" - - rvm: 2.1.6 - env: PUPPET_GEM_VERSION="~> 4.0" STRICT_VARIABLES="yes" -notifications: - email: false diff --git a/concat/CHANGELOG.md b/concat/CHANGELOG.md deleted file mode 100644 index f24932cbe..000000000 --- a/concat/CHANGELOG.md +++ /dev/null @@ -1,288 +0,0 @@ -##2015-07-21 - Supported Release 1.2.4 -###Summary - -This release includes some ruby path and lint fixes. - -####Bugfixes -- Use correct ruby path with PE and AIO -- Lint fixes -- Use correct ruby path on FreeBSD -- Test fixes - -##2015-06-02 - Supported Release 2.0.1 [YANKED] -###Summary - -This is a bugfix release. - -####Bugfixes -- Fixes dependency graphing with concurrent modification of the same file. -- Fixes handling fragment target. -- Fixes the defaulted force behavior to handle empty concats correctly. - -##2015-06-02 - Supported Release 1.2.3 -###Summary - -This release includes a README fix to document correct behavior of fragment target parameter. - -####Bugfixes -- README Fix to correctly document how a fragment $target param should work. - -##2015-05-12 - Supported Release 2.0.0 [YANKED] -###Summary - -This is a major release. Includes re-implementation of concat to use native Type and Providers, resulting in significantly improved performance and testability. Also includes a bugfix to alpha ordering of fragments. - -####Features -- Re-implementation of concat to use native Type and Providers. - -####Bugfixes -- Fixes a bug in alpha ordering of fragments. - -##2015-05-12 - Supported Release 1.2.2 -###Summary - -This release includes a bugfix. - -####Bugfixes -- Fixes a bug introduced by MODULES-1700, in handling default retrieval of fragment backup parameter. - -##2015-04-14 - Supported Release 1.2.1 -###Summary - -This release includes bugfixes, test improvements, and a rewritten README. - -####Bugfixes - -- Verifies existence of $is_pe before using it. -- Adds validation for $order param to not allow restricted characters. -- Sets the group id on Fragments for versions of Facter that contain the $gid fact. -- Sets the script group to 0 if the script is owned by root. -- Explicitly sets script and concat directories to the same owner and group. -- Re-adds support for fragment backup, so that static compiler can work with filebucket (MODULES-1700). - -##2015-02-17 - Supported Release 1.2.0 -###Summary - -This release includes a number of bugfixes and adds support for running a validation command when using puppet >= 3.5.0. - -####Features -- Support running a validation command for Puppet >= 3.5.0 - -####Bugfixes -- Reset poisoned defaults from Exec -- Use concatfragments.rb on AIX since it doesn't support print0 -- Make sure ruby is in the path for PE (MODULES-1456) -- Fix missing method for check_is_owned_by for windows (MODULES-1764) -- Fix sort by numeric - -##2014-10-28 - Supported Release 1.1.2 -###Summary - -This release includes bugfixes and test improvements. The module was tested against SLES10 and SLES12 and found to work against those platforms with no module improvements. Metadata was updated to include those as supported platforms. - -####Bugfixes -- newline didn't work for Windows and Solaris. This has been fixed. -- Install certs on Windows for acceptance tests -- Update tests to work with strict variables (no module updates were required) -- Update tests to work on Windows -- Fix typo in CHANGELOG.md - -##2014-09-10 - Supported Release 1.1.1 -###Summary - -This is a bugfix release, and the first supported release of the 1.1.x series. - -####Bugfixes -- Make the `$order` parameter default to a string and be validated as an integer - or a string -- Use the ruby script on Solaris to not break Sol10 support -- Add quotes to the ruby script location for Windows -- Fix typos in README.md -- Make regex in concat::setup case-insensitive to make it work on Windows -- Make sure concat fragments are always replaced -- Fix validation to allow `$backup` to be a boolean -- Remove dependency on stdlib 4.x -- Fix for lack of idempotency with `ensure => 'absent'` -- Fix tests and spec_helper -- Synchronized files for more consistency across modules via modulesync - -##2014-05-14 - Release 1.1.0 -###Summary - -This release is primarily a bugfix release since 1.1.0-rc1. - -####Features -- Improved testing, with tests moved to beaker - -####Bugfixes -- No longer attempts to set fragment owner and mode on Windows -- Fix numeric sorting -- Fix incorrect quoting -- Fix newlines - -##2014-01-03 - Release 1.1.0-rc1 -###Summary - -This release of concat was 90% written by Joshua Hoblitt, and the module team -would like to thank him for the huge amount of work he put into this release. - -This module deprecates a bunch of old parameters and usage patterns, modernizes -much of the manifest code, simplifies a whole bunch of logic and makes -improvements to almost all parts of the module. - -The other major feature is windows support, courtesy of luisfdez, with an -alternative version of the concat bash script in ruby. We've attempted to -ensure that there are no backwards incompatible changes, all users of 1.0.0 -should be able to use 1.1.0 without any failures, but you may find deprecation -warnings and we'll be aggressively moving for a 2.0 to remove those too. - -For further information on deprecations, please read: -https://github.com/puppetlabs/puppetlabs-concat/blob/master/README.md#api-deprecations - -####Removed -- Puppet 0.24 support. -- Filebucket backup of all file resources except the target concatenated file. -- Default owner/user/group values. -- Purging of long unused /usr/local/bin/concatfragments.sh - -###Features -- Windows support via a ruby version of the concat bash script. -- Huge amount of acceptance testing work added. -- Documentation (README) completely rewritten. -- New parameters in concat: - - `ensure`: Controls if the file should be present/absent at all. - - Remove requirement to include concat::setup in manifests. - - Made `gnu` parameter deprecated. - - Added parameter validation. - -###Bugfixes - - Ensure concat::setup runs before concat::fragment in all cases. - - Pluginsync references updated for modern Puppet. - - Fix incorrect group parameter. - - Use $owner instead of $id to avoid confusion with $::id - - Compatibility fixes for Puppet 2.7/ruby 1.8.7 - - Use LC_ALL=C instead of LANG=C - - Always exec the concatfragments script as root when running as root. - - Syntax and other cleanup changes. - -##2014-06-25 - Supported Release 1.0.4 -###Summary - -This release has test fixes. - -####Features -- Added test support for OSX. - -####Bugfixes - -####Known bugs - -* Not supported on Windows. - -##2014-06-04 - Release 1.0.3 -###Summary - -This release adds compatibility for PE3.3 and fixes tests. - -####Features -- Added test support for Ubuntu Trusty. - -####Bugfixes - -####Known bugs - -*Not supported on Windows. - -##2014-03-04 - Supported Release 1.0.2 -###Summary - -This is a supported release. No functional changes were made from 1.0.1. - -####Features -- Huge amount of tests backported from 1.1. -- Documentation rewrite. - -####Bugfixes - -####Known Bugs - -* Not supported on Windows. - - -##2014-02-12 - 1.0.1 -###Summary - -Minor bugfixes for sorting of fragments and ordering of resources. - -####Bugfixes -- LANG => C replaced with LC_ALL => C to reduce spurious recreation of -fragments. -- Corrected pluginsync documentation. -- Ensure concat::setup always runs before fragments. - - -##2013-08-09 - 1.0.0 -###Summary - -Many new features and bugfixes in this release, and if you're a heavy concat -user you should test carefully before upgrading. The features should all be -backwards compatible but only light testing has been done from our side before -this release. - -####Features -- New parameters in concat: - - `replace`: specify if concat should replace existing files. - - `ensure_newline`: controls if fragments should contain a newline at the end. -- Improved README documentation. -- Add rspec:system tests (rake spec:system to test concat) - -####Bugfixes -- Gracefully handle \n in a fragment resource name. -- Adding more helpful message for 'pluginsync = true' -- Allow passing `source` and `content` directly to file resource, rather than -defining resource defaults. -- Added -r flag to read so that filenames with \ will be read correctly. -- sort always uses LANG=C. -- Allow WARNMSG to contain/start with '#'. -- Replace while-read pattern with for-do in order to support Solaris. - -####CHANGELOG: -- 2010/02/19 - initial release -- 2010/03/12 - add support for 0.24.8 and newer - - make the location of sort configurable - - add the ability to add shell comment based warnings to - top of files - - add the ablity to create empty files -- 2010/04/05 - fix parsing of WARN and change code style to match rest - of the code - - Better and safer boolean handling for warn and force - - Don't use hard coded paths in the shell script, set PATH - top of the script - - Use file{} to copy the result and make all fragments owned - by root. This means we can chnage the ownership/group of the - resulting file at any time. - - You can specify ensure => "/some/other/file" in concat::fragment - to include the contents of a symlink into the final file. -- 2010/04/16 - Add more cleaning of the fragment name - removing / from the $name -- 2010/05/22 - Improve documentation and show the use of ensure => -- 2010/07/14 - Add support for setting the filebucket behavior of files -- 2010/10/04 - Make the warning message configurable -- 2010/12/03 - Add flags to make concat work better on Solaris - thanks Jonathan Boyett -- 2011/02/03 - Make the shell script more portable and add a config option for root group -- 2011/06/21 - Make base dir root readable only for security -- 2011/06/23 - Set base directory using a fact instead of hardcoding it -- 2011/06/23 - Support operating as non privileged user -- 2011/06/23 - Support dash instead of bash or sh -- 2011/07/11 - Better solaris support -- 2011/12/05 - Use fully qualified variables -- 2011/12/13 - Improve Nexenta support -- 2012/04/11 - Do not use any GNU specific extensions in the shell script -- 2012/03/24 - Comply to community style guides -- 2012/05/23 - Better errors when basedir isnt set -- 2012/05/31 - Add spec tests -- 2012/07/11 - Include concat::setup in concat improving UX -- 2012/08/14 - Puppet Lint improvements -- 2012/08/30 - The target path can be different from the $name -- 2012/08/30 - More Puppet Lint cleanup -- 2012/09/04 - RELEASE 0.2.0 -- 2012/12/12 - Added (file) $replace parameter to concat diff --git a/concat/CONTRIBUTING.md b/concat/CONTRIBUTING.md deleted file mode 100644 index f1cbde4bb..000000000 --- a/concat/CONTRIBUTING.md +++ /dev/null @@ -1,220 +0,0 @@ -Checklist (and a short version for the impatient) -================================================= - - * Commits: - - - Make commits of logical units. - - - Check for unnecessary whitespace with "git diff --check" before - committing. - - - Commit using Unix line endings (check the settings around "crlf" in - git-config(1)). - - - Do not check in commented out code or unneeded files. - - - The first line of the commit message should be a short - description (50 characters is the soft limit, excluding ticket - number(s)), and should skip the full stop. - - - Associate the issue in the message. The first line should include - the issue number in the form "(#XXXX) Rest of message". - - - The body should provide a meaningful commit message, which: - - - uses the imperative, present tense: "change", not "changed" or - "changes". - - - includes motivation for the change, and contrasts its - implementation with the previous behavior. - - - Make sure that you have tests for the bug you are fixing, or - feature you are adding. - - - Make sure the test suites passes after your commit: - `bundle exec rspec spec/acceptance` More information on [testing](#Testing) below - - - When introducing a new feature, make sure it is properly - documented in the README.md - - * Submission: - - * Pre-requisites: - - - Make sure you have a [GitHub account](https://github.com/join) - - - [Create a ticket](https://tickets.puppetlabs.com/secure/CreateIssue!default.jspa), or [watch the ticket](https://tickets.puppetlabs.com/browse/) you are patching for. - - * Preferred method: - - - Fork the repository on GitHub. - - - Push your changes to a topic branch in your fork of the - repository. (the format ticket/1234-short_description_of_change is - usually preferred for this project). - - - Submit a pull request to the repository in the puppetlabs - organization. - -The long version -================ - - 1. Make separate commits for logically separate changes. - - Please break your commits down into logically consistent units - which include new or changed tests relevant to the rest of the - change. The goal of doing this is to make the diff easier to - read for whoever is reviewing your code. In general, the easier - your diff is to read, the more likely someone will be happy to - review it and get it into the code base. - - If you are going to refactor a piece of code, please do so as a - separate commit from your feature or bug fix changes. - - We also really appreciate changes that include tests to make - sure the bug is not re-introduced, and that the feature is not - accidentally broken. - - Describe the technical detail of the change(s). If your - description starts to get too long, that is a good sign that you - probably need to split up your commit into more finely grained - pieces. - - Commits which plainly describe the things which help - reviewers check the patch and future developers understand the - code are much more likely to be merged in with a minimum of - bike-shedding or requested changes. Ideally, the commit message - would include information, and be in a form suitable for - inclusion in the release notes for the version of Puppet that - includes them. - - Please also check that you are not introducing any trailing - whitespace or other "whitespace errors". You can do this by - running "git diff --check" on your changes before you commit. - - 2. Sending your patches - - To submit your changes via a GitHub pull request, we _highly_ - recommend that you have them on a topic branch, instead of - directly on "master". - It makes things much easier to keep track of, especially if - you decide to work on another thing before your first change - is merged in. - - GitHub has some pretty good - [general documentation](http://help.github.com/) on using - their site. They also have documentation on - [creating pull requests](http://help.github.com/send-pull-requests/). - - In general, after pushing your topic branch up to your - repository on GitHub, you can switch to the branch in the - GitHub UI and click "Pull Request" towards the top of the page - in order to open a pull request. - - - 3. Update the related GitHub issue. - - If there is a GitHub issue associated with the change you - submitted, then you should update the ticket to include the - location of your branch, along with any other commentary you - may wish to make. - -Testing -======= - -Getting Started ---------------- - -Our puppet modules provide [`Gemfile`](./Gemfile)s which can tell a ruby -package manager such as [bundler](http://bundler.io/) what Ruby packages, -or Gems, are required to build, develop, and test this software. - -Please make sure you have [bundler installed](http://bundler.io/#getting-started) -on your system, then use it to install all dependencies needed for this project, -by running - -```shell -% bundle install -Fetching gem metadata from https://rubygems.org/........ -Fetching gem metadata from https://rubygems.org/.. -Using rake (10.1.0) -Using builder (3.2.2) --- 8><-- many more --><8 -- -Using rspec-system-puppet (2.2.0) -Using serverspec (0.6.3) -Using rspec-system-serverspec (1.0.0) -Using bundler (1.3.5) -Your bundle is complete! -Use `bundle show [gemname]` to see where a bundled gem is installed. -``` - -NOTE some systems may require you to run this command with sudo. - -If you already have those gems installed, make sure they are up-to-date: - -```shell -% bundle update -``` - -With all dependencies in place and up-to-date we can now run the tests: - -```shell -% rake spec -``` - -This will execute all the [rspec tests](http://rspec-puppet.com/) tests -under [spec/defines](./spec/defines), [spec/classes](./spec/classes), -and so on. rspec tests may have the same kind of dependencies as the -module they are testing. While the module defines in its [Modulefile](./Modulefile), -rspec tests define them in [.fixtures.yml](./fixtures.yml). - -Some puppet modules also come with [beaker](https://github.com/puppetlabs/beaker) -tests. These tests spin up a virtual machine under -[VirtualBox](https://www.virtualbox.org/)) with, controlling it with -[Vagrant](http://www.vagrantup.com/) to actually simulate scripted test -scenarios. In order to run these, you will need both of those tools -installed on your system. - -You can run them by issuing the following command - -```shell -% rake spec_clean -% rspec spec/acceptance -``` - -This will now download a pre-fabricated image configured in the [default node-set](./spec/acceptance/nodesets/default.yml), -install puppet, copy this module and install its dependencies per [spec/spec_helper_acceptance.rb](./spec/spec_helper_acceptance.rb) -and then run all the tests under [spec/acceptance](./spec/acceptance). - -Writing Tests -------------- - -XXX getting started writing tests. - -If you have commit access to the repository -=========================================== - -Even if you have commit access to the repository, you will still need to -go through the process above, and have someone else review and merge -in your changes. The rule is that all changes must be reviewed by a -developer on the project (that did not write the code) to ensure that -all changes go through a code review process. - -Having someone other than the author of the topic branch recorded as -performing the merge is the record that they performed the code -review. - - -Additional Resources -==================== - -* [Getting additional help](http://puppetlabs.com/community/get-help) - -* [Writing tests](http://projects.puppetlabs.com/projects/puppet/wiki/Development_Writing_Tests) - -* [Patchwork](https://patchwork.puppetlabs.com) - -* [General GitHub documentation](http://help.github.com/) - -* [GitHub pull request documentation](http://help.github.com/send-pull-requests/) - diff --git a/concat/Gemfile b/concat/Gemfile deleted file mode 100644 index bfe64b186..000000000 --- a/concat/Gemfile +++ /dev/null @@ -1,48 +0,0 @@ -source ENV['GEM_SOURCE'] || "https://rubygems.org" - -def location_for(place, fake_version = nil) - if place =~ /^(git:[^#]*)#(.*)/ - [fake_version, { :git => $1, :branch => $2, :require => false }].compact - elsif place =~ /^file:\/\/(.*)/ - ['>= 0', { :path => File.expand_path($1), :require => false }] - else - [place, { :require => false }] - end -end - -group :development, :unit_tests do - gem 'rspec-core', '3.1.7', :require => false - gem 'puppetlabs_spec_helper', :require => false - gem 'simplecov', :require => false - gem 'puppet_facts', :require => false - gem 'json', :require => false -end - -group :system_tests do - if beaker_version = ENV['BEAKER_VERSION'] - gem 'beaker', *location_for(beaker_version) - end - if beaker_rspec_version = ENV['BEAKER_RSPEC_VERSION'] - gem 'beaker-rspec', *location_for(beaker_rspec_version) - else - gem 'beaker-rspec', :require => false - end - gem 'serverspec', :require => false - gem 'beaker-puppet_install_helper', :require => false -end - - - -if facterversion = ENV['FACTER_GEM_VERSION'] - gem 'facter', facterversion, :require => false -else - gem 'facter', :require => false -end - -if puppetversion = ENV['PUPPET_GEM_VERSION'] - gem 'puppet', puppetversion, :require => false -else - gem 'puppet', :require => false -end - -# vim:ft=ruby diff --git a/concat/LICENSE b/concat/LICENSE deleted file mode 100644 index 6a9e9a194..000000000 --- a/concat/LICENSE +++ /dev/null @@ -1,14 +0,0 @@ - Copyright 2012 R.I.Pienaar - - Licensed under the Apache License, Version 2.0 (the "License"); - you may not use this file except in compliance with the License. - You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - - Unless required by applicable law or agreed to in writing, software - distributed under the License is distributed on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - See the License for the specific language governing permissions and - limitations under the License. - diff --git a/concat/README.md b/concat/README.md deleted file mode 100644 index e765cb1c9..000000000 --- a/concat/README.md +++ /dev/null @@ -1,317 +0,0 @@ -#concat - -####Table of Contents - -1. [Overview](#overview) -2. [Module Description - What the module does and why it is useful](#module-description) -3. [Setup - The basics of getting started with concat](#setup) - * [What concat affects](#what-concat-affects) - * [Beginning with concat](#beginning-with-concat) -4. [Usage - Configuration options and additional functionality](#usage) -5. [Reference - An under-the-hood peek at what the module is doing and how](#reference) - * [Public Defines](#public-defines) - * [Parameters](#parameters) - * [Deprecations](#deprecations) -6. [Limitations - OS compatibility, etc.](#limitations) -7. [Development - Guide for contributing to the module](#development) - -##Overview - -The concat module lets you construct files from multiple ordered fragments of text. - -##Module Description - -The concat module lets you gather `concat::fragment` resources from your other modules and order them through a single `concat` resource into a coherent file. It does this through a Ruby script and a temporary holding space for the fragments. - -##Setup - -###What concat affects - -* Installs `concatfragments.rb`. -* Adds a `concat/` directory into Puppet's `vardir`. - -###Beginning with concat - -To start using concat you need to create: - -* A concat{} resource for the final file. -* One or more concat::fragment{}s. - -A minimal example might be: - -~~~ -concat { '/tmp/file': - ensure => present, -} - -concat::fragment { 'tmpfile': - target => '/tmp/file', - content => 'test contents', - order => '01' -} -~~~ - -##Usage - -###Maintain a list of the major modules on a node - -To maintain an motd file that lists the modules on one of your nodes, first create a class to frame up the file: - -~~~ -class motd { - $motd = '/etc/motd' - - concat { $motd: - owner => 'root', - group => 'root', - mode => '0644' - } - - concat::fragment{ 'motd_header': - target => $motd, - content => "\nPuppet modules on this server:\n\n", - order => '01' - } - - # let local users add to the motd by creating a file called - # /etc/motd.local - concat::fragment{ 'motd_local': - target => $motd, - source => '/etc/motd.local', - order => '15' - } -} - -# let other modules register themselves in the motd -define motd::register($content="", $order='10') { - if $content == "" { - $body = $name - } else { - $body = $content - } - - concat::fragment{ "motd_fragment_$name": - target => '/etc/motd', - order => $order, - content => " -- $body\n" - } -} -~~~ - -Then, in the declarations for each module on the node, add `motd::register{ 'Apache': }` to register the module in the motd. - -~~~ -class apache { - include apache::install, apache::config, apache::service - - motd::register{ 'Apache': } -} -~~~ - -These two steps populate the /etc/motd file with a list of the installed and registered modules, which stays updated even if you just remove the registered modules' `include` lines. System administrators can append text to the list by writing to /etc/motd.local. - -When you're finished, the motd file will look something like this: - -~~~ - Puppet modules on this server: - - -- Apache - -- MySQL - - -~~~ - -##Reference - -**Note**: Several of this module's parameters and features have been deprecated. See the [Deprecations](#deprecations) section below. - -###Public defines -* `concat`: Manages a file, compiled from one or more text fragments. -* `concat::fragment`: Manages a fragment of text to be compiled into a file. - -###Parameters - -####`concat` - -All the parameters listed below are optional. - -#####`backup` - -Specifies whether (and how) to back up the destination file before overwriting it. Your value gets passed on to Puppet's [native `file` resource](https://docs.puppetlabs.com/references/latest/type.html#file-attribute-backup) for execution. Valid options: 'true', 'false', or a string representing either a target filebucket or a filename extension beginning with ".". Default value: 'puppet'. - -#####`backup_fragments` - -Specifies whether to backup concat fragments using the backup setting of the target concat file. Valid options: 'true' and 'false'. Default value: 'false'. - -#####`ensure` - -Specifies whether the destination file should exist. Setting to 'absent' tells Puppet to delete the destination file if it exists, and negates the effect of any other parameters. Valid options: 'present' and 'absent'. Default value: 'present'. - - -#####`ensure_newline` - -Specifies whether to ensure there's a new line at the end of each fragment. Valid options: 'true' and 'false'. Default value: 'false'. - -#####`force` - -In case no fragments have been added, this parameter specifies whether to go ahead and create a potentially empty file. Valid options: 'true' and 'false'. Default value: 'false'. - -#####`group` - -Specifies a permissions group for the destination file. Valid options: a string containing a group name. Default value: undefined. - -#####`mode` - -Specifies the permissions mode of the destination file. Valid options: a string containing a permission mode value in octal notation. Default value: '0644'. - -#####`order` - -Specifies a method for sorting your fragments by name within the destination file. Valid options: 'alpha' (e.g., '1, 10, 2') or 'numeric' (e.g., '1, 2, 10'). Default value: 'alpha'. - -You can override this setting for individual fragments by adjusting the `order` parameter in their `concat::fragment` declarations. - -#####`owner` - - -Specifies the owner of the destination file. Valid options: a string containing a username. Default value: undefined. - -#####`path` - - -Specifies a destination file for the combined fragments. Valid options: a string containing an absolute path. Default value: the title of your declared resource. - -#####`replace` - -Specifies whether to overwrite the destination file if it already exists. Valid options: 'true' and 'false'. Default value: 'true'. - -#####`validate_cmd` - -Specifies a validation command to apply to the destination file. Requires Puppet version 3.5 or newer. Valid options: a string to be passed to a file resource. Default value: undefined. - -#####`warn` - -Specifies whether to add a warning message at the top of the destination file so users know it was autogenerated by Puppet. Valid options: 'true', 'false', or a string to be delivered as a warning message. Default value: 'false'. - - -If you set this parameter to 'true', Puppet adds the following message: - -~~~ -# This file is managed by Puppet. DO NOT EDIT. -~~~ - -#####`selinux_ignore_defaults` - -See the `file` type's -[`selinux_ignore_defaults`](https://docs.puppetlabs.com/references/latest/type.html#file-attribute-selinux_ignore_defaults) -documentention. - -#####`selrange` - -See the `file` type's -[`selrange`](https://docs.puppetlabs.com/references/latest/type.html#file-attribute-selrange) -documentention. - -#####`selrole` - -See the `file` type's -[`selrole`](https://docs.puppetlabs.com/references/latest/type.html#file-attribute-selrole) -documentention. - -#####`seltype` - -See the `file` type's -[`seltype`](https://docs.puppetlabs.com/references/latest/type.html#file-attribute-seltype) -documentention. - -#####`seluser` - -See the `file` type's -[`seluser`](https://docs.puppetlabs.com/references/latest/type.html#file-attribute-seluser) -documentention. - -####`concat::fragment` - - -Except where noted, all the below parameters are optional. - -#####`content` - -Supplies the content of the fragment. **Note**: You must supply either a `content` parameter or a `source` parameter. Valid options: a string. Default value: undef. - -#####`ensure` - -Specifies whether the fragment should be included in the destination file or discarded. Valid options: 'present' and 'absent'. Default value: 'present'. - -#####`order` - -Reorders your fragments within the destination file. Fragments that share the same order number are ordered by name. Valid options: a string (recommended) or an integer. Default value: '10'. - -#####`source` - -Specifies a file to read into the content of the fragment. **Note**: You must supply either a `content` parameter or a `source` parameter. Valid options: a string or an array, containing one or more Puppet URLs. Default value: undefined. - -#####`target` - -*Required.* Specifies the destination file of the fragment. Valid options: a string containing the title of the parent `concat` resource. - -###Deprecations - -**`concat` has the following deprecations** - -#####`gnu` - -Generates a catalog compile time warning and has no effect. This parameter was silently ignored in version `1.0.0` and will be removed in a future release. - -#####stringified 'true'/'false' values deprecated in `warn` - -Passing stringified boolean values (strings of 'true' and 'false') to the `warn` parameter of `concat` is deprecated. Generates a catalog compile time warning, and will be silently treated as the concatenated file header/warning message in a future release. - -Please migrate to using the Puppet DSL's native [Boolean data -type](http://docs.puppetlabs.com/puppet/3/reference/lang_datatypes.html#booleans). - - -**`concat::fragment` has the following deprecations** - -#####`backup` - -Generates a catalog compile time warning and has no effect. In the `1.0.0` release this parameter controlled file bucketing of the file fragment. Bucketing the fragment(s) is redundant with bucketing the final concatenated file and this feature has been removed. - - -#####`group` - -Generates a catalog compile time warning and has no effect. Had no user-visible effect in version `1.0.0` and will be removed in a future release. - -#####`mode` - -Generates a catalog compile time warning and has no effect. Had no user-visible effect in version `1.0.0` and will be removed in a future release. - - -#####`owner` - -Generates a catalog compile time warning and has no effect. Had no user-visible effect in version `1.0.0` and will be removed in a future release. - -#####file paths are deprecated in `ensure` - -Passing a value other than 'present' or 'absent' in the `ensure` parameter of `concat::fragment` is **deprecated**, and generates a catalog compile time warning. The warning will become a catalog compilation failure in a future release. - -If you want to use the content of a file as a fragment please use the [`source`](#source) parameter. - -####`concat::setup` - -The `concat::setup` class should no longer be directly included in the manifest. It will be removed in a future release. - -##Limitations - -This module has been tested on [all PE-supported platforms](https://forge.puppetlabs.com/supported#compat-matrix), and no issues have been identified. - -##Development - -Puppet Labs modules on the Puppet Forge are open projects, and community contributions are essential for keeping them great. We can't access the huge number of platforms and myriad of hardware, software, and deployment configurations that Puppet is intended to serve. - -We want to keep it as easy as possible to contribute changes so that our modules work in your environment. There are a few guidelines that we need contributors to follow so that we can have a chance of keeping on top of things. - -For more information, see our [module contribution guide.](https://docs.puppetlabs.com/forge/contributing.html) - -###Contributors - -To see who's already involved, see the [list of contributors.](https://github.com/puppetlabs/puppetlabs-concat/graphs/contributors) diff --git a/concat/Rakefile b/concat/Rakefile deleted file mode 100644 index 181157e6e..000000000 --- a/concat/Rakefile +++ /dev/null @@ -1,10 +0,0 @@ -require 'puppetlabs_spec_helper/rake_tasks' -require 'puppet-lint/tasks/puppet-lint' - -PuppetLint.configuration.fail_on_warnings = true -PuppetLint.configuration.send('relative') -PuppetLint.configuration.send('disable_80chars') -PuppetLint.configuration.send('disable_class_inherits_from_params_class') -PuppetLint.configuration.send('disable_documentation') -PuppetLint.configuration.send('disable_single_quote_string_with_variables') -PuppetLint.configuration.ignore_paths = ["spec/**/*.pp", "pkg/**/*.pp"] diff --git a/concat/files/concatfragments.rb b/concat/files/concatfragments.rb deleted file mode 100644 index b16f3e13c..000000000 --- a/concat/files/concatfragments.rb +++ /dev/null @@ -1,153 +0,0 @@ -#!/usr/bin/env ruby -# Script to concat files to a config file. -# -# Given a directory like this: -# /path/to/conf.d -# |-- fragments -# | |-- 00_named.conf -# | |-- 10_domain.net -# | `-- zz_footer -# -# The script supports a test option that will build the concat file to a temp location and -# use /usr/bin/cmp to verify if it should be run or not. This would result in the concat happening -# twice on each run but gives you the option to have an unless option in your execs to inhibit rebuilds. -# -# Without the test option and the unless combo your services that depend on the final file would end up -# restarting on each run, or in other manifest models some changes might get missed. -# -# OPTIONS: -# -o The file to create from the sources -# -d The directory where the fragments are kept -# -t Test to find out if a build is needed, basically concats the files to a temp -# location and compare with what's in the final location, return codes are designed -# for use with unless on an exec resource -# -w Add a shell style comment at the top of the created file to warn users that it -# is generated by puppet -# -f Enables the creation of empty output files when no fragments are found -# -n Sort the output numerically rather than the default alpha sort -# -# the command: -# -# concatfragments.rb -o /path/to/conffile.cfg -d /path/to/conf.d -# -# creates /path/to/conf.d/fragments.concat and copies the resulting -# file to /path/to/conffile.cfg. The files will be sorted alphabetically -# pass the -n switch to sort numerically. -# -# The script does error checking on the various dirs and files to make -# sure things don't fail. -require 'optparse' -require 'fileutils' - -settings = { - :outfile => "", - :workdir => "", - :test => false, - :force => false, - :warn => "", - :sortarg => "", - :newline => false -} - -OptionParser.new do |opts| - opts.banner = "Usage: #{$0} [options]" - opts.separator "Specific options:" - - opts.on("-o", "--outfile OUTFILE", String, "The file to create from the sources") do |o| - settings[:outfile] = o - end - - opts.on("-d", "--workdir WORKDIR", String, "The directory where the fragments are kept") do |d| - settings[:workdir] = d - end - - opts.on("-t", "--test", "Test to find out if a build is needed") do - settings[:test] = true - end - - opts.separator "Other options:" - opts.on("-w", "--warn WARNMSG", String, - "Add a shell style comment at the top of the created file to warn users that it is generated by puppet") do |w| - settings[:warn] = w - end - - opts.on("-f", "--force", "Enables the creation of empty output files when no fragments are found") do - settings[:force] = true - end - - opts.on("-n", "--sort", "Sort the output numerically rather than the default alpha sort") do - settings[:sortarg] = "-n" - end - - opts.on("-l", "--line", "Append a newline") do - settings[:newline] = true - end -end.parse! - -# do we have -o? -raise 'Please specify an output file with -o' unless !settings[:outfile].empty? - -# do we have -d? -raise 'Please specify fragments directory with -d' unless !settings[:workdir].empty? - -# can we write to -o? -if File.file?(settings[:outfile]) - if !File.writable?(settings[:outfile]) - raise "Cannot write to #{settings[:outfile]}" - end -else - if !File.writable?(File.dirname(settings[:outfile])) - raise "Cannot write to dirname #{File.dirname(settings[:outfile])} to create #{settings[:outfile]}" - end -end - -# do we have a fragments subdir inside the work dir? -if !File.directory?(File.join(settings[:workdir], "fragments")) && !File.executable?(File.join(settings[:workdir], "fragments")) - raise "Cannot access the fragments directory" -end - -# are there actually any fragments? -if (Dir.entries(File.join(settings[:workdir], "fragments")) - %w{ . .. }).empty? - if !settings[:force] - raise "The fragments directory is empty, cowardly refusing to make empty config files" - end -end - -Dir.chdir(settings[:workdir]) - -if settings[:warn].empty? - File.open("fragments.concat", 'w') { |f| f.write("") } -else - File.open("fragments.concat", 'w') { |f| f.write("#{settings[:warn]}\n") } -end - -# find all the files in the fragments directory, sort them numerically and concat to fragments.concat in the working dir -open('fragments.concat', 'a') do |f| - fragments = Dir.entries("fragments").sort - if settings[:sortarg] == '-n' - fragments = fragments.sort_by { |v| v.split('_').map(&:to_i) } - end - fragments.each { |entry| - if File.file?(File.join("fragments", entry)) - f << File.read(File.join("fragments", entry)) - - # append a newline if we were asked to (invoked with -l) - if settings[:newline] - f << "\n" - end - - end - } -end - -if !settings[:test] - # This is a real run, copy the file to outfile - FileUtils.cp 'fragments.concat', settings[:outfile] -else - # Just compare the result to outfile to help the exec decide - if FileUtils.cmp 'fragments.concat', settings[:outfile] - exit 0 - else - exit 1 - end -end diff --git a/concat/lib/facter/concat_basedir.rb b/concat/lib/facter/concat_basedir.rb deleted file mode 100644 index bfac07102..000000000 --- a/concat/lib/facter/concat_basedir.rb +++ /dev/null @@ -1,11 +0,0 @@ -# == Fact: concat_basedir -# -# A custom fact that sets the default location for fragments -# -# "${::vardir}/concat/" -# -Facter.add("concat_basedir") do - setcode do - File.join(Puppet[:vardir],"concat") - end -end diff --git a/concat/lib/puppet/parser/functions/concat_getparam.rb b/concat/lib/puppet/parser/functions/concat_getparam.rb deleted file mode 100644 index 1757bdc54..000000000 --- a/concat/lib/puppet/parser/functions/concat_getparam.rb +++ /dev/null @@ -1,35 +0,0 @@ -# Test whether a given class or definition is defined -require 'puppet/parser/functions' - -Puppet::Parser::Functions.newfunction(:concat_getparam, - :type => :rvalue, - :doc => <<-'ENDOFDOC' -Takes a resource reference and name of the parameter and -returns value of resource's parameter. - -*Examples:* - - define example_resource($param) { - } - - example_resource { "example_resource_instance": - param => "param_value" - } - - concat_getparam(Example_resource["example_resource_instance"], "param") - -Would return: param_value -ENDOFDOC -) do |vals| - reference, param = vals - raise(ArgumentError, 'Must specify a reference') unless reference - raise(ArgumentError, 'Must specify name of a parameter') unless param and param.instance_of? String - - return '' if param.empty? - - if resource = findresource(reference.to_s) - return resource[param] if resource[param] - end - - return '' -end diff --git a/concat/lib/puppet/parser/functions/concat_is_bool.rb b/concat/lib/puppet/parser/functions/concat_is_bool.rb deleted file mode 100644 index c2c2a9f2e..000000000 --- a/concat/lib/puppet/parser/functions/concat_is_bool.rb +++ /dev/null @@ -1,22 +0,0 @@ -# -# concat_is_bool.rb -# - -module Puppet::Parser::Functions - newfunction(:concat_is_bool, :type => :rvalue, :doc => <<-EOS -Returns true if the variable passed to this function is a boolean. - EOS - ) do |arguments| - - raise(Puppet::ParseError, "concat_is_bool(): Wrong number of arguments " + - "given (#{arguments.size} for 1)") if arguments.size != 1 - - type = arguments[0] - - result = type.is_a?(TrueClass) || type.is_a?(FalseClass) - - return result - end -end - -# vim: set ts=2 sw=2 et : diff --git a/concat/manifests/fragment.pp b/concat/manifests/fragment.pp deleted file mode 100644 index 1e8a5d423..000000000 --- a/concat/manifests/fragment.pp +++ /dev/null @@ -1,136 +0,0 @@ -# == Define: concat::fragment -# -# Puts a file fragment into a directory previous setup using concat -# -# === Options: -# -# [*target*] -# The file that these fragments belong to -# [*content*] -# If present puts the content into the file -# [*source*] -# If content was not specified, use the source -# [*order*] -# By default all files gets a 10_ prefix in the directory you can set it to -# anything else using this to influence the order of the content in the file -# [*ensure*] -# Present/Absent or destination to a file to include another file -# [*mode*] -# Deprecated -# [*owner*] -# Deprecated -# [*group*] -# Deprecated -# [*backup*] -# Deprecated -# -define concat::fragment( - $target, - $content = undef, - $source = undef, - $order = '10', - $ensure = undef, - $mode = undef, - $owner = undef, - $group = undef, - $backup = undef -) { - validate_string($target) - validate_string($content) - if !(is_string($source) or is_array($source)) { - fail('$source is not a string or an Array.') - } - if !(is_string($order) or is_integer($order)) { - fail('$order is not a string or integer.') - } elsif (is_string($order) and $order =~ /[:\n\/]/) { - fail("Order cannot contain '/', ':', or '\n'.") - } - if $mode { - warning('The $mode parameter to concat::fragment is deprecated and has no effect') - } - if $owner { - warning('The $owner parameter to concat::fragment is deprecated and has no effect') - } - if $group { - warning('The $group parameter to concat::fragment is deprecated and has no effect') - } - if $backup { - warning('The $backup parameter to concat::fragment is deprecated and has no effect') - } - - # Checks the target concat resources for whether fragments should be backed up or not - # otherwise defaults to false. - $enable_backup = concat_getparam(Concat[$target], 'backup_fragments') - $target_backup = concat_getparam(Concat[$target], 'backup') - $_backup = $enable_backup ? { - true => $target_backup, - default => false - } - - if $ensure == undef { - $my_ensure = concat_getparam(Concat[$target], 'ensure') - } else { - if ! ($ensure in [ 'present', 'absent' ]) { - warning('Passing a value other than \'present\' or \'absent\' as the $ensure parameter to concat::fragment is deprecated. If you want to use the content of a file as a fragment please use the $source parameter.') - } - $my_ensure = $ensure - } - - include concat::setup - - $safe_name = regsubst($name, '[/:\n]', '_', 'GM') - $safe_target_name = regsubst($target, '[/:\n]', '_', 'GM') - $concatdir = $concat::setup::concatdir - $fragdir = "${concatdir}/${safe_target_name}" - $fragowner = $concat::setup::fragment_owner - $fraggroup = $concat::setup::fragment_group - $fragmode = $concat::setup::fragment_mode - - # The file type's semantics are problematic in that ensure => present will - # not over write a pre-existing symlink. We are attempting to provide - # backwards compatiblity with previous concat::fragment versions that - # supported the file type's ensure => /target syntax - - # be paranoid and only allow the fragment's file resource's ensure param to - # be file, absent, or a file target - $safe_ensure = $my_ensure ? { - '' => 'file', - undef => 'file', - 'file' => 'file', - 'present' => 'file', - 'absent' => 'absent', - default => $my_ensure, - } - - # if it looks line ensure => /target syntax was used, fish that out - if ! ($my_ensure in ['', 'present', 'absent', 'file' ]) { - $ensure_target = $my_ensure - } else { - $ensure_target = undef - } - - # the file type's semantics only allows one of: ensure => /target, content, - # or source - if ($ensure_target and $source) or - ($ensure_target and $content) or - ($source and $content) { - fail('You cannot specify more than one of $content, $source, $ensure => /target') - } - - if ! ($content or $source or $ensure_target) { - crit('No content, source or symlink specified') - } - - file { "${fragdir}/fragments/${order}_${safe_name}": - ensure => $safe_ensure, - owner => $fragowner, - group => $fraggroup, - mode => $fragmode, - source => $source, - content => $content, - backup => $_backup, - replace => true, - alias => "concat_fragment_${name}", - notify => Exec["concat_${target}"] - } -} diff --git a/concat/manifests/init.pp b/concat/manifests/init.pp deleted file mode 100644 index 48c21a36e..000000000 --- a/concat/manifests/init.pp +++ /dev/null @@ -1,305 +0,0 @@ -# == Define: concat -# -# Sets up so that you can use fragments to build a final config file, -# -# === Options: -# -# [*ensure*] -# Present/Absent -# [*path*] -# The path to the final file. Use this in case you want to differentiate -# between the name of a resource and the file path. Note: Use the name you -# provided in the target of your fragments. -# [*owner*] -# Who will own the file -# [*group*] -# Who will own the file -# [*mode*] -# The mode of the final file -# [*force*] -# Enables creating empty files if no fragments are present -# [*warn*] -# Adds a normal shell style comment top of the file indicating that it is -# built by puppet -# [*force*] -# [*backup*] -# Controls the filebucketing behavior of the final file and see File type -# reference for its use. Defaults to 'puppet' -# [*backup_fragments*] -# Enables backup of fragments using the backup setting of the target -# concat file. Defaults to 'false' -# [*replace*] -# Whether to replace a file that already exists on the local system -# [*order*] -# [*ensure_newline*] -# [*gnu*] -# Deprecated -# [*selinux_ignore_defaults*] -# [*selrange*] -# [*selrole*] -# [*seltype*] -# -# === Actions: -# * Creates fragment directories if it didn't exist already -# * Executes the concatfragments.rb script to build the final file, this -# script will create directory/fragments.concat. Execution happens only -# when: -# * The directory changes -# * fragments.concat != final destination, this means rebuilds will happen -# whenever someone changes or deletes the final file. Checking is done -# using /usr/bin/cmp. -# * The Exec gets notified by something else - like the concat::fragment -# define -# * Copies the file over to the final destination using a file resource -# -# === Aliases: -# -# * The exec can notified using Exec["concat_/path/to/file"] or -# Exec["concat_/path/to/directory"] -# * The final file can be referenced as File["/path/to/file"] or -# File["concat_/path/to/file"] -# -define concat( - $ensure = 'present', - $path = $name, - $owner = undef, - $group = undef, - $mode = '0644', - $warn = false, - $force = false, - $backup = 'puppet', - $backup_fragments = false, - $replace = true, - $order = 'alpha', - $ensure_newline = false, - $validate_cmd = undef, - $gnu = undef, - $selinux_ignore_defaults = undef, - $selrange = undef, - $selrole = undef, - $seltype = undef, - $seluser = undef -) { - validate_re($ensure, '^present$|^absent$') - validate_absolute_path($path) - validate_string($mode) - if ! (is_string($owner) or is_integer($owner)) { - fail("\$owner must be a string or integer, got ${owner}") - } - if ! (is_string($group) or is_integer($group)) { - fail("\$group must be a string or integer, got ${group}") - } - if ! (is_string($warn) or $warn == true or $warn == false) { - fail('$warn is not a string or boolean') - } - validate_bool($force) - if ! concat_is_bool($backup) and ! is_string($backup) { - fail('$backup must be string or bool!') - } - validate_bool($backup_fragments) - validate_bool($replace) - validate_re($order, '^alpha$|^numeric$') - validate_bool($ensure_newline) - if $validate_cmd and ! is_string($validate_cmd) { - fail('$validate_cmd must be a string') - } - if $gnu { - warning('The $gnu parameter to concat is deprecated and has no effect') - } - if $selinux_ignore_defaults { - validate_bool($selinux_ignore_defaults) - } - validate_string($selrange) - validate_string($selrole) - validate_string($seltype) - validate_string($seluser) - - include concat::setup - - $safe_name = regsubst($name, '[/:]', '_', 'G') - $concatdir = $concat::setup::concatdir - $fragdir = "${concatdir}/${safe_name}" - $concat_name = 'fragments.concat.out' - $script_command = $concat::setup::script_command - $default_warn_message = '# This file is managed by Puppet. DO NOT EDIT.' - $bool_warn_message = 'Using stringified boolean values (\'true\', \'yes\', \'on\', \'false\', \'no\', \'off\') to represent boolean true/false as the $warn parameter to concat is deprecated and will be treated as the warning message in a future release' - - # lint:ignore:quoted_booleans - case $warn { - true: { - $warn_message = $default_warn_message - } - # lint:ignore:quoted_booleans - 'true', 'yes', 'on': { - # lint:endignore - warning($bool_warn_message) - $warn_message = $default_warn_message - } - false: { - $warn_message = '' - } - # lint:ignore:quoted_booleans - 'false', 'no', 'off': { - # lint:endignore - warning($bool_warn_message) - $warn_message = '' - } - default: { - $warn_message = $warn - } - } - # lint:endignore - - $warnmsg_escaped = regsubst($warn_message, '\'', '\'\\\'\'', 'G') - $warnflag = $warnmsg_escaped ? { - '' => '', - default => "-w '${warnmsg_escaped}'" - } - - $forceflag = $force ? { - true => '-f', - false => '', - } - - $orderflag = $order ? { - 'numeric' => '-n', - 'alpha' => '', - } - - $newlineflag = $ensure_newline ? { - true => '-l', - false => '', - } - - if $ensure == 'present' { - file { $fragdir: - ensure => directory, - mode => '0750', - backup => false, - } - - file { "${fragdir}/fragments": - ensure => directory, - mode => '0750', - force => true, - ignore => ['.svn', '.git', '.gitignore'], - notify => Exec["concat_${name}"], - backup => false, - purge => true, - recurse => true, - } - - file { "${fragdir}/fragments.concat": - ensure => present, - mode => '0640', - backup => false, - } - - file { "${fragdir}/${concat_name}": - ensure => present, - mode => '0640', - backup => false, - } - - file { $name: - ensure => present, - owner => $owner, - group => $group, - mode => $mode, - selinux_ignore_defaults => $selinux_ignore_defaults, - selrange => $selrange, - selrole => $selrole, - seltype => $seltype, - seluser => $seluser, - replace => $replace, - path => $path, - alias => "concat_${name}", - source => "${fragdir}/${concat_name}", - backup => $backup, - } - - # Only newer versions of puppet 3.x support the validate_cmd parameter - if $validate_cmd { - File[$name] { - validate_cmd => $validate_cmd, - } - } - - # remove extra whitespace from string interpolation to make testing easier - $command = strip(regsubst("${script_command} -o \"${fragdir}/${concat_name}\" -d \"${fragdir}\" ${warnflag} ${forceflag} ${orderflag} ${newlineflag}", '\s+', ' ', 'G')) - - # make sure ruby is in the path for PE - if defined('$is_pe') and str2bool("${::is_pe}") { # lint:ignore:only_variable_string - if $::kernel == 'windows' { - $command_path = "${::env_windows_installdir}/bin:${::path}" - } else { - $command_path = "/opt/puppetlabs/puppet/bin:/opt/puppet/bin:${::path}" - } - } elsif $::kernel == 'windows' { - $command_path = $::path - } else { - $command_path = "/opt/puppetlabs/puppet/bin:${::path}" - } - - # if puppet is running as root, this exec should also run as root to allow - # the concatfragments.rb script to potentially be installed in path that - # may not be accessible by a target non-root owner. - exec { "concat_${name}": - alias => "concat_${fragdir}", - command => $command, - notify => File[$name], - subscribe => File[$fragdir], - unless => "${command} -t", - path => $command_path, - user => undef, - group => undef, - require => [ - File[$fragdir], - File["${fragdir}/fragments"], - File["${fragdir}/fragments.concat"], - ], - } - } else { - file { [ - $fragdir, - "${fragdir}/fragments", - "${fragdir}/fragments.concat", - "${fragdir}/${concat_name}" - ]: - ensure => absent, - force => true, - backup => false, - } - - file { $path: - ensure => absent, - backup => $backup, - } - - # lint:ignore:quoted_booleans - $absent_exec_command = $::kernel ? { - 'windows' => 'cmd.exe /c exit 0', - # lint:ignore:quoted_booleans - default => 'true', - # lint:endignore - } - # lint:endignore - - $absent_exec_path = $::kernel ? { - 'windows' => $::path, - default => '/bin:/usr/bin', - } - - # Need to have an unless here for idempotency. - exec { "concat_${name}": - alias => "concat_${fragdir}", - command => $absent_exec_command, - unless => $absent_exec_command, - path => $absent_exec_path, - user => undef, - group => undef, - } - } -} - -# vim:sw=2:ts=2:expandtab:textwidth=79 diff --git a/concat/manifests/setup.pp b/concat/manifests/setup.pp deleted file mode 100644 index f186ef379..000000000 --- a/concat/manifests/setup.pp +++ /dev/null @@ -1,70 +0,0 @@ -# === Class: concat::setup -# -# Sets up the concat system. This is a private class. -# -# [$concatdir] -# is where the fragments live and is set on the fact concat_basedir. -# Since puppet should always manage files in $concatdir and they should -# not be deleted ever, /tmp is not an option. -# -# It also copies out the concatfragments.{sh,rb} file to ${concatdir}/bin -# -class concat::setup { - if $caller_module_name != $module_name { - warning("${name} is deprecated as a public API of the ${module_name} module and should no longer be directly included in the manifest.") - } - - if $::concat_basedir { - $concatdir = $::concat_basedir - } else { - fail ('$concat_basedir not defined. Try running again with pluginsync=true on the [master] and/or [main] section of your node\'s \'/etc/puppet/puppet.conf\'.') - } - - # owner,group and mode of fragment files (on windows owner and access rights should - # be inherited from concatdir and not explicitly set to avoid problems) - $fragment_owner = $::osfamily ? { 'windows' => undef, default => $::id } - $fragment_mode = $::osfamily ? { 'windows' => undef, default => '0640' } - # test on gid fact availability to support older facter versions - if defined('$gid') and $::gid and $::osfamily != 'Windows' { - $fragment_group = $::gid - } else { - $fragment_group = undef - } - - $script_name = 'concatfragments.rb' - - $script_path = "${concatdir}/bin/${script_name}" - - $default_owner = $::osfamily ? { 'windows' => undef, default => $::id } - - $default_group = $default_owner ? { 'root' => '0', default => undef } - - $script_mode = $::osfamily ? { 'windows' => undef, default => '0755' } - - $script_command = $::osfamily? { - 'windows' => "ruby.exe '${script_path}'", - 'openbsd' => $::kernelversion ? { - '5.7' => "/usr/local/bin/ruby21 '${script_path}'", - default => "/usr/local/bin/ruby22 '${script_path}'" - }, - 'freebsd' => "/usr/local/bin/ruby '${script_path}'", - default => $script_path - } - - file { $script_path: - ensure => file, - owner => $default_owner, - group => $default_group, - mode => $script_mode, - source => "puppet:///modules/concat/${script_name}", - backup => false, - } - - file { [ $concatdir, "${concatdir}/bin" ]: - ensure => directory, - owner => $default_owner, - group => $default_group, - mode => '0755', - backup => false, - } -} diff --git a/concat/metadata.json b/concat/metadata.json deleted file mode 100644 index a7753b20a..000000000 --- a/concat/metadata.json +++ /dev/null @@ -1,110 +0,0 @@ -{ - "name": "puppetlabs-concat", - "version": "1.2.4", - "author": "Puppet Labs", - "summary": "Construct files from multiple fragments.", - "license": "Apache-2.0", - "source": "https://github.com/puppetlabs/puppetlabs-concat", - "project_page": "https://github.com/puppetlabs/puppetlabs-concat", - "issues_url": "https://tickets.puppetlabs.com/browse/MODULES", - "dependencies": [ - {"name":"puppetlabs/stdlib","version_requirement":">= 3.2.0 < 5.0.0"} - ], - "operatingsystem_support": [ - { - "operatingsystem": "RedHat", - "operatingsystemrelease": [ - "5", - "6", - "7" - ] - }, - { - "operatingsystem": "CentOS", - "operatingsystemrelease": [ - "5", - "6", - "7" - ] - }, - { - "operatingsystem": "OracleLinux", - "operatingsystemrelease": [ - "5", - "6", - "7" - ] - }, - { - "operatingsystem": "Scientific", - "operatingsystemrelease": [ - "5", - "6", - "7" - ] - }, - { - "operatingsystem": "SLES", - "operatingsystemrelease": [ - "10 SP4", - "11 SP1", - "12" - ] - }, - { - "operatingsystem": "Debian", - "operatingsystemrelease": [ - "6", - "7" - ] - }, - { - "operatingsystem": "Ubuntu", - "operatingsystemrelease": [ - "10.04", - "12.04", - "14.04" - ] - }, - { - "operatingsystem": "Solaris", - "operatingsystemrelease": [ - "10", - "11" - ] - }, - { - "operatingsystem": "Windows", - "operatingsystemrelease": [ - "Server 2003 R2", - "Server 2008 R2", - "Server 2012", - "Server 2012 R2" - ] - }, - { - "operatingsystem": "AIX", - "operatingsystemrelease": [ - "5.3", - "6.1", - "7.1" - ] - }, - { - "operatingsystem": "OSX", - "operatingsystemrelease": [ - "10.9" - ] - } - ], - "requirements": [ - { - "name": "pe", - "version_requirement": ">= 3.0.0 < 2015.3.0" - }, - { - "name": "puppet", - "version_requirement": ">= 3.0.0 < 5.0.0" - } - ] -} diff --git a/concat/spec/acceptance/backup_spec.rb b/concat/spec/acceptance/backup_spec.rb deleted file mode 100644 index 1d3a5dfe3..000000000 --- a/concat/spec/acceptance/backup_spec.rb +++ /dev/null @@ -1,115 +0,0 @@ -require 'spec_helper_acceptance' - -describe 'concat backup parameter' do - basedir = default.tmpdir('concat') - context '=> puppet' do - before(:all) do - pp = <<-EOS - file { '#{basedir}': - ensure => directory, - } - file { '#{basedir}/file': - content => "old contents\n", - } - EOS - apply_manifest(pp) - end - pp = <<-EOS - concat { '#{basedir}/file': - backup => 'puppet', - } - concat::fragment { 'new file': - target => '#{basedir}/file', - content => 'new contents', - } - EOS - - it 'applies the manifest twice with "Filebucketed" stdout and no stderr' do - apply_manifest(pp, :catch_failures => true) do |r| - expect(r.stdout).to match(/Filebucketed #{basedir}\/file to puppet with sum 0140c31db86293a1a1e080ce9b91305f/) # sum is for file contents of 'old contents' - end - apply_manifest(pp, :catch_changes => true) - end - - describe file("#{basedir}/file") do - it { should be_file } - its(:content) { should match /new contents/ } - end - end - - context '=> .backup' do - before(:all) do - pp = <<-EOS - file { '#{basedir}': - ensure => directory, - } - file { '#{basedir}/file': - content => "old contents\n", - } - EOS - apply_manifest(pp) - end - pp = <<-EOS - concat { '#{basedir}/file': - backup => '.backup', - } - concat::fragment { 'new file': - target => '#{basedir}/file', - content => 'new contents', - } - EOS - - # XXX Puppet doesn't mention anything about filebucketing with a given - # extension like .backup - it 'applies the manifest twice no stderr' do - apply_manifest(pp, :catch_failures => true) - apply_manifest(pp, :catch_changes => true) - end - - describe file("#{basedir}/file") do - it { should be_file } - its(:content) { should match /new contents/ } - end - describe file("#{basedir}/file.backup") do - it { should be_file } - its(:content) { should match /old contents/ } - end - end - - # XXX The backup parameter uses validate_string() and thus can't be the - # boolean false value, but the string 'false' has the same effect in Puppet 3 - context "=> 'false'" do - before(:all) do - pp = <<-EOS - file { '#{basedir}': - ensure => directory, - } - file { '#{basedir}/file': - content => "old contents\n", - } - EOS - apply_manifest(pp) - end - pp = <<-EOS - concat { '#{basedir}/file': - backup => '.backup', - } - concat::fragment { 'new file': - target => '#{basedir}/file', - content => 'new contents', - } - EOS - - it 'applies the manifest twice with no "Filebucketed" stdout and no stderr' do - apply_manifest(pp, :catch_failures => true) do |r| - expect(r.stdout).to_not match(/Filebucketed/) - end - apply_manifest(pp, :catch_changes => true) - end - - describe file("#{basedir}/file") do - it { should be_file } - its(:content) { should match /new contents/ } - end - end -end diff --git a/concat/spec/acceptance/concat_spec.rb b/concat/spec/acceptance/concat_spec.rb deleted file mode 100644 index 72b4b22fe..000000000 --- a/concat/spec/acceptance/concat_spec.rb +++ /dev/null @@ -1,229 +0,0 @@ -require 'spec_helper_acceptance' - -case fact('osfamily') - when 'AIX' - username = 'root' - groupname = 'system' - scriptname = 'concatfragments.rb' - vardir = default.puppet['vardir'] - if vardir.nil? or vardir == '' - vardir = '/opt/puppetlabs/puppet/cache' - end - when 'Darwin' - username = 'root' - groupname = 'wheel' - scriptname = 'concatfragments.rb' - vardir = default.puppet['vardir'] - if vardir.nil? or vardir == '' - vardir = '/opt/puppetlabs/puppet/cache' - end - when 'windows' - username = 'Administrator' - groupname = 'Administrators' - scriptname = 'concatfragments.rb' - result = on default, "echo #{default.puppet['vardir']}" - vardir = result.raw_output.chomp - when 'Solaris' - username = 'root' - groupname = 'root' - scriptname = 'concatfragments.rb' - vardir = default.puppet['vardir'] - if vardir.nil? or vardir == '' - vardir = '/opt/puppetlabs/puppet/cache' - end - else - username = 'root' - groupname = 'root' - scriptname = 'concatfragments.rb' - vardir = default.puppet['vardir'] - if vardir.nil? or vardir == '' - vardir = '/opt/puppetlabs/puppet/cache' - end -end - -describe 'basic concat test' do - basedir = default.tmpdir('concat') - safe_basedir = basedir.gsub(/[\/:]/, '_') - - shared_examples 'successfully_applied' do |pp| - it 'applies the manifest twice with no stderr' do - apply_manifest(pp, :catch_failures => true) - apply_manifest(pp, :catch_changes => true) - end - - describe file("#{vardir}/concat") do - it { should be_directory } - it { should be_owned_by username } - it("should be mode", :unless => (fact('osfamily') == 'AIX' or fact('osfamily') == 'windows')) { - should be_mode 755 - } - end - describe file("#{vardir}/concat/bin") do - it { should be_directory } - it { should be_owned_by username } - it("should be mode", :unless => (fact('osfamily') == 'AIX' or fact('osfamily') == 'windows')) { - should be_mode 755 - } - end - describe file("#{vardir}/concat/bin/#{scriptname}") do - it { should be_file } - it { should be_owned_by username } - it("should be mode", :unless => (fact('osfamily') == 'AIX' or fact('osfamily') == 'windows')) { - should be_mode 755 - } - end - describe file("#{vardir}/concat/#{safe_basedir}_file") do - it { should be_directory } - it { should be_owned_by username } - it("should be mode", :unless => (fact('osfamily') == 'AIX' or fact('osfamily') == 'windows')) { - should be_mode 750 - } - end - describe file("#{vardir}/concat/#{safe_basedir}_file/fragments") do - it { should be_directory } - it { should be_owned_by username } - it("should be mode", :unless => (fact('osfamily') == 'AIX' or fact('osfamily') == 'windows')) { - should be_mode 750 - } - end - describe file("#{vardir}/concat/#{safe_basedir}_file/fragments.concat") do - it { should be_file } - it { should be_owned_by username } - it("should be mode", :unless => (fact('osfamily') == 'AIX' or fact('osfamily') == 'windows')) { - should be_mode 640 - } - end - describe file("#{vardir}/concat/#{safe_basedir}_file/fragments.concat.out") do - it { should be_file } - it { should be_owned_by username } - it("should be mode", :unless => (fact('osfamily') == 'AIX' or fact('osfamily') == 'windows')) { - should be_mode 640 - } - end - end - - context 'owner/group root' do - before(:all) do - pp = <<-EOS - file { '#{basedir}': - ensure => directory, - } - EOS - apply_manifest(pp) - end - pp = <<-EOS - concat { '#{basedir}/file': - owner => '#{username}', - group => '#{groupname}', - mode => '0644', - } - - concat::fragment { '1': - target => '#{basedir}/file', - content => '1', - order => '01', - } - - concat::fragment { '2': - target => '#{basedir}/file', - content => '2', - order => '02', - } - EOS - - it_behaves_like 'successfully_applied', pp - - describe file("#{basedir}/file") do - it { should be_file } - it { should be_owned_by username } - it("should be group", :unless => (fact('osfamily') == 'windows')) { should be_grouped_into groupname } - it("should be mode", :unless => (fact('osfamily') == 'AIX' or fact('osfamily') == 'windows')) { - should be_mode 644 - } - its(:content) { - should match '1' - should match '2' - } - end - describe file("#{vardir}/concat/#{safe_basedir}_file/fragments/01_1") do - it { should be_file } - it { should be_owned_by username } - it("should be mode", :unless => (fact('osfamily') == 'AIX' or fact('osfamily') == 'windows')) { - should be_mode 640 - } - end - describe file("#{vardir}/concat/#{safe_basedir}_file/fragments/02_2") do - it { should be_file } - it { should be_owned_by username } - it("should be mode", :unless => (fact('osfamily') == 'AIX' or fact('osfamily') == 'windows')) { - should be_mode 640 - } - end - end - - context 'ensure' do - context 'works when set to present with path set' do - before(:all) do - pp = <<-EOS - file { '#{basedir}': - ensure => directory, - } - EOS - apply_manifest(pp) - end - pp=" - concat { 'file': - ensure => present, - path => '#{basedir}/file', - mode => '0644', - } - concat::fragment { '1': - target => 'file', - content => '1', - order => '01', - } - " - - it_behaves_like 'successfully_applied', pp - - describe file("#{basedir}/file") do - it { should be_file } - it("should be mode", :unless => (fact('osfamily') == 'AIX' or fact('osfamily') == 'windows')) { - should be_mode 644 - } - its(:content) { should match '1' } - end - end - context 'works when set to absent with path set' do - before(:all) do - pp = <<-EOS - file { '#{basedir}': - ensure => directory, - } - EOS - apply_manifest(pp) - end - pp=" - concat { 'file': - ensure => absent, - path => '#{basedir}/file', - mode => '0644', - } - concat::fragment { '1': - target => 'file', - content => '1', - order => '01', - } - " - - it 'applies the manifest twice with no stderr' do - apply_manifest(pp, :catch_failures => true) - apply_manifest(pp, :catch_changes => true) - end - - describe file("#{basedir}/file") do - it { should_not be_file } - end - end - end -end diff --git a/concat/spec/acceptance/deprecation_warnings_spec.rb b/concat/spec/acceptance/deprecation_warnings_spec.rb deleted file mode 100644 index 11133ea9f..000000000 --- a/concat/spec/acceptance/deprecation_warnings_spec.rb +++ /dev/null @@ -1,238 +0,0 @@ -require 'spec_helper_acceptance' - -describe 'deprecation warnings' do - basedir = default.tmpdir('concat') - - shared_examples 'has_warning' do |pp, w| - it 'applies the manifest twice with a stderr regex' do - expect(apply_manifest(pp, :catch_failures => true).stderr).to match(/#{Regexp.escape(w)}/m) - expect(apply_manifest(pp, :catch_changes => true).stderr).to match(/#{Regexp.escape(w)}/m) - end - end - - context 'concat gnu parameter' do - pp = <<-EOS - concat { '#{basedir}/file': - gnu => 'foo', - } - concat::fragment { 'foo': - target => '#{basedir}/file', - content => 'bar', - } - EOS - w = 'The $gnu parameter to concat is deprecated and has no effect' - - it_behaves_like 'has_warning', pp, w - end - - context 'concat warn parameter =>' do - ['true', 'yes', 'on'].each do |warn| - context warn do - pp = <<-EOS - concat { '#{basedir}/file': - warn => '#{warn}', - } - concat::fragment { 'foo': - target => '#{basedir}/file', - content => 'bar', - } - EOS - w = 'Using stringified boolean values (\'true\', \'yes\', \'on\', \'false\', \'no\', \'off\') to represent boolean true/false as the $warn parameter to concat is deprecated and will be treated as the warning message in a future release' - - it_behaves_like 'has_warning', pp, w - - describe file("#{basedir}/file") do - it { should be_file } - its(:content) { - should match '# This file is managed by Puppet. DO NOT EDIT.' - should match 'bar' - } - end - end - end - - ['false', 'no', 'off'].each do |warn| - context warn do - pp = <<-EOS - concat { '#{basedir}/file': - warn => '#{warn}', - } - concat::fragment { 'foo': - target => '#{basedir}/file', - content => 'bar', - } - EOS - w = 'Using stringified boolean values (\'true\', \'yes\', \'on\', \'false\', \'no\', \'off\') to represent boolean true/false as the $warn parameter to concat is deprecated and will be treated as the warning message in a future release' - - it_behaves_like 'has_warning', pp, w - - describe file("#{basedir}/file") do - it { should be_file } - its(:content) { - should_not match '# This file is managed by Puppet. DO NOT EDIT.' - should match 'bar' - } - end - end - end - end - - context 'concat::fragment ensure parameter', :unless => fact('osfamily') == 'windows' do - context 'target file exists' do - before(:all) do - pp = <<-EOS - file { '#{basedir}': - ensure => directory, - } - file { '#{basedir}/file1': - content => "file1 contents\n", - } - EOS - apply_manifest(pp) - end - - pp = <<-EOS - concat { '#{basedir}/file': } - concat::fragment { 'foo': - target => '#{basedir}/file', - ensure => '#{basedir}/file1', - } - EOS - w = 'Passing a value other than \'present\' or \'absent\' as the $ensure parameter to concat::fragment is deprecated. If you want to use the content of a file as a fragment please use the $source parameter.' - - it_behaves_like 'has_warning', pp, w - - describe file("#{basedir}/file") do - it { should be_file } - its(:content) { should match 'file1 contents' } - end - - describe 'the fragment can be changed from a symlink to a plain file', :unless => (fact("osfamily") == "windows") do - pp = <<-EOS - concat { '#{basedir}/file': } - concat::fragment { 'foo': - target => '#{basedir}/file', - content => 'new content', - } - EOS - - it 'applies the manifest twice with no stderr' do - apply_manifest(pp, :catch_failures => true) - apply_manifest(pp, :catch_changes => true) - end - - describe file("#{basedir}/file") do - it { should be_file } - its(:content) { - should match 'new content' - should_not match 'file1 contents' - } - end - end - end # target file exists - - context 'target does not exist', :unless => fact('osfamily') == 'windows' do - pp = <<-EOS - concat { '#{basedir}/file': } - concat::fragment { 'foo': - target => '#{basedir}/file', - ensure => '#{basedir}/file1', - } - EOS - w = 'Passing a value other than \'present\' or \'absent\' as the $ensure parameter to concat::fragment is deprecated. If you want to use the content of a file as a fragment please use the $source parameter.' - - it_behaves_like 'has_warning', pp, w - - describe file("#{basedir}/file") do - it { should be_file } - end - - describe 'the fragment can be changed from a symlink to a plain file', :unless => (fact('osfamily') == 'windows') do - pp = <<-EOS - concat { '#{basedir}/file': } - concat::fragment { 'foo': - target => '#{basedir}/file', - content => 'new content', - } - EOS - - it 'applies the manifest twice with no stderr' do - apply_manifest(pp, :catch_failures => true) - apply_manifest(pp, :catch_changes => true) - end - - describe file("#{basedir}/file") do - it { should be_file } - its(:content) { should match 'new content' } - end - end - end # target file exists - - end # concat::fragment ensure parameter - - context 'concat::fragment mode parameter' do - pp = <<-EOS - concat { '#{basedir}/file': } - concat::fragment { 'foo': - target => '#{basedir}/file', - content => 'bar', - mode => 'bar', - } - EOS - w = 'The $mode parameter to concat::fragment is deprecated and has no effect' - - it_behaves_like 'has_warning', pp, w - end - - context 'concat::fragment owner parameter' do - pp = <<-EOS - concat { '#{basedir}/file': } - concat::fragment { 'foo': - target => '#{basedir}/file', - content => 'bar', - owner => 'bar', - } - EOS - w = 'The $owner parameter to concat::fragment is deprecated and has no effect' - - it_behaves_like 'has_warning', pp, w - end - - context 'concat::fragment group parameter' do - pp = <<-EOS - concat { '#{basedir}/file': } - concat::fragment { 'foo': - target => '#{basedir}/file', - content => 'bar', - group => 'bar', - } - EOS - w = 'The $group parameter to concat::fragment is deprecated and has no effect' - - it_behaves_like 'has_warning', pp, w - end - - context 'concat::fragment backup parameter' do - pp = <<-EOS - concat { '#{basedir}/file': } - concat::fragment { 'foo': - target => '#{basedir}/file', - content => 'bar', - backup => 'bar', - } - EOS - w = 'The $backup parameter to concat::fragment is deprecated and has no effect' - - it_behaves_like 'has_warning', pp, w - end - - context 'include concat::setup' do - pp = <<-EOS - include concat::setup - EOS - w = 'concat::setup is deprecated as a public API of the concat module and should no longer be directly included in the manifest.' - - it_behaves_like 'has_warning', pp, w - end - -end diff --git a/concat/spec/acceptance/empty_spec.rb b/concat/spec/acceptance/empty_spec.rb deleted file mode 100644 index 4ab6e1e60..000000000 --- a/concat/spec/acceptance/empty_spec.rb +++ /dev/null @@ -1,23 +0,0 @@ -require 'spec_helper_acceptance' - -describe 'concat force empty parameter' do - basedir = default.tmpdir('concat') - context 'should run successfully' do - pp = <<-EOS - concat { '#{basedir}/file': - mode => '0644', - force => true, - } - EOS - - it 'applies the manifest twice with no stderr' do - apply_manifest(pp, :catch_failures => true) - apply_manifest(pp, :catch_changes => true) - end - - describe file("#{basedir}/file") do - it { should be_file } - its(:content) { should_not match /1\n2/ } - end - end -end diff --git a/concat/spec/acceptance/fragment_source_spec.rb b/concat/spec/acceptance/fragment_source_spec.rb deleted file mode 100644 index a174e02b4..000000000 --- a/concat/spec/acceptance/fragment_source_spec.rb +++ /dev/null @@ -1,157 +0,0 @@ -require 'spec_helper_acceptance' - -case fact('osfamily') - when 'AIX' - username = 'root' - groupname = 'system' - when 'Darwin' - username = 'root' - groupname = 'wheel' - when 'windows' - username = 'Administrator' - groupname = 'Administrators' - else - username = 'root' - groupname = 'root' -end - -describe 'concat::fragment source' do - basedir = default.tmpdir('concat') - context 'should read file fragments from local system' do - pp = <<-EOS - file { '#{basedir}/file1': - content => "file1 contents\n" - } - file { '#{basedir}/file2': - content => "file2 contents\n" - } - concat { '#{basedir}/foo': } - - concat::fragment { '1': - target => '#{basedir}/foo', - source => '#{basedir}/file1', - require => File['#{basedir}/file1'], - } - concat::fragment { '2': - target => '#{basedir}/foo', - content => 'string1 contents', - } - concat::fragment { '3': - target => '#{basedir}/foo', - source => '#{basedir}/file2', - require => File['#{basedir}/file2'], - } - EOS - - it 'applies the manifest twice with no stderr' do - apply_manifest(pp, :catch_failures => true) - apply_manifest(pp, :catch_changes => true) - end - - describe file("#{basedir}/foo") do - it { should be_file } - its(:content) { - should match 'file1 contents' - should match 'string1 contents' - should match 'file2 contents' - } - end - end # should read file fragments from local system - - context 'should create files containing first match only.' do - pp = <<-EOS - file { '#{basedir}/file1': - content => "file1 contents\n" - } - file { '#{basedir}/file2': - content => "file2 contents\n" - } - concat { '#{basedir}/result_file1': - owner => '#{username}', - group => '#{groupname}', - mode => '0644', - } - concat { '#{basedir}/result_file2': - owner => '#{username}', - group => '#{groupname}', - mode => '0644', - } - concat { '#{basedir}/result_file3': - owner => '#{username}', - group => '#{groupname}', - mode => '0644', - } - - concat::fragment { '1': - target => '#{basedir}/result_file1', - source => [ '#{basedir}/file1', '#{basedir}/file2' ], - require => [ File['#{basedir}/file1'], File['#{basedir}/file2'] ], - order => '01', - } - concat::fragment { '2': - target => '#{basedir}/result_file2', - source => [ '#{basedir}/file2', '#{basedir}/file1' ], - require => [ File['#{basedir}/file1'], File['#{basedir}/file2'] ], - order => '01', - } - concat::fragment { '3': - target => '#{basedir}/result_file3', - source => [ '#{basedir}/file1', '#{basedir}/file2' ], - require => [ File['#{basedir}/file1'], File['#{basedir}/file2'] ], - order => '01', - } - EOS - - it 'applies the manifest twice with no stderr' do - apply_manifest(pp, :catch_failures => true) - apply_manifest(pp, :catch_changes => true) - end - describe file("#{basedir}/result_file1") do - it { should be_file } - its(:content) { - should match 'file1 contents' - should_not match 'file2 contents' - } - end - describe file("#{basedir}/result_file2") do - it { should be_file } - its(:content) { - should match 'file2 contents' - should_not match 'file1 contents' - } - end - describe file("#{basedir}/result_file3") do - it { should be_file } - its(:content) { - should match 'file1 contents' - should_not match 'file2 contents' - } - end - end - - context 'should fail if no match on source.' do - pp = <<-EOS - concat { '#{basedir}/fail_no_source': - owner => '#{username}', - group => '#{groupname}', - mode => '0644', - } - - concat::fragment { '1': - target => '#{basedir}/fail_no_source', - source => [ '#{basedir}/nofilehere', '#{basedir}/nothereeither' ], - order => '01', - } - EOS - - it 'applies the manifest with resource failures' do - apply_manifest(pp, :expect_failures => true) - end - describe file("#{basedir}/fail_no_source") do - #FIXME: Serverspec::Type::File doesn't support exists? for some reason. so... hack. - it { should_not be_file } - it { should_not be_directory } - end - end -end - diff --git a/concat/spec/acceptance/fragments_are_always_replaced_spec.rb b/concat/spec/acceptance/fragments_are_always_replaced_spec.rb deleted file mode 100644 index 70d738288..000000000 --- a/concat/spec/acceptance/fragments_are_always_replaced_spec.rb +++ /dev/null @@ -1,139 +0,0 @@ -require 'spec_helper_acceptance' - -describe 'concat::fragment replace' do - basedir = default.tmpdir('concat') - - context 'should create fragment files' do - before(:all) do - pp = <<-EOS - file { '#{basedir}': - ensure => directory, - } - EOS - apply_manifest(pp) - end - - pp1 = <<-EOS - concat { '#{basedir}/foo': } - - concat::fragment { '1': - target => '#{basedir}/foo', - content => 'caller has replace unset run 1', - } - EOS - pp2 = <<-EOS - concat { '#{basedir}/foo': } - - concat::fragment { '1': - target => '#{basedir}/foo', - content => 'caller has replace unset run 2', - } - EOS - - it 'applies the manifest twice with no stderr' do - apply_manifest(pp1, :catch_failures => true) - apply_manifest(pp1, :catch_changes => true) - apply_manifest(pp2, :catch_failures => true) - apply_manifest(pp2, :catch_changes => true) - end - - describe file("#{basedir}/foo") do - it { should be_file } - its(:content) { - should_not match 'caller has replace unset run 1' - should match 'caller has replace unset run 2' - } - end - end # should create fragment files - - context 'should replace its own fragment files when caller has File { replace=>true } set' do - before(:all) do - pp = <<-EOS - file { '#{basedir}': - ensure => directory, - } - EOS - apply_manifest(pp) - end - - pp1 = <<-EOS - File { replace=>true } - concat { '#{basedir}/foo': } - - concat::fragment { '1': - target => '#{basedir}/foo', - content => 'caller has replace true set run 1', - } - EOS - pp2 = <<-EOS - File { replace=>true } - concat { '#{basedir}/foo': } - - concat::fragment { '1': - target => '#{basedir}/foo', - content => 'caller has replace true set run 2', - } - EOS - - it 'applies the manifest twice with no stderr' do - apply_manifest(pp1, :catch_failures => true) - apply_manifest(pp1, :catch_changes => true) - apply_manifest(pp2, :catch_failures => true) - apply_manifest(pp2, :catch_changes => true) - end - - describe file("#{basedir}/foo") do - it { should be_file } - its(:content) { - should_not match 'caller has replace true set run 1' - should match 'caller has replace true set run 2' - } - end - end # should replace its own fragment files when caller has File(replace=>true) set - - context 'should replace its own fragment files even when caller has File { replace=>false } set' do - before(:all) do - pp = <<-EOS - file { '#{basedir}': - ensure => directory, - } - EOS - apply_manifest(pp) - end - - pp1 = <<-EOS - File { replace=>false } - concat { '#{basedir}/foo': } - - concat::fragment { '1': - target => '#{basedir}/foo', - content => 'caller has replace false set run 1', - } - EOS - pp2 = <<-EOS - File { replace=>false } - concat { '#{basedir}/foo': } - - concat::fragment { '1': - target => '#{basedir}/foo', - content => 'caller has replace false set run 2', - } - EOS - - it 'applies the manifest twice with no stderr' do - apply_manifest(pp1, :catch_failures => true) - apply_manifest(pp1, :catch_changes => true) - apply_manifest(pp2, :catch_failures => true) - apply_manifest(pp2, :catch_changes => true) - end - - describe file("#{basedir}/foo") do - it { should be_file } - its(:content) { - should_not match 'caller has replace false set run 1' - should match 'caller has replace false set run 2' - } - end - end # should replace its own fragment files even when caller has File(replace=>false) set - -end diff --git a/concat/spec/acceptance/newline_spec.rb b/concat/spec/acceptance/newline_spec.rb deleted file mode 100644 index c1fa16a10..000000000 --- a/concat/spec/acceptance/newline_spec.rb +++ /dev/null @@ -1,67 +0,0 @@ -require 'spec_helper_acceptance' - -describe 'concat ensure_newline parameter' do - basedir = default.tmpdir('concat') - context '=> false' do - before(:all) do - pp = <<-EOS - file { '#{basedir}': - ensure => directory - } - EOS - - apply_manifest(pp) - end - pp = <<-EOS - concat { '#{basedir}/file': - ensure_newline => false, - } - concat::fragment { '1': - target => '#{basedir}/file', - content => '1', - } - concat::fragment { '2': - target => '#{basedir}/file', - content => '2', - } - EOS - - it 'applies the manifest twice with no stderr' do - apply_manifest(pp, :catch_failures => true) - apply_manifest(pp, :catch_changes => true) - end - - describe file("#{basedir}/file") do - it { should be_file } - its(:content) { should match '12' } - end - end - - context '=> true' do - pp = <<-EOS - concat { '#{basedir}/file': - ensure_newline => true, - } - concat::fragment { '1': - target => '#{basedir}/file', - content => '1', - } - concat::fragment { '2': - target => '#{basedir}/file', - content => '2', - } - EOS - - it 'applies the manifest twice with no stderr' do - apply_manifest(pp, :catch_failures => true) - apply_manifest(pp, :catch_changes => true) - end - - describe file("#{basedir}/file") do - it { should be_file } - its(:content) { - should match /1\n2\n/ - } - end - end -end diff --git a/concat/spec/acceptance/nodesets/aix-71-vcloud.yml b/concat/spec/acceptance/nodesets/aix-71-vcloud.yml deleted file mode 100644 index f0ae87a5c..000000000 --- a/concat/spec/acceptance/nodesets/aix-71-vcloud.yml +++ /dev/null @@ -1,19 +0,0 @@ -HOSTS: - pe-aix-71-acceptance: - roles: - - master - - dashboard - - database - - agent - - default - platform: aix-7.1-power - hypervisor: aix - ip: pe-aix-71-acceptance.delivery.puppetlabs.net -CONFIG: - type: pe - nfs_server: NONE - consoleport: 443 - datastore: instance0 - folder: Delivery/Quality Assurance/Enterprise/Dynamic - resourcepool: delivery/Quality Assurance/Enterprise/Dynamic - pooling_api: http://vcloud.delivery.puppetlabs.net/ diff --git a/concat/spec/acceptance/nodesets/centos-59-x64.yml b/concat/spec/acceptance/nodesets/centos-59-x64.yml deleted file mode 100644 index 6d110a64c..000000000 --- a/concat/spec/acceptance/nodesets/centos-59-x64.yml +++ /dev/null @@ -1,10 +0,0 @@ -HOSTS: - centos-59-x64: - roles: - - master - platform: el-5-x86_64 - box : centos-59-x64-vbox4210-nocm - box_url : https://atlas.hashicorp.com/puppetlabs/boxes/centos-59-x64-vbox4210-nocm.box - hypervisor : vagrant -CONFIG: - type: git diff --git a/concat/spec/acceptance/nodesets/centos-64-x64-pe.yml b/concat/spec/acceptance/nodesets/centos-64-x64-pe.yml deleted file mode 100644 index 8e20d74e5..000000000 --- a/concat/spec/acceptance/nodesets/centos-64-x64-pe.yml +++ /dev/null @@ -1,12 +0,0 @@ -HOSTS: - centos-64-x64: - roles: - - master - - database - - dashboard - platform: el-6-x86_64 - box : centos-64-x64-vbox4210-nocm - box_url : https://atlas.hashicorp.com/puppetlabs/boxes/centos-64-x64-vbox4210-nocm.box - hypervisor : vagrant -CONFIG: - type: pe diff --git a/concat/spec/acceptance/nodesets/centos-64-x64.yml b/concat/spec/acceptance/nodesets/centos-64-x64.yml deleted file mode 100644 index 63a66373b..000000000 --- a/concat/spec/acceptance/nodesets/centos-64-x64.yml +++ /dev/null @@ -1,10 +0,0 @@ -HOSTS: - centos-64-x64: - roles: - - master - platform: el-6-x86_64 - box : centos-64-x64-vbox4210-nocm - box_url : https://atlas.hashicorp.com/puppetlabs/boxes/centos-64-x64-vbox4210-nocm.box - hypervisor : vagrant -CONFIG: - type: git diff --git a/concat/spec/acceptance/nodesets/centos-65-x64.yml b/concat/spec/acceptance/nodesets/centos-65-x64.yml deleted file mode 100644 index e0677faef..000000000 --- a/concat/spec/acceptance/nodesets/centos-65-x64.yml +++ /dev/null @@ -1,10 +0,0 @@ -HOSTS: - centos-65-x64: - roles: - - master - platform: el-6-x86_64 - box : centos-65-x64-vbox436-nocm - box_url : https://atlas.hashicorp.com/puppetlabs/boxes/centos-65-x64-virtualbox-nocm.box - hypervisor : vagrant -CONFIG: - type: foss diff --git a/concat/spec/acceptance/nodesets/debian-607-x64.yml b/concat/spec/acceptance/nodesets/debian-607-x64.yml deleted file mode 100644 index cfbcb0d12..000000000 --- a/concat/spec/acceptance/nodesets/debian-607-x64.yml +++ /dev/null @@ -1,10 +0,0 @@ -HOSTS: - debian-607-x64: - roles: - - master - platform: debian-6-amd64 - box : debian-607-x64-vbox4210-nocm - box_url : https://atlas.hashicorp.com/puppetlabs/boxes/debian-607-x64-vbox4210-nocm.box - hypervisor : vagrant -CONFIG: - type: git diff --git a/concat/spec/acceptance/nodesets/debian-70rc1-x64.yml b/concat/spec/acceptance/nodesets/debian-70rc1-x64.yml deleted file mode 100644 index ead9c6291..000000000 --- a/concat/spec/acceptance/nodesets/debian-70rc1-x64.yml +++ /dev/null @@ -1,10 +0,0 @@ -HOSTS: - debian-70rc1-x64: - roles: - - master - platform: debian-7-amd64 - box : debian-70rc1-x64-vbox4210-nocm - box_url : https://atlas.hashicorp.com/puppetlabs/boxes/debian-70rc1-x64-vbox4210-nocm.box - hypervisor : vagrant -CONFIG: - type: git diff --git a/concat/spec/acceptance/nodesets/debian-73-x64.yml b/concat/spec/acceptance/nodesets/debian-73-x64.yml deleted file mode 100644 index 55c874a20..000000000 --- a/concat/spec/acceptance/nodesets/debian-73-x64.yml +++ /dev/null @@ -1,11 +0,0 @@ -HOSTS: - debian-73-x64.localhost: - roles: - - master - platform: debian-7-amd64 - box : debian-73-x64-virtualbox-nocm - box_url : https://atlas.hashicorp.com/puppetlabs/boxes/debian-73-x64-virtualbox-nocm.box - hypervisor : vagrant -CONFIG: - log_level: debug - type: foss diff --git a/concat/spec/acceptance/nodesets/default.yml b/concat/spec/acceptance/nodesets/default.yml deleted file mode 100644 index b31fe2757..000000000 --- a/concat/spec/acceptance/nodesets/default.yml +++ /dev/null @@ -1,10 +0,0 @@ -HOSTS: - centos-66-x64: - roles: - - master - platform: el-6-x86_64 - box : puppetlabs/centos-6.6-64-nocm - box_url : https://atlas.hashicorp.com/puppetlabs/boxes/centos-6.6-64-nocm - hypervisor : vagrant -CONFIG: - type: git diff --git a/concat/spec/acceptance/nodesets/fedora-18-x64.yml b/concat/spec/acceptance/nodesets/fedora-18-x64.yml deleted file mode 100644 index 89d57a382..000000000 --- a/concat/spec/acceptance/nodesets/fedora-18-x64.yml +++ /dev/null @@ -1,10 +0,0 @@ -HOSTS: - fedora-18-x64: - roles: - - master - platform: fedora-18-x86_64 - box : fedora-18-x64-vbox4210-nocm - box_url : https://atlas.hashicorp.com/puppetlabs/boxes/fedora-18-x64-vbox4210-nocm.box - hypervisor : vagrant -CONFIG: - type: git diff --git a/concat/spec/acceptance/nodesets/sles-11-x64.yml b/concat/spec/acceptance/nodesets/sles-11-x64.yml deleted file mode 100644 index 1681ae45b..000000000 --- a/concat/spec/acceptance/nodesets/sles-11-x64.yml +++ /dev/null @@ -1,10 +0,0 @@ -HOSTS: - sles-11-x64.local: - roles: - - master - platform: sles-11-x64 - box : sles-11sp1-x64-vbox4210-nocm - box_url : https://atlas.hashicorp.com/puppetlabs/boxes/sles-11sp1-x64-vbox4210-nocm.box - hypervisor : vagrant -CONFIG: - type: foss diff --git a/concat/spec/acceptance/nodesets/sles-11sp1-x64.yml b/concat/spec/acceptance/nodesets/sles-11sp1-x64.yml deleted file mode 100644 index 604d6f939..000000000 --- a/concat/spec/acceptance/nodesets/sles-11sp1-x64.yml +++ /dev/null @@ -1,10 +0,0 @@ -HOSTS: - sles-11sp1-x64: - roles: - - master - platform: sles-11-x86_64 - box : sles-11sp1-x64-vbox4210-nocm - box_url : https://atlas.hashicorp.com/puppetlabs/boxes/sles-11sp1-x64-vbox4210-nocm.box - hypervisor : vagrant -CONFIG: - type: git diff --git a/concat/spec/acceptance/nodesets/ubuntu-server-10044-x64.yml b/concat/spec/acceptance/nodesets/ubuntu-server-10044-x64.yml deleted file mode 100644 index 7f5e198b0..000000000 --- a/concat/spec/acceptance/nodesets/ubuntu-server-10044-x64.yml +++ /dev/null @@ -1,10 +0,0 @@ -HOSTS: - ubuntu-server-10044-x64: - roles: - - master - platform: ubuntu-10.04-amd64 - box : ubuntu-server-10044-x64-vbox4210-nocm - box_url : https://atlas.hashicorp.com/puppetlabs/boxes/ubuntu-server-10044-x64-vbox4210-nocm.box - hypervisor : vagrant -CONFIG: - type: foss diff --git a/concat/spec/acceptance/nodesets/ubuntu-server-12042-x64.yml b/concat/spec/acceptance/nodesets/ubuntu-server-12042-x64.yml deleted file mode 100644 index 05bdde770..000000000 --- a/concat/spec/acceptance/nodesets/ubuntu-server-12042-x64.yml +++ /dev/null @@ -1,10 +0,0 @@ -HOSTS: - ubuntu-server-12042-x64: - roles: - - master - platform: ubuntu-12.04-amd64 - box : ubuntu-server-12042-x64-vbox4210-nocm - box_url : https://atlas.hashicorp.com/puppetlabs/boxes/ubuntu-server-12042-x64-vbox4210-nocm.box - hypervisor : vagrant -CONFIG: - type: foss diff --git a/concat/spec/acceptance/nodesets/ubuntu-server-1404-x64.yml b/concat/spec/acceptance/nodesets/ubuntu-server-1404-x64.yml deleted file mode 100644 index cba1cd04c..000000000 --- a/concat/spec/acceptance/nodesets/ubuntu-server-1404-x64.yml +++ /dev/null @@ -1,11 +0,0 @@ -HOSTS: - ubuntu-server-1404-x64: - roles: - - master - platform: ubuntu-14.04-amd64 - box : puppetlabs/ubuntu-14.04-64-nocm - box_url : https://vagrantcloud.com/puppetlabs/ubuntu-14.04-64-nocm - hypervisor : vagrant -CONFIG: - log_level : debug - type: git diff --git a/concat/spec/acceptance/order_spec.rb b/concat/spec/acceptance/order_spec.rb deleted file mode 100644 index c158dd880..000000000 --- a/concat/spec/acceptance/order_spec.rb +++ /dev/null @@ -1,123 +0,0 @@ -require 'spec_helper_acceptance' - -describe 'concat order' do - basedir = default.tmpdir('concat') - - context '=> ' do - shared_examples 'sortby' do |order_by, match_output| - pp = <<-EOS - concat { '#{basedir}/foo': - order => '#{order_by}' - } - concat::fragment { '1': - target => '#{basedir}/foo', - content => 'string1', - order => '1', - } - concat::fragment { '2': - target => '#{basedir}/foo', - content => 'string2', - order => '2', - } - concat::fragment { '10': - target => '#{basedir}/foo', - content => 'string10', - } - EOS - - it 'applies the manifest twice with no stderr' do - apply_manifest(pp, :catch_failures => true) - apply_manifest(pp, :catch_changes => true) - end - - describe file("#{basedir}/foo") do - it { should be_file } - its(:content) { should match match_output } - end - end - - describe 'alpha' do - it_behaves_like 'sortby', 'alpha', /string10string1string2/ - end - - describe 'numeric' do - it_behaves_like 'sortby', 'numeric', /string1string2string10/ - end - end -end # concat order - -describe 'concat::fragment order' do - basedir = default.tmpdir('concat') - - context '=> reverse order' do - shared_examples 'order_by' do |order_by, match_output| - pp = <<-EOS - concat { '#{basedir}/foo': - order => '#{order_by}' - } - concat::fragment { '1': - target => '#{basedir}/foo', - content => 'string1', - order => '15', - } - concat::fragment { '2': - target => '#{basedir}/foo', - content => 'string2', - # default order 10 - } - concat::fragment { '3': - target => '#{basedir}/foo', - content => 'string3', - order => '1', - } - EOS - - it 'applies the manifest twice with no stderr' do - apply_manifest(pp, :catch_failures => true) - apply_manifest(pp, :catch_changes => true) - end - - describe file("#{basedir}/foo") do - it { should be_file } - its(:content) { should match match_output } - end - end - describe 'alpha' do - it_should_behave_like 'order_by', 'alpha', /string2string1string3/ - end - describe 'numeric' do - it_should_behave_like 'order_by', 'numeric', /string3string2string1/ - end - end - - context '=> normal order' do - pp = <<-EOS - concat { '#{basedir}/foo': } - concat::fragment { '1': - target => '#{basedir}/foo', - content => 'string1', - order => '01', - } - concat::fragment { '2': - target => '#{basedir}/foo', - content => 'string2', - order => '02' - } - concat::fragment { '3': - target => '#{basedir}/foo', - content => 'string3', - order => '03', - } - EOS - - it 'applies the manifest twice with no stderr' do - apply_manifest(pp, :catch_failures => true) - apply_manifest(pp, :catch_changes => true) - end - - describe file("#{basedir}/foo") do - it { should be_file } - its(:content) { should match /string1string2string3/ } - end - end -end # concat::fragment order diff --git a/concat/spec/acceptance/quoted_paths_spec.rb b/concat/spec/acceptance/quoted_paths_spec.rb deleted file mode 100644 index 042425f92..000000000 --- a/concat/spec/acceptance/quoted_paths_spec.rb +++ /dev/null @@ -1,42 +0,0 @@ -require 'spec_helper_acceptance' - -describe 'quoted paths' do - basedir = default.tmpdir('concat') - - before(:all) do - pp = <<-EOS - file { '#{basedir}': - ensure => directory, - } - file { '#{basedir}/concat test': - ensure => directory, - } - EOS - apply_manifest(pp) - end - - context 'path with blanks' do - pp = <<-EOS - concat { '#{basedir}/concat test/foo': - } - concat::fragment { '1': - target => '#{basedir}/concat test/foo', - content => 'string1', - } - concat::fragment { '2': - target => '#{basedir}/concat test/foo', - content => 'string2', - } - EOS - - it 'applies the manifest twice with no stderr' do - apply_manifest(pp, :catch_failures => true) - apply_manifest(pp, :catch_changes => true) - end - - describe file("#{basedir}/concat test/foo") do - it { should be_file } - its(:content) { should match /string1string2/ } - end - end -end diff --git a/concat/spec/acceptance/replace_spec.rb b/concat/spec/acceptance/replace_spec.rb deleted file mode 100644 index bd597ed19..000000000 --- a/concat/spec/acceptance/replace_spec.rb +++ /dev/null @@ -1,262 +0,0 @@ -require 'spec_helper_acceptance' - -describe 'replacement of' do - basedir = default.tmpdir('concat') - context 'file' do - context 'should not succeed' do - before(:all) do - pp = <<-EOS - file { '#{basedir}': - ensure => directory, - } - file { '#{basedir}/file': - content => "file exists\n" - } - EOS - apply_manifest(pp) - end - pp = <<-EOS - concat { '#{basedir}/file': - replace => false, - } - - concat::fragment { '1': - target => '#{basedir}/file', - content => '1', - } - - concat::fragment { '2': - target => '#{basedir}/file', - content => '2', - } - EOS - - it 'applies the manifest twice with no stderr' do - apply_manifest(pp, :catch_failures => true) - apply_manifest(pp, :catch_changes => true) - end - - describe file("#{basedir}/file") do - it { should be_file } - its(:content) { - should match 'file exists' - should_not match '1' - should_not match '2' - } - end - end - - context 'should succeed' do - before(:all) do - pp = <<-EOS - file { '#{basedir}': - ensure => directory, - } - file { '#{basedir}/file': - content => "file exists\n" - } - EOS - apply_manifest(pp) - end - pp = <<-EOS - concat { '#{basedir}/file': - replace => true, - } - - concat::fragment { '1': - target => '#{basedir}/file', - content => '1', - } - - concat::fragment { '2': - target => '#{basedir}/file', - content => '2', - } - EOS - - it 'applies the manifest twice with no stderr' do - apply_manifest(pp, :catch_failures => true) - apply_manifest(pp, :catch_changes => true) - end - - describe file("#{basedir}/file") do - it { should be_file } - its(:content) { - should_not match 'file exists' - should match '1' - should match '2' - } - end - end - end # file - - context 'symlink', :unless => (fact("osfamily") == "windows") do - context 'should not succeed' do - # XXX the core puppet file type will replace a symlink with a plain file - # when using ensure => present and source => ... but it will not when using - # ensure => present and content => ...; this is somewhat confusing behavior - before(:all) do - pp = <<-EOS - file { '#{basedir}': - ensure => directory, - } - file { '#{basedir}/file': - ensure => link, - target => '#{basedir}/dangling', - } - EOS - apply_manifest(pp) - end - - pp = <<-EOS - concat { '#{basedir}/file': - replace => false, - } - - concat::fragment { '1': - target => '#{basedir}/file', - content => '1', - } - - concat::fragment { '2': - target => '#{basedir}/file', - content => '2', - } - EOS - - it 'applies the manifest twice with no stderr' do - apply_manifest(pp, :catch_failures => true) - apply_manifest(pp, :catch_changes => true) - end - - # XXX specinfra doesn't support be_linked_to on AIX - describe file("#{basedir}/file"), :unless => (fact("osfamily") == "AIX" or fact("osfamily") == "windows") do - it { should be_linked_to "#{basedir}/dangling" } - end - - describe file("#{basedir}/dangling") do - # XXX serverspec does not have a matcher for 'exists' - it { should_not be_file } - it { should_not be_directory } - end - end - - context 'should succeed' do - # XXX the core puppet file type will replace a symlink with a plain file - # when using ensure => present and source => ... but it will not when using - # ensure => present and content => ...; this is somewhat confusing behavior - before(:all) do - pp = <<-EOS - file { '#{basedir}': - ensure => directory, - } - file { '#{basedir}/file': - ensure => link, - target => '#{basedir}/dangling', - } - EOS - apply_manifest(pp) - end - - pp = <<-EOS - concat { '#{basedir}/file': - replace => true, - } - - concat::fragment { '1': - target => '#{basedir}/file', - content => '1', - } - - concat::fragment { '2': - target => '#{basedir}/file', - content => '2', - } - EOS - - it 'applies the manifest twice with no stderr' do - apply_manifest(pp, :catch_failures => true) - apply_manifest(pp, :catch_changes => true) - end - - describe file("#{basedir}/file") do - it { should be_file } - its(:content) { - should match '1' - should match '2' - } - end - end - end # symlink - - context 'directory' do - context 'should not succeed' do - before(:all) do - pp = <<-EOS - file { '#{basedir}': - ensure => directory, - } - file { '#{basedir}/file': - ensure => directory, - } - EOS - apply_manifest(pp) - end - pp = <<-EOS - concat { '#{basedir}/file': } - - concat::fragment { '1': - target => '#{basedir}/file', - content => '1', - } - - concat::fragment { '2': - target => '#{basedir}/file', - content => '2', - } - EOS - - it 'applies the manifest twice with stderr for changing to file' do - expect(apply_manifest(pp, :expect_failures => true).stderr).to match(/change from directory to file failed/) - expect(apply_manifest(pp, :expect_failures => true).stderr).to match(/change from directory to file failed/) - end - - describe file("#{basedir}/file") do - it { should be_directory } - end - end - - # XXX concat's force param currently enables the creation of empty files - # when there are no fragments, and the replace param will only replace - # files and symlinks, not directories. The semantics either need to be - # changed, extended, or a new param introduced to control directory - # replacement. - context 'should succeed', :pending => 'not yet implemented' do - pp = <<-EOS - concat { '#{basedir}/file': - force => true, - } - - concat::fragment { '1': - target => '#{basedir}/file', - content => '1', - } - - concat::fragment { '2': - target => '#{basedir}/file', - content => '2', - } - EOS - - it 'applies the manifest twice with no stderr' do - apply_manifest(pp, :catch_failures => true) - apply_manifest(pp, :catch_changes => true) - end - - describe file("#{basedir}/file") do - it { should be_file } - its(:content) { should match '1' } - end - end - end # directory -end diff --git a/concat/spec/acceptance/specinfra_stubs.rb b/concat/spec/acceptance/specinfra_stubs.rb deleted file mode 100644 index bae85eff0..000000000 --- a/concat/spec/acceptance/specinfra_stubs.rb +++ /dev/null @@ -1,19 +0,0 @@ -class Specinfra::Command::Windows::Base::File < Specinfra::Command::Windows::Base - class << self - def check_is_owned_by(file, owner) - Backend::PowerShell::Command.new do - exec "if((Get-Item '#{file}').GetAccessControl().Owner -match '#{owner}' - -or ((Get-Item '#{file}').GetAccessControl().Owner -match '#{owner}').Length -gt 0){ exit 0 } else { exit 1 }" - end - end - end -end - - -class Specinfra::Command::Base::File < Specinfra::Command::Base - class << self - def get_content(file) - "cat '#{file}' 2> /dev/null || echo -n" - end - end -end diff --git a/concat/spec/acceptance/symbolic_name_spec.rb b/concat/spec/acceptance/symbolic_name_spec.rb deleted file mode 100644 index df8d54f52..000000000 --- a/concat/spec/acceptance/symbolic_name_spec.rb +++ /dev/null @@ -1,35 +0,0 @@ -require 'spec_helper_acceptance' - -describe 'symbolic name' do - basedir = default.tmpdir('concat') - pp = <<-EOS - concat { 'not_abs_path': - path => '#{basedir}/file', - } - - concat::fragment { '1': - target => 'not_abs_path', - content => '1', - order => '01', - } - - concat::fragment { '2': - target => 'not_abs_path', - content => '2', - order => '02', - } - EOS - - it 'applies the manifest twice with no stderr' do - apply_manifest(pp, :catch_failures => true) - apply_manifest(pp, :catch_changes => true) - end - - describe file("#{basedir}/file") do - it { should be_file } - its(:content) { - should match '1' - should match '2' - } - end -end diff --git a/concat/spec/acceptance/validation_spec.rb b/concat/spec/acceptance/validation_spec.rb deleted file mode 100644 index c35871b9b..000000000 --- a/concat/spec/acceptance/validation_spec.rb +++ /dev/null @@ -1,35 +0,0 @@ -require 'spec_helper_acceptance' - -describe 'concat validate_cmd parameter', :unless => (fact('kernel') != 'Linux') do - basedir = default.tmpdir('concat') - context '=> "/usr/bin/test -e %"' do - before(:all) do - pp = <<-EOS - file { '#{basedir}': - ensure => directory - } - EOS - - apply_manifest(pp) - end - pp = <<-EOS - concat { '#{basedir}/file': - validate_cmd => '/usr/bin/test -e %', - } - concat::fragment { 'content': - target => '#{basedir}/file', - content => 'content', - } - EOS - - it 'applies the manifest twice with no stderr' do - apply_manifest(pp, :catch_failures => true) - apply_manifest(pp, :catch_changes => true) - end - - describe file("#{basedir}/file") do - it { should be_file } - it { should contain 'content' } - end - end -end diff --git a/concat/spec/acceptance/warn_spec.rb b/concat/spec/acceptance/warn_spec.rb deleted file mode 100644 index 2788607c8..000000000 --- a/concat/spec/acceptance/warn_spec.rb +++ /dev/null @@ -1,104 +0,0 @@ -require 'spec_helper_acceptance' - -describe 'concat warn =>' do - basedir = default.tmpdir('concat') - context 'true should enable default warning message' do - pp = <<-EOS - concat { '#{basedir}/file': - warn => true, - } - - concat::fragment { '1': - target => '#{basedir}/file', - content => '1', - order => '01', - } - - concat::fragment { '2': - target => '#{basedir}/file', - content => '2', - order => '02', - } - EOS - - it 'applies the manifest twice with no stderr' do - apply_manifest(pp, :catch_failures => true) - apply_manifest(pp, :catch_changes => true) - end - - describe file("#{basedir}/file") do - it { should be_file } - its(:content) { - should match /# This file is managed by Puppet\. DO NOT EDIT\./ - should match /1/ - should match /2/ - } - end - end - context 'false should not enable default warning message' do - pp = <<-EOS - concat { '#{basedir}/file': - warn => false, - } - - concat::fragment { '1': - target => '#{basedir}/file', - content => '1', - order => '01', - } - - concat::fragment { '2': - target => '#{basedir}/file', - content => '2', - order => '02', - } - EOS - - it 'applies the manifest twice with no stderr' do - apply_manifest(pp, :catch_failures => true) - apply_manifest(pp, :catch_changes => true) - end - - describe file("#{basedir}/file") do - it { should be_file } - its(:content) { - should_not match /# This file is managed by Puppet\. DO NOT EDIT\./ - should match /1/ - should match /2/ - } - end - end - context '# foo should overide default warning message' do - pp = <<-EOS - concat { '#{basedir}/file': - warn => '# foo', - } - - concat::fragment { '1': - target => '#{basedir}/file', - content => '1', - order => '01', - } - - concat::fragment { '2': - target => '#{basedir}/file', - content => '2', - order => '02', - } - EOS - - it 'applies the manifest twice with no stderr' do - apply_manifest(pp, :catch_failures => true) - apply_manifest(pp, :catch_changes => true) - end - - describe file("#{basedir}/file") do - it { should be_file } - its(:content) { - should match /# foo/ - should match /1/ - should match /2/ - } - end - end -end diff --git a/concat/spec/spec.opts b/concat/spec/spec.opts deleted file mode 100644 index 91cd6427e..000000000 --- a/concat/spec/spec.opts +++ /dev/null @@ -1,6 +0,0 @@ ---format -s ---colour ---loadby -mtime ---backtrace diff --git a/concat/spec/spec_helper.rb b/concat/spec/spec_helper.rb deleted file mode 100644 index 2c6f56649..000000000 --- a/concat/spec/spec_helper.rb +++ /dev/null @@ -1 +0,0 @@ -require 'puppetlabs_spec_helper/module_spec_helper' diff --git a/concat/spec/spec_helper_acceptance.rb b/concat/spec/spec_helper_acceptance.rb deleted file mode 100644 index 805104649..000000000 --- a/concat/spec/spec_helper_acceptance.rb +++ /dev/null @@ -1,53 +0,0 @@ -require 'beaker-rspec/spec_helper' -require 'beaker-rspec/helpers/serverspec' -require 'acceptance/specinfra_stubs' -require 'beaker/puppet_install_helper' - -run_puppet_install_helper - -unless ENV['RS_PROVISION'] == 'no' or ENV['BEAKER_provision'] == 'no' - hosts.each do |host| - if host['platform'] =~ /sles-1/i || host['platform'] =~ /solaris-1/i - get_stdlib = <<-EOS - package{'wget':} - exec{'download': - command => "wget -P /root/ https://forgeapi.puppetlabs.com/v3/files/puppetlabs-stdlib-4.5.1.tar.gz --no-check-certificate", - path => ['/opt/csw/bin/','/usr/bin/'] - } - EOS - apply_manifest_on(host, get_stdlib) - # have to use force otherwise it checks ssl cert even though it is a local file - on host, puppet('module install /root/puppetlabs-stdlib-4.5.1.tar.gz --force --ignore-dependencies'), {:acceptable_exit_codes => [0, 1]} - elsif host['platform'] =~ /windows/i - on host, shell('curl -k -o c:/puppetlabs-stdlib-4.5.1.tar.gz https://forgeapi.puppetlabs.com/v3/files/puppetlabs-stdlib-4.5.1.tar.gz') - on host, puppet('module install c:/puppetlabs-stdlib-4.5.1.tar.gz --force --ignore-dependencies'), {:acceptable_exit_codes => [0, 1]} - else - on host, puppet('module install puppetlabs-stdlib'), {:acceptable_exit_codes => [0, 1]} - end - end -end - -RSpec.configure do |c| - # Project root - proj_root = File.expand_path(File.join(File.dirname(__FILE__), '..')) - - # Readable test descriptions - c.formatter = :documentation - - # Configure all nodes in nodeset - c.before :suite do - hosts.each do |host| - copy_module_to(host, :source => proj_root, :module_name => 'concat') - end - end - - c.before(:all) do - shell('mkdir -p /tmp/concat') - end - c.after(:all) do - shell('rm -rf /tmp/concat /var/lib/puppet/concat') - end - - c.treat_symbols_as_metadata_keys_with_true_values = true -end - diff --git a/concat/spec/unit/classes/concat_setup_spec.rb b/concat/spec/unit/classes/concat_setup_spec.rb deleted file mode 100644 index c6ff93e0a..000000000 --- a/concat/spec/unit/classes/concat_setup_spec.rb +++ /dev/null @@ -1,98 +0,0 @@ -require 'spec_helper' - -describe 'concat::setup', :type => :class do - - shared_examples 'setup' do |concatdir| - concatdir = '/foo' if concatdir.nil? - - let(:facts) do - { - :concat_basedir => concatdir, - :caller_module_name => 'Test', - :osfamily => 'Debian', - :id => 'root', - :is_pe => false, - } - end - - it do - should contain_file("#{concatdir}/bin/concatfragments.rb").with({ - :mode => '0755', - :owner => 'root', - :group => 0, - :source => 'puppet:///modules/concat/concatfragments.rb', - }) - end - - [concatdir, "#{concatdir}/bin"].each do |file| - it do - should contain_file(file).with({ - :ensure => 'directory', - :mode => '0755', - :owner => 'root', - :group => 0, - }) - end - end - end - - context 'facts' do - context 'concat_basedir =>' do - context '/foo' do - it_behaves_like 'setup', '/foo' - end - end - end # facts - - context 'deprecated as a public class' do - it 'should create a warning' do - skip('rspec-puppet support for testing warning()') - end - end - - context "on osfamily Solaris" do - concatdir = '/foo' - let(:facts) do - { - :concat_basedir => concatdir, - :caller_module_name => 'Test', - :osfamily => 'Solaris', - :id => 'root', - :is_pe => false, - } - end - - it do - should contain_file("#{concatdir}/bin/concatfragments.rb").with({ - :ensure => 'file', - :owner => 'root', - :group => 0, - :mode => '0755', - :source => 'puppet:///modules/concat/concatfragments.rb', - }) - end - end # on osfamily Solaris - - context "on osfamily windows" do - concatdir = '/foo' - let(:facts) do - { - :concat_basedir => concatdir, - :caller_module_name => 'Test', - :osfamily => 'windows', - :id => 'batman', - :is_pe => false, - } - end - - it do - should contain_file("#{concatdir}/bin/concatfragments.rb").with({ - :ensure => 'file', - :owner => nil, - :group => nil, - :mode => nil, - :source => 'puppet:///modules/concat/concatfragments.rb', - }) - end - end # on osfamily windows -end diff --git a/concat/spec/unit/defines/concat_fragment_spec.rb b/concat/spec/unit/defines/concat_fragment_spec.rb deleted file mode 100644 index 5c350d16b..000000000 --- a/concat/spec/unit/defines/concat_fragment_spec.rb +++ /dev/null @@ -1,338 +0,0 @@ -require 'spec_helper' - -describe 'concat::fragment', :type => :define do - - shared_examples 'fragment' do |title, params| - params = {} if params.nil? - - p = { - :content => nil, - :source => nil, - :order => 10, - :ensure => 'present', - }.merge(params) - - safe_name = title.gsub(/[\/\n]/, '_') - safe_target_name = p[:target].gsub(/[\/\n]/, '_') - concatdir = '/var/lib/puppet/concat' - fragdir = "#{concatdir}/#{safe_target_name}" - id = 'root' - gid = 'root' - if p[:ensure] == 'absent' - safe_ensure = p[:ensure] - else - safe_ensure = 'file' - end - - let(:title) { title } - let(:facts) do - { - :concat_basedir => concatdir, - :id => id, - :gid => gid, - :osfamily => 'Debian', - :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', - :is_pe => false, - } - end - let(:params) { params } - let(:pre_condition) do - "concat{ '#{p[:target]}': }" - end - - it do - should contain_class('concat::setup') - should contain_concat(p[:target]) - should contain_file("#{fragdir}/fragments/#{p[:order]}_#{safe_name}").with({ - :ensure => safe_ensure, - :owner => id, - :mode => '0640', - :source => p[:source], - :content => p[:content], - :alias => "concat_fragment_#{title}", - :backup => false, - }) - # The defined() function doesn't seem to work properly with puppet 3.4 and rspec. - # defined() works on its own, rspec works on its own, but together they - # determine that $gid is not defined and cause errors here. Work around - # it by ignoring this check for older puppet version. - if Puppet::Util::Package.versioncmp(Puppet.version, '3.5.0') >= 0 - should contain_file("#{fragdir}/fragments/#{p[:order]}_#{safe_name}").with({ - :group => gid, - }) - end - end - end - - context 'title' do - ['0', '1', 'a', 'z'].each do |title| - it_behaves_like 'fragment', title, { - :target => '/etc/motd', - } - end - end # title - - context 'target =>' do - ['./etc/motd', 'etc/motd', 'motd_header'].each do |target| - context target do - it_behaves_like 'fragment', target, { - :target => '/etc/motd', - } - end - end - - context 'false' do - let(:title) { 'motd_header' } - let(:facts) {{ :concat_basedir => '/tmp', :is_pe => false }} - let(:params) {{ :target => false }} - - it 'should fail' do - expect { catalogue }.to raise_error(Puppet::Error, /is not a string/) - end - end - end # target => - - context 'ensure =>' do - ['present', 'absent'].each do |ens| - context ens do - it_behaves_like 'fragment', 'motd_header', { - :ensure => ens, - :target => '/etc/motd', - } - end - end - - context 'any value other than \'present\' or \'absent\'' do - let(:title) { 'motd_header' } - let(:facts) {{ :concat_basedir => '/tmp', :is_pe => false }} - let(:params) {{ :ensure => 'invalid', :target => '/etc/motd' }} - - it 'should create a warning' do - skip('rspec-puppet support for testing warning()') - end - end - end # ensure => - - context 'content =>' do - ['', 'ashp is our hero'].each do |content| - context content do - it_behaves_like 'fragment', 'motd_header', { - :content => content, - :target => '/etc/motd', - } - end - end - - context 'false' do - let(:title) { 'motd_header' } - let(:facts) {{ :concat_basedir => '/tmp', :is_pe => false }} - let(:params) {{ :content => false, :target => '/etc/motd' }} - - it 'should fail' do - expect { catalogue }.to raise_error(Puppet::Error, /is not a string/) - end - end - end # content => - - context 'source =>' do - ['', '/foo/bar', ['/foo/bar', '/foo/baz']].each do |source| - context source do - it_behaves_like 'fragment', 'motd_header', { - :source => source, - :target => '/etc/motd', - } - end - end - - context 'false' do - let(:title) { 'motd_header' } - let(:facts) {{ :concat_basedir => '/tmp', :is_pe => false }} - let(:params) {{ :source => false, :target => '/etc/motd' }} - - it 'should fail' do - expect { catalogue }.to raise_error(Puppet::Error, /is not a string or an Array/) - end - end - end # source => - - context 'order =>' do - ['', '42', 'a', 'z'].each do |order| - context '\'\'' do - it_behaves_like 'fragment', 'motd_header', { - :order => order, - :target => '/etc/motd', - } - end - end - - context 'false' do - let(:title) { 'motd_header' } - let(:facts) {{ :concat_basedir => '/tmp', :is_pe => false }} - let(:params) {{ :order => false, :target => '/etc/motd' }} - - it 'should fail' do - expect { catalogue }.to raise_error(Puppet::Error, /is not a string or integer/) - end - end - - context '123:456' do - let(:title) { 'motd_header' } - let(:facts) {{ :concat_basedir => '/tmp', :is_pe => false }} - let(:params) {{ :order => '123:456', :target => '/etc/motd' }} - - it 'should fail' do - expect { catalogue }.to raise_error(Puppet::Error, /cannot contain/) - end - end - context '123/456' do - let(:title) { 'motd_header' } - let(:facts) {{ :concat_basedir => '/tmp', :is_pe => false }} - let(:params) {{ :order => '123/456', :target => '/etc/motd' }} - - it 'should fail' do - expect { catalogue }.to raise_error(Puppet::Error, /cannot contain/) - end - end - context '123\n456' do - let(:title) { 'motd_header' } - let(:facts) {{ :concat_basedir => '/tmp', :is_pe => false }} - let(:params) {{ :order => "123\n456", :target => '/etc/motd' }} - - it 'should fail' do - expect { catalogue }.to raise_error(Puppet::Error, /cannot contain/) - end - end - end # order => - - context 'more than one content source' do - error_msg = 'You cannot specify more than one of $content, $source, $ensure => /target' - - context 'ensure => target and source' do - let(:title) { 'motd_header' } - let(:facts) do - { - :concat_basedir => '/tmp', - :osfamily => 'Debian', - :id => 'root', - :is_pe => false, - :gid => 'root', - } - end - let(:params) do - { - :target => '/etc/motd', - :ensure => '/foo', - :source => '/bar', - } - end - - it 'should fail' do - expect { catalogue }.to raise_error(Puppet::Error, /#{Regexp.escape(error_msg)}/m) - end - end - - context 'ensure => target and content' do - let(:title) { 'motd_header' } - let(:facts) do - { - :concat_basedir => '/tmp', - :osfamily => 'Debian', - :id => 'root', - :is_pe => false, - :gid => 'root', - } - end - let(:params) do - { - :target => '/etc/motd', - :ensure => '/foo', - :content => 'bar', - } - end - - it 'should fail' do - expect { catalogue }.to raise_error(Puppet::Error, /#{Regexp.escape(error_msg)}/m) - end - end - - context 'source and content' do - let(:title) { 'motd_header' } - let(:facts) do - { - :concat_basedir => '/tmp', - :osfamily => 'Debian', - :id => 'root', - :is_pe => false, - :gid => 'root', - } - end - let(:params) do - { - :target => '/etc/motd', - :source => '/foo', - :content => 'bar', - } - end - - it 'should fail' do - expect { catalogue }.to raise_error(Puppet::Error, /#{Regexp.escape(error_msg)}/m) - end - end - - end # more than one content source - - describe 'deprecated parameter' do - context 'mode =>' do - context '1755' do - it_behaves_like 'fragment', 'motd_header', { - :mode => '1755', - :target => '/etc/motd', - } - - it 'should create a warning' do - skip('rspec-puppet support for testing warning()') - end - end - end # mode => - - context 'owner =>' do - context 'apenny' do - it_behaves_like 'fragment', 'motd_header', { - :owner => 'apenny', - :target => '/etc/motd', - } - - it 'should create a warning' do - skip('rspec-puppet support for testing warning()') - end - end - end # owner => - - context 'group =>' do - context 'apenny' do - it_behaves_like 'fragment', 'motd_header', { - :group => 'apenny', - :target => '/etc/motd', - } - - it 'should create a warning' do - skip('rspec-puppet support for testing warning()') - end - end - end # group => - - context 'backup =>' do - context 'foo' do - it_behaves_like 'fragment', 'motd_header', { - :backup => 'foo', - :target => '/etc/motd', - } - - it 'should create a warning' do - skip('rspec-puppet support for testing warning()') - end - end - end # backup => - end # deprecated params - -end diff --git a/concat/spec/unit/defines/concat_spec.rb b/concat/spec/unit/defines/concat_spec.rb deleted file mode 100644 index 6b97c2597..000000000 --- a/concat/spec/unit/defines/concat_spec.rb +++ /dev/null @@ -1,486 +0,0 @@ -require 'spec_helper' - -describe 'concat', :type => :define do - - shared_examples 'concat' do |title, params, id| - params = {} if params.nil? - id = 'root' if id.nil? - - # default param values - p = { - :ensure => 'present', - :path => title, - :owner => nil, - :group => nil, - :mode => '0644', - :warn => false, - :force => false, - :backup => 'puppet', - :backup_fragments => false, - :replace => true, - :order => 'alpha', - :ensure_newline => false, - :validate_cmd => nil, - }.merge(params) - - safe_name = title.gsub('/', '_') - concatdir = '/var/lib/puppet/concat' - fragdir = "#{concatdir}/#{safe_name}" - concat_name = 'fragments.concat.out' - default_warn_message = '# This file is managed by Puppet. DO NOT EDIT.' - - let(:title) { title } - let(:params) { params } - let(:facts) do - { - :concat_basedir => concatdir, - :id => id, - :osfamily => 'Debian', - :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', - :kernel => 'Linux', - :is_pe => false, - } - end - - if p[:ensure] == 'present' - it do - should contain_file(fragdir).with({ - :ensure => 'directory', - :mode => '0750', - }) - end - - it do - should contain_file("#{fragdir}/fragments").with({ - :ensure => 'directory', - :mode => '0750', - :force => true, - :ignore => ['.svn', '.git', '.gitignore'], - :backup => false, - :purge => true, - :recurse => true, - }) - end - - [ - "#{fragdir}/fragments.concat", - "#{fragdir}/#{concat_name}", - ].each do |file| - it do - should contain_file(file).with({ - :ensure => 'present', - :mode => '0640', - }) - end - end - - it do - should contain_file(title).with({ - :ensure => 'present', - :owner => p[:owner], - :group => p[:group], - :mode => p[:mode], - :replace => p[:replace], - :path => p[:path], - :alias => "concat_#{title}", - :source => "#{fragdir}/#{concat_name}", - :validate_cmd => p[:validate_cmd], - :backup => p[:backup], - :selinux_ignore_defaults => p[:selinux_ignore_defaults], - :selrange => p[:selrange], - :selrole => p[:selrole], - :seltype => p[:seltype], - :seluser => p[:seluser], - }) - end - - cmd = "#{concatdir}/bin/concatfragments.rb " + - "-o \"#{concatdir}/#{safe_name}/fragments.concat.out\" " + - "-d \"#{concatdir}/#{safe_name}\"" - - # flag order: fragdir, warnflag, forceflag, orderflag, newlineflag - if p.has_key?(:warn) - case p[:warn] - when TrueClass - message = default_warn_message - when 'true', 'yes', 'on' - # should generate a stringified boolean warning - message = default_warn_message - when FalseClass - message = nil - when 'false', 'no', 'off' - # should generate a stringified boolean warning - message = nil - else - message = p[:warn] - end - - unless message.nil? - cmd += " -w \'#{message}\'" - end - end - - cmd += " -f" if p[:force] - cmd += " -n" if p[:order] == 'numeric' - cmd += " -l" if p[:ensure_newline] == true - - it do - should contain_exec("concat_#{title}").with({ - :alias => "concat_#{fragdir}", - :command => cmd, - :unless => "#{cmd} -t", - }) - end - else - [ - fragdir, - "#{fragdir}/fragments", - "#{fragdir}/fragments.concat", - "#{fragdir}/#{concat_name}", - ].each do |file| - it do - should contain_file(file).with({ - :ensure => 'absent', - :force => true, - }) - end - end - - it do - should contain_file(title).with({ - :ensure => 'absent', - :backup => p[:backup], - }) - end - - it do - should contain_exec("concat_#{title}").with({ - :alias => "concat_#{fragdir}", - :command => 'true', - :unless => 'true', - :path => '/bin:/usr/bin', - }) - end - end - end - - context 'title' do - context 'without path param' do - # title/name is the default value for the path param. therefore, the - # title must be an absolute path unless path is specified - ['/foo', '/foo/bar', '/foo/bar/baz'].each do |title| - context title do - it_behaves_like 'concat', '/etc/foo.bar' - end - end - - ['./foo', 'foo', 'foo/bar'].each do |title| - context title do - let(:title) { title } - it 'should fail' do - expect { catalogue }.to raise_error(Puppet::Error, /is not an absolute path/) - end - end - end - end - - context 'with path param' do - ['./foo', 'foo', 'foo/bar'].each do |title| - context title do - it_behaves_like 'concat', title, { :path => '/etc/foo.bar' } - end - end - end - end # title => - - context 'as non-root user' do - it_behaves_like 'concat', '/etc/foo.bar', {}, 'bob' - end - - context 'ensure =>' do - ['present', 'absent'].each do |ens| - context ens do - it_behaves_like 'concat', '/etc/foo.bar', { :ensure => ens } - end - end - - context 'invalid' do - let(:title) { '/etc/foo.bar' } - let(:params) {{ :ensure => 'invalid' }} - it 'should fail' do - expect { catalogue }.to raise_error(Puppet::Error, /#{Regexp.escape('does not match "^present$|^absent$"')}/) - end - end - end # ensure => - - context 'path =>' do - context '/foo' do - it_behaves_like 'concat', '/etc/foo.bar', { :path => '/foo' } - end - - ['./foo', 'foo', 'foo/bar', false].each do |path| - context path do - let(:title) { '/etc/foo.bar' } - let(:params) {{ :path => path }} - it 'should fail' do - expect { catalogue }.to raise_error(Puppet::Error, /is not an absolute path/) - end - end - end - end # path => - - context 'owner =>' do - context 'apenney' do - it_behaves_like 'concat', '/etc/foo.bar', { :owner => 'apenny' } - end - - context '1000' do - it_behaves_like 'concat', '/etc/foo.bar', { :owner => 1000 } - end - - context 'false' do - let(:title) { '/etc/foo.bar' } - let(:params) {{ :owner => false }} - it 'should fail' do - expect { catalogue }.to raise_error(Puppet::Error, /\$owner must be a string or integer/) - end - end - end # owner => - - context 'group =>' do - context 'apenney' do - it_behaves_like 'concat', '/etc/foo.bar', { :group => 'apenny' } - end - - context '1000' do - it_behaves_like 'concat', '/etc/foo.bar', { :group => 1000 } - end - - context 'false' do - let(:title) { '/etc/foo.bar' } - let(:params) {{ :group => false }} - it 'should fail' do - expect { catalogue }.to raise_error(Puppet::Error, /\$group must be a string or integer/) - end - end - end # group => - - context 'mode =>' do - context '1755' do - it_behaves_like 'concat', '/etc/foo.bar', { :mode => '1755' } - end - - context 'false' do - let(:title) { '/etc/foo.bar' } - let(:params) {{ :mode => false }} - it 'should fail' do - expect { catalogue }.to raise_error(Puppet::Error, /is not a string/) - end - end - end # mode => - - context 'warn =>' do - [true, false, '# foo'].each do |warn| - context warn do - it_behaves_like 'concat', '/etc/foo.bar', { :warn => warn } - end - end - - context '(stringified boolean)' do - ['true', 'yes', 'on', 'false', 'no', 'off'].each do |warn| - context warn do - it_behaves_like 'concat', '/etc/foo.bar', { :warn => warn } - - it 'should create a warning' do - skip('rspec-puppet support for testing warning()') - end - end - end - end - - context '123' do - let(:title) { '/etc/foo.bar' } - let(:params) {{ :warn => 123 }} - it 'should fail' do - expect { catalogue }.to raise_error(Puppet::Error, /is not a string or boolean/) - end - end - end # warn => - - context 'force =>' do - [true, false].each do |force| - context force do - it_behaves_like 'concat', '/etc/foo.bar', { :force => force } - end - end - - context '123' do - let(:title) { '/etc/foo.bar' } - let(:params) {{ :force => 123 }} - it 'should fail' do - expect { catalogue }.to raise_error(Puppet::Error, /is not a boolean/) - end - end - end # force => - - context 'backup =>' do - context 'reverse' do - it_behaves_like 'concat', '/etc/foo.bar', { :backup => 'reverse' } - end - - context 'false' do - it_behaves_like 'concat', '/etc/foo.bar', { :backup => false } - end - - context 'true' do - it_behaves_like 'concat', '/etc/foo.bar', { :backup => true } - end - - context 'true' do - let(:title) { '/etc/foo.bar' } - let(:params) {{ :backup => [] }} - it 'should fail' do - expect { catalogue }.to raise_error(Puppet::Error, /backup must be string or bool/) - end - end - end # backup => - - context 'backup_fragments =>' do - context 'true' do - it_behaves_like 'concat', '/etc/foo.bar', { :backup_fragments => true } - end - - context 'false' do - it_behaves_like 'concat', '/etc/foo.bar', { :backup_fragments => false } - end - - context 'invalid' do - let(:title) { '/etc/foo.bar' } - let(:params) {{ :backup_fragments => "invalid" }} - it 'should fail' do - expect { catalogue }.to raise_error(Puppet::Error, /is not a boolean/) - end - end - end # backup_fragments => - context 'replace =>' do - [true, false].each do |replace| - context replace do - it_behaves_like 'concat', '/etc/foo.bar', { :replace => replace } - end - end - - context '123' do - let(:title) { '/etc/foo.bar' } - let(:params) {{ :replace => 123 }} - it 'should fail' do - expect { catalogue }.to raise_error(Puppet::Error, /is not a boolean/) - end - end - end # replace => - - context 'order =>' do - ['alpha', 'numeric'].each do |order| - context order do - it_behaves_like 'concat', '/etc/foo.bar', { :order => order } - end - end - - context 'invalid' do - let(:title) { '/etc/foo.bar' } - let(:params) {{ :order => 'invalid' }} - it 'should fail' do - expect { catalogue }.to raise_error(Puppet::Error, /#{Regexp.escape('does not match "^alpha$|^numeric$"')}/) - end - end - end # order => - - context 'ensure_newline =>' do - [true, false].each do |ensure_newline| - context 'true' do - it_behaves_like 'concat', '/etc/foo.bar', { :ensure_newline => ensure_newline} - end - end - - context '123' do - let(:title) { '/etc/foo.bar' } - let(:params) {{ :ensure_newline => 123 }} - it 'should fail' do - expect { catalogue }.to raise_error(Puppet::Error, /is not a boolean/) - end - end - end # ensure_newline => - - context 'validate_cmd =>' do - if Puppet::Util::Package::versioncmp(Puppet::version, '3.5.0') > 0 - context '/usr/bin/test -e %' do - it_behaves_like 'concat', '/etc/foo.bar', { :validate_cmd => '/usr/bin/test -e %' } - end - - [ 1234, true ].each do |cmd| - context cmd do - let(:title) { '/etc/foo.bar' } - let(:params) {{ :validate_cmd => cmd }} - it 'should fail' do - expect { catalogue }.to raise_error(Puppet::Error, /\$validate_cmd must be a string/) - end - end - end - end - end # validate_cmd => - - context 'selinux_ignore_defaults =>' do - let(:title) { '/etc/foo.bar' } - - [true, false].each do |v| - context v do - it_behaves_like 'concat', '/etc/foo.bar', { :selinux_ignore_defaults => v } - end - end - - context '123' do - let(:title) { '/etc/foo.bar' } - let(:params) {{ :selinux_ignore_defaults => 123 }} - it 'should fail' do - expect { catalogue }.to raise_error(Puppet::Error, /is not a boolean/) - end - end - end # selinux_ignore_defaults => - - [ - :selrange, - :selrole, - :seltype, - :seluser, - ].each do |p| - context " #{p} =>" do - let(:title) { '/etc/foo.bar' } - - context 'foo' do - it_behaves_like 'concat', '/etc/foo.bar', { p => 'foo' } - end - - context 'false' do - let(:title) { '/etc/foo.bar' } - let(:params) {{ p => false }} - it 'should fail' do - expect { catalogue }.to raise_error(Puppet::Error, /is not a string/) - end - end - end # #{p} => - end - - describe 'deprecated parameter' do - context 'gnu =>' do - context 'foo' do - it_behaves_like 'concat', '/etc/foo.bar', { :gnu => 'foo'} - - it 'should create a warning' do - skip('rspec-puppet support for testing warning()') - end - end - end - end - -end - -# vim:sw=2:ts=2:expandtab:textwidth=79 diff --git a/concat/spec/unit/facts/concat_basedir_spec.rb b/concat/spec/unit/facts/concat_basedir_spec.rb deleted file mode 100644 index 41bc90f15..000000000 --- a/concat/spec/unit/facts/concat_basedir_spec.rb +++ /dev/null @@ -1,18 +0,0 @@ -require 'spec_helper' - -describe 'concat_basedir', :type => :fact do - before(:each) { Facter.clear } - - context 'Puppet[:vardir] ==' do - it '/var/lib/puppet' do - Puppet.stubs(:[]).with(:vardir).returns('/var/lib/puppet') - Facter.fact(:concat_basedir).value.should == '/var/lib/puppet/concat' - end - - it '/home/apenny/.puppet/var' do - Puppet.stubs(:[]).with(:vardir).returns('/home/apenny/.puppet/var') - Facter.fact(:concat_basedir).value.should == '/home/apenny/.puppet/var/concat' - end - end - -end diff --git a/concat/tests/fragment.pp b/concat/tests/fragment.pp deleted file mode 100644 index a2dfaca29..000000000 --- a/concat/tests/fragment.pp +++ /dev/null @@ -1,19 +0,0 @@ -concat { 'testconcat': - ensure => present, - path => '/tmp/concat', - owner => 'root', - group => 'root', - mode => '0664', -} - -concat::fragment { '1': - target => 'testconcat', - content => '1', - order => '01', -} - -concat::fragment { '2': - target => 'testconcat', - content => '2', - order => '02', -} diff --git a/concat/tests/init.pp b/concat/tests/init.pp deleted file mode 100644 index fd2142718..000000000 --- a/concat/tests/init.pp +++ /dev/null @@ -1,7 +0,0 @@ -concat { '/tmp/concat': - ensure => present, - force => true, - owner => 'root', - group => 'root', - mode => '0644', -} diff --git a/contrail/.fixtures.yml b/contrail/.fixtures.yml deleted file mode 100644 index bbda28591..000000000 --- a/contrail/.fixtures.yml +++ /dev/null @@ -1,6 +0,0 @@ -fixtures: - symlinks: - 'contrail': "#{source_dir}" - repositories: - 'stdlib': 'git://github.com/puppetlabs/puppetlabs-stdlib.git' - 'inifile': 'git://github.com/puppetlabs/puppetlabs-inifile.git' diff --git a/contrail/.forgeignore b/contrail/.forgeignore deleted file mode 100644 index e91ba88f2..000000000 --- a/contrail/.forgeignore +++ /dev/null @@ -1,15 +0,0 @@ -# Managed by modulesync -# Configs https://github.com/sbadia/modulesync_configs/ -# -- pkg/ -- spec/ -- Rakefile -- coverage/ -- .git/ -- .forgeignore -- .travis.yml -- .gitignore -- Gemfile -- Gemfile.lock -- .fixtures.yml -- .vagrant diff --git a/contrail/.gitignore b/contrail/.gitignore deleted file mode 100644 index 7da0e1f25..000000000 --- a/contrail/.gitignore +++ /dev/null @@ -1,11 +0,0 @@ -# Managed by modulesync -# Configs https://github.com/sbadia/modulesync_configs/ -# -pkg/ -Gemfile.lock -vendor/ -spec/fixtures/ -.vagrant/ -.bundle/ -coverage/ -*.sw* diff --git a/contrail/.travis.yml b/contrail/.travis.yml deleted file mode 100644 index 0fad53223..000000000 --- a/contrail/.travis.yml +++ /dev/null @@ -1,19 +0,0 @@ -# Managed by modulesync -# Configs https://github.com/sbadia/modulesync_configs/ -# ---- -language: ruby -bundler_args: --without system_tests -script: "bundle exec rake validate && bundle exec rake lint && bundle exec rake spec SPEC_OPTS='--format documentation'" -sudo: false -matrix: - fast_finish: true - include: - - rvm: 1.9.3 - env: PUPPET_GEM_VERSION="~> 3.0" - - rvm: 2.1.5 - env: PUPPET_GEM_VERSION="~> 3.0" - - rvm: 2.1.5 - env: PUPPET_GEM_VERSION="~> 3.0" FUTURE_PARSER="yes" -notifications: - email: false diff --git a/contrail/CHANGELOG.md b/contrail/CHANGELOG.md deleted file mode 100644 index c6d4a58d5..000000000 --- a/contrail/CHANGELOG.md +++ /dev/null @@ -1,5 +0,0 @@ -# vi: set ft=changelog : - -2015-07-09 - 1.0.0 - * features: - First release diff --git a/contrail/CONTRIBUTING.md b/contrail/CONTRIBUTING.md deleted file mode 100644 index f1cbde4bb..000000000 --- a/contrail/CONTRIBUTING.md +++ /dev/null @@ -1,220 +0,0 @@ -Checklist (and a short version for the impatient) -================================================= - - * Commits: - - - Make commits of logical units. - - - Check for unnecessary whitespace with "git diff --check" before - committing. - - - Commit using Unix line endings (check the settings around "crlf" in - git-config(1)). - - - Do not check in commented out code or unneeded files. - - - The first line of the commit message should be a short - description (50 characters is the soft limit, excluding ticket - number(s)), and should skip the full stop. - - - Associate the issue in the message. The first line should include - the issue number in the form "(#XXXX) Rest of message". - - - The body should provide a meaningful commit message, which: - - - uses the imperative, present tense: "change", not "changed" or - "changes". - - - includes motivation for the change, and contrasts its - implementation with the previous behavior. - - - Make sure that you have tests for the bug you are fixing, or - feature you are adding. - - - Make sure the test suites passes after your commit: - `bundle exec rspec spec/acceptance` More information on [testing](#Testing) below - - - When introducing a new feature, make sure it is properly - documented in the README.md - - * Submission: - - * Pre-requisites: - - - Make sure you have a [GitHub account](https://github.com/join) - - - [Create a ticket](https://tickets.puppetlabs.com/secure/CreateIssue!default.jspa), or [watch the ticket](https://tickets.puppetlabs.com/browse/) you are patching for. - - * Preferred method: - - - Fork the repository on GitHub. - - - Push your changes to a topic branch in your fork of the - repository. (the format ticket/1234-short_description_of_change is - usually preferred for this project). - - - Submit a pull request to the repository in the puppetlabs - organization. - -The long version -================ - - 1. Make separate commits for logically separate changes. - - Please break your commits down into logically consistent units - which include new or changed tests relevant to the rest of the - change. The goal of doing this is to make the diff easier to - read for whoever is reviewing your code. In general, the easier - your diff is to read, the more likely someone will be happy to - review it and get it into the code base. - - If you are going to refactor a piece of code, please do so as a - separate commit from your feature or bug fix changes. - - We also really appreciate changes that include tests to make - sure the bug is not re-introduced, and that the feature is not - accidentally broken. - - Describe the technical detail of the change(s). If your - description starts to get too long, that is a good sign that you - probably need to split up your commit into more finely grained - pieces. - - Commits which plainly describe the things which help - reviewers check the patch and future developers understand the - code are much more likely to be merged in with a minimum of - bike-shedding or requested changes. Ideally, the commit message - would include information, and be in a form suitable for - inclusion in the release notes for the version of Puppet that - includes them. - - Please also check that you are not introducing any trailing - whitespace or other "whitespace errors". You can do this by - running "git diff --check" on your changes before you commit. - - 2. Sending your patches - - To submit your changes via a GitHub pull request, we _highly_ - recommend that you have them on a topic branch, instead of - directly on "master". - It makes things much easier to keep track of, especially if - you decide to work on another thing before your first change - is merged in. - - GitHub has some pretty good - [general documentation](http://help.github.com/) on using - their site. They also have documentation on - [creating pull requests](http://help.github.com/send-pull-requests/). - - In general, after pushing your topic branch up to your - repository on GitHub, you can switch to the branch in the - GitHub UI and click "Pull Request" towards the top of the page - in order to open a pull request. - - - 3. Update the related GitHub issue. - - If there is a GitHub issue associated with the change you - submitted, then you should update the ticket to include the - location of your branch, along with any other commentary you - may wish to make. - -Testing -======= - -Getting Started ---------------- - -Our puppet modules provide [`Gemfile`](./Gemfile)s which can tell a ruby -package manager such as [bundler](http://bundler.io/) what Ruby packages, -or Gems, are required to build, develop, and test this software. - -Please make sure you have [bundler installed](http://bundler.io/#getting-started) -on your system, then use it to install all dependencies needed for this project, -by running - -```shell -% bundle install -Fetching gem metadata from https://rubygems.org/........ -Fetching gem metadata from https://rubygems.org/.. -Using rake (10.1.0) -Using builder (3.2.2) --- 8><-- many more --><8 -- -Using rspec-system-puppet (2.2.0) -Using serverspec (0.6.3) -Using rspec-system-serverspec (1.0.0) -Using bundler (1.3.5) -Your bundle is complete! -Use `bundle show [gemname]` to see where a bundled gem is installed. -``` - -NOTE some systems may require you to run this command with sudo. - -If you already have those gems installed, make sure they are up-to-date: - -```shell -% bundle update -``` - -With all dependencies in place and up-to-date we can now run the tests: - -```shell -% rake spec -``` - -This will execute all the [rspec tests](http://rspec-puppet.com/) tests -under [spec/defines](./spec/defines), [spec/classes](./spec/classes), -and so on. rspec tests may have the same kind of dependencies as the -module they are testing. While the module defines in its [Modulefile](./Modulefile), -rspec tests define them in [.fixtures.yml](./fixtures.yml). - -Some puppet modules also come with [beaker](https://github.com/puppetlabs/beaker) -tests. These tests spin up a virtual machine under -[VirtualBox](https://www.virtualbox.org/)) with, controlling it with -[Vagrant](http://www.vagrantup.com/) to actually simulate scripted test -scenarios. In order to run these, you will need both of those tools -installed on your system. - -You can run them by issuing the following command - -```shell -% rake spec_clean -% rspec spec/acceptance -``` - -This will now download a pre-fabricated image configured in the [default node-set](./spec/acceptance/nodesets/default.yml), -install puppet, copy this module and install its dependencies per [spec/spec_helper_acceptance.rb](./spec/spec_helper_acceptance.rb) -and then run all the tests under [spec/acceptance](./spec/acceptance). - -Writing Tests -------------- - -XXX getting started writing tests. - -If you have commit access to the repository -=========================================== - -Even if you have commit access to the repository, you will still need to -go through the process above, and have someone else review and merge -in your changes. The rule is that all changes must be reviewed by a -developer on the project (that did not write the code) to ensure that -all changes go through a code review process. - -Having someone other than the author of the topic branch recorded as -performing the merge is the record that they performed the code -review. - - -Additional Resources -==================== - -* [Getting additional help](http://puppetlabs.com/community/get-help) - -* [Writing tests](http://projects.puppetlabs.com/projects/puppet/wiki/Development_Writing_Tests) - -* [Patchwork](https://patchwork.puppetlabs.com) - -* [General GitHub documentation](http://help.github.com/) - -* [GitHub pull request documentation](http://help.github.com/send-pull-requests/) - diff --git a/contrail/Gemfile b/contrail/Gemfile deleted file mode 100644 index 88cab1dfa..000000000 --- a/contrail/Gemfile +++ /dev/null @@ -1,42 +0,0 @@ -# Managed by modulesync -# Configs https://github.com/sbadia/modulesync_configs/ -# -source ENV['GEM_SOURCE'] || "https://rubygems.org" - -group :development, :unit_tests do - gem 'puppetlabs_spec_helper', :require => false - gem 'rspec-puppet', '2.2.0', :require => false - gem 'puppet-blacksmith', :require => false - gem 'puppet-lint-param-docs', :require => false - gem 'puppet-lint-absolute_classname-check', :require => false - gem 'puppet-lint-absolute_template_path', :require => false - gem 'puppet-lint-trailing_newline-check', :require => false - gem 'puppet-lint-unquoted_string-check', :require => false - gem 'puppet-lint-leading_zero-check', :require => false - gem 'puppet-lint-variable_contains_upcase', :require => false - gem 'puppet-lint-numericvariable', :require => false - gem 'puppet-lint-file_ensure-check', :require => false - gem 'puppet-lint-trailing_comma-check', :require => false - gem 'metadata-json-lint', :require => false - gem 'puppet_facts', :require => false - gem 'json', :require => false -end - -group :system_tests do - gem 'beaker-rspec', :require => false - gem 'beaker-puppet_install_helper', :require => false -end - -if facterversion = ENV['FACTER_GEM_VERSION'] - gem 'facter', facterversion, :require => false -else - gem 'facter', :require => false -end - -if puppetversion = ENV['PUPPET_GEM_VERSION'] - gem 'puppet', puppetversion, :require => false -else - gem 'puppet', :require => false -end - -# vim:ft=ruby diff --git a/contrail/LICENSE b/contrail/LICENSE deleted file mode 100644 index 8d968b6cb..000000000 --- a/contrail/LICENSE +++ /dev/null @@ -1,201 +0,0 @@ - Apache License - Version 2.0, January 2004 - http://www.apache.org/licenses/ - - TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION - - 1. Definitions. - - "License" shall mean the terms and conditions for use, reproduction, - and distribution as defined by Sections 1 through 9 of this document. - - "Licensor" shall mean the copyright owner or entity authorized by - the copyright owner that is granting the License. - - "Legal Entity" shall mean the union of the acting entity and all - other entities that control, are controlled by, or are under common - control with that entity. For the purposes of this definition, - "control" means (i) the power, direct or indirect, to cause the - direction or management of such entity, whether by contract or - otherwise, or (ii) ownership of fifty percent (50%) or more of the - outstanding shares, or (iii) beneficial ownership of such entity. - - "You" (or "Your") shall mean an individual or Legal Entity - exercising permissions granted by this License. - - "Source" form shall mean the preferred form for making modifications, - including but not limited to software source code, documentation - source, and configuration files. - - "Object" form shall mean any form resulting from mechanical - transformation or translation of a Source form, including but - not limited to compiled object code, generated documentation, - and conversions to other media types. - - "Work" shall mean the work of authorship, whether in Source or - Object form, made available under the License, as indicated by a - copyright notice that is included in or attached to the work - (an example is provided in the Appendix below). - - "Derivative Works" shall mean any work, whether in Source or Object - form, that is based on (or derived from) the Work and for which the - editorial revisions, annotations, elaborations, or other modifications - represent, as a whole, an original work of authorship. For the purposes - of this License, Derivative Works shall not include works that remain - separable from, or merely link (or bind by name) to the interfaces of, - the Work and Derivative Works thereof. - - "Contribution" shall mean any work of authorship, including - the original version of the Work and any modifications or additions - to that Work or Derivative Works thereof, that is intentionally - submitted to Licensor for inclusion in the Work by the copyright owner - or by an individual or Legal Entity authorized to submit on behalf of - the copyright owner. For the purposes of this definition, "submitted" - means any form of electronic, verbal, or written communication sent - to the Licensor or its representatives, including but not limited to - communication on electronic mailing lists, source code control systems, - and issue tracking systems that are managed by, or on behalf of, the - Licensor for the purpose of discussing and improving the Work, but - excluding communication that is conspicuously marked or otherwise - designated in writing by the copyright owner as "Not a Contribution." - - "Contributor" shall mean Licensor and any individual or Legal Entity - on behalf of whom a Contribution has been received by Licensor and - subsequently incorporated within the Work. - - 2. Grant of Copyright License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - copyright license to reproduce, prepare Derivative Works of, - publicly display, publicly perform, sublicense, and distribute the - Work and such Derivative Works in Source or Object form. - - 3. Grant of Patent License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - (except as stated in this section) patent license to make, have made, - use, offer to sell, sell, import, and otherwise transfer the Work, - where such license applies only to those patent claims licensable - by such Contributor that are necessarily infringed by their - Contribution(s) alone or by combination of their Contribution(s) - with the Work to which such Contribution(s) was submitted. If You - institute patent litigation against any entity (including a - cross-claim or counterclaim in a lawsuit) alleging that the Work - or a Contribution incorporated within the Work constitutes direct - or contributory patent infringement, then any patent licenses - granted to You under this License for that Work shall terminate - as of the date such litigation is filed. - - 4. Redistribution. You may reproduce and distribute copies of the - Work or Derivative Works thereof in any medium, with or without - modifications, and in Source or Object form, provided that You - meet the following conditions: - - (a) You must give any other recipients of the Work or - Derivative Works a copy of this License; and - - (b) You must cause any modified files to carry prominent notices - stating that You changed the files; and - - (c) You must retain, in the Source form of any Derivative Works - that You distribute, all copyright, patent, trademark, and - attribution notices from the Source form of the Work, - excluding those notices that do not pertain to any part of - the Derivative Works; and - - (d) If the Work includes a "NOTICE" text file as part of its - distribution, then any Derivative Works that You distribute must - include a readable copy of the attribution notices contained - within such NOTICE file, excluding those notices that do not - pertain to any part of the Derivative Works, in at least one - of the following places: within a NOTICE text file distributed - as part of the Derivative Works; within the Source form or - documentation, if provided along with the Derivative Works; or, - within a display generated by the Derivative Works, if and - wherever such third-party notices normally appear. The contents - of the NOTICE file are for informational purposes only and - do not modify the License. You may add Your own attribution - notices within Derivative Works that You distribute, alongside - or as an addendum to the NOTICE text from the Work, provided - that such additional attribution notices cannot be construed - as modifying the License. - - You may add Your own copyright statement to Your modifications and - may provide additional or different license terms and conditions - for use, reproduction, or distribution of Your modifications, or - for any such Derivative Works as a whole, provided Your use, - reproduction, and distribution of the Work otherwise complies with - the conditions stated in this License. - - 5. Submission of Contributions. Unless You explicitly state otherwise, - any Contribution intentionally submitted for inclusion in the Work - by You to the Licensor shall be under the terms and conditions of - this License, without any additional terms or conditions. - Notwithstanding the above, nothing herein shall supersede or modify - the terms of any separate license agreement you may have executed - with Licensor regarding such Contributions. - - 6. Trademarks. This License does not grant permission to use the trade - names, trademarks, service marks, or product names of the Licensor, - except as required for reasonable and customary use in describing the - origin of the Work and reproducing the content of the NOTICE file. - - 7. Disclaimer of Warranty. Unless required by applicable law or - agreed to in writing, Licensor provides the Work (and each - Contributor provides its Contributions) on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or - implied, including, without limitation, any warranties or conditions - of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A - PARTICULAR PURPOSE. You are solely responsible for determining the - appropriateness of using or redistributing the Work and assume any - risks associated with Your exercise of permissions under this License. - - 8. Limitation of Liability. In no event and under no legal theory, - whether in tort (including negligence), contract, or otherwise, - unless required by applicable law (such as deliberate and grossly - negligent acts) or agreed to in writing, shall any Contributor be - liable to You for damages, including any direct, indirect, special, - incidental, or consequential damages of any character arising as a - result of this License or out of the use or inability to use the - Work (including but not limited to damages for loss of goodwill, - work stoppage, computer failure or malfunction, or any and all - other commercial damages or losses), even if such Contributor - has been advised of the possibility of such damages. - - 9. Accepting Warranty or Additional Liability. While redistributing - the Work or Derivative Works thereof, You may choose to offer, - and charge a fee for, acceptance of support, warranty, indemnity, - or other liability obligations and/or rights consistent with this - License. However, in accepting such obligations, You may act only - on Your own behalf and on Your sole responsibility, not on behalf - of any other Contributor, and only if You agree to indemnify, - defend, and hold each Contributor harmless for any liability - incurred by, or claims asserted against, such Contributor by reason - of your accepting any such warranty or additional liability. - - END OF TERMS AND CONDITIONS - - APPENDIX: How to apply the Apache License to your work. - - To apply the Apache License to your work, attach the following - boilerplate notice, with the fields enclosed by brackets "[]" - replaced with your own identifying information. (Don't include - the brackets!) The text should be enclosed in the appropriate - comment syntax for the file format. We also recommend that a - file or class name and description of purpose be included on the - same "printed page" as the copyright notice for easier - identification within third-party archives. - - Copyright [yyyy] [name of copyright owner] - - Licensed under the Apache License, Version 2.0 (the "License"); - you may not use this file except in compliance with the License. - You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - - Unless required by applicable law or agreed to in writing, software - distributed under the License is distributed on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - See the License for the specific language governing permissions and - limitations under the License. diff --git a/contrail/README.md b/contrail/README.md deleted file mode 100644 index b3da49dba..000000000 --- a/contrail/README.md +++ /dev/null @@ -1,86 +0,0 @@ -# Puppet-contrail - -[![Build Status](https://travis-ci.org/redhat-cip/puppet-contrail.png?branch=master)](https://travis-ci.org/redhat-cip/puppet-contrail) -[![Puppet Forge](http://img.shields.io/puppetforge/v/eNovance/contrail.svg)](https://forge.puppetlabs.com/eNovance/contrail) -[![License](http://img.shields.io/:license-apache2-blue.svg)](https://www.apache.org/licenses/LICENSE-2.0.html) - -#### Table of Contents - -1. [Overview - What is the puppet-contrail module?](#overview) -2. [Module Description - What does the module do?](#module-description) -3. [Setup - The basics of getting started with puppet-contrail](#setup) -4. [Implementation - An under-the-hood peek at what the module is doing](#implementation) -5. [Limitations - OS compatibility, etc.](#limitations) -6. [Development - Guide for contributing to the module](#development) -7. [Contributors - Those with commits](#contributors) - -Overview --------- - -A [Puppet Module](http://docs.puppetlabs.com/learning/modules1.html#modules) is a collection of related content that can be used to model the configuration of a discrete service. - -Module Description ------------------- - -The puppet-contrail module is a thorough attempt to make Puppet capable of managing the entirety of OpenContrail. This includes manifests to provision region specific endpoint and database connections. Types are shipped as part of the puppet-contrail module to assist in manipulation of configuration files. - -Setup ------ - -**What the puppet-contrail module affects** - -* puppet-contrail, the Juniper SDN service. - -### Installing puppet-contrail - - example% puppet module install enovance/contrail - -### Beginning with puppet-contrail - -To utilize the puppet-contrail module's functionality you will need to declare multiple resources. The following is a modified excerpt from the [spinalstack module](https://github.com/stackforge/puppet-openstack-cloud). This is not an exhaustive list of all the components needed, we recommend you consult and understand the [spinalstack module](https://github.com/stackforge/puppet-openstack-cloud) and the [core openstack](http://docs.openstack.org) documentation. - -**Define a puppet-contrail node** - -```puppet -class { 'contrail': } -``` - -Implementation --------------- - -### puppet-contrail - -Puppet-contrail is a combination of Puppet manifest and ruby code to delivery configuration and extra functionality through types and providers. - -Limitations ------------- - -* - -Beaker-Rspec ------------- - -This module has beaker-rspec tests - -To run the tests on the default vagrant node: - -```shell -bundle install -bundle exec rake acceptance -``` - -For more information on writing and running beaker-rspec tests visit the documentation: - -* https://github.com/puppetlabs/beaker/wiki/How-to-Write-a-Beaker-Test-for-a-Module - -Development ------------ - -Developer documentation for the entire puppet-openstack project. - -* https://wiki.openstack.org/wiki/Puppet-openstack#Developer_documentation - -Contributors ------------- - -* https://github.com/sbadia/puppet-contrail/graphs/contributors diff --git a/contrail/Rakefile b/contrail/Rakefile deleted file mode 100644 index 718a7bf0c..000000000 --- a/contrail/Rakefile +++ /dev/null @@ -1,27 +0,0 @@ -# -*- mode: ruby -*- -# vi: set ft=ruby : -# -# Managed by modulesync -# Configs https://github.com/sbadia/modulesync_configs/ -# -require 'puppetlabs_spec_helper/rake_tasks' -require 'puppet_blacksmith/rake_tasks' -require 'puppet-lint/tasks/puppet-lint' -require 'puppet-syntax/tasks/puppet-syntax' - -TDIR = File.expand_path(File.dirname(__FILE__)) -NAME = JSON.parse(open('metadata.json').read)['name'].split('-')[1] - -exclude_path = ["spec/**/*","pkg/**/*","vendor/**/*"] - -PuppetLint.configuration.fail_on_warnings = true -PuppetLint.configuration.send('disable_80chars') -PuppetLint.configuration.ignore_paths = exclude_path -PuppetSyntax.exclude_paths = exclude_path - -namespace :module do - desc "Build #{NAME} module (in a clean env, for puppetforge)" - task :build do - exec "rsync -rv --exclude-from=#{TDIR}/.forgeignore . /tmp/#{NAME};cd /tmp/#{NAME};puppet module build" - end -end diff --git a/contrail/files/vrouter/update_dev_net_config_files.py b/contrail/files/vrouter/update_dev_net_config_files.py deleted file mode 100644 index 5ad5c2c9f..000000000 --- a/contrail/files/vrouter/update_dev_net_config_files.py +++ /dev/null @@ -1,381 +0,0 @@ -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. You may obtain -# a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the -# License for the specific language governing permissions and limitations -# under the License. - -import argparse -import platform -import os -import socket -import netifaces -import netaddr -import subprocess -import struct -import tempfile -import xml.etree.ElementTree as ET -import commands -import re - -def find_gateway(dev): - gateway = '' - cmd = "netstat -rn | grep ^\"0.0.0.0\" | grep %s | awk '{ print $2 }'" % \ - dev - gateway = subprocess.check_output(cmd, shell=True).strip() - return gateway -# end find_gateway - - -def get_dns_servers(dev): - cmd = "grep \"^nameserver\\>\" /etc/resolv.conf | awk '{print $2}'" - dns_list = subprocess.check_output(cmd, shell=True) - return dns_list.split() -# end get_dns_servers - - -def get_domain_search_list(): - domain_list = '' - cmd = "grep ^\"search\" /etc/resolv.conf | awk '{$1=\"\";print $0}'" - domain_list = subprocess.check_output(cmd, shell=True).strip() - if not domain_list: - cmd = "grep ^\"domain\" /etc/resolv.conf | awk '{$1=\"\"; print $0}'" - domain_list = subprocess.check_output(cmd, shell=True).strip() - return domain_list - - -def get_if_mtu(dev): - cmd = "ifconfig %s | grep mtu | awk '{ print $NF }'" % dev - mtu = subprocess.check_output(cmd, shell=True).strip() - if not mtu: - # for debian - cmd = "ifconfig %s | grep MTU | sed 's/.*MTU.\([0-9]\+\).*/\1/g'" % dev - mtu = subprocess.check_output(cmd, shell=True).strip() - if mtu and mtu != '1500': - return mtu - return '' -# end if_mtu - - -def get_secondary_device(primary): - for i in netifaces.interfaces (): - try: - if i == 'pkt1': - continue - if i == primary: - continue - if i == 'vhost0': - continue - if not netifaces.ifaddresses (i).has_key (netifaces.AF_INET): - return i - except ValueError,e: - print "Skipping interface %s" % i - raise RuntimeError, '%s not configured, rerun w/ --physical_interface' % ip - - -def get_device_by_ip(ip): - for i in netifaces.interfaces(): - try: - if i == 'pkt1': - continue - if netifaces.AF_INET in netifaces.ifaddresses(i): - if ip == netifaces.ifaddresses(i)[netifaces.AF_INET][0][ - 'addr']: - if i == 'vhost0': - print "vhost0 is already present!" - return i - except ValueError, e: - print "Skipping interface %s" % i - raise RuntimeError('%s not configured, rerun w/ --physical_interface' % ip) -# end get_device_by_ip - - -def rewrite_ifcfg_file(temp_dir_name, filename, dev, prsv_cfg): - bond = False - mac = '' - - if os.path.isdir('/sys/class/net/%s/bonding' % dev): - bond = True - # end if os.path.isdir... - - mac = netifaces.ifaddresses(dev)[netifaces.AF_LINK][0]['addr'] - ifcfg_file = '/etc/sysconfig/network-scripts/ifcfg-%s' % (dev) - if not os.path.isfile(ifcfg_file): - ifcfg_file = temp_dir_name + '/ifcfg-' + dev - with open(ifcfg_file, 'w') as f: - f.write('''#Contrail %s -TYPE=Ethernet -ONBOOT=yes -DEVICE="%s" -USERCTL=yes -NM_CONTROLLED=no -HWADDR=%s -''' % (dev, dev, mac)) - for dcfg in prsv_cfg: - f.write(dcfg + '\n') - f.flush() - fd = open(ifcfg_file) - f_lines = fd.readlines() - fd.close() - new_f_lines = [] - remove_items = ['IPADDR', 'NETMASK', 'PREFIX', 'GATEWAY', 'HWADDR', - 'DNS1', 'DNS2', 'BOOTPROTO', 'NM_CONTROLLED', '#Contrail'] - - remove_items.append('DEVICE') - new_f_lines.append('#Contrail %s\n' % dev) - new_f_lines.append('DEVICE=%s\n' % dev) - - for line in f_lines: - found = False - for text in remove_items: - if text in line: - found = True - if not found: - new_f_lines.append(line) - - new_f_lines.append('NM_CONTROLLED=no\n') - if bond: - new_f_lines.append('SUBCHANNELS=1,2,3\n') - else: - new_f_lines.append('HWADDR=%s\n' % mac) - - fdw = open(filename, 'w') - fdw.writelines(new_f_lines) - fdw.close() -# end rewrite_ifcfg_file - - -def migrate_routes(device): - ''' - Sample output of /proc/net/route : - Iface Destination Gateway Flags RefCnt Use Metric \ - Mask MTU Window IRTT - p4p1 00000000 FED8CC0A 0003 0 0 0 \ - 00000000 0 0 0 - ''' - with open('/etc/sysconfig/network-scripts/route-vhost0', - 'w') as route_cfg_file: - for route in open('/proc/net/route', 'r').readlines(): - if route.startswith(device): - route_fields = route.split() - destination = int(route_fields[1], 16) - gateway = int(route_fields[2], 16) - flags = int(route_fields[3], 16) - mask = int(route_fields[7], 16) - if flags & 0x2: - if destination != 0: - route_cfg_file.write( - socket.inet_ntoa(struct.pack('I', destination))) - route_cfg_file.write( - '/' + str(bin(mask).count('1')) + ' ') - route_cfg_file.write('via ') - route_cfg_file.write( - socket.inet_ntoa(struct.pack('I', gateway)) + ' ') - route_cfg_file.write('dev vhost0') - # end if detination... - # end if flags &... - # end if route.startswith... - # end for route... - # end with open... -# end def migrate_routes - -def _rewrite_net_interfaces_file(temp_dir_name, dev, mac, vhost_ip, netmask, gateway_ip, - host_non_mgmt_ip): - - result,status = commands.getstatusoutput('grep \"iface vhost0\" /etc/network/interfaces') - if status == 0 : - print "Interface vhost0 is already present in /etc/network/interfaces" - print "Skipping rewrite of this file" - return - #endif - - vlan = False - if os.path.isfile ('/proc/net/vlan/%s' % dev): - vlan_info = open('/proc/net/vlan/config').readlines() - match = re.search('^%s.*\|\s+(\S+)$'%dev, "\n".join(vlan_info), flags=re.M|re.I) - if not match: - raise RuntimeError, 'Configured vlan %s is not found in /proc/net/vlan/config'%dev - phydev = match.group(1) - vlan = True - - # Replace strings matching dev to vhost0 in ifup and ifdown parts file - # Any changes to the file/logic with static routes has to be - # reflected in setup-vnc-static-routes.py too - ifup_parts_file = os.path.join(os.path.sep, 'etc', 'network', 'if-up.d', 'routes') - ifdown_parts_file = os.path.join(os.path.sep, 'etc', 'network', 'if-down.d', 'routes') - - if os.path.isfile(ifup_parts_file) and os.path.isfile(ifdown_parts_file): - commands.getstatusoutput("sudo sed -i 's/%s/vhost0/g' %s" %(dev, ifup_parts_file)) - commands.getstatusoutput("sudo sed -i 's/%s/vhost0/g' %s" %(dev, ifdown_parts_file)) - - temp_intf_file = '%s/interfaces' %(temp_dir_name) - commands.getstatusoutput("cp /etc/network/interfaces %s" %(temp_intf_file)) - with open('/etc/network/interfaces', 'r') as fd: - cfg_file = fd.read() - - if not host_non_mgmt_ip: - # remove entry from auto to auto excluding these pattern - # then delete specifically auto - commands.getstatusoutput("sed -i '/auto %s/,/auto/{/auto/!d}' %s" %(dev, temp_intf_file)) - commands.getstatusoutput("sed -i '/auto %s/d' %s" %(dev, temp_intf_file)) - # add manual entry for dev - commands.getstatusoutput("echo 'auto %s' >> %s" %(dev, temp_intf_file)) - commands.getstatusoutput("echo 'iface %s inet manual' >> %s" %(dev, temp_intf_file)) - commands.getstatusoutput("echo ' pre-up ifconfig %s up' >> %s" %(dev, temp_intf_file)) - commands.getstatusoutput("echo ' post-down ifconfig %s down' >> %s" %(dev, temp_intf_file)) - if vlan: - commands.getstatusoutput("echo ' vlan-raw-device %s' >> %s" %(phydev, temp_intf_file)) - if 'bond' in dev.lower(): - iters = re.finditer('^\s*auto\s', cfg_file, re.M) - indices = [match.start() for match in iters] - matches = map(cfg_file.__getslice__, indices, indices[1:] + [len(cfg_file)]) - for each in matches: - each = each.strip() - if re.match('^auto\s+%s'%dev, each): - string = '' - for lines in each.splitlines(): - if 'bond-' in lines: - string += lines+os.linesep - commands.getstatusoutput("echo '%s' >> %s" %(string, temp_intf_file)) - else: - continue - commands.getstatusoutput("echo '' >> %s" %(temp_intf_file)) - else: - #remove ip address and gateway - commands.getstatusoutput("sed -i '/iface %s inet static/, +2d' %s" % (dev, temp_intf_file)) - commands.getstatusoutput("sed -i '/auto %s/ a\iface %s inet manual\\n pre-up ifconfig %s up\\n post-down ifconfig %s down\' %s"% (dev, dev, dev, dev, temp_intf_file)) - - # populte vhost0 as static - commands.getstatusoutput("echo '' >> %s" %(temp_intf_file)) - commands.getstatusoutput("echo 'auto vhost0' >> %s" %(temp_intf_file)) - commands.getstatusoutput("echo 'iface vhost0 inet static' >> %s" %(temp_intf_file)) - commands.getstatusoutput("echo ' pre-up %s/if-vhost0' >> %s" %('/opt/contrail/bin', temp_intf_file)) - commands.getstatusoutput("echo ' netmask %s' >> %s" %(netmask, temp_intf_file)) - commands.getstatusoutput("echo ' network_name application' >> %s" %(temp_intf_file)) - if vhost_ip: - commands.getstatusoutput("echo ' address %s' >> %s" %(vhost_ip, temp_intf_file)) - if (not host_non_mgmt_ip) and gateway_ip: - commands.getstatusoutput("echo ' gateway %s' >> %s" %(gateway_ip, temp_intf_file)) - elif not host_non_mgmt_ip: - local_gw = find_gateway(dev) - commands.getstatusoutput("echo ' gateway %s' >> %s" %(local_gw, temp_intf_file)) - - - domain = get_domain_search_list() - if domain: - commands.getstatusoutput("echo ' dns-search %s' >> %s" %(domain, temp_intf_file)) - dns_list = get_dns_servers(dev) - if dns_list: - commands.getstatusoutput("echo -n ' dns-nameservers' >> %s" %(temp_intf_file)) - for dns in dns_list: - commands.getstatusoutput("echo -n ' %s' >> %s" %(dns, temp_intf_file)) - commands.getstatusoutput("echo '\n' >> %s" %(temp_intf_file)) - - # move it to right place - commands.getstatusoutput("sudo mv -f %s /etc/network/interfaces" %(temp_intf_file)) - - #end _rewrite_net_interfaces_file - -def update_dev_net_config_files( - vhost_ip, multi_net, dev, compute_dev, netmask, - gateway, cidr, host_non_mgmt_ip, macaddr): - dist = platform.dist()[0] - - temp_dir_name = tempfile.mkdtemp() - # make ifcfg-vhost0 - if dist.lower() == 'centos' or dist.lower() == 'fedora' or dist.lower() == 'redhat': - with open('%s/ifcfg-vhost0' % temp_dir_name, 'w') as f: - f.write('''#Contrail vhost0 -DEVICE=vhost0 -ONBOOT=yes -BOOTPROTO=none -IPV6INIT=no -USERCTL=yes -IPADDR=%s -NETMASK=%s -NM_CONTROLLED=no -#NETWORK MANAGER BUG WORKAROUND -SUBCHANNELS=1,2,3 -''' % (vhost_ip, netmask)) - # Don't set gateway and DNS on vhost0 if on non-mgmt network - if not multi_net: - if gateway: - f.write('GATEWAY=%s\n' % (gateway)) - dns_list = get_dns_servers(dev) - for i, dns in enumerate(dns_list): - f.write('DNS%d=%s\n' % (i + 1, dns)) - domain_list = get_domain_search_list() - if domain_list: - f.write('DOMAIN="%s"\n' % domain_list) - - prsv_cfg = [] - mtu = get_if_mtu(dev) - if mtu: - dcfg = 'MTU=%s' % str(mtu) - f.write(dcfg + '\n') - prsv_cfg.append(dcfg) - f.flush() - cmd = "mv %s/ifcfg-vhost0 /etc/sysconfig/" \ - "network-scripts/ifcfg-vhost0" % ( - temp_dir_name) - subprocess.call(cmd, shell=True) - # make ifcfg-$dev - if not os.path.isfile( - '/etc/sysconfig/network-scripts/ifcfg-%s.rpmsave' % dev): - cmd = "cp /etc/sysconfig/network-scripts/ifcfg-%s \ - /etc/sysconfig/network-scripts/ifcfg-%s.rpmsave" % (dev, dev) - subprocess.call(cmd, shell=True) - rewrite_ifcfg_file(temp_dir_name, '%s/ifcfg-%s' % - (temp_dir_name, dev), dev, prsv_cfg) - - if multi_net: - migrate_routes(dev) - cmd = "mv -f %s/ifcfg-%s /etc/contrail/" % (temp_dir_name, dev) - subprocess.call(cmd, shell=True) - cmd = "cp -f /etc/contrail/ifcfg-%s" \ - " /etc/sysconfig/network-scripts" % (dev) - subprocess.call(cmd, shell=True) - # end if "centos" or "fedora" or "redhat" - if ((dist.lower() == "ubuntu") or - (dist.lower() == "debian")): - _rewrite_net_interfaces_file(temp_dir_name, dev, macaddr, - vhost_ip, netmask, gateway, host_non_mgmt_ip) -# end update_dev_net_config_files - -def main(): - parser = argparse.ArgumentParser() - parser.add_argument("--vhost_ip", help="IP address for vhost interface") - parser.add_argument( - "--multi_net", - help="flag to state if multi_net is configured", - action="store_true") - parser.add_argument("--dev", help="device or interface name") - parser.add_argument("--compute_dev", help="compute device or interface name") - parser.add_argument("--netmask", - help="netmask value") - parser.add_argument("--gateway", - help="gateway value") - parser.add_argument("--cidr", - help="cidr value") - parser.add_argument("--host_non_mgmt_ip", - help="host data ip address") - parser.add_argument("--mac", - help="mac address of the interface", - default="") - args = parser.parse_args() - update_dev_net_config_files(args.vhost_ip, args.multi_net, - args.dev, args.compute_dev, - args.netmask, args.gateway, - args.cidr, args.host_non_mgmt_ip, args.mac) -# end main - -if __name__ == "__main__": - import cgitb - cgitb.enable(format='text') - main() -# end if __name__ diff --git a/contrail/lib/puppet/provider/contrail_alarm_gen_config/ini_setting.rb b/contrail/lib/puppet/provider/contrail_alarm_gen_config/ini_setting.rb deleted file mode 100644 index c38bee9cb..000000000 --- a/contrail/lib/puppet/provider/contrail_alarm_gen_config/ini_setting.rb +++ /dev/null @@ -1,34 +0,0 @@ -Puppet::Type.type(:contrail_alarm_gen_config).provide( - :ini_setting, - :parent => Puppet::Type.type(:ini_setting).provider(:ruby) -) do - - # the setting is always default - # this if for backwards compat with the old puppet providers - # for contrail_api_config - def section - resource[:name].split('/', 2).first - end - - # assumes that the name was the setting - # this is to maintain backwards compat with the the older - # stuff - def setting - resource[:name].split('/', 2).last - end - - def separator - '=' - end - - def self.file_path - '/etc/contrail/contrail-alarm-gen.conf' - end - - # added for backwards compatibility with older versions - # of inifile - def file_path - self.class.file_path - end - -end diff --git a/contrail/lib/puppet/provider/contrail_analytics_api_config/ini_setting.rb b/contrail/lib/puppet/provider/contrail_analytics_api_config/ini_setting.rb deleted file mode 100644 index e8d2adabd..000000000 --- a/contrail/lib/puppet/provider/contrail_analytics_api_config/ini_setting.rb +++ /dev/null @@ -1,34 +0,0 @@ -Puppet::Type.type(:contrail_analytics_api_config).provide( - :ini_setting, - :parent => Puppet::Type.type(:ini_setting).provider(:ruby) -) do - - # the setting is always default - # this if for backwards compat with the old puppet providers - # for contrail_analytics_api_config - def section - resource[:name].split('/', 2).first - end - - # assumes that the name was the setting - # this is to maintain backwards compat with the the older - # stuff - def setting - resource[:name].split('/', 2).last - end - - def separator - '=' - end - - def self.file_path - '/etc/contrail/contrail-analytics-api.conf' - end - - # added for backwards compatibility with older versions - # of inifile - def file_path - self.class.file_path - end - -end diff --git a/contrail/lib/puppet/provider/contrail_analytics_nodemgr_config/ini_setting.rb b/contrail/lib/puppet/provider/contrail_analytics_nodemgr_config/ini_setting.rb deleted file mode 100644 index 06952abc3..000000000 --- a/contrail/lib/puppet/provider/contrail_analytics_nodemgr_config/ini_setting.rb +++ /dev/null @@ -1,34 +0,0 @@ -Puppet::Type.type(:contrail_analytics_nodemgr_config).provide( - :ini_setting, - :parent => Puppet::Type.type(:ini_setting).provider(:ruby) -) do - - # the setting is always default - # this if for backwards compat with the old puppet providers - # for analytics_nodemgr_config - def section - resource[:name].split('/', 2).first - end - - # assumes that the name was the setting - # this is to maintain backwards compat with the the older - # stuff - def setting - resource[:name].split('/', 2).last - end - - def separator - '=' - end - - def self.file_path - '/etc/contrail/contrail-analytics-nodemgr.conf' - end - - # added for backwards compatibility with older versions - # of inifile - def file_path - self.class.file_path - end - -end diff --git a/contrail/lib/puppet/provider/contrail_api_config/ini_setting.rb b/contrail/lib/puppet/provider/contrail_api_config/ini_setting.rb deleted file mode 100644 index 39b8a4385..000000000 --- a/contrail/lib/puppet/provider/contrail_api_config/ini_setting.rb +++ /dev/null @@ -1,34 +0,0 @@ -Puppet::Type.type(:contrail_api_config).provide( - :ini_setting, - :parent => Puppet::Type.type(:ini_setting).provider(:ruby) -) do - - # the setting is always default - # this if for backwards compat with the old puppet providers - # for contrail_api_config - def section - resource[:name].split('/', 2).first - end - - # assumes that the name was the setting - # this is to maintain backwards compat with the the older - # stuff - def setting - resource[:name].split('/', 2).last - end - - def separator - '=' - end - - def self.file_path - '/etc/contrail/contrail-api.conf' - end - - # added for backwards compatibility with older versions - # of inifile - def file_path - self.class.file_path - end - -end diff --git a/contrail/lib/puppet/provider/contrail_collector_config/ini_setting.rb b/contrail/lib/puppet/provider/contrail_collector_config/ini_setting.rb deleted file mode 100644 index 80da55203..000000000 --- a/contrail/lib/puppet/provider/contrail_collector_config/ini_setting.rb +++ /dev/null @@ -1,34 +0,0 @@ -Puppet::Type.type(:contrail_collector_config).provide( - :ini_setting, - :parent => Puppet::Type.type(:ini_setting).provider(:ruby) -) do - - # the setting is always default - # this if for backwards compat with the old puppet providers - # for contrail_collector_config - def section - resource[:name].split('/', 2).first - end - - # assumes that the name was the setting - # this is to maintain backwards compat with the the older - # stuff - def setting - resource[:name].split('/', 2).last - end - - def separator - '=' - end - - def self.file_path - '/etc/contrail/contrail-collector.conf' - end - - # added for backwards compatibility with older versions - # of inifile - def file_path - self.class.file_path - end - -end diff --git a/contrail/lib/puppet/provider/contrail_config_nodemgr_config/ini_setting.rb b/contrail/lib/puppet/provider/contrail_config_nodemgr_config/ini_setting.rb deleted file mode 100644 index 0b212b9f4..000000000 --- a/contrail/lib/puppet/provider/contrail_config_nodemgr_config/ini_setting.rb +++ /dev/null @@ -1,34 +0,0 @@ -Puppet::Type.type(:contrail_config_nodemgr_config).provide( - :ini_setting, - :parent => Puppet::Type.type(:ini_setting).provider(:ruby) -) do - - # the setting is always default - # this if for backwards compat with the old puppet providers - # for contrail_api_config - def section - resource[:name].split('/', 2).first - end - - # assumes that the name was the setting - # this is to maintain backwards compat with the the older - # stuff - def setting - resource[:name].split('/', 2).last - end - - def separator - '=' - end - - def self.file_path - '/etc/contrail/contrail-config-nodemgr.conf' - end - - # added for backwards compatibility with older versions - # of inifile - def file_path - self.class.file_path - end - -end diff --git a/contrail/lib/puppet/provider/contrail_control_config/ini_setting.rb b/contrail/lib/puppet/provider/contrail_control_config/ini_setting.rb deleted file mode 100644 index 861feff01..000000000 --- a/contrail/lib/puppet/provider/contrail_control_config/ini_setting.rb +++ /dev/null @@ -1,34 +0,0 @@ -Puppet::Type.type(:contrail_control_config).provide( - :ini_setting, - :parent => Puppet::Type.type(:ini_setting).provider(:ruby) -) do - - # the setting is always default - # this if for backwards compat with the old puppet providers - # for control_config - def section - resource[:name].split('/', 2).first - end - - # assumes that the name was the setting - # this is to maintain backwards compat with the the older - # stuff - def setting - resource[:name].split('/', 2).last - end - - def separator - '=' - end - - def self.file_path - '/etc/contrail/contrail-control.conf' - end - - # added for backwards compatibility with older versions - # of inifile - def file_path - self.class.file_path - end - -end diff --git a/contrail/lib/puppet/provider/contrail_control_nodemgr_config/ini_setting.rb b/contrail/lib/puppet/provider/contrail_control_nodemgr_config/ini_setting.rb deleted file mode 100644 index 2b6f511f0..000000000 --- a/contrail/lib/puppet/provider/contrail_control_nodemgr_config/ini_setting.rb +++ /dev/null @@ -1,34 +0,0 @@ -Puppet::Type.type(:contrail_control_nodemgr_config).provide( - :ini_setting, - :parent => Puppet::Type.type(:ini_setting).provider(:ruby) -) do - - # the setting is always default - # this if for backwards compat with the old puppet providers - # for control_node_config - def section - resource[:name].split('/', 2).first - end - - # assumes that the name was the setting - # this is to maintain backwards compat with the the older - # stuff - def setting - resource[:name].split('/', 2).last - end - - def separator - '=' - end - - def self.file_path - '/etc/contrail/contrail-control-nodemgr.conf' - end - - # added for backwards compatibility with older versions - # of inifile - def file_path - self.class.file_path - end - -end diff --git a/contrail/lib/puppet/provider/contrail_database_nodemgr_config/ini_setting.rb b/contrail/lib/puppet/provider/contrail_database_nodemgr_config/ini_setting.rb deleted file mode 100644 index 4c2f76418..000000000 --- a/contrail/lib/puppet/provider/contrail_database_nodemgr_config/ini_setting.rb +++ /dev/null @@ -1,34 +0,0 @@ -Puppet::Type.type(:contrail_database_nodemgr_config).provide( - :ini_setting, - :parent => Puppet::Type.type(:ini_setting).provider(:ruby) -) do - - # the setting is always default - # this if for backwards compat with the old puppet providers - # for contrail_database_nodemgr_config - def section - resource[:name].split('/', 2).first - end - - # assumes that the name was the setting - # this is to maintain backwards compat with the the older - # stuff - def setting - resource[:name].split('/', 2).last - end - - def separator - '=' - end - - def self.file_path - '/etc/contrail/contrail-database-nodemgr.conf' - end - - # added for backwards compatibility with older versions - # of inifile - def file_path - self.class.file_path - end - -end diff --git a/contrail/lib/puppet/provider/contrail_device_manager_config/ini_setting.rb b/contrail/lib/puppet/provider/contrail_device_manager_config/ini_setting.rb deleted file mode 100644 index 4b2f99699..000000000 --- a/contrail/lib/puppet/provider/contrail_device_manager_config/ini_setting.rb +++ /dev/null @@ -1,34 +0,0 @@ -Puppet::Type.type(:contrail_device_manager_config).provide( - :ini_setting, - :parent => Puppet::Type.type(:ini_setting).provider(:ruby) -) do - - # the setting is always default - # this if for backwards compat with the old puppet providers - # for contrail_api_config - def section - resource[:name].split('/', 2).first - end - - # assumes that the name was the setting - # this is to maintain backwards compat with the the older - # stuff - def setting - resource[:name].split('/', 2).last - end - - def separator - '=' - end - - def self.file_path - '/etc/contrail/contrail-device-manager.conf' - end - - # added for backwards compatibility with older versions - # of inifile - def file_path - self.class.file_path - end - -end diff --git a/contrail/lib/puppet/provider/contrail_discovery_config/ini_setting.rb b/contrail/lib/puppet/provider/contrail_discovery_config/ini_setting.rb deleted file mode 100644 index fd3f8a577..000000000 --- a/contrail/lib/puppet/provider/contrail_discovery_config/ini_setting.rb +++ /dev/null @@ -1,34 +0,0 @@ -Puppet::Type.type(:contrail_discovery_config).provide( - :ini_setting, - :parent => Puppet::Type.type(:ini_setting).provider(:ruby) -) do - - # the setting is always default - # this if for backwards compat with the old puppet providers - # for discovery_config - def section - resource[:name].split('/', 2).first - end - - # assumes that the name was the setting - # this is to maintain backwards compat with the the older - # stuff - def setting - resource[:name].split('/', 2).last - end - - def separator - '=' - end - - def self.file_path - '/etc/contrail/contrail-discovery.conf' - end - - # added for backwards compatibility with older versions - # of inifile - def file_path - self.class.file_path - end - -end diff --git a/contrail/lib/puppet/provider/contrail_dns_config/ini_setting.rb b/contrail/lib/puppet/provider/contrail_dns_config/ini_setting.rb deleted file mode 100644 index 913dd5c1b..000000000 --- a/contrail/lib/puppet/provider/contrail_dns_config/ini_setting.rb +++ /dev/null @@ -1,34 +0,0 @@ -Puppet::Type.type(:contrail_dns_config).provide( - :ini_setting, - :parent => Puppet::Type.type(:ini_setting).provider(:ruby) -) do - - # the setting is always default - # this if for backwards compat with the old puppet providers - # for dns_config - def section - resource[:name].split('/', 2).first - end - - # assumes that the name was the setting - # this is to maintain backwards compat with the the older - # stuff - def setting - resource[:name].split('/', 2).last - end - - def separator - '=' - end - - def self.file_path - '/etc/contrail/dns/contrail-dns.conf' - end - - # added for backwards compatibility with older versions - # of inifile - def file_path - self.class.file_path - end - -end diff --git a/contrail/lib/puppet/provider/contrail_keystone_auth_config/ini_setting.rb b/contrail/lib/puppet/provider/contrail_keystone_auth_config/ini_setting.rb deleted file mode 100644 index 21b28ff95..000000000 --- a/contrail/lib/puppet/provider/contrail_keystone_auth_config/ini_setting.rb +++ /dev/null @@ -1,34 +0,0 @@ -Puppet::Type.type(:contrail_keystone_auth_config).provide( - :ini_setting, - :parent => Puppet::Type.type(:ini_setting).provider(:ruby) -) do - - # the setting is always default - # this if for backwards compat with the old puppet providers - # for contrail_api_config - def section - resource[:name].split('/', 2).first - end - - # assumes that the name was the setting - # this is to maintain backwards compat with the the older - # stuff - def setting - resource[:name].split('/', 2).last - end - - def separator - '=' - end - - def self.file_path - '/etc/contrail/contrail-keystone-auth.conf' - end - - # added for backwards compatibility with older versions - # of inifile - def file_path - self.class.file_path - end - -end diff --git a/contrail/lib/puppet/provider/contrail_keystone_config/ini_setting.rb b/contrail/lib/puppet/provider/contrail_keystone_config/ini_setting.rb deleted file mode 100644 index 27e6a2f05..000000000 --- a/contrail/lib/puppet/provider/contrail_keystone_config/ini_setting.rb +++ /dev/null @@ -1,34 +0,0 @@ -Puppet::Type.type(:contrail_keystone_config).provide( - :ini_setting, - :parent => Puppet::Type.type(:ini_setting).provider(:ruby) -) do - - # the setting is always default - # this if for backwards compat with the old puppet providers - # for contrail_keystone_config - def section - resource[:name].split('/', 2).first - end - - # assumes that the name was the setting - # this is to maintain backwards compat with the the older - # stuff - def setting - resource[:name].split('/', 2).last - end - - def separator - '=' - end - - def self.file_path - '/etc/contrail/contrail-keystone-auth.conf' - end - - # added for backwards compatibility with older versions - # of inifile - def file_path - self.class.file_path - end - -end diff --git a/contrail/lib/puppet/provider/contrail_query_engine_config/ini_setting.rb b/contrail/lib/puppet/provider/contrail_query_engine_config/ini_setting.rb deleted file mode 100644 index 9aeae3753..000000000 --- a/contrail/lib/puppet/provider/contrail_query_engine_config/ini_setting.rb +++ /dev/null @@ -1,34 +0,0 @@ -Puppet::Type.type(:contrail_query_engine_config).provide( - :ini_setting, - :parent => Puppet::Type.type(:ini_setting).provider(:ruby) -) do - - # the setting is always default - # this if for backwards compat with the old puppet providers - # for contrail_query_engine_config - def section - resource[:name].split('/', 2).first - end - - # assumes that the name was the setting - # this is to maintain backwards compat with the the older - # stuff - def setting - resource[:name].split('/', 2).last - end - - def separator - '=' - end - - def self.file_path - '/etc/contrail/contrail-query-engine.conf' - end - - # added for backwards compatibility with older versions - # of inifile - def file_path - self.class.file_path - end - -end diff --git a/contrail/lib/puppet/provider/contrail_schema_config/ini_setting.rb b/contrail/lib/puppet/provider/contrail_schema_config/ini_setting.rb deleted file mode 100644 index 6e66ef768..000000000 --- a/contrail/lib/puppet/provider/contrail_schema_config/ini_setting.rb +++ /dev/null @@ -1,34 +0,0 @@ -Puppet::Type.type(:contrail_schema_config).provide( - :ini_setting, - :parent => Puppet::Type.type(:ini_setting).provider(:ruby) -) do - - # the setting is always default - # this if for backwards compat with the old puppet providers - # for contrail_schema_config - def section - resource[:name].split('/', 2).first - end - - # assumes that the name was the setting - # this is to maintain backwards compat with the the older - # stuff - def setting - resource[:name].split('/', 2).last - end - - def separator - '=' - end - - def self.file_path - '/etc/contrail/contrail-schema.conf' - end - - # added for backwards compatibility with older versions - # of inifile - def file_path - self.class.file_path - end - -end diff --git a/contrail/lib/puppet/provider/contrail_snmp_collector_config/ini_setting.rb b/contrail/lib/puppet/provider/contrail_snmp_collector_config/ini_setting.rb deleted file mode 100644 index 7d6c3c420..000000000 --- a/contrail/lib/puppet/provider/contrail_snmp_collector_config/ini_setting.rb +++ /dev/null @@ -1,34 +0,0 @@ -Puppet::Type.type(:contrail_snmp_collector_config).provide( - :ini_setting, - :parent => Puppet::Type.type(:ini_setting).provider(:ruby) -) do - - # the setting is always default - # this if for backwards compat with the old puppet providers - # for snmp_collector_config - def section - resource[:name].split('/', 2).first - end - - # assumes that the name was the setting - # this is to maintain backwards compat with the the older - # stuff - def setting - resource[:name].split('/', 2).last - end - - def separator - '=' - end - - def self.file_path - '/etc/contrail/contrail-snmp-collector.conf' - end - - # added for backwards compatibility with older versions - # of inifile - def file_path - self.class.file_path - end - -end diff --git a/contrail/lib/puppet/provider/contrail_svc_monitor_config/ini_setting.rb b/contrail/lib/puppet/provider/contrail_svc_monitor_config/ini_setting.rb deleted file mode 100644 index c100d88c4..000000000 --- a/contrail/lib/puppet/provider/contrail_svc_monitor_config/ini_setting.rb +++ /dev/null @@ -1,34 +0,0 @@ -Puppet::Type.type(:contrail_svc_monitor_config).provide( - :ini_setting, - :parent => Puppet::Type.type(:ini_setting).provider(:ruby) -) do - - # the setting is always default - # this if for backwards compat with the old puppet providers - # for svc_monitor_config - def section - resource[:name].split('/', 2).first - end - - # assumes that the name was the setting - # this is to maintain backwards compat with the the older - # stuff - def setting - resource[:name].split('/', 2).last - end - - def separator - '=' - end - - def self.file_path - '/etc/contrail/contrail-svc-monitor.conf' - end - - # added for backwards compatibility with older versions - # of inifile - def file_path - self.class.file_path - end - -end diff --git a/contrail/lib/puppet/provider/contrail_topology_config/ini_setting.rb b/contrail/lib/puppet/provider/contrail_topology_config/ini_setting.rb deleted file mode 100644 index a3c46947d..000000000 --- a/contrail/lib/puppet/provider/contrail_topology_config/ini_setting.rb +++ /dev/null @@ -1,34 +0,0 @@ -Puppet::Type.type(:contrail_topology_config).provide( - :ini_setting, - :parent => Puppet::Type.type(:ini_setting).provider(:ruby) -) do - - # the setting is always default - # this if for backwards compat with the old puppet providers - # for topology_config - def section - resource[:name].split('/', 2).first - end - - # assumes that the name was the setting - # this is to maintain backwards compat with the the older - # stuff - def setting - resource[:name].split('/', 2).last - end - - def separator - '=' - end - - def self.file_path - '/etc/contrail/contrail-topology.conf' - end - - # added for backwards compatibility with older versions - # of inifile - def file_path - self.class.file_path - end - -end diff --git a/contrail/lib/puppet/provider/contrail_vnc_api_config/ini_setting.rb b/contrail/lib/puppet/provider/contrail_vnc_api_config/ini_setting.rb deleted file mode 100644 index 353c4f9c5..000000000 --- a/contrail/lib/puppet/provider/contrail_vnc_api_config/ini_setting.rb +++ /dev/null @@ -1,34 +0,0 @@ -Puppet::Type.type(:contrail_vnc_api_config).provide( - :ini_setting, - :parent => Puppet::Type.type(:ini_setting).provider(:ruby) -) do - - # the setting is always default - # this if for backwards compat with the old puppet providers - # for contrail_vnc_api_config - def section - resource[:name].split('/', 2).first - end - - # assumes that the name was the setting - # this is to maintain backwards compat with the the older - # stuff - def setting - resource[:name].split('/', 2).last - end - - def separator - '=' - end - - def self.file_path - '/etc/contrail/vnc_api_lib.ini' - end - - # added for backwards compatibility with older versions - # of inifile - def file_path - self.class.file_path - end - -end diff --git a/contrail/lib/puppet/provider/contrail_vrouter_agent_config/ini_setting.rb b/contrail/lib/puppet/provider/contrail_vrouter_agent_config/ini_setting.rb deleted file mode 100644 index 2a11684e3..000000000 --- a/contrail/lib/puppet/provider/contrail_vrouter_agent_config/ini_setting.rb +++ /dev/null @@ -1,34 +0,0 @@ -Puppet::Type.type(:contrail_vrouter_agent_config).provide( - :ini_setting, - :parent => Puppet::Type.type(:ini_setting).provider(:ruby) -) do - - # the setting is always default - # this if for backwards compat with the old puppet providers - # for contrail_vrouter_agent_config - def section - resource[:name].split('/', 2).first - end - - # assumes that the name was the setting - # this is to maintain backwards compat with the the older - # stuff - def setting - resource[:name].split('/', 2).last - end - - def separator - '=' - end - - def self.file_path - '/etc/contrail/contrail-vrouter-agent.conf' - end - - # added for backwards compatibility with older versions - # of inifile - def file_path - self.class.file_path - end - -end diff --git a/contrail/lib/puppet/provider/contrail_vrouter_nodemgr_config/ini_setting.rb b/contrail/lib/puppet/provider/contrail_vrouter_nodemgr_config/ini_setting.rb deleted file mode 100644 index 2e3e72795..000000000 --- a/contrail/lib/puppet/provider/contrail_vrouter_nodemgr_config/ini_setting.rb +++ /dev/null @@ -1,34 +0,0 @@ -Puppet::Type.type(:contrail_vrouter_nodemgr_config).provide( - :ini_setting, - :parent => Puppet::Type.type(:ini_setting).provider(:ruby) -) do - - # the setting is always default - # this if for backwards compat with the old puppet providers - # for contrail_vrouter_agent_config - def section - resource[:name].split('/', 2).first - end - - # assumes that the name was the setting - # this is to maintain backwards compat with the the older - # stuff - def setting - resource[:name].split('/', 2).last - end - - def separator - '=' - end - - def self.file_path - '/etc/contrail/contrail-vrouter-nodemgr.conf' - end - - # added for backwards compatibility with older versions - # of inifile - def file_path - self.class.file_path - end - -end diff --git a/contrail/lib/puppet/type/contrail_alarm_gen_config.rb b/contrail/lib/puppet/type/contrail_alarm_gen_config.rb deleted file mode 100644 index d8d25630a..000000000 --- a/contrail/lib/puppet/type/contrail_alarm_gen_config.rb +++ /dev/null @@ -1,42 +0,0 @@ -Puppet::Type.newtype(:contrail_alarm_gen_config) do - - ensurable - - newparam(:name, :namevar => true) do - desc 'Section/setting name to manage from /etc/contrail/contrail-alarm-gen.conf' - newvalues(/\S+\/\S+/) - end - - newproperty(:value) do - desc 'The value of the setting to be defined.' - munge do |value| - value = value.to_s.strip - value.capitalize! if value =~ /^(true|false)$/i - value - end - - def is_to_s( currentvalue ) - if resource.secret? - return '[old secret redacted]' - else - return currentvalue - end - end - - def should_to_s( newvalue ) - if resource.secret? - return '[new secret redacted]' - else - return newvalue - end - end - end - - newparam(:secret, :boolean => true) do - desc 'Whether to hide the value from Puppet logs. Defaults to `false`.' - - newvalues(:true, :false) - - defaultto false - end -end diff --git a/contrail/lib/puppet/type/contrail_analytics_api_config.rb b/contrail/lib/puppet/type/contrail_analytics_api_config.rb deleted file mode 100644 index 33e566c7f..000000000 --- a/contrail/lib/puppet/type/contrail_analytics_api_config.rb +++ /dev/null @@ -1,42 +0,0 @@ -Puppet::Type.newtype(:contrail_analytics_api_config) do - - ensurable - - newparam(:name, :namevar => true) do - desc 'Section/setting name to manage from /etc/contrail/contrail-analytics-api.conf' - newvalues(/\S+\/\S+/) - end - - newproperty(:value) do - desc 'The value of the setting to be defined.' - munge do |value| - value = value.to_s.strip - value.capitalize! if value =~ /^(true|false)$/i - value - end - - def is_to_s( currentvalue ) - if resource.secret? - return '[old secret redacted]' - else - return currentvalue - end - end - - def should_to_s( newvalue ) - if resource.secret? - return '[new secret redacted]' - else - return newvalue - end - end - end - - newparam(:secret, :boolean => true) do - desc 'Whether to hide the value from Puppet logs. Defaults to `false`.' - - newvalues(:true, :false) - - defaultto false - end -end diff --git a/contrail/lib/puppet/type/contrail_analytics_nodemgr_config.rb b/contrail/lib/puppet/type/contrail_analytics_nodemgr_config.rb deleted file mode 100644 index 9c8d8c9b5..000000000 --- a/contrail/lib/puppet/type/contrail_analytics_nodemgr_config.rb +++ /dev/null @@ -1,42 +0,0 @@ -Puppet::Type.newtype(:contrail_analytics_nodemgr_config) do - - ensurable - - newparam(:name, :namevar => true) do - desc 'Section/setting name to manage from /etc/contrail/contrail-analytics-nodemgr.conf' - newvalues(/\S+\/\S+/) - end - - newproperty(:value) do - desc 'The value of the setting to be defined.' - munge do |value| - value = value.to_s.strip - value.capitalize! if value =~ /^(true|false)$/i - value - end - - def is_to_s( currentvalue ) - if resource.secret? - return '[old secret redacted]' - else - return currentvalue - end - end - - def should_to_s( newvalue ) - if resource.secret? - return '[new secret redacted]' - else - return newvalue - end - end - end - - newparam(:secret, :boolean => true) do - desc 'Whether to hide the value from Puppet logs. Defaults to `false`.' - - newvalues(:true, :false) - - defaultto false - end -end diff --git a/contrail/lib/puppet/type/contrail_api_config.rb b/contrail/lib/puppet/type/contrail_api_config.rb deleted file mode 100644 index 2b9677a67..000000000 --- a/contrail/lib/puppet/type/contrail_api_config.rb +++ /dev/null @@ -1,42 +0,0 @@ -Puppet::Type.newtype(:contrail_api_config) do - - ensurable - - newparam(:name, :namevar => true) do - desc 'Section/setting name to manage from /etc/contrail/contrail-api.conf' - newvalues(/\S+\/\S+/) - end - - newproperty(:value) do - desc 'The value of the setting to be defined.' - munge do |value| - value = value.to_s.strip - value.capitalize! if value =~ /^(true|false)$/i - value - end - - def is_to_s( currentvalue ) - if resource.secret? - return '[old secret redacted]' - else - return currentvalue - end - end - - def should_to_s( newvalue ) - if resource.secret? - return '[new secret redacted]' - else - return newvalue - end - end - end - - newparam(:secret, :boolean => true) do - desc 'Whether to hide the value from Puppet logs. Defaults to `false`.' - - newvalues(:true, :false) - - defaultto false - end -end diff --git a/contrail/lib/puppet/type/contrail_collector_config.rb b/contrail/lib/puppet/type/contrail_collector_config.rb deleted file mode 100644 index dd23f6b13..000000000 --- a/contrail/lib/puppet/type/contrail_collector_config.rb +++ /dev/null @@ -1,42 +0,0 @@ -Puppet::Type.newtype(:contrail_collector_config) do - - ensurable - - newparam(:name, :namevar => true) do - desc 'Section/setting name to manage from /etc/contrail/contrail-collector.conf' - newvalues(/\S+\/\S+/) - end - - newproperty(:value) do - desc 'The value of the setting to be defined.' - munge do |value| - value = value.to_s.strip - value.capitalize! if value =~ /^(true|false)$/i - value - end - - def is_to_s( currentvalue ) - if resource.secret? - return '[old secret redacted]' - else - return currentvalue - end - end - - def should_to_s( newvalue ) - if resource.secret? - return '[new secret redacted]' - else - return newvalue - end - end - end - - newparam(:secret, :boolean => true) do - desc 'Whether to hide the value from Puppet logs. Defaults to `false`.' - - newvalues(:true, :false) - - defaultto false - end -end diff --git a/contrail/lib/puppet/type/contrail_config_nodemgr_config.rb b/contrail/lib/puppet/type/contrail_config_nodemgr_config.rb deleted file mode 100644 index 910f9990d..000000000 --- a/contrail/lib/puppet/type/contrail_config_nodemgr_config.rb +++ /dev/null @@ -1,42 +0,0 @@ -Puppet::Type.newtype(:contrail_config_nodemgr_config) do - - ensurable - - newparam(:name, :namevar => true) do - desc 'Section/setting name to manage from /etc/contrail/contrail-config-nodemgr.conf' - newvalues(/\S+\/\S+/) - end - - newproperty(:value) do - desc 'The value of the setting to be defined.' - munge do |value| - value = value.to_s.strip - value.capitalize! if value =~ /^(true|false)$/i - value - end - - def is_to_s( currentvalue ) - if resource.secret? - return '[old secret redacted]' - else - return currentvalue - end - end - - def should_to_s( newvalue ) - if resource.secret? - return '[new secret redacted]' - else - return newvalue - end - end - end - - newparam(:secret, :boolean => true) do - desc 'Whether to hide the value from Puppet logs. Defaults to `false`.' - - newvalues(:true, :false) - - defaultto false - end -end diff --git a/contrail/lib/puppet/type/contrail_control_config.rb b/contrail/lib/puppet/type/contrail_control_config.rb deleted file mode 100644 index 24efe05e7..000000000 --- a/contrail/lib/puppet/type/contrail_control_config.rb +++ /dev/null @@ -1,42 +0,0 @@ -Puppet::Type.newtype(:contrail_control_config) do - - ensurable - - newparam(:name, :namevar => true) do - desc 'Section/setting name to manage from /etc/contrail/control-control.conf' - newvalues(/\S+\/\S+/) - end - - newproperty(:value) do - desc 'The value of the setting to be defined.' - munge do |value| - value = value.to_s.strip - value.capitalize! if value =~ /^(true|false)$/i - value - end - - def is_to_s( currentvalue ) - if resource.secret? - return '[old secret redacted]' - else - return currentvalue - end - end - - def should_to_s( newvalue ) - if resource.secret? - return '[new secret redacted]' - else - return newvalue - end - end - end - - newparam(:secret, :boolean => true) do - desc 'Whether to hide the value from Puppet logs. Defaults to `false`.' - - newvalues(:true, :false) - - defaultto false - end -end diff --git a/contrail/lib/puppet/type/contrail_control_nodemgr_config.rb b/contrail/lib/puppet/type/contrail_control_nodemgr_config.rb deleted file mode 100644 index 921f4b420..000000000 --- a/contrail/lib/puppet/type/contrail_control_nodemgr_config.rb +++ /dev/null @@ -1,42 +0,0 @@ -Puppet::Type.newtype(:contrail_control_nodemgr_config) do - - ensurable - - newparam(:name, :namevar => true) do - desc 'Section/setting name to manage from /etc/contrail/contrail-control-nodemgr.conf' - newvalues(/\S+\/\S+/) - end - - newproperty(:value) do - desc 'The value of the setting to be defined.' - munge do |value| - value = value.to_s.strip - value.capitalize! if value =~ /^(true|false)$/i - value - end - - def is_to_s( currentvalue ) - if resource.secret? - return '[old secret redacted]' - else - return currentvalue - end - end - - def should_to_s( newvalue ) - if resource.secret? - return '[new secret redacted]' - else - return newvalue - end - end - end - - newparam(:secret, :boolean => true) do - desc 'Whether to hide the value from Puppet logs. Defaults to `false`.' - - newvalues(:true, :false) - - defaultto false - end -end diff --git a/contrail/lib/puppet/type/contrail_database_nodemgr_config.rb b/contrail/lib/puppet/type/contrail_database_nodemgr_config.rb deleted file mode 100644 index 2688ddd89..000000000 --- a/contrail/lib/puppet/type/contrail_database_nodemgr_config.rb +++ /dev/null @@ -1,42 +0,0 @@ -Puppet::Type.newtype(:contrail_database_nodemgr_config) do - - ensurable - - newparam(:name, :namevar => true) do - desc 'Section/setting name to manage from /etc/contrail/contrail-database-nodemgr.conf' - newvalues(/\S+\/\S+/) - end - - newproperty(:value) do - desc 'The value of the setting to be defined.' - munge do |value| - value = value.to_s.strip - value.capitalize! if value =~ /^(true|false)$/i - value - end - - def is_to_s( currentvalue ) - if resource.secret? - return '[old secret redacted]' - else - return currentvalue - end - end - - def should_to_s( newvalue ) - if resource.secret? - return '[new secret redacted]' - else - return newvalue - end - end - end - - newparam(:secret, :boolean => true) do - desc 'Whether to hide the value from Puppet logs. Defaults to `false`.' - - newvalues(:true, :false) - - defaultto false - end -end diff --git a/contrail/lib/puppet/type/contrail_device_manager_config.rb b/contrail/lib/puppet/type/contrail_device_manager_config.rb deleted file mode 100644 index f6e7d4667..000000000 --- a/contrail/lib/puppet/type/contrail_device_manager_config.rb +++ /dev/null @@ -1,42 +0,0 @@ -Puppet::Type.newtype(:contrail_device_manager_config) do - - ensurable - - newparam(:name, :namevar => true) do - desc 'Section/setting name to manage from /etc/contrail/contrail-device-manager.conf' - newvalues(/\S+\/\S+/) - end - - newproperty(:value) do - desc 'The value of the setting to be defined.' - munge do |value| - value = value.to_s.strip - value.capitalize! if value =~ /^(true|false)$/i - value - end - - def is_to_s( currentvalue ) - if resource.secret? - return '[old secret redacted]' - else - return currentvalue - end - end - - def should_to_s( newvalue ) - if resource.secret? - return '[new secret redacted]' - else - return newvalue - end - end - end - - newparam(:secret, :boolean => true) do - desc 'Whether to hide the value from Puppet logs. Defaults to `false`.' - - newvalues(:true, :false) - - defaultto false - end -end diff --git a/contrail/lib/puppet/type/contrail_discovery_config.rb b/contrail/lib/puppet/type/contrail_discovery_config.rb deleted file mode 100644 index 183fd4565..000000000 --- a/contrail/lib/puppet/type/contrail_discovery_config.rb +++ /dev/null @@ -1,42 +0,0 @@ -Puppet::Type.newtype(:contrail_discovery_config) do - - ensurable - - newparam(:name, :namevar => true) do - desc 'Section/setting name to manage from /etc/contrail/discovery.conf' - newvalues(/\S+\/\S+/) - end - - newproperty(:value) do - desc 'The value of the setting to be defined.' - munge do |value| - value = value.to_s.strip - value.capitalize! if value =~ /^(true|false)$/i - value - end - - def is_to_s( currentvalue ) - if resource.secret? - return '[old secret redacted]' - else - return currentvalue - end - end - - def should_to_s( newvalue ) - if resource.secret? - return '[new secret redacted]' - else - return newvalue - end - end - end - - newparam(:secret, :boolean => true) do - desc 'Whether to hide the value from Puppet logs. Defaults to `false`.' - - newvalues(:true, :false) - - defaultto false - end -end diff --git a/contrail/lib/puppet/type/contrail_dns_config.rb b/contrail/lib/puppet/type/contrail_dns_config.rb deleted file mode 100644 index 35db66e9d..000000000 --- a/contrail/lib/puppet/type/contrail_dns_config.rb +++ /dev/null @@ -1,42 +0,0 @@ -Puppet::Type.newtype(:contrail_dns_config) do - - ensurable - - newparam(:name, :namevar => true) do - desc 'Section/setting name to manage from /etc/contrail/dns/control-dns.conf' - newvalues(/\S+\/\S+/) - end - - newproperty(:value) do - desc 'The value of the setting to be defined.' - munge do |value| - value = value.to_s.strip - value.capitalize! if value =~ /^(true|false)$/i - value - end - - def is_to_s( currentvalue ) - if resource.secret? - return '[old secret redacted]' - else - return currentvalue - end - end - - def should_to_s( newvalue ) - if resource.secret? - return '[new secret redacted]' - else - return newvalue - end - end - end - - newparam(:secret, :boolean => true) do - desc 'Whether to hide the value from Puppet logs. Defaults to `false`.' - - newvalues(:true, :false) - - defaultto false - end -end diff --git a/contrail/lib/puppet/type/contrail_keystone_auth_config.rb b/contrail/lib/puppet/type/contrail_keystone_auth_config.rb deleted file mode 100644 index d6e507f33..000000000 --- a/contrail/lib/puppet/type/contrail_keystone_auth_config.rb +++ /dev/null @@ -1,42 +0,0 @@ -Puppet::Type.newtype(:contrail_keystone_auth_config) do - - ensurable - - newparam(:name, :namevar => true) do - desc 'Section/setting name to manage from /etc/contrail/contrail-keystone-auth.conf' - newvalues(/\S+\/\S+/) - end - - newproperty(:value) do - desc 'The value of the setting to be defined.' - munge do |value| - value = value.to_s.strip - value.capitalize! if value =~ /^(true|false)$/i - value - end - - def is_to_s( currentvalue ) - if resource.secret? - return '[old secret redacted]' - else - return currentvalue - end - end - - def should_to_s( newvalue ) - if resource.secret? - return '[new secret redacted]' - else - return newvalue - end - end - end - - newparam(:secret, :boolean => true) do - desc 'Whether to hide the value from Puppet logs. Defaults to `false`.' - - newvalues(:true, :false) - - defaultto false - end -end diff --git a/contrail/lib/puppet/type/contrail_keystone_config.rb b/contrail/lib/puppet/type/contrail_keystone_config.rb deleted file mode 100644 index 9c7f12a0f..000000000 --- a/contrail/lib/puppet/type/contrail_keystone_config.rb +++ /dev/null @@ -1,42 +0,0 @@ -Puppet::Type.newtype(:contrail_keystone_config) do - - ensurable - - newparam(:name, :namevar => true) do - desc 'Section/setting name to manage from /etc/contrail/contrail-keystone-auth.conf' - newvalues(/\S+\/\S+/) - end - - newproperty(:value) do - desc 'The value of the setting to be defined.' - munge do |value| - value = value.to_s.strip - value.capitalize! if value =~ /^(true|false)$/i - value - end - - def is_to_s( currentvalue ) - if resource.secret? - return '[old secret redacted]' - else - return currentvalue - end - end - - def should_to_s( newvalue ) - if resource.secret? - return '[new secret redacted]' - else - return newvalue - end - end - end - - newparam(:secret, :boolean => true) do - desc 'Whether to hide the value from Puppet logs. Defaults to `false`.' - - newvalues(:true, :false) - - defaultto false - end -end diff --git a/contrail/lib/puppet/type/contrail_query_engine_config.rb b/contrail/lib/puppet/type/contrail_query_engine_config.rb deleted file mode 100644 index d7a6094f1..000000000 --- a/contrail/lib/puppet/type/contrail_query_engine_config.rb +++ /dev/null @@ -1,42 +0,0 @@ -Puppet::Type.newtype(:contrail_query_engine_config) do - - ensurable - - newparam(:name, :namevar => true) do - desc 'Section/setting name to manage from /etc/contrail/contrail-query-engine.conf' - newvalues(/\S+\/\S+/) - end - - newproperty(:value) do - desc 'The value of the setting to be defined.' - munge do |value| - value = value.to_s.strip - value.capitalize! if value =~ /^(true|false)$/i - value - end - - def is_to_s( currentvalue ) - if resource.secret? - return '[old secret redacted]' - else - return currentvalue - end - end - - def should_to_s( newvalue ) - if resource.secret? - return '[new secret redacted]' - else - return newvalue - end - end - end - - newparam(:secret, :boolean => true) do - desc 'Whether to hide the value from Puppet logs. Defaults to `false`.' - - newvalues(:true, :false) - - defaultto false - end -end diff --git a/contrail/lib/puppet/type/contrail_schema_config.rb b/contrail/lib/puppet/type/contrail_schema_config.rb deleted file mode 100644 index 7f60f1c1e..000000000 --- a/contrail/lib/puppet/type/contrail_schema_config.rb +++ /dev/null @@ -1,42 +0,0 @@ -Puppet::Type.newtype(:contrail_schema_config) do - - ensurable - - newparam(:name, :namevar => true) do - desc 'Section/setting name to manage from /etc/contrail/contrail-schema.conf' - newvalues(/\S+\/\S+/) - end - - newproperty(:value) do - desc 'The value of the setting to be defined.' - munge do |value| - value = value.to_s.strip - value.capitalize! if value =~ /^(true|false)$/i - value - end - - def is_to_s( currentvalue ) - if resource.secret? - return '[old secret redacted]' - else - return currentvalue - end - end - - def should_to_s( newvalue ) - if resource.secret? - return '[new secret redacted]' - else - return newvalue - end - end - end - - newparam(:secret, :boolean => true) do - desc 'Whether to hide the value from Puppet logs. Defaults to `false`.' - - newvalues(:true, :false) - - defaultto false - end -end diff --git a/contrail/lib/puppet/type/contrail_snmp_collector_config.rb b/contrail/lib/puppet/type/contrail_snmp_collector_config.rb deleted file mode 100644 index 56c566123..000000000 --- a/contrail/lib/puppet/type/contrail_snmp_collector_config.rb +++ /dev/null @@ -1,42 +0,0 @@ -Puppet::Type.newtype(:contrail_snmp_collector_config) do - - ensurable - - newparam(:name, :namevar => true) do - desc 'Section/setting name to manage from /etc/contrail/contrail-snmp-collector.conf' - newvalues(/\S+\/\S+/) - end - - newproperty(:value) do - desc 'The value of the setting to be defined.' - munge do |value| - value = value.to_s.strip - value.capitalize! if value =~ /^(true|false)$/i - value - end - - def is_to_s( currentvalue ) - if resource.secret? - return '[old secret redacted]' - else - return currentvalue - end - end - - def should_to_s( newvalue ) - if resource.secret? - return '[new secret redacted]' - else - return newvalue - end - end - end - - newparam(:secret, :boolean => true) do - desc 'Whether to hide the value from Puppet logs. Defaults to `false`.' - - newvalues(:true, :false) - - defaultto false - end -end diff --git a/contrail/lib/puppet/type/contrail_svc_monitor_config.rb b/contrail/lib/puppet/type/contrail_svc_monitor_config.rb deleted file mode 100644 index 017dc2dd8..000000000 --- a/contrail/lib/puppet/type/contrail_svc_monitor_config.rb +++ /dev/null @@ -1,42 +0,0 @@ -Puppet::Type.newtype(:contrail_svc_monitor_config) do - - ensurable - - newparam(:name, :namevar => true) do - desc 'Section/setting name to manage from /etc/contrail/svc-monitor.conf' - newvalues(/\S+\/\S+/) - end - - newproperty(:value) do - desc 'The value of the setting to be defined.' - munge do |value| - value = value.to_s.strip - value.capitalize! if value =~ /^(true|false)$/i - value - end - - def is_to_s( currentvalue ) - if resource.secret? - return '[old secret redacted]' - else - return currentvalue - end - end - - def should_to_s( newvalue ) - if resource.secret? - return '[new secret redacted]' - else - return newvalue - end - end - end - - newparam(:secret, :boolean => true) do - desc 'Whether to hide the value from Puppet logs. Defaults to `false`.' - - newvalues(:true, :false) - - defaultto false - end -end diff --git a/contrail/lib/puppet/type/contrail_topology_config.rb b/contrail/lib/puppet/type/contrail_topology_config.rb deleted file mode 100644 index ecda37773..000000000 --- a/contrail/lib/puppet/type/contrail_topology_config.rb +++ /dev/null @@ -1,42 +0,0 @@ -Puppet::Type.newtype(:contrail_topology_config) do - - ensurable - - newparam(:name, :namevar => true) do - desc 'Section/setting name to manage from /etc/contrail/contrail-topology.conf' - newvalues(/\S+\/\S+/) - end - - newproperty(:value) do - desc 'The value of the setting to be defined.' - munge do |value| - value = value.to_s.strip - value.capitalize! if value =~ /^(true|false)$/i - value - end - - def is_to_s( currentvalue ) - if resource.secret? - return '[old secret redacted]' - else - return currentvalue - end - end - - def should_to_s( newvalue ) - if resource.secret? - return '[new secret redacted]' - else - return newvalue - end - end - end - - newparam(:secret, :boolean => true) do - desc 'Whether to hide the value from Puppet logs. Defaults to `false`.' - - newvalues(:true, :false) - - defaultto false - end -end diff --git a/contrail/lib/puppet/type/contrail_vnc_api_config.rb b/contrail/lib/puppet/type/contrail_vnc_api_config.rb deleted file mode 100644 index 4974276f6..000000000 --- a/contrail/lib/puppet/type/contrail_vnc_api_config.rb +++ /dev/null @@ -1,42 +0,0 @@ -Puppet::Type.newtype(:contrail_vnc_api_config) do - - ensurable - - newparam(:name, :namevar => true) do - desc 'Section/setting name to manage from /etc/contrail/vnc_api_lib.ini' - newvalues(/\S+\/\S+/) - end - - newproperty(:value) do - desc 'The value of the setting to be defined.' - munge do |value| - value = value.to_s.strip - value.capitalize! if value =~ /^(true|false)$/i - value - end - - def is_to_s( currentvalue ) - if resource.secret? - return '[old secret redacted]' - else - return currentvalue - end - end - - def should_to_s( newvalue ) - if resource.secret? - return '[new secret redacted]' - else - return newvalue - end - end - end - - newparam(:secret, :boolean => true) do - desc 'Whether to hide the value from Puppet logs. Defaults to `false`.' - - newvalues(:true, :false) - - defaultto false - end -end diff --git a/contrail/lib/puppet/type/contrail_vrouter_agent_config.rb b/contrail/lib/puppet/type/contrail_vrouter_agent_config.rb deleted file mode 100644 index f7c64ca3e..000000000 --- a/contrail/lib/puppet/type/contrail_vrouter_agent_config.rb +++ /dev/null @@ -1,42 +0,0 @@ -Puppet::Type.newtype(:contrail_vrouter_agent_config) do - - ensurable - - newparam(:name, :namevar => true) do - desc 'Section/setting name to manage from /etc/contrail/contrail-vrouter-agent.conf' - newvalues(/\S+\/\S+/) - end - - newproperty(:value) do - desc 'The value of the setting to be defined.' - munge do |value| - value = value.to_s.strip - value.capitalize! if value =~ /^(true|false)$/i - value - end - - def is_to_s( currentvalue ) - if resource.secret? - return '[old secret redacted]' - else - return currentvalue - end - end - - def should_to_s( newvalue ) - if resource.secret? - return '[new secret redacted]' - else - return newvalue - end - end - end - - newparam(:secret, :boolean => true) do - desc 'Whether to hide the value from Puppet logs. Defaults to `false`.' - - newvalues(:true, :false) - - defaultto false - end -end diff --git a/contrail/lib/puppet/type/contrail_vrouter_nodemgr_config.rb b/contrail/lib/puppet/type/contrail_vrouter_nodemgr_config.rb deleted file mode 100644 index e287cb8f8..000000000 --- a/contrail/lib/puppet/type/contrail_vrouter_nodemgr_config.rb +++ /dev/null @@ -1,42 +0,0 @@ -Puppet::Type.newtype(:contrail_vrouter_nodemgr_config) do - - ensurable - - newparam(:name, :namevar => true) do - desc 'Section/setting name to manage from /etc/contrail/contrail-vrouter-nodemgr.conf' - newvalues(/\S+\/\S+/) - end - - newproperty(:value) do - desc 'The value of the setting to be defined.' - munge do |value| - value = value.to_s.strip - value.capitalize! if value =~ /^(true|false)$/i - value - end - - def is_to_s( currentvalue ) - if resource.secret? - return '[old secret redacted]' - else - return currentvalue - end - end - - def should_to_s( newvalue ) - if resource.secret? - return '[new secret redacted]' - else - return newvalue - end - end - end - - newparam(:secret, :boolean => true) do - desc 'Whether to hide the value from Puppet logs. Defaults to `false`.' - - newvalues(:true, :false) - - defaultto false - end -end diff --git a/contrail/manifests/analytics.pp b/contrail/manifests/analytics.pp deleted file mode 100644 index 94a356939..000000000 --- a/contrail/manifests/analytics.pp +++ /dev/null @@ -1,20 +0,0 @@ -# == Class: contrail::analytics -# -# Install and configure the analytics service -# -# === Parameters: -# -# [*package_name*] -# (optional) Package name for analytics -# -class contrail::analytics ( - $package_name = $contrail::params::analytics_package_name, -) inherits contrail::params { - - anchor {'contrail::analytics::start': } -> - class {'::contrail::analytics::install': } -> - class {'::contrail::analytics::config': } ~> - class {'::contrail::analytics::service': } - anchor {'contrail::analytics::end': } - -} diff --git a/contrail/manifests/analytics/config.pp b/contrail/manifests/analytics/config.pp deleted file mode 100644 index 52431cd53..000000000 --- a/contrail/manifests/analytics/config.pp +++ /dev/null @@ -1,54 +0,0 @@ -# == Class: contrail::analytics::config -# -# Configure the analytics service -# -# === Parameters: -# -# [*analytics_api_config*] -# (optional) Hash of parameters for /etc/contrail/contrail-analytics-api.conf -# Defaults to {} -# -# [*collector_config*] -# (optional) Hash of parameters for /etc/contrail/contrail-collector.conf -# Defaults to {} -# -# [*query_engine_config*] -# (optional) Hash of parameters for /etc/contrail/contrail-query-engine.conf -# Defaults to {} -# -# [*snmp_collector_config*] -# (optional) Hash of parameters for /etc/contrail/contrail-snmp-collector.conf -# Defaults to {} -# -# [*analytics_nodemgr_config*] -# (optional) Hash of parameters for /etc/contrail/contrail-analytics-nodemgr.conf -# Defaults to {} -# -# [*topology_config*] -# (optional) Hash of parameters for /etc/contrail/contrail-toplogy.conf -# Defaults to {} -# -class contrail::analytics::config ( - $analytics_api_config = {}, - $collector_config = {}, - $query_engine_config = {}, - $snmp_collector_config = {}, - $analytics_nodemgr_config = {}, - $topology_config = {}, -) { - - validate_hash($analytics_api_config) - validate_hash($collector_config) - validate_hash($query_engine_config) - validate_hash($snmp_collector_config) - validate_hash($analytics_nodemgr_config) - validate_hash($topology_config) - - create_resources('contrail_analytics_api_config', $analytics_api_config) - create_resources('contrail_collector_config', $collector_config) - create_resources('contrail_query_engine_config', $query_engine_config) - create_resources('contrail_snmp_collector_config', $snmp_collector_config) - create_resources('contrail_analytics_nodemgr_config', $analytics_nodemgr_config) - create_resources('contrail_topology_config', $topology_config) - -} diff --git a/contrail/manifests/analytics/install.pp b/contrail/manifests/analytics/install.pp deleted file mode 100644 index 359947caa..000000000 --- a/contrail/manifests/analytics/install.pp +++ /dev/null @@ -1,18 +0,0 @@ -# == Class: contrail::analytics::install -# -# Install the analytics service -# -# === Parameters: -# -# [*package_name*] -# (optional) Package name for analytics -# -class contrail::analytics::install ( - $package_name = $contrail::analytics::package_name, -) { - - package { $package_name : - ensure => installed, - } - -} diff --git a/contrail/manifests/analytics/service.pp b/contrail/manifests/analytics/service.pp deleted file mode 100644 index c14aabd66..000000000 --- a/contrail/manifests/analytics/service.pp +++ /dev/null @@ -1,12 +0,0 @@ -# == Class: contrail::analytics::service -# -# Manage the analytics service -# -class contrail::analytics::service { - - service {'supervisor-analytics' : - ensure => running, - enable => true, - } - -} diff --git a/contrail/manifests/config.pp b/contrail/manifests/config.pp deleted file mode 100644 index f68dd0e2a..000000000 --- a/contrail/manifests/config.pp +++ /dev/null @@ -1,21 +0,0 @@ -# == Class: contrail::config -# -# Install and configure the config service -# -# === Parameters: -# -# [*package_name*] -# (optional) Package name for config -# -class contrail::config ( - $package_name = $contrail::params::config_package_name, -) inherits contrail::params { - - anchor {'contrail::config::start': } -> - class {'::contrail::config::install': } -> - class {'::contrail::config::config': } ~> - class {'::contrail::config::service': } - anchor {'contrail::config::end': } - -} - diff --git a/contrail/manifests/config/config.pp b/contrail/manifests/config/config.pp deleted file mode 100644 index 38ae956a6..000000000 --- a/contrail/manifests/config/config.pp +++ /dev/null @@ -1,79 +0,0 @@ -# == Class: contrail::config::config -# -# Configure the config service -# -# === Parameters: -# -# [*api_config*] -# (optional) Hash of parameters for /etc/contrail/contrail-api.conf -# Defaults to {} -# -# [*alarm_gen_config*] -# (optional) Hash of parameters for /etc/contrail/contrail-alarm-gen.conf -# Defaults to {} -# -# [*config_nodemgr_config*] -# (optional) Hash of parameters for /etc/contrail/contrail-config-nodemgr.conf -# Defaults to {} -# -# [*discovery_config*] -# (optional) Hash of parameters for /etc/contrail/contrail-discovery.conf -# Defaults to {} -# -# [*schema_config*] -# (optional) Hash of parameters for /etc/contrail/contrail-schema.conf -# Defaults to {} -# -# [*device_manager_config*] -# (optional) Hash of parameters for /etc/contrail/contrail-device-managerr.conf -# Defaults to {} -# -# [*svc_monitor_config*] -# (optional) Hash of parameters for /etc/contrail/contrail-svc-monitor.conf -# Defaults to {} -# -# [*basicauthusers_property*] -# (optional) List of pairs of ifmap users. Example: user1:password1 -# Defaults to [] -# -class contrail::config::config ( - $api_config = {}, - $alarm_gen_config = {}, - $config_nodemgr_config = {}, - $discovery_config = {}, - $schema_config = {}, - $device_manager_config = {}, - $svc_monitor_config = {}, - $basicauthusers_property = [], -) { - - validate_hash($api_config) - validate_hash($alarm_gen_config) - validate_hash($config_nodemgr_config) - validate_hash($discovery_config) - validate_hash($schema_config) - validate_hash($device_manager_config) - validate_hash($svc_monitor_config) - - validate_array($basicauthusers_property) - - create_resources('contrail_api_config', $api_config) - create_resources('contrail_alarm_gen_config', $alarm_gen_config) - create_resources('contrail_config_nodemgr_config', $config_nodemgr_config) - create_resources('contrail_discovery_config', $discovery_config) - create_resources('contrail_schema_config', $schema_config) - create_resources('contrail_device_manager_config', $device_manager_config) - create_resources('contrail_svc_monitor_config', $svc_monitor_config) - - file { '/etc/ifmap-server/basicauthusers.properties' : - ensure => file, - content => template('contrail/config/basicauthusers.properties.erb'), - } - - file {'/etc/ifmap-server/log4j.properties' : - ensure => file, - content => template('contrail/config/log4j.properties.erb'), - } - -} - diff --git a/contrail/manifests/config/install.pp b/contrail/manifests/config/install.pp deleted file mode 100644 index fd238b7b1..000000000 --- a/contrail/manifests/config/install.pp +++ /dev/null @@ -1,18 +0,0 @@ -# == Class: contrail::config::install -# -# Install the config service -# -# === Parameters: -# -# [*package_name*] -# (optional) Package name for config -# -class contrail::config::install ( - $package_name = $contrail::config::package_name, -) { - - package { $package_name : - ensure => installed, - } - -} diff --git a/contrail/manifests/config/service.pp b/contrail/manifests/config/service.pp deleted file mode 100644 index 5f8a4b4f9..000000000 --- a/contrail/manifests/config/service.pp +++ /dev/null @@ -1,13 +0,0 @@ -# == Class: contrail::config::service -# -# Manage the config service -# -class contrail::config::service { - - service {'supervisor-config' : - ensure => running, - enable => true, - } - -} - diff --git a/contrail/manifests/control.pp b/contrail/manifests/control.pp deleted file mode 100644 index 0c5ebe084..000000000 --- a/contrail/manifests/control.pp +++ /dev/null @@ -1,20 +0,0 @@ -# == Class: contrail::control -# -# Install and configure the control service -# -# === Parameters: -# -# [*package_name*] -# (optional) Package name for control -# -class contrail::control ( - $package_name = $contrail::params::control_package_name, -) inherits contrail::params { - - anchor {'contrail::control::start': } -> - class {'::contrail::control::install': } -> - class {'::contrail::control::config': } ~> - class {'::contrail::control::service': } - anchor {'contrail::control::end': } - -} diff --git a/contrail/manifests/control/config.pp b/contrail/manifests/control/config.pp deleted file mode 100644 index f7064cf3e..000000000 --- a/contrail/manifests/control/config.pp +++ /dev/null @@ -1,64 +0,0 @@ -# == Class: contrail::control::config -# -# Configure the control service -# -# === Parameters: -# -# [*secret*] -# RNDC secret -# -# [*forwarder*] -# (optional) Default forward DNS server -# Defaults '8.8.8.8' -# -# [*dns_config*] -# (optional) Hash of parameters for /etc/contrail/dns/contrail-dns.conf -# -# [*manage_named_conf*] -# (optional) Boolean to manage or not /etc/contrail/contrail-named.conf file -# -# [*control_config*] -# (optional) Hash of parameters for /etc/contrail/contrail-control.conf -# -# [*control_nodemgr_config*] -# (optional) Hash of parameters for /etc/contrail/contrail-control-nodemgr.conf -# -class contrail::control::config ( - $secret, - $forwarder = '8.8.8.8', - $dns_config = {}, - $manage_named_conf = true, - $control_config = {}, - $control_nodemgr_config = {}, -) { - - include ::contrail::vnc_api - include ::contrail::ctrl_details - include ::contrail::service_token - include ::contrail::keystone - - validate_hash($dns_config) - validate_hash($control_config) - validate_hash($control_nodemgr_config) - - create_resources('contrail_dns_config', $dns_config) - create_resources('contrail_control_config', $control_config) - create_resources('contrail_control_nodemgr_config', $control_nodemgr_config) - - if $forwarder { - if is_array($forwarder) { - $forwarders_option = join([join($forwarder, ';'),';'], '') - } else { - $forwarders_option = "${forwarder};" - } - } else { - $forwarders_option = '' - } - - if $manage_named_conf { - file { '/etc/contrail/dns/contrail-named.conf' : - ensure => file, - content => template('contrail/contrail-named.conf.erb'), - } - } -} diff --git a/contrail/manifests/control/install.pp b/contrail/manifests/control/install.pp deleted file mode 100644 index 8492979e0..000000000 --- a/contrail/manifests/control/install.pp +++ /dev/null @@ -1,18 +0,0 @@ -# == Class: contrail::control::install -# -# Install the control service -# -# === Parameters: -# -# [*package_name*] -# (optional) Package name for control -# -class contrail::control::install ( - $package_name = $contrail::control::package_name, -) { - - package { $package_name : - ensure => installed, - } - -} diff --git a/contrail/manifests/control/provision_control.pp b/contrail/manifests/control/provision_control.pp deleted file mode 100644 index d873f5fe5..000000000 --- a/contrail/manifests/control/provision_control.pp +++ /dev/null @@ -1,80 +0,0 @@ -# == Class: contrail::control::provision_control -# -# Provision the control node -# -# === Parameters: -# -# [*api_address*] -# (optional) IP address of the Contrail API -# Defaults to '127.0.0.1' -# -# [*api_port*] -# (optional) Port of the Contrail API -# Defaults to 8082 -# -# [*router_asn*] -# (optional) The router ASN -# Defaults 64512 -# -# [*control_node_address*] -# (optional) IP address of the controller -# Defaults to $::ipaddress -# -# [*control_node_name*] -# (optional) Hostname of the controller -# Defaults to $::hostname -# -# [*keystone_admin_user*] -# (optional) Keystone admin user -# Defaults to 'admin' -# -# [*keystone_admin_password*] -# (optional) Password for keystone admin user -# Defaults to 'password' -# -# [*keystone_admin_tenant_name*] -# (optional) Keystone admin tenant name -# Defaults to 'admin' -# -# [*ibgp_auto_mesh*] -# (optional) Should iBGP auto mesh activated -# Defaults to 'true' -# -# [*oper*] -# (optional) Operation to run (add|del) -# Defaults to 'add' -# -class contrail::control::provision_control ( - $api_address = '127.0.0.1', - $api_port = 8082, - $router_asn = 64512, - $control_node_address = $::ipaddress, - $control_node_name = $::hostname, - $keystone_admin_user = 'admin', - $keystone_admin_password = 'password', - $keystone_admin_tenant_name = 'admin', - $ibgp_auto_mesh = true, - $oper = 'add', -) { - - if $ibgp_auto_mesh { - $ibgp_auto_mesh_opt = '--ibgp_auto_mesh' - } else { - $ibgp_auto_mesh_opt = '--no_ibgp_auto_mesh' - } - - exec { "provision_control.py ${control_node_name}" : - path => '/usr/bin', - command => "python /opt/contrail/utils/provision_control.py \ - --host_name ${control_node_name} \ - --host_ip ${control_node_address} \ - --router_asn ${router_asn} \ - ${ibgp_auto_mesh_opt} \ - --api_server_ip ${api_address} \ - --api_server_port ${api_port} \ - --admin_user ${keystone_admin_user} \ - --admin_password ${keystone_admin_password} \ - --admin_tenant ${keystone_admin_tenant_name} \ - --oper ${oper}", - } -} diff --git a/contrail/manifests/control/provision_encap.pp b/contrail/manifests/control/provision_encap.pp deleted file mode 100644 index 4aac0f2e2..000000000 --- a/contrail/manifests/control/provision_encap.pp +++ /dev/null @@ -1,66 +0,0 @@ -# == Class: contrail::control::provision_encap -# -# Provision encap -# -# === Parameters: -# -# [*api_address*] -# (optional) IP address of the Contrail API -# Defaults to '127.0.0.1' -# -# [*api_port*] -# (optional) Port of the Contrail API -# Defaults to 8082 -# -# [*encap_priority*] -# (optional) Encapsulation priority -# Defaults 'MPLSoUDP,MPLSoGRGE,VXLAN' -# -# [*vxlan_vn_id_mode*] -# (optional) VxLAN VN id mode -# Defaults to 'automatic' -# -# [*keystone_admin_user*] -# (optional) Keystone admin user -# Defaults to 'admin' -# -# [*keystone_admin_password*] -# (optional) Password for keystone admin user -# Defaults to 'password' -# -# [*keystone_admin_tenant_name*] -# (optional) Keystone admin tenant name -# Defaults to 'admin' -# -# [*ibgp_auto_mesh*] -# (optional) Should iBGP auto mesh activated -# Defaults to 'true' -# -# [*oper*] -# (optional) Operation to run (add|del) -# Defaults to 'add' -# -class contrail::control::provision_encap ( - $api_address = '127.0.0.1', - $api_port = 8082, - $encap_priority = 'MPLSoUDP,MPLSoGRE,VXLAN', - $vxlan_vn_id_mode = 'automatic', - $keystone_admin_user = 'admin', - $keystone_admin_password = 'password', - $keystone_admin_tenant_name = 'admin', - $oper = 'add', -) { - - exec { "provision_encap.py ${api_address}" : - path => '/usr/bin', - command => "python /opt/contrail/utils/provision_encap.py \ - --api_server_ip ${api_address} \ - --api_server_port ${api_port} \ - --encap_priority ${encap_priority} \ - --vxlan_vn_id_mode ${vxlan_vn_id_mode} \ - --admin_user ${keystone_admin_user} \ - --admin_password ${keystone_admin_password} \ - --oper ${oper}", - } - -} diff --git a/contrail/manifests/control/provision_linklocal.pp b/contrail/manifests/control/provision_linklocal.pp deleted file mode 100644 index 12ec2f38b..000000000 --- a/contrail/manifests/control/provision_linklocal.pp +++ /dev/null @@ -1,85 +0,0 @@ -# == Class: contrail::control::provision_linklocal -# -# Provision the metadata service -# -# === Parameters: -# -# [*api_address*] -# (optional) IP address of the Contrail API -# Defaults to '127.0.0.1' -# -# [*api_port*] -# (optional) Port of the Contrail API -# Defaults to 8082 -# -# [*linklocal_service_name*] -# (optional) Metadata service name -# Defaults to 'metadata' -# -# [*linklocal_service_ip*] -# (optional) IP address of the metadata service -# Defaults to '169.254.169.254' -# -# [*linklocal_service_port*] -# (optional) Port of the metadata service -# Defaults to 80 -# -# [*ipfabric_service_ip*] -# (optional) IP of the ipfabric -# Defaults to '127.0.0.1' -# -# [*ipfabric_service_port*] -# (optional) Port of the ipfabric -# Defaults to 8775 -# -# [*keystone_admin_user*] -# (optional) Keystone admin user -# Defaults to 'admin' -# -# [*keystone_admin_password*] -# (optional) Password for keystone admin user -# Defaults to 'password' -# -# [*keystone_admin_tenant_name*] -# (optional) Keystone admin tenant name -# Defaults to 'admin' -# -# [*ibgp_auto_mesh*] -# (optional) Should iBGP auto mesh activated -# Defaults to 'true' -# -# [*oper*] -# (optional) Operation to run (add|del) -# Defaults to 'add' -# -class contrail::control::provision_linklocal ( - $api_address = '127.0.0.1', - $api_port = 8082, - $linklocal_service_name = 'metadata', - $linklocal_service_ip = '169.254.169.254', - $linklocal_service_port = 80, - $ipfabric_service_ip = '127.0.0.1', - $ipfabric_service_port = 8775, - $keystone_admin_user = 'admin', - $keystone_admin_password = 'password', - $keystone_admin_tenant_name = 'admin', - $oper = 'add', -) { - - exec { "provision_linklocal.py ${api_address}" : - path => '/usr/bin', - command => "python /opt/contrail/utils/provision_linklocal.py \ - --api_server_ip ${api_address} \ - --api_server_port ${api_port} \ - --linklocal_service_name ${linklocal_service_name} \ - --linklocal_service_ip ${linklocal_service_ip} \ - --linklocal_service_port ${linklocal_service_port} \ - --ipfabric_service_ip ${ipfabric_service_ip} \ - --ipfabric_service_port ${ipfabric_service_port} \ - --admin_user ${keystone_admin_user} \ - --admin_password ${keystone_admin_password} \ - --admin_tenant ${keystone_admin_tenant_name} \ - --oper ${oper}", - } - -} diff --git a/contrail/manifests/control/service.pp b/contrail/manifests/control/service.pp deleted file mode 100644 index e6b175300..000000000 --- a/contrail/manifests/control/service.pp +++ /dev/null @@ -1,12 +0,0 @@ -# == Class: contrail::control::service -# -# Manage the control service -# -class contrail::control::service { - - service {'supervisor-control' : - ensure => running, - enable => true, - } - -} diff --git a/contrail/manifests/ctrl_details.pp b/contrail/manifests/ctrl_details.pp deleted file mode 100644 index eb8267e70..000000000 --- a/contrail/manifests/ctrl_details.pp +++ /dev/null @@ -1,45 +0,0 @@ -# == Class: contrail::ctrl_details -# -# Install the /etc/contrail/ctrl-details file -# -# === Parameters: -# -# [*keystone_service_token*] -# (optional) Keystone service token -# Defaults to '' -# -# [*keystone_auth_protocol*] -# (optional) Keystone authentication protocol -# Defaults to 'http' -# -# [*keystone_admin_password*] -# (optional) Keystone admin password -# Defaults to 'password' -# -# [*openstack_internal_vip*] -# (optional) Openstack internal VIP -# Defaults to '127.0.0.1' -# -# [*openstack_external_vip*] -# (optional) Openstack external VIP -# Defaults to '127.0.0.1' -# -# [*amqp_ip*] -# (optional) IP of the AMQP broket -# Defaults to '127.0.0.1' -# -class contrail::ctrl_details ( - $keystone_service_token = '', - $keystone_auth_protocol = 'http', - $keystone_admin_password = 'password', - $openstack_internal_vip = '127.0.0.1', - $openstack_external_vip = '127.0.0.1', - $amqp_ip = '127.0.0.1', -) { - - file { '/etc/contrail/ctrl-details' : - ensure => file, - content => template('contrail/ctrl-details.erb'), - } - -} diff --git a/contrail/manifests/database.pp b/contrail/manifests/database.pp deleted file mode 100644 index 481987189..000000000 --- a/contrail/manifests/database.pp +++ /dev/null @@ -1,26 +0,0 @@ -# == Class: contrail::database -# -# Install and configure the database service -# -# === Parameters: -# -# [*package_name*] -# (optional) Package name for database -# -class contrail::database ( - $package_name = $contrail::params::database_package_name, -) inherits contrail::params { - - Service <| name == 'supervisor-analytics' |> -> Service['supervisor-database'] - Service <| name == 'supervisor-config' |> -> Service['supervisor-database'] - Service <| name == 'supervisor-control' |> -> Service['supervisor-database'] - Service['supervisor-database'] -> Service <| name == 'supervisor-webui' |> - - - anchor {'contrail::database::start': } -> - class {'::contrail::database::install': } -> - class {'::contrail::database::config': } ~> - class {'::contrail::database::service': } - anchor {'contrail::database::end': } - -} diff --git a/contrail/manifests/database/config.pp b/contrail/manifests/database/config.pp deleted file mode 100644 index 9f36374c8..000000000 --- a/contrail/manifests/database/config.pp +++ /dev/null @@ -1,19 +0,0 @@ -# == Class: contrail::database::config -# -# Configure the database service -# -# === Parameters: -# -# [*database_nodemgr_config*] -# (optional) Hash of parameters for /etc/contrail/contrail-database-nodemgr.conf -# Defaults to {} -# -class contrail::database::config ( - $database_nodemgr_config = {}, -) { - - validate_hash($database_nodemgr_config) - - create_resources('contrail_database_nodemgr_config', $database_nodemgr_config) - -} diff --git a/contrail/manifests/database/install.pp b/contrail/manifests/database/install.pp deleted file mode 100644 index 30819b2ed..000000000 --- a/contrail/manifests/database/install.pp +++ /dev/null @@ -1,18 +0,0 @@ -# == Class: contrail::database::install -# -# Install the database service -# -# === Parameters: -# -# [*package_name*] -# (optional) Package name for database -# -class contrail::database::install ( - $package_name = $contrail::database::package_name, -) { - - package { $package_name : - ensure => installed, - } - -} diff --git a/contrail/manifests/database/service.pp b/contrail/manifests/database/service.pp deleted file mode 100644 index cbb77f270..000000000 --- a/contrail/manifests/database/service.pp +++ /dev/null @@ -1,17 +0,0 @@ -# == Class: contrail::database::service -# -# Manage the database service -# -# === Parameters: -# -# [*package_name*] -# (optional) Package name for database -# -class contrail::database::service { - - service {'supervisor-database' : - ensure => running, - enable => true, - } - -} diff --git a/contrail/manifests/init.pp b/contrail/manifests/init.pp deleted file mode 100644 index 06ba3c5d7..000000000 --- a/contrail/manifests/init.pp +++ /dev/null @@ -1,37 +0,0 @@ -# == Class: contrail -# -# Install and configure contrail using puppet. -# -# === Parameters -# -# [*param*] -# Explanation of what this parameter affects and what it defaults to. -# e.g. "Specify one or more upstream ntp servers as an array." -# -# === Variables -# -# [*variable*] -# Explanation of how this variable affects the funtion of this class and if it -# has a default. e.g. "The parameter enc_ntp_servers must be set by the -# External Node Classifier as a comma separated list of hostnames." (Note, -# global variables should not be used in preference to class parameters as of -# Puppet 2.6.) -# -# === Examples -# -# class { 'example_class': -# ntp_servers => [ 'pool.ntp.org', 'ntp.local.company.com' ] -# } -# -# === Authors -# -# Sebastien Badia -# -# === Copyright -# -# Copyleft 2013 Sebastien Badia. -# See LICENSE file. -# -class contrail { - #code... -} # Class:: contrail diff --git a/contrail/manifests/keystone.pp b/contrail/manifests/keystone.pp deleted file mode 100644 index 2f01cb03b..000000000 --- a/contrail/manifests/keystone.pp +++ /dev/null @@ -1,19 +0,0 @@ -# == Class: contrail::keystone -# -# Install the /etc/contrail/contrail-keystone-auth.conf -# -# === Parameters: -# -# [*keystone_config*] -# (optional) Hash of parameters for /etc/contrail/contrail-keystone-auth.conf -# Defaults to {} -# -class contrail::keystone ( - $keystone_config = {}, -) { - - validate_hash($keystone_config) - - create_resources('contrail_keystone_config', $keystone_config) - -} diff --git a/contrail/manifests/params.pp b/contrail/manifests/params.pp deleted file mode 100644 index 189af5de1..000000000 --- a/contrail/manifests/params.pp +++ /dev/null @@ -1,12 +0,0 @@ -# == Class: contrail::params -# -class contrail::params { - - $control_package_name = ['contrail-openstack-control'] - $config_package_name = ['contrail-openstack-config'] - $analytics_package_name = ['contrail-openstack-analytics'] - $webui_package_name = ['contrail-openstack-webui'] - $database_package_name = ['contrail-openstack-database'] - $vrouter_package_name = ['contrail-openstack-vrouter'] - -} diff --git a/contrail/manifests/provision_control.pp b/contrail/manifests/provision_control.pp deleted file mode 100644 index 32ef4cd82..000000000 --- a/contrail/manifests/provision_control.pp +++ /dev/null @@ -1,18 +0,0 @@ -# == Class: contrail::provision_control -# -# Provision following 3 things -# -# * control -# * linklocal -# * encap -# -# This class is simply an helper to be included when all three provisions needs -# to be done -# -class contrail::provision_control { - - include ::contrail::control::provision_control - include ::contrail::control::provision_linklocal - include ::contrail::control::provision_encap - -} diff --git a/contrail/manifests/service_token.pp b/contrail/manifests/service_token.pp deleted file mode 100644 index 91fdb467f..000000000 --- a/contrail/manifests/service_token.pp +++ /dev/null @@ -1,20 +0,0 @@ -# == Class: contrail::service_token -# -# Install the /etc/contrail/service.token -# -# === Parameters: -# -# [*keystone_service_token*] -# (optional) Keystone service token -# Defaults to '' -# -class contrail::service_token ( - $keystone_service_token = '', -) { - - file { '/etc/contrail/service.token' : - ensure => file, - content => $keystone_service_token, - } - -} diff --git a/contrail/manifests/vnc_api.pp b/contrail/manifests/vnc_api.pp deleted file mode 100644 index 29de9e8fe..000000000 --- a/contrail/manifests/vnc_api.pp +++ /dev/null @@ -1,19 +0,0 @@ -# == Class: contrail::vnc_api -# -# Install the /etc/contrail/vnc_api_lib.ini -# -# === Parameters: -# -# [*vnc_api_config*] -# (optional) Hash of parameters for /etc/contrail/vnc_api_lib.ini -# Defaults to {} -# -class contrail::vnc_api ( - $vnc_api_config = {}, -) { - - validate_hash($vnc_api_config) - - create_resources('contrail_vnc_api_config', $vnc_api_config) - -} diff --git a/contrail/manifests/vrouter.pp b/contrail/manifests/vrouter.pp deleted file mode 100644 index 75accb53a..000000000 --- a/contrail/manifests/vrouter.pp +++ /dev/null @@ -1,20 +0,0 @@ -# == Class: contrail::vrouter -# -# Install and configure the vrouter service -# -# === Parameters: -# -# [*package_name*] -# (optional) Package name for vrouter -# -class contrail::vrouter ( - $package_name = $contrail::params::vrouter_package_name, -) inherits contrail::params { - - anchor {'contrail::vrouter::start': } -> - class {'::contrail::vrouter::install': } -> - class {'::contrail::vrouter::config': } ~> - class {'::contrail::vrouter::service': } - anchor {'contrail::vrouter::end': } - -} diff --git a/contrail/manifests/vrouter/config.pp b/contrail/manifests/vrouter/config.pp deleted file mode 100644 index a744f0ae4..000000000 --- a/contrail/manifests/vrouter/config.pp +++ /dev/null @@ -1,112 +0,0 @@ -# == Class: contrail::vrouter::config -# -# Configure the vrouter service -# -# === Parameters: -# -# [*vhost_ip*] -# (optional) IP of the vrouter agent -# Defaults to '127.0.0.1' -# -# [*discovery_ip*] -# (optional) IP of the discovery service -# Defaults to '127.0.0.1' -# -# [*device*] -# (optional) Network device -# Defaults to 'eth0' -# -# [*kmod_path*] -# (optional) full path for vrouter.ko -# Defaults to '/lib/modules/${::kernelrelease}/extra/net/vrouter/vrouter.ko -# -# [*compute_device*] -# (optional) Network device for Openstack compute -# Defaukts to 'eth0; -# -# [*mask*] -# (optional) Netmask in CIDR form -# Defaults '24' -# -# [*netmask*] -# (optional) Full netmask -# Defaults '255.255.255.0' -# -# [*gateway*] -# (optional) Gateway IP address -# Defaults to '127.0.0.1' -# -# [*vgw_public_subnet*] -# (optional) Virtual Gateway public subnet -# Defaults to undef -# -# [*vgw_interface*] -# (optional) Virtual Gateway interface -# Defaults to undef -# -# [*macaddr*] -# (optional) Mac address -# Defaults to $::macaddr -# -# [*vrouter_agent_config*] -# (optional) Hash of parameters for /etc/contrail/contrail-vrouter-agent.conf -# Defaults {} -# -# [*vrouter_nodemgr_config*] -# (optional) Hash of parameters for /etc/contrail/contrail-vrouter-nodemgr.conf -# Defaults {} -# -class contrail::vrouter::config ( - $vhost_ip = '127.0.0.1', - $discovery_ip = '127.0.0.1', - $device = 'eth0', - $kmod_path = "/lib/modules/${::kernelrelease}/extra/net/vrouter/vrouter.ko", - $compute_device = 'eth0', - $mask = '24', - $netmask = '255.255.255.0', - $gateway = '127.0.0.1', - $vgw_public_subnet = undef, - $vgw_interface = undef, - $macaddr = $::macaddress, - $vrouter_agent_config = {}, - $vrouter_nodemgr_config = {}, -) { - - include ::contrail::vnc_api - include ::contrail::ctrl_details - include ::contrail::service_token - - validate_hash($vrouter_agent_config) - validate_hash($vrouter_nodemgr_config) - - create_resources('contrail_vrouter_agent_config', $vrouter_agent_config) - create_resources('contrail_vrouter_nodemgr_config', $vrouter_nodemgr_config) - - file { '/etc/contrail/agent_param' : - ensure => file, - content => template('contrail/vrouter/agent_param.erb'), - } - - file { '/etc/contrail/default_pmac' : - ensure => file, - content => $macaddr, - } - - file { '/etc/contrail/vrouter_nodemgr_param' : - ensure => file, - content => "DISCOVERY=${discovery_ip}", - } - - exec { '/bin/python /opt/contrail/utils/update_dev_net_config_files.py' : - path => '/usr/bin', - command => "/bin/python /opt/contrail/utils/update_dev_net_config_files.py \ - --vhost_ip ${vhost_ip} \ - --dev ${device} \ - --compute_dev ${device} \ - --netmask ${netmask} \ - --gateway ${gateway} \ - --cidr ${vhost_ip}/${mask} \ - --mac ${macaddr}", - } - -} diff --git a/contrail/manifests/vrouter/install.pp b/contrail/manifests/vrouter/install.pp deleted file mode 100644 index 49c5ba78d..000000000 --- a/contrail/manifests/vrouter/install.pp +++ /dev/null @@ -1,23 +0,0 @@ -# == Class: contrail::vrouter::install -# -# Install the vrouter service -# -# === Parameters: -# -# [*package_name*] -# (optional) Package name for vrouter -# -class contrail::vrouter::install ( - $package_name = $contrail::vrouter::package_name, -) { - - package { $package_name : - ensure => installed, - } - - file { '/opt/contrail/utils/update_dev_net_config_files.py' : - ensure => file, - source => 'puppet:///modules/contrail/vrouter/update_dev_net_config_files.py', - } - -} diff --git a/contrail/manifests/vrouter/provision_vrouter.pp b/contrail/manifests/vrouter/provision_vrouter.pp deleted file mode 100644 index f73d1a5f8..000000000 --- a/contrail/manifests/vrouter/provision_vrouter.pp +++ /dev/null @@ -1,63 +0,0 @@ -# == Class: contrail::vrouter::provision_vrouter -# -# Provision the vrouter -# -# === Parameters: -# -# [*api_address*] -# (optional) IP address of the Contrail API -# Defaults to '127.0.0.1' -# -# [*api_port*] -# (optional) Port of the Contrail API -# Defaults to 8082 -# -# [*node_address*] -# (optional) IP address of the vrouter agent -# Defaults to $::ipaddress -# -# [*node_name*] -# (optional) Hostname of the vrouter agent -# Defaults to $::hostname -# -# [*keystone_admin_user*] -# (optional) Keystone admin user -# Defaults to 'admin' -# -# [*keystone_admin_password*] -# (optional) Password for keystone admin user -# Defaults to 'password' -# -# [*keystone_admin_tenant_name*] -# (optional) Keystone admin tenant name -# Defaults to 'admin' -# -# [*oper*] -# (optional) Operation to run (add|del) -# Defaults to 'add' -# -class contrail::vrouter::provision_vrouter ( - $api_address = '127.0.0.1', - $api_port = 8082, - $node_address = $::ipaddress, - $node_name = $::hostname, - $keystone_admin_user = 'admin', - $keystone_admin_password = 'password', - $keystone_admin_tenant_name = 'admin', - $oper = 'add', -) { - - exec { "provision_vrouter.py ${node_name}" : - path => '/usr/bin', - command => "python /opt/contrail/utils/provision_vrouter.py \ - --host_name ${node_name} \ - --host_ip ${node_address} \ - --api_server_ip ${api_address} \ - --api_server_port ${api_port} \ - --admin_user ${keystone_admin_user} \ - --admin_password ${keystone_admin_password} \ - --admin_tenant ${keystone_admin_tenant_name} \ - --oper ${oper}", - } - -} diff --git a/contrail/manifests/vrouter/service.pp b/contrail/manifests/vrouter/service.pp deleted file mode 100644 index 62b41a893..000000000 --- a/contrail/manifests/vrouter/service.pp +++ /dev/null @@ -1,12 +0,0 @@ -# == Class: contrail::vrouter::service -# -# Manage the vrouter service -# -class contrail::vrouter::service { - - service {'supervisor-vrouter' : - ensure => running, - enable => true, - } - -} diff --git a/contrail/manifests/webui.pp b/contrail/manifests/webui.pp deleted file mode 100644 index c7c29d795..000000000 --- a/contrail/manifests/webui.pp +++ /dev/null @@ -1,20 +0,0 @@ -# == Class: contrail::webui -# -# Install and configure the webui service -# -# === Parameters: -# -# [*package_name*] -# (optional) Package name for webui -# -class contrail::webui ( - $package_name = $contrail::params::webui_package_name, -) inherits contrail::params { - - anchor {'contrail::webui::start': } -> - class {'::contrail::webui::install': } -> - class {'::contrail::webui::config': } ~> - class {'::contrail::webui::service': } - anchor {'contrail::webui::end': } - -} diff --git a/contrail/manifests/webui/config.pp b/contrail/manifests/webui/config.pp deleted file mode 100644 index 31f86dcbd..000000000 --- a/contrail/manifests/webui/config.pp +++ /dev/null @@ -1,45 +0,0 @@ -# == Class: contrail::webui::config -# -# Configure the webui service -# -# === Parameters: -# -# [*openstack_vip*] -# (optional) VIP for the Openstack services -# Defaults to '127.0.0.1' -# -# [*contrail_vip*] -# (optional) VIP for the Contrail services -# Defaults to '127.0.0.1' -# -# [*cassandra_ip*] -# (optional) Array of Cassandra IPs -# Defaults to ['127.0.0.1'] -# -# [*redis_ip*] -# (optional) Redis IP -# Defaults to '127.0.0.1' -# -# [*contrail_webui_http_port*] -# (optional) Port of the Contrail WebUI when using HTTP -# Defaults to 8080 -# -# [*contrail_webui_https_port*] -# (optional) Port of the Contrail WebUI when using HTTPS -# Defaults to 8143 -# -class contrail::webui::config ( - $openstack_vip = '127.0.0.1', - $contrail_vip = '127.0.0.1', - $cassandra_ip = ['127.0.0.1'], - $redis_ip = '127.0.0.1', - $contrail_webui_http_port = '8080', - $contrail_webui_https_port = '8143', -) { - - file { '/etc/contrail/config.global.js' : - ensure => file, - content => template('contrail/config.global.js.erb'), - } - -} diff --git a/contrail/manifests/webui/install.pp b/contrail/manifests/webui/install.pp deleted file mode 100644 index 8799806e3..000000000 --- a/contrail/manifests/webui/install.pp +++ /dev/null @@ -1,18 +0,0 @@ -# == Class: contrail::webui::install -# -# Install the webui service -# -# === Parameters: -# -# [*package_name*] -# (optional) Package name for webui -# -class contrail::webui::install ( - $package_name = $contrail::webui::package_name, -) { - - package { $package_name : - ensure => installed, - } - -} diff --git a/contrail/manifests/webui/service.pp b/contrail/manifests/webui/service.pp deleted file mode 100644 index 1e06043bb..000000000 --- a/contrail/manifests/webui/service.pp +++ /dev/null @@ -1,12 +0,0 @@ -# == Class: contrail::webui::service -# -# Manage the webui service -# -class contrail::webui::service { - - service {'supervisor-webui' : - ensure => running, - enable => true, - } - -} diff --git a/contrail/metadata.json b/contrail/metadata.json deleted file mode 100644 index b43de8378..000000000 --- a/contrail/metadata.json +++ /dev/null @@ -1,33 +0,0 @@ -{ - "name": "eNovance-contrail", - "version": "1.0.0", - "author": "Yanis Guenane, Sebastien Badia, and eNovance Contributors", - "summary": "Puppet module for Juniper OpenContrail", - "license": "Apache-2.0", - "source": "git://github.com/redhat-cip/puppet-contrail.git", - "project_page": "https://github.com/redhat-cip/puppet-contrail", - "issues_url": "https://github.com/redhat-cip/puppet-contrail/issues", - "description": "Installs and configures OpenContrail.", - "operatingsystem_support": [ - { - "operatingsystem": "Debian", - "operatingsystemrelease": ["8"] - }, - { - "operatingsystem": "Fedora", - "operatingsystemrelease": ["21","22"] - }, - { - "operatingsystem": "RedHat", - "operatingsystemrelease": ["7"] - }, - { - "operatingsystem": "Ubuntu", - "operatingsystemrelease": ["12.04","14.04"] - } - ], - "dependencies": [ - { "name": "puppetlabs/inifile", "version_requirement": ">=1.0.0 <2.0.0" }, - { "name": "puppetlabs/stdlib", "version_requirement": ">= 4.0.0 <5.0.0" } - ] -} diff --git a/contrail/spec/acceptance/nodesets/centos-59-x64.yml b/contrail/spec/acceptance/nodesets/centos-59-x64.yml deleted file mode 100644 index 2ad90b86a..000000000 --- a/contrail/spec/acceptance/nodesets/centos-59-x64.yml +++ /dev/null @@ -1,10 +0,0 @@ -HOSTS: - centos-59-x64: - roles: - - master - platform: el-5-x86_64 - box : centos-59-x64-vbox4210-nocm - box_url : http://puppet-vagrant-boxes.puppetlabs.com/centos-59-x64-vbox4210-nocm.box - hypervisor : vagrant -CONFIG: - type: git diff --git a/contrail/spec/acceptance/nodesets/centos-64-x64-pe.yml b/contrail/spec/acceptance/nodesets/centos-64-x64-pe.yml deleted file mode 100644 index 7d9242f1b..000000000 --- a/contrail/spec/acceptance/nodesets/centos-64-x64-pe.yml +++ /dev/null @@ -1,12 +0,0 @@ -HOSTS: - centos-64-x64: - roles: - - master - - database - - dashboard - platform: el-6-x86_64 - box : centos-64-x64-vbox4210-nocm - box_url : http://puppet-vagrant-boxes.puppetlabs.com/centos-64-x64-vbox4210-nocm.box - hypervisor : vagrant -CONFIG: - type: pe diff --git a/contrail/spec/acceptance/nodesets/centos-65-x64.yml b/contrail/spec/acceptance/nodesets/centos-65-x64.yml deleted file mode 100644 index 4e2cb809e..000000000 --- a/contrail/spec/acceptance/nodesets/centos-65-x64.yml +++ /dev/null @@ -1,10 +0,0 @@ -HOSTS: - centos-65-x64: - roles: - - master - platform: el-6-x86_64 - box : centos-65-x64-vbox436-nocm - box_url : http://puppet-vagrant-boxes.puppetlabs.com/centos-65-x64-virtualbox-nocm.box - hypervisor : vagrant -CONFIG: - type: foss diff --git a/contrail/spec/acceptance/nodesets/ubuntu-server-10044-x64.yml b/contrail/spec/acceptance/nodesets/ubuntu-server-10044-x64.yml deleted file mode 100644 index 5ca1514e4..000000000 --- a/contrail/spec/acceptance/nodesets/ubuntu-server-10044-x64.yml +++ /dev/null @@ -1,10 +0,0 @@ -HOSTS: - ubuntu-server-10044-x64: - roles: - - master - platform: ubuntu-10.04-amd64 - box : ubuntu-server-10044-x64-vbox4210-nocm - box_url : http://puppet-vagrant-boxes.puppetlabs.com/ubuntu-server-10044-x64-vbox4210-nocm.box - hypervisor : vagrant -CONFIG: - type: foss diff --git a/contrail/spec/acceptance/nodesets/ubuntu-server-12042-x64.yml b/contrail/spec/acceptance/nodesets/ubuntu-server-12042-x64.yml deleted file mode 100644 index d065b304f..000000000 --- a/contrail/spec/acceptance/nodesets/ubuntu-server-12042-x64.yml +++ /dev/null @@ -1,10 +0,0 @@ -HOSTS: - ubuntu-server-12042-x64: - roles: - - master - platform: ubuntu-12.04-amd64 - box : ubuntu-server-12042-x64-vbox4210-nocm - box_url : http://puppet-vagrant-boxes.puppetlabs.com/ubuntu-server-12042-x64-vbox4210-nocm.box - hypervisor : vagrant -CONFIG: - type: foss diff --git a/contrail/spec/acceptance/nodesets/ubuntu-server-1404-x64.yml b/contrail/spec/acceptance/nodesets/ubuntu-server-1404-x64.yml deleted file mode 100644 index cba1cd04c..000000000 --- a/contrail/spec/acceptance/nodesets/ubuntu-server-1404-x64.yml +++ /dev/null @@ -1,11 +0,0 @@ -HOSTS: - ubuntu-server-1404-x64: - roles: - - master - platform: ubuntu-14.04-amd64 - box : puppetlabs/ubuntu-14.04-64-nocm - box_url : https://vagrantcloud.com/puppetlabs/ubuntu-14.04-64-nocm - hypervisor : vagrant -CONFIG: - log_level : debug - type: git diff --git a/contrail/spec/classes/skel_spec.rb b/contrail/spec/classes/skel_spec.rb deleted file mode 100644 index f8ec36959..000000000 --- a/contrail/spec/classes/skel_spec.rb +++ /dev/null @@ -1 +0,0 @@ -require 'spec_helper' diff --git a/contrail/spec/shared_examples.rb b/contrail/spec/shared_examples.rb deleted file mode 100644 index fec0eacc9..000000000 --- a/contrail/spec/shared_examples.rb +++ /dev/null @@ -1,5 +0,0 @@ -shared_examples_for "a Puppet::Error" do |description| - it "with message matching #{description.inspect}" do - expect { is_expected.to have_class_count(1) }.to raise_error(Puppet::Error, description) - end -end diff --git a/contrail/spec/spec_helper.rb b/contrail/spec/spec_helper.rb deleted file mode 100644 index 595ac352a..000000000 --- a/contrail/spec/spec_helper.rb +++ /dev/null @@ -1,12 +0,0 @@ -# Managed by modulesync -# Configs https://github.com/sbadia/modulesync_configs/ -# -require 'puppetlabs_spec_helper/module_spec_helper' -require 'shared_examples' - -RSpec.configure do |c| - c.alias_it_should_behave_like_to :it_configures, 'configures' - c.alias_it_should_behave_like_to :it_raises, 'raises' -end - -at_exit { RSpec::Puppet::Coverage.report! } diff --git a/contrail/spec/unit/provider/contrail_alarm_gen_config/ini_setting_spec.rb b/contrail/spec/unit/provider/contrail_alarm_gen_config/ini_setting_spec.rb deleted file mode 100644 index 6e43efeb0..000000000 --- a/contrail/spec/unit/provider/contrail_alarm_gen_config/ini_setting_spec.rb +++ /dev/null @@ -1,37 +0,0 @@ -# these tests are a little concerning b/c they are hacking around the -# modulepath, so these tests will not catch issues that may eventually arise -# related to loading these plugins. -# I could not, for the life of me, figure out how to programatcally set the modulepath -$LOAD_PATH.push( - File.join( - File.dirname(__FILE__), - '..', - '..', - '..', - 'fixtures', - 'modules', - 'inifile', - 'lib') -) -require 'spec_helper' -provider_class = Puppet::Type.type(:contrail_alarm_gen_config).provider(:ini_setting) -describe provider_class do - - it 'should default to the default setting when no other one is specified' do - resource = Puppet::Type::Contrail_alarm_gen_config.new( - {:name => 'DEFAULT/foo', :value => 'bar'} - ) - provider = provider_class.new(resource) - expect(provider.section).to eq('DEFAULT') - expect(provider.setting).to eq('foo') - end - - it 'should allow setting to be set explicitly' do - resource = Puppet::Type::Contrail_alarm_gen_config.new( - {:name => 'dude/foo', :value => 'bar'} - ) - provider = provider_class.new(resource) - expect(provider.section).to eq('dude') - expect(provider.setting).to eq('foo') - end -end diff --git a/contrail/spec/unit/provider/contrail_analytics_api_config/ini_setting_spec.rb b/contrail/spec/unit/provider/contrail_analytics_api_config/ini_setting_spec.rb deleted file mode 100644 index 4dac334c1..000000000 --- a/contrail/spec/unit/provider/contrail_analytics_api_config/ini_setting_spec.rb +++ /dev/null @@ -1,37 +0,0 @@ -# these tests are a little concerning b/c they are hacking around the -# modulepath, so these tests will not catch issues that may eventually arise -# related to loading these plugins. -# I could not, for the life of me, figure out how to programatcally set the modulepath -$LOAD_PATH.push( - File.join( - File.dirname(__FILE__), - '..', - '..', - '..', - 'fixtures', - 'modules', - 'inifile', - 'lib') -) -require 'spec_helper' -provider_class = Puppet::Type.type(:contrail_analytics_api_config).provider(:ini_setting) -describe provider_class do - - it 'should default to the default setting when no other one is specified' do - resource = Puppet::Type::Contrail_analytics_api_config.new( - {:name => 'DEFAULT/foo', :value => 'bar'} - ) - provider = provider_class.new(resource) - expect(provider.section).to eq('DEFAULT') - expect(provider.setting).to eq('foo') - end - - it 'should allow setting to be set explicitly' do - resource = Puppet::Type::Contrail_analytics_api_config.new( - {:name => 'dude/foo', :value => 'bar'} - ) - provider = provider_class.new(resource) - expect(provider.section).to eq('dude') - expect(provider.setting).to eq('foo') - end -end diff --git a/contrail/spec/unit/provider/contrail_analytics_nodemgr_config/ini_setting_spec.rb b/contrail/spec/unit/provider/contrail_analytics_nodemgr_config/ini_setting_spec.rb deleted file mode 100644 index a2c575bb1..000000000 --- a/contrail/spec/unit/provider/contrail_analytics_nodemgr_config/ini_setting_spec.rb +++ /dev/null @@ -1,37 +0,0 @@ -# these tests are a little concerning b/c they are hacking around the -# modulepath, so these tests will not catch issues that may eventually arise -# related to loading these plugins. -# I could not, for the life of me, figure out how to programatcally set the modulepath -$LOAD_PATH.push( - File.join( - File.dirname(__FILE__), - '..', - '..', - '..', - 'fixtures', - 'modules', - 'inifile', - 'lib') -) -require 'spec_helper' -provider_class = Puppet::Type.type(:contrail_analytics_nodemgr_config).provider(:ini_setting) -describe provider_class do - - it 'should default to the default setting when no other one is specified' do - resource = Puppet::Type::Contrail_analytics_nodemgr_config.new( - {:name => 'DEFAULT/foo', :value => 'bar'} - ) - provider = provider_class.new(resource) - expect(provider.section).to eq('DEFAULT') - expect(provider.setting).to eq('foo') - end - - it 'should allow setting to be set explicitly' do - resource = Puppet::Type::Contrail_analytics_nodemgr_config.new( - {:name => 'dude/foo', :value => 'bar'} - ) - provider = provider_class.new(resource) - expect(provider.section).to eq('dude') - expect(provider.setting).to eq('foo') - end -end diff --git a/contrail/spec/unit/provider/contrail_api_config/ini_setting_spec.rb b/contrail/spec/unit/provider/contrail_api_config/ini_setting_spec.rb deleted file mode 100644 index 10ccfdbdc..000000000 --- a/contrail/spec/unit/provider/contrail_api_config/ini_setting_spec.rb +++ /dev/null @@ -1,37 +0,0 @@ -# these tests are a little concerning b/c they are hacking around the -# modulepath, so these tests will not catch issues that may eventually arise -# related to loading these plugins. -# I could not, for the life of me, figure out how to programatcally set the modulepath -$LOAD_PATH.push( - File.join( - File.dirname(__FILE__), - '..', - '..', - '..', - 'fixtures', - 'modules', - 'inifile', - 'lib') -) -require 'spec_helper' -provider_class = Puppet::Type.type(:contrail_api_config).provider(:ini_setting) -describe provider_class do - - it 'should default to the default setting when no other one is specified' do - resource = Puppet::Type::Contrail_api_config.new( - {:name => 'DEFAULT/foo', :value => 'bar'} - ) - provider = provider_class.new(resource) - expect(provider.section).to eq('DEFAULT') - expect(provider.setting).to eq('foo') - end - - it 'should allow setting to be set explicitly' do - resource = Puppet::Type::Contrail_api_config.new( - {:name => 'dude/foo', :value => 'bar'} - ) - provider = provider_class.new(resource) - expect(provider.section).to eq('dude') - expect(provider.setting).to eq('foo') - end -end diff --git a/contrail/spec/unit/provider/contrail_collector_config/ini_setting_spec.rb b/contrail/spec/unit/provider/contrail_collector_config/ini_setting_spec.rb deleted file mode 100644 index ae9d77e89..000000000 --- a/contrail/spec/unit/provider/contrail_collector_config/ini_setting_spec.rb +++ /dev/null @@ -1,37 +0,0 @@ -# these tests are a little concerning b/c they are hacking around the -# modulepath, so these tests will not catch issues that may eventually arise -# related to loading these plugins. -# I could not, for the life of me, figure out how to programatcally set the modulepath -$LOAD_PATH.push( - File.join( - File.dirname(__FILE__), - '..', - '..', - '..', - 'fixtures', - 'modules', - 'inifile', - 'lib') -) -require 'spec_helper' -provider_class = Puppet::Type.type(:contrail_collector_config).provider(:ini_setting) -describe provider_class do - - it 'should default to the default setting when no other one is specified' do - resource = Puppet::Type::Contrail_collector_config.new( - {:name => 'DEFAULT/foo', :value => 'bar'} - ) - provider = provider_class.new(resource) - expect(provider.section).to eq('DEFAULT') - expect(provider.setting).to eq('foo') - end - - it 'should allow setting to be set explicitly' do - resource = Puppet::Type::Contrail_collector_config.new( - {:name => 'dude/foo', :value => 'bar'} - ) - provider = provider_class.new(resource) - expect(provider.section).to eq('dude') - expect(provider.setting).to eq('foo') - end -end diff --git a/contrail/spec/unit/provider/contrail_config_nodemgr_config/ini_setting_spec.rb b/contrail/spec/unit/provider/contrail_config_nodemgr_config/ini_setting_spec.rb deleted file mode 100644 index 03e788f6b..000000000 --- a/contrail/spec/unit/provider/contrail_config_nodemgr_config/ini_setting_spec.rb +++ /dev/null @@ -1,37 +0,0 @@ -# these tests are a little concerning b/c they are hacking around the -# modulepath, so these tests will not catch issues that may eventually arise -# related to loading these plugins. -# I could not, for the life of me, figure out how to programatcally set the modulepath -$LOAD_PATH.push( - File.join( - File.dirname(__FILE__), - '..', - '..', - '..', - 'fixtures', - 'modules', - 'inifile', - 'lib') -) -require 'spec_helper' -provider_class = Puppet::Type.type(:contrail_config_nodemgr_config).provider(:ini_setting) -describe provider_class do - - it 'should default to the default setting when no other one is specified' do - resource = Puppet::Type::Contrail_config_nodemgr_config.new( - {:name => 'DEFAULT/foo', :value => 'bar'} - ) - provider = provider_class.new(resource) - expect(provider.section).to eq('DEFAULT') - expect(provider.setting).to eq('foo') - end - - it 'should allow setting to be set explicitly' do - resource = Puppet::Type::Contrail_config_nodemgr_config.new( - {:name => 'dude/foo', :value => 'bar'} - ) - provider = provider_class.new(resource) - expect(provider.section).to eq('dude') - expect(provider.setting).to eq('foo') - end -end diff --git a/contrail/spec/unit/provider/contrail_control_config/ini_setting_spec.rb b/contrail/spec/unit/provider/contrail_control_config/ini_setting_spec.rb deleted file mode 100644 index e650f24de..000000000 --- a/contrail/spec/unit/provider/contrail_control_config/ini_setting_spec.rb +++ /dev/null @@ -1,37 +0,0 @@ -# these tests are a little concerning b/c they are hacking around the -# modulepath, so these tests will not catch issues that may eventually arise -# related to loading these plugins. -# I could not, for the life of me, figure out how to programatcally set the modulepath -$LOAD_PATH.push( - File.join( - File.dirname(__FILE__), - '..', - '..', - '..', - 'fixtures', - 'modules', - 'inifile', - 'lib') -) -require 'spec_helper' -provider_class = Puppet::Type.type(:contrail_control_config).provider(:ini_setting) -describe provider_class do - - it 'should default to the default setting when no other one is specified' do - resource = Puppet::Type::Contrail_control_config.new( - {:name => 'DEFAULT/foo', :value => 'bar'} - ) - provider = provider_class.new(resource) - expect(provider.section).to eq('DEFAULT') - expect(provider.setting).to eq('foo') - end - - it 'should allow setting to be set explicitly' do - resource = Puppet::Type::Contrail_control_config.new( - {:name => 'dude/foo', :value => 'bar'} - ) - provider = provider_class.new(resource) - expect(provider.section).to eq('dude') - expect(provider.setting).to eq('foo') - end -end diff --git a/contrail/spec/unit/provider/contrail_control_nodemgr_config/ini_setting_spec.rb b/contrail/spec/unit/provider/contrail_control_nodemgr_config/ini_setting_spec.rb deleted file mode 100644 index 0fcb42fcf..000000000 --- a/contrail/spec/unit/provider/contrail_control_nodemgr_config/ini_setting_spec.rb +++ /dev/null @@ -1,37 +0,0 @@ -# these tests are a little concerning b/c they are hacking around the -# modulepath, so these tests will not catch issues that may eventually arise -# related to loading these plugins. -# I could not, for the life of me, figure out how to programatcally set the modulepath -$LOAD_PATH.push( - File.join( - File.dirname(__FILE__), - '..', - '..', - '..', - 'fixtures', - 'modules', - 'inifile', - 'lib') -) -require 'spec_helper' -provider_class = Puppet::Type.type(:contrail_control_nodemgr_config).provider(:ini_setting) -describe provider_class do - - it 'should default to the default setting when no other one is specified' do - resource = Puppet::Type::Contrail_control_nodemgr_config.new( - {:name => 'DEFAULT/foo', :value => 'bar'} - ) - provider = provider_class.new(resource) - expect(provider.section).to eq('DEFAULT') - expect(provider.setting).to eq('foo') - end - - it 'should allow setting to be set explicitly' do - resource = Puppet::Type::Contrail_control_nodemgr_config.new( - {:name => 'dude/foo', :value => 'bar'} - ) - provider = provider_class.new(resource) - expect(provider.section).to eq('dude') - expect(provider.setting).to eq('foo') - end -end diff --git a/contrail/spec/unit/provider/contrail_database_nodemgr_config/ini_setting_spec.rb b/contrail/spec/unit/provider/contrail_database_nodemgr_config/ini_setting_spec.rb deleted file mode 100644 index eb2b9d765..000000000 --- a/contrail/spec/unit/provider/contrail_database_nodemgr_config/ini_setting_spec.rb +++ /dev/null @@ -1,37 +0,0 @@ -# these tests are a little concerning b/c they are hacking around the -# modulepath, so these tests will not catch issues that may eventually arise -# related to loading these plugins. -# I could not, for the life of me, figure out how to programatcally set the modulepath -$LOAD_PATH.push( - File.join( - File.dirname(__FILE__), - '..', - '..', - '..', - 'fixtures', - 'modules', - 'inifile', - 'lib') -) -require 'spec_helper' -provider_class = Puppet::Type.type(:contrail_database_nodemgr_config).provider(:ini_setting) -describe provider_class do - - it 'should default to the default setting when no other one is specified' do - resource = Puppet::Type::Contrail_database_nodemgr_config.new( - {:name => 'DEFAULT/foo', :value => 'bar'} - ) - provider = provider_class.new(resource) - expect(provider.section).to eq('DEFAULT') - expect(provider.setting).to eq('foo') - end - - it 'should allow setting to be set explicitly' do - resource = Puppet::Type::Contrail_database_nodemgr_config.new( - {:name => 'dude/foo', :value => 'bar'} - ) - provider = provider_class.new(resource) - expect(provider.section).to eq('dude') - expect(provider.setting).to eq('foo') - end -end diff --git a/contrail/spec/unit/provider/contrail_device_manager_config/ini_setting_spec.rb b/contrail/spec/unit/provider/contrail_device_manager_config/ini_setting_spec.rb deleted file mode 100644 index 6389ee945..000000000 --- a/contrail/spec/unit/provider/contrail_device_manager_config/ini_setting_spec.rb +++ /dev/null @@ -1,37 +0,0 @@ -# these tests are a little concerning b/c they are hacking around the -# modulepath, so these tests will not catch issues that may eventually arise -# related to loading these plugins. -# I could not, for the life of me, figure out how to programatcally set the modulepath -$LOAD_PATH.push( - File.join( - File.dirname(__FILE__), - '..', - '..', - '..', - 'fixtures', - 'modules', - 'inifile', - 'lib') -) -require 'spec_helper' -provider_class = Puppet::Type.type(:contrail_device_manager_config).provider(:ini_setting) -describe provider_class do - - it 'should default to the default setting when no other one is specified' do - resource = Puppet::Type::Contrail_device_manager_config.new( - {:name => 'DEFAULT/foo', :value => 'bar'} - ) - provider = provider_class.new(resource) - expect(provider.section).to eq('DEFAULT') - expect(provider.setting).to eq('foo') - end - - it 'should allow setting to be set explicitly' do - resource = Puppet::Type::Contrail_device_manager_config.new( - {:name => 'dude/foo', :value => 'bar'} - ) - provider = provider_class.new(resource) - expect(provider.section).to eq('dude') - expect(provider.setting).to eq('foo') - end -end diff --git a/contrail/spec/unit/provider/contrail_discovery_config/ini_setting_spec.rb b/contrail/spec/unit/provider/contrail_discovery_config/ini_setting_spec.rb deleted file mode 100644 index 77cdccb04..000000000 --- a/contrail/spec/unit/provider/contrail_discovery_config/ini_setting_spec.rb +++ /dev/null @@ -1,37 +0,0 @@ -# these tests are a little concerning b/c they are hacking around the -# modulepath, so these tests will not catch issues that may eventually arise -# related to loading these plugins. -# I could not, for the life of me, figure out how to programatcally set the modulepath -$LOAD_PATH.push( - File.join( - File.dirname(__FILE__), - '..', - '..', - '..', - 'fixtures', - 'modules', - 'inifile', - 'lib') -) -require 'spec_helper' -provider_class = Puppet::Type.type(:contrail_discovery_config).provider(:ini_setting) -describe provider_class do - - it 'should default to the default setting when no other one is specified' do - resource = Puppet::Type::Contrail_discovery_config.new( - {:name => 'DEFAULT/foo', :value => 'bar'} - ) - provider = provider_class.new(resource) - expect(provider.section).to eq('DEFAULT') - expect(provider.setting).to eq('foo') - end - - it 'should allow setting to be set explicitly' do - resource = Puppet::Type::Contrail_discovery_config.new( - {:name => 'dude/foo', :value => 'bar'} - ) - provider = provider_class.new(resource) - expect(provider.section).to eq('dude') - expect(provider.setting).to eq('foo') - end -end diff --git a/contrail/spec/unit/provider/contrail_dns_config/ini_setting_spec.rb b/contrail/spec/unit/provider/contrail_dns_config/ini_setting_spec.rb deleted file mode 100644 index ce2c1c618..000000000 --- a/contrail/spec/unit/provider/contrail_dns_config/ini_setting_spec.rb +++ /dev/null @@ -1,37 +0,0 @@ -# these tests are a little concerning b/c they are hacking around the -# modulepath, so these tests will not catch issues that may eventually arise -# related to loading these plugins. -# I could not, for the life of me, figure out how to programatcally set the modulepath -$LOAD_PATH.push( - File.join( - File.dirname(__FILE__), - '..', - '..', - '..', - 'fixtures', - 'modules', - 'inifile', - 'lib') -) -require 'spec_helper' -provider_class = Puppet::Type.type(:contrail_dns_config).provider(:ini_setting) -describe provider_class do - - it 'should default to the default setting when no other one is specified' do - resource = Puppet::Type::Contrail_dns_config.new( - {:name => 'DEFAULT/foo', :value => 'bar'} - ) - provider = provider_class.new(resource) - expect(provider.section).to eq('DEFAULT') - expect(provider.setting).to eq('foo') - end - - it 'should allow setting to be set explicitly' do - resource = Puppet::Type::Contrail_dns_config.new( - {:name => 'dude/foo', :value => 'bar'} - ) - provider = provider_class.new(resource) - expect(provider.section).to eq('dude') - expect(provider.setting).to eq('foo') - end -end diff --git a/contrail/spec/unit/provider/contrail_keystone_auth_config/ini_setting_spec.rb b/contrail/spec/unit/provider/contrail_keystone_auth_config/ini_setting_spec.rb deleted file mode 100644 index 117d56ee6..000000000 --- a/contrail/spec/unit/provider/contrail_keystone_auth_config/ini_setting_spec.rb +++ /dev/null @@ -1,37 +0,0 @@ -# these tests are a little concerning b/c they are hacking around the -# modulepath, so these tests will not catch issues that may eventually arise -# related to loading these plugins. -# I could not, for the life of me, figure out how to programatcally set the modulepath -$LOAD_PATH.push( - File.join( - File.dirname(__FILE__), - '..', - '..', - '..', - 'fixtures', - 'modules', - 'inifile', - 'lib') -) -require 'spec_helper' -provider_class = Puppet::Type.type(:contrail_keystone_auth_config).provider(:ini_setting) -describe provider_class do - - it 'should default to the default setting when no other one is specified' do - resource = Puppet::Type::Contrail_keystone_auth_config.new( - {:name => 'DEFAULT/foo', :value => 'bar'} - ) - provider = provider_class.new(resource) - expect(provider.section).to eq('DEFAULT') - expect(provider.setting).to eq('foo') - end - - it 'should allow setting to be set explicitly' do - resource = Puppet::Type::Contrail_keystone_auth_config.new( - {:name => 'dude/foo', :value => 'bar'} - ) - provider = provider_class.new(resource) - expect(provider.section).to eq('dude') - expect(provider.setting).to eq('foo') - end -end diff --git a/contrail/spec/unit/provider/contrail_keystone_config/ini_setting_spec.rb b/contrail/spec/unit/provider/contrail_keystone_config/ini_setting_spec.rb deleted file mode 100644 index 2ac138a40..000000000 --- a/contrail/spec/unit/provider/contrail_keystone_config/ini_setting_spec.rb +++ /dev/null @@ -1,37 +0,0 @@ -# these tests are a little concerning b/c they are hacking around the -# modulepath, so these tests will not catch issues that may eventually arise -# related to loading these plugins. -# I could not, for the life of me, figure out how to programatcally set the modulepath -$LOAD_PATH.push( - File.join( - File.dirname(__FILE__), - '..', - '..', - '..', - 'fixtures', - 'modules', - 'inifile', - 'lib') -) -require 'spec_helper' -provider_class = Puppet::Type.type(:contrail_keystone_config).provider(:ini_setting) -describe provider_class do - - it 'should default to the default setting when no other one is specified' do - resource = Puppet::Type::Contrail_keystone_config.new( - {:name => 'DEFAULT/foo', :value => 'bar'} - ) - provider = provider_class.new(resource) - expect(provider.section).to eq('DEFAULT') - expect(provider.setting).to eq('foo') - end - - it 'should allow setting to be set explicitly' do - resource = Puppet::Type::Contrail_keystone_config.new( - {:name => 'dude/foo', :value => 'bar'} - ) - provider = provider_class.new(resource) - expect(provider.section).to eq('dude') - expect(provider.setting).to eq('foo') - end -end diff --git a/contrail/spec/unit/provider/contrail_query_engine_config/ini_setting_spec.rb b/contrail/spec/unit/provider/contrail_query_engine_config/ini_setting_spec.rb deleted file mode 100644 index db1ca62ec..000000000 --- a/contrail/spec/unit/provider/contrail_query_engine_config/ini_setting_spec.rb +++ /dev/null @@ -1,37 +0,0 @@ -# these tests are a little concerning b/c they are hacking around the -# modulepath, so these tests will not catch issues that may eventually arise -# related to loading these plugins. -# I could not, for the life of me, figure out how to programatcally set the modulepath -$LOAD_PATH.push( - File.join( - File.dirname(__FILE__), - '..', - '..', - '..', - 'fixtures', - 'modules', - 'inifile', - 'lib') -) -require 'spec_helper' -provider_class = Puppet::Type.type(:contrail_query_engine_config).provider(:ini_setting) -describe provider_class do - - it 'should default to the default setting when no other one is specified' do - resource = Puppet::Type::Contrail_query_engine_config.new( - {:name => 'DEFAULT/foo', :value => 'bar'} - ) - provider = provider_class.new(resource) - expect(provider.section).to eq('DEFAULT') - expect(provider.setting).to eq('foo') - end - - it 'should allow setting to be set explicitly' do - resource = Puppet::Type::Contrail_query_engine_config.new( - {:name => 'dude/foo', :value => 'bar'} - ) - provider = provider_class.new(resource) - expect(provider.section).to eq('dude') - expect(provider.setting).to eq('foo') - end -end diff --git a/contrail/spec/unit/provider/contrail_schema_config/ini_setting_spec.rb b/contrail/spec/unit/provider/contrail_schema_config/ini_setting_spec.rb deleted file mode 100644 index d73094826..000000000 --- a/contrail/spec/unit/provider/contrail_schema_config/ini_setting_spec.rb +++ /dev/null @@ -1,37 +0,0 @@ -# these tests are a little concerning b/c they are hacking around the -# modulepath, so these tests will not catch issues that may eventually arise -# related to loading these plugins. -# I could not, for the life of me, figure out how to programatcally set the modulepath -$LOAD_PATH.push( - File.join( - File.dirname(__FILE__), - '..', - '..', - '..', - 'fixtures', - 'modules', - 'inifile', - 'lib') -) -require 'spec_helper' -provider_class = Puppet::Type.type(:contrail_schema_config).provider(:ini_setting) -describe provider_class do - - it 'should default to the default setting when no other one is specified' do - resource = Puppet::Type::Contrail_schema_config.new( - {:name => 'DEFAULT/foo', :value => 'bar'} - ) - provider = provider_class.new(resource) - expect(provider.section).to eq('DEFAULT') - expect(provider.setting).to eq('foo') - end - - it 'should allow setting to be set explicitly' do - resource = Puppet::Type::Contrail_schema_config.new( - {:name => 'dude/foo', :value => 'bar'} - ) - provider = provider_class.new(resource) - expect(provider.section).to eq('dude') - expect(provider.setting).to eq('foo') - end -end diff --git a/contrail/spec/unit/provider/contrail_snmp_collector_config/ini_setting_spec.rb b/contrail/spec/unit/provider/contrail_snmp_collector_config/ini_setting_spec.rb deleted file mode 100644 index 591c861f8..000000000 --- a/contrail/spec/unit/provider/contrail_snmp_collector_config/ini_setting_spec.rb +++ /dev/null @@ -1,37 +0,0 @@ -# these tests are a little concerning b/c they are hacking around the -# modulepath, so these tests will not catch issues that may eventually arise -# related to loading these plugins. -# I could not, for the life of me, figure out how to programatcally set the modulepath -$LOAD_PATH.push( - File.join( - File.dirname(__FILE__), - '..', - '..', - '..', - 'fixtures', - 'modules', - 'inifile', - 'lib') -) -require 'spec_helper' -provider_class = Puppet::Type.type(:contrail_snmp_collector_config).provider(:ini_setting) -describe provider_class do - - it 'should default to the default setting when no other one is specified' do - resource = Puppet::Type::Contrail_snmp_collector_config.new( - {:name => 'DEFAULT/foo', :value => 'bar'} - ) - provider = provider_class.new(resource) - expect(provider.section).to eq('DEFAULT') - expect(provider.setting).to eq('foo') - end - - it 'should allow setting to be set explicitly' do - resource = Puppet::Type::Contrail_snmp_collector_config.new( - {:name => 'dude/foo', :value => 'bar'} - ) - provider = provider_class.new(resource) - expect(provider.section).to eq('dude') - expect(provider.setting).to eq('foo') - end -end diff --git a/contrail/spec/unit/provider/contrail_svc_monitor_config/ini_setting_spec.rb b/contrail/spec/unit/provider/contrail_svc_monitor_config/ini_setting_spec.rb deleted file mode 100644 index 038c7968d..000000000 --- a/contrail/spec/unit/provider/contrail_svc_monitor_config/ini_setting_spec.rb +++ /dev/null @@ -1,37 +0,0 @@ -# these tests are a little concerning b/c they are hacking around the -# modulepath, so these tests will not catch issues that may eventually arise -# related to loading these plugins. -# I could not, for the life of me, figure out how to programatcally set the modulepath -$LOAD_PATH.push( - File.join( - File.dirname(__FILE__), - '..', - '..', - '..', - 'fixtures', - 'modules', - 'inifile', - 'lib') -) -require 'spec_helper' -provider_class = Puppet::Type.type(:contrail_svc_monitor_config).provider(:ini_setting) -describe provider_class do - - it 'should default to the default setting when no other one is specified' do - resource = Puppet::Type::Contrail_svc_monitor_config.new( - {:name => 'DEFAULT/foo', :value => 'bar'} - ) - provider = provider_class.new(resource) - expect(provider.section).to eq('DEFAULT') - expect(provider.setting).to eq('foo') - end - - it 'should allow setting to be set explicitly' do - resource = Puppet::Type::Contrail_svc_monitor_config.new( - {:name => 'dude/foo', :value => 'bar'} - ) - provider = provider_class.new(resource) - expect(provider.section).to eq('dude') - expect(provider.setting).to eq('foo') - end -end diff --git a/contrail/spec/unit/provider/contrail_topology_config/ini_setting_spec.rb b/contrail/spec/unit/provider/contrail_topology_config/ini_setting_spec.rb deleted file mode 100644 index 8486e197c..000000000 --- a/contrail/spec/unit/provider/contrail_topology_config/ini_setting_spec.rb +++ /dev/null @@ -1,37 +0,0 @@ -# these tests are a little concerning b/c they are hacking around the -# modulepath, so these tests will not catch issues that may eventually arise -# related to loading these plugins. -# I could not, for the life of me, figure out how to programatcally set the modulepath -$LOAD_PATH.push( - File.join( - File.dirname(__FILE__), - '..', - '..', - '..', - 'fixtures', - 'modules', - 'inifile', - 'lib') -) -require 'spec_helper' -provider_class = Puppet::Type.type(:contrail_topology_config).provider(:ini_setting) -describe provider_class do - - it 'should default to the default setting when no other one is specified' do - resource = Puppet::Type::Contrail_topology_config.new( - {:name => 'DEFAULT/foo', :value => 'bar'} - ) - provider = provider_class.new(resource) - expect(provider.section).to eq('DEFAULT') - expect(provider.setting).to eq('foo') - end - - it 'should allow setting to be set explicitly' do - resource = Puppet::Type::Contrail_topology_config.new( - {:name => 'dude/foo', :value => 'bar'} - ) - provider = provider_class.new(resource) - expect(provider.section).to eq('dude') - expect(provider.setting).to eq('foo') - end -end diff --git a/contrail/spec/unit/provider/contrail_vnc_api_config/ini_setting_spec.rb b/contrail/spec/unit/provider/contrail_vnc_api_config/ini_setting_spec.rb deleted file mode 100644 index bb5d55759..000000000 --- a/contrail/spec/unit/provider/contrail_vnc_api_config/ini_setting_spec.rb +++ /dev/null @@ -1,37 +0,0 @@ -# these tests are a little concerning b/c they are hacking around the -# modulepath, so these tests will not catch issues that may eventually arise -# related to loading these plugins. -# I could not, for the life of me, figure out how to programatcally set the modulepath -$LOAD_PATH.push( - File.join( - File.dirname(__FILE__), - '..', - '..', - '..', - 'fixtures', - 'modules', - 'inifile', - 'lib') -) -require 'spec_helper' -provider_class = Puppet::Type.type(:contrail_vnc_api_config).provider(:ini_setting) -describe provider_class do - - it 'should default to the default setting when no other one is specified' do - resource = Puppet::Type::Contrail_vnc_api_config.new( - {:name => 'DEFAULT/foo', :value => 'bar'} - ) - provider = provider_class.new(resource) - expect(provider.section).to eq('DEFAULT') - expect(provider.setting).to eq('foo') - end - - it 'should allow setting to be set explicitly' do - resource = Puppet::Type::Contrail_vnc_api_config.new( - {:name => 'dude/foo', :value => 'bar'} - ) - provider = provider_class.new(resource) - expect(provider.section).to eq('dude') - expect(provider.setting).to eq('foo') - end -end diff --git a/contrail/spec/unit/provider/contrail_vrouter_agent_config/ini_setting_spec.rb b/contrail/spec/unit/provider/contrail_vrouter_agent_config/ini_setting_spec.rb deleted file mode 100644 index 69d518638..000000000 --- a/contrail/spec/unit/provider/contrail_vrouter_agent_config/ini_setting_spec.rb +++ /dev/null @@ -1,37 +0,0 @@ -# these tests are a little concerning b/c they are hacking around the -# modulepath, so these tests will not catch issues that may eventually arise -# related to loading these plugins. -# I could not, for the life of me, figure out how to programatcally set the modulepath -$LOAD_PATH.push( - File.join( - File.dirname(__FILE__), - '..', - '..', - '..', - 'fixtures', - 'modules', - 'inifile', - 'lib') -) -require 'spec_helper' -provider_class = Puppet::Type.type(:contrail_vrouter_agent_config).provider(:ini_setting) -describe provider_class do - - it 'should default to the default setting when no other one is specified' do - resource = Puppet::Type::Contrail_vrouter_agent_config.new( - {:name => 'DEFAULT/foo', :value => 'bar'} - ) - provider = provider_class.new(resource) - expect(provider.section).to eq('DEFAULT') - expect(provider.setting).to eq('foo') - end - - it 'should allow setting to be set explicitly' do - resource = Puppet::Type::Contrail_vrouter_agent_config.new( - {:name => 'dude/foo', :value => 'bar'} - ) - provider = provider_class.new(resource) - expect(provider.section).to eq('dude') - expect(provider.setting).to eq('foo') - end -end diff --git a/contrail/spec/unit/provider/contrail_vrouter_nodemgr_config/ini_setting_spec.rb b/contrail/spec/unit/provider/contrail_vrouter_nodemgr_config/ini_setting_spec.rb deleted file mode 100644 index 675aa5e8b..000000000 --- a/contrail/spec/unit/provider/contrail_vrouter_nodemgr_config/ini_setting_spec.rb +++ /dev/null @@ -1,37 +0,0 @@ -# these tests are a little concerning b/c they are hacking around the -# modulepath, so these tests will not catch issues that may eventually arise -# related to loading these plugins. -# I could not, for the life of me, figure out how to programatcally set the modulepath -$LOAD_PATH.push( - File.join( - File.dirname(__FILE__), - '..', - '..', - '..', - 'fixtures', - 'modules', - 'inifile', - 'lib') -) -require 'spec_helper' -provider_class = Puppet::Type.type(:contrail_vrouter_nodemgr_config).provider(:ini_setting) -describe provider_class do - - it 'should default to the default setting when no other one is specified' do - resource = Puppet::Type::Contrail_vrouter_nodemgr_config.new( - {:name => 'DEFAULT/foo', :value => 'bar'} - ) - provider = provider_class.new(resource) - expect(provider.section).to eq('DEFAULT') - expect(provider.setting).to eq('foo') - end - - it 'should allow setting to be set explicitly' do - resource = Puppet::Type::Contrail_vrouter_nodemgr_config.new( - {:name => 'dude/foo', :value => 'bar'} - ) - provider = provider_class.new(resource) - expect(provider.section).to eq('dude') - expect(provider.setting).to eq('foo') - end -end diff --git a/contrail/spec/unit/type/contrail_alarm_gen_config_spec.rb b/contrail/spec/unit/type/contrail_alarm_gen_config_spec.rb deleted file mode 100644 index 05045c865..000000000 --- a/contrail/spec/unit/type/contrail_alarm_gen_config_spec.rb +++ /dev/null @@ -1,52 +0,0 @@ -require 'puppet' -require 'puppet/type/contrail_alarm_gen_config' -describe 'Puppet::Type.type(:contrail_alarm_gen_config)' do - before :each do - @contrail_alarm_gen_config = Puppet::Type.type(:contrail_alarm_gen_config).new(:name => 'DEFAULT/foo', :value => 'bar') - end - - it 'should require a name' do - expect { - Puppet::Type.type(:contrail_alarm_gen_config).new({}) - }.to raise_error(Puppet::Error, 'Title or name must be provided') - end - - it 'should not expect a name with whitespace' do - expect { - Puppet::Type.type(:contrail_alarm_gen_config).new(:name => 'f oo') - }.to raise_error(Puppet::Error, /Parameter name failed/) - end - - it 'should fail when there is no section' do - expect { - Puppet::Type.type(:contrail_alarm_gen_config).new(:name => 'foo') - }.to raise_error(Puppet::Error, /Parameter name failed/) - end - - it 'should not require a value when ensure is absent' do - Puppet::Type.type(:contrail_alarm_gen_config).new(:name => 'DEFAULT/foo', :ensure => :absent) - end - - it 'should accept a valid value' do - @contrail_alarm_gen_config[:value] = 'bar' - expect(@contrail_alarm_gen_config[:value]).to eq('bar') - end - - it 'should not accept a value with whitespace' do - @contrail_alarm_gen_config[:value] = 'b ar' - expect(@contrail_alarm_gen_config[:value]).to eq('b ar') - end - - it 'should accept valid ensure values' do - @contrail_alarm_gen_config[:ensure] = :present - expect(@contrail_alarm_gen_config[:ensure]).to eq(:present) - @contrail_alarm_gen_config[:ensure] = :absent - expect(@contrail_alarm_gen_config[:ensure]).to eq(:absent) - end - - it 'should not accept invalid ensure values' do - expect { - @contrail_alarm_gen_config[:ensure] = :latest - }.to raise_error(Puppet::Error, /Invalid value/) - end -end diff --git a/contrail/spec/unit/type/contrail_analytics_api_config_spec.rb b/contrail/spec/unit/type/contrail_analytics_api_config_spec.rb deleted file mode 100644 index 24b89c2a9..000000000 --- a/contrail/spec/unit/type/contrail_analytics_api_config_spec.rb +++ /dev/null @@ -1,52 +0,0 @@ -require 'puppet' -require 'puppet/type/contrail_analytics_api_config' -describe 'Puppet::Type.type(:contrail_analytics_api_config)' do - before :each do - @contrail_analytics_api_config = Puppet::Type.type(:contrail_analytics_api_config).new(:name => 'DEFAULT/foo', :value => 'bar') - end - - it 'should require a name' do - expect { - Puppet::Type.type(:contrail_analytics_api_config).new({}) - }.to raise_error(Puppet::Error, 'Title or name must be provided') - end - - it 'should not expect a name with whitespace' do - expect { - Puppet::Type.type(:contrail_analytics_api_config).new(:name => 'f oo') - }.to raise_error(Puppet::Error, /Parameter name failed/) - end - - it 'should fail when there is no section' do - expect { - Puppet::Type.type(:contrail_analytics_api_config).new(:name => 'foo') - }.to raise_error(Puppet::Error, /Parameter name failed/) - end - - it 'should not require a value when ensure is absent' do - Puppet::Type.type(:contrail_analytics_api_config).new(:name => 'DEFAULT/foo', :ensure => :absent) - end - - it 'should accept a valid value' do - @contrail_analytics_api_config[:value] = 'bar' - expect(@contrail_analytics_api_config[:value]).to eq('bar') - end - - it 'should not accept a value with whitespace' do - @contrail_analytics_api_config[:value] = 'b ar' - expect(@contrail_analytics_api_config[:value]).to eq('b ar') - end - - it 'should accept valid ensure values' do - @contrail_analytics_api_config[:ensure] = :present - expect(@contrail_analytics_api_config[:ensure]).to eq(:present) - @contrail_analytics_api_config[:ensure] = :absent - expect(@contrail_analytics_api_config[:ensure]).to eq(:absent) - end - - it 'should not accept invalid ensure values' do - expect { - @contrail_analytics_api_config[:ensure] = :latest - }.to raise_error(Puppet::Error, /Invalid value/) - end -end diff --git a/contrail/spec/unit/type/contrail_analytics_nodemgr_config_spec.rb b/contrail/spec/unit/type/contrail_analytics_nodemgr_config_spec.rb deleted file mode 100644 index 8511c6123..000000000 --- a/contrail/spec/unit/type/contrail_analytics_nodemgr_config_spec.rb +++ /dev/null @@ -1,52 +0,0 @@ -require 'puppet' -require 'puppet/type/contrail_analytics_nodemgr_config' -describe 'Puppet::Type.type(:contrail_analytics_nodemgr_config)' do - before :each do - @contrail_analytics_nodemgr_config = Puppet::Type.type(:contrail_analytics_nodemgr_config).new(:name => 'DEFAULT/foo', :value => 'bar') - end - - it 'should require a name' do - expect { - Puppet::Type.type(:contrail_analytics_nodemgr_config).new({}) - }.to raise_error(Puppet::Error, 'Title or name must be provided') - end - - it 'should not expect a name with whitespace' do - expect { - Puppet::Type.type(:contrail_analytics_nodemgr_config).new(:name => 'f oo') - }.to raise_error(Puppet::Error, /Parameter name failed/) - end - - it 'should fail when there is no section' do - expect { - Puppet::Type.type(:contrail_analytics_nodemgr_config).new(:name => 'foo') - }.to raise_error(Puppet::Error, /Parameter name failed/) - end - - it 'should not require a value when ensure is absent' do - Puppet::Type.type(:contrail_analytics_nodemgr_config).new(:name => 'DEFAULT/foo', :ensure => :absent) - end - - it 'should accept a valid value' do - @contrail_analytics_nodemgr_config[:value] = 'bar' - expect(@contrail_analytics_nodemgr_config[:value]).to eq('bar') - end - - it 'should not accept a value with whitespace' do - @contrail_analytics_nodemgr_config[:value] = 'b ar' - expect(@contrail_analytics_nodemgr_config[:value]).to eq('b ar') - end - - it 'should accept valid ensure values' do - @contrail_analytics_nodemgr_config[:ensure] = :present - expect(@contrail_analytics_nodemgr_config[:ensure]).to eq(:present) - @contrail_analytics_nodemgr_config[:ensure] = :absent - expect(@contrail_analytics_nodemgr_config[:ensure]).to eq(:absent) - end - - it 'should not accept invalid ensure values' do - expect { - @contrail_analytics_nodemgr_config[:ensure] = :latest - }.to raise_error(Puppet::Error, /Invalid value/) - end -end diff --git a/contrail/spec/unit/type/contrail_api_config_spec.rb b/contrail/spec/unit/type/contrail_api_config_spec.rb deleted file mode 100644 index 7d29c762b..000000000 --- a/contrail/spec/unit/type/contrail_api_config_spec.rb +++ /dev/null @@ -1,52 +0,0 @@ -require 'puppet' -require 'puppet/type/contrail_api_config' -describe 'Puppet::Type.type(:contrail_api_config)' do - before :each do - @contrail_api_config = Puppet::Type.type(:contrail_api_config).new(:name => 'DEFAULT/foo', :value => 'bar') - end - - it 'should require a name' do - expect { - Puppet::Type.type(:contrail_api_config).new({}) - }.to raise_error(Puppet::Error, 'Title or name must be provided') - end - - it 'should not expect a name with whitespace' do - expect { - Puppet::Type.type(:contrail_api_config).new(:name => 'f oo') - }.to raise_error(Puppet::Error, /Parameter name failed/) - end - - it 'should fail when there is no section' do - expect { - Puppet::Type.type(:contrail_api_config).new(:name => 'foo') - }.to raise_error(Puppet::Error, /Parameter name failed/) - end - - it 'should not require a value when ensure is absent' do - Puppet::Type.type(:contrail_api_config).new(:name => 'DEFAULT/foo', :ensure => :absent) - end - - it 'should accept a valid value' do - @contrail_api_config[:value] = 'bar' - expect(@contrail_api_config[:value]).to eq('bar') - end - - it 'should not accept a value with whitespace' do - @contrail_api_config[:value] = 'b ar' - expect(@contrail_api_config[:value]).to eq('b ar') - end - - it 'should accept valid ensure values' do - @contrail_api_config[:ensure] = :present - expect(@contrail_api_config[:ensure]).to eq(:present) - @contrail_api_config[:ensure] = :absent - expect(@contrail_api_config[:ensure]).to eq(:absent) - end - - it 'should not accept invalid ensure values' do - expect { - @contrail_api_config[:ensure] = :latest - }.to raise_error(Puppet::Error, /Invalid value/) - end -end diff --git a/contrail/spec/unit/type/contrail_collector_config_spec.rb b/contrail/spec/unit/type/contrail_collector_config_spec.rb deleted file mode 100644 index 01f3619ee..000000000 --- a/contrail/spec/unit/type/contrail_collector_config_spec.rb +++ /dev/null @@ -1,52 +0,0 @@ -require 'puppet' -require 'puppet/type/contrail_collector_config' -describe 'Puppet::Type.type(:contrail_collector_config)' do - before :each do - @contrail_collector_config = Puppet::Type.type(:contrail_collector_config).new(:name => 'DEFAULT/foo', :value => 'bar') - end - - it 'should require a name' do - expect { - Puppet::Type.type(:contrail_collector_config).new({}) - }.to raise_error(Puppet::Error, 'Title or name must be provided') - end - - it 'should not expect a name with whitespace' do - expect { - Puppet::Type.type(:contrail_collector_config).new(:name => 'f oo') - }.to raise_error(Puppet::Error, /Parameter name failed/) - end - - it 'should fail when there is no section' do - expect { - Puppet::Type.type(:contrail_collector_config).new(:name => 'foo') - }.to raise_error(Puppet::Error, /Parameter name failed/) - end - - it 'should not require a value when ensure is absent' do - Puppet::Type.type(:contrail_collector_config).new(:name => 'DEFAULT/foo', :ensure => :absent) - end - - it 'should accept a valid value' do - @contrail_collector_config[:value] = 'bar' - expect(@contrail_collector_config[:value]).to eq('bar') - end - - it 'should not accept a value with whitespace' do - @contrail_collector_config[:value] = 'b ar' - expect(@contrail_collector_config[:value]).to eq('b ar') - end - - it 'should accept valid ensure values' do - @contrail_collector_config[:ensure] = :present - expect(@contrail_collector_config[:ensure]).to eq(:present) - @contrail_collector_config[:ensure] = :absent - expect(@contrail_collector_config[:ensure]).to eq(:absent) - end - - it 'should not accept invalid ensure values' do - expect { - @contrail_collector_config[:ensure] = :latest - }.to raise_error(Puppet::Error, /Invalid value/) - end -end diff --git a/contrail/spec/unit/type/contrail_config_nodemgr_config_spec.rb b/contrail/spec/unit/type/contrail_config_nodemgr_config_spec.rb deleted file mode 100644 index 75ff4be2d..000000000 --- a/contrail/spec/unit/type/contrail_config_nodemgr_config_spec.rb +++ /dev/null @@ -1,52 +0,0 @@ -require 'puppet' -require 'puppet/type/contrail_config_nodemgr_config' -describe 'Puppet::Type.type(:contrail_config_nodemgr_config)' do - before :each do - @contrail_config_nodemgr_config = Puppet::Type.type(:contrail_config_nodemgr_config).new(:name => 'DEFAULT/foo', :value => 'bar') - end - - it 'should require a name' do - expect { - Puppet::Type.type(:contrail_config_nodemgr_config).new({}) - }.to raise_error(Puppet::Error, 'Title or name must be provided') - end - - it 'should not expect a name with whitespace' do - expect { - Puppet::Type.type(:contrail_config_nodemgr_config).new(:name => 'f oo') - }.to raise_error(Puppet::Error, /Parameter name failed/) - end - - it 'should fail when there is no section' do - expect { - Puppet::Type.type(:contrail_config_nodemgr_config).new(:name => 'foo') - }.to raise_error(Puppet::Error, /Parameter name failed/) - end - - it 'should not require a value when ensure is absent' do - Puppet::Type.type(:contrail_config_nodemgr_config).new(:name => 'DEFAULT/foo', :ensure => :absent) - end - - it 'should accept a valid value' do - @contrail_config_nodemgr_config[:value] = 'bar' - expect(@contrail_config_nodemgr_config[:value]).to eq('bar') - end - - it 'should not accept a value with whitespace' do - @contrail_config_nodemgr_config[:value] = 'b ar' - expect(@contrail_config_nodemgr_config[:value]).to eq('b ar') - end - - it 'should accept valid ensure values' do - @contrail_config_nodemgr_config[:ensure] = :present - expect(@contrail_config_nodemgr_config[:ensure]).to eq(:present) - @contrail_config_nodemgr_config[:ensure] = :absent - expect(@contrail_config_nodemgr_config[:ensure]).to eq(:absent) - end - - it 'should not accept invalid ensure values' do - expect { - @contrail_config_nodemgr_config[:ensure] = :latest - }.to raise_error(Puppet::Error, /Invalid value/) - end -end diff --git a/contrail/spec/unit/type/contrail_control_config_spec.rb b/contrail/spec/unit/type/contrail_control_config_spec.rb deleted file mode 100644 index db019be90..000000000 --- a/contrail/spec/unit/type/contrail_control_config_spec.rb +++ /dev/null @@ -1,52 +0,0 @@ -require 'puppet' -require 'puppet/type/contrail_control_config' -describe 'Puppet::Type.type(:contrail_control_config)' do - before :each do - @contrail_control_config = Puppet::Type.type(:contrail_control_config).new(:name => 'DEFAULT/foo', :value => 'bar') - end - - it 'should require a name' do - expect { - Puppet::Type.type(:contrail_control_config).new({}) - }.to raise_error(Puppet::Error, 'Title or name must be provided') - end - - it 'should not expect a name with whitespace' do - expect { - Puppet::Type.type(:contrail_control_config).new(:name => 'f oo') - }.to raise_error(Puppet::Error, /Parameter name failed/) - end - - it 'should fail when there is no section' do - expect { - Puppet::Type.type(:contrail_control_config).new(:name => 'foo') - }.to raise_error(Puppet::Error, /Parameter name failed/) - end - - it 'should not require a value when ensure is absent' do - Puppet::Type.type(:contrail_control_config).new(:name => 'DEFAULT/foo', :ensure => :absent) - end - - it 'should accept a valid value' do - @contrail_control_config[:value] = 'bar' - expect(@contrail_control_config[:value]).to eq('bar') - end - - it 'should not accept a value with whitespace' do - @contrail_control_config[:value] = 'b ar' - expect(@contrail_control_config[:value]).to eq('b ar') - end - - it 'should accept valid ensure values' do - @contrail_control_config[:ensure] = :present - expect(@contrail_control_config[:ensure]).to eq(:present) - @contrail_control_config[:ensure] = :absent - expect(@contrail_control_config[:ensure]).to eq(:absent) - end - - it 'should not accept invalid ensure values' do - expect { - @contrail_control_config[:ensure] = :latest - }.to raise_error(Puppet::Error, /Invalid value/) - end -end diff --git a/contrail/spec/unit/type/contrail_control_nodemgr_config_spec.rb b/contrail/spec/unit/type/contrail_control_nodemgr_config_spec.rb deleted file mode 100644 index 1b6c999b8..000000000 --- a/contrail/spec/unit/type/contrail_control_nodemgr_config_spec.rb +++ /dev/null @@ -1,52 +0,0 @@ -require 'puppet' -require 'puppet/type/contrail_control_nodemgr_config' -describe 'Puppet::Type.type(:contrail_control_nodemgr_config)' do - before :each do - @contrail_control_nodemgr_config = Puppet::Type.type(:contrail_control_nodemgr_config).new(:name => 'DEFAULT/foo', :value => 'bar') - end - - it 'should require a name' do - expect { - Puppet::Type.type(:contrail_control_nodemgr_config).new({}) - }.to raise_error(Puppet::Error, 'Title or name must be provided') - end - - it 'should not expect a name with whitespace' do - expect { - Puppet::Type.type(:contrail_control_nodemgr_config).new(:name => 'f oo') - }.to raise_error(Puppet::Error, /Parameter name failed/) - end - - it 'should fail when there is no section' do - expect { - Puppet::Type.type(:contrail_control_nodemgr_config).new(:name => 'foo') - }.to raise_error(Puppet::Error, /Parameter name failed/) - end - - it 'should not require a value when ensure is absent' do - Puppet::Type.type(:contrail_control_nodemgr_config).new(:name => 'DEFAULT/foo', :ensure => :absent) - end - - it 'should accept a valid value' do - @contrail_control_nodemgr_config[:value] = 'bar' - expect(@contrail_control_nodemgr_config[:value]).to eq('bar') - end - - it 'should not accept a value with whitespace' do - @contrail_control_nodemgr_config[:value] = 'b ar' - expect(@contrail_control_nodemgr_config[:value]).to eq('b ar') - end - - it 'should accept valid ensure values' do - @contrail_control_nodemgr_config[:ensure] = :present - expect(@contrail_control_nodemgr_config[:ensure]).to eq(:present) - @contrail_control_nodemgr_config[:ensure] = :absent - expect(@contrail_control_nodemgr_config[:ensure]).to eq(:absent) - end - - it 'should not accept invalid ensure values' do - expect { - @contrail_control_nodemgr_config[:ensure] = :latest - }.to raise_error(Puppet::Error, /Invalid value/) - end -end diff --git a/contrail/spec/unit/type/contrail_database_nodemgr_config_spec.rb b/contrail/spec/unit/type/contrail_database_nodemgr_config_spec.rb deleted file mode 100644 index 5eac63a22..000000000 --- a/contrail/spec/unit/type/contrail_database_nodemgr_config_spec.rb +++ /dev/null @@ -1,52 +0,0 @@ -require 'puppet' -require 'puppet/type/contrail_database_nodemgr_config' -describe 'Puppet::Type.type(:contrail_database_nodemgr_config)' do - before :each do - @contrail_database_nodemgr_config = Puppet::Type.type(:contrail_database_nodemgr_config).new(:name => 'DEFAULT/foo', :value => 'bar') - end - - it 'should require a name' do - expect { - Puppet::Type.type(:contrail_database_nodemgr_config).new({}) - }.to raise_error(Puppet::Error, 'Title or name must be provided') - end - - it 'should not expect a name with whitespace' do - expect { - Puppet::Type.type(:contrail_database_nodemgr_config).new(:name => 'f oo') - }.to raise_error(Puppet::Error, /Parameter name failed/) - end - - it 'should fail when there is no section' do - expect { - Puppet::Type.type(:contrail_database_nodemgr_config).new(:name => 'foo') - }.to raise_error(Puppet::Error, /Parameter name failed/) - end - - it 'should not require a value when ensure is absent' do - Puppet::Type.type(:contrail_database_nodemgr_config).new(:name => 'DEFAULT/foo', :ensure => :absent) - end - - it 'should accept a valid value' do - @contrail_database_nodemgr_config[:value] = 'bar' - expect(@contrail_database_nodemgr_config[:value]).to eq('bar') - end - - it 'should not accept a value with whitespace' do - @contrail_database_nodemgr_config[:value] = 'b ar' - expect(@contrail_database_nodemgr_config[:value]).to eq('b ar') - end - - it 'should accept valid ensure values' do - @contrail_database_nodemgr_config[:ensure] = :present - expect(@contrail_database_nodemgr_config[:ensure]).to eq(:present) - @contrail_database_nodemgr_config[:ensure] = :absent - expect(@contrail_database_nodemgr_config[:ensure]).to eq(:absent) - end - - it 'should not accept invalid ensure values' do - expect { - @contrail_database_nodemgr_config[:ensure] = :latest - }.to raise_error(Puppet::Error, /Invalid value/) - end -end diff --git a/contrail/spec/unit/type/contrail_device_manager_config_spec.rb b/contrail/spec/unit/type/contrail_device_manager_config_spec.rb deleted file mode 100644 index fc523c813..000000000 --- a/contrail/spec/unit/type/contrail_device_manager_config_spec.rb +++ /dev/null @@ -1,52 +0,0 @@ -require 'puppet' -require 'puppet/type/contrail_device_manager_config' -describe 'Puppet::Type.type(:contrail_device_manager_config)' do - before :each do - @contrail_device_manager_config = Puppet::Type.type(:contrail_device_manager_config).new(:name => 'DEFAULT/foo', :value => 'bar') - end - - it 'should require a name' do - expect { - Puppet::Type.type(:contrail_device_manager_config).new({}) - }.to raise_error(Puppet::Error, 'Title or name must be provided') - end - - it 'should not expect a name with whitespace' do - expect { - Puppet::Type.type(:contrail_device_manager_config).new(:name => 'f oo') - }.to raise_error(Puppet::Error, /Parameter name failed/) - end - - it 'should fail when there is no section' do - expect { - Puppet::Type.type(:contrail_device_manager_config).new(:name => 'foo') - }.to raise_error(Puppet::Error, /Parameter name failed/) - end - - it 'should not require a value when ensure is absent' do - Puppet::Type.type(:contrail_device_manager_config).new(:name => 'DEFAULT/foo', :ensure => :absent) - end - - it 'should accept a valid value' do - @contrail_device_manager_config[:value] = 'bar' - expect(@contrail_device_manager_config[:value]).to eq('bar') - end - - it 'should not accept a value with whitespace' do - @contrail_device_manager_config[:value] = 'b ar' - expect(@contrail_device_manager_config[:value]).to eq('b ar') - end - - it 'should accept valid ensure values' do - @contrail_device_manager_config[:ensure] = :present - expect(@contrail_device_manager_config[:ensure]).to eq(:present) - @contrail_device_manager_config[:ensure] = :absent - expect(@contrail_device_manager_config[:ensure]).to eq(:absent) - end - - it 'should not accept invalid ensure values' do - expect { - @contrail_device_manager_config[:ensure] = :latest - }.to raise_error(Puppet::Error, /Invalid value/) - end -end diff --git a/contrail/spec/unit/type/contrail_discovery_config_spec.rb b/contrail/spec/unit/type/contrail_discovery_config_spec.rb deleted file mode 100644 index bad974d6e..000000000 --- a/contrail/spec/unit/type/contrail_discovery_config_spec.rb +++ /dev/null @@ -1,52 +0,0 @@ -require 'puppet' -require 'puppet/type/contrail_discovery_config' -describe 'Puppet::Type.type(:contrail_discovery_config)' do - before :each do - @contrail_discovery_config = Puppet::Type.type(:contrail_discovery_config).new(:name => 'DEFAULT/foo', :value => 'bar') - end - - it 'should require a name' do - expect { - Puppet::Type.type(:contrail_discovery_config).new({}) - }.to raise_error(Puppet::Error, 'Title or name must be provided') - end - - it 'should not expect a name with whitespace' do - expect { - Puppet::Type.type(:contrail_discovery_config).new(:name => 'f oo') - }.to raise_error(Puppet::Error, /Parameter name failed/) - end - - it 'should fail when there is no section' do - expect { - Puppet::Type.type(:contrail_discovery_config).new(:name => 'foo') - }.to raise_error(Puppet::Error, /Parameter name failed/) - end - - it 'should not require a value when ensure is absent' do - Puppet::Type.type(:contrail_discovery_config).new(:name => 'DEFAULT/foo', :ensure => :absent) - end - - it 'should accept a valid value' do - @contrail_discovery_config[:value] = 'bar' - expect(@contrail_discovery_config[:value]).to eq('bar') - end - - it 'should not accept a value with whitespace' do - @contrail_discovery_config[:value] = 'b ar' - expect(@contrail_discovery_config[:value]).to eq('b ar') - end - - it 'should accept valid ensure values' do - @contrail_discovery_config[:ensure] = :present - expect(@contrail_discovery_config[:ensure]).to eq(:present) - @contrail_discovery_config[:ensure] = :absent - expect(@contrail_discovery_config[:ensure]).to eq(:absent) - end - - it 'should not accept invalid ensure values' do - expect { - @contrail_discovery_config[:ensure] = :latest - }.to raise_error(Puppet::Error, /Invalid value/) - end -end diff --git a/contrail/spec/unit/type/contrail_dns_config_spec.rb b/contrail/spec/unit/type/contrail_dns_config_spec.rb deleted file mode 100644 index 72686a772..000000000 --- a/contrail/spec/unit/type/contrail_dns_config_spec.rb +++ /dev/null @@ -1,52 +0,0 @@ -require 'puppet' -require 'puppet/type/contrail_dns_config' -describe 'Puppet::Type.type(:contrail_dns_config)' do - before :each do - @contrail_dns_config = Puppet::Type.type(:contrail_dns_config).new(:name => 'DEFAULT/foo', :value => 'bar') - end - - it 'should require a name' do - expect { - Puppet::Type.type(:contrail_dns_config).new({}) - }.to raise_error(Puppet::Error, 'Title or name must be provided') - end - - it 'should not expect a name with whitespace' do - expect { - Puppet::Type.type(:contrail_dns_config).new(:name => 'f oo') - }.to raise_error(Puppet::Error, /Parameter name failed/) - end - - it 'should fail when there is no section' do - expect { - Puppet::Type.type(:contrail_dns_config).new(:name => 'foo') - }.to raise_error(Puppet::Error, /Parameter name failed/) - end - - it 'should not require a value when ensure is absent' do - Puppet::Type.type(:contrail_dns_config).new(:name => 'DEFAULT/foo', :ensure => :absent) - end - - it 'should accept a valid value' do - @contrail_dns_config[:value] = 'bar' - expect(@contrail_dns_config[:value]).to eq('bar') - end - - it 'should not accept a value with whitespace' do - @contrail_dns_config[:value] = 'b ar' - expect(@contrail_dns_config[:value]).to eq('b ar') - end - - it 'should accept valid ensure values' do - @contrail_dns_config[:ensure] = :present - expect(@contrail_dns_config[:ensure]).to eq(:present) - @contrail_dns_config[:ensure] = :absent - expect(@contrail_dns_config[:ensure]).to eq(:absent) - end - - it 'should not accept invalid ensure values' do - expect { - @contrail_dns_config[:ensure] = :latest - }.to raise_error(Puppet::Error, /Invalid value/) - end -end diff --git a/contrail/spec/unit/type/contrail_keystone_auth_config_spec.rb b/contrail/spec/unit/type/contrail_keystone_auth_config_spec.rb deleted file mode 100644 index 587924f1f..000000000 --- a/contrail/spec/unit/type/contrail_keystone_auth_config_spec.rb +++ /dev/null @@ -1,52 +0,0 @@ -require 'puppet' -require 'puppet/type/contrail_keystone_auth_config' -describe 'Puppet::Type.type(:contrail_keystone_auth_config)' do - before :each do - @contrail_keystone_auth_config = Puppet::Type.type(:contrail_keystone_auth_config).new(:name => 'DEFAULT/foo', :value => 'bar') - end - - it 'should require a name' do - expect { - Puppet::Type.type(:contrail_keystone_auth_config).new({}) - }.to raise_error(Puppet::Error, 'Title or name must be provided') - end - - it 'should not expect a name with whitespace' do - expect { - Puppet::Type.type(:contrail_keystone_auth_config).new(:name => 'f oo') - }.to raise_error(Puppet::Error, /Parameter name failed/) - end - - it 'should fail when there is no section' do - expect { - Puppet::Type.type(:contrail_keystone_auth_config).new(:name => 'foo') - }.to raise_error(Puppet::Error, /Parameter name failed/) - end - - it 'should not require a value when ensure is absent' do - Puppet::Type.type(:contrail_keystone_auth_config).new(:name => 'DEFAULT/foo', :ensure => :absent) - end - - it 'should accept a valid value' do - @contrail_keystone_auth_config[:value] = 'bar' - expect(@contrail_keystone_auth_config[:value]).to eq('bar') - end - - it 'should not accept a value with whitespace' do - @contrail_keystone_auth_config[:value] = 'b ar' - expect(@contrail_keystone_auth_config[:value]).to eq('b ar') - end - - it 'should accept valid ensure values' do - @contrail_keystone_auth_config[:ensure] = :present - expect(@contrail_keystone_auth_config[:ensure]).to eq(:present) - @contrail_keystone_auth_config[:ensure] = :absent - expect(@contrail_keystone_auth_config[:ensure]).to eq(:absent) - end - - it 'should not accept invalid ensure values' do - expect { - @contrail_keystone_auth_config[:ensure] = :latest - }.to raise_error(Puppet::Error, /Invalid value/) - end -end diff --git a/contrail/spec/unit/type/contrail_keystone_config_spec.rb b/contrail/spec/unit/type/contrail_keystone_config_spec.rb deleted file mode 100644 index ef2091138..000000000 --- a/contrail/spec/unit/type/contrail_keystone_config_spec.rb +++ /dev/null @@ -1,52 +0,0 @@ -require 'puppet' -require 'puppet/type/contrail_keystone_config' -describe 'Puppet::Type.type(:contrail_keystone_config)' do - before :each do - @contrail_keystone_config = Puppet::Type.type(:contrail_keystone_config).new(:name => 'DEFAULT/foo', :value => 'bar') - end - - it 'should require a name' do - expect { - Puppet::Type.type(:contrail_keystone_config).new({}) - }.to raise_error(Puppet::Error, 'Title or name must be provided') - end - - it 'should not expect a name with whitespace' do - expect { - Puppet::Type.type(:contrail_keystone_config).new(:name => 'f oo') - }.to raise_error(Puppet::Error, /Parameter name failed/) - end - - it 'should fail when there is no section' do - expect { - Puppet::Type.type(:contrail_keystone_config).new(:name => 'foo') - }.to raise_error(Puppet::Error, /Parameter name failed/) - end - - it 'should not require a value when ensure is absent' do - Puppet::Type.type(:contrail_keystone_config).new(:name => 'DEFAULT/foo', :ensure => :absent) - end - - it 'should accept a valid value' do - @contrail_keystone_config[:value] = 'bar' - expect(@contrail_keystone_config[:value]).to eq('bar') - end - - it 'should not accept a value with whitespace' do - @contrail_keystone_config[:value] = 'b ar' - expect(@contrail_keystone_config[:value]).to eq('b ar') - end - - it 'should accept valid ensure values' do - @contrail_keystone_config[:ensure] = :present - expect(@contrail_keystone_config[:ensure]).to eq(:present) - @contrail_keystone_config[:ensure] = :absent - expect(@contrail_keystone_config[:ensure]).to eq(:absent) - end - - it 'should not accept invalid ensure values' do - expect { - @contrail_keystone_config[:ensure] = :latest - }.to raise_error(Puppet::Error, /Invalid value/) - end -end diff --git a/contrail/spec/unit/type/contrail_query_engine_config_spec.rb b/contrail/spec/unit/type/contrail_query_engine_config_spec.rb deleted file mode 100644 index f82f9a370..000000000 --- a/contrail/spec/unit/type/contrail_query_engine_config_spec.rb +++ /dev/null @@ -1,52 +0,0 @@ -require 'puppet' -require 'puppet/type/contrail_query_engine_config' -describe 'Puppet::Type.type(:contrail_query_engine_config)' do - before :each do - @contrail_query_engine_config = Puppet::Type.type(:contrail_query_engine_config).new(:name => 'DEFAULT/foo', :value => 'bar') - end - - it 'should require a name' do - expect { - Puppet::Type.type(:contrail_query_engine_config).new({}) - }.to raise_error(Puppet::Error, 'Title or name must be provided') - end - - it 'should not expect a name with whitespace' do - expect { - Puppet::Type.type(:contrail_query_engine_config).new(:name => 'f oo') - }.to raise_error(Puppet::Error, /Parameter name failed/) - end - - it 'should fail when there is no section' do - expect { - Puppet::Type.type(:contrail_query_engine_config).new(:name => 'foo') - }.to raise_error(Puppet::Error, /Parameter name failed/) - end - - it 'should not require a value when ensure is absent' do - Puppet::Type.type(:contrail_query_engine_config).new(:name => 'DEFAULT/foo', :ensure => :absent) - end - - it 'should accept a valid value' do - @contrail_query_engine_config[:value] = 'bar' - expect(@contrail_query_engine_config[:value]).to eq('bar') - end - - it 'should not accept a value with whitespace' do - @contrail_query_engine_config[:value] = 'b ar' - expect(@contrail_query_engine_config[:value]).to eq('b ar') - end - - it 'should accept valid ensure values' do - @contrail_query_engine_config[:ensure] = :present - expect(@contrail_query_engine_config[:ensure]).to eq(:present) - @contrail_query_engine_config[:ensure] = :absent - expect(@contrail_query_engine_config[:ensure]).to eq(:absent) - end - - it 'should not accept invalid ensure values' do - expect { - @contrail_query_engine_config[:ensure] = :latest - }.to raise_error(Puppet::Error, /Invalid value/) - end -end diff --git a/contrail/spec/unit/type/contrail_schema_config_spec.rb b/contrail/spec/unit/type/contrail_schema_config_spec.rb deleted file mode 100644 index 56bd734c6..000000000 --- a/contrail/spec/unit/type/contrail_schema_config_spec.rb +++ /dev/null @@ -1,52 +0,0 @@ -require 'puppet' -require 'puppet/type/contrail_schema_config' -describe 'Puppet::Type.type(:contrail_schema_config)' do - before :each do - @contrail_schema_config = Puppet::Type.type(:contrail_schema_config).new(:name => 'DEFAULT/foo', :value => 'bar') - end - - it 'should require a name' do - expect { - Puppet::Type.type(:contrail_schema_config).new({}) - }.to raise_error(Puppet::Error, 'Title or name must be provided') - end - - it 'should not expect a name with whitespace' do - expect { - Puppet::Type.type(:contrail_schema_config).new(:name => 'f oo') - }.to raise_error(Puppet::Error, /Parameter name failed/) - end - - it 'should fail when there is no section' do - expect { - Puppet::Type.type(:contrail_schema_config).new(:name => 'foo') - }.to raise_error(Puppet::Error, /Parameter name failed/) - end - - it 'should not require a value when ensure is absent' do - Puppet::Type.type(:contrail_schema_config).new(:name => 'DEFAULT/foo', :ensure => :absent) - end - - it 'should accept a valid value' do - @contrail_schema_config[:value] = 'bar' - expect(@contrail_schema_config[:value]).to eq('bar') - end - - it 'should not accept a value with whitespace' do - @contrail_schema_config[:value] = 'b ar' - expect(@contrail_schema_config[:value]).to eq('b ar') - end - - it 'should accept valid ensure values' do - @contrail_schema_config[:ensure] = :present - expect(@contrail_schema_config[:ensure]).to eq(:present) - @contrail_schema_config[:ensure] = :absent - expect(@contrail_schema_config[:ensure]).to eq(:absent) - end - - it 'should not accept invalid ensure values' do - expect { - @contrail_schema_config[:ensure] = :latest - }.to raise_error(Puppet::Error, /Invalid value/) - end -end diff --git a/contrail/spec/unit/type/contrail_snmp_collector_config_spec.rb b/contrail/spec/unit/type/contrail_snmp_collector_config_spec.rb deleted file mode 100644 index 80e0ba6f0..000000000 --- a/contrail/spec/unit/type/contrail_snmp_collector_config_spec.rb +++ /dev/null @@ -1,52 +0,0 @@ -require 'puppet' -require 'puppet/type/contrail_snmp_collector_config' -describe 'Puppet::Type.type(:contrail_snmp_collector_config)' do - before :each do - @contrail_snmp_collector_config = Puppet::Type.type(:contrail_snmp_collector_config).new(:name => 'DEFAULT/foo', :value => 'bar') - end - - it 'should require a name' do - expect { - Puppet::Type.type(:contrail_snmp_collector_config).new({}) - }.to raise_error(Puppet::Error, 'Title or name must be provided') - end - - it 'should not expect a name with whitespace' do - expect { - Puppet::Type.type(:contrail_snmp_collector_config).new(:name => 'f oo') - }.to raise_error(Puppet::Error, /Parameter name failed/) - end - - it 'should fail when there is no section' do - expect { - Puppet::Type.type(:contrail_snmp_collector_config).new(:name => 'foo') - }.to raise_error(Puppet::Error, /Parameter name failed/) - end - - it 'should not require a value when ensure is absent' do - Puppet::Type.type(:contrail_snmp_collector_config).new(:name => 'DEFAULT/foo', :ensure => :absent) - end - - it 'should accept a valid value' do - @contrail_snmp_collector_config[:value] = 'bar' - expect(@contrail_snmp_collector_config[:value]).to eq('bar') - end - - it 'should not accept a value with whitespace' do - @contrail_snmp_collector_config[:value] = 'b ar' - expect(@contrail_snmp_collector_config[:value]).to eq('b ar') - end - - it 'should accept valid ensure values' do - @contrail_snmp_collector_config[:ensure] = :present - expect(@contrail_snmp_collector_config[:ensure]).to eq(:present) - @contrail_snmp_collector_config[:ensure] = :absent - expect(@contrail_snmp_collector_config[:ensure]).to eq(:absent) - end - - it 'should not accept invalid ensure values' do - expect { - @contrail_snmp_collector_config[:ensure] = :latest - }.to raise_error(Puppet::Error, /Invalid value/) - end -end diff --git a/contrail/spec/unit/type/contrail_svc_monitor_config_spec.rb b/contrail/spec/unit/type/contrail_svc_monitor_config_spec.rb deleted file mode 100644 index 1fc59693e..000000000 --- a/contrail/spec/unit/type/contrail_svc_monitor_config_spec.rb +++ /dev/null @@ -1,52 +0,0 @@ -require 'puppet' -require 'puppet/type/contrail_svc_monitor_config' -describe 'Puppet::Type.type(:contrail_svc_monitor_config)' do - before :each do - @contrail_svc_monitor_config = Puppet::Type.type(:contrail_svc_monitor_config).new(:name => 'DEFAULT/foo', :value => 'bar') - end - - it 'should require a name' do - expect { - Puppet::Type.type(:contrail_svc_monitor_config).new({}) - }.to raise_error(Puppet::Error, 'Title or name must be provided') - end - - it 'should not expect a name with whitespace' do - expect { - Puppet::Type.type(:contrail_svc_monitor_config).new(:name => 'f oo') - }.to raise_error(Puppet::Error, /Parameter name failed/) - end - - it 'should fail when there is no section' do - expect { - Puppet::Type.type(:contrail_svc_monitor_config).new(:name => 'foo') - }.to raise_error(Puppet::Error, /Parameter name failed/) - end - - it 'should not require a value when ensure is absent' do - Puppet::Type.type(:contrail_svc_monitor_config).new(:name => 'DEFAULT/foo', :ensure => :absent) - end - - it 'should accept a valid value' do - @contrail_svc_monitor_config[:value] = 'bar' - expect(@contrail_svc_monitor_config[:value]).to eq('bar') - end - - it 'should not accept a value with whitespace' do - @contrail_svc_monitor_config[:value] = 'b ar' - expect(@contrail_svc_monitor_config[:value]).to eq('b ar') - end - - it 'should accept valid ensure values' do - @contrail_svc_monitor_config[:ensure] = :present - expect(@contrail_svc_monitor_config[:ensure]).to eq(:present) - @contrail_svc_monitor_config[:ensure] = :absent - expect(@contrail_svc_monitor_config[:ensure]).to eq(:absent) - end - - it 'should not accept invalid ensure values' do - expect { - @contrail_svc_monitor_config[:ensure] = :latest - }.to raise_error(Puppet::Error, /Invalid value/) - end -end diff --git a/contrail/spec/unit/type/contrail_topology_config_spec.rb b/contrail/spec/unit/type/contrail_topology_config_spec.rb deleted file mode 100644 index a7c0d9cc2..000000000 --- a/contrail/spec/unit/type/contrail_topology_config_spec.rb +++ /dev/null @@ -1,52 +0,0 @@ -require 'puppet' -require 'puppet/type/contrail_topology_config' -describe 'Puppet::Type.type(:contrail_topology_config)' do - before :each do - @contrail_topology_config = Puppet::Type.type(:contrail_topology_config).new(:name => 'DEFAULT/foo', :value => 'bar') - end - - it 'should require a name' do - expect { - Puppet::Type.type(:contrail_topology_config).new({}) - }.to raise_error(Puppet::Error, 'Title or name must be provided') - end - - it 'should not expect a name with whitespace' do - expect { - Puppet::Type.type(:contrail_topology_config).new(:name => 'f oo') - }.to raise_error(Puppet::Error, /Parameter name failed/) - end - - it 'should fail when there is no section' do - expect { - Puppet::Type.type(:contrail_topology_config).new(:name => 'foo') - }.to raise_error(Puppet::Error, /Parameter name failed/) - end - - it 'should not require a value when ensure is absent' do - Puppet::Type.type(:contrail_topology_config).new(:name => 'DEFAULT/foo', :ensure => :absent) - end - - it 'should accept a valid value' do - @contrail_topology_config[:value] = 'bar' - expect(@contrail_topology_config[:value]).to eq('bar') - end - - it 'should not accept a value with whitespace' do - @contrail_topology_config[:value] = 'b ar' - expect(@contrail_topology_config[:value]).to eq('b ar') - end - - it 'should accept valid ensure values' do - @contrail_topology_config[:ensure] = :present - expect(@contrail_topology_config[:ensure]).to eq(:present) - @contrail_topology_config[:ensure] = :absent - expect(@contrail_topology_config[:ensure]).to eq(:absent) - end - - it 'should not accept invalid ensure values' do - expect { - @contrail_topology_config[:ensure] = :latest - }.to raise_error(Puppet::Error, /Invalid value/) - end -end diff --git a/contrail/spec/unit/type/contrail_vnc_api_config_spec.rb b/contrail/spec/unit/type/contrail_vnc_api_config_spec.rb deleted file mode 100644 index 353c5f555..000000000 --- a/contrail/spec/unit/type/contrail_vnc_api_config_spec.rb +++ /dev/null @@ -1,52 +0,0 @@ -require 'puppet' -require 'puppet/type/contrail_vnc_api_config' -describe 'Puppet::Type.type(:contrail_vnc_api_config)' do - before :each do - @contrail_vnc_api_config = Puppet::Type.type(:contrail_vnc_api_config).new(:name => 'DEFAULT/foo', :value => 'bar') - end - - it 'should require a name' do - expect { - Puppet::Type.type(:contrail_vnc_api_config).new({}) - }.to raise_error(Puppet::Error, 'Title or name must be provided') - end - - it 'should not expect a name with whitespace' do - expect { - Puppet::Type.type(:contrail_vnc_api_config).new(:name => 'f oo') - }.to raise_error(Puppet::Error, /Parameter name failed/) - end - - it 'should fail when there is no section' do - expect { - Puppet::Type.type(:contrail_vnc_api_config).new(:name => 'foo') - }.to raise_error(Puppet::Error, /Parameter name failed/) - end - - it 'should not require a value when ensure is absent' do - Puppet::Type.type(:contrail_vnc_api_config).new(:name => 'DEFAULT/foo', :ensure => :absent) - end - - it 'should accept a valid value' do - @contrail_vnc_api_config[:value] = 'bar' - expect(@contrail_vnc_api_config[:value]).to eq('bar') - end - - it 'should not accept a value with whitespace' do - @contrail_vnc_api_config[:value] = 'b ar' - expect(@contrail_vnc_api_config[:value]).to eq('b ar') - end - - it 'should accept valid ensure values' do - @contrail_vnc_api_config[:ensure] = :present - expect(@contrail_vnc_api_config[:ensure]).to eq(:present) - @contrail_vnc_api_config[:ensure] = :absent - expect(@contrail_vnc_api_config[:ensure]).to eq(:absent) - end - - it 'should not accept invalid ensure values' do - expect { - @contrail_vnc_api_config[:ensure] = :latest - }.to raise_error(Puppet::Error, /Invalid value/) - end -end diff --git a/contrail/spec/unit/type/contrail_vrouter_agent_config_spec.rb b/contrail/spec/unit/type/contrail_vrouter_agent_config_spec.rb deleted file mode 100644 index 791ffbab4..000000000 --- a/contrail/spec/unit/type/contrail_vrouter_agent_config_spec.rb +++ /dev/null @@ -1,52 +0,0 @@ -require 'puppet' -require 'puppet/type/contrail_vrouter_agent_config' -describe 'Puppet::Type.type(:contrail_vrouter_agent_config)' do - before :each do - @contrail_vrouter_agent_config = Puppet::Type.type(:contrail_vrouter_agent_config).new(:name => 'DEFAULT/foo', :value => 'bar') - end - - it 'should require a name' do - expect { - Puppet::Type.type(:contrail_vrouter_agent_config).new({}) - }.to raise_error(Puppet::Error, 'Title or name must be provided') - end - - it 'should not expect a name with whitespace' do - expect { - Puppet::Type.type(:contrail_vrouter_agent_config).new(:name => 'f oo') - }.to raise_error(Puppet::Error, /Parameter name failed/) - end - - it 'should fail when there is no section' do - expect { - Puppet::Type.type(:contrail_vrouter_agent_config).new(:name => 'foo') - }.to raise_error(Puppet::Error, /Parameter name failed/) - end - - it 'should not require a value when ensure is absent' do - Puppet::Type.type(:contrail_vrouter_agent_config).new(:name => 'DEFAULT/foo', :ensure => :absent) - end - - it 'should accept a valid value' do - @contrail_vrouter_agent_config[:value] = 'bar' - expect(@contrail_vrouter_agent_config[:value]).to eq('bar') - end - - it 'should not accept a value with whitespace' do - @contrail_vrouter_agent_config[:value] = 'b ar' - expect(@contrail_vrouter_agent_config[:value]).to eq('b ar') - end - - it 'should accept valid ensure values' do - @contrail_vrouter_agent_config[:ensure] = :present - expect(@contrail_vrouter_agent_config[:ensure]).to eq(:present) - @contrail_vrouter_agent_config[:ensure] = :absent - expect(@contrail_vrouter_agent_config[:ensure]).to eq(:absent) - end - - it 'should not accept invalid ensure values' do - expect { - @contrail_vrouter_agent_config[:ensure] = :latest - }.to raise_error(Puppet::Error, /Invalid value/) - end -end diff --git a/contrail/spec/unit/type/contrail_vrouter_nodemgr_config_spec.rb b/contrail/spec/unit/type/contrail_vrouter_nodemgr_config_spec.rb deleted file mode 100644 index 78d814756..000000000 --- a/contrail/spec/unit/type/contrail_vrouter_nodemgr_config_spec.rb +++ /dev/null @@ -1,52 +0,0 @@ -require 'puppet' -require 'puppet/type/contrail_vrouter_nodemgr_config' -describe 'Puppet::Type.type(:contrail_vrouter_nodemgr_config)' do - before :each do - @contrail_vrouter_nodemgr_config = Puppet::Type.type(:contrail_vrouter_nodemgr_config).new(:name => 'DEFAULT/foo', :value => 'bar') - end - - it 'should require a name' do - expect { - Puppet::Type.type(:contrail_vrouter_nodemgr_config).new({}) - }.to raise_error(Puppet::Error, 'Title or name must be provided') - end - - it 'should not expect a name with whitespace' do - expect { - Puppet::Type.type(:contrail_vrouter_nodemgr_config).new(:name => 'f oo') - }.to raise_error(Puppet::Error, /Parameter name failed/) - end - - it 'should fail when there is no section' do - expect { - Puppet::Type.type(:contrail_vrouter_nodemgr_config).new(:name => 'foo') - }.to raise_error(Puppet::Error, /Parameter name failed/) - end - - it 'should not require a value when ensure is absent' do - Puppet::Type.type(:contrail_vrouter_nodemgr_config).new(:name => 'DEFAULT/foo', :ensure => :absent) - end - - it 'should accept a valid value' do - @contrail_vrouter_nodemgr_config[:value] = 'bar' - expect(@contrail_vrouter_nodemgr_config[:value]).to eq('bar') - end - - it 'should not accept a value with whitespace' do - @contrail_vrouter_nodemgr_config[:value] = 'b ar' - expect(@contrail_vrouter_nodemgr_config[:value]).to eq('b ar') - end - - it 'should accept valid ensure values' do - @contrail_vrouter_nodemgr_config[:ensure] = :present - expect(@contrail_vrouter_nodemgr_config[:ensure]).to eq(:present) - @contrail_vrouter_nodemgr_config[:ensure] = :absent - expect(@contrail_vrouter_nodemgr_config[:ensure]).to eq(:absent) - end - - it 'should not accept invalid ensure values' do - expect { - @contrail_vrouter_nodemgr_config[:ensure] = :latest - }.to raise_error(Puppet::Error, /Invalid value/) - end -end diff --git a/contrail/templates/config.global.js.erb b/contrail/templates/config.global.js.erb deleted file mode 100644 index 88d99bafd..000000000 --- a/contrail/templates/config.global.js.erb +++ /dev/null @@ -1,267 +0,0 @@ -/* - * Copyright (c) 2013 Juniper Networks, Inc. All rights reserved. - */ - -var config = {}; - -config.orchestration = {}; -/**************************************************************************** - * Specify Orchestration Model - * Available models are: - * - openstack - * - cloudstack - * If you do not want to specify any model, set it to 'none' - * -*****************************************************************************/ -config.orchestration.Manager = 'openstack' - -/**************************************************************************** - * This boolean flag indicates to communicate with Orchestration - * modules(networkManager, imageManager, computeManager, identityManager, - * storageManager), should the webServer communicate using the - * ip/port/authProtocol/apiVersion as specified in this file, or as returned - * from auth catalog list. - * Note: config.identityManager.apiVersion is not controlled by this boolean - * flag. - * - * true - These values should be taken from this config - * file. - * false - These values should be taken from auth catalog list - * -*****************************************************************************/ -config.serviceEndPointFromConfig = true; - -/**************************************************************************** - * This boolean flag indicates if serviceEndPointFromConfig is set as false, - * then to take IP/Port/Protocol/Version information from auth catalog, - * should publicURL OR internalURL will be used. - * - * true - publicURL in endpoint will be used to retrieve IP/Port/Protocol/ - * Version information - * false - internalURL in endpoint will be used to retrieve - * IP/Port/Protocol/Version information - * - * NOTE: if config.serviceEndPointFromConfig is set as true, then this flag - * does not have any effect. - * -*****************************************************************************/ -config.serviceEndPointTakePublicURL = true; - -/**************************************************************************** - * Below are the config options for all Orchestration Modules below: - * - networkManager - * - imageManager - * - computeManager - * - identityManager - * - storageManager - * - cnfg - * - analytics - * - * Options: - * ip: - * IP to connect to for this Server. - * port: - * Port to connect to for this server - * authProtocol: - * Specify authProtocol either 'http' or 'https' - * apiVersion: - * REST API Version for this server to connect to. - * Specify a list of Versions in array notation. - * Below are the supported list of apiVersion for the modules as of now: - * imageManager - ['v1', 'v2'] - * computeManager - ['v1.1', 'v2'] - * identityManager - ['v2.0'] - * storageManager - ['v1'] - * - * Not applicable for cnfg/analytics as of now - * strictSSL: - * If true, requires certificates to be valid - * ca: - * An authority certificate to check the remote host against, - * if you do not want to specify then use '' -*****************************************************************************/ -config.networkManager = {}; -config.networkManager.ip = '<%= @openstack_vip %>'; -config.networkManager.port = '9696' -config.networkManager.authProtocol = 'http'; -config.networkManager.apiVersion = []; -config.networkManager.strictSSL = false; -config.networkManager.ca = ''; - -config.imageManager = {}; -config.imageManager.ip = '<%= @openstack_vip %>'; -config.imageManager.port = '9292'; -config.imageManager.authProtocol = 'http'; -config.imageManager.apiVersion = ['v1', 'v2']; -config.imageManager.strictSSL = false; -config.imageManager.ca = ''; - -config.computeManager = {}; -config.computeManager.ip = '<%= @openstack_vip %>'; -config.computeManager.port = '8774'; -config.computeManager.authProtocol = 'http'; -config.computeManager.apiVersion = ['v1.1', 'v2']; -config.computeManager.strictSSL = false; -config.computeManager.ca = ''; - -config.identityManager = {}; -config.identityManager.ip = '<%= @openstack_vip %>'; -config.identityManager.port = '5000'; -config.identityManager.authProtocol = 'http'; -/****************************************************************************** - * Note: config.identityManager.apiVersion is not controlled by boolean flag - * config.serviceEndPointFromConfig. If specified apiVersion here, then these - * API versions will be used while using REST API to identityManager. - * If want to use with default apiVersion(v2.0), then can specify it as - * empty array. -******************************************************************************/ -config.identityManager.apiVersion = ['v2.0']; -config.identityManager.strictSSL = false; -config.identityManager.ca = ''; - -config.storageManager = {}; -config.storageManager.ip = '<%= @openstack_vip %>'; -config.storageManager.port = '8776'; -config.storageManager.authProtocol = 'http'; -config.storageManager.apiVersion = ['v1']; -config.storageManager.strictSSL = false; -config.storageManager.ca = ''; - -// VNConfig API server and port. -config.cnfg = {}; -config.cnfg.server_ip = '<%= @contrail_vip %>'; -config.cnfg.server_port = '8082'; -config.cnfg.authProtocol = 'http'; -config.cnfg.strictSSL = false; -config.cnfg.ca = ''; - -// Analytics API server and port. -config.analytics = {}; -config.analytics.server_ip = '<%= @contrail_vip %>'; -config.analytics.server_port = '8081'; -config.analytics.authProtocol = 'http'; -config.analytics.strictSSL = false; -config.analytics.ca = ''; - -/* Discovery Service */ -config.discoveryService = {}; -config.discoveryService.server_ip = '<%= @contrail_vip %>'; -config.discoveryService.server_port = '5998'; -/* Specifiy true if subscription to discovery server should be enabled, else - * specify false. Other than true/false value here is treated as true - */ -config.discoveryService.enable = true; - -/* Job Server */ -config.jobServer = {}; -config.jobServer.server_ip = '127.0.0.1'; -config.jobServer.server_port = '3000'; - -/* Upload/Download Directory */ -config.files = {}; -config.files.download_path = '/tmp'; - -/* Cassandra Server */ -config.cassandra = {}; -config.cassandra.server_ips = [<%= @cassandra_ip.map{ |ip| "\"#{ip}\"" }.join(',') %>]; -config.cassandra.server_port = '9160'; -config.cassandra.enable_edit = false; - -/* KUE Job Scheduler */ -config.kue = {}; -config.kue.ui_port = '3002' - -/* IP List to listen on */ -config.webui_addresses = ['0.0.0.0']; - -/* Is insecure access to WebUI? - * If set as false, then all http request will be redirected - * to https, if set true, then no https request will be processed, but only http - * request - */ -config.insecure_access = false; - -// HTTP port for NodeJS Server. -config.http_port = '<%= @contrail_webui_http_port %>'; - -// HTTPS port for NodeJS Server. -config.https_port = '<%= @contrail_webui_https_port %>'; - -// Activate/Deactivate Login. -config.require_auth = false; - -/* Number of node worker processes for cluster. */ -config.node_worker_count = 1; - -/* Number of Parallel Active Jobs with same type */ -config.maxActiveJobs = 10; - -/* Redis DB index for Web-UI */ -config.redisDBIndex = 3; - -/* WebUI Redis Server */ -config.redis_server_port = '6379'; -config.redis_server_ip = '<%= @redis_ip %>'; -config.redis_dump_file = '/var/lib/redis/dump-webui.rdb'; - -/* Logo File: Use complete path of logo file location */ -config.logo_file = '/usr/src/contrail/contrail-web-core/webroot/img/opencontrail-logo.png'; - -config.featurePkg = {}; -/* Add new feature Package Config details below */ -config.featurePkg.webController = {}; -config.featurePkg.webController.path = '/usr/src/contrail/contrail-web-controller'; -config.featurePkg.webController.enable = true; - -<% if @is_storage_master -%> -config.featurePkg.webStorage = {}; -config.featurePkg.webStorage.path = '/usr/src/contrail/contrail-web-storage'; -config.featurePkg.webStorage.enable = true; -<% end -%> - -/* Enable/disable Stat Query Links in Sidebar*/ -config.qe = {}; -config.qe.enable_stat_queries = false; - -/* Configure level of logs, supported log levels are: - debug, info, notice, warning, error, crit, alert, emerg - */ -config.logs = {}; -config.logs.level = 'debug'; - -/****************************************************************************** - * Boolean flag getDomainProjectsFromApiServer indicates wheather the project - * list should come from API Server or Identity Manager. - * If Set - * - true, then project list will come from API Server - * - false, then project list will come from Identity Manager - * Default: false - * -******************************************************************************/ -config.getDomainProjectsFromApiServer = false; -/***************************************************************************** -* Boolean flag L2_enable indicates the default forwarding-mode of a network. -* Allowed values : true / false -* Set this flag to true if all the networks are to be L2 networks, -* set to false otherwise. -*****************************************************************************/ -config.network = {}; -config.network.L2_enable = false; - -/****************************************************************************** - * Boolean flag getDomainsFromApiServer indicates wheather the domain - * list should come from API Server or Identity Manager. - * If Set - * - true, then domain list will come from API Server - * - false, then domain list will come from Identity Manager - * Default: true - * NOTE: if config.identityManager.apiVersion is set as v2.0, then this flag - * does not have any effect, in that case the domain list is retrieved - * from API Server. - * -*****************************************************************************/ -config.getDomainsFromApiServer = false; - -// Export this as a module. -module.exports = config; - diff --git a/contrail/templates/config/basicauthusers.properties.erb b/contrail/templates/config/basicauthusers.properties.erb deleted file mode 100644 index 97ef42daa..000000000 --- a/contrail/templates/config/basicauthusers.properties.erb +++ /dev/null @@ -1,15 +0,0 @@ -test:test -dhcp:dhcp -visual:visual -sensor:sensor -# compliance testsuite users -mapclient:mapclient -helper:mapclient -# This is a read-only MAPC -reader:reader -api-server:api-server -schema-transformer:schema-transformer -svc-monitor:svc-monitor -<% @basicauthusers_property.each do |user| -%> -<%= user %> -<% end -%> diff --git a/contrail/templates/config/log4j.properties.erb b/contrail/templates/config/log4j.properties.erb deleted file mode 100644 index 1b41422a5..000000000 --- a/contrail/templates/config/log4j.properties.erb +++ /dev/null @@ -1,10 +0,0 @@ -log4j.rootLogger=INFO -log4j.error - -log4j.logger.de.fhhannover.inform.irond.proc=INFO, A1 -log4j.additivity.de.fhhannover.inform.irond.proc=false - -log4j.appender.A1=org.apache.log4j.FileAppender -log4j.appender.A1.File=/var/log/contrail/ifmap-server.log -log4j.appender.A1.layout=org.apache.log4j.PatternLayout -log4j.appender.A1.layout.ConversionPattern=%d [%t] %-5p %x - %m%n diff --git a/contrail/templates/contrail-named.conf.erb b/contrail/templates/contrail-named.conf.erb deleted file mode 100644 index bf6d70c08..000000000 --- a/contrail/templates/contrail-named.conf.erb +++ /dev/null @@ -1,39 +0,0 @@ -options { - directory "/etc/contrail/dns/"; - managed-keys-directory "/etc/contrail/dns/"; - empty-zones-enable no; - pid-file "/etc/contrail/dns/contrail-named.pid"; - listen-on port 53 { any; }; - allow-query { any; }; - allow-recursion { any; }; - allow-query-cache { any; }; -}; -key "rndc-key" { - algorithm hmac-md5; - secret "<%= @secret -%>"; -}; -controls { - inet 127.0.0.1 port 8094 - allow { 127.0.0.1; } keys { "rndc-key"; }; -}; -logging { - channel debug_log { - file "/var/log/contrail/contrail-named.log" versions 3 size 5m; - severity debug; - print-time yes; - print-severity yes; - print-category yes; - }; - category default { - debug_log; - }; - category queries { - debug_log; - }; -}; -view "_default_view_" { - match-clients {any;}; - match-destinations {any;}; - match-recursive-only no; - forwarders { <%= @forwarders_option -%> }; -}; diff --git a/contrail/templates/ctrl-details.erb b/contrail/templates/ctrl-details.erb deleted file mode 100644 index 4373a641d..000000000 --- a/contrail/templates/ctrl-details.erb +++ /dev/null @@ -1,10 +0,0 @@ -SERVICE_TOKEN=<%= @keystone_service_token %> -AUTH_PROTOCOL=<%= @keystone_auth_protocol %> -ADMIN_TOKEN=<%= @keystone_admin_password %> -CONTROLLER=<%= @openstack_internal_vip %> -AMQP_SERVER=<%= @amqp_ip %> -COMPUTE=<%= @openstack_internal_vip %> -CONTROLLER_MGMT=<%= @openstack_internal_vip %> -INTERNAL_VIP=<%= @openstack_internal_vip %> -CONTRAIL_INTERNAL_VIP=<%= @openstack_internal_vip %> -EXTERNAL_VIP=<%= @openstack_external_vip %> diff --git a/contrail/templates/vrouter/agent_param.erb b/contrail/templates/vrouter/agent_param.erb deleted file mode 100644 index d528dac3c..000000000 --- a/contrail/templates/vrouter/agent_param.erb +++ /dev/null @@ -1,11 +0,0 @@ -LOG=/var/log/contrail.log -CONFIG=/etc/contrail/agent.conf -prog=/usr/bin/contrail-vrouter-agent -kmod=<%= @kmod_path %> -pname=contrail-vrouter-agent -LIBDIR=/usr/lib64 -VHOST_CFG=/etc/sysconfig/network-scripts/ifcfg-vhost0 -dev=<%= @device %> -vgw_subnet_ip= -vgw_int= -LOGFILE=--log-file=/var/log/contrail/vrouter.log diff --git a/contrail/tests/init.pp b/contrail/tests/init.pp deleted file mode 100644 index b9f714a29..000000000 --- a/contrail/tests/init.pp +++ /dev/null @@ -1 +0,0 @@ -include contrail diff --git a/corosync/.fixtures.yml b/corosync/.fixtures.yml deleted file mode 100644 index 03ea6c47c..000000000 --- a/corosync/.fixtures.yml +++ /dev/null @@ -1,5 +0,0 @@ -fixtures: - repositories: - stdlib: "git://github.com/puppetlabs/puppetlabs-stdlib.git" - symlinks: - corosync: "#{source_dir}" diff --git a/corosync/.gitignore b/corosync/.gitignore deleted file mode 100644 index 3b8846ae8..000000000 --- a/corosync/.gitignore +++ /dev/null @@ -1,4 +0,0 @@ -Gemfile.lock -spec/fixtures -.bundle -pkg diff --git a/corosync/.travis.yml b/corosync/.travis.yml deleted file mode 100644 index 5644cd079..000000000 --- a/corosync/.travis.yml +++ /dev/null @@ -1,33 +0,0 @@ ---- -notifications: - email: false -language: ruby -bundler_args: --without development system_tests -sudo: false -before_install: rm Gemfile.lock || true -script: bundle exec rake test -matrix: - include: - - rvm: 1.8.7 - env: PUPPET_GEM_VERSION="~> 3.0" FACTER_GEM_VERSION="~> 1.7.0" - - rvm: 1.9.3 - env: PUPPET_GEM_VERSION="~> 3.0" - - rvm: 2.0.0 - env: PUPPET_GEM_VERSION="~> 3.0" - - rvm: 2.0.0 - env: PUPPET_GEM_VERSION="~> 3.0" FUTURE_PARSER="yes" - - rvm: 2.1.0 - env: PUPPET_GEM_VERSION="~> 3.0" STRICT_VARIABLES=yes FUTURE_PARSER="yes" - -deploy: - provider: puppetforge - user: puppet - password: - secure: "OKYO+/kY1KB9EH0pB30AU6E2c5SZbNql+Klg+sb1/LMi+ADjyNEzcfTP6aUhnYedKJf5m8rfycc81UPuUeKaR/U/mPwR1R5OKh+S1KL1yzrRdxdpmLWMX14nBFbAZYvSTe/bPbxhngjW84uHRF2zkkSxKStsIzyy2DcTYayaWZ0=" - - on: - tags: true - # all_branches is required to use tags - all_branches: true - # Only publish if our main Ruby target builds - rvm: 1.9.3 diff --git a/corosync/CHANGELOG.md b/corosync/CHANGELOG.md deleted file mode 100644 index e1a6a7742..000000000 --- a/corosync/CHANGELOG.md +++ /dev/null @@ -1,61 +0,0 @@ -##2014-12-2 - Release 0.7.0 -###Summary -This release refactors the main class to use `corosync::params` for defaults and no longer checks global variables for the parameters. It also includes strict variable support, a few other features, and a bugfix for EL platforms. - -####Backwards Incompatible Changes -Class `corosync` no longer uses global varaibles `$::port`, `$::threads`, `$::port`, `$::bind_address`, `$::unicast_addresses`, `$::multicast_address`, or `$::enable_secauth`. These should be passed as parameters to the `corosync` class instead. - -####Features -- Strict variable support -- Add support for spaces in `cs_primitive` parameters -- Add support for multiple operations with the same name -- Add some parameter validation - -####Bugfixes -- Removed `enable corosync` exec for EL platforms - -##2014-07-15 - Release 0.6.0 -###Summary - -This release adds support for the PCS provider. It also updates metadata.json -so the module can be uninstalled and upgraded via the puppet module command. - -####Features -- Add support for PCS provider - -##2014-06-24 - Release 0.5.0 -###Summary - -This module has undergone two years of development, and pretty much every -aspect of it has changed in some regard. I've tried to capture the key -changes below, but you should rely on the README to see how things work -now. - -####Features -- Added a new resource type cs_location. -- Make primitive utilization attributes managable. -- Added symmetrical parameter on cs_order (for ordering). -- Allow ordering of cs_groups. -- Allow to specify rrpmode and ttl. -- Allow to specifiy several rings. -- Permit broadcast. -- Allow more than two primitives per cs_colocation. -- Allow the authkey to be provided as a string. -- Add tests. -- Rework significant amounts of the provider code. - -####Bugfixes -- Delete an existing cib to start fresh -- Only change /etc/defaults for corosync startup on Debian platforms -- Fix templates for Puppet 3.2+. -- Don't complain if cs_primitive doesn't have a utilization parameter. -- Consider within primitive operations. -- Changed osfamily check to include other operating systems. -- Updated node to node_name in cs_location function as 'node' is a reserved -name, this replacement allows cs_location to work correctly. - -##2012-10-14 - Release 0.1.0 -- Added robustness for general corosync management (read the merges) -- Added `cs_group` type -- Added some testing -- Generally tried to get on top of this thing. diff --git a/corosync/Gemfile b/corosync/Gemfile deleted file mode 100644 index ccd7257a7..000000000 --- a/corosync/Gemfile +++ /dev/null @@ -1,22 +0,0 @@ -source 'https://rubygems.org' - -group :development, :unit_tests do - gem 'rake', :require => false - gem 'rspec', '~>3.1.0', :require => false - gem 'rspec-puppet', '~>2.0', :require => false - gem 'puppetlabs_spec_helper', :require => false - gem 'puppet-lint', :require => false - gem "puppet-blacksmith", "> 3.3.0", { "platforms" => ["ruby_19", "ruby_20", "ruby_21"] } -end - -group :system_tests do - gem 'beaker-rspec', :require => false -end - -if puppetversion = ENV['PUPPET_GEM_VERSION'] - gem 'puppet', puppetversion, :require => false -else - gem 'puppet', :require => false -end - -# vim:ft=ruby diff --git a/corosync/LICENSE b/corosync/LICENSE deleted file mode 100644 index 297f85cfa..000000000 --- a/corosync/LICENSE +++ /dev/null @@ -1,201 +0,0 @@ - Apache License - Version 2.0, January 2004 - http://www.apache.org/licenses/ - - TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION - - 1. Definitions. - - "License" shall mean the terms and conditions for use, reproduction, - and distribution as defined by Sections 1 through 9 of this document. - - "Licensor" shall mean the copyright owner or entity authorized by - the copyright owner that is granting the License. - - "Legal Entity" shall mean the union of the acting entity and all - other entities that control, are controlled by, or are under common - control with that entity. For the purposes of this definition, - "control" means (i) the power, direct or indirect, to cause the - direction or management of such entity, whether by contract or - otherwise, or (ii) ownership of fifty percent (50%) or more of the - outstanding shares, or (iii) beneficial ownership of such entity. - - "You" (or "Your") shall mean an individual or Legal Entity - exercising permissions granted by this License. - - "Source" form shall mean the preferred form for making modifications, - including but not limited to software source code, documentation - source, and configuration files. - - "Object" form shall mean any form resulting from mechanical - transformation or translation of a Source form, including but - not limited to compiled object code, generated documentation, - and conversions to other media types. - - "Work" shall mean the work of authorship, whether in Source or - Object form, made available under the License, as indicated by a - copyright notice that is included in or attached to the work - (an example is provided in the Appendix below). - - "Derivative Works" shall mean any work, whether in Source or Object - form, that is based on (or derived from) the Work and for which the - editorial revisions, annotations, elaborations, or other modifications - represent, as a whole, an original work of authorship. For the purposes - of this License, Derivative Works shall not include works that remain - separable from, or merely link (or bind by name) to the interfaces of, - the Work and Derivative Works thereof. - - "Contribution" shall mean any work of authorship, including - the original version of the Work and any modifications or additions - to that Work or Derivative Works thereof, that is intentionally - submitted to Licensor for inclusion in the Work by the copyright owner - or by an individual or Legal Entity authorized to submit on behalf of - the copyright owner. For the purposes of this definition, "submitted" - means any form of electronic, verbal, or written communication sent - to the Licensor or its representatives, including but not limited to - communication on electronic mailing lists, source code control systems, - and issue tracking systems that are managed by, or on behalf of, the - Licensor for the purpose of discussing and improving the Work, but - excluding communication that is conspicuously marked or otherwise - designated in writing by the copyright owner as "Not a Contribution." - - "Contributor" shall mean Licensor and any individual or Legal Entity - on behalf of whom a Contribution has been received by Licensor and - subsequently incorporated within the Work. - - 2. Grant of Copyright License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - copyright license to reproduce, prepare Derivative Works of, - publicly display, publicly perform, sublicense, and distribute the - Work and such Derivative Works in Source or Object form. - - 3. Grant of Patent License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - (except as stated in this section) patent license to make, have made, - use, offer to sell, sell, import, and otherwise transfer the Work, - where such license applies only to those patent claims licensable - by such Contributor that are necessarily infringed by their - Contribution(s) alone or by combination of their Contribution(s) - with the Work to which such Contribution(s) was submitted. If You - institute patent litigation against any entity (including a - cross-claim or counterclaim in a lawsuit) alleging that the Work - or a Contribution incorporated within the Work constitutes direct - or contributory patent infringement, then any patent licenses - granted to You under this License for that Work shall terminate - as of the date such litigation is filed. - - 4. Redistribution. You may reproduce and distribute copies of the - Work or Derivative Works thereof in any medium, with or without - modifications, and in Source or Object form, provided that You - meet the following conditions: - - (a) You must give any other recipients of the Work or - Derivative Works a copy of this License; and - - (b) You must cause any modified files to carry prominent notices - stating that You changed the files; and - - (c) You must retain, in the Source form of any Derivative Works - that You distribute, all copyright, patent, trademark, and - attribution notices from the Source form of the Work, - excluding those notices that do not pertain to any part of - the Derivative Works; and - - (d) If the Work includes a "NOTICE" text file as part of its - distribution, then any Derivative Works that You distribute must - include a readable copy of the attribution notices contained - within such NOTICE file, excluding those notices that do not - pertain to any part of the Derivative Works, in at least one - of the following places: within a NOTICE text file distributed - as part of the Derivative Works; within the Source form or - documentation, if provided along with the Derivative Works; or, - within a display generated by the Derivative Works, if and - wherever such third-party notices normally appear. The contents - of the NOTICE file are for informational purposes only and - do not modify the License. You may add Your own attribution - notices within Derivative Works that You distribute, alongside - or as an addendum to the NOTICE text from the Work, provided - that such additional attribution notices cannot be construed - as modifying the License. - - You may add Your own copyright statement to Your modifications and - may provide additional or different license terms and conditions - for use, reproduction, or distribution of Your modifications, or - for any such Derivative Works as a whole, provided Your use, - reproduction, and distribution of the Work otherwise complies with - the conditions stated in this License. - - 5. Submission of Contributions. Unless You explicitly state otherwise, - any Contribution intentionally submitted for inclusion in the Work - by You to the Licensor shall be under the terms and conditions of - this License, without any additional terms or conditions. - Notwithstanding the above, nothing herein shall supersede or modify - the terms of any separate license agreement you may have executed - with Licensor regarding such Contributions. - - 6. Trademarks. This License does not grant permission to use the trade - names, trademarks, service marks, or product names of the Licensor, - except as required for reasonable and customary use in describing the - origin of the Work and reproducing the content of the NOTICE file. - - 7. Disclaimer of Warranty. Unless required by applicable law or - agreed to in writing, Licensor provides the Work (and each - Contributor provides its Contributions) on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or - implied, including, without limitation, any warranties or conditions - of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A - PARTICULAR PURPOSE. You are solely responsible for determining the - appropriateness of using or redistributing the Work and assume any - risks associated with Your exercise of permissions under this License. - - 8. Limitation of Liability. In no event and under no legal theory, - whether in tort (including negligence), contract, or otherwise, - unless required by applicable law (such as deliberate and grossly - negligent acts) or agreed to in writing, shall any Contributor be - liable to You for damages, including any direct, indirect, special, - incidental, or consequential damages of any character arising as a - result of this License or out of the use or inability to use the - Work (including but not limited to damages for loss of goodwill, - work stoppage, computer failure or malfunction, or any and all - other commercial damages or losses), even if such Contributor - has been advised of the possibility of such damages. - - 9. Accepting Warranty or Additional Liability. While redistributing - the Work or Derivative Works thereof, You may choose to offer, - and charge a fee for, acceptance of support, warranty, indemnity, - or other liability obligations and/or rights consistent with this - License. However, in accepting such obligations, You may act only - on Your own behalf and on Your sole responsibility, not on behalf - of any other Contributor, and only if You agree to indemnify, - defend, and hold each Contributor harmless for any liability - incurred by, or claims asserted against, such Contributor by reason - of your accepting any such warranty or additional liability. - - END OF TERMS AND CONDITIONS - - APPENDIX: How to apply the Apache License to your work. - - To apply the Apache License to your work, attach the following - boilerplate notice, with the fields enclosed by brackets "[]" - replaced with your own identifying information. (Don't include - the brackets!) The text should be enclosed in the appropriate - comment syntax for the file format. We also recommend that a - file or class name and description of purpose be included on the - same "printed page" as the copyright notice for easier - identification within third-party archives. - - Copyright 2013 Puppet Labs - - Licensed under the Apache License, Version 2.0 (the "License"); - you may not use this file except in compliance with the License. - You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - - Unless required by applicable law or agreed to in writing, software - distributed under the License is distributed on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - See the License for the specific language governing permissions and - limitations under the License. diff --git a/corosync/README.md b/corosync/README.md deleted file mode 100644 index dc455acae..000000000 --- a/corosync/README.md +++ /dev/null @@ -1,230 +0,0 @@ -Puppet Community module for Corosync -============================ - -[![Build Status](https://travis-ci.org/puppet-community/puppet-corosync.png?branch=master)](https://travis-ci.org/puppet-community/puppet-community-corosync) - -Corosync is a cluster stack written as a reimplementation of all the core -functionalities required by openais. Meant to provide 100% correct operation -during failures or partitionable networks. - -Most famous for being the cluster stack used by Pacemaker to support n-code -clusters that can respond to node and resource level events. - -Basic usage ------------ - -*To install and configure Corosync* - -```puppet -class { 'corosync': - enable_secauth => true, - authkey => '/var/lib/puppet/ssl/certs/ca.pem', - bind_address => $ipaddress, - multicast_address => '239.1.1.2', -} -``` - -*To enable Pacemaker* - -```puppet -corosync::service { 'pacemaker': - version => '0', -} -``` - -Configuring primitives ------------------------- - -The resources that Corosync will manage can be referred to as a primitive. -These are things like virtual IPs or services like drbd, nginx, and apache. - -*To assign a VIP to a network interface to be used by Nginx* - -```puppet -cs_primitive { 'nginx_vip': - primitive_class => 'ocf', - primitive_type => 'IPaddr2', - provided_by => 'heartbeat', - parameters => { 'ip' => '172.16.210.100', 'cidr_netmask' => '24' }, - operations => { 'monitor' => { 'interval' => '10s' } }, -} -``` - -*Make Corosync manage and monitor the state of Nginx using a custom OCF agent* - -```puppet -cs_primitive { 'nginx_service': - primitive_class => 'ocf', - primitive_type => 'nginx_fixed', - provided_by => 'pacemaker', - operations => { - 'monitor' => { 'interval' => '10s', 'timeout' => '30s' }, - 'start' => { 'interval' => '0', 'timeout' => '30s', 'on-fail' => 'restart' } - }, - require => Cs_primitive['nginx_vip'], -} -``` - -*Make Corosync manage and monitor the state of Apache using a LSB agent* - -```puppet -cs_primitive { 'apache_service': - primitive_class => 'lsb', - primitive_type => 'apache2', - provided_by => 'heartbeat', - operations => { - 'monitor' => { 'interval' => '10s', 'timeout' => '30s' }, - 'start' => { 'interval' => '0', 'timeout' => '30s', 'on-fail' => 'restart' } - }, - require => Cs_primitive['apache2_vip'], -} -``` - -Note: Operations with the same names should be declared as an Array. Example: -```puppet -cs_primitive { 'pgsql_service': - primitive_class => 'ocf', - primitive_type => 'pgsql', - provided_by => 'heartbeat', - operations => { - 'monitor' => [ - { 'interval' => '10s', 'timeout' => '30s' }, - { 'interval' => '5s', 'timeout' => '30s', 'role' => 'Master' }, - ], - 'start' => { 'interval' => '0', 'timeout' => '30s', 'on-fail' => 'restart' } - }, -} -``` - - -Configuring locations ------------------------ - -Locations determine on which nodes primitive resources run. - -```puppet -cs_location { 'nginx_service_location': - primitive => 'nginx_service', - node_name => 'hostname', - score => 'INFINITY' -} -``` -Configuring colocations ------------------------ - -Colocations keep primitives together. Meaning if a vip moves to web02 from web01 -because web01 just hit the dirt it will drag the nginx service with it. - -```puppet -cs_colocation { 'vip_with_service': - primitives => [ 'nginx_vip', 'nginx_service' ], -} -``` - -Configuring migration or state order ------------------------------------- - -Colocation defines that a set of primitives must live together on the same node -but order definitions will define the order of which each primitive is started. If -Nginx is configured to listen only on our vip we definitely want the vip to be -migrated to a new node before nginx comes up or the migration will fail. - -```puppet -cs_order { 'vip_before_service': - first => 'nginx_vip', - second => 'nginx_service', - require => Cs_colocation['vip_with_service'], -} -``` - -Configuring cloned resources ----------------------------- - -Cloned resources should be active on multiple hosts at the same time. You can -clone any existing resource provided the resource agent supports it. - -```puppet -cs_clone { 'nginx_service-clone' : - ensure => present, - primitive => 'nginx_service', - clone_max => 3, - require => Cs_primitive['nginx_service'], -} -``` - -Corosync Properties ------------------- -A few global settings can be changed with the "cs_property" section. - - -Disable STONITH if required. -```puppet -cs_property { 'stonith-enabled' : - value => 'false', -} -``` - -Change quorum policy -``` -cs_property { 'no-quorum-policy' : - value => 'ignore', -} -``` - -Resource defaults ------------------ -A few global settings can be changed with the "cs_rsc_defaults" section. - -Don't move resources. -```puppet -cs_rsc_defaults { 'resource-stickiness' : - value => 'INFINITY', -} -``` - -Dependencies ------------- - -Tested and built on Debian 6 using backports so version 1.4.2 of Corosync is validated -to function. - -Notes ------ - -This module doesn't abstract away everything about managing Corosync but makes setup -and automation easier. Things that are currently outstanding... - - * Needs a lot more tests. - * There is already a handful of bugs that need to be worked out. - * Plus a other things since Corosync and Pacemaker do a lot. - -We suggest you at least go read the [Clusters from Scratch](http://www.clusterlabs.org/doc/en-US/Pacemaker/1.1/html-single/Clusters_from_Scratch) document -from Cluster Labs. It will help you out a lot when understanding how all the pieces -fall together a point you in the right direction when Corosync fails unexpectedly. - -A simple but complete manifest example can be found on [Cody Herriges' Github](https://github.com/ody/ha-demo), plus -there are more incomplete examples spread across the [Puppet Labs Github](https://github.com/puppetlabs). - -Contributors ------------- - - * [See Github](https://github.com/puppet-community/puppet-community-corosync/graphs/contributors) - -Copyright and License ---------------------- - -Copyright (C) 2012 [Puppet Labs](https://www.puppetlabs.com/) Inc - -Puppet Labs can be contacted at: info@puppetlabs.com - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. diff --git a/corosync/Rakefile b/corosync/Rakefile deleted file mode 100644 index f67eeb728..000000000 --- a/corosync/Rakefile +++ /dev/null @@ -1,77 +0,0 @@ -# Copyright 2014 Puppet Community -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -require 'puppetlabs_spec_helper/rake_tasks' -require 'puppet-lint/tasks/puppet-lint' -require 'puppet-syntax/tasks/puppet-syntax' - -# These two gems aren't always present, for instance -# on Travis with --without development -begin - require 'puppet_blacksmith/rake_tasks' -rescue LoadError -end - -PuppetLint.configuration.relative = true -PuppetLint.configuration.send("disable_80chars") -PuppetLint.configuration.log_format = "%{path}:%{linenumber}:%{check}:%{KIND}:%{message}" -PuppetLint.configuration.fail_on_warnings = true - -# Forsake support for Puppet 2.6.2 for the benefit of cleaner code. -# http://puppet-lint.com/checks/class_parameter_defaults/ -PuppetLint.configuration.send('disable_class_parameter_defaults') -# http://puppet-lint.com/checks/class_inherits_from_params_class/ -PuppetLint.configuration.send('disable_class_inherits_from_params_class') - -exclude_paths = [ - "pkg/**/*", - "vendor/**/*", - "spec/**/*", -] -PuppetLint.configuration.ignore_paths = exclude_paths -PuppetSyntax.exclude_paths = exclude_paths - -desc "Run acceptance tests" -RSpec::Core::RakeTask.new(:acceptance) do |t| - t.pattern = 'spec/acceptance' -end - -desc "Run syntax, lint, and spec tests." -task :test => [ - :syntax, - :lint, - :spec, -] - -if RUBY_VERSION >= "1.9.0" then - Blacksmith::RakeTask.new do |t| - t.build = false # do not build the module nor push it to the Forge - # just do the tagging [:clean, :tag, :bump_commit] - end - - - desc "Offload release process to Travis." - task :travis_release => [ - :check_changelog, # check that the changelog contains an entry for the current release - :"module:release", # do everything except build / push to forge, travis will do that for us - ] - - desc "Check Changelog." - task :check_changelog do - v = Blacksmith::Modulefile.new.version - if File.readlines('CHANGELOG.md').grep("Releasing #{v}").size == 0 then - fail "Unable to find a CHANGELOG.md entry for the #{v} release." - end - end -end diff --git a/corosync/lib/puppet/provider/crmsh.rb b/corosync/lib/puppet/provider/crmsh.rb deleted file mode 100644 index 4dd1c74ca..000000000 --- a/corosync/lib/puppet/provider/crmsh.rb +++ /dev/null @@ -1,57 +0,0 @@ -class Puppet::Provider::Crmsh < Puppet::Provider - - # Yep, that's right we are parsing XML...FUN! (It really wasn't that bad) - require 'rexml/document' - - initvars - commands :crm_attribute => 'crm_attribute' - - # Corosync takes a while to build the initial CIB configuration once the - # service is started for the first time. This provides us a way to wait - # until we're up so we can make changes that don't disappear in to a black - # hole. - @@crmready = nil - def self.ready? - return true if @@crmready - cmd = [ command(:crm_attribute), '--type', 'crm_config', '--query', '--name', 'dc-version' ] - if Puppet::PUPPETVERSION.to_f < 3.4 - raw, status = Puppet::Util::SUIDManager.run_and_capture(cmd) - else - raw = Puppet::Util::Execution.execute(cmd, :failonfail => false) - status = raw.exitstatus - end - if status == 0 - @@crmready = true - # Sleeping a spare two since it seems that dc-version is returning before - # It is really ready to take config changes, but it is close enough. - # Probably need to find a better way to check for readiness. - sleep 2 - return true - else - return false - end - end - - def self.block_until_ready(timeout = 120) - Timeout::timeout(timeout) do - until ready? - debug('Corosync not ready, retrying') - sleep 2 - end - end - end - - def self.prefetch(resources) - instances.each do |prov| - if res = resources[prov.name.to_s] - res.provider = prov - end - end - end - - def exists? - self.class.block_until_ready - debug(@property_hash.inspect) - !(@property_hash[:ensure] == :absent or @property_hash.empty?) - end -end diff --git a/corosync/lib/puppet/provider/cs_clone/crm.rb b/corosync/lib/puppet/provider/cs_clone/crm.rb deleted file mode 100644 index bd5efdcc8..000000000 --- a/corosync/lib/puppet/provider/cs_clone/crm.rb +++ /dev/null @@ -1,197 +0,0 @@ -require 'pathname' -require Pathname.new(__FILE__).dirname.dirname.expand_path + 'crmsh' - -Puppet::Type.type(:cs_clone).provide(:crm, :parent => Puppet::Provider::Crmsh) do - desc 'Provider to add, delete, manipulate primitive clones.' - - # Path to the crm binary for interacting with the cluster configuration. - # Decided to just go with relative. - commands :crm => 'crm' - commands :crm_attribute => 'crm_attribute' - - # given an XML element containing some s, return a hash. Return an - # empty hash if `e` is nil. - def self.nvpairs_to_hash(e) - return {} if e.nil? - - hash = {} - e.each_element do |i| - hash[(i.attributes['name'])] = i.attributes['value'].strip - end - - hash - end - - def self.instances - - block_until_ready - - instances = [] - - cmd = [ command(:crm), 'configure', 'show', 'xml' ] - if Puppet::PUPPETVERSION.to_f < 3.4 - raw, status = Puppet::Util::SUIDManager.run_and_capture(cmd) - else - raw = Puppet::Util::Execution.execute(cmd) - status = raw.exitstatus - end - doc = REXML::Document.new(raw) - - doc.root.elements['configuration'].elements['resources'].each_element('clone') do |e| - primitive_id = e.elements['primitive'].attributes['id'] - items = nvpairs_to_hash(e.elements['meta_attributes']) - - clone_instance = { - :name => e.attributes['id'], - :ensure => :present, - :primitive => primitive_id, - :clone_max => items['clone-max'], - :clone_node_max => items['clone-node-max'], - :notify_clones => items['notify'], - :globally_unique => items['globally-unique'], - :ordered => items['ordered'], - :interleave => items['interleave'], - :existing_resource => :true, - } - instances << new(clone_instance) - end - instances - end - - # Create just adds our resource to the property_hash and flush will take care - # of actually doing the work. - def create - @property_hash = { - :name => @resource[:name], - :ensure => :present, - :primitive => @resource[:primitive], - :clone_max => @resource[:clone_max], - :clone_node_max => @resource[:clone_node_max], - :notify_clones => @resource[:notify_clones], - :globally_unique => @resource[:globally_unique], - :ordered => @resource[:ordered], - :interleave => @resource[:interleave], - :cib => @resource[:cib], - :existing_resource => :false, - } - end - - # Unlike create we actually immediately delete the item. - def destroy - debug('Removing clone') - crm('configure', 'delete', @resource[:name]) - @property_hash.clear - end - # - # Getter that obtains the our service that should have been populated by - # prefetch or instances (depends on if your using puppet resource or not). - def primitive - @property_hash[:primitive] - end - - # Getter that obtains the our clone_max that should have been populated by - # prefetch or instances (depends on if your using puppet resource or not). - def clone_max - @property_hash[:clone_max] - end - - def clone_node_max - @property_hash[:clone_node_max] - end - - def notify_clones - @property_hash[:notify_clones] - end - - def globally_unique - @property_hash[:globally_unique] - end - - def ordered - @property_hash[:ordered] - end - - def interleave - @property_hash[:interleave] - end - - # Our setters. Setters are used when the - # resource already exists so we just update the current value in the property - # hash and doing this marks it to be flushed. - - def primitive=(should) - @property_hash[:primitive] = should - end - - def clone_max=(should) - @property_hash[:clone_max] = should - end - - def clone_node_max=(should) - @property_hash[:clone_node_max] = should - end - - def notify_clones=(should) - @property_hash[:notify_clones] = should - end - - def globally_unique=(should) - @property_hash[:globally_unique] = should - end - - def ordered=(should) - @property_hash[:ordered] = should - end - - def interleave=(should) - @property_hash[:interleave] = should - end - - # Flush is triggered on anything that has been detected as being - # modified in the property_hash. It generates a temporary file with - # the updates that need to be made. The temporary file is then used - # as stdin for the crm command. - def flush - unless @property_hash.empty? - if @property_hash[:existing_resource] == :false - debug ('Creating clone resource') - updated = "clone " - updated << "#{@property_hash[:name]} " - updated << "#{@property_hash[:primitive]} " - meta = "" - meta << "clone-max=#{@property_hash[:clone_max]} " if @property_hash[:clone_max] - meta << "clone-node-max=#{@property_hash[:clone_node_max]} " if @property_hash[:clone_node_max] - meta << "notify=#{@property_hash[:notify_clones]} " if @property_hash[:notify_clones] - meta << "globally-unique=#{@property_hash[:globally_unique]} " if @property_hash[:globally_unique] - meta << "ordered=#{@property_hash[:ordered]} " if @property_hash[:ordered] - meta << "interleave=#{@property_hash[:interleave]}" if @property_hash[:interleave] - updated << "meta " << meta if not meta.empty? - Tempfile.open('puppet_crm_update') do |tmpfile| - tmpfile.write(updated) - tmpfile.flush - ENV["CIB_shadow"] = @resource[:cib] - crm('configure', 'load', 'update', tmpfile.path.to_s) - end - else - debug ('Updating clone resource') - updated = "resource meta " - updated << "#{@property_hash[:name]} " - meta = "set " - meta << "clone-max=#{@property_hash[:clone_max]} " if @property_hash[:clone_max] - meta << "clone-node-max=#{@property_hash[:clone_node_max]} " if @property_hash[:clone_node_max] - meta << "notify=#{@property_hash[:notify_clones]} " if @property_hash[:notify_clones] - meta << "globally-unique=#{@property_hash[:globally_unique]} " if @property_hash[:globally_unique] - meta << "ordered=#{@property_hash[:ordered]} " if @property_hash[:ordered] - meta << "interleave=#{@property_hash[:interleave]}" if @property_hash[:interleave] - updated << meta if not meta.empty? - Tempfile.open('puppet_crm_update') do |tmpfile| - tmpfile.write(updated) - tmpfile.flush - ENV["CIB_shadow"] = @resource[:cib] - crm('configure', 'load', 'update', tmpfile.path.to_s) - end - end - end - end -end - diff --git a/corosync/lib/puppet/provider/cs_clone/pcs.rb b/corosync/lib/puppet/provider/cs_clone/pcs.rb deleted file mode 100644 index dd25eca52..000000000 --- a/corosync/lib/puppet/provider/cs_clone/pcs.rb +++ /dev/null @@ -1,182 +0,0 @@ -require 'pathname' -require Pathname.new(__FILE__).dirname.dirname.expand_path + 'pacemaker' - -Puppet::Type.type(:cs_clone).provide(:pcs, :parent => Puppet::Provider::Pacemaker) do - desc 'Provider to add, delete, manipulate primitive clones.' - - commands :pcs => 'pcs' - - defaultfor :operatingsystem => [:fedora, :centos, :redhat] - - # given an XML element containing some s, return a hash. Return an - # empty hash if `e` is nil. - def self.nvpairs_to_hash(e) - return {} if e.nil? - - hash = {} - e.each_element do |i| - hash[(i.attributes['name'])] = i.attributes['value'].strip - end - - hash - end - - def self.instances - - block_until_ready - - instances = [] - - cmd = [ command(:pcs), 'cluster', 'cib' ] - raw, status = run_pcs_command(cmd) - doc = REXML::Document.new(raw) - - doc.root.elements['configuration'].elements['resources'].each_element('clone') do |e| - primitive_id = e.elements['primitive'].attributes['id'] - items = nvpairs_to_hash(e.elements['meta_attributes']) - - clone_instance = { - :name => e.attributes['id'], - :ensure => :present, - :primitive => primitive_id, - :clone_max => items['clone-max'], - :clone_node_max => items['clone-node-max'], - :notify_clones => items['notify'], - :globally_unique => items['globally-unique'], - :ordered => items['ordered'], - :interleave => items['interleave'], - :existing_resource => :true, - } - instances << new(clone_instance) - end - instances - end - - # Create just adds our resource to the property_hash and flush will take care - # of actually doing the work. - def create - @property_hash = { - :name => @resource[:primitive]+'-clone', - :ensure => :present, - :primitive => @resource[:primitive], - :clone_max => @resource[:clone_max], - :clone_node_max => @resource[:clone_node_max], - :notify_clones => @resource[:notify_clones], - :globally_unique => @resource[:globally_unique], - :ordered => @resource[:ordered], - :interleave => @resource[:interleave], - :cib => @resource[:cib], - :existing_resource => :false, - } - end - - # Unlike create we actually immediately delete the item. - def destroy - debug('Removing clone') - Puppet::Provider::Pacemaker::run_pcs_command([command(:pcs), 'resource', 'unclone', @resource[:name]]) - @property_hash.clear - end - # - # Getter that obtains the our service that should have been populated by - # prefetch or instances (depends on if your using puppet resource or not). - def primitive - @property_hash[:primitive] - end - - # Getter that obtains the our clone_max that should have been populated by - # prefetch or instances (depends on if your using puppet resource or not). - def clone_max - @property_hash[:clone_max] - end - - def clone_node_max - @property_hash[:clone_node_max] - end - - def notify_clones - @property_hash[:notify_clones] - end - - def globally_unique - @property_hash[:globally_unique] - end - - def ordered - @property_hash[:ordered] - end - - def interleave - @property_hash[:interleave] - end - - # Our setters. Setters are used when the - # resource already exists so we just update the current value in the property - # hash and doing this marks it to be flushed. - - def primitive=(should) - @property_hash[:primitive] = should - end - - def clone_max=(should) - @property_hash[:clone_max] = should - end - - def clone_node_max=(should) - @property_hash[:clone_node_max] = should - end - - def notify_clones=(should) - @property_hash[:notify_clones] = should - end - - def globally_unique=(should) - @property_hash[:globally_unique] = should - end - - def ordered=(should) - @property_hash[:ordered] = should - end - - def interleave=(should) - @property_hash[:interleave] = should - end - - def exists? - @property_hash[:existing_resource] == :true - end - - # Flush is triggered on anything that has been detected as being - # modified in the property_hash. It generates a temporary file with - # the updates that need to be made. The temporary file is then used - # as stdin for the crm command. - def flush - unless @property_hash.empty? - if @property_hash[:existing_resource] == :false - debug ('Creating clone resource') - cmd = [ command(:pcs), 'resource', 'clone', "#{@property_hash[:primitive]}" ] - cmd << "clone-max=#{@property_hash[:clone_max]}" if @property_hash[:clone_max] - cmd << "clone-node-max=#{@property_hash[:clone_node_max]}" if @property_hash[:clone_node_max] - cmd << "notify=#{@property_hash[:notify_clones]}" if @property_hash[:notify_clones] - cmd << "globally-unique=#{@property_hash[:globally_unique]}" if @property_hash[:globally_unique] - cmd << "ordered=#{@property_hash[:ordered]}" if @property_hash[:ordered] - cmd << "interleave=#{@property_hash[:interleave]}" if @property_hash[:interleave] - raw, status = Puppet::Provider::Pacemaker::run_pcs_command(cmd) - else - debug ('Updating clone resource') - # pcs versions earlier than 0.9.116 do not allow updating a cloned - # resource. Being conservative, we will unclone then create a new clone - # with the new parameters. - Puppet::Provider::Pacemaker::run_pcs_command([command(:pcs), 'resource', 'unclone', @resource[:primitive]]) - cmd = [ command(:pcs), 'resource', 'clone', "#{@property_hash[:primitive]}" ] - cmd << "clone-max=#{@property_hash[:clone_max]}" if @property_hash[:clone_max] - cmd << "clone-node-max=#{@property_hash[:clone_node_max]}" if @property_hash[:clone_node_max] - cmd << "notify=#{@property_hash[:notify_clones]}" if @property_hash[:notify_clones] - cmd << "globally-unique=#{@property_hash[:globally_unique]}" if @property_hash[:globally_unique] - cmd << "ordered=#{@property_hash[:ordered]}" if @property_hash[:ordered] - cmd << "interleave=#{@property_hash[:interleave]}" if @property_hash[:interleave] - raw, status = Puppet::Provider::Pacemaker::run_pcs_command(cmd) - end - end - end -end - diff --git a/corosync/lib/puppet/provider/cs_colocation/crm.rb b/corosync/lib/puppet/provider/cs_colocation/crm.rb deleted file mode 100644 index 42f8c6544..000000000 --- a/corosync/lib/puppet/provider/cs_colocation/crm.rb +++ /dev/null @@ -1,164 +0,0 @@ -require 'pathname' -require Pathname.new(__FILE__).dirname.dirname.expand_path + 'crmsh' - -Puppet::Type.type(:cs_colocation).provide(:crm, :parent => Puppet::Provider::Crmsh) do - desc 'Specific provider for a rather specific type since I currently have no plan to - abstract corosync/pacemaker vs. keepalived. This provider will check the state - of current primitive colocations on the system; add, delete, or adjust various - aspects.' - - # Path to the crm binary for interacting with the cluster configuration. - # Decided to just go with relative. - commands :crm => 'crm' - - def self.instances - - block_until_ready - - instances = [] - - cmd = [ command(:crm), 'configure', 'show', 'xml' ] - if Puppet::PUPPETVERSION.to_f < 3.4 - raw, status = Puppet::Util::SUIDManager.run_and_capture(cmd) - else - raw = Puppet::Util::Execution.execute(cmd) - status = raw.exitstatus - end - doc = REXML::Document.new(raw) - - doc.root.elements['configuration'].elements['constraints'].each_element('rsc_colocation') do |e| - rscs = [] - items = e.attributes - - if items['rsc'] - # The colocation is defined as a single rsc_colocation element. This means - # the format is rsc and with-rsc. In the type we chose to always deal with - # ordering in a sequential way, which is why we reverse their order. - if items['rsc-role'] - rsc = "#{items['rsc']}:#{items['rsc-role']}" - else - rsc = items['rsc'] - end - - if items ['with-rsc-role'] - with_rsc = "#{items['with-rsc']}:#{items['with-rsc-role']}" - else - with_rsc = items['with-rsc'] - end - - # Put primitives in chronological order, first 'with-rsc', then 'rsc'. - primitives = [with_rsc , rsc] - else - # The colocation is defined as a rsc_colocation element wrapped around a single resource_set. - # This happens automatically when you configure a colocation between more than 2 primitives. - # Notice, we can only interpret colocations of single sets, not multiple sets combined. - # In Pacemaker speak, this means we can support "A B C" but not e.g. "A B (C D) E". - # Feel free to contribute a patch for this. - e.each_element('resource_set') do |rset| - rsetitems = rset.attributes - - # If the resource set has a role, it will apply to all referenced resources. - if rsetitems['role'] - rsetrole = rsetitems['role'] - else - rsetrole = nil - end - - # Add all referenced resources to the primitives array. - primitives = [] - rset.each_element('resource_ref') do |rref| - rrefitems = rref.attributes - if rsetrole - # Make sure the reference is stripped from a possible role - rrefprimitive = rrefitems['id'].split(':')[0] - # Always reuse the resource set role - primitives.push("#{rrefprimitive}:#{rsetrole}") - else - # No resource_set role was set: just push the complete reference. - primitives.push(rrefitems['id']) - end - end - end - end - - colocation_instance = { - :name => items['id'], - :ensure => :present, - :primitives => primitives, - :score => items['score'], - :provider => self.name - } - instances << new(colocation_instance) - end - instances - end - - # Create just adds our resource to the property_hash and flush will take care - # of actually doing the work. - def create - @property_hash = { - :name => @resource[:name], - :ensure => :present, - :primitives => @resource[:primitives], - :score => @resource[:score], - :cib => @resource[:cib], - } - end - - # Unlike create we actually immediately delete the item. - def destroy - debug('Removing colocation') - crm('configure', 'delete', @resource[:name]) - @property_hash.clear - end - - # Getter that obtains the primitives array for us that should have - # been populated by prefetch or instances (depends on if your using - # puppet resource or not). - def primitives - @property_hash[:primitives] - end - - # Getter that obtains the our score that should have been populated by - # prefetch or instances (depends on if your using puppet resource or not). - def score - @property_hash[:score] - end - - # Our setters for the primitives array and score. Setters are used when the - # resource already exists so we just update the current value in the property - # hash and doing this marks it to be flushed. - def primitives=(should) - @property_hash[:primitives] = should - end - - def score=(should) - @property_hash[:score] = should - end - - # Flush is triggered on anything that has been detected as being - # modified in the property_hash. It generates a temporary file with - # the updates that need to be made. The temporary file is then used - # as stdin for the crm command. - def flush - unless @property_hash.empty? - if @property_hash[:primitives].count == 2 - then - # crm configure colocation works backwards when exactly 2 primitives are - # defined. This is different from how >2 primitives are colocated, so to - # fix this the primitives are reversed. - primitives = @property_hash[:primitives].reverse - else - primitives = @property_hash[:primitives] - end - updated = "colocation " - updated << "#{@property_hash[:name]} #{@property_hash[:score]}: #{primitives.join(' ')}" - Tempfile.open('puppet_crm_update') do |tmpfile| - tmpfile.write(updated) - tmpfile.flush - ENV["CIB_shadow"] = @resource[:cib] - crm('configure', 'load', 'update', tmpfile.path.to_s) - end - end - end -end diff --git a/corosync/lib/puppet/provider/cs_colocation/pcs.rb b/corosync/lib/puppet/provider/cs_colocation/pcs.rb deleted file mode 100644 index 24b8da5d2..000000000 --- a/corosync/lib/puppet/provider/cs_colocation/pcs.rb +++ /dev/null @@ -1,143 +0,0 @@ -require 'pathname' -require Pathname.new(__FILE__).dirname.dirname.expand_path + 'pacemaker' - -Puppet::Type.type(:cs_colocation).provide(:pcs, :parent => Puppet::Provider::Pacemaker) do - desc 'Specific provider for a rather specific type since I currently have no plan to - abstract corosync/pacemaker vs. keepalived. This provider will check the state - of current primitive colocations on the system; add, delete, or adjust various - aspects.' - - defaultfor :operatingsystem => [:fedora, :centos, :redhat] - - commands :pcs => 'pcs' - - def self.instances - - block_until_ready - - instances = [] - - cmd = [ command(:pcs), 'cluster', 'cib' ] - raw, status = run_pcs_command(cmd) - doc = REXML::Document.new(raw) - - doc.root.elements['configuration'].elements['constraints'].each_element('rsc_colocation') do |e| - items = e.attributes - - if items['rsc-role'] and items['rsc-role'] != "Started" - rsc = "#{items['rsc']}:#{items['rsc-role']}" - else - rsc = items['rsc'] - end - - if items ['with-rsc-role'] and items['with-rsc-role'] != "Started" - with_rsc = "#{items['with-rsc']}:#{items['with-rsc-role']}" - else - with_rsc = items['with-rsc'] - end - - # Sorting the array of primitives because order doesn't matter so someone - # switching the order around shouldn't generate an event. - colocation_instance = { - :name => items['id'], - :ensure => :present, - :primitives => [rsc, with_rsc].sort, - :score => items['score'], - :provider => self.name, - :new => false - } - instances << new(colocation_instance) - end - instances - end - - # Create just adds our resource to the property_hash and flush will take care - # of actually doing the work. - def create - @property_hash = { - :name => @resource[:name], - :ensure => :present, - :primitives => @resource[:primitives], - :score => @resource[:score], - :cib => @resource[:cib], - :new => true - } - end - - # Unlike create we actually immediately delete the item. - def destroy - debug('Removing colocation') - cmd=[ command(:pcs), 'constraint', 'remove', @resource[:name]] - Puppet::Provider::Pacemaker::run_pcs_command(cmd) - @property_hash.clear - end - - # Getter that obtains the primitives array for us that should have - # been populated by prefetch or instances (depends on if your using - # puppet resource or not). - def primitives - @property_hash[:primitives] - end - - # Getter that obtains the our score that should have been populated by - # prefetch or instances (depends on if your using puppet resource or not). - def score - @property_hash[:score] - end - - # Our setters for the primitives array and score. Setters are used when the - # resource already exists so we just update the current value in the property - # hash and doing this marks it to be flushed. - def primitives=(should) - @property_hash[:primitives] = should.sort - end - - def score=(should) - @property_hash[:score] = should - end - - # Flush is triggered on anything that has been detected as being - # modified in the property_hash. It generates a temporary file with - # the updates that need to be made. The temporary file is then used - # as stdin for the pcs command. - def flush - unless @property_hash.empty? - if @property_hash[:new] == false - debug('Removing colocation') - cmd=[ command(:pcs), 'constraint', 'remove', @resource[:name]] - Puppet::Provider::Pacemaker::run_pcs_command(cmd) - end - - cmd = [ command(:pcs), 'constraint', 'colocation' ] - cmd << "add" - rsc = @property_hash[:primitives].pop - if rsc.include? ':' - items = rsc.split[':'] - if items[1] == 'Master' - cmd << 'master' - elsif items[1] == 'Slave' - cmd << 'slave' - end - cmd << items[0] - else - cmd << rsc - end - cmd << 'with' - rsc = @property_hash[:primitives].pop - if rsc.include? ':' - items = rsc.split(':') - if items[1] == 'Master' - cmd << 'master' - elsif items[1] == 'Slave' - cmd << 'slave' - end - cmd << items[0] - else - cmd << rsc - end - cmd << @property_hash[:score] - cmd << "id=#{@property_hash[:name]}" - raw, status = Puppet::Provider::Pacemaker::run_pcs_command(cmd) - end - end -end diff --git a/corosync/lib/puppet/provider/cs_commit/crm.rb b/corosync/lib/puppet/provider/cs_commit/crm.rb deleted file mode 100644 index 7200c76fd..000000000 --- a/corosync/lib/puppet/provider/cs_commit/crm.rb +++ /dev/null @@ -1,15 +0,0 @@ -require 'pathname' -require Pathname.new(__FILE__).dirname.dirname.expand_path + 'crmsh' - -Puppet::Type.type(:cs_commit).provide(:crm, :parent => Puppet::Provider::Crmsh) do - commands :crm => 'crm' - - def self.instances - block_until_ready - [] - end - - def sync(cib) - crm('cib', 'commit', cib) - end -end diff --git a/corosync/lib/puppet/provider/cs_commit/pcs.rb b/corosync/lib/puppet/provider/cs_commit/pcs.rb deleted file mode 100644 index 58936ddd2..000000000 --- a/corosync/lib/puppet/provider/cs_commit/pcs.rb +++ /dev/null @@ -1,15 +0,0 @@ -require 'pathname' -require Pathname.new(__FILE__).dirname.dirname.expand_path + 'pacemaker' - -Puppet::Type.type(:cs_commit).provide(:pcs, :parent => Puppet::Provider::Pacemaker) do - commands :crm_shadow => 'crm_shadow' - - def self.instances - block_until_ready - [] - end - - def sync(cib) - crm_shadow('--commit', cib) - end -end diff --git a/corosync/lib/puppet/provider/cs_group/crm.rb b/corosync/lib/puppet/provider/cs_group/crm.rb deleted file mode 100644 index fde4b135a..000000000 --- a/corosync/lib/puppet/provider/cs_group/crm.rb +++ /dev/null @@ -1,100 +0,0 @@ -require 'pathname' -require Pathname.new(__FILE__).dirname.dirname.expand_path + 'crmsh' - -Puppet::Type.type(:cs_group).provide(:crm, :parent => Puppet::Provider::Crmsh) do - desc 'Provider to add, delete, manipulate primitive groups.' - - # Path to the crm binary for interacting with the cluster configuration. - commands :crm => '/usr/sbin/crm' - - def self.instances - - block_until_ready - - instances = [] - - cmd = [ command(:crm), 'configure', 'show', 'xml' ] - if Puppet::PUPPETVERSION.to_f < 3.4 - raw, status = Puppet::Util::SUIDManager.run_and_capture(cmd) - else - raw = Puppet::Util::Execution.execute(cmd) - status = raw.exitstatus - end - doc = REXML::Document.new(raw) - - REXML::XPath.each(doc, '//group') do |e| - - items = e.attributes - group = { :name => items['id'].to_sym } - - primitives = [] - - if ! e.elements['primitive'].nil? - e.each_element do |p| - primitives << p.attributes['id'] - end - end - - group_instance = { - :name => group[:name], - :ensure => :present, - :primitives => primitives, - :provider => self.name - } - instances << new(group_instance) - end - instances - end - - # Create just adds our resource to the property_hash and flush will take care - # of actually doing the work. - def create - @property_hash = { - :name => @resource[:name], - :ensure => :present, - :primitives => @resource[:primitives] - } - @property_hash[:cib] = @resource[:cib] if ! @resource[:cib].nil? - end - - # Unlike create we actually immediately delete the item but first, like primitives, - # we need to stop the group. - def destroy - debug('Stopping group before removing it') - crm('resource', 'stop', @resource[:name]) - debug('Revmoving group') - crm('configure', 'delete', @resource[:name]) - @property_hash.clear - end - - # Getter that obtains the primitives array for us that should have - # been populated by prefetch or instances (depends on if your using - # puppet resource or not). - def primitives - @property_hash[:primitives] - end - - # Our setters for the primitives array and score. Setters are used when the - # resource already exists so we just update the current value in the property - # hash and doing this marks it to be flushed. - def primitives=(should) - @property_hash[:primitives] = should.sort - end - - # Flush is triggered on anything that has been detected as being - # modified in the property_hash. It generates a temporary file with - # the updates that need to be made. The temporary file is then used - # as stdin for the crm command. - def flush - unless @property_hash.empty? - updated = 'group ' - updated << "#{@property_hash[:name]} #{@property_hash[:primitives].join(' ')}" - Tempfile.open('puppet_crm_update') do |tmpfile| - tmpfile.write(updated) - tmpfile.flush - ENV['CIB_shadow'] = @resource[:cib] - crm('configure', 'load', 'update', tmpfile.path.to_s) - end - end - end -end diff --git a/corosync/lib/puppet/provider/cs_group/pcs.rb b/corosync/lib/puppet/provider/cs_group/pcs.rb deleted file mode 100644 index 87fdfbadf..000000000 --- a/corosync/lib/puppet/provider/cs_group/pcs.rb +++ /dev/null @@ -1,100 +0,0 @@ -require 'pathname' -require Pathname.new(__FILE__).dirname.dirname.expand_path + 'pacemaker' - -Puppet::Type.type(:cs_group).provide(:pcs, :parent => Puppet::Provider::Pacemaker) do - desc 'Provider to add, delete, manipulate primitive groups.' - - defaultfor :operatingsystem => [:fedora, :centos, :redhat] - - # Path to the pcs binary for interacting with the cluster configuration. - commands :pcs => '/usr/sbin/pcs' - - def self.instances - - block_until_ready - - instances = [] - - cmd = [ command(:pcs), 'cluster', 'cib' ] - raw, status = run_pcs_command(cmd) - doc = REXML::Document.new(raw) - - REXML::XPath.each(doc, '//group') do |e| - - items = e.attributes - group = { :name => items['id'].to_sym } - - primitives = [] - - if ! e.elements['primitive'].nil? - e.each_element do |p| - primitives << p.attributes['id'] - end - end - - group_instance = { - :name => group[:name], - :ensure => :present, - :primitives => primitives, - :provider => self.name, - :new => false - } - instances << new(group_instance) - end - instances - end - - # Create just adds our resource to the property_hash and flush will take care - # of actually doing the work. - def create - @property_hash = { - :name => @resource[:name], - :ensure => :present, - :primitives => @resource[:primitives], - :new => true - } - @property_hash[:cib] = @resource[:cib] if ! @resource[:cib].nil? - end - - # Unlike create we actually immediately delete the item but first, like primitives, - # we need to stop the group. - def destroy - debug('Removing group') - Puppet::Provider::Pacemaker::run_pcs_command([command(:pcs), 'resource', 'ungroup', @property_hash[:name]]) - @property_hash.clear - end - - # Getter that obtains the primitives array for us that should have - # been populated by prefetch or instances (depends on if your using - # puppet resource or not). - def primitives - @property_hash[:primitives] - end - - # Our setters for the primitives array and score. Setters are used when the - # resource already exists so we just update the current value in the property - # hash and doing this marks it to be flushed. - def primitives=(should) - @property_hash[:primitives] = should - end - - # Flush is triggered on anything that has been detected as being - # modified in the property_hash. It generates a temporary file with - # the updates that need to be made. The temporary file is then used - # as stdin for the pcs command. - def flush - unless @property_hash.empty? - - ENV['CIB_shadow'] = @resource[:cib] - - if @property_hash[:new] == false - debug('Removing group') - Puppet::Provider::Pacemaker::run_pcs_command([command(:pcs), 'resource', 'ungroup', @property_hash[:name]]) - end - - cmd = [ command(:pcs), 'resource', 'group', 'add', "#{@property_hash[:name]}" ] - cmd += @property_hash[:primitives] - raw, status = Puppet::Provider::Pacemaker::run_pcs_command(cmd) - end - end -end diff --git a/corosync/lib/puppet/provider/cs_location/crm.rb b/corosync/lib/puppet/provider/cs_location/crm.rb deleted file mode 100644 index 8f6d53d08..000000000 --- a/corosync/lib/puppet/provider/cs_location/crm.rb +++ /dev/null @@ -1,115 +0,0 @@ -require 'pathname' -require Pathname.new(__FILE__).dirname.dirname.expand_path + 'crmsh' - -Puppet::Type.type(:cs_location).provide(:crm, :parent => Puppet::Provider::Crmsh) do - desc 'Specific provider for a rather specific type since I currently have no plan to - abstract corosync/pacemaker vs. keepalived. This provider will check the state - of current primitive locations on the system; add, delete, or adjust various - aspects.' - - # Path to the crm binary for interacting with the cluster configuration. - # Decided to just go with relative. - commands :crm => 'crm' - - def self.instances - - block_until_ready - - instances = [] - - cmd = [ command(:crm), 'configure', 'show', 'xml' ] - if Puppet::PUPPETVERSION.to_f < 3.4 - raw, status = Puppet::Util::SUIDManager.run_and_capture(cmd) - else - raw = Puppet::Util::Execution.execute(cmd) - status = raw.exitstatus - end - doc = REXML::Document.new(raw) - - doc.root.elements['configuration'].elements['constraints'].each_element('rsc_location') do |e| - items = e.attributes - - location_instance = { - :name => items['id'], - :ensure => :present, - :primitive => items['rsc'], - :node_name => items['node'], - :score => items['score'], - :provider => self.name - } - instances << new(location_instance) - end - instances - end - - # Create just adds our resource to the property_hash and flush will take care - # of actually doing the work. - def create - @property_hash = { - :name => @resource[:name], - :ensure => :present, - :primitive => @resource[:primitive], - :node_name => @resource[:node_name], - :score => @resource[:score], - :cib => @resource[:cib], - } - end - - # Unlike create we actually immediately delete the item. - def destroy - debug('Revmoving location') - crm('configure', 'delete', @resource[:name]) - @property_hash.clear - end - # - # Getter that obtains the our service that should have been populated by - # prefetch or instances (depends on if your using puppet resource or not). - def primitive - @property_hash[:primitive] - end - - # Getter that obtains the our node_name that should have been populated by - # prefetch or instances (depends on if your using puppet resource or not). - def node_name - @property_hash[:node_name] - end - - # Getter that obtains the our score that should have been populated by - # prefetch or instances (depends on if your using puppet resource or not). - def score - @property_hash[:score] - end - - # Our setters for the node_name and score. Setters are used when the - # resource already exists so we just update the current value in the property - # hash and doing this marks it to be flushed. - - def primitive=(should) - @property_hash[:primitive] = should - end - - def node_name=(should) - @property_hash[:node_name] = should - end - - def score=(should) - @property_hash[:score] = should - end - - # Flush is triggered on anything that has been detected as being - # modified in the property_hash. It generates a temporary file with - # the updates that need to be made. The temporary file is then used - # as stdin for the crm command. - def flush - unless @property_hash.empty? - updated = "location " - updated << "#{@property_hash[:name]} #{@property_hash[:primitive]} #{@property_hash[:score]}: #{@property_hash[:node_name]}" - Tempfile.open('puppet_crm_update') do |tmpfile| - tmpfile.write(updated) - tmpfile.flush - ENV["CIB_shadow"] = @resource[:cib] - crm('configure', 'load', 'update', tmpfile.path.to_s) - end - end - end -end diff --git a/corosync/lib/puppet/provider/cs_location/pcs.rb b/corosync/lib/puppet/provider/cs_location/pcs.rb deleted file mode 100644 index a6b2cb339..000000000 --- a/corosync/lib/puppet/provider/cs_location/pcs.rb +++ /dev/null @@ -1,101 +0,0 @@ -require 'pathname' -require Pathname.new(__FILE__).dirname.dirname.expand_path + 'pacemaker' - -Puppet::Type.type(:cs_location).provide(:pcs, :parent => Puppet::Provider::Pacemaker) do - desc 'Specific provider for a rather specific type since I currently have no plan to - abstract corosync/pacemaker vs. keepalived. This provider will check the state - of current primitive locations on the system; add, delete, or adjust various - aspects.' - - defaultfor :operatingsystem => [:fedora, :centos, :redhat] - - commands :pcs => 'pcs' - - def self.instances - - block_until_ready - - instances = [] - - cmd = [ command(:pcs), 'cluster', 'cib' ] - raw, status = run_pcs_command(cmd) - doc = REXML::Document.new(raw) - - doc.root.elements['configuration'].elements['constraints'].each_element('rsc_location') do |e| - items = e.attributes - - location_instance = { - :name => items['id'], - :ensure => :present, - :primitive => items['rsc'], - :node_name => items['node'], - :score => items['score'], - :provider => self.name - } - instances << new(location_instance) - end - instances - end - - # Create just adds our resource to the location_hash and flush will take care - # of actually doing the work. - def create - @property_hash = { - :name => @resource[:name], - :ensure => :present, - :primitive => @resource[:primitive], - :node_name => @resource[:node_name], - :score => @resource[:score], - :cib => @resource[:cib] - } - end - - # Unlike create we actually immediately delete the item. - def destroy - debug('Removing location') - cmd = [ command(:pcs), 'constraint', 'resource', 'remove', @resource[:name] ] - Puppet::Provider::Pacemaker::run_pcs_command(cmd) - @property_hash.clear - end - - # Getters that obtains the parameters defined in our location that have been - # populated by prefetch or instances (depends on if your using puppet resource - # or not). - def primitive - @property_hash[:primitive] - end - - def node_name - @property_hash[:node_name] - end - - def score - @property_hash[:score] - end - - # Our setters for parameters. Setters are used when the resource already - # exists so we just update the current value in the location_hash and doing - # this marks it to be flushed. - def primitive=(should) - @property_hash[:primitive] = should - end - - def node_name=(should) - @property_hash[:node_name] = should - end - - def score=(should) - @property_hash[:score] = should - end - - # Flush is triggered on anything that has been detected as being - # modified in the location_hash. - # It calls several pcs commands to make the resource look like the - # params. - def flush - unless @property_hash.empty? - cmd = [ command(:pcs), 'constraint', 'location', 'add', @property_hash[:name], @property_hash[:primitive], @property_hash[:node_name], @property_hash[:score]] - Puppet::Provider::Pacemaker::run_pcs_command(cmd) - end - end -end diff --git a/corosync/lib/puppet/provider/cs_order/crm.rb b/corosync/lib/puppet/provider/cs_order/crm.rb deleted file mode 100644 index 6b2acfde9..000000000 --- a/corosync/lib/puppet/provider/cs_order/crm.rb +++ /dev/null @@ -1,140 +0,0 @@ -require 'pathname' -require Pathname.new(__FILE__).dirname.dirname.expand_path + 'crmsh' - -Puppet::Type.type(:cs_order).provide(:crm, :parent => Puppet::Provider::Crmsh) do - desc 'Specific provider for a rather specific type since I currently have no plan to - abstract corosync/pacemaker vs. keepalived. This provider will check the state - of current primitive start orders on the system; add, delete, or adjust various - aspects.' - - # Path to the crm binary for interacting with the cluster configuration. - commands :crm => 'crm' - - def self.instances - - block_until_ready - - instances = [] - - cmd = [ command(:crm), 'configure', 'show', 'xml' ] - if Puppet::PUPPETVERSION.to_f < 3.4 - raw, status = Puppet::Util::SUIDManager.run_and_capture(cmd) - else - raw = Puppet::Util::Execution.execute(cmd) - status = raw.exitstatus - end - doc = REXML::Document.new(raw) - - doc.root.elements['configuration'].elements['constraints'].each_element('rsc_order') do |e| - items = e.attributes - - if items['first-action'] - first = "#{items['first']}:#{items['first-action']}" - else - first = items['first'] - end - - if items['then-action'] - second = "#{items['then']}:#{items['then-action']}" - else - second = items['then'] - end - - if items['symmetrical'] - symmetrical = (items['symmetrical'] == 'true') - else - # Default: symmetrical is true unless explicitly defined. - symmetrical = true - end - - order_instance = { - :name => items['id'], - :ensure => :present, - :first => first, - :second => second, - :score => items['score'], - :symmetrical => symmetrical, - :provider => self.name - } - instances << new(order_instance) - end - instances - end - - # Create just adds our resource to the property_hash and flush will take care - # of actually doing the work. - def create - @property_hash = { - :name => @resource[:name], - :ensure => :present, - :first => @resource[:first], - :second => @resource[:second], - :score => @resource[:score], - :symmetrical => @resource[:symmetrical], - :cib => @resource[:cib], - } - end - - # Unlike create we actually immediately delete the item. - def destroy - debug('Revmoving order directive') - crm('configure', 'delete', @resource[:name]) - @property_hash.clear - end - - # Getters that obtains the first and second primitives and score in our - # ordering definintion that have been populated by prefetch or instances - # (depends on if your using puppet resource or not). - def first - @property_hash[:first] - end - - def second - @property_hash[:second] - end - - def score - @property_hash[:score] - end - - def symmetrical - @property_hash[:symmetrical] - end - - # Our setters for the first and second primitives and score. Setters are - # used when the resource already exists so we just update the current value - # in the property hash and doing this marks it to be flushed. - def first=(should) - @property_hash[:first] = should - end - - def second=(should) - @property_hash[:second] = should - end - - def score=(should) - @property_hash[:score] = should - end - - def symmetrical=(should) - @property_hash[:symmetrical] = should - end - - # Flush is triggered on anything that has been detected as being - # modified in the property_hash. It generates a temporary file with - # the updates that need to be made. The temporary file is then used - # as stdin for the crm command. - def flush - unless @property_hash.empty? - updated = 'order ' - updated << "#{@property_hash[:name]} #{@property_hash[:score]}: " - updated << "#{@property_hash[:first]} #{@property_hash[:second]} symmetrical=#{@property_hash[:symmetrical].to_s}" - Tempfile.open('puppet_crm_update') do |tmpfile| - tmpfile.write(updated) - tmpfile.flush - ENV['CIB_shadow'] = @resource[:cib] - crm('configure', 'load', 'update', tmpfile.path.to_s) - end - end - end -end diff --git a/corosync/lib/puppet/provider/cs_order/pcs.rb b/corosync/lib/puppet/provider/cs_order/pcs.rb deleted file mode 100644 index 6ea511f0a..000000000 --- a/corosync/lib/puppet/provider/cs_order/pcs.rb +++ /dev/null @@ -1,146 +0,0 @@ -require 'pathname' -require Pathname.new(__FILE__).dirname.dirname.expand_path + 'pacemaker' - -Puppet::Type.type(:cs_order).provide(:pcs, :parent => Puppet::Provider::Pacemaker) do - desc 'Specific provider for a rather specific type since I currently have no plan to - abstract corosync/pacemaker vs. keepalived. This provider will check the state - of current primitive start orders on the system; add, delete, or adjust various - aspects.' - - defaultfor :operatingsystem => [:fedora, :centos, :redhat] - - # Path to the pcs binary for interacting with the cluster configuration. - commands :pcs => 'pcs' - - def self.instances - - block_until_ready - - instances = [] - - cmd = [ command(:pcs), 'cluster', 'cib' ] - raw, status = run_pcs_command(cmd) - doc = REXML::Document.new(raw) - - doc.root.elements['configuration'].elements['constraints'].each_element('rsc_order') do |e| - items = e.attributes - - if items['first-action'] - first = "#{items['first']}:#{items['first-action']}" - else - first = items['first'] - end - - if items['then-action'] - second = "#{items['then']}:#{items['then-action']}" - else - second = items['then'] - end - if items['score'] - score = items['score'] - else - score = 'INFINITY' - end - - order_instance = { - :name => items['id'], - :ensure => :present, - :first => first, - :second => second, - :score => score, - :provider => self.name, - :new => false - } - instances << new(order_instance) - end - instances - end - - # Create just adds our resource to the property_hash and flush will take care - # of actually doing the work. - def create - @property_hash = { - :name => @resource[:name], - :ensure => :present, - :first => @resource[:first], - :second => @resource[:second], - :score => @resource[:score], - :cib => @resource[:cib], - :new => true, - } - end - - # Unlike create we actually immediately delete the item. - def destroy - debug('Removing order directive') - cmd=[ command(:pcs), 'constraint', 'remove', @resource[:name]] - Puppet::Provider::Pacemaker::run_pcs_command(cmd) - @property_hash.clear - end - - # Getters that obtains the first and second primitives and score in our - # ordering definintion that have been populated by prefetch or instances - # (depends on if your using puppet resource or not). - def first - @property_hash[:first] - end - - def second - @property_hash[:second] - end - - def score - @property_hash[:score] - end - - # Our setters for the first and second primitives and score. Setters are - # used when the resource already exists so we just update the current value - # in the property hash and doing this marks it to be flushed. - def first=(should) - @property_hash[:first] = should - end - - def second=(should) - @property_hash[:second] = should - end - - def score=(should) - @property_hash[:score] = should - end - - # Flush is triggered on anything that has been detected as being - # modified in the property_hash. It generates a temporary file with - # the updates that need to be made. The temporary file is then used - # as stdin for the pcs command. - def flush - unless @property_hash.empty? - if @property_hash[:new] == false - debug('Removing order directive') - cmd=[ command(:pcs), 'constraint', 'remove', @resource[:name]] - Puppet::Provider::Pacemaker::run_pcs_command(cmd) - end - - cmd = [ command(:pcs), 'constraint', 'order' ] - rsc = @property_hash[:first] - if rsc.include? ':' - items = rsc.split(':') - cmd << items[1] - cmd << items[0] - else - cmd << rsc - end - cmd << 'then' - rsc = @property_hash[:second] - if rsc.include? ':' - items = rsc.split(':') - cmd << items[1] - cmd << items[0] - else - cmd << rsc - end - cmd << @property_hash[:score] - cmd << "id=#{@property_hash[:name]}" - raw, status = Puppet::Provider::Pacemaker::run_pcs_command(cmd) - end - end -end diff --git a/corosync/lib/puppet/provider/cs_primitive/crm.rb b/corosync/lib/puppet/provider/cs_primitive/crm.rb deleted file mode 100644 index 96daacff6..000000000 --- a/corosync/lib/puppet/provider/cs_primitive/crm.rb +++ /dev/null @@ -1,257 +0,0 @@ -require 'pathname' -require Pathname.new(__FILE__).dirname.dirname.expand_path + 'crmsh' - -Puppet::Type.type(:cs_primitive).provide(:crm, :parent => Puppet::Provider::Crmsh) do - desc 'Specific provider for a rather specific type since I currently have no - plan to abstract corosync/pacemaker vs. keepalived. Primitives in - Corosync are the thing we desire to monitor; websites, ipaddresses, - databases, etc, etc. Here we manage the creation and deletion of - these primitives. We will accept a hash for what Corosync calls - operations and parameters. A hash is used instead of constucting a - better model since these values can be almost anything.' - - # Path to the crm binary for interacting with the cluster configuration. - commands :crm => 'crm' - - # given an XML element containing some s, return a hash. Return an - # empty hash if `e` is nil. - def self.nvpairs_to_hash(e) - return {} if e.nil? - - hash = {} - e.each_element do |i| - hash[(i.attributes['name'])] = i.attributes['value'] - end - - hash - end - - # given an XML element (a from cibadmin), produce a hash suitible - # for creating a new provider instance. - def self.element_to_hash(e) - hash = { - :primitive_class => e.attributes['class'], - :primitive_type => e.attributes['type'], - :provided_by => e.attributes['provider'], - :name => e.attributes['id'].to_sym, - :ensure => :present, - :provider => self.name, - :parameters => nvpairs_to_hash(e.elements['instance_attributes']), - :operations => {}, - :utilization => nvpairs_to_hash(e.elements['utilization']), - :metadata => nvpairs_to_hash(e.elements['meta_attributes']), - :ms_metadata => {}, - :promotable => :false - } - - if ! e.elements['operations'].nil? - e.elements['operations'].each_element do |o| - valids = o.attributes.reject do |k,v| k == 'id' end - currentop = {} - valids.each do |k,v| - currentop[k] = v if k != 'name' - end - if ! o.elements['instance_attributes'].nil? - o.elements['instance_attributes'].each_element do |i| - currentop[(i.attributes['name'])] = i.attributes['value'] - end - end - if hash[:operations][valids['name']].instance_of?(Hash) - # There is already an operation with the same name, change to Array - hash[:operations][valids['name']] = [hash[:operations][valids['name']]] - end - if hash[:operations][valids['name']].instance_of?(Array) - # Append to an existing list - hash[:operations][valids['name']] += [currentop] - else - hash[:operations][valids['name']] = currentop - end - end - end - if e.parent.name == 'master' - hash[:promotable] = :true - if ! e.parent.elements['meta_attributes'].nil? - e.parent.elements['meta_attributes'].each_element do |m| - hash[:ms_metadata][(m.attributes['name'])] = m.attributes['value'] - end - end - end - - hash - end - - def self.instances - - block_until_ready - - instances = [] - - cmd = [ command(:crm), 'configure', 'show', 'xml' ] - if Puppet::PUPPETVERSION.to_f < 3.4 - raw, status = Puppet::Util::SUIDManager.run_and_capture(cmd) - else - raw = Puppet::Util::Execution.execute(cmd) - status = raw.exitstatus - end - doc = REXML::Document.new(raw) - - REXML::XPath.each(doc, '//primitive') do |e| - instances << new(element_to_hash(e)) - end - instances - end - - # Create just adds our resource to the property_hash and flush will take care - # of actually doing the work. - def create - @property_hash = { - :name => @resource[:name], - :ensure => :present, - :primitive_class => @resource[:primitive_class], - :provided_by => @resource[:provided_by], - :primitive_type => @resource[:primitive_type], - :promotable => @resource[:promotable] - } - @property_hash[:parameters] = @resource[:parameters] if ! @resource[:parameters].nil? - @property_hash[:operations] = @resource[:operations] if ! @resource[:operations].nil? - @property_hash[:utilization] = @resource[:utilization] if ! @resource[:utilization].nil? - @property_hash[:metadata] = @resource[:metadata] if ! @resource[:metadata].nil? - @property_hash[:ms_metadata] = @resource[:ms_metadata] if ! @resource[:ms_metadata].nil? - @property_hash[:cib] = @resource[:cib] if ! @resource[:cib].nil? - end - - # Unlike create we actually immediately delete the item. Corosync forces us - # to "stop" the primitive before we are able to remove it. - def destroy - debug('Stopping primitive before removing it') - crm('resource', 'stop', @resource[:name]) - debug('Revmoving primitive') - crm('configure', 'delete', @resource[:name]) - @property_hash.clear - end - - # Getters that obtains the parameters and operations defined in our primitive - # that have been populated by prefetch or instances (depends on if your using - # puppet resource or not). - def parameters - @property_hash[:parameters] - end - - def operations - @property_hash[:operations] - end - - def utilization - @property_hash[:utilization] - end - - def metadata - @property_hash[:metadata] - end - - def ms_metadata - @property_hash[:ms_metadata] - end - - def promotable - @property_hash[:promotable] - end - - # Our setters for parameters and operations. Setters are used when the - # resource already exists so we just update the current value in the - # property_hash and doing this marks it to be flushed. - def parameters=(should) - @property_hash[:parameters] = should - end - - def operations=(should) - @property_hash[:operations] = should - end - - def utilization=(should) - @property_hash[:utilization] = should - end - - def metadata=(should) - @property_hash[:metadata] = should - end - - def ms_metadata=(should) - @property_hash[:ms_metadata] = should - end - - def promotable=(should) - case should - when :true - @property_hash[:promotable] = should - when :false - @property_hash[:promotable] = should - crm('resource', 'stop', "ms_#{@resource[:name]}") - crm('configure', 'delete', "ms_#{@resource[:name]}") - end - end - - # Flush is triggered on anything that has been detected as being - # modified in the property_hash. It generates a temporary file with - # the updates that need to be made. The temporary file is then used - # as stdin for the crm command. We have to do a bit of munging of our - # operations and parameters hash to eventually flatten them into a string - # that can be used by the crm command. - def flush - unless @property_hash.empty? - unless @property_hash[:operations].empty? - operations = '' - @property_hash[:operations].each do |o| - [o[1]].flatten.each do |o2| - operations << "op #{o[0]} " - o2.each_pair do |k,v| - operations << "#{k}=#{v} " - end - end - end - end - unless @property_hash[:parameters].empty? - parameters = 'params ' - @property_hash[:parameters].each_pair do |k,v| - parameters << "'#{k}=#{v}' " - end - end - unless @property_hash[:utilization].empty? - utilization = 'utilization ' - @property_hash[:utilization].each_pair do |k,v| - utilization << "#{k}=#{v} " - end - end - unless @property_hash[:metadata].empty? - metadatas = 'meta ' - @property_hash[:metadata].each_pair do |k,v| - metadatas << "#{k}=#{v} " - end - end - updated = "primitive " - updated << "#{@property_hash[:name]} #{@property_hash[:primitive_class]}:" - updated << "#{@property_hash[:provided_by]}:" if @property_hash[:provided_by] - updated << "#{@property_hash[:primitive_type]} " - updated << "#{operations} " unless operations.nil? - updated << "#{parameters} " unless parameters.nil? - updated << "#{utilization} " unless utilization.nil? - updated << "#{metadatas} " unless metadatas.nil? - if @property_hash[:promotable] == :true - updated << "\n" - updated << "ms ms_#{@property_hash[:name]} #{@property_hash[:name]} " - unless @property_hash[:ms_metadata].empty? - updated << 'meta ' - @property_hash[:ms_metadata].each_pair do |k,v| - updated << "#{k}=#{v} " - end - end - end - Tempfile.open('puppet_crm_update') do |tmpfile| - tmpfile.write(updated) - tmpfile.flush - ENV['CIB_shadow'] = @resource[:cib] - crm('configure', 'load', 'update', tmpfile.path.to_s) - end - end - end -end diff --git a/corosync/lib/puppet/provider/cs_primitive/pcs.rb b/corosync/lib/puppet/provider/cs_primitive/pcs.rb deleted file mode 100644 index 4cb748fa5..000000000 --- a/corosync/lib/puppet/provider/cs_primitive/pcs.rb +++ /dev/null @@ -1,329 +0,0 @@ -require 'pathname' -require Pathname.new(__FILE__).dirname.dirname.expand_path + 'pacemaker' - -Puppet::Type.type(:cs_primitive).provide(:pcs, :parent => Puppet::Provider::Pacemaker) do - desc 'Specific provider for a rather specific type since I currently have no - plan to abstract corosync/pacemaker vs. keepalived. Primitives in - Corosync are the thing we desire to monitor; websites, ipaddresses, - databases, etc, etc. Here we manage the creation and deletion of - these primitives. We will accept a hash for what Corosync calls - operations and parameters. A hash is used instead of constucting a - better model since these values can be almost anything.' - - commands :pcs => 'pcs' - - defaultfor :operatingsystem => [:fedora, :centos, :redhat] - # given an XML element containing some s, return a hash. Return an - # empty hash if `e` is nil. - def self.nvpairs_to_hash(e) - return {} if e.nil? - - hash = {} - e.each_element do |i| - hash[(i.attributes['name'])] = i.attributes['value'] - end - - hash - end - - # given an XML element (a from cibadmin), produce a hash suitible - # for creating a new provider instance. - def self.element_to_hash(e) - hash = { - :primitive_class => e.attributes['class'], - :primitive_type => e.attributes['type'], - :provided_by => e.attributes['provider'], - :name => e.attributes['id'].to_sym, - :ensure => :present, - :provider => self.name, - :parameters => nvpairs_to_hash(e.elements['instance_attributes']), - :operations => {}, - :utilization => nvpairs_to_hash(e.elements['utilization']), - :metadata => nvpairs_to_hash(e.elements['meta_attributes']), - :ms_metadata => {}, - :promotable => :false, - :existing_resource => :true, - :existing_primitive_class => e.attributes['class'], - :existing_primitive_type => e.attributes['type'], - :existing_provided_by => e.attributes['provider'], - :existing_operations => {} - } - - if ! e.elements['operations'].nil? - e.elements['operations'].each_element do |o| - valids = o.attributes.reject do |k,v| k == 'id' end - if ! valids['role'].nil? - name = valids['name'] - name << ":" - name << valids['role'] - else - name = valids['name'] - end - hash[:operations][name] = {} - valids.each do |k,v| - hash[:operations][name][k] = v if k != 'name' and k != 'role' - end - hash[:existing_operations] = hash[:operations].dup - end - end - if e.parent.name == 'master' - hash[:promotable] = :true - if ! e.parent.elements['meta_attributes'].nil? - e.parent.elements['meta_attributes'].each_element do |m| - hash[:ms_metadata][(m.attributes['name'])] = m.attributes['value'] - end - end - end - - hash - end - - def self.instances - - block_until_ready - - instances = [] - - cmd = [ command(:pcs), 'cluster', 'cib' ] - raw, status = run_pcs_command(cmd) - doc = REXML::Document.new(raw) - - REXML::XPath.each(doc, '//primitive') do |e| - instances << new(element_to_hash(e)) - end - instances - end - - # Create just adds our resource to the property_hash and flush will take care - # of actually doing the work. - # The existing_resource is there because pcs does not have a single command that - # updates or create a resource, so we flag the resources with that parameter - def create - @property_hash = { - :name => @resource[:name], - :ensure => :present, - :primitive_class => @resource[:primitive_class], - :provided_by => @resource[:provided_by], - :primitive_type => @resource[:primitive_type], - :promotable => @resource[:promotable], - :existing_resource => :false - } - @property_hash[:parameters] = @resource[:parameters] if ! @resource[:parameters].nil? - @property_hash[:operations] = @resource[:operations] if ! @resource[:operations].nil? - @property_hash[:utilization] = @resource[:utilization] if ! @resource[:utilization].nil? - @property_hash[:metadata] = @resource[:metadata] if ! @resource[:metadata].nil? - @property_hash[:ms_metadata] = @resource[:ms_metadata] if ! @resource[:ms_metadata].nil? - @property_hash[:cib] = @resource[:cib] if ! @resource[:cib].nil? - end - - # Unlike create we actually immediately delete the item. - def destroy - debug('Removing primitive') - Puppet::Provider::Pacemaker::run_pcs_command([command(:pcs), 'resource', 'delete', @property_hash[:name]]) - @property_hash.clear - end - - # Getters that obtains the parameters and operations defined in our primitive - # that have been populated by prefetch or instances (depends on if your using - # puppet resource or not). - def parameters - @property_hash[:parameters] - end - - def primitive_class - @property_hash[:primitive_class] - end - - def provided_by - @property_hash[:provided_by] - end - - def primitive_type - @property_hash[:primitive_type] - end - - def operations - @property_hash[:operations] - end - - def utilization - @property_hash[:utilization] - end - - def metadata - @property_hash[:metadata] - end - - def ms_metadata - @property_hash[:ms_metadata] - end - - def promotable - @property_hash[:promotable] - end - - # Our setters for parameters and operations. Setters are used when the - # resource already exists so we just update the current value in the - # property_hash and doing this marks it to be flushed. - def parameters=(should) - @property_hash[:parameters] = should - end - - def primitive_class=(should) - @property_hash[:primitive_class] = should - end - - def provided_by=(should) - @property_hash[:provided_by] = should - end - - def primitive_type=(should) - @property_hash[:primitive_type] = should - end - def operations=(should) - @property_hash[:operations] = should - end - - def utilization=(should) - @property_hash[:utilization] = should - end - - def metadata=(should) - @property_hash[:metadata] = should - end - - def ms_metadata=(should) - @property_hash[:ms_metadata] = should - end - - def promotable=(should) - case should - when :true - @property_hash[:promotable] = should - when :false - @property_hash[:promotable] = should - pcs('resource', 'delete', "ms_#{@resource[:name]}") - end - end - - # Flush is triggered on anything that has been detected as being - # modified in the property_hash. - # It calls several pcs commands to make the resource look like the - # params. - def flush - unless @property_hash.empty? - # The ressource_type variable is used to check if one of the class, - # provider or type has changed - ressource_type = "#{@property_hash[:primitive_class]}:" - if @property_hash[:provided_by] - ressource_type << "#{@property_hash[:provided_by]}:" - end - ressource_type << "#{@property_hash[:primitive_type]}" - - unless @property_hash[:operations].empty? - operations = [] - @property_hash[:operations].each do |o| - op_name = o[0] - operations << "op" - if op_name.include? ':' - items = op_name.split(':') - operations << items[0] - operations << "role=#{items[1]}" - else - operations << op_name - end - o[1].each_pair do |k,v| - operations << "#{k}=#{v}" - end - end - end - unless @property_hash[:parameters].empty? - parameters = [] - @property_hash[:parameters].each_pair do |k,v| - parameters << "#{k}=#{v}" - end - end - unless @property_hash[:utilization].empty? - utilization = [ 'utilization' ] - @property_hash[:utilization].each_pair do |k,v| - utilization << "#{k}=#{v}" - end - end - unless @property_hash[:metadata].empty? - metadatas = [ 'meta' ] - @property_hash[:metadata].each_pair do |k,v| - metadatas << "#{k}=#{v}" - end - end - - # We destroy the ressource if it's type, class or provider has changed - unless @property_hash[:existing_resource] == :false - existing_ressource_type = "#{@property_hash[:existing_primitive_class]}:" - existing_ressource_type << "#{@property_hash[:existing_provided_by]}:" if @property_hash[:existing_provided_by] - existing_ressource_type << "#{@property_hash[:existing_primitive_type]}" - if existing_ressource_type != ressource_type - debug('Removing primitive') - Puppet::Provider::Pacemaker::run_pcs_command([command(:pcs), 'resource', 'delete', @property_hash[:name]]) - force_reinstall = :true - end - end - - ENV['CIB_shadow'] = @property_hash[:cib] - - if @property_hash[:existing_resource] == :false or force_reinstall == :true - cmd = [ command(:pcs), 'resource', 'create', "#{@property_hash[:name]}" ] - cmd << ressource_type - cmd += parameters unless parameters.nil? - cmd += operations unless operations.nil? - cmd += utilization unless utilization.nil? - cmd += metadatas unless metadatas.nil? - raw, status = Puppet::Provider::Pacemaker::run_pcs_command(cmd) - # if we are using a master/slave resource, prepend ms_ before its name - # and declare it as a master/slave resource - if @property_hash[:promotable] == :true - cmd = [ command(:pcs), 'resource', 'master', "ms_#{@property_hash[:name]}", "#{@property_hash[:name]}" ] - unless @property_hash[:ms_metadata].empty? - cmd << 'meta' - @property_hash[:ms_metadata].each_pair do |k,v| - cmd << "#{k}=#{v}" - end - end - raw, status = Puppet::Provider::Pacemaker::run_pcs_command(cmd) - end - # try to remove the default monitor operation - if @property_hash[:operations]["monitor"].nil? - cmd = [ command(:pcs), 'resource', 'op', 'remove', "#{@property_hash[:name]}", 'monitor', 'interval=60s' ] - Puppet::Provider::Pacemaker::run_pcs_command(cmd, false) - end - else - # if there is no operations defined, we ensure that they are not present - if @property_hash[:operations].empty? and not @property_hash[:existing_operations].empty? - @property_hash[:existing_operations].each do |o| - cmd = [ command(:pcs), 'resource', 'op', 'remove', "#{@property_hash[:name]}" ] - cmd << "#{o[0]}" - o[1].each_pair do |k,v| - cmd << "#{k}=#{v}" - end - Puppet::Provider::Pacemaker::run_pcs_command(cmd) - end - end - cmd = [ command(:pcs), 'resource', 'update', "#{@property_hash[:name]}" ] - cmd += parameters unless parameters.nil? - cmd += operations unless operations.nil? - cmd += utilization unless utilization.nil? - cmd += metadatas unless metadatas.nil? - raw, status = Puppet::Provider::Pacemaker::run_pcs_command(cmd) - if @property_hash[:promotable] == :true - cmd = [ command(:pcs), 'resource', 'update', "ms_#{@property_hash[:name]}", "#{@property_hash[:name]}" ] - unless @property_hash[:ms_metadata].empty? - cmd << 'meta' - @property_hash[:ms_metadata].each_pair do |k,v| - cmd << "#{k}=#{v}" - end - end - raw, status = Puppet::Provider::Pacemaker::run_pcs_command(cmd) - end - end - end - end -end diff --git a/corosync/lib/puppet/provider/cs_property/crm.rb b/corosync/lib/puppet/provider/cs_property/crm.rb deleted file mode 100644 index 2d83db09d..000000000 --- a/corosync/lib/puppet/provider/cs_property/crm.rb +++ /dev/null @@ -1,86 +0,0 @@ -require 'pathname' # JJM WORK_AROUND #14073 -require Pathname.new(__FILE__).dirname.dirname.expand_path + 'crmsh' - -Puppet::Type.type(:cs_property).provide(:crm, :parent => Puppet::Provider::Crmsh) do - desc 'Specific provider for a rather specific type since I currently have no plan to - abstract corosync/pacemaker vs. keepalived. This provider will check the state - of Corosync cluster configuration properties.' - - # Path to the crm binary for interacting with the cluster configuration. - commands :crm => 'crm' - commands :cibadmin => 'cibadmin' - - def self.instances - - block_until_ready - - instances = [] - - cmd = [ command(:crm), 'configure', 'show', 'xml' ] - if Puppet::PUPPETVERSION.to_f < 3.4 - raw, status = Puppet::Util::SUIDManager.run_and_capture(cmd) - else - raw = Puppet::Util::Execution.execute(cmd) - status = raw.exitstatus - end - doc = REXML::Document.new(raw) - - doc.root.elements['configuration/crm_config/cluster_property_set'].each_element do |e| - items = e.attributes - property = { :name => items['name'], :value => items['value'] } - - property_instance = { - :name => property[:name], - :ensure => :present, - :value => property[:value], - :provider => self.name - } - instances << new(property_instance) - end - instances - end - - # Create just adds our resource to the property_hash and flush will take care - # of actually doing the work. - def create - @property_hash = { - :name => @resource[:name], - :ensure => :present, - :value => @resource[:value], - } - end - - # Unlike create we actually immediately delete the item. - def destroy - debug('Revmoving cluster property') - cibadmin('--scope', 'crm_config', '--delete', '--xpath', "//nvpair[@name='#{resource[:name]}']") - @property_hash.clear - end - - # Getters that obtains the first and second primitives and score in our - # ordering definintion that have been populated by prefetch or instances - # (depends on if your using puppet resource or not). - def value - @property_hash[:value] - end - - # Our setters for the first and second primitives and score. Setters are - # used when the resource already exists so we just update the current value - # in the property hash and doing this marks it to be flushed. - def value=(should) - @property_hash[:value] = should - end - - # Flush is triggered on anything that has been detected as being - # modified in the property_hash. It generates a temporary file with - # the updates that need to be made. The temporary file is then used - # as stdin for the crm command. - def flush - unless @property_hash.empty? - # clear this on properties, in case it's set from a previous - # run of a different corosync type - ENV['CIB_shadow'] = nil - crm('configure', 'property', '$id="cib-bootstrap-options"', "#{@property_hash[:name]}=#{@property_hash[:value]}") - end - end -end diff --git a/corosync/lib/puppet/provider/cs_property/pcs.rb b/corosync/lib/puppet/provider/cs_property/pcs.rb deleted file mode 100644 index 2d2921d5b..000000000 --- a/corosync/lib/puppet/provider/cs_property/pcs.rb +++ /dev/null @@ -1,84 +0,0 @@ -require 'pathname' # JJM WORK_AROUND #14073 -require Pathname.new(__FILE__).dirname.dirname.expand_path + 'pacemaker' - -Puppet::Type.type(:cs_property).provide(:pcs, :parent => Puppet::Provider::Pacemaker) do - desc 'Specific provider for a rather specific type since I currently have no plan to - abstract corosync/pacemaker vs. keepalived. This provider will check the state - of Corosync cluster configuration properties.' - - defaultfor :operatingsystem => [:fedora, :centos, :redhat] - - # Path to the pcs binary for interacting with the cluster configuration. - commands :pcs => 'pcs' - - def self.instances - - block_until_ready - - instances = [] - - cmd = [ command(:pcs), 'cluster', 'cib' ] - raw, status = run_pcs_command(cmd) - doc = REXML::Document.new(raw) - - doc.root.elements['configuration/crm_config/cluster_property_set'].each_element do |e| - items = e.attributes - property = { :name => items['name'], :value => items['value'] } - - property_instance = { - :name => property[:name], - :ensure => :present, - :value => property[:value], - :provider => self.name - } - instances << new(property_instance) - end - instances - end - - # Create just adds our resource to the property_hash and flush will take care - # of actually doing the work. - def create - @property_hash = { - :name => @resource[:name], - :ensure => :present, - :value => @resource[:value], - } - end - - # Unlike create we actually immediately delete the item. - def destroy - debug('Removing cluster property') - cmd = [ command(:pcs), 'property', 'unset', "#{@property_hash[:name]}" ] - raw, status = run_pcs_command(cmd) - @property_hash.clear - end - - # Getters that obtains the first and second primitives and score in our - # ordering definintion that have been populated by prefetch or instances - # (depends on if your using puppet resource or not). - def value - @property_hash[:value] - end - - # Our setters for the first and second primitives and score. Setters are - # used when the resource already exists so we just update the current value - # in the property hash and doing this marks it to be flushed. - def value=(should) - @property_hash[:value] = should - end - - # Flush is triggered on anything that has been detected as being - # modified in the property_hash. It generates a temporary file with - # the updates that need to be made. The temporary file is then used - # as stdin for the pcs command. - def flush - unless @property_hash.empty? - # clear this on properties, in case it's set from a previous - # run of a different corosync type - ENV['CIB_shadow'] = nil - cmd = [ command(:pcs), 'property', 'set', "#{@property_hash[:name]}=#{@property_hash[:value]}" ] - raw, status = Puppet::Provider::Pacemaker::run_pcs_command(cmd) - end - end -end diff --git a/corosync/lib/puppet/provider/cs_rsc_defaults/crm.rb b/corosync/lib/puppet/provider/cs_rsc_defaults/crm.rb deleted file mode 100644 index 17adb219d..000000000 --- a/corosync/lib/puppet/provider/cs_rsc_defaults/crm.rb +++ /dev/null @@ -1,86 +0,0 @@ -require 'pathname' # JJM WORK_AROUND #14073 -require Pathname.new(__FILE__).dirname.dirname.expand_path + 'crmsh' - -Puppet::Type.type(:cs_rsc_defaults).provide(:crm, :parent => Puppet::Provider::Crmsh) do - desc 'Specific provider for a rather specific type since I currently have no plan to - abstract corosync/pacemaker vs. keepalived. This provider will check the state - of Corosync global defaults for resource options.' - - # Path to the crm binary for interacting with the cluster configuration. - commands :crm => 'crm' - commands :cibadmin => 'cibadmin' - - def self.instances - - block_until_ready - - instances = [] - - cmd = [ command(:crm), 'configure', 'show', 'xml' ] - if Puppet::PUPPETVERSION.to_f < 3.4 - raw, status = Puppet::Util::SUIDManager.run_and_capture(cmd) - else - raw = Puppet::Util::Execution.execute(cmd) - status = raw.exitstatus - end - doc = REXML::Document.new(raw) - - REXML::XPath.each(doc, '//configuration/rsc_defaults/meta_attributes/nvpair') do |e| - items = e.attributes - rsc_defaults = { :name => items['name'], :value => items['value'] } - - rsc_defaults_instance = { - :name => rsc_defaults[:name], - :ensure => :present, - :value => rsc_defaults[:value], - :provider => self.name - } - instances << new(rsc_defaults_instance) - end - instances - end - - # Create just adds our resource to the property_hash and flush will take care - # of actually doing the work. - def create - @property_hash = { - :name => @resource[:name], - :ensure => :present, - :value => @resource[:value], - } - end - - # Unlike create we actually immediately delete the item. - def destroy - debug('Removing resource default') - cibadmin('--scope', 'rsc_defaults', '--delete', '--xpath', "//configuration/rsc_defaults/meta_attributes/nvpair[@name='#{resource[:name]}']") - @property_hash.clear - end - - # Getters that obtains the first and second primitives and score in our - # ordering definintion that have been populated by prefetch or instances - # (depends on if your using puppet resource or not). - def value - @property_hash[:value] - end - - # Our setters for the first and second primitives and score. Setters are - # used when the resource already exists so we just update the current value - # in the property hash and doing this marks it to be flushed. - def value=(should) - @property_hash[:value] = should - end - - # Flush is triggered on anything that has been detected as being - # modified in the property_hash. It generates a temporary file with - # the updates that need to be made. The temporary file is then used - # as stdin for the crm command. - def flush - unless @property_hash.empty? - # clear this on properties, in case it's set from a previous - # run of a different corosync type - ENV['CIB_shadow'] = nil - crm('configure', 'rsc_defaults', '$id="rsc-options"', "#{@property_hash[:name]}=#{@property_hash[:value]}") - end - end -end diff --git a/corosync/lib/puppet/provider/cs_shadow/crm.rb b/corosync/lib/puppet/provider/cs_shadow/crm.rb deleted file mode 100644 index 3f22fc7a5..000000000 --- a/corosync/lib/puppet/provider/cs_shadow/crm.rb +++ /dev/null @@ -1,20 +0,0 @@ -require 'pathname' -require Pathname.new(__FILE__).dirname.dirname.expand_path + 'crmsh' - -Puppet::Type.type(:cs_shadow).provide(:crm, :parent => Puppet::Provider::Crmsh) do - commands :crm => 'crm' - - def self.instances - block_until_ready - [] - end - - def sync(cib) - begin - crm('cib', 'delete', cib) - rescue => e - # If the CIB doesn't exist, we don't care. - end - crm('cib', 'new', cib) - end -end diff --git a/corosync/lib/puppet/provider/cs_shadow/pcs.rb b/corosync/lib/puppet/provider/cs_shadow/pcs.rb deleted file mode 100644 index 0b0330483..000000000 --- a/corosync/lib/puppet/provider/cs_shadow/pcs.rb +++ /dev/null @@ -1,20 +0,0 @@ -require 'pathname' -require Pathname.new(__FILE__).dirname.dirname.expand_path + 'pacemaker' - -Puppet::Type.type(:cs_shadow).provide(:pcs, :parent => Puppet::Provider::Pacemaker) do - commands :crm_shadow => 'crm_shadow' - - def self.instances - block_until_ready - [] - end - - def sync(cib) - begin - crm_shadow('--delete', cib) - rescue => e - # If the CIB doesn't exist, we don't care. - end - crm_shadow('--create', cib) - end -end diff --git a/corosync/lib/puppet/provider/pacemaker.rb b/corosync/lib/puppet/provider/pacemaker.rb deleted file mode 100644 index 318155e34..000000000 --- a/corosync/lib/puppet/provider/pacemaker.rb +++ /dev/null @@ -1,65 +0,0 @@ -class Puppet::Provider::Pacemaker < Puppet::Provider - - # Yep, that's right we are parsing XML...FUN! (It really wasn't that bad) - require 'rexml/document' - - initvars - commands :pcs => 'pcs' - - def self.run_pcs_command(pcs_cmd, failonfail = true) - if Puppet::PUPPETVERSION.to_f < 3.4 - raw, status = Puppet::Util::SUIDManager.run_and_capture(pcs_cmd) - else - raw = Puppet::Util::Execution.execute(pcs_cmd, {:failonfail => failonfail}) - status = raw.exitstatus - end - if status == 0 or failonfail == false - return raw, status - else - fail("command #{pcs_cmd.join(" ")} failed") - end - end - - - - # Corosync takes a while to build the initial CIB configuration once the - # service is started for the first time. This provides us a way to wait - # until we're up so we can make changes that don't disappear in to a black - # hole. - def self.ready? - cmd = [ command(:pcs), 'property', 'show', 'dc-version' ] - raw, status = run_pcs_command(cmd, false) - if status == 0 - return true - else - return false - end - end - - def self.block_until_ready(timeout = 120) - Timeout::timeout(timeout) do - until ready? - debug('Corosync not ready, retrying') - sleep 2 - end - # Sleeping a spare two since it seems that dc-version is returning before - # It is really ready to take config changes, but it is close enough. - # Probably need to find a better way to check for reediness. - sleep 2 - end - end - - def self.prefetch(resources) - instances.each do |prov| - if res = resources[prov.name.to_s] - res.provider = prov - end - end - end - - def exists? - self.class.block_until_ready - debug(@property_hash.inspect) - !(@property_hash[:ensure] == :absent or @property_hash.empty?) - end -end diff --git a/corosync/lib/puppet/type/cs_clone.rb b/corosync/lib/puppet/type/cs_clone.rb deleted file mode 100644 index 72ff8ea02..000000000 --- a/corosync/lib/puppet/type/cs_clone.rb +++ /dev/null @@ -1,79 +0,0 @@ -Puppet::Type.newtype(:cs_clone) do - @doc = "Type for manipulating corosync/pacemaker resource clone. - More information on Corosync/Pacemaker colocation can be found here: - - * http://www.clusterlabs.org/doc/en-US/Pacemaker/1.1/html/Clusters_from_Scratch/_ensuring_resources_run_on_the_same_host.html" - - ensurable - - newparam(:name) do - desc "Identifier of the location entry. This value needs to be unique - across the entire Corosync/Pacemaker configuration since it doesn't have - the concept of name spaces per type." - - isnamevar - end - - newproperty(:primitive) do - desc "The corosync resource primitive to be cloned. " - end - - newproperty(:clone_max) do - desc "How many copies of the resource to start. - Defaults to the number of nodes in the cluster." - end - newproperty(:clone_node_max) do - desc "How many copies of the resource can be started on a single node. - Defaults to 1." - end - - newproperty(:notify_clones) do - desc "When stopping or starting a copy of the clone, tell all the other copies beforehand - and when the action was successful. - Allowed values: true, false" - - newvalues(:true, :false) - end - - newproperty(:globally_unique) do - desc "Does each copy of the clone perform a different function? - Allowed values: true, false" - - newvalues(:true, :false) - end - - newproperty(:ordered) do - desc "Should the copies be started in series (instead of in parallel). Allowed values: true, false" - - newvalues(:true, :false) - end - - newproperty(:interleave) do - desc "Changes the behavior of ordering constraints (between clones/masters) so that instances can start/stop - as soon as their peer instance has (rather than waiting for every instance of the other clone has). - Allowed values: true, false" - - newvalues(:true, :false) - end - - newparam(:cib) do - desc "Corosync applies its configuration immediately. Using a CIB allows - you to group multiple primitives and relationships to be applied at - once. This can be necessary to insert complex configurations into - Corosync correctly. - - This paramater sets the CIB this colocation should be created in. A - cs_shadow resource with a title of the same name as this value should - also be added to your manifest." - end - - autorequire(:cs_shadow) do - [ @parameters[:cib] ] - end - - autorequire(:service) do - [ 'corosync' ] - end - -end - diff --git a/corosync/lib/puppet/type/cs_colocation.rb b/corosync/lib/puppet/type/cs_colocation.rb deleted file mode 100644 index 3d990bead..000000000 --- a/corosync/lib/puppet/type/cs_colocation.rb +++ /dev/null @@ -1,100 +0,0 @@ -Puppet::Type.newtype(:cs_colocation) do - @doc = "Type for manipulating corosync/pacemaker colocation. Colocation - is the grouping together of a set of primitives so that they travel - together when one of them fails. For instance, if a web server vhost - is colocated with a specific ip address and the web server software - crashes, the ip address with migrate to the new host with the vhost. - - More information on Corosync/Pacemaker colocation can be found here: - - * http://www.clusterlabs.org/doc/en-US/Pacemaker/1.1/html/Clusters_from_Scratch/_ensuring_resources_run_on_the_same_host.html" - - ensurable - - newparam(:name) do - desc "Identifier of the colocation entry. This value needs to be unique - across the entire Corosync/Pacemaker configuration since it doesn't have - the concept of name spaces per type." - - isnamevar - end - - newproperty(:primitives, :array_matching => :all) do - desc "At least two Pacemaker primitives to be located together. Order of primitives - in colocation groups is important. In Pacemaker, a colocation of 2 primitives - behaves different than a colocation between more than 2 primitives. Here the - behavior is altered to be more consistent. - Examples on how to define colocations here: - - 2 primitives: [A, B] will cause A to be located first, and B will be located - with A. This is different than how crm configure colocation works, because - there [A, B] would mean colocate A with B, thus B should be located first. - - multiple primitives: [A, B, C] will cause A to be located first, B next, and - finally C. This is identical to how crm configure colocation works with - multiple resources, it will add a colocated set. - Property will raise an error if you do not provide an array containing at least - two values. Values can be either the name of the primitive, or primitive:role. - Notice, we can only interpret colocations of single sets, not multiple sets - combined. In Pacemaker speak, this means we can support 'A B C' but not e.g. - 'A B (C D) E'. Feel free to contribute a patch for this." - - # Do some validation: the way Pacemaker colocation works we need to only accept - # arrays with at least 2 values. - def should=(value) - super - if value.is_a? Array - raise Puppet::Error, "Puppet::Type::Cs_Colocation: The primitives property must be an array of at least two primitives." unless value.size >= 2 - @should - else - raise Puppet::Error, "Puppet::Type::Cs_Colocation: The primitives property must be an array." - @should - end - end - end - - newparam(:cib) do - desc "Corosync applies its configuration immediately. Using a CIB allows - you to group multiple primitives and relationships to be applied at - once. This can be necessary to insert complex configurations into - Corosync correctly. - - This paramater sets the CIB this colocation should be created in. A - cs_shadow resource with a title of the same name as this value should - also be added to your manifest." - end - - newproperty(:score) do - desc "The priority of this colocation. Primitives can be a part of - multiple colocation groups and so there is a way to control which - primitives get priority when forcing the move of other primitives. - This value can be an integer but is often defined as the string - INFINITY." - - defaultto 'INFINITY' - end - - autorequire(:cs_shadow) do - [ @parameters[:cib] ] - end - - autorequire(:service) do - [ 'corosync' ] - end - - autorequire(:cs_primitive) do - autos = [] - @parameters[:primitives].should.each do |val| - autos << unmunge_cs_primitive(val) - end - - autos - end - - def unmunge_cs_primitive(name) - name = name.split(':')[0] - if name.start_with? 'ms_' - name = name[3..-1] - end - - name - end -end diff --git a/corosync/lib/puppet/type/cs_commit.rb b/corosync/lib/puppet/type/cs_commit.rb deleted file mode 100644 index 0bcd92a25..000000000 --- a/corosync/lib/puppet/type/cs_commit.rb +++ /dev/null @@ -1,57 +0,0 @@ -Puppet::Type.newtype(:cs_commit) do - @doc = "This type is an implementation detail. DO NOT use it directly" - newproperty(:cib) do - def sync - provider.sync(self.should) - end - - def retrieve - :absent - end - - def insync?(is) - false - end - - defaultto { @resource[:name] } - end - - newparam(:name) do - isnamevar - end - - autorequire(:cs_shadow) do - [ @parameters[:cib].should ] - end - - autorequire(:service) do - [ 'corosync' ] - end - - autorequire(:cs_primitive) do - resources_with_cib :cs_primitive - end - - autorequire(:cs_colocation) do - resources_with_cib :cs_colocation - end - - autorequire(:cs_location) do - resources_with_cib :cs_location - end - - - autorequire(:cs_order) do - resources_with_cib :cs_order - end - - def resources_with_cib(cib) - autos = [] - - catalog.resources.find_all { |r| r.is_a?(Puppet::Type.type(cib)) and param = r.parameter(:cib) and param.value == @parameters[:cib].should }.each do |r| - autos << r - end - - autos - end -end diff --git a/corosync/lib/puppet/type/cs_group.rb b/corosync/lib/puppet/type/cs_group.rb deleted file mode 100644 index 10215ebdc..000000000 --- a/corosync/lib/puppet/type/cs_group.rb +++ /dev/null @@ -1,70 +0,0 @@ -Puppet::Type.newtype(:cs_group) do - @doc = "Type for manipulating Corosync/Pacemkaer group entries. - Groups are a set or resources (primitives) that need to be - grouped together. - - More information can be found at the following link: - - * http://www.clusterlabs.org/doc/en-US/Pacemaker/1.1/html/Pacemaker_Explained/ch-advanced-resources.html#group-resources" - - ensurable - - newparam(:name) do - desc "Name identifier of this group entry. This value needs to be unique - across the entire Corosync/Pacemaker configuration since it doesn't have - the concept of name spaces per type." - isnamevar - end - - newproperty(:primitives, :array_matching => :all) do - desc "An array of primitives to have in this group. Must be listed in the - order that you wish them to start." - - # Have to redefine should= here so we can sort the array that is given to - # us by the manifest. While were checking on the class of our value we - # are going to go ahead and do some validation too. The way Corosync - # colocation works we need to only accept two value arrays. - def should=(value) - super - raise Puppet::Error, "Puppet::Type::Cs_Group: primitives property must be at least a 2-element array." unless value.is_a? Array and value.length > 1 - @should - end - end - - newparam(:cib) do - desc "Corosync applies its configuration immediately. Using a CIB allows - you to group multiple primitives and relationships to be applied at - once. This can be necessary to insert complex configurations into - Corosync correctly. - - This paramater sets the CIB this order should be created in. A - cs_shadow resource with a title of the same name as this value should - also be added to your manifest." - end - - autorequire(:cs_shadow) do - [ @parameters[:cib] ] - end - - autorequire(:service) do - [ 'corosync' ] - end - - autorequire(:cs_primitive) do - autos = [] - @parameters[:primitives].should.each do |val| - autos << unmunge_cs_primitive(val) - end - - autos - end - - def unmunge_cs_primitive(name) - name = name.split(':')[0] - if name.start_with? 'ms_' - name = name[3..-1] - end - - name - end -end diff --git a/corosync/lib/puppet/type/cs_location.rb b/corosync/lib/puppet/type/cs_location.rb deleted file mode 100644 index 970b8be87..000000000 --- a/corosync/lib/puppet/type/cs_location.rb +++ /dev/null @@ -1,54 +0,0 @@ -Puppet::Type.newtype(:cs_location) do - @doc = "Type for manipulating corosync/pacemaker resource location. - More information on Corosync/Pacemaker colocation can be found here: - - * http://www.clusterlabs.org/doc/en-US/Pacemaker/1.1/html/Clusters_from_Scratch/_ensuring_resources_run_on_the_same_host.html" - - ensurable - - newparam(:name) do - desc "Identifier of the location entry. This value needs to be unique - across the entire Corosync/Pacemaker configuration since it doesn't have - the concept of name spaces per type." - - isnamevar - end - - newproperty(:primitive) do - desc "The corosync resource primitive to have a location applied. " - end - - newproperty(:node_name) do - desc "The corosync node_name where the resource should be located. " - end - - newparam(:cib) do - desc "Corosync applies its configuration immediately. Using a CIB allows - you to group multiple primitives and relationships to be applied at - once. This can be necessary to insert complex configurations into - Corosync correctly. - - This paramater sets the CIB this colocation should be created in. A - cs_shadow resource with a title of the same name as this value should - also be added to your manifest." - end - - newproperty(:score) do - desc "The priority of this location. Primitives can be a part of - multiple location groups and so there is a way to control which - primitives get priority when forcing the move of other primitives. - This value can be an integer but is often defined as the string - INFINITY." - - defaultto 'INFINITY' - end - - autorequire(:cs_shadow) do - [ @parameters[:cib] ] - end - - autorequire(:service) do - [ 'corosync' ] - end - -end diff --git a/corosync/lib/puppet/type/cs_order.rb b/corosync/lib/puppet/type/cs_order.rb deleted file mode 100644 index 890b52b95..000000000 --- a/corosync/lib/puppet/type/cs_order.rb +++ /dev/null @@ -1,102 +0,0 @@ -Puppet::Type.newtype(:cs_order) do - @doc = "Type for manipulating Corosync/Pacemkaer ordering entries. Order - entries are another type of constraint that can be put on sets of - primitives but unlike colocation, order does matter. These designate - the order at which you need specific primitives to come into a desired - state before starting up a related primitive. - - More information can be found at the following link: - - * http://www.clusterlabs.org/doc/en-US/Pacemaker/1.1/html/Clusters_from_Scratch/_controlling_resource_start_stop_ordering.html" - - ensurable - - newparam(:name) do - desc "Name identifier of this ordering entry. This value needs to be unique - across the entire Corosync/Pacemaker configuration since it doesn't have - the concept of name spaces per type." - isnamevar - end - - newproperty(:first) do - desc "First Corosync primitive. Just like colocation, our primitives for - ording come in pairs but this time order matters so we need to define - which primitive starts the desired state change chain." - end - - newproperty(:second) do - desc "Second Corosync primitive. Our second primitive will move to the - desired state after the first primitive." - end - - newparam(:cib) do - desc "Corosync applies its configuration immediately. Using a CIB allows - you to group multiple primitives and relationships to be applied at - once. This can be necessary to insert complex configurations into - Corosync correctly. - - This paramater sets the CIB this order should be created in. A - cs_shadow resource with a title of the same name as this value should - also be added to your manifest." - end - - newproperty(:score) do - desc "The priority of the this ordered grouping. Primitives can be a part - of multiple order groups and so there is a way to control which - primitives get priority when forcing the order of state changes on - other primitives. This value can be an integer but is often defined - as the string INFINITY." - - defaultto 'INFINITY' - end - - autorequire(:cs_shadow) do - [ @parameters[:cib] ] - end - newproperty(:symmetrical) do - desc "Boolean specifying if the resources should stop in reverse order. - Default value: true." - defaultto true - end - - valid_resource_types = [:cs_primitive, :cs_group] - newparam(:resources_type) do - desc "String to specify which HA resource type is used for this order, - e.g. when you want to order groups (cs_group) instead of primitives. - Defaults to cs_primitive." - - defaultto :cs_primitive - validate do |value| - valid_resource_types.include? value - end - end - - autorequire(:service) do - [ 'corosync' ] - end - - valid_resource_types.each{ |possible_resource_type| - # We're generating autorequire blocks for all possible cs_ types because - # accessing the @parameters[:resources_type].value doesn't seem possible - # when the type is declared. Feel free to improve this. - autorequire(possible_resource_type) do - autos = [] - resource_type = @parameters[:resources_type].value - if resource_type.to_sym == possible_resource_type.to_sym - autos << unmunge_cs_resourcename(@parameters[:first].should) - autos << unmunge_cs_resourcename(@parameters[:second].should) - end - - autos - end - } - - def unmunge_cs_resourcename(name) - name = name.split(':')[0] - if name.start_with? 'ms_' - name = name[3..-1] - end - - name - end -end diff --git a/corosync/lib/puppet/type/cs_primitive.rb b/corosync/lib/puppet/type/cs_primitive.rb deleted file mode 100644 index 8d30d5402..000000000 --- a/corosync/lib/puppet/type/cs_primitive.rb +++ /dev/null @@ -1,171 +0,0 @@ -Puppet::Type.newtype(:cs_primitive) do - @doc = "Type for manipulating Corosync/Pacemaker primitives. Primitives - are probably the most important building block when creating highly - available clusters using Corosync and Pacemaker. Each primitive defines - an application, ip address, or similar to monitor and maintain. These - managed primitives are maintained using what is called a resource agent. - These resource agents have a concept of class, type, and subsystem that - provides the functionality. Regretibly these pieces of vocabulary - clash with those used in Puppet so to overcome the name clashing the - property and parameter names have been qualified a bit for clarity. - - More information on primitive definitions can be found at the following - link: - - * http://www.clusterlabs.org/doc/en-US/Pacemaker/1.1/html/Clusters_from_Scratch/_adding_a_resource.html" - - ensurable - - newparam(:name) do - desc "Name identifier of primitive. This value needs to be unique - across the entire Corosync/Pacemaker configuration since it doesn't have - the concept of name spaces per type." - - isnamevar - end - - newparam(:primitive_class) do - desc "Corosync class of the primitive. Examples of classes are lsb or ocf. - Lsb funtions a lot like the init provider in Puppet for services, an init - script is ran periodically on each host to identify status, or to start - and stop a particular application. Ocf of the other hand is a script with - meta-data and stucture that is specific to Corosync and Pacemaker." - end - - newparam(:primitive_type) do - desc "Corosync primitive type. Type generally matches to the specific - 'thing' your managing, i.e. ip address or vhost. Though, they can be - completely arbitarily named and manage any number of underlying - applications or resources." - end - - newparam(:provided_by) do - desc "Corosync primitive provider. All resource agents used in a primitve - have something that provides them to the system, be it the Pacemaker or - redhat plugins...they're not always obvious though so currently you're - left to understand Corosync enough to figure it out. Usually, if it isn't - obvious it is because there is only one provider for the resource agent. - - To find the list of providers for a resource agent run the following - from the command line has Corosync installed: - - * `crm configure ra providers `" - end - - newparam(:cib) do - desc "Corosync applies its configuration immediately. Using a CIB allows - you to group multiple primitives and relationships to be applied at - once. This can be necessary to insert complex configurations into - Corosync correctly. - - This paramater sets the CIB this primitive should be created in. A - cs_shadow resource with a title of the same name as this value should - also be added to your manifest." - end - - # Our parameters and operations properties must be hashes. - newproperty(:parameters) do - desc "A hash of params for the primitive. Parameters in a primitive are - used by the underlying resource agent, each class using them slightly - differently. In ocf scripts they are exported and pulled into the - script as variables to be used. Since the list of these parameters - are completely arbitrary and validity not enforced we simply defer - defining a model and just accept a hash." - - validate do |value| - raise Puppet::Error, "Puppet::Type::Cs_Primitive: parameters property must be a hash." unless value.is_a? Hash - end - - defaultto Hash.new - end - - newproperty(:operations) do - desc "A hash of operations for the primitive. Operations defined in a - primitive are little more predictable as they are commonly things like - monitor or start and their values are in seconds. Since each resource - agent can define its own set of operations we are going to defer again - and just accept a hash. There maybe room to model this one but it - would require a review of all resource agents to see if each operation - is valid." - - validate do |value| - raise Puppet::Error, "Puppet::Type::Cs_Primitive: operations property must be a hash." unless value.is_a? Hash - end - - defaultto Hash.new - end - - newproperty(:utilization) do - desc "A hash of utilization attributes for the primitive. If nodes are - also configured with available resources, and Pacemaker's placement - stratgey is set appropriately, then Pacemaker can place primitives on - nodes only where resources are available. - - See the Pacemaker documentation: - - http://clusterlabs.org/doc/en-US/Pacemaker/1.1/html/Pacemaker_Explained/ch11.html" - - validate do |value| - raise Puppet::Error, "Puppet::Type::Cs_Primitive: utilization property must be a hash." unless value.is_a? Hash - end - - defaultto Hash.new - end - - newproperty(:metadata) do - desc "A hash of metadata for the primitive. A primitive can have a set of - metadata that doesn't affect the underlying Corosync type/provider but - affect that concept of a resource. This metadata is similar to Puppet's - resources resource and some meta-parameters, they change resource - behavior but have no affect of the data that is synced or manipulated." - - validate do |value| - raise Puppet::Error, "Puppet::Type::Cs_Primitive: metadata property must be a hash." unless value.is_a? Hash - end - - defaultto Hash.new - end - - newproperty(:ms_metadata) do - desc "A hash of metadata for the master/slave primitive state." - - munge do |value_hash| - value_hash.inject({}) do |memo,(key,value)| - memo[key] = String(value) - memo - end - end - - validate do |value| - raise Puppet::Error, "Puppet::Type::Cs_Primitive: ms_metadata property must be a hash" unless value.is_a? Hash - end - - defaultto Hash.new - end - - newproperty(:promotable) do - desc "Designates if the primitive is capable of being managed in a master/slave - state. This will create a new ms resource in your Corosync config and add - this primitive to it. Concequently Corosync will be helpful and update all - your colocation and order resources too but Puppet won't. Currenlty we unmunge - configuraiton entries that start with ms_ so that you don't have to account for - name change in all our manifests." - - newvalues(:true, :false) - - defaultto :false - end - - autorequire(:cs_shadow) do - autos = [] - if @parameters[:cib] - autos << @parameters[:cib].value - end - - autos - end - - autorequire(:service) do - [ 'corosync' ] - end -end diff --git a/corosync/lib/puppet/type/cs_property.rb b/corosync/lib/puppet/type/cs_property.rb deleted file mode 100644 index 8439345d3..000000000 --- a/corosync/lib/puppet/type/cs_property.rb +++ /dev/null @@ -1,37 +0,0 @@ -Puppet::Type.newtype(:cs_property) do - @doc = "Type for manipulating corosync/pacemaker configuration properties. - Besides the configuration file that is managed by the module the contains - all these related Corosync types and providers, there is a set of cluster - properties that can be set and saved inside the CIB (A CIB being a set of - configuration that is synced across the cluster, it can be exported as XML - for processing and backup). The type is pretty simple interface for - setting key/value pairs or removing them completely. Removing them will - result in them taking on their default value. - - More information on cluster properties can be found here: - - * http://www.clusterlabs.org/doc/en-US/Pacemaker/1.1/html/Pacemaker_Explained/_cluster_options.html - - P.S Looked at generating a type dynamically from the cluster's property - meta-data that would result in a single type with puppet type properties - of every cluster property...may still do so in a later iteration." - - ensurable - - newparam(:name) do - desc "Name identifier of this property. Simply the name of the cluster - property. Happily most of these are unique." - - isnamevar - end - - newproperty(:value) do - desc "Value of the property. It is expected that this will be a single - value but we aren't validating string vs. integer vs. boolean because - cluster properties can range the gambit." - end - - autorequire(:service) do - [ 'corosync' ] - end -end diff --git a/corosync/lib/puppet/type/cs_rsc_defaults.rb b/corosync/lib/puppet/type/cs_rsc_defaults.rb deleted file mode 100644 index bf6114c43..000000000 --- a/corosync/lib/puppet/type/cs_rsc_defaults.rb +++ /dev/null @@ -1,30 +0,0 @@ -Puppet::Type.newtype(:cs_rsc_defaults) do - @doc = "Type for manipulating corosync/pacemaker global defaults for - resource options. The type is pretty simple interface for setting - key/value pairs or removing them completely. Removing them will result - in them taking on their default value. - - More information on resource defaults can be found here: - - * http://clusterlabs.org/doc/en-US/Pacemaker/1.1/html/Pacemaker_Explained/s-resource-defaults.html - * http://clusterlabs.org/doc/en-US/Pacemaker/1.1/html/Pacemaker_Explained/s-resource-options.html" - - ensurable - - newparam(:name) do - desc "Name identifier of this property. Simply the name of the resource - option. Happily most of these are unique." - - isnamevar - end - - newproperty(:value) do - desc "Value of the property. It is expected that this will be a single - value but we aren't validating string vs. integer vs. boolean because - resource options can range the gambit." - end - - autorequire(:service) do - [ 'corosync' ] - end -end diff --git a/corosync/lib/puppet/type/cs_shadow.rb b/corosync/lib/puppet/type/cs_shadow.rb deleted file mode 100644 index 334cb2930..000000000 --- a/corosync/lib/puppet/type/cs_shadow.rb +++ /dev/null @@ -1,36 +0,0 @@ -Puppet::Type.newtype(:cs_shadow) do - @doc = "cs_shadow resources represent a Corosync shadow CIB. Any corosync - resources defined with 'cib' set to the title of a cs_shadow resource - will not become active until all other resources with the same cib - value have also been applied." - - newproperty(:cib) do - def sync - provider.sync(self.should) - end - - def retrieve - :absent - end - - def insync?(is) - false - end - - defaultto { @resource[:name] } - end - - newparam(:name) do - desc "Name of the shadow CIB to create and manage" - isnamevar - end - - def generate - options = { :name => @title } - [ Puppet::Type.type(:cs_commit).new(options) ] - end - - autorequire(:service) do - [ 'corosync' ] - end -end diff --git a/corosync/manifests/init.pp b/corosync/manifests/init.pp deleted file mode 100644 index 026feed91..000000000 --- a/corosync/manifests/init.pp +++ /dev/null @@ -1,358 +0,0 @@ -# == Class: corosync -# -# This class will set up corosync for use by the Puppet Enterprise console to -# facilitate an active/standby configuration for high availability. It is -# assumed that this module has been initially ran on a Puppet master with the -# capabilities of signing certificates to do the initial key generation. -# -# === Parameters -# -# [*enable_secauth*] -# Controls corosync's ability to authenticate and encrypt multicast messages. -# -# [*authkey_source*] -# Allows to use either a file or a string as a authkey. -# Defaults to 'file'. Can be set to 'string'. -# -# [*authkey*] -# Specifies the path to the CA which is used to sign Corosync's certificate if -# authkey_source is 'file' or the actual authkey if 'string' is used instead. -# -# [*threads*] -# How many threads you are going to let corosync use to encode and decode -# multicast messages. If you turn off secauth then corosync wil ignore -# threads. -# -# [*bind_address*] -# The ip address we are going to bind the corosync daemon too. -# Can be specified as an array to have multiple rings (multicast only). -# -# [*port*] -# The udp port that corosync will use to do its multicast communication. Be -# aware that corosync used this defined port plus minus one. -# Can be specified as an array to have multiple rings (multicast only). -# -# [*multicast_address*] -# An IP address that has been reserved for multicast traffic. This is the -# default way that Corosync accomplishes communication across the cluster. -# Use 'broadcast' to have broadcast instead -# Can be specified as an array to have multiple rings (multicast only). -# -# [*unicast_addresses*] -# An array of IP addresses that make up the cluster's members. These are -# use if you are able to use multicast on your network and instead opt for -# the udpu transport. You need a relatively recent version of Corosync to -# make this possible. -# -# [*force_online*] -# True/false parameter specifying whether to force nodes that have been put -# in standby back online. -# -# [*check_standby*] -# True/false parameter specifying whether puppet should return an error log -# message if a node is in standby. Useful for monitoring node state. -# -# [*debug*] -# True/false parameter specifying whether Corosync should produce debug -# output in its logs. -# -# [*rrp_mode*] -# Mode of redundant ring. May be none, active, or passive. -# -# [*ttl*] -# Time To Live (multicast only). -# -# [*package_corosync*] -# Define if package corosync should be installed. -# Defaults to true -# -# [*version_corosync*] -# Define what version of corosync should be installed. -# Defaults to present -# -# [*package_pacemaker*] -# Define if package pacemaker should be installed. -# Defaults to true -# -# [*version_pacemaker*] -# Define what version of pacemaker should be installed. -# Defaults to present -# -# [*package_pcs*] -# Define if package pcs should be installed. -# Defaults to true -# -# [*version_pcs*] -# Define what version of pcs should be installed. -# Defaults to present -# -# [*set_votequorum*] -# Set to true if corosync_votequorum should be used as quorum provider. -# Defaults to false. -# -# [*quorum_members*] -# Array of quorum member hostname. This is required if set_votequorum -# is set to true. -# Defaults to undef, -# -# [*token*] -# Time (in ms) to wait for a token -# -# [*token_retransmits_before_loss_const*] -# How many token retransmits before forming a new configuration -# -# === Deprecated Parameters -# -# [*packages*] -# Deprecated in favour of package_{corosync,pacemaker} and -# version_{corosync,pacemaker}. Array of packages to install. -# -# === Examples -# -# class { 'corosync': -# enable_secauth => false, -# bind_address => '192.168.2.10', -# multicast_address => '239.1.1.2', -# } -# -# === Authors -# -# Cody Herriges -# -# === Copyright -# -# Copyright 2012, Puppet Labs, LLC. -# -class corosync( - $enable_secauth = $::corosync::params::enable_secauth, - $authkey_source = $::corosync::params::authkey_source, - $authkey = $::corosync::params::authkey, - $threads = $::corosync::params::threads, - $port = $::corosync::params::port, - $bind_address = $::corosync::params::bind_address, - $multicast_address = $::corosync::params::multicast_address, - $unicast_addresses = $::corosync::params::unicast_addresses, - $force_online = $::corosync::params::force_online, - $check_standby = $::corosync::params::check_standby, - $debug = $::corosync::params::debug, - $rrp_mode = $::corosync::params::rrp_mode, - $ttl = $::corosync::params::ttl, - $packages = undef, - $package_corosync = undef, - $version_corosync = undef, - $package_pacemaker = undef, - $version_pacemaker = undef, - $package_pcs = undef, - $version_pcs = undef, - $set_votequorum = $::corosync::params::set_votequorum, - $quorum_members = ['localhost'], - $token = $::corosync::params::token, - $token_retransmits_before_loss_const = $::corosync::params::token_retransmits_before_lost_const, -) inherits ::corosync::params { - - if $set_votequorum and !$quorum_members { - fail('set_votequorum is true, but no quorum_members have been passed.') - } - - if $packages { - warning('$corosync::packages is deprecated, use $corosync::package_{corosync,pacemaker} instead!') - - package{ $packages: - ensure => present, - } - - # Ensure no options conflicting with $packages are set: - - if $package_corosync { - fail('$corosync::package_corosync and $corosync::packages must not be mixed!') - } - if $package_pacemaker { - fail('$corosync::package_pacemaker and $corosync::packages must not be mixed!') - } - if $version_corosync { - fail('$corosync::version_corosync and $corosync::packages must not be mixed!') - } - if $version_pacemaker { - fail('$corosync::version_pacemaker and $corosync::packages must not be mixed!') - } - } else { - # Handle defaults for new-style package parameters here to allow co-existence with $packages. - if $package_corosync == undef { - $_package_corosync = true - } else { - $_package_corosync = $package_corosync - } - - if $package_pacemaker == undef { - $_package_pacemaker = true - } else { - $_package_pacemaker = $package_pacemaker - } - - if $version_corosync == undef { - $_version_corosync = present - } else { - $_version_corosync = $version_corosync - } - - if $version_pacemaker == undef { - $_version_pacemaker = present - } else { - $_version_pacemaker = $version_pacemaker - } - - if $_package_corosync == true { - package { 'corosync': - ensure => $_version_corosync, - } - } - - if $_package_pacemaker == true { - package { 'pacemaker': - ensure => $_version_pacemaker, - } - } - } - - if ! is_bool($enable_secauth) { - validate_re($enable_secauth, '^(on|off)$') - } - validate_re($authkey_source, '^(file|string)$') - validate_bool($force_online) - validate_bool($check_standby) - validate_bool($debug) - - if $unicast_addresses == 'UNSET' { - $corosync_conf = "${module_name}/corosync.conf.erb" - } else { - $corosync_conf = "${module_name}/corosync.conf.udpu.erb" - } - - # $multicast_address is NOT required if $unicast_address is provided - if $multicast_address == 'UNSET' and $unicast_addresses == 'UNSET' { - fail('You must provide a value for multicast_address') - } - - case $enable_secauth { - true: { $enable_secauth_real = 'on' } - false: { $enable_secauth_real = 'off' } - default: { $enable_secauth_real = $enable_secauth } - } - - # Using the Puppet infrastructure's ca as the authkey, this means any node in - # Puppet can join the cluster. Totally not ideal, going to come up with - # something better. - if $enable_secauth_real == 'on' { - case $authkey_source { - 'file': { - file { '/etc/corosync/authkey': - ensure => file, - source => $authkey, - mode => '0400', - owner => 'root', - group => 'root', - notify => Service['corosync'], - require => Package['corosync'], - } - } - 'string': { - file { '/etc/corosync/authkey': - ensure => file, - content => $authkey, - mode => '0400', - owner => 'root', - group => 'root', - notify => Service['corosync'], - require => Package['corosync'], - } - } - default: {} - } - } - - if $::osfamily == 'RedHat' { - if $package_pcs == undef { - $_package_pcs = true - } else { - $_package_pcs = $package_pcs - } - - if $version_pcs == undef { - $_version_pcs = present - } else { - $_version_pcs = $version_pcs - } - - if $_package_pcs { - package { 'pcs': - ensure => $_version_pcs, - } - } - } - - # Template uses: - # - $unicast_addresses - # - $multicast_address - # - $debug - # - $bind_address - # - $port - # - $enable_secauth_real - # - $threads - # - $token - file { '/etc/corosync/corosync.conf': - ensure => file, - mode => '0644', - owner => 'root', - group => 'root', - content => template($corosync_conf), - require => Package['corosync'], - } - - file { '/etc/corosync/service.d': - ensure => directory, - mode => '0755', - owner => 'root', - group => 'root', - recurse => true, - purge => true, - require => Package['corosync'] - } - - case $::osfamily { - 'Debian': { - exec { 'enable corosync': - command => 'sed -i s/START=no/START=yes/ /etc/default/corosync', - path => [ '/bin', '/usr/bin' ], - unless => 'grep START=yes /etc/default/corosync', - require => Package['corosync'], - before => Service['corosync'], - } - } - default: {} - } - - if $check_standby { - # Throws a puppet error if node is on standby - exec { 'check_standby node': - command => 'echo "Node appears to be on standby" && false', - path => [ '/bin', '/usr/bin', '/sbin', '/usr/sbin' ], - onlyif => "crm node status|grep ${::hostname}-standby|grep 'value=\"on\"'", - require => Service['corosync'], - } - } - - if $force_online { - exec { 'force_online node': - command => 'crm node online', - path => [ '/bin', '/usr/bin', '/sbin', '/usr/sbin' ], - onlyif => "crm node status|grep ${::hostname}-standby|grep 'value=\"on\"'", - require => Service['corosync'], - } - } - - service { 'corosync': - ensure => running, - enable => true, - subscribe => File[ [ '/etc/corosync/corosync.conf', '/etc/corosync/service.d' ] ], - } -} diff --git a/corosync/manifests/params.pp b/corosync/manifests/params.pp deleted file mode 100644 index 952fb4b2f..000000000 --- a/corosync/manifests/params.pp +++ /dev/null @@ -1,32 +0,0 @@ -class corosync::params { - $enable_secauth = true - $authkey_source = 'file' - $authkey = '/etc/puppet/ssl/certs/ca.pem' - $threads = $::processorcount - $port = '5405' - $bind_address = $::ipaddress - $multicast_address = 'UNSET' - $unicast_addresses = 'UNSET' - $force_online = false - $check_standby = false - $debug = false - $rrp_mode = 'none' - $ttl = false - $token = 3000 - $token_retransmits_before_lost_const = 10 - - case $::osfamily { - 'RedHat': { - $set_votequorum = true - } - - 'Debian': { - $set_votequorum = false - } - - default: { - fail('Not supported OS') - } - } - -} diff --git a/corosync/manifests/reprobe.pp b/corosync/manifests/reprobe.pp deleted file mode 100644 index 6a4617ff8..000000000 --- a/corosync/manifests/reprobe.pp +++ /dev/null @@ -1,37 +0,0 @@ -# == Class: corosync::reprobe -# -# Include this class to reprobe the corosync cluster when there are changes in -# any of the native cs_* types. Useful for multi-node provisioning when the -# nodes are not always in a stable state after provisioning. -# -# === Examples -# -# Reprobe corosync after making cluster configuration changes: -# -# include corosync::reprobe -# -# === Copyright -# -# Copyright 2012 Puppet Labs, LLC. -# -class corosync::reprobe { - exec { 'crm resource reprobe': - path => ['/bin','/usr/bin','/sbin','/usr/sbin'], - refreshonly => true, - } - Cs_primitive <| |> { - notify => Exec['crm resource reprobe'], - } - Cs_colocation <| |> { - notify => Exec['crm resource reprobe'], - } - Cs_order <| |> { - notify => Exec['crm resource reprobe'], - } - Cs_group <| |> { - notify => Exec['crm resource reprobe'], - } - Cs_commit <| |> { - notify => Exec['crm resource reprobe'], - } -} diff --git a/corosync/manifests/service.pp b/corosync/manifests/service.pp deleted file mode 100644 index a40a5e72b..000000000 --- a/corosync/manifests/service.pp +++ /dev/null @@ -1,44 +0,0 @@ -# == Define: corosync::service -# -# Models a Corosync service. Corosync services are plugins that provide -# functionality for monitoring cluster resources. One of the most common -# of these plugins being Pacemaker. -# -# === Parameters -# -# [*namevar*] -# The namevar in this type is the title you give it when you define a resource -# instance. It is used for a handful of purposes; defining the name of the -# config file and the name defined inside the file itself. -# -# [*version*] -# Version of the protocol used by this service. -# -# === Examples -# -# Provide some examples on how to use this type: -# -# corosync::service { 'pacemaker': -# version => '0', -# } -# -# === Authors -# -# Cody Herriges -# -# === Copyright -# -# Copyright 2012 Puppet Labs, LLC. -# -define corosync::service($version) { - - file { "/etc/corosync/service.d/${name}": - ensure => file, - content => template("${module_name}/service.erb"), - mode => '0644', - owner => 'root', - group => 'root', - require => Package['corosync'], - notify => Service['corosync'], - } -} diff --git a/corosync/metadata.json b/corosync/metadata.json deleted file mode 100644 index a36f9d921..000000000 --- a/corosync/metadata.json +++ /dev/null @@ -1,13 +0,0 @@ -{ - "name": "puppet-corosync", - "version": "0.7.0", - "author": "puppet-community", - "summary": "This module is a set of manifests and types/providers for quickly setting up highly available clusters using Corosync", - "license": "Apache License, Version 2.0", - "source": "https://github.com/puppet-community/puppet-corosync", - "project_page": "https://github.com/puppet-community/puppet-corosync", - "issues_url": "https://github.com/puppet-community/puppet-corosync/issues", - "dependencies": [ - {"name":"puppetlabs/stdlib","version_requirement":"4.x"} - ] -} diff --git a/corosync/spec/acceptance/basic_spec.rb b/corosync/spec/acceptance/basic_spec.rb deleted file mode 100644 index ded525fab..000000000 --- a/corosync/spec/acceptance/basic_spec.rb +++ /dev/null @@ -1,60 +0,0 @@ -require 'spec_helper_acceptance' - -# These tests are designed to ensure that the module, when ran with defaults, -# sets up everything correctly and allows us to connect to Postgres. -describe 'corosync' do - cert = '-----BEGIN CERTIFICATE----- -MIIDVzCCAj+gAwIBAgIJAJNCo5ZPmKegMA0GCSqGSIb3DQEBBQUAMEIxCzAJBgNV -BAYTAlhYMRUwEwYDVQQHDAxEZWZhdWx0IENpdHkxHDAaBgNVBAoME0RlZmF1bHQg -Q29tcGFueSBMdGQwHhcNMTUwMjI2MjI1MjU5WhcNMTUwMzI4MjI1MjU5WjBCMQsw -CQYDVQQGEwJYWDEVMBMGA1UEBwwMRGVmYXVsdCBDaXR5MRwwGgYDVQQKDBNEZWZh -dWx0IENvbXBhbnkgTHRkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA -uCPPbDgErGUVs1pKqv59OatjCEU4P9QcmhDYFR7RBN8m08mIqd+RTuiHUKj6C9Rk -vWQ5bYrGQo/+4E0ziAUuUzzITlpIYLVltca6eBhKUqO3Cd0NMRVc2k4nx5948nwv -9FVOIfOOY6BN2ALglfBfLnhObbzJjs6OSZ7bUCpXVPV01t/61Jj3jQ3+R8b7AaoR -mw7j0uWaFimKt/uag1qqKGw3ilieMhHlG0Da5x9WLi+5VIM0t1rcpR58LLXVvXZB -CrQBucm2xhZsz7R76Ai+NL8zhhyzCZidZ2NtJ3E1wzppcSDAfNrru+rcFSlZ4YG+ -lMCqZ1aqKWVXmb8+Vg7IkQIDAQABo1AwTjAdBgNVHQ4EFgQULxI68KhZwEF5Q9al -xZmFDR+Beu4wHwYDVR0jBBgwFoAULxI68KhZwEF5Q9alxZmFDR+Beu4wDAYDVR0T -BAUwAwEB/zANBgkqhkiG9w0BAQUFAAOCAQEAsa0YKPixD6VmDo3pal2qqichHbdT -hUONk2ozzRoaibVocqKx2T6Ho23wb/lDlRUu4K4DMO663uumzI9lNoOewa0MuW1D -J52cejAMVsP3ROOdxBv0HZIVVJ8NLBHNLFOHJEDtvzogLVplzmo59vPAdmQo6eIV -japvs+0tdy9iwHj3z1ZME2Ntm/5TzG537e7Hb2zogatM9aBTUAWlZ1tpoaXuTH52 -J76GtqoIOh+CTeY/BMwBotdQdgeR0zvjE9FuLWkhTmRtVFhbVIzJbFlFuYq5d3LH -NWyN0RsTXFaqowV1/HSyvfD7LoF/CrmN5gOAM3Ierv/Ti9uqGVhdGBd/kw==' - File.open('/tmp/ca.pem', 'w') { |f| f.write(cert) } - it 'with defaults' do - pp = <<-EOS - file { '/tmp/ca.pem': - ensure => file, - content => '#{cert}' - } -> - class { 'corosync': - multicast_address => '224.0.0.1', - authkey => '/tmp/ca.pem', - bind_address => $ipaddress - } - corosync::service { 'pacemaker': - version => '1', - } -> - service { 'pacemaker': - ensure => running, - } - EOS - - apply_manifest(pp, :catch_failures => true) - apply_manifest(pp, :catch_changes => true) - end - - describe service('corosync') do - it { is_expected.to be_running } - end - - describe service('pacemaker') do - it { is_expected.to be_running } - end - -end - - - diff --git a/corosync/spec/acceptance/cs_colocation_spec.rb b/corosync/spec/acceptance/cs_colocation_spec.rb deleted file mode 100644 index 95a5d2372..000000000 --- a/corosync/spec/acceptance/cs_colocation_spec.rb +++ /dev/null @@ -1,112 +0,0 @@ -require 'spec_helper_acceptance' - -describe 'corosync' do - cert = '-----BEGIN CERTIFICATE----- -MIIDVzCCAj+gAwIBAgIJAJNCo5ZPmKegMA0GCSqGSIb3DQEBBQUAMEIxCzAJBgNV -BAYTAlhYMRUwEwYDVQQHDAxEZWZhdWx0IENpdHkxHDAaBgNVBAoME0RlZmF1bHQg -Q29tcGFueSBMdGQwHhcNMTUwMjI2MjI1MjU5WhcNMTUwMzI4MjI1MjU5WjBCMQsw -CQYDVQQGEwJYWDEVMBMGA1UEBwwMRGVmYXVsdCBDaXR5MRwwGgYDVQQKDBNEZWZh -dWx0IENvbXBhbnkgTHRkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA -uCPPbDgErGUVs1pKqv59OatjCEU4P9QcmhDYFR7RBN8m08mIqd+RTuiHUKj6C9Rk -vWQ5bYrGQo/+4E0ziAUuUzzITlpIYLVltca6eBhKUqO3Cd0NMRVc2k4nx5948nwv -9FVOIfOOY6BN2ALglfBfLnhObbzJjs6OSZ7bUCpXVPV01t/61Jj3jQ3+R8b7AaoR -mw7j0uWaFimKt/uag1qqKGw3ilieMhHlG0Da5x9WLi+5VIM0t1rcpR58LLXVvXZB -CrQBucm2xhZsz7R76Ai+NL8zhhyzCZidZ2NtJ3E1wzppcSDAfNrru+rcFSlZ4YG+ -lMCqZ1aqKWVXmb8+Vg7IkQIDAQABo1AwTjAdBgNVHQ4EFgQULxI68KhZwEF5Q9al -xZmFDR+Beu4wHwYDVR0jBBgwFoAULxI68KhZwEF5Q9alxZmFDR+Beu4wDAYDVR0T -BAUwAwEB/zANBgkqhkiG9w0BAQUFAAOCAQEAsa0YKPixD6VmDo3pal2qqichHbdT -hUONk2ozzRoaibVocqKx2T6Ho23wb/lDlRUu4K4DMO663uumzI9lNoOewa0MuW1D -J52cejAMVsP3ROOdxBv0HZIVVJ8NLBHNLFOHJEDtvzogLVplzmo59vPAdmQo6eIV -japvs+0tdy9iwHj3z1ZME2Ntm/5TzG537e7Hb2zogatM9aBTUAWlZ1tpoaXuTH52 -J76GtqoIOh+CTeY/BMwBotdQdgeR0zvjE9FuLWkhTmRtVFhbVIzJbFlFuYq5d3LH -NWyN0RsTXFaqowV1/HSyvfD7LoF/CrmN5gOAM3Ierv/Ti9uqGVhdGBd/kw==' - File.open('/tmp/ca.pem', 'w') { |f| f.write(cert) } - it 'with defaults' do - pp = <<-EOS - file { '/tmp/ca.pem': - ensure => file, - content => '#{cert}' - } -> - class { 'corosync': - multicast_address => '224.0.0.1', - authkey => '/tmp/ca.pem', - bind_address => '127.0.0.1', - set_votequorum => true, - quorum_members => ['127.0.0.1'], - } - corosync::service { 'pacemaker': - version => '1', - before => Service['pacemaker'], - } - if $::osfamily == 'RedHat' { - exec { 'stop_pacemaker': - command => 'service pacemaker stop', - path => ['/bin','/sbin','/usr/sbin/'], - refreshonly => true, - notify => Service['corosync'], - subscribe => File['/etc/corosync/corosync.conf'], - } - } - service { 'pacemaker': - ensure => running, - subscribe => Service['corosync'], - } - cs_property { 'stonith-enabled' : - value => 'false', - } -> - cs_primitive { 'nginx_vip': - primitive_class => 'ocf', - primitive_type => 'IPaddr2', - provided_by => 'heartbeat', - parameters => { 'ip' => '172.16.210.100', 'cidr_netmask' => '24' }, - operations => { 'monitor' => { 'interval' => '10s' } }, - } -> - cs_primitive { 'nginx_service': - primitive_class => 'ocf', - primitive_type => 'IPaddr2', - provided_by => 'heartbeat', - parameters => { 'ip' => '172.16.210.101', 'cidr_netmask' => '24' }, - operations => { 'monitor' => { 'interval' => '10s' } }, - } -> - cs_colocation { 'vip_with_service': - primitives => [ 'nginx_vip', 'nginx_service' ], - } - EOS - - apply_manifest(pp, :catch_failures => true) - unless fact('osfamily') == 'RedHat' # Something's wrong with the pcs provider - apply_manifest(pp, :catch_changes => true) - end - end - - describe service('corosync') do - it { is_expected.to be_running } - end - - it 'should create the resources' do - if fact('osfamily') == 'RedHat' - command = 'pcs resource show' - else - command = 'crm_resource --list' - end - shell(command) do |r| - expect(r.stdout).to match(/nginx_service.*IPaddr2/) - expect(r.stdout).to match(/nginx_vip.*IPaddr2/) - end - end - - it 'should create the colocation' do - if fact('osfamily') == 'RedHat' - command = 'pcs cluster cib' - else - command = 'crm configure show' - end - shell("#{command} | grep vip_with_service") do |r| - expect(r.stdout).to match(/colocation.*nginx_service.*nginx_vip/) - end - end - -end - - - diff --git a/corosync/spec/acceptance/nodesets/centos-510-x64.yml b/corosync/spec/acceptance/nodesets/centos-510-x64.yml deleted file mode 100644 index 12c9e7893..000000000 --- a/corosync/spec/acceptance/nodesets/centos-510-x64.yml +++ /dev/null @@ -1,10 +0,0 @@ -HOSTS: - centos-510-x64: - roles: - - master - platform: el-5-x86_64 - box : centos-510-x64-virtualbox-nocm - box_url : http://puppet-vagrant-boxes.puppetlabs.com/centos-510-x64-virtualbox-nocm.box - hypervisor : vagrant -CONFIG: - type: git diff --git a/corosync/spec/acceptance/nodesets/centos-59-x64.yml b/corosync/spec/acceptance/nodesets/centos-59-x64.yml deleted file mode 100644 index 2ad90b86a..000000000 --- a/corosync/spec/acceptance/nodesets/centos-59-x64.yml +++ /dev/null @@ -1,10 +0,0 @@ -HOSTS: - centos-59-x64: - roles: - - master - platform: el-5-x86_64 - box : centos-59-x64-vbox4210-nocm - box_url : http://puppet-vagrant-boxes.puppetlabs.com/centos-59-x64-vbox4210-nocm.box - hypervisor : vagrant -CONFIG: - type: git diff --git a/corosync/spec/acceptance/nodesets/centos-64-x64.yml b/corosync/spec/acceptance/nodesets/centos-64-x64.yml deleted file mode 100644 index 063983549..000000000 --- a/corosync/spec/acceptance/nodesets/centos-64-x64.yml +++ /dev/null @@ -1,10 +0,0 @@ -HOSTS: - centos-64-x64: - roles: - - master - platform: el-6-x86_64 - box : centos-64-x64-vbox4210-nocm - box_url : http://puppet-vagrant-boxes.puppetlabs.com/centos-64-x64-vbox4210-nocm.box - hypervisor : vagrant -CONFIG: - type: git diff --git a/corosync/spec/acceptance/nodesets/centos-65-x64.yml b/corosync/spec/acceptance/nodesets/centos-65-x64.yml deleted file mode 100644 index 4e2cb809e..000000000 --- a/corosync/spec/acceptance/nodesets/centos-65-x64.yml +++ /dev/null @@ -1,10 +0,0 @@ -HOSTS: - centos-65-x64: - roles: - - master - platform: el-6-x86_64 - box : centos-65-x64-vbox436-nocm - box_url : http://puppet-vagrant-boxes.puppetlabs.com/centos-65-x64-virtualbox-nocm.box - hypervisor : vagrant -CONFIG: - type: foss diff --git a/corosync/spec/acceptance/nodesets/debian-607-x64.yml b/corosync/spec/acceptance/nodesets/debian-607-x64.yml deleted file mode 100644 index 4c8be42d0..000000000 --- a/corosync/spec/acceptance/nodesets/debian-607-x64.yml +++ /dev/null @@ -1,10 +0,0 @@ -HOSTS: - debian-607-x64: - roles: - - master - platform: debian-6-amd64 - box : debian-607-x64-vbox4210-nocm - box_url : http://puppet-vagrant-boxes.puppetlabs.com/debian-607-x64-vbox4210-nocm.box - hypervisor : vagrant -CONFIG: - type: git diff --git a/corosync/spec/acceptance/nodesets/debian-73-x64.yml b/corosync/spec/acceptance/nodesets/debian-73-x64.yml deleted file mode 100644 index 3e31a8276..000000000 --- a/corosync/spec/acceptance/nodesets/debian-73-x64.yml +++ /dev/null @@ -1,10 +0,0 @@ -HOSTS: - debian-73-x64: - roles: - - master - platform: debian-7-amd64 - box : debian-73-x64-virtualbox-nocm - box_url : http://puppet-vagrant-boxes.puppetlabs.com/debian-73-x64-virtualbox-nocm.box - hypervisor : vagrant -CONFIG: - type: git diff --git a/corosync/spec/acceptance/nodesets/ubuntu-server-10044-x64.yml b/corosync/spec/acceptance/nodesets/ubuntu-server-10044-x64.yml deleted file mode 100644 index 5ca1514e4..000000000 --- a/corosync/spec/acceptance/nodesets/ubuntu-server-10044-x64.yml +++ /dev/null @@ -1,10 +0,0 @@ -HOSTS: - ubuntu-server-10044-x64: - roles: - - master - platform: ubuntu-10.04-amd64 - box : ubuntu-server-10044-x64-vbox4210-nocm - box_url : http://puppet-vagrant-boxes.puppetlabs.com/ubuntu-server-10044-x64-vbox4210-nocm.box - hypervisor : vagrant -CONFIG: - type: foss diff --git a/corosync/spec/acceptance/nodesets/ubuntu-server-12042-x64.yml b/corosync/spec/acceptance/nodesets/ubuntu-server-12042-x64.yml deleted file mode 100644 index d065b304f..000000000 --- a/corosync/spec/acceptance/nodesets/ubuntu-server-12042-x64.yml +++ /dev/null @@ -1,10 +0,0 @@ -HOSTS: - ubuntu-server-12042-x64: - roles: - - master - platform: ubuntu-12.04-amd64 - box : ubuntu-server-12042-x64-vbox4210-nocm - box_url : http://puppet-vagrant-boxes.puppetlabs.com/ubuntu-server-12042-x64-vbox4210-nocm.box - hypervisor : vagrant -CONFIG: - type: foss diff --git a/corosync/spec/acceptance/nodesets/ubuntu-server-1404-x64.yml b/corosync/spec/acceptance/nodesets/ubuntu-server-1404-x64.yml deleted file mode 100644 index cba1cd04c..000000000 --- a/corosync/spec/acceptance/nodesets/ubuntu-server-1404-x64.yml +++ /dev/null @@ -1,11 +0,0 @@ -HOSTS: - ubuntu-server-1404-x64: - roles: - - master - platform: ubuntu-14.04-amd64 - box : puppetlabs/ubuntu-14.04-64-nocm - box_url : https://vagrantcloud.com/puppetlabs/ubuntu-14.04-64-nocm - hypervisor : vagrant -CONFIG: - log_level : debug - type: git diff --git a/corosync/spec/classes/corosync_spec.rb b/corosync/spec/classes/corosync_spec.rb deleted file mode 100644 index 29b64c2a0..000000000 --- a/corosync/spec/classes/corosync_spec.rb +++ /dev/null @@ -1,163 +0,0 @@ -require 'spec_helper' - -describe 'corosync' do - - let :params do - { :set_votequorum => false, - :multicast_address => '239.1.1.2' } - end - - shared_examples_for 'corosync' do - it { is_expected.to compile } - - context 'when set_quorum is true and quorum_members are set' do - before :each do - params.merge!( - { :set_votequorum => true, - :quorum_members => ['node1.test.org', 'node2.test.org'] } - ) - end - - it 'configures votequorum' do - should contain_file('/etc/corosync/corosync.conf').with_content( - /nodelist/ - ) - should contain_file('/etc/corosync/corosync.conf').with_content( - /ring0_addr\: node1\.test\.org/ - ) - should contain_file('/etc/corosync/corosync.conf').with_content( - /ring0_addr\: node2\.test\.org/ - ) - end - end - - context 'when set_quorum is true and unicast is used' do - before :each do - params.merge!( - { :set_votequorum => true, - :quorum_members => ['node1.test.org', 'node2.test.org'], - :multicast_address => 'UNSET', - :unicast_addresses => ['192.168.1.1', '192.168.1.2'], } - ) - end - - it 'configures votequorum' do - should contain_file('/etc/corosync/corosync.conf').with_content( - /nodelist/ - ) - should contain_file('/etc/corosync/corosync.conf').with_content( - /ring0_addr\: node1\.test\.org/ - ) - should contain_file('/etc/corosync/corosync.conf').with_content( - /ring0_addr\: node2\.test\.org/ - ) - end - end - - - [ :package_corosync, :package_pacemaker, :version_corosync, :version_pacemaker ].each { |package_param| - context "new-style package parameter $#{package_param} mixed with deprecated $packages parameter" do - before :each do - params.merge!( - { - package_param => true, # value does not really matter here: these - # two params must not both be defined - # at the same time. - :packages => ['corosync', 'pacemaker'], - } - ) - end - - it 'raises error' do - should raise_error( - Puppet::Error, - /\$corosync::#{package_param} and \$corosync::packages must not be mixed!/ - ) - end - end - } - - - [ :corosync, :pacemaker ].each { |package| - context "install package #{package} with default version" do - before :each do - params.merge!( { "package_#{package}" => true, } ) - end - - it "does install #{package}" do - should contain_package(package).with( - :ensure => 'present' - ) - end - - end - - - context "install package #{package} with custom version" do - before :each do - params.merge!( - { "package_#{package}" => true, - "version_#{package}" => '1.1.1' } - ) - end - - it "does install #{package} with version 1.1.1" do - should contain_package(package).with( - :ensure => '1.1.1' - ) - end - - end - - - context "do not install #{package}" do - before :each do - params.merge!( { "package_#{package}" => false, } ) - end - - it "does not install #{package}" do - should_not contain_package(package) - end - - end - - } - - - context 'when set_quorum is true and quorum_members are not set' do - before :each do - params.merge!( - { :set_votequorum => true, - :quorum_members => false } - ) - end - - it 'raises error' do - should raise_error( - Puppet::Error, - /set_votequorum is true, but no quorum_members have been passed./ - ) - end - end - end - - context 'on Debian platforms' do - let :facts do - { :osfamily => 'Debian', - :processorcount => '3', - :ipaddress => '127.0.0.1' } - end - - it_configures 'corosync' - end - - context 'on RedHat platforms' do - let :facts do - { :osfamily => 'RedHat', - :processorcount => '3', - :ipaddress => '127.0.0.1' } - end - - it_configures 'corosync' - end -end diff --git a/corosync/spec/spec.opts b/corosync/spec/spec.opts deleted file mode 100644 index 91cd6427e..000000000 --- a/corosync/spec/spec.opts +++ /dev/null @@ -1,6 +0,0 @@ ---format -s ---colour ---loadby -mtime ---backtrace diff --git a/corosync/spec/spec_helper.rb b/corosync/spec/spec_helper.rb deleted file mode 100644 index e17ce17d6..000000000 --- a/corosync/spec/spec_helper.rb +++ /dev/null @@ -1,5 +0,0 @@ -require 'puppetlabs_spec_helper/module_spec_helper' - -RSpec.configure do |c| - c.alias_it_should_behave_like_to :it_configures, 'configures' -end diff --git a/corosync/spec/spec_helper_acceptance.rb b/corosync/spec/spec_helper_acceptance.rb deleted file mode 100644 index 0eb4b9069..000000000 --- a/corosync/spec/spec_helper_acceptance.rb +++ /dev/null @@ -1,31 +0,0 @@ -require 'beaker-rspec' - -UNSUPPORTED_PLATFORMS = [] - -unless ENV['RS_PROVISION'] == 'no' or ENV['BEAKER_provision'] == 'no' - if hosts.first.is_pe? - install_pe - else - install_puppet - end - hosts.each do |host| - on hosts, "mkdir -p #{host['distmoduledir']}" - end -end - -RSpec.configure do |c| - # Project root - proj_root = File.expand_path(File.join(File.dirname(__FILE__), '..')) - - # Readable test descriptions - c.formatter = :documentation - c.before :suite do - hosts.each do |host| - copy_module_to(host, :source => proj_root, :module_name => 'corosync') - - shell("/bin/touch #{default['puppetpath']}/hiera.yaml") - shell('puppet module install puppetlabs-stdlib', { :acceptable_exit_codes => [0,1] }) - end - end -end - diff --git a/corosync/spec/unit/puppet/provider/corosync_spec.rb b/corosync/spec/unit/puppet/provider/corosync_spec.rb deleted file mode 100644 index 27f3c3e88..000000000 --- a/corosync/spec/unit/puppet/provider/corosync_spec.rb +++ /dev/null @@ -1,46 +0,0 @@ -require 'spec_helper' -require 'puppet/provider/crmsh' - -describe Puppet::Provider::Crmsh do - let :provider do - described_class.new - end - - it 'declares a crm_attribute command' do - expect{ - described_class.command :crm_attribute - }.not_to raise_error - end - - describe '#ready' do - before do - # this would probably return nil on the test platform, unless - # crm_attribute happens to be installed. - described_class.stubs(:command).with(:crm_attribute).returns 'crm_attribute' - end - - it 'returns false when crm_attribute exits unsuccessfully' do - if Puppet::PUPPETVERSION.to_f < 3.4 - Puppet::Util::SUIDManager.expects(:run_and_capture).with(['crm_attribute', '--type', 'crm_config', '--query', '--name', 'dc-version']).returns(['', 1]) - else - Puppet::Util::Execution.expects(:execute).with(['crm_attribute', '--type', 'crm_config', '--query', '--name', 'dc-version'],{:failonfail => false}).returns( - Puppet::Util::Execution::ProcessOutput.new('', 1) - ) - end - - expect(described_class.ready?).to be_falsey - end - - it 'returns true when crm_attribute exits successfully' do - if Puppet::PUPPETVERSION.to_f < 3.4 - Puppet::Util::SUIDManager.expects(:run_and_capture).with(['crm_attribute', '--type', 'crm_config', '--query', '--name', 'dc-version']).returns(['', 0]) - else - Puppet::Util::Execution.expects(:execute).with(['crm_attribute', '--type', 'crm_config', '--query', '--name', 'dc-version'],{:failonfail => false}).returns( - Puppet::Util::Execution::ProcessOutput.new('', 0) - ) - end - - expect(described_class.ready?).to be_truthy - end - end -end diff --git a/corosync/spec/unit/puppet/provider/cs_clone_crm_spec.rb b/corosync/spec/unit/puppet/provider/cs_clone_crm_spec.rb deleted file mode 100644 index a3f70227f..000000000 --- a/corosync/spec/unit/puppet/provider/cs_clone_crm_spec.rb +++ /dev/null @@ -1,125 +0,0 @@ -require 'spec_helper' - -describe Puppet::Type.type(:cs_clone).provider(:crm) do - before do - described_class.stubs(:command).with(:crm).returns 'crm' - end - - context 'when getting instances' do - let :instances do - - test_cib = <<-EOS - - - - - - - - - - - - - - EOS - - described_class.expects(:block_until_ready).returns(nil) - if Puppet::PUPPETVERSION.to_f < 3.4 - Puppet::Util::SUIDManager.expects(:run_and_capture).with(['crm', 'configure', 'show', 'xml']).at_least_once.returns([test_cib, 0]) - else - Puppet::Util::Execution.expects(:execute).with(['crm', 'configure', 'show', 'xml']).at_least_once.returns( - Puppet::Util::Execution::ProcessOutput.new(test_cib, 0) - ) - end - instances = described_class.instances - end - - it 'should have an instance for each ' do - expect(instances.count).to eq(1) - end - - describe 'each instance' do - let :instance do - instances.first - end - - it "is a kind of #{described_class.name}" do - expect(instance).to be_a_kind_of(described_class) - end - - it "is named by the 's id attribute" do - expect(instance.name).to eq("p_keystone-clone") - end - end - end - - context 'when flushing' do - def expect_update(pattern) - instance.expects(:crm).with { |*args| - if args.slice(0..2) == ['configure', 'load', 'update'] - expect(File.read(args[3])).to match(pattern) - true - else - false - end - } - end - - let :resource do - Puppet::Type.type(:cs_clone).new( - :name => 'p_keystone-clone', - :provider => :crm, - :primitive => 'p_keystone', - :ensure => :present) - end - - let :instance do - instance = described_class.new(resource) - instance.create - instance - end - - it 'creates clone' do - expect_update(/clone p_keystone-clone p_keystone/) - instance.flush - end - - it 'sets max clones' do - instance.clone_max = 3 - expect_update(/clone-max=3/) - instance.flush - end - - it 'sets max node clones' do - instance.clone_node_max = 3 - expect_update(/clone-node-max=3/) - instance.flush - end - - it 'sets notify_clones' do - instance.notify_clones = :true - expect_update(/notify=true/) - instance.flush - end - - it 'sets globally unique' do - instance.globally_unique = :true - expect_update(/globally-unique=true/) - instance.flush - end - - it 'sets ordered' do - instance.ordered = :true - expect_update(/ordered=true/) - instance.flush - end - - it 'sets interleave' do - instance.interleave = :true - expect_update(/interleave=true/) - instance.flush - end - end - -end diff --git a/corosync/spec/unit/puppet/provider/cs_clone_pcs_spec.rb b/corosync/spec/unit/puppet/provider/cs_clone_pcs_spec.rb deleted file mode 100644 index 54868b22f..000000000 --- a/corosync/spec/unit/puppet/provider/cs_clone_pcs_spec.rb +++ /dev/null @@ -1,132 +0,0 @@ -require 'spec_helper' - -describe Puppet::Type.type(:cs_clone).provider(:pcs) do - before do - described_class.stubs(:command).with(:pcs).returns 'pcs' - end - - context 'when getting instances' do - let :instances do - - test_cib = <<-EOS - - - - - - - - - - - - - - EOS - - described_class.expects(:block_until_ready).returns(nil) - if Puppet::PUPPETVERSION.to_f < 3.4 - Puppet::Util::SUIDManager.expects(:run_and_capture).with(['pcs', 'cluster', 'cib']).at_least_once.returns([test_cib, 0]) - else - Puppet::Util::Execution.expects(:execute).with(['pcs', 'cluster', 'cib'], {:failonfail => true}).at_least_once.returns( - Puppet::Util::Execution::ProcessOutput.new(test_cib, 0) - ) - end - instances = described_class.instances - end - - it 'should have an instance for each ' do - expect(instances.count).to eq(1) - end - - describe 'each instance' do - let :instance do - instances.first - end - - it "is a kind of #{described_class.name}" do - expect(instance).to be_a_kind_of(described_class) - end - - it "is named by the 's id attribute" do - expect(instance.name).to eq("p_keystone-clone") - end - end - end - - context 'when flushing' do - def expect_update(pattern) - if Puppet::PUPPETVERSION.to_f < 3.4 - Puppet::Util::SUIDManager.expects(:run_and_capture).with { |*args| - cmdline=args[0].join(" ") - expect(cmdline).to match(pattern) - true - }.at_least_once.returns(['', 0]) - else - Puppet::Util::Execution.expects(:execute).with{ |*args| - cmdline=args[0].join(" ") - expect(cmdline).to match(pattern) - true - }.at_least_once.returns( - Puppet::Util::Execution::ProcessOutput.new('', 0) - ) - end - end - - let :resource do - Puppet::Type.type(:cs_clone).new( - :name => 'p_keystone', - :provider => :pcs, - :primitive => 'p_keystone', - :ensure => :present) - end - - let :instance do - instance = described_class.new(resource) - instance.create - instance - end - - it 'creates clone' do - expect_update(/pcs resource clone p_keystone/) - instance.flush - end - - it 'sets max clones' do - instance.clone_max = 3 - expect_update(/clone-max=3/) - instance.flush - end - - it 'sets max node clones' do - instance.clone_node_max = 3 - expect_update(/clone-node-max=3/) - instance.flush - end - - it 'sets notify_clones' do - instance.notify_clones = :true - expect_update(/notify=true/) - instance.flush - end - - it 'sets globally unique' do - instance.globally_unique = :true - expect_update(/globally-unique=true/) - instance.flush - end - - it 'sets ordered' do - instance.ordered = :true - expect_update(/ordered=true/) - instance.flush - end - - it 'sets interleave' do - instance.interleave = :true - expect_update(/interleave=true/) - instance.flush - end - end - -end diff --git a/corosync/spec/unit/puppet/provider/cs_colocation_crm_spec.rb b/corosync/spec/unit/puppet/provider/cs_colocation_crm_spec.rb deleted file mode 100644 index b567f3c99..000000000 --- a/corosync/spec/unit/puppet/provider/cs_colocation_crm_spec.rb +++ /dev/null @@ -1,140 +0,0 @@ -require 'spec_helper' - -describe Puppet::Type.type(:cs_colocation).provider(:crm) do - before do - described_class.stubs(:command).with(:crm).returns 'crm' - end - - before(:all) do - described_class.expects(:block_until_ready).returns(nil) - end - - - let :test_cib do - test_cib = <<-EOS - - - - - - - - EOS - end - - let :instances do - if Puppet::PUPPETVERSION.to_f < 3.4 - Puppet::Util::SUIDManager.expects(:run_and_capture).with(['crm', 'configure', 'show', 'xml']).at_least_once.returns([test_cib, 0]) - else - Puppet::Util::Execution.expects(:execute).with(['crm', 'configure', 'show', 'xml']).at_least_once.returns( - Puppet::Util::Execution::ProcessOutput.new(test_cib, 0) - ) - end - described_class.instances - end - - context 'when getting instances' do - it 'should have an instance for each ' do - expect(instances.count).to eq(1) - end - - describe 'each instance' do - let :instance do - instances.first - end - - it "should be a kind of #{described_class.name}" do - expect(instance).to be_a_kind_of(described_class) - end - - it "should be named by the 's id attribute" do - expect(instance.name).to eq("first_with_second") - end - - it "should have attributes" do - expect(instance.primitives).to eq(['second', 'first']) - expect(instance.score).to eq('INFINITY') - end - end - end - - context 'when flushing' do - - after :each do - instance.flush - end - - def expect_update(pattern) - instance.expects(:crm).with do |*args| - if args.slice(0..2) == ['configure', 'load', 'update'] - expect(File.read(args[3])).to match(pattern) - end - end - end - - context 'with 2 primitives' do - let :resource do - Puppet::Type.type(:cs_colocation).new( - :name => 'first_with_second', - :provider => :crm, - :primitives => [ 'first', 'second' ], - :ensure => :present) - end - - let :instance do - instance = described_class.new(resource) - instance.create - instance - end - - it 'should creates colocation with defaults' do - expect_update(/colocation first_with_second INFINITY: second first/) - end - - it 'should update first primitive' do - instance.primitives = [ 'first_updated', 'second' ] - expect_update(/colocation first_with_second INFINITY: second first_updated/) - end - - it 'should updates second primitive' do - instance.primitives = [ 'first', 'second_updated' ] - expect_update(/colocation first_with_second INFINITY: second_updated first/) - end - - it 'should updates both primitives' do - instance.primitives = [ 'first_updated', 'second_updated' ] - expect_update(/colocation first_with_second INFINITY: second_updated first_updated/) - end - - it 'should set score' do - instance.score = '-INFINITY' - expect_update(/colocation first_with_second -INFINITY: second first/) - end - - it 'should add a third primitive' do - instance.primitives = [ 'first', 'second', 'third' ] - expect_update(/colocation first_with_second INFINITY: first second third/) - end - end - - context 'with 3 or more primitives' do - let :resource do - Puppet::Type.type(:cs_colocation).new( - :name => 'first_with_second_with_third', - :provider => :crm, - :primitives => [ 'first', 'second', 'third' ], - :ensure => :present) - end - - let :instance do - instance = described_class.new(resource) - instance.create - instance - end - - it 'should create colocation with 3 primitives' do - expect_update(/colocation first_with_second_with_third INFINITY: first second third/) - end - end - end -end diff --git a/corosync/spec/unit/puppet/provider/cs_primitive_crm_spec.rb b/corosync/spec/unit/puppet/provider/cs_primitive_crm_spec.rb deleted file mode 100644 index 68745b65d..000000000 --- a/corosync/spec/unit/puppet/provider/cs_primitive_crm_spec.rb +++ /dev/null @@ -1,186 +0,0 @@ -require 'spec_helper' - -describe Puppet::Type.type(:cs_primitive).provider(:crm) do - before do - described_class.stubs(:command).with(:crm).returns 'crm' - end - - context 'when getting instances' do - let :instances do - - test_cib = <<-EOS - - - - - - - - - - - - - - - - - - - - - - - - - - - - EOS - - described_class.expects(:block_until_ready).returns(nil) - if Puppet::PUPPETVERSION.to_f < 3.4 - Puppet::Util::SUIDManager.expects(:run_and_capture).with(['crm', 'configure', 'show', 'xml']).at_least_once.returns([test_cib, 0]) - else - Puppet::Util::Execution.expects(:execute).with(['crm', 'configure', 'show', 'xml']).at_least_once.returns( - Puppet::Util::Execution::ProcessOutput.new(test_cib, 0) - ) - end - instances = described_class.instances - end - - it 'should have an instance for each ' do - expect(instances.count).to eq(1) - end - - describe 'each instance' do - let :instance do - instances.first - end - - it "is a kind of #{described_class.name}" do - expect(instance).to be_a_kind_of(described_class) - end - - it "is named by the 's id attribute" do - expect(instance.name).to eq(:example_vm) - end - - it "has an primitive_class parameter corresponding to the 's class attribute" do - pending 'knowing the proper way to assert this' - expect(instance.primitive_class).to eq("ocf") - end - - it "has an primitive_type parameter corresponding to the 's type attribute" do - pending 'knowing the proper way to assert this' - expect(instance.primitive_type).to eq("Xen") - end - - it "has an provided_by parameter corresponding to the 's provider attribute" do - pending 'knowing the proper way to assert this' - expect(instance.provided_by).to eq("heartbeat") - end - - it 'has a parameters property corresponding to ' do - expect(instance.parameters).to eq({ - "xmfile" => "/etc/xen/example_vm.cfg", - "name" => "example_vm_name", - }) - end - - it 'has an operations property corresponding to ' do - expect(instance.operations).to eq({ - "monitor" => [ - {"interval" => "15", "timeout" => "10", "on-fail" => "standby", "OCF_CHECK_LEVEL" => "10"}, - {"interval" => "5", "timeout" => "10", "on-fail" => "standby", "role" => "Master"} - ], - "start" => {"interval" => "0", "timeout" => "60"}, - "stop" => {"interval" => "0", "timeout" => "40"}, - }) - end - - it 'has a utilization property corresponding to ' do - expect(instance.utilization).to eq({ - "ram" => "256", - }) - end - - it 'has a metadata property corresponding to ' do - expect(instance.metadata).to eq({ - "target-role" => "Started", - "priority" => "7", - }) - end - - it 'has an ms_metadata property' do - expect(instance).to respond_to(:ms_metadata) - end - - it "has a promotable property that is :false" do - expect(instance.promotable).to eq(:false) - end - end - end - - context 'when flushing' do - let :resource do - Puppet::Type.type(:cs_primitive).new( - :name => 'testResource', - :provider => :crm, - :primitive_class => 'ocf', - :provided_by => 'heartbeat', - :primitive_type => 'IPaddr2') - end - - let :instance do - instance = described_class.new(resource) - instance.create - instance - end - - def expect_update(pattern) - instance.expects(:crm).with { |*args| - if args.slice(0..2) == ['configure', 'load', 'update'] - expect(File.read(args[3])).to match(pattern) - true - else - false - end - } - end - - it 'can flush without changes' do - expect_update(//) - instance.flush - end - - it 'sets operations' do - instance.operations = {'monitor' => {'interval' => '10s'}} - expect_update(/op monitor interval=10s/) - instance.flush - end - - it 'sets utilization' do - instance.utilization = {'waffles' => '5'} - expect_update(/utilization waffles=5/) - instance.flush - end - - it 'sets parameters' do - instance.parameters = {'fluffyness' => '12'} - expect_update(/params 'fluffyness=12'/) - instance.flush - end - - it 'sets metadata' do - instance.metadata = {'target-role' => 'Started'} - expect_update(/meta target-role=Started/) - instance.flush - end - - it 'sets the primitive name and type' do - expect_update(/primitive testResource ocf:heartbeat:IPaddr2/) - instance.flush - end - end -end diff --git a/corosync/spec/unit/puppet/provider/cs_primitive_pcs_spec.rb b/corosync/spec/unit/puppet/provider/cs_primitive_pcs_spec.rb deleted file mode 100644 index 1ba18f47e..000000000 --- a/corosync/spec/unit/puppet/provider/cs_primitive_pcs_spec.rb +++ /dev/null @@ -1,228 +0,0 @@ -require 'spec_helper' - -describe Puppet::Type.type(:cs_primitive).provider(:pcs) do - before do - described_class.stubs(:command).with(:pcs).returns 'pcs' - end - - context 'when getting instances' do - let :instances do - - test_cib = <<-EOS - - - - - - - - - - - - - - - - - - - - - - EOS - - described_class.expects(:block_until_ready).returns(nil) - if Puppet::PUPPETVERSION.to_f < 3.4 - Puppet::Util::SUIDManager.expects(:run_and_capture).with(['pcs', 'cluster', 'cib']).at_least_once.returns([test_cib, 0]) - else - Puppet::Util::Execution.expects(:execute).with(['pcs', 'cluster', 'cib'], {:failonfail => true}).at_least_once.returns( - Puppet::Util::Execution::ProcessOutput.new(test_cib, 0) - ) - end - instances = described_class.instances - end - - - it 'should have an instance for each ' do - expect(instances.count).to eq(1) - end - - - describe 'each instance' do - let :instance do - instances.first - end - - it "is a kind of #{described_class.name}" do - expect(instance).to be_a_kind_of(described_class) - end - - it "is named by the 's id attribute" do - expect(instance.name).to eq(:example_vm) - end - - it 'has a parameters property corresponding to ' do - expect(instance.parameters).to eq({ - "xmfile" => "/etc/xen/example_vm.cfg", - "name" => "example_vm_name", - }) - end - - it 'has an operations property corresponding to ' do - expect(instance.operations).to eq({ - "start" => {"interval" => "0", "timeout" => "60"}, - "stop" => {"interval" => "0", "timeout" => "40"}, - }) - end - - it 'has a utilization property corresponding to ' do - expect(instance.utilization).to eq({ - "ram" => "256", - }) - end - - it 'has a metadata property corresponding to ' do - expect(instance.metadata).to eq({ - "target-role" => "Started", - "priority" => "7", - }) - end - - it 'has an ms_metadata property' do - expect(instance).to respond_to(:ms_metadata) - end - - it "has a promotable property that is :false" do - expect(instance.promotable).to eq(:false) - end - end - end - - context 'when flushing' do - - let :instances do - - test_cib = <<-EOS - - - - - - - - - - - - - - EOS - - described_class.expects(:block_until_ready).returns(nil) - if Puppet::PUPPETVERSION.to_f < 3.4 - Puppet::Util::SUIDManager.expects(:run_and_capture).with(['pcs', 'cluster', 'cib']).at_least_once.returns([test_cib, 0]) - else - Puppet::Util::Execution.expects(:execute).with(['pcs', 'cluster', 'cib'], {:failonfail => true}).at_least_once.returns( - Puppet::Util::Execution::ProcessOutput.new(test_cib, 0) - ) - end - instances = described_class.instances - end - - def expect_update(pattern) - if Puppet::PUPPETVERSION.to_f < 3.4 - Puppet::Util::SUIDManager.expects(:run_and_capture).with { |*args| - cmdline=args[0].join(" ") - expect(cmdline).to match(pattern) - true - }.at_least_once.returns(['', 0]) - else - Puppet::Util::Execution.expects(:execute).with{ |*args| - cmdline=args[0].join(" ") - expect(cmdline).to match(pattern) - true - }.at_least_once.returns( - Puppet::Util::Execution::ProcessOutput.new('', 0) - ) - end - end - - let :prefetch do - described_class.prefetch - end - - let :resource do - Puppet::Type.type(:cs_primitive).new( - :name => 'testResource', - :provider => :crm, - :primitive_class => 'ocf', - :provided_by => 'heartbeat', - :primitive_type => 'IPaddr2') - end - - let :instance do - instance = described_class.new(resource) - instance.create - instance - end - - let :vip_instance do - vip_instance = instances.first - vip_instance - end - - it 'can flush without changes' do - expect_update(//) - instance.flush - end - - it 'sets operations' do - instance.operations = {'monitor' => {'interval' => '10s'}} - expect_update(/op monitor interval=10s/) - instance.flush - end - - it 'sets utilization' do - instance.utilization = {'waffles' => '5'} - expect_update(/(pcs resource op remove|utilization waffles=5)/) - instance.flush - end - - it 'sets parameters' do - instance.parameters = {'fluffyness' => '12'} - expect_update(/(pcs resource op remove|fluffyness=12)/) - instance.flush - end - - it 'sets metadata' do - instance.metadata = {'target-role' => 'Started'} - expect_update(/(pcs resource op remove|meta target-role=Started)/) - instance.flush - end - - it 'sets the primitive name and type' do - expect_update(/^pcs resource (create testResource ocf:heartbeat:IPaddr2|op remove testResource monitor interval=60s)/) - instance.flush - end - - it "sets a primitive_class parameter corresponding to the 's class attribute" do - vip_instance.primitive_class = 'IPaddr3' - expect_update(/resource (create|delete|op remove) example_vip/) - vip_instance.flush - end - - it "sets an primitive_type parameter corresponding to the 's type attribute" do - vip_instance.primitive_type = 'stonith' - expect_update(/resource (create|delete|op remove) example_vip/) - vip_instance.flush - end - - it "sets an provided_by parameter corresponding to the 's provider attribute" do - vip_instance.provided_by = 'inuits' - expect_update(/resource (create|delete|op remove) example_vip/) - vip_instance.flush - end - - end -end diff --git a/corosync/spec/unit/puppet/provider/cs_property_crm_spec.rb b/corosync/spec/unit/puppet/provider/cs_property_crm_spec.rb deleted file mode 100644 index 144ec1123..000000000 --- a/corosync/spec/unit/puppet/provider/cs_property_crm_spec.rb +++ /dev/null @@ -1,57 +0,0 @@ -require 'spec_helper' - -describe Puppet::Type.type(:cs_property).provider(:crm) do - before do - described_class.stubs(:command).with(:crm).returns 'crm' - end - - context 'when getting instances' do - let :instances do - - test_cib = <<-EOS - - - - - - - - - - - EOS - - described_class.expects(:block_until_ready).returns(nil) - if Puppet::PUPPETVERSION.to_f < 3.4 - Puppet::Util::SUIDManager.expects(:run_and_capture).with(['crm', 'configure', 'show', 'xml']).at_least_once.returns([test_cib, 0]) - else - Puppet::Util::Execution.expects(:execute).with(['crm', 'configure', 'show', 'xml']).at_least_once.returns( - Puppet::Util::Execution::ProcessOutput.new(test_cib, 0) - ) - end - instances = described_class.instances - end - - it 'should have an instance for each in ' do - expect(instances.count).to eq(2) - end - - describe 'each instance' do - let :instance do - instances.first - end - - it "is a kind of #{described_class.name}" do - expect(instance).to be_a_kind_of(described_class) - end - - it "is named by the 's name attribute" do - expect(instance.name).to eq("apples") - end - - it "has a value corresponding to the 's value attribute" do - expect(instance.value).to eq("red") - end - end - end -end diff --git a/corosync/spec/unit/puppet/provider/cs_rsc_defaults_crm_spec.rb b/corosync/spec/unit/puppet/provider/cs_rsc_defaults_crm_spec.rb deleted file mode 100644 index d0f6cb793..000000000 --- a/corosync/spec/unit/puppet/provider/cs_rsc_defaults_crm_spec.rb +++ /dev/null @@ -1,57 +0,0 @@ -require 'spec_helper' - -describe Puppet::Type.type(:cs_rsc_defaults).provider(:crm) do - before do - described_class.stubs(:command).with(:crm).returns 'crm' - end - - context 'when getting instances' do - let :instances do - - test_cib = <<-EOS - - - - - - - - - - - EOS - - described_class.expects(:block_until_ready).returns(nil) - if Puppet::PUPPETVERSION.to_f < 3.4 - Puppet::Util::SUIDManager.expects(:run_and_capture).with(['crm', 'configure', 'show', 'xml']).at_least_once.returns([test_cib, 0]) - else - Puppet::Util::Execution.expects(:execute).with(['crm', 'configure', 'show', 'xml']).at_least_once.returns( - Puppet::Util::Execution::ProcessOutput.new(test_cib, 0) - ) - end - instances = described_class.instances - end - - it 'should have an instance for each in ' do - expect(instances.count).to eq(2) - end - - describe 'each instance' do - let :instance do - instances.first - end - - it "is a kind of #{described_class.name}" do - expect(instance).to be_a_kind_of(described_class) - end - - it "is named by the 's name attribute" do - expect(instance.name).to eq("resource-stickiness") - end - - it "has a value corresponding to the 's value attribute" do - expect(instance.value).to eq("INFINITY") - end - end - end -end diff --git a/corosync/spec/unit/puppet/type/cs_clone_spec.rb b/corosync/spec/unit/puppet/type/cs_clone_spec.rb deleted file mode 100644 index 4ba805de4..000000000 --- a/corosync/spec/unit/puppet/type/cs_clone_spec.rb +++ /dev/null @@ -1,63 +0,0 @@ -require 'spec_helper' - -describe Puppet::Type.type(:cs_clone) do - subject do - Puppet::Type.type(:cs_clone) - end - - it "should have a 'name' parameter" do - expect(subject.new(:name => "mock_clone")[:name]).to eq("mock_clone") - end - - describe "basic structure" do - it "should be able to create an instance" do - provider_class = Puppet::Type::Cs_clone.provider(Puppet::Type::Cs_clone.providers[0]) - Puppet::Type::Cs_clone.expects(:defaultprovider).returns(provider_class) - - expect(subject.new(:name => "mock_clone")).to_not be_nil - end - - [:name, :cib].each do |param| - it "should have a #{param} parameter" do - expect(subject.validparameter?(param)).to be_truthy - end - - it "should have documentation for its #{param} parameter" do - expect(subject.paramclass(param).doc).to be_instance_of(String) - end - end - - [:primitive, :clone_max, :clone_node_max, :notify_clones, :globally_unique, - :ordered, :interleave].each do |property| - it "should have a #{property} property" do - expect(subject.validproperty?(property)).to be_truthy - end - - it "should have documentation for its #{property} property" do - expect(subject.propertybyname(property).doc).to be_instance_of(String) - end - end - end - - describe "when validating attributes" do - [:notify_clones, :globally_unique, :ordered, :interleave].each do |attribute| - it "should validate that the #{attribute} attribute can be true/false" do - [true, false].each do |value| - expect(subject.new( - :name => "mock_clone", - attribute => value - )[attribute]).to eq(value.to_s.to_sym) - end - end - - it "should validate that the #{attribute} attribute cannot be other values" do - ["fail", 42].each do |value| - expect{subject.new( - :name => "mock_clone", - attribute => "fail" - ) }.to raise_error Puppet::Error, /(true|false)/ - end - end - end - end -end diff --git a/corosync/spec/unit/puppet/type/cs_primitive_spec.rb b/corosync/spec/unit/puppet/type/cs_primitive_spec.rb deleted file mode 100644 index 3d67fb267..000000000 --- a/corosync/spec/unit/puppet/type/cs_primitive_spec.rb +++ /dev/null @@ -1,73 +0,0 @@ -require 'spec_helper' - -describe Puppet::Type.type(:cs_primitive) do - subject do - Puppet::Type.type(:cs_primitive) - end - - it "should have a 'name' parameter" do - expect(subject.new(:name => "mock_primitive")[:name]).to eq("mock_primitive") - end - - describe "basic structure" do - it "should be able to create an instance" do - provider_class = Puppet::Type::Cs_primitive.provider(Puppet::Type::Cs_primitive.providers[0]) - Puppet::Type::Cs_primitive.expects(:defaultprovider).returns(provider_class) - - expect(subject.new(:name => "mock_primitive")).to_not be_nil - end - - [:name, :primitive_class, :primitive_type, :provided_by, :cib].each do |param| - it "should have a #{param} parameter" do - expect(subject.validparameter?(param)).to be_truthy - end - - it "should have documentation for its #{param} parameter" do - expect(subject.paramclass(param).doc).to be_instance_of(String) - end - end - - [:parameters, :operations, :metadata, :ms_metadata, :promotable].each do |property| - it "should have a #{property} property" do - expect(subject.validproperty?(property)).to be_truthy - end - - it "should have documentation for its #{property} property" do - expect(subject.propertybyname(property).doc).to be_instance_of(String) - end - end - end - - describe "when validating attributes" do - [:parameters, :operations, :metadata, :ms_metadata].each do |attribute| - it "should validate that the #{attribute} attribute defaults to a hash" do - expect(subject.new(:name => "mock_primitive")[:parameters]).to eq({}) - end - - it "should validate that the #{attribute} attribute must be a hash" do - expect { subject.new( - :name => "mock_primitive", - :parameters => "fail" - ) }.to raise_error Puppet::Error, /hash/ - end - end - - it "should validate that the promotable attribute can be true/false" do - [true, false].each do |value| - expect(subject.new( - :name => "mock_primitive", - :promotable => value - )[:promotable]).to eq(value.to_s.to_sym) - end - end - - it "should validate that the promotable attribute cannot be other values" do - ["fail", 42].each do |value| - expect { subject.new( - :name => "mock_primitive", - :promotable => value - ) }.to raise_error Puppet::Error, /(true|false)/ - end - end - end -end diff --git a/corosync/templates/corosync.conf.erb b/corosync/templates/corosync.conf.erb deleted file mode 100644 index 600c99943..000000000 --- a/corosync/templates/corosync.conf.erb +++ /dev/null @@ -1,69 +0,0 @@ -compatibility: whitetank - -totem { - version: 2 - token: <%= @token %> - token_retransmits_before_loss_const: <%= @token_retransmits_before_loss_const %> - join: 60 - consensus: 3600 - vsftype: none - max_messages: 20 - clear_node_high_bit: yes - rrp_mode: <%= @rrp_mode %> - secauth: <%= @enable_secauth_real %> - threads: <%= @threads %> -<% [@bind_address].flatten.each_index do |i| -%> - interface { - ringnumber: <%= i %> - bindnetaddr: <%= [@bind_address].flatten[i] %> -<% if [@multicast_address].flatten[i] == 'broadcast' -%> - broadcast: yes -<% else -%> - mcastaddr: <%= [@multicast_address].flatten[i] %> -<% end -%> - mcastport: <%= [@port].flatten[i] %> -<% if @ttl -%> - ttl: <%= @ttl %> -<% end -%> - } -<% end -%> -} - -logging { - fileline: off - to_stderr: yes - to_logfile: no - to_syslog: yes - syslog_facility: daemon - debug: <%= scope.lookupvar('debug') ? 'on' : 'off' %> - timestamp: on - logger_subsys { - subsys: AMF - debug: off - tags: enter|leave|trace1|trace2|trace3|trace4|trace6 - } -} - -amf { - mode: disabled -} - -aisexec { - user: root - group: root -} - -<% if @set_votequorum -%> -quorum { - provider: corosync_votequorum -} - -nodelist { -<% [@quorum_members].flatten.each_index do |i| -%> - node { - ring0_addr: <%= [@quorum_members].flatten[i] %> - nodeid: <%= i+1 %> - } -<% end -%> -} -<% end -%> diff --git a/corosync/templates/corosync.conf.udpu.erb b/corosync/templates/corosync.conf.udpu.erb deleted file mode 100644 index a89457c13..000000000 --- a/corosync/templates/corosync.conf.udpu.erb +++ /dev/null @@ -1,68 +0,0 @@ -compatibility: whitetank - -totem { - version: 2 - token: <%= @token %> - token_retransmits_before_loss_const: <%= @token_retransmits_before_loss_const %> - join: 60 - consensus: 3600 - vsftype: none - max_messages: 20 - clear_node_high_bit: yes - rrp_mode: <%= @rrp_mode %> - secauth: <%= @enable_secauth_real %> - threads: <%= @threads %> - transport: udpu - interface { -<% @unicast_addresses.each do |addr| -%> - member { - memberaddr: <%= addr %> - } -<% end -%> - ringnumber: 0 - bindnetaddr: <%= @bind_address %> - mcastport: <%= @port %> -<% if @ttl -%> - ttl: <%= @ttl %> -<% end -%> - } -} - -logging { - fileline: off - to_stderr: yes - to_logfile: no - to_syslog: yes - syslog_facility: daemon - debug: <%= scope.lookupvar('debug') ? 'on' : 'off' %> - timestamp: on - logger_subsys { - subsys: AMF - debug: off - tags: enter|leave|trace1|trace2|trace3|trace4|trace6 - } -} - -amf { - mode: disabled -} - -aisexec { - user: root - group: root -} - -<% if @set_votequorum -%> -quorum { - provider: corosync_votequorum -} - -nodelist { -<% [@quorum_members].flatten.each_index do |i| -%> - node { - ring0_addr: <%= [@quorum_members].flatten[i] %> - nodeid: <%= i+1 %> - } -<% end -%> -} -<% end -%> diff --git a/corosync/templates/service.erb b/corosync/templates/service.erb deleted file mode 100644 index 3c10c4ead..000000000 --- a/corosync/templates/service.erb +++ /dev/null @@ -1,4 +0,0 @@ -service { - name: <%= @name %> - ver: <%= @version %> -} diff --git a/corosync/tests/init.pp b/corosync/tests/init.pp deleted file mode 100644 index 81a9c4396..000000000 --- a/corosync/tests/init.pp +++ /dev/null @@ -1,9 +0,0 @@ -class { 'corosync': - enable_secauth => false, - bind_address => '0.0.0.0', - multicast_address => '239.1.1.2', -} -corosync::service { 'pacemaker': - version => '0', - notify => Service['corosync'], -} diff --git a/corosync/tests/resources.pp b/corosync/tests/resources.pp deleted file mode 100644 index 14a607991..000000000 --- a/corosync/tests/resources.pp +++ /dev/null @@ -1,65 +0,0 @@ -cs_property { 'expected-quorum-votes': - ensure => present, - value => '2', -} -> -cs_property { 'no-quorum-policy': - ensure => present, - value => 'ignore', -} -> -cs_property { 'stonith-enabled': - ensure => present, - value => false, -} -> -cs_property { 'placement-strategy': - ensure => absent, - value => 'default', -} -> -cs_primitive { 'bar': - ensure => present, - primitive_class => 'ocf', - provided_by => 'pacemaker', - primitive_type => 'Dummy', - operations => { - 'monitor' => { - 'interval' => '20' - } - }, -} -> -cs_primitive { 'blort': - ensure => present, - primitive_class => 'ocf', - provided_by => 'pacemaker', - primitive_type => 'Dummy', - promotable => true, - operations => { - 'monitor' => { - 'interval' => '20' - }, - 'start' => { - 'interval' => '0', - 'timeout' => '20' - } - }, -} -> -cs_primitive { 'foo': - ensure => present, - primitive_class => 'ocf', - provided_by => 'pacemaker', - primitive_type => 'Dummy', -} -> -cs_colocation { 'foo-with-bar': - ensure => present, - primitives => [ 'foo', 'bar' ], - score => 'INFINITY', -} -> -cs_colocation { 'bar-with-blort': - ensure => present, - primitives => [ 'bar', 'ms_blort' ], - score => 'INFINITY', -} -> -cs_order { 'foo-before-bar': - ensure => present, - first => 'foo', - second => 'bar', - score => 'INFINITY', -} diff --git a/datacat/.fixtures.yml b/datacat/.fixtures.yml deleted file mode 100644 index 3b590ff6f..000000000 --- a/datacat/.fixtures.yml +++ /dev/null @@ -1,3 +0,0 @@ -fixtures: - symlinks: - datacat: "#{source_dir}" diff --git a/datacat/.gitignore b/datacat/.gitignore deleted file mode 100644 index 2f19f7df6..000000000 --- a/datacat/.gitignore +++ /dev/null @@ -1,7 +0,0 @@ -Gemfile.lock -/spec/fixtures/manifests/site.pp -/spec/fixtures/modules/datacat -/pkg -/.rspec_system -/.ruby-version -/.bundle diff --git a/datacat/.nodeset.yml b/datacat/.nodeset.yml deleted file mode 100644 index 767f9cd2f..000000000 --- a/datacat/.nodeset.yml +++ /dev/null @@ -1,31 +0,0 @@ ---- -default_set: 'centos-64-x64' -sets: - 'centos-59-x64': - nodes: - "main.foo.vm": - prefab: 'centos-59-x64' - 'centos-64-x64': - nodes: - "main.foo.vm": - prefab: 'centos-64-x64' - 'fedora-18-x64': - nodes: - "main.foo.vm": - prefab: 'fedora-18-x64' - 'debian-607-x64': - nodes: - "main.foo.vm": - prefab: 'debian-607-x64' - 'debian-70rc1-x64': - nodes: - "main.foo.vm": - prefab: 'debian-70rc1-x64' - 'ubuntu-server-10044-x64': - nodes: - "main.foo.vm": - prefab: 'ubuntu-server-10044-x64' - 'ubuntu-server-12042-x64': - nodes: - "main.foo.vm": - prefab: 'ubuntu-server-12042-x64' diff --git a/datacat/.rspec b/datacat/.rspec deleted file mode 100644 index 09af0ba3b..000000000 --- a/datacat/.rspec +++ /dev/null @@ -1,2 +0,0 @@ ---format documentation ---backtrace diff --git a/datacat/.travis.yml b/datacat/.travis.yml deleted file mode 100644 index a488b42f3..000000000 --- a/datacat/.travis.yml +++ /dev/null @@ -1,17 +0,0 @@ -language: ruby -bundler_args: --without development -script: "bundle exec rake spec SPEC_OPTS='--format documentation'" -rvm: - - 1.8.7 - - 1.9.3 -env: - - PUPPET_GEM_VERSION="~> 3.0.0" - - PUPPET_GEM_VERSION="~> 3.1.0" - - PUPPET_GEM_VERSION="~> 3.2.0" - - PUPPET_GEM_VERSION="~> 3.3.0" - - PUPPET_GEM_VERSION="~> 3.4.0" - - PUPPET_GEM_VERSION="~> 3.5.0" - - PUPPET_GEM_VERSION="~> 3.6.0" - - PUPPET_GEM_VERSION="~> 3.7.0" -notifications: - email: false diff --git a/datacat/Changes b/datacat/Changes deleted file mode 100644 index 838ce4a1c..000000000 --- a/datacat/Changes +++ /dev/null @@ -1,61 +0,0 @@ -0.6.2 Sunday 16th August, 2015 - Corrected `template_body` error message when template is missing - (Github #26 - Robin Bowes) - Converted Metadata to metadata.json (Github #23 - Bram Vogelaar) - -0.6.1 Tuesday 23rd September, 2014 - Fix usage with the future parser (Github #16 - Oscar Ferrer) - -0.6.0 Monday 16th June, 2014 - Add ensure to the datacat define (Github #13 - Igor Galić) - -0.5.0 Saturday 10th May, 2014 - Add show_diff to the datacat define for parity with the file - type in puppet 3.2 and onwards (Github #10 - Sebastian Schmidt) - -0.4.3 Saturday 5th April, 2014 - Change the README.md back to github-flavoured markdown as the forge - supports this now (Github #6 - Igor Galić) - Fix for compatibilty with puppet 3.5.0 (Github #7 - Daniel Beyer) - -0.4.2 Thursday 26th September, 2013 - Fix for catalog changes in 3.3.0 when using master/agent (Github #4) - -0.4.1 Thursday 8th August, 2013 - Changes `datacat` define to name the wrapped `file` resource with the - $title of the resource itself. - -0.4.0 Thursday 25th July, 2013 - Added `source_key` parameter to datacat_collector, to allow bypassing the - templating step. - -0.3.0 Tuesday 9th July, 2013 - Add collects parameter to the datacat_collector type, for acts-as - relationships. - -0.2.1 Monday 8th July, 2013 - Bugfix - when modifying the datacat_collector map on path the File should - still match to $path - -0.2.0 Monday 8th July, 2013 - Allow the target parameter of a datacat_fragment to be an array to target - multiple collectors. - The datacat_collector wrapped by the datacat type will now be named for the - resource rather than the file path. - -0.1.0 Friday 5th July, 2013 - Add a order parameter to the datacat_fragment type for relative ordering - of fragment merging. - Exposed the datacat_collector type and allow it to be used for updating - more than just the file type's content parameter. - -0.0.3 Wednesday 26th June, 2013 - Reworked the behaviour of datacat_collector to only refresh the resource - when the output from the template evaluation changes. (Github #3) - -0.0.2 Tuesday 16th April, 2013 - Changed README.md from Github flavored markup to standard markdown to make - the forge happier. - -0.0.1 Tuesday 16th April, 2013 - Initial forge release diff --git a/datacat/Gemfile b/datacat/Gemfile deleted file mode 100644 index 76e5abe87..000000000 --- a/datacat/Gemfile +++ /dev/null @@ -1,22 +0,0 @@ -#!ruby -source 'https://rubygems.org' - -group :development, :test do - gem 'rake' - gem 'puppetlabs_spec_helper', :require => false - gem 'rspec-system-puppet', '~>2.0' - gem 'puppet-lint' -end - -group :development do - gem 'pry' - gem 'pry-debugger' - gem 'rb-readline' - gem 'awesome_print' -end - -if puppetversion = ENV['PUPPET_GEM_VERSION'] - gem 'puppet', puppetversion, :require => false -else - gem 'puppet', :require => false -end diff --git a/datacat/NOTES.md b/datacat/NOTES.md deleted file mode 100644 index c52744454..000000000 --- a/datacat/NOTES.md +++ /dev/null @@ -1,4 +0,0 @@ -As we're using the rspec fixtures structure, we can run them quite simply - - rake spec_prep - puppet apply --modulepath spec/fixtures/modules -e 'include demo1' diff --git a/datacat/README.md b/datacat/README.md deleted file mode 100644 index 7260703e4..000000000 --- a/datacat/README.md +++ /dev/null @@ -1,125 +0,0 @@ -Puppet types for concatenating data via a template -================================================== - -The `datacat` and `datacat_fragment` types allow you to build up a data -structure which is rendered using a template. This is similar to some of the -common concatenation patterns though the intent should be clearer as it pushes -the boilerplate down into the type. - -[![Build Status](https://travis-ci.org/richardc/puppet-datacat.png)](https://travis-ci.org/richardc/puppet-datacat) - -Sample Usage ------------- - -```puppet -datacat { '/etc/nagios/objects/hostgroups.cfg': - template => "${module_name}/hostgroups.cfg.erb", -} - -datacat_fragment { "${::fqdn} in device hostgroup": - target => '/etc/nagios/objects/hostgroups.cfg', - data => { - device => [ $::fqdn ], - }, -} - -# fred.dc1.notreal has an ilo fred-ilo.dc1.notreal -$ilo_fqdn = regsubst($::fqdn, '\.', '-ilo.') -datacat_fragment { "${ilo_fqdn} in device hostgroup": - target => '/etc/nagios/objects/hostgroups.cfg', - data => { - device => [ $ilo_fqdn ], - }, -} -``` - -And then in your `hostgroups.cfg.erb` - -```erb -# hostgroups.cfg.erb -<% @data.keys.sort.each do |hostgroup| %> -define hostgroup { - name <%= hostgroup %> - members <%= @data[hostgroup].sort.join(',') %> -} -<% end %> -``` - -Will produce something like: - -``` -# /etc/nagios/objects/hostgroups.cfg -define hostgroup { - name device - members fred.dc1.notreal,fred-ilo.dc1.notreal -} -``` - -There are additional samples in a blog post I wrote to describe the approach, -http://richardc.unixbeard.net/2013/02/puppet-concat-patterns/ - -Types and Definitions ---------------------- - -## Defined Type: `datacat` - -Wraps the `datacat_collector` and `file` types to cover the most common -use-case, collecting data for and templating an entire file. - -The `ensure` parameter defaults to `file` (an alias for `present`). `ensure` -can be set to `absent`. In that case `datacat` will make sure the file *does -not exist* and will not collect anything with `datacat_collector`. - -## Type: `datacat_collector` - -The `datacat_collector` type deeply merges a data hash from -the `datacat_fragment` resources that target it. - -These fragments are then rendered via an erb template specified by the -`template_body` parameter and used to update the `target_field` property -of the related `target_resource`. - -Sample usage: - -```puppet -datacat_collector { 'open_ports': - template_body => '<%= @data["ports"].sort.join(",") %>', - target_resource => File_line['open_ports'], - target_field => 'line', -} - -datacat_fragment { 'open webserver': - target => 'open_ports', - data => { ports => [ 80, 443 ] }, -} - -datacat_fragment { 'open ssh': - target => 'open_ports', - data => { ports => [ 22 ] }, -} -``` - -Caveats -------- - -The template is evaluated by the agent at the point of catalog evaluation, -this means you cannot call out to puppet parser functions as you would when -using the usual `template()` function. - - -Copyright and License ---------------------- - -Copyright (C) 2013 Richard Clamp - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. diff --git a/datacat/Rakefile b/datacat/Rakefile deleted file mode 100644 index 4847ddd20..000000000 --- a/datacat/Rakefile +++ /dev/null @@ -1,12 +0,0 @@ -require 'rubygems' -require 'bundler/setup' - -Bundler.require :default - -require 'rspec/core/rake_task' -require 'puppetlabs_spec_helper/rake_tasks' -require 'rspec-system/rake_task' - -task :default do - sh %{rake -T} -end diff --git a/datacat/TODO.md b/datacat/TODO.md deleted file mode 100644 index 0843d94ed..000000000 --- a/datacat/TODO.md +++ /dev/null @@ -1,11 +0,0 @@ -# Docs -README.md - -# Add the ability for datacat_fragment to load data from files on agent - - # No reason why the datacat_fragment can't load it's data_from a - # file on the agents disk - datacat_fragment { "hostgroups from yaml file": - target => '/etc/nagios/objects/hostgroups.cfg', - data_from => '/etc/nagios/build/hostgroups.yaml', - } diff --git a/datacat/lib/puppet/parser/functions/template_body.rb b/datacat/lib/puppet/parser/functions/template_body.rb deleted file mode 100644 index 44b40d607..000000000 --- a/datacat/lib/puppet/parser/functions/template_body.rb +++ /dev/null @@ -1,8 +0,0 @@ -Puppet::Parser::Functions::newfunction(:template_body, :type => :rvalue) do |args| - args.collect do |file| - unless filename = Puppet::Parser::Files.find_template(file, self.compiler.environment) - raise Puppet::ParseError, "Could not find template '#{file}'" - end - File.read(filename) - end.join('') -end diff --git a/datacat/lib/puppet/provider/datacat_collector/datacat_collector.rb b/datacat/lib/puppet/provider/datacat_collector/datacat_collector.rb deleted file mode 100644 index c5cbf20b3..000000000 --- a/datacat/lib/puppet/provider/datacat_collector/datacat_collector.rb +++ /dev/null @@ -1,74 +0,0 @@ -require File.expand_path(File.join(File.dirname(__FILE__), '..', '..', '..', 'puppet_x', 'richardc', 'datacat.rb')) - -Puppet::Type.type(:datacat_collector).provide(:datacat_collector) do - def exists? - # Find the datacat_fragments that point at this collector - our_names = [ resource[:path], resource[:collects] ].flatten.compact - - fragments = resource.catalog.resources.find_all do |r| - r.is_a?(Puppet::Type.type(:datacat_fragment)) && ((our_names & [ r[:target] ].flatten).size > 0) - end - - # order fragments on their :order property - fragments = fragments.sort { |a,b| a[:order] <=> b[:order] } - - # deep merge their data chunks - deep_merge = Puppet_X::Richardc::Datacat.deep_merge - data = {} - fragments.each do |fragment| - data.merge!(fragment[:data], &deep_merge) - end - - debug "Collected #{data.inspect}" - - if @resource[:source_key] - debug "Selecting source_key #{@resource[:source_key]}" - content = data[@resource[:source_key]] - else - vars = Puppet_X::Richardc::Datacat_Binding.new(data, resource[:template]) - - debug "Applying template #{@resource[:template]}" - template = ERB.new(@resource[:template_body] || '', 0, '-') - template.filename = @resource[:template] - content = template.result(vars.get_binding) - end - - # Find the resource to modify - target_resource = resolve_resource(@resource[:target_resource]) - target_field = @resource[:target_field].to_sym - - unless target_resource.is_a?(Puppet::Type) - raise "Failed to map #{@resource[:target_resource]} into a resource, got to #{target_resource.inspect} of class #{target_resource.class}" - end - - debug "Now setting field #{target_field.inspect}" - target_resource[target_field] = content - - # and claim there's nothing to change about *this* resource - true - end - - private - - def resolve_resource(reference) - if reference.is_a?(Puppet::Type) - # Probably from a unit test, use the resource as-is - return reference - end - - if reference.is_a?(Puppet::Resource) - # Already part resolved - puppet apply? - # join it to the catalog where we live and ask it to resolve - reference.catalog = resource.catalog - return reference.resolve - end - - if reference.is_a?(String) - # 3.3.0 catalogs you need to resolve like so - return resource.catalog.resource(reference) - end - - # If we got here, panic - raise "Don't know how to convert '#{reference.inspect}' of class #{reference.class} into a resource" - end -end diff --git a/datacat/lib/puppet/provider/datacat_fragment/datacat_fragment.rb b/datacat/lib/puppet/provider/datacat_fragment/datacat_fragment.rb deleted file mode 100644 index d69ce093b..000000000 --- a/datacat/lib/puppet/provider/datacat_fragment/datacat_fragment.rb +++ /dev/null @@ -1,3 +0,0 @@ -Puppet::Type.type(:datacat_fragment).provide(:datacat_fragment) do - mk_resource_methods -end diff --git a/datacat/lib/puppet/type/datacat_collector.rb b/datacat/lib/puppet/type/datacat_collector.rb deleted file mode 100644 index e4ba3de28..000000000 --- a/datacat/lib/puppet/type/datacat_collector.rb +++ /dev/null @@ -1,62 +0,0 @@ -Puppet::Type.newtype(:datacat_collector) do - desc %q{Manages the merging of data and updating a related resource parameter. - - The `datacat_collector` type deeply merges a data hash from - the `datacat_fragment` resources that target it. - - These fragments are then rendered via an erb template specified by the - `template_body` parameter and used to update the `target_field` property - of the related `target_resource`. - - Sample usage: - - datacat_collector { 'open_ports': - template_body => '<%= @data["ports"].sort.join(",") %>', - target_resource => File_line['open_ports'], - target_field => 'line', - } - - datacat_fragment { 'open webserver': - target => 'open_ports', - data => { ports => [ 80, 443 ] }, - } - - datacat_fragment { 'open ssh': - target => 'open_ports', - data => { ports => [ 22 ] }, - } - - - For convenience the common use case of targeting a file is wrapped in the - datacat defined type.} - - ensurable - - newparam(:path, :namevar => true) do - desc "An identifier (typically a file path) that can be used by datacat_fragments so they know where to target the data." - end - - newparam(:collects) do - desc "Other resources we want to collect data from. Allows for many-many datacats." - end - - newparam(:target_resource) do - desc "The resource that we're going to set the field (eg File['/tmp/demo']) set theto set data tor" - end - - newparam(:target_field) do - desc 'The field of the resource to put the results in' - end - - newparam(:source_key) do - desc 'If specified, the key from @data to copy across to the target_field (bypasses template evaluation)' - end - - newparam(:template) do - desc 'Path to the template to render. Used in error reporting.' - end - - newparam(:template_body) do - desc 'The slurped body of the template to render.' - end -end diff --git a/datacat/lib/puppet/type/datacat_fragment.rb b/datacat/lib/puppet/type/datacat_fragment.rb deleted file mode 100644 index 2f3031c0a..000000000 --- a/datacat/lib/puppet/type/datacat_fragment.rb +++ /dev/null @@ -1,20 +0,0 @@ -Puppet::Type.newtype(:datacat_fragment) do - desc 'A fragment of data for a datacat resource.' - - newparam(:name, :namevar => true) do - desc 'The name of this fragment.' - end - - newparam(:target) do - desc 'The title of the datacat resource that the data should be considered part of. May be an array to indicate multiple targetted collectors.' - end - - newparam(:order) do - desc 'The order in which to merge this fragment into the datacat resource. Defaults to the string "50"' - defaultto "50" - end - - newparam(:data) do - desc 'A hash of data to be merged for this resource.' - end -end diff --git a/datacat/lib/puppet_x/richardc/datacat.rb b/datacat/lib/puppet_x/richardc/datacat.rb deleted file mode 100644 index f28fad67f..000000000 --- a/datacat/lib/puppet_x/richardc/datacat.rb +++ /dev/null @@ -1,45 +0,0 @@ -module Puppet_X - module Richardc - class Datacat - def self.deep_merge - deep_merge = Proc.new do |key,oldval,newval| - newval.is_a?(Hash) && oldval.is_a?(Hash) ? - oldval.merge(newval, &deep_merge) : - newval.is_a?(Array) && oldval.is_a?(Array) ? - oldval + newval : - newval - end - end - end - - # Our much simpler version of Puppet::Parser::TemplateWrapper - class Datacat_Binding - def initialize(d, template) - @data = d - @__file__ = template - end - - def file - @__file__ - end - - # Find which line in the template (if any) we were called from. - # @return [String] the line number - # @api private - def script_line - identifier = Regexp.escape(@__file__ || "(erb)") - (caller.find { |l| l =~ /#{identifier}:/ }||"")[/:(\d+):/,1] - end - private :script_line - - def method_missing(name, *args) - line_number = script_line - raise "Could not find value for '#{name}' #{@__file__}:#{line_number}" - end - - def get_binding - binding() - end - end - end -end diff --git a/datacat/manifests/init.pp b/datacat/manifests/init.pp deleted file mode 100644 index a6e2f9444..000000000 --- a/datacat/manifests/init.pp +++ /dev/null @@ -1,95 +0,0 @@ -# Definition: datacat -# -# This definition allows you to declare datacat managed files. -# -# Parameters: -# All parameters are as for the file type, with the addition of a $template -# parameter which is a path to a template to be used as the content of the -# file. -# -# Sample Usage: -# datacat { '/etc/motd': -# owner => 'root', -# group => 'root, -# template => 'motd/motd.erb', -# } -# -define datacat( - $ensure = 'file', - $template = undef, - $template_body = undef, - $collects = [], - $backup = undef, - $checksum = undef, - $force = undef, - $group = undef, - $owner = undef, - $mode = undef, - $path = $title, - $replace = undef, - $selinux_ignore_defaults = undef, - $selrange = undef, - $selrole = undef, - $seltype = undef, - $seluser = undef, - $show_diff = 'UNSET' -) { - if $show_diff != 'UNSET' { - if versioncmp($settings::puppetversion, '3.2.0') >= 0 { - File { show_diff => $show_diff } - } else { - warning('show_diff not supported in puppet prior to 3.2, ignoring') - } - } - - # we could validate ensure by simply passing it to file, but unfortunately - # someone could try to be smart and pass 'directory', so we only allow a limited range - if $ensure != 'absent' and $ensure != 'present' and $ensure != 'file' { - fail("Datacat[${title}] invalid value for ensure") - } - - if $ensure == 'absent' { - file { $title: - ensure => $ensure, - path => $path, - backup => $backup, - force => $force, - } - } else { - file { $title: - path => $path, - backup => $backup, - checksum => $checksum, - content => "To be replaced by datacat_collector[${title}]\n", - force => $force, - group => $group, - mode => $mode, - owner => $owner, - replace => $replace, - selinux_ignore_defaults => $selinux_ignore_defaults, - selrange => $selrange, - selrole => $selrole, - seltype => $seltype, - seluser => $seluser, - } - - $template_real = $template ? { - undef => 'inline', - default => $template, - } - - $template_body_real = $template_body ? { - undef => template_body($template_real), - default => $template_body, - } - - datacat_collector { $title: - template => $template_real, - template_body => $template_body_real, - target_resource => File[$title], # when we evaluate we modify the private data of this resource - target_field => 'content', - collects => $collects, - before => File[$title], # we want to evaluate before that resource so it can do the work - } - } -} diff --git a/datacat/metadata.json b/datacat/metadata.json deleted file mode 100644 index b7c5801d6..000000000 --- a/datacat/metadata.json +++ /dev/null @@ -1,12 +0,0 @@ -{ - "name": "richardc-datacat", - "author": "Richard Clamp", - "version": "0.6.2", - "license": "Apache-2.0", - "summary": "Puppet type for handling data fragments", - "description": "A pair of types for handling data fragments and templating", - "source": "https://github.com/richardc/puppet-datacat", - "project_page": "https://github.com/richardc/puppet-datacat", - "issues_url": "https://github.com/richardc/puppet-datacat/issues", - "dependencies": [] -} diff --git a/datacat/spec/classes/demo1_spec.rb b/datacat/spec/classes/demo1_spec.rb deleted file mode 100644 index 988d5778e..000000000 --- a/datacat/spec/classes/demo1_spec.rb +++ /dev/null @@ -1,8 +0,0 @@ -require 'spec_helper' - -describe 'demo1' do - it { should create_notify('demo1') } - it { should create_datacat('/tmp/demo1').with_template('demo1/sheeps.erb') } - it { should create_datacat_fragment('data foo => 1').with_data({'foo'=>'1'}) } - it { should create_datacat_fragment('data bar => 2').with_data({'bar'=>'2'}) } -end diff --git a/datacat/spec/defines/datacat_spec.rb b/datacat/spec/defines/datacat_spec.rb deleted file mode 100644 index 77d5c4bd0..000000000 --- a/datacat/spec/defines/datacat_spec.rb +++ /dev/null @@ -1,27 +0,0 @@ -require 'spec_helper' - -describe "datacat" do - context "specifying template by path" do - let(:title) { 'test' } - let(:params) { { :template => "demo1/sheeps.erb" } } - it { should contain_datacat_collector('test') } - it { should contain_datacat_collector('test').with_template('demo1/sheeps.erb') } - it { should contain_datacat_collector('test').with_template_body(/baah/) } - end - - context "specifying template by body" do - let(:title) { 'test' } - let(:params) { { :template_body => "# Baah!" } } - it { should contain_datacat_collector('test') } - it { should contain_datacat_collector('test').with_template('inline') } - it { should contain_datacat_collector('test').with_template_body(/Baah/) } - end - - context "specifying ensure absent" do - let(:title) { 'no-file' } - let(:params) { { :ensure => "absent" } } - it { should_not contain_datacat_collector('no-file') } - it { should contain_file('no-file') } - it { should contain_file('no-file').with_ensure('absent') } - end -end diff --git a/datacat/spec/fixtures/modules/demo1/manifests/init.pp b/datacat/spec/fixtures/modules/demo1/manifests/init.pp deleted file mode 100644 index 4f0f1e99f..000000000 --- a/datacat/spec/fixtures/modules/demo1/manifests/init.pp +++ /dev/null @@ -1,18 +0,0 @@ -class demo1 { - notify { 'demo1': } - - datacat { '/tmp/demo1': - template => 'demo1/sheeps.erb', - } - - datacat_fragment { 'data foo => 1': - target => '/tmp/demo1', - data => { foo => 1 }, - } - - datacat_fragment { 'data bar => 2': - target => '/tmp/demo1', - data => { bar => 2 }, - } -} - diff --git a/datacat/spec/fixtures/modules/demo1/templates/sheeps.erb b/datacat/spec/fixtures/modules/demo1/templates/sheeps.erb deleted file mode 100644 index b3781a825..000000000 --- a/datacat/spec/fixtures/modules/demo1/templates/sheeps.erb +++ /dev/null @@ -1,3 +0,0 @@ -# This is a super simple demonstration - baah! - -<%= @data.to_yaml %> diff --git a/datacat/spec/fixtures/modules/demo2/manifests/init.pp b/datacat/spec/fixtures/modules/demo2/manifests/init.pp deleted file mode 100644 index 90310e0b5..000000000 --- a/datacat/spec/fixtures/modules/demo2/manifests/init.pp +++ /dev/null @@ -1,18 +0,0 @@ -class demo2 { - notify { 'demo2': } - - datacat { '/tmp/demo2': - template => 'demo2/merging.erb', - } - - datacat_fragment { 'data foo => 1, 2': - target => '/tmp/demo2', - data => { foo => [ 1, 2 ] }, - } - - datacat_fragment { 'data foo => 2, 3': - target => '/tmp/demo2', - data => { foo => [ 2, 3 ] }, - } -} - diff --git a/datacat/spec/fixtures/modules/demo2/templates/merging.erb b/datacat/spec/fixtures/modules/demo2/templates/merging.erb deleted file mode 100644 index b05594fb5..000000000 --- a/datacat/spec/fixtures/modules/demo2/templates/merging.erb +++ /dev/null @@ -1,2 +0,0 @@ -data.foo should be a merged array <%= @data['foo'].join(', ') %> -and we can uniq it <%= @data['foo'].uniq.join(', ') %> diff --git a/datacat/spec/fixtures/modules/demo3/manifests/init.pp b/datacat/spec/fixtures/modules/demo3/manifests/init.pp deleted file mode 100644 index 1e194384d..000000000 --- a/datacat/spec/fixtures/modules/demo3/manifests/init.pp +++ /dev/null @@ -1,22 +0,0 @@ -# -class demo3 { - datacat { '/tmp/demo3': - template => 'demo3/hostgroups.cfg.erb', - } - - $host1 = 'foo.example.com' - datacat_fragment { 'foo host': - target => '/tmp/demo3', - data => { - device => [ $host1 ], - }, - } - - $ilo_fqdn = 'foo-ilo.example.com' - datacat_fragment { 'foo ilo': - target => '/tmp/demo3', - data => { - device => [ $ilo_fqdn ], - }, - } -} diff --git a/datacat/spec/fixtures/modules/demo3/templates/hostgroups.cfg.erb b/datacat/spec/fixtures/modules/demo3/templates/hostgroups.cfg.erb deleted file mode 100644 index 53bbbcbd2..000000000 --- a/datacat/spec/fixtures/modules/demo3/templates/hostgroups.cfg.erb +++ /dev/null @@ -1,7 +0,0 @@ -# hostgroups.cfg.erb -<% @data.keys.sort.each do |hostgroup| %> -define hostgroup { - name <%= hostgroup %> - members <%= @data[hostgroup].sort.join(',') %> -} -<% end %> diff --git a/datacat/spec/fixtures/modules/issue1/manifests/init.pp b/datacat/spec/fixtures/modules/issue1/manifests/init.pp deleted file mode 100644 index b5c42833d..000000000 --- a/datacat/spec/fixtures/modules/issue1/manifests/init.pp +++ /dev/null @@ -1,6 +0,0 @@ -# This should repo the scope error from github issue #1 -class issue1 { - datacat { "/tmp/issue1.1": - template => "issue1/refers_to_scope.erb", - } -} diff --git a/datacat/spec/fixtures/modules/issue1/templates/refers_to_scope.erb b/datacat/spec/fixtures/modules/issue1/templates/refers_to_scope.erb deleted file mode 100644 index e4756c77d..000000000 --- a/datacat/spec/fixtures/modules/issue1/templates/refers_to_scope.erb +++ /dev/null @@ -1,7 +0,0 @@ -We don't expect this to actually work as scope is only avilable to -templates evaluated by the template() function. - -It should however say that it's line 7 of refers_to_scope.erb in the error -that is raised. - -<%= scope.lookupvar("pies") %> diff --git a/datacat/spec/fixtures/modules/template_body/templates/test1.erb b/datacat/spec/fixtures/modules/template_body/templates/test1.erb deleted file mode 100644 index 7b6637f67..000000000 --- a/datacat/spec/fixtures/modules/template_body/templates/test1.erb +++ /dev/null @@ -1 +0,0 @@ -Goodbye cruel world diff --git a/datacat/spec/functions/template_body_spec.rb b/datacat/spec/functions/template_body_spec.rb deleted file mode 100644 index 496c0df50..000000000 --- a/datacat/spec/functions/template_body_spec.rb +++ /dev/null @@ -1,6 +0,0 @@ -require 'spec_helper' - -describe 'template_body' do - it { should run.with_params('template_body/really_should_never_exist.erb').and_raise_error(Puppet::ParseError, /Could not find template 'template_body\/really_should_never_exist.erb'/) } - it { should run.with_params('template_body/test1.erb').and_return("Goodbye cruel world\n") } -end diff --git a/datacat/spec/spec_helper.rb b/datacat/spec/spec_helper.rb deleted file mode 100644 index 2c6f56649..000000000 --- a/datacat/spec/spec_helper.rb +++ /dev/null @@ -1 +0,0 @@ -require 'puppetlabs_spec_helper/module_spec_helper' diff --git a/datacat/spec/spec_helper_system.rb b/datacat/spec/spec_helper_system.rb deleted file mode 100644 index cba2ad741..000000000 --- a/datacat/spec/spec_helper_system.rb +++ /dev/null @@ -1,23 +0,0 @@ -require 'rspec-system/spec_helper' -require 'rspec-system-puppet/helpers' - -include RSpecSystemPuppet::Helpers - -RSpec.configure do |c| - proj_root = File.expand_path(File.join(File.dirname(__FILE__), '..')) - - # Enable colour in Jenkins - c.tty = true - - c.include RSpecSystemPuppet::Helpers - - c.before :suite do - puppet_install - puppet_master_install - - puppet_module_install(:source => proj_root, :module_name => 'datacat') - puppet_module_install(:source => proj_root + '/spec/fixtures/modules/demo1', :module_name => 'demo1') - puppet_module_install(:source => proj_root + '/spec/fixtures/modules/demo2', :module_name => 'demo2') - puppet_module_install(:source => proj_root + '/spec/fixtures/modules/demo3', :module_name => 'demo3') - end -end diff --git a/datacat/spec/system/basic_spec.rb b/datacat/spec/system/basic_spec.rb deleted file mode 100644 index 627547a72..000000000 --- a/datacat/spec/system/basic_spec.rb +++ /dev/null @@ -1,58 +0,0 @@ -require 'spec_helper_system' - -describe 'basic tests:' do - # Using puppet_apply as a subject - context puppet_apply 'notice("foo")' do - its(:stdout) { should =~ /foo/ } - its(:stderr) { should be_empty } - its(:exit_code) { should be_zero } - end - - # Using puppet_apply as a helper - it 'my class should work with no errors' do - pp = <<-EOS - datacat { "/tmp/demo1": - template_body => "<% @data.keys.sort.each do |k| %><%= k %>: <%= @data[k] %>, <% end %>", - } - - datacat_fragment { "foo": - target => '/tmp/demo1', - data => { foo => "one" }, - } - - datacat_fragment { "bar": - target => '/tmp/demo1', - data => { bar => "two" }, - } - - exec { '/bin/echo I have changed': - refreshonly => true, - subscribe => Datacat["/tmp/demo1"], - } - EOS - - # Run it twice and test for idempotency - puppet_apply(pp) do |r| - r.exit_code.should_not == 1 - r.refresh - r.exit_code.should be_zero - end - - shell('cat /tmp/demo1') do |r| - r.stdout.should =~ /^bar: two, foo: one/ - end - end - - it 'should run the example from the documentation via a master' do - shell 'sudo sh -c "echo include demo3 > /etc/puppet/manifests/site.pp"' - puppet_agent(:debug => true) do |r| - r.exit_code.should_not == 1 - r.refresh - r.exit_code.should be_zero - end - - shell('cat /tmp/demo3') do |r| - r.stdout.should =~ /\s+name device\n\s+members foo-ilo.example.com,foo.example.com/ - end - end -end diff --git a/datacat/spec/unit/type/datacat_collector_spec.rb b/datacat/spec/unit/type/datacat_collector_spec.rb deleted file mode 100644 index 46d7abdc4..000000000 --- a/datacat/spec/unit/type/datacat_collector_spec.rb +++ /dev/null @@ -1,163 +0,0 @@ -require 'spec_helper' - -describe Puppet::Type.type(:datacat_collector) do - context "simple merging" do - before :each do - @catalog = Puppet::Resource::Catalog.new - @file = Puppet::Type.type(:file).new(:path => '/test') - @catalog.add_resource @file - - @collector = Puppet::Type.type(:datacat_collector).new({ - :title => "/test", - :template_body => '<%= @data.keys.sort.map { |x| "#{x}=#{@data[x]}" }.join(",") %>', - :target_resource => @file, - :target_field => :content, - :collects => [ '/secret-name' ], - }) - @catalog.add_resource @collector - end - - it "should do work when exists?" do - @file.expects(:[]=).with(:content, "") - @collector.provider.exists? - end - - it "should combine one hash" do - @catalog.add_resource Puppet::Type.type(:datacat_fragment).new({ - :title => "hash one", - :target => '/test', - :data => { "foo" => "one" }, - }) - - @file.expects(:[]=).with(:content, "foo=one") - @collector.provider.exists? - end - - it "should combine two hashes, disjunct keys" do - @catalog.add_resource Puppet::Type.type(:datacat_fragment).new({ - :title => "hash one", - :target => '/test', - :data => { "alpha" => "one" }, - }) - @catalog.add_resource Puppet::Type.type(:datacat_fragment).new({ - :title => "hash two", - :target => '/test', - :data => { "bravo" => "two" }, - }) - - @file.expects(:[]=).with(:content, "alpha=one,bravo=two") - @collector.provider.exists? - end - - describe "ordering" do - it "should support explicit orderings 10 20" do - @catalog.add_resource Puppet::Type.type(:datacat_fragment).new({ - :title => "hash one", - :order => "10", - :target => '/test', - :data => { "alpha" => "one" }, - }) - @catalog.add_resource Puppet::Type.type(:datacat_fragment).new({ - :title => "hash two", - :order => "20", - :target => '/test', - :data => { "alpha" => "two" }, - }) - - @file.expects(:[]=).with(:content, "alpha=two") - @collector.provider.exists? - end - - it "should support explicit orderings 30 10" do - @catalog.add_resource Puppet::Type.type(:datacat_fragment).new({ - :title => "hash one", - :order => "30", - :target => '/test', - :data => { "alpha" => "one" }, - }) - @catalog.add_resource Puppet::Type.type(:datacat_fragment).new({ - :title => "hash two", - :order => "10", - :target => '/test', - :data => { "alpha" => "two" }, - }) - - @file.expects(:[]=).with(:content, "alpha=one") - @collector.provider.exists? - end - - it "should support implicit ordering '50' 10" do - @catalog.add_resource Puppet::Type.type(:datacat_fragment).new({ - :title => "hash one", - :target => '/test', - :data => { "alpha" => "one" }, - }) - @catalog.add_resource Puppet::Type.type(:datacat_fragment).new({ - :title => "hash two", - :order => "10", - :target => '/test', - :data => { "alpha" => "two" }, - }) - - @file.expects(:[]=).with(:content, "alpha=one") - @collector.provider.exists? - end - end - - describe "targeting multiple collectors" do - it "should support an array in the target attribute" do - @catalog.add_resource Puppet::Type.type(:datacat_fragment).new({ - :title => "target two", - :target => [ "/test", "/othertest" ], - :data => { "alpha" => "one" }, - }) - - @file.expects(:[]=).with(:content, "alpha=one") - @collector.provider.exists? - end - end - - describe "collects parameter" do - it "should be able to collect for things targeted via the collects parameter" do - @catalog.add_resource Puppet::Type.type(:datacat_fragment).new({ - :title => "target two", - :target => "/secret-name", - :data => { "alpha" => "one" }, - }) - - @file.expects(:[]=).with(:content, "alpha=one") - @collector.provider.exists? - end - end - - describe "source_key parameter" do - before :each do - @source_key_collector = Puppet::Type.type(:datacat_collector).new({ - :title => "/source_key", - :target_resource => @file, - :target_field => :source, - :source_key => 'source_path', - }) - @catalog.add_resource @source_key_collector - end - - it "should set an array when asked" do - @catalog.add_resource Puppet::Type.type(:datacat_fragment).new({ - :title => "target one", - :order => "10", - :target => "/source_key", - :data => { "source_path" => [ "one" ] }, - }) - @catalog.add_resource Puppet::Type.type(:datacat_fragment).new({ - :title => "target two", - :order => "20", - :target => "/source_key", - :data => { "source_path" => [ "two" ] }, - }) - - @file.expects(:[]=).with(:source, [ 'one', 'two' ]) - @source_key_collector.provider.exists? - end - end - end -end diff --git a/elasticsearch/.fixtures.yml b/elasticsearch/.fixtures.yml deleted file mode 100644 index d750f45cd..000000000 --- a/elasticsearch/.fixtures.yml +++ /dev/null @@ -1,13 +0,0 @@ -fixtures: - repositories: - stdlib: - repo: https://github.com/puppetlabs/puppetlabs-stdlib.git - branch: '4.7.x' - apt: - repo: 'https://github.com/puppetlabs/puppetlabs-apt.git' - branch: '2.2.x' - zypprepo: https://github.com/deadpoint/puppet-zypprepo.git - yum: https://github.com/CERIT-SC/puppet-yum.git - datacat: https://github.com/richardc/puppet-datacat.git - symlinks: - elasticsearch: "#{source_dir}" diff --git a/elasticsearch/.gitignore b/elasticsearch/.gitignore deleted file mode 100644 index 47a5fabdd..000000000 --- a/elasticsearch/.gitignore +++ /dev/null @@ -1,12 +0,0 @@ -.swp -spec/fixtures/manifests -spec/fixtures/modules -.bundle -.vendor -.vagrant -.ruby-version -pkg/ -spec/reports/ -spec/logs -log -*.lock diff --git a/elasticsearch/.pmtignore b/elasticsearch/.pmtignore deleted file mode 100644 index b5e79edf0..000000000 --- a/elasticsearch/.pmtignore +++ /dev/null @@ -1,6 +0,0 @@ -spec/ -Rakefile -junit/ -logs/ -Gemfile -Gemfile.lock diff --git a/elasticsearch/CHANGELOG.md b/elasticsearch/CHANGELOG.md deleted file mode 100644 index a24433718..000000000 --- a/elasticsearch/CHANGELOG.md +++ /dev/null @@ -1,495 +0,0 @@ -##0.10.3 ( Feb 08, 2016 ) - -###Summary -Adding support for OpenBSD and minor fixes - -####Features -* Add required changes to work with ES 2.2.x plugins -* Support for custom log directory -* Support for OpenBSD - -####Bugfixes -* Add correct relation to file resource and plugin installation -* Notify service when upgrading the package - -####Changes -* Remove plugin dir when upgrading Elasticsearch - -####Testing changes - -####Known bugs -* Possible package conflicts when using ruby/python defines with main package name - - -##0.10.2 ( Jan 19, 2016 ) - -###Summary -Bugfix release and adding Gentoo support - -####Features -* Added Gentoo support - -####Bugfixes -* Create init script when set to unmanaged -* init_template variable was not passed on correctly to other classes / defines -* Fix issue with plugin type that caused run to stall -* Export ES_GC_LOG_FILE in init scripts - -####Changes -* Improve documentation about init_defaults -* Update common files -* Removed recurse option on data directory management -* Add retry functionality to plugin type - -####Testing changes - -####Known bugs -* Possible package conflicts when using ruby/python defines with main package name - - -##0.10.1 ( Dec 17, 2015 ) - -###Summary -Bugfix release for proxy functionality in plugin installation - -####Features - -####Bugfixes -* Proxy settings were not passed on correctly - -####Changes -* Cleanup .pmtignore to exclude more files - -####Testing changes - -####Known bugs -* Possible package conflicts when using ruby/python defines with main package name - - -##0.10.0 ( Dec 14, 2015 ) - -###Summary -Module now works with ES 2.x completely - -####Features -* Work with ES 2.x new plugin system and remain to work with 1.x -* Implemented datacat module from Richard Clamp so other modules can hook into it for adding configuration options -* Fixed init and systemd files to work with 1.x and 2.x -* Made the module work with newer pl-apt module versions -* Export es_include so it is passed on to ES -* Ability to supply long gpg key for apt repo - -####Bugfixes -* Documentation and typographical fixes -* Do not force puppet:/// schema resource -* Use package resource defaults rather than setting provider and source - -####Changes - -####Testing changes -* Improve unit testing and shorten the runtime - -####Known bugs -* Possible package conflicts when using ruby/python defines with main package name - - -##0.9.9 ( Sep 01, 2015 ) - -###Summary -Bugfix release and extra features - -####Features -* Work with ES 2.x -* Add Java 8 detection in debian init script -* Improve offline plugin installation - -####Bugfixes -* Fix a bug with new ruby versions but older puppet versions causing type error -* Fix config tempate to use correct ruby scoping -* Fix regex retrieving proxy port while downloading plugin -* Fix systemd template for better variable handling -* Template define was using wrong pathing for removal - - -####Changes - -####Testing changes - -####Known bugs -* Possible package conflicts when using ruby/python defines with main package name - - -##0.9.8 ( Jul 07, 2015 ) - -###Summary - - -####Features -* Work with ES 2.x - -####Bugfixes -* Fix plugin to maintain backwards compatibility - -####Changes - -####Testing changes -* ensure testing works with Puppet 4.x ( Rspec and Acceptance ) - -####Known bugs -* Possible package conflicts when using ruby/python defines with main package name - - -##0.9.7 ( Jun 24, 2015 ) - -###Summary -This releases adds several important features and fixes an important plugin installation issue with ES 1.6 and higher. - -####Features -* Automate plugin dir extraction -* use init service provider for Amazon Linux -* Add Puppetlabs/apt and ceritsc/yum as required modules -* Added Timeout to fetching facts in case ES does not respond -* Add proxy settings for package download - -####Bugfixes -* Fixed systemd template to fix issue with LimitMEMLOCK setting -* Improve package version handling when specifying a version -* Add tmpfiles.d file to manage sub dir in /var/run path -* Fix plugin installations for ES 1.6 and higher - -####Changes -* Removed Modulefile, only maintaining metadata.json file - -####Testing changes -* Added unit testing for package pinning feature -* Added integration testing with Elasticsearch to find issues earlier -* Fix OpenSuse 13 testing - -####Known bugs -* Possible package conflicts when using ruby/python defines with main package name - - -##0.9.6 ( May 28, 2015 ) - -###Summary -Bugfix release 0.9.6 - -####Features -* Implemented package version pinning to avoid accidental upgrading -* Added support for Debian 8 -* Added support for upgrading plugins -* Managing LimitNOFILE and LimitMEMLOCK settings in systemd - -####Bugfixes - -####Changes -* Dropped official support for PE 3.1.x and 3.2.x - -####Testing changes -* Several testing changes implemented to increase coverage - -####Known bugs -* Possible package conflicts when using ruby/python defines with main package name - - -##0.9.5( Apr 16, 2015 ) - -###Summary -Bugfix release 0.9.5 - -We reverted the change that implemented the full 40 character for the apt repo key. -This caused issues with some older versions of the puppetlabs-apt module - -####Features - -####Bugfixes -* Revert using the full 40 character for the apt repo key. - -####Changes - -####Testing changes - -####Known bugs -* Possible package conflicts when using ruby/python defines with main package name - - -##0.9.4( Apr 14, 2015 ) - -###Summary -Bugfix release 0.9.4 - -####Features -* Add the ability to create and populate scripts - -####Bugfixes -* add support for init_defaults_file to elasticsearch::instance -* Update apt key to full 40characters - -####Changes -* Fix readme regarding module_dir with plugins - -####Testing changes -* Adding staged removal test -* Convert git urls to https -* Add centos7 node config - -####Known bugs -* Possible package conflicts when using ruby/python defines with main package name - - -##0.9.3( Mar 24, 2015 ) - -###Summary -Bugfix release 0.9.3 - -####Features - -####Bugfixes -* Not setting repo_version did not give the correct error -* Systemd file did not contain User/Group values - -####Changes -* Brand rename from Elasticsearch to Elastic - -####Testing changes -* Moved from multiple Gemfiles to single Gemfile - -####Known bugs -* Possible package conflicts when using ruby/python defines with main package name - -##0.9.2( Mar 06, 2015 ) - -###Summary -Bugfix release 0.9.2 - -####Features -* Introducing es_instance_conn_validator resource to verify instance availability - -####Bugfixes -* Fix missing data path when using the path config setting but not setting the data path - -####Changes -None - -####Testing changes -None - -####Known bugs -* Possible package conflicts when using ruby/python defines with main package name - -##0.9.1 ( Feb 23, 2015 ) - -###Summary -This is the first bug fix release for 0.9 version. -A bug was reported with the recursive file management. - -####Features -None - -####Bugfixes -* Fix recursive file management -* Set undefined variables to work with strict_variables - -####Changes -None - -####Testing changes -None - -####Known bugs -* Possible package conflicts when using ruby/python defines with main package name - -##0.9.0 ( Feb 02, 2015 ) - -###Summary -This release is the first one towards 1.0 release. -Our planning is to provide LTS releases with the puppet module - -####Features -* Support for using hiera to define instances and plugins. -* Support for OpenSuSE 13.x -* Custom facts about the installed Elasticsearch instance(s) -* Proxy host/port support for the plugin installation -* Ability to supply a custom logging.yml template - -####Bugfixes -* Ensure file owners are correct accross all related files -* Fix of possible service name conflict -* Empty main config would fail with instances -* Removal of standard files from packages we dont use -* Ensuring correct sequence of plugin and template defines -* Added ES_CLASSPATH export to init scripts - -####Changes -* Java installation to use puppetlabs-java module -* Added Support and testing for Puppet 3.7 and PE 3.7 -* Improve metadata.json based on scoring from Forge - - -####Testing changes -* Added testing against Puppet 3.7 and PE 3.7 -* Using rspec3 -* Using rspec-puppet-facts gem simplifies rspec testing - -####Known Bugs -* Possible package conflicts when using ruby/python defines with main package name - -##0.4.0 ( Jun 18, 2014 ) - Backwards compatible breaking release - -###Summary -This release introduces instances to facilitate the option to have more then a single instance running on the host system. - -####Features -* Rewrite module to incorperate multi instance support -* New readme layout - -####Bugfixes -* None - -####Changes -* Adding ec2-linux osfamily for repo management -* Retry behaviour for plugin installation - -####Testing changes -* Adding Puppet 3.6.x testing -* Ubuntu 14.04 testing -* Using new docker images -* Pin rspec to 2.14.x - -####Known Bugs -* No known bugs - -##0.3.2 ( May 15, 2014 ) -* Add support for SLC/Scientific Linux CERN ( PR #121 ) -* Add support for custom package names ( PR #122 ) -* Fix python and ruby client defines to avoid name clashes. -* Add ability to use stage instead of anchor for repo class -* Minor fixes to system tests - -##0.3.1 ( April 22, 2014 ) -* Ensure we create the plugin directory before installing plugins -* Added Puppet 3.5.x to rspec and system tests - -##0.3.0 ( April 2, 2014 ) -* Fix minor issue with yumrepo in repo class ( PR #92 ) -* Implement OpenSuse support -* Implement Junit reporting for tests -* Adding more system tests and convert to Docker images -* Use Augeas for managing the defaults file -* Add retry to package download exec -* Add management to manage the logging.yml file -* Improve inline documentation -* Improve support for Debian 6 -* Improve augeas for values with spaces -* Run plugin install as ES user ( PR #108 ) -* Fix rights for the plugin directory -* Pin Rake for Ruby 1.8.7 -* Adding new metadata for Forge. -* Increase time for retry to insert the template - -##0.2.4 ( Feb 21, 2014 ) -* Set puppetlabs-stdlib dependency version from 3.0.0 to 3.2.0 to be inline with other modules -* Let puppet run fail when template insert fails -* Documentation improvements ( PR #77, #78, #83 ) -* Added beaker system tests -* Fixed template define after failing system tests -* Some fixes so variables are more inline with intended structure - -##0.2.3 ( Feb 06, 2014 ) -* Add repository management feature -* Improve testing coverage and implement basic resource coverage reporting -* Add puppet 3.4.x testing -* Fix dependency in template define ( PR #72 ) -* For apt repo change from key server to key file - -##0.2.2 ( Jan 23, 2014 ) -* Ensure exec names are unique. This caused issues when using our logstash module -* Add spec tests for plugin define - -##0.2.1 ( Jan 22, 2014 ) -* Simplify the management of the defaults file ( PR #64 ) -* Doc improvements for the plugin define ( PR #66 ) -* Allow creation of data directory ( PR #68 ) -* Fail early when package version and package_url are defined - -##0.2.0 ( Nov 19, 2013 ) -* Large rewrite of the entire module described below -* Make the core more dynamic for different service providers and multi instance capable -* Add better testing and devided into different files -* Fix template function. Replace of template is now only done when the file is changed -* Add different ways to install the package except from the repository ( puppet/http/https/ftp/file ) -* Update java class to install openjdk 1.7 -* Add tests for python function -* Update config file template to fix scoping issue ( from PR #57 ) -* Add validation of templates -* Small changes for preperation for system tests -* Update readme for new functionality -* Added more test scenario's -* Added puppet parser validate task for added checking -* Ensure we don't add stuff when removing the module -* Update python client define -* Add ruby client define -* Add tests for ruby clients and update python client tests - -##0.1.3 ( Sep 06, 2013 ) -* Exec path settings has been updated to fix warnings ( PR #37, #47 ) -* Adding define to install python bindings ( PR #43 ) -* Scope deprecation fixes ( PR #41 ) -* feature to install plugins ( PR #40 ) - -##0.1.2 ( Jun 21, 2013 ) -* Update rake file to ignore the param inherit -* Added missing documentation to the template define -* Fix for template define to allow multiple templates ( PR #36 by Bruce Morrison ) - -##0.1.1 ( Jun 14, 2013 ) -* Add Oracle Linux to the OS list ( PR #25 by Stas Alekseev ) -* Respect the restart_on_change on the defaults ( PR #29 by Simon Effenberg ) -* Make sure the config can be empty as advertised in the readme -* Remove dependency cycle when the defaults file is updated ( PR #31 by Bruce Morrison ) -* Enable retry on the template insert in case ES isn't started yet ( PR #32 by Bruce Morrison ) -* Update templates to avoid deprecation notice with Puppet 3.2.x -* Update template define to avoid auto insert issue with ES -* Update spec tests to reflect changes to template define - -##0.1.0 ( May 09, 2013 ) -* Populate .gitignore ( PR #19 by Igor Galić ) -* Add ability to install initfile ( PR #20 by Justin Lambert ) -* Add ability to manage default file service parameters ( PR #21 by Mathieu Bornoz ) -* Providing complete containment of the module ( PR #24 by Brian Lalor ) -* Add ability to specify package version ( PR #25 by Justin Lambert ) -* Adding license file - -##0.0.7 ( Mar 23, 2013 ) -* Ensure config directory is created and managed ( PR #13 by Martin Seener ) -* Dont backup package if it changes -* Create explicit dependency on template directory ( PR #16 by Igor Galić ) -* Make the config directory variable ( PR #17 by Igor Galić and PR #18 by Vincent Janelle ) -* Fixing template define - -##0.0.6 ( Mar 05, 2013 ) -* Fixing issue with configuration not printing out arrays -* New feature to write the config hash shorter -* Updated readme to reflect the new feature -* Adding spec tests for config file generation - -##0.0.5 ( Mar 03, 2013 ) -* Option to disable restart on config file change ( PR #10 by Chris Boulton ) - -##0.0.4 ( Mar 02, 2013 ) -* Fixed a major issue with the config template ( Issue #9 ) - -##0.0.3 ( Mar 02, 2013 ) -* Adding spec tests -* Fixed init issue on Ubuntu ( Issue #6 by Marcus Furlong ) -* Fixed config template problem ( Issue #8 by surfchris ) -* New feature to manage templates - -##0.0.2 ( Feb 16, 2013 ) -* Feature to supply a package instead of being dependent on the repository -* Feature to install java in case one doesn't manage it externally -* Adding RedHat and Amazon as Operating systems -* fixed a typo - its a shard not a shared :) ( PR #5 by Martin Seener ) - -##0.0.1 ( Jan 13, 2013 ) -* Initial release of the module diff --git a/elasticsearch/CONTRIBUTING.md b/elasticsearch/CONTRIBUTING.md deleted file mode 100644 index 80f5cdde2..000000000 --- a/elasticsearch/CONTRIBUTING.md +++ /dev/null @@ -1,46 +0,0 @@ -If you have a bugfix or new feature that you would like to contribute to this puppet module, please find or open an issue about it first. Talk about what you would like to do. It may be that somebody is already working on it, or that there are particular issues that you should know about before implementing the change. - -We enjoy working with contributors to get their code accepted. There are many approaches to fixing a problem and it is important to find the best approach before writing too much code. - -The process for contributing to any of the Elastic repositories is similar. - -1. Sign the contributor license agreement -Please make sure you have signed the [Contributor License Agreement](http://www.elastic.co/contributor-agreement/). We are not asking you to assign copyright to us, but to give us the right to distribute your code without restriction. We ask this of all contributors in order to assure our users of the origin and continuing existence of the code. You only need to sign the CLA once. - -2. Run the rspec tests and ensure it completes without errors with your changes. - -3. Run the acceptance tests - -These instructions are for Ubuntu 14.04 - -* install docker 0.11.1 - * wget https://get.docker.io/ubuntu/pool/main/l/lxc-docker/lxc-docker_0.11.1_amd64.deb - * wget https://get.docker.io/ubuntu/pool/main/l/lxc-docker-0.11.1/lxc-docker-0.11.1_0.11.1_amd64.deb - * sudo dpkg -i lxc-docker_0.11.1_amd64.deb lxc-docker-0.11.1_0.11.1_amd64.deb - * sudo usermod -a -G docker $USER -* export RS_SET='ubuntu-server-1404-x64' # see spec/acceptance/nodesets for more -* export VM_PUPPET_VERSION='3.7.0' -* wget https://download.elastic.co/elasticsearch/elasticsearch/elasticsearch-1.1.0.deb -* wget https://forgeapi.puppetlabs.com/v3/files/puppetlabs-stdlib-3.2.0.tar.gz -* wget https://forgeapi.puppetlabs.com/v3/files/puppetlabs-apt-1.4.2.tar.gz -* export files_dir=$(pwd) -* bundle install -* bundle exec rspec --require ci/reporter/rspec --format CI::Reporter::RSpecFormatter spec/acceptance/*_spec.rb - -``` - Hypervisor for ubuntu-14-04 is docker - Beaker::Hypervisor, found some docker boxes to create - Provisioning docker - provisioning ubuntu-14-04 - ... - Finished in 18 minutes 6 seconds - 224 examples, 0 failures, 3 pending -``` - -4. Rebase your changes -Update your local repository with the most recent code from the main this puppet module repository, and rebase your branch on top of the latest master branch. We prefer your changes to be squashed into a single commit. - -5. Submit a pull request -Push your local changes to your forked copy of the repository and submit a pull request. In the pull request, describe what your changes do and mention the number of the issue where discussion has taken place, eg “Closes #123″. - -Then sit back and wait. There will probably be discussion about the pull request and, if any changes are needed, we would love to work with you to get your pull request merged into this puppet module. diff --git a/elasticsearch/CONTRIBUTORS b/elasticsearch/CONTRIBUTORS deleted file mode 100644 index ad0eb76c4..000000000 --- a/elasticsearch/CONTRIBUTORS +++ /dev/null @@ -1,20 +0,0 @@ -The following is a list of people who have contributed ideas, code, bug -reports, or in general have helped this puppet module along its way. - -Project Owner -* Richard Pijnenburg (electrical) - -Contributors: -Martin Seener (martinseener) -Marcus Furlong (furlongm) -Chris Boulton (chrisboulton) -Igor Galić (igalic) -Vincent Janelle (vjanelle) -Mathieu Bornoz (mbornoz) -Justin Lambert (jlambert121) -Brian Lalor (blalor) -Stas Alekseev (salekseev) -Simon Effenberg (Savar) -Bruce Morrison (brucem) -deanmalmgren -Matteo Sessa (msessa-cotd) diff --git a/elasticsearch/Gemfile b/elasticsearch/Gemfile deleted file mode 100644 index f3f9bc328..000000000 --- a/elasticsearch/Gemfile +++ /dev/null @@ -1,32 +0,0 @@ -source 'https://rubygems.org' - -puppetversion = ENV['PUPPET_VERSION'] || '~> 3.8.0' -gem 'puppet', puppetversion, :require => false - -gem 'beaker' -gem 'beaker-rspec' -gem 'metadata-json-lint' -gem 'rspec-puppet' - -gem 'pry' -gem 'docker-api', '~> 1.0' -gem 'rubysl-securerandom' -gem 'ci_reporter_rspec' -gem 'rspec', '~> 3.0' -gem 'rake' -gem 'puppet-doc-lint' -gem 'puppet-lint' -gem 'puppetlabs_spec_helper' -gem 'puppet-syntax' -gem 'rspec-puppet-facts' -gem 'webmock' - -# Extra Puppet-lint gems -gem 'puppet-lint-appends-check', :require => false -gem 'puppet-lint-version_comparison-check', :require => false -gem 'puppet-lint-unquoted_string-check', :require => false -gem 'puppet-lint-undef_in_function-check', :require => false -gem 'puppet-lint-trailing_comma-check', :require => false -gem 'puppet-lint-leading_zero-check', :require => false -gem 'puppet-lint-file_ensure-check', :require => false -gem 'puppet-lint-empty_string-check', :require => false diff --git a/elasticsearch/LICENSE b/elasticsearch/LICENSE deleted file mode 100644 index 0455cacdf..000000000 --- a/elasticsearch/LICENSE +++ /dev/null @@ -1,13 +0,0 @@ -Copyright (c) 2012-2016 Elasticsearch - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. diff --git a/elasticsearch/README.md b/elasticsearch/README.md deleted file mode 100644 index 0b5deaa42..000000000 --- a/elasticsearch/README.md +++ /dev/null @@ -1,532 +0,0 @@ -#Elasticsearch Puppet module - -####Table of Contents - -1. [Overview](#overview) -2. [Module description - What the module does and why it is useful](#module-description) -3. [Setup - The basics of getting started with Elasticsearch](#setup) - * [The module manages the following](#the-module-manages-the-following) - * [Requirements](#requirements) -4. [Usage - Configuration options and additional functionality](#usage) -5. [Advanced features - Extra information on advanced usage](#advanced-features) -6. [Limitations - OS compatibility, etc.](#limitations) -7. [Development - Guide for contributing to the module](#development) -8. [Support - When you need help with this module](#support) - - - -##Overview - -This module manages Elasticsearch (http://www.elasticsearch.org/overview/elasticsearch/) - -##Module description - -The elasticsearch module sets up Elasticsearch instances and can manage plugins and templates. - -This module has been tested against all versions of ES 1.x and 2.x - -##Setup - -###The module manages the following - -* Elasticsearch repository files. -* Elasticsearch package. -* Elasticsearch configuration file. -* Elasticsearch service. -* Elasticsearch plugins. -* Elasticsearch templates. - -###Requirements - -* The [stdlib](https://forge.puppetlabs.com/puppetlabs/stdlib) Puppet library. -* [ceritsc/yum](https://forge.puppetlabs.com/ceritsc/yum) For yum version lock. -* [richardc/datacat](https://forge.puppetlabs.com/richardc/datacat) -* [Augeas](http://augeas.net/) - -#### Repository management -When using the repository management you will need the following dependency modules: - -* Debian/Ubuntu: [Puppetlabs/apt](http://forge.puppetlabs.com/puppetlabs/apt) -* OpenSuSE: [Darin/zypprepo](https://forge.puppetlabs.com/darin/zypprepo) - -##Usage - -###Main class - -####Install a specific version - -```puppet -class { 'elasticsearch': - version => '1.4.2' -} -``` - -Note: This will only work when using the repository. - -####Automatic upgrade of the software ( default set to false ) -```puppet -class { 'elasticsearch': - autoupgrade => true -} -``` - -####Removal/decommissioning -```puppet -class { 'elasticsearch': - ensure => 'absent' -} -``` - -####Install everything but disable service(s) afterwards -```puppet -class { 'elasticsearch': - status => 'disabled' -} -``` - -###Instances - -This module works with the concept of instances. For service to start you need to specify at least one instance. - -####Quick setup -```puppet -elasticsearch::instance { 'es-01': } -``` - -This will set up its own data directory and set the node name to `$hostname-$instance_name` - -####Advanced options - -Instance specific options can be given: - -```puppet -elasticsearch::instance { 'es-01': - config => { }, # Configuration hash - init_defaults => { }, # Init defaults hash - datadir => [ ], # Data directory -} -``` - -See [Advanced features](#advanced-features) for more information - -###Plug-ins - -Install [a variety of plugins](http://www.elasticsearch.org/guide/en/elasticsearch/reference/current/modules-plugins.html#known-plugins). Note that `module_dir` is where the plugin will install itself to and must match that published by the plugin author; it is not where you would like to install it yourself. - -####From official repository -```puppet -elasticsearch::plugin{'lmenezes/elasticsearch-kopf': - instances => 'instance_name' -} -``` -####From custom url -```puppet -elasticsearch::plugin{ 'jetty': - url => 'https://oss-es-plugins.s3.amazonaws.com/elasticsearch-jetty/elasticsearch-jetty-1.2.1.zip', - instances => 'instance_name' -} -``` - -####Using a proxy -You can also use a proxy if required by setting the `proxy_host` and `proxy_port` options: -```puppet -elasticsearch::plugin { 'lmenezes/elasticsearch-kopf', - instances => 'instance_name', - proxy_host => 'proxy.host.com', - proxy_port => 3128 -} -``` - -#####Plugin name could be: -* `elasticsearch/plugin/version` for official elasticsearch plugins (download from download.elasticsearch.org) -* `groupId/artifactId/version` for community plugins (download from maven central or oss sonatype) -* `username/repository` for site plugins (download from github master) - -####Upgrading plugins -When you specify a certain plugin version, you can upgrade that plugin by specifying the new version. - -```puppet -elasticsearch::plugin { 'elasticsearch/elasticsearch-cloud-aws/2.1.1': -} -``` - -And to upgrade, you would simply change it to - -```puppet -elasticsearch::plugin { 'elasticsearch/elasticsearch-cloud-aws/2.4.1': -} -``` - -Please note that this does not work when you specify 'latest' as a version number. - -####ES 2.x official plugins -For the Elasticsearch commercial plugins you can refer them to the simple name. - -See the [Plugin installation](https://www.elastic.co/guide/en/elasticsearch/plugins/current/installation.html) for more details. - -###Scripts - -Install [scripts](http://www.elastic.co/guide/en/elasticsearch/reference/current/modules-scripting.html) to be used by Elasticsearch. -These scripts are shared across all defined instances on the same host. - -```puppet -elasticsearch::script { 'myscript': - ensure => 'present', - source => 'puppet:///path/to/my/script.groovy' -} -``` - -###Templates - -#### Add a new template using a file - -This will install and/or replace the template in Elasticsearch: - -```puppet -elasticsearch::template { 'templatename': - file => 'puppet:///path/to/template.json' -} -``` - -#### Add a new template using content - -This will install and/or replace the template in Elasticsearch: - -```puppet -elasticsearch::template { 'templatename': - content => '{"template":"*","settings":{"number_of_replicas":0}}' -} -``` - -#### Delete a template - -```puppet -elasticsearch::template { 'templatename': - ensure => 'absent' -} -``` - -#### Host - -By default it uses localhost:9200 as host. you can change this with the `host` and `port` variables - -```puppet -elasticsearch::template { 'templatename': - host => $::ipaddress, - port => 9200 -} -``` - -###Bindings / Clients - -Install a variety of [clients/bindings](http://www.elasticsearch.org/guide/en/elasticsearch/client/community/current/clients.html): - -####Python - -```puppet -elasticsearch::python { 'rawes': } -``` - -####Ruby -```puppet -elasticsearch::ruby { 'elasticsearch': } -``` - -###Connection Validator - -This module offers a way to make sure an instance has been started and is up and running before -doing a next action. This is done via the use of the `es_instance_conn_validator` resource. -```puppet -es_instance_conn_validator { 'myinstance' : - server => 'es.example.com', - port => '9200', -} -``` - -A common use would be for example : - -```puppet -class { 'kibana4' : - require => Es_Instance_Conn_Validator['myinstance'], -} -``` - -###Package installation - -There are 2 different ways of installing the software - -####Repository - -This option allows you to use an existing repository for package installation. -The `repo_version` corresponds with the major version of Elasticsearch. - -```puppet -class { 'elasticsearch': - manage_repo => true, - repo_version => '1.4', -} -``` - -####Remote package source - -When a repository is not available or preferred you can install the packages from a remote source: - -#####http/https/ftp -```puppet -class { 'elasticsearch': - package_url => 'https://download.elasticsearch.org/elasticsearch/elasticsearch/elasticsearch-1.4.2.deb', - proxy_url => 'http://proxy.example.com:8080/', -} -``` -Setting proxy_url to a location will enable download using the provided proxy -server. This parameter is also used by elasticsearch::plugin. Setting the port -in the proxy_url is mandatory. proxy_url defaults to undef (proxy disabled). - -#####puppet:// -```puppet -class { 'elasticsearch': - package_url => 'puppet:///path/to/elasticsearch-1.4.2.deb' -} -``` - -#####Local file -```puppet -class { 'elasticsearch': - package_url => 'file:/path/to/elasticsearch-1.4.2.deb' -} -``` - -###Java installation - -Most sites will manage Java separately; however, this module can attempt to install Java as well. -This is done by using the [puppetlabs-java](https://forge.puppetlabs.com/puppetlabs/java) module. - -```puppet -class { 'elasticsearch': - java_install => true -} -``` - -Specify a particular Java package/version to be installed: - -```puppet -class { 'elasticsearch': - java_install => true, - java_package => 'packagename' -} -``` - -###Service management - -Currently only the basic SysV-style [init](https://en.wikipedia.org/wiki/Init) and [Systemd](http://en.wikipedia.org/wiki/Systemd) service providers are supported, but other systems could be implemented as necessary (pull requests welcome). - - -####Defaults File - -The *defaults* file (`/etc/defaults/elasticsearch` or `/etc/sysconfig/elasticsearch`) for the Elasticsearch service can be populated as necessary. This can either be a static file resource or a simple key value-style [hash](http://docs.puppetlabs.com/puppet/latest/reference/lang_datatypes.html#hashes) object, the latter being particularly well-suited to pulling out of a data source such as Hiera. - -#####file source -```puppet -class { 'elasticsearch': - init_defaults_file => 'puppet:///path/to/defaults' -} -``` -#####hash representation -```puppet -$config_hash = { - 'ES_HEAP_SIZE' => '30g', -} - -class { 'elasticsearch': - init_defaults => $config_hash -} -``` - -Note: `init_defaults` hash can be passed to the main class and to the instance. - -##Advanced features - -###Package version pinning - -The module supports pinning the package version to avoid accidental upgrades that are not done by Puppet. -To enable this feature: - -```puppet -class { 'elasticsearch': - package_pin => true, - version => '1.5.2', -} -``` - -In this example we pin the package version to 1.5.2. - - -###Data directories - -There are 4 different ways of setting data directories for Elasticsearch. -In every case the required configuration options are placed in the `elasticsearch.yml` file. - -####Default -By default we use: - -`/usr/share/elasticsearch/data/$instance_name` - -Which provides a data directory per instance. - - -####Single global data directory - -```puppet -class { 'elasticsearch': - datadir => '/var/lib/elasticsearch-data' -} -``` -Creates the following for each instance: - -`/var/lib/elasticsearch-data/$instance_name` - -####Multiple Global data directories - -```puppet -class { 'elasticsearch': - datadir => [ '/var/lib/es-data1', '/var/lib/es-data2'] -} -``` -Creates the following for each instance: -`/var/lib/es-data1/$instance_name` -and -`/var/lib/es-data2/$instance_name` - - -####Single instance data directory - -```puppet -class { 'elasticsearch': } - -elasticsearch::instance { 'es-01': - datadir => '/var/lib/es-data-es01' -} -``` -Creates the following for this instance: -`/var/lib/es-data-es01` - -####Multiple instance data directories - -```puppet -class { 'elasticsearch': } - -elasticsearch::instance { 'es-01': - datadir => ['/var/lib/es-data1-es01', '/var/lib/es-data2-es01'] -} -``` -Creates the following for this instance: -`/var/lib/es-data1-es01` -and -`/var/lib/es-data2-es01` - - -###Main and instance configurations - -The `config` option in both the main class and the instances can be configured to work together. - -The options in the `instance` config hash will merged with the ones from the main class and override any duplicates. - -#### Simple merging - -```puppet -class { 'elasticsearch': - config => { 'cluster.name' => 'clustername' } -} - -elasticsearch::instance { 'es-01': - config => { 'node.name' => 'nodename' } -} -elasticsearch::instance { 'es-02': - config => { 'node.name' => 'nodename2' } -} - -``` - -This example merges the `cluster.name` together with the `node.name` option. - -#### Overriding - -When duplicate options are provided, the option in the instance config overrides the ones from the main class. - -```puppet -class { 'elasticsearch': - config => { 'cluster.name' => 'clustername' } -} - -elasticsearch::instance { 'es-01': - config => { 'node.name' => 'nodename', 'cluster.name' => 'otherclustername' } -} - -elasticsearch::instance { 'es-02': - config => { 'node.name' => 'nodename2' } -} -``` - -This will set the cluster name to `otherclustername` for the instance `es-01` but will keep it to `clustername` for instance `es-02` - -####Configuration writeup - -The `config` hash can be written in 2 different ways: - -##### Full hash writeup - -Instead of writing the full hash representation: -```puppet -class { 'elasticsearch': - config => { - 'cluster' => { - 'name' => 'ClusterName', - 'routing' => { - 'allocation' => { - 'awareness' => { - 'attributes' => 'rack' - } - } - } - } - } -} -``` -##### Short hash writeup -```puppet -class { 'elasticsearch': - config => { - 'cluster' => { - 'name' => 'ClusterName', - 'routing.allocation.awareness.attributes' => 'rack' - } - } -} -``` - - -##Limitations - -This module has been built on and tested against Puppet 3.2 and higher. - -The module has been tested on: - -* Debian 6/7/8 -* CentOS 6/7 -* Ubuntu 12.04, 14.04 -* OpenSuSE 13.x - -Other distro's that have been reported to work: - -* RHEL 6 -* OracleLinux 6 -* Scientific 6 - -Testing on other platforms has been light and cannot be guaranteed. - -##Development - - -##Support - -Need help? Join us in [#elasticsearch](https://webchat.freenode.net?channels=%23elasticsearch) on Freenode IRC or on the [discussion forum](https://discuss.elastic.co/). diff --git a/elasticsearch/Rakefile b/elasticsearch/Rakefile deleted file mode 100644 index 4e1e379fa..000000000 --- a/elasticsearch/Rakefile +++ /dev/null @@ -1,28 +0,0 @@ -require 'rubygems' -require 'puppetlabs_spec_helper/rake_tasks' - -exclude_paths = [ - "pkg/**/*", - "vendor/**/*", - "spec/**/*", -] - -require 'puppet-doc-lint/rake_task' -PuppetDocLint.configuration.ignore_paths = exclude_paths - -require 'puppet-lint/tasks/puppet-lint' -require 'puppet-syntax/tasks/puppet-syntax' - -PuppetSyntax.exclude_paths = exclude_paths -PuppetSyntax.future_parser = true if ENV['FUTURE_PARSER'] == 'true' - -disable_checks = [ - '80chars', - 'class_inherits_from_params_class', - 'class_parameter_defaults', - 'documentation', - 'single_quote_string_with_variables' -].each { |check| PuppetLint.configuration.send("disable_#{check}") } - -PuppetLint.configuration.ignore_paths = exclude_paths -PuppetLint.configuration.log_format = "%{path}:%{linenumber}:%{check}:%{KIND}:%{message}" diff --git a/elasticsearch/lib/facter/es_facts.rb b/elasticsearch/lib/facter/es_facts.rb deleted file mode 100644 index d9b4bca91..000000000 --- a/elasticsearch/lib/facter/es_facts.rb +++ /dev/null @@ -1,99 +0,0 @@ -require 'net/http' -require 'json' -require 'yaml' - -module EsFacts - - def self.add_fact(prefix, key, value) - key = "#{prefix}_#{key}".to_sym - ::Facter.add(key) do - setcode { value } - end - end - - def self.run - - dir_prefix = '/etc/elasticsearch' - ports = [] - - # only when the directory exists we need to process the stuff - if File.directory?(dir_prefix) - - Dir.foreach(dir_prefix) { |dir| - next if dir == '.' - if File.exists?("#{dir_prefix}/#{dir}/elasticsearch.yml") - config_data = YAML.load_file("#{dir_prefix}/#{dir}/elasticsearch.yml") - unless config_data['http'].nil? - next if config_data['http']['enabled'] == 'false' - if config_data['http']['port'].nil? - port = "9200" - else - port = config_data['http']['port'] - end - else - port = "9200" - end - ports << port - end - } - - begin - if ports.count > 0 - - add_fact('elasticsearch', 'ports', ports.join(",") ) - ports.each do |port| - - key_prefix = "elasticsearch_#{port}" - - uri = URI("http://localhost:#{port}") - http = Net::HTTP.new(uri.host, uri.port) - http.read_timeout = 10 - response = http.get("/") - json_data = JSON.parse(response.body) - next if json_data['status'] && json_data['status'] != 200 - - add_fact(key_prefix, 'name', json_data['name']) - add_fact(key_prefix, 'version', json_data['version']['number']) - - uri2 = URI("http://localhost:#{port}/_nodes/#{json_data['name']}") - http2 = Net::HTTP.new(uri2.host, uri2.port) - http2.read_timeout = 10 - response2 = http2.get(uri2.path) - json_data_node = JSON.parse(response2.body) - - add_fact(key_prefix, 'cluster_name', json_data_node['cluster_name']) - node_data = json_data_node['nodes'].first - - add_fact(key_prefix, 'node_id', node_data[0]) - - nodes_data = json_data_node['nodes'][node_data[0]] - - process = nodes_data['process'] - add_fact(key_prefix, 'mlockall', process['mlockall']) - - plugins = nodes_data['plugins'] - - plugin_names = [] - plugins.each do |plugin| - plugin_names << plugin['name'] - - plugin.each do |key, value| - prefix = "#{key_prefix}_plugin_#{plugin['name']}" - add_fact(prefix, key, value) unless key == 'name' - end - end - add_fact(key_prefix, 'plugins', plugin_names.join(",")) - - end - - end - rescue - end - - end - - end - -end - -EsFacts.run diff --git a/elasticsearch/lib/puppet/parser/functions/array_suffix.rb b/elasticsearch/lib/puppet/parser/functions/array_suffix.rb deleted file mode 100644 index 0f2da68e7..000000000 --- a/elasticsearch/lib/puppet/parser/functions/array_suffix.rb +++ /dev/null @@ -1,45 +0,0 @@ -# -# suffix.rb -# - -module Puppet::Parser::Functions - newfunction(:array_suffix, :type => :rvalue, :doc => <<-EOS -This function applies a suffix to all elements in an array. - -*Examples:* - - array_suffix(['a','b','c'], 'p') - -Will return: ['ap','bp','cp'] - EOS - ) do |arguments| - - # Technically we support two arguments but only first is mandatory ... - raise(Puppet::ParseError, "array_suffix(): Wrong number of arguments " + - "given (#{arguments.size} for 1)") if arguments.size < 1 - - array = arguments[0] - - unless array.is_a?(Array) - raise Puppet::ParseError, "array_suffix(): expected first argument to be an Array, got #{array.inspect}" - end - - suffix = arguments[1] if arguments[1] - - if suffix - unless suffix.is_a? String - raise Puppet::ParseError, "array_suffix(): expected second argument to be a String, got #{suffix.inspect}" - end - end - - # Turn everything into string same as join would do ... - result = array.collect do |i| - i = i.to_s - suffix ? i + suffix : i - end - - return result - end -end - -# vim: set ts=2 sw=2 et : diff --git a/elasticsearch/lib/puppet/parser/functions/plugin_dir.rb b/elasticsearch/lib/puppet/parser/functions/plugin_dir.rb deleted file mode 100644 index 94c1ce1e6..000000000 --- a/elasticsearch/lib/puppet/parser/functions/plugin_dir.rb +++ /dev/null @@ -1,43 +0,0 @@ -module Puppet::Parser::Functions - newfunction(:plugin_dir, :type => :rvalue, :doc => <<-EOS - Extracts the end plugin directory of the name - EOS - ) do |arguments| - - if arguments.size < 1 then - raise(Puppet::ParseError, "plugin_dir(): No arguments given") - elsif arguments.size > 2 then - raise(Puppet::ParseError, "plugin_dir(): Too many arguments given (#{arguments.size})") - else - - unless arguments[0].is_a?(String) - raise(Puppet::ParseError, 'plugin_dir(): Requires string as first argument') - end - - plugin_name = arguments[0] - items = plugin_name.split("/") - - if items.count == 1 - endname = items[0] - elsif items.count > 1 - plugin = items[1] - if plugin.include?('-') # example elasticsearch-head - if plugin.start_with?('elasticsearch-') - endname = plugin.gsub('elasticsearch-', '') - elsif plugin.start_with?('es-') - endname = plugin.gsub('es-', '') - else - endname = plugin - end - else - endname = plugin - end - else - raise(Puppet::ParseError, "Unable to parse plugin name: #{plugin_name}") - end - - return endname - - end - end -end diff --git a/elasticsearch/lib/puppet/provider/elasticsearch_plugin/plugin.rb b/elasticsearch/lib/puppet/provider/elasticsearch_plugin/plugin.rb deleted file mode 100644 index 72329c9f1..000000000 --- a/elasticsearch/lib/puppet/provider/elasticsearch_plugin/plugin.rb +++ /dev/null @@ -1,171 +0,0 @@ -$LOAD_PATH.unshift(File.join(File.dirname(__FILE__),"..","..","..")) - -Puppet::Type.type(:elasticsearch_plugin).provide(:plugin) do - desc "A provider for the resource type `elasticsearch_plugin`, - which handles plugin installation" - - os = Facter['osfamily'].value - if os == 'OpenBSD' - commands :plugin => '/usr/local/elasticsearch/bin/plugin' - commands :es => '/usr/local/elasticsearch/bin/elasticsearch' - commands :javapathhelper => '/usr/local/bin/javaPathHelper' - else - commands :plugin => '/usr/share/elasticsearch/bin/plugin' - commands :es => '/usr/share/elasticsearch/bin/elasticsearch' - end - - def exists? - es_version - if !File.exists?(pluginfile) - debug "Plugin file #{pluginfile} does not exist" - return false - elsif File.exists?(pluginfile) && readpluginfile != pluginfile_content - debug "Got #{readpluginfile} Expected #{pluginfile_content}. Removing for reinstall" - self.destroy - return false - else - debug "Plugin exists" - return true - end - end - - def pluginfile_content - return @resource[:name] if is1x? - - if @resource[:name].split("/").count == 1 # Official plugin - version = plugin_version(@resource[:name]) - return "#{@resource[:name]}/#{version}" - else - return @resource[:name] - end - end - - def pluginfile - File.join(@resource[:plugin_dir], plugin_name(@resource[:name]), '.name') - end - - def writepluginfile - File.open(pluginfile, 'w') do |file| - file.write pluginfile_content - end - end - - def readpluginfile - f = File.open(pluginfile) - f.readline - end - - def install1x - if !@resource[:url].nil? - commands = [ plugin_name(@resource[:name]), '--url', @resource[:url] ] - elsif !@resource[:source].nil? - commands = [ plugin_name(@resource[:name]), '--url', "file://#{@resource[:source]}" ] - else - commands = [ @resource[:name] ] - end - commands - end - - def install2x - if !@resource[:url].nil? - commands = [ @resource[:url] ] - elsif !@resource[:source].nil? - commands = [ "file://#{@resource[:source]}" ] - else - commands = [ @resource[:name] ] - end - commands - end - - def install_options - return @resource[:install_options].join(' ') if @resource[:install_options].is_a?(Array) - return @resource[:install_options] - end - - def create - es_version - commands = [] - commands << @resource[:proxy_args].split(' ') if @resource[:proxy_args] - commands << install_options if @resource[:install_options] - commands << 'install' - commands << '--batch' if is22x? - commands << install1x if is1x? - commands << install2x if is2x? - debug("Commands: #{commands.inspect}") - - retry_count = 3 - retry_times = 0 - begin - plugin(commands) - rescue Puppet::ExecutionFailure => e - retry_times += 1 - debug("Failed to install plugin. Retrying... #{retry_times} of #{retry_count}") - sleep 2 - retry if retry_times < retry_count - raise "Failed to install plugin. Received error: #{e.inspect}" - end - - writepluginfile - end - - def destroy - plugin(['remove', @resource[:name]]) - end - - def es_version - return @es_version if @es_version - es_save = ENV['ES_INCLUDE'] - java_save = ENV['JAVA_HOME'] - - os = Facter['osfamily'].value - if os == 'OpenBSD' - ENV['JAVA_HOME'] = javapathhelper('-h', 'elasticsearch').chomp - ENV['ES_INCLUDE'] = '/etc/elasticsearch/elasticsearch.in.sh' - end - begin - version = es('-version') - rescue - ENV['ES_INCLUDE'] = es_save if es_save - ENV['JAVA_HOME'] = java_save if java_save - raise "Unknown ES version. Got #{version.inspect}" - ensure - ENV['ES_INCLUDE'] = es_save if es_save - ENV['JAVA_HOME'] = java_save if java_save - @es_version = version.scan(/\d+\.\d+\.\d+(?:\-\S+)?/).first - debug "Found ES version #{@es_version}" - end - end - - def is1x? - Puppet::Util::Package.versioncmp(@es_version, '2.0.0') < 0 - end - - def is2x? - (Puppet::Util::Package.versioncmp(@es_version, '2.0.0') >= 0) && (Puppet::Util::Package.versioncmp(@es_version, '3.0.0') < 0) - end - - def is22x? - (Puppet::Util::Package.versioncmp(@es_version, '2.2.0') >= 0) && (Puppet::Util::Package.versioncmp(@es_version, '3.0.0') < 0) - end - - - def plugin_version(plugin_name) - vendor, plugin, version = plugin_name.split('/') - return @es_version if is2x? && version.nil? - return version.scan(/\d+\.\d+\.\d+(?:\-\S+)?/).first unless version.nil? - return false - end - - def plugin_name(plugin_name) - - vendor, plugin, version = plugin_name.split('/') - - endname = vendor if plugin.nil? # If its a single name plugin like the ES 2.x official plugins - endname = plugin.gsub(/(elasticsearch-|es-)/, '') unless plugin.nil? - - return endname.downcase if is2x? - return endname - - end - -end diff --git a/elasticsearch/lib/puppet/provider/es_instance_conn_validator/tcp_port.rb b/elasticsearch/lib/puppet/provider/es_instance_conn_validator/tcp_port.rb deleted file mode 100644 index 3cd1ef6bf..000000000 --- a/elasticsearch/lib/puppet/provider/es_instance_conn_validator/tcp_port.rb +++ /dev/null @@ -1,51 +0,0 @@ -$LOAD_PATH.unshift(File.join(File.dirname(__FILE__),"..","..","..")) -require 'puppet/util/es_instance_validator' - -# This file contains a provider for the resource type `es_instance_conn_validator`, -# which validates the Elasticsearch instance connection by attempting an https connection. - -Puppet::Type.type(:es_instance_conn_validator).provide(:tcp_port) do - desc "A provider for the resource type `es_instance_conn_validator`, - which validates the connection by attempting an https - connection to the Elasticsearch instance." - - def exists? - start_time = Time.now - timeout = resource[:timeout] - - success = validator.attempt_connection - - while success == false && ((Time.now - start_time) < timeout) - # It can take several seconds for the Elasticsearch instance to start up; - # especially on the first install. Therefore, our first connection attempt - # may fail. Here we have somewhat arbitrarily chosen to retry every 2 - # seconds until the configurable timeout has expired. - Puppet.debug("Failed to connect to the Elasticsearch instance; sleeping 2 seconds before retry") - sleep 2 - success = validator.attempt_connection - end - - if success - Puppet.debug("Connected to the ES instance in #{Time.now - start_time} seconds.") - else - Puppet.notice("Failed to connect to the ES instance within timeout window of #{timeout} seconds; giving up.") - end - - success - end - - def create - # If `#create` is called, that means that `#exists?` returned false, which - # means that the connection could not be established... so we need to - # cause a failure here. - raise Puppet::Error, "Unable to connect to ES instance ! (#{@validator.instance_server}:#{@validator.instance_port})" - end - - private - - # @api private - def validator - @validator ||= Puppet::Util::EsInstanceValidator.new(resource[:server], resource[:port]) - end - -end diff --git a/elasticsearch/lib/puppet/type/elasticsearch_plugin.rb b/elasticsearch/lib/puppet/type/elasticsearch_plugin.rb deleted file mode 100644 index 6cf9c34a9..000000000 --- a/elasticsearch/lib/puppet/type/elasticsearch_plugin.rb +++ /dev/null @@ -1,35 +0,0 @@ -Puppet::Type.newtype(:elasticsearch_plugin) do - - @doc = "Plugin installation type" - - ensurable do - defaultvalues - defaultto :present - end - - newparam(:name, :namevar => true) do - desc 'An arbitrary name used as the identity of the resource.' - end - - newparam(:url) do - desc 'Url of the package' - end - - newparam(:source) do - desc 'Source of the package. puppet:// or file:// resource' - end - - newparam(:proxy_args) do - desc 'Proxy Host' - end - - newparam(:plugin_dir) do - desc 'Plugin directory' - defaultto '/usr/share/elasticsearch/plugins' - end - - newparam(:install_options) do - desc 'Installation options' - end - -end diff --git a/elasticsearch/lib/puppet/type/es_instance_conn_validator.rb b/elasticsearch/lib/puppet/type/es_instance_conn_validator.rb deleted file mode 100644 index 5ecd14d06..000000000 --- a/elasticsearch/lib/puppet/type/es_instance_conn_validator.rb +++ /dev/null @@ -1,38 +0,0 @@ -Puppet::Type.newtype(:es_instance_conn_validator) do - - @doc = "Verify that a connection can be successfully established between a node - and the Elasticsearch instance. It could potentially be used for other - purposes such as monitoring." - - ensurable do - defaultvalues - defaultto :present - end - - newparam(:name, :namevar => true) do - desc 'An arbitrary name used as the identity of the resource.' - end - - newparam(:server) do - desc 'DNS name or IP address of the server where Elasticsearch instance should be running.' - defaultto 'localhost' - end - - newparam(:port) do - desc 'The port that the Elasticsearch instance should be listening on.' - defaultto 9200 - end - - newparam(:timeout) do - desc 'The max number of seconds that the validator should wait before giving up and deciding that the Elasticsearch instance is not running; defaults to 60 seconds.' - defaultto 60 - validate do |value| - # This will raise an error if the string is not convertible to an integer - Integer(value) - end - munge do |value| - Integer(value) - end - end - -end diff --git a/elasticsearch/lib/puppet/util/es_instance_validator.rb b/elasticsearch/lib/puppet/util/es_instance_validator.rb deleted file mode 100644 index e0973148f..000000000 --- a/elasticsearch/lib/puppet/util/es_instance_validator.rb +++ /dev/null @@ -1,36 +0,0 @@ -require 'socket' -require 'timeout' - -module Puppet - module Util - class EsInstanceValidator - attr_reader :instance_server - attr_reader :instance_port - - def initialize(instance_server, instance_port) - @instance_server = instance_server - @instance_port = instance_port - end - - # Utility method; attempts to make an https connection to the Elasticsearch instance. - # This is abstracted out into a method so that it can be called multiple times - # for retry attempts. - # - # @return true if the connection is successful, false otherwise. - def attempt_connection - Timeout::timeout(Puppet[:configtimeout]) do - begin - TCPSocket.new(@instance_server, @instance_port).close - true - rescue Errno::ECONNREFUSED, Errno::EHOSTUNREACH => e - Puppet.debug "Unable to connect to Elasticsearch instance (#{@instance_server}:#{@instance_port}): #{e.message}" - false - end - end - rescue Timeout::Error - false - end - end - end -end - diff --git a/elasticsearch/manifests/config.pp b/elasticsearch/manifests/config.pp deleted file mode 100644 index fc2a89a31..000000000 --- a/elasticsearch/manifests/config.pp +++ /dev/null @@ -1,137 +0,0 @@ -# == Class: elasticsearch::config -# -# This class exists to coordinate all configuration related actions, -# functionality and logical units in a central place. -# -# -# === Parameters -# -# This class does not provide any parameters. -# -# -# === Examples -# -# This class may be imported by other classes to use its functionality: -# class { 'elasticsearch::config': } -# -# It is not intended to be used directly by external resources like node -# definitions or other modules. -# -# -# === Authors -# -# * Richard Pijnenburg -# -class elasticsearch::config { - - #### Configuration - - File { - owner => $elasticsearch::elasticsearch_user, - group => $elasticsearch::elasticsearch_group, - } - - Exec { - path => [ '/bin', '/usr/bin', '/usr/local/bin' ], - cwd => '/', - } - - if ( $elasticsearch::ensure == 'present' ) { - - $notify_service = $elasticsearch::restart_on_change ? { - true => Class['elasticsearch::service'], - false => undef, - } - - file { $elasticsearch::configdir: - ensure => directory, - mode => '0644', - } - - file { $elasticsearch::logdir: - ensure => 'directory', - group => undef, - mode => '0644', - recurse => true, - } - - file { $elasticsearch::params::homedir: - ensure => 'directory', - } - - file { $elasticsearch::datadir: - ensure => 'directory', - } - - file { "${elasticsearch::homedir}/lib": - ensure => 'directory', - recurse => true, - } - - if $elasticsearch::params::pid_dir { - file { $elasticsearch::params::pid_dir: - ensure => 'directory', - group => undef, - recurse => true, - } - - if ($elasticsearch::service_providers == 'systemd') { - $user = $elasticsearch::elasticsearch_user - $group = $elasticsearch::elasticsearch_group - $pid_dir = $elasticsearch::params::pid_dir - - file { '/usr/lib/tmpfiles.d/elasticsearch.conf': - ensure => 'file', - content => template("${module_name}/usr/lib/tmpfiles.d/elasticsearch.conf.erb"), - owner => 'root', - group => 'root', - } - } - } - - - file { "${elasticsearch::params::homedir}/templates_import": - ensure => 'directory', - mode => '0644', - } - - file { "${elasticsearch::params::homedir}/scripts": - ensure => 'directory', - mode => '0644', - } - - # Removal of files that are provided with the package which we don't use - file { '/etc/init.d/elasticsearch': - ensure => 'absent', - } - file { '/lib/systemd/system/elasticsearch.service': - ensure => 'absent', - } - - $new_init_defaults = { 'CONF_DIR' => $elasticsearch::configdir } - if $elasticsearch::params::defaults_location { - augeas { "${elasticsearch::params::defaults_location}/elasticsearch": - incl => "${elasticsearch::params::defaults_location}/elasticsearch", - lens => 'Shellvars.lns', - changes => template("${module_name}/etc/sysconfig/defaults.erb"), - } - } - - file { '/etc/elasticsearch/elasticsearch.yml': - ensure => 'absent', - } - file { '/etc/elasticsearch/logging.yml': - ensure => 'absent', - } - - } elsif ( $elasticsearch::ensure == 'absent' ) { - - file { $elasticsearch::plugindir: - ensure => 'absent', - force => true, - backup => false, - } - - } - -} diff --git a/elasticsearch/manifests/init.pp b/elasticsearch/manifests/init.pp deleted file mode 100644 index d2e0ee902..000000000 --- a/elasticsearch/manifests/init.pp +++ /dev/null @@ -1,429 +0,0 @@ -# == Class: elasticsearch -# -# This class is able to install or remove elasticsearch on a node. -# It manages the status of the related service. -# -# === Parameters -# -# [*ensure*] -# String. Controls if the managed resources shall be present or -# absent. If set to absent: -# * The managed software packages are being uninstalled. -# * Any traces of the packages will be purged as good as possible. This may -# include existing configuration files. The exact behavior is provider -# dependent. Q.v.: -# * Puppet type reference: {package, "purgeable"}[http://j.mp/xbxmNP] -# * {Puppet's package provider source code}[http://j.mp/wtVCaL] -# * System modifications (if any) will be reverted as good as possible -# (e.g. removal of created users, services, changed log settings, ...). -# * This is thus destructive and should be used with care. -# Defaults to present. -# -# [*autoupgrade*] -# Boolean. If set to true, any managed package gets upgraded -# on each Puppet run when the package provider is able to find a newer -# version than the present one. The exact behavior is provider dependent. -# Q.v.: -# * Puppet type reference: {package, "upgradeable"}[http://j.mp/xbxmNP] -# * {Puppet's package provider source code}[http://j.mp/wtVCaL] -# Defaults to false. -# -# [*status*] -# String to define the status of the service. Possible values: -# * enabled: Service is running and will be started at boot time. -# * disabled: Service is stopped and will not be started at boot -# time. -# * running: Service is running but will not be started at boot time. -# You can use this to start a service on the first Puppet run instead of -# the system startup. -# * unmanaged: Service will not be started at boot time and Puppet -# does not care whether the service is running or not. For example, this may -# be useful if a cluster management software is used to decide when to start -# the service plus assuring it is running on the desired node. -# Defaults to enabled. The singular form ("service") is used for the -# sake of convenience. Of course, the defined status affects all services if -# more than one is managed (see service.pp to check if this is the -# case). -# -# [*version*] -# String to set the specific version you want to install. -# Defaults to false. -# -# [*restart_on_change*] -# Boolean that determines if the application should be automatically restarted -# whenever the configuration changes. Disabling automatic restarts on config -# changes may be desired in an environment where you need to ensure restarts -# occur in a controlled/rolling manner rather than during a Puppet run. -# -# Defaults to true, which will restart the application on any config -# change. Setting to false disables the automatic restart. -# -# [*configdir*] -# Path to directory containing the elasticsearch configuration. -# Use this setting if your packages deviate from the norm (/etc/elasticsearch) -# -# [*plugindir*] -# Path to directory containing the elasticsearch plugins -# Use this setting if your packages deviate from the norm (/usr/share/elasticsearch/plugins) -# -# [*plugintool*] -# Path to directory containing the elasticsearch plugin installation script -# Use this setting if your packages deviate from the norm (/usr/share/elasticsearch/bin/plugin) -# -# [*package_url*] -# Url to the package to download. -# This can be a http,https or ftp resource for remote packages -# puppet:// resource or file:/ for local packages -# -# [*package_provider*] -# Way to install the packages, currently only packages are supported. -# -# [*package_dir*] -# Directory where the packages are downloaded to -# -# [*package_name*] -# Name of the package to install -# -# [*purge_package_dir*] -# Purge package directory on removal -# -# [*package_dl_timeout*] -# For http,https and ftp downloads you can set howlong the exec resource may take. -# Defaults to: 600 seconds -# -# [*proxy_url*] -# For http and https downloads you can set a proxy server to use -# Format: proto://[user:pass@]server[:port]/ -# Defaults to: undef (proxy disabled) -# -# [*elasticsearch_user*] -# The user Elasticsearch should run as. This also sets the file rights. -# -# [*elasticsearch_group*] -# The group Elasticsearch should run as. This also sets the file rights -# -# [*purge_configdir*] -# Purge the config directory for any unmanaged files -# -# [*service_provider*] -# Service provider to use. By Default when a single service provider is possibe that one is selected. -# -# [*init_defaults*] -# Defaults file content in hash representation -# -# [*init_defaults_file*] -# Defaults file as puppet resource -# -# [*init_template*] -# Service file as a template -# -# [*config*] -# Elasticsearch configuration hash -# -# [*datadir*] -# Allows you to set the data directory of Elasticsearch -# -# [*java_install*] -# Install java which is required for Elasticsearch. -# Defaults to: false -# -# [*java_package*] -# If you like to install a custom java package, put the name here. -# -# [*manage_repo*] -# Enable repo management by enabling our official repositories -# -# [*repo_version*] -# Our repositories are versioned per major version (0.90, 1.0) select here which version you want -# -# [*repo_key_id*] -# String. The apt GPG key id -# Default: D88E42B4 -# -# [*repo_key_source*] -# String. URL of the apt GPG key -# Default: http://packages.elastic.co/GPG-KEY-elasticsearch -# -# [*logging_config*] -# Hash representation of information you want in the logging.yml file -# -# [*logging_file*] -# Instead of a hash you can supply a puppet:// file source for the logging.yml file -# -# [*logging_template*] -# Use a custom logging template - just supply the reative path ie ${module}/elasticsearch/logging.yml.erb -# -# [*default_logging_level*] -# Default logging level for Elasticsearch. -# Defaults to: INFO -# -# [*repo_stage*] -# Use stdlib stage setup for managing the repo, instead of anchoring -# -# [*instances*] -# Define instances via a hash. This is mainly used with Hiera's auto binding -# Defaults to: undef -# -# [*instances_hiera_merge*] -# Enable Hiera's merging function for the instances -# Defaults to: false -# -# [*plugins*] -# Define plugins via a hash. This is mainly used with Hiera's auto binding -# Defaults to: undef -# -# [*plugins_hiera_merge*] -# Enable Hiera's merging function for the plugins -# Defaults to: false -# -# [*package_pin*] -# Enables package version pinning. -# This pins the package version to the set version number and avoids -# package upgrades. -# Defaults to: true -# -# [*logdir*] -# Use different directory for logging -# -# The default values for the parameters are set in elasticsearch::params. Have -# a look at the corresponding params.pp manifest file if you need more -# technical information about them. -# -# === Examples -# -# * Installation, make sure service is running and will be started at boot time: -# class { 'elasticsearch': } -# -# * Removal/decommissioning: -# class { 'elasticsearch': -# ensure => 'absent', -# } -# -# * Install everything but disable service(s) afterwards -# class { 'elasticsearch': -# status => 'disabled', -# } -# -# -# === Authors -# -# * Richard Pijnenburg -# -class elasticsearch( - $ensure = $elasticsearch::params::ensure, - $status = $elasticsearch::params::status, - $restart_on_change = $elasticsearch::params::restart_on_change, - $autoupgrade = $elasticsearch::params::autoupgrade, - $version = false, - $package_provider = 'package', - $package_url = undef, - $package_dir = $elasticsearch::params::package_dir, - $package_name = $elasticsearch::params::package, - $package_pin = true, - $purge_package_dir = $elasticsearch::params::purge_package_dir, - $package_dl_timeout = $elasticsearch::params::package_dl_timeout, - $proxy_url = undef, - $elasticsearch_user = $elasticsearch::params::elasticsearch_user, - $elasticsearch_group = $elasticsearch::params::elasticsearch_group, - $configdir = $elasticsearch::params::configdir, - $purge_configdir = $elasticsearch::params::purge_configdir, - $service_provider = 'init', - $init_defaults = undef, - $init_defaults_file = undef, - $init_template = "${module_name}/etc/init.d/${elasticsearch::params::init_template}", - $config = undef, - $datadir = $elasticsearch::params::datadir, - $logdir = $elasticsearch::params::logdir, - $plugindir = $elasticsearch::params::plugindir, - $plugintool = $elasticsearch::params::plugintool, - $java_install = false, - $java_package = undef, - $manage_repo = false, - $repo_version = undef, - $repo_key_id = 'D88E42B4', - $repo_key_source = 'http://packages.elastic.co/GPG-KEY-elasticsearch', - $logging_file = undef, - $logging_config = undef, - $logging_template = undef, - $default_logging_level = $elasticsearch::params::default_logging_level, - $repo_stage = false, - $instances = undef, - $instances_hiera_merge = false, - $plugins = undef, - $plugins_hiera_merge = false -) inherits elasticsearch::params { - - anchor {'elasticsearch::begin': } - - - #### Validate parameters - - # ensure - if ! ($ensure in [ 'present', 'absent' ]) { - fail("\"${ensure}\" is not a valid ensure parameter value") - } - - # autoupgrade - validate_bool($autoupgrade) - - # service status - if ! ($status in [ 'enabled', 'disabled', 'running', 'unmanaged' ]) { - fail("\"${status}\" is not a valid status parameter value") - } - - # restart on change - validate_bool($restart_on_change) - - # purge conf dir - validate_bool($purge_configdir) - - if is_array($elasticsearch::params::service_providers) { - # Verify the service provider given is in the array - if ! ($service_provider in $elasticsearch::params::service_providers) { - fail("\"${service_provider}\" is not a valid provider for \"${::operatingsystem}\"") - } - $real_service_provider = $service_provider - } else { - # There is only one option so simply set it - $real_service_provider = $elasticsearch::params::service_providers - } - - if ($package_url != undef and $version != false) { - fail('Unable to set the version number when using package_url option.') - } - - if $ensure == 'present' { - # validate config hash - if ($config != undef) { - validate_hash($config) - } - } - - # java install validation - validate_bool($java_install) - - validate_bool($manage_repo) - - if ($manage_repo == true) { - if $repo_version == undef { - fail('Please fill in a repository version at $repo_version') - } else { - validate_string($repo_version) - } - } - - if ($version != false) { - case $::osfamily { - 'RedHat', 'Linux', 'Suse': { - if ($version =~ /.+-\d/) { - $pkg_version = $version - } else { - $pkg_version = "${version}-1" - } - } - default: { - $pkg_version = $version - } - } - } - - #### Manage actions - - # package(s) - class { 'elasticsearch::package': } - - # configuration - class { 'elasticsearch::config': } - - # Hiera support for instances - validate_bool($instances_hiera_merge) - - if $instances_hiera_merge == true { - $x_instances = hiera_hash('elasticsearch::instances', $::elasticsearch::instances) - } else { - $x_instances = $instances - } - - if $x_instances { - validate_hash($x_instances) - create_resources('elasticsearch::instance', $x_instances) - } - - # Hiera support for plugins - validate_bool($plugins_hiera_merge) - - if $plugins_hiera_merge == true { - $x_plugins = hiera_hash('elasticsearch::plugins', $::elasticsearch::plugins) - } else { - $x_plugins = $plugins - } - - if $x_plugins { - validate_hash($x_plugins) - create_resources('elasticsearch::plugin', $x_plugins) - } - - - if $java_install == true { - # Install java - class { '::java': - package => $java_package, - distribution => 'jre', - } - - # ensure we first install java, the package and then the rest - Anchor['elasticsearch::begin'] - -> Class['::java'] - -> Class['elasticsearch::package'] - } - - if ($manage_repo == true) { - - if ($repo_stage == false) { - # use anchor for ordering - - # Set up repositories - class { 'elasticsearch::repo': } - - # Ensure that we set up the repositories before trying to install - # the packages - Anchor['elasticsearch::begin'] - -> Class['elasticsearch::repo'] - -> Class['elasticsearch::package'] - - } else { - # use staging for ordering - - if !(defined(Stage[$repo_stage])) { - stage { $repo_stage: before => Stage['main'] } - } - - class { 'elasticsearch::repo': - stage => $repo_stage, - } - } - } - - #### Manage relationships - - if $ensure == 'present' { - - # we need the software before configuring it - Anchor['elasticsearch::begin'] - -> Class['elasticsearch::package'] - -> Class['elasticsearch::config'] - -> Elasticsearch::Plugin <| |> - -> Elasticsearch::Instance <| |> - -> Elasticsearch::Template <| |> - - } else { - - # make sure all services are getting stopped before software removal - Anchor['elasticsearch::begin'] - -> Elasticsearch::Instance <| |> - -> Class['elasticsearch::config'] - -> Class['elasticsearch::package'] - - } - -} diff --git a/elasticsearch/manifests/instance.pp b/elasticsearch/manifests/instance.pp deleted file mode 100644 index 7c2f7aed3..000000000 --- a/elasticsearch/manifests/instance.pp +++ /dev/null @@ -1,357 +0,0 @@ -# == Define: elasticsearch::instance -# -# This define allows you to create or remove an elasticsearch instance -# -# === Parameters -# -# [*ensure*] -# String. Controls if the managed resources shall be present or -# absent. If set to absent: -# * The managed software packages are being uninstalled. -# * Any traces of the packages will be purged as good as possible. This may -# include existing configuration files. The exact behavior is provider -# dependent. Q.v.: -# * Puppet type reference: {package, "purgeable"}[http://j.mp/xbxmNP] -# * {Puppet's package provider source code}[http://j.mp/wtVCaL] -# * System modifications (if any) will be reverted as good as possible -# (e.g. removal of created users, services, changed log settings, ...). -# * This is thus destructive and should be used with care. -# Defaults to present. -# -# [*status*] -# String to define the status of the service. Possible values: -# * enabled: Service is running and will be started at boot time. -# * disabled: Service is stopped and will not be started at boot -# time. -# * running: Service is running but will not be started at boot time. -# You can use this to start a service on the first Puppet run instead of -# the system startup. -# * unmanaged: Service will not be started at boot time and Puppet -# does not care whether the service is running or not. For example, this may -# be useful if a cluster management software is used to decide when to start -# the service plus assuring it is running on the desired node. -# Defaults to enabled. The singular form ("service") is used for the -# sake of convenience. Of course, the defined status affects all services if -# more than one is managed (see service.pp to check if this is the -# case). -# -# [*config*] -# Elasticsearch configuration hash -# -# [*configdir*] -# Path to directory containing the elasticsearch configuration. -# Use this setting if your packages deviate from the norm (/etc/elasticsearch) -# -# [*datadir*] -# Allows you to set the data directory of Elasticsearch -# -# [*logging_file*] -# Instead of a hash you can supply a puppet:// file source for the logging.yml file -# -# [*logging_config*] -# Hash representation of information you want in the logging.yml file -# -# [*logging_template*] -# Use a custom logging template - just supply the reative path ie ${module}/elasticsearch/logging.yml.erb -# -# [*logging_level*] -# Default logging level for Elasticsearch. -# Defaults to: INFO -# -# [*init_defaults*] -# Defaults file content in hash representation -# -# [*init_defaults_file*] -# Defaults file as puppet resource -# -# [*service_flags*] -# Service flags used for the OpenBSD service configuration, defaults to undef. -# -# [*init_template*] -# Service file as a template -# -# [*logdir*] -# Log directory for this instance. -# -# === Authors -# -# * Richard Pijnenburg -# -define elasticsearch::instance( - $ensure = $elasticsearch::ensure, - $status = $elasticsearch::status, - $config = undef, - $configdir = undef, - $datadir = undef, - $logdir = undef, - $logging_file = undef, - $logging_config = undef, - $logging_template = undef, - $logging_level = $elasticsearch::default_logging_level, - $service_flags = undef, - $init_defaults = undef, - $init_defaults_file = undef, - $init_template = $elasticsearch::init_template -) { - - require elasticsearch::params - - File { - owner => $elasticsearch::elasticsearch_user, - group => $elasticsearch::elasticsearch_group, - } - - Exec { - path => [ '/bin', '/usr/bin', '/usr/local/bin' ], - cwd => '/', - } - - # ensure - if ! ($ensure in [ 'present', 'absent' ]) { - fail("\"${ensure}\" is not a valid ensure parameter value") - } - - $notify_service = $elasticsearch::restart_on_change ? { - true => Elasticsearch::Service[$name], - false => undef, - } - - # Instance config directory - if ($configdir == undef) { - $instance_configdir = "${elasticsearch::configdir}/${name}" - } else { - $instance_configdir = $configdir - } - - if ($ensure == 'present') { - - # Configuration hash - if ($config == undef) { - $instance_config = {} - } else { - validate_hash($config) - $instance_config = $config - } - - if(has_key($instance_config, 'node.name')) { - $instance_node_name = {} - } elsif(has_key($instance_config,'node')) { - if(has_key($instance_config['node'], 'name')) { - $instance_node_name = {} - } else { - $instance_node_name = { 'node.name' => "${::hostname}-${name}" } - } - } else { - $instance_node_name = { 'node.name' => "${::hostname}-${name}" } - } - - # String or array for data dir(s) - if ($datadir == undef) { - if (is_array($elasticsearch::datadir)) { - $instance_datadir = array_suffix($elasticsearch::datadir, "/${name}") - } else { - $instance_datadir = "${elasticsearch::datadir}/${name}" - } - } else { - $instance_datadir = $datadir - } - - # Logging file or hash - if ($logging_file != undef) { - $logging_source = $logging_file - $logging_content = undef - } elsif ($elasticsearch::logging_file != undef) { - $logging_source = $elasticsearch::logging_file - $logging_content = undef - } else { - - if(is_hash($elasticsearch::logging_config)) { - $main_logging_config = $elasticsearch::logging_config - } else { - $main_logging_config = { } - } - - if(is_hash($logging_config)) { - $instance_logging_config = $logging_config - } else { - $instance_logging_config = { } - } - $logging_hash = merge($elasticsearch::params::logging_defaults, $main_logging_config, $instance_logging_config) - if ($logging_template != undef ) { - $logging_content = template($logging_template) - } elsif ($elasticsearch::logging_template != undef) { - $logging_content = template($elasticsearch::logging_template) - } else { - $logging_content = template("${module_name}/etc/elasticsearch/logging.yml.erb") - } - $logging_source = undef - } - - if ($elasticsearch::config != undef) { - $main_config = $elasticsearch::config - } else { - $main_config = { } - } - - if(has_key($instance_config, 'path.data')) { - $instance_datadir_config = { 'path.data' => $instance_datadir } - } elsif(has_key($instance_config, 'path')) { - if(has_key($instance_config['path'], 'data')) { - $instance_datadir_config = { 'path' => { 'data' => $instance_datadir } } - } else { - $instance_datadir_config = { 'path.data' => $instance_datadir } - } - } else { - $instance_datadir_config = { 'path.data' => $instance_datadir } - } - - if(is_array($instance_datadir)) { - $dirs = join($instance_datadir, ' ') - } else { - $dirs = $instance_datadir - } - - # Manage instance log directory - if ($logdir == undef) { - $instance_logdir = "${elasticsearch::logdir}/${name}" - } else { - $instance_logdir = $logdir - } - - if(has_key($instance_config, 'path.logs')) { - $instance_logdir_config = { 'path.logs' => $instance_logdir } - } elsif(has_key($instance_config, 'path')) { - if(has_key($instance_config['path'], 'logs')) { - $instance_logdir_config = { 'path' => { 'logs' => $instance_logdir } } - } else { - $instance_logdir_config = { 'path.logs' => $instance_logdir } - } - } else { - $instance_logdir_config = { 'path.logs' => $instance_logdir } - } - - file { $instance_logdir: - ensure => 'directory', - owner => $elasticsearch::elasticsearch_user, - group => undef, - mode => '0644', - require => Class['elasticsearch::package'], - before => Elasticsearch::Service[$name], - } - - exec { "mkdir_datadir_elasticsearch_${name}": - command => "mkdir -p ${dirs}", - creates => $instance_datadir, - require => Class['elasticsearch::package'], - before => Elasticsearch::Service[$name], - } - - file { $instance_datadir: - ensure => 'directory', - owner => $elasticsearch::elasticsearch_user, - group => undef, - mode => '0644', - require => [ Exec["mkdir_datadir_elasticsearch_${name}"], Class['elasticsearch::package'] ], - before => Elasticsearch::Service[$name], - } - - exec { "mkdir_configdir_elasticsearch_${name}": - command => "mkdir -p ${instance_configdir}", - creates => $elasticsearch::configdir, - require => Class['elasticsearch::package'], - before => Elasticsearch::Service[$name], - } - - file { $instance_configdir: - ensure => 'directory', - mode => '0644', - purge => $elasticsearch::purge_configdir, - force => $elasticsearch::purge_configdir, - require => [ Exec["mkdir_configdir_elasticsearch_${name}"], Class['elasticsearch::package'] ], - before => Elasticsearch::Service[$name], - } - - file { "${instance_configdir}/logging.yml": - ensure => file, - content => $logging_content, - source => $logging_source, - mode => '0644', - notify => $notify_service, - require => Class['elasticsearch::package'], - before => Elasticsearch::Service[$name], - } - - file { "${instance_configdir}/scripts": - ensure => 'link', - target => "${elasticsearch::params::homedir}/scripts", - } - - # build up new config - $instance_conf = merge($main_config, $instance_node_name, $instance_config, $instance_datadir_config, $instance_logdir_config) - - # defaults file content - # ensure user did not provide both init_defaults and init_defaults_file - if (($init_defaults != undef) and ($init_defaults_file != undef)) { - fail ('Only one of $init_defaults and $init_defaults_file should be defined') - } - - if (is_hash($elasticsearch::init_defaults)) { - $global_init_defaults = $elasticsearch::init_defaults - } else { - $global_init_defaults = { } - } - - $instance_init_defaults_main = { 'CONF_DIR' => $instance_configdir, 'CONF_FILE' => "${instance_configdir}/elasticsearch.yml", 'LOG_DIR' => $instance_logdir, 'ES_HOME' => '/usr/share/elasticsearch' } - - if (is_hash($init_defaults)) { - $instance_init_defaults = $init_defaults - } else { - $instance_init_defaults = { } - } - $init_defaults_new = merge($global_init_defaults, $instance_init_defaults_main, $instance_init_defaults ) - - $user = $elasticsearch::elasticsearch_user - $group = $elasticsearch::elasticsearch_group - - datacat_fragment { "main_config_${name}": - target => "${instance_configdir}/elasticsearch.yml", - data => $instance_conf, - } - - datacat { "${instance_configdir}/elasticsearch.yml": - template => "${module_name}/etc/elasticsearch/elasticsearch.yml.erb", - notify => $notify_service, - require => Class['elasticsearch::package'], - owner => $elasticsearch::elasticsearch_user, - group => $elasticsearch::elasticsearch_group, - } - - $require_service = Class['elasticsearch::package'] - $before_service = undef - - } else { - - file { $instance_configdir: - ensure => 'absent', - recurse => true, - force => true, - } - - $require_service = undef - $before_service = File[$instance_configdir] - - $init_defaults_new = {} - } - - elasticsearch::service { $name: - ensure => $ensure, - status => $status, - service_flags => $service_flags, - init_defaults => $init_defaults_new, - init_defaults_file => $init_defaults_file, - init_template => $init_template, - require => $require_service, - before => $before_service, - } - -} diff --git a/elasticsearch/manifests/package.pp b/elasticsearch/manifests/package.pp deleted file mode 100644 index e8d7e26ff..000000000 --- a/elasticsearch/manifests/package.pp +++ /dev/null @@ -1,185 +0,0 @@ -# == Class: elasticsearch::package -# -# This class exists to coordinate all software package management related -# actions, functionality and logical units in a central place. -# -# -# === Parameters -# -# This class does not provide any parameters. -# -# -# === Examples -# -# This class may be imported by other classes to use its functionality: -# class { 'elasticsearch::package': } -# -# It is not intended to be used directly by external resources like node -# definitions or other modules. -# -# -# === Authors -# -# * Richard Pijnenburg -# -class elasticsearch::package { - - Exec { - path => [ '/bin', '/usr/bin', '/usr/local/bin' ], - cwd => '/', - tries => 3, - try_sleep => 10, - } - - #### Package management - - - # set params: in operation - if $elasticsearch::ensure == 'present' { - - Package[$elasticsearch::package_name] ~> Elasticsearch::Service <| |> - Package[$elasticsearch::package_name] ~> Exec['remove_plugin_dir'] - - # Create directory to place the package file - $package_dir = $elasticsearch::package_dir - exec { 'create_package_dir_elasticsearch': - cwd => '/', - path => ['/usr/bin', '/bin'], - command => "mkdir -p ${package_dir}", - creates => $package_dir, - } - - file { $package_dir: - ensure => 'directory', - purge => $elasticsearch::purge_package_dir, - force => $elasticsearch::purge_package_dir, - backup => false, - require => Exec['create_package_dir_elasticsearch'], - } - - # Check if we want to install a specific version or not - if $elasticsearch::version == false { - - $package_ensure = $elasticsearch::autoupgrade ? { - true => 'latest', - false => 'present', - } - - } else { - - # install specific version - $package_ensure = $elasticsearch::pkg_version - - } - - # action - if ($elasticsearch::package_url != undef) { - - case $elasticsearch::package_provider { - 'package': { $before = Package[$elasticsearch::package_name] } - default: { fail("software provider \"${elasticsearch::package_provider}\".") } - } - - - $filenameArray = split($elasticsearch::package_url, '/') - $basefilename = $filenameArray[-1] - - $sourceArray = split($elasticsearch::package_url, ':') - $protocol_type = $sourceArray[0] - - $extArray = split($basefilename, '\.') - $ext = $extArray[-1] - - $pkg_source = "${package_dir}/${basefilename}" - - case $protocol_type { - - 'puppet': { - - file { $pkg_source: - ensure => file, - source => $elasticsearch::package_url, - require => File[$package_dir], - backup => false, - before => $before, - } - - } - 'ftp', 'https', 'http': { - - if $elasticsearch::proxy_url != undef { - $exec_environment = [ - 'use_proxy=yes', - "http_proxy=${elasticsearch::proxy_url}", - "https_proxy=${elasticsearch::proxy_url}", - ] - } - - exec { 'download_package_elasticsearch': - command => "${elasticsearch::params::download_tool} ${pkg_source} ${elasticsearch::package_url} 2> /dev/null", - creates => $pkg_source, - environment => $exec_environment, - timeout => $elasticsearch::package_dl_timeout, - require => File[$package_dir], - before => $before, - } - - } - 'file': { - - $source_path = $sourceArray[1] - file { $pkg_source: - ensure => file, - source => $source_path, - require => File[$package_dir], - backup => false, - before => $before, - } - - } - default: { - fail("Protocol must be puppet, file, http, https, or ftp. You have given \"${protocol_type}\"") - } - } - - if ($elasticsearch::package_provider == 'package') { - - case $ext { - 'deb': { Package { provider => 'dpkg', source => $pkg_source } } - 'rpm': { Package { provider => 'rpm', source => $pkg_source } } - default: { fail("Unknown file extention \"${ext}\".") } - } - - } - - } - - # Package removal - } else { - - if ($::operatingsystem == 'OpenSuSE') { - Package { - provider => 'rpm', - } - } - $package_ensure = 'purged' - - } - - if ($elasticsearch::package_provider == 'package') { - - package { $elasticsearch::package_name: - ensure => $package_ensure, - } - - exec { 'remove_plugin_dir': - refreshonly => true, - command => "rm -rf ${elasticsearch::plugindir}", - } - - - } else { - fail("\"${elasticsearch::package_provider}\" is not supported") - } - -} diff --git a/elasticsearch/manifests/params.pp b/elasticsearch/manifests/params.pp deleted file mode 100644 index 249c1fcc0..000000000 --- a/elasticsearch/manifests/params.pp +++ /dev/null @@ -1,263 +0,0 @@ -# == Class: elasticsearch::params -# -# This class exists to -# 1. Declutter the default value assignment for class parameters. -# 2. Manage internally used module variables in a central place. -# -# Therefore, many operating system dependent differences (names, paths, ...) -# are addressed in here. -# -# -# === Parameters -# -# This class does not provide any parameters. -# -# -# === Examples -# -# This class is not intended to be used directly. -# -# -# === Links -# -# * {Puppet Docs: Using Parameterized Classes}[http://j.mp/nVpyWY] -# -# -# === Authors -# -# * Richard Pijnenburg -# -class elasticsearch::params { - - #### Default values for the parameters of the main module class, init.pp - - # ensure - $ensure = 'present' - - # autoupgrade - $autoupgrade = false - - # service status - $status = 'enabled' - - # restart on configuration change? - $restart_on_change = true - - # Purge configuration directory - $purge_configdir = false - - $purge_package_dir = false - - # package download timeout - $package_dl_timeout = 600 # 300 seconds is default of puppet - - $default_logging_level = 'INFO' - - $logging_defaults = { - 'action' => 'DEBUG', - 'com.amazonaws' => 'WARN', - 'index.search.slowlog' => 'TRACE, index_search_slow_log_file', - 'index.indexing.slowlog' => 'TRACE, index_indexing_slow_log_file', - } - - #### Internal module values - - # User and Group for the files and user to run the service as. - case $::kernel { - 'Linux': { - $elasticsearch_user = 'elasticsearch' - $elasticsearch_group = 'elasticsearch' - } - 'Darwin': { - $elasticsearch_user = 'elasticsearch' - $elasticsearch_group = 'elasticsearch' - } - 'OpenBSD': { - $elasticsearch_user = '_elasticsearch' - $elasticsearch_group = '_elasticsearch' - } - default: { - fail("\"${module_name}\" provides no user/group default value - for \"${::kernel}\"") - } - } - - # Download tool - - case $::kernel { - 'Linux': { - $download_tool = 'wget --no-check-certificate -O' - } - 'Darwin': { - $download_tool = 'curl --insecure -o' - } - 'OpenBSD': { - $download_tool = 'ftp -o' - } - default: { - fail("\"${module_name}\" provides no download tool default value - for \"${::kernel}\"") - } - } - - # Different path definitions - case $::kernel { - 'Linux': { - $configdir = '/etc/elasticsearch' - $logdir = '/var/log/elasticsearch' - $package_dir = '/opt/elasticsearch/swdl' - $installpath = '/opt/elasticsearch' - $homedir = '/usr/share/elasticsearch' - $plugindir = "${homedir}/plugins" - $plugintool = "${homedir}/bin/plugin" - $datadir = '/usr/share/elasticsearch/data' - } - 'OpenBSD': { - $configdir = '/etc/elasticsearch' - $logdir = '/var/log/elasticsearch' - $package_dir = '/var/cache/elasticsearch' - $installpath = undef - $homedir = '/usr/local/elasticsearch' - $plugindir = "${homedir}/plugins" - $plugintool = "${homedir}/bin/plugin" - $datadir = '/var/elasticsearch/data' - } - default: { - fail("\"${module_name}\" provides no config directory default value - for \"${::kernel}\"") - } - } - - # packages - case $::operatingsystem { - 'RedHat', 'CentOS', 'Fedora', 'Scientific', 'Amazon', 'OracleLinux', 'SLC': { - # main application - $package = [ 'elasticsearch' ] - } - 'Debian', 'Ubuntu': { - # main application - $package = [ 'elasticsearch' ] - } - 'OpenSuSE': { - $package = [ 'elasticsearch' ] - } - 'Gentoo': { - $package = [ 'app-misc/elasticsearch' ] - } - 'OpenBSD': { - $package = [ 'elasticsearch' ] - } - default: { - fail("\"${module_name}\" provides no package default value - for \"${::operatingsystem}\"") - } - } - - # service parameters - case $::operatingsystem { - 'RedHat', 'CentOS', 'Fedora', 'Scientific', 'OracleLinux', 'SLC': { - $service_name = 'elasticsearch' - $service_hasrestart = true - $service_hasstatus = true - $service_pattern = $service_name - $defaults_location = '/etc/sysconfig' - $pid_dir = '/var/run/elasticsearch' - - if versioncmp($::operatingsystemmajrelease, '7') >= 0 { - $init_template = 'elasticsearch.systemd.erb' - $service_providers = 'systemd' - } else { - $init_template = 'elasticsearch.RedHat.erb' - $service_providers = 'init' - } - - } - 'Amazon': { - $service_name = 'elasticsearch' - $service_hasrestart = true - $service_hasstatus = true - $service_pattern = $service_name - $defaults_location = '/etc/sysconfig' - $pid_dir = '/var/run/elasticsearch' - $init_template = 'elasticsearch.RedHat.erb' - $service_providers = 'init' - } - 'Debian': { - $service_name = 'elasticsearch' - $service_hasrestart = true - $service_hasstatus = true - $service_pattern = $service_name - $defaults_location = '/etc/default' - if versioncmp($::operatingsystemmajrelease, '8') >= 0 { - $init_template = 'elasticsearch.systemd.erb' - $service_providers = 'systemd' - $pid_dir = '/var/run/elasticsearch' - } else { - $init_template = 'elasticsearch.Debian.erb' - $service_providers = [ 'init' ] - $pid_dir = false - } - } - 'Ubuntu': { - $service_name = 'elasticsearch' - $service_hasrestart = true - $service_hasstatus = true - $service_pattern = $service_name - $defaults_location = '/etc/default' - - if versioncmp($::operatingsystemmajrelease, '15') >= 0 { - $init_template = 'elasticsearch.systemd.erb' - $service_providers = 'systemd' - $pid_dir = '/var/run/elasticsearch' - } else { - $init_template = 'elasticsearch.Debian.erb' - $service_providers = [ 'init' ] - $pid_dir = false - } - } - 'Darwin': { - $service_name = 'FIXME/TODO' - $service_hasrestart = true - $service_hasstatus = true - $service_pattern = $service_name - $service_providers = 'launchd' - $defaults_location = false - $pid_dir = false - } - 'OpenSuSE': { - $service_name = 'elasticsearch' - $service_hasrestart = true - $service_hasstatus = true - $service_pattern = $service_name - $service_providers = 'systemd' - $defaults_location = '/etc/sysconfig' - $init_template = 'elasticsearch.systemd.erb' - $pid_dir = '/var/run/elasticsearch' - } - 'Gentoo': { - $service_name = 'elasticsearch' - $service_hasrestart = true - $service_hasstatus = true - $service_pattern = $service_name - $service_providers = 'openrc' - $defaults_location = '/etc/conf.d' - $init_template = 'elasticsearch.openrc.erb' - $pid_dir = '/run/elasticsearch' - } - 'OpenBSD': { - $service_name = 'elasticsearch' - $service_hasrestart = true - $service_hasstatus = true - $service_pattern = undef - $service_providers = 'openbsd' - $defaults_location = undef - $init_template = 'elasticsearch.OpenBSD.erb' - $pid_dir = '/var/run/elasticsearch' - } - default: { - fail("\"${module_name}\" provides no service parameters - for \"${::operatingsystem}\"") - } - } - -} diff --git a/elasticsearch/manifests/plugin.pp b/elasticsearch/manifests/plugin.pp deleted file mode 100644 index d3011bedc..000000000 --- a/elasticsearch/manifests/plugin.pp +++ /dev/null @@ -1,154 +0,0 @@ -# == Define: elasticsearch::plugin -# -# This define allows you to install arbitrary Elasticsearch plugins -# either by using the default repositories or by specifying an URL -# -# All default values are defined in the elasticsearch::params class. -# -# -# === Parameters -# -# [*module_dir*] -# Directory name where the module will be installed -# Value type is string -# Default value: None -# This variable is deprecated -# -# [*ensure*] -# Whether the plugin will be installed or removed. -# Set to 'absent' to ensure a plugin is not installed -# Value type is string -# Default value: present -# This variable is optional -# -# [*url*] -# Specify an URL where to download the plugin from. -# Value type is string -# Default value: None -# This variable is optional -# -# [*source*] -# Specify the source of the plugin. -# This will copy over the plugin to the node and use it for installation. -# Useful for offline installation -# Value type is string -# This variable is optional -# -# [*proxy_host*] -# Proxy host to use when installing the plugin -# Value type is string -# Default value: None -# This variable is optional -# -# [*proxy_port*] -# Proxy port to use when installing the plugin -# Value type is number -# Default value: None -# This variable is optional -# -# [*instances*] -# Specify all the instances related -# value type is string or array -# -# [*install_options*] -# Pass options to the plugin installer -# -# === Examples -# -# # From official repository -# elasticsearch::plugin{'mobz/elasticsearch-head': module_dir => 'head'} -# -# # From custom url -# elasticsearch::plugin{ 'elasticsearch-jetty': -# module_dir => 'elasticsearch-jetty', -# url => 'https://oss-es-plugins.s3.amazonaws.com/elasticsearch-jetty/elasticsearch-jetty-0.90.0.zip', -# } -# -# === Authors -# -# * Matteo Sessa -# * Dennis Konert -# * Richard Pijnenburg -# -define elasticsearch::plugin( - $instances, - $module_dir = undef, - $ensure = 'present', - $url = undef, - $source = undef, - $proxy_host = undef, - $proxy_port = undef, - $install_options = undef -) { - - include elasticsearch - - $notify_service = $elasticsearch::restart_on_change ? { - false => undef, - default => Elasticsearch::Service[$instances], - } - - if ($module_dir != undef) { - warning("module_dir settings is deprecated for plugin ${name}. The directory is now auto detected.") - } - - # set proxy by override or parse and use proxy_url from - # elasticsearch::proxy_url or use no proxy at all - - if ($proxy_host != undef and $proxy_port != undef) { - $proxy = "-DproxyPort=${proxy_port} -DproxyHost=${proxy_host}" - } - elsif ($elasticsearch::proxy_url != undef) { - $proxy_host_from_url = regsubst($elasticsearch::proxy_url, '(http|https)://([^:]+)(|:\d+).+', '\2') - $proxy_port_from_url = regsubst($elasticsearch::proxy_url, '(?:http|https)://[^:/]+(?::([0-9]+))?(?:/.*)?', '\1') - - # validate parsed values before using them - if (is_string($proxy_host_from_url) and is_integer($proxy_port_from_url)) { - $proxy = "-DproxyPort=${proxy_port_from_url} -DproxyHost=${proxy_host_from_url}" - } - } - else { - $proxy = undef - } - - if ($source != undef) { - - $filenameArray = split($source, '/') - $basefilename = $filenameArray[-1] - - $file_source = "${elasticsearch::package_dir}/${basefilename}" - - file { $file_source: - ensure => 'file', - source => $source, - before => Elasticsearch_plugin[$name], - } - - } elsif ($url != undef) { - validate_string($url) - } - - case $ensure { - 'installed', 'present': { - - elasticsearch_plugin { $name: - ensure => 'present', - source => $file_source, - url => $url, - proxy_args => $proxy, - plugin_dir => $::elasticsearch::plugindir, - install_options => $install_options, - notify => $notify_service, - } - - } - 'absent': { - elasticsearch_plugin { $name: - ensure => absent, - } - } - default: { - fail("${ensure} is not a valid ensure command.") - } - } -} diff --git a/elasticsearch/manifests/python.pp b/elasticsearch/manifests/python.pp deleted file mode 100644 index fee783a76..000000000 --- a/elasticsearch/manifests/python.pp +++ /dev/null @@ -1,70 +0,0 @@ -# == Define: elasticsearch::python -# -# there are many python bindings for elasticsearch. This provides all -# the ones we know about http://www.elasticsearch.org/guide/clients/ -# -# === Parameters -# -# [*ensure*] -# String. Controls if the managed resources shall be present or -# absent. If set to absent: -# * The managed software packages are being uninstalled. -# * Any traces of the packages will be purged as good as possible. This may -# include existing configuration files. The exact behavior is provider -# dependent. Q.v.: -# * Puppet type reference: {package, "purgeable"}[http://j.mp/xbxmNP] -# * {Puppet's package provider source code}[http://j.mp/wtVCaL] -# * System modifications (if any) will be reverted as good as possible -# (e.g. removal of created users, services, changed log settings, ...). -# * This is thus destructive and should be used with care. -# Defaults to present. -# -# === Examples -# -# elasticsearch::python { 'pyes':; } -# -# === Authors -# -# * Richard Pijnenburg -# -define elasticsearch::python ( - $ensure = 'present' -) { - - if ! ($ensure in [ 'present', 'absent' ]) { - fail("\"${ensure}\" is not a valid ensure parameter value") - } - - # make sure the package name is valid and setup the provider as - # necessary - case $name { - 'pyes': { - $provider = 'pip' - } - 'rawes': { - $provider = 'pip' - } - 'pyelasticsearch': { - $provider = 'pip' - } - 'ESClient': { - $provider = 'pip' - } - 'elasticutils': { - $provider = 'pip' - } - 'elasticsearch': { - $provider = 'pip' - } - default: { - fail("unknown python binding package '${name}'") - } - } - - package { "python_${name}": - ensure => $ensure, - name => $name, - provider => $provider, - } - -} diff --git a/elasticsearch/manifests/repo.pp b/elasticsearch/manifests/repo.pp deleted file mode 100644 index 36cd549ef..000000000 --- a/elasticsearch/manifests/repo.pp +++ /dev/null @@ -1,106 +0,0 @@ -# == Class: elasticsearch::repo -# -# This class exists to install and manage yum and apt repositories -# that contain elasticsearch official elasticsearch packages -# -# -# === Parameters -# -# This class does not provide any parameters. -# -# -# === Examples -# -# This class may be imported by other classes to use its functionality: -# class { 'elasticsearch::repo': } -# -# It is not intended to be used directly by external resources like node -# definitions or other modules. -# -# -# === Authors -# -# * Phil Fenstermacher -# * Richard Pijnenburg -# -class elasticsearch::repo { - - Exec { - path => [ '/bin', '/usr/bin', '/usr/local/bin' ], - cwd => '/', - } - - case $::osfamily { - 'Debian': { - include ::apt - Class['apt::update'] -> Package[$elasticsearch::package_name] - - apt::source { 'elasticsearch': - location => "http://packages.elastic.co/elasticsearch/${elasticsearch::repo_version}/debian", - release => 'stable', - repos => 'main', - key => $::elasticsearch::repo_key_id, - key_source => $::elasticsearch::repo_key_source, - include_src => false, - } - } - 'RedHat', 'Linux': { - yumrepo { 'elasticsearch': - descr => 'elasticsearch repo', - baseurl => "http://packages.elastic.co/elasticsearch/${elasticsearch::repo_version}/centos", - gpgcheck => 1, - gpgkey => $::elasticsearch::repo_key_source, - enabled => 1, - } - } - 'Suse': { - exec { 'elasticsearch_suse_import_gpg': - command => "rpmkeys --import ${::elasticsearch::repo_key_source}", - unless => "test $(rpm -qa gpg-pubkey | grep -i '${::elasticsearch::repo_key_id}' | wc -l) -eq 1 ", - notify => [ Zypprepo['elasticsearch'] ], - } - - zypprepo { 'elasticsearch': - baseurl => "http://packages.elastic.co/elasticsearch/${elasticsearch::repo_version}/centos", - enabled => 1, - autorefresh => 1, - name => 'elasticsearch', - gpgcheck => 1, - gpgkey => $::elasticsearch::repo_key_source, - type => 'yum', - } - } - default: { - fail("\"${module_name}\" provides no repository information for OSfamily \"${::osfamily}\"") - } - } - - # Package pinning - - case $::osfamily { - 'Debian': { - include ::apt - - if ($elasticsearch::package_pin == true and $elasticsearch::version != false) { - apt::pin { $elasticsearch::package_name: - ensure => 'present', - packages => $elasticsearch::package_name, - version => $elasticsearch::version, - priority => 1000, - } - } - - } - 'RedHat', 'Linux': { - - if ($elasticsearch::package_pin == true and $elasticsearch::version != false) { - yum::versionlock { "0:elasticsearch-${elasticsearch::pkg_version}.noarch": - ensure => 'present', - } - } - } - default: { - warning("Unable to pin package for OSfamily \"${::osfamily}\".") - } - } -} diff --git a/elasticsearch/manifests/ruby.pp b/elasticsearch/manifests/ruby.pp deleted file mode 100644 index aba0bd7e5..000000000 --- a/elasticsearch/manifests/ruby.pp +++ /dev/null @@ -1,67 +0,0 @@ -# == Define: elasticsearch::ruby -# -# there are many ruby bindings for elasticsearch. This provides all -# the ones we know about http://www.elasticsearch.org/guide/clients/ -# -# === Parameters -# -# [*ensure*] -# String. Controls if the managed resources shall be present or -# absent. If set to absent: -# * The managed software packages are being uninstalled. -# * Any traces of the packages will be purged as good as possible. This may -# include existing configuration files. The exact behavior is provider -# dependent. Q.v.: -# * Puppet type reference: {package, "purgeable"}[http://j.mp/xbxmNP] -# * {Puppet's package provider source code}[http://j.mp/wtVCaL] -# * System modifications (if any) will be reverted as good as possible -# (e.g. removal of created users, services, changed log settings, ...). -# * This is thus destructive and should be used with care. -# Defaults to present. -# -# === Examples -# -# elasticsearch::ruby { 'elasticsearch':; } -# -# === Authors -# -# * Richard Pijnenburg -# -define elasticsearch::ruby ( - $ensure = 'present' -) { - - if ! ($ensure in [ 'present', 'absent' ]) { - fail("\"${ensure}\" is not a valid ensure parameter value") - } - - # make sure the package name is valid and setup the provider as - # necessary - case $name { - 'tire': { - $provider = 'gem' - } - 'stretcher': { - $provider = 'gem' - } - 'elastic_searchable': { - $provider = 'gem' - } - 'elasticsearch': { - $provider = 'gem' - } - 'flex': { - $provider = 'gem' - } - default: { - fail("unknown ruby client package '${name}'") - } - } - - package { "ruby_${name}": - ensure => $ensure, - name => $name, - provider => $provider, - } - -} diff --git a/elasticsearch/manifests/script.pp b/elasticsearch/manifests/script.pp deleted file mode 100644 index b2348695d..000000000 --- a/elasticsearch/manifests/script.pp +++ /dev/null @@ -1,55 +0,0 @@ -# == Define: elasticsearch::script -# -# This define allows you to insert, update or delete scripts that are used within Elasticsearch -# -# === Parameters -# -# [*ensure*] -# String. Controls if the managed resources shall be present or -# absent. If set to absent: -# * The managed software packages are being uninstalled. -# * Any traces of the packages will be purged as good as possible. This may -# include existing configuration files. The exact behavior is provider -# dependent. Q.v.: -# * Puppet type reference: {package, "purgeable"}[http://j.mp/xbxmNP] -# * {Puppet's package provider source code}[http://j.mp/wtVCaL] -# * System modifications (if any) will be reverted as good as possible -# (e.g. removal of created users, services, changed log settings, ...). -# * This is thus destructive and should be used with care. -# Defaults to present. -# -# [*source*] -# Puppet source of the script -# Value type is string -# Default value: undef -# This variable is mandatory -# -# === Authors -# -# * Richard Pijnenburg -# -define elasticsearch::script( - $source, - $ensure = 'present', -) { - - require elasticsearch - - # ensure - if ! ($ensure in [ 'present', 'absent' ]) { - fail("\"${ensure}\" is not a valid ensure parameter value") - } - - validate_re($source, '^(puppet|file)://') - - $filenameArray = split($source, '/') - $basefilename = $filenameArray[-1] - - file { "${elasticsearch::params::homedir}/scripts/${basefilename}": - ensure => $ensure, - source => $source, - owner => $elasticsearch::elasticsearch_user, - group => $elasticsearch::elasticsearch_group, - mode => '0644', - } -} diff --git a/elasticsearch/manifests/service.pp b/elasticsearch/manifests/service.pp deleted file mode 100644 index f620208ac..000000000 --- a/elasticsearch/manifests/service.pp +++ /dev/null @@ -1,112 +0,0 @@ -# == Class: elasticsearch::service -# -# This class exists to coordinate all service management related actions, -# functionality and logical units in a central place. -# -# Note: "service" is the Puppet term and type for background processes -# in general and is used in a platform-independent way. E.g. "service" means -# "daemon" in relation to Unix-like systems. -# -# -# === Parameters -# -# [*ensure*] -# String. Controls if the managed resources shall be present or -# absent. If set to absent: -# * The managed software packages are being uninstalled. -# * Any traces of the packages will be purged as good as possible. This may -# include existing configuration files. The exact behavior is provider -# dependent. Q.v.: -# * Puppet type reference: {package, "purgeable"}[http://j.mp/xbxmNP] -# * {Puppet's package provider source code}[http://j.mp/wtVCaL] -# * System modifications (if any) will be reverted as good as possible -# (e.g. removal of created users, services, changed log settings, ...). -# * This is thus destructive and should be used with care. -# Defaults to present. -# -# [*status*] -# String to define the status of the service. Possible values: -# * enabled: Service is running and will be started at boot time. -# * disabled: Service is stopped and will not be started at boot -# time. -# * running: Service is running but will not be started at boot time. -# You can use this to start a service on the first Puppet run instead of -# the system startup. -# * unmanaged: Service will not be started at boot time and Puppet -# does not care whether the service is running or not. For example, this may -# be useful if a cluster management software is used to decide when to start -# the service plus assuring it is running on the desired node. -# Defaults to enabled. The singular form ("service") is used for the -# sake of convenience. Of course, the defined status affects all services if -# more than one is managed (see service.pp to check if this is the -# case). -# -# [*init_defaults*] -# Defaults file content in hash representation -# -# [*init_defaults_file*] -# Defaults file as puppet resource -# -# [*init_template*] -# Service file as a template -# -# [*service_flags*] -# Service flags, used on OpenBSD for service configuration -# -# === Authors -# -# * Richard Pijnenburg -# -define elasticsearch::service( - $ensure = $elasticsearch::ensure, - $status = $elasticsearch::status, - $init_defaults_file = undef, - $init_defaults = undef, - $init_template = undef, - $service_flags = undef, -) { - - case $elasticsearch::real_service_provider { - - 'init': { - elasticsearch::service::init { $name: - ensure => $ensure, - status => $status, - init_defaults_file => $init_defaults_file, - init_defaults => $init_defaults, - init_template => $init_template, - } - } - 'openbsd': { - elasticsearch::service::openbsd { $name: - ensure => $ensure, - status => $status, - init_template => $init_template, - service_flags => $service_flags, - } - } - 'systemd': { - elasticsearch::service::systemd { $name: - ensure => $ensure, - status => $status, - init_defaults_file => $init_defaults_file, - init_defaults => $init_defaults, - init_template => $init_template, - } - } - 'openrc': { - elasticsearch::service::openrc { $name: - ensure => $ensure, - status => $status, - init_defaults_file => $init_defaults_file, - init_defaults => $init_defaults, - init_template => $init_template, - } - } - default: { - fail("Unknown service provider ${elasticsearch::real_service_provider}") - } - - } - -} diff --git a/elasticsearch/manifests/service/init.pp b/elasticsearch/manifests/service/init.pp deleted file mode 100644 index 59fc75db5..000000000 --- a/elasticsearch/manifests/service/init.pp +++ /dev/null @@ -1,193 +0,0 @@ -# == Define: elasticsearch::service::init -# -# This class exists to coordinate all service management related actions, -# functionality and logical units in a central place. -# -# Note: "service" is the Puppet term and type for background processes -# in general and is used in a platform-independent way. E.g. "service" means -# "daemon" in relation to Unix-like systems. -# -# -# === Parameters -# -# [*ensure*] -# String. Controls if the managed resources shall be present or -# absent. If set to absent: -# * The managed software packages are being uninstalled. -# * Any traces of the packages will be purged as good as possible. This may -# include existing configuration files. The exact behavior is provider -# dependent. Q.v.: -# * Puppet type reference: {package, "purgeable"}[http://j.mp/xbxmNP] -# * {Puppet's package provider source code}[http://j.mp/wtVCaL] -# * System modifications (if any) will be reverted as good as possible -# (e.g. removal of created users, services, changed log settings, ...). -# * This is thus destructive and should be used with care. -# Defaults to present. -# -# [*status*] -# String to define the status of the service. Possible values: -# * enabled: Service is running and will be started at boot time. -# * disabled: Service is stopped and will not be started at boot -# time. -# * running: Service is running but will not be started at boot time. -# You can use this to start a service on the first Puppet run instead of -# the system startup. -# * unmanaged: Service will not be started at boot time and Puppet -# does not care whether the service is running or not. For example, this may -# be useful if a cluster management software is used to decide when to start -# the service plus assuring it is running on the desired node. -# Defaults to enabled. The singular form ("service") is used for the -# sake of convenience. Of course, the defined status affects all services if -# more than one is managed (see service.pp to check if this is the -# case). -# -# [*init_defaults*] -# Defaults file content in hash representation -# -# [*init_defaults_file*] -# Defaults file as puppet resource -# -# [*init_template*] -# Service file as a template -# -# === Authors -# -# * Richard Pijnenburg -# -define elasticsearch::service::init( - $ensure = $elasticsearch::ensure, - $status = $elasticsearch::status, - $init_defaults_file = undef, - $init_defaults = undef, - $init_template = undef, -) { - - #### Service management - - # set params: in operation - if $ensure == 'present' { - - case $status { - # make sure service is currently running, start it on boot - 'enabled': { - $service_ensure = 'running' - $service_enable = true - } - # make sure service is currently stopped, do not start it on boot - 'disabled': { - $service_ensure = 'stopped' - $service_enable = false - } - # make sure service is currently running, do not start it on boot - 'running': { - $service_ensure = 'running' - $service_enable = false - } - # do not start service on boot, do not care whether currently running - # or not - 'unmanaged': { - $service_ensure = undef - $service_enable = false - } - # unknown status - # note: don't forget to update the parameter check in init.pp if you - # add a new or change an existing status. - default: { - fail("\"${status}\" is an unknown service status value") - } - } - - # set params: removal - } else { - - # make sure the service is stopped and disabled (the removal itself will be - # done by package.pp) - $service_ensure = 'stopped' - $service_enable = false - - } - - $notify_service = $elasticsearch::restart_on_change ? { - true => Service["elasticsearch-instance-${name}"], - false => undef, - } - - - if ( $ensure == 'present' ) { - - # defaults file content. Either from a hash or file - if ($init_defaults_file != undef) { - file { "${elasticsearch::params::defaults_location}/elasticsearch-${name}": - ensure => $ensure, - source => $init_defaults_file, - owner => 'root', - group => 'root', - mode => '0644', - before => Service["elasticsearch-instance-${name}"], - notify => $notify_service, - } - - } else { - - if ($init_defaults != undef and is_hash($init_defaults) ) { - if(has_key($init_defaults, 'ES_USER')) { - if($init_defaults['ES_USER'] != $elasticsearch::elasticsearch_user) { - fail('Found ES_USER setting for init_defaults but is not same as elasticsearch_user setting. Please use elasticsearch_user setting.') - } - } - } - - $init_defaults_pre_hash = { 'ES_USER' => $elasticsearch::elasticsearch_user, 'ES_GROUP' => $elasticsearch::elasticsearch_group, 'MAX_OPEN_FILES' => '65535' } - $new_init_defaults = merge($init_defaults_pre_hash, $init_defaults) - - augeas { "defaults_${name}": - incl => "${elasticsearch::params::defaults_location}/elasticsearch-${name}", - lens => 'Shellvars.lns', - changes => template("${module_name}/etc/sysconfig/defaults.erb"), - before => Service["elasticsearch-instance-${name}"], - notify => $notify_service, - } - - } - - # init file from template - if ($init_template != undef) { - - file { "/etc/init.d/elasticsearch-${name}": - ensure => $ensure, - content => template($init_template), - owner => 'root', - group => 'root', - mode => '0755', - before => Service["elasticsearch-instance-${name}"], - notify => $notify_service, - } - - } - - } else { - - file { "/etc/init.d/elasticsearch-${name}": - ensure => 'absent', - subscribe => Service["elasticsearch-instance-${name}"], - } - - file { "${elasticsearch::params::defaults_location}/elasticsearch-${name}": - ensure => 'absent', - subscribe => Service["elasticsearch-${$name}"], - } - - } - - # action - service { "elasticsearch-instance-${name}": - ensure => $service_ensure, - enable => $service_enable, - name => "elasticsearch-${name}", - hasstatus => $elasticsearch::params::service_hasstatus, - hasrestart => $elasticsearch::params::service_hasrestart, - pattern => $elasticsearch::params::service_pattern, - } - - -} diff --git a/elasticsearch/manifests/service/openbsd.pp b/elasticsearch/manifests/service/openbsd.pp deleted file mode 100644 index 771646007..000000000 --- a/elasticsearch/manifests/service/openbsd.pp +++ /dev/null @@ -1,156 +0,0 @@ -# == Define: elasticsearch::service::openbsd -# -# This class exists to coordinate all service management related actions, -# functionality and logical units in a central place. -# -# Note: "service" is the Puppet term and type for background processes -# in general and is used in a platform-independent way. E.g. "service" means -# "daemon" in relation to Unix-like systems. -# -# -# === Parameters -# -# [*ensure*] -# String. Controls if the managed resources shall be present or -# absent. If set to absent: -# * The managed software packages are being uninstalled. -# * Any traces of the packages will be purged as good as possible. This may -# include existing configuration files. The exact behavior is provider -# dependent. Q.v.: -# * Puppet type reference: {package, "purgeable"}[http://j.mp/xbxmNP] -# * {Puppet's package provider source code}[http://j.mp/wtVCaL] -# * System modifications (if any) will be reverted as good as possible -# (e.g. removal of created users, services, changed log settings, ...). -# * This is thus destructive and should be used with care. -# Defaults to present. -# -# [*status*] -# String to define the status of the service. Possible values: -# * enabled: Service is running and will be started at boot time. -# * disabled: Service is stopped and will not be started at boot -# time. -# * running: Service is running but will not be started at boot time. -# You can use this to start a service on the first Puppet run instead of -# the system startup. -# * unmanaged: Service will not be started at boot time and Puppet -# does not care whether the service is running or not. For example, this may -# be useful if a cluster management software is used to decide when to start -# the service plus assuring it is running on the desired node. -# Defaults to enabled. The singular form ("service") is used for the -# sake of convenience. Of course, the defined status affects all services if -# more than one is managed (see service.pp to check if this is the -# case). -# -# [*pid_dir*] -# String, directory where to store the serice pid file -# -# [*init_template*] -# Service file as a template -# -# [*service_flags*] -# String, flags to pass to the service -# -# === Authors -# -# * Richard Pijnenburg -# -define elasticsearch::service::openbsd( - $ensure = $elasticsearch::ensure, - $status = $elasticsearch::status, - $pid_dir = $elasticsearch::pid_dir, - $init_template = $elasticsearch::init_template, - $service_flags = undef, -) { - - #### Service management - - # set params: in operation - if $ensure == 'present' { - - case $status { - # make sure service is currently running, start it on boot - 'enabled': { - $service_ensure = 'running' - $service_enable = true - } - # make sure service is currently stopped, do not start it on boot - 'disabled': { - $service_ensure = 'stopped' - $service_enable = false - } - # make sure service is currently running, do not start it on boot - 'running': { - $service_ensure = 'running' - $service_enable = false - } - # do not start service on boot, do not care whether currently running - # or not - 'unmanaged': { - $service_ensure = undef - $service_enable = false - } - # unknown status - # note: don't forget to update the parameter check in init.pp if you - # add a new or change an existing status. - default: { - fail("\"${status}\" is an unknown service status value") - } - } - - # set params: removal - } else { - - # make sure the service is stopped and disabled (the removal itself will be - # done by package.pp) - $service_ensure = 'stopped' - $service_enable = false - - } - - $notify_service = $elasticsearch::restart_on_change ? { - true => Service["elasticsearch-instance-${name}"], - false => undef, - } - - if ( $status != 'unmanaged' and $ensure == 'present' ) { - - # init file from template - if ($init_template != undef) { - - file { "/etc/rc.d/elasticsearch_${name}": - ensure => $ensure, - content => template($init_template), - owner => 'root', - group => '0', - mode => '0555', - before => Service["elasticsearch-instance-${name}"], - notify => $notify_service, - } - - } - - } elsif ($status != 'unmanaged') { - - file { "/etc/rc.d/elasticsearch_${name}": - ensure => 'absent', - subscribe => Service["elasticsearch-instance-${name}"], - } - - } - - if ( $status != 'unmanaged') { - - # action - service { "elasticsearch-instance-${name}": - ensure => $service_ensure, - enable => $service_enable, - name => "elasticsearch_${name}", - flags => $service_flags, - hasstatus => $elasticsearch::params::service_hasstatus, - hasrestart => $elasticsearch::params::service_hasrestart, - pattern => $elasticsearch::params::service_pattern, - } - - } - -} diff --git a/elasticsearch/manifests/service/openrc.pp b/elasticsearch/manifests/service/openrc.pp deleted file mode 100644 index b1d96483c..000000000 --- a/elasticsearch/manifests/service/openrc.pp +++ /dev/null @@ -1,195 +0,0 @@ -# == Define: elasticsearch::service::init -# -# This class exists to coordinate all service management related actions, -# functionality and logical units in a central place. -# -# Note: "service" is the Puppet term and type for background processes -# in general and is used in a platform-independent way. E.g. "service" means -# "daemon" in relation to Unix-like systems. -# -# -# === Parameters -# -# [*ensure*] -# String. Controls if the managed resources shall be present or -# absent. If set to absent: -# * The managed software packages are being uninstalled. -# * Any traces of the packages will be purged as good as possible. This may -# include existing configuration files. The exact behavior is provider -# dependent. Q.v.: -# * Puppet type reference: {package, "purgeable"}[http://j.mp/xbxmNP] -# * {Puppet's package provider source code}[http://j.mp/wtVCaL] -# * System modifications (if any) will be reverted as good as possible -# (e.g. removal of created users, services, changed log settings, ...). -# * This is thus destructive and should be used with care. -# Defaults to present. -# -# [*status*] -# String to define the status of the service. Possible values: -# * enabled: Service is running and will be started at boot time. -# * disabled: Service is stopped and will not be started at boot -# time. -# * running: Service is running but will not be started at boot time. -# You can use this to start a service on the first Puppet run instead of -# the system startup. -# * unmanaged: Service will not be started at boot time and Puppet -# does not care whether the service is running or not. For example, this may -# be useful if a cluster management software is used to decide when to start -# the service plus assuring it is running on the desired node. -# Defaults to enabled. The singular form ("service") is used for the -# sake of convenience. Of course, the defined status affects all services if -# more than one is managed (see service.pp to check if this is the -# case). -# -# [*init_defaults*] -# Defaults file content in hash representation -# -# [*init_defaults_file*] -# Defaults file as puppet resource -# -# [*init_template*] -# Service file as a template -# -# === Authors -# -# * Richard Pijnenburg -# -define elasticsearch::service::openrc( - $ensure = $elasticsearch::ensure, - $status = $elasticsearch::status, - $init_defaults_file = undef, - $init_defaults = undef, - $init_template = undef, -) { - - #### Service management - - # set params: in operation - if $ensure == 'present' { - - case $status { - # make sure service is currently running, start it on boot - 'enabled': { - $service_ensure = 'running' - $service_enable = true - } - # make sure service is currently stopped, do not start it on boot - 'disabled': { - $service_ensure = 'stopped' - $service_enable = false - } - # make sure service is currently running, do not start it on boot - 'running': { - $service_ensure = 'running' - $service_enable = false - } - # do not start service on boot, do not care whether currently running - # or not - 'unmanaged': { - $service_ensure = undef - $service_enable = false - } - # unknown status - # note: don't forget to update the parameter check in init.pp if you - # add a new or change an existing status. - default: { - fail("\"${status}\" is an unknown service status value") - } - } - - # set params: removal - } else { - - # make sure the service is stopped and disabled (the removal itself will be - # done by package.pp) - $service_ensure = 'stopped' - $service_enable = false - - } - - $notify_service = $elasticsearch::restart_on_change ? { - true => Service["elasticsearch-instance-${name}"], - false => undef, - } - - - if ( $status != 'unmanaged' and $ensure == 'present' ) { - - # defaults file content. Either from a hash or file - if ($init_defaults_file != undef) { - file { "${elasticsearch::params::defaults_location}/elasticsearch.${name}": - ensure => $ensure, - source => $init_defaults_file, - owner => 'root', - group => 'root', - mode => '0644', - before => Service["elasticsearch-instance-${name}"], - notify => $notify_service, - } - - } elsif ($init_defaults != undef and is_hash($init_defaults) ) { - - if(has_key($init_defaults, 'ES_USER')) { - if($init_defaults['ES_USER'] != $elasticsearch::elasticsearch_user) { - fail('Found ES_USER setting for init_defaults but is not same as elasticsearch_user setting. Please use elasticsearch_user setting.') - } - } - - $init_defaults_pre_hash = { 'ES_USER' => $elasticsearch::elasticsearch_user, 'ES_GROUP' => $elasticsearch::elasticsearch_group, 'MAX_OPEN_FILES' => '65535' } - $new_init_defaults = merge($init_defaults_pre_hash, $init_defaults) - - augeas { "defaults_${name}": - incl => "${elasticsearch::params::defaults_location}/elasticsearch.${name}", - lens => 'Shellvars.lns', - changes => template("${module_name}/etc/sysconfig/defaults.erb"), - before => Service["elasticsearch-instance-${name}"], - notify => $notify_service, - } - - } - - # init file from template - if ($init_template != undef) { - - file { "/etc/init.d/elasticsearch.${name}": - ensure => $ensure, - content => template($init_template), - owner => 'root', - group => 'root', - mode => '0755', - before => Service["elasticsearch-instance-${name}"], - notify => $notify_service, - } - - } - - } elsif ($status != 'unmanaged') { - - file { "/etc/init.d/elasticsearch.${name}": - ensure => 'absent', - subscribe => Service["elasticsearch-instance-${name}"], - } - - file { "${elasticsearch::params::defaults_location}/elasticsearch.${name}": - ensure => 'absent', - subscribe => Service["elasticsearch.${$name}"], - } - - } - - - if ( $status != 'unmanaged') { - - # action - service { "elasticsearch-instance-${name}": - ensure => $service_ensure, - enable => $service_enable, - name => "elasticsearch.${name}", - hasstatus => $elasticsearch::params::service_hasstatus, - hasrestart => $elasticsearch::params::service_hasrestart, - pattern => $elasticsearch::params::service_pattern, - } - - } - -} diff --git a/elasticsearch/manifests/service/systemd.pp b/elasticsearch/manifests/service/systemd.pp deleted file mode 100644 index 13b680f8a..000000000 --- a/elasticsearch/manifests/service/systemd.pp +++ /dev/null @@ -1,212 +0,0 @@ -# == Define: elasticsearch::service::systemd -# -# This define exists to coordinate all service management related actions, -# functionality and logical units in a central place. -# -# Note: "service" is the Puppet term and type for background processes -# in general and is used in a platform-independent way. E.g. "service" means -# "daemon" in relation to Unix-like systems. -# -# -# === Parameters -# -# [*ensure*] -# String. Controls if the managed resources shall be present or -# absent. If set to absent: -# * The managed software packages are being uninstalled. -# * Any traces of the packages will be purged as good as possible. This may -# include existing configuration files. The exact behavior is provider -# dependent. Q.v.: -# * Puppet type reference: {package, "purgeable"}[http://j.mp/xbxmNP] -# * {Puppet's package provider source code}[http://j.mp/wtVCaL] -# * System modifications (if any) will be reverted as good as possible -# (e.g. removal of created users, services, changed log settings, ...). -# * This is thus destructive and should be used with care. -# Defaults to present. -# -# [*status*] -# String to define the status of the service. Possible values: -# * enabled: Service is running and will be started at boot time. -# * disabled: Service is stopped and will not be started at boot -# time. -# * running: Service is running but will not be started at boot time. -# You can use this to start a service on the first Puppet run instead of -# the system startup. -# * unmanaged: Service will not be started at boot time and Puppet -# does not care whether the service is running or not. For example, this may -# be useful if a cluster management software is used to decide when to start -# the service plus assuring it is running on the desired node. -# Defaults to enabled. The singular form ("service") is used for the -# sake of convenience. Of course, the defined status affects all services if -# more than one is managed (see service.pp to check if this is the -# case). -# -# [*init_defaults*] -# Defaults file content in hash representation -# -# [*init_defaults_file*] -# Defaults file as puppet resource -# -# [*init_template*] -# Service file as a template -# -# === Authors -# -# * Richard Pijnenburg -# -define elasticsearch::service::systemd( - $ensure = $elasticsearch::ensure, - $status = $elasticsearch::status, - $init_defaults_file = undef, - $init_defaults = undef, - $init_template = undef, -) { - - #### Service management - - # set params: in operation - if $ensure == 'present' { - - case $status { - # make sure service is currently running, start it on boot - 'enabled': { - $service_ensure = 'running' - $service_enable = true - } - # make sure service is currently stopped, do not start it on boot - 'disabled': { - $service_ensure = 'stopped' - $service_enable = false - } - # make sure service is currently running, do not start it on boot - 'running': { - $service_ensure = 'running' - $service_enable = false - } - # do not start service on boot, do not care whether currently running - # or not - 'unmanaged': { - $service_ensure = undef - $service_enable = false - } - # unknown status - # note: don't forget to update the parameter check in init.pp if you - # add a new or change an existing status. - default: { - fail("\"${status}\" is an unknown service status value") - } - } - } else { - # make sure the service is stopped and disabled (the removal itself will be - # done by package.pp) - $service_ensure = 'stopped' - $service_enable = false - } - - $notify_service = $elasticsearch::restart_on_change ? { - true => [ Exec["systemd_reload_${name}"], Service["elasticsearch-instance-${name}"] ], - false => Exec["systemd_reload_${name}"] - } - - if ( $ensure == 'present' ) { - - # defaults file content. Either from a hash or file - if ($init_defaults_file != undef) { - file { "${elasticsearch::params::defaults_location}/elasticsearch-${name}": - ensure => $ensure, - source => $init_defaults_file, - owner => 'root', - group => 'root', - mode => '0644', - before => Service["elasticsearch-instance-${name}"], - notify => $notify_service, - } - - } else { - if ($init_defaults != undef and is_hash($init_defaults) ) { - - if(has_key($init_defaults, 'ES_USER')) { - if($init_defaults['ES_USER'] != $elasticsearch::elasticsearch_user) { - fail('Found ES_USER setting for init_defaults but is not same as elasticsearch_user setting. Please use elasticsearch_user setting.') - } - } - } - $init_defaults_pre_hash = { 'ES_USER' => $elasticsearch::elasticsearch_user, 'ES_GROUP' => $elasticsearch::elasticsearch_group, 'MAX_OPEN_FILES' => '65535' } - $new_init_defaults = merge($init_defaults_pre_hash, $init_defaults) - - augeas { "defaults_${name}": - incl => "${elasticsearch::params::defaults_location}/elasticsearch-${name}", - lens => 'Shellvars.lns', - changes => template("${module_name}/etc/sysconfig/defaults.erb"), - before => Service["elasticsearch-instance-${name}"], - notify => $notify_service, - } - } - - # init file from template - if ($init_template != undef) { - - $user = $elasticsearch::elasticsearch_user - $group = $elasticsearch::elasticsearch_group - $pid_dir = $elasticsearch::pid_dir - $defaults_location = $elasticsearch::defaults_location - - if ($new_init_defaults != undef and is_hash($new_init_defaults) and has_key($new_init_defaults, 'MAX_OPEN_FILES')) { - $nofile = $new_init_defaults['MAX_OPEN_FILES'] - }else{ - $nofile = '65535' - } - - if ($new_init_defaults != undef and is_hash($new_init_defaults) and has_key($new_init_defaults, 'MAX_LOCKED_MEMORY')) { - $memlock = $new_init_defaults['MAX_LOCKED_MEMORY'] - }else{ - $memlock = undef - } - - file { "/lib/systemd/system/elasticsearch-${name}.service": - ensure => $ensure, - content => template($init_template), - before => Service["elasticsearch-instance-${name}"], - notify => $notify_service, - } - - } - - $service_require = Exec["systemd_reload_${name}"] - - } else { - - file { "/lib/systemd/system/elasticsearch-${name}.service": - ensure => 'absent', - subscribe => Service["elasticsearch-instance-${name}"], - notify => Exec["systemd_reload_${name}"], - } - - file { "${elasticsearch::params::defaults_location}/elasticsearch-${name}": - ensure => 'absent', - subscribe => Service["elasticsearch-instance-${name}"], - notify => Exec["systemd_reload_${name}"], - } - - $service_require = undef - - } - - exec { "systemd_reload_${name}": - command => '/bin/systemctl daemon-reload', - refreshonly => true, - } - - # action - service { "elasticsearch-instance-${name}": - ensure => $service_ensure, - enable => $service_enable, - name => "elasticsearch-${name}.service", - hasstatus => $elasticsearch::params::service_hasstatus, - hasrestart => $elasticsearch::params::service_hasrestart, - pattern => $elasticsearch::params::service_pattern, - provider => 'systemd', - require => $service_require, - } - -} diff --git a/elasticsearch/manifests/template.pp b/elasticsearch/manifests/template.pp deleted file mode 100644 index 4de931691..000000000 --- a/elasticsearch/manifests/template.pp +++ /dev/null @@ -1,145 +0,0 @@ -# == Define: elasticsearch::template -# -# This define allows you to insert, update or delete templates that are used within Elasticsearch for the indexes -# -# === Parameters -# -# [*ensure*] -# String. Controls if the managed resources shall be present or -# absent. If set to absent: -# * The managed software packages are being uninstalled. -# * Any traces of the packages will be purged as good as possible. This may -# include existing configuration files. The exact behavior is provider -# dependent. Q.v.: -# * Puppet type reference: {package, "purgeable"}[http://j.mp/xbxmNP] -# * {Puppet's package provider source code}[http://j.mp/wtVCaL] -# * System modifications (if any) will be reverted as good as possible -# (e.g. removal of created users, services, changed log settings, ...). -# * This is thus destructive and should be used with care. -# Defaults to present. -# -# [*file*] -# File path of the template ( json file ) -# Value type is string -# Default value: undef -# This variable is optional -# -# [*content*] -# Contents of the template ( json ) -# Value type is string -# Default value: undef -# This variable is optional -# -# [*host*] -# Host name or IP address of the ES instance to connect to -# Value type is string -# Default value: localhost -# This variable is optional -# -# [*port*] -# Port number of the ES instance to connect to -# Value type is number -# Default value: 9200 -# This variable is optional -# -# === Authors -# -# * Richard Pijnenburg -# -define elasticsearch::template( - $ensure = 'present', - $file = undef, - $content = undef, - $host = 'localhost', - $port = 9200 -) { - - require elasticsearch - - # ensure - if ! ($ensure in [ 'present', 'absent' ]) { - fail("\"${ensure}\" is not a valid ensure parameter value") - } - - if ! is_integer($port) { - fail("\"${port}\" is not an integer") - } - - Exec { - path => [ '/bin', '/usr/bin', '/usr/local/bin' ], - cwd => '/', - tries => 6, - try_sleep => 10, - } - - # Build up the url - $es_url = "http://${host}:${port}/_template/${name}" - - # Can't do a replace and delete at the same time - - if ($ensure == 'present') { - - # Fail when no file or content is supplied - if $file == undef and $content == undef { - fail('The variables "file" and "content" cannot be empty when inserting or updating a template.') - } elsif $file != undef and $content != undef { - fail('The variables "file" and "content" cannot be used together when inserting or updating a template.') - } else { # we are good to go. notify to insert in case we deleted - $insert_notify = Exec[ "insert_template_${name}" ] - } - - } else { - - $insert_notify = undef - - } - - # Delete the existing template - # First check if it exists of course - exec { "delete_template_${name}": - command => "curl -s -XDELETE ${es_url}", - onlyif => "test $(curl -s '${es_url}?pretty=true' | wc -l) -gt 1", - notify => $insert_notify, - refreshonly => true, - } - - if ($ensure == 'absent') { - - # delete the template file on disk and then on the server - file { "${elasticsearch::params::homedir}/templates_import/elasticsearch-template-${name}.json": - ensure => 'absent', - notify => Exec[ "delete_template_${name}" ], - require => File[ "${elasticsearch::params::homedir}/templates_import" ], - } - } - - if ($ensure == 'present') { - - if $content == undef { - # place the template file using the file source - file { "${elasticsearch::params::homedir}/templates_import/elasticsearch-template-${name}.json": - ensure => file, - source => $file, - notify => Exec[ "delete_template_${name}" ], - require => File[ "${elasticsearch::params::homedir}/templates_import" ], - } - } else { - # place the template file using content - file { "${elasticsearch::params::homedir}/templates_import/elasticsearch-template-${name}.json": - ensure => file, - content => $content, - notify => Exec[ "delete_template_${name}" ], - require => File[ "${elasticsearch::params::homedir}/templates_import" ], - } - } - - exec { "insert_template_${name}": - command => "curl -sL -w \"%{http_code}\\n\" -XPUT ${es_url} -d @${elasticsearch::params::homedir}/templates_import/elasticsearch-template-${name}.json -o /dev/null | egrep \"(200|201)\" > /dev/null", - unless => "test $(curl -s '${es_url}?pretty=true' | wc -l) -gt 1", - refreshonly => true, - loglevel => 'debug', - } - - } - -} diff --git a/elasticsearch/metadata.json b/elasticsearch/metadata.json deleted file mode 100644 index 5a1a9904f..000000000 --- a/elasticsearch/metadata.json +++ /dev/null @@ -1,96 +0,0 @@ -{ - "name": "elasticsearch-elasticsearch", - "version": "0.10.3", - "source": "https://github.com/elastic/puppet-elasticsearch", - "author": "elasticsearch", - "license": "Apache-2.0", - "summary": "Module for managing and configuring Elasticsearch nodes", - "description": "Module for managing and configuring Elasticsearch nodes", - "project_page": "https://github.com/elastic/puppet-elasticsearch", - "issues_url": "https://github.com/elastic/puppet-elasticsearch/issues", - "dependencies": [ - { - "name": "puppetlabs/stdlib", - "version_requirement": ">= 3.2.0 < 5.0.0" - }, - { - "name": "puppetlabs/apt", - "version_requirement": ">= 1.4.0 < 3.0.0" - }, - { - "name": "ceritsc/yum", - "version_requirement": ">= 0.9.6 < 1.0.0" - }, - { - "name": "richardc/datacat", - "version_requirement": ">= 0.6.2 < 1.0.0" - } - ], - "operatingsystem_support": [ - { - "operatingsystem": "RedHat", - "operatingsystemrelease": [ - "5", - "6", - "7" - ] - }, - { - "operatingsystem": "CentOS", - "operatingsystemrelease": [ - "5", - "6", - "7" - ] - }, - { - "operatingsystem": "OracleLinux", - "operatingsystemrelease": [ - "5", - "6", - "7" - ] - }, - { - "operatingsystem": "Scientific", - "operatingsystemrelease": [ - "5", - "6", - "7" - ] - }, - { - "operatingsystem": "Debian", - "operatingsystemrelease": [ - "6", - "7", - "8" - ] - }, - { - "operatingsystem": "Ubuntu", - "operatingsystemrelease": [ - "10.04", - "12.04", - "14.04" - ] - }, - { - "operatingsystem": "OpenSuSE", - "operatingsystemrelease": [ - "12", - "13" - ] - } - ], - "requirements": [ - { - "name": "pe", - "version_requirement": ">= 3.3.2" - }, - { - "name": "puppet", - "version_requirement": ">=3.2.0 <4.3.0" - } - ] -} diff --git a/elasticsearch/spec/acceptance/001_basic_spec.rb b/elasticsearch/spec/acceptance/001_basic_spec.rb deleted file mode 100644 index 00c21e021..000000000 --- a/elasticsearch/spec/acceptance/001_basic_spec.rb +++ /dev/null @@ -1,8 +0,0 @@ -require 'spec_helper_acceptance' - -# Here we put the more basic fundamental tests, ultra obvious stuff. -describe "basic tests:" do - it 'make sure we have copied the module across' do - shell("ls #{default['distmoduledir']}/elasticsearch/metadata.json", {:acceptable_exit_codes => 0}) - end -end diff --git a/elasticsearch/spec/acceptance/002_class_spec.rb b/elasticsearch/spec/acceptance/002_class_spec.rb deleted file mode 100644 index 4486724b3..000000000 --- a/elasticsearch/spec/acceptance/002_class_spec.rb +++ /dev/null @@ -1,149 +0,0 @@ -require 'spec_helper_acceptance' - -describe "elasticsearch class:" do - - describe "single instance" do - - it 'should run successfully' do - pp = "class { 'elasticsearch': config => { 'cluster.name' => '#{test_settings['cluster_name']}'}, manage_repo => true, repo_version => '#{test_settings['repo_version']}', java_install => true } - elasticsearch::instance { 'es-01': config => { 'node.name' => 'elasticsearch001', 'http.port' => '#{test_settings['port_a']}' } } - " - - # Run it twice and test for idempotency - apply_manifest(pp, :catch_failures => true) - expect(apply_manifest(pp, :catch_failures => true).exit_code).to be_zero - end - - - describe service(test_settings['service_name_a']) do - it { should be_enabled } - it { should be_running } - end - - describe package(test_settings['package_name']) do - it { should be_installed } - end - - describe file(test_settings['pid_file_a']) do - it { should be_file } - its(:content) { should match /[0-9]+/ } - end - - describe "Elasticsearch serves requests on" do - it { - curl_with_retries("check ES on #{test_settings['port_a']}", default, "http://localhost:#{test_settings['port_a']}/?pretty=true", 0) - } - end - - describe file('/etc/elasticsearch/es-01/elasticsearch.yml') do - it { should be_file } - it { should contain 'name: elasticsearch001' } - end - - describe file('/usr/share/elasticsearch/templates_import') do - it { should be_directory } - end - - - end - - - describe "multiple instances" do - - it 'should run successfully' do - pp = "class { 'elasticsearch': config => { 'cluster.name' => '#{test_settings['cluster_name']}'}, manage_repo => true, repo_version => '#{test_settings['repo_version']}', java_install => true } - elasticsearch::instance { 'es-01': config => { 'node.name' => 'elasticsearch001', 'http.port' => '#{test_settings['port_a']}' } } - elasticsearch::instance { 'es-02': config => { 'node.name' => 'elasticsearch002', 'http.port' => '#{test_settings['port_b']}' } } - " - - # Run it twice and test for idempotency - apply_manifest(pp, :catch_failures => true) - expect(apply_manifest(pp, :catch_failures => true).exit_code).to be_zero - end - - - describe service(test_settings['service_name_a']) do - it { should be_enabled } - it { should be_running } - end - - describe service(test_settings['service_name_b']) do - it { should be_enabled } - it { should be_running } - end - - describe package(test_settings['package_name']) do - it { should be_installed } - end - - describe file(test_settings['pid_file_a']) do - it { should be_file } - its(:content) { should match /[0-9]+/ } - end - - describe file(test_settings['pid_file_b']) do - it { should be_file } - its(:content) { should match /[0-9]+/ } - end - - describe "make sure elasticsearch can serve requests #{test_settings['port_a']}" do - it { - curl_with_retries("check ES on #{test_settings['port_a']}", default, "http://localhost:#{test_settings['port_a']}/?pretty=true", 0) - } - end - - describe "make sure elasticsearch can serve requests #{test_settings['port_b']}" do - it { - curl_with_retries("check ES on #{test_settings['port_b']}", default, "http://localhost:#{test_settings['port_b']}/?pretty=true", 0) - } - end - - describe file('/etc/elasticsearch/es-01/elasticsearch.yml') do - it { should be_file } - it { should contain 'name: elasticsearch001' } - end - - describe file('/etc/elasticsearch/es-02/elasticsearch.yml') do - it { should be_file } - it { should contain 'name: elasticsearch002' } - end - - end - - - describe "module removal" do - - it 'should run successfully' do - pp = "class { 'elasticsearch': ensure => 'absent' } - elasticsearch::instance{ 'es-01': ensure => 'absent' } - elasticsearch::instance{ 'es-02': ensure => 'absent' } - " - - apply_manifest(pp, :catch_failures => true) - end - - describe file('/etc/elasticsearch/es-01') do - it { should_not be_directory } - end - - describe file('/etc/elasticsearch/es-02') do - it { should_not be_directory } - end - - describe file('/etc/elasticsearch/es-03') do - it { should_not be_directory } - end - - describe service(test_settings['service_name_a']) do - it { should_not be_enabled } - it { should_not be_running } - end - - describe service(test_settings['service_name_b']) do - it { should_not be_enabled } - it { should_not be_running } - end - - end - -end diff --git a/elasticsearch/spec/acceptance/003_template_spec.rb b/elasticsearch/spec/acceptance/003_template_spec.rb deleted file mode 100644 index ae5ab455f..000000000 --- a/elasticsearch/spec/acceptance/003_template_spec.rb +++ /dev/null @@ -1,70 +0,0 @@ -require 'spec_helper_acceptance' - -describe "elasticsearch template define:" do - - shell("mkdir -p #{default['distmoduledir']}/another/files") - shell("echo '#{test_settings['good_json']}' >> #{default['distmoduledir']}/another/files/good.json") - shell("echo '#{test_settings['bad_json']}' >> #{default['distmoduledir']}/another/files/bad.json") - - describe "Insert a template with valid json content" do - - it 'should run successfully' do - pp = "class { 'elasticsearch': config => { 'node.name' => 'elasticsearch001', 'cluster.name' => '#{test_settings['cluster_name']}' }, manage_repo => true, repo_version => '#{test_settings['repo_version']}', java_install => true } - elasticsearch::instance { 'es-01': config => { 'node.name' => 'elasticsearch001', 'http.port' => '#{test_settings['port_a']}' } } - elasticsearch::template { 'foo': ensure => 'present', file => 'puppet:///modules/another/good.json' }" - - # Run it twice and test for idempotency - apply_manifest(pp, :catch_failures => true) - expect(apply_manifest(pp, :catch_failures => true).exit_code).to be_zero - end - - it 'should report as existing in Elasticsearch' do - curl_with_retries('validate template as installed', default, "http://localhost:#{test_settings['port_a']}/_template/foo | grep logstash", 0) - end - end - - if fact('puppetversion') =~ /3\.[2-9]\./ - describe "Insert a template with bad json content" do - - it 'run should fail' do - pp = "class { 'elasticsearch': config => { 'node.name' => 'elasticsearch001', 'cluster.name' => '#{test_settings['cluster_name']}' }, manage_repo => true, repo_version => '#{test_settings['repo_version']}', java_install => true } - elasticsearch::instance { 'es-01': config => { 'node.name' => 'elasticsearch001', 'http.port' => '#{test_settings['port_a']}' } } - elasticsearch::template { 'foo': ensure => 'present', file => 'puppet:///modules/another/bad.json' }" - - apply_manifest(pp, :expect_failures => true) - end - - end - - else - # The exit codes have changes since Puppet 3.2x - # Since beaker expectations are based on the most recent puppet code All runs on previous versions fails. - end - - describe "module removal" do - - it 'should run successfully' do - pp = "class { 'elasticsearch': ensure => 'absent' } - elasticsearch::instance{ 'es-01': ensure => 'absent' } - " - - apply_manifest(pp, :catch_failures => true) - end - - describe file('/etc/elasticsearch/es-01') do - it { should_not be_directory } - end - - describe package(test_settings['package_name']) do - it { should_not be_installed } - end - - describe service(test_settings['service_name_a']) do - it { should_not be_enabled } - it { should_not be_running } - end - - end - - -end diff --git a/elasticsearch/spec/acceptance/004_plugin_spec.rb b/elasticsearch/spec/acceptance/004_plugin_spec.rb deleted file mode 100644 index be5f33387..000000000 --- a/elasticsearch/spec/acceptance/004_plugin_spec.rb +++ /dev/null @@ -1,299 +0,0 @@ -require 'spec_helper_acceptance' - -describe "elasticsearch plugin define:" do - - shell("mkdir -p #{default['distmoduledir']}/another/files") - shell("cp /tmp/elasticsearch-bigdesk.zip #{default['distmoduledir']}/another/files/elasticsearch-bigdesk.zip") - - describe "Install a plugin from official repository" do - - it 'should run successfully' do - pp = "class { 'elasticsearch': config => { 'node.name' => 'elasticsearch001', 'cluster.name' => '#{test_settings['cluster_name']}' }, manage_repo => true, repo_version => '#{test_settings['repo_version']}', java_install => true } - elasticsearch::instance { 'es-01': config => { 'node.name' => 'elasticsearch001', 'http.port' => '#{test_settings['port_a']}' } } - elasticsearch::plugin{'mobz/elasticsearch-head': module_dir => 'head', instances => 'es-01' } - " - - # Run it twice and test for idempotency - apply_manifest(pp, :catch_failures => true) - expect(apply_manifest(pp, :catch_failures => true).exit_code).to be_zero - end - - describe service(test_settings['service_name_a']) do - it { should be_enabled } - it { should be_running } - end - - describe package(test_settings['package_name']) do - it { should be_installed } - end - - describe file(test_settings['pid_file_a']) do - it { should be_file } - its(:content) { should match /[0-9]+/ } - end - - it 'make sure the directory exists' do - shell('ls /usr/share/elasticsearch/plugins/head/', {:acceptable_exit_codes => 0}) - end - - it 'make sure elasticsearch reports it as existing' do - curl_with_retries('validated plugin as installed', default, "http://localhost:#{test_settings['port_a']}/_nodes/?plugin | grep head", 0) - end - - end - describe "Install a plugin from custom git repo" do - it 'should run successfully' do - end - - it 'make sure the directory exists' do - end - - it 'make sure elasticsearch reports it as existing' do - end - - end - - if fact('puppetversion') =~ /3\.[2-9]\./ - - describe "Install a non existing plugin" do - - it 'should run successfully' do - pp = "class { 'elasticsearch': config => { 'node.name' => 'elasticearch001', 'cluster.name' => '#{test_settings['cluster_name']}' }, manage_repo => true, repo_version => '#{test_settings['repo_version']}', java_install => true } - elasticsearch::instance { 'es-01': config => { 'node.name' => 'elasticsearch001', 'http.port' => '#{test_settings['port_a']}' } } - elasticsearch::plugin{'elasticsearch/non-existing': module_dir => 'non-existing', instances => 'es-01' } - " - # Run it twice and test for idempotency - apply_manifest(pp, :expect_failures => true) - end - - end - - else - # The exit codes have changes since Puppet 3.2x - # Since beaker expectations are based on the most recent puppet code All runs on previous versions fails. - end - - describe "module removal" do - - it 'should run successfully' do - pp = "class { 'elasticsearch': ensure => 'absent' } - elasticsearch::instance{ 'es-01': ensure => 'absent' } - " - - apply_manifest(pp, :catch_failures => true) - end - - describe file('/etc/elasticsearch/es-01') do - it { should_not be_directory } - end - - describe package(test_settings['package_name']) do - it { should_not be_installed } - end - - describe service(test_settings['service_name_a']) do - it { should_not be_enabled } - it { should_not be_running } - end - - end - - - describe "install plugin while running ES under user 'root'" do - - it 'should run successfully' do - pp = "class { 'elasticsearch': config => { 'node.name' => 'elasticsearch001', 'cluster.name' => '#{test_settings['cluster_name']}' }, manage_repo => true, repo_version => '#{test_settings['repo_version']}', java_install => true, elasticsearch_user => 'root', elasticsearch_group => 'root' } - elasticsearch::instance { 'es-01': config => { 'node.name' => 'elasticsearch001', 'http.port' => '#{test_settings['port_a']}' } } - elasticsearch::plugin{'lmenezes/elasticsearch-kopf': module_dir => 'kopf', instances => 'es-01' } - " - - # Run it twice and test for idempotency - apply_manifest(pp, :catch_failures => true) - expect(apply_manifest(pp, :catch_failures => true).exit_code).to be_zero - end - - describe service(test_settings['service_name_a']) do - it { should be_enabled } - it { should be_running } - end - - describe package(test_settings['package_name']) do - it { should be_installed } - end - - describe file(test_settings['pid_file_a']) do - it { should be_file } - its(:content) { should match /[0-9]+/ } - end - - it 'make sure the directory exists' do - shell('ls /usr/share/elasticsearch/plugins/kopf/', {:acceptable_exit_codes => 0}) - end - - it 'make sure elasticsearch reports it as existing' do - curl_with_retries('validated plugin as installed', default, "http://localhost:#{test_settings['port_a']}/_nodes/?plugin | grep kopf", 0) - end - - end - - - describe "module removal" do - - it 'should run successfully' do - pp = "class { 'elasticsearch': ensure => 'absent' } - elasticsearch::instance{ 'es-01': ensure => 'absent' } - " - - apply_manifest(pp, :catch_failures => true) - end - - describe file('/etc/elasticsearch/es-01') do - it { should_not be_directory } - end - - describe package(test_settings['package_name']) do - it { should_not be_installed } - end - - describe service(test_settings['service_name_a']) do - it { should_not be_enabled } - it { should_not be_running } - end - - end - - describe 'plugin upgrading' do - - describe 'Setup first plugin' do - it 'should run successful' do - pp = "class { 'elasticsearch': config => { 'node.name' => 'elasticsearch001', 'cluster.name' => '#{test_settings['cluster_name']}' }, manage_repo => true, repo_version => '#{test_settings['repo_version']}', java_install => true, elasticsearch_user => 'root', elasticsearch_group => 'root' } - elasticsearch::instance { 'es-01': config => { 'node.name' => 'elasticsearch001', 'http.port' => '#{test_settings['port_a']}' } } - elasticsearch::plugin{'elasticsearch/elasticsearch-cloud-aws/2.1.1': module_dir => 'cloud-aws', instances => 'es-01' } - " - - # Run it twice and test for idempotency - apply_manifest(pp, :catch_failures => true) - expect(apply_manifest(pp, :catch_failures => true).exit_code).to be_zero - - end - - it 'make sure the directory exists' do - shell('ls /usr/share/elasticsearch/plugins/cloud-aws/', {:acceptable_exit_codes => 0}) - end - - it 'make sure elasticsearch reports it as existing' do - curl_with_retries('validated plugin as installed', default, "http://localhost:#{test_settings['port_a']}/_nodes/?plugin | grep cloud-aws | grep 2.1.1", 0) - end - - end - - describe "Upgrade plugin" do - it 'Should run succesful' do - pp = "class { 'elasticsearch': config => { 'node.name' => 'elasticsearch001', 'cluster.name' => '#{test_settings['cluster_name']}' }, manage_repo => true, repo_version => '#{test_settings['repo_version']}', java_install => true, elasticsearch_user => 'root', elasticsearch_group => 'root' } - elasticsearch::instance { 'es-01': config => { 'node.name' => 'elasticsearch001', 'http.port' => '#{test_settings['port_a']}' } } - elasticsearch::plugin{'elasticsearch/elasticsearch-cloud-aws/2.2.0': module_dir => 'cloud-aws', instances => 'es-01' } - " - - # Run it twice and test for idempotency - apply_manifest(pp, :catch_failures => true) - expect(apply_manifest(pp, :catch_failures => true).exit_code).to be_zero - - end - - it 'make sure elasticsearch reports it as existing' do - curl_with_retries('validated plugin as installed', default, "http://localhost:#{test_settings['port_a']}/_nodes/?plugin | grep cloud-aws | grep 2.2.0", 0) - end - end - - end - - describe "offline install via puppetmaster" do - it 'Should run succesful' do - pp = "class { 'elasticsearch': config => { 'node.name' => 'elasticsearch001', 'cluster.name' => '#{test_settings['cluster_name']}' }, manage_repo => true, repo_version => '#{test_settings['repo_version']}', java_install => true, elasticsearch_user => 'root', elasticsearch_group => 'root' } - elasticsearch::instance { 'es-01': config => { 'node.name' => 'elasticsearch001', 'http.port' => '#{test_settings['port_a']}' } } - elasticsearch::plugin{'bigdesk': source => 'puppet:///modules/another/elasticsearch-bigdesk.zip', instances => 'es-01' } - " - - # Run it twice and test for idempotency - apply_manifest(pp, :catch_failures => true) - expect(apply_manifest(pp, :catch_failures => true).exit_code).to be_zero - - end - - it 'make sure elasticsearch reports it as existing' do - curl_with_retries('validated plugin as installed', default, "http://localhost:#{test_settings['port_a']}/_nodes/?plugin | grep bigdesk", 0) - end - - end - - describe "module removal" do - - it 'should run successfully' do - pp = "class { 'elasticsearch': ensure => 'absent' } - elasticsearch::instance{ 'es-01': ensure => 'absent' } - " - - apply_manifest(pp, :catch_failures => true) - end - - describe file('/etc/elasticsearch/es-01') do - it { should_not be_directory } - end - - describe package(test_settings['package_name']) do - it { should_not be_installed } - end - - describe service(test_settings['service_name_a']) do - it { should_not be_enabled } - it { should_not be_running } - end - - end - - describe "install via url" do - it 'Should run succesful' do - pp = "class { 'elasticsearch': config => { 'node.name' => 'elasticsearch001', 'cluster.name' => '#{test_settings['cluster_name']}' }, manage_repo => true, repo_version => '#{test_settings['repo_version']}', java_install => true } - elasticsearch::instance { 'es-01': config => { 'node.name' => 'elasticsearch001', 'http.port' => '#{test_settings['port_a']}' } } - elasticsearch::plugin{'HQ': url => 'https://github.com/royrusso/elasticsearch-HQ/archive/v2.0.3.zip', instances => 'es-01' } - " - - # Run it twice and test for idempotency - apply_manifest(pp, :catch_failures => true) - expect(apply_manifest(pp, :catch_failures => true).exit_code).to be_zero - - end - - it 'make sure elasticsearch reports it as existing' do - curl_with_retries('validated plugin as installed', default, "http://localhost:#{test_settings['port_a']}/_nodes/?plugin | grep HQ", 0) - end - - end - - describe "module removal" do - - it 'should run successfully' do - pp = "class { 'elasticsearch': ensure => 'absent' } - elasticsearch::instance{ 'es-01': ensure => 'absent' } - " - - apply_manifest(pp, :catch_failures => true) - end - - describe file('/etc/elasticsearch/es-01') do - it { should_not be_directory } - end - - describe package(test_settings['package_name']) do - it { should_not be_installed } - end - - describe service(test_settings['service_name_a']) do - it { should_not be_enabled } - it { should_not be_running } - end - - end - - -end diff --git a/elasticsearch/spec/acceptance/009_datapath_spec.rb b/elasticsearch/spec/acceptance/009_datapath_spec.rb deleted file mode 100644 index a3d1d6e23..000000000 --- a/elasticsearch/spec/acceptance/009_datapath_spec.rb +++ /dev/null @@ -1,361 +0,0 @@ -require 'spec_helper_acceptance' - -describe "Data dir settings" do - - describe "Default data dir" do - - it 'should run successfully' do - pp = "class { 'elasticsearch': config => { 'cluster.name' => '#{test_settings['cluster_name']}'}, manage_repo => true, repo_version => '#{test_settings['repo_version']}', java_install => true } - elasticsearch::instance { 'es-01': config => { 'node.name' => 'elasticsearch001', 'http.port' => '#{test_settings['port_a']}' } } - " - - # Run it twice and test for idempotency - apply_manifest(pp, :catch_failures => true) - expect(apply_manifest(pp, :catch_failures => true).exit_code).to be_zero - end - - - describe service(test_settings['service_name_a']) do - it { should be_enabled } - it { should be_running } - end - - describe package(test_settings['package_name']) do - it { should be_installed } - end - - describe file(test_settings['pid_file_a']) do - it { should be_file } - its(:content) { should match /[0-9]+/ } - end - - describe "Elasticsearch serves requests on" do - it { - curl_with_retries("check ES on #{test_settings['port_a']}", default, "http://localhost:#{test_settings['port_a']}/?pretty=true", 0) - } - end - - describe file('/etc/elasticsearch/es-01/elasticsearch.yml') do - it { should be_file } - it { should contain "/usr/share/elasticsearch/data/es-01" } - end - - describe "Elasticsearch config has the data path" do - it { - curl_with_retries("check data path on #{test_settings['port_a']}", default, "http://localhost:#{test_settings['port_a']}/_nodes?pretty=true | grep /usr/share/elasticsearch/data/es-01", 0) - } - - end - - describe file('/usr/share/elasticsearch/data/es-01') do - it { should be_directory } - end - - end - - - describe "Single data dir from main class" do - - it 'should run successfully' do - pp = "class { 'elasticsearch': config => { 'cluster.name' => '#{test_settings['cluster_name']}'}, manage_repo => true, repo_version => '#{test_settings['repo_version']}', java_install => true, datadir => '/var/lib/elasticsearch-data' } - elasticsearch::instance { 'es-01': config => { 'node.name' => 'elasticsearch001', 'http.port' => '#{test_settings['port_a']}' } } - " - - # Run it twice and test for idempotency - apply_manifest(pp, :catch_failures => true) - expect(apply_manifest(pp, :catch_failures => true).exit_code).to be_zero - end - - - describe service(test_settings['service_name_a']) do - it { should be_enabled } - it { should be_running } - end - - describe package(test_settings['package_name']) do - it { should be_installed } - end - - describe file(test_settings['pid_file_a']) do - it { should be_file } - its(:content) { should match /[0-9]+/ } - end - - describe "Elasticsearch serves requests on" do - it { - curl_with_retries("check ES on #{test_settings['port_a']}", default, "http://localhost:#{test_settings['port_a']}/?pretty=true", 0) - } - end - - describe file('/etc/elasticsearch/es-01/elasticsearch.yml') do - it { should be_file } - it { should contain '/var/lib/elasticsearch-data/es-01' } - end - - describe "Elasticsearch config has the data path" do - it { - curl_with_retries("check data path on #{test_settings['port_a']}", default, "http://localhost:#{test_settings['port_a']}/_nodes?pretty=true | grep /var/lib/elasticsearch-data/es-01", 0) - } - - end - - describe file('/var/lib/elasticsearch-data/es-01') do - it { should be_directory } - end - - end - - describe "module removal" do - - it 'should run successfully' do - pp = "class { 'elasticsearch': ensure => 'absent' } - elasticsearch::instance{ 'es-01': ensure => 'absent' } - " - - apply_manifest(pp, :catch_failures => true) - end - - describe file('/etc/elasticsearch/es-01') do - it { should_not be_directory } - end - - describe service(test_settings['service_name_a']) do - it { should_not be_enabled } - it { should_not be_running } - end - - end - - describe "Single data dir from instance config" do - - it 'should run successfully' do - pp = "class { 'elasticsearch': config => { 'cluster.name' => '#{test_settings['cluster_name']}'}, manage_repo => true, repo_version => '#{test_settings['repo_version']}', java_install => true } - elasticsearch::instance { 'es-01': config => { 'node.name' => 'elasticsearch001', 'http.port' => '#{test_settings['port_a']}'}, datadir => '#{test_settings['datadir_1']}' } - " - - # Run it twice and test for idempotency - apply_manifest(pp, :catch_failures => true) - expect(apply_manifest(pp, :catch_failures => true).exit_code).to be_zero - end - - - describe service(test_settings['service_name_a']) do - it { should be_enabled } - it { should be_running } - end - - describe package(test_settings['package_name']) do - it { should be_installed } - end - - describe file(test_settings['pid_file_a']) do - it { should be_file } - its(:content) { should match /[0-9]+/ } - end - - describe "Elasticsearch serves requests on" do - it { - curl_with_retries("check ES on #{test_settings['port_a']}", default, "http://localhost:#{test_settings['port_a']}/?pretty=true", 0) - } - end - - describe file('/etc/elasticsearch/es-01/elasticsearch.yml') do - it { should be_file } - it { should contain "#{test_settings['datadir_1']}" } - end - - describe "Elasticsearch config has the data path" do - it { - curl_with_retries("check data path on #{test_settings['port_a']}", default, "http://localhost:#{test_settings['port_a']}/_nodes?pretty=true | grep #{test_settings['datadir_1']}", 0) - } - end - - describe file(test_settings['datadir_1']) do - it { should be_directory } - end - - end - - describe "module removal" do - - it 'should run successfully' do - pp = "class { 'elasticsearch': ensure => 'absent' } - elasticsearch::instance{ 'es-01': ensure => 'absent' } - " - - apply_manifest(pp, :catch_failures => true) - end - - describe file('/etc/elasticsearch/es-01') do - it { should_not be_directory } - end - - describe service(test_settings['service_name_a']) do - it { should_not be_enabled } - it { should_not be_running } - end - - end - - describe "multiple data dir's from main class" do - - it 'should run successfully' do - pp = "class { 'elasticsearch': config => { 'cluster.name' => '#{test_settings['cluster_name']}'}, manage_repo => true, repo_version => '#{test_settings['repo_version']}', java_install => true, datadir => [ '/var/lib/elasticsearch/01', '/var/lib/elasticsearch/02'] } - elasticsearch::instance { 'es-01': config => { 'node.name' => 'elasticsearch001', 'http.port' => '#{test_settings['port_a']}' } } - " - - # Run it twice and test for idempotency - apply_manifest(pp, :catch_failures => true) - expect(apply_manifest(pp, :catch_failures => true).exit_code).to be_zero - end - - - describe service(test_settings['service_name_a']) do - it { should be_enabled } - it { should be_running } - end - - describe package(test_settings['package_name']) do - it { should be_installed } - end - - describe file(test_settings['pid_file_a']) do - it { should be_file } - its(:content) { should match /[0-9]+/ } - end - - describe "Elasticsearch serves requests on" do - it { - curl_with_retries("check ES on #{test_settings['port_a']}", default, "http://localhost:#{test_settings['port_a']}/?pretty=true", 0) - } - end - - describe file('/etc/elasticsearch/es-01/elasticsearch.yml') do - it { should be_file } - it { should contain '/var/lib/elasticsearch/01/es-01' } - it { should contain '/var/lib/elasticsearch/02/es-01' } - end - - describe "Elasticsearch config has the data path" do - it { - curl_with_retries("check data path on #{test_settings['port_a']}", default, "http://localhost:#{test_settings['port_a']}/_nodes?pretty=true | grep /var/lib/elasticsearch/01/es-01", 0) - } - it { - curl_with_retries("check data path on #{test_settings['port_a']}", default, "http://localhost:#{test_settings['port_a']}/_nodes?pretty=true | grep /var/lib/elasticsearch/02/es-01", 0) - } - - end - - describe file('/var/lib/elasticsearch/01/es-01') do - it { should be_directory } - end - - describe file('/var/lib/elasticsearch/02/es-01') do - it { should be_directory } - end - - end - - describe "module removal" do - - it 'should run successfully' do - pp = "class { 'elasticsearch': ensure => 'absent' } - elasticsearch::instance{ 'es-01': ensure => 'absent' } - " - - apply_manifest(pp, :catch_failures => true) - end - - describe file('/etc/elasticsearch/es-01') do - it { should_not be_directory } - end - - describe service(test_settings['service_name_a']) do - it { should_not be_enabled } - it { should_not be_running } - end - - end - - - describe "multiple data dir's from instance config" do - - it 'should run successfully' do - pp = "class { 'elasticsearch': config => { 'cluster.name' => '#{test_settings['cluster_name']}'}, manage_repo => true, repo_version => '#{test_settings['repo_version']}', java_install => true } - elasticsearch::instance { 'es-01': config => { 'node.name' => 'elasticsearch001', 'http.port' => '#{test_settings['port_a']}' }, datadir => [ '#{test_settings['datadir_1']}', '#{test_settings['datadir_2']}'] } - " - - # Run it twice and test for idempotency - apply_manifest(pp, :catch_failures => true) - expect(apply_manifest(pp, :catch_failures => true).exit_code).to be_zero - end - - - describe service(test_settings['service_name_a']) do - it { should be_enabled } - it { should be_running } - end - - describe package(test_settings['package_name']) do - it { should be_installed } - end - - describe file(test_settings['pid_file_a']) do - it { should be_file } - its(:content) { should match /[0-9]+/ } - end - - describe "Elasticsearch serves requests on" do - it { - curl_with_retries("check ES on #{test_settings['port_a']}", default, "http://localhost:#{test_settings['port_a']}/?pretty=true", 0) - } - end - - describe file('/etc/elasticsearch/es-01/elasticsearch.yml') do - it { should be_file } - it { should contain "#{test_settings['datadir_1']}" } - it { should contain "#{test_settings['datadir_2']}" } - end - - describe "Elasticsearch config has the data path" do - it { - curl_with_retries("check data path on #{test_settings['port_a']}", default, "http://localhost:#{test_settings['port_a']}/_nodes?pretty=true | grep #{test_settings['datadir_1']}", 0) - } - it { - curl_with_retries("check data path on #{test_settings['port_a']}", default, "http://localhost:#{test_settings['port_a']}/_nodes?pretty=true | grep #{test_settings['datadir_2']}", 0) - } - - end - - describe file(test_settings['datadir_1']) do - it { should be_directory } - end - - describe file(test_settings['datadir_2']) do - it { should be_directory } - end - - end - - describe "module removal" do - - it 'should run successfully' do - pp = "class { 'elasticsearch': ensure => 'absent' } - elasticsearch::instance{ 'es-01': ensure => 'absent' } - " - - apply_manifest(pp, :catch_failures => true) - end - - describe file('/etc/elasticsearch/es-01') do - it { should_not be_directory } - end - - describe service(test_settings['service_name_a']) do - it { should_not be_enabled } - it { should_not be_running } - end - - end - -end diff --git a/elasticsearch/spec/acceptance/010_pkg_url_spec.rb b/elasticsearch/spec/acceptance/010_pkg_url_spec.rb deleted file mode 100644 index 7275bd266..000000000 --- a/elasticsearch/spec/acceptance/010_pkg_url_spec.rb +++ /dev/null @@ -1,167 +0,0 @@ -require 'spec_helper_acceptance' - -describe "Elasticsearch class:" do - - shell("mkdir -p #{default['distmoduledir']}/another/files") - shell("cp #{test_settings['local']} #{default['distmoduledir']}/another/files/#{test_settings['puppet']}") - - context "install via http resource" do - - it 'should run successfully' do - pp = "class { 'elasticsearch': package_url => '#{test_settings['url']}', java_install => true, config => { 'node.name' => 'elasticsearch001', 'cluster.name' => '#{test_settings['cluster_name']}' } } - elasticsearch::instance{ 'es-01': } - " - - # Run it twice and test for idempotency - apply_manifest(pp, :catch_failures => true) - expect(apply_manifest(pp, :catch_failures => true).exit_code).to be_zero - - end - - describe package(test_settings['package_name']) do - it { should be_installed } - end - - describe file(test_settings['pid_file_a']) do - it { should be_file } - its(:content) { should match /[0-9]+/ } - end - - it 'make sure elasticsearch can serve requests' do - curl_with_retries('check ES', default, "http://localhost:#{test_settings['port_a']}/?pretty=true", 0) - end - - describe service(test_settings['service_name_a']) do - it { should be_enabled } - it { should be_running } - end - - end - - context "Clean" do - it 'should run successfully' do - pp = "class { 'elasticsearch': ensure => 'absent' } - elasticsearch::instance{ 'es-01': ensure => 'absent' } - " - - apply_manifest(pp, :catch_failures => true) - end - - describe package(test_settings['package_name']) do - it { should_not be_installed } - end - - describe service(test_settings['service_name_a']) do - it { should_not be_enabled } - it { should_not be_running } - end - - end - - context "Install via local file resource" do - - it 'should run successfully' do - pp = "class { 'elasticsearch': package_url => 'file:#{test_settings['local']}', java_install => true, config => { 'node.name' => 'elasticsearch001', 'cluster.name' => '#{test_settings['cluster_name']}' } } - elasticsearch::instance{ 'es-01': } - " - - # Run it twice and test for idempotency - apply_manifest(pp, :catch_failures => true) - expect(apply_manifest(pp, :catch_failures => true).exit_code).to be_zero - - end - - describe package(test_settings['package_name']) do - it { should be_installed } - end - - describe file(test_settings['pid_file_a']) do - it { should be_file } - its(:content) { should match /[0-9]+/ } - end - - it 'make sure elasticsearch can serve requests' do - curl_with_retries('check ES', default, "http://localhost:#{test_settings['port_a']}/?pretty=true", 0) - end - - describe service(test_settings['service_name_a']) do - it { should be_enabled } - it { should be_running } - end - - end - - context "Clean" do - it 'should run successfully' do - pp = "class { 'elasticsearch': ensure => 'absent' } - elasticsearch::instance{ 'es-01': ensure => 'absent' } - " - - apply_manifest(pp, :catch_failures => true) - end - - describe package(test_settings['package_name']) do - it { should_not be_installed } - end - - describe service(test_settings['service_name_a']) do - it { should_not be_enabled } - it { should_not be_running } - end - - end - - context "Install via Puppet resource" do - - it 'should run successfully' do - pp = "class { 'elasticsearch': package_url => 'puppet:///modules/another/#{test_settings['puppet']}', java_install => true, config => { 'node.name' => 'elasticsearch001', 'cluster.name' => '#{test_settings['cluster_name']}' } } - elasticsearch::instance { 'es-01': } - " - - # Run it twice and test for idempotency - apply_manifest(pp, :catch_failures => true) - expect(apply_manifest(pp, :catch_failures => true).exit_code).to be_zero - - end - - describe package(test_settings['package_name']) do - it { should be_installed } - end - - describe file(test_settings['pid_file_a']) do - it { should be_file } - its(:content) { should match /[0-9]+/ } - end - - it 'make sure elasticsearch can serve requests' do - curl_with_retries('check ES', default, "http://localhost:#{test_settings['port_a']}/?pretty=true", 0) - end - - describe service(test_settings['service_name_a']) do - it { should be_enabled } - it { should be_running } - end - - end - - context "Clean" do - it 'should run successfully' do - pp = "class { 'elasticsearch': ensure => 'absent' } - elasticsearch::instance{ 'es-01': ensure => 'absent' } - " - - apply_manifest(pp, :catch_failures => true) - end - - describe package(test_settings['package_name']) do - it { should_not be_installed } - end - - describe service(test_settings['service_name_a']) do - it { should_not be_enabled } - it { should_not be_running } - end - - end - -end diff --git a/elasticsearch/spec/acceptance/011_service_spec.rb b/elasticsearch/spec/acceptance/011_service_spec.rb deleted file mode 100644 index 07361c67a..000000000 --- a/elasticsearch/spec/acceptance/011_service_spec.rb +++ /dev/null @@ -1,77 +0,0 @@ -require 'spec_helper_acceptance' - -describe "Service tests:" do - - describe "Make sure we can manage the defaults file" do - - context "Change the defaults file" do - it 'should run successfully' do - pp = "class { 'elasticsearch': manage_repo => true, repo_version => '#{test_settings['repo_version']}', java_install => true, config => { 'cluster.name' => '#{test_settings['cluster_name']}' }, init_defaults => { 'ES_JAVA_OPTS' => '\"-server -XX:+UseTLAB -XX:+CMSClassUnloadingEnabled\"' } } - elasticsearch::instance { 'es-01': config => { 'node.name' => 'elasticsearch001' } } - " - - # Run it twice and test for idempotency - apply_manifest(pp, :catch_failures => true) - expect(apply_manifest(pp, :catch_failures => true).exit_code).to be_zero - end - - describe service(test_settings['service_name_a']) do - it { should be_enabled } - it { should be_running } - end - - describe package(test_settings['package_name']) do - it { should be_installed } - end - - describe file(test_settings['pid_file_a']) do - it { should be_file } - its(:content) { should match /[0-9]+/ } - end - - describe file('/etc/elasticsearch/es-01/elasticsearch.yml') do - it { should be_file } - it { should contain 'name: elasticsearch001' } - end - - describe 'make sure elasticsearch can serve requests' do - it { - curl_with_retries('check ES', default, "http://localhost:#{test_settings['port_a']}/?pretty=true", 0) - } - end - - context "Make sure we have ES_USER=root" do - - describe file(test_settings['defaults_file_a']) do - its(:content) { should match /^ES_JAVA_OPTS="-server -XX:\+UseTLAB -XX:\+CMSClassUnloadingEnabled"/ } - end - - end - - end - - end - - describe "module removal" do - - it 'should run successfully' do - pp = "class { 'elasticsearch': ensure => 'absent' } - elasticsearch::instance{ 'es-01': ensure => 'absent' } - " - - apply_manifest(pp, :catch_failures => true) - end - - describe file('/etc/elasticsearch/es-01') do - it { should_not be_directory } - end - - describe service(test_settings['service_name_a']) do - it { should_not be_enabled } - it { should_not be_running } - end - - end - - -end diff --git a/elasticsearch/spec/acceptance/012_instances_spec.rb b/elasticsearch/spec/acceptance/012_instances_spec.rb deleted file mode 100644 index ef7592a57..000000000 --- a/elasticsearch/spec/acceptance/012_instances_spec.rb +++ /dev/null @@ -1,197 +0,0 @@ -require 'spec_helper_acceptance' - -describe "elasticsearch class:" do - - describe "Setup single instance" do - - it 'should run successfully' do - pp = "class { 'elasticsearch': config => { 'cluster.name' => '#{test_settings['cluster_name']}'}, manage_repo => true, repo_version => '#{test_settings['repo_version']}', java_install => true } - elasticsearch::instance { 'es-01': config => { 'node.name' => 'elasticsearch001', 'http.port' => '#{test_settings['port_a']}' } } - " - - # Run it twice and test for idempotency - apply_manifest(pp, :catch_failures => true) - expect(apply_manifest(pp, :catch_failures => true).exit_code).to be_zero - end - - - describe service(test_settings['service_name_a']) do - it { should be_enabled } - it { should be_running } - end - - describe package(test_settings['package_name']) do - it { should be_installed } - end - - describe file(test_settings['pid_file_a']) do - it { should be_file } - its(:content) { should match /[0-9]+/ } - end - - describe "Elasticsearch serves requests on" do - it { - curl_with_retries("check ES on #{test_settings['port_a']}", default, "http://localhost:#{test_settings['port_a']}/?pretty=true", 0) - } - end - - describe file('/etc/elasticsearch/es-01/elasticsearch.yml') do - it { should be_file } - it { should contain 'name: elasticsearch001' } - end - - describe file('/usr/share/elasticsearch/templates_import') do - it { should be_directory } - end - - describe file('/usr/share/elasticsearch/scripts') do - it { should be_directory } - end - - describe file('/etc/elasticsearch/es-01/scripts') do - it { should be_symlink } - end - - end - - - describe "Setup second instance" do - - it 'should run successfully' do - pp = "class { 'elasticsearch': config => { 'cluster.name' => '#{test_settings['cluster_name']}'}, manage_repo => true, repo_version => '#{test_settings['repo_version']}', java_install => true } - elasticsearch::instance { 'es-01': config => { 'node.name' => 'elasticsearch001', 'http.port' => '#{test_settings['port_a']}' } } - elasticsearch::instance { 'es-02': config => { 'node.name' => 'elasticsearch002', 'http.port' => '#{test_settings['port_b']}' } } - " - - # Run it twice and test for idempotency - apply_manifest(pp, :catch_failures => true) - expect(apply_manifest(pp, :catch_failures => true).exit_code).to be_zero - end - - - describe service(test_settings['service_name_a']) do - it { should be_enabled } - it { should be_running } - end - - describe service(test_settings['service_name_b']) do - it { should be_enabled } - it { should be_running } - end - - describe package(test_settings['package_name']) do - it { should be_installed } - end - - describe file(test_settings['pid_file_a']) do - it { should be_file } - its(:content) { should match /[0-9]+/ } - end - - describe file(test_settings['pid_file_b']) do - it { should be_file } - its(:content) { should match /[0-9]+/ } - end - - describe "make sure elasticsearch can serve requests #{test_settings['port_a']}" do - it { - curl_with_retries("check ES on #{test_settings['port_a']}", default, "http://localhost:#{test_settings['port_a']}/?pretty=true", 0) - } - end - - describe "make sure elasticsearch can serve requests #{test_settings['port_b']}" do - it { - curl_with_retries("check ES on #{test_settings['port_b']}", default, "http://localhost:#{test_settings['port_b']}/?pretty=true", 0) - } - end - - describe file('/etc/elasticsearch/es-01/elasticsearch.yml') do - it { should be_file } - it { should contain 'name: elasticsearch001' } - end - - describe file('/etc/elasticsearch/es-02/elasticsearch.yml') do - it { should be_file } - it { should contain 'name: elasticsearch002' } - end - - describe file('/usr/share/elasticsearch/scripts') do - it { should be_directory } - end - - describe file('/etc/elasticsearch/es-01/scripts') do - it { should be_symlink } - end - - describe file('/etc/elasticsearch/es-02/scripts') do - it { should be_symlink } - end - - end - - - describe "Remove instance 1" do - - it 'should run successfully' do - pp = "class { 'elasticsearch': config => { 'cluster.name' => '#{test_settings['cluster_name']}'}, manage_repo => true, repo_version => '#{test_settings['repo_version']}', java_install => true } - elasticsearch::instance{ 'es-01': ensure => 'absent' } - elasticsearch::instance { 'es-02': config => { 'node.name' => 'elasticsearch002', 'http.port' => '#{test_settings['port_b']}' } } - " - - apply_manifest(pp, :catch_failures => true) - end - - describe file('/etc/elasticsearch/es-01') do - it { should_not be_directory } - end - - describe service(test_settings['service_name_a']) do - it { should_not be_enabled } - it { should_not be_running } - end - - describe service(test_settings['service_name_b']) do - it { should be_enabled } - it { should be_running } - end - - describe file(test_settings['pid_file_b']) do - it { should be_file } - its(:content) { should match /[0-9]+/ } - end - - describe "make sure elasticsearch can serve requests #{test_settings['port_b']}" do - it { - curl_with_retries("check ES on #{test_settings['port_b']}", default, "http://localhost:#{test_settings['port_b']}/?pretty=true", 0) - } - end - - describe file('/etc/elasticsearch/es-02/elasticsearch.yml') do - it { should be_file } - it { should contain 'name: elasticsearch002' } - end - - end - - describe "Cleanup" do - - it 'should run successfully' do - pp = "class { 'elasticsearch': ensure => 'absent' } - elasticsearch::instance{ 'es-02': ensure => 'absent' } - " - - apply_manifest(pp, :catch_failures => true) - end - - describe file('/etc/elasticsearch/es-02') do - it { should_not be_directory } - end - - describe service(test_settings['service_name_b']) do - it { should_not be_enabled } - it { should_not be_running } - end - - end - -end diff --git a/elasticsearch/spec/acceptance/013_config_spec.rb b/elasticsearch/spec/acceptance/013_config_spec.rb deleted file mode 100644 index d08454580..000000000 --- a/elasticsearch/spec/acceptance/013_config_spec.rb +++ /dev/null @@ -1,83 +0,0 @@ -require 'spec_helper_acceptance' - -describe "elasticsearch class:" do - - describe "Setup single instance" do - - it 'should run successfully' do - pp = "class { 'elasticsearch': config => { 'cluster.name' => 'foobar' }, manage_repo => true, repo_version => '#{test_settings['repo_version']}', java_install => true } - elasticsearch::instance { 'es-01': config => { 'node.name' => 'elasticsearch001', 'http.port' => '#{test_settings['port_a']}', 'node.master' => true, 'node.data' => false, 'index' => { 'routing' => { 'allocation' => { 'include' => 'tag1', 'exclude' => [ 'tag2', 'tag3' ] } } }, 'node' => { 'rack' => 46 }, 'boostrap.mlockall' => true, 'cluster.name' => '#{test_settings['cluster_name']}' } } - " - - # Run it twice and test for idempotency - apply_manifest(pp, :catch_failures => true) - expect(apply_manifest(pp, :catch_failures => true).exit_code).to be_zero - end - - - describe service(test_settings['service_name_a']) do - it { should be_enabled } - it { should be_running } - end - - describe package(test_settings['package_name']) do - it { should be_installed } - end - - describe file(test_settings['pid_file_a']) do - it { should be_file } - its(:content) { should match /[0-9]+/ } - end - - describe "Elasticsearch serves requests on" do - it { - curl_with_retries("check ES on #{test_settings['port_a']}", default, "http://localhost:#{test_settings['port_a']}/?pretty=true", 0) - } - end - - describe file('/etc/elasticsearch/es-01/elasticsearch.yml') do - it { should be_file } - it { should contain 'name: elasticsearch001' } - it { should contain 'master: true' } - it { should contain 'data: false' } - it { should contain "cluster:\n name: #{test_settings['cluster_name']}" } - it { should contain 'rack: 46' } - it { should contain "index: \n routing: \n allocation: \n exclude: \n - tag2\n - tag3\n include: tag1" } - end - - describe file('/usr/share/elasticsearch/templates_import') do - it { should be_directory } - end - - describe file('/usr/share/elasticsearch/scripts') do - it { should be_directory } - end - - describe file('/etc/elasticsearch/es-01/scripts') do - it { should be_symlink } - end - - end - - describe "Cleanup" do - - it 'should run successfully' do - pp = "class { 'elasticsearch': ensure => 'absent' } - elasticsearch::instance{ 'es-01': ensure => 'absent' } - " - - apply_manifest(pp, :catch_failures => true) - end - - describe file('/etc/elasticsearch/es-01') do - it { should_not be_directory } - end - - describe service(test_settings['service_name_a']) do - it { should_not be_enabled } - it { should_not be_running } - end - - end - -end diff --git a/elasticsearch/spec/acceptance/014_hiera_spec.rb b/elasticsearch/spec/acceptance/014_hiera_spec.rb deleted file mode 100644 index 8c30a50b8..000000000 --- a/elasticsearch/spec/acceptance/014_hiera_spec.rb +++ /dev/null @@ -1,181 +0,0 @@ -require 'spec_helper_acceptance' - -# Here we put the more basic fundamental tests, ultra obvious stuff. - -describe "Hiera tests" do - - describe "single instance" do - - it 'should run successfully' do - write_hiera_config(['singleinstance']) - pp = "class { 'elasticsearch': manage_repo => true, repo_version => '#{test_settings['repo_version']}', java_install => true }" - - # Run it twice and test for idempotency - apply_manifest(pp, :catch_failures => true) - expect(apply_manifest(pp, :catch_failures => true).exit_code).to be_zero - end - - describe service(test_settings['service_name_a']) do - it { should be_enabled } - it { should be_running } - end - - describe package(test_settings['package_name']) do - it { should be_installed } - end - - describe file(test_settings['pid_file_a']) do - it { should be_file } - its(:content) { should match /[0-9]+/ } - end - - describe "Elasticsearch serves requests on" do - it { - curl_with_retries("check ES on #{test_settings['port_a']}", default, "http://localhost:#{test_settings['port_a']}/?pretty=true", 0) - } - end - - describe file('/etc/elasticsearch/es-01/elasticsearch.yml') do - it { should be_file } - it { should contain 'name: es-01' } - end - - describe file('/usr/share/elasticsearch/templates_import') do - it { should be_directory } - end - - end - - describe "single instance with plugin" do - - it 'should run successfully' do - write_hiera_config(['singleplugin']) - pp = "class { 'elasticsearch': manage_repo => true, repo_version => '#{test_settings['repo_version']}', java_install => true }" - - # Run it twice and test for idempotency - apply_manifest(pp, :catch_failures => true) - expect(apply_manifest(pp, :catch_failures => true).exit_code).to be_zero - end - - describe service(test_settings['service_name_a']) do - it { should be_enabled } - it { should be_running } - end - - describe package(test_settings['package_name']) do - it { should be_installed } - end - - describe file(test_settings['pid_file_a']) do - it { should be_file } - its(:content) { should match /[0-9]+/ } - end - - describe "Elasticsearch serves requests on" do - it { - curl_with_retries("check ES on #{test_settings['port_a']}", default, "http://localhost:#{test_settings['port_a']}/?pretty=true", 0) - } - end - - describe file('/etc/elasticsearch/es-01/elasticsearch.yml') do - it { should be_file } - it { should contain 'name: es-01' } - end - - describe file('/usr/share/elasticsearch/templates_import') do - it { should be_directory } - end - - it 'make sure the directory exists' do - shell('ls /usr/share/elasticsearch/plugins/head/', {:acceptable_exit_codes => 0}) - end - - it 'make sure elasticsearch reports it as existing' do - curl_with_retries('validated plugin as installed', default, "http://localhost:#{test_settings['port_a']}/_nodes/?plugin | grep head", 0) - end - - end - - describe "multiple instances" do - - - it 'should run successfully' do - write_hiera_config(['multipleinstances']) - pp = "class { 'elasticsearch': manage_repo => true, repo_version => '#{test_settings['repo_version']}', java_install => true }" - - # Run it twice and test for idempotency - apply_manifest(pp, :catch_failures => true) - expect(apply_manifest(pp, :catch_failures => true).exit_code).to be_zero - end - - describe service(test_settings['service_name_a']) do - it { should be_enabled } - it { should be_running } - end - - describe service(test_settings['service_name_b']) do - it { should be_enabled } - it { should be_running } - end - - describe package(test_settings['package_name']) do - it { should be_installed } - end - - describe file(test_settings['pid_file_a']) do - it { should be_file } - its(:content) { should match /[0-9]+/ } - end - - describe file(test_settings['pid_file_b']) do - it { should be_file } - its(:content) { should match /[0-9]+/ } - end - - describe "make sure elasticsearch can serve requests #{test_settings['port_a']}" do - it { - curl_with_retries("check ES on #{test_settings['port_a']}", default, "http://localhost:#{test_settings['port_a']}/?pretty=true", 0) - } - end - - describe "make sure elasticsearch can serve requests #{test_settings['port_b']}" do - it { - curl_with_retries("check ES on #{test_settings['port_b']}", default, "http://localhost:#{test_settings['port_b']}/?pretty=true", 0) - } - end - - describe file('/etc/elasticsearch/es-01/elasticsearch.yml') do - it { should be_file } - it { should contain 'name: es-01' } - end - - describe file('/etc/elasticsearch/es-02/elasticsearch.yml') do - it { should be_file } - it { should contain 'name: es-02' } - end - - end - - - describe "Cleanup" do - - it 'should run successfully' do - pp = "class { 'elasticsearch': ensure => 'absent' } - " - - apply_manifest(pp, :catch_failures => true) - end - - describe file('/etc/elasticsearch/es-01') do - it { should_not be_directory } - end - - describe service(test_settings['service_name_a']) do - it { should_not be_enabled } - it { should_not be_running } - end - - end - - -end diff --git a/elasticsearch/spec/acceptance/015_staged_removal.rb b/elasticsearch/spec/acceptance/015_staged_removal.rb deleted file mode 100644 index 59d7fe92b..000000000 --- a/elasticsearch/spec/acceptance/015_staged_removal.rb +++ /dev/null @@ -1,69 +0,0 @@ -require 'spec_helper_acceptance' - -describe "elasticsearch class:" do - - describe "Setup" do - - it 'should run successfully' do - pp = "class { 'elasticsearch': config => { 'cluster.name' => '#{test_settings['cluster_name']}'}, manage_repo => true, repo_version => '#{test_settings['repo_version']}', java_install => true } - elasticsearch::instance { 'es-01': config => { 'node.name' => 'elasticsearch001', 'http.port' => '#{test_settings['port_a']}' } } - elasticsearch::instance { 'es-02': config => { 'node.name' => 'elasticsearch002', 'http.port' => '#{test_settings['port_b']}' } } - " - - # Run it twice and test for idempotency - apply_manifest(pp, :catch_failures => true) - expect(apply_manifest(pp, :catch_failures => true).exit_code).to be_zero - end - end - - describe "First removal of instance 1" do - - it 'should run successfully' do - pp = "class { 'elasticsearch': config => { 'cluster.name' => '#{test_settings['cluster_name']}'}, manage_repo => true, repo_version => '#{test_settings['repo_version']}', java_install => true } - elasticsearch::instance{ 'es-01': ensure => 'absent' } - elasticsearch::instance { 'es-02': config => { 'node.name' => 'elasticsearch002', 'http.port' => '#{test_settings['port_b']}' } } - " - - apply_manifest(pp, :catch_failures => true) - end - - end - - describe "Second removal of instance 1" do - - it 'should run successfully' do - pp = "class { 'elasticsearch': config => { 'cluster.name' => '#{test_settings['cluster_name']}'}, manage_repo => true, repo_version => '#{test_settings['repo_version']}', java_install => true } - elasticsearch::instance{ 'es-01': ensure => 'absent' } - elasticsearch::instance { 'es-02': config => { 'node.name' => 'elasticsearch002', 'http.port' => '#{test_settings['port_b']}' } } - " - - apply_manifest(pp, :catch_failures => true) - end - - end - - describe "First removal of the rest" do - - it 'should run successfully' do - pp = "class { 'elasticsearch': ensure => 'absent' } - elasticsearch::instance{ 'es-02': ensure => 'absent' } - " - - apply_manifest(pp, :catch_failures => true) - end - - end - - describe "Second removal of the rest" do - - it 'should run successfully' do - pp = "class { 'elasticsearch': ensure => 'absent' } - elasticsearch::instance{ 'es-02': ensure => 'absent' } - " - - apply_manifest(pp, :catch_failures => true) - end - - end - -end diff --git a/elasticsearch/spec/acceptance/016_package_pin_spec.rb b/elasticsearch/spec/acceptance/016_package_pin_spec.rb deleted file mode 100644 index 08526bd32..000000000 --- a/elasticsearch/spec/acceptance/016_package_pin_spec.rb +++ /dev/null @@ -1,107 +0,0 @@ -require 'spec_helper_acceptance' - -describe "Package pinning:" do - - if fact('osfamily') != 'Suse' - - describe "Pinning enabled" do - - describe "Setup" do - - it 'should run successful' do - write_hiera_config('') - pp = "class { 'elasticsearch': config => { 'cluster.name' => '#{test_settings['cluster_name']}'}, manage_repo => true, repo_version => '#{test_settings['repo_version']}', version => '#{test_settings['install_package_version']}', java_install => true } - elasticsearch::instance { 'es-01': config => { 'node.name' => 'elasticsearch001', 'http.port' => '#{test_settings['port_a']}' } } - " - # Run it twice and test for idempotency - apply_manifest(pp, :catch_failures => true) - expect(apply_manifest(pp, :catch_failures => true).exit_code).to be_zero - end - - describe package(test_settings['package_name']) do - it { should be_installed.with_version(test_settings['install_version']) } - end - - end # end setup - - describe "Run upgrade" do - it 'should run fine' do - case fact('osfamily') - when 'Debian' - shell('apt-get update && apt-get -y install elasticsearch') - when 'RedHat' - shell('yum -y update elasticsearch') - end - end - end - - describe "check installed package" do - - describe package(test_settings['package_name']) do - it { should be_installed.with_version(test_settings['install_version']) } - end - - end - - describe "Upgrade" do - - it 'should run successful' do - pp = "class { 'elasticsearch': config => { 'cluster.name' => '#{test_settings['cluster_name']}'}, manage_repo => true, repo_version => '#{test_settings['repo_version']}', version => '#{test_settings['upgrade_package_version']}', java_install => true } - elasticsearch::instance { 'es-01': config => { 'node.name' => 'elasticsearch001', 'http.port' => '#{test_settings['port_a']}' } } - " - # Run it twice and test for idempotency - apply_manifest(pp, :catch_failures => true) - expect(apply_manifest(pp, :catch_failures => true).exit_code).to be_zero - end - - describe package(test_settings['package_name']) do - it { should be_installed.with_version(test_settings['upgrade_version']) } - end - - end # end setup - - describe "Run upgrade" do - it 'should run fine' do - case fact('osfamily') - when 'Debian' - shell('apt-get update && apt-get -y install elasticsearch') - when 'RedHat' - shell('yum -y update elasticsearch') - end - end - end - - describe "check installed package" do - - describe package(test_settings['package_name']) do - it { should be_installed.with_version(test_settings['upgrade_version']) } - end - - end - - end - - describe "Cleanup" do - - it 'should run successfully' do - pp = "class { 'elasticsearch': ensure => 'absent' } - elasticsearch::instance{ 'es-01': ensure => 'absent' } - " - - apply_manifest(pp, :catch_failures => true) - end - - describe file('/etc/elasticsearch/es-01') do - it { should_not be_directory } - end - - describe service(test_settings['service_name_a']) do - it { should_not be_enabled } - it { should_not be_running } - end - - end - - end - -end diff --git a/elasticsearch/spec/acceptance/017_restart_on_change_spec.rb b/elasticsearch/spec/acceptance/017_restart_on_change_spec.rb deleted file mode 100644 index 88cf1ca6b..000000000 --- a/elasticsearch/spec/acceptance/017_restart_on_change_spec.rb +++ /dev/null @@ -1,144 +0,0 @@ -require 'spec_helper_acceptance' - -describe "elasticsearch class:" do - - describe "Setup" do - - it 'should run successfully' do - pp = "class { 'elasticsearch': config => { 'cluster.name' => '#{test_settings['cluster_name']}'}, manage_repo => true, repo_version => '#{test_settings['repo_version']}', java_install => true, restart_on_change => false } - elasticsearch::instance { 'es-01': config => { 'node.name' => 'elasticsearch001', 'http.port' => '#{test_settings['port_a']}' } } - elasticsearch::plugin{'lmenezes/elasticsearch-kopf': instances => 'es-01' } - " - - # Run it twice and test for idempotency - apply_manifest(pp, :catch_failures => true) - expect(apply_manifest(pp, :catch_failures => true).exit_code).to be_zero - end - - - describe service(test_settings['service_name_a']) do - it { should be_enabled } - it { should be_running } - end - - describe package(test_settings['package_name']) do - it { should be_installed } - end - - describe file(test_settings['pid_file_a']) do - it { should be_file } - its(:content) { should match /[0-9]+/ } - end - - describe "Elasticsearch serves requests on" do - it { - curl_with_retries("check ES on #{test_settings['port_a']}", default, "http://localhost:#{test_settings['port_a']}/?pretty=true", 0) - } - end - - describe "Returns correct node name" do - it { - curl_with_retries("check hostname on #{test_settings['port_a']}", default, "http://localhost:#{test_settings['port_a']}/?pretty=true | grep elasticsearch001", 0) - } - end - - describe file('/etc/elasticsearch/es-01/elasticsearch.yml') do - it { should be_file } - it { should contain 'name: elasticsearch001' } - end - - describe file('/usr/share/elasticsearch/templates_import') do - it { should be_directory } - end - - - end - - describe "Change config" do - - it 'should run successfully' do - pp = "class { 'elasticsearch': config => { 'cluster.name' => '#{test_settings['cluster_name']}'}, manage_repo => true, repo_version => '#{test_settings['repo_version']}', java_install => true, restart_on_change => false } - elasticsearch::instance { 'es-01': config => { 'node.name' => 'elasticsearch002', 'http.port' => '#{test_settings['port_a']}' } } - elasticsearch::plugin{'lmenezes/elasticsearch-kopf': instances => 'es-01' } - " - - # Run it twice and test for idempotency - apply_manifest(pp, :catch_failures => true) - expect(apply_manifest(pp, :catch_failures => true).exit_code).to be_zero - end - - - describe service(test_settings['service_name_a']) do - it { should be_enabled } - it { should be_running } - end - - describe package(test_settings['package_name']) do - it { should be_installed } - end - - describe file(test_settings['pid_file_a']) do - it { should be_file } - its(:content) { should match /[0-9]+/ } - end - - describe "Elasticsearch serves requests on" do - it { - curl_with_retries("check ES on #{test_settings['port_a']}", default, "http://localhost:#{test_settings['port_a']}/?pretty=true", 0) - } - end - - describe "Returns correct node name" do - it { - curl_with_retries("check hostname on #{test_settings['port_a']}", default, "http://localhost:#{test_settings['port_a']}/?pretty=true | grep elasticsearch001", 0) - } - end - - - describe file('/etc/elasticsearch/es-01/elasticsearch.yml') do - it { should be_file } - it { should contain 'name: elasticsearch002' } - end - - describe file('/usr/share/elasticsearch/templates_import') do - it { should be_directory } - end - - - end - - describe "module removal" do - - it 'should run successfully' do - pp = "class { 'elasticsearch': ensure => 'absent' } - elasticsearch::instance{ 'es-01': ensure => 'absent' } - " - - apply_manifest(pp, :catch_failures => true) - end - - describe file('/etc/elasticsearch/es-01') do - it { should_not be_directory } - end - - describe file('/etc/elasticsearch/es-02') do - it { should_not be_directory } - end - - describe file('/etc/elasticsearch/es-03') do - it { should_not be_directory } - end - - describe service(test_settings['service_name_a']) do - it { should_not be_enabled } - it { should_not be_running } - end - - describe service(test_settings['service_name_b']) do - it { should_not be_enabled } - it { should_not be_running } - end - - end - -end diff --git a/elasticsearch/spec/acceptance/020_usergroup_spec.rb b/elasticsearch/spec/acceptance/020_usergroup_spec.rb deleted file mode 100644 index 5e6922102..000000000 --- a/elasticsearch/spec/acceptance/020_usergroup_spec.rb +++ /dev/null @@ -1,92 +0,0 @@ -require 'spec_helper_acceptance' - -describe "elasticsearch class:" do - - describe "Run as a different user" do - - it 'should run successfully' do - - write_hiera_config('') - shell("rm -rf /usr/share/elasticsearch") - pp = "user { 'esuser': ensure => 'present', groups => ['esgroup', 'esuser'] } - group { 'esuser': ensure => 'present' } - group { 'esgroup': ensure => 'present' } - class { 'elasticsearch': config => { 'cluster.name' => '#{test_settings['cluster_name']}'}, manage_repo => true, repo_version => '#{test_settings['repo_version']}', java_install => true, elasticsearch_user => 'esuser', elasticsearch_group => 'esgroup' } - elasticsearch::instance { 'es-01': config => { 'node.name' => 'elasticsearch001', 'http.port' => '#{test_settings['port_a']}' } } - " - - # Run it twice and test for idempotency - apply_manifest(pp, :catch_failures => true) - expect(apply_manifest(pp, :catch_failures => true).exit_code).to be_zero - end - - - describe service(test_settings['service_name_a']) do - it { should be_enabled } - it { should be_running } - end - - describe package(test_settings['package_name']) do - it { should be_installed } - end - - describe file(test_settings['pid_file_a']) do - it { should be_file } - it { should be_owned_by 'esuser' } - its(:content) { should match /[0-9]+/ } - end - - describe "make sure elasticsearch can serve requests #{test_settings['port_a']}" do - it { - curl_with_retries("check ES on #{test_settings['port_a']}", default, "http://localhost:#{test_settings['port_a']}/?pretty=true", 0) - } - end - - describe file('/etc/elasticsearch/es-01/elasticsearch.yml') do - it { should be_file } - it { should be_owned_by 'esuser' } - it { should contain 'name: elasticsearch001' } - end - - describe file('/usr/share/elasticsearch') do - it { should be_directory } - it { should be_owned_by 'esuser' } - end - - describe file('/var/log/elasticsearch') do - it { should be_directory } - it { should be_owned_by 'esuser' } - end - - describe file('/etc/elasticsearch') do - it { should be_directory } - it { should be_owned_by 'esuser' } - end - - - end - - - describe "Cleanup" do - - it 'should run successfully' do - pp = "class { 'elasticsearch': ensure => 'absent' } - elasticsearch::instance{ 'es-01': ensure => 'absent' } -> - file { '/usr/share/elasticsearch': ensure => 'absent', force => true } - " - - apply_manifest(pp, :catch_failures => true) - end - - describe file('/etc/elasticsearch/es-01') do - it { should_not be_directory } - end - - describe service(test_settings['service_name_a']) do - it { should_not be_enabled } - it { should_not be_running } - end - - end - -end diff --git a/elasticsearch/spec/acceptance/021_es2x_spec.rb b/elasticsearch/spec/acceptance/021_es2x_spec.rb deleted file mode 100644 index 2a3bc26c4..000000000 --- a/elasticsearch/spec/acceptance/021_es2x_spec.rb +++ /dev/null @@ -1,355 +0,0 @@ -require 'spec_helper_acceptance' - -describe "elasticsearch 2x:" do - - shell("mkdir -p #{default['distmoduledir']}/another/files") - shell("cp /tmp/elasticsearch-kopf.zip #{default['distmoduledir']}/another/files/elasticsearch-kopf.zip") - - describe "Install a plugin from official repository" do - - it 'should run successfully' do - pp = "class { 'elasticsearch': config => { 'node.name' => 'elasticsearch001', 'cluster.name' => '#{test_settings['cluster_name']}' }, manage_repo => true, repo_version => '#{test_settings['repo_version2x']}', java_install => true, version => '2.0.0' } - elasticsearch::instance { 'es-01': config => { 'node.name' => 'elasticsearch001', 'http.port' => '#{test_settings['port_a']}' } } - elasticsearch::plugin{'lmenezes/elasticsearch-kopf': instances => 'es-01' } - " - - # Run it twice and test for idempotency - apply_manifest(pp, :catch_failures => true) - expect(apply_manifest(pp, :catch_failures => true).exit_code).to be_zero - end - - describe service(test_settings['service_name_a']) do - it { should be_enabled } - it { should be_running } - end - - describe package(test_settings['package_name']) do - it { should be_installed } - end - - describe file(test_settings['pid_file_a']) do - it { should be_file } - its(:content) { should match /[0-9]+/ } - end - - it 'make sure the directory exists' do - shell('ls /usr/share/elasticsearch/plugins/kopf/', {:acceptable_exit_codes => 0}) - end - - it 'make sure elasticsearch reports it as existing' do - curl_with_retries('validated plugin as installed', default, "http://localhost:#{test_settings['port_a']}/_nodes/?plugin | grep kopf", 0) - end - - end - describe "Install a plugin from custom git repo" do - it 'should run successfully' do - end - - it 'make sure the directory exists' do - end - - it 'make sure elasticsearch reports it as existing' do - end - - end - - if fact('puppetversion') =~ /3\.[2-9]\./ - - describe "Install a non existing plugin" do - - it 'should run successfully' do - pp = "class { 'elasticsearch': config => { 'node.name' => 'elasticearch001', 'cluster.name' => '#{test_settings['cluster_name']}' }, manage_repo => true, repo_version => '#{test_settings['repo_version2x']}', java_install => true, version => '2.0.0' } - elasticsearch::instance { 'es-01': config => { 'node.name' => 'elasticsearch001', 'http.port' => '#{test_settings['port_a']}' } } - elasticsearch::plugin{'elasticsearch/non-existing': module_dir => 'non-existing', instances => 'es-01' } - " - # Run it twice and test for idempotency - apply_manifest(pp, :expect_failures => true) - end - - end - - else - # The exit codes have changes since Puppet 3.2x - # Since beaker expectations are based on the most recent puppet code All runs on previous versions fails. - end - - describe "module removal" do - - it 'should run successfully' do - pp = "class { 'elasticsearch': ensure => 'absent' } - elasticsearch::instance{ 'es-01': ensure => 'absent' } - " - - apply_manifest(pp, :catch_failures => true) - end - - describe file('/etc/elasticsearch/es-01') do - it { should_not be_directory } - end - - describe package(test_settings['package_name']) do - it { should_not be_installed } - end - - describe service(test_settings['service_name_a']) do - it { should_not be_enabled } - it { should_not be_running } - end - - end - - - describe "install plugin while running ES under user 'elasticsearch'" do - - it 'should run successfully' do - pp = "class { 'elasticsearch': config => { 'node.name' => 'elasticsearch001', 'cluster.name' => '#{test_settings['cluster_name']}' }, manage_repo => true, repo_version => '#{test_settings['repo_version2x']}', java_install => true, elasticsearch_user => 'elasticsearch', elasticsearch_group => 'elasticsearch', version => '2.0.0' } - elasticsearch::instance { 'es-01': config => { 'node.name' => 'elasticsearch001', 'http.port' => '#{test_settings['port_a']}' } } - elasticsearch::plugin{'lmenezes/elasticsearch-kopf': module_dir => 'kopf', instances => 'es-01' } - " - - # Run it twice and test for idempotency - apply_manifest(pp, :catch_failures => true) - expect(apply_manifest(pp, :catch_failures => true).exit_code).to be_zero - end - - describe service(test_settings['service_name_a']) do - it { should be_enabled } - it { should be_running } - end - - describe package(test_settings['package_name']) do - it { should be_installed } - end - - describe file(test_settings['pid_file_a']) do - it { should be_file } - its(:content) { should match /[0-9]+/ } - end - - it 'make sure the directory exists' do - shell('ls /usr/share/elasticsearch/plugins/kopf/', {:acceptable_exit_codes => 0}) - end - - it 'make sure elasticsearch reports it as existing' do - curl_with_retries('validated plugin as installed', default, "http://localhost:#{test_settings['port_a']}/_nodes/?plugin | grep kopf", 0) - end - - end - - - describe "module removal" do - - it 'should run successfully' do - pp = "class { 'elasticsearch': ensure => 'absent' } - elasticsearch::instance{ 'es-01': ensure => 'absent' } - " - - apply_manifest(pp, :catch_failures => true) - end - - describe file('/etc/elasticsearch/es-01') do - it { should_not be_directory } - end - - describe package(test_settings['package_name']) do - it { should_not be_installed } - end - - describe service(test_settings['service_name_a']) do - it { should_not be_enabled } - it { should_not be_running } - end - - end - - describe 'upgrading', :upgrade => true do - - describe 'Setup 2.0.0' do - it 'should run successful' do - pp = "class { 'elasticsearch': config => { 'node.name' => 'elasticsearch001', 'cluster.name' => '#{test_settings['cluster_name']}' }, manage_repo => true, repo_version => '#{test_settings['repo_version2x']}', java_install => true, version => '2.0.0' } - elasticsearch::instance { 'es-01': config => { 'node.name' => 'elasticsearch001', 'http.port' => '#{test_settings['port_a']}' } } - elasticsearch::plugin{'cloud-aws': instances => 'es-01' } - elasticsearch::plugin{'marvel-agent': instances => 'es-01' } - elasticsearch::plugin{'license': instances => 'es-01' } - " - - # Run it twice and test for idempotency - apply_manifest(pp, :catch_failures => true) - expect(apply_manifest(pp, :catch_failures => true).exit_code).to be_zero - - end - - it 'make sure the directory exists' do - shell('ls /usr/share/elasticsearch/plugins/cloud-aws/', {:acceptable_exit_codes => 0}) - end - - it 'make sure elasticsearch reports it as existing' do - curl_with_retries('validated plugin as installed', default, "http://localhost:#{test_settings['port_a']}/_nodes/?plugin | grep cloud-aws | grep 2.0.0", 0) - end - - end - - describe "Upgrade to 2.0.1" do - it 'Should run succesful' do - pp = "class { 'elasticsearch': config => { 'node.name' => 'elasticsearch001', 'cluster.name' => '#{test_settings['cluster_name']}' }, manage_repo => true, repo_version => '#{test_settings['repo_version2x']}', java_install => true, version => '2.0.1' } - elasticsearch::instance { 'es-01': config => { 'node.name' => 'elasticsearch001', 'http.port' => '#{test_settings['port_a']}' } } - elasticsearch::plugin{'cloud-aws': instances => 'es-01' } - elasticsearch::plugin{'marvel-agent': instances => 'es-01' } - elasticsearch::plugin{'license': instances => 'es-01' } - " - - # Run it twice and test for idempotency - apply_manifest(pp, :catch_failures => true) - expect(apply_manifest(pp, :catch_failures => true).exit_code).to be_zero - - end - - it 'make sure the directory exists' do - shell('ls /usr/share/elasticsearch/plugins/cloud-aws/', {:acceptable_exit_codes => 0}) - end - - it 'make sure elasticsearch reports it as existing' do - curl_with_retries('validated plugin as installed', default, "http://localhost:#{test_settings['port_a']}/_nodes/?plugin | grep cloud-aws | grep 2.0.1", 0) - end - end - - end - - describe "offline install via puppet resource" do - it 'Should run succesful' do - pp = "class { 'elasticsearch': config => { 'node.name' => 'elasticsearch001', 'cluster.name' => '#{test_settings['cluster_name']}' }, manage_repo => true, repo_version => '#{test_settings['repo_version2x']}', java_install => true } - elasticsearch::instance { 'es-01': config => { 'node.name' => 'elasticsearch001', 'http.port' => '#{test_settings['port_a']}' } } - elasticsearch::plugin{'kopf': source => 'puppet:///modules/another/elasticsearch-kopf.zip', instances => 'es-01' } - " - - # Run it twice and test for idempotency - apply_manifest(pp, :catch_failures => true) - expect(apply_manifest(pp, :catch_failures => true).exit_code).to be_zero - - end - - it 'make sure elasticsearch reports it as existing' do - curl_with_retries('validated plugin as installed', default, "http://localhost:#{test_settings['port_a']}/_nodes/?plugin | grep kopf", 0) - end - - end - - describe "module removal" do - - it 'should run successfully' do - pp = "class { 'elasticsearch': ensure => 'absent' } - elasticsearch::instance{ 'es-01': ensure => 'absent' } - file { '/usr/share/elasticsearch/plugin': - ensure => 'absent', - force => true, - recurse => true, - } - " - - apply_manifest(pp, :catch_failures => true) - end - - describe file('/etc/elasticsearch/es-01') do - it { should_not be_directory } - end - - describe package(test_settings['package_name']) do - it { should_not be_installed } - end - - describe service(test_settings['service_name_a']) do - it { should_not be_enabled } - it { should_not be_running } - end - - end - - describe "offline install via file url" do - it 'Should run succesful' do - pp = "class { 'elasticsearch': config => { 'node.name' => 'elasticsearch001', 'cluster.name' => '#{test_settings['cluster_name']}' }, manage_repo => true, repo_version => '#{test_settings['repo_version2x']}', java_install => true } - elasticsearch::instance { 'es-01': config => { 'node.name' => 'elasticsearch001', 'http.port' => '#{test_settings['port_a']}' } } - elasticsearch::plugin{'kopf': url => 'file:///tmp/elasticsearch-kopf.zip', instances => 'es-01' } - " - - # Run it twice and test for idempotency - apply_manifest(pp, :catch_failures => true) - expect(apply_manifest(pp, :catch_failures => true).exit_code).to be_zero - - end - - it 'make sure elasticsearch reports it as existing' do - curl_with_retries('validated plugin as installed', default, "http://localhost:#{test_settings['port_a']}/_nodes/?plugin | grep kopf", 0) - end - - end - - describe "module removal" do - - it 'should run successfully' do - pp = "class { 'elasticsearch': ensure => 'absent' } - elasticsearch::instance{ 'es-01': ensure => 'absent' } - " - - apply_manifest(pp, :catch_failures => true) - end - - describe file('/etc/elasticsearch/es-01') do - it { should_not be_directory } - end - - describe package(test_settings['package_name']) do - it { should_not be_installed } - end - - describe service(test_settings['service_name_a']) do - it { should_not be_enabled } - it { should_not be_running } - end - - end - - describe "install via url" do - it 'Should run succesful' do - pp = "class { 'elasticsearch': config => { 'node.name' => 'elasticsearch001', 'cluster.name' => '#{test_settings['cluster_name']}' }, manage_repo => true, repo_version => '#{test_settings['repo_version2x']}', java_install => true } - elasticsearch::instance { 'es-01': config => { 'node.name' => 'elasticsearch001', 'http.port' => '#{test_settings['port_a']}' } } - elasticsearch::plugin{'HQ': url => 'https://github.com/royrusso/elasticsearch-HQ/archive/v2.0.3.zip', instances => 'es-01' } - " - - # Run it twice and test for idempotency - apply_manifest(pp, :catch_failures => true) - expect(apply_manifest(pp, :catch_failures => true).exit_code).to be_zero - - end - - it 'make sure elasticsearch reports it as existing' do - curl_with_retries('validated plugin as installed', default, "http://localhost:#{test_settings['port_a']}/_nodes/?plugin | grep hq", 0) - end - - end - - describe "module removal" do - - it 'should run successfully' do - pp = "class { 'elasticsearch': ensure => 'absent' } - elasticsearch::instance{ 'es-01': ensure => 'absent' } - " - - apply_manifest(pp, :catch_failures => true) - end - - describe file('/etc/elasticsearch/es-01') do - it { should_not be_directory } - end - - describe package(test_settings['package_name']) do - it { should_not be_installed } - end - - describe service(test_settings['service_name_a']) do - it { should_not be_enabled } - it { should_not be_running } - end - - end - -end diff --git a/elasticsearch/spec/acceptance/022_upgrade_spec.rb b/elasticsearch/spec/acceptance/022_upgrade_spec.rb deleted file mode 100644 index 80d4f8ea0..000000000 --- a/elasticsearch/spec/acceptance/022_upgrade_spec.rb +++ /dev/null @@ -1,48 +0,0 @@ -require 'spec_helper_acceptance' - -describe "elasticsearch 2x:" do - - shell("mkdir -p #{default['distmoduledir']}/another/files") - shell("cp /tmp/elasticsearch-kopf.zip #{default['distmoduledir']}/another/files/elasticsearch-kopf.zip") - - describe 'upgrading', :upgrade => true do - - describe 'Setup 2.0.0' do - it 'should run successful' do - pp = "class { 'elasticsearch': config => { 'node.name' => 'elasticsearch001', 'cluster.name' => '#{test_settings['cluster_name']}' }, manage_repo => true, repo_version => '#{test_settings['repo_version2x']}', java_install => true, version => '2.0.0' } - elasticsearch::instance { 'es-01': config => { 'node.name' => 'elasticsearch001', 'http.port' => '#{test_settings['port_a']}' } } - " - - # Run it twice and test for idempotency - apply_manifest(pp, :catch_failures => true) - expect(apply_manifest(pp, :catch_failures => true).exit_code).to be_zero - - end - - it 'make sure elasticsearch runs with the correct version' do - curl_with_retries('Correct version', default, "http://localhost:#{test_settings['port_a']}/ | grep 2.0.0", 0) - end - - - end - - describe "Upgrade to 2.0.1" do - it 'Should run succesful' do - pp = "class { 'elasticsearch': config => { 'node.name' => 'elasticsearch001', 'cluster.name' => '#{test_settings['cluster_name']}' }, manage_repo => true, repo_version => '#{test_settings['repo_version2x']}', java_install => true, version => '2.0.1' } - elasticsearch::instance { 'es-01': config => { 'node.name' => 'elasticsearch001', 'http.port' => '#{test_settings['port_a']}' } } - " - - # Run it twice and test for idempotency - apply_manifest(pp, :catch_failures => true) - expect(apply_manifest(pp, :catch_failures => true).exit_code).to be_zero - - end - - it 'make sure elasticsearch runs with the correct version' do - curl_with_retries('correct version', default, "http://localhost:#{test_settings['port_a']}/ | grep 2.0.1", 0) - end - end - - end - -end diff --git a/elasticsearch/spec/acceptance/integration001.rb b/elasticsearch/spec/acceptance/integration001.rb deleted file mode 100644 index 7c347f116..000000000 --- a/elasticsearch/spec/acceptance/integration001.rb +++ /dev/null @@ -1,153 +0,0 @@ -require 'spec_helper_acceptance' - -describe "Integration testing" do - - shell("mkdir -p #{default['distmoduledir']}/another/files") - shell("echo '#{test_settings['good_json']}' >> #{default['distmoduledir']}/another/files/good.json") - shell("echo '#{test_settings['bad_json']}' >> #{default['distmoduledir']}/another/files/bad.json") - - - describe "Setup Elasticsearch", :main => true do - - it 'should run successfully' do - pp = "class { 'elasticsearch': config => { 'cluster.name' => '#{test_settings['cluster_name']}'}, java_install => true, package_url => '#{test_settings['snapshot_package']}' } - elasticsearch::instance { 'es-01': config => { 'node.name' => 'elasticsearch001', 'http.port' => '#{test_settings['port_a']}' } } - " - - # Run it twice and test for idempotency - apply_manifest(pp, :catch_failures => true) - expect(apply_manifest(pp, :catch_failures => true).exit_code).to be_zero - end - - - describe service(test_settings['service_name_a']) do - it { should be_enabled } - it { should be_running } - end - - describe package(test_settings['package_name']) do - it { should be_installed } - end - - describe file(test_settings['pid_file_a']) do - it { should be_file } - its(:content) { should match /[0-9]+/ } - end - - describe "Elasticsearch serves requests on" do - it { - curl_with_retries("check ES on #{test_settings['port_a']}", default, "http://localhost:#{test_settings['port_a']}/?pretty=true", 0) - } - end - - describe file('/etc/elasticsearch/es-01/elasticsearch.yml') do - it { should be_file } - it { should contain 'name: elasticsearch001' } - end - - describe file('/usr/share/elasticsearch/templates_import') do - it { should be_directory } - end - - end - - describe "Template tests", :template => true do - - describe "Insert a template with valid json content" do - - it 'should run successfully' do - pp = "class { 'elasticsearch': config => { 'cluster.name' => '#{test_settings['cluster_name']}'}, java_install => true, package_url => '#{test_settings['snapshot_package']}' } - elasticsearch::instance { 'es-01': config => { 'node.name' => 'elasticsearch001', 'http.port' => '#{test_settings['port_a']}' } } - elasticsearch::template { 'foo': ensure => 'present', file => 'puppet:///modules/another/good.json' }" - - # Run it twice and test for idempotency - apply_manifest(pp, :catch_failures => true) - expect(apply_manifest(pp, :catch_failures => true).exit_code).to be_zero - end - - it 'should report as existing in Elasticsearch' do - curl_with_retries('validate template as installed', default, "http://localhost:#{test_settings['port_a']}/_template/foo | grep logstash", 0) - end - end - - if fact('puppetversion') =~ /3\.[2-9]\./ - describe "Insert a template with bad json content" do - - it 'run should fail' do - pp = "class { 'elasticsearch': config => { 'cluster.name' => '#{test_settings['cluster_name']}'}, java_install => true, package_url => '#{test_settings['snapshot_package']}' } - elasticsearch::instance { 'es-01': config => { 'node.name' => 'elasticsearch001', 'http.port' => '#{test_settings['port_a']}' } } - elasticsearch::template { 'foo': ensure => 'present', file => 'puppet:///modules/another/bad.json' }" - - apply_manifest(pp, :expect_failures => true) - end - - end - - else - # The exit codes have changes since Puppet 3.2x - # Since beaker expectations are based on the most recent puppet code All runs on previous versions fails. - end - - end - - describe "Plugin tests", :plugin => true do - - describe "Install a plugin from official repository" do - - it 'should run successfully' do - pp = "class { 'elasticsearch': config => { 'cluster.name' => '#{test_settings['cluster_name']}'}, java_install => true, package_url => '#{test_settings['snapshot_package']}' } - elasticsearch::instance { 'es-01': config => { 'node.name' => 'elasticsearch001', 'http.port' => '#{test_settings['port_a']}' } } - elasticsearch::plugin { 'lmenezes/elasticsearch-kopf': instances => 'es-01' } - " - - # Run it twice and test for idempotency - apply_manifest(pp, :catch_failures => true) - expect(apply_manifest(pp, :catch_failures => true).exit_code).to be_zero - end - - describe service(test_settings['service_name_a']) do - it { should be_enabled } - it { should be_running } - end - - describe package(test_settings['package_name']) do - it { should be_installed } - end - - describe file(test_settings['pid_file_a']) do - it { should be_file } - its(:content) { should match /[0-9]+/ } - end - - it 'make sure the directory exists' do - shell('ls /usr/share/elasticsearch/plugins/kopf/', {:acceptable_exit_codes => 0}) - end - - it 'make sure elasticsearch reports it as existing' do - curl_with_retries('validated plugin as installed', default, "http://localhost:#{test_settings['port_a']}/_nodes/?plugin | grep kopf", 0) - end - - end - - if fact('puppetversion') =~ /3\.[2-9]\./ - - describe "Install a non existing plugin" do - - it 'should run successfully' do - pp = "class { 'elasticsearch': config => { 'cluster.name' => '#{test_settings['cluster_name']}'}, java_install => true, package_url => '#{test_settings['snapshot_package']}' } - elasticsearch::instance { 'es-01': config => { 'node.name' => 'elasticsearch001', 'http.port' => '#{test_settings['port_a']}' } } - elasticsearch::plugin{'elasticsearch/non-existing': module_dir => 'non-existing', instances => 'es-01' } - " - apply_manifest(pp, :expect_failures => true) - end - - end - - else - # The exit codes have changes since Puppet 3.2x - # Since beaker expectations are based on the most recent puppet code All runs on previous versions fails. - end - - end - -end diff --git a/elasticsearch/spec/acceptance/nodesets/centos-6-x64.yml b/elasticsearch/spec/acceptance/nodesets/centos-6-x64.yml deleted file mode 100644 index dfa73bf81..000000000 --- a/elasticsearch/spec/acceptance/nodesets/centos-6-x64.yml +++ /dev/null @@ -1,16 +0,0 @@ -HOSTS: - centos-6-x64: - roles: - - master - - database - - dashboard - platform: el-6-x86_64 - image: electrical/centos:6.4 - hypervisor: docker - docker_cmd: '["/sbin/init"]' - docker_image_commands: - - 'yum install -y wget ntpdate rubygems ruby-augeas ruby-devel augeas-devel' - - 'touch /etc/sysconfig/network' - docker_preserve_image: true -CONFIG: - type: foss diff --git a/elasticsearch/spec/acceptance/nodesets/centos-7-x64.yml b/elasticsearch/spec/acceptance/nodesets/centos-7-x64.yml deleted file mode 100644 index e1ad5c8a4..000000000 --- a/elasticsearch/spec/acceptance/nodesets/centos-7-x64.yml +++ /dev/null @@ -1,15 +0,0 @@ -HOSTS: - centos-7-x64: - roles: - - master - - database - - dashboard - platform: el-7-x86_64 - image: electrical/centos:7 - hypervisor: docker - docker_cmd: '["/usr/sbin/init"]' - docker_image_commands: - - 'yum install -y wget ntpdate rubygems ruby-devel augeas-devel ruby-augeas tar' - docker_preserve_image: true -CONFIG: - type: foss diff --git a/elasticsearch/spec/acceptance/nodesets/debian-6-x64.yml b/elasticsearch/spec/acceptance/nodesets/debian-6-x64.yml deleted file mode 100644 index e75328e69..000000000 --- a/elasticsearch/spec/acceptance/nodesets/debian-6-x64.yml +++ /dev/null @@ -1,16 +0,0 @@ -HOSTS: - debian-6: - roles: - - master - - database - - dashboard - platform: debian-6-amd64 - image: electrical/debian:6.0.8 - hypervisor: docker - docker_cmd: '["/sbin/init"]' - docker_image_commands: - - 'apt-get install -yq lsb-release wget net-tools ruby rubygems ruby1.8-dev libaugeas-dev libaugeas-ruby ntpdate locales-all' - - 'REALLY_GEM_UPDATE_SYSTEM=1 gem update --system --no-ri --no-rdoc' - docker_preserve_image: true -CONFIG: - type: foss diff --git a/elasticsearch/spec/acceptance/nodesets/debian-7-x64.yml b/elasticsearch/spec/acceptance/nodesets/debian-7-x64.yml deleted file mode 100644 index 0b239116a..000000000 --- a/elasticsearch/spec/acceptance/nodesets/debian-7-x64.yml +++ /dev/null @@ -1,16 +0,0 @@ -HOSTS: - debian-7: - roles: - - master - - database - - dashboard - platform: debian-7-amd64 - image: electrical/debian:7.3 - hypervisor: docker - docker_cmd: '["/sbin/init"]' - docker_image_commands: - - 'apt-get install -yq lsb-release wget net-tools ruby rubygems ruby1.8-dev libaugeas-dev libaugeas-ruby ntpdate locales-all' - - 'REALLY_GEM_UPDATE_SYSTEM=1 gem update --system --no-ri --no-rdoc' - docker_preserve_image: true -CONFIG: - type: foss diff --git a/elasticsearch/spec/acceptance/nodesets/debian-8-x64.yml b/elasticsearch/spec/acceptance/nodesets/debian-8-x64.yml deleted file mode 100644 index acc224c8b..000000000 --- a/elasticsearch/spec/acceptance/nodesets/debian-8-x64.yml +++ /dev/null @@ -1,16 +0,0 @@ -HOSTS: - debian-8: - roles: - - master - - database - - dashboard - platform: debian-8-amd64 - image: electrical/debian:8 - hypervisor: docker - docker_cmd: '["/sbin/init"]' - docker_image_commands: - - 'apt-get install -yq ruby ruby-dev lsb-release wget net-tools libaugeas-dev libaugeas-ruby ntpdate locales-all' - - 'REALLY_GEM_UPDATE_SYSTEM=1 gem update --system --no-ri --no-rdoc' - docker_preserve_image: true -CONFIG: - type: foss diff --git a/elasticsearch/spec/acceptance/nodesets/opensuse-121-x64.yml b/elasticsearch/spec/acceptance/nodesets/opensuse-121-x64.yml deleted file mode 100644 index 9c5b49ce6..000000000 --- a/elasticsearch/spec/acceptance/nodesets/opensuse-121-x64.yml +++ /dev/null @@ -1,12 +0,0 @@ -HOSTS: - opensuse-121-x64: - roles: - - master - - database - - dashboard - platform: sles-12-x64 - box: opensuse-121-x64 - box_url: https://s3.amazonaws.com/circlejtp/OpenSuseVagrant/OpenSuse12_1x64_July14.box - hypervisor: vagrant -CONFIG: - type: foss diff --git a/elasticsearch/spec/acceptance/nodesets/opensuse-131-x64.yml b/elasticsearch/spec/acceptance/nodesets/opensuse-131-x64.yml deleted file mode 100644 index 442c652de..000000000 --- a/elasticsearch/spec/acceptance/nodesets/opensuse-131-x64.yml +++ /dev/null @@ -1,12 +0,0 @@ -HOSTS: - opensuse-131-x64: - roles: - - master - - database - - dashboard - platform: sles-13-x64 - box: opensuse-13.1-test - box_url: https://s3-eu-west-1.amazonaws.com/users.eu.elasticsearch.org/electrical/opensuse-131.box - hypervisor: vagrant -CONFIG: - type: foss diff --git a/elasticsearch/spec/acceptance/nodesets/sles-11sp3-x64.yml b/elasticsearch/spec/acceptance/nodesets/sles-11sp3-x64.yml deleted file mode 100644 index afdfe561e..000000000 --- a/elasticsearch/spec/acceptance/nodesets/sles-11sp3-x64.yml +++ /dev/null @@ -1,12 +0,0 @@ -HOSTS: - sles-11-x64: - roles: - - master - - database - - dashboard - platform: sles-11-x86_64 - box: sles-11sp3-x64 - box_url: https://s3-eu-west-1.amazonaws.com/users.eu.elasticsearch.org/electrical/sles-11sp3-x64.box - hypervisor: vagrant -CONFIG: - type: foss diff --git a/elasticsearch/spec/acceptance/nodesets/ubuntu-server-1204-x64.yml b/elasticsearch/spec/acceptance/nodesets/ubuntu-server-1204-x64.yml deleted file mode 100644 index 31c57775b..000000000 --- a/elasticsearch/spec/acceptance/nodesets/ubuntu-server-1204-x64.yml +++ /dev/null @@ -1,15 +0,0 @@ -HOSTS: - ubuntu-12-04: - roles: - - master - - database - - dashboard - platform: ubuntu-12.04-amd64 - image: electrical/ubuntu:12.04 - hypervisor: docker - docker_cmd: '["/sbin/init"]' - docker_image_commands: - - 'apt-get install -yq ruby1.8-dev libaugeas-dev libaugeas-ruby ruby rubygems lsb-release wget net-tools curl' - docker_preserve_image: true -CONFIG: - type: foss diff --git a/elasticsearch/spec/acceptance/nodesets/ubuntu-server-1210-x64.yml b/elasticsearch/spec/acceptance/nodesets/ubuntu-server-1210-x64.yml deleted file mode 100644 index b4023992c..000000000 --- a/elasticsearch/spec/acceptance/nodesets/ubuntu-server-1210-x64.yml +++ /dev/null @@ -1,15 +0,0 @@ -HOSTS: - ubuntu-12-10: - roles: - - master - - database - - dashboard - platform: ubuntu-12.10-amd64 - image: electrical/ubuntu:12.10 - hypervisor: docker - docker_cmd: '["/sbin/init"]' - docker_image_commands: - - 'apt-get install -yq ruby1.8-dev libaugeas-dev libaugeas-ruby ruby rubygems lsb-release wget net-tools curl' - docker_preserve_image: true -CONFIG: - type: foss diff --git a/elasticsearch/spec/acceptance/nodesets/ubuntu-server-1304-x64.yml b/elasticsearch/spec/acceptance/nodesets/ubuntu-server-1304-x64.yml deleted file mode 100644 index b0f805de6..000000000 --- a/elasticsearch/spec/acceptance/nodesets/ubuntu-server-1304-x64.yml +++ /dev/null @@ -1,15 +0,0 @@ -HOSTS: - ubuntu-13-04: - roles: - - master - - database - - dashboard - platform: ubuntu-13.04-amd64 - image: electrical/ubuntu:13.04 - hypervisor: docker - docker_cmd: '["/sbin/init"]' - docker_image_commands: - - 'apt-get install -yq ruby1.8-dev libaugeas-dev libaugeas-ruby ruby rubygems lsb-release wget net-tools curl' - docker_preserve_image: true -CONFIG: - type: foss diff --git a/elasticsearch/spec/acceptance/nodesets/ubuntu-server-1310-x64.yml b/elasticsearch/spec/acceptance/nodesets/ubuntu-server-1310-x64.yml deleted file mode 100644 index cf97145e4..000000000 --- a/elasticsearch/spec/acceptance/nodesets/ubuntu-server-1310-x64.yml +++ /dev/null @@ -1,15 +0,0 @@ -HOSTS: - ubuntu-13-10: - roles: - - master - - database - - dashboard - platform: ubuntu-13.10-amd64 - image: electrical/ubuntu:13.10 - hypervisor: docker - docker_cmd: '["/sbin/init"]' - docker_image_commands: - - 'apt-get install -yq ruby1.8-dev libaugeas-dev libaugeas-ruby ruby rubygems lsb-release wget net-tools curl' - docker_preserve_image: true -CONFIG: - type: foss diff --git a/elasticsearch/spec/acceptance/nodesets/ubuntu-server-1404-x64.yml b/elasticsearch/spec/acceptance/nodesets/ubuntu-server-1404-x64.yml deleted file mode 100644 index 4e9b7ec3d..000000000 --- a/elasticsearch/spec/acceptance/nodesets/ubuntu-server-1404-x64.yml +++ /dev/null @@ -1,15 +0,0 @@ -HOSTS: - ubuntu-14-04: - roles: - - master - - database - - dashboard - platform: ubuntu-14.04-amd64 - image: electrical/ubuntu:14.04 - hypervisor: docker - docker_cmd: '["/sbin/init"]' - docker_image_commands: - - 'apt-get install -yq ruby ruby1.9.1-dev libaugeas-dev libaugeas-ruby lsb-release wget net-tools curl' - docker_preserve_image: true -CONFIG: - type: foss diff --git a/elasticsearch/spec/acceptance/xplugins001.rb b/elasticsearch/spec/acceptance/xplugins001.rb deleted file mode 100644 index 8618101b3..000000000 --- a/elasticsearch/spec/acceptance/xplugins001.rb +++ /dev/null @@ -1,91 +0,0 @@ -require 'spec_helper_acceptance' - -describe "Integration testing" do - - describe "Setup Elasticsearch" do - - it 'should run successfully' do - pp = "class { 'elasticsearch': config => { 'cluster.name' => '#{test_settings['cluster_name']}'}, java_install => true, package_url => '#{test_settings['snapshot_package']}' } - elasticsearch::instance { 'es-01': config => { 'node.name' => 'elasticsearch001', 'http.port' => '#{test_settings['port_a']}' } } - " - - # Run it twice and test for idempotency - apply_manifest(pp, :catch_failures => true) - expect(apply_manifest(pp, :catch_failures => true).exit_code).to be_zero - end - - - describe service(test_settings['service_name_a']) do - it { should be_enabled } - it { should be_running } - end - - describe package(test_settings['package_name']) do - it { should be_installed } - end - - describe file(test_settings['pid_file_a']) do - it { should be_file } - its(:content) { should match /[0-9]+/ } - end - - describe "Elasticsearch serves requests on" do - it { - curl_with_retries("check ES on #{test_settings['port_a']}", default, "http://localhost:#{test_settings['port_a']}/?pretty=true", 0) - } - end - - describe file('/etc/elasticsearch/es-01/elasticsearch.yml') do - it { should be_file } - it { should contain 'name: elasticsearch001' } - end - - describe file('/usr/share/elasticsearch/templates_import') do - it { should be_directory } - end - - end - - describe "Plugin tests" do - - describe "Install a plugin from official repository" do - - it 'should run successfully' do - pp = "class { 'elasticsearch': config => { 'cluster.name' => '#{test_settings['cluster_name']}'}, java_install => true, package_url => '#{test_settings['snapshot_package']}' } - elasticsearch::instance { 'es-01': config => { 'node.name' => 'elasticsearch001', 'http.port' => '#{test_settings['port_a']}' } } - elasticsearch::plugin{'#{ENV['LICENSE_PLUGIN_NAME']}': instances => 'es-01', url => '#{ENV['LICENSE_PLUGIN_URL']}' } - elasticsearch::plugin{'#{ENV['PLUGIN_NAME']}': instances => 'es-01', url => '#{ENV['PLUGIN_URL']}' } - " - - # Run it twice and test for idempotency - apply_manifest(pp, :catch_failures => true) - expect(apply_manifest(pp, :catch_failures => true).exit_code).to be_zero - end - - describe service(test_settings['service_name_a']) do - it { should be_enabled } - it { should be_running } - end - - describe package(test_settings['package_name']) do - it { should be_installed } - end - - describe file(test_settings['pid_file_a']) do - it { should be_file } - its(:content) { should match /[0-9]+/ } - end - - it 'make sure the directory exists' do - shell("ls /usr/share/elasticsearch/plugins/#{ENV['PLUGIN_NAME']}", {:acceptable_exit_codes => 0}) - end - - it 'make sure elasticsearch reports it as existing' do - curl_with_retries('validated plugin as installed', default, "http://localhost:#{test_settings['port_a']}/_nodes/?plugin | grep #{ENV['PLUGIN_NAME']}", 0) - end - - end - - end - -end diff --git a/elasticsearch/spec/classes/000_elasticsearch_init_spec.rb b/elasticsearch/spec/classes/000_elasticsearch_init_spec.rb deleted file mode 100644 index 0daab3ea5..000000000 --- a/elasticsearch/spec/classes/000_elasticsearch_init_spec.rb +++ /dev/null @@ -1,306 +0,0 @@ -require 'spec_helper' - -describe 'elasticsearch', :type => 'class' do - - default_params = { - :config => { 'node.name' => 'foo' } - } - - on_supported_os.each do |os, facts| - - context "on #{os}" do - - case facts[:osfamily] - when 'Debian' - let(:defaults_path) { '/etc/default' } - let(:pkg_ext) { 'deb' } - let(:pkg_prov) { 'dpkg' } - let(:version_add) { '' } - if facts[:lsbmajdistrelease] >= '8' - test_pid = true - else - test_pid = false - end - when 'RedHat' - let(:defaults_path) { '/etc/sysconfig' } - let(:pkg_ext) { 'rpm' } - let(:pkg_prov) { 'rpm' } - let(:version_add) { '-1' } - if facts[:operatingsystemmajrelease] >= '7' - test_pid = true - else - test_pid = false - end - when 'Suse' - let(:defaults_path) { '/etc/sysconfig' } - let(:pkg_ext) { 'rpm' } - let(:pkg_prov) { 'rpm' } - let(:version_add) { '-1' } - end - - let(:facts) do - facts.merge({ 'scenario' => '', 'common' => '' }) - end - - let (:params) do - default_params.merge({ }) - end - - context 'main class tests' do - - # init.pp - it { should compile.with_all_deps } - it { should contain_class('elasticsearch') } - it { should contain_anchor('elasticsearch::begin') } - it { should contain_class('elasticsearch::params') } - it { should contain_class('elasticsearch::package').that_requires('Anchor[elasticsearch::begin]') } - it { should contain_class('elasticsearch::config').that_requires('Class[elasticsearch::package]') } - - # Base directories - it { should contain_file('/etc/elasticsearch') } - it { should contain_file('/usr/share/elasticsearch/templates_import') } - it { should contain_file('/usr/share/elasticsearch/scripts') } - it { should contain_file('/usr/share/elasticsearch') } - it { should contain_file('/usr/share/elasticsearch/lib') } - it { should contain_augeas("#{defaults_path}/elasticsearch") } - - it { should contain_exec('remove_plugin_dir') } - - # Base files - if test_pid == true - it { should contain_file('/usr/lib/tmpfiles.d/elasticsearch.conf') } - end - - # file removal from package - it { should contain_file('/etc/init.d/elasticsearch').with(:ensure => 'absent') } - it { should contain_file('/lib/systemd/system/elasticsearch.service').with(:ensure => 'absent') } - it { should contain_file('/etc/elasticsearch/elasticsearch.yml').with(:ensure => 'absent') } - it { should contain_file('/etc/elasticsearch/logging.yml').with(:ensure => 'absent') } - end - - context 'package installation' do - - context 'via repository' do - - context 'with default settings' do - - it { should contain_package('elasticsearch').with(:ensure => 'present') } - it { should_not contain_package('my-elasticsearch').with(:ensure => 'present') } - - end - - context 'with specified version' do - - let (:params) { - default_params.merge({ - :version => '1.0' - }) - } - - it { should contain_package('elasticsearch').with(:ensure => "1.0#{version_add}") } - end - - if facts[:osfamily] == 'RedHat' - context 'Handle special CentOS/RHEL package versioning' do - - let (:params) { - default_params.merge({ - :version => '1.1-2' - }) - } - - it { should contain_package('elasticsearch').with(:ensure => "1.1-2") } - end - end - - context 'with specified package name' do - - let (:params) { - default_params.merge({ - :package_name => 'my-elasticsearch' - }) - } - - it { should contain_package('my-elasticsearch').with(:ensure => 'present') } - it { should_not contain_package('elasticsearch').with(:ensure => 'present') } - end - - context 'with auto upgrade enabled' do - - let (:params) { - default_params.merge({ - :autoupgrade => true - }) - } - - it { should contain_package('elasticsearch').with(:ensure => 'latest') } - end - - end - - context 'when setting package version and package_url' do - - let (:params) { - default_params.merge({ - :version => '0.90.10', - :package_url => "puppet:///path/to/some/elasticsearch-0.90.10.#{pkg_ext}" - }) - } - - it { expect { should raise_error(Puppet::Error) } } - - end - - context 'via package_url setting' do - - context 'using puppet:/// schema' do - - let (:params) { - default_params.merge({ - :package_url => "puppet:///path/to/package.#{pkg_ext}" - }) - } - - it { should contain_file("/opt/elasticsearch/swdl/package.#{pkg_ext}").with(:source => "puppet:///path/to/package.#{pkg_ext}", :backup => false) } - it { should contain_package('elasticsearch').with(:ensure => 'present', :source => "/opt/elasticsearch/swdl/package.#{pkg_ext}", :provider => "#{pkg_prov}") } - end - - context 'using http:// schema' do - - let (:params) { - default_params.merge({ - :package_url => "http://www.domain.com/path/to/package.#{pkg_ext}" - }) - } - - it { should contain_exec('create_package_dir_elasticsearch').with(:command => 'mkdir -p /opt/elasticsearch/swdl') } - it { should contain_file('/opt/elasticsearch/swdl').with(:purge => false, :force => false, :require => "Exec[create_package_dir_elasticsearch]") } - it { should contain_exec('download_package_elasticsearch').with(:command => "wget --no-check-certificate -O /opt/elasticsearch/swdl/package.#{pkg_ext} http://www.domain.com/path/to/package.#{pkg_ext} 2> /dev/null", :require => 'File[/opt/elasticsearch/swdl]') } - it { should contain_package('elasticsearch').with(:ensure => 'present', :source => "/opt/elasticsearch/swdl/package.#{pkg_ext}", :provider => "#{pkg_prov}") } - end - - context 'using http:// schema with proxy_url' do - - let (:params) { - default_params.merge({ - :package_url => "http://www.domain.com/path/to/package.#{pkg_ext}", - :proxy_url => "http://proxy.example.com:12345/", - }) - } - it { should contain_exec('download_package_elasticsearch').with(:environment => ["use_proxy=yes","http_proxy=http://proxy.example.com:12345/","https_proxy=http://proxy.example.com:12345/",]) } - end - - context 'using https:// schema' do - - let (:params) { - default_params.merge({ - :package_url => "https://www.domain.com/path/to/package.#{pkg_ext}" - }) - } - - it { should contain_exec('create_package_dir_elasticsearch').with(:command => 'mkdir -p /opt/elasticsearch/swdl') } - it { should contain_file('/opt/elasticsearch/swdl').with(:purge => false, :force => false, :require => 'Exec[create_package_dir_elasticsearch]') } - it { should contain_exec('download_package_elasticsearch').with(:command => "wget --no-check-certificate -O /opt/elasticsearch/swdl/package.#{pkg_ext} https://www.domain.com/path/to/package.#{pkg_ext} 2> /dev/null", :require => 'File[/opt/elasticsearch/swdl]') } - it { should contain_package('elasticsearch').with(:ensure => 'present', :source => "/opt/elasticsearch/swdl/package.#{pkg_ext}", :provider => "#{pkg_prov}") } - end - - context 'using ftp:// schema' do - - let (:params) { - default_params.merge({ - :package_url => "ftp://www.domain.com/path/to/package.#{pkg_ext}" - }) - } - - it { should contain_exec('create_package_dir_elasticsearch').with(:command => 'mkdir -p /opt/elasticsearch/swdl') } - it { should contain_file('/opt/elasticsearch/swdl').with(:purge => false, :force => false, :require => 'Exec[create_package_dir_elasticsearch]') } - it { should contain_exec('download_package_elasticsearch').with(:command => "wget --no-check-certificate -O /opt/elasticsearch/swdl/package.#{pkg_ext} ftp://www.domain.com/path/to/package.#{pkg_ext} 2> /dev/null", :require => 'File[/opt/elasticsearch/swdl]') } - it { should contain_package('elasticsearch').with(:ensure => 'present', :source => "/opt/elasticsearch/swdl/package.#{pkg_ext}", :provider => "#{pkg_prov}") } - end - - context 'using file:// schema' do - - let (:params) { - default_params.merge({ - :package_url => "file:/path/to/package.#{pkg_ext}" - }) - } - - it { should contain_exec('create_package_dir_elasticsearch').with(:command => 'mkdir -p /opt/elasticsearch/swdl') } - it { should contain_file('/opt/elasticsearch/swdl').with(:purge => false, :force => false, :require => 'Exec[create_package_dir_elasticsearch]') } - it { should contain_file("/opt/elasticsearch/swdl/package.#{pkg_ext}").with(:source => "/path/to/package.#{pkg_ext}", :backup => false) } - it { should contain_package('elasticsearch').with(:ensure => 'present', :source => "/opt/elasticsearch/swdl/package.#{pkg_ext}", :provider => "#{pkg_prov}") } - end - - end - - end # package - - context 'when setting the module to absent' do - - let (:params) { - default_params.merge({ - :ensure => 'absent' - }) - } - - it { should contain_package('elasticsearch').with(:ensure => 'purged') } - it { should contain_file('/usr/share/elasticsearch/plugins').with(:ensure => 'absent') } - - end - - context 'When managing the repository' do - - let (:params) { - default_params.merge({ - :manage_repo => true, - :repo_version => '1.0' - }) - } - case facts[:osfamily] - when 'Debian' - it { should contain_class('elasticsearch::repo').that_requires('Anchor[elasticsearch::begin]') } - it { should contain_class('apt') } - it { should contain_apt__source('elasticsearch').with(:release => 'stable', :repos => 'main', :location => 'http://packages.elastic.co/elasticsearch/1.0/debian') } - when 'RedHat' - it { should contain_class('elasticsearch::repo').that_requires('Anchor[elasticsearch::begin]') } - it { should contain_yumrepo('elasticsearch').with(:baseurl => 'http://packages.elastic.co/elasticsearch/1.0/centos', :gpgkey => 'http://packages.elastic.co/GPG-KEY-elasticsearch', :enabled => 1) } - when 'SuSE' - it { should contain_class('elasticsearch::repo').that_requires('Anchor[elasticsearch::begin]') } - it { should contain_exec('elasticsearch_suse_import_gpg') } - it { should contain_zypprepo('elasticsearch').with(:baseurl => 'http://packages.elastic.co/elasticsearch/1.0/centos') } - end - - end - - context 'when not supplying a repo_version' do - let (:params) { - default_params.merge({ - :manage_repo => true, - }) - } - it { expect { should raise_error(Puppet::Error, 'Please fill in a repository version at $repo_version') } } - end - - context "Running a a different user" do - - let (:params) { - default_params.merge({ - :elasticsearch_user => 'myesuser', - :elasticsearch_group => 'myesgroup' - }) - } - - it { should contain_file('/etc/elasticsearch').with(:owner => 'myesuser', :group => 'myesgroup') } - it { should contain_file('/var/log/elasticsearch').with(:owner => 'myesuser') } - it { should contain_file('/usr/share/elasticsearch').with(:owner => 'myesuser', :group => 'myesgroup') } - # it { should contain_file('/usr/share/elasticsearch/plugins').with(:owner => 'myesuser', :group => 'myesgroup') } - it { should contain_file('/usr/share/elasticsearch/data').with(:owner => 'myesuser', :group => 'myesgroup') } - it { should contain_file('/var/run/elasticsearch').with(:owner => 'myesuser') } if facts[:osfamily] == 'RedHat' - end - - end - - end - -end diff --git a/elasticsearch/spec/classes/001_hiera_spec.rb b/elasticsearch/spec/classes/001_hiera_spec.rb deleted file mode 100644 index 02080f9ee..000000000 --- a/elasticsearch/spec/classes/001_hiera_spec.rb +++ /dev/null @@ -1,196 +0,0 @@ -require 'spec_helper' - -describe 'elasticsearch', :type => 'class' do - - default_params = { - :config => { 'node.name' => 'foo' } - } - - facts = { - :operatingsystem => 'CentOS', - :kernel => 'Linux', - :osfamily => 'RedHat', - :operatingsystemmajrelease => '6' - } - - let (:params) do - default_params.merge({ }) - end - - context "Hiera" do - - context 'when specifying instances to create' do - - context 'a single instance' do - - let (:facts) { - facts.merge({ - :scenario => 'singleinstance', - :common => '' - }) - } - - it { should contain_elasticsearch__instance('es-01').with(:config => { 'node.name' => 'es-01' }) } - it { should contain_elasticsearch__service('es-01') } - it { should contain_elasticsearch__service__init('es-01') } - it { should contain_service('elasticsearch-instance-es-01') } - it { should contain_augeas('defaults_es-01') } - it { should contain_file('/etc/elasticsearch/es-01').with(:ensure => 'directory') } - it { should contain_file('/etc/elasticsearch/es-01/elasticsearch.yml') } - it { should contain_file('/etc/elasticsearch/es-01/logging.yml') } - it { should contain_exec('mkdir_datadir_elasticsearch_es-01').with(:command => 'mkdir -p /usr/share/elasticsearch/data/es-01') } - it { should contain_file('/usr/share/elasticsearch/data/es-01') } - it { should contain_file('/etc/init.d/elasticsearch-es-01') } - it { should contain_file('/etc/elasticsearch/es-01/scripts').with(:target => '/usr/share/elasticsearch/scripts') } - it { should contain_datacat_fragment('main_config_es-01') } - it { should contain_datacat('/etc/elasticsearch/es-01/elasticsearch.yml') } - - end - - context 'multiple instances' do - - let (:facts) { - facts.merge({ - :scenario => 'multipleinstances', - :common => '' - }) - } - - it { should contain_elasticsearch__instance('es-01').with(:config => { 'node.name' => 'es-01' }) } - it { should contain_elasticsearch__service('es-01') } - it { should contain_elasticsearch__service__init('es-01') } - it { should contain_service('elasticsearch-instance-es-01') } - it { should contain_augeas('defaults_es-01') } - it { should contain_exec('mkdir_configdir_elasticsearch_es-01') } - it { should contain_file('/etc/elasticsearch/es-01').with(:ensure => 'directory') } - it { should contain_file('/etc/elasticsearch/es-01/elasticsearch.yml') } - it { should contain_file('/etc/elasticsearch/es-01/logging.yml') } - it { should contain_exec('mkdir_datadir_elasticsearch_es-01') } - it { should contain_file('/usr/share/elasticsearch/data/es-01') } - it { should contain_file('/var/log/elasticsearch/es-01') } - it { should contain_file('/etc/init.d/elasticsearch-es-01') } - it { should contain_file('/etc/elasticsearch/es-01/scripts').with(:target => '/usr/share/elasticsearch/scripts') } - it { should contain_datacat_fragment('main_config_es-01') } - it { should contain_datacat('/etc/elasticsearch/es-01/elasticsearch.yml') } - - - it { should contain_elasticsearch__instance('es-02').with(:config => { 'node.name' => 'es-02' }) } - it { should contain_elasticsearch__service('es-02') } - it { should contain_elasticsearch__service__init('es-02') } - it { should contain_service('elasticsearch-instance-es-02') } - it { should contain_augeas('defaults_es-02') } - it { should contain_exec('mkdir_configdir_elasticsearch_es-02') } - it { should contain_file('/etc/elasticsearch/es-02').with(:ensure => 'directory') } - it { should contain_file('/etc/elasticsearch/es-02/elasticsearch.yml') } - it { should contain_file('/etc/elasticsearch/es-02/logging.yml') } - it { should contain_exec('mkdir_datadir_elasticsearch_es-02') } - it { should contain_file('/usr/share/elasticsearch/data/es-02') } - it { should contain_file('/var/log/elasticsearch/es-02') } - it { should contain_file('/etc/init.d/elasticsearch-es-02') } - it { should contain_file('/etc/elasticsearch/es-02/scripts').with(:target => '/usr/share/elasticsearch/scripts') } - it { should contain_datacat_fragment('main_config_es-02') } - it { should contain_datacat('/etc/elasticsearch/es-02/elasticsearch.yml') } - - - end - - end - - context 'when we haven\'t specfied any instances to create' do - - let (:facts) { - facts.merge({ - :scenario => '', - :common => '' - }) - } - - it { should_not contain_elasticsearch__instance } - - end - - # Hiera Plugin creation. - - context 'when specifying plugins to create' do - - let (:facts) { - facts.merge({ - :scenario => 'singleplugin', - :common => '' - }) - } - - it { should contain_elasticsearch__plugin('mobz/elasticsearch-head/1.0.0').with(:ensure => 'present', :module_dir => 'head', :instances => ['es-01'] ) } - it { should contain_elasticsearch_plugin('mobz/elasticsearch-head/1.0.0') } - - end - - context 'when we haven\'t specified any plugins to create' do - - let (:facts) { - facts.merge({ - :scenario => '', - :common => '' - }) - } - - it { should_not contain_elasticsearch__plugin } - - end - - context "multiple instances using hiera_merge" do - - let (:params) { - default_params.merge({ - :instances_hiera_merge => true - }) - } - - let (:facts) { - facts.merge({ - :common => 'defaultinstance', - :scenario => 'singleinstance' - }) - } - - it { should contain_elasticsearch__instance('default').with(:config => { 'node.name' => 'default' }) } - it { should contain_elasticsearch__service('default') } - it { should contain_elasticsearch__service__init('default') } - it { should contain_service('elasticsearch-instance-default') } - it { should contain_augeas('defaults_default') } - it { should contain_exec('mkdir_configdir_elasticsearch_default') } - it { should contain_file('/etc/elasticsearch/default').with(:ensure => 'directory') } - it { should contain_file('/etc/elasticsearch/default/elasticsearch.yml') } - it { should contain_file('/etc/elasticsearch/default/logging.yml') } - it { should contain_exec('mkdir_datadir_elasticsearch_default') } - it { should contain_file('/usr/share/elasticsearch/data/default') } - it { should contain_file('/var/log/elasticsearch/default') } - it { should contain_file('/etc/init.d/elasticsearch-default') } - it { should contain_file('/etc/elasticsearch/default/scripts').with(:target => '/usr/share/elasticsearch/scripts') } - it { should contain_datacat_fragment('main_config_default') } - it { should contain_datacat('/etc/elasticsearch/default/elasticsearch.yml') } - - - it { should contain_elasticsearch__instance('es-01').with(:config => { 'node.name' => 'es-01' }) } - it { should contain_elasticsearch__service('es-01') } - it { should contain_elasticsearch__service__init('es-01') } - it { should contain_service('elasticsearch-instance-es-01') } - it { should contain_augeas('defaults_es-01') } - it { should contain_exec('mkdir_configdir_elasticsearch_es-01') } - it { should contain_file('/etc/elasticsearch/es-01').with(:ensure => 'directory') } - it { should contain_file('/etc/elasticsearch/es-01/elasticsearch.yml') } - it { should contain_file('/etc/elasticsearch/es-01/logging.yml') } - it { should contain_exec('mkdir_datadir_elasticsearch_es-01').with(:command => 'mkdir -p /usr/share/elasticsearch/data/es-01') } - it { should contain_file('/usr/share/elasticsearch/data/es-01') } - it { should contain_file('/var/log/elasticsearch/es-01') } - it { should contain_file('/etc/init.d/elasticsearch-es-01') } - it { should contain_file('/etc/elasticsearch/es-01/scripts').with(:target => '/usr/share/elasticsearch/scripts') } - it { should contain_datacat_fragment('main_config_es-01') } - it { should contain_datacat('/etc/elasticsearch/es-01/elasticsearch.yml') } - - - end - - end - -end diff --git a/elasticsearch/spec/classes/005_elasticsearch_repo_spec.rb b/elasticsearch/spec/classes/005_elasticsearch_repo_spec.rb deleted file mode 100644 index 1b34da534..000000000 --- a/elasticsearch/spec/classes/005_elasticsearch_repo_spec.rb +++ /dev/null @@ -1,143 +0,0 @@ -require 'spec_helper' - -describe 'elasticsearch', :type => 'class' do - - default_params = { - :config => {}, - :manage_repo => true, - :repo_version => '1.3', - :version => '1.6.0' - } - - on_supported_os.each do |os, facts| - - context "on #{os}" do - - - let(:facts) do - facts.merge({ 'scenario' => '', 'common' => '' }) - end - - let (:params) do - default_params - end - - context "Use anchor type for ordering" do - - let :params do - default_params - end - - it { should contain_class('elasticsearch::repo').that_requires('Anchor[elasticsearch::begin]') } - end - - - context "Use stage type for ordering" do - - let :params do - default_params.merge({ - :repo_stage => 'setup' - }) - end - - it { should contain_stage('setup') } - it { should contain_class('elasticsearch::repo').with(:stage => 'setup') } - - end - - case facts[:osfamily] - when 'Debian' - context 'has apt repo parts' do - it { should contain_apt__source('elasticsearch').with(:location => 'http://packages.elastic.co/elasticsearch/1.3/debian') } - end - when 'RedHat' - context 'has yum repo parts' do - it { should contain_yumrepo('elasticsearch').with(:baseurl => 'http://packages.elastic.co/elasticsearch/1.3/centos') } - end - when 'Suse' - context 'has zypper repo parts' do - it { should contain_exec('elasticsearch_suse_import_gpg').with(:command => 'rpmkeys --import http://packages.elastic.co/GPG-KEY-elasticsearch') } - it { should contain_zypprepo('elasticsearch').with(:baseurl => 'http://packages.elastic.co/elasticsearch/1.3/centos') } - end - end - - context "Package pinning" do - - let :params do - default_params.merge({ - :package_pin => true - }) - end - - case facts[:osfamily] - when 'Debian' - context 'is supported' do - it { should contain_apt__pin('elasticsearch').with(:packages => ['elasticsearch'], :version => '1.6.0') } - end - when 'RedHat' - context 'is supported' do - it { should contain_yum__versionlock('0:elasticsearch-1.6.0-1.noarch') } - end - else - context 'is not supported' do - pending("unable to test for warnings yet. https://github.com/rodjek/rspec-puppet/issues/108") - end - end - - end - - context "Override repo key ID" do - - let :params do - default_params.merge({ - :repo_key_id => '46095ACC8548582C1A2699A9D27D666CD88E42B4' - }) - end - - case facts[:osfamily] - when 'Debian' - context 'has override apt key' do - it { is_expected.to contain_apt__source('elasticsearch').with({ - :key => '46095ACC8548582C1A2699A9D27D666CD88E42B4', - })} - end - when 'Suse' - context 'has override yum key' do - it { is_expected.to contain_exec('elasticsearch_suse_import_gpg').with({ - :unless => "test $(rpm -qa gpg-pubkey | grep -i '46095ACC8548582C1A2699A9D27D666CD88E42B4' | wc -l) -eq 1 ", - })} - end - end - - end - - context "Override repo source URL" do - - let :params do - default_params.merge({ - :repo_key_source => 'https://packages.elasticsearch.org/GPG-KEY-elasticsearch' - }) - end - - case facts[:osfamily] - when 'Debian' - context 'has override apt key source' do - it { is_expected.to contain_apt__source('elasticsearch').with({ - :key_source => 'https://packages.elasticsearch.org/GPG-KEY-elasticsearch', - })} - end - when 'RedHat' - context 'has override yum key source' do - it { should contain_yumrepo('elasticsearch').with(:gpgkey => 'https://packages.elasticsearch.org/GPG-KEY-elasticsearch') } - end - when 'Suse' - context 'has override yum key source' do - it { should contain_exec('elasticsearch_suse_import_gpg').with(:command => 'rpmkeys --import https://packages.elasticsearch.org/GPG-KEY-elasticsearch') } - end - end - - end - - end - end -end diff --git a/elasticsearch/spec/classes/010_elasticsearch_init_unkown_spec.rb b/elasticsearch/spec/classes/010_elasticsearch_init_unkown_spec.rb deleted file mode 100644 index 12bce8fef..000000000 --- a/elasticsearch/spec/classes/010_elasticsearch_init_unkown_spec.rb +++ /dev/null @@ -1,18 +0,0 @@ -require 'spec_helper' - -describe 'elasticsearch', :type => 'class' do - - context "on an unknown OS" do - - context "it should fail" do - let :facts do { - :operatingsystem => 'Windows' - } end - - it { expect { should raise_error(Puppet::Error) } } - - end - - end - -end diff --git a/elasticsearch/spec/classes/099_coverage_spec.rb b/elasticsearch/spec/classes/099_coverage_spec.rb deleted file mode 100644 index 12513b83c..000000000 --- a/elasticsearch/spec/classes/099_coverage_spec.rb +++ /dev/null @@ -1 +0,0 @@ -at_exit { RSpec::Puppet::Coverage.report! } diff --git a/elasticsearch/spec/defines/001_elasticsearch_python_spec.rb b/elasticsearch/spec/defines/001_elasticsearch_python_spec.rb deleted file mode 100644 index cd442096a..000000000 --- a/elasticsearch/spec/defines/001_elasticsearch_python_spec.rb +++ /dev/null @@ -1,24 +0,0 @@ -require 'spec_helper' - -describe 'elasticsearch::python', :type => 'define' do - - let :facts do { - :operatingsystem => 'CentOS', - :kernel => 'Linux', - :osfamily => 'RedHat' - } end - - [ 'pyes', 'rawes', 'pyelasticsearch', 'ESClient', 'elasticutils', 'elasticsearch' ].each do |pythonlib| - - context "installation of library #{pythonlib}" do - - let(:title) { pythonlib } - - it { should contain_elasticsearch__python(pythonlib) } - it { should contain_package("python_#{pythonlib}").with(:provider => 'pip', :name => pythonlib) } - - end - - end - -end diff --git a/elasticsearch/spec/defines/002_elasticsearch_ruby_spec.rb b/elasticsearch/spec/defines/002_elasticsearch_ruby_spec.rb deleted file mode 100644 index 8eb6a587d..000000000 --- a/elasticsearch/spec/defines/002_elasticsearch_ruby_spec.rb +++ /dev/null @@ -1,24 +0,0 @@ -require 'spec_helper' - -describe 'elasticsearch::ruby', :type => 'define' do - - let :facts do { - :operatingsystem => 'CentOS', - :kernel => 'Linux', - :osfamily => 'RedHat' - } end - - [ 'tire', 'stretcher', 'elastic_searchable', 'elasticsearch', 'flex'].each do |rubylib| - - context "installation of library #{rubylib}" do - - let(:title) { rubylib } - - it { should contain_elasticsearch__ruby(rubylib) } - it { should contain_package("ruby_#{rubylib}").with(:provider => 'gem', :name => rubylib) } - - end - - end - -end diff --git a/elasticsearch/spec/defines/003_elasticsearch_template_spec.rb b/elasticsearch/spec/defines/003_elasticsearch_template_spec.rb deleted file mode 100644 index d1642653c..000000000 --- a/elasticsearch/spec/defines/003_elasticsearch_template_spec.rb +++ /dev/null @@ -1,64 +0,0 @@ -require 'spec_helper' - -describe 'elasticsearch::template', :type => 'define' do - - let :facts do { - :operatingsystem => 'CentOS', - :kernel => 'Linux', - :osfamily => 'RedHat', - :operatingsystemmajrelease => '6', - :scenario => '', - :common => '' - } end - - let(:title) { 'foo' } - let(:pre_condition) { 'class {"elasticsearch": config => { "node" => {"name" => "test" }}}'} - - context "Add a template" do - - let :params do { - :ensure => 'present', - :file => 'puppet:///path/to/foo.json', - } end - - it { should contain_elasticsearch__template('foo') } - it { should contain_file('/usr/share/elasticsearch/templates_import/elasticsearch-template-foo.json').with(:source => 'puppet:///path/to/foo.json', :notify => "Exec[delete_template_foo]") } - it { should contain_exec('insert_template_foo').with(:command => "curl -sL -w \"%{http_code}\\n\" -XPUT http://localhost:9200/_template/foo -d @/usr/share/elasticsearch/templates_import/elasticsearch-template-foo.json -o /dev/null | egrep \"(200|201)\" > /dev/null", :unless => 'test $(curl -s \'http://localhost:9200/_template/foo?pretty=true\' | wc -l) -gt 1') } - end - - context "Delete a template" do - - let :params do { - :ensure => 'absent' - } end - - it { should contain_elasticsearch__template('foo') } - it { should_not contain_file('/usr/share/elasticsearch/templates_import/elasticsearch-template-foo.json').with(:source => 'puppet:///path/to/foo.json') } - it { should_not contain_exec('insert_template_foo') } - it { should contain_exec('delete_template_foo').with(:command => 'curl -s -XDELETE http://localhost:9200/_template/foo', :notify => nil, :onlyif => 'test $(curl -s \'http://localhost:9200/_template/foo?pretty=true\' | wc -l) -gt 1' ) } - end - - context "Add template with alternative host and port" do - - let :params do { - :file => 'puppet:///path/to/foo.json', - :host => 'otherhost', - :port => 9201 - } end - - it { should contain_elasticsearch__template('foo') } - it { should contain_file('/usr/share/elasticsearch/templates_import/elasticsearch-template-foo.json').with(:source => 'puppet:///path/to/foo.json') } - it { should contain_exec('insert_template_foo').with(:command => "curl -sL -w \"%{http_code}\\n\" -XPUT http://otherhost:9201/_template/foo -d @/usr/share/elasticsearch/templates_import/elasticsearch-template-foo.json -o /dev/null | egrep \"(200|201)\" > /dev/null", :unless => 'test $(curl -s \'http://otherhost:9201/_template/foo?pretty=true\' | wc -l) -gt 1') } - end - - context "Add template using content" do - - let :params do { - :content => '{"template":"*","settings":{"number_of_replicas":0}}' - } end - - it { should contain_elasticsearch__template('foo') } - it { should contain_file('/usr/share/elasticsearch/templates_import/elasticsearch-template-foo.json').with(:content => '{"template":"*","settings":{"number_of_replicas":0}}') } - end - -end diff --git a/elasticsearch/spec/defines/004_elasticsearch_plugin_spec.rb b/elasticsearch/spec/defines/004_elasticsearch_plugin_spec.rb deleted file mode 100644 index df6b70601..000000000 --- a/elasticsearch/spec/defines/004_elasticsearch_plugin_spec.rb +++ /dev/null @@ -1,75 +0,0 @@ -require 'spec_helper' - -describe 'elasticsearch::plugin', :type => 'define' do - - let(:title) { 'mobz/elasticsearch-head/1.0.0' } - let :facts do { - :operatingsystem => 'CentOS', - :kernel => 'Linux', - :osfamily => 'RedHat', - :operatingsystemmajrelease => '6', - :scenario => '', - :common => '' - } end - let(:pre_condition) { 'class {"elasticsearch": config => { "node" => {"name" => "test" }}}'} - - context 'with module_dir' do - - context "Add a plugin" do - - let :params do { - :ensure => 'present', - :module_dir => 'head', - :instances => 'es-01' - } end - - it { should contain_elasticsearch__plugin('mobz/elasticsearch-head/1.0.0') } - it { should contain_elasticsearch_plugin('mobz/elasticsearch-head/1.0.0') } - end - - context "Remove a plugin" do - - let :params do { - :ensure => 'absent', - :module_dir => 'head', - :instances => 'es-01' - } end - - it { should contain_elasticsearch__plugin('mobz/elasticsearch-head/1.0.0') } - it { should contain_elasticsearch_plugin('mobz/elasticsearch-head/1.0.0').with(:ensure => 'absent') } - end - - end - - context 'with url' do - - context "Add a plugin with full name" do - - let :params do { - :ensure => 'present', - :instances => 'es-01', - :url => 'https://github.com/mobz/elasticsearch-head/archive/master.zip', - } end - - it { should contain_elasticsearch__plugin('mobz/elasticsearch-head/1.0.0') } - it { should contain_elasticsearch_plugin('mobz/elasticsearch-head/1.0.0').with(:ensure => 'present', :url => 'https://github.com/mobz/elasticsearch-head/archive/master.zip') } - end - - end - - context "offline plugin install" do - - let(:title) { 'head' } - let :params do { - :ensure => 'present', - :instances => 'es-01', - :source => 'puppet:///path/to/my/plugin.zip', - } end - - it { should contain_elasticsearch__plugin('head') } - it { should contain_file('/opt/elasticsearch/swdl/plugin.zip').with(:source => 'puppet:///path/to/my/plugin.zip', :before => 'Elasticsearch_plugin[head]') } - it { should contain_elasticsearch_plugin('head').with(:ensure => 'present', :source => '/opt/elasticsearch/swdl/plugin.zip') } - - end - -end diff --git a/elasticsearch/spec/defines/005_elasticsearch_instance_spec.rb b/elasticsearch/spec/defines/005_elasticsearch_instance_spec.rb deleted file mode 100644 index c4e83e4fd..000000000 --- a/elasticsearch/spec/defines/005_elasticsearch_instance_spec.rb +++ /dev/null @@ -1,407 +0,0 @@ -require 'spec_helper' - -describe 'elasticsearch::instance', :type => 'define' do - - default_params = { } - - on_supported_os.each do |os, facts| - - let(:title) { 'es-01' } - context "on #{os}" do - - case facts[:osfamily] - when 'Debian' - let(:defaults_path) { '/etc/default' } - let(:pkg_ext) { 'deb' } - let(:pkg_prov) { 'dpkg' } - case facts[:operatingsystem] - when 'Debian' - if facts[:operatingsystemmajrelease].to_i >= 8 - let(:initscript) { 'systemd' } - else - let(:initscript) { 'Debian' } - end - when 'Ubuntu' - if facts[:operatingsystemmajrelease].to_i >= 15 - let(:initscript) { 'systemd' } - else - let(:initscript) { 'Debian' } - end - end - when 'RedHat' - let(:defaults_path) { '/etc/sysconfig' } - let(:pkg_ext) { 'rpm' } - let(:pkg_prov) { 'rpm' } - if facts[:operatingsystemmajrelease].to_i >= 7 - let(:initscript) { 'systemd' } - else - let(:initscript) { 'RedHat' } - end - when 'Suse' - let(:defaults_path) { '/etc/sysconfig' } - let(:pkg_ext) { 'rpm' } - let(:pkg_prov) { 'rpm' } - let(:initscript) { 'systemd' } - end - - let(:facts) do - facts.merge({ 'scenario' => '', 'common' => '' }) - end - - let (:params) do - default_params.merge({ }) - end - - let(:title) { 'es-01' } - let(:pre_condition) { 'class {"elasticsearch": }' } - - context "Service" do - - it { should contain_elasticsearch__service('es-01').with(:init_template => "elasticsearch/etc/init.d/elasticsearch.#{initscript}.erb", :init_defaults => {"CONF_DIR"=>"/etc/elasticsearch/es-01", "CONF_FILE"=>"/etc/elasticsearch/es-01/elasticsearch.yml", "LOG_DIR"=>"/var/log/elasticsearch/es-01", "ES_HOME"=>"/usr/share/elasticsearch"}) } - - end - - end - - end - - let :facts do { - :operatingsystem => 'CentOS', - :kernel => 'Linux', - :osfamily => 'RedHat', - :operatingsystemmajrelease => '6', - :scenario => '', - :common => '', - :hostname => 'foo' - } end - - let(:title) { 'es-01' } - let(:pre_condition) { 'class {"elasticsearch": }' } - - - context "Config file" do - - let :params do { - :config => { } - } end - - it { should contain_datacat_fragment('main_config_es-01') } - it { should contain_datacat('/etc/elasticsearch/es-01/elasticsearch.yml') } - it { should contain_datacat_collector('/etc/elasticsearch/es-01/elasticsearch.yml') } - it { should contain_file('/etc/elasticsearch/es-01/elasticsearch.yml') } - - end - - context "service restarts" do - - context "does not restart when restart_on_change is false" do - let :params do { - :config => { 'node' => { 'name' => 'test' } }, - } end - let(:pre_condition) { 'class {"elasticsearch": config => { }, restart_on_change => false }' } - it { should contain_datacat_fragment('main_config_es-01') } - it { should contain_datacat('/etc/elasticsearch/es-01/elasticsearch.yml').without_notify } - - end - - context "should happen restart_on_change is true (default)" do - let :params do { - :config => { 'node' => { 'name' => 'test' } }, - } end - let(:pre_condition) { 'class {"elasticsearch": config => { }}' } - - it { should contain_datacat_fragment('main_config_es-01') } - it { should contain_datacat('/etc/elasticsearch/es-01/elasticsearch.yml').with(:notify => "Elasticsearch::Service[es-01]") } - - end - - end - - context "Config dir" do - - context "default" do - let(:pre_condition) { 'class {"elasticsearch": }' } - it { should contain_exec('mkdir_configdir_elasticsearch_es-01') } - it { should contain_file('/etc/elasticsearch/es-01').with(:ensure => 'directory') } - it { should contain_datacat_fragment('main_config_es-01') } - it { should contain_datacat('/etc/elasticsearch/es-01/elasticsearch.yml') } - - it { should contain_file('/etc/elasticsearch/es-01/logging.yml') } - it { should contain_file('/usr/share/elasticsearch/scripts') } - it { should contain_file('/etc/elasticsearch/es-01/scripts').with(:target => '/usr/share/elasticsearch/scripts') } - end - - context "Set in main class" do - let(:pre_condition) { 'class {"elasticsearch": configdir => "/etc/elasticsearch-config" }' } - - it { should contain_exec('mkdir_configdir_elasticsearch_es-01') } - it { should contain_file('/etc/elasticsearch-config').with(:ensure => 'directory') } - it { should contain_file('/usr/share/elasticsearch/templates_import').with(:ensure => 'directory') } - it { should contain_file('/etc/elasticsearch-config/es-01').with(:ensure => 'directory') } - it { should contain_datacat_fragment('main_config_es-01') } - it { should contain_datacat('/etc/elasticsearch-config/es-01/elasticsearch.yml') } - - it { should contain_file('/etc/elasticsearch-config/es-01/logging.yml') } - it { should contain_file('/usr/share/elasticsearch/scripts') } - it { should contain_file('/etc/elasticsearch-config/es-01/scripts').with(:target => '/usr/share/elasticsearch/scripts') } - end - - context "set in instance" do - let(:pre_condition) { 'class {"elasticsearch": }' } - let :params do { - :configdir => '/etc/elasticsearch-config/es-01' - } end - - it { should contain_exec('mkdir_configdir_elasticsearch_es-01') } - it { should contain_file('/etc/elasticsearch').with(:ensure => 'directory') } - it { should contain_file('/etc/elasticsearch-config/es-01').with(:ensure => 'directory') } - it { should contain_datacat_fragment('main_config_es-01') } - it { should contain_datacat('/etc/elasticsearch-config/es-01/elasticsearch.yml') } - - it { should contain_file('/etc/elasticsearch-config/es-01/logging.yml') } - it { should contain_file('/usr/share/elasticsearch/scripts') } - it { should contain_file('/etc/elasticsearch-config/es-01/scripts').with(:target => '/usr/share/elasticsearch/scripts') } - end - - end - - - context "data directory" do - let(:pre_condition) { 'class {"elasticsearch": }' } - - context "default" do - it { should contain_exec('mkdir_datadir_elasticsearch_es-01') } - it { should contain_file('/usr/share/elasticsearch/data/es-01').with( :ensure => 'directory') } - it { should contain_file('/usr/share/elasticsearch/data').with( :ensure => 'directory') } - end - - context "single from main config " do - let(:pre_condition) { 'class {"elasticsearch": datadir => "/var/lib/elasticsearch-data" }' } - - it { should contain_exec('mkdir_datadir_elasticsearch_es-01') } - it { should contain_file('/var/lib/elasticsearch-data').with( :ensure => 'directory') } - it { should contain_file('/var/lib/elasticsearch-data/es-01').with( :ensure => 'directory') } - end - - context "single from instance config" do - let(:pre_condition) { 'class {"elasticsearch": }' } - let :params do { - :datadir => '/var/lib/elasticsearch/data' - } end - - it { should contain_exec('mkdir_datadir_elasticsearch_es-01') } - it { should contain_file('/var/lib/elasticsearch/data').with( :ensure => 'directory') } - - end - - context "multiple from main config" do - let(:pre_condition) { 'class {"elasticsearch": datadir => [ "/var/lib/elasticsearch-data01", "/var/lib/elasticsearch-data02"] }' } - - it { should contain_exec('mkdir_datadir_elasticsearch_es-01') } - it { should contain_file('/var/lib/elasticsearch-data01').with( :ensure => 'directory') } - it { should contain_file('/var/lib/elasticsearch-data01/es-01').with( :ensure => 'directory') } - it { should contain_file('/var/lib/elasticsearch-data02').with( :ensure => 'directory') } - it { should contain_file('/var/lib/elasticsearch-data02/es-01').with( :ensure => 'directory') } - end - - context "multiple from instance config" do - let(:pre_condition) { 'class {"elasticsearch": }' } - let :params do { - :datadir => ['/var/lib/elasticsearch-data/01', '/var/lib/elasticsearch-data/02'] - } end - - it { should contain_exec('mkdir_datadir_elasticsearch_es-01') } - it { should contain_file('/var/lib/elasticsearch-data/01').with( :ensure => 'directory') } - it { should contain_file('/var/lib/elasticsearch-data/02').with( :ensure => 'directory') } - end - - context "Conflicting setting path.data" do - let(:pre_condition) { 'class {"elasticsearch": }' } - let :params do { - :datadir => '/var/lib/elasticsearch/data', - :config => { 'path.data' => '/var/lib/elasticsearch/otherdata' } - } end - - it { should contain_exec('mkdir_datadir_elasticsearch_es-01') } - it { should contain_file('/var/lib/elasticsearch/data').with( :ensure => 'directory') } - it { should_not contain_file('/var/lib/elasticsearch/otherdata').with( :ensure => 'directory') } - end - - context "Conflicting setting path => data" do - let(:pre_condition) { 'class {"elasticsearch": }' } - let :params do { - :datadir => '/var/lib/elasticsearch/data', - :config => { 'path' => { 'data' => '/var/lib/elasticsearch/otherdata' } } - } end - - it { should contain_exec('mkdir_datadir_elasticsearch_es-01') } - it { should contain_file('/var/lib/elasticsearch/data').with( :ensure => 'directory') } - it { should_not contain_file('/var/lib/elasticsearch/otherdata').with( :ensure => 'directory') } - end - - context "With other path options defined" do - let(:pre_condition) { 'class {"elasticsearch": }' } - let :params do { - :datadir => '/var/lib/elasticsearch/data', - :config => { 'path' => { 'home' => '/var/lib/elasticsearch' } } - } end - - it { should contain_exec('mkdir_datadir_elasticsearch_es-01') } - it { should contain_file('/var/lib/elasticsearch/data').with( :ensure => 'directory') } - end - - - end - - context "logs directory" do - let(:pre_condition) { 'class {"elasticsearch": }' } - - context "default" do - it { should contain_file('/var/log/elasticsearch/es-01').with( :ensure => 'directory') } - it { should contain_file('/var/log/elasticsearch/').with( :ensure => 'directory') } - end - - context "single from main config " do - let(:pre_condition) { 'class {"elasticsearch": logdir => "/var/log/elasticsearch-logs" }' } - - it { should contain_file('/var/log/elasticsearch-logs').with( :ensure => 'directory') } - it { should contain_file('/var/log/elasticsearch-logs/es-01').with( :ensure => 'directory') } - end - - context "single from instance config" do - let(:pre_condition) { 'class {"elasticsearch": }' } - let :params do { - :logdir => '/var/log/elasticsearch/logs-a' - } end - - it { should contain_file('/var/log/elasticsearch/logs-a').with( :ensure => 'directory') } - - end - - context "Conflicting setting path.logs" do - let(:pre_condition) { 'class {"elasticsearch": }' } - let :params do { - :logdir => '/var/log/elasticsearch/logs-a', - :config => { 'path.logs' => '/var/log/elasticsearch/otherlogs' } - } end - - it { should contain_file('/var/log/elasticsearch/logs-a').with( :ensure => 'directory') } - it { should_not contain_file('/var/log/elasticsearch/otherlogs').with( :ensure => 'directory') } - end - - context "Conflicting setting path => logs" do - let(:pre_condition) { 'class {"elasticsearch": }' } - let :params do { - :logdir => '/var/log/elasticsearch/logs-a', - :config => { 'path' => { 'logs' => '/var/log/elasticsearch/otherlogs' } } - } end - - it { should contain_file('/var/log/elasticsearch/logs-a').with( :ensure => 'directory') } - it { should_not contain_file('/var/log/elasticsearch/otherlogs').with( :ensure => 'directory') } - end - - context "With other path options defined" do - let(:pre_condition) { 'class {"elasticsearch": }' } - let :params do { - :logdir => '/var/log/elasticsearch/logs-a', - :config => { 'path' => { 'home' => '/var/log/elasticsearch' } } - } end - - it { should contain_file('/var/log/elasticsearch/logs-a').with( :ensure => 'directory') } - end - - - end - - - context "Logging" do - - let(:pre_condition) { 'class {"elasticsearch": }' } - - context "default" do - it { should contain_file('/etc/elasticsearch/es-01/logging.yml').with_content(/^logger.index.search.slowlog: TRACE, index_search_slow_log_file$/).with(:source => nil) } - end - - context "from main class" do - - context "config" do - let(:pre_condition) { 'class {"elasticsearch": logging_config => { "index.search.slowlog" => "DEBUG, index_search_slow_log_file" } }' } - - it { should contain_file('/etc/elasticsearch/es-01/logging.yml').with_content(/^logger.index.search.slowlog: DEBUG, index_search_slow_log_file$/).with(:source => nil) } - end - - context "logging file " do - let(:pre_condition) { 'class {"elasticsearch": logging_file => "puppet:///path/to/logging.yml" }' } - - it { should contain_file('/etc/elasticsearch/es-01/logging.yml').with(:source => 'puppet:///path/to/logging.yml', :content => nil) } - end - - end - - context "from instance" do - - let(:pre_condition) { 'class {"elasticsearch": }' } - - context "config" do - let :params do { - :logging_config => { 'index.search.slowlog' => 'INFO, index_search_slow_log_file' } - } end - - it { should contain_file('/etc/elasticsearch/es-01/logging.yml').with_content(/^logger.index.search.slowlog: INFO, index_search_slow_log_file$/).with(:source => nil) } - end - - context "logging file " do - let :params do { - :logging_file => 'puppet:///path/to/logging.yml' - } end - - it { should contain_file('/etc/elasticsearch/es-01/logging.yml').with(:source => 'puppet:///path/to/logging.yml', :content => nil) } - end - - end - - end - - context "running as an other user" do - - let(:pre_condition) { 'class {"elasticsearch": elasticsearch_user => "myesuser", elasticsearch_group => "myesgroup" }' } - - it { should contain_file('/usr/share/elasticsearch/data/es-01').with(:owner => 'myesuser') } - it { should contain_file('/etc/elasticsearch/es-01').with(:owner => 'myesuser', :group => 'myesgroup') } - it { should contain_datacat('/etc/elasticsearch/es-01/elasticsearch.yml').with(:owner => 'myesuser', :group => 'myesgroup') } - it { should contain_file('/etc/elasticsearch/es-01/elasticsearch.yml').with(:owner => 'myesuser', :group => 'myesgroup') } - it { should contain_file('/etc/elasticsearch/es-01/logging.yml').with(:owner => 'myesuser', :group => 'myesgroup') } - end - - context "setting different service status then main class" do - - let(:pre_condition) { 'class {"elasticsearch": status => "enabled" }' } - - context "status option" do - - let :params do { - :status => 'running' - } end - - it { should contain_service('elasticsearch-instance-es-01').with(:ensure => 'running', :enable => false) } - - end - - end - - context "init_template" do - - context "default" do - let(:pre_condition) { 'class {"elasticsearch": }' } - - it { should contain_elasticsearch__service('es-01').with(:init_template => 'elasticsearch/etc/init.d/elasticsearch.RedHat.erb') } - end - - context "override in main class" do - let(:pre_condition) { 'class {"elasticsearch": init_template => "elasticsearch/etc/init.d/elasticsearch.systemd.erb" }' } - - it { should contain_elasticsearch__service('es-01').with(:init_template => 'elasticsearch/etc/init.d/elasticsearch.systemd.erb') } - end - - end -end diff --git a/elasticsearch/spec/defines/006_elasticsearch_script_spec.rb b/elasticsearch/spec/defines/006_elasticsearch_script_spec.rb deleted file mode 100644 index f585389ac..000000000 --- a/elasticsearch/spec/defines/006_elasticsearch_script_spec.rb +++ /dev/null @@ -1,39 +0,0 @@ -require 'spec_helper' - -describe 'elasticsearch::script', :type => 'define' do - - let :facts do { - :operatingsystem => 'CentOS', - :kernel => 'Linux', - :osfamily => 'RedHat', - :operatingsystemmajrelease => '6', - :scenario => '', - :common => '' - } end - - let(:title) { 'foo' } - let(:pre_condition) { 'class {"elasticsearch": config => { "node" => {"name" => "test" }}}'} - - context "Add a script" do - - let :params do { - :ensure => 'present', - :source => 'puppet:///path/to/foo.groovy', - } end - - it { should contain_elasticsearch__script('foo') } - it { should contain_file('/usr/share/elasticsearch/scripts/foo.groovy').with(:source => 'puppet:///path/to/foo.groovy', :ensure => 'present') } - end - - context "Delete a script" do - - let :params do { - :ensure => 'absent', - :source => 'puppet:///path/to/foo.groovy', - } end - - it { should contain_elasticsearch__script('foo') } - it { should contain_file('/usr/share/elasticsearch/scripts/foo.groovy').with(:source => 'puppet:///path/to/foo.groovy', :ensure => 'absent') } - end - -end diff --git a/elasticsearch/spec/defines/010_elasticsearch_service_init_spec.rb b/elasticsearch/spec/defines/010_elasticsearch_service_init_spec.rb deleted file mode 100644 index 20d33ed77..000000000 --- a/elasticsearch/spec/defines/010_elasticsearch_service_init_spec.rb +++ /dev/null @@ -1,127 +0,0 @@ -require 'spec_helper' - -describe 'elasticsearch::service::init', :type => 'define' do - - let :facts do { - :operatingsystem => 'CentOS', - :kernel => 'Linux', - :osfamily => 'RedHat', - :operatingsystemmajrelease => '6', - :scenario => '', - :common => '' - } end - - let(:title) { 'es-01' } - let(:pre_condition) { 'class {"elasticsearch": config => { "node" => {"name" => "test" }}}' } - - context "Setup service" do - - let :params do { - :ensure => 'present', - :status => 'enabled' - } end - - it { should contain_elasticsearch__service__init('es-01') } - it { should contain_service('elasticsearch-instance-es-01').with(:ensure => 'running', :enable => true) } - end - - context "Remove service" do - - let :params do { - :ensure => 'absent' - } end - - it { should contain_elasticsearch__service__init('es-01') } - it { should contain_service('elasticsearch-instance-es-01').with(:ensure => 'stopped', :enable => false) } - end - - context "unmanaged" do - let :params do { - :ensure => 'present', - :status => 'unmanaged' - } end - - it { should contain_elasticsearch__service__init('es-01') } - it { should contain_service('elasticsearch-instance-es-01').with(:enable => false) } - it { should contain_augeas('defaults_es-01') } - - end - - context "Defaults file" do - - context "Set via file" do - let :params do { - :ensure => 'present', - :status => 'enabled', - :init_defaults_file => 'puppet:///path/to/initdefaultsfile' - } end - - it { should contain_file('/etc/sysconfig/elasticsearch-es-01').with(:source => 'puppet:///path/to/initdefaultsfile', :notify => 'Service[elasticsearch-instance-es-01]', :before => 'Service[elasticsearch-instance-es-01]') } - end - - context "Set via hash" do - let :params do { - :ensure => 'present', - :status => 'enabled', - :init_defaults => {'ES_HOME' => '/usr/share/elasticsearch' } - } end - - it { should contain_augeas('defaults_es-01').with(:incl => '/etc/sysconfig/elasticsearch-es-01', :changes => "set ES_GROUP 'elasticsearch'\nset ES_HOME '/usr/share/elasticsearch'\nset ES_USER 'elasticsearch'\nset MAX_OPEN_FILES '65535'\n", :notify => 'Service[elasticsearch-instance-es-01]', :before => 'Service[elasticsearch-instance-es-01]') } - end - - context "No restart when 'restart_on_change' is false" do - let(:pre_condition) { 'class {"elasticsearch": config => { "node" => {"name" => "test" }}, restart_on_change => false } ' } - - context "Set via file" do - let :params do { - :ensure => 'present', - :status => 'enabled', - :init_defaults_file => 'puppet:///path/to/initdefaultsfile' - } end - - it { should contain_file('/etc/sysconfig/elasticsearch-es-01').with(:source => 'puppet:///path/to/initdefaultsfile', :notify => nil, :before => 'Service[elasticsearch-instance-es-01]') } - end - - context "Set via hash" do - let :params do { - :ensure => 'present', - :status => 'enabled', - :init_defaults => {'ES_HOME' => '/usr/share/elasticsearch' } - } end - - it { should contain_augeas('defaults_es-01').with(:incl => '/etc/sysconfig/elasticsearch-es-01', :changes => "set ES_GROUP 'elasticsearch'\nset ES_HOME '/usr/share/elasticsearch'\nset ES_USER 'elasticsearch'\nset MAX_OPEN_FILES '65535'\n", :notify => nil, :before => 'Service[elasticsearch-instance-es-01]') } - end - - end - - end - - context "Init file" do - let(:pre_condition) { 'class {"elasticsearch": config => { "node" => {"name" => "test" }} } ' } - - context "Via template" do - let :params do { - :ensure => 'present', - :status => 'enabled', - :init_template => 'elasticsearch/etc/init.d/elasticsearch.RedHat.erb' - } end - - it { should contain_file('/etc/init.d/elasticsearch-es-01').with(:notify => 'Service[elasticsearch-instance-es-01]', :before => 'Service[elasticsearch-instance-es-01]') } - end - - context "No restart when 'restart_on_change' is false" do - let(:pre_condition) { 'class {"elasticsearch": config => { "node" => {"name" => "test" }}, restart_on_change => false } ' } - - let :params do { - :ensure => 'present', - :status => 'enabled', - :init_template => 'elasticsearch/etc/init.d/elasticsearch.RedHat.erb' - } end - - it { should contain_file('/etc/init.d/elasticsearch-es-01').with(:notify => nil, :before => 'Service[elasticsearch-instance-es-01]') } - - end - - end - -end diff --git a/elasticsearch/spec/defines/011_elasticsearch_service_system_spec.rb b/elasticsearch/spec/defines/011_elasticsearch_service_system_spec.rb deleted file mode 100644 index 14cc44ab1..000000000 --- a/elasticsearch/spec/defines/011_elasticsearch_service_system_spec.rb +++ /dev/null @@ -1,130 +0,0 @@ -require 'spec_helper' - -describe 'elasticsearch::service::systemd', :type => 'define' do - - let :facts do { - :operatingsystem => 'OpenSuSE', - :kernel => 'Linux', - :osfamily => 'Suse', - :operatingsystemmajrelease => '11', - :scenario => '', - :common => '' - } end - - let(:title) { 'es-01' } - let(:pre_condition) { 'class {"elasticsearch": config => { "node" => {"name" => "test" }}}' } - - context "Setup service" do - - let :params do { - :ensure => 'present', - :status => 'enabled' - } end - - it { should contain_elasticsearch__service__systemd('es-01') } - it { should contain_exec('systemd_reload_es-01').with(:command => '/bin/systemctl daemon-reload') } - it { should contain_service('elasticsearch-instance-es-01').with(:ensure => 'running', :enable => true, :provider => 'systemd') } - end - - context "Remove service" do - - let :params do { - :ensure => 'absent' - } end - - it { should contain_elasticsearch__service__systemd('es-01') } - it { should contain_exec('systemd_reload_es-01').with(:command => '/bin/systemctl daemon-reload') } - it { should contain_service('elasticsearch-instance-es-01').with(:ensure => 'stopped', :enable => false, :provider => 'systemd') } - end - - context "unmanaged" do - let :params do { - :ensure => 'present', - :status => 'unmanaged' - } end - - - it { should contain_elasticsearch__service__systemd('es-01') } - it { should contain_service('elasticsearch-instance-es-01').with(:enable => false) } - it { should contain_augeas('defaults_es-01') } - - end - - context "Defaults file" do - - context "Set via file" do - let :params do { - :ensure => 'present', - :status => 'enabled', - :init_defaults_file => 'puppet:///path/to/initdefaultsfile' - } end - - it { should contain_file('/etc/sysconfig/elasticsearch-es-01').with(:source => 'puppet:///path/to/initdefaultsfile', :before => 'Service[elasticsearch-instance-es-01]') } - end - - context "Set via hash" do - let :params do { - :ensure => 'present', - :status => 'enabled', - :init_defaults => {'ES_HOME' => '/usr/share/elasticsearch' } - } end - - it { should contain_augeas('defaults_es-01').with(:incl => '/etc/sysconfig/elasticsearch-es-01', :changes => "set ES_GROUP 'elasticsearch'\nset ES_HOME '/usr/share/elasticsearch'\nset ES_USER 'elasticsearch'\nset MAX_OPEN_FILES '65535'\n", :before => 'Service[elasticsearch-instance-es-01]') } - end - - context "No restart when 'restart_on_change' is false" do - let(:pre_condition) { 'class {"elasticsearch": config => { "node" => {"name" => "test" }}, restart_on_change => false } ' } - - context "Set via file" do - let :params do { - :ensure => 'present', - :status => 'enabled', - :init_defaults_file => 'puppet:///path/to/initdefaultsfile' - } end - - it { should contain_file('/etc/sysconfig/elasticsearch-es-01').with(:source => 'puppet:///path/to/initdefaultsfile', :notify => 'Exec[systemd_reload_es-01]', :before => 'Service[elasticsearch-instance-es-01]') } - end - - context "Set via hash" do - let :params do { - :ensure => 'present', - :status => 'enabled', - :init_defaults => {'ES_HOME' => '/usr/share/elasticsearch' } - } end - - it { should contain_augeas('defaults_es-01').with(:incl => '/etc/sysconfig/elasticsearch-es-01', :changes => "set ES_GROUP 'elasticsearch'\nset ES_HOME '/usr/share/elasticsearch'\nset ES_USER 'elasticsearch'\nset MAX_OPEN_FILES '65535'\n", :notify => 'Exec[systemd_reload_es-01]', :before => 'Service[elasticsearch-instance-es-01]') } - end - - end - - end - - context "Init file" do - let(:pre_condition) { 'class {"elasticsearch": config => { "node" => {"name" => "test" }} } ' } - - context "Via template" do - let :params do { - :ensure => 'present', - :status => 'enabled', - :init_template => 'elasticsearch/etc/init.d/elasticsearch.systemd.erb' - } end - - it { should contain_file('/lib/systemd/system/elasticsearch-es-01.service').with(:before => 'Service[elasticsearch-instance-es-01]') } - end - - context "No restart when 'restart_on_change' is false" do - let(:pre_condition) { 'class {"elasticsearch": config => { "node" => {"name" => "test" }}, restart_on_change => false } ' } - - let :params do { - :ensure => 'present', - :status => 'enabled', - :init_template => 'elasticsearch/etc/init.d/elasticsearch.systemd.erb' - } end - - it { should contain_file('/lib/systemd/system/elasticsearch-es-01.service').with(:notify => 'Exec[systemd_reload_es-01]', :before => 'Service[elasticsearch-instance-es-01]') } - - end - - end - -end diff --git a/elasticsearch/spec/fixtures/facts/facts_url1.json b/elasticsearch/spec/fixtures/facts/facts_url1.json deleted file mode 100644 index bf5056aab..000000000 --- a/elasticsearch/spec/fixtures/facts/facts_url1.json +++ /dev/null @@ -1,13 +0,0 @@ -{ - "status" : 200, - "name" : "Warlock", - "cluster_name" : "elasticsearch", - "version" : { - "number" : "1.4.2", - "build_hash" : "927caff6f05403e936c20bf4529f144f0c89fd8c", - "build_timestamp" : "2014-12-16T14:11:12Z", - "build_snapshot" : false, - "lucene_version" : "4.10.2" - }, - "tagline" : "You Know, for Search" -} diff --git a/elasticsearch/spec/fixtures/facts/facts_url2.json b/elasticsearch/spec/fixtures/facts/facts_url2.json deleted file mode 100644 index 407517ec7..000000000 --- a/elasticsearch/spec/fixtures/facts/facts_url2.json +++ /dev/null @@ -1 +0,0 @@ -{"cluster_name":"elasticsearch","nodes":{"yQAWBO3FS8CupZnSvAVziQ":{"name":"Warlock","transport_address":"inet[/192.168.100.40:9300]","host":"devel01","ip":"192.168.100.40","version":"1.4.2","build":"927caff","http_address":"inet[/192.168.100.40:9200]","settings":{"path":{"data":"/var/lib/elasticsearch","work":"/tmp/elasticsearch","home":"/usr/share/elasticsearch","conf":"/etc/elasticsearch","logs":"/var/log/elasticsearch"},"pidfile":"/var/run/elasticsearch.pid","cluster":{"name":"elasticsearch"},"config":"/etc/elasticsearch/elasticsearch.yml","client":{"type":"node"},"name":"Warlock"},"os":{"refresh_interval_in_millis":1000,"available_processors":2,"cpu":{"vendor":"Intel","model":"Common KVM processor","mhz":3399,"total_cores":2,"total_sockets":1,"cores_per_socket":2,"cache_size_in_bytes":4096},"mem":{"total_in_bytes":2099183616},"swap":{"total_in_bytes":2145382400}},"process":{"refresh_interval_in_millis":1000,"id":20638,"max_file_descriptors":65535,"mlockall":false},"jvm":{"pid":20638,"version":"1.7.0_55","vm_name":"OpenJDK 64-Bit Server VM","vm_version":"24.51-b03","vm_vendor":"Oracle Corporation","start_time_in_millis":1421686713108,"mem":{"heap_init_in_bytes":268435456,"heap_max_in_bytes":1056309248,"non_heap_init_in_bytes":24313856,"non_heap_max_in_bytes":224395264,"direct_max_in_bytes":1056309248},"gc_collectors":["ParNew","ConcurrentMarkSweep"],"memory_pools":["Code Cache","Par Eden Space","Par Survivor Space","CMS Old Gen","CMS Perm Gen"]},"thread_pool":{"generic":{"type":"cached","keep_alive":"30s","queue_size":-1},"index":{"type":"fixed","min":2,"max":2,"queue_size":"200"},"bench":{"type":"scaling","min":1,"max":1,"keep_alive":"5m","queue_size":-1},"get":{"type":"fixed","min":2,"max":2,"queue_size":"1k"},"snapshot":{"type":"scaling","min":1,"max":1,"keep_alive":"5m","queue_size":-1},"merge":{"type":"scaling","min":1,"max":1,"keep_alive":"5m","queue_size":-1},"suggest":{"type":"fixed","min":2,"max":2,"queue_size":"1k"},"bulk":{"type":"fixed","min":2,"max":2,"queue_size":"50"},"optimize":{"type":"fixed","min":1,"max":1,"queue_size":-1},"warmer":{"type":"scaling","min":1,"max":1,"keep_alive":"5m","queue_size":-1},"flush":{"type":"scaling","min":1,"max":1,"keep_alive":"5m","queue_size":-1},"search":{"type":"fixed","min":6,"max":6,"queue_size":"1k"},"listener":{"type":"fixed","min":1,"max":1,"queue_size":-1},"percolate":{"type":"fixed","min":2,"max":2,"queue_size":"1k"},"management":{"type":"scaling","min":1,"max":5,"keep_alive":"5m","queue_size":-1},"refresh":{"type":"scaling","min":1,"max":1,"keep_alive":"5m","queue_size":-1}},"network":{"refresh_interval_in_millis":5000,"primary_interface":{"address":"192.168.100.40","name":"eth0","mac_address":"9E:FA:5C:B8:CC:4D"}},"transport":{"bound_address":"inet[/0:0:0:0:0:0:0:0:9300]","publish_address":"inet[/192.168.100.40:9300]"},"http":{"bound_address":"inet[/0:0:0:0:0:0:0:0:9200]","publish_address":"inet[/192.168.100.40:9200]","max_content_length_in_bytes":104857600},"plugins":[{"name":"kopf","version":"1.4.3","description":"kopf - simple web administration tool for ElasticSearch","url":"/_plugin/kopf/","jvm":false,"site":true}]}}} diff --git a/elasticsearch/spec/fixtures/hiera/hiera.yaml b/elasticsearch/spec/fixtures/hiera/hiera.yaml deleted file mode 100644 index 954cef4bc..000000000 --- a/elasticsearch/spec/fixtures/hiera/hiera.yaml +++ /dev/null @@ -1,8 +0,0 @@ ---- -:backends: yaml -:yaml: - :datadir: spec/fixtures/hiera/hieradata -:hierarchy: -- ! '%{scenario}' -- envs/%{common} -:logger: console diff --git a/elasticsearch/spec/fixtures/hiera/hieradata/envs/defaultinstance.yaml b/elasticsearch/spec/fixtures/hiera/hieradata/envs/defaultinstance.yaml deleted file mode 100644 index 9a66d51f5..000000000 --- a/elasticsearch/spec/fixtures/hiera/hieradata/envs/defaultinstance.yaml +++ /dev/null @@ -1,5 +0,0 @@ ---- -elasticsearch::instances: - default: - config: - node.name: 'default' diff --git a/elasticsearch/spec/fixtures/hiera/hieradata/multipleinstances.yaml b/elasticsearch/spec/fixtures/hiera/hieradata/multipleinstances.yaml deleted file mode 100644 index 9781b6899..000000000 --- a/elasticsearch/spec/fixtures/hiera/hieradata/multipleinstances.yaml +++ /dev/null @@ -1,8 +0,0 @@ ---- -elasticsearch::instances: - es-01: - config: - node.name: 'es-01' - es-02: - config: - node.name: 'es-02' diff --git a/elasticsearch/spec/fixtures/hiera/hieradata/singleinstance.yaml b/elasticsearch/spec/fixtures/hiera/hieradata/singleinstance.yaml deleted file mode 100644 index 8df193026..000000000 --- a/elasticsearch/spec/fixtures/hiera/hieradata/singleinstance.yaml +++ /dev/null @@ -1,5 +0,0 @@ ---- -elasticsearch::instances: - es-01: - config: - node.name: 'es-01' diff --git a/elasticsearch/spec/fixtures/hiera/hieradata/singleplugin.yaml b/elasticsearch/spec/fixtures/hiera/hieradata/singleplugin.yaml deleted file mode 100644 index 2b5548f79..000000000 --- a/elasticsearch/spec/fixtures/hiera/hieradata/singleplugin.yaml +++ /dev/null @@ -1,11 +0,0 @@ ---- -elasticsearch::instances: - es-01: - config: - node.name: 'es-01' -elasticsearch::plugins: - 'mobz/elasticsearch-head/1.0.0': - ensure: 'present' - module_dir: 'head' - instances: - - 'es-01' diff --git a/elasticsearch/spec/functions/es_facts_spec.rb b/elasticsearch/spec/functions/es_facts_spec.rb deleted file mode 100644 index d9986964b..000000000 --- a/elasticsearch/spec/functions/es_facts_spec.rb +++ /dev/null @@ -1,74 +0,0 @@ -require 'spec_helper' -require 'webmock/rspec' - -describe "ES facts" do - - before(:each) do - stub_request(:get, "http://localhost:9200/").with(:headers => {'Accept'=>'*/*', 'User-Agent'=>'Ruby'}).to_return(:status => 200, :body => File.read(File.join(fixture_path, 'facts/facts_url1.json') ), :headers => {}) - stub_request(:get, "http://localhost:9200/_nodes/Warlock").with(:headers => {'Accept'=>'*/*', 'User-Agent'=>'Ruby'}).to_return(:status => 200, :body => File.read(File.join(fixture_path, 'facts/facts_url2.json') )) - - allow(File).to receive(:directory?).with('/etc/elasticsearch').and_return(true) - allow(Dir).to receive(:foreach).and_yield('es01') - allow(File).to receive(:exists?).with('/etc/elasticsearch/es01/elasticsearch.yml').and_return(true) - allow(YAML).to receive(:load_file).with('/etc/elasticsearch/es01/elasticsearch.yml').and_return({}) - require 'lib/facter/es_facts' - end - - describe "main" do - it "elasticsearch_ports" do - expect(Facter.fact(:elasticsearch_ports).value).to eq("9200") - end - - end - - describe "instance" do - - it "elasticsearch_9200_name" do - expect(Facter.fact(:elasticsearch_9200_name).value).to eq("Warlock") - end - - it "elasticsearch_9200_version" do - expect(Facter.fact(:elasticsearch_9200_version).value).to eq("1.4.2") - end - - it "elasticsearch_9200_cluster_name" do - expect(Facter.fact(:elasticsearch_9200_cluster_name).value).to eq("elasticsearch") - end - - it "elasticsearch_9200_node_id" do - expect(Facter.fact(:elasticsearch_9200_node_id).value).to eq("yQAWBO3FS8CupZnSvAVziQ") - end - - it "elasticsearch_9200_mlockall" do - expect(Facter.fact(:elasticsearch_9200_mlockall).value).to be_falsy - end - - it "elasticsearch_9200_plugins" do - expect(Facter.fact(:elasticsearch_9200_plugins).value).to eq("kopf") - end - - describe "plugin kopf" do - it "elasticsearch_9200_plugin_kopf_version" do - expect(Facter.fact(:elasticsearch_9200_plugin_kopf_version).value).to eq("1.4.3") - end - - it "elasticsearch_9200_plugin_kopf_description" do - expect(Facter.fact(:elasticsearch_9200_plugin_kopf_description).value).to eq("kopf - simple web administration tool for ElasticSearch") - end - - it "elasticsearch_9200_plugin_kopf_url" do - expect(Facter.fact(:elasticsearch_9200_plugin_kopf_url).value).to eq("/_plugin/kopf/") - end - - it "elasticsearch_9200_plugin_kopf_jvm" do - expect(Facter.fact(:elasticsearch_9200_plugin_kopf_jvm).value).to be_falsy - end - - it "elasticsearch_9200_plugin_kopf_site" do - expect(Facter.fact(:elasticsearch_9200_plugin_kopf_site).value).to be_truthy - end - - end - end - -end diff --git a/elasticsearch/spec/functions/plugin_dir_spec.rb b/elasticsearch/spec/functions/plugin_dir_spec.rb deleted file mode 100644 index ab4cff101..000000000 --- a/elasticsearch/spec/functions/plugin_dir_spec.rb +++ /dev/null @@ -1,47 +0,0 @@ -#! /usr/bin/env ruby -S rspec -require 'spec_helper' - -describe "the plugin_dir function" do - let(:scope) { PuppetlabsSpec::PuppetInternals.scope } - - it "should exist" do - expect(Puppet::Parser::Functions.function("plugin_dir")).to eq("function_plugin_dir") - end - - it "should raise a ParseError if there is less than 1 argument" do - expect { scope.function_plugin_dir([]) }.to raise_error(Puppet::ParseError) - end - - it "should raise a ParseError if there are more than 2 arguments" do - expect { scope.function_plugin_dir(['a', 'b', 'c']) }.to raise_error(Puppet::ParseError) - end - - it "should complain about non-string first argument" do - expect { scope.function_plugin_dir([[]]) }.to raise_error(Puppet::ParseError) - end - - list = [ - { 'name' => 'mobz/elasticsearch-head', 'dir' => 'head' }, - { 'name' => 'lukas-vlcek/bigdesk/2.4.0', 'dir' => 'bigdesk' }, - { 'name' => 'elasticsearch/elasticsearch-cloud-aws/2.5.1', 'dir' => 'cloud-aws' }, - { 'name' => 'com.sksamuel.elasticsearch/elasticsearch-river-redis/1.1.0', 'dir' => 'river-redis' }, - { 'name' => 'com.github.lbroudoux.elasticsearch/amazon-s3-river/1.4.0', 'dir' => 'amazon-s3-river' }, - { 'name' => 'elasticsearch/elasticsearch-lang-groovy/2.0.0', 'dir' => 'lang-groovy' }, - { 'name' => 'royrusso/elasticsearch-HQ', 'dir' => 'HQ' }, - { 'name' => 'polyfractal/elasticsearch-inquisitor', 'dir' => 'inquisitor' }, - { 'name' => 'mycustomplugin', 'dir' => 'mycustomplugin' }, - ] - - describe "passing plugin name" do - - list.each do |plugin| - - it "should return #{plugin['dir']} directory name for #{plugin['name']}" do - result = scope.function_plugin_dir([plugin['name']]) - expect(result).to eq(plugin['dir']) - end - - end - end - -end diff --git a/elasticsearch/spec/spec_acceptance_common.rb b/elasticsearch/spec/spec_acceptance_common.rb deleted file mode 100644 index 5e90f87f4..000000000 --- a/elasticsearch/spec/spec_acceptance_common.rb +++ /dev/null @@ -1,191 +0,0 @@ - test_settings['cluster_name'] = SecureRandom.hex(10) - - test_settings['repo_version2x'] = '2.x' - case fact('osfamily') - when 'RedHat' - test_settings['repo_version'] = '1.3' - test_settings['url'] = 'http://download.elasticsearch.org/elasticsearch/elasticsearch/elasticsearch-1.3.1.noarch.rpm' - test_settings['local'] = '/tmp/elasticsearch-1.3.1.noarch.rpm' - test_settings['puppet'] = 'elasticsearch-1.3.1.noarch.rpm' - test_settings['package_name'] = 'elasticsearch' - test_settings['service_name_a'] = 'elasticsearch-es-01' - test_settings['service_name_b'] = 'elasticsearch-es-02' - test_settings['pid_file_a'] = '/var/run/elasticsearch/elasticsearch-es-01.pid' - test_settings['pid_file_b'] = '/var/run/elasticsearch/elasticsearch-es-02.pid' - test_settings['defaults_file_a'] = '/etc/sysconfig/elasticsearch-es-01' - test_settings['defaults_file_b'] = '/etc/sysconfig/elasticsearch-es-02' - test_settings['port_a'] = '9200' - test_settings['port_b'] = '9201' - test_settings['install_package_version'] = '1.3.5' - test_settings['install_version'] = '1.3.5' - test_settings['upgrade_package_version'] = '1.3.6' - test_settings['upgrade_version'] = '1.3.6' - when 'Debian' - case fact('operatingsystem') - when 'Ubuntu' - test_settings['repo_version'] = '1.3' - test_settings['url'] = 'http://download.elasticsearch.org/elasticsearch/elasticsearch/elasticsearch-1.3.1.deb' - test_settings['local'] = '/tmp/elasticsearch-1.3.1.deb' - test_settings['puppet'] = 'elasticsearch-1.3.1.deb' - test_settings['pid_file_a'] = '/var/run/elasticsearch-es-01.pid' - test_settings['pid_file_b'] = '/var/run/elasticsearch-es-02.pid' - test_settings['install_package_version'] = '1.3.5' - test_settings['install_version'] = '1.3.5' - test_settings['upgrade_package_version'] = '1.3.6' - test_settings['upgrade_version'] = '1.3.6' - when 'Debian' - case fact('lsbmajdistrelease') - when '6' - test_settings['repo_version'] = '1.1' - test_settings['url'] = 'http://download.elasticsearch.org/elasticsearch/elasticsearch/elasticsearch-1.1.0.deb' - test_settings['local'] = '/tmp/elasticsearch-1.1.0.deb' - test_settings['puppet'] = 'elasticsearch-1.1.0.deb' - test_settings['pid_file_a'] = '/var/run/elasticsearch-es-01.pid' - test_settings['pid_file_b'] = '/var/run/elasticsearch-es-02.pid' - test_settings['install_package_version'] = '1.1.1' - test_settings['install_version'] = '1.1.1' - test_settings['upgrade_package_version'] = '1.1.2' - test_settings['upgrade_version'] = '1.1.2' - when '7' - test_settings['repo_version'] = '1.3' - test_settings['url'] = 'http://download.elasticsearch.org/elasticsearch/elasticsearch/elasticsearch-1.3.1.deb' - test_settings['local'] = '/tmp/elasticsearch-1.3.1.deb' - test_settings['puppet'] = 'elasticsearch-1.3.1.deb' - test_settings['pid_file_a'] = '/var/run/elasticsearch-es-01.pid' - test_settings['pid_file_b'] = '/var/run/elasticsearch-es-02.pid' - test_settings['install_package_version'] = '1.3.5' - test_settings['install_version'] = '1.3.5' - test_settings['upgrade_package_version'] = '1.3.6' - test_settings['upgrade_version'] = '1.3.6' - else - test_settings['repo_version'] = '1.3' - test_settings['url'] = 'http://download.elasticsearch.org/elasticsearch/elasticsearch/elasticsearch-1.3.1.deb' - test_settings['local'] = '/tmp/elasticsearch-1.3.1.deb' - test_settings['puppet'] = 'elasticsearch-1.3.1.deb' - test_settings['pid_file_a'] = '/var/run/elasticsearch/elasticsearch-es-01.pid' - test_settings['pid_file_b'] = '/var/run/elasticsearch/elasticsearch-es-02.pid' - test_settings['install_package_version'] = '1.3.5' - test_settings['install_version'] = '1.3.5' - test_settings['upgrade_package_version'] = '1.3.6' - test_settings['upgrade_version'] = '1.3.6' - end - end - test_settings['package_name'] = 'elasticsearch' - test_settings['service_name_a'] = 'elasticsearch-es-01' - test_settings['service_name_b'] = 'elasticsearch-es-02' - test_settings['defaults_file_a'] = '/etc/default/elasticsearch-es-01' - test_settings['defaults_file_b'] = '/etc/default/elasticsearch-es-02' - test_settings['port_a'] = '9200' - test_settings['port_b'] = '9201' - when 'Suse' - test_settings['repo_version'] = '1.3' - test_settings['url'] = 'http://download.elasticsearch.org/elasticsearch/elasticsearch/elasticsearch-1.3.1.noarch.rpm' - test_settings['local'] = '/tmp/elasticsearch-1.3.1.noarch.rpm' - test_settings['puppet'] = 'elasticsearch-1.3.1.noarch.rpm' - test_settings['install_package_version'] = '1.3.5' - test_settings['install_version'] = '1.3.5' - test_settings['upgrade_package_version'] = '1.3.6' - test_settings['upgrade_version'] = '1.3.6' - test_settings['package_name'] = 'elasticsearch' - test_settings['service_name_a'] = 'elasticsearch-es-01' - test_settings['service_name_b'] = 'elasticsearch-es-02' - test_settings['pid_file_a'] = '/var/run/elasticsearch/elasticsearch-es-01.pid' - test_settings['pid_file_b'] = '/var/run/elasticsearch/elasticsearch-es-02.pid' - test_settings['defaults_file_a'] = '/etc/sysconfig/elasticsearch-es-01' - test_settings['defaults_file_b'] = '/etc/sysconfig/elasticsearch-es-02' - test_settings['port_a'] = '9200' - test_settings['port_b'] = '9201' - end - - test_settings['datadir_1'] = '/var/lib/elasticsearch-data/1/' - test_settings['datadir_2'] = '/var/lib/elasticsearch-data/2/' - test_settings['datadir_3'] = '/var/lib/elasticsearch-data/3/' - - test_settings['good_json']='{ - "template" : "logstash-*", - "settings" : { - "index.refresh_interval" : "5s", - "analysis" : { - "analyzer" : { - "default" : { - "type" : "standard", - "stopwords" : "_none_" - } - } - } - }, - "mappings" : { - "_default_" : { - "_all" : {"enabled" : true}, - "dynamic_templates" : [ { - "string_fields" : { - "match" : "*", - "match_mapping_type" : "string", - "mapping" : { - "type" : "multi_field", - "fields" : { - "{name}" : {"type": "string", "index" : "analyzed", "omit_norms" : true }, - "raw" : {"type": "string", "index" : "not_analyzed", "ignore_above" : 256} - } - } - } - } ], - "properties" : { - "@version": { "type": "string", "index": "not_analyzed" }, - "geoip" : { - "type" : "object", - "dynamic": true, - "path": "full", - "properties" : { - "location" : { "type" : "geo_point" } - } - } - } - } - } - }' - - test_settings['bad_json']='{ - "settings" : { - "index.refresh_interval" : "5s", - "analysis" : { - "analyzer" : { - "default" : { - "type" : "standard", - "stopwords" : "_none_" - } - } - } - }, - "mappings" : { - "_default_" : { - "_all" : {"enabled" : true}, - "dynamic_templates" : [ { - "string_fields" : { - "match" : "*", - "match_mapping_type" : "string", - "mapping" : { - "type" : "multi_field", - "fields" : { - "{name}" : {"type": "string", "index" : "analyzed", "omit_norms" : true }, - "raw" : {"type": "string", "index" : "not_analyzed", "ignore_above" : 256} - } - } - } - } ], - "properties" : { - "@version": { "type": "string", "index": "not_analyzed" }, - "geoip" : { - "type" : "object", - "dynamic": true, - "path": "full", - "properties" : { - "location" : { "type" : "geo_point" } - } - } - } - } - } - }' - -RSpec.configuration.test_settings = test_settings diff --git a/elasticsearch/spec/spec_acceptance_integration.rb b/elasticsearch/spec/spec_acceptance_integration.rb deleted file mode 100644 index c7135cf4b..000000000 --- a/elasticsearch/spec/spec_acceptance_integration.rb +++ /dev/null @@ -1,32 +0,0 @@ - -def get_url - - urls = { - 'URL_MASTER' => 'http://s3-eu-west-1.amazonaws.com/build-eu.elasticsearch.org/origin/master/nightly/JDK7/elasticsearch-latest-SNAPSHOT.$EXT$', - 'URL_SNAP' => 'http://s3-eu-west-1.amazonaws.com/build.eu-west-1.elastic.co/origin/$VERSION$/nightly/JDK7/elasticsearch-latest-SNAPSHOT.$EXT$', - 'URL_TAGS' => 'http://download.elastic.co/elasticsearch/elasticsearch/elasticsearch-$VERSION$.$EXT$', - 'URL_TAGS2' => 'https://download.elasticsearch.org/elasticsearch/release/org/elasticsearch/distribution/$EXT$/elasticsearch/$VERSION$/elasticsearch-$VERSION$.$EXT$' - } - - es_version = ENV['ES_VERSION'] - - if es_version == 'MASTER_nightly' - # We are testing the master branch snapshot - url = urls['URL_MASTER'] - elsif es_version =~ /_nightly$/ - # We are testing a version snapshot - ver = es_version.split('_')[0] - url = urls["URL_SNAP"].gsub('$VERSION$', ver) - else - # we are testing a released version - if es_version =~ /^2/ - _url = urls['URL_TAGS2'] - else - _url = urls['URL_TAGS'] - end - url = _url.gsub('$VERSION$', es_version) - end - - return url - -end diff --git a/elasticsearch/spec/spec_helper.rb b/elasticsearch/spec/spec_helper.rb deleted file mode 100644 index ef1ed4416..000000000 --- a/elasticsearch/spec/spec_helper.rb +++ /dev/null @@ -1,15 +0,0 @@ -require 'puppetlabs_spec_helper/module_spec_helper' -require 'rspec-puppet-facts' -include RspecPuppetFacts - -def fixture_path - File.expand_path(File.join(__FILE__, '..', 'fixtures')) -end - -$LOAD_PATH.unshift(File.expand_path(File.dirname(__FILE__) + '/../')) - -RSpec.configure do |c| - c.add_setting :fixture_path, :default => fixture_path - c.mock_with(:rspec) - c.hiera_config = File.join(fixture_path, '/hiera/hiera.yaml') -end diff --git a/elasticsearch/spec/spec_helper_acceptance.rb b/elasticsearch/spec/spec_helper_acceptance.rb deleted file mode 100644 index bc1eca8c5..000000000 --- a/elasticsearch/spec/spec_helper_acceptance.rb +++ /dev/null @@ -1,154 +0,0 @@ -require 'beaker-rspec' -require 'pry' -require 'securerandom' -require_relative 'spec_acceptance_integration' - -def test_settings - RSpec.configuration.test_settings -end - -RSpec.configure do |c| - c.add_setting :test_settings, :default => {} -end - -files_dir = ENV['files_dir'] || '/home/jenkins/puppet' - -proxy_host = ENV['BEAKER_PACKAGE_PROXY'] || '' - -if !proxy_host.empty? - gem_proxy = "http_proxy=#{proxy_host}" unless proxy_host.empty? - - hosts.each do |host| - on host, "echo 'export http_proxy='#{proxy_host}'' >> /root/.bashrc" - on host, "echo 'export https_proxy='#{proxy_host}'' >> /root/.bashrc" - on host, "echo 'export no_proxy=\"localhost,127.0.0.1,localaddress,.localdomain.com,#{host.name}\"' >> /root/.bashrc" - end -else - gem_proxy = '' -end - -hosts.each do |host| - - # Install Puppet - if host.is_pe? - install_pe - else - puppetversion = ENV['VM_PUPPET_VERSION'] - on host, "#{gem_proxy} gem install puppet --no-ri --no-rdoc --version '~> #{puppetversion}'" - on host, "mkdir -p #{host['distmoduledir']}" - - if fact('osfamily') == 'Suse' - install_package host, 'rubygems ruby-devel augeas-devel libxml2-devel' - on host, "#{gem_proxy} gem install ruby-augeas --no-ri --no-rdoc" - end - - if host[:type] == 'aio' - on host, "mkdir -p /var/log/puppetlabs/puppet" - end - - end - - if ENV['ES_VERSION'] - - case fact('osfamily') - when 'RedHat' - if ENV['ES_VERSION'][0,1] == '1' - ext='noarch.rpm' - else - ext='rpm' - end - when 'Debian' - ext='deb' - when 'Suse' - ext='rpm' - end - - url = get_url - RSpec.configuration.test_settings['snapshot_package'] = url.gsub('$EXT$', ext) - - else - - case fact('osfamily') - when 'RedHat' - scp_to(host, "#{files_dir}/elasticsearch-1.3.1.noarch.rpm", '/tmp/elasticsearch-1.3.1.noarch.rpm') - when 'Debian' - case fact('lsbmajdistrelease') - when '6' - scp_to(host, "#{files_dir}/elasticsearch-1.1.0.deb", '/tmp/elasticsearch-1.1.0.deb') - else - scp_to(host, "#{files_dir}/elasticsearch-1.3.1.deb", '/tmp/elasticsearch-1.3.1.deb') - end - when 'Suse' - case fact('operatingsystem') - when 'OpenSuSE' - scp_to(host, "#{files_dir}/elasticsearch-1.3.1.noarch.rpm", '/tmp/elasticsearch-1.3.1.noarch.rpm') - end - end - - scp_to(host, "#{files_dir}/elasticsearch-bigdesk.zip", "/tmp/elasticsearch-bigdesk.zip") - scp_to(host, "#{files_dir}/elasticsearch-kopf.zip", "/tmp/elasticsearch-kopf.zip") - - end - - # on debian/ubuntu nodes ensure we get the latest info - # Can happen we have stalled data in the images - if fact('osfamily') == 'Debian' - on host, "apt-get update" - end - if fact('osfamily') == 'RedHat' - on host, "yum -y update" - end - -end - -RSpec.configure do |c| - # Project root - proj_root = File.expand_path(File.join(File.dirname(__FILE__), '..')) - - # Readable test descriptions - c.formatter = :documentation - - # Configure all nodes in nodeset - c.before :suite do - # Install module and dependencies - puppet_module_install(:source => proj_root, :module_name => 'elasticsearch') - hosts.each do |host| - - copy_hiera_data_to(host, 'spec/fixtures/hiera/hieradata/') - on host, puppet('module','install','puppetlabs-java'), { :acceptable_exit_codes => [0,1] } - on host, puppet('module','install','richardc-datacat'), { :acceptable_exit_codes => [0,1] } - - if fact('osfamily') == 'Debian' - on host, puppet('module','install','puppetlabs-apt', '--version=1.8.0'), { :acceptable_exit_codes => [0,1] } - end - if fact('osfamily') == 'Suse' - on host, puppet('module','install','darin-zypprepo'), { :acceptable_exit_codes => [0,1] } - end - if fact('osfamily') == 'RedHat' - on host, puppet('module', 'upgrade', 'puppetlabs-stdlib'), { :acceptable_exit_codes => [0,1] } - on host, puppet('module', 'install', 'ceritsc-yum'), { :acceptable_exit_codes => [0,1] } - end - - if host.is_pe? - on(host, 'sed -i -e "s/PATH=PATH:\/opt\/puppet\/bin:/PATH=PATH:/" ~/.ssh/environment') - end - - on(host, 'mkdir -p etc/puppet/modules/another/files/') - - end - end - - c.after :suite do - if ENV['ES_VERSION'] - hosts.each do |host| - timestamp = Time.now - log_dir = File.join('./spec/logs', timestamp.strftime("%F_%H_%M_%S")) - FileUtils.mkdir_p(log_dir) unless File.directory?(log_dir) - scp_from(host, '/var/log/elasticsearch', log_dir) - end - end - end - -end - -require_relative 'spec_acceptance_common' diff --git a/elasticsearch/spec/unit/provider/plugin_spec.rb b/elasticsearch/spec/unit/provider/plugin_spec.rb deleted file mode 100644 index 373600cf8..000000000 --- a/elasticsearch/spec/unit/provider/plugin_spec.rb +++ /dev/null @@ -1,111 +0,0 @@ -require 'spec_helper' - -provider_class = Puppet::Type.type(:elasticsearch_plugin).provider(:plugin) - -describe provider_class do - - let(:resource_name) { 'lmenezes/elasticsearch-kopf' } - let(:resource) do - Puppet::Type.type(:elasticsearch_plugin).new( - :name => resource_name, - :ensure => :present, - :provider => 'plugin' - ) - end - - let(:provider) do - provider = provider_class.new - provider.resource = resource - provider - end - - describe "ES 1.x" do - before(:each) do - provider_class.expects(:es).with('-version').returns("Version: 1.7.1, Build: b88f43f/2015-07-29T09:54:16Z, JVM: 1.7.0_79") - allow(File).to receive(:open) - provider.es_version - end - - let(:shortname) { provider.plugin_name(resource_name) } - - describe 'install' do - it 'installs plugin' do - provider.expects(:plugin).with(['install', [ resource_name] ]) - provider.create - end - - - it 'with url' do - resource[:url] = 'http://url/to/my/plugin.zip' - provider.expects(:plugin).with(['install', [ shortname, '--url', 'http://url/to/my/plugin.zip' ] ]) - provider.create - end - - it 'with local file' do - resource[:source] = '/tmp/plugin.zip' - provider.expects(:plugin).with(['install', [ shortname, '--url', 'file:///tmp/plugin.zip' ] ]) - provider.create - end - - it 'with proxy' do - resource[:proxy_args] = '-dproxyport=3128 -dproxyhost=localhost' - provider.expects(:plugin).with([['-dproxyport=3128', '-dproxyhost=localhost'], 'install', [resource_name] ]) - provider.create - end - - end - - describe 'removal' do - it 'destroys' do - provider.expects(:plugin).with(['remove', resource_name]) - provider.destroy - end - end - - end - - describe "ES 2.x" do - - before(:each) do - allow(provider_class).to receive(:es).with('-version').and_return("Version: 2.0.0, Build: de54438/2015-10-22T08:09:48Z, JVM: 1.8.0_66") - allow(File).to receive(:open) - provider.es_version - end - - let(:shortname) { provider.plugin_name(resource_name) } - - describe 'install' do - it 'installs plugin' do - provider.expects(:plugin).with(['install', [ resource_name] ]) - provider.create - end - - it 'with url' do - resource[:url] = 'http://url/to/my/plugin.zip' - provider.expects(:plugin).with(['install', [ 'http://url/to/my/plugin.zip' ] ]) - provider.create - end - - it 'with local file' do - resource[:source] = '/tmp/plugin.zip' - provider.expects(:plugin).with(['install', [ 'file:///tmp/plugin.zip' ] ]) - provider.create - end - - it 'with proxy' do - resource[:proxy_args] = '-dproxyport=3128 -dproxyhost=localhost' - provider.expects(:plugin).with([['-dproxyport=3128', '-dproxyhost=localhost'], 'install', [resource_name] ]) - provider.create - end - end - - describe 'removal' do - it 'destroys' do - provider.expects(:plugin).with(['remove', resource_name]) - provider.destroy - end - end - - end - -end diff --git a/elasticsearch/spec/unit/type/plugin_spec.rb b/elasticsearch/spec/unit/type/plugin_spec.rb deleted file mode 100644 index afd6721d1..000000000 --- a/elasticsearch/spec/unit/type/plugin_spec.rb +++ /dev/null @@ -1,57 +0,0 @@ -require 'spec_helper' - -describe Puppet::Type.type(:elasticsearch_plugin).provider(:plugin) do - - let(:resource_name) { "lmenezes/elasticsearch-kopf" } - - describe "input validation" do - - let(:type) { Puppet::Type.type(:elasticsearch_plugin) } - - before do - Process.stubs(:euid).returns 0 - Puppet::Util::Storage.stubs(:store) - end - - it "should default to being installed" do - plugin = Puppet::Type.type(:elasticsearch_plugin).new(:name => resource_name ) - expect(plugin.should(:ensure)).to eq(:present) - end - - describe "when validating attributes" do - [:name, :source, :url, :proxy_args].each do |param| - it "should have a #{param} parameter" do - expect(type.attrtype(param)).to eq(:param) - end - end - - it "should have an ensure property" do - expect(type.attrtype(:ensure)).to eq(:property) - end - end - - end - -end - - describe 'other tests' do - - prov_c = Puppet::Type.type(:elasticsearch_plugin).provider(:plugin) - - describe prov_c do - - it 'should install a plugin' do - resource = Puppet::Type.type(:elasticsearch_plugin).new( - :name => "lmenezes/elasticsearch-kopf", - :ensure => :present - ) - allow(File).to receive(:open) - provider = prov_c.new(resource) - provider.expects(:es).with('-version').returns('Version: 1.7.3, Build: b88f43f/2015-07-29T09:54:16Z, JVM: 1.7.0_79') - provider.expects(:plugin).with(['install', ['lmenezes/elasticsearch-kopf']]) - provider.create - end - - end - end - diff --git a/elasticsearch/templates/etc/elasticsearch/elasticsearch.yml.erb b/elasticsearch/templates/etc/elasticsearch/elasticsearch.yml.erb deleted file mode 100644 index 4d5ff6228..000000000 --- a/elasticsearch/templates/etc/elasticsearch/elasticsearch.yml.erb +++ /dev/null @@ -1,93 +0,0 @@ -<%- - - # Function to make a structured and sorted yaml representation out of a hash - def recursive_hash_to_yml_string(hash, depth=0) - spacer = "" - depth.times { spacer += " "} - hash.keys.sort.each do |sorted_key| - @yml_string += spacer + sorted_key + ": " - if hash[sorted_key].is_a?(::Array) - keyspacer = "" - sorted_key.length.times { keyspacer += " " } - @yml_string += "\n" - hash[sorted_key].each do |item| - @yml_string += spacer + keyspacer + "- " + item +"\n" - end - elsif hash[sorted_key].is_a?(::Hash) - @yml_string += "\n" - recursive_hash_to_yml_string(hash[sorted_key], depth+1) - else - @yml_string += "#{hash[sorted_key].to_s}\n" - end - end - end - - # Function to transform shorted write up of the keys into full hash representation - def transform(hash) - return_vals = [] - - hash.each do |key,val| - if m = /^([^.]+)\.(.*)$/.match(key) - temp = { m[1] => { m[2] => val } } - transform(temp).each do |stuff| - return_vals << stuff - end - else - if val.is_a?(::Hash) - transform(val).each do |stuff| - return_vals << { key => stuff } - end - else - return_vals << { key => val } - end - end - end - - return_vals - end - - # Function to deep merge hashes with same keys - class ::Hash - def deep_merge_with_array_values_concatenated(hash) - target = dup - - hash.keys.each do |key| - if hash[key].is_a? ::Hash and self[key].is_a? ::Hash - target[key] = target[key].deep_merge_with_array_values_concatenated(hash[key]) - next - end - - if hash[key].is_a?(::Array) && target[key].is_a?(::Array) - target[key] = target[key] + hash[key] - else - target[key] = hash[key] - end - end - - target - end - end - - # initial string - @yml_string = "### MANAGED BY PUPPET ###\n" - - if !@data.empty? - - @yml_string += "---\n" - - ## Transform shorted keys into full write up - transformed_config = transform(@data) - - # Merge it back into a hash - tmphash = { } - transformed_config.each do |subhash| - tmphash = tmphash.deep_merge_with_array_values_concatenated(subhash) - end - - # Transform it into yaml - recursive_hash_to_yml_string(tmphash) - - end - --%> -<%= @yml_string -%> diff --git a/elasticsearch/templates/etc/elasticsearch/logging.yml.erb b/elasticsearch/templates/etc/elasticsearch/logging.yml.erb deleted file mode 100644 index e24d41426..000000000 --- a/elasticsearch/templates/etc/elasticsearch/logging.yml.erb +++ /dev/null @@ -1,52 +0,0 @@ -# This file is managed by Puppet, do not edit manually, your changes *will* be overwritten! -# -# Please see the source file for context and more information: -# -# https://github.com/elasticsearch/elasticsearch/blob/master/config/logging.yml -# - -es.logger.level: <%= @logging_level %> -rootLogger: <%= @logging_level %>, console, file - -# ----- Configuration set by Puppet --------------------------------------------- - -<% @logging_hash.sort.each do |key,value| %> -logger.<%= key %>: <%= value %> -<% end %> - -# ------------------------------------------------------------------------------- - -additivity: - index.search.slowlog: false - index.indexing.slowlog: false - -appender: - console: - type: console - layout: - type: consolePattern - conversionPattern: "[%d{ISO8601}][%-5p][%-25c] %m%n" - - file: - type: dailyRollingFile - file: ${path.logs}/${cluster.name}.log - datePattern: "'.'yyyy-MM-dd" - layout: - type: pattern - conversionPattern: "[%d{ISO8601}][%-5p][%-25c] %m%n" - - index_search_slow_log_file: - type: dailyRollingFile - file: ${path.logs}/${cluster.name}_index_search_slowlog.log - datePattern: "'.'yyyy-MM-dd" - layout: - type: pattern - conversionPattern: "[%d{ISO8601}][%-5p][%-25c] %m%n" - - index_indexing_slow_log_file: - type: dailyRollingFile - file: ${path.logs}/${cluster.name}_index_indexing_slowlog.log - datePattern: "'.'yyyy-MM-dd" - layout: - type: pattern - conversionPattern: "[%d{ISO8601}][%-5p][%-25c] %m%n" diff --git a/elasticsearch/templates/etc/init.d/elasticsearch.Debian.erb b/elasticsearch/templates/etc/init.d/elasticsearch.Debian.erb deleted file mode 100644 index a4447b2ab..000000000 --- a/elasticsearch/templates/etc/init.d/elasticsearch.Debian.erb +++ /dev/null @@ -1,207 +0,0 @@ -#!/bin/sh -# -# /etc/init.d/elasticsearch-<%= @name %> -- startup script for Elasticsearch -# -# Written by Miquel van Smoorenburg . -# Modified for Debian GNU/Linux by Ian Murdock . -# Modified for Tomcat by Stefan Gybas . -# Modified for Tomcat6 by Thierry Carrez . -# Additional improvements by Jason Brittain . -# Modified by Nicolas Huray for Elasticsearch . -# -### BEGIN INIT INFO -# Provides: elasticsearch-<%= @name %> -# Required-Start: $network $remote_fs $named -# Required-Stop: $network $remote_fs $named -# Default-Start: 2 3 4 5 -# Default-Stop: 0 1 6 -# Short-Description: Starts elasticsearch-<%= @name %> -# Description: Starts elasticsearch-<%= @name %> using start-stop-daemon -### END INIT INFO - -PATH=/bin:/usr/bin:/sbin:/usr/sbin -NAME=elasticsearch-<%= @name %> -DESC="Elasticsearch Server <%= @name %>" -DEFAULT=/etc/default/$NAME - -if [ `id -u` -ne 0 ]; then - echo "You need root privileges to run this script" - exit 1 -fi - - -. /lib/lsb/init-functions - -if [ -r /etc/default/rcS ]; then - . /etc/default/rcS -fi - - -# The following variables can be overwritten in $DEFAULT - -# Run Elasticsearch as this user ID and group ID -ES_USER=elasticsearch -ES_GROUP=elasticsearch - -# The first existing directory is used for JAVA_HOME (if JAVA_HOME is not defined in $DEFAULT) -JDK_DIRS="/usr/lib/jvm/java-8-oracle /usr/lib/jvm/java-8-openjdk /usr/lib/jvm/java-8-openjdk-amd64/ /usr/lib/jvm/java-8-openjdk-armhf /usr/lib/jvm/java-8-openjdk-i386/ /usr/lib/jvm/java-7-oracle /usr/lib/jvm/java-7-openjdk /usr/lib/jvm/java-7-openjdk-amd64/ /usr/lib/jvm/java-7-openjdk-armhf /usr/lib/jvm/java-7-openjdk-i386/ /usr/lib/jvm/java-6-sun /usr/lib/jvm/java-6-openjdk /usr/lib/jvm/java-6-openjdk-amd64 /usr/lib/jvm/java-6-openjdk-armhf /usr/lib/jvm/java-6-openjdk-i386 /usr/lib/jvm/default-java" - - -# Look for the right JVM to use -for jdir in $JDK_DIRS; do - if [ -r "$jdir/bin/java" -a -z "${JAVA_HOME}" ]; then - JAVA_HOME="$jdir" - fi -done -export JAVA_HOME - -# Directory where the Elasticsearch binary distribution resides -ES_HOME=/usr/share/$NAME - -# Heap Size (defaults to 256m min, 1g max) -#ES_HEAP_SIZE=2g - -# Heap new generation -#ES_HEAP_NEWSIZE= - -# max direct memory -#ES_DIRECT_SIZE= - -# Additional Java OPTS -#ES_JAVA_OPTS= - -# Maximum number of open files -MAX_OPEN_FILES=65535 - -# Maximum amount of locked memory -#MAX_LOCKED_MEMORY= - -# Elasticsearch log directory -LOG_DIR=/var/log/$NAME - -# Elasticsearch data directory -DATA_DIR=/var/lib/$NAME - -# Elasticsearch work directory -WORK_DIR=/tmp/$NAME - -# Elasticsearch configuration directory -CONF_DIR=/etc/$NAME - -# Elasticsearch configuration file (elasticsearch.yml) -CONF_FILE=$CONF_DIR/elasticsearch.yml - -# Maximum number of VMA (Virtual Memory Areas) a process can own -MAX_MAP_COUNT=262144 - -# End of variables that can be overwritten in $DEFAULT - -# overwrite settings from default file -if [ -f "$DEFAULT" ]; then - . "$DEFAULT" -fi - -# Define other required variables -PID_FILE=/var/run/$NAME.pid -DAEMON=$ES_HOME/bin/elasticsearch -DAEMON_OPTS="-d -p $PID_FILE -Des.default.path.home=$ES_HOME -Des.default.path.logs=$LOG_DIR -Des.default.path.data=$DATA_DIR -Des.default.path.work=$WORK_DIR -Des.default.path.conf=$CONF_DIR" - -export ES_HEAP_SIZE -export ES_HEAP_NEWSIZE -export ES_DIRECT_SIZE -export ES_JAVA_OPTS -export ES_CLASSPATH -export ES_INCLUDE -export ES_GC_LOG_FILE - -# Check DAEMON exists -test -x $DAEMON || exit 0 - -checkJava() { - if [ -x "$JAVA_HOME/bin/java" ]; then - JAVA="$JAVA_HOME/bin/java" - else - JAVA=`which java` - fi - - if [ ! -x "$JAVA" ]; then - echo "Could not find any executable java binary. Please install java in your PATH or set JAVA_HOME" - exit 1 - fi -} - -case "$1" in - start) - checkJava - - if [ -n "$MAX_LOCKED_MEMORY" -a -z "$ES_HEAP_SIZE" ]; then - log_failure_msg "MAX_LOCKED_MEMORY is set - ES_HEAP_SIZE must also be set" - exit 1 - fi - - log_daemon_msg "Starting $DESC" - - pid=`pidofproc -p $PID_FILE elasticsearch` - if [ -n "$pid" ] ; then - log_begin_msg "Already running." - log_end_msg 0 - exit 0 - fi - - # Prepare environment - mkdir -p "$LOG_DIR" "$DATA_DIR" "$WORK_DIR" && chown "$ES_USER":"$ES_GROUP" "$LOG_DIR" "$DATA_DIR" "$WORK_DIR" - touch "$PID_FILE" && chown "$ES_USER":"$ES_GROUP" "$PID_FILE" - - if [ -n "$MAX_OPEN_FILES" ]; then - ulimit -n $MAX_OPEN_FILES - fi - - if [ -n "$MAX_LOCKED_MEMORY" ]; then - ulimit -l $MAX_LOCKED_MEMORY - fi - - if [ -n "$MAX_MAP_COUNT" ]; then - sysctl -q -w vm.max_map_count=$MAX_MAP_COUNT - fi - - # Start Daemon - start-stop-daemon --start -b --user "$ES_USER" -c "$ES_USER" --pidfile "$PID_FILE" --exec $DAEMON -- $DAEMON_OPTS - log_end_msg $? - ;; - stop) - log_daemon_msg "Stopping $DESC" - - if [ -f "$PID_FILE" ]; then - start-stop-daemon --stop --pidfile "$PID_FILE" \ - --user "$ES_USER" \ - --retry=TERM/20/KILL/5 >/dev/null - if [ $? -eq 1 ]; then - log_progress_msg "$DESC is not running but pid file exists, cleaning up" - elif [ $? -eq 3 ]; then - PID="`cat $PID_FILE`" - log_failure_msg "Failed to stop $DESC (pid $PID)" - exit 1 - fi - rm -f "$PID_FILE" - else - log_progress_msg "(not running)" - fi - log_end_msg 0 - ;; - status) - status_of_proc -p $PID_FILE elasticsearch elasticsearch && exit 0 || exit $? - ;; - restart|force-reload) - if [ -f "$PID_FILE" ]; then - $0 stop - sleep 1 - fi - $0 start - ;; - *) - log_success_msg "Usage: $0 {start|stop|restart|force-reload|status}" - exit 1 - ;; -esac - -exit 0 diff --git a/elasticsearch/templates/etc/init.d/elasticsearch.OpenBSD.erb b/elasticsearch/templates/etc/init.d/elasticsearch.OpenBSD.erb deleted file mode 100644 index bc94d1874..000000000 --- a/elasticsearch/templates/etc/init.d/elasticsearch.OpenBSD.erb +++ /dev/null @@ -1,27 +0,0 @@ -#!/bin/sh -# -# This file is managed via PUPPET - -daemon="/usr/local/elasticsearch/bin/elasticsearch" -daemon_flags="-d -Des.default.path.conf=/etc/elasticsearch/<%= @name %> -p <%= @pid_dir %>/elasticsearch-<%= @name %>.pid" -daemon_user="_elasticsearch" - -. /etc/rc.d/rc.subr - -pexp="$(/usr/local/bin/javaPathHelper -c elasticsearch) .*org.elasticsearch.bootstrap.Elasticsearch.*" - -rc_reload=NO - -rc_start() { - ${rcexec} \ - "ES_INCLUDE=\"/etc/elasticsearch/elasticsearch.in.sh\" \ - "CONF_DIR=\"/etc/elasticsearch\"" \ - JAVA_HOME=\"$(/usr/local/bin/javaPathHelper -h elasticsearch)\" \ - ${daemon} ${daemon_flags}" -} - -rc_pre() { - install -d -o _elasticsearch /var/run/elasticsearch/ -} - -rc_cmd $1 diff --git a/elasticsearch/templates/etc/init.d/elasticsearch.RedHat.erb b/elasticsearch/templates/etc/init.d/elasticsearch.RedHat.erb deleted file mode 100644 index ae778521f..000000000 --- a/elasticsearch/templates/etc/init.d/elasticsearch.RedHat.erb +++ /dev/null @@ -1,162 +0,0 @@ -#!/bin/sh -# -# elasticsearch<%= @name %> -# -# chkconfig: 2345 80 20 -# description: Starts and stops a single elasticsearch instance on this system -# - -### BEGIN INIT INFO -# Provides: Elasticsearch-<%= @name %> -# Required-Start: $network $named -# Required-Stop: $network $named -# Default-Start: 2 3 4 5 -# Default-Stop: 0 1 6 -# Short-Description: This service manages the elasticsearch daemon -# Description: Elasticsearch is a very scalable, schema-free and high-performance search solution supporting multi-tenancy and near realtime search. -### END INIT INFO - -# -# init.d / servicectl compatibility (openSUSE) -# -if [ -f /etc/rc.status ]; then - . /etc/rc.status - rc_reset -fi - -# -# Source function library. -# -if [ -f /etc/rc.d/init.d/functions ]; then - . /etc/rc.d/init.d/functions -fi - -exec="/usr/share/elasticsearch/bin/elasticsearch" -prog="elasticsearch-<%= @name %>" -pidfile=/var/run/elasticsearch/${prog}.pid - -[ -e /etc/sysconfig/$prog ] && . /etc/sysconfig/$prog - -export ES_HEAP_SIZE -export ES_HEAP_NEWSIZE -export ES_DIRECT_SIZE -export ES_JAVA_OPTS -export ES_CLASSPATH -export JAVA_HOME -export ES_INCLUDE -export ES_GC_LOG_FILE - -lockfile=/var/lock/subsys/$prog - -# backwards compatibility for old config sysconfig files, pre 0.90.1 -if [ -n $USER ] && [ -z $ES_USER ] ; then - ES_USER=$USER -fi - -checkJava() { - if [ -x "$JAVA_HOME/bin/java" ]; then - JAVA="$JAVA_HOME/bin/java" - else - JAVA=`which java` - fi - - if [ ! -x "$JAVA" ]; then - echo "Could not find any executable java binary. Please install java in your PATH or set JAVA_HOME" - exit 1 - fi -} - -start() { - checkJava - [ -x $exec ] || exit 5 - [ -f $CONF_FILE ] || exit 6 - if [ -n "$MAX_LOCKED_MEMORY" -a -z "$ES_HEAP_SIZE" ]; then - echo "MAX_LOCKED_MEMORY is set - ES_HEAP_SIZE must also be set" - return 7 - fi - if [ -n "$MAX_OPEN_FILES" ]; then - ulimit -n $MAX_OPEN_FILES - fi - if [ -n "$MAX_LOCKED_MEMORY" ]; then - ulimit -l $MAX_LOCKED_MEMORY - fi - if [ -n "$MAX_MAP_COUNT" ]; then - sysctl -q -w vm.max_map_count=$MAX_MAP_COUNT - fi - if [ -n "$WORK_DIR" ]; then - mkdir -p "$WORK_DIR" - chown "$ES_USER":"$ES_GROUP" "$WORK_DIR" - fi - echo -n $"Starting $prog: " - # if not running, start it up here, usually something like "daemon $exec" - daemon --user $ES_USER --pidfile $pidfile $exec -p $pidfile -d -Des.default.path.home=$ES_HOME -Des.default.path.logs=$LOG_DIR -Des.default.path.data=$DATA_DIR -Des.default.path.work=$WORK_DIR -Des.default.path.conf=$CONF_DIR - retval=$? - echo - [ $retval -eq 0 ] && touch $lockfile - return $retval -} - -stop() { - echo -n $"Stopping $prog: " - # stop it here, often "killproc $prog" - killproc -p $pidfile -d 20 $prog - retval=$? - echo - [ $retval -eq 0 ] && rm -f $lockfile - return $retval -} - -restart() { - stop - start -} - -reload() { - restart -} - -force_reload() { - restart -} - -rh_status() { - # run checks to determine if the service is running or use generic status - status -p $pidfile $prog -} - -rh_status_q() { - rh_status >/dev/null 2>&1 -} - - -case "$1" in - start) - rh_status_q && exit 0 - $1 - ;; - stop) - rh_status_q || exit 0 - $1 - ;; - restart) - $1 - ;; - reload) - rh_status_q || exit 7 - $1 - ;; - force-reload) - force_reload - ;; - status) - rh_status - ;; - condrestart|try-restart) - rh_status_q || exit 0 - restart - ;; - *) - echo $"Usage: $0 {start|stop|status|restart|condrestart|try-restart|reload|force-reload}" - exit 2 -esac -exit $? diff --git a/elasticsearch/templates/etc/init.d/elasticsearch.openrc.erb b/elasticsearch/templates/etc/init.d/elasticsearch.openrc.erb deleted file mode 100644 index 4c95d14f6..000000000 --- a/elasticsearch/templates/etc/init.d/elasticsearch.openrc.erb +++ /dev/null @@ -1,87 +0,0 @@ -#!/sbin/runscript - -name="Elasticsearch" -description="" - -ES_USER=${ES_USER:="elasticsearch"} -ES_INSTANCE=${SVCNAME#*.} - -if [ -n "${ES_INSTANCE}" ] && [ ${SVCNAME} != "elasticsearch" ]; then - PIDFILE="/run/elasticsearch/elasticsearch.${ES_INSTANCE}.pid" - ES_BASE_PATH="/var/lib/elasticsearch/${ES_INSTANCE}" - ES_CONF_PATH="/etc/elasticsearch/${ES_INSTANCE}" - ES_LOG_PATH="/var/log/elasticsearch/${ES_INSTANCE}" -else - PIDFILE="/run/elasticsearch/elasticsearch.pid" - ES_BASE_PATH="/var/lib/elasticsearch/_default" - ES_CONF_PATH="/etc/elasticsearch" - ES_LOG_PATH="/var/log/elasticsearch/_default" -fi - -ES_DATA_PATH="${ES_BASE_PATH}/data" -ES_WORK_PATH="${ES_BASE_PATH}/work" - -export ES_INCLUDE="/usr/share/elasticsearch/bin/elasticsearch.in.sh" -export JAVA_OPTS -export ES_JAVA_OPTS -export ES_HEAP_SIZE -export ES_HEAP_NEWSIZE -export ES_DIRECT_SIZE -export ES_USE_IPV4 - -server_command="/usr/share/elasticsearch/bin/elasticsearch" -server_args=" -p ${PIDFILE} -Des.default.path.conf=\"${ES_CONF_PATH}\" -Des.default.path.data=\"${ES_DATA_PATH}\" -Des.default.path.work=\"${ES_WORK_PATH}\" -Des.default.path.logs=\"${ES_LOG_PATH}\"" - -depend() { - use net -} - -start() { - # elasticsearch -Des.config=/path/to/config/file - # elasticsearch -Des.network.host=10.0.0.4 - - [ ! -f "${ES_INCLUDE}" ] && { - eerror "${ES_INCLUDE} must be copied into place" - return 1 - } - - local conf - local conf_file - for conf in elasticsearch.yml logging.yml; do - conf_file="${ES_CONF_PATH}/${conf}" - if [ ! -f "${conf_file}" ]; then - eerror "${conf_file} must be copied into place" - return 1 - fi - done - - ebegin "Starting ${SVCNAME}" - - if [ -n "${ES_MAX_FD}" ]; then - ulimit -n ${ES_MAX_FD} - einfo "Max open filedescriptors : ${ES_MAX_FD}" - fi - - checkpath -d -o "${ES_USER}" -m750 "/var/lib/elasticsearch" - checkpath -d -o "${ES_USER}" -m750 "/var/log/elasticsearch" - checkpath -d -o "${ES_USER}" -m750 "$(dirname "${PIDFILE}")" - checkpath -d -o "${ES_USER}" -m750 "${ES_BASE_PATH}" - checkpath -d -o "${ES_USER}" -m750 "${ES_LOG_PATH}" - - start-stop-daemon --start \ - --background \ - --chdir "${ES_BASE_PATH}" \ - --user="${ES_USER}" \ - --pidfile="${PIDFILE}" \ - --exec ${server_command} -- ${server_args} - eend $? -} - -stop() { - ebegin "Stopping ${SVCNAME}" - start-stop-daemon --stop \ - --pidfile=${PIDFILE} \ - --user="${ES_USER}" \ - --retry=TERM/20/KILL/5 - eend $? -} \ No newline at end of file diff --git a/elasticsearch/templates/etc/init.d/elasticsearch.systemd.erb b/elasticsearch/templates/etc/init.d/elasticsearch.systemd.erb deleted file mode 100644 index e72546241..000000000 --- a/elasticsearch/templates/etc/init.d/elasticsearch.systemd.erb +++ /dev/null @@ -1,24 +0,0 @@ -[Unit] -Description=Starts and stops a single elasticsearch instance on this system -Documentation=http://www.elasticsearch.org - -[Service] -Type=forking -EnvironmentFile=<%= @defaults_location %>/elasticsearch-<%= @name %> -User=<%= @user %> -Group=<%= @group %> -PIDFile=<%= @pid_dir %>/elasticsearch-<%= @name %>.pid -ExecStart=/usr/share/elasticsearch/bin/elasticsearch -d -p <%= @pid_dir %>/elasticsearch-<%= @name %>.pid -Des.default.path.home=${ES_HOME} -Des.default.path.logs=${LOG_DIR} -Des.default.path.data=${DATA_DIR} -Des.default.path.work=${WORK_DIR} -Des.default.path.conf=${CONF_DIR} -# See MAX_OPEN_FILES in sysconfig -LimitNOFILE=<%= @nofile %> -# See MAX_LOCKED_MEMORY in sysconfig, use "infinity" when MAX_LOCKED_MEMORY=unlimited and using bootstrap.mlockall: true -<% if @memlock == 'unlimited' %> -LimitMEMLOCK=infinity -<% elsif @memlock %> -LimitMEMLOCK=<%= @memlock %> -<% end %> -# Shutdown delay in seconds, before process is tried to be killed with KILL (if configured) -TimeoutStopSec=20 - -[Install] -WantedBy=multi-user.target diff --git a/elasticsearch/templates/etc/sysconfig/defaults.erb b/elasticsearch/templates/etc/sysconfig/defaults.erb deleted file mode 100644 index 7dad4e078..000000000 --- a/elasticsearch/templates/etc/sysconfig/defaults.erb +++ /dev/null @@ -1,3 +0,0 @@ -<% @new_init_defaults.sort.map do |key, value| -%> -set <%= key %> '<%= value %>' -<% end -%> diff --git a/elasticsearch/templates/usr/lib/tmpfiles.d/elasticsearch.conf.erb b/elasticsearch/templates/usr/lib/tmpfiles.d/elasticsearch.conf.erb deleted file mode 100644 index ec6197d40..000000000 --- a/elasticsearch/templates/usr/lib/tmpfiles.d/elasticsearch.conf.erb +++ /dev/null @@ -1 +0,0 @@ -d <%= @pid_dir %> 0755 <%= @user %> <%= @group %> - - diff --git a/firewall/.fixtures.yml b/firewall/.fixtures.yml deleted file mode 100644 index 0d10d5cec..000000000 --- a/firewall/.fixtures.yml +++ /dev/null @@ -1,3 +0,0 @@ -fixtures: - symlinks: - "firewall": "#{source_dir}" diff --git a/firewall/.gitignore b/firewall/.gitignore deleted file mode 100644 index b5db85e05..000000000 --- a/firewall/.gitignore +++ /dev/null @@ -1,9 +0,0 @@ -pkg/ -Gemfile.lock -vendor/ -spec/fixtures/ -.vagrant/ -.bundle/ -coverage/ -.idea/ -*.iml diff --git a/firewall/.nodeset.yml b/firewall/.nodeset.yml deleted file mode 100644 index 767f9cd2f..000000000 --- a/firewall/.nodeset.yml +++ /dev/null @@ -1,31 +0,0 @@ ---- -default_set: 'centos-64-x64' -sets: - 'centos-59-x64': - nodes: - "main.foo.vm": - prefab: 'centos-59-x64' - 'centos-64-x64': - nodes: - "main.foo.vm": - prefab: 'centos-64-x64' - 'fedora-18-x64': - nodes: - "main.foo.vm": - prefab: 'fedora-18-x64' - 'debian-607-x64': - nodes: - "main.foo.vm": - prefab: 'debian-607-x64' - 'debian-70rc1-x64': - nodes: - "main.foo.vm": - prefab: 'debian-70rc1-x64' - 'ubuntu-server-10044-x64': - nodes: - "main.foo.vm": - prefab: 'ubuntu-server-10044-x64' - 'ubuntu-server-12042-x64': - nodes: - "main.foo.vm": - prefab: 'ubuntu-server-12042-x64' diff --git a/firewall/.sync.yml b/firewall/.sync.yml deleted file mode 100644 index ac8379073..000000000 --- a/firewall/.sync.yml +++ /dev/null @@ -1,9 +0,0 @@ ---- -.travis.yml: - extras: - - rvm: 1.8.7 - env: PUPPET_GEM_VERSION="~> 2.7.0" FACTER_GEM_VERSION="~> 1.6.0" - - rvm: 1.8.7 - env: PUPPET_GEM_VERSION="~> 2.7.0" FACTER_GEM_VERSION="~> 1.7.0" -spec/spec_helper.rb: - unmanaged: true diff --git a/firewall/.travis.yml b/firewall/.travis.yml deleted file mode 100644 index 7e8ed57bb..000000000 --- a/firewall/.travis.yml +++ /dev/null @@ -1,24 +0,0 @@ ---- -sudo: false -language: ruby -bundler_args: --without system_tests -script: "bundle exec rake validate && bundle exec rake lint && bundle exec rake spec SPEC_OPTS='--format documentation'" -matrix: - fast_finish: true - include: - - rvm: 1.8.7 - env: PUPPET_GEM_VERSION="~> 3.0" - - rvm: 1.9.3 - env: PUPPET_GEM_VERSION="~> 3.0" - - rvm: 2.1.5 - env: PUPPET_GEM_VERSION="~> 3.0" - - rvm: 2.1.5 - env: PUPPET_GEM_VERSION="~> 3.0" FUTURE_PARSER="yes" - - rvm: 2.1.6 - env: PUPPET_GEM_VERSION="~> 4.0" STRICT_VARIABLES="yes" - - rvm: 1.8.7 - env: PUPPET_GEM_VERSION="~> 2.7.0" FACTER_GEM_VERSION="~> 1.6.0" - - rvm: 1.8.7 - env: PUPPET_GEM_VERSION="~> 2.7.0" FACTER_GEM_VERSION="~> 1.7.0" -notifications: - email: false diff --git a/firewall/CHANGELOG.md b/firewall/CHANGELOG.md deleted file mode 100644 index 9c6044bc5..000000000 --- a/firewall/CHANGELOG.md +++ /dev/null @@ -1,571 +0,0 @@ -## Supported Release 1.7.2 -###Summary - -Small release for support of newer PE versions. This increments the version of PE in the metadata.json file. - -##2015-08-25 - Supported Release 1.7.1 -###Summary - -This is a bugfix release to deprecate the port parameter. Using the unspecific 'port' parameter can lead to firewall rules that are unexpectedly too lax. It is recommended to always use the specific dport and sport parameters to avoid this ambiguity. - -####Bugfixes -- Deprecate the port parameter - -##2015-07-28 - Supported Release 1.7.0 -###Summary - -This release includes numerous features, bugfixes and other improvements including Puppet 4 & PE 2015.2 support as well as ClusterIP and DSCP jump target support. - -####Features -- Puppet 4 and PE 2015.2 official support -- ClusterIP jump target (including options) now supported -- DSCP jump target (including options) now supported -- SLES 10 now compatible (but not supported) - -####Bugfixes -- (MODULES-1967) Parse escape sequences from iptables -- (MODULES-1592) Allow src_type and dst_type prefixed with '!' to pass validation -- (MODULES-2186) - iptables rules with -A in comment now supported -- (MODULES-1976) Revise rule name validation for ruby 1.9 -- Fix installation hang on Debian Jessie -- Fix for physdev idempotency on EL5 - -####Improvements -- Documentation improvements -- Enforce the seluser on selinux systems -- All the relevent services are now autorequired by the firewall and firewallchain types -- Replace Facter.fact().value() calls with Facter.value() to support Facter 3 - -##2015-05-19 - Supported Release 1.6.0 -###Summary - -This release includes support for TEE, MSS, the time ipt module, Debian 8 support, and a number of test fixes and other improvements. - -####Features -- Add TEE support -- Add MSS support (including clamp-mss-to-pmtu support) -- Add support for the time ipt module (-m time) -- Add support for Debian 8 -- Add support for ICMPv6 types 'neighbour-{solicitation,advertisement}' -- Add support for ICMPv6 type 'too-big' -- Add support for new 'match_mark' property -- Added 'ipv4' and 'ipv6' options to 'proto' property - -####Bugfixes -- Fix for Systemd-based OSes where systemd needs restarted before being able to pick up new services (MODULES-1984) -- Arch Linux package management fix - -##2015-03-31 - Supported Release 1.5.0 -###Summary - -This release includes physdev_is_bridged support, checksum_fill support, basic Gentoo compatibility, and a number of test fixes and improvements. - -####Features -- Add `physdev_is_bridged` support -- Add `checksum_fill` support -- Add basic Gentoo compatibility (unsupported) - -####Bugfixes -- Implementation for resource map munging to allow a single ipt module to be used multiple times in a single rule on older versions of iptables (MODULES-1808) -- Test fixes - -##2015-01-27 - Supported Release 1.4.0 -###Summary - -This release includes physdev support, the ability to look up usernames from uuid, and a number of bugfixes - -####Features -- Add `netmap` feature -- Add `physdev` support -- Add ability to look up username from uuid (MODULES-753, MODULES-1688) - -####Bugfixes -- Sync iptables/ip6tables providers (MODULES-1612) -- Fix package names for Amazon and Ubuntu 14.10 (MODULES-1029) -- Fix overly aggressive gsub when `ensure => absent` (MODULES-1453) -- Unable to parse `-m (tcp|udp)` rules (MODULES-1552) -- Fix ip6tables provider when `iptables-ipv6` package isn't installed for EL6 (MODULES-633) -- Test fixes - -##2014-12-16 - Supported Release 1.3.0 -###Summary - -This release includes a number of bugfixes and features, including fixing `tcp_flags` support, and added support for interface aliases, negation for iniface and outiface, and extra configurability for packages and service names. - -####Features -- Add support for interface aliases (eth0:0) (MODULES-1469) -- Add negation for iniface, outiface (MODULES-1470) -- Make package and service names configurable (MODULES-1309) - -####Bugfixes -- Fix test regexes for EL5 (MODULES-1565) -- Fix `tcp_flags` support for ip6tables (MODULES-556) -- Don't arbitrarily limit `set_mark` for certain chains - -##2014-11-04 - Supported Release 1.2.0 -###Summary - -This release has a number of new features and bugfixes, including rule inversion, future parser support, improved EL7 support, and the ability to purge ip6tables rules. - -####Features -- Documentation updates! -- Test updates! -- Add ipset support -- Enable rule inversion -- Future parser support -- Improved support for EL7 -- Support netfilter-persistent -- Add support for statistics module -- Add support for mac address source rules -- Add cbt protocol - -####Bugfixes -- Incorrect use of `source => :iptables` in the ip6tables provider was making it impossible to purge ip6tables rules (MODULES-41) -- Don't require `toports` when `jump => 'REDIRECT'` (MODULES-1086) -- Don't limit which chains iniface and outiface parameters can be used in -- Don't fail on rules added with ipsec/strongswan (MODULES-796) - -##2014-07-08 - Supported Release 1.1.3 -###Summary -This is a supported release with test coverage enhancements. - -####Bugfixes -- Confine to supported kernels - -##2014-06-04 - Release 1.1.2 -###Summary - -This is a release of the code previously released as 1.1.1, with updated metadata. - -## 2014-05-16 Release 1.1.1 -###Summary - -This release reverts the alphabetical ordering of 1.1.0. We found this caused -a regression in the Openstack modules so in the interest of safety we have -removed this for now. - -## 2014-05-13 Release 1.1.0 -###Summary - -This release has a significant change from previous releases; we now apply the -firewall resources alphabetically by default, removing the need to create pre -and post classes just to enforce ordering. It only effects default ordering -and further information can be found in the README about this. Please test -this in development before rolling into production out of an abundance of -caution. - -We've also added `mask` which is required for --recent in recent (no pun -intended) versions of iptables, as well as connlimit and connmark. This -release has been validated against Ubuntu 14.04 and RHEL7 and should be fully -working on those platforms. - -####Features - -- Apply firewall resources alphabetically. -- Add support for connlimit and connmark. -- Add `mask` as a parameter. (Used exclusively with the recent parameter). - -####Bugfixes - -- Add systemd support for RHEL7. -- Replace &&'s with the correct and in manifests. -- Fix tests on Trusty and RHEL7 -- Fix for Fedora Rawhide. -- Fix boolean flag tests. -- Fix DNAT->SNAT typo in an error message. - -####Known Bugs - -* For Oracle, the `owner` and `socket` parameters require a workaround to function. Please see the Limitations section of the README. - - -## 2014-03-04 Supported Release 1.0.2 -###Summary - -This is a supported release. This release removes a testing symlink that can -cause trouble on systems where /var is on a seperate filesystem from the -modulepath. - -####Features -####Bugfixes -####Known Bugs - -* For Oracle, the `owner` and `socket` parameters require a workaround to function. Please see the Limitations section of the README. - -### Supported release - 2014-03-04 1.0.1 - -####Summary - -An important bugfix was made to the offset calculation for unmanaged rules -to handle rules with 9000+ in the name. - -####Features - -####Bugfixes -- Offset calculations assumed unmanaged rules were numbered 9000+. -- Gracefully fail to manage ip6tables on iptables 1.3.x - -####Known Bugs - -* For Oracle, the `owner` and `socket` parameters require a workaround to function. Please see the Limitations section of the README. - ---- -### 1.0.0 - 2014-02-11 - -No changes, just renumbering to 1.0.0. - ---- -### 0.5.0 - 2014-02-10 - -##### Summary: -This is a bigger release that brings in "recent" connection limiting (think -"port knocking"), firewall chain purging on a per-chain/per-table basis, and -support for a few other use cases. This release also fixes a major bug which -could cause modifications to the wrong rules when unmanaged rules are present. - -##### New Features: -* Add "recent" limiting via parameters `rdest`, `reap`, `recent`, `rhitcount`, - `rname`, `rseconds`, `rsource`, and `rttl` -* Add negation support for source and destination -* Add per-chain/table purging support to `firewallchain` -* IPv4 specific - * Add random port forwarding support - * Add ipsec policy matching via `ipsec_dir` and `ipsec_policy` -* IPv6 specific - * Add support for hop limiting via `hop_limit` parameter - * Add fragmentation matchers via `ishasmorefrags`, `islastfrag`, and `isfirstfrag` - * Add support for conntrack stateful firewall matching via `ctstate` - -##### Bugfixes: -- Boolean fixups allowing false values -- Better detection of unmanaged rules -- Fix multiport rule detection -- Fix sport/dport rule detection -- Make INPUT, OUTPUT, and FORWARD not autorequired for firewall chain filter -- Allow INPUT with the nat table -- Fix `src_range` & `dst_range` order detection -- Documentation clarifications -- Fixes to spec tests - ---------------------------------------- - -### 0.4.2 - 2013-09-10 - -Another attempt to fix the packaging issue. We think we understand exactly -what is failing and this should work properly for the first time. - ---------------------------------------- - -### 0.4.1 - 2013-08-09 - -Bugfix release to fix a packaging issue that may have caused puppet module -install commands to fail. - ---------------------------------------- - -### 0.4.0 - 2013-07-11 - -This release adds support for address type, src/dest ip ranges, and adds -additional testing and bugfixes. - -#### Features -* Add `src_type` and `dst_type` attributes (Nick Stenning) -* Add `src_range` and `dst_range` attributes (Lei Zhang) -* Add SL and SLC operatingsystems as supported (Steve Traylen) - -#### Bugfixes -* Fix parser for bursts other than 5 (Chris Rutter) -* Fix parser for -f in --comment (Georg Koester) -* Add doc headers to class files (Dan Carley) -* Fix lint warnings/errors (Wolf Noble) - ---------------------------------------- - -### 0.3.1 - 2013/6/10 - -This minor release provides some bugfixes and additional tests. - -#### Changes - -* Update tests for rspec-system-puppet 2 (Ken Barber) -* Update rspec-system tests for rspec-system-puppet 1.5 (Ken Barber) -* Ensure all services have 'hasstatus => true' for Puppet 2.6 (Ken Barber) -* Accept pre-existing rule with invalid name (Joe Julian) -* Swap log_prefix and log_level order to match the way it's saved (Ken Barber) -* Fix log test to replicate bug #182 (Ken Barber) -* Split argments while maintaining quoted strings (Joe Julian) -* Add more log param tests (Ken Barber) -* Add extra tests for logging parameters (Ken Barber) -* Clarify OS support (Ken Barber) - ---------------------------------------- - -### 0.3.0 - 2013/4/25 - -This release introduces support for Arch Linux and extends support for Fedora 15 and up. There are also lots of bugs fixed and improved testing to prevent regressions. - -##### Changes - -* Fix error reporting for insane hostnames (Tomas Doran) -* Support systemd on Fedora 15 and up (Eduardo Gutierrez) -* Move examples to docs (Ken Barber) -* Add support for Arch Linux platform (Ingmar Steen) -* Add match rule for fragments (Georg Koester) -* Fix boolean rules being recognized as changed (Georg Koester) -* Same rules now get deleted (Anastasis Andronidis) -* Socket params test (Ken Barber) -* Ensure parameter can disable firewall (Marc Tardif) - ---------------------------------------- - -### 0.2.1 - 2012/3/13 - -This maintenance release introduces the new README layout, and fixes a bug with iptables_persistent_version. - -##### Changes - -* (GH-139) Throw away STDERR from dpkg-query in Fact -* Update README to be consistent with module documentation template -* Fix failing spec tests due to dpkg change in iptables_persistent_version - ---------------------------------------- - -### 0.2.0 - 2012/3/3 - -This release introduces automatic persistence, removing the need for the previous manual dependency requirement for persistent the running rules to the OS persistence file. - -Previously you would have required the following in your site.pp (or some other global location): - - # Always persist firewall rules - exec { 'persist-firewall': - command => $operatingsystem ? { - 'debian' => '/sbin/iptables-save > /etc/iptables/rules.v4', - /(RedHat|CentOS)/ => '/sbin/iptables-save > /etc/sysconfig/iptables', - }, - refreshonly => true, - } - Firewall { - notify => Exec['persist-firewall'], - before => Class['my_fw::post'], - require => Class['my_fw::pre'], - } - Firewallchain { - notify => Exec['persist-firewall'], - } - resources { "firewall": - purge => true - } - -You only need: - - class { 'firewall': } - Firewall { - before => Class['my_fw::post'], - require => Class['my_fw::pre'], - } - -To install pre-requisites and to create dependencies on your pre & post rules. Consult the README for more information. - -##### Changes - -* Firewall class manifests (Dan Carley) -* Firewall and firewallchain persistence (Dan Carley) -* (GH-134) Autorequire iptables related packages (Dan Carley) -* Typo in #persist_iptables OS normalisation (Dan Carley) -* Tests for #persist_iptables (Dan Carley) -* (GH-129) Replace errant return in autoreq block (Dan Carley) - ---------------------------------------- - -### 0.1.1 - 2012/2/28 - -This release primarily fixes changing parameters in 3.x - -##### Changes - -* (GH-128) Change method_missing usage to define_method for 3.x compatibility -* Update travis.yml gem specifications to actually test 2.6 -* Change source in Gemfile to use a specific URL for Ruby 2.0.0 compatibility - ---------------------------------------- - -### 0.1.0 - 2012/2/24 - -This release is somewhat belated, so no summary as there are far too many changes this time around. Hopefully we won't fall this far behind again :-). - -##### Changes - -* Add support for MARK target and set-mark property (Johan Huysmans) -* Fix broken call to super for ruby-1.9.2 in munge (Ken Barber) -* simple fix of the error message for allowed values of the jump property (Daniel Black) -* Adding OSPF(v3) protocol to puppetlabs-firewall (Arnoud Vermeer) -* Display multi-value: port, sport, dport and state command seperated (Daniel Black) -* Require jump=>LOG for log params (Daniel Black) -* Reject and document icmp => "any" (Dan Carley) -* add firewallchain type and iptables_chain provider (Daniel Black) -* Various fixes for firewallchain resource (Ken Barber) -* Modify firewallchain name to be chain:table:protocol (Ken Barber) -* Fix allvalidchain iteration (Ken Barber) -* Firewall autorequire Firewallchains (Dan Carley) -* Tests and docstring for chain autorequire (Dan Carley) -* Fix README so setup instructions actually work (Ken Barber) -* Support vlan interfaces (interface containing ".") (Johan Huysmans) -* Add tests for VLAN support for iniface/outiface (Ken Barber) -* Add the table when deleting rules (Johan Huysmans) -* Fix tests since we are now prefixing -t) -* Changed 'jump' to 'action', commands to lower case (Jason Short) -* Support interface names containing "+" (Simon Deziel) -* Fix for when iptables-save spews out "FATAL" errors (Sharif Nassar) -* Fix for incorrect limit command arguments for ip6tables provider (Michael Hsu) -* Document Util::Firewall.host_to_ip (Dan Carley) -* Nullify addresses with zero prefixlen (Dan Carley) -* Add support for --tcp-flags (Thomas Vander Stichele) -* Make tcp_flags support a feature (Ken Barber) -* OUTPUT is a valid chain for the mangle table (Adam Gibbins) -* Enable travis-ci support (Ken Barber) -* Convert an existing test to CIDR (Dan Carley) -* Normalise iptables-save to CIDR (Dan Carley) -* be clearer about what distributions we support (Ken Barber) -* add gre protocol to list of acceptable protocols (Jason Hancock) -* Added pkttype property (Ashley Penney) -* Fix mark to not repeat rules with iptables 1.4.1+ (Sharif Nassar) -* Stub iptables_version for now so tests run on non-Linux hosts (Ken Barber) -* Stub iptables facts for set_mark tests (Dan Carley) -* Update formatting of README to meet Puppet Labs best practices (Will Hopper) -* Support for ICMP6 type code resolutions (Dan Carley) -* Insert order hash included chains from different tables (Ken Barber) -* rspec 2.11 compatibility (Jonathan Boyett) -* Add missing class declaration in README (sfozz) -* array_matching is contraindicated (Sharif Nassar) -* Convert port Fixnum into strings (Sharif Nassar) -* Update test framework to the modern age (Ken Barber) -* working with ip6tables support (wuwx) -* Remove gemfile.lock and add to gitignore (William Van Hevelingen) -* Update travis and gemfile to be like stdlib travis files (William Van Hevelingen) -* Add support for -m socket option (Ken Barber) -* Add support for single --sport and --dport parsing (Ken Barber) -* Fix tests for Ruby 1.9.3 from 3e13bf3 (Dan Carley) -* Mock Resolv.getaddress in #host_to_ip (Dan Carley) -* Update docs for source and dest - they are not arrays (Ken Barber) - ---------------------------------------- - -### 0.0.4 - 2011/12/05 - -This release adds two new parameters, 'uid' and 'gid'. As a part of the owner module, these params allow you to specify a uid, username, gid, or group got a match: - - firewall { '497 match uid': - port => '123', - proto => 'mangle', - chain => 'OUTPUT', - action => 'drop' - uid => '123' - } - -This release also adds value munging for the 'log_level', 'source', and 'destination' parameters. The 'source' and 'destination' now support hostnames: - - firewall { '498 accept from puppetlabs.com': - port => '123', - proto => 'tcp', - source => 'puppetlabs.com', - action => 'accept' - } - - -The 'log_level' parameter now supports using log level names, such as 'warn', 'debug', and 'panic': - - firewall { '499 logging': - port => '123', - proto => 'udp', - log_level => 'debug', - action => 'drop' - } - -Additional changes include iptables and ip6tables version facts, general whitespace cleanup, and adding additional unit tests. - -##### Changes - -* (#10957) add iptables_version and ip6tables_version facts -* (#11093) Improve log_level property so it converts names to numbers -* (#10723) Munge hostnames and IPs to IPs with CIDR -* (#10718) Add owner-match support -* (#10997) Add fixtures for ipencap -* (#11034) Whitespace cleanup -* (#10690) add port property support to ip6tables - ---------------------------------------- - -### 0.0.3 - 2011/11/12 - -This release introduces a new parameter 'port' which allows you to set both -source and destination ports for a match: - - firewall { "500 allow NTP requests": - port => "123", - proto => "udp", - action => "accept", - } - -We also have the limit parameter finally working: - - firewall { "500 limit HTTP requests": - dport => 80, - proto => tcp, - limit => "60/sec", - burst => 30, - action => accept, - } - -State ordering has been fixed now, and more characters are allowed in the -namevar: - -* Alphabetical -* Numbers -* Punctuation -* Whitespace - -##### Changes - -* (#10693) Ensure -m limit is added for iptables when using 'limit' param -* (#10690) Create new port property -* (#10700) allow additional characters in comment string -* (#9082) Sort iptables --state option values internally to keep it consistent across runs -* (#10324) Remove extraneous whitespace from iptables rule line in spec tests - ---------------------------------------- - -### 0.0.2 - 2011/10/26 - -This is largely a maintanence and cleanup release, but includes the ability to -specify ranges of ports in the sport/dport parameter: - - firewall { "500 allow port range": - dport => ["3000-3030","5000-5050"], - sport => ["1024-65535"], - action => "accept", - } - -##### Changes - -* (#10295) Work around bug #4248 whereby the puppet/util paths are not being loaded correctly on the puppetmaster -* (#10002) Change to dport and sport to handle ranges, and fix handling of name to name to port -* (#10263) Fix tests on Puppet 2.6.x -* (#10163) Cleanup some of the inline documentation and README file to align with general forge usage - ---------------------------------------- - -### 0.0.1 - 2011/10/18 - -Initial release. - -##### Changes - -* (#9362) Create action property and perform transformation for accept, drop, reject value for iptables jump parameter -* (#10088) Provide a customised version of CONTRIBUTING.md -* (#10026) Re-arrange provider and type spec files to align with Puppet -* (#10026) Add aliases for test,specs,tests to Rakefile and provide -T as default -* (#9439) fix parsing and deleting existing rules -* (#9583) Fix provider detection for gentoo and unsupported linuxes for the iptables provider -* (#9576) Stub provider so it works properly outside of Linux -* (#9576) Align spec framework with Puppet core -* and lots of other earlier development tasks ... diff --git a/firewall/CONTRIBUTING.md b/firewall/CONTRIBUTING.md deleted file mode 100644 index f1cbde4bb..000000000 --- a/firewall/CONTRIBUTING.md +++ /dev/null @@ -1,220 +0,0 @@ -Checklist (and a short version for the impatient) -================================================= - - * Commits: - - - Make commits of logical units. - - - Check for unnecessary whitespace with "git diff --check" before - committing. - - - Commit using Unix line endings (check the settings around "crlf" in - git-config(1)). - - - Do not check in commented out code or unneeded files. - - - The first line of the commit message should be a short - description (50 characters is the soft limit, excluding ticket - number(s)), and should skip the full stop. - - - Associate the issue in the message. The first line should include - the issue number in the form "(#XXXX) Rest of message". - - - The body should provide a meaningful commit message, which: - - - uses the imperative, present tense: "change", not "changed" or - "changes". - - - includes motivation for the change, and contrasts its - implementation with the previous behavior. - - - Make sure that you have tests for the bug you are fixing, or - feature you are adding. - - - Make sure the test suites passes after your commit: - `bundle exec rspec spec/acceptance` More information on [testing](#Testing) below - - - When introducing a new feature, make sure it is properly - documented in the README.md - - * Submission: - - * Pre-requisites: - - - Make sure you have a [GitHub account](https://github.com/join) - - - [Create a ticket](https://tickets.puppetlabs.com/secure/CreateIssue!default.jspa), or [watch the ticket](https://tickets.puppetlabs.com/browse/) you are patching for. - - * Preferred method: - - - Fork the repository on GitHub. - - - Push your changes to a topic branch in your fork of the - repository. (the format ticket/1234-short_description_of_change is - usually preferred for this project). - - - Submit a pull request to the repository in the puppetlabs - organization. - -The long version -================ - - 1. Make separate commits for logically separate changes. - - Please break your commits down into logically consistent units - which include new or changed tests relevant to the rest of the - change. The goal of doing this is to make the diff easier to - read for whoever is reviewing your code. In general, the easier - your diff is to read, the more likely someone will be happy to - review it and get it into the code base. - - If you are going to refactor a piece of code, please do so as a - separate commit from your feature or bug fix changes. - - We also really appreciate changes that include tests to make - sure the bug is not re-introduced, and that the feature is not - accidentally broken. - - Describe the technical detail of the change(s). If your - description starts to get too long, that is a good sign that you - probably need to split up your commit into more finely grained - pieces. - - Commits which plainly describe the things which help - reviewers check the patch and future developers understand the - code are much more likely to be merged in with a minimum of - bike-shedding or requested changes. Ideally, the commit message - would include information, and be in a form suitable for - inclusion in the release notes for the version of Puppet that - includes them. - - Please also check that you are not introducing any trailing - whitespace or other "whitespace errors". You can do this by - running "git diff --check" on your changes before you commit. - - 2. Sending your patches - - To submit your changes via a GitHub pull request, we _highly_ - recommend that you have them on a topic branch, instead of - directly on "master". - It makes things much easier to keep track of, especially if - you decide to work on another thing before your first change - is merged in. - - GitHub has some pretty good - [general documentation](http://help.github.com/) on using - their site. They also have documentation on - [creating pull requests](http://help.github.com/send-pull-requests/). - - In general, after pushing your topic branch up to your - repository on GitHub, you can switch to the branch in the - GitHub UI and click "Pull Request" towards the top of the page - in order to open a pull request. - - - 3. Update the related GitHub issue. - - If there is a GitHub issue associated with the change you - submitted, then you should update the ticket to include the - location of your branch, along with any other commentary you - may wish to make. - -Testing -======= - -Getting Started ---------------- - -Our puppet modules provide [`Gemfile`](./Gemfile)s which can tell a ruby -package manager such as [bundler](http://bundler.io/) what Ruby packages, -or Gems, are required to build, develop, and test this software. - -Please make sure you have [bundler installed](http://bundler.io/#getting-started) -on your system, then use it to install all dependencies needed for this project, -by running - -```shell -% bundle install -Fetching gem metadata from https://rubygems.org/........ -Fetching gem metadata from https://rubygems.org/.. -Using rake (10.1.0) -Using builder (3.2.2) --- 8><-- many more --><8 -- -Using rspec-system-puppet (2.2.0) -Using serverspec (0.6.3) -Using rspec-system-serverspec (1.0.0) -Using bundler (1.3.5) -Your bundle is complete! -Use `bundle show [gemname]` to see where a bundled gem is installed. -``` - -NOTE some systems may require you to run this command with sudo. - -If you already have those gems installed, make sure they are up-to-date: - -```shell -% bundle update -``` - -With all dependencies in place and up-to-date we can now run the tests: - -```shell -% rake spec -``` - -This will execute all the [rspec tests](http://rspec-puppet.com/) tests -under [spec/defines](./spec/defines), [spec/classes](./spec/classes), -and so on. rspec tests may have the same kind of dependencies as the -module they are testing. While the module defines in its [Modulefile](./Modulefile), -rspec tests define them in [.fixtures.yml](./fixtures.yml). - -Some puppet modules also come with [beaker](https://github.com/puppetlabs/beaker) -tests. These tests spin up a virtual machine under -[VirtualBox](https://www.virtualbox.org/)) with, controlling it with -[Vagrant](http://www.vagrantup.com/) to actually simulate scripted test -scenarios. In order to run these, you will need both of those tools -installed on your system. - -You can run them by issuing the following command - -```shell -% rake spec_clean -% rspec spec/acceptance -``` - -This will now download a pre-fabricated image configured in the [default node-set](./spec/acceptance/nodesets/default.yml), -install puppet, copy this module and install its dependencies per [spec/spec_helper_acceptance.rb](./spec/spec_helper_acceptance.rb) -and then run all the tests under [spec/acceptance](./spec/acceptance). - -Writing Tests -------------- - -XXX getting started writing tests. - -If you have commit access to the repository -=========================================== - -Even if you have commit access to the repository, you will still need to -go through the process above, and have someone else review and merge -in your changes. The rule is that all changes must be reviewed by a -developer on the project (that did not write the code) to ensure that -all changes go through a code review process. - -Having someone other than the author of the topic branch recorded as -performing the merge is the record that they performed the code -review. - - -Additional Resources -==================== - -* [Getting additional help](http://puppetlabs.com/community/get-help) - -* [Writing tests](http://projects.puppetlabs.com/projects/puppet/wiki/Development_Writing_Tests) - -* [Patchwork](https://patchwork.puppetlabs.com) - -* [General GitHub documentation](http://help.github.com/) - -* [GitHub pull request documentation](http://help.github.com/send-pull-requests/) - diff --git a/firewall/Gemfile b/firewall/Gemfile deleted file mode 100644 index bfe64b186..000000000 --- a/firewall/Gemfile +++ /dev/null @@ -1,48 +0,0 @@ -source ENV['GEM_SOURCE'] || "https://rubygems.org" - -def location_for(place, fake_version = nil) - if place =~ /^(git:[^#]*)#(.*)/ - [fake_version, { :git => $1, :branch => $2, :require => false }].compact - elsif place =~ /^file:\/\/(.*)/ - ['>= 0', { :path => File.expand_path($1), :require => false }] - else - [place, { :require => false }] - end -end - -group :development, :unit_tests do - gem 'rspec-core', '3.1.7', :require => false - gem 'puppetlabs_spec_helper', :require => false - gem 'simplecov', :require => false - gem 'puppet_facts', :require => false - gem 'json', :require => false -end - -group :system_tests do - if beaker_version = ENV['BEAKER_VERSION'] - gem 'beaker', *location_for(beaker_version) - end - if beaker_rspec_version = ENV['BEAKER_RSPEC_VERSION'] - gem 'beaker-rspec', *location_for(beaker_rspec_version) - else - gem 'beaker-rspec', :require => false - end - gem 'serverspec', :require => false - gem 'beaker-puppet_install_helper', :require => false -end - - - -if facterversion = ENV['FACTER_GEM_VERSION'] - gem 'facter', facterversion, :require => false -else - gem 'facter', :require => false -end - -if puppetversion = ENV['PUPPET_GEM_VERSION'] - gem 'puppet', puppetversion, :require => false -else - gem 'puppet', :require => false -end - -# vim:ft=ruby diff --git a/firewall/LICENSE b/firewall/LICENSE deleted file mode 100644 index 1d196fc30..000000000 --- a/firewall/LICENSE +++ /dev/null @@ -1,25 +0,0 @@ -Puppet Firewall Module - Puppet module for managing Firewalls - -Copyright (C) 2011-2013 Puppet Labs, Inc. -Copyright (C) 2011 Jonathan Boyett -Copyright (C) 2011 Media Temple, Inc. - -Some of the iptables code was taken from puppet-iptables which was: - -Copyright (C) 2011 Bob.sh Limited -Copyright (C) 2008 Camptocamp Association -Copyright (C) 2007 Dmitri Priimak - -Puppet Labs can be contacted at: info@puppetlabs.com - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. diff --git a/firewall/README.markdown b/firewall/README.markdown deleted file mode 100644 index 0b74b8128..000000000 --- a/firewall/README.markdown +++ /dev/null @@ -1,897 +0,0 @@ -#firewall - -[![Build Status](https://travis-ci.org/puppetlabs/puppetlabs-firewall.png?branch=master)](https://travis-ci.org/puppetlabs/puppetlabs-firewall) - -####Table of Contents - -1. [Overview - What is the firewall module?](#overview) -2. [Module Description - What does the module do?](#module-description) -3. [Setup - The basics of getting started with firewall](#setup) - * [What firewall Affects](#what-firewall-affects) - * [Setup Requirements](#setup-requirements) - * [Beginning with firewall](#beginning-with-firewall) - * [Upgrading](#upgrading) -4. [Usage - Configuration and customization options](#usage) - * [Default rules - Setting up general configurations for all firewalls](#default-rules) - * [Application-Specific Rules - Options for configuring and managing firewalls across applications](#application-specific-rules) - * [Additional Uses for the Firewall Module](#other-rules) -5. [Reference - An under-the-hood peek at what the module is doing](#reference) -6. [Limitations - OS compatibility, etc.](#limitations) -7. [Development - Guide for contributing to the module](#development) - * [Tests - Testing your configuration](#tests) - -##Overview - -The firewall module lets you manage firewall rules with Puppet. - -##Module Description - -PuppetLabs' firewall module introduces the `firewall` resource, which is used to manage and configure firewall rules from within the Puppet DSL. This module offers support for iptables and ip6tables. The module also introduces the `firewallchain` resource, which allows you to manage chains or firewall lists and ebtables for bridging support. At the moment, only iptables and ip6tables chains are supported. - -The firewall module acts on your running firewall, making immediate changes as the catalog executes. Defining default pre and post rules allows you to provide global defaults for your hosts before and after any custom rules. Defining `pre` and `post` rules is also necessary to help you avoid locking yourself out of your own boxes when Puppet runs. - -##Setup - -###What firewall Affects - -* Every node running a firewall -* Firewall settings in your system -* Connection settings for managed nodes -* Unmanaged resources (get purged) - - -###Setup Requirements - -Firewall uses Ruby-based providers, so you must enable [pluginsync](http://docs.puppetlabs.com/guides/plugins_in_modules.html#enabling-pluginsync). - -###Beginning with firewall - -In the following two sections, you create new classes and then create firewall rules related to those classes. These steps are optional but provide a framework for firewall rules, which is helpful if you’re just starting to create them. - -If you already have rules in place, then you don’t need to do these two sections. However, be aware of the ordering of your firewall rules. The module will dynamically apply rules in the order they appear in the catalog, meaning a deny rule could be applied before the allow rules. This might mean the module hasn’t established some of the important connections, such as the connection to the Puppet master. - -The following steps are designed to ensure that you keep your SSH and other connections, primarily your connection to your Puppet master. If you create the `pre` and `post` classes described in the first section, then you also need to create the rules described in the second section. - -####Create the `my_fw::pre` and `my_fw::post` Classes - -This approach employs a whitelist setup, so you can define what rules you want and everything else is ignored rather than removed. - -The code in this section does the following: - -* The 'require' parameter in `firewall {}` ensures `my_fw::pre` is run before any other rules. -* In the `my_fw::post` class declaration, the 'before' parameter ensures `my_fw::post` is run after any other rules. - -Therefore, the run order is: - -* The rules in `my_fw::pre` -* Your rules (defined in code) -* The rules in `my_fw::post` - -The rules in the `pre` and `post` classes are fairly general. These two classes ensure that you retain connectivity and that you drop unmatched packets appropriately. The rules you define in your manifests are likely specific to the applications you run. - -1.) Add the `pre` class to my_fw/manifests/pre.pp. Your pre.pp file should contain any default rules to be applied first. The rules in this class should be added in the order you want them to run.2. - ~~~puppet - class my_fw::pre { - Firewall { - require => undef, - } - - # Default firewall rules - firewall { '000 accept all icmp': - proto => 'icmp', - action => 'accept', - }-> - firewall { '001 accept all to lo interface': - proto => 'all', - iniface => 'lo', - action => 'accept', - }-> - firewall { '002 reject local traffic not on loopback interface': - iniface => '! lo', - proto => 'all', - destination => '127.0.0.1/8', - action => 'reject', - }-> - firewall { '003 accept related established rules': - proto => 'all', - state => ['RELATED', 'ESTABLISHED'], - action => 'accept', - } - } - ~~~ - - The rules in `pre` should allow basic networking (such as ICMP and TCP) and ensure that existing connections are not closed. - -2.) Add the `post` class to my_fw/manifests/post.pp and include any default rules to be applied last. - - ~~~puppet - class my_fw::post { - firewall { '999 drop all': - proto => 'all', - action => 'drop', - before => undef, - } - } - ~~~ - -Alternatively, the [firewallchain](#type-firewallchain) type can be used to set the default policy: - - ~~~puppet - firewallchain { 'INPUT:filter:IPv4': - ensure => present, - policy => drop, - before => undef, - } - ~~~ - -####Create Firewall Rules - -The rules you create here are helpful if you don’t have any existing rules; they help you order your firewall configurations so you don’t lock yourself out of your box. - -Rules are persisted automatically between reboots, although there are known issues with ip6tables on older Debian/Ubuntu distributions. There are also known issues with ebtables. - -1.) In site.pp or another top-scope file, add the following code to set up a metatype to purge unmanaged firewall resources. This will clear any existing rules and make sure that only rules defined in Puppet exist on the machine. - - ~~~puppet - resources { 'firewall': - purge => true, - } - ~~~ - - To purge unmanaged firewall chains, also add: - - ~~~puppet - resources { 'firewallchain': - purge => true, - } - ~~~ - - **Note** - If there are unmanaged rules in unmanaged chains, it will take two Puppet runs before the firewall chain is purged. This is different than the `purge` parameter available in `firewallchain`. - -2.) Use the following code to set up the default parameters for all of the firewall rules you will establish later. These defaults will ensure that the `pre` and `post` classes are run in the correct order to avoid locking you out of your box during the first Puppet run. - - ~~~puppet - Firewall { - before => Class['my_fw::post'], - require => Class['my_fw::pre'], - } - ~~~ - -3.) Then, declare the `my_fw::pre` and `my_fw::post` classes to satisfy dependencies. You can declare these classes using an External Node Classifier or the following code: - - ~~~puppet - class { ['my_fw::pre', 'my_fw::post']: } - ~~~ - -4.) Include the `firewall` class to ensure the correct packages are installed. - - ~~~puppet - class { 'firewall': } - ~~~ - -###Upgrading - -Use these steps if you already have a version of the firewall module installed. - -####From version 0.2.0 and more recent - -Upgrade the module with the puppet module tool as normal: - - puppet module upgrade puppetlabs/firewall - -##Usage - -There are two kinds of firewall rules you can use with firewall: default rules and application-specific rules. Default rules apply to general firewall settings, whereas application-specific rules manage firewall settings for a specific application, node, etc. - -All rules employ a numbering system in the resource's title that is used for ordering. When titling your rules, make sure you prefix the rule with a number, for example, '000 accept all icmp requests'. _000_ runs first, _999_ runs last. - -###Default Rules - -You can place default rules in either `my_fw::pre` or `my_fw::post`, depending on when you would like them to run. Rules placed in the `pre` class will run first, and rules in the `post` class, last. - -In iptables, the title of the rule is stored using the comment feature of the underlying firewall subsystem. Values must match '/^\d+[[:graph:][:space:]]+$/'. - -####Examples of Default Rules - -Basic accept ICMP request example: - -~~~puppet -firewall { '000 accept all icmp requests': - proto => 'icmp', - action => 'accept', -} -~~~ - -Drop all: - -~~~puppet -firewall { '999 drop all other requests': - action => 'drop', -} -~~~ - -#### Example of an IPv6 rule - -IPv6 rules can be specified using the _ip6tables_ provider: - -~~~puppet -firewall { '006 Allow inbound SSH (v6)': - dport => 22, - proto => tcp, - action => accept, - provider => 'ip6tables', -} -~~~ - -###Application-Specific Rules - -Puppet doesn't care where you define rules, and this means that you can place -your firewall resources as close to the applications and services that you -manage as you wish. If you use the [roles and profiles -pattern](https://puppetlabs.com/learn/roles-profiles-introduction) then it -makes sense to create your firewall rules in the profiles, so they -remain close to the services managed by the profile. - -This is an example of firewall rules in a profile: - -~~~puppet -class profile::apache { - include apache - apache::vhost { 'mysite': ensure => present } - - firewall { '100 allow http and https access': - dport => [80, 443], - proto => tcp, - action => accept, - } -} -~~~ - -###Rule inversion -Firewall rules may be inverted by prefixing the value of a parameter by "! ". If the value is an array, then every item in the array must be prefixed as iptables does not understand inverting a single value. - -Parameters that understand inversion are: connmark, ctstate, destination, dport, dst\_range, dst\_type, iniface, outiface, port, proto, source, sport, src\_range, src\_type, and state. - -Examples: - -~~~puppet -firewall { '001 disallow esp protocol': - action => 'accept', - proto => '! esp', -} -firewall { '002 drop NEW external website packets with FIN/RST/ACK set and SYN unset': - chain => 'INPUT', - state => 'NEW', - action => 'drop', - proto => 'tcp', - sport => ['! http', '! 443'], - source => '! 10.0.0.0/8', - tcp_flags => '! FIN,SYN,RST,ACK SYN', -} -~~~ - -###Additional Uses for the Firewall Module - -You can apply firewall rules to specific nodes. Usually, you will want to put the firewall rule in another class and apply that class to a node. Apply a rule to a node as follows: - -~~~puppet -node 'some.node.com' { - firewall { '111 open port 111': - dport => 111, - } -} -~~~ - -You can also do more complex things with the `firewall` resource. This example sets up static NAT for the source network 10.1.2.0/24: - -~~~puppet -firewall { '100 snat for network foo2': - chain => 'POSTROUTING', - jump => 'MASQUERADE', - proto => 'all', - outiface => 'eth0', - source => '10.1.2.0/24', - table => 'nat', -} -~~~ - - -You can also change the TCP MSS value for VPN client traffic: - -~~~puppet -firewall { '110 TCPMSS for VPN clients': - chain => 'FORWARD', - table => 'mangle', - source => '10.0.2.0/24', - proto => tcp, - tcp_flags => 'SYN,RST SYN', - mss => '1361:1541', - set_mss => '1360', - jump => 'TCPMSS', -} -~~~ - -The following will mirror all traffic sent to the server to a secondary host on the LAN with the TEE target: - -~~~puppet -firewall { '503 Mirror traffic to IDS': - proto => all, - jump => 'TEE', - gateway => '10.0.0.2', - chain => 'PREROUTING', - table => 'mangle', -} -~~~ - -The following example creates a new chain and forwards any port 5000 access to it. -~~~puppet -firewall { '100 forward to MY_CHAIN': - chain => 'INPUT', - jump => 'MY_CHAIN', -} -# The namevar here is in the format chain_name:table:protocol -firewallchain { 'MY_CHAIN:filter:IPv4': - ensure => present, -} -firewall { '100 my rule': - chain => 'MY_CHAIN', - action => 'accept', - proto => 'tcp', - dport => 5000, -} -~~~ - -###Additional Information - -Access the inline documentation: - - puppet describe firewall - -Or - - puppet doc -r type - (and search for firewall) - -##Reference - -Classes: - -* [firewall](#class-firewall) - -Types: - -* [firewall](#type-firewall) -* [firewallchain](#type-firewallchain) - -Facts: - -* [ip6tables_version](#fact-ip6tablesversion) -* [iptables_version](#fact-iptablesversion) -* [iptables_persistent_version](#fact-iptablespersistentversion) - -###Class: firewall - -Performs the basic setup tasks required for using the firewall resources. - -At the moment this takes care of: - -* iptables-persistent package installation - -Include the `firewall` class for nodes that need to use the resources in this module: - - class { 'firewall': } - -####ensure - -Parameter that controls the state of the iptables service on your system, allowing you to disable iptables if you want. - -`ensure` can either be 'running' or 'stopped'. Default to 'running'. - -####package - -Specify the platform-specific package(s) to install. Defaults defined in `firewall::params`. - -####service - -Specify the platform-specific service(s) to start or stop. Defaults defined in `firewall::params`. - -###Type: firewall - -This type enables you to manage firewall rules within Puppet. - -####Providers -**Note:** Not all features are available with all providers. - - * `ip6tables`: Ip6tables type provider - * Required binaries: `ip6tables-save`, `ip6tables`. - * Supported features: `address_type`, `connection_limiting`, `dnat`, `hop_limiting`, `icmp_match`, `interface_match`, `iprange`, `ipsec_dir`, `ipsec_policy`, `ipset`, `iptables`, `isfirstfrag`, `ishasmorefrags`, `islastfrag`, `log_level`, `log_prefix`, `log_uid`, `mark`, `mask`, `mss`, `owner`, `pkttype`, `rate_limiting`, `recent_limiting`, `reject_type`, `snat`, `socket`, `state_match`, `tcp_flags`. - -* `iptables`: Iptables type provider - * Required binaries: `iptables-save`, `iptables`. - * Default for `kernel` == `linux`. - * Supported features: `address_type`, `clusterip`, `connection_limiting`, `dnat`, `icmp_match`, `interface_match`, `iprange`, `ipsec_dir`, `ipsec_policy`, `ipset`, `iptables`, `isfragment`, `log_level`, `log_prefix`, `log_uid`, `mark`, `mask`, `mss`, `netmap`, `owner`, `pkttype`, `rate_limiting`, `recent_limiting`, `reject_type`, `snat`, `socket`, `state_match`, `tcp_flags`. - -**Autorequires:** - -If Puppet is managing the iptables or ip6tables chains specified in the `chain` or `jump` parameters, the firewall resource will autorequire those firewallchain resources. - -If Puppet is managing the iptables or iptables-persistent packages, and the provider is iptables or ip6tables, the firewall resource will autorequire those packages to ensure that any required binaries are installed. - -#### Features - -* `address_type`: The ability to match on source or destination address type. - -* `clusterip`: Configure a simple cluster of nodes that share a certain IP and MAC address without an explicit load balancer in front of them. - -* `connection_limiting`: Connection limiting features. - -* `dnat`: Destination NATing. - -* `hop_limiting`: Hop limiting features. - -* `icmp_match`: The ability to match ICMP types. - -* `interface_match`: Interface matching. - -* `iprange`: The ability to match on source or destination IP range. - -* `ipsec_dir`: The ability to match IPsec policy direction. - -* `ipsec_policy`: The ability to match IPsec policy. - -* `iptables`: The provider provides iptables features. - -* `isfirstfrag`: The ability to match the first fragment of a fragmented ipv6 packet. - -* `isfragment`: The ability to match fragments. - -* `ishasmorefrags`: The ability to match a non-last fragment of a fragmented ipv6 packet. - -* `islastfrag`: The ability to match the last fragment of an ipv6 packet. - -* `log_level`: The ability to control the log level. - -* `log_prefix`: The ability to add prefixes to log messages. - -* `log_uid`: The ability to log the userid of the process which generated the packet. - -* `mark`: The ability to match or set the netfilter mark value associated with the packet. - -* `mask`: The ability to match recent rules based on the ipv4 mask. - -* `owner`: The ability to match owners. - -* `pkttype`: The ability to match a packet type. - -* `rate_limiting`: Rate limiting features. - -* `recent_limiting`: The netfilter recent module. - -* `reject_type`: The ability to control reject messages. - -* `set_mss`: Set the TCP MSS of a packet. - -* `snat`: Source NATing. - -* `socket`: The ability to match open sockets. - -* `state_match`: The ability to match stateful firewall states. - -* `tcp_flags`: The ability to match on particular TCP flag settings. - -* `netmap`: The ability to map entire subnets via source or destination nat rules. - -#### Parameters - -* `action`: This is the action to perform on a match. Valid values for this action are: - * 'accept': The packet is accepted. - * 'reject': The packet is rejected with a suitable ICMP response. - * 'drop': The packet is dropped. - - If you specify no value it will simply match the rule but perform no action unless you provide a provider-specific parameter (such as `jump`). - -* `burst`: Rate limiting burst value (per second) before limit checks apply. Values must match '/^\d+$/'. Requires the `rate_limiting` feature. - -* `clusterip_new`: Create a new ClusterIP. You always have to set this on the first rule for a given ClusterIP. Requires the `clusterip` feature. - -* `clusterip_hashmode`: Specify the hashing mode. Valid values are sourceip, sourceip-sourceport, sourceip-sourceport-destport. Requires the `clusterip` feature. - -* `clusterip_clustermac`: Specify the ClusterIP MAC address. Has to be a link-layer multicast address. Requires the `clusterip` feature. - -* `clusterip_total_nodes`: Number of total nodes within this cluster. Requires the `clusterip` feature. - -* `clusterip_local_node`: Local node number within this cluster. Requires the `clusterip` feature. - -* `clusterip_hash_init`: Specify the random seed used for hash initialization. Requires the `clusterip` feature. - -* `chain`: Name of the chain to use. You can provide a user-based chain or use one of the following built-in chains:'INPUT','FORWARD','OUTPUT','PREROUTING', or 'POSTROUTING'. The default value is 'INPUT'. Values must match '/^[a-zA-Z0-9\-_]+$/'. Requires the `iptables` feature. - -* `checksum_fill`: When using a `jump` value of 'CHECKSUM', this boolean makes sure that a checksum is calculated and filled in a packet that lacks a checksum. Valid values are 'true' or 'false'. Requires the `iptables` feature. - -* `clamp_mss_to_pmtu`: Enables PMTU Clamping support when using a jump target of 'TCPMSS'. Valid values are 'true' or 'false'. - -* `connlimit_above`: Connection limiting value for matched connections above n. Values must match '/^\d+$/'. Requires the `connection_limiting` feature. - -* `connlimit_mask`: Connection limiting by subnet mask for matched connections. Apply a subnet mask of /0 to /32 for IPv4, and a subnet mask of /0 to /128 for IPv6. Values must match '/^\d+$/'. Requires the `connection_limiting` feature. - -* `connmark`: Match the Netfilter mark value associated with the packet. Accepts values `mark/mask` or `mark`. These will be converted to hex if they are not hex already. Requires the `mark` feature. - -* `ctstate`: Matches a packet based on its state in the firewall stateful inspection table, using the conntrack module. Valid values are: 'INVALID', 'ESTABLISHED', 'NEW', 'RELATED'. Requires the `state_match` feature. - -* `date_start`: Start Date/Time for the rule to match, which must be in ISO 8601 "T" notation. The possible time range is '1970-01-01T00:00:00' to '2038-01-19T04:17:07' - -* `date_stop`: End Date/Time for the rule to match, which must be in ISO 8601 "T" notation. The possible time range is '1970-01-01T00:00:00' to '2038-01-19T04:17:07' - -* `destination`: The destination address to match. For example: `destination => '192.168.1.0/24'`. You can also negate a mask by putting ! in front. For example: `destination => '! 192.168.2.0/24'`. The destination can also be an IPv6 address if your provider supports it. - - For some firewall providers you can pass a range of ports in the format: 'start number-end number'. For example, '1-1024' would cover ports 1 to 1024. - -* `dport`: The destination port to match for this filter (if the protocol supports ports). Will accept a single element or an array. For some firewall providers you can pass a range of ports in the format: 'start number-end number'. For example, '1-1024' would cover ports 1 to 1024. - -* `dst_range`: The destination IP range. For example: `dst_range => '192.168.1.1-192.168.1.10'`. - - The destination IP range is must in 'IP1-IP2' format. Values in the range must be valid IPv4 or IPv6 addresses. Requires the `iprange` feature. - -* `dst_type`: The destination address type. For example: `dst_type => 'LOCAL'`. - - Valid values are: - - * 'UNSPEC': an unspecified address - * 'UNICAST': a unicast address - * 'LOCAL': a local address - * 'BROADCAST': a broadcast address - * 'ANYCAST': an anycast packet - * 'MULTICAST': a multicast address - * 'BLACKHOLE': a blackhole address - * 'UNREACHABLE': an unreachable address - * 'PROHIBIT': a prohibited address - * 'THROW': an unroutable address - * 'XRESOLVE: an unresolvable address - - Requires the `address_type` feature. - -* `ensure`: Ensures that the resource is present. Valid values are 'present', 'absent'. The default is 'present'. - -* `gateway`: Used with TEE target to mirror traffic of a machine to a secondary host on the LAN. - -* `gid`: GID or Group owner matching rule. Accepts a string argument only, as iptables does not accept multiple gid in a single statement. Requires the `owner` feature. - -* `hop_limit`: Hop limiting value for matched packets. Values must match '/^\d+$/'. Requires the `hop_limiting` feature. - -* `icmp`: When matching ICMP packets, this indicates the type of ICMP packet to match. A value of 'any' is not supported. To match any type of ICMP packet, the parameter should be omitted or undefined. Requires the `icmp_match` feature. - -* `iniface`: Input interface to filter on. Values must match '/^!?\s?[a-zA-Z0-9\-\._\+\:]+$/'. Requires the `interface_match` feature. Supports interface alias (eth0:0) and negation. - -* `ipsec_dir`: Sets the ipsec policy direction. Valid values are 'in', 'out'. Requires the `ipsec_dir` feature. - -* `ipsec_policy`: Sets the ipsec policy type. Valid values are 'none', 'ipsec'. Requires the `ipsec_policy` feature. - -* `ipset`: Matches IP sets. Value must be 'ipset_name (src|dst|src,dst)' and can be negated by putting ! in front. Requires ipset kernel module. - -* `isfirstfrag`: If true, matches when the packet is the first fragment of a fragmented ipv6 packet. Cannot be negated. Supported by ipv6 only. Valid values are 'true', 'false'. Requires the `isfirstfrag` feature. - -* `isfragment`: If 'true', matches when the packet is a tcp fragment of a fragmented packet. Supported by iptables only. Valid values are 'true', 'false'. Requires features `isfragment`. - -* `ishasmorefrags`: If 'true', matches when the packet has the 'more fragments' bit set. Supported by ipv6 only. Valid values are 'true', 'false'. Requires the `ishasmorefrags` feature. - -* `islastfrag`: If true, matches when the packet is the last fragment of a fragmented ipv6 packet. Supported by ipv6 only. Valid values are 'true', 'false'. Requires the `islastfrag`. - -* `jump`: The value for the iptables `--jump` parameter. Any valid chain name is allowed, but normal values are: 'QUEUE', 'RETURN', 'DNAT', 'SNAT', 'LOG', 'MASQUERADE', 'REDIRECT', 'MARK', 'TCPMSS', 'DSCP'. - - For the values 'ACCEPT', 'DROP', and 'REJECT', you must use the generic `action` parameter. This is to enforce the use of generic parameters where possible for maximum cross-platform modeling. - - If you set both `accept` and `jump` parameters, you will get an error, because only one of the options should be set. Requires the `iptables` feature. - -* `kernel_timezone`: Use the kernel timezone instead of UTC to determine whether a packet meets the time regulations. - -* `limit`: Rate limiting value for matched packets. The format is: 'rate/[/second/|/minute|/hour|/day]'. Example values are: '50/sec', '40/min', '30/hour', '10/day'. Requires the `rate_limiting` feature. - -* `line`: Read-only property for caching the rule line. - -* `log_level`: When combined with `jump => 'LOG'` specifies the system log level to log to. Requires the `log_level` feature. - -* `log_prefix`: When combined with `jump => 'LOG'` specifies the log prefix to use when logging. Requires the `log_prefix` feature. - -* `log_uid`: The ability to log the userid of the process which generated the packet. - -* `mask`: Sets the mask to use when `recent` is enabled. Requires the `mask` feature. - -* `month_days`: Only match on the given days of the month. Possible values are '1' to '31'. Note that specifying '31' will not match on months that do not have a 31st day; the same goes for 28- or 29-day February. - -* `match_mark`: Match the Netfilter mark value associated with the packet. Accepts either of mark/mask or mark. These will be converted to hex if they are not already. Requires the `mark` feature. - -* `mss`: Sets a given TCP MSS value or range to match. - -* `name`: The canonical name of the rule. This name is also used for ordering, so make sure you prefix the rule with a number. For example: - -~~~puppet -firewall { '000 this runs first': - # this rule will run first -} -firewall { '999 this runs last': - # this rule will run last -} - ~~~ - - Depending on the provider, the name of the rule can be stored using the comment feature of the underlying firewall subsystem. Values must match '/^\d+[[:graph:][:space:]]+$/'. - -* `outiface`: Output interface to filter on. Values must match '/^!?\s?[a-zA-Z0-9\-\._\+\:]+$/'. Requires the `interface_match` feature. Supports interface alias (eth0:0) and negation. - -* `physdev_in`: Match if the packet is entering a bridge from the given interface. Values must match '/^[a-zA-Z0-9\-\._\+]+$/'. - -* `physdev_out`: Match if the packet is leaving a bridge via the given interface. Values must match '/^[a-zA-Z0-9\-\._\+]+$/'. - -* `physdev_is_bridged`: Match if the packet is transversing a bridge. Valid values are true or false. - -* `pkttype`: Sets the packet type to match. Valid values are: 'unicast', 'broadcast', and'multicast'. Requires the `pkttype` feature. - -* `port`: *DEPRECATED* Using the unspecific 'port' parameter can lead to firewall rules that are unexpectedly too lax. It is recommended to always use the specific dport and sport parameters to avoid this ambiguity. The destination or source port to match for this filter (if the protocol supports ports). Will accept a single element or an array. For some firewall providers you can pass a range of ports in the format: 'start number-end number'. For example, '1-1024' would cover ports 1 to 1024. - -* `proto`: The specific protocol to match for this rule. This is 'tcp' by default. Valid values are: - * 'tcp' - * 'udp' - * 'icmp' - * 'ipv4' - * 'ipv6' - * 'ipv6-icmp' - * 'esp' - * 'ah' - * 'vrrp' - * 'igmp' - * 'ipencap' - * 'ospf' - * 'gre' - * 'all' - -* `provider`: The specific backend to use for this firewall resource. You will seldom need to specify this --- Puppet will usually discover the appropriate provider for your platform. Available providers are ip6tables and iptables. See the [Providers](#providers) section above for details about these providers. - - * `random`: When using a `jump` value of 'MASQUERADE', 'DNAT', 'REDIRECT', or 'SNAT', this boolean will enable randomized port mapping. Valid values are true or false. Requires the `dnat` feature. - -* `rdest`: If boolean 'true', adds the destination IP address to the list. Valid values are true or false. Requires the `recent_limiting` feature and the `recent` parameter. - -* `reap`: Can only be used in conjunction with the `rseconds` parameter. If boolean 'true', this will purge entries older than 'seconds' as specified in `rseconds`. Valid values are true or false. Requires the `recent_limiting` feature and the `recent` parameter. - -* `recent`: Enable the recent module. Valid values are: 'set', 'update', 'rcheck', or 'remove'. For example: - -~~~puppet -# If anyone's appeared on the 'badguy' blacklist within -# the last 60 seconds, drop their traffic, and update the timestamp. -firewall { '100 Drop badguy traffic': - recent => 'update', - rseconds => 60, - rsource => true, - rname => 'badguy', - action => 'DROP', - chain => 'FORWARD', -} -# No-one should be sending us traffic on eth0 from localhost -# Blacklist them -firewall { '101 blacklist strange traffic': - recent => 'set', - rsource => true, - rname => 'badguy', - destination => '127.0.0.0/8', - iniface => 'eth0', - action => 'DROP', - chain => 'FORWARD', -} -~~~ - - Requires the `recent_limiting` feature. - -* `reject`: When combined with `jump => 'REJECT'`, you can specify a different ICMP response to be sent back to the packet sender. Requires the `reject_type` feature. - -* `rhitcount`: Used in conjunction with `recent => 'update'` or `recent => 'rcheck'`. When used, this will narrow the match to happen only when the address is in the list and packets greater than or equal to the given value have been received. Requires the `recent_limiting` feature and the `recent` parameter. - -* `rname`: Specify the name of the list. Takes a string argument. Requires the `recent_limiting` feature and the `recent` parameter. - -* `rseconds`: Used in conjunction with `recent => 'rcheck'` or `recent => 'update'`. When used, this will narrow the match to only happen when the address is in the list and was seen within the last given number of seconds. Requires the `recent_limiting` feature and the `recent` parameter. - -* `rsource`: If boolean 'true', adds the source IP address to the list. Valid values are 'true', 'false'. Requires the `recent_limiting` feature and the `recent` parameter. - -* `rttl`: May only be used in conjunction with `recent => 'rcheck'` or `recent => 'update'`. If boolean 'true', this will narrow the match to happen only when the address is in the list and the TTL of the current packet matches that of the packet that hit the `recent => 'set'` rule. If you have problems with DoS attacks via bogus packets from fake source addresses, this parameter may help. Valid values are 'true', 'false'. Requires the `recent_limiting` feature and the `recent` parameter. - -* `set_dscp`: When combined with `jump => 'DSCP'` specifies the dscp marking associated with the packet. - -* `set_dscp_class`: When combined with `jump => 'DSCP'` specifies the class associated with the packet (valid values found here: http://www.cisco.com/c/en/us/support/docs/quality-of-service-qos/qos-packet-marking/10103-dscpvalues.html#packetclassification). - -* `set_mark`: Set the Netfilter mark value associated with the packet. Accepts either 'mark/mask' or 'mark'. These will be converted to hex if they are not already. Requires the `mark` feature. - -* `set_mss`: When combined with `jump => 'TCPMSS'` specifies the value of the MSS field. - -* `socket`: If 'true', matches if an open socket can be found by doing a socket lookup on the packet. Valid values are 'true', 'false'. Requires the `socket` feature. - -* `source`: The source address. For example: `source => '192.168.2.0/24'`. You can also negate a mask by putting ! in front. For example: `source => '! 192.168.2.0/24'`. The source can also be an IPv6 address if your provider supports it. - -* `sport`: The source port to match for this filter (if the protocol supports ports). Will accept a single element or an array. For some firewall providers you can pass a range of ports in the format:'start number-end number'. For example, '1-1024' would cover ports 1 to 1024. - -* `src_range`: The source IP range. For example: `src_range => '192.168.1.1-192.168.1.10'`. The source IP range must be in 'IP1-IP2' format. Values in the range must be valid IPv4 or IPv6 addresses. Requires the `iprange` feature. - -* `src_type`: Specify the source address type. For example: `src_type => 'LOCAL'`. - - Valid values are: - - * 'UNSPEC': an unspecified address. - * 'UNICAST': a unicast address. - * 'LOCAL': a local address. - * 'BROADCAST': a broadcast address. - * 'ANYCAST': an anycast packet. - * 'MULTICAST': a multicast address. - * 'BLACKHOLE': a blackhole address. - * 'UNREACHABLE': an unreachable address. - * 'PROHIBIT': a prohibited address. - * 'THROW': an unroutable address. - * 'XRESOLVE': an unresolvable address. - - Requires the `address_type` feature. - -* `stat_every`: Match one packet every nth packet. Requires `stat_mode => 'nth'` - -* `stat_mode`: Set the matching mode for statistic matching. Supported modes are `random` and `nth`. - -* `stat_packet`: Set the initial counter value for the nth mode. Must be between 0 and the value of `stat_every`. Defaults to 0. Requires `stat_mode => 'nth'` - -* `stat_probability`: Set the probability from 0 to 1 for a packet to be randomly matched. It works only with `stat_mode => 'random'`. - -* `state`: Matches a packet based on its state in the firewall stateful inspection table. Valid values are: 'INVALID', 'ESTABLISHED', 'NEW', 'RELATED'. Requires the `state_match` feature. - -* `table`: Table to use. Valid values are: 'nat', 'mangle', 'filter', 'raw', 'rawpost'. By default the setting is 'filter'. Requires the `iptables` feature. - -* `tcp_flags`: Match when the TCP flags are as specified. Set as a string with a list of comma-separated flag names for the mask, then a space, then a comma-separated list of flags that should be set. The flags are: 'SYN', 'ACK', 'FIN', 'RST', 'URG', 'PSH', 'ALL', 'NONE'. - - Note that you specify flags in the order that iptables `--list` rules would list them to avoid having Puppet think you changed the flags. For example, 'FIN,SYN,RST,ACK SYN' matches packets with the SYN bit set and the ACK, RST and FIN bits cleared. Such packets are used to request TCP connection initiation. Requires the `tcp_flags` feature. - -* `time_contiguous`: When the `time_stop` value is smaller than the `time_start` value, match this as a single time period instead of distinct intervals. - -* `time_start`: Start time for the rule to match. The possible time range is '00:00:00' to '23:59:59'. Leading zeroes are allowed (e.g. '06:03') and correctly interpreted as base-10. - -* `time_stop`: End time for the rule to match. The possible time range is '00:00:00' to '23:59:59'. Leading zeroes are allowed (e.g. '06:03') and correctly interpreted as base-10. - -* `todest`: When using `jump => 'DNAT'`, you can specify the new destination address using this parameter. Requires the `dnat` feature. - -* `toports`: For DNAT this is the port that will replace the destination port. Requires the `dnat` feature. - -* `tosource`: When using `jump => 'SNAT'`, you can specify the new source address using this parameter. Requires the `snat` feature. - -* `to`: When using `jump => 'NETMAP'`, you can specify a source or destination subnet to nat to. Requires the `netmap` feature`. - -* `uid`: UID or Username owner matching rule. Accepts a string argument only, as iptables does not accept multiple uid in a single statement. Requires the `owner` feature. - -* `week_days`: Only match on the given weekdays. Possible values are 'Mon', 'Tue', 'Wed', 'Thu', 'Fri', 'Sat', 'Sun'. - -###Type: firewallchain - -Enables you to manage rule chains for firewalls. - -Currently this type supports only iptables, ip6tables, and ebtables on Linux. It also provides support for setting the default policy on chains and tables that allow it. - -**Autorequires**: If Puppet is managing the iptables or iptables-persistent packages, and the provider is iptables_chain, the firewall resource will autorequire those packages to ensure that any required binaries are installed. - -####Providers - -`iptables_chain` is the only provider that supports firewallchain. - -####Features - -* `iptables_chain`: The provider provides iptables chain features. -* `policy`: Default policy (inbuilt chains only). - -####Parameters - -* `ensure`: Ensures that the resource is present. Valid values are 'present', 'absent'. - -* `ignore`: Regex to perform on firewall rules to exempt unmanaged rules from purging (when enabled). This is matched against the output of iptables-save. This can be a single regex or an array of them. To support flags, use the ruby inline flag mechanism: a regex such as '/foo/i' can be written as '(?i)foo' or '(?i:foo)'. Only when purge is 'true'. - - Full example: -~~~puppet -firewallchain { 'INPUT:filter:IPv4': - purge => true, - ignore => [ - # ignore the fail2ban jump rule - '-j fail2ban-ssh', - # ignore any rules with "ignore" (case insensitive) in the comment in the rule - '--comment "[^"](?i:ignore)[^"]"', - ], -} -~~~ - -* `name`: Specify the canonical name of the chain. For iptables the format must be {chain}:{table}:{protocol}. - -* `policy`: Set the action the packet will perform when the end of the chain is reached. It can only be set on inbuilt chains ('INPUT', 'FORWARD', 'OUTPUT', 'PREROUTING', 'POSTROUTING'). Valid values are: - - * 'accept': The packet is accepted. - * 'drop': The packet is dropped. - * 'queue': The packet is passed userspace. - * 'return': The packet is returned to calling (jump) queue or to the default of inbuilt chains. - -* `provider`: The specific backend to use for this firewallchain resource. You will seldom need to specify this --- Puppet will usually discover the appropriate provider for your platform. The only available provider is: - - `iptables_chain`: iptables chain provider - - * Required binaries: `ebtables-save`, `ebtables`, `ip6tables-save`, `ip6tables`, `iptables-save`, `iptables`. - * Default for `kernel` == `linux`. - * Supported features: `iptables_chain`, `policy`. - -* `purge`: Purge unmanaged firewall rules in this chain. Valid values are 'false', 'true'. - -**Note** This `purge` is purging unmanaged rules in a firewall chain, not unmanaged firewall chains. To purge unmanaged firewall chains, use the following instead. - -~~~puppet -resources { 'firewallchain': - purge => true, -} -~~~ - -###Fact: ip6tables_version - -A Facter fact that can be used to determine what the default version of ip6tables is for your operating system/distribution. - -###Fact: iptables_version - -A Facter fact that can be used to determine what the default version of iptables is for your operating system/distribution. - -###Fact: iptables_persistent_version - -Retrieves the version of iptables-persistent from your OS. This is a Debian/Ubuntu specific fact. - -##Limitations - -###SLES - -The `socket` parameter is not supported on SLES. In this release it will cause -the catalog to fail with iptables failures, rather than correctly warn you that -the features are unusable. - -###Oracle Enterprise Linux - -The `socket` and `owner` parameters are unsupported on Oracle Enterprise Linux -when the "Unbreakable" kernel is used. These may function correctly when using -the stock RedHat kernel instead. Declaring either of these parameters on an -unsupported system will result in iptable rules failing to apply. - -### Debian 8 Support - -As Puppet Enterprise itself does not yet support Debian 8, use of this module with Puppet Enterprise under a Debian 8 -system should be regarded as experimental. - -###Other - -Bugs can be reported in JIRA: - - - -##Development - -Puppet Labs modules on the Puppet Forge are open projects, and community contributions are essential for keeping them great. We can’t access the huge number of platforms and myriad of hardware, software, and deployment configurations that Puppet is intended to serve. - -We want to keep it as easy as possible to contribute changes so that our modules work in your environment. There are a few guidelines that we need contributors to follow so that we can have a chance of keeping on top of things. - -You can read the complete module contribution guide [on the Puppet Labs wiki.](http://projects.puppetlabs.com/projects/module-site/wiki/Module_contributing) - -For this particular module, please also read CONTRIBUTING.md before contributing. - -Currently we support: - -* iptables -* ip6tables -* ebtables (chains only) - -###Testing - -Make sure you have: - -* rake -* bundler - -Install the necessary gems: - - bundle install - -And run the tests from the root of the source code: - - rake test - -If you have a copy of Vagrant 1.1.0 you can also run the system tests: - - RS_SET=ubuntu-1404-x64 rspec spec/acceptance - RS_SET=centos-64-x64 rspec spec/acceptance diff --git a/firewall/Rakefile b/firewall/Rakefile deleted file mode 100644 index 181157e6e..000000000 --- a/firewall/Rakefile +++ /dev/null @@ -1,10 +0,0 @@ -require 'puppetlabs_spec_helper/rake_tasks' -require 'puppet-lint/tasks/puppet-lint' - -PuppetLint.configuration.fail_on_warnings = true -PuppetLint.configuration.send('relative') -PuppetLint.configuration.send('disable_80chars') -PuppetLint.configuration.send('disable_class_inherits_from_params_class') -PuppetLint.configuration.send('disable_documentation') -PuppetLint.configuration.send('disable_single_quote_string_with_variables') -PuppetLint.configuration.ignore_paths = ["spec/**/*.pp", "pkg/**/*.pp"] diff --git a/firewall/lib/facter/ip6tables_version.rb b/firewall/lib/facter/ip6tables_version.rb deleted file mode 100644 index 3dce27f70..000000000 --- a/firewall/lib/facter/ip6tables_version.rb +++ /dev/null @@ -1,11 +0,0 @@ -Facter.add(:ip6tables_version) do - confine :kernel => :linux - setcode do - version = Facter::Util::Resolution.exec('ip6tables --version') - if version - version.match(/\d+\.\d+\.\d+/).to_s - else - nil - end - end -end diff --git a/firewall/lib/facter/iptables_persistent_version.rb b/firewall/lib/facter/iptables_persistent_version.rb deleted file mode 100644 index 4dbf6bcf6..000000000 --- a/firewall/lib/facter/iptables_persistent_version.rb +++ /dev/null @@ -1,22 +0,0 @@ -Facter.add(:iptables_persistent_version) do - confine :operatingsystem => %w{Debian Ubuntu} - setcode do - # Throw away STDERR because dpkg >= 1.16.7 will make some noise if the - # package isn't currently installed. - os = Facter.value(:operatingsystem) - os_release = Facter.value(:operatingsystemrelease) - if (os == 'Debian' and (Puppet::Util::Package.versioncmp(os_release, '8.0') >= 0)) or - (os == 'Ubuntu' and (Puppet::Util::Package.versioncmp(os_release, '14.10') >= 0)) - cmd = "dpkg-query -Wf '${Version}' netfilter-persistent 2>/dev/null" - else - cmd = "dpkg-query -Wf '${Version}' iptables-persistent 2>/dev/null" - end - version = Facter::Util::Resolution.exec(cmd) - - if version.nil? or !version.match(/\d+\.\d+/) - nil - else - version - end - end -end diff --git a/firewall/lib/facter/iptables_version.rb b/firewall/lib/facter/iptables_version.rb deleted file mode 100644 index 6f7ae5647..000000000 --- a/firewall/lib/facter/iptables_version.rb +++ /dev/null @@ -1,11 +0,0 @@ -Facter.add(:iptables_version) do - confine :kernel => :linux - setcode do - version = Facter::Util::Resolution.exec('iptables --version') - if version - version.match(/\d+\.\d+\.\d+/).to_s - else - nil - end - end -end diff --git a/firewall/lib/puppet/provider/firewall.rb b/firewall/lib/puppet/provider/firewall.rb deleted file mode 100644 index c6b0b10bb..000000000 --- a/firewall/lib/puppet/provider/firewall.rb +++ /dev/null @@ -1,34 +0,0 @@ -class Puppet::Provider::Firewall < Puppet::Provider - - # Prefetch our rule list. This is ran once every time before any other - # action (besides initialization of each object). - def self.prefetch(resources) - debug("[prefetch(resources)]") - instances.each do |prov| - if resource = resources[prov.name] || resources[prov.name.downcase] - resource.provider = prov - end - end - end - - # Look up the current status. This allows us to conventiently look up - # existing status with properties[:foo]. - def properties - if @property_hash.empty? - @property_hash = query || {:ensure => :absent} - @property_hash[:ensure] = :absent if @property_hash.empty? - end - @property_hash.dup - end - - # Pull the current state of the list from the full list. We're - # getting some double entendre here.... - def query - self.class.instances.each do |instance| - if instance.name == self.name or instance.name.downcase == self.name - return instance.properties - end - end - nil - end -end diff --git a/firewall/lib/puppet/provider/firewall/ip6tables.rb b/firewall/lib/puppet/provider/firewall/ip6tables.rb deleted file mode 100644 index 78ad24def..000000000 --- a/firewall/lib/puppet/provider/firewall/ip6tables.rb +++ /dev/null @@ -1,229 +0,0 @@ -Puppet::Type.type(:firewall).provide :ip6tables, :parent => :iptables, :source => :ip6tables do - @doc = "Ip6tables type provider" - - has_feature :iptables - has_feature :connection_limiting - has_feature :hop_limiting - has_feature :rate_limiting - has_feature :recent_limiting - has_feature :snat - has_feature :dnat - has_feature :interface_match - has_feature :icmp_match - has_feature :owner - has_feature :state_match - has_feature :reject_type - has_feature :log_level - has_feature :log_prefix - has_feature :log_uid - has_feature :mark - has_feature :mss - has_feature :tcp_flags - has_feature :pkttype - has_feature :ishasmorefrags - has_feature :islastfrag - has_feature :isfirstfrag - has_feature :socket - has_feature :address_type - has_feature :iprange - has_feature :ipsec_dir - has_feature :ipsec_policy - has_feature :mask - has_feature :ipset - - optional_commands({ - :ip6tables => 'ip6tables', - :ip6tables_save => 'ip6tables-save', - }) - - confine :kernel => :linux - - ip6tables_version = Facter.value('ip6tables_version') - if (ip6tables_version and Puppet::Util::Package.versioncmp(ip6tables_version, '1.4.1') < 0) - mark_flag = '--set-mark' - else - mark_flag = '--set-xmark' - end - - - def initialize(*args) - ip6tables_version = Facter.value('ip6tables_version') - if ip6tables_version and ip6tables_version.match /1\.3\.\d/ - raise ArgumentError, 'The ip6tables provider is not supported on version 1.3 of iptables' - else - super - end - end - - def self.iptables(*args) - ip6tables(*args) - end - - def self.iptables_save(*args) - ip6tables_save(*args) - end - - @protocol = "IPv6" - - @resource_map = { - :burst => "--limit-burst", - :checksum_fill => "--checksum-fill", - :clamp_mss_to_pmtu => "--clamp-mss-to-pmtu", - :connlimit_above => "-m connlimit --connlimit-above", - :connlimit_mask => "--connlimit-mask", - :connmark => "-m connmark --mark", - :ctstate => "-m conntrack --ctstate", - :destination => "-d", - :dport => ["-m multiport --dports", "--dport"], - :dst_range => '--dst-range', - :dst_type => "--dst-type", - :gateway => "--gateway", - :gid => "--gid-owner", - :hop_limit => "-m hl --hl-eq", - :icmp => "-m icmp6 --icmpv6-type", - :iniface => "-i", - :ipsec_dir => "-m policy --dir", - :ipsec_policy => "--pol", - :ipset => "-m set --match-set", - :isfirstfrag => "-m frag --fragid 0 --fragfirst", - :ishasmorefrags => "-m frag --fragid 0 --fragmore", - :islastfrag => "-m frag --fragid 0 --fraglast", - :jump => "-j", - :limit => "-m limit --limit", - :log_level => "--log-level", - :log_prefix => "--log-prefix", - :log_uid => "--log-uid", - :mask => "--mask", - :match_mark => "-m mark --mark", - :name => "-m comment --comment", - :mac_source => ["-m mac --mac-source", "--mac-source"], - :mss => "-m tcpmss --mss", - :outiface => "-o", - :pkttype => "-m pkttype --pkt-type", - :port => '-m multiport --ports', - :proto => "-p", - :rdest => "--rdest", - :reap => "--reap", - :recent => "-m recent", - :reject => "--reject-with", - :rhitcount => "--hitcount", - :rname => "--name", - :rseconds => "--seconds", - :rsource => "--rsource", - :rttl => "--rttl", - :set_dscp => '--set-dscp', - :set_dscp_class => '--set-dscp-class', - :set_mark => mark_flag, - :set_mss => '--set-mss', - :socket => "-m socket", - :source => "-s", - :sport => ["-m multiport --sports", "--sport"], - :src_range => '--src-range', - :src_type => "--src-type", - :stat_every => '--every', - :stat_mode => "-m statistic --mode", - :stat_packet => '--packet', - :stat_probability => '--probability', - :state => "-m state --state", - :table => "-t", - :tcp_flags => "-m tcp --tcp-flags", - :todest => "--to-destination", - :toports => "--to-ports", - :tosource => "--to-source", - :uid => "--uid-owner", - :physdev_in => "--physdev-in", - :physdev_out => "--physdev-out", - :physdev_is_bridged => "--physdev-is-bridged", - :date_start => "--datestart", - :date_stop => "--datestop", - :time_start => "--timestart", - :time_stop => "--timestop", - :month_days => "--monthdays", - :week_days => "--weekdays", - :time_contiguous => "--contiguous", - :kernel_timezone => "--kerneltz", - } - - # These are known booleans that do not take a value, but we want to munge - # to true if they exist. - @known_booleans = [ - :checksum_fill, - :clamp_mss_to_pmtu, - :ishasmorefrags, - :islastfrag, - :isfirstfrag, - :log_uid, - :rsource, - :rdest, - :reap, - :rttl, - :socket, - :physdev_is_bridged, - :time_contiguous, - :kernel_timezone, - ] - - # Properties that use "-m " (with the potential to have multiple - # arguments against the same IPT module) must be in this hash. The keys in this - # hash are the IPT module names, with the values being an array of the respective - # supported arguments for this IPT module. - # - # ** IPT Module arguments must be in order as they would appear in iptables-save ** - # - # Exceptions: - # => multiport: (For some reason, the multiport arguments can't be) - # specified within the same "-m multiport", but works in seperate - # ones. - # - @module_to_argument_mapping = { - :physdev => [:physdev_in, :physdev_out, :physdev_is_bridged], - :addrtype => [:src_type, :dst_type], - :iprange => [:src_range, :dst_range], - :owner => [:uid, :gid], - :time => [:time_start, :time_stop, :month_days, :week_days, :date_start, :date_stop, :time_contiguous, :kernel_timezone] - } - - # Create property methods dynamically - (@resource_map.keys << :chain << :table << :action).each do |property| - if @known_booleans.include?(property) then - # The boolean properties default to '' which should be read as false - define_method "#{property}" do - @property_hash[property] = :false if @property_hash[property] == nil - @property_hash[property.to_sym] - end - else - define_method "#{property}" do - @property_hash[property.to_sym] - end - end - - if property == :chain - define_method "#{property}=" do |value| - if @property_hash[:chain] != value - raise ArgumentError, "Modifying the chain for existing rules is not supported." - end - end - else - define_method "#{property}=" do |value| - @property_hash[:needs_change] = true - end - end - end - - # This is the order of resources as they appear in iptables-save output, - # we need it to properly parse and apply rules, if the order of resource - # changes between puppet runs, the changed rules will be re-applied again. - # This order can be determined by going through iptables source code or just tweaking and trying manually - # (Note: on my CentOS 6.4 ip6tables-save returns -m frag on the place - # I put it when calling the command. So compability with manual changes - # not provided with current parser [georg.koester]) - @resource_list = [:table, :source, :destination, :iniface, :outiface, :physdev_in, - :physdev_out, :physdev_is_bridged, :proto, :ishasmorefrags, :islastfrag, :isfirstfrag, :src_range, :dst_range, - :tcp_flags, :uid, :gid, :mac_source, :sport, :dport, :port, :src_type, - :dst_type, :socket, :pkttype, :name, :ipsec_dir, :ipsec_policy, :state, - :ctstate, :icmp, :hop_limit, :limit, :burst, :recent, :rseconds, :reap, - :rhitcount, :rttl, :rname, :mask, :rsource, :rdest, :ipset, :jump, :clamp_mss_to_pmtu, :gateway, :todest, - :tosource, :toports, :checksum_fill, :log_level, :log_prefix, :log_uid, :reject, :set_mss, :set_dscp, :set_dscp_class, :mss, - :set_mark, :match_mark, :connlimit_above, :connlimit_mask, :connmark, :time_start, :time_stop, :month_days, :week_days, :date_start, :date_stop, :time_contiguous, :kernel_timezone] - -end diff --git a/firewall/lib/puppet/provider/firewall/iptables.rb b/firewall/lib/puppet/provider/firewall/iptables.rb deleted file mode 100644 index 1b7beb3de..000000000 --- a/firewall/lib/puppet/provider/firewall/iptables.rb +++ /dev/null @@ -1,739 +0,0 @@ -require 'puppet/provider/firewall' -require 'digest/md5' - -Puppet::Type.type(:firewall).provide :iptables, :parent => Puppet::Provider::Firewall do - include Puppet::Util::Firewall - - @doc = "Iptables type provider" - - has_feature :iptables - has_feature :connection_limiting - has_feature :rate_limiting - has_feature :recent_limiting - has_feature :snat - has_feature :dnat - has_feature :netmap - has_feature :interface_match - has_feature :icmp_match - has_feature :owner - has_feature :state_match - has_feature :reject_type - has_feature :log_level - has_feature :log_prefix - has_feature :log_uid - has_feature :mark - has_feature :mss - has_feature :tcp_flags - has_feature :pkttype - has_feature :isfragment - has_feature :socket - has_feature :address_type - has_feature :iprange - has_feature :ipsec_dir - has_feature :ipsec_policy - has_feature :mask - has_feature :ipset - has_feature :clusterip - - optional_commands({ - :iptables => 'iptables', - :iptables_save => 'iptables-save', - }) - - defaultfor :kernel => :linux - confine :kernel => :linux - - iptables_version = Facter.value('iptables_version') - if (iptables_version and Puppet::Util::Package.versioncmp(iptables_version, '1.4.1') < 0) - mark_flag = '--set-mark' - else - mark_flag = '--set-xmark' - end - - @protocol = "IPv4" - - @resource_map = { - :burst => "--limit-burst", - :checksum_fill => "--checksum-fill", - :clamp_mss_to_pmtu => "--clamp-mss-to-pmtu", - :connlimit_above => "-m connlimit --connlimit-above", - :connlimit_mask => "--connlimit-mask", - :connmark => "-m connmark --mark", - :ctstate => "-m conntrack --ctstate", - :destination => "-d", - :dport => ["-m multiport --dports", "--dport"], - :dst_range => "--dst-range", - :dst_type => "--dst-type", - :gateway => "--gateway", - :gid => "--gid-owner", - :icmp => "-m icmp --icmp-type", - :iniface => "-i", - :ipsec_dir => "-m policy --dir", - :ipsec_policy => "--pol", - :ipset => "-m set --match-set", - :isfragment => "-f", - :jump => "-j", - :limit => "-m limit --limit", - :log_level => "--log-level", - :log_prefix => "--log-prefix", - :log_uid => "--log-uid", - :mac_source => ["-m mac --mac-source", "--mac-source"], - :mask => '--mask', - :match_mark => "-m mark --mark", - :mss => '-m tcpmss --mss', - :name => "-m comment --comment", - :outiface => "-o", - :pkttype => "-m pkttype --pkt-type", - :port => '-m multiport --ports', - :proto => "-p", - :random => "--random", - :rdest => "--rdest", - :reap => "--reap", - :recent => "-m recent", - :reject => "--reject-with", - :rhitcount => "--hitcount", - :rname => "--name", - :rseconds => "--seconds", - :rsource => "--rsource", - :rttl => "--rttl", - :set_dscp => '--set-dscp', - :set_dscp_class => '--set-dscp-class', - :set_mark => mark_flag, - :set_mss => '--set-mss', - :socket => "-m socket", - :source => "-s", - :sport => ["-m multiport --sports", "--sport"], - :src_range => "--src-range", - :src_type => "--src-type", - :stat_every => '--every', - :stat_mode => "-m statistic --mode", - :stat_packet => '--packet', - :stat_probability => '--probability', - :state => "-m state --state", - :table => "-t", - :tcp_flags => "-m tcp --tcp-flags", - :todest => "--to-destination", - :toports => "--to-ports", - :tosource => "--to-source", - :to => "--to", - :uid => "--uid-owner", - :physdev_in => "--physdev-in", - :physdev_out => "--physdev-out", - :physdev_is_bridged => "--physdev-is-bridged", - :date_start => "--datestart", - :date_stop => "--datestop", - :time_start => "--timestart", - :time_stop => "--timestop", - :month_days => "--monthdays", - :week_days => "--weekdays", - :time_contiguous => "--contiguous", - :kernel_timezone => "--kerneltz", - :clusterip_new => "--new", - :clusterip_hashmode => "--hashmode", - :clusterip_clustermac => "--clustermac", - :clusterip_total_nodes => "--total-nodes", - :clusterip_local_node => "--local-node", - :clusterip_hash_init => "--hash-init", - } - - # These are known booleans that do not take a value, but we want to munge - # to true if they exist. - @known_booleans = [ - :checksum_fill, - :clamp_mss_to_pmtu, - :isfragment, - :log_uid, - :random, - :rdest, - :reap, - :rsource, - :rttl, - :socket, - :physdev_is_bridged, - :time_contiguous, - :kernel_timezone, - :clusterip_new, - ] - - # Properties that use "-m " (with the potential to have multiple - # arguments against the same IPT module) must be in this hash. The keys in this - # hash are the IPT module names, with the values being an array of the respective - # supported arguments for this IPT module. - # - # ** IPT Module arguments must be in order as they would appear in iptables-save ** - # - # Exceptions: - # => multiport: (For some reason, the multiport arguments can't be) - # specified within the same "-m multiport", but works in seperate - # ones. - # - @module_to_argument_mapping = { - :physdev => [:physdev_in, :physdev_out, :physdev_is_bridged], - :addrtype => [:src_type, :dst_type], - :iprange => [:src_range, :dst_range], - :owner => [:uid, :gid], - :time => [:time_start, :time_stop, :month_days, :week_days, :date_start, :date_stop, :time_contiguous, :kernel_timezone] - } - - def self.munge_resource_map_from_existing_values(resource_map_original, compare) - resource_map_new = resource_map_original.clone - - @module_to_argument_mapping.each do |ipt_module, arg_array| - arg_array.each do |argument| - if resource_map_original[argument].is_a?(Array) - if compare.include?(resource_map_original[argument].first) - resource_map_new[argument] = resource_map_original[argument].clone - resource_map_new[argument][0] = "-m #{ipt_module.to_s} #{resource_map_original[argument].first}" - break - end - else - if compare.include?(resource_map_original[argument]) - resource_map_new[argument] = "-m #{ipt_module.to_s} #{resource_map_original[argument]}" - break - end - end - end - end - resource_map_new - end - - def munge_resource_map_from_resource(resource_map_original, compare) - resource_map_new = resource_map_original.clone - module_to_argument_mapping = self.class.instance_variable_get('@module_to_argument_mapping') - - module_to_argument_mapping.each do |ipt_module, arg_array| - arg_array.each do |argument| - if compare[argument] - if resource_map_original[argument].is_a?(Array) - resource_map_new[argument] = resource_map_original[argument].clone - resource_map_new[argument][0] = "-m #{ipt_module.to_s} #{resource_map_original[argument].first}" - else - resource_map_new[argument] = "-m #{ipt_module.to_s} #{resource_map_original[argument]}" - end - break - end - end - end - resource_map_new - end - - - # Create property methods dynamically - (@resource_map.keys << :chain << :table << :action).each do |property| - if @known_booleans.include?(property) then - # The boolean properties default to '' which should be read as false - define_method "#{property}" do - @property_hash[property] = :false if @property_hash[property] == nil - @property_hash[property.to_sym] - end - else - define_method "#{property}" do - @property_hash[property.to_sym] - end - end - - if property == :chain - define_method "#{property}=" do |value| - if @property_hash[:chain] != value - raise ArgumentError, "Modifying the chain for existing rules is not supported." - end - end - else - define_method "#{property}=" do |value| - @property_hash[:needs_change] = true - end - end - end - - # This is the order of resources as they appear in iptables-save output, - # we need it to properly parse and apply rules, if the order of resource - # changes between puppet runs, the changed rules will be re-applied again. - # This order can be determined by going through iptables source code or just tweaking and trying manually - @resource_list = [ - :table, :source, :destination, :iniface, :outiface, :physdev_in, :physdev_out, :physdev_is_bridged, :proto, :isfragment, - :stat_mode, :stat_every, :stat_packet, :stat_probability, - :src_range, :dst_range, :tcp_flags, :uid, :gid, :mac_source, :sport, :dport, :port, - :src_type, :dst_type, :socket, :pkttype, :name, :ipsec_dir, :ipsec_policy, - :state, :ctstate, :icmp, :limit, :burst, :recent, :rseconds, :reap, - :rhitcount, :rttl, :rname, :mask, :rsource, :rdest, :ipset, :jump, :clusterip_new, :clusterip_hashmode, - :clusterip_clustermac, :clusterip_total_nodes, :clusterip_local_node, :clusterip_hash_init, - :clamp_mss_to_pmtu, :gateway, :set_mss, :set_dscp, :set_dscp_class, :todest, :tosource, :toports, :to, :checksum_fill, :random, :log_prefix, - :log_level, :log_uid, :reject, :set_mark, :match_mark, :mss, :connlimit_above, :connlimit_mask, :connmark, :time_start, :time_stop, - :month_days, :week_days, :date_start, :date_stop, :time_contiguous, :kernel_timezone - ] - - def insert - debug 'Inserting rule %s' % resource[:name] - iptables insert_args - end - - def update - debug 'Updating rule %s' % resource[:name] - iptables update_args - end - - def delete - debug 'Deleting rule %s' % resource[:name] - begin - iptables delete_args - rescue Puppet::ExecutionFailure => e - # Check to see if the iptables rule is already gone. This can sometimes - # happen as a side effect of other resource changes. If it's not gone, - # raise the error as per usual. - raise e unless self.resource.property(:ensure).insync?(:absent) - - # If it's already gone, there is no error. Still record a change, but - # adjust the change message to indicate ambiguity over what work Puppet - # actually did to remove the resource, vs. what could have been a side - # effect of something else puppet did. - resource.property(:ensure).singleton_class.send(:define_method, :change_to_s) do |a,b| - "ensured absent" - end - end - end - - def exists? - properties[:ensure] != :absent - end - - # Flush the property hash once done. - def flush - debug("[flush]") - if @property_hash.delete(:needs_change) - notice("Properties changed - updating rule") - update - end - persist_iptables(self.class.instance_variable_get(:@protocol)) - @property_hash.clear - end - - def self.instances - debug "[instances]" - table = nil - rules = [] - counter = 1 - - # String#lines would be nice, but we need to support Ruby 1.8.5 - iptables_save.split("\n").each do |line| - unless line =~ /^\#\s+|^\:\S+|^COMMIT|^FATAL/ - if line =~ /^\*/ - table = line.sub(/\*/, "") - else - if hash = rule_to_hash(line, table, counter) - rules << new(hash) - counter += 1 - end - end - end - end - rules - end - - def self.rule_to_hash(line, table, counter) - hash = {} - keys = [] - values = line.dup - - #################### - # PRE-PARSE CLUDGING - #################### - - # --tcp-flags takes two values; we cheat by adding " around it - # so it behaves like --comment - values = values.gsub(/(!\s+)?--tcp-flags (\S*) (\S*)/, '--tcp-flags "\1\2 \3"') - # ditto for --match-set - values = values.sub(/(!\s+)?--match-set (\S*) (\S*)/, '--match-set "\1\2 \3"') - # we do a similar thing for negated address masks (source and destination). - values = values.gsub(/(-\S+) (!)\s?(\S*)/,'\1 "\2 \3"') - # the actual rule will have the ! mark before the option. - values = values.gsub(/(!)\s*(-\S+)\s*(\S*)/, '\2 "\1 \3"') - # The match extension for tcp & udp are optional and throws off the @resource_map. - values = values.gsub(/(?!-m tcp --tcp-flags)-m (tcp|udp) /, '') - # There is a bug in EL5 which puts 2 spaces before physdev, so we fix it - values = values.gsub(/\s{2}--physdev/, ' --physdev') - # '--pol ipsec' takes many optional arguments; we cheat again by adding " around them - values = values.sub(/ - --pol\sipsec - (\s--strict)? - (\s--reqid\s\S+)? - (\s--spi\s\S+)? - (\s--proto\s\S+)? - (\s--mode\s\S+)? - (\s--tunnel-dst\s\S+)? - (\s--tunnel-src\s\S+)? - (\s--next)?/x, - '--pol "ipsec\1\2\3\4\5\6\7\8" ' - ) - - resource_map = munge_resource_map_from_existing_values(@resource_map, values) - - # Trick the system for booleans - @known_booleans.each do |bool| - # append "true" because all params are expected to have values - if bool == :isfragment then - # -f requires special matching: - # only replace those -f that are not followed by an l to - # distinguish between -f and the '-f' inside of --tcp-flags. - values = values.sub(/\s-f(?!l)(?=.*--comment)/, ' -f true') - else - values = values.sub(/#{resource_map[bool]}/, "#{resource_map[bool]} true") - end - end - - ############ - # Populate parser_list with used value, in the correct order - ############ - map_index={} - resource_map.each_pair do |map_k,map_v| - [map_v].flatten.each do |v| - ind=values.index(/\s#{v}\s/) - next unless ind - map_index[map_k]=ind - end - end - # Generate parser_list based on the index of the found option - parser_list=[] - map_index.sort_by{|k,v| v}.each{|mapi| parser_list << mapi.first } - - ############ - # MAIN PARSE - ############ - - # Here we iterate across our values to generate an array of keys - parser_list.reverse.each do |k| - resource_map_key = resource_map[k] - [resource_map_key].flatten.each do |opt| - if values.slice!(/\s#{opt}/) - keys << k - break - end - end - end - - # Manually remove chain - values.slice!('-A') - keys << :chain - - # Here we generate the main hash by scanning arguments off the values - # string, handling any quoted characters present in the value, and then - # zipping the values with the array of keys. - keys.zip(values.scan(/("([^"\\]|\\.)*"|\S+)/).transpose[0].reverse) do |f, v| - if v =~ /^".*"$/ then - hash[f] = v.sub(/^"(.*)"$/, '\1').gsub(/\\(\\|'|")/, '\1') - else - hash[f] = v.dup - end - end - - ##################### - # POST PARSE CLUDGING - ##################### - - [:dport, :sport, :port, :state, :ctstate].each do |prop| - hash[prop] = hash[prop].split(',') if ! hash[prop].nil? - end - - ## clean up DSCP class to HEX mappings - valid_dscp_classes = { - '0x0a' => 'af11', - '0x0c' => 'af12', - '0x0e' => 'af13', - '0x12' => 'af21', - '0x14' => 'af22', - '0x16' => 'af23', - '0x1a' => 'af31', - '0x1c' => 'af32', - '0x1e' => 'af33', - '0x22' => 'af41', - '0x24' => 'af42', - '0x26' => 'af43', - '0x08' => 'cs1', - '0x10' => 'cs2', - '0x18' => 'cs3', - '0x20' => 'cs4', - '0x28' => 'cs5', - '0x30' => 'cs6', - '0x38' => 'cs7', - '0x2e' => 'ef' - } - [:set_dscp_class].each do |prop| - [:set_dscp].each do |dmark| - next unless hash[dmark] - hash[prop] = valid_dscp_classes[hash[dmark]] - end - end - - - # Convert booleans removing the previous cludge we did - @known_booleans.each do |bool| - if hash[bool] != nil then - if hash[bool] != "true" then - raise "Parser error: #{bool} was meant to be a boolean but received value: #{hash[bool]}." - end - end - end - - # Our type prefers hyphens over colons for ranges so ... - # Iterate across all ports replacing colons with hyphens so that ranges match - # the types expectations. - [:dport, :sport, :port].each do |prop| - next unless hash[prop] - hash[prop] = hash[prop].collect do |elem| - elem.gsub(/:/,'-') - end - end - - # Invert any rules that are prefixed with a '!' - [ - :connmark, - :ctstate, - :destination, - :dport, - :dst_range, - :dst_type, - :ipset, - :port, - :proto, - :source, - :sport, - :src_range, - :src_type, - :state, - ].each do |prop| - if hash[prop] and hash[prop].is_a?(Array) - # find if any are negated, then negate all if so - should_negate = hash[prop].index do |value| - value.match(/^(!)\s+/) - end - hash[prop] = hash[prop].collect { |v| - "! #{v.sub(/^!\s+/,'')}" - } if should_negate - elsif hash[prop] - m = hash[prop].match(/^(!?)\s?(.*)/) - neg = "! " if m[1] == "!" - if [:source,:destination].include?(prop) - # Normalise all rules to CIDR notation. - hash[prop] = "#{neg}#{Puppet::Util::IPCidr.new(m[2]).cidr}" - else - hash[prop] = "#{neg}#{m[2]}" - end - end - end - - # States should always be sorted. This ensures that the output from - # iptables-save and user supplied resources is consistent. - hash[:state] = hash[:state].sort unless hash[:state].nil? - hash[:ctstate] = hash[:ctstate].sort unless hash[:ctstate].nil? - - # This forces all existing, commentless rules or rules with invalid comments to be moved - # to the bottom of the stack. - # Puppet-firewall requires that all rules have comments (resource names) and match this - # regex and will fail if a rule in iptables does not have a comment. We get around this - # by appending a high level - if ! hash[:name] - num = 9000 + counter - hash[:name] = "#{num} #{Digest::MD5.hexdigest(line)}" - elsif not /^\d+[[:graph:][:space:]]+$/ =~ hash[:name] - num = 9000 + counter - hash[:name] = "#{num} #{/([[:graph:][:space:]]+)/.match(hash[:name])[1]}" - end - - # Iptables defaults to log_level '4', so it is omitted from the output of iptables-save. - # If the :jump value is LOG and you don't have a log-level set, we assume it to be '4'. - if hash[:jump] == 'LOG' && ! hash[:log_level] - hash[:log_level] = '4' - end - - # Iptables defaults to burst '5', so it is ommitted from the output of iptables-save. - # If the :limit value is set and you don't have a burst set, we assume it to be '5'. - if hash[:limit] && ! hash[:burst] - hash[:burst] = '5' - end - - hash[:line] = line - hash[:provider] = self.name.to_s - hash[:table] = table - hash[:ensure] = :present - - # Munge some vars here ... - - # Proto should equal 'all' if undefined - hash[:proto] = "all" if !hash.include?(:proto) - - # If the jump parameter is set to one of: ACCEPT, REJECT or DROP then - # we should set the action parameter instead. - if ['ACCEPT','REJECT','DROP'].include?(hash[:jump]) then - hash[:action] = hash[:jump].downcase - hash.delete(:jump) - end - hash - end - - def insert_args - args = [] - args << ["-I", resource[:chain], insert_order] - args << general_args - args - end - - def update_args - args = [] - args << ["-R", resource[:chain], insert_order] - args << general_args - args - end - - def delete_args - # Split into arguments - line = properties[:line].gsub(/^\-A /, '-D ').split(/\s(?=(?:[^"]|"[^"]*")*$)/).map{|v| v.gsub(/"/, '')} - line.unshift("-t", properties[:table]) - end - - # This method takes the resource, and attempts to generate the command line - # arguments for iptables. - def general_args - debug "Current resource: %s" % resource.class - - args = [] - resource_list = self.class.instance_variable_get('@resource_list') - known_booleans = self.class.instance_variable_get('@known_booleans') - resource_map = self.class.instance_variable_get('@resource_map') - resource_map = munge_resource_map_from_resource(resource_map, resource) - - resource_list.each do |res| - resource_value = nil - if (resource[res]) then - resource_value = resource[res] - # If socket is true then do not add the value as -m socket is standalone - if known_booleans.include?(res) then - if resource[res] == :true then - resource_value = nil - else - # If the property is not :true then we don't want to add the value - # to the args list - next - end - end - elsif res == :jump and resource[:action] then - # In this case, we are substituting jump for action - resource_value = resource[:action].to_s.upcase - else - next - end - - args << [resource_map[res]].flatten.first.split(' ') - args = args.flatten - - # On negations, the '!' has to be before the option (eg: "! -d 1.2.3.4") - if resource_value.is_a?(String) and resource_value.sub!(/^!\s*/, '') then - # we do this after adding the 'dash' argument because of ones like "-m multiport --dports", where we want it before the "--dports" but after "-m multiport". - # so we insert before whatever the last argument is - args.insert(-2, '!') - elsif resource_value.is_a?(Symbol) and resource_value.to_s.match(/^!/) then - #ruby 1.8.7 can't .match Symbols ------------------ ^ - resource_value = resource_value.to_s.sub!(/^!\s*/, '').to_sym - args.insert(-2, '!') - elsif resource_value.is_a?(Array) - should_negate = resource_value.index do |value| - #ruby 1.8.7 can't .match symbols - value.to_s.match(/^(!)\s+/) - end - if should_negate - resource_value, wrong_values = resource_value.collect do |value| - if value.is_a?(String) - wrong = value if ! value.match(/^!\s+/) - [value.sub(/^!\s*/, ''),wrong] - else - [value,nil] - end - end.transpose - wrong_values = wrong_values.compact - if ! wrong_values.empty? - fail "All values of the '#{res}' property must be prefixed with a '!' when inverting, but '#{wrong_values.join("', '")}' #{wrong_values.length>1?"are":"is"} not prefixed; aborting" - end - args.insert(-2, '!') - end - end - - - # For sport and dport, convert hyphens to colons since the type - # expects hyphens for ranges of ports. - if [:sport, :dport, :port].include?(res) then - resource_value = resource_value.collect do |elem| - elem.gsub(/-/, ':') - end - end - - # our tcp_flags takes a single string with comma lists separated - # by space - # --tcp-flags expects two arguments - if res == :tcp_flags or res == :ipset - one, two = resource_value.split(' ') - args << one - args << two - elsif resource_value.is_a?(Array) - args << resource_value.join(',') - elsif !resource_value.nil? - args << resource_value - end - end - - args - end - - def insert_order - debug("[insert_order]") - rules = [] - - # Find list of current rules based on chain and table - self.class.instances.each do |rule| - if rule.chain == resource[:chain].to_s and rule.table == resource[:table].to_s - rules << rule.name - end - end - - # No rules at all? Just bail now. - return 1 if rules.empty? - - # Add our rule to the end of the array of known rules - my_rule = resource[:name].to_s - rules << my_rule - - unmanaged_rule_regex = /^9[0-9]{3}\s[a-f0-9]{32}$/ - # Find if this is a new rule or an existing rule, then find how many - # unmanaged rules preceed it. - if rules.length == rules.uniq.length - # This is a new rule so find its ordered location. - new_rule_location = rules.sort.uniq.index(my_rule) - if new_rule_location == 0 - # The rule will be the first rule in the chain because nothing came - # before it. - offset_rule = rules[0] - else - # This rule will come after other managed rules, so find the rule - # immediately preceeding it. - offset_rule = rules.sort.uniq[new_rule_location - 1] - end - else - # This is a pre-existing rule, so find the offset from the original - # ordering. - offset_rule = my_rule - end - # Count how many unmanaged rules are ahead of the target rule so we know - # how much to add to the insert order - unnamed_offset = rules[0..rules.index(offset_rule)].inject(0) do |sum,rule| - # This regex matches the names given to unmanaged rules (a number - # 9000-9999 followed by an MD5 hash). - sum + (rule.match(unmanaged_rule_regex) ? 1 : 0) - end - - # We want our rule to come before unmanaged rules if it's not a 9-rule - if offset_rule.match(unmanaged_rule_regex) and ! my_rule.match(/^9/) - unnamed_offset -= 1 - end - - # Insert our new or updated rule in the correct order of named rules, but - # offset for unnamed rules. - rules.reject{|r|r.match(unmanaged_rule_regex)}.sort.index(my_rule) + 1 + unnamed_offset - end -end diff --git a/firewall/lib/puppet/provider/firewallchain/iptables_chain.rb b/firewall/lib/puppet/provider/firewallchain/iptables_chain.rb deleted file mode 100644 index ec10ecc7e..000000000 --- a/firewall/lib/puppet/provider/firewallchain/iptables_chain.rb +++ /dev/null @@ -1,179 +0,0 @@ -Puppet::Type.type(:firewallchain).provide :iptables_chain do - include Puppet::Util::Firewall - - @doc = "Iptables chain provider" - - has_feature :iptables_chain - has_feature :policy - - optional_commands({ - :iptables => 'iptables', - :iptables_save => 'iptables-save', - :ip6tables => 'ip6tables', - :ip6tables_save => 'ip6tables-save', - :ebtables => 'ebtables', - :ebtables_save => 'ebtables-save', - }) - - defaultfor :kernel => :linux - confine :kernel => :linux - - # chain name is greedy so we anchor from the end. - # [\d+:\d+] doesn't exist on ebtables - Mapping = { - :IPv4 => { - :tables => method(:iptables), - :save => method(:iptables_save), - :re => /^:(.+)\s(\S+)\s\[\d+:\d+\]$/, - }, - :IPv6 => { - :tables => method(:ip6tables), - :save => method(:ip6tables_save), - :re => /^:(.+)\s(\S+)\s\[\d+:\d+\]$/, - }, - :ethernet => { - :tables => method(:ebtables), - :save => method(:ebtables_save), - :re => /^:(.+)\s(\S+)$/, - } - } - InternalChains = /^(PREROUTING|POSTROUTING|BROUTING|INPUT|FORWARD|OUTPUT)$/ - Tables = 'nat|mangle|filter|raw|rawpost|broute|security' - Nameformat = /^(.+):(#{Tables}):(IP(v[46])?|ethernet)$/ - - def create - allvalidchains do |t, chain, table, protocol| - if chain =~ InternalChains - # can't create internal chains - warning "Attempting to create internal chain #{@resource[:name]}" - end - if properties[:ensure] == protocol - debug "Skipping Inserting chain #{chain} on table #{table} (#{protocol}) already exists" - else - debug "Inserting chain #{chain} on table #{table} (#{protocol}) using #{t}" - t.call ['-t',table,'-N',chain] - unless @resource[:policy].nil? - t.call ['-t',table,'-P',chain,@resource[:policy].to_s.upcase] - end - end - end - end - - def destroy - allvalidchains do |t, chain, table| - if chain =~ InternalChains - # can't delete internal chains - warning "Attempting to destroy internal chain #{@resource[:name]}" - end - debug "Deleting chain #{chain} on table #{table}" - t.call ['-t',table,'-X',chain] - end - end - - def exists? - allvalidchains do |t, chain| - if chain =~ InternalChains - # If the chain isn't present, it's likely because the module isn't loaded. - # If this is true, then we fall into 2 cases - # 1) It'll be loaded on demand - # 2) It won't be loaded on demand, and we throw an error - # This is the intended behavior as it's not the provider's job to load kernel modules - # So we pretend it exists... - return true - end - end - properties[:ensure] == :present - end - - def policy=(value) - return if value == :empty - allvalidchains do |t, chain, table| - p = ['-t',table,'-P',chain,value.to_s.upcase] - debug "[set policy] #{t} #{p}" - t.call p - end - end - - def policy - debug "[get policy] #{@resource[:name]} =#{@property_hash[:policy].to_s.downcase}" - return @property_hash[:policy].to_s.downcase - end - - def self.prefetch(resources) - debug("[prefetch(resources)]") - instances.each do |prov| - if resource = resources[prov.name] - resource.provider = prov - end - end - end - - def flush - debug("[flush]") - persist_iptables(@resource[:name].match(Nameformat)[3]) - # Clear the property hash so we re-initialize with updated values - @property_hash.clear - end - - # Look up the current status. This allows us to conventiently look up - # existing status with properties[:foo]. - def properties - if @property_hash.empty? - @property_hash = query || {:ensure => :absent} - end - @property_hash.dup - end - - # Pull the current state of the list from the full list. - def query - self.class.instances.each do |instance| - if instance.name == self.name - debug "query found #{self.name}" % instance.properties.inspect - return instance.properties - end - end - nil - end - - def self.instances - debug "[instances]" - table = nil - chains = [] - - Mapping.each { |p, c| - begin - c[:save].call.each_line do |line| - if line =~ c[:re] then - name = $1 + ':' + (table == 'filter' ? 'filter' : table) + ':' + p.to_s - policy = $2 == '-' ? nil : $2.downcase.to_sym - - chains << new({ - :name => name, - :policy => policy, - :ensure => :present, - }) - - debug "[instance] '#{name}' #{policy}" - elsif line =~ /^\*(\S+)/ - table = $1 - else - next - end - end - rescue Puppet::Error - # ignore command not found for ebtables or anything that doesn't exist - end - } - - chains - end - - def allvalidchains - @resource[:name].match(Nameformat) - chain = $1 - table = $2 - protocol = $3 - yield Mapping[protocol.to_sym][:tables],chain,table,protocol.to_sym - end - -end diff --git a/firewall/lib/puppet/type/firewall.rb b/firewall/lib/puppet/type/firewall.rb deleted file mode 100644 index 213fedf02..000000000 --- a/firewall/lib/puppet/type/firewall.rb +++ /dev/null @@ -1,1548 +0,0 @@ -# See: #10295 for more details. -# -# This is a workaround for bug: #4248 whereby ruby files outside of the normal -# provider/type path do not load until pluginsync has occured on the puppetmaster -# -# In this case I'm trying the relative path first, then falling back to normal -# mechanisms. This should be fixed in future versions of puppet but it looks -# like we'll need to maintain this for some time perhaps. -$LOAD_PATH.unshift(File.join(File.dirname(__FILE__),"..","..")) -require 'puppet/util/firewall' - -Puppet::Type.newtype(:firewall) do - include Puppet::Util::Firewall - - @doc = <<-EOS - This type provides the capability to manage firewall rules within - puppet. - - **Autorequires:** - - If Puppet is managing the iptables or ip6tables chains specified in the - `chain` or `jump` parameters, the firewall resource will autorequire - those firewallchain resources. - - If Puppet is managing the iptables, iptables-persistent, or iptables-services packages, - and the provider is iptables or ip6tables, the firewall resource will - autorequire those packages to ensure that any required binaries are - installed. - EOS - - feature :connection_limiting, "Connection limiting features." - feature :hop_limiting, "Hop limiting features." - feature :rate_limiting, "Rate limiting features." - feature :recent_limiting, "The netfilter recent module" - feature :snat, "Source NATing" - feature :dnat, "Destination NATing" - feature :netmap, "NET MAPping" - feature :interface_match, "Interface matching" - feature :icmp_match, "Matching ICMP types" - feature :owner, "Matching owners" - feature :state_match, "Matching stateful firewall states" - feature :reject_type, "The ability to control reject messages" - feature :log_level, "The ability to control the log level" - feature :log_prefix, "The ability to add prefixes to log messages" - feature :log_uid, "Add UIDs to log messages" - feature :mark, "Match or Set the netfilter mark value associated with the packet" - feature :mss, "Match a given TCP MSS value or range." - feature :tcp_flags, "The ability to match on particular TCP flag settings" - feature :pkttype, "Match a packet type" - feature :socket, "Match open sockets" - feature :isfragment, "Match fragments" - feature :address_type, "The ability match on source or destination address type" - feature :iprange, "The ability match on source or destination IP range " - feature :ishasmorefrags, "Match a non-last fragment of a fragmented ipv6 packet - might be first" - feature :islastfrag, "Match the last fragment of an ipv6 packet" - feature :isfirstfrag, "Match the first fragment of a fragmented ipv6 packet" - feature :ipsec_policy, "Match IPsec policy" - feature :ipsec_dir, "Match IPsec policy direction" - feature :mask, "Ability to match recent rules based on the ipv4 mask" - feature :ipset, "Match against specified ipset list" - feature :clusterip, "Configure a simple cluster of nodes that share a certain IP and MAC address without an explicit load balancer in front of them." - - # provider specific features - feature :iptables, "The provider provides iptables features." - - ensurable do - desc <<-EOS - Manage the state of this rule. The default action is *present*. - EOS - - newvalue(:present) do - provider.insert - end - - newvalue(:absent) do - provider.delete - end - - defaultto :present - end - - newparam(:name) do - desc <<-EOS - The canonical name of the rule. This name is also used for ordering - so make sure you prefix the rule with a number: - - 000 this runs first - 999 this runs last - - Depending on the provider, the name of the rule can be stored using - the comment feature of the underlying firewall subsystem. - EOS - isnamevar - - # Keep rule names simple - they must start with a number - newvalues(/^\d+[[:graph:][:space:]]+$/) - end - - newproperty(:action) do - desc <<-EOS - This is the action to perform on a match. Can be one of: - - * accept - the packet is accepted - * reject - the packet is rejected with a suitable ICMP response - * drop - the packet is dropped - - If you specify no value it will simply match the rule but perform no - action unless you provide a provider specific parameter (such as *jump*). - EOS - newvalues(:accept, :reject, :drop) - end - - # Generic matching properties - newproperty(:source) do - desc <<-EOS - The source address. For example: - - source => '192.168.2.0/24' - - You can also negate a mask by putting ! in front. For example: - - source => '! 192.168.2.0/24' - - The source can also be an IPv6 address if your provider supports it. - EOS - - munge do |value| - begin - @resource.host_to_mask(value) - rescue Exception => e - self.fail("host_to_ip failed for #{value}, exception #{e}") - end - end - end - - # Source IP range - newproperty(:src_range, :required_features => :iprange) do - desc <<-EOS - The source IP range. For example: - - src_range => '192.168.1.1-192.168.1.10' - - The source IP range must be in 'IP1-IP2' format. - EOS - - validate do |value| - if matches = /^([^\-\/]+)-([^\-\/]+)$/.match(value) - start_addr = matches[1] - end_addr = matches[2] - - [start_addr, end_addr].each do |addr| - begin - @resource.host_to_ip(addr) - rescue Exception - self.fail("Invalid IP address \"#{addr}\" in range \"#{value}\"") - end - end - else - raise(ArgumentError, "The source IP range must be in 'IP1-IP2' format.") - end - end - end - - newproperty(:destination) do - desc <<-EOS - The destination address to match. For example: - - destination => '192.168.1.0/24' - - You can also negate a mask by putting ! in front. For example: - - destination => '! 192.168.2.0/24' - - The destination can also be an IPv6 address if your provider supports it. - EOS - - munge do |value| - begin - @resource.host_to_mask(value) - rescue Exception => e - self.fail("host_to_ip failed for #{value}, exception #{e}") - end - end - end - - # Destination IP range - newproperty(:dst_range, :required_features => :iprange) do - desc <<-EOS - The destination IP range. For example: - - dst_range => '192.168.1.1-192.168.1.10' - - The destination IP range must be in 'IP1-IP2' format. - EOS - - validate do |value| - if matches = /^([^\-\/]+)-([^\-\/]+)$/.match(value) - start_addr = matches[1] - end_addr = matches[2] - - [start_addr, end_addr].each do |addr| - begin - @resource.host_to_ip(addr) - rescue Exception - self.fail("Invalid IP address \"#{addr}\" in range \"#{value}\"") - end - end - else - raise(ArgumentError, "The destination IP range must be in 'IP1-IP2' format.") - end - end - end - - newproperty(:sport, :array_matching => :all) do - desc <<-EOS - The source port to match for this filter (if the protocol supports - ports). Will accept a single element or an array. - - For some firewall providers you can pass a range of ports in the format: - - - - - For example: - - 1-1024 - - This would cover ports 1 to 1024. - EOS - - munge do |value| - @resource.string_to_port(value, :proto) - end - - def is_to_s(value) - should_to_s(value) - end - - def should_to_s(value) - value = [value] unless value.is_a?(Array) - value.join(',') - end - end - - newproperty(:dport, :array_matching => :all) do - desc <<-EOS - The destination port to match for this filter (if the protocol supports - ports). Will accept a single element or an array. - - For some firewall providers you can pass a range of ports in the format: - - - - - For example: - - 1-1024 - - This would cover ports 1 to 1024. - EOS - - munge do |value| - @resource.string_to_port(value, :proto) - end - - def is_to_s(value) - should_to_s(value) - end - - def should_to_s(value) - value = [value] unless value.is_a?(Array) - value.join(',') - end - end - - newproperty(:port, :array_matching => :all) do - desc <<-EOS - DEPRECATED - - The destination or source port to match for this filter (if the protocol - supports ports). Will accept a single element or an array. - - For some firewall providers you can pass a range of ports in the format: - - - - - For example: - - 1-1024 - - This would cover ports 1 to 1024. - EOS - - validate do |value| - Puppet.warning('Passing port to firewall is deprecated and will be removed. Use dport and/or sport instead.') - end - - munge do |value| - @resource.string_to_port(value, :proto) - end - - def is_to_s(value) - should_to_s(value) - end - - def should_to_s(value) - value = [value] unless value.is_a?(Array) - value.join(',') - end - end - - newproperty(:dst_type, :required_features => :address_type) do - desc <<-EOS - The destination address type. For example: - - dst_type => 'LOCAL' - - Can be one of: - - * UNSPEC - an unspecified address - * UNICAST - a unicast address - * LOCAL - a local address - * BROADCAST - a broadcast address - * ANYCAST - an anycast packet - * MULTICAST - a multicast address - * BLACKHOLE - a blackhole address - * UNREACHABLE - an unreachable address - * PROHIBIT - a prohibited address - * THROW - undocumented - * NAT - undocumented - * XRESOLVE - undocumented - EOS - - newvalues(*[:UNSPEC, :UNICAST, :LOCAL, :BROADCAST, :ANYCAST, :MULTICAST, - :BLACKHOLE, :UNREACHABLE, :PROHIBIT, :THROW, :NAT, :XRESOLVE].collect do |address_type| - [address_type, "! #{address_type}".to_sym] - end.flatten) - end - - newproperty(:src_type, :required_features => :address_type) do - desc <<-EOS - The source address type. For example: - - src_type => 'LOCAL' - - Can be one of: - - * UNSPEC - an unspecified address - * UNICAST - a unicast address - * LOCAL - a local address - * BROADCAST - a broadcast address - * ANYCAST - an anycast packet - * MULTICAST - a multicast address - * BLACKHOLE - a blackhole address - * UNREACHABLE - an unreachable address - * PROHIBIT - a prohibited address - * THROW - undocumented - * NAT - undocumented - * XRESOLVE - undocumented - EOS - - newvalues(*[:UNSPEC, :UNICAST, :LOCAL, :BROADCAST, :ANYCAST, :MULTICAST, - :BLACKHOLE, :UNREACHABLE, :PROHIBIT, :THROW, :NAT, :XRESOLVE].collect do |address_type| - [address_type, "! #{address_type}".to_sym] - end.flatten) - end - - newproperty(:proto) do - desc <<-EOS - The specific protocol to match for this rule. By default this is - *tcp*. - EOS - - newvalues(*[:tcp, :udp, :icmp, :"ipv6-icmp", :esp, :ah, :vrrp, :igmp, :ipencap, :ipv4, :ipv6, :ospf, :gre, :cbt, :sctp, :all].collect do |proto| - [proto, "! #{proto}".to_sym] - end.flatten) - defaultto "tcp" - end - - # tcp-specific - newproperty(:mss) do - desc <<-EOS - Match a given TCP MSS value or range. - EOS - end - - # tcp-specific - newproperty(:tcp_flags, :required_features => :tcp_flags) do - desc <<-EOS - Match when the TCP flags are as specified. - Is a string with a list of comma-separated flag names for the mask, - then a space, then a comma-separated list of flags that should be set. - The flags are: SYN ACK FIN RST URG PSH ALL NONE - Note that you specify them in the order that iptables --list-rules - would list them to avoid having puppet think you changed the flags. - Example: FIN,SYN,RST,ACK SYN matches packets with the SYN bit set and the - ACK,RST and FIN bits cleared. Such packets are used to request - TCP connection initiation. - EOS - end - - - # Iptables specific - newproperty(:chain, :required_features => :iptables) do - desc <<-EOS - Name of the chain to use. Can be one of the built-ins: - - * INPUT - * FORWARD - * OUTPUT - * PREROUTING - * POSTROUTING - - Or you can provide a user-based chain. - - The default value is 'INPUT'. - EOS - - defaultto "INPUT" - newvalue(/^[a-zA-Z0-9\-_]+$/) - end - - newproperty(:table, :required_features => :iptables) do - desc <<-EOS - Table to use. Can be one of: - - * nat - * mangle - * filter - * raw - * rawpost - - By default the setting is 'filter'. - EOS - - newvalues(:nat, :mangle, :filter, :raw, :rawpost) - defaultto "filter" - end - - newproperty(:jump, :required_features => :iptables) do - desc <<-EOS - The value for the iptables --jump parameter. Normal values are: - - * QUEUE - * RETURN - * DNAT - * SNAT - * LOG - * MASQUERADE - * REDIRECT - * MARK - - But any valid chain name is allowed. - - For the values ACCEPT, DROP and REJECT you must use the generic - 'action' parameter. This is to enfore the use of generic parameters where - possible for maximum cross-platform modelling. - - If you set both 'accept' and 'jump' parameters, you will get an error as - only one of the options should be set. - EOS - - validate do |value| - unless value =~ /^[a-zA-Z0-9\-_]+$/ - raise ArgumentError, <<-EOS - Jump destination must consist of alphanumeric characters, an - underscore or a yphen. - EOS - end - - if ["accept","reject","drop"].include?(value.downcase) - raise ArgumentError, <<-EOS - Jump destination should not be one of ACCEPT, REJECT or DROP. Use - the action property instead. - EOS - end - - end - end - - # Interface specific matching properties - newproperty(:iniface, :required_features => :interface_match) do - desc <<-EOS - Input interface to filter on. Supports interface alias like eth0:0. - To negate the match try this: - - iniface => '! lo', - - EOS - newvalues(/^!?\s?[a-zA-Z0-9\-\._\+\:]+$/) - end - - newproperty(:outiface, :required_features => :interface_match) do - desc <<-EOS - Output interface to filter on. Supports interface alias like eth0:0. - To negate the match try this: - - outiface => '! lo', - - EOS - newvalues(/^!?\s?[a-zA-Z0-9\-\._\+\:]+$/) - end - - # NAT specific properties - newproperty(:tosource, :required_features => :snat) do - desc <<-EOS - When using jump => "SNAT" you can specify the new source address using - this parameter. - EOS - end - - newproperty(:todest, :required_features => :dnat) do - desc <<-EOS - When using jump => "DNAT" you can specify the new destination address - using this paramter. - EOS - end - - newproperty(:toports, :required_features => :dnat) do - desc <<-EOS - For DNAT this is the port that will replace the destination port. - EOS - end - - newproperty(:to, :required_features => :netmap) do - desc <<-EOS - For NETMAP this will replace the destination IP - EOS - end - - newproperty(:random, :required_features => :dnat) do - desc <<-EOS - When using a jump value of "MASQUERADE", "DNAT", "REDIRECT", or "SNAT" - this boolean will enable randomized port mapping. - EOS - - newvalues(:true, :false) - end - - # Reject ICMP type - newproperty(:reject, :required_features => :reject_type) do - desc <<-EOS - When combined with jump => "REJECT" you can specify a different icmp - response to be sent back to the packet sender. - EOS - end - - # Logging properties - newproperty(:log_level, :required_features => :log_level) do - desc <<-EOS - When combined with jump => "LOG" specifies the system log level to log - to. - EOS - - munge do |value| - if value.kind_of?(String) - value = @resource.log_level_name_to_number(value) - else - value - end - - if value == nil && value != "" - self.fail("Unable to determine log level") - end - value - end - end - - newproperty(:log_prefix, :required_features => :log_prefix) do - desc <<-EOS - When combined with jump => "LOG" specifies the log prefix to use when - logging. - EOS - end - - newproperty(:log_uid, :required_features => :log_uid) do - desc <<-EOS - When combined with jump => "LOG" specifies the uid of the process making - the connection. - EOS - - newvalues(:true, :false) - end - - # ICMP matching property - newproperty(:icmp, :required_features => :icmp_match) do - desc <<-EOS - When matching ICMP packets, this is the type of ICMP packet to match. - - A value of "any" is not supported. To achieve this behaviour the - parameter should simply be omitted or undefined. - EOS - - validate do |value| - if value == "any" - raise ArgumentError, - "Value 'any' is not valid. This behaviour should be achieved " \ - "by omitting or undefining the ICMP parameter." - end - end - - munge do |value| - if value.kind_of?(String) - # ICMP codes differ between IPv4 and IPv6. - case @resource[:provider] - when :iptables - protocol = 'inet' - when :ip6tables - protocol = 'inet6' - else - self.fail("cannot work out protocol family") - end - - value = @resource.icmp_name_to_number(value, protocol) - else - value - end - - if value == nil && value != "" - self.fail("cannot work out icmp type") - end - value - end - end - - newproperty(:state, :array_matching => :all, :required_features => - :state_match) do - - desc <<-EOS - Matches a packet based on its state in the firewall stateful inspection - table. Values can be: - - * INVALID - * ESTABLISHED - * NEW - * RELATED - EOS - - newvalues(:INVALID,:ESTABLISHED,:NEW,:RELATED) - - # States should always be sorted. This normalizes the resource states to - # keep it consistent with the sorted result from iptables-save. - def should=(values) - @should = super(values).sort_by {|sym| sym.to_s} - end - - def is_to_s(value) - should_to_s(value) - end - - def should_to_s(value) - value = [value] unless value.is_a?(Array) - value.join(',') - end - end - - newproperty(:ctstate, :array_matching => :all, :required_features => - :state_match) do - - desc <<-EOS - Matches a packet based on its state in the firewall stateful inspection - table, using the conntrack module. Values can be: - - * INVALID - * ESTABLISHED - * NEW - * RELATED - EOS - - newvalues(:INVALID,:ESTABLISHED,:NEW,:RELATED) - - # States should always be sorted. This normalizes the resource states to - # keep it consistent with the sorted result from iptables-save. - def should=(values) - @should = super(values).sort_by {|sym| sym.to_s} - end - - def is_to_s(value) - should_to_s(value) - end - - def should_to_s(value) - value = [value] unless value.is_a?(Array) - value.join(',') - end - end - - - # Connection mark - newproperty(:connmark, :required_features => :mark) do - desc <<-EOS - Match the Netfilter mark value associated with the packet. Accepts either of: - mark/mask or mark. These will be converted to hex if they are not already. - EOS - munge do |value| - int_or_hex = '[a-fA-F0-9x]' - match = value.to_s.match("(#{int_or_hex}+)(/)?(#{int_or_hex}+)?") - mark = @resource.to_hex32(match[1]) - - # Values that can't be converted to hex. - # Or contain a trailing slash with no mask. - if mark.nil? or (mark and match[2] and match[3].nil?) - raise ArgumentError, "MARK value must be integer or hex between 0 and 0xffffffff" - end - - # There should not be a mask on connmark - unless match[3].nil? - raise ArgumentError, "iptables does not support masks on MARK match rules" - end - value = mark - - value - end - end - - # Connection limiting properties - newproperty(:connlimit_above, :required_features => :connection_limiting) do - desc <<-EOS - Connection limiting value for matched connections above n. - EOS - newvalue(/^\d+$/) - end - - newproperty(:connlimit_mask, :required_features => :connection_limiting) do - desc <<-EOS - Connection limiting by subnet mask for matched connections. - IPv4: 0-32 - IPv6: 0-128 - EOS - newvalue(/^\d+$/) - end - - # Hop limiting properties - newproperty(:hop_limit, :required_features => :hop_limiting) do - desc <<-EOS - Hop limiting value for matched packets. - EOS - newvalue(/^\d+$/) - end - - # Rate limiting properties - newproperty(:limit, :required_features => :rate_limiting) do - desc <<-EOS - Rate limiting value for matched packets. The format is: - rate/[/second/|/minute|/hour|/day]. - - Example values are: '50/sec', '40/min', '30/hour', '10/day'." - EOS - end - - newproperty(:burst, :required_features => :rate_limiting) do - desc <<-EOS - Rate limiting burst value (per second) before limit checks apply. - EOS - newvalue(/^\d+$/) - end - - newproperty(:uid, :required_features => :owner) do - desc <<-EOS - UID or Username owner matching rule. Accepts a string argument - only, as iptables does not accept multiple uid in a single - statement. - EOS - def insync?(is) - require 'etc' - - # The following code allow us to take into consideration unix mappings - # between string usernames and UIDs (integers). We also need to ignore - # spaces as they are irrelevant with respect to rule sync. - - # Remove whitespace - is = is.gsub(/\s+/,'') - should = @should.first.to_s.gsub(/\s+/,'') - - # Keep track of negation, but remove the '!' - is_negate = '' - should_negate = '' - if is.start_with?('!') - is = is.gsub(/^!/,'') - is_negate = '!' - end - if should.start_with?('!') - should = should.gsub(/^!/,'') - should_negate = '!' - end - - # If 'should' contains anything other than digits, - # we assume that we have to do a lookup to convert - # to UID - unless should[/[0-9]+/] == should - should = Etc.getpwnam(should).uid - end - - # If 'is' contains anything other than digits, - # we assume that we have to do a lookup to convert - # to UID - unless is[/[0-9]+/] == is - is = Etc.getpwnam(is).uid - end - - return "#{is_negate}#{is}" == "#{should_negate}#{should}" - end - - end - - newproperty(:gid, :required_features => :owner) do - desc <<-EOS - GID or Group owner matching rule. Accepts a string argument - only, as iptables does not accept multiple gid in a single - statement. - EOS - end - - # match mark - newproperty(:match_mark, :required_features => :mark) do - desc <<-EOS - Match the Netfilter mark value associated with the packet. Accepts either of: - mark/mask or mark. These will be converted to hex if they are not already. - EOS - munge do |value| - mark_regex = %r{\A((?:0x)?[0-9A-F]+)(/)?((?:0x)?[0-9A-F]+)?\z}i - match = value.to_s.match(mark_regex) - if match.nil? - raise ArgumentError, "Match MARK value must be integer or hex between 0 and 0xffffffff" - end - mark = @resource.to_hex32(match[1]) - - # Values that can't be converted to hex. - # Or contain a trailing slash with no mask. - if mark.nil? or (mark and match[2] and match[3].nil?) - raise ArgumentError, "Match MARK value must be integer or hex between 0 and 0xffffffff" - end - - # There should not be a mask on match_mark - unless match[3].nil? - raise ArgumentError, "iptables does not support masks on MARK match rules" - end - value = mark - - value - end - end - - newproperty(:set_mark, :required_features => :mark) do - desc <<-EOS - Set the Netfilter mark value associated with the packet. Accepts either of: - mark/mask or mark. These will be converted to hex if they are not already. - EOS - - munge do |value| - int_or_hex = '[a-fA-F0-9x]' - match = value.to_s.match("(#{int_or_hex}+)(/)?(#{int_or_hex}+)?") - mark = @resource.to_hex32(match[1]) - - # Values that can't be converted to hex. - # Or contain a trailing slash with no mask. - if mark.nil? or (mark and match[2] and match[3].nil?) - raise ArgumentError, "MARK value must be integer or hex between 0 and 0xffffffff" - end - - # Old iptables does not support a mask. New iptables will expect one. - iptables_version = Facter.value('iptables_version') - mask_required = (iptables_version and Puppet::Util::Package.versioncmp(iptables_version, '1.4.1') >= 0) - - if mask_required - if match[3].nil? - value = "#{mark}/0xffffffff" - else - mask = @resource.to_hex32(match[3]) - if mask.nil? - raise ArgumentError, "MARK mask must be integer or hex between 0 and 0xffffffff" - end - value = "#{mark}/#{mask}" - end - else - unless match[3].nil? - raise ArgumentError, "iptables version #{iptables_version} does not support masks on MARK rules" - end - value = mark - end - - value - end - end - - newproperty(:clamp_mss_to_pmtu, :required_features => :iptables) do - desc <<-EOS - Sets the clamp mss to pmtu flag. - EOS - - newvalues(:true, :false) - end - - newproperty(:set_dscp, :required_features => :iptables) do - desc <<-EOS - Set DSCP Markings. - EOS - end - - newproperty(:set_dscp_class, :required_features => :iptables) do - desc <<-EOS - This sets the DSCP field according to a predefined DiffServ class. - EOS - # iptables uses the cisco DSCP classes as the basis for this flag. Values may be found here: - # 'http://www.cisco.com/c/en/us/support/docs/quality-of-service-qos/qos-packet-marking/10103-dscpvalues.html' - valid_codes = [ - 'af11','af12','af13','af21','af22','af23','af31','af32','af33','af41', - 'af42','af43','cs1','cs2','cs3','cs4','cs5','cs6','cs7','ef' - ] - munge do |value| - unless valid_codes.include? value.downcase - raise ArgumentError, "#{value} is not a valid DSCP Class" - end - value.downcase - end - end - - newproperty(:set_mss, :required_features => :iptables) do - desc <<-EOS - Sets the TCP MSS value for packets. - EOS - end - - newproperty(:pkttype, :required_features => :pkttype) do - desc <<-EOS - Sets the packet type to match. - EOS - - newvalues(:unicast, :broadcast, :multicast) - end - - newproperty(:isfragment, :required_features => :isfragment) do - desc <<-EOS - Set to true to match tcp fragments (requires type to be set to tcp) - EOS - - newvalues(:true, :false) - end - - newproperty(:recent, :required_features => :recent_limiting) do - desc <<-EOS - Enable the recent module. Takes as an argument one of set, update, - rcheck or remove. For example: - - # If anyone's appeared on the 'badguy' blacklist within - # the last 60 seconds, drop their traffic, and update the timestamp. - firewall { '100 Drop badguy traffic': - recent => 'update', - rseconds => 60, - rsource => true, - rname => 'badguy', - action => 'DROP', - chain => 'FORWARD', - } - # No-one should be sending us traffic on eth0 from localhost - # Blacklist them - firewall { '101 blacklist strange traffic': - recent => 'set', - rsource => true, - rname => 'badguy', - destination => '127.0.0.0/8', - iniface => 'eth0', - action => 'DROP', - chain => 'FORWARD', - } - EOS - - newvalues(:set, :update, :rcheck, :remove) - munge do |value| - value = "--" + value - end - end - - newproperty(:rdest, :required_features => :recent_limiting) do - desc <<-EOS - Recent module; add the destination IP address to the list. - Must be boolean true. - EOS - - newvalues(:true, :false) - end - - newproperty(:rsource, :required_features => :recent_limiting) do - desc <<-EOS - Recent module; add the source IP address to the list. - Must be boolean true. - EOS - - newvalues(:true, :false) - end - - newproperty(:rname, :required_features => :recent_limiting) do - desc <<-EOS - Recent module; The name of the list. Takes a string argument. - EOS - end - - newproperty(:rseconds, :required_features => :recent_limiting) do - desc <<-EOS - Recent module; used in conjunction with one of `recent => 'rcheck'` or - `recent => 'update'`. When used, this will narrow the match to only - happen when the address is in the list and was seen within the last given - number of seconds. - EOS - end - - newproperty(:reap, :required_features => :recent_limiting) do - desc <<-EOS - Recent module; can only be used in conjunction with the `rseconds` - attribute. When used, this will cause entries older than 'seconds' to be - purged. Must be boolean true. - EOS - - newvalues(:true, :false) - end - - newproperty(:rhitcount, :required_features => :recent_limiting) do - desc <<-EOS - Recent module; used in conjunction with `recent => 'update'` or `recent - => 'rcheck'. When used, this will narrow the match to only happen when - the address is in the list and packets had been received greater than or - equal to the given value. - EOS - end - - newproperty(:rttl, :required_features => :recent_limiting) do - desc <<-EOS - Recent module; may only be used in conjunction with one of `recent => - 'rcheck'` or `recent => 'update'`. When used, this will narrow the match - to only happen when the address is in the list and the TTL of the current - packet matches that of the packet which hit the `recent => 'set'` rule. - This may be useful if you have problems with people faking their source - address in order to DoS you via this module by disallowing others access - to your site by sending bogus packets to you. Must be boolean true. - EOS - - newvalues(:true, :false) - end - - newproperty(:socket, :required_features => :socket) do - desc <<-EOS - If true, matches if an open socket can be found by doing a coket lookup - on the packet. - EOS - - newvalues(:true, :false) - end - - newproperty(:ishasmorefrags, :required_features => :ishasmorefrags) do - desc <<-EOS - If true, matches if the packet has it's 'more fragments' bit set. ipv6. - EOS - - newvalues(:true, :false) - end - - newproperty(:islastfrag, :required_features => :islastfrag) do - desc <<-EOS - If true, matches if the packet is the last fragment. ipv6. - EOS - - newvalues(:true, :false) - end - - newproperty(:isfirstfrag, :required_features => :isfirstfrag) do - desc <<-EOS - If true, matches if the packet is the first fragment. - Sadly cannot be negated. ipv6. - EOS - - newvalues(:true, :false) - end - - newproperty(:ipsec_policy, :required_features => :ipsec_policy) do - desc <<-EOS - Sets the ipsec policy type. May take a combination of arguments for any flags that can be passed to `--pol ipsec` such as: `--strict`, `--reqid 100`, `--next`, `--proto esp`, etc. - EOS - - newvalues(:none, :ipsec) - end - - newproperty(:ipsec_dir, :required_features => :ipsec_dir) do - desc <<-EOS - Sets the ipsec policy direction - EOS - - newvalues(:in, :out) - end - - newproperty(:stat_mode) do - desc <<-EOS - Set the matching mode for statistic matching. Supported modes are `random` and `nth`. - EOS - - newvalues(:nth, :random) - end - - newproperty(:stat_every) do - desc <<-EOS - Match one packet every nth packet. Requires `stat_mode => 'nth'` - EOS - - validate do |value| - unless value =~ /^\d+$/ - raise ArgumentError, <<-EOS - stat_every value must be a digit - EOS - end - - unless value.to_i > 0 - raise ArgumentError, <<-EOS - stat_every value must be larger than 0 - EOS - end - end - end - - newproperty(:stat_packet) do - desc <<-EOS - Set the initial counter value for the nth mode. Must be between 0 and the value of `stat_every`. Defaults to 0. Requires `stat_mode => 'nth'` - EOS - - newvalues(/^\d+$/) - end - - newproperty(:stat_probability) do - desc <<-EOS - Set the probability from 0 to 1 for a packet to be randomly matched. It works only with `stat_mode => 'random'`. - EOS - - validate do |value| - unless value =~ /^([01])\.(\d+)$/ - raise ArgumentError, <<-EOS - stat_probability must be between 0.0 and 1.0 - EOS - end - - if $1.to_i == 1 && $2.to_i != 0 - raise ArgumentError, <<-EOS - start_probability must be between 0.0 and 1.0 - EOS - end - end - end - - newproperty(:mask, :required_features => :mask) do - desc <<-EOS - Sets the mask to use when `recent` is enabled. - EOS - end - - newproperty(:gateway, :required_features => :iptables) do - desc <<-EOS - The TEE target will clone a packet and redirect this clone to another - machine on the local network segment. gateway is the target host's IP. - EOS - end - - newproperty(:ipset, :required_features => :ipset) do - desc <<-EOS - Matches against the specified ipset list. - Requires ipset kernel module. - The value is the name of the blacklist, followed by a space, and then - 'src' and/or 'dst' separated by a comma. - For example: 'blacklist src,dst' - EOS - end - - newproperty(:checksum_fill, :required_features => :iptables) do - desc <<-EOS - Compute and fill missing packet checksums. - EOS - - newvalues(:true, :false) - end - - newparam(:line) do - desc <<-EOS - Read-only property for caching the rule line. - EOS - end - - newproperty(:mac_source) do - desc <<-EOS - MAC Source - EOS - newvalues(/^([0-9a-f]{2}[:]){5}([0-9a-f]{2})$/i) - end - - newproperty(:physdev_in, :required_features => :iptables) do - desc <<-EOS - Match if the packet is entering a bridge from the given interface. - EOS - newvalues(/^[a-zA-Z0-9\-\._\+]+$/) - end - - newproperty(:physdev_out, :required_features => :iptables) do - desc <<-EOS - Match if the packet is leaving a bridge via the given interface. - EOS - newvalues(/^[a-zA-Z0-9\-\._\+]+$/) - end - - newproperty(:physdev_is_bridged, :required_features => :iptables) do - desc <<-EOS - Match if the packet is transversing a bridge. - EOS - newvalues(:true, :false) - end - - newproperty(:date_start, :required_features => :iptables) do - desc <<-EOS - Only match during the given time, which must be in ISO 8601 "T" notation. - The possible time range is 1970-01-01T00:00:00 to 2038-01-19T04:17:07 - EOS - end - - newproperty(:date_stop, :required_features => :iptables) do - desc <<-EOS - Only match during the given time, which must be in ISO 8601 "T" notation. - The possible time range is 1970-01-01T00:00:00 to 2038-01-19T04:17:07 - EOS - end - - newproperty(:time_start, :required_features => :iptables) do - desc <<-EOS - Only match during the given daytime. The possible time range is 00:00:00 to 23:59:59. - Leading zeroes are allowed (e.g. "06:03") and correctly interpreted as base-10. - EOS - - munge do |value| - if value =~ /^([0-9]):/ - value = "0#{value}" - end - - if value =~ /^([0-9]|0[0-9]|1[0-9]|2[0-3]):[0-5][0-9]$/ - value = "#{value}:00" - end - - value - end - end - - newproperty(:time_stop, :required_features => :iptables) do - desc <<-EOS - Only match during the given daytime. The possible time range is 00:00:00 to 23:59:59. - Leading zeroes are allowed (e.g. "06:03") and correctly interpreted as base-10. - EOS - - munge do |value| - if value =~ /^([0-9]):/ - value = "0#{value}" - end - - if value =~ /^([0-9]|0[0-9]|1[0-9]|2[0-3]):[0-5][0-9]$/ - value = "#{value}:00" - end - - value - end - end - - newproperty(:month_days, :required_features => :iptables) do - desc <<-EOS - Only match on the given days of the month. Possible values are 1 to 31. - Note that specifying 31 will of course not match on months which do not have a 31st day; - the same goes for 28- or 29-day February. - EOS - - validate do |value| - month = value.to_i - if month >= 1 and month <=31 - value - else - raise ArgumentError, - "month_days must be in the range of 1-31" - end - end - end - - newproperty(:week_days, :required_features => :iptables) do - desc <<-EOS - Only match on the given weekdays. Possible values are Mon, Tue, Wed, Thu, Fri, Sat, Sun. - EOS - - newvalues(:Mon, :Tue, :Wed, :Thu, :Fri, :Sat, :Sun) - end - - newproperty(:time_contiguous, :required_features => :iptables) do - desc <<-EOS - When time_stop is smaller than time_start value, match this as a single time period instead distinct intervals. - EOS - - newvalues(:true, :false) - end - - newproperty(:kernel_timezone, :required_features => :iptables) do - desc <<-EOS - Use the kernel timezone instead of UTC to determine whether a packet meets the time regulations. - EOS - - newvalues(:true, :false) - end - - newproperty(:clusterip_new, :required_features => :clusterip) do - desc <<-EOS - Used with the CLUSTERIP jump target. - Create a new ClusterIP. You always have to set this on the first rule for a given ClusterIP. - EOS - - newvalues(:true, :false) - end - - newproperty(:clusterip_hashmode, :required_features => :clusterip) do - desc <<-EOS - Used with the CLUSTERIP jump target. - Specify the hashing mode. Valid values: sourceip, sourceip-sourceport, sourceip-sourceport-destport. - EOS - - newvalues(:sourceip, :'sourceip-sourceport', :'sourceip-sourceport-destport') - end - - newproperty(:clusterip_clustermac, :required_features => :clusterip) do - desc <<-EOS - Used with the CLUSTERIP jump target. - Specify the ClusterIP MAC address. Has to be a link-layer multicast address. - EOS - - newvalues(/^([0-9a-f]{2}[:]){5}([0-9a-f]{2})$/i) - end - - newproperty(:clusterip_total_nodes, :required_features => :clusterip) do - desc <<-EOS - Used with the CLUSTERIP jump target. - Number of total nodes within this cluster. - EOS - - newvalues(/\d+/) - end - - newproperty(:clusterip_local_node, :required_features => :clusterip) do - desc <<-EOS - Used with the CLUSTERIP jump target. - Specify the random seed used for hash initialization. - EOS - - newvalues(/\d+/) - end - - newproperty(:clusterip_hash_init, :required_features => :clusterip) do - desc <<-EOS - Used with the CLUSTERIP jump target. - Specify the random seed used for hash initialization. - EOS - end - - - autorequire(:firewallchain) do - reqs = [] - protocol = nil - - case value(:provider) - when :iptables - protocol = "IPv4" - when :ip6tables - protocol = "IPv6" - end - - unless protocol.nil? - table = value(:table) - [value(:chain), value(:jump)].each do |chain| - reqs << "#{chain}:#{table}:#{protocol}" unless ( chain.nil? || (['INPUT', 'OUTPUT', 'FORWARD'].include?(chain) && table == :filter) ) - end - end - - reqs - end - - # Classes would be a better abstraction, pending: - # http://projects.puppetlabs.com/issues/19001 - autorequire(:package) do - case value(:provider) - when :iptables, :ip6tables - %w{iptables iptables-persistent iptables-services} - else - [] - end - end - - autorequire(:service) do - case value(:provider) - when :iptables, :ip6tables - %w{firewalld iptables ip6tables iptables-persistent netfilter-persistent} - else - [] - end - end - - validate do - debug("[validate]") - - # TODO: this is put here to skip validation if ensure is not set. This - # is because there is a revalidation stage called later where the values - # are not set correctly. I tried tracing it - but have put in this - # workaround instead to skip. Must get to the bottom of this. - if ! value(:ensure) - return - end - - # First we make sure the chains and tables are valid combinations - if value(:table).to_s == "filter" && - value(:chain) =~ /PREROUTING|POSTROUTING/ - - self.fail "PREROUTING and POSTROUTING cannot be used in table 'filter'" - end - - if value(:table).to_s == "nat" && value(:chain) =~ /INPUT|FORWARD/ - self.fail "INPUT and FORWARD cannot be used in table 'nat'" - end - - if value(:table).to_s == "raw" && - value(:chain) =~ /INPUT|FORWARD|POSTROUTING/ - - self.fail "INPUT, FORWARD and POSTROUTING cannot be used in table raw" - end - - # Now we analyse the individual properties to make sure they apply to - # the correct combinations. - if value(:uid) - unless value(:chain).to_s =~ /OUTPUT|POSTROUTING/ - self.fail "Parameter uid only applies to chains " \ - "OUTPUT,POSTROUTING" - end - end - - if value(:gid) - unless value(:chain).to_s =~ /OUTPUT|POSTROUTING/ - self.fail "Parameter gid only applies to chains " \ - "OUTPUT,POSTROUTING" - end - end - - if value(:set_mark) - unless value(:jump).to_s =~ /MARK/ && - value(:table).to_s =~ /mangle/ - self.fail "Parameter set_mark only applies to " \ - "the mangle table and when jump => MARK" - end - end - - if value(:dport) - unless value(:proto).to_s =~ /tcp|udp|sctp/ - self.fail "[%s] Parameter dport only applies to sctp, tcp and udp " \ - "protocols. Current protocol is [%s] and dport is [%s]" % - [value(:name), should(:proto), should(:dport)] - end - end - - if value(:jump).to_s == "DSCP" - unless value(:set_dscp) || value(:set_dscp_class) - self.fail "When using jump => DSCP, the set_dscp or set_dscp_class property is required" - end - end - - if value(:jump).to_s == "TCPMSS" - unless value(:set_mss) || value(:clamp_mss_to_pmtu) - self.fail "When using jump => TCPMSS, the set_mss or clamp_mss_to_pmtu property is required" - end - end - - if value(:jump).to_s == "TEE" - unless value(:gateway) - self.fail "When using jump => TEE, the gateway property is required" - end - end - - if value(:jump).to_s == "DNAT" - unless value(:table).to_s =~ /nat/ - self.fail "Parameter jump => DNAT only applies to table => nat" - end - - unless value(:todest) - self.fail "Parameter jump => DNAT must have todest parameter" - end - end - - if value(:jump).to_s == "SNAT" - unless value(:table).to_s =~ /nat/ - self.fail "Parameter jump => SNAT only applies to table => nat" - end - - unless value(:tosource) - self.fail "Parameter jump => SNAT must have tosource parameter" - end - end - - if value(:jump).to_s == "MASQUERADE" - unless value(:table).to_s =~ /nat/ - self.fail "Parameter jump => MASQUERADE only applies to table => nat" - end - end - - if value(:log_prefix) || value(:log_level) || value(:log_uid) - unless value(:jump).to_s == "LOG" - self.fail "Parameter log_prefix, log_level and log_uid require jump => LOG" - end - end - - if value(:burst) && ! value(:limit) - self.fail "burst makes no sense without limit" - end - - if value(:action) && value(:jump) - self.fail "Only one of the parameters 'action' and 'jump' can be set" - end - - if value(:connlimit_mask) && ! value(:connlimit_above) - self.fail "Parameter 'connlimit_mask' requires 'connlimit_above'" - end - - if value(:mask) && ! value(:recent) - self.fail "Mask can only be set if recent is enabled." - end - - [:stat_packet, :stat_every, :stat_probability].each do |param| - if value(param) && ! value(:stat_mode) - self.fail "Parameter '#{param.to_s}' requires 'stat_mode' to be set" - end - end - - if value(:stat_packet) && value(:stat_mode) != :nth - self.fail "Parameter 'stat_packet' requires 'stat_mode' to be set to 'nth'" - end - - if value(:stat_every) && value(:stat_mode) != :nth - self.fail "Parameter 'stat_every' requires 'stat_mode' to be set to 'nth'" - end - - if value(:stat_probability) && value(:stat_mode) != :random - self.fail "Parameter 'stat_probability' requires 'stat_mode' to be set to 'random'" - end - - if value(:checksum_fill) - unless value(:jump).to_s == "CHECKSUM" && value(:table).to_s == "mangle" - self.fail "Parameter checksum_fill requires jump => CHECKSUM and table => mangle" - end - end - - end -end diff --git a/firewall/lib/puppet/type/firewallchain.rb b/firewall/lib/puppet/type/firewallchain.rb deleted file mode 100644 index 9bdc20f40..000000000 --- a/firewall/lib/puppet/type/firewallchain.rb +++ /dev/null @@ -1,235 +0,0 @@ -# This is a workaround for bug: #4248 whereby ruby files outside of the normal -# provider/type path do not load until pluginsync has occured on the puppetmaster -# -# In this case I'm trying the relative path first, then falling back to normal -# mechanisms. This should be fixed in future versions of puppet but it looks -# like we'll need to maintain this for some time perhaps. -$LOAD_PATH.unshift(File.join(File.dirname(__FILE__),"..","..")) -require 'puppet/util/firewall' - -Puppet::Type.newtype(:firewallchain) do - include Puppet::Util::Firewall - - @doc = <<-EOS - This type provides the capability to manage rule chains for firewalls. - - Currently this supports only iptables, ip6tables and ebtables on Linux. And - provides support for setting the default policy on chains and tables that - allow it. - - **Autorequires:** - If Puppet is managing the iptables, iptables-persistent, or iptables-services packages, - and the provider is iptables_chain, the firewall resource will autorequire - those packages to ensure that any required binaries are installed. - EOS - - feature :iptables_chain, "The provider provides iptables chain features." - feature :policy, "Default policy (inbuilt chains only)" - - ensurable do - defaultvalues - defaultto :present - end - - newparam(:name) do - desc <<-EOS - The canonical name of the chain. - - For iptables the format must be {chain}:{table}:{protocol}. - EOS - isnamevar - - validate do |value| - if value !~ Nameformat then - raise ArgumentError, "Inbuilt chains must be in the form {chain}:{table}:{protocol} where {table} is one of FILTER, NAT, MANGLE, RAW, RAWPOST, BROUTE, SECURITY or empty (alias for filter), chain can be anything without colons or one of PREROUTING, POSTROUTING, BROUTING, INPUT, FORWARD, OUTPUT for the inbuilt chains, and {protocol} being IPv4, IPv6, ethernet (ethernet bridging) got '#{value}' table:'#{$1}' chain:'#{$2}' protocol:'#{$3}'" - else - chain = $1 - table = $2 - protocol = $3 - case table - when 'filter' - if chain =~ /^(PREROUTING|POSTROUTING|BROUTING)$/ - raise ArgumentError, "INPUT, OUTPUT and FORWARD are the only inbuilt chains that can be used in table 'filter'" - end - when 'mangle' - if chain =~ InternalChains && chain == 'BROUTING' - raise ArgumentError, "PREROUTING, POSTROUTING, INPUT, FORWARD and OUTPUT are the only inbuilt chains that can be used in table 'mangle'" - end - when 'nat' - if chain =~ /^(BROUTING|FORWARD)$/ - raise ArgumentError, "PREROUTING, POSTROUTING, INPUT, and OUTPUT are the only inbuilt chains that can be used in table 'nat'" - end - if protocol =~/^(IP(v6)?)?$/ - raise ArgumentError, "table nat isn't valid in IPv6. You must specify ':IPv4' as the name suffix" - end - when 'raw' - if chain =~ /^(POSTROUTING|BROUTING|INPUT|FORWARD)$/ - raise ArgumentError,'PREROUTING and OUTPUT are the only inbuilt chains in the table \'raw\'' - end - when 'broute' - if protocol != 'ethernet' - raise ArgumentError,'BROUTE is only valid with protocol \'ethernet\'' - end - if chain =~ /^PREROUTING|POSTROUTING|INPUT|FORWARD|OUTPUT$/ - raise ArgumentError,'BROUTING is the only inbuilt chain allowed on on table \'broute\'' - end - when 'security' - if chain =~ /^(PREROUTING|POSTROUTING|BROUTING)$/ - raise ArgumentError, "INPUT, OUTPUT and FORWARD are the only inbuilt chains that can be used in table 'security'" - end - end - if chain == 'BROUTING' && ( protocol != 'ethernet' || table!='broute') - raise ArgumentError,'BROUTING is the only inbuilt chain allowed on on table \'BROUTE\' with protocol \'ethernet\' i.e. \'broute:BROUTING:enternet\'' - end - end - end - end - - newproperty(:policy) do - desc <<-EOS - This is the action to when the end of the chain is reached. - It can only be set on inbuilt chains (INPUT, FORWARD, OUTPUT, - PREROUTING, POSTROUTING) and can be one of: - - * accept - the packet is accepted - * drop - the packet is dropped - * queue - the packet is passed userspace - * return - the packet is returned to calling (jump) queue - or the default of inbuilt chains - EOS - newvalues(:accept, :drop, :queue, :return) - defaultto do - # ethernet chain have an ACCEPT default while other haven't got an - # allowed value - if @resource[:name] =~ /:ethernet$/ - :accept - else - nil - end - end - end - - newparam(:purge, :boolean => true) do - desc <<-EOS - Purge unmanaged firewall rules in this chain - EOS - newvalues(:false, :true) - defaultto :false - end - - newparam(:ignore) do - desc <<-EOS - Regex to perform on firewall rules to exempt unmanaged rules from purging (when enabled). - This is matched against the output of `iptables-save`. - - This can be a single regex, or an array of them. - To support flags, use the ruby inline flag mechanism. - Meaning a regex such as - /foo/i - can be written as - '(?i)foo' or '(?i:foo)' - - Full example: - firewallchain { 'INPUT:filter:IPv4': - purge => true, - ignore => [ - '-j fail2ban-ssh', # ignore the fail2ban jump rule - '--comment "[^"]*(?i:ignore)[^"]*"', # ignore any rules with "ignore" (case insensitive) in the comment in the rule - ], - } - EOS - - validate do |value| - unless value.is_a?(Array) or value.is_a?(String) or value == false - self.devfail "Ignore must be a string or an Array" - end - end - munge do |patterns| # convert into an array of {Regex}es - patterns = [patterns] if patterns.is_a?(String) - patterns.map{|p| Regexp.new(p)} - end - end - - # Classes would be a better abstraction, pending: - # http://projects.puppetlabs.com/issues/19001 - autorequire(:package) do - case value(:provider) - when :iptables_chain - %w{iptables iptables-persistent iptables-services} - else - [] - end - end - - autorequire(:service) do - case value(:provider) - when :iptables, :ip6tables - %w{firewalld iptables ip6tables iptables-persistent netfilter-persistent} - else - [] - end - end - - validate do - debug("[validate]") - - value(:name).match(Nameformat) - chain = $1 - table = $2 - protocol = $3 - - # Check that we're not removing an internal chain - if chain =~ InternalChains && value(:ensure) == :absent - self.fail "Cannot remove in-built chains" - end - - if value(:policy).nil? && protocol == 'ethernet' - self.fail "you must set a non-empty policy on all ethernet table chains" - end - - # Check that we're not setting a policy on a user chain - if chain !~ InternalChains && - !value(:policy).nil? && - protocol != 'ethernet' - - self.fail "policy can only be set on in-built chains (with the exception of ethernet chains) (table:#{table} chain:#{chain} protocol:#{protocol})" - end - - # no DROP policy on nat table - if table == 'nat' && - value(:policy) == :drop - - self.fail 'The "nat" table is not intended for filtering, the use of DROP is therefore inhibited' - end - end - - def generate - return [] unless self.purge? - - value(:name).match(Nameformat) - chain = $1 - table = $2 - protocol = $3 - - provider = case protocol - when 'IPv4' - :iptables - when 'IPv6' - :ip6tables - end - - # gather a list of all rules present on the system - rules_resources = Puppet::Type.type(:firewall).instances - - # Keep only rules in this chain - rules_resources.delete_if { |res| (res[:provider] != provider or res.provider.properties[:table].to_s != table or res.provider.properties[:chain] != chain) } - - # Remove rules which match our ignore filter - rules_resources.delete_if {|res| value(:ignore).find_index{|f| res.provider.properties[:line].match(f)}} if value(:ignore) - - # We mark all remaining rules for deletion, and then let the catalog override us on rules which should be present - rules_resources.each {|res| res[:ensure] = :absent} - - rules_resources - end -end diff --git a/firewall/lib/puppet/util/firewall.rb b/firewall/lib/puppet/util/firewall.rb deleted file mode 100644 index 9e77e1507..000000000 --- a/firewall/lib/puppet/util/firewall.rb +++ /dev/null @@ -1,229 +0,0 @@ -require 'socket' -require 'resolv' -require 'puppet/util/ipcidr' - -# Util module for puppetlabs-firewall -module Puppet::Util::Firewall - # Translate the symbolic names for icmp packet types to integers - def icmp_name_to_number(value_icmp, protocol) - if value_icmp =~ /\d{1,2}$/ - value_icmp - elsif protocol == 'inet' - case value_icmp - when "echo-reply" then "0" - when "destination-unreachable" then "3" - when "source-quench" then "4" - when "redirect" then "6" - when "echo-request" then "8" - when "router-advertisement" then "9" - when "router-solicitation" then "10" - when "time-exceeded" then "11" - when "parameter-problem" then "12" - when "timestamp-request" then "13" - when "timestamp-reply" then "14" - when "address-mask-request" then "17" - when "address-mask-reply" then "18" - else nil - end - elsif protocol == 'inet6' - case value_icmp - when "destination-unreachable" then "1" - when "too-big" then "2" - when "time-exceeded" then "3" - when "parameter-problem" then "4" - when "echo-request" then "128" - when "echo-reply" then "129" - when "router-solicitation" then "133" - when "router-advertisement" then "134" - when "neighbour-solicitation" then "135" - when "neighbour-advertisement" then "136" - when "redirect" then "137" - else nil - end - else - raise ArgumentError, "unsupported protocol family '#{protocol}'" - end - end - - # Convert log_level names to their respective numbers - def log_level_name_to_number(value) - #TODO make this 0-7 only - if value =~ /\d/ - value - else - case value - when "panic" then "0" - when "alert" then "1" - when "crit" then "2" - when "err" then "3" - when "error" then "3" - when "warn" then "4" - when "warning" then "4" - when "not" then "5" - when "notice" then "5" - when "info" then "6" - when "debug" then "7" - else nil - end - end - end - - # This method takes a string and a protocol and attempts to convert - # it to a port number if valid. - # - # If the string already contains a port number or perhaps a range of ports - # in the format 22:1000 for example, it simply returns the string and does - # nothing. - def string_to_port(value, proto) - proto = proto.to_s - unless proto =~ /^(tcp|udp)$/ - proto = 'tcp' - end - - m = value.to_s.match(/^(!\s+)?(\S+)/) - if m[2].match(/^\d+(-\d+)?$/) - return "#{m[1]}#{m[2]}" - else - return "#{m[1]}#{Socket.getservbyname(m[2], proto).to_s}" - end - end - - # Takes an address and returns it in CIDR notation. - # - # If the address is: - # - # - A hostname: - # It will be resolved - # - An IPv4 address: - # It will be qualified with a /32 CIDR notation - # - An IPv6 address: - # It will be qualified with a /128 CIDR notation - # - An IP address with a CIDR notation: - # It will be normalised - # - An IP address with a dotted-quad netmask: - # It will be converted to CIDR notation - # - Any address with a resulting prefix length of zero: - # It will return nil which is equivilent to not specifying an address - # - def host_to_ip(value) - begin - value = Puppet::Util::IPCidr.new(value) - rescue - value = Puppet::Util::IPCidr.new(Resolv.getaddress(value)) - end - - return nil if value.prefixlen == 0 - value.cidr - end - - # Takes an address mask and converts the host portion to CIDR notation. - # - # This takes into account you can negate a mask but follows all rules - # defined in host_to_ip for the host/address part. - # - def host_to_mask(value) - match = value.match /(!)\s?(.*)$/ - return host_to_ip(value) unless match - - cidr = host_to_ip(match[2]) - return nil if cidr == nil - "#{match[1]} #{cidr}" - end - - # Validates the argument is int or hex, and returns valid hex - # conversion of the value or nil otherwise. - def to_hex32(value) - begin - value = Integer(value) - if value.between?(0, 0xffffffff) - return '0x' + value.to_s(16) - end - rescue ArgumentError - # pass - end - return nil - end - - def persist_iptables(proto) - debug("[persist_iptables]") - - # Basic normalisation for older Facter - os_key = Facter.value(:osfamily) - os_key ||= case Facter.value(:operatingsystem) - when 'RedHat', 'CentOS', 'Fedora', 'Scientific', 'SL', 'SLC', 'Ascendos', 'CloudLinux', 'PSBM', 'OracleLinux', 'OVS', 'OEL', 'Amazon', 'XenServer' - 'RedHat' - when 'Debian', 'Ubuntu' - 'Debian' - else - Facter.value(:operatingsystem) - end - - # Older iptables-persistent doesn't provide save action. - if os_key == 'Debian' - persist_ver = Facter.value(:iptables_persistent_version) - if (persist_ver and Puppet::Util::Package.versioncmp(persist_ver, '0.5.0') < 0) - os_key = 'Debian_manual' - end - end - - # Fedora 15 and newer use systemd to persist iptable rules - if os_key == 'RedHat' && Facter.value(:operatingsystem) == 'Fedora' && Facter.value(:operatingsystemrelease).to_i >= 15 - os_key = 'Fedora' - end - - # RHEL 7 and newer also use systemd to persist iptable rules - if os_key == 'RedHat' && ['RedHat','CentOS','Scientific','SL','SLC','Ascendos','CloudLinux','PSBM','OracleLinux','OVS','OEL','XenServer'].include?(Facter.value(:operatingsystem)) && Facter.value(:operatingsystemrelease).to_i >= 7 - os_key = 'Fedora' - end - - cmd = case os_key.to_sym - when :RedHat - case proto.to_sym - when :IPv4 - %w{/sbin/service iptables save} - when :IPv6 - %w{/sbin/service ip6tables save} - end - when :Fedora - case proto.to_sym - when :IPv4 - %w{/usr/libexec/iptables/iptables.init save} - when :IPv6 - %w{/usr/libexec/iptables/ip6tables.init save} - end - when :Debian - case proto.to_sym - when :IPv4, :IPv6 - if (persist_ver and Puppet::Util::Package.versioncmp(persist_ver, '1.0') > 0) - %w{/usr/sbin/service netfilter-persistent save} - else - %w{/usr/sbin/service iptables-persistent save} - end - end - when :Debian_manual - case proto.to_sym - when :IPv4 - ["/bin/sh", "-c", "/sbin/iptables-save > /etc/iptables/rules"] - end - when :Archlinux - case proto.to_sym - when :IPv4 - ["/bin/sh", "-c", "/usr/sbin/iptables-save > /etc/iptables/iptables.rules"] - when :IPv6 - ["/bin/sh", "-c", "/usr/sbin/ip6tables-save > /etc/iptables/ip6tables.rules"] - end - end - - # Catch unsupported OSs from the case statement above. - if cmd.nil? - debug('firewall: Rule persistence is not supported for this type/OS') - return - end - - begin - execute(cmd) - rescue Puppet::ExecutionFailure => detail - warning("Unable to persist firewall rules: #{detail}") - end - end -end diff --git a/firewall/lib/puppet/util/ipcidr.rb b/firewall/lib/puppet/util/ipcidr.rb deleted file mode 100644 index 87e8d5e37..000000000 --- a/firewall/lib/puppet/util/ipcidr.rb +++ /dev/null @@ -1,42 +0,0 @@ -require 'ipaddr' - -# IPCidr object wrapper for IPAddr -module Puppet - module Util - class IPCidr < IPAddr - def initialize(ipaddr) - begin - super(ipaddr) - rescue ArgumentError => e - if e.message =~ /invalid address/ - raise ArgumentError, "Invalid address from IPAddr.new: #{ipaddr}" - else - raise e - end - end - end - - def netmask - _to_string(@mask_addr) - end - - def prefixlen - m = case @family - when Socket::AF_INET - IN4MASK - when Socket::AF_INET6 - IN6MASK - else - raise "unsupported address family" - end - return $1.length if /\A(1*)(0*)\z/ =~ (@mask_addr & m).to_s(2) - raise "bad addr_mask format" - end - - def cidr - cidr = sprintf("%s/%s", self.to_s, self.prefixlen) - cidr - end - end - end -end diff --git a/firewall/manifests/init.pp b/firewall/manifests/init.pp deleted file mode 100644 index 97ed27312..000000000 --- a/firewall/manifests/init.pp +++ /dev/null @@ -1,40 +0,0 @@ -# = Class: firewall -# -# Manages packages and services required by the firewall type/provider. -# -# This class includes the appropriate sub-class for your operating system, -# where supported. -# -# == Parameters: -# -# [*ensure*] -# Ensure parameter passed onto Service[] resources. -# Default: running -# -class firewall ( - $ensure = running, - $service_name = $::firewall::params::service_name, - $package_name = $::firewall::params::package_name, -) inherits ::firewall::params { - case $ensure { - /^(running|stopped)$/: { - # Do nothing. - } - default: { - fail("${title}: Ensure value '${ensure}' is not supported") - } - } - - case $::kernel { - 'Linux': { - class { "${title}::linux": - ensure => $ensure, - service_name => $service_name, - package_name => $package_name, - } - } - default: { - fail("${title}: Kernel '${::kernel}' is not currently supported") - } - } -} diff --git a/firewall/manifests/linux.pp b/firewall/manifests/linux.pp deleted file mode 100644 index e3f5129b6..000000000 --- a/firewall/manifests/linux.pp +++ /dev/null @@ -1,68 +0,0 @@ -# = Class: firewall::linux -# -# Installs the `iptables` package for Linux operating systems and includes -# the appropriate sub-class for any distribution specific services and -# additional packages. -# -# == Parameters: -# -# [*ensure*] -# Ensure parameter passed onto Service[] resources. When `running` the -# service will be started on boot, and when `stopped` it will not. -# Default: running -# -class firewall::linux ( - $ensure = running, - $service_name = $::firewall::params::service_name, - $package_name = $::firewall::params::package_name, -) inherits ::firewall::params { - $enable = $ensure ? { - running => true, - stopped => false, - } - - package { 'iptables': - ensure => present, - } - - case $::operatingsystem { - 'RedHat', 'CentOS', 'Fedora', 'Scientific', 'SL', 'SLC', 'Ascendos', - 'CloudLinux', 'PSBM', 'OracleLinux', 'OVS', 'OEL', 'Amazon', 'XenServer': { - class { "${title}::redhat": - ensure => $ensure, - enable => $enable, - package_name => $package_name, - service_name => $service_name, - require => Package['iptables'], - } - } - 'Debian', 'Ubuntu': { - class { "${title}::debian": - ensure => $ensure, - enable => $enable, - package_name => $package_name, - service_name => $service_name, - require => Package['iptables'], - } - } - 'Archlinux': { - class { "${title}::archlinux": - ensure => $ensure, - enable => $enable, - package_name => $package_name, - service_name => $service_name, - require => Package['iptables'], - } - } - 'Gentoo': { - class { "${title}::gentoo": - ensure => $ensure, - enable => $enable, - package_name => $package_name, - service_name => $service_name, - require => Package['iptables'], - } - } - default: {} - } -} diff --git a/firewall/manifests/linux/archlinux.pp b/firewall/manifests/linux/archlinux.pp deleted file mode 100644 index cfe1a691a..000000000 --- a/firewall/manifests/linux/archlinux.pp +++ /dev/null @@ -1,43 +0,0 @@ -# = Class: firewall::linux::archlinux -# -# Manages `iptables` and `ip6tables` services, and creates files used for -# persistence, on Arch Linux systems. -# -# == Parameters: -# -# [*ensure*] -# Ensure parameter passed onto Service[] resources. -# Default: running -# -# [*enable*] -# Enable parameter passed onto Service[] resources. -# Default: true -# -class firewall::linux::archlinux ( - $ensure = 'running', - $enable = true, - $service_name = $::firewall::params::service_name, - $package_name = $::firewall::params::package_name, -) inherits ::firewall::params { - if $package_name { - package { $package_name: - ensure => $ensure, - } - } - - service { $service_name: - ensure => $ensure, - enable => $enable, - hasstatus => true, - } - - file { '/etc/iptables/iptables.rules': - ensure => present, - before => Service[$service_name], - } - - file { '/etc/iptables/ip6tables.rules': - ensure => present, - before => Service[$service_name], - } -} diff --git a/firewall/manifests/linux/debian.pp b/firewall/manifests/linux/debian.pp deleted file mode 100644 index a24d3ab16..000000000 --- a/firewall/manifests/linux/debian.pp +++ /dev/null @@ -1,55 +0,0 @@ -# = Class: firewall::linux::debian -# -# Installs the `iptables-persistent` package for Debian-alike systems. This -# allows rules to be stored to file and restored on boot. -# -# == Parameters: -# -# [*ensure*] -# Ensure parameter passed onto Service[] resources. -# Default: running -# -# [*enable*] -# Enable parameter passed onto Service[] resources. -# Default: true -# -class firewall::linux::debian ( - $ensure = running, - $enable = true, - $service_name = $::firewall::params::service_name, - $package_name = $::firewall::params::package_name, -) inherits ::firewall::params { - - if $package_name { - #Fixes hang while installing iptables-persistent on debian 8 - exec {'iptables-persistent-debconf': - command => "/bin/echo \"${package_name} ${package_name}/autosave_v4 boolean false\" | /usr/bin/debconf-set-selections && /bin/echo \"${package_name} ${package_name}/autosave_v6 boolean false\" | /usr/bin/debconf-set-selections", - refreshonly => true - } - package { $package_name: - ensure => present, - require => Exec['iptables-persistent-debconf'] - } - } - - if($::operatingsystemrelease =~ /^6\./ and $enable == true and $::iptables_persistent_version - and versioncmp($::iptables_persistent_version, '0.5.0') < 0) { - # This fixes a bug in the iptables-persistent LSB headers in 6.x, without it - # we lose idempotency - exec { 'iptables-persistent-enable': - logoutput => on_failure, - command => '/usr/sbin/update-rc.d iptables-persistent enable', - unless => '/usr/bin/test -f /etc/rcS.d/S*iptables-persistent', - require => Package[$package_name], - } - } else { - # This isn't a real service/daemon. The start action loads rules, so just - # needs to be called on system boot. - service { $service_name: - ensure => undef, - enable => $enable, - hasstatus => true, - require => Package[$package_name], - } - } -} diff --git a/firewall/manifests/linux/gentoo.pp b/firewall/manifests/linux/gentoo.pp deleted file mode 100644 index 29a57cbf8..000000000 --- a/firewall/manifests/linux/gentoo.pp +++ /dev/null @@ -1,43 +0,0 @@ -# = Class: firewall::linux::gentoo -# -# Manages `iptables` and `ip6tables` services, and creates files used for -# persistence, on Gentoo Linux systems. -# -# == Parameters: -# -# [*ensure*] -# Ensure parameter passed onto Service[] resources. -# Default: running -# -# [*enable*] -# Enable parameter passed onto Service[] resources. -# Default: true -# -class firewall::linux::gentoo ( - $ensure = 'running', - $enable = true, - $service_name = $::firewall::params::service_name, - $package_name = $::firewall::params::package_name, -) inherits ::firewall::params { - if $package_name { - package { $package_name: - ensure => present, - } - } - - service { $service_name: - ensure => $ensure, - enable => $enable, - hasstatus => true, - } - - file { '/var/lib/iptables/rules-save': - ensure => present, - before => Service[$service_name], - } - - file { '/var/lib/iptables/rules-save6': - ensure => present, - before => Service[$service_name], - } -} diff --git a/firewall/manifests/linux/redhat.pp b/firewall/manifests/linux/redhat.pp deleted file mode 100644 index 3144ae7a9..000000000 --- a/firewall/manifests/linux/redhat.pp +++ /dev/null @@ -1,81 +0,0 @@ -# = Class: firewall::linux::redhat -# -# Manages the `iptables` service on RedHat-alike systems. -# -# == Parameters: -# -# [*ensure*] -# Ensure parameter passed onto Service[] resources. -# Default: running -# -# [*enable*] -# Enable parameter passed onto Service[] resources. -# Default: true -# -class firewall::linux::redhat ( - $ensure = running, - $enable = true, - $service_name = $::firewall::params::service_name, - $package_name = $::firewall::params::package_name, -) inherits ::firewall::params { - - # RHEL 7 and later and Fedora 15 and later require the iptables-services - # package, which provides the /usr/libexec/iptables/iptables.init used by - # lib/puppet/util/firewall.rb. - if ($::operatingsystem != 'Amazon') - and (($::operatingsystem != 'Fedora' and versioncmp($::operatingsystemrelease, '7.0') >= 0) - or ($::operatingsystem == 'Fedora' and versioncmp($::operatingsystemrelease, '15') >= 0)) { - service { 'firewalld': - ensure => stopped, - enable => false, - before => Package[$package_name], - } - } - - if $package_name { - package { $package_name: - ensure => present, - before => Service[$service_name], - } - } - - if ($::operatingsystem != 'Amazon') - and (($::operatingsystem != 'Fedora' and versioncmp($::operatingsystemrelease, '7.0') >= 0) - or ($::operatingsystem == 'Fedora' and versioncmp($::operatingsystemrelease, '15') >= 0)) { - if $ensure == 'running' { - exec { '/usr/bin/systemctl daemon-reload': - require => Package[$package_name], - before => Service[$service_name], - unless => '/usr/bin/systemctl is-active iptables' - } - } - } - - service { $service_name: - ensure => $ensure, - enable => $enable, - hasstatus => true, - require => File['/etc/sysconfig/iptables'], - } - - # Redhat 7 selinux user context for /etc/sysconfig/iptables is set to unconfined_u - case $::selinux { - #lint:ignore:quoted_booleans - 'true',true: { - case $::operatingsystemrelease { - /^(6|7)\..*/: { $seluser = 'unconfined_u' } - default: { $seluser = 'system_u' } - } - } - #lint:endignore - default: { $seluser = undef } - } - - file { '/etc/sysconfig/iptables': - ensure => present, - owner => 'root', - group => 'root', - mode => '0600', - seluser => $seluser, - } -} diff --git a/firewall/manifests/params.pp b/firewall/manifests/params.pp deleted file mode 100644 index 1e926e7a4..000000000 --- a/firewall/manifests/params.pp +++ /dev/null @@ -1,72 +0,0 @@ -class firewall::params { - case $::osfamily { - 'RedHat': { - case $::operatingsystem { - 'Amazon': { - $service_name = 'iptables' - $package_name = undef - } - 'Fedora': { - if versioncmp($::operatingsystemrelease, '15') >= 0 { - $package_name = 'iptables-services' - } else { - $package_name = undef - } - $service_name = 'iptables' - } - default: { - if versioncmp($::operatingsystemrelease, '7.0') >= 0 { - $package_name = 'iptables-services' - } else { - $package_name = 'iptables-ipv6' - } - $service_name = 'iptables' - } - } - } - 'Debian': { - case $::operatingsystem { - 'Debian': { - if versioncmp($::operatingsystemrelease, '8.0') >= 0 { - $service_name = 'netfilter-persistent' - $package_name = 'iptables-persistent' - } else { - $service_name = 'iptables-persistent' - $package_name = 'iptables-persistent' - } - - } - 'Ubuntu': { - if versioncmp($::operatingsystemrelease, '14.10') >= 0 { - $service_name = 'netfilter-persistent' - $package_name = 'iptables-persistent' - } else { - $service_name = 'iptables-persistent' - $package_name = 'iptables-persistent' - } - - } - default: { - $service_name = 'iptables-persistent' - $package_name = 'iptables-persistent' - } - } - } - 'Gentoo': { - $service_name = ['iptables','ip6tables'] - $package_name = 'net-firewall/iptables' - } - default: { - case $::operatingsystem { - 'Archlinux': { - $service_name = ['iptables','ip6tables'] - $package_name = undef - } - default: { - $service_name = 'iptables' - $package_name = undef - } - } - } - } -} diff --git a/firewall/metadata.json b/firewall/metadata.json deleted file mode 100644 index af0e78f50..000000000 --- a/firewall/metadata.json +++ /dev/null @@ -1,85 +0,0 @@ -{ - "name": "puppetlabs-firewall", - "version": "1.7.2", - "author": "Puppet Labs", - "summary": "Manages Firewalls such as iptables", - "license": "Apache-2.0", - "source": "https://github.com/puppetlabs/puppetlabs-firewall", - "project_page": "http://github.com/puppetlabs/puppetlabs-firewall", - "issues_url": "https://tickets.puppetlabs.com/browse/MODULES", - "operatingsystem_support": [ - { - "operatingsystem": "RedHat", - "operatingsystemrelease": [ - "5", - "6", - "7" - ] - }, - { - "operatingsystem": "CentOS", - "operatingsystemrelease": [ - "5", - "6", - "7" - ] - }, - { - "operatingsystem": "OracleLinux", - "operatingsystemrelease": [ - "6", - "7" - ] - }, - { - "operatingsystem": "Scientific", - "operatingsystemrelease": [ - "5", - "6", - "7" - ] - }, - { - "operatingsystem": "SLES", - "operatingsystemrelease": [ - "11 SP1", - "12" - ] - }, - { - "operatingsystem": "Debian", - "operatingsystemrelease": [ - "6", - "7", - "8" - ] - }, - { - "operatingsystem": "Ubuntu", - "operatingsystemrelease": [ - "10.04", - "12.04", - "14.04" - ] - }, - { - "operatingsystem": "Gentoo", - "operatingsystemrelease": [ - "1.0" - ] - } - ], - "requirements": [ - { - "name": "pe", - "version_requirement": ">= 3.0.0 < 2015.4.0" - }, - { - "name": "puppet", - "version_requirement": ">= 3.0.0 < 5.0.0" - } - ], - "dependencies": [ - - ] -} diff --git a/firewall/spec/acceptance/change_source_spec.rb b/firewall/spec/acceptance/change_source_spec.rb deleted file mode 100644 index f59110870..000000000 --- a/firewall/spec/acceptance/change_source_spec.rb +++ /dev/null @@ -1,77 +0,0 @@ -require 'spec_helper_acceptance' - -describe 'firewall type', :unless => UNSUPPORTED_PLATFORMS.include?(fact('osfamily')) do - describe 'reset' do - it 'deletes all rules' do - shell('iptables --flush; iptables -t nat --flush; iptables -t mangle --flush') - end - end - - describe 'when unmanaged rules exist' do - it 'applies with 8.0.0.1 first' do - pp = <<-EOS - class { '::firewall': } - firewall { '101 test source changes': - proto => tcp, - port => '101', - action => accept, - source => '8.0.0.1', - } - firewall { '100 test source static': - proto => tcp, - port => '100', - action => accept, - source => '8.0.0.2', - } - EOS - - apply_manifest(pp, :catch_failures => true) - end - - it 'adds a unmanaged rule without a comment' do - shell('iptables -A INPUT -t filter -s 8.0.0.3/32 -p tcp -m multiport --ports 102 -j ACCEPT') - expect(shell('iptables-save').stdout).to match(/-A INPUT -s 8\.0\.0\.3(\/32)? -p tcp -m multiport --ports 102 -j ACCEPT/) - end - - it 'contains the changable 8.0.0.1 rule' do - shell('iptables-save') do |r| - expect(r.stdout).to match(/-A INPUT -s 8\.0\.0\.1(\/32)? -p tcp -m multiport --ports 101 -m comment --comment "101 test source changes" -j ACCEPT/) - end - end - it 'contains the static 8.0.0.2 rule' do - shell('iptables-save') do |r| - expect(r.stdout).to match(/-A INPUT -s 8\.0\.0\.2(\/32)? -p tcp -m multiport --ports 100 -m comment --comment "100 test source static" -j ACCEPT/) - end - end - - it 'changes to 8.0.0.4 second' do - pp = <<-EOS - class { '::firewall': } - firewall { '101 test source changes': - proto => tcp, - port => '101', - action => accept, - source => '8.0.0.4', - } - EOS - - expect(apply_manifest(pp, :catch_failures => true).stdout).to match(/Notice: \/Stage\[main\]\/Main\/Firewall\[101 test source changes\]\/source: source changed '8\.0\.0\.1\/32' to '8\.0\.0\.4\/32'/) - end - - it 'does not contain the old changing 8.0.0.1 rule' do - shell('iptables-save') do |r| - expect(r.stdout).to_not match(/8\.0\.0\.1/) - end - end - it 'contains the staic 8.0.0.2 rule' do - shell('iptables-save') do |r| - expect(r.stdout).to match(/-A INPUT -s 8\.0\.0\.2(\/32)? -p tcp -m multiport --ports 100 -m comment --comment "100 test source static" -j ACCEPT/) - end - end - it 'contains the changing new 8.0.0.4 rule' do - shell('iptables-save') do |r| - expect(r.stdout).to match(/-A INPUT -s 8\.0\.0\.4(\/32)? -p tcp -m multiport --ports 101 -m comment --comment "101 test source changes" -j ACCEPT/) - end - end - end -end diff --git a/firewall/spec/acceptance/class_spec.rb b/firewall/spec/acceptance/class_spec.rb deleted file mode 100644 index 0c74f9779..000000000 --- a/firewall/spec/acceptance/class_spec.rb +++ /dev/null @@ -1,33 +0,0 @@ -require 'spec_helper_acceptance' - -describe "firewall class:", :unless => UNSUPPORTED_PLATFORMS.include?(fact('osfamily')) do - it 'should run successfully' do - pp = "class { 'firewall': }" - - # Run it twice and test for idempotency - apply_manifest(pp, :catch_failures => true) - if do_catch_changes - expect(apply_manifest(pp, :catch_failures => true).exit_code).to be_zero - end - end - - it 'ensure => stopped:' do - pp = "class { 'firewall': ensure => stopped }" - - # Run it twice and test for idempotency - apply_manifest(pp, :catch_failures => true) - if do_catch_changes - expect(apply_manifest(pp, :catch_failures => true).exit_code).to be_zero - end - end - - it 'ensure => running:' do - pp = "class { 'firewall': ensure => running }" - - # Run it twice and test for idempotency - apply_manifest(pp, :catch_failures => true) - if do_catch_changes - expect(apply_manifest(pp, :catch_failures => true).exit_code).to be_zero - end - end -end diff --git a/firewall/spec/acceptance/connlimit_spec.rb b/firewall/spec/acceptance/connlimit_spec.rb deleted file mode 100644 index 8fff32931..000000000 --- a/firewall/spec/acceptance/connlimit_spec.rb +++ /dev/null @@ -1,66 +0,0 @@ -require 'spec_helper_acceptance' - -describe 'firewall type', :unless => UNSUPPORTED_PLATFORMS.include?(fact('osfamily')) do - - describe 'reset' do - it 'deletes all iptables rules' do - shell('iptables --flush; iptables -t nat --flush; iptables -t mangle --flush') - end - it 'deletes all ip6tables rules' do - shell('ip6tables --flush; ip6tables -t nat --flush; ip6tables -t mangle --flush') - end - end - - if default['platform'] !~ /sles-10/ - describe 'connlimit_above' do - context '10' do - it 'applies' do - pp = <<-EOS - class { '::firewall': } - firewall { '500 - test': - proto => tcp, - dport => '2222', - connlimit_above => '10', - action => reject, - } - EOS - - apply_manifest(pp, :catch_failures => true) - end - - it 'should contain the rule' do - shell('iptables-save') do |r| - #connlimit-saddr is added in Ubuntu 14.04. - expect(r.stdout).to match(/-A INPUT -p tcp -m multiport --dports 2222 -m comment --comment "500 - test" -m connlimit --connlimit-above 10 --connlimit-mask 32 (--connlimit-saddr )?-j REJECT --reject-with icmp-port-unreachable/) - end - end - end - end - - describe 'connlimit_mask' do - context '24' do - it 'applies' do - pp = <<-EOS - class { '::firewall': } - firewall { '501 - test': - proto => tcp, - dport => '2222', - connlimit_above => '10', - connlimit_mask => '24', - action => reject, - } - EOS - - apply_manifest(pp, :catch_failures => true) - end - - it 'should contain the rule' do - shell('iptables-save') do |r| - #connlimit-saddr is added in Ubuntu 14.04. - expect(r.stdout).to match(/-A INPUT -p tcp -m multiport --dports 2222 -m comment --comment "501 - test" -m connlimit --connlimit-above 10 --connlimit-mask 24 (--connlimit-saddr )?-j REJECT --reject-with icmp-port-unreachable/) - end - end - end - end - end -end diff --git a/firewall/spec/acceptance/connmark_spec.rb b/firewall/spec/acceptance/connmark_spec.rb deleted file mode 100644 index b3409ab2d..000000000 --- a/firewall/spec/acceptance/connmark_spec.rb +++ /dev/null @@ -1,27 +0,0 @@ -require 'spec_helper_acceptance' - -describe 'firewall type', :unless => UNSUPPORTED_PLATFORMS.include?(fact('osfamily')) do - - describe 'connmark' do - context '50' do - it 'applies' do - pp = <<-EOS - class { '::firewall': } - firewall { '502 - test': - proto => 'all', - connmark => '0x1', - action => reject, - } - EOS - - apply_manifest(pp, :catch_failures => true) - end - - it 'should contain the rule' do - shell('iptables-save') do |r| - expect(r.stdout).to match(/-A INPUT -m comment --comment "502 - test" -m connmark --mark 0x1 -j REJECT --reject-with icmp-port-unreachable/) - end - end - end - end -end diff --git a/firewall/spec/acceptance/firewall_bridging_spec.rb b/firewall/spec/acceptance/firewall_bridging_spec.rb deleted file mode 100644 index 487f1512e..000000000 --- a/firewall/spec/acceptance/firewall_bridging_spec.rb +++ /dev/null @@ -1,375 +0,0 @@ - require 'spec_helper_acceptance' - -describe 'firewall type', :unless => UNSUPPORTED_PLATFORMS.include?(fact('osfamily')) do - - describe 'reset' do - it 'deletes all iptables rules' do - shell('iptables --flush; iptables -t nat --flush; iptables -t mangle --flush') - end - it 'deletes all ip6tables rules' do - shell('ip6tables --flush; ip6tables -t nat --flush; ip6tables -t mangle --flush') - end - end - - describe 'iptables physdev tests' do - context 'physdev_in eth0' do - it 'applies' do - pp = <<-EOS - class { '::firewall': } - firewall { '701 - test': - chain => 'FORWARD', - proto => tcp, - port => '701', - action => accept, - physdev_in => 'eth0', - } - EOS - - apply_manifest(pp, :catch_failures => true) - apply_manifest(pp, :catch_changes => do_catch_changes) - end - - it 'should contain the rule' do - shell('iptables-save') do |r| - expect(r.stdout).to match(/-A FORWARD -p tcp -m physdev\s+--physdev-in eth0 -m multiport --ports 701 -m comment --comment "701 - test" -j ACCEPT/) - end - end - end - - context 'physdev_out eth1' do - it 'applies' do - pp = <<-EOS - class { '::firewall': } - firewall { '702 - test': - chain => 'FORWARD', - proto => tcp, - port => '702', - action => accept, - physdev_out => 'eth1', - } - EOS - - apply_manifest(pp, :catch_failures => true) - apply_manifest(pp, :catch_changes => do_catch_changes) - end - - it 'should contain the rule' do - shell('iptables-save') do |r| - expect(r.stdout).to match(/-A FORWARD -p tcp -m physdev\s+--physdev-out eth1 -m multiport --ports 702 -m comment --comment "702 - test" -j ACCEPT/) - end - end - end - - context 'physdev_in eth0 and physdev_out eth1' do - it 'applies' do - pp = <<-EOS - class { '::firewall': } - firewall { '703 - test': - chain => 'FORWARD', - proto => tcp, - port => '703', - action => accept, - physdev_in => 'eth0', - physdev_out => 'eth1', - } - EOS - - apply_manifest(pp, :catch_failures => true) - apply_manifest(pp, :catch_changes => do_catch_changes) - end - - it 'should contain the rule' do - shell('iptables-save') do |r| - expect(r.stdout).to match(/-A FORWARD -p tcp -m physdev\s+--physdev-in eth0 --physdev-out eth1 -m multiport --ports 703 -m comment --comment "703 - test" -j ACCEPT/) - end - end - end - - context 'physdev_is_bridged' do - it 'applies' do - pp = <<-EOS - class { '::firewall': } - firewall { '704 - test': - chain => 'FORWARD', - proto => tcp, - port => '704', - action => accept, - physdev_is_bridged => true, - } - EOS - - apply_manifest(pp, :catch_failures => true) - apply_manifest(pp, :catch_changes => do_catch_changes) - end - - it 'should contain the rule' do - shell('iptables-save') do |r| - expect(r.stdout).to match(/-A FORWARD -p tcp -m physdev\s+--physdev-is-bridged -m multiport --ports 704 -m comment --comment "704 - test" -j ACCEPT/) - end - end - end - - context 'physdev_in eth0 and physdev_is_bridged' do - it 'applies' do - pp = <<-EOS - class { '::firewall': } - firewall { '705 - test': - chain => 'FORWARD', - proto => tcp, - port => '705', - action => accept, - physdev_in => 'eth0', - physdev_is_bridged => true, - } - EOS - - apply_manifest(pp, :catch_failures => true) - apply_manifest(pp, :catch_changes => do_catch_changes) - end - - it 'should contain the rule' do - shell('iptables-save') do |r| - expect(r.stdout).to match(/-A FORWARD -p tcp -m physdev\s+--physdev-in eth0 --physdev-is-bridged -m multiport --ports 705 -m comment --comment "705 - test" -j ACCEPT/) - end - end - end - - context 'physdev_out eth1 and physdev_is_bridged' do - it 'applies' do - pp = <<-EOS - class { '::firewall': } - firewall { '706 - test': - chain => 'FORWARD', - proto => tcp, - port => '706', - action => accept, - physdev_out => 'eth1', - physdev_is_bridged => true, - } - EOS - - apply_manifest(pp, :catch_failures => true) - apply_manifest(pp, :catch_changes => do_catch_changes) - end - - it 'should contain the rule' do - shell('iptables-save') do |r| - expect(r.stdout).to match(/-A FORWARD -p tcp -m physdev\s+--physdev-out eth1 --physdev-is-bridged -m multiport --ports 706 -m comment --comment "706 - test" -j ACCEPT/) - end - end - end - - context 'physdev_in eth0 and physdev_out eth1 and physdev_is_bridged' do - it 'applies' do - pp = <<-EOS - class { '::firewall': } - firewall { '707 - test': - chain => 'FORWARD', - proto => tcp, - port => '707', - action => accept, - physdev_in => 'eth0', - physdev_out => 'eth1', - physdev_is_bridged => true, - } - EOS - - apply_manifest(pp, :catch_failures => true) - apply_manifest(pp, :catch_changes => do_catch_changes) - end - - it 'should contain the rule' do - shell('iptables-save') do |r| - expect(r.stdout).to match(/-A FORWARD -p tcp -m physdev\s+--physdev-in eth0 --physdev-out eth1 --physdev-is-bridged -m multiport --ports 707 -m comment --comment "707 - test" -j ACCEPT/) - end - end - end - - end - - #iptables version 1.3.5 is not suppored by the ip6tables provider - if default['platform'] !~ /el-5/ and default['platform'] !~ /sles-10/ - describe 'ip6tables physdev tests' do - context 'physdev_in eth0' do - it 'applies' do - pp = <<-EOS - class { '::firewall': } - firewall { '701 - test': - provider => 'ip6tables', - chain => 'FORWARD', - proto => tcp, - port => '701', - action => accept, - physdev_in => 'eth0', - } - EOS - - apply_manifest(pp, :catch_failures => true) - apply_manifest(pp, :catch_changes => do_catch_changes) - end - - it 'should contain the rule' do - shell('ip6tables-save') do |r| - expect(r.stdout).to match(/-A FORWARD -p tcp -m physdev\s+--physdev-in eth0 -m multiport --ports 701 -m comment --comment "701 - test" -j ACCEPT/) - end - end - end - - context 'physdev_out eth1' do - it 'applies' do - pp = <<-EOS - class { '::firewall': } - firewall { '702 - test': - provider => 'ip6tables', - chain => 'FORWARD', - proto => tcp, - port => '702', - action => accept, - physdev_out => 'eth1', - } - EOS - - apply_manifest(pp, :catch_failures => true) - apply_manifest(pp, :catch_changes => do_catch_changes) - end - - it 'should contain the rule' do - shell('ip6tables-save') do |r| - expect(r.stdout).to match(/-A FORWARD -p tcp -m physdev\s+--physdev-out eth1 -m multiport --ports 702 -m comment --comment "702 - test" -j ACCEPT/) - end - end - end - - context 'physdev_in eth0 and physdev_out eth1' do - it 'applies' do - pp = <<-EOS - class { '::firewall': } - firewall { '703 - test': - provider => 'ip6tables', - chain => 'FORWARD', - proto => tcp, - port => '703', - action => accept, - physdev_in => 'eth0', - physdev_out => 'eth1', - } - EOS - - apply_manifest(pp, :catch_failures => true) - apply_manifest(pp, :catch_changes => do_catch_changes) - end - - it 'should contain the rule' do - shell('ip6tables-save') do |r| - expect(r.stdout).to match(/-A FORWARD -p tcp -m physdev\s+--physdev-in eth0 --physdev-out eth1 -m multiport --ports 703 -m comment --comment "703 - test" -j ACCEPT/) - end - end - end - - context 'physdev_is_bridged' do - it 'applies' do - pp = <<-EOS - class { '::firewall': } - firewall { '704 - test': - provider => 'ip6tables', - chain => 'FORWARD', - proto => tcp, - port => '704', - action => accept, - physdev_is_bridged => true, - } - EOS - - apply_manifest(pp, :catch_failures => true) - apply_manifest(pp, :catch_changes => do_catch_changes) - end - - it 'should contain the rule' do - shell('ip6tables-save') do |r| - expect(r.stdout).to match(/-A FORWARD -p tcp -m physdev\s+--physdev-is-bridged -m multiport --ports 704 -m comment --comment "704 - test" -j ACCEPT/) - end - end - end - - context 'physdev_in eth0 and physdev_is_bridged' do - it 'applies' do - pp = <<-EOS - class { '::firewall': } - firewall { '705 - test': - provider => 'ip6tables', - chain => 'FORWARD', - proto => tcp, - port => '705', - action => accept, - physdev_in => 'eth0', - physdev_is_bridged => true, - } - EOS - - apply_manifest(pp, :catch_failures => true) - apply_manifest(pp, :catch_changes => do_catch_changes) - end - - it 'should contain the rule' do - shell('ip6tables-save') do |r| - expect(r.stdout).to match(/-A FORWARD -p tcp -m physdev\s+--physdev-in eth0 --physdev-is-bridged -m multiport --ports 705 -m comment --comment "705 - test" -j ACCEPT/) - end - end - end - - context 'physdev_out eth1 and physdev_is_bridged' do - it 'applies' do - pp = <<-EOS - class { '::firewall': } - firewall { '706 - test': - provider => 'ip6tables', - chain => 'FORWARD', - proto => tcp, - port => '706', - action => accept, - physdev_out => 'eth1', - physdev_is_bridged => true, - } - EOS - - apply_manifest(pp, :catch_failures => true) - apply_manifest(pp, :catch_changes => do_catch_changes) - end - - it 'should contain the rule' do - shell('ip6tables-save') do |r| - expect(r.stdout).to match(/-A FORWARD -p tcp -m physdev\s+--physdev-out eth1 --physdev-is-bridged -m multiport --ports 706 -m comment --comment "706 - test" -j ACCEPT/) - end - end - end - - context 'physdev_in eth0 and physdev_out eth1 and physdev_is_bridged' do - it 'applies' do - pp = <<-EOS - class { '::firewall': } - firewall { '707 - test': - provider => 'ip6tables', - chain => 'FORWARD', - proto => tcp, - port => '707', - action => accept, - physdev_in => 'eth0', - physdev_out => 'eth1', - physdev_is_bridged => true, - } - EOS - - apply_manifest(pp, :catch_failures => true) - apply_manifest(pp, :catch_changes => do_catch_changes) - end - - it 'should contain the rule' do - shell('ip6tables-save') do |r| - expect(r.stdout).to match(/-A FORWARD -p tcp -m physdev\s+--physdev-in eth0 --physdev-out eth1 --physdev-is-bridged -m multiport --ports 707 -m comment --comment "707 - test" -j ACCEPT/) - end - end - end - end - end - -end diff --git a/firewall/spec/acceptance/firewall_clusterip_spec.rb b/firewall/spec/acceptance/firewall_clusterip_spec.rb deleted file mode 100644 index 03fbd906c..000000000 --- a/firewall/spec/acceptance/firewall_clusterip_spec.rb +++ /dev/null @@ -1,49 +0,0 @@ - -# These tests have been commented out, as there are suspicions that the clusterIP ipt module is causing system reboots. - - -# require 'spec_helper_acceptance' - -# describe 'firewall type', :unless => UNSUPPORTED_PLATFORMS.include?(fact('osfamily')) do - -# before(:all) do -# shell('iptables --flush; iptables -t nat --flush; iptables -t mangle --flush') -# shell('ip6tables --flush; ip6tables -t nat --flush; ip6tables -t mangle --flush') -# end - -# # SLES doesn't have the CLUSTERIP module -# if default['platform'] !~ /sles/ -# describe 'clusterip' do -# context 'cluster ipv4 test' do -# it 'applies' do -# pending("MODULES-2124 should be resolved for clusterip RHEL7 support") if default['platform'] =~ /el-7/ -# pp = <<-EOS -# class { '::firewall': } -# firewall { -# '830 - clusterip test': -# chain => 'FORWARD', -# jump => 'CLUSTERIP', -# destination => '1.1.1.1', -# iniface => 'eth0', -# clusterip_new => true, -# clusterip_hashmode => "sourceip", -# clusterip_clustermac => "01:00:5E:00:00:00", -# clusterip_total_nodes => "2", -# clusterip_local_node => "1", -# clusterip_hash_init => "1337", -# } -# EOS - -# apply_manifest(pp, :catch_failures => true) -# end - -# it 'should contain the rule' do -# pending("MODULES-2124 should be resolved for clusterip RHEL7 support") if default['platform'] =~ /el-7/ -# shell('iptables-save') do |r| -# expect(r.stdout).to match(/-A FORWARD -d (1.1.1.1\/32|1.1.1.1) -i eth0 -p tcp -m comment --comment "830 - clusterip test" -j CLUSTERIP --new --hashmode sourceip --clustermac 01:00:5E:00:00:00 --total-nodes 2 --local-node 1 --hash-init 1337/) -# end -# end -# end -# end -# end -# end diff --git a/firewall/spec/acceptance/firewall_dscp_spec.rb b/firewall/spec/acceptance/firewall_dscp_spec.rb deleted file mode 100644 index a85100a05..000000000 --- a/firewall/spec/acceptance/firewall_dscp_spec.rb +++ /dev/null @@ -1,118 +0,0 @@ -require 'spec_helper_acceptance' - -describe 'firewall type', :unless => UNSUPPORTED_PLATFORMS.include?(fact('osfamily')) do - - before(:all) do - shell('iptables --flush; iptables -t nat --flush; iptables -t mangle --flush') - shell('ip6tables --flush; ip6tables -t nat --flush; ip6tables -t mangle --flush') - end - - describe 'dscp ipv4 tests' do - context 'set_dscp 0x01' do - it 'applies' do - pp = <<-EOS - class { '::firewall': } - firewall { - '1000 - set_dscp': - proto => 'tcp', - jump => 'DSCP', - set_dscp => '0x01', - port => '997', - chain => 'OUTPUT', - table => 'mangle', - } - EOS - - apply_manifest(pp, :catch_failures => true) - end - - it 'should contain the rule' do - shell('iptables-save -t mangle') do |r| - expect(r.stdout).to match(/-A OUTPUT -p tcp -m multiport --ports 997 -m comment --comment "1000 - set_dscp" -j DSCP --set-dscp 0x01/) - end - end - end - - context 'set_dscp_class EF' do - it 'applies' do - pp = <<-EOS - class { '::firewall': } - firewall { - '1001 EF - set_dscp_class': - proto => 'tcp', - jump => 'DSCP', - port => '997', - set_dscp_class => 'EF', - chain => 'OUTPUT', - table => 'mangle', - } - EOS - - apply_manifest(pp, :catch_failures => true) - end - - it 'should contain the rule' do - shell('iptables-save') do |r| - expect(r.stdout).to match(/-A OUTPUT -p tcp -m multiport --ports 997 -m comment --comment "1001 EF - set_dscp_class" -j DSCP --set-dscp 0x2e/) - end - end - end - end - - if default['platform'] !~ /el-5/ and default['platform'] !~ /sles-10/ - describe 'dscp ipv6 tests' do - context 'set_dscp 0x01' do - it 'applies' do - pp = <<-EOS - class { '::firewall': } - firewall { - '1002 - set_dscp': - proto => 'tcp', - jump => 'DSCP', - set_dscp => '0x01', - port => '997', - chain => 'OUTPUT', - table => 'mangle', - provider => 'ip6tables', - } - EOS - - apply_manifest(pp, :catch_failures => true) - end - - it 'should contain the rule' do - shell('ip6tables-save -t mangle') do |r| - expect(r.stdout).to match(/-A OUTPUT -p tcp -m multiport --ports 997 -m comment --comment "1002 - set_dscp" -j DSCP --set-dscp 0x01/) - end - end - end - - context 'set_dscp_class EF' do - it 'applies' do - pp = <<-EOS - class { '::firewall': } - firewall { - '1003 EF - set_dscp_class': - proto => 'tcp', - jump => 'DSCP', - port => '997', - set_dscp_class => 'EF', - chain => 'OUTPUT', - table => 'mangle', - provider => 'ip6tables', - } - EOS - - apply_manifest(pp, :catch_failures => true) - end - - it 'should contain the rule' do - shell('ip6tables-save') do |r| - expect(r.stdout).to match(/-A OUTPUT -p tcp -m multiport --ports 997 -m comment --comment "1003 EF - set_dscp_class" -j DSCP --set-dscp 0x2e/) - end - end - end - end - end - -end diff --git a/firewall/spec/acceptance/firewall_iptmodules_spec.rb b/firewall/spec/acceptance/firewall_iptmodules_spec.rb deleted file mode 100644 index 259a472f9..000000000 --- a/firewall/spec/acceptance/firewall_iptmodules_spec.rb +++ /dev/null @@ -1,206 +0,0 @@ - require 'spec_helper_acceptance' - -describe 'firewall type', :unless => UNSUPPORTED_PLATFORMS.include?(fact('osfamily')) do - - describe 'reset' do - it 'deletes all iptables rules' do - shell('iptables --flush; iptables -t nat --flush; iptables -t mangle --flush') - end - it 'deletes all ip6tables rules' do - shell('ip6tables --flush; ip6tables -t nat --flush; ip6tables -t mangle --flush') - end - end - - describe 'iptables ipt_modules tests' do - context 'all the modules with multiple args' do - it 'applies' do - pp = <<-EOS - class { '::firewall': } - firewall { '801 - ipt_modules tests': - proto => tcp, - dport => '8080', - action => reject, - chain => 'OUTPUT', - uid => 0, - gid => 404, - src_range => "90.0.0.1-90.0.0.2", - dst_range => "100.0.0.1-100.0.0.2", - src_type => 'LOCAL', - dst_type => 'UNICAST', - physdev_in => "eth0", - physdev_out => "eth1", - physdev_is_bridged => true, - } - EOS - - apply_manifest(pp, :catch_failures => true) - apply_manifest(pp, :catch_changes => do_catch_changes) - end - - it 'should contain the rule' do - shell('iptables-save') do |r| - expect(r.stdout).to match(/-A OUTPUT -p tcp -m physdev\s+--physdev-in eth0 --physdev-out eth1 --physdev-is-bridged -m iprange --src-range 90.0.0.1-90.0.0.2\s+--dst-range 100.0.0.1-100.0.0.2 -m owner --uid-owner (0|root) --gid-owner 404 -m multiport --dports 8080 -m addrtype --src-type LOCAL --dst-type UNICAST -m comment --comment "801 - ipt_modules tests" -j REJECT --reject-with icmp-port-unreachable/) - end - end - end - - context 'all the modules with single args' do - it 'applies' do - pp = <<-EOS - class { '::firewall': } - firewall { '802 - ipt_modules tests': - proto => tcp, - dport => '8080', - action => reject, - chain => 'OUTPUT', - gid => 404, - dst_range => "100.0.0.1-100.0.0.2", - dst_type => 'UNICAST', - physdev_out => "eth1", - physdev_is_bridged => true, - } - EOS - - apply_manifest(pp, :catch_failures => true) - apply_manifest(pp, :catch_changes => do_catch_changes) - end - - it 'should contain the rule' do - shell('iptables-save') do |r| - expect(r.stdout).to match(/-A OUTPUT -p tcp -m physdev\s+--physdev-out eth1 --physdev-is-bridged -m iprange --dst-range 100.0.0.1-100.0.0.2 -m owner --gid-owner 404 -m multiport --dports 8080 -m addrtype --dst-type UNICAST -m comment --comment "802 - ipt_modules tests" -j REJECT --reject-with icmp-port-unreachable/) - end - end - end - end - - #iptables version 1.3.5 is not suppored by the ip6tables provider - if default['platform'] =~ /debian-7/ or default['platform'] =~ /ubuntu-14\.04/ - describe 'ip6tables ipt_modules tests' do - context 'all the modules with multiple args' do - it 'applies' do - pp = <<-EOS - class { '::firewall': } - firewall { '801 - ipt_modules tests': - proto => tcp, - dport => '8080', - action => reject, - chain => 'OUTPUT', - provider => 'ip6tables', - uid => 0, - gid => 404, - src_range => "2001::-2002::", - dst_range => "2003::-2004::", - src_type => 'LOCAL', - dst_type => 'UNICAST', - physdev_in => "eth0", - physdev_out => "eth1", - physdev_is_bridged => true, - } - EOS - - apply_manifest(pp, :catch_failures => true) - apply_manifest(pp, :catch_changes => do_catch_changes) - end - - it 'should contain the rule' do - shell('ip6tables-save') do |r| - expect(r.stdout).to match(/-A OUTPUT -p tcp -m physdev\s+--physdev-in eth0 --physdev-out eth1 --physdev-is-bridged -m iprange --src-range 2001::-2002::\s+--dst-range 2003::-2004:: -m owner --uid-owner (0|root) --gid-owner 404 -m multiport --dports 8080 -m addrtype --src-type LOCAL --dst-type UNICAST -m comment --comment "801 - ipt_modules tests" -j REJECT --reject-with icmp6-port-unreachable/) - end - end - end - - context 'all the modules with single args' do - it 'applies' do - pp = <<-EOS - class { '::firewall': } - firewall { '802 - ipt_modules tests': - proto => tcp, - dport => '8080', - action => reject, - chain => 'OUTPUT', - provider => 'ip6tables', - gid => 404, - dst_range => "2003::-2004::", - dst_type => 'UNICAST', - physdev_out => "eth1", - physdev_is_bridged => true, - } - EOS - - apply_manifest(pp, :catch_failures => true) - apply_manifest(pp, :catch_changes => do_catch_changes) - end - - it 'should contain the rule' do - shell('ip6tables-save') do |r| - expect(r.stdout).to match(/-A OUTPUT -p tcp -m physdev\s+--physdev-out eth1 --physdev-is-bridged -m iprange --dst-range 2003::-2004:: -m owner --gid-owner 404 -m multiport --dports 8080 -m addrtype --dst-type UNICAST -m comment --comment "802 - ipt_modules tests" -j REJECT --reject-with icmp6-port-unreachable/) - end - end - end - end - # Older OSes don't have addrtype so we leave those properties out. - # el-5 doesn't support ipv6 by default - elsif default['platform'] !~ /el-5/ and default['platform'] !~ /sles-10/ - describe 'ip6tables ipt_modules tests' do - context 'all the modules with multiple args' do - it 'applies' do - pp = <<-EOS - class { '::firewall': } - firewall { '801 - ipt_modules tests': - proto => tcp, - dport => '8080', - action => reject, - chain => 'OUTPUT', - provider => 'ip6tables', - uid => 0, - gid => 404, - src_range => "2001::-2002::", - dst_range => "2003::-2004::", - physdev_in => "eth0", - physdev_out => "eth1", - physdev_is_bridged => true, - } - EOS - - apply_manifest(pp, :catch_failures => true) - apply_manifest(pp, :catch_changes => do_catch_changes) - end - - it 'should contain the rule' do - shell('ip6tables-save') do |r| - expect(r.stdout).to match(/-A OUTPUT -p tcp -m physdev\s+--physdev-in eth0 --physdev-out eth1 --physdev-is-bridged -m iprange --src-range 2001::-2002::\s+--dst-range 2003::-2004:: -m owner --uid-owner (0|root) --gid-owner 404 -m multiport --dports 8080 -m comment --comment "801 - ipt_modules tests" -j REJECT --reject-with icmp6-port-unreachable/) - end - end - end - - context 'all the modules with single args' do - it 'applies' do - pp = <<-EOS - class { '::firewall': } - firewall { '802 - ipt_modules tests': - proto => tcp, - dport => '8080', - action => reject, - chain => 'OUTPUT', - provider => 'ip6tables', - gid => 404, - dst_range => "2003::-2004::", - physdev_out => "eth1", - physdev_is_bridged => true, - } - EOS - - apply_manifest(pp, :catch_failures => true) - apply_manifest(pp, :catch_changes => do_catch_changes) - end - - it 'should contain the rule' do - shell('ip6tables-save') do |r| - expect(r.stdout).to match(/-A OUTPUT -p tcp -m physdev\s+--physdev-out eth1 --physdev-is-bridged -m iprange --dst-range 2003::-2004:: -m owner --gid-owner 404 -m multiport --dports 8080 -m comment --comment "802 - ipt_modules tests" -j REJECT --reject-with icmp6-port-unreachable/) - end - end - end - end - end - -end diff --git a/firewall/spec/acceptance/firewall_mss_spec.rb b/firewall/spec/acceptance/firewall_mss_spec.rb deleted file mode 100644 index 4a2125b29..000000000 --- a/firewall/spec/acceptance/firewall_mss_spec.rb +++ /dev/null @@ -1,118 +0,0 @@ -require 'spec_helper_acceptance' - -describe 'firewall type', :unless => UNSUPPORTED_PLATFORMS.include?(fact('osfamily')) do - - before(:all) do - shell('iptables --flush; iptables -t nat --flush; iptables -t mangle --flush') - shell('ip6tables --flush; ip6tables -t nat --flush; ip6tables -t mangle --flush') - end - - describe 'mss ipv4 tests' do - context '1360' do - it 'applies' do - pp = <<-EOS - class { '::firewall': } - firewall { - '502 - set_mss': - proto => 'tcp', - tcp_flags => 'SYN,RST SYN', - jump => 'TCPMSS', - set_mss => '1360', - mss => '1361:1541', - chain => 'FORWARD', - table => 'mangle', - } - EOS - - apply_manifest(pp, :catch_failures => true) - end - - it 'should contain the rule' do - shell('iptables-save -t mangle') do |r| - expect(r.stdout).to match(/-A FORWARD -p tcp -m tcp --tcp-flags SYN,RST SYN -m comment --comment "502 - set_mss" -m tcpmss --mss 1361:1541 -j TCPMSS --set-mss 1360/) - end - end - end - - context 'clamp_mss_to_pmtu' do - it 'applies' do - pp = <<-EOS - class { '::firewall': } - firewall { - '503 - clamp_mss_to_pmtu': - proto => 'tcp', - chain => 'FORWARD', - tcp_flags => 'SYN,RST SYN', - jump => 'TCPMSS', - clamp_mss_to_pmtu => true, - } - EOS - - apply_manifest(pp, :catch_failures => true) - end - - it 'should contain the rule' do - shell('iptables-save') do |r| - expect(r.stdout).to match(/-A FORWARD -p tcp -m tcp --tcp-flags SYN,RST SYN -m comment --comment "503 - clamp_mss_to_pmtu" -j TCPMSS --clamp-mss-to-pmtu/) - end - end - end - end - - if default['platform'] !~ /el-5/ and default['platform'] !~ /sles-10/ - describe 'mss ipv6 tests' do - context '1360' do - it 'applies' do - pp = <<-EOS - class { '::firewall': } - firewall { - '502 - set_mss': - proto => 'tcp', - tcp_flags => 'SYN,RST SYN', - jump => 'TCPMSS', - set_mss => '1360', - mss => '1361:1541', - chain => 'FORWARD', - table => 'mangle', - provider => 'ip6tables', - } - EOS - - apply_manifest(pp, :catch_failures => true) - end - - it 'should contain the rule' do - shell('ip6tables-save -t mangle') do |r| - expect(r.stdout).to match(/-A FORWARD -p tcp -m tcp --tcp-flags SYN,RST SYN -m comment --comment "502 - set_mss" -m tcpmss --mss 1361:1541 -j TCPMSS --set-mss 1360/) - end - end - end - - context 'clamp_mss_to_pmtu' do - it 'applies' do - pp = <<-EOS - class { '::firewall': } - firewall { - '503 - clamp_mss_to_pmtu': - proto => 'tcp', - chain => 'FORWARD', - tcp_flags => 'SYN,RST SYN', - jump => 'TCPMSS', - clamp_mss_to_pmtu => true, - provider => 'ip6tables', - } - EOS - - apply_manifest(pp, :catch_failures => true) - end - - it 'should contain the rule' do - shell('ip6tables-save') do |r| - expect(r.stdout).to match(/-A FORWARD -p tcp -m tcp --tcp-flags SYN,RST SYN -m comment --comment "503 - clamp_mss_to_pmtu" -j TCPMSS --clamp-mss-to-pmtu/) - end - end - end - end - end - -end diff --git a/firewall/spec/acceptance/firewall_spec.rb b/firewall/spec/acceptance/firewall_spec.rb deleted file mode 100644 index def7d178c..000000000 --- a/firewall/spec/acceptance/firewall_spec.rb +++ /dev/null @@ -1,2414 +0,0 @@ -require 'spec_helper_acceptance' - -describe 'firewall type', :unless => UNSUPPORTED_PLATFORMS.include?(fact('osfamily')) do - - describe 'reset' do - it 'deletes all rules' do - shell('iptables --flush; iptables -t nat --flush; iptables -t mangle --flush') - end - end - - describe 'name' do - context 'valid' do - it 'applies cleanly' do - pp = <<-EOS - class { '::firewall': } - firewall { '001 - test': ensure => present } - EOS - - apply_manifest(pp, :catch_failures => true) - end - - end - - context 'invalid' do - it 'fails' do - pp = <<-EOS - class { '::firewall': } - firewall { 'test': ensure => present } - EOS - - apply_manifest(pp, :expect_failures => true) do |r| - expect(r.stderr).to match(/Invalid value "test"./) - end - end - end - end - - describe 'ensure' do - context 'default' do - it 'applies' do - pp = <<-EOS - class { '::firewall': } - firewall { '555 - test': - proto => tcp, - port => '555', - action => accept, - } - EOS - - apply_manifest(pp, :catch_failures => true) - end - - it 'should contain the rule' do - shell('iptables-save') do |r| - expect(r.stdout).to match(/-A INPUT -p tcp -m multiport --ports 555 -m comment --comment "555 - test" -j ACCEPT/) - end - end - end - - context 'present' do - it 'applies' do - pp = <<-EOS - class { '::firewall': } - firewall { '555 - test': - ensure => present, - proto => tcp, - port => '555', - action => accept, - } - EOS - - apply_manifest(pp, :catch_failures => true) - end - - it 'should contain the rule' do - shell('iptables-save') do |r| - expect(r.stdout).to match(/-A INPUT -p tcp -m multiport --ports 555 -m comment --comment "555 - test" -j ACCEPT/) - end - end - end - - context 'absent' do - it 'applies' do - pp = <<-EOS - class { '::firewall': } - firewall { '555 - test': - ensure => absent, - proto => tcp, - port => '555', - action => accept, - } - EOS - - apply_manifest(pp, :catch_failures => true) - end - - it 'should not contain the rule' do - shell('iptables-save') do |r| - expect(r.stdout).to_not match(/-A INPUT -p tcp -m multiport --ports 555 -m comment --comment "555 - test" -j ACCEPT/) - end - end - end - end - - describe 'source' do - context '192.168.2.0/24' do - it 'applies' do - pp = <<-EOS - class { '::firewall': } - firewall { '556 - test': - proto => tcp, - port => '556', - action => accept, - source => '192.168.2.0/24', - } - EOS - - apply_manifest(pp, :catch_failures => true) - apply_manifest(pp, :catch_changes => do_catch_changes) - end - - it 'should contain the rule' do - shell('iptables-save') do |r| - expect(r.stdout).to match(/-A INPUT -s 192.168.2.0\/(24|255\.255\.255\.0) -p tcp -m multiport --ports 556 -m comment --comment "556 - test" -j ACCEPT/) - end - end - end - - context '! 192.168.2.0/24' do - it 'applies' do - pp = <<-EOS - class { '::firewall': } - firewall { '556 - test': - proto => tcp, - port => '556', - action => accept, - source => '! 192.168.2.0/24', - } - EOS - - apply_manifest(pp, :catch_failures => true) - apply_manifest(pp, :catch_changes => do_catch_changes) - end - - it 'should contain the rule' do - shell('iptables-save') do |r| - expect(r.stdout).to match(/-A INPUT (! -s|-s !) 192.168.2.0\/(24|255\.255\.255\.0) -p tcp -m multiport --ports 556 -m comment --comment "556 - test" -j ACCEPT/) - end - end - end - - # Invalid address - context '256.168.2.0/24' do - it 'applies' do - pp = <<-EOS - class { '::firewall': } - firewall { '556 - test': - proto => tcp, - port => '556', - action => accept, - source => '256.168.2.0/24', - } - EOS - - apply_manifest(pp, :expect_failures => true) do |r| - expect(r.stderr).to match(/host_to_ip failed for 256.168.2.0\/(24|255\.255\.255\.0)/) - end - end - - it 'should not contain the rule' do - shell('iptables-save') do |r| - expect(r.stdout).to_not match(/-A INPUT -s 256.168.2.0\/(24|255\.255\.255\.0) -p tcp -m multiport --ports 556 -m comment --comment "556 - test" -j ACCEPT/) - end - end - end - end - - describe 'src_range' do - context '192.168.1.1-192.168.1.10' do - it 'applies' do - pp = <<-EOS - class { '::firewall': } - firewall { '557 - test': - proto => tcp, - port => '557', - action => accept, - src_range => '192.168.1.1-192.168.1.10', - } - EOS - - apply_manifest(pp, :catch_failures => true) - apply_manifest(pp, :catch_changes => do_catch_changes) - end - - it 'should contain the rule' do - shell('iptables-save') do |r| - expect(r.stdout).to match(/-A INPUT -p tcp -m iprange --src-range 192.168.1.1-192.168.1.10 -m multiport --ports 557 -m comment --comment "557 - test" -j ACCEPT/) - end - end - end - - # Invalid IP - context '392.168.1.1-192.168.1.10' do - it 'applies' do - pp = <<-EOS - class { '::firewall': } - firewall { '557 - test': - proto => tcp, - port => '557', - action => accept, - src_range => '392.168.1.1-192.168.1.10', - } - EOS - - apply_manifest(pp, :expect_failures => true) do |r| - expect(r.stderr).to match(/Invalid IP address "392.168.1.1" in range "392.168.1.1-192.168.1.10"/) - end - end - - it 'should not contain the rule' do - shell('iptables-save') do |r| - expect(r.stdout).to_not match(/-A INPUT -p tcp -m iprange --src-range 392.168.1.1-192.168.1.10 -m multiport --ports 557 -m comment --comment "557 - test" -j ACCEPT/) - end - end - end - end - - describe 'destination' do - context '192.168.2.0/24' do - it 'applies' do - pp = <<-EOS - class { '::firewall': } - firewall { '558 - test': - proto => tcp, - port => '558', - action => accept, - destination => '192.168.2.0/24', - } - EOS - - apply_manifest(pp, :catch_failures => true) - apply_manifest(pp, :catch_changes => do_catch_changes) - end - - it 'should contain the rule' do - shell('iptables-save') do |r| - expect(r.stdout).to match(/-A INPUT -d 192.168.2.0\/(24|255\.255\.255\.0) -p tcp -m multiport --ports 558 -m comment --comment "558 - test" -j ACCEPT/) - end - end - end - - context '! 192.168.2.0/24' do - it 'applies' do - pp = <<-EOS - class { '::firewall': } - firewall { '558 - test': - proto => tcp, - port => '558', - action => accept, - destination => '! 192.168.2.0/24', - } - EOS - - apply_manifest(pp, :catch_failures => true) - apply_manifest(pp, :catch_changes => do_catch_changes) - end - - it 'should contain the rule' do - shell('iptables-save') do |r| - expect(r.stdout).to match(/-A INPUT (! -d|-d !) 192.168.2.0\/(24|255\.255\.255\.0) -p tcp -m multiport --ports 558 -m comment --comment "558 - test" -j ACCEPT/) - end - end - end - - # Invalid address - context '256.168.2.0/24' do - it 'applies' do - pp = <<-EOS - class { '::firewall': } - firewall { '558 - test': - proto => tcp, - port => '558', - action => accept, - destination => '256.168.2.0/24', - } - EOS - - apply_manifest(pp, :expect_failures => true) do |r| - expect(r.stderr).to match(/host_to_ip failed for 256.168.2.0\/(24|255\.255\.255\.0)/) - end - end - - it 'should not contain the rule' do - shell('iptables-save') do |r| - expect(r.stdout).to_not match(/-A INPUT -d 256.168.2.0\/(24|255\.255\.255\.0) -p tcp -m multiport --ports 558 -m comment --comment "558 - test" -j ACCEPT/) - end - end - end - end - - describe 'dst_range' do - context '192.168.1.1-192.168.1.10' do - it 'applies' do - pp = <<-EOS - class { '::firewall': } - firewall { '559 - test': - proto => tcp, - port => '559', - action => accept, - dst_range => '192.168.1.1-192.168.1.10', - } - EOS - - apply_manifest(pp, :catch_failures => true) - apply_manifest(pp, :catch_changes => do_catch_changes) - end - - it 'should contain the rule' do - shell('iptables-save') do |r| - expect(r.stdout).to match(/-A INPUT -p tcp -m iprange --dst-range 192.168.1.1-192.168.1.10 -m multiport --ports 559 -m comment --comment "559 - test" -j ACCEPT/) - end - end - end - - # Invalid IP - context '392.168.1.1-192.168.1.10' do - it 'applies' do - pp = <<-EOS - class { '::firewall': } - firewall { '559 - test': - proto => tcp, - port => '559', - action => accept, - dst_range => '392.168.1.1-192.168.1.10', - } - EOS - - apply_manifest(pp, :expect_failures => true) do |r| - expect(r.stderr).to match(/Invalid IP address "392.168.1.1" in range "392.168.1.1-192.168.1.10"/) - end - end - - it 'should not contain the rule' do - shell('iptables-save') do |r| - expect(r.stdout).to_not match(/-A INPUT -p tcp -m iprange --dst-range 392.168.1.1-192.168.1.10 -m multiport --ports 559 -m comment --comment "559 - test" -j ACCEPT/) - end - end - end - end - - describe 'sport' do - context 'single port' do - it 'applies' do - pp = <<-EOS - class { '::firewall': } - firewall { '560 - test': - proto => tcp, - sport => '560', - action => accept, - } - EOS - - apply_manifest(pp, :catch_failures => true) - end - - it 'should contain the rule' do - shell('iptables-save') do |r| - expect(r.stdout).to match(/-A INPUT -p tcp -m multiport --sports 560 -m comment --comment "560 - test" -j ACCEPT/) - end - end - end - - context 'multiple ports' do - it 'applies' do - pp = <<-EOS - class { '::firewall': } - firewall { '560 - test': - proto => tcp, - sport => '560-561', - action => accept, - } - EOS - - apply_manifest(pp, :catch_failures => true) - end - - it 'should contain the rule' do - shell('iptables-save') do |r| - expect(r.stdout).to match(/-A INPUT -p tcp -m multiport --sports 560:561 -m comment --comment "560 - test" -j ACCEPT/) - end - end - end - - context 'invalid ports' do - it 'applies' do - pp = <<-EOS - class { '::firewall': } - firewall { '560 - test': - proto => tcp, - sport => '9999560-561', - action => accept, - } - EOS - - apply_manifest(pp, :expect_failures => true) do |r| - expect(r.stderr).to match(/invalid port\/service `9999560' specified/) - end - end - - it 'should contain the rule' do - shell('iptables-save') do |r| - expect(r.stdout).to_not match(/-A INPUT -p tcp -m multiport --sports 9999560-561 -m comment --comment "560 - test" -j ACCEPT/) - end - end - end - end - - describe 'dport' do - context 'single port' do - it 'applies' do - pp = <<-EOS - class { '::firewall': } - firewall { '561 - test': - proto => tcp, - dport => '561', - action => accept, - } - EOS - - apply_manifest(pp, :catch_failures => true) - end - - it 'should contain the rule' do - shell('iptables-save') do |r| - expect(r.stdout).to match(/-A INPUT -p tcp -m multiport --dports 561 -m comment --comment "561 - test" -j ACCEPT/) - end - end - end - - context 'multiple ports' do - it 'applies' do - pp = <<-EOS - class { '::firewall': } - firewall { '561 - test': - proto => tcp, - dport => '561-562', - action => accept, - } - EOS - - apply_manifest(pp, :catch_failures => true) - end - - it 'should contain the rule' do - shell('iptables-save') do |r| - expect(r.stdout).to match(/-A INPUT -p tcp -m multiport --dports 561:562 -m comment --comment "561 - test" -j ACCEPT/) - end - end - end - - context 'invalid ports' do - it 'applies' do - pp = <<-EOS - class { '::firewall': } - firewall { '561 - test': - proto => tcp, - dport => '9999561-562', - action => accept, - } - EOS - - apply_manifest(pp, :expect_failures => true) do |r| - expect(r.stderr).to match(/invalid port\/service `9999561' specified/) - end - end - - it 'should contain the rule' do - shell('iptables-save') do |r| - expect(r.stdout).to_not match(/-A INPUT -p tcp -m multiport --dports 9999561-562 -m comment --comment "560 - test" -j ACCEPT/) - end - end - end - end - - describe 'port' do - context 'single port' do - it 'applies' do - pp = <<-EOS - class { '::firewall': } - firewall { '562 - test': - proto => tcp, - port => '562', - action => accept, - } - EOS - - apply_manifest(pp, :catch_failures => true) - end - - it 'should contain the rule' do - shell('iptables-save') do |r| - expect(r.stdout).to match(/-A INPUT -p tcp -m multiport --ports 562 -m comment --comment "562 - test" -j ACCEPT/) - end - end - end - - context 'multiple ports' do - it 'applies' do - pp = <<-EOS - class { '::firewall': } - firewall { '562 - test': - proto => tcp, - port => '562-563', - action => accept, - } - EOS - - apply_manifest(pp, :catch_failures => true) - end - - it 'should contain the rule' do - shell('iptables-save') do |r| - expect(r.stdout).to match(/-A INPUT -p tcp -m multiport --ports 562:563 -m comment --comment "562 - test" -j ACCEPT/) - end - end - end - - context 'invalid ports' do - it 'applies' do - pp = <<-EOS - class { '::firewall': } - firewall { '562 - test': - proto => tcp, - port => '9999562-563', - action => accept, - } - EOS - - apply_manifest(pp, :expect_failures => true) do |r| - expect(r.stderr).to match(/invalid port\/service `9999562' specified/) - end - end - - it 'should contain the rule' do - shell('iptables-save') do |r| - expect(r.stdout).to_not match(/-A INPUT -p tcp -m multiport --ports 9999562-563 -m comment --comment "562 - test" -j ACCEPT/) - end - end - end - end - - ['dst_type', 'src_type'].each do |type| - describe "#{type}" do - context 'MULTICAST' do - it 'applies' do - pp = <<-EOS - class { '::firewall': } - firewall { '563 - test': - proto => tcp, - action => accept, - #{type} => 'MULTICAST', - } - EOS - - apply_manifest(pp, :catch_failures => true) - end - - it 'should contain the rule' do - shell('iptables-save') do |r| - expect(r.stdout).to match(/-A INPUT -p tcp -m addrtype\s.*\sMULTICAST -m comment --comment "563 - test" -j ACCEPT/) - end - end - end - - context '! MULTICAST' do - it 'applies' do - pp = <<-EOS - class { '::firewall': } - firewall { '563 - test inversion': - proto => tcp, - action => accept, - #{type} => '! MULTICAST', - } - EOS - - apply_manifest(pp, :catch_failures => true) - apply_manifest(pp, :catch_changes => do_catch_changes) - end - - it 'should contain the rule' do - shell('iptables-save') do |r| - expect(r.stdout).to match(/-A INPUT -p tcp -m addrtype( !\s.*\sMULTICAST|\s.*\s! MULTICAST) -m comment --comment "563 - test inversion" -j ACCEPT/) - end - end - end - - context 'BROKEN' do - it 'fails' do - pp = <<-EOS - class { '::firewall': } - firewall { '563 - test': - proto => tcp, - action => accept, - #{type} => 'BROKEN', - } - EOS - - apply_manifest(pp, :expect_failures => true) do |r| - expect(r.stderr).to match(/Invalid value "BROKEN"./) - end - end - - it 'should not contain the rule' do - shell('iptables-save') do |r| - expect(r.stdout).to_not match(/-A INPUT -p tcp -m addrtype\s.*\sBROKEN -m comment --comment "563 - test" -j ACCEPT/) - end - end - end - end - end - - describe 'tcp_flags' do - context 'FIN,SYN ACK' do - it 'applies' do - pp = <<-EOS - class { '::firewall': } - firewall { '564 - test': - proto => tcp, - action => accept, - tcp_flags => 'FIN,SYN ACK', - } - EOS - - apply_manifest(pp, :catch_failures => true) - end - - it 'should contain the rule' do - shell('iptables-save') do |r| - expect(r.stdout).to match(/-A INPUT -p tcp -m tcp --tcp-flags FIN,SYN ACK -m comment --comment "564 - test" -j ACCEPT/) - end - end - end - end - - describe 'chain' do - context 'INPUT' do - it 'applies' do - pp = <<-EOS - class { '::firewall': } - firewall { '565 - test': - proto => tcp, - action => accept, - chain => 'FORWARD', - } - EOS - - apply_manifest(pp, :catch_failures => true) - end - - it 'should contain the rule' do - shell('iptables-save') do |r| - expect(r.stdout).to match(/-A FORWARD -p tcp -m comment --comment "565 - test" -j ACCEPT/) - end - end - end - end - - describe 'table' do - context 'mangle' do - it 'applies' do - pp = <<-EOS - class { '::firewall': } - firewall { '566 - test': - proto => tcp, - action => accept, - table => 'mangle', - } - EOS - - apply_manifest(pp, :catch_failures => true) - end - - it 'should contain the rule' do - shell('iptables-save -t mangle') do |r| - expect(r.stdout).to match(/-A INPUT -p tcp -m comment --comment "566 - test" -j ACCEPT/) - end - end - end - context 'nat' do - it 'applies' do - pp = <<-EOS - class { '::firewall': } - firewall { '566 - test2': - proto => tcp, - action => accept, - table => 'nat', - chain => 'OUTPUT', - } - EOS - - apply_manifest(pp, :catch_failures => true) - end - - it 'should not contain the rule' do - shell('iptables-save -t nat') do |r| - expect(r.stdout).to match(/-A OUTPUT -p tcp -m comment --comment "566 - test2" -j ACCEPT/) - end - end - end - end - - describe 'jump' do - after :all do - iptables_flush_all_tables - expect(shell('iptables -t filter -X TEST').stderr).to eq("") - end - - context 'MARK' do - it 'applies' do - pp = <<-EOS - class { '::firewall': } - firewallchain { 'TEST:filter:IPv4': - ensure => present, - } - firewall { '567 - test': - proto => tcp, - chain => 'INPUT', - jump => 'TEST', - } - EOS - - apply_manifest(pp, :catch_failures => true) - end - - it 'should contain the rule' do - shell('iptables-save') do |r| - expect(r.stdout).to match(/-A INPUT -p tcp -m comment --comment "567 - test" -j TEST/) - end - end - end - - context 'jump and apply' do - it 'applies' do - pp = <<-EOS - class { '::firewall': } - firewallchain { 'TEST:filter:IPv4': - ensure => present, - } - firewall { '568 - test': - proto => tcp, - chain => 'INPUT', - action => 'accept', - jump => 'TEST', - } - EOS - - apply_manifest(pp, :expect_failures => true) do |r| - expect(r.stderr).to match(/Only one of the parameters 'action' and 'jump' can be set/) - end - end - - it 'should not contain the rule' do - shell('iptables-save') do |r| - expect(r.stdout).to_not match(/-A INPUT -p tcp -m comment --comment "568 - test" -j TEST/) - end - end - end - end - - describe 'tosource' do - context '192.168.1.1' do - it 'applies' do - pp = <<-EOS - class { '::firewall': } - firewall { '568 - test': - proto => tcp, - table => 'nat', - chain => 'POSTROUTING', - jump => 'SNAT', - tosource => '192.168.1.1', - } - EOS - - apply_manifest(pp, :catch_failures => true) - end - - it 'should contain the rule' do - shell('iptables-save -t nat') do |r| - expect(r.stdout).to match(/A POSTROUTING -p tcp -m comment --comment "568 - test" -j SNAT --to-source 192.168.1.1/) - end - end - end - end - - describe 'todest' do - context '192.168.1.1' do - it 'applies' do - pp = <<-EOS - class { '::firewall': } - firewall { '569 - test': - proto => tcp, - table => 'nat', - chain => 'PREROUTING', - jump => 'DNAT', - source => '200.200.200.200', - todest => '192.168.1.1', - } - EOS - - apply_manifest(pp, :catch_failures => true) - end - - it 'should contain the rule' do - shell('iptables-save -t nat') do |r| - expect(r.stdout).to match(/-A PREROUTING -s 200.200.200.200(\/32)? -p tcp -m comment --comment "569 - test" -j DNAT --to-destination 192.168.1.1/) - end - end - end - end - - describe 'toports' do - context '192.168.1.1' do - it 'applies' do - pp = <<-EOS - class { '::firewall': } - firewall { '570 - test': - proto => icmp, - table => 'nat', - chain => 'PREROUTING', - jump => 'REDIRECT', - toports => '2222', - } - EOS - - apply_manifest(pp, :catch_failures => true) - end - - it 'should contain the rule' do - shell('iptables-save -t nat') do |r| - expect(r.stdout).to match(/-A PREROUTING -p icmp -m comment --comment "570 - test" -j REDIRECT --to-ports 2222/) - end - end - end - end - - - if default['platform'] !~ /el-5/ and default['platform'] !~ /ubuntu-10\.04/ and default['platform'] !~ /debian-6/ and default['platform'] !~ /sles/ - describe 'checksum_fill' do - context 'virbr' do - it 'applies' do - pp = <<-EOS - class { '::firewall': } - firewall { '576 - test': - proto => udp, - table => 'mangle', - outiface => 'virbr0', - chain => 'POSTROUTING', - dport => '68', - jump => 'CHECKSUM', - checksum_fill => true, - provider => iptables, - } - EOS - - apply_manifest(pp, :catch_failures => true) - end - - it 'should contain the rule' do - shell('iptables-save -t mangle') do |r| - expect(r.stdout).to match(/-A POSTROUTING -o virbr0 -p udp -m multiport --dports 68 -m comment --comment "576 - test" -j CHECKSUM --checksum-fill/) - end - end - end - end - - describe 'checksum_fill6' do - context 'virbr' do - it 'applies' do - pp = <<-EOS - class { '::firewall': } - firewall { '576 - test': - proto => udp, - table => 'mangle', - outiface => 'virbr0', - chain => 'POSTROUTING', - dport => '68', - jump => 'CHECKSUM', - checksum_fill => true, - provider => ip6tables, - } - EOS - - apply_manifest(pp, :catch_failures => true) - end - - it 'should contain the rule' do - shell('ip6tables-save -t mangle') do |r| - expect(r.stdout).to match(/-A POSTROUTING -o virbr0 -p udp -m multiport --dports 68 -m comment --comment "576 - test" -j CHECKSUM --checksum-fill/) - end - end - end - end - end - - # RHEL5 does not support --random - if default['platform'] !~ /el-5/ and default['platform'] !~ /sles-10/ - describe 'random' do - context '192.168.1.1' do - it 'applies' do - pp = <<-EOS - class { '::firewall': } - firewall { '570 - test 2': - proto => all, - table => 'nat', - chain => 'POSTROUTING', - jump => 'MASQUERADE', - source => '172.30.0.0/16', - random => true - } - EOS - - apply_manifest(pp, :catch_failures => true) - apply_manifest(pp, :catch_changes => do_catch_changes) - end - - it 'should contain the rule' do - shell('iptables-save -t nat') do |r| - expect(r.stdout).to match(/-A POSTROUTING -s 172\.30\.0\.0\/16 -m comment --comment "570 - test 2" -j MASQUERADE --random/) - end - end - end - end - end - - describe 'icmp' do - context 'any' do - it 'fails' do - pp = <<-EOS - class { '::firewall': } - firewall { '571 - test': - proto => icmp, - icmp => 'any', - } - EOS - - apply_manifest(pp, :expect_failures => true) do |r| - expect(r.stderr).to match(/This behaviour should be achieved by omitting or undefining the ICMP parameter/) - end - end - - it 'should not contain the rule' do - shell('iptables-save') do |r| - expect(r.stdout).to_not match(/-A INPUT -p icmp -m comment --comment "570 - test" -m icmp --icmp-type 11/) - end - end - end - end - - #iptables version 1.3.5 is not suppored by the ip6tables provider - if default['platform'] !~ /el-5/ and default['platform'] !~ /sles-10/ - describe 'hop_limit' do - context '5' do - it 'applies' do - pp = <<-EOS - class { '::firewall': } - firewall { '571 - test': - ensure => present, - proto => tcp, - port => '571', - action => accept, - hop_limit => '5', - provider => 'ip6tables', - } - EOS - - apply_manifest(pp, :catch_failures => true) - end - - it 'should contain the rule' do - shell('ip6tables-save') do |r| - expect(r.stdout).to match(/-A INPUT -p tcp -m multiport --ports 571 -m comment --comment "571 - test" -m hl --hl-eq 5 -j ACCEPT/) - end - end - end - - context 'invalid' do - it 'applies' do - pp = <<-EOS - class { '::firewall': } - firewall { '571 - test': - ensure => present, - proto => tcp, - port => '571', - action => accept, - hop_limit => 'invalid', - provider => 'ip6tables', - } - EOS - - apply_manifest(pp, :expect_failures => true) do |r| - expect(r.stderr).to match(/Invalid value "invalid"./) - end - end - - it 'should not contain the rule' do - shell('ip6tables-save') do |r| - expect(r.stdout).to_not match(/-A INPUT -p tcp -m multiport --ports 571 -m comment --comment "571 - test" -m hl --hl-eq invalid -j ACCEPT/) - end - end - end - end - - describe 'ishasmorefrags' do - context 'true' do - it 'applies' do - pp = <<-EOS - class { '::firewall': } - firewall { '587 - test': - ensure => present, - proto => tcp, - port => '587', - action => accept, - ishasmorefrags => true, - provider => 'ip6tables', - } - EOS - - apply_manifest(pp, :catch_failures => true) - end - - it 'should contain the rule' do - shell('ip6tables-save') do |r| - expect(r.stdout).to match(/A INPUT -p tcp -m frag --fragid 0 --fragmore -m multiport --ports 587 -m comment --comment "587 - test" -j ACCEPT/) - end - end - end - - context 'false' do - it 'applies' do - pp = <<-EOS - class { '::firewall': } - firewall { '588 - test': - ensure => present, - proto => tcp, - port => '588', - action => accept, - ishasmorefrags => false, - provider => 'ip6tables', - } - EOS - - apply_manifest(pp, :catch_failures => true) - end - - it 'should contain the rule' do - shell('ip6tables-save') do |r| - expect(r.stdout).to match(/-A INPUT -p tcp -m multiport --ports 588 -m comment --comment "588 - test" -j ACCEPT/) - end - end - end - end - - describe 'islastfrag' do - context 'true' do - it 'applies' do - pp = <<-EOS - class { '::firewall': } - firewall { '589 - test': - ensure => present, - proto => tcp, - port => '589', - action => accept, - islastfrag => true, - provider => 'ip6tables', - } - EOS - - apply_manifest(pp, :catch_failures => true) - end - - it 'should contain the rule' do - shell('ip6tables-save') do |r| - expect(r.stdout).to match(/-A INPUT -p tcp -m frag --fragid 0 --fraglast -m multiport --ports 589 -m comment --comment "589 - test" -j ACCEPT/) - end - end - end - - context 'false' do - it 'applies' do - pp = <<-EOS - class { '::firewall': } - firewall { '590 - test': - ensure => present, - proto => tcp, - port => '590', - action => accept, - islastfrag => false, - provider => 'ip6tables', - } - EOS - - apply_manifest(pp, :catch_failures => true) - end - - it 'should contain the rule' do - shell('ip6tables-save') do |r| - expect(r.stdout).to match(/-A INPUT -p tcp -m multiport --ports 590 -m comment --comment "590 - test" -j ACCEPT/) - end - end - end - end - - describe 'isfirstfrag' do - context 'true' do - it 'applies' do - pp = <<-EOS - class { '::firewall': } - firewall { '591 - test': - ensure => present, - proto => tcp, - port => '591', - action => accept, - isfirstfrag => true, - provider => 'ip6tables', - } - EOS - - apply_manifest(pp, :catch_failures => true) - end - - it 'should contain the rule' do - shell('ip6tables-save') do |r| - expect(r.stdout).to match(/-A INPUT -p tcp -m frag --fragid 0 --fragfirst -m multiport --ports 591 -m comment --comment "591 - test" -j ACCEPT/) - end - end - end - - context 'false' do - it 'applies' do - pp = <<-EOS - class { '::firewall': } - firewall { '592 - test': - ensure => present, - proto => tcp, - port => '592', - action => accept, - isfirstfrag => false, - provider => 'ip6tables', - } - EOS - - apply_manifest(pp, :catch_failures => true) - end - - it 'should contain the rule' do - shell('ip6tables-save') do |r| - expect(r.stdout).to match(/-A INPUT -p tcp -m multiport --ports 592 -m comment --comment "592 - test" -j ACCEPT/) - end - end - end - end - - describe 'tcp_flags' do - context 'FIN,SYN ACK' do - it 'applies' do - pp = <<-EOS - class { '::firewall': } - firewall { '593 - test': - proto => tcp, - action => accept, - tcp_flags => 'FIN,SYN ACK', - provider => 'ip6tables', - } - EOS - - apply_manifest(pp, :catch_failures => true) - end - - it 'should contain the rule' do - shell('ip6tables-save') do |r| - expect(r.stdout).to match(/-A INPUT -p tcp -m tcp --tcp-flags FIN,SYN ACK -m comment --comment "593 - test" -j ACCEPT/) - end - end - end - end - - describe 'src_range' do - context '2001:db8::1-2001:db8::ff' do - it 'applies' do - pp = <<-EOS - class { '::firewall': } - firewall { '601 - test': - proto => tcp, - port => '601', - action => accept, - src_range => '2001:db8::1-2001:db8::ff', - provider => 'ip6tables', - } - EOS - - apply_manifest(pp, :catch_failures => true) - apply_manifest(pp, :catch_changes => do_catch_changes) - end - - it 'should contain the rule' do - shell('ip6tables-save') do |r| - expect(r.stdout).to match(/-A INPUT -p tcp -m iprange --src-range 2001:db8::1-2001:db8::ff -m multiport --ports 601 -m comment --comment "601 - test" -j ACCEPT/) - end - end - end - - # Invalid IP - context '2001::db8::1-2001:db8::ff' do - it 'applies' do - pp = <<-EOS - class { '::firewall': } - firewall { '601 - test': - proto => tcp, - port => '601', - action => accept, - provider => 'ip6tables', - src_range => '2001::db8::1-2001:db8::ff', - } - EOS - - apply_manifest(pp, :expect_failures => true) do |r| - expect(r.stderr).to match(/Invalid IP address "2001::db8::1" in range "2001::db8::1-2001:db8::ff"/) - end - end - - it 'should not contain the rule' do - shell('ip6tables-save') do |r| - expect(r.stdout).to_not match(/-A INPUT -p tcp -m iprange --src-range 2001::db8::1-2001:db8::ff -m multiport --ports 601 -m comment --comment "601 - test" -j ACCEPT/) - end - end - end - end - - describe 'dst_range' do - context '2001:db8::1-2001:db8::ff' do - it 'applies' do - pp = <<-EOS - class { '::firewall': } - firewall { '602 - test': - proto => tcp, - port => '602', - action => accept, - dst_range => '2001:db8::1-2001:db8::ff', - provider => 'ip6tables', - } - EOS - - apply_manifest(pp, :catch_failures => true) - apply_manifest(pp, :catch_changes => do_catch_changes) - end - - it 'should contain the rule' do - shell('ip6tables-save') do |r| - expect(r.stdout).to match(/-A INPUT -p tcp -m iprange --dst-range 2001:db8::1-2001:db8::ff -m multiport --ports 602 -m comment --comment "602 - test" -j ACCEPT/) - end - end - end - - # Invalid IP - context '2001::db8::1-2001:db8::ff' do - it 'applies' do - pp = <<-EOS - class { '::firewall': } - firewall { '602 - test': - proto => tcp, - port => '602', - action => accept, - provider => 'ip6tables', - dst_range => '2001::db8::1-2001:db8::ff', - } - EOS - - apply_manifest(pp, :expect_failures => true) do |r| - expect(r.stderr).to match(/Invalid IP address "2001::db8::1" in range "2001::db8::1-2001:db8::ff"/) - end - end - - it 'should not contain the rule' do - shell('ip6tables-save') do |r| - expect(r.stdout).to_not match(/-A INPUT -p tcp -m iprange --dst-range 2001::db8::1-2001:db8::ff -m multiport --ports 602 -m comment --comment "602 - test" -j ACCEPT/) - end - end - end - end - - describe 'mac_source' do - context '0A:1B:3C:4D:5E:6F' do - it 'applies' do - pp = <<-EOS - class { '::firewall': } - firewall { '604 - test': - ensure => present, - source => '2001:db8::1/128', - mac_source => '0A:1B:3C:4D:5E:6F', - chain => 'INPUT', - provider => 'ip6tables', - } - EOS - - apply_manifest(pp, :catch_failures => true) - end - - it 'should contain the rule' do - shell('ip6tables-save') do |r| - expect(r.stdout).to match(/-A INPUT -s 2001:db8::1\/(128|ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff) -p tcp -m mac --mac-source 0A:1B:3C:4D:5E:6F -m comment --comment "604 - test"/) - end - end - end - end - - # ip6tables has limited `-m socket` support - if default['platform'] !~ /el-5/ and default['platform'] !~ /ubuntu-10\.04/ and default['platform'] !~ /debian-6/ and default['platform'] !~ /sles/ - describe 'socket' do - context 'true' do - it 'applies' do - pp = <<-EOS - class { '::firewall': } - firewall { '605 - test': - ensure => present, - proto => tcp, - port => '605', - action => accept, - chain => 'INPUT', - socket => true, - provider => 'ip6tables', - } - EOS - - apply_manifest(pp, :catch_failures => true) - end - - it 'should contain the rule' do - shell('ip6tables-save') do |r| - expect(r.stdout).to match(/-A INPUT -p tcp -m multiport --ports 605 -m socket -m comment --comment "605 - test" -j ACCEPT/) - end - end - end - - context 'false' do - it 'applies' do - pp = <<-EOS - class { '::firewall': } - firewall { '606 - test': - ensure => present, - proto => tcp, - port => '606', - action => accept, - chain => 'INPUT', - socket => false, - provider => 'ip6tables', - } - EOS - - apply_manifest(pp, :catch_failures => true) - end - - it 'should contain the rule' do - shell('ip6tables-save') do |r| - expect(r.stdout).to match(/-A INPUT -p tcp -m multiport --ports 606 -m comment --comment "606 - test" -j ACCEPT/) - end - end - end - end - end - - describe 'ipsec_policy' do - context 'ipsec' do - it 'applies' do - pp = <<-EOS - class { '::firewall': } - firewall { '607 - test': - ensure => 'present', - action => 'reject', - chain => 'OUTPUT', - destination => '2001:db8::1/128', - ipsec_dir => 'out', - ipsec_policy => 'ipsec', - proto => 'all', - reject => 'icmp6-adm-prohibited', - table => 'filter', - provider => 'ip6tables', - } - EOS - - apply_manifest(pp, :catch_failures => true) - end - - it 'should contain the rule' do - shell('ip6tables-save') do |r| - expect(r.stdout).to match(/-A OUTPUT -d 2001:db8::1\/(128|ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff) -m comment --comment "607 - test" -m policy --dir out --pol ipsec -j REJECT --reject-with icmp6-adm-prohibited/) - end - end - end - - context 'none' do - it 'applies' do - pp = <<-EOS - class { '::firewall': } - firewall { '608 - test': - ensure => 'present', - action => 'reject', - chain => 'OUTPUT', - destination => '2001:db8::1/128', - ipsec_dir => 'out', - ipsec_policy => 'none', - proto => 'all', - reject => 'icmp6-adm-prohibited', - table => 'filter', - provider => 'ip6tables', - } - EOS - - apply_manifest(pp, :catch_failures => true) - end - - it 'should contain the rule' do - shell('ip6tables-save') do |r| - expect(r.stdout).to match(/-A OUTPUT -d 2001:db8::1\/(128|ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff) -m comment --comment "608 - test" -m policy --dir out --pol none -j REJECT --reject-with icmp6-adm-prohibited/) - end - end - end - end - - describe 'ipsec_dir' do - context 'out' do - it 'applies' do - pp = <<-EOS - class { '::firewall': } - firewall { '609 - test': - ensure => 'present', - action => 'reject', - chain => 'OUTPUT', - destination => '2001:db8::1/128', - ipsec_dir => 'out', - ipsec_policy => 'ipsec', - proto => 'all', - reject => 'icmp6-adm-prohibited', - table => 'filter', - provider => 'ip6tables', - } - EOS - - apply_manifest(pp, :catch_failures => true) - end - - it 'should contain the rule' do - shell('ip6tables-save') do |r| - expect(r.stdout).to match(/-A OUTPUT -d 2001:db8::1\/(128|ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff) -m comment --comment "609 - test" -m policy --dir out --pol ipsec -j REJECT --reject-with icmp6-adm-prohibited/) - end - end - end - - context 'in' do - it 'applies' do - pp = <<-EOS - class { '::firewall': } - firewall { '610 - test': - ensure => 'present', - action => 'reject', - chain => 'INPUT', - destination => '2001:db8::1/128', - ipsec_dir => 'in', - ipsec_policy => 'none', - proto => 'all', - reject => 'icmp6-adm-prohibited', - table => 'filter', - provider => 'ip6tables', - } - EOS - - apply_manifest(pp, :catch_failures => true) - end - - it 'should contain the rule' do - shell('ip6tables-save') do |r| - expect(r.stdout).to match(/-A INPUT -d 2001:db8::1\/(128|ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff) -m comment --comment "610 - test" -m policy --dir in --pol none -j REJECT --reject-with icmp6-adm-prohibited/) - end - end - end - end - - describe 'set_mark' do - context '0x3e8/0xffffffff' do - it 'applies' do - pp = <<-EOS - class { '::firewall': } - firewall { '611 - test': - ensure => present, - chain => 'OUTPUT', - proto => tcp, - port => '611', - jump => 'MARK', - table => 'mangle', - set_mark => '0x3e8/0xffffffff', - provider => 'ip6tables', - } - EOS - - apply_manifest(pp, :catch_failures => true) - end - - it 'should contain the rule' do - shell('ip6tables-save -t mangle') do |r| - expect(r.stdout).to match(/-A OUTPUT -p tcp -m multiport --ports 611 -m comment --comment "611 - test" -j MARK --set-xmark 0x3e8\/0xffffffff/) - end - end - end - end - - #ip6tables only supports ipset, addrtype, and mask on a limited set of platforms - if default['platform'] =~ /el-7/ or default['platform'] =~ /debian-7/ or default['platform'] =~ /ubuntu-14\.04/ - #ipset is really difficult to test, just testing on one platform - if default['platform'] =~ /ubuntu-14\.04/ - describe 'ipset' do - it 'applies' do - pp = <<-EOS - exec { 'hackery pt 1': - command => 'service iptables-persistent flush', - path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', - } - package { 'ipset': - ensure => present, - require => Exec['hackery pt 1'], - } - exec { 'hackery pt 2': - command => 'service iptables-persistent start', - path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', - require => Package['ipset'], - } - class { '::firewall': } - exec { 'create ipset': - command => 'ipset create blacklist hash:ip,port family inet6 maxelem 1024 hashsize 65535 timeout 120', - path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', - require => Package['ipset'], - } - exec { 'add blacklist': - command => 'ipset add blacklist 2001:db8::1,80', - path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', - require => Exec['create ipset'], - } - firewall { '612 - test': - ensure => present, - chain => 'INPUT', - proto => tcp, - action => drop, - ipset => 'blacklist src,src', - provider => 'ip6tables', - require => Exec['add blacklist'], - } - EOS - - apply_manifest(pp, :catch_failures => true) - end - - it 'should contain the rule' do - shell('ip6tables-save') do |r| - expect(r.stdout).to match(/-A INPUT -p tcp -m comment --comment "612 - test" -m set --match-set blacklist src,src -j DROP/) - end - end - end - end - - # mask isn't supported on deb7 - if default['platform'] !~ /debian-7/ - describe 'mask' do - it 'applies' do - pp = <<-EOS - class { '::firewall': } - firewall { '613 - test': - recent => 'update', - rseconds => 60, - rsource => true, - rname => 'test', - action => 'drop', - chain => 'FORWARD', - mask => 'ffff::', - provider => 'ip6tables', - } - EOS - - apply_manifest(pp, :catch_failures => true) - end - - it 'should contain the rule' do - shell('ip6tables-save') do |r| - expect(r.stdout).to match(/-A FORWARD -p tcp -m comment --comment "613 - test" -m recent --update --seconds 60 --name test --mask ffff:: --rsource -j DROP/) - end - end - end - end - - ['dst_type', 'src_type'].each do |type| - describe "#{type}" do - context 'MULTICAST' do - it 'applies' do - pp = <<-EOS - class { '::firewall': } - firewall { '603 - test': - proto => tcp, - action => accept, - #{type} => 'MULTICAST', - provider => 'ip6tables', - } - EOS - - apply_manifest(pp, :catch_failures => true) - apply_manifest(pp, :catch_changes => do_catch_changes) - end - - it 'should contain the rule' do - shell('ip6tables-save') do |r| - expect(r.stdout).to match(/-A INPUT -p tcp -m addrtype\s.*\sMULTICAST -m comment --comment "603 - test" -j ACCEPT/) - end - end - end - - context '! MULTICAST' do - it 'applies' do - pp = <<-EOS - class { '::firewall': } - firewall { '603 - test inversion': - proto => tcp, - action => accept, - #{type} => '! MULTICAST', - provider => 'ip6tables', - } - EOS - - apply_manifest(pp, :catch_failures => true) - apply_manifest(pp, :catch_changes => do_catch_changes) - end - - it 'should contain the rule' do - shell('ip6tables-save') do |r| - expect(r.stdout).to match(/-A INPUT -p tcp -m addrtype( !\s.*\sMULTICAST|\s.*\s! MULTICAST) -m comment --comment "603 - test inversion" -j ACCEPT/) - end - end - end - - context 'BROKEN' do - it 'fails' do - pp = <<-EOS - class { '::firewall': } - firewall { '603 - test': - proto => tcp, - action => accept, - #{type} => 'BROKEN', - provider => 'ip6tables', - } - EOS - - apply_manifest(pp, :expect_failures => true) do |r| - expect(r.stderr).to match(/Invalid value "BROKEN"./) - end - end - - it 'should not contain the rule' do - shell('ip6tables-save') do |r| - expect(r.stdout).to_not match(/-A INPUT -p tcp -m addrtype\s.*\sBROKEN -m comment --comment "603 - test" -j ACCEPT/) - end - end - end - end - end - end - - end - - describe 'limit' do - context '500/sec' do - it 'applies' do - pp = <<-EOS - class { '::firewall': } - firewall { '572 - test': - ensure => present, - proto => tcp, - port => '572', - action => accept, - limit => '500/sec', - } - EOS - - apply_manifest(pp, :catch_failures => true) - end - - it 'should contain the rule' do - shell('iptables-save') do |r| - expect(r.stdout).to match(/-A INPUT -p tcp -m multiport --ports 572 -m comment --comment "572 - test" -m limit --limit 500\/sec -j ACCEPT/) - end - end - end - end - - describe 'burst' do - context '500' do - it 'applies' do - pp = <<-EOS - class { '::firewall': } - firewall { '573 - test': - ensure => present, - proto => tcp, - port => '573', - action => accept, - limit => '500/sec', - burst => '1500', - } - EOS - - apply_manifest(pp, :catch_failures => true) - end - - it 'should contain the rule' do - shell('iptables-save') do |r| - expect(r.stdout).to match(/-A INPUT -p tcp -m multiport --ports 573 -m comment --comment "573 - test" -m limit --limit 500\/sec --limit-burst 1500 -j ACCEPT/) - end - end - end - - context 'invalid' do - it 'applies' do - pp = <<-EOS - class { '::firewall': } - firewall { '571 - test': - ensure => present, - proto => tcp, - port => '571', - action => accept, - limit => '500/sec', - burst => '1500/sec', - } - EOS - - apply_manifest(pp, :expect_failures => true) do |r| - expect(r.stderr).to match(/Invalid value "1500\/sec"./) - end - end - - it 'should not contain the rule' do - shell('iptables-save') do |r| - expect(r.stdout).to_not match(/-A INPUT -p tcp -m multiport --ports 573 -m comment --comment "573 - test" -m limit --limit 500\/sec --limit-burst 1500\/sec -j ACCEPT/) - end - end - end - end - - describe 'uid' do - context 'nobody' do - it 'applies' do - pp = <<-EOS - class { '::firewall': } - firewall { '574 - test': - ensure => present, - proto => tcp, - chain => 'OUTPUT', - port => '574', - action => accept, - uid => 'nobody', - } - EOS - - apply_manifest(pp, :catch_failures => true) - end - - it 'should contain the rule' do - shell('iptables-save') do |r| - expect(r.stdout).to match(/-A OUTPUT -p tcp -m owner --uid-owner (nobody|\d+) -m multiport --ports 574 -m comment --comment "574 - test" -j ACCEPT/) - end - end - end - end - - describe 'gid' do - context 'root' do - it 'applies' do - pp = <<-EOS - class { '::firewall': } - firewall { '575 - test': - ensure => present, - proto => tcp, - chain => 'OUTPUT', - port => '575', - action => accept, - gid => 'root', - } - EOS - - apply_manifest(pp, :catch_failures => true) - end - - it 'should contain the rule' do - shell('iptables-save') do |r| - expect(r.stdout).to match(/-A OUTPUT -p tcp -m owner --gid-owner (root|\d+) -m multiport --ports 575 -m comment --comment "575 - test" -j ACCEPT/) - end - end - end - end - - #iptables version 1.3.5 does not support masks on MARK rules - if default['platform'] !~ /el-5/ and default['platform'] !~ /sles-10/ - describe 'set_mark' do - context '0x3e8/0xffffffff' do - it 'applies' do - pp = <<-EOS - class { '::firewall': } - firewall { '580 - test': - ensure => present, - chain => 'OUTPUT', - proto => tcp, - port => '580', - jump => 'MARK', - table => 'mangle', - set_mark => '0x3e8/0xffffffff', - } - EOS - - apply_manifest(pp, :catch_failures => true) - end - - it 'should contain the rule' do - shell('iptables-save -t mangle') do |r| - expect(r.stdout).to match(/-A OUTPUT -p tcp -m multiport --ports 580 -m comment --comment "580 - test" -j MARK --set-xmark 0x3e8\/0xffffffff/) - end - end - end - end - end - - describe 'pkttype' do - context 'multicast' do - it 'applies' do - pp = <<-EOS - class { '::firewall': } - firewall { '581 - test': - ensure => present, - proto => tcp, - port => '581', - action => accept, - pkttype => 'multicast', - } - EOS - - apply_manifest(pp, :catch_failures => true) - end - - it 'should contain the rule' do - shell('iptables-save') do |r| - expect(r.stdout).to match(/-A INPUT -p tcp -m multiport --ports 581 -m pkttype --pkt-type multicast -m comment --comment "581 - test" -j ACCEPT/) - end - end - end - - context 'test' do - it 'applies' do - pp = <<-EOS - class { '::firewall': } - firewall { '582 - test': - ensure => present, - proto => tcp, - port => '582', - action => accept, - pkttype => 'test', - } - EOS - - apply_manifest(pp, :expect_failures => true) do |r| - expect(r.stderr).to match(/Invalid value "test"./) - end - end - - it 'should not contain the rule' do - shell('iptables-save') do |r| - expect(r.stdout).to_not match(/-A INPUT -p tcp -m multiport --ports 582 -m pkttype --pkt-type multicast -m comment --comment "582 - test" -j ACCEPT/) - end - end - end - end - - describe 'isfragment' do - context 'true' do - it 'applies' do - pp = <<-EOS - class { '::firewall': } - firewall { '583 - test': - ensure => present, - proto => tcp, - port => '583', - action => accept, - isfragment => true, - } - EOS - - apply_manifest(pp, :catch_failures => true) - end - - it 'should contain the rule' do - shell('iptables-save') do |r| - expect(r.stdout).to match(/-A INPUT -p tcp -f -m multiport --ports 583 -m comment --comment "583 - test" -j ACCEPT/) - end - end - end - - context 'false' do - it 'applies' do - pp = <<-EOS - class { '::firewall': } - firewall { '584 - test': - ensure => present, - proto => tcp, - port => '584', - action => accept, - isfragment => false, - } - EOS - - apply_manifest(pp, :catch_failures => true) - end - - it 'should contain the rule' do - shell('iptables-save') do |r| - expect(r.stdout).to match(/-A INPUT -p tcp -m multiport --ports 584 -m comment --comment "584 - test" -j ACCEPT/) - end - end - end - end - - # RHEL5/SLES does not support -m socket - describe 'socket', :unless => (default['platform'] =~ /el-5/ or fact('operatingsystem') == 'SLES') do - context 'true' do - it 'applies' do - pp = <<-EOS - class { '::firewall': } - firewall { '585 - test': - ensure => present, - proto => tcp, - port => '585', - action => accept, - chain => 'PREROUTING', - table => 'nat', - socket => true, - } - EOS - - apply_manifest(pp, :catch_failures => true) - end - - it 'should contain the rule' do - shell('iptables-save -t nat') do |r| - expect(r.stdout).to match(/-A PREROUTING -p tcp -m multiport --ports 585 -m socket -m comment --comment "585 - test" -j ACCEPT/) - end - end - end - - context 'false' do - it 'applies' do - pp = <<-EOS - class { '::firewall': } - firewall { '586 - test': - ensure => present, - proto => tcp, - port => '586', - action => accept, - chain => 'PREROUTING', - table => 'nat', - socket => false, - } - EOS - - apply_manifest(pp, :catch_failures => true) - end - - it 'should contain the rule' do - shell('iptables-save -t nat') do |r| - expect(r.stdout).to match(/-A PREROUTING -p tcp -m multiport --ports 586 -m comment --comment "586 - test" -j ACCEPT/) - end - end - end - end - - describe 'ipsec_policy' do - context 'ipsec' do - it 'applies' do - pp = <<-EOS - class { '::firewall': } - firewall { '593 - test': - ensure => 'present', - action => 'reject', - chain => 'OUTPUT', - destination => '20.0.0.0/8', - ipsec_dir => 'out', - ipsec_policy => 'ipsec', - proto => 'all', - reject => 'icmp-net-unreachable', - table => 'filter', - } - EOS - - apply_manifest(pp, :catch_failures => true) - end - - it 'should contain the rule' do - shell('iptables-save') do |r| - expect(r.stdout).to match(/-A OUTPUT -d 20.0.0.0\/(8|255\.0\.0\.0) -m comment --comment "593 - test" -m policy --dir out --pol ipsec -j REJECT --reject-with icmp-net-unreachable/) - end - end - end - - context 'none' do - it 'applies' do - pp = <<-EOS - class { '::firewall': } - firewall { '594 - test': - ensure => 'present', - action => 'reject', - chain => 'OUTPUT', - destination => '20.0.0.0/8', - ipsec_dir => 'out', - ipsec_policy => 'none', - proto => 'all', - reject => 'icmp-net-unreachable', - table => 'filter', - } - EOS - - apply_manifest(pp, :catch_failures => true) - end - - it 'should contain the rule' do - shell('iptables-save') do |r| - expect(r.stdout).to match(/-A OUTPUT -d 20.0.0.0\/(8|255\.0\.0\.0) -m comment --comment "594 - test" -m policy --dir out --pol none -j REJECT --reject-with icmp-net-unreachable/) - end - end - end - end - - describe 'ipsec_dir' do - context 'out' do - it 'applies' do - pp = <<-EOS - class { '::firewall': } - firewall { '595 - test': - ensure => 'present', - action => 'reject', - chain => 'OUTPUT', - destination => '20.0.0.0/8', - ipsec_dir => 'out', - ipsec_policy => 'ipsec', - proto => 'all', - reject => 'icmp-net-unreachable', - table => 'filter', - } - EOS - - apply_manifest(pp, :catch_failures => true) - end - - it 'should contain the rule' do - shell('iptables-save') do |r| - expect(r.stdout).to match(/-A OUTPUT -d 20.0.0.0\/(8|255\.0\.0\.0) -m comment --comment "595 - test" -m policy --dir out --pol ipsec -j REJECT --reject-with icmp-net-unreachable/) - end - end - end - - context 'in' do - it 'applies' do - pp = <<-EOS - class { '::firewall': } - firewall { '596 - test': - ensure => 'present', - action => 'reject', - chain => 'INPUT', - destination => '20.0.0.0/8', - ipsec_dir => 'in', - ipsec_policy => 'none', - proto => 'all', - reject => 'icmp-net-unreachable', - table => 'filter', - } - EOS - - apply_manifest(pp, :catch_failures => true) - end - - it 'should contain the rule' do - shell('iptables-save') do |r| - expect(r.stdout).to match(/-A INPUT -d 20.0.0.0\/(8|255\.0\.0\.0) -m comment --comment "596 - test" -m policy --dir in --pol none -j REJECT --reject-with icmp-net-unreachable/) - end - end - end - end - - describe 'recent' do - context 'set' do - it 'applies' do - pp = <<-EOS - class { '::firewall': } - firewall { '597 - test': - ensure => 'present', - chain => 'INPUT', - destination => '30.0.0.0/8', - proto => 'all', - table => 'filter', - recent => 'set', - rdest => true, - rname => 'list1', - } - EOS - - apply_manifest(pp, :catch_failures => true) - end - - it 'should contain the rule' do - shell('iptables-save') do |r| - # Mask added as of Ubuntu 14.04. - expect(r.stdout).to match(/-A INPUT -d 30.0.0.0\/(8|255\.0\.0\.0) -m comment --comment "597 - test" -m recent --set --name list1 (--mask 255.255.255.255 )?--rdest/) - end - end - end - - context 'rcheck' do - it 'applies' do - pp = <<-EOS - class { '::firewall': } - firewall { '598 - test': - ensure => 'present', - chain => 'INPUT', - destination => '30.0.0.0/8', - proto => 'all', - table => 'filter', - recent => 'rcheck', - rsource => true, - rname => 'list1', - rseconds => 60, - rhitcount => 5, - rttl => true, - } - EOS - - apply_manifest(pp, :catch_failures => true) - end - - it 'should contain the rule' do - shell('iptables-save') do |r| - expect(r.stdout).to match(/-A INPUT -d 30.0.0.0\/(8|255\.0\.0\.0) -m comment --comment "598 - test" -m recent --rcheck --seconds 60 --hitcount 5 --rttl --name list1 (--mask 255.255.255.255 )?--rsource/) - end - end - end - - context 'update' do - it 'applies' do - pp = <<-EOS - class { '::firewall': } - firewall { '599 - test': - ensure => 'present', - chain => 'INPUT', - destination => '30.0.0.0/8', - proto => 'all', - table => 'filter', - recent => 'update', - } - EOS - - apply_manifest(pp, :catch_failures => true) - end - - it 'should contain the rule' do - shell('iptables-save') do |r| - expect(r.stdout).to match(/-A INPUT -d 30.0.0.0\/(8|255\.0\.0\.0) -m comment --comment "599 - test" -m recent --update/) - end - end - end - - context 'remove' do - it 'applies' do - pp = <<-EOS - class { '::firewall': } - firewall { '600 - test': - ensure => 'present', - chain => 'INPUT', - destination => '30.0.0.0/8', - proto => 'all', - table => 'filter', - recent => 'remove', - } - EOS - - apply_manifest(pp, :catch_failures => true) - end - - it 'should contain the rule' do - shell('iptables-save') do |r| - expect(r.stdout).to match(/-A INPUT -d 30.0.0.0\/(8|255\.0\.0\.0) -m comment --comment "600 - test" -m recent --remove/) - end - end - end - end - - describe 'mac_source' do - context '0A:1B:3C:4D:5E:6F' do - it 'applies' do - pp = <<-EOS - class { '::firewall': } - firewall { '610 - test': - ensure => present, - source => '10.1.5.28/32', - mac_source => '0A:1B:3C:4D:5E:6F', - chain => 'INPUT', - } - EOS - - apply_manifest(pp, :catch_failures => true) - end - - it 'should contain the rule' do - shell('iptables-save') do |r| - if (fact('osfamily') == 'RedHat' and fact('operatingsystemmajrelease') == '5') or (default['platform'] =~ /sles-10/) - expect(r.stdout).to match(/-A INPUT -s 10.1.5.28 -p tcp -m mac --mac-source 0A:1B:3C:4D:5E:6F -m comment --comment "610 - test"/) - else - expect(r.stdout).to match(/-A INPUT -s 10.1.5.28\/(32|255\.255\.255\.255) -p tcp -m mac --mac-source 0A:1B:3C:4D:5E:6F -m comment --comment "610 - test"/) - end - end - end - end - end - - describe 'reset' do - it 'deletes all rules' do - shell('ip6tables --flush') - shell('iptables --flush; iptables -t nat --flush; iptables -t mangle --flush') - end - end - - describe 'to' do - context 'Destination netmap 192.168.1.1' do - it 'applies' do - pp = <<-EOS - class { '::firewall': } - firewall { '569 - test': - proto => tcp, - table => 'nat', - chain => 'PREROUTING', - jump => 'NETMAP', - source => '200.200.200.200', - to => '192.168.1.1', - } - EOS - - apply_manifest(pp, :catch_failures => true) - end - - it 'should contain the rule' do - shell('iptables-save -t nat') do |r| - expect(r.stdout).to match(/-A PREROUTING -s 200.200.200.200(\/32)? -p tcp -m comment --comment "569 - test" -j NETMAP --to 192.168.1.1/) - end - end - end - - describe 'reset' do - it 'deletes all rules' do - shell('ip6tables --flush') - shell('iptables --flush; iptables -t nat --flush; iptables -t mangle --flush') - end - end - - context 'Source netmap 192.168.1.1' do - it 'applies' do - pp = <<-EOS - class { '::firewall': } - firewall { '569 - test': - proto => tcp, - table => 'nat', - chain => 'POSTROUTING', - jump => 'NETMAP', - destination => '200.200.200.200', - to => '192.168.1.1', - } - EOS - - apply_manifest(pp, :catch_failures => true) - end - - it 'should contain the rule' do - shell('iptables-save -t nat') do |r| - expect(r.stdout).to match(/-A POSTROUTING -d 200.200.200.200(\/32)? -p tcp -m comment --comment "569 - test" -j NETMAP --to 192.168.1.1/) - end - end - end - end - - context 'log_prefix containing -A' do - it 'adds the rule' do - pp = <<-EOS - class { '::firewall': } - firewall { '700 - test': - jump => 'LOG', - log_prefix => 'FW-A-INPUT: ', - } - EOS - - apply_manifest(pp, :catch_failures => true) - end - - it 'should contain the rule' do - shell('iptables-save') do |r| - expect(r.stdout).to match(/-A INPUT -p tcp -m comment --comment "700 - test" -j LOG --log-prefix "FW-A-INPUT: "/) - end - end - - it 'removes the rule' do - pp = <<-EOS - class { '::firewall': } - firewall { '700 - test': - ensure => absent, - jump => 'LOG', - log_prefix => 'FW-A-INPUT: ', - } - EOS - - apply_manifest(pp, :catch_failures => true) - end - - it 'should not contain the rule' do - shell('iptables-save') do |r| - expect(r.stdout).to_not match(/-A INPUT -p tcp -m comment --comment "700 - test" -j LOG --log-prefix "FW-A-INPUT: "/) - end - end - end - - context 'log_uid is true' do - it 'adds the rule' do - pp = <<-EOS - class { '::firewall': } - firewall { '700 - test log_uid': - chain => 'OUTPUT', - jump => 'LOG', - log_uid => true, - } - EOS - - apply_manifest(pp, :catch_failures => true) - end - - it 'should contain the rule' do - shell('iptables-save') do |r| - expect(r.stdout).to match(/-A OUTPUT -p tcp -m comment --comment "700 - test log_uid" -j LOG --log-uid/) - end - end - - it 'removes the rule' do - pp = <<-EOS - class { '::firewall': } - firewall { '700 - test log_uid': - chain => 'OUTPUT', - jump => 'LOG', - log_uid => false, - ensure => absent, - } - EOS - - apply_manifest(pp, :catch_failures => true) - end - - it 'should not contain the rule' do - shell('iptables-save') do |r| - expect(r.stdout).to_not match(/-A OUTPUT -p tcp -m comment --comment "700 - test log_uid" -j --log-uid/) - end - end - end - - context 'comment containing "-A "' do - it 'adds the rule' do - pp = <<-EOS - class { '::firewall': } - firewall { '700 - blah-A Test Rule': - jump => 'LOG', - log_prefix => 'FW-A-INPUT: ', - } - EOS - - apply_manifest(pp, :catch_failures => true) - end - - it 'should contain the rule' do - shell('iptables-save') do |r| - expect(r.stdout).to match(/-A INPUT -p tcp -m comment --comment "700 - blah-A Test Rule" -j LOG --log-prefix "FW-A-INPUT: "/) - end - end - - it 'removes the rule' do - pp = <<-EOS - class { '::firewall': } - firewall { '700 - blah-A Test Rule': - ensure => absent, - jump => 'LOG', - log_prefix => 'FW-A-INPUT: ', - } - EOS - - apply_manifest(pp, :catch_failures => true) - end - - it 'should not contain the rule' do - shell('iptables-save') do |r| - expect(r.stdout).to_not match(/-A INPUT -p tcp -m comment --comment "700 - blah-A Test Rule" -j LOG --log-prefix "FW-A-INPUT: "/) - end - end - end - - -end diff --git a/firewall/spec/acceptance/firewall_tee_spec.rb b/firewall/spec/acceptance/firewall_tee_spec.rb deleted file mode 100644 index c64c80c69..000000000 --- a/firewall/spec/acceptance/firewall_tee_spec.rb +++ /dev/null @@ -1,65 +0,0 @@ -require 'spec_helper_acceptance' - -describe 'firewall type', :unless => UNSUPPORTED_PLATFORMS.include?(fact('osfamily')) do - - before(:all) do - shell('iptables --flush; iptables -t nat --flush; iptables -t mangle --flush') - shell('ip6tables --flush; ip6tables -t nat --flush; ip6tables -t mangle --flush') - end - - if default['platform'] =~ /ubuntu-1404/ or default['platform'] =~ /ubuntu-1204/ or default['platform'] =~ /debian-7/ or default['platform'] =~ /debian-8/ or default['platform'] =~ /el-7/ - describe 'tee_gateway' do - context '10.0.0.2' do - it 'applies' do - pp = <<-EOS - class { '::firewall': } - firewall { - '810 - tee_gateway': - chain => 'PREROUTING', - table => 'mangle', - jump => 'TEE', - gateway => '10.0.0.2', - proto => all, - } - EOS - - apply_manifest(pp, :catch_failures => true) - end - - it 'should contain the rule' do - shell('iptables-save -t mangle') do |r| - expect(r.stdout).to match(/-A PREROUTING -m comment --comment "810 - tee_gateway" -j TEE --gateway 10.0.0.2/) - end - end - end - end - - describe 'tee_gateway6' do - context '2001:db8::1' do - it 'applies' do - pp = <<-EOS - class { '::firewall': } - firewall { - '811 - tee_gateway6': - chain => 'PREROUTING', - table => 'mangle', - jump => 'TEE', - gateway => '2001:db8::1', - proto => all, - provider => 'ip6tables', - } - EOS - - apply_manifest(pp, :catch_failures => true) - end - - it 'should contain the rule' do - shell('ip6tables-save -t mangle') do |r| - expect(r.stdout).to match(/-A PREROUTING -m comment --comment "811 - tee_gateway6" -j TEE --gateway 2001:db8::1/) - end - end - end - end - end - -end diff --git a/firewall/spec/acceptance/firewall_time_spec.rb b/firewall/spec/acceptance/firewall_time_spec.rb deleted file mode 100644 index e6ea34e3b..000000000 --- a/firewall/spec/acceptance/firewall_time_spec.rb +++ /dev/null @@ -1,77 +0,0 @@ -require 'spec_helper_acceptance' - -describe 'firewall type', :unless => UNSUPPORTED_PLATFORMS.include?(fact('osfamily')) do - - - before(:all) do - shell('iptables --flush; iptables -t nat --flush; iptables -t mangle --flush') - shell('ip6tables --flush; ip6tables -t nat --flush; ip6tables -t mangle --flush') - end - - if default['platform'] =~ /ubuntu-1404/ or default['platform'] =~ /debian-7/ or default['platform'] =~ /debian-8/ or default['platform'] =~ /el-7/ - describe "time tests ipv4" do - context 'set all time parameters' do - it 'applies' do - pp = <<-EOS - class { '::firewall': } - firewall { '805 - test': - proto => tcp, - dport => '8080', - action => accept, - chain => 'OUTPUT', - date_start => '2016-01-19T04:17:07', - date_stop => '2038-01-19T04:17:07', - time_start => '6:00', - time_stop => '17:00:00', - month_days => '7', - week_days => 'Tue', - kernel_timezone => true, - } - EOS - - apply_manifest(pp, :catch_failures => true) - apply_manifest(pp, :catch_changes => do_catch_changes) - end - - it 'should contain the rule' do - shell('iptables-save') do |r| - expect(r.stdout).to match(/-A OUTPUT -p tcp -m multiport --dports 8080 -m comment --comment "805 - test" -m time --timestart 06:00:00 --timestop 17:00:00 --monthdays 7 --weekdays Tue --datestart 2016-01-19T04:17:07 --datestop 2038-01-19T04:17:07 --kerneltz -j ACCEPT/) - end - end - end - end - - describe "time tests ipv6" do - context 'set all time parameters' do - it 'applies' do - pp = <<-EOS - class { '::firewall': } - firewall { '805 - test': - proto => tcp, - dport => '8080', - action => accept, - chain => 'OUTPUT', - date_start => '2016-01-19T04:17:07', - date_stop => '2038-01-19T04:17:07', - time_start => '6:00', - time_stop => '17:00:00', - month_days => '7', - week_days => 'Tue', - kernel_timezone => true, - provider => 'ip6tables', - } - EOS - - apply_manifest(pp, :catch_failures => true) - apply_manifest(pp, :catch_changes => do_catch_changes) - end - - it 'should contain the rule' do - shell('ip6tables-save') do |r| - expect(r.stdout).to match(/-A OUTPUT -p tcp -m multiport --dports 8080 -m comment --comment "805 - test" -m time --timestart 06:00:00 --timestop 17:00:00 --monthdays 7 --weekdays Tue --datestart 2016-01-19T04:17:07 --datestop 2038-01-19T04:17:07 --kerneltz -j ACCEPT/) - end - end - end - end - end -end diff --git a/firewall/spec/acceptance/firewall_uid_spec.rb b/firewall/spec/acceptance/firewall_uid_spec.rb deleted file mode 100644 index ce45333e9..000000000 --- a/firewall/spec/acceptance/firewall_uid_spec.rb +++ /dev/null @@ -1,109 +0,0 @@ -require 'spec_helper_acceptance' - -describe 'firewall type', :unless => UNSUPPORTED_PLATFORMS.include?(fact('osfamily')) do - - describe 'reset' do - it 'deletes all rules' do - shell('iptables --flush; iptables -t nat --flush; iptables -t mangle --flush') - end - it 'deletes all ip6tables rules' do - shell('ip6tables --flush; ip6tables -t nat --flush; ip6tables -t mangle --flush') - end - end - - describe "uid tests" do - context 'uid set to root' do - it 'applies' do - pp = <<-EOS - class { '::firewall': } - firewall { '801 - test': - chain => 'OUTPUT', - action => accept, - uid => 'root', - proto => 'all', - } - EOS - - apply_manifest(pp, :catch_failures => true) - apply_manifest(pp, :catch_changes => do_catch_changes) - end - - it 'should contain the rule' do - shell('iptables-save') do |r| - expect(r.stdout).to match(/-A OUTPUT -m owner --uid-owner (0|root) -m comment --comment "801 - test" -j ACCEPT/) - end - end - end - - context 'uid set to !root' do - it 'applies' do - pp = <<-EOS - class { '::firewall': } - firewall { '802 - test': - chain => 'OUTPUT', - action => accept, - uid => '!root', - proto => 'all', - } - EOS - - apply_manifest(pp, :catch_failures => true) - apply_manifest(pp, :catch_changes => do_catch_changes) - end - - it 'should contain the rule' do - shell('iptables-save') do |r| - expect(r.stdout).to match(/-A OUTPUT -m owner ! --uid-owner (0|root) -m comment --comment "802 - test" -j ACCEPT/) - end - end - end - - context 'uid set to 0' do - it 'applies' do - pp = <<-EOS - class { '::firewall': } - firewall { '803 - test': - chain => 'OUTPUT', - action => accept, - uid => '0', - proto => 'all', - } - EOS - - apply_manifest(pp, :catch_failures => true) - apply_manifest(pp, :catch_changes => do_catch_changes) - end - - it 'should contain the rule' do - shell('iptables-save') do |r| - expect(r.stdout).to match(/-A OUTPUT -m owner --uid-owner (0|root) -m comment --comment "803 - test" -j ACCEPT/) - end - end - end - - context 'uid set to !0' do - it 'applies' do - pp = <<-EOS - class { '::firewall': } - firewall { '804 - test': - chain => 'OUTPUT', - action => accept, - uid => '!0', - proto => 'all', - } - EOS - - apply_manifest(pp, :catch_failures => true) - apply_manifest(pp, :catch_changes => do_catch_changes) - end - - it 'should contain the rule' do - shell('iptables-save') do |r| - expect(r.stdout).to match(/-A OUTPUT -m owner ! --uid-owner (0|root) -m comment --comment "804 - test" -j ACCEPT/) - end - end - end - - end - -end diff --git a/firewall/spec/acceptance/firewallchain_spec.rb b/firewall/spec/acceptance/firewallchain_spec.rb deleted file mode 100644 index eaf71ccd3..000000000 --- a/firewall/spec/acceptance/firewallchain_spec.rb +++ /dev/null @@ -1,125 +0,0 @@ -require 'spec_helper_acceptance' - -describe 'puppet resource firewallchain command:', :unless => UNSUPPORTED_PLATFORMS.include?(fact('osfamily')) do - before :all do - iptables_flush_all_tables - end - describe 'ensure' do - context 'present' do - it 'applies cleanly' do - pp = <<-EOS - firewallchain { 'MY_CHAIN:filter:IPv4': - ensure => present, - } - EOS - # Run it twice and test for idempotency - apply_manifest(pp, :catch_failures => true) - apply_manifest(pp, :catch_changes => do_catch_changes) - end - - it 'finds the chain' do - shell('iptables-save') do |r| - expect(r.stdout).to match(/MY_CHAIN/) - end - end - end - - context 'absent' do - it 'applies cleanly' do - pp = <<-EOS - firewallchain { 'MY_CHAIN:filter:IPv4': - ensure => absent, - } - EOS - # Run it twice and test for idempotency - apply_manifest(pp, :catch_failures => true) - apply_manifest(pp, :catch_changes => do_catch_changes) - end - - it 'fails to find the chain' do - shell('iptables-save') do |r| - expect(r.stdout).to_not match(/MY_CHAIN/) - end - end - end - end - - # XXX purge => false is not yet implemented - #context 'adding a firewall rule to a chain:' do - # it 'applies cleanly' do - # pp = <<-EOS - # firewallchain { 'MY_CHAIN:filter:IPv4': - # ensure => present, - # } - # firewall { '100 my rule': - # chain => 'MY_CHAIN', - # action => 'accept', - # proto => 'tcp', - # dport => 5000, - # } - # EOS - # # Run it twice and test for idempotency - # apply_manifest(pp, :catch_failures => true) - # apply_manifest(pp, :catch_changes => do_catch_changes) - # end - #end - - #context 'not purge firewallchain chains:' do - # it 'does not purge the rule' do - # pp = <<-EOS - # firewallchain { 'MY_CHAIN:filter:IPv4': - # ensure => present, - # purge => false, - # before => Resources['firewall'], - # } - # resources { 'firewall': - # purge => true, - # } - # EOS - # # Run it twice and test for idempotency - # apply_manifest(pp, :catch_failures => true) do |r| - # expect(r.stdout).to_not match(/removed/) - # expect(r.stderr).to eq('') - # end - # apply_manifest(pp, :catch_changes => do_catch_changes) - # end - - # it 'still has the rule' do - # pp = <<-EOS - # firewall { '100 my rule': - # chain => 'MY_CHAIN', - # action => 'accept', - # proto => 'tcp', - # dport => 5000, - # } - # EOS - # # Run it twice and test for idempotency - # apply_manifest(pp, :catch_changes => do_catch_changes) - # end - #end - - describe 'policy' do - after :all do - shell('iptables -t filter -P FORWARD ACCEPT') - end - - context 'DROP' do - it 'applies cleanly' do - pp = <<-EOS - firewallchain { 'FORWARD:filter:IPv4': - policy => 'drop', - } - EOS - # Run it twice and test for idempotency - apply_manifest(pp, :catch_failures => true) - apply_manifest(pp, :catch_changes => do_catch_changes) - end - - it 'finds the chain' do - shell('iptables-save') do |r| - expect(r.stdout).to match(/FORWARD DROP/) - end - end - end - end -end diff --git a/firewall/spec/acceptance/invert_spec.rb b/firewall/spec/acceptance/invert_spec.rb deleted file mode 100644 index 07d698a66..000000000 --- a/firewall/spec/acceptance/invert_spec.rb +++ /dev/null @@ -1,60 +0,0 @@ -require 'spec_helper_acceptance' - -describe 'firewall type', :unless => UNSUPPORTED_PLATFORMS.include?(fact('osfamily')) do - before(:all) do - iptables_flush_all_tables - end - - context "inverting rules" do - it 'applies' do - pp = <<-EOS - class { '::firewall': } - firewall { '601 disallow esp protocol': - action => 'accept', - proto => '! esp', - } - firewall { '602 drop NEW external website packets with FIN/RST/ACK set and SYN unset': - chain => 'INPUT', - state => 'NEW', - action => 'drop', - proto => 'tcp', - sport => ['! http', '! 443'], - source => '! 10.0.0.0/8', - tcp_flags => '! FIN,SYN,RST,ACK SYN', - } - EOS - - apply_manifest(pp, :catch_failures => true) - apply_manifest(pp, :catch_changes => do_catch_changes) - end - - it 'should contain the rules' do - shell('iptables-save') do |r| - if (fact('osfamily') == 'RedHat' and fact('operatingsystemmajrelease') == '5') or (default['platform'] =~ /sles-10/) - expect(r.stdout).to match(/-A INPUT -p ! esp -m comment --comment "601 disallow esp protocol" -j ACCEPT/) - expect(r.stdout).to match(/-A INPUT -s ! 10\.0\.0\.0\/255\.0\.0\.0 -p tcp -m tcp ! --tcp-flags FIN,SYN,RST,ACK SYN -m multiport --sports ! 80,443 -m comment --comment "602 drop NEW external website packets with FIN\/RST\/ACK set and SYN unset" -m state --state NEW -j DROP/) - else - expect(r.stdout).to match(/-A INPUT ! -p esp -m comment --comment "601 disallow esp protocol" -j ACCEPT/) - expect(r.stdout).to match(/-A INPUT ! -s 10\.0\.0\.0\/8 -p tcp -m tcp ! --tcp-flags FIN,SYN,RST,ACK SYN -m multiport ! --sports 80,443 -m comment --comment "602 drop NEW external website packets with FIN\/RST\/ACK set and SYN unset" -m state --state NEW -j DROP/) - end - end - end - end - context "inverting partial array rules" do - it 'raises a failure' do - pp = <<-EOS - class { '::firewall': } - firewall { '603 drop 80,443 traffic': - chain => 'INPUT', - action => 'drop', - proto => 'tcp', - sport => ['! http', '443'], - } - EOS - - apply_manifest(pp, :expect_failures => true) do |r| - expect(r.stderr).to match(/is not prefixed/) - end - end - end -end diff --git a/firewall/spec/acceptance/ip6_fragment_spec.rb b/firewall/spec/acceptance/ip6_fragment_spec.rb deleted file mode 100644 index 64728ed40..000000000 --- a/firewall/spec/acceptance/ip6_fragment_spec.rb +++ /dev/null @@ -1,114 +0,0 @@ -require 'spec_helper_acceptance' - -if default['platform'] =~ /el-5/ or default['platform'] =~ /sles-10/ - describe "firewall ip6tables doesn't work on 1.3.5 because --comment is missing", :unless => UNSUPPORTED_PLATFORMS.include?(fact('osfamily')) do - before :all do - ip6tables_flush_all_tables - end - - it "can't use ip6tables" do - pp = <<-EOS - class { '::firewall': } - firewall { '599 - test': - ensure => present, - proto => 'tcp', - provider => 'ip6tables', - } - EOS - expect(apply_manifest(pp, :expect_failures => true).stderr).to match(/ip6tables provider is not supported/) - end - end -else - describe 'firewall ishasmorefrags/islastfrag/isfirstfrag properties', :unless => UNSUPPORTED_PLATFORMS.include?(fact('osfamily')) do - before :all do - ip6tables_flush_all_tables - end - - shared_examples "is idempotent" do |values, line_match| - it "changes the values to #{values}" do - pp = <<-EOS - class { '::firewall': } - firewall { '599 - test': - ensure => present, - proto => 'tcp', - provider => 'ip6tables', - #{values} - } - EOS - - apply_manifest(pp, :catch_failures => true) - apply_manifest(pp, :catch_changes => do_catch_changes) - - shell('ip6tables-save') do |r| - expect(r.stdout).to match(/#{line_match}/) - end - end - end - shared_examples "doesn't change" do |values, line_match| - it "doesn't change the values to #{values}" do - pp = <<-EOS - class { '::firewall': } - firewall { '599 - test': - ensure => present, - proto => 'tcp', - provider => 'ip6tables', - #{values} - } - EOS - - apply_manifest(pp, :catch_changes => do_catch_changes) - - shell('ip6tables-save') do |r| - expect(r.stdout).to match(/#{line_match}/) - end - end - end - - describe 'adding a rule' do - context 'when unset' do - before :all do - ip6tables_flush_all_tables - end - it_behaves_like 'is idempotent', '', /-A INPUT -p tcp -m comment --comment "599 - test"/ - end - context 'when set to true' do - before :all do - ip6tables_flush_all_tables - end - it_behaves_like "is idempotent", 'ishasmorefrags => true, islastfrag => true, isfirstfrag => true', /-A INPUT -p tcp -m frag --fragid 0 --fragmore -m frag --fragid 0 --fraglast -m frag --fragid 0 --fragfirst -m comment --comment "599 - test"/ - end - context 'when set to false' do - before :all do - ip6tables_flush_all_tables - end - it_behaves_like "is idempotent", 'ishasmorefrags => false, islastfrag => false, isfirstfrag => false', /-A INPUT -p tcp -m comment --comment "599 - test"/ - end - end - describe 'editing a rule' do - context 'when unset or false' do - before :each do - ip6tables_flush_all_tables - shell('ip6tables -A INPUT -p tcp -m comment --comment "599 - test"') - end - context 'and current value is false' do - it_behaves_like "doesn't change", 'ishasmorefrags => false, islastfrag => false, isfirstfrag => false', /-A INPUT -p tcp -m comment --comment "599 - test"/ - end - context 'and current value is true' do - it_behaves_like "is idempotent", 'ishasmorefrags => true, islastfrag => true, isfirstfrag => true', /-A INPUT -p tcp -m frag --fragid 0 --fragmore -m frag --fragid 0 --fraglast -m frag --fragid 0 --fragfirst -m comment --comment "599 - test"/ - end - end - context 'when set to true' do - before :each do - ip6tables_flush_all_tables - shell('ip6tables -A INPUT -p tcp -m frag --fragid 0 --fragmore -m frag --fragid 0 --fraglast -m frag --fragid 0 --fragfirst -m comment --comment "599 - test"') - end - context 'and current value is false' do - it_behaves_like "is idempotent", 'ishasmorefrags => false, islastfrag => false, isfirstfrag => false', /-A INPUT -p tcp -m comment --comment "599 - test"/ - end - context 'and current value is true' do - it_behaves_like "doesn't change", 'ishasmorefrags => true, islastfrag => true, isfirstfrag => true', /-A INPUT -p tcp -m frag --fragid 0 --fragmore -m frag --fragid 0 --fraglast -m frag --fragid 0 --fragfirst -m comment --comment "599 - test"/ - end - end - end - end -end diff --git a/firewall/spec/acceptance/isfragment_spec.rb b/firewall/spec/acceptance/isfragment_spec.rb deleted file mode 100644 index f48f27234..000000000 --- a/firewall/spec/acceptance/isfragment_spec.rb +++ /dev/null @@ -1,92 +0,0 @@ -require 'spec_helper_acceptance' - -describe 'firewall isfragment property', :unless => UNSUPPORTED_PLATFORMS.include?(fact('osfamily')) do - before :all do - iptables_flush_all_tables - end - - shared_examples "is idempotent" do |value, line_match| - it "changes the value to #{value}" do - pp = <<-EOS - class { '::firewall': } - firewall { '597 - test': - ensure => present, - proto => 'tcp', - #{value} - } - EOS - - apply_manifest(pp, :catch_failures => true) - apply_manifest(pp, :catch_changes => do_catch_changes) - - shell('iptables-save') do |r| - expect(r.stdout).to match(/#{line_match}/) - end - end - end - shared_examples "doesn't change" do |value, line_match| - it "doesn't change the value to #{value}" do - pp = <<-EOS - class { '::firewall': } - firewall { '597 - test': - ensure => present, - proto => 'tcp', - #{value} - } - EOS - - apply_manifest(pp, :catch_changes => do_catch_changes) - - shell('iptables-save') do |r| - expect(r.stdout).to match(/#{line_match}/) - end - end - end - - describe 'adding a rule' do - context 'when unset' do - before :all do - iptables_flush_all_tables - end - it_behaves_like 'is idempotent', '', /-A INPUT -p tcp -m comment --comment "597 - test"/ - end - context 'when set to true' do - before :all do - iptables_flush_all_tables - end - it_behaves_like 'is idempotent', 'isfragment => true,', /-A INPUT -p tcp -f -m comment --comment "597 - test"/ - end - context 'when set to false' do - before :all do - iptables_flush_all_tables - end - it_behaves_like "is idempotent", 'isfragment => false,', /-A INPUT -p tcp -m comment --comment "597 - test"/ - end - end - describe 'editing a rule' do - context 'when unset or false' do - before :each do - iptables_flush_all_tables - shell('iptables -A INPUT -p tcp -m comment --comment "597 - test"') - end - context 'and current value is false' do - it_behaves_like "doesn't change", 'isfragment => false,', /-A INPUT -p tcp -m comment --comment "597 - test"/ - end - context 'and current value is true' do - it_behaves_like "is idempotent", 'isfragment => true,', /-A INPUT -p tcp -f -m comment --comment "597 - test"/ - end - end - context 'when set to true' do - before :each do - iptables_flush_all_tables - shell('iptables -A INPUT -p tcp -f -m comment --comment "597 - test"') - end - context 'and current value is false' do - it_behaves_like "is idempotent", 'isfragment => false,', /-A INPUT -p tcp -m comment --comment "597 - test"/ - end - context 'and current value is true' do - it_behaves_like "doesn't change", 'isfragment => true,', /-A INPUT -p tcp -f -m comment --comment "597 - test"/ - end - end - end -end diff --git a/firewall/spec/acceptance/match_mark_spec.rb b/firewall/spec/acceptance/match_mark_spec.rb deleted file mode 100644 index cf5858db0..000000000 --- a/firewall/spec/acceptance/match_mark_spec.rb +++ /dev/null @@ -1,58 +0,0 @@ -require 'spec_helper_acceptance' - -describe 'firewall type', :unless => UNSUPPORTED_PLATFORMS.include?(fact('osfamily')) do - - before(:all) do - shell('iptables --flush; iptables -t nat --flush; iptables -t mangle --flush') - shell('ip6tables --flush; ip6tables -t nat --flush; ip6tables -t mangle --flush') - end - - if default['platform'] !~ /el-5/ and default['platform'] !~ /sles-10/ - describe 'match_mark' do - context '0x1' do - it 'applies' do - pp = <<-EOS - class { '::firewall': } - firewall { '503 match_mark - test': - proto => 'all', - match_mark => '0x1', - action => reject, - } - EOS - - apply_manifest(pp, :catch_failures => true) - end - - it 'should contain the rule' do - shell('iptables-save') do |r| - expect(r.stdout).to match(/-A INPUT -m comment --comment "503 match_mark - test" -m mark --mark 0x1 -j REJECT --reject-with icmp-port-unreachable/) - end - end - end - end - - describe 'match_mark_ip6' do - context '0x1' do - it 'applies' do - pp = <<-EOS - class { '::firewall': } - firewall { '503 match_mark ip6tables - test': - proto => 'all', - match_mark => '0x1', - action => reject, - provider => 'ip6tables', - } - EOS - - apply_manifest(pp, :catch_failures => true) - end - - it 'should contain the rule' do - shell('ip6tables-save') do |r| - expect(r.stdout).to match(/-A INPUT -m comment --comment "503 match_mark ip6tables - test" -m mark --mark 0x1 -j REJECT --reject-with icmp6-port-unreachable/) - end - end - end - end - end -end diff --git a/firewall/spec/acceptance/nodesets/centos-59-x64-pe.yml b/firewall/spec/acceptance/nodesets/centos-59-x64-pe.yml deleted file mode 100644 index 3a6470bea..000000000 --- a/firewall/spec/acceptance/nodesets/centos-59-x64-pe.yml +++ /dev/null @@ -1,12 +0,0 @@ -HOSTS: - centos-59-x64: - roles: - - master - - database - - console - platform: el-5-x86_64 - box : centos-59-x64-vbox4210-nocm - box_url : http://puppet-vagrant-boxes.puppetlabs.com/centos-59-x64-vbox4210-nocm.box - hypervisor : vagrant -CONFIG: - type: pe diff --git a/firewall/spec/acceptance/nodesets/centos-59-x64.yml b/firewall/spec/acceptance/nodesets/centos-59-x64.yml deleted file mode 100644 index 2ad90b86a..000000000 --- a/firewall/spec/acceptance/nodesets/centos-59-x64.yml +++ /dev/null @@ -1,10 +0,0 @@ -HOSTS: - centos-59-x64: - roles: - - master - platform: el-5-x86_64 - box : centos-59-x64-vbox4210-nocm - box_url : http://puppet-vagrant-boxes.puppetlabs.com/centos-59-x64-vbox4210-nocm.box - hypervisor : vagrant -CONFIG: - type: git diff --git a/firewall/spec/acceptance/nodesets/centos-64-x64-fusion.yml b/firewall/spec/acceptance/nodesets/centos-64-x64-fusion.yml deleted file mode 100644 index d5166735e..000000000 --- a/firewall/spec/acceptance/nodesets/centos-64-x64-fusion.yml +++ /dev/null @@ -1,10 +0,0 @@ -HOSTS: - centos-64-x64: - roles: - - master - platform: el-6-x86_64 - box : centos-64-x64-fusion503-nocm - box_url : http://puppet-vagrant-boxes.puppetlabs.com/centos-64-x64-fusion503-nocm.box - hypervisor : fusion -CONFIG: - type: foss diff --git a/firewall/spec/acceptance/nodesets/centos-64-x64-pe.yml b/firewall/spec/acceptance/nodesets/centos-64-x64-pe.yml deleted file mode 100644 index 7d9242f1b..000000000 --- a/firewall/spec/acceptance/nodesets/centos-64-x64-pe.yml +++ /dev/null @@ -1,12 +0,0 @@ -HOSTS: - centos-64-x64: - roles: - - master - - database - - dashboard - platform: el-6-x86_64 - box : centos-64-x64-vbox4210-nocm - box_url : http://puppet-vagrant-boxes.puppetlabs.com/centos-64-x64-vbox4210-nocm.box - hypervisor : vagrant -CONFIG: - type: pe diff --git a/firewall/spec/acceptance/nodesets/centos-64-x64.yml b/firewall/spec/acceptance/nodesets/centos-64-x64.yml deleted file mode 100644 index 05540ed8c..000000000 --- a/firewall/spec/acceptance/nodesets/centos-64-x64.yml +++ /dev/null @@ -1,10 +0,0 @@ -HOSTS: - centos-64-x64: - roles: - - master - platform: el-6-x86_64 - box : centos-64-x64-vbox4210-nocm - box_url : http://puppet-vagrant-boxes.puppetlabs.com/centos-64-x64-vbox4210-nocm.box - hypervisor : vagrant -CONFIG: - type: foss diff --git a/firewall/spec/acceptance/nodesets/centos-65-x64.yml b/firewall/spec/acceptance/nodesets/centos-65-x64.yml deleted file mode 100644 index 4e2cb809e..000000000 --- a/firewall/spec/acceptance/nodesets/centos-65-x64.yml +++ /dev/null @@ -1,10 +0,0 @@ -HOSTS: - centos-65-x64: - roles: - - master - platform: el-6-x86_64 - box : centos-65-x64-vbox436-nocm - box_url : http://puppet-vagrant-boxes.puppetlabs.com/centos-65-x64-virtualbox-nocm.box - hypervisor : vagrant -CONFIG: - type: foss diff --git a/firewall/spec/acceptance/nodesets/centos-7-x64.yml b/firewall/spec/acceptance/nodesets/centos-7-x64.yml deleted file mode 100644 index f20fe44d9..000000000 --- a/firewall/spec/acceptance/nodesets/centos-7-x64.yml +++ /dev/null @@ -1,11 +0,0 @@ -HOSTS: - centos-7-x64: - roles: - - master - platform: el-7-x86_64 - box : puppetlabs/centos-7.0-64-nocm - box_url : http://puppet-vagrant-boxes.puppetlabs.com/centos-7.0-64-virtualbox-nocm.box - hypervisor : vagrant -CONFIG: - type: foss - log_level: verbose \ No newline at end of file diff --git a/firewall/spec/acceptance/nodesets/debian-607-x64.yml b/firewall/spec/acceptance/nodesets/debian-607-x64.yml deleted file mode 100644 index 4c8be42d0..000000000 --- a/firewall/spec/acceptance/nodesets/debian-607-x64.yml +++ /dev/null @@ -1,10 +0,0 @@ -HOSTS: - debian-607-x64: - roles: - - master - platform: debian-6-amd64 - box : debian-607-x64-vbox4210-nocm - box_url : http://puppet-vagrant-boxes.puppetlabs.com/debian-607-x64-vbox4210-nocm.box - hypervisor : vagrant -CONFIG: - type: git diff --git a/firewall/spec/acceptance/nodesets/debian-70rc1-x64.yml b/firewall/spec/acceptance/nodesets/debian-70rc1-x64.yml deleted file mode 100644 index 19181c123..000000000 --- a/firewall/spec/acceptance/nodesets/debian-70rc1-x64.yml +++ /dev/null @@ -1,10 +0,0 @@ -HOSTS: - debian-70rc1-x64: - roles: - - master - platform: debian-7-amd64 - box : debian-70rc1-x64-vbox4210-nocm - box_url : http://puppet-vagrant-boxes.puppetlabs.com/debian-70rc1-x64-vbox4210-nocm.box - hypervisor : vagrant -CONFIG: - type: git diff --git a/firewall/spec/acceptance/nodesets/default.yml b/firewall/spec/acceptance/nodesets/default.yml deleted file mode 100644 index 05540ed8c..000000000 --- a/firewall/spec/acceptance/nodesets/default.yml +++ /dev/null @@ -1,10 +0,0 @@ -HOSTS: - centos-64-x64: - roles: - - master - platform: el-6-x86_64 - box : centos-64-x64-vbox4210-nocm - box_url : http://puppet-vagrant-boxes.puppetlabs.com/centos-64-x64-vbox4210-nocm.box - hypervisor : vagrant -CONFIG: - type: foss diff --git a/firewall/spec/acceptance/nodesets/fedora-18-x64.yml b/firewall/spec/acceptance/nodesets/fedora-18-x64.yml deleted file mode 100644 index 624b53716..000000000 --- a/firewall/spec/acceptance/nodesets/fedora-18-x64.yml +++ /dev/null @@ -1,10 +0,0 @@ -HOSTS: - fedora-18-x64: - roles: - - master - platform: fedora-18-x86_64 - box : fedora-18-x64-vbox4210-nocm - box_url : http://puppet-vagrant-boxes.puppetlabs.com/fedora-18-x64-vbox4210-nocm.box - hypervisor : vagrant -CONFIG: - type: git diff --git a/firewall/spec/acceptance/nodesets/new/aio/redhat-6-64mda.yml b/firewall/spec/acceptance/nodesets/new/aio/redhat-6-64mda.yml deleted file mode 100644 index 9e63eebc7..000000000 --- a/firewall/spec/acceptance/nodesets/new/aio/redhat-6-64mda.yml +++ /dev/null @@ -1,28 +0,0 @@ ---- -HOSTS: - redhat-6-x86_64-agent: - roles: - - agent - - default - platform: el-6-x86_64 - template: redhat-6-x86_64 - hypervisor: vcloud - redhat-7-x86_64-master: - roles: - - master - - dashboard - - database - - agent - platform: el-7-x86_64 - template: redhat-7-x86_64 - hypervisor: vcloud -CONFIG: - nfs_server: none - consoleport: 443 - datastore: instance0 - folder: Delivery/Quality Assurance/Enterprise/Dynamic - resourcepool: delivery/Quality Assurance/Enterprise/Dynamic - pooling_api: http://vcloud.delivery.puppetlabs.net/ - type: aio - ssh: - timeout: 600 \ No newline at end of file diff --git a/firewall/spec/acceptance/nodesets/new/aio/redhat-7-64mda.yml b/firewall/spec/acceptance/nodesets/new/aio/redhat-7-64mda.yml deleted file mode 100644 index b9c352be3..000000000 --- a/firewall/spec/acceptance/nodesets/new/aio/redhat-7-64mda.yml +++ /dev/null @@ -1,28 +0,0 @@ ---- -HOSTS: - redhat-7-x86_64-agent: - roles: - - agent - - default - platform: el-7-x86_64 - template: redhat-7-x86_64 - hypervisor: vcloud - redhat-7-x86_64-master: - roles: - - master - - dashboard - - database - - agent - platform: el-7-x86_64 - template: redhat-7-x86_64 - hypervisor: vcloud -CONFIG: - nfs_server: none - consoleport: 443 - datastore: instance0 - folder: Delivery/Quality Assurance/Enterprise/Dynamic - resourcepool: delivery/Quality Assurance/Enterprise/Dynamic - pooling_api: http://vcloud.delivery.puppetlabs.net/ - type: aio - ssh: - timeout: 600 \ No newline at end of file diff --git a/firewall/spec/acceptance/nodesets/new/aio/ubuntu-1404-64mda.yml b/firewall/spec/acceptance/nodesets/new/aio/ubuntu-1404-64mda.yml deleted file mode 100644 index 9029d26f6..000000000 --- a/firewall/spec/acceptance/nodesets/new/aio/ubuntu-1404-64mda.yml +++ /dev/null @@ -1,28 +0,0 @@ ---- -HOSTS: - ubuntu-1404-agent: - roles: - - agent - - default - platform: ubuntu-14.04-amd64 - template: Delivery/Quality Assurance/Templates/vCloud/ubuntu-1404-x86_64 - hypervisor: vcloud - redhat-7-x86_64-master: - roles: - - master - - dashboard - - database - - agent - platform: el-7-x86_64 - template: redhat-7-x86_64 - hypervisor: vcloud -CONFIG: - nfs_server: none - consoleport: 443 - datastore: instance0 - folder: Delivery/Quality Assurance/Enterprise/Dynamic - resourcepool: delivery/Quality Assurance/Enterprise/Dynamic - pooling_api: http://vcloud.delivery.puppetlabs.net/ - type: aio - ssh: - timeout: 600 \ No newline at end of file diff --git a/firewall/spec/acceptance/nodesets/new/pe/centos-5-64mda.yml b/firewall/spec/acceptance/nodesets/new/pe/centos-5-64mda.yml deleted file mode 100644 index ba6c23c91..000000000 --- a/firewall/spec/acceptance/nodesets/new/pe/centos-5-64mda.yml +++ /dev/null @@ -1,27 +0,0 @@ ---- -HOSTS: - centos-5-x86_64-agent: - roles: - - agent - - default - platform: el-5-x86_64 - template: Delivery/Quality Assurance/Templates/vCloud/centos-5-x86_64 - hypervisor: vcloud - redhat-7-x86_64-master: - roles: - - master - - dashboard - - database - - agent - platform: el-7-x86_64 - template: redhat-7-x86_64 - hypervisor: vcloud -CONFIG: - nfs_server: none - consoleport: 443 - datastore: instance0 - folder: Delivery/Quality Assurance/Enterprise/Dynamic - resourcepool: delivery/Quality Assurance/Enterprise/Dynamic - pooling_api: http://vcloud.delivery.puppetlabs.net/ - ssh: - timeout: 600 diff --git a/firewall/spec/acceptance/nodesets/new/pe/centos-6-64mda.yml b/firewall/spec/acceptance/nodesets/new/pe/centos-6-64mda.yml deleted file mode 100644 index e97e73fde..000000000 --- a/firewall/spec/acceptance/nodesets/new/pe/centos-6-64mda.yml +++ /dev/null @@ -1,27 +0,0 @@ ---- -HOSTS: - centos-6-x86_64-agent: - roles: - - agent - - default - platform: el-6-x86_64 - template: Delivery/Quality Assurance/Templates/vCloud/centos-6-x86_64 - hypervisor: vcloud - redhat-7-x86_64-master: - roles: - - master - - dashboard - - database - - agent - platform: el-7-x86_64 - template: redhat-7-x86_64 - hypervisor: vcloud -CONFIG: - nfs_server: none - consoleport: 443 - datastore: instance0 - folder: Delivery/Quality Assurance/Enterprise/Dynamic - resourcepool: delivery/Quality Assurance/Enterprise/Dynamic - pooling_api: http://vcloud.delivery.puppetlabs.net/ - ssh: - timeout: 600 diff --git a/firewall/spec/acceptance/nodesets/new/pe/centos-7-64mda.yml b/firewall/spec/acceptance/nodesets/new/pe/centos-7-64mda.yml deleted file mode 100644 index 056b52d30..000000000 --- a/firewall/spec/acceptance/nodesets/new/pe/centos-7-64mda.yml +++ /dev/null @@ -1,27 +0,0 @@ ---- -HOSTS: - centos-7-x86_64-agent: - roles: - - agent - - default - platform: el-7-x86_64 - template: centos-7-x86_64 - hypervisor: vcloud - redhat-7-x86_64-master: - roles: - - master - - dashboard - - database - - agent - platform: el-7-x86_64 - template: redhat-7-x86_64 - hypervisor: vcloud -CONFIG: - nfs_server: none - consoleport: 443 - datastore: instance0 - folder: Delivery/Quality Assurance/Enterprise/Dynamic - resourcepool: delivery/Quality Assurance/Enterprise/Dynamic - pooling_api: http://vcloud.delivery.puppetlabs.net/ - ssh: - timeout: 600 diff --git a/firewall/spec/acceptance/nodesets/new/pe/debian-6-64mda.yml b/firewall/spec/acceptance/nodesets/new/pe/debian-6-64mda.yml deleted file mode 100644 index 3101a5a8e..000000000 --- a/firewall/spec/acceptance/nodesets/new/pe/debian-6-64mda.yml +++ /dev/null @@ -1,27 +0,0 @@ ---- -HOSTS: - debian-6-amd64-agent: - roles: - - agent - - default - platform: debian-6-amd64 - template: debian-6-x86_64 - hypervisor: vcloud - redhat-7-x86_64-master: - roles: - - master - - dashboard - - database - - agent - platform: el-7-x86_64 - template: redhat-7-x86_64 - hypervisor: vcloud -CONFIG: - nfs_server: none - consoleport: 443 - datastore: instance0 - folder: Delivery/Quality Assurance/Enterprise/Dynamic - resourcepool: delivery/Quality Assurance/Enterprise/Dynamic - pooling_api: http://vcloud.delivery.puppetlabs.net/ - ssh: - timeout: 600 diff --git a/firewall/spec/acceptance/nodesets/new/pe/debian-7-64mda.yml b/firewall/spec/acceptance/nodesets/new/pe/debian-7-64mda.yml deleted file mode 100644 index 4ebf914ac..000000000 --- a/firewall/spec/acceptance/nodesets/new/pe/debian-7-64mda.yml +++ /dev/null @@ -1,27 +0,0 @@ ---- -HOSTS: - debian-7-amd64-agent: - roles: - - agent - - default - platform: debian-7-amd64 - template: debian-7-x86_64 - hypervisor: vcloud - redhat-7-x86_64-master: - roles: - - master - - dashboard - - database - - agent - platform: el-7-x86_64 - template: redhat-7-x86_64 - hypervisor: vcloud -CONFIG: - nfs_server: none - consoleport: 443 - datastore: instance0 - folder: Delivery/Quality Assurance/Enterprise/Dynamic - resourcepool: delivery/Quality Assurance/Enterprise/Dynamic - pooling_api: http://vcloud.delivery.puppetlabs.net/ - ssh: - timeout: 600 \ No newline at end of file diff --git a/firewall/spec/acceptance/nodesets/new/pe/oracle-6-64mda.yml b/firewall/spec/acceptance/nodesets/new/pe/oracle-6-64mda.yml deleted file mode 100644 index 58e0fc076..000000000 --- a/firewall/spec/acceptance/nodesets/new/pe/oracle-6-64mda.yml +++ /dev/null @@ -1,27 +0,0 @@ ---- -HOSTS: - oracle-6-x86_64-agent: - roles: - - agent - - default - platform: el-6-x86_64 - template: oracle-6-x86_64 - hypervisor: vcloud - redhat-7-x86_64-master: - roles: - - master - - dashboard - - database - - agent - platform: el-7-x86_64 - template: redhat-7-x86_64 - hypervisor: vcloud -CONFIG: - nfs_server: none - consoleport: 443 - datastore: instance0 - folder: Delivery/Quality Assurance/Enterprise/Dynamic - resourcepool: delivery/Quality Assurance/Enterprise/Dynamic - pooling_api: http://vcloud.delivery.puppetlabs.net/ - ssh: - timeout: 600 \ No newline at end of file diff --git a/firewall/spec/acceptance/nodesets/new/pe/oracle-7-64mda.yml b/firewall/spec/acceptance/nodesets/new/pe/oracle-7-64mda.yml deleted file mode 100644 index 157d81452..000000000 --- a/firewall/spec/acceptance/nodesets/new/pe/oracle-7-64mda.yml +++ /dev/null @@ -1,27 +0,0 @@ ---- -HOSTS: - oracle-7-x86_64-agent: - roles: - - agent - - default - platform: el-7-x86_64 - template: oracle-7-x86_64 - hypervisor: vcloud - redhat-7-x86_64-master: - roles: - - master - - dashboard - - database - - agent - platform: el-7-x86_64 - template: redhat-7-x86_64 - hypervisor: vcloud -CONFIG: - nfs_server: none - consoleport: 443 - datastore: instance0 - folder: Delivery/Quality Assurance/Enterprise/Dynamic - resourcepool: delivery/Quality Assurance/Enterprise/Dynamic - pooling_api: http://vcloud.delivery.puppetlabs.net/ - ssh: - timeout: 600 \ No newline at end of file diff --git a/firewall/spec/acceptance/nodesets/new/pe/redhat-5-64mda.yml b/firewall/spec/acceptance/nodesets/new/pe/redhat-5-64mda.yml deleted file mode 100644 index 56e45f5af..000000000 --- a/firewall/spec/acceptance/nodesets/new/pe/redhat-5-64mda.yml +++ /dev/null @@ -1,27 +0,0 @@ ---- -HOSTS: - redhat-5-x86_64-agent: - roles: - - agent - - default - platform: el-5-x86_64 - template: redhat-5-x86_64 - hypervisor: vcloud - redhat-7-x86_64-master: - roles: - - master - - dashboard - - database - - agent - platform: el-7-x86_64 - template: redhat-7-x86_64 - hypervisor: vcloud -CONFIG: - nfs_server: none - consoleport: 443 - datastore: instance0 - folder: Delivery/Quality Assurance/Enterprise/Dynamic - resourcepool: delivery/Quality Assurance/Enterprise/Dynamic - pooling_api: http://vcloud.delivery.puppetlabs.net/ - ssh: - timeout: 600 \ No newline at end of file diff --git a/firewall/spec/acceptance/nodesets/new/pe/redhat-6-64mda.yml b/firewall/spec/acceptance/nodesets/new/pe/redhat-6-64mda.yml deleted file mode 100644 index a41c585d8..000000000 --- a/firewall/spec/acceptance/nodesets/new/pe/redhat-6-64mda.yml +++ /dev/null @@ -1,27 +0,0 @@ ---- -HOSTS: - redhat-6-x86_64-agent: - roles: - - agent - - default - platform: el-6-x86_64 - template: redhat-6-x86_64 - hypervisor: vcloud - redhat-7-x86_64-master: - roles: - - master - - dashboard - - database - - agent - platform: el-7-x86_64 - template: redhat-7-x86_64 - hypervisor: vcloud -CONFIG: - nfs_server: none - consoleport: 443 - datastore: instance0 - folder: Delivery/Quality Assurance/Enterprise/Dynamic - resourcepool: delivery/Quality Assurance/Enterprise/Dynamic - pooling_api: http://vcloud.delivery.puppetlabs.net/ - ssh: - timeout: 600 \ No newline at end of file diff --git a/firewall/spec/acceptance/nodesets/new/pe/redhat-7-64mda.yml b/firewall/spec/acceptance/nodesets/new/pe/redhat-7-64mda.yml deleted file mode 100644 index 6ed476b74..000000000 --- a/firewall/spec/acceptance/nodesets/new/pe/redhat-7-64mda.yml +++ /dev/null @@ -1,27 +0,0 @@ ---- -HOSTS: - redhat-7-x86_64-agent: - roles: - - agent - - default - platform: el-7-x86_64 - template: redhat-7-x86_64 - hypervisor: vcloud - redhat-7-x86_64-master: - roles: - - master - - dashboard - - database - - agent - platform: el-7-x86_64 - template: redhat-7-x86_64 - hypervisor: vcloud -CONFIG: - nfs_server: none - consoleport: 443 - datastore: instance0 - folder: Delivery/Quality Assurance/Enterprise/Dynamic - resourcepool: delivery/Quality Assurance/Enterprise/Dynamic - pooling_api: http://vcloud.delivery.puppetlabs.net/ - ssh: - timeout: 600 \ No newline at end of file diff --git a/firewall/spec/acceptance/nodesets/new/pe/scientific-5-64mda.yml b/firewall/spec/acceptance/nodesets/new/pe/scientific-5-64mda.yml deleted file mode 100644 index 4ae3e43bd..000000000 --- a/firewall/spec/acceptance/nodesets/new/pe/scientific-5-64mda.yml +++ /dev/null @@ -1,27 +0,0 @@ ---- -HOSTS: - scientific-5-x86_64-agent: - roles: - - agent - - default - platform: el-5-x86_64 - template: scientific-5-x86_64 - hypervisor: vcloud - redhat-7-x86_64-master: - roles: - - master - - dashboard - - database - - agent - platform: el-7-x86_64 - template: redhat-7-x86_64 - hypervisor: vcloud -CONFIG: - nfs_server: none - consoleport: 443 - datastore: instance0 - folder: Delivery/Quality Assurance/Enterprise/Dynamic - resourcepool: delivery/Quality Assurance/Enterprise/Dynamic - pooling_api: http://vcloud.delivery.puppetlabs.net/ - ssh: - timeout: 600 \ No newline at end of file diff --git a/firewall/spec/acceptance/nodesets/new/pe/scientific-6-64mda.yml b/firewall/spec/acceptance/nodesets/new/pe/scientific-6-64mda.yml deleted file mode 100644 index 0c9457f24..000000000 --- a/firewall/spec/acceptance/nodesets/new/pe/scientific-6-64mda.yml +++ /dev/null @@ -1,27 +0,0 @@ ---- -HOSTS: - scientific-6-x86_64-agent: - roles: - - agent - - default - platform: el-6-x86_64 - template: scientific-6-x86_64 - hypervisor: vcloud - redhat-7-x86_64-master: - roles: - - master - - dashboard - - database - - agent - platform: el-7-x86_64 - template: redhat-7-x86_64 - hypervisor: vcloud -CONFIG: - nfs_server: none - consoleport: 443 - datastore: instance0 - folder: Delivery/Quality Assurance/Enterprise/Dynamic - resourcepool: delivery/Quality Assurance/Enterprise/Dynamic - pooling_api: http://vcloud.delivery.puppetlabs.net/ - ssh: - timeout: 600 \ No newline at end of file diff --git a/firewall/spec/acceptance/nodesets/new/pe/scientific-7-64mda.yml b/firewall/spec/acceptance/nodesets/new/pe/scientific-7-64mda.yml deleted file mode 100644 index 80692bff1..000000000 --- a/firewall/spec/acceptance/nodesets/new/pe/scientific-7-64mda.yml +++ /dev/null @@ -1,27 +0,0 @@ ---- -HOSTS: - scientific-7-x86_64-agent: - roles: - - agent - - default - platform: el-7-x86_64 - template: scientific-7-x86_64 - hypervisor: vcloud - redhat-7-x86_64-master: - roles: - - master - - dashboard - - database - - agent - platform: el-7-x86_64 - template: redhat-7-x86_64 - hypervisor: vcloud -CONFIG: - nfs_server: none - consoleport: 443 - datastore: instance0 - folder: Delivery/Quality Assurance/Enterprise/Dynamic - resourcepool: delivery/Quality Assurance/Enterprise/Dynamic - pooling_api: http://vcloud.delivery.puppetlabs.net/ - ssh: - timeout: 600 \ No newline at end of file diff --git a/firewall/spec/acceptance/nodesets/new/pe/sles-10-64mda.yml b/firewall/spec/acceptance/nodesets/new/pe/sles-10-64mda.yml deleted file mode 100644 index 5761d8ded..000000000 --- a/firewall/spec/acceptance/nodesets/new/pe/sles-10-64mda.yml +++ /dev/null @@ -1,27 +0,0 @@ ---- -HOSTS: - sles-10-x86_64-agent: - roles: - - agent - - default - platform: sles-10-x86_64 - template: sles-10-x86_64 - hypervisor: vcloud - redhat-7-x86_64-master: - roles: - - master - - dashboard - - database - - agent - platform: el-7-x86_64 - template: redhat-7-x86_64 - hypervisor: vcloud -CONFIG: - nfs_server: none - consoleport: 443 - datastore: instance0 - folder: Delivery/Quality Assurance/Enterprise/Dynamic - resourcepool: delivery/Quality Assurance/Enterprise/Dynamic - pooling_api: http://vcloud.delivery.puppetlabs.net/ - ssh: - timeout: 600 \ No newline at end of file diff --git a/firewall/spec/acceptance/nodesets/new/pe/sles-11-64mda.yml b/firewall/spec/acceptance/nodesets/new/pe/sles-11-64mda.yml deleted file mode 100644 index 660c72f38..000000000 --- a/firewall/spec/acceptance/nodesets/new/pe/sles-11-64mda.yml +++ /dev/null @@ -1,27 +0,0 @@ ---- -HOSTS: - sles-11-x86_64-agent: - roles: - - agent - - default - platform: sles-11-x86_64 - template: sles-11-x86_64 - hypervisor: vcloud - redhat-7-x86_64-master: - roles: - - master - - dashboard - - database - - agent - platform: el-7-x86_64 - template: redhat-7-x86_64 - hypervisor: vcloud -CONFIG: - nfs_server: none - consoleport: 443 - datastore: instance0 - folder: Delivery/Quality Assurance/Enterprise/Dynamic - resourcepool: delivery/Quality Assurance/Enterprise/Dynamic - pooling_api: http://vcloud.delivery.puppetlabs.net/ - ssh: - timeout: 600 \ No newline at end of file diff --git a/firewall/spec/acceptance/nodesets/new/pe/sles-12-64mda.yml b/firewall/spec/acceptance/nodesets/new/pe/sles-12-64mda.yml deleted file mode 100644 index 0e7884cd3..000000000 --- a/firewall/spec/acceptance/nodesets/new/pe/sles-12-64mda.yml +++ /dev/null @@ -1,27 +0,0 @@ ---- -HOSTS: - sles-12-x86_64-agent: - roles: - - agent - - default - platform: sles-12-x86_64 - template: sles-12-x86_64 - hypervisor: vcloud - redhat-7-x86_64-master: - roles: - - master - - dashboard - - database - - agent - platform: el-7-x86_64 - template: redhat-7-x86_64 - hypervisor: vcloud -CONFIG: - nfs_server: none - consoleport: 443 - datastore: instance0 - folder: Delivery/Quality Assurance/Enterprise/Dynamic - resourcepool: delivery/Quality Assurance/Enterprise/Dynamic - pooling_api: http://vcloud.delivery.puppetlabs.net/ - ssh: - timeout: 600 \ No newline at end of file diff --git a/firewall/spec/acceptance/nodesets/new/pe/ubuntu-1004-64mda.yml b/firewall/spec/acceptance/nodesets/new/pe/ubuntu-1004-64mda.yml deleted file mode 100644 index 0baeba857..000000000 --- a/firewall/spec/acceptance/nodesets/new/pe/ubuntu-1004-64mda.yml +++ /dev/null @@ -1,27 +0,0 @@ ---- -HOSTS: - ubuntu-1004-agent: - roles: - - agent - - default - platform: ubuntu-10.04-amd64 - template: ubuntu-1004-x86_64 - hypervisor: vcloud - redhat-7-x86_64-master: - roles: - - master - - dashboard - - database - - agent - platform: el-7-x86_64 - template: redhat-7-x86_64 - hypervisor: vcloud -CONFIG: - nfs_server: none - consoleport: 443 - datastore: instance0 - folder: Delivery/Quality Assurance/Enterprise/Dynamic - resourcepool: delivery/Quality Assurance/Enterprise/Dynamic - pooling_api: http://vcloud.delivery.puppetlabs.net/ - ssh: - timeout: 600 \ No newline at end of file diff --git a/firewall/spec/acceptance/nodesets/new/pe/ubuntu-1204-64mda.yml b/firewall/spec/acceptance/nodesets/new/pe/ubuntu-1204-64mda.yml deleted file mode 100644 index d8c293192..000000000 --- a/firewall/spec/acceptance/nodesets/new/pe/ubuntu-1204-64mda.yml +++ /dev/null @@ -1,27 +0,0 @@ ---- -HOSTS: - ubuntu-1204-agent: - roles: - - agent - - default - platform: ubuntu-12.04-amd64 - template: Delivery/Quality Assurance/Templates/vCloud/ubuntu-1204-x86_64 - hypervisor: vcloud - redhat-7-x86_64-master: - roles: - - master - - dashboard - - database - - agent - platform: el-7-x86_64 - template: redhat-7-x86_64 - hypervisor: vcloud -CONFIG: - nfs_server: none - consoleport: 443 - datastore: instance0 - folder: Delivery/Quality Assurance/Enterprise/Dynamic - resourcepool: delivery/Quality Assurance/Enterprise/Dynamic - pooling_api: http://vcloud.delivery.puppetlabs.net/ - ssh: - timeout: 600 \ No newline at end of file diff --git a/firewall/spec/acceptance/nodesets/new/pe/ubuntu-1404-64mda.yml b/firewall/spec/acceptance/nodesets/new/pe/ubuntu-1404-64mda.yml deleted file mode 100644 index c53683da8..000000000 --- a/firewall/spec/acceptance/nodesets/new/pe/ubuntu-1404-64mda.yml +++ /dev/null @@ -1,27 +0,0 @@ ---- -HOSTS: - ubuntu-1404-agent: - roles: - - agent - - default - platform: ubuntu-14.04-amd64 - template: Delivery/Quality Assurance/Templates/vCloud/ubuntu-1404-x86_64 - hypervisor: vcloud - redhat-7-x86_64-master: - roles: - - master - - dashboard - - database - - agent - platform: el-7-x86_64 - template: redhat-7-x86_64 - hypervisor: vcloud -CONFIG: - nfs_server: none - consoleport: 443 - datastore: instance0 - folder: Delivery/Quality Assurance/Enterprise/Dynamic - resourcepool: delivery/Quality Assurance/Enterprise/Dynamic - pooling_api: http://vcloud.delivery.puppetlabs.net/ - ssh: - timeout: 600 \ No newline at end of file diff --git a/firewall/spec/acceptance/nodesets/sles-11sp1-x64.yml b/firewall/spec/acceptance/nodesets/sles-11sp1-x64.yml deleted file mode 100644 index 554c37a50..000000000 --- a/firewall/spec/acceptance/nodesets/sles-11sp1-x64.yml +++ /dev/null @@ -1,10 +0,0 @@ -HOSTS: - sles-11sp1-x64: - roles: - - master - platform: sles-11-x86_64 - box : sles-11sp1-x64-vbox4210-nocm - box_url : http://puppet-vagrant-boxes.puppetlabs.com/sles-11sp1-x64-vbox4210-nocm.box - hypervisor : vagrant -CONFIG: - type: git diff --git a/firewall/spec/acceptance/nodesets/ubuntu-server-10044-x64.yml b/firewall/spec/acceptance/nodesets/ubuntu-server-10044-x64.yml deleted file mode 100644 index 5ca1514e4..000000000 --- a/firewall/spec/acceptance/nodesets/ubuntu-server-10044-x64.yml +++ /dev/null @@ -1,10 +0,0 @@ -HOSTS: - ubuntu-server-10044-x64: - roles: - - master - platform: ubuntu-10.04-amd64 - box : ubuntu-server-10044-x64-vbox4210-nocm - box_url : http://puppet-vagrant-boxes.puppetlabs.com/ubuntu-server-10044-x64-vbox4210-nocm.box - hypervisor : vagrant -CONFIG: - type: foss diff --git a/firewall/spec/acceptance/nodesets/ubuntu-server-12042-x64.yml b/firewall/spec/acceptance/nodesets/ubuntu-server-12042-x64.yml deleted file mode 100644 index d065b304f..000000000 --- a/firewall/spec/acceptance/nodesets/ubuntu-server-12042-x64.yml +++ /dev/null @@ -1,10 +0,0 @@ -HOSTS: - ubuntu-server-12042-x64: - roles: - - master - platform: ubuntu-12.04-amd64 - box : ubuntu-server-12042-x64-vbox4210-nocm - box_url : http://puppet-vagrant-boxes.puppetlabs.com/ubuntu-server-12042-x64-vbox4210-nocm.box - hypervisor : vagrant -CONFIG: - type: foss diff --git a/firewall/spec/acceptance/nodesets/ubuntu-server-1404-x64.yml b/firewall/spec/acceptance/nodesets/ubuntu-server-1404-x64.yml deleted file mode 100644 index cba1cd04c..000000000 --- a/firewall/spec/acceptance/nodesets/ubuntu-server-1404-x64.yml +++ /dev/null @@ -1,11 +0,0 @@ -HOSTS: - ubuntu-server-1404-x64: - roles: - - master - platform: ubuntu-14.04-amd64 - box : puppetlabs/ubuntu-14.04-64-nocm - box_url : https://vagrantcloud.com/puppetlabs/ubuntu-14.04-64-nocm - hypervisor : vagrant -CONFIG: - log_level : debug - type: git diff --git a/firewall/spec/acceptance/params_spec.rb b/firewall/spec/acceptance/params_spec.rb deleted file mode 100644 index ca6652e0b..000000000 --- a/firewall/spec/acceptance/params_spec.rb +++ /dev/null @@ -1,153 +0,0 @@ -require 'spec_helper_acceptance' - -describe "param based tests:", :unless => UNSUPPORTED_PLATFORMS.include?(fact('osfamily')) do - - before(:all) do - shell('iptables --flush; iptables -t nat --flush; iptables -t mangle --flush') - shell('ip6tables --flush; ip6tables -t nat --flush; ip6tables -t mangle --flush') - end - - it 'test various params', :unless => (default['platform'].match(/el-5/) || fact('operatingsystem') == 'SLES') do - iptables_flush_all_tables - - ppm = <<-EOS - firewall { '100 test': - table => 'raw', - socket => 'true', - chain => 'PREROUTING', - jump => 'LOG', - log_level => 'debug', - } - EOS - - expect(apply_manifest(ppm, :catch_failures => true).exit_code).to eq(2) - expect(apply_manifest(ppm, :catch_failures => true).exit_code).to be_zero - end - - it 'test log rule' do - iptables_flush_all_tables - - ppm = <<-EOS - firewall { '998 log all': - proto => 'all', - jump => 'LOG', - log_level => 'debug', - } - EOS - expect(apply_manifest(ppm, :catch_failures => true).exit_code).to eq(2) - expect(apply_manifest(ppm, :catch_failures => true).exit_code).to be_zero - end - - it 'test log rule - changing names' do - iptables_flush_all_tables - - ppm1 = <<-EOS - firewall { '004 log all INVALID packets': - chain => 'INPUT', - proto => 'all', - ctstate => 'INVALID', - jump => 'LOG', - log_level => '3', - log_prefix => 'IPTABLES dropped invalid: ', - } - EOS - - ppm2 = <<-EOS - firewall { '003 log all INVALID packets': - chain => 'INPUT', - proto => 'all', - ctstate => 'INVALID', - jump => 'LOG', - log_level => '3', - log_prefix => 'IPTABLES dropped invalid: ', - } - EOS - - expect(apply_manifest(ppm1, :catch_failures => true).exit_code).to eq(2) - - ppm = <<-EOS + "\n" + ppm2 - resources { 'firewall': - purge => true, - } - EOS - expect(apply_manifest(ppm, :catch_failures => true).exit_code).to eq(2) - end - - it 'test chain - changing names' do - iptables_flush_all_tables - - ppm1 = <<-EOS - firewall { '004 with a chain': - chain => 'INPUT', - proto => 'all', - } - EOS - - ppm2 = <<-EOS - firewall { '004 with a chain': - chain => 'OUTPUT', - proto => 'all', - } - EOS - - apply_manifest(ppm1, :expect_changes => true) - - ppm = <<-EOS + "\n" + ppm2 - resources { 'firewall': - purge => true, - } - EOS - expect(apply_manifest(ppm2, :expect_failures => true).stderr).to match(/is not supported/) - end - - it 'test log rule - idempotent' do - iptables_flush_all_tables - - ppm1 = <<-EOS - firewall { '004 log all INVALID packets': - chain => 'INPUT', - proto => 'all', - ctstate => 'INVALID', - jump => 'LOG', - log_level => '3', - log_prefix => 'IPTABLES dropped invalid: ', - } - EOS - - expect(apply_manifest(ppm1, :catch_failures => true).exit_code).to eq(2) - expect(apply_manifest(ppm1, :catch_failures => true).exit_code).to be_zero - end - - it 'test src_range rule' do - iptables_flush_all_tables - - ppm = <<-EOS - firewall { '997 block src ip range': - chain => 'INPUT', - proto => 'all', - action => 'drop', - src_range => '10.0.0.1-10.0.0.10', - } - EOS - - expect(apply_manifest(ppm, :catch_failures => true).exit_code).to eq(2) - expect(apply_manifest(ppm, :catch_failures => true).exit_code).to be_zero - end - - it 'test dst_range rule' do - iptables_flush_all_tables - - ppm = <<-EOS - firewall { '998 block dst ip range': - chain => 'INPUT', - proto => 'all', - action => 'drop', - dst_range => '10.0.0.2-10.0.0.20', - } - EOS - - expect(apply_manifest(ppm, :catch_failures => true).exit_code).to eq(2) - expect(apply_manifest(ppm, :catch_failures => true).exit_code).to be_zero - end - -end diff --git a/firewall/spec/acceptance/purge_spec.rb b/firewall/spec/acceptance/purge_spec.rb deleted file mode 100644 index e191c12b4..000000000 --- a/firewall/spec/acceptance/purge_spec.rb +++ /dev/null @@ -1,230 +0,0 @@ -require 'spec_helper_acceptance' - -describe "purge tests:", :unless => UNSUPPORTED_PLATFORMS.include?(fact('osfamily')) do - context('resources purge') do - before(:all) do - iptables_flush_all_tables - - shell('iptables -A INPUT -s 1.2.1.2') - shell('iptables -A INPUT -s 1.2.1.2') - end - - it 'make sure duplicate existing rules get purged' do - - pp = <<-EOS - class { 'firewall': } - resources { 'firewall': - purge => true, - } - EOS - - apply_manifest(pp, :expect_changes => true) - end - - it 'saves' do - shell('iptables-save') do |r| - expect(r.stdout).to_not match(/1\.2\.1\.2/) - expect(r.stderr).to eq("") - end - end - end - - context('ipv4 chain purge') do - after(:all) do - iptables_flush_all_tables - end - before(:each) do - iptables_flush_all_tables - - shell('iptables -A INPUT -p tcp -s 1.2.1.1') - shell('iptables -A INPUT -p udp -s 1.2.1.1') - shell('iptables -A OUTPUT -s 1.2.1.2 -m comment --comment "010 output-1.2.1.2"') - end - - it 'purges only the specified chain' do - pp = <<-EOS - class { 'firewall': } - firewallchain { 'INPUT:filter:IPv4': - purge => true, - } - EOS - - apply_manifest(pp, :expect_changes => true) - - shell('iptables-save') do |r| - expect(r.stdout).to match(/010 output-1\.2\.1\.2/) - expect(r.stdout).to_not match(/1\.2\.1\.1/) - expect(r.stderr).to eq("") - end - end - - it 'ignores managed rules' do - pp = <<-EOS - class { 'firewall': } - firewallchain { 'OUTPUT:filter:IPv4': - purge => true, - } - firewall { '010 output-1.2.1.2': - chain => 'OUTPUT', - proto => 'all', - source => '1.2.1.2', - } - EOS - - apply_manifest(pp, :catch_changes => do_catch_changes) - end - - it 'ignores specified rules' do - pp = <<-EOS - class { 'firewall': } - firewallchain { 'INPUT:filter:IPv4': - purge => true, - ignore => [ - '-s 1\.2\.1\.1', - ], - } - EOS - - apply_manifest(pp, :catch_changes => do_catch_changes) - end - - it 'adds managed rules with ignored rules' do - pp = <<-EOS - class { 'firewall': } - firewallchain { 'INPUT:filter:IPv4': - purge => true, - ignore => [ - '-s 1\.2\.1\.1', - ], - } - firewall { '014 input-1.2.1.6': - chain => 'INPUT', - proto => 'all', - source => '1.2.1.6', - } - -> firewall { '013 input-1.2.1.5': - chain => 'INPUT', - proto => 'all', - source => '1.2.1.5', - } - -> firewall { '012 input-1.2.1.4': - chain => 'INPUT', - proto => 'all', - source => '1.2.1.4', - } - -> firewall { '011 input-1.2.1.3': - chain => 'INPUT', - proto => 'all', - source => '1.2.1.3', - } - EOS - - apply_manifest(pp, :catch_failures => true) - - expect(shell('iptables-save').stdout).to match(/-A INPUT -s 1\.2\.1\.1(\/32)? -p tcp\s?\n-A INPUT -s 1\.2\.1\.1(\/32)? -p udp/) - end - end - - if default['platform'] !~ /el-5/ and default['platform'] !~ /sles-10/ - context 'ipv6 chain purge' do - after(:all) do - ip6tables_flush_all_tables - end - before(:each) do - ip6tables_flush_all_tables - - shell('ip6tables -A INPUT -p tcp -s 1::42') - shell('ip6tables -A INPUT -p udp -s 1::42') - shell('ip6tables -A OUTPUT -s 1::50 -m comment --comment "010 output-1::50"') - end - - it 'purges only the specified chain' do - pp = <<-EOS - class { 'firewall': } - firewallchain { 'INPUT:filter:IPv6': - purge => true, - } - EOS - - apply_manifest(pp, :expect_changes => true) - - shell('ip6tables-save') do |r| - expect(r.stdout).to match(/010 output-1::50/) - expect(r.stdout).to_not match(/1::42/) - expect(r.stderr).to eq("") - end - end - - it 'ignores managed rules' do - pp = <<-EOS - class { 'firewall': } - firewallchain { 'OUTPUT:filter:IPv6': - purge => true, - } - firewall { '010 output-1::50': - chain => 'OUTPUT', - proto => 'all', - source => '1::50', - provider => 'ip6tables', - } - EOS - - apply_manifest(pp, :catch_changes => do_catch_changes) - end - - it 'ignores specified rules' do - pp = <<-EOS - class { 'firewall': } - firewallchain { 'INPUT:filter:IPv6': - purge => true, - ignore => [ - '-s 1::42', - ], - } - EOS - - apply_manifest(pp, :catch_changes => do_catch_changes) - end - - it 'adds managed rules with ignored rules' do - pp = <<-EOS - class { 'firewall': } - firewallchain { 'INPUT:filter:IPv6': - purge => true, - ignore => [ - '-s 1::42', - ], - } - firewall { '014 input-1::46': - chain => 'INPUT', - proto => 'all', - source => '1::46', - provider => 'ip6tables', - } - -> firewall { '013 input-1::45': - chain => 'INPUT', - proto => 'all', - source => '1::45', - provider => 'ip6tables', - } - -> firewall { '012 input-1::44': - chain => 'INPUT', - proto => 'all', - source => '1::44', - provider => 'ip6tables', - } - -> firewall { '011 input-1::43': - chain => 'INPUT', - proto => 'all', - source => '1::43', - provider => 'ip6tables', - } - EOS - - apply_manifest(pp, :catch_failures => true) - - expect(shell('ip6tables-save').stdout).to match(/-A INPUT -s 1::42(\/128)? -p tcp\s?\n-A INPUT -s 1::42(\/128)? -p udp/) - end - end - end -end diff --git a/firewall/spec/acceptance/resource_cmd_spec.rb b/firewall/spec/acceptance/resource_cmd_spec.rb deleted file mode 100644 index 76a106e2e..000000000 --- a/firewall/spec/acceptance/resource_cmd_spec.rb +++ /dev/null @@ -1,175 +0,0 @@ -require 'spec_helper_acceptance' - -# Here we want to test the the resource commands ability to work with different -# existing ruleset scenarios. This will give the parsing capabilities of the -# code a good work out. -describe 'puppet resource firewall command:', :unless => UNSUPPORTED_PLATFORMS.include?(fact('osfamily')) do - before(:all) do - # In order to properly check stderr for anomalies we need to fix the deprecation warnings from puppet.conf. - config = shell('puppet config print config').stdout - shell("sed -i -e \'s/^templatedir.*$//\' #{config}") - end - - context 'make sure it returns no errors when executed on a clean machine' do - it do - shell('puppet resource firewall') do |r| - r.exit_code.should be_zero - # don't check stdout, some boxes come with rules, that is normal - r.stderr.should be_empty - end - end - end - - context 'flush iptables and make sure it returns nothing afterwards' do - before(:all) do - iptables_flush_all_tables - end - - # No rules, means no output thanks. And no errors as well. - it do - shell('puppet resource firewall') do |r| - r.exit_code.should be_zero - r.stdout.should == "\n" - end - end - end - - context 'accepts rules without comments' do - before(:all) do - iptables_flush_all_tables - shell('iptables -A INPUT -j ACCEPT -p tcp --dport 80') - end - - it do - shell('puppet resource firewall') do |r| - r.exit_code.should be_zero - # don't check stdout, testing preexisting rules, output is normal - r.stderr.should be_empty - end - end - end - - context 'accepts rules with invalid comments' do - before(:all) do - iptables_flush_all_tables - shell('iptables -A INPUT -j ACCEPT -p tcp --dport 80 -m comment --comment "http"') - end - - it do - shell('puppet resource firewall') do |r| - r.exit_code.should be_zero - # don't check stdout, testing preexisting rules, output is normal - r.stderr.should be_empty - end - end - end - - context 'accepts rules with negation' do - before :all do - iptables_flush_all_tables - shell('iptables -t nat -A POSTROUTING -s 192.168.122.0/24 ! -d 192.168.122.0/24 -p tcp -j MASQUERADE --to-ports 1024-65535') - shell('iptables -t nat -A POSTROUTING -s 192.168.122.0/24 ! -d 192.168.122.0/24 -p udp -j MASQUERADE --to-ports 1024-65535') - shell('iptables -t nat -A POSTROUTING -s 192.168.122.0/24 ! -d 192.168.122.0/24 -j MASQUERADE') - end - - it do - shell('puppet resource firewall') do |r| - r.exit_code.should be_zero - # don't check stdout, testing preexisting rules, output is normal - r.stderr.should be_empty - end - end - end - - context 'accepts rules with match extension tcp flag' do - before :all do - iptables_flush_all_tables - shell('iptables -t mangle -A PREROUTING -d 1.2.3.4 -p tcp -m tcp -m multiport --dports 80,443,8140 -j MARK --set-mark 42') - end - - it do - shell('puppet resource firewall') do |r| - r.exit_code.should be_zero - # don't check stdout, testing preexisting rules, output is normal - r.stderr.should be_empty - end - end - end - - if default['platform'] !~ /sles-10/ - context 'accepts rules utilizing the statistic module' do - before :all do - iptables_flush_all_tables - # This command doesn't work with all versions/oses, so let it fail - shell('iptables -t nat -A POSTROUTING -d 1.2.3.4/32 -o eth0 -m statistic --mode nth --every 2 -j SNAT --to-source 2.3.4.5', :acceptable_exit_codes => [0,1,2] ) - shell('iptables -t nat -A POSTROUTING -d 1.2.3.4/32 -o eth0 -m statistic --mode nth --every 1 --packet 0 -j SNAT --to-source 2.3.4.6') - shell('iptables -t nat -A POSTROUTING -d 1.2.3.4/32 -o eth0 -m statistic --mode random --probability 0.99 -j SNAT --to-source 2.3.4.7') - end - - it do - shell('puppet resource firewall') do |r| - r.exit_code.should be_zero - # don't check stdout, testing preexisting rules, output is normal - r.stderr.should be_empty - end - end - end - end - - context 'accepts rules with negation' do - before :all do - iptables_flush_all_tables - shell('iptables -t nat -A POSTROUTING -s 192.168.122.0/24 -m policy --dir out --pol ipsec -j ACCEPT') - shell('iptables -t filter -A FORWARD -s 192.168.1.0/24 -d 192.168.122.0/24 -i eth0 -m policy --dir in --pol ipsec --reqid 108 --proto esp -j ACCEPT') - shell('iptables -t filter -A FORWARD -s 192.168.122.0/24 -d 192.168.1.0/24 -o eth0 -m policy --dir out --pol ipsec --reqid 108 --proto esp -j ACCEPT') - shell('iptables -t filter -A FORWARD -s 192.168.201.1/32 -d 192.168.122.0/24 -i eth0 -m policy --dir in --pol ipsec --reqid 107 --proto esp -j ACCEPT') - shell('iptables -t filter -A FORWARD -s 192.168.122.0/24 -d 192.168.201.1/32 -o eth0 -m policy --dir out --pol ipsec --reqid 107 --proto esp -j ACCEPT') - end - - it do - shell('puppet resource firewall') do |r| - r.exit_code.should be_zero - # don't check stdout, testing preexisting rules, output is normal - r.stderr.should be_empty - end - end - end - - context 'accepts rules with -m (tcp|udp) without dport/sport' do - before :all do - iptables_flush_all_tables - shell('iptables -A INPUT -s 10.0.0.0/8 -p udp -m udp -j ACCEPT') - end - - it do - shell('puppet resource firewall') do |r| - r.exit_code.should be_zero - # don't check stdout, testing preexisting rules, output is normal - r.stderr.should be_empty - end - end - end - - # version of iptables that ships with el5 doesn't work with the - # ip6tables provider - if default['platform'] !~ /el-5/ and default['platform'] !~ /sles-10/ - context 'dport/sport with ip6tables' do - before :all do - if fact('osfamily') == 'Debian' - shell('echo "iptables-persistent iptables-persistent/autosave_v4 boolean false" | debconf-set-selections') - shell('echo "iptables-persistent iptables-persistent/autosave_v6 boolean false" | debconf-set-selections') - shell('apt-get install iptables-persistent -y') - end - ip6tables_flush_all_tables - shell('ip6tables -A INPUT -d fe80::/64 -p tcp -m tcp --dport 546 --sport 547 -j ACCEPT -m comment --comment 000-foobar') - end - it do - shell('puppet resource firewall \'000-foobar\' provider=ip6tables') do |r| - r.exit_code.should be_zero - # don't check stdout, testing preexisting rules, output is normal - r.stderr.should be_empty - end - end - end - end -end diff --git a/firewall/spec/acceptance/rules_spec.rb b/firewall/spec/acceptance/rules_spec.rb deleted file mode 100644 index fee12dd7d..000000000 --- a/firewall/spec/acceptance/rules_spec.rb +++ /dev/null @@ -1,279 +0,0 @@ -require 'spec_helper_acceptance' - -describe 'complex ruleset 1', :unless => UNSUPPORTED_PLATFORMS.include?(fact('osfamily')) do - before :all do - iptables_flush_all_tables - end - - after :all do - shell('iptables -t filter -P INPUT ACCEPT') - shell('iptables -t filter -P FORWARD ACCEPT') - shell('iptables -t filter -P OUTPUT ACCEPT') - shell('iptables -t filter --flush') - end - - it 'applies cleanly' do - pp = <<-EOS - firewall { '090 forward allow local': - chain => 'FORWARD', - proto => 'all', - source => '10.0.0.0/8', - destination => '10.0.0.0/8', - action => 'accept', - } - firewall { '100 forward standard allow tcp': - chain => 'FORWARD', - source => '10.0.0.0/8', - destination => '!10.0.0.0/8', - proto => 'tcp', - state => 'NEW', - port => [80,443,21,20,22,53,123,43,873,25,465], - action => 'accept', - } - firewall { '100 forward standard allow udp': - chain => 'FORWARD', - source => '10.0.0.0/8', - destination => '!10.0.0.0/8', - proto => 'udp', - port => [53,123], - action => 'accept', - } - firewall { '100 forward standard allow icmp': - chain => 'FORWARD', - source => '10.0.0.0/8', - destination => '!10.0.0.0/8', - proto => 'icmp', - action => 'accept', - } - - firewall { '090 ignore ipsec': - table => 'nat', - chain => 'POSTROUTING', - outiface => 'eth0', - ipsec_policy => 'ipsec', - ipsec_dir => 'out', - action => 'accept', - } - firewall { '093 ignore 10.0.0.0/8': - table => 'nat', - chain => 'POSTROUTING', - outiface => 'eth0', - destination => '10.0.0.0/8', - action => 'accept', - } - firewall { '093 ignore 172.16.0.0/12': - table => 'nat', - chain => 'POSTROUTING', - outiface => 'eth0', - destination => '172.16.0.0/12', - action => 'accept', - } - firewall { '093 ignore 192.168.0.0/16': - table => 'nat', - chain => 'POSTROUTING', - outiface => 'eth0', - destination => '192.168.0.0/16', - action => 'accept', - } - firewall { '100 masq outbound': - table => 'nat', - chain => 'POSTROUTING', - outiface => 'eth0', - jump => 'MASQUERADE', - } - firewall { '101 redirect port 1': - table => 'nat', - chain => 'PREROUTING', - iniface => 'eth0', - proto => 'tcp', - dport => '1', - toports => '22', - jump => 'REDIRECT', - } - EOS - - # Run it twice and test for idempotency - apply_manifest(pp, :catch_failures => true) - expect(apply_manifest(pp, :catch_failures => true).exit_code).to be_zero - end - - it 'contains appropriate rules' do - shell('iptables-save') do |r| - [ - /INPUT ACCEPT/, - /FORWARD ACCEPT/, - /OUTPUT ACCEPT/, - /-A FORWARD -s 10.0.0.0\/(8|255\.0\.0\.0) -d 10.0.0.0\/(8|255\.0\.0\.0) -m comment --comment \"090 forward allow local\" -j ACCEPT/, - /-A FORWARD -s 10.0.0.0\/(8|255\.0\.0\.0) (! -d|-d !) 10.0.0.0\/(8|255\.0\.0\.0) -p icmp -m comment --comment \"100 forward standard allow icmp\" -j ACCEPT/, - /-A FORWARD -s 10.0.0.0\/(8|255\.0\.0\.0) (! -d|-d !) 10.0.0.0\/(8|255\.0\.0\.0) -p tcp -m multiport --ports 80,443,21,20,22,53,123,43,873,25,465 -m comment --comment \"100 forward standard allow tcp\" -m state --state NEW -j ACCEPT/, - /-A FORWARD -s 10.0.0.0\/(8|255\.0\.0\.0) (! -d|-d !) 10.0.0.0\/(8|255\.0\.0\.0) -p udp -m multiport --ports 53,123 -m comment --comment \"100 forward standard allow udp\" -j ACCEPT/ - ].each do |line| - expect(r.stdout).to match(line) - end - end - end -end - -describe 'complex ruleset 2' do - after :all do - shell('iptables -t filter -P INPUT ACCEPT') - shell('iptables -t filter -P FORWARD ACCEPT') - shell('iptables -t filter -P OUTPUT ACCEPT') - shell('iptables -t filter --flush') - expect(shell('iptables -t filter -X LOCAL_INPUT').stderr).to eq("") - expect(shell('iptables -t filter -X LOCAL_INPUT_PRE').stderr).to eq("") - end - - it 'applies cleanly' do - pp = <<-EOS - class { '::firewall': } - - Firewall { - proto => 'all', - stage => 'pre', - } - Firewallchain { - stage => 'pre', - purge => 'true', - ignore => [ - '--comment "[^"]*(?i:ignore)[^"]*"', - ], - } - - firewall { '001 ssh needed for beaker testing': - proto => 'tcp', - dport => '22', - action => 'accept', - before => Firewallchain['INPUT:filter:IPv4'], - } - - firewall { '010 INPUT allow established and related': - proto => 'all', - state => ['ESTABLISHED', 'RELATED'], - action => 'accept', - before => Firewallchain['INPUT:filter:IPv4'], - } - - firewall { "011 reject local traffic not on loopback interface": - iniface => '! lo', - proto => 'all', - destination => '127.0.0.1/8', - action => 'reject', - } - firewall { '012 accept loopback': - iniface => 'lo', - action => 'accept', - before => Firewallchain['INPUT:filter:IPv4'], - } - firewall { '020 ssh': - proto => 'tcp', - dport => '22', - state => 'NEW', - action => 'accept', - before => Firewallchain['INPUT:filter:IPv4'], - } - - firewall { '025 smtp': - outiface => '! eth0:2', - chain => 'OUTPUT', - proto => 'tcp', - dport => '25', - state => 'NEW', - action => 'accept', - } - firewall { '013 icmp echo-request': - proto => 'icmp', - icmp => 'echo-request', - action => 'accept', - source => '10.0.0.0/8', - } - firewall { '013 icmp destination-unreachable': - proto => 'icmp', - icmp => 'destination-unreachable', - action => 'accept', - } - firewall { '013 icmp time-exceeded': - proto => 'icmp', - icmp => 'time-exceeded', - action => 'accept', - } - firewall { '443 ssl on aliased interface': - proto => 'tcp', - dport => '443', - state => 'NEW', - action => 'accept', - iniface => 'eth0:3', - } - - firewallchain { 'LOCAL_INPUT_PRE:filter:IPv4': } - firewall { '001 LOCAL_INPUT_PRE': - jump => 'LOCAL_INPUT_PRE', - require => Firewallchain['LOCAL_INPUT_PRE:filter:IPv4'], - } - firewallchain { 'LOCAL_INPUT:filter:IPv4': } - firewall { '900 LOCAL_INPUT': - jump => 'LOCAL_INPUT', - require => Firewallchain['LOCAL_INPUT:filter:IPv4'], - } - firewallchain { 'INPUT:filter:IPv4': - policy => 'drop', - ignore => [ - '-j fail2ban-ssh', - '--comment "[^"]*(?i:ignore)[^"]*"', - ], - } - - - firewall { '010 allow established and related': - chain => 'FORWARD', - proto => 'all', - state => ['ESTABLISHED','RELATED'], - action => 'accept', - before => Firewallchain['FORWARD:filter:IPv4'], - } - firewallchain { 'FORWARD:filter:IPv4': - policy => 'drop', - } - - firewallchain { 'OUTPUT:filter:IPv4': } - - - # purge unknown rules from mangle table - firewallchain { ['PREROUTING:mangle:IPv4', 'INPUT:mangle:IPv4', 'FORWARD:mangle:IPv4', 'OUTPUT:mangle:IPv4', 'POSTROUTING:mangle:IPv4']: } - - # and the nat table - firewallchain { ['PREROUTING:nat:IPv4', 'INPUT:nat:IPv4', 'OUTPUT:nat:IPv4', 'POSTROUTING:nat:IPv4']: } - EOS - - # Run it twice and test for idempotency - apply_manifest(pp, :catch_failures => true) - apply_manifest(pp, :catch_changes => do_catch_changes) - end - - it 'contains appropriate rules' do - shell('iptables-save') do |r| - [ - /INPUT DROP/, - /FORWARD DROP/, - /OUTPUT ACCEPT/, - /LOCAL_INPUT/, - /LOCAL_INPUT_PRE/, - /-A INPUT -m comment --comment \"001 LOCAL_INPUT_PRE\" -j LOCAL_INPUT_PRE/, - /-A INPUT -m comment --comment \"010 INPUT allow established and related\" -m state --state RELATED,ESTABLISHED -j ACCEPT/, - /-A INPUT -d 127.0.0.0\/(8|255\.0\.0\.0) (! -i|-i !) lo -m comment --comment \"011 reject local traffic not on loopback interface\" -j REJECT --reject-with icmp-port-unreachable/, - /-A INPUT -i lo -m comment --comment \"012 accept loopback\" -j ACCEPT/, - /-A INPUT -p icmp -m comment --comment \"013 icmp destination-unreachable\" -m icmp --icmp-type 3 -j ACCEPT/, - /-A INPUT -s 10.0.0.0\/(8|255\.0\.0\.0) -p icmp -m comment --comment \"013 icmp echo-request\" -m icmp --icmp-type 8 -j ACCEPT/, - /-A INPUT -p icmp -m comment --comment \"013 icmp time-exceeded\" -m icmp --icmp-type 11 -j ACCEPT/, - /-A INPUT -p tcp -m multiport --dports 22 -m comment --comment \"020 ssh\" -m state --state NEW -j ACCEPT/, - /-A INPUT -p tcp -m multiport --dports 22 -m comment --comment \"001 ssh needed for beaker testing\" -j ACCEPT/, - /-A OUTPUT (! -o|-o !) eth0:2 -p tcp -m multiport --dports 25 -m comment --comment \"025 smtp\" -m state --state NEW -j ACCEPT/, - /-A INPUT -i eth0:3 -p tcp -m multiport --dports 443 -m comment --comment \"443 ssl on aliased interface\" -m state --state NEW -j ACCEPT/, - /-A INPUT -m comment --comment \"900 LOCAL_INPUT\" -j LOCAL_INPUT/, - /-A FORWARD -m comment --comment \"010 allow established and related\" -m state --state RELATED,ESTABLISHED -j ACCEPT/ - ].each do |line| - expect(r.stdout).to match(line) - end - end - end -end diff --git a/firewall/spec/acceptance/socket_spec.rb b/firewall/spec/acceptance/socket_spec.rb deleted file mode 100644 index 5503a9a07..000000000 --- a/firewall/spec/acceptance/socket_spec.rb +++ /dev/null @@ -1,97 +0,0 @@ -require 'spec_helper_acceptance' - -# RHEL5 does not support -m socket -describe 'firewall socket property', :unless => (UNSUPPORTED_PLATFORMS.include?(fact('osfamily')) || default['platform'] =~ /el-5/ || fact('operatingsystem') == 'SLES') do - before :all do - iptables_flush_all_tables - end - - shared_examples "is idempotent" do |value, line_match| - it "changes the value to #{value}" do - pp = <<-EOS - class { '::firewall': } - firewall { '598 - test': - ensure => present, - proto => 'tcp', - chain => 'PREROUTING', - table => 'raw', - #{value} - } - EOS - - apply_manifest(pp, :catch_failures => true) - apply_manifest(pp, :catch_changes => true) - - shell('iptables-save -t raw') do |r| - expect(r.stdout).to match(/#{line_match}/) - end - end - end - shared_examples "doesn't change" do |value, line_match| - it "doesn't change the value to #{value}" do - pp = <<-EOS - class { '::firewall': } - firewall { '598 - test': - ensure => present, - proto => 'tcp', - chain => 'PREROUTING', - table => 'raw', - #{value} - } - EOS - - apply_manifest(pp, :catch_changes => true) - - shell('iptables-save -t raw') do |r| - expect(r.stdout).to match(/#{line_match}/) - end - end - end - - describe 'adding a rule' do - context 'when unset' do - before :all do - iptables_flush_all_tables - end - it_behaves_like 'is idempotent', '', /-A PREROUTING -p tcp -m comment --comment "598 - test"/ - end - context 'when set to true' do - before :all do - iptables_flush_all_tables - end - it_behaves_like 'is idempotent', 'socket => true,', /-A PREROUTING -p tcp -m socket -m comment --comment "598 - test"/ - end - context 'when set to false' do - before :all do - iptables_flush_all_tables - end - it_behaves_like "is idempotent", 'socket => false,', /-A PREROUTING -p tcp -m comment --comment "598 - test"/ - end - end - describe 'editing a rule' do - context 'when unset or false' do - before :each do - iptables_flush_all_tables - shell('iptables -t raw -A PREROUTING -p tcp -m comment --comment "598 - test"') - end - context 'and current value is false' do - it_behaves_like "doesn't change", 'socket => false,', /-A PREROUTING -p tcp -m comment --comment "598 - test"/ - end - context 'and current value is true' do - it_behaves_like "is idempotent", 'socket => true,', /-A PREROUTING -p tcp -m socket -m comment --comment "598 - test"/ - end - end - context 'when set to true' do - before :each do - iptables_flush_all_tables - shell('iptables -t raw -A PREROUTING -p tcp -m socket -m comment --comment "598 - test"') - end - context 'and current value is false' do - it_behaves_like "is idempotent", 'socket => false,', /-A PREROUTING -p tcp -m comment --comment "598 - test"/ - end - context 'and current value is true' do - it_behaves_like "doesn't change", 'socket => true,', /-A PREROUTING -p tcp -m socket -m comment --comment "598 - test"/ - end - end - end -end diff --git a/firewall/spec/acceptance/standard_usage_spec.rb b/firewall/spec/acceptance/standard_usage_spec.rb deleted file mode 100644 index afc0c42ad..000000000 --- a/firewall/spec/acceptance/standard_usage_spec.rb +++ /dev/null @@ -1,60 +0,0 @@ -require 'spec_helper_acceptance' - -# Some tests for the standard recommended usage -describe 'standard usage tests:', :unless => UNSUPPORTED_PLATFORMS.include?(fact('osfamily')) do - it 'applies twice' do - pp = <<-EOS - class my_fw::pre { - Firewall { - require => undef, - } - - # Default firewall rules - firewall { '000 accept all icmp': - proto => 'icmp', - action => 'accept', - }-> - firewall { '001 accept all to lo interface': - proto => 'all', - iniface => 'lo', - action => 'accept', - }-> - firewall { "0002 reject local traffic not on loopback interface": - iniface => '! lo', - destination => '127.0.0.1/8', - action => 'reject', - }-> - firewall { '003 accept related established rules': - proto => 'all', - ctstate => ['RELATED', 'ESTABLISHED'], - action => 'accept', - } - } - class my_fw::post { - firewall { '999 drop all': - proto => 'all', - action => 'drop', - before => undef, - } - } - resources { "firewall": - purge => true - } - Firewall { - before => Class['my_fw::post'], - require => Class['my_fw::pre'], - } - class { ['my_fw::pre', 'my_fw::post']: } - class { 'firewall': } - firewall { '500 open up port 22': - action => 'accept', - proto => 'tcp', - dport => 22, - } - EOS - - # Run it twice and test for idempotency - apply_manifest(pp, :catch_failures => true) - apply_manifest(pp, :catch_changes => do_catch_changes) - end -end diff --git a/firewall/spec/acceptance/unsupported_spec.rb b/firewall/spec/acceptance/unsupported_spec.rb deleted file mode 100644 index dfb75e235..000000000 --- a/firewall/spec/acceptance/unsupported_spec.rb +++ /dev/null @@ -1,10 +0,0 @@ -require 'spec_helper_acceptance' - -describe 'unsupported distributions and OSes', :if => UNSUPPORTED_PLATFORMS.include?(fact('osfamily')) do - it 'should fail' do - pp = <<-EOS - class { 'firewall': } - EOS - expect(apply_manifest(pp, :expect_failures => true).stderr).to match(/not currently supported/i) - end -end diff --git a/firewall/spec/fixtures/ip6tables/conversion_hash.rb b/firewall/spec/fixtures/ip6tables/conversion_hash.rb deleted file mode 100644 index d7523787f..000000000 --- a/firewall/spec/fixtures/ip6tables/conversion_hash.rb +++ /dev/null @@ -1,117 +0,0 @@ -# These hashes allow us to iterate across a series of test data -# creating rspec examples for each parameter to ensure the input :line -# extrapolates to the desired value for the parameter in question. And -# vice-versa - -# This hash is for testing a line conversion to a hash of parameters -# which will be used to create a resource. -ARGS_TO_HASH6 = { - 'source_destination_ipv6_no_cidr' => { - :line => '-A INPUT -s 2001:db8:85a3::8a2e:370:7334 -d 2001:db8:85a3::8a2e:370:7334 -m comment --comment "000 source destination ipv6 no cidr"', - :table => 'filter', - :provider => 'ip6tables', - :params => { - :source => '2001:db8:85a3::8a2e:370:7334/128', - :destination => '2001:db8:85a3::8a2e:370:7334/128', - }, - }, - 'source_destination_ipv6_netmask' => { - :line => '-A INPUT -s 2001:db8:1234::/ffff:ffff:ffff:0000:0000:0000:0000:0000 -d 2001:db8:4321::/ffff:ffff:ffff:0000:0000:0000:0000:0000 -m comment --comment "000 source destination ipv6 netmask"', - :table => 'filter', - :provider => 'ip6tables', - :params => { - :source => '2001:db8:1234::/48', - :destination => '2001:db8:4321::/48', - }, - }, - 'udp_source_port_and_destination_port' => { - :line => '-A ufw6-before-input -s fe80::/10 -d fe80::/10 -p udp -m udp --sport 547 --dport 546 -j ACCEPT', - :table => 'filter', - :provider => 'ip6tables', - :params => { - :proto => 'udp', - :sport => ['547'], - :dport => ['546'], - }, - } -} - -# This hash is for testing converting a hash to an argument line. -HASH_TO_ARGS6 = { - 'zero_prefixlen_ipv6' => { - :params => { - :name => '100 zero prefix length ipv6', - :table => 'filter', - :provider => 'ip6tables', - :source => '::/0', - :destination => '::/0', - }, - :args => ['-t', :filter, '-p', :tcp, '-m', 'comment', '--comment', '100 zero prefix length ipv6'], - }, - 'source_destination_ipv4_no_cidr' => { - :params => { - :name => '000 source destination ipv4 no cidr', - :table => 'filter', - :provider => 'ip6tables', - :source => '1.1.1.1', - :destination => '2.2.2.2', - }, - :args => ['-t', :filter, '-s', '1.1.1.1/32', '-d', '2.2.2.2/32', '-p', :tcp, '-m', 'comment', '--comment', '000 source destination ipv4 no cidr'], - }, - 'source_destination_ipv6_no_cidr' => { - :params => { - :name => '000 source destination ipv6 no cidr', - :table => 'filter', - :provider => 'ip6tables', - :source => '2001:db8:1234::', - :destination => '2001:db8:4321::', - }, - :args => ['-t', :filter, '-s', '2001:db8:1234::/128', '-d', '2001:db8:4321::/128', '-p', :tcp, '-m', 'comment', '--comment', '000 source destination ipv6 no cidr'], - }, - 'source_destination_ipv6_netmask' => { - :params => { - :name => '000 source destination ipv6 netmask', - :table => 'filter', - :provider => 'ip6tables', - :source => '2001:db8:1234::/ffff:ffff:ffff:0000:0000:0000:0000:0000', - :destination => '2001:db8:4321::/ffff:ffff:ffff:0000:0000:0000:0000:0000', - }, - :args => ['-t', :filter, '-s', '2001:db8:1234::/48', '-d', '2001:db8:4321::/48', '-p', :tcp, '-m', 'comment', '--comment', '000 source destination ipv6 netmask'], - }, - 'frag_ishasmorefrags' => { - :params => { - :name => "100 has more fragments", - :ishasmorefrags => true, - :provider => 'ip6tables', - :table => "filter", - }, - :args => ["-t", :filter, "-p", :tcp, "-m", "frag", "--fragid", "0", "--fragmore", "-m", "comment", "--comment", "100 has more fragments"], - }, - 'frag_islastfrag' => { - :params => { - :name => "100 last fragment", - :islastfrag => true, - :provider => 'ip6tables', - :table => "filter", - }, - :args => ["-t", :filter, "-p", :tcp, "-m", "frag", "--fragid", "0", "--fraglast", "-m", "comment", "--comment", "100 last fragment"], - }, - 'frag_isfirstfrags' => { - :params => { - :name => "100 first fragment", - :isfirstfrag => true, - :provider => 'ip6tables', - :table => "filter", - }, - :args => ["-t", :filter, "-p", :tcp, "-m", "frag", "--fragid", "0", "--fragfirst", "-m", "comment", "--comment", "100 first fragment"], - }, - 'hop_limit' => { - :params => { - :name => "100 hop limit", - :hop_limit => 255, - :provider => 'ip6tables', - :table => "filter", - }, - :args => ["-t", :filter, "-p", :tcp, "-m", "comment", "--comment", "100 hop limit", "-m", "hl", "--hl-eq", 255], - }, -} diff --git a/firewall/spec/fixtures/iptables/conversion_hash.rb b/firewall/spec/fixtures/iptables/conversion_hash.rb deleted file mode 100644 index bbdff8cc8..000000000 --- a/firewall/spec/fixtures/iptables/conversion_hash.rb +++ /dev/null @@ -1,1120 +0,0 @@ -# These hashes allow us to iterate across a series of test data -# creating rspec examples for each parameter to ensure the input :line -# extrapolates to the desired value for the parameter in question. And -# vice-versa - -# This hash is for testing a line conversion to a hash of parameters -# which will be used to create a resource. -ARGS_TO_HASH = { - 'mac_source_1' => { - :line => '-A neutron-openvswi-FORWARD -s 1.2.3.4/32 -m mac --mac-source FA:16:00:00:00:00 -j ACCEPT', - :table => 'filter', - :params => { - :chain => 'neutron-openvswi-FORWARD', - :source => '1.2.3.4/32', - :mac_source => 'FA:16:00:00:00:00', - }, - }, - 'dport_and_sport' => { - :line => '-A nova-compute-FORWARD -s 0.0.0.0/32 -d 255.255.255.255/32 -p udp -m udp --sport 68 --dport 67 -j ACCEPT', - :table => 'filter', - :params => { - :action => 'accept', - :chain => 'nova-compute-FORWARD', - :source => '0.0.0.0/32', - :destination => '255.255.255.255/32', - :sport => ['68'], - :dport => ['67'], - :proto => 'udp', - }, - }, - 'long_rule_1' => { - :line => '-A INPUT -s 1.1.1.1/32 -d 1.1.1.1/32 -p tcp -m multiport --dports 7061,7062 -m multiport --sports 7061,7062 -m comment --comment "000 allow foo" -j ACCEPT', - :table => 'filter', - :compare_all => true, - :params => { - :action => "accept", - :chain => "INPUT", - :destination => "1.1.1.1/32", - :dport => ["7061","7062"], - :ensure => :present, - :line => '-A INPUT -s 1.1.1.1/32 -d 1.1.1.1/32 -p tcp -m multiport --dports 7061,7062 -m multiport --sports 7061,7062 -m comment --comment "000 allow foo" -j ACCEPT', - :name => "000 allow foo", - :proto => "tcp", - :provider => "iptables", - :source => "1.1.1.1/32", - :sport => ["7061","7062"], - :table => "filter", - }, - }, - 'action_drop_1' => { - :line => '-A INPUT -m comment --comment "000 allow foo" -j DROP', - :table => 'filter', - :params => { - :jump => nil, - :action => "drop", - }, - }, - 'action_reject_1' => { - :line => '-A INPUT -m comment --comment "000 allow foo" -j REJECT', - :table => 'filter', - :params => { - :jump => nil, - :action => "reject", - }, - }, - 'action_nil_1' => { - :line => '-A INPUT -m comment --comment "000 allow foo"', - :table => 'filter', - :params => { - :jump => nil, - :action => nil, - }, - }, - 'jump_custom_chain_1' => { - :line => '-A INPUT -m comment --comment "000 allow foo" -j custom_chain', - :table => 'filter', - :params => { - :jump => "custom_chain", - :action => nil, - }, - }, - 'source_destination_ipv4_no_cidr' => { - :line => '-A INPUT -s 1.1.1.1 -d 2.2.2.2 -m comment --comment "000 source destination ipv4 no cidr"', - :table => 'filter', - :params => { - :source => '1.1.1.1/32', - :destination => '2.2.2.2/32', - }, - }, - 'source_destination_ipv6_no_cidr' => { - :line => '-A INPUT -s 2001:db8:85a3::8a2e:370:7334 -d 2001:db8:85a3::8a2e:370:7334 -m comment --comment "000 source destination ipv6 no cidr"', - :table => 'filter', - :params => { - :source => '2001:db8:85a3::8a2e:370:7334/128', - :destination => '2001:db8:85a3::8a2e:370:7334/128', - }, - }, - 'source_destination_ipv4_netmask' => { - :line => '-A INPUT -s 1.1.1.0/255.255.255.0 -d 2.2.0.0/255.255.0.0 -m comment --comment "000 source destination ipv4 netmask"', - :table => 'filter', - :params => { - :source => '1.1.1.0/24', - :destination => '2.2.0.0/16', - }, - }, - 'source_destination_ipv6_netmask' => { - :line => '-A INPUT -s 2001:db8:1234::/ffff:ffff:ffff:0000:0000:0000:0000:0000 -d 2001:db8:4321::/ffff:ffff:ffff:0000:0000:0000:0000:0000 -m comment --comment "000 source destination ipv6 netmask"', - :table => 'filter', - :params => { - :source => '2001:db8:1234::/48', - :destination => '2001:db8:4321::/48', - }, - }, - 'source_destination_negate_source' => { - :line => '-A INPUT ! -s 1.1.1.1 -d 2.2.2.2 -m comment --comment "000 negated source address"', - :table => 'filter', - :params => { - :source => '! 1.1.1.1/32', - :destination => '2.2.2.2/32', - }, - }, - 'source_destination_negate_destination' => { - :line => '-A INPUT -s 1.1.1.1 ! -d 2.2.2.2 -m comment --comment "000 negated destination address"', - :table => 'filter', - :params => { - :source => '1.1.1.1/32', - :destination => '! 2.2.2.2/32', - }, - }, - 'source_destination_negate_destination_alternative' => { - :line => '-A INPUT -s 1.1.1.1 -d ! 2.2.2.2 -m comment --comment "000 negated destination address alternative"', - :table => 'filter', - :params => { - :source => '1.1.1.1/32', - :destination => '! 2.2.2.2/32', - }, - }, - 'dport_range_1' => { - :line => '-A INPUT -m multiport --dports 1:1024 -m comment --comment "000 allow foo"', - :table => 'filter', - :params => { - :dport => ["1-1024"], - }, - }, - 'dport_range_2' => { - :line => '-A INPUT -m multiport --dports 15,512:1024 -m comment --comment "000 allow foo"', - :table => 'filter', - :params => { - :dport => ["15","512-1024"], - }, - }, - 'sport_range_1' => { - :line => '-A INPUT -m multiport --sports 1:1024 -m comment --comment "000 allow foo"', - :table => 'filter', - :params => { - :sport => ["1-1024"], - }, - }, - 'sport_range_2' => { - :line => '-A INPUT -m multiport --sports 15,512:1024 -m comment --comment "000 allow foo"', - :table => 'filter', - :params => { - :sport => ["15","512-1024"], - }, - }, - 'dst_type_1' => { - :line => '-A INPUT -m addrtype --dst-type LOCAL', - :table => 'filter', - :params => { - :dst_type => 'LOCAL', - }, - }, - 'src_type_1' => { - :line => '-A INPUT -m addrtype --src-type LOCAL', - :table => 'filter', - :params => { - :src_type => 'LOCAL', - }, - }, - 'dst_range_1' => { - :line => '-A INPUT -m iprange --dst-range 10.0.0.2-10.0.0.20', - :table => 'filter', - :params => { - :dst_range => '10.0.0.2-10.0.0.20', - }, - }, - 'src_range_1' => { - :line => '-A INPUT -m iprange --src-range 10.0.0.2-10.0.0.20', - :table => 'filter', - :params => { - :src_range => '10.0.0.2-10.0.0.20', - }, - }, - 'tcp_flags_1' => { - :line => '-A INPUT -p tcp -m tcp --tcp-flags SYN,RST,ACK,FIN SYN -m comment --comment "000 initiation"', - :table => 'filter', - :compare_all => true, - :chain => 'INPUT', - :proto => 'tcp', - :params => { - :chain => "INPUT", - :ensure => :present, - :line => '-A INPUT -p tcp -m tcp --tcp-flags SYN,RST,ACK,FIN SYN -m comment --comment "000 initiation"', - :name => "000 initiation", - :proto => "tcp", - :provider => "iptables", - :table => "filter", - :tcp_flags => "SYN,RST,ACK,FIN SYN", - }, - }, - 'state_returns_sorted_values' => { - :line => '-A INPUT -m state --state INVALID,RELATED,ESTABLISHED', - :table => 'filter', - :params => { - :state => ['ESTABLISHED', 'INVALID', 'RELATED'], - :action => nil, - }, - }, - 'ctstate_returns_sorted_values' => { - :line => '-A INPUT -m conntrack --ctstate INVALID,RELATED,ESTABLISHED', - :table => 'filter', - :params => { - :ctstate => ['ESTABLISHED', 'INVALID', 'RELATED'], - :action => nil, - }, - }, - 'comment_string_character_validation' => { - :line => '-A INPUT -s 192.168.0.1/32 -m comment --comment "000 allow from 192.168.0.1, please"', - :table => 'filter', - :params => { - :source => '192.168.0.1/32', - }, - }, - 'string_escape_sequences' => { - :line => '-A INPUT -m comment --comment "000 parse escaped \\"s, \\\'s, and \\\\s"', - :table => 'filter', - :params => { - :name => '000 parse escaped "s, \'s, and \\s', - }, - }, - 'log_level_debug' => { - :line => '-A INPUT -m comment --comment "956 INPUT log-level" -m state --state NEW -j LOG --log-level 7', - :table => 'filter', - :params => { - :state => ['NEW'], - :log_level => '7', - :jump => 'LOG' - }, - }, - 'log_level_warn' => { - :line => '-A INPUT -m comment --comment "956 INPUT log-level" -m state --state NEW -j LOG', - :table => 'filter', - :params => { - :state => ['NEW'], - :log_level => '4', - :jump => 'LOG' - }, - }, - 'load_limit_module_and_implicit_burst' => { - :line => '-A INPUT -m multiport --dports 123 -m comment --comment "057 INPUT limit NTP" -m limit --limit 15/hour', - :table => 'filter', - :params => { - :dport => ['123'], - :limit => '15/hour', - :burst => '5' - }, - }, - 'limit_with_explicit_burst' => { - :line => '-A INPUT -m multiport --dports 123 -m comment --comment "057 INPUT limit NTP" -m limit --limit 30/hour --limit-burst 10', - :table => 'filter', - :params => { - :dport => ['123'], - :limit => '30/hour', - :burst => '10' - }, - }, - 'proto_ipencap' => { - :line => '-A INPUT -p ipencap -m comment --comment "0100 INPUT accept ipencap"', - :table => 'filter', - :params => { - :proto => 'ipencap', - } - }, - 'load_uid_owner_filter_module' => { - :line => '-A OUTPUT -m owner --uid-owner root -m comment --comment "057 OUTPUT uid root only" -j ACCEPT', - :table => 'filter', - :params => { - :action => 'accept', - :uid => 'root', - :chain => 'OUTPUT', - }, - }, - 'load_uid_owner_postrouting_module' => { - :line => '-t mangle -A POSTROUTING -m owner --uid-owner root -m comment --comment "057 POSTROUTING uid root only" -j ACCEPT', - :table => 'mangle', - :params => { - :action => 'accept', - :chain => 'POSTROUTING', - :uid => 'root', - }, - }, - 'load_gid_owner_filter_module' => { - :line => '-A OUTPUT -m owner --gid-owner root -m comment --comment "057 OUTPUT gid root only" -j ACCEPT', - :table => 'filter', - :params => { - :action => 'accept', - :chain => 'OUTPUT', - :gid => 'root', - }, - }, - 'load_gid_owner_postrouting_module' => { - :line => '-t mangle -A POSTROUTING -m owner --gid-owner root -m comment --comment "057 POSTROUTING gid root only" -j ACCEPT', - :table => 'mangle', - :params => { - :action => 'accept', - :chain => 'POSTROUTING', - :gid => 'root', - }, - }, - 'mark_set-mark' => { - :line => '-t mangle -A PREROUTING -j MARK --set-xmark 0x3e8/0xffffffff', - :table => 'mangle', - :params => { - :jump => 'MARK', - :chain => 'PREROUTING', - :set_mark => '0x3e8/0xffffffff', - } - }, - 'iniface_1' => { - :line => '-A INPUT -i eth0 -m comment --comment "060 iniface" -j DROP', - :table => 'filter', - :params => { - :action => 'drop', - :chain => 'INPUT', - :iniface => 'eth0', - }, - }, - 'iniface_1_negated' => { - :line => '-A INPUT ! -i eth0 -m comment --comment "060 iniface" -j DROP', - :table => 'filter', - :params => { - :action => 'drop', - :chain => 'INPUT', - :iniface => '! eth0', - }, - }, - 'iniface_1_aliased' => { - :line => '-A INPUT -i eth0:1 -m comment --comment "060 iniface" -j DROP', - :table => 'filter', - :params => { - :action => 'drop', - :chain => 'INPUT', - :iniface => 'eth0:1', - }, - }, - 'iniface_with_vlans_1' => { - :line => '-A INPUT -i eth0.234 -m comment --comment "060 iniface" -j DROP', - :table => 'filter', - :params => { - :action => 'drop', - :chain => 'INPUT', - :iniface => 'eth0.234', - }, - }, - 'iniface_with_plus_1' => { - :line => '-A INPUT -i eth+ -m comment --comment "060 iniface" -j DROP', - :table => 'filter', - :params => { - :action => 'drop', - :chain => 'INPUT', - :iniface => 'eth+', - }, - }, - 'outiface_1' => { - :line => '-A OUTPUT -o eth0 -m comment --comment "060 outiface" -j DROP', - :table => 'filter', - :params => { - :action => 'drop', - :chain => 'OUTPUT', - :outiface => 'eth0', - }, - }, - 'outiface_1_negated' => { - :line => '-A OUTPUT ! -o eth0 -m comment --comment "060 outiface" -j DROP', - :table => 'filter', - :params => { - :action => 'drop', - :chain => 'OUTPUT', - :outiface => '! eth0', - }, - }, - 'outiface_1_aliased' => { - :line => '-A OUTPUT -o eth0:2 -m comment --comment "060 outiface" -j DROP', - :table => 'filter', - :params => { - :action => 'drop', - :chain => 'OUTPUT', - :outiface => 'eth0:2', - }, - }, - 'outiface_with_vlans_1' => { - :line => '-A OUTPUT -o eth0.234 -m comment --comment "060 outiface" -j DROP', - :table => 'filter', - :params => { - :action => 'drop', - :chain => 'OUTPUT', - :outiface => 'eth0.234', - }, - }, - 'outiface_with_plus_1' => { - :line => '-A OUTPUT -o eth+ -m comment --comment "060 outiface" -j DROP', - :table => 'filter', - :params => { - :action => 'drop', - :chain => 'OUTPUT', - :outiface => 'eth+', - }, - }, - 'pkttype multicast' => { - :line => '-A INPUT -m pkttype --pkt-type multicast -j ACCEPT', - :table => 'filter', - :params => { - :action => 'accept', - :pkttype => 'multicast', - }, - }, - 'socket_option' => { - :line => '-A PREROUTING -m socket -j ACCEPT', - :table => 'mangle', - :params => { - :action => 'accept', - :chain => 'PREROUTING', - :socket => true, - }, - }, - 'isfragment_option' => { - :line => '-A INPUT -f -m comment --comment "010 a-f comment with dashf" -j ACCEPT', - :table => 'filter', - :params => { - :name => '010 a-f comment with dashf', - :action => 'accept', - :isfragment => true, - }, - }, - 'single_tcp_sport' => { - :line => '-A OUTPUT -s 10.94.100.46/32 -p tcp -m tcp --sport 20443 -j ACCEPT', - :table => 'mangle', - :params => { - :action => 'accept', - :chain => 'OUTPUT', - :source => "10.94.100.46/32", - :proto => "tcp", - :sport => ["20443"], - }, - }, - 'single_udp_sport' => { - :line => '-A OUTPUT -s 10.94.100.46/32 -p udp -m udp --sport 20443 -j ACCEPT', - :table => 'mangle', - :params => { - :action => 'accept', - :chain => 'OUTPUT', - :source => "10.94.100.46/32", - :proto => "udp", - :sport => ["20443"], - }, - }, - 'single_tcp_dport' => { - :line => '-A OUTPUT -s 10.94.100.46/32 -p tcp -m tcp --dport 20443 -j ACCEPT', - :table => 'mangle', - :params => { - :action => 'accept', - :chain => 'OUTPUT', - :source => "10.94.100.46/32", - :proto => "tcp", - :dport => ["20443"], - }, - }, - 'single_udp_dport' => { - :line => '-A OUTPUT -s 10.94.100.46/32 -p udp -m udp --dport 20443 -j ACCEPT', - :table => 'mangle', - :params => { - :action => 'accept', - :chain => 'OUTPUT', - :source => "10.94.100.46/32", - :proto => "udp", - :dport => ["20443"], - }, - }, - 'connlimit_above' => { - :line => '-A INPUT -p tcp -m multiport --dports 22 -m comment --comment "061 REJECT connlimit_above 10" -m connlimit --connlimit-above 10 --connlimit-mask 32 -j REJECT --reject-with icmp-port-unreachable', - :table => 'filter', - :params => { - :proto => 'tcp', - :dport => ["22"], - :connlimit_above => '10', - :action => 'reject', - }, - }, - 'connlimit_above_with_connlimit_mask' => { - :line => '-A INPUT -p tcp -m multiport --dports 22 -m comment --comment "061 REJECT connlimit_above 10 with mask 24" -m connlimit --connlimit-above 10 --connlimit-mask 24 -j REJECT --reject-with icmp-port-unreachable', - :table => 'filter', - :params => { - :proto => 'tcp', - :dport => ["22"], - :connlimit_above => '10', - :connlimit_mask => '24', - :action => 'reject', - }, - }, - 'connmark' => { - :line => '-A INPUT -m comment --comment "062 REJECT connmark" -m connmark --mark 0x1 -j REJECT --reject-with icmp-port-unreachable', - :table => 'filter', - :params => { - :proto => 'all', - :connmark => '0x1', - :action => 'reject', - }, - }, - 'disallow_esp_protocol' => { - :line => '-t filter ! -p esp -m comment --comment "063 disallow esp protocol" -j ACCEPT', - :table => 'filter', - :params => { - :name => '063 disallow esp protocol', - :action => 'accept', - :proto => '! esp', - }, - }, - 'drop_new_packets_without_syn' => { - :line => '-t filter ! -s 10.0.0.0/8 ! -p tcp -m tcp ! --tcp-flags FIN,SYN,RST,ACK SYN -m comment --comment "064 drop NEW non-tcp external packets with FIN/RST/ACK set and SYN unset" -m state --state NEW -j DROP', - :table => 'filter', - :params => { - :name => '064 drop NEW non-tcp external packets with FIN/RST/ACK set and SYN unset', - :state => ['NEW'], - :action => 'drop', - :proto => '! tcp', - :source => '! 10.0.0.0/8', - :tcp_flags => '! FIN,SYN,RST,ACK SYN', - }, - }, - 'negate_dport_and_sport' => { - :line => '-A nova-compute-FORWARD -s 0.0.0.0/32 -d 255.255.255.255/32 -p udp -m udp ! --sport 68,69 ! --dport 67,66 -j ACCEPT', - :table => 'filter', - :params => { - :action => 'accept', - :chain => 'nova-compute-FORWARD', - :source => '0.0.0.0/32', - :destination => '255.255.255.255/32', - :sport => ['! 68','! 69'], - :dport => ['! 67','! 66'], - :proto => 'udp', - }, - }, - 'match_mark' => { - :line => '-A INPUT -p tcp -m comment --comment "066 REJECT connlimit_above 10 with mask 32 and mark matches" -m mark --mark 0x1 -m connlimit --connlimit-above 10 --connlimit-mask 32 -j REJECT --reject-with icmp-port-unreachable', - :table => 'filter', - :params => { - :proto => 'tcp', - :connlimit_above => '10', - :connlimit_mask => '32', - :match_mark => '0x1', - :action => 'reject', - }, - }, - 'clamp_mss_to_pmtu' => { - :line => '-A INPUT -p tcp -m tcp --tcp-flags SYN,RST SYN -m comment --comment "067 change max segment size" -j TCPMSS --clamp-mss-to-pmtu', - :table => 'filter', - :params => { - :name => '067 change max segment size', - :table => 'filter', - :proto => 'tcp', - :tcp_flags => 'SYN,RST SYN', - :jump => 'TCPMSS', - :clamp_mss_to_pmtu => true, - }, - }, - 'mangled_chain_name_with_-f' => { - :line => '-A foo-filter -p tcp -m comment --comment "068 chain name containing -f" -j ACCEPT', - :params => { - :name => '068 chain name containing -f', - :action => 'accept', - :chain => 'foo-filter', - }, - }, -} - -# This hash is for testing converting a hash to an argument line. -HASH_TO_ARGS = { - 'long_rule_1' => { - :params => { - :action => "accept", - :chain => "INPUT", - :destination => "1.1.1.1", - :dport => ["7061","7062"], - :ensure => :present, - :name => "000 allow foo", - :proto => "tcp", - :source => "1.1.1.1", - :sport => ["7061","7062"], - :table => "filter", - }, - :args => ["-t", :filter, "-s", "1.1.1.1/32", "-d", "1.1.1.1/32", "-p", :tcp, "-m", "multiport", "--sports", "7061,7062", "-m", "multiport", "--dports", "7061,7062", "-m", "comment", "--comment", "000 allow foo", "-j", "ACCEPT"], - }, - 'long_rule_2' => { - :params => { - :chain => "INPUT", - :destination => "2.10.13.3/24", - :dport => ["7061"], - :ensure => :present, - :jump => "my_custom_chain", - :name => "700 allow bar", - :proto => "udp", - :source => "1.1.1.1", - :sport => ["7061","7062"], - :table => "filter", - }, - :args => ["-t", :filter, "-s", "1.1.1.1/32", "-d", "2.10.13.0/24", "-p", :udp, "-m", "multiport", "--sports", "7061,7062", "-m", "multiport", "--dports", "7061", "-m", "comment", "--comment", "700 allow bar", "-j", "my_custom_chain"], - }, - 'no_action' => { - :params => { - :name => "100 no action", - :table => "filter", - }, - :args => ["-t", :filter, "-p", :tcp, "-m", "comment", "--comment", - "100 no action"], - }, - 'zero_prefixlen_ipv4' => { - :params => { - :name => '100 zero prefix length ipv4', - :table => 'filter', - :source => '0.0.0.0/0', - :destination => '0.0.0.0/0', - }, - :args => ['-t', :filter, '-p', :tcp, '-m', 'comment', '--comment', '100 zero prefix length ipv4'], - }, - 'zero_prefixlen_ipv6' => { - :params => { - :name => '100 zero prefix length ipv6', - :table => 'filter', - :source => '::/0', - :destination => '::/0', - }, - :args => ['-t', :filter, '-p', :tcp, '-m', 'comment', '--comment', '100 zero prefix length ipv6'], - }, - 'source_destination_ipv4_no_cidr' => { - :params => { - :name => '000 source destination ipv4 no cidr', - :table => 'filter', - :source => '1.1.1.1', - :destination => '2.2.2.2', - }, - :args => ['-t', :filter, '-s', '1.1.1.1/32', '-d', '2.2.2.2/32', '-p', :tcp, '-m', 'comment', '--comment', '000 source destination ipv4 no cidr'], - }, - 'source_destination_ipv6_no_cidr' => { - :params => { - :name => '000 source destination ipv6 no cidr', - :table => 'filter', - :source => '2001:db8:1234::', - :destination => '2001:db8:4321::', - }, - :args => ['-t', :filter, '-s', '2001:db8:1234::/128', '-d', '2001:db8:4321::/128', '-p', :tcp, '-m', 'comment', '--comment', '000 source destination ipv6 no cidr'], - }, - 'source_destination_ipv4_netmask' => { - :params => { - :name => '000 source destination ipv4 netmask', - :table => 'filter', - :source => '1.1.1.0/255.255.255.0', - :destination => '2.2.0.0/255.255.0.0', - }, - :args => ['-t', :filter, '-s', '1.1.1.0/24', '-d', '2.2.0.0/16', '-p', :tcp, '-m', 'comment', '--comment', '000 source destination ipv4 netmask'], - }, - 'source_destination_ipv6_netmask' => { - :params => { - :name => '000 source destination ipv6 netmask', - :table => 'filter', - :source => '2001:db8:1234::/ffff:ffff:ffff:0000:0000:0000:0000:0000', - :destination => '2001:db8:4321::/ffff:ffff:ffff:0000:0000:0000:0000:0000', - }, - :args => ['-t', :filter, '-s', '2001:db8:1234::/48', '-d', '2001:db8:4321::/48', '-p', :tcp, '-m', 'comment', '--comment', '000 source destination ipv6 netmask'], - }, - 'sport_range_1' => { - :params => { - :name => "100 sport range", - :sport => ["1-1024"], - :table => "filter", - }, - :args => ["-t", :filter, "-p", :tcp, "-m", "multiport", "--sports", "1:1024", "-m", "comment", "--comment", "100 sport range"], - }, - 'sport_range_2' => { - :params => { - :name => "100 sport range", - :sport => ["15","512-1024"], - :table => "filter", - }, - :args => ["-t", :filter, "-p", :tcp, "-m", "multiport", "--sports", "15,512:1024", "-m", "comment", "--comment", "100 sport range"], - }, - 'dport_range_1' => { - :params => { - :name => "100 sport range", - :dport => ["1-1024"], - :table => "filter", - }, - :args => ["-t", :filter, "-p", :tcp, "-m", "multiport", "--dports", "1:1024", "-m", "comment", "--comment", "100 sport range"], - }, - 'dport_range_2' => { - :params => { - :name => "100 sport range", - :dport => ["15","512-1024"], - :table => "filter", - }, - :args => ["-t", :filter, "-p", :tcp, "-m", "multiport", "--dports", "15,512:1024", "-m", "comment", "--comment", "100 sport range"], - }, - 'dst_type_1' => { - :params => { - :name => '000 dst_type', - :table => 'filter', - :dst_type => 'LOCAL', - }, - :args => ['-t', :filter, '-p', :tcp, '-m', 'addrtype', '--dst-type', :LOCAL, '-m', 'comment', '--comment', '000 dst_type'], - }, - 'src_type_1' => { - :params => { - :name => '000 src_type', - :table => 'filter', - :src_type => 'LOCAL', - }, - :args => ['-t', :filter, '-p', :tcp, '-m', 'addrtype', '--src-type', :LOCAL, '-m', 'comment', '--comment', '000 src_type'], - }, - 'dst_range_1' => { - :params => { - :name => '000 dst_range', - :table => 'filter', - :dst_range => '10.0.0.1-10.0.0.10', - }, - :args => ['-t', :filter, '-p', :tcp, '-m', 'iprange', '--dst-range', '10.0.0.1-10.0.0.10', '-m', 'comment', '--comment', '000 dst_range'], - }, - 'src_range_1' => { - :params => { - :name => '000 src_range', - :table => 'filter', - :dst_range => '10.0.0.1-10.0.0.10', - }, - :args => ['-t', :filter, '-p', :tcp, '-m', 'iprange', '--dst-range', '10.0.0.1-10.0.0.10', '-m', 'comment', '--comment', '000 src_range'], - }, - 'tcp_flags_1' => { - :params => { - :name => "000 initiation", - :tcp_flags => "SYN,RST,ACK,FIN SYN", - :table => "filter", - }, - - :args => ["-t", :filter, "-p", :tcp, "-m", "tcp", "--tcp-flags", "SYN,RST,ACK,FIN", "SYN", "-m", "comment", "--comment", "000 initiation",] - }, - 'states_set_from_array' => { - :params => { - :name => "100 states_set_from_array", - :table => "filter", - :state => ['ESTABLISHED', 'INVALID'] - }, - :args => ["-t", :filter, "-p", :tcp, "-m", "comment", "--comment", "100 states_set_from_array", - "-m", "state", "--state", "ESTABLISHED,INVALID"], - }, - 'ctstates_set_from_array' => { - :params => { - :name => "100 ctstates_set_from_array", - :table => "filter", - :ctstate => ['ESTABLISHED', 'INVALID'] - }, - :args => ["-t", :filter, "-p", :tcp, "-m", "comment", "--comment", "100 ctstates_set_from_array", - "-m", "conntrack", "--ctstate", "ESTABLISHED,INVALID"], - }, - 'comment_string_character_validation' => { - :params => { - :name => "000 allow from 192.168.0.1, please", - :table => 'filter', - :source => '192.168.0.1' - }, - :args => ['-t', :filter, '-s', '192.168.0.1/32', '-p', :tcp, '-m', 'comment', '--comment', '000 allow from 192.168.0.1, please'], - }, - 'comment_string_character_validation_2' => { - :params => { - :name => "000 allow symbols ( $+<=>^`|~ ) in ruby >= 1.9", - :table => 'filter', - }, - :args => ['-t', :filter, '-p', :tcp, '-m', 'comment', '--comment', '000 allow symbols ( $+<=>^`|~ ) in ruby >= 1.9'], - }, - 'log_level_debug' => { - :params => { - :name => '956 INPUT log-level', - :table => 'filter', - :state => 'NEW', - :jump => 'LOG', - :log_level => 'debug' - }, - :args => ['-t', :filter, '-p', :tcp, '-m', 'comment', '--comment', '956 INPUT log-level', '-m', 'state', '--state', 'NEW', '-j', 'LOG', '--log-level', '7'], - }, - 'log_level_warn' => { - :params => { - :name => '956 INPUT log-level', - :table => 'filter', - :state => 'NEW', - :jump => 'LOG', - :log_level => 'warn' - }, - :args => ['-t', :filter, '-p', :tcp, '-m', 'comment', '--comment', '956 INPUT log-level', '-m', 'state', '--state', 'NEW', '-j', 'LOG', '--log-level', '4'], - }, - 'load_limit_module_and_implicit_burst' => { - :params => { - :name => '057 INPUT limit NTP', - :table => 'filter', - :dport => '123', - :limit => '15/hour' - }, - :args => ['-t', :filter, '-p', :tcp, '-m', 'multiport', '--dports', '123', '-m', 'comment', '--comment', '057 INPUT limit NTP', '-m', 'limit', '--limit', '15/hour'], - }, - 'limit_with_explicit_burst' => { - :params => { - :name => '057 INPUT limit NTP', - :table => 'filter', - :dport => '123', - :limit => '30/hour', - :burst => '10' - }, - :args => ['-t', :filter, '-p', :tcp, '-m', 'multiport', '--dports', '123', '-m', 'comment', '--comment', '057 INPUT limit NTP', '-m', 'limit', '--limit', '30/hour', '--limit-burst', '10'], - }, - 'proto_ipencap' => { - :params => { - :name => '0100 INPUT accept ipencap', - :table => 'filter', - :proto => 'ipencap', - }, - :args => ['-t', :filter, '-p', :ipencap, '-m', 'comment', '--comment', '0100 INPUT accept ipencap'], - }, - 'load_uid_owner_filter_module' => { - :params => { - :name => '057 OUTPUT uid root only', - :table => 'filter', - :uid => 'root', - :action => 'accept', - :chain => 'OUTPUT', - :proto => 'all', - }, - :args => ['-t', :filter, '-p', :all, '-m', 'owner', '--uid-owner', 'root', '-m', 'comment', '--comment', '057 OUTPUT uid root only', '-j', 'ACCEPT'], - }, - 'load_uid_owner_postrouting_module' => { - :params => { - :name => '057 POSTROUTING uid root only', - :table => 'mangle', - :uid => 'root', - :action => 'accept', - :chain => 'POSTROUTING', - :proto => 'all', - }, - :args => ['-t', :mangle, '-p', :all, '-m', 'owner', '--uid-owner', 'root', '-m', 'comment', '--comment', '057 POSTROUTING uid root only', '-j', 'ACCEPT'], - }, - 'load_gid_owner_filter_module' => { - :params => { - :name => '057 OUTPUT gid root only', - :table => 'filter', - :chain => 'OUTPUT', - :gid => 'root', - :action => 'accept', - :proto => 'all', - }, - :args => ['-t', :filter, '-p', :all, '-m', 'owner', '--gid-owner', 'root', '-m', 'comment', '--comment', '057 OUTPUT gid root only', '-j', 'ACCEPT'], - }, - 'load_gid_owner_postrouting_module' => { - :params => { - :name => '057 POSTROUTING gid root only', - :table => 'mangle', - :gid => 'root', - :action => 'accept', - :chain => 'POSTROUTING', - :proto => 'all', - }, - :args => ['-t', :mangle, '-p', :all, '-m', 'owner', '--gid-owner', 'root', '-m', 'comment', '--comment', '057 POSTROUTING gid root only', '-j', 'ACCEPT'], - }, - 'mark_set-mark_int' => { - :params => { - :name => '058 set-mark 1000', - :table => 'mangle', - :jump => 'MARK', - :chain => 'PREROUTING', - :set_mark => '1000', - }, - :args => ['-t', :mangle, '-p', :tcp, '-m', 'comment', '--comment', '058 set-mark 1000', '-j', 'MARK', '--set-xmark', '0x3e8/0xffffffff'], - }, - 'mark_set-mark_hex' => { - :params => { - :name => '058 set-mark 0x32', - :table => 'mangle', - :jump => 'MARK', - :chain => 'PREROUTING', - :set_mark => '0x32', - }, - :args => ['-t', :mangle, '-p', :tcp, '-m', 'comment', '--comment', '058 set-mark 0x32', '-j', 'MARK', '--set-xmark', '0x32/0xffffffff'], - }, - 'mark_set-mark_hex_with_hex_mask' => { - :params => { - :name => '058 set-mark 0x32/0xffffffff', - :table => 'mangle', - :jump => 'MARK', - :chain => 'PREROUTING', - :set_mark => '0x32/0xffffffff', - }, - :args => ['-t', :mangle, '-p', :tcp, '-m', 'comment', '--comment', '058 set-mark 0x32/0xffffffff', '-j', 'MARK', '--set-xmark', '0x32/0xffffffff'], - }, - 'mark_set-mark_hex_with_mask' => { - :params => { - :name => '058 set-mark 0x32/4', - :table => 'mangle', - :jump => 'MARK', - :chain => 'PREROUTING', - :set_mark => '0x32/4', - }, - :args => ['-t', :mangle, '-p', :tcp, '-m', 'comment', '--comment', '058 set-mark 0x32/4', '-j', 'MARK', '--set-xmark', '0x32/0x4'], - }, - 'iniface_1' => { - :params => { - :name => '060 iniface', - :table => 'filter', - :action => 'drop', - :chain => 'INPUT', - :iniface => 'eth0', - }, - :args => ["-t", :filter, "-i", "eth0", "-p", :tcp, "-m", "comment", "--comment", "060 iniface", "-j", "DROP"], - }, - 'iniface_with_vlans_1' => { - :params => { - :name => '060 iniface', - :table => 'filter', - :action => 'drop', - :chain => 'INPUT', - :iniface => 'eth0.234', - }, - :args => ["-t", :filter, "-i", "eth0.234", "-p", :tcp, "-m", "comment", "--comment", "060 iniface", "-j", "DROP"], - }, - 'iniface_with_plus_1' => { - :params => { - :name => '060 iniface', - :table => 'filter', - :action => 'drop', - :chain => 'INPUT', - :iniface => 'eth+', - }, - :args => ["-t", :filter, "-i", "eth+", "-p", :tcp, "-m", "comment", "--comment", "060 iniface", "-j", "DROP"], - }, - 'outiface_1' => { - :params => { - :name => '060 outiface', - :table => 'filter', - :action => 'drop', - :chain => 'OUTPUT', - :outiface => 'eth0', - }, - :args => ["-t", :filter, "-o", "eth0", "-p", :tcp, "-m", "comment", "--comment", "060 outiface", "-j", "DROP"], - }, - 'outiface_with_vlans_1' => { - :params => { - :name => '060 outiface', - :table => 'filter', - :action => 'drop', - :chain => 'OUTPUT', - :outiface => 'eth0.234', - }, - :args => ["-t", :filter, "-o", "eth0.234", "-p", :tcp, "-m", "comment", "--comment", "060 outiface", "-j", "DROP"], - }, - 'outiface_with_plus_1' => { - :params => { - :name => '060 outiface', - :table => 'filter', - :action => 'drop', - :chain => 'OUTPUT', - :outiface => 'eth+', - }, - :args => ["-t", :filter, "-o", "eth+", "-p", :tcp, "-m", "comment", "--comment", "060 outiface", "-j", "DROP"], - }, - 'pkttype multicast' => { - :params => { - :name => '062 pkttype multicast', - :table => "filter", - :action => 'accept', - :chain => 'INPUT', - :iniface => 'eth0', - :pkttype => 'multicast', - }, - :args => ["-t", :filter, "-i", "eth0", "-p", :tcp, "-m", "pkttype", "--pkt-type", :multicast, "-m", "comment", "--comment", "062 pkttype multicast", "-j", "ACCEPT"], - }, - 'socket_option' => { - :params => { - :name => '050 socket option', - :table => 'mangle', - :action => 'accept', - :chain => 'PREROUTING', - :socket => true, - }, - :args => ['-t', :mangle, '-p', :tcp, '-m', 'socket', '-m', 'comment', '--comment', '050 socket option', '-j', 'ACCEPT'], - }, - 'isfragment_option' => { - :params => { - :name => '050 isfragment option', - :table => 'filter', - :proto => :all, - :action => 'accept', - :isfragment => true, - }, - :args => ['-t', :filter, '-p', :all, '-f', '-m', 'comment', '--comment', '050 isfragment option', '-j', 'ACCEPT'], - }, - 'isfragment_option not changing -f in comment' => { - :params => { - :name => '050 testcomment-with-fdashf', - :table => 'filter', - :proto => :all, - :action => 'accept', - }, - :args => ['-t', :filter, '-p', :all, '-m', 'comment', '--comment', '050 testcomment-with-fdashf', '-j', 'ACCEPT'], - }, - 'connlimit_above' => { - :params => { - :name => '061 REJECT connlimit_above 10', - :table => 'filter', - :proto => 'tcp', - :dport => ["22"], - :connlimit_above => '10', - :action => 'reject', - }, - :args => ["-t", :filter, "-p", :tcp, "-m", "multiport", "--dports", "22", "-m", "comment", "--comment", "061 REJECT connlimit_above 10", "-j", "REJECT", "-m", "connlimit", "--connlimit-above", "10"], - }, - 'connlimit_above_with_connlimit_mask' => { - :params => { - :name => '061 REJECT connlimit_above 10 with mask 24', - :table => 'filter', - :proto => 'tcp', - :dport => ["22"], - :connlimit_above => '10', - :connlimit_mask => '24', - :action => 'reject', - }, - :args => ["-t", :filter, "-p", :tcp, "-m", "multiport", "--dports", "22", "-m", "comment", "--comment", "061 REJECT connlimit_above 10 with mask 24", "-j", "REJECT", "-m", "connlimit", "--connlimit-above", "10", "--connlimit-mask", "24"], - }, - 'connmark' => { - :params => { - :name => '062 REJECT connmark', - :table => 'filter', - :proto => 'all', - :connmark => '0x1', - :action => 'reject', - }, - :args => ["-t", :filter, "-p", :all, "-m", "comment", "--comment", "062 REJECT connmark", "-j", "REJECT", "-m", "connmark", "--mark", "0x1"], - }, - 'disallow_esp_protocol' => { - :params => { - :name => '063 disallow esp protocol', - :table => 'filter', - :action => 'accept', - :proto => '! esp', - }, - :args => ["-t", :filter, "!", "-p", :esp, "-m", "comment", "--comment", "063 disallow esp protocol", "-j", "ACCEPT"], - }, - 'drop_new_packets_without_syn' => { - :params => { - :name => '064 drop NEW non-tcp external packets with FIN/RST/ACK set and SYN unset', - :table => 'filter', - :chain => 'INPUT', - :state => ['NEW'], - :action => 'drop', - :proto => '! tcp', - :source => '! 10.0.0.0/8', - :tcp_flags => '! FIN,SYN,RST,ACK SYN', - }, - :args => ["-t", :filter, "!", "-s", "10.0.0.0/8", "!", "-p", :tcp, "-m", "tcp", "!", "--tcp-flags", "FIN,SYN,RST,ACK", "SYN", "-m", "comment", "--comment", "064 drop NEW non-tcp external packets with FIN/RST/ACK set and SYN unset", "-m", "state", "--state", "NEW", "-j", "DROP"] - }, - 'negate_dport_and_sport' => { - :params => { - :name => '065 negate dport and sport', - :table => 'filter', - :action => 'accept', - :chain => 'nova-compute-FORWARD', - :source => '0.0.0.0/32', - :destination => '255.255.255.255/32', - :sport => ['! 68','! 69'], - :dport => ['! 67','! 66'], - :proto => 'udp', - }, - :args => ["-t", :filter, "-s", "0.0.0.0/32", "-d", "255.255.255.255/32", "-p", :udp, "-m", "multiport", "!", "--sports", "68,69", "-m", "multiport", "!", "--dports", "67,66", "-m", "comment", "--comment", "065 negate dport and sport", "-j", "ACCEPT"], - }, - 'match_mark' => { - :params => { - :name => '066 REJECT connlimit_above 10 with mask 32 and mark matches', - :table => 'filter', - :proto => 'tcp', - :connlimit_above => '10', - :connlimit_mask => '32', - :match_mark => '0x1', - :action => 'reject', - }, - :args => ["-t", :filter, "-p", :tcp, "-m", "comment", "--comment", "066 REJECT connlimit_above 10 with mask 32 and mark matches", "-j", "REJECT", "-m", "mark", "--mark", "0x1", "-m", "connlimit", "--connlimit-above", "10", "--connlimit-mask", "32"], - }, - 'clamp_mss_to_pmtu' => { - :params => { - :name => '067 change max segment size', - :table => 'filter', - :proto => 'tcp', - :tcp_flags => 'SYN,RST SYN', - :jump => 'TCPMSS', - :clamp_mss_to_pmtu => true, - }, - :args => ["-t", :filter, "-p", :tcp, "-m", "tcp", "--tcp-flags", "SYN,RST", "SYN", "-m", "comment", "--comment", "067 change max segment size", "-j", "TCPMSS", "--clamp-mss-to-pmtu"], - }, - 'set_dscp_class' => { - :params => { - :name => '068 set dscp class to EF', - :table => 'mangle', - :proto => 'tcp', - :port => '997', - :jump => 'DSCP', - :set_dscp_class => 'ef', - }, - :args => ["-t", :mangle, "-p", :tcp, "-m", "multiport", '--ports', '997', "-m", "comment", "--comment", "068 set dscp class to EF", "-j", "DSCP", "--set-dscp-class", "ef"], - }, -} diff --git a/firewall/spec/spec.opts b/firewall/spec/spec.opts deleted file mode 100644 index 91cd6427e..000000000 --- a/firewall/spec/spec.opts +++ /dev/null @@ -1,6 +0,0 @@ ---format -s ---colour ---loadby -mtime ---backtrace diff --git a/firewall/spec/spec_helper.rb b/firewall/spec/spec_helper.rb deleted file mode 100644 index bcd31596d..000000000 --- a/firewall/spec/spec_helper.rb +++ /dev/null @@ -1,30 +0,0 @@ -dir = File.expand_path(File.dirname(__FILE__)) -$LOAD_PATH.unshift File.join(dir, 'lib') - -# Don't want puppet getting the command line arguments for rake or autotest -ARGV.clear - -require 'rubygems' -require 'bundler/setup' -require 'rspec-puppet' - -Bundler.require :default, :test - -require 'pathname' -require 'tmpdir' - -Pathname.glob("#{dir}/shared_behaviours/**/*.rb") do |behaviour| - require behaviour.relative_path_from(Pathname.new(dir)) -end - -fixture_path = File.expand_path(File.join(__FILE__, '..', 'fixtures')) - -RSpec.configure do |config| - config.tty = true - config.mock_with :rspec do |c| - c.syntax = :expect - end - config.module_path = File.join(fixture_path, 'modules') - config.manifest_dir = File.join(fixture_path, 'manifests') - config.environmentpath = File.expand_path(File.join(Dir.pwd, 'spec')) -end diff --git a/firewall/spec/spec_helper_acceptance.rb b/firewall/spec/spec_helper_acceptance.rb deleted file mode 100644 index 44b5f8da5..000000000 --- a/firewall/spec/spec_helper_acceptance.rb +++ /dev/null @@ -1,43 +0,0 @@ -require 'beaker-rspec' -require 'beaker/puppet_install_helper' - -def iptables_flush_all_tables - ['filter', 'nat', 'mangle', 'raw'].each do |t| - expect(shell("iptables -t #{t} -F").stderr).to eq("") - end -end - -def ip6tables_flush_all_tables - ['filter'].each do |t| - expect(shell("ip6tables -t #{t} -F").stderr).to eq("") - end -end - -def do_catch_changes - if default['platform'] =~ /el-5/ - return false - else - return true - end -end - -run_puppet_install_helper - -UNSUPPORTED_PLATFORMS = ['windows','Solaris','Darwin'] - -RSpec.configure do |c| - # Project root - proj_root = File.expand_path(File.join(File.dirname(__FILE__), '..')) - - # Readable test descriptions - c.formatter = :documentation - - # Configure all nodes in nodeset - c.before :suite do - # Install module and dependencies - hosts.each do |host| - copy_module_to(host, :source => proj_root, :module_name => 'firewall') - on host, puppet('module install puppetlabs-stdlib --version 3.2.0'), { :acceptable_exit_codes => [0,1] } - end - end -end diff --git a/firewall/spec/unit/classes/firewall_linux_archlinux_spec.rb b/firewall/spec/unit/classes/firewall_linux_archlinux_spec.rb deleted file mode 100644 index 36dc9251a..000000000 --- a/firewall/spec/unit/classes/firewall_linux_archlinux_spec.rb +++ /dev/null @@ -1,38 +0,0 @@ -require 'spec_helper' - -describe 'firewall::linux::archlinux', :type => :class do - let(:facts) do - { - :osfamily => 'Archlinux', - :operatingsystem => 'Archlinux' - } - end - it { should contain_service('iptables').with( - :ensure => 'running', - :enable => 'true' - )} - it { should contain_service('ip6tables').with( - :ensure => 'running', - :enable => 'true' - )} - - context 'ensure => stopped' do - let(:params) {{ :ensure => 'stopped' }} - it { should contain_service('iptables').with( - :ensure => 'stopped' - )} - it { should contain_service('ip6tables').with( - :ensure => 'stopped' - )} - end - - context 'enable => false' do - let(:params) {{ :enable => 'false' }} - it { should contain_service('iptables').with( - :enable => 'false' - )} - it { should contain_service('ip6tables').with( - :enable => 'false' - )} - end -end diff --git a/firewall/spec/unit/classes/firewall_linux_debian_spec.rb b/firewall/spec/unit/classes/firewall_linux_debian_spec.rb deleted file mode 100644 index e8af54396..000000000 --- a/firewall/spec/unit/classes/firewall_linux_debian_spec.rb +++ /dev/null @@ -1,87 +0,0 @@ -require 'spec_helper' - -describe 'firewall::linux::debian', :type => :class do - context "Debian 7" do - let(:facts) {{ - :osfamily => 'Debian', - :operatingsystem => 'Debian', - :operatingsystemrelease => '7.0' - }} - it { should contain_package('iptables-persistent').with( - :ensure => 'present' - )} - it { should contain_service('iptables-persistent').with( - :ensure => nil, - :enable => 'true', - :require => 'Package[iptables-persistent]' - )} - end - - context 'deb7 enable => false' do - let(:facts) {{ - :osfamily => 'Debian', - :operatingsystem => 'Debian', - :operatingsystemrelease => '7.0' - }} - let(:params) {{ :enable => 'false' }} - it { should contain_service('iptables-persistent').with( - :enable => 'false' - )} - end - - context "Debian 8" do - let(:facts) {{ - :osfamily => 'Debian', - :operatingsystem => 'Debian', - :operatingsystemrelease => 'jessie/sid' - }} - it { should contain_package('iptables-persistent').with( - :ensure => 'present' - )} - it { should contain_service('netfilter-persistent').with( - :ensure => nil, - :enable => 'true', - :require => 'Package[iptables-persistent]' - )} - end - - context 'deb8 enable => false' do - let(:facts) {{ - :osfamily => 'Debian', - :operatingsystem => 'Debian', - :operatingsystemrelease => 'jessie/sid' - }} - let(:params) {{ :enable => 'false' }} - it { should contain_service('netfilter-persistent').with( - :enable => 'false' - )} - end - - context "Debian 8, alt operatingsystem" do - let(:facts) {{ - :osfamily => 'Debian', - :operatingsystem => 'Debian', - :operatingsystemrelease => '8.0' - }} - it { should contain_package('iptables-persistent').with( - :ensure => 'present' - )} - it { should contain_service('netfilter-persistent').with( - :ensure => nil, - :enable => 'true', - :require => 'Package[iptables-persistent]' - )} - end - - context 'deb8, alt operatingsystem, enable => false' do - let(:facts) {{ - :osfamily => 'Debian', - :operatingsystem => 'Debian', - :operatingsystemrelease => '8.0' - }} - let(:params) {{ :enable => 'false' }} - it { should contain_service('netfilter-persistent').with( - :enable => 'false' - )} - end -end diff --git a/firewall/spec/unit/classes/firewall_linux_gentoo_spec.rb b/firewall/spec/unit/classes/firewall_linux_gentoo_spec.rb deleted file mode 100644 index 942d8e4b8..000000000 --- a/firewall/spec/unit/classes/firewall_linux_gentoo_spec.rb +++ /dev/null @@ -1,41 +0,0 @@ -require 'spec_helper' - -describe 'firewall::linux::gentoo', :type => :class do - let(:facts) do - { - :osfamily => 'Gentoo', - :operatingsystem => 'Gentoo' - } - end - it { should contain_service('iptables').with( - :ensure => 'running', - :enable => 'true' - )} - it { should contain_service('ip6tables').with( - :ensure => 'running', - :enable => 'true' - )} - it { should contain_package('net-firewall/iptables').with( - :ensure => 'present' - )} - - context 'ensure => stopped' do - let(:params) {{ :ensure => 'stopped' }} - it { should contain_service('iptables').with( - :ensure => 'stopped' - )} - it { should contain_service('ip6tables').with( - :ensure => 'stopped' - )} - end - - context 'enable => false' do - let(:params) {{ :enable => 'false' }} - it { should contain_service('iptables').with( - :enable => 'false' - )} - it { should contain_service('ip6tables').with( - :enable => 'false' - )} - end -end diff --git a/firewall/spec/unit/classes/firewall_linux_redhat_spec.rb b/firewall/spec/unit/classes/firewall_linux_redhat_spec.rb deleted file mode 100644 index 036488a74..000000000 --- a/firewall/spec/unit/classes/firewall_linux_redhat_spec.rb +++ /dev/null @@ -1,68 +0,0 @@ -require 'spec_helper' - -RSpec.shared_examples "ensures iptables service" do - context 'default' do - it { should contain_service('iptables').with( - :ensure => 'running', - :enable => 'true' - )} - end - - context 'ensure => stopped' do - let(:params) {{ :ensure => 'stopped' }} - it { should contain_service('iptables').with( - :ensure => 'stopped' - )} - end - context 'enable => false' do - let(:params) {{ :enable => 'false' }} - it { should contain_service('iptables').with( - :enable => 'false' - )} - end -end - -describe 'firewall::linux::redhat', :type => :class do - %w{RedHat CentOS Fedora}.each do |os| - oldreleases = (os == 'Fedora' ? ['14'] : ['6.5']) - newreleases = (os == 'Fedora' ? ['15','Rawhide'] : ['7.0.1406']) - - oldreleases.each do |osrel| - context "os #{os} and osrel #{osrel}" do - let(:facts) {{ - :osfamily => 'RedHat', - :operatingsystem => os, - :operatingsystemrelease => osrel - }} - - it { should_not contain_service('firewalld') } - it { should_not contain_package('iptables-services') } - - it_behaves_like "ensures iptables service" - end - end - - newreleases.each do |osrel| - context "os #{os} and osrel #{osrel}" do - let(:facts) {{ - :osfamily => 'RedHat', - :operatingsystem => os, - :operatingsystemrelease => osrel - }} - - it { should contain_service('firewalld').with( - :ensure => 'stopped', - :enable => false, - :before => 'Package[iptables-services]' - )} - - it { should contain_package('iptables-services').with( - :ensure => 'present', - :before => 'Service[iptables]' - )} - - it_behaves_like "ensures iptables service" - end - end - end -end diff --git a/firewall/spec/unit/classes/firewall_linux_spec.rb b/firewall/spec/unit/classes/firewall_linux_spec.rb deleted file mode 100644 index 52ca5f8d9..000000000 --- a/firewall/spec/unit/classes/firewall_linux_spec.rb +++ /dev/null @@ -1,33 +0,0 @@ -require 'spec_helper' - -describe 'firewall::linux', :type => :class do - let(:facts_default) {{ :kernel => 'Linux' }} - it { should contain_package('iptables').with_ensure('present') } - - context 'RedHat like' do - %w{RedHat CentOS Fedora}.each do |os| - context "operatingsystem => #{os}" do - releases = (os == 'Fedora' ? ['14','15','Rawhide'] : ['6','7']) - releases.each do |osrel| - context "operatingsystemrelease => #{osrel}" do - let(:facts) { facts_default.merge({ :operatingsystem => os, - :operatingsystemrelease => osrel}) } - it { should contain_class('firewall::linux::redhat').with_require('Package[iptables]') } - end - end - end - end - end - - context 'Debian like' do - %w{Debian Ubuntu}.each do |os| - context "operatingsystem => #{os}" do - releases = (os == 'Debian' ? ['6','7','8'] : ['10.04','12.04','14.04']) - releases.each do |osrel| - let(:facts) { facts_default.merge({ :operatingsystem => os, :operatingsystemrelease => osrel}) } - it { should contain_class('firewall::linux::debian').with_require('Package[iptables]') } - end - end - end - end -end diff --git a/firewall/spec/unit/classes/firewall_spec.rb b/firewall/spec/unit/classes/firewall_spec.rb deleted file mode 100644 index cbfb48c39..000000000 --- a/firewall/spec/unit/classes/firewall_spec.rb +++ /dev/null @@ -1,35 +0,0 @@ -require 'spec_helper' - -describe 'firewall', :type => :class do - context 'kernel => Linux' do - let(:facts) {{ :kernel => 'Linux' }} - it { should contain_class('firewall::linux').with_ensure('running') } - end - - context 'kernel => Windows' do - let(:facts) {{ :kernel => 'Windows' }} - it { expect { should contain_class('firewall::linux') }.to raise_error(Puppet::Error) } - end - - context 'kernel => SunOS' do - let(:facts) {{ :kernel => 'SunOS' }} - it { expect { should contain_class('firewall::linux') }.to raise_error(Puppet::Error) } - end - - context 'kernel => Darwin' do - let(:facts) {{ :kernel => 'Darwin' }} - it { expect { should contain_class('firewall::linux') }.to raise_error(Puppet::Error) } - end - - context 'ensure => stopped' do - let(:facts) {{ :kernel => 'Linux' }} - let(:params) {{ :ensure => 'stopped' }} - it { should contain_class('firewall::linux').with_ensure('stopped') } - end - - context 'ensure => test' do - let(:facts) {{ :kernel => 'Linux' }} - let(:params) {{ :ensure => 'test' }} - it { expect { should contain_class('firewall::linux') }.to raise_error(Puppet::Error) } - end -end diff --git a/firewall/spec/unit/facter/iptables_persistent_version_spec.rb b/firewall/spec/unit/facter/iptables_persistent_version_spec.rb deleted file mode 100644 index 2c97c3d00..000000000 --- a/firewall/spec/unit/facter/iptables_persistent_version_spec.rb +++ /dev/null @@ -1,100 +0,0 @@ -require 'spec_helper' - -describe "Facter::Util::Fact iptables_persistent_version" do - - - context "iptables-persistent applicable" do - before { Facter.clear } - - let(:dpkg_cmd) { "dpkg-query -Wf '${Version}' iptables-persistent 2>/dev/null" } - - { - "Debian" => "0.0.20090701", - "Ubuntu" => "0.5.3ubuntu2", - }.each do |os, ver| - - if os == "Debian" - os_release = "7.0" - elsif os == "Ubuntu" - os_release = "14.04" - end - - describe "#{os} package installed" do - before { - allow(Facter.fact(:operatingsystem)).to receive(:value).and_return(os) - allow(Facter.fact(:operatingsystemrelease)).to receive(:value).and_return(os_release) - allow(Facter::Util::Resolution).to receive(:exec).with(dpkg_cmd). - and_return(ver) - } - it { Facter.fact(:iptables_persistent_version).value.should == ver } - end - end - - describe 'Ubuntu package not installed' do - before { - allow(Facter.fact(:operatingsystem)).to receive(:value).and_return('Ubuntu') - allow(Facter.fact(:operatingsystemrelease)).to receive(:value).and_return('14.04') - allow(Facter::Util::Resolution).to receive(:exec).with(dpkg_cmd). - and_return(nil) - } - it { Facter.fact(:iptables_persistent_version).value.should be_nil } - end - - describe 'CentOS not supported' do - before { allow(Facter.fact(:operatingsystem)).to receive(:value). - and_return("CentOS") } - it { Facter.fact(:iptables_persistent_version).value.should be_nil } - end - - end - - context "netfilter-persistent applicable" do - before { Facter.clear } - - let(:dpkg_cmd) { "dpkg-query -Wf '${Version}' netfilter-persistent 2>/dev/null" } - - { - "Debian" => "0.0.20090701", - "Ubuntu" => "0.5.3ubuntu2", - }.each do |os, ver| - - if os == "Debian" - os_release = "8.0" - elsif os == "Ubuntu" - os_release = "14.10" - end - - describe "#{os} package installed" do - before { - allow(Facter.fact(:operatingsystem)).to receive(:value).and_return(os) - allow(Facter.fact(:operatingsystemrelease)).to receive(:value).and_return(os_release) - allow(Facter::Util::Resolution).to receive(:exec).with(dpkg_cmd). - and_return(ver) - } - it { Facter.fact(:iptables_persistent_version).value.should == ver } - end - end - - describe 'Ubuntu package not installed' do - os_release = "14.10" - before { - allow(Facter.fact(:operatingsystem)).to receive(:value).and_return('Ubuntu') - allow(Facter.fact(:operatingsystemrelease)).to receive(:value).and_return(os_release) - allow(Facter::Util::Resolution).to receive(:exec).with(dpkg_cmd). - and_return(nil) - } - it { Facter.fact(:iptables_persistent_version).value.should be_nil } - end - - describe 'CentOS not supported' do - before { allow(Facter.fact(:operatingsystem)).to receive(:value). - and_return("CentOS") } - it { Facter.fact(:iptables_persistent_version).value.should be_nil } - end - - end - - - - -end diff --git a/firewall/spec/unit/facter/iptables_spec.rb b/firewall/spec/unit/facter/iptables_spec.rb deleted file mode 100644 index 5773fdce5..000000000 --- a/firewall/spec/unit/facter/iptables_spec.rb +++ /dev/null @@ -1,23 +0,0 @@ -require 'spec_helper' - -describe "Facter::Util::Fact" do - before { - Facter.clear - allow(Facter.fact(:kernel)).to receive(:value).and_return('Linux') - allow(Facter.fact(:kernelrelease)).to receive(:value).and_return('2.6') - } - - describe 'iptables_version' do - it { - allow(Facter::Util::Resolution).to receive(:exec).with('iptables --version'). - and_return('iptables v1.4.7') - Facter.fact(:iptables_version).value.should == '1.4.7' - } - end - - describe 'ip6tables_version' do - before { allow(Facter::Util::Resolution).to receive(:exec). - with('ip6tables --version').and_return('ip6tables v1.4.7') } - it { Facter.fact(:ip6tables_version).value.should == '1.4.7' } - end -end diff --git a/firewall/spec/unit/puppet/provider/ip6tables_spec.rb b/firewall/spec/unit/puppet/provider/ip6tables_spec.rb deleted file mode 100644 index 058c90bca..000000000 --- a/firewall/spec/unit/puppet/provider/ip6tables_spec.rb +++ /dev/null @@ -1,61 +0,0 @@ -#!/usr/bin/env rspec - -require 'spec_helper' -if Puppet.version < '3.4.0' - require 'puppet/provider/confine/exists' -else - require 'puppet/confine/exists' -end -provider_class = Puppet::Type.type(:firewall).provider(:ip6tables) -describe 'ip6tables' do - let(:params) { {:name => '000 test foo', :action => 'accept'} } - let(:provider) { provider_class } - let(:resource) { Puppet::Type.type(:firewall) } - let(:ip6tables_version) { '1.4.0' } - - before :each do - - end - - def stub_iptables - allow(Puppet::Type::Firewall).to receive(:defaultprovider).and_return provider - # Stub confine facts - allow(provider).to receive(:command).with(:iptables_save).and_return "/sbin/iptables-save" - - allow(Facter.fact(:kernel)).to receive(:value).and_return('Linux') - allow(Facter.fact(:operatingsystem)).to receive(:value).and_return('Debian') - allow(Facter.fact('ip6tables_version')).to receive(:value).and_return(ip6tables_version) - allow(Puppet::Util::Execution).to receive(:execute).and_return "" - allow(Puppet::Util).to receive(:which).with("iptables-save"). - and_return "/sbin/iptables-save" - end - - shared_examples 'raise error' do - it { - stub_iptables - expect { - provider.new(resource.new(params)) - }.to raise_error(Puppet::DevError, error_message) - } - end - shared_examples 'run' do - it { - stub_iptables - provider.new(resource.new(params)) - } - end - context 'iptables 1.3' do - let(:params) { {:name => '000 test foo', :action => 'accept'} } - let(:error_message) { /The ip6tables provider is not supported on version 1\.3 of iptables/ } - let(:ip6tables_version) { '1.3.10' } - it_should_behave_like 'raise error' - end - context 'ip6tables nil' do - let(:params) { {:name => '000 test foo', :action => 'accept'} } - let(:error_message) { /The ip6tables provider is not supported on version 1\.3 of iptables/ } - let(:ip6tables_version) { nil } - it_should_behave_like 'run' - end - - -end diff --git a/firewall/spec/unit/puppet/provider/iptables_chain_spec.rb b/firewall/spec/unit/puppet/provider/iptables_chain_spec.rb deleted file mode 100755 index d8eade236..000000000 --- a/firewall/spec/unit/puppet/provider/iptables_chain_spec.rb +++ /dev/null @@ -1,237 +0,0 @@ -#!/usr/bin/env rspec - -require 'spec_helper' -if Puppet.version < '3.4.0' - require 'puppet/provider/confine/exists' -else - require 'puppet/confine/exists' -end - -describe 'iptables chain provider detection' do - if Puppet.version < '3.4.0' - let(:exists) { - Puppet::Provider::Confine::Exists - } - else - let(:exists) { - Puppet::Confine::Exists - } - end - - before :each do - # Reset the default provider - Puppet::Type.type(:firewallchain).defaultprovider = nil - - # Stub confine facts - allow(Facter.fact(:kernel)).to receive(:value).and_return('Linux') - allow(Facter.fact(:operatingsystem)).to receive(:value).and_return('Debian') - end - - it "should default to iptables provider if /sbin/(eb|ip|ip6)tables[-save] exists" do - # Stub lookup for /sbin/iptables & /sbin/iptables-save - allow(exists).to receive(:which).with("ebtables"). - and_return "/sbin/ebtables" - allow(exists).to receive(:which).with("ebtables-save"). - and_return "/sbin/ebtables-save" - - allow(exists).to receive(:which).with("iptables"). - and_return "/sbin/iptables" - allow(exists).to receive(:which).with("iptables-save"). - and_return "/sbin/iptables-save" - - allow(exists).to receive(:which).with("ip6tables"). - and_return "/sbin/ip6tables" - allow(exists).to receive(:which).with("ip6tables-save"). - and_return "/sbin/ip6tables-save" - - # Every other command should return false so we don't pick up any - # other providers - allow(exists).to receive(:which) { |value| - value !~ /(eb|ip|ip6)tables(-save)?$/ - }.and_return false - - # Create a resource instance and make sure the provider is iptables - resource = Puppet::Type.type(:firewallchain).new({ - :name => 'test:filter:IPv4', - }) - expect(resource.provider.class.to_s).to eq("Puppet::Type::Firewallchain::ProviderIptables_chain") - end -end - -describe 'iptables chain provider' do - let(:provider) { Puppet::Type.type(:firewallchain).provider(:iptables_chain) } - let(:resource) { - Puppet::Type.type(:firewallchain).new({ - :name => ':test:', - }) - } - - before :each do - allow(Puppet::Type::Firewallchain).to receive(:defaultprovider).and_return provider - allow(provider).to receive(:command).with(:ebtables_save).and_return "/sbin/ebtables-save" - allow(provider).to receive(:command).with(:iptables_save).and_return "/sbin/iptables-save" - allow(provider).to receive(:command).with(:ip6tables_save).and_return "/sbin/ip6tables-save" - end - - it 'should be able to get a list of existing rules' do - # Pretend to return nil from iptables - allow(provider).to receive(:execute).with(['/sbin/ip6tables-save']).and_return("") - allow(provider).to receive(:execute).with(['/sbin/ebtables-save']).and_return("") - allow(provider).to receive(:execute).with(['/sbin/iptables-save']).and_return("") - - provider.instances.each do |chain| - expect(chain).to be_instance_of(provider) - expect(chain.properties[:provider].to_s).to eq(provider.name.to_s) - end - end - -end - -describe 'iptables chain resource parsing' do - let(:provider) { Puppet::Type.type(:firewallchain).provider(:iptables_chain) } - - before :each do - ebtables = ['BROUTE:BROUTING:ethernet', - 'BROUTE:broute:ethernet', - ':INPUT:ethernet', - ':FORWARD:ethernet', - ':OUTPUT:ethernet', - ':filter:ethernet', - ':filterdrop:ethernet', - ':filterreturn:ethernet', - 'NAT:PREROUTING:ethernet', - 'NAT:OUTPUT:ethernet', - 'NAT:POSTROUTING:ethernet', - ] - allow(provider).to receive(:execute).with(['/sbin/ebtables-save']).and_return(' -*broute -:BROUTING ACCEPT -:broute ACCEPT - -*filter -:INPUT ACCEPT -:FORWARD ACCEPT -:OUTPUT ACCEPT -:filter ACCEPT -:filterdrop DROP -:filterreturn RETURN - -*nat -:PREROUTING ACCEPT -:OUTPUT ACCEPT -:POSTROUTING ACCEPT -') - - iptables = [ - 'raw:PREROUTING:IPv4', - 'raw:OUTPUT:IPv4', - 'raw:raw:IPv4', - 'mangle:PREROUTING:IPv4', - 'mangle:INPUT:IPv4', - 'mangle:FORWARD:IPv4', - 'mangle:OUTPUT:IPv4', - 'mangle:POSTROUTING:IPv4', - 'mangle:mangle:IPv4', - 'NAT:PREROUTING:IPv4', - 'NAT:OUTPUT:IPv4', - 'NAT:POSTROUTING:IPv4', - 'NAT:mangle:IPv4', - 'NAT:mangle:IPv4', - 'NAT:mangle:IPv4', - 'security:INPUT:IPv4', - 'security:FORWARD:IPv4', - 'security:OUTPUT:IPv4', - ':$5()*&%\'"^$): :IPv4', - ] - allow(provider).to receive(:execute).with(['/sbin/iptables-save']).and_return(' -# Generated by iptables-save v1.4.9 on Mon Jan 2 01:20:06 2012 -*raw -:PREROUTING ACCEPT [12:1780] -:OUTPUT ACCEPT [19:1159] -:raw - [0:0] -COMMIT -# Completed on Mon Jan 2 01:20:06 2012 -# Generated by iptables-save v1.4.9 on Mon Jan 2 01:20:06 2012 -*mangle -:PREROUTING ACCEPT [12:1780] -:INPUT ACCEPT [12:1780] -:FORWARD ACCEPT [0:0] -:OUTPUT ACCEPT [19:1159] -:POSTROUTING ACCEPT [19:1159] -:mangle - [0:0] -COMMIT -# Completed on Mon Jan 2 01:20:06 2012 -# Generated by iptables-save v1.4.9 on Mon Jan 2 01:20:06 2012 -*nat -:PREROUTING ACCEPT [2242:639750] -:OUTPUT ACCEPT [5176:326206] -:POSTROUTING ACCEPT [5162:325382] -COMMIT -# Completed on Mon Jan 2 01:20:06 2012 -# Generated by iptables-save v1.4.9 on Mon Jan 2 01:20:06 2012 -*filter -:INPUT ACCEPT [0:0] -:FORWARD DROP [0:0] -:OUTPUT ACCEPT [5673:420879] -:$5()*&%\'"^$): - [0:0] -COMMIT -# Completed on Mon Jan 2 01:20:06 2012 -') - ip6tables = [ - 'raw:PREROUTING:IPv6', - 'raw:OUTPUT:IPv6', - 'raw:ff:IPv6', - 'mangle:PREROUTING:IPv6', - 'mangle:INPUT:IPv6', - 'mangle:FORWARD:IPv6', - 'mangle:OUTPUT:IPv6', - 'mangle:POSTROUTING:IPv6', - 'mangle:ff:IPv6', - 'security:INPUT:IPv6', - 'security:FORWARD:IPv6', - 'security:OUTPUT:IPv6', - ':INPUT:IPv6', - ':FORWARD:IPv6', - ':OUTPUT:IPv6', - ':test:IPv6', - ] - allow(provider).to receive(:execute).with(['/sbin/ip6tables-save']).and_return(' -# Generated by ip6tables-save v1.4.9 on Mon Jan 2 01:31:39 2012 -*raw -:PREROUTING ACCEPT [2173:489241] -:OUTPUT ACCEPT [0:0] -:ff - [0:0] -COMMIT -# Completed on Mon Jan 2 01:31:39 2012 -# Generated by ip6tables-save v1.4.9 on Mon Jan 2 01:31:39 2012 -*mangle -:PREROUTING ACCEPT [2301:518373] -:INPUT ACCEPT [0:0] -:FORWARD ACCEPT [0:0] -:OUTPUT ACCEPT [0:0] -:POSTROUTING ACCEPT [0:0] -:ff - [0:0] -COMMIT -# Completed on Mon Jan 2 01:31:39 2012 -# Generated by ip6tables-save v1.4.9 on Mon Jan 2 01:31:39 2012 -*filter -:INPUT ACCEPT [0:0] -:FORWARD DROP [0:0] -:OUTPUT ACCEPT [20:1292] -:test - [0:0] -COMMIT -# Completed on Mon Jan 2 01:31:39 2012 -') - @all = ebtables + iptables + ip6tables - # IPv4 and IPv6 names also exist as resources {table}:{chain}:IP and {table}:{chain}: - iptables.each { |name| @all += [ name[0..-3], name[0..-5] ] } - ip6tables.each { |name| @all += [ name[0..-3], name[0..-5] ] } - end - - it 'should have all in parsed resources' do - provider.instances.each do |resource| - @all.include?(resource.name) - end - end - -end diff --git a/firewall/spec/unit/puppet/provider/iptables_spec.rb b/firewall/spec/unit/puppet/provider/iptables_spec.rb deleted file mode 100644 index 055707196..000000000 --- a/firewall/spec/unit/puppet/provider/iptables_spec.rb +++ /dev/null @@ -1,434 +0,0 @@ -#!/usr/bin/env rspec - -require 'spec_helper' -if Puppet.version < '3.4.0' - require 'puppet/provider/confine/exists' -else - require 'puppet/confine/exists' -end - -describe 'iptables provider detection' do - if Puppet.version < '3.4.0' - let(:exists) { - Puppet::Provider::Confine::Exists - } - else - let(:exists) { - Puppet::Confine::Exists - } - end - - before :each do - # Reset the default provider - Puppet::Type.type(:firewall).defaultprovider = nil - - # Stub confine facts - allow(Facter.fact(:kernel)).to receive(:value).and_return('Linux') - allow(Facter.fact(:operatingsystem)).to receive(:value).and_return('Debian') - end - - it "should default to iptables provider if /sbin/iptables[-save] exists" do - # Stub lookup for /sbin/iptables & /sbin/iptables-save - allow(exists).to receive(:which).with("iptables"). - and_return "/sbin/iptables" - allow(exists).to receive(:which).with("iptables-save"). - and_return "/sbin/iptables-save" - - # Every other command should return false so we don't pick up any - # other providers - allow(exists).to receive(:which) { |value| - ! ["iptables","iptables-save"].include?(value) - }.and_return false - - # Create a resource instance and make sure the provider is iptables - resource = Puppet::Type.type(:firewall).new({ - :name => '000 test foo', - }) - expect(resource.provider.class.to_s).to eq("Puppet::Type::Firewall::ProviderIptables") - end -end - -describe 'iptables provider' do - let(:provider) { Puppet::Type.type(:firewall).provider(:iptables) } - let(:resource) { - Puppet::Type.type(:firewall).new({ - :name => '000 test foo', - :action => 'accept', - }) - } - - before :each do - allow(Puppet::Type::Firewall).to receive(:defaultprovider).and_return provider - allow(provider).to receive(:command).with(:iptables_save).and_return "/sbin/iptables-save" - - # Stub iptables version - allow(Facter.fact(:iptables_version)).to receive(:value).and_return("1.4.2") - - allow(Puppet::Util::Execution).to receive(:execute).and_return "" - allow(Puppet::Util).to receive(:which).with("iptables-save"). - and_return "/sbin/iptables-save" - end - - it 'should be able to get a list of existing rules' do - provider.instances.each do |rule| - expect(rule).to be_instance_of(provider) - expect(rule.properties[:provider].to_s).to eq(provider.name.to_s) - end - end - - it 'should ignore lines with fatal errors' do - allow(Puppet::Util::Execution).to receive(:execute).with(['/sbin/iptables-save']). - and_return("FATAL: Could not load /lib/modules/2.6.18-028stab095.1/modules.dep: No such file or directory") - - expect(provider.instances.length).to be_zero - end - - describe '#insert_order' do - let(:iptables_save_output) { [ - '-A INPUT -s 8.0.0.2/32 -p tcp -m multiport --ports 100 -m comment --comment "100 test" -j ACCEPT', - '-A INPUT -s 8.0.0.3/32 -p tcp -m multiport --ports 200 -m comment --comment "200 test" -j ACCEPT', - '-A INPUT -s 8.0.0.4/32 -p tcp -m multiport --ports 300 -m comment --comment "300 test" -j ACCEPT' - ] } - let(:resources) do - iptables_save_output.each_with_index.collect { |l,index| provider.rule_to_hash(l, 'filter', index) } - end - let(:providers) do - resources.collect { |r| provider.new(r) } - end - it 'understands offsets for adding rules to the beginning' do - resource = Puppet::Type.type(:firewall).new({ :name => '001 test', }) - allow(resource.provider.class).to receive(:instances).and_return(providers) - expect(resource.provider.insert_order).to eq(1) # 1-indexed - end - it 'understands offsets for editing rules at the beginning' do - resource = Puppet::Type.type(:firewall).new({ :name => '100 test', }) - allow(resource.provider.class).to receive(:instances).and_return(providers) - expect(resource.provider.insert_order).to eq(1) - end - it 'understands offsets for adding rules to the middle' do - resource = Puppet::Type.type(:firewall).new({ :name => '101 test', }) - allow(resource.provider.class).to receive(:instances).and_return(providers) - expect(resource.provider.insert_order).to eq(2) - end - it 'understands offsets for editing rules at the middle' do - resource = Puppet::Type.type(:firewall).new({ :name => '200 test', }) - allow(resource.provider.class).to receive(:instances).and_return(providers) - expect(resource.provider.insert_order).to eq(2) - end - it 'understands offsets for adding rules to the end' do - resource = Puppet::Type.type(:firewall).new({ :name => '301 test', }) - allow(resource.provider.class).to receive(:instances).and_return(providers) - expect(resource.provider.insert_order).to eq(4) - end - it 'understands offsets for editing rules at the end' do - resource = Puppet::Type.type(:firewall).new({ :name => '300 test', }) - allow(resource.provider.class).to receive(:instances).and_return(providers) - expect(resource.provider.insert_order).to eq(3) - end - - context 'with unname rules between' do - let(:iptables_save_output) { [ - '-A INPUT -s 8.0.0.2/32 -p tcp -m multiport --ports 100 -m comment --comment "100 test" -j ACCEPT', - '-A INPUT -s 8.0.0.2/32 -p tcp -m multiport --ports 150 -m comment --comment "150 test" -j ACCEPT', - '-A INPUT -s 8.0.0.3/32 -p tcp -m multiport --ports 200 -j ACCEPT', - '-A INPUT -s 8.0.0.3/32 -p tcp -m multiport --ports 250 -j ACCEPT', - '-A INPUT -s 8.0.0.4/32 -p tcp -m multiport --ports 300 -m comment --comment "300 test" -j ACCEPT', - '-A INPUT -s 8.0.0.4/32 -p tcp -m multiport --ports 350 -m comment --comment "350 test" -j ACCEPT', - ] } - it 'understands offsets for adding rules before unnamed rules' do - resource = Puppet::Type.type(:firewall).new({ :name => '001 test', }) - allow(resource.provider.class).to receive(:instances).and_return(providers) - expect(resource.provider.insert_order).to eq(1) - end - it 'understands offsets for editing rules before unnamed rules' do - resource = Puppet::Type.type(:firewall).new({ :name => '100 test', }) - allow(resource.provider.class).to receive(:instances).and_return(providers) - expect(resource.provider.insert_order).to eq(1) - end - it 'understands offsets for adding rules between managed rules' do - resource = Puppet::Type.type(:firewall).new({ :name => '120 test', }) - allow(resource.provider.class).to receive(:instances).and_return(providers) - expect(resource.provider.insert_order).to eq(2) - end - it 'understands offsets for adding rules between unnamed rules' do - resource = Puppet::Type.type(:firewall).new({ :name => '151 test', }) - allow(resource.provider.class).to receive(:instances).and_return(providers) - expect(resource.provider.insert_order).to eq(3) - end - it 'understands offsets for adding rules after unnamed rules' do - resource = Puppet::Type.type(:firewall).new({ :name => '351 test', }) - allow(resource.provider.class).to receive(:instances).and_return(providers) - expect(resource.provider.insert_order).to eq(7) - end - end - - context 'with unname rules before and after' do - let(:iptables_save_output) { [ - '-A INPUT -s 8.0.0.3/32 -p tcp -m multiport --ports 050 -j ACCEPT', - '-A INPUT -s 8.0.0.3/32 -p tcp -m multiport --ports 090 -j ACCEPT', - '-A INPUT -s 8.0.0.2/32 -p tcp -m multiport --ports 100 -m comment --comment "100 test" -j ACCEPT', - '-A INPUT -s 8.0.0.2/32 -p tcp -m multiport --ports 150 -m comment --comment "150 test" -j ACCEPT', - '-A INPUT -s 8.0.0.3/32 -p tcp -m multiport --ports 200 -j ACCEPT', - '-A INPUT -s 8.0.0.3/32 -p tcp -m multiport --ports 250 -j ACCEPT', - '-A INPUT -s 8.0.0.4/32 -p tcp -m multiport --ports 300 -m comment --comment "300 test" -j ACCEPT', - '-A INPUT -s 8.0.0.4/32 -p tcp -m multiport --ports 350 -m comment --comment "350 test" -j ACCEPT', - '-A INPUT -s 8.0.0.5/32 -p tcp -m multiport --ports 400 -j ACCEPT', - '-A INPUT -s 8.0.0.5/32 -p tcp -m multiport --ports 450 -j ACCEPT', - ] } - it 'understands offsets for adding rules before unnamed rules' do - resource = Puppet::Type.type(:firewall).new({ :name => '001 test', }) - allow(resource.provider.class).to receive(:instances).and_return(providers) - expect(resource.provider.insert_order).to eq(1) - end - it 'understands offsets for editing rules before unnamed rules' do - resource = Puppet::Type.type(:firewall).new({ :name => '100 test', }) - allow(resource.provider.class).to receive(:instances).and_return(providers) - expect(resource.provider.insert_order).to eq(3) - end - it 'understands offsets for adding rules between managed rules' do - resource = Puppet::Type.type(:firewall).new({ :name => '120 test', }) - allow(resource.provider.class).to receive(:instances).and_return(providers) - expect(resource.provider.insert_order).to eq(4) - end - it 'understands offsets for adding rules between unnamed rules' do - resource = Puppet::Type.type(:firewall).new({ :name => '151 test', }) - allow(resource.provider.class).to receive(:instances).and_return(providers) - expect(resource.provider.insert_order).to eq(5) - end - it 'understands offsets for adding rules after unnamed rules' do - resource = Puppet::Type.type(:firewall).new({ :name => '351 test', }) - allow(resource.provider.class).to receive(:instances).and_return(providers) - expect(resource.provider.insert_order).to eq(9) - end - it 'understands offsets for adding rules at the end' do - resource = Puppet::Type.type(:firewall).new({ :name => '950 test', }) - allow(resource.provider.class).to receive(:instances).and_return(providers) - expect(resource.provider.insert_order).to eq(11) - end - end - end - - # Load in ruby hash for test fixtures. - load 'spec/fixtures/iptables/conversion_hash.rb' - - describe 'when converting rules to resources' do - ARGS_TO_HASH.each do |test_name,data| - describe "for test data '#{test_name}'" do - let(:resource) { provider.rule_to_hash(data[:line], data[:table], 0) } - # If this option is enabled, make sure the parameters exactly match - if data[:compare_all] then - it "the parameter hash keys should be the same as returned by rules_to_hash" do - expect(resource.keys).to match_array(data[:params].keys) - end - end - - # Iterate across each parameter, creating an example for comparison - data[:params].each do |param_name, param_value| - it "the parameter '#{param_name.to_s}' should match #{param_value.inspect}" do - # booleans get cludged to string "true" - if param_value == true then - expect(resource[param_name]).to be_truthy - else - expect(resource[param_name]).to eq(data[:params][param_name]) - end - end - end - end - end - end - - describe 'when working out general_args' do - HASH_TO_ARGS.each do |test_name,data| - describe "for test data '#{test_name}'" do - let(:resource) { Puppet::Type.type(:firewall).new(data[:params]) } - let(:provider) { Puppet::Type.type(:firewall).provider(:iptables) } - let(:instance) { provider.new(resource) } - - it 'general_args should be valid' do - expect(instance.general_args.flatten).to eq(data[:args]) - end - end - end - end - - describe 'when converting rules without comments to resources' do - let(:sample_rule) { - '-A INPUT -s 1.1.1.1 -d 1.1.1.1 -p tcp -m multiport --dports 7061,7062 -m multiport --sports 7061,7062 -j ACCEPT' - } - let(:resource) { provider.rule_to_hash(sample_rule, 'filter', 0) } - let(:instance) { provider.new(resource) } - - it 'rule name contains a MD5 sum of the line' do - expect(resource[:name]).to eq("9000 #{Digest::MD5.hexdigest(resource[:line])}") - end - - it 'parsed the rule arguments correctly' do - expect(resource[:chain]).to eq('INPUT') - expect(resource[:source]).to eq('1.1.1.1/32') - expect(resource[:destination]).to eq('1.1.1.1/32') - expect(resource[:proto]).to eq('tcp') - expect(resource[:dport]).to eq(['7061', '7062']) - expect(resource[:sport]).to eq(['7061', '7062']) - expect(resource[:action]).to eq('accept') - end - end - - describe 'when converting existing rules generates by system-config-firewall-tui to resources' do - let(:sample_rule) { - # as generated by iptables-save from rules created with system-config-firewall-tui - '-A INPUT -p tcp -m state --state NEW -m tcp --dport 22 -j ACCEPT' - } - let(:resource) { provider.rule_to_hash(sample_rule, 'filter', 0) } - let(:instance) { provider.new(resource) } - - it 'rule name contains a MD5 sum of the line' do - expect(resource[:name]).to eq("9000 #{Digest::MD5.hexdigest(resource[:line])}") - end - - it 'parse arguments' do - expect(resource[:chain]).to eq('INPUT') - expect(resource[:proto]).to eq('tcp') - expect(resource[:dport]).to eq(['22']) - expect(resource[:state]).to eq(['NEW']) - expect(resource[:action]).to eq('accept') - end - end - - describe 'when creating resources' do - let(:instance) { provider.new(resource) } - - it 'insert_args should be an array' do - expect(instance.insert_args.class).to eq(Array) - end - end - - describe 'when modifying resources' do - let(:instance) { provider.new(resource) } - - it 'update_args should be an array' do - expect(instance.update_args.class).to eq(Array) - end - - it 'fails when modifying the chain' do - expect { instance.chain = "OUTPUT" }.to raise_error(/is not supported/) - end - end - - describe 'when inverting rules' do - let(:resource) { - Puppet::Type.type(:firewall).new({ - :name => '040 partial invert', - :table => 'filter', - :action => 'accept', - :chain => 'nova-compute-FORWARD', - :source => '0.0.0.0/32', - :destination => '255.255.255.255/32', - :sport => ['! 78','79','http'], - :dport => ['77','! 76'], - :proto => 'udp', - }) - } - let(:instance) { provider.new(resource) } - - it 'fails when not all array items are inverted' do - expect { instance.insert }.to raise_error Puppet::Error, /but '79', '80' are not prefixed/ - end - end - - describe 'when deleting resources' do - let(:sample_rule) { - '-A INPUT -s 1.1.1.1 -d 1.1.1.1 -p tcp -m multiport --dports 7061,7062 -m multiport --sports 7061,7062 -j ACCEPT' - } - let(:resource) { provider.rule_to_hash(sample_rule, 'filter', 0) } - let(:instance) { provider.new(resource) } - - it 'resource[:line] looks like the original rule' do - resource[:line] == sample_rule - end - - it 'delete_args is an array' do - expect(instance.delete_args.class).to eq(Array) - end - - it 'delete_args is the same as the rule string when joined' do - expect(instance.delete_args.join(' ')).to eq(sample_rule.gsub(/\-A/, - '-t filter -D')) - end - end -end - -describe 'ip6tables provider' do - let(:provider6) { Puppet::Type.type(:firewall).provider(:ip6tables) } - let(:resource) { - Puppet::Type.type(:firewall).new({ - :name => '000 test foo', - :action => 'accept', - :provider => "ip6tables", - }) - } - - before :each do - allow(Puppet::Type::Firewall).to receive(:ip6tables).and_return provider6 - allow(provider6).to receive(:command).with(:ip6tables_save).and_return "/sbin/ip6tables-save" - - # Stub iptables version - allow(Facter.fact(:ip6tables_version)).to receive(:value).and_return '1.4.7' - - allow(Puppet::Util::Execution).to receive(:execute).and_return '' - allow(Puppet::Util).to receive(:which).with("ip6tables-save"). - and_return "/sbin/ip6tables-save" - end - - it 'should be able to get a list of existing rules' do - provider6.instances.each do |rule| - rule.should be_instance_of(provider6) - rule.properties[:provider6].to_s.should == provider6.name.to_s - end - end - - it 'should ignore lines with fatal errors' do - allow(Puppet::Util::Execution).to receive(:execute).with(['/sbin/ip6tables-save']). - and_return("FATAL: Could not load /lib/modules/2.6.18-028stab095.1/modules.dep: No such file or directory") - provider6.instances.length.should == 0 - end - - # Load in ruby hash for test fixtures. - load 'spec/fixtures/ip6tables/conversion_hash.rb' - - describe 'when converting rules to resources' do - ARGS_TO_HASH6.each do |test_name,data| - describe "for test data '#{test_name}'" do - let(:resource) { provider6.rule_to_hash(data[:line], data[:table], 0) } - - # If this option is enabled, make sure the parameters exactly match - if data[:compare_all] then - it "the parameter hash keys should be the same as returned by rules_to_hash" do - resource.keys.should =~ data[:params].keys - end - end - - # Iterate across each parameter, creating an example for comparison - data[:params].each do |param_name, param_value| - it "the parameter '#{param_name.to_s}' should match #{param_value.inspect}" do - resource[param_name].should == data[:params][param_name] - end - end - end - end - end - - describe 'when working out general_args' do - HASH_TO_ARGS6.each do |test_name,data| - describe "for test data '#{test_name}'" do - let(:resource) { Puppet::Type.type(:firewall).new(data[:params]) } - let(:provider6) { Puppet::Type.type(:firewall).provider(:ip6tables) } - let(:instance) { provider6.new(resource) } - - it 'general_args should be valid' do - instance.general_args.flatten.should == data[:args] - end - end - end - end -end - diff --git a/firewall/spec/unit/puppet/type/firewall_spec.rb b/firewall/spec/unit/puppet/type/firewall_spec.rb deleted file mode 100755 index 38859f6a2..000000000 --- a/firewall/spec/unit/puppet/type/firewall_spec.rb +++ /dev/null @@ -1,688 +0,0 @@ -#!/usr/bin/env rspec - -require 'spec_helper' - -firewall = Puppet::Type.type(:firewall) - -describe firewall do - before :each do - @class = firewall - @provider = double 'provider' - allow(@provider).to receive(:name).and_return(:iptables) - allow(Puppet::Type::Firewall).to receive(:defaultprovider).and_return @provider - - @resource = @class.new({:name => '000 test foo'}) - - # Stub iptables version - allow(Facter.fact(:iptables_version)).to receive(:value).and_return('1.4.2') - allow(Facter.fact(:ip6tables_version)).to receive(:value).and_return('1.4.2') - - # Stub confine facts - allow(Facter.fact(:kernel)).to receive(:value).and_return('Linux') - allow(Facter.fact(:operatingsystem)).to receive(:value).and_return('Debian') - end - - it 'should have :name be its namevar' do - @class.key_attributes.should == [:name] - end - - describe ':name' do - it 'should accept a name' do - @resource[:name] = '000-test-foo' - @resource[:name].should == '000-test-foo' - end - - it 'should not accept a name with non-ASCII chars' do - lambda { @resource[:name] = '%*#^(#$' }.should raise_error(Puppet::Error) - end - end - - describe ':action' do - it "should have no default" do - res = @class.new(:name => "000 test") - res.parameters[:action].should == nil - end - - [:accept, :drop, :reject].each do |action| - it "should accept value #{action}" do - @resource[:action] = action - @resource[:action].should == action - end - end - - it 'should fail when value is not recognized' do - lambda { @resource[:action] = 'not valid' }.should raise_error(Puppet::Error) - end - end - - describe ':chain' do - [:INPUT, :FORWARD, :OUTPUT, :PREROUTING, :POSTROUTING].each do |chain| - it "should accept chain value #{chain}" do - @resource[:chain] = chain - @resource[:chain].should == chain - end - end - - it 'should fail when the chain value is not recognized' do - lambda { @resource[:chain] = 'not valid' }.should raise_error(Puppet::Error) - end - end - - describe ':table' do - [:nat, :mangle, :filter, :raw].each do |table| - it "should accept table value #{table}" do - @resource[:table] = table - @resource[:table].should == table - end - end - - it "should fail when table value is not recognized" do - lambda { @resource[:table] = 'not valid' }.should raise_error(Puppet::Error) - end - end - - describe ':proto' do - [:tcp, :udp, :icmp, :esp, :ah, :vrrp, :igmp, :ipencap, :ipv4, :ipv6, :ospf, :gre, :all].each do |proto| - it "should accept proto value #{proto}" do - @resource[:proto] = proto - @resource[:proto].should == proto - end - end - - it "should fail when proto value is not recognized" do - lambda { @resource[:proto] = 'foo' }.should raise_error(Puppet::Error) - end - end - - describe ':jump' do - it "should have no default" do - res = @class.new(:name => "000 test") - res.parameters[:jump].should == nil - end - - ['QUEUE', 'RETURN', 'DNAT', 'SNAT', 'LOG', 'MASQUERADE', 'REDIRECT', 'MARK'].each do |jump| - it "should accept jump value #{jump}" do - @resource[:jump] = jump - @resource[:jump].should == jump - end - end - - ['ACCEPT', 'DROP', 'REJECT'].each do |jump| - it "should now fail when value #{jump}" do - lambda { @resource[:jump] = jump }.should raise_error(Puppet::Error) - end - end - - it "should fail when jump value is not recognized" do - lambda { @resource[:jump] = '%^&*' }.should raise_error(Puppet::Error) - end - end - - [:source, :destination].each do |addr| - describe addr do - it "should accept a #{addr} as a string" do - @resource[addr] = '127.0.0.1' - @resource[addr].should == '127.0.0.1/32' - end - ['0.0.0.0/0', '::/0'].each do |prefix| - it "should be nil for zero prefix length address #{prefix}" do - @resource[addr] = prefix - @resource[addr].should == nil - end - end - it "should accept a negated #{addr} as a string" do - @resource[addr] = '! 127.0.0.1' - @resource[addr].should == '! 127.0.0.1/32' - end - end - end - - [:dport, :sport].each do |port| - describe port do - it "should accept a #{port} as string" do - @resource[port] = '22' - @resource[port].should == ['22'] - end - - it "should accept a #{port} as an array" do - @resource[port] = ['22','23'] - @resource[port].should == ['22','23'] - end - - it "should accept a #{port} as a number" do - @resource[port] = 22 - @resource[port].should == ['22'] - end - - it "should accept a #{port} as a hyphen separated range" do - @resource[port] = ['22-1000'] - @resource[port].should == ['22-1000'] - end - - it "should accept a #{port} as a combination of arrays of single and " \ - "hyphen separated ranges" do - - @resource[port] = ['22-1000','33','3000-4000'] - @resource[port].should == ['22-1000','33','3000-4000'] - end - - it "should convert a port name for #{port} to its number" do - @resource[port] = 'ssh' - @resource[port].should == ['22'] - end - - it "should not accept something invalid for #{port}" do - expect { @resource[port] = 'something odd' }.to raise_error(Puppet::Error, /^Parameter .+ failed.+Munging failed for value ".+" in class .+: no such service/) - end - - it "should not accept something invalid in an array for #{port}" do - expect { @resource[port] = ['something odd','something even odder'] }.to raise_error(Puppet::Error, /^Parameter .+ failed.+Munging failed for value ".+" in class .+: no such service/) - end - end - end - - describe 'port deprecated' do - it "raises a warning" do - expect(Puppet).to receive(:warning).with /port to firewall is deprecated/ - @resource[:port] = "22" - end - end - - [:dst_type, :src_type].each do |addrtype| - describe addrtype do - it "should have no default" do - res = @class.new(:name => "000 test") - res.parameters[addrtype].should == nil - end - end - - [:UNSPEC, :UNICAST, :LOCAL, :BROADCAST, :ANYCAST, :MULTICAST, :BLACKHOLE, - :UNREACHABLE, :PROHIBIT, :THROW, :NAT, :XRESOLVE].each do |type| - it "should accept #{addrtype} value #{type}" do - @resource[addrtype] = type - @resource[addrtype].should == type - end - end - - it "should fail when #{addrtype} value is not recognized" do - lambda { @resource[addrtype] = 'foo' }.should raise_error(Puppet::Error) - end - end - - [:iniface, :outiface].each do |iface| - describe iface do - it "should accept #{iface} value as a string" do - @resource[iface] = 'eth1' - @resource[iface].should == 'eth1' - end - it "should accept a negated #{iface} value as a string" do - @resource[iface] = '! eth1' - @resource[iface].should == '! eth1' - end - it "should accept an interface alias for the #{iface} value as a string" do - @resource[iface] = 'eth1:2' - @resource[iface].should == 'eth1:2' - end - end - end - - [:tosource, :todest, :to].each do |addr| - describe addr do - it "should accept #{addr} value as a string" do - @resource[addr] = '127.0.0.1' - end - end - end - - describe ':log_level' do - values = { - 'panic' => '0', - 'alert' => '1', - 'crit' => '2', - 'err' => '3', - 'warn' => '4', - 'warning' => '4', - 'not' => '5', - 'notice' => '5', - 'info' => '6', - 'debug' => '7' - } - - values.each do |k,v| - it { - @resource[:log_level] = k - @resource[:log_level].should == v - } - - it { - @resource[:log_level] = 3 - @resource[:log_level].should == 3 - } - - it { lambda { @resource[:log_level] = 'foo' }.should raise_error(Puppet::Error) } - end - end - - describe ':icmp' do - icmp_codes = { - :iptables => { - '0' => 'echo-reply', - '3' => 'destination-unreachable', - '4' => 'source-quench', - '6' => 'redirect', - '8' => 'echo-request', - '9' => 'router-advertisement', - '10' => 'router-solicitation', - '11' => 'time-exceeded', - '12' => 'parameter-problem', - '13' => 'timestamp-request', - '14' => 'timestamp-reply', - '17' => 'address-mask-request', - '18' => 'address-mask-reply' - }, - :ip6tables => { - '1' => 'destination-unreachable', - '2' => 'too-big', - '3' => 'time-exceeded', - '4' => 'parameter-problem', - '128' => 'echo-request', - '129' => 'echo-reply', - '133' => 'router-solicitation', - '134' => 'router-advertisement', - '137' => 'redirect' - } - } - icmp_codes.each do |provider, values| - describe provider do - values.each do |k,v| - it 'should convert icmp string to number' do - @resource[:provider] = provider - @resource[:provider].should == provider - @resource[:icmp] = v - @resource[:icmp].should == k - end - end - end - end - - it 'should accept values as integers' do - @resource[:icmp] = 9 - @resource[:icmp].should == 9 - end - - it 'should fail if icmp type is "any"' do - lambda { @resource[:icmp] = 'any' }.should raise_error(Puppet::Error) - end - - it 'should fail if icmp type cannot be mapped to a numeric' do - lambda { @resource[:icmp] = 'foo' }.should raise_error(Puppet::Error) - end - end - - describe ':state' do - it 'should accept value as a string' do - @resource[:state] = :INVALID - @resource[:state].should == [:INVALID] - end - - it 'should accept value as an array' do - @resource[:state] = [:INVALID, :NEW] - @resource[:state].should == [:INVALID, :NEW] - end - - it 'should sort values alphabetically' do - @resource[:state] = [:NEW, :ESTABLISHED] - @resource[:state].should == [:ESTABLISHED, :NEW] - end - end - - describe ':ctstate' do - it 'should accept value as a string' do - @resource[:ctstate] = :INVALID - @resource[:ctstate].should == [:INVALID] - end - - it 'should accept value as an array' do - @resource[:ctstate] = [:INVALID, :NEW] - @resource[:ctstate].should == [:INVALID, :NEW] - end - - it 'should sort values alphabetically' do - @resource[:ctstate] = [:NEW, :ESTABLISHED] - @resource[:ctstate].should == [:ESTABLISHED, :NEW] - end - end - - describe ':burst' do - it 'should accept numeric values' do - @resource[:burst] = 12 - @resource[:burst].should == 12 - end - - it 'should fail if value is not numeric' do - lambda { @resource[:burst] = 'foo' }.should raise_error(Puppet::Error) - end - end - - describe ':recent' do - ['set', 'update', 'rcheck', 'remove'].each do |recent| - it "should accept recent value #{recent}" do - @resource[:recent] = recent - @resource[:recent].should == "--#{recent}" - end - end - end - - describe ':action and :jump' do - it 'should allow only 1 to be set at a time' do - expect { - @class.new( - :name => "001-test", - :action => "accept", - :jump => "custom_chain" - ) - }.to raise_error(Puppet::Error, /Only one of the parameters 'action' and 'jump' can be set$/) - end - end - describe ':gid and :uid' do - it 'should allow me to set uid' do - @resource[:uid] = 'root' - @resource[:uid].should == 'root' - end - it 'should allow me to set uid as an array, and silently hide my error' do - @resource[:uid] = ['root', 'bobby'] - @resource[:uid].should == 'root' - end - it 'should allow me to set gid' do - @resource[:gid] = 'root' - @resource[:gid].should == 'root' - end - it 'should allow me to set gid as an array, and silently hide my error' do - @resource[:gid] = ['root', 'bobby'] - @resource[:gid].should == 'root' - end - end - - describe ':set_mark' do - ['1.3.2', '1.4.2'].each do |iptables_version| - describe "with iptables #{iptables_version}" do - before { - Facter.clear - allow(Facter.fact(:iptables_version)).to receive(:value).and_return iptables_version - allow(Facter.fact(:ip6tables_version)).to receive(:value).and_return iptables_version - } - - if iptables_version == '1.3.2' - it 'should allow me to set set-mark without mask' do - @resource[:set_mark] = '0x3e8' - @resource[:set_mark].should == '0x3e8' - end - it 'should convert int to hex without mask' do - @resource[:set_mark] = '1000' - @resource[:set_mark].should == '0x3e8' - end - it 'should fail if mask is present' do - lambda { @resource[:set_mark] = '0x3e8/0xffffffff'}.should raise_error( - Puppet::Error, /iptables version #{iptables_version} does not support masks on MARK rules$/ - ) - end - end - - if iptables_version == '1.4.2' - it 'should allow me to set set-mark with mask' do - @resource[:set_mark] = '0x3e8/0xffffffff' - @resource[:set_mark].should == '0x3e8/0xffffffff' - end - it 'should convert int to hex and add a 32 bit mask' do - @resource[:set_mark] = '1000' - @resource[:set_mark].should == '0x3e8/0xffffffff' - end - it 'should add a 32 bit mask' do - @resource[:set_mark] = '0x32' - @resource[:set_mark].should == '0x32/0xffffffff' - end - it 'should use the mask provided' do - @resource[:set_mark] = '0x32/0x4' - @resource[:set_mark].should == '0x32/0x4' - end - it 'should use the mask provided and convert int to hex' do - @resource[:set_mark] = '1000/0x4' - @resource[:set_mark].should == '0x3e8/0x4' - end - it 'should fail if mask value is more than 32 bits' do - lambda { @resource[:set_mark] = '1/4294967296'}.should raise_error( - Puppet::Error, /MARK mask must be integer or hex between 0 and 0xffffffff$/ - ) - end - it 'should fail if mask is malformed' do - lambda { @resource[:set_mark] = '1000/0xq4'}.should raise_error( - Puppet::Error, /MARK mask must be integer or hex between 0 and 0xffffffff$/ - ) - end - end - - ['/', '1000/', 'pwnie'].each do |bad_mark| - it "should fail with malformed mark '#{bad_mark}'" do - lambda { @resource[:set_mark] = bad_mark}.should raise_error(Puppet::Error) - end - end - it 'should fail if mark value is more than 32 bits' do - lambda { @resource[:set_mark] = '4294967296'}.should raise_error( - Puppet::Error, /MARK value must be integer or hex between 0 and 0xffffffff$/ - ) - end - end - end - end - - [:chain, :jump].each do |param| - describe param do - it 'should autorequire fwchain when table and provider are undefined' do - @resource[param] = 'FOO' - @resource[:table].should == :filter - @resource[:provider].should == :iptables - - chain = Puppet::Type.type(:firewallchain).new(:name => 'FOO:filter:IPv4') - catalog = Puppet::Resource::Catalog.new - catalog.add_resource @resource - catalog.add_resource chain - rel = @resource.autorequire[0] - rel.source.ref.should == chain.ref - rel.target.ref.should == @resource.ref - end - - it 'should autorequire fwchain when table is undefined and provider is ip6tables' do - @resource[param] = 'FOO' - @resource[:table].should == :filter - @resource[:provider] = :ip6tables - - chain = Puppet::Type.type(:firewallchain).new(:name => 'FOO:filter:IPv6') - catalog = Puppet::Resource::Catalog.new - catalog.add_resource @resource - catalog.add_resource chain - rel = @resource.autorequire[0] - rel.source.ref.should == chain.ref - rel.target.ref.should == @resource.ref - end - - it 'should autorequire fwchain when table is raw and provider is undefined' do - @resource[param] = 'FOO' - @resource[:table] = :raw - @resource[:provider].should == :iptables - - chain = Puppet::Type.type(:firewallchain).new(:name => 'FOO:raw:IPv4') - catalog = Puppet::Resource::Catalog.new - catalog.add_resource @resource - catalog.add_resource chain - rel = @resource.autorequire[0] - rel.source.ref.should == chain.ref - rel.target.ref.should == @resource.ref - end - - it 'should autorequire fwchain when table is raw and provider is ip6tables' do - @resource[param] = 'FOO' - @resource[:table] = :raw - @resource[:provider] = :ip6tables - - chain = Puppet::Type.type(:firewallchain).new(:name => 'FOO:raw:IPv6') - catalog = Puppet::Resource::Catalog.new - catalog.add_resource @resource - catalog.add_resource chain - rel = @resource.autorequire[0] - rel.source.ref.should == chain.ref - rel.target.ref.should == @resource.ref - end - - # test where autorequire is still needed (table != filter) - ['INPUT', 'OUTPUT', 'FORWARD'].each do |test_chain| - it "should autorequire fwchain #{test_chain} when table is mangle and provider is undefined" do - @resource[param] = test_chain - @resource[:table] = :mangle - @resource[:provider].should == :iptables - - chain = Puppet::Type.type(:firewallchain).new(:name => "#{test_chain}:mangle:IPv4") - catalog = Puppet::Resource::Catalog.new - catalog.add_resource @resource - catalog.add_resource chain - rel = @resource.autorequire[0] - rel.source.ref.should == chain.ref - rel.target.ref.should == @resource.ref - end - - it "should autorequire fwchain #{test_chain} when table is mangle and provider is ip6tables" do - @resource[param] = test_chain - @resource[:table] = :mangle - @resource[:provider] = :ip6tables - - chain = Puppet::Type.type(:firewallchain).new(:name => "#{test_chain}:mangle:IPv6") - catalog = Puppet::Resource::Catalog.new - catalog.add_resource @resource - catalog.add_resource chain - rel = @resource.autorequire[0] - rel.source.ref.should == chain.ref - rel.target.ref.should == @resource.ref - end - end - - # test of case where autorequire should not happen - ['INPUT', 'OUTPUT', 'FORWARD'].each do |test_chain| - - it "should not autorequire fwchain #{test_chain} when table and provider are undefined" do - @resource[param] = test_chain - @resource[:table].should == :filter - @resource[:provider].should == :iptables - - chain = Puppet::Type.type(:firewallchain).new(:name => "#{test_chain}:filter:IPv4") - catalog = Puppet::Resource::Catalog.new - catalog.add_resource @resource - catalog.add_resource chain - rel = @resource.autorequire[0] - rel.should == nil - end - - it "should not autorequire fwchain #{test_chain} when table is undefined and provider is ip6tables" do - @resource[param] = test_chain - @resource[:table].should == :filter - @resource[:provider] = :ip6tables - - chain = Puppet::Type.type(:firewallchain).new(:name => "#{test_chain}:filter:IPv6") - catalog = Puppet::Resource::Catalog.new - catalog.add_resource @resource - catalog.add_resource chain - rel = @resource.autorequire[0] - rel.should == nil - end - end - end - end - - describe ":chain and :jump" do - it 'should autorequire independent fwchains' do - @resource[:chain] = 'FOO' - @resource[:jump] = 'BAR' - @resource[:table].should == :filter - @resource[:provider].should == :iptables - - chain_foo = Puppet::Type.type(:firewallchain).new(:name => 'FOO:filter:IPv4') - chain_bar = Puppet::Type.type(:firewallchain).new(:name => 'BAR:filter:IPv4') - catalog = Puppet::Resource::Catalog.new - catalog.add_resource @resource - catalog.add_resource chain_foo - catalog.add_resource chain_bar - rel = @resource.autorequire - rel[0].source.ref.should == chain_foo.ref - rel[0].target.ref.should == @resource.ref - rel[1].source.ref.should == chain_bar.ref - rel[1].target.ref.should == @resource.ref - end - end - - describe ':pkttype' do - [:multicast, :broadcast, :unicast].each do |pkttype| - it "should accept pkttype value #{pkttype}" do - @resource[:pkttype] = pkttype - @resource[:pkttype].should == pkttype - end - end - - it 'should fail when the pkttype value is not recognized' do - lambda { @resource[:pkttype] = 'not valid' }.should raise_error(Puppet::Error) - end - end - - describe 'autorequire packages' do - [:iptables, :ip6tables].each do |provider| - it "provider #{provider} should autorequire package iptables" do - @resource[:provider] = provider - @resource[:provider].should == provider - package = Puppet::Type.type(:package).new(:name => 'iptables') - catalog = Puppet::Resource::Catalog.new - catalog.add_resource @resource - catalog.add_resource package - rel = @resource.autorequire[0] - rel.source.ref.should == package.ref - rel.target.ref.should == @resource.ref - end - - it "provider #{provider} should autorequire packages iptables, iptables-persistent, and iptables-services" do - @resource[:provider] = provider - @resource[:provider].should == provider - packages = [ - Puppet::Type.type(:package).new(:name => 'iptables'), - Puppet::Type.type(:package).new(:name => 'iptables-persistent'), - Puppet::Type.type(:package).new(:name => 'iptables-services') - ] - catalog = Puppet::Resource::Catalog.new - catalog.add_resource @resource - packages.each do |package| - catalog.add_resource package - end - packages.zip(@resource.autorequire) do |package, rel| - rel.source.ref.should == package.ref - rel.target.ref.should == @resource.ref - end - end - end - end - it 'is suitable' do - expect(@resource.suitable?).to be_truthy - end -end - -describe 'firewall on unsupported platforms' do - it 'is not suitable' do - # Stub iptables version - allow(Facter.fact(:iptables_version)).to receive(:value).and_return(nil) - allow(Facter.fact(:ip6tables_version)).to receive(:value).and_return(nil) - - # Stub confine facts - allow(Facter.fact(:kernel)).to receive(:value).and_return('Darwin') - allow(Facter.fact(:operatingsystem)).to receive(:value).and_return('Darwin') - resource = firewall.new(:name => "000 test foo", :ensure => :present) - - # If our provider list is nil, then the Puppet::Transaction#evaluate will - # say 'Error: Could not find a suitable provider for firewall' but there - # isn't a unit testable way to get this. - expect(resource.suitable?).to be_falsey - end -end diff --git a/firewall/spec/unit/puppet/type/firewallchain_spec.rb b/firewall/spec/unit/puppet/type/firewallchain_spec.rb deleted file mode 100755 index 0658d639a..000000000 --- a/firewall/spec/unit/puppet/type/firewallchain_spec.rb +++ /dev/null @@ -1,211 +0,0 @@ -#!/usr/bin/env rspec - -require 'spec_helper' - -firewallchain = Puppet::Type.type(:firewallchain) - -describe firewallchain do - before(:each) do - # Stub confine facts - allow(Facter.fact(:kernel)).to receive(:value).and_return('Linux') - allow(Facter.fact(:operatingsystem)).to receive(:value).and_return('Debian') - end - let(:klass) { firewallchain } - let(:provider) { - prov = double 'provider' - allow(prov).to receive(:name).and_return(:iptables_chain) - prov - } - let(:resource) { - allow(Puppet::Type::Firewallchain).to receive(:defaultprovider).and_return provider - klass.new({:name => 'INPUT:filter:IPv4', :policy => :accept }) - } - - it 'should have :name be its namevar' do - klass.key_attributes.should == [:name] - end - - describe ':name' do - {'nat' => ['PREROUTING', 'POSTROUTING', 'INPUT', 'OUTPUT'], - 'mangle' => [ 'PREROUTING', 'POSTROUTING', 'INPUT', 'FORWARD', 'OUTPUT' ], - 'filter' => ['INPUT','OUTPUT','FORWARD'], - 'raw' => [ 'PREROUTING', 'OUTPUT'], - 'broute' => ['BROUTING'], - 'security' => ['INPUT','OUTPUT','FORWARD'] - }.each_pair do |table, allowedinternalchains| - ['IPv4', 'IPv6', 'ethernet'].each do |protocol| - [ 'test', '$5()*&%\'"^$09):' ].each do |chainname| - name = "#{chainname}:#{table}:#{protocol}" - if table == 'nat' && protocol == 'IPv6' - it "should fail #{name}" do - expect { resource[:name] = name }.to raise_error(Puppet::Error) - end - elsif protocol != 'ethernet' && table == 'broute' - it "should fail #{name}" do - expect { resource[:name] = name }.to raise_error(Puppet::Error) - end - else - it "should accept name #{name}" do - resource[:name] = name - resource[:name].should == name - end - end - end # chainname - end # protocol - - [ 'PREROUTING', 'POSTROUTING', 'BROUTING', 'INPUT', 'FORWARD', 'OUTPUT' ].each do |internalchain| - name = internalchain + ':' + table + ':' - if internalchain == 'BROUTING' - name += 'ethernet' - elsif table == 'nat' - name += 'IPv4' - else - name += 'IPv4' - end - if allowedinternalchains.include? internalchain - it "should allow #{name}" do - resource[:name] = name - resource[:name].should == name - end - else - it "should fail #{name}" do - expect { resource[:name] = name }.to raise_error(Puppet::Error) - end - end - end # internalchain - - end # table, allowedinternalchainnames - - it 'should fail with invalid table names' do - expect { resource[:name] = 'wrongtablename:test:IPv4' }.to raise_error(Puppet::Error) - end - - it 'should fail with invalid protocols names' do - expect { resource[:name] = 'test:filter:IPv5' }.to raise_error(Puppet::Error) - end - - end - - describe ':policy' do - - [:accept, :drop, :queue, :return].each do |policy| - it "should accept policy #{policy}" do - resource[:policy] = policy - resource[:policy].should == policy - end - end - - it 'should fail when value is not recognized' do - expect { resource[:policy] = 'not valid' }.to raise_error(Puppet::Error) - end - - [:accept, :drop, :queue, :return].each do |policy| - it "non-inbuilt chains should not accept policy #{policy}" do - expect { klass.new({:name => 'testchain:filter:IPv4', :policy => policy }) }.to raise_error(Puppet::Error) - end - it "non-inbuilt chains can accept policies on protocol = ethernet (policy #{policy})" do - klass.new({:name => 'testchain:filter:ethernet', :policy => policy }) - end - end - - end - - describe 'autorequire packages' do - it "provider iptables_chain should autorequire package iptables" do - resource[:provider].should == :iptables_chain - package = Puppet::Type.type(:package).new(:name => 'iptables') - catalog = Puppet::Resource::Catalog.new - catalog.add_resource resource - catalog.add_resource package - rel = resource.autorequire[0] - rel.source.ref.should == package.ref - rel.target.ref.should == resource.ref - end - - it "provider iptables_chain should autorequire packages iptables, iptables-persistent, and iptables-services" do - resource[:provider].should == :iptables_chain - packages = [ - Puppet::Type.type(:package).new(:name => 'iptables'), - Puppet::Type.type(:package).new(:name => 'iptables-persistent'), - Puppet::Type.type(:package).new(:name => 'iptables-services') - ] - catalog = Puppet::Resource::Catalog.new - catalog.add_resource resource - packages.each do |package| - catalog.add_resource package - end - packages.zip(resource.autorequire) do |package, rel| - rel.source.ref.should == package.ref - rel.target.ref.should == resource.ref - end - end - end - - describe 'purge iptables rules' do - before(:each) do - stub_return = < 'INPUT:filter:IPv4', :purge => true) - - expect(resource.generate.size).to eq(3) - end - - it 'should not generate ignored iptables rules' do - allow(Facter.fact(:ip6tables_version)).to receive(:value).and_return("1.4.21") - resource = Puppet::Type::Firewallchain.new(:name => 'INPUT:filter:IPv4', :purge => true, :ignore => ['-j fail2ban-ssh']) - - expect(resource.generate.size).to eq(2) - end - - it 'should not generate iptables resources when not enabled' do - resource = Puppet::Type::Firewallchain.new(:name => 'INPUT:filter:IPv4') - - expect(resource.generate.size).to eq(0) - end - end - it 'is suitable' do - expect(resource.suitable?).to be_truthy - end -end - -describe 'firewall on unsupported platforms' do - it 'is not suitable' do - # Stub iptables version - allow(Facter.fact(:iptables_version)).to receive(:value).and_return(nil) - allow(Facter.fact(:ip6tables_version)).to receive(:value).and_return(nil) - - # Stub confine facts - allow(Facter.fact(:kernel)).to receive(:value).and_return('Darwin') - allow(Facter.fact(:operatingsystem)).to receive(:value).and_return('Darwin') - resource = firewallchain.new(:name => "INPUT:filter:IPv4", :ensure => :present) - - # If our provider list is nil, then the Puppet::Transaction#evaluate will - # say 'Error: Could not find a suitable provider for firewall' but there - # isn't a unit testable way to get this. - expect(resource.suitable?).to be_falsey - end -end diff --git a/firewall/spec/unit/puppet/util/firewall_spec.rb b/firewall/spec/unit/puppet/util/firewall_spec.rb deleted file mode 100644 index 18d8af1b5..000000000 --- a/firewall/spec/unit/puppet/util/firewall_spec.rb +++ /dev/null @@ -1,208 +0,0 @@ -require 'spec_helper' - -describe 'Puppet::Util::Firewall' do - let(:resource) { - type = Puppet::Type.type(:firewall) - provider = double 'provider' - allow(provider).to receive(:name).and_return(:iptables) - allow(Puppet::Type::Firewall).to receive(:defaultprovider).and_return(provider) - type.new({:name => '000 test foo'}) - } - - before(:each) { resource } - - describe '#host_to_ip' do - subject { resource } - specify { - expect(Resolv).to receive(:getaddress).with('puppetlabs.com').and_return('96.126.112.51') - subject.host_to_ip('puppetlabs.com').should == '96.126.112.51/32' - } - specify { subject.host_to_ip('96.126.112.51').should == '96.126.112.51/32' } - specify { subject.host_to_ip('96.126.112.51/32').should == '96.126.112.51/32' } - specify { subject.host_to_ip('2001:db8:85a3:0:0:8a2e:370:7334').should == '2001:db8:85a3::8a2e:370:7334/128' } - specify { subject.host_to_ip('2001:db8:1234::/48').should == '2001:db8:1234::/48' } - specify { subject.host_to_ip('0.0.0.0/0').should == nil } - specify { subject.host_to_ip('::/0').should == nil } - end - - describe '#host_to_mask' do - subject { resource } - specify { - expect(Resolv).to receive(:getaddress).at_least(:once).with('puppetlabs.com').and_return('96.126.112.51') - subject.host_to_mask('puppetlabs.com').should == '96.126.112.51/32' - subject.host_to_mask('!puppetlabs.com').should == '! 96.126.112.51/32' - } - specify { subject.host_to_mask('96.126.112.51').should == '96.126.112.51/32' } - specify { subject.host_to_mask('!96.126.112.51').should == '! 96.126.112.51/32' } - specify { subject.host_to_mask('96.126.112.51/32').should == '96.126.112.51/32' } - specify { subject.host_to_mask('! 96.126.112.51/32').should == '! 96.126.112.51/32' } - specify { subject.host_to_mask('2001:db8:85a3:0:0:8a2e:370:7334').should == '2001:db8:85a3::8a2e:370:7334/128' } - specify { subject.host_to_mask('!2001:db8:85a3:0:0:8a2e:370:7334').should == '! 2001:db8:85a3::8a2e:370:7334/128' } - specify { subject.host_to_mask('2001:db8:1234::/48').should == '2001:db8:1234::/48' } - specify { subject.host_to_mask('! 2001:db8:1234::/48').should == '! 2001:db8:1234::/48' } - specify { subject.host_to_mask('0.0.0.0/0').should == nil } - specify { subject.host_to_mask('!0.0.0.0/0').should == nil } - specify { subject.host_to_mask('::/0').should == nil } - specify { subject.host_to_mask('! ::/0').should == nil } - end - - describe '#icmp_name_to_number' do - describe 'proto unsupported' do - subject { resource } - - %w{inet5 inet8 foo}.each do |proto| - it "should reject invalid proto #{proto}" do - expect { subject.icmp_name_to_number('echo-reply', proto) }. - to raise_error(ArgumentError, "unsupported protocol family '#{proto}'") - end - end - end - - describe 'proto IPv4' do - proto = 'inet' - subject { resource } - specify { subject.icmp_name_to_number('echo-reply', proto).should == '0' } - specify { subject.icmp_name_to_number('destination-unreachable', proto).should == '3' } - specify { subject.icmp_name_to_number('source-quench', proto).should == '4' } - specify { subject.icmp_name_to_number('redirect', proto).should == '6' } - specify { subject.icmp_name_to_number('echo-request', proto).should == '8' } - specify { subject.icmp_name_to_number('router-advertisement', proto).should == '9' } - specify { subject.icmp_name_to_number('router-solicitation', proto).should == '10' } - specify { subject.icmp_name_to_number('time-exceeded', proto).should == '11' } - specify { subject.icmp_name_to_number('parameter-problem', proto).should == '12' } - specify { subject.icmp_name_to_number('timestamp-request', proto).should == '13' } - specify { subject.icmp_name_to_number('timestamp-reply', proto).should == '14' } - specify { subject.icmp_name_to_number('address-mask-request', proto).should == '17' } - specify { subject.icmp_name_to_number('address-mask-reply', proto).should == '18' } - end - - describe 'proto IPv6' do - proto = 'inet6' - subject { resource } - specify { subject.icmp_name_to_number('destination-unreachable', proto).should == '1' } - specify { subject.icmp_name_to_number('time-exceeded', proto).should == '3' } - specify { subject.icmp_name_to_number('parameter-problem', proto).should == '4' } - specify { subject.icmp_name_to_number('echo-request', proto).should == '128' } - specify { subject.icmp_name_to_number('echo-reply', proto).should == '129' } - specify { subject.icmp_name_to_number('router-solicitation', proto).should == '133' } - specify { subject.icmp_name_to_number('router-advertisement', proto).should == '134' } - specify { subject.icmp_name_to_number('neighbour-solicitation', proto).should == '135' } - specify { subject.icmp_name_to_number('neighbour-advertisement', proto).should == '136' } - specify { subject.icmp_name_to_number('redirect', proto).should == '137' } - end - end - - describe '#string_to_port' do - subject { resource } - specify { subject.string_to_port('80','tcp').should == '80' } - specify { subject.string_to_port(80,'tcp').should == '80' } - specify { subject.string_to_port('http','tcp').should == '80' } - specify { subject.string_to_port('domain','udp').should == '53' } - end - - describe '#to_hex32' do - subject { resource } - specify { subject.to_hex32('0').should == '0x0' } - specify { subject.to_hex32('0x32').should == '0x32' } - specify { subject.to_hex32('42').should == '0x2a' } - specify { subject.to_hex32('4294967295').should == '0xffffffff' } - specify { subject.to_hex32('4294967296').should == nil } - specify { subject.to_hex32('-1').should == nil } - specify { subject.to_hex32('bananas').should == nil } - end - - describe '#persist_iptables' do - before { Facter.clear } - subject { resource } - - describe 'when proto is IPv4' do - let(:proto) { 'IPv4' } - - it 'should exec /sbin/service if running RHEL 6 or earlier' do - allow(Facter.fact(:osfamily)).to receive(:value).and_return('RedHat') - allow(Facter.fact(:operatingsystem)).to receive(:value).and_return('RedHat') - allow(Facter.fact(:operatingsystemrelease)).to receive(:value).and_return('6') - - expect(subject).to receive(:execute).with(%w{/sbin/service iptables save}) - subject.persist_iptables(proto) - end - - it 'should exec for systemd if running RHEL 7 or greater' do - allow(Facter.fact(:osfamily)).to receive(:value).and_return('RedHat') - allow(Facter.fact(:operatingsystem)).to receive(:value).and_return('RedHat') - allow(Facter.fact(:operatingsystemrelease)).to receive(:value).and_return('7') - - expect(subject).to receive(:execute).with(%w{/usr/libexec/iptables/iptables.init save}) - subject.persist_iptables(proto) - end - - it 'should exec for systemd if running Fedora 15 or greater' do - allow(Facter.fact(:osfamily)).to receive(:value).and_return('RedHat') - allow(Facter.fact(:operatingsystem)).to receive(:value).and_return('Fedora') - allow(Facter.fact(:operatingsystemrelease)).to receive(:value).and_return('15') - - expect(subject).to receive(:execute).with(%w{/usr/libexec/iptables/iptables.init save}) - subject.persist_iptables(proto) - end - - it 'should exec for CentOS 6 identified from operatingsystem and operatingsystemrelease' do - allow(Facter.fact(:osfamily)).to receive(:value).and_return(nil) - allow(Facter.fact(:operatingsystem)).to receive(:value).and_return('CentOS') - allow(Facter.fact(:operatingsystemrelease)).to receive(:value).and_return('6.5') - expect(subject).to receive(:execute).with(%w{/sbin/service iptables save}) - subject.persist_iptables(proto) - end - - it 'should exec for CentOS 7 identified from operatingsystem and operatingsystemrelease' do - allow(Facter.fact(:osfamily)).to receive(:value).and_return(nil) - allow(Facter.fact(:operatingsystem)).to receive(:value).and_return('CentOS') - allow(Facter.fact(:operatingsystemrelease)).to receive(:value).and_return('7.0.1406') - expect(subject).to receive(:execute).with(%w{/usr/libexec/iptables/iptables.init save}) - subject.persist_iptables(proto) - end - - it 'should exec for Archlinux identified from osfamily' do - allow(Facter.fact(:osfamily)).to receive(:value).and_return('Archlinux') - expect(subject).to receive(:execute).with(['/bin/sh', '-c', '/usr/sbin/iptables-save > /etc/iptables/iptables.rules']) - subject.persist_iptables(proto) - end - - it 'should raise a warning when exec fails' do - allow(Facter.fact(:osfamily)).to receive(:value).and_return('RedHat') - allow(Facter.fact(:operatingsystem)).to receive(:value).and_return('RedHat') - allow(Facter.fact(:operatingsystemrelease)).to receive(:value).and_return('6') - - expect(subject).to receive(:execute).with(%w{/sbin/service iptables save}). - and_raise(Puppet::ExecutionFailure, 'some error') - expect(subject).to receive(:warning).with('Unable to persist firewall rules: some error') - subject.persist_iptables(proto) - end - end - - describe 'when proto is IPv6' do - let(:proto) { 'IPv6' } - - it 'should exec for newer Ubuntu' do - allow(Facter.fact(:osfamily)).to receive(:value).and_return(nil) - allow(Facter.fact(:operatingsystem)).to receive(:value).and_return('Ubuntu') - allow(Facter.fact(:iptables_persistent_version)).to receive(:value).and_return('0.5.3ubuntu2') - expect(subject).to receive(:execute).with(%w{/usr/sbin/service iptables-persistent save}) - subject.persist_iptables(proto) - end - - it 'should not exec for older Ubuntu which does not support IPv6' do - allow(Facter.fact(:osfamily)).to receive(:value).and_return(nil) - allow(Facter.fact(:operatingsystem)).to receive(:value).and_return('Ubuntu') - allow(Facter.fact(:iptables_persistent_version)).to receive(:value).and_return('0.0.20090701') - expect(subject).to receive(:execute).never - subject.persist_iptables(proto) - end - - it 'should not exec for Suse which is not supported' do - allow(Facter.fact(:osfamily)).to receive(:value).and_return('Suse') - expect(subject).to receive(:execute).never - subject.persist_iptables(proto) - end - end - end -end diff --git a/firewall/spec/unit/puppet/util/ipcidr_spec.rb b/firewall/spec/unit/puppet/util/ipcidr_spec.rb deleted file mode 100644 index 916f74a35..000000000 --- a/firewall/spec/unit/puppet/util/ipcidr_spec.rb +++ /dev/null @@ -1,67 +0,0 @@ -require 'spec_helper' - -describe 'Puppet::Util::IPCidr' do - describe 'ipv4 address' do - before { @ipaddr = Puppet::Util::IPCidr.new('96.126.112.51') } - subject { @ipaddr } - specify { subject.cidr.should == '96.126.112.51/32' } - specify { subject.prefixlen.should == 32 } - specify { subject.netmask.should == '255.255.255.255' } - end - - describe 'single ipv4 address with cidr' do - before { @ipcidr = Puppet::Util::IPCidr.new('96.126.112.51/32') } - subject { @ipcidr } - specify { subject.cidr.should == '96.126.112.51/32' } - specify { subject.prefixlen.should == 32 } - specify { subject.netmask.should == '255.255.255.255' } - end - - describe 'ipv4 address range with cidr' do - before { @ipcidr = Puppet::Util::IPCidr.new('96.126.112.0/24') } - subject { @ipcidr } - specify { subject.cidr.should == '96.126.112.0/24' } - specify { subject.prefixlen.should == 24 } - specify { subject.netmask.should == '255.255.255.0' } - end - - describe 'ipv4 open range with cidr' do - before { @ipcidr = Puppet::Util::IPCidr.new('0.0.0.0/0') } - subject { @ipcidr } - specify { subject.cidr.should == '0.0.0.0/0' } - specify { subject.prefixlen.should == 0 } - specify { subject.netmask.should == '0.0.0.0' } - end - - describe 'ipv6 address' do - before { @ipaddr = Puppet::Util::IPCidr.new('2001:db8:85a3:0:0:8a2e:370:7334') } - subject { @ipaddr } - specify { subject.cidr.should == '2001:db8:85a3::8a2e:370:7334/128' } - specify { subject.prefixlen.should == 128 } - specify { subject.netmask.should == 'ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff' } - end - - describe 'single ipv6 addr with cidr' do - before { @ipaddr = Puppet::Util::IPCidr.new('2001:db8:85a3:0:0:8a2e:370:7334/128') } - subject { @ipaddr } - specify { subject.cidr.should == '2001:db8:85a3::8a2e:370:7334/128' } - specify { subject.prefixlen.should == 128 } - specify { subject.netmask.should == 'ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff' } - end - - describe 'ipv6 addr range with cidr' do - before { @ipaddr = Puppet::Util::IPCidr.new('2001:db8:1234::/48') } - subject { @ipaddr } - specify { subject.cidr.should == '2001:db8:1234::/48' } - specify { subject.prefixlen.should == 48 } - specify { subject.netmask.should == 'ffff:ffff:ffff:0000:0000:0000:0000:0000' } - end - - describe 'ipv6 open range with cidr' do - before { @ipaddr = Puppet::Util::IPCidr.new('::/0') } - subject { @ipaddr } - specify { subject.cidr.should == '::/0' } - specify { subject.prefixlen.should == 0 } - specify { subject.netmask.should == '0000:0000:0000:0000:0000:0000:0000:0000' } - end -end diff --git a/fluentd/.fixtures.yml b/fluentd/.fixtures.yml deleted file mode 100644 index d73a0c5d5..000000000 --- a/fluentd/.fixtures.yml +++ /dev/null @@ -1,6 +0,0 @@ -fixtures: - repositories: - stdlib: "git://github.com/puppetlabs/puppetlabs-stdlib.git" - apt: "git://github.com/puppetlabs/puppetlabs-apt.git" - symlinks: - fluentd: "#{source_dir}" diff --git a/fluentd/.gitignore b/fluentd/.gitignore deleted file mode 100644 index 1ac0a277b..000000000 --- a/fluentd/.gitignore +++ /dev/null @@ -1,5 +0,0 @@ -.vagrant/ -Gemfile.lock -log/ -pkg/ -spec/fixtures/ diff --git a/fluentd/.travis.yml b/fluentd/.travis.yml deleted file mode 100644 index ab9c06a35..000000000 --- a/fluentd/.travis.yml +++ /dev/null @@ -1,26 +0,0 @@ ---- -language: ruby -sudo: required -services: - - docker -script: - - bundle exec rake $COMMAND -rvm: 2.2.3 -env: - - COMMAND=lint - - COMMAND=metadata - - COMMAND=spec PUPPET_VERSION=4.3.1 - - COMMAND=spec PUPPET_VERSION=4.2.3 - - COMMAND=spec PUPPET_VERSION=4.0.0 - - COMMAND=beaker BEAKER_set=centos-6-x64 PUPPET_INSTALL_VERSION=1.3.2 PUPPET_INSTALL_TYPE=agent - - COMMAND=beaker BEAKER_set=centos-7-x64 PUPPET_INSTALL_VERSION=1.3.2 PUPPET_INSTALL_TYPE=agent - - COMMAND=beaker BEAKER_set=debian-7-amd64 PUPPET_INSTALL_VERSION=1.3.2 PUPPET_INSTALL_TYPE=agent - - COMMAND=beaker BEAKER_set=ubuntu-server-1404-x64 PUPPET_INSTALL_VERSION=1.3.2 PUPPET_INSTALL_TYPE=agent - - COMMAND=beaker BEAKER_set=centos-6-x64 PUPPET_INSTALL_VERSION=1.2.7 PUPPET_INSTALL_TYPE=agent - - COMMAND=beaker BEAKER_set=centos-7-x64 PUPPET_INSTALL_VERSION=1.2.7 PUPPET_INSTALL_TYPE=agent - - COMMAND=beaker BEAKER_set=debian-7-amd64 PUPPET_INSTALL_VERSION=1.2.7 PUPPET_INSTALL_TYPE=agent - - COMMAND=beaker BEAKER_set=ubuntu-server-1404-x64 PUPPET_INSTALL_VERSION=1.2.7 PUPPET_INSTALL_TYPE=agent - - COMMAND=beaker BEAKER_set=centos-6-x64 PUPPET_INSTALL_VERSION=1.0.1 PUPPET_INSTALL_TYPE=agent - - COMMAND=beaker BEAKER_set=centos-7-x64 PUPPET_INSTALL_VERSION=1.0.1 PUPPET_INSTALL_TYPE=agent - - COMMAND=beaker BEAKER_set=debian-7-amd64 PUPPET_INSTALL_VERSION=1.0.1 PUPPET_INSTALL_TYPE=agent - - COMMAND=beaker BEAKER_set=ubuntu-server-1404-x64 PUPPET_INSTALL_VERSION=1.0.1 PUPPET_INSTALL_TYPE=agent diff --git a/fluentd/CHANGELOG.md b/fluentd/CHANGELOG.md deleted file mode 100644 index 5a71ce019..000000000 --- a/fluentd/CHANGELOG.md +++ /dev/null @@ -1,36 +0,0 @@ -## 2016-02-03 - Release v. 0.4.0 - - - Support CentOS 6 - -## 2016-01-22 - Release v. 0.3.2 - - - Purge unmanaged config files - - Manage td-agent.conf file with a fully qualified path - - Fix the issue with td-agent service being enabled on each run on EL7 - -## 2015-12-02 - Release v. 0.3.1 - - - Add param `repo_desc` - -## 2015-10-28 - Release v. 0.3.0 - - - Remove class `fluentd::config` - - Add defined type `fluentd::config` - - Add defined type `fluentd::plugin` - -## 2015-10-22 - Release v. 0.2.0 - - - Add param `service_manage` - - Add param `repo_gpgkeyid` - - Add param `repo_install` - - Add param `plugin_source` - - Rename param `repo_baseurl` to `repo_url` - - Remove param `config_template` - - Param validation - - Support Ubuntu 14.04 - - Support Debian 7.8 - - Support nested config tags - -## 2015-10-19 - Release v. 0.1.0 - - - Initial release diff --git a/fluentd/Gemfile b/fluentd/Gemfile deleted file mode 100644 index 5aa38ecc2..000000000 --- a/fluentd/Gemfile +++ /dev/null @@ -1,13 +0,0 @@ -source 'https://rubygems.org' - -gem 'puppet', ENV.fetch('PUPPET_VERSION', '>= 3.3') - -gem 'rake' -gem 'puppet-lint', '>= 1.0.0' -gem 'metadata-json-lint' - -gem 'puppetlabs_spec_helper', '>= 0.8.2' - -gem 'beaker-rspec' -gem 'beaker-puppet_install_helper' -gem 'pry', require: false diff --git a/fluentd/LICENSE b/fluentd/LICENSE deleted file mode 100644 index d0381d6d0..000000000 --- a/fluentd/LICENSE +++ /dev/null @@ -1,176 +0,0 @@ -Apache License - Version 2.0, January 2004 - http://www.apache.org/licenses/ - - TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION - - 1. Definitions. - - "License" shall mean the terms and conditions for use, reproduction, - and distribution as defined by Sections 1 through 9 of this document. - - "Licensor" shall mean the copyright owner or entity authorized by - the copyright owner that is granting the License. - - "Legal Entity" shall mean the union of the acting entity and all - other entities that control, are controlled by, or are under common - control with that entity. For the purposes of this definition, - "control" means (i) the power, direct or indirect, to cause the - direction or management of such entity, whether by contract or - otherwise, or (ii) ownership of fifty percent (50%) or more of the - outstanding shares, or (iii) beneficial ownership of such entity. - - "You" (or "Your") shall mean an individual or Legal Entity - exercising permissions granted by this License. - - "Source" form shall mean the preferred form for making modifications, - including but not limited to software source code, documentation - source, and configuration files. - - "Object" form shall mean any form resulting from mechanical - transformation or translation of a Source form, including but - not limited to compiled object code, generated documentation, - and conversions to other media types. - - "Work" shall mean the work of authorship, whether in Source or - Object form, made available under the License, as indicated by a - copyright notice that is included in or attached to the work - (an example is provided in the Appendix below). - - "Derivative Works" shall mean any work, whether in Source or Object - form, that is based on (or derived from) the Work and for which the - editorial revisions, annotations, elaborations, or other modifications - represent, as a whole, an original work of authorship. For the purposes - of this License, Derivative Works shall not include works that remain - separable from, or merely link (or bind by name) to the interfaces of, - the Work and Derivative Works thereof. - - "Contribution" shall mean any work of authorship, including - the original version of the Work and any modifications or additions - to that Work or Derivative Works thereof, that is intentionally - submitted to Licensor for inclusion in the Work by the copyright owner - or by an individual or Legal Entity authorized to submit on behalf of - the copyright owner. For the purposes of this definition, "submitted" - means any form of electronic, verbal, or written communication sent - to the Licensor or its representatives, including but not limited to - communication on electronic mailing lists, source code control systems, - and issue tracking systems that are managed by, or on behalf of, the - Licensor for the purpose of discussing and improving the Work, but - excluding communication that is conspicuously marked or otherwise - designated in writing by the copyright owner as "Not a Contribution." - - "Contributor" shall mean Licensor and any individual or Legal Entity - on behalf of whom a Contribution has been received by Licensor and - subsequently incorporated within the Work. - - 2. Grant of Copyright License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - copyright license to reproduce, prepare Derivative Works of, - publicly display, publicly perform, sublicense, and distribute the - Work and such Derivative Works in Source or Object form. - - 3. Grant of Patent License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - (except as stated in this section) patent license to make, have made, - use, offer to sell, sell, import, and otherwise transfer the Work, - where such license applies only to those patent claims licensable - by such Contributor that are necessarily infringed by their - Contribution(s) alone or by combination of their Contribution(s) - with the Work to which such Contribution(s) was submitted. If You - institute patent litigation against any entity (including a - cross-claim or counterclaim in a lawsuit) alleging that the Work - or a Contribution incorporated within the Work constitutes direct - or contributory patent infringement, then any patent licenses - granted to You under this License for that Work shall terminate - as of the date such litigation is filed. - - 4. Redistribution. You may reproduce and distribute copies of the - Work or Derivative Works thereof in any medium, with or without - modifications, and in Source or Object form, provided that You - meet the following conditions: - - (a) You must give any other recipients of the Work or - Derivative Works a copy of this License; and - - (b) You must cause any modified files to carry prominent notices - stating that You changed the files; and - - (c) You must retain, in the Source form of any Derivative Works - that You distribute, all copyright, patent, trademark, and - attribution notices from the Source form of the Work, - excluding those notices that do not pertain to any part of - the Derivative Works; and - - (d) If the Work includes a "NOTICE" text file as part of its - distribution, then any Derivative Works that You distribute must - include a readable copy of the attribution notices contained - within such NOTICE file, excluding those notices that do not - pertain to any part of the Derivative Works, in at least one - of the following places: within a NOTICE text file distributed - as part of the Derivative Works; within the Source form or - documentation, if provided along with the Derivative Works; or, - within a display generated by the Derivative Works, if and - wherever such third-party notices normally appear. The contents - of the NOTICE file are for informational purposes only and - do not modify the License. You may add Your own attribution - notices within Derivative Works that You distribute, alongside - or as an addendum to the NOTICE text from the Work, provided - that such additional attribution notices cannot be construed - as modifying the License. - - You may add Your own copyright statement to Your modifications and - may provide additional or different license terms and conditions - for use, reproduction, or distribution of Your modifications, or - for any such Derivative Works as a whole, provided Your use, - reproduction, and distribution of the Work otherwise complies with - the conditions stated in this License. - - 5. Submission of Contributions. Unless You explicitly state otherwise, - any Contribution intentionally submitted for inclusion in the Work - by You to the Licensor shall be under the terms and conditions of - this License, without any additional terms or conditions. - Notwithstanding the above, nothing herein shall supersede or modify - the terms of any separate license agreement you may have executed - with Licensor regarding such Contributions. - - 6. Trademarks. This License does not grant permission to use the trade - names, trademarks, service marks, or product names of the Licensor, - except as required for reasonable and customary use in describing the - origin of the Work and reproducing the content of the NOTICE file. - - 7. Disclaimer of Warranty. Unless required by applicable law or - agreed to in writing, Licensor provides the Work (and each - Contributor provides its Contributions) on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or - implied, including, without limitation, any warranties or conditions - of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A - PARTICULAR PURPOSE. You are solely responsible for determining the - appropriateness of using or redistributing the Work and assume any - risks associated with Your exercise of permissions under this License. - - 8. Limitation of Liability. In no event and under no legal theory, - whether in tort (including negligence), contract, or otherwise, - unless required by applicable law (such as deliberate and grossly - negligent acts) or agreed to in writing, shall any Contributor be - liable to You for damages, including any direct, indirect, special, - incidental, or consequential damages of any character arising as a - result of this License or out of the use or inability to use the - Work (including but not limited to damages for loss of goodwill, - work stoppage, computer failure or malfunction, or any and all - other commercial damages or losses), even if such Contributor - has been advised of the possibility of such damages. - - 9. Accepting Warranty or Additional Liability. While redistributing - the Work or Derivative Works thereof, You may choose to offer, - and charge a fee for, acceptance of support, warranty, indemnity, - or other liability obligations and/or rights consistent with this - License. However, in accepting such obligations, You may act only - on Your own behalf and on Your sole responsibility, not on behalf - of any other Contributor, and only if You agree to indemnify, - defend, and hold each Contributor harmless for any liability - incurred by, or claims asserted against, such Contributor by reason - of your accepting any such warranty or additional liability. - - END OF TERMS AND CONDITIONS diff --git a/fluentd/README.md b/fluentd/README.md deleted file mode 100644 index 1bd02b503..000000000 --- a/fluentd/README.md +++ /dev/null @@ -1,217 +0,0 @@ -# Fluentd - -[![Build Status](https://travis-ci.org/soylent/konstantin-fluentd.svg?branch=master)](https://travis-ci.org/soylent/konstantin-fluentd) - -Install, configure, and manage Fluentd data collector. - -## Module Description - -* Installs `td-agent` package -* Generates configuration file `td-agent.conf` -* Generates custom configuration files and saves them to `config.d/` -* Manages `td-agent` service -* Installs Fluentd gem plugins - -## Usage - -### Routing Events To Elasticsearch - -```puppet -include fluentd - -fluentd::plugin { 'fluent-plugin-elasticsearch': } - -fluentd::config { '500_elasticsearch.conf': - config => { - 'source' => { - 'type' => 'unix', - 'path' => '/tmp/td-agent/td-agent.sock', - }, - 'match' => { - 'tag_pattern' => '**', - 'type' => 'elasticsearch', - 'index_name' => 'foo', - 'type_name' => 'bar', - 'logstash_format' => true, - } - } -} -``` - -### Forwarding Events To Fluentd Aggregator - -```puppet -include fluentd - -fluentd::config { '600_forwarding.conf': - config => { - 'source' => { - 'type' => unix, - 'path' => '/tmp/td-agent/td-agent.sock', - }, - 'match' => { - 'tag_pattern' => '**', - 'type' => forward, - 'server' => [ - { 'host' => 'example1.com', 'port' => 24224 }, - { 'host' => 'example2.com', 'port' => 24224 }, - ] - } - } -} -``` - -### Config File Naming - -All configs employ a numbering system in the resource's title that is used for -ordering. When titling your config, make sure you prefix the filename with a -number, for example, `999_catch_all.conf`, `500_elasticsearch.conf` (999 has -smaller priority than 500) - -## Reference - -### Classes - -#### Public Classes - -* `fluentd`: Main class, includes all other classes. - -#### Private Classes - -* `fluentd::install`: Handles the packages. -* `fluentd::service`: Handles the service. - -### Parameters - -The following parameters are available in the `fluentd` class: - -#### `repo_install` - -Default value: true - -#### `repo_name` - -Default value: 'treasuredata' - -#### `repo_desc` - -Default value: 'TreasureData' - -#### `repo_url` - -Default value: 'http://packages.treasuredata.com/2/redhat/$releasever/$basearch' - -#### `repo_enabled` - -Default value: true - -#### `repo_gpgcheck` - -Default value: true - -#### `repo_gpgkey` - -Default value: 'https://packages.treasuredata.com/GPG-KEY-td-agent' - -#### `repo_gpgkeyid` - -Default value: 'C901622B5EC4AF820C38AB861093DB45A12E206F' - -#### `package_name` - -Default value: 'td-agent' - -#### `package_ensure` - -Default value: present - -#### `service_name` - -Default value: 'td-agent' - -#### `service_ensure` - -Default value: running - -#### `service_enable` - -Default value: true - -#### `service_manage` - -Default value: true - -#### `config_file` - -Default value: '/etc/td-agent/td-agent.conf' - -### Public Defines - -* `fluentd::config`: Generates custom configuration files. -* `fluentd::plugin`: Installs plugins. - -The following parameters are available in the `fluentd::plugin` defined type: - -#### `title` - -Plugin name - -#### `plugin_ensure` - -Default value: present - -#### `plugin_source` - -Default value: 'https://rubygems.org' - -The following parameters are available in the `fluentd::config` defined type: - -#### `title` - -Config filename - -#### `config` - -Config Hash, please see usage examples. - -## Limitations - -Tested on CentOS 6, CentOS 7, Ubuntu 14.04, Debian 7.8 - -## Development - -Bug reports and pull requests are welcome! - -### Running Tests - - $ bundle install - $ bundle exec rake lint - $ bundle exec rake metadata - $ bundle exec rake spec - $ bundle exec rake beaker BEAKER_set=centos-6-x64 - $ bundle exec rake beaker BEAKER_set=centos-7-x64 - $ bundle exec rake beaker BEAKER_set=debian-7-amd64 - $ bundle exec rake beaker BEAKER_set=ubuntu-server-1404-x64 - -Relevant Beaker docs: https://github.com/puppetlabs/beaker/blob/master/docs/How-to-Write-a-Beaker-Test-for-a-Module.md - -### TODO: - -* Remove `rubygems` package dependency - -## License - -Copyright 2015–2016 SPB TV AG - -Licensed under the Apache License, Version 2.0 (the "License"); you may not use -this file except in compliance with the License. - -You may obtain a copy of the License at -http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software distributed -under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR -CONDITIONS OF ANY KIND, either express or implied. - -See the License for the specific language governing permissions and limitations -under the License. diff --git a/fluentd/Rakefile b/fluentd/Rakefile deleted file mode 100644 index e22dbe29a..000000000 --- a/fluentd/Rakefile +++ /dev/null @@ -1,19 +0,0 @@ -require 'puppetlabs_spec_helper/rake_tasks' -require 'puppet-lint/tasks/puppet-lint' - -PuppetLint.configuration.ignore_paths = ['spec/**/*.pp', 'pkg/**/*'] - -desc 'Validate manifests, templates, and ruby files' -task :validate do - Dir['manifests/**/*.pp'].each do |manifest| - sh "puppet parser validate --noop #{manifest}" - end - - Dir['spec/**/*.rb','lib/**/*.rb'].each do |ruby_file| - sh "ruby -c #{ruby_file}" unless ruby_file =~ /spec\/fixtures/ - end - - Dir['templates/**/*.erb'].each do |template| - sh "erb -P -x -T '-' #{template} | ruby -c" - end -end diff --git a/fluentd/examples/init.pp b/fluentd/examples/init.pp deleted file mode 100644 index c21eb9c7d..000000000 --- a/fluentd/examples/init.pp +++ /dev/null @@ -1,19 +0,0 @@ -include fluentd - -fluentd::plugin { 'fluent-plugin-elasticsearch': } - -fluentd::config { '500_elasticsearch.conf': - config => { - 'source' => { - 'type' => 'unix', - 'path' => '/tmp/td-agent/td-agent.sock', - }, - 'match' => { - 'tag_pattern' => '**', - 'type' => 'elasticsearch', - 'index_name' => 'foo', - 'type_name' => 'bar', - 'logstash_format' => true, - } - } -} diff --git a/fluentd/files/td-agent.conf b/fluentd/files/td-agent.conf deleted file mode 100644 index c66251959..000000000 --- a/fluentd/files/td-agent.conf +++ /dev/null @@ -1,2 +0,0 @@ -# td-agent.conf, managed by Puppet. -@include 'config.d/*.conf' diff --git a/fluentd/lib/puppet/parser/functions/fluent_config.rb b/fluentd/lib/puppet/parser/functions/fluent_config.rb deleted file mode 100644 index c75ef8f80..000000000 --- a/fluentd/lib/puppet/parser/functions/fluent_config.rb +++ /dev/null @@ -1,43 +0,0 @@ -# This file must be compatible with Ruby 1.8.7 in order to work on EL6. -module Puppet::Parser::Functions - - # Generate fluentd config from Hash. - newfunction(:fluent_config, :type => :rvalue) do |args| - config = args[0] - - header = "# Managed by Puppet.\n" - - # NOTE: Hash iteration order is arbitrary in ruby 1.8.7 - # https://projects.puppetlabs.com/issues/16266 - config.keys.sort.inject(header) do |result, plugin_type| - plugin_config = config[plugin_type] - result << function_fluent_plugin_config([plugin_type, plugin_config]) - end.chomp - end - - # Generate fluentd plugin config from Hash - newfunction(:fluent_plugin_config, :type => :rvalue) do |args| - plugin_type = args[0] - plugin_config = args[1] - - tag_pattern = plugin_config.delete('tag_pattern') - - config_body = '' - - # NOTE: Hash iteration order is arbitrary in ruby 1.8.7 - # https://projects.puppetlabs.com/issues/16266 - plugin_config.keys.sort.each do |key| - value = plugin_config[key] - - if value.is_a?(Array) - value.each do |plugin_sub_config| - config_body << function_fluent_plugin_config([key, plugin_sub_config]) - end - else - config_body << [key, value].join(' ') << "\n" - end - end - - "<#{plugin_type} #{tag_pattern}>\n#{config_body}\n\n" - end -end diff --git a/fluentd/lib/puppet/provider/package/tdagent.rb b/fluentd/lib/puppet/provider/package/tdagent.rb deleted file mode 100644 index 7f53fbd49..000000000 --- a/fluentd/lib/puppet/provider/package/tdagent.rb +++ /dev/null @@ -1,6 +0,0 @@ -# This file must be compatible with Ruby 1.8.7 in order to work on EL6. -module Puppet::Parser::Functions - Puppet::Type.type(:package).provide :tdagent, :parent => :gem, :source => :gem do - commands :gemcmd => '/opt/td-agent/usr/sbin/td-agent-gem' - end -end diff --git a/fluentd/manifests/config.pp b/fluentd/manifests/config.pp deleted file mode 100644 index ce7d386ff..000000000 --- a/fluentd/manifests/config.pp +++ /dev/null @@ -1,10 +0,0 @@ -define fluentd::config($config) { - $path = sprintf('/etc/td-agent/config.d/%s', $title) - - file { $path: - ensure => present, - content => fluent_config($config), - require => Class['Fluentd::Install'], - notify => Class['Fluentd::Service'], - } -} diff --git a/fluentd/manifests/init.pp b/fluentd/manifests/init.pp deleted file mode 100644 index ca8ee064d..000000000 --- a/fluentd/manifests/init.pp +++ /dev/null @@ -1,46 +0,0 @@ -class fluentd ( - $repo_install = $fluentd::repo_install, - $repo_name = $fluentd::repo_name, - $repo_desc = $fluentd::repo_desc, - $repo_url = $fluentd::repo_url, - $repo_enabled = $fluentd::repo_enabled, - $repo_gpgcheck = $fluentd::repo_gpgcheck, - $repo_gpgkey = $fluentd::repo_gpgkey, - $repo_gpgkeyid = $fluentd::repo_gpgkeyid, - $package_name = $fluentd::package_name, - $package_ensure = $fluentd::package_ensure, - $plugin_names = $fluentd::plugin_names, - $plugin_ensure = $fluentd::plugin_ensure, - $plugin_source = $fluentd::plugin_source, - $service_name = $fluentd::service_name, - $service_ensure = $fluentd::service_ensure, - $service_enable = $fluentd::service_enable, - $service_manage = $fluentd::service_manage, - $config_file = $fluentd::config_file, -) inherits fluentd::params { - - # Param validations - validate_bool($repo_install) - validate_string($repo_name) - validate_string($repo_url) - validate_bool($repo_enabled) - validate_bool($repo_gpgcheck) - validate_string($repo_gpgkey) - validate_string($repo_gpgkeyid) - validate_string($package_name) - validate_string($package_ensure) - validate_array($plugin_names) - validate_string($plugin_ensure) - validate_string($plugin_source) - validate_string($service_name) - validate_string($service_ensure) - validate_bool($service_enable) - validate_bool($service_manage) - validate_absolute_path($config_file) - - contain fluentd::install - contain fluentd::service - - Class['Fluentd::Install'] -> - Class['Fluentd::Service'] -} diff --git a/fluentd/manifests/install.pp b/fluentd/manifests/install.pp deleted file mode 100644 index 13dcd0734..000000000 --- a/fluentd/manifests/install.pp +++ /dev/null @@ -1,21 +0,0 @@ -class fluentd::install inherits fluentd { - if $fluentd::repo_install { - require fluentd::install_repo - } - - package { $fluentd::package_name: - ensure => $fluentd::package_ensure, - } -> - - file { $fluentd::config_path: - ensure => directory, - recurse => true, - force => true, - purge => true, - } -> - - file { $fluentd::config_file: - ensure => present, - source => 'puppet:///modules/fluentd/td-agent.conf', - } -} diff --git a/fluentd/manifests/install_repo.pp b/fluentd/manifests/install_repo.pp deleted file mode 100644 index ed0a0be0c..000000000 --- a/fluentd/manifests/install_repo.pp +++ /dev/null @@ -1,47 +0,0 @@ -class fluentd::install_repo inherits fluentd { - case $::osfamily { - 'redhat': { - yumrepo { $fluentd::repo_name: - descr => $fluentd::repo_desc, - baseurl => $fluentd::repo_url, - enabled => $fluentd::repo_enabled, - gpgcheck => $fluentd::repo_gpgcheck, - gpgkey => $fluentd::repo_gpgkey, - notify => Exec['rpmkey'], - } - - exec { 'rpmkey': - command => "rpm --import ${fluentd::repo_gpgkey}", - path => '/bin:/usr/bin', - refreshonly => true, - } - - # TODO: Remove this dependency. Gem provider requires this package. - package { 'rubygems': - ensure => present, - } - } - - 'debian': { - apt::source { $fluentd::repo_name: - location => $fluentd::repo_url, - comment => $fluentd::repo_desc, - repos => 'contrib', - architecture => 'amd64', - release => $fluentd::distro_codename, - key => { - id => $fluentd::repo_gpgkeyid, - source => $fluentd::repo_gpgkey, - }, - include => { - 'src' => false, - 'deb' => true, - }, - } - } - - default: { - fail("Unsupported osfamily ${::osfamily}") - } - } -} diff --git a/fluentd/manifests/params.pp b/fluentd/manifests/params.pp deleted file mode 100644 index 22bfbcdf7..000000000 --- a/fluentd/manifests/params.pp +++ /dev/null @@ -1,49 +0,0 @@ -class fluentd::params { - $repo_install = true - $repo_name = 'treasuredata' - $repo_desc = 'TreasureData' - - case $::osfamily { - 'redhat': { - $repo_url = 'http://packages.treasuredata.com/2/redhat/$releasever/$basearch' - } - - 'debian': { - $distro_id = downcase($::lsbdistid) - $distro_codename = $::lsbdistcodename - $repo_url = "http://packages.treasuredata.com/2/${distro_id}/${distro_codename}/" - } - - default: { - fail("Unsupported osfamily ${::osfamily}") - } - } - - $repo_enabled = true - $repo_gpgcheck = true - $repo_gpgkey = 'https://packages.treasuredata.com/GPG-KEY-td-agent' - $repo_gpgkeyid = 'C901622B5EC4AF820C38AB861093DB45A12E206F' - - $package_name = 'td-agent' - $package_ensure = present - - $plugin_names = [] - $plugin_ensure = present - $plugin_source = 'https://rubygems.org' - - $service_name = 'td-agent' - $service_ensure = running - $service_enable = true - $service_manage = true - - # NOTE: Workaround for the following issue: - # https://tickets.puppetlabs.com/browse/PUP-5296 - if $::osfamily == 'redhat' { - $service_provider = 'redhat' - } else { - $service_provider = undef - } - - $config_file = '/etc/td-agent/td-agent.conf' - $config_path = '/etc/td-agent/config.d' -} diff --git a/fluentd/manifests/plugin.pp b/fluentd/manifests/plugin.pp deleted file mode 100644 index f591fbd73..000000000 --- a/fluentd/manifests/plugin.pp +++ /dev/null @@ -1,12 +0,0 @@ -define fluentd::plugin( - $plugin_ensure = $fluentd::plugin_ensure, - $plugin_source = $fluentd::plugin_source, -) { - package { $title: - ensure => $plugin_ensure, - source => $plugin_source, - provider => tdagent, - notify => Class['Fluentd::Service'], - require => Class['Fluentd::Install'], - } -} diff --git a/fluentd/manifests/service.pp b/fluentd/manifests/service.pp deleted file mode 100644 index 157eabdaf..000000000 --- a/fluentd/manifests/service.pp +++ /dev/null @@ -1,11 +0,0 @@ -class fluentd::service inherits fluentd { - if $fluentd::service_manage { - service { $fluentd::service_name: - ensure => $fluentd::service_ensure, - enable => $fluentd::service_enable, - provider => $fluentd::service_provider, - hasstatus => true, - hasrestart => true, - } - } -} diff --git a/fluentd/metadata.json b/fluentd/metadata.json deleted file mode 100644 index 585f314dd..000000000 --- a/fluentd/metadata.json +++ /dev/null @@ -1,48 +0,0 @@ -{ - "author": "konstantin", - "dependencies": [ - { - "name": "puppetlabs/stdlib", - "version_requirement": ">= 1.0.0" - }, - { - "name": "puppetlabs/apt", - "version_requirement": ">= 1.0.0" - } - ], - "issues_url": "https://github.com/soylent/konstantin-fluentd/issues", - "license": "Apache-2.0", - "name": "konstantin-fluentd", - "operatingsystem_support": [ - { - "operatingsystem": "CentOS", - "operatingsystemrelease": [ - "6", - "7" - ] - }, - { - "operatingsystem": "Ubuntu", - "operatingsystemrelease": [ - "14.04" - ] - }, - { - "operatingsystem": "Debian", - "operatingsystemrelease": [ - "7" - ] - } - ], - "project_page": "https://github.com/soylent/konstantin-fluentd", - "source": "https://github.com/soylent/konstantin-fluentd", - "summary": "Installs, configures, and manages Fluentd data collector", - "tags": [ - "fluentd", - "fluent", - "td-agent", - "treasuredata", - "logging" - ], - "version": "0.4.0" -} diff --git a/fluentd/spec/acceptance/class_spec.rb b/fluentd/spec/acceptance/class_spec.rb deleted file mode 100644 index d9d5694ce..000000000 --- a/fluentd/spec/acceptance/class_spec.rb +++ /dev/null @@ -1,20 +0,0 @@ -require 'spec_helper_acceptance' - -RSpec.describe 'fluentd' do - it 'runs successfully' do - manifest = File.read(File.expand_path('../../examples/init.pp', __dir__)) - - # Run it twice and test for idempotency - apply_manifest(manifest, catch_failures: true) - expect(apply_manifest(manifest, catch_failures: true).exit_code).to be_zero - end - - describe package('td-agent') do - it { is_expected.to be_installed } - end - - describe service('td-agent') do - it { is_expected.to be_enabled.with_level(3) } - it { is_expected.to be_running } - end -end diff --git a/fluentd/spec/acceptance/nodesets/centos-6-x64.yml b/fluentd/spec/acceptance/nodesets/centos-6-x64.yml deleted file mode 100644 index 11a8583fd..000000000 --- a/fluentd/spec/acceptance/nodesets/centos-6-x64.yml +++ /dev/null @@ -1,12 +0,0 @@ -HOSTS: - centos-6-x64: - platform: el-6-x86_64 - image: centos:6 - hypervisor: docker - docker_preserve_image: true - docker_cmd: '["/sbin/init"]' - docker_image_commands: - - 'yum install -y tar' -CONFIG: - log_level: verbose - type: foss diff --git a/fluentd/spec/acceptance/nodesets/centos-7-x64.yml b/fluentd/spec/acceptance/nodesets/centos-7-x64.yml deleted file mode 100644 index 4ebe189c1..000000000 --- a/fluentd/spec/acceptance/nodesets/centos-7-x64.yml +++ /dev/null @@ -1,12 +0,0 @@ -HOSTS: - centos-7-x64: - platform: el-7-x86_64 - image: centos:7 - hypervisor: docker - docker_preserve_image: true - docker_cmd: '["/sbin/init"]' - docker_image_commands: - - 'yum install -y initscripts' -CONFIG: - log_level: verbose - type: foss diff --git a/fluentd/spec/acceptance/nodesets/debian-7-amd64.yml b/fluentd/spec/acceptance/nodesets/debian-7-amd64.yml deleted file mode 100644 index 411fd4fa3..000000000 --- a/fluentd/spec/acceptance/nodesets/debian-7-amd64.yml +++ /dev/null @@ -1,11 +0,0 @@ -HOSTS: - debian-7-amd64: - platform: debian-7-amd64 - image: debian:7 - hypervisor: docker - docker_preserve_image: true - docker_image_commands: - - 'apt-get install -y wget' -CONFIG: - log_level: verbose - type: foss diff --git a/fluentd/spec/acceptance/nodesets/ubuntu-server-1404-x64.yml b/fluentd/spec/acceptance/nodesets/ubuntu-server-1404-x64.yml deleted file mode 100644 index 1e12fb865..000000000 --- a/fluentd/spec/acceptance/nodesets/ubuntu-server-1404-x64.yml +++ /dev/null @@ -1,9 +0,0 @@ -HOSTS: - ubuntu-server-1404-x64: - platform: ubuntu-14.04-amd64 - image: ubuntu:14.04 - hypervisor: docker - docker_preserve_image: true -CONFIG: - log_level: verbose - type: foss diff --git a/fluentd/spec/classes/init_spec.rb b/fluentd/spec/classes/init_spec.rb deleted file mode 100644 index 22a2cc64b..000000000 --- a/fluentd/spec/classes/init_spec.rb +++ /dev/null @@ -1,24 +0,0 @@ -require 'spec_helper' - -RSpec.describe 'fluentd' do - shared_examples 'works' do - it { is_expected.to compile.with_all_deps } - it { is_expected.to contain_class('fluentd') } - it { is_expected.to contain_class('fluentd::install') } - it { is_expected.to contain_class('fluentd::service') } - end - - context 'when osfamily is debian' do - let(:facts) do - { osfamily: 'Debian', lsbdistid: 'Ubuntu', lsbdistcodename: 'trusty' } - end - - include_examples 'works' - end - - context 'with defaults for all parameters' do - let(:facts) { { osfamily: 'RedHat' } } - - include_examples 'works' - end -end diff --git a/fluentd/spec/classes/install_spec.rb b/fluentd/spec/classes/install_spec.rb deleted file mode 100644 index a5e91563d..000000000 --- a/fluentd/spec/classes/install_spec.rb +++ /dev/null @@ -1,33 +0,0 @@ -require 'spec_helper' - -RSpec.describe 'fluentd::install' do - shared_examples 'package and configs' do - it { is_expected.to contain_package('td-agent') } - it { is_expected.to contain_file('/etc/td-agent/td-agent.conf') } - it { is_expected.to contain_file('/etc/td-agent/config.d') } - end - - context 'on RedHat based system' do - let(:facts) { { osfamily: 'RedHat' } } - - it { is_expected.to contain_yumrepo('treasuredata') } - - include_examples 'package and configs' - end - - context 'on Debian based system' do - let(:facts) do - { osfamily: 'Debian', lsbdistid: 'Ubuntu', lsbdistcodename: 'trusty' } - end - - it { is_expected.to contain_apt__source('treasuredata') } - - include_examples 'package and configs' - end - - context 'on unsupported system' do - let(:facts) { { osfamily: 'Darwin' } } - - it { is_expected.not_to compile } - end -end diff --git a/fluentd/spec/classes/service_spec.rb b/fluentd/spec/classes/service_spec.rb deleted file mode 100644 index e293c8dd7..000000000 --- a/fluentd/spec/classes/service_spec.rb +++ /dev/null @@ -1,17 +0,0 @@ -require 'spec_helper' - -RSpec.describe 'fluentd::service' do - context 'on RedHat based system' do - let(:facts) { { osfamily: 'RedHat' } } - - it { is_expected.to contain_service('td-agent').with(provider: 'redhat') } - end - - context 'on Debian based system' do - let(:facts) do - { osfamily: 'Debian', lsbdistid: 'Ubuntu', lsbdistcodename: 'trusty' } - end - - it { is_expected.to contain_service('td-agent').without(:provider) } - end -end diff --git a/fluentd/spec/defines/config_spec.rb b/fluentd/spec/defines/config_spec.rb deleted file mode 100644 index 2d2f86cb6..000000000 --- a/fluentd/spec/defines/config_spec.rb +++ /dev/null @@ -1,66 +0,0 @@ -require 'spec_helper' - -RSpec.describe 'fluentd::config' do - let(:pre_condition) { 'include fluentd' } - - context 'on RedHat based system' do - let(:facts) { { osfamily: 'RedHat' } } - - let(:title) { 'stdout.conf' } - - context 'when config does not contain nested hashes' do - let(:params) do - { - config: { - 'source' => { - 'type' => 'forward' - }, - 'match' => { - 'tag_pattern' => '**', - 'type' => 'stdout' - } - } - } - end - - it do - is_expected.to contain_file('/etc/td-agent/config.d/stdout.conf'). - with_content(//). - with_content(/type forward/). - with_content(/<\/source>/). - with_content(//). - with_content(/type stdout/). - with_content(/<\/match>/) - end - end - - context 'when config contains nested hashes' do - let(:params) do - { - config: { - 'match' => { - 'tag_pattern' => '**', - 'type' => 'forward', - 'server' => [ - { 'host' => 'example1.com', 'port' => 24224 }, - { 'host' => 'example2.com', 'port' => 24224 } - ] - } - } - } - end - - it do - is_expected.to contain_file('/etc/td-agent/config.d/stdout.conf'). - with_content(//). - with_content(/type forward/). - with_content(//). - with_content(/host example1.com/). - with_content(/port 24224/). - with_content(/<\/server>/). - with_content(/host example2.com/). - with_content(/<\/match>/) - end - end - end -end diff --git a/fluentd/spec/defines/plugin_spec.rb b/fluentd/spec/defines/plugin_spec.rb deleted file mode 100644 index 8483d6e81..000000000 --- a/fluentd/spec/defines/plugin_spec.rb +++ /dev/null @@ -1,20 +0,0 @@ -require 'spec_helper' - -RSpec.describe 'fluentd::plugin' do - let(:pre_condition) { 'include fluentd' } - let(:title) { 'fluent-plugin-test' } - - context 'on RedHat based system' do - let(:facts) { { osfamily: 'RedHat' } } - - it { is_expected.to contain_package(title).with(provider: 'tdagent') } - end - - context 'on Debian based system' do - let(:facts) do - { osfamily: 'Debian', lsbdistid: 'Ubuntu', lsbdistcodename: 'trusty' } - end - - it { is_expected.to contain_package(title).with(provider: 'tdagent') } - end -end diff --git a/fluentd/spec/spec_helper.rb b/fluentd/spec/spec_helper.rb deleted file mode 100644 index 2c6f56649..000000000 --- a/fluentd/spec/spec_helper.rb +++ /dev/null @@ -1 +0,0 @@ -require 'puppetlabs_spec_helper/module_spec_helper' diff --git a/fluentd/spec/spec_helper_acceptance.rb b/fluentd/spec/spec_helper_acceptance.rb deleted file mode 100644 index a56808ad2..000000000 --- a/fluentd/spec/spec_helper_acceptance.rb +++ /dev/null @@ -1,19 +0,0 @@ -require 'beaker-rspec' -require 'beaker/puppet_install_helper' - -run_puppet_install_helper unless ENV['BEAKER_provision'] == 'no' - -RSpec.configure do |c| - module_root = File.expand_path(File.join(File.dirname(__FILE__), '..')) - - c.formatter = :documentation - - c.before :suite do - puppet_module_install(source: module_root, module_name: 'fluentd') - - hosts.each do |host| - on host, puppet('module', 'install', 'puppetlabs-stdlib') - on host, puppet('module', 'install', 'puppetlabs-apt') - end - end -end diff --git a/git/.fixtures.yml b/git/.fixtures.yml deleted file mode 100644 index 2aa9e3d77..000000000 --- a/git/.fixtures.yml +++ /dev/null @@ -1,5 +0,0 @@ -fixtures: - repositories: - vcsrepo: git://github.com/puppetlabs/puppetlabs-vcsrepo.git - symlinks: - git: "#{source_dir}" diff --git a/git/.gitignore b/git/.gitignore deleted file mode 100644 index 34894fa6b..000000000 --- a/git/.gitignore +++ /dev/null @@ -1,7 +0,0 @@ -pkg/ -Gemfile.lock -vendor/ -spec/fixtures/ -.vagrant/ -.bundle/ -coverage/ \ No newline at end of file diff --git a/git/.travis.yml b/git/.travis.yml deleted file mode 100644 index c0d90693f..000000000 --- a/git/.travis.yml +++ /dev/null @@ -1,21 +0,0 @@ ---- -language: ruby -bundler_args: --without development system_tests -script: "bundle exec rake validate && bundle exec rake lint && bundle exec rake spec SPEC_OPTS='--format documentation'" -matrix: - fast_finish: true - include: - - rvm: 1.8.7 - env: PUPPET_GEM_VERSION="~> 3.0" FACTER_GEM_VERSION="~> 1.0" - - rvm: 1.8.7 - env: PUPPET_GEM_VERSION="~> 3.0" FACTER_GEM_VERSION="~> 2.0" - - rvm: 1.9.3 - env: PUPPET_GEM_VERSION="~> 3.0" FACTER_GEM_VERSION="~> 1.0" - - rvm: 1.9.3 - env: PUPPET_GEM_VERSION="~> 3.0" FACTER_GEM_VERSION="~> 2.0" - - rvm: 2.0.0 - env: PUPPET_GEM_VERSION="~> 3.0" FACTER_GEM_VERSION="~> 1.0" - - rvm: 2.0.0 - env: PUPPET_GEM_VERSION="~> 3.0" FACTER_GEM_VERSION="~> 2.0" -notifications: - email: false diff --git a/git/CHANGELOG.md b/git/CHANGELOG.md deleted file mode 100644 index 004c37d00..000000000 --- a/git/CHANGELOG.md +++ /dev/null @@ -1,56 +0,0 @@ -##2015-05-26 - Release 0.4.0 -###Summary -This release adds greater flexibility to `git` and `git_config` and includes a couple of bug fixes, including fixing `git_config` with multiple users. - -####Deprecations -- The `section` parameter in `git_config` and `git::config` has been deprecated. The full option name should be passed to the `key` parameter instead (i.e., "user.email") - -####Features -- Refactored existing facts and added spec tests (MODULES-1571) -- Test and doc updates -- New parameters in class `git`: - - `package_manage` - - `package_ensure` - - `configs` - -####Bugfixes -- Only run if git is actually installed (MODULES-1238) -- Fix `git_config` to work with multiple users (MODULES-1863) - -##2014-11-18 - Release 0.3.0 -###Summary -This release primarily includes improvements to `git::config` and the addition of the `git_config` type&provider, along with much improved testing - -####Features -- Add `user` and `scope` parameter to `git::config` -- Add `git_config` type -- Refactor `git::config` to use `git_config` -- Test improvements - -####Bugfixes -- Redirect stderr to the correct place on windows - -##2014-07-15 - Release 0.2.0 -###Summary -This release updates metadata.json so the module can be uninstalled and -upgraded via the puppet module command. It also lets you set the -`package_name`. - -####Features -- Ability to set `package_name` - -##2014-06-25 - Release 0.1.0 -###Summary -This release adds git::subtree and git::config, as well as fixes up the -documentation and unit tests. - -####Features -- README improvements. -- Add git::subtree class to install git-subtree. -- Add git::config resource - -####Bugfixes -- Fix git_version fact. - -##2011-06-03 - Release 0.0.1 -- Initial commit diff --git a/git/Gemfile b/git/Gemfile deleted file mode 100644 index b9665d6b1..000000000 --- a/git/Gemfile +++ /dev/null @@ -1,53 +0,0 @@ -source ENV['GEM_SOURCE'] || "https://rubygems.org" - -def location_for(place, fake_version = nil) - if place =~ /^(git:[^#]*)#(.*)/ - [fake_version, { :git => $1, :branch => $2, :require => false }].compact - elsif place =~ /^file:\/\/(.*)/ - ['>= 0', { :path => File.expand_path($1), :require => false }] - else - [place, { :require => false }] - end -end - -is_ruby18 = RUBY_VERSION.start_with? '1.8' - -group :development, :test do - gem 'rake', :require => false - if is_ruby18 - gem 'rspec', "~> 3.1.0", :require => false - end - gem 'rspec-puppet', :require => false - gem 'puppetlabs_spec_helper', :require => false - gem 'puppet-lint', :require => false - gem 'pry', :require => false - gem 'simplecov', :require => false - gem 'metadata-json-lint', :require => false -end - -beaker_version = ENV['BEAKER_VERSION'] -group :system_tests do - gem 'serverspec', :require => false - if beaker_version - gem 'beaker', *location_for(beaker_version) - else - gem 'beaker', :require => false - end - gem 'beaker-rspec', :require => false -end - -facter_version = ENV['FACTER_GEM_VERSION'] -if facter_version - gem 'facter', *location_for(facter_version) -else - gem 'facter', :require => false -end - -puppet_version = ENV['PUPPET_GEM_VERSION'] -if puppet_version - gem 'puppet', *location_for(puppet_version) -else - gem 'puppet', :require => false -end - -# vim:ft=ruby diff --git a/git/LICENSE b/git/LICENSE deleted file mode 100644 index 297f85cfa..000000000 --- a/git/LICENSE +++ /dev/null @@ -1,201 +0,0 @@ - Apache License - Version 2.0, January 2004 - http://www.apache.org/licenses/ - - TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION - - 1. Definitions. - - "License" shall mean the terms and conditions for use, reproduction, - and distribution as defined by Sections 1 through 9 of this document. - - "Licensor" shall mean the copyright owner or entity authorized by - the copyright owner that is granting the License. - - "Legal Entity" shall mean the union of the acting entity and all - other entities that control, are controlled by, or are under common - control with that entity. For the purposes of this definition, - "control" means (i) the power, direct or indirect, to cause the - direction or management of such entity, whether by contract or - otherwise, or (ii) ownership of fifty percent (50%) or more of the - outstanding shares, or (iii) beneficial ownership of such entity. - - "You" (or "Your") shall mean an individual or Legal Entity - exercising permissions granted by this License. - - "Source" form shall mean the preferred form for making modifications, - including but not limited to software source code, documentation - source, and configuration files. - - "Object" form shall mean any form resulting from mechanical - transformation or translation of a Source form, including but - not limited to compiled object code, generated documentation, - and conversions to other media types. - - "Work" shall mean the work of authorship, whether in Source or - Object form, made available under the License, as indicated by a - copyright notice that is included in or attached to the work - (an example is provided in the Appendix below). - - "Derivative Works" shall mean any work, whether in Source or Object - form, that is based on (or derived from) the Work and for which the - editorial revisions, annotations, elaborations, or other modifications - represent, as a whole, an original work of authorship. For the purposes - of this License, Derivative Works shall not include works that remain - separable from, or merely link (or bind by name) to the interfaces of, - the Work and Derivative Works thereof. - - "Contribution" shall mean any work of authorship, including - the original version of the Work and any modifications or additions - to that Work or Derivative Works thereof, that is intentionally - submitted to Licensor for inclusion in the Work by the copyright owner - or by an individual or Legal Entity authorized to submit on behalf of - the copyright owner. For the purposes of this definition, "submitted" - means any form of electronic, verbal, or written communication sent - to the Licensor or its representatives, including but not limited to - communication on electronic mailing lists, source code control systems, - and issue tracking systems that are managed by, or on behalf of, the - Licensor for the purpose of discussing and improving the Work, but - excluding communication that is conspicuously marked or otherwise - designated in writing by the copyright owner as "Not a Contribution." - - "Contributor" shall mean Licensor and any individual or Legal Entity - on behalf of whom a Contribution has been received by Licensor and - subsequently incorporated within the Work. - - 2. Grant of Copyright License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - copyright license to reproduce, prepare Derivative Works of, - publicly display, publicly perform, sublicense, and distribute the - Work and such Derivative Works in Source or Object form. - - 3. Grant of Patent License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - (except as stated in this section) patent license to make, have made, - use, offer to sell, sell, import, and otherwise transfer the Work, - where such license applies only to those patent claims licensable - by such Contributor that are necessarily infringed by their - Contribution(s) alone or by combination of their Contribution(s) - with the Work to which such Contribution(s) was submitted. If You - institute patent litigation against any entity (including a - cross-claim or counterclaim in a lawsuit) alleging that the Work - or a Contribution incorporated within the Work constitutes direct - or contributory patent infringement, then any patent licenses - granted to You under this License for that Work shall terminate - as of the date such litigation is filed. - - 4. Redistribution. You may reproduce and distribute copies of the - Work or Derivative Works thereof in any medium, with or without - modifications, and in Source or Object form, provided that You - meet the following conditions: - - (a) You must give any other recipients of the Work or - Derivative Works a copy of this License; and - - (b) You must cause any modified files to carry prominent notices - stating that You changed the files; and - - (c) You must retain, in the Source form of any Derivative Works - that You distribute, all copyright, patent, trademark, and - attribution notices from the Source form of the Work, - excluding those notices that do not pertain to any part of - the Derivative Works; and - - (d) If the Work includes a "NOTICE" text file as part of its - distribution, then any Derivative Works that You distribute must - include a readable copy of the attribution notices contained - within such NOTICE file, excluding those notices that do not - pertain to any part of the Derivative Works, in at least one - of the following places: within a NOTICE text file distributed - as part of the Derivative Works; within the Source form or - documentation, if provided along with the Derivative Works; or, - within a display generated by the Derivative Works, if and - wherever such third-party notices normally appear. The contents - of the NOTICE file are for informational purposes only and - do not modify the License. You may add Your own attribution - notices within Derivative Works that You distribute, alongside - or as an addendum to the NOTICE text from the Work, provided - that such additional attribution notices cannot be construed - as modifying the License. - - You may add Your own copyright statement to Your modifications and - may provide additional or different license terms and conditions - for use, reproduction, or distribution of Your modifications, or - for any such Derivative Works as a whole, provided Your use, - reproduction, and distribution of the Work otherwise complies with - the conditions stated in this License. - - 5. Submission of Contributions. Unless You explicitly state otherwise, - any Contribution intentionally submitted for inclusion in the Work - by You to the Licensor shall be under the terms and conditions of - this License, without any additional terms or conditions. - Notwithstanding the above, nothing herein shall supersede or modify - the terms of any separate license agreement you may have executed - with Licensor regarding such Contributions. - - 6. Trademarks. This License does not grant permission to use the trade - names, trademarks, service marks, or product names of the Licensor, - except as required for reasonable and customary use in describing the - origin of the Work and reproducing the content of the NOTICE file. - - 7. Disclaimer of Warranty. Unless required by applicable law or - agreed to in writing, Licensor provides the Work (and each - Contributor provides its Contributions) on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or - implied, including, without limitation, any warranties or conditions - of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A - PARTICULAR PURPOSE. You are solely responsible for determining the - appropriateness of using or redistributing the Work and assume any - risks associated with Your exercise of permissions under this License. - - 8. Limitation of Liability. In no event and under no legal theory, - whether in tort (including negligence), contract, or otherwise, - unless required by applicable law (such as deliberate and grossly - negligent acts) or agreed to in writing, shall any Contributor be - liable to You for damages, including any direct, indirect, special, - incidental, or consequential damages of any character arising as a - result of this License or out of the use or inability to use the - Work (including but not limited to damages for loss of goodwill, - work stoppage, computer failure or malfunction, or any and all - other commercial damages or losses), even if such Contributor - has been advised of the possibility of such damages. - - 9. Accepting Warranty or Additional Liability. While redistributing - the Work or Derivative Works thereof, You may choose to offer, - and charge a fee for, acceptance of support, warranty, indemnity, - or other liability obligations and/or rights consistent with this - License. However, in accepting such obligations, You may act only - on Your own behalf and on Your sole responsibility, not on behalf - of any other Contributor, and only if You agree to indemnify, - defend, and hold each Contributor harmless for any liability - incurred by, or claims asserted against, such Contributor by reason - of your accepting any such warranty or additional liability. - - END OF TERMS AND CONDITIONS - - APPENDIX: How to apply the Apache License to your work. - - To apply the Apache License to your work, attach the following - boilerplate notice, with the fields enclosed by brackets "[]" - replaced with your own identifying information. (Don't include - the brackets!) The text should be enclosed in the appropriate - comment syntax for the file format. We also recommend that a - file or class name and description of purpose be included on the - same "printed page" as the copyright notice for easier - identification within third-party archives. - - Copyright 2013 Puppet Labs - - Licensed under the Apache License, Version 2.0 (the "License"); - you may not use this file except in compliance with the License. - You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - - Unless required by applicable law or agreed to in writing, software - distributed under the License is distributed on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - See the License for the specific language governing permissions and - limitations under the License. diff --git a/git/README.md b/git/README.md deleted file mode 100644 index 32f5c1dcf..000000000 --- a/git/README.md +++ /dev/null @@ -1,107 +0,0 @@ -#git - -####Table of Contents - -1. [Overview - What is the git module?](#overview) -2. [Module Description - What does the module do?](#module-description) -3. [Setup - The basics of getting started with git](#setup) - * [What git affects](#what-registry-affects) -4. [Usage - Configuration options and additional functionality](#usage) -6. [Limitations - OS compatibility, etc.](#limitations) -7. [Development - Guide for contributing to the module](#development) - -##Overview - -Simple module that can install git or gitosis - -##Module Description - -This module installs the git revision control system on a target node. It does not manage a git server or any associated services; it simply ensures a bare minimum set of features (e.g. just a package) to use git. - -##Setup - -###What git affects - -* Package['git'] - -The specifics managed by the module may vary depending on the platform. - -##Usage - -###I just want `git` installed -Simply include the `git` class. - -```puppet -include git -``` - -###I want to configure `git` using hiera - -```yaml -git::configs: - user.name: 'test' - user.email: 'test@example.com' - core.filemode: - value: false - scope: system -``` - -If using the flat config syntax, options common to all items can be set: - -```yaml -git::configs: - core.filemode: false -git::configs_defaults: - scope: system -``` - -###I want to use `git subtree` with bash completion - -```puppet -include git::subtree -``` - -###I want to set my user.name and user.email - -```puppet -git::config { 'user.name': - value => 'John Doe', -} - -git::config { 'user.email': - value => 'john.doe@example.com', -} -``` - -##Reference - -###Classes - -* `git`: Installs the git client package. -* `gitosis`: Installs the gitosis package. No configuration -* `subtree`: Installs and configures git-subtree for git 1.7 and up. - -###Resources - -* `git::config`: Set git global configuration for the user running puppet, for the specified `$user` or for the system. - -###Facts - -* `git_exec_path`: Path to the directory containing all `git-*` commands. -* `git_version`: Version of git that is installed. Undefined if not installed. - -##Limitations - -This module is known to work with the following operating system families: - - - RedHat 5, 6 - - Debian 6.0.7 or newer - - Ubuntu 12.04 or newer - -##Development - -Puppet Labs modules on the Puppet Forge are open projects, and community contributions are essential for keeping them great. We can’t access the huge number of platforms and myriad of hardware, software, and deployment configurations that Puppet is intended to serve. - -We want to keep it as easy as possible to contribute changes so that our modules work in your environment. There are a few guidelines that we need contributors to follow so that we can have a chance of keeping on top of things. - -You can read the complete module contribution guide [on the Puppet Labs wiki.](http://projects.puppetlabs.com/projects/module-site/wiki/Module_contributing) diff --git a/git/Rakefile b/git/Rakefile deleted file mode 100644 index cd3d37995..000000000 --- a/git/Rakefile +++ /dev/null @@ -1 +0,0 @@ -require 'puppetlabs_spec_helper/rake_tasks' diff --git a/git/files/subtree/bash_completion.sh b/git/files/subtree/bash_completion.sh deleted file mode 100644 index f2683e449..000000000 --- a/git/files/subtree/bash_completion.sh +++ /dev/null @@ -1,25 +0,0 @@ -#!bash -# -# bash completion support for Git subtree. -# -# To use this routine: -# -# 1) Make sure you have installed and configured the core Git completion script, which is required to make this script work; -# 2) Copy this file to somewhere (e.g. ~/.git-subtree-completion.sh); -# 3) Added the following line to your .bashrc: -# source ~/.git-subtree-completion.sh -# - -_git_subtree () -{ - local cur="${COMP_WORDS[COMP_CWORD]}" - - if [ $COMP_CWORD -eq 2 ]; then - __gitcomp "add merge pull push split" - return - elif [ $COMP_CWORD -eq 3 ]; then - __gitcomp "--prefix=" - return - fi - __gitcomp "$(__git_remotes)" -} diff --git a/git/lib/facter/git_exec_path.rb b/git/lib/facter/git_exec_path.rb deleted file mode 100644 index 3a4ad8f04..000000000 --- a/git/lib/facter/git_exec_path.rb +++ /dev/null @@ -1,25 +0,0 @@ -# Fact: git_exec_path -# -# Purpose: get git's exec path -# -# Resolution: -# Uses git's --exec-path flag -# -# Caveats: -# none -# -# Notes: -# None -Facter.add('git_exec_path') do - case Facter.value(:osfamily) - when 'windows' - null_path = 'nul' - else - null_path = '/dev/null' - end - git_exec_path_cmd = "git --exec-path 2>#{null_path}" - setcode do - Facter::Util::Resolution.exec(git_exec_path_cmd) - end -end - diff --git a/git/lib/facter/git_html_path.rb b/git/lib/facter/git_html_path.rb deleted file mode 100644 index 471fed730..000000000 --- a/git/lib/facter/git_html_path.rb +++ /dev/null @@ -1,24 +0,0 @@ -# Fact: git_html_path -# -# Purpose: get git's html path -# -# Resolution: -# Uses git's --html-path flag -# -# Caveats: -# none -# -# Notes: -# None -Facter.add('git_html_path') do - case Facter.value(:osfamily) - when 'windows' - null_path = 'nul' - else - null_path = '/dev/null' - end - git_html_path_cmd = "git --html-path 2>#{null_path}" - setcode do - Facter::Util::Resolution.exec(git_html_path_cmd) - end -end diff --git a/git/lib/facter/git_version.rb b/git/lib/facter/git_version.rb deleted file mode 100644 index c0ece6ae9..000000000 --- a/git/lib/facter/git_version.rb +++ /dev/null @@ -1,21 +0,0 @@ -# Fact: git_version -# -# Purpose: get git's current version -# -# Resolution: -# Uses git's --version flag and parses the result from 'version' -# -# Caveats: -# none -# -# Notes: -# None -Facter.add('git_version') do - setcode do - if Facter::Util::Resolution.which('git') - git_version_cmd = 'git --version 2>&1' - git_version_result = Facter::Util::Resolution.exec(git_version_cmd) - git_version_result.to_s.lines.first.strip.split(/version/)[1].strip - end - end -end diff --git a/git/lib/puppet/parser/functions/git_config_hash.rb b/git/lib/puppet/parser/functions/git_config_hash.rb deleted file mode 100644 index edb6fddac..000000000 --- a/git/lib/puppet/parser/functions/git_config_hash.rb +++ /dev/null @@ -1,25 +0,0 @@ -# -# config_hash.rb -# - -module Puppet::Parser::Functions - newfunction(:git_config_hash, :type => :rvalue, :doc => <<-EOS -This function ensures the proper structure for git configuration options. -*Examples:* - git_config_hash({"foo" => 1, "bar" => {"value" => 2}}) -Would return: {"foo" => {"value" => 1}, "bar" => {"value" => 2}} - EOS - ) do |arguments| - - raise(Puppet::ParseError, "git_config_hash(): Wrong number of arguments " + - "given (#{arguments.size} for 1)") if arguments.size < 1 - - configs = arguments[0] - - unless configs.is_a?(Hash) - raise(Puppet::ParseError, 'git_config_hash(): Requires hash to work with') - end - - return Hash[configs.map {|k, v| [k, v.is_a?(Hash) ? v : {"value" => v}] }] - end -end diff --git a/git/lib/puppet/provider/git_config/git_config.rb b/git/lib/puppet/provider/git_config/git_config.rb deleted file mode 100644 index c0e9d6331..000000000 --- a/git/lib/puppet/provider/git_config/git_config.rb +++ /dev/null @@ -1,53 +0,0 @@ -require "shellwords" - -Puppet::Type.type(:git_config).provide(:git_config) do - - mk_resource_methods - - def value - require 'etc' - user = @property_hash[:user] = @resource[:user] - key = @property_hash[:key] = @resource[:key] - section = @property_hash[:section] = @resource[:section] - scope = @property_hash[:scope] = @resource[:scope] - home = Etc.getpwnam(user)[:dir] - - # Backwards compatibility with deprecated $section parameter. - if section && !section.empty? - key = "#{section}.#{key}" - end - - current = Puppet::Util::Execution.execute( - "cd / ; git config --#{scope} --get #{key}", - :uid => user, - :failonfail => false, - :combine => true, - :custom_environment => { 'HOME' => home } - ) - @property_hash[:value] = current.strip - @property_hash[:value] - end - - def value=(value) - require 'etc' - user = @resource[:user] - key = @resource[:key] - section = @resource[:section] - scope = @resource[:scope] - home = Etc.getpwnam(user)[:dir] - - # Backwards compatibility with deprecated $section parameter. - if section && !section.empty? - key = "#{section}.#{key}" - end - - Puppet::Util::Execution.execute( - "cd / ; git config --#{scope} #{key} #{value.shellescape}", - :uid => user, - :failonfail => true, - :combine => true, - :custom_environment => { 'HOME' => home } - ) - end - -end diff --git a/git/lib/puppet/type/git_config.rb b/git/lib/puppet/type/git_config.rb deleted file mode 100644 index 55c330e52..000000000 --- a/git/lib/puppet/type/git_config.rb +++ /dev/null @@ -1,67 +0,0 @@ -Puppet::Type.newtype(:git_config) do - - desc <<-DOC - Used to configure git - === Examples - - - git_config { 'user.name': - value => 'John Doe', - } - - git_config { 'user.email': - value => 'john.doe@example.com', - } - - git_config { 'user.name': - value => 'Mike Color', - user => 'vagrant', - require => Class['git'], - } - - git_config { 'http.sslCAInfo': - value => $companyCAroot, - user => 'root', - scope => 'system', - require => Company::Certificate['companyCAroot'], - } - DOC - - validate do - fail('it is required to pass "value"') if self[:value].nil? || self[:value].empty? || self[:value] == :absent - warning('Parameter `section` is deprecated, supply the full option name (e.g. "user.email") in the `key` parameter') if - self[:section] && !self[:section].empty? - end - - newparam(:name, :namevar => true) do - desc "The name of the config" - end - - newproperty(:value) do - desc "The config value. Example Mike Color or john.doe@example.com" - end - - newparam(:user) do - desc "The user for which the config will be set. Default value: root" - defaultto "root" - end - - newparam(:key) do - desc "The configuration key. Example: user.email." - end - - autorequire(:user) do - self[:user] - end - - newparam(:section) do - desc "Deprecated: the configuration section. For example, to set user.email, use section => \"user\", key => \"email\"." - defaultto "" - end - - newparam(:scope) do - desc "The scope of the configuration, can be system or global. Default value: global" - defaultto "global" - end - -end diff --git a/git/manifests/config.pp b/git/manifests/config.pp deleted file mode 100644 index a582f489f..000000000 --- a/git/manifests/config.pp +++ /dev/null @@ -1,73 +0,0 @@ -# == Define: git::config -# -# Used to configure git -# -# === Parameters -# -# [*value*] -# The config value. Example: Mike Color or john.doe@example.com. -# See examples below. -# -# [*key*] -# The name of the option to be set. Example: user.email. -# Default value: same as resource name. -# -# [*user*] -# The user for which the config will be set. Default value: root -# -# [*scope*] -# The scope of the configuration, can be system or global. -# Default value: global -# -# === Examples -# -# Provide some examples on how to use this type: -# -# git::config { 'user.name': -# value => 'John Doe', -# } -# -# git::config { 'user.email': -# value => 'john.doe@example.com', -# } -# -# git::config { 'user.name': -# value => 'Mike Color', -# user => 'vagrant', -# require => Class['git'], -# } -# -# git::config { 'http.sslCAInfo': -# value => $companyCAroot, -# user => 'root', -# scope => 'system', -# require => Company::Certificate['companyCAroot'], -# } -# -# === Authors -# -# === Copyright -# -define git::config ( - $value, - $key = $name, - $section = undef, - $user = 'root', - $scope = 'global', -) { - # Backwards compatibility with deprecated $section parameter. - # (Old versions took separate $section and $key, e.g. "user" and "email".) - if $section != undef { - warning('Parameter `section` is deprecated, supply the full option name (e.g. "user.email") in the `key` parameter') - $_key = "${section}.${key}" - } else { - $_key = $key - } - - git_config { $title: - key => $_key, - value => $value, - user => $user, - scope => $scope, - } -} diff --git a/git/manifests/gitosis.pp b/git/manifests/gitosis.pp deleted file mode 100644 index 64b7b2df3..000000000 --- a/git/manifests/gitosis.pp +++ /dev/null @@ -1,13 +0,0 @@ -# Class: gitosis -# -# This installs and configures gitosis -# -# Requires: -# - Class[git] -# -class git::gitosis { - include ::git - package {'gitosis': - ensure => present - } -} diff --git a/git/manifests/init.pp b/git/manifests/init.pp deleted file mode 100644 index 77a79610c..000000000 --- a/git/manifests/init.pp +++ /dev/null @@ -1,43 +0,0 @@ -# Class: git -# -# This class installs and configures git -# -# Actions: -# - Install the git package -# - Configure git -# -# Sample Usage: -# class { 'git': } -# -# === Parameters -# -# [*package_ensure*] -# Value to be passed to ensure in the package resource. Defaults to installed. -# -# [*package_manage*] -# boolean toggle to overide the management of the git package. -# You may want to change this behavior if another module manages git packages -# defaults to true -# -# [*configs*] -# hash of configurations as per the git::config defined type -# -# [*configs_defaults*] -# hash of configuration defaults as per the git::config defined type -# to use for every *configs* item -# -class git ( - $package_name = 'git', - $package_ensure = 'installed', - $package_manage = true, - $configs = {}, - $configs_defaults = {} -) { - if ( $package_manage ) { - package { $package_name: - ensure => $package_ensure, - } - } - - create_resources(git::config, git_config_hash($configs), $configs_defaults) -} diff --git a/git/manifests/subtree.pp b/git/manifests/subtree.pp deleted file mode 100644 index 199b6dfe0..000000000 --- a/git/manifests/subtree.pp +++ /dev/null @@ -1,57 +0,0 @@ -# == Class: git::subtree -# -# Installs and configure git-subtree -# -class git::subtree { - - include ::git - - Package['git'] -> Class['git::subtree'] - - if (versioncmp('1.7.0', $::git_version) > 0) { - fail 'git-subtree requires git 1.7 or later!' - } - - if (versioncmp('1.7.11', $::git_version) > 0) { - $source_dir = '/usr/src/git-subtree' - vcsrepo { $source_dir: - ensure => present, - source => 'https://github.com/apenwarr/git-subtree.git', - provider => 'git', - revision => '2793ee6ba', - before => Exec['Build git-subtree'], - } - } else { - $source_dir = "${::git_html_path}/contrib/subtree" - } - - exec { 'Build git-subtree': - command => "make prefix=/usr libexecdir=${::git_exec_path}", - creates => "${source_dir}/git-subtree", - cwd => $source_dir, - path => ['/usr/bin', '/bin', '/usr/local/bin'], - } - -> - package { [ 'asciidoc', 'xmlto', ]: - ensure => present, - } - -> - exec { 'Install git-subtree': - command => "make prefix=/usr libexecdir=${::git_exec_path} install", - onlyif => [ - "test ! -f ${::git_exec_path}/git-subtree", - 'test ! -f /usr/share/man/man1/git-subtree.1', - ], - cwd => $source_dir, - path => ['/usr/bin', '/bin', '/usr/local/bin'], - } - - file { '/etc/bash_completion.d/git-subtree': - ensure => file, - source => 'puppet:///modules/git/subtree/bash_completion.sh', - owner => 'root', - group => 'root', - mode => '0644', - } - -} diff --git a/git/metadata.json b/git/metadata.json deleted file mode 100644 index a8a76c68a..000000000 --- a/git/metadata.json +++ /dev/null @@ -1,56 +0,0 @@ -{ - "name": "puppetlabs-git", - "version": "0.4.0", - "author": "Puppet Labs", - "summary": "Module for installing Git or Gitosis.", - "license": "Apache-2.0", - "source": "https://github.com/puppetlabs/puppetlabs-git", - "project_page": "https://github.com/puppetlabs/puppetlabs-git", - "issues_url": "https://tickets.puppetlabs.com/browse/MODULES", - "operatingsystem_support": [ - { - "operatingsystem": "RedHat", - "operatingsystemrelease": [ - "5", - "6", - "7" - ] - }, - { - "operatingsystem": "CentOS", - "operatingsystemrelease": [ - "5", - "6", - "7" - ] - }, - { - "operatingsystem": "Debian", - "operatingsystemrelease": [ - "6", - "7" - ] - }, - { - "operatingsystem": "Ubuntu", - "operatingsystemrelease": [ - "10.04", - "12.04", - "14.04" - ] - } - ], - "requirements": [ - { - "name": "pe", - "version_requirement": "3.x" - }, - { - "name": "puppet", - "version_requirement": "3.x" - } - ], - "dependencies": [ - {"name":"puppetlabs/stdlib","version_requirement":">= 3.2.0"} - ] -} diff --git a/git/spec/acceptance/class_spec.rb b/git/spec/acceptance/class_spec.rb deleted file mode 100644 index 1f8471081..000000000 --- a/git/spec/acceptance/class_spec.rb +++ /dev/null @@ -1,21 +0,0 @@ -require 'spec_helper_acceptance' - -describe 'git class' do - - context 'default parameters' do - # Using puppet_apply as a helper - it 'should work idempotently with no errors' do - pp = <<-EOS - class { 'git': } - EOS - - # Run it twice and test for idempotency - apply_manifest(pp, :catch_failures => true) - apply_manifest(pp, :catch_changes => true) - end - - describe package('git') do - it { should be_installed } - end - end -end diff --git a/git/spec/acceptance/git_config_different_users_spec.rb b/git/spec/acceptance/git_config_different_users_spec.rb deleted file mode 100644 index 4c4d5e142..000000000 --- a/git/spec/acceptance/git_config_different_users_spec.rb +++ /dev/null @@ -1,44 +0,0 @@ -require 'spec_helper_acceptance' - -describe 'git::config class' do - - context 'with some user settings' do - it 'should work idempotently with no errors' do - pp = <<-EOS - package { 'git': } - -> - git::config { 'Root User Email': - key => 'user.email', - value => 'john.doe@example.com', - } - -> - user { 'janedoe': - ensure => 'present', - managehome => true, - } - -> - file { '/home/janedoe/.gitconfig': - ensure => 'present', - } - -> - git::config { 'Jane User Email': - key => 'user.email', - user => 'janedoe', - value => 'jane.doe@example.com', - } - EOS - - # Run it twice and test for idempotency - apply_manifest(pp, :catch_failures => true) - apply_manifest(pp, :catch_changes => true) - end - - describe file('/home/janedoe/.gitconfig') do - its(:content) { should match /email = jane.doe@example.com/ } - end - - describe file('/root/.gitconfig') do - its(:content) { should match /email = john.doe@example.com/ } - end - end -end diff --git a/git/spec/acceptance/git_config_provider_spec.rb b/git/spec/acceptance/git_config_provider_spec.rb deleted file mode 100644 index ca9863d30..000000000 --- a/git/spec/acceptance/git_config_provider_spec.rb +++ /dev/null @@ -1,29 +0,0 @@ -require 'spec_helper_acceptance' - -describe 'git::config class' do - - context 'with some user settings' do - it 'should work idempotently with no errors' do - pp = <<-EOS - package { 'git': } - -> - git::config { 'user.name': - value => 'John Doe', - } - -> - git::config { 'user.email': - value => 'john.doe@example.com', - } - EOS - - # Run it twice and test for idempotency - apply_manifest(pp, :catch_failures => true) - apply_manifest(pp, :catch_changes => true) - end - - describe file('/root/.gitconfig') do - its(:content) { should match /email = john.doe@example.com/ } - its(:content) { should match /name = John Doe/ } - end - end -end diff --git a/git/spec/acceptance/nodesets/centos-64-x64.yml b/git/spec/acceptance/nodesets/centos-64-x64.yml deleted file mode 100644 index d19aa6951..000000000 --- a/git/spec/acceptance/nodesets/centos-64-x64.yml +++ /dev/null @@ -1,11 +0,0 @@ -HOSTS: - centos-64-x64: - roles: - - master - platform: el-6-x86_64 - box : centos-64-x64-vbox4210-nocm - box_url : http://puppet-vagrant-boxes.puppetlabs.com/centos-64-x64-vbox4210-nocm.box - hypervisor : vagrant -CONFIG: - log_level: verbose - type: foss diff --git a/git/spec/acceptance/nodesets/default.yml b/git/spec/acceptance/nodesets/default.yml deleted file mode 100644 index b392dab75..000000000 --- a/git/spec/acceptance/nodesets/default.yml +++ /dev/null @@ -1,12 +0,0 @@ -HOSTS: - ubuntu-server-12042-x64: - roles: - - master - platform: ubuntu-server-12.04-amd64 - box: ubuntu-server-12042-x64-vbox4210-nocm - box_url: http://puppet-vagrant-boxes.puppetlabs.com/ubuntu-server-12042-x64-vbox4210-nocm.box - hypervisor: vagrant - -CONFIG: - log_level: verbose - type: foss diff --git a/git/spec/acceptance/nodesets/ubuntu-server-12042-x64.yml b/git/spec/acceptance/nodesets/ubuntu-server-12042-x64.yml deleted file mode 100644 index b392dab75..000000000 --- a/git/spec/acceptance/nodesets/ubuntu-server-12042-x64.yml +++ /dev/null @@ -1,12 +0,0 @@ -HOSTS: - ubuntu-server-12042-x64: - roles: - - master - platform: ubuntu-server-12.04-amd64 - box: ubuntu-server-12042-x64-vbox4210-nocm - box_url: http://puppet-vagrant-boxes.puppetlabs.com/ubuntu-server-12042-x64-vbox4210-nocm.box - hypervisor: vagrant - -CONFIG: - log_level: verbose - type: foss diff --git a/git/spec/classes/git_gitosis_spec.rb b/git/spec/classes/git_gitosis_spec.rb deleted file mode 100644 index eb8ceada6..000000000 --- a/git/spec/classes/git_gitosis_spec.rb +++ /dev/null @@ -1,10 +0,0 @@ -require 'spec_helper' - -describe 'git::gitosis' do - - context 'defaults' do - it { should contain_package('gitosis') } - it { should contain_class('git') } - it { should create_class('git::gitosis') } - end -end diff --git a/git/spec/classes/git_spec.rb b/git/spec/classes/git_spec.rb deleted file mode 100644 index fabdf5194..000000000 --- a/git/spec/classes/git_spec.rb +++ /dev/null @@ -1,70 +0,0 @@ -require 'spec_helper' - -describe 'git' do - - context 'defaults' do - it { should contain_package('git') } - end - - context 'with package_manage set to false' do - let(:params) { - { - :package_manage => false, - } - } - it { should_not contain_package('git') } - end - - context 'with a custom git package name' do - let(:params) { - { - :package_name => 'gitolite', - } - } - it { should contain_package('gitolite') } - end - - context 'with package_ensure => latest' do - let(:params) { - { - :package_ensure => 'latest', - } - } - it { should contain_package('git').with( - { - 'ensure' => 'latest' - } - )} - end - - context 'with configs' do - let(:params) { - { - :configs => { - "user.name" => {"value" => "test"}, - "user.email" => "test@example.com" - } - } - } - it { should contain_git__config('user.name') } - it { should contain_git__config('user.email') } - end - - context 'with configs and configs defaults' do - let(:params) { - { - :configs => { - "core.filemode" => false - }, - :configs_defaults => { - "scope" => "system" - } - } - } - it { should contain_git__config('core.filemode').with( - 'value' => false, - 'scope' => 'system' - ) } - end - -end diff --git a/git/spec/classes/git_subtree_spec.rb b/git/spec/classes/git_subtree_spec.rb deleted file mode 100644 index 137e59241..000000000 --- a/git/spec/classes/git_subtree_spec.rb +++ /dev/null @@ -1,77 +0,0 @@ -require 'spec_helper' - -describe 'git::subtree' do - - versions = ['1.6.0', '1.7.0', '1.7.11'] - versions.each do |version| - context "when git version is #{version}" do - let(:facts) { { - :git_version => version, - } } - if version < '1.7.0' - it 'should fail' do - expect { should create_class('git::subtree') }.to raise_error(Puppet::Error, /git-subtree requires git 1.7 or later!/) - end - else - it { should create_class('git::subtree') } - it { should contain_class('git') } - it { should contain_package('asciidoc') } - it { should contain_package('xmlto') } - it { should contain_exec('Install git-subtree') } - it { should contain_exec('Build git-subtree') } - - it { should create_file('/etc/bash_completion.d/git-subtree').with({ - :ensure => 'file', - :source => 'puppet:///modules/git/subtree/bash_completion.sh', - :mode => '0644', - })} - end - end - end - - context 'when git version > 1.7.0 and < 1.7.11' do - let(:facts) { { - :git_version => '1.7.0', - :git_exec_path => '/usr/lib/git-core', - :git_html_path => "/usr/share/doc/git" - } } - - it { should create_vcsrepo('/usr/src/git-subtree').with({ - :ensure => 'present', - :source => 'https://github.com/apenwarr/git-subtree.git', - :provider => 'git', - :revision => '2793ee6ba', - })} - - it { should create_exec('Build git-subtree').with({ - :command => 'make prefix=/usr libexecdir=/usr/lib/git-core', - :creates => '/usr/src/git-subtree/git-subtree', - :cwd => '/usr/src/git-subtree', - })} - - it { should create_exec('Install git-subtree').with({ - :command => 'make prefix=/usr libexecdir=/usr/lib/git-core install', - :cwd => '/usr/src/git-subtree', - })} - end - - context 'when git version >= 1.7.11' do - let(:facts) { { - :git_version => '1.7.11', - :git_exec_path => '/usr/lib/git-core', - :git_html_path => "/usr/share/doc/git" - } } - - it { should create_exec('Build git-subtree').with({ - :creates => '/usr/share/doc/git/contrib/subtree/git-subtree', - :cwd => '/usr/share/doc/git/contrib/subtree', - })} - - it { should create_exec('Install git-subtree').with({ - :command => 'make prefix=/usr libexecdir=/usr/lib/git-core install', - :cwd => '/usr/share/doc/git/contrib/subtree', - })} - end - - -end diff --git a/git/spec/defines/git_config_spec.rb b/git/spec/defines/git_config_spec.rb deleted file mode 100644 index 4149fc77a..000000000 --- a/git/spec/defines/git_config_spec.rb +++ /dev/null @@ -1,37 +0,0 @@ -require 'spec_helper' - -describe 'git::config', :type => :define do - context 'has working default parameters' do - let(:title) { 'user.name' } - let(:params) { - { - :value => 'JC Denton', - } - } - it do - should contain_git_config('user.name').with( - 'value' => 'JC Denton', - 'key' => 'user.name', - 'user' => 'root' - ) - have_git_config_resource_count(1) - end - end - context 'allows you to change user' do - let(:title) { 'user.email' } - let(:params) { - { - :value => 'jcdenton@UNATCO.com', - :user => 'admin' - } - } - it do - should contain_git_config('user.email').with( - 'value' => 'jcdenton@UNATCO.com', - 'key' => 'user.email', - 'user' => 'admin' - ) - have_git_config_resource_count(1) - end - end -end diff --git a/git/spec/spec_helper.rb b/git/spec/spec_helper.rb deleted file mode 100644 index 2c6f56649..000000000 --- a/git/spec/spec_helper.rb +++ /dev/null @@ -1 +0,0 @@ -require 'puppetlabs_spec_helper/module_spec_helper' diff --git a/git/spec/spec_helper_acceptance.rb b/git/spec/spec_helper_acceptance.rb deleted file mode 100644 index de3635102..000000000 --- a/git/spec/spec_helper_acceptance.rb +++ /dev/null @@ -1,24 +0,0 @@ -require 'beaker-rspec/spec_helper' -require 'beaker-rspec/helpers/serverspec' - -hosts.each do |host| - # Install Puppet - install_puppet -end - -RSpec.configure do |c| - # Project root - proj_root = File.expand_path(File.join(File.dirname(__FILE__), '..')) - - # Readable test descriptions - c.formatter = :documentation - - # Configure all nodes in nodeset - c.before :suite do - # Install module and dependencies - puppet_module_install(:source => proj_root, :module_name => 'git') - hosts.each do |host| - on host, puppet('module', 'install', 'puppetlabs-vcsrepo'), { :acceptable_exit_codes => [0,1] } - end - end -end \ No newline at end of file diff --git a/git/spec/unit/facter/git_exec_path_spec.rb b/git/spec/unit/facter/git_exec_path_spec.rb deleted file mode 100644 index 0394869a0..000000000 --- a/git/spec/unit/facter/git_exec_path_spec.rb +++ /dev/null @@ -1,27 +0,0 @@ -require "spec_helper" - -describe Facter::Util::Fact do - before { - Facter.clear - } - - describe "git_exec_path" do - - context 'windows' do - it do - Facter.fact(:osfamily).stubs(:value).returns('windows') - Facter::Util::Resolution.expects(:exec).with("git --exec-path 2>nul").returns('windows_path_change') - Facter.fact(:git_exec_path).value.should == 'windows_path_change' - end - end - - context 'non-windows' do - it do - Facter.fact(:osfamily).stubs(:value).returns('RedHat') - Facter::Util::Resolution.expects(:exec).with("git --exec-path 2>/dev/null").returns('/usr/libexec/git-core') - Facter.fact(:git_exec_path).value.should == '/usr/libexec/git-core' - end - end - - end -end \ No newline at end of file diff --git a/git/spec/unit/facter/git_html_path_spec.rb b/git/spec/unit/facter/git_html_path_spec.rb deleted file mode 100644 index 4f332e248..000000000 --- a/git/spec/unit/facter/git_html_path_spec.rb +++ /dev/null @@ -1,27 +0,0 @@ -require "spec_helper" - -describe Facter::Util::Fact do - before { - Facter.clear - } - - describe "git_html_path" do - - context 'windows' do - it do - Facter.fact(:osfamily).stubs(:value).returns('windows') - Facter::Util::Resolution.expects(:exec).with("git --html-path 2>nul").returns('windows_path_change') - Facter.fact(:git_html_path).value.should == 'windows_path_change' - end - end - - context 'non-windows' do - it do - Facter.fact(:osfamily).stubs(:value).returns('RedHat') - Facter::Util::Resolution.expects(:exec).with("git --html-path 2>/dev/null").returns('/usr/share/doc/git-1.7.1') - Facter.fact(:git_html_path).value.should == '/usr/share/doc/git-1.7.1' - end - end - - end -end \ No newline at end of file diff --git a/git/spec/unit/facter/git_version_spec.rb b/git/spec/unit/facter/git_version_spec.rb deleted file mode 100644 index e12057700..000000000 --- a/git/spec/unit/facter/git_version_spec.rb +++ /dev/null @@ -1,35 +0,0 @@ -require "spec_helper" - -describe Facter::Util::Fact do - before { - Facter.clear - } - - describe "git_version" do - context 'vanilla git' do - it do - git_version_output = 'git version 2.1.2' - Facter::Util::Resolution.expects(:exec).with("git --version 2>&1").returns(git_version_output) - Facter.value(:git_version).should == "2.1.2" - end - end - - context 'git with hub' do - it do - git_version_output = <<-EOS -git version 2.1.2 -hub version 1.12.2 - EOS - Facter::Util::Resolution.expects(:exec).with("git --version 2>&1").returns(git_version_output) - Facter.value(:git_version).should == "2.1.2" - end - end - - context 'no git present' do - it do - Facter::Util::Resolution.expects(:which).with("git").returns(false) - Facter.value(:git_version).should be_nil - end - end - end -end diff --git a/git/spec/unit/puppet/provider/git_config/git_config_spec.rb b/git/spec/unit/puppet/provider/git_config/git_config_spec.rb deleted file mode 100644 index 6f60390bf..000000000 --- a/git/spec/unit/puppet/provider/git_config/git_config_spec.rb +++ /dev/null @@ -1,14 +0,0 @@ -require 'spec_helper' - -describe Puppet::Type.type(:git_config).provider(:git_config) do - - let(:resource) { Puppet::Type.type(:git_config).new( - { - :key => 'user.email', - :value => 'john.doe@example.com', - } - )} - - let(:provider) { resource.provider } - -end \ No newline at end of file diff --git a/git/spec/unit/puppet/type/git_config/git_config_spec.rb b/git/spec/unit/puppet/type/git_config/git_config_spec.rb deleted file mode 100644 index 0fd26856d..000000000 --- a/git/spec/unit/puppet/type/git_config/git_config_spec.rb +++ /dev/null @@ -1,49 +0,0 @@ -#!/usr/bin/env ruby - -require 'spec_helper' - -describe Puppet::Type.type(:git_config) do - - before do - @class = described_class - @provider_class = @class.provide(:fake) { mk_resource_methods } - @provider = @provider_class.new - @resource = stub 'resource', :resource => nil, :provider => @provider - - @class.stubs(:defaultprovider).returns @provider_class - @class.any_instance.stubs(:provider).returns @provider - end - - it "should have :name as its keyattribute" do - @class.key_attributes.should == [:name] - end - - describe "when validating attributes" do - - params = [ - :name, - :user, - :key, - :section, - :scope, - ] - - properties = [ - :value, - ] - - params.each do |param| - it "should have a #{param} parameter" do - @class.attrtype(param).should == :param - end - end - - properties.each do |property| - it "should have a #{property} property" do - @class.attrtype(property).should == :property - end - end - - end - -end \ No newline at end of file diff --git a/git/tests/gitosis.pp b/git/tests/gitosis.pp deleted file mode 100644 index e6240ae21..000000000 --- a/git/tests/gitosis.pp +++ /dev/null @@ -1 +0,0 @@ -class { 'git::gitosis': } diff --git a/git/tests/init.pp b/git/tests/init.pp deleted file mode 100644 index c23290471..000000000 --- a/git/tests/init.pp +++ /dev/null @@ -1 +0,0 @@ -class { 'git': } diff --git a/glance/.gitignore b/glance/.gitignore deleted file mode 100644 index 61092bdaf..000000000 --- a/glance/.gitignore +++ /dev/null @@ -1,15 +0,0 @@ -pkg/ -Gemfile.lock -vendor/ -spec/fixtures/ -.vagrant/ -.bundle/ -coverage/ -.idea/ -*.swp -*.iml -openstack/ - -# Files created by releasenotes build -releasenotes/build -.tox diff --git a/glance/.gitreview b/glance/.gitreview deleted file mode 100644 index b47c67d64..000000000 --- a/glance/.gitreview +++ /dev/null @@ -1,5 +0,0 @@ -[gerrit] -host=review.openstack.org -port=29418 -project=openstack/puppet-glance.git -defaultbranch=stable/mitaka diff --git a/glance/CHANGELOG.md b/glance/CHANGELOG.md deleted file mode 100644 index e003ab5fb..000000000 --- a/glance/CHANGELOG.md +++ /dev/null @@ -1,252 +0,0 @@ -## 8.0.0 and beyond - -From 8.0.0 release and beyond, release notes are published on -[docs.openstack.org](http://docs.openstack.org/releasenotes/puppet-glance/). - -##2015-11-25 - 7.0.0 -###Summary - -This is a backwards-incompatible major release for OpenStack Liberty. - -####Backwards-incompatible changes -- remove deprecated mysql_module -- change section name for AMQP qpid parameters -- change section name for AMQP rabbit parameters - -####Features -- add support for RabbitMQ connection heartbeat -- add tag to package and service resources -- add glance::db::sync -- add an ability to manage use_stderr parameter -- reflect provider change in puppet-openstacklib -- put all the logging related parameters to the logging class -- allow customization of db sync command line -- add S3 backend configuration for glance -- add rados_connect_timeout parameter in glance config -- add ability to specify number of workers for glance-registry service -- use OpenstackClient for glance_image auth - -####Bugfixes -- rely on autorequire for config resource ordering -- make sure Facter is only executed on agent -- file backend: do not inherit from glance::api -- glance_image: hardcode os-image-api-version to 1 -- make sure Glance_image is executed after Keystone_endpoint -- solve duplicate declaration issue for python-openstackclient -- append openstacklib/lib to load path for type - -####Maintenance -- fix rspec 3.x syntax -- initial msync run for all Puppet OpenStack modules -- try to use zuul-cloner to prepare fixtures -- remove class_parameter_defaults puppet-lint check -- acceptance: use common bits from puppet-openstack-integration -- fix unit tests against Puppet 4.3.0 -- require at least 4.2.0 of stdlib - -##2015-10-10 - 6.1.0 -###Summary - -This is a feature and maintenance release in the Kilo series. - -####Features -- Add the swift_store_region parameter to glance::backend::swift - -####Maintenance -- acceptance: checkout stable/kilo puppet modules - - -##2015-07-08 - 6.0.0 -###Summary - -This is a backwards-incompatible major release for OpenStack Kilo. - -####Backwards-incompatible changes -- Move rabbit/kombu settings to oslo_messaging_rabbit section. -- Remove sql_connection and sql_idle_timeout deprecated parameters. -- api: change default pipeline. -- Separate api and registry packages for Red Hat. -- python-ceph no longer exists in el7, use python-rbd. - -####Features -- Puppet 4.x support. -- Refactorise Keystone resources management. -- Migrate postgresql backend to use openstacklib::db::postgresql. -- Add support for identity_uri. -- Service Validation for Glance-API. -- Create a sync_db boolean for Glance. -- make service description configurable. - -####Bugfixes -- Fix API/Registry ensure for Ubuntu. - -####Maintenance -- Acceptance tests with Beaker. -- Fix spec tests for RSpec 3.x and Puppet 4.x. - -##2015-06-17 - 5.1.0 -###Summary - -This is a feature and bugfix release in the Juno series. - -####Features -- Add service validation for Glance-API. -- Switch to TLSv1. -- Makes kombu_ssl_* parameters optional when rabbit_use_ssl => true. -- Allow overriding package ensure for glance-registry. -- Add openstack tag to glance packages. -- Create a sync_db boolean for Glance. -- Command parameter to sync the correct Database. -- Add $notification_driver parameter to notify::rabbitmq. - -####Bugfixes -- Move rbd related options into glance_store section. -- Change default MySQL collate to utf8_general_ci. -- Correctly munge glance_image is_public property. -- Fix catalog compilation when not configuring endpoint. -- Fix is_public munge. - -####Maintenance -- spec: pin rspec-puppet to 1.0.1. -- Pin puppetlabs-concat to 1.2.1 in fixtures. -- Update .gitreview file for project rename. - -##2014-11-24 - 5.0.0 -###Summary - -This is a backwards-incompatible major release for OpenStack Juno. - -####Backwards-incompatible changes -- Bump stdlib dependency to >=4.0.0. -- Migrate the mysql backend to use openstacklib::db::mysql, adding dependency - on puppet-openstacklib. - -####Features -- Add ceilometer::policy to control policy.json. -- Add parameter os_region_name to glance::api. -- Add support for vSphere datastore backend. -- Update the calls to the glance command-line utility. -- Add parameter swift_store_large_object_size to glance::backend::swift. -- Add parameter command_options to glance::cache::cleaner and glance::cache::pruner. -- Add parameter package_ensure to glance::backend::rbd. -- Add parameter manage_service to various classes. -- Add parameters to control whether to configure users. -- Add parameter registery_client_protocol to glance::api. - -####Bugfixes -- Fix bug in glance_image type. -- Fix ssl parameter requirements for kombu and rabbit. - -##2014-10-16 - 4.2.0 -###Summary - -This is a feature release in the Icehouse series. - -####Features - -- Add ability to hide secret type parameters from logs. - -##2014-06-19 - 4.1.0 -###Summary - -This is a feature and bugfix release in the Icehouse series. - -####Features -- Add multiple rabbit hosts support. -- Add image_cache_dir parameter. -- Deprecate old SQL parameters. - -####Bugfixes -- Fix the Glance add_image parser for new client. -- Fix values in get_glance_image_attrs. -- Fix 'could not find user glance' bug. - -####Maintenance -- Pin major gems. - -##2014-05-01 - 4.0.0 -###Summary - -This is a backwards-incompatible major release for OpenStack Icehouse. - -####Backwards-incompatible changes -- Remove deprecated notifier_stratgy parameter. - -####Features -- Add glance::config to handle additional custom options. -- Add known_stores option for glance::api. -- Add copy-on-write cloning of images to volumes. -- Add support for puppetlabs-mysql 2.2 and greater. -- Add support for python-glanceclient v2 API update. -- Deprecate show_image_direct_url in glance::rbd. - -##2014-03-26 - 3.1.0 -###Summary - -This is a feature and bugfix release in the Havana series. - -####Features -- Add availability to configure show_image_direct_url. -- Add support for https authentication endpoints. -- Enable ssl configuration for glance-registry. -- Explicitly set default notifier strategy. - -####Bugfixes -- Remove Keystone client warnings. - -##2014-01-09 - 3.0.0 -###Summary - -This is a major release for OpenStack Havana but contains no API-breaking -changes. - -####Features -- Add Cinder backend to image storage. - -####Bugfixes -- Fix bug to ensure keystone endpoint is set before service starts. -- Fix qpid_hostname bug. - -##2013-10-07 - 2.2.0 -###Summary - -This is a feature and bugfix release in the Grizzly series. - -####Features -- Add syslog support. -- Add support for iso disk format. - -####Bugfixes -- Fix bug to allow support for rdb options in glance-api.conf. -- Fix bug for rabbitmq options in notify::rabbitmq. -- Remove non-implemented glance::scrubber class. - -##2013-08-07 - 2.1.0 -###Summary - -This is a feature and bugfix release in the Grizzly series. - -####Features - -- Add glance-cache-cleaner and glance-cache-pruner. -- Add ceph/rdb support. -- Add retry for glance provider to account for service startup time. -- Add support for both file and swift backends. - -####Bugfixes -- Fix allowed_hosts/database access bug. -- Fix glance_image type example. -- Remove unnecessary mysql::server dependency. -- Remove --silent-upload option. -- Remove glance-manage version_control. - -####Maintenance -- Pin rabbit and mysql module versions. - -##2013-06-24 - 2.0.0 -###Summary - -Initial release on Stackforge. - -####Features -- Add postgresql support. diff --git a/glance/Gemfile b/glance/Gemfile deleted file mode 100644 index 5728ff7e7..000000000 --- a/glance/Gemfile +++ /dev/null @@ -1,22 +0,0 @@ -source ENV['GEM_SOURCE'] || "https://rubygems.org" - -group :development, :test, :system_tests do - gem 'puppet-openstack_spec_helper', - :git => 'https://git.openstack.org/openstack/puppet-openstack_spec_helper', - :branch => 'stable/mitaka', - :require => false -end - -if facterversion = ENV['FACTER_GEM_VERSION'] - gem 'facter', facterversion, :require => false -else - gem 'facter', :require => false -end - -if puppetversion = ENV['PUPPET_GEM_VERSION'] - gem 'puppet', puppetversion, :require => false -else - gem 'puppet', :require => false -end - -# vim:ft=ruby diff --git a/glance/LICENSE b/glance/LICENSE deleted file mode 100644 index 8961ce8a6..000000000 --- a/glance/LICENSE +++ /dev/null @@ -1,15 +0,0 @@ -Copyright (C) 2012 Puppet Labs Inc - -Puppet Labs can be contacted at: info@puppetlabs.com - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. diff --git a/glance/README.md b/glance/README.md deleted file mode 100644 index dbd659809..000000000 --- a/glance/README.md +++ /dev/null @@ -1,232 +0,0 @@ -glance -======= - -#### Table of Contents - -1. [Overview - What is the glance module?](#overview) -2. [Module Description - What does the module do?](#module-description) -3. [Setup - The basics of getting started with glance](#setup) -4. [Implementation - An under-the-hood peek at what the module is doing](#implementation) -5. [Limitations - OS compatibility, etc.](#limitations) -6. [Development - Guide for contributing to the module](#development) -7. [Contributors - Those with commits](#contributors) - -Overview --------- - -The glance module is a part of [OpenStack](https://github.com/openstack), an effort by the OpenStack infrastructure team to provide continuous integration testing and code review for OpenStack and OpenStack community projects as part of the core software. The module its self is used to flexibly configure and manage the image service for OpenStack. - -Module Description ------------------- - -The glance module is a thorough attempt to make Puppet capable of managing the entirety of glance. This includes manifests to provision such things as keystone endpoints, RPC configurations specific to glance, and database connections. Types are shipped as part of the glance module to assist in manipulation of configuration files. - -This module is tested in combination with other modules needed to build and leverage an entire OpenStack software stack. - -Setup ------ - -**What the glance module affects** - -* [Glance](https://wiki.openstack.org/wiki/Glance), the image service for OpenStack. - -### Installing glance - - puppet module install openstack/glance - -### Beginning with glance - -To utilize the glance module's functionality you will need to declare multiple resources. This is not an exhaustive list of all the components needed, we recommend you consult and understand the [core openstack](http://docs.openstack.org) documentation. - -**Define a glance node** - -```puppet -class { 'glance::api': - verbose => true, - keystone_tenant => 'services', - keystone_user => 'glance', - keystone_password => '12345', - database_connection => 'mysql://glance:12345@127.0.0.1/glance', -} - -class { 'glance::registry': - verbose => true, - keystone_tenant => 'services', - keystone_user => 'glance', - keystone_password => '12345', - database_connection => 'mysql://glance:12345@127.0.0.1/glance', -} - -class { 'glance::backend::file': } -``` - -**Setup postgres node glance** - -```puppet -class { 'glance::db::postgresql': - password => '12345', -} -``` - -**Setup mysql node for glance** - -```puppet -class { 'glance::db::mysql': - password => '12345', - allowed_hosts => '%', -} -``` - -**Setup up keystone endpoints for glance on keystone node** - -```puppet -class { 'glance::keystone::auth': - password => '12345' - email => 'glance@example.com', - public_address => '172.17.0.3', - admin_address => '172.17.0.3', - internal_address => '172.17.1.3', - region => 'example-west-1', -} -``` - -**Setup up notifications for multiple RabbitMQ nodes** - -```puppet -class { 'glance::notify::rabbitmq': - rabbit_password => 'pass', - rabbit_userid => 'guest', - rabbit_hosts => [ - 'localhost:5672', 'remotehost:5672' - ], - rabbit_use_ssl => false, -} -``` - -### Types - -#### glance_api_config - -The `glance_api_config` provider is a children of the ini_setting provider. It allows one to write an entry in the `/etc/glance/glance-api.conf` file. - -```puppet -glance_api_config { 'DEFAULT/verbose' : - value => true, -} -``` - -This will write `verbose=true` in the `[DEFAULT]` section. - -##### name - -Section/setting name to manage from `glance-api.conf` - -##### value - -The value of the setting to be defined. - -##### secret - -Whether to hide the value from Puppet logs. Defaults to `false`. - -##### ensure_absent_val - -If value is equal to ensure_absent_val then the resource will behave as if `ensure => absent` was specified. Defaults to `` - -#### glance_registry_config - -The `glance_registry_config` provider is a children of the ini_setting provider. It allows one to write an entry in the `/etc/glance/glance-registry.conf` file. - -```puppet -glance_registry_config { 'DEFAULT/verbose' : - value => true, -} -``` - -This will write `verbose=true` in the `[DEFAULT]` section. - -##### name - -Section/setting name to manage from `glance-registry.conf` - -##### value - -The value of the setting to be defined. - -##### secret - -Whether to hide the value from Puppet logs. Defaults to `false`. - -##### ensure_absent_val - -If value is equal to ensure_absent_val then the resource will behave as if `ensure => absent` was specified. Defaults to `` - -#### glance_cache_config - -The `glance_cache_config` provider is a children of the ini_setting provider. It allows one to write an entry in the `/etc/glance/glance-cache.conf` file. - -```puppet -glance_cache_config { 'DEFAULT/verbose' : - value => true, -} -``` - -This will write `verbose=true` in the `[DEFAULT]` section. - -##### name - -Section/setting name to manage from `glance-cache.conf` - -##### value - -The value of the setting to be defined. - -##### secret - -Whether to hide the value from Puppet logs. Defaults to `false`. - -##### ensure_absent_val - -If value is equal to ensure_absent_val then the resource will behave as if `ensure => absent` was specified. Defaults to `` - -Implementation --------------- - -### glance - -glance is a combination of Puppet manifest and ruby code to deliver configuration and extra functionality through types and providers. - -Limitations ------------- - -* Only supports configuring the file, swift and rbd storage backends. - -Beaker-Rspec ------------- - -This module has beaker-rspec tests - -To run the tests on the default vagrant node: - -To run: - -```shell -bundle install -bundle exec rspec spec/acceptance -``` - -For more information on writing and running beaker-rspec tests visit the documentation: - -* https://github.com/puppetlabs/beaker-rspec/blob/master/README.md - -Development ------------ - -Developer documentation for the entire puppet-openstack project. - -* https://wiki.openstack.org/wiki/Puppet-openstack#Developer_documentation - -Contributors ------------- - -* https://github.com/openstack/puppet-glance/graphs/contributors diff --git a/glance/Rakefile b/glance/Rakefile deleted file mode 100644 index 168d10814..000000000 --- a/glance/Rakefile +++ /dev/null @@ -1 +0,0 @@ -require 'puppet-openstack_spec_helper/rake_tasks' diff --git a/glance/examples/glance_multi_store.pp b/glance/examples/glance_multi_store.pp deleted file mode 100644 index 4983f2833..000000000 --- a/glance/examples/glance_multi_store.pp +++ /dev/null @@ -1,25 +0,0 @@ -# Example: Declaring multiple backend stores -# -# To declare multiple glance::backend::* classes, each declaration must include -# the parameter multi_store set to true. This prevents each individual backend from -# setting itself as the default store as soon as it is declared. Rather, the -# default store can be chosen by the user when declaring glance::api (if no -# default_store is set at that point, then the first store in the list 'stores' -# provided will be made the default). - -class { '::glance::backend::file': - multi_store => true, -} - -class { '::glance::backend::swift': - swift_store_user => 'demo', - swift_store_key => 'secrete', - multi_store => true, -} - -class { '::glance::api': - keystone_password => 'a_big_secret', - stores => ['file', 'swift'], - default_store => 'swift', - multi_store => true, -} diff --git a/glance/examples/glance_single_store.pp b/glance/examples/glance_single_store.pp deleted file mode 100644 index 2ca2d3f65..000000000 --- a/glance/examples/glance_single_store.pp +++ /dev/null @@ -1,18 +0,0 @@ -# Example: Declaring a single backend store -# -# To declare only one glance::backend::* class, all you need to do is declare -# it without the multi_store parameter. This way, multi_store will default to false -# and the glance::backend::* class will automatically set itself as the default backend. -# After doing this, you must not declare glance::api with multi_store set to true, -# or it will attempt to override the default set by the backend class and result -# in an error. - -class { '::glance::backend::swift': - swift_store_user => 'demo', - swift_store_key => 'secrete', -} - -class { '::glance::api': - keystone_password => 'a_big_secret', - stores => ['swift'], -} diff --git a/glance/ext/glance.rb b/glance/ext/glance.rb deleted file mode 100644 index 6510397c0..000000000 --- a/glance/ext/glance.rb +++ /dev/null @@ -1,86 +0,0 @@ -#!/usr/bin/env ruby -# -# test that we can upload and download files -# -require 'open3' -require 'fileutils' - -keystone_public = '127.0.0.1' -image_dir='/tmp/images' - -ENV['OS_USERNAME']='admin' -ENV['OS_TENANT_NAME']='admin' -ENV['OS_PASSWORD']='ChangeMe' -ENV['OS_AUTH_URL']='http://127.0.0.1:5000/v2.0/' -ENV['OS_REGION_NAME']='RegionOne' - -FileUtils.mkdir_p(image_dir) -Dir.chdir(image_dir) do |dir| - - kernel_id = nil - initrd_id = nil - - remote_image_url='http://smoser.brickies.net/ubuntu/ttylinux-uec/ttylinux-uec-amd64-12.1_2.6.35-22_1.tar.gz; tar -zxvf ttylinux-uec-amd64-12.1_2.6.35-22_1.tar.gz' - - wget_command = "wget #{remote_image_url}" - - Open3.popen3(wget_command) do |stdin, stdout, stderr| - puts "wget stdout: #{stdout.read}" - puts "wget stderr: #{stderr.read}" - end - - add_kernel='disk_format=aki container_format=aki < ttylinux-uec-amd64-12.1_2.6.35-22_1-vmlinuz' - kernel_name='tty-linux-kernel' - kernel_format='aki' - - add_kernel_command="glance add name='#{kernel_name}' disk_format='#{kernel_format}' container_format=#{kernel_format} < ttylinux-uec-amd64-12.1_2.6.35-22_1-vmlinuz" - - Open3.popen3(add_kernel_command) do |stdin, stdout, stderr| - stdout = stdout.read.split("\n") - stdout.each do |line| - if line =~ /Added new image with ID: (\w+)/ - kernel_id = $1 - end - end - puts stderr.read - puts stdout - end - - raise(Exception, 'Did not add kernel successfully') unless kernel_id - - initrd_id = nil - add_initrd_command="glance add name='tty-linux-ramdisk' disk_format=ari container_format=ari < ttylinux-uec-amd64-12.1_2.6.35-22_1-loader" - - Open3.popen3(add_initrd_command) do |stdin, stdout, stderr| - stdout = stdout.read.split("\n") - stdout.each do |line| - if line =~ /Added new image with ID: (\w+)/ - initrd_id = $1 - end - end - puts stderr.read - puts stdout - end - - raise(Exception, 'Did not add initrd successfully') unless initrd_id - - add_image_command="glance add name='tty-linux' disk_format=ami container_format=ami kernel_id=#{kernel_id} ramdisk_id=#{initrd_id} < ttylinux-uec-amd64-12.1_2.6.35-22_1.img" - - Open3.popen3(add_image_command) do |stdin, stdout, stderr| - stdout = stdout.read.split("\n") - stdout.each do |line| - if line =~ /Added new image with ID: (\w+)/ - kernel_id = $1 - end - end - puts stderr.read - puts stdout - end - - get_index='glance index' - - Open3.popen3(get_index) do |stdin, stdout, stderr| - puts stdout.read - puts stderr.read - end -end diff --git a/glance/ext/glance.sh b/glance/ext/glance.sh deleted file mode 100755 index 174749981..000000000 --- a/glance/ext/glance.sh +++ /dev/null @@ -1,8 +0,0 @@ -#!/bin/bash -# -# assumes that resonable credentials have been stored at -# /root/auth -source /root/auth -wget http://uec-images.ubuntu.com/releases/11.10/release/ubuntu-11.10-server-cloudimg-amd64-disk1.img -glance add name="Ubuntu 11.10 cloudimg amd64" is_public=true container_format=ovf disk_format=qcow2 < ubuntu-11.10-server-cloudimg-amd64-disk1.img -glance index diff --git a/glance/lib/puppet/provider/glance.rb b/glance/lib/puppet/provider/glance.rb deleted file mode 100644 index a34944f8d..000000000 --- a/glance/lib/puppet/provider/glance.rb +++ /dev/null @@ -1,104 +0,0 @@ -# Since there's only one glance type for now, -# this probably could have all gone in the provider file. -# But maybe this is good long-term. -require 'puppet/util/inifile' -require 'puppet/provider/openstack' -require 'puppet/provider/openstack/auth' -require 'puppet/provider/openstack/credentials' -class Puppet::Provider::Glance < Puppet::Provider::Openstack - - extend Puppet::Provider::Openstack::Auth - - def self.request(service, action, properties=nil) - begin - super - rescue Puppet::Error::OpenstackAuthInputError => error - glance_request(service, action, error, properties) - end - end - - def self.glance_request(service, action, error, properties=nil) - @credentials.username = glance_credentials['admin_user'] - @credentials.password = glance_credentials['admin_password'] - @credentials.project_name = glance_credentials['admin_tenant_name'] - @credentials.auth_url = auth_endpoint - raise error unless @credentials.set? - Puppet::Provider::Openstack.request(service, action, properties, @credentials) - end - - def self.glance_credentials - @glance_credentials ||= get_glance_credentials - end - - def self.get_glance_credentials - if glance_file and glance_file['keystone_authtoken'] and - glance_file['keystone_authtoken']['auth_host'] and - glance_file['keystone_authtoken']['auth_port'] and - glance_file['keystone_authtoken']['auth_protocol'] and - glance_file['keystone_authtoken']['admin_tenant_name'] and - glance_file['keystone_authtoken']['admin_user'] and - glance_file['keystone_authtoken']['admin_password'] and - glance_file['glance_store']['os_region_name'] - - g = {} - g['auth_host'] = glance_file['keystone_authtoken']['auth_host'].strip - g['auth_port'] = glance_file['keystone_authtoken']['auth_port'].strip - g['auth_protocol'] = glance_file['keystone_authtoken']['auth_protocol'].strip - g['admin_tenant_name'] = glance_file['keystone_authtoken']['admin_tenant_name'].strip - g['admin_user'] = glance_file['keystone_authtoken']['admin_user'].strip - g['admin_password'] = glance_file['keystone_authtoken']['admin_password'].strip - g['os_region_name'] = glance_file['glance_store']['os_region_name'].strip - - # auth_admin_prefix not required to be set. - g['auth_admin_prefix'] = (glance_file['keystone_authtoken']['auth_admin_prefix'] || '').strip - - return g - elsif glance_file and glance_file['keystone_authtoken'] and - glance_file['keystone_authtoken']['identity_uri'] and - glance_file['keystone_authtoken']['admin_tenant_name'] and - glance_file['keystone_authtoken']['admin_user'] and - glance_file['keystone_authtoken']['admin_password'] and - glance_file['glance_store']['os_region_name'] - - g = {} - g['identity_uri'] = glance_file['keystone_authtoken']['identity_uri'].strip - g['admin_tenant_name'] = glance_file['keystone_authtoken']['admin_tenant_name'].strip - g['admin_user'] = glance_file['keystone_authtoken']['admin_user'].strip - g['admin_password'] = glance_file['keystone_authtoken']['admin_password'].strip - g['os_region_name'] = glance_file['glance_store']['os_region_name'].strip - - return g - else - raise(Puppet::Error, 'File: /etc/glance/glance-api.conf does not contain all required sections.') - end - end - - def self.auth_endpoint - @auth_endpoint ||= get_auth_endpoint - end - - def self.get_auth_endpoint - g = glance_credentials - if g.key?('identity_uri') - "#{g['identity_uri']}/" - else - "#{g['auth_protocol']}://#{g['auth_host']}:#{g['auth_port']}#{g['auth_admin_prefix']}/v2.0/" - end - end - - def self.glance_file - return @glance_file if @glance_file - @glance_file = Puppet::Util::IniConfig::File.new - @glance_file.read('/etc/glance/glance-api.conf') - @glance_file - end - - def self.glance_hash - @glance_hash ||= build_glance_hash - end - - def bool_to_sym(bool) - bool == true ? :true : :false - end - -end diff --git a/glance/lib/puppet/provider/glance_api_config/ini_setting.rb b/glance/lib/puppet/provider/glance_api_config/ini_setting.rb deleted file mode 100644 index 7762142da..000000000 --- a/glance/lib/puppet/provider/glance_api_config/ini_setting.rb +++ /dev/null @@ -1,10 +0,0 @@ -Puppet::Type.type(:glance_api_config).provide( - :ini_setting, - :parent => Puppet::Type.type(:openstack_config).provider(:ini_setting) -) do - - def self.file_path - '/etc/glance/glance-api.conf' - end - -end diff --git a/glance/lib/puppet/provider/glance_api_paste_ini/ini_setting.rb b/glance/lib/puppet/provider/glance_api_paste_ini/ini_setting.rb deleted file mode 100644 index ae31fac5d..000000000 --- a/glance/lib/puppet/provider/glance_api_paste_ini/ini_setting.rb +++ /dev/null @@ -1,10 +0,0 @@ -Puppet::Type.type(:glance_api_paste_ini).provide( - :ini_setting, - :parent => Puppet::Type.type(:openstack_config).provider(:ini_setting) -) do - - def self.file_path - '/etc/glance/glance-api-paste.ini' - end - -end diff --git a/glance/lib/puppet/provider/glance_cache_config/ini_setting.rb b/glance/lib/puppet/provider/glance_cache_config/ini_setting.rb deleted file mode 100644 index 0b44ec330..000000000 --- a/glance/lib/puppet/provider/glance_cache_config/ini_setting.rb +++ /dev/null @@ -1,10 +0,0 @@ -Puppet::Type.type(:glance_cache_config).provide( - :ini_setting, - :parent => Puppet::Type.type(:openstack_config).provider(:ini_setting) -) do - - def self.file_path - '/etc/glance/glance-cache.conf' - end - -end diff --git a/glance/lib/puppet/provider/glance_glare_config/ini_setting.rb b/glance/lib/puppet/provider/glance_glare_config/ini_setting.rb deleted file mode 100644 index 5d8d24588..000000000 --- a/glance/lib/puppet/provider/glance_glare_config/ini_setting.rb +++ /dev/null @@ -1,10 +0,0 @@ -Puppet::Type.type(:glance_glare_config).provide( - :ini_setting, - :parent => Puppet::Type.type(:openstack_config).provider(:ini_setting) -) do - - def self.file_path - '/etc/glance/glance-glare.conf' - end - -end diff --git a/glance/lib/puppet/provider/glance_glare_paste_ini/ini_setting.rb b/glance/lib/puppet/provider/glance_glare_paste_ini/ini_setting.rb deleted file mode 100644 index e32e9cfd8..000000000 --- a/glance/lib/puppet/provider/glance_glare_paste_ini/ini_setting.rb +++ /dev/null @@ -1,10 +0,0 @@ -Puppet::Type.type(:glance_glare_paste_ini).provide( - :ini_setting, - :parent => Puppet::Type.type(:openstack_config).provider(:ini_setting) -) do - - def self.file_path - '/etc/glance/glance-glare-paste.ini' - end - -end diff --git a/glance/lib/puppet/provider/glance_image/openstack.rb b/glance/lib/puppet/provider/glance_image/openstack.rb deleted file mode 100644 index 70334c52a..000000000 --- a/glance/lib/puppet/provider/glance_image/openstack.rb +++ /dev/null @@ -1,146 +0,0 @@ -require File.join(File.dirname(__FILE__), '..','..','..', 'puppet/provider/glance') - -Puppet::Type.type(:glance_image).provide( - :openstack, - :parent => Puppet::Provider::Glance -) do - desc <<-EOT - Provider to manage glance_image type. - EOT - - @credentials = Puppet::Provider::Openstack::CredentialsV2_0.new - - # TODO(aschultz): v2 is now supported but the options are different and - # it doesn't support the source being remote. We'll have to rework this - # to support v2 - ENV['OS_IMAGE_API_VERSION'] = '1' - - def initialize(value={}) - super(value) - @property_flush = {} - end - - def create - if @resource[:source] - # copy_from cannot handle file:// - if @resource[:source] =~ /^\// # local file - location = "--file=#{@resource[:source]}" - else - location = "--copy-from=#{@resource[:source]}" - end - # location cannot handle file:// - # location does not import, so no sense in doing anything more than this - elsif @resource[:location] - location = "--location=#{@resource[:location]}" - else - raise(Puppet::Error, "Must specify either source or location") - end - opts = [@resource[:name]] - - opts << (@resource[:is_public] == :true ? '--public' : '--private') - opts << "--container-format=#{@resource[:container_format]}" - opts << "--disk-format=#{@resource[:disk_format]}" - opts << "--min-disk=#{@resource[:min_disk]}" if @resource[:min_disk] - opts << "--min-ram=#{@resource[:min_ram]}" if @resource[:min_ram] - opts << "--id=#{@resource[:id]}" if @resource[:id] - opts << props_to_s(@resource[:properties]) if @resource[:properties] - opts << location - - @property_hash = self.class.request('image', 'create', opts) - @property_hash[:ensure] = :present - end - - def exists? - @property_hash[:ensure] == :present - end - - def destroy - self.class.request('image', 'delete', @resource[:name]) - @property_hash.clear - end - - mk_resource_methods - - def is_public=(value) - @property_flush[:is_public] = value - end - - def is_public - bool_to_sym(@property_hash[:is_public]) - end - - def disk_format=(value) - @property_flush[:disk_format] = value - end - - def container_format=(value) - @property_flush[:container_format] = value - end - - def min_ram=(value) - @property_flush[:min_ram] = value - end - - def min_disk=(value) - @property_flush[:min_disk] = value - end - - def properties=(value) - @property_flush[:properties] = value - end - - def id=(id) - fail('id for existing images can not be modified') - end - - def self.instances - list = request('image', 'list', '--long') - list.collect do |image| - attrs = request('image', 'show', image[:id]) - properties = Hash[attrs[:properties].scan(/(\S+)='([^']*)'/)] rescue nil - new( - :ensure => :present, - :name => attrs[:name], - :is_public => attrs[:is_public].downcase.chomp == 'true'? true : false, - :container_format => attrs[:container_format], - :id => attrs[:id], - :disk_format => attrs[:disk_format], - :min_disk => attrs[:min_disk], - :min_ram => attrs[:min_ram], - :properties => properties - ) - end - end - - def self.prefetch(resources) - images = instances - resources.keys.each do |name| - if provider = images.find{ |image| image.name == name } - resources[name].provider = provider - end - end - end - - def flush - if @property_flush - opts = [@resource[:name]] - - (opts << '--public') if @property_flush[:is_public] == :true - (opts << '--private') if @property_flush[:is_public] == :false - (opts << "--container-format=#{@property_flush[:container_format]}") if @property_flush[:container_format] - (opts << "--disk-format=#{@property_flush[:disk_format]}") if @property_flush[:disk_format] - (opts << "--min-ram=#{@property_flush[:min_ram]}") if @property_flush[:min_ram] - (opts << "--min-disk=#{@property_flush[:min_disk]}") if @property_flush[:min_disk] - (opts << props_to_s(@property_flush[:properties])) if @property_flush[:properties] - - self.class.request('image', 'set', opts) - @property_flush.clear - end - end - - private - - def props_to_s(props) - props.flat_map{ |k, v| ['--property', "#{k}=#{v}"] } - end -end diff --git a/glance/lib/puppet/provider/glance_registry_config/ini_setting.rb b/glance/lib/puppet/provider/glance_registry_config/ini_setting.rb deleted file mode 100644 index 8e9c54a71..000000000 --- a/glance/lib/puppet/provider/glance_registry_config/ini_setting.rb +++ /dev/null @@ -1,10 +0,0 @@ -Puppet::Type.type(:glance_registry_config).provide( - :ini_setting, - :parent => Puppet::Type.type(:openstack_config).provider(:ini_setting) -) do - - def self.file_path - '/etc/glance/glance-registry.conf' - end - -end diff --git a/glance/lib/puppet/provider/glance_registry_paste_ini/ini_setting.rb b/glance/lib/puppet/provider/glance_registry_paste_ini/ini_setting.rb deleted file mode 100644 index 619eaee2d..000000000 --- a/glance/lib/puppet/provider/glance_registry_paste_ini/ini_setting.rb +++ /dev/null @@ -1,10 +0,0 @@ -Puppet::Type.type(:glance_registry_paste_ini).provide( - :ini_setting, - :parent => Puppet::Type.type(:openstack_config).provider(:ini_setting) -) do - - def self.file_path - '/etc/glance/glance-registry-paste.ini' - end - -end diff --git a/glance/lib/puppet/provider/glance_swift_config/ini_setting.rb b/glance/lib/puppet/provider/glance_swift_config/ini_setting.rb deleted file mode 100644 index 9d2d7ece7..000000000 --- a/glance/lib/puppet/provider/glance_swift_config/ini_setting.rb +++ /dev/null @@ -1,10 +0,0 @@ -Puppet::Type.type(:glance_swift_config).provide( - :ini_setting, - :parent => Puppet::Type.type(:openstack_config).provider(:ini_setting) -) do - - def self.file_path - '/etc/glance/glance-swift.conf' - end - -end diff --git a/glance/lib/puppet/type/glance_api_config.rb b/glance/lib/puppet/type/glance_api_config.rb deleted file mode 100644 index 2a96e5c9a..000000000 --- a/glance/lib/puppet/type/glance_api_config.rb +++ /dev/null @@ -1,57 +0,0 @@ -Puppet::Type.newtype(:glance_api_config) do - - ensurable - - newparam(:name, :namevar => true) do - desc 'Section/setting name to manage from glance-api.conf' - newvalues(/\S+\/\S+/) - end - - newproperty(:value) do - desc 'The value of the setting to be defined.' - munge do |value| - value = value.to_s.strip - value.capitalize! if value =~ /^(true|false)$/i - value - end - newvalues(/^[\S ]*$/) - - def is_to_s( currentvalue ) - if resource.secret? - return '[old secret redacted]' - else - return currentvalue - end - end - - def should_to_s( newvalue ) - if resource.secret? - return '[new secret redacted]' - else - return newvalue - end - end - end - - newparam(:secret, :boolean => true) do - desc 'Whether to hide the value from Puppet logs. Defaults to `false`.' - - newvalues(:true, :false) - - defaultto false - end - - newparam(:ensure_absent_val) do - desc 'A value that is specified as the value property will behave as if ensure => absent was specified' - defaultto('') - end - - autorequire(:package) do - if Facter.value(:osfamily) == 'Debian' - 'glance-api' - elsif Facter.value(:osfamily) == 'RedHat' - 'openstack-glance' - end - end - -end diff --git a/glance/lib/puppet/type/glance_api_paste_ini.rb b/glance/lib/puppet/type/glance_api_paste_ini.rb deleted file mode 100644 index aefcca4f4..000000000 --- a/glance/lib/puppet/type/glance_api_paste_ini.rb +++ /dev/null @@ -1,56 +0,0 @@ -Puppet::Type.newtype(:glance_api_paste_ini) do - - ensurable - - newparam(:name, :namevar => true) do - desc 'Section/setting name to manage from glance-api-paste.ini' - newvalues(/\S+\/\S+/) - end - - newproperty(:value) do - desc 'The value of the setting to be defined.' - munge do |value| - value = value.to_s.strip - value.capitalize! if value =~ /^(true|false)$/i - value - end - - def is_to_s( currentvalue ) - if resource.secret? - return '[old secret redacted]' - else - return currentvalue - end - end - - def should_to_s( newvalue ) - if resource.secret? - return '[new secret redacted]' - else - return newvalue - end - end - end - - newparam(:secret, :boolean => true) do - desc 'Whether to hide the value from Puppet logs. Defaults to `false`.' - - newvalues(:true, :false) - - defaultto false - end - - newparam(:ensure_absent_val) do - desc 'A value that is specified as the value property will behave as if ensure => absent was specified' - defaultto('') - end - - autorequire(:package) do - if Facter.value(:osfamily) == 'Debian' - 'glance-api' - elsif Facter.value(:osfamily) == 'RedHat' - 'openstack-glance' - end - end - -end diff --git a/glance/lib/puppet/type/glance_cache_config.rb b/glance/lib/puppet/type/glance_cache_config.rb deleted file mode 100644 index 1ed4a3e1f..000000000 --- a/glance/lib/puppet/type/glance_cache_config.rb +++ /dev/null @@ -1,57 +0,0 @@ -Puppet::Type.newtype(:glance_cache_config) do - - ensurable - - newparam(:name, :namevar => true) do - desc 'Section/setting name to manage from glance-cache.conf' - newvalues(/\S+\/\S+/) - end - - newproperty(:value) do - desc 'The value of the setting to be defined.' - munge do |value| - value = value.to_s.strip - value.capitalize! if value =~ /^(true|false)$/i - value - end - newvalues(/^[\S ]*$/) - - def is_to_s( currentvalue ) - if resource.secret? - return '[old secret redacted]' - else - return currentvalue - end - end - - def should_to_s( newvalue ) - if resource.secret? - return '[new secret redacted]' - else - return newvalue - end - end - end - - newparam(:secret, :boolean => true) do - desc 'Whether to hide the value from Puppet logs. Defaults to `false`.' - - newvalues(:true, :false) - - defaultto false - end - - newparam(:ensure_absent_val) do - desc 'A value that is specified as the value property will behave as if ensure => absent was specified' - defaultto('') - end - - autorequire(:package) do - if Facter.value(:osfamily) == 'Debian' - 'glance-api' - elsif Facter.value(:osfamily) == 'RedHat' - 'openstack-glance' - end - end - -end diff --git a/glance/lib/puppet/type/glance_glare_config.rb b/glance/lib/puppet/type/glance_glare_config.rb deleted file mode 100644 index b4a1593d5..000000000 --- a/glance/lib/puppet/type/glance_glare_config.rb +++ /dev/null @@ -1,57 +0,0 @@ -Puppet::Type.newtype(:glance_glare_config) do - - ensurable - - newparam(:name, :namevar => true) do - desc 'Section/setting name to manage from glance-api.conf' - newvalues(/\S+\/\S+/) - end - - newproperty(:value) do - desc 'The value of the setting to be defined.' - munge do |value| - value = value.to_s.strip - value.capitalize! if value =~ /^(true|false)$/i - value - end - newvalues(/^[\S ]*$/) - - def is_to_s( currentvalue ) - if resource.secret? - return '[old secret redacted]' - else - return currentvalue - end - end - - def should_to_s( newvalue ) - if resource.secret? - return '[new secret redacted]' - else - return newvalue - end - end - end - - newparam(:secret, :boolean => true) do - desc 'Whether to hide the value from Puppet logs. Defaults to `false`.' - - newvalues(:true, :false) - - defaultto false - end - - newparam(:ensure_absent_val) do - desc 'A value that is specified as the value property will behave as if ensure => absent was specified' - defaultto('') - end - - autorequire(:package) do - if Facter.value(:osfamily) == 'Debian' - 'glance-glare' - elsif Facter.value(:osfamily) == 'RedHat' - 'openstack-glance' - end - end - -end diff --git a/glance/lib/puppet/type/glance_glare_paste_ini.rb b/glance/lib/puppet/type/glance_glare_paste_ini.rb deleted file mode 100644 index 8e96ead7f..000000000 --- a/glance/lib/puppet/type/glance_glare_paste_ini.rb +++ /dev/null @@ -1,56 +0,0 @@ -Puppet::Type.newtype(:glance_glare_paste_ini) do - - ensurable - - newparam(:name, :namevar => true) do - desc 'Section/setting name to manage from glance-glare-paste.ini' - newvalues(/\S+\/\S+/) - end - - newproperty(:value) do - desc 'The value of the setting to be defined.' - munge do |value| - value = value.to_s.strip - value.capitalize! if value =~ /^(true|false)$/i - value - end - - def is_to_s( currentvalue ) - if resource.secret? - return '[old secret redacted]' - else - return currentvalue - end - end - - def should_to_s( newvalue ) - if resource.secret? - return '[new secret redacted]' - else - return newvalue - end - end - end - - newparam(:secret, :boolean => true) do - desc 'Whether to hide the value from Puppet logs. Defaults to `false`.' - - newvalues(:true, :false) - - defaultto false - end - - newparam(:ensure_absent_val) do - desc 'A value that is specified as the value property will behave as if ensure => absent was specified' - defaultto('') - end - - autorequire(:package) do - if Facter.value(:osfamily) == 'Debian' - 'glance-glare' - elsif Facter.value(:osfamily) == 'RedHat' - 'openstack-glance' - end - end - -end diff --git a/glance/lib/puppet/type/glance_image.rb b/glance/lib/puppet/type/glance_image.rb deleted file mode 100644 index 26bb2ce8a..000000000 --- a/glance/lib/puppet/type/glance_image.rb +++ /dev/null @@ -1,111 +0,0 @@ -File.expand_path('../../../../openstacklib/lib', File.dirname(__FILE__)).tap { |dir| $LOAD_PATH.unshift(dir) unless $LOAD_PATH.include?(dir) } -Puppet::Type.newtype(:glance_image) do - desc <<-EOT - This allows manifests to declare an image to be - stored in glance. - - glance_image { "Ubuntu 12.04 cloudimg amd64": - ensure => present, - name => "Ubuntu 12.04 cloudimg amd64" - is_public => yes, - container_format => ovf, - disk_format => 'qcow2', - source => 'http://uec-images.ubuntu.com/releases/precise/release/ubuntu-12.04-server-cloudimg-amd64-disk1.img' - min_ram => 1234, - min_disk => 1234, - properties => { 'img_key' => img_value } - } - - Known problems / limitations: - * All images are managed by the glance service. - This means that since users are unable to manage their own images via this type, - is_public is really of no use. You can probably hide images this way but that's all. - * As glance image names do not have to be unique, you must ensure that your glance - repository does not have any duplicate names prior to using this. - * Ensure this is run on the same server as the glance-api service. - - EOT - - ensurable - - newparam(:name, :namevar => true) do - desc 'The image name' - newvalues(/.*/) - end - - newproperty(:id) do - desc 'The unique id of the image' - newvalues(/[0-9a-f]{8}-([0-9a-f]{4}-){3}[0-9a-f]{12}/) - end - - newparam(:location) do - desc "The permanent location of the image. Optional" - newvalues(/\S+/) - end - - newproperty(:is_public) do - desc "Whether the image is public or not. Default true" - newvalues(/(y|Y)es/, /(n|N)o/, /(t|T)rue/, /(f|F)alse/, true, false) - defaultto(true) - munge do |v| - if v =~ /^(y|Y)es$/ - :true - elsif v =~ /^(n|N)o$/ - :false - else - v.to_s.downcase.to_sym - end - end - end - - newproperty(:container_format) do - desc "The format of the container" - newvalues(:ami, :ari, :aki, :bare, :ovf) - end - - newproperty(:disk_format) do - desc "The format of the disk" - newvalues(:ami, :ari, :aki, :vhd, :vmd, :raw, :qcow2, :vdi, :iso) - end - - newparam(:source) do - desc "The source of the image to import from" - newvalues(/\S+/) - end - - newproperty(:min_ram) do - desc "The minimal ram size" - newvalues(/\d+/) - end - - newproperty(:min_disk) do - desc "The minimal disk size" - newvalues(/\d+/) - end - - newproperty(:properties) do - desc "The set of image properties" - - munge do |value| - return value if value.is_a? Hash - - # wrap property value in commas - value.gsub!(/=(\w+)/, '=\'\1\'') - Hash[value.scan(/(\S+)='([^']*)'/)] - end - - validate do |value| - return true if value.is_a? Hash - - value.split(',').each do |property| - raise ArgumentError, "Key/value pairs should be separated by an =" unless property.include?('=') - end - end - end - - # Require the Glance service to be running - autorequire(:service) do - ['glance-api', 'glance-registry'] - end - -end diff --git a/glance/lib/puppet/type/glance_registry_config.rb b/glance/lib/puppet/type/glance_registry_config.rb deleted file mode 100644 index a8e0b1edc..000000000 --- a/glance/lib/puppet/type/glance_registry_config.rb +++ /dev/null @@ -1,57 +0,0 @@ -Puppet::Type.newtype(:glance_registry_config) do - - ensurable - - newparam(:name, :namevar => true) do - desc 'Section/setting name to manage from glance-registry.conf' - newvalues(/\S+\/\S+/) - end - - newproperty(:value) do - desc 'The value of the setting to be defined.' - munge do |value| - value = value.to_s.strip - value.capitalize! if value =~ /^(true|false)$/i - value - end - newvalues(/^[\S ]*$/) - - def is_to_s( currentvalue ) - if resource.secret? - return '[old secret redacted]' - else - return currentvalue - end - end - - def should_to_s( newvalue ) - if resource.secret? - return '[new secret redacted]' - else - return newvalue - end - end - end - - newparam(:secret, :boolean => true) do - desc 'Whether to hide the value from Puppet logs. Defaults to `false`.' - - newvalues(:true, :false) - - defaultto false - end - - newparam(:ensure_absent_val) do - desc 'A value that is specified as the value property will behave as if ensure => absent was specified' - defaultto('') - end - - autorequire(:package) do - if Facter.value(:osfamily) == 'Debian' - 'glance-registry' - elsif Facter.value(:osfamily) == 'RedHat' - 'openstack-glance' - end - end - -end diff --git a/glance/lib/puppet/type/glance_registry_paste_ini.rb b/glance/lib/puppet/type/glance_registry_paste_ini.rb deleted file mode 100644 index 0c5b73c4c..000000000 --- a/glance/lib/puppet/type/glance_registry_paste_ini.rb +++ /dev/null @@ -1,56 +0,0 @@ -Puppet::Type.newtype(:glance_registry_paste_ini) do - - ensurable - - newparam(:name, :namevar => true) do - desc 'Section/setting name to manage from glance-registry-paste.ini' - newvalues(/\S+\/\S+/) - end - - newproperty(:value) do - desc 'The value of the setting to be defined.' - munge do |value| - value = value.to_s.strip - value.capitalize! if value =~ /^(true|false)$/i - value - end - - def is_to_s( currentvalue ) - if resource.secret? - return '[old secret redacted]' - else - return currentvalue - end - end - - def should_to_s( newvalue ) - if resource.secret? - return '[new secret redacted]' - else - return newvalue - end - end - end - - newparam(:secret, :boolean => true) do - desc 'Whether to hide the value from Puppet logs. Defaults to `false`.' - - newvalues(:true, :false) - - defaultto false - end - - newparam(:ensure_absent_val) do - desc 'A value that is specified as the value property will behave as if ensure => absent was specified' - defaultto('') - end - - autorequire(:package) do - if Facter.value(:osfamily) == 'Debian' - 'glance-registry' - elsif Facter.value(:osfamily) == 'RedHat' - 'openstack-glance' - end - end - -end diff --git a/glance/lib/puppet/type/glance_swift_config.rb b/glance/lib/puppet/type/glance_swift_config.rb deleted file mode 100644 index 592b22f78..000000000 --- a/glance/lib/puppet/type/glance_swift_config.rb +++ /dev/null @@ -1,57 +0,0 @@ -Puppet::Type.newtype(:glance_swift_config) do - - ensurable - - newparam(:name, :namevar => true) do - desc 'Section/setting name to manage from glance-api.conf' - newvalues(/\S+\/\S+/) - end - - newproperty(:value) do - desc 'The value of the setting to be defined.' - munge do |value| - value = value.to_s.strip - value.capitalize! if value =~ /^(true|false)$/i - value - end - newvalues(/^[\S ]*$/) - - def is_to_s( currentvalue ) - if resource.secret? - return '[old secret redacted]' - else - return currentvalue - end - end - - def should_to_s( newvalue ) - if resource.secret? - return '[new secret redacted]' - else - return newvalue - end - end - end - - newparam(:secret, :boolean => true) do - desc 'Whether to hide the value from Puppet logs. Defaults to `false`.' - - newvalues(:true, :false) - - defaultto false - end - - newparam(:ensure_absent_val) do - desc 'A value that is specified as the value property will behave as if ensure => absent was specified' - defaultto('') - end - - autorequire(:package) do - if Facter.value(:osfamily) == 'Debian' - 'glance-api' - elsif Facter.value(:osfamily) == 'RedHat' - 'openstack-glance' - end - end - -end diff --git a/glance/manifests/api.pp b/glance/manifests/api.pp deleted file mode 100644 index d20ae6a9b..000000000 --- a/glance/manifests/api.pp +++ /dev/null @@ -1,509 +0,0 @@ -# == Class glance::api -# -# Configure API service in glance -# -# == Parameters -# -# [*keystone_password*] -# (required) Password used to authentication. -# -# [*package_ensure*] -# (optional) Ensure state for package. On RedHat platforms this -# setting is ignored and the setting from the glance class is used -# because there is only one glance package. Defaults to 'present'. -# -# [*verbose*] -# (optional) Rather to log the glance api service at verbose level. -# Default: undef -# -# [*debug*] -# (optional) Rather to log the glance api service at debug level. -# Default: undef -# -# [*bind_host*] -# (optional) The address of the host to bind to. -# Default: 0.0.0.0 -# -# [*bind_port*] -# (optional) The port the server should bind to. -# Default: 9292 -# -# [*backlog*] -# (optional) Backlog requests when creating socket -# Default: 4096 -# -# [*workers*] -# (optional) Number of Glance API worker processes to start -# Default: $::processorcount -# -# [*log_file*] -# (optional) The path of file used for logging -# If set to boolean false, it will not log to any file. -# Default: undef -# -# [*log_dir*] -# (optional) directory to which glance logs are sent. -# If set to boolean false, it will not log to any directory. -# Defaults to undef -# -# [*registry_host*] -# (optional) The address used to connect to the registry service. -# Default: 0.0.0.0 -# -# [*registry_port*] -# (optional) The port of the Glance registry service. -# Default: 9191 -# -# [*registry_client_protocol*] -# (optional) The protocol of the Glance registry service. -# Default: http -# -# [*scrub_time*] -# (optional) The amount of time in seconds to delay before performing a delete. -# Defaults to $::os_service_default. -# -# [*delayed_delete*] -# (optional) Turn on/off delayed delete. -# Defaults to $::os_service_default. -# -# [*auth_type*] -# (optional) Type is authorization being used. -# Defaults to 'keystone' -# -# [*auth_region*] -# (optional) The region for the authentication service. -# If "use_user_token" is not in effect and using keystone auth, -# then region name can be specified. -# Defaults to $::os_service_default. -# -# [*auth_uri*] -# (optional) Complete public Identity API endpoint. -# Defaults to 'http://127.0.0.1:5000/'. -# -# [*identity_uri*] -# (optional) Complete admin Identity API endpoint. -# Defaults to 'http://127.0.0.1:35357/'. -# -# [*pipeline*] -# (optional) Partial name of a pipeline in your paste configuration file with the -# service name removed. -# Defaults to 'keystone'. -# -# [*keystone_tenant*] -# (optional) Tenant to authenticate to. -# Defaults to services. -# -# [*keystone_user*] -# (optional) User to authenticate as with keystone. -# Defaults to 'glance'. -# -# [*manage_service*] -# (optional) If Puppet should manage service startup / shutdown. -# Defaults to true. -# -# [*enabled*] -# (optional) Whether to enable services. -# Defaults to true. -# -# [*database_connection*] -# (optional) Connection url to connect to nova database. -# Defaults to undef -# -# [*database_idle_timeout*] -# (optional) Timeout before idle db connections are reaped. -# Defaults to undef -# -# [*database_max_retries*] -# (Optional) Maximum number of database connection retries during startup. -# Set to -1 to specify an infinite retry count. -# Defaults to undef. -# -# [*database_retry_interval*] -# (optional) Interval between retries of opening a database connection. -# Defaults to undef. -# -# [*database_min_pool_size*] -# (optional) Minimum number of SQL connections to keep open in a pool. -# Defaults to undef. -# -# [*database_max_pool_size*] -# (optional) Maximum number of SQL connections to keep open in a pool. -# Defaults to undef. -# -# [*database_max_overflow*] -# (optional) If set, use this value for max_overflow with sqlalchemy. -# Defaults to undef. -# -# [*image_cache_max_size*] -# (optional) The upper limit (the maximum size of accumulated cache in bytes) beyond which pruner, -# if running, starts cleaning the images cache. -# Defaults to $::os_service_default. -# -# [*image_cache_stall_time*] -# (optional) The amount of time to let an image remain in the cache without being accessed. -# Defaults to $::os_service_default. -# -# [*use_syslog*] -# (optional) Use syslog for logging. -# Defaults to undef -# -# [*use_stderr*] -# (optional) Use stderr for logging -# Defaults to undef -# -# [*log_facility*] -# (optional) Syslog facility to receive log lines. -# Defaults to undef -# -# [*show_image_direct_url*] -# (optional) Expose image location to trusted clients. -# Defaults to false. -# -# [*show_multiple_locations*] -# (optional) Whether to include the backend image locations in image -# properties. -# Defaults to $::os_service_default. -# -# [*location_strategy*] -# (optional) Strategy used to determine the image location order. -# Defaults to $::os_service_default. -# -# [*purge_config*] -# (optional) Whether to set only the specified config options -# in the api config. -# Defaults to false. -# -# [*cert_file*] -# (optinal) Certificate file to use when starting API server securely -# Defaults to $::os_service_default -# -# [*key_file*] -# (optional) Private key file to use when starting API server securely -# Defaults to $::os_service_default -# -# [*ca_file*] -# (optional) CA certificate file to use to verify connecting clients -# Defaults to $::os_service_default -# -# [*registry_client_cert_file*] -# (optinal) The path to the cert file to use in SSL connections to the -# registry server. -# Defaults to $::os_service_default -# -# [*registry_client_key_file*] -# (optinal) The path to the private key file to use in SSL connections to the -# registry server. -# Defaults to $::os_service_default -# -# [*registry_client_ca_file*] -# (optinal) The path to the CA certificate file to use in SSL connections to the -# registry server. -# Defaults to $::os_service_default -# -# [*stores*] -# (optional) List of which store classes and store class locations are -# currently known to glance at startup. -# Defaults to false. -# Example: ['file','http'] -# -# [*default_store*] -# (optional) The default backend store, should be given as a string. Value -# must be provided if more than one store is listed in 'stores'. -# Defaults to undef -# -# [*multi_store*] -# (optional) Boolean describing if multiple backends will be configured -# Defaults to false -# -# [*image_cache_dir*] -# (optional) Base directory that the Image Cache uses. -# Defaults to '/var/lib/glance/image-cache'. -# -# [*os_region_name*] -# (optional) Sets the keystone region to use. -# Defaults to 'RegionOne'. -# -# [*signing_dir*] -# (optional) Directory used to cache files related to PKI tokens. -# Defaults to $::os_service_default. -# -# [*memcached_servers*] -# (optinal) a list of memcached server(s) to use for caching. If left undefined, -# tokens will instead be cached in-process. -# Defaults to $::os_service_default. -# -# [*token_cache_time*] -# (optional) In order to prevent excessive effort spent validating tokens, -# the middleware caches previously-seen tokens for a configurable duration (in seconds). -# Set to -1 to disable caching completely. -# Defaults to $::os_service_default. -# -# [*validate*] -# (optional) Whether to validate the service is working after any service refreshes -# Defaults to false -# -# [*validation_options*] -# (optional) Service validation options -# Should be a hash of options defined in openstacklib::service_validation -# If empty, defaults values are taken from openstacklib function. -# Default command list images. -# Require validate set at True. -# Example: -# glance::api::validation_options: -# glance-api: -# command: check_glance-api.py -# path: /usr/bin:/bin:/usr/sbin:/sbin -# provider: shell -# tries: 5 -# try_sleep: 10 -# Defaults to {} -# -# === deprecated parameters: -# -# [*known_stores*] -# (optional) DEPRECATED List of which store classes and store class -# locations are currently known to glance at startup. This parameter -# should be removed in the N release. -# Defaults to false. -# Example: ['file','http'] -# -class glance::api( - $keystone_password, - $package_ensure = 'present', - $verbose = undef, - $debug = undef, - $bind_host = '0.0.0.0', - $bind_port = '9292', - $backlog = '4096', - $workers = $::processorcount, - $log_file = undef, - $log_dir = undef, - $registry_host = '0.0.0.0', - $registry_port = '9191', - $registry_client_protocol = 'http', - $scrub_time = $::os_service_default, - $delayed_delete = $::os_service_default, - $auth_type = 'keystone', - $auth_region = $::os_service_default, - $auth_uri = 'http://127.0.0.1:5000/', - $identity_uri = 'http://127.0.0.1:35357/', - $memcached_servers = $::os_service_default, - $pipeline = 'keystone', - $keystone_tenant = 'services', - $keystone_user = 'glance', - $manage_service = true, - $enabled = true, - $use_syslog = undef, - $use_stderr = undef, - $log_facility = undef, - $show_image_direct_url = false, - $show_multiple_locations = $::os_service_default, - $location_strategy = $::os_service_default, - $purge_config = false, - $cert_file = $::os_service_default, - $key_file = $::os_service_default, - $ca_file = $::os_service_default, - $registry_client_cert_file = $::os_service_default, - $registry_client_key_file = $::os_service_default, - $registry_client_ca_file = $::os_service_default, - $stores = false, - $default_store = undef, - $multi_store = false, - $database_connection = undef, - $database_idle_timeout = undef, - $database_min_pool_size = undef, - $database_max_pool_size = undef, - $database_max_retries = undef, - $database_retry_interval = undef, - $database_max_overflow = undef, - $image_cache_max_size = $::os_service_default, - $image_cache_stall_time = $::os_service_default, - $image_cache_dir = '/var/lib/glance/image-cache', - $os_region_name = 'RegionOne', - $signing_dir = $::os_service_default, - $token_cache_time = $::os_service_default, - $validate = false, - $validation_options = {}, - # DEPRECATED PARAMETERS - $known_stores = false, -) inherits glance { - - include ::glance::policy - include ::glance::api::db - include ::glance::api::logging - include ::glance::cache::logging - - if ( $glance::params::api_package_name != $glance::params::registry_package_name ) { - ensure_packages('glance-api', - { - ensure => $package_ensure, - tag => ['openstack', 'glance-package'], - } - ) - } - - Package[$glance::params::api_package_name] -> Class['glance::policy'] - - # adding all of this stuff b/c it devstack says glance-api uses the - # db now - Glance_api_config<||> ~> Service['glance-api'] - Glance_cache_config<||> ~> Service['glance-api'] - Class['glance::policy'] ~> Service['glance-api'] - Service['glance-api'] ~> Glance_image<||> - - # basic service config - glance_api_config { - 'DEFAULT/bind_host': value => $bind_host; - 'DEFAULT/bind_port': value => $bind_port; - 'DEFAULT/backlog': value => $backlog; - 'DEFAULT/workers': value => $workers; - 'DEFAULT/show_image_direct_url': value => $show_image_direct_url; - 'DEFAULT/show_multiple_locations': value => $show_multiple_locations; - 'DEFAULT/location_strategy': value => $location_strategy; - 'DEFAULT/scrub_time': value => $scrub_time; - 'DEFAULT/delayed_delete': value => $delayed_delete; - 'DEFAULT/image_cache_dir': value => $image_cache_dir; - 'DEFAULT/auth_region': value => $auth_region; - 'glance_store/os_region_name': value => $os_region_name; - } - - # stores config - if $stores and $known_stores { - fail('known_stores and stores cannot both be assigned values') - } elsif $stores { - $stores_real = $stores - } elsif $known_stores { - warning('The known_stores parameter is deprecated, use stores instead') - $stores_real = $known_stores - } - if $default_store { - $default_store_real = $default_store - } - # determine value for glance_store/stores - if !empty($stores_real) { - if size(any2array($stores_real)) > 1 { - $final_stores_real = join($stores_real, ',') - } else { - $final_stores_real = $stores_real[0] - } - if !$default_store_real { - # set default store based on provided stores when it isn't explicitly set - warning("default_store not provided, it will be automatically set to ${stores_real[0]}") - $default_store_real = $stores_real[0] - } - } elsif $default_store_real { - # set stores based on default_store if only default_store is provided - $final_stores_real = $default_store - } else { - warning('Glance-api is being provisioned without any stores configured') - } - - if $default_store_real and $multi_store { - glance_api_config { - 'glance_store/default_store': value => $default_store_real; - } - } elsif $multi_store { - glance_api_config { - 'glance_store/default_store': ensure => absent; - } - } - - if $final_stores_real { - glance_api_config { - 'glance_store/stores': value => $final_stores_real; - } - } else { - glance_api_config { - 'glance_store/stores': ensure => absent; - } - } - - glance_cache_config { - 'DEFAULT/image_cache_stall_time': value => $image_cache_stall_time; - 'DEFAULT/image_cache_max_size': value => $image_cache_max_size; - 'glance_store/os_region_name': value => $os_region_name; - } - - $registry_host_real = normalize_ip_for_uri($registry_host) - # configure api service to connect registry service - glance_api_config { - 'DEFAULT/registry_host': value => $registry_host_real; - 'DEFAULT/registry_port': value => $registry_port; - 'DEFAULT/registry_client_protocol': value => $registry_client_protocol; - } - - glance_cache_config { - 'DEFAULT/registry_host': value => $registry_host; - 'DEFAULT/registry_port': value => $registry_port; - } - - # Set the pipeline, it is allowed to be blank - if $pipeline != '' { - validate_re($pipeline, '^(\w+([+]\w+)*)*$') - glance_api_config { - 'paste_deploy/flavor': - ensure => present, - value => $pipeline, - } - } else { - glance_api_config { 'paste_deploy/flavor': ensure => absent } - } - - # keystone config - if $auth_type == 'keystone' { - glance_api_config { - 'keystone_authtoken/admin_tenant_name': value => $keystone_tenant; - 'keystone_authtoken/admin_user': value => $keystone_user; - 'keystone_authtoken/admin_password': value => $keystone_password, secret => true; - 'keystone_authtoken/token_cache_time': value => $token_cache_time; - 'keystone_authtoken/signing_dir': value => $signing_dir; - 'keystone_authtoken/auth_uri': value => $auth_uri; - 'keystone_authtoken/identity_uri': value => $identity_uri; - 'keystone_authtoken/memcached_servers': value => join(any2array($memcached_servers), ','); - } - glance_cache_config { - 'DEFAULT/auth_url' : value => $auth_uri; - 'DEFAULT/admin_tenant_name': value => $keystone_tenant; - 'DEFAULT/admin_user' : value => $keystone_user; - 'DEFAULT/admin_password' : value => $keystone_password, secret => true; - } - } - - # SSL Options - glance_api_config { - 'DEFAULT/cert_file': value => $cert_file; - 'DEFAULT/key_file' : value => $key_file; - 'DEFAULT/ca_file' : value => $ca_file; - 'DEFAULT/registry_client_ca_file': value => $registry_client_ca_file; - 'DEFAULT/registry_client_cert_file': value => $registry_client_cert_file; - 'DEFAULT/registry_client_key_file': value => $registry_client_key_file; - } - - if $manage_service { - if $enabled { - $service_ensure = 'running' - } else { - $service_ensure = 'stopped' - } - } - - service { 'glance-api': - ensure => $service_ensure, - name => $::glance::params::api_service_name, - enable => $enabled, - hasstatus => true, - hasrestart => true, - tag => 'glance-service', - } - - if $validate { - $defaults = { - 'glance-api' => { - 'command' => "glance --os-auth-url ${auth_uri} --os-tenant-name ${keystone_tenant} --os-username ${keystone_user} --os-password ${keystone_password} image-list", - } - } - $validation_options_hash = merge ($defaults, $validation_options) - create_resources('openstacklib::service_validation', $validation_options_hash, {'subscribe' => 'Service[glance-api]'}) - } - -} diff --git a/glance/manifests/api/db.pp b/glance/manifests/api/db.pp deleted file mode 100644 index 69a8ffa36..000000000 --- a/glance/manifests/api/db.pp +++ /dev/null @@ -1,101 +0,0 @@ -# == Class: glance::api::db -# -# Configure the Glance database -# -# === Parameters -# -# [*database_connection*] -# Url used to connect to database. -# (Optional) Defaults to 'sqlite:///var/lib/glance/glance.sqlite'. -# -# [*database_idle_timeout*] -# Timeout when db connections should be reaped. -# (Optional) Defaults to $::os_service_default. -# -# [*database_min_pool_size*] -# Minimum number of SQL connections to keep open in a pool. -# (Optional) Defaults to $::os_service_default. -# -# [*database_max_pool_size*] -# Maximum number of SQL connections to keep open in a pool. -# (Optional) Defaults to $::os_service_default. -# -# [*database_max_retries*] -# Maximum db connection retries during startup. -# Setting -1 implies an infinite retry count. -# (Optional) Defaults to $::os_service_default. -# -# [*database_retry_interval*] -# Interval between retries of opening a sql connection. -# (Optional) Defaults to $::os_service_default. -# -# [*database_max_overflow*] -# If set, use this value for max_overflow with sqlalchemy. -# (Optional) Defaults to $::os_service_default. -# -class glance::api::db ( - $database_connection = 'sqlite:///var/lib/glance/glance.sqlite', - $database_idle_timeout = $::os_service_default, - $database_min_pool_size = $::os_service_default, - $database_max_pool_size = $::os_service_default, - $database_max_retries = $::os_service_default, - $database_retry_interval = $::os_service_default, - $database_max_overflow = $::os_service_default, -) { - - include ::glance::params - - # NOTE(degorenko): In order to keep backward compatibility we rely on the pick function - # to use glance::api:: if glance::api::db:: isn't specified. - $database_connection_real = pick($::glance::api::database_connection, $database_connection) - $database_idle_timeout_real = pick($::glance::api::database_idle_timeout, $database_idle_timeout) - $database_min_pool_size_real = pick($::glance::api::database_min_pool_size, $database_min_pool_size) - $database_max_pool_size_real = pick($::glance::api::database_max_pool_size, $database_max_pool_size) - $database_max_retries_real = pick($::glance::api::database_max_retries, $database_max_retries) - $database_retry_interval_real = pick($::glance::api::database_retry_interval, $database_retry_interval) - $database_max_overflow_real = pick($::glance::api::database_max_overflow, $database_max_overflow) - - validate_re($database_connection_real, - '^(sqlite|mysql(\+pymysql)?|postgresql):\/\/(\S+:\S+@\S+\/\S+)?') - - case $database_connection_real { - /^mysql(\+pymysql)?:\/\//: { - require 'mysql::bindings' - require 'mysql::bindings::python' - if $database_connection_real =~ /^mysql\+pymysql/ { - $backend_package = $::glance::params::pymysql_package_name - } else { - $backend_package = false - } - } - /^postgresql:\/\//: { - $backend_package = false - require 'postgresql::lib::python' - } - /^sqlite:\/\//: { - $backend_package = $::glance::params::sqlite_package_name - } - default: { - fail('Unsupported backend configured') - } - } - - if $backend_package and !defined(Package[$backend_package]) { - package {'glance-backend-package': - ensure => present, - name => $backend_package, - tag => 'openstack', - } - } - - glance_api_config { - 'database/connection': value => $database_connection_real, secret => true; - 'database/idle_timeout': value => $database_idle_timeout_real; - 'database/min_pool_size': value => $database_min_pool_size_real; - 'database/max_retries': value => $database_max_retries_real; - 'database/retry_interval': value => $database_retry_interval_real; - 'database/max_pool_size': value => $database_max_pool_size_real; - 'database/max_overflow': value => $database_max_overflow_real; - } - -} diff --git a/glance/manifests/api/logging.pp b/glance/manifests/api/logging.pp deleted file mode 100644 index d982ca673..000000000 --- a/glance/manifests/api/logging.pp +++ /dev/null @@ -1,264 +0,0 @@ -# Class glance::api::logging -# -# glance-api logging configuration -# -# == parameters -# -# [*verbose*] -# (Optional) Should the daemons log verbose messages -# Defaults to 'false' -# -# [*debug*] -# (Optional) Should the daemons log debug messages -# Defaults to 'false' -# -# [*use_syslog*] -# (Optional) Use syslog for logging. -# Defaults to 'false' -# -# [*use_stderr*] -# (optional) Use stderr for logging -# Defaults to 'true' -# -# [*log_facility*] -# (Optional) Syslog facility to receive log lines. -# Defaults to 'LOG_USER' -# -# [*log_dir*] -# (optional) Directory where logs should be stored. -# If set to boolean false, it will not log to any directory. -# Defaults to '/var/log/glance' -# -# [*log_file*] -# (optional) File where logs should be stored. -# Defaults to '/var/log/glance/api.log' -# -# [*logging_context_format_string*] -# (optional) Format string to use for log messages with context. -# Defaults to undef. -# Example: '%(asctime)s.%(msecs)03d %(process)d %(levelname)s %(name)s\ -# [%(request_id)s %(user_identity)s] %(instance)s%(message)s' -# -# [*logging_default_format_string*] -# (optional) Format string to use for log messages without context. -# Defaults to undef. -# Example: '%(asctime)s.%(msecs)03d %(process)d %(levelname)s %(name)s\ -# [-] %(instance)s%(message)s' -# -# [*logging_debug_format_suffix*] -# (optional) Formatted data to append to log format when level is DEBUG. -# Defaults to undef. -# Example: '%(funcName)s %(pathname)s:%(lineno)d' -# -# [*logging_exception_prefix*] -# (optional) Prefix each line of exception output with this format. -# Defaults to undef. -# Example: '%(asctime)s.%(msecs)03d %(process)d TRACE %(name)s %(instance)s' -# -# [*log_config_append*] -# The name of an additional logging configuration file. -# Defaults to undef. -# See https://docs.python.org/2/howto/logging.html -# -# [*default_log_levels*] -# (optional) Hash of logger (keys) and level (values) pairs. -# Defaults to undef. -# Example: -# { 'amqp' => 'WARN', 'amqplib' => 'WARN', 'boto' => 'WARN', -# 'qpid' => 'WARN', 'sqlalchemy' => 'WARN', 'suds' => 'INFO', -# 'iso8601' => 'WARN', -# 'requests.packages.urllib3.connectionpool' => 'WARN' } -# -# [*publish_errors*] -# (optional) Publish error events (boolean value). -# Defaults to undef (false if unconfigured). -# -# [*fatal_deprecations*] -# (optional) Make deprecations fatal (boolean value) -# Defaults to undef (false if unconfigured). -# -# [*instance_format*] -# (optional) If an instance is passed with the log message, format it -# like this (string value). -# Defaults to undef. -# Example: '[instance: %(uuid)s] ' -# -# [*instance_uuid_format*] -# (optional) If an instance UUID is passed with the log message, format -# it like this (string value). -# Defaults to undef. -# Example: instance_uuid_format='[instance: %(uuid)s] ' -# -# [*log_date_format*] -# (optional) Format string for %%(asctime)s in log records. -# Defaults to undef. -# Example: 'Y-%m-%d %H:%M:%S' - -class glance::api::logging( - $use_syslog = false, - $use_stderr = true, - $log_facility = 'LOG_USER', - $log_dir = '/var/log/glance', - $log_file = '/var/log/glance/api.log', - $verbose = false, - $debug = false, - $logging_context_format_string = undef, - $logging_default_format_string = undef, - $logging_debug_format_suffix = undef, - $logging_exception_prefix = undef, - $log_config_append = undef, - $default_log_levels = undef, - $publish_errors = undef, - $fatal_deprecations = undef, - $instance_format = undef, - $instance_uuid_format = undef, - $log_date_format = undef, -) { - - # NOTE(spredzy): In order to keep backward compatibility we rely on the pick function - # to use glance:: first then glance::logging::. - $use_syslog_real = pick($::glance::api::use_syslog,$use_syslog) - $use_stderr_real = pick($::glance::api::use_stderr,$use_stderr) - $log_facility_real = pick($::glance::api::log_facility,$log_facility) - $log_dir_real = pick($::glance::api::log_dir,$log_dir) - $log_file_real = pick($::glance::api::log_file,$log_file) - $verbose_real = pick($::glance::api::verbose,$verbose) - $debug_real = pick($::glance::api::debug,$debug) - - glance_api_config { - 'DEFAULT/debug' : value => $debug_real; - 'DEFAULT/verbose' : value => $verbose_real; - 'DEFAULT/use_stderr' : value => $use_stderr_real; - 'DEFAULT/use_syslog' : value => $use_syslog_real; - 'DEFAULT/log_dir' : value => $log_dir_real; - 'DEFAULT/log_file' : value => $log_file_real; - 'DEFAULT/syslog_log_facility': value => $log_facility_real; - } - - if $logging_context_format_string { - glance_api_config { - 'DEFAULT/logging_context_format_string' : - value => $logging_context_format_string; - } - } - else { - glance_api_config { - 'DEFAULT/logging_context_format_string' : ensure => absent; - } - } - - if $logging_default_format_string { - glance_api_config { - 'DEFAULT/logging_default_format_string' : - value => $logging_default_format_string; - } - } - else { - glance_api_config { - 'DEFAULT/logging_default_format_string' : ensure => absent; - } - } - - if $logging_debug_format_suffix { - glance_api_config { - 'DEFAULT/logging_debug_format_suffix' : - value => $logging_debug_format_suffix; - } - } - else { - glance_api_config { - 'DEFAULT/logging_debug_format_suffix' : ensure => absent; - } - } - - if $logging_exception_prefix { - glance_api_config { - 'DEFAULT/logging_exception_prefix' : value => $logging_exception_prefix; - } - } - else { - glance_api_config { - 'DEFAULT/logging_exception_prefix' : ensure => absent; - } - } - - if $log_config_append { - glance_api_config { - 'DEFAULT/log_config_append' : value => $log_config_append; - } - } - else { - glance_api_config { - 'DEFAULT/log_config_append' : ensure => absent; - } - } - - if $default_log_levels { - glance_api_config { - 'DEFAULT/default_log_levels' : - value => join(sort(join_keys_to_values($default_log_levels, '=')), ','); - } - } - else { - glance_api_config { - 'DEFAULT/default_log_levels' : ensure => absent; - } - } - - if $publish_errors { - glance_api_config { - 'DEFAULT/publish_errors' : value => $publish_errors; - } - } - else { - glance_api_config { - 'DEFAULT/publish_errors' : ensure => absent; - } - } - - if $fatal_deprecations { - glance_api_config { - 'DEFAULT/fatal_deprecations' : value => $fatal_deprecations; - } - } - else { - glance_api_config { - 'DEFAULT/fatal_deprecations' : ensure => absent; - } - } - - if $instance_format { - glance_api_config { - 'DEFAULT/instance_format' : value => $instance_format; - } - } - else { - glance_api_config { - 'DEFAULT/instance_format' : ensure => absent; - } - } - - if $instance_uuid_format { - glance_api_config { - 'DEFAULT/instance_uuid_format' : value => $instance_uuid_format; - } - } - else { - glance_api_config { - 'DEFAULT/instance_uuid_format' : ensure => absent; - } - } - - if $log_date_format { - glance_api_config { - 'DEFAULT/log_date_format' : value => $log_date_format; - } - } - else { - glance_api_config { - 'DEFAULT/log_date_format' : ensure => absent; - } - } - - -} diff --git a/glance/manifests/backend/cinder.pp b/glance/manifests/backend/cinder.pp deleted file mode 100644 index d2ed2f88f..000000000 --- a/glance/manifests/backend/cinder.pp +++ /dev/null @@ -1,133 +0,0 @@ -# -# Copyright (C) 2013 eNovance SAS -# -# Author: Emilien Macchi -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. You may obtain -# a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the -# License for the specific language governing permissions and limitations -# under the License. -# -# == Class: glance::backend::cinder -# -# Setup Glance to backend images into Cinder -# -# === Parameters -# -# [*cinder_catalog_info*] -# (optional) Info to match when looking for cinder in the service catalog. -# Format is : separated values of the form: -# :: (string value) -# Defaults to 'volume:cinder:publicURL' -# -# [*cinder_endpoint_template*] -# (optional) Override service catalog lookup with template for cinder endpoint. -# Should be a valid URL. Example: 'http://localhost:8776/v1/%(project_id)s' -# Defaults to 'undef' -# -# [*os_region_name*] -# (optional) The os_region_name parameter is deprecated and has no effect. -# Use glance::api::os_region_name instead. -# Defaults to 'undef' -# -# [*cinder_ca_certificates_file*] -# (optional) Location of ca certicate file to use for cinder client requests. -# Should be a valid ca certicate file -# Defaults to undef -# -# [*cinder_http_retries*] -# (optional) Number of cinderclient retries on failed http calls. -# Should be a valid integer -# Defaults to '3' -# -# [*cinder_api_insecure*] -# (optional) Allow to perform insecure SSL requests to cinder. -# Should be a valid boolean value -# Defaults to false -# -# [*multi_store*] -# (optional) Boolean describing if multiple backends will be configured -# Defaults to false -# -# [*glare_enabled*] -# (optional) Whether enabled Glance Glare API. -# Defaults to false -# -class glance::backend::cinder( - $os_region_name = undef, - $cinder_ca_certificates_file = undef, - $cinder_api_insecure = false, - $cinder_catalog_info = 'volume:cinder:publicURL', - $cinder_endpoint_template = undef, - $cinder_http_retries = '3', - $multi_store = false, - $glare_enabled = false, -) { - - if $os_region_name { - notice('The os_region_name parameter is deprecated and has no effect. Use glance::api::os_region_name instead.') - } - - glance_api_config { - 'glance_store/cinder_api_insecure': value => $cinder_api_insecure; - 'glance_store/cinder_catalog_info': value => $cinder_catalog_info; - 'glance_store/cinder_http_retries': value => $cinder_http_retries; - } - - if !$multi_store { - glance_api_config { 'glance_store/default_store': value => 'cinder'; } - if $glare_enabled { - glance_glare_config { 'glance_store/default_store': value => 'cinder'; } - } - } - - glance_cache_config { - 'glance_store/cinder_api_insecure': value => $cinder_api_insecure; - 'glance_store/cinder_catalog_info': value => $cinder_catalog_info; - 'glance_store/cinder_http_retries': value => $cinder_http_retries; - } - - if $glare_enabled { - glance_glare_config { - 'glance_store/cinder_api_insecure': value => $cinder_api_insecure; - 'glance_store/cinder_catalog_info': value => $cinder_catalog_info; - 'glance_store/cinder_http_retries': value => $cinder_http_retries; - } - } - - if $cinder_endpoint_template { - glance_api_config { 'glance_store/cinder_endpoint_template': value => $cinder_endpoint_template; } - glance_cache_config { 'glance_store/cinder_endpoint_template': value => $cinder_endpoint_template; } - if $glare_enabled { - glance_glare_config { 'glance_store/cinder_endpoint_template': value => $cinder_endpoint_template; } - } - } else { - glance_api_config { 'glance_store/cinder_endpoint_template': ensure => absent; } - glance_cache_config { 'glance_store/cinder_endpoint_template': ensure => absent; } - if $glare_enabled { - glance_glare_config { 'glance_store/cinder_endpoint_template': ensure => absent; } - } - } - - if $cinder_ca_certificates_file { - glance_api_config { 'glance_store/cinder_ca_certificates_file': value => $cinder_ca_certificates_file; } - glance_cache_config { 'glance_store/cinder_ca_certificates_file': value => $cinder_ca_certificates_file; } - if $glare_enabled { - glance_glare_config { 'glance_store/cinder_ca_certificates_file': value => $cinder_ca_certificates_file; } - } - } else { - glance_api_config { 'glance_store/cinder_ca_certificates_file': ensure => absent; } - glance_cache_config { 'glance_store/cinder_ca_certificates_file': ensure => absent; } - if $glare_enabled { - glance_glare_config { 'glance_store/cinder_ca_certificates_file': ensure => absent; } - } - } - -} diff --git a/glance/manifests/backend/file.pp b/glance/manifests/backend/file.pp deleted file mode 100644 index a251666e4..000000000 --- a/glance/manifests/backend/file.pp +++ /dev/null @@ -1,48 +0,0 @@ -# === class: glance::backend::file -# -# used to configure file backends for glance -# -# === parameters: -# -# [*filesystem_store_datadir*] -# Location where dist images are stored when -# default_store == file. -# Optional. Default: /var/lib/glance/images/ -# -# [*multi_store*] -# (optional) Boolean describing if multiple backends will be configured -# Defaults to false -# -# [*glare_enabled*] -# (optional) Whether enabled Glance Glare API. -# Defaults to false -# -class glance::backend::file( - $filesystem_store_datadir = '/var/lib/glance/images/', - $multi_store = false, - $glare_enabled = false, -) { - - glance_api_config { - 'glance_store/filesystem_store_datadir': value => $filesystem_store_datadir; - } - - if $glare_enabled { - glance_glare_config { - 'glance_store/filesystem_store_datadir': value => $filesystem_store_datadir; - } - } - - if !$multi_store { - glance_api_config { 'glance_store/default_store': value => 'file'; } - if $glare_enabled { - glance_glare_config { - 'glance_store/default_store': value => 'file'; - } - } - } - - glance_cache_config { - 'glance_store/filesystem_store_datadir': value => $filesystem_store_datadir; - } -} diff --git a/glance/manifests/backend/rbd.pp b/glance/manifests/backend/rbd.pp deleted file mode 100644 index 1f6e13f98..000000000 --- a/glance/manifests/backend/rbd.pp +++ /dev/null @@ -1,89 +0,0 @@ -# == class: glance::backend::rbd -# -# configures the storage backend for glance -# as a rbd instance -# -# === parameters: -# -# [*rbd_store_user*] -# Optional. -# -# [*rbd_store_pool*] -# Optional. Default:'images' -# -# [*rbd_store_ceph_conf*] -# Optional. Default:'/etc/ceph/ceph.conf' -# -# [*rbd_store_chunk_size*] -# Optional. Default:'8' -# -# [*show_image_direct_url*] -# Optional. Enables direct COW from glance to rbd -# DEPRECATED, use show_image_direct_url in glance::api -# -# [*package_ensure*] -# (optional) Desired ensure state of packages. -# accepts latest or specific versions. -# Defaults to present. -# -# [*rados_connect_timeout*] -# Optinal. Timeout value (in seconds) used when connecting -# to ceph cluster. If value <= 0, no timeout is set and -# default librados value is used. -# -# [*multi_store*] -# (optional) Boolean describing if multiple backends will be configured -# Defaults to false -# -# [*glare_enabled*] -# (optional) Whether enabled Glance Glare API. -# Defaults to false -# -class glance::backend::rbd( - $rbd_store_user = undef, - $rbd_store_ceph_conf = '/etc/ceph/ceph.conf', - $rbd_store_pool = 'images', - $rbd_store_chunk_size = '8', - $show_image_direct_url = undef, - $package_ensure = 'present', - $rados_connect_timeout = '0', - $multi_store = false, - $glare_enabled = false, -) { - include ::glance::params - - if $show_image_direct_url { - notice('parameter show_image_direct_url is deprecated, use parameter in glance::api') - } - - glance_api_config { - 'glance_store/rbd_store_ceph_conf': value => $rbd_store_ceph_conf; - 'glance_store/rbd_store_user': value => $rbd_store_user; - 'glance_store/rbd_store_pool': value => $rbd_store_pool; - 'glance_store/rbd_store_chunk_size': value => $rbd_store_chunk_size; - 'glance_store/rados_connect_timeout': value => $rados_connect_timeout; - } - - if $glare_enabled { - glance_glare_config { - 'glance_store/rbd_store_ceph_conf': value => $rbd_store_ceph_conf; - 'glance_store/rbd_store_user': value => $rbd_store_user; - 'glance_store/rbd_store_pool': value => $rbd_store_pool; - 'glance_store/rbd_store_chunk_size': value => $rbd_store_chunk_size; - 'glance_store/rados_connect_timeout': value => $rados_connect_timeout; - } - } - - if !$multi_store { - glance_api_config { 'glance_store/default_store': value => 'rbd'; } - if $glare_enabled { - glance_glare_config { 'glance_store/default_store': value => 'rbd'; } - } - } - - package { 'python-ceph': - ensure => $package_ensure, - name => $::glance::params::pyceph_package_name, - } - -} diff --git a/glance/manifests/backend/s3.pp b/glance/manifests/backend/s3.pp deleted file mode 100644 index 2a175ca39..000000000 --- a/glance/manifests/backend/s3.pp +++ /dev/null @@ -1,137 +0,0 @@ -# == class: glance::backend::s3 -# -# configures the storage backend for glance -# as a s3 instance -# -# === parameters: -# -# [*access_key*] -# (Required) The S3 query token access key. -# -# [*secret_key*] -# (Required) The S3 query token secret key. -# -# [*host*] -# (Required) The host where the S3 server is listening. -# -# [*bucket*] -# (Required) The S3 bucket to be used to store the Glance data. -# -# [*bucket_url_format*] -# (Optional) The S3 calling format used to determine the bucket. Either -# 'subdomain' or 'path' can be used. -# Default: 'subdomain' -# -# [*create_bucket_on_put*] -# (Optional) A boolean to determine if the S3 bucket should be created on -# upload if it does not exist or if an error should be returned to the user. -# Default: False -# -# [*large_object_size*] -# (Optional) What size, in MB, should S3 start chunking image files and do a -# multipart upload in S3. -# Default: 100 -# -# [*large_object_chunk_size*] -# (Optional) What multipart upload part size, in MB, should S3 use when -# uploading parts. The size must be greater than or equal to 5M. -# Default: 10 -# -# [*object_buffer_dir*] -# (Optional) The local directory where uploads will be staged before they are -# transferred into S3. -# Default: undef -# -# [*thread_pools*] -# (Optional) The number of thread pools to perform a multipart upload in S3. -# Default: 10 -# -# [*multi_store*] -# (optional) Boolean describing if multiple backends will be configured -# Defaults to false -# -# [*glare_enabled*] -# (optional) Whether enabled Glance Glare API. -# Defaults to false -# -# === deprecated parameters: -# -# [*default_store*] -# (Optional) DEPRECATED Whether to set S3 as the default backend store. -# Default: undef -# -class glance::backend::s3( - $access_key, - $secret_key, - $host, - $bucket, - $bucket_url_format = 'subdomain', - $create_bucket_on_put = false, - $large_object_size = 100, - $large_object_chunk_size = 10, - $object_buffer_dir = undef, - $thread_pools = 10, - $multi_store = false, - $glare_enabled = false, - # deprecated parameters - $default_store = undef, -) { - - if !is_integer($large_object_chunk_size) or $large_object_chunk_size < 5 { - fail('glance::backend::s3::large_object_chunk_size must be an integer >= 5') - } - - if !($bucket_url_format in ['subdomain', 'path']) { - fail('glance::backend::s3::bucket_url_format must be either "subdomain" or "path"') - } - - if $default_store { - warning('The default_store parameter is deprecated in glance::backend::s3, you should declare it in glance::api') - } - - glance_api_config { - 'glance_store/s3_store_access_key': value => $access_key; - 'glance_store/s3_store_secret_key': value => $secret_key; - 'glance_store/s3_store_host': value => $host; - 'glance_store/s3_store_bucket': value => $bucket; - 'glance_store/s3_store_bucket_url_format': value => $bucket_url_format; - 'glance_store/s3_store_create_bucket_on_put': value => $create_bucket_on_put; - 'glance_store/s3_store_large_object_size': value => $large_object_size; - 'glance_store/s3_store_large_object_chunk_size': value => $large_object_chunk_size; - 'glance_store/s3_store_thread_pools': value => $thread_pools; - } - - if $glare_enabled { - glance_glare_config { - 'glance_store/s3_store_access_key': value => $access_key; - 'glance_store/s3_store_secret_key': value => $secret_key; - 'glance_store/s3_store_host': value => $host; - 'glance_store/s3_store_bucket': value => $bucket; - 'glance_store/s3_store_bucket_url_format': value => $bucket_url_format; - 'glance_store/s3_store_create_bucket_on_put': value => $create_bucket_on_put; - 'glance_store/s3_store_large_object_size': value => $large_object_size; - 'glance_store/s3_store_large_object_chunk_size': value => $large_object_chunk_size; - 'glance_store/s3_store_thread_pools': value => $thread_pools; - } - } - - if !$multi_store { - glance_api_config { 'glance_store/default_store': value => 's3'; } - if $glare_enabled { - glance_glare_config { 'glance_store/default_store': value => 's3'; } - } - } - - if $object_buffer_dir { - glance_api_config { 'glance_store/s3_store_object_buffer_dir': value => $object_buffer_dir; } - if $glare_enabled { - glance_glare_config { 'glance_store/s3_store_object_buffer_dir': value => $object_buffer_dir; } - } - } else { - glance_api_config { 'glance_store/s3_store_object_buffer_dir': ensure => absent; } - if $glare_enabled { - glance_glare_config { 'glance_store/s3_store_object_buffer_dir': ensure => absent; } - } - } - -} diff --git a/glance/manifests/backend/swift.pp b/glance/manifests/backend/swift.pp deleted file mode 100644 index 878429605..000000000 --- a/glance/manifests/backend/swift.pp +++ /dev/null @@ -1,118 +0,0 @@ -# == class: glance::backend::swift -# -# configures the storage backend for glance -# as a swift instance -# -# === parameters: -# -# [*swift_store_user*] -# Required. Swift store user. -# -# [*swift_store_key*] -# Required. Swift store key. -# -# [*swift_store_auth_address*] -# Optional. Default: 'http://127.0.0.1:5000/v2.0/' -# -# [*swift_store_auth_project_domain_id*] -# Optional. Useful when keystone auth is version 3. Default: default -# -# [*swift_store_auth_user_domain_id*] -# Optional. Useful when keystone auth is version 3. Default: default -# -# [*swift_store_container*] -# Optional. Default: 'glance' -# -# [*swift_store_auth_version*] -# Optional. Default: '2' -# -# [*swift_store_large_object_size*] -# Optional. Default: '5120' -# -# [*swift_store_create_container_on_put*] -# Optional. Default: 'False' -# -# [*swift_store_endpoint_type*] -# Optional. Default: 'internalURL' -# -# [*swift_store_region*] -# Optional. Default: undef -# -# [*default_swift_reference*] -# Optional. The reference to the default swift -# account/backing store parameters to use for adding -# new images. String value. -# Default to 'ref1'. -# -# [*multi_store*] -# (optional) Boolean describing if multiple backends will be configured -# Defaults to false -# -# [*glare_enabled*] -# (optional) Whether enabled Glance Glare API. -# Defaults to false -# -class glance::backend::swift( - $swift_store_user, - $swift_store_key, - $swift_store_auth_address = 'http://127.0.0.1:5000/v2.0/', - $swift_store_container = 'glance', - $swift_store_auth_version = '2', - $swift_store_auth_project_domain_id = 'default', - $swift_store_auth_user_domain_id = 'default', - $swift_store_large_object_size = '5120', - $swift_store_create_container_on_put = false, - $swift_store_endpoint_type = 'internalURL', - $swift_store_region = undef, - $default_swift_reference = 'ref1', - $multi_store = false, - $glare_enabled = false, -) { - - glance_api_config { - 'glance_store/swift_store_region': value => $swift_store_region; - 'glance_store/swift_store_container': value => $swift_store_container; - 'glance_store/swift_store_create_container_on_put': - value => $swift_store_create_container_on_put; - 'glance_store/swift_store_large_object_size': - value => $swift_store_large_object_size; - 'glance_store/swift_store_endpoint_type': - value => $swift_store_endpoint_type; - - 'glance_store/swift_store_config_file': value => '/etc/glance/glance-swift.conf'; - 'glance_store/default_swift_reference': value => $default_swift_reference; - } - - if $glare_enabled { - glance_glare_config { - 'glance_store/swift_store_region': value => $swift_store_region; - 'glance_store/swift_store_container': value => $swift_store_container; - 'glance_store/swift_store_create_container_on_put': - value => $swift_store_create_container_on_put; - 'glance_store/swift_store_large_object_size': - value => $swift_store_large_object_size; - 'glance_store/swift_store_endpoint_type': - value => $swift_store_endpoint_type; - - 'glance_store/swift_store_config_file': value => '/etc/glance/glance-swift.conf'; - 'glance_store/default_swift_reference': value => $default_swift_reference; - } - } - - if !$multi_store { - glance_api_config { 'glance_store/default_store': value => 'swift'; } - if $glare_enabled { - glance_glare_config { 'glance_store/default_store': value => 'swift'; } - } - } - - glance_swift_config { - "${default_swift_reference}/user": value => $swift_store_user; - "${default_swift_reference}/key": value => $swift_store_key; - "${default_swift_reference}/auth_address": value => $swift_store_auth_address; - "${default_swift_reference}/auth_version": value => $swift_store_auth_version; - "${default_swift_reference}/user_domain_id": value => $swift_store_auth_user_domain_id; - "${default_swift_reference}/project_domain_id": value => $swift_store_auth_project_domain_id; - } - -} diff --git a/glance/manifests/backend/vsphere.pp b/glance/manifests/backend/vsphere.pp deleted file mode 100644 index c4393daa0..000000000 --- a/glance/manifests/backend/vsphere.pp +++ /dev/null @@ -1,174 +0,0 @@ -# -# Copyright (C) 2014 Mirantis -# -# Author: Stepan Rogov -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. You may obtain -# a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the -# License for the specific language governing permissions and limitations -# under the License. -# -# == Class: glance::backend::vsphere -# -# Setup Glance to backend images into VMWare vCenter/ESXi -# -# === Parameters -# -# [*vcenter_insecure*] -# (optional) If true, the ESX/vCenter server certificate is not verified. -# If false, then the default CA truststore is used for verification. -# This option is ignored if "vcenter_ca_file" is set. -# Defaults to 'True'. -# -# [*vcenter_ca_file*] -# (optional) The name of the CA bundle file which will be used in -# verifying vCenter server certificate. If parameter is not set -# then system truststore is used. If parameter is set, -# vcenter_insecure value is ignored. -# Defaults to $::os_service_default. -# -# [*vcenter_datastores*] -# (Multi-valued) A list of datastores where the image -# can be stored. This option may be specified multiple times -# for specifying multiple datastores. The datastore name should -# be specified after its datacenter path, seperated by ":". -# An optional weight may be given after the datastore name, -# seperated again by ":". Thus, the required format -# becomes ::. -# When adding an image, the datastore with highest weight will be selected, -# unless there is not enough free space available in cases where the image -# size is already known. If no weight is given, it is assumed to be -# zero and the directory will be considered for selection last. -# If multiple datastores have the same weight, then the one with the most -# free space available is selected. -# Defaults to $::os_service_default. -# -# [*vcenter_host*] -# (required) vCenter/ESXi Server target system. -# Should be a valid an IP address or a DNS name. -# -# [*vcenter_user*] -# (required) Username for authenticating with vCenter/ESXi server. -# -# [*vcenter_password*] -# (required) Password for authenticating with vCenter/ESXi server. -# -# [*vcenter_image_dir*] -# (required) The name of the directory where the glance images will be stored -# in the VMware datastore. -# -# [*vcenter_task_poll_interval*] -# (optional) The interval used for polling remote tasks invoked on -# vCenter/ESXi server. -# Defaults to $::os_service_default. -# -# [*vcenter_api_retry_count*] -# (optional) Number of times VMware ESX/VC server API must be retried upon -# connection related issues. -# Defaults to $::os_service_default. -# -# [*multi_store*] -# (optional) Boolean describing if multiple backends will be configured -# Defaults to false. -# -# [*glare_enabled*] -# (optional) Whether enabled Glance Glare API. -# Defaults to false. -# -# DEPRECATED PARAMETERS -# -# [*vcenter_api_insecure*] -# (optional) DEPRECATED. Allow to perform insecure SSL requests to ESX/VC. -# Defaults to undef. -# -# [*vcenter_datacenter*] -# (optional) DEPRECATED. Inventory path to a datacenter. -# If the vmware_server_host specified is an ESX/ESXi, -# the vcenter_datacenter is optional. If specified, -# it should be "ha-datacenter". This option is deprecated -# in favor of vcenter_datastores and will be removed. -# Defaults to undef. -# -# [*vcenter_datastore*] -# (optional) DEPRECATED. Datastore associated with the datacenter. -# This option is deprecated in favor of vcenter_datastores -# and will be removed. -# Defaults to undef. -# -class glance::backend::vsphere( - $vcenter_host, - $vcenter_user, - $vcenter_password, - $vcenter_image_dir, - $vcenter_ca_file = $::os_service_default, - $vcenter_datastores = $::os_service_default, - $vcenter_insecure = 'True', - $vcenter_task_poll_interval = $::os_service_default, - $vcenter_api_retry_count = $::os_service_default, - $multi_store = false, - $glare_enabled = false, - # DEPRECATED PARAMETERS - $vcenter_datacenter = undef, - $vcenter_datastore = undef, - $vcenter_api_insecure = undef, -) { - - if $vcenter_api_insecure { - warning('The vcenter_api_insecure parameter is deprecated, use parameter vcenter_insecure') - $vmware_insecure_real = $vcenter_api_insecure - } - else { - $vmware_insecure_real = $vcenter_insecure - } - - if $vcenter_datacenter and $vcenter_datastore { - warning('The vcenter_datacenter and vcenter_datastore parameters is deprecated, use parameter vcenter_datastores') - $vmware_datastores_real = "${vcenter_datacenter}:${vcenter_datastore}" - } - elsif !is_service_default($vcenter_datastores) { - $vmware_datastores_real = $vcenter_datastores - } - else { - fail('Parameter vcenter_datastores or vcenter_datacenter and vcenter_datastore must be provided') - } - - glance_api_config { - 'glance_store/vmware_insecure': value => $vmware_insecure_real; - 'glance_store/vmware_ca_file': value => $vcenter_ca_file; - 'glance_store/vmware_server_host': value => $vcenter_host; - 'glance_store/vmware_server_username': value => $vcenter_user; - 'glance_store/vmware_server_password': value => $vcenter_password; - 'glance_store/vmware_store_image_dir': value => $vcenter_image_dir; - 'glance_store/vmware_task_poll_interval': value => $vcenter_task_poll_interval; - 'glance_store/vmware_api_retry_count': value => $vcenter_api_retry_count; - 'glance_store/vmware_datastores': value => $vmware_datastores_real; - } - - if $glare_enabled { - glance_glare_config { - 'glance_store/vmware_insecure': value => $vmware_insecure_real; - 'glance_store/vmware_ca_file': value => $vcenter_ca_file; - 'glance_store/vmware_server_host': value => $vcenter_host; - 'glance_store/vmware_server_username': value => $vcenter_user; - 'glance_store/vmware_server_password': value => $vcenter_password; - 'glance_store/vmware_store_image_dir': value => $vcenter_image_dir; - 'glance_store/vmware_task_poll_interval': value => $vcenter_task_poll_interval; - 'glance_store/vmware_api_retry_count': value => $vcenter_api_retry_count; - 'glance_store/vmware_datastores': value => $vmware_datastores_real; - } - } - - if !$multi_store { - glance_api_config { 'glance_store/default_store': value => 'vsphere'; } - if $glare_enabled { - glance_glare_config { 'glance_store/default_store': value => 'vsphere'; } - } - } -} diff --git a/glance/manifests/cache/cleaner.pp b/glance/manifests/cache/cleaner.pp deleted file mode 100644 index 6536d5612..000000000 --- a/glance/manifests/cache/cleaner.pp +++ /dev/null @@ -1,49 +0,0 @@ -# == Class: glance::cache::cleaner -# -# Installs a cron job to run glance-cache-cleaner. -# -# === Parameters -# -# [*minute*] -# (optional) Defaults to '1'. -# -# [*hour*] -# (optional) Defaults to '0'. -# -# [*monthday*] -# (optional) Defaults to '*'. -# -# [*month*] -# (optional) Defaults to '*'. -# -# [*weekday*] -# (optional) Defaults to '*'. -# -# [*command_options*] -# command options to add to the cronjob -# (eg. point to config file, or redirect output) -# (optional) Defaults to ''. -# -class glance::cache::cleaner( - $minute = 1, - $hour = 0, - $monthday = '*', - $month = '*', - $weekday = '*', - $command_options = '', -) { - - include ::glance::params - - cron { 'glance-cache-cleaner': - command => "${glance::params::cache_cleaner_command} ${command_options}", - environment => 'PATH=/bin:/usr/bin:/usr/sbin', - user => 'glance', - minute => $minute, - hour => $hour, - monthday => $monthday, - month => $month, - weekday => $weekday, - require => Package[$::glance::params::api_package_name], - } -} diff --git a/glance/manifests/cache/logging.pp b/glance/manifests/cache/logging.pp deleted file mode 100644 index 3d1a87881..000000000 --- a/glance/manifests/cache/logging.pp +++ /dev/null @@ -1,151 +0,0 @@ -# Class glance::cache::logging -# -# glance-cache logging configuration -# -# == parameters -# -# [*verbose*] -# (Optional) Should the daemons log verbose messages -# Defaults to $::os_service_default. -# -# [*debug*] -# (Optional) Should the daemons log debug messages -# Defaults to $::os_service_default. -# -# [*use_syslog*] -# (Optional) Use syslog for logging. -# Defaults to $::os_service_default. -# -# [*use_stderr*] -# (optional) Use stderr for logging -# Defaults to $::os_service_default. -# -# [*log_facility*] -# (Optional) Syslog facility to receive log lines. -# Defaults to $::os_service_default. -# -# [*log_dir*] -# (optional) Directory where logs should be stored. -# If set to boolean false, it will not log to any directory. -# Defaults to '/var/log/glance' -# -# [*log_file*] -# (optional) File where logs should be stored. -# Defaults to '/var/log/glance/cache.log' -# -# [*logging_context_format_string*] -# (optional) Format string to use for log messages with context. -# Defaults to $::os_service_default. -# Example: '%(asctime)s.%(msecs)03d %(process)d %(levelname)s %(name)s\ -# [%(request_id)s %(user_identity)s] %(instance)s%(message)s' -# -# [*logging_default_format_string*] -# (optional) Format string to use for log messages without context. -# Defaults to $::os_service_default. -# Example: '%(asctime)s.%(msecs)03d %(process)d %(levelname)s %(name)s\ -# [-] %(instance)s%(message)s' -# -# [*logging_debug_format_suffix*] -# (optional) Formatted data to append to log format when level is DEBUG. -# Defaults to $::os_service_default. -# Example: '%(funcName)s %(pathname)s:%(lineno)d' -# -# [*logging_exception_prefix*] -# (optional) Prefix each line of exception output with this format. -# Defaults to $::os_service_default. -# Example: '%(asctime)s.%(msecs)03d %(process)d TRACE %(name)s %(instance)s' -# -# [*log_config_append*] -# The name of an additional logging configuration file. -# Defaults to $::os_service_default. -# See https://docs.python.org/2/howto/logging.html -# -# [*default_log_levels*] -# (optional) Hash of logger (keys) and level (values) pairs. -# Defaults to $::os_service_default. -# Example: -# { 'amqp' => 'WARN', 'amqplib' => 'WARN', 'boto' => 'WARN', -# 'qpid' => 'WARN', 'sqlalchemy' => 'WARN', 'suds' => 'INFO', -# 'iso8601' => 'WARN', -# 'requests.packages.urllib3.connectionpool' => 'WARN' } -# -# [*publish_errors*] -# (optional) Publish error events (boolean value). -# Defaults to $::os_service_default. -# -# [*fatal_deprecations*] -# (optional) Make deprecations fatal (boolean value) -# Defaults to $::os_service_default. -# -# [*instance_format*] -# (optional) If an instance is passed with the log message, format it -# like this (string value). -# Defaults to $::os_service_default. -# Example: '[instance: %(uuid)s] ' -# -# [*instance_uuid_format*] -# (optional) If an instance UUID is passed with the log message, format -# it like this (string value). -# Defaults to $::os_service_default. -# Example: instance_uuid_format='[instance: %(uuid)s] ' -# -# [*log_date_format*] -# (optional) Format string for %%(asctime)s in log records. -# Defaults to $::os_service_default. -# Example: 'Y-%m-%d %H:%M:%S' - -class glance::cache::logging( - $use_syslog = $::os_service_default, - $use_stderr = $::os_service_default, - $log_facility = $::os_service_default, - $log_dir = '/var/log/glance', - $log_file = '/var/log/glance/cache.log', - $verbose = $::os_service_default, - $debug = $::os_service_default, - $logging_context_format_string = $::os_service_default, - $logging_default_format_string = $::os_service_default, - $logging_debug_format_suffix = $::os_service_default, - $logging_exception_prefix = $::os_service_default, - $log_config_append = $::os_service_default, - $default_log_levels = $::os_service_default, - $publish_errors = $::os_service_default, - $fatal_deprecations = $::os_service_default, - $instance_format = $::os_service_default, - $instance_uuid_format = $::os_service_default, - $log_date_format = $::os_service_default, -) { - - $use_syslog_real = pick($::glance::api::use_syslog,$use_syslog) - $use_stderr_real = pick($::glance::api::use_stderr,$use_stderr) - $log_facility_real = pick($::glance::api::log_facility,$log_facility) - $log_dir_real = pick($::glance::api::log_dir,$log_dir) - $verbose_real = pick($::glance::api::verbose,$verbose) - $debug_real = pick($::glance::api::debug,$debug) - - if is_service_default($default_log_levels) { - $default_log_levels_real = $default_log_levels - } else { - $default_log_levels_real = join(sort(join_keys_to_values($default_log_levels, '=')), ',') - } - - glance_cache_config { - 'DEFAULT/debug': value => $debug_real; - 'DEFAULT/verbose': value => $verbose_real; - 'DEFAULT/use_stderr': value => $use_stderr_real; - 'DEFAULT/use_syslog': value => $use_syslog_real; - 'DEFAULT/log_dir': value => $log_dir_real; - 'DEFAULT/log_file': value => $log_file; - 'DEFAULT/syslog_log_facility': value => $log_facility_real; - 'DEFAULT/logging_context_format_string': value => $logging_context_format_string; - 'DEFAULT/logging_default_format_string': value => $logging_default_format_string; - 'DEFAULT/logging_debug_format_suffix': value => $logging_debug_format_suffix; - 'DEFAULT/logging_exception_prefix': value => $logging_exception_prefix; - 'DEFAULT/log_config_append': value => $log_config_append; - 'DEFAULT/default_log_levels': value => $default_log_levels_real; - 'DEFAULT/publish_errors': value => $publish_errors; - 'DEFAULT/fatal_deprecations': value => $fatal_deprecations; - 'DEFAULT/instance_format': value => $instance_format; - 'DEFAULT/instance_uuid_format': value => $instance_uuid_format; - 'DEFAULT/log_date_format': value => $log_date_format; - } -} diff --git a/glance/manifests/cache/pruner.pp b/glance/manifests/cache/pruner.pp deleted file mode 100644 index 848e5bd59..000000000 --- a/glance/manifests/cache/pruner.pp +++ /dev/null @@ -1,50 +0,0 @@ -# == Class: glance::cache::pruner -# -# Installs a cron job to run glance-cache-pruner. -# -# === Parameters -# -# [*minute*] -# (optional) Defaults to '*/30'. -# -# [*hour*] -# (optional) Defaults to '*'. -# -# [*monthday*] -# (optional) Defaults to '*'. -# -# [*month*] -# (optional) Defaults to '*'. -# -# [*weekday*] -# (optional) Defaults to '*'. -# -# [*command_options*] -# command options to add to the cronjob -# (eg. point to config file, or redirect output) -# (optional) Defaults to ''. -# -class glance::cache::pruner( - $minute = '*/30', - $hour = '*', - $monthday = '*', - $month = '*', - $weekday = '*', - $command_options = '', -) { - - include ::glance::params - - cron { 'glance-cache-pruner': - command => "${glance::params::cache_pruner_command} ${command_options}", - environment => 'PATH=/bin:/usr/bin:/usr/sbin', - user => 'glance', - minute => $minute, - hour => $hour, - monthday => $monthday, - month => $month, - weekday => $weekday, - require => Package[$::glance::params::api_package_name], - - } -} diff --git a/glance/manifests/client.pp b/glance/manifests/client.pp deleted file mode 100644 index 190cbf25f..000000000 --- a/glance/manifests/client.pp +++ /dev/null @@ -1,21 +0,0 @@ -# -# Installs the glance python library. -# -# == parameters -# [*ensure*] -# (Optional) Ensure state for pachage. -# Defaults to 'present' -# -class glance::client( - $ensure = 'present' -) { - - include ::glance::params - - package { 'python-glanceclient': - ensure => $ensure, - name => $::glance::params::client_package_name, - tag => ['openstack'], - } - -} diff --git a/glance/manifests/config.pp b/glance/manifests/config.pp deleted file mode 100644 index 96f719568..000000000 --- a/glance/manifests/config.pp +++ /dev/null @@ -1,68 +0,0 @@ -# == Class: glance::config -# -# This class is used to manage arbitrary glance configurations. -# -# === Parameters -# -# [*xxx_config*] -# (optional) Allow configuration of arbitrary glance configurations. -# The value is an hash of glance_config resources. Example: -# { 'DEFAULT/foo' => { value => 'fooValue'}, -# 'DEFAULT/bar' => { value => 'barValue'} -# } -# In yaml format, Example: -# glance_config: -# DEFAULT/foo: -# value: fooValue -# DEFAULT/bar: -# value: barValue -# -# [*api_config*] -# (optional) Allow configuration of glance-api.conf configurations. -# -# [*api_paste_ini_config*] -# (optional) Allow configuration of glance-api-paste.ini configurations. -# -# [*registry_config*] -# (optional) Allow configuration of glance-registry.conf configurations. -# -# [*registry_paste_ini_config*] -# (optional) Allow configuration of glance-registry-paste.ini configurations. -# -# [*glare_config*] -# (optional) Allow configuration of glance-glare.conf configurations. -# -# [*glare_paste_ini_config*] -# (optional) Allow configuration of glance-glare-paste.ini configurations. -# -# [*cache_config*] -# (optional) Allow configuration of glance-cache.conf configurations. -# -# NOTE: The configuration MUST NOT be already handled by this module -# or Puppet catalog compilation will fail with duplicate resources. -# -class glance::config ( - $api_config = {}, - $api_paste_ini_config = {}, - $registry_config = {}, - $registry_paste_ini_config = {}, - $glare_config = {}, - $glare_paste_ini_config = {}, - $cache_config = {}, -) { - validate_hash($api_config) - validate_hash($api_paste_ini_config) - validate_hash($registry_config) - validate_hash($registry_paste_ini_config) - validate_hash($cache_config) - validate_hash($glare_config) - validate_hash($glare_paste_ini_config) - - create_resources('glance_api_config', $api_config) - create_resources('glance_api_paste_ini', $api_paste_ini_config) - create_resources('glance_registry_config', $registry_config) - create_resources('glance_registry_paste_ini', $registry_paste_ini_config) - create_resources('glance_cache_config', $cache_config) - create_resources('glance_glare_config', $glare_config) - create_resources('glance_glare_paste_ini', $glare_paste_ini_config) -} diff --git a/glance/manifests/db/mysql.pp b/glance/manifests/db/mysql.pp deleted file mode 100644 index e1d56ad79..000000000 --- a/glance/manifests/db/mysql.pp +++ /dev/null @@ -1,53 +0,0 @@ -# The glance::db::mysql class creates a MySQL database for glance. -# It must be used on the MySQL server -# -# == Parameters -# -# [*password*] -# password to connect to the database. Mandatory. -# -# [*dbname*] -# name of the database. Optional. Defaults to glance. -# -# [*user*] -# user to connect to the database. Optional. Defaults to glance. -# -# [*host*] -# the default source host user is allowed to connect from. -# Optional. Defaults to 'localhost' -# -# [*allowed_hosts*] -# other hosts the user is allowd to connect from. -# Optional. Defaults to undef. -# -# [*charset*] -# the database charset. Optional. Defaults to 'utf8' -# -# [*collate*] -# the database collation. Optional. Defaults to 'utf8_general_ci' -# -class glance::db::mysql( - $password, - $dbname = 'glance', - $user = 'glance', - $host = '127.0.0.1', - $allowed_hosts = undef, - $charset = 'utf8', - $collate = 'utf8_general_ci', -) { - - validate_string($password) - - ::openstacklib::db::mysql { 'glance': - user => $user, - password_hash => mysql_password($password), - dbname => $dbname, - host => $host, - charset => $charset, - collate => $collate, - allowed_hosts => $allowed_hosts, - } - - ::Openstacklib::Db::Mysql['glance'] ~> Exec<| title == 'glance-manage db_sync' |> - -} diff --git a/glance/manifests/db/postgresql.pp b/glance/manifests/db/postgresql.pp deleted file mode 100644 index 47730bb59..000000000 --- a/glance/manifests/db/postgresql.pp +++ /dev/null @@ -1,45 +0,0 @@ -# == Class: glance::db::postgresql -# -# Class that configures postgresql for glance -# Requires the Puppetlabs postgresql module. -# -# === Parameters -# -# [*password*] -# (Required) Password to connect to the database. -# -# [*dbname*] -# (Optional) Name of the database. -# Defaults to 'glance'. -# -# [*user*] -# (Optional) User to connect to the database. -# Defaults to 'glance'. -# -# [*encoding*] -# (Optional) The charset to use for the database. -# Default to undef. -# -# [*privileges*] -# (Optional) Privileges given to the database user. -# Default to 'ALL' -# -class glance::db::postgresql( - $password, - $dbname = 'glance', - $user = 'glance', - $encoding = undef, - $privileges = 'ALL', -) { - - ::openstacklib::db::postgresql { 'glance': - password_hash => postgresql_password($user, $password), - dbname => $dbname, - user => $user, - encoding => $encoding, - privileges => $privileges, - } - - ::Openstacklib::Db::Postgresql['glance'] ~> Exec<| title == 'glance-manage db_sync' |> - -} diff --git a/glance/manifests/db/sync.pp b/glance/manifests/db/sync.pp deleted file mode 100644 index 6137e32b1..000000000 --- a/glance/manifests/db/sync.pp +++ /dev/null @@ -1,33 +0,0 @@ -# -# Class to execute glance dbsync -# -# == Parameters -# -# [*extra_params*] -# (optional) String of extra command line parameters to append -# to the glance-manage db sync command. These will be inserted -# in the command line between 'glance-manage' and 'db sync'. -# Defaults to '--config-file /etc/glance/glance-registry.conf' -# -class glance::db::sync( - $extra_params = '--config-file /etc/glance/glance-registry.conf', -) { - - include ::glance::params - - Package<| tag == 'glance-package' |> ~> Exec['glance-manage db_sync'] - Exec['glance-manage db_sync'] ~> Service<| tag == 'glance-service' |> - - Glance_registry_config<||> ~> Exec['glance-manage db_sync'] - Glance_api_config<||> ~> Exec['glance-manage db_sync'] - Glance_cache_config<||> ~> Exec['glance-manage db_sync'] - - exec { 'glance-manage db_sync': - command => "glance-manage ${extra_params} db_sync", - path => '/usr/bin', - user => 'glance', - refreshonly => true, - logoutput => on_failure, - } - -} diff --git a/glance/manifests/glare.pp b/glance/manifests/glare.pp deleted file mode 100644 index a74f758ca..000000000 --- a/glance/manifests/glare.pp +++ /dev/null @@ -1,262 +0,0 @@ -# == Class glance::glare -# -# Configure Glare Glare service in glance -# -# == Parameters -# -# [*package_ensure*] -# (optional) Ensure state for package. On RedHat platforms this -# setting is ignored and the setting from the glance class is used -# because there is only one glance package. Defaults to 'present'. -# -# [*bind_host*] -# (optional) The address of the host to bind to. -# Default: 0.0.0.0 -# -# [*bind_port*] -# (optional) The port the server should bind to. -# Default: 9494 -# -# [*backlog*] -# (optional) Backlog requests when creating socket -# Default: 4096 -# -# [*workers*] -# (optional) Number of Glance Glare worker processes to start -# Default: $::processorcount -# -# [*auth_type*] -# (optional) Type is authorization being used. -# Defaults to 'keystone' -# -# [*auth_region*] -# (optional) The region for the authentication service. -# If "use_user_token" is not in effect and using keystone auth, -# then region name can be specified. -# Defaults to $::os_service_default. -# -# [*auth_uri*] -# (optional) Complete public Identity API endpoint. -# Defaults to 'http://127.0.0.1:5000/'. -# -# [*identity_uri*] -# (optional) Complete admin Identity API endpoint. -# Defaults to 'http://127.0.0.1:35357/'. -# -# [*pipeline*] -# (optional) Partial name of a pipeline in your paste configuration file with the -# service name removed. -# Defaults to 'keystone'. -# -# [*keystone_tenant*] -# (optional) Tenant to authenticate to. -# Defaults to services. -# -# [*keystone_user*] -# (optional) User to authenticate as with keystone. -# Defaults to 'glance'. -# -# [*keystone_password*] -# (optional) Password used to authentication. -# Defaults to false. -# -# [*manage_service*] -# (optional) If Puppet should manage service startup / shutdown. -# Defaults to true. -# -# [*enabled*] -# (optional) Whether to enable services. -# Defaults to true. -# -# [*cert_file*] -# (optinal) Certificate file to use when starting API server securely -# Defaults to $::os_service_default -# -# [*key_file*] -# (optional) Private key file to use when starting API server securely -# Defaults to $::os_service_default -# -# [*ca_file*] -# (optional) CA certificate file to use to verify connecting clients -# Defaults to $::os_service_default -# -# [*stores*] -# (optional) List of which store classes and store class locations are -# currently known to glance at startup. -# Defaults to false. -# Example: ['glance.store.filesystem.Store','glance.store.http.Store'] -# -# [*default_store*] -# (optional) The default backend store, should be given as a string. Value -# must be provided if more than one store is listed in 'stores'. -# Defaults to undef -# -# [*multi_store*] -# (optional) Boolean describing if multiple backends will be configured -# Defaults to false -# -# [*os_region_name*] -# (optional) Sets the keystone region to use. -# Defaults to 'RegionOne'. -# -# [*signing_dir*] -# (optional) Directory used to cache files related to PKI tokens. -# Defaults to $::os_service_default. -# -# [*memcached_servers*] -# (optinal) a list of memcached server(s) to use for caching. If left undefined, -# tokens will instead be cached in-process. -# Defaults to $::os_service_default. -# -# [*token_cache_time*] -# (optional) In order to prevent excessive effort spent validating tokens, -# the middleware caches previously-seen tokens for a configurable duration (in seconds). -# Set to -1 to disable caching completely. -# Defaults to $::os_service_default. -# -class glance::glare( - $package_ensure = 'present', - $bind_host = '0.0.0.0', - $bind_port = '9494', - $backlog = '4096', - $workers = $::processorcount, - $auth_type = 'keystone', - $auth_region = $::os_service_default, - $auth_uri = 'http://127.0.0.1:5000/', - $identity_uri = 'http://127.0.0.1:35357/', - $memcached_servers = $::os_service_default, - $pipeline = 'keystone', - $keystone_tenant = 'services', - $keystone_user = 'glance', - $keystone_password = false, - $manage_service = true, - $enabled = true, - $cert_file = $::os_service_default, - $key_file = $::os_service_default, - $ca_file = $::os_service_default, - $stores = false, - $default_store = undef, - $multi_store = false, - $os_region_name = 'RegionOne', - $signing_dir = $::os_service_default, - $token_cache_time = $::os_service_default, -) inherits glance { - - include ::glance::policy - include ::glance::glare::db - include ::glance::glare::logging - - if ( $glance::params::glare_package_name != $glance::params::registry_package_name ) { - ensure_packages('glance-glare', { - ensure => $package_ensure, - tag => ['openstack', 'glance-package'], - }) - } - - Package[$::glance::params::glare_package_name] -> Class['glance::policy'] - - Glance_glare_config<||> ~> Service['glance-glare'] - Class['glance::policy'] ~> Service['glance-glare'] - - glance_glare_config { - 'DEFAULT/bind_host': value => $bind_host; - 'DEFAULT/bind_port': value => $bind_port; - 'DEFAULT/backlog': value => $backlog; - 'DEFAULT/workers': value => $workers; - 'DEFAULT/auth_region': value => $auth_region; - 'glance_store/os_region_name': value => $os_region_name; - } - - if $default_store { - $default_store_real = $default_store - } - - if $stores { - validate_array($stores) - $stores_real = $stores - } - - if !empty($stores_real) { - $final_stores_real = join($stores_real, ',') - if !$default_store_real { - warning("default_store not provided, it will be automatically set to ${stores_real[0]}") - $default_store_real = $stores_real[0] - } - } elsif $default_store_real { - $final_stores_real = $default_store - } else { - warning('Glance-Glare is being provisioned without any stores configured') - } - - if $default_store_real and $multi_store { - glance_glare_config { - 'glance_store/default_store': value => $default_store_real; - } - } elsif $multi_store { - glance_glare_config { - 'glance_store/default_store': ensure => absent; - } - } - - if $final_stores_real { - glance_glare_config { - 'glance_store/stores': value => $final_stores_real; - } - } else { - glance_glare_config { - 'glance_store/stores': ensure => absent; - } - } - - if $pipeline != '' { - validate_re($pipeline, '^(\w+([+]\w+)*)*$') - glance_glare_config { - 'paste_deploy/flavor': - ensure => present, - value => $pipeline, - } - } else { - glance_glare_config { 'paste_deploy/flavor': ensure => absent } - } - - # keystone config - if $auth_type == 'keystone' { - if ! $keystone_password { - fail('Parameter keystone_password must be provided, when auth_type is keystone') - } - glance_glare_config { - 'keystone_authtoken/admin_tenant_name': value => $keystone_tenant; - 'keystone_authtoken/admin_user': value => $keystone_user; - 'keystone_authtoken/admin_password': value => $keystone_password, secret => true; - 'keystone_authtoken/token_cache_time': value => $token_cache_time; - 'keystone_authtoken/signing_dir': value => $signing_dir; - 'keystone_authtoken/auth_uri': value => $auth_uri; - 'keystone_authtoken/identity_uri': value => $identity_uri; - 'keystone_authtoken/memcached_servers': value => join(any2array($memcached_servers), ','); - } - } - - # SSL Options - glance_glare_config { - 'DEFAULT/cert_file': value => $cert_file; - 'DEFAULT/key_file' : value => $key_file; - 'DEFAULT/ca_file' : value => $ca_file; - } - - if $manage_service { - if $enabled { - $service_ensure = 'running' - } else { - $service_ensure = 'stopped' - } - } - - service { 'glance-glare': - ensure => $service_ensure, - name => $::glance::params::glare_service_name, - enable => $enabled, - hasstatus => true, - hasrestart => true, - tag => 'glance-service', - } -} diff --git a/glance/manifests/glare/db.pp b/glance/manifests/glare/db.pp deleted file mode 100644 index 053ce435a..000000000 --- a/glance/manifests/glare/db.pp +++ /dev/null @@ -1,91 +0,0 @@ -# == Class: glance::glare::db -# -# Configure the Glance Glare database -# -# === Parameters -# -# [*database_connection*] -# Url used to connect to database. -# (Optional) Defaults to 'sqlite:///var/lib/glance/glance.sqlite'. -# -# [*database_idle_timeout*] -# Timeout when db connections should be reaped. -# (Optional) Defaults to $::os_service_default. -# -# [*database_min_pool_size*] -# Minimum number of SQL connections to keep open in a pool. -# (Optional) Defaults to $::os_service_default. -# -# [*database_max_pool_size*] -# Maximum number of SQL connections to keep open in a pool. -# (Optional) Defaults to $::os_service_default. -# -# [*database_max_retries*] -# Maximum db connection retries during startup. -# Setting -1 implies an infinite retry count. -# (Optional) Defaults to $::os_service_default. -# -# [*database_retry_interval*] -# Interval between retries of opening a sql connection. -# (Optional) Defaults to $::os_service_default. -# -# [*database_max_overflow*] -# If set, use this value for max_overflow with sqlalchemy. -# (Optional) Defaults to $::os_service_default. -# -class glance::glare::db ( - $database_connection = 'sqlite:///var/lib/glance/glance.sqlite', - $database_idle_timeout = $::os_service_default, - $database_min_pool_size = $::os_service_default, - $database_max_pool_size = $::os_service_default, - $database_max_retries = $::os_service_default, - $database_retry_interval = $::os_service_default, - $database_max_overflow = $::os_service_default, -) { - - include ::glance::params - - validate_re($database_connection, - '^(sqlite|mysql(\+pymysql)?|postgresql):\/\/(\S+:\S+@\S+\/\S+)?') - - case $database_connection { - /^mysql(\+pymysql)?:\/\//: { - require 'mysql::bindings' - require 'mysql::bindings::python' - if $database_connection =~ /^mysql\+pymysql/ { - $backend_package = $::glance::params::pymysql_package_name - } else { - $backend_package = false - } - } - /^postgresql:\/\//: { - $backend_package = false - require 'postgresql::lib::python' - } - /^sqlite:\/\//: { - $backend_package = $::glance::params::sqlite_package_name - } - default: { - fail('Unsupported backend configured') - } - } - - if $backend_package and !defined(Package[$backend_package]) { - package {'glance-backend-package': - ensure => present, - name => $backend_package, - tag => 'openstack', - } - } - - glance_glare_config { - 'database/connection': value => $database_connection, secret => true; - 'database/idle_timeout': value => $database_idle_timeout; - 'database/min_pool_size': value => $database_min_pool_size; - 'database/max_retries': value => $database_max_retries; - 'database/retry_interval': value => $database_retry_interval; - 'database/max_pool_size': value => $database_max_pool_size; - 'database/max_overflow': value => $database_max_overflow; - } - -} diff --git a/glance/manifests/glare/logging.pp b/glance/manifests/glare/logging.pp deleted file mode 100644 index 2858cb670..000000000 --- a/glance/manifests/glare/logging.pp +++ /dev/null @@ -1,145 +0,0 @@ -# == Class glance::glare::logging -# -# glance glare extended logging configuration -# -# === Parameters -# -# [*verbose*] -# (Optional) Should the daemons log verbose messages. -# Defaults to $::os_service_default. -# -# [*debug*] -# (Optional) Should the daemons log debug messages. -# Defaults to $::os_service_default. -# -# [*use_syslog*] -# (Optional) Use syslog for logging. -# Defaults to $::os_service_default. -# -# [*use_stderr*] -# (optional) Use stderr for logging. -# Defaults to $::os_service_default. -# -# [*log_facility*] -# (Optional) Syslog facility to receive log lines. -# Defaults to $::os_service_default. -# -# [*log_dir*] -# (optional) Directory where logs should be stored. -# If set to boolean false, it will not log to any directory. -# Defaults to '/var/log/glance' -# -# [*log_file*] -# (optional) File where logs should be stored. -# Defaults to '/var/log/glance/glare.log' -# -# [*logging_context_format_string*] -# (optional) Format string to use for log messages with context. -# Defaults to $::os_service_default -# Example: '%(asctime)s.%(msecs)03d %(process)d %(levelname)s %(name)s\ -# [%(request_id)s %(user_identity)s] %(instance)s%(message)s' -# -# [*logging_default_format_string*] -# (optional) Format string to use for log messages without context. -# Defaults to $::os_service_default. -# Example: '%(asctime)s.%(msecs)03d %(process)d %(levelname)s %(name)s\ -# [-] %(instance)s%(message)s' -# -# [*logging_debug_format_suffix*] -# (optional) Formatted data to append to log format when level is DEBUG. -# Defaults to $::os_service_default. -# Example: '%(funcName)s %(pathname)s:%(lineno)d' -# -# [*logging_exception_prefix*] -# (optional) Prefix each line of exception output with this format. -# Defaults to $::os_service_default. -# Example: '%(asctime)s.%(msecs)03d %(process)d TRACE %(name)s %(instance)s' -# -# [*log_config_append*] -# The name of an additional logging configuration file. -# Defaults to $::os_service_default. -# See https://docs.python.org/2/howto/logging.html -# -# [*default_log_levels*] -# (optional) Hash of logger (keys) and level (values) pairs. -# Defaults to $::os_service_default. -# Example: -# {'amqp' => 'WARN', 'amqplib' => 'WARN', 'boto' => 'WARN', -# 'qpid' => 'WARN', 'sqlalchemy' => 'WARN', 'suds' => 'INFO', -# 'iso8601' => 'WARN', -# 'requests.packages.urllib3.connectionpool' => 'WARN' } -# -# [*publish_errors*] -# (optional) Publish error events (boolean value). -# Defaults to $::os_service_default. -# -# [*fatal_deprecations*] -# (optional) Make deprecations fatal (boolean value). -# Defaults to $::os_service_default. -# -# [*instance_format*] -# (optional) If an instance is passed with the log message, format it -# like this (string value). -# Defaults to $::os_service_default. -# Example: '[instance: %(uuid)s] ' -# -# [*instance_uuid_format*] -# (optional) If an instance UUID is passed with the log message, format -# It like this (string value). -# Defaults to $::os_service_default. -# Example: instance_uuid_format='[instance: %(uuid)s] ' - -# [*log_date_format*] -# (optional) Format string for %%(asctime)s in log records. -# Defaults to $::os_service_default. -# Example: 'Y-%m-%d %H:%M:%S' -# -class glance::glare::logging( - $use_syslog = $::os_service_default, - $use_stderr = $::os_service_default, - $log_facility = $::os_service_default, - $log_dir = '/var/log/glance', - $log_file = '/var/log/glance/glare.log', - $verbose = $::os_service_default, - $debug = $::os_service_default, - $logging_context_format_string = $::os_service_default, - $logging_default_format_string = $::os_service_default, - $logging_debug_format_suffix = $::os_service_default, - $logging_exception_prefix = $::os_service_default, - $log_config_append = $::os_service_default, - $default_log_levels = $::os_service_default, - $publish_errors = $::os_service_default, - $fatal_deprecations = $::os_service_default, - $instance_format = $::os_service_default, - $instance_uuid_format = $::os_service_default, - $log_date_format = $::os_service_default, -) { - - if is_service_default($default_log_levels) { - $default_log_levels_real = $default_log_levels - } else { - $default_log_levels_real = join(sort(join_keys_to_values($default_log_levels, '=')), ',') - } - - glance_glare_config { - 'DEFAULT/debug': value => $debug; - 'DEFAULT/verbose': value => $verbose; - 'DEFAULT/use_stderr': value => $use_stderr; - 'DEFAULT/use_syslog': value => $use_syslog; - 'DEFAULT/log_dir': value => $log_dir; - 'DEFAULT/log_file': value => $log_file; - 'DEFAULT/syslog_log_facility': value => $log_facility; - 'DEFAULT/default_log_levels': value => $default_log_levels_real; - 'DEFAULT/logging_context_format_string': value => $logging_context_format_string; - 'DEFAULT/logging_default_format_string': value => $logging_default_format_string; - 'DEFAULT/logging_debug_format_suffix': value => $logging_debug_format_suffix; - 'DEFAULT/logging_exception_prefix': value => $logging_exception_prefix; - 'DEFAULT/log_config_append': value => $log_config_append; - 'DEFAULT/publish_errors': value => $publish_errors; - 'DEFAULT/fatal_deprecations': value => $fatal_deprecations; - 'DEFAULT/instance_format': value => $instance_format; - 'DEFAULT/instance_uuid_format': value => $instance_uuid_format; - 'DEFAULT/log_date_format': value => $log_date_format; - } - -} diff --git a/glance/manifests/init.pp b/glance/manifests/init.pp deleted file mode 100644 index 367b9d0e6..000000000 --- a/glance/manifests/init.pp +++ /dev/null @@ -1,27 +0,0 @@ -# == class: glance -# -# base glance config. -# -# === parameters: -# -# [*package_ensure*] -# (Optional) Ensure state for package. On Ubuntu this setting -# is ignored since Ubuntu has separate API and registry packages. -# Defaults to 'present' -# -class glance( - $package_ensure = 'present' -) { - - include ::glance::params - - if ( $glance::params::api_package_name == $glance::params::registry_package_name ) { - package { $::glance::params::api_package_name : - ensure => $package_ensure, - name => $::glance::params::api_package_name, - tag => ['openstack', 'glance-package'], - } - } - - include '::openstacklib::openstackclient' -} diff --git a/glance/manifests/keystone/auth.pp b/glance/manifests/keystone/auth.pp deleted file mode 100644 index 0f3dccf64..000000000 --- a/glance/manifests/keystone/auth.pp +++ /dev/null @@ -1,210 +0,0 @@ -# == Class: glance::keystone::auth -# -# Sets up glance users, service and endpoint -# -# == Parameters: -# -# [*password*] -# Password for glance user. Required. -# -# [*email*] -# Email for glance user. Optional. Defaults to 'glance@localhost'. -# -# [*auth_name*] -# Username for glance service. Optional. Defaults to 'glance'. -# -# [*configure_endpoint*] -# Should glance endpoint be configured? Optional. Defaults to 'true'. -# -# [*configure_user*] -# Should the service user be configured? Optional. Defaults to 'true'. -# -# [*configure_user_role*] -# Should the admin role be configured for the service user? -# Optional. Defaults to 'true'. -# -# [*service_name*] -# Name of the service. Optional. -# Defaults to 'Image Service'. -# -# [*service_type*] -# Type of service. Optional. Defaults to 'image'. -# -# [*service_description*] -# Description for keystone service. Optional. Defaults to 'OpenStack Image Service'. -# -# [*region*] -# Region for endpoint. Optional. Defaults to 'RegionOne'. -# -# [*tenant*] -# Tenant for glance user. Optional. Defaults to 'services'. -# -# [*public_url*] -# (optional) The endpoint's public url. (Defaults to 'http://127.0.0.1:9292') -# This url should *not* contain any trailing '/'. -# -# [*admin_url*] -# (optional) The endpoint's admin url. (Defaults to 'http://127.0.0.1:9292') -# This url should *not* contain any trailing '/'. -# -# [*internal_url*] -# (optional) The endpoint's internal url. (Defaults to 'http://127.0.0.1:9292') -# This url should *not* contain any trailing '/'. -# -# [*port*] -# (optional) DEPRECATED: Use public_url, internal_url and admin_url instead. -# Default port for endpoints. (Defaults to 9292) -# Setting this parameter overrides public_url, internal_url and admin_url parameters. -# -# [*public_protocol*] -# (optional) DEPRECATED: Use public_url instead. -# Protocol for public endpoint. (Defaults to 'http') -# Setting this parameter overrides public_url parameter. -# -# [*public_address*] -# (optional) DEPRECATED: Use public_url instead. -# Public address for endpoint. (Defaults to '127.0.0.1') -# Setting this parameter overrides public_url parameter. -# -# [*internal_protocol*] -# (optional) DEPRECATED: Use internal_url instead. -# Protocol for internal endpoint. (Defaults to 'http') -# Setting this parameter overrides internal_url parameter. -# -# [*internal_address*] -# (optional) DEPRECATED: Use internal_url instead. -# Internal address for endpoint. (Defaults to '127.0.0.1') -# Setting this parameter overrides internal_url parameter. -# -# [*admin_protocol*] -# (optional) DEPRECATED: Use admin_url instead. -# Protocol for admin endpoint. (Defaults to 'http') -# Setting this parameter overrides admin_url parameter. -# -# [*admin_address*] -# (optional) DEPRECATED: Use admin_url instead. -# Admin address for endpoint. (Defaults to '127.0.0.1') -# Setting this parameter overrides admin_url parameter. -# -# === Deprecation notes -# -# If any value is provided for public_protocol, public_address or port parameters, -# public_url will be completely ignored. The same applies for internal and admin parameters. -# -# === Examples -# -# class { 'glance::keystone::auth': -# public_url => 'https://10.0.0.10:9292', -# internal_url => 'https://10.0.0.11:9292', -# admin_url => 'https://10.0.0.11:9292', -# } -# -class glance::keystone::auth( - $password, - $email = 'glance@localhost', - $auth_name = 'glance', - $configure_endpoint = true, - $configure_user = true, - $configure_user_role = true, - $service_name = 'Image Service', - $service_type = 'image', - $region = 'RegionOne', - $tenant = 'services', - $service_description = 'OpenStack Image Service', - $public_url = 'http://127.0.0.1:9292', - $admin_url = 'http://127.0.0.1:9292', - $internal_url = 'http://127.0.0.1:9292', - # DEPRECATED PARAMETERS - $port = undef, - $public_protocol = undef, - $public_address = undef, - $internal_protocol = undef, - $internal_address = undef, - $admin_protocol = undef, - $admin_address = undef, -) { - - if $port { - warning('The port parameter is deprecated, use public_url, internal_url and admin_url instead.') - } - - if $public_protocol { - warning('The public_protocol parameter is deprecated, use public_url instead.') - } - - if $internal_protocol { - warning('The internal_protocol parameter is deprecated, use internal_url instead.') - } - - if $admin_protocol { - warning('The admin_protocol parameter is deprecated, use admin_url instead.') - } - - if $public_address { - warning('The public_address parameter is deprecated, use public_url instead.') - } - - if $internal_address { - warning('The internal_address parameter is deprecated, use internal_url instead.') - } - - if $admin_address { - warning('The admin_address parameter is deprecated, use admin_url instead.') - } - - if ($public_protocol or $public_address or $port) { - $public_url_real = sprintf('%s://%s:%s', - pick($public_protocol, 'http'), - pick($public_address, '127.0.0.1'), - pick($port, '9292')) - } else { - $public_url_real = $public_url - } - - if ($admin_protocol or $admin_address or $port) { - $admin_url_real = sprintf('%s://%s:%s', - pick($admin_protocol, 'http'), - pick($admin_address, '127.0.0.1'), - pick($port, '9292')) - } else { - $admin_url_real = $admin_url - } - - if ($internal_protocol or $internal_address or $port) { - $internal_url_real = sprintf('%s://%s:%s', - pick($internal_protocol, 'http'), - pick($internal_address, '127.0.0.1'), - pick($port, '9292')) - } else { - $internal_url_real = $internal_url - } - - $real_service_name = pick($service_name, $auth_name) - - if $configure_endpoint { - Keystone_endpoint["${region}/${real_service_name}::${service_type}"] ~> Service<| title == 'glance-api' |> - Keystone_endpoint["${region}/${real_service_name}::${service_type}"] -> Glance_image<||> - } - - keystone::resource::service_identity { $auth_name: - configure_user => $configure_user, - configure_user_role => $configure_user_role, - configure_endpoint => $configure_endpoint, - service_type => $service_type, - service_description => $service_description, - service_name => $real_service_name, - region => $region, - password => $password, - email => $email, - tenant => $tenant, - public_url => $public_url_real, - admin_url => $admin_url_real, - internal_url => $internal_url_real, - } - - if $configure_user_role { - Keystone_user_role["${auth_name}@${tenant}"] ~> Service<| title == 'glance-registry' |> - Keystone_user_role["${auth_name}@${tenant}"] ~> Service<| title == 'glance-api' |> - } - -} diff --git a/glance/manifests/keystone/glare_auth.pp b/glance/manifests/keystone/glare_auth.pp deleted file mode 100644 index a5e2432bb..000000000 --- a/glance/manifests/keystone/glare_auth.pp +++ /dev/null @@ -1,104 +0,0 @@ -# == Class: glance::keystone::glare_auth -# -# Sets up glare users, service and endpoint for Glance Glare -# -# == Parameters: -# -# [*password*] -# Password for glare user. Required. -# -# [*email*] -# Email for glance user. Optional. Defaults to 'glare@localhost'. -# -# [*auth_name*] -# Username for glare service. Optional. Defaults to 'glare'. -# -# [*configure_endpoint*] -# Should glare endpoint be configured? Optional. Defaults to 'true'. -# -# [*configure_user*] -# Should the service user be configured? Optional. Defaults to 'true'. -# -# [*configure_user_role*] -# Should the admin role be configured for the service user? -# Optional. Defaults to 'true'. -# -# [*service_name*] -# Name of the service. Optional. -# Defaults to 'Glance Artifacts'. -# -# [*service_type*] -# Type of service. Optional. Defaults to 'artifact'. -# -# [*service_description*] -# Description for keystone service. Optional. Defaults to 'Glance Artifact Service'. -# -# [*region*] -# Region for endpoint. Optional. Defaults to 'RegionOne'. -# -# [*tenant*] -# Tenant for glare user. Optional. Defaults to 'services'. -# -# [*public_url*] -# (optional) The endpoint's public url. (Defaults to 'http://127.0.0.1:9494') -# This url should *not* contain any trailing '/'. -# -# [*admin_url*] -# (optional) The endpoint's admin url. (Defaults to 'http://127.0.0.1:9494') -# This url should *not* contain any trailing '/'. -# -# [*internal_url*] -# (optional) The endpoint's internal url. (Defaults to 'http://127.0.0.1:9494') -# This url should *not* contain any trailing '/'. -# -# === Examples -# -# class { 'glance::keystone::glare_auth': -# public_url => 'https://10.0.0.10:9494', -# internal_url => 'https://10.0.0.11:9494', -# admin_url => 'https://10.0.0.11:9494', -# } -# -class glance::keystone::glare_auth( - $password, - $email = 'glare@localhost', - $auth_name = 'glare', - $configure_endpoint = true, - $configure_user = true, - $configure_user_role = true, - $service_name = 'Glance Artifacts', - $service_type = 'artifact', - $region = 'RegionOne', - $tenant = 'services', - $service_description = 'Glance Artifact Service', - $public_url = 'http://127.0.0.1:9494', - $admin_url = 'http://127.0.0.1:9494', - $internal_url = 'http://127.0.0.1:9494', -) { - - $real_service_name = pick($service_name, $auth_name) - - if $configure_endpoint { - Keystone_endpoint["${region}/${real_service_name}::${service_type}"] ~> Service<| title == 'glance-glare' |> - } - - keystone::resource::service_identity { $auth_name: - configure_user => $configure_user, - configure_user_role => $configure_user_role, - configure_endpoint => $configure_endpoint, - service_type => $service_type, - service_description => $service_description, - service_name => $real_service_name, - region => $region, - password => $password, - email => $email, - tenant => $tenant, - public_url => $public_url, - admin_url => $admin_url, - internal_url => $internal_url, - } - - if $configure_user_role { - Keystone_user_role["${auth_name}@${tenant}"] ~> Service<| title == 'glance-glare' |> - } -} diff --git a/glance/manifests/notify/qpid.pp b/glance/manifests/notify/qpid.pp deleted file mode 100644 index 7909baeee..000000000 --- a/glance/manifests/notify/qpid.pp +++ /dev/null @@ -1,36 +0,0 @@ -# == Class: glance::notify::qpid -# -# used to configure qpid notifications for glance -# Deprecated class -# -# === Parameters: -# -# [*qpid_password*] -# (required) Password to connect to the qpid server. -# -# [*qpid_username*] -# (Optional) User to connect to the qpid server. -# Defaults to 'guest'. -# -# [*qpid_hostname*] -# (Optional) IP or hostname of the qpid server. -# Defaults to 'localhost'. -# -# [*qpid_port*] -# (Optional) Port of the qpid server. -# Defaults to 5672. -# -# [*qpid_protocol*] -# (Optional) Protocol to use for qpid (tcp/ssl). -# Defaults to tcp. -# -class glance::notify::qpid( - $qpid_password = undef, - $qpid_username = undef, - $qpid_hostname = undef, - $qpid_port = undef, - $qpid_protocol = undef -) inherits glance::api { - - warning('Qpid driver is removed from Oslo.messaging in the Mitaka release') -} diff --git a/glance/manifests/notify/rabbitmq.pp b/glance/manifests/notify/rabbitmq.pp deleted file mode 100644 index 8940b62fa..000000000 --- a/glance/manifests/notify/rabbitmq.pp +++ /dev/null @@ -1,184 +0,0 @@ -# -# used to configure rabbitmq notifications for glance -# -# [*rabbit_password*] -# password to connect to the rabbit_server. -# -# [*rabbit_userid*] -# user to connect to the rabbit server. Optional. Defaults to 'guest' -# -# [*rabbit_host*] -# ip or hostname of the rabbit server. Optional. Defaults to 'localhost' -# -# [*rabbit_hosts*] -# (Optional) IP or hostname of the rabbits servers. -# comma separated array (ex: ['1.0.0.10:5672','1.0.0.11:5672']) -# Defaults to false. -# -# [*rabbit_port*] -# port of the rabbit server. Optional. Defaults to 5672. -# -# [*rabbit_virtual_host*] -# virtual_host to use. Optional. Defaults to '/' -# -# [*rabbit_ha_queues*] -# (optional) Use HA queues in RabbitMQ (x-ha-policy: all). -# Defaults to undef -# -# [*rabbit_heartbeat_timeout_threshold*] -# (optional) Number of seconds after which the RabbitMQ broker is considered -# down if the heartbeat keepalive fails. Any value >0 enables heartbeats. -# Heartbeating helps to ensure the TCP connection to RabbitMQ isn't silently -# closed, resulting in missed or lost messages from the queue. -# (Requires kombu >= 3.0.7 and amqp >= 1.4.0) -# Defaults to 0 -# -# [*rabbit_heartbeat_rate*] -# (optional) How often during the rabbit_heartbeat_timeout_threshold period to -# check the heartbeat on RabbitMQ connection. (i.e. rabbit_heartbeat_rate=2 -# when rabbit_heartbeat_timeout_threshold=60, the heartbeat will be checked -# every 30 seconds. -# Defaults to 2 -# -# [*rabbit_use_ssl*] -# (optional) Connect over SSL for RabbitMQ -# Defaults to false -# -# [*kombu_ssl_ca_certs*] -# (optional) SSL certification authority file (valid only if SSL enabled). -# Defaults to undef -# -# [*kombu_ssl_certfile*] -# (optional) SSL cert file (valid only if SSL enabled). -# Defaults to undef -# -# [*kombu_ssl_keyfile*] -# (optional) SSL key file (valid only if SSL enabled). -# Defaults to undef -# -# [*kombu_ssl_version*] -# (optional) SSL version to use (valid only if SSL enabled). -# Valid values are TLSv1, SSLv23 and SSLv3. SSLv2 may be -# available on some distributions. -# Defaults to 'TLSv1' -# -# [*kombu_reconnect_delay*] -# (optional) How long to wait before reconnecting in response to an AMQP -# consumer cancel notification. -# Defaults to $::os_service_default. -# -# [*rabbit_notification_exchange*] -# Defaults to 'glance' -# -# [*rabbit_notification_topic*] -# Defaults to 'notifications' -# -# [*rabbit_durable_queues*] -# Defaults to false -# -# [*amqp_durable_queues*] -# (Optional) Use durable queues in broker. -# Defaults to false. -# -# [*notification_driver*] -# Notification driver to use. Defaults to 'messaging'. - -class glance::notify::rabbitmq( - $rabbit_password, - $rabbit_userid = 'guest', - $rabbit_host = 'localhost', - $rabbit_port = '5672', - $rabbit_hosts = false, - $rabbit_virtual_host = '/', - $rabbit_ha_queues = undef, - $rabbit_heartbeat_timeout_threshold = 0, - $rabbit_heartbeat_rate = 2, - $rabbit_use_ssl = false, - $kombu_ssl_ca_certs = undef, - $kombu_ssl_certfile = undef, - $kombu_ssl_keyfile = undef, - $kombu_ssl_version = 'TLSv1', - $kombu_reconnect_delay = $::os_service_default, - $rabbit_notification_exchange = 'glance', - $rabbit_notification_topic = 'notifications', - $rabbit_durable_queues = false, - $amqp_durable_queues = false, - $notification_driver = 'messaging', -) { - - if $rabbit_durable_queues { - warning('The rabbit_durable_queues parameter is deprecated, use amqp_durable_queues.') - $amqp_durable_queues_real = $rabbit_durable_queues - } else { - $amqp_durable_queues_real = $amqp_durable_queues - } - - if $rabbit_hosts { - glance_api_config { - 'oslo_messaging_rabbit/rabbit_hosts': value => join($rabbit_hosts, ','); - } - } else { - glance_api_config { - 'oslo_messaging_rabbit/rabbit_host': value => $rabbit_host; - 'oslo_messaging_rabbit/rabbit_port': value => $rabbit_port; - 'oslo_messaging_rabbit/rabbit_hosts': value => "${rabbit_host}:${rabbit_port}"; - } - } - - # by default rabbit_ha_queues is undef - if $rabbit_ha_queues == undef { - if $rabbit_hosts { - glance_api_config { 'oslo_messaging_rabbit/rabbit_ha_queues': value => true } - } else { - glance_api_config { 'oslo_messaging_rabbit/rabbit_ha_queues': value => false } - } - } else { - glance_api_config { 'oslo_messaging_rabbit/rabbit_ha_queues': value => $rabbit_ha_queues } - } - - glance_api_config { - 'DEFAULT/notification_driver': value => $notification_driver; - 'oslo_messaging_rabbit/rabbit_virtual_host': value => $rabbit_virtual_host; - 'oslo_messaging_rabbit/rabbit_password': value => $rabbit_password, secret => true; - 'oslo_messaging_rabbit/rabbit_userid': value => $rabbit_userid; - 'oslo_messaging_rabbit/rabbit_notification_exchange': value => $rabbit_notification_exchange; - 'oslo_messaging_rabbit/rabbit_notification_topic': value => $rabbit_notification_topic; - 'oslo_messaging_rabbit/heartbeat_timeout_threshold': value => $rabbit_heartbeat_timeout_threshold; - 'oslo_messaging_rabbit/heartbeat_rate': value => $rabbit_heartbeat_rate; - 'oslo_messaging_rabbit/kombu_reconnect_delay': value => $kombu_reconnect_delay; - 'oslo_messaging_rabbit/rabbit_use_ssl': value => $rabbit_use_ssl; - 'oslo_messaging_rabbit/amqp_durable_queues': value => $amqp_durable_queues_real; - } - - if $rabbit_use_ssl { - glance_api_config { 'oslo_messaging_rabbit/kombu_ssl_version': value => $kombu_ssl_version } - - if $kombu_ssl_ca_certs { - glance_api_config { 'oslo_messaging_rabbit/kombu_ssl_ca_certs': value => $kombu_ssl_ca_certs } - } else { - glance_api_config { 'oslo_messaging_rabbit/kombu_ssl_ca_certs': ensure => absent} - } - - if $kombu_ssl_certfile { - glance_api_config { 'oslo_messaging_rabbit/kombu_ssl_certfile': value => $kombu_ssl_certfile } - } else { - glance_api_config { 'oslo_messaging_rabbit/kombu_ssl_certfile': ensure => absent} - } - - if $kombu_ssl_keyfile { - glance_api_config { 'oslo_messaging_rabbit/kombu_ssl_keyfile': value => $kombu_ssl_keyfile } - } else { - glance_api_config { 'oslo_messaging_rabbit/kombu_ssl_keyfile': ensure => absent} - } - } else { - glance_api_config { - 'oslo_messaging_rabbit/kombu_ssl_version': ensure => absent; - 'oslo_messaging_rabbit/kombu_ssl_ca_certs': ensure => absent; - 'oslo_messaging_rabbit/kombu_ssl_certfile': ensure => absent; - 'oslo_messaging_rabbit/kombu_ssl_keyfile': ensure => absent; - } - if ($kombu_ssl_keyfile or $kombu_ssl_certfile or $kombu_ssl_ca_certs) { - notice('Configuration of certificates with $rabbit_use_ssl == false is a useless config') - } - } -} diff --git a/glance/manifests/params.pp b/glance/manifests/params.pp deleted file mode 100644 index 4cdbdabf2..000000000 --- a/glance/manifests/params.pp +++ /dev/null @@ -1,42 +0,0 @@ -# these parameters need to be accessed from several locations and -# should be considered to be constant -class glance::params { - - $client_package_name = 'python-glanceclient' - - $cache_cleaner_command = 'glance-cache-cleaner' - $cache_pruner_command = 'glance-cache-pruner' - - case $::osfamily { - 'RedHat': { - $api_package_name = 'openstack-glance' - $glare_package_name = 'openstack-glance' - $registry_package_name = 'openstack-glance' - $api_service_name = 'openstack-glance-api' - $glare_service_name = 'openstack-glance-glare' - $registry_service_name = 'openstack-glance-registry' - if ($::operatingsystem != 'fedora' and versioncmp($::operatingsystemrelease, '7') < 0) { - $pyceph_package_name = 'python-ceph' - } else { - $pyceph_package_name = 'python-rbd' - } - $sqlite_package_name = undef - $pymysql_package_name = undef - } - 'Debian': { - $api_package_name = 'glance-api' - $glare_package_name = 'glance-glare' - $registry_package_name = 'glance-registry' - $api_service_name = 'glance-api' - $glare_service_name = 'glance-glare' - $registry_service_name = 'glance-registry' - $pyceph_package_name = 'python-ceph' - $sqlite_package_name = 'python-pysqlite2' - $pymysql_package_name = 'python-pymysql' - } - default: { - fail("Unsupported osfamily: ${::osfamily} operatingsystem: ${::operatingsystem}, module ${module_name} only support osfamily RedHat and Debian") - } - } - -} diff --git a/glance/manifests/policy.pp b/glance/manifests/policy.pp deleted file mode 100644 index 4edb46179..000000000 --- a/glance/manifests/policy.pp +++ /dev/null @@ -1,39 +0,0 @@ -# == Class: glance::policy -# -# Configure the glance policies -# -# === Parameters -# -# [*policies*] -# (optional) Set of policies to configure for glance -# Example : -# { -# 'glance-context_is_admin' => { -# 'key' => 'context_is_admin', -# 'value' => 'true' -# }, -# 'glance-default' => { -# 'key' => 'default', -# 'value' => 'rule:admin_or_owner' -# } -# } -# Defaults to empty hash. -# -# [*policy_path*] -# (optional) Path to the glance policy.json file -# Defaults to /etc/glance/policy.json -# -class glance::policy( - $policies = {}, - $policy_path = '/etc/glance/policy.json', -) { - - validate_hash($policies) - - Openstacklib::Policy::Base { - file_path => $policy_path, - } - - create_resources('openstacklib::policy::base', $policies) - -} diff --git a/glance/manifests/registry.pp b/glance/manifests/registry.pp deleted file mode 100644 index 3f9c71402..000000000 --- a/glance/manifests/registry.pp +++ /dev/null @@ -1,294 +0,0 @@ -# == Class: glance::registry -# -# Installs and configures glance-registry -# -# === Parameters -# -# [*keystone_password*] -# (required) The keystone password for administrative user -# -# [*package_ensure*] -# (optional) Ensure state for package. Defaults to 'present'. On RedHat -# platforms this setting is ignored and the setting from the glance class is -# used because there is only one glance package. -# -# [*verbose*] -# (optional) Enable verbose logs (true|false). Defaults to undef. -# -# [*debug*] -# (optional) Enable debug logs (true|false). Defaults to undef. -# -# [*bind_host*] -# (optional) The address of the host to bind to. Defaults to '0.0.0.0'. -# -# [*bind_port*] -# (optional) The port the server should bind to. Defaults to '9191'. -# -# [*workers*] -# (optional) The number of child process workers that will be -# created to service Registry requests. -# Defaults to: $::processorcount -# -# [*log_file*] -# (optional) Log file for glance-registry. -# If set to boolean false, it will not log to any file. -# Defaults to undef. -# -# [*log_dir*] -# (optional) directory to which glance logs are sent. -# If set to boolean false, it will not log to any directory. -# Defaults to undef. -# -# [*database_connection*] -# (optional) Connection url to connect to nova database. -# Defaults to undef -# -# [*database_idle_timeout*] -# (optional) Timeout before idle db connections are reaped. -# Defaults to undef -# -# [*database_max_retries*] -# (Optional) Maximum number of database connection retries during startup. -# Set to -1 to specify an infinite retry count. -# Defaults to undef. -# -# [*database_retry_interval*] -# (optional) Interval between retries of opening a database connection. -# Defaults to undef. -# -# [*database_min_pool_size*] -# (optional) Minimum number of SQL connections to keep open in a pool. -# Defaults to undef. -# -# [*database_max_pool_size*] -# (optional) Maximum number of SQL connections to keep open in a pool. -# Defaults to undef. -# -# [*database_max_overflow*] -# (optional) If set, use this value for max_overflow with sqlalchemy. -# Defaults to undef. -# -# [*auth_type*] -# (optional) Authentication type. Defaults to 'keystone'. -# -# [*auth_uri*] -# (optional) Complete public Identity API endpoint. -# Defaults to 'http://127.0.0.1:5000/'. -# -# [*identity_uri*] -# (optional) Complete admin Identity API endpoint. -# Defaults to 'http://127.0.0.1:35357/'. -# -# [*keystone_tenant*] -# (optional) administrative tenant name to connect to keystone. -# Defaults to 'services'. -# -# [*keystone_user*] -# (optional) administrative user name to connect to keystone. -# Defaults to 'glance'. -# -# [*pipeline*] -# (optional) Partial name of a pipeline in your paste configuration -# file with the service name removed. -# Defaults to 'keystone'. -# -# [*use_syslog*] -# (optional) Use syslog for logging. -# Defaults to undef. -# -# [*use_stderr*] -# (optional) Use stderr for logging -# Defaults to undef. -# -# [*log_facility*] -# (optional) Syslog facility to receive log lines. -# Defaults to undef. -# -# [*manage_service*] -# (optional) If Puppet should manage service startup / shutdown. -# Defaults to true. -# -# [*enabled*] -# (optional) Should the service be enabled. -# Defaults to true. -# -# [*purge_config*] -# (optional) Whether to create only the specified config values in -# the glance registry config file. -# Defaults to false. -# -# [*cert_file*] -# (optinal) Certificate file to use when starting registry server securely -# Defaults to false, not set -# -# [*key_file*] -# (optional) Private key file to use when starting registry server securely -# Defaults to false, not set -# -# [*ca_file*] -# (optional) CA certificate file to use to verify connecting clients -# Defaults to false, not set -# -# [*sync_db*] -# (Optional) Run db sync on the node. -# Defaults to true -# -# [*os_region_name*] -# (optional) Sets the keystone region to use. -# Defaults to $::os_service_default. -# -# [*signing_dir*] -# Directory used to cache files related to PKI tokens. -# Defaults to $::os_service_default. -# -# [*memcached_servers*] -# (optinal) a list of memcached server(s) to use for caching. If left undefined, -# tokens will instead be cached in-process. -# Defaults to $::os_service_default. -# -# [*token_cache_time*] -# In order to prevent excessive effort spent validating tokens, -# the middleware caches previously-seen tokens for a configurable duration (in seconds). -# Set to -1 to disable caching completely. -# Defaults to $::os_service_default. -# -class glance::registry( - $keystone_password, - $package_ensure = 'present', - $verbose = undef, - $debug = undef, - $bind_host = '0.0.0.0', - $bind_port = '9191', - $workers = $::processorcount, - $log_file = undef, - $log_dir = undef, - $database_connection = undef, - $database_idle_timeout = undef, - $database_min_pool_size = undef, - $database_max_pool_size = undef, - $database_max_retries = undef, - $database_retry_interval = undef, - $database_max_overflow = undef, - $auth_type = 'keystone', - $auth_uri = 'http://127.0.0.1:5000/', - $identity_uri = 'http://127.0.0.1:35357/', - $keystone_tenant = 'services', - $keystone_user = 'glance', - $pipeline = 'keystone', - $use_syslog = undef, - $use_stderr = undef, - $log_facility = undef, - $manage_service = true, - $enabled = true, - $purge_config = false, - $cert_file = false, - $key_file = false, - $ca_file = false, - $sync_db = true, - $os_region_name = $::os_service_default, - $signing_dir = $::os_service_default, - $memcached_servers = $::os_service_default, - $token_cache_time = $::os_service_default, -) inherits glance { - - include ::glance::registry::logging - include ::glance::registry::db - - if ( $glance::params::api_package_name != $glance::params::registry_package_name ) { - ensure_packages( 'glance-registry', - { - ensure => $package_ensure, - tag => ['openstack', 'glance-package'], - } - ) - } - - Glance_registry_config<||> ~> Service['glance-registry'] - - glance_registry_config { - 'DEFAULT/workers': value => $workers; - 'DEFAULT/bind_host': value => $bind_host; - 'DEFAULT/bind_port': value => $bind_port; - 'glance_store/os_region_name': value => $os_region_name; - } - - # Set the pipeline, it is allowed to be blank - if $pipeline != '' { - validate_re($pipeline, '^(\w+([+]\w+)*)*$') - glance_registry_config { - 'paste_deploy/flavor': - ensure => present, - value => $pipeline, - } - } else { - glance_registry_config { 'paste_deploy/flavor': ensure => absent } - } - - # keystone config - if $auth_type == 'keystone' { - glance_registry_config { - 'keystone_authtoken/admin_tenant_name': value => $keystone_tenant; - 'keystone_authtoken/admin_user': value => $keystone_user; - 'keystone_authtoken/admin_password': value => $keystone_password, secret => true; - 'keystone_authtoken/token_cache_time': value => $token_cache_time; - 'keystone_authtoken/signing_dir': value => $signing_dir; - 'keystone_authtoken/auth_uri': value => $auth_uri; - 'keystone_authtoken/identity_uri': value => $identity_uri; - 'keystone_authtoken/memcached_servers': value => join(any2array($memcached_servers), ','); - } - } - - # SSL Options - if $cert_file { - glance_registry_config { - 'DEFAULT/cert_file' : value => $cert_file; - } - } else { - glance_registry_config { - 'DEFAULT/cert_file': ensure => absent; - } - } - if $key_file { - glance_registry_config { - 'DEFAULT/key_file' : value => $key_file; - } - } else { - glance_registry_config { - 'DEFAULT/key_file': ensure => absent; - } - } - if $ca_file { - glance_registry_config { - 'DEFAULT/ca_file' : value => $ca_file; - } - } else { - glance_registry_config { - 'DEFAULT/ca_file': ensure => absent; - } - } - - if $sync_db { - include ::glance::db::sync - } - - if $manage_service { - if $enabled { - $service_ensure = 'running' - } else { - $service_ensure = 'stopped' - } - } else { - warning('Execution of db_sync does not depend on $manage_service or $enabled anymore. Please use sync_db instead.') - } - - service { 'glance-registry': - ensure => $service_ensure, - name => $::glance::params::registry_service_name, - enable => $enabled, - hasstatus => true, - hasrestart => true, - require => Class['glance'], - tag => 'glance-service', - } - -} diff --git a/glance/manifests/registry/db.pp b/glance/manifests/registry/db.pp deleted file mode 100644 index b0d854020..000000000 --- a/glance/manifests/registry/db.pp +++ /dev/null @@ -1,101 +0,0 @@ -# == Class: glance::registry::db -# -# Configure the Glance database -# -# === Parameters -# -# [*database_connection*] -# Url used to connect to database. -# (Optional) Defaults to 'sqlite:///var/lib/glance/glance.sqlite'. -# -# [*database_idle_timeout*] -# Timeout when db connections should be reaped. -# (Optional) Defaults to $::os_service_default. -# -# [*database_min_pool_size*] -# Minimum number of SQL connections to keep open in a pool. -# (Optional) Defaults to $::os_service_default. -# -# [*database_max_pool_size*] -# Maximum number of SQL connections to keep open in a pool. -# (Optional) Defaults to $::os_service_default. -# -# [*database_max_retries*] -# Maximum db connection retries during startup. -# Setting -1 implies an infinite retry count. -# (Optional) Defaults to $::os_service_default. -# -# [*database_retry_interval*] -# Interval between retries of opening a sql connection. -# (Optional) Defaults to $::os_service_default. -# -# [*database_max_overflow*] -# If set, use this value for max_overflow with sqlalchemy. -# (Optional) Defaults to $::os_service_default. -# -class glance::registry::db ( - $database_connection = 'sqlite:///var/lib/glance/glance.sqlite', - $database_idle_timeout = $::os_service_default, - $database_min_pool_size = $::os_service_default, - $database_max_pool_size = $::os_service_default, - $database_max_retries = $::os_service_default, - $database_retry_interval = $::os_service_default, - $database_max_overflow = $::os_service_default, -) { - - include ::glance::params - - # NOTE(degorenko): In order to keep backward compatibility we rely on the pick function - # to use glance::registry:: if glance::registry::db:: isn't specified. - $database_connection_real = pick($::glance::registry::database_connection, $database_connection) - $database_idle_timeout_real = pick($::glance::registry::database_idle_timeout, $database_idle_timeout) - $database_min_pool_size_real = pick($::glance::registry::database_min_pool_size, $database_min_pool_size) - $database_max_pool_size_real = pick($::glance::registry::database_max_pool_size, $database_max_pool_size) - $database_max_retries_real = pick($::glance::registry::database_max_retries, $database_max_retries) - $database_retry_interval_real = pick($::glance::registry::database_retry_interval, $database_retry_interval) - $database_max_overflow_real = pick($::glance::registry::database_max_overflow, $database_max_overflow) - - validate_re($database_connection_real, - '^(sqlite|mysql(\+pymysql)?|postgresql):\/\/(\S+:\S+@\S+\/\S+)?') - - case $database_connection_real { - /^mysql(\+pymysql)?:\/\//: { - require 'mysql::bindings' - require 'mysql::bindings::python' - if $database_connection_real =~ /^mysql\+pymysql/ { - $backend_package = $::glance::params::pymysql_package_name - } else { - $backend_package = false - } - } - /^postgresql:\/\//: { - $backend_package = false - require 'postgresql::lib::python' - } - /^sqlite:\/\//: { - $backend_package = $::glance::params::sqlite_package_name - } - default: { - fail('Unsupported backend configured') - } - } - - if $backend_package and !defined(Package[$backend_package]) { - package {'glance-backend-package': - ensure => present, - name => $backend_package, - tag => 'openstack', - } - } - - glance_registry_config { - 'database/connection': value => $database_connection_real, secret => true; - 'database/idle_timeout': value => $database_idle_timeout_real; - 'database/min_pool_size': value => $database_min_pool_size_real; - 'database/max_retries': value => $database_max_retries_real; - 'database/retry_interval': value => $database_retry_interval_real; - 'database/max_pool_size': value => $database_max_pool_size_real; - 'database/max_overflow': value => $database_max_overflow_real; - } - -} diff --git a/glance/manifests/registry/logging.pp b/glance/manifests/registry/logging.pp deleted file mode 100644 index 35e967aaf..000000000 --- a/glance/manifests/registry/logging.pp +++ /dev/null @@ -1,264 +0,0 @@ -# Class glance::registry::logging -# -# glance-registry logging configuration -# -# == parameters -# -# [*verbose*] -# (Optional) Should the daemons log verbose messages -# Defaults to 'false' -# -# [*debug*] -# (Optional) Should the daemons log debug messages -# Defaults to 'false' -# -# [*use_syslog*] -# (Optional) Use syslog for logging. -# Defaults to 'false' -# -# [*use_stderr*] -# (optional) Use stderr for logging -# Defaults to 'true' -# -# [*log_facility*] -# (Optional) Syslog facility to receive log lines. -# Defaults to 'LOG_USER' -# -# [*log_dir*] -# (optional) Directory where logs should be stored. -# If set to boolean false, it will not log to any directory. -# Defaults to '/var/log/glance' -# -# [*log_file*] -# (optional) File where logs should be stored. -# Defaults to '/var/log/glance/registry.log' -# -# [*logging_context_format_string*] -# (optional) Format string to use for log messages with context. -# Defaults to undef. -# Example: '%(asctime)s.%(msecs)03d %(process)d %(levelname)s %(name)s\ -# [%(request_id)s %(user_identity)s] %(instance)s%(message)s' -# -# [*logging_default_format_string*] -# (optional) Format string to use for log messages without context. -# Defaults to undef. -# Example: '%(asctime)s.%(msecs)03d %(process)d %(levelname)s %(name)s\ -# [-] %(instance)s%(message)s' -# -# [*logging_debug_format_suffix*] -# (optional) Formatted data to append to log format when level is DEBUG. -# Defaults to undef. -# Example: '%(funcName)s %(pathname)s:%(lineno)d' -# -# [*logging_exception_prefix*] -# (optional) Prefix each line of exception output with this format. -# Defaults to undef. -# Example: '%(asctime)s.%(msecs)03d %(process)d TRACE %(name)s %(instance)s' -# -# [*log_config_append*] -# The name of an additional logging configuration file. -# Defaults to undef. -# See https://docs.python.org/2/howto/logging.html -# -# [*default_log_levels*] -# (optional) Hash of logger (keys) and level (values) pairs. -# Defaults to undef. -# Example: -# { 'amqp' => 'WARN', 'amqplib' => 'WARN', 'boto' => 'WARN', -# 'qpid' => 'WARN', 'sqlalchemy' => 'WARN', 'suds' => 'INFO', -# 'iso8601' => 'WARN', -# 'requests.packages.urllib3.connectionpool' => 'WARN' } -# -# [*publish_errors*] -# (optional) Publish error events (boolean value). -# Defaults to undef (false if unconfigured). -# -# [*fatal_deprecations*] -# (optional) Make deprecations fatal (boolean value) -# Defaults to undef (false if unconfigured). -# -# [*instance_format*] -# (optional) If an instance is passed with the log message, format it -# like this (string value). -# Defaults to undef. -# Example: '[instance: %(uuid)s] ' -# -# [*instance_uuid_format*] -# (optional) If an instance UUID is passed with the log message, format -# it like this (string value). -# Defaults to undef. -# Example: instance_uuid_format='[instance: %(uuid)s] ' -# -# [*log_date_format*] -# (optional) Format string for %%(asctime)s in log records. -# Defaults to undef. -# Example: 'Y-%m-%d %H:%M:%S' - -class glance::registry::logging( - $use_syslog = false, - $use_stderr = true, - $log_facility = 'LOG_USER', - $log_dir = '/var/log/glance', - $log_file = '/var/log/glance/registry.log', - $verbose = false, - $debug = false, - $logging_context_format_string = undef, - $logging_default_format_string = undef, - $logging_debug_format_suffix = undef, - $logging_exception_prefix = undef, - $log_config_append = undef, - $default_log_levels = undef, - $publish_errors = undef, - $fatal_deprecations = undef, - $instance_format = undef, - $instance_uuid_format = undef, - $log_date_format = undef, -) { - - # NOTE(spredzy): In order to keep backward compatibility we rely on the pick function - # to use glance:: first, then glance::logging::. - $use_syslog_real = pick($::glance::registry::use_syslog,$use_syslog) - $use_stderr_real = pick($::glance::registry::use_stderr,$use_stderr) - $log_facility_real = pick($::glance::registry::log_facility,$log_facility) - $log_dir_real = pick($::glance::registry::log_dir,$log_dir) - $log_file_real = pick($::glance::registry::log_file,$log_file) - $verbose_real = pick($::glance::registry::verbose,$verbose) - $debug_real = pick($::glance::registry::debug,$debug) - - glance_registry_config { - 'DEFAULT/debug' : value => $debug_real; - 'DEFAULT/verbose' : value => $verbose_real; - 'DEFAULT/use_stderr' : value => $use_stderr_real; - 'DEFAULT/use_syslog' : value => $use_syslog_real; - 'DEFAULT/log_dir' : value => $log_dir_real; - 'DEFAULT/log_file' : value => $log_file_real; - 'DEFAULT/syslog_log_facility': value => $log_facility_real; - } - - if $logging_context_format_string { - glance_registry_config { - 'DEFAULT/logging_context_format_string' : - value => $logging_context_format_string; - } - } - else { - glance_registry_config { - 'DEFAULT/logging_context_format_string' : ensure => absent; - } - } - - if $logging_default_format_string { - glance_registry_config { - 'DEFAULT/logging_default_format_string' : - value => $logging_default_format_string; - } - } - else { - glance_registry_config { - 'DEFAULT/logging_default_format_string' : ensure => absent; - } - } - - if $logging_debug_format_suffix { - glance_registry_config { - 'DEFAULT/logging_debug_format_suffix' : - value => $logging_debug_format_suffix; - } - } - else { - glance_registry_config { - 'DEFAULT/logging_debug_format_suffix' : ensure => absent; - } - } - - if $logging_exception_prefix { - glance_registry_config { - 'DEFAULT/logging_exception_prefix' : value => $logging_exception_prefix; - } - } - else { - glance_registry_config { - 'DEFAULT/logging_exception_prefix' : ensure => absent; - } - } - - if $log_config_append { - glance_registry_config { - 'DEFAULT/log_config_append' : value => $log_config_append; - } - } - else { - glance_registry_config { - 'DEFAULT/log_config_append' : ensure => absent; - } - } - - if $default_log_levels { - glance_registry_config { - 'DEFAULT/default_log_levels' : - value => join(sort(join_keys_to_values($default_log_levels, '=')), ','); - } - } - else { - glance_registry_config { - 'DEFAULT/default_log_levels' : ensure => absent; - } - } - - if $publish_errors { - glance_registry_config { - 'DEFAULT/publish_errors' : value => $publish_errors; - } - } - else { - glance_registry_config { - 'DEFAULT/publish_errors' : ensure => absent; - } - } - - if $fatal_deprecations { - glance_registry_config { - 'DEFAULT/fatal_deprecations' : value => $fatal_deprecations; - } - } - else { - glance_registry_config { - 'DEFAULT/fatal_deprecations' : ensure => absent; - } - } - - if $instance_format { - glance_registry_config { - 'DEFAULT/instance_format' : value => $instance_format; - } - } - else { - glance_registry_config { - 'DEFAULT/instance_format' : ensure => absent; - } - } - - if $instance_uuid_format { - glance_registry_config { - 'DEFAULT/instance_uuid_format' : value => $instance_uuid_format; - } - } - else { - glance_registry_config { - 'DEFAULT/instance_uuid_format' : ensure => absent; - } - } - - if $log_date_format { - glance_registry_config { - 'DEFAULT/log_date_format' : value => $log_date_format; - } - } - else { - glance_registry_config { - 'DEFAULT/log_date_format' : ensure => absent; - } - } - - -} diff --git a/glance/metadata.json b/glance/metadata.json deleted file mode 100644 index 088c2709c..000000000 --- a/glance/metadata.json +++ /dev/null @@ -1,31 +0,0 @@ -{ - "name": "openstack-glance", - "version": "8.1.0", - "author": "Puppet Labs and OpenStack Contributors", - "summary": "Puppet module for OpenStack Glance", - "license": "Apache-2.0", - "source": "git://github.com/openstack/puppet-glance.git", - "project_page": "https://launchpad.net/puppet-glance", - "issues_url": "https://bugs.launchpad.net/puppet-glance", - "requirements": [ - { "name": "pe", "version_requirement": ">= 3.2.0 <= 2016.1.0" }, - { "name": "puppet", "version_requirement": ">= 3.0.0 < 5.0.0" } - ], - "operatingsystem_support": [ - { - "operatingsystem": "RedHat", - "operatingsystemrelease": ["7"] - }, - { - "operatingsystem": "Ubuntu", - "operatingsystemrelease": ["14.04"] - } - ], - "description": "Installs and configures OpenStack Glance (Image Service).", - "dependencies": [ - { "name": "puppetlabs/inifile", "version_requirement": ">=1.4.0 <2.0.0" }, - { "name": "openstack/keystone", "version_requirement": ">=8.1.0 <9.0.0" }, - { "name": "puppetlabs/stdlib", "version_requirement": ">=4.9.0 <5.0.0" }, - { "name": "openstack/openstacklib", "version_requirement": ">=8.1.0 <9.0.0" } - ] -} diff --git a/glance/releasenotes/notes/deprecate_old_vsphere_backend_parameters-8d798bd64b750911.yaml b/glance/releasenotes/notes/deprecate_old_vsphere_backend_parameters-8d798bd64b750911.yaml deleted file mode 100644 index 9d25b9876..000000000 --- a/glance/releasenotes/notes/deprecate_old_vsphere_backend_parameters-8d798bd64b750911.yaml +++ /dev/null @@ -1,5 +0,0 @@ ---- -upgrade: - - vmware_api_insecure deprecated, use vmware_insecure - vmware_datacenter_path and vmware_datastore_name - deprecated, use vmware_datastores diff --git a/glance/releasenotes/notes/glance-image-id-d1a32b5ec443611e.yaml b/glance/releasenotes/notes/glance-image-id-d1a32b5ec443611e.yaml deleted file mode 100644 index 8e7671f8f..000000000 --- a/glance/releasenotes/notes/glance-image-id-d1a32b5ec443611e.yaml +++ /dev/null @@ -1,5 +0,0 @@ ---- -features: - - Add the ability to create an image with a id - specified by the user. The provider now accepts - id parameter to create the image. diff --git a/glance/releasenotes/notes/glance-swift-v3-572d506977688377.yaml b/glance/releasenotes/notes/glance-swift-v3-572d506977688377.yaml deleted file mode 100644 index fc088d4da..000000000 --- a/glance/releasenotes/notes/glance-swift-v3-572d506977688377.yaml +++ /dev/null @@ -1,11 +0,0 @@ ---- -upgrade: - - Glance users who wish to configure the Swift backend - can make use of swift_store_auth_project_domain_id and - swift_store_auth_user_domain_id to configure the required - keystone domain settings. -fixes: - - Previously glance swift authentication would work only - with keystone auth <= 2. This fix allows you to properly - configured the (required) keystone domains for keystone - v3 authentication. diff --git a/glance/releasenotes/notes/glance_cache_logging-1f53fc9d71d04686.yaml b/glance/releasenotes/notes/glance_cache_logging-1f53fc9d71d04686.yaml deleted file mode 100644 index d12a3dde7..000000000 --- a/glance/releasenotes/notes/glance_cache_logging-1f53fc9d71d04686.yaml +++ /dev/null @@ -1,3 +0,0 @@ ---- -features: - - Create glance::cache::logging class that follow the same pattern as other modules. diff --git a/glance/releasenotes/notes/glance_db_class-dee87f87e25d0040.yaml b/glance/releasenotes/notes/glance_db_class-dee87f87e25d0040.yaml deleted file mode 100644 index df96506df..000000000 --- a/glance/releasenotes/notes/glance_db_class-dee87f87e25d0040.yaml +++ /dev/null @@ -1,4 +0,0 @@ ---- -features: - - Introduce glance::api::db and glance::registry::db classes to follow other modules. - They aim to configure database connection for Glance API and Glance Registry. diff --git a/glance/releasenotes/notes/glance_glare_service-2cd8231e1e7d097b.yaml b/glance/releasenotes/notes/glance_glare_service-2cd8231e1e7d097b.yaml deleted file mode 100644 index 550e7c0a2..000000000 --- a/glance/releasenotes/notes/glance_glare_service-2cd8231e1e7d097b.yaml +++ /dev/null @@ -1,5 +0,0 @@ ---- -features: - - Introduce glance::glare service. Glance V3 experimental - API has been removed in Mitaka in favour of standalone - Glance Artifacts Repository (GLARE) API. diff --git a/glance/releasenotes/notes/ipv6_registry-95b934a99a6f2639.yaml b/glance/releasenotes/notes/ipv6_registry-95b934a99a6f2639.yaml deleted file mode 100644 index 025701c02..000000000 --- a/glance/releasenotes/notes/ipv6_registry-95b934a99a6f2639.yaml +++ /dev/null @@ -1,3 +0,0 @@ ---- -features: - - Normalize registry_host if IPv6 by adding brackets if not there. diff --git a/glance/releasenotes/notes/keystone_python_depr-80fa804d9cd242c5.yaml b/glance/releasenotes/notes/keystone_python_depr-80fa804d9cd242c5.yaml deleted file mode 100644 index cc15362d6..000000000 --- a/glance/releasenotes/notes/keystone_python_depr-80fa804d9cd242c5.yaml +++ /dev/null @@ -1,3 +0,0 @@ ---- -deprecations: - - Remove usage of keystone::python class, that is deprecated. diff --git a/glance/releasenotes/notes/mitaka-dece9d43a565e6cb.yaml b/glance/releasenotes/notes/mitaka-dece9d43a565e6cb.yaml deleted file mode 100644 index ce9ca2de2..000000000 --- a/glance/releasenotes/notes/mitaka-dece9d43a565e6cb.yaml +++ /dev/null @@ -1,3 +0,0 @@ ---- -prelude: > - This is the first Mitaka release for puppet-glance module. diff --git a/glance/releasenotes/notes/multi_store-d53d0e440b55e9d6.yaml b/glance/releasenotes/notes/multi_store-d53d0e440b55e9d6.yaml deleted file mode 100644 index bb119434d..000000000 --- a/glance/releasenotes/notes/multi_store-d53d0e440b55e9d6.yaml +++ /dev/null @@ -1,13 +0,0 @@ ---- -features: - - Implement multiple store configuration. - It moves the default_store config option to the glance::api - class, and makes it possible to configure more than one store while - supplying a value for the default store to be used. If only one store - is given for glance_store/stores, the default store is automatically - set to be the same value. If multiple stores are given and no default - store is explicitly set, the config will fail and ask the user to - provide a default store. - -deprecations: - - Deprecate known_stores parameter in favor of stores. diff --git a/glance/releasenotes/notes/new_service_name-307a5803a248d2a3.yaml b/glance/releasenotes/notes/new_service_name-307a5803a248d2a3.yaml deleted file mode 100644 index 272258034..000000000 --- a/glance/releasenotes/notes/new_service_name-307a5803a248d2a3.yaml +++ /dev/null @@ -1,6 +0,0 @@ ---- -deprecations: - - Change default value for service_name in glance::keystone::auth class. - If Glance Service name is not set to "Image Service", a warning - will be sent. The default value changed to match - with https://github.com/openstack/keystone/blob/master/etc/default_catalog.templates diff --git a/glance/releasenotes/notes/pymysql-e57bf1f0289dd426.yaml b/glance/releasenotes/notes/pymysql-e57bf1f0289dd426.yaml deleted file mode 100644 index 3556c0c8c..000000000 --- a/glance/releasenotes/notes/pymysql-e57bf1f0289dd426.yaml +++ /dev/null @@ -1,3 +0,0 @@ ---- -features: - - Support of PyMySQL driver for MySQL backend. diff --git a/glance/releasenotes/notes/registry_ssl-eed9bdc67c795cde.yaml b/glance/releasenotes/notes/registry_ssl-eed9bdc67c795cde.yaml deleted file mode 100644 index e6a03b7d3..000000000 --- a/glance/releasenotes/notes/registry_ssl-eed9bdc67c795cde.yaml +++ /dev/null @@ -1,3 +0,0 @@ ---- -features: - - Allow to configure Glance API to communicate with Glance Registry using SSL. diff --git a/glance/releasenotes/notes/remove_cluster_id-da63a8f698b27cec.yaml b/glance/releasenotes/notes/remove_cluster_id-da63a8f698b27cec.yaml deleted file mode 100644 index 40d8e4dda..000000000 --- a/glance/releasenotes/notes/remove_cluster_id-da63a8f698b27cec.yaml +++ /dev/null @@ -1,3 +0,0 @@ ---- -deprecations: - - Remove deprecated cluster_id parameter. diff --git a/glance/releasenotes/notes/remove_old_auth-d9fc4af8e2ced291.yaml b/glance/releasenotes/notes/remove_old_auth-d9fc4af8e2ced291.yaml deleted file mode 100644 index 2818d4c90..000000000 --- a/glance/releasenotes/notes/remove_old_auth-d9fc4af8e2ced291.yaml +++ /dev/null @@ -1,3 +0,0 @@ ---- -deprecations: - - Use identity_uri and auth_uri by default and remove old deprecated auth parameters. diff --git a/glance/releasenotes/notes/remove_posix-d1f775df21874348.yaml b/glance/releasenotes/notes/remove_posix-d1f775df21874348.yaml deleted file mode 100644 index 2930cc25f..000000000 --- a/glance/releasenotes/notes/remove_posix-d1f775df21874348.yaml +++ /dev/null @@ -1,4 +0,0 @@ ---- -other: - - Remove all Puppet resources that manage Users, Groups, and File modes - because upstream packaging already manages them. diff --git a/glance/releasenotes/notes/remove_qpid-0b446db43fdea617.yaml b/glance/releasenotes/notes/remove_qpid-0b446db43fdea617.yaml deleted file mode 100644 index c59a436d3..000000000 --- a/glance/releasenotes/notes/remove_qpid-0b446db43fdea617.yaml +++ /dev/null @@ -1,5 +0,0 @@ ---- -deprecations: - - Remove QPID messaging support. - Qpid messaging driver is removed from oslo.messaging so we won't support - anymore. diff --git a/glance/releasenotes/notes/update_swift-52dfa8715cddbe91.yaml b/glance/releasenotes/notes/update_swift-52dfa8715cddbe91.yaml deleted file mode 100644 index 951f57e39..000000000 --- a/glance/releasenotes/notes/update_swift-52dfa8715cddbe91.yaml +++ /dev/null @@ -1,7 +0,0 @@ ---- -upgrade: - - Before, when Glance was configured with Swift backend, credentials were stored in database. - It caused issues when credentials change, old images are not usable anymore. - Glance and Glance store projects implemented a way to use separated sections for credentials - without storing them in database. The puppet-glance module is now using this new method, also - Glance Cache configuration does not have Swift parameters anymore, so we deleted them. diff --git a/glance/releasenotes/notes/use-reno-1caaec4ba5aa4285.yaml b/glance/releasenotes/notes/use-reno-1caaec4ba5aa4285.yaml deleted file mode 100644 index 41cef2f11..000000000 --- a/glance/releasenotes/notes/use-reno-1caaec4ba5aa4285.yaml +++ /dev/null @@ -1,4 +0,0 @@ ---- -features: - - Release notes are no longer maintained by hand, we now use the reno tool to - manage them. diff --git a/glance/releasenotes/source/_static/.placeholder b/glance/releasenotes/source/_static/.placeholder deleted file mode 100644 index e69de29bb..000000000 diff --git a/glance/releasenotes/source/conf.py b/glance/releasenotes/source/conf.py deleted file mode 100644 index ee4be12e3..000000000 --- a/glance/releasenotes/source/conf.py +++ /dev/null @@ -1,259 +0,0 @@ -# -*- coding: utf-8 -*- -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or -# implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -# If extensions (or modules to document with autodoc) are in another directory, -# add these directories to sys.path here. If the directory is relative to the -# documentation root, use os.path.abspath to make it absolute, like shown here. -#sys.path.insert(0, os.path.abspath('.')) - -# -- General configuration ------------------------------------------------ - -# If your documentation needs a minimal Sphinx version, state it here. -#needs_sphinx = '1.0' - -# Add any Sphinx extension module names here, as strings. They can be -# extensions coming with Sphinx (named 'sphinx.ext.*') or your custom -# ones. -extensions = [ - 'oslosphinx', - 'reno.sphinxext', -] - -# Add any paths that contain templates here, relative to this directory. -templates_path = ['_templates'] - -# The suffix of source filenames. -source_suffix = '.rst' - -# The encoding of source files. -#source_encoding = 'utf-8-sig' - -# The master toctree document. -master_doc = 'index' - -# General information about the project. -project = u'puppet-glance Release Notes' -copyright = u'2016, Puppet OpenStack Developers' - -# The version info for the project you're documenting, acts as replacement for -# |version| and |release|, also used in various other places throughout the -# built documents. -# -# The short X.Y version. -version = '8.1.0' -# The full version, including alpha/beta/rc tags. -release = '8.1.0' - -# The language for content autogenerated by Sphinx. Refer to documentation -# for a list of supported languages. -#language = None - -# There are two options for replacing |today|: either, you set today to some -# non-false value, then it is used: -#today = '' -# Else, today_fmt is used as the format for a strftime call. -#today_fmt = '%B %d, %Y' - -# List of patterns, relative to source directory, that match files and -# directories to ignore when looking for source files. -exclude_patterns = [] - -# The reST default role (used for this markup: `text`) to use for all -# documents. -#default_role = None - -# If true, '()' will be appended to :func: etc. cross-reference text. -#add_function_parentheses = True - -# If true, the current module name will be prepended to all description -# unit titles (such as .. function::). -#add_module_names = True - -# If true, sectionauthor and moduleauthor directives will be shown in the -# output. They are ignored by default. -#show_authors = False - -# The name of the Pygments (syntax highlighting) style to use. -pygments_style = 'sphinx' - -# A list of ignored prefixes for module index sorting. -#modindex_common_prefix = [] - -# If true, keep warnings as "system message" paragraphs in the built documents. -#keep_warnings = False - - -# -- Options for HTML output ---------------------------------------------- - -# The theme to use for HTML and HTML Help pages. See the documentation for -# a list of builtin themes. -html_theme = 'default' - -# Theme options are theme-specific and customize the look and feel of a theme -# further. For a list of options available for each theme, see the -# documentation. -#html_theme_options = {} - -# Add any paths that contain custom themes here, relative to this directory. -#html_theme_path = [] - -# The name for this set of Sphinx documents. If None, it defaults to -# " v documentation". -#html_title = None - -# A shorter title for the navigation bar. Default is the same as html_title. -#html_short_title = None - -# The name of an image file (relative to this directory) to place at the top -# of the sidebar. -#html_logo = None - -# The name of an image file (within the static path) to use as favicon of the -# docs. This file should be a Windows icon file (.ico) being 16x16 or 32x32 -# pixels large. -#html_favicon = None - -# Add any paths that contain custom static files (such as style sheets) here, -# relative to this directory. They are copied after the builtin static files, -# so a file named "default.css" will overwrite the builtin "default.css". -html_static_path = ['_static'] - -# Add any extra paths that contain custom files (such as robots.txt or -# .htaccess) here, relative to this directory. These files are copied -# directly to the root of the documentation. -#html_extra_path = [] - -# If not '', a 'Last updated on:' timestamp is inserted at every page bottom, -# using the given strftime format. -#html_last_updated_fmt = '%b %d, %Y' - -# If true, SmartyPants will be used to convert quotes and dashes to -# typographically correct entities. -#html_use_smartypants = True - -# Custom sidebar templates, maps document names to template names. -#html_sidebars = {} - -# Additional templates that should be rendered to pages, maps page names to -# template names. -#html_additional_pages = {} - -# If false, no module index is generated. -#html_domain_indices = True - -# If false, no index is generated. -#html_use_index = True - -# If true, the index is split into individual pages for each letter. -#html_split_index = False - -# If true, links to the reST sources are added to the pages. -#html_show_sourcelink = True - -# If true, "Created using Sphinx" is shown in the HTML footer. Default is True. -#html_show_sphinx = True - -# If true, "(C) Copyright ..." is shown in the HTML footer. Default is True. -#html_show_copyright = True - -# If true, an OpenSearch description file will be output, and all pages will -# contain a tag referring to it. The value of this option must be the -# base URL from which the finished HTML is served. -#html_use_opensearch = '' - -# This is the file name suffix for HTML files (e.g. ".xhtml"). -#html_file_suffix = None - -# Output file base name for HTML help builder. -htmlhelp_basename = 'puppet-glanceReleaseNotesdoc' - - -# -- Options for LaTeX output --------------------------------------------- - -latex_elements = { -# The paper size ('letterpaper' or 'a4paper'). -#'papersize': 'letterpaper', - -# The font size ('10pt', '11pt' or '12pt'). -#'pointsize': '10pt', - -# Additional stuff for the LaTeX preamble. -#'preamble': '', -} - -# Grouping the document tree into LaTeX files. List of tuples -# (source start file, target name, title, -# author, documentclass [howto, manual, or own class]). -latex_documents = [ - ('index', 'puppet-glanceReleaseNotes.tex', u'puppet-glance Release Notes Documentation', - u'2016, Puppet OpenStack Developers', 'manual'), -] - -# The name of an image file (relative to this directory) to place at the top of -# the title page. -#latex_logo = None - -# For "manual" documents, if this is true, then toplevel headings are parts, -# not chapters. -#latex_use_parts = False - -# If true, show page references after internal links. -#latex_show_pagerefs = False - -# If true, show URL addresses after external links. -#latex_show_urls = False - -# Documents to append as an appendix to all manuals. -#latex_appendices = [] - -# If false, no module index is generated. -#latex_domain_indices = True - - -# -- Options for manual page output --------------------------------------- - -# One entry per manual page. List of tuples -# (source start file, name, description, authors, manual section). -man_pages = [ - ('index', 'puppet-glancereleasenotes', u'puppet-glance Release Notes Documentation', - [u'2016, Puppet OpenStack Developers'], 1) -] - -# If true, show URL addresses after external links. -#man_show_urls = False - - -# -- Options for Texinfo output ------------------------------------------- - -# Grouping the document tree into Texinfo files. List of tuples -# (source start file, target name, title, author, -# dir menu entry, description, category) -texinfo_documents = [ - ('index', 'puppet-glanceReleaseNotes', u'puppet-glance Release Notes Documentation', - u'2016, Puppet OpenStack Developers', 'puppet-glanceReleaseNotes', 'One line description of project.', - 'Miscellaneous'), -] - -# Documents to append as an appendix to all manuals. -#texinfo_appendices = [] - -# If false, no module index is generated. -#texinfo_domain_indices = True - -# How to display URL addresses: 'footnote', 'no', or 'inline'. -#texinfo_show_urls = 'footnote' - -# If true, do not generate a @detailmenu in the "Top" node's menu. -#texinfo_no_detailmenu = False diff --git a/glance/releasenotes/source/index.rst b/glance/releasenotes/source/index.rst deleted file mode 100644 index 6ae57cf91..000000000 --- a/glance/releasenotes/source/index.rst +++ /dev/null @@ -1,19 +0,0 @@ -======================================= -Welcome to puppet-glance Release Notes! -======================================= - -Contents -======== - -.. toctree:: - :maxdepth: 2 - - mitaka - unreleased - - -Indices and tables -================== - -* :ref:`genindex` -* :ref:`search` diff --git a/glance/releasenotes/source/mitaka.rst b/glance/releasenotes/source/mitaka.rst deleted file mode 100644 index 97ab8d1d3..000000000 --- a/glance/releasenotes/source/mitaka.rst +++ /dev/null @@ -1,6 +0,0 @@ -============================ - Mitaka Series Release Notes -============================ - -.. release-notes:: - :branch: origin/stable/mitaka diff --git a/glance/releasenotes/source/unreleased.rst b/glance/releasenotes/source/unreleased.rst deleted file mode 100644 index 2334dd5cf..000000000 --- a/glance/releasenotes/source/unreleased.rst +++ /dev/null @@ -1,5 +0,0 @@ -============================== - Current Series Release Notes -============================== - - .. release-notes:: diff --git a/glance/setup.cfg b/glance/setup.cfg deleted file mode 100644 index 13faed74f..000000000 --- a/glance/setup.cfg +++ /dev/null @@ -1,13 +0,0 @@ -[metadata] -name = puppet-glance -summary = Puppet module for OpenStack Glance -description-file = - README.md -author = Puppet Labs and OpenStack Contributors -author-email = openstack-dev@lists.openstack.org -home-page = http://www.openstack.org/ -classifier = - Intended Audience :: Developers - Intended Audience :: System Administrators - License :: OSI Approved :: Apache Software License - Operating System :: POSIX :: Linux diff --git a/glance/setup.py b/glance/setup.py deleted file mode 100644 index 70c2b3f32..000000000 --- a/glance/setup.py +++ /dev/null @@ -1,22 +0,0 @@ -#!/usr/bin/env python -# Copyright (c) 2013 Hewlett-Packard Development Company, L.P. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or -# implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# THIS FILE IS MANAGED BY THE GLOBAL REQUIREMENTS REPO - DO NOT EDIT -import setuptools - -setuptools.setup( - setup_requires=['pbr'], - pbr=True) diff --git a/glance/spec/acceptance/basic_glance_spec.rb b/glance/spec/acceptance/basic_glance_spec.rb deleted file mode 100644 index 755e8fe86..000000000 --- a/glance/spec/acceptance/basic_glance_spec.rb +++ /dev/null @@ -1,101 +0,0 @@ -require 'spec_helper_acceptance' - -describe 'glance class' do - - context 'default parameters' do - pp= <<-EOS - include ::openstack_integration - include ::openstack_integration::repos - include ::openstack_integration::mysql - include ::openstack_integration::keystone - - # Glance resources - include ::glance - include ::glance::client - include ::glance::backend::file - class { '::glance::db::mysql': - # https://bugs.launchpad.net/puppet-glance/+bug/1446375 - collate => 'utf8_general_ci', - password => 'a_big_secret', - } - class { '::glance::keystone::auth': - password => 'a_big_secret', - } - class { '::glance::keystone::glare_auth': - password => 'a_big_secret', - } - class { '::glance::api': - database_connection => 'mysql+pymysql://glance:a_big_secret@127.0.0.1/glance?charset=utf8', - verbose => false, - keystone_password => 'a_big_secret', - } - class { '::glance::registry': - database_connection => 'mysql+pymysql://glance:a_big_secret@127.0.0.1/glance?charset=utf8', - verbose => false, - keystone_password => 'a_big_secret', - } - class { '::glance::glare::db': - database_connection => 'mysql+pymysql://glance:a_big_secret@127.0.0.1/glance?charset=utf8', - } - class { '::glance::glare': - keystone_password => 'a_big_secret', - } - - glance_image { 'test_image': - ensure => present, - container_format => 'bare', - disk_format => 'qcow2', - is_public => 'yes', - source => 'http://download.cirros-cloud.net/0.3.1/cirros-0.3.1-x86_64-disk.img', - min_ram => '64', - min_disk => '1024', - properties => { 'icanhaz' => 'cheezburger' }, - } - EOS - - it 'should configure the glance endpoint before the glance-api service uses it' do - pp2 = pp + "Service['glance-api'] -> Keystone_endpoint['RegionOne/Image Service::image']" - expect(apply_manifest(pp2, :expect_failures => true, :noop => true).stderr).to match(/Found 1 dependency cycle/i) - end - - it 'should configure the glance user before the glance-api service uses it' do - pp2 = pp + "Service['glance-api'] -> Keystone_user_role['glance@services']" - expect(apply_manifest(pp2, :expect_failures => true, :noop => true).stderr).to match(/Found 1 dependency cycle/i) - end - - it 'should configure the glance user before the glance-registry service uses it' do - pp2 = pp + "Service['glance-registry'] -> Keystone_user_role['glance@services']" - expect(apply_manifest(pp2, :expect_failures => true, :noop => true).stderr).to match(/Found 1 dependency cycle/i) - end - - it 'should configure the glance-api service before using it to provision glance_images' do - pp2 = pp + "Glance_image['test_image'] -> Service['glance-api']" - expect(apply_manifest(pp2, :expect_failures => true, :noop => true).stderr).to match(/Found 1 dependency cycle/i) - end - - it 'should work with no errors' do - # Run it twice and test for idempotency - apply_manifest(pp, :catch_failures => true) - apply_manifest(pp, :catch_changes => true) - end - - describe 'glance images' do - it 'should create a glance image with proper attributes' do - glance_env_opts = '--os-username glance --os-password a_big_secret --os-tenant-name services --os-auth-url http://127.0.0.1:5000/v2.0' - shell("openstack #{glance_env_opts} image list") do |r| - expect(r.stdout).to match(/test_image/) - expect(r.stderr).to be_empty - end - shell("openstack #{glance_env_opts} image show test_image --format shell") do |r| - expect(r.stdout).to match(/visibility="public"/) - expect(r.stdout).to match(/container_format="bare"/) - expect(r.stdout).to match(/disk_format="qcow2"/) - expect(r.stdout).to match(/properties="icanhaz='cheezburger'"/) - expect(r.stdout).to match(/min_ram="64"/) - expect(r.stdout).to match(/min_disk="1024"/) - expect(r.stderr).to be_empty - end - end - end - end -end diff --git a/glance/spec/acceptance/glance_config_spec.rb b/glance/spec/acceptance/glance_config_spec.rb deleted file mode 100644 index 6074cfe5c..000000000 --- a/glance/spec/acceptance/glance_config_spec.rb +++ /dev/null @@ -1,155 +0,0 @@ -require 'spec_helper_acceptance' - -describe 'basic glance config resource' do - - context 'default parameters' do - - it 'should work with no errors' do - pp= <<-EOS - Exec { logoutput => 'on_failure' } - - File <||> -> Glance_api_config <||> - File <||> -> Glance_registry_config <||> - File <||> -> Glance_cache_config <||> - File <||> -> Glance_glare_config <||> - - file { '/etc/glance' : - ensure => directory, - } - file { '/etc/glance/glance-api.conf' : - ensure => file, - } - file { '/etc/glance/glance-registry.conf' : - ensure => file, - } - file { '/etc/glance/glance-cache.conf' : - ensure => file, - } - file { '/etc/glance/glance-glare.conf' : - ensure => file, - } - - glance_api_config { 'DEFAULT/thisshouldexist' : - value => 'foo', - } - - glance_api_config { 'DEFAULT/thisshouldnotexist' : - value => '', - } - - glance_api_config { 'DEFAULT/thisshouldexist2' : - value => '', - ensure_absent_val => 'toto', - } - - glance_api_config { 'DEFAULT/thisshouldnotexist2' : - value => 'toto', - ensure_absent_val => 'toto', - } - - glance_registry_config { 'DEFAULT/thisshouldexist' : - value => 'foo', - } - - glance_registry_config { 'DEFAULT/thisshouldnotexist' : - value => '', - } - - glance_registry_config { 'DEFAULT/thisshouldexist2' : - value => '', - ensure_absent_val => 'toto', - } - - glance_registry_config { 'DEFAULT/thisshouldnotexist2' : - value => 'toto', - ensure_absent_val => 'toto', - } - - glance_cache_config { 'DEFAULT/thisshouldexist' : - value => 'foo', - } - - glance_cache_config { 'DEFAULT/thisshouldnotexist' : - value => '', - } - - glance_cache_config { 'DEFAULT/thisshouldexist2' : - value => '', - ensure_absent_val => 'toto', - } - - glance_cache_config { 'DEFAULT/thisshouldnotexist2' : - value => 'toto', - ensure_absent_val => 'toto', - } - - glance_glare_config { 'DEFAULT/thisshouldexist' : - value => 'foo', - } - - glance_glare_config { 'DEFAULT/thisshouldnotexist' : - value => '', - } - - glance_glare_config { 'DEFAULT/thisshouldexist2' : - value => '', - ensure_absent_val => 'toto', - } - - glance_glare_config { 'DEFAULT/thisshouldnotexist2' : - value => 'toto', - ensure_absent_val => 'toto', - } - EOS - - - # Run it twice and test for idempotency - apply_manifest(pp, :catch_failures => true) - apply_manifest(pp, :catch_changes => true) - end - - describe file('/etc/glance/glance-api.conf') do - it { is_expected.to exist } - it { is_expected.to contain('thisshouldexist=foo') } - it { is_expected.to contain('thisshouldexist2=') } - - describe '#content' do - subject { super().content } - it { is_expected.not_to match /thisshouldnotexist/ } - end - end - - describe file('/etc/glance/glance-registry.conf') do - it { is_expected.to exist } - it { is_expected.to contain('thisshouldexist=foo') } - it { is_expected.to contain('thisshouldexist2=') } - - describe '#content' do - subject { super().content } - it { is_expected.not_to match /thisshouldnotexist/ } - end - end - - describe file('/etc/glance/glance-cache.conf') do - it { is_expected.to exist } - it { is_expected.to contain('thisshouldexist=foo') } - it { is_expected.to contain('thisshouldexist2=') } - - describe '#content' do - subject { super().content } - it { is_expected.not_to match /thisshouldnotexist/ } - end - end - - describe file('/etc/glance/glance-glare.conf') do - it { is_expected.to exist } - it { is_expected.to contain('thisshouldexist=foo') } - it { is_expected.to contain('thisshouldexist2=') } - - describe '#content' do - subject { super().content } - it { is_expected.not_to match /thisshouldnotexist/ } - end - end - end -end diff --git a/glance/spec/acceptance/nodesets/centos-70-x64.yml b/glance/spec/acceptance/nodesets/centos-70-x64.yml deleted file mode 100644 index 5f097e9fe..000000000 --- a/glance/spec/acceptance/nodesets/centos-70-x64.yml +++ /dev/null @@ -1,11 +0,0 @@ -HOSTS: - centos-server-70-x64: - roles: - - master - platform: el-7-x86_64 - box: puppetlabs/centos-7.0-64-nocm - box_url: https://vagrantcloud.com/puppetlabs/centos-7.0-64-nocm - hypervisor: vagrant -CONFIG: - log_level: debug - type: foss diff --git a/glance/spec/acceptance/nodesets/default.yml b/glance/spec/acceptance/nodesets/default.yml deleted file mode 100644 index 486b6a34e..000000000 --- a/glance/spec/acceptance/nodesets/default.yml +++ /dev/null @@ -1,10 +0,0 @@ -HOSTS: - ubuntu-server-14.04-amd64: - roles: - - master - platform: ubuntu-14.04-amd64 - box: puppetlabs/ubuntu-14.04-64-nocm - box_url: https://vagrantcloud.com/puppetlabs/ubuntu-14.04-64-nocm - hypervisor: vagrant -CONFIG: - type: foss diff --git a/glance/spec/acceptance/nodesets/nodepool-centos7.yml b/glance/spec/acceptance/nodesets/nodepool-centos7.yml deleted file mode 100644 index c55287420..000000000 --- a/glance/spec/acceptance/nodesets/nodepool-centos7.yml +++ /dev/null @@ -1,10 +0,0 @@ -HOSTS: - centos-70-x64: - roles: - - master - platform: el-7-x86_64 - hypervisor: none - ip: 127.0.0.1 -CONFIG: - type: foss - set_env: false diff --git a/glance/spec/acceptance/nodesets/nodepool-trusty.yml b/glance/spec/acceptance/nodesets/nodepool-trusty.yml deleted file mode 100644 index 9fc624e24..000000000 --- a/glance/spec/acceptance/nodesets/nodepool-trusty.yml +++ /dev/null @@ -1,10 +0,0 @@ -HOSTS: - ubuntu-14.04-amd64: - roles: - - master - platform: ubuntu-14.04-amd64 - hypervisor: none - ip: 127.0.0.1 -CONFIG: - type: foss - set_env: false diff --git a/glance/spec/acceptance/nodesets/ubuntu-server-1404-x64.yml b/glance/spec/acceptance/nodesets/ubuntu-server-1404-x64.yml deleted file mode 100644 index 8001929b2..000000000 --- a/glance/spec/acceptance/nodesets/ubuntu-server-1404-x64.yml +++ /dev/null @@ -1,11 +0,0 @@ -HOSTS: - ubuntu-server-14.04-amd64: - roles: - - master - platform: ubuntu-14.04-amd64 - box: puppetlabs/ubuntu-14.04-64-nocm - box_url: https://vagrantcloud.com/puppetlabs/ubuntu-14.04-64-nocm - hypervisor: vagrant -CONFIG: - log_level: debug - type: foss diff --git a/glance/spec/classes/glance_api_db_spec.rb b/glance/spec/classes/glance_api_db_spec.rb deleted file mode 100644 index aba9fd119..000000000 --- a/glance/spec/classes/glance_api_db_spec.rb +++ /dev/null @@ -1,95 +0,0 @@ -require 'spec_helper' - -describe 'glance::api::db' do - - shared_examples 'glance::api::db' do - context 'with default parameters' do - it { is_expected.to contain_glance_api_config('database/connection').with_value('sqlite:///var/lib/glance/glance.sqlite').with_secret(true) } - it { is_expected.to contain_glance_api_config('database/idle_timeout').with_value('') } - it { is_expected.to contain_glance_api_config('database/min_pool_size').with_value('') } - it { is_expected.to contain_glance_api_config('database/max_retries').with_value('') } - it { is_expected.to contain_glance_api_config('database/retry_interval').with_value('') } - it { is_expected.to contain_glance_api_config('database/max_pool_size').with_value('') } - it { is_expected.to contain_glance_api_config('database/max_overflow').with_value('') } - end - - context 'with specific parameters' do - let :params do - { :database_connection => 'mysql+pymysql://glance_api:glance@localhost/glance', - :database_idle_timeout => '3601', - :database_min_pool_size => '2', - :database_max_retries => '11', - :database_retry_interval => '11', - :database_max_pool_size => '11', - :database_max_overflow => '21', - } - end - - it { is_expected.to contain_glance_api_config('database/connection').with_value('mysql+pymysql://glance_api:glance@localhost/glance').with_secret(true) } - it { is_expected.to contain_glance_api_config('database/idle_timeout').with_value('3601') } - it { is_expected.to contain_glance_api_config('database/min_pool_size').with_value('2') } - it { is_expected.to contain_glance_api_config('database/max_retries').with_value('11') } - it { is_expected.to contain_glance_api_config('database/retry_interval').with_value('11') } - it { is_expected.to contain_glance_api_config('database/max_pool_size').with_value('11') } - it { is_expected.to contain_glance_api_config('database/max_overflow').with_value('21') } - end - - context 'with MySQL-python library as backend package' do - let :params do - { :database_connection => 'mysql://glance_api:glance@localhost/glance' } - end - - it { is_expected.to contain_package('python-mysqldb').with(:ensure => 'present') } - end - - context 'with incorrect pymysql database_connection string' do - let :params do - { :database_connection => 'foo+pymysql://glance_api:glance@localhost/glance', } - end - - it_raises 'a Puppet::Error', /validate_re/ - end - - end - - shared_examples_for 'glance::api::db Debian' do - context 'using pymysql driver' do - let :params do - { :database_connection => 'mysql+pymysql://glance_api:glance@localhost/glance', } - end - - it 'install the proper backend package' do - is_expected.to contain_package('glance-backend-package').with( - :ensure => 'present', - :name => 'python-pymysql', - :tag => 'openstack' - ) - end - end - end - - shared_examples_for 'glance::api::db RedHat' do - context 'using pymysql driver' do - let :params do - { :database_connection => 'mysql+pymysql://glance_api:glance@localhost/glance', } - end - - it { is_expected.not_to contain_package('glance-backend-package') } - end - end - - on_supported_os({ - :supported_os => OSDefaults.get_supported_os - }).each do |os,facts| - context "on #{os}" do - let (:facts) do - facts.merge!(OSDefaults.get_facts()) - end - - it_configures 'glance::api::db' - it_configures "glance::api::db #{facts[:osfamily]}" - end - end - -end - diff --git a/glance/spec/classes/glance_api_logging_spec.rb b/glance/spec/classes/glance_api_logging_spec.rb deleted file mode 100644 index 501b6751c..000000000 --- a/glance/spec/classes/glance_api_logging_spec.rb +++ /dev/null @@ -1,142 +0,0 @@ -require 'spec_helper' - -describe 'glance::api::logging' do - - let :params do - { - } - end - - let :log_params do - { - :logging_context_format_string => '%(asctime)s.%(msecs)03d %(process)d %(levelname)s %(name)s [%(request_id)s %(user_identity)s] %(instance)s%(message)s', - :logging_default_format_string => '%(asctime)s.%(msecs)03d %(process)d %(levelname)s %(name)s [-] %(instance)s%(message)s', - :logging_debug_format_suffix => '%(funcName)s %(pathname)s:%(lineno)d', - :logging_exception_prefix => '%(asctime)s.%(msecs)03d %(process)d TRACE %(name)s %(instance)s', - :log_config_append => '/etc/glance/logging.conf', - :publish_errors => true, - :default_log_levels => { - 'amqp' => 'WARN', 'amqplib' => 'WARN', 'boto' => 'WARN', - 'qpid' => 'WARN', 'sqlalchemy' => 'WARN', 'suds' => 'INFO', - 'iso8601' => 'WARN', - 'requests.packages.urllib3.connectionpool' => 'WARN' }, - :fatal_deprecations => true, - :instance_format => '[instance: %(uuid)s] ', - :instance_uuid_format => '[instance: %(uuid)s] ', - :log_date_format => '%Y-%m-%d %H:%M:%S', - :use_syslog => true, - :use_stderr => false, - :log_facility => 'LOG_FOO', - :log_dir => '/var/log', - :log_file => '/var/tmp/glance_api_random.log', - :verbose => true, - :debug => true, - } - end - - shared_examples_for 'glance-api-logging' do - - context 'with basic logging options and default settings' do - it_configures 'basic default logging settings' - end - - context 'with basic logging options and non-default settings' do - before { params.merge!( log_params ) } - it_configures 'basic non-default logging settings' - end - - context 'with extended logging options' do - before { params.merge!( log_params ) } - it_configures 'logging params set' - end - - context 'without extended logging options' do - it_configures 'logging params unset' - end - - end - - shared_examples 'basic default logging settings' do - it 'configures glance logging settins with default values' do - is_expected.to contain_glance_api_config('DEFAULT/use_syslog').with(:value => 'false') - is_expected.to contain_glance_api_config('DEFAULT/use_stderr').with(:value => 'true') - is_expected.to contain_glance_api_config('DEFAULT/log_dir').with(:value => '/var/log/glance') - is_expected.to contain_glance_api_config('DEFAULT/log_file').with(:value => '/var/log/glance/api.log') - is_expected.to contain_glance_api_config('DEFAULT/verbose').with(:value => 'false') - is_expected.to contain_glance_api_config('DEFAULT/debug').with(:value => 'false') - end - end - - shared_examples 'basic non-default logging settings' do - it 'configures glance logging settins with non-default values' do - is_expected.to contain_glance_api_config('DEFAULT/use_syslog').with(:value => 'true') - is_expected.to contain_glance_api_config('DEFAULT/use_stderr').with(:value => 'false') - is_expected.to contain_glance_api_config('DEFAULT/syslog_log_facility').with(:value => 'LOG_FOO') - is_expected.to contain_glance_api_config('DEFAULT/log_dir').with(:value => '/var/log') - is_expected.to contain_glance_api_config('DEFAULT/log_file').with(:value => '/var/tmp/glance_api_random.log') - is_expected.to contain_glance_api_config('DEFAULT/verbose').with(:value => 'true') - is_expected.to contain_glance_api_config('DEFAULT/debug').with(:value => 'true') - end - end - - shared_examples_for 'logging params set' do - it 'enables logging params' do - is_expected.to contain_glance_api_config('DEFAULT/logging_context_format_string').with_value( - '%(asctime)s.%(msecs)03d %(process)d %(levelname)s %(name)s [%(request_id)s %(user_identity)s] %(instance)s%(message)s') - - is_expected.to contain_glance_api_config('DEFAULT/logging_default_format_string').with_value( - '%(asctime)s.%(msecs)03d %(process)d %(levelname)s %(name)s [-] %(instance)s%(message)s') - - is_expected.to contain_glance_api_config('DEFAULT/logging_debug_format_suffix').with_value( - '%(funcName)s %(pathname)s:%(lineno)d') - - is_expected.to contain_glance_api_config('DEFAULT/logging_exception_prefix').with_value( - '%(asctime)s.%(msecs)03d %(process)d TRACE %(name)s %(instance)s') - - is_expected.to contain_glance_api_config('DEFAULT/log_config_append').with_value( - '/etc/glance/logging.conf') - is_expected.to contain_glance_api_config('DEFAULT/publish_errors').with_value( - true) - - is_expected.to contain_glance_api_config('DEFAULT/default_log_levels').with_value( - 'amqp=WARN,amqplib=WARN,boto=WARN,iso8601=WARN,qpid=WARN,requests.packages.urllib3.connectionpool=WARN,sqlalchemy=WARN,suds=INFO') - - is_expected.to contain_glance_api_config('DEFAULT/fatal_deprecations').with_value( - true) - - is_expected.to contain_glance_api_config('DEFAULT/instance_format').with_value( - '[instance: %(uuid)s] ') - - is_expected.to contain_glance_api_config('DEFAULT/instance_uuid_format').with_value( - '[instance: %(uuid)s] ') - - is_expected.to contain_glance_api_config('DEFAULT/log_date_format').with_value( - '%Y-%m-%d %H:%M:%S') - end - end - - - shared_examples_for 'logging params unset' do - [ :logging_context_format_string, :logging_default_format_string, - :logging_debug_format_suffix, :logging_exception_prefix, - :log_config_append, :publish_errors, - :default_log_levels, :fatal_deprecations, - :instance_format, :instance_uuid_format, - :log_date_format, ].each { |param| - it { is_expected.to contain_glance_api_config("DEFAULT/#{param}").with_ensure('absent') } - } - end - - on_supported_os({ - :supported_os => OSDefaults.get_supported_os - }).each do |os,facts| - context "on #{os}" do - let (:facts) do - facts.merge!(OSDefaults.get_facts()) - end - - it_configures 'glance-api-logging' - end - end - -end diff --git a/glance/spec/classes/glance_api_spec.rb b/glance/spec/classes/glance_api_spec.rb deleted file mode 100644 index 9666bbda3..000000000 --- a/glance/spec/classes/glance_api_spec.rb +++ /dev/null @@ -1,422 +0,0 @@ -require 'spec_helper' - -describe 'glance::api' do - - let :default_params do - { - :verbose => false, - :debug => false, - :use_stderr => true, - :bind_host => '0.0.0.0', - :bind_port => '9292', - :registry_host => '0.0.0.0', - :registry_port => '9191', - :registry_client_protocol => 'http', - :log_file => '/var/log/glance/api.log', - :log_dir => '/var/log/glance', - :auth_type => 'keystone', - :auth_region => '', - :enabled => true, - :manage_service => true, - :backlog => '4096', - :workers => '7', - :keystone_tenant => 'services', - :keystone_user => 'glance', - :keystone_password => 'ChangeMe', - :token_cache_time => '', - :memcached_servers => '', - :show_image_direct_url => false, - :show_multiple_locations => '', - :location_strategy => '', - :purge_config => false, - :known_stores => false, - :delayed_delete => '', - :scrub_time => '', - :default_store => false, - :image_cache_dir => '/var/lib/glance/image-cache', - :image_cache_stall_time => '', - :image_cache_max_size => '', - :os_region_name => 'RegionOne', - :signing_dir => '', - :pipeline => 'keystone', - :auth_uri => 'http://127.0.0.1:5000/', - :identity_uri => 'http://127.0.0.1:35357/', - } - end - - shared_examples_for 'glance::api' do - [{:keystone_password => 'ChangeMe'}, - { - :verbose => true, - :debug => true, - :bind_host => '127.0.0.1', - :bind_port => '9222', - :registry_host => '127.0.0.1', - :registry_port => '9111', - :registry_client_protocol => 'https', - :auth_type => 'not_keystone', - :auth_region => 'RegionOne2', - :enabled => false, - :backlog => '4095', - :workers => '5', - :keystone_tenant => 'admin2', - :keystone_user => 'admin2', - :keystone_password => 'ChangeMe2', - :token_cache_time => '300', - :show_image_direct_url => true, - :show_multiple_locations => true, - :location_strategy => 'store_type', - :delayed_delete => 'true', - :scrub_time => '10', - :image_cache_dir => '/tmp/glance', - :image_cache_stall_time => '10', - :image_cache_max_size => '10737418240', - :os_region_name => 'RegionOne2', - :signing_dir => '/path/to/dir', - :pipeline => 'keystone2', - :auth_uri => 'http://127.0.0.1:5000/v2.0', - :identity_uri => 'http://127.0.0.1:35357/v2.0', - } - ].each do |param_set| - - describe "when #{param_set == {:keystone_password => 'ChangeMe'} ? "using default" : "specifying"} class parameters" do - - let :param_hash do - default_params.merge(param_set) - end - - let :params do - param_set - end - - it { is_expected.to contain_class 'glance' } - it { is_expected.to contain_class 'glance::policy' } - it { is_expected.to contain_class 'glance::api::logging' } - it { is_expected.to contain_class 'glance::api::db' } - - it { is_expected.to contain_service('glance-api').with( - 'ensure' => (param_hash[:manage_service] && param_hash[:enabled]) ? 'running': 'stopped', - 'enable' => param_hash[:enabled], - 'hasstatus' => true, - 'hasrestart' => true, - 'tag' => 'glance-service', - ) } - - it { is_expected.to_not contain_exec('validate_nova_api') } - it { is_expected.to contain_glance_api_config("paste_deploy/flavor").with_value(param_hash[:pipeline]) } - - it 'is_expected.to lay down default api config' do - [ - 'use_stderr', - 'bind_host', - 'bind_port', - 'registry_host', - 'registry_port', - 'registry_client_protocol', - 'show_image_direct_url', - 'show_multiple_locations', - 'location_strategy', - 'delayed_delete', - 'scrub_time', - 'image_cache_dir', - 'auth_region' - ].each do |config| - is_expected.to contain_glance_api_config("DEFAULT/#{config}").with_value(param_hash[config.intern]) - end - end - - it 'is_expected.to lay down default cache config' do - [ - 'registry_host', - 'registry_port', - 'image_cache_stall_time', - 'image_cache_max_size', - ].each do |config| - is_expected.to contain_glance_cache_config("DEFAULT/#{config}").with_value(param_hash[config.intern]) - end - end - - it 'is_expected.to lay down default glance_store api and cache config' do - [ - 'os_region_name', - ].each do |config| - is_expected.to contain_glance_cache_config("glance_store/#{config}").with_value(param_hash[config.intern]) - is_expected.to contain_glance_api_config("glance_store/#{config}").with_value(param_hash[config.intern]) - end - end - - it 'is_expected.to have no ssl options' do - is_expected.to contain_glance_api_config('DEFAULT/ca_file').with_value('') - is_expected.to contain_glance_api_config('DEFAULT/cert_file').with_value('') - is_expected.to contain_glance_api_config('DEFAULT/key_file').with_value('') - is_expected.to contain_glance_api_config('DEFAULT/registry_client_ca_file').with_value('') - is_expected.to contain_glance_api_config('DEFAULT/registry_client_cert_file').with_value('') - is_expected.to contain_glance_api_config('DEFAULT/registry_client_key_file').with_value('') - end - - it 'is_expected.to configure itself for keystone if that is the auth_type' do - if params[:auth_type] == 'keystone' - is_expected.to contain('paste_deploy/flavor').with_value('keystone+cachemanagement') - is_expected.to contain_glance_api_config('keystone_authtoken/memcached_servers').with_value(param_hash[:memcached_servers]) - ['admin_tenant_name', 'admin_user', 'admin_password', 'token_cache_time', 'signing_dir', 'auth_uri', 'identity_uri'].each do |config| - is_expected.to contain_glance_api_config("keystone_authtoken/#{config}").with_value(param_hash[config.intern]) - end - is_expected.to contain_glance_api_config('keystone_authtoken/admin_password').with_value(param_hash[:keystone_password]).with_secret(true) - - ['admin_tenant_name', 'admin_user', 'admin_password'].each do |config| - is_expected.to contain_glance_cache_config("keystone_authtoken/#{config}").with_value(param_hash[config.intern]) - end - is_expected.to contain_glance_cache_config('keystone_authtoken/admin_password').with_value(param_hash[:keystone_password]).with_secret(true) - end - end - end - - end - - describe 'with disabled service managing' do - let :params do - { - :keystone_password => 'ChangeMe', - :manage_service => false, - :enabled => false, - } - end - - it { is_expected.to contain_service('glance-api').with( - 'ensure' => nil, - 'enable' => false, - 'hasstatus' => true, - 'hasrestart' => true, - 'tag' => 'glance-service', - ) } - end - - describe 'with overridden pipeline' do - let :params do - { - :keystone_password => 'ChangeMe', - :pipeline => 'something', - } - end - - it { is_expected.to contain_glance_api_config('paste_deploy/flavor').with_value('something') } - end - - describe 'with blank pipeline' do - let :params do - { - :keystone_password => 'ChangeMe', - :pipeline => '', - } - end - - it { is_expected.to contain_glance_api_config('paste_deploy/flavor').with_ensure('absent') } - end - - [ - 'keystone/', - 'keystone+', - '+keystone', - 'keystone+cachemanagement+', - '+' - ].each do |pipeline| - describe "with pipeline incorrect value #{pipeline}" do - let :params do - { - :keystone_password => 'ChangeMe', - :pipeline => pipeline - } - end - - it { expect { is_expected.to contain_glance_api_config('filter:paste_deploy/flavor') }.to\ - raise_error(Puppet::Error, /validate_re\(\): .* does not match/) } - end - end - - describe 'with ssl options' do - let :params do - default_params.merge({ - :ca_file => '/tmp/ca_file', - :cert_file => '/tmp/cert_file', - :key_file => '/tmp/key_file', - :registry_client_ca_file => '/tmp/registry_ca_file', - :registry_client_key_file => '/tmp/registry_key_file', - :registry_client_cert_file => '/tmp/registry_cert_file', - }) - end - - context 'with ssl options' do - it { is_expected.to contain_glance_api_config('DEFAULT/ca_file').with_value('/tmp/ca_file') } - it { is_expected.to contain_glance_api_config('DEFAULT/cert_file').with_value('/tmp/cert_file') } - it { is_expected.to contain_glance_api_config('DEFAULT/key_file').with_value('/tmp/key_file') } - it { is_expected.to contain_glance_api_config('DEFAULT/registry_client_ca_file').with_value('/tmp/registry_ca_file') } - it { is_expected.to contain_glance_api_config('DEFAULT/registry_client_key_file').with_value('/tmp/registry_key_file') } - it { is_expected.to contain_glance_api_config('DEFAULT/registry_client_cert_file').with_value('/tmp/registry_cert_file') } - end - end - describe 'with stores by default' do - let :params do - default_params - end - - it { is_expected.to_not contain_glance_api_config('glance_store/stores').with_value('false') } - end - - describe 'with stores override' do - let :params do - default_params.merge({ - :default_store => 'file', - :stores => ['file','http'], - :multi_store => true, - }) - end - - it { is_expected.to contain_glance_api_config('glance_store/default_store').with_value('file') } - it { is_expected.to contain_glance_api_config('glance_store/stores').with_value('file,http') } - end - - describe 'with single store override and no default store' do - let :params do - default_params.merge({ - :stores => ['file'], - :multi_store => true, - }) - end - - it { is_expected.to contain_glance_api_config('glance_store/default_store').with_value('file') } - it { is_expected.to contain_glance_api_config('glance_store/stores').with_value('file') } - end - - describe 'with multiple stores override and no default store' do - let :params do - default_params.merge({ - :stores => ['file', 'http'], - :multi_store => true, - }) - end - - it { is_expected.to contain_glance_api_config('glance_store/default_store').with_value('file') } - it { is_expected.to contain_glance_api_config('glance_store/stores').with_value('file,http') } - end - - describe 'with both stores and known_stores provided' do - let :params do - default_params.merge({ - :stores => ['file'], - :known_stores => ['glance.store.http.store'], - }) - end - - it { is_expected.to raise_error(Puppet::Error, /known_stores and stores cannot both be assigned values/) } - end - - describe 'with known_stores not set but with default_store' do - let :params do - default_params.merge({ - :default_store => 'file', - :multi_store => true, - }) - end - - it { is_expected.to contain_glance_api_config('glance_store/default_store').with_value('file') } - it { is_expected.to contain_glance_api_config('glance_store/stores').with_value('file') } - end - - describe 'while validating the service with default command' do - let :params do - default_params.merge({ - :validate => true, - }) - end - it { is_expected.to contain_exec('execute glance-api validation').with( - :path => '/usr/bin:/bin:/usr/sbin:/sbin', - :provider => 'shell', - :tries => '10', - :try_sleep => '2', - :command => 'glance --os-auth-url http://127.0.0.1:5000/ --os-tenant-name services --os-username glance --os-password ChangeMe image-list', - )} - - it { is_expected.to contain_anchor('create glance-api anchor').with( - :require => 'Exec[execute glance-api validation]', - )} - end - - describe 'Support IPv6' do - let :params do - default_params.merge({ - :registry_host => '2001::1', - }) - end - it { is_expected.to contain_glance_api_config('DEFAULT/registry_host').with( - :value => '[2001::1]' - )} - end - - describe 'while validating the service with custom command' do - let :params do - default_params.merge({ - :validate => true, - :validation_options => { 'glance-api' => { 'command' => 'my-script' } } - }) - end - it { is_expected.to contain_exec('execute glance-api validation').with( - :path => '/usr/bin:/bin:/usr/sbin:/sbin', - :provider => 'shell', - :tries => '10', - :try_sleep => '2', - :command => 'my-script', - )} - - it { is_expected.to contain_anchor('create glance-api anchor').with( - :require => 'Exec[execute glance-api validation]', - )} - end - end - - shared_examples_for 'glance::api Debian' do - let(:params) { default_params } - - # We only test this on Debian platforms, since on RedHat there isn't a - # separate package for glance API. - ['present', 'latest'].each do |package_ensure| - context "with package_ensure '#{package_ensure}'" do - let(:params) { default_params.merge({ :package_ensure => package_ensure }) } - it { is_expected.to contain_package('glance-api').with( - :ensure => package_ensure, - :tag => ['openstack', 'glance-package'] - )} - end - end - end - - shared_examples_for 'glance::api RedHat' do - let(:params) { default_params } - - it { is_expected.to contain_package('openstack-glance').with( - :tag => ['openstack', 'glance-package'], - )} - end - - on_supported_os({ - :supported_os => OSDefaults.get_supported_os - }).each do |os,facts| - context "on #{os}" do - let (:facts) do - facts.merge!(OSDefaults.get_facts()) - end - - it_configures 'glance::api' - it_configures "glance::api #{facts[:osfamily]}" - end - end - - describe 'on unknown platforms' do - let :facts do - { :osfamily => 'unknown' } - end - let(:params) { default_params } - - it_raises 'a Puppet::Error', /module glance only support osfamily RedHat and Debian/ - end - -end diff --git a/glance/spec/classes/glance_backend_cinder_spec.rb b/glance/spec/classes/glance_backend_cinder_spec.rb deleted file mode 100644 index b8ccbf260..000000000 --- a/glance/spec/classes/glance_backend_cinder_spec.rb +++ /dev/null @@ -1,105 +0,0 @@ -# -# Copyright (C) 2013 eNovance SAS -# -# Author: Emilien Macchi -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. You may obtain -# a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the -# License for the specific language governing permissions and limitations -# under the License. -# -# Unit tests for glance::backend::cinder class -# - -require 'spec_helper' - -describe 'glance::backend::cinder' do - - let :pre_condition do - 'class { "glance::api": keystone_password => "pass" }' - end - - shared_examples_for 'glance with cinder backend' do - - context 'when default parameters' do - - it 'configures glance-api.conf' do - is_expected.to contain_glance_api_config('glance_store/default_store').with_value('cinder') - is_expected.to contain_glance_api_config('glance_store/default_store').with_value('cinder') - is_expected.to contain_glance_api_config('glance_store/cinder_api_insecure').with_value(false) - is_expected.to contain_glance_api_config('glance_store/cinder_catalog_info').with_value('volume:cinder:publicURL') - is_expected.to contain_glance_api_config('glance_store/cinder_http_retries').with_value('3') - is_expected.to contain_glance_api_config('glance_store/cinder_ca_certificates_file').with(:ensure => 'absent') - is_expected.to contain_glance_api_config('glance_store/cinder_endpoint_template').with(:ensure => 'absent') - end - it 'configures glance-cache.conf' do - is_expected.to contain_glance_cache_config('glance_store/cinder_api_insecure').with_value(false) - is_expected.to contain_glance_cache_config('glance_store/cinder_catalog_info').with_value('volume:cinder:publicURL') - is_expected.to contain_glance_cache_config('glance_store/cinder_http_retries').with_value('3') - is_expected.to contain_glance_cache_config('glance_store/cinder_ca_certificates_file').with(:ensure => 'absent') - is_expected.to contain_glance_cache_config('glance_store/cinder_endpoint_template').with(:ensure => 'absent') - end - it 'not configures glance-glare.conf' do - is_expected.to_not contain_glance_glare_config('glance_store/cinder_api_insecure').with_value(false) - is_expected.to_not contain_glance_glare_config('glance_store/cinder_catalog_info').with_value('volume:cinder:publicURL') - is_expected.to_not contain_glance_glare_config('glance_store/cinder_http_retries').with_value('3') - is_expected.to_not contain_glance_glare_config('glance_store/cinder_ca_certificates_file').with(:ensure => 'absent') - is_expected.to_not contain_glance_glare_config('glance_store/cinder_endpoint_template').with(:ensure => 'absent') - end - end - - context 'when overriding parameters' do - let :params do - { - :cinder_api_insecure => true, - :cinder_ca_certificates_file => '/etc/ssh/ca.crt', - :cinder_catalog_info => 'volume:cinder:internalURL', - :cinder_endpoint_template => 'http://srv-foo:8776/v1/%(project_id)s', - :cinder_http_retries => '10', - :glare_enabled => true, - } - end - it 'configures glance-api.conf' do - is_expected.to contain_glance_api_config('glance_store/cinder_api_insecure').with_value(true) - is_expected.to contain_glance_api_config('glance_store/cinder_ca_certificates_file').with_value('/etc/ssh/ca.crt') - is_expected.to contain_glance_api_config('glance_store/cinder_catalog_info').with_value('volume:cinder:internalURL') - is_expected.to contain_glance_api_config('glance_store/cinder_endpoint_template').with_value('http://srv-foo:8776/v1/%(project_id)s') - is_expected.to contain_glance_api_config('glance_store/cinder_http_retries').with_value('10') - end - it 'configures glance-cache.conf' do - is_expected.to contain_glance_cache_config('glance_store/cinder_api_insecure').with_value(true) - is_expected.to contain_glance_cache_config('glance_store/cinder_ca_certificates_file').with_value('/etc/ssh/ca.crt') - is_expected.to contain_glance_cache_config('glance_store/cinder_catalog_info').with_value('volume:cinder:internalURL') - is_expected.to contain_glance_cache_config('glance_store/cinder_endpoint_template').with_value('http://srv-foo:8776/v1/%(project_id)s') - is_expected.to contain_glance_cache_config('glance_store/cinder_http_retries').with_value('10') - end - it 'configures glance-glare.conf' do - is_expected.to contain_glance_glare_config('glance_store/cinder_api_insecure').with_value(true) - is_expected.to contain_glance_glare_config('glance_store/cinder_ca_certificates_file').with_value('/etc/ssh/ca.crt') - is_expected.to contain_glance_glare_config('glance_store/cinder_catalog_info').with_value('volume:cinder:internalURL') - is_expected.to contain_glance_glare_config('glance_store/cinder_endpoint_template').with_value('http://srv-foo:8776/v1/%(project_id)s') - is_expected.to contain_glance_glare_config('glance_store/cinder_http_retries').with_value('10') - end - end - end - - - on_supported_os({ - :supported_os => OSDefaults.get_supported_os - }).each do |os,facts| - context "on #{os}" do - let (:facts) do - facts.merge!(OSDefaults.get_facts()) - end - - it_configures 'glance with cinder backend' - end - end -end diff --git a/glance/spec/classes/glance_backend_file_spec.rb b/glance/spec/classes/glance_backend_file_spec.rb deleted file mode 100644 index d5d46a3d6..000000000 --- a/glance/spec/classes/glance_backend_file_spec.rb +++ /dev/null @@ -1,50 +0,0 @@ -require 'spec_helper' - -describe 'glance::backend::file' do - - shared_examples_for 'glance::backend::file' do - it 'configures glance-api.conf' do - is_expected.to contain_glance_api_config('glance_store/default_store').with_value('file') - is_expected.to contain_glance_api_config('glance_store/filesystem_store_datadir').with_value('/var/lib/glance/images/') - end - - it 'configures glance-cache.conf' do - is_expected.to contain_glance_cache_config('glance_store/filesystem_store_datadir').with_value('/var/lib/glance/images/') - end - - it 'configures glance-glare.conf' do - is_expected.to_not contain_glance_glare_config('glance_store/filesystem_store_datadir').with_value('/tmp/') - end - - describe 'when overriding datadir' do - let :params do - {:filesystem_store_datadir => '/tmp/', - :glare_enabled => true,} - end - - it 'configures glance-api.conf' do - is_expected.to contain_glance_api_config('glance_store/filesystem_store_datadir').with_value('/tmp/') - end - - it 'configures glance-cache.conf' do - is_expected.to contain_glance_cache_config('glance_store/filesystem_store_datadir').with_value('/tmp/') - end - - it 'configures glance-glare.conf' do - is_expected.to contain_glance_glare_config('glance_store/filesystem_store_datadir').with_value('/tmp/') - end - end - end - - on_supported_os({ - :supported_os => OSDefaults.get_supported_os - }).each do |os,facts| - context "on #{os}" do - let (:facts) do - facts.merge!(OSDefaults.get_facts()) - end - - it_configures 'glance::backend::file' - end - end -end diff --git a/glance/spec/classes/glance_backend_rbd_spec.rb b/glance/spec/classes/glance_backend_rbd_spec.rb deleted file mode 100644 index 508fc94d8..000000000 --- a/glance/spec/classes/glance_backend_rbd_spec.rb +++ /dev/null @@ -1,84 +0,0 @@ -require 'spec_helper' - -describe 'glance::backend::rbd' do - let :facts do - @default_facts.merge({ - :osfamily => 'Debian', - }) - end - - describe 'when defaults with rbd_store_user' do - let :params do - { - :rbd_store_user => 'glance', - } - end - - it { is_expected.to contain_glance_api_config('glance_store/default_store').with_value('rbd') } - it { is_expected.to contain_glance_api_config('glance_store/rbd_store_pool').with_value('images') } - it { is_expected.to contain_glance_api_config('glance_store/rbd_store_ceph_conf').with_value('/etc/ceph/ceph.conf') } - it { is_expected.to contain_glance_api_config('glance_store/rbd_store_chunk_size').with_value('8') } - it { is_expected.to contain_glance_api_config('glance_store/rados_connect_timeout').with_value('0')} - - it { is_expected.to_not contain_glance_glare_config('glance_store/default_store').with_value('rbd') } - it { is_expected.to_not contain_glance_glare_config('glance_store/rbd_store_pool').with_value('images') } - it { is_expected.to_not contain_glance_glare_config('glance_store/rbd_store_ceph_conf').with_value('/etc/ceph/ceph.conf') } - it { is_expected.to_not contain_glance_glare_config('glance_store/rbd_store_chunk_size').with_value('8') } - it { is_expected.to_not contain_glance_glare_config('glance_store/rados_connect_timeout').with_value('0')} - it { is_expected.to contain_package('python-ceph').with( - :name => 'python-ceph', - :ensure => 'present' - ) - } - end - - describe 'when passing params' do - let :params do - { - :rbd_store_user => 'user', - :rbd_store_chunk_size => '2', - :package_ensure => 'latest', - :rados_connect_timeout => '30', - :glare_enabled => true, - } - end - it { is_expected.to contain_glance_api_config('glance_store/rbd_store_user').with_value('user') } - it { is_expected.to contain_glance_api_config('glance_store/rbd_store_chunk_size').with_value('2') } - it { is_expected.to contain_glance_api_config('glance_store/rados_connect_timeout').with_value('30')} - it { is_expected.to contain_glance_glare_config('glance_store/rbd_store_user').with_value('user') } - it { is_expected.to contain_glance_glare_config('glance_store/rbd_store_chunk_size').with_value('2') } - it { is_expected.to contain_glance_glare_config('glance_store/rados_connect_timeout').with_value('30')} - it { is_expected.to contain_package('python-ceph').with( - :name => 'python-ceph', - :ensure => 'latest' - ) - } - end - - describe 'package on RedHat platform el6' do - let :facts do - @default_facts.merge({ - :osfamily => 'RedHat', - :operatingsystemrelease => '6.5', - }) - end - it { is_expected.to contain_package('python-ceph').with( - :name => 'python-ceph', - :ensure => 'present' - ) - } - end - describe 'package on RedHat platform el7' do - let :facts do - @default_facts.merge({ - :osfamily => 'RedHat', - :operatingsystemrelease => '7.0' - }) - end - it { is_expected.to contain_package('python-ceph').with( - :name => 'python-rbd', - :ensure => 'present' - ) - } - end -end diff --git a/glance/spec/classes/glance_backend_s3_spec.rb b/glance/spec/classes/glance_backend_s3_spec.rb deleted file mode 100644 index b042463ce..000000000 --- a/glance/spec/classes/glance_backend_s3_spec.rb +++ /dev/null @@ -1,149 +0,0 @@ -require 'spec_helper' - -describe 'glance::backend::s3' do - shared_examples_for 'glance::backend::s3' do - let :params do - { - :access_key => 'access', - :secret_key => 'secret', - :host => 'host', - :bucket => 'bucket' - } - end - - describe 'when default parameters' do - - it 'configures glance-api.conf' do - is_expected.to contain_glance_api_config('glance_store/default_store').with_value('s3') - is_expected.to contain_glance_api_config('glance_store/s3_store_access_key').with_value('access') - is_expected.to contain_glance_api_config('glance_store/s3_store_secret_key').with_value('secret') - is_expected.to contain_glance_api_config('glance_store/s3_store_host').with_value('host') - is_expected.to contain_glance_api_config('glance_store/s3_store_bucket').with_value('bucket') - is_expected.to contain_glance_api_config('glance_store/s3_store_bucket_url_format').with_value('subdomain') - is_expected.to contain_glance_api_config('glance_store/s3_store_create_bucket_on_put').with_value('false') - is_expected.to contain_glance_api_config('glance_store/s3_store_large_object_size').with_value('100') - is_expected.to contain_glance_api_config('glance_store/s3_store_large_object_chunk_size').with_value('10') - is_expected.to contain_glance_api_config('glance_store/s3_store_object_buffer_dir').with_value(nil) - is_expected.to contain_glance_api_config('glance_store/s3_store_thread_pools').with_value('10') - end - it 'not configures glance-glare.conf' do - is_expected.to_not contain_glance_glare_config('glance_store/default_store').with_value('s3') - is_expected.to_not contain_glance_glare_config('glance_store/s3_store_access_key').with_value('access') - is_expected.to_not contain_glance_glare_config('glance_store/s3_store_secret_key').with_value('secret') - is_expected.to_not contain_glance_glare_config('glance_store/s3_store_host').with_value('host') - is_expected.to_not contain_glance_glare_config('glance_store/s3_store_bucket').with_value('bucket') - is_expected.to_not contain_glance_glare_config('glance_store/s3_store_bucket_url_format').with_value('subdomain') - is_expected.to_not contain_glance_glare_config('glance_store/s3_store_create_bucket_on_put').with_value('false') - is_expected.to_not contain_glance_glare_config('glance_store/s3_store_large_object_size').with_value('100') - is_expected.to_not contain_glance_glare_config('glance_store/s3_store_large_object_chunk_size').with_value('10') - is_expected.to_not contain_glance_glare_config('glance_store/s3_store_object_buffer_dir').with_value(nil) - is_expected.to_not contain_glance_glare_config('glance_store/s3_store_thread_pools').with_value('10') - end - - end - - describe 'when overriding parameters' do - let :params do - { - :access_key => 'access2', - :secret_key => 'secret2', - :host => 'host2', - :bucket => 'bucket2', - :bucket_url_format => 'path', - :create_bucket_on_put => true, - :large_object_size => 200, - :large_object_chunk_size => 20, - :object_buffer_dir => '/tmp', - :thread_pools => 20, - :glare_enabled => true, - } - end - - it 'configures glance-api.conf' do - is_expected.to contain_glance_api_config('glance_store/s3_store_access_key').with_value('access2') - is_expected.to contain_glance_api_config('glance_store/s3_store_secret_key').with_value('secret2') - is_expected.to contain_glance_api_config('glance_store/s3_store_host').with_value('host2') - is_expected.to contain_glance_api_config('glance_store/s3_store_bucket').with_value('bucket2') - is_expected.to contain_glance_api_config('glance_store/s3_store_bucket_url_format').with_value('path') - is_expected.to contain_glance_api_config('glance_store/s3_store_create_bucket_on_put').with_value('true') - is_expected.to contain_glance_api_config('glance_store/s3_store_large_object_size').with_value('200') - is_expected.to contain_glance_api_config('glance_store/s3_store_large_object_chunk_size').with_value('20') - is_expected.to contain_glance_api_config('glance_store/s3_store_object_buffer_dir').with_value('/tmp') - is_expected.to contain_glance_api_config('glance_store/s3_store_thread_pools').with_value('20') - end - - it 'configures glance-glare.conf' do - is_expected.to contain_glance_glare_config('glance_store/s3_store_access_key').with_value('access2') - is_expected.to contain_glance_glare_config('glance_store/s3_store_secret_key').with_value('secret2') - is_expected.to contain_glance_glare_config('glance_store/s3_store_host').with_value('host2') - is_expected.to contain_glance_glare_config('glance_store/s3_store_bucket').with_value('bucket2') - is_expected.to contain_glance_glare_config('glance_store/s3_store_bucket_url_format').with_value('path') - is_expected.to contain_glance_glare_config('glance_store/s3_store_create_bucket_on_put').with_value('true') - is_expected.to contain_glance_glare_config('glance_store/s3_store_large_object_size').with_value('200') - is_expected.to contain_glance_glare_config('glance_store/s3_store_large_object_chunk_size').with_value('20') - is_expected.to contain_glance_glare_config('glance_store/s3_store_object_buffer_dir').with_value('/tmp') - is_expected.to contain_glance_glare_config('glance_store/s3_store_thread_pools').with_value('20') - end - end - - describe 'with invalid bucket_url_format' do - let :params do - { - :access_key => 'access', - :secret_key => 'secret', - :host => 'host', - :bucket => 'bucket', - :bucket_url_format => 'invalid' - } - end - - it 'throws errors' do - is_expected.to raise_error(Puppet::Error, /glance::backend::s3::bucket_url_format must be either "subdomain" or "path"/) - end - end - - describe 'with invalid large_object_chunk_size' do - let :params do - { - :access_key => 'access', - :secret_key => 'secret', - :host => 'host', - :bucket => 'bucket', - :large_object_chunk_size => 1 - } - end - - it 'throws error' do - is_expected.to raise_error(Puppet::Error, /glance::backend::s3::large_object_chunk_size must be an integer >= 5/) - end - end - - describe 'with non-integer large_object_chunk_size' do - let :params do - { - :access_key => 'access', - :secret_key => 'secret', - :host => 'host', - :bucket => 'bucket', - :large_object_chunk_size => 'string' - } - end - - it 'throws error' do - is_expected.to raise_error(Puppet::Error, /glance::backend::s3::large_object_chunk_size must be an integer >= 5/) - end - end - end - - on_supported_os({ - :supported_os => OSDefaults.get_supported_os - }).each do |os,facts| - context "on #{os}" do - let (:facts) do - facts.merge!(OSDefaults.get_facts()) - end - - it_configures 'glance::backend::s3' - end - end -end diff --git a/glance/spec/classes/glance_backend_swift_spec.rb b/glance/spec/classes/glance_backend_swift_spec.rb deleted file mode 100644 index 3e84a480e..000000000 --- a/glance/spec/classes/glance_backend_swift_spec.rb +++ /dev/null @@ -1,103 +0,0 @@ -require 'spec_helper' - -describe 'glance::backend::swift' do - shared_examples_for 'glance::backend::swift' do - let :params do - { - :swift_store_user => 'user', - :swift_store_key => 'key', - } - end - - let :pre_condition do - 'class { "glance::api": keystone_password => "pass" }' - end - - describe 'when default parameters' do - - it 'configures glance-api.conf' do - is_expected.to contain_glance_api_config('glance_store/default_store').with_value('swift') - is_expected.to contain_glance_api_config('glance_store/swift_store_large_object_size').with_value('5120') - is_expected.to contain_glance_api_config('glance_store/swift_store_container').with_value('glance') - is_expected.to contain_glance_api_config('glance_store/swift_store_create_container_on_put').with_value(false) - is_expected.to contain_glance_api_config('glance_store/swift_store_endpoint_type').with_value('internalURL') - is_expected.to contain_glance_api_config('glance_store/swift_store_region').with_value(nil) - is_expected.to contain_glance_api_config('glance_store/swift_store_config_file').with_value('/etc/glance/glance-swift.conf') - is_expected.to contain_glance_api_config('glance_store/default_swift_reference').with_value('ref1') - is_expected.to contain_glance_swift_config('ref1/key').with_value('key') - is_expected.to contain_glance_swift_config('ref1/user').with_value('user') - is_expected.to contain_glance_swift_config('ref1/auth_version').with_value('2') - is_expected.to contain_glance_swift_config('ref1/auth_address').with_value('http://127.0.0.1:5000/v2.0/') - is_expected.to contain_glance_swift_config('ref1/user_domain_id').with_value('default') - is_expected.to contain_glance_swift_config('ref1/project_domain_id').with_value('default') - end - - it 'not configures glance-glare.conf' do - is_expected.to_not contain_glance_glare_config('glance_store/default_store').with_value('swift') - is_expected.to_not contain_glance_glare_config('glance_store/swift_store_large_object_size').with_value('5120') - is_expected.to_not contain_glance_glare_config('glance_store/swift_store_container').with_value('glance') - is_expected.to_not contain_glance_glare_config('glance_store/swift_store_create_container_on_put').with_value(false) - is_expected.to_not contain_glance_glare_config('glance_store/swift_store_endpoint_type').with_value('internalURL') - is_expected.to_not contain_glance_glare_config('glance_store/swift_store_region').with_value(nil) - is_expected.to_not contain_glance_glare_config('glance_store/swift_store_config_file').with_value('/etc/glance/glance-swift.conf') - is_expected.to_not contain_glance_glare_config('glance_store/default_swift_reference').with_value('ref1') - end - end - - describe 'when overriding parameters' do - let :params do - { - :swift_store_user => 'user2', - :swift_store_key => 'key2', - :swift_store_auth_version => '1', - :swift_store_auth_project_domain_id => 'proj_domain', - :swift_store_auth_user_domain_id => 'user_domain', - :swift_store_large_object_size => '100', - :swift_store_auth_address => '127.0.0.2:8080/v1.0/', - :swift_store_container => 'swift', - :swift_store_create_container_on_put => true, - :swift_store_endpoint_type => 'publicURL', - :swift_store_region => 'RegionTwo', - :default_swift_reference => 'swift_creds', - :glare_enabled => true, - } - end - - it 'configures glance-api.conf' do - is_expected.to contain_glance_api_config('glance_store/swift_store_container').with_value('swift') - is_expected.to contain_glance_api_config('glance_store/swift_store_create_container_on_put').with_value(true) - is_expected.to contain_glance_api_config('glance_store/swift_store_large_object_size').with_value('100') - is_expected.to contain_glance_api_config('glance_store/swift_store_endpoint_type').with_value('publicURL') - is_expected.to contain_glance_api_config('glance_store/swift_store_region').with_value('RegionTwo') - is_expected.to contain_glance_api_config('glance_store/default_swift_reference').with_value('swift_creds') - is_expected.to contain_glance_swift_config('swift_creds/key').with_value('key2') - is_expected.to contain_glance_swift_config('swift_creds/user').with_value('user2') - is_expected.to contain_glance_swift_config('swift_creds/auth_version').with_value('1') - is_expected.to contain_glance_swift_config('swift_creds/auth_address').with_value('127.0.0.2:8080/v1.0/') - is_expected.to contain_glance_swift_config('swift_creds/user_domain_id').with_value('user_domain') - is_expected.to contain_glance_swift_config('swift_creds/project_domain_id').with_value('proj_domain') - end - - it 'configures glance-glare.conf' do - is_expected.to contain_glance_glare_config('glance_store/swift_store_container').with_value('swift') - is_expected.to contain_glance_glare_config('glance_store/swift_store_create_container_on_put').with_value(true) - is_expected.to contain_glance_glare_config('glance_store/swift_store_large_object_size').with_value('100') - is_expected.to contain_glance_glare_config('glance_store/swift_store_endpoint_type').with_value('publicURL') - is_expected.to contain_glance_glare_config('glance_store/swift_store_region').with_value('RegionTwo') - is_expected.to contain_glance_glare_config('glance_store/default_swift_reference').with_value('swift_creds') - end - end - end - - on_supported_os({ - :supported_os => OSDefaults.get_supported_os - }).each do |os,facts| - context "on #{os}" do - let (:facts) do - facts.merge!(OSDefaults.get_facts()) - end - - it_configures 'glance::backend::swift' - end - end -end diff --git a/glance/spec/classes/glance_backend_vsphere_spec.rb b/glance/spec/classes/glance_backend_vsphere_spec.rb deleted file mode 100644 index 665742cb6..000000000 --- a/glance/spec/classes/glance_backend_vsphere_spec.rb +++ /dev/null @@ -1,106 +0,0 @@ -# -# Copyright (C) 2014 Mirantis -# -# Author: Steapn Rogov -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. You may obtain -# a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the -# License for the specific language governing permissions and limitations -# under the License. -# -# Unit tests for glance::backend::vsphere class -# - -require 'spec_helper' - -describe 'glance::backend::vsphere' do - - let :pre_condition do - 'class { "glance::api": keystone_password => "pass" }' - end - - shared_examples_for 'glance with vsphere backend' do - - context 'when default parameters' do - let :params do - { - :vcenter_host => '10.0.0.1', - :vcenter_user => 'root', - :vcenter_password => '123456', - :vcenter_datastores => 'Datacenter:Datastore', - :vcenter_image_dir => '/openstack_glance', - } - end - it 'configures glance-api.conf' do - is_expected.to contain_glance_api_config('glance_store/default_store').with_value('vsphere') - is_expected.to contain_glance_api_config('glance_store/vmware_insecure').with_value('True') - is_expected.to contain_glance_api_config('glance_store/vmware_server_host').with_value('10.0.0.1') - is_expected.to contain_glance_api_config('glance_store/vmware_server_username').with_value('root') - is_expected.to contain_glance_api_config('glance_store/vmware_server_password').with_value('123456') - is_expected.to contain_glance_api_config('glance_store/vmware_store_image_dir').with_value('/openstack_glance') - is_expected.to contain_glance_api_config('glance_store/vmware_task_poll_interval').with_value('') - is_expected.to contain_glance_api_config('glance_store/vmware_api_retry_count').with_value('') - is_expected.to contain_glance_api_config('glance_store/vmware_datastores').with_value('Datacenter:Datastore') - is_expected.to contain_glance_api_config('glance_store/vmware_ca_file').with_value('') - end - it 'not configures glance-glare.conf' do - is_expected.to_not contain_glance_glare_config('glance_store/default_store').with_value('vsphere') - is_expected.to_not contain_glance_glare_config('glance_store/vmware_insecure').with_value('True') - is_expected.to_not contain_glance_glare_config('glance_store/vmware_server_host').with_value('10.0.0.1') - is_expected.to_not contain_glance_glare_config('glance_store/vmware_server_username').with_value('root') - is_expected.to_not contain_glance_glare_config('glance_store/vmware_server_password').with_value('123456') - is_expected.to_not contain_glance_glare_config('glance_store/vmware_store_image_dir').with_value('/openstack_glance') - is_expected.to_not contain_glance_glare_config('glance_store/vmware_task_poll_interval').with_value('') - is_expected.to_not contain_glance_glare_config('glance_store/vmware_api_retry_count').with_value('') - is_expected.to_not contain_glance_glare_config('glance_store/vmware_datastores').with_value('Datacenter:Datastore') - is_expected.to_not contain_glance_glare_config('glance_store/vmware_ca_file').with_value('') - end - end - - context 'when overriding parameters' do - let :params do - { - :vcenter_host => '10.0.0.1', - :vcenter_user => 'root', - :vcenter_password => '123456', - :vcenter_datastores => 'Datacenter:Datastore', - :vcenter_image_dir => '/openstack_glance', - :vcenter_ca_file => '/etc/glance/vcenter-ca.pem', - :vcenter_task_poll_interval => '6', - :vcenter_api_retry_count => '11', - :glare_enabled => true, - } - end - it 'configures glance-api.conf' do - is_expected.to contain_glance_api_config('glance_store/vmware_ca_file').with_value('/etc/glance/vcenter-ca.pem') - is_expected.to contain_glance_api_config('glance_store/vmware_task_poll_interval').with_value('6') - is_expected.to contain_glance_api_config('glance_store/vmware_api_retry_count').with_value('11') - end - - it 'configures glance-glare.conf' do - is_expected.to contain_glance_glare_config('glance_store/vmware_ca_file').with_value('/etc/glance/vcenter-ca.pem') - is_expected.to contain_glance_glare_config('glance_store/vmware_task_poll_interval').with_value('6') - is_expected.to contain_glance_glare_config('glance_store/vmware_api_retry_count').with_value('11') - end - end - end - - on_supported_os({ - :supported_os => OSDefaults.get_supported_os - }).each do |os,facts| - context "on #{os}" do - let (:facts) do - facts.merge!(OSDefaults.get_facts()) - end - - it_configures 'glance with vsphere backend' - end - end -end diff --git a/glance/spec/classes/glance_cache_cleaner_spec.rb b/glance/spec/classes/glance_cache_cleaner_spec.rb deleted file mode 100644 index d39c9d4f2..000000000 --- a/glance/spec/classes/glance_cache_cleaner_spec.rb +++ /dev/null @@ -1,74 +0,0 @@ -require 'spec_helper' - -describe 'glance::cache::cleaner' do - - shared_examples_for 'glance cache cleaner' do - - context 'when default parameters' do - - it 'configures a cron' do - is_expected.to contain_cron('glance-cache-cleaner').with( - :command => 'glance-cache-cleaner ', - :environment => 'PATH=/bin:/usr/bin:/usr/sbin', - :user => 'glance', - :minute => 1, - :hour => 0, - :monthday => '*', - :month => '*', - :weekday => '*' - ) - - is_expected.to contain_cron('glance-cache-cleaner').with( - :require => "Package[#{platform_params[:api_package_name]}]" - ) - end - end - - context 'when overriding parameters' do - let :params do - { - :minute => 59, - :hour => 23, - :monthday => '1', - :month => '2', - :weekday => '3', - :command_options => '--config-dir /etc/glance/', - } - end - it 'configures a cron' do - is_expected.to contain_cron('glance-cache-cleaner').with( - :command => 'glance-cache-cleaner --config-dir /etc/glance/', - :environment => 'PATH=/bin:/usr/bin:/usr/sbin', - :user => 'glance', - :minute => 59, - :hour => 23, - :monthday => '1', - :month => '2', - :weekday => '3' - ) - end - end - end - - on_supported_os({ - :supported_os => OSDefaults.get_supported_os - }).each do |os,facts| - context "on #{os}" do - let (:facts) do - facts.merge!(OSDefaults.get_facts()) - end - - let(:platform_params) do - case facts[:osfamily] - when 'Debian' - { :api_package_name => 'glance-api' } - when 'RedHat' - { :api_package_name => 'openstack-glance' } - end - end - - it_configures 'glance cache cleaner' - end - end - -end diff --git a/glance/spec/classes/glance_cache_logging_spec.rb b/glance/spec/classes/glance_cache_logging_spec.rb deleted file mode 100644 index 03efe2fe9..000000000 --- a/glance/spec/classes/glance_cache_logging_spec.rb +++ /dev/null @@ -1,141 +0,0 @@ -require 'spec_helper' - -describe 'glance::cache::logging' do - - let :params do - { - } - end - - let :log_params do - { - :logging_context_format_string => '%(asctime)s.%(msecs)03d %(process)d %(levelname)s %(name)s [%(request_id)s %(user_identity)s] %(instance)s%(message)s', - :logging_default_format_string => '%(asctime)s.%(msecs)03d %(process)d %(levelname)s %(name)s [-] %(instance)s%(message)s', - :logging_debug_format_suffix => '%(funcName)s %(pathname)s:%(lineno)d', - :logging_exception_prefix => '%(asctime)s.%(msecs)03d %(process)d TRACE %(name)s %(instance)s', - :log_config_append => '/etc/glance/logging.conf', - :publish_errors => true, - :default_log_levels => { - 'amqp' => 'WARN', 'amqplib' => 'WARN', 'boto' => 'WARN', - 'qpid' => 'WARN', 'sqlalchemy' => 'WARN', 'suds' => 'INFO', - 'iso8601' => 'WARN', - 'requests.packages.urllib3.connectionpool' => 'WARN' }, - :fatal_deprecations => true, - :instance_format => '[instance: %(uuid)s] ', - :instance_uuid_format => '[instance: %(uuid)s] ', - :log_date_format => '%Y-%m-%d %H:%M:%S', - :use_syslog => true, - :use_stderr => false, - :log_facility => 'LOG_FOO', - :log_dir => '/var/log', - :log_file => '/var/tmp/glance_cache_random.log', - :verbose => true, - :debug => true, - } - end - - shared_examples_for 'glance-cache-logging' do - - context 'with basic logging options and default settings' do - it_configures 'basic default logging settings' - end - - context 'with basic logging options and non-default settings' do - before { params.merge!( log_params ) } - it_configures 'basic non-default logging settings' - end - - context 'with extended logging options' do - before { params.merge!( log_params ) } - it_configures 'logging params set' - end - - context 'without extended logging options' do - it_configures 'logging params unset' - end - - end - - shared_examples 'basic default logging settings' do - it 'configures glance logging settins with default values' do - is_expected.to contain_glance_cache_config('DEFAULT/use_stderr').with(:value => '') - is_expected.to contain_glance_cache_config('DEFAULT/use_syslog').with(:value => '') - is_expected.to contain_glance_cache_config('DEFAULT/debug').with(:value => '') - is_expected.to contain_glance_cache_config('DEFAULT/verbose').with(:value => '') - is_expected.to contain_glance_cache_config('DEFAULT/log_dir').with(:value => '/var/log/glance') - is_expected.to contain_glance_cache_config('DEFAULT/log_file').with(:value => '/var/log/glance/cache.log') - end - end - - shared_examples 'basic non-default logging settings' do - it 'configures glance logging settins with non-default values' do - is_expected.to contain_glance_cache_config('DEFAULT/use_syslog').with(:value => 'true') - is_expected.to contain_glance_cache_config('DEFAULT/use_stderr').with(:value => 'false') - is_expected.to contain_glance_cache_config('DEFAULT/syslog_log_facility').with(:value => 'LOG_FOO') - is_expected.to contain_glance_cache_config('DEFAULT/log_dir').with(:value => '/var/log') - is_expected.to contain_glance_cache_config('DEFAULT/log_file').with(:value => '/var/tmp/glance_cache_random.log') - is_expected.to contain_glance_cache_config('DEFAULT/verbose').with(:value => 'true') - is_expected.to contain_glance_cache_config('DEFAULT/debug').with(:value => 'true') - end - end - - shared_examples_for 'logging params set' do - it 'enables logging params' do - is_expected.to contain_glance_cache_config('DEFAULT/logging_context_format_string').with_value( - '%(asctime)s.%(msecs)03d %(process)d %(levelname)s %(name)s [%(request_id)s %(user_identity)s] %(instance)s%(message)s') - - is_expected.to contain_glance_cache_config('DEFAULT/logging_default_format_string').with_value( - '%(asctime)s.%(msecs)03d %(process)d %(levelname)s %(name)s [-] %(instance)s%(message)s') - - is_expected.to contain_glance_cache_config('DEFAULT/logging_debug_format_suffix').with_value( - '%(funcName)s %(pathname)s:%(lineno)d') - - is_expected.to contain_glance_cache_config('DEFAULT/logging_exception_prefix').with_value( - '%(asctime)s.%(msecs)03d %(process)d TRACE %(name)s %(instance)s') - - is_expected.to contain_glance_cache_config('DEFAULT/log_config_append').with_value( - '/etc/glance/logging.conf') - is_expected.to contain_glance_cache_config('DEFAULT/publish_errors').with_value( - true) - - is_expected.to contain_glance_cache_config('DEFAULT/default_log_levels').with_value( - 'amqp=WARN,amqplib=WARN,boto=WARN,iso8601=WARN,qpid=WARN,requests.packages.urllib3.connectionpool=WARN,sqlalchemy=WARN,suds=INFO') - - is_expected.to contain_glance_cache_config('DEFAULT/fatal_deprecations').with_value( - true) - - is_expected.to contain_glance_cache_config('DEFAULT/instance_format').with_value( - '[instance: %(uuid)s] ') - - is_expected.to contain_glance_cache_config('DEFAULT/instance_uuid_format').with_value( - '[instance: %(uuid)s] ') - - is_expected.to contain_glance_cache_config('DEFAULT/log_date_format').with_value( - '%Y-%m-%d %H:%M:%S') - end - end - - - shared_examples_for 'logging params unset' do - [ :logging_context_format_string, :logging_default_format_string, - :logging_debug_format_suffix, :logging_exception_prefix, - :log_config_append, :publish_errors, - :default_log_levels, :fatal_deprecations, - :instance_format, :instance_uuid_format, - :log_date_format, ].each { |param| - it { is_expected.to contain_glance_cache_config("DEFAULT/#{param}").with_value('') } - } - end - - on_supported_os({ - :supported_os => OSDefaults.get_supported_os - }).each do |os,facts| - context "on #{os}" do - let (:facts) do - facts.merge!(OSDefaults.get_facts()) - end - - it_configures 'glance-cache-logging' - end - end -end diff --git a/glance/spec/classes/glance_cache_pruner_spec.rb b/glance/spec/classes/glance_cache_pruner_spec.rb deleted file mode 100644 index 32b809754..000000000 --- a/glance/spec/classes/glance_cache_pruner_spec.rb +++ /dev/null @@ -1,72 +0,0 @@ -require 'spec_helper' - -describe 'glance::cache::pruner' do - - shared_examples_for 'glance cache pruner' do - - context 'when default parameters' do - - it 'configures a cron' do - is_expected.to contain_cron('glance-cache-pruner').with( - :command => 'glance-cache-pruner ', - :environment => 'PATH=/bin:/usr/bin:/usr/sbin', - :user => 'glance', - :minute => '*/30', - :hour => '*', - :monthday => '*', - :month => '*', - :weekday => '*' - ) - is_expected.to contain_cron('glance-cache-pruner').with( - :require => "Package[#{platform_params[:api_package_name]}]" - ) - end - end - - context 'when overriding parameters' do - let :params do - { - :minute => 59, - :hour => 23, - :monthday => '1', - :month => '2', - :weekday => '3', - :command_options => '--config-dir /etc/glance/', - } - end - it 'configures a cron' do - is_expected.to contain_cron('glance-cache-pruner').with( - :command => 'glance-cache-pruner --config-dir /etc/glance/', - :environment => 'PATH=/bin:/usr/bin:/usr/sbin', - :user => 'glance', - :minute => 59, - :hour => 23, - :monthday => '1', - :month => '2', - :weekday => '3' - ) - end - end - end - - on_supported_os({ - :supported_os => OSDefaults.get_supported_os - }).each do |os,facts| - context "on #{os}" do - let (:facts) do - facts.merge!(OSDefaults.get_facts()) - end - - let(:platform_params) do - case facts[:osfamily] - when 'Debian' - { :api_package_name => 'glance-api' } - when 'RedHat' - { :api_package_name => 'openstack-glance' } - end - end - - it_configures 'glance cache pruner' - end - end -end diff --git a/glance/spec/classes/glance_client_spec.rb b/glance/spec/classes/glance_client_spec.rb deleted file mode 100644 index 5ff4b9b26..000000000 --- a/glance/spec/classes/glance_client_spec.rb +++ /dev/null @@ -1,26 +0,0 @@ -require 'spec_helper' - -describe 'glance::client' do - - shared_examples 'glance client' do - it { is_expected.to contain_class('glance::params') } - it { is_expected.to contain_package('python-glanceclient').with( - :name => 'python-glanceclient', - :ensure => 'present', - :tag => ['openstack'], - ) - } - end - - on_supported_os({ - :supported_os => OSDefaults.get_supported_os - }).each do |os,facts| - context "on #{os}" do - let (:facts) do - facts.merge!(OSDefaults.get_facts()) - end - - it_configures 'glance client' - end - end -end diff --git a/glance/spec/classes/glance_config_spec.rb b/glance/spec/classes/glance_config_spec.rb deleted file mode 100644 index 4245bed41..000000000 --- a/glance/spec/classes/glance_config_spec.rb +++ /dev/null @@ -1,95 +0,0 @@ -require 'spec_helper' - -describe 'glance::config' do - - let(:config_hash) do { - 'DEFAULT/foo' => { 'value' => 'fooValue' }, - 'DEFAULT/bar' => { 'value' => 'barValue' }, - 'DEFAULT/baz' => { 'ensure' => 'absent' } - } - end - - shared_examples_for 'glance_api_config' do - let :params do - { :api_config => config_hash, - :api_paste_ini_config => config_hash } - end - - it 'configures arbitrary glance-api configurations' do - is_expected.to contain_glance_api_config('DEFAULT/foo').with_value('fooValue') - is_expected.to contain_glance_api_config('DEFAULT/bar').with_value('barValue') - is_expected.to contain_glance_api_config('DEFAULT/baz').with_ensure('absent') - end - - it 'configures arbitrary glance-api-paste configurations' do - is_expected.to contain_glance_api_paste_ini('DEFAULT/foo').with_value('fooValue') - is_expected.to contain_glance_api_paste_ini('DEFAULT/bar').with_value('barValue') - is_expected.to contain_glance_api_paste_ini('DEFAULT/baz').with_ensure('absent') - end - end - - shared_examples_for 'glance_registry_config' do - let :params do - { :registry_config => config_hash, - :registry_paste_ini_config => config_hash } - end - - it 'configures arbitrary glance-registry configurations' do - is_expected.to contain_glance_registry_config('DEFAULT/foo').with_value('fooValue') - is_expected.to contain_glance_registry_config('DEFAULT/bar').with_value('barValue') - is_expected.to contain_glance_registry_config('DEFAULT/baz').with_ensure('absent') - end - - it 'configures arbitrary glance-registry-paste configurations' do - is_expected.to contain_glance_registry_paste_ini('DEFAULT/foo').with_value('fooValue') - is_expected.to contain_glance_registry_paste_ini('DEFAULT/bar').with_value('barValue') - is_expected.to contain_glance_registry_paste_ini('DEFAULT/baz').with_ensure('absent') - end - end - - shared_examples_for 'glance_glare_config' do - let :params do - { :glare_config => config_hash, - :glare_paste_ini_config => config_hash } - end - - it 'configures arbitrary glance-glare configurations' do - is_expected.to contain_glance_glare_config('DEFAULT/foo').with_value('fooValue') - is_expected.to contain_glance_glare_config('DEFAULT/bar').with_value('barValue') - is_expected.to contain_glance_glare_config('DEFAULT/baz').with_ensure('absent') - end - - it 'configures arbitrary glance-glare-paste configurations' do - is_expected.to contain_glance_glare_paste_ini('DEFAULT/foo').with_value('fooValue') - is_expected.to contain_glance_glare_paste_ini('DEFAULT/bar').with_value('barValue') - is_expected.to contain_glance_glare_paste_ini('DEFAULT/baz').with_ensure('absent') - end - end - - shared_examples_for 'glance_cache_config' do - let :params do - { :cache_config => config_hash } - end - - it 'configures arbitrary glance-cache configurations' do - is_expected.to contain_glance_cache_config('DEFAULT/foo').with_value('fooValue') - is_expected.to contain_glance_cache_config('DEFAULT/bar').with_value('barValue') - is_expected.to contain_glance_cache_config('DEFAULT/baz').with_ensure('absent') - end - end - - on_supported_os({ - :supported_os => OSDefaults.get_supported_os - }).each do |os,facts| - context "on #{os}" do - let (:facts) do - facts.merge!(OSDefaults.get_facts()) - end - - it_configures 'glance_api_config' - it_configures 'glance_registry_config' - it_configures 'glance_glare_config' - it_configures 'glance_cache_config' - end - end -end diff --git a/glance/spec/classes/glance_db_mysql_spec.rb b/glance/spec/classes/glance_db_mysql_spec.rb deleted file mode 100644 index a08c36ad0..000000000 --- a/glance/spec/classes/glance_db_mysql_spec.rb +++ /dev/null @@ -1,85 +0,0 @@ -require 'spec_helper' - -describe 'glance::db::mysql' do - shared_examples_for 'glance::db::mysql' do - let :pre_condition do - 'include mysql::server' - end - - describe "with default params" do - let :params do - { - :password => 'glancepass1', - } - end - - it { is_expected.to contain_openstacklib__db__mysql('glance').with( - :password_hash => '*41C910F70EB213CF4CB7B2F561B4995503C0A87B', - :charset => 'utf8', - :collate => 'utf8_general_ci', - )} - - end - - describe "overriding default params" do - let :params do - { - :password => 'glancepass2', - :dbname => 'glancedb2', - :charset => 'utf8', - } - end - - it { is_expected.to contain_openstacklib__db__mysql('glance').with( - :password_hash => '*6F9A1CB9BD83EE06F3903BDFF9F4188764E694CA', - :dbname => 'glancedb2', - :charset => 'utf8' - )} - - end - - describe "overriding allowed_hosts param to array" do - let :params do - { - :password => 'glancepass2', - :dbname => 'glancedb2', - :allowed_hosts => ['127.0.0.1','%'] - } - end - - end - - describe "overriding allowed_hosts param to string" do - let :params do - { - :password => 'glancepass2', - :dbname => 'glancedb2', - :allowed_hosts => '192.168.1.1' - } - end - - end - - describe "overriding allowed_hosts param equals to host param " do - let :params do - { - :password => 'glancepass2', - :dbname => 'glancedb2', - :allowed_hosts => '127.0.0.1' - } - end - end - end - - on_supported_os({ - :supported_os => OSDefaults.get_supported_os - }).each do |os,facts| - context "on #{os}" do - let (:facts) do - facts.merge!(OSDefaults.get_facts()) - end - - it_configures 'glance::db::mysql' - end - end -end diff --git a/glance/spec/classes/glance_db_postgresql_spec.rb b/glance/spec/classes/glance_db_postgresql_spec.rb deleted file mode 100644 index ab0faf3d2..000000000 --- a/glance/spec/classes/glance_db_postgresql_spec.rb +++ /dev/null @@ -1,37 +0,0 @@ -require 'spec_helper' - -describe 'glance::db::postgresql' do - - shared_examples_for 'glance::db::postgresql' do - let :req_params do - { :password => 'pw' } - end - - let :pre_condition do - 'include postgresql::server' - end - - context 'with only required parameters' do - let :params do - req_params - end - - it { is_expected.to contain_postgresql__server__db('glance').with( - :user => 'glance', - :password => 'md56c7c03b193c2c1e0667bc5bd891703db' - )} - end - end - - on_supported_os({ - :supported_os => OSDefaults.get_supported_os - }).each do |os,facts| - context "on #{os}" do - let (:facts) do - facts.merge!(OSDefaults.get_facts({ :concat_basedir => '/var/lib/puppet/concat' })) - end - - it_configures 'glance::db::postgresql' - end - end -end diff --git a/glance/spec/classes/glance_db_sync_spec.rb b/glance/spec/classes/glance_db_sync_spec.rb deleted file mode 100644 index 5b7d31197..000000000 --- a/glance/spec/classes/glance_db_sync_spec.rb +++ /dev/null @@ -1,47 +0,0 @@ -require 'spec_helper' - -describe 'glance::db::sync' do - - shared_examples_for 'glance-dbsync' do - - it 'runs glance-manage db_sync' do - is_expected.to contain_exec('glance-manage db_sync').with( - :command => 'glance-manage --config-file /etc/glance/glance-registry.conf db_sync', - :path => '/usr/bin', - :user => 'glance', - :refreshonly => 'true', - :logoutput => 'on_failure' - ) - end - - describe "overriding extra_params" do - let :params do - { - :extra_params => '--config-file /etc/glance/glance.conf', - } - end - - it {is_expected.to contain_exec('glance-manage db_sync').with( - :command => 'glance-manage --config-file /etc/glance/glance.conf db_sync', - :path => '/usr/bin', - :user => 'glance', - :refreshonly => 'true', - :logoutput => 'on_failure' - ) - } - end - end - - on_supported_os({ - :supported_os => OSDefaults.get_supported_os - }).each do |os,facts| - context "on #{os}" do - let (:facts) do - facts.merge!(OSDefaults.get_facts({ :concat_basedir => '/var/lib/puppet/concat' })) - end - - it_configures 'glance-dbsync' - end - end - -end diff --git a/glance/spec/classes/glance_glare_db_spec.rb b/glance/spec/classes/glance_glare_db_spec.rb deleted file mode 100644 index 20f157ccd..000000000 --- a/glance/spec/classes/glance_glare_db_spec.rb +++ /dev/null @@ -1,95 +0,0 @@ -require 'spec_helper' - -describe 'glance::glare::db' do - - shared_examples 'glance::glare::db' do - context 'with default parameters' do - it { is_expected.to contain_glance_glare_config('database/connection').with_value('sqlite:///var/lib/glance/glance.sqlite').with_secret(true) } - it { is_expected.to contain_glance_glare_config('database/idle_timeout').with_value('') } - it { is_expected.to contain_glance_glare_config('database/min_pool_size').with_value('') } - it { is_expected.to contain_glance_glare_config('database/max_retries').with_value('') } - it { is_expected.to contain_glance_glare_config('database/retry_interval').with_value('') } - it { is_expected.to contain_glance_glare_config('database/max_pool_size').with_value('') } - it { is_expected.to contain_glance_glare_config('database/max_overflow').with_value('') } - end - - context 'with specific parameters' do - let :params do - { :database_connection => 'mysql+pymysql://glance_glare:glance@localhost/glance', - :database_idle_timeout => '3601', - :database_min_pool_size => '2', - :database_max_retries => '11', - :database_retry_interval => '11', - :database_max_pool_size => '11', - :database_max_overflow => '21', - } - end - - it { is_expected.to contain_glance_glare_config('database/connection').with_value('mysql+pymysql://glance_glare:glance@localhost/glance').with_secret(true) } - it { is_expected.to contain_glance_glare_config('database/idle_timeout').with_value('3601') } - it { is_expected.to contain_glance_glare_config('database/min_pool_size').with_value('2') } - it { is_expected.to contain_glance_glare_config('database/max_retries').with_value('11') } - it { is_expected.to contain_glance_glare_config('database/retry_interval').with_value('11') } - it { is_expected.to contain_glance_glare_config('database/max_pool_size').with_value('11') } - it { is_expected.to contain_glance_glare_config('database/max_overflow').with_value('21') } - end - - context 'with MySQL-python library as backend package' do - let :params do - { :database_connection => 'mysql://glance_glare:glance@localhost/glance' } - end - - it { is_expected.to contain_package('python-mysqldb').with(:ensure => 'present') } - end - - context 'with incorrect pymysql database_connection string' do - let :params do - { :database_connection => 'foo+pymysql://glance_glare:glance@localhost/glance', } - end - - it_raises 'a Puppet::Error', /validate_re/ - end - - end - - shared_examples_for 'glance::glare::db Debian' do - context 'using pymysql driver' do - let :params do - { :database_connection => 'mysql+pymysql://glance_glare:glance@localhost/glance', } - end - - it 'install the proper backend package' do - is_expected.to contain_package('glance-backend-package').with( - :ensure => 'present', - :name => 'python-pymysql', - :tag => 'openstack' - ) - end - end - end - - shared_examples_for 'glance::glare::db RedHat' do - context 'using pymysql driver' do - let :params do - { :database_connection => 'mysql+pymysql://glance_glare:glance@localhost/glance', } - end - - it { is_expected.not_to contain_package('glance-backend-package') } - end - end - - on_supported_os({ - :supported_os => OSDefaults.get_supported_os - }).each do |os,facts| - context "on #{os}" do - let (:facts) do - facts.merge!(OSDefaults.get_facts()) - end - - it_configures 'glance::glare::db' - it_configures "glance::glare::db #{facts[:osfamily]}" - end - end - -end - diff --git a/glance/spec/classes/glance_glare_logging_spec.rb b/glance/spec/classes/glance_glare_logging_spec.rb deleted file mode 100644 index 1bb569e27..000000000 --- a/glance/spec/classes/glance_glare_logging_spec.rb +++ /dev/null @@ -1,142 +0,0 @@ -require 'spec_helper' - -describe 'glance::glare::logging' do - - let :params do - { - } - end - - let :log_params do - { - :logging_context_format_string => '%(asctime)s.%(msecs)03d %(process)d %(levelname)s %(name)s [%(request_id)s %(user_identity)s] %(instance)s%(message)s', - :logging_default_format_string => '%(asctime)s.%(msecs)03d %(process)d %(levelname)s %(name)s [-] %(instance)s%(message)s', - :logging_debug_format_suffix => '%(funcName)s %(pathname)s:%(lineno)d', - :logging_exception_prefix => '%(asctime)s.%(msecs)03d %(process)d TRACE %(name)s %(instance)s', - :log_config_append => '/etc/glance/logging.conf', - :publish_errors => true, - :default_log_levels => { - 'amqp' => 'WARN', 'amqplib' => 'WARN', 'boto' => 'WARN', - 'qpid' => 'WARN', 'sqlalchemy' => 'WARN', 'suds' => 'INFO', - 'iso8601' => 'WARN', - 'requests.packages.urllib3.connectionpool' => 'WARN' }, - :fatal_deprecations => true, - :instance_format => '[instance: %(uuid)s] ', - :instance_uuid_format => '[instance: %(uuid)s] ', - :log_date_format => '%Y-%m-%d %H:%M:%S', - :use_syslog => true, - :use_stderr => false, - :log_facility => 'LOG_FOO', - :log_dir => '/var/log', - :log_file => '/var/tmp/glance_glare_random.log', - :verbose => true, - :debug => true, - } - end - - shared_examples_for 'glance-glare-logging' do - - context 'with basic logging options and default settings' do - it_configures 'basic default logging settings' - end - - context 'with basic logging options and non-default settings' do - before { params.merge!( log_params ) } - it_configures 'basic non-default logging settings' - end - - context 'with extended logging options' do - before { params.merge!( log_params ) } - it_configures 'logging params set' - end - - context 'without extended logging options' do - it_configures 'logging params unset' - end - - end - - shared_examples 'basic default logging settings' do - it 'configures glance logging settins with default values' do - is_expected.to contain_glance_glare_config('DEFAULT/use_syslog').with(:value => '') - is_expected.to contain_glance_glare_config('DEFAULT/use_stderr').with(:value => '') - is_expected.to contain_glance_glare_config('DEFAULT/log_dir').with(:value => '/var/log/glance') - is_expected.to contain_glance_glare_config('DEFAULT/log_file').with(:value => '/var/log/glance/glare.log') - is_expected.to contain_glance_glare_config('DEFAULT/verbose').with(:value => '') - is_expected.to contain_glance_glare_config('DEFAULT/debug').with(:value => '') - end - end - - shared_examples 'basic non-default logging settings' do - it 'configures glance logging settins with non-default values' do - is_expected.to contain_glance_glare_config('DEFAULT/use_syslog').with(:value => 'true') - is_expected.to contain_glance_glare_config('DEFAULT/use_stderr').with(:value => 'false') - is_expected.to contain_glance_glare_config('DEFAULT/syslog_log_facility').with(:value => 'LOG_FOO') - is_expected.to contain_glance_glare_config('DEFAULT/log_dir').with(:value => '/var/log') - is_expected.to contain_glance_glare_config('DEFAULT/log_file').with(:value => '/var/tmp/glance_glare_random.log') - is_expected.to contain_glance_glare_config('DEFAULT/verbose').with(:value => 'true') - is_expected.to contain_glance_glare_config('DEFAULT/debug').with(:value => 'true') - end - end - - shared_examples_for 'logging params set' do - it 'enables logging params' do - is_expected.to contain_glance_glare_config('DEFAULT/logging_context_format_string').with_value( - '%(asctime)s.%(msecs)03d %(process)d %(levelname)s %(name)s [%(request_id)s %(user_identity)s] %(instance)s%(message)s') - - is_expected.to contain_glance_glare_config('DEFAULT/logging_default_format_string').with_value( - '%(asctime)s.%(msecs)03d %(process)d %(levelname)s %(name)s [-] %(instance)s%(message)s') - - is_expected.to contain_glance_glare_config('DEFAULT/logging_debug_format_suffix').with_value( - '%(funcName)s %(pathname)s:%(lineno)d') - - is_expected.to contain_glance_glare_config('DEFAULT/logging_exception_prefix').with_value( - '%(asctime)s.%(msecs)03d %(process)d TRACE %(name)s %(instance)s') - - is_expected.to contain_glance_glare_config('DEFAULT/log_config_append').with_value( - '/etc/glance/logging.conf') - is_expected.to contain_glance_glare_config('DEFAULT/publish_errors').with_value( - true) - - is_expected.to contain_glance_glare_config('DEFAULT/default_log_levels').with_value( - 'amqp=WARN,amqplib=WARN,boto=WARN,iso8601=WARN,qpid=WARN,requests.packages.urllib3.connectionpool=WARN,sqlalchemy=WARN,suds=INFO') - - is_expected.to contain_glance_glare_config('DEFAULT/fatal_deprecations').with_value( - true) - - is_expected.to contain_glance_glare_config('DEFAULT/instance_format').with_value( - '[instance: %(uuid)s] ') - - is_expected.to contain_glance_glare_config('DEFAULT/instance_uuid_format').with_value( - '[instance: %(uuid)s] ') - - is_expected.to contain_glance_glare_config('DEFAULT/log_date_format').with_value( - '%Y-%m-%d %H:%M:%S') - end - end - - - shared_examples_for 'logging params unset' do - [ :logging_context_format_string, :logging_default_format_string, - :logging_debug_format_suffix, :logging_exception_prefix, - :log_config_append, :publish_errors, - :default_log_levels, :fatal_deprecations, - :instance_format, :instance_uuid_format, - :log_date_format, ].each { |param| - it { is_expected.to contain_glance_glare_config("DEFAULT/#{param}").with_value('') } - } - end - - on_supported_os({ - :supported_os => OSDefaults.get_supported_os - }).each do |os,facts| - context "on #{os}" do - let (:facts) do - facts.merge!(OSDefaults.get_facts()) - end - - it_configures 'glance-glare-logging' - end - end - -end diff --git a/glance/spec/classes/glance_glare_spec.rb b/glance/spec/classes/glance_glare_spec.rb deleted file mode 100644 index 97d6c783f..000000000 --- a/glance/spec/classes/glance_glare_spec.rb +++ /dev/null @@ -1,295 +0,0 @@ -require 'spec_helper' - -describe 'glance::glare' do - - let :default_params do - { - :bind_host => '0.0.0.0', - :bind_port => '9494', - :auth_type => 'keystone', - :auth_region => '', - :enabled => true, - :manage_service => true, - :backlog => '4096', - :workers => '7', - :keystone_tenant => 'services', - :keystone_user => 'glance', - :keystone_password => 'ChangeMe', - :token_cache_time => '', - :memcached_servers => '', - :stores => false, - :default_store => false, - :os_region_name => 'RegionOne', - :signing_dir => '', - :pipeline => 'keystone', - :auth_uri => 'http://127.0.0.1:5000/', - :identity_uri => 'http://127.0.0.1:35357/', - } - end - - shared_examples_for 'glance::glare' do - [ - { - :bind_host => '127.0.0.1', - :bind_port => '9222', - :auth_type => 'not_keystone', - :auth_region => 'RegionOne2', - :enabled => false, - :backlog => '4095', - :workers => '5', - :keystone_tenant => 'admin2', - :keystone_user => 'admin2', - :keystone_password => 'ChangeMe2', - :token_cache_time => '300', - :os_region_name => 'RegionOne2', - :signing_dir => '/path/to/dir', - :pipeline => 'keystone2', - :auth_uri => 'http://127.0.0.1:5000/v2.0', - :identity_uri => 'http://127.0.0.1:35357/v2.0', - } - ].each do |param_set| - - describe "when #{param_set == {:keystone_password => 'ChangeMe'} ? "using default" : "specifying"} class parameters" do - - let :param_hash do - default_params.merge(param_set) - end - - let :params do - param_set - end - - it { is_expected.to contain_class 'glance' } - it { is_expected.to contain_class 'glance::policy' } - it { is_expected.to contain_class 'glance::glare::logging' } - it { is_expected.to contain_class 'glance::glare::db' } - - it { is_expected.to contain_service('glance-glare').with( - 'ensure' => (param_hash[:manage_service] && param_hash[:enabled]) ? 'running': 'stopped', - 'enable' => param_hash[:enabled], - 'hasstatus' => true, - 'hasrestart' => true, - 'tag' => 'glance-service', - ) } - - it { is_expected.to contain_glance_glare_config("paste_deploy/flavor").with_value(param_hash[:pipeline]) } - - it 'is_expected.to lay down default glare config' do - [ - 'bind_host', - 'bind_port', - 'auth_region' - ].each do |config| - is_expected.to contain_glance_glare_config("DEFAULT/#{config}").with_value(param_hash[config.intern]) - end - end - - it 'is_expected.to lay down default glance_store glare and cache config' do - [ - 'os_region_name', - ].each do |config| - is_expected.to contain_glance_glare_config("glance_store/#{config}").with_value(param_hash[config.intern]) - end - end - - it 'is_expected.to have no ssl options' do - is_expected.to contain_glance_glare_config('DEFAULT/ca_file').with_value('') - is_expected.to contain_glance_glare_config('DEFAULT/cert_file').with_value('') - is_expected.to contain_glance_glare_config('DEFAULT/key_file').with_value('') - end - - it 'is_expected.to configure itself for keystone if that is the auth_type' do - if params[:auth_type] == 'keystone' - is_expected.to contain('paste_deploy/flavor').with_value('keystone+cachemanagement') - is_expected.to contain_glance_glare_config('keystone_authtoken/memcached_servers').with_value(param_hash[:memcached_servers]) - ['admin_tenant_name', 'admin_user', 'admin_password', 'token_cache_time', 'signing_dir', 'auth_uri', 'identity_uri'].each do |config| - is_expected.to contain_glance_glare_config("keystone_authtoken/#{config}").with_value(param_hash[config.intern]) - end - is_expected.to contain_glance_glare_config('keystone_authtoken/admin_password').with_value(param_hash[:keystone_password]).with_secret(true) - end - end - end - - end - - describe 'with disabled service managing' do - let :params do - { - :keystone_password => 'ChangeMe', - :manage_service => false, - :enabled => false, - } - end - - it { is_expected.to contain_service('glance-glare').with( - 'ensure' => nil, - 'enable' => false, - 'hasstatus' => true, - 'hasrestart' => true, - 'tag' => 'glance-service', - ) } - end - - describe 'with overridden pipeline' do - let :params do - { - :keystone_password => 'ChangeMe', - :pipeline => 'something', - } - end - - it { is_expected.to contain_glance_glare_config('paste_deploy/flavor').with_value('something') } - end - - describe 'with blank pipeline' do - let :params do - { - :keystone_password => 'ChangeMe', - :pipeline => '', - } - end - - it { is_expected.to contain_glance_glare_config('paste_deploy/flavor').with_ensure('absent') } - end - - [ - 'keystone/', - 'keystone+', - '+keystone', - 'keystone+cachemanagement+', - '+' - ].each do |pipeline| - describe "with pipeline incorrect value #{pipeline}" do - let :params do - { - :keystone_password => 'ChangeMe', - :pipeline => pipeline - } - end - - it { expect { is_expected.to contain_glance_glare_config('filter:paste_deploy/flavor') }.to\ - raise_error(Puppet::Error, /validate_re\(\): .* does not match/) } - end - end - - describe 'with ssl options' do - let :params do - default_params.merge({ - :ca_file => '/tmp/ca_file', - :cert_file => '/tmp/cert_file', - :key_file => '/tmp/key_file', - }) - end - - context 'with ssl options' do - it { is_expected.to contain_glance_glare_config('DEFAULT/ca_file').with_value('/tmp/ca_file') } - it { is_expected.to contain_glance_glare_config('DEFAULT/cert_file').with_value('/tmp/cert_file') } - it { is_expected.to contain_glance_glare_config('DEFAULT/key_file').with_value('/tmp/key_file') } - end - end - describe 'with stores by default' do - let :params do - default_params - end - - it { is_expected.to_not contain_glance_glare_config('glance_store/stores').with_value('false') } - end - - describe 'with stores override' do - let :params do - default_params.merge({ - :default_store => 'glance.store.filesystem.Store', - :stores => ['glance.store.filesystem.Store','glance.store.http.Store'], - :multi_store => true, - }) - end - - it { is_expected.to contain_glance_glare_config('glance_store/default_store').with_value('glance.store.filesystem.Store') } - it { is_expected.to contain_glance_glare_config('glance_store/stores').with_value('glance.store.filesystem.Store,glance.store.http.Store') } - end - - describe 'with single store override and no default store' do - let :params do - default_params.merge({ - :stores => ['glance.store.filesystem.Store'], - :multi_store => true, - }) - end - - it { is_expected.to contain_glance_glare_config('glance_store/default_store').with_value('glance.store.filesystem.Store') } - it { is_expected.to contain_glance_glare_config('glance_store/stores').with_value('glance.store.filesystem.Store') } - end - - describe 'with multiple stores override and no default store' do - let :params do - default_params.merge({ - :stores => ['glance.store.filesystem.Store', 'glance.store.http.Store'], - :multi_store => true, - }) - end - - it { is_expected.to contain_glance_glare_config('glance_store/default_store').with_value('glance.store.filesystem.Store') } - it { is_expected.to contain_glance_glare_config('glance_store/stores').with_value('glance.store.filesystem.Store,glance.store.http.Store') } - end - - describe 'with wrong format of stores provided' do - let :params do - default_params.merge({ - :stores => 'glance.store.filesystem.Store', - }) - end - - it { is_expected.to raise_error(Puppet::Error, /is not an Array/) } - end - - describe 'with known_stores not set but with default_store' do - let :params do - default_params.merge({ - :default_store => 'glance.store.filesystem.Store', - :multi_store => true, - }) - end - - it { is_expected.to contain_glance_glare_config('glance_store/default_store').with_value('glance.store.filesystem.Store') } - it { is_expected.to contain_glance_glare_config('glance_store/stores').with_value('glance.store.filesystem.Store') } - end - end - - shared_examples_for 'glance::glare Debian' do - let(:params) { default_params } - - # We only test this on Debian platforms, since on RedHat there isn't a - # separate package for glance GLARE. - ['present', 'latest'].each do |package_ensure| - context "with package_ensure '#{package_ensure}'" do - let(:params) { default_params.merge({ :package_ensure => package_ensure }) } - it { is_expected.to contain_package('glance-glare').with( - :ensure => package_ensure, - :tag => ['openstack', 'glance-package'] - )} - end - end - end - - shared_examples_for 'glance::glare RedHat' do - let(:params) { default_params } - - it { is_expected.to contain_package('openstack-glance').with( - :tag => ['openstack', 'glance-package'], - )} - end - - on_supported_os({ - :supported_os => OSDefaults.get_supported_os - }).each do |os,facts| - context "on #{os}" do - let (:facts) do - facts.merge!(OSDefaults.get_facts()) - end - - it_configures 'glance::glare' - it_configures "glance::glare #{facts[:osfamily]}" - end - end - -end diff --git a/glance/spec/classes/glance_keystone_auth_spec.rb b/glance/spec/classes/glance_keystone_auth_spec.rb deleted file mode 100644 index 6f89c7a96..000000000 --- a/glance/spec/classes/glance_keystone_auth_spec.rb +++ /dev/null @@ -1,197 +0,0 @@ -require 'spec_helper' - -describe 'glance::keystone::auth' do - - shared_examples_for 'glance::keystone::auth' do - describe 'with defaults' do - - let :params do - {:password => 'pass'} - end - - it { is_expected.to contain_keystone_user('glance').with( - :ensure => 'present', - :password => 'pass' - )} - - it { is_expected.to contain_keystone_user_role('glance@services').with( - :ensure => 'present', - :roles => ['admin'] - ) } - - it { is_expected.to contain_keystone_service('Image Service::image').with( - :ensure => 'present', - :description => 'OpenStack Image Service' - ) } - - it { is_expected.to contain_keystone_endpoint('RegionOne/Image Service::image').with( - :ensure => 'present', - :public_url => 'http://127.0.0.1:9292', - :admin_url => 'http://127.0.0.1:9292', - :internal_url => 'http://127.0.0.1:9292' - )} - - end - - describe 'when auth_type, password, and service_type are overridden' do - - let :params do - { - :auth_name => 'glancey', - :password => 'password', - :service_type => 'imagey' - } - end - - it { is_expected.to contain_keystone_user('glancey').with( - :ensure => 'present', - :password => 'password' - )} - - it { is_expected.to contain_keystone_user_role('glancey@services').with( - :ensure => 'present', - :roles => ['admin'] - ) } - - it { is_expected.to contain_keystone_service('Image Service::imagey').with( - :ensure => 'present', - :description => 'OpenStack Image Service' - ) } - - end - - describe 'when overriding endpoint URLs' do - let :params do - { :password => 'passw0rd', - :region => 'RegionTwo', - :public_url => 'https://10.10.10.10:81/v2', - :internal_url => 'https://10.10.10.11:81/v2', - :admin_url => 'https://10.10.10.12:81/v2' } - end - - it { is_expected.to contain_keystone_endpoint('RegionTwo/Image Service::image').with( - :ensure => 'present', - :public_url => 'https://10.10.10.10:81/v2', - :internal_url => 'https://10.10.10.11:81/v2', - :admin_url => 'https://10.10.10.12:81/v2' - ) } - end - - describe 'with deprecated endpoints parameters' do - - let :params do - { - :password => 'pass', - :public_address => '10.0.0.1', - :admin_address => '10.0.0.2', - :internal_address => '10.0.0.3', - :port => '9393', - :region => 'RegionTwo', - :public_protocol => 'https', - :admin_protocol => 'https', - :internal_protocol => 'https' - } - end - - it { is_expected.to contain_keystone_endpoint('RegionTwo/Image Service::image').with( - :ensure => 'present', - :public_url => 'https://10.0.0.1:9393', - :admin_url => 'https://10.0.0.2:9393', - :internal_url => 'https://10.0.0.3:9393' - )} - - end - - describe 'when endpoint is not set' do - - let :params do - { - :configure_endpoint => false, - :password => 'pass', - } - end - - it { is_expected.to_not contain_keystone_endpoint('RegionOne/Image Service::image') } - end - - describe 'when disabling user configuration' do - let :params do - { - :configure_user => false, - :password => 'pass', - } - end - - it { is_expected.to_not contain_keystone_user('glance') } - - it { is_expected.to contain_keystone_user_role('glance@services') } - - it { is_expected.to contain_keystone_service('Image Service::image').with( - :ensure => 'present', - :description => 'OpenStack Image Service' - ) } - end - - describe 'when disabling user and user role configuration' do - let :params do - { - :configure_user => false, - :configure_user_role => false, - :password => 'pass', - } - end - - it { is_expected.to_not contain_keystone_user('glance') } - - it { is_expected.to_not contain_keystone_user_role('glance@services') } - - it { is_expected.to contain_keystone_service('Image Service::image').with( - :ensure => 'present', - :description => 'OpenStack Image Service' - ) } - end - - describe 'when configuring glance-api and the keystone endpoint' do - let :pre_condition do - "class { 'glance::api': keystone_password => 'test' }" - end - - let :params do - { - :password => 'test', - :configure_endpoint => true - } - end - - it { is_expected.to contain_keystone_endpoint('RegionOne/Image Service::image').with_notify(["Service[glance-api]"]) } - end - - describe 'when overriding service name' do - - let :params do - { - :service_name => 'glance_service', - :password => 'pass' - } - end - - it { is_expected.to contain_keystone_user('glance') } - it { is_expected.to contain_keystone_user_role('glance@services') } - it { is_expected.to contain_keystone_service('glance_service::image') } - it { is_expected.to contain_keystone_endpoint('RegionOne/glance_service::image') } - - end - end - - on_supported_os({ - :supported_os => OSDefaults.get_supported_os - }).each do |os,facts| - context "on #{os}" do - let (:facts) do - facts.merge!(OSDefaults.get_facts()) - end - - it_configures 'glance::keystone::auth' - end - end -end diff --git a/glance/spec/classes/glance_keystone_glare_auth_spec.rb b/glance/spec/classes/glance_keystone_glare_auth_spec.rb deleted file mode 100644 index 2e3381041..000000000 --- a/glance/spec/classes/glance_keystone_glare_auth_spec.rb +++ /dev/null @@ -1,172 +0,0 @@ -require 'spec_helper' - -describe 'glance::keystone::glare_auth' do - - shared_examples_for 'glance::keystone::glare_auth' do - describe 'with defaults' do - - let :params do - {:password => 'pass'} - end - - it { is_expected.to contain_keystone_user('glare').with( - :ensure => 'present', - :password => 'pass' - )} - - it { is_expected.to contain_keystone_user_role('glare@services').with( - :ensure => 'present', - :roles => ['admin'] - ) } - - it { is_expected.to contain_keystone_service('Glance Artifacts::artifact').with( - :ensure => 'present', - :description => 'Glance Artifact Service' - ) } - - it { is_expected.to contain_keystone_endpoint('RegionOne/Glance Artifacts::artifact').with( - :ensure => 'present', - :public_url => 'http://127.0.0.1:9494', - :admin_url => 'http://127.0.0.1:9494', - :internal_url => 'http://127.0.0.1:9494' - )} - - end - - describe 'when auth_type, password, and service_type are overridden' do - - let :params do - { - :auth_name => 'glarey', - :password => 'password', - :service_type => 'glarey' - } - end - - it { is_expected.to contain_keystone_user('glarey').with( - :ensure => 'present', - :password => 'password' - )} - - it { is_expected.to contain_keystone_user_role('glarey@services').with( - :ensure => 'present', - :roles => ['admin'] - ) } - - it { is_expected.to contain_keystone_service('Glance Artifacts::glarey').with( - :ensure => 'present', - :description => 'Glance Artifact Service' - ) } - - end - - describe 'when overriding endpoint URLs' do - let :params do - { :password => 'passw0rd', - :region => 'RegionTwo', - :public_url => 'https://10.10.10.10:82/v2', - :internal_url => 'https://10.10.10.11:82/v2', - :admin_url => 'https://10.10.10.12:82/v2' } - end - - it { is_expected.to contain_keystone_endpoint('RegionTwo/Glance Artifacts::artifact').with( - :ensure => 'present', - :public_url => 'https://10.10.10.10:82/v2', - :internal_url => 'https://10.10.10.11:82/v2', - :admin_url => 'https://10.10.10.12:82/v2' - ) } - end - - describe 'when endpoint is not set' do - - let :params do - { - :configure_endpoint => false, - :password => 'pass', - } - end - - it { is_expected.to_not contain_keystone_endpoint('RegionOne/Glance Artifacts::artifact') } - end - - describe 'when disabling user configuration' do - let :params do - { - :configure_user => false, - :password => 'pass', - } - end - - it { is_expected.to_not contain_keystone_user('glare') } - - it { is_expected.to contain_keystone_user_role('glare@services') } - - it { is_expected.to contain_keystone_service('Glance Artifacts::artifact').with( - :ensure => 'present', - :description => 'Glance Artifact Service' - ) } - end - - describe 'when disabling user and user role configuration' do - let :params do - { - :configure_user => false, - :configure_user_role => false, - :password => 'pass', - } - end - - it { is_expected.to_not contain_keystone_user('glare') } - - it { is_expected.to_not contain_keystone_user_role('glare@services') } - - it { is_expected.to contain_keystone_service('Glance Artifacts::artifact').with( - :ensure => 'present', - :description => 'Glance Artifact Service' - ) } - end - - describe 'when configuring glance-glare and the keystone endpoint' do - let :pre_condition do - "class { 'glance::glare': keystone_password => 'test' }" - end - - let :params do - { - :password => 'test', - :configure_endpoint => true - } - end - - it { is_expected.to contain_keystone_endpoint('RegionOne/Glance Artifacts::artifact').with_notify(["Service[glance-glare]"]) } - end - - describe 'when overriding service name' do - - let :params do - { - :service_name => 'glance_service', - :password => 'pass' - } - end - - it { is_expected.to contain_keystone_user('glare') } - it { is_expected.to contain_keystone_user_role('glare@services') } - it { is_expected.to contain_keystone_service('glance_service::artifact') } - it { is_expected.to contain_keystone_endpoint('RegionOne/glance_service::artifact') } - - end - end - - on_supported_os({ - :supported_os => OSDefaults.get_supported_os - }).each do |os,facts| - context "on #{os}" do - let (:facts) do - facts.merge!(OSDefaults.get_facts()) - end - - it_configures 'glance::keystone::glare_auth' - end - end -end diff --git a/glance/spec/classes/glance_notify_rabbitmq_spec.rb b/glance/spec/classes/glance_notify_rabbitmq_spec.rb deleted file mode 100644 index ba963dad5..000000000 --- a/glance/spec/classes/glance_notify_rabbitmq_spec.rb +++ /dev/null @@ -1,175 +0,0 @@ -require 'spec_helper' -describe 'glance::notify::rabbitmq' do - - shared_examples_for 'glance::notify::rabbitmq' do - let :pre_condition do - 'class { "glance::api": keystone_password => "pass" }' - end - - describe 'when defaults with rabbit pass specified' do - let :params do - {:rabbit_password => 'pass'} - end - it { is_expected.to contain_glance_api_config('DEFAULT/notification_driver').with_value('messaging') } - it { is_expected.to contain_glance_api_config('oslo_messaging_rabbit/rabbit_password').with_value('pass') } - it { is_expected.to contain_glance_api_config('oslo_messaging_rabbit/rabbit_password').with_value(params[:rabbit_password]).with_secret(true) } - it { is_expected.to contain_glance_api_config('oslo_messaging_rabbit/rabbit_userid').with_value('guest') } - it { is_expected.to contain_glance_api_config('oslo_messaging_rabbit/rabbit_host').with_value('localhost') } - it { is_expected.to contain_glance_api_config('oslo_messaging_rabbit/rabbit_port').with_value('5672') } - it { is_expected.to contain_glance_api_config('oslo_messaging_rabbit/rabbit_hosts').with_value('localhost:5672') } - it { is_expected.to contain_glance_api_config('oslo_messaging_rabbit/rabbit_ha_queues').with_value('false') } - it { is_expected.to contain_glance_api_config('oslo_messaging_rabbit/amqp_durable_queues').with_value('false') } - it { is_expected.to contain_glance_api_config('oslo_messaging_rabbit/rabbit_virtual_host').with_value('/') } - it { is_expected.to contain_glance_api_config('oslo_messaging_rabbit/rabbit_notification_exchange').with_value('glance') } - it { is_expected.to contain_glance_api_config('oslo_messaging_rabbit/rabbit_notification_topic').with_value('notifications') } - it { is_expected.to contain_glance_api_config('oslo_messaging_rabbit/heartbeat_timeout_threshold').with_value('0') } - it { is_expected.to contain_glance_api_config('oslo_messaging_rabbit/heartbeat_rate').with_value('2') } - it { is_expected.to contain_glance_api_config('oslo_messaging_rabbit/kombu_reconnect_delay').with_value('') } - end - - describe 'when passing params and use ssl' do - let :params do - { - :rabbit_password => 'pass', - :rabbit_userid => 'guest2', - :rabbit_host => 'localhost2', - :rabbit_port => '5673', - :rabbit_use_ssl => true, - :rabbit_durable_queues => true, - :kombu_reconnect_delay => '5.0' - } - it { is_expected.to contain_glance_api_config('oslo_messaging_rabbit/rabbit_userid').with_value('guest2') } - it { is_expected.to contain_glance_api_config('oslo_messaging_rabbit/rabbit_host').with_value('localhost2') } - it { is_expected.to contain_glance_api_config('oslo_messaging_rabbit/rabbit_port').with_value('5673') } - it { is_expected.to contain_glance_api_config('oslo_messaging_rabbit/rabbit_use_ssl').with_value('true') } - it { is_expected.to contain_glance_api_config('oslo_messaging_rabbit/kombu_ssl_ca_certs').with_ensure('absent') } - it { is_expected.to contain_glance_api_config('oslo_messaging_rabbit/kombu_ssl_certfile').with_ensure('absent') } - it { is_expected.to contain_glance_api_config('oslo_messaging_rabbit/kombu_ssl_keyfile').with_ensure('absent') } - it { is_expected.to contain_glance_api_config('oslo_messaging_rabbit/kombu_ssl_version').with_value('TLSv1') } - it { is_expected.to contain_glance_api_config('oslo_messaging_rabbit/rabbit_durable_queues').with_value('true') } - it { is_expected.to contain_glance_api_config('oslo_messaging_rabbit/kombu_reconnect_delay').with_value('5.0') } - end - end - - describe 'with rabbit ssl cert parameters' do - let :params do - { - :rabbit_password => 'pass', - :rabbit_use_ssl => 'true', - :kombu_ssl_ca_certs => '/etc/ca.cert', - :kombu_ssl_certfile => '/etc/certfile', - :kombu_ssl_keyfile => '/etc/key', - :kombu_ssl_version => 'TLSv1', - } - end - it { is_expected.to contain_glance_api_config('oslo_messaging_rabbit/rabbit_use_ssl').with_value(true) } - it { is_expected.to contain_glance_api_config('oslo_messaging_rabbit/kombu_ssl_ca_certs').with_value('/etc/ca.cert') } - it { is_expected.to contain_glance_api_config('oslo_messaging_rabbit/kombu_ssl_certfile').with_value('/etc/certfile') } - it { is_expected.to contain_glance_api_config('oslo_messaging_rabbit/kombu_ssl_keyfile').with_value('/etc/key') } - it { is_expected.to contain_glance_api_config('oslo_messaging_rabbit/kombu_ssl_version').with_value('TLSv1') } - end - - describe 'with rabbit ssl disabled' do - let :params do - { - :rabbit_password => 'pass', - :rabbit_use_ssl => false, - :kombu_ssl_ca_certs => 'undef', - :kombu_ssl_certfile => 'undef', - :kombu_ssl_keyfile => 'undef', - :kombu_ssl_version => 'TLSv1', - } - end - - it { is_expected.to contain_glance_api_config('oslo_messaging_rabbit/rabbit_use_ssl').with_value('false') } - it { is_expected.to contain_glance_api_config('oslo_messaging_rabbit/kombu_ssl_ca_certs').with_ensure('absent') } - it { is_expected.to contain_glance_api_config('oslo_messaging_rabbit/kombu_ssl_certfile').with_ensure('absent') } - it { is_expected.to contain_glance_api_config('oslo_messaging_rabbit/kombu_ssl_keyfile').with_ensure('absent') } - it { is_expected.to contain_glance_api_config('oslo_messaging_rabbit/kombu_ssl_version').with_ensure('absent') } - end - - describe 'when passing params for single rabbit host' do - let :params do - { - :rabbit_password => 'pass', - :rabbit_userid => 'guest2', - :rabbit_host => 'localhost2', - :rabbit_port => '5673', - :rabbit_use_ssl => true, - :rabbit_durable_queues => true, - } - end - it { is_expected.to contain_glance_api_config('oslo_messaging_rabbit/rabbit_userid').with_value('guest2') } - it { is_expected.to contain_glance_api_config('oslo_messaging_rabbit/rabbit_host').with_value('localhost2') } - it { is_expected.to contain_glance_api_config('oslo_messaging_rabbit/rabbit_port').with_value('5673') } - it { is_expected.to contain_glance_api_config('oslo_messaging_rabbit/rabbit_hosts').with_value('localhost2:5673') } - it { is_expected.to contain_glance_api_config('oslo_messaging_rabbit/rabbit_use_ssl').with_value('true') } - it { is_expected.to contain_glance_api_config('oslo_messaging_rabbit/amqp_durable_queues').with_value('true') } - end - - describe 'when passing params for multiple rabbit hosts' do - let :params do - { - :rabbit_password => 'pass', - :rabbit_userid => 'guest3', - :rabbit_hosts => ['nonlocalhost3:5673', 'nonlocalhost4:5673'] - } - end - it { is_expected.to contain_glance_api_config('oslo_messaging_rabbit/rabbit_userid').with_value('guest3') } - it { is_expected.to contain_glance_api_config('oslo_messaging_rabbit/rabbit_hosts').with_value( - 'nonlocalhost3:5673,nonlocalhost4:5673') } - it { is_expected.to contain_glance_api_config('oslo_messaging_rabbit/rabbit_ha_queues').with_value('true') } - it { is_expected.to_not contain_glance_api_config('oslo_messaging_rabbit/rabbit_port') } - it { is_expected.to_not contain_glance_api_config('oslo_messaging_rabbit/rabbit_host') } - end - - describe 'a single rabbit_host with enable ha queues' do - let :params do - { - :rabbit_password => 'pass', - :rabbit_userid => 'guest3', - :rabbit_ha_queues => true, - } - end - - it 'should contain rabbit_ha_queues' do - is_expected.to contain_glance_api_config('oslo_messaging_rabbit/rabbit_ha_queues').with_value('true') - end - end - - describe 'when passing params for rabbitmq heartbeat' do - let :params do - { - :rabbit_password => 'pass', - :rabbit_heartbeat_timeout_threshold => '60', - :rabbit_heartbeat_rate => '10', - } - end - it { is_expected.to contain_glance_api_config('oslo_messaging_rabbit/heartbeat_timeout_threshold').with_value('60') } - it { is_expected.to contain_glance_api_config('oslo_messaging_rabbit/heartbeat_rate').with_value('10') } - end - - describe 'when using deprecated params' do - let :params do - { - :rabbit_durable_queues => true, - :rabbit_password => 'pass' - } - end - it { is_expected.to contain_glance_api_config('oslo_messaging_rabbit/amqp_durable_queues').with_value('true') } - end - end - - - on_supported_os({ - :supported_os => OSDefaults.get_supported_os - }).each do |os,facts| - context "on #{os}" do - let (:facts) do - facts.merge!(OSDefaults.get_facts()) - end - - it_configures 'glance::notify::rabbitmq' - end - end -end diff --git a/glance/spec/classes/glance_policy_spec.rb b/glance/spec/classes/glance_policy_spec.rb deleted file mode 100644 index 053b2ea6d..000000000 --- a/glance/spec/classes/glance_policy_spec.rb +++ /dev/null @@ -1,37 +0,0 @@ -require 'spec_helper' - -describe 'glance::policy' do - - shared_examples_for 'glance policies' do - let :params do - { - :policy_path => '/etc/glance/policy.json', - :policies => { - 'context_is_admin' => { - 'key' => 'context_is_admin', - 'value' => 'foo:bar' - } - } - } - end - - it 'set up the policies' do - is_expected.to contain_openstacklib__policy__base('context_is_admin').with({ - :key => 'context_is_admin', - :value => 'foo:bar' - }) - end - end - - on_supported_os({ - :supported_os => OSDefaults.get_supported_os - }).each do |os,facts| - context "on #{os}" do - let (:facts) do - facts.merge!(OSDefaults.get_facts()) - end - - it_configures 'glance policies' - end - end -end diff --git a/glance/spec/classes/glance_registry_db_spec.rb b/glance/spec/classes/glance_registry_db_spec.rb deleted file mode 100644 index 7a9c9f602..000000000 --- a/glance/spec/classes/glance_registry_db_spec.rb +++ /dev/null @@ -1,96 +0,0 @@ -require 'spec_helper' - -describe 'glance::registry::db' do - - shared_examples 'glance::registry::db' do - context 'with default parameters' do - it { is_expected.to contain_glance_registry_config('database/connection').with_value('sqlite:///var/lib/glance/glance.sqlite').with_secret(true) } - it { is_expected.to contain_glance_registry_config('database/idle_timeout').with_value('') } - it { is_expected.to contain_glance_registry_config('database/min_pool_size').with_value('') } - it { is_expected.to contain_glance_registry_config('database/max_retries').with_value('') } - it { is_expected.to contain_glance_registry_config('database/retry_interval').with_value('') } - it { is_expected.to contain_glance_registry_config('database/max_pool_size').with_value('') } - it { is_expected.to contain_glance_registry_config('database/max_overflow').with_value('') } - end - - context 'with specific parameters' do - let :params do - { :database_connection => 'mysql+pymysql://glance_registry:glance@localhost/glance', - :database_idle_timeout => '3601', - :database_min_pool_size => '2', - :database_max_retries => '11', - :database_retry_interval => '11', - :database_max_pool_size => '11', - :database_max_overflow => '21', - } - end - - it { is_expected.to contain_glance_registry_config('database/connection').with_value('mysql+pymysql://glance_registry:glance@localhost/glance').with_secret(true) } - it { is_expected.to contain_glance_registry_config('database/idle_timeout').with_value('3601') } - it { is_expected.to contain_glance_registry_config('database/min_pool_size').with_value('2') } - it { is_expected.to contain_glance_registry_config('database/max_retries').with_value('11') } - it { is_expected.to contain_glance_registry_config('database/retry_interval').with_value('11') } - it { is_expected.to contain_glance_registry_config('database/max_pool_size').with_value('11') } - it { is_expected.to contain_glance_registry_config('database/max_overflow').with_value('21') } - end - - context 'with MySQL-python library as backend package' do - let :params do - { :database_connection => 'mysql://glance_registry:glance@localhost/glance' } - end - - it { is_expected.to contain_package('python-mysqldb').with(:ensure => 'present') } - end - - context 'with incorrect pymysql database_connection string' do - let :params do - { :database_connection => 'foo+pymysql://glance_registry:glance@localhost/glance', } - end - - it_raises 'a Puppet::Error', /validate_re/ - end - - end - - shared_examples_for 'glance::registry::db Debian' do - context 'using pymysql driver' do - let :params do - { :database_connection => 'mysql+pymysql://glance_registry:glance@localhost/glance', } - end - - it 'install the proper backend package' do - is_expected.to contain_package('glance-backend-package').with( - :ensure => 'present', - :name => 'python-pymysql', - :tag => 'openstack' - ) - end - end - end - - shared_examples_for 'glance::registry::db RedHat' do - context 'using pymysql driver' do - let :params do - { :database_connection => 'mysql+pymysql://glance_registry:glance@localhost/glance', } - end - - it { is_expected.not_to contain_package('glance-backend-package') } - end - end - - - on_supported_os({ - :supported_os => OSDefaults.get_supported_os - }).each do |os,facts| - context "on #{os}" do - let (:facts) do - facts.merge!(OSDefaults.get_facts()) - end - - it_configures 'glance::registry::db' - it_configures "glance::registry::db #{facts[:osfamily]}" - end - end - -end - diff --git a/glance/spec/classes/glance_registry_logging_spec.rb b/glance/spec/classes/glance_registry_logging_spec.rb deleted file mode 100644 index e2a289ebd..000000000 --- a/glance/spec/classes/glance_registry_logging_spec.rb +++ /dev/null @@ -1,141 +0,0 @@ -require 'spec_helper' - -describe 'glance::registry::logging' do - - let :params do - { - } - end - - let :log_params do - { - :logging_context_format_string => '%(asctime)s.%(msecs)03d %(process)d %(levelname)s %(name)s [%(request_id)s %(user_identity)s] %(instance)s%(message)s', - :logging_default_format_string => '%(asctime)s.%(msecs)03d %(process)d %(levelname)s %(name)s [-] %(instance)s%(message)s', - :logging_debug_format_suffix => '%(funcName)s %(pathname)s:%(lineno)d', - :logging_exception_prefix => '%(asctime)s.%(msecs)03d %(process)d TRACE %(name)s %(instance)s', - :log_config_append => '/etc/glance/logging.conf', - :publish_errors => true, - :default_log_levels => { - 'amqp' => 'WARN', 'amqplib' => 'WARN', 'boto' => 'WARN', - 'qpid' => 'WARN', 'sqlalchemy' => 'WARN', 'suds' => 'INFO', - 'iso8601' => 'WARN', - 'requests.packages.urllib3.connectionpool' => 'WARN' }, - :fatal_deprecations => true, - :instance_format => '[instance: %(uuid)s] ', - :instance_uuid_format => '[instance: %(uuid)s] ', - :log_date_format => '%Y-%m-%d %H:%M:%S', - :use_syslog => true, - :use_stderr => false, - :log_facility => 'LOG_FOO', - :log_dir => '/var/log', - :log_file => '/var/tmp/glance_registry_random.log', - :verbose => true, - :debug => true, - } - end - - shared_examples_for 'glance-registry-logging' do - - context 'with basic logging options and default settings' do - it_configures 'basic default logging settings' - end - - context 'with basic logging options and non-default settings' do - before { params.merge!( log_params ) } - it_configures 'basic non-default logging settings' - end - - context 'with extended logging options' do - before { params.merge!( log_params ) } - it_configures 'logging params set' - end - - context 'without extended logging options' do - it_configures 'logging params unset' - end - - end - - shared_examples 'basic default logging settings' do - it 'configures glance logging settins with default values' do - is_expected.to contain_glance_registry_config('DEFAULT/use_syslog').with(:value => 'false') - is_expected.to contain_glance_registry_config('DEFAULT/use_stderr').with(:value => 'true') - is_expected.to contain_glance_registry_config('DEFAULT/log_dir').with(:value => '/var/log/glance') - is_expected.to contain_glance_registry_config('DEFAULT/log_file').with(:value => '/var/log/glance/registry.log') - is_expected.to contain_glance_registry_config('DEFAULT/verbose').with(:value => 'false') - is_expected.to contain_glance_registry_config('DEFAULT/debug').with(:value => 'false') - end - end - - shared_examples 'basic non-default logging settings' do - it 'configures glance logging settins with non-default values' do - is_expected.to contain_glance_registry_config('DEFAULT/use_syslog').with(:value => 'true') - is_expected.to contain_glance_registry_config('DEFAULT/use_stderr').with(:value => 'false') - is_expected.to contain_glance_registry_config('DEFAULT/syslog_log_facility').with(:value => 'LOG_FOO') - is_expected.to contain_glance_registry_config('DEFAULT/log_dir').with(:value => '/var/log') - is_expected.to contain_glance_registry_config('DEFAULT/log_file').with(:value => '/var/tmp/glance_registry_random.log') - is_expected.to contain_glance_registry_config('DEFAULT/verbose').with(:value => 'true') - is_expected.to contain_glance_registry_config('DEFAULT/debug').with(:value => 'true') - end - end - - shared_examples_for 'logging params set' do - it 'enables logging params' do - is_expected.to contain_glance_registry_config('DEFAULT/logging_context_format_string').with_value( - '%(asctime)s.%(msecs)03d %(process)d %(levelname)s %(name)s [%(request_id)s %(user_identity)s] %(instance)s%(message)s') - - is_expected.to contain_glance_registry_config('DEFAULT/logging_default_format_string').with_value( - '%(asctime)s.%(msecs)03d %(process)d %(levelname)s %(name)s [-] %(instance)s%(message)s') - - is_expected.to contain_glance_registry_config('DEFAULT/logging_debug_format_suffix').with_value( - '%(funcName)s %(pathname)s:%(lineno)d') - - is_expected.to contain_glance_registry_config('DEFAULT/logging_exception_prefix').with_value( - '%(asctime)s.%(msecs)03d %(process)d TRACE %(name)s %(instance)s') - - is_expected.to contain_glance_registry_config('DEFAULT/log_config_append').with_value( - '/etc/glance/logging.conf') - is_expected.to contain_glance_registry_config('DEFAULT/publish_errors').with_value( - true) - - is_expected.to contain_glance_registry_config('DEFAULT/default_log_levels').with_value( - 'amqp=WARN,amqplib=WARN,boto=WARN,iso8601=WARN,qpid=WARN,requests.packages.urllib3.connectionpool=WARN,sqlalchemy=WARN,suds=INFO') - - is_expected.to contain_glance_registry_config('DEFAULT/fatal_deprecations').with_value( - true) - - is_expected.to contain_glance_registry_config('DEFAULT/instance_format').with_value( - '[instance: %(uuid)s] ') - - is_expected.to contain_glance_registry_config('DEFAULT/instance_uuid_format').with_value( - '[instance: %(uuid)s] ') - - is_expected.to contain_glance_registry_config('DEFAULT/log_date_format').with_value( - '%Y-%m-%d %H:%M:%S') - end - end - - - shared_examples_for 'logging params unset' do - [ :logging_context_format_string, :logging_default_format_string, - :logging_debug_format_suffix, :logging_exception_prefix, - :log_config_append, :publish_errors, - :default_log_levels, :fatal_deprecations, - :instance_format, :instance_uuid_format, - :log_date_format, ].each { |param| - it { is_expected.to contain_glance_registry_config("DEFAULT/#{param}").with_ensure('absent') } - } - end - - on_supported_os({ - :supported_os => OSDefaults.get_supported_os - }).each do |os,facts| - context "on #{os}" do - let (:facts) do - facts.merge!(OSDefaults.get_facts()) - end - - it_configures 'glance-registry-logging' - end - end -end diff --git a/glance/spec/classes/glance_registry_spec.rb b/glance/spec/classes/glance_registry_spec.rb deleted file mode 100644 index 3819a1c3e..000000000 --- a/glance/spec/classes/glance_registry_spec.rb +++ /dev/null @@ -1,237 +0,0 @@ - -describe 'glance::registry' do - let :default_params do - { - :verbose => false, - :debug => false, - :use_stderr => true, - :bind_host => '0.0.0.0', - :bind_port => '9191', - :workers => facts[:processorcount], - :log_file => '/var/log/glance/registry.log', - :log_dir => '/var/log/glance', - :enabled => true, - :manage_service => true, - :auth_type => 'keystone', - :auth_uri => 'http://127.0.0.1:5000/', - :identity_uri => 'http://127.0.0.1:35357/', - :keystone_tenant => 'services', - :keystone_user => 'glance', - :keystone_password => 'ChangeMe', - :purge_config => false, - :sync_db => true, - :os_region_name => '', - :signing_dir => '', - :token_cache_time => '', - :memcached_servers => '', - } - end - - shared_examples_for 'glance::registry' do - [ - {:keystone_password => 'ChangeMe'}, - { - :bind_host => '127.0.0.1', - :bind_port => '9111', - :workers => '5', - :enabled => false, - :auth_type => 'keystone', - :auth_uri => 'http://127.0.0.1:5000/v2.0', - :identity_uri => 'http://127.0.0.1:35357/v2.0', - :keystone_tenant => 'admin', - :keystone_user => 'admin', - :keystone_password => 'ChangeMe', - :sync_db => false, - :os_region_name => 'RegionOne2', - :signing_dir => '/path/to/dir', - :token_cache_time => '300', - } - ].each do |param_set| - - describe "when #{param_set == {:keystone_password => 'ChangeMe'} ? "using default" : "specifying"} class parameters" do - let :param_hash do - default_params.merge(param_set) - end - - let :params do - param_set - end - - it { is_expected.to contain_class 'glance::registry' } - it { is_expected.to contain_class 'glance::registry::db' } - it { is_expected.to contain_class 'glance::registry::logging' } - - it { is_expected.to contain_service('glance-registry').with( - 'ensure' => (param_hash[:manage_service] && param_hash[:enabled]) ? 'running' : 'stopped', - 'enable' => param_hash[:enabled], - 'hasstatus' => true, - 'hasrestart' => true, - 'require' => 'Class[Glance]', - 'tag' => 'glance-service', - )} - - it 'is_expected.to not sync the db if sync_db is set to false' do - - if !param_hash[:sync_db] - is_expected.not_to contain_exec('glance-manage db_sync') - end - end - it 'is_expected.to configure itself' do - [ - 'workers', - 'bind_port', - 'bind_host', - ].each do |config| - is_expected.to contain_glance_registry_config("DEFAULT/#{config}").with_value(param_hash[config.intern]) - end - [ - 'auth_uri', - 'identity_uri' - ].each do |config| - is_expected.to contain_glance_registry_config("keystone_authtoken/#{config}").with_value(param_hash[config.intern]) - end - if param_hash[:auth_type] == 'keystone' - is_expected.to contain_glance_registry_config("paste_deploy/flavor").with_value('keystone') - is_expected.to contain_glance_registry_config('keystone_authtoken/memcached_servers').with_value(param_hash[:memcached_servers]) - is_expected.to contain_glance_registry_config("keystone_authtoken/admin_tenant_name").with_value(param_hash[:keystone_tenant]) - is_expected.to contain_glance_registry_config("keystone_authtoken/admin_user").with_value(param_hash[:keystone_user]) - is_expected.to contain_glance_registry_config("keystone_authtoken/admin_password").with_value(param_hash[:keystone_password]) - is_expected.to contain_glance_registry_config("keystone_authtoken/admin_password").with_value(param_hash[:keystone_password]).with_secret(true) - is_expected.to contain_glance_registry_config("keystone_authtoken/token_cache_time").with_value(param_hash[:token_cache_time]) - is_expected.to contain_glance_registry_config("keystone_authtoken/signing_dir").with_value(param_hash[:signing_dir]) - end - end - it 'is_expected.to lay down default glance_store registry config' do - [ - 'os_region_name', - ].each do |config| - is_expected.to contain_glance_registry_config("glance_store/#{config}").with_value(param_hash[config.intern]) - end - end - end - end - - describe 'with disabled service managing' do - let :params do - { - :keystone_password => 'ChangeMe', - :manage_service => false, - :enabled => false, - } - end - - it { is_expected.to contain_service('glance-registry').with( - 'ensure' => nil, - 'enable' => false, - 'hasstatus' => true, - 'hasrestart' => true, - 'require' => 'Class[Glance]', - 'tag' => 'glance-service', - )} - end - - describe 'with overridden pipeline' do - # At the time of writing there was only blank and keystone as options - # but there is no reason that there can't be more options in the future. - let :params do - { - :keystone_password => 'ChangeMe', - :pipeline => 'validoptionstring', - } - end - - it { is_expected.to contain_glance_registry_config('paste_deploy/flavor').with_value('validoptionstring') } - end - - describe 'with blank pipeline' do - let :params do - { - :keystone_password => 'ChangeMe', - :pipeline => '', - } - end - - it { is_expected.to contain_glance_registry_config('paste_deploy/flavor').with_ensure('absent') } - end - - [ - 'keystone/', - 'keystone+', - '+keystone', - 'keystone+cachemanagement+', - '+' - ].each do |pipeline| - describe "with pipeline incorrect value #{pipeline}" do - let :params do - { - :keystone_password => 'ChangeMe', - :auth_type => 'keystone', - :pipeline => pipeline - } - end - - it { expect { is_expected.to contain_glance_registry_config('filter:paste_deploy/flavor') }.to\ - raise_error(Puppet::Error, /validate_re\(\): .* does not match/) } - end - end - - describe 'with ssl options' do - let :params do - default_params.merge({ - :ca_file => '/tmp/ca_file', - :cert_file => '/tmp/cert_file', - :key_file => '/tmp/key_file' - }) - end - - context 'with ssl options' do - it { is_expected.to contain_glance_registry_config('DEFAULT/ca_file').with_value('/tmp/ca_file') } - it { is_expected.to contain_glance_registry_config('DEFAULT/cert_file').with_value('/tmp/cert_file') } - it { is_expected.to contain_glance_registry_config('DEFAULT/key_file').with_value('/tmp/key_file') } - end - end - end - - shared_examples_for 'glance::registry Debian' do - # We only test this on Debian platforms, since on RedHat there isn't a - # separate package for glance registry. - ['present', 'latest'].each do |package_ensure| - context "with package_ensure '#{package_ensure}'" do - let(:params) { default_params.merge({ :package_ensure => package_ensure }) } - it { is_expected.to contain_package('glance-registry').with( - :ensure => package_ensure, - :tag => ['openstack', 'glance-package'] - )} - end - end - end - - shared_examples_for 'glance::registry RedHat' do - let(:params) { default_params } - - it { is_expected.to contain_package('openstack-glance') } - end - - on_supported_os({ - :supported_os => OSDefaults.get_supported_os - }).each do |os,facts| - context "on #{os}" do - let (:facts) do - facts.merge!(OSDefaults.get_facts()) - end - - it_configures 'glance::registry' - it_configures "glance::registry #{facts[:osfamily]}" - end - end - - describe 'on unknown platforms' do - let :facts do - { :osfamily => 'unknown' } - end - let(:params) { default_params } - - it_raises 'a Puppet::Error', /module glance only support osfamily RedHat and Debian/ - end - -end diff --git a/glance/spec/classes/glance_spec.rb b/glance/spec/classes/glance_spec.rb deleted file mode 100644 index c23d39b9e..000000000 --- a/glance/spec/classes/glance_spec.rb +++ /dev/null @@ -1,46 +0,0 @@ -require 'spec_helper' - -describe 'glance' do - - let :default_params do - {} - end - - shared_examples_for 'glance' do - describe "when using default class parameters" do - let(:params) { default_params } - - it { is_expected.to contain_package('python-openstackclient').with( - :tag => 'openstack' - )} - - end - end - - shared_examples_for 'glance Debian' do - let(:params) { default_params } - - it { is_expected.to_not contain_package('glance') } - end - - shared_examples_for 'glance RedHat' do - let(:params) { default_params } - - it { is_expected.to contain_package('openstack-glance').with( - :tag => ['openstack', 'glance-package'], - )} - end - - on_supported_os({ - :supported_os => OSDefaults.get_supported_os - }).each do |os,facts| - context "on #{os}" do - let (:facts) do - facts.merge!(OSDefaults.get_facts()) - end - - it_configures 'glance' - it_configures "glance #{facts[:osfamily]}" - end - end -end diff --git a/glance/spec/shared_examples.rb b/glance/spec/shared_examples.rb deleted file mode 100644 index fec0eacc9..000000000 --- a/glance/spec/shared_examples.rb +++ /dev/null @@ -1,5 +0,0 @@ -shared_examples_for "a Puppet::Error" do |description| - it "with message matching #{description.inspect}" do - expect { is_expected.to have_class_count(1) }.to raise_error(Puppet::Error, description) - end -end diff --git a/glance/spec/spec.opts b/glance/spec/spec.opts deleted file mode 100644 index 91cd6427e..000000000 --- a/glance/spec/spec.opts +++ /dev/null @@ -1,6 +0,0 @@ ---format -s ---colour ---loadby -mtime ---backtrace diff --git a/glance/spec/spec_helper.rb b/glance/spec/spec_helper.rb deleted file mode 100644 index be3811cf2..000000000 --- a/glance/spec/spec_helper.rb +++ /dev/null @@ -1,18 +0,0 @@ -require 'puppetlabs_spec_helper/module_spec_helper' -require 'shared_examples' - -require 'puppet-openstack_spec_helper/defaults' -require 'rspec-puppet-facts' -include RspecPuppetFacts - -RSpec.configure do |c| - c.alias_it_should_behave_like_to :it_configures, 'configures' - c.alias_it_should_behave_like_to :it_raises, 'raises' - # TODO(aschultz): remove this after all tests converted to use OSDefaults - # instead of referencing @default_facts - c.before :each do - @default_facts = OSDefaults.get_facts - end -end - -at_exit { RSpec::Puppet::Coverage.report! } diff --git a/glance/spec/spec_helper_acceptance.rb b/glance/spec/spec_helper_acceptance.rb deleted file mode 100644 index 9196bc99b..000000000 --- a/glance/spec/spec_helper_acceptance.rb +++ /dev/null @@ -1 +0,0 @@ -require 'puppet-openstack_spec_helper/beaker_spec_helper' diff --git a/glance/spec/unit/provider/glance_api_config/ini_setting_spec.rb b/glance/spec/unit/provider/glance_api_config/ini_setting_spec.rb deleted file mode 100644 index 14c97ee65..000000000 --- a/glance/spec/unit/provider/glance_api_config/ini_setting_spec.rb +++ /dev/null @@ -1,71 +0,0 @@ -$LOAD_PATH.push( - File.join( - File.dirname(__FILE__), - '..', - '..', - '..', - 'fixtures', - 'modules', - 'inifile', - 'lib') -) -$LOAD_PATH.push( - File.join( - File.dirname(__FILE__), - '..', - '..', - '..', - 'fixtures', - 'modules', - 'openstacklib', - 'lib') -) - -require 'spec_helper' - -provider_class = Puppet::Type.type(:glance_api_config).provider(:ini_setting) - -describe provider_class do - - it 'should default to the default setting when no other one is specified' do - resource = Puppet::Type::Glance_api_config.new( - { - :name => 'DEFAULT/foo', - :value => 'bar' - } - ) - provider = provider_class.new(resource) - expect(provider.section).to eq('DEFAULT') - expect(provider.setting).to eq('foo') - end - - it 'should allow setting to be set explicitly' do - resource = Puppet::Type::Glance_api_config.new( - { - :name => 'dude/foo', - :value => 'bar' - } - ) - provider = provider_class.new(resource) - expect(provider.section).to eq('dude') - expect(provider.setting).to eq('foo') - end - - it 'should ensure absent when is specified as a value' do - resource = Puppet::Type::Glance_api_config.new( - {:name => 'dude/foo', :value => ''} - ) - provider = provider_class.new(resource) - provider.exists? - expect(resource[:ensure]).to eq :absent - end - - it 'should ensure absent when value matches ensure_absent_val' do - resource = Puppet::Type::Glance_api_config.new( - {:name => 'dude/foo', :value => 'foo', :ensure_absent_val => 'foo' } - ) - provider = provider_class.new(resource) - provider.exists? - expect(resource[:ensure]).to eq :absent - end -end diff --git a/glance/spec/unit/provider/glance_api_paste_ini/ini_setting_spec.rb b/glance/spec/unit/provider/glance_api_paste_ini/ini_setting_spec.rb deleted file mode 100644 index c39bc2032..000000000 --- a/glance/spec/unit/provider/glance_api_paste_ini/ini_setting_spec.rb +++ /dev/null @@ -1,63 +0,0 @@ -$LOAD_PATH.push( - File.join( - File.dirname(__FILE__), - '..', - '..', - '..', - 'fixtures', - 'modules', - 'inifile', - 'lib') -) -$LOAD_PATH.push( - File.join( - File.dirname(__FILE__), - '..', - '..', - '..', - 'fixtures', - 'modules', - 'openstacklib', - 'lib') -) -require 'spec_helper' -provider_class = Puppet::Type.type(:glance_api_paste_ini).provider(:ini_setting) -describe provider_class do - - it 'should default to the default setting when no other one is specified' do - resource = Puppet::Type::Glance_api_paste_ini.new( - {:name => 'DEFAULT/foo', :value => 'bar'} - ) - provider = provider_class.new(resource) - expect(provider.section).to eq('DEFAULT') - expect(provider.setting).to eq('foo') - end - - it 'should allow setting to be set explicitly' do - resource = Puppet::Type::Glance_api_paste_ini.new( - {:name => 'dude/whoa', :value => 'bar'} - ) - provider = provider_class.new(resource) - expect(provider.section).to eq('dude') - expect(provider.setting).to eq('whoa') - end - - it 'should ensure absent when is specified as a value' do - resource = Puppet::Type::Glance_api_paste_ini.new( - {:name => 'dude/foo', :value => ''} - ) - provider = provider_class.new(resource) - provider.exists? - expect(resource[:ensure]).to eq :absent - end - - it 'should ensure absent when value matches ensure_absent_val' do - resource = Puppet::Type::Glance_api_paste_ini.new( - {:name => 'dude/foo', :value => 'foo', :ensure_absent_val => 'foo' } - ) - provider = provider_class.new(resource) - provider.exists? - expect(resource[:ensure]).to eq :absent - end - -end \ No newline at end of file diff --git a/glance/spec/unit/provider/glance_cache_config/ini_setting_spec.rb b/glance/spec/unit/provider/glance_cache_config/ini_setting_spec.rb deleted file mode 100644 index 6fcfd7c02..000000000 --- a/glance/spec/unit/provider/glance_cache_config/ini_setting_spec.rb +++ /dev/null @@ -1,72 +0,0 @@ -$LOAD_PATH.push( - File.join( - File.dirname(__FILE__), - '..', - '..', - '..', - 'fixtures', - 'modules', - 'inifile', - 'lib') -) -$LOAD_PATH.push( - File.join( - File.dirname(__FILE__), - '..', - '..', - '..', - 'fixtures', - 'modules', - 'openstacklib', - 'lib') -) - -require 'spec_helper' - -provider_class = Puppet::Type.type(:glance_cache_config).provider(:ini_setting) - -describe provider_class do - - it 'should default to the default setting when no other one is specified' do - resource = Puppet::Type::Glance_cache_config.new( - { - :name => 'DEFAULT/foo', - :value => 'bar' - } - ) - provider = provider_class.new(resource) - expect(provider.section).to eq('DEFAULT') - expect(provider.setting).to eq('foo') - end - - it 'should allow setting to be set explicitly' do - resource = Puppet::Type::Glance_cache_config.new( - { - :name => 'dude/foo', - :value => 'bar' - } - ) - provider = provider_class.new(resource) - expect(provider.section).to eq('dude') - expect(provider.setting).to eq('foo') - end - - it 'should ensure absent when is specified as a value' do - resource = Puppet::Type::Glance_cache_config.new( - {:name => 'dude/foo', :value => ''} - ) - provider = provider_class.new(resource) - provider.exists? - expect(resource[:ensure]).to eq :absent - end - - it 'should ensure absent when value matches ensure_absent_val' do - resource = Puppet::Type::Glance_cache_config.new( - {:name => 'dude/foo', :value => 'foo', :ensure_absent_val => 'foo' } - ) - provider = provider_class.new(resource) - provider.exists? - expect(resource[:ensure]).to eq :absent - end - -end diff --git a/glance/spec/unit/provider/glance_glare_config/ini_setting_spec.rb b/glance/spec/unit/provider/glance_glare_config/ini_setting_spec.rb deleted file mode 100644 index 78ef6f0a9..000000000 --- a/glance/spec/unit/provider/glance_glare_config/ini_setting_spec.rb +++ /dev/null @@ -1,71 +0,0 @@ -$LOAD_PATH.push( - File.join( - File.dirname(__FILE__), - '..', - '..', - '..', - 'fixtures', - 'modules', - 'inifile', - 'lib') -) -$LOAD_PATH.push( - File.join( - File.dirname(__FILE__), - '..', - '..', - '..', - 'fixtures', - 'modules', - 'openstacklib', - 'lib') -) - -require 'spec_helper' - -provider_class = Puppet::Type.type(:glance_glare_config).provider(:ini_setting) - -describe provider_class do - - it 'should default to the default setting when no other one is specified' do - resource = Puppet::Type::Glance_glare_config.new( - { - :name => 'DEFAULT/foo', - :value => 'bar' - } - ) - provider = provider_class.new(resource) - expect(provider.section).to eq('DEFAULT') - expect(provider.setting).to eq('foo') - end - - it 'should allow setting to be set explicitly' do - resource = Puppet::Type::Glance_glare_config.new( - { - :name => 'dude/foo', - :value => 'bar' - } - ) - provider = provider_class.new(resource) - expect(provider.section).to eq('dude') - expect(provider.setting).to eq('foo') - end - - it 'should ensure absent when is specified as a value' do - resource = Puppet::Type::Glance_glare_config.new( - {:name => 'dude/foo', :value => ''} - ) - provider = provider_class.new(resource) - provider.exists? - expect(resource[:ensure]).to eq :absent - end - - it 'should ensure absent when value matches ensure_absent_val' do - resource = Puppet::Type::Glance_glare_config.new( - {:name => 'dude/foo', :value => 'foo', :ensure_absent_val => 'foo' } - ) - provider = provider_class.new(resource) - provider.exists? - expect(resource[:ensure]).to eq :absent - end -end diff --git a/glance/spec/unit/provider/glance_glare_paste_ini/ini_setting_spec.rb b/glance/spec/unit/provider/glance_glare_paste_ini/ini_setting_spec.rb deleted file mode 100644 index f817a01ea..000000000 --- a/glance/spec/unit/provider/glance_glare_paste_ini/ini_setting_spec.rb +++ /dev/null @@ -1,63 +0,0 @@ -$LOAD_PATH.push( - File.join( - File.dirname(__FILE__), - '..', - '..', - '..', - 'fixtures', - 'modules', - 'inifile', - 'lib') -) -$LOAD_PATH.push( - File.join( - File.dirname(__FILE__), - '..', - '..', - '..', - 'fixtures', - 'modules', - 'openstacklib', - 'lib') -) -require 'spec_helper' -provider_class = Puppet::Type.type(:glance_glare_paste_ini).provider(:ini_setting) -describe provider_class do - - it 'should default to the default setting when no other one is specified' do - resource = Puppet::Type::Glance_glare_paste_ini.new( - {:name => 'DEFAULT/foo', :value => 'bar'} - ) - provider = provider_class.new(resource) - expect(provider.section).to eq('DEFAULT') - expect(provider.setting).to eq('foo') - end - - it 'should allow setting to be set explicitly' do - resource = Puppet::Type::Glance_glare_paste_ini.new( - {:name => 'dude/whoa', :value => 'bar'} - ) - provider = provider_class.new(resource) - expect(provider.section).to eq('dude') - expect(provider.setting).to eq('whoa') - end - - it 'should ensure absent when is specified as a value' do - resource = Puppet::Type::Glance_glare_paste_ini.new( - {:name => 'dude/foo', :value => ''} - ) - provider = provider_class.new(resource) - provider.exists? - expect(resource[:ensure]).to eq :absent - end - - it 'should ensure absent when value matches ensure_absent_val' do - resource = Puppet::Type::Glance_glare_paste_ini.new( - {:name => 'dude/foo', :value => 'foo', :ensure_absent_val => 'foo' } - ) - provider = provider_class.new(resource) - provider.exists? - expect(resource[:ensure]).to eq :absent - end - -end diff --git a/glance/spec/unit/provider/glance_image_spec.rb b/glance/spec/unit/provider/glance_image_spec.rb deleted file mode 100644 index a14c3426e..000000000 --- a/glance/spec/unit/provider/glance_image_spec.rb +++ /dev/null @@ -1,292 +0,0 @@ -require 'puppet' -require 'spec_helper' -require 'puppet/provider/glance_image/openstack' - -provider_class = Puppet::Type.type(:glance_image).provider(:openstack) - -describe provider_class do - - shared_examples 'authenticated with environment variables' do - ENV['OS_USERNAME'] = 'test' - ENV['OS_PASSWORD'] = 'abc123' - ENV['OS_PROJECT_NAME'] = 'test' - ENV['OS_AUTH_URL'] = 'http://127.0.0.1:35357/v2.0' - end - - describe 'when managing an image' do - - let(:tenant_attrs) do - { - :ensure => 'present', - :name => 'image1', - :is_public => 'yes', - :container_format => 'bare', - :disk_format => 'qcow2', - :source => 'http://example.com/image1.img', - :min_ram => 1024, - :min_disk => 1024, - } - end - - let(:resource) do - Puppet::Type::Glance_image.new(tenant_attrs) - end - - let(:provider) do - provider_class.new(resource) - end - - it_behaves_like 'authenticated with environment variables' do - describe '#create' do - it 'creates an image' do - provider.class.stubs(:openstack) - .with('image', 'create', '--format', 'shell', ['image1', '--public', '--container-format=bare', '--disk-format=qcow2', '--min-disk=1024', '--min-ram=1024', '--copy-from=http://example.com/image1.img' ]) - .returns('checksum="ee1eca47dc88f4879d8a229cc70a07c6" -container_format="bare" -created_at="2016-03-29T20:52:24Z" -disk_format="qcow2" -file="/v2/images/8801c5b0-c505-4a15-8ca3-1d2383f8c015/file" -id="8801c5b0-c505-4a15-8ca3-1d2383f8c015" -min_disk="1024" -min_ram="1024" -name="image1" -owner="5a9e521e17014804ab8b4e8b3de488a4" -protected="False" -schema="/v2/schemas/image" -size="13287936" -status="active" -tags="" -updated_at="2016-03-29T20:52:40Z" -virtual_size="None" -visibility="public" -') - provider.create - expect(provider.exists?).to be_truthy - end - end - end - - describe '#destroy' do - it 'destroys an image' do - provider.class.stubs(:openstack) - .with('image', 'delete', 'image1') - provider.destroy - expect(provider.exists?).to be_falsey - end - - end - - describe '.instances' do - it 'finds every image' do - provider.class.stubs(:openstack) - .with('image', 'list', '--quiet', '--format', 'csv', '--long') - .returns('"ID","Name","Disk Format","Container Format","Size","Status" -"5345b502-efe4-4852-a45d-edaba3a3acc6","image1","raw","bare",1270,"active" -') - provider.class.stubs(:openstack) - .with('image', 'show', '--format', 'shell', '5345b502-efe4-4852-a45d-edaba3a3acc6') - .returns('checksum="09b9c392dc1f6e914cea287cb6be34b0" -container_format="bare" -created_at="2015-04-08T18:28:01" -deleted="False" -deleted_at="None" -disk_format="qcow2" -id="5345b502-efe4-4852-a45d-edaba3a3acc6" -is_public="True" -min_disk="1024" -min_ram="1024" -name="image1" -owner="None" -properties="{}" -protected="False" -size="1270" -status="active" -updated_at="2015-04-10T18:18:18" -virtual_size="None" -') - instances = provider_class.instances - expect(instances.count).to eq(1) - end - end - - end - - describe 'when managing an image with properties' do - - let(:tenant_attrs) do - { - :ensure => 'present', - :name => 'image1', - :is_public => 'yes', - :container_format => 'bare', - :disk_format => 'qcow2', - :source => '/var/tmp/image1.img', - :min_ram => 1024, - :min_disk => 1024, - :properties => { 'something' => 'what', 'vmware_disktype' => 'sparse' } - } - end - - let(:resource) do - Puppet::Type::Glance_image.new(tenant_attrs) - end - - let(:provider) do - provider_class.new(resource) - end - - it_behaves_like 'authenticated with environment variables' do - describe '#create' do - it 'creates an image' do - provider.class.stubs(:openstack) - .with('image', 'create', '--format', 'shell', ['image1', '--public', '--container-format=bare', '--disk-format=qcow2', '--min-disk=1024', '--min-ram=1024', ['--property', 'something=what', '--property', 'vmware_disktype=sparse'], '--file=/var/tmp/image1.img' ]) - .returns('checksum="ee1eca47dc88f4879d8a229cc70a07c6" -container_format="bare" -created_at="2016-03-29T20:52:24Z" -disk_format="qcow2" -file="/v2/images/8801c5b0-c505-4a15-8ca3-1d2383f8c015/file" -id="8801c5b0-c505-4a15-8ca3-1d2383f8c015" -min_disk="1024" -min_ram="1024" -name="image1" -owner="5a9e521e17014804ab8b4e8b3de488a4" -properties="something=\'what\', vmware_disktype=\'sparse\'" -protected="False" -schema="/v2/schemas/image" -size="13287936" -status="active" -tags="" -updated_at="2016-03-29T20:52:40Z" -virtual_size="None" -visibility="public" -') - provider.create - expect(provider.exists?).to be_truthy - end - end - end - - describe '.instances' do - it 'finds every image' do - provider.class.stubs(:openstack) - .with('image', 'list', '--quiet', '--format', 'csv', '--long') - .returns('"ID","Name","Disk Format","Container Format","Size","Status" -"5345b502-efe4-4852-a45d-edaba3a3acc6","image1","raw","bare",1270,"active" -') - provider.class.stubs(:openstack) - .with('image', 'show', '--format', 'shell', '5345b502-efe4-4852-a45d-edaba3a3acc6') - .returns('checksum="09b9c392dc1f6e914cea287cb6be34b0" -container_format="bare" -created_at="2015-04-08T18:28:01" -deleted="False" -deleted_at="None" -disk_format="qcow2" -id="5345b502-efe4-4852-a45d-edaba3a3acc6" -is_public="True" -min_disk="1024" -min_ram="1024" -name="image1" -owner="None" -properties="something=\'what\', vmware_disktype=\'sparse\'" -protected="False" -size="1270" -status="active" -updated_at="2015-04-10T18:18:18" -virtual_size="None" -') - instances = provider_class.instances - expect(instances.count).to eq(1) - end - end - - end - - describe 'when creating an image with id' do - - let(:tenant_attrs) do - { - :ensure => 'present', - :name => 'image1', - :is_public => 'yes', - :container_format => 'bare', - :disk_format => 'qcow2', - :source => '/var/tmp/image1.img', - :id => '2b4be0b8-aec0-43af-a404-33c3335a0b3f' - } - end - - let(:resource) do - Puppet::Type::Glance_image.new(tenant_attrs) - end - - let(:provider) do - provider_class.new(resource) - end - - it_behaves_like 'authenticated with environment variables' do - describe '#create' do - it 'creates an image' do - provider.class.stubs(:openstack) - .with('image', 'create', '--format', 'shell', ['image1', '--public', '--container-format=bare', '--disk-format=qcow2', '--id=2b4be0b8-aec0-43af-a404-33c3335a0b3f', '--file=/var/tmp/image1.img' ]) - .returns('checksum="ee1eca47dc88f4879d8a229cc70a07c6" -container_format="bare" -created_at="2016-03-29T20:52:24Z" -disk_format="qcow2" -file="/v2/images/2b4be0b8-aec0-43af-a404-33c3335a0b3f/file" -id="2b4be0b8-aec0-43af-a404-33c3335a0b3f" -min_disk="0" -min_ram="0" -name="image1" -owner="5a9e521e17014804ab8b4e8b3de488a4" -properties="{}" -protected="False" -schema="/v2/schemas/image" -size="13287936" -status="active" -tags="" -updated_at="2016-03-29T20:52:40Z" -virtual_size="None" -visibility="public" -') - provider.create - expect(provider.exists?).to be_truthy - end - end - end - - describe '.instances' do - it 'finds every image' do - provider.class.stubs(:openstack) - .with('image', 'list', '--quiet', '--format', 'csv', '--long') - .returns('"ID","Name","Disk Format","Container Format","Size","Status" -"2b4be0b8-aec0-43af-a404-33c3335a0b3f","image1","raw","bare",1270,"active" -') - provider.class.stubs(:openstack) - .with('image', 'show', '--format', 'shell', '2b4be0b8-aec0-43af-a404-33c3335a0b3f') - .returns('checksum="09b9c392dc1f6e914cea287cb6be34b0" -container_format="bare" -created_at="2015-04-08T18:28:01" -deleted="False" -deleted_at="None" -disk_format="qcow2" -id="2b4be0b8-aec0-43af-a404-33c3335a0b3f" -min_disk="0" -min_ram="0" -is_public="True" -name="image1" -owner="None" -properties="{}" -protected="False" -size="1270" -status="active" -updated_at="2015-04-10T18:18:18" -virtual_size="None" -') - instances = provider_class.instances - expect(instances.count).to eq(1) - end - end - - end - -end diff --git a/glance/spec/unit/provider/glance_registry_config/ini_setting_spec.rb b/glance/spec/unit/provider/glance_registry_config/ini_setting_spec.rb deleted file mode 100644 index a05e0f2a4..000000000 --- a/glance/spec/unit/provider/glance_registry_config/ini_setting_spec.rb +++ /dev/null @@ -1,72 +0,0 @@ -$LOAD_PATH.push( - File.join( - File.dirname(__FILE__), - '..', - '..', - '..', - 'fixtures', - 'modules', - 'inifile', - 'lib') -) -$LOAD_PATH.push( - File.join( - File.dirname(__FILE__), - '..', - '..', - '..', - 'fixtures', - 'modules', - 'openstacklib', - 'lib') -) - -require 'spec_helper' - -provider_class = Puppet::Type.type(:glance_registry_config).provider(:ini_setting) - -describe provider_class do - - it 'should default to the default setting when no other one is specified' do - resource = Puppet::Type::Glance_registry_config.new( - { - :name => 'DEFAULT/foo', - :value => 'bar' - } - ) - provider = provider_class.new(resource) - expect(provider.section).to eq('DEFAULT') - expect(provider.setting).to eq('foo') - end - - it 'should allow setting to be set explicitly' do - resource = Puppet::Type::Glance_registry_config.new( - { - :name => 'dude/foo', - :value => 'bar' - } - ) - provider = provider_class.new(resource) - expect(provider.section).to eq('dude') - expect(provider.setting).to eq('foo') - end - - it 'should ensure absent when is specified as a value' do - resource = Puppet::Type::Glance_registry_config.new( - {:name => 'dude/foo', :value => ''} - ) - provider = provider_class.new(resource) - provider.exists? - expect(resource[:ensure]).to eq :absent - end - - it 'should ensure absent when value matches ensure_absent_val' do - resource = Puppet::Type::Glance_registry_config.new( - {:name => 'dude/foo', :value => 'foo', :ensure_absent_val => 'foo' } - ) - provider = provider_class.new(resource) - provider.exists? - expect(resource[:ensure]).to eq :absent - end - -end diff --git a/glance/spec/unit/provider/glance_registry_paste_ini/ini_setting_spec.rb b/glance/spec/unit/provider/glance_registry_paste_ini/ini_setting_spec.rb deleted file mode 100644 index 670f67379..000000000 --- a/glance/spec/unit/provider/glance_registry_paste_ini/ini_setting_spec.rb +++ /dev/null @@ -1,63 +0,0 @@ -$LOAD_PATH.push( - File.join( - File.dirname(__FILE__), - '..', - '..', - '..', - 'fixtures', - 'modules', - 'inifile', - 'lib') -) -$LOAD_PATH.push( - File.join( - File.dirname(__FILE__), - '..', - '..', - '..', - 'fixtures', - 'modules', - 'openstacklib', - 'lib') -) -require 'spec_helper' -provider_class = Puppet::Type.type(:glance_registry_paste_ini).provider(:ini_setting) -describe provider_class do - - it 'should default to the default setting when no other one is specified' do - resource = Puppet::Type::Glance_registry_paste_ini.new( - {:name => 'DEFAULT/foo', :value => 'bar'} - ) - provider = provider_class.new(resource) - expect(provider.section).to eq('DEFAULT') - expect(provider.setting).to eq('foo') - end - - it 'should allow setting to be set explicitly' do - resource = Puppet::Type::Glance_registry_paste_ini.new( - {:name => 'dude/whoa', :value => 'bar'} - ) - provider = provider_class.new(resource) - expect(provider.section).to eq('dude') - expect(provider.setting).to eq('whoa') - end - - it 'should ensure absent when is specified as a value' do - resource = Puppet::Type::Glance_registry_paste_ini.new( - {:name => 'dude/foo', :value => ''} - ) - provider = provider_class.new(resource) - provider.exists? - expect(resource[:ensure]).to eq :absent - end - - it 'should ensure absent when value matches ensure_absent_val' do - resource = Puppet::Type::Glance_registry_paste_ini.new( - {:name => 'dude/foo', :value => 'foo', :ensure_absent_val => 'foo' } - ) - provider = provider_class.new(resource) - provider.exists? - expect(resource[:ensure]).to eq :absent - end - -end \ No newline at end of file diff --git a/glance/spec/unit/provider/glance_spec.rb b/glance/spec/unit/provider/glance_spec.rb deleted file mode 100644 index 33ea965ee..000000000 --- a/glance/spec/unit/provider/glance_spec.rb +++ /dev/null @@ -1,37 +0,0 @@ -require 'puppet' -require 'spec_helper' -require 'puppet/provider/glance' -require 'tempfile' - - -klass = Puppet::Provider::Glance - -class Puppet::Provider::Glance - def self.reset - @admin_endpoint = nil - @tenant_hash = nil - @admin_token = nil - @keystone_file = nil - end -end - -describe Puppet::Provider::Glance do - - after :each do - klass.reset - end - - describe 'when retrieving the auth credentials' do - - it 'should fail if no auth params are passed and the glance config file does not have the expected contents' do - mock = {} - Puppet::Util::IniConfig::File.expects(:new).returns(mock) - mock.expects(:read).with('/etc/glance/glance-api.conf') - expect do - klass.glance_credentials - end.to raise_error(Puppet::Error, /does not contain all required sections/) - end - - end - -end diff --git a/glance/spec/unit/provider/glance_swift_config/ini_setting_spec.rb b/glance/spec/unit/provider/glance_swift_config/ini_setting_spec.rb deleted file mode 100644 index 90cd0cebf..000000000 --- a/glance/spec/unit/provider/glance_swift_config/ini_setting_spec.rb +++ /dev/null @@ -1,60 +0,0 @@ -$LOAD_PATH.push( - File.join( - File.dirname(__FILE__), - '..', - '..', - '..', - 'fixtures', - 'modules', - 'openstacklib', - 'lib') -) - -require 'spec_helper' - -provider_class = Puppet::Type.type(:glance_swift_config).provider(:ini_setting) - -describe provider_class do - - it 'should default to the default setting when no other one is specified' do - resource = Puppet::Type::Glance_swift_config.new( - { - :name => 'DEFAULT/foo', - :value => 'bar' - } - ) - provider = provider_class.new(resource) - expect(provider.section).to eq('DEFAULT') - expect(provider.setting).to eq('foo') - end - - it 'should allow setting to be set explicitly' do - resource = Puppet::Type::Glance_swift_config.new( - { - :name => 'dude/foo', - :value => 'bar' - } - ) - provider = provider_class.new(resource) - expect(provider.section).to eq('dude') - expect(provider.setting).to eq('foo') - end - - it 'should ensure absent when is specified as a value' do - resource = Puppet::Type::Glance_swift_config.new( - {:name => 'dude/foo', :value => ''} - ) - provider = provider_class.new(resource) - provider.exists? - expect(resource[:ensure]).to eq :absent - end - - it 'should ensure absent when value matches ensure_absent_val' do - resource = Puppet::Type::Glance_swift_config.new( - {:name => 'dude/foo', :value => 'foo', :ensure_absent_val => 'foo' } - ) - provider = provider_class.new(resource) - provider.exists? - expect(resource[:ensure]).to eq :absent - end -end diff --git a/glance/spec/unit/type/glance_api_config_spec.rb b/glance/spec/unit/type/glance_api_config_spec.rb deleted file mode 100644 index 187247579..000000000 --- a/glance/spec/unit/type/glance_api_config_spec.rb +++ /dev/null @@ -1,41 +0,0 @@ -require 'puppet' -require 'puppet/type/glance_api_config' - -describe 'Puppet::Type.type(:glance_api_config)' do - before :each do - Puppet::Type.rmtype(:glance_api_config) - Facter.fact(:osfamily).stubs(:value).returns(platform_params[:osfamily]) - @glance_api_config = Puppet::Type.type(:glance_api_config).new(:name => 'DEFAULT/foo', :value => 'bar') - end - - shared_examples_for 'glance_api_config' do - it 'should autorequire the package that install the file' do - catalog = Puppet::Resource::Catalog.new - package = Puppet::Type.type(:package).new(:name => platform_params[:package_name]) - catalog.add_resource package, @glance_api_config - dependency = @glance_api_config.autorequire - expect(dependency.size).to eq(1) - expect(dependency[0].target).to eq(@glance_api_config) - expect(dependency[0].source).to eq(package) - end - end - - context 'on Debian platforms' do - let :platform_params do - { :package_name => 'glance-api', - :osfamily => 'Debian' } - end - - it_behaves_like 'glance_api_config' - end - - context 'on RedHat platforms' do - let :platform_params do - { :package_name => 'openstack-glance', - :osfamily => 'RedHat'} - end - - it_behaves_like 'glance_api_config' - end - -end diff --git a/glance/spec/unit/type/glance_api_paste_ini_spec.rb b/glance/spec/unit/type/glance_api_paste_ini_spec.rb deleted file mode 100644 index fc8140c5c..000000000 --- a/glance/spec/unit/type/glance_api_paste_ini_spec.rb +++ /dev/null @@ -1,87 +0,0 @@ -require 'puppet' -require 'puppet/type/glance_api_paste_ini' - -describe 'Puppet::Type.type(:glance_api_paste_ini)' do - before :each do - Puppet::Type.rmtype(:glance_api_paste_ini) - Facter.fact(:osfamily).stubs(:value).returns(platform_params[:osfamily]) - @glance_api_paste_ini = Puppet::Type.type(:glance_api_paste_ini).new(:name => 'DEFAULT/foo', :value => 'bar') - end - - shared_examples_for 'glance_api_paste_ini' do - - it 'should require a name' do - expect { - Puppet::Type.type(:glance_api_paste_ini).new({}) - }.to raise_error(Puppet::Error, 'Title or name must be provided') - end - - it 'should not expect a name with whitespace' do - expect { - Puppet::Type.type(:glance_api_paste_ini).new(:name => 'f oo') - }.to raise_error(Puppet::Error, /Parameter name failed/) - end - - it 'should fail when there is no section' do - expect { - Puppet::Type.type(:glance_api_paste_ini).new(:name => 'foo') - }.to raise_error(Puppet::Error, /Parameter name failed/) - end - - it 'should not require a value when ensure is absent' do - Puppet::Type.type(:glance_api_paste_ini).new(:name => 'DEFAULT/foo', :ensure => :absent) - end - - it 'should accept a valid value' do - @glance_api_paste_ini[:value] = 'bar' - expect(@glance_api_paste_ini[:value]).to eq('bar') - end - - it 'should not accept a value with whitespace' do - @glance_api_paste_ini[:value] = 'b ar' - expect(@glance_api_paste_ini[:value]).to eq('b ar') - end - - it 'should accept valid ensure values' do - @glance_api_paste_ini[:ensure] = :present - expect(@glance_api_paste_ini[:ensure]).to eq(:present) - @glance_api_paste_ini[:ensure] = :absent - expect(@glance_api_paste_ini[:ensure]).to eq(:absent) - end - - it 'should not accept invalid ensure values' do - expect { - @glance_api_paste_ini[:ensure] = :latest - }.to raise_error(Puppet::Error, /Invalid value/) - end - - it 'should autorequire the package that install the file' do - catalog = Puppet::Resource::Catalog.new - package = Puppet::Type.type(:package).new(:name => platform_params[:package_name]) - catalog.add_resource package, @glance_api_paste_ini - dependency = @glance_api_paste_ini.autorequire - expect(dependency.size).to eq(1) - expect(dependency[0].target).to eq(@glance_api_paste_ini) - expect(dependency[0].source).to eq(package) - end - end - - context 'on Debian platforms' do - let :platform_params do - { :package_name => 'glance-api', - :osfamily => 'Debian' } - end - - it_behaves_like 'glance_api_paste_ini' - end - - context 'on RedHat platforms' do - let :platform_params do - { :package_name => 'openstack-glance', - :osfamily => 'RedHat'} - end - - it_behaves_like 'glance_api_paste_ini' - end - -end diff --git a/glance/spec/unit/type/glance_cache_config_spec.rb b/glance/spec/unit/type/glance_cache_config_spec.rb deleted file mode 100644 index 49df8378c..000000000 --- a/glance/spec/unit/type/glance_cache_config_spec.rb +++ /dev/null @@ -1,41 +0,0 @@ -require 'puppet' -require 'puppet/type/glance_cache_config' - -describe 'Puppet::Type.type(:glance_cache_config)' do - before :each do - Puppet::Type.rmtype(:glance_cache_config) - Facter.fact(:osfamily).stubs(:value).returns(platform_params[:osfamily]) - @glance_cache_config = Puppet::Type.type(:glance_cache_config).new(:name => 'DEFAULT/foo', :value => 'bar') - end - - shared_examples_for 'glance_cache_config' do - it 'should autorequire the package that install the file' do - catalog = Puppet::Resource::Catalog.new - package = Puppet::Type.type(:package).new(:name => platform_params[:package_name]) - catalog.add_resource package, @glance_cache_config - dependency = @glance_cache_config.autorequire - expect(dependency.size).to eq(1) - expect(dependency[0].target).to eq(@glance_cache_config) - expect(dependency[0].source).to eq(package) - end - end - - context 'on Debian platforms' do - let :platform_params do - { :package_name => 'glance-api', - :osfamily => 'Debian' } - end - - it_behaves_like 'glance_cache_config' - end - - context 'on RedHat platforms' do - let :platform_params do - { :package_name => 'openstack-glance', - :osfamily => 'RedHat'} - end - - it_behaves_like 'glance_cache_config' - end - -end diff --git a/glance/spec/unit/type/glance_glare_config_spec.rb b/glance/spec/unit/type/glance_glare_config_spec.rb deleted file mode 100644 index 157e1b40f..000000000 --- a/glance/spec/unit/type/glance_glare_config_spec.rb +++ /dev/null @@ -1,41 +0,0 @@ -require 'puppet' -require 'puppet/type/glance_glare_config' - -describe 'Puppet::Type.type(:glance_glare_config)' do - before :each do - Puppet::Type.rmtype(:glance_glare_config) - Facter.fact(:osfamily).stubs(:value).returns(platform_params[:osfamily]) - @glance_glare_config = Puppet::Type.type(:glance_glare_config).new(:name => 'DEFAULT/foo', :value => 'bar') - end - - shared_examples_for 'glance_glare_config' do - it 'should autorequire the package that install the file' do - catalog = Puppet::Resource::Catalog.new - package = Puppet::Type.type(:package).new(:name => platform_params[:package_name]) - catalog.add_resource package, @glance_glare_config - dependency = @glance_glare_config.autorequire - expect(dependency.size).to eq(1) - expect(dependency[0].target).to eq(@glance_glare_config) - expect(dependency[0].source).to eq(package) - end - end - - context 'on Debian platforms' do - let :platform_params do - { :package_name => 'glance-glare', - :osfamily => 'Debian' } - end - - it_behaves_like 'glance_glare_config' - end - - context 'on RedHat platforms' do - let :platform_params do - { :package_name => 'openstack-glance', - :osfamily => 'RedHat'} - end - - it_behaves_like 'glance_glare_config' - end - -end diff --git a/glance/spec/unit/type/glance_glare_paste_ini_spec.rb b/glance/spec/unit/type/glance_glare_paste_ini_spec.rb deleted file mode 100644 index c24448c51..000000000 --- a/glance/spec/unit/type/glance_glare_paste_ini_spec.rb +++ /dev/null @@ -1,87 +0,0 @@ -require 'puppet' -require 'puppet/type/glance_glare_paste_ini' - -describe 'Puppet::Type.type(:glance_glare_paste_ini)' do - before :each do - Puppet::Type.rmtype(:glance_glare_paste_ini) - Facter.fact(:osfamily).stubs(:value).returns(platform_params[:osfamily]) - @glance_glare_paste_ini = Puppet::Type.type(:glance_glare_paste_ini).new(:name => 'DEFAULT/foo', :value => 'bar') - end - - shared_examples_for 'glance_glare_paste_ini' do - - it 'should require a name' do - expect { - Puppet::Type.type(:glance_glare_paste_ini).new({}) - }.to raise_error(Puppet::Error, 'Title or name must be provided') - end - - it 'should not expect a name with whitespace' do - expect { - Puppet::Type.type(:glance_glare_paste_ini).new(:name => 'f oo') - }.to raise_error(Puppet::Error, /Parameter name failed/) - end - - it 'should fail when there is no section' do - expect { - Puppet::Type.type(:glance_glare_paste_ini).new(:name => 'foo') - }.to raise_error(Puppet::Error, /Parameter name failed/) - end - - it 'should not require a value when ensure is absent' do - Puppet::Type.type(:glance_glare_paste_ini).new(:name => 'DEFAULT/foo', :ensure => :absent) - end - - it 'should accept a valid value' do - @glance_glare_paste_ini[:value] = 'bar' - expect(@glance_glare_paste_ini[:value]).to eq('bar') - end - - it 'should not accept a value with whitespace' do - @glance_glare_paste_ini[:value] = 'b ar' - expect(@glance_glare_paste_ini[:value]).to eq('b ar') - end - - it 'should accept valid ensure values' do - @glance_glare_paste_ini[:ensure] = :present - expect(@glance_glare_paste_ini[:ensure]).to eq(:present) - @glance_glare_paste_ini[:ensure] = :absent - expect(@glance_glare_paste_ini[:ensure]).to eq(:absent) - end - - it 'should not accept invalid ensure values' do - expect { - @glance_glare_paste_ini[:ensure] = :latest - }.to raise_error(Puppet::Error, /Invalid value/) - end - - it 'should autorequire the package that install the file' do - catalog = Puppet::Resource::Catalog.new - package = Puppet::Type.type(:package).new(:name => platform_params[:package_name]) - catalog.add_resource package, @glance_glare_paste_ini - dependency = @glance_glare_paste_ini.autorequire - expect(dependency.size).to eq(1) - expect(dependency[0].target).to eq(@glance_glare_paste_ini) - expect(dependency[0].source).to eq(package) - end - end - - context 'on Debian platforms' do - let :platform_params do - { :package_name => 'glance-glare', - :osfamily => 'Debian' } - end - - it_behaves_like 'glance_glare_paste_ini' - end - - context 'on RedHat platforms' do - let :platform_params do - { :package_name => 'openstack-glance', - :osfamily => 'RedHat'} - end - - it_behaves_like 'glance_glare_paste_ini' - end - -end diff --git a/glance/spec/unit/type/glance_registry_config_spec.rb b/glance/spec/unit/type/glance_registry_config_spec.rb deleted file mode 100644 index 60615734d..000000000 --- a/glance/spec/unit/type/glance_registry_config_spec.rb +++ /dev/null @@ -1,41 +0,0 @@ -require 'puppet' -require 'puppet/type/glance_registry_config' - -describe 'Puppet::Type.type(:glance_registry_config)' do - before :each do - Puppet::Type.rmtype(:glance_registry_config) - Facter.fact(:osfamily).stubs(:value).returns(platform_params[:osfamily]) - @glance_registry_config = Puppet::Type.type(:glance_registry_config).new(:name => 'DEFAULT/foo', :value => 'bar') - end - - shared_examples_for 'glance_registry_config' do - it 'should autorequire the package that install the file' do - catalog = Puppet::Resource::Catalog.new - package = Puppet::Type.type(:package).new(:name => platform_params[:package_name]) - catalog.add_resource package, @glance_registry_config - dependency = @glance_registry_config.autorequire - expect(dependency.size).to eq(1) - expect(dependency[0].target).to eq(@glance_registry_config) - expect(dependency[0].source).to eq(package) - end - end - - context 'on Debian platforms' do - let :platform_params do - { :package_name => 'glance-registry', - :osfamily => 'Debian' } - end - - it_behaves_like 'glance_registry_config' - end - - context 'on RedHat platforms' do - let :platform_params do - { :package_name => 'openstack-glance', - :osfamily => 'RedHat'} - end - - it_behaves_like 'glance_registry_config' - end - -end diff --git a/glance/spec/unit/type/glance_registry_paste_ini_spec.rb b/glance/spec/unit/type/glance_registry_paste_ini_spec.rb deleted file mode 100644 index fef669ba3..000000000 --- a/glance/spec/unit/type/glance_registry_paste_ini_spec.rb +++ /dev/null @@ -1,87 +0,0 @@ -require 'puppet' -require 'puppet/type/glance_registry_paste_ini' - -describe 'Puppet::Type.type(:glance_registry_paste_ini)' do - before :each do - Puppet::Type.rmtype(:glance_registry_paste_ini) - Facter.fact(:osfamily).stubs(:value).returns(platform_params[:osfamily]) - @glance_registry_paste_ini = Puppet::Type.type(:glance_registry_paste_ini).new(:name => 'DEFAULT/foo', :value => 'bar') - end - - shared_examples_for 'glance_registry_paste_ini' do - - it 'should require a name' do - expect { - Puppet::Type.type(:glance_registry_paste_ini).new({}) - }.to raise_error(Puppet::Error, 'Title or name must be provided') - end - - it 'should not expect a name with whitespace' do - expect { - Puppet::Type.type(:glance_registry_paste_ini).new(:name => 'f oo') - }.to raise_error(Puppet::Error, /Parameter name failed/) - end - - it 'should fail when there is no section' do - expect { - Puppet::Type.type(:glance_registry_paste_ini).new(:name => 'foo') - }.to raise_error(Puppet::Error, /Parameter name failed/) - end - - it 'should not require a value when ensure is absent' do - Puppet::Type.type(:glance_registry_paste_ini).new(:name => 'DEFAULT/foo', :ensure => :absent) - end - - it 'should accept a valid value' do - @glance_registry_paste_ini[:value] = 'bar' - expect(@glance_registry_paste_ini[:value]).to eq('bar') - end - - it 'should not accept a value with whitespace' do - @glance_registry_paste_ini[:value] = 'b ar' - expect(@glance_registry_paste_ini[:value]).to eq('b ar') - end - - it 'should accept valid ensure values' do - @glance_registry_paste_ini[:ensure] = :present - expect(@glance_registry_paste_ini[:ensure]).to eq(:present) - @glance_registry_paste_ini[:ensure] = :absent - expect(@glance_registry_paste_ini[:ensure]).to eq(:absent) - end - - it 'should not accept invalid ensure values' do - expect { - @glance_registry_paste_ini[:ensure] = :latest - }.to raise_error(Puppet::Error, /Invalid value/) - end - - it 'should autorequire the package that install the file' do - catalog = Puppet::Resource::Catalog.new - package = Puppet::Type.type(:package).new(:name => platform_params[:package_name]) - catalog.add_resource package, @glance_registry_paste_ini - dependency = @glance_registry_paste_ini.autorequire - expect(dependency.size).to eq(1) - expect(dependency[0].target).to eq(@glance_registry_paste_ini) - expect(dependency[0].source).to eq(package) - end - end - - context 'on Debian platforms' do - let :platform_params do - { :package_name => 'glance-registry', - :osfamily => 'Debian' } - end - - it_behaves_like 'glance_registry_paste_ini' - end - - context 'on RedHat platforms' do - let :platform_params do - { :package_name => 'openstack-glance', - :osfamily => 'RedHat'} - end - - it_behaves_like 'glance_registry_paste_ini' - end - -end diff --git a/glance/spec/unit/type/glance_swift_config_spec.rb b/glance/spec/unit/type/glance_swift_config_spec.rb deleted file mode 100644 index f72b89666..000000000 --- a/glance/spec/unit/type/glance_swift_config_spec.rb +++ /dev/null @@ -1,41 +0,0 @@ -require 'puppet' -require 'puppet/type/glance_swift_config' - -describe 'Puppet::Type.type(:glance_swift_config)' do - before :each do - Puppet::Type.rmtype(:glance_swift_config) - Facter.fact(:osfamily).stubs(:value).returns(platform_params[:osfamily]) - @glance_swift_config = Puppet::Type.type(:glance_swift_config).new(:name => 'DEFAULT/foo', :value => 'bar') - end - - shared_examples_for 'glance_swift_config' do - it 'should autorequire the package that install the file' do - catalog = Puppet::Resource::Catalog.new - package = Puppet::Type.type(:package).new(:name => platform_params[:package_name]) - catalog.add_resource package, @glance_swift_config - dependency = @glance_swift_config.autorequire - expect(dependency.size).to eq(1) - expect(dependency[0].target).to eq(@glance_swift_config) - expect(dependency[0].source).to eq(package) - end - end - - context 'on Debian platforms' do - let :platform_params do - { :package_name => 'glance-api', - :osfamily => 'Debian' } - end - - it_behaves_like 'glance_swift_config' - end - - context 'on RedHat platforms' do - let :platform_params do - { :package_name => 'openstack-glance', - :osfamily => 'RedHat'} - end - - it_behaves_like 'glance_swift_config' - end - -end diff --git a/glance/test-requirements.txt b/glance/test-requirements.txt deleted file mode 100644 index bedd66690..000000000 --- a/glance/test-requirements.txt +++ /dev/null @@ -1,4 +0,0 @@ -# this is required for the docs build jobs -sphinx!=1.2.0,!=1.3b1,<1.3,>=1.1.2 -oslosphinx>=2.5.0 # Apache-2.0 -reno>=0.1.1 # Apache-2.0 diff --git a/glance/tests/api.pp b/glance/tests/api.pp deleted file mode 100644 index eba470074..000000000 --- a/glance/tests/api.pp +++ /dev/null @@ -1,4 +0,0 @@ -class { '::glance::api': - debug => true, - verbose => true, -} diff --git a/glance/tests/init.pp b/glance/tests/init.pp deleted file mode 100644 index 776103ddc..000000000 --- a/glance/tests/init.pp +++ /dev/null @@ -1 +0,0 @@ -class { '::glance': } diff --git a/glance/tests/registry.pp b/glance/tests/registry.pp deleted file mode 100644 index 52a2d1cee..000000000 --- a/glance/tests/registry.pp +++ /dev/null @@ -1,4 +0,0 @@ -class { '::glance::registry': - debug => true, - verbose => true, -} diff --git a/glance/tests/site.pp b/glance/tests/site.pp deleted file mode 100644 index 7c3edb746..000000000 --- a/glance/tests/site.pp +++ /dev/null @@ -1,57 +0,0 @@ - -# uses the keystone packages -# to ensure that we use the latest precise packages -Exec { logoutput => 'on_failure' } - -node glance_keystone_mysql { - class { '::mysql::server': } - class { '::keystone': - verbose => true, - debug => true, - catalog_type => 'sql', - admin_token => 'admin_token', - } - class { '::keystone::db::mysql': - password => 'keystone', - } - class { '::keystone::roles::admin': - email => 'test@puppetlabs.com', - password => 'ChangeMe', - } - class { '::glance::api': - verbose => true, - debug => true, - auth_type => 'keystone', - keystone_tenant => 'services', - keystone_user => 'glance', - keystone_password => 'glance_password', - database_connection => 'mysql://glance:glance@127.0.0.1/glance', - } - class { '::glance::backend::file': } - - class { '::glance::db::mysql': - password => 'glance', - dbname => 'glance', - user => 'glance', - host => '127.0.0.1', - # allowed_hosts = undef, - # $cluster_id = 'localzone' - } - - class { '::glance::registry': - verbose => true, - debug => true, - auth_type => 'keystone', - keystone_tenant => 'services', - keystone_user => 'glance', - keystone_password => 'glance_password', - database_connection => 'mysql://glance:glance@127.0.0.1/glance', - } - class { '::glance::keystone::auth': - password => 'glance_pass', - } -} - -node default { - fail("could not find a matching node entry for ${clientcert}") -} diff --git a/glance/tox.ini b/glance/tox.ini deleted file mode 100644 index aea06c84f..000000000 --- a/glance/tox.ini +++ /dev/null @@ -1,8 +0,0 @@ -[tox] -minversion = 1.6 -skipsdist = True -envlist = releasenotes - -[testenv:releasenotes] -deps = -rtest-requirements.txt -commands = sphinx-build -a -E -W -d releasenotes/build/doctrees -b html releasenotes/source releasenotes/build/html diff --git a/gnocchi/.gitignore b/gnocchi/.gitignore deleted file mode 100644 index 61092bdaf..000000000 --- a/gnocchi/.gitignore +++ /dev/null @@ -1,15 +0,0 @@ -pkg/ -Gemfile.lock -vendor/ -spec/fixtures/ -.vagrant/ -.bundle/ -coverage/ -.idea/ -*.swp -*.iml -openstack/ - -# Files created by releasenotes build -releasenotes/build -.tox diff --git a/gnocchi/.gitreview b/gnocchi/.gitreview deleted file mode 100644 index 975930ab7..000000000 --- a/gnocchi/.gitreview +++ /dev/null @@ -1,5 +0,0 @@ -[gerrit] -host=review.openstack.org -port=29418 -project=openstack/puppet-gnocchi.git -defaultbranch=stable/mitaka diff --git a/gnocchi/CHANGELOG.md b/gnocchi/CHANGELOG.md deleted file mode 100644 index e5477cca6..000000000 --- a/gnocchi/CHANGELOG.md +++ /dev/null @@ -1,9 +0,0 @@ -## 8.0.0 and beyond - -From 8.0.0 release and beyond, release notes are published on -[docs.openstack.org](http://docs.openstack.org/releasenotes/puppet-gnocchi/). - -##2015-11-25 - 7.0.0 -###Summary - -- Initial release of the puppet-gnocchi module diff --git a/gnocchi/Gemfile b/gnocchi/Gemfile deleted file mode 100644 index 5728ff7e7..000000000 --- a/gnocchi/Gemfile +++ /dev/null @@ -1,22 +0,0 @@ -source ENV['GEM_SOURCE'] || "https://rubygems.org" - -group :development, :test, :system_tests do - gem 'puppet-openstack_spec_helper', - :git => 'https://git.openstack.org/openstack/puppet-openstack_spec_helper', - :branch => 'stable/mitaka', - :require => false -end - -if facterversion = ENV['FACTER_GEM_VERSION'] - gem 'facter', facterversion, :require => false -else - gem 'facter', :require => false -end - -if puppetversion = ENV['PUPPET_GEM_VERSION'] - gem 'puppet', puppetversion, :require => false -else - gem 'puppet', :require => false -end - -# vim:ft=ruby diff --git a/gnocchi/LICENSE b/gnocchi/LICENSE deleted file mode 100644 index 68c771a09..000000000 --- a/gnocchi/LICENSE +++ /dev/null @@ -1,176 +0,0 @@ - - Apache License - Version 2.0, January 2004 - http://www.apache.org/licenses/ - - TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION - - 1. Definitions. - - "License" shall mean the terms and conditions for use, reproduction, - and distribution as defined by Sections 1 through 9 of this document. - - "Licensor" shall mean the copyright owner or entity authorized by - the copyright owner that is granting the License. - - "Legal Entity" shall mean the union of the acting entity and all - other entities that control, are controlled by, or are under common - control with that entity. For the purposes of this definition, - "control" means (i) the power, direct or indirect, to cause the - direction or management of such entity, whether by contract or - otherwise, or (ii) ownership of fifty percent (50%) or more of the - outstanding shares, or (iii) beneficial ownership of such entity. - - "You" (or "Your") shall mean an individual or Legal Entity - exercising permissions granted by this License. - - "Source" form shall mean the preferred form for making modifications, - including but not limited to software source code, documentation - source, and configuration files. - - "Object" form shall mean any form resulting from mechanical - transformation or translation of a Source form, including but - not limited to compiled object code, generated documentation, - and conversions to other media types. - - "Work" shall mean the work of authorship, whether in Source or - Object form, made available under the License, as indicated by a - copyright notice that is included in or attached to the work - (an example is provided in the Appendix below). - - "Derivative Works" shall mean any work, whether in Source or Object - form, that is based on (or derived from) the Work and for which the - editorial revisions, annotations, elaborations, or other modifications - represent, as a whole, an original work of authorship. For the purposes - of this License, Derivative Works shall not include works that remain - separable from, or merely link (or bind by name) to the interfaces of, - the Work and Derivative Works thereof. - - "Contribution" shall mean any work of authorship, including - the original version of the Work and any modifications or additions - to that Work or Derivative Works thereof, that is intentionally - submitted to Licensor for inclusion in the Work by the copyright owner - or by an individual or Legal Entity authorized to submit on behalf of - the copyright owner. For the purposes of this definition, "submitted" - means any form of electronic, verbal, or written communication sent - to the Licensor or its representatives, including but not limited to - communication on electronic mailing lists, source code control systems, - and issue tracking systems that are managed by, or on behalf of, the - Licensor for the purpose of discussing and improving the Work, but - excluding communication that is conspicuously marked or otherwise - designated in writing by the copyright owner as "Not a Contribution." - - "Contributor" shall mean Licensor and any individual or Legal Entity - on behalf of whom a Contribution has been received by Licensor and - subsequently incorporated within the Work. - - 2. Grant of Copyright License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - copyright license to reproduce, prepare Derivative Works of, - publicly display, publicly perform, sublicense, and distribute the - Work and such Derivative Works in Source or Object form. - - 3. Grant of Patent License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - (except as stated in this section) patent license to make, have made, - use, offer to sell, sell, import, and otherwise transfer the Work, - where such license applies only to those patent claims licensable - by such Contributor that are necessarily infringed by their - Contribution(s) alone or by combination of their Contribution(s) - with the Work to which such Contribution(s) was submitted. If You - institute patent litigation against any entity (including a - cross-claim or counterclaim in a lawsuit) alleging that the Work - or a Contribution incorporated within the Work constitutes direct - or contributory patent infringement, then any patent licenses - granted to You under this License for that Work shall terminate - as of the date such litigation is filed. - - 4. Redistribution. You may reproduce and distribute copies of the - Work or Derivative Works thereof in any medium, with or without - modifications, and in Source or Object form, provided that You - meet the following conditions: - - (a) You must give any other recipients of the Work or - Derivative Works a copy of this License; and - - (b) You must cause any modified files to carry prominent notices - stating that You changed the files; and - - (c) You must retain, in the Source form of any Derivative Works - that You distribute, all copyright, patent, trademark, and - attribution notices from the Source form of the Work, - excluding those notices that do not pertain to any part of - the Derivative Works; and - - (d) If the Work includes a "NOTICE" text file as part of its - distribution, then any Derivative Works that You distribute must - include a readable copy of the attribution notices contained - within such NOTICE file, excluding those notices that do not - pertain to any part of the Derivative Works, in at least one - of the following places: within a NOTICE text file distributed - as part of the Derivative Works; within the Source form or - documentation, if provided along with the Derivative Works; or, - within a display generated by the Derivative Works, if and - wherever such third-party notices normally appear. The contents - of the NOTICE file are for informational purposes only and - do not modify the License. You may add Your own attribution - notices within Derivative Works that You distribute, alongside - or as an addendum to the NOTICE text from the Work, provided - that such additional attribution notices cannot be construed - as modifying the License. - - You may add Your own copyright statement to Your modifications and - may provide additional or different license terms and conditions - for use, reproduction, or distribution of Your modifications, or - for any such Derivative Works as a whole, provided Your use, - reproduction, and distribution of the Work otherwise complies with - the conditions stated in this License. - - 5. Submission of Contributions. Unless You explicitly state otherwise, - any Contribution intentionally submitted for inclusion in the Work - by You to the Licensor shall be under the terms and conditions of - this License, without any additional terms or conditions. - Notwithstanding the above, nothing herein shall supersede or modify - the terms of any separate license agreement you may have executed - with Licensor regarding such Contributions. - - 6. Trademarks. This License does not grant permission to use the trade - names, trademarks, service marks, or product names of the Licensor, - except as required for reasonable and customary use in describing the - origin of the Work and reproducing the content of the NOTICE file. - - 7. Disclaimer of Warranty. Unless required by applicable law or - agreed to in writing, Licensor provides the Work (and each - Contributor provides its Contributions) on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or - implied, including, without limitation, any warranties or conditions - of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A - PARTICULAR PURPOSE. You are solely responsible for determining the - appropriateness of using or redistributing the Work and assume any - risks associated with Your exercise of permissions under this License. - - 8. Limitation of Liability. In no event and under no legal theory, - whether in tort (including negligence), contract, or otherwise, - unless required by applicable law (such as deliberate and grossly - negligent acts) or agreed to in writing, shall any Contributor be - liable to You for damages, including any direct, indirect, special, - incidental, or consequential damages of any character arising as a - result of this License or out of the use or inability to use the - Work (including but not limited to damages for loss of goodwill, - work stoppage, computer failure or malfunction, or any and all - other commercial damages or losses), even if such Contributor - has been advised of the possibility of such damages. - - 9. Accepting Warranty or Additional Liability. While redistributing - the Work or Derivative Works thereof, You may choose to offer, - and charge a fee for, acceptance of support, warranty, indemnity, - or other liability obligations and/or rights consistent with this - License. However, in accepting such obligations, You may act only - on Your own behalf and on Your sole responsibility, not on behalf - of any other Contributor, and only if You agree to indemnify, - defend, and hold each Contributor harmless for any liability - incurred by, or claims asserted against, such Contributor by reason - of your accepting any such warranty or additional liability. - diff --git a/gnocchi/README.md b/gnocchi/README.md deleted file mode 100644 index 752210b09..000000000 --- a/gnocchi/README.md +++ /dev/null @@ -1,84 +0,0 @@ -puppet-gnocchi -============== - -#### Table of Contents - -1. [Overview - What is the gnocchi module?](#overview) -2. [Module Description - What does the module do?](#module-description) -3. [Setup - The basics of getting started with gnocchi](#setup) -4. [Implementation - An under-the-hood peek at what the module is doing](#implementation) -5. [Limitations - OS compatibility, etc.](#limitations) -6. [Development - Guide for contributing to the module](#development) -7. [Contributors - Those with commits](#contributors) - -Overview --------- - -The gnocchi module is a part of [OpenStack](https://github.com/openstack), an effort by the OpenStack infrastructure team to provide continuous integration testing and code review for OpenStack and OpenStack community projects as part of the core software. The module itself is used to flexibly configure and manage the management service for OpenStack. - -Module Description ------------------- - -Setup ------ - -**What the gnocchi module affects:** - -* [Gnocchi](http://docs.openstack.org/developer/gnocchi/), the HTTP API to store metrics and index resources for OpenStack - (OpenStack Datapoint Service). - -### Installing gnocchi - - puppet module install openstack/gnocchi - -Implementation --------------- - -### gnocchi - -gnocchi is a combination of Puppet manifest and ruby code to delivery configuration and extra functionality through types and providers. - -### Types - -#### gnocchi_config - -The `gnocchi_config` provider is a children of the ini_setting provider. It allows one to write an entry in the `/etc/gnocchi/gnocchi.conf` file. - -```puppet -gnocchi_config { 'DEFAULT/verbose' : - value => true, -} -``` - -This will write `verbose=true` in the `[DEFAULT]` section. - -##### name - -Section/setting name to manage from `gnocchi.conf` - -##### value - -The value of the setting to be defined. - -##### secret - -Whether to hide the value from Puppet logs. Defaults to `false`. - -##### ensure_absent_val - -If value is equal to ensure_absent_val then the resource will behave as if `ensure => absent` was specified. Defaults to `` - -Limitations ------------ - -Development ------------ - -Developer documentation for the entire puppet-openstack project. - -* https://wiki.openstack.org/wiki/Puppet-openstack#Developer_documentation - -Contributors ------------- - -The github [contributor graph](https://github.com/openstack/puppet-gnocchi/graphs/contributors). diff --git a/gnocchi/Rakefile b/gnocchi/Rakefile deleted file mode 100644 index 168d10814..000000000 --- a/gnocchi/Rakefile +++ /dev/null @@ -1 +0,0 @@ -require 'puppet-openstack_spec_helper/rake_tasks' diff --git a/gnocchi/examples/site.pp b/gnocchi/examples/site.pp deleted file mode 100644 index 35eb63c06..000000000 --- a/gnocchi/examples/site.pp +++ /dev/null @@ -1,29 +0,0 @@ -# This is an example of site.pp to deploy Gnocchi - -class { '::gnocchi::keystone::auth': - admin_url => 'http://10.0.0.1:8041', - internal_url => 'http://10.0.0.1:8041', - public_url => 'http://10.0.0.1:8041', - password => 'verysecrete', - region => 'OpenStack' -} - -class { '::gnocchi': - database_connection => 'mysql://gnocchi:secrete@10.0.0.1/gnocchi?charset=utf8', -} - -class { '::gnocchi::api': - bind_host => '10.0.0.1', - identity_uri => 'https://identity.openstack.org:35357', - keystone_password => 'verysecrete' -} - -class { '::gnocchi::statsd': - resource_id => '07f26121-5777-48ba-8a0b-d70468133dd9', - user_id => 'f81e9b1f-9505-4298-bc33-43dfbd9a973b', - project_id => '203ef419-e73f-4b8a-a73f-3d599a72b18d', - archive_policy_name => 'high', - flush_delay => '100', -} - -include ::gnocchi::client diff --git a/gnocchi/lib/puppet/provider/gnocchi.rb b/gnocchi/lib/puppet/provider/gnocchi.rb deleted file mode 100644 index f96982b1d..000000000 --- a/gnocchi/lib/puppet/provider/gnocchi.rb +++ /dev/null @@ -1,113 +0,0 @@ -require 'json' -require 'puppet/util/inifile' - -class Puppet::Provider::Gnocchi < Puppet::Provider - - def self.conf_filename - '/etc/gnocchi/gnocchi.conf' - end - - def self.withenv(hash, &block) - saved = ENV.to_hash - hash.each do |name, val| - ENV[name.to_s] = val - end - - yield - ensure - ENV.clear - saved.each do |name, val| - ENV[name] = val - end - end - - def self.gnocchi_credentials - @gnocchi_credentials ||= get_gnocchi_credentials - end - - def self.get_gnocchi_credentials - auth_keys = ['auth_host', 'auth_port', 'auth_protocol', - 'admin_tenant_name', 'admin_user', 'admin_password'] - conf = gnocchi_conf - if conf and conf['keystone_authtoken'] and - auth_keys.all?{|k| !conf['keystone_authtoken'][k].nil?} - return Hash[ auth_keys.map \ - { |k| [k, conf['keystone_authtoken'][k].strip] } ] - else - raise(Puppet::Error, "File: #{conf_filename} does not contain all \ -required sections. Gnocchi types will not work if gnocchi is not \ -correctly configured.") - end - end - - def gnocchi_credentials - self.class.gnocchi_credentials - end - - def self.auth_endpoint - @auth_endpoint ||= get_auth_endpoint - end - - def self.get_auth_endpoint - q = gnocchi_credentials - "#{q['auth_protocol']}://#{q['auth_host']}:#{q['auth_port']}/v2.0/" - end - - def self.gnocchi_conf - return @gnocchi_conf if @gnocchi_conf - @gnocchi_conf = Puppet::Util::IniConfig::File.new - @gnocchi_conf.read(conf_filename) - @gnocchi_conf - end - - def self.auth_gnocchi(*args) - q = gnocchi_credentials - authenv = { - :OS_AUTH_URL => self.auth_endpoint, - :OS_USERNAME => q['admin_user'], - :OS_TENANT_NAME => q['admin_tenant_name'], - :OS_PASSWORD => q['admin_password'] - } - begin - withenv authenv do - gnocchi(args) - end - rescue Exception => e - if (e.message =~ /\[Errno 111\] Connection refused/) or - (e.message =~ /\(HTTP 400\)/) - sleep 10 - withenv authenv do - gnocchi(args) - end - else - raise(e) - end - end - end - - def auth_gnocchi(*args) - self.class.auth_gnocchi(args) - end - - def gnocchi_manage(*args) - cmd = args.join(" ") - output = `#{cmd}` - $?.exitstatus - end - - def self.reset - @gnocchi_conf = nil - @gnocchi_credentials = nil - end - - def self.list_gnocchi_resources(type, *args) - json = auth_gnocchi("--json", "#{type}-list", *args) - return JSON.parse(json) - end - - def self.get_gnocchi_resource_attrs(type, id) - json = auth_gnocchi("--json", "#{type}-show", id) - return JSON.parse(json) - end - -end diff --git a/gnocchi/lib/puppet/provider/gnocchi_api_paste_ini/ini_setting.rb b/gnocchi/lib/puppet/provider/gnocchi_api_paste_ini/ini_setting.rb deleted file mode 100644 index 5e125c5e2..000000000 --- a/gnocchi/lib/puppet/provider/gnocchi_api_paste_ini/ini_setting.rb +++ /dev/null @@ -1,27 +0,0 @@ -Puppet::Type.type(:gnocchi_api_paste_ini).provide( - :ini_setting, - :parent => Puppet::Type.type(:ini_setting).provider(:ruby) -) do - - def section - resource[:name].split('/', 2).first - end - - def setting - resource[:name].split('/', 2).last - end - - def separator - '=' - end - - def self.file_path - '/etc/gnocchi/api-paste.ini' - end - - # added for backwards compatibility with older versions of inifile - def file_path - self.class.file_path - end - -end diff --git a/gnocchi/lib/puppet/provider/gnocchi_config/ini_setting.rb b/gnocchi/lib/puppet/provider/gnocchi_config/ini_setting.rb deleted file mode 100644 index e4f5888aa..000000000 --- a/gnocchi/lib/puppet/provider/gnocchi_config/ini_setting.rb +++ /dev/null @@ -1,10 +0,0 @@ -Puppet::Type.type(:gnocchi_config).provide( - :ini_setting, - :parent => Puppet::Type.type(:openstack_config).provider(:ini_setting) -) do - - def self.file_path - '/etc/gnocchi/gnocchi.conf' - end - -end diff --git a/gnocchi/lib/puppet/type/gnocchi_api_paste_ini.rb b/gnocchi/lib/puppet/type/gnocchi_api_paste_ini.rb deleted file mode 100644 index 2c8eb446e..000000000 --- a/gnocchi/lib/puppet/type/gnocchi_api_paste_ini.rb +++ /dev/null @@ -1,52 +0,0 @@ -Puppet::Type.newtype(:gnocchi_api_paste_ini) do - - ensurable - - newparam(:name, :namevar => true) do - desc 'Section/setting name to manage from /etc/gnocchi/api-paste.ini' - newvalues(/\S+\/\S+/) - end - - newproperty(:value) do - desc 'The value of the setting to be defined.' - munge do |value| - value = value.to_s.strip - value.capitalize! if value =~ /^(true|false)$/i - value - end - - def is_to_s( currentvalue ) - if resource.secret? - return '[old secret redacted]' - else - return currentvalue - end - end - - def should_to_s( newvalue ) - if resource.secret? - return '[new secret redacted]' - else - return newvalue - end - end - end - - newparam(:secret, :boolean => true) do - desc 'Whether to hide the value from Puppet logs. Defaults to `false`.' - - newvalues(:true, :false) - - defaultto false - end - - newparam(:ensure_absent_val) do - desc 'A value that is specified as the value property will behave as if ensure => absent was specified' - defaultto('') - end - - autorequire(:package) do - 'gnocchi' - end - -end diff --git a/gnocchi/lib/puppet/type/gnocchi_config.rb b/gnocchi/lib/puppet/type/gnocchi_config.rb deleted file mode 100644 index 7c32cf25c..000000000 --- a/gnocchi/lib/puppet/type/gnocchi_config.rb +++ /dev/null @@ -1,53 +0,0 @@ -Puppet::Type.newtype(:gnocchi_config) do - - ensurable - - newparam(:name, :namevar => true) do - desc 'Section/setting name to manage from /etc/gnocchi/gnocchi.conf' - newvalues(/\S+\/\S+/) - end - - newproperty(:value) do - desc 'The value of the setting to be defined.' - munge do |value| - value = value.to_s.strip - value.capitalize! if value =~ /^(true|false)$/i - value - end - newvalues(/^[\S ]*$/) - - def is_to_s( currentvalue ) - if resource.secret? - return '[old secret redacted]' - else - return currentvalue - end - end - - def should_to_s( newvalue ) - if resource.secret? - return '[new secret redacted]' - else - return newvalue - end - end - end - - newparam(:secret, :boolean => true) do - desc 'Whether to hide the value from Puppet logs. Defaults to `false`.' - - newvalues(:true, :false) - - defaultto false - end - - newparam(:ensure_absent_val) do - desc 'A value that is specified as the value property will behave as if ensure => absent was specified' - defaultto('') - end - - autorequire(:package) do - 'gnocchi-api' - end - -end diff --git a/gnocchi/manifests/api.pp b/gnocchi/manifests/api.pp deleted file mode 100644 index 0d981013d..000000000 --- a/gnocchi/manifests/api.pp +++ /dev/null @@ -1,155 +0,0 @@ -# Installs & configure the gnocchi api service -# -# == Parameters -# -# [*enabled*] -# (optional) Should the service be enabled. -# Defaults to true -# -# [*manage_service*] -# (optional) Whether the service should be managed by Puppet. -# Defaults to true. -# -# [*keystone_user*] -# (optional) The name of the auth user -# Defaults to gnocchi -# -# [*keystone_tenant*] -# (optional) Tenant to authenticate with. -# Defaults to 'services'. -# -# [*keystone_password*] -# Password to authenticate with. -# Mandatory. -# -# [*keystone_auth_uri*] -# (optional) Public Identity API endpoint. -# Defaults to 'false'. -# -# [*keystone_identity_uri*] -# (optional) Complete admin Identity API endpoint. -# Defaults to: false -# -# [*host*] -# (optional) The gnocchi api bind address. -# Defaults to 0.0.0.0 -# -# [*port*] -# (optional) The gnocchi api port. -# Defaults to 8041 -# -# [*workers*] -# (optional) Number of workers for Gnocchi API server. -# Defaults to $::processorcount -# -# [*max_limit*] -# (optional) The maximum number of items returned in a -# single response from a collection resource. -# Defaults to 1000 -# -# [*package_ensure*] -# (optional) ensure state for package. -# Defaults to 'present' -# -# [*service_name*] -# (optional) Name of the service that will be providing the -# server functionality of gnocchi-api. -# If the value is 'httpd', this means gnocchi-api will be a web -# service, and you must use another class to configure that -# web service. For example, use class { 'gnocchi::wsgi::apache'...} -# to make gnocchi-api be a web app using apache mod_wsgi. -# Defaults to '$::gnocchi::params::api_service_name' -# -class gnocchi::api ( - $manage_service = true, - $enabled = true, - $package_ensure = 'present', - $keystone_user = 'gnocchi', - $keystone_tenant = 'services', - $keystone_password = false, - $keystone_auth_uri = false, - $keystone_identity_uri = false, - $host = '0.0.0.0', - $port = '8041', - $workers = $::processorcount, - $max_limit = 1000, - $service_name = $::gnocchi::params::api_service_name, -) inherits gnocchi::params { - - include ::gnocchi::policy - - validate_string($keystone_password) - - Gnocchi_config<||> ~> Service[$service_name] - Gnocchi_api_paste_ini<||> ~> Service[$service_name] - Class['gnocchi::policy'] ~> Service[$service_name] - - Package['gnocchi-api'] -> Service[$service_name] - Package['gnocchi-api'] -> Service['gnocchi-api'] - Package['gnocchi-api'] -> Class['gnocchi::policy'] - package { 'gnocchi-api': - ensure => $package_ensure, - name => $::gnocchi::params::api_package_name, - tag => ['openstack', 'gnocchi-package'], - } - - if $manage_service { - if $enabled { - $service_ensure = 'running' - } else { - $service_ensure = 'stopped' - } - } - - if $service_name == $::gnocchi::params::api_service_name { - service { 'gnocchi-api': - ensure => $service_ensure, - name => $::gnocchi::params::api_service_name, - enable => $enabled, - hasstatus => true, - hasrestart => true, - require => Class['gnocchi::db'], - tag => ['gnocchi-service', 'gnocchi-db-sync-service'], - } - } elsif $service_name == 'httpd' { - include ::apache::params - service { 'gnocchi-api': - ensure => 'stopped', - name => $::gnocchi::params::api_service_name, - enable => false, - tag => ['gnocchi-service', 'gnocchi-db-sync-service'], - } - Class['gnocchi::db'] -> Service[$service_name] - Service <<| title == 'httpd' |>> { tag +> 'gnocchi-db-sync-service' } - - # we need to make sure gnocchi-api/eventlet is stopped before trying to start apache - Service['gnocchi-api'] -> Service[$service_name] - } else { - fail('Invalid service_name. Either gnocchi/openstack-gnocchi-api for running as a standalone service, or httpd for being run by a httpd server') - } - - gnocchi_config { - 'keystone_authtoken/auth_uri' : value => $keystone_auth_uri; - 'keystone_authtoken/admin_tenant_name' : value => $keystone_tenant; - 'keystone_authtoken/admin_user' : value => $keystone_user; - 'keystone_authtoken/admin_password' : value => $keystone_password, secret => true; - 'api/host' : value => $host; - 'api/port' : value => $port; - 'api/workers' : value => $workers; - 'api/max_limit' : value => $max_limit; - } - - if $keystone_identity_uri { - gnocchi_config { - 'keystone_authtoken/identity_uri': value => $keystone_identity_uri; - } - gnocchi_api_paste_ini { - 'pipeline:main/pipeline': value => 'gnocchi+auth', - } - } else { - gnocchi_config { - 'keystone_authtoken/identity_uri': ensure => absent; - } - } - -} diff --git a/gnocchi/manifests/client.pp b/gnocchi/manifests/client.pp deleted file mode 100644 index f7f209006..000000000 --- a/gnocchi/manifests/client.pp +++ /dev/null @@ -1,21 +0,0 @@ -# -# Installs the gnocchi python library. -# -# == parameters -# [*ensure*] -# ensure state for package. -# -class gnocchi::client ( - $ensure = 'present' -) { - - include ::gnocchi::params - - package { 'python-gnocchiclient': - ensure => $ensure, - name => $::gnocchi::params::client_package_name, - tag => 'openstack', - } - -} - diff --git a/gnocchi/manifests/config.pp b/gnocchi/manifests/config.pp deleted file mode 100644 index 02ff711a4..000000000 --- a/gnocchi/manifests/config.pp +++ /dev/null @@ -1,36 +0,0 @@ -# == Class: gnocchi::config -# -# This class is used to manage arbitrary gnocchi configurations. -# -# === Parameters -# -# [*gnocchi_config*] -# (optional) Allow configuration of arbitrary gnocchi configurations. -# The value is an hash of gnocchi_config resources. Example: -# { 'DEFAULT/foo' => { value => 'fooValue'}, -# 'DEFAULT/bar' => { value => 'barValue'} -# } -# In yaml format, Example: -# gnocchi_config: -# DEFAULT/foo: -# value: fooValue -# DEFAULT/bar: -# value: barValue -# -# [*gnocchi_api_paste_ini*] -# (optional) Allow configuration of /etc/gnocchi/api-paste.ini options. -# -# NOTE: The configuration MUST NOT be already handled by this module -# or Puppet catalog compilation will fail with duplicate resources. -# -class gnocchi::config ( - $gnocchi_config = {}, - $gnocchi_api_paste_ini = {}, -) { - - validate_hash($gnocchi_config) - validate_hash($gnocchi_api_paste_ini) - - create_resources('gnocchi_config', $gnocchi_config) - create_resources('gnocchi_api_paste_ini', $gnocchi_api_paste_ini) -} diff --git a/gnocchi/manifests/db.pp b/gnocchi/manifests/db.pp deleted file mode 100644 index e40d5dc74..000000000 --- a/gnocchi/manifests/db.pp +++ /dev/null @@ -1,69 +0,0 @@ -# == Class: gnocchi::db -# -# Configure the Gnocchi database -# -# === Parameters -# -# [*database_connection*] -# Url used to connect to database. -# (Optional) Defaults to 'sqlite:////var/lib/gnocchi/gnocchi.sqlite'. -# -# [*ensure_package*] -# (optional) The state of gnocchi packages -# Defaults to 'present' -# -class gnocchi::db ( - $database_connection = 'sqlite:////var/lib/gnocchi/gnocchi.sqlite', - $ensure_package = 'present', -) inherits gnocchi::params { - - # NOTE(spredzy): In order to keep backward compatibility we rely on the pick function - # to use gnocchi:: if gnocchi::db:: isn't specified. - $database_connection_real = pick($::gnocchi::database_connection, $database_connection) - - validate_re($database_connection_real, - '^(sqlite|mysql(\+pymysql)?|postgresql):\/\/(\S+:\S+@\S+\/\S+)?') - - if $database_connection_real { - case $database_connection_real { - /^mysql(\+pymysql)?:\/\//: { - require 'mysql::bindings' - require 'mysql::bindings::python' - if $database_connection_real =~ /^mysql\+pymysql/ { - $backend_package = $::gnocchi::params::pymysql_package_name - } else { - $backend_package = false - } - } - /^postgresql:\/\//: { - $backend_package = false - require 'postgresql::lib::python' - } - /^sqlite:\/\//: { - $backend_package = $::gnocchi::params::sqlite_package_name - } - default: { - fail('Unsupported backend configured') - } - } - - if $backend_package and !defined(Package[$backend_package]) { - package {'gnocchi-backend-package': - ensure => present, - name => $backend_package, - tag => 'openstack', - } - } - - gnocchi_config { - 'indexer/url': value => $database_connection_real, secret => true; - } - - package { 'gnocchi-indexer-sqlalchemy': - ensure => $ensure_package, - name => $::gnocchi::params::indexer_package_name, - tag => ['openstack', 'gnocchi-package'], - } - } - -} diff --git a/gnocchi/manifests/db/mysql.pp b/gnocchi/manifests/db/mysql.pp deleted file mode 100644 index da8e28d3c..000000000 --- a/gnocchi/manifests/db/mysql.pp +++ /dev/null @@ -1,69 +0,0 @@ -# The gnocchi::db::mysql class implements mysql backend for gnocchi -# -# This class can be used to create tables, users and grant -# privileges for a mysql gnocchi database. -# -# == parameters -# -# [*password*] -# (Mandatory) Password to connect to the database. -# Defaults to 'false'. -# -# [*dbname*] -# (Optional) Name of the database. -# Defaults to 'gnocchi'. -# -# [*user*] -# (Optional) User to connect to the database. -# Defaults to 'gnocchi'. -# -# [*host*] -# (Optional) The default source host user is allowed to connect from. -# Defaults to '127.0.0.1' -# -# [*allowed_hosts*] -# (Optional) Other hosts the user is allowed to connect from. -# Defaults to 'undef'. -# -# [*charset*] -# (Optional) The database charset. -# Defaults to 'utf8' -# -# [*collate*] -# (Optional) The database collate. -# Only used with mysql modules >= 2.2. -# Defaults to 'utf8_general_ci' -# -# == Dependencies -# Class['mysql::server'] -# -# == Examples -# -# == Authors -# -# == Copyright -# -class gnocchi::db::mysql( - $password, - $dbname = 'gnocchi', - $user = 'gnocchi', - $host = '127.0.0.1', - $charset = 'utf8', - $collate = 'utf8_general_ci', - $allowed_hosts = undef -) { - - validate_string($password) - - ::openstacklib::db::mysql { 'gnocchi': - user => $user, - password_hash => mysql_password($password), - dbname => $dbname, - host => $host, - charset => $charset, - collate => $collate, - allowed_hosts => $allowed_hosts, - } - - ::Openstacklib::Db::Mysql['gnocchi'] ~> Exec<| title == 'gnocchi-db-sync' |> -} diff --git a/gnocchi/manifests/db/postgresql.pp b/gnocchi/manifests/db/postgresql.pp deleted file mode 100644 index 57c588e36..000000000 --- a/gnocchi/manifests/db/postgresql.pp +++ /dev/null @@ -1,46 +0,0 @@ -# == Class: gnocchi::db::postgresql -# -# Class that configures postgresql for gnocchi -# Requires the Puppetlabs postgresql module. -# -# === Parameters -# -# [*password*] -# (Required) Password to connect to the database. -# -# [*dbname*] -# (Optional) Name of the database. -# Defaults to 'gnocchi'. -# -# [*user*] -# (Optional) User to connect to the database. -# Defaults to 'gnocchi'. -# -# [*encoding*] -# (Optional) The charset to use for the database. -# Default to undef. -# -# [*privileges*] -# (Optional) Privileges given to the database user. -# Default to 'ALL' -# -class gnocchi::db::postgresql( - $password, - $dbname = 'gnocchi', - $user = 'gnocchi', - $encoding = undef, - $privileges = 'ALL', -) { - - Class['gnocchi::db::postgresql'] -> Service<| title == 'gnocchi' |> - - ::openstacklib::db::postgresql { 'gnocchi': - password_hash => postgresql_password($user, $password), - dbname => $dbname, - user => $user, - encoding => $encoding, - privileges => $privileges, - } - - ::Openstacklib::Db::Postgresql['gnocchi'] ~> Exec<| title == 'gnocchi-db-sync' |> -} diff --git a/gnocchi/manifests/db/sync.pp b/gnocchi/manifests/db/sync.pp deleted file mode 100644 index 1db7a3a85..000000000 --- a/gnocchi/manifests/db/sync.pp +++ /dev/null @@ -1,29 +0,0 @@ -# -# Class to execute "gnocchi-dbsync" -# -# [*user*] -# (optional) User to run dbsync command. -# Defaults to 'gnocchi' -# -# [*extra_opts*] -# (optional) String of extra command line parameters to append -# to the gnocchi-db-sync command. -# Defaults to undef - -class gnocchi::db::sync ( - $user = 'gnocchi', - $extra_opts = undef, -){ - exec { 'gnocchi-db-sync': - command => "gnocchi-upgrade --config-file /etc/gnocchi/gnocchi.conf ${extra_opts}", - path => '/usr/bin', - refreshonly => true, - user => $user, - logoutput => on_failure, - } - - Package<| tag == 'gnocchi-package' |> ~> Exec['gnocchi-db-sync'] - Exec['gnocchi-db-sync'] ~> Service<| tag == 'gnocchi-db-sync-service' |> - Gnocchi_config<||> ~> Exec['gnocchi-db-sync'] - Gnocchi_config<| title == 'indexer/url' |> ~> Exec['gnocchi-db-sync'] -} diff --git a/gnocchi/manifests/init.pp b/gnocchi/manifests/init.pp deleted file mode 100644 index c64317189..000000000 --- a/gnocchi/manifests/init.pp +++ /dev/null @@ -1,70 +0,0 @@ -# == Class: gnocchi -# -# Full description of class gnocchi here. -# -# === Parameters -# -# [*ensure_package*] -# (optional) The state of gnocchi packages -# Defaults to 'present' -# -# [*log_dir*] -# (optional) Directory where logs should be stored. -# If set to boolean false or the $::os_service_default, it will not log to -# any directory. -# Defaults to undef -# -# [*state_path*] -# (optional) Directory for storing state. -# Defaults to '/var/lib/gnocchi' -# -# [*lock_path*] -# (optional) Directory for lock files. -# On RHEL will be '/var/lib/gnocchi/tmp' and on Debian '/var/lock/gnocchi' -# Defaults to $::gnocchi::params::lock_path -# -# [*verbose*] -# (optional) Set log output to verbose output. -# Defaults to undef -# -# [*debug*] -# (optional) Set log output to debug output. -# Defaults to undef -# -# [*use_syslog*] -# (optional) Use syslog for logging -# Defaults to undef -# -# [*use_stderr*] -# (optional) Use stderr for logging -# Defaults to undef -# -# [*log_facility*] -# (optional) Syslog facility to receive log lines. -# Defaults to undef -# -# [*database_connection*] -# (optional) Connection url for the gnocchi database. -# Defaults to undef. -# -class gnocchi ( - $ensure_package = 'present', - $verbose = undef, - $debug = undef, - $use_syslog = undef, - $use_stderr = undef, - $log_dir = undef, - $log_facility = undef, - $database_connection = undef, -) inherits gnocchi::params { - - include ::gnocchi::db - include ::gnocchi::logging - - package { 'gnocchi': - ensure => $ensure_package, - name => $::gnocchi::params::common_package_name, - tag => ['openstack', 'gnocchi-package'], - } - -} diff --git a/gnocchi/manifests/keystone/auth.pp b/gnocchi/manifests/keystone/auth.pp deleted file mode 100644 index ac30cd032..000000000 --- a/gnocchi/manifests/keystone/auth.pp +++ /dev/null @@ -1,87 +0,0 @@ -# == Class: gnocchi::keystone::auth -# -# Configures Gnocchi user, service and endpoint in Keystone. -# -# === Parameters -# -# [*password*] -# (required) Password for gnocchi user. -# -# [*auth_name*] -# Username for gnocchi service. Defaults to 'gnocchi'. -# -# [*email*] -# Email for gnocchi user. Defaults to 'gnocchi@localhost'. -# -# [*tenant*] -# Tenant for gnocchi user. Defaults to 'services'. -# -# [*configure_endpoint*] -# Should gnocchi endpoint be configured? Defaults to 'true'. -# -# [*configure_user*] -# (Optional) Should the service user be configured? -# Defaults to 'true'. -# -# [*configure_user_role*] -# (Optional) Should the admin role be configured for the service user? -# Defaults to 'true'. -# -# [*service_type*] -# Type of service. Defaults to 'key-manager'. -# -# [*region*] -# Region for endpoint. Defaults to 'RegionOne'. -# -# [*service_name*] -# (optional) Name of the service. -# Defaults to the value of auth_name. -# -# [*public_url*] -# (optional) The endpoint's public url. (Defaults to 'http://127.0.0.1:8041') -# This url should *not* contain any trailing '/'. -# -# [*admin_url*] -# (optional) The endpoint's admin url. (Defaults to 'http://127.0.0.1:8041') -# This url should *not* contain any trailing '/'. -# -# [*internal_url*] -# (optional) The endpoint's internal url. (Defaults to 'http://127.0.0.1:8041') -# This url should *not* contain any trailing '/'. -# -class gnocchi::keystone::auth ( - $password, - $auth_name = 'gnocchi', - $email = 'gnocchi@localhost', - $tenant = 'services', - $configure_endpoint = true, - $configure_user = true, - $configure_user_role = true, - $service_name = undef, - $service_type = 'metric', - $region = 'RegionOne', - $public_url = 'http://127.0.0.1:8041', - $internal_url = 'http://127.0.0.1:8041', - $admin_url = 'http://127.0.0.1:8041', -) { - - $real_service_name = pick($service_name, $auth_name) - - keystone::resource::service_identity { 'gnocchi': - configure_user => $configure_user, - configure_user_role => $configure_user_role, - configure_endpoint => $configure_endpoint, - service_name => $real_service_name, - service_type => $service_type, - service_description => 'OpenStack Metric Service', - region => $region, - auth_name => $auth_name, - password => $password, - email => $email, - tenant => $tenant, - public_url => $public_url, - internal_url => $internal_url, - admin_url => $admin_url, - } - -} diff --git a/gnocchi/manifests/logging.pp b/gnocchi/manifests/logging.pp deleted file mode 100644 index 8835bd4c7..000000000 --- a/gnocchi/manifests/logging.pp +++ /dev/null @@ -1,148 +0,0 @@ -# Class gnocchi::logging -# -# gnocchi logging configuration -# -# == parameters -# -# [*verbose*] -# (Optional) Should the daemons log verbose messages -# Defaults to $::os_service_default -# -# [*debug*] -# (Optional) Should the daemons log debug messages -# Defaults to $::os_service_default -# -# [*use_syslog*] -# (Optional) Use syslog for logging. -# Defaults to $::os_service_default -# -# [*use_stderr*] -# (optional) Use stderr for logging -# Defaults to $::os_service_default -# -# [*log_facility*] -# (Optional) Syslog facility to receive log lines. -# Defaults to $::os_service_default -# -# [*log_dir*] -# (optional) Directory where logs should be stored. -# If set to boolean false or the $::os_service_default, it will not log to -# any directory. -# Defaults to '/var/log/gnocchi' -# -# [*logging_context_format_string*] -# (optional) format string to use for log messages with context. -# Defaults to $::os_service_default -# example: '%(asctime)s.%(msecs)03d %(process)d %(levelname)s %(name)s\ -# [%(request_id)s %(user_identity)s] %(instance)s%(message)s' -# -# [*logging_default_format_string*] -# (optional) format string to use for log messages without context. -# Defaults to $::os_service_default -# example: '%(asctime)s.%(msecs)03d %(process)d %(levelname)s %(name)s\ -# [-] %(instance)s%(message)s' -# -# [*logging_debug_format_suffix*] -# (optional) formatted data to append to log format when level is debug. -# Defaults to $::os_service_default -# example: '%(funcname)s %(pathname)s:%(lineno)d' -# -# [*logging_exception_prefix*] -# (optional) prefix each line of exception output with this format. -# Defaults to $::os_service_default -# example: '%(asctime)s.%(msecs)03d %(process)d trace %(name)s %(instance)s' -# -# [*log_config_append*] -# the name of an additional logging configuration file. -# Defaults to $::os_service_default -# see https://docs.python.org/2/howto/logging.html -# -# [*default_log_levels*] -# (optional) hash of logger (keys) and level (values) pairs. -# Defaults to $::os_service_default -# example: -# { 'amqp' => 'warn', 'amqplib' => 'warn', 'boto' => 'warn', -# 'qpid' => 'warn', 'sqlalchemy' => 'warn', 'suds' => 'info', -# 'iso8601' => 'warn', -# 'requests.packages.urllib3.connectionpool' => 'warn' } -# -# [*publish_errors*] -# (optional) publish error events (boolean value). -# Defaults to $::os_service_default -# -# [*fatal_deprecations*] -# (optional) make deprecations fatal (boolean value) -# Defaults to $::os_service_default -# -# [*instance_format*] -# (optional) if an instance is passed with the log message, format it -# like this (string value). -# Defaults to $::os_service_default -# example: '[instance: %(uuid)s] ' -# -# [*instance_uuid_format*] -# (optional) if an instance uuid is passed with the log message, format -# it like this (string value). -# Defaults to $::os_service_default -# example: instance_uuid_format='[instance: %(uuid)s] ' - -# [*log_date_format*] -# (optional) format string for %%(asctime)s in log records. -# Defaults to $::os_service_default -# example: 'y-%m-%d %h:%m:%s' - -class gnocchi::logging( - $use_syslog = $::os_service_default, - $use_stderr = $::os_service_default, - $log_facility = $::os_service_default, - $log_dir = '/var/log/gnocchi', - $verbose = $::os_service_default, - $debug = $::os_service_default, - $logging_context_format_string = $::os_service_default, - $logging_default_format_string = $::os_service_default, - $logging_debug_format_suffix = $::os_service_default, - $logging_exception_prefix = $::os_service_default, - $log_config_append = $::os_service_default, - $default_log_levels = $::os_service_default, - $publish_errors = $::os_service_default, - $fatal_deprecations = $::os_service_default, - $instance_format = $::os_service_default, - $instance_uuid_format = $::os_service_default, - $log_date_format = $::os_service_default, -) { - - # note(spredzy): in order to keep backward compatibility we rely on the pick function - # to use gnocchi:: first then gnocchi::logging::. - $use_syslog_real = pick($::gnocchi::use_syslog,$use_syslog) - $use_stderr_real = pick($::gnocchi::use_stderr,$use_stderr) - $log_facility_real = pick($::gnocchi::log_facility,$log_facility) - $log_dir_real = pick($::gnocchi::log_dir,$log_dir) - $verbose_real = pick($::gnocchi::verbose,$verbose) - $debug_real = pick($::gnocchi::debug,$debug) - - if is_service_default($default_log_levels) { - $default_log_levels_real = $default_log_levels - } else { - $default_log_levels_real = join(sort(join_keys_to_values($default_log_levels, '=')), ',') - } - - gnocchi_config { - 'DEFAULT/debug' : value => $debug_real; - 'DEFAULT/verbose' : value => $verbose_real; - 'DEFAULT/use_stderr' : value => $use_stderr_real; - 'DEFAULT/use_syslog' : value => $use_syslog_real; - 'DEFAULT/log_dir' : value => $log_dir_real; - 'DEFAULT/syslog_log_facility' : value => $log_facility_real; - 'DEFAULT/logging_context_format_string' : value => $logging_context_format_string; - 'DEFAULT/logging_default_format_string' : value => $logging_default_format_string; - 'DEFAULT/logging_debug_format_suffix' : value => $logging_debug_format_suffix; - 'DEFAULT/logging_exception_prefix' : value => $logging_exception_prefix; - 'DEFAULT/log_config_append' : value => $log_config_append; - 'DEFAULT/default_log_levels' : value => $default_log_levels_real; - 'DEFAULT/publish_errors' : value => $publish_errors; - 'DEFAULT/fatal_deprecations' : value => $fatal_deprecations; - 'DEFAULT/instance_format' : value => $instance_format; - 'DEFAULT/instance_uuid_format' : value => $instance_uuid_format; - 'DEFAULT/log_date_format' : value => $log_date_format; - } -} diff --git a/gnocchi/manifests/metricd.pp b/gnocchi/manifests/metricd.pp deleted file mode 100644 index 76b2c7126..000000000 --- a/gnocchi/manifests/metricd.pp +++ /dev/null @@ -1,49 +0,0 @@ -# Installs & configure the gnocchi metricd service -# -# == Parameters -# -# [*enabled*] -# (optional) Should the service be enabled. -# Defaults to true -# -# [*package_ensure*] -# (optional) ensure state for package. -# Defaults to 'present' -# -# [*manage_service*] -# (optional) Whether the service should be managed by Puppet. -# Defaults to true. -# -class gnocchi::metricd ( - $manage_service = true, - $enabled = true, - $package_ensure = 'present', -) inherits gnocchi::params { - - Gnocchi_config<||> ~> Service['gnocchi-metricd'] - Package['gnocchi-metricd'] -> Service['gnocchi-metricd'] - - package { 'gnocchi-metricd': - ensure => $package_ensure, - name => $::gnocchi::params::metricd_package_name, - tag => ['openstack', 'gnocchi-package'], - } - - if $manage_service { - if $enabled { - $service_ensure = 'running' - } else { - $service_ensure = 'stopped' - } - } - - service { 'gnocchi-metricd': - ensure => $service_ensure, - name => $::gnocchi::params::metricd_service_name, - enable => $enabled, - hasstatus => true, - hasrestart => true, - tag => ['gnocchi-service', 'gnocchi-db-sync-service'], - } - -} diff --git a/gnocchi/manifests/params.pp b/gnocchi/manifests/params.pp deleted file mode 100644 index ae2f7f4d3..000000000 --- a/gnocchi/manifests/params.pp +++ /dev/null @@ -1,45 +0,0 @@ -# Parameters for puppet-gnocchi -# -class gnocchi::params { - - case $::osfamily { - 'RedHat': { - $sqlite_package_name = undef - $common_package_name = 'openstack-gnocchi-common' - $api_package_name = 'openstack-gnocchi-api' - $api_service_name = 'openstack-gnocchi-api' - $indexer_package_name = 'openstack-gnocchi-indexer-sqlalchemy' - $carbonara_package_name = 'openstack-gnocchi-carbonara' - $metricd_package_name = 'openstack-gnocchi-metricd' - $metricd_service_name = 'openstack-gnocchi-metricd' - $statsd_package_name = 'openstack-gnocchi-statsd' - $statsd_service_name = 'openstack-gnocchi-statsd' - $client_package_name = 'python-gnocchiclient' - $gnocchi_wsgi_script_path = '/var/www/cgi-bin/gnocchi' - $gnocchi_wsgi_script_source = '/usr/lib/python2.7/site-packages/gnocchi/rest/app.wsgi' - $pymysql_package_name = undef - $cradox_package_name = 'python2-cradox' - } - 'Debian': { - $sqlite_package_name = 'python-pysqlite2' - $common_package_name = 'gnocchi-common' - $api_package_name = 'gnocchi-api' - $api_service_name = 'gnocchi-api' - $indexer_package_name = 'gnocchi-indexer-sqlalchemy' - $carbonara_package_name = 'gnocchi-carbonara' - $metricd_package_name = 'gnocchi-metricd' - $metricd_service_name = 'gnocchi-metricd' - $statsd_package_name = 'gnocchi-statsd' - $statsd_service_name = 'gnocchi-statsd' - $client_package_name = 'python-gnocchiclient' - $gnocchi_wsgi_script_path = '/usr/lib/cgi-bin/gnocchi' - $gnocchi_wsgi_script_source = '/usr/share/gnocchi-common/app.wsgi' - $pymysql_package_name = 'python-pymysql' - $cradox_package_name = undef - } - default: { - fail("Unsupported osfamily: ${::osfamily} operatingsystem") - } - - } # Case $::osfamily -} diff --git a/gnocchi/manifests/policy.pp b/gnocchi/manifests/policy.pp deleted file mode 100644 index bed5b7415..000000000 --- a/gnocchi/manifests/policy.pp +++ /dev/null @@ -1,39 +0,0 @@ -# == Class: gnocchi::policy -# -# Configure the gnocchi policies -# -# === Parameters -# -# [*policies*] -# (optional) Set of policies to configure for gnocchi -# Example : -# { -# 'gnocchi-context_is_admin' => { -# 'key' => 'context_is_admin', -# 'value' => 'true' -# }, -# 'gnocchi-default' => { -# 'key' => 'default', -# 'value' => 'rule:admin_or_owner' -# } -# } -# Defaults to empty hash. -# -# [*policy_path*] -# (optional) Path to the nova policy.json file -# Defaults to /etc/gnocchi/policy.json -# -class gnocchi::policy ( - $policies = {}, - $policy_path = '/etc/gnocchi/policy.json', -) { - - validate_hash($policies) - - Openstacklib::Policy::Base { - file_path => $policy_path, - } - - create_resources('openstacklib::policy::base', $policies) - -} diff --git a/gnocchi/manifests/statsd.pp b/gnocchi/manifests/statsd.pp deleted file mode 100644 index afbc25733..000000000 --- a/gnocchi/manifests/statsd.pp +++ /dev/null @@ -1,78 +0,0 @@ -# Installs & configure the gnocchi statsd service -# -# == Parameters -# -# [*resource_id*] -# (required) Resource UUID to use to identify statsd in Gnocchi. -# -# [*user_id*] -# (required) User UUID to use to identify statsd in Gnocchi. -# -# [*project_id*] -# (required) Project UUID to use to identify statsd in Gnocchi. -# -# [*flush_delay*] -# (required) Delay between flushes. -# -# [*enabled*] -# (optional) Should the service be enabled. -# Defaults to true -# -# [*package_ensure*] -# (optional) ensure state for package. -# Defaults to 'present' -# -# [*manage_service*] -# (optional) Whether the service should be managed by Puppet. -# Defaults to true. -# -# [*archive_policy_name*] -# (optional) Archive policy name to use when creating metrics. -# Defaults to undef. -# -class gnocchi::statsd ( - $resource_id, - $user_id, - $project_id, - $flush_delay, - $archive_policy_name = undef, - $manage_service = true, - $enabled = true, - $package_ensure = 'present', -) inherits gnocchi::params { - - Gnocchi_config<||> ~> Service['gnocchi-statsd'] - Package['gnocchi-statsd'] -> Service['gnocchi-statsd'] - - package { 'gnocchi-statsd': - ensure => $package_ensure, - name => $::gnocchi::params::statsd_package_name, - tag => ['openstack', 'gnocchi-package'], - } - - if $manage_service { - if $enabled { - $service_ensure = 'running' - } else { - $service_ensure = 'stopped' - } - } - - service { 'gnocchi-statsd': - ensure => $service_ensure, - name => $::gnocchi::params::statsd_service_name, - enable => $enabled, - hasstatus => true, - hasrestart => true, - tag => ['gnocchi-service', 'gnocchi-db-sync-service'], - } - - gnocchi_config { - 'statsd/resource_id' : value => $resource_id; - 'statsd/user_id' : value => $user_id; - 'statsd/project_id' : value => $project_id; - 'statsd/archive_policy_name' : value => $archive_policy_name; - 'statsd/flush_delay' : value => $flush_delay; - } - -} diff --git a/gnocchi/manifests/storage.pp b/gnocchi/manifests/storage.pp deleted file mode 100644 index 2b7bf348c..000000000 --- a/gnocchi/manifests/storage.pp +++ /dev/null @@ -1,43 +0,0 @@ -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. You may obtain -# a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the -# License for the specific language governing permissions and limitations -# under the License. - -# gnocchi::storage -# -# Storage backend for Gnocchi -# -# == Parameters -# -# [*package_ensure*] -# (optional) ensure state for package. -# Defaults to 'present' -# -# [*coordination_url*] -# (optional) The url to use for distributed group membership coordination. -# Defaults to $::os_service_default. -# - -class gnocchi::storage( - $package_ensure = 'present', - $coordination_url = $::os_service_default, -) inherits gnocchi::params { - - package { 'gnocchi-carbonara': - ensure => $package_ensure, - name => $::gnocchi::params::carbonara_package_name, - tag => ['openstack', 'gnocchi-package'], - } - - gnocchi_config { - 'storage/coordination_url' : value => $coordination_url; - } - -} diff --git a/gnocchi/manifests/storage/ceph.pp b/gnocchi/manifests/storage/ceph.pp deleted file mode 100644 index 08f80aa03..000000000 --- a/gnocchi/manifests/storage/ceph.pp +++ /dev/null @@ -1,67 +0,0 @@ -# -# Copyright (C) 2015 eNovance SAS -# -# Author: Emilien Macchi -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. You may obtain -# a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the -# License for the specific language governing permissions and limitations -# under the License. - -# gnocchi::storage::ceph -# -# Ceph driver for Gnocchi -# -# == Parameters -# -# [*ceph_pool*] -# (optional) Ceph pool name to use. -# Defaults to 'gnocchi'. -# -# [*ceph_username*] -# (required) Ceph username to use. -# -# [*ceph_keyring*] -# (required) Ceph keyring path. -# -# [*ceph_conffile*] -# (optional) Ceph configuration file. -# Defaults to '/etc/ceph/ceph.conf'. -# -# [*manage_cradox*] -# (optional) Ensure state of the cradox package. -# Defaults to True. -# -class gnocchi::storage::ceph( - $ceph_username, - $ceph_keyring, - $ceph_pool = 'gnocchi', - $ceph_conffile = '/etc/ceph/ceph.conf', - $manage_cradox = true, -) inherits gnocchi::params { - - gnocchi_config { - 'storage/driver': value => 'ceph'; - 'storage/ceph_username': value => $ceph_username; - 'storage/ceph_keyring': value => $ceph_keyring; - 'storage/ceph_pool': value => $ceph_pool; - 'storage/ceph_conffile': value => $ceph_conffile; - } - - if $manage_cradox { - if $::gnocchi::params::common_package_name { - ensure_packages('python-cradox', { - 'ensure' => 'present', - 'name' => $::gnocchi::params::cradox_package_name, - 'tag' => ['openstack','gnocchi-package'], - }) - } - } -} diff --git a/gnocchi/manifests/storage/file.pp b/gnocchi/manifests/storage/file.pp deleted file mode 100644 index 97014256c..000000000 --- a/gnocchi/manifests/storage/file.pp +++ /dev/null @@ -1,37 +0,0 @@ -# -# Copyright (C) 2014 eNovance SAS -# -# Author: Emilien Macchi -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. You may obtain -# a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the -# License for the specific language governing permissions and limitations -# under the License. - -# gnocchi::storage::file -# -# File driver for Gnocchi -# -# == Parameters -# -# [*file_basepath*] -# (optional) Path used to store gnocchi data files. -# Defaults to '/var/lib/gnocchi'. -# -class gnocchi::storage::file( - $file_basepath = '/var/lib/gnocchi', -) { - - gnocchi_config { - 'storage/driver': value => 'file'; - 'storage/file_basepath': value => $file_basepath; - } - -} diff --git a/gnocchi/manifests/storage/influxdb.pp b/gnocchi/manifests/storage/influxdb.pp deleted file mode 100644 index 574839879..000000000 --- a/gnocchi/manifests/storage/influxdb.pp +++ /dev/null @@ -1,67 +0,0 @@ -# -# Copyright (C) 2015 Catalyst AU -# -# Author: Evan Giles -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. You may obtain -# a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the -# License for the specific language governing permissions and limitations -# under the License. - -# gnocchi::storage::influxdb -# -# influxdb driver for Gnocchi -# -# == Parameters -# -# [*influxdb_host*] -# (optional) 'influxdb hostname' -# Defaults to 'localhost'. -# -# [*influxdb_port*] -# (optional) influxdb port number -# Defaults to '8086'. -# -# [*influxdb_database*] -# (optional) influxdb database name -# Defaults to 'gnocchi' -# -# [*influxdb_username*] -# (optional) influxdb username -# Defaults to 'root' -# -# [*influxdb_password*] -# (optional) influxdb password. -# Defaults to undef. -# -# [*influxdb_block_until_data_ingested*] -# (optional) influxdb block_until_data_ingested setting. -# Defaults to 'false'. -# -class gnocchi::storage::influxdb( - $influxdb_host = 'localhost', - $influxdb_port = 8086, - $influxdb_database = 'gnocchi', - $influxdb_username = 'root', - $influxdb_password = undef, - $influxdb_block_until_data_ingested = false, -) { - - gnocchi_config { - 'storage/driver': value => 'influxdb'; - 'storage/influxdb_host': value => $influxdb_host; - 'storage/influxdb_port': value => $influxdb_port; - 'storage/influxdb_database': value => $influxdb_database; - 'storage/influxdb_username': value => $influxdb_username; - 'storage/influxdb_password': value => $influxdb_password, secret => true; - 'storage/influxdb_block_until_data_ingested': value => $influxdb_block_until_data_ingested; - } - -} diff --git a/gnocchi/manifests/storage/swift.pp b/gnocchi/manifests/storage/swift.pp deleted file mode 100644 index 4aec6872d..000000000 --- a/gnocchi/manifests/storage/swift.pp +++ /dev/null @@ -1,61 +0,0 @@ -# -# Copyright (C) 2014 eNovance SAS -# -# Author: Emilien Macchi -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. You may obtain -# a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the -# License for the specific language governing permissions and limitations -# under the License. - -# gnocchi::storage::swift -# -# Swift driver for Gnocchi -# -# == Parameters -# -# [*swift_auth_version*] -# (optional) 'Swift authentication version to user. -# Defaults to '1'. -# -# [*swift_authurl*] -# (optional) Swift auth URL. -# Defaults to 'http://localhost:8080/auth/v1.0'. -# -# [*swift_user*] -# (optional) Swift user. -# Defaults to 'admin:admin' -# -# [*swift_key*] -# (optional) Swift key. -# Defaults to 'admin' -# -# [*swift_tenant_name*] -# (optional) Swift tenant name, only used if swift_auth_version is '2'. -# Defaults to undef -# -class gnocchi::storage::swift( - $swift_auth_version = '1', - $swift_authurl = 'http://localhost:8080/auth/v1.0', - $swift_user = 'admin:admin', - $swift_key = 'admin', - $swift_tenant_name = undef, -) { - - gnocchi_config { - 'storage/driver': value => 'swift'; - 'storage/swift_user': value => $swift_user; - 'storage/swift_key': value => $swift_key; - 'storage/swift_tenant_name': value => $swift_tenant_name; - 'storage/swift_auth_version': value => $swift_auth_version; - 'storage/swift_authurl': value => $swift_authurl; - } - -} diff --git a/gnocchi/manifests/wsgi/apache.pp b/gnocchi/manifests/wsgi/apache.pp deleted file mode 100644 index 9d81cd717..000000000 --- a/gnocchi/manifests/wsgi/apache.pp +++ /dev/null @@ -1,128 +0,0 @@ -# -# Copyright (C) 2015 eNovance SAS -# -# Author: Emilien Macchi -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. You may obtain -# a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the -# License for the specific language governing permissions and limitations -# under the License. -# -# Class to serve gnocchi API with apache mod_wsgi in place of gnocchi-api service. -# -# Serving gnocchi API from apache is the recommended way to go for production -# because of limited performance for concurrent accesses when running eventlet. -# -# When using this class you should disable your gnocchi-api service. -# -# == Parameters -# -# [*servername*] -# The servername for the virtualhost. -# Optional. Defaults to $::fqdn -# -# [*port*] -# The port. -# Optional. Defaults to 8041 -# -# [*bind_host*] -# The host/ip address Apache will listen on. -# Optional. Defaults to undef (listen on all ip addresses). -# -# [*path*] -# The prefix for the endpoint. -# Optional. Defaults to '/' -# -# [*ssl*] -# Use ssl ? (boolean) -# Optional. Defaults to true -# -# [*workers*] -# Number of WSGI workers to spawn. -# Optional. Defaults to 1 -# -# [*priority*] -# (optional) The priority for the vhost. -# Defaults to '10' -# -# [*threads*] -# (optional) The number of threads for the vhost. -# Defaults to $::processorcount -# -# [*ssl_cert*] -# [*ssl_key*] -# [*ssl_chain*] -# [*ssl_ca*] -# [*ssl_crl_path*] -# [*ssl_crl*] -# [*ssl_certs_dir*] -# apache::vhost ssl parameters. -# Optional. Default to apache::vhost 'ssl_*' defaults. -# -# == Dependencies -# -# requires Class['apache'] & Class['gnocchi'] -# -# == Examples -# -# include apache -# -# class { 'gnocchi::wsgi::apache': } -# -class gnocchi::wsgi::apache ( - $servername = $::fqdn, - $port = 8041, - $bind_host = undef, - $path = '/', - $ssl = true, - $workers = 1, - $ssl_cert = undef, - $ssl_key = undef, - $ssl_chain = undef, - $ssl_ca = undef, - $ssl_crl_path = undef, - $ssl_crl = undef, - $ssl_certs_dir = undef, - $threads = $::processorcount, - $priority = '10', -) { - - include ::gnocchi::params - include ::apache - include ::apache::mod::wsgi - if $ssl { - include ::apache::mod::ssl - } - - ::openstacklib::wsgi::apache { 'gnocchi_wsgi': - bind_host => $bind_host, - bind_port => $port, - group => 'gnocchi', - path => $path, - priority => $priority, - servername => $servername, - ssl => $ssl, - ssl_ca => $ssl_ca, - ssl_cert => $ssl_cert, - ssl_certs_dir => $ssl_certs_dir, - ssl_chain => $ssl_chain, - ssl_crl => $ssl_crl, - ssl_crl_path => $ssl_crl_path, - ssl_key => $ssl_key, - threads => $threads, - user => 'gnocchi', - workers => $workers, - wsgi_daemon_process => 'gnocchi', - wsgi_process_group => 'gnocchi', - wsgi_script_dir => $::gnocchi::params::gnocchi_wsgi_script_path, - wsgi_script_file => 'app', - wsgi_script_source => $::gnocchi::params::gnocchi_wsgi_script_source, - } -} diff --git a/gnocchi/metadata.json b/gnocchi/metadata.json deleted file mode 100644 index b3e063d08..000000000 --- a/gnocchi/metadata.json +++ /dev/null @@ -1,31 +0,0 @@ -{ - "name": "openstack-gnocchi", - "version": "8.1.0", - "author": "OpenStack Contributors", - "summary": "Puppet module for OpenStack Gnocchi", - "license": "Apache-2.0", - "source": "git://github.com/openstack/puppet-gnocchi.git", - "project_page": "https://launchpad.net/puppet-gnocchi", - "issues_url": "https://bugs.launchpad.net/puppet-gnocchi", - "description": "Installs and configures OpenStack Gnocchi (Metric & index storage API).", - "requirements": [ - { "name": "pe", "version_requirement": ">= 3.2.0 <= 2016.1.0" }, - { "name": "puppet", "version_requirement": ">= 3.0.0 < 5.0.0" } - ], - "operatingsystem_support": [ - { - "operatingsystem": "RedHat", - "operatingsystemrelease": ["7"] - }, - { - "operatingsystem": "Ubuntu", - "operatingsystemrelease": ["14.04"] - } - ], - "dependencies": [ - { "name": "puppetlabs/inifile", "version_requirement": ">=1.5.0 <2.0.0" }, - { "name": "openstack/keystone", "version_requirement": ">=8.1.0 <9.0.0" }, - { "name": "puppetlabs/stdlib", "version_requirement": ">=4.9.0 <5.0.0" }, - { "name": "openstack/openstacklib", "version_requirement": ">=8.1.0 <9.0.0" } - ] -} diff --git a/gnocchi/releasenotes/notes/api_paste-b94e191896840944.yaml b/gnocchi/releasenotes/notes/api_paste-b94e191896840944.yaml deleted file mode 100644 index 898bbc9dc..000000000 --- a/gnocchi/releasenotes/notes/api_paste-b94e191896840944.yaml +++ /dev/null @@ -1,3 +0,0 @@ ---- -features: - - Add api_paste type/provider. diff --git a/gnocchi/releasenotes/notes/client-04f70664e363425c.yaml b/gnocchi/releasenotes/notes/client-04f70664e363425c.yaml deleted file mode 100644 index 9fd1b0bfd..000000000 --- a/gnocchi/releasenotes/notes/client-04f70664e363425c.yaml +++ /dev/null @@ -1,3 +0,0 @@ ---- -features: - - Implement ::gnocchi::client. diff --git a/gnocchi/releasenotes/notes/cradox-e10fb8c46ec2935a.yaml b/gnocchi/releasenotes/notes/cradox-e10fb8c46ec2935a.yaml deleted file mode 100644 index 8cfac3030..000000000 --- a/gnocchi/releasenotes/notes/cradox-e10fb8c46ec2935a.yaml +++ /dev/null @@ -1,4 +0,0 @@ ---- -features: - - When deploying Ceph storage backend, allow to automatically install python-cradox - as a packaging dependency. diff --git a/gnocchi/releasenotes/notes/db_upgrade-2eff712611fa34ba.yaml b/gnocchi/releasenotes/notes/db_upgrade-2eff712611fa34ba.yaml deleted file mode 100644 index 4d7c349cb..000000000 --- a/gnocchi/releasenotes/notes/db_upgrade-2eff712611fa34ba.yaml +++ /dev/null @@ -1,3 +0,0 @@ ---- -upgrade: - - Update db-sync command to use gnocchi-upgrade. diff --git a/gnocchi/releasenotes/notes/influxdb-889413086f27c7e4.yaml b/gnocchi/releasenotes/notes/influxdb-889413086f27c7e4.yaml deleted file mode 100644 index 3cc68791c..000000000 --- a/gnocchi/releasenotes/notes/influxdb-889413086f27c7e4.yaml +++ /dev/null @@ -1,3 +0,0 @@ ---- -features: - - Add Influxdb as a backend storage. diff --git a/gnocchi/releasenotes/notes/keystone_auth-557bfe055fd9101d.yaml b/gnocchi/releasenotes/notes/keystone_auth-557bfe055fd9101d.yaml deleted file mode 100644 index de21bdfcc..000000000 --- a/gnocchi/releasenotes/notes/keystone_auth-557bfe055fd9101d.yaml +++ /dev/null @@ -1,5 +0,0 @@ ---- -features: - - Enable correct auth pipeline when keystone is enabled. - Use gnocchi+auth in the main pipeline when we want to use keystone - authentification. diff --git a/gnocchi/releasenotes/notes/metricd-dd917b15aa827654.yaml b/gnocchi/releasenotes/notes/metricd-dd917b15aa827654.yaml deleted file mode 100644 index bd266842e..000000000 --- a/gnocchi/releasenotes/notes/metricd-dd917b15aa827654.yaml +++ /dev/null @@ -1,3 +0,0 @@ ---- -features: - - Add metricd service support. diff --git a/gnocchi/releasenotes/notes/mitaka-dece9d43a565e6cb.yaml b/gnocchi/releasenotes/notes/mitaka-dece9d43a565e6cb.yaml deleted file mode 100644 index c2e3ae900..000000000 --- a/gnocchi/releasenotes/notes/mitaka-dece9d43a565e6cb.yaml +++ /dev/null @@ -1,3 +0,0 @@ ---- -prelude: > - This is the first Mitaka release for puppet-gnocchi module. diff --git a/gnocchi/releasenotes/notes/pymysql-e57bf1f0289dd426.yaml b/gnocchi/releasenotes/notes/pymysql-e57bf1f0289dd426.yaml deleted file mode 100644 index 3556c0c8c..000000000 --- a/gnocchi/releasenotes/notes/pymysql-e57bf1f0289dd426.yaml +++ /dev/null @@ -1,3 +0,0 @@ ---- -features: - - Support of PyMySQL driver for MySQL backend. diff --git a/gnocchi/releasenotes/notes/use-reno-1caaec4ba5aa4285.yaml b/gnocchi/releasenotes/notes/use-reno-1caaec4ba5aa4285.yaml deleted file mode 100644 index 41cef2f11..000000000 --- a/gnocchi/releasenotes/notes/use-reno-1caaec4ba5aa4285.yaml +++ /dev/null @@ -1,4 +0,0 @@ ---- -features: - - Release notes are no longer maintained by hand, we now use the reno tool to - manage them. diff --git a/gnocchi/releasenotes/source/_static/.placeholder b/gnocchi/releasenotes/source/_static/.placeholder deleted file mode 100644 index e69de29bb..000000000 diff --git a/gnocchi/releasenotes/source/conf.py b/gnocchi/releasenotes/source/conf.py deleted file mode 100644 index 42e21ec18..000000000 --- a/gnocchi/releasenotes/source/conf.py +++ /dev/null @@ -1,259 +0,0 @@ -# -*- coding: utf-8 -*- -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or -# implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -# If extensions (or modules to document with autodoc) are in another directory, -# add these directories to sys.path here. If the directory is relative to the -# documentation root, use os.path.abspath to make it absolute, like shown here. -#sys.path.insert(0, os.path.abspath('.')) - -# -- General configuration ------------------------------------------------ - -# If your documentation needs a minimal Sphinx version, state it here. -#needs_sphinx = '1.0' - -# Add any Sphinx extension module names here, as strings. They can be -# extensions coming with Sphinx (named 'sphinx.ext.*') or your custom -# ones. -extensions = [ - 'oslosphinx', - 'reno.sphinxext', -] - -# Add any paths that contain templates here, relative to this directory. -templates_path = ['_templates'] - -# The suffix of source filenames. -source_suffix = '.rst' - -# The encoding of source files. -#source_encoding = 'utf-8-sig' - -# The master toctree document. -master_doc = 'index' - -# General information about the project. -project = u'puppet-gnocchi Release Notes' -copyright = u'2016, Puppet OpenStack Developers' - -# The version info for the project you're documenting, acts as replacement for -# |version| and |release|, also used in various other places throughout the -# built documents. -# -# The short X.Y version. -version = '8.1.0' -# The full version, including alpha/beta/rc tags. -release = '8.1.0' - -# The language for content autogenerated by Sphinx. Refer to documentation -# for a list of supported languages. -#language = None - -# There are two options for replacing |today|: either, you set today to some -# non-false value, then it is used: -#today = '' -# Else, today_fmt is used as the format for a strftime call. -#today_fmt = '%B %d, %Y' - -# List of patterns, relative to source directory, that match files and -# directories to ignore when looking for source files. -exclude_patterns = [] - -# The reST default role (used for this markup: `text`) to use for all -# documents. -#default_role = None - -# If true, '()' will be appended to :func: etc. cross-reference text. -#add_function_parentheses = True - -# If true, the current module name will be prepended to all description -# unit titles (such as .. function::). -#add_module_names = True - -# If true, sectionauthor and moduleauthor directives will be shown in the -# output. They are ignored by default. -#show_authors = False - -# The name of the Pygments (syntax highlighting) style to use. -pygments_style = 'sphinx' - -# A list of ignored prefixes for module index sorting. -#modindex_common_prefix = [] - -# If true, keep warnings as "system message" paragraphs in the built documents. -#keep_warnings = False - - -# -- Options for HTML output ---------------------------------------------- - -# The theme to use for HTML and HTML Help pages. See the documentation for -# a list of builtin themes. -html_theme = 'default' - -# Theme options are theme-specific and customize the look and feel of a theme -# further. For a list of options available for each theme, see the -# documentation. -#html_theme_options = {} - -# Add any paths that contain custom themes here, relative to this directory. -#html_theme_path = [] - -# The name for this set of Sphinx documents. If None, it defaults to -# " v documentation". -#html_title = None - -# A shorter title for the navigation bar. Default is the same as html_title. -#html_short_title = None - -# The name of an image file (relative to this directory) to place at the top -# of the sidebar. -#html_logo = None - -# The name of an image file (within the static path) to use as favicon of the -# docs. This file should be a Windows icon file (.ico) being 16x16 or 32x32 -# pixels large. -#html_favicon = None - -# Add any paths that contain custom static files (such as style sheets) here, -# relative to this directory. They are copied after the builtin static files, -# so a file named "default.css" will overwrite the builtin "default.css". -html_static_path = ['_static'] - -# Add any extra paths that contain custom files (such as robots.txt or -# .htaccess) here, relative to this directory. These files are copied -# directly to the root of the documentation. -#html_extra_path = [] - -# If not '', a 'Last updated on:' timestamp is inserted at every page bottom, -# using the given strftime format. -#html_last_updated_fmt = '%b %d, %Y' - -# If true, SmartyPants will be used to convert quotes and dashes to -# typographically correct entities. -#html_use_smartypants = True - -# Custom sidebar templates, maps document names to template names. -#html_sidebars = {} - -# Additional templates that should be rendered to pages, maps page names to -# template names. -#html_additional_pages = {} - -# If false, no module index is generated. -#html_domain_indices = True - -# If false, no index is generated. -#html_use_index = True - -# If true, the index is split into individual pages for each letter. -#html_split_index = False - -# If true, links to the reST sources are added to the pages. -#html_show_sourcelink = True - -# If true, "Created using Sphinx" is shown in the HTML footer. Default is True. -#html_show_sphinx = True - -# If true, "(C) Copyright ..." is shown in the HTML footer. Default is True. -#html_show_copyright = True - -# If true, an OpenSearch description file will be output, and all pages will -# contain a tag referring to it. The value of this option must be the -# base URL from which the finished HTML is served. -#html_use_opensearch = '' - -# This is the file name suffix for HTML files (e.g. ".xhtml"). -#html_file_suffix = None - -# Output file base name for HTML help builder. -htmlhelp_basename = 'puppet-gnocchiReleaseNotesdoc' - - -# -- Options for LaTeX output --------------------------------------------- - -latex_elements = { -# The paper size ('letterpaper' or 'a4paper'). -#'papersize': 'letterpaper', - -# The font size ('10pt', '11pt' or '12pt'). -#'pointsize': '10pt', - -# Additional stuff for the LaTeX preamble. -#'preamble': '', -} - -# Grouping the document tree into LaTeX files. List of tuples -# (source start file, target name, title, -# author, documentclass [howto, manual, or own class]). -latex_documents = [ - ('index', 'puppet-gnocchiReleaseNotes.tex', u'puppet-gnocchi Release Notes Documentation', - u'2016, Puppet OpenStack Developers', 'manual'), -] - -# The name of an image file (relative to this directory) to place at the top of -# the title page. -#latex_logo = None - -# For "manual" documents, if this is true, then toplevel headings are parts, -# not chapters. -#latex_use_parts = False - -# If true, show page references after internal links. -#latex_show_pagerefs = False - -# If true, show URL addresses after external links. -#latex_show_urls = False - -# Documents to append as an appendix to all manuals. -#latex_appendices = [] - -# If false, no module index is generated. -#latex_domain_indices = True - - -# -- Options for manual page output --------------------------------------- - -# One entry per manual page. List of tuples -# (source start file, name, description, authors, manual section). -man_pages = [ - ('index', 'puppet-gnocchireleasenotes', u'puppet-gnocchi Release Notes Documentation', - [u'2016, Puppet OpenStack Developers'], 1) -] - -# If true, show URL addresses after external links. -#man_show_urls = False - - -# -- Options for Texinfo output ------------------------------------------- - -# Grouping the document tree into Texinfo files. List of tuples -# (source start file, target name, title, author, -# dir menu entry, description, category) -texinfo_documents = [ - ('index', 'puppet-gnocchiReleaseNotes', u'puppet-gnocchi Release Notes Documentation', - u'2016, Puppet OpenStack Developers', 'puppet-gnocchiReleaseNotes', 'One line description of project.', - 'Miscellaneous'), -] - -# Documents to append as an appendix to all manuals. -#texinfo_appendices = [] - -# If false, no module index is generated. -#texinfo_domain_indices = True - -# How to display URL addresses: 'footnote', 'no', or 'inline'. -#texinfo_show_urls = 'footnote' - -# If true, do not generate a @detailmenu in the "Top" node's menu. -#texinfo_no_detailmenu = False diff --git a/gnocchi/releasenotes/source/index.rst b/gnocchi/releasenotes/source/index.rst deleted file mode 100644 index 17ef9afb7..000000000 --- a/gnocchi/releasenotes/source/index.rst +++ /dev/null @@ -1,19 +0,0 @@ -======================================== -Welcome to puppet-gnocchi Release Notes! -======================================== - -Contents -======== - -.. toctree:: - :maxdepth: 2 - - mitaka - unreleased - - -Indices and tables -================== - -* :ref:`genindex` -* :ref:`search` diff --git a/gnocchi/releasenotes/source/mitaka.rst b/gnocchi/releasenotes/source/mitaka.rst deleted file mode 100644 index 97ab8d1d3..000000000 --- a/gnocchi/releasenotes/source/mitaka.rst +++ /dev/null @@ -1,6 +0,0 @@ -============================ - Mitaka Series Release Notes -============================ - -.. release-notes:: - :branch: origin/stable/mitaka diff --git a/gnocchi/releasenotes/source/unreleased.rst b/gnocchi/releasenotes/source/unreleased.rst deleted file mode 100644 index 2334dd5cf..000000000 --- a/gnocchi/releasenotes/source/unreleased.rst +++ /dev/null @@ -1,5 +0,0 @@ -============================== - Current Series Release Notes -============================== - - .. release-notes:: diff --git a/gnocchi/setup.cfg b/gnocchi/setup.cfg deleted file mode 100644 index 1321090f4..000000000 --- a/gnocchi/setup.cfg +++ /dev/null @@ -1,13 +0,0 @@ -[metadata] -name = puppet-gnocchi -summary = Puppet module for OpenStack Gnocchi -description-file = - README.md -author = Puppet Labs and OpenStack Contributors -author-email = openstack-dev@lists.openstack.org -home-page = http://www.openstack.org/ -classifier = - Intended Audience :: Developers - Intended Audience :: System Administrators - License :: OSI Approved :: Apache Software License - Operating System :: POSIX :: Linux diff --git a/gnocchi/setup.py b/gnocchi/setup.py deleted file mode 100644 index 70c2b3f32..000000000 --- a/gnocchi/setup.py +++ /dev/null @@ -1,22 +0,0 @@ -#!/usr/bin/env python -# Copyright (c) 2013 Hewlett-Packard Development Company, L.P. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or -# implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# THIS FILE IS MANAGED BY THE GLOBAL REQUIREMENTS REPO - DO NOT EDIT -import setuptools - -setuptools.setup( - setup_requires=['pbr'], - pbr=True) diff --git a/gnocchi/spec/acceptance/basic_gnocchi_spec.rb b/gnocchi/spec/acceptance/basic_gnocchi_spec.rb deleted file mode 100644 index 3c4c8a358..000000000 --- a/gnocchi/spec/acceptance/basic_gnocchi_spec.rb +++ /dev/null @@ -1,69 +0,0 @@ -require 'spec_helper_acceptance' - -describe 'basic gnocchi' do - - context 'default parameters' do - - it 'should work with no errors' do - pp= <<-EOS - include ::openstack_integration - include ::openstack_integration::repos - include ::openstack_integration::mysql - include ::openstack_integration::keystone - - class { '::gnocchi::db::mysql': - password => 'a_big_secret', - } - class { '::gnocchi::keystone::auth': - password => 'a_big_secret', - } - case $::osfamily { - 'Debian': { - warning('Gnocchi is not yet packaged on Ubuntu systems.') - } - 'RedHat': { - class { '::gnocchi': - verbose => true, - debug => true, - database_connection => 'mysql+pymysql://gnocchi:a_big_secret@127.0.0.1/gnocchi?charset=utf8', - } - class { '::gnocchi::api': - enabled => true, - keystone_password => 'a_big_secret', - keystone_identity_uri => 'http://127.0.0.1:35357/', - service_name => 'httpd', - } - class { '::gnocchi::metricd': } - class { '::gnocchi::db::sync': } - class { '::gnocchi::storage': } - class { '::gnocchi::storage::file': } - include ::apache - class { '::gnocchi::wsgi::apache': - ssl => false, - } - class { '::gnocchi::statsd': - archive_policy_name => 'high', - flush_delay => '100', - resource_id => '07f26121-5777-48ba-8a0b-d70468133dd9', - user_id => 'f81e9b1f-9505-4298-bc33-43dfbd9a973b', - project_id => '203ef419-e73f-4b8a-a73f-3d599a72b18d', - } - class { '::gnocchi::client': } - } - } - EOS - - - # Run it twice and test for idempotency - apply_manifest(pp, :catch_failures => true) - apply_manifest(pp, :catch_changes => true) - end - - if os[:family].casecmp('RedHat') == 0 - describe port(8041) do - it { is_expected.to be_listening } - end - end - - end -end diff --git a/gnocchi/spec/acceptance/nodesets/centos-70-x64.yml b/gnocchi/spec/acceptance/nodesets/centos-70-x64.yml deleted file mode 100644 index 5f097e9fe..000000000 --- a/gnocchi/spec/acceptance/nodesets/centos-70-x64.yml +++ /dev/null @@ -1,11 +0,0 @@ -HOSTS: - centos-server-70-x64: - roles: - - master - platform: el-7-x86_64 - box: puppetlabs/centos-7.0-64-nocm - box_url: https://vagrantcloud.com/puppetlabs/centos-7.0-64-nocm - hypervisor: vagrant -CONFIG: - log_level: debug - type: foss diff --git a/gnocchi/spec/acceptance/nodesets/default.yml b/gnocchi/spec/acceptance/nodesets/default.yml deleted file mode 100644 index 486b6a34e..000000000 --- a/gnocchi/spec/acceptance/nodesets/default.yml +++ /dev/null @@ -1,10 +0,0 @@ -HOSTS: - ubuntu-server-14.04-amd64: - roles: - - master - platform: ubuntu-14.04-amd64 - box: puppetlabs/ubuntu-14.04-64-nocm - box_url: https://vagrantcloud.com/puppetlabs/ubuntu-14.04-64-nocm - hypervisor: vagrant -CONFIG: - type: foss diff --git a/gnocchi/spec/acceptance/nodesets/nodepool-centos7.yml b/gnocchi/spec/acceptance/nodesets/nodepool-centos7.yml deleted file mode 100644 index c55287420..000000000 --- a/gnocchi/spec/acceptance/nodesets/nodepool-centos7.yml +++ /dev/null @@ -1,10 +0,0 @@ -HOSTS: - centos-70-x64: - roles: - - master - platform: el-7-x86_64 - hypervisor: none - ip: 127.0.0.1 -CONFIG: - type: foss - set_env: false diff --git a/gnocchi/spec/acceptance/nodesets/nodepool-trusty.yml b/gnocchi/spec/acceptance/nodesets/nodepool-trusty.yml deleted file mode 100644 index 9fc624e24..000000000 --- a/gnocchi/spec/acceptance/nodesets/nodepool-trusty.yml +++ /dev/null @@ -1,10 +0,0 @@ -HOSTS: - ubuntu-14.04-amd64: - roles: - - master - platform: ubuntu-14.04-amd64 - hypervisor: none - ip: 127.0.0.1 -CONFIG: - type: foss - set_env: false diff --git a/gnocchi/spec/acceptance/nodesets/ubuntu-server-1404-x64.yml b/gnocchi/spec/acceptance/nodesets/ubuntu-server-1404-x64.yml deleted file mode 100644 index 8001929b2..000000000 --- a/gnocchi/spec/acceptance/nodesets/ubuntu-server-1404-x64.yml +++ /dev/null @@ -1,11 +0,0 @@ -HOSTS: - ubuntu-server-14.04-amd64: - roles: - - master - platform: ubuntu-14.04-amd64 - box: puppetlabs/ubuntu-14.04-64-nocm - box_url: https://vagrantcloud.com/puppetlabs/ubuntu-14.04-64-nocm - hypervisor: vagrant -CONFIG: - log_level: debug - type: foss diff --git a/gnocchi/spec/classes/gnocchi_api_spec.rb b/gnocchi/spec/classes/gnocchi_api_spec.rb deleted file mode 100644 index c512fde5a..000000000 --- a/gnocchi/spec/classes/gnocchi_api_spec.rb +++ /dev/null @@ -1,213 +0,0 @@ -require 'spec_helper' - -describe 'gnocchi::api' do - - let :pre_condition do - "class { 'gnocchi': } - include ::gnocchi::db" - end - - let :params do - { :enabled => true, - :manage_service => true, - :keystone_password => 'gnocchi-passw0rd', - :keystone_tenant => 'services', - :keystone_user => 'gnocchi', - :package_ensure => 'latest', - :port => '8041', - :max_limit => '1000', - :host => '0.0.0.0', - } - end - - shared_examples_for 'gnocchi-api' do - - context 'without required parameter keystone_password' do - before { params.delete(:keystone_password) } - it { expect { is_expected.to raise_error(Puppet::Error) } } - end - - it { is_expected.to contain_class('gnocchi::params') } - it { is_expected.to contain_class('gnocchi::policy') } - - it 'installs gnocchi-api package' do - is_expected.to contain_package('gnocchi-api').with( - :ensure => 'latest', - :name => platform_params[:api_package_name], - :tag => ['openstack', 'gnocchi-package'], - ) - end - - it 'configures keystone authentication middleware' do - is_expected.to contain_gnocchi_config('keystone_authtoken/admin_tenant_name').with_value( params[:keystone_tenant] ) - is_expected.to contain_gnocchi_config('keystone_authtoken/admin_user').with_value( params[:keystone_user] ) - is_expected.to contain_gnocchi_config('keystone_authtoken/admin_password').with_value( params[:keystone_password] ) - is_expected.to contain_gnocchi_config('keystone_authtoken/admin_password').with_value( params[:keystone_password] ).with_secret(true) - is_expected.to contain_gnocchi_config('api/host').with_value( params[:host] ) - is_expected.to contain_gnocchi_config('api/port').with_value( params[:port] ) - is_expected.to contain_gnocchi_config('api/max_limit').with_value( params[:max_limit] ) - is_expected.to contain_gnocchi_config('api/workers').with_value('2') - end - - [{:enabled => true}, {:enabled => false}].each do |param_hash| - context "when service should be #{param_hash[:enabled] ? 'enabled' : 'disabled'}" do - before do - params.merge!(param_hash) - end - - it 'configures gnocchi-api service' do - is_expected.to contain_service('gnocchi-api').with( - :ensure => (params[:manage_service] && params[:enabled]) ? 'running' : 'stopped', - :name => platform_params[:api_service_name], - :enable => params[:enabled], - :hasstatus => true, - :hasrestart => true, - :require => 'Class[Gnocchi::Db]', - :tag => ['gnocchi-service', 'gnocchi-db-sync-service'], - ) - end - end - end - - context 'with disabled service managing' do - before do - params.merge!({ - :manage_service => false, - :enabled => false }) - end - - it 'configures gnocchi-api service' do - is_expected.to contain_service('gnocchi-api').with( - :ensure => nil, - :name => platform_params[:api_service_name], - :enable => false, - :hasstatus => true, - :hasrestart => true, - :tag => ['gnocchi-service', 'gnocchi-db-sync-service'], - ) - end - end - - context 'when running gnocchi-api in wsgi' do - before do - params.merge!({ :service_name => 'httpd' }) - end - - let :pre_condition do - "include ::apache - include ::gnocchi::db - class { 'gnocchi': }" - end - - it 'configures gnocchi-api service with Apache' do - is_expected.to contain_service('gnocchi-api').with( - :ensure => 'stopped', - :name => platform_params[:api_service_name], - :enable => false, - :tag => ['gnocchi-service', 'gnocchi-db-sync-service'], - ) - end - end - - context 'when service_name is not valid' do - before do - params.merge!({ :service_name => 'foobar' }) - end - - let :pre_condition do - "include ::apache - include ::gnocchi::db - class { 'gnocchi': }" - end - - it_raises 'a Puppet::Error', /Invalid service_name/ - end - end - - context 'on Debian platforms' do - let :facts do - @default_facts.merge({ - :osfamily => 'Debian', - :operatingsystem => 'Debian', - :operatingsystemrelease => '8.0', - :concat_basedir => '/var/lib/puppet/concat', - :fqdn => 'some.host.tld', - :processorcount => 2, - }) - end - - let :platform_params do - { :api_package_name => 'gnocchi-api', - :api_service_name => 'gnocchi-api' } - end - - it_configures 'gnocchi-api' - end - - context 'on RedHat platforms' do - let :facts do - @default_facts.merge({ - :osfamily => 'RedHat', - :operatingsystem => 'RedHat', - :operatingsystemrelease => '7.1', - :fqdn => 'some.host.tld', - :concat_basedir => '/var/lib/puppet/concat', - :processorcount => 2, - }) - end - - let :platform_params do - { :api_package_name => 'openstack-gnocchi-api', - :api_service_name => 'openstack-gnocchi-api' } - end - - it_configures 'gnocchi-api' - end - - describe 'with custom auth_uri' do - let :facts do - @default_facts.merge({ :osfamily => 'RedHat' }) - end - before do - params.merge!({ - :keystone_auth_uri => 'https://foo.bar:1234/', - }) - end - it 'should configure custom auth_uri correctly' do - is_expected.to contain_gnocchi_config('keystone_authtoken/auth_uri').with_value( 'https://foo.bar:1234/' ) - end - end - - describe "with custom keystone identity_uri" do - let :facts do - @default_facts.merge({ :osfamily => 'RedHat' }) - end - before do - params.merge!({ - :keystone_identity_uri => 'https://foo.bar:1234/', - }) - end - it 'configures identity_uri' do - is_expected.to contain_gnocchi_config('keystone_authtoken/identity_uri').with_value("https://foo.bar:1234/"); - is_expected.to contain_gnocchi_api_paste_ini('pipeline:main/pipeline').with_value('gnocchi+auth'); - end - end - - describe "with custom keystone identity_uri and auth_uri" do - let :facts do - @default_facts.merge({ :osfamily => 'RedHat' }) - end - before do - params.merge!({ - :keystone_identity_uri => 'https://foo.bar:35357/', - :keystone_auth_uri => 'https://foo.bar:5000/v2.0/', - }) - end - it 'configures identity_uri and auth_uri but deprecates old auth settings' do - is_expected.to contain_gnocchi_config('keystone_authtoken/identity_uri').with_value("https://foo.bar:35357/"); - is_expected.to contain_gnocchi_config('keystone_authtoken/auth_uri').with_value("https://foo.bar:5000/v2.0/"); - is_expected.to contain_gnocchi_api_paste_ini('pipeline:main/pipeline').with_value('gnocchi+auth'); - end - end - -end diff --git a/gnocchi/spec/classes/gnocchi_client_spec.rb b/gnocchi/spec/classes/gnocchi_client_spec.rb deleted file mode 100644 index 34248061e..000000000 --- a/gnocchi/spec/classes/gnocchi_client_spec.rb +++ /dev/null @@ -1,33 +0,0 @@ -require 'spec_helper' - -describe 'gnocchi::client' do - - shared_examples_for 'gnocchi client' do - - it { is_expected.to contain_class('gnocchi::params') } - - it 'installs gnocchi client package' do - is_expected.to contain_package('python-gnocchiclient').with( - :ensure => 'present', - :name => 'python-gnocchiclient', - :tag => 'openstack', - ) - end - end - - context 'on Debian platforms' do - let :facts do - @default_facts.merge({ :osfamily => 'Debian' }) - end - - it_configures 'gnocchi client' - end - - context 'on RedHat platforms' do - let :facts do - @default_facts.merge({ :osfamily => 'RedHat' }) - end - - it_configures 'gnocchi client' - end -end diff --git a/gnocchi/spec/classes/gnocchi_config_spec.rb b/gnocchi/spec/classes/gnocchi_config_spec.rb deleted file mode 100644 index 8f25abd52..000000000 --- a/gnocchi/spec/classes/gnocchi_config_spec.rb +++ /dev/null @@ -1,31 +0,0 @@ -require 'spec_helper' - -describe 'gnocchi::config' do - - let :params do - { :gnocchi_config => { - 'DEFAULT/foo' => { 'value' => 'fooValue' }, - 'DEFAULT/bar' => { 'value' => 'barValue' }, - 'DEFAULT/baz' => { 'ensure' => 'absent' } - }, - :gnocchi_api_paste_ini => { - 'DEFAULT/foo2' => { 'value' => 'fooValue' }, - 'DEFAULT/bar2' => { 'value' => 'barValue' }, - 'DEFAULT/baz2' => { 'ensure' => 'absent' } - } - } - end - - it 'configures arbitrary gnocchi configurations' do - is_expected.to contain_gnocchi_config('DEFAULT/foo').with_value('fooValue') - is_expected.to contain_gnocchi_config('DEFAULT/bar').with_value('barValue') - is_expected.to contain_gnocchi_config('DEFAULT/baz').with_ensure('absent') - end - - it 'configures arbitrary gnocchi-api-paste configurations' do - is_expected.to contain_gnocchi_api_paste_ini('DEFAULT/foo2').with_value('fooValue') - is_expected.to contain_gnocchi_api_paste_ini('DEFAULT/bar2').with_value('barValue') - is_expected.to contain_gnocchi_api_paste_ini('DEFAULT/baz2').with_ensure('absent') - end - -end diff --git a/gnocchi/spec/classes/gnocchi_db_mysql_spec.rb b/gnocchi/spec/classes/gnocchi_db_mysql_spec.rb deleted file mode 100644 index 15ba863e8..000000000 --- a/gnocchi/spec/classes/gnocchi_db_mysql_spec.rb +++ /dev/null @@ -1,62 +0,0 @@ -require 'spec_helper' - -describe 'gnocchi::db::mysql' do - - let :pre_condition do - [ - 'include mysql::server', - 'include gnocchi::db::sync' - ] - end - - let :facts do - @default_facts.merge({ :osfamily => 'Debian' }) - end - - let :params do - { - 'password' => 'fooboozoo_default_password', - } - end - - describe 'with only required params' do - it { is_expected.to contain_openstacklib__db__mysql('gnocchi').with( - 'user' => 'gnocchi', - 'password_hash' => '*3DDF34A86854A312A8E2C65B506E21C91800D206', - 'dbname' => 'gnocchi', - 'host' => '127.0.0.1', - 'charset' => 'utf8', - :collate => 'utf8_general_ci', - )} - end - - describe "overriding allowed_hosts param to array" do - let :params do - { - :password => 'gnocchipass', - :allowed_hosts => ['127.0.0.1','%'] - } - end - - end - describe "overriding allowed_hosts param to string" do - let :params do - { - :password => 'gnocchipass2', - :allowed_hosts => '192.168.1.1' - } - end - - end - - describe "overriding allowed_hosts param equals to host param " do - let :params do - { - :password => 'gnocchipass2', - :allowed_hosts => '127.0.0.1' - } - end - - end - -end diff --git a/gnocchi/spec/classes/gnocchi_db_postgresql_spec.rb b/gnocchi/spec/classes/gnocchi_db_postgresql_spec.rb deleted file mode 100644 index 2d44a5536..000000000 --- a/gnocchi/spec/classes/gnocchi_db_postgresql_spec.rb +++ /dev/null @@ -1,58 +0,0 @@ -require 'spec_helper' - -describe 'gnocchi::db::postgresql' do - - let :req_params do - { :password => 'pw' } - end - - let :pre_condition do - 'include postgresql::server' - end - - context 'on a RedHat osfamily' do - let :facts do - @default_facts.merge({ - :osfamily => 'RedHat', - :operatingsystemrelease => '7.0', - :concat_basedir => '/var/lib/puppet/concat', - }) - end - - context 'with only required parameters' do - let :params do - req_params - end - - it { is_expected.to contain_postgresql__server__db('gnocchi').with( - :user => 'gnocchi', - :password => 'md590440288cb225f56d585b88ad270cd37' - )} - end - - end - - context 'on a Debian osfamily' do - let :facts do - @default_facts.merge({ - :operatingsystemrelease => '7.8', - :operatingsystem => 'Debian', - :osfamily => 'Debian', - :concat_basedir => '/var/lib/puppet/concat', - }) - end - - context 'with only required parameters' do - let :params do - req_params - end - - it { is_expected.to contain_postgresql__server__db('gnocchi').with( - :user => 'gnocchi', - :password => 'md590440288cb225f56d585b88ad270cd37' - )} - end - - end - -end diff --git a/gnocchi/spec/classes/gnocchi_db_spec.rb b/gnocchi/spec/classes/gnocchi_db_spec.rb deleted file mode 100644 index 75752b6bd..000000000 --- a/gnocchi/spec/classes/gnocchi_db_spec.rb +++ /dev/null @@ -1,116 +0,0 @@ -require 'spec_helper' - -describe 'gnocchi::db' do - - shared_examples 'gnocchi::db' do - - context 'with default parameters' do - it { is_expected.to contain_gnocchi_config('indexer/url').with_value('sqlite:////var/lib/gnocchi/gnocchi.sqlite').with_secret(true) } - - it 'installs packages' do - is_expected.to contain_package('gnocchi-indexer-sqlalchemy').with( - :name => platform_params[:gnocchi_indexer_package], - :ensure => 'present', - :tag => ['openstack', 'gnocchi-package'] - ) - end - end - - context 'with specific parameters' do - let :params do - { :database_connection => 'mysql+pymysql://gnocchi:gnocchi@localhost/gnocchi' } - end - - it { is_expected.to contain_gnocchi_config('indexer/url').with_value('mysql+pymysql://gnocchi:gnocchi@localhost/gnocchi').with_secret(true) } - - end - - context 'with postgresql backend' do - let :params do - { :database_connection => 'postgresql://gnocchi:gnocchi@localhost/gnocchi', } - end - - it 'install the proper backend package' do - is_expected.to contain_package('python-psycopg2').with(:ensure => 'present') - end - end - - context 'with MySQL-python library as backend package' do - let :params do - { :database_connection => 'mysql://gnocchi:gnocchi@localhost/gnocchi', } - end - - it { is_expected.to contain_package('python-mysqldb').with(:ensure => 'present') } - end - - context 'with incorrect database_connection string' do - let :params do - { :database_connection => 'redis://gnocchi:gnocchi@localhost/gnocchi', } - end - - it_raises 'a Puppet::Error', /validate_re/ - end - - context 'with incorrect pymysql database_connection string' do - let :params do - { :database_connection => 'foo+pymysql://gnocchi:gnocchi@localhost/gnocchi', } - end - - it_raises 'a Puppet::Error', /validate_re/ - end - end - - context 'on Debian platforms' do - let :facts do - @default_facts.merge({ - :osfamily => 'Debian', - :operatingsystem => 'Debian', - :operatingsystemrelease => 'jessie', - }) - end - - let :platform_params do - { :gnocchi_indexer_package => 'gnocchi-indexer-sqlalchemy' } - end - - it_configures 'gnocchi::db' - - context 'using pymysql driver' do - let :params do - { :database_connection => 'mysql+pymysql://gnocchi:gnocchi@localhost/gnocchi', } - end - - it 'install the proper backend package' do - is_expected.to contain_package('gnocchi-backend-package').with( - :ensure => 'present', - :name => 'python-pymysql', - :tag => 'openstack' - ) - end - end - end - - context 'on Redhat platforms' do - let :facts do - @default_facts.merge({ - :osfamily => 'RedHat', - :operatingsystemrelease => '7.1', - }) - end - - let :platform_params do - { :gnocchi_indexer_package => 'openstack-gnocchi-indexer-sqlalchemy' } - end - - it_configures 'gnocchi::db' - - context 'using pymysql driver' do - let :params do - { :database_connection => 'mysql+pymysql://gnocchi:gnocchi@localhost/gnocchi', } - end - - it { is_expected.not_to contain_package('gnocchi-backend-package') } - end - end - -end diff --git a/gnocchi/spec/classes/gnocchi_db_sync_spec.rb b/gnocchi/spec/classes/gnocchi_db_sync_spec.rb deleted file mode 100644 index 5702095f5..000000000 --- a/gnocchi/spec/classes/gnocchi_db_sync_spec.rb +++ /dev/null @@ -1,56 +0,0 @@ -require 'spec_helper' - -describe 'gnocchi::db::sync' do - - shared_examples_for 'gnocchi-dbsync' do - - it 'runs gnocchi-manage db_sync' do - is_expected.to contain_exec('gnocchi-db-sync').with( - :command => 'gnocchi-upgrade --config-file /etc/gnocchi/gnocchi.conf ', - :path => '/usr/bin', - :user => 'gnocchi', - :refreshonly => 'true', - :logoutput => 'on_failure' - ) - end - describe "overriding extra_opts" do - let :params do - { - :extra_opts => '--skip-storage', - } - end - it { is_expected.to contain_exec('gnocchi-db-sync').with( - :command => 'gnocchi-upgrade --config-file /etc/gnocchi/gnocchi.conf --skip-storage', - :path => '/usr/bin', - :user => 'gnocchi', - :refreshonly => 'true', - :logoutput => 'on_failure' - ) - } - end - end - - context 'on a RedHat osfamily' do - let :facts do - { - :osfamily => 'RedHat', - :operatingsystemrelease => '7.0', - } - end - - it_configures 'gnocchi-dbsync' - end - - context 'on a Debian osfamily' do - let :facts do - { - :operatingsystemrelease => '7.8', - :operatingsystem => 'Debian', - :osfamily => 'Debian', - } - end - - it_configures 'gnocchi-dbsync' - end - -end diff --git a/gnocchi/spec/classes/gnocchi_init_spec.rb b/gnocchi/spec/classes/gnocchi_init_spec.rb deleted file mode 100644 index 8231a9a4b..000000000 --- a/gnocchi/spec/classes/gnocchi_init_spec.rb +++ /dev/null @@ -1,49 +0,0 @@ -require 'spec_helper' - -describe 'gnocchi' do - - shared_examples 'gnocchi' do - - context 'with default parameters' do - it 'contains the logging class' do - is_expected.to contain_class('gnocchi::logging') - end - - it 'installs packages' do - is_expected.to contain_package('gnocchi').with( - :name => platform_params[:gnocchi_common_package], - :ensure => 'present', - :tag => ['openstack', 'gnocchi-package'] - ) - end - end - end - - context 'on Debian platforms' do - let :facts do - @default_facts.merge({ - :osfamily => 'Debian', - :operatingsystem => 'Debian', - }) - end - - let :platform_params do - { :gnocchi_common_package => 'gnocchi-common' } - end - - it_behaves_like 'gnocchi' - end - - context 'on RedHat platforms' do - let :facts do - @default_facts.merge({ :osfamily => 'RedHat' }) - end - - let :platform_params do - { :gnocchi_common_package => 'openstack-gnocchi-common' } - end - - it_behaves_like 'gnocchi' - end - -end diff --git a/gnocchi/spec/classes/gnocchi_keystone_auth_spec.rb b/gnocchi/spec/classes/gnocchi_keystone_auth_spec.rb deleted file mode 100644 index e5d53aefe..000000000 --- a/gnocchi/spec/classes/gnocchi_keystone_auth_spec.rb +++ /dev/null @@ -1,120 +0,0 @@ -# -# Unit tests for gnocchi::keystone::auth -# - -require 'spec_helper' - -describe 'gnocchi::keystone::auth' do - - let :facts do - { :osfamily => 'Debian' } - end - - describe 'with default class parameters' do - let :params do - { :password => 'gnocchi_password', - :tenant => 'foobar' } - end - - it { is_expected.to contain_keystone_user('gnocchi').with( - :ensure => 'present', - :password => 'gnocchi_password', - ) } - - it { is_expected.to contain_keystone_user_role('gnocchi@foobar').with( - :ensure => 'present', - :roles => ['admin'] - )} - - it { is_expected.to contain_keystone_service('gnocchi::metric').with( - :ensure => 'present', - :description => 'OpenStack Metric Service' - ) } - - it { is_expected.to contain_keystone_endpoint('RegionOne/gnocchi::metric').with( - :ensure => 'present', - :public_url => 'http://127.0.0.1:8041', - :admin_url => 'http://127.0.0.1:8041', - :internal_url => 'http://127.0.0.1:8041', - ) } - end - - describe 'when overriding URL parameters' do - let :params do - { :password => 'gnocchi_password', - :public_url => 'https://10.10.10.10:80', - :internal_url => 'http://10.10.10.11:81', - :admin_url => 'http://10.10.10.12:81' } - end - - it { is_expected.to contain_keystone_endpoint('RegionOne/gnocchi::metric').with( - :ensure => 'present', - :public_url => 'https://10.10.10.10:80', - :internal_url => 'http://10.10.10.11:81', - :admin_url => 'http://10.10.10.12:81' - ) } - end - - describe 'when overriding auth name' do - let :params do - { :password => 'foo', - :auth_name => 'gnocchiany' } - end - - it { is_expected.to contain_keystone_user('gnocchiany') } - it { is_expected.to contain_keystone_user_role('gnocchiany@services') } - it { is_expected.to contain_keystone_service('gnocchiany::metric') } - it { is_expected.to contain_keystone_endpoint('RegionOne/gnocchiany::metric') } - end - - describe 'when overriding service name' do - let :params do - { :service_name => 'gnocchi_service', - :auth_name => 'gnocchi', - :password => 'gnocchi_password' } - end - - it { is_expected.to contain_keystone_user('gnocchi') } - it { is_expected.to contain_keystone_user_role('gnocchi@services') } - it { is_expected.to contain_keystone_service('gnocchi_service::metric') } - it { is_expected.to contain_keystone_endpoint('RegionOne/gnocchi_service::metric') } - end - - describe 'when disabling user configuration' do - - let :params do - { - :password => 'gnocchi_password', - :configure_user => false - } - end - - it { is_expected.not_to contain_keystone_user('gnocchi') } - it { is_expected.to contain_keystone_user_role('gnocchi@services') } - it { is_expected.to contain_keystone_service('gnocchi::metric').with( - :ensure => 'present', - :description => 'OpenStack Metric Service' - ) } - - end - - describe 'when disabling user and user role configuration' do - - let :params do - { - :password => 'gnocchi_password', - :configure_user => false, - :configure_user_role => false - } - end - - it { is_expected.not_to contain_keystone_user('gnocchi') } - it { is_expected.not_to contain_keystone_user_role('gnocchi@services') } - it { is_expected.to contain_keystone_service('gnocchi::metric').with( - :ensure => 'present', - :description => 'OpenStack Metric Service' - ) } - - end - -end diff --git a/gnocchi/spec/classes/gnocchi_logging_spec.rb b/gnocchi/spec/classes/gnocchi_logging_spec.rb deleted file mode 100644 index 662034135..000000000 --- a/gnocchi/spec/classes/gnocchi_logging_spec.rb +++ /dev/null @@ -1,143 +0,0 @@ -require 'spec_helper' - -describe 'gnocchi::logging' do - - let :params do - { - } - end - - let :log_params do - { - :logging_context_format_string => '%(asctime)s.%(msecs)03d %(process)d %(levelname)s %(name)s [%(request_id)s %(user_identity)s] %(instance)s%(message)s', - :logging_default_format_string => '%(asctime)s.%(msecs)03d %(process)d %(levelname)s %(name)s [-] %(instance)s%(message)s', - :logging_debug_format_suffix => '%(funcName)s %(pathname)s:%(lineno)d', - :logging_exception_prefix => '%(asctime)s.%(msecs)03d %(process)d TRACE %(name)s %(instance)s', - :log_config_append => '/etc/gnocchi/logging.conf', - :publish_errors => true, - :default_log_levels => { - 'amqp' => 'WARN', 'amqplib' => 'WARN', 'boto' => 'WARN', - 'qpid' => 'WARN', 'sqlalchemy' => 'WARN', 'suds' => 'INFO', - 'iso8601' => 'WARN', - 'requests.packages.urllib3.connectionpool' => 'WARN' }, - :fatal_deprecations => true, - :instance_format => '[instance: %(uuid)s] ', - :instance_uuid_format => '[instance: %(uuid)s] ', - :log_date_format => '%Y-%m-%d %H:%M:%S', - :use_syslog => true, - :use_stderr => false, - :log_facility => 'LOG_FOO', - :log_dir => '/tmp/gnocchi', - :verbose => true, - :debug => true, - } - end - - shared_examples_for 'gnocchi-logging' do - - context 'with basic logging options and default settings' do - it_configures 'basic default logging settings' - end - - context 'with basic logging options and non-default settings' do - before { params.merge!( log_params ) } - it_configures 'basic non-default logging settings' - end - - context 'with extended logging options' do - before { params.merge!( log_params ) } - it_configures 'logging params set' - end - - context 'without extended logging options' do - it_configures 'logging params unset' - end - - end - - shared_examples 'basic default logging settings' do - it 'configures gnocchi logging settings with default values' do - is_expected.to contain_gnocchi_config('DEFAULT/use_syslog').with(:value => '') - is_expected.to contain_gnocchi_config('DEFAULT/use_stderr').with(:value => '') - is_expected.to contain_gnocchi_config('DEFAULT/syslog_log_facility').with(:value => '') - is_expected.to contain_gnocchi_config('DEFAULT/log_dir').with(:value => '/var/log/gnocchi') - is_expected.to contain_gnocchi_config('DEFAULT/verbose').with(:value => '') - is_expected.to contain_gnocchi_config('DEFAULT/debug').with(:value => '') - end - end - - shared_examples 'basic non-default logging settings' do - it 'configures gnocchi logging settins with non-default values' do - is_expected.to contain_gnocchi_config('DEFAULT/use_syslog').with(:value => 'true') - is_expected.to contain_gnocchi_config('DEFAULT/use_stderr').with(:value => 'false') - is_expected.to contain_gnocchi_config('DEFAULT/syslog_log_facility').with(:value => 'LOG_FOO') - is_expected.to contain_gnocchi_config('DEFAULT/log_dir').with(:value => '/tmp/gnocchi') - is_expected.to contain_gnocchi_config('DEFAULT/verbose').with(:value => 'true') - is_expected.to contain_gnocchi_config('DEFAULT/debug').with(:value => 'true') - end - end - - shared_examples_for 'logging params set' do - it 'enables logging params' do - is_expected.to contain_gnocchi_config('DEFAULT/logging_context_format_string').with_value( - '%(asctime)s.%(msecs)03d %(process)d %(levelname)s %(name)s [%(request_id)s %(user_identity)s] %(instance)s%(message)s') - - is_expected.to contain_gnocchi_config('DEFAULT/logging_default_format_string').with_value( - '%(asctime)s.%(msecs)03d %(process)d %(levelname)s %(name)s [-] %(instance)s%(message)s') - - is_expected.to contain_gnocchi_config('DEFAULT/logging_debug_format_suffix').with_value( - '%(funcName)s %(pathname)s:%(lineno)d') - - is_expected.to contain_gnocchi_config('DEFAULT/logging_exception_prefix').with_value( - '%(asctime)s.%(msecs)03d %(process)d TRACE %(name)s %(instance)s') - - is_expected.to contain_gnocchi_config('DEFAULT/log_config_append').with_value( - '/etc/gnocchi/logging.conf') - is_expected.to contain_gnocchi_config('DEFAULT/publish_errors').with_value( - true) - - is_expected.to contain_gnocchi_config('DEFAULT/default_log_levels').with_value( - 'amqp=WARN,amqplib=WARN,boto=WARN,iso8601=WARN,qpid=WARN,requests.packages.urllib3.connectionpool=WARN,sqlalchemy=WARN,suds=INFO') - - is_expected.to contain_gnocchi_config('DEFAULT/fatal_deprecations').with_value( - true) - - is_expected.to contain_gnocchi_config('DEFAULT/instance_format').with_value( - '[instance: %(uuid)s] ') - - is_expected.to contain_gnocchi_config('DEFAULT/instance_uuid_format').with_value( - '[instance: %(uuid)s] ') - - is_expected.to contain_gnocchi_config('DEFAULT/log_date_format').with_value( - '%Y-%m-%d %H:%M:%S') - end - end - - shared_examples_for 'logging params unset' do - [ :logging_context_format_string, :logging_default_format_string, - :logging_debug_format_suffix, :logging_exception_prefix, - :log_config_append, :publish_errors, - :default_log_levels, :fatal_deprecations, - :instance_format, :instance_uuid_format, - :log_date_format, ].each { |param| - it { is_expected.to contain_gnocchi_config("DEFAULT/#{param}").with(:value => '') } - } - end - - context 'on Debian platforms' do - let :facts do - @default_facts.merge({ :osfamily => 'Debian' }) - end - - it_configures 'gnocchi-logging' - end - - context 'on RedHat platforms' do - let :facts do - @default_facts.merge({ :osfamily => 'RedHat' }) - end - - it_configures 'gnocchi-logging' - end - -end diff --git a/gnocchi/spec/classes/gnocchi_metricd_spec.rb b/gnocchi/spec/classes/gnocchi_metricd_spec.rb deleted file mode 100644 index b947f1595..000000000 --- a/gnocchi/spec/classes/gnocchi_metricd_spec.rb +++ /dev/null @@ -1,91 +0,0 @@ -require 'spec_helper' - -describe 'gnocchi::metricd' do - - let :params do { } - end - - shared_examples_for 'gnocchi-metricd' do - - it { is_expected.to contain_class('gnocchi::params') } - - it 'installs gnocchi-metricd package' do - is_expected.to contain_package('gnocchi-metricd').with( - :ensure => 'present', - :name => platform_params[:metricd_package_name], - :tag => ['openstack', 'gnocchi-package'], - ) - end - - [{:enabled => true}, {:enabled => false}].each do |param_hash| - context "when service should be #{param_hash[:enabled] ? 'enabled' : 'disabled'}" do - before do - params.merge!(param_hash) - end - - it 'configures gnocchi-metricd service' do - is_expected.to contain_service('gnocchi-metricd').with( - :ensure => params[:enabled] ? 'running' : 'stopped', - :name => platform_params[:metricd_service_name], - :enable => params[:enabled], - :hasstatus => true, - :hasrestart => true, - :tag => ['gnocchi-service', 'gnocchi-db-sync-service'], - ) - end - end - end - - context 'with disabled service managing' do - before do - params.merge!({ - :manage_service => false, - :enabled => false }) - end - - it 'configures gnocchi-metricd service' do - is_expected.to contain_service('gnocchi-metricd').with( - :ensure => nil, - :name => platform_params[:metricd_service_name], - :enable => false, - :hasstatus => true, - :hasrestart => true, - :tag => ['gnocchi-service', 'gnocchi-db-sync-service'], - ) - end - end - end - - context 'on Debian platforms' do - let :facts do - @default_facts.merge({ - :osfamily => 'Debian', - :operatingsystem => 'Debian', - }) - end - - let :platform_params do - { :metricd_package_name => 'gnocchi-metricd', - :metricd_service_name => 'gnocchi-metricd' } - end - - it_configures 'gnocchi-metricd' - end - - context 'on RedHat platforms' do - let :facts do - @default_facts.merge({ - :osfamily => 'RedHat', - :operatingsystem => 'RedHat', - }) - end - - let :platform_params do - { :metricd_package_name => 'openstack-gnocchi-metricd', - :metricd_service_name => 'openstack-gnocchi-metricd' } - end - - it_configures 'gnocchi-metricd' - end - -end diff --git a/gnocchi/spec/classes/gnocchi_policy_spec.rb b/gnocchi/spec/classes/gnocchi_policy_spec.rb deleted file mode 100644 index c8a1cf2ee..000000000 --- a/gnocchi/spec/classes/gnocchi_policy_spec.rb +++ /dev/null @@ -1,41 +0,0 @@ -require 'spec_helper' - -describe 'gnocchi::policy' do - - shared_examples_for 'gnocchi policies' do - let :params do - { - :policy_path => '/etc/gnocchi/policy.json', - :policies => { - 'context_is_admin' => { - 'key' => 'context_is_admin', - 'value' => 'foo:bar' - } - } - } - end - - it 'set up the policies' do - is_expected.to contain_openstacklib__policy__base('context_is_admin').with({ - :key => 'context_is_admin', - :value => 'foo:bar' - }) - end - end - - context 'on Debian platforms' do - let :facts do - @default_facts.merge({ :osfamily => 'Debian' }) - end - - it_configures 'gnocchi policies' - end - - context 'on RedHat platforms' do - let :facts do - @default_facts.merge({ :osfamily => 'RedHat' }) - end - - it_configures 'gnocchi policies' - end -end diff --git a/gnocchi/spec/classes/gnocchi_statsd_spec.rb b/gnocchi/spec/classes/gnocchi_statsd_spec.rb deleted file mode 100644 index afcf19ad2..000000000 --- a/gnocchi/spec/classes/gnocchi_statsd_spec.rb +++ /dev/null @@ -1,107 +0,0 @@ -require 'spec_helper' - -describe 'gnocchi::statsd' do - - let :params do - { :enabled => true, - :manage_service => true, - :resource_id => '07f26121-5777-48ba-8a0b-d70468133dd9', - :user_id => '07f26121-5777-48ba-8a0b-d70468133dd9', - :project_id => '07f26121-5777-48ba-8a0b-d70468133dd9', - :archive_policy_name => 'high', - :flush_delay => '200', - } - end - - shared_examples_for 'gnocchi-statsd' do - - it { is_expected.to contain_class('gnocchi::params') } - - it 'installs gnocchi-statsd package' do - is_expected.to contain_package('gnocchi-statsd').with( - :ensure => 'present', - :name => platform_params[:statsd_package_name], - :tag => ['openstack', 'gnocchi-package'], - ) - end - - it 'configures gnocchi statsd' do - is_expected.to contain_gnocchi_config('statsd/resource_id').with_value('07f26121-5777-48ba-8a0b-d70468133dd9') - is_expected.to contain_gnocchi_config('statsd/user_id').with_value('07f26121-5777-48ba-8a0b-d70468133dd9') - is_expected.to contain_gnocchi_config('statsd/project_id').with_value('07f26121-5777-48ba-8a0b-d70468133dd9') - is_expected.to contain_gnocchi_config('statsd/archive_policy_name').with_value('high') - is_expected.to contain_gnocchi_config('statsd/flush_delay').with_value('200') - end - - [{:enabled => true}, {:enabled => false}].each do |param_hash| - context "when service should be #{param_hash[:enabled] ? 'enabled' : 'disabled'}" do - before do - params.merge!(param_hash) - end - - it 'configures gnocchi-statsd service' do - is_expected.to contain_service('gnocchi-statsd').with( - :ensure => (params[:manage_service] && params[:enabled]) ? 'running' : 'stopped', - :name => platform_params[:statsd_service_name], - :enable => params[:enabled], - :hasstatus => true, - :hasrestart => true, - :tag => ['gnocchi-service', 'gnocchi-db-sync-service'], - ) - end - end - end - - context 'with disabled service managing' do - before do - params.merge!({ - :manage_service => false, - :enabled => false }) - end - - it 'configures gnocchi-statsd service' do - is_expected.to contain_service('gnocchi-statsd').with( - :ensure => nil, - :name => platform_params[:statsd_service_name], - :enable => false, - :hasstatus => true, - :hasrestart => true, - :tag => ['gnocchi-service', 'gnocchi-db-sync-service'], - ) - end - end - end - - context 'on Debian platforms' do - let :facts do - @default_facts.merge({ - :osfamily => 'Debian', - :operatingsystem => 'Debian', - }) - end - - let :platform_params do - { :statsd_package_name => 'gnocchi-statsd', - :statsd_service_name => 'gnocchi-statsd' } - end - - it_configures 'gnocchi-statsd' - end - - context 'on RedHat platforms' do - let :facts do - @default_facts.merge({ - :osfamily => 'RedHat', - :operatingsystem => 'RedHat', - }) - end - - let :platform_params do - { :statsd_package_name => 'openstack-gnocchi-statsd', - :statsd_service_name => 'openstack-gnocchi-statsd' } - end - - it_configures 'gnocchi-statsd' - end - -end diff --git a/gnocchi/spec/classes/gnocchi_storage_ceph_spec.rb b/gnocchi/spec/classes/gnocchi_storage_ceph_spec.rb deleted file mode 100644 index 7bd3d7a81..000000000 --- a/gnocchi/spec/classes/gnocchi_storage_ceph_spec.rb +++ /dev/null @@ -1,44 +0,0 @@ -# -# Unit tests for gnocchi::storage::ceph -# -require 'spec_helper' - -describe 'gnocchi::storage::ceph' do - - let :params do - { - :ceph_username => 'joe', - :ceph_keyring => 'client.admin', - } - end - - shared_examples 'gnocchi storage ceph' do - - context 'with default parameters' do - it 'configures gnocchi-api with default parameters' do - is_expected.to contain_gnocchi_config('storage/driver').with_value('ceph') - is_expected.to contain_gnocchi_config('storage/ceph_username').with_value('joe') - is_expected.to contain_gnocchi_config('storage/ceph_keyring').with_value('client.admin') - is_expected.to contain_gnocchi_config('storage/ceph_pool').with_value('gnocchi') - is_expected.to contain_gnocchi_config('storage/ceph_conffile').with_value('/etc/ceph/ceph.conf') - end - end - end - - context 'on Debian platforms' do - let :facts do - @default_facts.merge({ :osfamily => 'Debian' }) - end - - it_configures 'gnocchi storage ceph' - end - - context 'on RedHat platforms' do - let :facts do - @default_facts.merge({ :osfamily => 'RedHat' }) - end - - it_configures 'gnocchi storage ceph' - end - -end diff --git a/gnocchi/spec/classes/gnocchi_storage_file_spec.rb b/gnocchi/spec/classes/gnocchi_storage_file_spec.rb deleted file mode 100644 index 8565d66f2..000000000 --- a/gnocchi/spec/classes/gnocchi_storage_file_spec.rb +++ /dev/null @@ -1,38 +0,0 @@ -# -# Unit tests for gnocchi::storage::file -# -require 'spec_helper' - -describe 'gnocchi::storage::file' do - - let :params do - {} - end - - shared_examples 'gnocchi storage file' do - - context 'with default parameters' do - it 'configures gnocchi-api with default parameters' do - is_expected.to contain_gnocchi_config('storage/driver').with_value('file') - is_expected.to contain_gnocchi_config('storage/file_basepath').with_value('/var/lib/gnocchi') - end - end - end - - context 'on Debian platforms' do - let :facts do - @default_facts.merge({ :osfamily => 'Debian' }) - end - - it_configures 'gnocchi storage file' - end - - context 'on RedHat platforms' do - let :facts do - @default_facts.merge({ :osfamily => 'RedHat' }) - end - - it_configures 'gnocchi storage file' - end - -end diff --git a/gnocchi/spec/classes/gnocchi_storage_influxdb_spec.rb b/gnocchi/spec/classes/gnocchi_storage_influxdb_spec.rb deleted file mode 100644 index b24fa959e..000000000 --- a/gnocchi/spec/classes/gnocchi_storage_influxdb_spec.rb +++ /dev/null @@ -1,67 +0,0 @@ -# -# Unit tests for gnocchi::storage::influxdb -# -require 'spec_helper' - -describe 'gnocchi::storage::influxdb' do - - let :params do - {} - end - - shared_examples 'gnocchi storage influxdb' do - - context 'with default parameters' do - it 'configures gnocchi-api with default parameters' do - is_expected.to contain_gnocchi_config('storage/driver').with_value('influxdb') - is_expected.to contain_gnocchi_config('storage/influxdb_host').with_value('localhost') - is_expected.to contain_gnocchi_config('storage/influxdb_port').with_value(8086) - is_expected.to contain_gnocchi_config('storage/influxdb_database').with_value('gnocchi') - is_expected.to contain_gnocchi_config('storage/influxdb_username').with_value('root') - end - end - end - - context 'with overridden parameters' do - let :params do - { :influxdb_host => '127.0.0.1', - :influxdb_port => 80, - :influxdb_database => 'mydb', - :influxdb_username => 'gnocchi', - :influxdb_password => 'private', - :influxdb_block_until_data_ingested => true, - } - end - - it 'configures gnocchi-api with explicit parameters' do - is_expected.to contain_gnocchi_config('storage/driver').with_value('influxdb') - is_expected.to contain_gnocchi_config('storage/influxdb_host').with_value('127.0.0.1') - is_expected.to contain_gnocchi_config('storage/influxdb_port').with_value(80) - is_expected.to contain_gnocchi_config('storage/influxdb_database').with_value('mydb') - is_expected.to contain_gnocchi_config('storage/influxdb_username').with_value('gnocchi') - is_expected.to contain_gnocchi_config('storage/influxdb_password').with_value('private').with_secret(true) - is_expected.to contain_gnocchi_config('storage/influxdb_block_until_data_ingested').with_value('true') - end - end - - context 'on Debian platforms' do - let :facts do - { - :osfamily => 'Debian' - } - end - - it_configures 'gnocchi storage influxdb' - end - - context 'on RedHat platforms' do - let :facts do - { - :osfamily => 'RedHat' - } - end - - it_configures 'gnocchi storage influxdb' - end - -end diff --git a/gnocchi/spec/classes/gnocchi_storage_spec.rb b/gnocchi/spec/classes/gnocchi_storage_spec.rb deleted file mode 100644 index 57a109116..000000000 --- a/gnocchi/spec/classes/gnocchi_storage_spec.rb +++ /dev/null @@ -1,61 +0,0 @@ -require 'spec_helper' - -describe 'gnocchi::storage' do - - let :params do - { :package_ensure => 'latest' } - end - - shared_examples_for 'gnocchi-storage' do - - it { is_expected.to contain_class('gnocchi::params') } - - it 'installs gnocchi-carbonara package' do - is_expected.to contain_package('gnocchi-carbonara').with( - :ensure => 'latest', - :name => platform_params[:carbonara_package_name], - :tag => ['openstack', 'gnocchi-package'], - ) - end - - context 'with coordination' do - before do - params.merge!({ :coordination_url => 'redis://localhost:6379' }) - end - - it 'configures backend_url' do - is_expected.to contain_gnocchi_config('storage/coordination_url').with_value('redis://localhost:6379') - end - end - end - - context 'on Debian platforms' do - let :facts do - @default_facts.merge({ - :osfamily => 'Debian', - :operatingsystem => 'Debian', - }) - end - - let :platform_params do - { :carbonara_package_name => 'gnocchi-carbonara' } - end - - it_configures 'gnocchi-storage' - end - - context 'on RedHat platforms' do - let :facts do - @default_facts.merge({ - :osfamily => 'RedHat', - :operatingsystem => 'RedHat', - }) - end - - let :platform_params do - { :carbonara_package_name => 'openstack-gnocchi-carbonara' } - end - - it_configures 'gnocchi-storage' - end -end diff --git a/gnocchi/spec/classes/gnocchi_storage_swift_spec.rb b/gnocchi/spec/classes/gnocchi_storage_swift_spec.rb deleted file mode 100644 index 92c9ec860..000000000 --- a/gnocchi/spec/classes/gnocchi_storage_swift_spec.rb +++ /dev/null @@ -1,41 +0,0 @@ -# -# Unit tests for gnocchi::storage::swift -# -require 'spec_helper' - -describe 'gnocchi::storage::swift' do - - let :params do - {} - end - - shared_examples 'gnocchi storage swift' do - - context 'with default parameters' do - it 'configures gnocchi-api with default parameters' do - is_expected.to contain_gnocchi_config('storage/driver').with_value('swift') - is_expected.to contain_gnocchi_config('storage/swift_user').with_value('admin:admin') - is_expected.to contain_gnocchi_config('storage/swift_key').with_value('admin') - is_expected.to contain_gnocchi_config('storage/swift_authurl').with_value('http://localhost:8080/auth/v1.0') - is_expected.to contain_gnocchi_config('storage/swift_auth_version').with_value('1') - end - end - end - - context 'on Debian platforms' do - let :facts do - @default_facts.merge({ :osfamily => 'Debian' }) - end - - it_configures 'gnocchi storage swift' - end - - context 'on RedHat platforms' do - let :facts do - @default_facts.merge({ :osfamily => 'RedHat' }) - end - - it_configures 'gnocchi storage swift' - end - -end diff --git a/gnocchi/spec/classes/gnocchi_wsgi_apache_spec.rb b/gnocchi/spec/classes/gnocchi_wsgi_apache_spec.rb deleted file mode 100644 index 187e2cb47..000000000 --- a/gnocchi/spec/classes/gnocchi_wsgi_apache_spec.rb +++ /dev/null @@ -1,124 +0,0 @@ -require 'spec_helper' - -describe 'gnocchi::wsgi::apache' do - - let :global_facts do - @default_facts.merge({ - :processorcount => 42, - :concat_basedir => '/var/lib/puppet/concat', - :fqdn => 'some.host.tld', - }) - end - - shared_examples_for 'apache serving gnocchi with mod_wsgi' do - it { is_expected.to contain_service('httpd').with_name(platform_parameters[:httpd_service_name]) } - it { is_expected.to contain_class('gnocchi::params') } - it { is_expected.to contain_class('apache') } - it { is_expected.to contain_class('apache::mod::wsgi') } - - describe 'with default parameters' do - - it { is_expected.to contain_file("#{platform_parameters[:wsgi_script_path]}").with( - 'ensure' => 'directory', - 'owner' => 'gnocchi', - 'group' => 'gnocchi', - 'require' => 'Package[httpd]' - )} - - - it { is_expected.to contain_file('gnocchi_wsgi').with( - 'ensure' => 'file', - 'path' => "#{platform_parameters[:wsgi_script_path]}/app", - 'source' => platform_parameters[:wsgi_script_source], - 'owner' => 'gnocchi', - 'group' => 'gnocchi', - 'mode' => '0644' - )} - it { is_expected.to contain_file('gnocchi_wsgi').that_requires("File[#{platform_parameters[:wsgi_script_path]}]") } - - it { is_expected.to contain_apache__vhost('gnocchi_wsgi').with( - 'servername' => 'some.host.tld', - 'ip' => nil, - 'port' => '8041', - 'docroot' => "#{platform_parameters[:wsgi_script_path]}", - 'docroot_owner' => 'gnocchi', - 'docroot_group' => 'gnocchi', - 'ssl' => 'true', - 'wsgi_daemon_process' => 'gnocchi', - 'wsgi_process_group' => 'gnocchi', - 'wsgi_script_aliases' => { '/' => "#{platform_parameters[:wsgi_script_path]}/app" }, - 'require' => 'File[gnocchi_wsgi]' - )} - it { is_expected.to contain_file("#{platform_parameters[:httpd_ports_file]}") } - end - - describe 'when overriding parameters using different ports' do - let :params do - { - :servername => 'dummy.host', - :bind_host => '10.42.51.1', - :port => 12345, - :ssl => false, - :workers => 37, - } - end - - it { is_expected.to contain_apache__vhost('gnocchi_wsgi').with( - 'servername' => 'dummy.host', - 'ip' => '10.42.51.1', - 'port' => '12345', - 'docroot' => "#{platform_parameters[:wsgi_script_path]}", - 'docroot_owner' => 'gnocchi', - 'docroot_group' => 'gnocchi', - 'ssl' => 'false', - 'wsgi_daemon_process' => 'gnocchi', - 'wsgi_process_group' => 'gnocchi', - 'wsgi_script_aliases' => { '/' => "#{platform_parameters[:wsgi_script_path]}/app" }, - 'require' => 'File[gnocchi_wsgi]' - )} - - it { is_expected.to contain_file("#{platform_parameters[:httpd_ports_file]}") } - end - end - - context 'on RedHat platforms' do - let :facts do - global_facts.merge({ - :osfamily => 'RedHat', - :operatingsystemrelease => '7.0' - }) - end - - let :platform_parameters do - { - :httpd_service_name => 'httpd', - :httpd_ports_file => '/etc/httpd/conf/ports.conf', - :wsgi_script_path => '/var/www/cgi-bin/gnocchi', - :wsgi_script_source => '/usr/lib/python2.7/site-packages/gnocchi/rest/app.wsgi' - } - end - - it_configures 'apache serving gnocchi with mod_wsgi' - end - - context 'on Debian platforms' do - let :facts do - global_facts.merge({ - :osfamily => 'Debian', - :operatingsystem => 'Debian', - :operatingsystemrelease => '7.0' - }) - end - - let :platform_parameters do - { - :httpd_service_name => 'apache2', - :httpd_ports_file => '/etc/apache2/ports.conf', - :wsgi_script_path => '/usr/lib/cgi-bin/gnocchi', - :wsgi_script_source => '/usr/share/gnocchi-common/app.wsgi' - } - end - - it_configures 'apache serving gnocchi with mod_wsgi' - end -end diff --git a/gnocchi/spec/shared_examples.rb b/gnocchi/spec/shared_examples.rb deleted file mode 100644 index a888e4622..000000000 --- a/gnocchi/spec/shared_examples.rb +++ /dev/null @@ -1,60 +0,0 @@ -shared_examples_for "a Puppet::Error" do |description| - it "with message matching #{description.inspect}" do - expect { is_expected.to have_class_count(1) }.to raise_error(Puppet::Error, description) - end -end - -shared_examples 'generic Gnocchi service' do |service| - - context 'with default parameters' do - it 'installs package and service' do - is_expected.to contain_package(service[:name]).with({ - :name => service[:package_name], - :ensure => 'present', - :notify => "Service[#{service[:name]}]", - :tag => ['openstack', 'gnocchi-package'], - }) - is_expected.to contain_service(service[:name]).with({ - :name => service[:service_name], - :ensure => 'stopped', - :hasstatus => true, - :enable => false, - :tag => 'gnocchi-service', - }) - end - end - - context 'with overridden parameters' do - let :params do - { :enabled => true, - :ensure_package => '2014.1-1' } - end - - it 'installs package and service' do - is_expected.to contain_package(service[:name]).with({ - :name => service[:package_name], - :ensure => '2014.1-1', - :notify => "Service[#{service[:name]}]", - :tag => ['openstack', 'gnocchi-package'], - }) - is_expected.to contain_service(service[:name]).with({ - :name => service[:service_name], - :ensure => 'running', - :hasstatus => true, - :enable => true, - :tag => 'gnocchi-service', - }) - end - end - - context 'while not managing service state' do - let :params do - { :enabled => false, - :manage_service => false } - end - - it 'does not control service state' do - is_expected.to contain_service(service[:name]).without_ensure - end - end -end diff --git a/gnocchi/spec/spec_helper.rb b/gnocchi/spec/spec_helper.rb deleted file mode 100644 index be3811cf2..000000000 --- a/gnocchi/spec/spec_helper.rb +++ /dev/null @@ -1,18 +0,0 @@ -require 'puppetlabs_spec_helper/module_spec_helper' -require 'shared_examples' - -require 'puppet-openstack_spec_helper/defaults' -require 'rspec-puppet-facts' -include RspecPuppetFacts - -RSpec.configure do |c| - c.alias_it_should_behave_like_to :it_configures, 'configures' - c.alias_it_should_behave_like_to :it_raises, 'raises' - # TODO(aschultz): remove this after all tests converted to use OSDefaults - # instead of referencing @default_facts - c.before :each do - @default_facts = OSDefaults.get_facts - end -end - -at_exit { RSpec::Puppet::Coverage.report! } diff --git a/gnocchi/spec/spec_helper_acceptance.rb b/gnocchi/spec/spec_helper_acceptance.rb deleted file mode 100644 index 9196bc99b..000000000 --- a/gnocchi/spec/spec_helper_acceptance.rb +++ /dev/null @@ -1 +0,0 @@ -require 'puppet-openstack_spec_helper/beaker_spec_helper' diff --git a/gnocchi/spec/unit/provider/gnocchi_api_paste_ini/ini_setting_spec.rb b/gnocchi/spec/unit/provider/gnocchi_api_paste_ini/ini_setting_spec.rb deleted file mode 100644 index cd5e7e0f7..000000000 --- a/gnocchi/spec/unit/provider/gnocchi_api_paste_ini/ini_setting_spec.rb +++ /dev/null @@ -1,29 +0,0 @@ -# -# these tests are a little concerning b/c they are hacking around the -# modulepath, so these tests will not catch issues that may eventually arise -# related to loading these plugins. -# I could not, for the life of me, figure out how to programatcally set the modulepath -$LOAD_PATH.push( - File.join( - File.dirname(__FILE__), - '..', - '..', - '..', - 'fixtures', - 'modules', - 'inifile', - 'lib') -) -require 'spec_helper' -provider_class = Puppet::Type.type(:gnocchi_api_paste_ini).provider(:ini_setting) -describe provider_class do - - it 'should allow setting to be set explicitly' do - resource = Puppet::Type::Gnocchi_api_paste_ini.new( - {:name => 'dude/foo', :value => 'bar'} - ) - provider = provider_class.new(resource) - expect(provider.section).to eq('dude') - expect(provider.setting).to eq('foo') - end -end diff --git a/gnocchi/spec/unit/provider/gnocchi_config/ini_setting_spec.rb b/gnocchi/spec/unit/provider/gnocchi_config/ini_setting_spec.rb deleted file mode 100644 index a3fbe1cbb..000000000 --- a/gnocchi/spec/unit/provider/gnocchi_config/ini_setting_spec.rb +++ /dev/null @@ -1,66 +0,0 @@ -# these tests are a little concerning b/c they are hacking around the -# modulepath, so these tests will not catch issues that may eventually arise -# related to loading these plugins. -# I could not, for the life of me, figure out how to programatcally set the modulepath -$LOAD_PATH.push( - File.join( - File.dirname(__FILE__), - '..', - '..', - '..', - 'fixtures', - 'modules', - 'inifile', - 'lib') -) -$LOAD_PATH.push( - File.join( - File.dirname(__FILE__), - '..', - '..', - '..', - 'fixtures', - 'modules', - 'openstacklib', - 'lib') -) -require 'spec_helper' -provider_class = Puppet::Type.type(:gnocchi_config).provider(:ini_setting) -describe provider_class do - - it 'should default to the default setting when no other one is specified' do - resource = Puppet::Type::Gnocchi_config.new( - {:name => 'DEFAULT/foo', :value => 'bar'} - ) - provider = provider_class.new(resource) - expect(provider.section).to eq('DEFAULT') - expect(provider.setting).to eq('foo') - end - - it 'should allow setting to be set explicitly' do - resource = Puppet::Type::Gnocchi_config.new( - {:name => 'dude/foo', :value => 'bar'} - ) - provider = provider_class.new(resource) - expect(provider.section).to eq('dude') - expect(provider.setting).to eq('foo') - end - - it 'should ensure absent when is specified as a value' do - resource = Puppet::Type::Gnocchi_config.new( - {:name => 'dude/foo', :value => ''} - ) - provider = provider_class.new(resource) - provider.exists? - expect(resource[:ensure]).to eq :absent - end - - it 'should ensure absent when value matches ensure_absent_val' do - resource = Puppet::Type::Gnocchi_config.new( - {:name => 'dude/foo', :value => 'foo', :ensure_absent_val => 'foo' } - ) - provider = provider_class.new(resource) - provider.exists? - expect(resource[:ensure]).to eq :absent - end -end diff --git a/gnocchi/spec/unit/provider/gnocchi_spec.rb b/gnocchi/spec/unit/provider/gnocchi_spec.rb deleted file mode 100644 index 7c6e0d02e..000000000 --- a/gnocchi/spec/unit/provider/gnocchi_spec.rb +++ /dev/null @@ -1,14 +0,0 @@ -require 'puppet' -require 'spec_helper' -require 'puppet/provider/gnocchi' - - -klass = Puppet::Provider::Gnocchi - -describe Puppet::Provider::Gnocchi do - - after :each do - klass.reset - end - -end diff --git a/gnocchi/spec/unit/type/gnocchi_api_paste_ini_spec.rb b/gnocchi/spec/unit/type/gnocchi_api_paste_ini_spec.rb deleted file mode 100644 index 66618e227..000000000 --- a/gnocchi/spec/unit/type/gnocchi_api_paste_ini_spec.rb +++ /dev/null @@ -1,34 +0,0 @@ -require 'spec_helper' -# this hack is required for now to ensure that the path is set up correctly -# to retrive the parent provider -$LOAD_PATH.push( - File.join( - File.dirname(__FILE__), - '..', - '..', - 'fixtures', - 'modules', - 'inifile', - 'lib') -) -require 'puppet/type/gnocchi_api_paste_ini' -describe 'Puppet::Type.type(:gnocchi_api_paste_ini)' do - before :each do - @gnocchi_api_paste_ini = Puppet::Type.type(:gnocchi_api_paste_ini).new(:name => 'DEFAULT/foo', :value => 'bar') - end - it 'should accept a valid value' do - @gnocchi_api_paste_ini[:value] = 'bar' - expect(@gnocchi_api_paste_ini[:value]).to eq('bar') - end - - it 'should autorequire the package that install the file' do - catalog = Puppet::Resource::Catalog.new - package = Puppet::Type.type(:package).new(:name => 'gnocchi') - catalog.add_resource package, @gnocchi_api_paste_ini - dependency = @gnocchi_api_paste_ini.autorequire - expect(dependency.size).to eq(1) - expect(dependency[0].target).to eq(@gnocchi_api_paste_ini) - expect(dependency[0].source).to eq(package) - end - -end diff --git a/gnocchi/spec/unit/type/gnocchi_config_spec.rb b/gnocchi/spec/unit/type/gnocchi_config_spec.rb deleted file mode 100644 index 64580fe4c..000000000 --- a/gnocchi/spec/unit/type/gnocchi_config_spec.rb +++ /dev/null @@ -1,63 +0,0 @@ -require 'puppet' -require 'puppet/type/gnocchi_config' -describe 'Puppet::Type.type(:gnocchi_config)' do - before :each do - @gnocchi_config = Puppet::Type.type(:gnocchi_config).new(:name => 'DEFAULT/foo', :value => 'bar') - end - - it 'should require a name' do - expect { - Puppet::Type.type(:gnocchi_config).new({}) - }.to raise_error(Puppet::Error, 'Title or name must be provided') - end - - it 'should not expect a name with whitespace' do - expect { - Puppet::Type.type(:gnocchi_config).new(:name => 'f oo') - }.to raise_error(Puppet::Error, /Parameter name failed/) - end - - it 'should fail when there is no section' do - expect { - Puppet::Type.type(:gnocchi_config).new(:name => 'foo') - }.to raise_error(Puppet::Error, /Parameter name failed/) - end - - it 'should not require a value when ensure is absent' do - Puppet::Type.type(:gnocchi_config).new(:name => 'DEFAULT/foo', :ensure => :absent) - end - - it 'should accept a valid value' do - @gnocchi_config[:value] = 'bar' - expect(@gnocchi_config[:value]).to eq('bar') - end - - it 'should not accept a value with whitespace' do - @gnocchi_config[:value] = 'b ar' - expect(@gnocchi_config[:value]).to eq('b ar') - end - - it 'should accept valid ensure values' do - @gnocchi_config[:ensure] = :present - expect(@gnocchi_config[:ensure]).to eq(:present) - @gnocchi_config[:ensure] = :absent - expect(@gnocchi_config[:ensure]).to eq(:absent) - end - - it 'should not accept invalid ensure values' do - expect { - @gnocchi_config[:ensure] = :latest - }.to raise_error(Puppet::Error, /Invalid value/) - end - - it 'should autorequire the package that install the file' do - catalog = Puppet::Resource::Catalog.new - package = Puppet::Type.type(:package).new(:name => 'gnocchi-api') - catalog.add_resource package, @gnocchi_config - dependency = @gnocchi_config.autorequire - expect(dependency.size).to eq(1) - expect(dependency[0].target).to eq(@gnocchi_config) - expect(dependency[0].source).to eq(package) - end - -end diff --git a/gnocchi/test-requirements.txt b/gnocchi/test-requirements.txt deleted file mode 100644 index bedd66690..000000000 --- a/gnocchi/test-requirements.txt +++ /dev/null @@ -1,4 +0,0 @@ -# this is required for the docs build jobs -sphinx!=1.2.0,!=1.3b1,<1.3,>=1.1.2 -oslosphinx>=2.5.0 # Apache-2.0 -reno>=0.1.1 # Apache-2.0 diff --git a/gnocchi/tox.ini b/gnocchi/tox.ini deleted file mode 100644 index aea06c84f..000000000 --- a/gnocchi/tox.ini +++ /dev/null @@ -1,8 +0,0 @@ -[tox] -minversion = 1.6 -skipsdist = True -envlist = releasenotes - -[testenv:releasenotes] -deps = -rtest-requirements.txt -commands = sphinx-build -a -E -W -d releasenotes/build/doctrees -b html releasenotes/source releasenotes/build/html diff --git a/haproxy/.fixtures.yml b/haproxy/.fixtures.yml deleted file mode 100644 index 64d79f620..000000000 --- a/haproxy/.fixtures.yml +++ /dev/null @@ -1,10 +0,0 @@ -fixtures: - repositories: - concat: - repo: "git://github.com/puppetlabs/puppetlabs-concat.git" - ref: '1.2.3' - stdlib: - repo: "git://github.com/puppetlabs/puppetlabs-stdlib.git" - ref: '3.2.0' - symlinks: - haproxy: "#{source_dir}" diff --git a/haproxy/.geppetto-rc.json b/haproxy/.geppetto-rc.json deleted file mode 100644 index 7df232989..000000000 --- a/haproxy/.geppetto-rc.json +++ /dev/null @@ -1,9 +0,0 @@ -{ - "excludes": [ - "**/contrib/**", - "**/examples/**", - "**/tests/**", - "**/spec/**", - "**/pkg/**" - ] -} diff --git a/haproxy/.gitignore b/haproxy/.gitignore deleted file mode 100644 index 874db461f..000000000 --- a/haproxy/.gitignore +++ /dev/null @@ -1,10 +0,0 @@ -pkg/ -Gemfile.lock -vendor/ -spec/fixtures/ -.vagrant/ -.bundle/ -coverage/ -.idea/ -*.iml -log/ diff --git a/haproxy/.nodeset.yml b/haproxy/.nodeset.yml deleted file mode 100644 index 481ba4c0d..000000000 --- a/haproxy/.nodeset.yml +++ /dev/null @@ -1,20 +0,0 @@ ---- -default_set: 'centos-64-x64' -sets: - 'centos-64-x64': - nodes: - "main.foo.vm": - prefab: 'centos-64-x64' - 'multi-centos-64-x64': - default_node: 'lb' - nodes: - "lb": - prefab: 'centos-64-x64' - "slave1": - prefab: 'centos-64-x64' - "slave2": - prefab: 'centos-64-x64' - 'ubuntu-server-12042-x64': - nodes: - "main.foo.vm": - prefab: 'ubuntu-server-12042-x64' diff --git a/haproxy/.sync.yml b/haproxy/.sync.yml deleted file mode 100644 index 3dd0ca092..000000000 --- a/haproxy/.sync.yml +++ /dev/null @@ -1,7 +0,0 @@ ---- -.travis.yml: - extras: - - rvm: 1.8.7 - env: PUPPET_GEM_VERSION="~> 2.7.0" FACTER_GEM_VERSION="~> 1.6.0" - - rvm: 1.8.7 - env: PUPPET_GEM_VERSION="~> 2.7.0" FACTER_GEM_VERSION="~> 1.7.0" diff --git a/haproxy/.travis.yml b/haproxy/.travis.yml deleted file mode 100644 index 7e8ed57bb..000000000 --- a/haproxy/.travis.yml +++ /dev/null @@ -1,24 +0,0 @@ ---- -sudo: false -language: ruby -bundler_args: --without system_tests -script: "bundle exec rake validate && bundle exec rake lint && bundle exec rake spec SPEC_OPTS='--format documentation'" -matrix: - fast_finish: true - include: - - rvm: 1.8.7 - env: PUPPET_GEM_VERSION="~> 3.0" - - rvm: 1.9.3 - env: PUPPET_GEM_VERSION="~> 3.0" - - rvm: 2.1.5 - env: PUPPET_GEM_VERSION="~> 3.0" - - rvm: 2.1.5 - env: PUPPET_GEM_VERSION="~> 3.0" FUTURE_PARSER="yes" - - rvm: 2.1.6 - env: PUPPET_GEM_VERSION="~> 4.0" STRICT_VARIABLES="yes" - - rvm: 1.8.7 - env: PUPPET_GEM_VERSION="~> 2.7.0" FACTER_GEM_VERSION="~> 1.6.0" - - rvm: 1.8.7 - env: PUPPET_GEM_VERSION="~> 2.7.0" FACTER_GEM_VERSION="~> 1.7.0" -notifications: - email: false diff --git a/haproxy/CHANGELOG.md b/haproxy/CHANGELOG.md deleted file mode 100644 index fbd006385..000000000 --- a/haproxy/CHANGELOG.md +++ /dev/null @@ -1,134 +0,0 @@ -## Supported Release 1.3.1 -###Summary - -Small release for support of newer PE versions. This increments the version of PE in the metadata.json file. - -## 2015-07-15 - Supported Release 1.3.0 -### Summary -This release adds puppet 4 support, and adds the ability to specify the order -of option entries for `haproxy::frontend` and `haproxy::listen` defined -resources. - -#### Features -- Adds puppet 4 compatibility -- Updated readme -- Gentoo compatibility -- Suse compatibility -- Add ability for frontend and listen to be ordered - - -##2015-03-10 - Supported Release 1.2.0 -###Summary -This release adds flexibility for configuration of balancermembers and bind settings, and adds support for configuring peers. This release also renames the `tests` directory to `examples` - -####Features -- Add support for loadbalancer members without ports -- Add `haproxy_version` fact (MODULES-1619) -- Add `haproxy::peer` and `haproxy::peers` defines -- Make `bind` parameter processing more flexible - -####Bugfixes -- Fix 'RedHat' name for osfamily case in `haproxy::params` -- Fix lint warnings -- Don't set a default for `ipaddress` so bind can be used (MODULES-1497) - -##2014-11-04 - Supported Release 1.1.0 -###Summary - -This release primarily adds greater flexibility in the listen directive. - -####Features -- Added `bind` parameter to `haproxy::frontend` - -####Deprecations -- `bind_options` in `haproxy::frontend` is being deprecated in favor of `bind` -- Remove references to deprecated concat::setup class and update concat dependency - -##2014-07-21 - Supported Release 1.0.0 -###Summary - -This supported release is the first stable release of haproxy! The updates to -this release allow you to customize pretty much everything that HAProxy has to -offer (that we could find at least). - -####Features -- Brand new readme -- Add haproxy::userlist defined resource for managing users -- Add haproxy::frontend::bind_options parameter -- Add haproxy::custom_fragment parameter for arbitrary configuration -- Add compatibility with more recent operating system releases - -####Bugfixes -- Check for listen/backend with the same names to avoid misordering -- Removed warnings when storeconfigs is not being used -- Passing lint -- Fix chroot ownership for global user/group -- Fix ability to uninstall haproxy -- Fix some linting issues -- Add beaker-rspec tests -- Increase unit test coverage -- Fix balancermember server lines with multiple ports - -##2014-05-28 - Version 0.5.0 -###Summary - -The primary feature of this release is a reorganization of the -module to match best practices. There are several new parameters -and some bug fixes. - -####Features -- Reorganized the module to follow install/config/service pattern -- Added bind_options parameter to haproxy::listen -- Updated tests - -####Fixes -- Add license file -- Whitespace cleanup -- Use correct port in README -- Fix order of concat fragments - -##2013-10-08 - Version 0.4.1 - -###Summary - -Fix the dependency for concat. - -####Fixes -- Changed the dependency to be the puppetlabs/concat version. - -##2013-10-03 - Version 0.4.0 - -###Summary - -The largest feature in this release is the new haproxy::frontend -and haproxy::backend defines. The other changes are mostly to -increase flexibility. - -####Features -- Added parameters to haproxy: - - `package_name`: Allows alternate package name. -- Add haproxy::frontend and haproxy::backend defines. -- Add an ensure parameter to balancermember so they can be removed. -- Made chroot optional - -####Fixes -- Remove deprecation warnings from templates. - -##2013-05-25 - Version 0.3.0 -####Features -- Add travis testing -- Add `haproxy::balancermember` `define_cookies` parameter -- Add array support to `haproxy::listen` `ipaddress` parameter - -####Bugfixes -- Documentation -- Listen -> Balancermember dependency -- Config line ordering -- Whitespace -- Add template lines for `haproxy::listen` `mode` parameter - -##2012-10-12 - Version 0.2.0 -- Initial public release -- Backwards incompatible changes all around -- No longer needs ordering passed for more than one listener -- Accepts multiple listen ips/ports/server_names diff --git a/haproxy/CONTRIBUTING.md b/haproxy/CONTRIBUTING.md deleted file mode 100644 index f1cbde4bb..000000000 --- a/haproxy/CONTRIBUTING.md +++ /dev/null @@ -1,220 +0,0 @@ -Checklist (and a short version for the impatient) -================================================= - - * Commits: - - - Make commits of logical units. - - - Check for unnecessary whitespace with "git diff --check" before - committing. - - - Commit using Unix line endings (check the settings around "crlf" in - git-config(1)). - - - Do not check in commented out code or unneeded files. - - - The first line of the commit message should be a short - description (50 characters is the soft limit, excluding ticket - number(s)), and should skip the full stop. - - - Associate the issue in the message. The first line should include - the issue number in the form "(#XXXX) Rest of message". - - - The body should provide a meaningful commit message, which: - - - uses the imperative, present tense: "change", not "changed" or - "changes". - - - includes motivation for the change, and contrasts its - implementation with the previous behavior. - - - Make sure that you have tests for the bug you are fixing, or - feature you are adding. - - - Make sure the test suites passes after your commit: - `bundle exec rspec spec/acceptance` More information on [testing](#Testing) below - - - When introducing a new feature, make sure it is properly - documented in the README.md - - * Submission: - - * Pre-requisites: - - - Make sure you have a [GitHub account](https://github.com/join) - - - [Create a ticket](https://tickets.puppetlabs.com/secure/CreateIssue!default.jspa), or [watch the ticket](https://tickets.puppetlabs.com/browse/) you are patching for. - - * Preferred method: - - - Fork the repository on GitHub. - - - Push your changes to a topic branch in your fork of the - repository. (the format ticket/1234-short_description_of_change is - usually preferred for this project). - - - Submit a pull request to the repository in the puppetlabs - organization. - -The long version -================ - - 1. Make separate commits for logically separate changes. - - Please break your commits down into logically consistent units - which include new or changed tests relevant to the rest of the - change. The goal of doing this is to make the diff easier to - read for whoever is reviewing your code. In general, the easier - your diff is to read, the more likely someone will be happy to - review it and get it into the code base. - - If you are going to refactor a piece of code, please do so as a - separate commit from your feature or bug fix changes. - - We also really appreciate changes that include tests to make - sure the bug is not re-introduced, and that the feature is not - accidentally broken. - - Describe the technical detail of the change(s). If your - description starts to get too long, that is a good sign that you - probably need to split up your commit into more finely grained - pieces. - - Commits which plainly describe the things which help - reviewers check the patch and future developers understand the - code are much more likely to be merged in with a minimum of - bike-shedding or requested changes. Ideally, the commit message - would include information, and be in a form suitable for - inclusion in the release notes for the version of Puppet that - includes them. - - Please also check that you are not introducing any trailing - whitespace or other "whitespace errors". You can do this by - running "git diff --check" on your changes before you commit. - - 2. Sending your patches - - To submit your changes via a GitHub pull request, we _highly_ - recommend that you have them on a topic branch, instead of - directly on "master". - It makes things much easier to keep track of, especially if - you decide to work on another thing before your first change - is merged in. - - GitHub has some pretty good - [general documentation](http://help.github.com/) on using - their site. They also have documentation on - [creating pull requests](http://help.github.com/send-pull-requests/). - - In general, after pushing your topic branch up to your - repository on GitHub, you can switch to the branch in the - GitHub UI and click "Pull Request" towards the top of the page - in order to open a pull request. - - - 3. Update the related GitHub issue. - - If there is a GitHub issue associated with the change you - submitted, then you should update the ticket to include the - location of your branch, along with any other commentary you - may wish to make. - -Testing -======= - -Getting Started ---------------- - -Our puppet modules provide [`Gemfile`](./Gemfile)s which can tell a ruby -package manager such as [bundler](http://bundler.io/) what Ruby packages, -or Gems, are required to build, develop, and test this software. - -Please make sure you have [bundler installed](http://bundler.io/#getting-started) -on your system, then use it to install all dependencies needed for this project, -by running - -```shell -% bundle install -Fetching gem metadata from https://rubygems.org/........ -Fetching gem metadata from https://rubygems.org/.. -Using rake (10.1.0) -Using builder (3.2.2) --- 8><-- many more --><8 -- -Using rspec-system-puppet (2.2.0) -Using serverspec (0.6.3) -Using rspec-system-serverspec (1.0.0) -Using bundler (1.3.5) -Your bundle is complete! -Use `bundle show [gemname]` to see where a bundled gem is installed. -``` - -NOTE some systems may require you to run this command with sudo. - -If you already have those gems installed, make sure they are up-to-date: - -```shell -% bundle update -``` - -With all dependencies in place and up-to-date we can now run the tests: - -```shell -% rake spec -``` - -This will execute all the [rspec tests](http://rspec-puppet.com/) tests -under [spec/defines](./spec/defines), [spec/classes](./spec/classes), -and so on. rspec tests may have the same kind of dependencies as the -module they are testing. While the module defines in its [Modulefile](./Modulefile), -rspec tests define them in [.fixtures.yml](./fixtures.yml). - -Some puppet modules also come with [beaker](https://github.com/puppetlabs/beaker) -tests. These tests spin up a virtual machine under -[VirtualBox](https://www.virtualbox.org/)) with, controlling it with -[Vagrant](http://www.vagrantup.com/) to actually simulate scripted test -scenarios. In order to run these, you will need both of those tools -installed on your system. - -You can run them by issuing the following command - -```shell -% rake spec_clean -% rspec spec/acceptance -``` - -This will now download a pre-fabricated image configured in the [default node-set](./spec/acceptance/nodesets/default.yml), -install puppet, copy this module and install its dependencies per [spec/spec_helper_acceptance.rb](./spec/spec_helper_acceptance.rb) -and then run all the tests under [spec/acceptance](./spec/acceptance). - -Writing Tests -------------- - -XXX getting started writing tests. - -If you have commit access to the repository -=========================================== - -Even if you have commit access to the repository, you will still need to -go through the process above, and have someone else review and merge -in your changes. The rule is that all changes must be reviewed by a -developer on the project (that did not write the code) to ensure that -all changes go through a code review process. - -Having someone other than the author of the topic branch recorded as -performing the merge is the record that they performed the code -review. - - -Additional Resources -==================== - -* [Getting additional help](http://puppetlabs.com/community/get-help) - -* [Writing tests](http://projects.puppetlabs.com/projects/puppet/wiki/Development_Writing_Tests) - -* [Patchwork](https://patchwork.puppetlabs.com) - -* [General GitHub documentation](http://help.github.com/) - -* [GitHub pull request documentation](http://help.github.com/send-pull-requests/) - diff --git a/haproxy/Gemfile b/haproxy/Gemfile deleted file mode 100644 index bfe64b186..000000000 --- a/haproxy/Gemfile +++ /dev/null @@ -1,48 +0,0 @@ -source ENV['GEM_SOURCE'] || "https://rubygems.org" - -def location_for(place, fake_version = nil) - if place =~ /^(git:[^#]*)#(.*)/ - [fake_version, { :git => $1, :branch => $2, :require => false }].compact - elsif place =~ /^file:\/\/(.*)/ - ['>= 0', { :path => File.expand_path($1), :require => false }] - else - [place, { :require => false }] - end -end - -group :development, :unit_tests do - gem 'rspec-core', '3.1.7', :require => false - gem 'puppetlabs_spec_helper', :require => false - gem 'simplecov', :require => false - gem 'puppet_facts', :require => false - gem 'json', :require => false -end - -group :system_tests do - if beaker_version = ENV['BEAKER_VERSION'] - gem 'beaker', *location_for(beaker_version) - end - if beaker_rspec_version = ENV['BEAKER_RSPEC_VERSION'] - gem 'beaker-rspec', *location_for(beaker_rspec_version) - else - gem 'beaker-rspec', :require => false - end - gem 'serverspec', :require => false - gem 'beaker-puppet_install_helper', :require => false -end - - - -if facterversion = ENV['FACTER_GEM_VERSION'] - gem 'facter', facterversion, :require => false -else - gem 'facter', :require => false -end - -if puppetversion = ENV['PUPPET_GEM_VERSION'] - gem 'puppet', puppetversion, :require => false -else - gem 'puppet', :require => false -end - -# vim:ft=ruby diff --git a/haproxy/LICENSE b/haproxy/LICENSE deleted file mode 100644 index c4a243518..000000000 --- a/haproxy/LICENSE +++ /dev/null @@ -1,201 +0,0 @@ - Apache License - Version 2.0, January 2004 - http://www.apache.org/licenses/ - - TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION - - 1. Definitions. - - "License" shall mean the terms and conditions for use, reproduction, - and distribution as defined by Sections 1 through 9 of this document. - - "Licensor" shall mean the copyright owner or entity authorized by - the copyright owner that is granting the License. - - "Legal Entity" shall mean the union of the acting entity and all - other entities that control, are controlled by, or are under common - control with that entity. For the purposes of this definition, - "control" means (i) the power, direct or indirect, to cause the - direction or management of such entity, whether by contract or - otherwise, or (ii) ownership of fifty percent (50%) or more of the - outstanding shares, or (iii) beneficial ownership of such entity. - - "You" (or "Your") shall mean an individual or Legal Entity - exercising permissions granted by this License. - - "Source" form shall mean the preferred form for making modifications, - including but not limited to software source code, documentation - source, and configuration files. - - "Object" form shall mean any form resulting from mechanical - transformation or translation of a Source form, including but - not limited to compiled object code, generated documentation, - and conversions to other media types. - - "Work" shall mean the work of authorship, whether in Source or - Object form, made available under the License, as indicated by a - copyright notice that is included in or attached to the work - (an example is provided in the Appendix below). - - "Derivative Works" shall mean any work, whether in Source or Object - form, that is based on (or derived from) the Work and for which the - editorial revisions, annotations, elaborations, or other modifications - represent, as a whole, an original work of authorship. For the purposes - of this License, Derivative Works shall not include works that remain - separable from, or merely link (or bind by name) to the interfaces of, - the Work and Derivative Works thereof. - - "Contribution" shall mean any work of authorship, including - the original version of the Work and any modifications or additions - to that Work or Derivative Works thereof, that is intentionally - submitted to Licensor for inclusion in the Work by the copyright owner - or by an individual or Legal Entity authorized to submit on behalf of - the copyright owner. For the purposes of this definition, "submitted" - means any form of electronic, verbal, or written communication sent - to the Licensor or its representatives, including but not limited to - communication on electronic mailing lists, source code control systems, - and issue tracking systems that are managed by, or on behalf of, the - Licensor for the purpose of discussing and improving the Work, but - excluding communication that is conspicuously marked or otherwise - designated in writing by the copyright owner as "Not a Contribution." - - "Contributor" shall mean Licensor and any individual or Legal Entity - on behalf of whom a Contribution has been received by Licensor and - subsequently incorporated within the Work. - - 2. Grant of Copyright License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - copyright license to reproduce, prepare Derivative Works of, - publicly display, publicly perform, sublicense, and distribute the - Work and such Derivative Works in Source or Object form. - - 3. Grant of Patent License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - (except as stated in this section) patent license to make, have made, - use, offer to sell, sell, import, and otherwise transfer the Work, - where such license applies only to those patent claims licensable - by such Contributor that are necessarily infringed by their - Contribution(s) alone or by combination of their Contribution(s) - with the Work to which such Contribution(s) was submitted. If You - institute patent litigation against any entity (including a - cross-claim or counterclaim in a lawsuit) alleging that the Work - or a Contribution incorporated within the Work constitutes direct - or contributory patent infringement, then any patent licenses - granted to You under this License for that Work shall terminate - as of the date such litigation is filed. - - 4. Redistribution. You may reproduce and distribute copies of the - Work or Derivative Works thereof in any medium, with or without - modifications, and in Source or Object form, provided that You - meet the following conditions: - - (a) You must give any other recipients of the Work or - Derivative Works a copy of this License; and - - (b) You must cause any modified files to carry prominent notices - stating that You changed the files; and - - (c) You must retain, in the Source form of any Derivative Works - that You distribute, all copyright, patent, trademark, and - attribution notices from the Source form of the Work, - excluding those notices that do not pertain to any part of - the Derivative Works; and - - (d) If the Work includes a "NOTICE" text file as part of its - distribution, then any Derivative Works that You distribute must - include a readable copy of the attribution notices contained - within such NOTICE file, excluding those notices that do not - pertain to any part of the Derivative Works, in at least one - of the following places: within a NOTICE text file distributed - as part of the Derivative Works; within the Source form or - documentation, if provided along with the Derivative Works; or, - within a display generated by the Derivative Works, if and - wherever such third-party notices normally appear. The contents - of the NOTICE file are for informational purposes only and - do not modify the License. You may add Your own attribution - notices within Derivative Works that You distribute, alongside - or as an addendum to the NOTICE text from the Work, provided - that such additional attribution notices cannot be construed - as modifying the License. - - You may add Your own copyright statement to Your modifications and - may provide additional or different license terms and conditions - for use, reproduction, or distribution of Your modifications, or - for any such Derivative Works as a whole, provided Your use, - reproduction, and distribution of the Work otherwise complies with - the conditions stated in this License. - - 5. Submission of Contributions. Unless You explicitly state otherwise, - any Contribution intentionally submitted for inclusion in the Work - by You to the Licensor shall be under the terms and conditions of - this License, without any additional terms or conditions. - Notwithstanding the above, nothing herein shall supersede or modify - the terms of any separate license agreement you may have executed - with Licensor regarding such Contributions. - - 6. Trademarks. This License does not grant permission to use the trade - names, trademarks, service marks, or product names of the Licensor, - except as required for reasonable and customary use in describing the - origin of the Work and reproducing the content of the NOTICE file. - - 7. Disclaimer of Warranty. Unless required by applicable law or - agreed to in writing, Licensor provides the Work (and each - Contributor provides its Contributions) on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or - implied, including, without limitation, any warranties or conditions - of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A - PARTICULAR PURPOSE. You are solely responsible for determining the - appropriateness of using or redistributing the Work and assume any - risks associated with Your exercise of permissions under this License. - - 8. Limitation of Liability. In no event and under no legal theory, - whether in tort (including negligence), contract, or otherwise, - unless required by applicable law (such as deliberate and grossly - negligent acts) or agreed to in writing, shall any Contributor be - liable to You for damages, including any direct, indirect, special, - incidental, or consequential damages of any character arising as a - result of this License or out of the use or inability to use the - Work (including but not limited to damages for loss of goodwill, - work stoppage, computer failure or malfunction, or any and all - other commercial damages or losses), even if such Contributor - has been advised of the possibility of such damages. - - 9. Accepting Warranty or Additional Liability. While redistributing - the Work or Derivative Works thereof, You may choose to offer, - and charge a fee for, acceptance of support, warranty, indemnity, - or other liability obligations and/or rights consistent with this - License. However, in accepting such obligations, You may act only - on Your own behalf and on Your sole responsibility, not on behalf - of any other Contributor, and only if You agree to indemnify, - defend, and hold each Contributor harmless for any liability - incurred by, or claims asserted against, such Contributor by reason - of your accepting any such warranty or additional liability. - - END OF TERMS AND CONDITIONS - - APPENDIX: How to apply the Apache License to your work. - - To apply the Apache License to your work, attach the following - boilerplate notice, with the fields enclosed by brackets "[]" - replaced with your own identifying information. (Don't include - the brackets!) The text should be enclosed in the appropriate - comment syntax for the file format. We also recommend that a - file or class name and description of purpose be included on the - same "printed page" as the copyright notice for easier - identification within third-party archives. - - Copyright 2012 Puppet Labs - - Licensed under the Apache License, Version 2.0 (the "License"); - you may not use this file except in compliance with the License. - You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - - Unless required by applicable law or agreed to in writing, software - distributed under the License is distributed on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - See the License for the specific language governing permissions and - limitations under the License. diff --git a/haproxy/README.md b/haproxy/README.md deleted file mode 100644 index 4ab5e00a7..000000000 --- a/haproxy/README.md +++ /dev/null @@ -1,846 +0,0 @@ -#haproxy - -####Table of Contents - -1. [Overview](#overview) -2. [Module Description - What the module does and why it is useful](#module-description) -3. [Setup - The basics of getting started with haproxy](#setup) - * [Beginning with haproxy](#beginning-with-haproxy) -4. [Usage - Configuration options and additional functionality](#usage) - * [Configure HAProxy options](#configure-haproxy-options) - * [Configure HAProxy daemon listener](#configure-haproxy-daemon-listener) - * [Configure multi-network daemon listener](#configure-multi-network-daemon-listener) - * [Configure HAProxy load-balanced member nodes](#configure-haproxy-load-balanced-member-nodes) - * [Configure a load balancer with exported resources](#configure-a-load-balancer-with-exported-resources) - * [Set up a frontend service](#set-up-a-frontend-service) - * [Set up a backend service](#set-up-a-backend-service) - * [Configure multiple haproxy instances on one machine](#configure-multiple-haproxy-instances-on-one-machine) - * [Manage a map file](#manage-a-map-file) -5. [Reference - An under-the-hood peek at what the module is doing and how](#reference) -6. [Limitations - OS compatibility, etc.](#limitations) -7. [Development - Guide for contributing to the module](#development) - -##Overview - -The haproxy module lets you use Puppet to install, configure, and manage HAProxy. - -##Module Description - -HAProxy is a daemon for load-balancing and proxying TCP- and HTTP-based services. This module lets you use Puppet to configure HAProxy servers and backend member servers. - -##Setup - -###Beginning with haproxy - -The quickest way to get up and running using the haproxy module is to install and configure a basic HAProxy server that is listening on port 8140 and balanced against two nodes: - -~~~puppet -node 'haproxy-server' { - class { 'haproxy': } - haproxy::listen { 'puppet00': - collect_exported => false, - ipaddress => $::ipaddress, - ports => '8140', - } - haproxy::balancermember { 'master00': - listening_service => 'puppet00', - server_names => 'master00.example.com', - ipaddresses => '10.0.0.10', - ports => '8140', - options => 'check', - } - haproxy::balancermember { 'master01': - listening_service => 'puppet00', - server_names => 'master01.example.com', - ipaddresses => '10.0.0.11', - ports => '8140', - options => 'check', - } -} -~~~ - -##Usage - -###Configure HAProxy options - -The main [`haproxy` class](#class-haproxy) has many options for configuring your HAProxy server: - -~~~puppet -class { 'haproxy': - global_options => { - 'log' => "${::ipaddress} local0", - 'chroot' => '/var/lib/haproxy', - 'pidfile' => '/var/run/haproxy.pid', - 'maxconn' => '4000', - 'user' => 'haproxy', - 'group' => 'haproxy', - 'daemon' => '', - 'stats' => 'socket /var/lib/haproxy/stats', - }, - defaults_options => { - 'log' => 'global', - 'stats' => 'enable', - 'option' => [ - 'redispatch', - ], - 'retries' => '3', - 'timeout' => [ - 'http-request 10s', - 'queue 1m', - 'connect 10s', - 'client 1m', - 'server 1m', - 'check 10s', - ], - 'maxconn' => '8000', - }, -} -~~~ - -The above shown values are the module's defaults for platforms like Debian and RedHat (see `haproxy::params` for details). If you wish to override or add to any of these defaults set `merge_options => true` (see below) and set `global_options` and/or `defaults_options` to a hash containing just the `option => value` pairs you need changed or added. In case of duplicates your supplied values will "win" over the default values (this is especially noteworthy for arrays -- they cannot be merged easily). If you want to completely remove a parameter set it to the special value `undef`: - -~~~puppet -class { 'haproxy': - global_options => { - 'maxconn' => undef, - 'user' => 'root', - 'group' => 'root', - 'stats' => [ - 'socket /var/lib/haproxy/stats', - 'timeout 30s' - ] - }, - defaults_options => { - 'retries' => '5', - 'option' => [ - 'redispatch', - 'http-server-close', - 'logasap', - ], - 'timeout' => [ - 'http-request 7s', - 'connect 3s', - 'check 9s', - ], - 'maxconn' => '15000', - }, -} -~~~ - -###Configure HAProxy daemon listener - -To export the resource for a balancermember and collect it on a single HAProxy load balancer server: - -~~~puppet -haproxy::listen { 'puppet00': - ipaddress => $::ipaddress, - ports => '18140', - mode => 'tcp', - options => { - 'option' => [ - 'tcplog', - ], - 'balance' => 'roundrobin', - }, -} -~~~ - -###Configure multi-network daemon listener - -If you need a more complex configuration for the listen block, use the `$bind` parameter: - -~~~puppet -haproxy::listen { 'puppet00': - mode => 'tcp', - options => { - 'option' => [ - 'tcplog', - ], - 'balance' => 'roundrobin', - }, - bind => { - '10.0.0.1:443' => ['ssl', 'crt', 'puppetlabs.com'], - '168.12.12.12:80' => [], - '192.168.122.42:8000-8100' => ['ssl', 'crt', 'puppetlabs.com'], - ':8443,:8444' => ['ssl', 'crt', 'internal.puppetlabs.com'] - }, -} -~~~ - -**Note:** `$ports` and `$ipaddress` cannot be used in combination with `$bind`. - -###Configure HAProxy load-balanced member nodes - -First export the resource for a balancermember: - -~~~puppet -@@haproxy::balancermember { 'haproxy': - listening_service => 'puppet00', - ports => '8140', - server_names => $::hostname, - ipaddresses => $::ipaddress, - options => 'check', -} -~~~ - -Then collect the resource on a load balancer: - -~~~puppet -Haproxy::Balancermember <<| listening_service == 'puppet00' |>> -~~~ - -Then create the resource for multiple balancermembers at once: - -~~~puppet -haproxy::balancermember { 'haproxy': - listening_service => 'puppet00', - ports => '8140', - server_names => ['server01', 'server02'], - ipaddresses => ['192.168.56.200', '192.168.56.201'], - options => 'check', -} -~~~ - -This example assumes a single-pass installation of HAProxy where you know the members in advance. Otherwise, you'd need a first pass to export the resources. - -###Configure a load balancer with exported resources - -Install and configure an HAProxy service listening on port 8140 and balanced against all collected nodes: - -~~~puppet -node 'haproxy-server' { - class { 'haproxy': } - haproxy::listen { 'puppet00': - ipaddress => $::ipaddress, - ports => '8140', - } -} - -node /^master\d+/ { - @@haproxy::balancermember { $::fqdn: - listening_service => 'puppet00', - server_names => $::hostname, - ipaddresses => $::ipaddress, - ports => '8140', - options => 'check', - } -} -~~~ - -The resulting HAProxy service uses storeconfigs to collect and realize balancermember servers, and automatically collects configurations from backend servers. The backend nodes export their HAProxy configurations to the Puppet master, which then distributes them to the HAProxy server. - -###Set up a frontend service - -This example routes traffic from port 8140 to all balancermembers added to a backend with the title 'puppet_backend00': - -~~~puppet -haproxy::frontend { 'puppet00': - ipaddress => $::ipaddress, - ports => '18140', - mode => 'tcp', - bind_options => 'accept-proxy', - options => { - 'default_backend' => 'puppet_backend00', - 'timeout client' => '30s', - 'option' => [ - 'tcplog', - 'accept-invalid-http-request', - ], - }, -} -~~~ - -If option order is important, pass an array of hashes to the `options` parameter: - -~~~puppet -haproxy::frontend { 'puppet00': - ipaddress => $::ipaddress, - ports => '18140', - mode => 'tcp', - bind_options => 'accept-proxy', - options => [ - { 'default_backend' => 'puppet_backend00' }, - { 'timeout client' => '30s' }, - { 'option' => [ - 'tcplog', - 'accept-invalid-http-request', - ], - } - ], -} -~~~ - -This adds the frontend options to the configuration block in the same order as they appear within your array. - -###Set up a backend service - -~~~puppet -haproxy::backend { 'puppet00': - options => { - 'option' => [ - 'tcplog', - ], - 'balance' => 'roundrobin', - }, -} -~~~ - -If option order is important, pass an array of hashes to the `options` parameter: - -~~~puppet -haproxy::backend { 'puppet00': - options => [ - { 'option' => [ - 'tcplog', - ] - }, - { 'balance' => 'roundrobin' }, - { 'cookie' => 'C00 insert' }, - ], -} -~~~ - -This adds the backend options to the configuration block in the same order as they appear within the array. - -###Configure multiple haproxy instances on one machine - -This is an advanced feature typically only used at large sites. - -It is possible to run multiple haproxy processes ("instances") on the -same machine. This has the benefit that each is a distinct failure domain, -each can be restarted independently, and each can run a different binary. - -In this use case, instead of using `Class['haproxy']`, each process -is started using `haproxy::instance{'inst'}` where `inst` is the -name of the instance. It assumes there is a matching `Service['inst']` -that will be used to manage service. Different sites may have -different requirements for how the `Service[]` is constructed. -However, `haproxy::instance_service` exists as an example of one -way to do this, and may be sufficient for most sites. - -In this example, two instances are created. The first uses the standard -class and uses `haproxy::instance` to add an additional instance called -`beta`. - -~~~puppet - class{ 'haproxy': } - haproxy::listen { 'puppet00': - instance => 'haproxy', - collect_exported => false, - ipaddress => $::ipaddress, - ports => '8800', - } - - haproxy::instance { 'beta': } - -> - haproxy::instance_service { 'beta': - haproxy_package => 'custom_haproxy', - haproxy_init_source => "puppet:///modules/${module_name}/haproxy-beta.init", - } - -> - haproxy::listen { 'puppet00': - instance => 'beta', - collect_exported => false, - ipaddress => $::ipaddress, - ports => '9900', - } -~~~ - -In this example, two instances are created called `group1` and `group2`. -The second uses a custom package. - -~~~puppet - haproxy::instance { 'group1': } - -> - haproxy::instance_service { 'group1': - haproxy_init_source => "puppet:///modules/${module_name}/haproxy-group1.init", - } - -> - haproxy::listen { 'group1-puppet00': - section_name => 'puppet00', - instance => 'group1', - collect_exported => false, - ipaddress => $::ipaddress, - ports => '8800', - } - haproxy::instance { 'group2': } - -> - haproxy::instance_service { 'group2': - haproxy_package => 'custom_haproxy', - haproxy_init_source => "puppet:///modules/${module_name}/haproxy-group2.init", - } - -> - haproxy::listen { 'group2-puppet00': - section_name => 'puppet00', - instance => 'group2', - collect_exported => false, - ipaddress => $::ipaddress, - ports => '9900', - } - -### Manage a map file - -~~~puppet -haproxy::mapfile { 'domains-to-backends': - ensure => 'present', - mappings => [ - { 'app01.example.com' => 'bk_app01' }, - { 'app02.example.com' => 'bk_app02' }, - { 'app03.example.com' => 'bk_app03' }, - { 'app04.example.com' => 'bk_app04' }, - 'app05.example.com bk_app05', - 'app06.example.com bk_app06', - ], -} -~~~ - -This creates a file `/etc/haproxy/domains-to-backends.map` containing the mappings specified in the `mappings` array. - -The map file can then be used in a frontend to map `Host:` values to backends, implementing name-based virtual hosting: - -``` -frontend ft_allapps - [...] - use_backend %[req.hdr(host),lower,map(/etc/haproxy/domains-to-backends.map,bk_default)] -``` - -Or expressed using `haproxy::frontend`: - -~~~puppet -haproxy::frontend { 'ft_allapps': - ipaddress => '0.0.0.0', - ports => '80', - mode => 'http', - options => { - 'use_backend' => '%[req.hdr(host),lower,map(/etc/haproxy/domains-to-backends.map,bk_default)]' - } -} -~~~ - -##Reference - -###Classes - -####Public classes - -* [`haproxy`](#class-haproxy): Main configuration class. - -####Private classes - -* `haproxy::params`: Sets parameter defaults per operating system. -* `haproxy::install`: Installs packages. -* `haproxy::config`: Configures haproxy.cfg. -* `haproxy::service`: Manages the haproxy service. - -###Defines - -####Public defines - -* [`haproxy::listen`](#define-haproxylisten): Creates a listen entry in haproxy.cfg. -* [`haproxy::frontend`](#define-haproxyfrontend): Creates a frontend entry in haproxy.cfg. -* [`haproxy::backend`](#define-haproxybackend): Creates a backend entry in haproxy.cfg. -* [`haproxy::balancermember`](#define-haproxybalancermember): Creates server entries for listen or backend blocks in haproxy.cfg. -* [`haproxy::userlist`](#define-haproxyuserlist): Creates a userlist entry in haproxy.cfg. -* [`haproxy::peers`](#define-haproxypeers): Creates a peers entry in haproxy.cfg. -* [`haproxy::peer`](#define-haproxypeer): Creates server entries within a peers entry in haproxy.cfg. -* [`haproxy::instance`](#define-instance): Creates multiple instances of haproxy on the same machine. -* [`haproxy::instance_service`](#define-instanceservice): Example of one way to prepare environment for haproxy::instance. -* [`haproxy::mapfile`](#define-haproxymapfile): Manages an HAProxy [map file](https://cbonte.github.io/haproxy-dconv/configuration-1.5.html#7.3.1-map). - -####Private defines - -* `haproxy::balancermember::collect_exported`: Collects exported balancermembers. -* `haproxy::peer::collect_exported`: Collects exported peers. - -#### Class: `haproxy` - -Main class, includes all other classes. - -##### Parameters (all optional) - -* `custom_fragment`: Inserts an arbitrary string into the configuration file. Useful for configurations not available through other parameters. Valid options: a string (e.g., output from the template() function). Default: undef. - -* `defaults_options`: Configures all the default HAProxy options at once. Valid options: a hash of `option => value` pairs. To set an option multiple times (e.g. multiple 'timeout' or 'stats' values) pass its value as an array. Each element in your array results in a separate instance of the option, on a separate line in haproxy.cfg. Default: - - ~~~puppet - { - 'log' => 'global', - 'stats' => 'enable', - 'option' => [ - 'redispatch', - ], - 'retries' => '3', - 'timeout' => [ - 'http-request 10s', - 'queue 1m', - 'connect 10s', - 'client 1m', - 'server 1m', - 'check 10s', - ], - 'maxconn' => '8000' - } - ~~~ - - To override or add to any of these default values you don't have to recreate and supply the whole hash, just set `merge_options => true` (see below) and set `defaults_options` to a hash of the `option => value` pairs you'd like to override or add. But note that array values cannot be easily merged with the default values without potentially creating duplicates so you always have to supply the whole array yourself. And if you want a parameter to not appear at all in the resulting configuration set its value to `undef`. Example: - - ~~~puppet - { - 'retries' => '5', - 'timeout' => [ - 'http-request 7s', - 'http-keep-alive 10s, - 'queue 1m', - 'connect 5s', - 'client 1m', - 'server 1m', - 'check 10s', - ], - 'maxconn' => undef, - } - ~~~ - -* `global_options`: Configures all the global HAProxy options at once. Valid options: a hash of `option => value` pairs. To set an option multiple times (e.g. multiple 'timeout' or 'stats' values) pass its value as an array. Each element in your array results in a separate instance of the option, on a separate line in haproxy.cfg. Default: - - ~~~puppet - { - 'log' => "${::ipaddress} local0", - 'chroot' => '/var/lib/haproxy', - 'pidfile' => '/var/run/haproxy.pid', - 'maxconn' => '4000', - 'user' => 'haproxy', - 'group' => 'haproxy', - 'daemon' => '', - 'stats' => 'socket /var/lib/haproxy/stats' - } - ~~~ - - To override or add to any of these default values you don't have to recreate and supply the whole hash, just set `merge_options => true` (see below) and set `global_options` to a hash of the `option => value` pairs you'd like to override or add. But note that array values cannot be easily merged with the default values without potentially creating duplicates so you always have to supply the whole array yourself. And if you want a parameter to not appear at all in the resulting configuration set its value to `undef`. Example: - - ~~~puppet - { - log => undef, - 'user' => 'root', - 'group' => 'root', - 'stats' => [ - 'socket /var/lib/haproxy/admin.sock mode 660 level admin', - 'timeout 30s', - ], - } - ~~~ - -* `merge_options`: Whether to merge the user-supplied `global_options`/`defaults_options` hashes with their default values set in params.pp. Merging allows to change or add options without having to recreate the entire hash. Defaults to `false`, but will default to `true` in future releases. - -* `package_ensure`: Specifies whether the HAProxy package should exist. Defaults to 'present'. Valid options: 'present' and 'absent'. Default: 'present'. - -* `package_name`: Specifies the name of the HAProxy package. Valid options: a string. Default: 'haproxy'. - -* `restart_command`: Specifies a command that Puppet can use to restart the service after configuration changes. Passed directly as the `restart` parameter to Puppet's native [`service` resource](https://docs.puppetlabs.com/references/latest/type.html#service). Valid options: a string. Default: undef (if not specified, Puppet uses the `service` default). - -* `service_ensure`: Specifies whether the HAProxy service should be enabled at boot and running, or disabled at boot and stopped. Valid options: 'running' and 'stopped'. Default: 'running'. - -* `service_manage`: Specifies whether the state of the HAProxy service should be managed by Puppet. Valid options: 'true' and 'false'. Default: 'true'. - -* `service_options`: Contents for the `/etc/defaults/haproxy` file on Debian. Defaults to "ENABLED=1\n" on Debian, and is ignored on other systems. - -* `config_dir`: Path to the directory in which the main configuration file `haproxy.cfg` resides. Will also be used for storing any managed map files (see [`haproxy::mapfile`](#define-haproxymapfile). Default depends on platform. - -#### Define: `haproxy::balancermember` - -Configures a service inside a listening or backend service configuration block in haproxy.cfg. - -##### Parameters - -* `define_cookies`: *Optional.* Specifies whether to add 'cookie SERVERID' stickiness options. Valid options: 'true' and 'false'. Default: 'false'. - -* `ensure`: Specifies whether the balancermember should be listed in haproxy.cfg. Valid options: 'present' and 'absent'. Default: 'present'. - -* `ipaddresses`: *Optional.* Specifies the IP address used to contact the balancermember service. Valid options: a string or an array. If you pass an array, it must contain the same number of elements as the array you pass to the `server_names` parameter. For each pair of entries in the `ipaddresses` and `server_names` arrays, Puppet creates server entries in haproxy.cfg targeting each port specified in the `ports` parameter. Default: the value of the `$::ipaddress` fact. - -* `listening_service`: *Required.* Associates the balancermember with an `haproxy::listen` resource. Valid options: a string matching the title of a declared `haproxy::listen` resource. - -* `options`: *Optional.* Adds one or more options to the listening service's configuration block in haproxy.cfg, following the server declaration. Valid options: a string or an array. Default: ''. - -* `ports`: *Optional.* Specifies one or more ports on which the load balancer sends connections to balancermembers. Valid options: an array. Default: undef. If no port is specified, the load balancer forwards traffic on the same port as received on the frontend. - -* `server_names`: *Required unless `collect_exported` is set to `true`.* Sets the name of the balancermember service in the listening service's configuration block in haproxy.cfg. Valid options: a string or an array. If you pass an array, it must contain the same number of elements as the array you pass to the `ipaddresses` parameter. For each pair of entries in the `ipaddresses` and `server_names` arrays, Puppet creates server entries in haproxy.cfg targeting each port specified in the `ports` parameter. Default: the value of the `$::hostname` fact. - -* `instance`: *Optional.* When using `haproxy::instance` to run multiple instances of Haproxy on the same machine, this indicates which instance. Defaults to "haproxy". - -#### Define: `haproxy::backend` - -Sets up a backend service configuration block inside haproxy.cfg. Each backend service needs one or more balancermember services (declared with the [`haproxy::balancermember` define](#define-haproxybalancermember)). - -##### Parameters - -* `collect_exported`: *Optional.* Specifies whether to collect resources exported by other nodes. This serves as a form of autodiscovery. Valid options: 'true' and 'false'. If set to 'false', Puppet only manages balancermembers that you specify through the `haproxy::balancermembers` define. Default: 'true'. - -* `name`: *Optional.* Supplies a name for the backend service. This value appears right after the 'backend' statement in haproxy.cfg. Valid options: a string. Default: the title of your declared resource. - -* `options`: *Optional.* Adds one or more options to the backend service's configuration block in haproxy.cfg. Valid options: a hash or an array. To control the ordering of these options within the configuration block, supply an array of hashes where each hash contains one 'option => value' pair. Default: - -* `instance`: *Optional.* When using `haproxy::instance` to run multiple instances of Haproxy on the same machine, this indicates which instance. Defaults to "haproxy". - -~~~puppet -{ - 'option' => [ - 'tcplog', - 'ssl-hello-chk' - ], - 'balance' => 'roundrobin' -} -~~~ - -#### Define: `haproxy::frontend` - -Sets up a frontend service configuration block inside haproxy.cfg. Each frontend service needs one or more balancermember services (declared with the [`haproxy::balancermember` define](#define-haproxybalancermember)). - -##### Parameters - -* `bind`: *Required unless `ports` and `ipaddress` are specified.* Adds one or more bind lines to the frontend service's configuration block in haproxy.cfg. Valid options: a hash of `'address:port' => [parameters]` pairs, where the key is a comma-delimited list of one or more listening addresses and ports passed as a string, and the value is an array of bind options. For example: - -~~~puppet -bind => { - '168.12.12.12:80' => [], - '192.168.1.10:8080,192.168.1.10:8081' => [], - '10.0.0.1:443-453' => ['ssl', 'crt', 'puppetlabs.com'], - ':8443,:8444' => ['ssl', 'crt', 'internal.puppetlabs.com'], - '/var/run/haproxy-frontend.sock' => [ 'user root', 'mode 600', 'accept-proxy' ], -} -~~~ - -For more information, see the [HAProxy Configuration Manual](http://cbonte.github.io/haproxy-dconv/configuration-1.5.html#4.2-bind). - -* `bind_options`: Deprecated. This setting has never functioned in any version of the haproxy module. Use `bind` instead. - -* `ipaddress`: *Required unless `bind` is specified.* Specifies an IP address for the proxy to bind to. Valid options: a string. If left unassigned or set to '*' or '0.0.0.0', the proxy listens to all valid addresses on the system. - -* `mode`: *Optional.* Sets the mode of operation for the frontend service. Valid options: 'tcp', 'http', and 'health'. Default: undef. - -* `name`: *Optional.* Supplies a name for the frontend service. This value appears right after the 'frontend' statement in haproxy.cfg. Valid options: a string. Default: the title of your declared resource. - -* `options`: *Optional.* Adds one or more options to the frontend service's configuration block in haproxy.cfg. Valid options: a hash or an array. To control the ordering of these options within the configuration block, supply an array of hashes where each hash contains one 'option => value' pair. - -~~~puppet -{ - 'option' => [ - 'tcplog', - ], -} -~~~ - -* `ports`: *Required unless `bind` is specified.* Specifies which ports to listen on for the address specified in `ipaddress`. Valid options: an array of port numbers and/or port ranges or a string containing a comma-delimited list of port numbers/ranges. - -* `instance`: *Optional.* When using `haproxy::instance` to run multiple instances of Haproxy on the same machine, this indicates which instance. Defaults to "haproxy". - -#### Define: `haproxy::listen` - -Sets up a listening service configuration block inside haproxy.cfg. Each listening service configuration needs one or more balancermember services (declared with the [`haproxy::balancermember` define](#define-haproxybalancermember)). - -##### Parameters - -* `bind`: *Required unless `ports` and `ipaddress` are specified.* Adds one or more bind options to the listening service's configuration block in haproxy.cfg. Valid options: a hash of `'address:port' => [parameters]` pairs, where the key is a comma-delimited list of one or more listening addresses and ports passed as a string, and the value is an array of bind options. For example: - -~~~puppet -bind => { - '168.12.12.12:80' => [], - '192.168.1.10:8080,192.168.1.10:8081' => [], - '10.0.0.1:443-453' => ['ssl', 'crt', 'puppetlabs.com'], - ':8443,:8444' => ['ssl', 'crt', 'internal.puppetlabs.com'], - '/var/run/haproxy-frontend.sock' => [ 'user root', 'mode 600', 'accept-proxy' ], -} -~~~ - -For more information, see the [HAProxy Configuration Manual](http://cbonte.github.io/haproxy-dconv/configuration-1.5.html#4.2-bind). - -* `bind_options`: Deprecated. This setting has never functioned in any version of the haproxy module. Use `bind` instead. - -* `collect_exported`: *Optional.* Specifies whether to collect resources exported by other nodes. This serves as a form of autodiscovery. Valid options: 'true' and 'false'. If set to 'false', Puppet only manages balancermembers that you specify through the `haproxy::balancermembers` define. Default: 'true'. - -* `ipaddress`: *Required unless `bind` is specified.* Specifies an IP address for the proxy to bind to. Valid options: a string. If left unassigned or set to '*' or '0.0.0.0', the proxy listens to all valid addresses on the system. - -* `mode`: *Optional.* Sets the mode of operation for the listening service. Valid options: 'tcp', 'http', and 'health'. Default: undef. - -* `name`: *Optional.* Supplies a name for the listening service. This value appears right after the 'listen' statement in haproxy.cfg. Valid options: a string. Default: the title of your declared resource. - -* `options`: *Optional.* Adds one or more options to the listening service's configuration block in haproxy.cfg. Valid options: a hash or an array. To control the ordering of these options within the configuration block, supply an array of hashes where each hash contains one 'option => value' pair. - -* `ports`: *Required unless `bind` is specified.* Specifies which ports to listen on for the address specified in `ipaddress`. Valid options: a single comma-delimited string or an array of strings. Each string can contain a port number or a hyphenated range of port numbers (e.g., 8443-8450). - - -#### Define: `haproxy::userlist` - -Sets up a [userlist configuration block](http://cbonte.github.io/haproxy-dconv/configuration-1.4.html#3.4) inside haproxy.cfg. - -##### Parameters - -* `groups`: *Required unless `users` is specified.* Adds groups to the userlist. For more information, see the [HAProxy Configuration Manual](http://cbonte.github.io/haproxy-dconv/configuration-1.4.html#3.4-group). Valid options: an array of groupnames. Default: undef. - -* `name`: *Optional.* Supplies a name for the userlist. This value appears right after the 'userlist' statement in haproxy.cfg. Valid options: a string. Default: the title of your declared resource. - -* `users`: *Required unless `groups` is specified.* Adds users to the userlist. For more information, see the [HAProxy Configuration Manual](http://cbonte.github.io/haproxy-dconv/configuration-1.4.html#3.4-user). Valid options: an array of usernames. Default: undef. - -* `instance`: *Optional.* When using `haproxy::instance` to run multiple instances of Haproxy on the same machine, this indicates which instance. Defaults to "haproxy". - -#### Define: `haproxy::peers` - -Sets up a peers entry in haproxy.cfg on the load balancer. This entry is required to share the current state of HAProxy with other HAProxy instances in high-availability configurations. - -##### Parameters - -* `collect_exported`: *Optional.* Specifies whether to collect resources exported by other nodes. This serves as a form of autodiscovery. Valid options: 'true' and 'false'. Default: 'true'. - -* `name`: *Optional.* Appends a name to the peers entry in haproxy.cfg. Valid options: a string. Default: the title of your declared resource. - -* `instance`: *Optional.* When using `haproxy::instance` to run multiple instances of Haproxy on the same machine, this indicates which instance. Defaults to "haproxy". - -#### Define: `haproxy::peer` - -Sets up a peer entry inside the peers configuration block in haproxy.cfg. - -##### Parameters - -* `ensure`: Specifies whether the peer should exist in the configuration block. Valid options: 'present' or 'absent'. Default: 'present'. - -* `ipaddresses`: *Required unless the `collect_exported` parameter of your `haproxy::peers` resource is set to `true`.* Specifies the IP address used to contact the peer member server. Valid options: a string or an array. If you pass an array, it must contain the same number of elements as the array you pass to the `server_names` parameter. Puppet pairs up the elements from both arrays and creates a peer for each pair of values. Default: the value of the `$::ipaddress` fact. - -* `peers_name`: *Required.* Specifies the peer in which to add the load balancer. Valid options: a string containing the name of an HAProxy peer. - -* `port`: *Required.* Specifies the port on which the load balancer sends connections to peers. Valid options: a string containing a port number. - -* `server_names`: *Required unless the `collect_exported` parameter of your `haproxy::peers` resource is set to `true`.* Sets the name of the peer server as listed in the peers configuration block. Valid options: a string or an array. If you pass an array, it must contain the same number of elements as the array you pass to `ipaddresses`. Puppet pairs up the elements from both arrays and creates a peer for each pair of values. Default: the value of the `$::hostname` fact. - -* `instance`: *Optional.* When using `haproxy::instance` to run multiple instances of Haproxy on the same machine, this indicates which instance. Defaults to "haproxy". - -#### Define: `haproxy::instance` - -Runs multiple instances of haproxy on the same machine. Normally users -use the Class['haproxy'], which runs a single haproxy daemon on a machine. - -##### Parameters - -* `package_ensure`: Chooses whether the haproxy package should be installed or uninstalled. -Defaults to 'present' - -* `package_name`: -The package name of haproxy. Defaults to undef, and no package is installed. -NOTE: Class['haproxy'] has a different default. - -* `service_ensure`: -Chooses whether the haproxy service should be running & enabled at boot, or -stopped and disabled at boot. Defaults to 'running' - -* `service_manage`: -Chooses whether the haproxy service state should be managed by puppet at -all. Defaults to true - -* `global_options`: -A hash of all the haproxy global options. If you want to specify more -than one option (i.e. multiple timeout or stats options), pass those -options as an array and you will get a line for each of them in the -resultant haproxy.cfg file. - -* `defaults_options`: -A hash of all the haproxy defaults options. If you want to specify more -than one option (i.e. multiple timeout or stats options), pass those -options as an array and you will get a line for each of them in the -resultant haproxy.cfg file. - -* `restart_command`: -Command to use when restarting the on config changes. -Passed directly as the 'restart' parameter to the service -resource. -Defaults to undef i.e. whatever the service default is. - -* `custom_fragment`: -Allows arbitrary HAProxy configuration to be passed through to support -additional configuration not available via parameters, or to short-circuit -the defined resources such as haproxy::listen when an operater would rather -just write plain configuration. Accepts a string (ie, output from the -template() function). Defaults to undef - -* `config_file`: -Allows arbitrary config filename to be specified. If this is used, -it is assumed that the directory path to the file exists and has -owner/group/permissions as desired. If set to undef, the name -will be generated as follows: -If $title is 'haproxy', the operating system default will be used. -Otherwise, /etc/haproxy-$title/haproxy-$title.conf (Linux), -or /usr/local/etc/haproxy-$title/haproxy-$title.conf (FreeBSD) -The parent directory will be created automatically. -Defaults to undef. - -#### Define: `haproxy::instance_service` - -Example manifest that shows one way to create the Service[] environment needed -by haproxy::instance. - -##### Parameters - -* `haproxy_package`: -The name of the package to be installed. This is useful if -you package your own custom version of haproxy. -Defaults to 'haproxy' - -* `bindir`: -Where to put symlinks to the binary used for each instance. -Defaults to '/opt/haproxy/bin' - -* `haproxy_init_source`: -Path to the template init.d script that will start/restart/reload this instance. - -* `haproxy_unit_template`: -Path to the template systemd service unit definition that will start/restart/reload this instance. - -#### Define: `haproxy::mapfile` - -Manages an HAProxy [map file](https://cbonte.github.io/haproxy-dconv/configuration-1.5.html#7.3.1-map). A map allows to map data in input to other data on output. This is especially useful for efficiently mapping domain names to backends, thus effectively implementing name-based virtual hosting. A map file contains one key + value per line. These key-value pairs are specified in the `mappings` array. - -This article on the HAProxy blog gives a nice overview of the use case: http://blog.haproxy.com/2015/01/26/web-application-name-to-backend-mapping-in-haproxy/ - -##### Parameters - -* `namevar`: The namevar of the defined resource type is the filename of the map file (without any extension), relative to the `haproxy::config_dir` directory. A '.map' extension is added automatically. - -* `mappings`: An array of mappings for this map file. Array elements may be Hashes with a single key-value pair each (preferably) or simple Strings. Default: `[]`. Example: - - ```puppet - mappings => [ - { 'app01.example.com' => 'bk_app01' }, - { 'app02.example.com' => 'bk_app02' }, - { 'app03.example.com' => 'bk_app03' }, - { 'app04.example.com' => 'bk_app04' }, - 'app05.example.com bk_app05', - 'app06.example.com bk_app06', - ] - ``` - -* `ensure`: The state of the underlying file resource, either 'present' or 'absent'. Default: 'present' - -* `owner`: The owner of the underlying file resource. Defaut: 'root' - -* `group`: The group of the underlying file resource. Defaut: 'root' - -* `mode`: The mode of the underlying file resource. Defaut: '0644' - -* `instances`: Array of names of managed HAproxy instances to notify (restart/reload) when the map file is updated. This is so that the same map file can be used with multiple HAproxy instances (if multiple instances are used). Default: `[ 'haproxy' ]` - -## Limitations - -This module is tested and officially supported on the following platforms: - -* RHEL versions 5, 6, and 7 -* Ubuntu versions 10.04, 12.04, and 14.04 -* Debian versions 6 and 7 -* Scientific Linux versions 5, 6, and 7 -* CentOS versions 5, 6, and 7 -* Oracle Linux versions 5, 6, and 7 - -Testing on other platforms has been light and cannot be guaranteed. - -## Development -Puppet Labs modules on the Puppet Forge are open projects, and community contributions are essential for keeping them great. We can't access the huge number of platforms and myriad hardware, software, and deployment configurations that Puppet is intended to serve. We want to keep it as easy as possible to contribute changes so that our modules work in your environment. There are a few guidelines that we need contributors to follow so that we can have a chance of keeping on top of things. - -For more information, see our [module contribution guide.](https://docs.puppetlabs.com/forge/contributing.html) - -To see who's already involved, see the [list of contributors.](https://github.com/puppetlabs/puppetlabs-haproxy/graphs/contributors) diff --git a/haproxy/Rakefile b/haproxy/Rakefile deleted file mode 100644 index 181157e6e..000000000 --- a/haproxy/Rakefile +++ /dev/null @@ -1,10 +0,0 @@ -require 'puppetlabs_spec_helper/rake_tasks' -require 'puppet-lint/tasks/puppet-lint' - -PuppetLint.configuration.fail_on_warnings = true -PuppetLint.configuration.send('relative') -PuppetLint.configuration.send('disable_80chars') -PuppetLint.configuration.send('disable_class_inherits_from_params_class') -PuppetLint.configuration.send('disable_documentation') -PuppetLint.configuration.send('disable_single_quote_string_with_variables') -PuppetLint.configuration.ignore_paths = ["spec/**/*.pp", "pkg/**/*.pp"] diff --git a/haproxy/examples/init.pp b/haproxy/examples/init.pp deleted file mode 100644 index 30fbd8358..000000000 --- a/haproxy/examples/init.pp +++ /dev/null @@ -1,68 +0,0 @@ -# Declare haproxy base class with configuration options -class { 'haproxy': - enable => true, - global_options => { - 'log' => "${::ipaddress} local0", - 'chroot' => '/var/lib/haproxy', - 'pidfile' => '/var/run/haproxy.pid', - 'maxconn' => '4000', - 'user' => 'haproxy', - 'group' => 'haproxy', - 'daemon' => '', - 'stats' => 'socket /var/lib/haproxy/stats', - }, - defaults_options => { - 'log' => 'global', - 'stats' => 'enable', - 'option' => 'redispatch', - 'retries' => '3', - 'timeout' => [ - 'http-request 10s', - 'queue 1m', - 'connect 10s', - 'client 1m', - 'server 1m', - 'check 10s', - ], - 'maxconn' => '8000', - }, -} - -# Export a balancermember server, note that the listening_service parameter -# will/must correlate with an haproxy::listen defined resource type. -@@haproxy::balancermember { $fqdn: - order => '21', - listening_service => 'puppet00', - server_name => $::hostname, - balancer_ip => $::ipaddress, - balancer_port => '8140', - balancermember_options => 'check' -} - -# Declare a couple of Listening Services for haproxy.cfg -# Note that the balancermember server resources are being collected in -# the haproxy::config defined resource type with the following line: -# Haproxy::Balancermember <<| listening_service == $name |>> -haproxy::listen { 'puppet00': - order => '20', - ipaddress => $::ipaddress, - ports => '18140', - options => { - 'option' => [ - 'tcplog', - ], - 'balance' => 'roundrobin', - }, -} -haproxy::listen { 'stats': - order => '30', - ipaddress => '', - ports => '9090', - options => { - 'mode' => 'http', - 'stats' => [ - 'uri /', - 'auth puppet:puppet' - ], - }, -} diff --git a/haproxy/lib/facter/haproxy_version.rb b/haproxy/lib/facter/haproxy_version.rb deleted file mode 100644 index 5797c16a6..000000000 --- a/haproxy/lib/facter/haproxy_version.rb +++ /dev/null @@ -1,22 +0,0 @@ -# Fact: haproxy_version -# -# Purpose: get haproxy's current version -# -# Resolution: -# Uses haproxy's -v flag and parses the result from 'version' -# -# Caveats: -# none -# -# Notes: -# None -if Facter::Util::Resolution.which('haproxy') - Facter.add('haproxy_version') do - haproxy_version_cmd = 'haproxy -v 2>&1' - haproxy_version_result = Facter::Util::Resolution.exec(haproxy_version_cmd) - setcode do - haproxy_version_result.to_s.lines.first.strip.split(/HA-Proxy/)[1].strip.split(/version/)[1].strip.split(/((\d+\.){2,}\d+).*/)[1] - end - end -end - diff --git a/haproxy/manifests/backend.pp b/haproxy/manifests/backend.pp deleted file mode 100644 index 7cd9abd8d..000000000 --- a/haproxy/manifests/backend.pp +++ /dev/null @@ -1,88 +0,0 @@ -# == Define Resource Type: haproxy::backend -# -# This type will setup a backend service configuration block inside the -# haproxy.cfg file on an haproxy load balancer. Each backend service needs one -# or more backend member servers (that can be declared with the -# haproxy::balancermember defined resource type). Using storeconfigs, you can -# export the haproxy::balancermember resources on all load balancer member -# servers and then collect them on a single haproxy load balancer server. -# -# === Requirement/Dependencies: -# -# Currently requires the puppetlabs/concat module on the Puppet Forge and -# uses storeconfigs on the Puppet Master to export/collect resources -# from all backend members. -# -# === Parameters -# -# [*section_name*] -# This name goes right after the 'backend' statement in haproxy.cfg -# Default: $name (the namevar of the resource). -# -# [*options*] -# A hash of options that are inserted into the backend configuration block. -# -# [*collect_exported*] -# Boolean, default 'true'. True means 'collect exported @@balancermember -# resources' (for the case when every balancermember node exports itself), -# false means 'rely on the existing declared balancermember resources' (for -# the case when you know the full set of balancermember in advance and use -# haproxy::balancermember with array arguments, which allows you to deploy -# everything in 1 run) -# -# === Examples -# -# Exporting the resource for a backend member: -# -# haproxy::backend { 'puppet00': -# options => { -# 'option' => [ -# 'tcplog', -# 'ssl-hello-chk' -# ], -# 'balance' => 'roundrobin' -# }, -# } -# -# === Authors -# -# Gary Larizza -# Jeremy Kitchen -# -define haproxy::backend ( - $collect_exported = true, - $options = { - 'option' => [ - 'tcplog', - ], - 'balance' => 'roundrobin' - }, - $instance = 'haproxy', - $section_name = $name, -) { - if defined(Haproxy::Listen[$section_name]) { - fail("An haproxy::listen resource was discovered with the same name (${section_name}) which is not supported") - } - - include haproxy::params - if $instance == 'haproxy' { - $instance_name = 'haproxy' - $config_file = $haproxy::params::config_file - } else { - $instance_name = "haproxy-${instance}" - $config_file = inline_template($haproxy::params::config_file_tmpl) - } - - # Template uses: $section_name, $ipaddress, $ports, $options - concat::fragment { "${instance_name}-${section_name}_backend_block": - order => "20-${section_name}-00", - target => $config_file, - content => template('haproxy/haproxy_backend_block.erb'), - } - - if $collect_exported { - haproxy::balancermember::collect_exported { $section_name: } - } - # else: the resources have been created and they introduced their - # concat fragments. We don't have to do anything about them. -} diff --git a/haproxy/manifests/balancermember.pp b/haproxy/manifests/balancermember.pp deleted file mode 100644 index 1866a74cb..000000000 --- a/haproxy/manifests/balancermember.pp +++ /dev/null @@ -1,112 +0,0 @@ -# == Define Resource Type: haproxy::balancermember -# -# This type will setup a balancer member inside a listening service -# configuration block in /etc/haproxy/haproxy.cfg on the load balancer. -# currently it only has the ability to specify the instance name, -# ip address, port, and whether or not it is a backup. More features -# can be added as needed. The best way to implement this is to export -# this resource for all haproxy balancer member servers, and then collect -# them on the main haproxy load balancer. -# -# === Requirement/Dependencies: -# -# Currently requires the puppetlabs/concat module on the Puppet Forge and -# uses storeconfigs on the Puppet Master to export/collect resources -# from all balancer members. -# -# === Parameters -# -# [*listening_service*] -# The haproxy service's instance name (or, the title of the -# haproxy::listen resource). This must match up with a declared -# haproxy::listen resource. -# -# [*ports*] -# An array or commas-separated list of ports for which the balancer member -# will accept connections from the load balancer. Note that cookie values -# aren't yet supported, but shouldn't be difficult to add to the -# configuration. If you use an array in server_names and ipaddresses, the -# same port is used for all balancermembers. -# -# [*server_names*] -# The name of the balancer member server as known to haproxy in the -# listening service's configuration block. This defaults to the -# hostname. Can be an array of the same length as ipaddresses, -# in which case a balancermember is created for each pair of -# server_names and ipaddresses (in lockstep). -# -# [*ipaddresses*] -# The ip address used to contact the balancer member server. -# Can be an array, see documentation to server_names. -# -# [*ensure*] -# If the balancermember should be present or absent. -# Defaults to present. -# -# [*options*] -# An array of options to be specified after the server declaration -# in the listening service's configuration block. -# -# [*define_cookies*] -# If true, then add "cookie SERVERID" stickiness options. -# Default false. -# -# === Examples -# -# Exporting the resource for a balancer member: -# -# @@haproxy::balancermember { 'haproxy': -# listening_service => 'puppet00', -# ports => '8140', -# server_names => $::hostname, -# ipaddresses => $::ipaddress, -# options => 'check', -# } -# -# -# Collecting the resource on a load balancer -# -# Haproxy::Balancermember <<| listening_service == 'puppet00' |>> -# -# Creating the resource for multiple balancer members at once -# (for single-pass installation of haproxy without requiring a first -# pass to export the resources if you know the members in advance): -# -# haproxy::balancermember { 'haproxy': -# listening_service => 'puppet00', -# ports => '8140', -# server_names => ['server01', 'server02'], -# ipaddresses => ['192.168.56.200', '192.168.56.201'], -# options => 'check', -# } -# -# (this resource can be declared anywhere) -# -define haproxy::balancermember ( - $listening_service, - $ports = undef, - $server_names = $::hostname, - $ipaddresses = $::ipaddress, - $ensure = 'present', - $options = '', - $define_cookies = false, - $instance = 'haproxy', -) { - - include haproxy::params - if $instance == 'haproxy' { - $instance_name = 'haproxy' - $config_file = $haproxy::params::config_file - } else { - $instance_name = "haproxy-${instance}" - $config_file = inline_template($haproxy::params::config_file_tmpl) - } - - # Template uses $ipaddresses, $server_name, $ports, $option - concat::fragment { "${instance_name}-${listening_service}_balancermember_${name}": - ensure => $ensure, - order => "20-${listening_service}-01-${name}", - target => $config_file, - content => template('haproxy/haproxy_balancermember.erb'), - } -} diff --git a/haproxy/manifests/balancermember/collect_exported.pp b/haproxy/manifests/balancermember/collect_exported.pp deleted file mode 100644 index f32696e47..000000000 --- a/haproxy/manifests/balancermember/collect_exported.pp +++ /dev/null @@ -1,8 +0,0 @@ -# Private define -define haproxy::balancermember::collect_exported { - if $caller_module_name != $module_name { - fail("Use of private class ${name} by ${caller_module_name}") - } - - Haproxy::Balancermember <<| listening_service == $name |>> -} diff --git a/haproxy/manifests/config.pp b/haproxy/manifests/config.pp deleted file mode 100644 index 1f27a31ca..000000000 --- a/haproxy/manifests/config.pp +++ /dev/null @@ -1,66 +0,0 @@ -# Private class -define haproxy::config ( - $instance_name, - $config_file, - $global_options, - $defaults_options, - $config_dir = undef, # A default is required for Puppet 2.7 compatibility. When 2.7 is no longer supported, this parameter default should be removed. - $custom_fragment = undef, # A default is required for Puppet 2.7 compatibility. When 2.7 is no longer supported, this parameter default should be removed. - $merge_options = $haproxy::merge_options, -) { - if $caller_module_name != $module_name { - fail("Use of private class ${name} by ${caller_module_name}") - } - - if $merge_options { - $_global_options = merge($haproxy::params::global_options, $global_options) - $_defaults_options = merge($haproxy::params::defaults_options, $defaults_options) - } else { - $_global_options = $global_options - $_defaults_options = $defaults_options - warning("${module_name}: The \$merge_options parameter will default to true in the next major release. Please review the documentation regarding the implications.") - } - - if $config_dir != undef { - file { $config_dir: - ensure => directory, - owner => 'root', - group => 'root', - mode => '0755', - } - } - - if $config_file != undef { - $_config_file = $config_file - } else { - $_config_file = $haproxy::config_file - } - - concat { $_config_file: - owner => '0', - group => '0', - mode => '0644', - } - - # Simple Header - concat::fragment { "${instance_name}-00-header": - target => $_config_file, - order => '01', - content => "# This file managed by Puppet\n", - } - - # Template uses $_global_options, $_defaults_options, $custom_fragment - concat::fragment { "${instance_name}-haproxy-base": - target => $_config_file, - order => '10', - content => template("${module_name}/haproxy-base.cfg.erb"), - } - - if $_global_options['chroot'] { - file { $_global_options['chroot']: - ensure => directory, - owner => $_global_options['user'], - group => $_global_options['group'], - } - } -} diff --git a/haproxy/manifests/frontend.pp b/haproxy/manifests/frontend.pp deleted file mode 100644 index b4aff9013..000000000 --- a/haproxy/manifests/frontend.pp +++ /dev/null @@ -1,112 +0,0 @@ -# == Define Resource Type: haproxy::frontend -# -# This type will setup a frontend service configuration block inside -# the haproxy.cfg file on an haproxy load balancer. -# -# === Requirement/Dependencies: -# -# Currently requires the puppetlabs/concat module on the Puppet Forge and -# uses storeconfigs on the Puppet Master to export/collect resources -# from all balancer members. -# -# === Parameters -# -# [*section_name*] -# This name goes right after the 'frontend' statement in haproxy.cfg -# Default: $name (the namevar of the resource). -# -# [*ports*] -# Ports on which the proxy will listen for connections on the ip address -# specified in the ipaddress parameter. Accepts either a single -# comma-separated string or an array of strings which may be ports or -# hyphenated port ranges. -# -# [*bind*] -# Set of ip addresses, port and bind options -# $bind = { '10.0.0.1:80' => ['ssl', 'crt', '/path/to/my/crt.pem'] } -# -# [*ipaddress*] -# The ip address the proxy binds to. -# Empty addresses, '*', and '0.0.0.0' mean that the proxy listens -# to all valid addresses on the system. -# -# [*mode*] -# The mode of operation for the frontend service. Valid values are undef, -# 'tcp', 'http', and 'health'. -# -# [*bind_options*] -# (Deprecated) An array of options to be specified after the bind declaration -# in the listening serivce's configuration block. -# -# [*options*] -# A hash of options that are inserted into the frontend service -# configuration block. -# -# === Examples -# -# Exporting the resource for a balancer member: -# -# haproxy::frontend { 'puppet00': -# ipaddress => $::ipaddress, -# ports => '18140', -# mode => 'tcp', -# bind_options => 'accept-proxy', -# options => { -# 'option' => [ -# 'tcplog', -# 'accept-invalid-http-request', -# ], -# 'timeout client' => '30s', -# 'balance' => 'roundrobin' -# }, -# } -# -# === Authors -# -# Gary Larizza -# -define haproxy::frontend ( - $ports = undef, - $ipaddress = undef, - $bind = undef, - $mode = undef, - $collect_exported = true, - $options = { - 'option' => [ - 'tcplog', - ], - }, - $instance = 'haproxy', - $section_name = $name, - # Deprecated - $bind_options = undef, -) { - if $ports and $bind { - fail('The use of $ports and $bind is mutually exclusive, please choose either one') - } - if $ipaddress and $bind { - fail('The use of $ipaddress and $bind is mutually exclusive, please choose either one') - } - if $bind_options { - warning('The $bind_options parameter is deprecated; please use $bind instead') - } - if $bind { - validate_hash($bind) - } - - include haproxy::params - if $instance == 'haproxy' { - $instance_name = 'haproxy' - $config_file = $haproxy::params::config_file - } else { - $instance_name = "haproxy-${instance}" - $config_file = inline_template($haproxy::params::config_file_tmpl) - } - - # Template uses: $section_name, $ipaddress, $ports, $options - concat::fragment { "${instance_name}-${section_name}_frontend_block": - order => "15-${section_name}-00", - target => $config_file, - content => template('haproxy/haproxy_frontend_block.erb'), - } -} diff --git a/haproxy/manifests/init.pp b/haproxy/manifests/init.pp deleted file mode 100644 index 15493af8f..000000000 --- a/haproxy/manifests/init.pp +++ /dev/null @@ -1,178 +0,0 @@ -# == Class: haproxy -# -# A Puppet module, using storeconfigs, to model an haproxy configuration. -# Currently VERY limited - assumes Redhat/CentOS setup. Pull requests accepted! -# -# === Requirement/Dependencies: -# -# Currently requires the puppetlabs/concat module on the Puppet Forge and -# uses storeconfigs on the Puppet Master to export/collect resources -# from all balancer members. -# -# === Parameters -# -# [*package_ensure*] -# Chooses whether the haproxy package should be installed or uninstalled. -# Defaults to 'present' -# -# [*package_name*] -# The package name of haproxy. Defaults to 'haproxy' -# NOTE: haproxy::instance has a different default. -# -# [*service_ensure*] -# Chooses whether the haproxy service should be running & enabled at boot, or -# stopped and disabled at boot. Defaults to 'running' -# -# [*service_manage*] -# Chooses whether the haproxy service state should be managed by puppet at -# all. Defaults to true -# -# [*service_options*] -# Contents for the `/etc/defaults/haproxy` file on Debian. Defaults to "ENABLED=1\n" on Debian, and is ignored on other systems. -# -# [*service_options*] -# Contents for the `/etc/defaults/haproxy` file on Debian. Defaults to "ENABLED=1\n" on Debian, and is ignored on other systems. -# -# [*service_options*] -# Contents for the `/etc/defaults/haproxy` file on Debian. Defaults to "ENABLED=1\n" on Debian, and is ignored on other systems. -# -# [*global_options*] -# A hash of all the haproxy global options. If you want to specify more -# than one option (i.e. multiple timeout or stats options), pass those -# options as an array and you will get a line for each of them in the -# resultant haproxy.cfg file. -# -# [*defaults_options*] -# A hash of all the haproxy defaults options. If you want to specify more -# than one option (i.e. multiple timeout or stats options), pass those -# options as an array and you will get a line for each of them in the -# resultant haproxy.cfg file. -# -# [*merge_options*] -# Whether to merge the user-supplied `global_options`/`defaults_options` -# hashes with their default values set in params.pp. Merging allows to change -# or add options without having to recreate the entire hash. Defaults to -# false, but will default to true in future releases. -# -# [*restart_command*] -# Command to use when restarting the on config changes. -# Passed directly as the 'restart' parameter to the service resource. -# Defaults to undef i.e. whatever the service default is. -# -# [*custom_fragment*] -# Allows arbitrary HAProxy configuration to be passed through to support -# additional configuration not available via parameters, or to short-circute -# the defined resources such as haproxy::listen when an operater would rather -# just write plain configuration. Accepts a string (ie, output from the -# template() function). Defaults to undef -# -# [*config_dir*] -# Path to the directory in which the main configuration file `haproxy.cfg` -# resides. Will also be used for storing any managed map files (see -# `haproxy::mapfile`). Default depends on platform. -# -# === Examples -# -# class { 'haproxy': -# global_options => { -# 'log' => "${::ipaddress} local0", -# 'chroot' => '/var/lib/haproxy', -# 'pidfile' => '/var/run/haproxy.pid', -# 'maxconn' => '4000', -# 'user' => 'haproxy', -# 'group' => 'haproxy', -# 'daemon' => '', -# 'stats' => 'socket /var/lib/haproxy/stats' -# }, -# defaults_options => { -# 'log' => 'global', -# 'stats' => 'enable', -# 'option' => 'redispatch', -# 'retries' => '3', -# 'timeout' => [ -# 'http-request 10s', -# 'queue 1m', -# 'connect 10s', -# 'client 1m', -# 'server 1m', -# 'check 10s' -# ], -# 'maxconn' => '8000' -# }, -# } -# -class haproxy ( - $package_ensure = 'present', - $package_name = $haproxy::params::package_name, - $service_ensure = 'running', - $service_manage = true, - $service_options = $haproxy::params::service_options, - $global_options = $haproxy::params::global_options, - $defaults_options = $haproxy::params::defaults_options, - $merge_options = $haproxy::params::merge_options, - $restart_command = undef, - $custom_fragment = undef, - $config_dir = $haproxy::params::config_dir, - $config_file = $haproxy::params::config_file, - - # Deprecated - $manage_service = undef, - $enable = undef, -) inherits haproxy::params { - - if $service_ensure != true and $service_ensure != false { - if ! ($service_ensure in [ 'running','stopped']) { - fail('service_ensure parameter must be running, stopped, true, or false') - } - } - validate_string($package_name,$package_ensure) - validate_bool($service_manage) - validate_bool($merge_options) - validate_string($service_options) - validate_hash($global_options, $defaults_options) - validate_absolute_path($config_dir) - - # NOTE: These deprecating parameters are implemented in this class, - # not in haproxy::instance. haproxy::instance is new and therefore - # there should be no legacy code that uses these deprecated - # parameters. - - # To support deprecating $enable - if $enable != undef { - warning('The $enable parameter is deprecated; please use service_ensure and/or package_ensure instead') - if $enable { - $_package_ensure = 'present' - $_service_ensure = 'running' - } else { - $_package_ensure = 'absent' - $_service_ensure = 'stopped' - } - } else { - $_package_ensure = $package_ensure - $_service_ensure = $service_ensure - } - - # To support deprecating $manage_service - if $manage_service != undef { - warning('The $manage_service parameter is deprecated; please use $service_manage instead') - $_service_manage = $manage_service - } else { - $_service_manage = $service_manage - } - - haproxy::instance{ $title: - package_ensure => $_package_ensure, - package_name => $package_name, - service_ensure => $_service_ensure, - service_manage => $_service_manage, - global_options => $global_options, - defaults_options => $defaults_options, - restart_command => $restart_command, - custom_fragment => $custom_fragment, - config_dir => $config_dir, - config_file => $config_file, - merge_options => $merge_options, - service_options => $service_options, - } - -} diff --git a/haproxy/manifests/install.pp b/haproxy/manifests/install.pp deleted file mode 100644 index 3ee846d81..000000000 --- a/haproxy/manifests/install.pp +++ /dev/null @@ -1,17 +0,0 @@ -# Private class -define haproxy::install ( - $package_ensure, - $package_name = undef, # A default is required for Puppet 2.7 compatibility. When 2.7 is no longer supported, this parameter default should be removed. -) { - if $caller_module_name != $module_name { - fail("Use of private class ${name} by ${caller_module_name}") - } - - if $package_name != undef { - package { $package_name: - ensure => $package_ensure, - alias => 'haproxy', - } - } - -} diff --git a/haproxy/manifests/instance.pp b/haproxy/manifests/instance.pp deleted file mode 100644 index 35421e3d8..000000000 --- a/haproxy/manifests/instance.pp +++ /dev/null @@ -1,234 +0,0 @@ -# == Define Resource Type: haproxy::instance -# -# Manages haproxy permitting multiple instances to run on the same machine. -# Normally users use the Class['haproxy'], which runs a single haproxy -# daemon on a machine. -# -# === Requirement/Dependencies: -# -# Currently requires the puppetlabs/concat module on the Puppet Forge and -# uses storeconfigs on the Puppet Master to export/collect resources -# from all balancer members. -# -# === Parameters -# -# [*package_ensure*] -# Chooses whether the haproxy package should be installed or uninstalled. -# Defaults to 'present' -# -# [*package_name*] -# The package name of haproxy. Defaults to undef, and no package is installed. -# NOTE: Class['haproxy'] has a different default. -# -# [*service_ensure*] -# Chooses whether the haproxy service should be running & enabled at boot, or -# stopped and disabled at boot. Defaults to 'running' -# -# [*service_manage*] -# Chooses whether the haproxy service state should be managed by puppet at -# all. Defaults to true -# -# [*global_options*] -# A hash of all the haproxy global options. If you want to specify more -# than one option (i.e. multiple timeout or stats options), pass those -# options as an array and you will get a line for each of them in the -# resultant haproxy.cfg file. -# -# [*defaults_options*] -# A hash of all the haproxy defaults options. If you want to specify more -# than one option (i.e. multiple timeout or stats options), pass those -# options as an array and you will get a line for each of them in the -# resultant haproxy.cfg file. -# -#[*restart_command*] -# Command to use when restarting the on config changes. -# Passed directly as the 'restart' parameter to the service -# resource. # Defaults to undef i.e. whatever the service default is. -# -#[*custom_fragment*] -# Allows arbitrary HAProxy configuration to be passed through to support -# additional configuration not available via parameters, or to short-circuit -# the defined resources such as haproxy::listen when an operater would rather -# just write plain configuration. Accepts a string (ie, output from the -# template() function). Defaults to undef -# -#[*config_file*] -# Allows arbitrary config filename to be specified. If this is used, -# it is assumed that the directory path to the file exists and has -# owner/group/permissions as desired. If set to undef, the name -# will be generated as follows: -# If $title is 'haproxy', the operating system default will be used. -# Otherwise, /etc/haproxy-$title/haproxy-$title.conf (Linux), -# or /usr/local/etc/haproxy-$title/haproxy-$title.conf (FreeBSD) -# The parent directory will be created automatically. -# Defaults to undef. -# -# === Examples -# -# A single instance of haproxy with all defaults -# i.e. emulate Class['haproxy'] -# package{ 'haproxy': ensure => present }->haproxy::instance { 'haproxy': }-> -# haproxy::listen { 'puppet00': -# instance => 'haproxy', -# collect_exported => false, -# ipaddress => $::ipaddress, -# ports => '8140', -# } -# -# Multiple instances of haproxy: -# haproxy::instance { 'group1': } -# haproxy::instance_service { 'group1': -# haproxy_init_source => "puppet:///modules/${module_name}/haproxy-group1.init", -# } -# haproxy::listen { 'puppet00': -# instance => 'group1', -# collect_exported => false, -# ipaddress => $::ipaddress, -# ports => '8800', -# requires => Package['haproxy'], -# } -# haproxy::instance { 'group2': } -# haproxy::instance_service { 'group2': -# haproxy_init_source => "puppet:///modules/${module_name}/haproxy-group1.init", -# } -# haproxy::listen { 'puppet00': -# instance => 'group2', -# collect_exported => false, -# ipaddress => $::ipaddress, -# ports => '9900', -# requires => Package['haproxy'], -# } -# -# Multiple instances of haproxy, one with a custom haproxy package: -# haproxy::instance { 'group1': } -# haproxy::instance_service { 'group1': -# haproxy_init_source => "puppet:///modules/${module_name}/haproxy-group1.init", -# } -# haproxy::listen { 'puppet00': -# instance => 'group1', -# collect_exported => false, -# ipaddress => $::ipaddress, -# ports => '8800', -# requires => Package['haproxy'], -# } -# haproxy::instance { 'group2': } -# haproxy::instance_service { 'group2': -# haproxy_package => 'custom_haproxy', -# haproxy_init_source => "puppet:///modules/${module_name}/haproxy-group2.init", -# } -# haproxy::listen { 'puppet00': -# instance => 'group2', -# collect_exported => false, -# ipaddress => $::ipaddress, -# ports => '9900', -# requires => Package['haproxy'], -# } -# -# When running multiple instances on one host, there must be a Service[] for -# each instance. One way to create the situation where Service[] works is -# using haproxy::instance_service. -# However you may want to do it some other way. For example, you may -# not have packages for your custom haproxy binary. Or, you may wish -# to use the standard haproxy package but not create links to it, or -# you may have different init.d scripts. In these cases, write your own -# puppet code that will result in Service[] working for you and do not -# call haproxy::instance_service. -# -define haproxy::instance ( - $package_ensure = 'present', - $package_name = undef, - $service_ensure = 'running', - $service_manage = true, - $global_options = undef, - $defaults_options = undef, - $restart_command = undef, - $custom_fragment = undef, - $config_dir = undef, - $config_file = undef, - $merge_options = $haproxy::params::merge_options, - $service_options = $haproxy::params::service_options, -) { - - if $service_ensure != true and $service_ensure != false { - if ! ($service_ensure in [ 'running','stopped']) { - fail('service_ensure parameter must be running, stopped, true, or false') - } - } - validate_string($package_name,$package_ensure) - validate_bool($service_manage) - - # Since this is a 'define', we can not use 'inherts haproxy::params'. - # Therefore, we "include haproxy::params" for any parameters we need. - include haproxy::params - - $_global_options = pick($global_options, $haproxy::params::global_options) - $_defaults_options = pick($defaults_options, $haproxy::params::defaults_options) - validate_hash($_global_options,$_defaults_options) - - # Determine instance_name based on: - # single-instance hosts: haproxy - # multi-instance hosts: haproxy-$title - if $title == 'haproxy' { - $instance_name = 'haproxy' - } else { - $instance_name = "haproxy-${title}" - } - - # Determine config_dir and config_file: - # If config_dir defined, use it. Otherwise: - # single-instance hosts: use defaults - # multi-instance hosts: use templates - if $config_file != undef { - $_config_file = $config_file - } else { - if $instance_name == 'haproxy' { - $_config_file = $haproxy::params::config_file - } else { - $_config_file = inline_template($haproxy::params::config_file_tmpl) - } - } - if $config_dir != undef { - $_config_dir = $config_dir - } else { - if $instance_name == 'haproxy' { - $_config_dir = $haproxy::params::config_dir - } else { - $_config_dir = inline_template($haproxy::params::config_dir_tmpl) - } - } - - haproxy::config { $title: - instance_name => $instance_name, - config_dir => $_config_dir, - config_file => $_config_file, - global_options => $_global_options, - defaults_options => $_defaults_options, - custom_fragment => $custom_fragment, - merge_options => $merge_options, - } - haproxy::install { $title: - package_name => $package_name, - package_ensure => $package_ensure, - } - haproxy::service { $title: - instance_name => $instance_name, - service_ensure => $service_ensure, - service_manage => $service_manage, - restart_command => $restart_command, - service_options => $service_options, - } - - if $package_ensure == 'absent' or $package_ensure == 'purged' { - anchor { "${title}::haproxy::begin": } - ~> Haproxy::Service[$title] - -> Haproxy::Config[$title] - -> Haproxy::Install[$title] - -> anchor { "${title}::haproxy::end": } - } else { - anchor { "${title}::haproxy::begin": } - -> Haproxy::Install[$title] - -> Haproxy::Config[$title] - ~> Haproxy::Service[$title] - -> anchor { "${title}::haproxy::end": } - } -} diff --git a/haproxy/manifests/instance_service.pp b/haproxy/manifests/instance_service.pp deleted file mode 100644 index a8c5833b3..000000000 --- a/haproxy/manifests/instance_service.pp +++ /dev/null @@ -1,131 +0,0 @@ -# == Define: haproxy::instance_service -# -# Set up the environment for an haproxy service. -# * Associate an haproxy instance with the haproxy package it should use. -# * Create the start/restart/stop functions needed by Service[]. -# In other words: sets things up so that Service[$instance_name] will work. -# -# In particular: -# * Create a link to the binary an instance will be using. This -# way each instance can link to a different binary. -# If you have an instance called "foo", you know "haproxy-foo" -# is a link to the binary it should be using. -# * Create an init.d file named after the instance. This way -# Service[$instance] can start/restart the service. -# -# NOTE: -# This manifest is just one example of how to set up Service[$instance]. -# Other sites may choose to do it very differently. In that case, do -# not call haproxy::instance_service; write your own module. The only -# requirement is that before haproxy::instance{$instance:} is called, -# Service[$instance] must be defined. -# -# FIXME: This hasn't been tested on FreeBSD. -# FIXME: This should take advantage of systemd when available. -# -# === Parameters -# -# [*haproxy_package*] -# The name of the package to be installed. This is useful if -# you package your own custom version of haproxy. -# Defaults to 'haproxy' -# -# [*bindir*] -# Where to put symlinks to the binary used for each instance. -# Defaults to '/opt/haproxy' -# -# [*haproxy_init_source*] -# The init.d script that will start/restart/reload this instance. -# -define haproxy::instance_service ( - $haproxy_init_source = undef, - $haproxy_unit_template = undef, - $haproxy_package = 'haproxy', - $bindir = '/opt/haproxy/bin', -) { - - ensure_resource('package', $haproxy_package, { - 'ensure' => 'present', - }) - - # Manage the parent directory. - ensure_resource('file', $bindir, { - ensure => directory, - owner => 'root', - group => 'root', - mode => '0744', - }) - - # Create a link named after the instance. This just makes it easier - # to manage difference instances using different versions of haproxy. - # If you have an instance called "foo", you know "haproxy-foo" - # is the binary. - $haproxy_link = "${bindir}/haproxy-${title}" - if $haproxy_package == 'haproxy' { - $haproxy_target = '/usr/sbin/haproxy' - } else { - $haproxy_target = "/opt/${haproxy_package}/sbin/haproxy" - } - file { $haproxy_link: - ensure => link, - target => $haproxy_target, - } - - # Create init.d or systemd files so that "service haproxy-$instance start" - # or "systemd start haproxy-$instance" works. - # This is not required if the standard instance is being used. - if ($title == 'haproxy') or ($haproxy_package == 'haproxy') { - } else { - $initfile = "/etc/init.d/haproxy-${title}" - if $::osfamily == 'RedHat' and $::operatingsystemmajrelease == '6' { - - # init.d: - validate_string($haproxy_init_source) - file { $initfile: - ensure => file, - mode => '0744', - owner => 'root', - group => 'root', - source => $haproxy_init_source, - } - File[$haproxy_link] -> File[$initfile] - - } else { - - # systemd: - validate_string($haproxy_unit_template) - if $haproxy_package == 'haproxy' { - $wrapper = '/usr/sbin/haproxy-systemd-wrapper' - } else { - $wrapper = "/opt/${haproxy_package}/sbin/haproxy-systemd-wrapper" - } - - $unitfile = "/usr/lib/systemd/system/haproxy-${title}.service" - file { $unitfile: - ensure => file, - mode => '0744', - owner => 'root', - group => 'root', - content => template($haproxy_unit_template), - notify => Exec['systemctl daemon-reload'], - } - if (!defined(Exec['systemctl daemon-reload'])) { - exec { 'systemctl daemon-reload': - command => 'systemctl daemon-reload', - path => '/bin:/usr/bin:/usr/local/bin:/sbin:/usr/sbin', - refreshonly => true, - before => Service["haproxy-${title}"], - } - } - File[$haproxy_link] -> File[$unitfile] - # Clean up in case the old init.d-style file is still around. - file { $initfile: - ensure => absent, - before => Service["haproxy-${title}"], - } - - } - } - - Package[$haproxy_package] -> File[$bindir] -> File[$haproxy_link] -} diff --git a/haproxy/manifests/listen.pp b/haproxy/manifests/listen.pp deleted file mode 100644 index bc447e3c4..000000000 --- a/haproxy/manifests/listen.pp +++ /dev/null @@ -1,133 +0,0 @@ -# == Define Resource Type: haproxy::listen -# -# This type will setup a listening service configuration block inside -# the haproxy.cfg file on an haproxy load balancer. Each listening service -# configuration needs one or more load balancer member server (that can be -# declared with the haproxy::balancermember defined resource type). Using -# storeconfigs, you can export the haproxy::balancermember resources on all -# load balancer member servers, and then collect them on a single haproxy -# load balancer server. -# -# === Requirement/Dependencies: -# -# Currently requires the puppetlabs/concat module on the Puppet Forge and -# uses storeconfigs on the Puppet Master to export/collect resources -# from all balancer members. -# -# === Parameters -# -# [*section_name*] -# This name goes right after the 'listen' statement in haproxy.cfg -# Default: $name (the namevar of the resource). -# -# [*ports*] -# Ports on which the proxy will listen for connections on the ip address -# specified in the ipaddress parameter. Accepts either a single -# comma-separated string or an array of strings which may be ports or -# hyphenated port ranges. -# -# [*ipaddress*] -# The ip address the proxy binds to. -# Empty addresses, '*', and '0.0.0.0' mean that the proxy listens -# to all valid addresses on the system. -# -# [*bind*] -# Set of ip addresses, port and bind options -# $bind = { '10.0.0.1:80' => ['ssl', 'crt', '/path/to/my/crt.pem'] } -# -# [*mode*] -# The mode of operation for the listening service. Valid values are undef, -# 'tcp', 'http', and 'health'. -# -# [*options*] -# A hash of options that are inserted into the listening service -# configuration block. -# -# [*bind_options*] -# (Deprecated) An array of options to be specified after the bind declaration -# in the listening serivce's configuration block. -# -# [*collect_exported*] -# Boolean, default 'true'. True means 'collect exported @@balancermember resources' -# (for the case when every balancermember node exports itself), false means -# 'rely on the existing declared balancermember resources' (for the case when you -# know the full set of balancermembers in advance and use haproxy::balancermember -# with array arguments, which allows you to deploy everything in 1 run) -# -# === Examples -# -# Exporting the resource for a balancer member: -# -# haproxy::listen { 'puppet00': -# ipaddress => $::ipaddress, -# ports => '18140', -# mode => 'tcp', -# options => { -# 'option' => [ -# 'tcplog', -# 'ssl-hello-chk' -# ], -# 'balance' => 'roundrobin' -# }, -# } -# -# === Authors -# -# Gary Larizza -# -define haproxy::listen ( - $ports = undef, - $ipaddress = undef, - $bind = undef, - $mode = undef, - $collect_exported = true, - $options = { - 'option' => [ - 'tcplog', - ], - 'balance' => 'roundrobin' - }, - $instance = 'haproxy', - $section_name = $name, - # Deprecated - $bind_options = '', -) { - if $ports and $bind { - fail('The use of $ports and $bind is mutually exclusive, please choose either one') - } - if $ipaddress and $bind { - fail('The use of $ipaddress and $bind is mutually exclusive, please choose either one') - } - if $bind_options != '' { - warning('The $bind_options parameter is deprecated; please use $bind instead') - } - if $bind { - validate_hash($bind) - } - - if defined(Haproxy::Backend[$section_name]) { - fail("An haproxy::backend resource was discovered with the same name (${section_name}) which is not supported") - } - - include haproxy::params - if $instance == 'haproxy' { - $instance_name = 'haproxy' - $config_file = $haproxy::params::config_file - } else { - $instance_name = "haproxy-${instance}" - $config_file = inline_template($haproxy::params::config_file_tmpl) - } - - # Template uses: $section_name, $ipaddress, $ports, $options - concat::fragment { "${instance_name}-${section_name}_listen_block": - order => "20-${section_name}-00", - target => $config_file, - content => template('haproxy/haproxy_listen_block.erb'), - } - - if $collect_exported { - haproxy::balancermember::collect_exported { $section_name: } - } - # else: the resources have been created and they introduced their - # concat fragments. We don't have to do anything about them. -} diff --git a/haproxy/manifests/mapfile.pp b/haproxy/manifests/mapfile.pp deleted file mode 100644 index 62c193dca..000000000 --- a/haproxy/manifests/mapfile.pp +++ /dev/null @@ -1,62 +0,0 @@ -# == Define Resource Type: haproxy::mapfile -# -# Manage an HAProxy map file as documented in -# https://cbonte.github.io/haproxy-dconv/configuration-1.5.html#7.3.1-map -# A map file contains one key + value per line. These key-value pairs are -# specified in the `mappings` array. -# -# === Parameters -# -# [*name*] -# The namevar of the defined resource type is the filename of the map file -# (without any extension), relative to the `haproxy::config_dir` directory. -# A '.map' extension will be added automatically. -# -# [*mappings*] -# An array of mappings for this map file. Array elements may be Hashes with a -# single key-value pair each (preferably) or simple Strings. Default: `[]` -# -# [*ensure*] -# The state of the underlying file resource, either 'present' or 'absent'. -# Default: 'present' -# -# [*owner*] -# The owner of the underlying file resource. Defaut: 'root' -# -# [*group*] -# The group of the underlying file resource. Defaut: 'root' -# -# [*mode*] -# The mode of the underlying file resource. Defaut: '0644' -# -# [*instances*] -# Array of managed HAproxy instance names to notify (restart/reload) when the -# map file is updated. This is so that the same map file can be used with -# multiple HAproxy instances. Default: `[ 'haproxy' ]` -# -define haproxy::mapfile ( - $mappings = [], - $ensure = 'present', - $owner = 'root', - $group = 'root', - $mode = '0644', - $instances = [ 'haproxy' ], -) { - $mapfile_name = $title - - validate_re($ensure, '^present|absent$', "Haproxy::Mapfile[${mapfile_name}]: '${ensure}' is not supported for ensure. Allowed values are 'present' and 'absent'.") - validate_array($mappings) - validate_array($instances) - - $_instances = flatten($instances) - - file { "haproxy_mapfile_${mapfile_name}": - ensure => $ensure, - owner => $owner, - group => $group, - mode => $mode, - content => template('haproxy/haproxy_mapfile.erb'), - path => "${haproxy::config_dir}/${mapfile_name}.map", - notify => Haproxy::Service[$_instances], - } -} diff --git a/haproxy/manifests/params.pp b/haproxy/manifests/params.pp deleted file mode 100644 index 0c356b234..000000000 --- a/haproxy/manifests/params.pp +++ /dev/null @@ -1,86 +0,0 @@ -# == Class: haproxy::params -# -# This is a container class holding default parameters for for haproxy class. -# currently, only the Redhat family is supported, but this can be easily -# extended by changing package names and configuration file paths. -# -class haproxy::params { - # XXX: This will change to true in the next major release - $merge_options = false - - $service_options = "ENABLED=1\n" # Only used by Debian. - - case $::osfamily { - 'Archlinux', 'Debian', 'Redhat', 'Gentoo', 'Suse' : { - $package_name = 'haproxy' - $global_options = { - 'log' => "${::ipaddress} local0", - 'chroot' => '/var/lib/haproxy', - 'pidfile' => '/var/run/haproxy.pid', - 'maxconn' => '4000', - 'user' => 'haproxy', - 'group' => 'haproxy', - 'daemon' => '', - 'stats' => 'socket /var/lib/haproxy/stats' - } - $defaults_options = { - 'log' => 'global', - 'stats' => 'enable', - 'option' => [ 'redispatch' ], - 'retries' => '3', - 'timeout' => [ - 'http-request 10s', - 'queue 1m', - 'connect 10s', - 'client 1m', - 'server 1m', - 'check 10s', - ], - 'maxconn' => '8000' - } - # Single instance: - $config_dir = '/etc/haproxy' - $config_file = '/etc/haproxy/haproxy.cfg' - # Multi-instance: - $config_dir_tmpl = '/etc/<%= @instance_name %>' - $config_file_tmpl = "${config_dir_tmpl}/<%= @instance_name %>.cfg" - } - 'FreeBSD': { - $package_name = 'haproxy' - $global_options = { - 'log' => [ - '127.0.0.1 local0', - '127.0.0.1 local1 notice', - ], - 'chroot' => '/usr/local/haproxy', - 'pidfile' => '/var/run/haproxy.pid', - 'maxconn' => '4096', - 'daemon' => '', - } - $defaults_options = { - 'log' => 'global', - 'mode' => 'http', - 'option' => [ - 'httplog', - 'dontlognull', - ], - 'retries' => '3', - 'redispatch' => '', - 'maxconn' => '2000', - 'contimeout' => '5000', - 'clitimeout' => '50000', - 'srvtimeout' => '50000', - } - # Single instance: - $config_dir = '/usr/local/etc' - $config_file = '/usr/local/etc/haproxy.conf' - # Multi-instance: - $config_dir_tmpl = '/usr/local/etc/<%= @instance_name %>' - $config_file_tmpl = "${config_dir_tmpl}/<%= @instance_name %>.conf" - } - default: { fail("The ${::osfamily} operating system is not supported with the haproxy module") } - } -} - -# TODO: test that the $config_file generated for FreeBSD instances -# and RedHat instances is as expected. diff --git a/haproxy/manifests/peer.pp b/haproxy/manifests/peer.pp deleted file mode 100644 index 69e81c611..000000000 --- a/haproxy/manifests/peer.pp +++ /dev/null @@ -1,61 +0,0 @@ -# == Define Resource Type: haproxy::peer -# -# This type will set up a peer entry inside the peers configuration block in -# haproxy.cfg on the load balancer. Currently, it has the ability to -# specify the instance name, ip address, ports and server_names. -# -# Automatic discovery of peer nodes may be implemented by exporting the peer resource -# for all HAProxy balancer servers that are configured in the same HA block and -# then collecting them on all load balancers. -# -# === Parameters: -# -# [*peers_name*] -# Specifies the peer in which this load balancer needs to be added. -# -# [*server_names*] -# Sets the name of the peer server in the peers configuration block. -# Defaults to the hostname. Can be an array. If this parameter is -# specified as an array, it must be the same length as the -# ipaddresses parameter's array. A peer is created for each pair -# of server\_names and ipaddresses in the array. -# -# [*ensure*] -# Whether to add or remove the peer. Defaults to 'present'. -# Valid values are 'present' and 'absent'. -# -# [*ipaddresses*] -# Specifies the IP address used to contact the peer member server. -# Can be an array. If this parameter is specified as an array it -# must be the same length as the server\_names parameter's array. -# A peer is created for each pair of address and server_name. -# -# [*ports*] -# Sets the port on which the peer is going to share the state. - -define haproxy::peer ( - $peers_name, - $port, - $ensure = 'present', - $server_names = $::hostname, - $ipaddresses = $::ipaddress, - $instance = 'haproxy', -) { - - include haproxy::params - if $instance == 'haproxy' { - $instance_name = 'haproxy' - $config_file = $::haproxy::config_file - } else { - $instance_name = "haproxy-${instance}" - $config_file = inline_template($haproxy::params::config_file_tmpl) - } - - # Templates uses $ipaddresses, $server_name, $ports, $option - concat::fragment { "${instance_name}-peers-${peers_name}-${name}": - ensure => $ensure, - order => "30-peers-01-${peers_name}-${name}", - target => $config_file, - content => template('haproxy/haproxy_peer.erb'), - } -} diff --git a/haproxy/manifests/peer/collect_exported.pp b/haproxy/manifests/peer/collect_exported.pp deleted file mode 100644 index 3d16a6428..000000000 --- a/haproxy/manifests/peer/collect_exported.pp +++ /dev/null @@ -1,8 +0,0 @@ -# Private define -define haproxy::peer::collect_exported { - if $caller_module_name != $module_name { - fail("Use of private class ${name} by ${caller_module_name}") - } - - Haproxy::Peer <<| peers_name == $name |>> -} diff --git a/haproxy/manifests/peers.pp b/haproxy/manifests/peers.pp deleted file mode 100644 index b227cee95..000000000 --- a/haproxy/manifests/peers.pp +++ /dev/null @@ -1,42 +0,0 @@ -# == Defined Type: haproxy::peers -# -# This type will set up a peers entry in haproxy.cfg -# on the load balancer. This setting is required to share the -# current state of HAproxy with other HAproxy in High available -# configurations. -# -# === Parameters -# -# [*name*] -# Sets the peers' name. Generally it will be the namevar of the -# defined resource type. This value appears right after the -# 'peers' statement in haproxy.cfg - -define haproxy::peers ( - $collect_exported = true, - $instance = 'haproxy', -) { - - # We derive these settings so that the caller only has to specify $instance. - include haproxy::params - if $instance == 'haproxy' { - $instance_name = 'haproxy' - $config_file = $::haproxy::config_file - } else { - $instance_name = "haproxy-${instance}" - $config_file = inline_template($haproxy::params::config_file_tmpl) - } - - # Template uses: $name, $ipaddress, $ports, $options - concat::fragment { "${instance_name}-${name}_peers_block": - order => "30-peers-00-${name}", - target => $config_file, - content => template('haproxy/haproxy_peers_block.erb'), - } - - if $collect_exported { - haproxy::peer::collect_exported { $name: } - } - # else: the resources have been created and they introduced their - # concat fragments. We don't have to do anything about them. -} diff --git a/haproxy/manifests/service.pp b/haproxy/manifests/service.pp deleted file mode 100644 index 1be1af9bb..000000000 --- a/haproxy/manifests/service.pp +++ /dev/null @@ -1,36 +0,0 @@ -# Private class -define haproxy::service ( - $instance_name, - $service_ensure, - $service_manage, - $restart_command = undef, # A default is required for Puppet 2.7 compatibility. When 2.7 is no longer supported, this parameter default should be removed. - $service_options = $haproxy::params::service_options, -) { - if $caller_module_name != $module_name { - fail("Use of private class ${name} by ${caller_module_name}") - } - - if $service_manage { - if ($::osfamily == 'Debian') { - file { "/etc/default/${instance_name}": - content => $service_options, - before => Service[$instance_name], - } - } - - $_service_enable = $service_ensure ? { - 'running' => true, - 'stopped' => false, - default => $service_ensure, - } - - service { $instance_name: - ensure => $service_ensure, - enable => $_service_enable, - name => $instance_name, - hasrestart => true, - hasstatus => true, - restart => $restart_command, - } - } -} diff --git a/haproxy/manifests/userlist.pp b/haproxy/manifests/userlist.pp deleted file mode 100644 index cbed1ac76..000000000 --- a/haproxy/manifests/userlist.pp +++ /dev/null @@ -1,51 +0,0 @@ -# == Define Resource Type: haproxy::userlist -# -# This type will set up a userlist configuration block inside the haproxy.cfg -# file on an haproxy load balancer. -# -# See http://cbonte.github.io/haproxy-dconv/configuration-1.4.html#3.4 for more info -# -# === Requirement/Dependencies: -# -# Currently requires the puppetlabs/concat module on the Puppet Forge -# -# === Parameters -# -# [*section_name*] -# This name goes right after the 'userlist' statement in haproxy.cfg -# Default: $name (the namevar of the resource). -# -# [*users*] -# An array of users in the userlist. -# See http://cbonte.github.io/haproxy-dconv/configuration-1.4.html#3.4-user -# -# [*groups*] -# An array of groups in the userlist. -# See http://cbonte.github.io/haproxy-dconv/configuration-1.4.html#3.4-group -# -# === Authors -# -# Jeremy Kitchen -# -define haproxy::userlist ( - $users = undef, - $groups = undef, - $instance = 'haproxy', - $section_name = $name, -) { - include haproxy::params - if $instance == 'haproxy' { - $instance_name = 'haproxy' - $config_file = $haproxy::params::config_file - } else { - $instance_name = "haproxy-${instance}" - $config_file = inline_template($haproxy::params::config_file_tmpl) - } - - # Template uses $section_name, $users, $groups - concat::fragment { "${instance_name}-${section_name}_userlist_block": - order => "12-${section_name}-00", - target => $config_file, - content => template('haproxy/haproxy_userlist_block.erb'), - } -} diff --git a/haproxy/metadata.json b/haproxy/metadata.json deleted file mode 100644 index 44e154176..000000000 --- a/haproxy/metadata.json +++ /dev/null @@ -1,73 +0,0 @@ -{ - "name": "puppetlabs-haproxy", - "version": "1.3.1", - "author": "Puppet Labs", - "summary": "Configures HAProxy servers and manages the configuration of backend member servers.", - "license": "Apache-2.0", - "source": "https://github.com/puppetlabs/puppetlabs-haproxy", - "project_page": "https://github.com/puppetlabs/puppetlabs-haproxy", - "issues_url": "https://tickets.puppetlabs.com/browse/MODULES", - "operatingsystem_support": [ - { - "operatingsystem": "RedHat", - "operatingsystemrelease": [ - "5", - "6", - "7" - ] - }, - { - "operatingsystem": "CentOS", - "operatingsystemrelease": [ - "5", - "6", - "7" - ] - }, - { - "operatingsystem": "OracleLinux", - "operatingsystemrelease": [ - "5", - "6", - "7" - ] - }, - { - "operatingsystem": "Scientific", - "operatingsystemrelease": [ - "5", - "6", - "7" - ] - }, - { - "operatingsystem": "Debian", - "operatingsystemrelease": [ - "6", - "7" - ] - }, - { - "operatingsystem": "Ubuntu", - "operatingsystemrelease": [ - "10.04", - "12.04", - "14.04" - ] - } - ], - "requirements": [ - { - "name": "pe", - "version_requirement": ">= 3.0.0 < 2015.4.0" - }, - { - "name": "puppet", - "version_requirement": ">= 3.0.0 < 5.0.0" - } - ], - "dependencies": [ - {"name":"puppetlabs/stdlib","version_requirement":">= 3.2.0 < 5.0.0"}, - {"name":"puppetlabs/concat","version_requirement":">= 1.2.3 < 2.0.0"} - ] -} diff --git a/haproxy/spec/acceptance/basic_spec.rb b/haproxy/spec/acceptance/basic_spec.rb deleted file mode 100644 index c16d9002b..000000000 --- a/haproxy/spec/acceptance/basic_spec.rb +++ /dev/null @@ -1,93 +0,0 @@ -require 'spec_helper_acceptance' - -# C9708 C9709 WONTFIX -describe "configuring haproxy", :unless => UNSUPPORTED_PLATFORMS.include?(fact('osfamily')) do - # C9961 - describe 'not managing the service' do - it 'should not listen on any ports' do - pp = <<-EOS - class { 'haproxy': - service_manage => false, - } - haproxy::listen { 'stats': - ipaddress => '127.0.0.1', - ports => ['9090','9091'], - options => { - 'mode' => 'http', - 'stats' => ['uri /','auth puppet:puppet'], - }, - } - haproxy::listen { 'test00': ports => '80',} - EOS - apply_manifest(pp, :catch_failures => true) - end - - describe port('9090') do - it { should_not be_listening } - end - describe port('9091') do - it { should_not be_listening } - end - end - - describe "configuring haproxy load balancing" do - before :all do - end - - describe "multiple ports" do - it 'should be able to listen on an array of ports' do - pp = <<-EOS - class { 'haproxy': } - haproxy::listen { 'stats': - ipaddress => '127.0.0.1', - ports => ['9090','9091'], - mode => 'http', - options => { 'stats' => ['uri /','auth puppet:puppet'], }, - } - EOS - apply_manifest(pp, :catch_failures => true) - end - - it 'should have stats listening on each port' do - ['9090','9091'].each do |port| - shell("/usr/bin/curl -u puppet:puppet localhost:#{port}") do |r| - r.stdout.should =~ /HAProxy/ - r.exit_code.should == 0 - end - end - end - end - end - - # C9934 - describe "uninstalling haproxy" do - it 'removes it' do - pp = <<-EOS - class { 'haproxy': - package_ensure => 'absent', - service_ensure => 'stopped', - } - EOS - apply_manifest(pp, :catch_failures => true) - end - describe package('haproxy') do - it { should_not be_installed } - end - end - - # C9935 C9939 - describe "disabling haproxy" do - it 'stops the service' do - pp = <<-EOS - class { 'haproxy': - service_ensure => 'stopped', - } - EOS - apply_manifest(pp, :catch_failures => true) - end - describe service('haproxy') do - it { should_not be_running } - it { should_not be_enabled } - end - end -end diff --git a/haproxy/spec/acceptance/frontbackend_spec.rb b/haproxy/spec/acceptance/frontbackend_spec.rb deleted file mode 100644 index 76c4d1613..000000000 --- a/haproxy/spec/acceptance/frontbackend_spec.rb +++ /dev/null @@ -1,80 +0,0 @@ -require 'spec_helper_acceptance' - -describe "frontend backend defines", :unless => UNSUPPORTED_PLATFORMS.include?(fact('osfamily')) do - it 'should be able to configure the frontend/backend with puppet' do - pp = <<-EOS - class { 'haproxy': } - haproxy::frontend { 'app00': - ipaddress => $::ipaddress_lo, - mode => 'http', - ports => '5555', - options => { 'default_backend' => 'app00' }, - } - haproxy::backend { 'app00': - collect_exported => false, - options => { 'mode' => 'http' }, - } - haproxy::balancermember { 'port 5556': - listening_service => 'app00', - ports => '5556', - } - haproxy::balancermember { 'port 5557': - listening_service => 'app00', - ports => '5557', - } - EOS - apply_manifest(pp, :catch_failures => true) - end - - # This is not great since it depends on the ordering served by the load - # balancer. Something with retries would be better. - # C9945 - it "should do a curl against the LB to make sure it gets a response from each port" do - shell('curl localhost:5555').stdout.chomp.should match(/Response on 555(6|7)/) - shell('curl localhost:5555').stdout.chomp.should match(/Response on 555(6|7)/) - end - - it 'should be able to configure the frontend/backend with one node up' do - pp = <<-EOS - class { 'haproxy': } - haproxy::frontend { 'app00': - ipaddress => $::ipaddress_lo, - mode => 'http', - ports => '5555', - options => { 'default_backend' => 'app00' }, - } - haproxy::backend { 'app00': - collect_exported => false, - options => { 'mode' => 'http' }, - } - haproxy::balancermember { 'port 5556': - listening_service => 'app00', - ports => '5556', - } - haproxy::balancermember { 'port 5557': - listening_service => 'app00', - ports => '5558', - } - EOS - apply_manifest(pp, :catch_failures => true) - end - - # C9951 - it "should do a curl against the LB to make sure it gets a response from each port" do - shell('curl localhost:5555').stdout.chomp.should match(/Response on 5556/) - shell('curl localhost:5555').stdout.chomp.should match(/Response on 5556/) - end - - it 'having no address set but setting bind' do - pp = <<-EOS - class { 'haproxy': } - haproxy::frontend { 'app0': - bind => - { '127.0.0.1:5555' => [] } - , - } - EOS - apply_manifest(pp, :catch_failures => true) - end - -end diff --git a/haproxy/spec/acceptance/listen_spec.rb b/haproxy/spec/acceptance/listen_spec.rb deleted file mode 100644 index eb2bff5a9..000000000 --- a/haproxy/spec/acceptance/listen_spec.rb +++ /dev/null @@ -1,103 +0,0 @@ -require 'spec_helper_acceptance' - -describe "listen define", :unless => UNSUPPORTED_PLATFORMS.include?(fact('osfamily')) do - it 'should be able to configure the listen with puppet' do - pp = <<-EOS - class { 'haproxy': } - haproxy::listen { 'app00': - ipaddress => $::ipaddress_lo, - ports => '5555', - mode => 'http', - } - haproxy::balancermember { 'port 5556': - listening_service => 'app00', - ports => '5556', - } - haproxy::balancermember { 'port 5557': - listening_service => 'app00', - ports => '5557', - } - EOS - apply_manifest(pp, :catch_failures => true) - end - - # This is not great since it depends on the ordering served by the load - # balancer. Something with retries would be better. - # C9876 C9877 C9941 C9954 - it "should do a curl against the LB to make sure it gets a response from each port" do - shell('curl localhost:5555').stdout.chomp.should match(/Response on 555(6|7)/) - shell('curl localhost:5555').stdout.chomp.should match(/Response on 555(6|7)/) - end - - # C9955 - it 'should be able to configure the listen active/passive' do - pp = <<-EOS - class { 'haproxy': } - haproxy::listen { 'app00': - ipaddress => $::ipaddress_lo, - ports => '5555', - mode => 'http', - options => { 'option' => 'httpchk', }, - } - haproxy::balancermember { 'port 5556': - listening_service => 'app00', - ports => '5556', - options => 'check', - } - haproxy::balancermember { 'port 5557': - listening_service => 'app00', - ports => '5557', - options => ['check','backup'], - } - EOS - apply_manifest(pp, :catch_failures => true) - apply_manifest(pp, :catch_changes => true) - end - - it "should do a curl against the LB to make sure it only gets a response from the active port" do - sleep(10) - shell('curl localhost:5555').stdout.chomp.should match(/Response on 5556/) - shell('curl localhost:5555').stdout.chomp.should match(/Response on 5556/) - end - - # C9942 C9944 WONTFIX - - # C9943 - it 'should be able to configure the listen with only one node up' do - pp = <<-EOS - class { 'haproxy': } - haproxy::listen { 'app00': - ipaddress => $::ipaddress_lo, - ports => '5555', - mode => 'http', - } - haproxy::balancermember { 'port 5556': - listening_service => 'app00', - ports => '5556', - } - haproxy::balancermember { 'port 5557': - listening_service => 'app00', - ports => '5558', - } - EOS - apply_manifest(pp, :catch_failures => true) - end - - it "should do a curl against the LB to make sure it gets a response from each port" do - shell('curl localhost:5555').stdout.chomp.should match(/Response on 5556/) - shell('curl localhost:5555').stdout.chomp.should match(/Response on 5556/) - end - - it 'having no address set but setting bind' do - pp = <<-EOS - class { 'haproxy': } - haproxy::listen { 'app0': - bind => - { '127.0.0.1:5555' => [] } - , - } - EOS - apply_manifest(pp, :catch_failures => true) - end - -end diff --git a/haproxy/spec/acceptance/nodesets/centos-5-vcloud.yml b/haproxy/spec/acceptance/nodesets/centos-5-vcloud.yml deleted file mode 100644 index 377d0eec5..000000000 --- a/haproxy/spec/acceptance/nodesets/centos-5-vcloud.yml +++ /dev/null @@ -1,15 +0,0 @@ -HOSTS: - 'centos-5-vcloud': - roles: - - master - platform: el-5-x86_64 - hypervisor: vcloud - template: centos-5-x86_64 -CONFIG: - type: foss - ssh: - keys: "~/.ssh/id_rsa-acceptance" - datastore: instance0 - folder: Delivery/Quality Assurance/Enterprise/Dynamic - resourcepool: delivery/Quality Assurance/Enterprise/Dynamic - pooling_api: http://vcloud.delivery.puppetlabs.net/ diff --git a/haproxy/spec/acceptance/nodesets/centos-59-x64.yml b/haproxy/spec/acceptance/nodesets/centos-59-x64.yml deleted file mode 100644 index 2ad90b86a..000000000 --- a/haproxy/spec/acceptance/nodesets/centos-59-x64.yml +++ /dev/null @@ -1,10 +0,0 @@ -HOSTS: - centos-59-x64: - roles: - - master - platform: el-5-x86_64 - box : centos-59-x64-vbox4210-nocm - box_url : http://puppet-vagrant-boxes.puppetlabs.com/centos-59-x64-vbox4210-nocm.box - hypervisor : vagrant -CONFIG: - type: git diff --git a/haproxy/spec/acceptance/nodesets/centos-6-vcloud.yml b/haproxy/spec/acceptance/nodesets/centos-6-vcloud.yml deleted file mode 100644 index ca9c1d329..000000000 --- a/haproxy/spec/acceptance/nodesets/centos-6-vcloud.yml +++ /dev/null @@ -1,15 +0,0 @@ -HOSTS: - 'centos-6-vcloud': - roles: - - master - platform: el-6-x86_64 - hypervisor: vcloud - template: centos-6-x86_64 -CONFIG: - type: foss - ssh: - keys: "~/.ssh/id_rsa-acceptance" - datastore: instance0 - folder: Delivery/Quality Assurance/Enterprise/Dynamic - resourcepool: delivery/Quality Assurance/Enterprise/Dynamic - pooling_api: http://vcloud.delivery.puppetlabs.net/ diff --git a/haproxy/spec/acceptance/nodesets/centos-64-x64-pe.yml b/haproxy/spec/acceptance/nodesets/centos-64-x64-pe.yml deleted file mode 100644 index 7d9242f1b..000000000 --- a/haproxy/spec/acceptance/nodesets/centos-64-x64-pe.yml +++ /dev/null @@ -1,12 +0,0 @@ -HOSTS: - centos-64-x64: - roles: - - master - - database - - dashboard - platform: el-6-x86_64 - box : centos-64-x64-vbox4210-nocm - box_url : http://puppet-vagrant-boxes.puppetlabs.com/centos-64-x64-vbox4210-nocm.box - hypervisor : vagrant -CONFIG: - type: pe diff --git a/haproxy/spec/acceptance/nodesets/centos-64-x64.yml b/haproxy/spec/acceptance/nodesets/centos-64-x64.yml deleted file mode 100644 index 0385e951d..000000000 --- a/haproxy/spec/acceptance/nodesets/centos-64-x64.yml +++ /dev/null @@ -1,10 +0,0 @@ -HOSTS: - centos-64-x64: - roles: - - default - platform: el-6-x86_64 - box : centos-64-x64-vbox4210-nocm - box_url : http://puppet-vagrant-boxes.puppetlabs.com/centos-64-x64-vbox4210-nocm.box - hypervisor : vagrant -CONFIG: - type: foss diff --git a/haproxy/spec/acceptance/nodesets/centos-65-x64.yml b/haproxy/spec/acceptance/nodesets/centos-65-x64.yml deleted file mode 100644 index 4e2cb809e..000000000 --- a/haproxy/spec/acceptance/nodesets/centos-65-x64.yml +++ /dev/null @@ -1,10 +0,0 @@ -HOSTS: - centos-65-x64: - roles: - - master - platform: el-6-x86_64 - box : centos-65-x64-vbox436-nocm - box_url : http://puppet-vagrant-boxes.puppetlabs.com/centos-65-x64-virtualbox-nocm.box - hypervisor : vagrant -CONFIG: - type: foss diff --git a/haproxy/spec/acceptance/nodesets/debian-6-vcloud.yml b/haproxy/spec/acceptance/nodesets/debian-6-vcloud.yml deleted file mode 100644 index 658c7d4c0..000000000 --- a/haproxy/spec/acceptance/nodesets/debian-6-vcloud.yml +++ /dev/null @@ -1,15 +0,0 @@ -HOSTS: - 'debian-6-amd64': - roles: - - master - platform: debian-6-amd64 - hypervisor: vcloud - template: debian-6-x86_64 -CONFIG: - type: foss - ssh: - keys: "~/.ssh/id_rsa-acceptance" - datastore: instance0 - folder: Delivery/Quality Assurance/Enterprise/Dynamic - resourcepool: delivery/Quality Assurance/Enterprise/Dynamic - pooling_api: http://vcloud.delivery.puppetlabs.net/ diff --git a/haproxy/spec/acceptance/nodesets/debian-7-vcloud.yml b/haproxy/spec/acceptance/nodesets/debian-7-vcloud.yml deleted file mode 100644 index 9323473e3..000000000 --- a/haproxy/spec/acceptance/nodesets/debian-7-vcloud.yml +++ /dev/null @@ -1,15 +0,0 @@ -HOSTS: - 'debian-7-amd64': - roles: - - master - platform: debian-7-amd64 - hypervisor: vcloud - template: debian-7-x86_64 -CONFIG: - type: foss - ssh: - keys: "~/.ssh/id_rsa-acceptance" - datastore: instance0 - folder: Delivery/Quality Assurance/Enterprise/Dynamic - resourcepool: delivery/Quality Assurance/Enterprise/Dynamic - pooling_api: http://vcloud.delivery.puppetlabs.net/ diff --git a/haproxy/spec/acceptance/nodesets/default.yml b/haproxy/spec/acceptance/nodesets/default.yml deleted file mode 100644 index 0385e951d..000000000 --- a/haproxy/spec/acceptance/nodesets/default.yml +++ /dev/null @@ -1,10 +0,0 @@ -HOSTS: - centos-64-x64: - roles: - - default - platform: el-6-x86_64 - box : centos-64-x64-vbox4210-nocm - box_url : http://puppet-vagrant-boxes.puppetlabs.com/centos-64-x64-vbox4210-nocm.box - hypervisor : vagrant -CONFIG: - type: foss diff --git a/haproxy/spec/acceptance/nodesets/redhat-7-vcloud.yml b/haproxy/spec/acceptance/nodesets/redhat-7-vcloud.yml deleted file mode 100644 index cf8f79a97..000000000 --- a/haproxy/spec/acceptance/nodesets/redhat-7-vcloud.yml +++ /dev/null @@ -1,15 +0,0 @@ -HOSTS: - 'redhat-7-vcloud': - roles: - - master - platform: el-7-x86_64 - hypervisor: vcloud - template: redhat-7-x86_64 -CONFIG: - type: foss - ssh: - keys: "~/.ssh/id_rsa-acceptance" - datastore: instance0 - folder: Delivery/Quality Assurance/Enterprise/Dynamic - resourcepool: delivery/Quality Assurance/Enterprise/Dynamic - pooling_api: http://vcloud.delivery.puppetlabs.net/ diff --git a/haproxy/spec/acceptance/nodesets/ubuntu-1004-x86_64-vcloud.yml b/haproxy/spec/acceptance/nodesets/ubuntu-1004-x86_64-vcloud.yml deleted file mode 100644 index 19a918f54..000000000 --- a/haproxy/spec/acceptance/nodesets/ubuntu-1004-x86_64-vcloud.yml +++ /dev/null @@ -1,15 +0,0 @@ -HOSTS: - 'ubuntu-1004-amd64': - roles: - - master - platform: ubuntu-10.04-amd64 - hypervisor: vcloud - template: ubuntu-1004-x86_64 -CONFIG: - type: foss - ssh: - keys: "~/.ssh/id_rsa-acceptance" - datastore: instance0 - folder: Delivery/Quality Assurance/Enterprise/Dynamic - resourcepool: delivery/Quality Assurance/Enterprise/Dynamic - pooling_api: http://vcloud.delivery.puppetlabs.net/ diff --git a/haproxy/spec/acceptance/nodesets/ubuntu-1404-x86_64-vcloud.yml b/haproxy/spec/acceptance/nodesets/ubuntu-1404-x86_64-vcloud.yml deleted file mode 100644 index d84b18e50..000000000 --- a/haproxy/spec/acceptance/nodesets/ubuntu-1404-x86_64-vcloud.yml +++ /dev/null @@ -1,15 +0,0 @@ -HOSTS: - 'ubuntu-1404-amd64': - roles: - - master - platform: ubuntu-14.04-amd64 - hypervisor: vcloud - template: ubuntu-1404-x86_64 -CONFIG: - type: foss - ssh: - keys: "~/.ssh/id_rsa-acceptance" - datastore: instance0 - folder: Delivery/Quality Assurance/Enterprise/Dynamic - resourcepool: delivery/Quality Assurance/Enterprise/Dynamic - pooling_api: http://vcloud.delivery.puppetlabs.net/ diff --git a/haproxy/spec/acceptance/nodesets/ubuntu-server-10044-x64.yml b/haproxy/spec/acceptance/nodesets/ubuntu-server-10044-x64.yml deleted file mode 100644 index 5ca1514e4..000000000 --- a/haproxy/spec/acceptance/nodesets/ubuntu-server-10044-x64.yml +++ /dev/null @@ -1,10 +0,0 @@ -HOSTS: - ubuntu-server-10044-x64: - roles: - - master - platform: ubuntu-10.04-amd64 - box : ubuntu-server-10044-x64-vbox4210-nocm - box_url : http://puppet-vagrant-boxes.puppetlabs.com/ubuntu-server-10044-x64-vbox4210-nocm.box - hypervisor : vagrant -CONFIG: - type: foss diff --git a/haproxy/spec/acceptance/nodesets/ubuntu-server-12042-x64.yml b/haproxy/spec/acceptance/nodesets/ubuntu-server-12042-x64.yml deleted file mode 100644 index d065b304f..000000000 --- a/haproxy/spec/acceptance/nodesets/ubuntu-server-12042-x64.yml +++ /dev/null @@ -1,10 +0,0 @@ -HOSTS: - ubuntu-server-12042-x64: - roles: - - master - platform: ubuntu-12.04-amd64 - box : ubuntu-server-12042-x64-vbox4210-nocm - box_url : http://puppet-vagrant-boxes.puppetlabs.com/ubuntu-server-12042-x64-vbox4210-nocm.box - hypervisor : vagrant -CONFIG: - type: foss diff --git a/haproxy/spec/acceptance/nodesets/ubuntu-server-1404-x64.yml b/haproxy/spec/acceptance/nodesets/ubuntu-server-1404-x64.yml deleted file mode 100644 index cba1cd04c..000000000 --- a/haproxy/spec/acceptance/nodesets/ubuntu-server-1404-x64.yml +++ /dev/null @@ -1,11 +0,0 @@ -HOSTS: - ubuntu-server-1404-x64: - roles: - - master - platform: ubuntu-14.04-amd64 - box : puppetlabs/ubuntu-14.04-64-nocm - box_url : https://vagrantcloud.com/puppetlabs/ubuntu-14.04-64-nocm - hypervisor : vagrant -CONFIG: - log_level : debug - type: git diff --git a/haproxy/spec/acceptance/unsupported_spec.rb b/haproxy/spec/acceptance/unsupported_spec.rb deleted file mode 100644 index 684f587c1..000000000 --- a/haproxy/spec/acceptance/unsupported_spec.rb +++ /dev/null @@ -1,11 +0,0 @@ -require 'spec_helper_acceptance' - -# C9710 C9711 -describe 'unsupported distributions and OSes', :if => UNSUPPORTED_PLATFORMS.include?(fact('osfamily')) do - it 'should fail' do - pp = <<-EOS - class { 'haproxy': } - EOS - expect(apply_manifest(pp, :expect_failures => true).stderr).to match(/not supported/i) - end -end diff --git a/haproxy/spec/acceptance/userlist_spec.rb b/haproxy/spec/acceptance/userlist_spec.rb deleted file mode 100644 index d03a6a242..000000000 --- a/haproxy/spec/acceptance/userlist_spec.rb +++ /dev/null @@ -1,78 +0,0 @@ -require 'spec_helper_acceptance' - -# lucid ships with haproxy 1.3 which does not have userlist support by default -describe "userlist define", :unless => (UNSUPPORTED_PLATFORMS.include?(fact('osfamily')) or (fact('lsbdistcodename') == 'lucid') or (fact('osfamily') == 'RedHat' and fact('operatingsystemmajrelease') == '5')) do - it 'should be able to configure the listen with puppet' do - # C9966 C9970 - pp = <<-EOS - class { 'haproxy': } - haproxy::userlist { 'users_groups': - users => [ - 'test1 insecure-password elgato', - 'test2 insecure-password elgato', - '', - ], - groups => [ - 'g1 users test1', - '', - ] - } - - haproxy::listen { 'app00': - collect_exported => false, - ipaddress => $::ipaddress_lo, - ports => '5555', - options => { - 'mode' => 'http', - 'acl' => 'auth_ok http_auth(users_groups)', - 'http-request' => 'auth realm Okay if !auth_ok', - }, - } - haproxy::balancermember { 'app00 port 5556': - listening_service => 'app00', - ports => '5556', - } - - haproxy::listen { 'app01': - collect_exported => false, - ipaddress => $::ipaddress_lo, - ports => '5554', - options => { - 'mode' => 'http', - 'acl' => 'auth_ok http_auth_group(users_groups) g1', - 'http-request' => 'auth realm Okay if !auth_ok', - }, - } - haproxy::balancermember { 'app01 port 5556': - listening_service => 'app01', - ports => '5556', - } - EOS - apply_manifest(pp, :catch_failures => true) - end - - # C9957 - it "test1 should auth as user" do - shell('curl http://test1:elgato@localhost:5555').stdout.chomp.should eq('Response on 5556') - end - it "test2 should auth as user" do - shell('curl http://test2:elgato@localhost:5555').stdout.chomp.should eq('Response on 5556') - end - - # C9958 - it "should not auth as user" do - shell('curl http://test3:elgato@localhost:5555').stdout.chomp.should_not eq('Response on 5556') - end - - # C9959 - it "should auth as group" do - shell('curl http://test1:elgato@localhost:5554').stdout.chomp.should eq('Response on 5556') - end - - # C9960 - it "should not auth as group" do - shell('curl http://test2:elgato@localhost:5554').stdout.chomp.should_not eq('Response on 5556') - end - - # C9965 C9967 C9968 C9969 WONTFIX -end diff --git a/haproxy/spec/classes/haproxy_spec.rb b/haproxy/spec/classes/haproxy_spec.rb deleted file mode 100644 index 14d44d2a8..000000000 --- a/haproxy/spec/classes/haproxy_spec.rb +++ /dev/null @@ -1,612 +0,0 @@ -require 'spec_helper' - -describe 'haproxy', :type => :class do - let(:default_facts) do - { - :concat_basedir => '/dne', - :ipaddress => '10.10.10.10' - } - end - context 'on supported platforms' do - describe 'for OS-agnostic configuration' do - ['Debian', 'RedHat', 'Archlinux', 'FreeBSD', 'Gentoo',].each do |osfamily| - context "on #{osfamily} family operatingsystems" do - let(:facts) do - { :osfamily => osfamily }.merge default_facts - end - let(:params) do - { - 'service_ensure' => 'running', - 'package_ensure' => 'present', - 'service_manage' => true - } - end - it 'should install the haproxy package' do - subject.should contain_package('haproxy').with( - 'ensure' => 'present' - ) - end - it 'should install the haproxy service' do - subject.should contain_service('haproxy').with( - 'ensure' => 'running', - 'enable' => 'true', - 'hasrestart' => 'true', - 'hasstatus' => 'true' - ) - end - end - # C9938 - context "on #{osfamily} when specifying custom content" do - let(:facts) do - { :osfamily => osfamily }.merge default_facts - end - let(:params) do - { 'custom_fragment' => "listen stats :9090\n mode http\n stats uri /\n stats auth puppet:puppet\n" } - end - it 'should set the haproxy package' do - subject.should contain_concat__fragment('haproxy-haproxy-base').with_content( - /listen stats :9090\n mode http\n stats uri \/\n stats auth puppet:puppet\n/ - ) - end - end - end - end - - describe 'for linux operating systems' do - ['Debian', 'RedHat', 'Archlinux', 'Gentoo', ].each do |osfamily| - context "on #{osfamily} family operatingsystems" do - let(:facts) do - { :osfamily => osfamily }.merge default_facts - end - it 'should set up /etc/haproxy/haproxy.cfg as a concat resource' do - subject.should contain_concat('/etc/haproxy/haproxy.cfg').with( - 'owner' => '0', - 'group' => '0', - 'mode' => '0644' - ) - end - it 'should manage the chroot directory' do - subject.should contain_file('/var/lib/haproxy').with( - 'ensure' => 'directory', - 'owner' => 'haproxy', - 'group' => 'haproxy' - ) - end - it 'should contain a header concat fragment' do - subject.should contain_concat__fragment('haproxy-00-header').with( - 'target' => '/etc/haproxy/haproxy.cfg', - 'order' => '01', - 'content' => "# This file managed by Puppet\n" - ) - end - it 'should contain a haproxy-haproxy-base concat fragment' do - subject.should contain_concat__fragment('haproxy-haproxy-base').with( - 'target' => '/etc/haproxy/haproxy.cfg', - 'order' => '10' - ) - end - describe 'Base concat fragment contents' do - let(:contents) { param_value(catalogue, 'concat::fragment', 'haproxy-haproxy-base', 'content').split("\n") } - # C9936 C9937 - it 'should contain global and defaults sections' do - contents.should include('global') - contents.should include('defaults') - end - it 'should log to an ip address for local0' do - contents.should be_any { |match| match =~ / log \d+(\.\d+){3} local0/ } - end - it 'should specify the default chroot' do - contents.should include(' chroot /var/lib/haproxy') - end - it 'should specify the correct user' do - contents.should include(' user haproxy') - end - it 'should specify the correct group' do - contents.should include(' group haproxy') - end - it 'should specify the correct pidfile' do - contents.should include(' pidfile /var/run/haproxy.pid') - end - end - end - context "on #{osfamily} family operatingsystems with setting haproxy.cfg location" do - let(:facts) do - { :osfamily => osfamily }.merge default_facts - end - let(:params) do - { - 'config_file' => '/tmp/haproxy.cfg', - } - end - it 'should set up /tmp/haproxy.cfg as a concat resource' do - subject.should contain_concat('/tmp/haproxy.cfg').with( - 'owner' => '0', - 'group' => '0', - 'mode' => '0644' - ) - end - end - context "on #{osfamily} family operatingsystems without managing the service" do - let(:facts) do - { :osfamily => osfamily }.merge default_facts - end - let(:params) do - { - 'service_ensure' => true, - 'package_ensure' => 'present', - 'service_manage' => false - } - end - it 'should install the haproxy package' do - subject.should contain_package('haproxy').with( - 'ensure' => 'present' - ) - end - it 'should not manage the haproxy service' do - subject.should_not contain_service('haproxy') - end - it 'should set up /etc/haproxy/haproxy.cfg as a concat resource' do - subject.should contain_concat('/etc/haproxy/haproxy.cfg').with( - 'owner' => '0', - 'group' => '0', - 'mode' => '0644' - ) - end - it 'should manage the chroot directory' do - subject.should contain_file('/var/lib/haproxy').with( - 'ensure' => 'directory' - ) - end - it 'should contain a header concat fragment' do - subject.should contain_concat__fragment('haproxy-00-header').with( - 'target' => '/etc/haproxy/haproxy.cfg', - 'order' => '01', - 'content' => "# This file managed by Puppet\n" - ) - end - it 'should contain a haproxy-base concat fragment' do - subject.should contain_concat__fragment('haproxy-haproxy-base').with( - 'target' => '/etc/haproxy/haproxy.cfg', - 'order' => '10' - ) - end - describe 'Base concat fragment contents' do - let(:contents) { param_value(catalogue, 'concat::fragment', 'haproxy-haproxy-base', 'content').split("\n") } - it 'should contain global and defaults sections' do - contents.should include('global') - contents.should include('defaults') - end - it 'should log to an ip address for local0' do - contents.should be_any { |match| match =~ / log \d+(\.\d+){3} local0/ } - end - it 'should specify the default chroot' do - contents.should include(' chroot /var/lib/haproxy') - end - it 'should specify the correct user' do - contents.should include(' user haproxy') - end - it 'should specify the correct group' do - contents.should include(' group haproxy') - end - it 'should specify the correct pidfile' do - contents.should include(' pidfile /var/run/haproxy.pid') - end - end - end - context "on #{osfamily} when specifying a restart_command" do - let(:facts) do - { :osfamily => osfamily }.merge default_facts - end - let(:params) do - { - 'restart_command' => '/etc/init.d/haproxy reload', - 'service_manage' => true - } - end - it 'should set the haproxy package' do - subject.should contain_service('haproxy').with( - 'restart' => '/etc/init.d/haproxy reload' - ) - end - end - end - end - - describe 'for freebsd' do - context "on freebsd family operatingsystems" do - let(:facts) do - { :osfamily => 'FreeBSD' }.merge default_facts - end - it 'should set up /usr/local/etc/haproxy.conf as a concat resource' do - subject.should contain_concat('/usr/local/etc/haproxy.conf').with( - 'owner' => '0', - 'group' => '0', - 'mode' => '0644' - ) - end - it 'should manage the chroot directory' do - subject.should contain_file('/usr/local/haproxy').with( - 'ensure' => 'directory' - ) - end - it 'should contain a header concat fragment' do - subject.should contain_concat__fragment('haproxy-00-header').with( - 'target' => '/usr/local/etc/haproxy.conf', - 'order' => '01', - 'content' => "# This file managed by Puppet\n" - ) - end - it 'should contain a haproxy-base concat fragment' do - subject.should contain_concat__fragment('haproxy-haproxy-base').with( - 'target' => '/usr/local/etc/haproxy.conf', - 'order' => '10' - ) - end - describe 'Base concat fragment contents' do - let(:contents) { param_value(catalogue, 'concat::fragment', 'haproxy-haproxy-base', 'content').split("\n") } - # C9936 C9937 - it 'should contain global and defaults sections' do - contents.should include('global') - contents.should include('defaults') - end - it 'should log to an ip address for local0' do - contents.should be_any { |match| match =~ / log \d+(\.\d+){3} local0/ } - end - it 'should specify the default chroot' do - contents.should include(' chroot /usr/local/haproxy') - end - it 'should specify the correct pidfile' do - contents.should include(' pidfile /var/run/haproxy.pid') - end - end - end - context "on freebsd family operatingsystems without managing the service" do - let(:facts) do - { :osfamily => 'FreeBSD' }.merge default_facts - end - let(:params) do - { - 'service_ensure' => true, - 'package_ensure' => 'present', - 'service_manage' => false - } - end - it 'should install the haproxy package' do - subject.should contain_package('haproxy').with( - 'ensure' => 'present' - ) - end - it 'should not manage the haproxy service' do - subject.should_not contain_service('haproxy') - end - it 'should set up /usr/local/etc/haproxy.conf as a concat resource' do - subject.should contain_concat('/usr/local/etc/haproxy.conf').with( - 'owner' => '0', - 'group' => '0', - 'mode' => '0644' - ) - end - it 'should manage the chroot directory' do - subject.should contain_file('/usr/local/haproxy').with( - 'ensure' => 'directory' - ) - end - it 'should contain a header concat fragment' do - subject.should contain_concat__fragment('haproxy-00-header').with( - 'target' => '/usr/local/etc/haproxy.conf', - 'order' => '01', - 'content' => "# This file managed by Puppet\n" - ) - end - it 'should contain a haproxy-base concat fragment' do - subject.should contain_concat__fragment('haproxy-haproxy-base').with( - 'target' => '/usr/local/etc/haproxy.conf', - 'order' => '10' - ) - end - describe 'Base concat fragment contents' do - let(:contents) { param_value(catalogue, 'concat::fragment', 'haproxy-haproxy-base', 'content').split("\n") } - it 'should contain global and defaults sections' do - contents.should include('global') - contents.should include('defaults') - end - it 'should log to an ip address for local0' do - contents.should be_any { |match| match =~ / log \d+(\.\d+){3} local0/ } - end - it 'should specify the default chroot' do - contents.should include(' chroot /usr/local/haproxy') - end - it 'should specify the correct pidfile' do - contents.should include(' pidfile /var/run/haproxy.pid') - end - end - end - context "on freebsd when specifying a restart_command" do - let(:facts) do - { :osfamily => 'FreeBSD' }.merge default_facts - end - let(:params) do - { - 'restart_command' => '/usr/local/etc/rc.d/haproxy reload', - 'service_manage' => true - } - end - it 'should set the haproxy package' do - subject.should contain_service('haproxy').with( - 'restart' => '/usr/local/etc/rc.d/haproxy reload' - ) - end - end - end - - describe 'for OS-specific configuration' do - context 'only on Debian family operatingsystems' do - let(:facts) do - { :osfamily => 'Debian' }.merge default_facts - end - it 'should manage haproxy service defaults' do - subject.should contain_file('/etc/default/haproxy') - verify_contents(catalogue, '/etc/default/haproxy', ['ENABLED=1']) - end - end - context 'only on RedHat family operatingsystems' do - let(:facts) do - { :osfamily => 'RedHat' }.merge default_facts - end - end - context 'only on Gentoo family operatingsystems' do - let(:facts) do - { :osfamily => 'Gentoo' }.merge default_facts - end - it 'should create directory /etc/haproxy' do - subject.should contain_file('/etc/haproxy').with( - 'ensure' => 'directory' - ) - end - end - end - - describe 'when merging global and defaults options with user-supplied overrides and additions' do - # For testing the merging functionality we restrict ourselves to - # Debian OS family so that we don't have to juggle different sets of - # global_options and defaults_options (like for FreeBSD). - ['Debian' ].each do |osfamily| - context "on #{osfamily} family operatingsystems" do - let(:facts) do - { :osfamily => osfamily }.merge default_facts - end - let(:contents) { param_value(catalogue, 'concat::fragment', 'haproxy-haproxy-base', 'content').split("\n") } - let(:params) do - { - 'merge_options' => true, - 'global_options' => { - 'log-send-hostname' => '', - 'chroot' => '/srv/haproxy-chroot', - 'maxconn' => nil, - 'stats' => [ - 'socket /var/lib/haproxy/admin.sock mode 660 level admin', - 'timeout 30s' - ] - }, - 'defaults_options' => { - 'mode' => 'http', - 'option' => [ - 'abortonclose', - 'logasap', - 'dontlognull', - 'httplog', - 'http-server-close', - 'forwardfor except 127.0.0.1', - ], - 'timeout' => [ - 'connect 5s', - 'client 1m', - 'server 1m', - 'check 7s', - ] - }, - } - end - it 'should manage a custom chroot directory' do - subject.should contain_file('/srv/haproxy-chroot').with( - 'ensure' => 'directory', - 'owner' => 'haproxy', - 'group' => 'haproxy' - ) - end - it 'should contain global and defaults sections' do - contents.should include('global') - contents.should include('defaults') - end - it 'should send hostname with log in global options' do - contents.should include(' log-send-hostname ') - end - it 'should enable admin stats and stats timeout in global options' do - contents.should include(' stats socket /var/lib/haproxy/admin.sock mode 660 level admin') - contents.should include(' stats timeout 30s') - end - it 'should log to an ip address for local0' do - contents.should be_any { |match| match =~ / log \d+(\.\d+){3} local0/ } - end - it 'should specify the correct user' do - contents.should include(' user haproxy') - end - it 'should specify the correct group' do - contents.should include(' group haproxy') - end - it 'should specify the correct pidfile' do - contents.should include(' pidfile /var/run/haproxy.pid') - end - it 'should set mode http in default options' do - contents.should include(' mode http') - end - it 'should not set the global parameter "maxconn"' do - contents.should_not include(' maxconn 4000') - end - it 'should set various options in defaults, removing the "redispatch" option' do - contents.should_not include(' option redispatch') - contents.should include(' option abortonclose') - contents.should include(' option logasap') - contents.should include(' option dontlognull') - contents.should include(' option httplog') - contents.should include(' option http-server-close') - contents.should include(' option forwardfor except 127.0.0.1') - end - it 'should set timeouts in defaults, removing the "http-request 10s" and "queue 1m" timeout' do - contents.should_not include(' timeout http-request 10s') - contents.should_not include(' timeout queue 1m') - contents.should include(' timeout connect 5s') - contents.should include(' timeout check 7s') - contents.should include(' timeout client 1m') - contents.should include(' timeout server 1m') - end - end - end - end - - describe 'when overriding global and defaults options with user-supplied overrides and additions' do - # For testing the merging functionality we restrict ourselves to - # Debian OS family so that we don't have to juggle different sets of - # global_options and defaults_options (like for FreeBSD). - ['Debian' ].each do |osfamily| - context "on #{osfamily} family operatingsystems" do - let(:facts) do - { :osfamily => osfamily }.merge default_facts - end - let(:contents) { param_value(catalogue, 'concat::fragment', 'haproxy-haproxy-base', 'content').split("\n") } - let(:params) do - { - 'merge_options' => false, - 'global_options' => { - 'log-send-hostname' => '', - 'chroot' => '/srv/haproxy-chroot', - 'stats' => [ - 'socket /var/lib/haproxy/admin.sock mode 660 level admin', - 'timeout 30s' - ] - }, - 'defaults_options' => { - 'mode' => 'http', - 'option' => [ - 'abortonclose', - 'logasap', - 'dontlognull', - 'httplog', - 'http-server-close', - 'forwardfor except 127.0.0.1', - ], - 'timeout' => [ - 'connect 5s', - 'client 1m', - 'server 1m', - 'check 7s', - ] - }, - } - end - it 'should manage a custom chroot directory' do - subject.should contain_file('/srv/haproxy-chroot').with( - 'ensure' => 'directory' - ) - end - it 'should contain global and defaults sections' do - contents.should include('global') - contents.should include('defaults') - end - it 'should send hostname with log in global options' do - contents.should include(' log-send-hostname ') - end - it 'should enable admin stats and stats timeout in global options' do - contents.should include(' stats socket /var/lib/haproxy/admin.sock mode 660 level admin') - contents.should include(' stats timeout 30s') - end - it 'should set mode http in default options' do - contents.should include(' mode http') - end - it 'should not set the global parameter "maxconn"' do - contents.should_not include(' maxconn 4000') - end - it 'should set various options in defaults, removing the "redispatch" option' do - contents.should_not include(' option redispatch') - contents.should include(' option abortonclose') - contents.should include(' option logasap') - contents.should include(' option dontlognull') - contents.should include(' option httplog') - contents.should include(' option http-server-close') - contents.should include(' option forwardfor except 127.0.0.1') - end - it 'should set timeouts in defaults, removing the "http-request 10s" and "queue 1m" timeout' do - contents.should_not include(' timeout http-request 10s') - contents.should_not include(' timeout queue 1m') - contents.should include(' timeout connect 5s') - contents.should include(' timeout check 7s') - contents.should include(' timeout client 1m') - contents.should include(' timeout server 1m') - end - end - end - end - - describe 'when specifying global_options with arrays instead of hashes' do - # For testing input validation we restrict ourselves to - # Debian OS family so that we don't have to juggle different sets of - # global_options and defaults_options (like for FreeBSD). - ['Debian' ].each do |osfamily| - context "on #{osfamily} family operatingsystems" do - let(:facts) do - { :osfamily => osfamily }.merge default_facts - end - let(:contents) { param_value(catalogue, 'concat::fragment', 'haproxy-haproxy-base', 'content').split("\n") } - let(:params) do - { - 'merge_options' => true, - 'global_options' => [ 'log-send-hostname', 'chroot /srv/haproxy-chroot' ] - } - end - it 'should raise error' do - expect { catalogue }.to raise_error Puppet::Error, /is not a Hash/ - end - end - end - end - describe 'when specifying defaults_options with arrays instead of hashes' do - # For testing input validation we restrict ourselves to - # Debian OS family so that we don't have to juggle different sets of - # global_options and defaults_options (like for FreeBSD). - ['Debian' ].each do |osfamily| - context "on #{osfamily} family operatingsystems" do - let(:facts) do - { :osfamily => osfamily }.merge default_facts - end - let(:contents) { param_value(catalogue, 'concat::fragment', 'haproxy-haproxy-base', 'content').split("\n") } - let(:params) do - { - 'merge_options' => true, - 'defaults_options' => [ - 'mode http', - 'timeout connect 5s', - 'timeout client 1m' - ] - } - end - it 'should raise error' do - expect { catalogue }.to raise_error Puppet::Error, /is not a Hash/ - end - end - end - end - end - - context 'on unsupported operatingsystems' do - let(:facts) do - { :osfamily => 'windows' }.merge default_facts - end - it do - expect { - should contain_service('haproxy') - }.to raise_error(Puppet::Error, /operating system is not supported with the haproxy module/) - end - end - - -end diff --git a/haproxy/spec/defines/backend_spec.rb b/haproxy/spec/defines/backend_spec.rb deleted file mode 100644 index 2318f68ac..000000000 --- a/haproxy/spec/defines/backend_spec.rb +++ /dev/null @@ -1,36 +0,0 @@ -require 'spec_helper' - -describe 'haproxy::backend' do - let(:pre_condition) { 'include haproxy' } - let(:facts) do - { - :ipaddress => '1.1.1.1', - :osfamily => 'Redhat', - :concat_basedir => '/dne', - } - end - - context "when no options are passed" do - let(:title) { 'bar' } - - it { should contain_concat__fragment('haproxy-bar_backend_block').with( - 'order' => '20-bar-00', - 'target' => '/etc/haproxy/haproxy.cfg', - 'content' => "\nbackend bar\n balance roundrobin\n option tcplog\n" - ) } - end - - # C9953 - context "when a listen is created with the same name" do - let(:title) { 'apache' } - let(:pre_condition) do - "haproxy::listen { 'apache': ports => '443', }" - end - - it 'should raise error' do - expect { catalogue }.to raise_error Puppet::Error, /discovered with the same name/ - end - end - - # C9956 WONTFIX -end diff --git a/haproxy/spec/defines/balancermember_spec.rb b/haproxy/spec/defines/balancermember_spec.rb deleted file mode 100644 index 9fd5b2484..000000000 --- a/haproxy/spec/defines/balancermember_spec.rb +++ /dev/null @@ -1,137 +0,0 @@ -require 'spec_helper' - -describe 'haproxy::balancermember' do - let(:pre_condition) { 'include haproxy' } - let(:title) { 'tyler' } - let(:facts) do - { - :ipaddress => '1.1.1.1', - :hostname => 'dero', - :osfamily => 'Redhat', - :concat_basedir => '/dne', - } - end - - context 'with a single balancermember option' do - let(:params) do - { - :name => 'tyler', - :listening_service => 'croy', - :ports => '18140', - :options => 'check' - } - end - - it { should contain_concat__fragment('haproxy-croy_balancermember_tyler').with( - 'order' => '20-croy-01-tyler', - 'target' => '/etc/haproxy/haproxy.cfg', - 'content' => " server dero 1.1.1.1:18140 check\n" - ) } - end - - context 'with a balancermember with ensure => absent ' do - let(:params) do - { - :name => 'tyler', - :listening_service => 'croy', - :ports => '18140', - :ensure => 'absent' - } - end - - it { should contain_concat__fragment('haproxy-croy_balancermember_tyler').with( - 'order' => '20-croy-01-tyler', - 'target' => '/etc/haproxy/haproxy.cfg', - 'ensure' => 'absent', - 'content' => " server dero 1.1.1.1:18140 \n" - ) } - end - - context 'with multiple balancermember options' do - let(:params) do - { - :name => 'tyler', - :listening_service => 'croy', - :ports => '18140', - :options => ['check', 'close'] - } - end - - it { should contain_concat__fragment('haproxy-croy_balancermember_tyler').with( - 'order' => '20-croy-01-tyler', - 'target' => '/etc/haproxy/haproxy.cfg', - 'content' => " server dero 1.1.1.1:18140 check close\n" - ) } - end - - context 'with cookie and multiple balancermember options' do - let(:params) do - { - :name => 'tyler', - :listening_service => 'croy', - :ports => '18140', - :options => ['check', 'close'], - :define_cookies => true - } - end - - it { should contain_concat__fragment('haproxy-croy_balancermember_tyler').with( - 'order' => '20-croy-01-tyler', - 'target' => '/etc/haproxy/haproxy.cfg', - 'content' => " server dero 1.1.1.1:18140 cookie dero check close\n" - ) } - end - context 'with multiple servers' do - let(:params) do - { - :name => 'tyler', - :listening_service => 'croy', - :ports => '18140', - :server_names => ['server01', 'server02'], - :ipaddresses => ['192.168.56.200', '192.168.56.201'], - :options => ['check'] - } - end - - it { should contain_concat__fragment('haproxy-croy_balancermember_tyler').with( - 'order' => '20-croy-01-tyler', - 'target' => '/etc/haproxy/haproxy.cfg', - 'content' => " server server01 192.168.56.200:18140 check\n server server02 192.168.56.201:18140 check\n" - ) } - end - context 'with multiple servers and multiple ports' do - let(:params) do - { - :name => 'tyler', - :listening_service => 'croy', - :ports => ['18140','18150'], - :server_names => ['server01', 'server02'], - :ipaddresses => ['192.168.56.200', '192.168.56.201'], - :options => ['check'] - } - end - - it { should contain_concat__fragment('haproxy-croy_balancermember_tyler').with( - 'order' => '20-croy-01-tyler', - 'target' => '/etc/haproxy/haproxy.cfg', - 'content' => " server server01 192.168.56.200:18140 check\n server server01 192.168.56.200:18150 check\n server server02 192.168.56.201:18140 check\n server server02 192.168.56.201:18150 check\n" - ) } - end - context 'with multiple servers and no port' do - let(:params) do - { - :name => 'tyler', - :listening_service => 'croy', - :server_names => ['server01', 'server02'], - :ipaddresses => ['192.168.56.200', '192.168.56.201'], - :options => ['check'] - } - end - - it { should contain_concat__fragment('haproxy-croy_balancermember_tyler').with( - 'order' => '20-croy-01-tyler', - 'target' => '/etc/haproxy/haproxy.cfg', - 'content' => " server server01 192.168.56.200 check\n server server02 192.168.56.201 check\n" - ) } - end -end diff --git a/haproxy/spec/defines/frontend_spec.rb b/haproxy/spec/defines/frontend_spec.rb deleted file mode 100644 index 4814c3808..000000000 --- a/haproxy/spec/defines/frontend_spec.rb +++ /dev/null @@ -1,266 +0,0 @@ -require 'spec_helper' - -describe 'haproxy::frontend' do - let(:pre_condition) { 'include haproxy' } - let(:title) { 'tyler' } - let(:facts) do - { - :ipaddress => '1.1.1.1', - :osfamily => 'Redhat', - :concat_basedir => '/dne', - } - end - context "when only one port is provided" do - let(:params) do - { - :name => 'croy', - :ipaddress => '1.1.1.1', - :ports => '18140' - } - end - - it { should contain_concat__fragment('haproxy-croy_frontend_block').with( - 'order' => '15-croy-00', - 'target' => '/etc/haproxy/haproxy.cfg', - 'content' => "\nfrontend croy\n bind 1.1.1.1:18140 \n option tcplog\n" - ) } - end - # C9948 C9947 - context "when an array of ports is provided" do - let(:params) do - { - :name => 'apache', - :ipaddress => '23.23.23.23', - :ports => [ - '80', - '443' - ] - } - end - - it { should contain_concat__fragment('haproxy-apache_frontend_block').with( - 'order' => '15-apache-00', - 'target' => '/etc/haproxy/haproxy.cfg', - 'content' => "\nfrontend apache\n bind 23.23.23.23:80 \n bind 23.23.23.23:443 \n option tcplog\n" - ) } - end - # C9948 - context "when a comma-separated list of ports is provided" do - let(:params) do - { - :name => 'apache', - :ipaddress => '23.23.23.23', - :ports => '80,443' - } - end - - it { should contain_concat__fragment('haproxy-apache_frontend_block').with( - 'order' => '15-apache-00', - 'target' => '/etc/haproxy/haproxy.cfg', - 'content' => "\nfrontend apache\n bind 23.23.23.23:80 \n bind 23.23.23.23:443 \n option tcplog\n" - ) } - end - # C9971 - context "when empty list of ports is provided" do - let(:params) do - { - :name => 'apache', - :ipaddress => '23.23.23.23', - :ports => [], - } - end - - it { should contain_concat__fragment('haproxy-apache_frontend_block').with( - 'order' => '15-apache-00', - 'target' => '/etc/haproxy/haproxy.cfg', - 'content' => "\nfrontend apache\n option tcplog\n" - ) } - end - # C9972 - context "when a port is provided greater than 65535" do - let(:params) do - { - :name => 'apache', - :ipaddress => '23.23.23.23', - :ports => '80443' - } - end - - it 'should raise error' do - expect { catalogue }.to raise_error Puppet::Error, /outside of range/ - end - end - # C9946 - context "when multiple ports are provided greater than 65535" do - let(:params) do - { - :name => 'apache', - :ipaddress => '23.23.23.23', - :ports => ['80443','80444'] - } - end - - it 'should raise error' do - expect { catalogue }.to raise_error Puppet::Error, /outside of range/ - end - end - # C9973 - context "when an invalid ipv4 address is passed" do - let(:params) do - { - :name => 'apache', - :ipaddress => '2323.23.23', - :ports => '80' - } - end - - it 'should raise error' do - expect { catalogue }.to raise_error Puppet::Error, /Invalid IP address/ - end - end - # C9949 - context "when a ports parameter and a bind parameter are passed" do - let(:params) do - { - :name => 'apache', - :bind => {'192.168.0.1:80' => ['ssl']}, - :ports => '80' - } - end - - it 'should raise error' do - expect { catalogue }.to raise_error Puppet::Error, /mutually exclusive/ - end - end - context "when multiple IPs are provided" do - let(:params) do - { - :name => 'apache', - :ipaddress => ['23.23.23.23','23.23.23.24'], - :ports => '80' - } - end - - it { should contain_concat__fragment('haproxy-apache_frontend_block').with( - 'order' => '15-apache-00', - 'target' => '/etc/haproxy/haproxy.cfg', - 'content' => "\nfrontend apache\n bind 23.23.23.23:80 \n bind 23.23.23.24:80 \n option tcplog\n" - ) } - end - context "when bind options are provided" do - let(:params) do - { - :name => 'apache', - :ipaddress => '1.1.1.1', - :ports => ['80','8080'], - :bind_options => [ 'the options', 'go here' ] - } - end - - it { should contain_concat__fragment('haproxy-apache_frontend_block').with( - 'order' => '15-apache-00', - 'target' => '/etc/haproxy/haproxy.cfg', - 'content' => "\nfrontend apache\n bind 1.1.1.1:80 the options go here\n bind 1.1.1.1:8080 the options go here\n option tcplog\n" - ) } - end - context "when a comma-separated list of ports is provided" do - let(:params) do - { - :name => 'apache', - :ipaddress => '23.23.23.23', - :ports => '80,443' - } - end - - it { should contain_concat__fragment('haproxy-apache_frontend_block').with( - 'order' => '15-apache-00', - 'target' => '/etc/haproxy/haproxy.cfg', - 'content' => "\nfrontend apache\n bind 23.23.23.23:80 \n bind 23.23.23.23:443 \n option tcplog\n" - ) } - end - - context "when bind parameter is used without ipaddress parameter" do - let(:params) do - { - :name => 'apache', - :bind => {'1.1.1.1:80' => []}, - } - end - it { should contain_concat__fragment('haproxy-apache_frontend_block').with( - 'order' => '15-apache-00', - 'target' => '/etc/haproxy/haproxy.cfg', - 'content' => "\nfrontend apache\n bind 1.1.1.1:80 \n option tcplog\n" - ) } - end - - context "when bind parameter is used with more complex address constructs" do - let(:params) do - { - :name => 'apache', - :bind => { - '1.1.1.1:80' => [], - ':443,:8443' => [ 'ssl', 'crt public.puppetlabs.com', 'no-sslv3' ], - '2.2.2.2:8000-8010' => [ 'ssl', 'crt public.puppetlabs.com' ], - 'fd@${FD_APP1}' => [], - '/var/run/ssl-frontend.sock' => [ 'user root', 'mode 600', 'accept-proxy' ] - }, - } - end - it { should contain_concat__fragment('haproxy-apache_frontend_block').with( - 'order' => '15-apache-00', - 'target' => '/etc/haproxy/haproxy.cfg', - 'content' => "\nfrontend apache\n bind /var/run/ssl-frontend.sock user root mode 600 accept-proxy\n bind :443,:8443 ssl crt public.puppetlabs.com no-sslv3\n bind fd@${FD_APP1} \n bind 1.1.1.1:80 \n bind 2.2.2.2:8000-8010 ssl crt public.puppetlabs.com\n option tcplog\n" - ) } - end - - context "when bind parameter is used with ip addresses that sort wrong lexigraphically" do - let(:params) do - { - :name => 'apache', - :bind => { - '10.1.3.21:80' => [], - '8.252.206.100:80' => [], - '8.252.206.101:80' => [], - '8.252.206.99:80' => [], - '1.1.1.1:80' => [], - ':443,:8443' => [ 'ssl', 'crt public.puppetlabs.com', 'no-sslv3' ], - '2.2.2.2:8000-8010' => [ 'ssl', 'crt public.puppetlabs.com' ], - }, - } - end - it { should contain_concat__fragment('haproxy-apache_frontend_block').with( - 'order' => '15-apache-00', - 'target' => '/etc/haproxy/haproxy.cfg', - 'content' => "\nfrontend apache\n bind :443,:8443 ssl crt public.puppetlabs.com no-sslv3\n bind 1.1.1.1:80 \n bind 2.2.2.2:8000-8010 ssl crt public.puppetlabs.com\n bind 8.252.206.99:80 \n bind 8.252.206.100:80 \n bind 8.252.206.101:80 \n bind 10.1.3.21:80 \n option tcplog\n" - ) } - end - - context "when frontend options are specified as an array of hashes" do - let(:params) do - { - :name => 'apache', - :bind => { - '0.0.0.0:48001-48003' => [], - }, - :mode => 'http', - :options => [ - { 'reqadd' => 'X-Forwarded-Proto:\ https' }, - { 'default_backend' => 'dev00_webapp' }, - { 'capture request header' => [ 'X-Forwarded-For len 50', 'Host len 15', 'Referrer len 15' ] }, - { 'acl' => [ 'dst_dev01 dst_port 48001', 'dst_dev02 dst_port 48002', 'dst_dev03 dst_port 48003' ] }, - { 'use_backend' => [ 'dev01_webapp if dst_dev01', 'dev02_webapp if dst_dev02', 'dev03_webapp if dst_dev03' ] }, - { 'option' => [ 'httplog', 'http-server-close', 'forwardfor except 127.0.0.1' ] }, - { 'compression' => 'algo gzip', - 'bind-process' => 'all' } - ], - } - end - it { should contain_concat__fragment('haproxy-apache_frontend_block').with( - 'order' => '15-apache-00', - 'target' => '/etc/haproxy/haproxy.cfg', - 'content' => "\nfrontend apache\n bind 0.0.0.0:48001-48003 \n mode http\n reqadd X-Forwarded-Proto:\\ https\n default_backend dev00_webapp\n capture request header X-Forwarded-For len 50\n capture request header Host len 15\n capture request header Referrer len 15\n acl dst_dev01 dst_port 48001\n acl dst_dev02 dst_port 48002\n acl dst_dev03 dst_port 48003\n use_backend dev01_webapp if dst_dev01\n use_backend dev02_webapp if dst_dev02\n use_backend dev03_webapp if dst_dev03\n option httplog\n option http-server-close\n option forwardfor except 127.0.0.1\n bind-process all\n compression algo gzip\n" - ) } - end - - # C9950 C9951 C9952 WONTFIX -end diff --git a/haproxy/spec/defines/instance_service_spec.rb b/haproxy/spec/defines/instance_service_spec.rb deleted file mode 100644 index edf39820d..000000000 --- a/haproxy/spec/defines/instance_service_spec.rb +++ /dev/null @@ -1,169 +0,0 @@ -require 'spec_helper' - -describe 'haproxy::instance_service' do - let(:default_facts) do - { - :concat_basedir => '/dne', - :ipaddress => '10.10.10.10' - } - end - let(:params) do - { - 'haproxy_init_source' => 'foo' - } - end - - context 'on any platform' do - - # haproxy::instance 'haproxy' with defaults - - context 'with title haproxy and defaults params' do - let(:title) { 'haproxy' } - let(:params) do - { - 'haproxy_init_source' => '/foo/bar' - } - end - it 'should install the haproxy package' do - subject.should contain_package('haproxy').with( - 'ensure' => 'present' - ) - end - it 'should create the exec directory' do - subject.should contain_file('/opt/haproxy/bin').with( - 'ensure' => 'directory', - 'owner' => 'root', - 'group' => 'root', - 'mode' => '0744' - ) - end - it 'should create a link to the exec' do - subject.should contain_file('/opt/haproxy/bin/haproxy-haproxy').with( - 'ensure' => 'link', - 'target' => '/usr/sbin/haproxy' - ) - end - it 'should not create an init.d file' do - subject.should_not contain_file('/etc/init.d/haproxy-haproxy').with( - 'ensure' => 'file' - ) - end - end - - # haproxy::instance 'haproxy' with custom settings - - context 'with title group1 and custom settings' do - let(:title) { 'haproxy' } - let(:params) do - { - 'haproxy_package' => 'customhaproxy', - 'bindir' => '/weird/place', - 'haproxy_init_source' => '/foo/bar' - } - end - it 'should install the customhaproxy package' do - subject.should contain_package('customhaproxy').with( - 'ensure' => 'present' - ) - end - it 'should create the exec directory' do - subject.should contain_file('/weird/place').with( - 'ensure' => 'directory', - 'owner' => 'root', - 'group' => 'root', - 'mode' => '0744' - ) - end - it 'should create a link to the exec' do - subject.should contain_file('/weird/place/haproxy-haproxy').with( - 'ensure' => 'link', - 'target' => '/opt/customhaproxy/sbin/haproxy' - ) - end - it 'should not create an init.d file' do - subject.should_not contain_file('/etc/init.d/haproxy-haproxy').with( - 'ensure' => 'file' - ) - end - it 'should not manage the default init.d file' do - subject.should_not contain_file('/etc/init.d/haproxy').with( - 'ensure' => 'file' - ) - end - end - - # haproxy::instance 'group1' with defaults - - context 'with title group1 and defaults params' do - let(:title) { 'group1' } - let(:params) do - { - 'haproxy_init_source' => '/foo/bar' - } - end - it 'should install the haproxy package' do - subject.should contain_package('haproxy').with( - 'ensure' => 'present' - ) - end - it 'should create the exec directory' do - subject.should contain_file('/opt/haproxy/bin').with( - 'ensure' => 'directory', - 'owner' => 'root', - 'group' => 'root', - 'mode' => '0744' - ) - end - it 'should create a link to the exec' do - subject.should contain_file('/opt/haproxy/bin/haproxy-group1').with( - 'ensure' => 'link', - 'target' => '/usr/sbin/haproxy' - ) - end - it 'should not create an init.d file' do - subject.should_not contain_file('/etc/init.d/haproxy-haproxy').with( - 'ensure' => 'file' - ) - end - end - end - - # haproxy::instance 'group1' with custom settings - - context 'with title group1 and defaults params' do - let(:title) { 'group1' } - let(:params) do - { - 'haproxy_package' => 'customhaproxy', - 'bindir' => '/weird/place', - 'haproxy_init_source' => '/init/source/haproxy', - 'haproxy_unit_template' => "haproxy/instance_service_unit_example.erb" - } - end - it 'should install the customhaproxy package' do - subject.should contain_package('customhaproxy').with( - 'ensure' => 'present' - ) - end - it 'should create the exec directory' do - subject.should contain_file('/weird/place').with( - 'ensure' => 'directory', - 'owner' => 'root', - 'group' => 'root', - 'mode' => '0744' - ) - end - it 'should create a link to the exec' do - subject.should contain_file('/weird/place/haproxy-group1').with( - 'ensure' => 'link', - 'target' => '/opt/customhaproxy/sbin/haproxy' - ) - end - it 'should remove any obsolete init.d file' do - subject.should contain_file('/etc/init.d/haproxy-group1').with( - 'ensure' => 'absent' - ) - end - end - -end diff --git a/haproxy/spec/defines/instance_spec.rb b/haproxy/spec/defines/instance_spec.rb deleted file mode 100644 index 7f494198b..000000000 --- a/haproxy/spec/defines/instance_spec.rb +++ /dev/null @@ -1,582 +0,0 @@ -require 'spec_helper' - -describe 'haproxy::instance' do - let(:default_facts) do - { - :concat_basedir => '/dne', - :ipaddress => '10.10.10.10' - } - end - - # haproxy::instance with service name "haproxy". - - context 'on supported platforms' do - let(:title) { 'haproxy' } - describe 'for OS-agnostic configuration' do - ['Debian', 'RedHat', 'Archlinux', 'FreeBSD',].each do |osfamily| - context "on #{osfamily} family operatingsystems" do - let(:facts) do - { :osfamily => osfamily }.merge default_facts - end - let(:params) do - { - 'service_ensure' => 'running', - 'package_ensure' => 'present', - 'package_name' => 'haproxy', - 'service_manage' => true - } - end - it 'should install the haproxy package' do - subject.should contain_package('haproxy').with( - 'ensure' => 'present' - ) - end - it 'should install the haproxy service' do - subject.should contain_service('haproxy').with( - 'ensure' => 'running', - 'enable' => 'true', - 'hasrestart' => 'true', - 'hasstatus' => 'true' - ) - end - end - # C9938 - context "on #{osfamily} when specifying custom content" do - let(:facts) do - { :osfamily => osfamily }.merge default_facts - end - let(:params) do - { 'custom_fragment' => "listen stats :9090\n mode http\n stats uri /\n stats auth puppet:puppet\n" } - end - it 'should set the haproxy package' do - subject.should contain_concat__fragment('haproxy-haproxy-base').with_content( - /listen stats :9090\n mode http\n stats uri \/\n stats auth puppet:puppet\n/ - ) - end - end - end - end - - describe 'for linux operating systems' do - ['Debian', 'RedHat', 'Archlinux', ].each do |osfamily| - context "on #{osfamily} family operatingsystems" do - let(:facts) do - { :osfamily => osfamily }.merge default_facts - end - it 'should set up /etc/haproxy/haproxy.cfg as a concat resource' do - subject.should contain_concat('/etc/haproxy/haproxy.cfg').with( - 'owner' => '0', - 'group' => '0', - 'mode' => '0644' - ) - end - it 'should manage the chroot directory' do - subject.should contain_file('/var/lib/haproxy').with( - 'ensure' => 'directory', - 'owner' => 'haproxy', - 'group' => 'haproxy' - ) - end - it 'should contain a header concat fragment' do - subject.should contain_concat__fragment('haproxy-00-header').with( - 'target' => '/etc/haproxy/haproxy.cfg', - 'order' => '01', - 'content' => "# This file managed by Puppet\n" - ) - end - it 'should contain a haproxy-haproxy-base concat fragment' do - subject.should contain_concat__fragment('haproxy-haproxy-base').with( - 'target' => '/etc/haproxy/haproxy.cfg', - 'order' => '10' - ) - end - describe 'Base concat fragment contents' do - let(:contents) { param_value(catalogue, 'concat::fragment', 'haproxy-haproxy-base', 'content').split("\n") } - # C9936 C9937 - it 'should contain global and defaults sections' do - contents.should include('global') - contents.should include('defaults') - end - it 'should log to an ip address for local0' do - contents.should be_any { |match| match =~ / log \d+(\.\d+){3} local0/ } - end - it 'should specify the default chroot' do - contents.should include(' chroot /var/lib/haproxy') - end - it 'should specify the correct user' do - contents.should include(' user haproxy') - end - it 'should specify the correct group' do - contents.should include(' group haproxy') - end - it 'should specify the correct pidfile' do - contents.should include(' pidfile /var/run/haproxy.pid') - end - end - end - context "on #{osfamily} family operatingsystems without managing the service" do - let(:facts) do - { :osfamily => osfamily }.merge default_facts - end - let(:params) do - { - 'service_ensure' => true, - 'package_ensure' => 'present', - 'package_name' => 'haproxy', - 'service_manage' => false - } - end - it 'should install the haproxy package' do - subject.should contain_package('haproxy').with( - 'ensure' => 'present' - ) - end - it 'should not manage the haproxy service' do - subject.should_not contain_service('haproxy') - end - it 'should set up /etc/haproxy/haproxy.cfg as a concat resource' do - subject.should contain_concat('/etc/haproxy/haproxy.cfg').with( - 'owner' => '0', - 'group' => '0', - 'mode' => '0644' - ) - end - it 'should manage the chroot directory' do - subject.should contain_file('/var/lib/haproxy').with( - 'ensure' => 'directory' - ) - end - it 'should contain a header concat fragment' do - subject.should contain_concat__fragment('haproxy-00-header').with( - 'target' => '/etc/haproxy/haproxy.cfg', - 'order' => '01', - 'content' => "# This file managed by Puppet\n" - ) - end - it 'should contain a haproxy-base concat fragment' do - subject.should contain_concat__fragment('haproxy-haproxy-base').with( - 'target' => '/etc/haproxy/haproxy.cfg', - 'order' => '10' - ) - end - describe 'Base concat fragment contents' do - let(:contents) { param_value(catalogue, 'concat::fragment', 'haproxy-haproxy-base', 'content').split("\n") } - it 'should contain global and defaults sections' do - contents.should include('global') - contents.should include('defaults') - end - it 'should log to an ip address for local0' do - contents.should be_any { |match| match =~ / log \d+(\.\d+){3} local0/ } - end - it 'should specify the default chroot' do - contents.should include(' chroot /var/lib/haproxy') - end - it 'should specify the correct user' do - contents.should include(' user haproxy') - end - it 'should specify the correct group' do - contents.should include(' group haproxy') - end - it 'should specify the correct pidfile' do - contents.should include(' pidfile /var/run/haproxy.pid') - end - end - end - context "on #{osfamily} when specifying a restart_command" do - let(:facts) do - { :osfamily => osfamily }.merge default_facts - end - let(:params) do - { - 'restart_command' => '/etc/init.d/haproxy reload', - 'service_manage' => true - } - end - it 'should set the haproxy package' do - subject.should contain_service('haproxy').with( - 'restart' => '/etc/init.d/haproxy reload' - ) - end - end - end - end - end - - # haproxy::instance with 2nd instance and with non-standard service name. - - context 'on supported platforms' do - let(:title) { 'group1' } - describe 'for OS-agnostic configuration' do - ['Debian', 'RedHat', 'Archlinux', 'FreeBSD',].each do |osfamily| - context "on #{osfamily} family operatingsystems" do - let(:facts) do - { :osfamily => osfamily }.merge default_facts - end - let(:params) do - { - 'service_ensure' => 'running', - 'package_ensure' => 'present', - 'package_name' => 'customhaproxy', - 'service_manage' => true - } - end - it 'should install the customhaproxy package' do - subject.should contain_package('customhaproxy').with( - 'ensure' => 'present' - ) - end - it 'should install the customhaproxy service' do - subject.should contain_service('haproxy-group1').with( - 'ensure' => 'running', - 'enable' => 'true', - 'hasrestart' => 'true', - 'hasstatus' => 'true' - ) - end - it 'should not install the haproxy package' do - subject.should_not contain_package('haproxy') - end - it 'should not install the haproxy service' do - subject.should_not contain_service('haproxy') - end - end - # C9938 - context "on #{osfamily} when specifying custom content" do - let(:facts) do - { :osfamily => osfamily }.merge default_facts - end - let(:params) do - { 'custom_fragment' => "listen stats :9090\n mode http\n stats uri /\n stats auth puppet:puppet\n" } - end - it 'should set the haproxy-group1 package' do - subject.should contain_concat__fragment('haproxy-group1-haproxy-base').with_content( - /listen stats :9090\n mode http\n stats uri \/\n stats auth puppet:puppet\n/ - ) - end - end - end - end - - describe 'for linux operating systems' do - ['Debian', 'RedHat', 'Archlinux', ].each do |osfamily| - context "on #{osfamily} family operatingsystems" do - let(:facts) do - { :osfamily => osfamily }.merge default_facts - end - it 'should set up /etc/haproxy-group1/haproxy-group1.cfg as a concat resource' do - subject.should contain_concat('/etc/haproxy-group1/haproxy-group1.cfg').with( - 'owner' => '0', - 'group' => '0', - 'mode' => '0644' - ) - end - it 'should manage the chroot directory' do - subject.should contain_file('/var/lib/haproxy').with( - 'ensure' => 'directory', - 'owner' => 'haproxy', - 'group' => 'haproxy' - ) - end - it 'should contain a header concat fragment' do - subject.should contain_concat__fragment('haproxy-group1-00-header').with( - 'target' => '/etc/haproxy-group1/haproxy-group1.cfg', - 'order' => '01', - 'content' => "# This file managed by Puppet\n" - ) - end - it 'should contain a haproxy-group1-haproxy-base concat fragment' do - subject.should contain_concat__fragment('haproxy-group1-haproxy-base').with( - 'target' => '/etc/haproxy-group1/haproxy-group1.cfg', - 'order' => '10' - ) - end - describe 'Base concat fragment contents' do - let(:contents) { param_value(catalogue, 'concat::fragment', 'haproxy-group1-haproxy-base', 'content').split("\n") } - # C9936 C9937 - it 'should contain global and defaults sections' do - contents.should include('global') - contents.should include('defaults') - end - it 'should log to an ip address for local0' do - contents.should be_any { |match| match =~ / log \d+(\.\d+){3} local0/ } - end - it 'should specify the default chroot' do - contents.should include(' chroot /var/lib/haproxy') - end - it 'should specify the correct user' do - contents.should include(' user haproxy') - end - it 'should specify the correct group' do - contents.should include(' group haproxy') - end - it 'should specify the correct pidfile' do - contents.should include(' pidfile /var/run/haproxy.pid') - end - end - end - context "on #{osfamily} family operatingsystems without managing the service" do - let(:facts) do - { :osfamily => osfamily }.merge default_facts - end - let(:params) do - { - 'service_ensure' => true, - 'package_ensure' => 'present', - 'package_name' => 'customhaproxy', - 'service_manage' => false - } - end - it 'should install the customhaproxy package' do - subject.should contain_package('customhaproxy').with( - 'ensure' => 'present' - ) - end - it 'should not manage the customhaproxy service' do - subject.should_not contain_service('haproxy-group1') - end - it 'should set up /etc/haproxy-group1/haproxy-group1.cfg as a concat resource' do - subject.should contain_concat('/etc/haproxy-group1/haproxy-group1.cfg').with( - 'owner' => '0', - 'group' => '0', - 'mode' => '0644' - ) - end - it 'should manage the chroot directory' do - subject.should contain_file('/var/lib/haproxy').with( - 'ensure' => 'directory' - ) - end - it 'should contain a header concat fragment' do - subject.should contain_concat__fragment('haproxy-group1-00-header').with( - 'target' => '/etc/haproxy-group1/haproxy-group1.cfg', - 'order' => '01', - 'content' => "# This file managed by Puppet\n" - ) - end - it 'should contain a haproxy-group1-haproxy-base concat fragment' do - subject.should contain_concat__fragment('haproxy-group1-haproxy-base').with( - 'target' => '/etc/haproxy-group1/haproxy-group1.cfg', - 'order' => '10' - ) - end - describe 'Base concat fragment contents' do - let(:contents) { param_value(catalogue, 'concat::fragment', 'haproxy-group1-haproxy-base', 'content').split("\n") } - it 'should contain global and defaults sections' do - contents.should include('global') - contents.should include('defaults') - end - it 'should log to an ip address for local0' do - contents.should be_any { |match| match =~ / log \d+(\.\d+){3} local0/ } - end - it 'should specify the default chroot' do - contents.should include(' chroot /var/lib/haproxy') - end - it 'should specify the correct user' do - contents.should include(' user haproxy') - end - it 'should specify the correct group' do - contents.should include(' group haproxy') - end - it 'should specify the correct pidfile' do - contents.should include(' pidfile /var/run/haproxy.pid') - end - end - end - context "on #{osfamily} when specifying a restart_command" do - let(:facts) do - { :osfamily => osfamily }.merge default_facts - end - let(:params) do - { - 'restart_command' => '/etc/init.d/haproxy-group1 reload', - 'service_manage' => true - } - end - it 'should set the customhaproxy package' do - subject.should contain_service('haproxy-group1').with( - 'restart' => '/etc/init.d/haproxy-group1 reload' - ) - end - end - end - end - - # FreeBSD: haproxy::instance with service name "haproxy". - - describe 'for freebsd' do - let(:title) { 'haproxy' } - context "on freebsd family operatingsystems" do - let(:facts) do - { :osfamily => 'FreeBSD' }.merge default_facts - end - it 'should set up /usr/local/etc/haproxy.conf as a concat resource' do - subject.should contain_concat('/usr/local/etc/haproxy.conf').with( - 'owner' => '0', - 'group' => '0', - 'mode' => '0644' - ) - end - it 'should manage the chroot directory' do - subject.should contain_file('/usr/local/haproxy').with( - 'ensure' => 'directory' - ) - end - it 'should contain a header concat fragment' do - subject.should contain_concat__fragment('haproxy-00-header').with( - 'target' => '/usr/local/etc/haproxy.conf', - 'order' => '01', - 'content' => "# This file managed by Puppet\n" - ) - end - it 'should contain a haproxy-base concat fragment' do - subject.should contain_concat__fragment('haproxy-haproxy-base').with( - 'target' => '/usr/local/etc/haproxy.conf', - 'order' => '10' - ) - end - describe 'Base concat fragment contents' do - let(:contents) { param_value(catalogue, 'concat::fragment', 'haproxy-haproxy-base', 'content').split("\n") } - # C9936 C9937 - it 'should contain global and defaults sections' do - contents.should include('global') - contents.should include('defaults') - end - it 'should log to an ip address for local0' do - contents.should be_any { |match| match =~ / log \d+(\.\d+){3} local0/ } - end - it 'should specify the default chroot' do - contents.should include(' chroot /usr/local/haproxy') - end - it 'should specify the correct pidfile' do - contents.should include(' pidfile /var/run/haproxy.pid') - end - end - end - context "on freebsd family operatingsystems without managing the service" do - let(:facts) do - { :osfamily => 'FreeBSD' }.merge default_facts - end - let(:params) do - { - 'service_ensure' => true, - 'package_ensure' => 'present', - 'package_name' => 'haproxy', - 'service_manage' => false - } - end - it 'should install the haproxy package' do - subject.should contain_package('haproxy').with( - 'ensure' => 'present' - ) - end - it 'should not manage the haproxy service' do - subject.should_not contain_service('haproxy') - end - it 'should set up /usr/local/etc/haproxy.conf as a concat resource' do - subject.should contain_concat('/usr/local/etc/haproxy.conf').with( - 'owner' => '0', - 'group' => '0', - 'mode' => '0644' - ) - end - it 'should manage the chroot directory' do - subject.should contain_file('/usr/local/haproxy').with( - 'ensure' => 'directory' - ) - end - it 'should contain a header concat fragment' do - subject.should contain_concat__fragment('haproxy-00-header').with( - 'target' => '/usr/local/etc/haproxy.conf', - 'order' => '01', - 'content' => "# This file managed by Puppet\n" - ) - end - it 'should contain a haproxy-base concat fragment' do - subject.should contain_concat__fragment('haproxy-haproxy-base').with( - 'target' => '/usr/local/etc/haproxy.conf', - 'order' => '10' - ) - end - describe 'Base concat fragment contents' do - let(:contents) { param_value(catalogue, 'concat::fragment', 'haproxy-haproxy-base', 'content').split("\n") } - it 'should contain global and defaults sections' do - contents.should include('global') - contents.should include('defaults') - end - it 'should log to an ip address for local0' do - contents.should be_any { |match| match =~ / log \d+(\.\d+){3} local0/ } - end - it 'should specify the default chroot' do - contents.should include(' chroot /usr/local/haproxy') - end - it 'should specify the correct pidfile' do - contents.should include(' pidfile /var/run/haproxy.pid') - end - end - end - context "on freebsd when specifying a restart_command" do - let(:facts) do - { :osfamily => 'FreeBSD' }.merge default_facts - end - let(:params) do - { - 'restart_command' => '/usr/local/etc/rc.d/haproxy reload', - 'service_manage' => true - } - end - it 'should set the haproxy package' do - subject.should contain_service('haproxy').with( - 'restart' => '/usr/local/etc/rc.d/haproxy reload' - ) - end - end - end - - # OS-specific configurations: - - describe 'for OS-specific configuration' do - context 'only on Debian family operatingsystems' do - let(:facts) do - { :osfamily => 'Debian' }.merge default_facts - end - it 'should manage haproxy service defaults' do - subject.should contain_file('/etc/default/haproxy-group1') - verify_contents(catalogue, '/etc/default/haproxy-group1', ['ENABLED=1']) - end - end - context 'only on Debian family operatingsystems with custom /etc/default' do - let(:facts) do - { :osfamily => 'Debian' }.merge default_facts - end - let(:params) do - { - 'service_options' => 'stuff' - } - end - it 'should manage haproxy service defaults' do - subject.should contain_file('/etc/default/haproxy-group1') - verify_contents(catalogue, '/etc/default/haproxy-group1', ['stuff']) - end - end - context 'only on RedHat family operatingsystems' do - let(:facts) do - { :osfamily => 'RedHat' }.merge default_facts - end - end - end - end - - # Unsupported OSs: - - context 'on unsupported operatingsystems' do - let(:title) { 'haproxy' } - let(:facts) do - { :osfamily => 'windows' }.merge default_facts - end - it do - expect { - should contain_service('haproxy') - }.to raise_error(Puppet::Error, /operating system is not supported with the haproxy module/) - end - end -end diff --git a/haproxy/spec/defines/listen_spec.rb b/haproxy/spec/defines/listen_spec.rb deleted file mode 100644 index 90b94f743..000000000 --- a/haproxy/spec/defines/listen_spec.rb +++ /dev/null @@ -1,293 +0,0 @@ -require 'spec_helper' - -describe 'haproxy::listen' do - let(:pre_condition) { 'include haproxy' } - let(:title) { 'tyler' } - let(:facts) do - { - :ipaddress => '1.1.1.1', - :osfamily => 'Redhat', - :concat_basedir => '/dne', - } - end - context "when only one port is provided" do - let(:params) do - { - :name => 'croy', - :ipaddress => '1.1.1.1', - :ports => '18140' - } - end - - it { should contain_concat__fragment('haproxy-croy_listen_block').with( - 'order' => '20-croy-00', - 'target' => '/etc/haproxy/haproxy.cfg', - 'content' => "\nlisten croy\n bind 1.1.1.1:18140 \n balance roundrobin\n option tcplog\n" - ) } - end - # C9940 - context "when an array of ports is provided" do - let(:params) do - { - :name => 'apache', - :ipaddress => '23.23.23.23', - :ports => [ - '80', - '443', - ] - } - end - - it { should contain_concat__fragment('haproxy-apache_listen_block').with( - 'order' => '20-apache-00', - 'target' => '/etc/haproxy/haproxy.cfg', - 'content' => "\nlisten apache\n bind 23.23.23.23:80 \n bind 23.23.23.23:443 \n balance roundrobin\n option tcplog\n" - ) } - end - # C9940 - context "when a comma-separated list of ports is provided" do - let(:params) do - { - :name => 'apache', - :ipaddress => '23.23.23.23', - :ports => '80,443' - } - end - - it { should contain_concat__fragment('haproxy-apache_listen_block').with( - 'order' => '20-apache-00', - 'target' => '/etc/haproxy/haproxy.cfg', - 'content' => "\nlisten apache\n bind 23.23.23.23:80 \n bind 23.23.23.23:443 \n balance roundrobin\n option tcplog\n" - ) } - end - # C9962 - context "when empty list of ports is provided" do - let(:params) do - { - :name => 'apache', - :ipaddress => '23.23.23.23', - :ports => [], - } - end - - it { should contain_concat__fragment('haproxy-apache_listen_block').with( - 'order' => '20-apache-00', - 'target' => '/etc/haproxy/haproxy.cfg', - 'content' => "\nlisten apache\n balance roundrobin\n option tcplog\n" - ) } - end - # C9963 - context "when a port is provided greater than 65535" do - let(:params) do - { - :name => 'apache', - :ipaddress => '23.23.23.23', - :ports => '80443' - } - end - - it 'should raise error' do - expect { catalogue }.to raise_error Puppet::Error, /outside of range/ - end - end - # C9974 - context "when an invalid ipv4 address is passed" do - let(:params) do - { - :name => 'apache', - :ipaddress => '2323.23.23', - :ports => '80' - } - end - - it 'should raise error' do - expect { catalogue }.to raise_error Puppet::Error, /Invalid IP address/ - end - end - # C9977 - context "when a valid hostname is passed" do - let(:params) do - { - :name => 'apache', - :ipaddress => 'some-hostname', - :ports => '80' - } - end - - it { should contain_concat__fragment('haproxy-apache_listen_block').with( - 'order' => '20-apache-00', - 'target' => '/etc/haproxy/haproxy.cfg', - 'content' => "\nlisten apache\n bind some-hostname:80 \n balance roundrobin\n option tcplog\n" - ) } - end - context "when a * is passed for ip address" do - let(:params) do - { - :name => 'apache', - :ipaddress => '*', - :ports => '80' - } - end - - it { should contain_concat__fragment('haproxy-apache_listen_block').with( - 'order' => '20-apache-00', - 'target' => '/etc/haproxy/haproxy.cfg', - 'content' => "\nlisten apache\n bind *:80 \n balance roundrobin\n option tcplog\n" - ) } - end - context "when a bind parameter hash is passed" do - let(:params) do - { - :name => 'apache', - :bind => {'10.0.0.1:333' => ['ssl', 'crt', 'public.puppetlabs.com'], '192.168.122.1:8082' => []}, - } - end - - it { should contain_concat__fragment('haproxy-apache_listen_block').with( - 'order' => '20-apache-00', - 'target' => '/etc/haproxy/haproxy.cfg', - 'content' => "\nlisten apache\n bind 10.0.0.1:333 ssl crt public.puppetlabs.com\n bind 192.168.122.1:8082 \n balance roundrobin\n option tcplog\n" - ) } - end - context "when a ports parameter and a bind parameter are passed" do - let(:params) do - { - :name => 'apache', - :bind => {'192.168.0.1:80' => ['ssl']}, - :ports => '80' - } - end - - it 'should raise error' do - expect { catalogue }.to raise_error Puppet::Error, /mutually exclusive/ - end - end - # C9977 - context "when an invalid hostname is passed" do - let(:params) do - { - :name => 'apache', - :ipaddress => '$some_hostname', - :ports => '80' - } - end - - it 'should raise error' do - expect { catalogue }.to raise_error Puppet::Error, /Invalid IP address/ - end - end - # C9974 - context "when an invalid ipv6 address is passed" do - let(:params) do - { - :name => 'apache', - :ipaddress => ':::6', - :ports => '80' - } - end - - it 'should raise error' do - expect { catalogue }.to raise_error Puppet::Error, /Invalid IP address/ - end - end - context "when bind options are provided" do - let(:params) do - { - :name => 'apache', - :ipaddress => '1.1.1.1', - :ports => '80', - :bind_options => [ 'the options', 'go here' ] - } - end - - it { should contain_concat__fragment('haproxy-apache_listen_block').with( - 'order' => '20-apache-00', - 'target' => '/etc/haproxy/haproxy.cfg', - 'content' => "\nlisten apache\n bind 1.1.1.1:80 the options go here\n balance roundrobin\n option tcplog\n" - ) } - end - context "when bind parameter is used without ipaddress parameter" do - let(:params) do - { - :name => 'apache', - :bind => { '1.1.1.1:80' => [] }, - } - end - - it { should contain_concat__fragment('haproxy-apache_listen_block').with( - 'order' => '20-apache-00', - 'target' => '/etc/haproxy/haproxy.cfg', - 'content' => "\nlisten apache\n bind 1.1.1.1:80 \n balance roundrobin\n option tcplog\n" - ) } - end - - context "when bind parameter is used with more complex address constructs" do - let(:params) do - { - :name => 'apache', - :bind => { - '1.1.1.1:80' => [], - ':443,:8443' => [ 'ssl', 'crt public.puppetlabs.com', 'no-sslv3' ], - '2.2.2.2:8000-8010' => [ 'ssl', 'crt public.puppetlabs.com' ], - 'fd@${FD_APP1}' => [], - '/var/run/ssl-frontend.sock' => [ 'user root', 'mode 600', 'accept-proxy' ] - }, - } - end - it { should contain_concat__fragment('haproxy-apache_listen_block').with( - 'order' => '20-apache-00', - 'target' => '/etc/haproxy/haproxy.cfg', - 'content' => "\nlisten apache\n bind /var/run/ssl-frontend.sock user root mode 600 accept-proxy\n bind :443,:8443 ssl crt public.puppetlabs.com no-sslv3\n bind fd@${FD_APP1} \n bind 1.1.1.1:80 \n bind 2.2.2.2:8000-8010 ssl crt public.puppetlabs.com\n balance roundrobin\n option tcplog\n" - ) } - end - context "when bind parameter is used with ip addresses that sort wrong lexigraphically" do - let(:params) do - { - :name => 'apache', - :bind => { - '10.1.3.21:80' => 'name input21', - '8.252.206.100:80' => 'name input100', - '8.252.206.101:80' => 'name input101', - '8.252.206.99:80' => 'name input99', - '1.1.1.1:80' => [], - ':443,:8443' => [ 'ssl', 'crt public.puppetlabs.com', 'no-sslv3' ], - '2.2.2.2:8000-8010' => [ 'ssl', 'crt public.puppetlabs.com' ], - 'fd@${FD_APP1}' => [], - }, - } - end - it { should contain_concat__fragment('haproxy-apache_listen_block').with( - 'order' => '20-apache-00', - 'target' => '/etc/haproxy/haproxy.cfg', - 'content' => "\nlisten apache\n bind :443,:8443 ssl crt public.puppetlabs.com no-sslv3\n bind fd@${FD_APP1} \n bind 1.1.1.1:80 \n bind 2.2.2.2:8000-8010 ssl crt public.puppetlabs.com\n bind 8.252.206.99:80 name input99\n bind 8.252.206.100:80 name input100\n bind 8.252.206.101:80 name input101\n bind 10.1.3.21:80 name input21\n balance roundrobin\n option tcplog\n" - ) } - end - - context "when listen options are specified as an array of hashes" do - let(:params) do - { - :name => 'apache', - :bind => { - '0.0.0.0:48001-48003' => [], - }, - :mode => 'http', - :options => [ - { 'reqadd' => 'X-Forwarded-Proto:\ https' }, - { 'default_backend' => 'dev00_webapp' }, - { 'capture request header' => [ 'X-Forwarded-For len 50', 'Host len 15', 'Referrer len 15' ] }, - { 'acl' => [ 'dst_dev01 dst_port 48001', 'dst_dev02 dst_port 48002', 'dst_dev03 dst_port 48003' ] }, - { 'use_backend' => [ 'dev01_webapp if dst_dev01', 'dev02_webapp if dst_dev02', 'dev03_webapp if dst_dev03' ] }, - { 'option' => [ 'httplog', 'http-server-close', 'forwardfor except 127.0.0.1' ] }, - { 'compression' => 'algo gzip', - 'bind-process' => 'all' } - ], - } - end - it { should contain_concat__fragment('haproxy-apache_listen_block').with( - 'order' => '20-apache-00', - 'target' => '/etc/haproxy/haproxy.cfg', - 'content' => "\nlisten apache\n bind 0.0.0.0:48001-48003 \n mode http\n reqadd X-Forwarded-Proto:\\ https\n default_backend dev00_webapp\n capture request header X-Forwarded-For len 50\n capture request header Host len 15\n capture request header Referrer len 15\n acl dst_dev01 dst_port 48001\n acl dst_dev02 dst_port 48002\n acl dst_dev03 dst_port 48003\n use_backend dev01_webapp if dst_dev01\n use_backend dev02_webapp if dst_dev02\n use_backend dev03_webapp if dst_dev03\n option httplog\n option http-server-close\n option forwardfor except 127.0.0.1\n bind-process all\n compression algo gzip\n" - ) } - end - -end diff --git a/haproxy/spec/defines/mapfile_spec.rb b/haproxy/spec/defines/mapfile_spec.rb deleted file mode 100644 index f7b58ba68..000000000 --- a/haproxy/spec/defines/mapfile_spec.rb +++ /dev/null @@ -1,48 +0,0 @@ -require 'spec_helper' - -describe 'haproxy::mapfile' do - let(:pre_condition) { 'include haproxy' } - let(:title) { 'domains-to-backends' } - let(:facts) do - { - :ipaddress => '1.1.1.1', - :osfamily => 'Redhat', - :concat_basedir => '/dne', - } - end - context "map domains to backends" do - let(:params) do - { - :ensure => 'present', - :mappings => [ - { 'app01.example.com' => 'bk_app01' }, - { 'app02.example.com' => 'bk_app02' }, - { 'app03.example.com' => 'bk_app03' }, - { 'app04.example.com' => 'bk_app04' }, - 'app05.example.com bk_app05', - 'app06.example.com bk_app06', - ], - :instances => [ 'haproxy' ], - } - end - - it { should contain_file('haproxy_mapfile_domains-to-backends').that_notifies('Haproxy::Service[haproxy]') } - it { should contain_file('haproxy_mapfile_domains-to-backends').with( - 'path' => '/etc/haproxy/domains-to-backends.map', - 'ensure' => 'present', - 'content' => "# HAProxy map file \"domains-to-backends\"\n# Managed by Puppet\n\napp01.example.com bk_app01\napp02.example.com bk_app02\napp03.example.com bk_app03\napp04.example.com bk_app04\napp05.example.com bk_app05\napp06.example.com bk_app06\n" ) } - end - - context "fail if a non-array is supplied for mappings" do - let(:params) do - { - :ensure => 'present', - :mappings => { 'foo' => 'bar' }, - } - end - - it 'should raise error' do - expect { catalogue }.to raise_error Puppet::Error, /is not an Array/ - end - end -end diff --git a/haproxy/spec/defines/peer_spec.rb b/haproxy/spec/defines/peer_spec.rb deleted file mode 100644 index 6dc77141e..000000000 --- a/haproxy/spec/defines/peer_spec.rb +++ /dev/null @@ -1,48 +0,0 @@ -require 'spec_helper' - -describe 'haproxy::peer' do - let :pre_condition do - 'class{"haproxy": - config_file => "/tmp/haproxy.cfg" - } - ' - end - let(:title) { 'dero' } - let(:facts) do - { - :ipaddress => '1.1.1.1', - :hostname => 'dero', - :concat_basedir => '/foo', - :osfamily => 'RedHat', - } - end - - context 'with a single peer' do - let(:params) do - { - :peers_name => 'tyler', - :port => 1024, - } - end - - it { should contain_concat__fragment('haproxy-peers-tyler-dero').with( - 'order' => '30-peers-01-tyler-dero', - 'target' => '/tmp/haproxy.cfg', - 'content' => " peer dero 1.1.1.1:1024\n" - ) } - end - - context 'remove a peer' do - let(:params) do - { - :peers_name => 'tyler', - :port => 1024, - :ensure => 'absent' - } - end - - it { should contain_concat__fragment('haproxy-peers-tyler-dero').with( - 'ensure' => 'absent' - ) } - end -end diff --git a/haproxy/spec/defines/peers_spec.rb b/haproxy/spec/defines/peers_spec.rb deleted file mode 100644 index 2acdf1861..000000000 --- a/haproxy/spec/defines/peers_spec.rb +++ /dev/null @@ -1,25 +0,0 @@ -require 'spec_helper' - -describe 'haproxy::peers' do - let :pre_condition do - 'class{"haproxy": - config_file => "/tmp/haproxy.cfg" - } - ' - end - let(:facts) {{ - :ipaddress => '1.1.1.1', - :concat_basedir => '/foo', - :osfamily => 'RedHat', - }} - - context "when no options are passed" do - let(:title) { 'bar' } - - it { should contain_concat__fragment('haproxy-bar_peers_block').with( - 'order' => '30-peers-00-bar', - 'target' => '/tmp/haproxy.cfg', - 'content' => "\npeers bar\n" - ) } - end -end diff --git a/haproxy/spec/defines/userlist_spec.rb b/haproxy/spec/defines/userlist_spec.rb deleted file mode 100644 index 49e735b06..000000000 --- a/haproxy/spec/defines/userlist_spec.rb +++ /dev/null @@ -1,36 +0,0 @@ -require 'spec_helper' - -describe 'haproxy::userlist' do - let(:pre_condition) { 'include haproxy' } - let(:title) { 'admins' } - let(:facts) do - { - :ipaddress => '1.1.1.1', - :osfamily => 'Redhat', - :concat_basedir => '/dne', - } - end - - context "when users and groups are passed" do - let (:params) do - { - :name => "admins", - :users => [ - 'scott insecure-password elgato', - 'kitchen insecure-password foobar' - ], - :groups => [ - 'superadmins users kitchen scott', - 'megaadmins users kitchen' - ] - } - end - - it { should contain_concat__fragment('haproxy-admins_userlist_block').with( - 'order' => '12-admins-00', - 'target' => '/etc/haproxy/haproxy.cfg', - 'content' => "\nuserlist admins\n group superadmins users kitchen scott\n group megaadmins users kitchen\n user scott insecure-password elgato\n user kitchen insecure-password foobar\n" - ) } - - end -end diff --git a/haproxy/spec/spec.opts b/haproxy/spec/spec.opts deleted file mode 100644 index 91cd6427e..000000000 --- a/haproxy/spec/spec.opts +++ /dev/null @@ -1,6 +0,0 @@ ---format -s ---colour ---loadby -mtime ---backtrace diff --git a/haproxy/spec/spec_helper.rb b/haproxy/spec/spec_helper.rb deleted file mode 100644 index 2c6f56649..000000000 --- a/haproxy/spec/spec_helper.rb +++ /dev/null @@ -1 +0,0 @@ -require 'puppetlabs_spec_helper/module_spec_helper' diff --git a/haproxy/spec/spec_helper_acceptance.rb b/haproxy/spec/spec_helper_acceptance.rb deleted file mode 100644 index a6e322ed4..000000000 --- a/haproxy/spec/spec_helper_acceptance.rb +++ /dev/null @@ -1,67 +0,0 @@ -require 'beaker-rspec' -require 'beaker/puppet_install_helper' - -run_puppet_install_helper - -UNSUPPORTED_PLATFORMS = ['Darwin', 'Suse','windows','AIX','Solaris'] - -RSpec.configure do |c| - # Project root - proj_root = File.expand_path(File.join(File.dirname(__FILE__), '..')) - - # Readable test descriptions - c.formatter = :documentation - - # Configure all nodes in nodeset - c.before :suite do - # Install module and dependencies - puppet_module_install(:source => proj_root, :module_name => 'haproxy') - hosts.each do |host| - on host, puppet('module','install','puppetlabs-stdlib'), { :acceptable_exit_codes => [0,1] } - on host, puppet('module','install','puppetlabs-concat'), { :acceptable_exit_codes => [0,1] } - if fact('osfamily') == 'RedHat' - on host, puppet('module','install','stahnma/epel'), { :acceptable_exit_codes => [0,1] } - end - if fact('operatingsystem') == 'Debian' - on host, puppet('module','install','puppetlabs-apt'), { :acceptable_exit_codes => [0,1] } - apply_manifest(%{ - include apt - include apt::backports - }) - end - if ! UNSUPPORTED_PLATFORMS.include?(fact('osfamily')) - pp = <<-EOS - $netcat = $::osfamily ? { - 'RedHat' => $::operatingsystemmajrelease ? { - '7' => 'nmap-ncat', - default => 'nc', - }, - 'Debian' => 'netcat-openbsd', - } - package { $netcat: ensure => present, } - package { 'screen': ensure => present, } - if $::osfamily == 'RedHat' { - class { 'epel': } - service { 'iptables': ensure => stopped, } - exec { 'setenforce Permissive': - path => ['/bin','/usr/bin','/sbin','/usr/sbin'], - onlyif => 'getenforce | grep Enforcing', - } - if $::operatingsystemmajrelease == '7' { - # For `netstat` for serverspec - package { 'net-tools': ensure => present, } - } - } - EOS - apply_manifest(pp, :catch_failures => true) - - ['5556','5557'].each do |port| - shell(%{echo 'while :; do echo "HTTP/1.1 200 OK\r\n\r\nResponse on #{port}" | nc -l #{port} ; done' > /root/script-#{port}.sh}) - shell(%{/usr/bin/screen -dmS script-#{port} sh /root/script-#{port}.sh}) - sleep 1 - shell(%{netstat -tnl|grep ':#{port}'}) - end - end - end - end -end diff --git a/haproxy/spec/unit/facter/haproxy_version_spec.rb b/haproxy/spec/unit/facter/haproxy_version_spec.rb deleted file mode 100644 index 75289fd69..000000000 --- a/haproxy/spec/unit/facter/haproxy_version_spec.rb +++ /dev/null @@ -1,27 +0,0 @@ -require "spec_helper" - -describe Facter::Util::Fact do - before { - Facter.clear - } - - context "haproxy present" do - it do - haproxy_version_output = <<-EOS - HA-Proxy version 1.5.3 2014/07/25 - Copyright 2000-2014 Willy Tarreau - EOS - Facter::Util::Resolution.expects(:which).at_least(1).with("haproxy").returns(true) - Facter::Util::Resolution.expects(:exec).at_least(1).with("haproxy -v 2>&1").returns(haproxy_version_output) - Facter.fact(:haproxy_version).value.should == "1.5.3" - end - end - - context "haproxy not present" do - it do - Facter::Util::Resolution.stubs(:exec) - Facter::Util::Resolution.expects(:which).at_least(1).with("haproxy").returns(false) - Facter.fact(:haproxy_version).should be_nil - end - end -end diff --git a/haproxy/templates/empty.erb b/haproxy/templates/empty.erb deleted file mode 100644 index e69de29bb..000000000 diff --git a/haproxy/templates/fragments/_bind.erb b/haproxy/templates/fragments/_bind.erb deleted file mode 100644 index c3dcdc55d..000000000 --- a/haproxy/templates/fragments/_bind.erb +++ /dev/null @@ -1,31 +0,0 @@ -<% -require 'ipaddr' -if @bind - @bind.sort_by { |address_port, bind_params| - md = /^((\d+)\.(\d+)\.(\d+)\.(\d+))?(.*)/.match(address_port) - [ (md[1] ? md[2..5].inject(0){ |addr, octet| (addr << 8) + octet.to_i } : -1), md[6] ] - - }.map do |address_port, bind_params| --%> bind <%= address_port -%> <%= Array(bind_params).join(" ") %> -<% - - end -else --%> -<%- - Array(@ipaddress).uniq.each do |virtual_ip| (@ports.is_a?(Array) ? @ports : Array(@ports.split(","))).each do |port| - begin - IPAddr.new(virtual_ip) - valid_ip = true - rescue ArgumentError => e - valid_ip = false - end - if ! valid_ip and ! String(virtual_ip).match(/^[A-Za-z][A-Za-z0-9\.-]+$/) and virtual_ip != "*" - scope.function_fail(["Invalid IP address or hostname [#{virtual_ip}]"]) - end - scope.function_fail(["Port [#{port}] is outside of range 1-65535"]) if port.to_i < 1 or port.to_i > 65535 --%> - bind <%= virtual_ip -%>:<%= port -%> <%= Array(@bind_options).join(" ") %> -<%- end -%> -<%- end -%> -<%- end -%> diff --git a/haproxy/templates/fragments/_mode.erb b/haproxy/templates/fragments/_mode.erb deleted file mode 100644 index 5595f8efc..000000000 --- a/haproxy/templates/fragments/_mode.erb +++ /dev/null @@ -1,3 +0,0 @@ -<% if @mode -%> - mode <%= @mode %> -<% end -%> diff --git a/haproxy/templates/fragments/_options.erb b/haproxy/templates/fragments/_options.erb deleted file mode 100644 index a61f238ab..000000000 --- a/haproxy/templates/fragments/_options.erb +++ /dev/null @@ -1,19 +0,0 @@ -<% if @options.is_a?(Hash) -%> -<% @options.sort.each do |key, val| -%> -<% Array(val).each do |item| -%> - <%= key %> <%= item %> -<% end -%> -<% end -%> -<% elsif @options.is_a?(Array) -%> -<%# Iterate over array elements; each element is a hash (containing key-value -%> -<%# pairs); in case a hash contains more than one key-value pair the hash is -%> -<%# sorted by key name before outputting the key name (= option name) and its -%> -<%# value (or values, one per line) -%> -<% @options.each do |option| -%> -<% option.sort.map do |key, val| -%> -<% Array(val).each do |item| -%> - <%= key %> <%= item %> -<% end -%> -<% end -%> -<% end -%> -<% end -%> diff --git a/haproxy/templates/haproxy-base.cfg.erb b/haproxy/templates/haproxy-base.cfg.erb deleted file mode 100644 index 3a8771a04..000000000 --- a/haproxy/templates/haproxy-base.cfg.erb +++ /dev/null @@ -1,29 +0,0 @@ -global -<% @_global_options.sort.each do |key,val| -%> -<%# Skip options whose value is undef/nil -%> -<% next if val == :undef or val.nil? -%> -<% if val.is_a?(Array) -%> -<% val.each do |item| -%> - <%= key %> <%= item %> -<% end -%> -<% else -%> - <%= key %> <%= val %> -<% end -%> -<% end -%> - -defaults -<% @_defaults_options.sort.each do |key,val| -%> -<%# Skip options whose value is undef/nil -%> -<% next if val == :undef or val.nil? -%> -<% if val.is_a?(Array) -%> -<% val.each do |item| -%> - <%= key %> <%= item %> -<% end -%> -<% else -%> - <%= key %> <%= val %> -<% end -%> -<% end -%> -<% if @custom_fragment -%> - -<%= @custom_fragment %> -<% end -%> diff --git a/haproxy/templates/haproxy_backend_block.erb b/haproxy/templates/haproxy_backend_block.erb deleted file mode 100644 index 00473502c..000000000 --- a/haproxy/templates/haproxy_backend_block.erb +++ /dev/null @@ -1,3 +0,0 @@ - -backend <%= @section_name %> -<%= scope.function_template(['haproxy/fragments/_options.erb']) -%> diff --git a/haproxy/templates/haproxy_balancermember.erb b/haproxy/templates/haproxy_balancermember.erb deleted file mode 100644 index e8aa71e8a..000000000 --- a/haproxy/templates/haproxy_balancermember.erb +++ /dev/null @@ -1,9 +0,0 @@ -<% Array(@ipaddresses).zip(Array(@server_names)).each do |ipaddress,host| -%> -<% if @ports -%> -<%- Array(@ports).each do |port| -%> - server <%= host %> <%= ipaddress %>:<%= port %><%= if @define_cookies then " cookie " + host end %> <%= Array(@options).sort.join(" ") %> -<%- end -%> -<% else -%> - server <%= host %> <%= ipaddress %><%= if @define_cookies then " cookie " + host end %> <%= Array(@options).sort.join(" ") %> -<%- end -%> -<% end -%> diff --git a/haproxy/templates/haproxy_frontend_block.erb b/haproxy/templates/haproxy_frontend_block.erb deleted file mode 100644 index 718305d1d..000000000 --- a/haproxy/templates/haproxy_frontend_block.erb +++ /dev/null @@ -1,5 +0,0 @@ - -frontend <%= @section_name %> -<%= scope.function_template(['haproxy/fragments/_bind.erb']) -%> -<%= scope.function_template(['haproxy/fragments/_mode.erb']) -%> -<%= scope.function_template(['haproxy/fragments/_options.erb']) -%> diff --git a/haproxy/templates/haproxy_listen_block.erb b/haproxy/templates/haproxy_listen_block.erb deleted file mode 100644 index 3c29202ce..000000000 --- a/haproxy/templates/haproxy_listen_block.erb +++ /dev/null @@ -1,5 +0,0 @@ - -listen <%= @section_name %> -<%= scope.function_template(['haproxy/fragments/_bind.erb']) -%> -<%= scope.function_template(['haproxy/fragments/_mode.erb']) -%> -<%= scope.function_template(['haproxy/fragments/_options.erb']) -%> diff --git a/haproxy/templates/haproxy_mapfile.erb b/haproxy/templates/haproxy_mapfile.erb deleted file mode 100644 index bfc21f7d4..000000000 --- a/haproxy/templates/haproxy_mapfile.erb +++ /dev/null @@ -1,18 +0,0 @@ -# HAProxy map file "<%= @mapfile_name -%>" -# Managed by Puppet - -<%# Iterate over array elements; If element is a Hash sort it by its keys, -%> -<%# just in case, then output each key-value pair. If element is a String -%> -<%# then simply output the String value. Fail if the array contains anything -%> -<%# other than Hashes or Strings. -%> -<%- @mappings.each do |mapping| -%> -<%- if mapping.is_a?(Hash) -%> -<%- mapping.sort.map do |key, val| -%> -<%= key -%> <%= val %> -<%- end -%> -<%- elsif mapping.is_a?(String) -%> -<%= mapping %> -<%- else -%> -<% scope.function_fail(["Haproxy::Mapfile[#{@mapfile_name}]: $mappings array must contain only Hashes or Strings"]) -%> -<%- end -%> -<%- end -%> diff --git a/haproxy/templates/haproxy_peer.erb b/haproxy/templates/haproxy_peer.erb deleted file mode 100644 index 95aae16bf..000000000 --- a/haproxy/templates/haproxy_peer.erb +++ /dev/null @@ -1,3 +0,0 @@ -<% Array(@ipaddresses).zip(Array(@server_names)).each do |ipaddress,host| -%> - peer <%= host %> <%= ipaddress %>:<%= @port %> -<% end -%> diff --git a/haproxy/templates/haproxy_peers_block.erb b/haproxy/templates/haproxy_peers_block.erb deleted file mode 100644 index 3cd7aaa95..000000000 --- a/haproxy/templates/haproxy_peers_block.erb +++ /dev/null @@ -1,2 +0,0 @@ - -peers <%= @name %> diff --git a/haproxy/templates/haproxy_userlist_block.erb b/haproxy/templates/haproxy_userlist_block.erb deleted file mode 100644 index 9a26fe624..000000000 --- a/haproxy/templates/haproxy_userlist_block.erb +++ /dev/null @@ -1,12 +0,0 @@ - -userlist <%= @section_name %> -<%- Array(@groups).each do |group| -%> - <%- if group and ! group.empty? -%> - group <%= group %> - <%- end -%> -<%- end -%> -<%- Array(@users).each do |user| -%> - <%- if user and ! user.empty? -%> - user <%= user %> - <%- end -%> -<%- end -%> diff --git a/haproxy/templates/instance_service_unit_example.erb b/haproxy/templates/instance_service_unit_example.erb deleted file mode 100644 index 4fc4a9425..000000000 --- a/haproxy/templates/instance_service_unit_example.erb +++ /dev/null @@ -1,10 +0,0 @@ -[Unit] -Description=HAProxy-<%= @title %> Load Balancer -After=syslog.target network.target - -[Service] -ExecStart=<%= @wrapper %> -f /etc/haproxy-<%= @title %>/haproxy-<%= @title %>.cfg -p /run/haproxy-<%= @title %>.pid -ExecReload=/bin/kill -USR2 $MAINPID - -[Install] -WantedBy=multi-user.target diff --git a/heat/.gitignore b/heat/.gitignore deleted file mode 100644 index 61092bdaf..000000000 --- a/heat/.gitignore +++ /dev/null @@ -1,15 +0,0 @@ -pkg/ -Gemfile.lock -vendor/ -spec/fixtures/ -.vagrant/ -.bundle/ -coverage/ -.idea/ -*.swp -*.iml -openstack/ - -# Files created by releasenotes build -releasenotes/build -.tox diff --git a/heat/.gitreview b/heat/.gitreview deleted file mode 100644 index b32bd5e19..000000000 --- a/heat/.gitreview +++ /dev/null @@ -1,5 +0,0 @@ -[gerrit] -host=review.openstack.org -port=29418 -project=openstack/puppet-heat.git -defaultbranch=stable/mitaka diff --git a/heat/CHANGELOG.md b/heat/CHANGELOG.md deleted file mode 100644 index 73a59296f..000000000 --- a/heat/CHANGELOG.md +++ /dev/null @@ -1,194 +0,0 @@ -## 8.0.0 and beyond - -From 8.0.0 release and beyond, release notes are published on -[docs.openstack.org](http://docs.openstack.org/releasenotes/puppet-heat/). - -##2015-11-25 - 7.0.0 -###Summary - -This is a backwards-incompatible major release for OpenStack Liberty. - -####Backwards-incompatible changes -- change section name for AMQP qpid parameters -- change section name for AMQP rabbit parameters -- update rpc_backend default parameter -- cleanup configure_delegated_roles deprecated parameter - -####Features -- add support for RabbitMQ connection heartbeat -- keystone/auth: make service description configurable -- add tag to package and service resources -- add heat::config class -- expose RPC response timeout as a puppet parameter -- support setting instance_user to an empty string -- add heat::db::sync -- add an ability to manage use_stderr parameter -- reflect provider change in puppet-openstacklib -- put all the logging related parameters to the logging class -- add rabbit_ha_queues option -- improve heat::keystone::domain -- remove POSIX users, groups, and file modes -- use postgresql lib class for psycopg package -- move deps & external hooks into a standalone class -- introduce heat::db class -- make the role for heat_stack_user configurable -- allow to not manage Keystone domain -- add hooks for external install & svc management - -####Bugfixes -- rely on autorequire for config resource ordering -- fix up doc string for workers variable - -####Maintenance -- acceptance: enable debug & verbosity for OpenStack logs -- initial msync run for all Puppet OpenStack modules -- try to use zuul-cloner to prepare fixtures -- remove class_parameter_defaults puppet-lint check -- acceptance: use common bits from puppet-openstack-integration - -##2015-10-14 - 6.1.0 -###Summary - -This is a feature and maintenance release in the Kilo series. - -####Features -- Create Heat Domain with Keystone_domain resource - -####Maintenance -- Remove deprecated parameter stack_user_domain -- acceptance: checkout stable/kilo puppet modules - -##2015-07-08 - 6.0.0 -###Summary - -This is a backwards-incompatible major release for OpenStack Kilo. - -####Backwards-incompatible changes -- Move rabbit/kombu settings to oslo_messaging_rabbit section - -####Features -- Puppet 4.x support -- Implement Keystone domain creation -- Log output of heat-keystone-setup-domain -- Refactorise Keystone resources management -- Move keystone role creation to keystone area -- Support region_name for Heat -- Mark heat's keystone password as secret -- Add support for identity_uri -- Make configuring the service optional -- Set instance_user in heat -- Added missing enable_stack_abandon configuration option -- Tag all Heat packages -- Create a sync_db boolean for Heat -- Engine: validate auth_encryption_key -- Allow setting default config/signal transport -- Run db_sync when heat-common is upgraded -- Introduce public_url, internal_url and admin_url - -####Maintenance -- Acceptance tests with Beaker -- Fix spec tests for RSpec 3.x and Puppet 4.x -- Rename keystone_v2_authenticate method -- Make package_ensure consistent across classes - -##2015-06-17 - 5.1.0 -###Summary - -This is a feature and bugfix release in the Juno series. - -####Features -- Switch to TLSv1 -- Implement Keystone domain creation -- Run dbsync when engine is upgraded -- db: Added postgresql backend using openstacklib helper -- Add option to configure flavor in heat.conf - -####Bugfixes -- Rework delegated roles -- Change default MySQL collate to utf8_general_ci -- Fix ipv6 support - -####Maintenance -- spec: pin rspec-puppet to 1.0.1 -- Pin puppetlabs-concat to 1.2.1 in fixtures -- Update .gitreview file for project rename - -##2014-11-24 - 5.0.0 -###Summary - -This is a backwards-incompatible major release for OpenStack Juno. - -####Backwards-incompatible changes -- Bump stdlib dependency to >=4.0.0 - -####Features -- Add heat::policy to control policy.json -- Deprecate the sql_connection parameter for database_connection parameter -- Add parameters to configure deferred authentication method in heat::engine in - accordance with new Juno defaults -- Add parameters to control whether to configure users -- Add manage_service parameters to various classes to control whether the - service was managed, as well as added enabled parameters where not already - present -- Add the ability to override the keystone service name in keystone::auth -- Migrate the heat::db::mysql class to use openstacklib::db::mysql and - deprecated the mysql_module parameter - -##2014-10-16 - 4.2.0 -###Summary - -This is a feature and bugfix release in the Icehouse series. - -####Backwards-incompatible changes - -####Features -- Add ability to hide secret type parameters from logs -- Add class for extended logging options - -####Bugfixes -- Fix database resource relationships -- Fix ssl parameter requirements when using kombu and rabbit - -##2014-06-19 - 4.1.0 -###Summary - -This is a feature release in the Icehouse series. - -####Features -- Added SSL endpoint support - -##2014-05-05 - 4.0.0 -###Summary - -This is a backwards-incompatible major release for OpenStack Icehouse. - -####Backwards-incompatible changes -- Fix outdated DB connection parameter - -####Features -- Add SSL parameter for RabbitMQ -- Add support for puppetlabs-mysql 2.2 and greater -- Add option to define RabbitMQ queues as durable - -####Bugfixes -- Fix Keystone auth_uri parameter - -##2014-03-26 - 3.1.0 -###Summary - -This is a feature and bugfix release in the Havana series. - -####Features -- Allow log_dir to be set to false to disable file logging -- Add support for database idle timeout - -####Bugfixes -- Fix postgresql connection string -- Align Keystone auth_uri with other OpenStack services -- Fix the EC2 auth token settings -- Fix rabbit_virtual_host configuration - -##2014-01-23 - 3.0.0 -###Summary - -Initial release of the puppet-heat module. diff --git a/heat/Gemfile b/heat/Gemfile deleted file mode 100644 index 5728ff7e7..000000000 --- a/heat/Gemfile +++ /dev/null @@ -1,22 +0,0 @@ -source ENV['GEM_SOURCE'] || "https://rubygems.org" - -group :development, :test, :system_tests do - gem 'puppet-openstack_spec_helper', - :git => 'https://git.openstack.org/openstack/puppet-openstack_spec_helper', - :branch => 'stable/mitaka', - :require => false -end - -if facterversion = ENV['FACTER_GEM_VERSION'] - gem 'facter', facterversion, :require => false -else - gem 'facter', :require => false -end - -if puppetversion = ENV['PUPPET_GEM_VERSION'] - gem 'puppet', puppetversion, :require => false -else - gem 'puppet', :require => false -end - -# vim:ft=ruby diff --git a/heat/LICENSE b/heat/LICENSE deleted file mode 100644 index 88a11a0e7..000000000 --- a/heat/LICENSE +++ /dev/null @@ -1,13 +0,0 @@ -Copyright 2012 OpenStack Foundation - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. diff --git a/heat/README.md b/heat/README.md deleted file mode 100644 index 8abc0c42d..000000000 --- a/heat/README.md +++ /dev/null @@ -1,133 +0,0 @@ -puppet-heat -============= - -#### Table of Contents - -1. [Overview - What is the heat module?](#overview) -2. [Module Description - What does the module do?](#module-description) -3. [Setup - The basics of getting started with heat](#setup) -4. [Implementation - An under-the-hood peek at what the module is doing](#implementation) -5. [Limitations - OS compatibility, etc.](#limitations) -6. [Development - Guide for contributing to the module](#development) -7. [Contributors - Those with commits](#contributors) - -Overview --------- - -The heat module is part of [OpenStack](https://github.com/openstack), an effort by the -OpenStack infrastructure team to provice continuous integration testing and code review for -OpenStack and OpenStack community projects as part of the core software. The module itself -is used to flexibly configure and manage the orchestration service for OpenStack. - -Module Description ------------------- - -The heat module is an attempt to make Puppet capable of managing the entirety of heat. - -Setup ------ - -**What the heat module affects** - -* [Heat](https://wiki.openstack.org/wiki/Heat), the orchestration service for OpenStack - -### Installing heat - - puppet module install openstack/heat - -### Beginning with heat - -To utilize the heat module's functionality you will need to declare multiple resources. -The following is a modified excerpt from the [openstack module](httpd://github.com/stackforge/puppet-openstack). -This is not an exhaustive list of all the components needed. We recommend that you consult and understand the -[openstack module](https://github.com/stackforge/puppet-openstack) and the [core openstack](http://docs.openstack.org) -documentation to assist you in understanding the available deployment options. - -```puppet -# enable heat resources -class { '::heat': - rabbit_userid => 'heat', - rabbit_password => 'an_even_bigger_secret', - rabbit_host => '127.0.0.1', - database_connection => 'mysql://heat:a_big_secret@127.0.0.1/heat?charset=utf8', - identity_uri => 'http://127.0.0.1:35357/', - keystone_password => 'a_big_secret', -} - -class { '::heat::api': } - -class { '::heat::engine': - auth_encryption_key => '1234567890AZERTYUIOPMLKJHGFDSQ12', -} - -class { '::heat::api_cloudwatch': } - -class { '::heat::api_cfn': } -``` - -Implementation --------------- - -### puppet-heat - -heat is a combination of Puppet manifests and Ruby code to deliver configuration and -extra functionality through types and providers. - -### Types - -#### heat_config - -The `heat_config` provider is a children of the ini_setting provider. It allows one to write an entry in the `/etc/heat/heat.conf` file. - -```puppet -heat_config { 'DEFAULT/verbose' : - value => true, -} -``` - -This will write `verbose=true` in the `[DEFAULT]` section. - -##### name - -Section/setting name to manage from `heat.conf` - -##### value - -The value of the setting to be defined. - -##### secret - -Whether to hide the value from Puppet logs. Defaults to `false`. - -##### ensure_absent_val - -If value is equal to ensure_absent_val then the resource will behave as if `ensure => absent` was specified. Defaults to `` - -Limitations ------------ - -None - -Beaker-Rspec ------------- - -This module has beaker-rspec tests - -To run: - -``shell -bundle install -bundle exec rspec spec/acceptance -`` - -Development ------------ - -Developer documentation for the entire puppet-openstack project. - -* https://wiki.openstack.org/wiki/Puppet-openstack#Developer_documentation - -Contributors ------------- - -* https://github.com/openstack/puppet-heat/graphs/contributors diff --git a/heat/Rakefile b/heat/Rakefile deleted file mode 100644 index 168d10814..000000000 --- a/heat/Rakefile +++ /dev/null @@ -1 +0,0 @@ -require 'puppet-openstack_spec_helper/rake_tasks' diff --git a/heat/examples/site.pp b/heat/examples/site.pp deleted file mode 100644 index 2a0f902cd..000000000 --- a/heat/examples/site.pp +++ /dev/null @@ -1,29 +0,0 @@ -node default { - Exec { - path => ['/usr/bin', '/bin', '/usr/sbin', '/sbin'] - } - - # First, install a mysql server - class { '::mysql::server': } - - # And create the database - class { '::heat::db::mysql': - password => 'heat', - } - - # Common class - class { '::heat': - # The keystone_password parameter is mandatory - keystone_password => 'password', - sql_connection => 'mysql+pymysql://heat:heat@localhost/heat' - } - - # Install heat-engine - class { '::heat::engine': - auth_encryption_key => 'whatever-key-you-like', - } - - # Install the heat-api service - class { '::heat::api': } - -} diff --git a/heat/lib/puppet/provider/heat_api_paste_ini/ini_setting.rb b/heat/lib/puppet/provider/heat_api_paste_ini/ini_setting.rb deleted file mode 100644 index 5b38e91f6..000000000 --- a/heat/lib/puppet/provider/heat_api_paste_ini/ini_setting.rb +++ /dev/null @@ -1,27 +0,0 @@ -Puppet::Type.type(:heat_api_paste_ini).provide( - :ini_setting, - :parent => Puppet::Type.type(:ini_setting).provider(:ruby) -) do - - def section - resource[:name].split('/', 2).first - end - - def setting - resource[:name].split('/', 2).last - end - - def separator - '=' - end - - def self.file_path - '/etc/heat/api-paste.ini' - end - - # added for backwards compatibility with older versions of inifile - def file_path - self.class.file_path - end - -end diff --git a/heat/lib/puppet/provider/heat_config/ini_setting.rb b/heat/lib/puppet/provider/heat_config/ini_setting.rb deleted file mode 100644 index 73985ffb4..000000000 --- a/heat/lib/puppet/provider/heat_config/ini_setting.rb +++ /dev/null @@ -1,10 +0,0 @@ -Puppet::Type.type(:heat_config).provide( - :ini_setting, - :parent => Puppet::Type.type(:openstack_config).provider(:ini_setting) -) do - - def self.file_path - '/etc/heat/heat.conf' - end - -end diff --git a/heat/lib/puppet/type/heat_api_paste_ini.rb b/heat/lib/puppet/type/heat_api_paste_ini.rb deleted file mode 100644 index ff933645d..000000000 --- a/heat/lib/puppet/type/heat_api_paste_ini.rb +++ /dev/null @@ -1,52 +0,0 @@ -Puppet::Type.newtype(:heat_api_paste_ini) do - - ensurable - - newparam(:name, :namevar => true) do - desc 'Section/setting name to manage from /etc/heat/api-paste.ini' - newvalues(/\S+\/\S+/) - end - - newproperty(:value) do - desc 'The value of the setting to be defined.' - munge do |value| - value = value.to_s.strip - value.capitalize! if value =~ /^(true|false)$/i - value - end - - def is_to_s( currentvalue ) - if resource.secret? - return '[old secret redacted]' - else - return currentvalue - end - end - - def should_to_s( newvalue ) - if resource.secret? - return '[new secret redacted]' - else - return newvalue - end - end - end - - newparam(:secret, :boolean => true) do - desc 'Whether to hide the value from Puppet logs. Defaults to `false`.' - - newvalues(:true, :false) - - defaultto false - end - - newparam(:ensure_absent_val) do - desc 'A value that is specified as the value property will behave as if ensure => absent was specified' - defaultto('') - end - - autorequire(:package) do - 'heat-common' - end - -end diff --git a/heat/lib/puppet/type/heat_config.rb b/heat/lib/puppet/type/heat_config.rb deleted file mode 100644 index ff127c0ad..000000000 --- a/heat/lib/puppet/type/heat_config.rb +++ /dev/null @@ -1,53 +0,0 @@ -Puppet::Type.newtype(:heat_config) do - - ensurable - - newparam(:name, :namevar => true) do - desc 'Section/setting name to manage from heat.conf' - newvalues(/\S+\/\S+/) - end - - newproperty(:value) do - desc 'The value of the setting to be defined.' - munge do |value| - value = value.to_s.strip - value.capitalize! if value =~ /^(true|false)$/i - value - end - newvalues(/^[\S ]*$/) - - def is_to_s( currentvalue ) - if resource.secret? - return '[old secret redacted]' - else - return currentvalue - end - end - - def should_to_s( newvalue ) - if resource.secret? - return '[new secret redacted]' - else - return newvalue - end - end - end - - newparam(:secret, :boolean => true) do - desc 'Whether to hide the value from Puppet logs. Defaults to `false`.' - - newvalues(:true, :false) - - defaultto false - end - - newparam(:ensure_absent_val) do - desc 'A value that is specified as the value property will behave as if ensure => absent was specified' - defaultto('') - end - - autorequire(:package) do - 'heat-common' - end - -end diff --git a/heat/manifests/api.pp b/heat/manifests/api.pp deleted file mode 100644 index ae532fb20..000000000 --- a/heat/manifests/api.pp +++ /dev/null @@ -1,106 +0,0 @@ -# == Class: heat::api -# -# Installs & configure the heat API service -# -# === Parameters -# [*package_ensure*] -# (Optional) Ensure state for package. -# Defaults to 'present' -# -# [*enabled*] -# (optional) Should the service be enabled. -# Defaults to 'true'. -# -# [*manage_service*] -# (optional) Whether the service should be managed by Puppet. -# Defaults to 'true'. -# -# [*bind_host*] -# (Optional) Address to bind the server. Useful when -# selecting a particular network interface. -# Defaults to $::os_service_default. -# -# [*bind_port*] -# (Optional) The port on which the server will listen. -# Defaults to $::os_service_default. -# -# [*workers*] -# (Optional) The number of workers to spawn. -# Defaults to $::os_service_default. -# -# [*use_ssl*] -# (Optional) Whether to use ssl or not. -# Defaults to 'false'. -# -# [*cert_file*] -# (Optional) Location of the SSL certificate file to use for SSL mode. -# Required when $use_ssl is set to 'true'. -# Defaults to $::os_service_default. -# -# [*key_file*] -# (Optional) Location of the SSL key file to use for enabling SSL mode. -# Required when $use_ssl is set to 'true'. -# Defaults to $::os_service_default. -# -# === Deprecated Parameters -# -# No Deprecated Parameters. -# -class heat::api ( - $package_ensure = 'present', - $manage_service = true, - $enabled = true, - $bind_host = $::os_service_default, - $bind_port = $::os_service_default, - $workers = $::os_service_default, - $use_ssl = false, - $cert_file = $::os_service_default, - $key_file = $::os_service_default, -) { - - include ::heat - include ::heat::deps - include ::heat::params - include ::heat::policy - - if $use_ssl { - if is_service_default($cert_file) { - fail('The cert_file parameter is required when use_ssl is set to true') - } - if is_service_default($key_file) { - fail('The key_file parameter is required when use_ssl is set to true') - } - } - - package { 'heat-api': - ensure => $package_ensure, - name => $::heat::params::api_package_name, - tag => ['openstack', 'heat-package'], - } - - if $manage_service { - if $enabled { - $service_ensure = 'running' - } else { - $service_ensure = 'stopped' - } - } - - service { 'heat-api': - ensure => $service_ensure, - name => $::heat::params::api_service_name, - enable => $enabled, - hasstatus => true, - hasrestart => true, - tag => 'heat-service', - } - - heat_config { - 'heat_api/bind_host': value => $bind_host; - 'heat_api/bind_port': value => $bind_port; - 'heat_api/workers': value => $workers; - 'heat_api/cert_file': value => $cert_file; - 'heat_api/key_file': value => $key_file; - } - -} diff --git a/heat/manifests/api_cfn.pp b/heat/manifests/api_cfn.pp deleted file mode 100644 index 41fba1eca..000000000 --- a/heat/manifests/api_cfn.pp +++ /dev/null @@ -1,109 +0,0 @@ -# == Class: heat::api_cfn -# -# This class deprecates heat::api-cfn. -# -# Installs & configure the heat CloudFormation API service -# -# === Parameters -# -# [*package_ensure*] -# (Optional) Ensure state for package. -# Defaults to 'present' -# -# [*enabled*] -# (optional) Should the service be enabled. -# Defaults to 'true'. -# -# [*manage_service*] -# (optional) Whether the service should be managed by Puppet. -# Defaults to 'true'. -# -# [*bind_host*] -# (Optional) Address to bind the server. Useful when -# selecting a particular network interface. -# Defaults to $::os_service_default. -# -# [*bind_port*] -# (Optional) The port on which the server will listen. -# Defaults to $::os_service_default. -# -# [*workers*] -# (Optional) The number of workers to spawn. -# Defaults to $::os_service_default. -# -# [*use_ssl*] -# (Optional) Whether to use ssl or not. -# Defaults to 'false'. -# -# [*cert_file*] -# (Optional) Location of the SSL certificate file to use for SSL mode. -# Required when $use_ssl is set to 'true'. -# Defaults to $::os_service_default. -# -# [*key_file*] -# (Optional) Location of the SSL key file to use for enabling SSL mode. -# Required when $use_ssl is set to 'true'. -# Defaults to $::os_service_default. -# -# == Deprecated Parameters -# -# No Deprecated Parameters. -# -class heat::api_cfn ( - $package_ensure = 'present', - $manage_service = true, - $enabled = true, - $bind_host = $::os_service_default, - $bind_port = $::os_service_default, - $workers = $::os_service_default, - $use_ssl = false, - $cert_file = $::os_service_default, - $key_file = $::os_service_default, -) { - - include ::heat - include ::heat::deps - include ::heat::params - include ::heat::policy - - if $use_ssl { - if is_service_default($cert_file) { - fail('The cert_file parameter is required when use_ssl is set to true') - } - if is_service_default($key_file) { - fail('The key_file parameter is required when use_ssl is set to true') - } - } - - package { 'heat-api-cfn': - ensure => $package_ensure, - name => $::heat::params::api_cfn_package_name, - tag => ['openstack', 'heat-package'], - } - - if $manage_service { - if $enabled { - $service_ensure = 'running' - } else { - $service_ensure = 'stopped' - } - } - - service { 'heat-api-cfn': - ensure => $service_ensure, - name => $::heat::params::api_cfn_service_name, - enable => $enabled, - hasstatus => true, - hasrestart => true, - tag => 'heat-service', - } - - heat_config { - 'heat_api_cfn/bind_host': value => $bind_host; - 'heat_api_cfn/bind_port': value => $bind_port; - 'heat_api_cfn/workers': value => $workers; - 'heat_api_cfn/cert_file': value => $cert_file; - 'heat_api_cfn/key_file': value => $key_file; - } - -} diff --git a/heat/manifests/api_cloudwatch.pp b/heat/manifests/api_cloudwatch.pp deleted file mode 100644 index 9d0bac5d8..000000000 --- a/heat/manifests/api_cloudwatch.pp +++ /dev/null @@ -1,108 +0,0 @@ -# == Class: heat::api_cloudwatch -# -# This class deprecates heat::api-cloudwatch -# -# Installs & configure the heat CloudWatch API service -# -# === Parameters -# [*package_ensure*] -# (Optional) Ensure state for package. -# Defaults to 'present' -# -# [*enabled*] -# (optional) Should the service be enabled. -# Defaults to true. -# -# [*manage_service*] -# (optional) Whether the service should be managed by Puppet. -# Defaults to true. -# -# [*bind_host*] -# (Optional) Address to bind the server. Useful when -# selecting a particular network interface. -# Defaults to $::os_service_default. -# -# [*bind_port*] -# (Optional) The port on which the server will listen. -# Defaults to $::os_service_default. -# -# [*workers*] -# (Optional) The number of workers to spawn. -# Defaults to $::os_service_default. -# -# [*use_ssl*] -# (Optional) Whether to use ssl or not. -# Defaults to 'false'. -# -# [*cert_file*] -# (Optional) Location of the SSL certificate file to use for SSL mode. -# Required when $use_ssl is set to 'true'. -# Defaults to $::os_service_default. -# -# [*key_file*] -# (Optional) Location of the SSL key file to use for enabling SSL mode. -# Required when $use_ssl is set to 'true'. -# Defaults to $::os_service_default. -# -# == Deprecated Parameters -# -# No Deprecated Parameters. -# -class heat::api_cloudwatch ( - $package_ensure = 'present', - $manage_service = true, - $enabled = true, - $bind_host = $::os_service_default, - $bind_port = $::os_service_default, - $workers = $::os_service_default, - $use_ssl = false, - $cert_file = $::os_service_default, - $key_file = $::os_service_default, -) { - - include ::heat - include ::heat::deps - include ::heat::params - include ::heat::policy - - if $use_ssl { - if is_service_default($cert_file) { - fail('The cert_file parameter is required when use_ssl is set to true') - } - if is_service_default($key_file) { - fail('The key_file parameter is required when use_ssl is set to true') - } - } - - package { 'heat-api-cloudwatch': - ensure => $package_ensure, - name => $::heat::params::api_cloudwatch_package_name, - tag => ['openstack', 'heat-package'], - } - - if $manage_service { - if $enabled { - $service_ensure = 'running' - } else { - $service_ensure = 'stopped' - } - } - - service { 'heat-api-cloudwatch': - ensure => $service_ensure, - name => $::heat::params::api_cloudwatch_service_name, - enable => $enabled, - hasstatus => true, - hasrestart => true, - tag => 'heat-service', - } - - heat_config { - 'heat_api_cloudwatch/bind_host': value => $bind_host; - 'heat_api_cloudwatch/bind_port': value => $bind_port; - 'heat_api_cloudwatch/workers': value => $workers; - 'heat_api_cloudwatch/cert_file': value => $cert_file; - 'heat_api_cloudwatch/key_file': value => $key_file; - } - -} diff --git a/heat/manifests/client.pp b/heat/manifests/client.pp deleted file mode 100644 index 67035d941..000000000 --- a/heat/manifests/client.pp +++ /dev/null @@ -1,23 +0,0 @@ -# == Class: heat::client -# -# Installs the heat python library. -# -# === Parameters -# -# [*ensure*] -# (Optional) Ensure state for package. -# -class heat::client ( - $ensure = 'present' -) { - - include ::heat::deps - include ::heat::params - - package { 'python-heatclient': - ensure => $ensure, - name => $::heat::params::client_package_name, - tag => 'openstack', - } - -} diff --git a/heat/manifests/config.pp b/heat/manifests/config.pp deleted file mode 100644 index ad355e9da..000000000 --- a/heat/manifests/config.pp +++ /dev/null @@ -1,38 +0,0 @@ -# == Class: heat::config -# -# This class is used to manage arbitrary Heat configurations. -# -# === Parameters -# -# [*heat_config*] -# (optional) Allow configuration of arbitrary Heat configurations. -# The value is a hash of heat_config resources. Example: -# { 'DEFAULT/foo' => { value => 'fooValue'}, -# 'DEFAULT/bar' => { value => 'barValue'} -# } -# In yaml format, Example: -# heat_config: -# DEFAULT/foo: -# value: fooValue -# DEFAULT/bar: -# value: barValue -# -# [*heat_api_paste_ini*] -# (optional) Allow configuration of /etc/heat/api-paste.ini options. -# -# NOTE: The configuration MUST NOT be already handled by this module -# or Puppet catalog compilation will fail with duplicate resources. -# -class heat::config ( - $heat_config = {}, - $heat_api_paste_ini = {}, -) { - - include ::heat::deps - - validate_hash($heat_config) - validate_hash($heat_api_paste_ini) - - create_resources('heat_config', $heat_config) - create_resources('heat_api_paste_ini', $heat_api_paste_ini) -} diff --git a/heat/manifests/cron/purge_deleted.pp b/heat/manifests/cron/purge_deleted.pp deleted file mode 100644 index a0d148b2b..000000000 --- a/heat/manifests/cron/purge_deleted.pp +++ /dev/null @@ -1,86 +0,0 @@ -# == Class: heat::cron::purge_deleted -# -# Installs a cron job to purge db entries marked as deleted and older than $age. -# Default will be 1 day. -# -# === Parameters -# -# [*ensure*] -# (optional) Defaults to present. -# Valid values are present, absent. -# -# [*minute*] -# (optional) Defaults to '1'. -# -# [*hour*] -# (optional) Defaults to '0'. -# -# [*monthday*] -# (optional) Defaults to '*'. -# -# [*month*] -# (optional) Defaults to '*'. -# -# [*weekday*] -# (optional) Defaults to '*'. -# -# [*maxdelay*] -# (optional) Seconds. Defaults to 0. Should be a positive integer. -# Induces a random delay before running the cronjob to avoid running all -# cron jobs at the same time on all hosts this job is configured. -# -# [*user*] -# (optional) User with access to heat files. -# Defaults to 'heat'. -# -# [*age*] -# (optional) Age value for $age_type. -# Defaults to '1'. -# -# [*age_type*] -# (optional) Age type. -# Can be days, hours, minutes, seconds -# Defaults to 'days'. -# -# [*destination*] -# (optional) Path to file to which rows should be archived -# Defaults to '/var/log/heat/heat-purge_deleted.log'. -# -class heat::cron::purge_deleted ( - $ensure = present, - $minute = 1, - $hour = 0, - $monthday = '*', - $month = '*', - $weekday = '*', - $maxdelay = 0, - $user = 'heat', - $age = 1, - $age_type = 'days', - $destination = '/var/log/heat/heat-purge_deleted.log' -) { - - if ! member(['days', 'hours', 'minutes', 'seconds'], $age_type) { - fail('age_type possible values are only days, hours, minutes, or seconds.') - } - - if $maxdelay == 0 { - $sleep = '' - } else { - $sleep = "sleep `expr \${RANDOM} \\% ${maxdelay}`; " - } - - cron { 'heat-manage purge_deleted': - ensure => $ensure, - command => "${sleep}heat-manage purge_deleted -g ${age_type} ${age} >>${destination} 2>&1", - environment => 'PATH=/bin:/usr/bin:/usr/sbin SHELL=/bin/sh', - user => $user, - minute => $minute, - hour => $hour, - monthday => $monthday, - month => $month, - weekday => $weekday - } - - Package['heat-common'] -> Cron['heat-manage purge_deleted'] -} diff --git a/heat/manifests/db.pp b/heat/manifests/db.pp deleted file mode 100644 index 2a4ea7a4f..000000000 --- a/heat/manifests/db.pp +++ /dev/null @@ -1,112 +0,0 @@ -# == Class: heat::db -# -# Configure the Heat database -# -# === Parameters -# -# [*database_connection*] -# Url used to connect to database. -# (Optional) Defaults to 'sqlite:////var/lib/heat/heat.sqlite'. -# -# [*database_idle_timeout*] -# Timeout when db connections should be reaped. -# (Optional) Defaults to $::os_service_default. -# -# [*database_min_pool_size*] -# Minimum number of SQL connections to keep open in a pool. -# (Optional) Defaults to $::os_service_default. -# -# [*database_max_pool_size*] -# Maximum number of SQL connections to keep open in a pool. -# (Optional) Defaults to $::os_service_default. -# -# [*database_max_retries*] -# Maximum db connection retries during startup. -# Setting -1 implies an infinite retry count. -# (Optional) Defaults to $::os_service_default. -# -# [*database_retry_interval*] -# Interval between retries of opening a sql connection. -# (Optional) Defaults to $::os_service_default. -# -# [*database_max_overflow*] -# If set, use this value for max_overflow with sqlalchemy. -# (Optional) Defaults to $::os_service_default. -# -# [*sync_db*] -# (Optional) Run db sync on nodes after connection setting has been set. -# Defaults to true -# -class heat::db ( - $database_connection = 'sqlite:////var/lib/heat/heat.sqlite', - $database_idle_timeout = $::os_service_default, - $database_min_pool_size = $::os_service_default, - $database_max_pool_size = $::os_service_default, - $database_max_retries = $::os_service_default, - $database_retry_interval = $::os_service_default, - $database_max_overflow = $::os_service_default, - $sync_db = true, -) { - - include ::heat::deps - include ::heat::params - - # NOTE(spredzy): In order to keep backward compatibility we rely on the pick function - # to use heat:: if heat::db:: isn't specified. - $database_connection_real = pick($::heat::database_connection, $database_connection) - $database_idle_timeout_real = pick($::heat::database_idle_timeout, $database_idle_timeout) - $database_min_pool_size_real = pick($::heat::database_min_pool_size, $database_min_pool_size) - $database_max_pool_size_real = pick($::heat::database_max_pool_size, $database_max_pool_size) - $database_max_retries_real = pick($::heat::database_max_retries, $database_max_retries) - $database_retry_interval_real = pick($::heat::database_retry_interval, $database_retry_interval) - $database_max_overflow_real = pick($::heat::database_max_overflow, $database_max_overflow) - $sync_db_real = pick($::heat::sync_db, $sync_db) - - validate_re($database_connection_real, - '^(sqlite|mysql(\+pymysql)?|postgresql):\/\/(\S+:\S+@\S+\/\S+)?') - - case $database_connection_real { - /^mysql(\+pymysql)?:\/\//: { - require 'mysql::bindings' - require 'mysql::bindings::python' - if $database_connection_real =~ /^mysql\+pymysql/ { - $backend_package = $::heat::params::pymysql_package_name - } else { - $backend_package = false - } - } - /^postgresql:\/\//: { - $backend_package = false - require 'postgresql::lib::python' - } - /^sqlite:\/\//: { - $backend_package = $::heat::params::sqlite_package_name - } - default: { - fail('Unsupported backend configured') - } - } - - if $backend_package and !defined(Package[$backend_package]) { - package {'heat-backend-package': - ensure => present, - name => $backend_package, - tag => 'openstack', - } - } - - heat_config { - 'database/connection': value => $database_connection_real, secret => true; - 'database/idle_timeout': value => $database_idle_timeout_real; - 'database/min_pool_size': value => $database_min_pool_size_real; - 'database/max_retries': value => $database_max_retries_real; - 'database/retry_interval': value => $database_retry_interval_real; - 'database/max_pool_size': value => $database_max_pool_size_real; - 'database/max_overflow': value => $database_max_overflow_real; - } - - if $sync_db_real { - include ::heat::db::sync - } - -} diff --git a/heat/manifests/db/mysql.pp b/heat/manifests/db/mysql.pp deleted file mode 100644 index e27cab42f..000000000 --- a/heat/manifests/db/mysql.pp +++ /dev/null @@ -1,74 +0,0 @@ -# == Class: heat::db::mysql -# -# The heat::db::mysql class creates a MySQL database for heat. -# It must be used on the MySQL server -# -# === Parameters -# -# [*password*] -# (Mandatory) Password to connect to the database. -# Defaults to 'false'. -# -# [*dbname*] -# (Optional) Name of the database. -# Defaults to 'heat'. -# -# [*user*] -# (Optional) User to connect to the database. -# Defaults to 'heat'. -# -# [*host*] -# (Optional) The default source host user is allowed to connect from. -# Defaults to '127.0.0.1' -# -# [*allowed_hosts*] -# (Optional) Other hosts the user is allowed to connect from. -# Defaults to 'undef'. -# -# [*charset*] -# (Optional) The database charset. -# Defaults to 'utf8' -# -# [*collate*] -# (Optional) The database collate. -# Only used with mysql modules >= 2.2. -# Defaults to 'utf8_general_ci' -# -# === Deprecated Parameters -# -# [*mysql_module*] -# (Optional) Does nothing. -# -class heat::db::mysql( - $password = false, - $dbname = 'heat', - $user = 'heat', - $host = '127.0.0.1', - $allowed_hosts = undef, - $charset = 'utf8', - $collate = 'utf8_general_ci', - $mysql_module = undef -) { - - include ::heat::deps - - if $mysql_module { - warning('The mysql_module parameter is deprecated. The latest 2.x mysql module will be used.') - } - - validate_string($password) - - ::openstacklib::db::mysql { 'heat': - user => $user, - password_hash => mysql_password($password), - dbname => $dbname, - host => $host, - charset => $charset, - collate => $collate, - allowed_hosts => $allowed_hosts, - } - - Anchor['heat::db::begin'] - ~> Class['heat::db::mysql'] - ~> Anchor['heat::db::end'] -} diff --git a/heat/manifests/db/postgresql.pp b/heat/manifests/db/postgresql.pp deleted file mode 100644 index 9307df3fe..000000000 --- a/heat/manifests/db/postgresql.pp +++ /dev/null @@ -1,48 +0,0 @@ -# == Class: heat::db::postgresql -# -# Class that configures postgresql for heat -# Requires the Puppetlabs postgresql module. -# -# === Parameters -# -# [*password*] -# (Required) Password to connect to the database. -# -# [*dbname*] -# (Optional) Name of the database. -# Defaults to 'heat'. -# -# [*user*] -# (Optional) User to connect to the database. -# Defaults to 'heat'. -# -# [*encoding*] -# (Optional) The charset to use for the database. -# Default to undef. -# -# [*privileges*] -# (Optional) Privileges given to the database user. -# Default to 'ALL' -# -class heat::db::postgresql( - $password, - $dbname = 'heat', - $user = 'heat', - $encoding = undef, - $privileges = 'ALL', -) { - - include ::heat::deps - - ::openstacklib::db::postgresql { 'heat': - password_hash => postgresql_password($user, $password), - dbname => $dbname, - user => $user, - encoding => $encoding, - privileges => $privileges, - } - - Anchor['heat::db::begin'] - ~> Class['heat::db::postgresql'] - ~> Anchor['heat::db::end'] -} diff --git a/heat/manifests/db/sync.pp b/heat/manifests/db/sync.pp deleted file mode 100644 index 931339a4d..000000000 --- a/heat/manifests/db/sync.pp +++ /dev/null @@ -1,32 +0,0 @@ -# -# Class to execute heat dbsync -# -# ==Parameters -# -# [*extra_params*] -# (optional) String of extra command line parameters to append -# to the heat-manage db_sync command. These will be inserted -# in the command line between 'heat-manage' and 'db_sync'. -# Defaults to '--config-file /etc/heat/heat.conf' -# -class heat::db::sync( - $extra_params = '--config-file /etc/heat/heat.conf', -) { - - include ::heat::deps - include ::heat::params - - exec { 'heat-dbsync': - command => "heat-manage ${extra_params} db_sync", - path => '/usr/bin', - user => 'heat', - refreshonly => true, - logoutput => on_failure, - subscribe => [ - Anchor['heat::install::end'], - Anchor['heat::config::end'], - Anchor['heat::dbsync::begin'] - ], - notify => Anchor['heat::dbsync::end'], - } -} diff --git a/heat/manifests/deps.pp b/heat/manifests/deps.pp deleted file mode 100644 index 213af22f4..000000000 --- a/heat/manifests/deps.pp +++ /dev/null @@ -1,30 +0,0 @@ -# == Class: heat::deps -# -# Heat anchors and dependency management -# -class heat::deps { - # Setup anchors for install, config and service phases of the module. These - # anchors allow external modules to hook the begin and end of any of these - # phases. Package or service management can also be replaced by ensuring the - # package is absent or turning off service management and having the - # replacement depend on the appropriate anchors. When applicable, end tags - # should be notified so that subscribers can determine if installation, - # config or service state changed and act on that if needed. - anchor { 'heat::install::begin': } - -> Package<| tag == 'heat-package'|> - ~> anchor { 'heat::install::end': } - -> anchor { 'heat::config::begin': } - -> Heat_config<||> - ~> anchor { 'heat::config::end': } - -> anchor { 'heat::db::begin': } - -> anchor { 'heat::db::end': } - ~> anchor { 'heat::dbsync::begin': } - -> anchor { 'heat::dbsync::end': } - ~> anchor { 'heat::service::begin': } - ~> Service<| tag == 'heat-service' |> - ~> anchor { 'heat::service::end': } - - # Installation or config changes will always restart services. - Anchor['heat::install::end'] ~> Anchor['heat::service::begin'] - Anchor['heat::config::end'] ~> Anchor['heat::service::begin'] -} diff --git a/heat/manifests/engine.pp b/heat/manifests/engine.pp deleted file mode 100644 index a771aa0e4..000000000 --- a/heat/manifests/engine.pp +++ /dev/null @@ -1,163 +0,0 @@ -# == Class: heat::engine -# -# Installs & configure the heat engine service -# -# === Parameters -# [*auth_encryption_key*] -# (required) Encryption key used for authentication info in database -# Must be either 16, 24, or 32 bytes long. -# -# [*package_ensure*] -# (Optional) Ensure state for package. -# Defaults to 'present' -# -# [*enabled*] -# (optional) Should the service be enabled. -# Defaults to 'true' -# -# [*manage_service*] -# (optional) Whether the service should be managed by Puppet. -# Defaults to true. -# -# [*heat_stack_user_role*] -# (optional) Keystone role for heat template-defined users. -# This setting does not actually create the role. If you change -# this to a different value you should also set -# heat::keystone::auth::heat_stack_user_role if you want the -# correct role created. -# Defaults to $::os_service_default. -# -# [*heat_metadata_server_url*] -# (optional) URL of the Heat metadata server -# Defaults to 'http://127.0.0.1:8000' -# -# [*heat_waitcondition_server_url*] -# (optional) URL of the Heat waitcondition server -# Defaults to 'http://127.0.0.1:8000/v1/waitcondition' -# -# [*heat_watch_server_url*] -# (optional) URL of the Heat cloudwatch server -# Defaults to 'http://127.0.0.1:8003' -# -# [*engine_life_check_timeout*] -# (optional) RPC timeout (in seconds) for the engine liveness check that is -# used for stack locking -# Defaults to $::os_service_default. -# -# [*deferred_auth_method*] -# (optional) Select deferred auth method. -# Can be "password" or "trusts". -# Defaults to $::os_service_default. -# -# [*default_software_config_transport*] -# (optional) Template default for how the server should receive the metadata -# required for software configuration. POLL_SERVER_CFN will allow calls to the -# cfn API action DescribeStackResource authenticated with the provided keypair -# (requires enabled heat-api-cfn). POLL_SERVER_HEAT will allow calls to the -# Heat API resource-show using the provided keystone credentials (requires -# keystone v3 API, and configured stack_user_* config options). POLL_TEMP_URL -# will create and populate a Swift TempURL with metadata for polling (requires -# object-store endpoint which supports TempURL). (string value) -# Allowed values: POLL_SERVER_CFN, POLL_SERVER_HEAT, POLL_TEMP_URL -# Defaults to $::os_service_default. -# -# [*default_deployment_signal_transport*] -# (optional) Template default for how the server should signal to heat with -# the deployment output values. CFN_SIGNAL will allow an HTTP POST to a CFN -# keypair signed URL (requires enabled heat-api-cfn). TEMP_URL_SIGNAL will -# create a Swift TempURL to be signaled via HTTP PUT (requires object-store -# TempURL). HEAT_SIGNAL will allow calls to the Heat API resource-signal using -# endpoint which supports the provided keystone credentials (string value) -# Allowed values: CFN_SIGNAL, TEMP_URL_SIGNAL, HEAT_SIGNAL -# Defaults to $::os_service_default. - -# [*trusts_delegated_roles*] -# (optional) Array of trustor roles to be delegated to heat. -# This value is also used by heat::keystone::auth if it is set to -# configure the keystone roles. -# Defaults to ['heat_stack_owner'] -# -# [*instance_connection_is_secure*] -# (Optional) Instance connection to CFN/CW API via https. -# Defaults to $::os_service_default -# -# [*instance_connection_https_validate_certificates*] -# (Optional) Instance connection to CFN/CW API validate certs if SSL is used. -# Defaults to $::os_service_default -# -# [*max_resources_per_stack*] -# (Optional) Maximum resources allowed per top-level stack. -# Defaults to $::os_service_default -# -class heat::engine ( - $auth_encryption_key, - $package_ensure = 'present', - $manage_service = true, - $enabled = true, - $heat_stack_user_role = $::os_service_default, - $heat_metadata_server_url = 'http://127.0.0.1:8000', - $heat_waitcondition_server_url = 'http://127.0.0.1:8000/v1/waitcondition', - $heat_watch_server_url = 'http://127.0.0.1:8003', - $engine_life_check_timeout = $::os_service_default, - $deferred_auth_method = $::os_service_default, - $default_software_config_transport = $::os_service_default, - $default_deployment_signal_transport = $::os_service_default, - $trusts_delegated_roles = ['heat_stack_owner'], - $instance_connection_is_secure = $::os_service_default, - $instance_connection_https_validate_certificates = $::os_service_default, - $max_resources_per_stack = $::os_service_default, -) { - - include ::heat::deps - - # Validate Heat Engine AES key - # must be either 16, 24, or 32 bytes long - # https://bugs.launchpad.net/heat/+bug/1415887 - $allowed_sizes = ['16','24','32'] - $param_size = size($auth_encryption_key) - if ! (member($allowed_sizes, "${param_size}")) { # lint:ignore:only_variable_string - fail("${param_size} is not a correct size for auth_encryption_key parameter, it must be either 16, 24, 32 bytes long.") - } - - include ::heat - include ::heat::params - - package { 'heat-engine': - ensure => $package_ensure, - name => $::heat::params::engine_package_name, - tag => ['openstack', 'heat-package'], - } - - if $manage_service { - if $enabled { - $service_ensure = 'running' - } else { - $service_ensure = 'stopped' - } - } - - service { 'heat-engine': - ensure => $service_ensure, - name => $::heat::params::engine_service_name, - enable => $enabled, - hasstatus => true, - hasrestart => true, - tag => 'heat-service', - } - - heat_config { - 'DEFAULT/auth_encryption_key': value => $auth_encryption_key; - 'DEFAULT/heat_stack_user_role': value => $heat_stack_user_role; - 'DEFAULT/heat_metadata_server_url': value => $heat_metadata_server_url; - 'DEFAULT/heat_waitcondition_server_url': value => $heat_waitcondition_server_url; - 'DEFAULT/heat_watch_server_url': value => $heat_watch_server_url; - 'DEFAULT/engine_life_check_timeout': value => $engine_life_check_timeout; - 'DEFAULT/default_software_config_transport': value => $default_software_config_transport; - 'DEFAULT/default_deployment_signal_transport': value => $default_deployment_signal_transport; - 'DEFAULT/trusts_delegated_roles': value => $trusts_delegated_roles; - 'DEFAULT/deferred_auth_method': value => $deferred_auth_method; - 'DEFAULT/max_resources_per_stack': value => $max_resources_per_stack; - 'DEFAULT/instance_connection_https_validate_certificates': value => $instance_connection_https_validate_certificates; - 'DEFAULT/instance_connection_is_secure': value => $instance_connection_is_secure; - } -} diff --git a/heat/manifests/init.pp b/heat/manifests/init.pp deleted file mode 100644 index 4073481a8..000000000 --- a/heat/manifests/init.pp +++ /dev/null @@ -1,482 +0,0 @@ -# == Class: heat -# -# Heat base package & configuration -# -# === Parameters -# -# [*package_ensure*] -# (Optional) Ensure state for package. -# Defaults to 'present' -# -# [*verbose*] -# (Optional) Should the daemons log verbose messages -# Defaults to undef. -# -# [*debug*] -# (Optional) Should the daemons log debug messages -# Defaults to undef. -# -# [*log_dir*] -# (Optional) Directory where logs should be stored -# If set to boolean 'false', it will not log to any directory -# Defaults to undef. -# -# [*rpc_backend*] -# (Optional) Use these options to configure the message system. -# Defaults to $::os_service_default. -# -# [*rpc_response_timeout*] -# (Optional) Configure the timeout (in seconds) for rpc responses -# Defaults to $::os_service_default. -# -# [*rabbit_host*] -# (Optional) IP or hostname of the rabbit server. -# Defaults to $::os_service_default. -# -# [*rabbit_port*] -# (Optional) Port of the rabbit server. -# Defaults to $::os_service_default. -# -# [*rabbit_hosts*] -# (Optional) Array of host:port (used with HA queues). -# If defined, will remove rabbit_host & rabbit_port parameters from config -# Defaults to $::os_service_default. -# -# [*rabbit_userid*] -# (Optional) User to connect to the rabbit server. -# Defaults to $::os_service_default. -# -# [*rabbit_password*] -# (Optional) Password to connect to the rabbit_server. -# Defaults to $::os_service_default. -# -# [*rabbit_virtual_host*] -# (Optional) Virtual_host to use. -# Defaults to $::os_service_default. -# -# [*rabbit_ha_queues*] -# (optional) Use HA queues in RabbitMQ (x-ha-policy: all). -# Defaults to $::os_service_default. -# -# [*rabbit_heartbeat_timeout_threshold*] -# (optional) Number of seconds after which the RabbitMQ broker is considered -# down if the heartbeat keepalive fails. Any value >0 enables heartbeats. -# Heartbeating helps to ensure the TCP connection to RabbitMQ isn't silently -# closed, resulting in missed or lost messages from the queue. -# (Requires kombu >= 3.0.7 and amqp >= 1.4.0) -# Defaults to 0 -# -# [*rabbit_heartbeat_rate*] -# (optional) How often during the rabbit_heartbeat_timeout_threshold period to -# check the heartbeat on RabbitMQ connection. (i.e. rabbit_heartbeat_rate=2 -# when rabbit_heartbeat_timeout_threshold=60, the heartbeat will be checked -# every 30 seconds. -# Defaults to $::os_service_default. -# -# [*rabbit_use_ssl*] -# (Optional) Connect over SSL for RabbitMQ. -# Defaults to $::os_service_default. -# -# [*kombu_ssl_ca_certs*] -# (Optional) SSL certification authority file (valid only if SSL enabled). -# Defaults to $::os_service_default. -# -# [*kombu_ssl_certfile*] -# (Optional) SSL cert file (valid only if SSL enabled). -# Defaults to $::os_service_default. -# -# [*kombu_ssl_keyfile*] -# (Optional) SSL key file (valid only if SSL enabled). -# Defaults to $::os_service_default. -# -# [*kombu_ssl_version*] -# (Optional) SSL version to use (valid only if SSL enabled). -# Valid values are TLSv1, SSLv23 and SSLv3. SSLv2 may be -# available on some distributions. -# Defaults to $::os_service_default. -# -# [*amqp_durable_queues*] -# (Optional) Use durable queues in amqp. -# Defaults to $::os_service_default. -# -# [*max_template_size*] -# (Optional) Maximum raw byte size of any template. -# Defaults to $::os_service_default -# -# [*max_json_body_size*] -# (Optional) Maximum raw byte size of JSON request body. -# Should be larger than max_template_size. -# Defaults to $::os_service_default -# -# [*notification_driver*] -# (Optional) Driver or drivers to handle sending notifications. -# Value can be a string or a list. -# Defaults to $::os_service_default -# -# == keystone authentication options -# -# [*auth_uri*] -# (Optional) Specifies the public Identity URI for Heat to use. -# Located in heat.conf. -# Defaults to: 'http://127.0.0.1:5000/'. -# -# [*identity_uri*] -# (Optional) Specifies the admin Identity URI for Heat to use. -# Located in heat.conf. -# Defaults to: 'http://127.0.0.1:35357/'. -# -# [*auth_plugin*] -# Specifies the plugin used for authentication. -# Defaults to undef. -# -# [*keystone_user*] -# Defaults to 'heat'. -# -# [*keystone_tenant*] -# Defaults to 'services'. -# -# [*keystone_password*] -# -# [*keystone_project_domain_name*] -# Specifies the project domain of Keystone account for "password" auth_plugin. -# Defaults to 'Default'. -# -# [*keystone_user_domain_id*] -# (Optional) Domain ID of the principal if the principal has a domain. -# Defaults to: 'default'. -# -# [*keystone_user_domain_name*] -# Defaults to 'Default'. -# -# [*keystone_project_domain_id*] -# (Optional) Domain ID of the scoped project if auth is project-scoped. -# Defaults to: 'default'. -# -# [*keystone_ec2_uri*] -# -# [*database_connection*] -# (optional) Connection url for the heat database. -# Defaults to undef. -# -# [*database_max_retries*] -# (optional) Maximum database connection retries during startup. -# Defaults to undef. -# -# [*database_idle_timeout*] -# (optional) Timeout before idle database connections are reaped. -# Defaults to undef. -# -# [*database_retry_interval*] -# (optional) Interval between retries of opening a database connection. -# Defaults to undef. -# -# [*database_min_pool_size*] -# (optional) Minimum number of SQL connections to keep open in a pool. -# Defaults to undef. -# -# [*database_max_pool_size*] -# (optional) Maximum number of SQL connections to keep open in a pool. -# Defaults to undef. -# -# [*database_max_overflow*] -# (optional) If set, use this value for max_overflow with sqlalchemy. -# Defaults to: undef. - -# [*use_syslog*] -# (Optional) Use syslog for logging. -# Defaults to undef. -# -# [*use_stderr*] -# (optional) Use stderr for logging -# Defaults to undef. -# -# [*log_facility*] -# (Optional) Syslog facility to receive log lines. -# Defaults to undef. -# -# [*flavor*] -# (optional) Specifies the Authentication method. -# Set to 'standalone' to get Heat to work with a remote OpenStack -# Tested versions include 0.9 and 2.2 -# Defaults to $::os_service_default. -# -# [*region_name*] -# (Optional) Region name for services. This is the -# default region name that heat talks to service endpoints on. -# Defaults to $::os_service_default. -# -# [*instance_user*] -# (Optional) The default user for new instances. Although heat claims that -# this feature is deprecated, it still sets the users to ec2-user if -# you leave this unset. If you want heat to not set instance_user to -# ec2-user, you need to set this to an empty string. This feature has been -# deprecated for some time and will likely be removed in L or M. -# -# [*enable_stack_adopt*] -# (Optional) Enable the stack-adopt feature. -# Defaults to $::os_service_default. -# -# [*enable_stack_abandon*] -# (Optional) Enable the stack-abandon feature. -# Defaults to $::os_service_default. -# -# [*sync_db*] -# (Optional) Run db sync on nodes after connection setting has been set. -# Defaults to true -# -# [*heat_clients_url*] -# (optional) Heat url in format like http://0.0.0.0:8004/v1/%(tenant_id)s. -# Defaults to $::os_service_default. -# -# === Deprecated Parameters -# -# [*mysql_module*] -# Deprecated. Does nothing. -# -# [*sql_connection*] -# Deprecated. Use database_connection instead. -# -# [*qpid_hostname*] -# -# [*qpid_port*] -# -# [*qpid_username*] -# -# [*qpid_password*] -# -# [*qpid_heartbeat*] -# -# [*qpid_protocol*] -# -# [*qpid_tcp_nodelay*] -# -# [*qpid_reconnect*] -# -# [*qpid_reconnect_timeout*] -# -# [*qpid_reconnect_limit*] -# -# [*qpid_reconnect_interval*] -# -# [*qpid_reconnect_interval_min*] -# -# [*qpid_reconnect_interval_max*] -# -class heat( - $auth_uri = 'http://127.0.0.1:5000/', - $identity_uri = 'http://127.0.0.1:35357/', - $package_ensure = 'present', - $verbose = undef, - $debug = undef, - $log_dir = undef, - $auth_plugin = undef, - $keystone_user = 'heat', - $keystone_tenant = 'services', - $keystone_password = false, - $keystone_ec2_uri = 'http://127.0.0.1:5000/v2.0/ec2tokens', - $keystone_project_domain_id = 'default', - $keystone_project_domain_name = 'Default', - $keystone_user_domain_id = 'default', - $keystone_user_domain_name = 'Default', - $rpc_backend = $::os_service_default, - $rpc_response_timeout = $::os_service_default, - $rabbit_host = $::os_service_default, - $rabbit_port = $::os_service_default, - $rabbit_hosts = $::os_service_default, - $rabbit_userid = $::os_service_default, - $rabbit_password = $::os_service_default, - $rabbit_virtual_host = $::os_service_default, - $rabbit_ha_queues = $::os_service_default, - $rabbit_heartbeat_timeout_threshold = 0, - $rabbit_heartbeat_rate = $::os_service_default, - $rabbit_use_ssl = $::os_service_default, - $kombu_ssl_ca_certs = $::os_service_default, - $kombu_ssl_certfile = $::os_service_default, - $kombu_ssl_keyfile = $::os_service_default, - $kombu_ssl_version = $::os_service_default, - $amqp_durable_queues = $::os_service_default, - $use_syslog = undef, - $use_stderr = undef, - $log_facility = undef, - $database_connection = undef, - $database_max_retries = undef, - $database_idle_timeout = undef, - $database_retry_interval = undef, - $database_min_pool_size = undef, - $database_max_pool_size = undef, - $database_max_overflow = undef, - $flavor = $::os_service_default, - $region_name = $::os_service_default, - $enable_stack_adopt = $::os_service_default, - $enable_stack_abandon = $::os_service_default, - $sync_db = undef, - $max_template_size = $::os_service_default, - $max_json_body_size = $::os_service_default, - $notification_driver = $::os_service_default, - $heat_clients_url = $::os_service_default, - # Deprecated parameters - $mysql_module = undef, - $sql_connection = undef, - $instance_user = undef, - $qpid_hostname = undef, - $qpid_port = undef, - $qpid_username = undef, - $qpid_password = undef, - $qpid_heartbeat = undef, - $qpid_protocol = undef, - $qpid_tcp_nodelay = undef, - $qpid_reconnect = undef, - $qpid_reconnect_timeout = undef, - $qpid_reconnect_limit = undef, - $qpid_reconnect_interval_min = undef, - $qpid_reconnect_interval_max = undef, - $qpid_reconnect_interval = undef, -) { - - include ::heat::logging - include ::heat::db - include ::heat::deps - include ::heat::params - - if !$rabbit_use_ssl or is_service_default(rabbit_use_ssl) { - if !is_service_default($kombu_ssl_ca_certs) { - fail('The kombu_ssl_ca_certs parameter requires rabbit_use_ssl to be set to true') - } - if !is_service_default($kombu_ssl_certfile) { - fail('The kombu_ssl_certfile parameter requires rabbit_use_ssl to be set to true') - } - if !is_service_default($kombu_ssl_keyfile) { - fail('The kombu_ssl_keyfile parameter requires rabbit_use_ssl to be set to true') - } - } - if ((!is_service_default($kombu_ssl_certfile)) and is_service_default($kombu_ssl_keyfile)) - or ((!is_service_default($kombu_ssl_keyfile)) and is_service_default($kombu_ssl_certfile)) { - fail('The kombu_ssl_certfile and kombu_ssl_keyfile parameters must be used together') - } - if $mysql_module { - warning('The mysql_module parameter is deprecated. The latest 2.x mysql module will be used.') - } - - package { 'heat-common': - ensure => $package_ensure, - name => $::heat::params::common_package_name, - tag => ['openstack', 'heat-package'], - } - - if $rpc_backend == 'rabbit' or is_service_default($rpc_backend) { - - if ! is_service_default($rabbit_hosts) and $rabbit_hosts { - heat_config { - 'oslo_messaging_rabbit/rabbit_hosts': value => join(any2array($rabbit_hosts), ','); - 'oslo_messaging_rabbit/rabbit_host': ensure => absent; - 'oslo_messaging_rabbit/rabbit_port': ensure => absent; - } - if size($rabbit_hosts) > 1 and is_service_default($rabbit_ha_queues) { - heat_config { - 'oslo_messaging_rabbit/rabbit_ha_queues': value => true; - } - } else { - heat_config { - 'oslo_messaging_rabbit/rabbit_ha_queues': value => $rabbit_ha_queues; - } - } - } else { - heat_config { - 'oslo_messaging_rabbit/rabbit_host': value => $rabbit_host; - 'oslo_messaging_rabbit/rabbit_port': value => $rabbit_port; - 'oslo_messaging_rabbit/rabbit_hosts': ensure => absent; - 'oslo_messaging_rabbit/rabbit_ha_queues': value => $rabbit_ha_queues; - } - } - if $rabbit_heartbeat_timeout_threshold == 0 { - warning('Default value for rabbit_heartbeat_timeout_threshold parameter is different from OpenStack project defaults') - } - heat_config { - 'oslo_messaging_rabbit/rabbit_userid': value => $rabbit_userid; - 'oslo_messaging_rabbit/rabbit_password': value => $rabbit_password, secret => true; - 'oslo_messaging_rabbit/rabbit_virtual_host': value => $rabbit_virtual_host; - 'oslo_messaging_rabbit/heartbeat_timeout_threshold': value => $rabbit_heartbeat_timeout_threshold; - 'oslo_messaging_rabbit/heartbeat_rate': value => $rabbit_heartbeat_rate; - 'oslo_messaging_rabbit/rabbit_use_ssl': value => $rabbit_use_ssl; - 'oslo_messaging_rabbit/amqp_durable_queues': value => $amqp_durable_queues; - 'oslo_messaging_rabbit/kombu_ssl_ca_certs': value => $kombu_ssl_ca_certs; - 'oslo_messaging_rabbit/kombu_ssl_certfile': value => $kombu_ssl_certfile; - 'oslo_messaging_rabbit/kombu_ssl_keyfile': value => $kombu_ssl_keyfile; - 'oslo_messaging_rabbit/kombu_ssl_version': value => $kombu_ssl_version; - } - - } - - if $rpc_backend == 'qpid' { - warning('Qpid driver is removed from Oslo.messaging in the Mitaka release') - } - - if $auth_plugin { - if $auth_plugin == 'password' { - heat_config { - 'keystone_authtoken/auth_url': value => $identity_uri; - 'keystone_authtoken/auth_plugin': value => $auth_plugin; - 'keystone_authtoken/username': value => $keystone_user; - 'keystone_authtoken/password': value => $keystone_password, secret => true; - 'keystone_authtoken/user_domain_id': value => $keystone_user_domain_id; - 'keystone_authtoken/project_name': value => $keystone_tenant; - 'keystone_authtoken/project_domain_id': value => $keystone_project_domain_id; - } - } else { - fail('Currently only "password" auth_plugin is supported.') - } - } else { - warning('"admin_user", "admin_password", "admin_tenant_name" configuration options are deprecated in favor of auth_plugin and related options') - heat_config { - 'keystone_authtoken/auth_uri': value => $auth_uri; - 'keystone_authtoken/identity_uri': value => $identity_uri; - 'keystone_authtoken/admin_tenant_name': value => $keystone_tenant; - 'keystone_authtoken/admin_user': value => $keystone_user; - 'keystone_authtoken/admin_password': value => $keystone_password, secret => true; - } - } - - heat_config { - 'trustee/auth_plugin': value => 'password'; - 'trustee/auth_url': value => $identity_uri; - 'trustee/username': value => $keystone_user; - 'trustee/password': value => $keystone_password, secret => true; - 'trustee/project_domain_id': value => $keystone_project_domain_id; - 'trustee/user_domain_id': value => $keystone_user_domain_id; - - 'clients_keystone/auth_uri': value => $identity_uri; - 'clients_heat/url': value => $heat_clients_url; - } - - if (!is_service_default($enable_stack_adopt)) { - validate_bool($enable_stack_adopt) - } - - if (!is_service_default($enable_stack_abandon)) { - validate_bool($enable_stack_abandon) - } - - heat_config { - 'DEFAULT/rpc_backend': value => $rpc_backend; - 'DEFAULT/rpc_response_timeout': value => $rpc_response_timeout; - 'DEFAULT/max_template_size': value => $max_template_size; - 'DEFAULT/max_json_body_size': value => $max_json_body_size; - 'DEFAULT/notification_driver': value => $notification_driver; - 'DEFAULT/region_name_for_services': value => $region_name; - 'DEFAULT/enable_stack_abandon': value => $enable_stack_abandon; - 'DEFAULT/enable_stack_adopt': value => $enable_stack_adopt; - 'ec2authtoken/auth_uri': value => $keystone_ec2_uri; - 'paste_deploy/flavor': value => $flavor; - } - - # instance_user - # special case for empty string since it's a valid value - if $instance_user == '' { - heat_config { 'DEFAULT/instance_user': value => ''; } - } elsif $instance_user { - heat_config { 'DEFAULT/instance_user': value => $instance_user; } - } else { - heat_config { 'DEFAULT/instance_user': ensure => absent; } - } - -} diff --git a/heat/manifests/keystone/auth.pp b/heat/manifests/keystone/auth.pp deleted file mode 100644 index 7e819af1e..000000000 --- a/heat/manifests/keystone/auth.pp +++ /dev/null @@ -1,275 +0,0 @@ -# == Class: heat::keystone::auth -# -# Configures heat user, service and endpoint in Keystone. -# -# === Parameters -# [*password*] -# (Required) Password for heat user. -# -# [*email*] -# (Optional) Email for heat user. -# Defaults to 'heat@localhost'. -# -# [*auth_name*] -# (Optional) Username for heat service. -# Defaults to 'heat'. -# -# [*configure_endpoint*] -# (Optional) Should heat endpoint be configured? -# Defaults to 'true'. -# -# [*configure_service*] -# (Optional) Should heat service be configured? -# Defaults to 'true'. -# -# [*configure_user*] -# (Optional) Whether to create the service user. -# Defaults to 'true'. -# -# [*configure_user_role*] -# (Optional) Whether to configure the admin role for the service user. -# Defaults to 'true'. -# -# [*service_name*] -# (Optional) Name of the service. -# Defaults to the value of auth_name. -# -# [*service_type*] -# (Optional) Type of service. -# Defaults to 'orchestration'. -# -# [*service_description*] -# (Optional) Description for keystone service. -# Defaults to 'Openstack Orchestration Service'. -# -# [*region*] -# (Optional) Region for endpoint. -# Defaults to 'RegionOne'. -# -# [*tenant*] -# (Optional) Tenant for heat user. -# Defaults to 'services'. -# -# [*trusts_delegated_roles*] -# (optional) Array of trustor roles to be delegated to heat. -# Defaults to ['heat_stack_owner'] -# -# [*configure_delegated_roles*] -# (optional) Whether to configure the delegated roles. -# Defaults to false until the deprecated parameters in heat::engine -# are removed after Kilo. -# -# [*public_url*] -# (optional) The endpoint's public url. (Defaults to 'http://127.0.0.1:8004/v1/%(tenant_id)s') -# This url should *not* contain any trailing '/'. -# -# [*admin_url*] -# (optional) The endpoint's admin url. (Defaults to 'http://127.0.0.1:8004/v1/%(tenant_id)s') -# This url should *not* contain any trailing '/'. -# -# [*internal_url*] -# (optional) The endpoint's internal url. (Defaults to 'http://127.0.0.1:8004/v1/%(tenant_id)s') -# This url should *not* contain any trailing '/'. -# -# [*version*] -# (optional) DEPRECATED: Use public_url, internal_url and admin_url instead. -# API version endpoint. (Defaults to 'v1') -# Setting this parameter overrides public_url, internal_url and admin_url parameters. -# -# [*port*] -# (optional) DEPRECATED: Use public_url, internal_url and admin_url instead. -# Default port for endpoints. (Defaults to 9001) -# Setting this parameter overrides public_url, internal_url and admin_url parameters. -# -# [*public_protocol*] -# (optional) DEPRECATED: Use public_url instead. -# Protocol for public endpoint. (Defaults to 'http') -# Setting this parameter overrides public_url parameter. -# -# [*public_address*] -# (optional) DEPRECATED: Use public_url instead. -# Public address for endpoint. (Defaults to '127.0.0.1') -# Setting this parameter overrides public_url parameter. -# -# [*internal_protocol*] -# (optional) DEPRECATED: Use internal_url instead. -# Protocol for internal endpoint. (Defaults to 'http') -# Setting this parameter overrides internal_url parameter. -# -# [*internal_address*] -# (optional) DEPRECATED: Use internal_url instead. -# Internal address for endpoint. (Defaults to '127.0.0.1') -# Setting this parameter overrides internal_url parameter. -# -# [*admin_protocol*] -# (optional) DEPRECATED: Use admin_url instead. -# Protocol for admin endpoint. (Defaults to 'http') -# Setting this parameter overrides admin_url parameter. -# -# [*admin_address*] -# (optional) DEPRECATED: Use admin_url instead. -# Admin address for endpoint. (Defaults to '127.0.0.1') -# Setting this parameter overrides admin_url parameter. -# -# [*heat_stack_user_role*] -# (optional) Keystone role for heat template-defined users. -# In this context this will create the role for the heat_stack_user. -# It will not set the value in the config file, if you want to do -# that you must set heat::engine::heat_stack_user_role. Generally -# these should be set to the same value. -# Defaults to 'heat_stack_user' - -# [*manage_heat_stack_user_role*] -# (optional) If true, this will manage the Keystone role for -# $heat_stack_user_role. -# Defaults to true -# -# === Deprecation notes -# -# If any value is provided for public_protocol, public_address or port parameters, -# public_url will be completely ignored. The same applies for internal and admin parameters. -# -# === Examples -# -# class { 'heat::keystone::auth': -# public_url => 'https://10.0.0.10:8004/v1/%(tenant_id)s', -# internal_url => 'https://10.0.0.11:8004/v1/%(tenant_id)s', -# admin_url => 'https://10.0.0.11:8004/v1/%(tenant_id)s', -# } -# -class heat::keystone::auth ( - $password = false, - $email = 'heat@localhost', - $auth_name = 'heat', - $service_name = undef, - $service_type = 'orchestration', - $service_description = 'Openstack Orchestration Service', - $region = 'RegionOne', - $tenant = 'services', - $configure_endpoint = true, - $configure_service = true, - $configure_user = true, - $configure_user_role = true, - $trusts_delegated_roles = ['heat_stack_owner'], - $configure_delegated_roles = false, - $public_url = 'http://127.0.0.1:8004/v1/%(tenant_id)s', - $admin_url = 'http://127.0.0.1:8004/v1/%(tenant_id)s', - $internal_url = 'http://127.0.0.1:8004/v1/%(tenant_id)s', - $heat_stack_user_role = 'heat_stack_user', - $manage_heat_stack_user_role = true, - # DEPRECATED PARAMETERS - $version = undef, - $port = undef, - $public_protocol = undef, - $public_address = undef, - $internal_protocol = undef, - $internal_address = undef, - $admin_protocol = undef, - $admin_address = undef, -) { - - include ::heat::deps - - validate_string($password) - - if $version { - warning('The version parameter is deprecated, use public_url, internal_url and admin_url instead.') - } - - if $port { - warning('The port parameter is deprecated, use public_url, internal_url and admin_url instead.') - } - - if $public_protocol { - warning('The public_protocol parameter is deprecated, use public_url instead.') - } - - if $internal_protocol { - warning('The internal_protocol parameter is deprecated, use internal_url instead.') - } - - if $admin_protocol { - warning('The admin_protocol parameter is deprecated, use admin_url instead.') - } - - if $public_address { - warning('The public_address parameter is deprecated, use public_url instead.') - } - - if $internal_address { - warning('The internal_address parameter is deprecated, use internal_url instead.') - } - - if $admin_address { - warning('The admin_address parameter is deprecated, use admin_url instead.') - } - - if ($public_protocol or $public_address or $port or $version) { - $public_url_real = sprintf('%s://%s:%s/%s/%%(tenant_id)s', - pick($public_protocol, 'http'), - pick($public_address, '127.0.0.1'), - pick($port, '8004'), - pick($version, 'v1')) - } else { - $public_url_real = $public_url - } - - if ($admin_protocol or $admin_address or $port or $version) { - $admin_url_real = sprintf('%s://%s:%s/%s/%%(tenant_id)s', - pick($admin_protocol, 'http'), - pick($admin_address, '127.0.0.1'), - pick($port, '8004'), - pick($version, 'v1')) - } else { - $admin_url_real = $admin_url - } - - if ($internal_protocol or $internal_address or $port or $version) { - $internal_url_real = sprintf('%s://%s:%s/%s/%%(tenant_id)s', - pick($internal_protocol, 'http'), - pick($internal_address, '127.0.0.1'), - pick($port, '8004'), - pick($version, 'v1')) - } else { - $internal_url_real = $internal_url - } - - $real_service_name = pick($service_name, $auth_name) - - keystone::resource::service_identity { $auth_name: - configure_user => $configure_user, - configure_user_role => $configure_user_role, - configure_endpoint => $configure_endpoint, - configure_service => $configure_service, - service_type => $service_type, - service_description => $service_description, - service_name => $real_service_name, - region => $region, - password => $password, - email => $email, - tenant => $tenant, - public_url => $public_url_real, - admin_url => $admin_url_real, - internal_url => $internal_url_real, - } - - if $configure_user_role { - Keystone_user_role["${auth_name}@${tenant}"] ~> - Service <| name == 'heat-api' |> - } - - if $manage_heat_stack_user_role { - keystone_role { $heat_stack_user_role: - ensure => present, - } - } - - if $configure_delegated_roles { - # if this is a keystone only node, we configure the role here - # but let engine.pp set the config file. A keystone only node - # will not have a heat.conf file. - keystone_role { $trusts_delegated_roles: - ensure => present, - } - } -} diff --git a/heat/manifests/keystone/auth_cfn.pp b/heat/manifests/keystone/auth_cfn.pp deleted file mode 100644 index 3414a7f10..000000000 --- a/heat/manifests/keystone/auth_cfn.pp +++ /dev/null @@ -1,230 +0,0 @@ -# == Class: heat::keystone::auth_cfn -# -# Configures heat-api-cfn user, service and endpoint in Keystone. -# -# === Parameters -# [*password*] -# (Mandatory) Password for heat-cfn user. -# -# [*email*] -# (Optional) Email for heat-cfn user. -# Defaults to 'heat@localhost'. -# -# [*auth_name*] -# (Optional) Username for heat-cfn service. -# Defaults to 'heat'. -# -# [*configure_endpoint*] -# (Optional) Should heat-cfn endpoint be configured? -# Defaults to 'true'. -# -# [*configure_service*] -# (Optional) Should heat-cfn service be configured? -# Defaults to 'true'. -# -# [*configure_user*] -# (Optional) Whether to create the service user. -# Defaults to 'true'. -# -# [*configure_user_role*] -# (Optional) Whether to configure the admin role for the service user. -# Defaults to 'true'. -# -# [*service_name*] -# (Optional) Name of the service. -# Defaults to the value of auth_name. -# -# [*service_type*] -# (Optional) Type of service. -# Defaults to 'cloudformation'. - -# [*region*] -# (Optional) Region for endpoint. -# Defaults to 'RegionOne'. -# -# [*tenant*] -# (Optional) Tenant for heat-cfn user. -# Defaults to 'services'. -# -# [*public_url*] -# (optional) The endpoint's public url. (Defaults to 'http://127.0.0.1:8000/v1') -# This url should *not* contain any trailing '/'. -# -# [*admin_url*] -# (optional) The endpoint's admin url. (Defaults to 'http://127.0.0.1:8000/v1') -# This url should *not* contain any trailing '/'. -# -# [*internal_url*] -# (optional) The endpoint's internal url. (Defaults to 'http://127.0.0.1:8000/v1') -# This url should *not* contain any trailing '/'. -# -# [*version*] -# (optional) DEPRECATED: Use public_url, internal_url and admin_url instead. -# API version endpoint. (Defaults to 'v1') -# Setting this parameter overrides public_url, internal_url and admin_url parameters. -# -# [*port*] -# (optional) DEPRECATED: Use public_url, internal_url and admin_url instead. -# Default port for endpoints. (Defaults to 8000) -# Setting this parameter overrides public_url, internal_url and admin_url parameters. -# -# [*public_protocol*] -# (optional) DEPRECATED: Use public_url instead. -# Protocol for public endpoint. (Defaults to 'http') -# Setting this parameter overrides public_url parameter. -# -# [*public_address*] -# (optional) DEPRECATED: Use public_url instead. -# Public address for endpoint. (Defaults to '127.0.0.1') -# Setting this parameter overrides public_url parameter. -# -# [*internal_protocol*] -# (optional) DEPRECATED: Use internal_url instead. -# Protocol for internal endpoint. (Defaults to 'http') -# Setting this parameter overrides internal_url parameter. -# -# [*internal_address*] -# (optional) DEPRECATED: Use internal_url instead. -# Internal address for endpoint. (Defaults to '127.0.0.1') -# Setting this parameter overrides internal_url parameter. -# -# [*admin_protocol*] -# (optional) DEPRECATED: Use admin_url instead. -# Protocol for admin endpoint. (Defaults to 'http') -# Setting this parameter overrides admin_url parameter. -# -# [*admin_address*] -# (optional) DEPRECATED: Use admin_url instead. -# Admin address for endpoint. (Defaults to '127.0.0.1') -# Setting this parameter overrides admin_url parameter. -# -# === Deprecation notes -# -# If any value is provided for public_protocol, public_address or port parameters, -# public_url will be completely ignored. The same applies for internal and admin parameters. -# -# === Examples -# -# class { 'heat::keystone::auth_cfn': -# public_url => 'https://10.0.0.10:8000/v1', -# internal_url => 'https://10.0.0.11:8000/v1', -# admin_url => 'https://10.0.0.11:8000/v1', -# } -# -class heat::keystone::auth_cfn ( - $password = false, - $email = 'heat-cfn@localhost', - $auth_name = 'heat-cfn', - $service_name = undef, - $service_type = 'cloudformation', - $region = 'RegionOne', - $tenant = 'services', - $configure_endpoint = true, - $configure_service = true, - $configure_user = true, - $configure_user_role = true, - $public_url = 'http://127.0.0.1:8000/v1', - $admin_url = 'http://127.0.0.1:8000/v1', - $internal_url = 'http://127.0.0.1:8000/v1', - # DEPRECATED PARAMETERS - $version = undef, - $port = undef, - $public_protocol = undef, - $public_address = undef, - $internal_protocol = undef, - $internal_address = undef, - $admin_protocol = undef, - $admin_address = undef, -) { - - include ::heat::deps - - validate_string($password) - - if $version { - warning('The version parameter is deprecated, use public_url, internal_url and admin_url instead.') - } - - if $port { - warning('The port parameter is deprecated, use public_url, internal_url and admin_url instead.') - } - - if $public_protocol { - warning('The public_protocol parameter is deprecated, use public_url instead.') - } - - if $internal_protocol { - warning('The internal_protocol parameter is deprecated, use internal_url instead.') - } - - if $admin_protocol { - warning('The admin_protocol parameter is deprecated, use admin_url instead.') - } - - if $public_address { - warning('The public_address parameter is deprecated, use public_url instead.') - } - - if $internal_address { - warning('The internal_address parameter is deprecated, use internal_url instead.') - } - - if $admin_address { - warning('The admin_address parameter is deprecated, use admin_url instead.') - } - - if ($public_protocol or $public_address or $port or $version) { - $public_url_real = sprintf('%s://%s:%s/%s', - pick($public_protocol, 'http'), - pick($public_address, '127.0.0.1'), - pick($port, '8000'), - pick($version, 'v1')) - } else { - $public_url_real = $public_url - } - - if ($admin_protocol or $admin_address or $port or $version) { - $admin_url_real = sprintf('%s://%s:%s/%s', - pick($admin_protocol, 'http'), - pick($admin_address, '127.0.0.1'), - pick($port, '8000'), - pick($version, 'v1')) - } else { - $admin_url_real = $admin_url - } - - if ($internal_protocol or $internal_address or $port or $version) { - $internal_url_real = sprintf('%s://%s:%s/%s', - pick($internal_protocol, 'http'), - pick($internal_address, '127.0.0.1'), - pick($port, '8000'), - pick($version, 'v1')) - } else { - $internal_url_real = $internal_url - } - - $real_service_name = pick($service_name, $auth_name) - - keystone::resource::service_identity { $auth_name: - configure_user => $configure_user, - configure_user_role => $configure_user_role, - configure_endpoint => $configure_endpoint, - configure_service => $configure_service, - service_type => $service_type, - service_description => 'Openstack Cloudformation Service', - service_name => $real_service_name, - region => $region, - password => $password, - email => $email, - tenant => $tenant, - public_url => $public_url_real, - admin_url => $admin_url_real, - internal_url => $internal_url_real, - } - - if $configure_user_role { - Keystone_user_role["${auth_name}@${tenant}"] ~> - Service <| name == 'heat-api-cfn' |> - } - -} diff --git a/heat/manifests/keystone/domain.pp b/heat/manifests/keystone/domain.pp deleted file mode 100644 index b67e2b0b4..000000000 --- a/heat/manifests/keystone/domain.pp +++ /dev/null @@ -1,103 +0,0 @@ -# == Class: heat::keystone::domain -# -# Configures Heat domain in Keystone. -# -# === Parameters -# -# [*domain_name*] -# Heat domain name. Defaults to 'heat'. -# -# [*domain_admin*] -# Keystone domain admin user which will be created. Defaults to 'heat_admin'. -# -# [*domain_admin_email*] -# Keystone domain admin user email address. Defaults to 'heat_admin@localhost'. -# -# [*domain_password*] -# Keystone domain admin user password. Defaults to 'changeme'. -# -# [*manage_domain*] -# Whether manage or not the domain creation. -# If using the default domain, it needs to be False because puppet-keystone -# can already manage it. -# Defaults to 'true'. -# -# [*manage_user*] -# Whether manage or not the user creation. -# Defaults to 'true'. -# -# [*manage_role*] -# Whether manage or not the user role creation. -# Defaults to 'true'. -# -# === Deprecated Parameters -# -# [*auth_url*] -# Keystone auth url -# -# [*keystone_admin*] -# Keystone admin user -# -# [*keystone_password*] -# Keystone admin password -# -# [*keystone_tenant*] -# Keystone admin tenant name -# -class heat::keystone::domain ( - $domain_name = 'heat', - $domain_admin = 'heat_admin', - $domain_admin_email = 'heat_admin@localhost', - $domain_password = 'changeme', - $manage_domain = true, - $manage_user = true, - $manage_role = true, - # DEPRECATED PARAMETERS - $auth_url = undef, - $keystone_admin = undef, - $keystone_password = undef, - $keystone_tenant = undef, -) { - - include ::heat::deps - include ::heat::params - - if $auth_url { - warning('The auth_url parameter is deprecated and will be removed in future releases') - } - if $keystone_admin { - warning('The keystone_admin parameter is deprecated and will be removed in future releases') - } - if $keystone_password { - warning('The keystone_password parameter is deprecated and will be removed in future releases') - } - if $keystone_tenant { - warning('The keystone_tenant parameter is deprecated and will be removed in future releases') - } - - if $manage_domain { - ensure_resource('keystone_domain', $domain_name, { - 'ensure' => 'present', - 'enabled' => true, - }) - } - if $manage_user { - ensure_resource('keystone_user', "${domain_admin}::${domain_name}", { - 'ensure' => 'present', - 'enabled' => true, - 'email' => $domain_admin_email, - 'password' => $domain_password, - }) - } - if $manage_role { - ensure_resource('keystone_user_role', "${domain_admin}::${domain_name}@::${domain_name}", { - 'roles' => ['admin'], - }) - } - - heat_config { - 'DEFAULT/stack_domain_admin': value => $domain_admin; - 'DEFAULT/stack_domain_admin_password': value => $domain_password, secret => true; - 'DEFAULT/stack_user_domain_name': value => $domain_name; - } -} diff --git a/heat/manifests/logging.pp b/heat/manifests/logging.pp deleted file mode 100644 index 8efa890b1..000000000 --- a/heat/manifests/logging.pp +++ /dev/null @@ -1,150 +0,0 @@ -# == Class heat::logging -# -# heat extended logging configuration -# -# === Parameters -# -# [*verbose*] -# (Optional) Should the daemons log verbose messages. -# Defaults to $::os_service_default. -# -# [*debug*] -# (Optional) Should the daemons log debug messages. -# Defaults to $::os_service_default. -# -# [*use_syslog*] -# (Optional) Use syslog for logging. -# Defaults to $::os_service_default. -# -# [*use_stderr*] -# (optional) Use stderr for logging. -# Defaults to $::os_service_default. -# -# [*log_facility*] -# (Optional) Syslog facility to receive log lines. -# Defaults to $::os_service_default. -# -# [*log_dir*] -# (optional) Directory where logs should be stored. -# If set to boolean false, it will not log to any directory. -# Defaults to '/var/log/heat' -# -# [*logging_context_format_string*] -# (optional) Format string to use for log messages with context. -# Defaults to $::os_service_default -# Example: '%(asctime)s.%(msecs)03d %(process)d %(levelname)s %(name)s\ -# [%(request_id)s %(user_identity)s] %(instance)s%(message)s' -# -# [*logging_default_format_string*] -# (optional) Format string to use for log messages without context. -# Defaults to $::os_service_default. -# Example: '%(asctime)s.%(msecs)03d %(process)d %(levelname)s %(name)s\ -# [-] %(instance)s%(message)s' -# -# [*logging_debug_format_suffix*] -# (optional) Formatted data to append to log format when level is DEBUG. -# Defaults to $::os_service_default. -# Example: '%(funcName)s %(pathname)s:%(lineno)d' -# -# [*logging_exception_prefix*] -# (optional) Prefix each line of exception output with this format. -# Defaults to $::os_service_default. -# Example: '%(asctime)s.%(msecs)03d %(process)d TRACE %(name)s %(instance)s' -# -# [*log_config_append*] -# The name of an additional logging configuration file. -# Defaults to $::os_service_default. -# See https://docs.python.org/2/howto/logging.html -# -# [*default_log_levels*] -# (optional) Hash of logger (keys) and level (values) pairs. -# Defaults to $::os_service_default. -# Example: -# {'amqp' => 'WARN', 'amqplib' => 'WARN', 'boto' => 'WARN', -# 'qpid' => 'WARN', 'sqlalchemy' => 'WARN', 'suds' => 'INFO', -# 'iso8601' => 'WARN', -# 'requests.packages.urllib3.connectionpool' => 'WARN' } -# -# [*publish_errors*] -# (optional) Publish error events (boolean value). -# Defaults to $::os_service_default. -# -# [*fatal_deprecations*] -# (optional) Make deprecations fatal (boolean value). -# Defaults to $::os_service_default. -# -# [*instance_format*] -# (optional) If an instance is passed with the log message, format it -# like this (string value). -# Defaults to $::os_service_default. -# Example: '[instance: %(uuid)s] ' -# -# [*instance_uuid_format*] -# (optional) If an instance UUID is passed with the log message, format -# It like this (string value). -# Defaults to $::os_service_default. -# Example: instance_uuid_format='[instance: %(uuid)s] ' - -# [*log_date_format*] -# (optional) Format string for %%(asctime)s in log records. -# Defaults to $::os_service_default. -# Example: 'Y-%m-%d %H:%M:%S' -# -class heat::logging( - $use_syslog = $::os_service_default, - $use_stderr = $::os_service_default, - $log_facility = $::os_service_default, - $log_dir = '/var/log/heat', - $verbose = $::os_service_default, - $debug = $::os_service_default, - $logging_context_format_string = $::os_service_default, - $logging_default_format_string = $::os_service_default, - $logging_debug_format_suffix = $::os_service_default, - $logging_exception_prefix = $::os_service_default, - $log_config_append = $::os_service_default, - $default_log_levels = $::os_service_default, - $publish_errors = $::os_service_default, - $fatal_deprecations = $::os_service_default, - $instance_format = $::os_service_default, - $instance_uuid_format = $::os_service_default, - $log_date_format = $::os_service_default, -) { - - include ::heat::deps - - # NOTE(spredzy): In order to keep backward compatibility we rely on the pick function - # to use heat:: first then heat::logging::. - $use_syslog_real = pick($::heat::use_syslog,$use_syslog) - $use_stderr_real = pick($::heat::use_stderr,$use_stderr) - $log_facility_real = pick($::heat::log_facility,$log_facility) - $log_dir_real = pick($::heat::log_dir,$log_dir) - $verbose_real = pick($::heat::verbose,$verbose) - $debug_real = pick($::heat::debug,$debug) - - if is_service_default($default_log_levels) { - $default_log_levels_real = $default_log_levels - } else { - $default_log_levels_real = join(sort(join_keys_to_values($default_log_levels, '=')), ',') - } - - heat_config { - 'DEFAULT/debug': value => $debug_real; - 'DEFAULT/verbose': value => $verbose_real; - 'DEFAULT/use_stderr': value => $use_stderr_real; - 'DEFAULT/use_syslog': value => $use_syslog_real; - 'DEFAULT/log_dir': value => $log_dir_real; - 'DEFAULT/syslog_log_facility': value => $log_facility_real; - 'DEFAULT/default_log_levels': value => $default_log_levels_real; - 'DEFAULT/logging_context_format_string': value => $logging_context_format_string; - 'DEFAULT/logging_default_format_string': value => $logging_default_format_string; - 'DEFAULT/logging_debug_format_suffix': value => $logging_debug_format_suffix; - 'DEFAULT/logging_exception_prefix': value => $logging_exception_prefix; - 'DEFAULT/log_config_append': value => $log_config_append; - 'DEFAULT/publish_errors': value => $publish_errors; - 'DEFAULT/fatal_deprecations': value => $fatal_deprecations; - 'DEFAULT/instance_format': value => $instance_format; - 'DEFAULT/instance_uuid_format': value => $instance_uuid_format; - 'DEFAULT/log_date_format': value => $log_date_format; - } - -} diff --git a/heat/manifests/params.pp b/heat/manifests/params.pp deleted file mode 100644 index 6e5c026b0..000000000 --- a/heat/manifests/params.pp +++ /dev/null @@ -1,55 +0,0 @@ -# == Class: heat::params -# -# Parameters for puppet-heat -# -class heat::params { - - case $::osfamily { - 'RedHat': { - # package names - $api_package_name = 'openstack-heat-api' - $api_cloudwatch_package_name = 'openstack-heat-api-cloudwatch' - $api_cfn_package_name = 'openstack-heat-api-cfn' - $engine_package_name = 'openstack-heat-engine' - $client_package_name = 'python-heatclient' - $common_package_name = 'openstack-heat-common' - $sqlite_package_name = undef - $pymysql_package_name = undef - # service names - $api_service_name = 'openstack-heat-api' - $api_cloudwatch_service_name = 'openstack-heat-api-cloudwatch' - $api_cfn_service_name = 'openstack-heat-api-cfn' - $engine_service_name = 'openstack-heat-engine' - } - 'Debian': { - # package names - $api_package_name = 'heat-api' - $api_cloudwatch_package_name = 'heat-api-cloudwatch' - $api_cfn_package_name = 'heat-api-cfn' - $engine_package_name = 'heat-engine' - $client_package_name = 'python-heatclient' - $common_package_name = 'heat-common' - $sqlite_package_name = 'python-pysqlite2' - $pymysql_package_name = 'python-pymysql' - # service names - $api_service_name = 'heat-api' - $api_cloudwatch_service_name = 'heat-api-cloudwatch' - $api_cfn_service_name = 'heat-api-cfn' - $engine_service_name = 'heat-engine' - # Operating system specific - case $::operatingsystem { - 'Ubuntu': { - $libvirt_group = 'libvirtd' - } - default: { - $libvirt_group = 'libvirt' - } - } - } - default: { - fail("Unsupported osfamily: ${::osfamily} operatingsystem: \ -${::operatingsystem}, module ${module_name} only support osfamily \ -RedHat and Debian") - } - } -} diff --git a/heat/manifests/policy.pp b/heat/manifests/policy.pp deleted file mode 100644 index 1f575d940..000000000 --- a/heat/manifests/policy.pp +++ /dev/null @@ -1,39 +0,0 @@ -# == Class: heat::policy -# -# Configure the heat policies -# -# == Parameters -# -# [*policies*] -# (optional) Set of policies to configure for heat. -# Defaults to empty hash. -# -# Example: -# { -# 'heat-context_is_admin' => {'context_is_admin' => 'true'}, -# 'heat-default' => {'default' => 'rule:admin_or_owner'} -# } -# -# [*policy_path*] -# (optional) Path to the heat policy.json file. -# Defaults to '/etc/heat/policy.json'. -# -class heat::policy ( - $policies = {}, - $policy_path = '/etc/heat/policy.json', -) { - - include ::heat::deps - - validate_hash($policies) - - Openstacklib::Policy::Base { - file_path => $policy_path, - } - - create_resources('openstacklib::policy::base', $policies) - - Anchor<| title == 'heat::config::start' |> - -> Class['heat::policy'] - ~> Anchor<| title == 'heat::config::end' |> -} diff --git a/heat/metadata.json b/heat/metadata.json deleted file mode 100644 index e4b106961..000000000 --- a/heat/metadata.json +++ /dev/null @@ -1,31 +0,0 @@ -{ - "name": "openstack-heat", - "version": "8.2.0", - "author": "eNovance and OpenStack Contributors", - "summary": "Puppet module for OpenStack Heat", - "license": "Apache-2.0", - "source": "git://github.com/openstack/puppet-heat.git", - "project_page": "https://launchpad.net/puppet-heat", - "issues_url": "https://bugs.launchpad.net/puppet-heat", - "requirements": [ - { "name": "pe", "version_requirement": ">= 3.2.0 <= 2016.1.0" }, - { "name": "puppet", "version_requirement": ">= 3.0.0 < 5.0.0" } - ], - "operatingsystem_support": [ - { - "operatingsystem": "RedHat", - "operatingsystemrelease": ["7"] - }, - { - "operatingsystem": "Ubuntu", - "operatingsystemrelease": ["14.04"] - } - ], - "description": "Installs and configures OpenStack Heat (Orchestration).", - "dependencies": [ - { "name": "puppetlabs/inifile", "version_requirement": ">=1.4.0 <2.0.0" }, - { "name": "openstack/keystone", "version_requirement": ">=8.2.0 <9.0.0" }, - { "name": "puppetlabs/stdlib", "version_requirement": ">=4.9.0 <5.0.0" }, - { "name": "openstack/openstacklib", "version_requirement": ">=8.2.0 <9.0.0" } - ] -} diff --git a/heat/releasenotes/notes/api_paste-b94e191896840944.yaml b/heat/releasenotes/notes/api_paste-b94e191896840944.yaml deleted file mode 100644 index 898bbc9dc..000000000 --- a/heat/releasenotes/notes/api_paste-b94e191896840944.yaml +++ /dev/null @@ -1,3 +0,0 @@ ---- -features: - - Add api_paste type/provider. diff --git a/heat/releasenotes/notes/crontab_purge-89f321e9cf966933.yaml b/heat/releasenotes/notes/crontab_purge-89f321e9cf966933.yaml deleted file mode 100644 index 89d82f61f..000000000 --- a/heat/releasenotes/notes/crontab_purge-89f321e9cf966933.yaml +++ /dev/null @@ -1,3 +0,0 @@ ---- -features: - - Implement crontab to purge deleted data using heat-manage purge_deleted tool. diff --git a/heat/releasenotes/notes/mitaka-dece9d43a565e6cb.yaml b/heat/releasenotes/notes/mitaka-dece9d43a565e6cb.yaml deleted file mode 100644 index 387bcb79c..000000000 --- a/heat/releasenotes/notes/mitaka-dece9d43a565e6cb.yaml +++ /dev/null @@ -1,3 +0,0 @@ ---- -prelude: > - This is the first Mitaka release for puppet-heat module. diff --git a/heat/releasenotes/notes/pymysql-e57bf1f0289dd426.yaml b/heat/releasenotes/notes/pymysql-e57bf1f0289dd426.yaml deleted file mode 100644 index 3556c0c8c..000000000 --- a/heat/releasenotes/notes/pymysql-e57bf1f0289dd426.yaml +++ /dev/null @@ -1,3 +0,0 @@ ---- -features: - - Support of PyMySQL driver for MySQL backend. diff --git a/heat/releasenotes/notes/remove_qpid-0b446db43fdea617.yaml b/heat/releasenotes/notes/remove_qpid-0b446db43fdea617.yaml deleted file mode 100644 index c59a436d3..000000000 --- a/heat/releasenotes/notes/remove_qpid-0b446db43fdea617.yaml +++ /dev/null @@ -1,5 +0,0 @@ ---- -deprecations: - - Remove QPID messaging support. - Qpid messaging driver is removed from oslo.messaging so we won't support - anymore. diff --git a/heat/releasenotes/notes/use-reno-1caaec4ba5aa4285.yaml b/heat/releasenotes/notes/use-reno-1caaec4ba5aa4285.yaml deleted file mode 100644 index 41cef2f11..000000000 --- a/heat/releasenotes/notes/use-reno-1caaec4ba5aa4285.yaml +++ /dev/null @@ -1,4 +0,0 @@ ---- -features: - - Release notes are no longer maintained by hand, we now use the reno tool to - manage them. diff --git a/heat/releasenotes/notes/versionless-auth-urls-08c741084b9a9040.yaml b/heat/releasenotes/notes/versionless-auth-urls-08c741084b9a9040.yaml deleted file mode 100644 index 1e0851794..000000000 --- a/heat/releasenotes/notes/versionless-auth-urls-08c741084b9a9040.yaml +++ /dev/null @@ -1,11 +0,0 @@ ---- -features: - - Configure "trustee" and "clients_keystone" sections. - Support auth_plugin and versionless auth urls. -upgrade: - - Removed deprecated options "keystone_host", - "keystone_port", "keystone_protocol". -deprecations: - - Deprecated "admin_user", "admin_password" and - "admin_tenant_name" options in favour of auth_plugin - auth method. diff --git a/heat/releasenotes/source/_static/.placeholder b/heat/releasenotes/source/_static/.placeholder deleted file mode 100644 index e69de29bb..000000000 diff --git a/heat/releasenotes/source/conf.py b/heat/releasenotes/source/conf.py deleted file mode 100644 index 948d439f5..000000000 --- a/heat/releasenotes/source/conf.py +++ /dev/null @@ -1,259 +0,0 @@ -# -*- coding: utf-8 -*- -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or -# implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -# If extensions (or modules to document with autodoc) are in another directory, -# add these directories to sys.path here. If the directory is relative to the -# documentation root, use os.path.abspath to make it absolute, like shown here. -#sys.path.insert(0, os.path.abspath('.')) - -# -- General configuration ------------------------------------------------ - -# If your documentation needs a minimal Sphinx version, state it here. -#needs_sphinx = '1.0' - -# Add any Sphinx extension module names here, as strings. They can be -# extensions coming with Sphinx (named 'sphinx.ext.*') or your custom -# ones. -extensions = [ - 'oslosphinx', - 'reno.sphinxext', -] - -# Add any paths that contain templates here, relative to this directory. -templates_path = ['_templates'] - -# The suffix of source filenames. -source_suffix = '.rst' - -# The encoding of source files. -#source_encoding = 'utf-8-sig' - -# The master toctree document. -master_doc = 'index' - -# General information about the project. -project = u'puppet-heat Release Notes' -copyright = u'2016, Puppet OpenStack Developers' - -# The version info for the project you're documenting, acts as replacement for -# |version| and |release|, also used in various other places throughout the -# built documents. -# -# The short X.Y version. -version = '8.2.0' -# The full version, including alpha/beta/rc tags. -release = '8.2.0' - -# The language for content autogenerated by Sphinx. Refer to documentation -# for a list of supported languages. -#language = None - -# There are two options for replacing |today|: either, you set today to some -# non-false value, then it is used: -#today = '' -# Else, today_fmt is used as the format for a strftime call. -#today_fmt = '%B %d, %Y' - -# List of patterns, relative to source directory, that match files and -# directories to ignore when looking for source files. -exclude_patterns = [] - -# The reST default role (used for this markup: `text`) to use for all -# documents. -#default_role = None - -# If true, '()' will be appended to :func: etc. cross-reference text. -#add_function_parentheses = True - -# If true, the current module name will be prepended to all description -# unit titles (such as .. function::). -#add_module_names = True - -# If true, sectionauthor and moduleauthor directives will be shown in the -# output. They are ignored by default. -#show_authors = False - -# The name of the Pygments (syntax highlighting) style to use. -pygments_style = 'sphinx' - -# A list of ignored prefixes for module index sorting. -#modindex_common_prefix = [] - -# If true, keep warnings as "system message" paragraphs in the built documents. -#keep_warnings = False - - -# -- Options for HTML output ---------------------------------------------- - -# The theme to use for HTML and HTML Help pages. See the documentation for -# a list of builtin themes. -html_theme = 'default' - -# Theme options are theme-specific and customize the look and feel of a theme -# further. For a list of options available for each theme, see the -# documentation. -#html_theme_options = {} - -# Add any paths that contain custom themes here, relative to this directory. -#html_theme_path = [] - -# The name for this set of Sphinx documents. If None, it defaults to -# " v documentation". -#html_title = None - -# A shorter title for the navigation bar. Default is the same as html_title. -#html_short_title = None - -# The name of an image file (relative to this directory) to place at the top -# of the sidebar. -#html_logo = None - -# The name of an image file (within the static path) to use as favicon of the -# docs. This file should be a Windows icon file (.ico) being 16x16 or 32x32 -# pixels large. -#html_favicon = None - -# Add any paths that contain custom static files (such as style sheets) here, -# relative to this directory. They are copied after the builtin static files, -# so a file named "default.css" will overwrite the builtin "default.css". -html_static_path = ['_static'] - -# Add any extra paths that contain custom files (such as robots.txt or -# .htaccess) here, relative to this directory. These files are copied -# directly to the root of the documentation. -#html_extra_path = [] - -# If not '', a 'Last updated on:' timestamp is inserted at every page bottom, -# using the given strftime format. -#html_last_updated_fmt = '%b %d, %Y' - -# If true, SmartyPants will be used to convert quotes and dashes to -# typographically correct entities. -#html_use_smartypants = True - -# Custom sidebar templates, maps document names to template names. -#html_sidebars = {} - -# Additional templates that should be rendered to pages, maps page names to -# template names. -#html_additional_pages = {} - -# If false, no module index is generated. -#html_domain_indices = True - -# If false, no index is generated. -#html_use_index = True - -# If true, the index is split into individual pages for each letter. -#html_split_index = False - -# If true, links to the reST sources are added to the pages. -#html_show_sourcelink = True - -# If true, "Created using Sphinx" is shown in the HTML footer. Default is True. -#html_show_sphinx = True - -# If true, "(C) Copyright ..." is shown in the HTML footer. Default is True. -#html_show_copyright = True - -# If true, an OpenSearch description file will be output, and all pages will -# contain a tag referring to it. The value of this option must be the -# base URL from which the finished HTML is served. -#html_use_opensearch = '' - -# This is the file name suffix for HTML files (e.g. ".xhtml"). -#html_file_suffix = None - -# Output file base name for HTML help builder. -htmlhelp_basename = 'puppet-heatReleaseNotesdoc' - - -# -- Options for LaTeX output --------------------------------------------- - -latex_elements = { -# The paper size ('letterpaper' or 'a4paper'). -#'papersize': 'letterpaper', - -# The font size ('10pt', '11pt' or '12pt'). -#'pointsize': '10pt', - -# Additional stuff for the LaTeX preamble. -#'preamble': '', -} - -# Grouping the document tree into LaTeX files. List of tuples -# (source start file, target name, title, -# author, documentclass [howto, manual, or own class]). -latex_documents = [ - ('index', 'puppet-heatReleaseNotes.tex', u'puppet-heat Release Notes Documentation', - u'2016, Puppet OpenStack Developers', 'manual'), -] - -# The name of an image file (relative to this directory) to place at the top of -# the title page. -#latex_logo = None - -# For "manual" documents, if this is true, then toplevel headings are parts, -# not chapters. -#latex_use_parts = False - -# If true, show page references after internal links. -#latex_show_pagerefs = False - -# If true, show URL addresses after external links. -#latex_show_urls = False - -# Documents to append as an appendix to all manuals. -#latex_appendices = [] - -# If false, no module index is generated. -#latex_domain_indices = True - - -# -- Options for manual page output --------------------------------------- - -# One entry per manual page. List of tuples -# (source start file, name, description, authors, manual section). -man_pages = [ - ('index', 'puppet-heatreleasenotes', u'puppet-heat Release Notes Documentation', - [u'2016, Puppet OpenStack Developers'], 1) -] - -# If true, show URL addresses after external links. -#man_show_urls = False - - -# -- Options for Texinfo output ------------------------------------------- - -# Grouping the document tree into Texinfo files. List of tuples -# (source start file, target name, title, author, -# dir menu entry, description, category) -texinfo_documents = [ - ('index', 'puppet-heatReleaseNotes', u'puppet-heat Release Notes Documentation', - u'2016, Puppet OpenStack Developers', 'puppet-heatReleaseNotes', 'One line description of project.', - 'Miscellaneous'), -] - -# Documents to append as an appendix to all manuals. -#texinfo_appendices = [] - -# If false, no module index is generated. -#texinfo_domain_indices = True - -# How to display URL addresses: 'footnote', 'no', or 'inline'. -#texinfo_show_urls = 'footnote' - -# If true, do not generate a @detailmenu in the "Top" node's menu. -#texinfo_no_detailmenu = False diff --git a/heat/releasenotes/source/index.rst b/heat/releasenotes/source/index.rst deleted file mode 100644 index a63d2439e..000000000 --- a/heat/releasenotes/source/index.rst +++ /dev/null @@ -1,19 +0,0 @@ -===================================== -Welcome to puppet-heat Release Notes! -===================================== - -Contents -======== - -.. toctree:: - :maxdepth: 2 - - mitaka - unreleased - - -Indices and tables -================== - -* :ref:`genindex` -* :ref:`search` diff --git a/heat/releasenotes/source/mitaka.rst b/heat/releasenotes/source/mitaka.rst deleted file mode 100644 index 97ab8d1d3..000000000 --- a/heat/releasenotes/source/mitaka.rst +++ /dev/null @@ -1,6 +0,0 @@ -============================ - Mitaka Series Release Notes -============================ - -.. release-notes:: - :branch: origin/stable/mitaka diff --git a/heat/releasenotes/source/unreleased.rst b/heat/releasenotes/source/unreleased.rst deleted file mode 100644 index 2334dd5cf..000000000 --- a/heat/releasenotes/source/unreleased.rst +++ /dev/null @@ -1,5 +0,0 @@ -============================== - Current Series Release Notes -============================== - - .. release-notes:: diff --git a/heat/setup.cfg b/heat/setup.cfg deleted file mode 100644 index 3047110c0..000000000 --- a/heat/setup.cfg +++ /dev/null @@ -1,13 +0,0 @@ -[metadata] -name = puppet-heat -summary = Puppet module for OpenStack Heat -description-file = - README.md -author = Puppet Labs and OpenStack Contributors -author-email = openstack-dev@lists.openstack.org -home-page = http://www.openstack.org/ -classifier = - Intended Audience :: Developers - Intended Audience :: System Administrators - License :: OSI Approved :: Apache Software License - Operating System :: POSIX :: Linux diff --git a/heat/setup.py b/heat/setup.py deleted file mode 100644 index 70c2b3f32..000000000 --- a/heat/setup.py +++ /dev/null @@ -1,22 +0,0 @@ -#!/usr/bin/env python -# Copyright (c) 2013 Hewlett-Packard Development Company, L.P. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or -# implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# THIS FILE IS MANAGED BY THE GLOBAL REQUIREMENTS REPO - DO NOT EDIT -import setuptools - -setuptools.setup( - setup_requires=['pbr'], - pbr=True) diff --git a/heat/spec/acceptance/basic_heat_spec.rb b/heat/spec/acceptance/basic_heat_spec.rb deleted file mode 100644 index 04a9cd307..000000000 --- a/heat/spec/acceptance/basic_heat_spec.rb +++ /dev/null @@ -1,83 +0,0 @@ -require 'spec_helper_acceptance' - -describe 'basic heat' do - - context 'default parameters' do - - it 'should work with no errors' do - pp= <<-EOS - include ::openstack_integration - include ::openstack_integration::repos - include ::openstack_integration::rabbitmq - include ::openstack_integration::mysql - include ::openstack_integration::keystone - - rabbitmq_user { 'heat': - admin => true, - password => 'an_even_bigger_secret', - provider => 'rabbitmqctl', - require => Class['rabbitmq'], - } - - rabbitmq_user_permissions { 'heat@/': - configure_permission => '.*', - write_permission => '.*', - read_permission => '.*', - provider => 'rabbitmqctl', - require => Class['rabbitmq'], - } - - # heat resources - class { '::heat': - rabbit_userid => 'heat', - rabbit_password => 'an_even_bigger_secret', - rabbit_host => '127.0.0.1', - database_connection => 'mysql+pymysql://heat:a_big_secret@127.0.0.1/heat?charset=utf8', - identity_uri => 'http://127.0.0.1:35357/', - keystone_password => 'a_big_secret', - debug => true, - verbose => true, - } - class { '::heat::db::mysql': - password => 'a_big_secret', - } - class { '::heat::keystone::auth': - password => 'a_big_secret', - configure_delegated_roles => true, - } - class { '::heat::keystone::domain': - domain_password => 'oh_my_no_secret', - } - class { '::heat::client': } - class { '::heat::api': } - class { '::heat::engine': - auth_encryption_key => '1234567890AZERTYUIOPMLKJHGFDSQ12', - } - class { '::heat::api_cloudwatch': } - class { '::heat::api_cfn': } - class { '::heat::cron::purge_deleted': } - EOS - - - # Run it twice and test for idempotency - apply_manifest(pp, :catch_failures => true) - apply_manifest(pp, :catch_changes => true) - end - - describe port(8000) do - it { is_expected.to be_listening.with('tcp') } - end - - describe port(8003) do - it { is_expected.to be_listening.with('tcp') } - end - - describe port(8004) do - it { is_expected.to be_listening.with('tcp') } - end - - describe cron do - it { is_expected.to have_entry('1 0 * * * heat-manage purge_deleted -g days 1 >>/var/log/heat/heat-purge_deleted.log 2>&1').with_user('heat') } - end - end -end diff --git a/heat/spec/acceptance/nodesets/centos-70-x64.yml b/heat/spec/acceptance/nodesets/centos-70-x64.yml deleted file mode 100644 index 5f097e9fe..000000000 --- a/heat/spec/acceptance/nodesets/centos-70-x64.yml +++ /dev/null @@ -1,11 +0,0 @@ -HOSTS: - centos-server-70-x64: - roles: - - master - platform: el-7-x86_64 - box: puppetlabs/centos-7.0-64-nocm - box_url: https://vagrantcloud.com/puppetlabs/centos-7.0-64-nocm - hypervisor: vagrant -CONFIG: - log_level: debug - type: foss diff --git a/heat/spec/acceptance/nodesets/default.yml b/heat/spec/acceptance/nodesets/default.yml deleted file mode 100644 index 486b6a34e..000000000 --- a/heat/spec/acceptance/nodesets/default.yml +++ /dev/null @@ -1,10 +0,0 @@ -HOSTS: - ubuntu-server-14.04-amd64: - roles: - - master - platform: ubuntu-14.04-amd64 - box: puppetlabs/ubuntu-14.04-64-nocm - box_url: https://vagrantcloud.com/puppetlabs/ubuntu-14.04-64-nocm - hypervisor: vagrant -CONFIG: - type: foss diff --git a/heat/spec/acceptance/nodesets/nodepool-centos7.yml b/heat/spec/acceptance/nodesets/nodepool-centos7.yml deleted file mode 100644 index c55287420..000000000 --- a/heat/spec/acceptance/nodesets/nodepool-centos7.yml +++ /dev/null @@ -1,10 +0,0 @@ -HOSTS: - centos-70-x64: - roles: - - master - platform: el-7-x86_64 - hypervisor: none - ip: 127.0.0.1 -CONFIG: - type: foss - set_env: false diff --git a/heat/spec/acceptance/nodesets/nodepool-trusty.yml b/heat/spec/acceptance/nodesets/nodepool-trusty.yml deleted file mode 100644 index 9fc624e24..000000000 --- a/heat/spec/acceptance/nodesets/nodepool-trusty.yml +++ /dev/null @@ -1,10 +0,0 @@ -HOSTS: - ubuntu-14.04-amd64: - roles: - - master - platform: ubuntu-14.04-amd64 - hypervisor: none - ip: 127.0.0.1 -CONFIG: - type: foss - set_env: false diff --git a/heat/spec/acceptance/nodesets/ubuntu-server-1404-x64.yml b/heat/spec/acceptance/nodesets/ubuntu-server-1404-x64.yml deleted file mode 100644 index 8001929b2..000000000 --- a/heat/spec/acceptance/nodesets/ubuntu-server-1404-x64.yml +++ /dev/null @@ -1,11 +0,0 @@ -HOSTS: - ubuntu-server-14.04-amd64: - roles: - - master - platform: ubuntu-14.04-amd64 - box: puppetlabs/ubuntu-14.04-64-nocm - box_url: https://vagrantcloud.com/puppetlabs/ubuntu-14.04-64-nocm - hypervisor: vagrant -CONFIG: - log_level: debug - type: foss diff --git a/heat/spec/classes/heat_api_cfn_spec.rb b/heat/spec/classes/heat_api_cfn_spec.rb deleted file mode 100644 index b40c0162a..000000000 --- a/heat/spec/classes/heat_api_cfn_spec.rb +++ /dev/null @@ -1,145 +0,0 @@ -require 'spec_helper' - -describe 'heat::api_cfn' do - - let :params do - { :enabled => true, - :manage_service => true, - :bind_host => '127.0.0.1', - :bind_port => '1234', - :workers => '0' } - end - - shared_examples_for 'heat-api-cfn' do - - context 'config params' do - - it { is_expected.to contain_class('heat') } - it { is_expected.to contain_class('heat::params') } - it { is_expected.to contain_class('heat::policy') } - - it { is_expected.to contain_heat_config('heat_api_cfn/bind_host').with_value( params[:bind_host] ) } - it { is_expected.to contain_heat_config('heat_api_cfn/bind_port').with_value( params[:bind_port] ) } - it { is_expected.to contain_heat_config('heat_api_cfn/workers').with_value( params[:workers] ) } - - end - - context 'with SSL socket options set' do - let :params do - { - :use_ssl => true, - :cert_file => '/path/to/cert', - :key_file => '/path/to/key' - } - end - - it { is_expected.to contain_heat_config('heat_api_cfn/cert_file').with_value('/path/to/cert') } - it { is_expected.to contain_heat_config('heat_api_cfn/key_file').with_value('/path/to/key') } - end - - context 'with SSL socket options set with wrong parameters' do - let :params do - { - :use_ssl => true, - :key_file => '/path/to/key' - } - end - - it_raises 'a Puppet::Error', /The cert_file parameter is required when use_ssl is set to true/ - end - - context 'with SSL socket options set to false' do - let :params do - { - :use_ssl => false, - } - end - - it { is_expected.to contain_heat_config('heat_api_cfn/cert_file').with_value('') } - it { is_expected.to contain_heat_config('heat_api_cfn/key_file').with_value('') } - end - - [{:enabled => true}, {:enabled => false}].each do |param_hash| - context "when service should be #{param_hash[:enabled] ? 'enabled' : 'disabled'}" do - before do - params.merge!(param_hash) - end - - it 'configures heat-api-cfn service' do - - is_expected.to contain_service('heat-api-cfn').with( - :ensure => (params[:manage_service] && params[:enabled]) ? 'running' : 'stopped', - :name => platform_params[:api_service_name], - :enable => params[:enabled], - :hasstatus => true, - :hasrestart => true, - :tag => 'heat-service', - ) - is_expected.to contain_service('heat-api-cfn').that_subscribes_to(nil) - end - end - end - - context 'with disabled service managing' do - before do - params.merge!({ - :manage_service => false, - :enabled => false }) - end - - it 'configures heat-api-cfn service' do - - is_expected.to contain_service('heat-api-cfn').with( - :ensure => nil, - :name => platform_params[:api_service_name], - :enable => false, - :hasstatus => true, - :hasrestart => true, - :tag => 'heat-service', - ) - is_expected.to contain_service('heat-api-cfn').that_subscribes_to(nil) - end - end - - context 'with $sync_db set to false in ::heat' do - let :pre_condition do - "class {'heat': sync_db => false}" - end - - it 'configures heat-api-cfn service to not subscribe to the dbsync resource' do - is_expected.to contain_service('heat-api-cfn').that_subscribes_to(nil) - end - end - - end - - - context 'on Debian platforms' do - let :facts do - @default_facts.merge({ - :osfamily => 'Debian', - }) - end - - let :platform_params do - { :api_service_name => 'heat-api-cfn' } - end - - it_configures 'heat-api-cfn' - end - - context 'on RedHat platforms' do - let :facts do - @default_facts.merge({ - :osfamily => 'RedHat', - }) - end - - let :platform_params do - { :api_service_name => 'openstack-heat-api-cfn' } - end - - it_configures 'heat-api-cfn' - end - -end diff --git a/heat/spec/classes/heat_api_cloudwatch_spec.rb b/heat/spec/classes/heat_api_cloudwatch_spec.rb deleted file mode 100644 index b6dd44c6a..000000000 --- a/heat/spec/classes/heat_api_cloudwatch_spec.rb +++ /dev/null @@ -1,144 +0,0 @@ -require 'spec_helper' - -describe 'heat::api_cloudwatch' do - - let :params do - { :enabled => true, - :manage_service => true, - :bind_host => '127.0.0.1', - :bind_port => '1234', - :workers => '0' } - end - - shared_examples_for 'heat-api-cloudwatch' do - - context 'config params' do - - it { is_expected.to contain_class('heat') } - it { is_expected.to contain_class('heat::params') } - it { is_expected.to contain_class('heat::policy') } - - it { is_expected.to contain_heat_config('heat_api_cloudwatch/bind_host').with_value( params[:bind_host] ) } - it { is_expected.to contain_heat_config('heat_api_cloudwatch/bind_port').with_value( params[:bind_port] ) } - it { is_expected.to contain_heat_config('heat_api_cloudwatch/workers').with_value( params[:workers] ) } - - end - - context 'with SSL socket options set' do - let :params do - { - :use_ssl => true, - :cert_file => '/path/to/cert', - :key_file => '/path/to/key' - } - end - - it { is_expected.to contain_heat_config('heat_api_cloudwatch/cert_file').with_value('/path/to/cert') } - it { is_expected.to contain_heat_config('heat_api_cloudwatch/key_file').with_value('/path/to/key') } - end - - context 'with SSL socket options set with wrong parameters' do - let :params do - { - :use_ssl => true, - :key_file => '/path/to/key' - } - end - - it_raises 'a Puppet::Error', /The cert_file parameter is required when use_ssl is set to true/ - end - - context 'with SSL socket options set to false' do - let :params do - { - :use_ssl => false, - } - end - - it { is_expected.to contain_heat_config('heat_api_cloudwatch/cert_file').with_value('') } - it { is_expected.to contain_heat_config('heat_api_cloudwatch/key_file').with_value('') } - end - - [{:enabled => true}, {:enabled => false}].each do |param_hash| - context "when service should be #{param_hash[:enabled] ? 'enabled' : 'disabled'}" do - before do - params.merge!(param_hash) - end - - it 'configures heat-api-cloudwatch service' do - - is_expected.to contain_service('heat-api-cloudwatch').with( - :ensure => (params[:manage_service] && params[:enabled]) ? 'running' : 'stopped', - :name => platform_params[:api_service_name], - :enable => params[:enabled], - :hasstatus => true, - :hasrestart => true, - :tag => 'heat-service', - ) - is_expected.to contain_service('heat-api-cloudwatch').that_subscribes_to(nil) - end - end - end - - context 'with disabled service managing' do - before do - params.merge!({ - :manage_service => false, - :enabled => false }) - end - - it 'configures heat-api-cloudwatch service' do - - is_expected.to contain_service('heat-api-cloudwatch').with( - :ensure => nil, - :name => platform_params[:api_service_name], - :enable => false, - :hasstatus => true, - :hasrestart => true, - :tag => 'heat-service', - ) - is_expected.to contain_service('heat-api-cloudwatch').that_subscribes_to(nil) - end - end - - context 'with $sync_db set to false in ::heat' do - let :pre_condition do - "class {'heat': sync_db => false}" - end - - it 'configures heat-api-cloudwatch service to not subscribe to the dbsync resource' do - is_expected.to contain_service('heat-api-cloudwatch').that_subscribes_to(nil) - end - end - - end - - context 'on Debian platforms' do - let :facts do - @default_facts.merge({ - :osfamily => 'Debian', - }) - end - - let :platform_params do - { :api_service_name => 'heat-api-cloudwatch' } - end - - it_configures 'heat-api-cloudwatch' - end - - context 'on RedHat platforms' do - let :facts do - @default_facts.merge({ - :osfamily => 'RedHat', - }) - end - - let :platform_params do - { :api_service_name => 'openstack-heat-api-cloudwatch' } - end - - it_configures 'heat-api-cloudwatch' - end - -end diff --git a/heat/spec/classes/heat_api_spec.rb b/heat/spec/classes/heat_api_spec.rb deleted file mode 100644 index 444b7b00c..000000000 --- a/heat/spec/classes/heat_api_spec.rb +++ /dev/null @@ -1,144 +0,0 @@ -require 'spec_helper' - -describe 'heat::api' do - - let :params do - { :enabled => true, - :manage_service => true, - :bind_host => '127.0.0.1', - :bind_port => '1234', - :workers => '' } - end - - shared_examples_for 'heat-api' do - - context 'config params' do - - it { is_expected.to contain_class('heat') } - it { is_expected.to contain_class('heat::params') } - it { is_expected.to contain_class('heat::policy') } - - it { is_expected.to contain_heat_config('heat_api/bind_host').with_value( params[:bind_host] ) } - it { is_expected.to contain_heat_config('heat_api/bind_port').with_value( params[:bind_port] ) } - it { is_expected.to contain_heat_config('heat_api/workers').with_value( params[:workers] ) } - - end - - context 'with SSL socket options set' do - let :params do - { - :use_ssl => true, - :cert_file => '/path/to/cert', - :key_file => '/path/to/key' - } - end - - it { is_expected.to contain_heat_config('heat_api/cert_file').with_value('/path/to/cert') } - it { is_expected.to contain_heat_config('heat_api/key_file').with_value('/path/to/key') } - end - - context 'with SSL socket options set with wrong parameters' do - let :params do - { - :use_ssl => true, - :key_file => '/path/to/key' - } - end - - it_raises 'a Puppet::Error', /The cert_file parameter is required when use_ssl is set to true/ - end - - context 'with SSL socket options set to false' do - let :params do - { - :use_ssl => false, - } - end - - it { is_expected.to contain_heat_config('heat_api/cert_file').with_value('') } - it { is_expected.to contain_heat_config('heat_api/key_file').with_value('') } - end - - - [{:enabled => true}, {:enabled => false}].each do |param_hash| - context "when service should be #{param_hash[:enabled] ? 'enabled' : 'disabled'}" do - before do - params.merge!(param_hash) - end - - it 'configures heat-api service' do - - is_expected.to contain_service('heat-api').with( - :ensure => (params[:manage_service] && params[:enabled]) ? 'running' : 'stopped', - :name => platform_params[:api_service_name], - :enable => params[:enabled], - :hasstatus => true, - :hasrestart => true, - :tag => 'heat-service', - ) - is_expected.to contain_service('heat-api').that_subscribes_to(nil) - end - end - end - - context 'with disabled service managing' do - before do - params.merge!({ - :manage_service => false, - :enabled => false }) - end - - it 'configures heat-api service' do - - is_expected.to contain_service('heat-api').with( - :ensure => nil, - :name => platform_params[:api_service_name], - :enable => false, - :hasstatus => true, - :hasrestart => true, - :tag => 'heat-service', - ) - is_expected.to contain_service('heat-api').that_subscribes_to(nil) - end - end - - context 'with $sync_db set to false in ::heat' do - let :pre_condition do - "class {'heat': sync_db => false}" - end - - it 'configures heat-api service to not subscribe to the dbsync resource' do - is_expected.to contain_service('heat-api').that_subscribes_to(nil) - end - end - end - - context 'on Debian platforms' do - let :facts do - @default_facts.merge({ - :osfamily => 'Debian', - }) - end - - let :platform_params do - { :api_service_name => 'heat-api' } - end - - it_configures 'heat-api' - end - - context 'on RedHat platforms' do - let :facts do - @default_facts.merge({ - :osfamily => 'RedHat', - }) - end - - let :platform_params do - { :api_service_name => 'openstack-heat-api' } - end - - it_configures 'heat-api' - end - -end diff --git a/heat/spec/classes/heat_client_spec.rb b/heat/spec/classes/heat_client_spec.rb deleted file mode 100644 index 4c540d5af..000000000 --- a/heat/spec/classes/heat_client_spec.rb +++ /dev/null @@ -1,49 +0,0 @@ -require 'spec_helper' - -describe 'heat::client' do - - let :params do - {} - end - - let :default_params do - { :package_ensure => 'present' } - end - - shared_examples_for 'heat client' do - let :p do - default_params.merge(params) - end - - it { is_expected.to contain_class('heat::params') } - - it 'installs heat client package' do - is_expected.to contain_package('python-heatclient').with( - :name => 'python-heatclient', - :ensure => p[:package_ensure], - :tag => 'openstack' - ) - end - - end - - context 'on Debian platform' do - let :facts do - @default_facts.merge({ - :osfamily => 'Debian', - }) - end - - it_configures 'heat client' - end - - context 'on RedHat platform' do - let :facts do - @default_facts.merge({ - :osfamily => 'RedHat', - }) - end - - it_configures 'heat client' - end -end diff --git a/heat/spec/classes/heat_config_spec.rb b/heat/spec/classes/heat_config_spec.rb deleted file mode 100644 index aff161d19..000000000 --- a/heat/spec/classes/heat_config_spec.rb +++ /dev/null @@ -1,31 +0,0 @@ -require 'spec_helper' - -describe 'heat::config' do - - let :params do - { :heat_config => { - 'DEFAULT/foo' => { 'value' => 'fooValue' }, - 'DEFAULT/bar' => { 'value' => 'barValue' }, - 'DEFAULT/baz' => { 'ensure' => 'absent' } - }, - :heat_api_paste_ini => { - 'DEFAULT/foo2' => { 'value' => 'fooValue' }, - 'DEFAULT/bar2' => { 'value' => 'barValue' }, - 'DEFAULT/baz2' => { 'ensure' => 'absent' } - } - } - end - - it 'configures arbitrary heat configurations' do - is_expected.to contain_heat_config('DEFAULT/foo').with_value('fooValue') - is_expected.to contain_heat_config('DEFAULT/bar').with_value('barValue') - is_expected.to contain_heat_config('DEFAULT/baz').with_ensure('absent') - end - - it 'configures arbitrary heat-api-paste configurations' do - is_expected.to contain_heat_api_paste_ini('DEFAULT/foo2').with_value('fooValue') - is_expected.to contain_heat_api_paste_ini('DEFAULT/bar2').with_value('barValue') - is_expected.to contain_heat_api_paste_ini('DEFAULT/baz2').with_ensure('absent') - end - -end diff --git a/heat/spec/classes/heat_cron_purge_deleted_spec.rb b/heat/spec/classes/heat_cron_purge_deleted_spec.rb deleted file mode 100644 index f157ed737..000000000 --- a/heat/spec/classes/heat_cron_purge_deleted_spec.rb +++ /dev/null @@ -1,99 +0,0 @@ -require 'spec_helper' - -describe 'heat::cron::purge_deleted' do - - let :facts do - @default_facts.merge({ :osfamily => 'Debian' }) - end - - let :params do - { :ensure => 'present', - :minute => 1, - :hour => 0, - :monthday => '*', - :month => '*', - :weekday => '*', - :maxdelay => 0, - :user => 'heat', - :age => 1, - :age_type => 'days', - :destination => '/var/log/heat/heat-purge_deleted.log' } - end - - let :pre_condition do - 'include ::heat' - end - - describe 'with default parameters' do - it 'configures a cron' do - is_expected.to contain_cron('heat-manage purge_deleted').with( - :ensure => params[:ensure], - :command => "heat-manage purge_deleted -g days 1 >>#{params[:destination]} 2>&1", - :environment => 'PATH=/bin:/usr/bin:/usr/sbin SHELL=/bin/sh', - :user => 'heat', - :minute => params[:minute], - :hour => params[:hour], - :monthday => params[:monthday], - :month => params[:month], - :weekday => params[:weekday] - ) - is_expected.to contain_package('heat-common').that_comes_before('Cron[heat-manage purge_deleted]') - end - end - - describe 'when specifying a maxdelay param' do - before :each do - params.merge!( - :maxdelay => 600 - ) - end - - it 'configures a cron with delay' do - is_expected.to contain_cron('heat-manage purge_deleted').with( - :ensure => params[:ensure], - :command => "sleep `expr ${RANDOM} \\% #{params[:maxdelay]}`; heat-manage purge_deleted -g days 1 >>#{params[:destination]} 2>&1", - :environment => 'PATH=/bin:/usr/bin:/usr/sbin SHELL=/bin/sh', - :user => 'heat', - :minute => params[:minute], - :hour => params[:hour], - :monthday => params[:monthday], - :month => params[:month], - :weekday => params[:weekday] - ) - is_expected.to contain_package('heat-common').that_comes_before('Cron[heat-manage purge_deleted]') - end - end - - describe 'when disabling cron job' do - before :each do - params.merge!( - :ensure => 'absent' - ) - end - - it 'configures a cron with delay' do - is_expected.to contain_cron('heat-manage purge_deleted').with( - :ensure => params[:ensure], - :command => "heat-manage purge_deleted -g days 1 >>#{params[:destination]} 2>&1", - :environment => 'PATH=/bin:/usr/bin:/usr/sbin SHELL=/bin/sh', - :user => 'heat', - :minute => params[:minute], - :hour => params[:hour], - :monthday => params[:monthday], - :month => params[:month], - :weekday => params[:weekday] - ) - is_expected.to contain_package('heat-common').that_comes_before('Cron[heat-manage purge_deleted]') - end - end - - describe 'when setting a wrong age_type' do - before :each do - params.merge!( - :age_type => 'foobar' - ) - end - - it_raises 'a Puppet::Error', /age_type possible values are only days, hours, minutes, or seconds./ - end -end diff --git a/heat/spec/classes/heat_db_mysql_spec.rb b/heat/spec/classes/heat_db_mysql_spec.rb deleted file mode 100644 index e0bca3df0..000000000 --- a/heat/spec/classes/heat_db_mysql_spec.rb +++ /dev/null @@ -1,68 +0,0 @@ -require 'spec_helper' - -describe 'heat::db::mysql' do - let :facts do - @default_facts.merge({ - :osfamily => 'RedHat', - }) - end - - let :params do - { :password => 's3cr3t', - :dbname => 'heat', - :user => 'heat', - :host => 'localhost', - :charset => 'utf8', - :collate => 'utf8_general_ci', - } - end - - shared_examples_for 'heat mysql database' do - - context 'when omiting the required parameter password' do - before { params.delete(:password) } - it { expect { is_expected.to raise_error(Puppet::Error) } } - end - - it 'creates a mysql database' do - is_expected.to contain_openstacklib__db__mysql( params[:dbname] ).with( - :user => params[:user], - :password_hash => '*58C036CDA51D8E8BBBBF2F9EA5ABF111ADA444F0', - :host => params[:host], - :charset => params[:charset], - :collate => 'utf8_general_ci', - :require => 'Class[Mysql::Config]' - ) - end - end - - describe "overriding allowed_hosts param to array" do - let :params do - { - :password => 'heatpass', - :allowed_hosts => ['localhost','%'] - } - end - - end - - describe "overriding allowed_hosts param to string" do - let :params do - { - :password => 'heatpass2', - :allowed_hosts => '192.168.1.1' - } - end - - end - - describe "overriding allowed_hosts param equals to host param " do - let :params do - { - :password => 'heatpass2', - :allowed_hosts => 'localhost' - } - end - - end -end diff --git a/heat/spec/classes/heat_db_postgresql_spec.rb b/heat/spec/classes/heat_db_postgresql_spec.rb deleted file mode 100644 index fe2cee00a..000000000 --- a/heat/spec/classes/heat_db_postgresql_spec.rb +++ /dev/null @@ -1,60 +0,0 @@ -require 'spec_helper' - -describe 'heat::db::postgresql' do - - let :req_params do - { :password => 'pw' } - end - - let :pre_condition do - 'include ::postgresql::server - include ::heat - ' - end - - context 'on a RedHat osfamily' do - let :facts do - @default_facts.merge({ - :osfamily => 'RedHat', - :operatingsystemrelease => '7.0', - :concat_basedir => '/var/lib/puppet/concat' - }) - end - - context 'with only required parameters' do - let :params do - req_params - end - - it { is_expected.to contain_postgresql__server__db('heat').with( - :user => 'heat', - :password => 'md5fd5c4fca491370aab732f903e2fb7c99' - )} - end - - end - - context 'on a Debian osfamily' do - let :facts do - @default_facts.merge({ - :operatingsystemrelease => '7.8', - :operatingsystem => 'Debian', - :osfamily => 'Debian', - :concat_basedir => '/var/lib/puppet/concat' - }) - end - - context 'with only required parameters' do - let :params do - req_params - end - - it { is_expected.to contain_postgresql__server__db('heat').with( - :user => 'heat', - :password => 'md5fd5c4fca491370aab732f903e2fb7c99' - )} - end - - end - -end diff --git a/heat/spec/classes/heat_db_spec.rb b/heat/spec/classes/heat_db_spec.rb deleted file mode 100644 index 20d9e1da0..000000000 --- a/heat/spec/classes/heat_db_spec.rb +++ /dev/null @@ -1,116 +0,0 @@ -require 'spec_helper' - -describe 'heat::db' do - - shared_examples 'heat::db' do - - context 'with default parameters' do - - it { is_expected.to contain_class('heat::db::sync') } - it { is_expected.to contain_heat_config('database/connection').with_value('sqlite:////var/lib/heat/heat.sqlite').with_secret(true) } - it { is_expected.to contain_heat_config('database/idle_timeout').with_value('') } - it { is_expected.to contain_heat_config('database/min_pool_size').with_value('') } - it { is_expected.to contain_heat_config('database/max_pool_size').with_value('') } - it { is_expected.to contain_heat_config('database/max_retries').with_value('') } - it { is_expected.to contain_heat_config('database/retry_interval').with_value('') } - - end - - context 'with specific parameters' do - let :params do - { :database_connection => 'mysql+pymysql://heat:heat@localhost/heat', - :database_idle_timeout => '3601', - :database_min_pool_size => '2', - :database_max_pool_size => '12', - :database_max_retries => '11', - :database_retry_interval => '11', - :sync_db => false } - end - - it { is_expected.not_to contain_class('heat::db::sync') } - it { is_expected.to contain_heat_config('database/connection').with_value('mysql+pymysql://heat:heat@localhost/heat').with_secret(true) } - it { is_expected.to contain_heat_config('database/idle_timeout').with_value('3601') } - it { is_expected.to contain_heat_config('database/min_pool_size').with_value('2') } - it { is_expected.to contain_heat_config('database/max_pool_size').with_value('12') } - it { is_expected.to contain_heat_config('database/max_retries').with_value('11') } - it { is_expected.to contain_heat_config('database/retry_interval').with_value('11') } - - end - - context 'with MySQL-python library as backend package' do - let :params do - { :database_connection => 'mysql://heat:heat@localhost/heat' } - end - - it { is_expected.to contain_heat_config('database/connection').with_value('mysql://heat:heat@localhost/heat').with_secret(true) } - end - - context 'with postgresql backend' do - let :params do - { :database_connection => 'postgresql://heat:heat@localhost/heat', } - end - - it 'install the proper backend package' do - is_expected.to contain_package('python-psycopg2').with(:ensure => 'present') - end - - end - - context 'with incorrect database_connection string' do - let :params do - { :database_connection => 'redis://heat:heat@localhost/heat', } - end - - it_raises 'a Puppet::Error', /validate_re/ - end - - context 'with incorrect database_connection string' do - let :params do - { :database_connection => 'foo+pymysql://heat:heat@localhost/heat', } - end - - it_raises 'a Puppet::Error', /validate_re/ - end - - end - - context 'on Debian platforms' do - let :facts do - @default_facts.merge({ - :osfamily => 'Debian', - :operatingsystem => 'Debian', - :operatingsystemrelease => 'jessie', - }) - end - - it_configures 'heat::db' - - context 'using pymysql driver' do - let :params do - { :database_connection => 'mysql+pymysql://heat:heat@localhost/heat' } - end - - it { is_expected.to contain_package('heat-backend-package').with({ :ensure => 'present', :name => 'python-pymysql' }) } - end - end - - context 'on Redhat platforms' do - let :facts do - @default_facts.merge({ - :osfamily => 'RedHat', - :operatingsystemrelease => '7.1', - }) - end - - it_configures 'heat::db' - - context 'using pymysql driver' do - let :params do - { :database_connection => 'mysql+pymysql://heat:heat@localhost/heat' } - end - - it { is_expected.not_to contain_package('heat-backend-package') } - end - end - -end diff --git a/heat/spec/classes/heat_db_sync_spec.rb b/heat/spec/classes/heat_db_sync_spec.rb deleted file mode 100644 index 595a88b8d..000000000 --- a/heat/spec/classes/heat_db_sync_spec.rb +++ /dev/null @@ -1,63 +0,0 @@ -require 'spec_helper' - -describe 'heat::db::sync' do - - shared_examples_for 'heat-dbsync' do - - it 'runs heat-manage db_sync' do - is_expected.to contain_exec('heat-dbsync').with( - :command => 'heat-manage --config-file /etc/heat/heat.conf db_sync', - :path => '/usr/bin', - :user => 'heat', - :refreshonly => 'true', - :logoutput => 'on_failure' - ) - end - - describe 'overriding extra_params' do - let :params do - { - :extra_params => '--config-file /etc/heat/heat01.conf', - } - end - - it { - is_expected.to contain_exec('heat-dbsync').with( - :command => 'heat-manage --config-file /etc/heat/heat01.conf db_sync', - :path => '/usr/bin', - :user => 'heat', - :refreshonly => 'true', - :logoutput => 'on_failure' - ) - } - end - - end - - - context 'on a RedHat osfamily' do - let :facts do - @default_facts.merge({ - :osfamily => 'RedHat', - :operatingsystemrelease => '7.0', - :concat_basedir => '/var/lib/puppet/concat' - }) - end - - it_configures 'heat-dbsync' - end - - context 'on a Debian osfamily' do - let :facts do - @default_facts.merge({ - :operatingsystemrelease => '7.8', - :operatingsystem => 'Debian', - :osfamily => 'Debian', - :concat_basedir => '/var/lib/puppet/concat' - }) - end - - it_configures 'heat-dbsync' - end - -end diff --git a/heat/spec/classes/heat_deps_spec.rb b/heat/spec/classes/heat_deps_spec.rb deleted file mode 100644 index 11bb63d20..000000000 --- a/heat/spec/classes/heat_deps_spec.rb +++ /dev/null @@ -1,17 +0,0 @@ -require 'spec_helper' - -describe 'heat::deps' do - - it 'set up the anchors' do - is_expected.to contain_anchor('heat::install::begin') - is_expected.to contain_anchor('heat::install::end') - is_expected.to contain_anchor('heat::config::begin') - is_expected.to contain_anchor('heat::config::end') - is_expected.to contain_anchor('heat::db::begin') - is_expected.to contain_anchor('heat::db::end') - is_expected.to contain_anchor('heat::dbsync::begin') - is_expected.to contain_anchor('heat::dbsync::end') - is_expected.to contain_anchor('heat::service::begin') - is_expected.to contain_anchor('heat::service::end') - end -end diff --git a/heat/spec/classes/heat_engine_spec.rb b/heat/spec/classes/heat_engine_spec.rb deleted file mode 100644 index 7f5014894..000000000 --- a/heat/spec/classes/heat_engine_spec.rb +++ /dev/null @@ -1,133 +0,0 @@ -require 'spec_helper' - -describe 'heat::engine' do - - let :default_params do - { :enabled => true, - :manage_service => true, - :heat_stack_user_role => '', - :heat_metadata_server_url => 'http://127.0.0.1:8000', - :heat_waitcondition_server_url => 'http://127.0.0.1:8000/v1/waitcondition', - :heat_watch_server_url => 'http://128.0.0.1:8003', - :engine_life_check_timeout => '', - :trusts_delegated_roles => ['heat_stack_owner'], - :deferred_auth_method => '', - :default_software_config_transport => '', - :default_deployment_signal_transport => '', - } - end - - shared_examples_for 'heat-engine' do - [ - {}, - { :auth_encryption_key => '1234567890AZERTYUIOPMLKJHGFDSQ12' }, - { :auth_encryption_key => '0234567890AZERTYUIOPMLKJHGFDSQ24', - :enabled => false, - :heat_stack_user_role => 'heat_stack_user', - :heat_metadata_server_url => 'http://127.0.0.1:8000', - :heat_waitcondition_server_url => 'http://127.0.0.1:8000/v1/waitcondition', - :heat_watch_server_url => 'http://128.0.0.1:8003', - :engine_life_check_timeout => '2', - :trusts_delegated_roles => ['role1', 'role2'], - :deferred_auth_method => 'trusts', - :default_software_config_transport => 'POLL_SERVER_CFN', - :default_deployment_signal_transport => 'CFN_SIGNAL', - } - ].each do |new_params| - describe 'when #{param_set == {} ? "using default" : "specifying"} parameters' - - let :params do - new_params - end - - let :expected_params do - default_params.merge(params) - end - - it { is_expected.to contain_package('heat-engine').with( - :ensure => 'present', - :name => os_params[:package_name], - :tag => ['openstack', 'heat-package'], - ) } - - it { is_expected.to contain_service('heat-engine').with( - :ensure => (expected_params[:manage_service] && expected_params[:enabled]) ? 'running' : 'stopped', - :name => os_params[:service_name], - :enable => expected_params[:enabled], - :hasstatus => 'true', - :hasrestart => 'true', - :tag => 'heat-service', - ) } - - it { is_expected.to contain_heat_config('DEFAULT/auth_encryption_key').with_value( expected_params[:auth_encryption_key] ) } - it { is_expected.to contain_heat_config('DEFAULT/heat_stack_user_role').with_value( expected_params[:heat_stack_user_role] ) } - it { is_expected.to contain_heat_config('DEFAULT/heat_metadata_server_url').with_value( expected_params[:heat_metadata_server_url] ) } - it { is_expected.to contain_heat_config('DEFAULT/heat_waitcondition_server_url').with_value( expected_params[:heat_waitcondition_server_url] ) } - it { is_expected.to contain_heat_config('DEFAULT/heat_watch_server_url').with_value( expected_params[:heat_watch_server_url] ) } - it { is_expected.to contain_heat_config('DEFAULT/engine_life_check_timeout').with_value( expected_params[:engine_life_check_timeout] ) } - it { is_expected.to contain_heat_config('DEFAULT/trusts_delegated_roles').with_value( expected_params[:trusts_delegated_roles] ) } - it { is_expected.to contain_heat_config('DEFAULT/deferred_auth_method').with_value( expected_params[:deferred_auth_method] ) } - it { is_expected.to contain_heat_config('DEFAULT/default_software_config_transport').with_value( expected_params[:default_software_config_transport] ) } - it { is_expected.to contain_heat_config('DEFAULT/default_deployment_signal_transport').with_value( expected_params[:default_deployment_signal_transport] ) } - it { is_expected.to contain_heat_config('DEFAULT/instance_connection_is_secure').with_value('') } - it { is_expected.to contain_heat_config('DEFAULT/instance_connection_https_validate_certificates').with_value('') } - it { is_expected.to contain_heat_config('DEFAULT/max_resources_per_stack').with_value('') } - end - - context 'with disabled service managing' do - before do - params.merge!({ - :manage_service => false, - :enabled => false }) - end - - it { is_expected.to contain_service('heat-engine').with( - :ensure => nil, - :name => os_params[:service_name], - :enable => false, - :hasstatus => 'true', - :hasrestart => 'true', - :tag => 'heat-service', - ) } - end - context 'with wrong auth_encryption_key parameter size' do - before do - params.merge!({ - :auth_encryption_key => 'hello' }) - end - it_raises 'a Puppet::Error', /5 is not a correct size for auth_encryption_key parameter, it must be either 16, 24, 32 bytes long./ - end - end - - context 'on Debian platforms' do - let :facts do - @default_facts.merge({ - :osfamily => 'Debian', - }) - end - - let :os_params do - { :package_name => 'heat-engine', - :service_name => 'heat-engine' - } - end - - it_configures 'heat-engine' - end - - context 'on RedHat platforms' do - let :facts do - @default_facts.merge({ - :osfamily => 'RedHat', - }) - end - - let :os_params do - { :package_name => 'openstack-heat-engine', - :service_name => 'openstack-heat-engine' - } - end - - it_configures 'heat-engine' - end -end diff --git a/heat/spec/classes/heat_init_spec.rb b/heat/spec/classes/heat_init_spec.rb deleted file mode 100644 index cb387e1ac..000000000 --- a/heat/spec/classes/heat_init_spec.rb +++ /dev/null @@ -1,471 +0,0 @@ -require 'spec_helper' - -describe 'heat' do - - let :params do - { - :package_ensure => 'present', - :verbose => 'False', - :debug => 'False', - :use_stderr => 'True', - :log_dir => '/var/log/heat', - :rabbit_host => '', - :rabbit_port => 5672, - :rabbit_userid => '', - :rabbit_password => '', - :rabbit_virtual_host => '', - :database_connection => 'mysql+pymysql://user@host/database', - :database_idle_timeout => 3600, - :keystone_ec2_uri => 'http://127.0.0.1:5000/v2.0/ec2tokens', - :flavor => 'keystone', - :keystone_password => 'secretpassword', - :heat_clients_url => '', - } - end - - shared_examples_for 'heat' do - - context 'with rabbit_host parameter' do - it_configures 'a heat base installation' - it_configures 'rabbit without HA support (with backward compatibility)' - end - - context 'with rabbit_hosts parameter' do - context 'with one server' do - before { params.merge!( :rabbit_hosts => ['127.0.0.1:5672'] ) } - it_configures 'a heat base installation' - it_configures 'rabbit without HA support (without backward compatibility)' - end - - context 'with multiple servers' do - before { params.merge!( - :rabbit_hosts => ['rabbit1:5672', 'rabbit2:5672'], - :amqp_durable_queues => true) } - it_configures 'a heat base installation' - it_configures 'rabbit with HA support' - end - end - - context 'with rabbit heartbeat configured' do - before { params.merge!( - :rabbit_heartbeat_timeout_threshold => '60', - :rabbit_heartbeat_rate => '10' ) } - it_configures 'a heat base installation' - it_configures 'rabbit with heartbeat configured' - end - - it_configures 'with SSL enabled with kombu' - it_configures 'with SSL enabled without kombu' - it_configures 'with SSL disabled' - it_configures 'with SSL wrongly configured' - it_configures "with auth_plugin" - it_configures 'with enable_stack_adopt and enable_stack_abandon set' - it_configures 'with notification_driver set to a string' - end - - shared_examples_for 'a heat base installation' do - - it { is_expected.to contain_class('heat::logging') } - it { is_expected.to contain_class('heat::params') } - - it 'installs heat common package' do - is_expected.to contain_package('heat-common').with( - :ensure => 'present', - :name => platform_params[:common_package_name], - :tag => ['openstack', 'heat-package'], - ) - end - - it 'has db_sync enabled' do - is_expected.to contain_class('heat::db::sync') - end - - it 'configures max_template_size' do - is_expected.to contain_heat_config('DEFAULT/max_template_size').with_value('') - end - - it 'configures max_json_body_size' do - is_expected.to contain_heat_config('DEFAULT/max_json_body_size').with_value('') - end - - it 'configures project_domain_id' do - is_expected.to contain_heat_config('trustee/project_domain_id').with_value( 'default' ) - end - - it 'configures user_domain_id' do - is_expected.to contain_heat_config('trustee/user_domain_id').with_value( 'default' ) - end - - it 'configures auth_plugin' do - is_expected.to contain_heat_config('trustee/auth_plugin').with_value( 'password' ) - end - - it 'configures auth_url' do - is_expected.to contain_heat_config('trustee/auth_url').with_value( 'http://127.0.0.1:35357/' ) - end - - it 'configures username' do - is_expected.to contain_heat_config('trustee/username').with_value( 'heat' ) - end - - it 'configures ' do - is_expected.to contain_heat_config('trustee/password').with_secret( true ) - end - - it 'configures auth_uri for clients_keystone' do - is_expected.to contain_heat_config('clients_keystone/auth_uri').with_value( 'http://127.0.0.1:35357/' ) - end - - it 'configures keystone_ec2_uri' do - is_expected.to contain_heat_config('ec2authtoken/auth_uri').with_value( params[:keystone_ec2_uri] ) - end - - it { is_expected.to contain_heat_config('paste_deploy/flavor').with_value('keystone') } - - it 'configures notification_driver' do - is_expected.to contain_heat_config('DEFAULT/notification_driver').with_value('') - end - - it 'sets clients_heat url' do - is_expected.to contain_heat_config('clients_heat/url').with_value('') - end - - it_configures "with default auth method" - end - - shared_examples_for 'rabbit without HA support (with backward compatibility)' do - it 'configures rabbit' do - is_expected.to contain_heat_config('oslo_messaging_rabbit/rabbit_userid').with_value( params[:rabbit_userid] ) - is_expected.to contain_heat_config('oslo_messaging_rabbit/rabbit_password').with_value( params[:rabbit_password] ) - is_expected.to contain_heat_config('oslo_messaging_rabbit/rabbit_password').with_secret( true ) - is_expected.to contain_heat_config('oslo_messaging_rabbit/rabbit_virtual_host').with_value( params[:rabbit_virtual_host] ) - is_expected.to contain_heat_config('oslo_messaging_rabbit/rabbit_use_ssl').with_value('') - is_expected.to contain_heat_config('oslo_messaging_rabbit/kombu_ssl_ca_certs').with_value('') - is_expected.to contain_heat_config('oslo_messaging_rabbit/kombu_ssl_certfile').with_value('') - is_expected.to contain_heat_config('oslo_messaging_rabbit/kombu_ssl_keyfile').with_value('') - is_expected.to contain_heat_config('oslo_messaging_rabbit/kombu_ssl_version').with_value('') - is_expected.to contain_heat_config('oslo_messaging_rabbit/heartbeat_timeout_threshold').with_value('0') - is_expected.to contain_heat_config('oslo_messaging_rabbit/heartbeat_rate').with_value('') - end - it { is_expected.to contain_heat_config('oslo_messaging_rabbit/rabbit_host').with_value( params[:rabbit_host] ) } - it { is_expected.to contain_heat_config('oslo_messaging_rabbit/rabbit_port').with_value( params[:rabbit_port] ) } - it { is_expected.to contain_heat_config('oslo_messaging_rabbit/rabbit_hosts').with_ensure('absent') } - it { is_expected.to contain_heat_config('oslo_messaging_rabbit/rabbit_ha_queues').with_value('') } - it { is_expected.to contain_heat_config('DEFAULT/rpc_response_timeout').with_value('') } - it { is_expected.to contain_heat_config('oslo_messaging_rabbit/amqp_durable_queues').with_value('') } - end - - shared_examples_for 'rabbit without HA support (without backward compatibility)' do - it 'configures rabbit' do - is_expected.to contain_heat_config('oslo_messaging_rabbit/rabbit_userid').with_value( params[:rabbit_userid] ) - is_expected.to contain_heat_config('oslo_messaging_rabbit/rabbit_password').with_secret( true ) - is_expected.to contain_heat_config('oslo_messaging_rabbit/rabbit_password').with_value( params[:rabbit_password] ) - is_expected.to contain_heat_config('oslo_messaging_rabbit/rabbit_virtual_host').with_value( params[:rabbit_virtual_host] ) - is_expected.to contain_heat_config('oslo_messaging_rabbit/rabbit_use_ssl').with_value('') - is_expected.to contain_heat_config('oslo_messaging_rabbit/kombu_ssl_ca_certs').with_value('') - is_expected.to contain_heat_config('oslo_messaging_rabbit/kombu_ssl_certfile').with_value('') - is_expected.to contain_heat_config('oslo_messaging_rabbit/kombu_ssl_keyfile').with_value('') - is_expected.to contain_heat_config('oslo_messaging_rabbit/kombu_ssl_version').with_value('') - is_expected.to contain_heat_config('oslo_messaging_rabbit/heartbeat_timeout_threshold').with_value('0') - is_expected.to contain_heat_config('oslo_messaging_rabbit/heartbeat_rate').with_value('') - end - it { is_expected.to contain_heat_config('oslo_messaging_rabbit/rabbit_host').with_ensure('absent') } - it { is_expected.to contain_heat_config('oslo_messaging_rabbit/rabbit_port').with_ensure('absent') } - it { is_expected.to contain_heat_config('oslo_messaging_rabbit/rabbit_hosts').with_value( params[:rabbit_hosts].join(',') ) } - it { is_expected.to contain_heat_config('oslo_messaging_rabbit/rabbit_ha_queues').with_value('') } - it { is_expected.to contain_heat_config('oslo_messaging_rabbit/amqp_durable_queues').with_value('') } - end - - shared_examples_for 'rabbit with HA support' do - it 'configures rabbit' do - is_expected.to contain_heat_config('oslo_messaging_rabbit/rabbit_userid').with_value( params[:rabbit_userid] ) - is_expected.to contain_heat_config('oslo_messaging_rabbit/rabbit_password').with_value( params[:rabbit_password] ) - is_expected.to contain_heat_config('oslo_messaging_rabbit/rabbit_password').with_secret( true ) - is_expected.to contain_heat_config('oslo_messaging_rabbit/rabbit_virtual_host').with_value( params[:rabbit_virtual_host] ) - is_expected.to contain_heat_config('oslo_messaging_rabbit/rabbit_use_ssl').with_value('') - is_expected.to contain_heat_config('oslo_messaging_rabbit/kombu_ssl_ca_certs').with_value('') - is_expected.to contain_heat_config('oslo_messaging_rabbit/kombu_ssl_certfile').with_value('') - is_expected.to contain_heat_config('oslo_messaging_rabbit/kombu_ssl_keyfile').with_value('') - is_expected.to contain_heat_config('oslo_messaging_rabbit/kombu_ssl_version').with_value('') - is_expected.to contain_heat_config('oslo_messaging_rabbit/heartbeat_timeout_threshold').with_value('0') - is_expected.to contain_heat_config('oslo_messaging_rabbit/heartbeat_rate').with_value('') - end - it { is_expected.to contain_heat_config('oslo_messaging_rabbit/rabbit_host').with_ensure('absent') } - it { is_expected.to contain_heat_config('oslo_messaging_rabbit/rabbit_port').with_ensure('absent') } - it { is_expected.to contain_heat_config('oslo_messaging_rabbit/rabbit_hosts').with_value( params[:rabbit_hosts].join(',') ) } - it { is_expected.to contain_heat_config('oslo_messaging_rabbit/rabbit_ha_queues').with_value('true') } - it { is_expected.to contain_heat_config('oslo_messaging_rabbit/amqp_durable_queues').with_value(true) } - end - - shared_examples_for 'single rabbit_host with ha queues' do - let :params do - req_params.merge({'rabbit_ha_queues' => true}) - end - - it 'should contain rabbit_ha_queues' do - is_expected.to contain_heat_config('oslo_messaging_rabbit/rabbit_ha_queues').with_value('true') - end - end - - shared_examples_for 'rabbit with heartbeat configured' do - it 'configures rabbit' do - is_expected.to contain_heat_config('oslo_messaging_rabbit/rabbit_userid').with_value( params[:rabbit_userid] ) - is_expected.to contain_heat_config('oslo_messaging_rabbit/rabbit_password').with_value( params[:rabbit_password] ) - is_expected.to contain_heat_config('oslo_messaging_rabbit/rabbit_password').with_secret( true ) - is_expected.to contain_heat_config('oslo_messaging_rabbit/rabbit_virtual_host').with_value( params[:rabbit_virtual_host] ) - is_expected.to contain_heat_config('oslo_messaging_rabbit/rabbit_use_ssl').with_value('') - is_expected.to contain_heat_config('oslo_messaging_rabbit/kombu_ssl_ca_certs').with_value('') - is_expected.to contain_heat_config('oslo_messaging_rabbit/kombu_ssl_certfile').with_value('') - is_expected.to contain_heat_config('oslo_messaging_rabbit/kombu_ssl_keyfile').with_value('') - is_expected.to contain_heat_config('oslo_messaging_rabbit/kombu_ssl_version').with_value('') - end - it { is_expected.to contain_heat_config('oslo_messaging_rabbit/heartbeat_timeout_threshold').with_value('60') } - it { is_expected.to contain_heat_config('oslo_messaging_rabbit/heartbeat_rate').with_value('10') } - end - - shared_examples_for 'with SSL enabled with kombu' do - before do - params.merge!( - :rabbit_use_ssl => true, - :kombu_ssl_ca_certs => '/path/to/ssl/ca/certs', - :kombu_ssl_certfile => '/path/to/ssl/cert/file', - :kombu_ssl_keyfile => '/path/to/ssl/keyfile', - :kombu_ssl_version => 'TLSv1' - ) - end - - it do - is_expected.to contain_heat_config('oslo_messaging_rabbit/rabbit_use_ssl').with_value('true') - is_expected.to contain_heat_config('oslo_messaging_rabbit/kombu_ssl_ca_certs').with_value('/path/to/ssl/ca/certs') - is_expected.to contain_heat_config('oslo_messaging_rabbit/kombu_ssl_certfile').with_value('/path/to/ssl/cert/file') - is_expected.to contain_heat_config('oslo_messaging_rabbit/kombu_ssl_keyfile').with_value('/path/to/ssl/keyfile') - is_expected.to contain_heat_config('oslo_messaging_rabbit/kombu_ssl_version').with_value('TLSv1') - end - end - - shared_examples_for 'with SSL enabled without kombu' do - before do - params.merge!( - :rabbit_use_ssl => true - ) - end - - it do - is_expected.to contain_heat_config('oslo_messaging_rabbit/rabbit_use_ssl').with_value('true') - is_expected.to contain_heat_config('oslo_messaging_rabbit/kombu_ssl_ca_certs').with_value('') - is_expected.to contain_heat_config('oslo_messaging_rabbit/kombu_ssl_certfile').with_value('') - is_expected.to contain_heat_config('oslo_messaging_rabbit/kombu_ssl_keyfile').with_value('') - is_expected.to contain_heat_config('oslo_messaging_rabbit/kombu_ssl_version').with_value('') - end - end - - shared_examples_for 'with SSL disabled' do - before do - params.merge!( - :rabbit_use_ssl => false, - ) - end - - it do - is_expected.to contain_heat_config('oslo_messaging_rabbit/rabbit_use_ssl').with_value('false') - is_expected.to contain_heat_config('oslo_messaging_rabbit/kombu_ssl_ca_certs').with_value('') - is_expected.to contain_heat_config('oslo_messaging_rabbit/kombu_ssl_certfile').with_value('') - is_expected.to contain_heat_config('oslo_messaging_rabbit/kombu_ssl_keyfile').with_value('') - is_expected.to contain_heat_config('oslo_messaging_rabbit/kombu_ssl_version').with_value('') - end - end - - shared_examples_for 'with SSL wrongly configured' do - before do - params.merge!( - :rabbit_use_ssl => false - ) - end - - context 'without required parameters' do - - context 'with rabbit_use_ssl => false and kombu_ssl_ca_certs parameter' do - before { params.merge!(:kombu_ssl_ca_certs => '/path/to/ssl/ca/certs')} - it_raises 'a Puppet::Error', /The kombu_ssl_ca_certs parameter requires rabbit_use_ssl to be set to true/ - end - - context 'with rabbit_use_ssl => false and kombu_ssl_certfile parameter' do - before { params.merge!(:kombu_ssl_certfile => '/path/to/ssl/cert/file')} - it_raises 'a Puppet::Error', /The kombu_ssl_certfile parameter requires rabbit_use_ssl to be set to true/ - end - - context 'with rabbit_use_ssl => false and kombu_ssl_keyfile parameter' do - before { params.merge!(:kombu_ssl_keyfile => '/path/to/ssl/keyfile')} - it_raises 'a Puppet::Error', /The kombu_ssl_keyfile parameter requires rabbit_use_ssl to be set to true/ - end - context 'with kombu_ssl_certfile set to default and custom kombu_ssl_keyfile parameter' do - before { params.merge!( - :rabbit_use_ssl => true, - :kombu_ssl_keyfile => '/path/to/ssl/keyfile', - )} - it_raises 'a Puppet::Error', /The kombu_ssl_certfile and kombu_ssl_keyfile parameters must be used together/ - end - context 'with kombu_ssl_keyfile set to default and custom kombu_ssl_certfile parameter' do - before { params.merge!( - :rabbit_use_ssl => true, - :kombu_ssl_certfile => '/path/to/ssl/cert/file', - )} - it_raises 'a Puppet::Error', /The kombu_ssl_certfile and kombu_ssl_keyfile parameters must be used together/ - end - end - - end - - shared_examples_for 'with ec2authtoken auth uri set' do - before do - params.merge!( - :keystone_ec2_uri => 'http://1.2.3.4:35357/v2.0/ec2tokens' - ) - end - - it do - is_expected.to contain_heat_config('ec2authtoken/auth_uri').with_value('http://1.2.3.4:35357/v2.0/ec2tokens') - end - end - - shared_examples_for 'with region_name set' do - before do - params.merge!( - :region_name => "East", - ) - end - - it 'has region_name set when specified' do - is_expected.to contain_heat_config('DEFAULT/region_name_for_services').with_value('East') - end - end - - shared_examples_for 'without region_name set' do - it 'doesnt have region_name set by default' do - is_expected.to contain_heat_config('DEFAULT/region_name_for_services').with_value('') - end - end - - shared_examples_for "with default auth method" do - it 'configures auth_uri, identity_uri, admin_tenant_name, admin_user, admin_password' do - is_expected.to contain_heat_config('keystone_authtoken/auth_uri').with_value("http://127.0.0.1:5000/") - is_expected.to contain_heat_config('keystone_authtoken/identity_uri').with_value("http://127.0.0.1:35357/") - is_expected.to contain_heat_config('keystone_authtoken/admin_tenant_name').with_value("services") - is_expected.to contain_heat_config('keystone_authtoken/admin_user').with_value("heat") - is_expected.to contain_heat_config('keystone_authtoken/admin_password').with_secret( true ) - end - end - - shared_examples_for "with auth_plugin" do - before do - params.merge!({ - :auth_plugin => 'password', - }) - end - it 'configures ' do - is_expected.to contain_heat_config('keystone_authtoken/auth_plugin').with_value("password") - is_expected.to contain_heat_config('keystone_authtoken/auth_url').with_value("http://127.0.0.1:35357/") - is_expected.to contain_heat_config('keystone_authtoken/username').with_value("heat") - is_expected.to contain_heat_config('keystone_authtoken/password').with_secret( true ) - is_expected.to contain_heat_config('keystone_authtoken/project_name').with_value("services") - is_expected.to contain_heat_config('keystone_authtoken/user_domain_id').with_value('default') - is_expected.to contain_heat_config('keystone_authtoken/project_domain_id').with_value('default') - end - end - - shared_examples_for "with custom keystone project_domain_id and user_domain_id" do - before do - params.merge!({ - :keystone_project_domain_id => 'domain1', - :keystone_user_domain_id => 'domain1', - }) - end - it 'configures project_domain_id and user_domain_id' do - is_expected.to contain_heat_config('trustee/project_domain_id').with_value("domain1"); - is_expected.to contain_heat_config('trustee/user_domain_id').with_value("domain1"); - end - end - - shared_examples_for 'with instance_user set to a string' do - before do - params.merge!( - :instance_user => "fred", - ) - end - - it 'has instance_user set when specified' do - is_expected.to contain_heat_config('DEFAULT/instance_user').with_value('fred') - end - end - - shared_examples_for 'with instance_user set to an empty string' do - before do - params.merge!( - :instance_user => "", - ) - end - - it 'has instance_user set to an empty string when specified' do - is_expected.to contain_heat_config('DEFAULT/instance_user').with_value('') - end - end - - shared_examples_for 'without instance_user set' do - it 'doesnt have instance_user set by default' do - is_expected.to contain_heat_config('DEFAULT/instance_user').with_enure('absent') - end - end - - shared_examples_for "with enable_stack_adopt and enable_stack_abandon set" do - before do - params.merge!({ - :enable_stack_adopt => true, - :enable_stack_abandon => true, - }) - end - it 'sets enable_stack_adopt and enable_stack_abandon' do - is_expected.to contain_heat_config('DEFAULT/enable_stack_adopt').with_value(true); - is_expected.to contain_heat_config('DEFAULT/enable_stack_abandon').with_value(true); - end - end - - shared_examples_for 'with notification_driver set to a string' do - before do - params.merge!( - :notification_driver => 'bar.foo.rpc_notifier', - ) - end - - it 'has notification_driver set when specified' do - is_expected.to contain_heat_config('DEFAULT/notification_driver').with_value('bar.foo.rpc_notifier') - end - end - - context 'on Debian platforms' do - let :facts do - @default_facts.merge({ - :osfamily => 'Debian', - }) - end - - let :platform_params do - { :common_package_name => 'heat-common' } - end - - it_configures 'heat' - end - - context 'on RedHat platforms' do - let :facts do - @default_facts.merge({ - :osfamily => 'RedHat', - }) - end - - let :platform_params do - { :common_package_name => 'openstack-heat-common' } - end - - it_configures 'heat' - end -end diff --git a/heat/spec/classes/heat_keystone_auth_cfn_spec.rb b/heat/spec/classes/heat_keystone_auth_cfn_spec.rb deleted file mode 100644 index 80af096eb..000000000 --- a/heat/spec/classes/heat_keystone_auth_cfn_spec.rb +++ /dev/null @@ -1,166 +0,0 @@ -require 'spec_helper' - -describe 'heat::keystone::auth_cfn' do - - let :params do - {:password => 'heat-passw0rd'} - end - - shared_examples_for 'heat keystone auth' do - - context 'without the required password parameter' do - before { params.delete(:password) } - it { expect { is_expected.to raise_error(Puppet::Error) } } - end - - context 'when overriding parameters' do - before do - params.merge!({ - :email => 'heat-cfn@localhost', - :auth_name => 'heat-cfn', - :configure_endpoint => true, - :configure_service => true, - :service_type => 'cloudformation', - :region => 'RegionOne', - :tenant => 'services', - :public_url => 'http://10.0.0.10:8000/v1', - :admin_url => 'http://10.0.0.11:8000/v1', - :internal_url => 'http://10.0.0.12:8000/v1', - }) - end - - it 'configures heat user' do - is_expected.to contain_keystone_user( params[:auth_name] ).with( - :ensure => 'present', - :password => params[:password], - :email => params[:email], - ) - end - - it 'configures heat user roles' do - is_expected.to contain_keystone_user_role("#{params[:auth_name]}@#{params[:tenant]}").with( - :ensure => 'present', - :roles => ['admin'] - ) - end - - it 'configures heat service' do - is_expected.to contain_keystone_service("#{params[:auth_name]}::#{params[:service_type]}").with( - :ensure => 'present', - :description => 'Openstack Cloudformation Service' - ) - end - - it 'configure heat endpoints' do - is_expected.to contain_keystone_endpoint("#{params[:region]}/#{params[:auth_name]}::#{params[:service_type]}").with( - :ensure => 'present', - :public_url => params[:public_url], - :admin_url => params[:admin_url], - :internal_url => params[:internal_url] - ) - end - - context 'with service disabled' do - before do - params.merge!({ - :configure_service => false - }) - end - it { is_expected.to_not contain_keystone_service("#{params[:auth_name]}::#{params[:service_type]}") } - end - end - - context 'with deprecated endpoint parameters' do - before do - params.merge!({ - :public_protocol => 'https', - :public_address => '10.10.10.10', - :port => '81', - :version => 'v2', - :internal_protocol => 'http', - :internal_address => '10.10.10.11', - :admin_protocol => 'http', - :admin_address => '10.10.10.12' - }) - end - - it { is_expected.to contain_keystone_endpoint('RegionOne/heat-cfn::cloudformation').with( - :ensure => 'present', - :public_url => "#{params[:public_protocol]}://#{params[:public_address]}:#{params[:port]}/#{params[:version]}", - :admin_url => "#{params[:admin_protocol]}://#{params[:admin_address]}:#{params[:port]}/#{params[:version]}", - :internal_url => "#{params[:internal_protocol]}://#{params[:internal_address]}:#{params[:port]}/#{params[:version]}" - ) } - end - - context 'when overriding service name' do - before do - params.merge!({ - :service_name => 'heat-cfn_service' - }) - end - it 'configures correct user name' do - is_expected.to contain_keystone_user('heat-cfn') - end - it 'configures correct user role' do - is_expected.to contain_keystone_user_role('heat-cfn@services') - end - it 'configures correct service name' do - is_expected.to contain_keystone_service('heat-cfn_service::cloudformation') - end - it 'configures correct endpoint name' do - is_expected.to contain_keystone_endpoint('RegionOne/heat-cfn_service::cloudformation') - end - end - - context 'when disabling user configuration' do - before do - params.merge!( :configure_user => false ) - end - - it { is_expected.to_not contain_keystone_user('heat_cfn') } - it { is_expected.to contain_keystone_user_role('heat-cfn@services') } - - it { is_expected.to contain_keystone_service('heat-cfn::cloudformation').with( - :ensure => 'present', - :description => 'Openstack Cloudformation Service' - )} - end - - context 'when disabling user and role configuration' do - before do - params.merge!( - :configure_user => false, - :configure_user_role => false - ) - end - - it { is_expected.to_not contain_keystone_user('heat_cfn') } - it { is_expected.to_not contain_keystone_user_role('heat-cfn@services') } - - it { is_expected.to contain_keystone_service('heat-cfn::cloudformation').with( - :ensure => 'present', - :description => 'Openstack Cloudformation Service' - )} - end - end - - context 'on Debian platforms' do - let :facts do - @default_facts.merge({ - :osfamily => 'Debian', - }) - end - - it_configures 'heat keystone auth' - end - - context 'on RedHat platforms' do - let :facts do - @default_facts.merge({ - :osfamily => 'RedHat', - }) - end - - it_configures 'heat keystone auth' - end -end diff --git a/heat/spec/classes/heat_keystone_auth_spec.rb b/heat/spec/classes/heat_keystone_auth_spec.rb deleted file mode 100644 index 84e1a5f49..000000000 --- a/heat/spec/classes/heat_keystone_auth_spec.rb +++ /dev/null @@ -1,200 +0,0 @@ -require 'spec_helper' - -describe 'heat::keystone::auth' do - - let :params do - {:password => 'heat-passw0rd'} - end - - shared_examples_for 'heat keystone auth' do - - context 'without the required password parameter' do - before { params.delete(:password) } - it { expect { is_expected.to raise_error(Puppet::Error) } } - end - - context 'with service disabled' do - before do - params.merge!({:configure_service => false}) - end - it { is_expected.to_not contain_keystone_service('heat::orchestration') } - end - - context 'with overridden parameters' do - before do - params.merge!({ - :password => 'heat-passw0rd', - :email => 'heat@localhost', - :auth_name => 'heat', - :configure_endpoint => true, - :service_type => 'orchestration', - :region => 'RegionOne', - :tenant => 'services', - :configure_user_role => true, - :public_url => 'http://127.0.0.1:8004/v1/%(tenant_id)s', - :admin_url => 'http://127.0.0.1:8004/v1/%(tenant_id)s', - :internal_url => 'http://127.0.0.1:8004/v1/%(tenant_id)s', - :configure_delegated_roles => false, - :heat_stack_user_role => 'HeatUser::foobaz@::foobaz', - }) - end - - it 'configures heat user' do - is_expected.to contain_keystone_user( params[:auth_name] ).with( - :ensure => 'present', - :password => params[:password], - :email => params[:email], - ) - end - - it 'configures heat user roles' do - is_expected.to contain_keystone_user_role("#{params[:auth_name]}@#{params[:tenant]}").with( - :ensure => 'present', - :roles => ['admin'] - ) - end - - it 'configures heat stack_user role' do - is_expected.to contain_keystone_role("HeatUser::foobaz@::foobaz").with( - :ensure => 'present' - ) - end - - it 'configures heat service' do - is_expected.to contain_keystone_service("#{params[:auth_name]}::#{params[:service_type]}").with( - :ensure => 'present', - :description => 'Openstack Orchestration Service' - ) - end - - it 'configure heat endpoints' do - is_expected.to contain_keystone_endpoint("#{params[:region]}/#{params[:auth_name]}::#{params[:service_type]}").with( - :ensure => 'present', - :public_url => params[:public_url], - :admin_url => params[:admin_url], - :internal_url => params[:internal_url] - ) - end - end - - context 'with deprecated endpoint parameters' do - before do - params.merge!({ - :public_protocol => 'https', - :public_address => '10.10.10.10', - :port => '81', - :version => 'v2', - :internal_protocol => 'http', - :internal_address => '10.10.10.11', - :admin_protocol => 'http', - :admin_address => '10.10.10.12' - }) - end - - it { is_expected.to contain_keystone_endpoint('RegionOne/heat::orchestration').with( - :ensure => 'present', - :public_url => "#{params[:public_protocol]}://#{params[:public_address]}:#{params[:port]}/#{params[:version]}/%(tenant_id)s", - :admin_url => "#{params[:admin_protocol]}://#{params[:admin_address]}:#{params[:port]}/#{params[:version]}/%(tenant_id)s", - :internal_url => "#{params[:internal_protocol]}://#{params[:internal_address]}:#{params[:port]}/#{params[:version]}/%(tenant_id)s" - ) } - end - - context 'when overriding service name' do - before do - params.merge!({ - :service_name => 'heat_service' - }) - end - it 'configures correct user name' do - is_expected.to contain_keystone_user('heat') - end - it 'configures correct user role' do - is_expected.to contain_keystone_user_role('heat@services') - end - it 'configures correct service name' do - is_expected.to contain_keystone_service('heat_service::orchestration') - end - it 'configures correct endpoint name' do - is_expected.to contain_keystone_endpoint('RegionOne/heat_service::orchestration') - end - end - - context 'when disabling user configuration' do - before do - params.merge!( :configure_user => false ) - end - - it { is_expected.to_not contain_keystone_user('heat') } - it { is_expected.to contain_keystone_user_role('heat@services') } - - it { is_expected.to contain_keystone_service('heat::orchestration').with( - :ensure => 'present', - :description => 'Openstack Orchestration Service' - )} - end - - context 'when disabling user and role configuration' do - before do - params.merge!( - :configure_user => false, - :configure_user_role => false - ) - end - - it { is_expected.to_not contain_keystone_user('heat') } - it { is_expected.to_not contain_keystone_user_role('heat@services') } - - it { is_expected.to contain_keystone_service('heat::orchestration').with( - :ensure => 'present', - :description => 'Openstack Orchestration Service' - )} - end - - context 'when configuring delegated roles' do - before do - params.merge!({ - :configure_delegated_roles => true, - }) - end - it 'configures delegated roles' do - is_expected.to contain_keystone_role("heat_stack_owner").with( - :ensure => 'present' - ) - end - end - - context 'when not managing heat_stack_user_role' do - before do - params.merge!({ - :heat_stack_user_role => 'HeatUser::foobaz@::foobaz', - :manage_heat_stack_user_role => false - }) - end - - it 'doesnt manage the heat_stack_user_role' do - is_expected.to_not contain_keystone_user_role(params[:heat_stack_user_role]) - end - end - - end - - context 'on Debian platforms' do - let :facts do - @default_facts.merge({ - :osfamily => 'Debian', - }) - end - - it_configures 'heat keystone auth' - end - - context 'on RedHat platforms' do - let :facts do - @default_facts.merge({ - :osfamily => 'RedHat', - }) - end - - it_configures 'heat keystone auth' - end -end diff --git a/heat/spec/classes/heat_keystone_domain_spec.rb b/heat/spec/classes/heat_keystone_domain_spec.rb deleted file mode 100644 index c5e20658a..000000000 --- a/heat/spec/classes/heat_keystone_domain_spec.rb +++ /dev/null @@ -1,90 +0,0 @@ -require 'spec_helper' - -describe 'heat::keystone::domain' do - - let :params do { - :domain_name => 'heat', - :domain_admin => 'heat_admin', - :domain_admin_email => 'heat_admin@localhost', - :domain_password => 'domain_passwd' - } - end - - shared_examples_for 'heat keystone domain' do - it 'configure heat.conf' do - is_expected.to contain_heat_config('DEFAULT/stack_domain_admin').with_value(params[:domain_admin]) - is_expected.to contain_heat_config('DEFAULT/stack_domain_admin_password').with_value(params[:domain_password]) - is_expected.to contain_heat_config('DEFAULT/stack_domain_admin_password').with_secret(true) - is_expected.to contain_heat_config('DEFAULT/stack_user_domain_name').with_value(params[:domain_name]) - end - - it 'should create keystone domain' do - is_expected.to contain_keystone_domain(params[:domain_name]).with( - :ensure => 'present', - :enabled => 'true', - :name => params[:domain_name] - ) - - is_expected.to contain_keystone_user("#{params[:domain_admin]}::#{params[:domain_name]}").with( - :ensure => 'present', - :enabled => 'true', - :email => params[:domain_admin_email], - :password => params[:domain_password], - ) - is_expected.to contain_keystone_user_role("#{params[:domain_admin]}::#{params[:domain_name]}@::#{params[:domain_name]}").with( - :roles => ['admin'], - ) - end - - context 'when not managing the domain creation' do - before do - params.merge!( - :manage_domain => false - ) - end - - it { is_expected.to_not contain_keystone_domain('heat_domain') } - end - - context 'when not managing the user creation' do - before do - params.merge!( - :manage_user => false - ) - end - - it { is_expected.to_not contain_keystone_user("#{params[:domain_admin]}::#{params[:domain_name]}") } - end - - context 'when not managing the user role creation' do - before do - params.merge!( - :manage_role => false - ) - end - - it { is_expected.to_not contain_keystone_user_role("#{params[:domain_admin]}::#{params[:domain_name]}@::#{params[:domain_name]}") } - end - end - - - context 'on Debian platforms' do - let :facts do - @default_facts.merge({ - :osfamily => 'Debian', - }) - end - - it_configures 'heat keystone domain' - end - - context 'on RedHat platforms' do - let :facts do - @default_facts.merge({ - :osfamily => 'RedHat', - }) - end - - it_configures 'heat keystone domain' - end -end diff --git a/heat/spec/classes/heat_logging_spec.rb b/heat/spec/classes/heat_logging_spec.rb deleted file mode 100644 index b448c4285..000000000 --- a/heat/spec/classes/heat_logging_spec.rb +++ /dev/null @@ -1,147 +0,0 @@ -require 'spec_helper' - -describe 'heat::logging' do - - let :params do - { - } - end - - let :log_params do - { - :logging_context_format_string => '%(asctime)s.%(msecs)03d %(process)d %(levelname)s %(name)s [%(request_id)s %(user_identity)s] %(instance)s%(message)s', - :logging_default_format_string => '%(asctime)s.%(msecs)03d %(process)d %(levelname)s %(name)s [-] %(instance)s%(message)s', - :logging_debug_format_suffix => '%(funcName)s %(pathname)s:%(lineno)d', - :logging_exception_prefix => '%(asctime)s.%(msecs)03d %(process)d TRACE %(name)s %(instance)s', - :log_config_append => '/etc/heat/logging.conf', - :publish_errors => true, - :default_log_levels => { - 'amqp' => 'WARN', 'amqplib' => 'WARN', 'boto' => 'WARN', - 'qpid' => 'WARN', 'sqlalchemy' => 'WARN', 'suds' => 'INFO', - 'iso8601' => 'WARN', - 'requests.packages.urllib3.connectionpool' => 'WARN' }, - :fatal_deprecations => true, - :instance_format => '[instance: %(uuid)s] ', - :instance_uuid_format => '[instance: %(uuid)s] ', - :log_date_format => '%Y-%m-%d %H:%M:%S', - :use_syslog => true, - :use_stderr => false, - :log_facility => 'LOG_FOO', - :log_dir => '/var/log', - :verbose => true, - :debug => true, - } - end - - shared_examples_for 'heat-logging' do - - context 'with basic logging options and default settings' do - it_configures 'basic default logging settings' - end - - context 'with basic logging options and non-default settings' do - before { params.merge!( log_params ) } - it_configures 'basic non-default logging settings' - end - - context 'with extended logging options' do - before { params.merge!( log_params ) } - it_configures 'logging params set' - end - - context 'without extended logging options' do - it_configures 'logging params unset' - end - - end - - shared_examples 'basic default logging settings' do - it 'configures heat logging settins with default values' do - is_expected.to contain_heat_config('DEFAULT/use_syslog').with(:value => '') - is_expected.to contain_heat_config('DEFAULT/use_stderr').with(:value => '') - is_expected.to contain_heat_config('DEFAULT/log_dir').with(:value => '/var/log/heat') - is_expected.to contain_heat_config('DEFAULT/verbose').with(:value => '') - is_expected.to contain_heat_config('DEFAULT/debug').with(:value => '') - end - end - - shared_examples 'basic non-default logging settings' do - it 'configures heat logging settins with non-default values' do - is_expected.to contain_heat_config('DEFAULT/use_syslog').with(:value => 'true') - is_expected.to contain_heat_config('DEFAULT/use_stderr').with(:value => 'false') - is_expected.to contain_heat_config('DEFAULT/syslog_log_facility').with(:value => 'LOG_FOO') - is_expected.to contain_heat_config('DEFAULT/log_dir').with(:value => '/var/log') - is_expected.to contain_heat_config('DEFAULT/verbose').with(:value => 'true') - is_expected.to contain_heat_config('DEFAULT/debug').with(:value => 'true') - end - end - - shared_examples_for 'logging params set' do - it 'enables logging params' do - is_expected.to contain_heat_config('DEFAULT/logging_context_format_string').with_value( - '%(asctime)s.%(msecs)03d %(process)d %(levelname)s %(name)s [%(request_id)s %(user_identity)s] %(instance)s%(message)s') - - is_expected.to contain_heat_config('DEFAULT/logging_default_format_string').with_value( - '%(asctime)s.%(msecs)03d %(process)d %(levelname)s %(name)s [-] %(instance)s%(message)s') - - is_expected.to contain_heat_config('DEFAULT/logging_debug_format_suffix').with_value( - '%(funcName)s %(pathname)s:%(lineno)d') - - is_expected.to contain_heat_config('DEFAULT/logging_exception_prefix').with_value( - '%(asctime)s.%(msecs)03d %(process)d TRACE %(name)s %(instance)s') - - is_expected.to contain_heat_config('DEFAULT/log_config_append').with_value( - '/etc/heat/logging.conf') - is_expected.to contain_heat_config('DEFAULT/publish_errors').with_value( - true) - - is_expected.to contain_heat_config('DEFAULT/default_log_levels').with_value( - 'amqp=WARN,amqplib=WARN,boto=WARN,iso8601=WARN,qpid=WARN,requests.packages.urllib3.connectionpool=WARN,sqlalchemy=WARN,suds=INFO') - - is_expected.to contain_heat_config('DEFAULT/fatal_deprecations').with_value( - true) - - is_expected.to contain_heat_config('DEFAULT/instance_format').with_value( - '[instance: %(uuid)s] ') - - is_expected.to contain_heat_config('DEFAULT/instance_uuid_format').with_value( - '[instance: %(uuid)s] ') - - is_expected.to contain_heat_config('DEFAULT/log_date_format').with_value( - '%Y-%m-%d %H:%M:%S') - end - end - - - shared_examples_for 'logging params unset' do - [ :logging_context_format_string, :logging_default_format_string, - :logging_debug_format_suffix, :logging_exception_prefix, - :log_config_append, :publish_errors, - :default_log_levels, :fatal_deprecations, - :instance_format, :instance_uuid_format, - :log_date_format, ].each { |param| - it { is_expected.to contain_heat_config("DEFAULT/#{param}").with_value('') } - } - end - - context 'on Debian platforms' do - let :facts do - @default_facts.merge({ - :osfamily => 'Debian', - }) - end - - it_configures 'heat-logging' - end - - context 'on RedHat platforms' do - let :facts do - @default_facts.merge({ - :osfamily => 'RedHat', - }) - end - - it_configures 'heat-logging' - end - -end diff --git a/heat/spec/classes/heat_policy_spec.rb b/heat/spec/classes/heat_policy_spec.rb deleted file mode 100644 index 65cc321d4..000000000 --- a/heat/spec/classes/heat_policy_spec.rb +++ /dev/null @@ -1,45 +0,0 @@ -require 'spec_helper' - -describe 'heat::policy' do - - shared_examples_for 'heat policies' do - let :params do - { - :policy_path => '/etc/heat/policy.json', - :policies => { - 'context_is_admin' => { - 'key' => 'context_is_admin', - 'value' => 'foo:bar' - } - } - } - end - - it 'set up the policies' do - is_expected.to contain_openstacklib__policy__base('context_is_admin').with({ - :key => 'context_is_admin', - :value => 'foo:bar' - }) - end - end - - context 'on Debian platforms' do - let :facts do - @default_facts.merge({ - :osfamily => 'Debian', - }) - end - - it_configures 'heat policies' - end - - context 'on RedHat platforms' do - let :facts do - @default_facts.merge({ - :osfamily => 'RedHat', - }) - end - - it_configures 'heat policies' - end -end diff --git a/heat/spec/shared_examples.rb b/heat/spec/shared_examples.rb deleted file mode 100644 index fec0eacc9..000000000 --- a/heat/spec/shared_examples.rb +++ /dev/null @@ -1,5 +0,0 @@ -shared_examples_for "a Puppet::Error" do |description| - it "with message matching #{description.inspect}" do - expect { is_expected.to have_class_count(1) }.to raise_error(Puppet::Error, description) - end -end diff --git a/heat/spec/spec_helper.rb b/heat/spec/spec_helper.rb deleted file mode 100644 index be3811cf2..000000000 --- a/heat/spec/spec_helper.rb +++ /dev/null @@ -1,18 +0,0 @@ -require 'puppetlabs_spec_helper/module_spec_helper' -require 'shared_examples' - -require 'puppet-openstack_spec_helper/defaults' -require 'rspec-puppet-facts' -include RspecPuppetFacts - -RSpec.configure do |c| - c.alias_it_should_behave_like_to :it_configures, 'configures' - c.alias_it_should_behave_like_to :it_raises, 'raises' - # TODO(aschultz): remove this after all tests converted to use OSDefaults - # instead of referencing @default_facts - c.before :each do - @default_facts = OSDefaults.get_facts - end -end - -at_exit { RSpec::Puppet::Coverage.report! } diff --git a/heat/spec/spec_helper_acceptance.rb b/heat/spec/spec_helper_acceptance.rb deleted file mode 100644 index 9196bc99b..000000000 --- a/heat/spec/spec_helper_acceptance.rb +++ /dev/null @@ -1 +0,0 @@ -require 'puppet-openstack_spec_helper/beaker_spec_helper' diff --git a/heat/spec/unit/provider/heat_api_paste_ini/ini_setting_spec.rb b/heat/spec/unit/provider/heat_api_paste_ini/ini_setting_spec.rb deleted file mode 100644 index 04e29f4c1..000000000 --- a/heat/spec/unit/provider/heat_api_paste_ini/ini_setting_spec.rb +++ /dev/null @@ -1,29 +0,0 @@ -# -# these tests are a little concerning b/c they are hacking around the -# modulepath, so these tests will not catch issues that may eventually arise -# related to loading these plugins. -# I could not, for the life of me, figure out how to programatcally set the modulepath -$LOAD_PATH.push( - File.join( - File.dirname(__FILE__), - '..', - '..', - '..', - 'fixtures', - 'modules', - 'inifile', - 'lib') -) -require 'spec_helper' -provider_class = Puppet::Type.type(:heat_api_paste_ini).provider(:ini_setting) -describe provider_class do - - it 'should allow setting to be set explicitly' do - resource = Puppet::Type::Heat_api_paste_ini.new( - {:name => 'dude/foo', :value => 'bar'} - ) - provider = provider_class.new(resource) - expect(provider.section).to eq('dude') - expect(provider.setting).to eq('foo') - end -end diff --git a/heat/spec/unit/provider/heat_config/ini_setting_spec.rb b/heat/spec/unit/provider/heat_config/ini_setting_spec.rb deleted file mode 100644 index d011d3cbf..000000000 --- a/heat/spec/unit/provider/heat_config/ini_setting_spec.rb +++ /dev/null @@ -1,71 +0,0 @@ -$LOAD_PATH.push( - File.join( - File.dirname(__FILE__), - '..', - '..', - '..', - 'fixtures', - 'modules', - 'inifile', - 'lib') -) -$LOAD_PATH.push( - File.join( - File.dirname(__FILE__), - '..', - '..', - '..', - 'fixtures', - 'modules', - 'openstacklib', - 'lib') -) - -require 'spec_helper' - -provider_class = Puppet::Type.type(:heat_config).provider(:ini_setting) - -describe provider_class do - - it 'should default to the default setting when no other one is specified' do - resource = Puppet::Type::Heat_config.new( - { - :name => 'DEFAULT/foo', - :value => 'bar' - } - ) - provider = provider_class.new(resource) - expect(provider.section).to eq('DEFAULT') - expect(provider.setting).to eq('foo') - end - - it 'should allow setting to be set explicitly' do - resource = Puppet::Type::Heat_config.new( - { - :name => 'dude/foo', - :value => 'bar' - } - ) - provider = provider_class.new(resource) - expect(provider.section).to eq('dude') - expect(provider.setting).to eq('foo') - end - - it 'should ensure absent when is specified as a value' do - resource = Puppet::Type::Heat_config.new( - {:name => 'dude/foo', :value => ''} - ) - provider = provider_class.new(resource) - provider.exists? - expect(resource[:ensure]).to eq :absent - end - - it 'should ensure absent when value matches ensure_absent_val' do - resource = Puppet::Type::Heat_config.new( - {:name => 'dude/foo', :value => 'foo', :ensure_absent_val => 'foo' } - ) - provider = provider_class.new(resource) - provider.exists? - expect(resource[:ensure]).to eq :absent - end -end diff --git a/heat/spec/unit/type/heat_api_paste_ini_spec.rb b/heat/spec/unit/type/heat_api_paste_ini_spec.rb deleted file mode 100644 index 5f7aaafad..000000000 --- a/heat/spec/unit/type/heat_api_paste_ini_spec.rb +++ /dev/null @@ -1,34 +0,0 @@ -require 'spec_helper' -# this hack is required for now to ensure that the path is set up correctly -# to retrive the parent provider -$LOAD_PATH.push( - File.join( - File.dirname(__FILE__), - '..', - '..', - 'fixtures', - 'modules', - 'inifile', - 'lib') -) -require 'puppet/type/heat_api_paste_ini' -describe 'Puppet::Type.type(:heat_api_paste_ini)' do - before :each do - @heat_api_paste_ini = Puppet::Type.type(:heat_api_paste_ini).new(:name => 'DEFAULT/foo', :value => 'bar') - end - it 'should accept a valid value' do - @heat_api_paste_ini[:value] = 'bar' - expect(@heat_api_paste_ini[:value]).to eq('bar') - end - - it 'should autorequire the package that install the file' do - catalog = Puppet::Resource::Catalog.new - package = Puppet::Type.type(:package).new(:name => 'heat-common') - catalog.add_resource package, @heat_api_paste_ini - dependency = @heat_api_paste_ini.autorequire - expect(dependency.size).to eq(1) - expect(dependency[0].target).to eq(@heat_api_paste_ini) - expect(dependency[0].source).to eq(package) - end - -end diff --git a/heat/spec/unit/type/heat_config_spec.rb b/heat/spec/unit/type/heat_config_spec.rb deleted file mode 100644 index 8c7677fcf..000000000 --- a/heat/spec/unit/type/heat_config_spec.rb +++ /dev/null @@ -1,20 +0,0 @@ -require 'puppet' -require 'puppet/type/heat_config' - -describe 'Puppet::Type.type(:heat_config)' do - before :each do - @heat_config = Puppet::Type.type(:heat_config).new(:name => 'DEFAULT/foo', :value => 'bar') - end - - - it 'should autorequire the package that install the file' do - catalog = Puppet::Resource::Catalog.new - package = Puppet::Type.type(:package).new(:name => 'heat-common') - catalog.add_resource package, @heat_config - dependency = @heat_config.autorequire - expect(dependency.size).to eq(1) - expect(dependency[0].target).to eq(@heat_config) - expect(dependency[0].source).to eq(package) - end - -end diff --git a/heat/test-requirements.txt b/heat/test-requirements.txt deleted file mode 100644 index bedd66690..000000000 --- a/heat/test-requirements.txt +++ /dev/null @@ -1,4 +0,0 @@ -# this is required for the docs build jobs -sphinx!=1.2.0,!=1.3b1,<1.3,>=1.1.2 -oslosphinx>=2.5.0 # Apache-2.0 -reno>=0.1.1 # Apache-2.0 diff --git a/heat/tox.ini b/heat/tox.ini deleted file mode 100644 index aea06c84f..000000000 --- a/heat/tox.ini +++ /dev/null @@ -1,8 +0,0 @@ -[tox] -minversion = 1.6 -skipsdist = True -envlist = releasenotes - -[testenv:releasenotes] -deps = -rtest-requirements.txt -commands = sphinx-build -a -E -W -d releasenotes/build/doctrees -b html releasenotes/source releasenotes/build/html diff --git a/horizon/.gitignore b/horizon/.gitignore deleted file mode 100644 index 61092bdaf..000000000 --- a/horizon/.gitignore +++ /dev/null @@ -1,15 +0,0 @@ -pkg/ -Gemfile.lock -vendor/ -spec/fixtures/ -.vagrant/ -.bundle/ -coverage/ -.idea/ -*.swp -*.iml -openstack/ - -# Files created by releasenotes build -releasenotes/build -.tox diff --git a/horizon/.gitreview b/horizon/.gitreview deleted file mode 100644 index b5f52ac1a..000000000 --- a/horizon/.gitreview +++ /dev/null @@ -1,5 +0,0 @@ -[gerrit] -host=review.openstack.org -port=29418 -project=openstack/puppet-horizon.git -defaultbranch=stable/mitaka diff --git a/horizon/.sync.yml b/horizon/.sync.yml deleted file mode 100644 index 66a03c649..000000000 --- a/horizon/.sync.yml +++ /dev/null @@ -1,3 +0,0 @@ ---- -spec/spec_helper.rb: - unmanaged: true diff --git a/horizon/CHANGELOG.md b/horizon/CHANGELOG.md deleted file mode 100644 index 0dea6570a..000000000 --- a/horizon/CHANGELOG.md +++ /dev/null @@ -1,220 +0,0 @@ -## 8.0.0 and beyond - -From 8.0.0 release and beyond, release notes are published on -[docs.openstack.org](http://docs.openstack.org/releasenotes/puppet-horizon/). - -##2015-11-25 - 7.0.0 -###Summary - -This is a backwards-incompatible major release for OpenStack Liberty. - -####Backwards-incompatible changes - -####Features -- allow Orchestration of Image Backend -- add new parameters for multidomain support -- add api_versions parameter -- remove hardcoded 'neutron_options' list -- remove hardcoded 'cinder_options' list -- remove hardcoded 'hypervisor_options' list -- add ssl_no_verify parameter -- make redirect type configurable -- add CUSTOM_THEME_PATH variable -- add tag to package resource -- add cache_backend and cache_options params - -####Bugfixes -- do not run collectstatic or compress in Debian -- remove duplicate key for ':servername' - -####Maintenance -- acceptance: enable debug & verbosity for OpenStack logs -- initial msync run for all Puppet OpenStack modules -- try to use zuul-cloner to prepare fixtures -- remove class_parameter_defaults puppet-lint check -- fix rspec 3.x syntax - -##2015-10-15 - 6.1.0 -###Summary - -This is a maintenance release in the Kilo series - -####Maintenance -- acceptance: checkout stable/kilo puppet modules - -##2015-07-08 - 6.0.0 -###Summary - -This is a backwards-incompatible major release for OpenStack Kilo. - -####Backwards-incompatible changes -- Remove some old deprecated parameters - -####Features -- Puppet 4.x support -- Sort policy files in local_settings.py -- Add support for Neutron DVR and L3 HA options -- Collect static files before compressing them -- Add support to add Tuskar-ui config to local_settings -- Add support for WEBROOT in local_settings -- Add 'log_handler' parameter - -####Maintenance -- Acceptance tests with Beaker -- Fix spec tests for RSpec 3.x and Puppet 4.x - -##2015-06-17 - 5.1.0 -###Summary - -This is a feature and bugfix release in the Juno series. - -####Features -- Add support for the configuration of OPENSTACK_CINDER_FEATURES - -####Bugfixes -- Sort policy files in local_settings.py - -####Maintenance -- spec: pin rspec-puppet to 1.0.1 -- Pin puppetlabs-concat to 1.2.1 in fixtures -- Update .gitreview file for project rename - -##2014-11-25 - 5.0.0 -###Summary - -This is a backwards-incompatible major release for OpenStack Juno. - -####Backwards-incompatible changes -- Switch the default log level to INFO from DEBUG - -####Features -- Use concat to manage local_settings.py -- Add parameters to configure policy files in horizon class -- Add parameter django_session_engine to horizon class -- Change cache_server_ip in horizon class to accept arrays - -####Bugfixes -- Fix the default value of compress_offline parameter -- Fix Apache config file default -- Stop setting wsgi_socket_prefix since the apache module takes care of it -- Add workaround for puppet's handling of undef for setting the vhost bind - address -- Fix the default MSSQL port in security group rules - -##2014-10-16 - 4.2.0 -###Summary - -This is a feature and bugfix release in the Icehouse series. - -####Features -- Add parameters to configure ALLOWED_HOSTS in settings_local.y and - ServerAlias in apache, no longer requiring these values to be the fqdn -- Add support for secure cookies - -####Bugfixes -- Fix removal of vhost conf file - -##2014-06-19 - 4.1.0 -###Summary - -####Features -- Add option to set temporary upload directory for images - -####Bugfixes -- Ensure ssl wsgi_process_group is the same as wsgi_daemon_process - -####Maintenance -- Pin major gems - -##2014-05-01 - 4.0.0 -###Summary - -This is a major release for OpenStack Icehouse but contains no API-breaking -changes. - -####Features -- Add support to pass extra parameters to vhost -- Add support to ensure online cache is present and can be refreshed -- Add support to configure OPENSTACK_HYPERVISOR_FEATURES settings, - AVAILABLE_REGIONS, OPENSTACK_NEUTRON_NETWORK -- Add support to disable configuration of Apache - -####Bugfixes -- Fix log ownership and WSGIProcess* settings for Red Hat releases -- Fix overriding of policy files in local settings -- Fix SSL bugs -- Improve WSGI configuration - -####Maintenance - -##2014-03-26 - 3.1.0 -###Summary - -This is a feature release in the Havana series. - -####Features -- Add option parameterize OPENSTACK_NEUTRON_NETWORK settings - -##2014-02-14 - 3.0.1 -###Summary - -This is a bugfix release in the Havana series. - -####Bugfixes -- Add COMPRESS_OFFLINE option to local_settings to fix broken Ubuntu - installation - -####Maintenance - -##2014-01-16 - 3.0.0 -###Summary - -This is a backwards-incompatible major release for OpenStack Havana. - -####Backwards-incompatible changes -- Update user and group for Debian family OSes -- Update policy files for RedHat family OSes -- Change keystone_default_role to _member_ - -####Features -- Enable SSL support with cert/key -- Introduce new parameters: keystone_url, help_url, endpoint type - -####Bugfixes -- Improve default logging configuration -- Fix bug to set LOGOUT_URL properly -- Fix user/group regression for Debian - -####Maintenance - -##2013-10-07 - 2.2.0 -###Summary - -This is a bugfix release in the Grizzly series. - -####Bugfixes -- Fixed apache 0.9.0 incompatability - -####Maintenance -- Various lint fixes - -##2013-08-07 - 2.1.0 -###Summary - -This is a bugfix release in the Grizzly series. - -####Bugfixes -- Update local_settings.py - -####Maintenance -- Pin Apache module version -- Various lint fixes - -##2013-06-24 - 2.0.0 -###Summary - -Initial release on StackForge. - -####Features -- httpd config now managed on every platform -- Provide option to enable Horizon's display of block device mount points diff --git a/horizon/Gemfile b/horizon/Gemfile deleted file mode 100644 index 5728ff7e7..000000000 --- a/horizon/Gemfile +++ /dev/null @@ -1,22 +0,0 @@ -source ENV['GEM_SOURCE'] || "https://rubygems.org" - -group :development, :test, :system_tests do - gem 'puppet-openstack_spec_helper', - :git => 'https://git.openstack.org/openstack/puppet-openstack_spec_helper', - :branch => 'stable/mitaka', - :require => false -end - -if facterversion = ENV['FACTER_GEM_VERSION'] - gem 'facter', facterversion, :require => false -else - gem 'facter', :require => false -end - -if puppetversion = ENV['PUPPET_GEM_VERSION'] - gem 'puppet', puppetversion, :require => false -else - gem 'puppet', :require => false -end - -# vim:ft=ruby diff --git a/horizon/LICENSE b/horizon/LICENSE deleted file mode 100644 index 88a11a0e7..000000000 --- a/horizon/LICENSE +++ /dev/null @@ -1,13 +0,0 @@ -Copyright 2012 OpenStack Foundation - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. diff --git a/horizon/README.md b/horizon/README.md deleted file mode 100644 index e0cd251e4..000000000 --- a/horizon/README.md +++ /dev/null @@ -1,93 +0,0 @@ -horizon -======= - -#### Table of Contents - -1. [Overview - What is the horizon module?](#overview) -2. [Module Description - What does the module do?](#module-description) -3. [Setup - The basics of getting started with horizon](#setup) -4. [Implementation - An under-the-hood peek at what the module is doing](#implementation) -5. [Limitations - OS compatibility, etc.](#limitations) -6. [Development - Guide for contributing to the module](#development) -7. [Contributors - Those with commits](#contributors) - -Overview --------- - -The horizon module is a part of [OpenStack](https://github.com/openstack), an effort by the OpenStack infrastructure team to provide continuous integration testing and code review for OpenStack and OpenStack community projects as part of the core software. The module its self is used to flexibly configure and manage the dashboard service for OpenStack. - -Module Description ------------------- - -The horizon module is a thorough attempt to make Puppet capable of managing the entirety of horizon. Horizon is a fairly classic django application, which results in a fairly simply Puppet module. - -This module is tested in combination with other modules needed to build and leverage an entire OpenStack software stack. - -Setup ------ - -**What the horizon module affects** - -* [Horizon](https://wiki.openstack.org/wiki/Horizon), the dashboard service for OpenStack. - -### Installing horizon - - puppet module install openstack/horizon - -### Beginning with horizon - -To utilize the horizon module's functionality you will need to declare multiple resources but you'll find that doing so is much less complicated than the other OpenStack component modules. We recommend you consult and understand the [core openstack](http://docs.openstack.org) documentation. - -**Define a horizon dashboard** - -```puppet -class { 'memcached': - listen_ip => '127.0.0.1', - tcp_port => '11211', - udp_port => '11211', -} - -class { '::horizon': - cache_server_ip => '127.0.0.1', - cache_server_port => '11211', - secret_key => '12345', - django_debug => 'True', - api_result_limit => '2000', -} -``` - -Implementation --------------- - -### horizon - -Horizon is a simple module using the combination of a package, template, and the file_line type. Most all the configuration lives inside the included local_settings template and the file_line type is for selectively inserting needed lines into configuration files that aren't explicitly managed by the horizon module. - -Limitations ------------- - -* Only supports Apache using mod_wsgi. - -Beaker-Rspec ------------- - -This module has beaker-rspec tests - -To run: - -``shell -bundle install -bundle exec rspec spec/acceptance -`` - -Development ------------ - -Developer documentation for the entire puppet-openstack project. - -* https://wiki.openstack.org/wiki/Puppet-openstack#Developer_documentation - -Contributors ------------- - -* https://github.com/openstack/puppet-horizon/graphs/contributors diff --git a/horizon/Rakefile b/horizon/Rakefile deleted file mode 100644 index 168d10814..000000000 --- a/horizon/Rakefile +++ /dev/null @@ -1 +0,0 @@ -require 'puppet-openstack_spec_helper/rake_tasks' diff --git a/horizon/lib/puppet/parser/functions/os_any2array.rb b/horizon/lib/puppet/parser/functions/os_any2array.rb deleted file mode 100644 index a3877a0bd..000000000 --- a/horizon/lib/puppet/parser/functions/os_any2array.rb +++ /dev/null @@ -1,34 +0,0 @@ -# -# os_any2array.rb -# -# TODO: Remove this function when puppetlabs-stdlib 4.0.0 is in wider use - -module Puppet::Parser::Functions - newfunction(:os_any2array, :type => :rvalue, :doc => <<-EOS -This converts any object to an array containing that object. Empty argument -lists are converted to an empty array. Arrays are left untouched. Hashes are -converted to arrays of alternating keys and values. - EOS - ) do |arguments| - - if arguments.empty? - return [] - end - - if arguments.length == 1 - if arguments[0].kind_of?(Array) - return arguments[0] - elsif arguments[0].kind_of?(Hash) - result = [] - arguments[0].each do |key, value| - result << key << value - end - return result - end - end - - return arguments - end -end - -# vim: set ts=2 sw=2 et : diff --git a/horizon/manifests/init.pp b/horizon/manifests/init.pp deleted file mode 100644 index bb6374bef..000000000 --- a/horizon/manifests/init.pp +++ /dev/null @@ -1,446 +0,0 @@ -# == Class: horizon -# -# Installs Horizon dashboard with Apache -# -# === Parameters -# -# [*secret_key*] -# (required) Secret key. This is used by Django to provide cryptographic -# signing, and should be set to a unique, unpredictable value. -# -# [*fqdn*] -# (optional) DEPRECATED, use allowed_hosts and server_aliases instead. -# FQDN(s) used to access Horizon. This is used by Django for -# security reasons. Can be set to * in environments where security is -# deemed unimportant. Also used for Server Aliases in web configs. -# Defaults to ::fqdn -# -# [*servername*] -# (optional) FQDN used for the Server Name directives -# Defaults to ::fqdn. -# -# [*allowed_hosts*] -# (optional) List of hosts which will be set as value of ALLOWED_HOSTS -# parameter in settings_local.py. This is used by Django for -# security reasons. Can be set to * in environments where security is -# deemed unimportant. -# Defaults to ::fqdn. -# -# [*server_aliases*] -# (optional) List of names which should be defined as ServerAlias directives -# in vhost.conf. -# Defaults to ::fqdn. -# -# [*package_ensure*] -# (optional) Package ensure state. Defaults to 'present'. -# -# [*cache_backend*] -# (optional) Horizon cache backend. -# Defaults: 'django.core.cache.backends.locmem.LocMemCache' -# -# [*cache_options*] -# (optional) A hash of parameters to enable specific cache options. -# Defaults to undef -# -# [*cache_server_ip*] -# (optional) Memcached IP address. Can be a string, or an array. -# Defaults to undef. -# -# [*cache_server_port*] -# (optional) Memcached port. Defaults to '11211'. -# -# [*horizon_app_links*] -# (optional) Array of arrays that can be used to add call-out links -# to the dashboard for other apps. There is no specific requirement -# for these apps to be for monitoring, that's just the defacto purpose. -# Each app is defined in two parts, the display name, and -# the URIDefaults to false. Defaults to false. (no app links) -# -# [*keystone_url*] -# (optional) Full url of keystone public endpoint. (Defaults to 'http://127.0.0.1:5000/v2.0') -# -# [*keystone_default_role*] -# (optional) Default Keystone role for new users. Defaults to '_member_'. -# -# [*django_debug*] -# (optional) Enable or disable Django debugging. Defaults to 'False'. -# -# [*openstack_endpoint_type*] -# (optional) endpoint type to use for the endpoints in the Keystone -# service catalog. Defaults to 'undef'. -# -# [*secondary_endpoint_type*] -# (optional) secondary endpoint type to use for the endpoints in the -# Keystone service catalog. Defaults to 'undef'. -# -# [*available_regions*] -# (optional) List of available regions. Value should be a list of tuple: -# [ ['urlOne', 'RegionOne'], ['urlTwo', 'RegionTwo'] ] -# Defaults to undef. -# -# [*api_result_limit*] -# (optional) Maximum number of Swift containers/objects to display -# on a single page. Defaults to 1000. -# -# [*log_handler*] -# (optional) Log handler. Defaults to 'file' -# -# [*log_level*] -# (optional) Log level. Defaults to 'INFO'. WARNING: Setting this to -# DEBUG will let plaintext passwords be logged in the Horizon log file. -# -# [*local_settings_template*] -# (optional) Location of template to use for local_settings.py generation. -# Defaults to 'horizon/local_settings.py.erb'. -# -# [*help_url*] -# (optional) Location where the documentation should point. -# Defaults to 'http://docs.openstack.org'. -# -# [*compress_offline*] -# (optional) Boolean to enable offline compress of assets. -# Defaults to True -# -# [*hypervisor_options*] -# (optional) A hash of parameters to enable features specific to -# Hypervisors. These include: -# 'can_set_mount_point': Boolean to enable or disable mount point setting -# Defaults to 'True'. -# 'can_set_password': Boolean to enable or disable VM password setting. -# Works only with Xen Hypervisor. -# Defaults to 'False'. -# -# [*cinder_options*] -# (optional) A hash of parameters to enable features specific to -# Cinder. These include: -# 'enable_backup': Boolean to enable or disable Cinders's backup feature. -# Defaults to False. -# -# [*neutron_options*] -# (optional) A hash of parameters to enable features specific to -# Neutron. These include: -# 'enable_lb': Boolean to enable or disable Neutron's LBaaS feature. -# Defaults to False. -# 'enable_firewall': Boolean to enable or disable Neutron's FWaaS feature. -# Defaults to False. -# 'enable_quotas': Boolean to enable or disable Neutron quotas. -# Defaults to True. -# 'enable_security_group': Boolean to enable or disable Neutron -# security groups. Defaults to True. -# 'enable_vpn': Boolean to enable or disable Neutron's VPNaaS feature. -# Defaults to False. -# 'enable_distributed_router': Boolean to enable or disable Neutron -# distributed virtual router (DVR) feature in the Router panel. -# Defaults to False. -# 'enable_ha_router': Enable or disable HA (High Availability) mode in -# Neutron virtual router in the Router panel. Defaults to False. -# 'profile_support': A string indiciating which plugin-specific -# profiles to enable. Defaults to 'None', other options include -# 'cisco'. -# -# [*configure_apache*] -# (optional) Configure Apache for Horizon. (Defaults to true) -# -# [*bind_address*] -# (optional) Bind address in Apache for Horizon. (Defaults to undef) -# -# [*listen_ssl*] -# (optional) Enable SSL support in Apache. (Defaults to false) -# -# [*ssl_no_verify*] -# (optionsl) Disable SSL hostname verifying. Set it if you don't have -# properly configured DNS which will resolve hostnames for SSL endpoints -# Horizon will connect to. (Defaults to false) -# -# [*ssl_redirect*] -# (optional) Whether to redirect http to https -# Defaults to True -# -# [*horizon_cert*] -# (required with listen_ssl) Certificate to use for SSL support. -# -# [*horizon_key*] -# (required with listen_ssl) Private key to use for SSL support. -# -# [*horizon_ca*] -# (required with listen_ssl) CA certificate to use for SSL support. -# -# [*vhost_extra_params*] -# (optionnal) extra parameter to pass to the apache::vhost class -# Defaults to undef -# -# [*file_upload_temp_dir*] -# (optional) Location to use for temporary storage of images uploaded -# You must ensure that the path leading to the directory is created -# already, only the last level directory is created by this manifest. -# Specify an absolute pathname. -# Defaults to /tmp -# -# [*policy_files_path*] -# (Optional) The path to the policy files -# Defaults to undef. -# -# [*policy_files*] -# (Optional) Policy files -# Defaults to undef. -# -# [*can_set_mount_point*] -# (Optional) DEPRECATED -# Defaults to 'undef'. -# -# [*secure_cookies*] -# (optional) Enables security settings for cookies. Useful when using -# https on public sites. See: http://docs.openstack.org/developer/horizon/topics/deployment.html#secure-site-recommendations -# Defaults to false -# -# [*django_session_engine*] -# (optional) Selects the session engine for Django to use. -# Defaults to undef - will not add entry to local settings. -# -# [*tuskar_ui*] -# (optional) Boolean to enable Tuskar-UI related configuration (http://tuskar-ui.readthedocs.org/) -# Defaults to false -# -# [*tuskar_ui_ironic_discoverd_url*] -# (optional) Tuskar-UI - Ironic Discoverd API endpoint -# Defaults to 'http://127.0.0.1:5050' -# -# [*tuskar_ui_undercloud_admin_password*] -# (optional) Tuskar-UI - Undercloud admin password used to authenticate admin user in Tuskar-UI. -# It is required by Heat to perform certain actions. -# Defaults to undef -# -# [*tuskar_ui_deployment_mode*] -# (optional) Tuskar-UI - Deployment mode ('poc' or 'scale') -# Defaults to 'scale' -# -# [*custom_theme_path*] -# (optional) The directory location for the theme (e.g., "static/themes/blue") -# Default to undef -# -# [*redirect_type*] -# (optional) What type of redirect to use when redirecting an http request -# for a user. This should be either 'temp' or 'permanent'. Setting this value -# to 'permanent' will result in the use of a 301 redirect which may be cached -# by a user's browser. Setting this value to 'temp' will result in the use -# of a 302 redirect which is not cached by browsers and may solve issues if -# users report errors accessing horizon. Only used if configure_apache is -# set to true. -# Defaults to 'permanent' -# -# [*api_versions*] -# (optional) A hash of parameters to set specific api versions. -# Example: api_versions => {'identity' => 3} -# Default to 'identity' => 3 -# -# [*keystone_multidomain_support*] -# (optional) Enables multi-domain in horizon. When this is enabled, it will require user to enter -# the Domain name in addition to username for login. -# Default to false -# -# [*keystone_default_domain*] -# (optional) Overrides the default domain used when running on single-domain model with Keystone V3. -# All entities will be created in the default domain. -# Default to undef -# -# [*image_backend*] -# (optional) Overrides the default image backend settings. This allows the list of supported -# image types etc. to be explicitly defined. -# Example: image_backend => { 'image_formats' => { '' => 'Select type', 'qcow2' => 'QCOW2' } } -# Default to empty hash -# -# [*overview_days_range*] -# (optional) The default date range in the Overview panel meters - either minus N -# days (if the value is integer N), or from the beginning of the current month -# until today (if it's undefined). This setting should be used to limit the amount -# of data fetched by default when rendering the Overview panel. -# Defaults to undef. -# -# [*root_url*] -# (optional) The base URL used to contruct horizon web addresses. -# Defaults to '/dashboard' or '/horizon' depending OS -# -# [*session_timeout*] -# (optional) The session timeout for horizon in seconds. After this many seconds of inactivity -# the user is logged out. -# Defaults to 1800. -# -# [*timezone*] -# (optional) The timezone of the server. -# Defaults to 'UTC'. -# -# === Examples -# -# class { 'horizon': -# secret_key => 's3cr3t', -# keystone_url => 'https://10.0.0.10:5000/v2.0', -# available_regions => [ -# ['http://region-1.example.com:5000/v2.0', 'Region-1'], -# ['http://region-2.example.com:5000/v2.0', 'Region-2'] -# ] -# } -# -class horizon( - $secret_key, - $fqdn = undef, - $package_ensure = 'present', - $cache_backend = 'django.core.cache.backends.locmem.LocMemCache', - $cache_options = undef, - $cache_server_ip = undef, - $cache_server_port = '11211', - $horizon_app_links = false, - $keystone_url = 'http://127.0.0.1:5000/v2.0', - $keystone_default_role = '_member_', - $django_debug = 'False', - $openstack_endpoint_type = undef, - $secondary_endpoint_type = undef, - $available_regions = undef, - $api_result_limit = 1000, - $log_handler = 'file', - $log_level = 'INFO', - $help_url = 'http://docs.openstack.org', - $local_settings_template = 'horizon/local_settings.py.erb', - $configure_apache = true, - $bind_address = undef, - $servername = $::fqdn, - $server_aliases = $::fqdn, - $allowed_hosts = $::fqdn, - $listen_ssl = false, - $ssl_no_verify = false, - $ssl_redirect = true, - $horizon_cert = undef, - $horizon_key = undef, - $horizon_ca = undef, - $compress_offline = true, - $hypervisor_options = {}, - $cinder_options = {}, - $neutron_options = {}, - $file_upload_temp_dir = '/tmp', - $policy_files_path = undef, - $policy_files = undef, - $tuskar_ui = false, - $tuskar_ui_ironic_discoverd_url = 'http://127.0.0.1:5050', - $tuskar_ui_undercloud_admin_password = undef, - $tuskar_ui_deployment_mode = 'scale', - $custom_theme_path = undef, - $redirect_type = 'permanent', - $api_versions = {'identity' => '3'}, - $keystone_multidomain_support = false, - $keystone_default_domain = undef, - $image_backend = {}, - $overview_days_range = undef, - $root_url = $::horizon::params::root_url, - $session_timeout = 1800, - $timezone = 'UTC', - # DEPRECATED PARAMETERS - $can_set_mount_point = undef, - $vhost_extra_params = undef, - $secure_cookies = false, - $django_session_engine = undef, -) inherits ::horizon::params { - - $hypervisor_defaults = { - 'can_set_mount_point' => true, - 'can_set_password' => false, - } - - if $fqdn { - warning('Parameter fqdn is deprecated. Please use parameter allowed_hosts for setting ALLOWED_HOSTS in settings_local.py and parameter server_aliases for setting ServerAlias directives in vhost.conf.') - $final_allowed_hosts = $fqdn - $final_server_aliases = $fqdn - } else { - $final_allowed_hosts = $allowed_hosts - $final_server_aliases = $server_aliases - } - - # Default options for the OPENSTACK_CINDER_FEATURES section. These will - # be merged with user-provided options when the local_settings.py.erb - # template is interpolated. - $cinder_defaults = { - 'enable_backup' => false, - } - - # Default options for the OPENSTACK_NEUTRON_NETWORK section. These will - # be merged with user-provided options when the local_settings.py.erb - # template is interpolated. - $neutron_defaults = { - 'enable_lb' => false, - 'enable_firewall' => false, - 'enable_quotas' => true, - 'enable_security_group' => true, - 'enable_vpn' => false, - 'enable_distributed_router' => false, - 'enable_ha_router' => false, - 'profile_support' => 'None', - } - - Service <| title == 'memcached' |> -> Class['horizon'] - - $hypervisor_options_real = merge($hypervisor_defaults,$hypervisor_options) - $cinder_options_real = merge($cinder_defaults,$cinder_options) - $neutron_options_real = merge($neutron_defaults,$neutron_options) - validate_hash($api_versions) - - if $cache_backend =~ /MemcachedCache/ { - ensure_packages('python-memcache', - { name => $::horizon::params::memcache_package, - tag => ['openstack', 'horizon-package']}) - } - - package { 'horizon': - ensure => $package_ensure, - name => $::horizon::params::package_name, - tag => ['openstack', 'horizon-package'], - } - - concat { $::horizon::params::config_file: - mode => '0644', - require => Package['horizon'], - } - - concat::fragment { 'local_settings.py': - target => $::horizon::params::config_file, - content => template($local_settings_template), - order => '50', - } - - exec { 'refresh_horizon_django_cache': - command => "${::horizon::params::manage_py} collectstatic --noinput --clear && ${::horizon::params::manage_py} compress --force", - refreshonly => true, - require => Package['horizon'], - } - - if $::os_package_type == 'rpm' and $compress_offline { - Concat[$::horizon::params::config_file] ~> Exec['refresh_horizon_django_cache'] - } - - if $configure_apache { - class { '::horizon::wsgi::apache': - bind_address => $bind_address, - servername => $servername, - server_aliases => $final_server_aliases, - listen_ssl => $listen_ssl, - ssl_redirect => $ssl_redirect, - horizon_cert => $horizon_cert, - horizon_key => $horizon_key, - horizon_ca => $horizon_ca, - extra_params => $vhost_extra_params, - redirect_type => $redirect_type, - root_url => $root_url - } - } - - if ! ($file_upload_temp_dir in ['/tmp','/var/tmp']) { - file { $file_upload_temp_dir : - ensure => directory, - owner => $::horizon::params::wsgi_user, - group => $::horizon::params::wsgi_group, - mode => '0755', - } - } - - $tuskar_ui_deployment_mode_allowed_values = ['scale', 'poc'] - if ! (member($tuskar_ui_deployment_mode_allowed_values, $tuskar_ui_deployment_mode)) { - fail("'${$tuskar_ui_deployment_mode}' is not correct value for tuskar_ui_deployment_mode parameter. It must be either 'scale' or 'poc'.") - } -} diff --git a/horizon/manifests/params.pp b/horizon/manifests/params.pp deleted file mode 100644 index c0a46ead3..000000000 --- a/horizon/manifests/params.pp +++ /dev/null @@ -1,49 +0,0 @@ -# these parameters need to be accessed from several locations and -# should be considered to be constant -class horizon::params { - - $logdir = '/var/log/horizon' - $django_wsgi = '/usr/share/openstack-dashboard/openstack_dashboard/wsgi/django.wsgi' - $manage_py = '/usr/share/openstack-dashboard/manage.py' - - case $::osfamily { - 'RedHat': { - $http_service = 'httpd' - $http_modwsgi = 'mod_wsgi' - $package_name = 'openstack-dashboard' - $config_file = '/etc/openstack-dashboard/local_settings' - $httpd_config_file = '/etc/httpd/conf.d/openstack-dashboard.conf' - $httpd_listen_config_file = '/etc/httpd/conf/httpd.conf' - $root_url = '/dashboard' - $apache_user = 'apache' - $apache_group = 'apache' - $wsgi_user = 'dashboard' - $wsgi_group = 'dashboard' - $memcache_package = 'python-memcached' - } - 'Debian': { - $http_service = 'apache2' - $config_file = '/etc/openstack-dashboard/local_settings.py' - $httpd_listen_config_file = '/etc/apache2/ports.conf' - $root_url = '/horizon' - $apache_user = 'www-data' - $apache_group = 'www-data' - $wsgi_user = 'horizon' - $wsgi_group = 'horizon' - $memcache_package = 'python-memcache' - case $::os_package_type { - 'debian': { - $package_name = 'openstack-dashboard-apache' - $httpd_config_file = '/etc/apache2/sites-available/openstack-dashboard-alias-only.conf' - } - default: { - $package_name = 'openstack-dashboard' - $httpd_config_file = '/etc/apache2/conf-available/openstack-dashboard.conf' - } - } - } - default: { - fail("Unsupported osfamily: ${::osfamily} operatingsystem: ${::operatingsystem}, module ${module_name} only support osfamily RedHat and Debian") - } - } -} diff --git a/horizon/manifests/wsgi/apache.pp b/horizon/manifests/wsgi/apache.pp deleted file mode 100644 index 083c391cf..000000000 --- a/horizon/manifests/wsgi/apache.pp +++ /dev/null @@ -1,261 +0,0 @@ -# == Class: horizon::wsgi::apache -# -# Configures Apache WSGI for Horizon. -# -# === Parameters -# -# [*bind_address*] -# (optional) Bind address in Apache for Horizon. (Defaults to '0.0.0.0') -# -# [*fqdn*] -# (Optional) Fqdn -# Defaults to undef. -# -# [*servername*] -# (Optional) Server Name -# Defaults to ::fqdn. -# -# [*ssl_redirect*] -# (Optional) Enable SSL Redirect -# Defaults to 'true'. -# -# [*server_aliases*] -# (optional) List of names which should be defined as ServerAlias directives -# in vhost.conf. -# Defaults to ::fqdn. -# -# [*listen_ssl*] -# (optional) Enable SSL support in Apache. (Defaults to false) -# -# [*http_port*] -# (optional) Port to use for the HTTP virtual host. (Defaults to 80) -# -# [*https_port*] -# (optional) Port to use for the HTTPS virtual host. (Defaults to 443) -# -# [*horizon_cert*] -# (required with listen_ssl) Certificate to use for SSL support. -# -# [*horizon_key*] -# (required with listen_ssl) Private key to use for SSL support. -# -# [*horizon_ca*] -# (required with listen_ssl) CA certificate to use for SSL support. -# -# [*wsgi_processes*] -# (optional) Number of Horizon processes to spawn -# Defaults to '3' -# -# [*wsgi_threads*] -# (optional) Number of thread to run in a Horizon process -# Defaults to '10' -# -# [*priority*] -# (optional) The apache vhost priority. -# Defaults to '15'. To set Horizon as the primary vhost, change to '10'. -# -# [*vhost_conf_name*] -# (Optional) Description -# Defaults to 'horizon_vhost'. -# -# [*vhost_ssl_conf_name*] -# (Optional) Description -# Defaults to 'horizon_ssl_vhost'. -# -# [*extra_params*] -# (optional) A hash of extra paramaters for apache::wsgi class. -# Defaults to {} -# -# [*redirect_type*] -# (optional) What type of redirect to use when redirecting an http request -# for a user. This should be either 'temp' or 'permanent'. Setting this value -# to 'permanent' will result in the use of a 301 redirect which may be cached -# by a user's browser. Setting this value to 'temp' will result in the use -# of a 302 redirect which is not cached by browsers and may solve issues if -# users report errors accessing horizon. -# Defaults to 'permanent' -# -# [*root_url*] -# (optional) The base URL used to contruct horizon web addresses. -# Defaults to '/dashboard' or '/horizon' depending OS -# -class horizon::wsgi::apache ( - $bind_address = undef, - $fqdn = undef, - $servername = $::fqdn, - $server_aliases = $::fqdn, - $listen_ssl = false, - $http_port = 80, - $https_port = 443, - $ssl_redirect = true, - $horizon_cert = undef, - $horizon_key = undef, - $horizon_ca = undef, - $wsgi_processes = '3', - $wsgi_threads = '10', - $priority = '15', - $vhost_conf_name = 'horizon_vhost', - $vhost_ssl_conf_name = 'horizon_ssl_vhost', - $extra_params = {}, - $redirect_type = 'permanent', - $root_url = $::horizon::params::root_url, -) inherits horizon::params { - - include ::apache - - if $fqdn { - warning('Parameter fqdn is deprecated. Please use parameter server_aliases for setting ServerAlias directives in vhost.conf.') - $final_server_aliases = $fqdn - } else { - $final_server_aliases = $server_aliases - } - - include ::apache::mod::wsgi - - # We already use apache::vhost to generate our own - # configuration file, let's clean the configuration - # embedded within the package - file { $::horizon::params::httpd_config_file: - ensure => present, - content => "# -# This file has been cleaned by Puppet. -# -# OpenStack Horizon configuration has been moved to: -# - ${priority}-${vhost_conf_name}.conf -# - ${priority}-${vhost_ssl_conf_name}.conf -#", - require => Package['horizon'], - } - - - if $listen_ssl { - include ::apache::mod::ssl - $ensure_ssl_vhost = 'present' - - if $horizon_ca == undef { - fail('The horizon_ca parameter is required when listen_ssl is true') - } - - if $horizon_cert == undef { - fail('The horizon_cert parameter is required when listen_ssl is true') - } - - if $horizon_key == undef { - fail('The horizon_key parameter is required when listen_ssl is true') - } - - if $ssl_redirect { - $redirect_match = '(.*)' - $redirect_url = "https://${servername}" - } - - } else { - case $root_url { - '': { - $ensure_ssl_vhost = 'absent' - $redirect_match = "^${::horizon::params::root_url}\$" - $redirect_url = '/' - } - default: { - $ensure_ssl_vhost = 'absent' - $redirect_match = '^/$' - $redirect_url = $root_url - } - } - } - - if !($redirect_type in ['temp', 'permanent']) { - fail("Invalid redirect type '${redirect_type} provided.") - } - - Package['horizon'] -> Package['httpd'] - File[$::horizon::params::config_file] ~> Service['httpd'] - - $unix_user = $::osfamily ? { - 'RedHat' => $::horizon::params::apache_user, - default => $::horizon::params::wsgi_user - } - $unix_group = $::osfamily ? { - 'RedHat' => $::horizon::params::apache_group, - default => $::horizon::params::wsgi_group, - } - - file { $::horizon::params::logdir: - ensure => directory, - owner => $unix_user, - group => $unix_group, - before => Service['httpd'], - mode => '0751', - require => Package['horizon'], - } - - file { "${::horizon::params::logdir}/horizon.log": - ensure => file, - owner => $unix_user, - group => $unix_group, - before => Service['httpd'], - mode => '0640', - require => [ File[$::horizon::params::logdir], Package['horizon'] ], - } - - $script_url = $root_url ? { - '' => '/', - default => $root_url, - } - - $default_vhost_conf_no_ip = { - servername => $servername, - serveraliases => os_any2array($final_server_aliases), - docroot => '/var/www/', - access_log_file => 'horizon_access.log', - error_log_file => 'horizon_error.log', - priority => $priority, - aliases => [{ - alias => "${root_url}/static", - path => '/usr/share/openstack-dashboard/static', - }], - port => $http_port, - ssl_cert => $horizon_cert, - ssl_key => $horizon_key, - ssl_ca => $horizon_ca, - wsgi_script_aliases => hash([$script_url, $::horizon::params::django_wsgi]), - wsgi_daemon_process => $::horizon::params::wsgi_group, - wsgi_daemon_process_options => { - processes => $wsgi_processes, - threads => $wsgi_threads, - user => $unix_user, - group => $unix_group, - }, - wsgi_import_script => $::horizon::params::django_wsgi, - wsgi_process_group => $::horizon::params::wsgi_group, - redirectmatch_status => $redirect_type, - } - - # Only add the 'ip' element to the $default_vhost_conf hash if it was explicitly - # specified in the instantiation of the class. This is because ip => undef gets - # changed to ip => '' via the Puppet function API when ensure_resource is called. - # See https://bugs.launchpad.net/puppet-horizon/+bug/1371345 - if $bind_address { - $default_vhost_conf = merge($default_vhost_conf_no_ip, { ip => $bind_address }) - } else { - $default_vhost_conf = $default_vhost_conf_no_ip - } - - ensure_resource('apache::vhost', $vhost_conf_name, merge ($default_vhost_conf, $extra_params, { - redirectmatch_regexp => $redirect_match, - redirectmatch_dest => $redirect_url, - })) - ensure_resource('apache::vhost', $vhost_ssl_conf_name, merge ($default_vhost_conf, $extra_params, { - access_log_file => 'horizon_ssl_access.log', - error_log_file => 'horizon_ssl_error.log', - priority => $priority, - ssl => true, - port => $https_port, - ensure => $ensure_ssl_vhost, - wsgi_daemon_process => 'horizon-ssl', - wsgi_process_group => 'horizon-ssl', - redirectmatch_regexp => '^/$', - redirectmatch_dest => $root_url, - })) - -} diff --git a/horizon/metadata.json b/horizon/metadata.json deleted file mode 100644 index b38e0843e..000000000 --- a/horizon/metadata.json +++ /dev/null @@ -1,30 +0,0 @@ -{ - "name": "openstack-horizon", - "version": "8.1.0", - "author": "Puppet Labs and OpenStack Contributors", - "summary": "Puppet module for OpenStack Horizon", - "license": "Apache-2.0", - "source": "git://github.com/openstack/puppet-horizon.git", - "project_page": "https://launchpad.net/puppet-horizon", - "issues_url": "https://bugs.launchpad.net/puppet-horizon", - "requirements": [ - { "name": "pe", "version_requirement": ">= 3.2.0 <= 2016.1.0" }, - { "name": "puppet", "version_requirement": ">= 3.0.0 < 5.0.0" } - ], - "operatingsystem_support": [ - { - "operatingsystem": "RedHat", - "operatingsystemrelease": ["7"] - }, - { - "operatingsystem": "Ubuntu", - "operatingsystemrelease": ["14.04"] - } - ], - "description": "Installs and configures OpenStack Horizon (Dashboard).", - "dependencies": [ - { "name": "puppetlabs/apache", "version_requirement": ">=1.8.0 <2.0.0" }, - { "name": "puppetlabs/stdlib", "version_requirement": ">=4.9.0 <5.0.0" }, - { "name": "saz/memcached", "version_requirement": ">=2.8.1 <3.0.0" } - ] -} diff --git a/horizon/releasenotes/notes/apache_ports-5d0eb0ca775ad7d1.yaml b/horizon/releasenotes/notes/apache_ports-5d0eb0ca775ad7d1.yaml deleted file mode 100644 index a653fd890..000000000 --- a/horizon/releasenotes/notes/apache_ports-5d0eb0ca775ad7d1.yaml +++ /dev/null @@ -1,3 +0,0 @@ ---- -features: - - Allow Apache http/https ports to be configurable. diff --git a/horizon/releasenotes/notes/keystone_v3-d381e37592d3b29b.yaml b/horizon/releasenotes/notes/keystone_v3-d381e37592d3b29b.yaml deleted file mode 100644 index 35d9f31d9..000000000 --- a/horizon/releasenotes/notes/keystone_v3-d381e37592d3b29b.yaml +++ /dev/null @@ -1,3 +0,0 @@ ---- -features: - - Use keystone v3 with horizon by default. diff --git a/horizon/releasenotes/notes/mitaka-dece9d43a565e6cb.yaml b/horizon/releasenotes/notes/mitaka-dece9d43a565e6cb.yaml deleted file mode 100644 index 4b52a1ccd..000000000 --- a/horizon/releasenotes/notes/mitaka-dece9d43a565e6cb.yaml +++ /dev/null @@ -1,3 +0,0 @@ ---- -prelude: > - This is the first Mitaka release for puppet-horizon module. diff --git a/horizon/releasenotes/notes/remove_lesscpy-b4b677de57351078.yaml b/horizon/releasenotes/notes/remove_lesscpy-b4b677de57351078.yaml deleted file mode 100644 index db178ad05..000000000 --- a/horizon/releasenotes/notes/remove_lesscpy-b4b677de57351078.yaml +++ /dev/null @@ -1,3 +0,0 @@ ---- -deprecations: - - Remove installation of lesscpy package, not needed since Horizon has been using pyscss. diff --git a/horizon/releasenotes/notes/root_url-cede3a4a7ecafdf9.yaml b/horizon/releasenotes/notes/root_url-cede3a4a7ecafdf9.yaml deleted file mode 100644 index 5c98a3715..000000000 --- a/horizon/releasenotes/notes/root_url-cede3a4a7ecafdf9.yaml +++ /dev/null @@ -1,5 +0,0 @@ ---- -features: - - Making root_url configurable. - This needs to occur to allow people the ability to serve Horizon from the - root of a vhost. diff --git a/horizon/releasenotes/notes/trigger_collectstatic-fb465ebec48b3bc7.yaml b/horizon/releasenotes/notes/trigger_collectstatic-fb465ebec48b3bc7.yaml deleted file mode 100644 index 05ecab572..000000000 --- a/horizon/releasenotes/notes/trigger_collectstatic-fb465ebec48b3bc7.yaml +++ /dev/null @@ -1,3 +0,0 @@ ---- -features: - - Leave an ability to trigger collectstatic for debian/ubuntu. diff --git a/horizon/releasenotes/notes/update_local_settings_mitaka-f182327ce660fda0.yaml b/horizon/releasenotes/notes/update_local_settings_mitaka-f182327ce660fda0.yaml deleted file mode 100644 index f49e6a522..000000000 --- a/horizon/releasenotes/notes/update_local_settings_mitaka-f182327ce660fda0.yaml +++ /dev/null @@ -1,3 +0,0 @@ ---- -features: - - Update of local_settings template from Mitaka. diff --git a/horizon/releasenotes/notes/use-reno-1caaec4ba5aa4285.yaml b/horizon/releasenotes/notes/use-reno-1caaec4ba5aa4285.yaml deleted file mode 100644 index 41cef2f11..000000000 --- a/horizon/releasenotes/notes/use-reno-1caaec4ba5aa4285.yaml +++ /dev/null @@ -1,4 +0,0 @@ ---- -features: - - Release notes are no longer maintained by hand, we now use the reno tool to - manage them. diff --git a/horizon/releasenotes/source/_static/.placeholder b/horizon/releasenotes/source/_static/.placeholder deleted file mode 100644 index e69de29bb..000000000 diff --git a/horizon/releasenotes/source/conf.py b/horizon/releasenotes/source/conf.py deleted file mode 100644 index fcc64a8fb..000000000 --- a/horizon/releasenotes/source/conf.py +++ /dev/null @@ -1,259 +0,0 @@ -# -*- coding: utf-8 -*- -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or -# implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -# If extensions (or modules to document with autodoc) are in another directory, -# add these directories to sys.path here. If the directory is relative to the -# documentation root, use os.path.abspath to make it absolute, like shown here. -#sys.path.insert(0, os.path.abspath('.')) - -# -- General configuration ------------------------------------------------ - -# If your documentation needs a minimal Sphinx version, state it here. -#needs_sphinx = '1.0' - -# Add any Sphinx extension module names here, as strings. They can be -# extensions coming with Sphinx (named 'sphinx.ext.*') or your custom -# ones. -extensions = [ - 'oslosphinx', - 'reno.sphinxext', -] - -# Add any paths that contain templates here, relative to this directory. -templates_path = ['_templates'] - -# The suffix of source filenames. -source_suffix = '.rst' - -# The encoding of source files. -#source_encoding = 'utf-8-sig' - -# The master toctree document. -master_doc = 'index' - -# General information about the project. -project = u'puppet-horizon Release Notes' -copyright = u'2016, Puppet OpenStack Developers' - -# The version info for the project you're documenting, acts as replacement for -# |version| and |release|, also used in various other places throughout the -# built documents. -# -# The short X.Y version. -version = '8.1.0' -# The full version, including alpha/beta/rc tags. -release = '8.1.0' - -# The language for content autogenerated by Sphinx. Refer to documentation -# for a list of supported languages. -#language = None - -# There are two options for replacing |today|: either, you set today to some -# non-false value, then it is used: -#today = '' -# Else, today_fmt is used as the format for a strftime call. -#today_fmt = '%B %d, %Y' - -# List of patterns, relative to source directory, that match files and -# directories to ignore when looking for source files. -exclude_patterns = [] - -# The reST default role (used for this markup: `text`) to use for all -# documents. -#default_role = None - -# If true, '()' will be appended to :func: etc. cross-reference text. -#add_function_parentheses = True - -# If true, the current module name will be prepended to all description -# unit titles (such as .. function::). -#add_module_names = True - -# If true, sectionauthor and moduleauthor directives will be shown in the -# output. They are ignored by default. -#show_authors = False - -# The name of the Pygments (syntax highlighting) style to use. -pygments_style = 'sphinx' - -# A list of ignored prefixes for module index sorting. -#modindex_common_prefix = [] - -# If true, keep warnings as "system message" paragraphs in the built documents. -#keep_warnings = False - - -# -- Options for HTML output ---------------------------------------------- - -# The theme to use for HTML and HTML Help pages. See the documentation for -# a list of builtin themes. -html_theme = 'default' - -# Theme options are theme-specific and customize the look and feel of a theme -# further. For a list of options available for each theme, see the -# documentation. -#html_theme_options = {} - -# Add any paths that contain custom themes here, relative to this directory. -#html_theme_path = [] - -# The name for this set of Sphinx documents. If None, it defaults to -# " v documentation". -#html_title = None - -# A shorter title for the navigation bar. Default is the same as html_title. -#html_short_title = None - -# The name of an image file (relative to this directory) to place at the top -# of the sidebar. -#html_logo = None - -# The name of an image file (within the static path) to use as favicon of the -# docs. This file should be a Windows icon file (.ico) being 16x16 or 32x32 -# pixels large. -#html_favicon = None - -# Add any paths that contain custom static files (such as style sheets) here, -# relative to this directory. They are copied after the builtin static files, -# so a file named "default.css" will overwrite the builtin "default.css". -html_static_path = ['_static'] - -# Add any extra paths that contain custom files (such as robots.txt or -# .htaccess) here, relative to this directory. These files are copied -# directly to the root of the documentation. -#html_extra_path = [] - -# If not '', a 'Last updated on:' timestamp is inserted at every page bottom, -# using the given strftime format. -#html_last_updated_fmt = '%b %d, %Y' - -# If true, SmartyPants will be used to convert quotes and dashes to -# typographically correct entities. -#html_use_smartypants = True - -# Custom sidebar templates, maps document names to template names. -#html_sidebars = {} - -# Additional templates that should be rendered to pages, maps page names to -# template names. -#html_additional_pages = {} - -# If false, no module index is generated. -#html_domain_indices = True - -# If false, no index is generated. -#html_use_index = True - -# If true, the index is split into individual pages for each letter. -#html_split_index = False - -# If true, links to the reST sources are added to the pages. -#html_show_sourcelink = True - -# If true, "Created using Sphinx" is shown in the HTML footer. Default is True. -#html_show_sphinx = True - -# If true, "(C) Copyright ..." is shown in the HTML footer. Default is True. -#html_show_copyright = True - -# If true, an OpenSearch description file will be output, and all pages will -# contain a tag referring to it. The value of this option must be the -# base URL from which the finished HTML is served. -#html_use_opensearch = '' - -# This is the file name suffix for HTML files (e.g. ".xhtml"). -#html_file_suffix = None - -# Output file base name for HTML help builder. -htmlhelp_basename = 'puppet-horizonReleaseNotesdoc' - - -# -- Options for LaTeX output --------------------------------------------- - -latex_elements = { -# The paper size ('letterpaper' or 'a4paper'). -#'papersize': 'letterpaper', - -# The font size ('10pt', '11pt' or '12pt'). -#'pointsize': '10pt', - -# Additional stuff for the LaTeX preamble. -#'preamble': '', -} - -# Grouping the document tree into LaTeX files. List of tuples -# (source start file, target name, title, -# author, documentclass [howto, manual, or own class]). -latex_documents = [ - ('index', 'puppet-horizonReleaseNotes.tex', u'puppet-horizon Release Notes Documentation', - u'2016, Puppet OpenStack Developers', 'manual'), -] - -# The name of an image file (relative to this directory) to place at the top of -# the title page. -#latex_logo = None - -# For "manual" documents, if this is true, then toplevel headings are parts, -# not chapters. -#latex_use_parts = False - -# If true, show page references after internal links. -#latex_show_pagerefs = False - -# If true, show URL addresses after external links. -#latex_show_urls = False - -# Documents to append as an appendix to all manuals. -#latex_appendices = [] - -# If false, no module index is generated. -#latex_domain_indices = True - - -# -- Options for manual page output --------------------------------------- - -# One entry per manual page. List of tuples -# (source start file, name, description, authors, manual section). -man_pages = [ - ('index', 'puppet-horizonreleasenotes', u'puppet-horizon Release Notes Documentation', - [u'2016, Puppet OpenStack Developers'], 1) -] - -# If true, show URL addresses after external links. -#man_show_urls = False - - -# -- Options for Texinfo output ------------------------------------------- - -# Grouping the document tree into Texinfo files. List of tuples -# (source start file, target name, title, author, -# dir menu entry, description, category) -texinfo_documents = [ - ('index', 'puppet-horizonReleaseNotes', u'puppet-horizon Release Notes Documentation', - u'2016, Puppet OpenStack Developers', 'puppet-horizonReleaseNotes', 'One line description of project.', - 'Miscellaneous'), -] - -# Documents to append as an appendix to all manuals. -#texinfo_appendices = [] - -# If false, no module index is generated. -#texinfo_domain_indices = True - -# How to display URL addresses: 'footnote', 'no', or 'inline'. -#texinfo_show_urls = 'footnote' - -# If true, do not generate a @detailmenu in the "Top" node's menu. -#texinfo_no_detailmenu = False diff --git a/horizon/releasenotes/source/index.rst b/horizon/releasenotes/source/index.rst deleted file mode 100644 index b7b4e6206..000000000 --- a/horizon/releasenotes/source/index.rst +++ /dev/null @@ -1,19 +0,0 @@ -======================================== -Welcome to puppet-horizon Release Notes! -======================================== - -Contents -======== - -.. toctree:: - :maxdepth: 2 - - mitaka - unreleased - - -Indices and tables -================== - -* :ref:`genindex` -* :ref:`search` diff --git a/horizon/releasenotes/source/mitaka.rst b/horizon/releasenotes/source/mitaka.rst deleted file mode 100644 index 97ab8d1d3..000000000 --- a/horizon/releasenotes/source/mitaka.rst +++ /dev/null @@ -1,6 +0,0 @@ -============================ - Mitaka Series Release Notes -============================ - -.. release-notes:: - :branch: origin/stable/mitaka diff --git a/horizon/releasenotes/source/unreleased.rst b/horizon/releasenotes/source/unreleased.rst deleted file mode 100644 index 2334dd5cf..000000000 --- a/horizon/releasenotes/source/unreleased.rst +++ /dev/null @@ -1,5 +0,0 @@ -============================== - Current Series Release Notes -============================== - - .. release-notes:: diff --git a/horizon/setup.cfg b/horizon/setup.cfg deleted file mode 100644 index e9322ecda..000000000 --- a/horizon/setup.cfg +++ /dev/null @@ -1,13 +0,0 @@ -[metadata] -name = puppet-horizon -summary = Puppet module for OpenStack Horizon -description-file = - README.md -author = Puppet Labs and OpenStack Contributors -author-email = openstack-dev@lists.openstack.org -home-page = http://www.openstack.org/ -classifier = - Intended Audience :: Developers - Intended Audience :: System Administrators - License :: OSI Approved :: Apache Software License - Operating System :: POSIX :: Linux diff --git a/horizon/setup.py b/horizon/setup.py deleted file mode 100644 index 70c2b3f32..000000000 --- a/horizon/setup.py +++ /dev/null @@ -1,22 +0,0 @@ -#!/usr/bin/env python -# Copyright (c) 2013 Hewlett-Packard Development Company, L.P. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or -# implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# THIS FILE IS MANAGED BY THE GLOBAL REQUIREMENTS REPO - DO NOT EDIT -import setuptools - -setuptools.setup( - setup_requires=['pbr'], - pbr=True) diff --git a/horizon/spec/acceptance/horizon_with_apache_spec.rb b/horizon/spec/acceptance/horizon_with_apache_spec.rb deleted file mode 100644 index d6ab88edd..000000000 --- a/horizon/spec/acceptance/horizon_with_apache_spec.rb +++ /dev/null @@ -1,74 +0,0 @@ -require 'spec_helper_acceptance' - -describe 'horizon class' do - - context 'default parameters' do - - it 'should work with no errors' do - pp= <<-EOS - include ::openstack_integration - include ::openstack_integration::repos - - class { '::horizon': - secret_key => 'big_secret', - # need to disable offline compression due to - # https://bugs.launchpad.net/ubuntu/+source/horizon/+bug/1424042 - compress_offline => false, - allowed_hosts => [$::fqdn, 'localhost'], - server_aliases => [$::fqdn, 'localhost'], - } - EOS - - # Run it twice and test for idempotency - apply_manifest(pp, :catch_failures => true) - apply_manifest(pp, :catch_changes => true) - end - - # basic test for now, to make sure Apache serve /horizon dashboard - if os[:family] == 'Debian' - it 'executes curl and returns 200' do - shell('curl --connect-timeout 5 -sL -w "%{http_code} %{url_effective}\n" http://localhost/horizon -o /dev/null', :acceptable_exit_codes => [0]) do |r| - expect(r.stdout).to match(/^200/) - end - end - elsif os[:family] == 'RedHat' - it 'executes curl and returns 200' do - shell('curl --connect-timeout 5 -sL -w "%{http_code} %{url_effective}\n" http://localhost/dashboard -o /dev/null', :acceptable_exit_codes => [0]) do |r| - expect(r.stdout).to match(/^200/) - end - end - end - - end - - context 'parameters with modified root' do - - it 'should work with no errors' do - pp= <<-EOS - include ::openstack_integration - include ::openstack_integration::repos - - class { '::horizon': - secret_key => 'big_secret', - # need to disable offline compression due to - # https://bugs.launchpad.net/ubuntu/+source/horizon/+bug/1424042 - compress_offline => false, - allowed_hosts => [$::fqdn, 'localhost'], - server_aliases => [$::fqdn, 'localhost'], - root_url => '', - } - EOS - - # Run it twice and test for idempotency - apply_manifest(pp, :catch_failures => true) - apply_manifest(pp, :catch_changes => true) - end - - # basic test for now, to make sure Apache serve /horizon dashboard - it 'executes curl and returns 200' do - shell('curl --connect-timeout 5 -sL -w "%{http_code} %{url_effective}\n" http://localhost -o /dev/null', :acceptable_exit_codes => [0]) do |r| - expect(r.stdout).to match(/^200/) - end - end - end -end diff --git a/horizon/spec/acceptance/nodesets/centos-70-x64.yml b/horizon/spec/acceptance/nodesets/centos-70-x64.yml deleted file mode 100644 index 5f097e9fe..000000000 --- a/horizon/spec/acceptance/nodesets/centos-70-x64.yml +++ /dev/null @@ -1,11 +0,0 @@ -HOSTS: - centos-server-70-x64: - roles: - - master - platform: el-7-x86_64 - box: puppetlabs/centos-7.0-64-nocm - box_url: https://vagrantcloud.com/puppetlabs/centos-7.0-64-nocm - hypervisor: vagrant -CONFIG: - log_level: debug - type: foss diff --git a/horizon/spec/acceptance/nodesets/default.yml b/horizon/spec/acceptance/nodesets/default.yml deleted file mode 100644 index 486b6a34e..000000000 --- a/horizon/spec/acceptance/nodesets/default.yml +++ /dev/null @@ -1,10 +0,0 @@ -HOSTS: - ubuntu-server-14.04-amd64: - roles: - - master - platform: ubuntu-14.04-amd64 - box: puppetlabs/ubuntu-14.04-64-nocm - box_url: https://vagrantcloud.com/puppetlabs/ubuntu-14.04-64-nocm - hypervisor: vagrant -CONFIG: - type: foss diff --git a/horizon/spec/acceptance/nodesets/nodepool-centos7.yml b/horizon/spec/acceptance/nodesets/nodepool-centos7.yml deleted file mode 100644 index c55287420..000000000 --- a/horizon/spec/acceptance/nodesets/nodepool-centos7.yml +++ /dev/null @@ -1,10 +0,0 @@ -HOSTS: - centos-70-x64: - roles: - - master - platform: el-7-x86_64 - hypervisor: none - ip: 127.0.0.1 -CONFIG: - type: foss - set_env: false diff --git a/horizon/spec/acceptance/nodesets/nodepool-trusty.yml b/horizon/spec/acceptance/nodesets/nodepool-trusty.yml deleted file mode 100644 index 9fc624e24..000000000 --- a/horizon/spec/acceptance/nodesets/nodepool-trusty.yml +++ /dev/null @@ -1,10 +0,0 @@ -HOSTS: - ubuntu-14.04-amd64: - roles: - - master - platform: ubuntu-14.04-amd64 - hypervisor: none - ip: 127.0.0.1 -CONFIG: - type: foss - set_env: false diff --git a/horizon/spec/acceptance/nodesets/ubuntu-server-1404-x64.yml b/horizon/spec/acceptance/nodesets/ubuntu-server-1404-x64.yml deleted file mode 100644 index 8001929b2..000000000 --- a/horizon/spec/acceptance/nodesets/ubuntu-server-1404-x64.yml +++ /dev/null @@ -1,11 +0,0 @@ -HOSTS: - ubuntu-server-14.04-amd64: - roles: - - master - platform: ubuntu-14.04-amd64 - box: puppetlabs/ubuntu-14.04-64-nocm - box_url: https://vagrantcloud.com/puppetlabs/ubuntu-14.04-64-nocm - hypervisor: vagrant -CONFIG: - log_level: debug - type: foss diff --git a/horizon/spec/classes/horizon_init_spec.rb b/horizon/spec/classes/horizon_init_spec.rb deleted file mode 100644 index 5fb120f3e..000000000 --- a/horizon/spec/classes/horizon_init_spec.rb +++ /dev/null @@ -1,492 +0,0 @@ -require 'spec_helper' - -describe 'horizon' do - - let :params do - { 'secret_key' => 'elj1IWiLoWHgcyYxFVLj7cM5rGOOxWl0', - 'fqdn' => '*' } - end - - let :pre_condition do - 'include apache' - end - - let :fixtures_path do - File.expand_path(File.join(__FILE__, '..', '..', 'fixtures')) - end - - let :facts do - { :concat_basedir => '/var/lib/puppet/concat', - :fqdn => 'some.host.tld' - } - end - - shared_examples 'horizon' do - - context 'with default parameters' do - it { - is_expected.to contain_package('horizon').with( - :ensure => 'present', - :tag => ['openstack', 'horizon-package'], - ) - } - it { is_expected.to contain_exec('refresh_horizon_django_cache').with({ - :command => '/usr/share/openstack-dashboard/manage.py collectstatic --noinput --clear && /usr/share/openstack-dashboard/manage.py compress --force', - :refreshonly => true, - })} - it { - if facts[:os_package_type] == 'rpm' - is_expected.to contain_concat(platforms_params[:config_file]).that_notifies('Exec[refresh_horizon_django_cache]') - else - is_expected.to_not contain_concat(platforms_params[:config_file]).that_notifies('Exec[refresh_horizon_django_cache]') - end - } - - it 'configures apache' do - is_expected.to contain_class('horizon::wsgi::apache').with({ - :servername => 'some.host.tld', - :listen_ssl => false, - :extra_params => {}, - :redirect_type => 'permanent', - }) - end - - it 'generates local_settings.py' do - verify_concat_fragment_contents(catalogue, 'local_settings.py', [ - 'DEBUG = False', - "LOGIN_URL = '#{platforms_params[:root_url]}/auth/login/'", - "LOGOUT_URL = '#{platforms_params[:root_url]}/auth/logout/'", - "LOGIN_REDIRECT_URL = '#{platforms_params[:root_url]}/'", - "ALLOWED_HOSTS = ['*', ]", - " 'identity': 3,", - "SECRET_KEY = 'elj1IWiLoWHgcyYxFVLj7cM5rGOOxWl0'", - 'OPENSTACK_KEYSTONE_URL = "http://127.0.0.1:5000/v2.0"', - 'OPENSTACK_KEYSTONE_DEFAULT_ROLE = "_member_"', - " 'can_set_mount_point': True,", - " 'can_set_password': False,", - " 'enable_distributed_router': False,", - " 'enable_firewall': False,", - " 'enable_ha_router': False,", - " 'enable_lb': False,", - " 'enable_quotas': True,", - " 'enable_security_group': True,", - " 'enable_vpn': False,", - 'API_RESULT_LIMIT = 1000', - 'TIME_ZONE = "UTC"', - 'COMPRESS_OFFLINE = True', - "FILE_UPLOAD_TEMP_DIR = '/tmp'" - ]) - - # From internals of verify_contents, get the contents to check for absence of a line - content = catalogue.resource('concat::fragment', 'local_settings.py').send(:parameters)[:content] - - # With default options, should _not_ have a line to configure SESSION_ENGINE - expect(content).not_to match(/^SESSION_ENGINE/) - end - - it { is_expected.not_to contain_file('/tmp') } - end - - context 'with overridden parameters' do - before do - params.merge!({ - :cache_backend => 'horizon.backends.memcached.HorizonMemcached', - :cache_options => {'SOCKET_TIMEOUT' => 1,'SERVER_RETRIES' => 1,'DEAD_RETRY' => 1}, - :cache_server_ip => '10.0.0.1', - :django_session_engine => 'django.contrib.sessions.backends.cache', - :keystone_default_role => 'SwiftOperator', - :keystone_url => 'https://keystone.example.com:4682', - :ssl_no_verify => true, - :log_handler => 'syslog', - :log_level => 'DEBUG', - :openstack_endpoint_type => 'internalURL', - :secondary_endpoint_type => 'ANY-VALUE', - :django_debug => true, - :api_result_limit => 4682, - :compress_offline => false, - :hypervisor_options => {'can_set_mount_point' => false, 'can_set_password' => true }, - :cinder_options => {'enable_backup' => true }, - :neutron_options => {'enable_lb' => true, 'enable_firewall' => true, 'enable_quotas' => false, 'enable_security_group' => false, 'enable_vpn' => true, - 'enable_distributed_router' => false, 'enable_ha_router' => false, 'profile_support' => 'cisco', - 'supported_provider_types' => ['flat', 'vxlan'], 'supported_vnic_types' => ['*'], 'default_ipv4_subnet_pool_label' => 'None', }, - :file_upload_temp_dir => '/var/spool/horizon', - :secure_cookies => true, - :custom_theme_path => 'static/themes/green', - :api_versions => {'identity' => 2.0}, - :keystone_multidomain_support => true, - :keystone_default_domain => 'domain.tld', - :overview_days_range => 1, - :session_timeout => 1800, - :timezone => 'Asia/Shanghai', - }) - end - - it 'generates local_settings.py' do - verify_concat_fragment_contents(catalogue, 'local_settings.py', [ - 'DEBUG = True', - "ALLOWED_HOSTS = ['*', ]", - 'CSRF_COOKIE_SECURE = True', - 'SESSION_COOKIE_SECURE = True', - " 'identity': 2.0,", - "OPENSTACK_KEYSTONE_MULTIDOMAIN_SUPPORT = True", - "OPENSTACK_KEYSTONE_DEFAULT_DOMAIN = 'domain.tld'", - "SECRET_KEY = 'elj1IWiLoWHgcyYxFVLj7cM5rGOOxWl0'", - " 'DEAD_RETRY': 1,", - " 'SERVER_RETRIES': 1,", - " 'SOCKET_TIMEOUT': 1,", - " 'BACKEND': 'horizon.backends.memcached.HorizonMemcached',", - " 'LOCATION': '10.0.0.1:11211',", - 'SESSION_ENGINE = "django.contrib.sessions.backends.cache"', - 'OPENSTACK_KEYSTONE_URL = "https://keystone.example.com:4682"', - 'OPENSTACK_KEYSTONE_DEFAULT_ROLE = "SwiftOperator"', - 'OPENSTACK_SSL_NO_VERIFY = True', - " 'can_set_mount_point': False,", - " 'can_set_password': True,", - " 'enable_backup': True,", - " 'default_ipv4_subnet_pool_label': None,", - " 'enable_firewall': True,", - " 'enable_lb': True,", - " 'enable_quotas': False,", - " 'enable_security_group': False,", - " 'enable_vpn': True,", - " 'profile_support': 'cisco',", - " 'supported_provider_types': ['flat', 'vxlan'],", - " 'supported_vnic_types': ['*'],", - 'OPENSTACK_ENDPOINT_TYPE = "internalURL"', - 'SECONDARY_ENDPOINT_TYPE = "ANY-VALUE"', - 'API_RESULT_LIMIT = 4682', - 'TIME_ZONE = "Asia/Shanghai"', - "CUSTOM_THEME_PATH = 'static/themes/green'", - " 'level': 'DEBUG',", - " 'handlers': ['syslog'],", - "SESSION_TIMEOUT = 1800", - 'COMPRESS_OFFLINE = False', - "FILE_UPLOAD_TEMP_DIR = '/var/spool/horizon'", - "OVERVIEW_DAYS_RANGE = 1", - ]) - end - - it { is_expected.not_to contain_file(platforms_params[:config_file]).that_notifies('Exec[refresh_horizon_django_cache]') } - - it { is_expected.to contain_file(params[:file_upload_temp_dir]) } - end - - context 'with overridden parameters and cache_server_ip array' do - before do - params.merge!({ - :cache_server_ip => ['10.0.0.1','10.0.0.2'], - }) - end - - it 'generates local_settings.py' do - verify_concat_fragment_contents(catalogue, 'local_settings.py', [ - " 'LOCATION': [ '10.0.0.1:11211','10.0.0.2:11211', ],", - ]) - end - - it { is_expected.to contain_exec('refresh_horizon_django_cache') } - end - - context 'installs python memcache library when cache_backend is set to memcache' do - before do - params.merge!({ - :cache_backend => 'django.core.cache.backends.memcached.MemcachedCache' - }) - end - - it { - is_expected.to contain_package('python-memcache').with( - :ensure => 'present', - :tag => ['openstack', 'horizon-package'] - ) - } - end - - context 'with tuskar-ui enabled' do - before do - params.merge!({ - :tuskar_ui => true, - :tuskar_ui_ironic_discoverd_url => 'http://127.0.0.1:5050', - :tuskar_ui_undercloud_admin_password => 'somesecretpassword', - :tuskar_ui_deployment_mode => 'scale', - }) - end - - it 'generates local_settings.py' do - verify_concat_fragment_contents(catalogue, 'local_settings.py', [ - 'IRONIC_DISCOVERD_URL = "http://127.0.0.1:5050"', - 'UNDERCLOUD_ADMIN_PASSWORD = "somesecretpassword"', - 'DEPLOYMENT_MODE = "scale"', - ]) - end - end - - context 'with wrong tuskar_ui_deployment_mode parameter value' do - before do - params.merge!({ - :tuskar_ui_deployment_mode => 'wrong' }) - end - it_raises 'a Puppet::Error', /'wrong' is not correct value for tuskar_ui_deployment_mode parameter. It must be either 'scale' or 'poc'./ - end - - - context 'with vhost_extra_params' do - before do - params.merge!({ - :vhost_extra_params => { 'add_listen' => false }, - :redirect_type => 'temp', - }) - end - - it 'configures apache' do - is_expected.to contain_class('horizon::wsgi::apache').with({ - :extra_params => { 'add_listen' => false }, - :redirect_type => 'temp', - }) - end - end - - - context 'with ssl enabled' do - before do - params.merge!({ - :listen_ssl => true, - :servername => 'some.host.tld', - :horizon_cert => '/etc/pki/tls/certs/httpd.crt', - :horizon_key => '/etc/pki/tls/private/httpd.key', - :horizon_ca => '/etc/pki/tls/certs/ca.crt', - }) - end - - it 'configures apache' do - is_expected.to contain_class('horizon::wsgi::apache').with({ - :bind_address => nil, - :listen_ssl => true, - :horizon_cert => '/etc/pki/tls/certs/httpd.crt', - :horizon_key => '/etc/pki/tls/private/httpd.key', - :horizon_ca => '/etc/pki/tls/certs/ca.crt', - }) - end - end - - context 'without apache' do - before do - params.merge!({ :configure_apache => false }) - end - - it 'does not configure apache' do - is_expected.not_to contain_class('horizon::wsgi::apache') - end - end - - context 'with available_regions parameter' do - before do - params.merge!({ - :available_regions => [ - ['http://region-1.example.com:5000/v2.0', 'Region-1'], - ['http://region-2.example.com:5000/v2.0', 'Region-2'] - ] - }) - end - - it 'AVAILABLE_REGIONS is configured' do - verify_concat_fragment_contents(catalogue, 'local_settings.py', [ - "AVAILABLE_REGIONS = [", - " ('http://region-1.example.com:5000/v2.0', 'Region-1'),", - " ('http://region-2.example.com:5000/v2.0', 'Region-2'),", - "]" - ]) - end - end - - context 'with policy parameters' do - before do - params.merge!({ - :policy_files_path => '/opt/openstack-dashboard', - :policy_files => { - 'compute' => 'nova_policy.json', - 'identity' => 'keystone_policy.json', - 'network' => 'neutron_policy.json', - } - }) - end - - it 'POLICY_FILES_PATH and POLICY_FILES are configured' do - verify_concat_fragment_contents(catalogue, 'local_settings.py', [ - "POLICY_FILES_PATH = '/opt/openstack-dashboard'", - "POLICY_FILES = {", - " 'compute': 'nova_policy.json',", - " 'identity': 'keystone_policy.json',", - " 'network': 'neutron_policy.json',", - "} # POLICY_FILES" - ]) - end - end - - context 'with overriding local_settings_template' do - before do - params.merge!({ - :django_debug => 'True', - :help_url => 'https://docs.openstack.org', - :local_settings_template => fixtures_path + '/override_local_settings.py.erb' - }) - end - - it 'uses the custom local_settings.py template' do - verify_concat_fragment_contents(catalogue, 'local_settings.py', [ - '# Custom local_settings.py', - 'DEBUG = True', - "HORIZON_CONFIG = {", - " 'dashboards': ('project', 'admin', 'settings',),", - " 'default_dashboard': 'project',", - " 'user_home': 'openstack_dashboard.views.get_user_home',", - " 'ajax_queue_limit': 10,", - " 'auto_fade_alerts': {", - " 'delay': 3000,", - " 'fade_duration': 1500,", - " 'types': ['alert-success', 'alert-info']", - " },", - " 'help_url': \"https://docs.openstack.org\",", - " 'exceptions': {'recoverable': exceptions.RECOVERABLE,", - " 'not_found': exceptions.NOT_FOUND,", - " 'unauthorized': exceptions.UNAUTHORIZED},", - "}", - ]) - end - end - - context 'with /var/tmp as upload temp dir' do - before do - params.merge!({ - :file_upload_temp_dir => '/var/tmp' - }) - end - - it { is_expected.not_to contain_file(params[:file_upload_temp_dir]) } - end - - context 'with image_backend' do - before do - params.merge!({ - :image_backend => { - 'image_formats' => { - '' => 'Select image format', - 'aki' => 'AKI - Amazon Kernel Image', - 'ami' => 'AMI - Amazon Machine Image', - 'ari' => 'ARI - Amazon Ramdisk Image', - 'iso' => 'ISO - Optical Disk Image', - 'qcow2' => 'QCOW2 - QEMU Emulator', - 'raw' => 'Raw', - 'vdi' => 'VDI', - 'vhi' => 'VHI', - 'vmdk' => 'VMDK', - }, - 'architectures' => { - '' => 'Select architecture', - 'x86_64' => 'x86-64', - 'aarch64' => 'ARMv8', - }, - }, - }) - end - - it 'configures OPENSTACK_IMAGE_BACKEND' do - verify_concat_fragment_contents(catalogue, 'local_settings.py', [ - "OPENSTACK_IMAGE_BACKEND = {", - " 'image_formats': [", - " ('', _('Select image format')),", - " ('aki', _('AKI - Amazon Kernel Image')),", - " ('ami', _('AMI - Amazon Machine Image')),", - " ('ari', _('ARI - Amazon Ramdisk Image')),", - " ('iso', _('ISO - Optical Disk Image')),", - " ('qcow2', _('QCOW2 - QEMU Emulator')),", - " ('raw', _('Raw')),", - " ('vdi', _('VDI')),", - " ('vhi', _('VHI')),", - " ('vmdk', _('VMDK')),", - " ], # image_formats", - " 'architectures': [", - " ('', _('Select architecture')),", - " ('x86_64', _('x86-64')),", - " ('aarch64', _('ARMv8')),", - " ], # architectures", - "} # OPENSTACK_IMAGE_BACKEND", - ]) - end - end - end - - context 'on RedHat platforms' do - before do - facts.merge!({ - :osfamily => 'RedHat', - :operatingsystemrelease => '6.0', - :os_package_type => 'rpm' - }) - end - - let :platforms_params do - { :config_file => '/etc/openstack-dashboard/local_settings', - :package_name => 'openstack-dashboard', - :root_url => '/dashboard' } - end - - it_behaves_like 'horizon' - - it 'sets WEBROOT in local_settings.py' do - verify_concat_fragment_contents(catalogue, 'local_settings.py', [ - "WEBROOT = '/dashboard/'", - ]) - end - end - - context 'on Debian platforms' do - before do - facts.merge!({ - :osfamily => 'Debian', - :operatingsystemrelease => '6.0', - :operatingsystem => 'Debian', - :os_package_type => 'debian' - }) - end - - let :platforms_params do - { :config_file => '/etc/openstack-dashboard/local_settings.py', - :package_name => 'openstack-dashboard-apache', - :root_url => '/horizon' } - end - - it_behaves_like 'horizon' - - it 'sets WEBROOT in local_settings.py' do - verify_concat_fragment_contents(catalogue, 'local_settings.py', [ - "WEBROOT = '/horizon/'", - ]) - end - end - - context 'on Ubuntu platforms' do - before do - facts.merge!({ - :osfamily => 'Debian', - :operatingsystem => 'Ubuntu', - :operatingsystemrelease => '14.04', - :os_package_type => 'ubuntu' - }) - end - - let :platforms_params do - { :config_file => '/etc/openstack-dashboard/local_settings.py', - :package_name => 'openstack-dashboard', - :root_url => '/horizon' } - end - - it_behaves_like 'horizon' - - it 'sets WEBROOT in local_settings.py' do - verify_concat_fragment_contents(catalogue, 'local_settings.py', [ - "WEBROOT = '/horizon/'", - ]) - end - end -end diff --git a/horizon/spec/classes/horizon_wsgi_apache_spec.rb b/horizon/spec/classes/horizon_wsgi_apache_spec.rb deleted file mode 100644 index dc9c66fb5..000000000 --- a/horizon/spec/classes/horizon_wsgi_apache_spec.rb +++ /dev/null @@ -1,297 +0,0 @@ -require 'spec_helper' - -describe 'horizon::wsgi::apache' do - - let :params do - { :fqdn => '*', - :servername => 'some.host.tld', - :wsgi_processes => '3', - :wsgi_threads => '10', - } - end - - let :pre_condition do - "include apache\n" + - "class { 'horizon': secret_key => 's3cr3t', configure_apache => false }" - end - - let :fixtures_path do - File.expand_path(File.join(__FILE__, '..', '..', 'fixtures')) - end - - let :facts do - { :concat_basedir => '/var/lib/puppet/concat', - :fqdn => 'some.host.tld' - } - end - - shared_examples 'apache for horizon' do - - context 'with default parameters' do - it 'configures apache' do - is_expected.to contain_class('horizon::params') - is_expected.to contain_class('apache') - is_expected.to contain_class('apache::mod::wsgi') - is_expected.to contain_service('httpd').with_name(platforms_params[:http_service]) - is_expected.to contain_package('httpd').with_name(platforms_params[:http_service]) - is_expected.to contain_file(platforms_params[:httpd_config_file]) - is_expected.to contain_package('horizon').with_ensure('present') - is_expected.to contain_apache__vhost('horizon_vhost').with( - 'servername' => 'some.host.tld', - 'access_log_file' => 'horizon_access.log', - 'error_log_file' => 'horizon_error.log', - 'priority' => '15', - 'serveraliases' => ['*'], - 'docroot' => '/var/www/', - 'ssl' => 'false', - 'port' => '80', - 'redirectmatch_status' => 'permanent', - 'redirectmatch_regexp' => '^/$', - 'redirectmatch_dest' => platforms_params[:root_url], - 'wsgi_script_aliases' => { platforms_params[:root_url] => '/usr/share/openstack-dashboard/openstack_dashboard/wsgi/django.wsgi' }, - 'wsgi_process_group' => platforms_params[:wsgi_group], - 'wsgi_daemon_process' => platforms_params[:wsgi_group], - 'wsgi_daemon_process_options' => { 'processes' => params[:wsgi_processes], 'threads' => params[:wsgi_threads], 'user' => platforms_params[:unix_user], 'group' => platforms_params[:unix_group] } - ) - end - end - - context 'with overriden parameters' do - before do - params.merge!({ - :priority => '10', - :redirect_type => 'temp', - }) - end - - it 'configures apache' do - is_expected.to contain_class('horizon::params') - is_expected.to contain_class('apache') - is_expected.to contain_class('apache::mod::wsgi') - is_expected.to contain_service('httpd').with_name(platforms_params[:http_service]) - is_expected.to contain_package('httpd').with_name(platforms_params[:http_service]) - is_expected.to contain_file(platforms_params[:httpd_config_file]) - is_expected.to contain_package('horizon').with_ensure('present') - is_expected.to contain_apache__vhost('horizon_vhost').with( - 'servername' => 'some.host.tld', - 'access_log_file' => 'horizon_access.log', - 'error_log_file' => 'horizon_error.log', - 'priority' => params[:priority], - 'serveraliases' => ['*'], - 'docroot' => '/var/www/', - 'ssl' => 'false', - 'port' => '80', - 'redirectmatch_status' => 'temp', - 'redirectmatch_regexp' => '^/$', - 'redirectmatch_dest' => platforms_params[:root_url], - 'wsgi_script_aliases' => { platforms_params[:root_url] => '/usr/share/openstack-dashboard/openstack_dashboard/wsgi/django.wsgi' }, - 'wsgi_process_group' => platforms_params[:wsgi_group], - 'wsgi_daemon_process' => platforms_params[:wsgi_group], - 'wsgi_daemon_process_options' => { 'processes' => params[:wsgi_processes], 'threads' => params[:wsgi_threads], 'user' => platforms_params[:unix_user], 'group' => platforms_params[:unix_group] } - ) - end - end - - context 'with ssl enabled' do - before do - params.merge!({ - :listen_ssl => true, - :ssl_redirect => true, - :horizon_cert => '/etc/pki/tls/certs/httpd.crt', - :horizon_key => '/etc/pki/tls/private/httpd.key', - :horizon_ca => '/etc/pki/tls/certs/ca.crt', - }) - end - - context 'with required parameters' do - it 'configures apache for SSL' do - is_expected.to contain_class('apache::mod::ssl') - end - it { is_expected.to contain_apache__vhost('horizon_ssl_vhost').with( - 'servername' => 'some.host.tld', - 'access_log_file' => 'horizon_ssl_access.log', - 'error_log_file' => 'horizon_ssl_error.log', - 'priority' => '15', - 'serveraliases' => ['*'], - 'docroot' => '/var/www/', - 'ssl' => 'true', - 'port' => '443', - 'ssl_cert' => '/etc/pki/tls/certs/httpd.crt', - 'ssl_key' => '/etc/pki/tls/private/httpd.key', - 'ssl_ca' => '/etc/pki/tls/certs/ca.crt', - 'redirectmatch_status' => 'permanent', - 'redirectmatch_regexp' => '^/$', - 'redirectmatch_dest' => platforms_params[:root_url], - 'wsgi_process_group' => 'horizon-ssl', - 'wsgi_daemon_process' => 'horizon-ssl', - 'wsgi_script_aliases' => { platforms_params[:root_url] => '/usr/share/openstack-dashboard/openstack_dashboard/wsgi/django.wsgi' }, - )} - - it { is_expected.to contain_apache__vhost('horizon_vhost').with( - 'servername' => 'some.host.tld', - 'access_log_file' => 'horizon_access.log', - 'error_log_file' => 'horizon_error.log', - 'priority' => '15', - 'serveraliases' => ['*'], - 'docroot' => '/var/www/', - 'ssl' => 'false', - 'port' => '80', - 'redirectmatch_status' => 'permanent', - 'redirectmatch_regexp' => '(.*)', - 'redirectmatch_dest' => 'https://some.host.tld', - 'wsgi_process_group' => platforms_params[:wsgi_group], - 'wsgi_daemon_process' => platforms_params[:wsgi_group], - 'wsgi_script_aliases' => { platforms_params[:root_url] => '/usr/share/openstack-dashboard/openstack_dashboard/wsgi/django.wsgi' }, - )} - end - - context 'without required parameters' do - - context 'without horizon_ca parameter' do - before { params.delete(:horizon_ca) } - it_raises 'a Puppet::Error', /The horizon_ca parameter is required when listen_ssl is true/ - end - - context 'without horizon_cert parameter' do - before { params.delete(:horizon_cert) } - it_raises 'a Puppet::Error', /The horizon_cert parameter is required when listen_ssl is true/ - end - - context 'without horizon_key parameter' do - before { params.delete(:horizon_key) } - it_raises 'a Puppet::Error', /The horizon_key parameter is required when listen_ssl is true/ - end - end - - context 'with extra parameters' do - before do - params.merge!({ - :extra_params => { - 'add_listen' => false, - 'docroot' => '/tmp' - }, - }) - end - - it 'configures apache' do - is_expected.to contain_apache__vhost('horizon_vhost').with( - 'add_listen' => false, - 'docroot' => '/tmp' - ) - end - - end - - - end - end - - context 'on RedHat platforms' do - before do - facts.merge!({ - :osfamily => 'RedHat', - :operatingsystemrelease => '6.0' - }) - end - - let :platforms_params do - { :http_service => 'httpd', - :httpd_config_file => '/etc/httpd/conf.d/openstack-dashboard.conf', - :root_url => '/dashboard', - :apache_user => 'apache', - :apache_group => 'apache', - :wsgi_user => 'dashboard', - :wsgi_group => 'dashboard', - :unix_user => 'apache', - :unix_group => 'apache' } - end - - it_behaves_like 'apache for horizon' - it { - is_expected.to contain_class('apache::mod::wsgi').with(:wsgi_socket_prefix => '/var/run/wsgi') - } - it 'configures webroot alias' do - if (Gem::Version.new(Puppet.version) >= Gem::Version.new('4.0')) - is_expected.to contain_apache__vhost('horizon_vhost').with( - 'aliases' => [{'alias' => '/dashboard/static', 'path' => '/usr/share/openstack-dashboard/static'}], - ) - else - is_expected.to contain_apache__vhost('horizon_vhost').with( - 'aliases' => [['alias', '/dashboard/static'], ['path', '/usr/share/openstack-dashboard/static']], - ) - end - end - end - - context 'on Debian platforms' do - before do - facts.merge!({ - :osfamily => 'Debian', - :operatingsystem => 'Debian', - :operatingsystemrelease => '6.0', - :os_package_type => 'debian' - }) - end - - let :platforms_params do - { :http_service => 'apache2', - :httpd_config_file => '/etc/apache2/sites-available/openstack-dashboard-alias-only.conf', - :root_url => '/horizon', - :apache_user => 'www-data', - :apache_group => 'www-data', - :wsgi_user => 'horizon', - :wsgi_group => 'horizon', - :unix_user => 'horizon', - :unix_group => 'horizon' } - end - - it_behaves_like 'apache for horizon' - it 'configures webroot alias' do - if (Gem::Version.new(Puppet.version) >= Gem::Version.new('4.0')) - is_expected.to contain_apache__vhost('horizon_vhost').with( - 'aliases' => [{'alias' => '/horizon/static', 'path' => '/usr/share/openstack-dashboard/static'}], - ) - else - is_expected.to contain_apache__vhost('horizon_vhost').with( - 'aliases' => [['alias', '/horizon/static'], ['path', '/usr/share/openstack-dashboard/static']], - ) - end - end - end - - context 'on Ubuntu platforms' do - before do - facts.merge!({ - :osfamily => 'Debian', - :operatingsystem => 'Ubuntu', - :operatingsystemrelease => '14.04', - :os_package_type => 'ubuntu' - }) - end - - let :platforms_params do - { :http_service => 'apache2', - :httpd_config_file => '/etc/apache2/conf-available/openstack-dashboard.conf', - :root_url => '/horizon', - :apache_user => 'www-data', - :apache_group => 'www-data', - :wsgi_user => 'horizon', - :wsgi_group => 'horizon', - :unix_user => 'horizon', - :unix_group => 'horizon' } - end - - it_behaves_like 'apache for horizon' - it 'configures webroot alias' do - if (Gem::Version.new(Puppet.version) >= Gem::Version.new('4.0')) - is_expected.to contain_apache__vhost('horizon_vhost').with( - 'aliases' => [{'alias' => '/horizon/static', 'path' => '/usr/share/openstack-dashboard/static'}], - ) - else - is_expected.to contain_apache__vhost('horizon_vhost').with( - 'aliases' => [['alias', '/horizon/static'], ['path', '/usr/share/openstack-dashboard/static']], - ) - end - end - end -end diff --git a/horizon/spec/fixtures/override_local_settings.py.erb b/horizon/spec/fixtures/override_local_settings.py.erb deleted file mode 100644 index 42639652a..000000000 --- a/horizon/spec/fixtures/override_local_settings.py.erb +++ /dev/null @@ -1,18 +0,0 @@ -# Custom local_settings.py -DEBUG = <%= @django_debug %> - -HORIZON_CONFIG = { - 'dashboards': ('project', 'admin', 'settings',), - 'default_dashboard': 'project', - 'user_home': 'openstack_dashboard.views.get_user_home', - 'ajax_queue_limit': 10, - 'auto_fade_alerts': { - 'delay': 3000, - 'fade_duration': 1500, - 'types': ['alert-success', 'alert-info'] - }, - 'help_url': "<%= @help_url %>", - 'exceptions': {'recoverable': exceptions.RECOVERABLE, - 'not_found': exceptions.NOT_FOUND, - 'unauthorized': exceptions.UNAUTHORIZED}, -} diff --git a/horizon/spec/shared_examples.rb b/horizon/spec/shared_examples.rb deleted file mode 100644 index fec0eacc9..000000000 --- a/horizon/spec/shared_examples.rb +++ /dev/null @@ -1,5 +0,0 @@ -shared_examples_for "a Puppet::Error" do |description| - it "with message matching #{description.inspect}" do - expect { is_expected.to have_class_count(1) }.to raise_error(Puppet::Error, description) - end -end diff --git a/horizon/spec/spec_helper.rb b/horizon/spec/spec_helper.rb deleted file mode 100644 index 8d2362780..000000000 --- a/horizon/spec/spec_helper.rb +++ /dev/null @@ -1,23 +0,0 @@ -require 'puppetlabs_spec_helper/module_spec_helper' -require 'shared_examples' - -require 'puppet-openstack_spec_helper/defaults' -require 'rspec-puppet-facts' -include RspecPuppetFacts - -RSpec.configure do |c| - c.alias_it_should_behave_like_to :it_configures, 'configures' - c.alias_it_should_behave_like_to :it_raises, 'raises' - # TODO(aschultz): remove this after all tests converted to use OSDefaults - # instead of referencing @default_facts - c.before :each do - @default_facts = OSDefaults.get_facts - end -end - -def verify_concat_fragment_contents(subject, title, expected_lines) - content = subject.resource('concat::fragment', title).send(:parameters)[:content] - expect(content.split("\n") & expected_lines).to eq(expected_lines) -end - -at_exit { RSpec::Puppet::Coverage.report! } diff --git a/horizon/spec/spec_helper_acceptance.rb b/horizon/spec/spec_helper_acceptance.rb deleted file mode 100644 index 9196bc99b..000000000 --- a/horizon/spec/spec_helper_acceptance.rb +++ /dev/null @@ -1 +0,0 @@ -require 'puppet-openstack_spec_helper/beaker_spec_helper' diff --git a/horizon/spec/unit/puppet/parser/functions/os_any2array_spec.rb b/horizon/spec/unit/puppet/parser/functions/os_any2array_spec.rb deleted file mode 100644 index 70a993981..000000000 --- a/horizon/spec/unit/puppet/parser/functions/os_any2array_spec.rb +++ /dev/null @@ -1,55 +0,0 @@ -#! /usr/bin/env ruby -S rspec -require 'spec_helper' - -describe "the os_any2array function" do - let(:scope) { PuppetlabsSpec::PuppetInternals.scope } - - it "should exist" do - expect(Puppet::Parser::Functions.function("os_any2array")).to eq("function_os_any2array") - end - - it "should return an empty array if there is less than 1 argument" do - result = scope.function_os_any2array([]) - expect(result).to(eq([])) - end - - it "should convert boolean true to [ true ] " do - result = scope.function_os_any2array([true]) - expect(result).to(eq([true])) - end - - it "should convert one object to [object]" do - result = scope.function_os_any2array(['one']) - expect(result).to(eq(['one'])) - end - - it "should convert multiple objects to [objects]" do - result = scope.function_os_any2array(['one', 'two']) - expect(result).to(eq(['one', 'two'])) - end - - it "should return empty array it was called with" do - result = scope.function_os_any2array([[]]) - expect(result).to(eq([])) - end - - it "should return one-member array it was called with" do - result = scope.function_os_any2array([['string']]) - expect(result).to(eq(['string'])) - end - - it "should return multi-member array it was called with" do - result = scope.function_os_any2array([['one', 'two']]) - expect(result).to(eq(['one', 'two'])) - end - - it "should return members of a hash it was called with" do - result = scope.function_os_any2array([{ 'key' => 'value' }]) - expect(result).to(eq(['key', 'value'])) - end - - it "should return an empty array if it was called with an empty hash" do - result = scope.function_os_any2array([{ }]) - expect(result).to(eq([])) - end -end diff --git a/horizon/templates/local_settings.py.erb b/horizon/templates/local_settings.py.erb deleted file mode 100644 index 537efd88a..000000000 --- a/horizon/templates/local_settings.py.erb +++ /dev/null @@ -1,933 +0,0 @@ -import os - -from django.utils.translation import ugettext_lazy as _ - -from horizon.utils import secret_key - -from openstack_dashboard import exceptions -from openstack_dashboard.settings import HORIZON_CONFIG - -DEBUG = <%= @django_debug.to_s.capitalize %> -TEMPLATE_DEBUG = DEBUG - - -# WEBROOT is the location relative to Webserver root -# should end with a slash. -#LOGIN_URL = WEBROOT + 'auth/login/' -#LOGOUT_URL = WEBROOT + 'auth/logout/' -WEBROOT = '<%= @root_url %>/' -LOGIN_URL = '<%= @root_url %>/auth/login/' -LOGOUT_URL = '<%= @root_url %>/auth/logout/' - -# LOGIN_REDIRECT_URL can be used as an alternative for -# HORIZON_CONFIG.user_home, if user_home is not set. -# Do not set it to '/home/', as this will cause circular redirect loop -#LOGIN_REDIRECT_URL = WEBROOT -LOGIN_REDIRECT_URL = '<%= @root_url %>/' - -# Required for Django 1.5. -# If horizon is running in production (DEBUG is False), set this -# with the list of host/domain names that the application can serve. -# For more information see: -# https://docs.djangoproject.com/en/dev/ref/settings/#allowed-hosts -#ALLOWED_HOSTS = ['horizon.example.com', ] -<% if @final_allowed_hosts.kind_of?(Array) %> -ALLOWED_HOSTS = ['<%= @final_allowed_hosts.join("', '") %>', ] -<% else %> -ALLOWED_HOSTS = ['<%= @final_allowed_hosts %>', ] -<% end %> - -# Set SSL proxy settings: -# Pass this header from the proxy after terminating the SSL, -# and don't forget to strip it from the client's request. -# For more information see: -# https://docs.djangoproject.com/en/1.8/ref/settings/#secure-proxy-ssl-header -#SECURE_PROXY_SSL_HEADER = ('HTTP_X_FORWARDED_PROTO', 'https') - -# If Horizon is being served through SSL, then uncomment the following two -# settings to better secure the cookies from security exploits -<% if @secure_cookies %> -CSRF_COOKIE_SECURE = True -SESSION_COOKIE_SECURE = True -<% else %> -#CSRF_COOKIE_SECURE = True -#SESSION_COOKIE_SECURE = True -<% end %> - -# Overrides for OpenStack API versions. Use this setting to force the -# OpenStack dashboard to use a specific API version for a given service API. -# Versions specified here should be integers or floats, not strings. -# NOTE: The version should be formatted as it appears in the URL for the -# service API. For example, The identity service APIs have inconsistent -# use of the decimal point, so valid options would be 2.0 or 3. -#OPENSTACK_API_VERSIONS = { -# "data-processing": 1.1, -# "identity": 3, -# "volume": 2, -# "compute": 2 -#} -<% if ! (@api_versions.empty?) and @api_versions.kind_of?(Hash) %> -OPENSTACK_API_VERSIONS = { -<% @api_versions.sort.each do |opt_name,opt_val| -%> - '<%= opt_name -%>': <%= opt_val -%>, -<%end %> -} -<%end %> - -# Set this to True if running on multi-domain model. When this is enabled, it -# will require user to enter the Domain name in addition to username for login. -#OPENSTACK_KEYSTONE_MULTIDOMAIN_SUPPORT = False -<% if @keystone_multidomain_support %> -OPENSTACK_KEYSTONE_MULTIDOMAIN_SUPPORT = True -<% end %> - -# Overrides the default domain used when running on single-domain model -# with Keystone V3. All entities will be created in the default domain. -#OPENSTACK_KEYSTONE_DEFAULT_DOMAIN = 'Default' -<% if @keystone_default_domain %> -OPENSTACK_KEYSTONE_DEFAULT_DOMAIN = '<%= @keystone_default_domain %>' -<% end %> - -# Set Console type: -# valid options are "AUTO"(default), "VNC", "SPICE", "RDP", "SERIAL" or None -# Set to None explicitly if you want to deactivate the console. -#CONSOLE_TYPE = "AUTO" - -# Default OpenStack Dashboard configuration. -HORIZON_CONFIG = { - 'dashboards': ('project', 'admin', 'settings',), - 'default_dashboard': 'project', - 'user_home': 'openstack_dashboard.views.get_user_home', - 'ajax_queue_limit': 10, - 'auto_fade_alerts': { - 'delay': 3000, - 'fade_duration': 1500, - 'types': ['alert-success', 'alert-info'] - }, - 'help_url': "<%= @help_url %>", - 'exceptions': {'recoverable': exceptions.RECOVERABLE, - 'not_found': exceptions.NOT_FOUND, - 'unauthorized': exceptions.UNAUTHORIZED}, -} - -# If provided, a "Report Bug" link will be displayed in the site header -# which links to the value of this setting (ideally a URL containing -# information on how to report issues). -#HORIZON_CONFIG["bug_url"] = "http://bug-report.example.com" - -# Show backdrop element outside the modal, do not close the modal -# after clicking on backdrop. -#HORIZON_CONFIG["modal_backdrop"] = "static" - -# Specify a regular expression to validate user passwords. -#HORIZON_CONFIG["password_validator"] = { -# "regex": '.*', -# "help_text": _("Your password does not meet the requirements."), -#} - -# Disable simplified floating IP address management for deployments with -# multiple floating IP pools or complex network requirements. -#HORIZON_CONFIG["simple_ip_management"] = False - -# Turn off browser autocompletion for forms including the login form and -# the database creation workflow if so desired. -#HORIZON_CONFIG["password_autocomplete"] = "off" - -# Setting this to True will disable the reveal button for password fields, -# including on the login form. -#HORIZON_CONFIG["disable_password_reveal"] = False - -LOCAL_PATH = os.path.dirname(os.path.abspath(__file__)) - -# Set custom secret key: -# You can either set it to a specific value or you can let horizon generate a -# default secret key that is unique on this machine, e.i. regardless of the -# amount of Python WSGI workers (if used behind Apache+mod_wsgi): However, -# there may be situations where you would want to set this explicitly, e.g. -# when multiple dashboard instances are distributed on different machines -# (usually behind a load-balancer). Either you have to make sure that a session -# gets all requests routed to the same dashboard instance or you set the same -# SECRET_KEY for all of them. -#SECRET_KEY = secret_key.generate_or_read_from_file( -# os.path.join(LOCAL_PATH, '.secret_key_store')) -SECRET_KEY = '<%= @secret_key %>' - -# We recommend you use memcached for development; otherwise after every reload -# of the django development server, you will have to login again. To use -# memcached set CACHES to something like -#CACHES = { -# 'default': { -# 'BACKEND': 'django.core.cache.backends.memcached.MemcachedCache', -# 'LOCATION': '127.0.0.1:11211', -# } -#} -# -#CACHES = { -# 'default': { -# 'BACKEND': 'django.core.cache.backends.locmem.LocMemCache', -# } -#} -CACHES = { - 'default': { - <% if @cache_options.kind_of?(Hash) %> - 'OPTIONS': { - <% @cache_options.sort.each do |opt_name,opt_val| -%> - '<%= opt_name -%>': <%= opt_val -%>, - <% end -%>}, - <% end -%> - 'BACKEND': '<%= @cache_backend %>', - <% if @cache_server_ip %> - <% if @cache_server_ip.kind_of?(Array) %> - <% split = ":" + @cache_server_port + "','" %> - 'LOCATION': [ <% @cache_server_ip.each do |ip| -%>'<%= ip -%>:<%= @cache_server_port -%>',<% end -%> ], - <% else %> - 'LOCATION': '<%= @cache_server_ip %>:<%= @cache_server_port %>', - <% end %> - <% end %> - } -} - -<% if @django_session_engine %> -SESSION_ENGINE = "<%= @django_session_engine %>" -<% end %> - -# Send email to the console by default -EMAIL_BACKEND = 'django.core.mail.backends.console.EmailBackend' -# Or send them to /dev/null -#EMAIL_BACKEND = 'django.core.mail.backends.dummy.EmailBackend' - -# Configure these for your outgoing email host -#EMAIL_HOST = 'smtp.my-company.com' -#EMAIL_PORT = 25 -#EMAIL_HOST_USER = 'djangomail' -#EMAIL_HOST_PASSWORD = 'top-secret!' - -# For multiple regions uncomment this configuration, and add (endpoint, title). -#AVAILABLE_REGIONS = [ -# ('http://cluster1.example.com:5000/v2.0', 'cluster1'), -# ('http://cluster2.example.com:5000/v2.0', 'cluster2'), -#] -<% if @available_regions.kind_of?(Array) %> -AVAILABLE_REGIONS = [ -<% @available_regions.each do |r| -%> - ('<%= r[0] -%>', '<%= r[1] -%>'), -<% end -%> -] -<% end -%> - -#OPENSTACK_HOST = "127.0.0.1" -#OPENSTACK_KEYSTONE_URL = "http://%s:5000/v2.0" % OPENSTACK_HOST -#OPENSTACK_KEYSTONE_DEFAULT_ROLE = "_member_" -OPENSTACK_KEYSTONE_URL = "<%= @keystone_url %>" -OPENSTACK_KEYSTONE_DEFAULT_ROLE = "<%= @keystone_default_role %>" - -# Enables keystone web single-sign-on if set to True. -#WEBSSO_ENABLED = False - -# Determines which authentication choice to show as default. -#WEBSSO_INITIAL_CHOICE = "credentials" - -# The list of authentication mechanisms which include keystone -# federation protocols and identity provider/federation protocol -# mapping keys (WEBSSO_IDP_MAPPING). Current supported protocol -# IDs are 'saml2' and 'oidc' which represent SAML 2.0, OpenID -# Connect respectively. -# Do not remove the mandatory credentials mechanism. -# Note: The last two tuples are sample mapping keys to a identity provider -# and federation protocol combination (WEBSSO_IDP_MAPPING). -#WEBSSO_CHOICES = ( -# ("credentials", _("Keystone Credentials")), -# ("oidc", _("OpenID Connect")), -# ("saml2", _("Security Assertion Markup Language")), -# ("acme_oidc", "ACME - OpenID Connect"), -# ("acme_saml2", "ACME - SAML2") -#) - -# A dictionary of specific identity provider and federation protocol -# combinations. From the selected authentication mechanism, the value -# will be looked up as keys in the dictionary. If a match is found, -# it will redirect the user to a identity provider and federation protocol -# specific WebSSO endpoint in keystone, otherwise it will use the value -# as the protocol_id when redirecting to the WebSSO by protocol endpoint. -# NOTE: The value is expected to be a tuple formatted as: (, ). -#WEBSSO_IDP_MAPPING = { -# "acme_oidc": ("acme", "oidc"), -# "acme_saml2": ("acme", "saml2") -#} - -# Disable SSL certificate checks (useful for self-signed certificates): -#OPENSTACK_SSL_NO_VERIFY = True -<% if @ssl_no_verify %> -OPENSTACK_SSL_NO_VERIFY = True -<% end -%> - -# The CA certificate to use to verify SSL connections -#OPENSTACK_SSL_CACERT = '/path/to/cacert.pem' - -# The OPENSTACK_KEYSTONE_BACKEND settings can be used to identify the -# capabilities of the auth backend for Keystone. -# If Keystone has been configured to use LDAP as the auth backend then set -# can_edit_user to False and name to 'ldap'. -# -# TODO(tres): Remove these once Keystone has an API to identify auth backend. -OPENSTACK_KEYSTONE_BACKEND = { - 'name': 'native', - 'can_edit_user': True, - 'can_edit_group': True, - 'can_edit_project': True, - 'can_edit_domain': True, - 'can_edit_role': True, -} - -# Setting this to True, will add a new "Retrieve Password" action on instance, -# allowing Admin session password retrieval/decryption. -#OPENSTACK_ENABLE_PASSWORD_RETRIEVE = False - -# The Launch Instance user experience has been significantly enhanced. -# You can choose whether to enable the new launch instance experience, -# the legacy experience, or both. The legacy experience will be removed -# in a future release, but is available as a temporary backup setting to ensure -# compatibility with existing deployments. Further development will not be -# done on the legacy experience. Please report any problems with the new -# experience via the Launchpad tracking system. -# -# Toggle LAUNCH_INSTANCE_LEGACY_ENABLED and LAUNCH_INSTANCE_NG_ENABLED to -# determine the experience to enable. Set them both to true to enable -# both. -#LAUNCH_INSTANCE_LEGACY_ENABLED = True -#LAUNCH_INSTANCE_NG_ENABLED = False - -# The Xen Hypervisor has the ability to set the mount point for volumes -# attached to instances (other Hypervisors currently do not). Setting -# can_set_mount_point to True will add the option to set the mount point -# from the UI. -#OPENSTACK_HYPERVISOR_FEATURES = { -# 'can_set_mount_point': False, -# 'can_set_password': False, -# 'requires_keypair': False, -#} - -# The OPENSTACK_HYPERVISOR_FEATURES settings can be used to enable optional -# services provided by hypervisors. -<%- if ! (@hypervisor_options_real.empty?) -%> -OPENSTACK_HYPERVISOR_FEATURES = { -<%- @hypervisor_options_real.sort.each do |opt_name,opt_val| -%> - '<%= opt_name -%>': <%= opt_val.to_s.capitalize -%>, -<%-end-%> -} -<%-end-%> - -# The OPENSTACK_CINDER_FEATURES settings can be used to enable optional -# services provided by cinder that is not exposed by its extension API. -#OPENSTACK_CINDER_FEATURES = { -# 'enable_backup': False, -#} -<%- if ! (@cinder_options_real.empty?) -%> -OPENSTACK_CINDER_FEATURES = { -<%- @cinder_options_real.sort.each do |opt_name,opt_val| -%> - '<%= opt_name -%>': <%= opt_val.to_s.capitalize -%>, -<%-end-%> -} -<%-end-%> - -# The OPENSTACK_NEUTRON_NETWORK settings can be used to enable optional -# services provided by neutron. Options currently available are load -# balancer service, security groups, quotas, VPN service. -#OPENSTACK_NEUTRON_NETWORK = { -# 'enable_router': True, -# 'enable_quotas': True, -# 'enable_ipv6': True, -# 'enable_distributed_router': False, -# 'enable_ha_router': False, -# 'enable_lb': True, -# 'enable_firewall': True, -# 'enable_vpn': True, -# 'enable_fip_topology_check': True, - - # Neutron can be configured with a default Subnet Pool to be used for IPv4 - # subnet-allocation. Specify the label you wish to display in the Address - # pool selector on the create subnet step if you want to use this feature. - #'default_ipv4_subnet_pool_label': None, - - # Neutron can be configured with a default Subnet Pool to be used for IPv6 - # subnet-allocation. Specify the label you wish to display in the Address - # pool selector on the create subnet step if you want to use this feature. - # You must set this to enable IPv6 Prefix Delegation in a PD-capable - # environment. - #'default_ipv6_subnet_pool_label': None, - - # The profile_support option is used to detect if an external router can be - # configured via the dashboard. When using specific plugins the - # profile_support can be turned on if needed. - #'profile_support': None, - #'profile_support': 'cisco', - - # Set which provider network types are supported. Only the network types - # in this list will be available to choose from when creating a network. - # Network types include local, flat, vlan, gre, and vxlan. - #'supported_provider_types': ['*'], - - # Set which VNIC types are supported for port binding. Only the VNIC - # types in this list will be available to choose from when creating a - # port. - # VNIC types include 'normal', 'macvtap' and 'direct'. - # Set to empty list or None to disable VNIC type selection. - #'supported_vnic_types': ['*'] -#} -<%- if ! (@neutron_options_real.empty?) -%> -OPENSTACK_NEUTRON_NETWORK = { -<%- @neutron_options_real.sort.each do |opt_name,opt_val| -%> - <%- if opt_val == true or opt_val == false -%> - '<%= opt_name -%>': <%= opt_val.to_s.capitalize -%>, - <%- elsif opt_val == 'None' -%> - '<%= opt_name -%>': None, - <%- elsif opt_val.kind_of?(Array) -%> - '<%= opt_name -%>': ['<%= opt_val.join("', '") %>'], - <%- else -%> - '<%= opt_name -%>': '<%= opt_val -%>', - <%-end-%> -<%-end-%> -} -<%-end-%> - -# The OPENSTACK_HEAT_STACK settings can be used to disable password -# field required while launching the stack. -#OPENSTACK_HEAT_STACK = { -# 'enable_user_pass': True, -#} - -# The OPENSTACK_IMAGE_BACKEND settings can be used to customize features -# in the OpenStack Dashboard related to the Image service, such as the list -# of supported image formats. -#OPENSTACK_IMAGE_BACKEND = { -# 'image_formats': [ -# ('', _('Select format')), -# ('aki', _('AKI - Amazon Kernel Image')), -# ('ami', _('AMI - Amazon Machine Image')), -# ('ari', _('ARI - Amazon Ramdisk Image')), -# ('docker', _('Docker')), -# ('iso', _('ISO - Optical Disk Image')), -# ('ova', _('OVA - Open Virtual Appliance')), -# ('qcow2', _('QCOW2 - QEMU Emulator')), -# ('raw', _('Raw')), -# ('vdi', _('VDI - Virtual Disk Image')), -# ('vhd', ('VHD - Virtual Hard Disk')), -# ('vmdk', _('VMDK - Virtual Machine Disk')), -# ] -#} -<%- if !(@image_backend.empty?) -%> -OPENSTACK_IMAGE_BACKEND = { - <%- @image_backend.each do |opt_name,opt_val| -%> - '<%= opt_name %>': [ - <%- opt_val.each do |val,label| -%> - ('<%= val %>', _('<%= label %>')), - <%- end -%> - ], # <%= opt_name %> - <%- end -%> -} # OPENSTACK_IMAGE_BACKEND -<%- end -%> - -# The IMAGE_CUSTOM_PROPERTY_TITLES settings is used to customize the titles for -# image custom property attributes that appear on image detail pages. -#IMAGE_CUSTOM_PROPERTY_TITLES = { -# "architecture": _("Architecture"), -# "kernel_id": _("Kernel ID"), -# "ramdisk_id": _("Ramdisk ID"), -# "image_state": _("Euca2ools state"), -# "project_id": _("Project ID"), -# "image_type": _("Image Type"), -#} - -# The IMAGE_RESERVED_CUSTOM_PROPERTIES setting is used to specify which image -# custom properties should not be displayed in the Image Custom Properties -# table. -#IMAGE_RESERVED_CUSTOM_PROPERTIES = [] - -# OPENSTACK_ENDPOINT_TYPE specifies the endpoint type to use for the endpoints -# in the Keystone service catalog. Use this setting when Horizon is running -# external to the OpenStack environment. The default is 'publicURL'. -#OPENSTACK_ENDPOINT_TYPE = "publicURL" -<% if @openstack_endpoint_type %> -OPENSTACK_ENDPOINT_TYPE = "<%= @openstack_endpoint_type %>" -<% end %> - -# SECONDARY_ENDPOINT_TYPE specifies the fallback endpoint type to use in the -# case that OPENSTACK_ENDPOINT_TYPE is not present in the endpoints -# in the Keystone service catalog. Use this setting when Horizon is running -# external to the OpenStack environment. The default is None. This -# value should differ from OPENSTACK_ENDPOINT_TYPE if used. -#SECONDARY_ENDPOINT_TYPE = "publicURL" -<% if @secondary_endpoint_type %> -SECONDARY_ENDPOINT_TYPE = "<%= @secondary_endpoint_type %>" -<% end %> - -# The number of objects (Swift containers/objects or images) to display -# on a single page before providing a paging element (a "more" link) -# to paginate results. -#API_RESULT_LIMIT = 1000 -#API_RESULT_PAGE_SIZE = 20$ -API_RESULT_LIMIT = <%= @api_result_limit %> -API_RESULT_PAGE_SIZE = 20 - -# The size of chunk in bytes for downloading objects from Swift -#SWIFT_FILE_TRANSFER_CHUNK_SIZE = 512 * 1024 - -# Specify a maximum number of items to display in a dropdown. -#DROPDOWN_MAX_ITEMS = 30 - -# The timezone of the server. This should correspond with the timezone -# of your entire OpenStack installation, and hopefully be in UTC. -TIME_ZONE = "<%= @timezone %>" - -# If you have external monitoring links, eg: -<% if @horizon_app_links %> -EXTERNAL_MONITORING = <%= @horizon_app_links %> -<% end %> - -# When launching an instance, the menu of available flavors is -# sorted by RAM usage, ascending. If you would like a different sort order, -# you can provide another flavor attribute as sorting key. Alternatively, you -# can provide a custom callback method to use for sorting. You can also provide -# a flag for reverse sort. For more info, see -# http://docs.python.org/2/library/functions.html#sorted -#CREATE_INSTANCE_FLAVOR_SORT = { -# 'key': 'name', -# # or -# 'key': my_awesome_callback_method, -# 'reverse': False, -#} - -# CUSTOM_THEME_PATH allows to set to the directory location for the -# theme (e.g., "static/themes/blue"). The path can either be -# relative to the openstack_dashboard directory or an absolute path -# to an accessible location on the file system. -# If not specified, the default CUSTOM_THEME_PATH is -# static/themes/default. -<% if @custom_theme_path %> -CUSTOM_THEME_PATH = '<%= @custom_theme_path %>' -<% end %> - -# Set this to True to display an 'Admin Password' field on the Change Password -# form to verify that it is indeed the admin logged-in who wants to change -# the password. -#ENFORCE_PASSWORD_CHECK = False - -# Modules that provide /auth routes that can be used to handle different types -# of user authentication. Add auth plugins that require extra route handling to -# this list. -#AUTHENTICATION_URLS = [ -# 'openstack_auth.urls', -#] - -# The Horizon Policy Enforcement engine uses these values to load per service -# policy rule files. The content of these files should match the files the -# OpenStack services are using to determine role based access control in the -# target installation. - -# Path to directory containing policy.json files -#POLICY_FILES_PATH = os.path.join(ROOT_PATH, "conf") -<% if !(@policy_files_path.nil?) %> -POLICY_FILES_PATH = '<%= @policy_files_path %>' -<% elsif @osfamily == 'RedHat' %> -POLICY_FILES_PATH = '/etc/openstack-dashboard' -<% else %> -#POLICY_FILES_PATH = os.path.join(ROOT_PATH, "conf") -<% end -%> - -# Map of local copy of service policy files. -# Please insure that your identity policy file matches the one being used on -# your keystone servers. There is an alternate policy file that may be used -# in the Keystone v3 multi-domain case, policy.v3cloudsample.json. -# This file is not included in the Horizon repository by default but can be -# found at -# http://git.openstack.org/cgit/openstack/keystone/tree/etc/ \ -# policy.v3cloudsample.json -# Having matching policy files on the Horizon and Keystone servers is essential -# for normal operation. This holds true for all services and their policy files. -#POLICY_FILES = { -# 'identity': 'keystone_policy.json', -# 'compute': 'nova_policy.json', -# 'volume': 'cinder_policy.json', -# 'image': 'glance_policy.json', -# 'orchestration': 'heat_policy.json', -# 'network': 'neutron_policy.json', -# 'telemetry': 'ceilometer_policy.json', -#} -<% if @policy_files.kind_of?(Hash) %> -POLICY_FILES = { -<% @policy_files.sort.each do |service_name,filename| -%> - '<%= service_name -%>': '<%= filename -%>', -<% end -%> -} # POLICY_FILES -<% else -%> -#POLICY_FILES = { -# 'identity': 'keystone_policy.json', -# 'compute': 'nova_policy.json' -#} -<% end -%> - -# TODO: (david-lyle) remove when plugins support adding settings. -# Note: Only used when trove-dashboard plugin is configured to be used by -# Horizon. -# Trove user and database extension support. By default support for -# creating users and databases on database instances is turned on. -# To disable these extensions set the permission here to something -# unusable such as ["!"]. -#TROVE_ADD_USER_PERMS = [] -#TROVE_ADD_DATABASE_PERMS = [] - -# Change this patch to the appropriate static directory containing -# two files: _variables.scss and _styles.scss -#CUSTOM_THEME_PATH = 'themes/default' - -LOGGING = { - 'version': 1, - # When set to True this will disable all logging except - # for loggers specified in this configuration dictionary. Note that - # if nothing is specified here and disable_existing_loggers is True, - # django.db.backends will still log unless it is disabled explicitly. - 'disable_existing_loggers': False, - 'formatters': { - 'verbose': { - 'format': '%(asctime)s %(process)d %(levelname)s %(name)s ' - '%(message)s' - }, - 'normal': { - 'format': 'dashboard-%(name)s: %(levelname)s %(message)s' - }, - }, - 'handlers': { - 'null': { - 'level': 'DEBUG', - 'class': 'django.utils.log.NullHandler', - }, - 'console': { - # Set the level to "DEBUG" for verbose output logging. - 'level': 'INFO', - 'class': 'logging.StreamHandler', - }, - 'file': { - 'level': '<%= @log_level %>', - 'class': 'logging.FileHandler', - 'filename': '<%= scope.lookupvar("horizon::params::logdir") %>/horizon.log', - 'formatter': 'verbose', - }, - 'syslog': { - 'level': '<%= @log_level %>', - 'facility': 'local1', - 'class': 'logging.handlers.SysLogHandler', - 'address': '/dev/log', - 'formatter': 'normal', - } - }, - 'loggers': { - # Logging from django.db.backends is VERY verbose, send to null - # by default. - 'django.db.backends': { - 'handlers': ['null'], - 'propagate': False, - }, - 'requests': { - 'handlers': ['null'], - 'propagate': False, - }, - 'horizon': { - # 'handlers': ['console'], - 'handlers': ['<%= @log_handler %>'], - # 'level': 'DEBUG', - 'level': '<%= @log_level %>', - 'propagate': False, - }, - 'openstack_dashboard': { - # 'handlers': ['console'], - 'handlers': ['<%= @log_handler %>'], - # 'level': 'DEBUG', - 'level': '<%= @log_level %>', - 'propagate': False, - }, - 'novaclient': { - # 'handlers': ['console'], - 'handlers': ['<%= @log_handler %>'], - # 'level': 'DEBUG', - 'level': '<%= @log_level %>', - 'propagate': False, - }, - 'cinderclient': { - # 'handlers': ['console'], - 'handlers': ['<%= @log_handler %>'], - # 'level': 'DEBUG', - 'level': '<%= @log_level %>', - 'propagate': False, - }, - 'keystoneclient': { - # 'handlers': ['console'], - 'handlers': ['<%= @log_handler %>'], - # 'level': 'DEBUG', - 'level': '<%= @log_level %>', - 'propagate': False, - }, - 'glanceclient': { - # 'handlers': ['console'], - 'handlers': ['<%= @log_handler %>'], - # 'level': 'DEBUG', - 'level': '<%= @log_level %>', - 'propagate': False, - }, - 'neutronclient': { - # 'handlers': ['console'], - 'handlers': ['<%= @log_handler %>'], - # 'level': 'DEBUG', - 'level': '<%= @log_level %>', - 'propagate': False, - }, - 'heatclient': { - # 'handlers': ['console'], - 'handlers': ['<%= @log_handler %>'], - # 'level': 'DEBUG', - 'level': '<%= @log_level %>', - 'propagate': False, - }, - 'ceilometerclient': { - # 'handlers': ['console'], - 'handlers': ['<%= @log_handler %>'], - # 'level': 'DEBUG', - 'level': '<%= @log_level %>', - 'propagate': False, - }, - 'troveclient': { - # 'handlers': ['console'], - 'handlers': ['<%= @log_handler %>'], - # 'level': 'DEBUG', - 'level': '<%= @log_level %>', - 'propagate': False, - }, - 'swiftclient': { - # 'handlers': ['console'], - 'handlers': ['<%= @log_handler %>'], - # 'level': 'DEBUG', - 'level': '<%= @log_level %>', - 'propagate': False, - }, - 'openstack_auth': { - # 'handlers': ['console'], - 'handlers': ['<%= @log_handler %>'], - # 'level': 'DEBUG', - 'level': '<%= @log_level %>', - 'propagate': False, - }, - 'nose.plugins.manager': { - # 'handlers': ['console'], - 'handlers': ['<%= @log_handler %>'], - # 'level': 'DEBUG', - 'level': '<%= @log_level %>', - 'propagate': False, - }, - 'django': { - # 'handlers': ['console'], - 'handlers': ['<%= @log_handler %>'], - # 'level': 'DEBUG', - 'level': '<%= @log_level %>', - 'propagate': False, - }, - } -} - -# 'direction' should not be specified for all_tcp/udp/icmp. -# It is specified in the form. -SECURITY_GROUP_RULES = { - 'all_tcp': { - 'name': 'ALL TCP', - 'ip_protocol': 'tcp', - 'from_port': '1', - 'to_port': '65535', - }, - 'all_udp': { - 'name': 'ALL UDP', - 'ip_protocol': 'udp', - 'from_port': '1', - 'to_port': '65535', - }, - 'all_icmp': { - 'name': 'ALL ICMP', - 'ip_protocol': 'icmp', - 'from_port': '-1', - 'to_port': '-1', - }, - 'ssh': { - 'name': 'SSH', - 'ip_protocol': 'tcp', - 'from_port': '22', - 'to_port': '22', - }, - 'smtp': { - 'name': 'SMTP', - 'ip_protocol': 'tcp', - 'from_port': '25', - 'to_port': '25', - }, - 'dns': { - 'name': 'DNS', - 'ip_protocol': 'tcp', - 'from_port': '53', - 'to_port': '53', - }, - 'http': { - 'name': 'HTTP', - 'ip_protocol': 'tcp', - 'from_port': '80', - 'to_port': '80', - }, - 'pop3': { - 'name': 'POP3', - 'ip_protocol': 'tcp', - 'from_port': '110', - 'to_port': '110', - }, - 'imap': { - 'name': 'IMAP', - 'ip_protocol': 'tcp', - 'from_port': '143', - 'to_port': '143', - }, - 'ldap': { - 'name': 'LDAP', - 'ip_protocol': 'tcp', - 'from_port': '389', - 'to_port': '389', - }, - 'https': { - 'name': 'HTTPS', - 'ip_protocol': 'tcp', - 'from_port': '443', - 'to_port': '443', - }, - 'smtps': { - 'name': 'SMTPS', - 'ip_protocol': 'tcp', - 'from_port': '465', - 'to_port': '465', - }, - 'imaps': { - 'name': 'IMAPS', - 'ip_protocol': 'tcp', - 'from_port': '993', - 'to_port': '993', - }, - 'pop3s': { - 'name': 'POP3S', - 'ip_protocol': 'tcp', - 'from_port': '995', - 'to_port': '995', - }, - 'ms_sql': { - 'name': 'MS SQL', - 'ip_protocol': 'tcp', - 'from_port': '1433', - 'to_port': '1433', - }, - 'mysql': { - 'name': 'MYSQL', - 'ip_protocol': 'tcp', - 'from_port': '3306', - 'to_port': '3306', - }, - 'rdp': { - 'name': 'RDP', - 'ip_protocol': 'tcp', - 'from_port': '3389', - 'to_port': '3389', - }, -} - -SESSION_TIMEOUT = <%= @session_timeout %> - -# The Ubuntu package includes pre-compressed JS and compiled CSS to allow -# offline compression by default. To enable online compression, install -# the python-lesscpy package and disable the following option. -COMPRESS_OFFLINE = <%= @compress_offline.to_s.capitalize %> - -# For Glance image upload, Horizon uses the file upload support from Django -# so we add this option to change the directory where uploaded files are temporarily -# stored until they are loaded into Glance. -FILE_UPLOAD_TEMP_DIR = '<%= @file_upload_temp_dir %>' - -<% if @tuskar_ui %> -IRONIC_DISCOVERD_URL = "<%= @tuskar_ui_ironic_discoverd_url %>" -UNDERCLOUD_ADMIN_PASSWORD = "<%= @tuskar_ui_undercloud_admin_password %>" -DEPLOYMENT_MODE = "<%= @tuskar_ui_deployment_mode %>" -<% end %> - -# The default date range in the Overview panel meters - either minus N -# days (if the value is integer N), or from the beginning of the current month -# until today (if set to None). This setting should be used to limit the amount -# of data fetched by default when rendering the Overview panel. -# OVERVIEW_DAYS_RANGE = None -<% if @overview_days_range %> -OVERVIEW_DAYS_RANGE = <%= @overview_days_range %> -<% end %> - -# Deprecation Notice: -# -# The setting FLAVOR_EXTRA_KEYS has been deprecated. -# Please load extra spec metadata into the Glance Metadata Definition Catalog. -# -# The sample quota definitions can be found in: -# /etc/metadefs/compute-quota.json -# -# The metadata definition catalog supports CLI and API: -# $glance --os-image-api-version 2 help md-namespace-import -# $glance-manage db_load_metadefs -# -# See Metadata Definitions on: http://docs.openstack.org/developer/glance/ - -# TODO: (david-lyle) remove when plugins support settings natively -# Note: This is only used when the Sahara plugin is configured and enabled -# for use in Horizon. -# Indicate to the Sahara data processing service whether or not -# automatic floating IP allocation is in effect. If it is not -# in effect, the user will be prompted to choose a floating IP -# pool for use in their cluster. False by default. You would want -# to set this to True if you were running Nova Networking with -# auto_assign_floating_ip = True. -#SAHARA_AUTO_IP_ALLOCATION_ENABLED = False - -# The hash algorithm to use for authentication tokens. This must -# match the hash algorithm that the identity server and the -# auth_token middleware are using. Allowed values are the -# algorithms supported by Python's hashlib library. -#OPENSTACK_TOKEN_HASH_ALGORITHM = 'md5' - -# Hashing tokens from Keystone keeps the Horizon session data smaller, but it -# doesn't work in some cases when using PKI tokens. Uncomment this value and -# set it to False if using PKI tokens and there are 401 errors due to token -# hashing. -#OPENSTACK_TOKEN_HASH_ENABLED = True - -# AngularJS requires some settings to be made available to -# the client side. Some settings are required by in-tree / built-in horizon -# features. These settings must be added to REST_API_REQUIRED_SETTINGS in the -# form of ['SETTING_1','SETTING_2'], etc. -# -# You may remove settings from this list for security purposes, but do so at -# the risk of breaking a built-in horizon feature. These settings are required -# for horizon to function properly. Only remove them if you know what you -# are doing. These settings may in the future be moved to be defined within -# the enabled panel configuration. -# You should not add settings to this list for out of tree extensions. -# See: https://wiki.openstack.org/wiki/Horizon/RESTAPI -REST_API_REQUIRED_SETTINGS = ['OPENSTACK_HYPERVISOR_FEATURES'] - -# Additional settings can be made available to the client side for -# extensibility by specifying them in REST_API_ADDITIONAL_SETTINGS -# !! Please use extreme caution as the settings are transferred via HTTP/S -# and are not encrypted on the browser. This is an experimental API and -# may be deprecated in the future without notice. -#REST_API_ADDITIONAL_SETTINGS = [] - -# DISALLOW_IFRAME_EMBED can be used to prevent Horizon from being embedded -# within an iframe. Legacy browsers are still vulnerable to a Cross-Frame -# Scripting (XFS) vulnerability, so this option allows extra security hardening -# where iframes are not used in deployment. Default setting is True. -# For more information see: -# http://tinyurl.com/anticlickjack -#DISALLOW_IFRAME_EMBED = True diff --git a/horizon/test-requirements.txt b/horizon/test-requirements.txt deleted file mode 100644 index bedd66690..000000000 --- a/horizon/test-requirements.txt +++ /dev/null @@ -1,4 +0,0 @@ -# this is required for the docs build jobs -sphinx!=1.2.0,!=1.3b1,<1.3,>=1.1.2 -oslosphinx>=2.5.0 # Apache-2.0 -reno>=0.1.1 # Apache-2.0 diff --git a/horizon/tox.ini b/horizon/tox.ini deleted file mode 100644 index aea06c84f..000000000 --- a/horizon/tox.ini +++ /dev/null @@ -1,8 +0,0 @@ -[tox] -minversion = 1.6 -skipsdist = True -envlist = releasenotes - -[testenv:releasenotes] -deps = -rtest-requirements.txt -commands = sphinx-build -a -E -W -d releasenotes/build/doctrees -b html releasenotes/source releasenotes/build/html diff --git a/inifile/.fixtures.yml b/inifile/.fixtures.yml deleted file mode 100644 index 2d1290cf3..000000000 --- a/inifile/.fixtures.yml +++ /dev/null @@ -1,7 +0,0 @@ -fixtures: - repositories: - stdlib: - repo: 'git://github.com/puppetlabs/puppetlabs-stdlib.git' - ref: '4.2.0' - symlinks: - inifile: "#{source_dir}" diff --git a/inifile/.gitattributes b/inifile/.gitattributes deleted file mode 100644 index 900ea0cbb..000000000 --- a/inifile/.gitattributes +++ /dev/null @@ -1,5 +0,0 @@ -#This file is generated by ModuleSync, do not edit. -*.rb eol=lf -*.erb eol=lf -*.pp eol=lf -*.sh eol=lf diff --git a/inifile/.gitignore b/inifile/.gitignore deleted file mode 100644 index dd126f2fb..000000000 --- a/inifile/.gitignore +++ /dev/null @@ -1,11 +0,0 @@ -#This file is generated by ModuleSync, do not edit. -pkg/ -Gemfile.lock -vendor/ -spec/fixtures/ -.vagrant/ -.bundle/ -coverage/ -log/ -.idea/ -*.iml diff --git a/inifile/.rspec b/inifile/.rspec deleted file mode 100644 index 16f9cdb01..000000000 --- a/inifile/.rspec +++ /dev/null @@ -1,2 +0,0 @@ ---color ---format documentation diff --git a/inifile/.travis.yml b/inifile/.travis.yml deleted file mode 100644 index 588fb5b00..000000000 --- a/inifile/.travis.yml +++ /dev/null @@ -1,20 +0,0 @@ -#This file is generated by ModuleSync, do not edit. ---- -sudo: false -language: ruby -cache: bundler -bundler_args: --without system_tests -script: "bundle exec rake validate lint spec" -matrix: - fast_finish: true - include: - - rvm: 2.1.6 - env: PUPPET_GEM_VERSION="~> 4.0" STRICT_VARIABLES="yes" - - rvm: 2.1.5 - env: PUPPET_GEM_VERSION="~> 3.0" FUTURE_PARSER="yes" - - rvm: 2.1.5 - env: PUPPET_GEM_VERSION="~> 3.0" - - rvm: 1.9.3 - env: PUPPET_GEM_VERSION="~> 3.0" -notifications: - email: false diff --git a/inifile/CHANGELOG.md b/inifile/CHANGELOG.md deleted file mode 100644 index 14aa79175..000000000 --- a/inifile/CHANGELOG.md +++ /dev/null @@ -1,241 +0,0 @@ -## Supported Release 1.4.3 -###Summary - -Small release for support of newer PE versions. This increments the version of PE in the metadata.json file. - -## 2015-09-01 - Supported Release 1.4.2 -### Summary -This release adds some bugfixes. - -####Bugfixes -- MODULES-2212 Add use_exact_match parameter for subsettings -- MODULES-1908 Munge the setting to ensure we always strip the whitespace -- MODULES-2369 Support a space as a key_val_separator - -## 2015-07-15 - Supported Release 1.4.1 -### Summary -This release bumps the metadata for PE up. - -##2015-07-07 - Supported Releases 1.4.0 -###Summary - -This is primarily a release which includes acceptance tests updates, but also includes some minor bug fixes and improvements - -####Features -- Solaris 12 Support -- Acceptance testing improvements - -####Bugfixes -- MODULES-1599 Match only on space and tab whitespace after k/v separator - -##2015-06-09 - Supported Releases 1.3.0 -###Summary - -This is primarily a feature release, but also includes test fixes, documentation updates and synchronization of files with modulesync. - -####Features -- Synchronized files using modulesync -- Improved documentation -- Allow changing key value separator beyond indentation -- Adding the ability to change regex match for $section in inifile - -####Bugfixes -- pin beaker-rspec for windows testing -- pin rspec gems for testing -- Adds default values for section -- Fixed names containing spaces - -##2014-11-11 - Supported Releases 1.2.0 -###Summary - -This is primarily a bugfix release, but also includes documentation updates and synchronization of files with modulesync. - -####Features -- Synchronized files using modulesync -- Improved documentation with a warning about old, manually installed inifile with PE3.3+ - -####Bugfixes -- Fix issue where single character settings were not being saved - -##2014-09-30 - Supported Releases 1.1.4 -###Summary - -This release includes documentation and test updates. - -##2014-07-15 - Supported Release 1.1.3 -###Summary - -This release merely updates metadata.json so the module can be uninstalled and -upgraded via the puppet module command. - -##2014-07-10 - Supported Release 1.1.2 -###Summary - -This is a re-packaging release. - -##2014-07-07 - Release 1.1.1 -###Summary - -This supported bugfix release corrects the inifile section header detection -regex (so you can use more characters in your section titles). - -####Bugfixes -- Correct section regex to allow anything other than ] -- Correct `exists?` to return a boolean -- Lots of test updates -- Add missing CONTRIBUTING.md - -##2014-06-04 - Release 1.1.0 -###Summary - -This is a compatibility and feature release. This release adds one new -feature, the ability to control the quote character used. This allows you to -do things like: - -``` -ini_subsetting { '-Xms': - ensure => present, - path => '/some/config/file', - section => '', - setting => 'JAVA_ARGS', - quote_char => '"', - subsetting => '-Xms' - value => '256m', - } -``` - -Which builds: - -``` -JAVA_ARGS="-Xmx256m -Xms256m" -``` - -####Features -- Add quote_char parameter to the ini_subsetting resource type - -####Bugfixes - -####Known Bugs -* No known bugs - -##2014-03-04 - Supported Release 1.0.3 -###Summary - -This is a supported release. It has only test changes. - -####Features - -####Bugfixes - -####Known Bugs -* No known bugs - - -##2014-02-26 - Version 1.0.2 -###Summary -This release adds supported platforms to metadata.json and contains spec fixes - - -##2014-02-12 - Version 1.0.1 -###Summary -This release is a bugfix for handling whitespace/[]'s better, and adding a -bunch of tests. - -####Bugfixes -- Handle whitespace in sections -- Handle square brances in values -- Add metadata.json -- Update some travis testing -- Tons of beaker-rspec tests - - -##2013-07-16 - Version 1.0.0 -####Features -- Handle empty values. -- Handle whitespace in settings names (aka: server role = something) -- Add mechanism for allowing ini_setting subclasses to override the -formation of the namevar during .instances, to allow for ini_setting -derived types that manage flat ini-file-like files and still purge -them. - ---- -##2013-05-28 - Chris Price - 0.10.3 - * Fix bug in subsetting handling for new settings (cbea5dc) - -##2013-05-22 - Chris Price - 0.10.2 - * Better handling of quotes for subsettings (1aa7e60) - -##2013-05-21 - Chris Price - 0.10.1 - * Change constants to class variables to avoid ruby warnings (6b19864) - -##2013-04-10 - Erik Dalén - 0.10.1 - * Style fixes (c4af8c3) - -##2013-04-02 - Dan Bode - 0.10.1 - * Add travisfile and Gemfile (c2052b3) - -##2013-04-02 - Chris Price - 0.10.1 - * Update README.markdown (ad38a08) - -##2013-02-15 - Karel Brezina - 0.10.0 - * Added 'ini_subsetting' custom resource type (4351d8b) - -##2013-03-11 - Dan Bode - 0.10.0 - * guard against nil indentation values (5f71d7f) - -##2013-01-07 - Dan Bode - 0.10.0 - * Add purging support to ini file (2f22483) - -##2013-02-05 - James Sweeny - 0.10.0 - * Fix test to use correct key_val_parameter (b1aff63) - -##2012-11-06 - Chris Price - 0.10.0 - * Added license file w/Apache 2.0 license (5e1d203) - -##2012-11-02 - Chris Price - 0.9.0 - * Version 0.9.0 released - -##2012-10-26 - Chris Price - 0.9.0 - * Add detection for commented versions of settings (a45ab65) - -##2012-10-20 - Chris Price - 0.9.0 - * Refactor to clarify implementation of `save` (f0d443f) - -##2012-10-20 - Chris Price - 0.9.0 - * Add example for `ensure=absent` (e517148) - -##2012-10-20 - Chris Price - 0.9.0 - * Better handling of whitespace lines at ends of sections (845fa70) - -##2012-10-20 - Chris Price - 0.9.0 - * Respect indentation / spacing for existing sections and settings (c2c26de) - -##2012-10-17 - Chris Price - 0.9.0 - * Minor tweaks to handling of removing settings (cda30a6) - -##2012-10-10 - Dan Bode - 0.9.0 - * Add support for removing lines (1106d70) - -##2012-10-02 - Dan Bode - 0.9.0 - * Make value a property (cbc90d3) - -##2012-10-02 - Dan Bode - 0.9.0 - * Make ruby provider a better parent. (1564c47) - -##2012-09-29 - Reid Vandewiele - 0.9.0 - * Allow values with spaces to be parsed and set (3829e20) - -##2012-09-24 - Chris Price - 0.0.3 - * Version 0.0.3 released - -##2012-09-20 - Chris Price - 0.0.3 - * Add validation for key_val_separator (e527908) - -##2012-09-19 - Chris Price - 0.0.3 - * Allow overriding separator string between key/val pairs (8d1fdc5) - -##2012-08-20 - Chris Price - 0.0.2 - * Version 0.0.2 released - -##2012-08-17 - Chris Price - 0.0.2 - * Add support for "global" section at beginning of file (c57dab4) diff --git a/inifile/CONTRIBUTING.md b/inifile/CONTRIBUTING.md deleted file mode 100644 index bfeaa701c..000000000 --- a/inifile/CONTRIBUTING.md +++ /dev/null @@ -1,220 +0,0 @@ -Checklist (and a short version for the impatient) -================================================= - - * Commits: - - - Make commits of logical units. - - - Check for unnecessary whitespace with "git diff --check" before - committing. - - - Commit using Unix line endings (check the settings around "crlf" in - git-config(1)). - - - Do not check in commented out code or unneeded files. - - - The first line of the commit message should be a short - description (50 characters is the soft limit, excluding ticket - number(s)), and should skip the full stop. - - - Associate the issue in the message. The first line should include - the issue number in the form "(#XXXX) Rest of message". - - - The body should provide a meaningful commit message, which: - - - uses the imperative, present tense: "change", not "changed" or - "changes". - - - includes motivation for the change, and contrasts its - implementation with the previous behavior. - - - Make sure that you have tests for the bug you are fixing, or - feature you are adding. - - - Make sure the test suites passes after your commit: - `bundle exec rspec spec/acceptance` More information on [testing](#Testing) below - - - When introducing a new feature, make sure it is properly - documented in the README.md - - * Submission: - - * Pre-requisites: - - - Make sure you have a [GitHub account](https://github.com/join) - - - [Create a ticket](https://tickets.puppetlabs.com/secure/CreateIssue!default.jspa), or [watch the ticket](https://tickets.puppetlabs.com/browse/) you are patching for. - - * Preferred method: - - - Fork the repository on GitHub. - - - Push your changes to a topic branch in your fork of the - repository. (the format ticket/1234-short_description_of_change is - usually preferred for this project). - - - Submit a pull request to the repository in the puppetlabs - organization. - -The long version -================ - - 1. Make separate commits for logically separate changes. - - Please break your commits down into logically consistent units - which include new or changed tests relevant to the rest of the - change. The goal of doing this is to make the diff easier to - read for whoever is reviewing your code. In general, the easier - your diff is to read, the more likely someone will be happy to - review it and get it into the code base. - - If you are going to refactor a piece of code, please do so as a - separate commit from your feature or bug fix changes. - - We also really appreciate changes that include tests to make - sure the bug is not re-introduced, and that the feature is not - accidentally broken. - - Describe the technical detail of the change(s). If your - description starts to get too long, that is a good sign that you - probably need to split up your commit into more finely grained - pieces. - - Commits which plainly describe the things which help - reviewers check the patch and future developers understand the - code are much more likely to be merged in with a minimum of - bike-shedding or requested changes. Ideally, the commit message - would include information, and be in a form suitable for - inclusion in the release notes for the version of Puppet that - includes them. - - Please also check that you are not introducing any trailing - whitespace or other "whitespace errors". You can do this by - running "git diff --check" on your changes before you commit. - - 2. Sending your patches - - To submit your changes via a GitHub pull request, we _highly_ - recommend that you have them on a topic branch, instead of - directly on "master". - It makes things much easier to keep track of, especially if - you decide to work on another thing before your first change - is merged in. - - GitHub has some pretty good - [general documentation](http://help.github.com/) on using - their site. They also have documentation on - [creating pull requests](http://help.github.com/send-pull-requests/). - - In general, after pushing your topic branch up to your - repository on GitHub, you can switch to the branch in the - GitHub UI and click "Pull Request" towards the top of the page - in order to open a pull request. - - - 3. Update the related GitHub issue. - - If there is a GitHub issue associated with the change you - submitted, then you should update the ticket to include the - location of your branch, along with any other commentary you - may wish to make. - -Testing -======= - -Getting Started ---------------- - -Our puppet modules provide [`Gemfile`](./Gemfile)s which can tell a ruby -package manager such as [bundler](http://bundler.io/) what Ruby packages, -or Gems, are required to build, develop, and test this software. - -Please make sure you have [bundler installed](http://bundler.io/#getting-started) -on your system, then use it to install all dependencies needed for this project, -by running - -```shell -% bundle install -Fetching gem metadata from https://rubygems.org/........ -Fetching gem metadata from https://rubygems.org/.. -Using rake (10.1.0) -Using builder (3.2.2) --- 8><-- many more --><8 -- -Using rspec-system-puppet (2.2.0) -Using serverspec (0.6.3) -Using rspec-system-serverspec (1.0.0) -Using bundler (1.3.5) -Your bundle is complete! -Use `bundle show [gemname]` to see where a bundled gem is installed. -``` - -NOTE some systems may require you to run this command with sudo. - -If you already have those gems installed, make sure they are up-to-date: - -```shell -% bundle update -``` - -With all dependencies in place and up-to-date we can now run the tests: - -```shell -% bundle exec rake spec -``` - -This will execute all the [rspec tests](http://rspec-puppet.com/) tests -under [spec/defines](./spec/defines), [spec/classes](./spec/classes), -and so on. rspec tests may have the same kind of dependencies as the -module they are testing. While the module defines in its [Modulefile](./Modulefile), -rspec tests define them in [.fixtures.yml](./fixtures.yml). - -Some puppet modules also come with [beaker](https://github.com/puppetlabs/beaker) -tests. These tests spin up a virtual machine under -[VirtualBox](https://www.virtualbox.org/)) with, controlling it with -[Vagrant](http://www.vagrantup.com/) to actually simulate scripted test -scenarios. In order to run these, you will need both of those tools -installed on your system. - -You can run them by issuing the following command - -```shell -% bundle exec rake spec_clean -% bundle exec rspec spec/acceptance -``` - -This will now download a pre-fabricated image configured in the [default node-set](./spec/acceptance/nodesets/default.yml), -install puppet, copy this module and install its dependencies per [spec/spec_helper_acceptance.rb](./spec/spec_helper_acceptance.rb) -and then run all the tests under [spec/acceptance](./spec/acceptance). - -Writing Tests -------------- - -XXX getting started writing tests. - -If you have commit access to the repository -=========================================== - -Even if you have commit access to the repository, you will still need to -go through the process above, and have someone else review and merge -in your changes. The rule is that all changes must be reviewed by a -developer on the project (that did not write the code) to ensure that -all changes go through a code review process. - -Having someone other than the author of the topic branch recorded as -performing the merge is the record that they performed the code -review. - - -Additional Resources -==================== - -* [Getting additional help](http://puppetlabs.com/community/get-help) - -* [Writing tests](http://projects.puppetlabs.com/projects/puppet/wiki/Development_Writing_Tests) - -* [Patchwork](https://patchwork.puppetlabs.com) - -* [General GitHub documentation](http://help.github.com/) - -* [GitHub pull request documentation](http://help.github.com/send-pull-requests/) - diff --git a/inifile/Gemfile b/inifile/Gemfile deleted file mode 100644 index e490bc9b9..000000000 --- a/inifile/Gemfile +++ /dev/null @@ -1,39 +0,0 @@ -#This file is generated by ModuleSync, do not edit. - -source ENV['GEM_SOURCE'] || "https://rubygems.org" - -def location_for(place, version = nil) - if place =~ /^(git[:@][^#]*)#(.*)/ - [version, { :git => $1, :branch => $2, :require => false}].compact - elsif place =~ /^file:\/\/(.*)/ - ['>= 0', { :path => File.expand_path($1), :require => false}] - else - [place, version, { :require => false}].compact - end -end - -group :development, :unit_tests do - gem 'json', :require => false - gem 'metadata-json-lint', :require => false - gem 'puppet_facts', :require => false - gem 'puppet-blacksmith', :require => false - gem 'puppetlabs_spec_helper', :require => false - gem 'rspec-puppet', '>= 2.3.2', :require => false - gem 'simplecov', :require => false -end -group :system_tests do - gem 'beaker-rspec', *location_for(ENV['BEAKER_RSPEC_VERSION'] || '>= 3.4') - gem 'beaker', *location_for(ENV['BEAKER_VERSION']) - gem 'serverspec', :require => false - gem 'beaker-puppet_install_helper', :require => false - gem 'master_manipulator', :require => false - gem 'beaker-hostgenerator', *location_for(ENV['BEAKER_HOSTGENERATOR_VERSION']) -end - -gem 'facter', *location_for(ENV['FACTER_GEM_VERSION']) -gem 'puppet', *location_for(ENV['PUPPET_GEM_VERSION']) - - -if File.exists? "#{__FILE__}.local" - eval(File.read("#{__FILE__}.local"), binding) -end diff --git a/inifile/LICENSE b/inifile/LICENSE deleted file mode 100644 index d64569567..000000000 --- a/inifile/LICENSE +++ /dev/null @@ -1,202 +0,0 @@ - - Apache License - Version 2.0, January 2004 - http://www.apache.org/licenses/ - - TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION - - 1. Definitions. - - "License" shall mean the terms and conditions for use, reproduction, - and distribution as defined by Sections 1 through 9 of this document. - - "Licensor" shall mean the copyright owner or entity authorized by - the copyright owner that is granting the License. - - "Legal Entity" shall mean the union of the acting entity and all - other entities that control, are controlled by, or are under common - control with that entity. For the purposes of this definition, - "control" means (i) the power, direct or indirect, to cause the - direction or management of such entity, whether by contract or - otherwise, or (ii) ownership of fifty percent (50%) or more of the - outstanding shares, or (iii) beneficial ownership of such entity. - - "You" (or "Your") shall mean an individual or Legal Entity - exercising permissions granted by this License. - - "Source" form shall mean the preferred form for making modifications, - including but not limited to software source code, documentation - source, and configuration files. - - "Object" form shall mean any form resulting from mechanical - transformation or translation of a Source form, including but - not limited to compiled object code, generated documentation, - and conversions to other media types. - - "Work" shall mean the work of authorship, whether in Source or - Object form, made available under the License, as indicated by a - copyright notice that is included in or attached to the work - (an example is provided in the Appendix below). - - "Derivative Works" shall mean any work, whether in Source or Object - form, that is based on (or derived from) the Work and for which the - editorial revisions, annotations, elaborations, or other modifications - represent, as a whole, an original work of authorship. For the purposes - of this License, Derivative Works shall not include works that remain - separable from, or merely link (or bind by name) to the interfaces of, - the Work and Derivative Works thereof. - - "Contribution" shall mean any work of authorship, including - the original version of the Work and any modifications or additions - to that Work or Derivative Works thereof, that is intentionally - submitted to Licensor for inclusion in the Work by the copyright owner - or by an individual or Legal Entity authorized to submit on behalf of - the copyright owner. For the purposes of this definition, "submitted" - means any form of electronic, verbal, or written communication sent - to the Licensor or its representatives, including but not limited to - communication on electronic mailing lists, source code control systems, - and issue tracking systems that are managed by, or on behalf of, the - Licensor for the purpose of discussing and improving the Work, but - excluding communication that is conspicuously marked or otherwise - designated in writing by the copyright owner as "Not a Contribution." - - "Contributor" shall mean Licensor and any individual or Legal Entity - on behalf of whom a Contribution has been received by Licensor and - subsequently incorporated within the Work. - - 2. Grant of Copyright License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - copyright license to reproduce, prepare Derivative Works of, - publicly display, publicly perform, sublicense, and distribute the - Work and such Derivative Works in Source or Object form. - - 3. Grant of Patent License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - (except as stated in this section) patent license to make, have made, - use, offer to sell, sell, import, and otherwise transfer the Work, - where such license applies only to those patent claims licensable - by such Contributor that are necessarily infringed by their - Contribution(s) alone or by combination of their Contribution(s) - with the Work to which such Contribution(s) was submitted. If You - institute patent litigation against any entity (including a - cross-claim or counterclaim in a lawsuit) alleging that the Work - or a Contribution incorporated within the Work constitutes direct - or contributory patent infringement, then any patent licenses - granted to You under this License for that Work shall terminate - as of the date such litigation is filed. - - 4. Redistribution. You may reproduce and distribute copies of the - Work or Derivative Works thereof in any medium, with or without - modifications, and in Source or Object form, provided that You - meet the following conditions: - - (a) You must give any other recipients of the Work or - Derivative Works a copy of this License; and - - (b) You must cause any modified files to carry prominent notices - stating that You changed the files; and - - (c) You must retain, in the Source form of any Derivative Works - that You distribute, all copyright, patent, trademark, and - attribution notices from the Source form of the Work, - excluding those notices that do not pertain to any part of - the Derivative Works; and - - (d) If the Work includes a "NOTICE" text file as part of its - distribution, then any Derivative Works that You distribute must - include a readable copy of the attribution notices contained - within such NOTICE file, excluding those notices that do not - pertain to any part of the Derivative Works, in at least one - of the following places: within a NOTICE text file distributed - as part of the Derivative Works; within the Source form or - documentation, if provided along with the Derivative Works; or, - within a display generated by the Derivative Works, if and - wherever such third-party notices normally appear. The contents - of the NOTICE file are for informational purposes only and - do not modify the License. You may add Your own attribution - notices within Derivative Works that You distribute, alongside - or as an addendum to the NOTICE text from the Work, provided - that such additional attribution notices cannot be construed - as modifying the License. - - You may add Your own copyright statement to Your modifications and - may provide additional or different license terms and conditions - for use, reproduction, or distribution of Your modifications, or - for any such Derivative Works as a whole, provided Your use, - reproduction, and distribution of the Work otherwise complies with - the conditions stated in this License. - - 5. Submission of Contributions. Unless You explicitly state otherwise, - any Contribution intentionally submitted for inclusion in the Work - by You to the Licensor shall be under the terms and conditions of - this License, without any additional terms or conditions. - Notwithstanding the above, nothing herein shall supersede or modify - the terms of any separate license agreement you may have executed - with Licensor regarding such Contributions. - - 6. Trademarks. This License does not grant permission to use the trade - names, trademarks, service marks, or product names of the Licensor, - except as required for reasonable and customary use in describing the - origin of the Work and reproducing the content of the NOTICE file. - - 7. Disclaimer of Warranty. Unless required by applicable law or - agreed to in writing, Licensor provides the Work (and each - Contributor provides its Contributions) on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or - implied, including, without limitation, any warranties or conditions - of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A - PARTICULAR PURPOSE. You are solely responsible for determining the - appropriateness of using or redistributing the Work and assume any - risks associated with Your exercise of permissions under this License. - - 8. Limitation of Liability. In no event and under no legal theory, - whether in tort (including negligence), contract, or otherwise, - unless required by applicable law (such as deliberate and grossly - negligent acts) or agreed to in writing, shall any Contributor be - liable to You for damages, including any direct, indirect, special, - incidental, or consequential damages of any character arising as a - result of this License or out of the use or inability to use the - Work (including but not limited to damages for loss of goodwill, - work stoppage, computer failure or malfunction, or any and all - other commercial damages or losses), even if such Contributor - has been advised of the possibility of such damages. - - 9. Accepting Warranty or Additional Liability. While redistributing - the Work or Derivative Works thereof, You may choose to offer, - and charge a fee for, acceptance of support, warranty, indemnity, - or other liability obligations and/or rights consistent with this - License. However, in accepting such obligations, You may act only - on Your own behalf and on Your sole responsibility, not on behalf - of any other Contributor, and only if You agree to indemnify, - defend, and hold each Contributor harmless for any liability - incurred by, or claims asserted against, such Contributor by reason - of your accepting any such warranty or additional liability. - - END OF TERMS AND CONDITIONS - - APPENDIX: How to apply the Apache License to your work. - - To apply the Apache License to your work, attach the following - boilerplate notice, with the fields enclosed by brackets "[]" - replaced with your own identifying information. (Don't include - the brackets!) The text should be enclosed in the appropriate - comment syntax for the file format. We also recommend that a - file or class name and description of purpose be included on the - same "printed page" as the copyright notice for easier - identification within third-party archives. - - Copyright [yyyy] [name of copyright owner] - - Licensed under the Apache License, Version 2.0 (the "License"); - you may not use this file except in compliance with the License. - You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - - Unless required by applicable law or agreed to in writing, software - distributed under the License is distributed on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - See the License for the specific language governing permissions and - limitations under the License. diff --git a/inifile/NOTICE b/inifile/NOTICE deleted file mode 100644 index bb6ff91e6..000000000 --- a/inifile/NOTICE +++ /dev/null @@ -1,19 +0,0 @@ -inifile puppet module - -Copyright (C) 2012-2016 Puppet Labs, Inc. -Copyright (C) 2012 Chris Price - -Puppet Labs can be contacted at: info@puppetlabs.com - - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. diff --git a/inifile/README.markdown b/inifile/README.markdown deleted file mode 100644 index dcc95237f..000000000 --- a/inifile/README.markdown +++ /dev/null @@ -1,435 +0,0 @@ -#inifile - -[![Build Status](https://travis-ci.org/puppetlabs/puppetlabs-inifile.png?branch=master)](https://travis-ci.org/puppetlabs/puppetlabs-inifile) - -####Table of Contents - -1. [Overview](#overview) -2. [Module Description - What the module does and why it is useful](#module-description) -3. [Setup - The basics of getting started with inifile module](#setup) - * [Beginning with inifile](#beginning-with-inifile) -4. [Usage - Configuration options and additional functionality](#usage) -5. [Reference - An under-the-hood peek at what the module is doing and how](#reference) -5. [Limitations - OS compatibility, etc.](#limitations) -6. [Development - Guide for contributing to the module](#development) - -##Overview - -The inifile module lets Puppet manage settings stored in INI-style configuration files. - -##Module Description - -Many applications use INI-style configuration files to store their settings. This module supplies two custom resource types to let you manage those settings through Puppet. - -##Setup - -###Beginning with inifile - -To manage a single setting in an INI file, add the `ini_setting` type to a class: - -~~~puppet -ini_setting { "sample setting": - ensure => present, - path => '/tmp/foo.ini', - section => 'bar', - setting => 'baz', - value => 'quux', -} -~~~ - -##Usage - - -The inifile module tries hard not to manipulate your file any more than it needs to. In most cases, it doesn't affect the original whitespace, comments, ordering, etc. - - * Supports comments starting with either '#' or ';'. - * Supports either whitespace or no whitespace around '='. - * Adds any missing sections to the INI file. - -###Manage multiple values in a setting - -Use the `ini_subsetting` type: - -~~~puppet -ini_subsetting {'sample subsetting': - ensure => present, - section => '', - key_val_separator => '=', - path => '/etc/default/pe-puppetdb', - setting => 'JAVA_ARGS', - subsetting => '-Xmx', - value => '512m', -} -~~~ - -Results in managing this `-Xmx` subsetting: - -~~~puppet -JAVA_ARGS="-Xmx512m -XX:+HeapDumpOnOutOfMemoryError -XX:HeapDumpPath=/var/log/pe-puppetdb/puppetdb-oom.hprof" -~~~ - - -###Use a non-standard section header - -~~~puppet -ini_setting { 'default minage': - ensure => present, - path => '/etc/security/users', - section => 'default', - setting => 'minage', - value => '1', - section_prefix => '', - section_suffix => ':', -} -~~~ - -Results in: - -~~~puppet -default: - minage = 1 -~~~ - -###Implement child providers - -You might want to create child providers that inherit the `ini_setting` provider, for one or both of these purposes: - - * Make a custom resource to manage an application that stores its settings in INI files, without recreating the code to manage the files themselves. - - * [Purge all unmanaged settings](https://docs.puppetlabs.com/references/latest/type.html#resources-attribute-purge) from a managed INI file. - -To implement child providers, first specify a custom type. Have it implement a namevar called `name` and a property called `value`: - -~~~ruby -#my_module/lib/puppet/type/glance_api_config.rb -Puppet::Type.newtype(:glance_api_config) do - ensurable - newparam(:name, :namevar => true) do - desc 'Section/setting name to manage from glance-api.conf' - # namevar should be of the form section/setting - newvalues(/\S+\/\S+/) - end - newproperty(:value) do - desc 'The value of the setting to define' - munge do |v| - v.to_s.strip - end - end -end -~~~ - -Your type also needs a provider that uses the `ini_setting` provider as its parent: - -~~~ruby -# my_module/lib/puppet/provider/glance_api_config/ini_setting.rb -Puppet::Type.type(:glance_api_config).provide( - :ini_setting, - # set ini_setting as the parent provider - :parent => Puppet::Type.type(:ini_setting).provider(:ruby) -) do - # implement section as the first part of the namevar - def section - resource[:name].split('/', 2).first - end - def setting - # implement setting as the second part of the namevar - resource[:name].split('/', 2).last - end - # hard code the file path (this allows purging) - def self.file_path - '/etc/glance/glance-api.conf' - end -end -~~~ - -Now the settings in /etc/glance/glance-api.conf file can be managed as individual resources: - -~~~puppet -glance_api_config { 'HEADER/important_config': - value => 'secret_value', -} -~~~ - -If you've implemented self.file_path, you can have Puppet purge the file of all lines that aren't implemented as Puppet resources: - -~~~puppet -resources { 'glance_api_config' - purge => true, -} -~~~ - -### Manage multiple ini_settings - -To manage multiple ini_settings, use the [`create_ini_settings`](#function-create_ini_settings) function. - -~~~puppet -$defaults = { 'path' => '/tmp/foo.ini' } -$example = { 'section1' => { 'setting1' => 'value1' } } -create_ini_settings($example, $defaults) -~~~ - -results in: - -~~~puppet -ini_setting { '[section1] setting1': - ensure => present, - section => 'section1', - setting => 'setting1', - value => 'value1', - path => '/tmp/foo.ini', -} -~~~ - -To include special parameters, the following code: - -~~~puppet -$defaults = { 'path' => '/tmp/foo.ini' } -$example = { - 'section1' => { - 'setting1' => 'value1', - 'settings2' => { - 'ensure' => 'absent' - } - } -} -create_ini_settings($example, $defaults) -~~~ - -results in: - -~~~puppet -ini_setting { '[section1] setting1': - ensure => present, - section => 'section1', - setting => 'setting1', - value => 'value1', - path => '/tmp/foo.ini', -} -ini_setting { '[section1] setting2': - ensure => absent, - section => 'section1', - setting => 'setting2', - path => '/tmp/foo.ini', -} -~~~ - -#### Manage multiple ini_settings with Hiera - -This example requires Puppet 3.x/4.x, as it uses automatic retrieval of Hiera data for class parameters and `puppetlabs/stdlib`. - -For the profile `example`: - -~~~puppet -class profile::example ( - $settings, -) { - validate_hash($settings) - $defaults = { 'path' => '/tmp/foo.ini' } - create_ini_settings($settings, $defaults) -} -~~~ - -Provide this in your Hiera data: - -~~~puppet -profile::example::settings: - section1: - setting1: value1 - setting2: value2 - setting3: - ensure: absent -~~~ - -Results in: - -~~~puppet -ini_setting { '[section1] setting1': - ensure => present, - section => 'section1', - setting => 'setting1', - value => 'value1', - path => '/tmp/foo.ini', -} -ini_setting { '[section1] setting2': - ensure => present, - section => 'section1', - setting => 'setting2', - value => 'value2', - path => '/tmp/foo.ini', -} -ini_setting { '[section1] setting3': - ensure => absent, - section => 'section1', - setting => 'setting3', - path => '/tmp/foo.ini', -} -~~~ - - -##Reference - -###Public Types - - * [`ini_setting`](#type-ini_setting) - - * [`ini_subsetting`](#type-ini_subsetting) - -###Public Functions - - * [`create_ini_settings`](#function-create_ini_settings) - -### Type: ini_setting - -Manages a setting within an INI file. - -#### Parameters - -##### `ensure` - -Determines whether the specified setting should exist. Valid options: 'present' and 'absent'. Default value: 'present'. - -##### `key_val_separator` - -*Optional.* Specifies a string to use between each setting name and value (e.g., to determine whether the separator includes whitespace). Valid options: a string. Default value: ' = '. - -##### `name` - -*Optional.* Specifies an arbitrary name to identify the resource. Valid options: a string. Default value: the title of your declared resource. - -##### `path` - -*Required.* Specifies an INI file containing the setting to manage. Valid options: a string containing an absolute path. - -##### `section` - -*Optional.* Designates a section of the specified INI file containing the setting to manage. To manage a global setting (at the beginning of the file, before any named sections) enter "". Defaults to "". Valid options: a string. - -##### `setting` - -*Required.* Designates a setting to manage within the specified INI file and section. Valid options: a string. - -##### `show_diff` - -*Optional.* Prevents outputting actual values to the logfile. Useful for handling of passwords and other sensitive information. Possible values are: - * `true`: This allows all values to be passed to logfiles. (default) - * `false`: The values in the logfiles will be replaced with `[redacted sensitive information]`. - * `md5`: The values in the logfiles will be replaced with their md5 hash. - -Global show_diff configuraton takes priority over this one - -[https://docs.puppetlabs.com/references/latest/configuration.html#showdiff]([https://docs.puppetlabs.com/references/latest/configuration.html#showdiff]. -). Default value: 'true'. - -##### `value` - -*Optional.* Supplies a value for the specified setting. Valid options: a string. Default value: undefined. - -##### `section_prefix` - -*Optional.* Designates the string that will appear before the section's name. Default value: "[" - -##### `section_suffix` - -*Optional.* Designates the string that will appear after the section's name. Default value: "]". - -**NOTE:** This type finds all sections in the file by looking for lines like `${section_prefix}${title}${section_suffix}`. - -### Type: ini_subsetting - -Manages multiple values within the same INI setting. - -#### Parameters - -##### `ensure` - -Specifies whether the subsetting should be present. Valid options: 'present' and 'absent'. Default value: 'present'. - -##### `key_val_separator` - -*Optional.* Specifies a string to use between setting name and value (e.g., to determine whether the separator includes whitespace). Valid options: a string. Default value: ' = '. - -##### `path` - -*Required.* Specifies an INI file containing the subsetting to manage. Valid options: a string containing an absolute path. - -##### `quote_char` - -*Optional.* The character used to quote the entire value of the setting. Valid values are '', '"', and "'". Defaults to ''. Valid options: '', '"' and "'". Default value: ''. - -##### `section` - -*Optional.* Designates a section of the specified INI file containing the setting to manage. To manage a global setting (at the beginning of the file, before any named sections) enter "". Defaults to "". Valid options: a string. - -##### `setting` - -*Required.* Designates a setting within the specified section containing the subsetting to manage. Valid options: a string. - -##### `show_diff` - -*Optional.* Prevents outputting actual values to the logfile. Useful for handling of passwords and other sensitive information. Possible values are: - * `true`: This allows all values to be passed to logfiles. (default) - * `false`: The values in the logfiles will be replaced with `[redacted sensitive information]`. - * `md5`: The values in the logfiles will be replaced with their md5 hash. - -Global show_diff configuraton takes priority over this one - -[https://docs.puppetlabs.com/references/latest/configuration.html#showdiff]([https://docs.puppetlabs.com/references/latest/configuration.html#showdiff]. -). Default value: 'true'. - -##### `subsetting` - -*Required.* Designates a subsetting to manage within the specified setting. Valid options: a string. - -##### `subsetting_separator` - -*Optional.* Specifies a string to use between subsettings. Valid options: a string. Default value: " ". - -##### `use_exact_match` - -*Optional.* Whether to use partial or exact matching for subsetting. Should be set to true if the subsettings do not have values. Valid options: true, false. Default value: false. - -##### `value` - -*Optional.* Supplies a value for the specified subsetting. Valid options: a string. Default value: undefined. - -### Function: create_ini_settings - -Manages multiple `ini_setting` resources from a hash. Note that this cannot be used with ini_subsettings. - -`create_ini_settings($settings, $defaults)` - -#### Arguments - -##### First argument: `settings` - -*Required.* Specify a hash representing the `ini_setting` resources you want to create. - -##### Second argument: `defaults` - -*Optional.* Accepts a hash to be used as the values for any attributes not defined in the first argument. - -~~~puppet -$example = { - 'section1' => { - 'setting1' => { - 'value' => 'value1', 'path' => '/tmp/foo.ini' - } - } -} -~~~ - -Default value: '{}'. - -##Limitations - -This module has been tested on [all PE-supported platforms](https://forge.puppetlabs.com/supported#compat-matrix), and no issues have been identified. Additionally, it is tested (but not supported) on Windows 7, Mac OS X 10.9, and Solaris 12. - -##Development - -Puppet Labs modules on the Puppet Forge are open projects, and community contributions are essential for keeping them great. We can't access the huge number of platforms and myriad of hardware, software, and deployment configurations that Puppet is intended to serve. - -We want to keep it as easy as possible to contribute changes so that our modules work in your environment. There are a few guidelines that we need contributors to follow so that we can have a chance of keeping on top of things. - -For more information, see our [module contribution guide.](https://docs.puppetlabs.com/forge/contributing.html) - -###Contributors - -To see who's already involved, see the [list of contributors.](https://github.com/puppetlabs/puppetlabs-inifile/graphs/contributors) diff --git a/inifile/Rakefile b/inifile/Rakefile deleted file mode 100644 index 7e9a13d5d..000000000 --- a/inifile/Rakefile +++ /dev/null @@ -1,42 +0,0 @@ -require 'puppet_blacksmith/rake_tasks' -require 'puppet-lint/tasks/puppet-lint' -require 'puppetlabs_spec_helper/rake_tasks' - -PuppetLint.configuration.fail_on_warnings = true -PuppetLint.configuration.send('relative') -PuppetLint.configuration.send('disable_80chars') -PuppetLint.configuration.send('disable_class_inherits_from_params_class') -PuppetLint.configuration.send('disable_documentation') -PuppetLint.configuration.send('disable_single_quote_string_with_variables') -PuppetLint.configuration.ignore_paths = ["spec/**/*.pp", "pkg/**/*.pp"] - -desc 'Generate pooler nodesets' -task :gen_nodeset do - require 'beaker-hostgenerator' - require 'securerandom' - require 'fileutils' - - agent_target = ENV['TEST_TARGET'] - if ! agent_target - STDERR.puts 'TEST_TARGET environment variable is not set' - STDERR.puts 'setting to default value of "redhat-64default."' - agent_target = 'redhat-64default.' - end - - master_target = ENV['MASTER_TEST_TARGET'] - if ! master_target - STDERR.puts 'MASTER_TEST_TARGET environment variable is not set' - STDERR.puts 'setting to default value of "redhat7-64mdcl"' - master_target = 'redhat7-64mdcl' - end - - targets = "#{master_target}-#{agent_target}" - cli = BeakerHostGenerator::CLI.new([targets]) - nodeset_dir = "tmp/nodesets" - nodeset = "#{nodeset_dir}/#{targets}-#{SecureRandom.uuid}.yaml" - FileUtils.mkdir_p(nodeset_dir) - File.open(nodeset, 'w') do |fh| - fh.print(cli.execute) - end - puts nodeset -end diff --git a/inifile/examples/ini_setting.pp b/inifile/examples/ini_setting.pp deleted file mode 100644 index 279cb00b6..000000000 --- a/inifile/examples/ini_setting.pp +++ /dev/null @@ -1,25 +0,0 @@ -ini_setting { 'sample setting': - ensure => present, - path => '/tmp/foo.ini', - section => 'foo', - setting => 'foosetting', - value => 'FOO!', -} - -ini_setting { 'sample setting2': - ensure => present, - path => '/tmp/foo.ini', - section => 'bar', - setting => 'barsetting', - value => 'BAR!', - key_val_separator => '=', - require => Ini_setting['sample setting'], -} - -ini_setting { 'sample setting3': - ensure => absent, - path => '/tmp/foo.ini', - section => 'bar', - setting => 'bazsetting', - require => Ini_setting['sample setting2'], -} diff --git a/inifile/examples/ini_subsetting.pp b/inifile/examples/ini_subsetting.pp deleted file mode 100644 index 0458354ac..000000000 --- a/inifile/examples/ini_subsetting.pp +++ /dev/null @@ -1,18 +0,0 @@ -ini_subsetting { 'sample subsetting': - ensure => present, - section => '', - key_val_separator => '=', - path => '/etc/default/pe-puppetdb', - setting => 'JAVA_ARGS', - subsetting => '-Xmx', - value => '512m', -} - -ini_subsetting { 'sample subsetting2': - ensure => absent, - section => '', - key_val_separator => '=', - path => '/etc/default/pe-puppetdb', - setting => 'JAVA_ARGS', - subsetting => '-Xms', -} diff --git a/inifile/lib/puppet/parser/functions/create_ini_settings.rb b/inifile/lib/puppet/parser/functions/create_ini_settings.rb deleted file mode 100644 index eb0040415..000000000 --- a/inifile/lib/puppet/parser/functions/create_ini_settings.rb +++ /dev/null @@ -1,90 +0,0 @@ -# -# create_ini_settings.rb -# - -module Puppet::Parser::Functions - newfunction(:create_ini_settings, :type => :statement, :doc => <<-EOS -Uses create_resources to create a set of ini_setting resources from a hash: - - $settings = { section1 => { - setting1 => val1 - }, - section2 => { - setting2 => val2, - setting3 => { - ensure => absent - } - } - } - $defaults = { - path => '/tmp/foo.ini' - } - create_ini_settings($settings,$defaults) - - -Will create the following resources - - ini_setting{'/tmp/foo.ini [section1] setting1': - ensure => present, - section => 'section1', - setting => 'setting1', - value => 'val1', - path => '/tmp/foo.ini', - } - ini_setting{'/tmp/foo.ini [section2] setting2': - ensure => present, - section => 'section2', - setting => 'setting2', - value => 'val2', - path => '/tmp/foo.ini', - } - ini_setting{'/tmp/foo.ini [section2] setting3': - ensure => absent, - section => 'section2', - setting => 'setting3', - path => '/tmp/foo.ini', - } - -EOS - ) do |arguments| - - raise(Puppet::ParseError, "create_ini_settings(): Wrong number of arguments " + - "given (#{arguments.size} for 1 or 2)") unless arguments.size.between?(1,2) - - settings = arguments[0] - defaults = arguments[1] || {} - - if [settings,defaults].any?{|i| !i.is_a?(Hash) } - raise(Puppet::ParseError, - 'create_ini_settings(): Requires all arguments to be a Hash') - end - - resources = settings.keys.inject({}) do |res, section| - raise(Puppet::ParseError, - "create_ini_settings(): Section #{section} must contain a Hash") \ - unless settings[section].is_a?(Hash) - - unless path = defaults.merge(settings)['path'] - raise Puppet::ParseError, 'create_ini_settings(): must pass the path parameter to the Ini_setting resource!' - end - - settings[section].each do |setting, value| - res["#{path} #{section} #{setting}"] = { - 'ensure' => 'present', - 'section' => section, - 'setting' => setting, - }.merge(if value.is_a?(Hash) - value - else - { 'value' => value, } - end) - end - res - end - - Puppet::Parser::Functions.function('create_resources') - function_create_resources(['ini_setting',resources,defaults]) - end -end - -# vim: set ts=2 sw=2 et : diff --git a/inifile/lib/puppet/provider/ini_setting/ruby.rb b/inifile/lib/puppet/provider/ini_setting/ruby.rb deleted file mode 100644 index 245554199..000000000 --- a/inifile/lib/puppet/provider/ini_setting/ruby.rb +++ /dev/null @@ -1,118 +0,0 @@ -require File.expand_path('../../../util/ini_file', __FILE__) - -Puppet::Type.type(:ini_setting).provide(:ruby) do - - def self.instances - # this code is here to support purging and the query-all functionality of the - # 'puppet resource' command, on a per-file basis. Users - # can create a type for a specific config file with a provider that uses - # this as its parent and implements the method - # 'self.file_path', and that will provide the value for the path to the - # ini file (rather than needing to specify it on each ini setting - # declaration). This allows 'purging' to be used to clear out - # all settings from a particular ini file except those included in - # the catalog. - if self.respond_to?(:file_path) - # figure out what to do about the seperator - ini_file = Puppet::Util::IniFile.new(file_path, '=') - resources = [] - ini_file.section_names.each do |section_name| - ini_file.get_settings(section_name).each do |setting, value| - resources.push( - new( - :name => namevar(section_name, setting), - :value => value, - :ensure => :present - ) - ) - end - end - resources - else - raise(Puppet::Error, 'Ini_settings only support collecting instances when a file path is hard coded') - end - end - - def self.namevar(section_name, setting) - "#{section_name}/#{setting}" - end - - def exists? - !ini_file.get_value(section, setting).nil? - end - - def create - ini_file.set_value(section, setting, resource[:value]) - ini_file.save - @ini_file = nil - end - - def destroy - ini_file.remove_setting(section, setting) - ini_file.save - @ini_file = nil - end - - def value - ini_file.get_value(section, setting) - end - - def value=(value) - ini_file.set_value(section, setting, resource[:value]) - ini_file.save - end - - def section - # this method is here so that it can be overridden by a child provider - resource[:section] - end - - def setting - # this method is here so that it can be overridden by a child provider - resource[:setting] - end - - def file_path - # this method is here to support purging and sub-classing. - # if a user creates a type and subclasses our provider and provides a - # 'file_path' method, then they don't have to specify the - # path as a parameter for every ini_setting declaration. - # This implementation allows us to support that while still - # falling back to the parameter value when necessary. - if self.class.respond_to?(:file_path) - self.class.file_path - else - resource[:path] - end - end - - def separator - if resource.class.validattr?(:key_val_separator) - resource[:key_val_separator] || '=' - else - '=' - end - end - - def section_prefix - if resource.class.validattr?(:section_prefix) - resource[:section_prefix] || '[' - else - '[' - end - end - - def section_suffix - if resource.class.validattr?(:section_suffix) - resource[:section_suffix] || ']' - else - ']' - end - end - - private - def ini_file - @ini_file ||= Puppet::Util::IniFile.new(file_path, separator, section_prefix, section_suffix) - end - -end diff --git a/inifile/lib/puppet/provider/ini_subsetting/ruby.rb b/inifile/lib/puppet/provider/ini_subsetting/ruby.rb deleted file mode 100644 index dbe9961c5..000000000 --- a/inifile/lib/puppet/provider/ini_subsetting/ruby.rb +++ /dev/null @@ -1,73 +0,0 @@ -require File.expand_path('../../../util/ini_file', __FILE__) -require File.expand_path('../../../util/setting_value', __FILE__) - -Puppet::Type.type(:ini_subsetting).provide(:ruby) do - - def exists? - setting_value.get_subsetting_value(subsetting, resource[:use_exact_match]) - end - - def create - setting_value.add_subsetting(subsetting, resource[:value], resource[:use_exact_match]) - ini_file.set_value(section, setting, setting_value.get_value) - ini_file.save - @ini_file = nil - @setting_value = nil - end - - def destroy - setting_value.remove_subsetting(subsetting, resource[:use_exact_match]) - ini_file.set_value(section, setting, setting_value.get_value) - ini_file.save - @ini_file = nil - @setting_value = nil - end - - def value - setting_value.get_subsetting_value(subsetting) - end - - def value=(value) - setting_value.add_subsetting(subsetting, resource[:value], resource[:use_exact_match]) - ini_file.set_value(section, setting, setting_value.get_value) - ini_file.save - end - - def section - resource[:section] - end - - def setting - resource[:setting] - end - - def subsetting - resource[:subsetting] - end - - def subsetting_separator - resource[:subsetting_separator] - end - - def file_path - resource[:path] - end - - def separator - resource[:key_val_separator] || '=' - end - - def quote_char - resource[:quote_char] - end - - private - def ini_file - @ini_file ||= Puppet::Util::IniFile.new(file_path, separator) - end - - def setting_value - @setting_value ||= Puppet::Util::SettingValue.new(ini_file.get_value(section, setting), subsetting_separator, quote_char) - end - -end diff --git a/inifile/lib/puppet/type/ini_setting.rb b/inifile/lib/puppet/type/ini_setting.rb deleted file mode 100644 index b31a8736c..000000000 --- a/inifile/lib/puppet/type/ini_setting.rb +++ /dev/null @@ -1,101 +0,0 @@ -require 'digest/md5' - -Puppet::Type.newtype(:ini_setting) do - - ensurable do - defaultvalues - defaultto :present - end - - def munge_boolean_md5(value) - case value - when true, :true, 'true', :yes, 'yes' - :true - when false, :false, 'false', :no, 'no' - :false - when :md5, 'md5' - :md5 - else - fail('expected a boolean value or :md5') - end - end - - newparam(:name, :namevar => true) do - desc 'An arbitrary name used as the identity of the resource.' - end - - newparam(:section) do - desc 'The name of the section in the ini file in which the setting should be defined.' + - 'If not provided, defaults to global, top of file, sections.' - defaultto("") - end - - newparam(:setting) do - desc 'The name of the setting to be defined.' - munge do |value| - if value =~ /(^\s|\s$)/ - Puppet.warn("Settings should not have spaces in the value, we are going to strip the whitespace") - end - value.lstrip.rstrip - end - end - - newparam(:path) do - desc 'The ini file Puppet will ensure contains the specified setting.' - validate do |value| - unless (Puppet.features.posix? and value =~ /^\//) or (Puppet.features.microsoft_windows? and (value =~ /^.:\// or value =~ /^\/\/[^\/]+\/[^\/]+/)) - raise(Puppet::Error, "File paths must be fully qualified, not '#{value}'") - end - end - end - - newparam(:show_diff) do - desc 'Whether to display differences when the setting changes.' - - defaultto :true - - newvalues(:true, :md5, :false) - - munge do |value| - @resource.munge_boolean_md5(value) - end - end - - newparam(:key_val_separator) do - desc 'The separator string to use between each setting name and value. ' + - 'Defaults to " = ", but you could use this to override e.g. ": ", or' + - 'whether or not the separator should include whitespace.' - defaultto(" = ") - end - - newproperty(:value) do - desc 'The value of the setting to be defined.' - - def should_to_s(newvalue) - if (@resource[:show_diff] == :true && Puppet[:show_diff]) then - return newvalue - elsif (@resource[:show_diff] == :md5 && Puppet[:show_diff]) then - return '{md5}' + Digest::MD5.hexdigest(newvalue.to_s) - else - return '[redacted sensitive information]' - end - end - - def is_to_s(value) - should_to_s(value) - end - end - - newparam(:section_prefix) do - desc 'The prefix to the section name\'s header.' + - 'Defaults to \'[\'.' - defaultto('[') - end - - newparam(:section_suffix) do - desc 'The suffix to the section name\'s header.' + - 'Defaults to \']\'.' - defaultto(']') - end - -end diff --git a/inifile/lib/puppet/type/ini_subsetting.rb b/inifile/lib/puppet/type/ini_subsetting.rb deleted file mode 100644 index 906b6678f..000000000 --- a/inifile/lib/puppet/type/ini_subsetting.rb +++ /dev/null @@ -1,112 +0,0 @@ -require 'digest/md5' - -Puppet::Type.newtype(:ini_subsetting) do - - ensurable do - defaultvalues - defaultto :present - end - - def munge_boolean_md5(value) - case value - when true, :true, 'true', :yes, 'yes' - :true - when false, :false, 'false', :no, 'no' - :false - when :md5, 'md5' - :md5 - else - fail('expected a boolean value or :md5') - end - end - - newparam(:name, :namevar => true) do - desc 'An arbitrary name used as the identity of the resource.' - end - - newparam(:section) do - desc 'The name of the section in the ini file in which the setting should be defined.' + - 'If not provided, defaults to global, top of file, sections.' - defaultto("") - end - - newparam(:setting) do - desc 'The name of the setting to be defined.' - end - - newparam(:subsetting) do - desc 'The name of the subsetting to be defined.' - end - - newparam(:subsetting_separator) do - desc 'The separator string between subsettings. Defaults to " "' - defaultto(" ") - end - - newparam(:path) do - desc 'The ini file Puppet will ensure contains the specified setting.' - validate do |value| - unless (Puppet.features.posix? and value =~ /^\//) or (Puppet.features.microsoft_windows? and (value =~ /^.:\// or value =~ /^\/\/[^\/]+\/[^\/]+/)) - raise(Puppet::Error, "File paths must be fully qualified, not '#{value}'") - end - end - end - - newparam(:show_diff) do - desc 'Whether to display differences when the setting changes.' - defaultto :true - newvalues(:true, :md5, :false) - - munge do |value| - @resource.munge_boolean_md5(value) - end - end - - newparam(:key_val_separator) do - desc 'The separator string to use between each setting name and value. ' + - 'Defaults to " = ", but you could use this to override e.g. ": ", or' + - 'whether or not the separator should include whitespace.' - defaultto(" = ") - end - - newparam(:quote_char) do - desc 'The character used to quote the entire value of the setting. ' + - %q{Valid values are '', '"' and "'". Defaults to ''.} - defaultto('') - - validate do |value| - unless value =~ /^["']?$/ - raise Puppet::Error, %q{:quote_char valid values are '', '"' and "'"} - end - end - end - - newparam(:use_exact_match) do - desc 'Set to true if your subsettings don\'t have values and you want to use exact matches to determine if the subsetting exists. See MODULES-2212' - newvalues(:true, :false) - defaultto(:false) - end - - newproperty(:value) do - desc 'The value of the subsetting to be defined.' - - def should_to_s(newvalue) - if (@resource[:show_diff] == :true && Puppet[:show_diff]) then - return newvalue - elsif (@resource[:show_diff] == :md5 && Puppet[:show_diff]) then - return '{md5}' + Digest::MD5.hexdigest(newvalue.to_s) - else - return '[redacted sensitive information]' - end - end - - def is_to_s(value) - should_to_s(value) - end - - def is_to_s(value) - should_to_s(value) - end - end - -end diff --git a/inifile/lib/puppet/util/external_iterator.rb b/inifile/lib/puppet/util/external_iterator.rb deleted file mode 100644 index 45c0fa434..000000000 --- a/inifile/lib/puppet/util/external_iterator.rb +++ /dev/null @@ -1,28 +0,0 @@ -module Puppet -module Util - class ExternalIterator - def initialize(coll) - @coll = coll - @cur_index = -1 - end - - def next - @cur_index = @cur_index + 1 - item_at(@cur_index) - end - - def peek - item_at(@cur_index + 1) - end - - private - def item_at(index) - if @coll.length > index - [@coll[index], index] - else - [nil, nil] - end - end - end -end -end diff --git a/inifile/lib/puppet/util/ini_file.rb b/inifile/lib/puppet/util/ini_file.rb deleted file mode 100644 index 818328d5d..000000000 --- a/inifile/lib/puppet/util/ini_file.rb +++ /dev/null @@ -1,331 +0,0 @@ -require File.expand_path('../external_iterator', __FILE__) -require File.expand_path('../ini_file/section', __FILE__) - -module Puppet -module Util - class IniFile - - def initialize(path, key_val_separator = ' = ', section_prefix = '[', section_suffix = ']') - - k_v_s = key_val_separator =~ /^\s+$/ ? ' ' : key_val_separator.strip - - @section_prefix = section_prefix - @section_suffix = section_suffix - - @@SECTION_REGEX = section_regex - @@SETTING_REGEX = /^(\s*)([^#;\s]|[^#;\s].*?[^\s#{k_v_s}])(\s*#{k_v_s}[ \t]*)(.*)\s*$/ - @@COMMENTED_SETTING_REGEX = /^(\s*)[#;]+(\s*)(.*?[^\s#{k_v_s}])(\s*#{k_v_s}[ \t]*)(.*)\s*$/ - - @path = path - @key_val_separator = key_val_separator - @section_names = [] - @sections_hash = {} - if File.file?(@path) - parse_file - end - end - - def section_regex - # Only put in prefix/suffix if they exist - # Also, if the prefix is '', the negated - # set match should be a match all instead. - r_string = '^\s*' - r_string += Regexp.escape(@section_prefix) - r_string += '(' - if @section_prefix != '' - r_string += '[^' - r_string += Regexp.escape(@section_prefix) - r_string += ']' - else - r_string += '.' - end - r_string += '*)' - r_string += Regexp.escape(@section_suffix) - r_string += '\s*$' - /#{r_string}/ - end - - def section_names - @section_names - end - - def get_settings(section_name) - section = @sections_hash[section_name] - section.setting_names.inject({}) do |result, setting| - result[setting] = section.get_value(setting) - result - end - end - - def get_value(section_name, setting) - if (@sections_hash.has_key?(section_name)) - @sections_hash[section_name].get_value(setting) - end - end - - def set_value(section_name, setting, value) - unless (@sections_hash.has_key?(section_name)) - add_section(Section.new(section_name, nil, nil, nil, nil)) - end - - section = @sections_hash[section_name] - - if (section.has_existing_setting?(setting)) - update_line(section, setting, value) - section.update_existing_setting(setting, value) - elsif result = find_commented_setting(section, setting) - # So, this stanza is a bit of a hack. What we're trying - # to do here is this: for settings that don't already - # exist, we want to take a quick peek to see if there - # is a commented-out version of them in the section. - # If so, we'd prefer to add the setting directly after - # the commented line, rather than at the end of the section. - - # If we get here then we found a commented line, so we - # call "insert_inline_setting_line" to update the lines array - insert_inline_setting_line(result, section, setting, value) - - # Then, we need to tell the setting object that we hacked - # in an inline setting - section.insert_inline_setting(setting, value) - - # Finally, we need to update all of the start/end line - # numbers for all of the sections *after* the one that - # was modified. - section_index = @section_names.index(section_name) - increment_section_line_numbers(section_index + 1) - else - section.set_additional_setting(setting, value) - end - end - - def remove_setting(section_name, setting) - section = @sections_hash[section_name] - if (section.has_existing_setting?(setting)) - # If the setting is found, we have some work to do. - # First, we remove the line from our array of lines: - remove_line(section, setting) - - # Then, we need to tell the setting object to remove - # the setting from its state: - section.remove_existing_setting(setting) - - # Finally, we need to update all of the start/end line - # numbers for all of the sections *after* the one that - # was modified. - section_index = @section_names.index(section_name) - decrement_section_line_numbers(section_index + 1) - end - end - - def save - File.open(@path, 'w') do |fh| - - @section_names.each_index do |index| - name = @section_names[index] - - section = @sections_hash[name] - - # We need a buffer to cache lines that are only whitespace - whitespace_buffer = [] - - if (section.is_new_section?) && (! section.is_global?) - fh.puts("\n#{@section_prefix}#{section.name}#{@section_suffix}") - end - - if ! section.is_new_section? - # don't add empty sections - if section.empty? and ! section.is_global? - next - end - - # write all of the pre-existing settings - (section.start_line..section.end_line).each do |line_num| - line = lines[line_num] - - # We buffer any lines that are only whitespace so that - # if they are at the end of a section, we can insert - # any new settings *before* the final chunk of whitespace - # lines. - if (line =~ /^\s*$/) - whitespace_buffer << line - else - # If we get here, we've found a non-whitespace line. - # We'll flush any cached whitespace lines before we - # write it. - flush_buffer_to_file(whitespace_buffer, fh) - fh.puts(line) - end - end - end - - # write new settings, if there are any - section.additional_settings.each_pair do |key, value| - fh.puts("#{' ' * (section.indentation || 0)}#{key}#{@key_val_separator}#{value}") - end - - if (whitespace_buffer.length > 0) - flush_buffer_to_file(whitespace_buffer, fh) - else - # We get here if there were no blank lines at the end of the - # section. - # - # If we are adding a new section with a new setting, - # and if there are more sections that come after this one, - # we'll write one blank line just so that there is a little - # whitespace between the sections. - #if (section.end_line.nil? && - if (section.is_new_section? && - (section.additional_settings.length > 0) && - (index < @section_names.length - 1)) - fh.puts("") - end - end - - end - end - end - - - private - def add_section(section) - @sections_hash[section.name] = section - @section_names << section.name - end - - def parse_file - line_iter = create_line_iter - - # We always create a "global" section at the beginning of the file, for - # anything that appears before the first named section. - section = read_section('', 0, line_iter) - add_section(section) - line, line_num = line_iter.next - - while line - if (match = @@SECTION_REGEX.match(line)) - section = read_section(match[1], line_num, line_iter) - add_section(section) - end - line, line_num = line_iter.next - end - end - - def read_section(name, start_line, line_iter) - settings = {} - end_line_num = nil - min_indentation = nil - while true - line, line_num = line_iter.peek - if (line_num.nil? or match = @@SECTION_REGEX.match(line)) - return Section.new(name, start_line, end_line_num, settings, min_indentation) - elsif (match = @@SETTING_REGEX.match(line)) - settings[match[2]] = match[4] - indentation = match[1].length - min_indentation = [indentation, min_indentation || indentation].min - end - end_line_num = line_num - line_iter.next - end - end - - def update_line(section, setting, value) - (section.start_line..section.end_line).each do |line_num| - if (match = @@SETTING_REGEX.match(lines[line_num])) - if (match[2] == setting) - lines[line_num] = "#{match[1]}#{match[2]}#{match[3]}#{value}" - end - end - end - end - - def remove_line(section, setting) - (section.start_line..section.end_line).each do |line_num| - if (match = @@SETTING_REGEX.match(lines[line_num])) - if (match[2] == setting) - lines.delete_at(line_num) - end - end - end - end - - def create_line_iter - ExternalIterator.new(lines) - end - - def lines - @lines ||= IniFile.readlines(@path) - end - - # This is mostly here because it makes testing easier--we don't have - # to try to stub any methods on File. - def self.readlines(path) - # If this type is ever used with very large files, we should - # write this in a different way, using a temp - # file; for now assuming that this type is only used on - # small-ish config files that can fit into memory without - # too much trouble. - File.readlines(path) - end - - # This utility method scans through the lines for a section looking for - # commented-out versions of a setting. It returns `nil` if it doesn't - # find one. If it does find one, then it returns a hash containing - # two keys: - # - # :line_num - the line number that contains the commented version - # of the setting - # :match - the ruby regular expression match object, which can - # be used to mimic the whitespace from the comment line - def find_commented_setting(section, setting) - return nil if section.is_new_section? - (section.start_line..section.end_line).each do |line_num| - if (match = @@COMMENTED_SETTING_REGEX.match(lines[line_num])) - if (match[3] == setting) - return { :match => match, :line_num => line_num } - end - end - end - nil - end - - # This utility method is for inserting a line into the existing - # lines array. The `result` argument is expected to be in the - # format of the return value of `find_commented_setting`. - def insert_inline_setting_line(result, section, setting, value) - line_num = result[:line_num] - match = result[:match] - lines.insert(line_num + 1, "#{' ' * (section.indentation || 0 )}#{setting}#{match[4]}#{value}") - end - - # Utility method; given a section index (index into the @section_names - # array), decrement the start/end line numbers for that section and all - # all of the other sections that appear *after* the specified section. - def decrement_section_line_numbers(section_index) - @section_names[section_index..(@section_names.length - 1)].each do |name| - section = @sections_hash[name] - section.decrement_line_nums - end - end - - # Utility method; given a section index (index into the @section_names - # array), increment the start/end line numbers for that section and all - # all of the other sections that appear *after* the specified section. - def increment_section_line_numbers(section_index) - @section_names[section_index..(@section_names.length - 1)].each do |name| - section = @sections_hash[name] - section.increment_line_nums - end - end - - - def flush_buffer_to_file(buffer, fh) - if buffer.length > 0 - buffer.each { |l| fh.puts(l) } - buffer.clear - end - end - - end -end -end diff --git a/inifile/lib/puppet/util/ini_file/section.rb b/inifile/lib/puppet/util/ini_file/section.rb deleted file mode 100644 index c5df1441a..000000000 --- a/inifile/lib/puppet/util/ini_file/section.rb +++ /dev/null @@ -1,103 +0,0 @@ -class Puppet::Util::IniFile - class Section - # Some implementation details: - # - # * `name` will be set to the empty string for the 'global' section. - # * there will always be a 'global' section, with a `start_line` of 0, - # but if the file actually begins with a real section header on - # the first line, then the 'global' section will have an - # `end_line` of `nil`. - # * `start_line` and `end_line` will be set to `nil` for a new non-global - # section. - def initialize(name, start_line, end_line, settings, indentation) - @name = name - @start_line = start_line - @end_line = end_line - @existing_settings = settings.nil? ? {} : settings - @additional_settings = {} - @indentation = indentation - end - - attr_reader :name, :start_line, :end_line, :additional_settings, :indentation - - def is_global?() - @name == '' - end - - def is_new_section?() - # a new section (global or named) will always have `end_line` - # set to `nil` - @end_line.nil? - end - - def setting_names - @existing_settings.keys | @additional_settings.keys - end - - def get_value(setting_name) - @existing_settings[setting_name] || @additional_settings[setting_name] - end - - def has_existing_setting?(setting_name) - @existing_settings.has_key?(setting_name) - end - - def empty? - start_line == end_line - end - - def update_existing_setting(setting_name, value) - @existing_settings[setting_name] = value - end - - def remove_existing_setting(setting_name) - if (@existing_settings.delete(setting_name)) - if @end_line - @end_line = @end_line - 1 - end - end - end - - # This is a hacky method; it's basically called when we need to insert - # a new setting but we don't want it to appear at the very end of the - # section. Instead we hack it into the existing settings list and - # increment our end_line number--this assumes that the caller (`ini_file`) - # is doing some babysitting w/rt the other sections and the actual data - # of the lines. - def insert_inline_setting(setting_name, value) - @existing_settings[setting_name] = value - if @end_line - @end_line = @end_line + 1 - end - end - - def set_additional_setting(setting_name, value) - @additional_settings[setting_name] = value - end - - # Decrement the start and end line numbers for the section (if they are - # defined); this is intended to be called when a setting is removed - # from a section that comes before this section in the ini file. - def decrement_line_nums() - if @start_line - @start_line = @start_line - 1 - end - if @end_line - @end_line = @end_line - 1 - end - end - - # Increment the start and end line numbers for the section (if they are - # defined); this is intended to be called when an inline setting is added - # to a section that comes before this section in the ini file. - def increment_line_nums() - if @start_line - @start_line = @start_line + 1 - end - if @end_line - @end_line = @end_line + 1 - end - end - - end -end diff --git a/inifile/lib/puppet/util/setting_value.rb b/inifile/lib/puppet/util/setting_value.rb deleted file mode 100644 index 5ccd3ca0d..000000000 --- a/inifile/lib/puppet/util/setting_value.rb +++ /dev/null @@ -1,103 +0,0 @@ -module Puppet - module Util - - class SettingValue - - def initialize(setting_value, subsetting_separator = ' ', default_quote_char = nil) - @setting_value = setting_value - @subsetting_separator = subsetting_separator - - default_quote_char ||= '' - - if @setting_value - unquoted, @quote_char = unquote_setting_value(setting_value) - @subsetting_items = unquoted.scan(Regexp.new("(?:(?:[^\\#{@subsetting_separator}]|\\.)+)")) # an item can contain escaped separator - @subsetting_items.map! { |item| item.strip } - @quote_char = default_quote_char if @quote_char.empty? - else - @subsetting_items = [] - @quote_char = default_quote_char - end - end - - def unquote_setting_value(setting_value) - quote_char = "" - if (setting_value.start_with?('"') and setting_value.end_with?('"')) - quote_char = '"' - elsif (setting_value.start_with?("'") and setting_value.end_with?("'")) - quote_char = "'" - end - - unquoted = setting_value - - if (quote_char != "") - unquoted = setting_value[1, setting_value.length - 2] - end - - [unquoted, quote_char] - end - - def get_value - - result = "" - first = true - - @subsetting_items.each { |item| - result << @subsetting_separator unless first - result << item - first = false - } - - @quote_char + result + @quote_char - end - - def get_subsetting_value(subsetting, use_exact_match=:false) - - value = nil - - @subsetting_items.each { |item| - if(use_exact_match == :false and item.start_with?(subsetting)) - value = item[subsetting.length, item.length - subsetting.length] - break - elsif(use_exact_match == :true and item.eql?(subsetting)) - return true - end - } - - value - end - - def add_subsetting(subsetting, subsetting_value, use_exact_match=:false) - - new_item = subsetting + (subsetting_value || '') - found = false - - @subsetting_items.map! { |item| - if use_exact_match == :false and item.start_with?(subsetting) - value = new_item - found = true - elsif use_exact_match == :true and item.eql?(subsetting) - value = new_item - found = true - else - value = item - end - - value - } - - unless found - @subsetting_items.push(new_item) - end - end - - def remove_subsetting(subsetting, use_exact_match=:false) - if use_exact_match == :false - @subsetting_items = @subsetting_items.map { |item| item.start_with?(subsetting) ? nil : item }.compact - else - @subsetting_items = @subsetting_items.map { |item| item.eql?(subsetting) ? nil : item }.compact - end - end - end - end -end diff --git a/inifile/manifests/init.pp b/inifile/manifests/init.pp deleted file mode 100644 index 359021622..000000000 --- a/inifile/manifests/init.pp +++ /dev/null @@ -1,46 +0,0 @@ -# == Class: inifile -# -# Use create_resources() to allow the specification of ini_setting and -# ini_subsetting entries. -# -class inifile ( - $ini_settings = undef, - $ini_subsettings = undef, - $ini_settings_hiera_merge = true, - $ini_subsettings_hiera_merge = true, -) { - - if is_string($ini_settings_hiera_merge) == true { - $ini_settings_hiera_merge_bool = str2bool($ini_settings_hiera_merge) - } else { - $ini_settings_hiera_merge_bool = $ini_settings_hiera_merge - } - validate_bool($ini_settings_hiera_merge_bool) - - if is_string($ini_subsettings_hiera_merge) == true { - $ini_subsettings_hiera_merge_bool = str2bool($ini_subsettings_hiera_merge) - } else { - $ini_subsettings_hiera_merge_bool = $ini_subsettings_hiera_merge - } - validate_bool($ini_subsettings_hiera_merge_bool) - - if $ini_settings != undef { - if $ini_settings_hiera_merge_bool == true { - $ini_settings_real = hiera_hash('inifile::ini_settings') - } else { - $ini_settings_real = $ini_settings - } - validate_hash($ini_settings_real) - create_resources('ini_setting',$ini_settings_real) - } - - if $ini_subsettings != undef { - if $ini_subsettings_hiera_merge_bool == true { - $ini_subsettings_real = hiera_hash('inifile::ini_subsettings') - } else { - $ini_subsettings_real = $ini_subsettings - } - validate_hash($ini_subsettings_real) - create_resources('ini_subsetting',$ini_subsettings_real) - } -} diff --git a/inifile/metadata.json b/inifile/metadata.json deleted file mode 100644 index f76da1063..000000000 --- a/inifile/metadata.json +++ /dev/null @@ -1,106 +0,0 @@ -{ - "name": "puppetlabs-inifile", - "version": "1.4.3", - "author": "Puppet Labs", - "summary": "Resource types for managing settings in INI files", - "license": "Apache-2.0", - "source": "https://github.com/puppetlabs/puppetlabs-inifile", - "project_page": "https://github.com/puppetlabs/puppetlabs-inifile", - "issues_url": "https://tickets.puppetlabs.com/browse/MODULES", - "operatingsystem_support": [ - { - "operatingsystem": "RedHat", - "operatingsystemrelease": [ - "5", - "6", - "7" - ] - }, - { - "operatingsystem": "CentOS", - "operatingsystemrelease": [ - "5", - "6", - "7" - ] - }, - { - "operatingsystem": "OracleLinux", - "operatingsystemrelease": [ - "5", - "6", - "7" - ] - }, - { - "operatingsystem": "Scientific", - "operatingsystemrelease": [ - "5", - "6", - "7" - ] - }, - { - "operatingsystem": "SLES", - "operatingsystemrelease": [ - "10 SP4", - "11 SP1", - "12" - ] - }, - { - "operatingsystem": "Debian", - "operatingsystemrelease": [ - "6", - "7", - "8" - ] - }, - { - "operatingsystem": "Ubuntu", - "operatingsystemrelease": [ - "10.04", - "12.04", - "14.04" - ] - }, - { - "operatingsystem": "Solaris", - "operatingsystemrelease": [ - "10", - "11", - "12" - ] - }, - { - "operatingsystem": "Windows", - "operatingsystemrelease": [ - "Server 2003 R2", - "Server 2008 R2", - "Server 2012", - "Server 2012 R2" - ] - }, - { - "operatingsystem": "AIX", - "operatingsystemrelease": [ - "5.3", - "6.1", - "7.1" - ] - } - ], - "requirements": [ - { - "name": "pe", - "version_requirement": ">= 3.0.0 < 2015.4.0" - }, - { - "name": "puppet", - "version_requirement": ">= 3.0.0 < 5.0.0" - } - ], - "dependencies": [ - {"name":"puppetlabs/stdlib","version_requirement":">= 4.2.0"} - ] -} diff --git a/inifile/spec/acceptance/ini_setting_spec.rb b/inifile/spec/acceptance/ini_setting_spec.rb deleted file mode 100644 index 6b141097c..000000000 --- a/inifile/spec/acceptance/ini_setting_spec.rb +++ /dev/null @@ -1,320 +0,0 @@ -require 'spec_helper_acceptance' - -tmpdir = default.tmpdir('tmp') - -describe 'ini_setting resource' do - after :all do - shell("rm #{tmpdir}/*.ini", :acceptable_exit_codes => [0, 1, 2]) - end - - shared_examples 'has_content' do |path, pp, content| - before :all do - shell("rm #{path}", :acceptable_exit_codes => [0, 1, 2]) - end - after :all do - shell("cat #{path}", :acceptable_exit_codes => [0, 1, 2]) - shell("rm #{path}", :acceptable_exit_codes => [0, 1, 2]) - end - - it 'applies the manifest twice' do - apply_manifest(pp, :catch_failures => true) - apply_manifest(pp, :catch_changes => true) - end - - describe file(path) do - it { should be_file } - its(:content) { should match content } - end - end - - shared_examples 'has_error' do |path, pp, error| - before :all do - shell("rm #{path}", :acceptable_exit_codes => [0, 1, 2]) - end - after :all do - shell("cat #{path}", :acceptable_exit_codes => [0, 1, 2]) - shell("rm #{path}", :acceptable_exit_codes => [0, 1, 2]) - end - - it 'applies the manifest and gets a failure message' do - expect(apply_manifest(pp, :expect_failures => true).stderr).to match(error) - end - - describe file(path) do - it { should_not be_file } - end - end - - describe 'ensure parameter' do - context '=> present for global and section' do - pp = <<-EOS - ini_setting { 'ensure => present for section': - ensure => present, - path => "#{tmpdir}/ini_setting.ini", - section => 'one', - setting => 'two', - value => 'three', - } - ini_setting { 'ensure => present for global': - ensure => present, - path => "#{tmpdir}/ini_setting.ini", - section => '', - setting => 'four', - value => 'five', - } - EOS - - it 'applies the manifest twice' do - apply_manifest(pp, :catch_failures => true) - apply_manifest(pp, :catch_changes => true) - end - - it_behaves_like 'has_content', "#{tmpdir}/ini_setting.ini", pp, /four = five\n\n\[one\]\ntwo = three/ - end - - context '=> present for global and section (from previous blank value)' do - before :all do - if fact('osfamily') == 'Darwin' - shell("echo \"four =[one]\ntwo =\" > #{tmpdir}/ini_setting.ini") - else - shell("echo -e \"four =\n[one]\ntwo =\" > #{tmpdir}/ini_setting.ini") - end - end - - pp = <<-EOS - ini_setting { 'ensure => present for section': - ensure => present, - path => "#{tmpdir}/ini_setting.ini", - section => 'one', - setting => 'two', - value => 'three', - } - ini_setting { 'ensure => present for global': - ensure => present, - path => "#{tmpdir}/ini_setting.ini", - section => '', - setting => 'four', - value => 'five', - } - EOS - - it 'applies the manifest twice' do - apply_manifest(pp, :catch_failures => true) - apply_manifest(pp, :catch_changes => true) - end - - it_behaves_like 'has_content', "#{tmpdir}/ini_setting.ini", pp, /four = five\n\n\[one\]\ntwo = three/ - end - - context '=> absent for key/value' do - before :all do - if fact('osfamily') == 'Darwin' - shell("echo \"four = five[one]\ntwo = three\" > #{tmpdir}/ini_setting.ini") - else - shell("echo -e \"four = five\n[one]\ntwo = three\" > #{tmpdir}/ini_setting.ini") - end - end - - pp = <<-EOS - ini_setting { 'ensure => absent for key/value': - ensure => absent, - path => "#{tmpdir}/ini_setting.ini", - section => 'one', - setting => 'two', - value => 'three', - } - EOS - - it 'applies the manifest twice' do - apply_manifest(pp, :catch_failures => true) - apply_manifest(pp, :catch_changes => true) - end - - describe file("#{tmpdir}/ini_setting.ini") do - it { should be_file } - its(:content) { - should match /four = five/ - should_not match /\[one\]/ - should_not match /two = three/ - } - end - end - - context '=> absent for global' do - before :all do - if fact('osfamily') == 'Darwin' - shell("echo \"four = five\n[one]\ntwo = three\" > #{tmpdir}/ini_setting.ini") - else - shell("echo -e \"four = five\n[one]\ntwo = three\" > #{tmpdir}/ini_setting.ini") - end - end - after :all do - shell("cat #{tmpdir}/ini_setting.ini", :acceptable_exit_codes => [0, 1, 2]) - shell("rm #{tmpdir}/ini_setting.ini", :acceptable_exit_codes => [0, 1, 2]) - end - - pp = <<-EOS - ini_setting { 'ensure => absent for global': - ensure => absent, - path => "#{tmpdir}/ini_setting.ini", - section => '', - setting => 'four', - value => 'five', - } - EOS - - it 'applies the manifest twice' do - apply_manifest(pp, :catch_failures => true) - apply_manifest(pp, :catch_changes => true) - end - - describe file("#{tmpdir}/ini_setting.ini") do - it { should be_file } - its(:content) { - should_not match /four = five/ - should match /\[one\]/ - should match /two = three/ - } - end - end - end - - describe 'section, setting, value parameters' do - { - "section => 'test', setting => 'foo', value => 'bar'," => /\[test\]\nfoo = bar/, - "section => 'more', setting => 'baz', value => 'quux'," => /\[more\]\nbaz = quux/, - "section => '', setting => 'top', value => 'level'," => /top = level/, - "section => 'z', setting => 'sp aces', value => 'foo bar'," => /\[z\]\nsp aces = foo bar/, - }.each do |parameter_list, content| - context parameter_list do - pp = <<-EOS - ini_setting { "#{parameter_list}": - ensure => present, - path => "#{tmpdir}/ini_setting.ini", - #{parameter_list} - } - EOS - - it_behaves_like 'has_content', "#{tmpdir}/ini_setting.ini", pp, content - end - end - - { - "section => 'test'," => /setting is a required.+value is a required/, - "setting => 'foo', value => 'bar'," => /section is a required/, - "section => 'test', setting => 'foo'," => /value is a required/, - "section => 'test', value => 'bar'," => /setting is a required/, - "value => 'bar'," => /section is a required.+setting is a required/, - "setting => 'foo'," => /section is a required.+value is a required/, - }.each do |parameter_list, error| - context parameter_list, :pending => 'no error checking yet' do - pp = <<-EOS - ini_setting { "#{parameter_list}": - ensure => present, - path => "#{tmpdir}/ini_setting.ini", - #{parameter_list} - } - EOS - - it_behaves_like 'has_error', "#{tmpdir}/ini_setting.ini", pp, error - end - end - end - - describe 'path parameter' do - [ - "#{tmpdir}/one.ini", - "#{tmpdir}/two.ini", - "#{tmpdir}/three.ini", - ].each do |path| - context "path => #{path}" do - pp = <<-EOS - ini_setting { 'path => #{path}': - ensure => present, - section => 'one', - setting => 'two', - value => 'three', - path => '#{path}', - } - EOS - - it_behaves_like 'has_content', path, pp, /\[one\]\ntwo = three/ - end - end - - context "path => foo" do - pp = <<-EOS - ini_setting { 'path => foo': - ensure => present, - section => 'one', - setting => 'two', - value => 'three', - path => 'foo', - } - EOS - - it_behaves_like 'has_error', 'foo', pp, /must be fully qualified/ - end - end - - describe 'key_val_separator parameter' do - { - "" => /two = three/, - "key_val_separator => '='," => /two=three/, - "key_val_separator => ' = '," => /two = three/, - "key_val_separator => ' '," => /two three/, - "key_val_separator => ' '," => /two three/, - }.each do |parameter, content| - context "with \"#{parameter}\" makes \"#{content}\"" do - pp = <<-EOS - ini_setting { "with #{parameter} makes #{content}": - ensure => present, - section => 'one', - setting => 'two', - value => 'three', - path => "#{tmpdir}/key_val_separator.ini", - #{parameter} - } - EOS - - it_behaves_like 'has_content', "#{tmpdir}/key_val_separator.ini", pp, content - end - end - end - - describe 'show_diff parameter and logging:' do - [ {:value => "initial_value", :matcher => "created", :show_diff => true}, - {:value => "public_value", :matcher => /initial_value.*public_value/, :show_diff => true}, - {:value => "secret_value", :matcher => /redacted sensitive information.*redacted sensitive information/, :show_diff => false}, - {:value => "md5_value", :matcher => /{md5}881671aa2bbc680bc530c4353125052b.*{md5}ed0903a7fa5de7886ca1a7a9ad06cf51/, :show_diff => :md5} - ].each do |i| - context "show_diff => #{i[:show_diff]}" do - pp = <<-EOS - ini_setting { 'test_show_diff': - ensure => present, - section => 'test', - setting => 'something', - value => '#{i[:value]}', - path => "#{tmpdir}/test_show_diff.ini", - show_diff => #{i[:show_diff]} - } - EOS - - it "applies manifest and expects changed value to be logged in proper form" do - config = { - 'main' => { - 'show_diff' => true - } - } - configure_puppet_on(default, config) - - res = apply_manifest(pp, :expect_changes => true) - expect(res.stdout).to match(i[:matcher]) - expect(res.stdout).not_to match(i[:value]) unless (i[:show_diff] == true) - - end - end - end - end - -end diff --git a/inifile/spec/acceptance/ini_subsetting_spec.rb b/inifile/spec/acceptance/ini_subsetting_spec.rb deleted file mode 100644 index 636f3abc3..000000000 --- a/inifile/spec/acceptance/ini_subsetting_spec.rb +++ /dev/null @@ -1,237 +0,0 @@ -require 'spec_helper_acceptance' - -tmpdir = default.tmpdir('tmp') - -describe 'ini_subsetting resource' do - after :all do - shell("rm #{tmpdir}/*.ini", :acceptable_exit_codes => [0, 1, 2]) - end - - shared_examples 'has_content' do |path, pp, content| - before :all do - shell("rm #{path}", :acceptable_exit_codes => [0, 1, 2]) - end - after :all do - shell("cat #{path}", :acceptable_exit_codes => [0, 1, 2]) - shell("rm #{path}", :acceptable_exit_codes => [0, 1, 2]) - end - - it 'applies the manifest twice' do - apply_manifest(pp, :catch_failures => true) - apply_manifest(pp, :catch_changes => true) - end - - describe file(path) do - it { should be_file } - its(:content) { - should match content - } - end - end - - shared_examples 'has_error' do |path, pp, error| - before :all do - shell("rm #{path}", :acceptable_exit_codes => [0, 1, 2]) - end - after :all do - shell("cat #{path}", :acceptable_exit_codes => [0, 1, 2]) - shell("rm #{path}", :acceptable_exit_codes => [0, 1, 2]) - end - - it 'applies the manifest and gets a failure message' do - expect(apply_manifest(pp, :expect_failures => true).stderr).to match(error) - end - - describe file(path) do - it { should_not be_file } - end - end - - describe 'ensure, section, setting, subsetting, & value parameters' do - context '=> present with subsections' do - pp = <<-EOS - ini_subsetting { 'ensure => present for alpha': - ensure => present, - path => "#{tmpdir}/ini_subsetting.ini", - section => 'one', - setting => 'key', - subsetting => 'alpha', - value => 'bet', - } - ini_subsetting { 'ensure => present for beta': - ensure => present, - path => "#{tmpdir}/ini_subsetting.ini", - section => 'one', - setting => 'key', - subsetting => 'beta', - value => 'trons', - require => Ini_subsetting['ensure => present for alpha'], - } - EOS - - it 'applies the manifest twice' do - apply_manifest(pp, :catch_failures => true) - apply_manifest(pp, :catch_changes => true) - end - - describe file("#{tmpdir}/ini_subsetting.ini") do - it { should be_file } - its(:content) { - should match /\[one\]\nkey = alphabet betatrons/ - } - end - end - - context 'ensure => absent' do - before :all do - if fact('osfamily') == 'Darwin' - shell("echo \"[one]\nkey = alphabet betatrons\" > #{tmpdir}/ini_subsetting.ini") - else - shell("echo -e \"[one]\nkey = alphabet betatrons\" > #{tmpdir}/ini_subsetting.ini") - end - end - - pp = <<-EOS - ini_subsetting { 'ensure => absent for subsetting': - ensure => absent, - path => "#{tmpdir}/ini_subsetting.ini", - section => 'one', - setting => 'key', - subsetting => 'alpha', - } - EOS - - it 'applies the manifest twice' do - apply_manifest(pp, :catch_failures => true) - apply_manifest(pp, :catch_changes => true) - end - - describe file("#{tmpdir}/ini_subsetting.ini") do - it { should be_file } - its(:content) { - should match /\[one\]/ - should match /key = betatrons/ - should_not match /alphabet/ - } - end - end - end - - describe 'subsetting_separator' do - { - "" => /two = twinethree foobar/, - "subsetting_separator => ','," => /two = twinethree,foobar/, - "subsetting_separator => ' '," => /two = twinethree foobar/, - "subsetting_separator => ' == '," => /two = twinethree == foobar/, - "subsetting_separator => '='," => /two = twinethree=foobar/, - }.each do |parameter, content| - context "with \"#{parameter}\" makes \"#{content}\"" do - pp = <<-EOS - ini_subsetting { "with #{parameter} makes #{content}": - ensure => present, - section => 'one', - setting => 'two', - subsetting => 'twine', - value => 'three', - path => "#{tmpdir}/subsetting_separator.ini", - before => Ini_subsetting['foobar'], - #{parameter} - } - ini_subsetting { "foobar": - ensure => present, - section => 'one', - setting => 'two', - subsetting => 'foo', - value => 'bar', - path => "#{tmpdir}/subsetting_separator.ini", - #{parameter} - } - EOS - - it_behaves_like 'has_content', "#{tmpdir}/subsetting_separator.ini", pp, content - end - end - end - - describe 'quote_char' do - { - ['-Xmx'] => /args=""/, - ['-Xmx', '256m'] => /args=-Xmx256m/, - ['-Xmx', '512m'] => /args="-Xmx512m"/, - ['-Xms', '256m'] => /args="-Xmx256m -Xms256m"/, - }.each do |parameter, content| - context %Q{with '#{parameter.first}' #{parameter.length > 1 ? '=> \'' << parameter[1] << '\'' : 'absent'} makes '#{content}'} do - path = File.join(tmpdir, 'ini_subsetting.ini') - - before :all do - shell(%Q{echo '[java]\nargs=-Xmx256m' > #{path}}) - end - after :all do - shell("cat #{path}", :acceptable_exit_codes => [0, 1, 2]) - shell("rm #{path}", :acceptable_exit_codes => [0, 1, 2]) - end - - pp = <<-EOS - ini_subsetting { '#{parameter.first}': - ensure => #{parameter.length > 1 ? 'present' : 'absent'}, - path => '#{path}', - section => 'java', - setting => 'args', - quote_char => '"', - subsetting => '#{parameter.first}', - value => '#{parameter.length > 1 ? parameter[1] : ''}' - } - EOS - - it 'applies the manifest twice' do - apply_manifest(pp, :catch_failures => true) - apply_manifest(pp, :catch_changes => true) - end - - describe file("#{tmpdir}/ini_subsetting.ini") do - it { should be_file } - its(:content) { - should match content - } - end - end - end - end - - describe 'show_diff parameter and logging:' do - [ {:value => "initial_value", :matcher => "created", :show_diff => true}, - {:value => "public_value", :matcher => /initial_value.*public_value/, :show_diff => true}, - {:value => "secret_value", :matcher => /redacted sensitive information.*redacted sensitive information/, :show_diff => false}, - {:value => "md5_value", :matcher => /{md5}881671aa2bbc680bc530c4353125052b.*{md5}ed0903a7fa5de7886ca1a7a9ad06cf51/, :show_diff => :md5} - ].each do |i| - context "show_diff => #{i[:show_diff]}" do - pp = <<-EOS - ini_subsetting { 'test_show_diff': - ensure => present, - section => 'test', - setting => 'something', - subsetting => 'xxx', - value => '#{i[:value]}', - path => "#{tmpdir}/test_show_diff.ini", - show_diff => #{i[:show_diff]} - } - EOS - - it "applies manifest and expects changed value to be logged in proper form" do - config = { - 'main' => { - 'show_diff' => true - } - } - configure_puppet_on(default, config) - - res = apply_manifest(pp, :expect_changes => true) - expect(res.stdout).to match(i[:matcher]) - expect(res.stdout).not_to match(i[:value]) unless (i[:show_diff] == true) - - end - end - end - end - -end diff --git a/inifile/spec/acceptance/nodesets/centos-510-x64.yml b/inifile/spec/acceptance/nodesets/centos-510-x64.yml deleted file mode 100644 index 12c9e7893..000000000 --- a/inifile/spec/acceptance/nodesets/centos-510-x64.yml +++ /dev/null @@ -1,10 +0,0 @@ -HOSTS: - centos-510-x64: - roles: - - master - platform: el-5-x86_64 - box : centos-510-x64-virtualbox-nocm - box_url : http://puppet-vagrant-boxes.puppetlabs.com/centos-510-x64-virtualbox-nocm.box - hypervisor : vagrant -CONFIG: - type: git diff --git a/inifile/spec/acceptance/nodesets/centos-59-x64.yml b/inifile/spec/acceptance/nodesets/centos-59-x64.yml deleted file mode 100644 index 2ad90b86a..000000000 --- a/inifile/spec/acceptance/nodesets/centos-59-x64.yml +++ /dev/null @@ -1,10 +0,0 @@ -HOSTS: - centos-59-x64: - roles: - - master - platform: el-5-x86_64 - box : centos-59-x64-vbox4210-nocm - box_url : http://puppet-vagrant-boxes.puppetlabs.com/centos-59-x64-vbox4210-nocm.box - hypervisor : vagrant -CONFIG: - type: git diff --git a/inifile/spec/acceptance/nodesets/centos-64-x64-pe.yml b/inifile/spec/acceptance/nodesets/centos-64-x64-pe.yml deleted file mode 100644 index 7d9242f1b..000000000 --- a/inifile/spec/acceptance/nodesets/centos-64-x64-pe.yml +++ /dev/null @@ -1,12 +0,0 @@ -HOSTS: - centos-64-x64: - roles: - - master - - database - - dashboard - platform: el-6-x86_64 - box : centos-64-x64-vbox4210-nocm - box_url : http://puppet-vagrant-boxes.puppetlabs.com/centos-64-x64-vbox4210-nocm.box - hypervisor : vagrant -CONFIG: - type: pe diff --git a/inifile/spec/acceptance/nodesets/centos-64-x64.yml b/inifile/spec/acceptance/nodesets/centos-64-x64.yml deleted file mode 100644 index 063983549..000000000 --- a/inifile/spec/acceptance/nodesets/centos-64-x64.yml +++ /dev/null @@ -1,10 +0,0 @@ -HOSTS: - centos-64-x64: - roles: - - master - platform: el-6-x86_64 - box : centos-64-x64-vbox4210-nocm - box_url : http://puppet-vagrant-boxes.puppetlabs.com/centos-64-x64-vbox4210-nocm.box - hypervisor : vagrant -CONFIG: - type: git diff --git a/inifile/spec/acceptance/nodesets/centos-65-x64.yml b/inifile/spec/acceptance/nodesets/centos-65-x64.yml deleted file mode 100644 index 4e2cb809e..000000000 --- a/inifile/spec/acceptance/nodesets/centos-65-x64.yml +++ /dev/null @@ -1,10 +0,0 @@ -HOSTS: - centos-65-x64: - roles: - - master - platform: el-6-x86_64 - box : centos-65-x64-vbox436-nocm - box_url : http://puppet-vagrant-boxes.puppetlabs.com/centos-65-x64-virtualbox-nocm.box - hypervisor : vagrant -CONFIG: - type: foss diff --git a/inifile/spec/acceptance/nodesets/debian-607-x64.yml b/inifile/spec/acceptance/nodesets/debian-607-x64.yml deleted file mode 100644 index 4c8be42d0..000000000 --- a/inifile/spec/acceptance/nodesets/debian-607-x64.yml +++ /dev/null @@ -1,10 +0,0 @@ -HOSTS: - debian-607-x64: - roles: - - master - platform: debian-6-amd64 - box : debian-607-x64-vbox4210-nocm - box_url : http://puppet-vagrant-boxes.puppetlabs.com/debian-607-x64-vbox4210-nocm.box - hypervisor : vagrant -CONFIG: - type: git diff --git a/inifile/spec/acceptance/nodesets/debian-73-x64.yml b/inifile/spec/acceptance/nodesets/debian-73-x64.yml deleted file mode 100644 index 3e31a8276..000000000 --- a/inifile/spec/acceptance/nodesets/debian-73-x64.yml +++ /dev/null @@ -1,10 +0,0 @@ -HOSTS: - debian-73-x64: - roles: - - master - platform: debian-7-amd64 - box : debian-73-x64-virtualbox-nocm - box_url : http://puppet-vagrant-boxes.puppetlabs.com/debian-73-x64-virtualbox-nocm.box - hypervisor : vagrant -CONFIG: - type: git diff --git a/inifile/spec/acceptance/nodesets/default.yml b/inifile/spec/acceptance/nodesets/default.yml deleted file mode 100644 index 063983549..000000000 --- a/inifile/spec/acceptance/nodesets/default.yml +++ /dev/null @@ -1,10 +0,0 @@ -HOSTS: - centos-64-x64: - roles: - - master - platform: el-6-x86_64 - box : centos-64-x64-vbox4210-nocm - box_url : http://puppet-vagrant-boxes.puppetlabs.com/centos-64-x64-vbox4210-nocm.box - hypervisor : vagrant -CONFIG: - type: git diff --git a/inifile/spec/acceptance/nodesets/fedora-18-x64.yml b/inifile/spec/acceptance/nodesets/fedora-18-x64.yml deleted file mode 100644 index 624b53716..000000000 --- a/inifile/spec/acceptance/nodesets/fedora-18-x64.yml +++ /dev/null @@ -1,10 +0,0 @@ -HOSTS: - fedora-18-x64: - roles: - - master - platform: fedora-18-x86_64 - box : fedora-18-x64-vbox4210-nocm - box_url : http://puppet-vagrant-boxes.puppetlabs.com/fedora-18-x64-vbox4210-nocm.box - hypervisor : vagrant -CONFIG: - type: git diff --git a/inifile/spec/acceptance/nodesets/sles-11sp1-x64.yml b/inifile/spec/acceptance/nodesets/sles-11sp1-x64.yml deleted file mode 100644 index 554c37a50..000000000 --- a/inifile/spec/acceptance/nodesets/sles-11sp1-x64.yml +++ /dev/null @@ -1,10 +0,0 @@ -HOSTS: - sles-11sp1-x64: - roles: - - master - platform: sles-11-x86_64 - box : sles-11sp1-x64-vbox4210-nocm - box_url : http://puppet-vagrant-boxes.puppetlabs.com/sles-11sp1-x64-vbox4210-nocm.box - hypervisor : vagrant -CONFIG: - type: git diff --git a/inifile/spec/acceptance/nodesets/ubuntu-server-10044-x64.yml b/inifile/spec/acceptance/nodesets/ubuntu-server-10044-x64.yml deleted file mode 100644 index 5ca1514e4..000000000 --- a/inifile/spec/acceptance/nodesets/ubuntu-server-10044-x64.yml +++ /dev/null @@ -1,10 +0,0 @@ -HOSTS: - ubuntu-server-10044-x64: - roles: - - master - platform: ubuntu-10.04-amd64 - box : ubuntu-server-10044-x64-vbox4210-nocm - box_url : http://puppet-vagrant-boxes.puppetlabs.com/ubuntu-server-10044-x64-vbox4210-nocm.box - hypervisor : vagrant -CONFIG: - type: foss diff --git a/inifile/spec/acceptance/nodesets/ubuntu-server-12042-x64.yml b/inifile/spec/acceptance/nodesets/ubuntu-server-12042-x64.yml deleted file mode 100644 index d065b304f..000000000 --- a/inifile/spec/acceptance/nodesets/ubuntu-server-12042-x64.yml +++ /dev/null @@ -1,10 +0,0 @@ -HOSTS: - ubuntu-server-12042-x64: - roles: - - master - platform: ubuntu-12.04-amd64 - box : ubuntu-server-12042-x64-vbox4210-nocm - box_url : http://puppet-vagrant-boxes.puppetlabs.com/ubuntu-server-12042-x64-vbox4210-nocm.box - hypervisor : vagrant -CONFIG: - type: foss diff --git a/inifile/spec/acceptance/nodesets/ubuntu-server-1404-x64.yml b/inifile/spec/acceptance/nodesets/ubuntu-server-1404-x64.yml deleted file mode 100644 index cba1cd04c..000000000 --- a/inifile/spec/acceptance/nodesets/ubuntu-server-1404-x64.yml +++ /dev/null @@ -1,11 +0,0 @@ -HOSTS: - ubuntu-server-1404-x64: - roles: - - master - platform: ubuntu-14.04-amd64 - box : puppetlabs/ubuntu-14.04-64-nocm - box_url : https://vagrantcloud.com/puppetlabs/ubuntu-14.04-64-nocm - hypervisor : vagrant -CONFIG: - log_level : debug - type: git diff --git a/inifile/spec/acceptance/nodesets/windows-2003-i386.yml b/inifile/spec/acceptance/nodesets/windows-2003-i386.yml deleted file mode 100644 index eb571eea1..000000000 --- a/inifile/spec/acceptance/nodesets/windows-2003-i386.yml +++ /dev/null @@ -1,24 +0,0 @@ -HOSTS: - ubuntu1204: - roles: - - master - - database - - dashboard - platform: ubuntu-12.04-amd64 - template: ubuntu-1204-x86_64 - hypervisor: vcloud - win2003_i386: - roles: - - agent - - default - platform: windows-2003-i386 - template: win-2003-i386 - hypervisor: vcloud -CONFIG: - nfs_server: none - consoleport: 443 - datastore: instance0 - folder: Delivery/Quality Assurance/Enterprise/Dynamic - resourcepool: delivery/Quality Assurance/Enterprise/Dynamic - pooling_api: http://vcloud.delivery.puppetlabs.net/ - pe_dir: http://neptune.puppetlabs.lan/3.2/ci-ready/ diff --git a/inifile/spec/acceptance/nodesets/windows-2003r2-x86_64.yml b/inifile/spec/acceptance/nodesets/windows-2003r2-x86_64.yml deleted file mode 100644 index e8659a5f8..000000000 --- a/inifile/spec/acceptance/nodesets/windows-2003r2-x86_64.yml +++ /dev/null @@ -1,24 +0,0 @@ -HOSTS: - ubuntu1204: - roles: - - master - - database - - dashboard - platform: ubuntu-12.04-amd64 - template: ubuntu-1204-x86_64 - hypervisor: vcloud - win2003r2_x86_64: - roles: - - agent - - default - platform: windows-2003r2-x86_64 - template: win-2003r2-x86_64 - hypervisor: vcloud -CONFIG: - nfs_server: none - consoleport: 443 - datastore: instance0 - folder: Delivery/Quality Assurance/Enterprise/Dynamic - resourcepool: delivery/Quality Assurance/Enterprise/Dynamic - pooling_api: http://vcloud.delivery.puppetlabs.net/ - pe_dir: http://neptune.puppetlabs.lan/3.3/ci-ready/ diff --git a/inifile/spec/acceptance/nodesets/windows-2008-x86_64.yml b/inifile/spec/acceptance/nodesets/windows-2008-x86_64.yml deleted file mode 100644 index a5ebc4d2c..000000000 --- a/inifile/spec/acceptance/nodesets/windows-2008-x86_64.yml +++ /dev/null @@ -1,24 +0,0 @@ -HOSTS: - ubuntu1204: - roles: - - master - - database - - dashboard - platform: ubuntu-12.04-amd64 - template: ubuntu-1204-x86_64 - hypervisor: vcloud - win2008_x86_64: - roles: - - agent - - default - platform: windows-2008-x86_64 - template: win-2008-x86_64 - hypervisor: vcloud -CONFIG: - nfs_server: none - consoleport: 443 - datastore: instance0 - folder: Delivery/Quality Assurance/Enterprise/Dynamic - resourcepool: delivery/Quality Assurance/Enterprise/Dynamic - pooling_api: http://vcloud.delivery.puppetlabs.net/ - pe_dir: http://neptune.puppetlabs.lan/3.3/ci-ready/ diff --git a/inifile/spec/acceptance/nodesets/windows-2008r2-x86_64.yml b/inifile/spec/acceptance/nodesets/windows-2008r2-x86_64.yml deleted file mode 100644 index d2ddba3e4..000000000 --- a/inifile/spec/acceptance/nodesets/windows-2008r2-x86_64.yml +++ /dev/null @@ -1,24 +0,0 @@ -HOSTS: - ubuntu1204: - roles: - - master - - database - - dashboard - platform: ubuntu-12.04-amd64 - template: ubuntu-1204-x86_64 - hypervisor: vcloud - win2008r2: - roles: - - agent - - default - platform: windows-2008r2-x86_64 - template: win-2008r2-x86_64 - hypervisor: vcloud -CONFIG: - nfs_server: none - consoleport: 443 - datastore: instance0 - folder: Delivery/Quality Assurance/Enterprise/Dynamic - resourcepool: delivery/Quality Assurance/Enterprise/Dynamic - pooling_api: http://vcloud.delivery.puppetlabs.net/ - pe_dir: http://neptune.puppetlabs.lan/3.3/ci-ready/ diff --git a/inifile/spec/acceptance/nodesets/windows-2012-x86_64.yml b/inifile/spec/acceptance/nodesets/windows-2012-x86_64.yml deleted file mode 100644 index deea3761b..000000000 --- a/inifile/spec/acceptance/nodesets/windows-2012-x86_64.yml +++ /dev/null @@ -1,24 +0,0 @@ -HOSTS: - ubuntu1204: - roles: - - master - - database - - dashboard - platform: ubuntu-12.04-amd64 - template: ubuntu-1204-x86_64 - hypervisor: vcloud - win2012: - roles: - - agent - - default - platform: windows-2012-x86_64 - template: win-2012-x86_64 - hypervisor: vcloud -CONFIG: - nfs_server: none - consoleport: 443 - datastore: instance0 - folder: Delivery/Quality Assurance/Enterprise/Dynamic - resourcepool: delivery/Quality Assurance/Enterprise/Dynamic - pooling_api: http://vcloud.delivery.puppetlabs.net/ - pe_dir: http://neptune.puppetlabs.lan/3.3/ci-ready/ diff --git a/inifile/spec/acceptance/nodesets/windows-2012r2-x86_64.yml b/inifile/spec/acceptance/nodesets/windows-2012r2-x86_64.yml deleted file mode 100644 index 8f9149a3e..000000000 --- a/inifile/spec/acceptance/nodesets/windows-2012r2-x86_64.yml +++ /dev/null @@ -1,24 +0,0 @@ -HOSTS: - ubuntu1204: - roles: - - master - - database - - dashboard - platform: ubuntu-12.04-amd64 - template: ubuntu-1204-x86_64 - hypervisor: vcloud - win2012r2: - roles: - - agent - - default - platform: windows-2012r2-x86_64 - template: win-2012r2-x86_64 - hypervisor: vcloud -CONFIG: - nfs_server: none - consoleport: 443 - datastore: instance0 - folder: Delivery/Quality Assurance/Enterprise/Dynamic - resourcepool: delivery/Quality Assurance/Enterprise/Dynamic - pooling_api: http://vcloud.delivery.puppetlabs.net/ - pe_dir: http://neptune.puppetlabs.lan/3.3/ci-ready/ diff --git a/inifile/spec/classes/create_ini_settings_test_spec.rb b/inifile/spec/classes/create_ini_settings_test_spec.rb deleted file mode 100644 index e1c99fe1a..000000000 --- a/inifile/spec/classes/create_ini_settings_test_spec.rb +++ /dev/null @@ -1,25 +0,0 @@ -require 'spec_helper' -# end-to-end test of the create_init_settings function -describe 'create_ini_settings_test' do - it { should have_ini_setting_resource_count(3) } - it { should contain_ini_setting('/tmp/foo.ini section1 setting1').with( - :ensure => 'present', - :section => 'section1', - :setting => 'setting1', - :value => 'val1', - :path => '/tmp/foo.ini' - )} - it { should contain_ini_setting('/tmp/foo.ini section2 setting2').with( - :ensure => 'present', - :section => 'section2', - :setting => 'setting2', - :value => 'val2', - :path => '/tmp/foo.ini' - )} - it { should contain_ini_setting('/tmp/foo.ini section2 setting3').with( - :ensure => 'absent', - :section => 'section2', - :setting => 'setting3', - :path => '/tmp/foo.ini' - )} -end diff --git a/inifile/spec/classes/inherit_test1_spec.rb b/inifile/spec/classes/inherit_test1_spec.rb deleted file mode 100644 index 152584f64..000000000 --- a/inifile/spec/classes/inherit_test1_spec.rb +++ /dev/null @@ -1,10 +0,0 @@ -require 'spec_helper' -# We can't really test much here, apart from the type roundtrips though the -# parser OK. -describe 'inherit_test1' do - it { - should contain_inherit_ini_setting('valid_type').with({ - 'value' => 'true', - }) - } -end diff --git a/inifile/spec/classes/init_spec.rb b/inifile/spec/classes/init_spec.rb deleted file mode 100644 index 14faf53b6..000000000 --- a/inifile/spec/classes/init_spec.rb +++ /dev/null @@ -1,166 +0,0 @@ -require 'spec_helper' -describe 'inifile' do - - describe 'with default options' do - it { should compile.with_all_deps } - it { should contain_class('inifile') } - end - - describe 'with parameter ini_settings_hiera_merge' do - context 'set to an invalid type (non-string and a non-boolean)' do - let(:params) { { :ini_settings_hiera_merge => ['invalid','type'] } } - - it 'should fail' do - expect { - should contain_class('inifile') - }.to raise_error(Puppet::Error,/\["invalid", "type"\] is not a boolean./) - end - end - - ['true',true,'false',false].each do |value| - context "set to #{value}" do - let(:params) { { :ini_settings_hiera_merge => value } } - - it { should contain_class('inifile') } - end - end - end - - describe 'with parameter ini_settings' do - context 'set to an invalid type (non-hash)' do - let(:params) do - { - :ini_settings => ['invalid','type'], - :ini_settings_hiera_merge => false, - } - end - - it 'should fail' do - expect { - should contain_class('inifile') - }.to raise_error(Puppet::Error,/\["invalid", "type"\] is not a Hash./) - end - end - - context 'set to a valid hash' do - let(:params) { { :ini_settings_hiera_merge => false, - :ini_settings => { - 'sample setting' => { - 'ensure' => 'absent', - 'path' => '/tmp/foo.ini', - 'section' => 'foo', - 'setting' => 'foosetting', - 'value' => 'FOO!', - }, - 'colorize_git' => { - 'ensure' => 'present', - 'path' => '/root/.gitconfig', - 'section' => 'color', - 'setting' => 'ui', - 'value' => 'auto', - } - } } } - - it { should contain_class('inifile') } - - it { - should contain_ini_setting('sample setting').with({ - 'ensure' => 'absent', - 'path' => '/tmp/foo.ini', - 'section' => 'foo', - 'setting' => 'foosetting', - 'value' => 'FOO!', - }) - } - - it { - should contain_ini_setting('colorize_git').with({ - 'ensure' => 'present', - 'path' => '/root/.gitconfig', - 'section' => 'color', - 'setting' => 'ui', - 'value' => 'auto', - }) - } - end - end - - describe 'with parameter ini_subsettings_hiera_merge' do - context 'set to an invalid type (non-string and a non-boolean)' do - let(:params) { { :ini_subsettings_hiera_merge => ['invalid','type'] } } - - it 'should fail' do - expect { - should contain_class('inifile') - }.to raise_error(Puppet::Error,/\["invalid", "type"\] is not a boolean./) - end - end - - ['true',true,'false',false].each do |value| - context "set to #{value}" do - let(:params) { { :ini_subsettings_hiera_merge => value } } - - it { should contain_class('inifile') } - end - end - end - - describe 'with parameter ini_subsettings' do - context 'set to an invalid type (non-hash)' do - let(:params) do - { - :ini_subsettings => ['invalid','type'], - :ini_subsettings_hiera_merge => false, - } - end - - it 'should fail' do - expect { - should contain_class('inifile') - }.to raise_error(Puppet::Error,/\["invalid", "type"\] is not a Hash./) - end - end - - context 'set to a valid hash' do - let(:params) { { :ini_subsettings_hiera_merge => false, - :ini_subsettings => { - 'sample setting' => { - 'ensure' => 'absent', - 'path' => '/tmp/foo.ini', - 'section' => 'foo', - 'setting' => 'foosetting', - 'value' => 'FOO!', - }, - 'colorize_git' => { - 'ensure' => 'present', - 'path' => '/root/.gitconfig', - 'section' => 'color', - 'setting' => 'ui', - 'value' => 'auto', - } - } } } - - it { should contain_class('inifile') } - - it { - should contain_ini_subsetting('sample setting').with({ - 'ensure' => 'absent', - 'path' => '/tmp/foo.ini', - 'section' => 'foo', - 'setting' => 'foosetting', - 'value' => 'FOO!', - }) - } - - it { - should contain_ini_subsetting('colorize_git').with({ - 'ensure' => 'present', - 'path' => '/root/.gitconfig', - 'section' => 'color', - 'setting' => 'ui', - 'value' => 'auto', - }) - } - end - end -end diff --git a/inifile/spec/fixtures/modules/create_ini_settings_test/manifests/init.pp b/inifile/spec/fixtures/modules/create_ini_settings_test/manifests/init.pp deleted file mode 100644 index 8e6daf93e..000000000 --- a/inifile/spec/fixtures/modules/create_ini_settings_test/manifests/init.pp +++ /dev/null @@ -1,17 +0,0 @@ -# simple test class -class create_ini_settings_test { - $settings = { section1 => { - setting1 => val1 - }, - section2 => { - setting2 => val2, - setting3 => { - ensure => absent - } - } - } - $defaults = { - path => '/tmp/foo.ini' - } - create_ini_settings($settings,$defaults) -} diff --git a/inifile/spec/fixtures/modules/inherit_ini_setting/lib/puppet/provider/inherit_ini_setting/ini_setting.rb b/inifile/spec/fixtures/modules/inherit_ini_setting/lib/puppet/provider/inherit_ini_setting/ini_setting.rb deleted file mode 100644 index f5e461a20..000000000 --- a/inifile/spec/fixtures/modules/inherit_ini_setting/lib/puppet/provider/inherit_ini_setting/ini_setting.rb +++ /dev/null @@ -1,17 +0,0 @@ -Puppet::Type.type(:inherit_ini_setting).provide( - :ini_setting, - :parent => Puppet::Type.type(:ini_setting).provider(:ruby) -) do - def section - '' # all global - end - - # This type has no sections - def self.namevar(section_name, setting) - setting - end - - def self.file_path - File.expand_path(File.dirname(__FILE__) + '/../../../../../../tmp/inherit_inifile.cfg') - end -end diff --git a/inifile/spec/fixtures/modules/inherit_ini_setting/lib/puppet/type/inherit_ini_setting.rb b/inifile/spec/fixtures/modules/inherit_ini_setting/lib/puppet/type/inherit_ini_setting.rb deleted file mode 100644 index fd939b8ac..000000000 --- a/inifile/spec/fixtures/modules/inherit_ini_setting/lib/puppet/type/inherit_ini_setting.rb +++ /dev/null @@ -1,5 +0,0 @@ -Puppet::Type.newtype(:inherit_ini_setting) do - ensurable - newparam(:setting, :namevar => true) - newproperty(:value) -end diff --git a/inifile/spec/fixtures/modules/inherit_test1/manifests/init.pp b/inifile/spec/fixtures/modules/inherit_test1/manifests/init.pp deleted file mode 100644 index 8f4366077..000000000 --- a/inifile/spec/fixtures/modules/inherit_test1/manifests/init.pp +++ /dev/null @@ -1,5 +0,0 @@ -class inherit_test1 { - inherit_ini_setting { 'valid_type': - value => true, - } -} diff --git a/inifile/spec/fixtures/tmp/.empty b/inifile/spec/fixtures/tmp/.empty deleted file mode 100644 index e69de29bb..000000000 diff --git a/inifile/spec/functions/create_ini_settings_spec.rb b/inifile/spec/functions/create_ini_settings_spec.rb deleted file mode 100644 index 4fe817fa0..000000000 --- a/inifile/spec/functions/create_ini_settings_spec.rb +++ /dev/null @@ -1,24 +0,0 @@ -#! /usr/bin/env ruby - -require 'spec_helper' -require 'rspec-puppet' - -describe 'create_ini_settings' do - before :each do - Puppet::Parser::Functions.autoloader.loadall - Puppet::Parser::Functions.function(:create_resources) - end - - describe 'argument handling' do - it { is_expected.to run.with_params.and_raise_error(Puppet::ParseError, /0 for 1 or 2/) } - it { is_expected.to run.with_params(1,2,3).and_raise_error(Puppet::ParseError, /3 for 1 or 2/) } - it { is_expected.to run.with_params('foo').and_raise_error(Puppet::ParseError, /Requires all arguments/) } - it { is_expected.to run.with_params({},'foo').and_raise_error(Puppet::ParseError, /Requires all arguments/) } - - it { is_expected.to run.with_params({}) } - it { is_expected.to run.with_params({},{}) } - - it { is_expected.to run.with_params({ 'section' => { 'setting' => 'value' }}).and_raise_error(Puppet::ParseError, /must pass the path parameter/) } - it { is_expected.to run.with_params({ 1 => 2 }).and_raise_error(Puppet::ParseError, /Section 1 must contain a Hash/) } - end -end diff --git a/inifile/spec/spec.opts b/inifile/spec/spec.opts deleted file mode 100644 index 91cd6427e..000000000 --- a/inifile/spec/spec.opts +++ /dev/null @@ -1,6 +0,0 @@ ---format -s ---colour ---loadby -mtime ---backtrace diff --git a/inifile/spec/spec_helper.rb b/inifile/spec/spec_helper.rb deleted file mode 100644 index 22d5d689f..000000000 --- a/inifile/spec/spec_helper.rb +++ /dev/null @@ -1,8 +0,0 @@ -#This file is generated by ModuleSync, do not edit. -require 'puppetlabs_spec_helper/module_spec_helper' - -# put local configuration and setup into spec_helper_local -begin - require 'spec_helper_local' -rescue LoadError -end diff --git a/inifile/spec/spec_helper_acceptance.rb b/inifile/spec/spec_helper_acceptance.rb deleted file mode 100644 index dd1f1f0f5..000000000 --- a/inifile/spec/spec_helper_acceptance.rb +++ /dev/null @@ -1,23 +0,0 @@ -require 'beaker-rspec/spec_helper' -require 'beaker-rspec/helpers/serverspec' -require 'beaker/puppet_install_helper' - -run_puppet_install_helper - -RSpec.configure do |c| - # Project root - proj_root = File.expand_path(File.join(File.dirname(__FILE__), '..')) - - # Readable test descriptions - c.formatter = :documentation - - # Configure all nodes in nodeset - c.before :suite do - # Install module and dependencies - hosts.each do |host| - copy_root_module_to(host, :source => proj_root, :module_name => 'inifile') - end - end - - c.treat_symbols_as_metadata_keys_with_true_values = true -end diff --git a/inifile/spec/spec_helper_local.rb b/inifile/spec/spec_helper_local.rb deleted file mode 100644 index e35501c56..000000000 --- a/inifile/spec/spec_helper_local.rb +++ /dev/null @@ -1,3 +0,0 @@ -RSpec.configure do |config| - config.mock_with :rspec -end diff --git a/inifile/spec/unit/puppet/provider/ini_setting/inheritance_spec.rb b/inifile/spec/unit/puppet/provider/ini_setting/inheritance_spec.rb deleted file mode 100644 index 4dd6c3f5b..000000000 --- a/inifile/spec/unit/puppet/provider/ini_setting/inheritance_spec.rb +++ /dev/null @@ -1,67 +0,0 @@ -require 'spec_helper' - -# This is a reduced version of ruby_spec.rb just to ensure we can subclass as -# documented -$: << 'spec/fixtures/modules/inherit_ini_setting/lib' -provider_class = Puppet::Type.type(:inherit_ini_setting).provider(:ini_setting) -describe provider_class do - include PuppetlabsSpec::Files - - let(:tmpfile) { tmpfilename('inherit_ini_setting_test') } - - def validate_file(expected_content,tmpfile = tmpfile) - File.read(tmpfile).should == expected_content - end - - - before :each do - File.open(tmpfile, 'w') do |fh| - fh.write(orig_content) - end - end - - context 'when calling instances' do - let(:orig_content) { '' } - - it 'should parse nothing when the file is empty' do - provider_class.stubs(:file_path).returns(tmpfile) - provider_class.instances.should == [] - end - - context 'when the file has contents' do - let(:orig_content) { - <<-EOS -# A comment -red = blue -green = purple - EOS - } - - it 'should parse the results' do - provider_class.stubs(:file_path).returns(tmpfile) - instances = provider_class.instances - instances.size.should == 2 - # inherited version of namevar flattens the names - names = instances.map do |instance| - instance.instance_variable_get(:@property_hash)[:name] - end - names.sort.should == [ 'green', 'red' ] - end - end - end - - context 'when ensuring that a setting is present' do - let(:orig_content) { '' } - - it 'should add a value to the file' do - provider_class.stubs(:file_path).returns(tmpfile) - resource = Puppet::Type::Inherit_ini_setting.new({ - :setting => 'set_this', - :value => 'to_that', - }) - provider = described_class.new(resource) - provider.create - validate_file("set_this=to_that\n") - end - end -end diff --git a/inifile/spec/unit/puppet/provider/ini_setting/ruby_spec.rb b/inifile/spec/unit/puppet/provider/ini_setting/ruby_spec.rb deleted file mode 100644 index 16c3a53b8..000000000 --- a/inifile/spec/unit/puppet/provider/ini_setting/ruby_spec.rb +++ /dev/null @@ -1,1498 +0,0 @@ -require 'spec_helper' -require 'puppet' - -provider_class = Puppet::Type.type(:ini_setting).provider(:ruby) -describe provider_class do - include PuppetlabsSpec::Files - - let(:tmpfile) { tmpfilename("ini_setting_test") } - let(:emptyfile) { tmpfilename("ini_setting_test_empty") } - - let(:common_params) { { - :title => 'ini_setting_ensure_present_test', - :path => tmpfile, - :section => 'section2', - } } - - def validate_file(expected_content,tmpfile = tmpfile) - File.read(tmpfile).should == expected_content - end - - - before :each do - File.open(tmpfile, 'w') do |fh| - fh.write(orig_content) - end - File.open(emptyfile, 'w') do |fh| - fh.write("") - end - end - - context 'when calling instances' do - - let :orig_content do - '' - end - - it 'should fail when file path is not set' do - expect { - provider_class.instances - }.to raise_error(Puppet::Error, 'Ini_settings only support collecting instances when a file path is hard coded') - end - - context 'when file path is set by a child class' do - it 'should return [] when file is empty' do - child_one = Class.new(provider_class) do - def self.file_path - emptyfile - end - end - child_one.stubs(:file_path).returns(emptyfile) - child_one.instances.should == [] - end - it 'should override the provider instances file_path' do - child_two = Class.new(provider_class) do - def self.file_path - '/some/file/path' - end - end - resource = Puppet::Type::Ini_setting.new(common_params) - provider = child_two.new(resource) - provider.file_path.should == '/some/file/path' - end - context 'when file has contecnts' do - let(:orig_content) { - <<-EOS -# This is a comment -[section1] -; This is also a comment -foo=foovalue - -bar = barvalue -master = true -[section2] - -foo= foovalue2 -baz=bazvalue -url = http://192.168.1.1:8080 -[section:sub] -subby=bar - #another comment - ; yet another comment - EOS - } - - it 'should be able to parse the results' do - child_three = Class.new(provider_class) do - def self.file_path - '/some/file/path' - end - end - child_three.stubs(:file_path).returns(tmpfile) - child_three.instances.size.should eq(7) - expected_array = [ - {:name => 'section1/foo', :value => 'foovalue' }, - {:name => 'section1/bar', :value => 'barvalue' }, - {:name => 'section1/master', :value => 'true' }, - {:name => 'section2/foo', :value => 'foovalue2' }, - {:name => 'section2/baz', :value => 'bazvalue' }, - {:name => 'section2/url', :value => 'http://192.168.1.1:8080' }, - {:name => 'section:sub/subby', :value => 'bar' } - ] - real_array = [] - ensure_array = [] - child_three.instances.each do |x| - prop_hash = x.instance_variable_get(:@property_hash) - ensure_value = prop_hash.delete(:ensure) - ensure_array.push(ensure_value) - real_array.push(prop_hash) - end - ensure_array.uniq.should eq([:present]) - ((real_array - expected_array) && (expected_array - real_array)).should == [] - - end - - end - - end - - end - - context "when ensuring that a setting is present" do - let(:orig_content) { - <<-EOS -# This is a comment -[section1] -; This is also a comment -foo=foovalue - -bar = barvalue -master = true -[section2] - -foo= foovalue2 -baz=bazvalue -url = http://192.168.1.1:8080 -[section:sub] -subby=bar - #another comment - ; yet another comment - --nonstandard- - shoes = purple - EOS - } - - it "should add a missing setting to the correct section" do - resource = Puppet::Type::Ini_setting.new(common_params.merge( - :setting => 'yahoo', :value => 'yippee')) - provider = described_class.new(resource) - provider.exists?.should be false - provider.create - validate_file(<<-EOS -# This is a comment -[section1] -; This is also a comment -foo=foovalue - -bar = barvalue -master = true -[section2] - -foo= foovalue2 -baz=bazvalue -url = http://192.168.1.1:8080 -yahoo = yippee -[section:sub] -subby=bar - #another comment - ; yet another comment - --nonstandard- - shoes = purple - EOS -) - end - - it "should add a missing setting to the correct section with pre/suffix" do - resource = Puppet::Type::Ini_setting.new(common_params.merge( - :section => 'nonstandard', - :setting => 'yahoo', :value => 'yippee', - :section_prefix => '-', :section_suffix => '-')) - provider = described_class.new(resource) - provider.exists?.should be false - provider.create - validate_file(<<-EOS -# This is a comment -[section1] -; This is also a comment -foo=foovalue - -bar = barvalue -master = true -[section2] - -foo= foovalue2 -baz=bazvalue -url = http://192.168.1.1:8080 -[section:sub] -subby=bar - #another comment - ; yet another comment - --nonstandard- - shoes = purple - yahoo = yippee - EOS -) - end - - it "should add a missing setting to the correct section with colon" do - resource = Puppet::Type::Ini_setting.new(common_params.merge( - :section => 'section:sub', :setting => 'yahoo', :value => 'yippee')) - provider = described_class.new(resource) - provider.exists?.should be false - provider.create - validate_file(<<-EOS -# This is a comment -[section1] -; This is also a comment -foo=foovalue - -bar = barvalue -master = true -[section2] - -foo= foovalue2 -baz=bazvalue -url = http://192.168.1.1:8080 -[section:sub] -subby=bar - #another comment - ; yet another comment - --nonstandard- - shoes = purple -yahoo = yippee - EOS -) - end - - it "should modify an existing setting with a different value" do - resource = Puppet::Type::Ini_setting.new(common_params.merge( - :setting => 'baz', :value => 'bazvalue2')) - provider = described_class.new(resource) - provider.exists?.should be true - provider.value=('bazvalue2') - validate_file(<<-EOS -# This is a comment -[section1] -; This is also a comment -foo=foovalue - -bar = barvalue -master = true -[section2] - -foo= foovalue2 -baz=bazvalue2 -url = http://192.168.1.1:8080 -[section:sub] -subby=bar - #another comment - ; yet another comment - --nonstandard- - shoes = purple - EOS - ) - end - - it "should modify an existing setting with pre/suffix with a different value" do - resource = Puppet::Type::Ini_setting.new(common_params.merge( - :section => 'nonstandard', - :setting => 'shoes', :value => 'orange', - :section_prefix => '-', :section_suffix => '-' )) - provider = described_class.new(resource) - provider.exists?.should be true - provider.value=('orange') - validate_file(<<-EOS -# This is a comment -[section1] -; This is also a comment -foo=foovalue - -bar = barvalue -master = true -[section2] - -foo= foovalue2 -baz=bazvalue -url = http://192.168.1.1:8080 -[section:sub] -subby=bar - #another comment - ; yet another comment - --nonstandard- - shoes = orange - EOS - ) - end - - it "should modify an existing setting with a different value - with colon in section" do - resource = Puppet::Type::Ini_setting.new(common_params.merge( - :section => 'section:sub', :setting => 'subby', :value => 'foo')) - provider = described_class.new(resource) - provider.exists?.should be true - provider.value.should eq('bar') - provider.value=('foo') - validate_file(<<-EOS -# This is a comment -[section1] -; This is also a comment -foo=foovalue - -bar = barvalue -master = true -[section2] - -foo= foovalue2 -baz=bazvalue -url = http://192.168.1.1:8080 -[section:sub] -subby=foo - #another comment - ; yet another comment - --nonstandard- - shoes = purple - EOS - ) - end - - it "should be able to handle settings with non alphanumbering settings " do - resource = Puppet::Type::Ini_setting.new(common_params.merge( - :setting => 'url', :value => 'http://192.168.0.1:8080')) - provider = described_class.new(resource) - provider.exists?.should be true - provider.value.should eq('http://192.168.1.1:8080') - provider.value=('http://192.168.0.1:8080') - - validate_file( <<-EOS -# This is a comment -[section1] -; This is also a comment -foo=foovalue - -bar = barvalue -master = true -[section2] - -foo= foovalue2 -baz=bazvalue -url = http://192.168.0.1:8080 -[section:sub] -subby=bar - #another comment - ; yet another comment - --nonstandard- - shoes = purple - EOS - ) - end - - it "should be able to handle settings with pre/suffix with non alphanumbering settings " do - resource = Puppet::Type::Ini_setting.new(common_params.merge( - :section => 'nonstandard', - :setting => 'shoes', :value => 'http://192.168.0.1:8080', - :section_prefix => '-', :section_suffix => '-' )) - provider = described_class.new(resource) - provider.exists?.should be true - provider.value.should eq('purple') - provider.value=('http://192.168.0.1:8080') - - validate_file( <<-EOS -# This is a comment -[section1] -; This is also a comment -foo=foovalue - -bar = barvalue -master = true -[section2] - -foo= foovalue2 -baz=bazvalue -url = http://192.168.1.1:8080 -[section:sub] -subby=bar - #another comment - ; yet another comment - --nonstandard- - shoes = http://192.168.0.1:8080 - EOS - ) - end - - it "should recognize an existing setting with the specified value" do - resource = Puppet::Type::Ini_setting.new(common_params.merge( - :setting => 'baz', :value => 'bazvalue')) - provider = described_class.new(resource) - provider.exists?.should be true - end - - it "should recognize an existing setting with pre/suffix with the specified value" do - resource = Puppet::Type::Ini_setting.new(common_params.merge( - :section => 'nonstandard', - :setting => 'shoes', :value => 'purple', - :section_prefix => '-', :section_suffix => '-' )) - provider = described_class.new(resource) - provider.exists?.should be true - end - - it "should add a new section if the section does not exist" do - resource = Puppet::Type::Ini_setting.new(common_params.merge( - :section => "section3", :setting => 'huzzah', :value => 'shazaam')) - provider = described_class.new(resource) - provider.exists?.should be false - provider.create - validate_file(<<-EOS -# This is a comment -[section1] -; This is also a comment -foo=foovalue - -bar = barvalue -master = true -[section2] - -foo= foovalue2 -baz=bazvalue -url = http://192.168.1.1:8080 -[section:sub] -subby=bar - #another comment - ; yet another comment - --nonstandard- - shoes = purple - -[section3] -huzzah = shazaam - EOS - ) - end - - it "should add a new section with pre/suffix if the section does not exist" do - resource = Puppet::Type::Ini_setting.new(common_params.merge( - :section => "section3", :setting => 'huzzah', :value => 'shazaam', - :section_prefix => '-', :section_suffix => '-' )) - provider = described_class.new(resource) - provider.exists?.should be false - provider.create - validate_file(<<-EOS -# This is a comment -[section1] -; This is also a comment -foo=foovalue - -bar = barvalue -master = true -[section2] - -foo= foovalue2 -baz=bazvalue -url = http://192.168.1.1:8080 -[section:sub] -subby=bar - #another comment - ; yet another comment - --nonstandard- - shoes = purple - --section3- -huzzah = shazaam - EOS - ) - end - - it "should add a new section if the section does not exist - with colon" do - resource = Puppet::Type::Ini_setting.new(common_params.merge( - :section => "section:subsection", :setting => 'huzzah', :value => 'shazaam')) - provider = described_class.new(resource) - provider.exists?.should be false - provider.create - validate_file(<<-EOS -# This is a comment -[section1] -; This is also a comment -foo=foovalue - -bar = barvalue -master = true -[section2] - -foo= foovalue2 -baz=bazvalue -url = http://192.168.1.1:8080 -[section:sub] -subby=bar - #another comment - ; yet another comment - --nonstandard- - shoes = purple - -[section:subsection] -huzzah = shazaam - EOS - ) - end - - it "should add a new section with pre/suffix if the section does not exist - with colon" do - resource = Puppet::Type::Ini_setting.new(common_params.merge( - :section => "section:subsection", :setting => 'huzzah', :value => 'shazaam', - :section_prefix => '-', :section_suffix => '-' )) - provider = described_class.new(resource) - provider.exists?.should be false - provider.create - validate_file(<<-EOS -# This is a comment -[section1] -; This is also a comment -foo=foovalue - -bar = barvalue -master = true -[section2] - -foo= foovalue2 -baz=bazvalue -url = http://192.168.1.1:8080 -[section:sub] -subby=bar - #another comment - ; yet another comment - --nonstandard- - shoes = purple - --section:subsection- -huzzah = shazaam - EOS - ) - end - - it "should add a new section if no sections exists" do - resource = Puppet::Type::Ini_setting.new(common_params.merge( - :section => "section1", :setting => 'setting1', :value => 'hellowworld', :path => emptyfile)) - provider = described_class.new(resource) - provider.exists?.should be false - provider.create - validate_file(" -[section1] -setting1 = hellowworld -", emptyfile) - end - - it "should add a new section with pre/suffix if no sections exists" do - resource = Puppet::Type::Ini_setting.new(common_params.merge( - :section => "section1", :setting => 'setting1', :value => 'hellowworld', :path => emptyfile, - :section_prefix => '-', :section_suffix => '-' )) - provider = described_class.new(resource) - provider.exists?.should be false - provider.create - validate_file(" --section1- -setting1 = hellowworld -", emptyfile) - end - - it "should add a new section with colon if no sections exists" do - resource = Puppet::Type::Ini_setting.new(common_params.merge( - :section => "section:subsection", :setting => 'setting1', :value => 'hellowworld', :path => emptyfile)) - provider = described_class.new(resource) - provider.exists?.should be false - provider.create - validate_file(" -[section:subsection] -setting1 = hellowworld -", emptyfile) - end - - it "should add a new section with pre/suffix with colon if no sections exists" do - resource = Puppet::Type::Ini_setting.new(common_params.merge( - :section => "section:subsection", :setting => 'setting1', :value => 'hellowworld', :path => emptyfile, - :section_prefix => '-', :section_suffix => '-' )) - provider = described_class.new(resource) - provider.exists?.should be false - provider.create - validate_file(" --section:subsection- -setting1 = hellowworld -", emptyfile) - end - it "should be able to handle variables of any type" do - resource = Puppet::Type::Ini_setting.new(common_params.merge( - :section => "section1", :setting => 'master', :value => true)) - provider = described_class.new(resource) - provider.exists?.should be true - provider.value.should == 'true' - end - - end - - context "when dealing with a global section" do - let(:orig_content) { - <<-EOS -# This is a comment -foo=blah -[section2] -foo = http://192.168.1.1:8080 - ; yet another comment - EOS - } - - - it "should add a missing setting if it doesn't exist" do - resource = Puppet::Type::Ini_setting.new(common_params.merge( - :section => '', :setting => 'bar', :value => 'yippee')) - provider = described_class.new(resource) - provider.exists?.should be false - provider.create - validate_file(<<-EOS -# This is a comment -foo=blah -bar = yippee -[section2] -foo = http://192.168.1.1:8080 - ; yet another comment - EOS - ) - end - - it "should modify an existing setting with a different value" do - resource = Puppet::Type::Ini_setting.new(common_params.merge( - :section => '', :setting => 'foo', :value => 'yippee')) - provider = described_class.new(resource) - provider.exists?.should be true - provider.value.should eq('blah') - provider.value=('yippee') - validate_file(<<-EOS -# This is a comment -foo=yippee -[section2] -foo = http://192.168.1.1:8080 - ; yet another comment - EOS - ) - end - - it "should recognize an existing setting with the specified value" do - resource = Puppet::Type::Ini_setting.new(common_params.merge( - :section => '', :setting => 'foo', :value => 'blah')) - provider = described_class.new(resource) - provider.exists?.should be true - end - end - - context "when the first line of the file is a section" do - let(:orig_content) { - <<-EOS -[section2] -foo = http://192.168.1.1:8080 - EOS - } - - it "should be able to add a global setting" do - resource = Puppet::Type::Ini_setting.new(common_params.merge( - :section => '', :setting => 'foo', :value => 'yippee')) - provider = described_class.new(resource) - provider.exists?.should be false - provider.create - validate_file(<<-EOS -foo = yippee - -[section2] -foo = http://192.168.1.1:8080 - EOS - ) - end - - it "should modify an existing setting" do - resource = Puppet::Type::Ini_setting.new(common_params.merge( - :section => 'section2', :setting => 'foo', :value => 'yippee')) - provider = described_class.new(resource) - provider.exists?.should be true - provider.value.should eq('http://192.168.1.1:8080') - provider.value=('yippee') - validate_file(<<-EOS -[section2] -foo = yippee - EOS - ) - end - - it "should add a new setting" do - resource = Puppet::Type::Ini_setting.new(common_params.merge( - :section => 'section2', :setting => 'bar', :value => 'baz')) - provider = described_class.new(resource) - provider.exists?.should be false - provider.create - validate_file(<<-EOS -[section2] -foo = http://192.168.1.1:8080 -bar = baz - EOS - ) - end - end - - context "when overriding the separator" do - let(:orig_content) { - <<-EOS -[section2] -foo=bar - EOS - } - - it "should modify an existing setting" do - resource = Puppet::Type::Ini_setting.new(common_params.merge( - :section => 'section2', - :setting => 'foo', - :value => 'yippee', - :key_val_separator => '=')) - provider = described_class.new(resource) - provider.exists?.should be true - provider.value.should eq('bar') - provider.value=('yippee') - validate_file(<<-EOS -[section2] -foo=yippee - EOS - ) - end - - end - - context "when overriding the separator to something other than =" do - let(:orig_content) { - <<-EOS -[section2] -foo: bar - EOS - } - - it "should modify an existing setting" do - resource = Puppet::Type::Ini_setting.new(common_params.merge( - :section => 'section2', - :setting => 'foo', - :value => 'yippee', - :key_val_separator => ': ')) - provider = described_class.new(resource) - provider.exists?.should be true - provider.value.should eq('bar') - provider.value=('yippee') - validate_file(<<-EOS -[section2] -foo: yippee - EOS - ) - end - - it "should add a new setting" do - resource = Puppet::Type::Ini_setting.new(common_params.merge( - :section => 'section2', - :setting => 'bar', - :value => 'baz', - :key_val_separator => ': ')) - provider = described_class.new(resource) - provider.exists?.should be false - provider.create - validate_file(<<-EOS -[section2] -foo: bar -bar: baz - EOS - ) - end - - end - - context "when overriding the separator to a space" do - let(:orig_content) { - <<-EOS -[section2] -foo bar - EOS - } - - it "should modify an existing setting" do - resource = Puppet::Type::Ini_setting.new(common_params.merge( - :section => 'section2', - :setting => 'foo', - :value => 'yippee', - :key_val_separator => ' ')) - provider = described_class.new(resource) - provider.exists?.should be true - provider.value.should eq('bar') - provider.value=('yippee') - validate_file(<<-EOS -[section2] -foo yippee - EOS - ) - end - - it "should add a new setting" do - resource = Puppet::Type::Ini_setting.new(common_params.merge( - :section => 'section2', - :setting => 'bar', - :value => 'baz', - :key_val_separator => ' ')) - provider = described_class.new(resource) - provider.exists?.should be false - provider.create - validate_file(<<-EOS -[section2] -foo bar -bar baz - EOS - ) - end - end - - context "when ensuring that a setting is absent" do - let(:orig_content) { - <<-EOS -[section1] -; This is also a comment -foo=foovalue - -bar = barvalue -master = true -[section2] - -foo= foovalue2 -baz=bazvalue -url = http://192.168.1.1:8080 -[section3] -# com = ment -uncom = ment -[section4] -uncom = ment -[section:sub] -subby=bar - #another comment - ; yet another comment - - -nonstandard- - shoes = purple -EOS - } - - it "should remove a setting that exists" do - resource = Puppet::Type::Ini_setting.new(common_params.merge( - :section => 'section1', :setting => 'foo', :ensure => 'absent')) - provider = described_class.new(resource) - provider.exists?.should be true - provider.destroy - validate_file(<<-EOS -[section1] -; This is also a comment - -bar = barvalue -master = true -[section2] - -foo= foovalue2 -baz=bazvalue -url = http://192.168.1.1:8080 -[section3] -# com = ment -uncom = ment -[section4] -uncom = ment -[section:sub] -subby=bar - #another comment - ; yet another comment - - -nonstandard- - shoes = purple -EOS - ) - end - - it "should remove a setting with pre/suffix that exists" do - resource = Puppet::Type::Ini_setting.new(common_params.merge( - :section => 'nonstandard', :setting => 'shoes', :ensure => 'absent', - :section_prefix => '-', :section_suffix => '-' )) - provider = described_class.new(resource) - provider.exists?.should be true - provider.destroy - validate_file(<<-EOS -[section1] -; This is also a comment -foo=foovalue - -bar = barvalue -master = true -[section2] - -foo= foovalue2 -baz=bazvalue -url = http://192.168.1.1:8080 -[section3] -# com = ment -uncom = ment -[section4] -uncom = ment -[section:sub] -subby=bar - #another comment - ; yet another comment - -EOS - ) - end - - it "should do nothing for a setting that does not exist" do - resource = Puppet::Type::Ini_setting.new(common_params.merge( - :section => 'section:sub', :setting => 'foo', :ensure => 'absent')) - provider = described_class.new(resource) - provider.exists?.should be false - provider.destroy - validate_file(<<-EOS -[section1] -; This is also a comment -foo=foovalue - -bar = barvalue -master = true -[section2] - -foo= foovalue2 -baz=bazvalue -url = http://192.168.1.1:8080 -[section3] -# com = ment -uncom = ment -[section4] -uncom = ment -[section:sub] -subby=bar - #another comment - ; yet another comment - - -nonstandard- - shoes = purple - EOS - ) - end - - it "should do nothing for a setting with pre/suffix that does not exist" do - resource = Puppet::Type::Ini_setting.new(common_params.merge( - :section => 'nonstandard', :setting => 'foo', :ensure => 'absent', - :section_prefix => '-', :section_suffix => '-' )) - provider = described_class.new(resource) - provider.exists?.should be false - provider.destroy - validate_file(<<-EOS -[section1] -; This is also a comment -foo=foovalue - -bar = barvalue -master = true -[section2] - -foo= foovalue2 -baz=bazvalue -url = http://192.168.1.1:8080 -[section3] -# com = ment -uncom = ment -[section4] -uncom = ment -[section:sub] -subby=bar - #another comment - ; yet another comment - - -nonstandard- - shoes = purple - EOS - ) - end - - it "does not remove a section when the last uncommented setting is removed if there are comments" do - resource = Puppet::Type::Ini_setting.new(common_params.merge( - :section => 'section3', - :setting => 'uncom', - :ensure => 'absent', - )) - provider = described_class.new(resource) - provider.exists?.should be true - provider.destroy - validate_file(<<-EOS -[section1] -; This is also a comment -foo=foovalue - -bar = barvalue -master = true -[section2] - -foo= foovalue2 -baz=bazvalue -url = http://192.168.1.1:8080 -[section3] -# com = ment -[section4] -uncom = ment -[section:sub] -subby=bar - #another comment - ; yet another comment - - -nonstandard- - shoes = purple - EOS - ) - end - - it "removes the section when removing the last line in the section" do - resource = Puppet::Type::Ini_setting.new(common_params.merge( - :section => 'section4', - :setting => 'uncom', - :ensure => 'absent', - )) - provider = described_class.new(resource) - provider.exists?.should be true - provider.destroy - validate_file(<<-EOS -[section1] -; This is also a comment -foo=foovalue - -bar = barvalue -master = true -[section2] - -foo= foovalue2 -baz=bazvalue -url = http://192.168.1.1:8080 -[section3] -# com = ment -uncom = ment -[section:sub] -subby=bar - #another comment - ; yet another comment - - -nonstandard- - shoes = purple - EOS - ) - end - end - - context "when dealing with indentation in sections" do - let(:orig_content) { - <<-EOS -# This is a comment - [section1] - ; This is also a comment - foo=foovalue - - bar = barvalue - master = true - -[section2] - foo= foovalue2 - baz=bazvalue - url = http://192.168.1.1:8080 -[section:sub] - subby=bar - #another comment - fleezy = flam - ; yet another comment - EOS - } - - it "should add a missing setting at the correct indentation when the header is aligned" do - resource = Puppet::Type::Ini_setting.new(common_params.merge( - :section => 'section1', :setting => 'yahoo', :value => 'yippee')) - provider = described_class.new(resource) - provider.exists?.should be false - provider.create - validate_file(<<-EOS -# This is a comment - [section1] - ; This is also a comment - foo=foovalue - - bar = barvalue - master = true - yahoo = yippee - -[section2] - foo= foovalue2 - baz=bazvalue - url = http://192.168.1.1:8080 -[section:sub] - subby=bar - #another comment - fleezy = flam - ; yet another comment - EOS - ) - end - - it "should update an existing setting at the correct indentation when the header is aligned" do - resource = Puppet::Type::Ini_setting.new( - common_params.merge(:section => 'section1', :setting => 'bar', :value => 'barvalue2')) - provider = described_class.new(resource) - provider.exists?.should be true - provider.create - validate_file(<<-EOS -# This is a comment - [section1] - ; This is also a comment - foo=foovalue - - bar = barvalue2 - master = true - -[section2] - foo= foovalue2 - baz=bazvalue - url = http://192.168.1.1:8080 -[section:sub] - subby=bar - #another comment - fleezy = flam - ; yet another comment - EOS - ) - end - - it "should add a missing setting at the correct indentation when the header is not aligned" do - resource = Puppet::Type::Ini_setting.new(common_params.merge( - :section => 'section2', :setting => 'yahoo', :value => 'yippee')) - provider = described_class.new(resource) - provider.exists?.should be false - provider.create - validate_file(<<-EOS -# This is a comment - [section1] - ; This is also a comment - foo=foovalue - - bar = barvalue - master = true - -[section2] - foo= foovalue2 - baz=bazvalue - url = http://192.168.1.1:8080 - yahoo = yippee -[section:sub] - subby=bar - #another comment - fleezy = flam - ; yet another comment - EOS - ) - end - - it "should update an existing setting at the correct indentation when the header is not aligned" do - resource = Puppet::Type::Ini_setting.new( - common_params.merge(:section => 'section2', :setting => 'baz', :value => 'bazvalue2')) - provider = described_class.new(resource) - provider.exists?.should be true - provider.create - validate_file(<<-EOS -# This is a comment - [section1] - ; This is also a comment - foo=foovalue - - bar = barvalue - master = true - -[section2] - foo= foovalue2 - baz=bazvalue2 - url = http://192.168.1.1:8080 -[section:sub] - subby=bar - #another comment - fleezy = flam - ; yet another comment - EOS - ) - end - - it "should add a missing setting at the min indentation when the section is not aligned" do - resource = Puppet::Type::Ini_setting.new( - common_params.merge(:section => 'section:sub', :setting => 'yahoo', :value => 'yippee')) - provider = described_class.new(resource) - provider.exists?.should be false - provider.create - validate_file(<<-EOS -# This is a comment - [section1] - ; This is also a comment - foo=foovalue - - bar = barvalue - master = true - -[section2] - foo= foovalue2 - baz=bazvalue - url = http://192.168.1.1:8080 -[section:sub] - subby=bar - #another comment - fleezy = flam - ; yet another comment - yahoo = yippee - EOS - ) - end - - it "should update an existing setting at the previous indentation when the section is not aligned" do - resource = Puppet::Type::Ini_setting.new( - common_params.merge(:section => 'section:sub', :setting => 'fleezy', :value => 'flam2')) - provider = described_class.new(resource) - provider.exists?.should be true - provider.create - validate_file(<<-EOS -# This is a comment - [section1] - ; This is also a comment - foo=foovalue - - bar = barvalue - master = true - -[section2] - foo= foovalue2 - baz=bazvalue - url = http://192.168.1.1:8080 -[section:sub] - subby=bar - #another comment - fleezy = flam2 - ; yet another comment - EOS - ) - end - - end - - - context "when dealing settings that have a commented version present" do - let(:orig_content) { - <<-EOS - [section1] - # foo=foovalue - bar=barvalue - foo = foovalue2 - -[section2] -# foo = foovalue -;bar=barvalue -blah = blah -#baz= - EOS - } - - it "should add a new setting below a commented version of that setting" do - resource = Puppet::Type::Ini_setting.new( - common_params.merge(:section => 'section2', :setting => 'foo', :value => 'foo3')) - provider = described_class.new(resource) - provider.exists?.should be false - provider.create - validate_file(<<-EOS - [section1] - # foo=foovalue - bar=barvalue - foo = foovalue2 - -[section2] -# foo = foovalue -foo = foo3 -;bar=barvalue -blah = blah -#baz= - EOS - ) - end - - it "should update an existing setting in place, even if there is a commented version of that setting" do - resource = Puppet::Type::Ini_setting.new( - common_params.merge(:section => 'section1', :setting => 'foo', :value => 'foo3')) - provider = described_class.new(resource) - provider.exists?.should be true - provider.create - validate_file(<<-EOS - [section1] - # foo=foovalue - bar=barvalue - foo = foo3 - -[section2] -# foo = foovalue -;bar=barvalue -blah = blah -#baz= - EOS - ) - end - - it "should add a new setting below a commented version of that setting, respecting semicolons as comments" do - resource = Puppet::Type::Ini_setting.new( - common_params.merge(:section => 'section2', :setting => 'bar', :value => 'bar3')) - provider = described_class.new(resource) - provider.exists?.should be false - provider.create - validate_file(<<-EOS - [section1] - # foo=foovalue - bar=barvalue - foo = foovalue2 - -[section2] -# foo = foovalue -;bar=barvalue -bar=bar3 -blah = blah -#baz= - EOS - ) - end - - it "should add a new setting below an empty commented version of that setting" do - resource = Puppet::Type::Ini_setting.new( - common_params.merge(:section => 'section2', :setting => 'baz', :value => 'bazvalue')) - provider = described_class.new(resource) - provider.exists?.should be false - provider.create - validate_file(<<-EOS - [section1] - # foo=foovalue - bar=barvalue - foo = foovalue2 - -[section2] -# foo = foovalue -;bar=barvalue -blah = blah -#baz= -baz=bazvalue - EOS - ) - end - - context 'when a section only contains comments' do - let(:orig_content) { - <<-EOS -[section1] -# foo=foovalue -# bar=bar2 -EOS - } - it 'should be able to add a new setting when a section contains only comments' do - resource = Puppet::Type::Ini_setting.new( - common_params.merge(:section => 'section1', :setting => 'foo', :value => 'foovalue2') - ) - provider = described_class.new(resource) - provider.exists?.should be false - provider.create - validate_file(<<-EOS -[section1] -# foo=foovalue -foo=foovalue2 -# bar=bar2 - EOS - ) - end - it 'should be able to add a new setting when it matches a commented out line other than the first one' do - resource = Puppet::Type::Ini_setting.new( - common_params.merge(:section => 'section1', :setting => 'bar', :value => 'barvalue2') - ) - provider = described_class.new(resource) - provider.exists?.should be false - provider.create - validate_file(<<-EOS -[section1] -# foo=foovalue -# bar=bar2 -bar=barvalue2 - EOS - ) - end - end - - context "when sections have spaces and dashes" do - let(:orig_content) { - <<-EOS -# This is a comment -[section - one] -; This is also a comment -foo=foovalue - -bar = barvalue -master = true -[section - two] - -foo= foovalue2 -baz=bazvalue -url = http://192.168.1.1:8080 -[section:sub] -subby=bar - #another comment - ; yet another comment - EOS - } - - it "should add a missing setting to the correct section" do - resource = Puppet::Type::Ini_setting.new(common_params.merge( - :section => 'section - two', :setting => 'yahoo', :value => 'yippee')) - provider = described_class.new(resource) - provider.exists?.should be false - provider.create - validate_file(<<-EOS -# This is a comment -[section - one] -; This is also a comment -foo=foovalue - -bar = barvalue -master = true -[section - two] - -foo= foovalue2 -baz=bazvalue -url = http://192.168.1.1:8080 -yahoo = yippee -[section:sub] -subby=bar - #another comment - ; yet another comment - EOS - ) - end - - end - - end - - context "when sections have spaces and quotations" do - let(:orig_content) do - <<-EOS -[branch "master"] - remote = origin - merge = refs/heads/master - -[alias] -to-deploy = log --merges --grep='pull request' --format='%s (%cN)' origin/production..origin/master -[branch "production"] - remote = origin - merge = refs/heads/production - EOS - end - - it "should add a missing setting to the correct section" do - resource = Puppet::Type::Ini_setting.new(common_params.merge( - :section => 'alias', - :setting => 'foo', - :value => 'bar' - )) - provider = described_class.new(resource) - provider.exists?.should be false - provider.create - validate_file(<<-EOS -[branch "master"] - remote = origin - merge = refs/heads/master - -[alias] -to-deploy = log --merges --grep='pull request' --format='%s (%cN)' origin/production..origin/master -foo = bar -[branch "production"] - remote = origin - merge = refs/heads/production - EOS - ) - end - end -end diff --git a/inifile/spec/unit/puppet/provider/ini_subsetting/ruby_spec.rb b/inifile/spec/unit/puppet/provider/ini_subsetting/ruby_spec.rb deleted file mode 100644 index ca9b07a46..000000000 --- a/inifile/spec/unit/puppet/provider/ini_subsetting/ruby_spec.rb +++ /dev/null @@ -1,181 +0,0 @@ -require 'spec_helper' -require 'puppet' - -provider_class = Puppet::Type.type(:ini_subsetting).provider(:ruby) -describe provider_class do - include PuppetlabsSpec::Files - - let(:tmpfile) { tmpfilename("ini_setting_test") } - - def validate_file(expected_content,tmpfile = tmpfile) - File.read(tmpfile).should == expected_content - end - - - before :each do - File.open(tmpfile, 'w') do |fh| - fh.write(orig_content) - end - end - - context "when ensuring that a subsetting is present" do - let(:common_params) { { - :title => 'ini_setting_ensure_present_test', - :path => tmpfile, - :section => '', - :key_val_separator => '=', - :setting => 'JAVA_ARGS', - } } - - let(:orig_content) { - <<-EOS -JAVA_ARGS="-Xmx192m -XX:+HeapDumpOnOutOfMemoryError -XX:HeapDumpPath=/var/log/pe-puppetdb/puppetdb-oom.hprof" - EOS - } - - it "should add a missing subsetting" do - resource = Puppet::Type::Ini_subsetting.new(common_params.merge( - :subsetting => '-Xms', :value => '128m')) - provider = described_class.new(resource) - provider.exists?.should be_nil - provider.create - validate_file(<<-EOS -JAVA_ARGS="-Xmx192m -XX:+HeapDumpOnOutOfMemoryError -XX:HeapDumpPath=/var/log/pe-puppetdb/puppetdb-oom.hprof -Xms128m" - EOS -) - end - - it "should remove an existing subsetting" do - resource = Puppet::Type::Ini_subsetting.new(common_params.merge( - :subsetting => '-Xmx')) - provider = described_class.new(resource) - provider.exists?.should == "192m" - provider.destroy - validate_file(<<-EOS -JAVA_ARGS="-XX:+HeapDumpOnOutOfMemoryError -XX:HeapDumpPath=/var/log/pe-puppetdb/puppetdb-oom.hprof" - EOS -) - end - - it "should modify an existing subsetting" do - resource = Puppet::Type::Ini_subsetting.new(common_params.merge( - :subsetting => '-Xmx', :value => '256m')) - provider = described_class.new(resource) - provider.exists?.should == "192m" - provider.value=('256m') - validate_file(<<-EOS -JAVA_ARGS="-Xmx256m -XX:+HeapDumpOnOutOfMemoryError -XX:HeapDumpPath=/var/log/pe-puppetdb/puppetdb-oom.hprof" - EOS -) - end - end - - context "when working with subsettings in files with unquoted settings values" do - let(:common_params) { { - :title => 'ini_setting_ensure_present_test', - :path => tmpfile, - :section => 'master', - :setting => 'reports', - } } - - let(:orig_content) { - <<-EOS -[master] - -reports = http,foo - EOS - } - - it "should remove an existing subsetting" do - resource = Puppet::Type::Ini_subsetting.new(common_params.merge( - :subsetting => 'http', :subsetting_separator => ',')) - provider = described_class.new(resource) - provider.exists?.should == "" - provider.destroy - validate_file(<<-EOS -[master] - -reports = foo - EOS - ) - end - - it "should add a new subsetting when the 'parent' setting already exists" do - resource = Puppet::Type::Ini_subsetting.new(common_params.merge( - :subsetting => 'puppetdb', :subsetting_separator => ',')) - provider = described_class.new(resource) - provider.exists?.should be_nil - provider.value=('') - validate_file(<<-EOS -[master] - -reports = http,foo,puppetdb - EOS - ) - end - - it "should add a new subsetting when the 'parent' setting does not already exist" do - resource = Puppet::Type::Ini_subsetting.new(common_params.merge( - :setting => 'somenewsetting', - :subsetting => 'puppetdb', - :subsetting_separator => ',')) - provider = described_class.new(resource) - provider.exists?.should be_nil - provider.value=('') - validate_file(<<-EOS -[master] - -reports = http,foo -somenewsetting = puppetdb - EOS - ) - end - - end - - context "when working with subsettings in files with use_exact_match" do - let(:common_params) { { - :title => 'ini_setting_ensure_present_test', - :path => tmpfile, - :section => 'master', - :setting => 'reports', - :use_exact_match => true, - } } - - let(:orig_content) { - <<-EOS -[master] - -reports = http,foo - EOS - } - - it "should add a new subsetting when the 'parent' setting already exists" do - resource = Puppet::Type::Ini_subsetting.new(common_params.merge( - :subsetting => 'fo', :subsetting_separator => ',')) - provider = described_class.new(resource) - provider.value=('') - validate_file(<<-eos -[master] - -reports = http,foo,fo - eos - ) - end - - it "should not remove substring subsettings" do - resource = Puppet::Type::Ini_subsetting.new(common_params.merge( - :subsetting => 'fo', :subsetting_separator => ',')) - provider = described_class.new(resource) - provider.value=('') - provider.destroy - validate_file(<<-EOS -[master] - -reports = http,foo - EOS - ) - end - end - -end diff --git a/inifile/spec/unit/puppet/type/ini_setting_spec.rb b/inifile/spec/unit/puppet/type/ini_setting_spec.rb deleted file mode 100644 index 3869c42a3..000000000 --- a/inifile/spec/unit/puppet/type/ini_setting_spec.rb +++ /dev/null @@ -1,63 +0,0 @@ -#! /usr/bin/env ruby -require 'spec_helper' - -ini_setting = Puppet::Type.type(:ini_setting) - -describe ini_setting do - - [true, false].product([true, false, "true", "false", "md5", :md5]).each do |cfg, param| - describe "when Puppet[:show_diff] is #{cfg} and show_diff => #{param}" do - - before do - Puppet[:show_diff] = cfg - @value = described_class.new(:name => 'foo', :value => 'whatever', :show_diff => param).property(:value) - end - - if (cfg and [true, "true"].include? param) - it "should display diff" do - expect(@value.change_to_s('not_secret','at_all')).to include('not_secret','at_all') - end - - it "should tell current value" do - expect(@value.is_to_s('not_secret_at_all')).to eq('not_secret_at_all') - end - - it "should tell new value" do - expect(@value.should_to_s('not_secret_at_all')).to eq('not_secret_at_all') - end - elsif (cfg and ["md5", :md5].include? param) - it "should tell correct md5 hash for value" do - expect(@value.change_to_s('not_secret','at_all')).to include('e9e8db547f8960ef32dbc34029735564','46cd73a9509ba78c39f05faf078a8cbe') - expect(@value.change_to_s('not_secret','at_all')).not_to include('not_secret') - expect(@value.change_to_s('not_secret','at_all')).not_to include('at_all') - end - - it "should tell md5 of current value, but not value itself" do - expect(@value.is_to_s('not_secret_at_all')).to eq('{md5}218fde79f501b8ab8d212f1059bb857f') - expect(@value.is_to_s('not_secret_at_all')).not_to include('not_secret_at_all') - end - - it "should tell md5 of new value, but not value itself" do - expect(@value.should_to_s('not_secret_at_all')).to eq('{md5}218fde79f501b8ab8d212f1059bb857f') - expect(@value.should_to_s('not_secret_at_all')).not_to include('not_secret_at_all') - end - else - it "should not tell any actual values" do - expect(@value.change_to_s('not_secret','at_all')).to include('[redacted sensitive information]') - expect(@value.change_to_s('not_secret','at_all')).not_to include('not_secret') - expect(@value.change_to_s('not_secret','at_all')).not_to include('at_all') - end - - it "should not tell current value" do - expect(@value.is_to_s('not_secret_at_all')).to eq('[redacted sensitive information]') - expect(@value.is_to_s('not_secret_at_all')).not_to include('not_secret_at_all') - end - - it "should not tell new value" do - expect(@value.should_to_s('not_secret_at_all')).to eq('[redacted sensitive information]') - expect(@value.should_to_s('not_secret_at_all')).not_to include('not_secret_at_all') - end - end - end - end -end diff --git a/inifile/spec/unit/puppet/type/ini_subetting_spec.rb b/inifile/spec/unit/puppet/type/ini_subetting_spec.rb deleted file mode 100644 index 4bc6f3017..000000000 --- a/inifile/spec/unit/puppet/type/ini_subetting_spec.rb +++ /dev/null @@ -1,62 +0,0 @@ -#! /usr/bin/env ruby -require 'spec_helper' - -ini_subsetting = Puppet::Type.type(:ini_subsetting) - -describe ini_subsetting do - [true, false].product([true, false, :md5]).each do |cfg, param| - describe "when Puppet[:show_diff] is #{cfg} and show_diff => #{param}" do - - before do - Puppet[:show_diff] = cfg - @value = described_class.new(:name => 'foo', :value => 'whatever', :show_diff => param).property(:value) - end - - if (cfg and param == true) - it "should display diff" do - expect(@value.change_to_s('not_secret','at_all')).to include('not_secret','at_all') - end - - it "should tell current value" do - expect(@value.is_to_s('not_secret_at_all')).to eq('not_secret_at_all') - end - - it "should tell new value" do - expect(@value.should_to_s('not_secret_at_all')).to eq('not_secret_at_all') - end - elsif (cfg and param == :md5) - it "should tell correct md5 hash for value" do - expect(@value.change_to_s('not_secret','at_all')).to include('e9e8db547f8960ef32dbc34029735564','46cd73a9509ba78c39f05faf078a8cbe') - expect(@value.change_to_s('not_secret','at_all')).not_to include('not_secret') - expect(@value.change_to_s('not_secret','at_all')).not_to include('at_all') - end - - it "should tell md5 of current value, but not value itself" do - expect(@value.is_to_s('not_secret_at_all')).to eq('{md5}218fde79f501b8ab8d212f1059bb857f') - expect(@value.is_to_s('not_secret_at_all')).not_to include('not_secret_at_all') - end - - it "should tell md5 of new value, but not value itself" do - expect(@value.should_to_s('not_secret_at_all')).to eq('{md5}218fde79f501b8ab8d212f1059bb857f') - expect(@value.should_to_s('not_secret_at_all')).not_to include('not_secret_at_all') - end - else - it "should not tell any actual values" do - expect(@value.change_to_s('not_secret','at_all')).to include('[redacted sensitive information]') - expect(@value.change_to_s('not_secret','at_all')).not_to include('not_secret') - expect(@value.change_to_s('not_secret','at_all')).not_to include('at_all') - end - - it "should not tell current value" do - expect(@value.is_to_s('not_secret_at_all')).to eq('[redacted sensitive information]') - expect(@value.is_to_s('not_secret_at_all')).not_to include('not_secret_at_all') - end - - it "should not tell new value" do - expect(@value.should_to_s('not_secret_at_all')).to eq('[redacted sensitive information]') - expect(@value.should_to_s('not_secret_at_all')).not_to include('not_secret_at_all') - end - end - end - end -end diff --git a/inifile/spec/unit/puppet/util/external_iterator_spec.rb b/inifile/spec/unit/puppet/util/external_iterator_spec.rb deleted file mode 100644 index 92b17af44..000000000 --- a/inifile/spec/unit/puppet/util/external_iterator_spec.rb +++ /dev/null @@ -1,35 +0,0 @@ -require 'spec_helper' -require 'puppet/util/external_iterator' - -describe Puppet::Util::ExternalIterator do - let(:subject) { Puppet::Util::ExternalIterator.new(["a", "b", "c"]) } - - context "#next" do - it "should iterate over the items" do - subject.next.should == ["a", 0] - subject.next.should == ["b", 1] - subject.next.should == ["c", 2] - end - end - - context "#peek" do - it "should return the 0th item repeatedly" do - subject.peek.should == ["a", 0] - subject.peek.should == ["a", 0] - end - - it "should not advance the iterator, but should reflect calls to #next" do - subject.peek.should == ["a", 0] - subject.peek.should == ["a", 0] - subject.next.should == ["a", 0] - subject.peek.should == ["b", 1] - subject.next.should == ["b", 1] - subject.peek.should == ["c", 2] - subject.next.should == ["c", 2] - subject.peek.should == [nil, nil] - subject.next.should == [nil, nil] - end - end - - -end diff --git a/inifile/spec/unit/puppet/util/ini_file_spec.rb b/inifile/spec/unit/puppet/util/ini_file_spec.rb deleted file mode 100644 index 7a92090a3..000000000 --- a/inifile/spec/unit/puppet/util/ini_file_spec.rb +++ /dev/null @@ -1,287 +0,0 @@ -require 'spec_helper' -require 'stringio' -require 'puppet/util/ini_file' - -describe Puppet::Util::IniFile do - let(:subject) { Puppet::Util::IniFile.new("/my/ini/file/path") } - - before :each do - File.should_receive(:file?).with("/my/ini/file/path") { true } - described_class.should_receive(:readlines).once.with("/my/ini/file/path") do - sample_content - end - end - - context "when parsing a file" do - let(:sample_content) { - template = <<-EOS -# This is a comment -[section1] -; This is also a comment -foo=foovalue - -bar = barvalue -baz = -[section2] - -foo= foovalue2 -baz=bazvalue - ; commented = out setting - #another comment - ; yet another comment - zot = multi word value - xyzzy['thing1']['thing2']=xyzzyvalue - l=git log - EOS - template.split("\n") - } - - it "should parse the correct number of sections" do - # there is always a "global" section, so our count should be 3. - subject.section_names.length.should == 3 - end - - it "should parse the correct section_names" do - # there should always be a "global" section named "" at the beginning of the list - subject.section_names.should == ["", "section1", "section2"] - end - - it "should expose settings for sections" do - subject.get_settings("section1").should == { - "bar" => "barvalue", - "baz" => "", - "foo" => "foovalue" - } - - subject.get_settings("section2").should == { - "baz" => "bazvalue", - "foo" => "foovalue2", - "l" => "git log", - "xyzzy['thing1']['thing2']" => "xyzzyvalue", - "zot" => "multi word value" - } - end - - end - - context "when parsing a file whose first line is a section" do - let(:sample_content) { - template = <<-EOS -[section1] -; This is a comment -foo=foovalue - EOS - template.split("\n") - } - - it "should parse the correct number of sections" do - # there is always a "global" section, so our count should be 2. - subject.section_names.length.should == 2 - end - - it "should parse the correct section_names" do - # there should always be a "global" section named "" at the beginning of the list - subject.section_names.should == ["", "section1"] - end - - it "should expose settings for sections" do - subject.get_value("section1", "foo").should == "foovalue" - end - - end - - context "when parsing a file with a 'global' section" do - let(:sample_content) { - template = <<-EOS -foo = bar -[section1] -; This is a comment -foo=foovalue - EOS - template.split("\n") - } - - it "should parse the correct number of sections" do - # there is always a "global" section, so our count should be 2. - subject.section_names.length.should == 2 - end - - it "should parse the correct section_names" do - # there should always be a "global" section named "" at the beginning of the list - subject.section_names.should == ["", "section1"] - end - - it "should expose settings for sections" do - subject.get_value("", "foo").should == "bar" - subject.get_value("section1", "foo").should == "foovalue" - end - end - - context "when updating a file with existing empty values" do - let(:sample_content) { - template = <<-EOS -[section1] -foo= -#bar= -#xyzzy['thing1']['thing2']='xyzzyvalue' - EOS - template.split("\n") - } - - it "should properly update uncommented values" do - subject.get_value("section1", "far").should == nil - subject.set_value("section1", "foo", "foovalue") - subject.get_value("section1", "foo").should == "foovalue" - end - - it "should properly update commented values" do - subject.get_value("section1", "bar").should == nil - subject.set_value("section1", "bar", "barvalue") - subject.get_value("section1", "bar").should == "barvalue" - subject.get_value("section1", "xyzzy['thing1']['thing2']").should == nil - subject.set_value("section1", "xyzzy['thing1']['thing2']", "xyzzyvalue") - subject.get_value("section1", "xyzzy['thing1']['thing2']").should == "xyzzyvalue" - end - - it "should properly add new empty values" do - subject.get_value("section1", "baz").should == nil - subject.set_value("section1", "baz", "bazvalue") - subject.get_value("section1", "baz").should == "bazvalue" - end - end - - context 'the file has quotation marks in its section names' do - let(:sample_content) do - template = <<-EOS -[branch "master"] - remote = origin - merge = refs/heads/master - -[alias] -to-deploy = log --merges --grep='pull request' --format='%s (%cN)' origin/production..origin/master -[branch "production"] - remote = origin - merge = refs/heads/production - EOS - template.split("\n") - end - - it 'should parse the sections' do - subject.section_names.should match_array ['', - 'branch "master"', - 'alias', - 'branch "production"' - ] - end - end - - context 'Samba INI file with dollars in section names' do - let(:sample_content) do - template = <<-EOS - [global] - workgroup = FELLOWSHIP - ; ... - idmap config * : backend = tdb - - [printers] - comment = All Printers - ; ... - browseable = No - - [print$] - comment = Printer Drivers - path = /var/lib/samba/printers - - [Shares] - path = /home/shares - read only = No - guest ok = Yes - EOS - template.split("\n") - end - - it "should parse the correct section_names" do - subject.section_names.should match_array [ - '', - 'global', - 'printers', - 'print$', - 'Shares' - ] - end - end - - context 'section names with forward slashes in them' do - let(:sample_content) do - template = <<-EOS -[monitor:///var/log/*.log] -disabled = test_value - EOS - template.split("\n") - end - - it "should parse the correct section_names" do - subject.section_names.should match_array [ - '', - 'monitor:///var/log/*.log' - ] - end - end - - context 'KDE Configuration with braces in setting names' do - let(:sample_content) do - template = <<-EOS - [khotkeys] -_k_friendly_name=khotkeys -{5465e8c7-d608-4493-a48f-b99d99fdb508}=Print,none,PrintScreen -{d03619b6-9b3c-48cc-9d9c-a2aadb485550}=Search,none,Search -EOS - template.split("\n") - end - - it "should expose settings for sections" do - subject.get_value("khotkeys", "{5465e8c7-d608-4493-a48f-b99d99fdb508}").should == "Print,none,PrintScreen" - subject.get_value("khotkeys", "{d03619b6-9b3c-48cc-9d9c-a2aadb485550}").should == "Search,none,Search" - end - end - - context 'Configuration with colons in setting names' do - let(:sample_content) do - template = <<-EOS - [Drive names] -A:=5.25" Floppy -B:=3.5" Floppy -C:=Winchester -EOS - template.split("\n") - end - - it "should expose settings for sections" do - subject.get_value("Drive names", "A:").should eq '5.25" Floppy' - subject.get_value("Drive names", "B:").should eq '3.5" Floppy' - subject.get_value("Drive names", "C:").should eq 'Winchester' - end - end - - context 'Configuration with spaces in setting names' do - let(:sample_content) do - template = <<-EOS - [global] - # log files split per-machine: - log file = /var/log/samba/log.%m - - kerberos method = system keytab - passdb backend = tdbsam - security = ads -EOS - template.split("\n") - end - - it "should expose settings for sections" do - subject.get_value("global", "log file").should eq '/var/log/samba/log.%m' - subject.get_value("global", "kerberos method").should eq 'system keytab' - subject.get_value("global", "passdb backend").should eq 'tdbsam' - subject.get_value("global", "security").should eq 'ads' - end - end -end diff --git a/inifile/spec/unit/puppet/util/setting_value_spec.rb b/inifile/spec/unit/puppet/util/setting_value_spec.rb deleted file mode 100644 index 8514724c3..000000000 --- a/inifile/spec/unit/puppet/util/setting_value_spec.rb +++ /dev/null @@ -1,103 +0,0 @@ -require 'spec_helper' -require 'puppet/util/setting_value' - -describe Puppet::Util::SettingValue do - - describe "space subsetting separator" do - INIT_VALUE_SPACE = "\"-Xmx192m -XX:+HeapDumpOnOutOfMemoryError -XX:HeapDumpPath=/var/log/pe-puppetdb/puppetdb-oom.hprof\"" - - before :each do - @setting_value = Puppet::Util::SettingValue.new(INIT_VALUE_SPACE, " ") - end - - it "should get the original value" do - @setting_value.get_value.should == INIT_VALUE_SPACE - end - - it "should get the correct value" do - @setting_value.get_subsetting_value("-Xmx").should == "192m" - end - - it "should add a new value" do - @setting_value.add_subsetting("-Xms", "256m") - @setting_value.get_subsetting_value("-Xms").should == "256m" - @setting_value.get_value.should == INIT_VALUE_SPACE[0, INIT_VALUE_SPACE.length - 1] + " -Xms256m\"" - end - - it "should change existing value" do - @setting_value.add_subsetting("-Xmx", "512m") - @setting_value.get_subsetting_value("-Xmx").should == "512m" - end - - it "should remove existing value" do - @setting_value.remove_subsetting("-Xmx") - @setting_value.get_subsetting_value("-Xmx").should == nil - end - end - - describe "comma subsetting separator" do - INIT_VALUE_COMMA = "\"-Xmx192m,-XX:+HeapDumpOnOutOfMemoryError,-XX:HeapDumpPath=/var/log/pe-puppetdb/puppetdb-oom.hprof\"" - - before :each do - @setting_value = Puppet::Util::SettingValue.new(INIT_VALUE_COMMA, ",") - end - - it "should get the original value" do - @setting_value.get_value.should == INIT_VALUE_COMMA - end - - it "should get the correct value" do - @setting_value.get_subsetting_value("-Xmx").should == "192m" - end - - it "should add a new value" do - @setting_value.add_subsetting("-Xms", "256m") - @setting_value.get_subsetting_value("-Xms").should == "256m" - @setting_value.get_value.should == INIT_VALUE_COMMA[0, INIT_VALUE_COMMA.length - 1] + ",-Xms256m\"" - end - - it "should change existing value" do - @setting_value.add_subsetting("-Xmx", "512m") - @setting_value.get_subsetting_value("-Xmx").should == "512m" - end - - it "should remove existing value" do - @setting_value.remove_subsetting("-Xmx") - @setting_value.get_subsetting_value("-Xmx").should == nil - end - end - - describe "quote_char parameter" do - QUOTE_CHAR = '"' - INIT_VALUE_UNQUOTED = '-Xmx192m -XX:+HeapDumpOnOutOfMemoryError -XX:HeapDumpPath=/var/log/pe-puppetdb/puppetdb-oom.hprof' - - it "should get quoted empty string if original value was empty" do - setting_value = Puppet::Util::SettingValue.new(nil, ' ', QUOTE_CHAR) - setting_value.get_value.should == QUOTE_CHAR * 2 - end - - it "should quote the setting when adding a value" do - setting_value = Puppet::Util::SettingValue.new(INIT_VALUE_UNQUOTED, ' ', QUOTE_CHAR) - setting_value.add_subsetting("-Xms", "256m") - - setting_value.get_subsetting_value("-Xms").should == "256m" - setting_value.get_value.should == QUOTE_CHAR + INIT_VALUE_UNQUOTED + ' -Xms256m' + QUOTE_CHAR - end - - it "should quote the setting when changing an existing value" do - setting_value = Puppet::Util::SettingValue.new(INIT_VALUE_UNQUOTED, ' ', QUOTE_CHAR) - setting_value.add_subsetting("-Xmx", "512m") - - setting_value.get_subsetting_value("-Xmx").should == "512m" - setting_value.get_value.should =~ /^#{Regexp.quote(QUOTE_CHAR)}.*#{Regexp.quote(QUOTE_CHAR)}$/ - end - - it "should quote the setting when removing an existing value" do - setting_value = Puppet::Util::SettingValue.new(INIT_VALUE_UNQUOTED, ' ', QUOTE_CHAR) - setting_value.remove_subsetting("-Xmx") - - setting_value.get_subsetting_value("-Xmx").should == nil - setting_value.get_value.should =~ /^#{Regexp.quote(QUOTE_CHAR)}.*#{Regexp.quote(QUOTE_CHAR)}$/ - end - end -end diff --git a/ironic/.gitignore b/ironic/.gitignore deleted file mode 100644 index 61092bdaf..000000000 --- a/ironic/.gitignore +++ /dev/null @@ -1,15 +0,0 @@ -pkg/ -Gemfile.lock -vendor/ -spec/fixtures/ -.vagrant/ -.bundle/ -coverage/ -.idea/ -*.swp -*.iml -openstack/ - -# Files created by releasenotes build -releasenotes/build -.tox diff --git a/ironic/.gitreview b/ironic/.gitreview deleted file mode 100644 index 0cd003682..000000000 --- a/ironic/.gitreview +++ /dev/null @@ -1,5 +0,0 @@ -[gerrit] -host=review.openstack.org -port=29418 -project=openstack/puppet-ironic.git -defaultbranch=stable/mitaka diff --git a/ironic/CHANGELOG.md b/ironic/CHANGELOG.md deleted file mode 100644 index 14f5e47ab..000000000 --- a/ironic/CHANGELOG.md +++ /dev/null @@ -1,67 +0,0 @@ -## 8.0.0 and beyond - -From 8.0.0 release and beyond, release notes are published on -[docs.openstack.org](http://docs.openstack.org/releasenotes/puppet-ironic/). - -##2015-11-25 - 7.0.0 -###Summary - -This is a backwards-incompatible major release for OpenStack Liberty. - -####Backwards-incompatible changes -- change section name for AMQP qpid parameters -- change section name for AMQP rabbit parameters - -####Features -- add ironic::db::sync -- add bifrost manifest -- reflect provider change in puppet-openstacklib -- put all the logging related parameters to the logging class -- add ironic-inspector support -- simplify rpc_backend parameter -- introduce ironic::db class -- db: Use postgresql lib class for psycopg package -- allow customization of db sync command line -- allow customization of force_power_state_during_sync -- add ironic::config class -- add tag to package and service resources -- add support for identity_uri - -####Bugfixes -- rely on autorequire for config resource ordering -- fixed the comment for port in ironic api.pp -- add BOOTIF=${mac} to the inspector iPXE template - -####Maintenance -- acceptance: enable debug & verbosity for OpenStack logs -- initial msync run for all Puppet OpenStack modules -- fix rspec 3.x syntax -- acceptance: install openstack-selinux on redhat plateforms -- try to use zuul-cloner to prepare fixtures -- remove class_parameter_defaults puppet-lint check -- acceptance: use common bits from puppet-openstack-integration - -##2015-10-14 - 6.1.0 -###Summary - -This is a feature and maintenance release in the Kilo series. - -####Features -- Create Heat Domain with Keystone_domain resource - -####Maintenance -- Remove deprecated parameter stack_user_domain -- acceptance: checkout stable/kilo puppet modules - -##2015-10-15 - 6.1.0 -###Summary - -This is a maintenance release in the Kilo series - -####Maintenance -- acceptance: checkout stable/kilo puppet modules - -##2015-07-08 - 6.0.0 -###Summary - -- Initial release of the puppet-ironic module diff --git a/ironic/Gemfile b/ironic/Gemfile deleted file mode 100644 index 5728ff7e7..000000000 --- a/ironic/Gemfile +++ /dev/null @@ -1,22 +0,0 @@ -source ENV['GEM_SOURCE'] || "https://rubygems.org" - -group :development, :test, :system_tests do - gem 'puppet-openstack_spec_helper', - :git => 'https://git.openstack.org/openstack/puppet-openstack_spec_helper', - :branch => 'stable/mitaka', - :require => false -end - -if facterversion = ENV['FACTER_GEM_VERSION'] - gem 'facter', facterversion, :require => false -else - gem 'facter', :require => false -end - -if puppetversion = ENV['PUPPET_GEM_VERSION'] - gem 'puppet', puppetversion, :require => false -else - gem 'puppet', :require => false -end - -# vim:ft=ruby diff --git a/ironic/LICENSE b/ironic/LICENSE deleted file mode 100644 index 68c771a09..000000000 --- a/ironic/LICENSE +++ /dev/null @@ -1,176 +0,0 @@ - - Apache License - Version 2.0, January 2004 - http://www.apache.org/licenses/ - - TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION - - 1. Definitions. - - "License" shall mean the terms and conditions for use, reproduction, - and distribution as defined by Sections 1 through 9 of this document. - - "Licensor" shall mean the copyright owner or entity authorized by - the copyright owner that is granting the License. - - "Legal Entity" shall mean the union of the acting entity and all - other entities that control, are controlled by, or are under common - control with that entity. For the purposes of this definition, - "control" means (i) the power, direct or indirect, to cause the - direction or management of such entity, whether by contract or - otherwise, or (ii) ownership of fifty percent (50%) or more of the - outstanding shares, or (iii) beneficial ownership of such entity. - - "You" (or "Your") shall mean an individual or Legal Entity - exercising permissions granted by this License. - - "Source" form shall mean the preferred form for making modifications, - including but not limited to software source code, documentation - source, and configuration files. - - "Object" form shall mean any form resulting from mechanical - transformation or translation of a Source form, including but - not limited to compiled object code, generated documentation, - and conversions to other media types. - - "Work" shall mean the work of authorship, whether in Source or - Object form, made available under the License, as indicated by a - copyright notice that is included in or attached to the work - (an example is provided in the Appendix below). - - "Derivative Works" shall mean any work, whether in Source or Object - form, that is based on (or derived from) the Work and for which the - editorial revisions, annotations, elaborations, or other modifications - represent, as a whole, an original work of authorship. For the purposes - of this License, Derivative Works shall not include works that remain - separable from, or merely link (or bind by name) to the interfaces of, - the Work and Derivative Works thereof. - - "Contribution" shall mean any work of authorship, including - the original version of the Work and any modifications or additions - to that Work or Derivative Works thereof, that is intentionally - submitted to Licensor for inclusion in the Work by the copyright owner - or by an individual or Legal Entity authorized to submit on behalf of - the copyright owner. For the purposes of this definition, "submitted" - means any form of electronic, verbal, or written communication sent - to the Licensor or its representatives, including but not limited to - communication on electronic mailing lists, source code control systems, - and issue tracking systems that are managed by, or on behalf of, the - Licensor for the purpose of discussing and improving the Work, but - excluding communication that is conspicuously marked or otherwise - designated in writing by the copyright owner as "Not a Contribution." - - "Contributor" shall mean Licensor and any individual or Legal Entity - on behalf of whom a Contribution has been received by Licensor and - subsequently incorporated within the Work. - - 2. Grant of Copyright License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - copyright license to reproduce, prepare Derivative Works of, - publicly display, publicly perform, sublicense, and distribute the - Work and such Derivative Works in Source or Object form. - - 3. Grant of Patent License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - (except as stated in this section) patent license to make, have made, - use, offer to sell, sell, import, and otherwise transfer the Work, - where such license applies only to those patent claims licensable - by such Contributor that are necessarily infringed by their - Contribution(s) alone or by combination of their Contribution(s) - with the Work to which such Contribution(s) was submitted. If You - institute patent litigation against any entity (including a - cross-claim or counterclaim in a lawsuit) alleging that the Work - or a Contribution incorporated within the Work constitutes direct - or contributory patent infringement, then any patent licenses - granted to You under this License for that Work shall terminate - as of the date such litigation is filed. - - 4. Redistribution. You may reproduce and distribute copies of the - Work or Derivative Works thereof in any medium, with or without - modifications, and in Source or Object form, provided that You - meet the following conditions: - - (a) You must give any other recipients of the Work or - Derivative Works a copy of this License; and - - (b) You must cause any modified files to carry prominent notices - stating that You changed the files; and - - (c) You must retain, in the Source form of any Derivative Works - that You distribute, all copyright, patent, trademark, and - attribution notices from the Source form of the Work, - excluding those notices that do not pertain to any part of - the Derivative Works; and - - (d) If the Work includes a "NOTICE" text file as part of its - distribution, then any Derivative Works that You distribute must - include a readable copy of the attribution notices contained - within such NOTICE file, excluding those notices that do not - pertain to any part of the Derivative Works, in at least one - of the following places: within a NOTICE text file distributed - as part of the Derivative Works; within the Source form or - documentation, if provided along with the Derivative Works; or, - within a display generated by the Derivative Works, if and - wherever such third-party notices normally appear. The contents - of the NOTICE file are for informational purposes only and - do not modify the License. You may add Your own attribution - notices within Derivative Works that You distribute, alongside - or as an addendum to the NOTICE text from the Work, provided - that such additional attribution notices cannot be construed - as modifying the License. - - You may add Your own copyright statement to Your modifications and - may provide additional or different license terms and conditions - for use, reproduction, or distribution of Your modifications, or - for any such Derivative Works as a whole, provided Your use, - reproduction, and distribution of the Work otherwise complies with - the conditions stated in this License. - - 5. Submission of Contributions. Unless You explicitly state otherwise, - any Contribution intentionally submitted for inclusion in the Work - by You to the Licensor shall be under the terms and conditions of - this License, without any additional terms or conditions. - Notwithstanding the above, nothing herein shall supersede or modify - the terms of any separate license agreement you may have executed - with Licensor regarding such Contributions. - - 6. Trademarks. This License does not grant permission to use the trade - names, trademarks, service marks, or product names of the Licensor, - except as required for reasonable and customary use in describing the - origin of the Work and reproducing the content of the NOTICE file. - - 7. Disclaimer of Warranty. Unless required by applicable law or - agreed to in writing, Licensor provides the Work (and each - Contributor provides its Contributions) on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or - implied, including, without limitation, any warranties or conditions - of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A - PARTICULAR PURPOSE. You are solely responsible for determining the - appropriateness of using or redistributing the Work and assume any - risks associated with Your exercise of permissions under this License. - - 8. Limitation of Liability. In no event and under no legal theory, - whether in tort (including negligence), contract, or otherwise, - unless required by applicable law (such as deliberate and grossly - negligent acts) or agreed to in writing, shall any Contributor be - liable to You for damages, including any direct, indirect, special, - incidental, or consequential damages of any character arising as a - result of this License or out of the use or inability to use the - Work (including but not limited to damages for loss of goodwill, - work stoppage, computer failure or malfunction, or any and all - other commercial damages or losses), even if such Contributor - has been advised of the possibility of such damages. - - 9. Accepting Warranty or Additional Liability. While redistributing - the Work or Derivative Works thereof, You may choose to offer, - and charge a fee for, acceptance of support, warranty, indemnity, - or other liability obligations and/or rights consistent with this - License. However, in accepting such obligations, You may act only - on Your own behalf and on Your sole responsibility, not on behalf - of any other Contributor, and only if You agree to indemnify, - defend, and hold each Contributor harmless for any liability - incurred by, or claims asserted against, such Contributor by reason - of your accepting any such warranty or additional liability. - diff --git a/ironic/README.md b/ironic/README.md deleted file mode 100644 index fd39cb60a..000000000 --- a/ironic/README.md +++ /dev/null @@ -1,137 +0,0 @@ -puppet-ironic -============= - -#### Table of Contents - -1. [Overview - What is the ironic module?](#overview) -2. [Module Description - What does the module do?](#module-description) -3. [Setup - The basics of getting started with ironic](#setup) -4. [Implementation - An under-the-hood peek at what the module is doing](#implementation) -5. [Limitations - OS compatibility, etc.](#limitations) -6. [Development - Guide for contributing to the module](#development) -7. [Contributors - Those with commits](#contributors) - -Overview --------- - -The ironic module is a part of [OpenStack](https://github.com/openstack), an effort by the OpenStack infrastructure team to provide continuous integration testing and code review for OpenStack and OpenStack community projects as part of the core software. The module itself is used to flexibly configure and manage the baremetal service for OpenStack. - -Module Description ------------------- - -Setup ------ - -**What the ironic module affects:** - -* [Ironic](https://wiki.openstack.org/wiki/Ironic), the baremetal service for OpenStack. - -### Installing Ironic - - puppet module install openstack/ironic - -### Beginning with ironic - -To utilize the ironic module's functionality you will need to declare multiple resources. This is not an exhaustive list of all the components needed. We recommend that you consult and understand the [core openstack](http://docs.openstack.org) documentation to assist you in understanding the available deployment options. - -```puppet -# enable Ironic resources -class { '::ironic': - rabbit_userid => 'ironic', - rabbit_password => 'an_even_bigger_secret', - rabbit_host => '127.0.0.1', - database_connection => 'mysql://ironic:a_big_secret@127.0.0.1/ironic?charset=utf8', -} - -class { '::ironic::db::mysql': - password => 'a_big_secret', -} - -class { '::ironic::keystone::auth': - password => 'a_big_secret', -} - -class { '::ironic::client': } - -class { '::ironic::conductor': } - -class { '::ironic::api': - admin_password => 'a_big_secret', -} - -class { '::ironic::drivers::ipmi': } - -# alternatively, you can deploy Ironic with Bifrost. It's a collection of Ansible playbooks to configure -# and install Ironic in a stand-alone fashion (for more information visit http://git.openstack.org/openstack/bifrost) -class { 'ironic::bifrost': - ironic_db_password => 'a_big_secret', - mysql_password => 'yet_another_big_secret', - baremetal_json_hosts => hiera('your_hiera_var_containing_bm_json_hosts'), -} -``` - -Examples of usage also can be found in the *examples* directory. - -Implementation --------------- - -### puppet-ironic - -puppet-ironic is a combination of Puppet manifest and ruby code to delivery configuration and extra functionality through types and providers. - -### Types - -#### ironic_config - -The `ironic_config` provider is a children of the ini_setting provider. It allows one to write an entry in the `/etc/ironic/ironic.conf` file. - -```puppet -ironic_config { 'DEFAULT/verbose' : - value => true, -} -``` - -This will write `verbose=true` in the `[DEFAULT]` section. - -##### name - -Section/setting name to manage from `ironic.conf` - -##### value - -The value of the setting to be defined. - -##### secret - -Whether to hide the value from Puppet logs. Defaults to `false`. - -##### ensure_absent_val - -If value is equal to ensure_absent_val then the resource will behave as if `ensure => absent` was specified. Defaults to `` - -Limitations ------------ - -Beaker-Rspec ------------- - -This module has beaker-rspec tests - -To run: - -``shell -bundle install -bundle exec rspec spec/acceptance -`` - -Development ------------ - -Developer documentation for the entire puppet-openstack project. - -* https://wiki.openstack.org/wiki/Puppet-openstack#Developer_documentation - -Contributors ------------- - -* https://github.com/openstack/puppet-ironic/graphs/contributors diff --git a/ironic/Rakefile b/ironic/Rakefile deleted file mode 100644 index 168d10814..000000000 --- a/ironic/Rakefile +++ /dev/null @@ -1 +0,0 @@ -require 'puppet-openstack_spec_helper/rake_tasks' diff --git a/ironic/examples/ironic.pp b/ironic/examples/ironic.pp deleted file mode 100644 index 1ced6e6e2..000000000 --- a/ironic/examples/ironic.pp +++ /dev/null @@ -1,119 +0,0 @@ -# -# Copyright (C) 2013 eNovance SAS -# -# Author: Emilien Macchi -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. You may obtain -# a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the -# License for the specific language governing permissions and limitations -# under the License. -# -# Deploy Ironic -# - -$db_host = 'db' -$db_username = 'ironic' -$db_name = 'ironic' -$db_password = 'password' -$rabbit_user = 'ironic' -$rabbit_password = 'ironic' -$rabbit_vhost = '/' -$rabbit_hosts = ['rabbitmq:5672'] -$rabbit_port = '5672' -$glance_api_servers = 'glance:9292' -$deploy_kernel = 'glance://deploy_kernel_uuid' -$deploy_ramdisk = 'glance://deploy_ramdisk_uuid' -$baremetal_json_hosts = ' - "ironic-bm-test.bifrost.example": { - "ansible_ssh_host": "1.1.1.1", - "uuid": "11111111-1111-1111-1111-111111111111", - "driver_info": { - "power": { - "ipmi_address": "10.0.0.1", - "ipmi_username": "admin", - "ipmi_password": "pass" - }, - }, - "nics": [ - { - "mac": "ff:ff:ff:ff:ff:ff" - } - ], - "driver": "agent_ipmitool", - "ipv4_address": "1.1.1.1", - "properties": { - "cpu_arch": "x86_64", - "ram": null, - "disk_size": null, - "cpus": null - }, - "name": "ironic-bm-test.bifrost.example" - } -' - -node 'db' { - - class { '::mysql::server': - config_hash => { - 'bind_address' => '0.0.0.0', - }, - } - - class { '::mysql::ruby': } - - class { '::ironic::db::mysql': - password => $db_password, - dbname => $db_name, - user => $db_username, - host => $clientcert, - allowed_hosts => ['controller'], - } - -} - -node controller { - - class { '::ironic': - db_password => $db_password, - db_name => $db_name, - db_user => $db_username, - db_host => $db_host, - - rabbit_password => $rabbit_password, - rabbit_userid => $rabbit_user, - rabbit_virtual_host => $rabbit_vhost, - rabbit_hosts => $rabbit_hosts, - - glance_api_servers => $glance_api_servers, - } - - class { '::ironic::api': } - - class { '::ironic::conductor': } - - class { '::ironic::drivers::ipmi': } - - class { '::ironic::drivers::pxe': - deploy_kernel => $deploy_kernel, - deploy_ramdisk => $deploy_ramdisk, - } - -} - -node bifrost-controller { - - class { '::ironic::bifrost': - network_interface => 'eth1', - ironic_db_password => 'changeme', - mysql_password => 'changemetoo', - baremetal_json_hosts => $baremetal_json_hosts, - } - -} diff --git a/ironic/lib/puppet/provider/ironic.rb b/ironic/lib/puppet/provider/ironic.rb deleted file mode 100644 index 36371188d..000000000 --- a/ironic/lib/puppet/provider/ironic.rb +++ /dev/null @@ -1,150 +0,0 @@ -require 'csv' -require 'puppet/util/inifile' - -class Puppet::Provider::Ironic < Puppet::Provider - - def self.conf_filename - '/etc/ironic/ironic.conf' - end - - def self.withenv(hash, &block) - saved = ENV.to_hash - hash.each do |name, val| - ENV[name.to_s] = val - end - - yield - ensure - ENV.clear - saved.each do |name, val| - ENV[name] = val - end - end - - def self.ironic_credentials - @ironic_credentials ||= get_ironic_credentials - end - - def self.get_ironic_credentials - auth_keys = ['auth_host', 'auth_port', 'auth_protocol', - 'admin_tenant_name', 'admin_user', 'admin_password'] - conf = ironic_conf - if conf and conf['keystone_authtoken'] and - auth_keys.all?{|k| !conf['keystone_authtoken'][k].nil?} - return Hash[ auth_keys.map \ - { |k| [k, conf['keystone_authtoken'][k].strip] } ] - else - raise(Puppet::Error, "File: #{conf_filename} does not contain all \ -required sections. Ironic types will not work if ironic is not \ -correctly configured.") - end - end - - def ironic_credentials - self.class.ironic_credentials - end - - def self.auth_endpoint - @auth_endpoint ||= get_auth_endpoint - end - - def self.get_auth_endpoint - q = ironic_credentials - "#{q['auth_protocol']}://#{q['auth_host']}:#{q['auth_port']}/v2.0/" - end - - def self.ironic_conf - return @ironic_conf if @ironic_conf - @ironic_conf = Puppet::Util::IniConfig::File.new - @ironic_conf.read(conf_filename) - @ironic_conf - end - - def self.auth_ironic(*args) - q = ironic_credentials - authenv = { - :OS_AUTH_URL => self.auth_endpoint, - :OS_USERNAME => q['admin_user'], - :OS_TENANT_NAME => q['admin_tenant_name'], - :OS_PASSWORD => q['admin_password'] - } - begin - withenv authenv do - ironic(args) - end - rescue Exception => e - if (e.message =~ /\[Errno 111\] Connection refused/) or - (e.message =~ /\(HTTP 400\)/) - sleep 10 - withenv authenv do - ironic(args) - end - else - raise(e) - end - end - end - - def auth_ironic(*args) - self.class.auth_ironic(args) - end - - def self.reset - @ironic_conf = nil - @ironic_credentials = nil - end - - def self.list_ironic_resources(type) - ids = [] - list = auth_ironic("#{type}-list", '--format=csv', - '--column=id', '--quote=none') - (list.split("\n")[1..-1] || []).compact.collect do |line| - ids << line.strip - end - return ids - end - - def self.get_ironic_resource_attrs(type, id) - attrs = {} - net = auth_ironic("#{type}-show", '--format=shell', id) - last_key = nil - (net.split("\n") || []).compact.collect do |line| - if line.include? '=' - k, v = line.split('=', 2) - attrs[k] = v.gsub(/\A"|"\Z/, '') - last_key = k - else - # Handle the case of a list of values - v = line.gsub(/\A"|"\Z/, '') - attrs[last_key] = [attrs[last_key], v] - end - end - return attrs - end - - def self.get_tenant_id(catalog, name) - instance_type = 'keystone_tenant' - instance = catalog.resource("#{instance_type.capitalize!}[#{name}]") - if ! instance - instance = Puppet::Type.type(instance_type).instances.find do |i| - i.provider.name == name - end - end - if instance - return instance.provider.id - else - fail("Unable to find #{instance_type} for name #{name}") - end - end - - def self.parse_creation_output(data) - hash = {} - data.split("\n").compact.each do |line| - if line.include? '=' - hash[line.split('=').first] = line.split('=', 2)[1].gsub(/\A"|"\Z/, '') - end - end - hash - end - -end diff --git a/ironic/lib/puppet/provider/ironic_api_paste_ini/ini_setting.rb b/ironic/lib/puppet/provider/ironic_api_paste_ini/ini_setting.rb deleted file mode 100644 index a43fb7629..000000000 --- a/ironic/lib/puppet/provider/ironic_api_paste_ini/ini_setting.rb +++ /dev/null @@ -1,27 +0,0 @@ -Puppet::Type.type(:ironic_api_paste_ini).provide( - :ini_setting, - :parent => Puppet::Type.type(:ini_setting).provider(:ruby) -) do - - def section - resource[:name].split('/', 2).first - end - - def setting - resource[:name].split('/', 2).last - end - - def separator - '=' - end - - def self.file_path - '/etc/ironic/api-paste.ini' - end - - # added for backwards compatibility with older versions of inifile - def file_path - self.class.file_path - end - -end diff --git a/ironic/lib/puppet/provider/ironic_config/ini_setting.rb b/ironic/lib/puppet/provider/ironic_config/ini_setting.rb deleted file mode 100644 index 8f6272a18..000000000 --- a/ironic/lib/puppet/provider/ironic_config/ini_setting.rb +++ /dev/null @@ -1,10 +0,0 @@ -Puppet::Type.type(:ironic_config).provide( - :ini_setting, - :parent => Puppet::Type.type(:openstack_config).provider(:ini_setting) -) do - - def self.file_path - '/etc/ironic/ironic.conf' - end - -end diff --git a/ironic/lib/puppet/provider/ironic_inspector_config/ini_setting.rb b/ironic/lib/puppet/provider/ironic_inspector_config/ini_setting.rb deleted file mode 100644 index fc448160b..000000000 --- a/ironic/lib/puppet/provider/ironic_inspector_config/ini_setting.rb +++ /dev/null @@ -1,10 +0,0 @@ -Puppet::Type.type(:ironic_inspector_config).provide( - :ini_setting, - :parent => Puppet::Type.type(:openstack_config).provider(:ini_setting) -) do - - def self.file_path - '/etc/ironic-inspector/inspector.conf' - end - -end diff --git a/ironic/lib/puppet/type/ironic_api_paste_ini.rb b/ironic/lib/puppet/type/ironic_api_paste_ini.rb deleted file mode 100644 index a5a8012f5..000000000 --- a/ironic/lib/puppet/type/ironic_api_paste_ini.rb +++ /dev/null @@ -1,52 +0,0 @@ -Puppet::Type.newtype(:ironic_api_paste_ini) do - - ensurable - - newparam(:name, :namevar => true) do - desc 'Section/setting name to manage from /etc/ironic/api-paste.ini' - newvalues(/\S+\/\S+/) - end - - newproperty(:value) do - desc 'The value of the setting to be defined.' - munge do |value| - value = value.to_s.strip - value.capitalize! if value =~ /^(true|false)$/i - value - end - - def is_to_s( currentvalue ) - if resource.secret? - return '[old secret redacted]' - else - return currentvalue - end - end - - def should_to_s( newvalue ) - if resource.secret? - return '[new secret redacted]' - else - return newvalue - end - end - end - - newparam(:secret, :boolean => true) do - desc 'Whether to hide the value from Puppet logs. Defaults to `false`.' - - newvalues(:true, :false) - - defaultto false - end - - newparam(:ensure_absent_val) do - desc 'A value that is specified as the value property will behave as if ensure => absent was specified' - defaultto('') - end - - autorequire(:package) do - 'ironic' - end - -end diff --git a/ironic/lib/puppet/type/ironic_config.rb b/ironic/lib/puppet/type/ironic_config.rb deleted file mode 100644 index 2a454ab45..000000000 --- a/ironic/lib/puppet/type/ironic_config.rb +++ /dev/null @@ -1,53 +0,0 @@ -Puppet::Type.newtype(:ironic_config) do - - ensurable - - newparam(:name, :namevar => true) do - desc 'Section/setting name to manage from ironic.conf' - newvalues(/\S+\/\S+/) - end - - newproperty(:value) do - desc 'The value of the setting to be defined.' - munge do |value| - value = value.to_s.strip - value.capitalize! if value =~ /^(true|false)$/i - value - end - newvalues(/^[\S ]*$/) - - def is_to_s( currentvalue ) - if resource.secret? - return '[old secret redacted]' - else - return currentvalue - end - end - - def should_to_s( newvalue ) - if resource.secret? - return '[new secret redacted]' - else - return newvalue - end - end - end - - newparam(:secret, :boolean => true) do - desc 'Whether to hide the value from Puppet logs. Defaults to `false`.' - - newvalues(:true, :false) - - defaultto false - end - - newparam(:ensure_absent_val) do - desc 'A value that is specified as the value property will behave as if ensure => absent was specified' - defaultto('') - end - - autorequire(:package) do - 'ironic-common' - end - -end diff --git a/ironic/lib/puppet/type/ironic_inspector_config.rb b/ironic/lib/puppet/type/ironic_inspector_config.rb deleted file mode 100644 index fe7ff1664..000000000 --- a/ironic/lib/puppet/type/ironic_inspector_config.rb +++ /dev/null @@ -1,53 +0,0 @@ -Puppet::Type.newtype(:ironic_inspector_config) do - - ensurable - - newparam(:name, :namevar => true) do - desc 'Section/setting name to manage from inspector.conf' - newvalues(/\S+\/\S+/) - end - - newproperty(:value) do - desc 'The value of the setting to be defined.' - munge do |value| - value = value.to_s.strip - value.capitalize! if value =~ /^(true|false)$/i - value - end - newvalues(/^[\S ]*$/) - - def is_to_s( currentvalue ) - if resource.secret? - return '[old secret redacted]' - else - return currentvalue - end - end - - def should_to_s( newvalue ) - if resource.secret? - return '[new secret redacted]' - else - return newvalue - end - end - end - - newparam(:secret, :boolean => true) do - desc 'Whether to hide the value from Puppet logs. Defaults to `false`.' - - newvalues(:true, :false) - - defaultto false - end - - newparam(:ensure_absent_val) do - desc 'A value that is specified as the value property will behave as if ensure => absent was specified' - defaultto('') - end - - autorequire(:package) do - 'ironic-inspector' - end - -end diff --git a/ironic/manifests/api.pp b/ironic/manifests/api.pp deleted file mode 100644 index 1046ea203..000000000 --- a/ironic/manifests/api.pp +++ /dev/null @@ -1,180 +0,0 @@ -# -# Copyright (C) 2013 eNovance SAS -# -# Author: Emilien Macchi -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. You may obtain -# a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the -# License for the specific language governing permissions and limitations -# under the License. - -# Configure the API service in Ironic -# -# === Parameters -# -# [*package_ensure*] -# (optional) Control the ensure parameter for the package ressource. -# Defaults to 'present'. -# -# [*enabled*] -# (optional) Define if the service must be enabled or not. -# Defaults to true. -# -# [*host_ip*] -# (optional) The listen IP for the Ironic API server. -# Should be an valid IP address -# Defaults to '0.0.0.0'. -# -# [*port*] -# (optional) The port for the Ironic API server. -# Should be an valid port -# Defaults to '6385'. -# -# [*max_limit*] -# (optional) The maximum number of items returned in a single response -# from a collection resource. -# Should be an valid interger -# Defaults to '1000'. -# -# [*auth_uri*] -# (optional) Complete public Identity API endpoint. -# Defaults to 'http://127.0.0.1:5000/'. -# -# [*identity_uri*] -# (optional) Complete admin Identity API endpoint. -# Defaults to 'http://127.0.0.1:35357/'. -# -# [*auth_version*] -# (optional) DEPRECATED. API version of the admin Identity API endpoint -# for example, use 'v3.0' for the keystone version 3.0 api -# Defaults to false -# -# [*admin_tenant_name*] -# (optional) The name of the tenant to create in keystone for use by the ironic services -# Defaults to 'services' -# -# [*admin_user*] -# (optional) The name of the user to create in keystone for use by the ironic services -# Defaults to 'ironic' -# -# [*neutron_url*] -# (optional) The Neutron URL to be used for requests from ironic -# Defaults to 'http://127.0.0.1:9696/' -# -# [*admin_password*] -# (required) The password to set for the ironic admin user in keystone -# -# [*workers*] -# (Optional) The number of workers to spawn. -# Defaults to $::os_service_default. -# -# [*service_name*] -# (optional) Name of the service that will be providing the -# server functionality of ironic-api. -# If the value is 'httpd', this means ironic-api will be a web -# service, and you must use another class to configure that -# web service. For example, use class { 'ironic::wsgi::apache'...} -# to make ironic-api be a web app using apache mod_wsgi. -# Defaults to '$::ironic::params::api_service' -# -# [*public_endpoint*] -# (Optional) Public URL to use when building the links to the API resources -# Defaults to $::os_service_default -# - -class ironic::api ( - $package_ensure = 'present', - $enabled = true, - $service_name = $::ironic::params::api_service, - $host_ip = '0.0.0.0', - $port = '6385', - $max_limit = '1000', - $workers = $::os_service_default, - $auth_uri = 'http://127.0.0.1:5000/', - $identity_uri = 'http://127.0.0.1:35357/', - $admin_tenant_name = 'services', - $admin_user = 'ironic', - $neutron_url = 'http://127.0.0.1:9696/', - $public_endpoint = $::os_service_default, - $admin_password, - # DEPRECATED PARAMETER - $auth_version = false, -) inherits ironic::params { - - include ::ironic::params - include ::ironic::policy - - Ironic_config<||> ~> Service[$service_name] - Class['ironic::policy'] ~> Service[$service_name] - - # Configure ironic.conf - ironic_config { - 'api/host_ip': value => $host_ip; - 'api/port': value => $port; - 'api/max_limit': value => $max_limit; - 'api/api_workers': value => $workers; - 'api/public_endpoint': value => $public_endpoint; - } - - # Install package - if $::ironic::params::api_package { - Package['ironic-api'] -> Class['ironic::policy'] - Package['ironic-api'] -> Service[$service_name] - package { 'ironic-api': - ensure => $package_ensure, - name => $::ironic::params::api_package, - tag => ['openstack', 'ironic-package'], - } - } - - if $enabled { - $ensure = 'running' - } else { - $ensure = 'stopped' - } - - if $service_name == $::ironic::params::api_service { - service { 'ironic-api': - ensure => $ensure, - name => $::ironic::params::api_service, - enable => $enabled, - hasstatus => true, - hasrestart => true, - tag => 'ironic-service', - } - } elsif $service_name == 'httpd' { - include ::apache::params - service { 'ironic-api': - ensure => 'stopped', - name => $::ironic::params::api_service, - enable => false, - tag => 'ironic-service', - } - - # we need to make sure ironic-api/eventlet is stopped before trying to start apache - Service['ironic-api'] -> Service[$service_name] - } else { - fail('Invalid service_name. Either ironic-api/openstack-ironic-api for running as a standalone service, or httpd for being run by a httpd server') - } - - if $auth_version { - warning('auth_version parameter is deprecated and has no effect during Mitaka and will be dropped during N cycle.') - } - - ironic_config { - 'keystone_authtoken/admin_tenant_name': value => $admin_tenant_name; - 'keystone_authtoken/admin_user': value => $admin_user; - 'keystone_authtoken/admin_password': value => $admin_password, secret => true; - 'keystone_authtoken/auth_uri': value => $auth_uri; - 'keystone_authtoken/identity_uri': value => $identity_uri; - 'neutron/url': value => $neutron_url; - } - -} diff --git a/ironic/manifests/bifrost.pp b/ironic/manifests/bifrost.pp deleted file mode 100644 index bda15ebee..000000000 --- a/ironic/manifests/bifrost.pp +++ /dev/null @@ -1,216 +0,0 @@ -# Copyright 2015 Hewlett-Packard Development Company, L.P. -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. You may obtain -# a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the -# License for the specific language governing permissions and limitations -# under the License. - -# == Class: ironic::bifrost -# -# Installs and configures Bifrost -# Bifrost is a set of Ansible playbooks that automates the task of deploying a -# base image onto a set of known hardware using Ironic. It provides modular -# utility for one-off operating system deployment with as few operational requirements -# as reasonably possible. -# Bifrost also allows to install Ironic in a stand-alone fashion. In this kind of setup, -# neither Keystone nor Neutron is installed, and dnsmasq is used to provide PXE booting. -# -# [*ironic_db_password*] -# (required) The Ironic DB password -# -# [*mysql_password*] -# (required) The mysql server password -# -# [*baremetal_json_hosts*] -# (required) Baremetal hosts in JSON format, will be included in baremetal.json -# -# [*git_source_repo*] -# (optional) Git repository location for pulling Bifrost -# Defaults to 'https://git.openstack.org/openstack/bifrost' -# -# [*revision*] -# (optional) The branch or commit to checkout on Bifrost repository -# Defaults to 'master' -# -# [*ensure*] -# (optional) Ensure value for cloning the Bifrost repository. -# This is a pass-thru variable for vcsrepo, acceptable values are -# present/bare/absent/latest -# Typically, you may want to set this value to either present or absent and use -# revision for setting the branch or commit to clone. -# Defaults to 'present' -# -# [*revision*] -# (optional) The branch or commit to checkout on Bifrost repository -# Defaults to 'master' -# -# [*git_dest_repo_folder*] -# (optional) Folder to clone the Bifrost git repository -# Defaults to '/opt/stack/bifrost' -# -# [*bifrost_config_folder*] -# (optional) Folder to keep the configuration files, namely the global vars file -# and baremetal.json -# Defaults to '/etc/bifrost' -# Note that due to how Ansible handles the directory layout of playbooks and roles, -# you will need to pass '-e "@/etc/bifrost/bifrost_global_vars' switch to 'ansible-playbook' -# to load the variables at execution time. -# For more information, check http://docs.ansible.com/ansible/playbooks_variables.html -# -# [*ironic_url*] -# (optional) The URL of the Ironic server -# Defaults to '"http://localhost:6385"' -# -# [*network_interface*] -# (optional) The network interface DHCP will serve requests on -# Defaults to '"virbr0"' -# -# [*testing*] -# (optional) If true, Ironic will provision libvirt and VMs instead of baremetal -# Defaults to 'false' -# -# [*testing_user*] -# (optional) VM default user in case testing is enabled -# Defaults to 'ubuntu' -# -# [*http_boot_folder*] -# (optional) gPXE folder location for HTTP PXE boot -# Defaults to '/httpboot' -# -# [*nginx_port*] -# (optional) NGINX HTTP port -# Defaults to 8080 - -# [*ssh_public_key_path*] -# (optional) SSH public key location, this will be injected in provisioned servers -# Defaults to '"{{ ansible_env.HOME }}/.ssh/id_rsa.pub"' -# -# [*deploy_kernel*] -# (optional) Kernel to PXE boot from -# Defaults to '"{{http_boot_folder}}/coreos_production_pxe.vmlinuz"' -# -# [*deploy_ramdisk*] -# (optional) Ramdisk to load after kernel boot -# Defaults to '"{{http_boot_folder}}/coreos_production_pxe_image-oem.cpio.gz"' -# -# [*deploy_kernel_url*] -# (optional) Kernel URL -# Defaults to '"http://{{ hostvars[inventory_hostname][\'ansible_\' + network_interface][\'ipv4\'][\'address\'] }}:{{nginx_port}}/coreos_production_pxe.vmlinuz"' -# -# [*deploy_ramdisk_url*] -# (optional) Ramdisk URL -# Defaults to '"http://{{ hostvars[inventory_hostname][\'ansible_\' + network_interface][\'ipv4\'][\'address\'] }}:{{nginx_port}}/coreos_production_pxe_image-oem.cpio.gz"' -# -# [*deploy_image_filename*] -# (optional) Deploy image filename -# Defaults to '"deployment_image.qcow2"' -# -# [*deploy_image*] -# (optional) URL for the deployment image -# Defaults to '"{{http_boot_folder}}/{{deploy_image_filename}}"' -# -# [*create_image_via_dib*] -# (optional) Flag to enable/disable image creation with diskimage-builder -# Defaults to 'true' -# -# [*transform_boot_image*] -# (optional) Flag to prepend a partition image with boot sector and partition table -# Defaults to 'false' -# -# [*node_default_network_interface*] -# (optional) Default network interface to configure with configdrive settings -# Defaults to 'eth0' -# -# [*ipv4_subnet_mask*] -# (optional) Subnet mask for configured NIC -# Defaults to '255.255.255.0' -# -# [*ipv4_gateway*] -# (optional) Gateway for configured NIC -# Defaults to '192.168.1.1' -# -# [*ipv4_nameserver*] -# (optional) Nameserver for DNS configuration -# Defaults to '8.8.8.8' -# -# [*network_mtu*] -# (optional) MTU for configured NIC -# Defaults to '1500' -# -# [*dhcp_pool_start*] -# (optional) Dnsmasq DHCP pool start -# Defaults to '192.168.1.200' -# -# [*dhcp_pool_end*] -# (optional) Dnsmasq DHCP pool end -# Defaults to '192.168.1.250' -# -# [*ipmi_bridging*] -# (optional) Flag to enable/disable IPMI bridging -# Defaults to 'no' - -class ironic::bifrost ( - $ironic_db_password, - $mysql_password, - $baremetal_json_hosts, - $git_source_repo = 'https://git.openstack.org/openstack/bifrost', - $ensure = present, - $revision = 'master', - $git_dest_repo_folder = '/opt/stack/bifrost', - $bifrost_config_folder = '/etc/bifrost', - $ironic_url = '"http://localhost:6385/"', - $network_interface = '"virbr0"', - $testing = false, - $testing_user = 'ubuntu', - $http_boot_folder = '/httpboot', - $nginx_port = 8080, - $ssh_public_key_path = '"{{ ansible_env.HOME }}/.ssh/id_rsa.pub"', - $deploy_kernel = '"{{http_boot_folder}}/coreos_production_pxe.vmlinuz"', - $deploy_ramdisk = '"{{http_boot_folder}}/coreos_production_pxe_image-oem.cpio.gz"', - $deploy_kernel_url = '"http://{{ hostvars[inventory_hostname][\'ansible_\' + network_interface][\'ipv4\'][\'address\'] }}:{{nginx_port}}/coreos_production_pxe.vmlinuz"', - $deploy_ramdisk_url = '"http://{{ hostvars[inventory_hostname][\'ansible_\' + network_interface][\'ipv4\'][\'address\'] }}:{{nginx_port}}/coreos_production_pxe_image-oem.cpio.gz"', - $deploy_image_filename = '"deployment_image.qcow2"', - $deploy_image = '"{{http_boot_folder}}/{{deploy_image_filename}}"', - $create_image_via_dib = true, - $transform_boot_image = false, - $node_default_network_interface = 'eth0', - $ipv4_subnet_mask = '255.255.255.0', - $ipv4_gateway = '192.168.1.1', - $ipv4_nameserver = '8.8.8.8', - $network_mtu = '1500', - $dhcp_pool_start = '192.168.1.200', - $dhcp_pool_end = '192.168.1.250', - $ipmi_bridging = 'no', -) { - - vcsrepo { $git_dest_repo_folder: - ensure => $ensure, - provider => git, - revision => $revision, - source => $git_source_repo, - } - - file { $bifrost_config_folder: - ensure => directory - } - - file { "${bifrost_config_folder}/bifrost_global_vars": - ensure => present, - content => template('ironic/bifrost_global_vars.erb'), - require => File[$bifrost_config_folder], - } - - file { "${bifrost_config_folder}/baremetal.json": - ensure => present, - content => template('ironic/baremetal.json.erb'), - require => File[$bifrost_config_folder], - } -} - diff --git a/ironic/manifests/client.pp b/ironic/manifests/client.pp deleted file mode 100644 index 71570e986..000000000 --- a/ironic/manifests/client.pp +++ /dev/null @@ -1,41 +0,0 @@ -# -# Copyright (C) 2013 eNovance SAS -# -# Author: Emilien Macchi -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. You may obtain -# a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the -# License for the specific language governing permissions and limitations -# under the License. - -# ironic::client -# -# Manages the ironic client package on systems -# -# === Parameters: -# -# [*package_ensure*] -# (optional) The state of the package -# Defaults to present -# - -class ironic::client ( - $package_ensure = present -) { - - include ::ironic::params - - package { 'python-ironicclient': - ensure => $package_ensure, - name => $::ironic::params::client_package, - tag => 'openstack', - } - -} diff --git a/ironic/manifests/conductor.pp b/ironic/manifests/conductor.pp deleted file mode 100644 index 313446403..000000000 --- a/ironic/manifests/conductor.pp +++ /dev/null @@ -1,83 +0,0 @@ -# -# Copyright (C) 2013 eNovance SAS -# -# Author: Emilien Macchi -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. You may obtain -# a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the -# License for the specific language governing permissions and limitations -# under the License. - -# Configure the conductor service in Ironic -# -# === Parameters -# -# [*package_ensure*] -# (optional) Control the ensure parameter for the package ressource. -# Defaults to 'present'. -# -# [*enabled*] -# (optional) Define if the service must be enabled or not. -# Defaults to true. -# -# [*max_time_interval*] -# (optional) Maximum time, in seconds, since the last check-in of a conductor. -# Should be an interger value -# Defaults to '120'. -# -# [*force_power_state_during_sync*] -# (optional) Should the hardware power state be set to the state recorded in -# the database (True) or should the database be updated based on the hardware -# state (False). -# Defaults to true. -# -class ironic::conductor ( - $package_ensure = 'present', - $enabled = true, - $max_time_interval = '120', - $force_power_state_during_sync = true, -) { - - include ::ironic::params - - Ironic_config<||> ~> Service['ironic-conductor'] - - # Configure ironic.conf - ironic_config { - 'conductor/max_time_interval': value => $max_time_interval; - 'conductor/force_power_state_during_sync': value => $force_power_state_during_sync; - } - - # Install package - if $::ironic::params::conductor_package { - Package['ironic-conductor'] -> Service['ironic-conductor'] - package { 'ironic-conductor': - ensure => $package_ensure, - name => $::ironic::params::conductor_package, - tag => ['openstack', 'ironic-package'], - } - } - - if $enabled { - $ensure = 'running' - } else { - $ensure = 'stopped' - } - - # Manage service - service { 'ironic-conductor': - ensure => $ensure, - name => $::ironic::params::conductor_service, - enable => $enabled, - hasstatus => true, - tag => 'ironic-service', - } - -} diff --git a/ironic/manifests/config.pp b/ironic/manifests/config.pp deleted file mode 100644 index 7a1569ec1..000000000 --- a/ironic/manifests/config.pp +++ /dev/null @@ -1,36 +0,0 @@ -# == Class: ironic::config -# -# This class is used to manage arbitrary Ironic configurations. -# -# === Parameters -# -# [*ironic_config*] -# (optional) Allow configuration of arbitrary Ironic configurations. -# The value is an hash of ironic_config resources. Example: -# { 'DEFAULT/foo' => { value => 'fooValue'}, -# 'DEFAULT/bar' => { value => 'barValue'} -# } -# In yaml format, Example: -# ironic_config: -# DEFAULT/foo: -# value: fooValue -# DEFAULT/bar: -# value: barValue -# -# [*ironic_api_paste_ini*] -# (optional) Allow configuration of /etc/ironic/api-paste.ini options. -# -# NOTE: The configuration MUST NOT be already handled by this module -# or Puppet catalog compilation will fail with duplicate resources. -# -class ironic::config ( - $ironic_config = {}, - $ironic_api_paste_ini = {}, -) { - - validate_hash($ironic_config) - validate_hash($ironic_api_paste_ini) - - create_resources('ironic_config', $ironic_config) - create_resources('ironic_api_paste_ini', $ironic_api_paste_ini) -} diff --git a/ironic/manifests/db.pp b/ironic/manifests/db.pp deleted file mode 100644 index 43a266f62..000000000 --- a/ironic/manifests/db.pp +++ /dev/null @@ -1,101 +0,0 @@ -# == Class: ironic::db -# -# Configure the Ironic database -# -# === Parameters -# -# [*database_connection*] -# Url used to connect to database. -# (Optional) Defaults to 'sqlite:////var/lib/ironic/ovs.sqlite'. -# -# [*database_idle_timeout*] -# Timeout when db connections should be reaped. -# (Optional) Defaults to $::os_service_default -# -# [*database_max_retries*] -# Maximum db connection retries during startup. -# Setting -1 implies an infinite retry count. -# (Optional) Defaults to $::os_service_default -# -# [*database_retry_interval*] -# Interval between retries of opening a sql connection. -# (Optional) Defaults to $::os_service_default -# -# [*database_min_pool_size*] -# Minimum number of SQL connections to keep open in a pool. -# (Optional) Defaults to $::os_service_default -# -# [*database_max_pool_size*] -# Maximum number of SQL connections to keep open in a pool. -# (Optional) Defaults to $::os_service_default -# -# [*database_max_overflow*] -# If set, use this value for max_overflow with sqlalchemy. -# (Optional) Defaults to $::os_service_default -# -class ironic::db ( - $database_connection = 'sqlite:////var/lib/ironic/ovs.sqlite', - $database_idle_timeout = $::os_service_default, - $database_max_retries = $::os_service_default, - $database_retry_interval = $::os_service_default, - $database_min_pool_size = $::os_service_default, - $database_max_pool_size = $::os_service_default, - $database_max_overflow = $::os_service_default, -) { - - include ::ironic::params - - # NOTE(spredzy): In order to keep backward compatibility we rely on the pick function - # to use ironic:: if ironic::db:: isn't specified. - $database_connection_real = pick($::ironic::database_connection, $database_connection) - $database_idle_timeout_real = pick($::ironic::database_idle_timeout, $database_idle_timeout) - $database_max_retries_real = pick($::ironic::database_max_retries, $database_max_retries) - $database_retry_interval_real = pick($::ironic::database_retry_interval, $database_retry_interval) - $database_min_pool_size_real = pick($::ironic::database_min_pool_size, $database_min_pool_size) - $database_max_pool_size_real = pick($::ironic::database_max_pool_size, $database_max_pool_size) - $database_max_overflow_real = pick($::ironic::database_max_overflow, $database_max_overflow) - - validate_re($database_connection_real, - '^(sqlite|mysql(\+pymysql)?|postgresql):\/\/(\S+:\S+@\S+\/\S+)?') - - case $database_connection_real { - /^mysql(\+pymysql)?:\/\//: { - require 'mysql::bindings' - require 'mysql::bindings::python' - if $database_connection_real =~ /^mysql\+pymysql/ { - $backend_package = $::ironic::params::pymysql_package_name - } else { - $backend_package = false - } - } - /^postgresql:\/\//: { - $backend_package = false - require 'postgresql::lib::python' - } - /^sqlite:\/\//: { - $backend_package = $::ironic::params::sqlite_package_name - } - default: { - fail('Unsupported backend configured') - } - } - - if $backend_package and !defined(Package[$backend_package]) { - package {'ironic-backend-package': - ensure => present, - name => $backend_package, - tag => 'openstack', - } - } - - ironic_config { - 'database/connection': value => $database_connection_real, secret => true; - 'database/idle_timeout': value => $database_idle_timeout_real; - 'database/max_retries': value => $database_max_retries_real; - 'database/retry_interval': value => $database_retry_interval_real; - 'database/min_pool_size': value => $database_min_pool_size_real; - 'database/max_pool_size': value => $database_max_pool_size_real; - 'database/max_overflow': value => $database_max_overflow_real; - } - -} diff --git a/ironic/manifests/db/inspector_sync.pp b/ironic/manifests/db/inspector_sync.pp deleted file mode 100644 index d09decf49..000000000 --- a/ironic/manifests/db/inspector_sync.pp +++ /dev/null @@ -1,21 +0,0 @@ -# -# Class to execute ironic-inspector dbsync -# -class ironic::db::inspector_sync { - - include ::ironic::params - - Package<| tag == 'ironic-inspector-package' |> ~> Exec['ironic-inspector-dbsync'] - Exec['ironic-inspector-dbsync'] ~> Service <| tag == 'ironic-inspector-service' |> - - Ironic_inspector_config<||> -> Exec['ironic-inspector-dbsync'] - Ironic_inspector_config<| title == 'database/connection' |> ~> Exec['ironic-inspector-dbsync'] - - exec { 'ironic-inspector-dbsync': - command => $::ironic::params::inspector_dbsync_command, - path => '/usr/bin', - user => 'ironic-inspector', - refreshonly => true, - logoutput => on_failure, - } -} diff --git a/ironic/manifests/db/mysql.pp b/ironic/manifests/db/mysql.pp deleted file mode 100644 index e9b685b4a..000000000 --- a/ironic/manifests/db/mysql.pp +++ /dev/null @@ -1,69 +0,0 @@ -# -# Copyright (C) 2013 eNovance SAS -# -# Author: Emilien Macchi -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. You may obtain -# a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the -# License for the specific language governing permissions and limitations -# under the License. -# -# ironic::db::mysql -# -# [*password*] -# Password to use for the nova user -# -# [*dbname*] -# (optional) The name of the database -# Defaults to 'nova' -# -# [*user*] -# (optional) The mysql user to create -# Defaults to 'nova' -# -# [*host*] -# (optional) The IP address of the mysql server -# Defaults to '127.0.0.1' -# -# [*charset*] -# (optional) The charset to use for the nova database -# Defaults to 'utf8' -# -# [*collate*] -# (optional) The collate to use for the nova database -# Defaults to 'utf8_general_ci' -# -# [*allowed_hosts*] -# (optional) Additional hosts that are allowed to access this DB -# Defaults to undef -# -class ironic::db::mysql ( - $password, - $dbname = 'ironic', - $user = 'ironic', - $host = '127.0.0.1', - $allowed_hosts = undef, - $charset = 'utf8', - $collate = 'utf8_general_ci', -) { - - ::openstacklib::db::mysql { 'ironic': - user => $user, - password_hash => mysql_password($password), - dbname => $dbname, - host => $host, - charset => $charset, - collate => $collate, - allowed_hosts => $allowed_hosts, - } - - ::Openstacklib::Db::Mysql['ironic'] ~> Exec<| title == 'ironic-dbsync' |> - -} diff --git a/ironic/manifests/db/postgresql.pp b/ironic/manifests/db/postgresql.pp deleted file mode 100644 index 7fe7bb255..000000000 --- a/ironic/manifests/db/postgresql.pp +++ /dev/null @@ -1,47 +0,0 @@ -# == Class: ironic::db::postgresql -# -# Class that configures postgresql for ironic -# Requires the Puppetlabs postgresql module. -# -# === Parameters -# -# [*password*] -# (Required) Password to connect to the database. -# -# [*dbname*] -# (Optional) Name of the database. -# Defaults to 'ironic'. -# -# [*user*] -# (Optional) User to connect to the database. -# Defaults to 'ironic'. -# -# [*encoding*] -# (Optional) The charset to use for the database. -# Default to undef. -# -# [*privileges*] -# (Optional) Privileges given to the database user. -# Default to 'ALL' -# -class ironic::db::postgresql( - $password, - $dbname = 'ironic', - $user = 'ironic', - $encoding = undef, - $privileges = 'ALL', -) { - - Class['ironic::db::postgresql'] -> Service<| title == 'ironic' |> - - ::openstacklib::db::postgresql { 'ironic': - password_hash => postgresql_password($user, $password), - dbname => $dbname, - user => $user, - encoding => $encoding, - privileges => $privileges, - } - - ::Openstacklib::Db::Postgresql['ironic'] ~> Exec<| title == 'ironic-dbsync' |> - -} diff --git a/ironic/manifests/db/sync.pp b/ironic/manifests/db/sync.pp deleted file mode 100644 index 8fec73b91..000000000 --- a/ironic/manifests/db/sync.pp +++ /dev/null @@ -1,35 +0,0 @@ -# -# Class to execute ironic dbsync -# -# == Parameters -# -# [*extra_params*] -# (optional) String of extra command line parameters to append -# to the ironic-dbsync command. -# Defaults to undef -# -class ironic::db::sync( - $extra_params = undef, -) { - - include ::ironic::params - - Package<| tag == 'ironic-package' |> ~> Exec['ironic-dbsync'] - Exec['ironic-dbsync'] ~> Service <| tag == 'ironic-service' |> - - Ironic_config<||> -> Exec['ironic-dbsync'] - Ironic_config<| title == 'database/connection' |> ~> Exec['ironic-dbsync'] - - exec { 'ironic-dbsync': - command => "${::ironic::params::dbsync_command} ${extra_params}", - path => '/usr/bin', - # Ubuntu packaging is running dbsync command as root during ironic-common - # postinstall script so when Puppet tries to run dbsync again, it fails - # because it is run with ironic user. - # This is a temporary patch until it's changed in Packaging - # https://bugs.launchpad.net/cloud-archive/+bug/1450942 - user => 'root', - refreshonly => true, - logoutput => on_failure, - } -} diff --git a/ironic/manifests/drivers/ipmi.pp b/ironic/manifests/drivers/ipmi.pp deleted file mode 100644 index 2baf03ee0..000000000 --- a/ironic/manifests/drivers/ipmi.pp +++ /dev/null @@ -1,37 +0,0 @@ -# -# Copyright (C) 2013 eNovance SAS -# -# Author: Emilien Macchi -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. You may obtain -# a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the -# License for the specific language governing permissions and limitations -# under the License. - -# Configure the IPMI driver in Ironic -# -# === Parameters -# -# [*retry_timeout*] -# (optional) Maximum time in seconds to retry IPMI operations. -# Should be an interger value -# Defaults to '10'. -# - -class ironic::drivers::ipmi ( - $retry_timeout = '10' -) { - - # Configure ironic.conf - ironic_config { - 'ipmi/retry_timeout': value => $retry_timeout; - } - -} diff --git a/ironic/manifests/drivers/pxe.pp b/ironic/manifests/drivers/pxe.pp deleted file mode 100644 index ae901373c..000000000 --- a/ironic/manifests/drivers/pxe.pp +++ /dev/null @@ -1,128 +0,0 @@ -# -# Copyright (C) 2013 eNovance SAS -# -# Author: Emilien Macchi -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. You may obtain -# a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the -# License for the specific language governing permissions and limitations -# under the License. - -# Configure the PXE driver in Ironic -# -# === Parameters -# -# [*deploy_kernel*] -# (optional) Default kernel image ID used in deployment phase. -# Should be an valid id -# Defaults to undef. -# -# [*deploy_ramdisk*] -# (optional) Default kernel image ID used in deployment phase. -# Should be an valid id -# Defaults to undef. -# -# [*pxe_append_params*] -# (optional) Additional append parameters for baremetal PXE boot. -# Should be valid pxe parameters -# Defaults to 'nofb nomodeset vga=normal'. -# -# [*pxe_config_template*] -# (optional) Template file for PXE configuration. -# Should be an valid template file -# Defaults to '$pybasedir/drivers/modules/pxe_config.template'. -# -# [*pxe_deploy_timeout*] -# (optional) Timeout for PXE deployments. -# Should be an valid integer -# Defaults to '0' for unlimited. -# -# [*tftp_server*] -# (optional) IP address of Ironic compute node's tftp server. -# Should be an valid IP address -# Defaults to '$my_ip'. -# -# [*tftp_root*] -# (optional) Ironic compute node's tftp root path. -# Should be an valid path -# Defaults to '/tftpboot'. -# -# [*images_path*] -# (optional) Directory where images are stored on disk. -# Should be an valid directory -# Defaults to '/tftpboot'. -# -# [*tftp_master_path*] -# (optional) Directory where master tftp images are stored on disk. -# Should be an valid directory -# Defaults to '/tftpboot/master_images'. -# -# [*instance_master_path*] -# (optional) Directory where master tftp images are stored on disk. -# Should be an valid directory -# Defaults to '/var/lib/ironic/master_images'. -# -# [*uefi_pxe_bootfile_name*] -# (optional) Bootfile DHCP parameter for UEFI boot mode. -# Defaults to 'elilo.efi'. -# -# [*uefi_pxe_config_template*] -# (optional) Template file for PXE configuration for UEFI boot loader. -# Defaults to '$pybasedir/drivers/modules/elilo_efi_pxe_config.template'. -# -# [*ipxe_timeout*] -# (optional) ipxe timeout in second. -# Should be an valid integer -# Defaults to '0' for unlimited. - -class ironic::drivers::pxe ( - $deploy_kernel = undef, - $deploy_ramdisk = undef, - $pxe_append_params = 'nofb nomodeset vga=normal', - $pxe_config_template = '$pybasedir/drivers/modules/pxe_config.template', - $pxe_deploy_timeout = '0', - $tftp_server = '$my_ip', - $tftp_root = '/tftpboot', - $images_path = '/var/lib/ironic/images/', - $tftp_master_path = '/tftpboot/master_images', - $instance_master_path = '/var/lib/ironic/master_images', - $uefi_pxe_bootfile_name = 'elilo.efi', - $uefi_pxe_config_template = '$pybasedir/drivers/modules/elilo_efi_pxe_config.template', - $ipxe_timeout = '0', -) { - - # Configure ironic.conf - ironic_config { - 'pxe/pxe_append_params': value => $pxe_append_params; - 'pxe/pxe_config_template': value => $pxe_config_template; - 'pxe/pxe_deploy_timeout': value => $pxe_deploy_timeout; - 'pxe/tftp_server': value => $tftp_server; - 'pxe/tftp_root': value => $tftp_root; - 'pxe/images_path': value => $images_path; - 'pxe/tftp_master_path': value => $tftp_master_path; - 'pxe/instance_master_path': value => $instance_master_path; - 'pxe/uefi_pxe_bootfile_name': value => $uefi_pxe_bootfile_name; - 'pxe/uefi_pxe_config_template': value => $uefi_pxe_config_template; - 'pxe/ipxe_timeout': value => $ipxe_timeout; - } - - if $deploy_kernel { - ironic_config { - 'pxe/deploy_kernel': value => $deploy_kernel; - } - } - - if $deploy_ramdisk { - ironic_config { - 'pxe/deploy_ramdisk': value => $deploy_ramdisk; - } - } - -} diff --git a/ironic/manifests/init.pp b/ironic/manifests/init.pp deleted file mode 100644 index 8ef0d4489..000000000 --- a/ironic/manifests/init.pp +++ /dev/null @@ -1,362 +0,0 @@ -# -# Copyright (C) 2013 eNovance SAS -# -# Author: Emilien Macchi -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. You may obtain -# a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the -# License for the specific language governing permissions and limitations -# under the License. -# -# == Class: ironic -# -# Installs the ironic package and configures /etc/ironic/ironic.conf -# -# === Parameters: -# -# [*enabled*] -# (required) Whether or not to enable the ironic service -# true/false -# -# [*package_ensure*] -# (optional) The state of the package -# Defaults to 'present' -# -# [*verbose*] -# (optional) Verbose logging -# Defaults to False -# -# [*debug*] -# (optional) Print debug messages in the logs -# Defaults to False -# -# [*auth_strategy*] -# (optional) Default protocol to use when connecting to glance -# Defaults to 'keystone'. 'https' is the only other valid option for SSL -# -# [*enabled_drivers*] -# (optional) Array of drivers to load during service -# initialization. -# Defaults to ['pxe_ipmitool']. -# -# [*control_exchange*] -# (optional) What RPC queue/exchange to use -# Defaults to openstack -# -# [*rpc_backend*] -# (optional) what rpc/queuing service to use -# Defaults to rabbit (rabbitmq) -# -# [*rabbit_host*] -# (Optional) IP or hostname of the rabbit server. -# Defaults to 'localhost' -# -# [*rabbit_port*] -# (Optional) Port of the rabbit server. -# Defaults to 5672. -# -# [*rabbit_hosts*] -# (Optional) Array of host:port (used with HA queues). -# If defined, will remove rabbit_host & rabbit_port parameters from config -# Defaults to undef. -# -# [*rabbit_user*] -# (Optional) User to connect to the rabbit server. -# Defaults to undef. -# Deprecated, use rabbit_userid instead. -# -# [*rabbit_userid*] -# (Optional) User to connect to the rabbit server. -# Defaults to 'guest' -# -# [*rabbit_password*] -# (Optional) Password to connect to the rabbit_server. -# Defaults to empty. -# -# [*rabbit_virtual_host*] -# (Optional) Virtual_host to use. -# Defaults to '/' -# -# [*rabbit_use_ssl*] -# (optional) Connect over SSL for RabbitMQ -# Defaults to false -# -# [*kombu_ssl_ca_certs*] -# (optional) SSL certification authority file (valid only if SSL enabled). -# Defaults to undef -# -# [*kombu_ssl_certfile*] -# (optional) SSL cert file (valid only if SSL enabled). -# Defaults to undef -# -# [*kombu_ssl_keyfile*] -# (optional) SSL key file (valid only if SSL enabled). -# Defaults to undef -# -# [*kombu_ssl_version*] -# (optional) SSL version to use (valid only if SSL enabled). -# Valid values are TLSv1, SSLv23 and SSLv3. SSLv2 may be -# available on some distributions. -# Defaults to 'TLSv1' -# -# [*amqp_durable_queues*] -# Use durable queues in amqp. -# (Optional) Defaults to false. -# -# [*use_syslog*] -# (optional) Use syslog for logging -# Defaults to undef. -# -# [*log_facility*] -# (optional) Syslog facility to receive log lines -# Defaults to undef. -# -# [*use_stderr*] -# (optional) Use stderr for logging -# Defaults to undef. -# -# [*log_dir*] -# (optional) Directory where logs should be stored. -# If set to boolean false, it will not log to any directory. -# Defaults to undef. -# -# [*database_connection*] -# (optional) Connection url for the ironic database. -# Defaults to: undef -# -# [*database_max_retries*] -# (optional) Database reconnection retry times. -# Defaults to: undef -# -# [*database_idle_timeout*] -# (optional) Timeout before idle db connections are reaped. -# Defaults to: undef -# -# [*database_reconnect_interval*] -# (optional) Database reconnection interval in seconds. -# Defaults to: undef -# -# [*database_retry_interval*] -# (optional) Database reconnection interval in seconds. -# Defaults to: undef -# -# [*database_min_pool_size*] -# (optional) Minimum number of SQL connections to keep open in a pool. -# Defaults to: undef -# -# [*database_max_pool_size*] -# (optional) Maximum number of SQL connections to keep open in a pool. -# Defaults to: undef -# -# [*database_max_overflow*] -# (optional) If set, use this value for max_overflow with sqlalchemy. -# Defaults to: undef -# -# [*glance_api_servers*] -# (optional) A list of the glance api servers available to ironic. -# Should be an array with [hostname|ip]:port -# Defaults to undef -# -# [*glance_num_retries*] -# (optional) Number retries when downloading an image from glance. -# Defaults to 0 -# -# [*glance_api_insecure*] -# (optional) Allow to perform insecure SSL (https) requests to glance. -# Defaults to false -# -# [*sync_db*] -# Enable dbsync -# Defaults to true -# -# DEPRECATED PARAMETERS -# -# [*qpid_hostname*] -# [*qpid_port*] -# [*qpid_username*] -# [*qpid_password*] -# [*qpid_heartbeat*] -# [*qpid_protocol*] -# [*qpid_tcp_nodelay*] -# [*qpid_reconnect*] -# [*qpid_reconnect_timeout*] -# [*qpid_reconnect_limit*] -# [*qpid_reconnect_interval*] -# [*qpid_reconnect_interval_min*] -# [*qpid_reconnect_interval_max*] -# -class ironic ( - $enabled = true, - $package_ensure = 'present', - $verbose = undef, - $debug = undef, - $use_syslog = undef, - $use_stderr = undef, - $log_facility = undef, - $log_dir = undef, - $auth_strategy = 'keystone', - $enabled_drivers = ['pxe_ipmitool'], - $control_exchange = 'openstack', - $rpc_backend = 'rabbit', - $rabbit_hosts = false, - $rabbit_virtual_host = '/', - $rabbit_host = 'localhost', - $rabbit_port = 5672, - $rabbit_userid = 'guest', - $rabbit_password = false, - $rabbit_use_ssl = false, - $kombu_ssl_ca_certs = undef, - $kombu_ssl_certfile = undef, - $kombu_ssl_keyfile = undef, - $kombu_ssl_version = 'TLSv1', - $amqp_durable_queues = false, - $database_connection = undef, - $database_max_retries = undef, - $database_idle_timeout = undef, - $database_reconnect_interval = undef, - $database_retry_interval = undef, - $database_min_pool_size = undef, - $database_max_pool_size = undef, - $database_max_overflow = undef, - $glance_api_servers = undef, - $glance_num_retries = '0', - $glance_api_insecure = false, - $sync_db = true, - # DEPRECATED PARAMETERS - $rabbit_user = undef, - $qpid_hostname = undef, - $qpid_port = undef, - $qpid_username = undef, - $qpid_password = undef, - $qpid_heartbeat = undef, - $qpid_protocol = undef, - $qpid_tcp_nodelay = undef, - $qpid_reconnect = undef, - $qpid_reconnect_timeout = undef, - $qpid_reconnect_limit = undef, - $qpid_reconnect_interval_min = undef, - $qpid_reconnect_interval_max = undef, - $qpid_reconnect_interval = undef, -) { - - include ::ironic::logging - include ::ironic::db - include ::ironic::params - - if $rabbit_user { - warning('The rabbit_user parameter is deprecated. Please use rabbit_userid instead.') - $rabbit_user_real = $rabbit_user - } else { - $rabbit_user_real = $rabbit_userid - } - - file { '/etc/ironic': - ensure => directory, - require => Package['ironic-common'], - group => 'ironic', - } - - file { '/etc/ironic/ironic.conf': - require => Package['ironic-common'], - group => 'ironic', - } - - package { 'ironic-common': - ensure => $package_ensure, - name => $::ironic::params::common_package_name, - tag => ['openstack', 'ironic-package'], - } - - validate_array($enabled_drivers) - - if is_array($glance_api_servers) { - ironic_config { - 'glance/glance_api_servers': value => join($glance_api_servers, ','); - } - } elsif is_string($glance_api_servers) { - ironic_config { - 'glance/glance_api_servers': value => $glance_api_servers; - } - } - - ironic_config { - 'DEFAULT/auth_strategy': value => $auth_strategy; - 'DEFAULT/rpc_backend': value => $rpc_backend; - 'DEFAULT/enabled_drivers': value => join($enabled_drivers, ','); - 'glance/glance_num_retries': value => $glance_num_retries; - 'glance/glance_api_insecure': value => $glance_api_insecure; - } - - if $sync_db { - include ::ironic::db::sync - } - - if $rpc_backend == 'ironic.openstack.common.rpc.impl_kombu' or $rpc_backend == 'rabbit' { - - if ! $rabbit_password { - fail('When rpc_backend is rabbitmq, you must set rabbit password') - } - - ironic_config { - 'oslo_messaging_rabbit/rabbit_userid': value => $rabbit_user_real; - 'oslo_messaging_rabbit/rabbit_password': value => $rabbit_password, secret => true; - 'oslo_messaging_rabbit/rabbit_virtual_host': value => $rabbit_virtual_host; - 'oslo_messaging_rabbit/rabbit_use_ssl': value => $rabbit_use_ssl; - 'DEFAULT/control_exchange': value => $control_exchange; - 'oslo_messaging_rabbit/amqp_durable_queues': value => $amqp_durable_queues; - } - - if $rabbit_hosts { - ironic_config { 'oslo_messaging_rabbit/rabbit_hosts': value => join($rabbit_hosts, ',') } - ironic_config { 'oslo_messaging_rabbit/rabbit_ha_queues': value => true } - ironic_config { 'oslo_messaging_rabbit/rabbit_host': ensure => absent } - ironic_config { 'oslo_messaging_rabbit/rabbit_port': ensure => absent } - } else { - ironic_config { 'oslo_messaging_rabbit/rabbit_host': value => $rabbit_host } - ironic_config { 'oslo_messaging_rabbit/rabbit_port': value => $rabbit_port } - ironic_config { 'oslo_messaging_rabbit/rabbit_hosts': value => "${rabbit_host}:${rabbit_port}" } - ironic_config { 'oslo_messaging_rabbit/rabbit_ha_queues': value => false } - } - - if $rabbit_use_ssl { - ironic_config { 'oslo_messaging_rabbit/kombu_ssl_version': value => $kombu_ssl_version } - - if $kombu_ssl_ca_certs { - ironic_config { 'oslo_messaging_rabbit/kombu_ssl_ca_certs': value => $kombu_ssl_ca_certs } - } else { - ironic_config { 'oslo_messaging_rabbit/kombu_ssl_ca_certs': ensure => absent} - } - - if $kombu_ssl_certfile { - ironic_config { 'oslo_messaging_rabbit/kombu_ssl_certfile': value => $kombu_ssl_certfile } - } else { - ironic_config { 'oslo_messaging_rabbit/kombu_ssl_certfile': ensure => absent} - } - - if $kombu_ssl_keyfile { - ironic_config { 'oslo_messaging_rabbit/kombu_ssl_keyfile': value => $kombu_ssl_keyfile } - } else { - ironic_config { 'oslo_messaging_rabbit/kombu_ssl_keyfile': ensure => absent} - } - } else { - ironic_config { - 'oslo_messaging_rabbit/kombu_ssl_ca_certs': ensure => absent; - 'oslo_messaging_rabbit/kombu_ssl_certfile': ensure => absent; - 'oslo_messaging_rabbit/kombu_ssl_keyfile': ensure => absent; - 'oslo_messaging_rabbit/kombu_ssl_version': ensure => absent; - } - } - } - - if $rpc_backend == 'ironic.openstack.common.rpc.impl_qpid' or $rpc_backend == 'qpid' { - warning('Qpid driver is removed from Oslo.messaging in the Mitaka release') - } - -} diff --git a/ironic/manifests/inspector.pp b/ironic/manifests/inspector.pp deleted file mode 100644 index ad083883e..000000000 --- a/ironic/manifests/inspector.pp +++ /dev/null @@ -1,320 +0,0 @@ -# -# Copyright (C) 2015 Red Hat, Inc. -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. You may obtain -# a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the -# License for the specific language governing permissions and limitations -# under the License. - -# Configure the ironic-inspector auxiliary service to Ironic -# -# === Parameters -# -# [*package_ensure*] -# (optional) Control the ensure parameter for the package resource -# Defaults to 'present' -# -# [*enabled*] -# (optional) Define if the service must be enabled or not -# Defaults to true -# -# [*pxe_transfer_protocol*] -# (optional) Protocol to be used for transferring the ramdisk -# Defaults to 'tftp'. Valid values are 'tftp' or 'http'. -# -# [*enable_uefi*] -# (optional) Allow introspection of machines with UEFI firmware. -# Defaults to false. Ignored unless $pxe_transfer_protocol='http'. -# -# [*debug*] -# (optional) Enable debug logging -# Defaults to undef -# -# [*auth_uri*] -# (optional) Complete public Identity API endpoint -# Defaults to 'http://127.0.0.1:5000/v2.0' -# -# [*identity_uri*] -# (optional) Complete admin Identity API endpoint -# Defaults to 'http://127.0.0.1:35357' -# -# [*admin_user*] -# (optional) The name of the auth user -# Defaults to 'ironic' -# -# [*admin_password*] -# (optional) The password to use for authentication (keystone) -# Defaults to undef. Set a value unless you are using noauth -# -# [*admin_tenant_name*] -# (optional) The tenant of the auth user -# Defaults to 'services' -# -# [*dnsmasq_interface*] -# (optional) The interface for the ironic-inspector dnsmasq process -# to listen on -# Defaults to 'br-ctlplane' -# -# [*db_connection*] -# (optional) Location of the ironic-inspector node cache database -# Defaults to 'sqlite::////var/lib/ironic-inspector/inspector.sqlite' -# -# [*ramdisk_logs_dir*] -# (optional) Location to store logs retrieved from the ramdisk -# Defaults to '/var/log/ironic-inspector/ramdisk/' -# -# [*enable_setting_ipmi_credentials*] -# (optional) Enable setting of IPMI credentials -# Defaults to false -# -# [*keep_ports*] -# (optional) Which ports to keep after introspection -# Defaults to 'all' -# -# [*store_data*] -# (optional) Method for storing introspection data -# Defaults to 'none' -# -# [*ironic_username*] -# (optional) User name for accessing Ironic API -# Defaults to 'ironic' -# -# [*ironic_password*] -# (optional) Password for accessing Ironic API -# Defaults to undef. Set a value unless using noauth. -# -# [*ironic_tenant_name*] -# (optional) Tenant name for accessing Ironic API -# Defaults to 'services' -# -# [*ironic_auth_url*] -# (optional) Keystone authentication URL for Ironic -# Defautls to 'http://127.0.0.1:5000/v2.0' -# -# [*ironic_max_retries*] -# (optional) Maximum number of retries in case of conflict error -# Defaults to 30 -# -# [*ironic_retry_interval*] -# (optional) Interval between retries in case of conflict error -# Defaults to 2 -# -# [*swift_username*] -# (optional) User name for accessing Swift API -# Defaults to 'ironic' -# -# [*swift_password*] -# (optional) Password for accessing Swift API -# Defaults to undef. Set a value if using Swift. -# -# [*swift_tenant_name*] -# (optional) Tenant name for accessing Swift API -# Defaults to 'services' -# -# [*swift_auth_url*] -# (optional) Keystone authentication URL for Swift -# Defautls to 'http://127.0.0.1:5000/v2.0' -# -# [*dnsmasq_ip_range*] -# (optional) IP range to use for nodes being introspected -# Defaults to '192.168.0.100,192.168.0.120' -# -# [*dnsmasq_local_ip*] -# (optional) IP interface for the dnsmasq process -# Defaults to '192.168.0.1' -# -# [*sync_db*] -# Enable dbsync -# Defaults to true -# -# [*ramdisk_collectors*] -# Comma-separated list of IPA inspection collectors -# Defaults to 'default' -# -# [*additional_processing_hooks*] -# Comma-separated list of processing hooks to append to the default list. -# Defaults to undef -# -# [*ramdisk_kernel_args*] -# String with kernel arguments to send to the ramdisk on boot. -# Defaults to undef -# -# [*ipxe_timeout*] -# (optional) ipxe timeout in second. Should be an integer. -# Defaults to '0' for unlimited. -# -class ironic::inspector ( - $package_ensure = 'present', - $enabled = true, - $pxe_transfer_protocol = 'tftp', - $enable_uefi = false, - $debug = undef, - $auth_uri = 'http://127.0.0.1:5000/v2.0', - $identity_uri = 'http://127.0.0.1:35357', - $admin_user = 'ironic', - $admin_password = undef, - $admin_tenant_name = 'services', - $dnsmasq_interface = 'br-ctlplane', - $db_connection = 'sqlite:////var/lib/ironic-inspector/inspector.sqlite', - $ramdisk_logs_dir = '/var/log/ironic-inspector/ramdisk/', - $enable_setting_ipmi_credentials = false, - $keep_ports = 'all', - $store_data = 'none', - $ironic_username = 'ironic', - $ironic_password = undef, - $ironic_tenant_name = 'services', - $ironic_auth_url = 'http://127.0.0.1:5000/v2.0', - $ironic_max_retries = 30, - $ironic_retry_interval = 2, - $swift_username = 'ironic', - $swift_password = undef, - $swift_tenant_name = 'services', - $swift_auth_url = 'http://127.0.0.1:5000/v2.0', - $dnsmasq_ip_range = '192.168.0.100,192.168.0.120', - $dnsmasq_local_ip = '192.168.0.1', - $sync_db = true, - $ramdisk_collectors = 'default', - $additional_processing_hooks = undef, - $ramdisk_kernel_args = undef, - $ipxe_timeout = 0, -) { - - include ::ironic::params - include ::ironic::inspector::logging - - Ironic_inspector_config<||> ~> Service['ironic-inspector'] - - file { '/etc/ironic-inspector/inspector.conf': - ensure => 'present', - require => Package['ironic-inspector'], - } - file { '/tftpboot': - ensure => 'directory', - seltype => 'tftpdir_t', - } - - if $pxe_transfer_protocol == 'tftp' { - file { '/etc/ironic-inspector/dnsmasq.conf': - ensure => 'present', - content => template('ironic/inspector_dnsmasq_tftp.erb'), - require => Package['ironic-inspector'], - } - file { '/tftpboot/pxelinux.cfg': - ensure => 'directory', - } - file { '/tftpboot/pxelinux.cfg/default': - ensure => 'present', - content => template('ironic/inspector_pxelinux_cfg.erb'), - require => Package['ironic-inspector'], - } - } - - if $pxe_transfer_protocol == 'http' { - file { '/etc/ironic-inspector/dnsmasq.conf': - ensure => 'present', - content => template('ironic/inspector_dnsmasq_http.erb'), - require => Package['ironic-inspector'], - } - file { '/httpboot': - ensure => 'directory', - } - file { '/httpboot/inspector.ipxe': - ensure => 'present', - content => template('ironic/inspector_ipxe.erb'), - require => Package['ironic-inspector'], - } - if $::ironic::params::ipxe_rom_dir { - file { '/tftpboot/undionly.kpxe': - ensure => 'present', - source => "${::ironic::params::ipxe_rom_dir}/undionly.kpxe", - backup => false, - seltype => 'tftpdir_t', - } - if $enable_uefi { - file { '/tftpboot/ipxe.efi': - ensure => 'present', - source => "${::ironic::params::ipxe_rom_dir}/ipxe.efi", - backup => false, - seltype => 'tftpdir_t', - } - } - } else { - warning('iPXE ROM source location not set, ensure ROMs are copied into /tftpboot') - } - } - - # Configure inspector.conf - ironic_inspector_config { - 'keystone_authtoken/auth_uri': value => $auth_uri; - 'keystone_authtoken/identity_uri': value => $identity_uri; - 'keystone_authtoken/admin_user': value => $admin_user; - 'keystone_authtoken/admin_password': value => $admin_password, secret => true; - 'keystone_authtoken/admin_tenant_name': value => $admin_tenant_name; - 'firewall/dnsmasq_interface': value => $dnsmasq_interface; - 'database/connection': value => $db_connection; - 'processing/ramdisk_logs_dir': value => $ramdisk_logs_dir; - 'processing/enable_setting_ipmi_credentials': value => $enable_setting_ipmi_credentials; - 'processing/keep_ports': value => $keep_ports; - 'processing/store_data': value => $store_data; - 'ironic/os_username': value => $ironic_username; - 'ironic/os_password': value => $ironic_password, secret => true; - 'ironic/os_tenant_name': value => $ironic_tenant_name; - 'ironic/os_auth_url': value => $ironic_auth_url; - 'ironic/max_retries': value => $ironic_max_retries; - 'ironic/retry_interval': value => $ironic_retry_interval; - 'swift/username': value => $swift_username; - 'swift/password': value => $swift_password, secret => true; - 'swift/tenant_name': value => $swift_tenant_name; - 'swift/os_auth_url': value => $swift_auth_url; - # Here we use oslo.config interpolation with another option default_processing_hooks, - # which we don't change as it might break introspection completely. - 'processing/processing_hooks': value => join(delete_undef_values(['$default_processing_hooks', $additional_processing_hooks]), ','); - } - - # Install package - if $::ironic::params::inspector_package { - Package['ironic-inspector'] -> Service['ironic-inspector'] - Package['ironic-inspector'] -> Service['ironic-inspector-dnsmasq'] - package { 'ironic-inspector': - ensure => $package_ensure, - name => $::ironic::params::inspector_package, - tag => ['openstack', 'ironic-inspector-package'], - } - } - - if $sync_db { - include ::ironic::db::inspector_sync - } - - if $enabled { - $ensure = 'running' - } else { - $ensure = 'stopped' - } - - # Manage services - service { 'ironic-inspector': - ensure => $ensure, - name => $::ironic::params::inspector_service, - enable => $enabled, - hasstatus => true, - tag => 'ironic-inspector-service', - } - - Service['ironic-inspector'] -> Service['ironic-inspector-dnsmasq'] - service { 'ironic-inspector-dnsmasq': - ensure => $ensure, - name => $::ironic::params::inspector_dnsmasq_service, - enable => $enabled, - hasstatus => true, - tag => 'ironic-inspector-dnsmasq-service', - } - -} diff --git a/ironic/manifests/inspector/logging.pp b/ironic/manifests/inspector/logging.pp deleted file mode 100644 index 299c54f12..000000000 --- a/ironic/manifests/inspector/logging.pp +++ /dev/null @@ -1,141 +0,0 @@ -# Class ironic::inspector::logging -# -# ironic-inspector logging configuration -# -# == parameters -# -# [*verbose*] -# (Optional) Should the daemons log verbose messages -# Defaults to $::os_service_default -# -# [*debug*] -# (Optional) Should the daemons log debug messages -# Defaults to $::os_service_default -# -# [*use_syslog*] -# (Optional) Use syslog for logging. -# Defaults to $::os_service_default -# -# [*use_stderr*] -# (optional) Use stderr for logging -# Defaults to $::os_service_default -# -# [*log_facility*] -# (Optional) Syslog facility to receive log lines. -# Defaults to $::os_service_default -# -# [*log_dir*] -# (optional) Directory where logs should be stored. -# If set to boolean false, it will not log to any directory. -# Defaults to '/var/log/ironic-inspector' -# -# [*logging_context_format_string*] -# (optional) Format string to use for log messages with context. -# Defaults to $::os_service_default -# Example: '%(asctime)s.%(msecs)03d %(process)d %(levelname)s %(name)s\ -# [%(request_id)s %(user_identity)s] %(instance)s%(message)s' -# -# [*logging_default_format_string*] -# (optional) Format string to use for log messages without context. -# Defaults to$::os_service_default -# Example: '%(asctime)s.%(msecs)03d %(process)d %(levelname)s %(name)s\ -# [-] %(instance)s%(message)s' -# -# [*logging_debug_format_suffix*] -# (optional) Formatted data to append to log format when level is DEBUG. -# Defaults to $::os_service_default -# Example: '%(funcName)s %(pathname)s:%(lineno)d' -# -# [*logging_exception_prefix*] -# (optional) Prefix each line of exception output with this format. -# Defaults to $::os_service_default -# Example: '%(asctime)s.%(msecs)03d %(process)d TRACE %(name)s %(instance)s' -# -# [*log_config_append*] -# The name of an additional logging configuration file. -# Defaults to $::os_service_default -# See https://docs.python.org/2/howto/logging.html -# -# [*default_log_levels*] -# (optional) Hash of logger (keys) and level (values) pairs. -# Defaults to $::os_service_default -# Example: -# { 'amqp' => 'WARN', 'amqplib' => 'WARN', 'boto' => 'WARN', -# 'qpid' => 'WARN', 'sqlalchemy' => 'WARN', 'suds' => 'INFO', -# 'iso8601' => 'WARN', -# 'requests.packages.urllib3.connectionpool' => 'WARN' } -# -# [*publish_errors*] -# (optional) Publish error events (boolean value). -# Defaults to $::os_service_default -# -# [*fatal_deprecations*] -# (optional) Make deprecations fatal (boolean value) -# Defaults to $::os_service_default -# -# [*instance_format*] -# (optional) If an instance is passed with the log message, format it -# like this (string value). -# Defaults to $::os_service_default -# Example: '[instance: %(uuid)s] ' -# -# [*instance_uuid_format*] -# (optional) If an instance UUID is passed with the log message, format -# it like this (string value). -# Defaults to $::os_service_default -# Example: instance_uuid_format='[instance: %(uuid)s] ' -# -# [*log_date_format*] -# (optional) Format string for %%(asctime)s in log records. -# Defaults to $::os_service_default -# Example: 'Y-%m-%d %H:%M:%S' - -class ironic::inspector::logging( - $use_syslog = $::os_service_default, - $use_stderr = $::os_service_default, - $log_facility = $::os_service_default, - $log_dir = '/var/log/ironic-inspector', - $verbose = $::os_service_default, - $debug = $::os_service_default, - $logging_context_format_string = $::os_service_default, - $logging_default_format_string = $::os_service_default, - $logging_debug_format_suffix = $::os_service_default, - $logging_exception_prefix = $::os_service_default, - $log_config_append = $::os_service_default, - $default_log_levels = $::os_service_default, - $publish_errors = $::os_service_default, - $fatal_deprecations = $::os_service_default, - $instance_format = $::os_service_default, - $instance_uuid_format = $::os_service_default, - $log_date_format = $::os_service_default, -) { - - $debug_real = pick($::ironic::inspector::debug,$debug) - if is_service_default($default_log_levels) { - $default_log_levels_real = $default_log_levels - } else { - $default_log_levels_real = join(sort(join_keys_to_values($default_log_levels, '=')), ',') - } - - ironic_inspector_config { - 'DEFAULT/debug': value => $debug_real; - 'DEFAULT/verbose': value => $verbose; - 'DEFAULT/use_stderr': value => $use_stderr; - 'DEFAULT/use_syslog': value => $use_syslog; - 'DEFAULT/log_dir': value => $log_dir; - 'DEFAULT/syslog_log_facility': value => $log_facility; - 'DEFAULT/logging_context_format_string': value => $logging_context_format_string; - 'DEFAULT/logging_default_format_string': value => $logging_default_format_string; - 'DEFAULT/logging_debug_format_suffix': value => $logging_debug_format_suffix; - 'DEFAULT/logging_exception_prefix': value => $logging_exception_prefix; - 'DEFAULT/log_config_append': value => $log_config_append; - 'DEFAULT/default_log_levels': value => $default_log_levels_real; - 'DEFAULT/publish_errors': value => $publish_errors; - 'DEFAULT/fatal_deprecations': value => $fatal_deprecations; - 'DEFAULT/instance_format': value => $instance_format; - 'DEFAULT/instance_uuid_format': value => $instance_uuid_format; - 'DEFAULT/log_date_format': value => $log_date_format; - } - - -} diff --git a/ironic/manifests/keystone/auth.pp b/ironic/manifests/keystone/auth.pp deleted file mode 100644 index f258667c3..000000000 --- a/ironic/manifests/keystone/auth.pp +++ /dev/null @@ -1,213 +0,0 @@ -# -# Copyright (C) 2013 eNovance SAS -# -# Author: Emilien Macchi -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. You may obtain -# a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the -# License for the specific language governing permissions and limitations -# under the License. -# -# ironic::keystone::auth -# -# Configures Ironic user, service and endpoint in Keystone. -# -# === Parameters -# -# [*password*] -# (required) Password for Ironic user. -# -# [*auth_name*] -# Username for Ironic service. Defaults to 'ironic'. -# -# [*email*] -# Email for Ironic user. Defaults to 'ironic@localhost'. -# -# [*tenant*] -# Tenant for Ironic user. Defaults to 'services'. -# -# [*configure_endpoint*] -# Should Ironic endpoint be configured? Defaults to 'true'. -# -# [*configure_user*] -# (Optional) Should the service user be configured? -# Defaults to 'true'. -# -# [*configure_user_role*] -# (Optional) Should the admin role be configured for the service user? -# Defaults to 'true'. -# -# [*service_name*] -# (Optional) Name of the service. -# Defaults to the value of auth_name, but must differ from the value. -# -# [*service_type*] -# Type of service. Defaults to 'baremetal'. -# -# [*service_description*] -# (Optional) Description for keystone service. -# Defaults to 'Ironic Bare Metal Provisioning Service'. -# -# [*region*] -# Region for endpoint. Defaults to 'RegionOne'. -# -# [*public_url*] -# (optional) The endpoint's public url. (Defaults to 'http://127.0.0.1:6385') -# This url should *not* contain any trailing '/'. -# -# [*admin_url*] -# (optional) The endpoint's admin url. (Defaults to 'http://127.0.0.1:6385') -# This url should *not* contain any trailing '/'. -# -# [*internal_url*] -# (optional) The endpoint's internal url. (Defaults to 'http://127.0.0.1:6385') -# This url should *not* contain any trailing '/'. -# -# [*port*] -# (optional) DEPRECATED: Use public_url, internal_url and admin_url instead. -# Default port for endpoints. (Defaults to 6385) -# Setting this parameter overrides public_url, internal_url and admin_url parameters. -# -# [*public_protocol*] -# (optional) DEPRECATED: Use public_url instead. -# Protocol for public endpoint. (Defaults to 'http') -# Setting this parameter overrides public_url parameter. -# -# [*public_port*] -# (optional) DEPRECATED: Use public_url instead. -# Default port for endpoints. (Defaults to $port) -# Setting this parameter overrides public_url parameter. -# -# [*public_address*] -# (optional) DEPRECATED: Use public_url instead. -# Public address for endpoint. (Defaults to '127.0.0.1') -# Setting this parameter overrides public_url parameter. -# -# [*internal_address*] -# (optional) DEPRECATED: Use internal_url instead. -# Internal address for endpoint. (Defaults to '127.0.0.1') -# Setting this parameter overrides internal_url parameter. -# -# [*admin_address*] -# (optional) DEPRECATED: Use admin_url instead. -# Admin address for endpoint. (Defaults to '127.0.0.1') -# Setting this parameter overrides admin_url parameter. -# -# === Deprecation notes -# -# If any value is provided for public_protocol, public_address or port parameters, -# public_url will be completely ignored. The same applies for internal and admin parameters. -# -# === Examples -# -# class { 'ironic::keystone::auth': -# public_url => 'https://10.0.0.10:6385', -# internal_url => 'https://10.0.0.11:6385', -# admin_url => 'https://10.0.0.11:6385', -# } -# -class ironic::keystone::auth ( - $password, - $auth_name = 'ironic', - $email = 'ironic@localhost', - $tenant = 'services', - $configure_endpoint = true, - $configure_user = true, - $configure_user_role = true, - $service_name = undef, - $service_type = 'baremetal', - $service_description = 'Ironic Bare Metal Provisioning Service', - $region = 'RegionOne', - $public_url = 'http://127.0.0.1:6385', - $admin_url = 'http://127.0.0.1:6385', - $internal_url = 'http://127.0.0.1:6385', - # DEPRECATED PARAMETERS - $port = undef, - $public_protocol = undef, - $public_address = undef, - $public_port = undef, - $internal_address = undef, - $admin_address = undef, -) { - - if $port { - warning('The port parameter is deprecated, use public_url, internal_url and admin_url instead.') - } - - if $public_port { - warning('The public_port parameter is deprecated, use public_url instead.') - } - - if $public_protocol { - warning('The public_protocol parameter is deprecated, use public_url instead.') - } - - if $public_address { - warning('The public_address parameter is deprecated, use public_url instead.') - } - - if $internal_address { - warning('The internal_address parameter is deprecated, use internal_url instead.') - } - - if $admin_address { - warning('The admin_address parameter is deprecated, use admin_url instead.') - } - - if ($public_protocol or $public_address or $port or $public_port) { - $public_url_real = sprintf('%s://%s:%s', - pick($public_protocol, 'http'), - pick($public_address, '127.0.0.1'), - pick($public_port, $port, '6385')) - } else { - $public_url_real = $public_url - } - - if ($admin_address or $port) { - $admin_url_real = sprintf('http://%s:%s', - pick($admin_address, '127.0.0.1'), - pick($port, '6385')) - } else { - $admin_url_real = $admin_url - } - - if ($internal_address or $port) { - $internal_url_real = sprintf('http://%s:%s', - pick($internal_address, '127.0.0.1'), - pick($port, '6385')) - } else { - $internal_url_real = $internal_url - } - - $real_service_name = pick($service_name, $auth_name) - - if $configure_user_role { - Keystone_user_role["${auth_name}@${tenant}"] ~> Service <| name == 'ironic-server' |> - } - - Keystone_endpoint["${region}/${real_service_name}::${service_type}"] ~> Service <| name == 'ironic-server' |> - - keystone::resource::service_identity { $auth_name: - configure_user => $configure_user, - configure_user_role => $configure_user_role, - configure_endpoint => $configure_endpoint, - service_name => $real_service_name, - service_type => $service_type, - service_description => $service_description, - region => $region, - password => $password, - email => $email, - tenant => $tenant, - public_url => $public_url_real, - internal_url => $internal_url_real, - admin_url => $admin_url_real, - } - -} diff --git a/ironic/manifests/keystone/auth_inspector.pp b/ironic/manifests/keystone/auth_inspector.pp deleted file mode 100644 index 2f98daaca..000000000 --- a/ironic/manifests/keystone/auth_inspector.pp +++ /dev/null @@ -1,122 +0,0 @@ -# -# Copyright (C) 2015 Red Hat Inc. -# -# Author: Dan Prince -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. You may obtain -# a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the -# License for the specific language governing permissions and limitations -# under the License. -# -# ironic::keystone::auth_inspector -# -# Configures Baremetal Introspection user, service and endpoint in Keystone. -# -# === Parameters -# -# [*password*] -# (required) Password for Baremetal Introspection user. -# -# [*auth_name*] -# Username for Bare Metal Introspection Service. Defaults to 'ironic-inspector'. -# -# [*email*] -# Email for Baremetal Introspection user. Defaults to 'baremetal-introspection@localhost'. -# -# [*tenant*] -# Tenant for Baremetal Introspection user. Defaults to 'services'. -# -# [*configure_endpoint*] -# Should Baremetal Introspection endpoint be configured? Defaults to 'true'. -# -# [*configure_user*] -# (Optional) Should the service user be configured? -# Defaults to 'true'. -# -# [*configure_user_role*] -# (Optional) Should the admin role be configured for the service user? -# Defaults to 'true'. -# -# [*service_name*] -# (Optional) Name of the service. -# Defaults to the value of auth_name, but must differ from the value. -# -# [*service_type*] -# Type of service. Defaults to 'baremetal-introspection'. -# -# [*service_description*] -# (Optional) Description for keystone service. -# Defaults to 'Bare Metal Introspection Service'. -# -# [*region*] -# Region for endpoint. Defaults to 'RegionOne'. -# -# [*public_url*] -# (optional) The endpoint's public url. (Defaults to 'http://127.0.0.1:5050') -# This url should *not* contain any trailing '/'. -# -# [*admin_url*] -# (optional) The endpoint's admin url. (Defaults to 'http://127.0.0.1:5050') -# This url should *not* contain any trailing '/'. -# -# [*internal_url*] -# (optional) The endpoint's internal url. (Defaults to 'http://127.0.0.1:5050') -# This url should *not* contain any trailing '/'. -# -# === Examples -# -# class { 'ironic::keystone::auth_inspector': -# public_url => 'https://10.0.0.10:5050', -# internal_url => 'https://10.0.0.11:5050', -# admin_url => 'https://10.0.0.11:5050', -# } -# -class ironic::keystone::auth_inspector ( - $password, - $auth_name = 'ironic-inspector', - $email = 'baremetal-introspection@localhost', - $tenant = 'services', - $configure_endpoint = true, - $configure_user = true, - $configure_user_role = true, - $service_name = undef, - $service_type = 'baremetal-introspection', - $service_description = 'Bare Metal Introspection Service', - $region = 'RegionOne', - $public_url = 'http://127.0.0.1:5050', - $admin_url = 'http://127.0.0.1:5050', - $internal_url = 'http://127.0.0.1:5050', -) { - - $real_service_name = pick($service_name, $auth_name) - - if $configure_user_role { - Keystone_user_role["${auth_name}@${tenant}"] ~> Service <| name == 'ironic-inspector' |> - } - - Keystone_endpoint["${region}/${real_service_name}::${service_type}"] ~> Service <| name == 'ironic-inspector' |> - - keystone::resource::service_identity { $auth_name: - configure_user => $configure_user, - configure_user_role => $configure_user_role, - configure_endpoint => $configure_endpoint, - service_name => $real_service_name, - service_type => $service_type, - service_description => $service_description, - region => $region, - password => $password, - email => $email, - tenant => $tenant, - public_url => $public_url, - internal_url => $internal_url, - admin_url => $admin_url, - } - -} diff --git a/ironic/manifests/logging.pp b/ironic/manifests/logging.pp deleted file mode 100644 index 281e1dd45..000000000 --- a/ironic/manifests/logging.pp +++ /dev/null @@ -1,149 +0,0 @@ -# Class ironic::logging -# -# ironic logging configuration -# -# == parameters -# -# [*verbose*] -# (Optional) Should the daemons log verbose messages -# Defaults to $::os_service_default -# -# [*debug*] -# (Optional) Should the daemons log debug messages -# Defaults to $::os_service_default -# -# [*use_syslog*] -# (Optional) Use syslog for logging. -# Defaults to $::os_service_default -# -# [*use_stderr*] -# (optional) Use stderr for logging -# Defaults to $::os_service_default -# -# [*log_facility*] -# (Optional) Syslog facility to receive log lines. -# Defaults to $::os_service_default -# -# [*log_dir*] -# (optional) Directory where logs should be stored. -# If set to boolean false, it will not log to any directory. -# Defaults to '/var/log/ironic' -# -# [*logging_context_format_string*] -# (optional) Format string to use for log messages with context. -# Defaults to $::os_service_default -# Example: '%(asctime)s.%(msecs)03d %(process)d %(levelname)s %(name)s\ -# [%(request_id)s %(user_identity)s] %(instance)s%(message)s' -# -# [*logging_default_format_string*] -# (optional) Format string to use for log messages without context. -# Defaults to$::os_service_default -# Example: '%(asctime)s.%(msecs)03d %(process)d %(levelname)s %(name)s\ -# [-] %(instance)s%(message)s' -# -# [*logging_debug_format_suffix*] -# (optional) Formatted data to append to log format when level is DEBUG. -# Defaults to $::os_service_default -# Example: '%(funcName)s %(pathname)s:%(lineno)d' -# -# [*logging_exception_prefix*] -# (optional) Prefix each line of exception output with this format. -# Defaults to $::os_service_default -# Example: '%(asctime)s.%(msecs)03d %(process)d TRACE %(name)s %(instance)s' -# -# [*log_config_append*] -# The name of an additional logging configuration file. -# Defaults to $::os_service_default -# See https://docs.python.org/2/howto/logging.html -# -# [*default_log_levels*] -# (optional) Hash of logger (keys) and level (values) pairs. -# Defaults to $::os_service_default -# Example: -# { 'amqp' => 'WARN', 'amqplib' => 'WARN', 'boto' => 'WARN', -# 'qpid' => 'WARN', 'sqlalchemy' => 'WARN', 'suds' => 'INFO', -# 'iso8601' => 'WARN', -# 'requests.packages.urllib3.connectionpool' => 'WARN' } -# -# [*publish_errors*] -# (optional) Publish error events (boolean value). -# Defaults to $::os_service_default -# -# [*fatal_deprecations*] -# (optional) Make deprecations fatal (boolean value) -# Defaults to $::os_service_default -# -# [*instance_format*] -# (optional) If an instance is passed with the log message, format it -# like this (string value). -# Defaults to $::os_service_default -# Example: '[instance: %(uuid)s] ' -# -# [*instance_uuid_format*] -# (optional) If an instance UUID is passed with the log message, format -# it like this (string value). -# Defaults to $::os_service_default -# Example: instance_uuid_format='[instance: %(uuid)s] ' -# -# [*log_date_format*] -# (optional) Format string for %%(asctime)s in log records. -# Defaults to $::os_service_default -# Example: 'Y-%m-%d %H:%M:%S' - -class ironic::logging( - $use_syslog = $::os_service_default, - $use_stderr = $::os_service_default, - $log_facility = $::os_service_default, - $log_dir = '/var/log/ironic', - $verbose = $::os_service_default, - $debug = $::os_service_default, - $logging_context_format_string = $::os_service_default, - $logging_default_format_string = $::os_service_default, - $logging_debug_format_suffix = $::os_service_default, - $logging_exception_prefix = $::os_service_default, - $log_config_append = $::os_service_default, - $default_log_levels = $::os_service_default, - $publish_errors = $::os_service_default, - $fatal_deprecations = $::os_service_default, - $instance_format = $::os_service_default, - $instance_uuid_format = $::os_service_default, - $log_date_format = $::os_service_default, -) { - - # NOTE(spredzy): In order to keep backward compatibility we rely on the pick function - # to use ironic:: first then ironic::logging::. - $use_syslog_real = pick($::ironic::use_syslog,$use_syslog) - $use_stderr_real = pick($::ironic::use_stderr,$use_stderr) - $log_facility_real = pick($::ironic::log_facility,$log_facility) - $log_dir_real = pick($::ironic::log_dir,$log_dir) - $verbose_real = pick($::ironic::verbose,$verbose) - $debug_real = pick($::ironic::debug,$debug) - - if is_service_default($default_log_levels) { - $default_log_levels_real = $default_log_levels - } else { - $default_log_levels_real = join(sort(join_keys_to_values($default_log_levels, '=')), ',') - } - - ironic_config { - 'DEFAULT/debug': value => $debug_real; - 'DEFAULT/verbose': value => $verbose_real; - 'DEFAULT/use_stderr': value => $use_stderr_real; - 'DEFAULT/use_syslog': value => $use_syslog_real; - 'DEFAULT/log_dir': value => $log_dir_real; - 'DEFAULT/syslog_log_facility': value => $log_facility_real; - 'DEFAULT/logging_context_format_string': value => $logging_context_format_string; - 'DEFAULT/logging_default_format_string': value => $logging_default_format_string; - 'DEFAULT/logging_debug_format_suffix': value => $logging_debug_format_suffix; - 'DEFAULT/logging_exception_prefix': value => $logging_exception_prefix; - 'DEFAULT/log_config_append': value => $log_config_append; - 'DEFAULT/default_log_levels': value => $default_log_levels_real; - 'DEFAULT/publish_errors': value => $publish_errors; - 'DEFAULT/fatal_deprecations': value => $fatal_deprecations; - 'DEFAULT/instance_format': value => $instance_format; - 'DEFAULT/instance_uuid_format': value => $instance_uuid_format; - 'DEFAULT/log_date_format': value => $log_date_format; - } - - -} diff --git a/ironic/manifests/params.pp b/ironic/manifests/params.pp deleted file mode 100644 index 6b8755866..000000000 --- a/ironic/manifests/params.pp +++ /dev/null @@ -1,70 +0,0 @@ -# -# Copyright (C) 2013 eNovance SAS -# -# Author: Emilien Macchi -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. You may obtain -# a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the -# License for the specific language governing permissions and limitations -# under the License. -# -# ironic::params -# - -class ironic::params { - - $dbsync_command = - 'ironic-dbsync --config-file /etc/ironic/ironic.conf' - - $inspector_dbsync_command = - 'ironic-inspector-dbsync --config-file /etc/ironic-inspector/inspector.conf upgrade' - - case $::osfamily { - 'RedHat': { - $common_package_name = 'openstack-ironic-common' - $api_package = 'openstack-ironic-api' - $api_service = 'openstack-ironic-api' - $conductor_package = 'openstack-ironic-conductor' - $conductor_service = 'openstack-ironic-conductor' - $client_package = 'python-ironicclient' - $inspector_package = 'openstack-ironic-inspector' - $inspector_service = 'openstack-ironic-inspector' - $inspector_dnsmasq_service = 'openstack-ironic-inspector-dnsmasq' - $sqlite_package_name = undef - $pymysql_package_name = undef - $ipxe_rom_dir = '/usr/share/ipxe' - $ironic_wsgi_script_path = '/var/www/cgi-bin/ironic' - $ironic_wsgi_script_source = '/usr/lib/python2.7/site-packages/ironic/api/app.wsgi' - } - 'Debian': { - $common_package_name = 'ironic-common' - $api_service = 'ironic-api' - $api_package = 'ironic-api' - $conductor_service = 'ironic-conductor' - $conductor_package = 'ironic-conductor' - $client_package = 'python-ironicclient' - $inspector_package = 'ironic-inspector' - $inspector_service = 'ironic-inspector' - # it seems like there is not currently a builtin dnsmasq in the debian packaging - # https://packages.debian.org/source/experimental/ironic-inspector - # this should be changed to whatever debian will use for dnsmasq - $inspector_dnsmasq_service = 'ironic-inspector-dnsmasq' - $sqlite_package_name = 'python-pysqlite2' - $pymysql_package_name = 'python-pymysql' - $ipxe_rom_dir = '/usr/lib/ipxe' - $ironic_wsgi_script_path = '/usr/lib/cgi-bin/ironic' - $ironic_wsgi_script_source = '/usr/lib/python2.7/dist-packages/ironic/api/app.wsgi' - } - default: { - fail("Unsupported osfamily ${::osfamily}") - } - } - -} diff --git a/ironic/manifests/policy.pp b/ironic/manifests/policy.pp deleted file mode 100644 index 70b2c6644..000000000 --- a/ironic/manifests/policy.pp +++ /dev/null @@ -1,29 +0,0 @@ -# == Class: ironic::policy -# -# Configure the ironic policies -# -# === Parameters -# -# [*policies*] -# (optional) Set of policies to configure for ironic -# Example : { 'ironic-context_is_admin' => {'context_is_admin' => 'true'}, 'ironic-default' => {'default' => 'rule:admin_or_owner'} } -# Defaults to empty hash. -# -# [*policy_path*] -# (optional) Path to the ironic policy.json file -# Defaults to /etc/ironic/policy.json -# -class ironic::policy ( - $policies = {}, - $policy_path = '/etc/ironic/policy.json', -) { - - validate_hash($policies) - - Openstacklib::Policy::Base { - file_path => $policy_path, - } - - create_resources('openstacklib::policy::base', $policies) - -} diff --git a/ironic/manifests/wsgi/apache.pp b/ironic/manifests/wsgi/apache.pp deleted file mode 100644 index d2308eba6..000000000 --- a/ironic/manifests/wsgi/apache.pp +++ /dev/null @@ -1,125 +0,0 @@ -# Copyright 2015 Red Hat, Inc. -# All Rights Reserved. -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. You may obtain -# a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the -# License for the specific language governing permissions and limitations -# under the License. -# -# Class to serve ironic API with apache mod_wsgi in place of ironic-api service. -# Serving ironic API from apache is the recommended way to go for production -# because of limited performance for concurrent accesses when running eventlet. -# When using this class you should disable your ironic-api service. -# -# == Parameters -# -# [*servername*] -# The servername for the virtualhost. -# Optional. Defaults to $::fqdn -# -# [*port*] -# The port. -# Optional. Defaults to 6385 -# -# [*bind_host*] -# The host/ip address Apache will listen on. -# Optional. Defaults to undef (listen on all ip addresses). -# -# [*path*] -# The prefix for the endpoint. -# Optional. Defaults to '/' -# -# [*ssl*] -# Use ssl ? (boolean) -# Optional. Defaults to true -# -# [*workers*] -# Number of WSGI workers to spawn. -# Optional. Defaults to 1 -# -# [*priority*] -# (optional) The priority for the vhost. -# Defaults to '10' -# -# [*threads*] -# (optional) The number of threads for the vhost. -# Defaults to $::processorcount -# -# [*ssl_cert*] -# [*ssl_key*] -# [*ssl_chain*] -# [*ssl_ca*] -# [*ssl_crl_path*] -# [*ssl_crl*] -# [*ssl_certs_dir*] -# apache::vhost ssl parameters. -# Optional. Default to apache::vhost 'ssl_*' defaults. -# -# == Dependencies -# -# requires Class['apache'] & Class['ironic'] -# -# == Examples -# -# include apache -# -# class { 'ironic::wsgi::apache': } -# - -class ironic::wsgi::apache ( - $servername = $::fqdn, - $port = 6385, - $bind_host = undef, - $path = '/', - $ssl = true, - $workers = 1, - $ssl_cert = undef, - $ssl_key = undef, - $ssl_chain = undef, - $ssl_ca = undef, - $ssl_crl_path = undef, - $ssl_crl = undef, - $ssl_certs_dir = undef, - $threads = $::processorcount, - $priority = '10', -) { - - include ::ironic::params - include ::apache - include ::apache::mod::wsgi - if $ssl { - include ::apache::mod::ssl - } - - ::openstacklib::wsgi::apache { 'ironic_wsgi': - bind_host => $bind_host, - bind_port => $port, - group => 'ironic', - path => $path, - priority => $priority, - servername => $servername, - ssl => $ssl, - ssl_ca => $ssl_ca, - ssl_cert => $ssl_cert, - ssl_certs_dir => $ssl_certs_dir, - ssl_chain => $ssl_chain, - ssl_crl => $ssl_crl, - ssl_crl_path => $ssl_crl_path, - ssl_key => $ssl_key, - threads => $threads, - user => 'ironic', - workers => $workers, - wsgi_daemon_process => 'ironic', - wsgi_process_group => 'ironic', - wsgi_script_dir => $::ironic::params::ironic_wsgi_script_path, - wsgi_script_file => 'app', - wsgi_script_source => $::ironic::params::ironic_wsgi_script_source, - } -} diff --git a/ironic/metadata.json b/ironic/metadata.json deleted file mode 100644 index 9e8a78fb8..000000000 --- a/ironic/metadata.json +++ /dev/null @@ -1,32 +0,0 @@ -{ - "name": "openstack-ironic", - "version": "8.1.0", - "author": "eNovance and OpenStack Contributors", - "summary": "Puppet module for OpenStack Ironic", - "license": "Apache-2.0", - "source": "git://github.com/openstack/puppet-ironic.git", - "project_page": "https://launchpad.net/puppet-ironic", - "issues_url": "https://bugs.launchpad.net/puppet-ironic", - "requirements": [ - { "name": "pe", "version_requirement": ">= 3.2.0 <= 2016.1.0" }, - { "name": "puppet", "version_requirement": ">= 3.0.0 < 5.0.0" } - ], - "operatingsystem_support": [ - { - "operatingsystem": "RedHat", - "operatingsystemrelease": ["7"] - }, - { - "operatingsystem": "Ubuntu", - "operatingsystemrelease": ["14.04"] - } - ], - "description": "Installs and configures OpenStack Ironic (Bare metal).", - "dependencies": [ - { "name": "puppetlabs/inifile", "version_requirement": ">=1.4.0 <2.0.0" }, - { "name": "openstack/keystone", "version_requirement": ">=8.1.0 <9.0.0" }, - { "name": "puppetlabs/stdlib", "version_requirement": ">=4.9.0 <5.0.0" }, - { "name": "openstack/openstacklib", "version_requirement": ">=8.1.0 <9.0.0" }, - { "name": "puppetlabs/vcsrepo", "version_requirement": ">=1.3.0 <2.0.0"} - ] -} diff --git a/ironic/releasenotes/notes/api_paste-b94e191896840944.yaml b/ironic/releasenotes/notes/api_paste-b94e191896840944.yaml deleted file mode 100644 index 898bbc9dc..000000000 --- a/ironic/releasenotes/notes/api_paste-b94e191896840944.yaml +++ /dev/null @@ -1,3 +0,0 @@ ---- -features: - - Add api_paste type/provider. diff --git a/ironic/releasenotes/notes/api_wsgi-e8eb12b8e66ffe4e.yaml b/ironic/releasenotes/notes/api_wsgi-e8eb12b8e66ffe4e.yaml deleted file mode 100644 index 4335f5be8..000000000 --- a/ironic/releasenotes/notes/api_wsgi-e8eb12b8e66ffe4e.yaml +++ /dev/null @@ -1,3 +0,0 @@ ---- -features: - - Allow to deploy Ironic API in WSGI with Apache. diff --git a/ironic/releasenotes/notes/deprecate_cluster_id-8d9838a9ef8932bf.yaml b/ironic/releasenotes/notes/deprecate_cluster_id-8d9838a9ef8932bf.yaml deleted file mode 100644 index f9ef9c69f..000000000 --- a/ironic/releasenotes/notes/deprecate_cluster_id-8d9838a9ef8932bf.yaml +++ /dev/null @@ -1,3 +0,0 @@ ---- -deprecations: - - cluster_id parameter is deprecated. diff --git a/ironic/releasenotes/notes/inspector_mitaka-5984d9af2ba56cb3.yaml b/ironic/releasenotes/notes/inspector_mitaka-5984d9af2ba56cb3.yaml deleted file mode 100644 index 955dd75d6..000000000 --- a/ironic/releasenotes/notes/inspector_mitaka-5984d9af2ba56cb3.yaml +++ /dev/null @@ -1,36 +0,0 @@ ---- -features: - - Use dnsmasq dhcp-sequential-ip flag in dnsmasq.conf - Introspection naturally happens in large bulks, after which it's inactive. - Small pool for DHCP addresses means that we'll have conflicts due to how - dnsmasq distributes them by default - using hashing. This change tells dnsmasq - to allocate IP addresses sequentially instead to avoid these conflicts. - The drawback of this option is that long-running clients may switch IP - addresses if their lease expires. This is not a concern for short introspection - process. - - Allow sending random kernel arguments to the IPA. - IPA accepts plenty of kernel arguments, adding all them explicitly - may be not practical. New option ramdisk_kernel_args allows to set - a string to append to the kernel command line when booting IPA. - One of the use-cases is ipa-inspection-benchmarks option, enabling benchmarking - during inspection. - - Allow changing list of processing hooks. - Processing hooks are ironic-inspector plugins for the data processing - pipeline. This change enables appending new hooks to the default list. - - Specify SELinux type context for tftp dir. - We create a /tftpboot/ dir in the root directory without - specifying a SELinux type context, so it gets default_t. The - tftp process is not allowed read permission on default_t, and - as a result the ironic-inspector-dnsmasq service fails to start. - The fix is to specify a type context of tftpdir_t when - creating the /tftpboot/ directory. - This feature pulls the /tftpboot/ directory out of the if - block relating only to tftp configuration. The /tftpboot/ - directory is also used by iPXE/http for the undionly.kpxe - chainloading image. - - Enable changing list of inspection collectors. - Inspection collectors are IPA plugins that collect additional information - for inspection. This feature allow changing their list, with default remaining - the same (for now). - - Allow to create Keystone resources to deploy Ironic Inspector, like service, endpoints, etc. - - Create a separate class for configuring logging. diff --git a/ironic/releasenotes/notes/mitaka-dece9d43a565e6cb.yaml b/ironic/releasenotes/notes/mitaka-dece9d43a565e6cb.yaml deleted file mode 100644 index f029fee4d..000000000 --- a/ironic/releasenotes/notes/mitaka-dece9d43a565e6cb.yaml +++ /dev/null @@ -1,3 +0,0 @@ ---- -prelude: > - This is the first Mitaka release for puppet-ironic module. diff --git a/ironic/releasenotes/notes/pymysql-e57bf1f0289dd426.yaml b/ironic/releasenotes/notes/pymysql-e57bf1f0289dd426.yaml deleted file mode 100644 index 3556c0c8c..000000000 --- a/ironic/releasenotes/notes/pymysql-e57bf1f0289dd426.yaml +++ /dev/null @@ -1,3 +0,0 @@ ---- -features: - - Support of PyMySQL driver for MySQL backend. diff --git a/ironic/releasenotes/notes/remove_old_auth-d9fc4af8e2ced291.yaml b/ironic/releasenotes/notes/remove_old_auth-d9fc4af8e2ced291.yaml deleted file mode 100644 index 2818d4c90..000000000 --- a/ironic/releasenotes/notes/remove_old_auth-d9fc4af8e2ced291.yaml +++ /dev/null @@ -1,3 +0,0 @@ ---- -deprecations: - - Use identity_uri and auth_uri by default and remove old deprecated auth parameters. diff --git a/ironic/releasenotes/notes/remove_qpid-0b446db43fdea617.yaml b/ironic/releasenotes/notes/remove_qpid-0b446db43fdea617.yaml deleted file mode 100644 index c59a436d3..000000000 --- a/ironic/releasenotes/notes/remove_qpid-0b446db43fdea617.yaml +++ /dev/null @@ -1,5 +0,0 @@ ---- -deprecations: - - Remove QPID messaging support. - Qpid messaging driver is removed from oslo.messaging so we won't support - anymore. diff --git a/ironic/releasenotes/notes/use-reno-1caaec4ba5aa4285.yaml b/ironic/releasenotes/notes/use-reno-1caaec4ba5aa4285.yaml deleted file mode 100644 index 41cef2f11..000000000 --- a/ironic/releasenotes/notes/use-reno-1caaec4ba5aa4285.yaml +++ /dev/null @@ -1,4 +0,0 @@ ---- -features: - - Release notes are no longer maintained by hand, we now use the reno tool to - manage them. diff --git a/ironic/releasenotes/source/_static/.placeholder b/ironic/releasenotes/source/_static/.placeholder deleted file mode 100644 index e69de29bb..000000000 diff --git a/ironic/releasenotes/source/conf.py b/ironic/releasenotes/source/conf.py deleted file mode 100644 index 5fec838fc..000000000 --- a/ironic/releasenotes/source/conf.py +++ /dev/null @@ -1,259 +0,0 @@ -# -*- coding: utf-8 -*- -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or -# implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -# If extensions (or modules to document with autodoc) are in another directory, -# add these directories to sys.path here. If the directory is relative to the -# documentation root, use os.path.abspath to make it absolute, like shown here. -#sys.path.insert(0, os.path.abspath('.')) - -# -- General configuration ------------------------------------------------ - -# If your documentation needs a minimal Sphinx version, state it here. -#needs_sphinx = '1.0' - -# Add any Sphinx extension module names here, as strings. They can be -# extensions coming with Sphinx (named 'sphinx.ext.*') or your custom -# ones. -extensions = [ - 'oslosphinx', - 'reno.sphinxext', -] - -# Add any paths that contain templates here, relative to this directory. -templates_path = ['_templates'] - -# The suffix of source filenames. -source_suffix = '.rst' - -# The encoding of source files. -#source_encoding = 'utf-8-sig' - -# The master toctree document. -master_doc = 'index' - -# General information about the project. -project = u'puppet-ironic Release Notes' -copyright = u'2016, Puppet OpenStack Developers' - -# The version info for the project you're documenting, acts as replacement for -# |version| and |release|, also used in various other places throughout the -# built documents. -# -# The short X.Y version. -version = '8.1.0' -# The full version, including alpha/beta/rc tags. -release = '8.1.0' - -# The language for content autogenerated by Sphinx. Refer to documentation -# for a list of supported languages. -#language = None - -# There are two options for replacing |today|: either, you set today to some -# non-false value, then it is used: -#today = '' -# Else, today_fmt is used as the format for a strftime call. -#today_fmt = '%B %d, %Y' - -# List of patterns, relative to source directory, that match files and -# directories to ignore when looking for source files. -exclude_patterns = [] - -# The reST default role (used for this markup: `text`) to use for all -# documents. -#default_role = None - -# If true, '()' will be appended to :func: etc. cross-reference text. -#add_function_parentheses = True - -# If true, the current module name will be prepended to all description -# unit titles (such as .. function::). -#add_module_names = True - -# If true, sectionauthor and moduleauthor directives will be shown in the -# output. They are ignored by default. -#show_authors = False - -# The name of the Pygments (syntax highlighting) style to use. -pygments_style = 'sphinx' - -# A list of ignored prefixes for module index sorting. -#modindex_common_prefix = [] - -# If true, keep warnings as "system message" paragraphs in the built documents. -#keep_warnings = False - - -# -- Options for HTML output ---------------------------------------------- - -# The theme to use for HTML and HTML Help pages. See the documentation for -# a list of builtin themes. -html_theme = 'default' - -# Theme options are theme-specific and customize the look and feel of a theme -# further. For a list of options available for each theme, see the -# documentation. -#html_theme_options = {} - -# Add any paths that contain custom themes here, relative to this directory. -#html_theme_path = [] - -# The name for this set of Sphinx documents. If None, it defaults to -# " v documentation". -#html_title = None - -# A shorter title for the navigation bar. Default is the same as html_title. -#html_short_title = None - -# The name of an image file (relative to this directory) to place at the top -# of the sidebar. -#html_logo = None - -# The name of an image file (within the static path) to use as favicon of the -# docs. This file should be a Windows icon file (.ico) being 16x16 or 32x32 -# pixels large. -#html_favicon = None - -# Add any paths that contain custom static files (such as style sheets) here, -# relative to this directory. They are copied after the builtin static files, -# so a file named "default.css" will overwrite the builtin "default.css". -html_static_path = ['_static'] - -# Add any extra paths that contain custom files (such as robots.txt or -# .htaccess) here, relative to this directory. These files are copied -# directly to the root of the documentation. -#html_extra_path = [] - -# If not '', a 'Last updated on:' timestamp is inserted at every page bottom, -# using the given strftime format. -#html_last_updated_fmt = '%b %d, %Y' - -# If true, SmartyPants will be used to convert quotes and dashes to -# typographically correct entities. -#html_use_smartypants = True - -# Custom sidebar templates, maps document names to template names. -#html_sidebars = {} - -# Additional templates that should be rendered to pages, maps page names to -# template names. -#html_additional_pages = {} - -# If false, no module index is generated. -#html_domain_indices = True - -# If false, no index is generated. -#html_use_index = True - -# If true, the index is split into individual pages for each letter. -#html_split_index = False - -# If true, links to the reST sources are added to the pages. -#html_show_sourcelink = True - -# If true, "Created using Sphinx" is shown in the HTML footer. Default is True. -#html_show_sphinx = True - -# If true, "(C) Copyright ..." is shown in the HTML footer. Default is True. -#html_show_copyright = True - -# If true, an OpenSearch description file will be output, and all pages will -# contain a tag referring to it. The value of this option must be the -# base URL from which the finished HTML is served. -#html_use_opensearch = '' - -# This is the file name suffix for HTML files (e.g. ".xhtml"). -#html_file_suffix = None - -# Output file base name for HTML help builder. -htmlhelp_basename = 'puppet-ironicReleaseNotesdoc' - - -# -- Options for LaTeX output --------------------------------------------- - -latex_elements = { -# The paper size ('letterpaper' or 'a4paper'). -#'papersize': 'letterpaper', - -# The font size ('10pt', '11pt' or '12pt'). -#'pointsize': '10pt', - -# Additional stuff for the LaTeX preamble. -#'preamble': '', -} - -# Grouping the document tree into LaTeX files. List of tuples -# (source start file, target name, title, -# author, documentclass [howto, manual, or own class]). -latex_documents = [ - ('index', 'puppet-ironicReleaseNotes.tex', u'puppet-ironic Release Notes Documentation', - u'2016, Puppet OpenStack Developers', 'manual'), -] - -# The name of an image file (relative to this directory) to place at the top of -# the title page. -#latex_logo = None - -# For "manual" documents, if this is true, then toplevel headings are parts, -# not chapters. -#latex_use_parts = False - -# If true, show page references after internal links. -#latex_show_pagerefs = False - -# If true, show URL addresses after external links. -#latex_show_urls = False - -# Documents to append as an appendix to all manuals. -#latex_appendices = [] - -# If false, no module index is generated. -#latex_domain_indices = True - - -# -- Options for manual page output --------------------------------------- - -# One entry per manual page. List of tuples -# (source start file, name, description, authors, manual section). -man_pages = [ - ('index', 'puppet-ironicreleasenotes', u'puppet-ironic Release Notes Documentation', - [u'2016, Puppet OpenStack Developers'], 1) -] - -# If true, show URL addresses after external links. -#man_show_urls = False - - -# -- Options for Texinfo output ------------------------------------------- - -# Grouping the document tree into Texinfo files. List of tuples -# (source start file, target name, title, author, -# dir menu entry, description, category) -texinfo_documents = [ - ('index', 'puppet-ironicReleaseNotes', u'puppet-ironic Release Notes Documentation', - u'2016, Puppet OpenStack Developers', 'puppet-ironicReleaseNotes', 'One line description of project.', - 'Miscellaneous'), -] - -# Documents to append as an appendix to all manuals. -#texinfo_appendices = [] - -# If false, no module index is generated. -#texinfo_domain_indices = True - -# How to display URL addresses: 'footnote', 'no', or 'inline'. -#texinfo_show_urls = 'footnote' - -# If true, do not generate a @detailmenu in the "Top" node's menu. -#texinfo_no_detailmenu = False diff --git a/ironic/releasenotes/source/index.rst b/ironic/releasenotes/source/index.rst deleted file mode 100644 index 80457632a..000000000 --- a/ironic/releasenotes/source/index.rst +++ /dev/null @@ -1,19 +0,0 @@ -======================================= -Welcome to puppet-ironic Release Notes! -======================================= - -Contents -======== - -.. toctree:: - :maxdepth: 2 - - mitaka - unreleased - - -Indices and tables -================== - -* :ref:`genindex` -* :ref:`search` diff --git a/ironic/releasenotes/source/mitaka.rst b/ironic/releasenotes/source/mitaka.rst deleted file mode 100644 index 97ab8d1d3..000000000 --- a/ironic/releasenotes/source/mitaka.rst +++ /dev/null @@ -1,6 +0,0 @@ -============================ - Mitaka Series Release Notes -============================ - -.. release-notes:: - :branch: origin/stable/mitaka diff --git a/ironic/releasenotes/source/unreleased.rst b/ironic/releasenotes/source/unreleased.rst deleted file mode 100644 index 2334dd5cf..000000000 --- a/ironic/releasenotes/source/unreleased.rst +++ /dev/null @@ -1,5 +0,0 @@ -============================== - Current Series Release Notes -============================== - - .. release-notes:: diff --git a/ironic/setup.cfg b/ironic/setup.cfg deleted file mode 100644 index fb3595bb5..000000000 --- a/ironic/setup.cfg +++ /dev/null @@ -1,13 +0,0 @@ -[metadata] -name = puppet-ironic -summary = Puppet module for OpenStack Ironic -description-file = - README.md -author = Puppet Labs and OpenStack Contributors -author-email = openstack-dev@lists.openstack.org -home-page = http://www.openstack.org/ -classifier = - Intended Audience :: Developers - Intended Audience :: System Administrators - License :: OSI Approved :: Apache Software License - Operating System :: POSIX :: Linux diff --git a/ironic/setup.py b/ironic/setup.py deleted file mode 100644 index 70c2b3f32..000000000 --- a/ironic/setup.py +++ /dev/null @@ -1,22 +0,0 @@ -#!/usr/bin/env python -# Copyright (c) 2013 Hewlett-Packard Development Company, L.P. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or -# implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# THIS FILE IS MANAGED BY THE GLOBAL REQUIREMENTS REPO - DO NOT EDIT -import setuptools - -setuptools.setup( - setup_requires=['pbr'], - pbr=True) diff --git a/ironic/spec/acceptance/ironic_wsgi_apache_spec.rb b/ironic/spec/acceptance/ironic_wsgi_apache_spec.rb deleted file mode 100644 index 694c2918a..000000000 --- a/ironic/spec/acceptance/ironic_wsgi_apache_spec.rb +++ /dev/null @@ -1,102 +0,0 @@ -require 'spec_helper_acceptance' - -describe 'basic ironic' do - - context 'default parameters' do - - it 'should work with no errors' do - pp= <<-EOS - include ::openstack_integration - include ::openstack_integration::repos - include ::openstack_integration::rabbitmq - include ::openstack_integration::mysql - include ::openstack_integration::keystone - - rabbitmq_user { 'ironic': - admin => true, - password => 'an_even_bigger_secret', - provider => 'rabbitmqctl', - require => Class['rabbitmq'], - } - - rabbitmq_user_permissions { 'ironic@/': - configure_permission => '.*', - write_permission => '.*', - read_permission => '.*', - provider => 'rabbitmqctl', - require => Class['rabbitmq'], - } - - # Ironic resources - class { '::ironic': - rabbit_userid => 'ironic', - rabbit_password => 'an_even_bigger_secret', - rabbit_host => '127.0.0.1', - database_connection => 'mysql+pymysql://ironic:a_big_secret@127.0.0.1/ironic?charset=utf8', - debug => true, - verbose => true, - enabled_drivers => ['pxe_ssh'], - } - class { '::ironic::db::mysql': - password => 'a_big_secret', - } - class { '::ironic::keystone::auth': - password => 'a_big_secret', - } - class { '::ironic::keystone::auth_inspector': - password => 'a_big_secret', - } - class { '::ironic::client': } - class { '::ironic::conductor': } - class { '::ironic::api': - admin_password => 'a_big_secret', - service_name => 'httpd', - } - include ::apache - class { '::ironic::wsgi::apache': - ssl => false, - } - class { '::ironic::drivers::ipmi': } - - # Ironic inspector resources - case $::osfamily { - 'Debian': { - warning("Ironic inspector packaging is not ready on ${::osfamily}.") - } - 'RedHat': { - class { '::ironic::inspector': - auth_uri => "https://${::fqdn}:5000/v2.0", - identity_uri => "https://${::fqdn}:35357", - admin_password => 'a_big_secret', - ironic_password => 'a_big_secret', - ironic_auth_url => "https://${::fqdn}:5000/v2.0", - dnsmasq_interface => 'eth0', - } - } - } - EOS - - - # Run it twice and test for idempotency - apply_manifest(pp, :catch_failures => true) - apply_manifest(pp, :catch_changes => true) - end - - if os[:family].casecmp('RedHat') == 0 - # Ironic API port - describe port(6385) do - it { is_expected.to be_listening } - end - # Inspector API port - describe port(5050) do - it { is_expected.to be_listening.with('tcp') } - end - else # Inspector is not packaged, so only test Ironic - # Ironic API port - describe port(6385) do - it { is_expected.to be_listening } - end - end - - end -end diff --git a/ironic/spec/acceptance/nodesets/centos-70-x64.yml b/ironic/spec/acceptance/nodesets/centos-70-x64.yml deleted file mode 100644 index 5f097e9fe..000000000 --- a/ironic/spec/acceptance/nodesets/centos-70-x64.yml +++ /dev/null @@ -1,11 +0,0 @@ -HOSTS: - centos-server-70-x64: - roles: - - master - platform: el-7-x86_64 - box: puppetlabs/centos-7.0-64-nocm - box_url: https://vagrantcloud.com/puppetlabs/centos-7.0-64-nocm - hypervisor: vagrant -CONFIG: - log_level: debug - type: foss diff --git a/ironic/spec/acceptance/nodesets/default.yml b/ironic/spec/acceptance/nodesets/default.yml deleted file mode 100644 index 486b6a34e..000000000 --- a/ironic/spec/acceptance/nodesets/default.yml +++ /dev/null @@ -1,10 +0,0 @@ -HOSTS: - ubuntu-server-14.04-amd64: - roles: - - master - platform: ubuntu-14.04-amd64 - box: puppetlabs/ubuntu-14.04-64-nocm - box_url: https://vagrantcloud.com/puppetlabs/ubuntu-14.04-64-nocm - hypervisor: vagrant -CONFIG: - type: foss diff --git a/ironic/spec/acceptance/nodesets/nodepool-centos7.yml b/ironic/spec/acceptance/nodesets/nodepool-centos7.yml deleted file mode 100644 index c55287420..000000000 --- a/ironic/spec/acceptance/nodesets/nodepool-centos7.yml +++ /dev/null @@ -1,10 +0,0 @@ -HOSTS: - centos-70-x64: - roles: - - master - platform: el-7-x86_64 - hypervisor: none - ip: 127.0.0.1 -CONFIG: - type: foss - set_env: false diff --git a/ironic/spec/acceptance/nodesets/nodepool-trusty.yml b/ironic/spec/acceptance/nodesets/nodepool-trusty.yml deleted file mode 100644 index 9fc624e24..000000000 --- a/ironic/spec/acceptance/nodesets/nodepool-trusty.yml +++ /dev/null @@ -1,10 +0,0 @@ -HOSTS: - ubuntu-14.04-amd64: - roles: - - master - platform: ubuntu-14.04-amd64 - hypervisor: none - ip: 127.0.0.1 -CONFIG: - type: foss - set_env: false diff --git a/ironic/spec/acceptance/nodesets/ubuntu-server-1404-x64.yml b/ironic/spec/acceptance/nodesets/ubuntu-server-1404-x64.yml deleted file mode 100644 index 8001929b2..000000000 --- a/ironic/spec/acceptance/nodesets/ubuntu-server-1404-x64.yml +++ /dev/null @@ -1,11 +0,0 @@ -HOSTS: - ubuntu-server-14.04-amd64: - roles: - - master - platform: ubuntu-14.04-amd64 - box: puppetlabs/ubuntu-14.04-64-nocm - box_url: https://vagrantcloud.com/puppetlabs/ubuntu-14.04-64-nocm - hypervisor: vagrant -CONFIG: - log_level: debug - type: foss diff --git a/ironic/spec/classes/inspector_db_sync_spec.rb b/ironic/spec/classes/inspector_db_sync_spec.rb deleted file mode 100644 index 429ef3ec9..000000000 --- a/ironic/spec/classes/inspector_db_sync_spec.rb +++ /dev/null @@ -1,44 +0,0 @@ -require 'spec_helper' - -describe 'ironic::db::inspector_sync' do - - shared_examples_for 'inspector-dbsync' do - - it 'runs ironic-inspectror-db_sync' do - is_expected.to contain_exec('ironic-inspector-dbsync').with( - :command => 'ironic-inspector-dbsync --config-file /etc/ironic-inspector/inspector.conf upgrade', - :path => '/usr/bin', - :user => 'ironic-inspector', - :refreshonly => 'true', - :logoutput => 'on_failure' - ) - end - - end - - context 'on a RedHat osfamily' do - let :facts do - @default_facts.merge({ - :osfamily => 'RedHat', - :operatingsystemrelease => '7.0', - :concat_basedir => '/var/lib/puppet/concat' - }) - end - - it_configures 'inspector-dbsync' - end - - context 'on a Debian osfamily' do - let :facts do - @default_facts.merge({ - :operatingsystemrelease => '7.8', - :operatingsystem => 'Debian', - :osfamily => 'Debian', - :concat_basedir => '/var/lib/puppet/concat' - }) - end - - it_configures 'inspector-dbsync' - end - -end diff --git a/ironic/spec/classes/ironic_api_spec.rb b/ironic/spec/classes/ironic_api_spec.rb deleted file mode 100644 index f6581cf65..000000000 --- a/ironic/spec/classes/ironic_api_spec.rb +++ /dev/null @@ -1,172 +0,0 @@ -# -# Copyright (C) 2013 eNovance SAS -# -# Author: Emilien Macchi -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. You may obtain -# a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the -# License for the specific language governing permissions and limitations -# under the License. -# -# Unit tests for ironic::api class -# - -require 'spec_helper' - -describe 'ironic::api' do - - let :default_params do - { :package_ensure => 'present', - :enabled => true, - :port => '6385', - :max_limit => '1000', - :host_ip => '0.0.0.0', - :admin_user => 'ironic', - } - end - - let :params do - { :admin_password => 'thepassword' } - end - - shared_examples_for 'ironic api' do - let :p do - default_params.merge(params) - end - - it { is_expected.to contain_class('ironic::params') } - it { is_expected.to contain_class('ironic::policy') } - - it 'installs ironic api package' do - if platform_params.has_key?(:api_package) - is_expected.to contain_package('ironic-api').with( - :name => platform_params[:api_package], - :ensure => p[:package_ensure], - :tag => ['openstack', 'ironic-package'], - ) - is_expected.to contain_package('ironic-api').with_before(/Service\[ironic-api\]/) - end - end - - it 'ensure ironic api service is running' do - is_expected.to contain_service('ironic-api').with( - 'hasstatus' => true, - 'tag' => 'ironic-service', - ) - end - - it 'configures ironic.conf' do - is_expected.to contain_ironic_config('api/port').with_value(p[:port]) - is_expected.to contain_ironic_config('api/host_ip').with_value(p[:host_ip]) - is_expected.to contain_ironic_config('api/max_limit').with_value(p[:max_limit]) - is_expected.to contain_ironic_config('api/api_workers').with_value('') - is_expected.to contain_ironic_config('api/public_endpoint').with_value('') - is_expected.to contain_ironic_config('keystone_authtoken/admin_password').with_value(p[:admin_password]) - is_expected.to contain_ironic_config('keystone_authtoken/admin_user').with_value(p[:admin_user]) - is_expected.to contain_ironic_config('keystone_authtoken/auth_uri').with_value('http://127.0.0.1:5000/') - is_expected.to contain_ironic_config('keystone_authtoken/identity_uri').with_value('http://127.0.0.1:35357/') - is_expected.to contain_ironic_config('neutron/url').with_value('http://127.0.0.1:9696/') - end - - context 'when overriding parameters' do - before :each do - params.merge!( - :port => '3430', - :host_ip => '127.0.0.1', - :max_limit => '10', - :workers => '8', - :auth_uri => 'https://1.2.3.4:5000/', - :identity_uri => 'https://1.2.3.4:35357/', - :public_endpoint => 'https://1.2.3.4:6385/', - ) - end - it 'should replace default parameter with new value' do - is_expected.to contain_ironic_config('api/port').with_value(p[:port]) - is_expected.to contain_ironic_config('api/host_ip').with_value(p[:host_ip]) - is_expected.to contain_ironic_config('api/max_limit').with_value(p[:max_limit]) - is_expected.to contain_ironic_config('api/api_workers').with_value(p[:workers]) - is_expected.to contain_ironic_config('api/public_endpoint').with_value(p[:public_endpoint]) - is_expected.to contain_ironic_config('keystone_authtoken/auth_uri').with_value('https://1.2.3.4:5000/') - is_expected.to contain_ironic_config('keystone_authtoken/identity_uri').with_value('https://1.2.3.4:35357/') - end - end - - context 'when running ironic-api in wsgi' do - before do - params.merge!({ :service_name => 'httpd' }) - end - - let :pre_condition do - "include ::apache" - end - - it 'configures ironic-api service with Apache' do - is_expected.to contain_service('ironic-api').with( - :ensure => 'stopped', - :name => platform_params[:api_service], - :enable => false, - :tag => 'ironic-service', - ) - end - end - - context 'when service_name is not valid' do - before do - params.merge!({ :service_name => 'foobar' }) - end - - let :pre_condition do - "include ::apache" - end - - it_raises 'a Puppet::Error', /Invalid service_name/ - end - end - - context 'on Debian platforms' do - let :facts do - @default_facts.merge({ - :osfamily => 'Debian', - :operatingsystem => 'Debian', - :operatingsystemrelease => '8.0', - :concat_basedir => '/var/lib/puppet/concat', - :fqdn => 'some.host.tld', - :processorcount => 2, - }) - end - - let :platform_params do - { :api_package => 'ironic-api', - :api_service => 'ironic-api' } - end - - it_configures 'ironic api' - end - - context 'on RedHat platforms' do - let :facts do - @default_facts.merge({ - :osfamily => 'RedHat', - :operatingsystem => 'RedHat', - :operatingsystemrelease => '7.2', - :concat_basedir => '/var/lib/puppet/concat', - :fqdn => 'some.host.tld', - :processorcount => 2, - }) - end - - let :platform_params do - { :api_service => 'openstack-ironic-api' } - end - - it_configures 'ironic api' - end - -end diff --git a/ironic/spec/classes/ironic_bifrost_spec.rb b/ironic/spec/classes/ironic_bifrost_spec.rb deleted file mode 100644 index 6ec2458ab..000000000 --- a/ironic/spec/classes/ironic_bifrost_spec.rb +++ /dev/null @@ -1,91 +0,0 @@ -# Copyright 2015 Hewlett-Packard Development Company, L.P. -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. You may obtain -# a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the -# License for the specific language governing permissions and limitations -# under the License. -# -# Unit tests for ironic::bifrost class -# - -require 'spec_helper' - -describe 'ironic::bifrost' do - - let :default_params do - { :git_source_repo => 'https://git.openstack.org/openstack/bifrost', - :revision => master, - :git_dest_repo_folder => '/opt/stack/bifrost', - :bifrost_config_folder => '/etc/bifrost', - :ironic_url => '"http://localhost:6385/"', - :network_interface => '"virbr0"', - :testing => false, - :testing_user => 'ubuntu', - :http_boot_folder => '/httpboot', - :nginx_port => 8080, - :ssh_public_key_path => '"{{ ansible_env.HOME }}/.ssh/id_rsa.pub"', - :deploy_kernel => '"{{http_boot_folder}}/coreos_production_pxe.vmlinuz"', - :deploy_ramdisk => '"{{http_boot_folder}}/coreos_production_pxe_image-oem.cpio.gz"', - :deploy_kernel_url => '"http://{{ hostvars[inventory_hostname][\'ansible_\' + network_interface][\'ipv4\'][\'address\'] }}:{{nginx_port}}/coreos_production_pxe.vmlinuz"', - :deploy_ramdisk_url => '"http://{{ hostvars[inventory_hostname][\'ansible_\' + network_interface][\'ipv4\'][\'address\'] }}:{{nginx_port}}/coreos_production_pxe_image-oem.cpio.gz"', - :deploy_image_filename => '"deployment_image.qcow2"', - :deploy_image => '"{{http_boot_folder}}/{{deploy_image_filename}}"', - :create_image_via_dib => true, - :transform_boot_image => false, - :node_default_network_interface => 'eth0', - :ipv4_subnet_mask => '255.255.255.0', - :ipv4_gateway => '192.168.1.1', - :ipv4_nameserver => '8.8.8.8', - :network_mtu => '1500', - :dhcp_pool_start => '192.168.1.200', - :dhcp_pool_end => '192.168.1.250', - :ipmi_bridging => 'no', - } - end - - let :params do - { :mysql_password => 'changeme', - :ironic_db_password => 'changeme', - :baremetal_json_hosts => 'test', - } - end - - it 'should clone with vcsrepo bifrost repo with master branch' do - is_expected.to contain_vcsrepo('/opt/stack/bifrost').with( - 'ensure' => 'present', - 'provider' => 'git', - 'revision' => 'master', - 'source' => 'https://git.openstack.org/openstack/bifrost', - ) - end - - it 'should contain folder /etc/bifrost' do - is_expected.to contain_file('/etc/bifrost').with( - 'ensure' => 'directory', - ) - end - - it 'should contain file /etc/bifrost/bifrost_global_vars' do - is_expected.to contain_file('/etc/bifrost/bifrost_global_vars').with( - 'ensure' => 'present', - 'require' => 'File[/etc/bifrost]', - 'content' => /ironic_url/, - ) - end - - it 'should contain file /etc/bifrost/baremetal.json' do - is_expected.to contain_file('/etc/bifrost/baremetal.json').with( - 'ensure' => 'present', - 'require' => 'File[/etc/bifrost]', - 'content' => /test/, - ) - end - -end diff --git a/ironic/spec/classes/ironic_client_spec.rb b/ironic/spec/classes/ironic_client_spec.rb deleted file mode 100644 index 90ad76778..000000000 --- a/ironic/spec/classes/ironic_client_spec.rb +++ /dev/null @@ -1,40 +0,0 @@ -# -# Copyright (C) 2013 eNovance SAS -# -# Author: Emilien Macchi -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. You may obtain -# a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the -# License for the specific language governing permissions and limitations -# under the License. -# -# Unit tests for ironic::client -# - -require 'spec_helper' - -describe 'ironic::client' do - - context 'on Debian platforms' do - let :facts do - @default_facts.merge({ :osfamily => 'Debian' }) - end - - it { is_expected.to contain_class('ironic::client') } - end - - context 'on RedHat platforms' do - let :facts do - @default_facts.merge({ :osfamily => 'RedHat' }) - end - - it { is_expected.to contain_class('ironic::client') } - end -end diff --git a/ironic/spec/classes/ironic_conductor_spec.rb b/ironic/spec/classes/ironic_conductor_spec.rb deleted file mode 100644 index 86a20bebd..000000000 --- a/ironic/spec/classes/ironic_conductor_spec.rb +++ /dev/null @@ -1,106 +0,0 @@ -# -# Copyright (C) 2013 eNovance SAS -# -# Author: Emilien Macchi -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. You may obtain -# a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the -# License for the specific language governing permissions and limitations -# under the License. -# -# Unit tests for ironic::conductor class -# - -require 'spec_helper' - -describe 'ironic::conductor' do - - let :default_params do - { :package_ensure => 'present', - :enabled => true, - :max_time_interval => '120', - :force_power_state_during_sync => true } - end - - let :params do - {} - end - - shared_examples_for 'ironic conductor' do - let :p do - default_params.merge(params) - end - - it { is_expected.to contain_class('ironic::params') } - - it 'installs ironic conductor package' do - if platform_params.has_key?(:conductor_package) - is_expected.to contain_package('ironic-conductor').with( - :name => platform_params[:conductor_package], - :ensure => p[:package_ensure], - :tag => ['openstack', 'ironic-package'], - ) - is_expected.to contain_package('ironic-conductor').with_before(/Service\[ironic-conductor\]/) - end - end - - it 'ensure ironic conductor service is running' do - is_expected.to contain_service('ironic-conductor').with( - 'hasstatus' => true, - 'tag' => 'ironic-service', - ) - end - - it 'configures ironic.conf' do - is_expected.to contain_ironic_config('conductor/max_time_interval').with_value(p[:max_time_interval]) - is_expected.to contain_ironic_config('conductor/force_power_state_during_sync').with_value(p[:force_power_state_during_sync]) - end - - context 'when overriding parameters' do - before :each do - params.merge!( - :max_time_interval => '50', - :force_power_state_during_sync => false - ) - end - it 'should replace default parameter with new value' do - is_expected.to contain_ironic_config('conductor/max_time_interval').with_value(p[:max_time_interval]) - is_expected.to contain_ironic_config('conductor/force_power_state_during_sync').with_value(p[:force_power_state_during_sync]) - end - end - - end - - context 'on Debian platforms' do - let :facts do - @default_facts.merge({ :osfamily => 'Debian' }) - end - - let :platform_params do - { :conductor_package => 'ironic-conductor', - :conductor_service => 'ironic-conductor' } - end - - it_configures 'ironic conductor' - end - - context 'on RedHat platforms' do - let :facts do - @default_facts.merge({ :osfamily => 'RedHat' }) - end - - let :platform_params do - { :conductor_service => 'ironic-conductor' } - end - - it_configures 'ironic conductor' - end - -end diff --git a/ironic/spec/classes/ironic_config_spec.rb b/ironic/spec/classes/ironic_config_spec.rb deleted file mode 100644 index 191d89685..000000000 --- a/ironic/spec/classes/ironic_config_spec.rb +++ /dev/null @@ -1,31 +0,0 @@ -require 'spec_helper' - -describe 'ironic::config' do - - let :params do - { :ironic_config => { - 'DEFAULT/foo' => { 'value' => 'fooValue' }, - 'DEFAULT/bar' => { 'value' => 'barValue' }, - 'DEFAULT/baz' => { 'ensure' => 'absent' } - }, - :ironic_api_paste_ini => { - 'DEFAULT/foo2' => { 'value' => 'fooValue' }, - 'DEFAULT/bar2' => { 'value' => 'barValue' }, - 'DEFAULT/baz2' => { 'ensure' => 'absent' } - } - } - end - - it 'configures arbitrary ironic configurations' do - is_expected.to contain_ironic_config('DEFAULT/foo').with_value('fooValue') - is_expected.to contain_ironic_config('DEFAULT/bar').with_value('barValue') - is_expected.to contain_ironic_config('DEFAULT/baz').with_ensure('absent') - end - - it 'configures arbitrary ironic-api-paste configurations' do - is_expected.to contain_ironic_api_paste_ini('DEFAULT/foo2').with_value('fooValue') - is_expected.to contain_ironic_api_paste_ini('DEFAULT/bar2').with_value('barValue') - is_expected.to contain_ironic_api_paste_ini('DEFAULT/baz2').with_ensure('absent') - end - -end diff --git a/ironic/spec/classes/ironic_db_mysql_spec.rb b/ironic/spec/classes/ironic_db_mysql_spec.rb deleted file mode 100644 index ad4237cd7..000000000 --- a/ironic/spec/classes/ironic_db_mysql_spec.rb +++ /dev/null @@ -1,89 +0,0 @@ -# -# Copyright (C) 2013 eNovance SAS -# -# Author: Emilien Macchi -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. You may obtain -# a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the -# License for the specific language governing permissions and limitations -# under the License. -# -# Unit tests for ironic::db::mysql -# - -require 'spec_helper' - -describe 'ironic::db::mysql' do - - let :pre_condition do - 'include mysql::server' - end - - let :params do - { :password => 'passw0rd' } - end - - let :facts do - @default_facts.merge({ :osfamily => 'Debian' }) - end - - context 'on Debian platforms' do - let :facts do - @default_facts.merge({ :osfamily => 'Debian' }) - end - - it { is_expected.to contain_openstacklib__db__mysql('ironic').with( - :user => 'ironic', - :password_hash => '*74B1C21ACE0C2D6B0678A5E503D2A60E8F9651A3', - :charset => 'utf8', - :collate => 'utf8_general_ci', - )} - end - - context 'on RedHat platforms' do - let :facts do - @default_facts.merge({ :osfamily => 'RedHat' }) - end - - it { is_expected.to contain_openstacklib__db__mysql('ironic').with( - :user => 'ironic', - :password_hash => '*74B1C21ACE0C2D6B0678A5E503D2A60E8F9651A3', - :charset => 'utf8', - :collate => 'utf8_general_ci', - )} - end - - describe "overriding allowed_hosts param to array" do - let :params do - { - :allowed_hosts => ['127.0.0.1','%'] - } - end - - end - - describe "overriding allowed_hosts param to string" do - let :params do - { - :allowed_hosts => '192.168.1.1' - } - end - - end - - describe "overriding allowed_hosts param equals to host param " do - let :params do - { - :allowed_hosts => '127.0.0.1' - } - end - - end -end diff --git a/ironic/spec/classes/ironic_db_postgresql_spec.rb b/ironic/spec/classes/ironic_db_postgresql_spec.rb deleted file mode 100644 index 91874f083..000000000 --- a/ironic/spec/classes/ironic_db_postgresql_spec.rb +++ /dev/null @@ -1,58 +0,0 @@ -require 'spec_helper' - -describe 'ironic::db::postgresql' do - - let :req_params do - { :password => 'pw' } - end - - let :pre_condition do - 'include postgresql::server' - end - - context 'on a RedHat osfamily' do - let :facts do - { - :osfamily => 'RedHat', - :operatingsystemrelease => '7.0', - :concat_basedir => '/var/lib/puppet/concat' - } - end - - context 'with only required parameters' do - let :params do - req_params - end - - it { is_expected.to contain_postgresql__server__db('ironic').with( - :user => 'ironic', - :password => 'md554bdb85e136b50c40104fd9f73e1294d' - )} - end - - end - - context 'on a Debian osfamily' do - let :facts do - { - :operatingsystemrelease => '7.8', - :operatingsystem => 'Debian', - :osfamily => 'Debian', - :concat_basedir => '/var/lib/puppet/concat' - } - end - - context 'with only required parameters' do - let :params do - req_params - end - - it { is_expected.to contain_postgresql__server__db('ironic').with( - :user => 'ironic', - :password => 'md554bdb85e136b50c40104fd9f73e1294d' - )} - end - - end - -end diff --git a/ironic/spec/classes/ironic_db_spec.rb b/ironic/spec/classes/ironic_db_spec.rb deleted file mode 100644 index e2667a628..000000000 --- a/ironic/spec/classes/ironic_db_spec.rb +++ /dev/null @@ -1,114 +0,0 @@ -require 'spec_helper' - -describe 'ironic::db' do - - shared_examples 'ironic::db' do - - context 'with default parameters' do - - it { is_expected.to contain_ironic_config('database/connection').with_value('sqlite:////var/lib/ironic/ovs.sqlite').with_secret(true) } - it { is_expected.to contain_ironic_config('database/idle_timeout').with_value('') } - it { is_expected.to contain_ironic_config('database/min_pool_size').with_value('') } - it { is_expected.to contain_ironic_config('database/max_pool_size').with_value('') } - it { is_expected.to contain_ironic_config('database/max_overflow').with_value('') } - it { is_expected.to contain_ironic_config('database/max_retries').with_value('') } - it { is_expected.to contain_ironic_config('database/retry_interval').with_value('') } - - end - - context 'with specific parameters' do - let :params do - { :database_connection => 'mysql+pymysql://ironic:ironic@localhost/ironic', - :database_idle_timeout => '3601', - :database_min_pool_size => '2', - :database_max_pool_size => '21', - :database_max_retries => '11', - :database_max_overflow => '21', - :database_retry_interval => '11', } - end - - it { is_expected.to contain_ironic_config('database/connection').with_value('mysql+pymysql://ironic:ironic@localhost/ironic').with_secret(true) } - it { is_expected.to contain_ironic_config('database/idle_timeout').with_value('3601') } - it { is_expected.to contain_ironic_config('database/min_pool_size').with_value('2') } - it { is_expected.to contain_ironic_config('database/max_retries').with_value('11') } - it { is_expected.to contain_ironic_config('database/max_pool_size').with_value('21') } - it { is_expected.to contain_ironic_config('database/max_overflow').with_value('21') } - it { is_expected.to contain_ironic_config('database/retry_interval').with_value('11') } - - end - - context 'with MySQL-python library as backend package' do - let :params do - { :database_connection => 'mysql://ironic:ironic@localhost/ironic' } - end - - it { is_expected.to contain_ironic_config('database/connection').with_value('mysql://ironic:ironic@localhost/ironic').with_secret(true) } - end - - context 'with postgresql backend' do - let :params do - { :database_connection => 'postgresql://ironic:ironic@localhost/ironic', } - end - - it 'install the proper backend package' do - is_expected.to contain_package('python-psycopg2').with(:ensure => 'present') - end - - end - - context 'with incorrect database_connection string' do - let :params do - { :database_connection => 'redis://ironic:ironic@localhost/ironic', } - end - - it_raises 'a Puppet::Error', /validate_re/ - end - - context 'with incorrect database_connection string' do - let :params do - { :database_connection => 'foo+pymysql://ironic:ironic@localhost/ironic', } - end - - it_raises 'a Puppet::Error', /validate_re/ - end - - end - - context 'on Debian platforms' do - let :facts do - @default_facts.merge({ :osfamily => 'Debian', - :operatingsystem => 'Debian', - :operatingsystemrelease => 'jessie', - }) - end - - it_configures 'ironic::db' - - context 'using pymysql driver' do - let :params do - { :database_connection => 'mysql+pymysql://ironic:ironic@localhost/ironic' } - end - - it { is_expected.to contain_package('ironic-backend-package').with({ :ensure => 'present', :name => 'python-pymysql' }) } - end - end - - context 'on Redhat platforms' do - let :facts do - @default_facts.merge({ :osfamily => 'RedHat', - :operatingsystemrelease => '7.1', - }) - end - - it_configures 'ironic::db' - - context 'using pymysql driver' do - let :params do - { :database_connection => 'mysql+pymysql://ironic:ironic@localhost/ironic' } - end - - it { is_expected.not_to contain_package('ironic-backend-package') } - end - end - -end diff --git a/ironic/spec/classes/ironic_db_sync_spec.rb b/ironic/spec/classes/ironic_db_sync_spec.rb deleted file mode 100644 index 8d68361d9..000000000 --- a/ironic/spec/classes/ironic_db_sync_spec.rb +++ /dev/null @@ -1,60 +0,0 @@ -require 'spec_helper' - -describe 'ironic::db::sync' do - - shared_examples_for 'ironic-dbsync' do - - it 'runs ironic-manage db_sync' do - is_expected.to contain_exec('ironic-dbsync').with( - :command => 'ironic-dbsync --config-file /etc/ironic/ironic.conf ', - :path => '/usr/bin', - :user => 'root', - :refreshonly => 'true', - :logoutput => 'on_failure' - ) - end - - describe "overriding extra_params" do - let :params do - { - :extra_params => '--config-file /etc/ironic/ironic_01.conf', - } - end - it { is_expected.to contain_exec('ironic-dbsync').with( - :command => 'ironic-dbsync --config-file /etc/ironic/ironic.conf --config-file /etc/ironic/ironic_01.conf', - :path => '/usr/bin', - :user => 'root', - :refreshonly => true, - :logoutput => 'on_failure' - ) - } - end - end - - - context 'on a RedHat osfamily' do - let :facts do - { - :osfamily => 'RedHat', - :operatingsystemrelease => '7.0', - :concat_basedir => '/var/lib/puppet/concat' - } - end - - it_configures 'ironic-dbsync' - end - - context 'on a Debian osfamily' do - let :facts do - { - :operatingsystemrelease => '7.8', - :operatingsystem => 'Debian', - :osfamily => 'Debian', - :concat_basedir => '/var/lib/puppet/concat' - } - end - - it_configures 'ironic-dbsync' - end - -end diff --git a/ironic/spec/classes/ironic_drivers_ipmi_spec.rb b/ironic/spec/classes/ironic_drivers_ipmi_spec.rb deleted file mode 100644 index 345f76886..000000000 --- a/ironic/spec/classes/ironic_drivers_ipmi_spec.rb +++ /dev/null @@ -1,69 +0,0 @@ -# -# Copyright (C) 2013 eNovance SAS -# -# Author: Emilien Macchi -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. You may obtain -# a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the -# License for the specific language governing permissions and limitations -# under the License. -# -# Unit tests for ironic::drivers::ipmi class -# - -require 'spec_helper' - -describe 'ironic::drivers::ipmi' do - - let :default_params do - { :retry_timeout => '10' } - end - - let :params do - {} - end - - shared_examples_for 'ironic ipmi driver' do - let :p do - default_params.merge(params) - end - - it 'configures ironic.conf' do - is_expected.to contain_ironic_config('ipmi/retry_timeout').with_value(p[:retry_timeout]) - end - - context 'when overriding parameters' do - before do - params.merge!(:retry_timeout => '50') - end - it 'should replace default parameter with new value' do - is_expected.to contain_ironic_config('ipmi/retry_timeout').with_value(p[:retry_timeout]) - end - end - - end - - context 'on Debian platforms' do - let :facts do - @default_facts.merge({ :osfamily => 'Debian' }) - end - - it_configures 'ironic ipmi driver' - end - - context 'on RedHat platforms' do - let :facts do - @default_facts.merge({ :osfamily => 'RedHat' }) - end - - it_configures 'ironic ipmi driver' - end - -end diff --git a/ironic/spec/classes/ironic_drivers_pxe_spec.rb b/ironic/spec/classes/ironic_drivers_pxe_spec.rb deleted file mode 100644 index d24a6827d..000000000 --- a/ironic/spec/classes/ironic_drivers_pxe_spec.rb +++ /dev/null @@ -1,116 +0,0 @@ -# -# Copyright (C) 2013 eNovance SAS -# -# Author: Emilien Macchi -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. You may obtain -# a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the -# License for the specific language governing permissions and limitations -# under the License. -# -# Unit tests for ironic::drivers::pxe class -# - -require 'spec_helper' - -describe 'ironic::drivers::pxe' do - - let :default_params do - { :pxe_append_params => 'nofb nomodeset vga=normal', - :pxe_config_template => '$pybasedir/drivers/modules/pxe_config.template', - :pxe_deploy_timeout => '0', - :tftp_server => '$my_ip', - :tftp_root => '/tftpboot', - :images_path => '/var/lib/ironic/images/', - :tftp_master_path => '/tftpboot/master_images', - :instance_master_path => '/var/lib/ironic/master_images', - :uefi_pxe_bootfile_name => 'elilo.efi', - :uefi_pxe_config_template => '$pybasedir/drivers/modules/elilo_efi_pxe_config.template', - :ipxe_timeout => 0 - } - end - - let :params do - {} - end - - shared_examples_for 'ironic pxe driver' do - let :p do - default_params.merge(params) - end - - it 'configures ironic.conf' do - is_expected.to contain_ironic_config('pxe/pxe_append_params').with_value(p[:pxe_append_params]) - is_expected.to contain_ironic_config('pxe/pxe_config_template').with_value(p[:pxe_config_template]) - is_expected.to contain_ironic_config('pxe/pxe_deploy_timeout').with_value(p[:pxe_deploy_timeout]) - is_expected.to contain_ironic_config('pxe/tftp_server').with_value(p[:tftp_server]) - is_expected.to contain_ironic_config('pxe/tftp_root').with_value(p[:tftp_root]) - is_expected.to contain_ironic_config('pxe/images_path').with_value(p[:images_path]) - is_expected.to contain_ironic_config('pxe/tftp_master_path').with_value(p[:tftp_master_path]) - is_expected.to contain_ironic_config('pxe/instance_master_path').with_value(p[:instance_master_path]) - is_expected.to contain_ironic_config('pxe/uefi_pxe_bootfile_name').with_value(p[:uefi_pxe_bootfile_name]) - is_expected.to contain_ironic_config('pxe/uefi_pxe_config_template').with_value(p[:uefi_pxe_config_template]) - end - - context 'when overriding parameters' do - before do - params.merge!( - :deploy_kernel => 'foo', - :deploy_ramdisk => 'bar', - :pxe_append_params => 'foo', - :pxe_config_template => 'bar', - :pxe_deploy_timeout => '40', - :tftp_server => '192.168.0.1', - :tftp_root => '/mnt/ftp', - :images_path => '/mnt/images', - :tftp_master_path => '/mnt/master_images', - :instance_master_path => '/mnt/ironic/master_images', - :uefi_pxe_bootfile_name => 'bootx64.efi', - :uefi_pxe_config_template => 'foo-uefi', - :ipxe_timeout => '60' - ) - end - - it 'should replace default parameter with new value' do - is_expected.to contain_ironic_config('pxe/deploy_kernel').with_value(p[:deploy_kernel]) - is_expected.to contain_ironic_config('pxe/deploy_ramdisk').with_value(p[:deploy_ramdisk]) - is_expected.to contain_ironic_config('pxe/pxe_append_params').with_value(p[:pxe_append_params]) - is_expected.to contain_ironic_config('pxe/pxe_config_template').with_value(p[:pxe_config_template]) - is_expected.to contain_ironic_config('pxe/pxe_deploy_timeout').with_value(p[:pxe_deploy_timeout]) - is_expected.to contain_ironic_config('pxe/tftp_server').with_value(p[:tftp_server]) - is_expected.to contain_ironic_config('pxe/tftp_root').with_value(p[:tftp_root]) - is_expected.to contain_ironic_config('pxe/images_path').with_value(p[:images_path]) - is_expected.to contain_ironic_config('pxe/tftp_master_path').with_value(p[:tftp_master_path]) - is_expected.to contain_ironic_config('pxe/instance_master_path').with_value(p[:instance_master_path]) - is_expected.to contain_ironic_config('pxe/uefi_pxe_bootfile_name').with_value(p[:uefi_pxe_bootfile_name]) - is_expected.to contain_ironic_config('pxe/uefi_pxe_config_template').with_value(p[:uefi_pxe_config_template]) - is_expected.to contain_ironic_config('pxe/ipxe_timeout').with_value(p[:ipxe_timeout]) - end - end - - end - - context 'on Debian platforms' do - let :facts do - @default_facts.merge({ :osfamily => 'Debian' }) - end - - it_configures 'ironic pxe driver' - end - - context 'on RedHat platforms' do - let :facts do - @default_facts.merge({ :osfamily => 'RedHat' }) - end - - it_configures 'ironic pxe driver' - end - -end diff --git a/ironic/spec/classes/ironic_init_spec.rb b/ironic/spec/classes/ironic_init_spec.rb deleted file mode 100644 index 0d678f93c..000000000 --- a/ironic/spec/classes/ironic_init_spec.rb +++ /dev/null @@ -1,267 +0,0 @@ -# -# Copyright (C) 2013 eNovance SAS -# -# Author: Emilien Macchi -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. You may obtain -# a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the -# License for the specific language governing permissions and limitations -# under the License. -# -# Unit tests for ironic -# - -require 'spec_helper' - -describe 'ironic' do - - let :params do - { :package_ensure => 'present', - :verbose => false, - :debug => false, - :enabled_drivers => ['pxe_ipmitool'], - :rabbit_host => '127.0.0.1', - :rabbit_port => 5672, - :rabbit_hosts => false, - :rabbit_userid => 'guest', - :rabbit_password => 'guest', - :rabbit_virtual_host => '/', - :database_connection => 'sqlite:////var/lib/ironic/ironic.sqlite', - :database_max_retries => 10, - :database_idle_timeout => 3600, - :database_reconnect_interval => 10, - :database_retry_interval => 10, - :glance_num_retries => 0, - :glance_api_insecure => false - } - end - - shared_examples_for 'ironic' do - - context 'and if rabbit_host parameter is provided' do - it_configures 'a ironic base installation' - it_configures 'with SSL disabled' - it_configures 'with SSL enabled without kombu' - it_configures 'with SSL enabled with kombu' - it_configures 'with amqp_durable_queues disabled' - it_configures 'with amqp_durable_queues enabled' - it_configures 'with one glance server' - it_configures 'with two glance servers' - end - - context 'and if rabbit_hosts parameter is provided' do - before do - params.delete(:rabbit_host) - params.delete(:rabbit_port) - end - - context 'with one server' do - before { params.merge!( :rabbit_hosts => ['127.0.0.1:5672'] ) } - it_configures 'a ironic base installation' - it_configures 'rabbit HA with a single virtual host' - end - - context 'with multiple servers' do - before { params.merge!( :rabbit_hosts => ['rabbit1:5672', 'rabbit2:5672'] ) } - it_configures 'a ironic base installation' - it_configures 'rabbit HA with multiple hosts' - end - end - - end - - shared_examples_for 'a ironic base installation' do - - it { is_expected.to contain_class('ironic::logging') } - it { is_expected.to contain_class('ironic::params') } - - it 'configures ironic configuration folder' do - is_expected.to contain_file('/etc/ironic').with( - :ensure => 'directory', - :group => 'ironic', - :require => 'Package[ironic-common]' - ) - end - - it 'configures ironic configuration file' do - is_expected.to contain_file('/etc/ironic/ironic.conf').with( - :group => 'ironic', - :require => 'Package[ironic-common]' - ) - end - - it 'installs ironic package' do - is_expected.to contain_package('ironic-common').with( - :ensure => 'present', - :name => platform_params[:common_package_name], - :tag => ['openstack', 'ironic-package'], - ) - end - - it 'configures enabled_drivers' do - is_expected.to contain_ironic_config('DEFAULT/enabled_drivers').with_value( params[:enabled_drivers] ) - end - - it 'configures credentials for rabbit' do - is_expected.to contain_ironic_config('oslo_messaging_rabbit/rabbit_userid').with_value( params[:rabbit_userid] ) - is_expected.to contain_ironic_config('oslo_messaging_rabbit/rabbit_password').with_value( params[:rabbit_password] ) - is_expected.to contain_ironic_config('oslo_messaging_rabbit/rabbit_virtual_host').with_value( params[:rabbit_virtual_host] ) - is_expected.to contain_ironic_config('oslo_messaging_rabbit/rabbit_password').with_secret( true ) - end - - it 'should perform default database configuration' do - is_expected.to contain_ironic_config('database/connection').with_value(params[:database_connection]) - is_expected.to contain_ironic_config('database/max_retries').with_value(params[:database_max_retries]) - is_expected.to contain_ironic_config('database/idle_timeout').with_value(params[:database_idle_timeout]) - is_expected.to contain_ironic_config('database/retry_interval').with_value(params[:database_retry_interval]) - end - - it 'configures glance connection' do - is_expected.to contain_ironic_config('glance/glance_num_retries').with_value(params[:glance_num_retries]) - is_expected.to contain_ironic_config('glance/glance_api_insecure').with_value(params[:glance_api_insecure]) - end - - it 'configures ironic.conf' do - is_expected.to contain_ironic_config('DEFAULT/auth_strategy').with_value('keystone') - is_expected.to contain_ironic_config('DEFAULT/control_exchange').with_value('openstack') - end - end - - shared_examples_for 'rabbit HA with a single virtual host' do - it 'in ironic.conf' do - is_expected.to contain_ironic_config('oslo_messaging_rabbit/rabbit_host').with_ensure('absent') - is_expected.to contain_ironic_config('oslo_messaging_rabbit/rabbit_port').with_ensure('absent') - is_expected.to contain_ironic_config('oslo_messaging_rabbit/rabbit_hosts').with_value( params[:rabbit_hosts] ) - is_expected.to contain_ironic_config('oslo_messaging_rabbit/rabbit_ha_queues').with_value(true) - end - end - - shared_examples_for 'rabbit HA with multiple hosts' do - it 'in ironic.conf' do - is_expected.to contain_ironic_config('oslo_messaging_rabbit/rabbit_host').with_ensure('absent') - is_expected.to contain_ironic_config('oslo_messaging_rabbit/rabbit_port').with_ensure('absent') - is_expected.to contain_ironic_config('oslo_messaging_rabbit/rabbit_hosts').with_value( params[:rabbit_hosts].join(',') ) - is_expected.to contain_ironic_config('oslo_messaging_rabbit/rabbit_ha_queues').with_value(true) - end - end - - shared_examples_for 'with SSL enabled with kombu' do - before do - params.merge!( - :rabbit_use_ssl => true, - :kombu_ssl_ca_certs => '/path/to/ssl/ca/certs', - :kombu_ssl_certfile => '/path/to/ssl/cert/file', - :kombu_ssl_keyfile => '/path/to/ssl/keyfile', - :kombu_ssl_version => 'TLSv1' - ) - end - - it do - is_expected.to contain_ironic_config('oslo_messaging_rabbit/rabbit_use_ssl').with_value('true') - is_expected.to contain_ironic_config('oslo_messaging_rabbit/kombu_ssl_ca_certs').with_value('/path/to/ssl/ca/certs') - is_expected.to contain_ironic_config('oslo_messaging_rabbit/kombu_ssl_certfile').with_value('/path/to/ssl/cert/file') - is_expected.to contain_ironic_config('oslo_messaging_rabbit/kombu_ssl_keyfile').with_value('/path/to/ssl/keyfile') - is_expected.to contain_ironic_config('oslo_messaging_rabbit/kombu_ssl_version').with_value('TLSv1') - end - end - - shared_examples_for 'with SSL enabled without kombu' do - before do - params.merge!( - :rabbit_use_ssl => true, - ) - end - - it do - is_expected.to contain_ironic_config('oslo_messaging_rabbit/rabbit_use_ssl').with_value('true') - is_expected.to contain_ironic_config('oslo_messaging_rabbit/kombu_ssl_ca_certs').with_ensure('absent') - is_expected.to contain_ironic_config('oslo_messaging_rabbit/kombu_ssl_certfile').with_ensure('absent') - is_expected.to contain_ironic_config('oslo_messaging_rabbit/kombu_ssl_keyfile').with_ensure('absent') - is_expected.to contain_ironic_config('oslo_messaging_rabbit/kombu_ssl_version').with_value('TLSv1') - end - end - - shared_examples_for 'with SSL disabled' do - before do - params.merge!( - :rabbit_use_ssl => false, - :kombu_ssl_ca_certs => 'undef', - :kombu_ssl_certfile => 'undef', - :kombu_ssl_keyfile => 'undef', - :kombu_ssl_version => 'TLSv1' - ) - end - - it do - is_expected.to contain_ironic_config('oslo_messaging_rabbit/rabbit_use_ssl').with_value('false') - is_expected.to contain_ironic_config('oslo_messaging_rabbit/kombu_ssl_ca_certs').with_ensure('absent') - is_expected.to contain_ironic_config('oslo_messaging_rabbit/kombu_ssl_certfile').with_ensure('absent') - is_expected.to contain_ironic_config('oslo_messaging_rabbit/kombu_ssl_keyfile').with_ensure('absent') - is_expected.to contain_ironic_config('oslo_messaging_rabbit/kombu_ssl_version').with_ensure('absent') - end - end - - - shared_examples_for 'with amqp_durable_queues disabled' do - it { is_expected.to contain_ironic_config('oslo_messaging_rabbit/amqp_durable_queues').with_value(false) } - end - - shared_examples_for 'with amqp_durable_queues enabled' do - before do - params.merge!( :amqp_durable_queues => true ) - end - - it { is_expected.to contain_ironic_config('oslo_messaging_rabbit/amqp_durable_queues').with_value(true) } - end - - shared_examples_for 'with one glance server' do - before do - params.merge!(:glance_api_servers => '10.0.0.1:9292') - end - - it 'should configure one glance server' do - is_expected.to contain_ironic_config('glance/glance_api_servers').with_value(params[:glance_api_servers]) - end - end - - shared_examples_for 'with two glance servers' do - before do - params.merge!(:glance_api_servers => ['10.0.0.1:9292','10.0.0.2:9292']) - end - - it 'should configure one glance server' do - is_expected.to contain_ironic_config('glance/glance_api_servers').with_value(params[:glance_api_servers].join(',')) - end - end - - context 'on Debian platforms' do - let :facts do - @default_facts.merge({ :osfamily => 'Debian' }) - end - - let :platform_params do - { :common_package_name => 'ironic-common' } - end - - it_configures 'ironic' - end - - context 'on RedHat platforms' do - let :facts do - @default_facts.merge({ :osfamily => 'RedHat' }) - end - - let :platform_params do - { :common_package_name => 'openstack-ironic-common' } - end - - it_configures 'ironic' - end -end diff --git a/ironic/spec/classes/ironic_inspector_logging_spec.rb b/ironic/spec/classes/ironic_inspector_logging_spec.rb deleted file mode 100644 index f1615bd00..000000000 --- a/ironic/spec/classes/ironic_inspector_logging_spec.rb +++ /dev/null @@ -1,143 +0,0 @@ -require 'spec_helper' - -describe 'ironic::inspector::logging' do - - let :params do - { - } - end - - let :log_params do - { - :logging_context_format_string => '%(asctime)s.%(msecs)03d %(process)d %(levelname)s %(name)s [%(request_id)s %(user_identity)s] %(instance)s%(message)s', - :logging_default_format_string => '%(asctime)s.%(msecs)03d %(process)d %(levelname)s %(name)s [-] %(instance)s%(message)s', - :logging_debug_format_suffix => '%(funcName)s %(pathname)s:%(lineno)d', - :logging_exception_prefix => '%(asctime)s.%(msecs)03d %(process)d TRACE %(name)s %(instance)s', - :log_config_append => '/etc/ironic-inspector/logging.conf', - :publish_errors => true, - :default_log_levels => { - 'amqp' => 'WARN', 'amqplib' => 'WARN', 'boto' => 'WARN', - 'qpid' => 'WARN', 'sqlalchemy' => 'WARN', 'suds' => 'INFO', - 'iso8601' => 'WARN', - 'requests.packages.urllib3.connectionpool' => 'WARN' }, - :fatal_deprecations => true, - :instance_format => '[instance: %(uuid)s] ', - :instance_uuid_format => '[instance: %(uuid)s] ', - :log_date_format => '%Y-%m-%d %H:%M:%S', - :use_syslog => true, - :use_stderr => false, - :log_facility => 'LOG_FOO', - :log_dir => '/var/log', - :verbose => true, - :debug => true, - } - end - - shared_examples_for 'ironic-inspector-logging' do - - context 'with basic logging options and default settings' do - it_configures 'basic default logging settings' - end - - context 'with basic logging options and non-default settings' do - before { params.merge!( log_params ) } - it_configures 'basic non-default logging settings' - end - - context 'with extended logging options' do - before { params.merge!( log_params ) } - it_configures 'logging params set' - end - - context 'without extended logging options' do - it_configures 'logging params unset' - end - - end - - shared_examples 'basic default logging settings' do - it 'configures ironic logging settins with default values' do - is_expected.to contain_ironic_inspector_config('DEFAULT/use_syslog').with(:value => '') - is_expected.to contain_ironic_inspector_config('DEFAULT/use_stderr').with(:value => '') - is_expected.to contain_ironic_inspector_config('DEFAULT/log_dir').with(:value => '/var/log/ironic-inspector') - is_expected.to contain_ironic_inspector_config('DEFAULT/verbose').with(:value => '') - is_expected.to contain_ironic_inspector_config('DEFAULT/debug').with(:value => '') - end - end - - shared_examples 'basic non-default logging settings' do - it 'configures ironic logging settins with non-default values' do - is_expected.to contain_ironic_inspector_config('DEFAULT/use_syslog').with(:value => 'true') - is_expected.to contain_ironic_inspector_config('DEFAULT/use_stderr').with(:value => 'false') - is_expected.to contain_ironic_inspector_config('DEFAULT/syslog_log_facility').with(:value => 'LOG_FOO') - is_expected.to contain_ironic_inspector_config('DEFAULT/log_dir').with(:value => '/var/log') - is_expected.to contain_ironic_inspector_config('DEFAULT/verbose').with(:value => 'true') - is_expected.to contain_ironic_inspector_config('DEFAULT/debug').with(:value => 'true') - end - end - - shared_examples_for 'logging params set' do - it 'enables logging params' do - is_expected.to contain_ironic_inspector_config('DEFAULT/logging_context_format_string').with_value( - '%(asctime)s.%(msecs)03d %(process)d %(levelname)s %(name)s [%(request_id)s %(user_identity)s] %(instance)s%(message)s') - - is_expected.to contain_ironic_inspector_config('DEFAULT/logging_default_format_string').with_value( - '%(asctime)s.%(msecs)03d %(process)d %(levelname)s %(name)s [-] %(instance)s%(message)s') - - is_expected.to contain_ironic_inspector_config('DEFAULT/logging_debug_format_suffix').with_value( - '%(funcName)s %(pathname)s:%(lineno)d') - - is_expected.to contain_ironic_inspector_config('DEFAULT/logging_exception_prefix').with_value( - '%(asctime)s.%(msecs)03d %(process)d TRACE %(name)s %(instance)s') - - is_expected.to contain_ironic_inspector_config('DEFAULT/log_config_append').with_value( - '/etc/ironic-inspector/logging.conf') - is_expected.to contain_ironic_inspector_config('DEFAULT/publish_errors').with_value( - true) - - is_expected.to contain_ironic_inspector_config('DEFAULT/default_log_levels').with_value( - 'amqp=WARN,amqplib=WARN,boto=WARN,iso8601=WARN,qpid=WARN,requests.packages.urllib3.connectionpool=WARN,sqlalchemy=WARN,suds=INFO') - - is_expected.to contain_ironic_inspector_config('DEFAULT/fatal_deprecations').with_value( - true) - - is_expected.to contain_ironic_inspector_config('DEFAULT/instance_format').with_value( - '[instance: %(uuid)s] ') - - is_expected.to contain_ironic_inspector_config('DEFAULT/instance_uuid_format').with_value( - '[instance: %(uuid)s] ') - - is_expected.to contain_ironic_inspector_config('DEFAULT/log_date_format').with_value( - '%Y-%m-%d %H:%M:%S') - end - end - - - shared_examples_for 'logging params unset' do - [ :logging_context_format_string, :logging_default_format_string, - :logging_debug_format_suffix, :logging_exception_prefix, - :log_config_append, :publish_errors, - :default_log_levels, :fatal_deprecations, - :instance_format, :instance_uuid_format, - :log_date_format, ].each { |param| - it { is_expected.to contain_ironic_inspector_config("DEFAULT/#{param}").with_value('') } - } - end - - context 'on Debian platforms' do - let :facts do - @default_facts.merge({ :osfamily => 'Debian' }) - end - - it_configures 'ironic-inspector-logging' - end - - context 'on RedHat platforms' do - let :facts do - @default_facts.merge({ :osfamily => 'RedHat' }) - end - - it_configures 'ironic-inspector-logging' - end - -end diff --git a/ironic/spec/classes/ironic_inspector_spec.rb b/ironic/spec/classes/ironic_inspector_spec.rb deleted file mode 100644 index 178eeca54..000000000 --- a/ironic/spec/classes/ironic_inspector_spec.rb +++ /dev/null @@ -1,241 +0,0 @@ -# -# Copyright (C) 2015 Red Hat, Inc -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. You may obtain -# a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the -# License for the specific language governing permissions and limitations -# under the License. -# -# Unit tests for ironic::inspector class -# - -require 'spec_helper' - -describe 'ironic::inspector' do - - let :default_params do - { :package_ensure => 'present', - :enabled => true, - :pxe_transfer_protocol => 'tftp', - :enable_uefi => false, - :auth_uri => 'http://127.0.0.1:5000/v2.0', - :identity_uri => 'http://127.0.0.1:35357', - :admin_user => 'ironic', - :admin_tenant_name => 'services', - :dnsmasq_interface => 'br-ctlplane', - :db_connection => 'sqlite:////var/lib/ironic-inspector/inspector.sqlite', - :ramdisk_logs_dir => '/var/log/ironic-inspector/ramdisk/', - :enable_setting_ipmi_credentials => false, - :keep_ports => 'all', - :store_data => 'none', - :ironic_username => 'ironic', - :ironic_tenant_name => 'services', - :ironic_auth_url => 'http://127.0.0.1:5000/v2.0', - :ironic_max_retries => 30, - :ironic_retry_interval => 2, - :swift_username => 'ironic', - :swift_tenant_name => 'services', - :swift_auth_url => 'http://127.0.0.1:5000/v2.0', - :dnsmasq_ip_range => '192.168.0.100,192.168.0.120', - :dnsmasq_local_ip => '192.168.0.1', - :ipxe_timeout => 0, } - end - - let :params do - {} - end - - shared_examples_for 'ironic inspector' do - let :p do - default_params.merge(params) - end - - it { is_expected.to contain_class('ironic::params') } - it { is_expected.to contain_class('ironic::inspector::logging') } - - it 'installs ironic inspector package' do - if platform_params.has_key?(:inspector_package) - is_expected.to contain_package('ironic-inspector').with( - :name => platform_params[:inspector_package], - :ensure => p[:package_ensure], - :tag => ['openstack', 'ironic-inspector-package'], - ) - is_expected.to contain_package('ironic-inspector').with_before(/Service\[ironic-inspector\]/) - end - end - - it 'ensure ironic inspector service is running' do - is_expected.to contain_service('ironic-inspector').with( - 'hasstatus' => true, - 'tag' => 'ironic-inspector-service', - ) - end - - it 'ensure ironic inspector dnsmasq service is running' do - is_expected.to contain_service('ironic-inspector-dnsmasq').with( - 'hasstatus' => true, - 'tag' => 'ironic-inspector-dnsmasq-service', - ) - end - - it 'configures inspector.conf' do - is_expected.to contain_ironic_inspector_config('keystone_authtoken/auth_uri').with_value(p[:auth_uri]) - is_expected.to contain_ironic_inspector_config('keystone_authtoken/identity_uri').with_value(p[:identity_uri]) - is_expected.to contain_ironic_inspector_config('keystone_authtoken/admin_user').with_value(p[:admin_user]) - is_expected.to contain_ironic_inspector_config('keystone_authtoken/admin_tenant_name').with_value(p[:admin_tenant_name]) - is_expected.to contain_ironic_inspector_config('firewall/dnsmasq_interface').with_value(p[:dnsmasq_interface]) - is_expected.to contain_ironic_inspector_config('database/connection').with_value(p[:db_connection]) - is_expected.to contain_ironic_inspector_config('processing/ramdisk_logs_dir').with_value(p[:ramdisk_logs_dir]) - is_expected.to contain_ironic_inspector_config('processing/enable_setting_ipmi_credentials').with_value(p[:enable_setting_ipmi_credentials]) - is_expected.to contain_ironic_inspector_config('processing/keep_ports').with_value(p[:keep_ports]) - is_expected.to contain_ironic_inspector_config('processing/store_data').with_value(p[:store_data]) - is_expected.to contain_ironic_inspector_config('ironic/os_username').with_value(p[:ironic_username]) - is_expected.to contain_ironic_inspector_config('ironic/os_tenant_name').with_value(p[:ironic_tenant_name]) - is_expected.to contain_ironic_inspector_config('ironic/os_auth_url').with_value(p[:ironic_auth_url]) - is_expected.to contain_ironic_inspector_config('ironic/max_retries').with_value(p[:ironic_max_retries]) - is_expected.to contain_ironic_inspector_config('ironic/retry_interval').with_value(p[:ironic_retry_interval]) - is_expected.to contain_ironic_inspector_config('swift/username').with_value(p[:swift_username]) - is_expected.to contain_ironic_inspector_config('swift/tenant_name').with_value(p[:swift_tenant_name]) - is_expected.to contain_ironic_inspector_config('swift/os_auth_url').with_value(p[:swift_auth_url]) - is_expected.to contain_ironic_inspector_config('processing/processing_hooks').with_value('$default_processing_hooks') - end - - it 'should contain file /etc/ironic-inspector/dnsmasq.conf' do - is_expected.to contain_file('/etc/ironic-inspector/dnsmasq.conf').with( - 'ensure' => 'present', - 'require' => 'Package[ironic-inspector]', - 'content' => /pxelinux/, - ) - end - it 'should contain file /tftpboot/pxelinux.cfg/default' do - is_expected.to contain_file('/tftpboot/pxelinux.cfg/default').with( - 'ensure' => 'present', - 'require' => 'Package[ironic-inspector]', - 'content' => /default/, - ) - is_expected.to contain_file('/tftpboot/pxelinux.cfg/default').with_content( - /initrd=agent.ramdisk ipa-inspection-callback-url=http:\/\/192.168.0.1:5050\/v1\/continue ipa-inspection-collectors=default/ - ) - end - it 'should contain directory /tftpboot with selinux type tftpdir_t' do - is_expected.to contain_file('/tftpboot').with( - 'ensure' => 'directory', - 'seltype' => 'tftpdir_t' - ) - end - - it 'should not contain BIOS iPXE image by default' do - is_expected.to_not contain_file('/tftpboot/undionly.kpxe') - end - - it 'should not contain UEFI iPXE image by default' do - is_expected.to_not contain_file('/tftpboot/ipxe.efi') - end - - context 'when overriding parameters' do - before :each do - params.merge!( - :debug => true, - :auth_uri => 'http://192.168.0.1:5000/v2.0', - :identity_uri => 'http://192.168.0.1:35357', - :admin_password => 'password', - :ironic_password => 'password', - :ironic_auth_url => 'http://192.168.0.1:5000/v2.0', - :swift_password => 'password', - :swift_auth_url => 'http://192.168.0.1:5000/v2.0', - :pxe_transfer_protocol => 'http', - :additional_processing_hooks => 'hook1,hook2', - :ramdisk_kernel_args => 'foo=bar', - :enable_uefi => true, - ) - end - it 'should replace default parameter with new value' do - is_expected.to contain_ironic_inspector_config('DEFAULT/debug').with_value(p[:debug]) - is_expected.to contain_ironic_inspector_config('keystone_authtoken/auth_uri').with_value(p[:auth_uri]) - is_expected.to contain_ironic_inspector_config('keystone_authtoken/identity_uri').with_value(p[:identity_uri]) - is_expected.to contain_ironic_inspector_config('keystone_authtoken/admin_password').with_value(p[:admin_password]) - is_expected.to contain_ironic_inspector_config('ironic/os_password').with_value(p[:ironic_password]) - is_expected.to contain_ironic_inspector_config('ironic/os_auth_url').with_value(p[:ironic_auth_url]) - is_expected.to contain_ironic_inspector_config('swift/password').with_value(p[:swift_password]) - is_expected.to contain_ironic_inspector_config('swift/os_auth_url').with_value(p[:swift_auth_url]) - is_expected.to contain_ironic_inspector_config('processing/processing_hooks').with_value('$default_processing_hooks,hook1,hook2') - end - - it 'should contain file /etc/ironic-inspector/dnsmasq.conf' do - is_expected.to contain_file('/etc/ironic-inspector/dnsmasq.conf').with( - 'ensure' => 'present', - 'require' => 'Package[ironic-inspector]', - 'content' => /ipxe/, - ) - end - it 'should contain file /httpboot/inspector.ipxe' do - is_expected.to contain_file('/httpboot/inspector.ipxe').with( - 'ensure' => 'present', - 'require' => 'Package[ironic-inspector]', - 'content' => /ipxe/, - ) - is_expected.to contain_file('/httpboot/inspector.ipxe').with_content( - /kernel http:\/\/192.168.0.1:8088\/agent.kernel ipa-inspection-callback-url=http:\/\/192.168.0.1:5050\/v1\/continue ipa-inspection-collectors=default.* foo=bar || goto retry_boot/ - ) - end - it 'should contain iPXE chainload images' do - is_expected.to contain_file('/tftpboot/undionly.kpxe').with( - 'ensure' => 'present', - 'backup' => false, - ) - end - it 'should contain iPXE UEFI chainload image' do - is_expected.to contain_file('/tftpboot/ipxe.efi').with( - 'ensure' => 'present', - 'backup' => false, - ) - end - - context 'when ipxe_timeout is set' do - before :each do - params.merge!( - :ipxe_timeout => 30, - ) - end - - it 'should contain file /httpboot/inspector.ipxe' do - is_expected.to contain_file('/httpboot/inspector.ipxe').with_content( - /kernel --timeout 30000/) - end - end - end - end - - context 'on Debian platforms' do - let :facts do - @default_facts.merge({ :osfamily => 'Debian' }) - end - - let :platform_params do - { :inspector_package => 'ironic-inspector', - :inspector_service => 'ironic-inspector' } - end - - it_configures 'ironic inspector' - end - - context 'on RedHat platforms' do - let :facts do - @default_facts.merge({ :osfamily => 'RedHat' }) - end - - let :platform_params do - { :inspector_service => 'ironic-inspector' } - end - - it_configures 'ironic inspector' - end - -end diff --git a/ironic/spec/classes/ironic_keystone_auth_inspector_spec.rb b/ironic/spec/classes/ironic_keystone_auth_inspector_spec.rb deleted file mode 100644 index b6a6b3958..000000000 --- a/ironic/spec/classes/ironic_keystone_auth_inspector_spec.rb +++ /dev/null @@ -1,156 +0,0 @@ -# -# Copyright (C) 2015 Red Hat Inc. -# -# Author: Dan Prince -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. You may obtain -# a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the -# License for the specific language governing permissions and limitations -# under the License. -# -# Unit tests for ironic::keystone::auth_inspector -# - -require 'spec_helper' - -describe 'ironic::keystone::auth_inspector' do - - let :facts do - @default_facts.merge({ :osfamily => 'Debian' }) - end - - describe 'with default class parameters' do - let :params do - { :password => 'ironic_inspector_password', - :tenant => 'foobar' } - end - - it { is_expected.to contain_keystone_user('ironic-inspector').with( - :ensure => 'present', - :password => 'ironic_inspector_password', - ) } - - it { is_expected.to contain_keystone_user_role('ironic-inspector@foobar').with( - :ensure => 'present', - :roles => ['admin'] - )} - - it { is_expected.to contain_keystone_service('ironic-inspector::baremetal-introspection').with( - :ensure => 'present', - :type => 'baremetal-introspection', - :description => 'Bare Metal Introspection Service' - ) } - - it { is_expected.to contain_keystone_endpoint('RegionOne/ironic-inspector::baremetal-introspection').with( - :ensure => 'present', - :public_url => "http://127.0.0.1:5050", - :admin_url => "http://127.0.0.1:5050", - :internal_url => "http://127.0.0.1:5050" - ) } - end - - describe 'when configuring ironic-inspector' do - let :pre_condition do - "class { 'ironic::inspector': auth_password => 'test' }" - end - - let :params do - { :password => 'ironic_password', - :tenant => 'foobar' } - end - - end - - describe 'with endpoint parameters' do - let :params do - { :password => 'ironic_password', - :public_url => 'https://10.0.0.10:5050', - :admin_url => 'https://10.0.0.11:5050', - :internal_url => 'https://10.0.0.11:5050' } - end - - it { is_expected.to contain_keystone_endpoint('RegionOne/ironic-inspector::baremetal-introspection').with( - :ensure => 'present', - :public_url => 'https://10.0.0.10:5050', - :admin_url => 'https://10.0.0.11:5050', - :internal_url => 'https://10.0.0.11:5050' - ) } - end - - describe 'when overriding auth name' do - let :params do - { :password => 'foo', - :auth_name => 'inspecty' } - end - - it { is_expected.to contain_keystone_user('inspecty') } - it { is_expected.to contain_keystone_user_role('inspecty@services') } - it { is_expected.to contain_keystone_service('inspecty::baremetal-introspection') } - it { is_expected.to contain_keystone_endpoint('RegionOne/inspecty::baremetal-introspection') } - end - - describe 'when overriding service name' do - let :params do - { - :service_name => 'inspector_service', - :password => 'ironic_password', - } - end - - it { is_expected.to contain_keystone_user('ironic-inspector') } - it { is_expected.to contain_keystone_user_role('ironic-inspector@services') } - it { is_expected.to contain_keystone_service('inspector_service::baremetal-introspection') } - it { is_expected.to contain_keystone_endpoint('RegionOne/inspector_service::baremetal-introspection') } - end - - describe 'when disabling user configuration' do - - let :params do - { - :password => 'ironic_password', - :configure_user => false - } - end - - it { is_expected.not_to contain_keystone_user('ironic-inspector') } - - it { is_expected.to contain_keystone_user_role('ironic-inspector@services') } - - it { is_expected.to contain_keystone_service('ironic-inspector::baremetal-introspection').with( - :ensure => 'present', - :type => 'baremetal-introspection', - :description => 'Bare Metal Introspection Service' - ) } - - end - - describe 'when disabling user and user role configuration' do - - let :params do - { - :password => 'ironic_password', - :configure_user => false, - :configure_user_role => false - } - end - - it { is_expected.not_to contain_keystone_user('ironic-inspector') } - - it { is_expected.not_to contain_keystone_user_role('ironic-inspector@services') } - - it { is_expected.to contain_keystone_service('ironic-inspector::baremetal-introspection').with( - :ensure => 'present', - :type => 'baremetal-introspection', - :description => 'Bare Metal Introspection Service' - ) } - - end - -end diff --git a/ironic/spec/classes/ironic_keystone_auth_spec.rb b/ironic/spec/classes/ironic_keystone_auth_spec.rb deleted file mode 100644 index 7c86a3c8a..000000000 --- a/ironic/spec/classes/ironic_keystone_auth_spec.rb +++ /dev/null @@ -1,173 +0,0 @@ -# -# Copyright (C) 2013 eNovance SAS -# -# Author: Emilien Macchi -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. You may obtain -# a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the -# License for the specific language governing permissions and limitations -# under the License. -# -# Unit tests for ironic::keystone::auth -# - -require 'spec_helper' - -describe 'ironic::keystone::auth' do - - let :facts do - @default_facts.merge({ :osfamily => 'Debian' }) - end - - describe 'with default class parameters' do - let :params do - { :password => 'ironic_password', - :tenant => 'foobar' } - end - - it { is_expected.to contain_keystone_user('ironic').with( - :ensure => 'present', - :password => 'ironic_password', - ) } - - it { is_expected.to contain_keystone_user_role('ironic@foobar').with( - :ensure => 'present', - :roles => ['admin'] - )} - - it { is_expected.to contain_keystone_service('ironic::baremetal').with( - :ensure => 'present', - :description => 'Ironic Bare Metal Provisioning Service' - ) } - - it { is_expected.to contain_keystone_endpoint('RegionOne/ironic::baremetal').with( - :ensure => 'present', - :public_url => "http://127.0.0.1:6385", - :admin_url => "http://127.0.0.1:6385", - :internal_url => "http://127.0.0.1:6385" - ) } - end - - describe 'when configuring ironic-server' do - let :pre_condition do - "class { 'ironic::server': auth_password => 'test' }" - end - - let :params do - { :password => 'ironic_password', - :tenant => 'foobar' } - end - - #FIXME it { should contain_keystone_endpoint('RegionOne/ironic').with_notify('Service[ironic-server]') } - end - - describe 'with endpoint parameters' do - let :params do - { :password => 'ironic_password', - :public_url => 'https://10.0.0.10:6385', - :admin_url => 'https://10.0.0.11:6385', - :internal_url => 'https://10.0.0.11:6385' } - end - - it { is_expected.to contain_keystone_endpoint('RegionOne/ironic::baremetal').with( - :ensure => 'present', - :public_url => 'https://10.0.0.10:6385', - :admin_url => 'https://10.0.0.11:6385', - :internal_url => 'https://10.0.0.11:6385' - ) } - end - - describe 'with deprecated endpoint parameters' do - let :params do - { :password => 'ironic_password', - :public_protocol => 'https', - :public_port => '80', - :public_address => '10.10.10.10', - :port => '81', - :internal_address => '10.10.10.11', - :admin_address => '10.10.10.12' } - end - - it { is_expected.to contain_keystone_endpoint('RegionOne/ironic::baremetal').with( - :ensure => 'present', - :public_url => "https://10.10.10.10:80", - :internal_url => "http://10.10.10.11:81", - :admin_url => "http://10.10.10.12:81" - ) } - end - - describe 'when overriding auth name' do - let :params do - { :password => 'foo', - :auth_name => 'ironicy' } - end - - it { is_expected.to contain_keystone_user('ironicy') } - it { is_expected.to contain_keystone_user_role('ironicy@services') } - it { is_expected.to contain_keystone_service('ironicy::baremetal') } - it { is_expected.to contain_keystone_endpoint('RegionOne/ironicy::baremetal') } - end - - describe 'when overriding service name' do - let :params do - { - :service_name => 'ironic_service', - :password => 'ironic_password', - } - end - - it { is_expected.to contain_keystone_user('ironic') } - it { is_expected.to contain_keystone_user_role('ironic@services') } - it { is_expected.to contain_keystone_service('ironic_service::baremetal') } - it { is_expected.to contain_keystone_endpoint('RegionOne/ironic_service::baremetal') } - end - - describe 'when disabling user configuration' do - - let :params do - { - :password => 'ironic_password', - :configure_user => false - } - end - - it { is_expected.not_to contain_keystone_user('ironic') } - - it { is_expected.to contain_keystone_user_role('ironic@services') } - - it { is_expected.to contain_keystone_service('ironic::baremetal').with( - :ensure => 'present', - :description => 'Ironic Bare Metal Provisioning Service' - ) } - - end - - describe 'when disabling user and user role configuration' do - - let :params do - { - :password => 'ironic_password', - :configure_user => false, - :configure_user_role => false - } - end - - it { is_expected.not_to contain_keystone_user('ironic') } - - it { is_expected.not_to contain_keystone_user_role('ironic@services') } - - it { is_expected.to contain_keystone_service('ironic::baremetal').with( - :ensure => 'present', - :description => 'Ironic Bare Metal Provisioning Service' - ) } - - end - -end diff --git a/ironic/spec/classes/ironic_logging_spec.rb b/ironic/spec/classes/ironic_logging_spec.rb deleted file mode 100644 index 9de79db84..000000000 --- a/ironic/spec/classes/ironic_logging_spec.rb +++ /dev/null @@ -1,143 +0,0 @@ -require 'spec_helper' - -describe 'ironic::logging' do - - let :params do - { - } - end - - let :log_params do - { - :logging_context_format_string => '%(asctime)s.%(msecs)03d %(process)d %(levelname)s %(name)s [%(request_id)s %(user_identity)s] %(instance)s%(message)s', - :logging_default_format_string => '%(asctime)s.%(msecs)03d %(process)d %(levelname)s %(name)s [-] %(instance)s%(message)s', - :logging_debug_format_suffix => '%(funcName)s %(pathname)s:%(lineno)d', - :logging_exception_prefix => '%(asctime)s.%(msecs)03d %(process)d TRACE %(name)s %(instance)s', - :log_config_append => '/etc/ironic/logging.conf', - :publish_errors => true, - :default_log_levels => { - 'amqp' => 'WARN', 'amqplib' => 'WARN', 'boto' => 'WARN', - 'qpid' => 'WARN', 'sqlalchemy' => 'WARN', 'suds' => 'INFO', - 'iso8601' => 'WARN', - 'requests.packages.urllib3.connectionpool' => 'WARN' }, - :fatal_deprecations => true, - :instance_format => '[instance: %(uuid)s] ', - :instance_uuid_format => '[instance: %(uuid)s] ', - :log_date_format => '%Y-%m-%d %H:%M:%S', - :use_syslog => true, - :use_stderr => false, - :log_facility => 'LOG_FOO', - :log_dir => '/var/log', - :verbose => true, - :debug => true, - } - end - - shared_examples_for 'ironic-logging' do - - context 'with basic logging options and default settings' do - it_configures 'basic default logging settings' - end - - context 'with basic logging options and non-default settings' do - before { params.merge!( log_params ) } - it_configures 'basic non-default logging settings' - end - - context 'with extended logging options' do - before { params.merge!( log_params ) } - it_configures 'logging params set' - end - - context 'without extended logging options' do - it_configures 'logging params unset' - end - - end - - shared_examples 'basic default logging settings' do - it 'configures ironic logging settins with default values' do - is_expected.to contain_ironic_config('DEFAULT/use_syslog').with(:value => '') - is_expected.to contain_ironic_config('DEFAULT/use_stderr').with(:value => '') - is_expected.to contain_ironic_config('DEFAULT/log_dir').with(:value => '/var/log/ironic') - is_expected.to contain_ironic_config('DEFAULT/verbose').with(:value => '') - is_expected.to contain_ironic_config('DEFAULT/debug').with(:value => '') - end - end - - shared_examples 'basic non-default logging settings' do - it 'configures ironic logging settins with non-default values' do - is_expected.to contain_ironic_config('DEFAULT/use_syslog').with(:value => 'true') - is_expected.to contain_ironic_config('DEFAULT/use_stderr').with(:value => 'false') - is_expected.to contain_ironic_config('DEFAULT/syslog_log_facility').with(:value => 'LOG_FOO') - is_expected.to contain_ironic_config('DEFAULT/log_dir').with(:value => '/var/log') - is_expected.to contain_ironic_config('DEFAULT/verbose').with(:value => 'true') - is_expected.to contain_ironic_config('DEFAULT/debug').with(:value => 'true') - end - end - - shared_examples_for 'logging params set' do - it 'enables logging params' do - is_expected.to contain_ironic_config('DEFAULT/logging_context_format_string').with_value( - '%(asctime)s.%(msecs)03d %(process)d %(levelname)s %(name)s [%(request_id)s %(user_identity)s] %(instance)s%(message)s') - - is_expected.to contain_ironic_config('DEFAULT/logging_default_format_string').with_value( - '%(asctime)s.%(msecs)03d %(process)d %(levelname)s %(name)s [-] %(instance)s%(message)s') - - is_expected.to contain_ironic_config('DEFAULT/logging_debug_format_suffix').with_value( - '%(funcName)s %(pathname)s:%(lineno)d') - - is_expected.to contain_ironic_config('DEFAULT/logging_exception_prefix').with_value( - '%(asctime)s.%(msecs)03d %(process)d TRACE %(name)s %(instance)s') - - is_expected.to contain_ironic_config('DEFAULT/log_config_append').with_value( - '/etc/ironic/logging.conf') - is_expected.to contain_ironic_config('DEFAULT/publish_errors').with_value( - true) - - is_expected.to contain_ironic_config('DEFAULT/default_log_levels').with_value( - 'amqp=WARN,amqplib=WARN,boto=WARN,iso8601=WARN,qpid=WARN,requests.packages.urllib3.connectionpool=WARN,sqlalchemy=WARN,suds=INFO') - - is_expected.to contain_ironic_config('DEFAULT/fatal_deprecations').with_value( - true) - - is_expected.to contain_ironic_config('DEFAULT/instance_format').with_value( - '[instance: %(uuid)s] ') - - is_expected.to contain_ironic_config('DEFAULT/instance_uuid_format').with_value( - '[instance: %(uuid)s] ') - - is_expected.to contain_ironic_config('DEFAULT/log_date_format').with_value( - '%Y-%m-%d %H:%M:%S') - end - end - - - shared_examples_for 'logging params unset' do - [ :logging_context_format_string, :logging_default_format_string, - :logging_debug_format_suffix, :logging_exception_prefix, - :log_config_append, :publish_errors, - :default_log_levels, :fatal_deprecations, - :instance_format, :instance_uuid_format, - :log_date_format, ].each { |param| - it { is_expected.to contain_ironic_config("DEFAULT/#{param}").with_value('') } - } - end - - context 'on Debian platforms' do - let :facts do - @default_facts.merge({ :osfamily => 'Debian' }) - end - - it_configures 'ironic-logging' - end - - context 'on RedHat platforms' do - let :facts do - @default_facts.merge({ :osfamily => 'RedHat' }) - end - - it_configures 'ironic-logging' - end - -end diff --git a/ironic/spec/classes/ironic_policy_spec.rb b/ironic/spec/classes/ironic_policy_spec.rb deleted file mode 100644 index 7d5cba9da..000000000 --- a/ironic/spec/classes/ironic_policy_spec.rb +++ /dev/null @@ -1,41 +0,0 @@ -require 'spec_helper' - -describe 'ironic::policy' do - - shared_examples_for 'ironic policies' do - let :params do - { - :policy_path => '/etc/ironic/policy.json', - :policies => { - 'context_is_admin' => { - 'key' => 'context_is_admin', - 'value' => 'foo:bar' - } - } - } - end - - it 'set up the policies' do - is_expected.to contain_openstacklib__policy__base('context_is_admin').with({ - :key => 'context_is_admin', - :value => 'foo:bar' - }) - end - end - - context 'on Debian platforms' do - let :facts do - @default_facts.merge({ :osfamily => 'Debian' }) - end - - it_configures 'ironic policies' - end - - context 'on RedHat platforms' do - let :facts do - @default_facts.merge({ :osfamily => 'RedHat' }) - end - - it_configures 'ironic policies' - end -end diff --git a/ironic/spec/classes/ironic_wsgi_apache_spec.rb b/ironic/spec/classes/ironic_wsgi_apache_spec.rb deleted file mode 100644 index 965f3be0d..000000000 --- a/ironic/spec/classes/ironic_wsgi_apache_spec.rb +++ /dev/null @@ -1,124 +0,0 @@ -require 'spec_helper' - -describe 'ironic::wsgi::apache' do - - let :global_facts do - { - :processorcount => 42, - :concat_basedir => '/var/lib/puppet/concat', - :fqdn => 'some.host.tld' - } - end - - shared_examples_for 'apache serving ironic with mod_wsgi' do - it { is_expected.to contain_service('httpd').with_name(platform_parameters[:httpd_service_name]) } - it { is_expected.to contain_class('ironic::params') } - it { is_expected.to contain_class('apache') } - it { is_expected.to contain_class('apache::mod::wsgi') } - - describe 'with default parameters' do - - it { is_expected.to contain_file("#{platform_parameters[:wsgi_script_path]}").with( - 'ensure' => 'directory', - 'owner' => 'ironic', - 'group' => 'ironic', - 'require' => 'Package[httpd]' - )} - - - it { is_expected.to contain_file('ironic_wsgi').with( - 'ensure' => 'file', - 'path' => "#{platform_parameters[:wsgi_script_path]}/app", - 'source' => "#{platform_parameters[:wsgi_script_source]}", - 'owner' => 'ironic', - 'group' => 'ironic', - 'mode' => '0644' - )} - it { is_expected.to contain_file('ironic_wsgi').that_requires("File[#{platform_parameters[:wsgi_script_path]}]") } - - it { is_expected.to contain_apache__vhost('ironic_wsgi').with( - 'servername' => 'some.host.tld', - 'ip' => nil, - 'port' => '6385', - 'docroot' => "#{platform_parameters[:wsgi_script_path]}", - 'docroot_owner' => 'ironic', - 'docroot_group' => 'ironic', - 'ssl' => 'true', - 'wsgi_daemon_process' => 'ironic', - 'wsgi_process_group' => 'ironic', - 'wsgi_script_aliases' => { '/' => "#{platform_parameters[:wsgi_script_path]}/app" }, - 'require' => 'File[ironic_wsgi]' - )} - it { is_expected.to contain_file("#{platform_parameters[:httpd_ports_file]}") } - end - - describe 'when overriding parameters using different ports' do - let :params do - { - :servername => 'dummy.host', - :bind_host => '10.42.51.1', - :port => 12345, - :ssl => false, - :workers => 37, - } - end - - it { is_expected.to contain_apache__vhost('ironic_wsgi').with( - 'servername' => 'dummy.host', - 'ip' => '10.42.51.1', - 'port' => '12345', - 'docroot' => "#{platform_parameters[:wsgi_script_path]}", - 'docroot_owner' => 'ironic', - 'docroot_group' => 'ironic', - 'ssl' => 'false', - 'wsgi_daemon_process' => 'ironic', - 'wsgi_process_group' => 'ironic', - 'wsgi_script_aliases' => { '/' => "#{platform_parameters[:wsgi_script_path]}/app" }, - 'require' => 'File[ironic_wsgi]' - )} - - it { is_expected.to contain_file("#{platform_parameters[:httpd_ports_file]}") } - end - end - - context 'on RedHat platforms' do - let :facts do - global_facts.merge({ - :osfamily => 'RedHat', - :operatingsystemrelease => '7.0' - }) - end - - let :platform_parameters do - { - :httpd_service_name => 'httpd', - :httpd_ports_file => '/etc/httpd/conf/ports.conf', - :wsgi_script_path => '/var/www/cgi-bin/ironic', - :wsgi_script_source => '/usr/lib/python2.7/site-packages/ironic/api/app.wsgi', - } - end - - it_configures 'apache serving ironic with mod_wsgi' - end - - context 'on Debian platforms' do - let :facts do - global_facts.merge({ - :osfamily => 'Debian', - :operatingsystem => 'Debian', - :operatingsystemrelease => '7.0' - }) - end - - let :platform_parameters do - { - :httpd_service_name => 'apache2', - :httpd_ports_file => '/etc/apache2/ports.conf', - :wsgi_script_path => '/usr/lib/cgi-bin/ironic', - :wsgi_script_source => '/usr/lib/python2.7/dist-packages/ironic/api/app.wsgi', - } - end - - it_configures 'apache serving ironic with mod_wsgi' - end -end diff --git a/ironic/spec/shared_examples.rb b/ironic/spec/shared_examples.rb deleted file mode 100644 index fec0eacc9..000000000 --- a/ironic/spec/shared_examples.rb +++ /dev/null @@ -1,5 +0,0 @@ -shared_examples_for "a Puppet::Error" do |description| - it "with message matching #{description.inspect}" do - expect { is_expected.to have_class_count(1) }.to raise_error(Puppet::Error, description) - end -end diff --git a/ironic/spec/spec_helper.rb b/ironic/spec/spec_helper.rb deleted file mode 100644 index be3811cf2..000000000 --- a/ironic/spec/spec_helper.rb +++ /dev/null @@ -1,18 +0,0 @@ -require 'puppetlabs_spec_helper/module_spec_helper' -require 'shared_examples' - -require 'puppet-openstack_spec_helper/defaults' -require 'rspec-puppet-facts' -include RspecPuppetFacts - -RSpec.configure do |c| - c.alias_it_should_behave_like_to :it_configures, 'configures' - c.alias_it_should_behave_like_to :it_raises, 'raises' - # TODO(aschultz): remove this after all tests converted to use OSDefaults - # instead of referencing @default_facts - c.before :each do - @default_facts = OSDefaults.get_facts - end -end - -at_exit { RSpec::Puppet::Coverage.report! } diff --git a/ironic/spec/spec_helper_acceptance.rb b/ironic/spec/spec_helper_acceptance.rb deleted file mode 100644 index 9196bc99b..000000000 --- a/ironic/spec/spec_helper_acceptance.rb +++ /dev/null @@ -1 +0,0 @@ -require 'puppet-openstack_spec_helper/beaker_spec_helper' diff --git a/ironic/spec/unit/provider/ironic_api_paste_ini/ini_setting_spec.rb b/ironic/spec/unit/provider/ironic_api_paste_ini/ini_setting_spec.rb deleted file mode 100644 index 977a79ffa..000000000 --- a/ironic/spec/unit/provider/ironic_api_paste_ini/ini_setting_spec.rb +++ /dev/null @@ -1,29 +0,0 @@ -# -# these tests are a little concerning b/c they are hacking around the -# modulepath, so these tests will not catch issues that may eventually arise -# related to loading these plugins. -# I could not, for the life of me, figure out how to programatcally set the modulepath -$LOAD_PATH.push( - File.join( - File.dirname(__FILE__), - '..', - '..', - '..', - 'fixtures', - 'modules', - 'inifile', - 'lib') -) -require 'spec_helper' -provider_class = Puppet::Type.type(:ironic_api_paste_ini).provider(:ini_setting) -describe provider_class do - - it 'should allow setting to be set explicitly' do - resource = Puppet::Type::Ironic_api_paste_ini.new( - {:name => 'dude/foo', :value => 'bar'} - ) - provider = provider_class.new(resource) - expect(provider.section).to eq('dude') - expect(provider.setting).to eq('foo') - end -end diff --git a/ironic/spec/unit/provider/ironic_config/ini_setting_spec.rb b/ironic/spec/unit/provider/ironic_config/ini_setting_spec.rb deleted file mode 100644 index 5ea779a58..000000000 --- a/ironic/spec/unit/provider/ironic_config/ini_setting_spec.rb +++ /dev/null @@ -1,71 +0,0 @@ -$LOAD_PATH.push( - File.join( - File.dirname(__FILE__), - '..', - '..', - '..', - 'fixtures', - 'modules', - 'inifile', - 'lib') -) -$LOAD_PATH.push( - File.join( - File.dirname(__FILE__), - '..', - '..', - '..', - 'fixtures', - 'modules', - 'openstacklib', - 'lib') -) - -require 'spec_helper' - -provider_class = Puppet::Type.type(:ironic_config).provider(:ini_setting) - -describe provider_class do - - it 'should default to the default setting when no other one is specified' do - resource = Puppet::Type::Ironic_config.new( - { - :name => 'DEFAULT/foo', - :value => 'bar' - } - ) - provider = provider_class.new(resource) - expect(provider.section).to eq('DEFAULT') - expect(provider.setting).to eq('foo') - end - - it 'should allow setting to be set explicitly' do - resource = Puppet::Type::Ironic_config.new( - { - :name => 'dude/foo', - :value => 'bar' - } - ) - provider = provider_class.new(resource) - expect(provider.section).to eq('dude') - expect(provider.setting).to eq('foo') - end - - it 'should ensure absent when is specified as a value' do - resource = Puppet::Type::Ironic_config.new( - {:name => 'dude/foo', :value => ''} - ) - provider = provider_class.new(resource) - provider.exists? - expect(resource[:ensure]).to eq :absent - end - - it 'should ensure absent when value matches ensure_absent_val' do - resource = Puppet::Type::Ironic_config.new( - {:name => 'dude/foo', :value => 'foo', :ensure_absent_val => 'foo' } - ) - provider = provider_class.new(resource) - provider.exists? - expect(resource[:ensure]).to eq :absent - end -end diff --git a/ironic/spec/unit/provider/ironic_inspector_config/ini_setting_spec.rb b/ironic/spec/unit/provider/ironic_inspector_config/ini_setting_spec.rb deleted file mode 100644 index edf780605..000000000 --- a/ironic/spec/unit/provider/ironic_inspector_config/ini_setting_spec.rb +++ /dev/null @@ -1,71 +0,0 @@ -$LOAD_PATH.push( - File.join( - File.dirname(__FILE__), - '..', - '..', - '..', - 'fixtures', - 'modules', - 'inifile', - 'lib') -) -$LOAD_PATH.push( - File.join( - File.dirname(__FILE__), - '..', - '..', - '..', - 'fixtures', - 'modules', - 'openstacklib', - 'lib') -) - -require 'spec_helper' - -provider_class = Puppet::Type.type(:ironic_inspector_config).provider(:ini_setting) - -describe provider_class do - - it 'should default to the default setting when no other one is specified' do - resource = Puppet::Type::Ironic_inspector_config.new( - { - :name => 'DEFAULT/foo', - :value => 'bar' - } - ) - provider = provider_class.new(resource) - expect(provider.section).to eq('DEFAULT') - expect(provider.setting).to eq('foo') - end - - it 'should allow setting to be set explicitly' do - resource = Puppet::Type::Ironic_inspector_config.new( - { - :name => 'dude/foo', - :value => 'bar' - } - ) - provider = provider_class.new(resource) - expect(provider.section).to eq('dude') - expect(provider.setting).to eq('foo') - end - - it 'should ensure absent when is specified as a value' do - resource = Puppet::Type::Ironic_inspector_config.new( - {:name => 'dude/foo', :value => ''} - ) - provider = provider_class.new(resource) - provider.exists? - expect(resource[:ensure]).to eq :absent - end - - it 'should ensure absent when value matches ensure_absent_val' do - resource = Puppet::Type::Ironic_inspector_config.new( - {:name => 'dude/foo', :value => 'foo', :ensure_absent_val => 'foo' } - ) - provider = provider_class.new(resource) - provider.exists? - expect(resource[:ensure]).to eq :absent - end -end diff --git a/ironic/spec/unit/provider/ironic_spec.rb b/ironic/spec/unit/provider/ironic_spec.rb deleted file mode 100644 index edab35810..000000000 --- a/ironic/spec/unit/provider/ironic_spec.rb +++ /dev/null @@ -1,111 +0,0 @@ -require 'puppet' -require 'spec_helper' -require 'puppet/provider/ironic' -require 'tempfile' - -describe Puppet::Provider::Ironic do - - def klass - described_class - end - - let :credential_hash do - { - 'auth_host' => '192.168.56.210', - 'auth_port' => '35357', - 'auth_protocol' => 'https', - 'admin_tenant_name' => 'admin_tenant', - 'admin_user' => 'admin', - 'admin_password' => 'password', - } - end - - let :auth_endpoint do - 'https://192.168.56.210:35357/v2.0/' - end - - let :credential_error do - /Ironic types will not work/ - end - - after :each do - klass.reset - end - - describe 'when determining credentials' do - - it 'should fail if config is empty' do - conf = {} - klass.expects(:ironic_conf).returns(conf) - expect do - klass.ironic_credentials - end.to raise_error(Puppet::Error, credential_error) - end - - it 'should fail if config does not have keystone_authtoken section.' do - conf = {'foo' => 'bar'} - klass.expects(:ironic_conf).returns(conf) - expect do - klass.ironic_credentials - end.to raise_error(Puppet::Error, credential_error) - end - - it 'should fail if config does not contain all auth params' do - conf = {'keystone_authtoken' => {'invalid_value' => 'foo'}} - klass.expects(:ironic_conf).returns(conf) - expect do - klass.ironic_credentials - end.to raise_error(Puppet::Error, credential_error) - end - - it 'should use specified host/port/protocol in the auth endpoint' do - conf = {'keystone_authtoken' => credential_hash} - klass.expects(:ironic_conf).returns(conf) - expect(klass.get_auth_endpoint).to eq(auth_endpoint) - end - - end - - describe 'when invoking the ironic cli' do - - it 'should set auth credentials in the environment' do - authenv = { - :OS_AUTH_URL => auth_endpoint, - :OS_USERNAME => credential_hash['admin_user'], - :OS_TENANT_NAME => credential_hash['admin_tenant_name'], - :OS_PASSWORD => credential_hash['admin_password'], - } - klass.expects(:get_ironic_credentials).with().returns(credential_hash) - klass.expects(:withenv).with(authenv) - klass.auth_ironic('test_retries') - end - - ['[Errno 111] Connection refused', - '(HTTP 400)'].reverse.each do |valid_message| - it "should retry when ironic cli returns with error #{valid_message}" do - klass.expects(:get_ironic_credentials).with().returns({}) - klass.expects(:sleep).with(10).returns(nil) - klass.expects(:ironic).twice.with(['test_retries']).raises( - Exception, valid_message).then.returns('') - klass.auth_ironic('test_retries') - end - end - - end - - describe 'when listing ironic resources' do - - it 'should exclude the column header' do - output = <<-EOT - id - net1 - net2 - EOT - klass.expects(:auth_ironic).returns(output) - result = klass.list_ironic_resources('foo') - expect(result).to eql(['net1', 'net2']) - end - - end - -end diff --git a/ironic/spec/unit/type/ironic_api_paste_ini_spec.rb b/ironic/spec/unit/type/ironic_api_paste_ini_spec.rb deleted file mode 100644 index 8b54fa58e..000000000 --- a/ironic/spec/unit/type/ironic_api_paste_ini_spec.rb +++ /dev/null @@ -1,34 +0,0 @@ -require 'spec_helper' -# this hack is required for now to ensure that the path is set up correctly -# to retrive the parent provider -$LOAD_PATH.push( - File.join( - File.dirname(__FILE__), - '..', - '..', - 'fixtures', - 'modules', - 'inifile', - 'lib') -) -require 'puppet/type/ironic_api_paste_ini' -describe 'Puppet::Type.type(:ironic_api_paste_ini)' do - before :each do - @ironic_api_paste_ini = Puppet::Type.type(:ironic_api_paste_ini).new(:name => 'DEFAULT/foo', :value => 'bar') - end - it 'should accept a valid value' do - @ironic_api_paste_ini[:value] = 'bar' - expect(@ironic_api_paste_ini[:value]).to eq('bar') - end - - it 'should autorequire the package that install the file' do - catalog = Puppet::Resource::Catalog.new - package = Puppet::Type.type(:package).new(:name => 'ironic') - catalog.add_resource package, @ironic_api_paste_ini - dependency = @ironic_api_paste_ini.autorequire - expect(dependency.size).to eq(1) - expect(dependency[0].target).to eq(@ironic_api_paste_ini) - expect(dependency[0].source).to eq(package) - end - -end diff --git a/ironic/spec/unit/type/ironic_config_spec.rb b/ironic/spec/unit/type/ironic_config_spec.rb deleted file mode 100644 index 7b7a3737b..000000000 --- a/ironic/spec/unit/type/ironic_config_spec.rb +++ /dev/null @@ -1,19 +0,0 @@ -require 'puppet' -require 'puppet/type/ironic_config' - -describe 'Puppet::Type.type(:ironic_config)' do - before :each do - @ironic_config = Puppet::Type.type(:ironic_config).new(:name => 'DEFAULT/foo', :value => 'bar') - end - - it 'should autorequire the package that install the file' do - catalog = Puppet::Resource::Catalog.new - package = Puppet::Type.type(:package).new(:name => 'ironic-common') - catalog.add_resource package, @ironic_config - dependency = @ironic_config.autorequire - expect(dependency.size).to eq(1) - expect(dependency[0].target).to eq(@ironic_config) - expect(dependency[0].source).to eq(package) - end - -end diff --git a/ironic/spec/unit/type/ironic_inspector_config_spec.rb b/ironic/spec/unit/type/ironic_inspector_config_spec.rb deleted file mode 100644 index 5d37e35fd..000000000 --- a/ironic/spec/unit/type/ironic_inspector_config_spec.rb +++ /dev/null @@ -1,19 +0,0 @@ -require 'puppet' -require 'puppet/type/ironic_inspector_config' - -describe 'Puppet::Type.type(:ironic_inspector_config)' do - before :each do - @ironic_inspector_config = Puppet::Type.type(:ironic_inspector_config).new(:name => 'DEFAULT/foo', :value => 'bar') - end - - it 'should autorequire the package that install the file' do - catalog = Puppet::Resource::Catalog.new - package = Puppet::Type.type(:package).new(:name => 'ironic-inspector') - catalog.add_resource package, @ironic_inspector_config - dependency = @ironic_inspector_config.autorequire - expect(dependency.size).to eq(1) - expect(dependency[0].target).to eq(@ironic_inspector_config) - expect(dependency[0].source).to eq(package) - end - -end diff --git a/ironic/templates/baremetal.json.erb b/ironic/templates/baremetal.json.erb deleted file mode 100644 index 9f5bd9c3d..000000000 --- a/ironic/templates/baremetal.json.erb +++ /dev/null @@ -1,3 +0,0 @@ -{ -<%= @baremetal_json_hosts %> -} diff --git a/ironic/templates/bifrost_global_vars.erb b/ironic/templates/bifrost_global_vars.erb deleted file mode 100644 index 0284ca5a7..000000000 --- a/ironic/templates/bifrost_global_vars.erb +++ /dev/null @@ -1,44 +0,0 @@ ---- -ironic_url: <%= @ironic_url %> -network_interface: <%= @network_interface %> -# ironic_db_password ironic user password for rabbit -ironic_db_password: <%= @ironic_db_password %> -# mysql_password: mysql root user password -mysql_password: <%= @mysql_password %> -# If testing is true, then the environment is setup for using libvirt -# virtual machines for the hardware instead of real hardware. -# testing: true -# -# Normally this user should be ubuntu, however if cirros is used, -# a user may wish to define a specific user for testing VM -# connectivity during atest sequence -testing: <%= @testing %> -testing_user: <%= @testing_user %> -http_boot_folder: <%= @http_boot_folder %> -nginx_port: <%= @nginx_port %> -ssh_public_key_path: <%= @ssh_public_key_path %> -deploy_kernel: <%= @deploy_kernel %> -deploy_ramdisk: <%= @deploy_ramdisk %> -deploy_kernel_url: <%= @deploy_kernel_url %> -deploy_ramdisk_url: <%= @deploy_ramdisk_url %> -# When using disk image builder based image generation, which is the -# default at this time, the deploy_image_filename must end with .qcow2 -# due to the image creation process. -deploy_image_filename: <%= @deploy_image_filename %> -deploy_image: <%= @deploy_image %> -# Setting to utilize diskimage-builder to create a bootable image. -create_image_via_dib: <%= @create_image_via_dib %> -# Transform boot image is intended for use with the Ubuntu trusty image. It makes the image bootable by installing Grub. -# Setting to prepend a partition image with a boot sector and partition table. -transform_boot_image: <%= @transform_boot_image %> -node_default_network_interface: <%= @node_default_network_interface %> -# ipv4_subnet_mask is intended for the static ipv4 address assignments. -ipv4_subnet_mask: <%= @ipv4_subnet_mask %> -ipv4_gateway: <%= @ipv4_gateway %> -ipv4_nameserver: <%= @ipv4_nameserver %> -network_mtu: <%= @network_mtu %> -dhcp_pool_start: <%= @dhcp_pool_start %> -dhcp_pool_end: <%= @dhcp_pool_end %> -# ipmi_bridging: Default undefined. Valid values: "no", "single", and "dual" -# See http://docs.openstack.org/developer/ironic/_modules/ironic/drivers/modules/ipmitool.html -ipmi_bridging: <%= @ipmi_bridging %> diff --git a/ironic/templates/inspector_dnsmasq_http.erb b/ironic/templates/inspector_dnsmasq_http.erb deleted file mode 100644 index 132a5f5b5..000000000 --- a/ironic/templates/inspector_dnsmasq_http.erb +++ /dev/null @@ -1,19 +0,0 @@ -port=0 -interface=<%= @dnsmasq_interface %> -bind-interfaces -dhcp-range=<%= @dnsmasq_ip_range %>,29 -enable-tftp -tftp-root=/tftpboot -dhcp-sequential-ip -dhcp-match=ipxe,175 -<% if @enable_uefi -%> -dhcp-match=set:efi,option:client-arch,7 -<% end -%> -# Client is running iPXE; move to next stage of chainloading -dhcp-boot=tag:ipxe,http://<%= @dnsmasq_local_ip %>:8088/inspector.ipxe -<% if @enable_uefi -%> -# Client is running PXE over EFI; send EFI version of iPXE chainloader -dhcp-boot=tag:efi,ipxe.efi -# Client is running PXE over BIOS; send BIOS version of iPXE chainloader -<% end -%> -dhcp-boot=undionly.kpxe,localhost.localdomain,<%= @dnsmasq_local_ip %> diff --git a/ironic/templates/inspector_dnsmasq_tftp.erb b/ironic/templates/inspector_dnsmasq_tftp.erb deleted file mode 100644 index 6583f48c3..000000000 --- a/ironic/templates/inspector_dnsmasq_tftp.erb +++ /dev/null @@ -1,8 +0,0 @@ -port=0 -interface=<%= @dnsmasq_interface %> -bind-interfaces -dhcp-range=<%= @dnsmasq_ip_range %>,29 -enable-tftp -tftp-root=/tftpboot -dhcp-boot=pxelinux.0,localhost.localdomain,<%= @dnsmasq_local_ip %> -dhcp-sequential-ip diff --git a/ironic/templates/inspector_ipxe.erb b/ironic/templates/inspector_ipxe.erb deleted file mode 100644 index b14016608..000000000 --- a/ironic/templates/inspector_ipxe.erb +++ /dev/null @@ -1,10 +0,0 @@ -#!ipxe - -:retry_dhcp -dhcp || goto retry_dhcp - -:retry_boot -imgfree -kernel <% if @ipxe_timeout != "0" %>--timeout <%= Integer(@ipxe_timeout) * 1000 %> <% end %>http://<%= @dnsmasq_local_ip %>:8088/agent.kernel ipa-inspection-callback-url=http://<%= @dnsmasq_local_ip %>:5050/v1/continue ipa-inspection-collectors=<%= @ramdisk_collectors %> systemd.journald.forward_to_console=yes BOOTIF=${mac} <%= @ramdisk_kernel_args %> initrd=agent.ramdisk || goto retry_boot -initrd <% if @ipxe_timeout != "0" %>--timeout <%= Integer(@ipxe_timeout) * 1000 %> <% end %>http://<%= @dnsmasq_local_ip %>:8088/agent.ramdisk || goto retry_boot -boot diff --git a/ironic/templates/inspector_pxelinux_cfg.erb b/ironic/templates/inspector_pxelinux_cfg.erb deleted file mode 100644 index 0e5c27b5d..000000000 --- a/ironic/templates/inspector_pxelinux_cfg.erb +++ /dev/null @@ -1,6 +0,0 @@ -default inspector - -label inspector -kernel agent.kernel -append initrd=agent.ramdisk ipa-inspection-callback-url=http://<%= @dnsmasq_local_ip %>:5050/v1/continue ipa-inspection-collectors=<%= @ramdisk_collectors %> systemd.journald.forward_to_console=yes <%= @ramdisk_kernel_args %> -ipappend 3 diff --git a/ironic/test-requirements.txt b/ironic/test-requirements.txt deleted file mode 100644 index bedd66690..000000000 --- a/ironic/test-requirements.txt +++ /dev/null @@ -1,4 +0,0 @@ -# this is required for the docs build jobs -sphinx!=1.2.0,!=1.3b1,<1.3,>=1.1.2 -oslosphinx>=2.5.0 # Apache-2.0 -reno>=0.1.1 # Apache-2.0 diff --git a/ironic/tox.ini b/ironic/tox.ini deleted file mode 100644 index aea06c84f..000000000 --- a/ironic/tox.ini +++ /dev/null @@ -1,8 +0,0 @@ -[tox] -minversion = 1.6 -skipsdist = True -envlist = releasenotes - -[testenv:releasenotes] -deps = -rtest-requirements.txt -commands = sphinx-build -a -E -W -d releasenotes/build/doctrees -b html releasenotes/source releasenotes/build/html diff --git a/java/.fixtures.yml b/java/.fixtures.yml deleted file mode 100644 index a17bd0e09..000000000 --- a/java/.fixtures.yml +++ /dev/null @@ -1,5 +0,0 @@ -fixtures: - repositories: - stdlib: "git://github.com/puppetlabs/puppetlabs-stdlib.git" - symlinks: - java: "#{source_dir}" diff --git a/java/.gitignore b/java/.gitignore deleted file mode 100644 index b5db85e05..000000000 --- a/java/.gitignore +++ /dev/null @@ -1,9 +0,0 @@ -pkg/ -Gemfile.lock -vendor/ -spec/fixtures/ -.vagrant/ -.bundle/ -coverage/ -.idea/ -*.iml diff --git a/java/.sync.yml b/java/.sync.yml deleted file mode 100644 index 3dd0ca092..000000000 --- a/java/.sync.yml +++ /dev/null @@ -1,7 +0,0 @@ ---- -.travis.yml: - extras: - - rvm: 1.8.7 - env: PUPPET_GEM_VERSION="~> 2.7.0" FACTER_GEM_VERSION="~> 1.6.0" - - rvm: 1.8.7 - env: PUPPET_GEM_VERSION="~> 2.7.0" FACTER_GEM_VERSION="~> 1.7.0" diff --git a/java/.travis.yml b/java/.travis.yml deleted file mode 100644 index 7e8ed57bb..000000000 --- a/java/.travis.yml +++ /dev/null @@ -1,24 +0,0 @@ ---- -sudo: false -language: ruby -bundler_args: --without system_tests -script: "bundle exec rake validate && bundle exec rake lint && bundle exec rake spec SPEC_OPTS='--format documentation'" -matrix: - fast_finish: true - include: - - rvm: 1.8.7 - env: PUPPET_GEM_VERSION="~> 3.0" - - rvm: 1.9.3 - env: PUPPET_GEM_VERSION="~> 3.0" - - rvm: 2.1.5 - env: PUPPET_GEM_VERSION="~> 3.0" - - rvm: 2.1.5 - env: PUPPET_GEM_VERSION="~> 3.0" FUTURE_PARSER="yes" - - rvm: 2.1.6 - env: PUPPET_GEM_VERSION="~> 4.0" STRICT_VARIABLES="yes" - - rvm: 1.8.7 - env: PUPPET_GEM_VERSION="~> 2.7.0" FACTER_GEM_VERSION="~> 1.6.0" - - rvm: 1.8.7 - env: PUPPET_GEM_VERSION="~> 2.7.0" FACTER_GEM_VERSION="~> 1.7.0" -notifications: - email: false diff --git a/java/CHANGELOG.md b/java/CHANGELOG.md deleted file mode 100644 index 884dfecd7..000000000 --- a/java/CHANGELOG.md +++ /dev/null @@ -1,164 +0,0 @@ -## 2015-10-07 - Supported Release 1.4.2 -### Summary -This release fixes the fact to not trigger java every time on OS X when it is not available. - -#### Bugfixes -- Causes java\_version fact to not run `java` when java is not installed on OS X - -## 2015-07-16 - Supported Release 1.4.1 -### Summary -This release updates the metadata for the upcoming release of PE and update params for OEL to match metadata - -#### Bugfixes: -- Add missing OEL to params - -##2015-07-07 - Supported Release 1.4.0 -###Summary -This release adds several new features, bugfixes, documentation updates, and test improvements. - -####Features: -- Puppet 4 support and testing -- Adds support for several Operating Systems - - Ubuntu 15.04 - - OpenBSD 5.6, 5.7 - - Fedora 20, 21, 22 - -####Bugfixes: -- Fixes java_version fact to work on large systems. (MODULES-1749) -- Improves maintainability of java_version fact. -- Fixes java package names on Fedora 21+. -- Fixes java install problems on Puppet 3.7.5 - 3.8.1 (PUP-4520) -- Fixes create-java-alternatives commands on RedHat distros. -- Fixes bug with Debian systems missing java-common package. - -##2015-01-20 - Supported Release 1.3.0 -###Summary -This release adds 3 new facts for determining Java version, adds RHEL alternatives support, adds utopic support, and fixes the flag for `update-java-alternatives` when installed from a headless pacakge. - -####Features -- Added RHEL support for alternatives -- New facts - - java_major_version - - java_patch_level - - java_version -- Add support for utopic - -####Bugfixes -- Use `--jre-headless` in the `update-java-alternatives` command when installed from a `headless` package - -##2014-11-11 - Supported Version 1.2.0 - -###Summary: -This release adds SLES 12 support and is tested for Future Parser Support - -####Bugfixes: -- Several readme updates -- Testcase flexability increased - -####Features: -- Add SLES 12 support -- Future Parser tested -- Validated against PE 3.7 - -##2014-08-25 - Supported Version 1.1.2 - -###Summary: -This release begins the support coverage of the puppetlabs-java module. - -###Bugfixes: -- Update java alternative values from deprecated names -- Readme updated -- Testing updated - -##2014-05-02 - Version 1.1.1 - -###Summary: - -Add support for new versions of Debian and Ubuntu! - -####Features: -- Add support for Ubuntu Trusty (14.04) -- Add support for Debian Jessie (8.x) - -##2014-01-06 - Version 1.1.0 - -####Summary: - -Primarily a release for Ubuntu users! - -####Features: -- Add support for Ubuntu Saucy (13.10) -- Add `java_home` parameter for centralized setting of JAVA_HOME. -- Add Scientific Linux - -###Bugfixes: -- Plus signs are valid in debian/ubuntu package names. - -##2013-08-01 - Version 1.0.1 - -Matthaus Owens -* Update java packages for Fedora systems - -##2013-07-29 - Version 1.0.0 - -####Detailed Changes - -Krzysztof Suszyński -* Adding support for Oracle Enterprise Linux - -Peter Drake -* Add support for natty - -Robert Munteanu -* Add support for OpenSUSE - -Martin Jackson -* Added support Amazon Linux using facter >= 1.7.x - -Gareth Rushgrove -Brett Porter -* Fixes for older versions of CentOS -* Improvements to module build and tests - -Nathan R Valentine -* Add support for Ubuntu quantal and raring - -Sharif Nassar -* Add support for Debian alternatives, and more than one JDK/JRE per platform. - -##2013-04-04 - Version 0.3.0 -Reid Vandewiele - -* Refactor, introduce params pattern - -##2012-11-15 - Version 0.2.0 -Scott Schneider -* Add Solaris support - -##2011-06-16 - Version 0.1.5 -Jeff McCune -* Add Debian based distro (Lucid) support - -##2011-06-02 - Version 0.1.4 -Jeff McCune -* Fix class composition ordering problems - -##2011-05-28 - Version 0.1.3 -Jeff McCune -* Remove stages - -##2011-05-26 - Version 0.1.2 -Jeff McCune -* Changes JRE/JDK selection class parameter to $distribution - -##2011-05-25 - Version 0.1.1 -Jeff McCune -* Re-did versioning to follow semantic versioning -* Add validation of class parameters - -##2011-05-24 - Version 0.1.0 -Jeff McCune -* Default to JDK version 6u25 - -##2011-05-24 - Version 0.0.1 -Jeff McCune -* Initial release diff --git a/java/CONTRIBUTING.md b/java/CONTRIBUTING.md deleted file mode 100644 index f1cbde4bb..000000000 --- a/java/CONTRIBUTING.md +++ /dev/null @@ -1,220 +0,0 @@ -Checklist (and a short version for the impatient) -================================================= - - * Commits: - - - Make commits of logical units. - - - Check for unnecessary whitespace with "git diff --check" before - committing. - - - Commit using Unix line endings (check the settings around "crlf" in - git-config(1)). - - - Do not check in commented out code or unneeded files. - - - The first line of the commit message should be a short - description (50 characters is the soft limit, excluding ticket - number(s)), and should skip the full stop. - - - Associate the issue in the message. The first line should include - the issue number in the form "(#XXXX) Rest of message". - - - The body should provide a meaningful commit message, which: - - - uses the imperative, present tense: "change", not "changed" or - "changes". - - - includes motivation for the change, and contrasts its - implementation with the previous behavior. - - - Make sure that you have tests for the bug you are fixing, or - feature you are adding. - - - Make sure the test suites passes after your commit: - `bundle exec rspec spec/acceptance` More information on [testing](#Testing) below - - - When introducing a new feature, make sure it is properly - documented in the README.md - - * Submission: - - * Pre-requisites: - - - Make sure you have a [GitHub account](https://github.com/join) - - - [Create a ticket](https://tickets.puppetlabs.com/secure/CreateIssue!default.jspa), or [watch the ticket](https://tickets.puppetlabs.com/browse/) you are patching for. - - * Preferred method: - - - Fork the repository on GitHub. - - - Push your changes to a topic branch in your fork of the - repository. (the format ticket/1234-short_description_of_change is - usually preferred for this project). - - - Submit a pull request to the repository in the puppetlabs - organization. - -The long version -================ - - 1. Make separate commits for logically separate changes. - - Please break your commits down into logically consistent units - which include new or changed tests relevant to the rest of the - change. The goal of doing this is to make the diff easier to - read for whoever is reviewing your code. In general, the easier - your diff is to read, the more likely someone will be happy to - review it and get it into the code base. - - If you are going to refactor a piece of code, please do so as a - separate commit from your feature or bug fix changes. - - We also really appreciate changes that include tests to make - sure the bug is not re-introduced, and that the feature is not - accidentally broken. - - Describe the technical detail of the change(s). If your - description starts to get too long, that is a good sign that you - probably need to split up your commit into more finely grained - pieces. - - Commits which plainly describe the things which help - reviewers check the patch and future developers understand the - code are much more likely to be merged in with a minimum of - bike-shedding or requested changes. Ideally, the commit message - would include information, and be in a form suitable for - inclusion in the release notes for the version of Puppet that - includes them. - - Please also check that you are not introducing any trailing - whitespace or other "whitespace errors". You can do this by - running "git diff --check" on your changes before you commit. - - 2. Sending your patches - - To submit your changes via a GitHub pull request, we _highly_ - recommend that you have them on a topic branch, instead of - directly on "master". - It makes things much easier to keep track of, especially if - you decide to work on another thing before your first change - is merged in. - - GitHub has some pretty good - [general documentation](http://help.github.com/) on using - their site. They also have documentation on - [creating pull requests](http://help.github.com/send-pull-requests/). - - In general, after pushing your topic branch up to your - repository on GitHub, you can switch to the branch in the - GitHub UI and click "Pull Request" towards the top of the page - in order to open a pull request. - - - 3. Update the related GitHub issue. - - If there is a GitHub issue associated with the change you - submitted, then you should update the ticket to include the - location of your branch, along with any other commentary you - may wish to make. - -Testing -======= - -Getting Started ---------------- - -Our puppet modules provide [`Gemfile`](./Gemfile)s which can tell a ruby -package manager such as [bundler](http://bundler.io/) what Ruby packages, -or Gems, are required to build, develop, and test this software. - -Please make sure you have [bundler installed](http://bundler.io/#getting-started) -on your system, then use it to install all dependencies needed for this project, -by running - -```shell -% bundle install -Fetching gem metadata from https://rubygems.org/........ -Fetching gem metadata from https://rubygems.org/.. -Using rake (10.1.0) -Using builder (3.2.2) --- 8><-- many more --><8 -- -Using rspec-system-puppet (2.2.0) -Using serverspec (0.6.3) -Using rspec-system-serverspec (1.0.0) -Using bundler (1.3.5) -Your bundle is complete! -Use `bundle show [gemname]` to see where a bundled gem is installed. -``` - -NOTE some systems may require you to run this command with sudo. - -If you already have those gems installed, make sure they are up-to-date: - -```shell -% bundle update -``` - -With all dependencies in place and up-to-date we can now run the tests: - -```shell -% rake spec -``` - -This will execute all the [rspec tests](http://rspec-puppet.com/) tests -under [spec/defines](./spec/defines), [spec/classes](./spec/classes), -and so on. rspec tests may have the same kind of dependencies as the -module they are testing. While the module defines in its [Modulefile](./Modulefile), -rspec tests define them in [.fixtures.yml](./fixtures.yml). - -Some puppet modules also come with [beaker](https://github.com/puppetlabs/beaker) -tests. These tests spin up a virtual machine under -[VirtualBox](https://www.virtualbox.org/)) with, controlling it with -[Vagrant](http://www.vagrantup.com/) to actually simulate scripted test -scenarios. In order to run these, you will need both of those tools -installed on your system. - -You can run them by issuing the following command - -```shell -% rake spec_clean -% rspec spec/acceptance -``` - -This will now download a pre-fabricated image configured in the [default node-set](./spec/acceptance/nodesets/default.yml), -install puppet, copy this module and install its dependencies per [spec/spec_helper_acceptance.rb](./spec/spec_helper_acceptance.rb) -and then run all the tests under [spec/acceptance](./spec/acceptance). - -Writing Tests -------------- - -XXX getting started writing tests. - -If you have commit access to the repository -=========================================== - -Even if you have commit access to the repository, you will still need to -go through the process above, and have someone else review and merge -in your changes. The rule is that all changes must be reviewed by a -developer on the project (that did not write the code) to ensure that -all changes go through a code review process. - -Having someone other than the author of the topic branch recorded as -performing the merge is the record that they performed the code -review. - - -Additional Resources -==================== - -* [Getting additional help](http://puppetlabs.com/community/get-help) - -* [Writing tests](http://projects.puppetlabs.com/projects/puppet/wiki/Development_Writing_Tests) - -* [Patchwork](https://patchwork.puppetlabs.com) - -* [General GitHub documentation](http://help.github.com/) - -* [GitHub pull request documentation](http://help.github.com/send-pull-requests/) - diff --git a/java/Gemfile b/java/Gemfile deleted file mode 100644 index bfe64b186..000000000 --- a/java/Gemfile +++ /dev/null @@ -1,48 +0,0 @@ -source ENV['GEM_SOURCE'] || "https://rubygems.org" - -def location_for(place, fake_version = nil) - if place =~ /^(git:[^#]*)#(.*)/ - [fake_version, { :git => $1, :branch => $2, :require => false }].compact - elsif place =~ /^file:\/\/(.*)/ - ['>= 0', { :path => File.expand_path($1), :require => false }] - else - [place, { :require => false }] - end -end - -group :development, :unit_tests do - gem 'rspec-core', '3.1.7', :require => false - gem 'puppetlabs_spec_helper', :require => false - gem 'simplecov', :require => false - gem 'puppet_facts', :require => false - gem 'json', :require => false -end - -group :system_tests do - if beaker_version = ENV['BEAKER_VERSION'] - gem 'beaker', *location_for(beaker_version) - end - if beaker_rspec_version = ENV['BEAKER_RSPEC_VERSION'] - gem 'beaker-rspec', *location_for(beaker_rspec_version) - else - gem 'beaker-rspec', :require => false - end - gem 'serverspec', :require => false - gem 'beaker-puppet_install_helper', :require => false -end - - - -if facterversion = ENV['FACTER_GEM_VERSION'] - gem 'facter', facterversion, :require => false -else - gem 'facter', :require => false -end - -if puppetversion = ENV['PUPPET_GEM_VERSION'] - gem 'puppet', puppetversion, :require => false -else - gem 'puppet', :require => false -end - -# vim:ft=ruby diff --git a/java/LICENSE b/java/LICENSE deleted file mode 100644 index a33e81211..000000000 --- a/java/LICENSE +++ /dev/null @@ -1,17 +0,0 @@ -Puppet Java Module - Puppet module for managing Java - -Copyright (C) 2011 Puppet Labs Inc - -Puppet Labs can be contacted at: info@puppetlabs.com - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. diff --git a/java/README.markdown b/java/README.markdown deleted file mode 100644 index 544215705..000000000 --- a/java/README.markdown +++ /dev/null @@ -1,123 +0,0 @@ -#java - -####Table of Contents - -1. [Overview](#overview) -2. [Module Description - What the module does and why it is useful](#module-description) -3. [Setup - The basics of getting started with the java module](#setup) - * [Beginning with the java module](#beginning-with-the-java-module) -4. [Usage - Configuration options and additional functionality](#usage) -5. [Reference - An under-the-hood peek at what the module is doing and how](#reference) -6. [Limitations - OS compatibility, etc.](#limitations) -7. [Development - Guide for contributing to the module](#development) - -##Overview - -Installs the correct Java package on various platforms. - -##Module Description - -The java module can automatically install Java jdk or jre on a wide variety of systems. Java is a base component for many software platforms, but Java system packages don't always follow packaging conventions. The java module simplifies the Java installation process. - -##Setup - -###Beginning with the java module -To install the correct Java package on your system, include the `java` class: `include java`. - -##Usage - -The java module installs the correct jdk or jre package on a wide variety of systems. By default, the module will install the jdk package, but you can set different installation parameters as needed. For example, to install jre instead of jdk, you would set the distribution parameter: - -~~~ -class { 'java': - distribution => 'jre', -} -~~~ - -##Reference - -###Classes - -####Public classes - -* `java`: Installs and manages the Java package. - -####Private classes - -* `java::config`: Configures the Java alternatives. - -* `java::params`: Builds a hash of jdk/jre packages for all compatible operating systems. - -####Parameters -The following parameters are available in `java`: - -##### `distribution` -Specifies the Java distribution to install. -Valid options: 'jdk', 'jre', or, where the platform supports alternative packages, 'sun-jdk', 'sun-jre', 'oracle-jdk', 'oracle-jre'. Default: 'jdk'. - -#####`java_alternative` -Specifies the name of the Java alternative to use. If you set this parameter, *you must also set the `java_alternative_path`.* -Valid options: Run command `update-java-alternatives -l` for a list of available choices. Default: OS and distribution dependent defaults on *deb systems, undef on others. - -#####`java_alternative_path` -*Required when `java_alternative` is specified.* Defines the path to the `java` command. -Valid option: String. Default: OS and distribution dependent defaults on *deb systems, undef on others. - -#####`package` -Specifies the name of the Java package. This is configurable in case you want to install a non-standard Java package. If not set, the module will install the appropriate package for the `distribution` parameter and target platform. If you set `package`, the `distribution` parameter will do nothing. -Valid option: String. Default: undef. - -#####`version` -Sets the version of Java to install, if you want to ensure a particular version. -Valid options: 'present', 'installed', 'latest', or a string matching `/^[.+_0-9a-zA-Z:-]+$/`. Default: 'present'. - - -###Facts - -The java module includes a few facts to describe the version of Java installed on the system: - -* `java_major_version`: The major version of Java. -* `java_patch_level`: The patch level of Java. -* `java_version`: The full Java version string. - -**Note:** The facts return `nil` if Java is not installed on the system. - -##Limitations - -This module cannot guarantee installation of Java versions that are not available on platform repositories. - -This module only manages a singular installation of Java, meaning it is not possible to manage e.g. OpenJDK 7, Oracle Java 7 and Oracle Java 8 in parallel on the same system. - -Oracle Java packages are not included in Debian 7 and Ubuntu 12.04/14.04 repositories. To install Java on those systems, you'll need to package Oracle JDK/JRE, and then the module will be able to install the package. For more information on how to package Oracle JDK/JRE, see the [Debian wiki](http://wiki.debian.org/JavaPackage). - -This module is officially [supported](https://forge.puppetlabs.com/supported) for the following Java versions and platforms: - -OpenJDK is supported on: - -* Red Hat Enterprise Linux (RHEL) 5, 6, 7 -* CentOS 5, 6, 7 -* Oracle Linux 6, 7 -* Scientific Linux 5, 6 -* Debian 6, 7 -* Ubuntu 10.04, 12.04, 14.04 -* Solaris 11 -* SLES 11 SP1, 12 -* OpenBSD 5.6, 5.7 - -Sun Java is supported on: - -* Debian 6 - -### A note to OpenBSD -OpenBSD packages install Java JRE/JDK in a unique directory structure, not linking -the binaries to a standard directory. Because of that, the path to this location -is hardcoded in the java_version fact. Whenever a Java upgrade to a newer -version/path will be done on OpenBSD, it has to be adapted there. - -##Development - -Puppet Labs modules on the Puppet Forge are open projects, and community contributions are essential for keeping them great. We can’t access the huge number of platforms and myriad hardware, software, and deployment configurations that Puppet is intended to serve. We want to keep it as easy as possible to contribute changes so that our modules work in your environment. There are a few guidelines that we need contributors to follow so that we can have a chance of keeping on top of things. For more information, see our [module contribution guide.](https://docs.puppetlabs.com/forge/contributing.html) - -##Contributors - -The list of contributors can be found at: [https://github.com/puppetlabs/puppetlabs-java/graphs/contributors](https://github.com/puppetlabs/puppetlabs-java/graphs/contributors). diff --git a/java/Rakefile b/java/Rakefile deleted file mode 100644 index 181157e6e..000000000 --- a/java/Rakefile +++ /dev/null @@ -1,10 +0,0 @@ -require 'puppetlabs_spec_helper/rake_tasks' -require 'puppet-lint/tasks/puppet-lint' - -PuppetLint.configuration.fail_on_warnings = true -PuppetLint.configuration.send('relative') -PuppetLint.configuration.send('disable_80chars') -PuppetLint.configuration.send('disable_class_inherits_from_params_class') -PuppetLint.configuration.send('disable_documentation') -PuppetLint.configuration.send('disable_single_quote_string_with_variables') -PuppetLint.configuration.ignore_paths = ["spec/**/*.pp", "pkg/**/*.pp"] diff --git a/java/lib/facter/java_major_version.rb b/java/lib/facter/java_major_version.rb deleted file mode 100644 index b0a0aae7c..000000000 --- a/java/lib/facter/java_major_version.rb +++ /dev/null @@ -1,20 +0,0 @@ -# Fact: java_major_version -# -# Purpose: get Java's major version -# -# Resolution: -# Tests for presence of java, returns nil if not present -# returns output of "java -version" and splits on \n + '"' -# eg. -# -# Caveats: -# none -# -# Notes: -# None -Facter.add(:java_major_version) do - setcode do - java_version = Facter.value(:java_version) - java_patch_level = java_version.strip.split('_')[0].split('.')[1] unless java_version.nil? - end -end \ No newline at end of file diff --git a/java/lib/facter/java_patch_level.rb b/java/lib/facter/java_patch_level.rb deleted file mode 100644 index 1d7921f34..000000000 --- a/java/lib/facter/java_patch_level.rb +++ /dev/null @@ -1,18 +0,0 @@ -# Fact: java_patch_level -# -# Purpose: get Java's patch level -# -# Resolution: -# Uses java_version fact splits on the patch number (after _) -# -# Caveats: -# none -# -# Notes: -# None -Facter.add(:java_patch_level) do - setcode do - java_version = Facter.value(:java_version) - java_patch_level = java_version.strip.split('_')[1] unless java_version.nil? - end -end \ No newline at end of file diff --git a/java/lib/facter/java_version.rb b/java/lib/facter/java_version.rb deleted file mode 100644 index e3ce186ef..000000000 --- a/java/lib/facter/java_version.rb +++ /dev/null @@ -1,52 +0,0 @@ -# Fact: java_version -# -# Purpose: get full java version string -# -# Resolution: -# Tests for presence of java, returns nil if not present -# returns output of "java -version" and splits on \n + '"' -# -# Caveats: -# none -# -# Notes: -# None -Facter.add(:java_version) do - # the OS-specific overrides need to be able to return nil, - # to indicate "no java available". Usually returning nil - # would mean that facter falls back to a lower priority - # resolution, which would then trigger MODULES-2637. To - # avoid that, we confine the "default" here to not run - # on those OS. - # Additionally, facter versions prior to 2.0.1 only support - # positive matches, so this needs to be done manually in setcode. - setcode do - unless [ 'openbsd', 'darwin' ].include? Facter.value(:operatingsystem).downcase - if Facter::Util::Resolution.which('java') - Facter::Util::Resolution.exec('java -Xmx8m -version 2>&1').lines.first.split(/"/)[1].strip - end - end - end -end - -Facter.add(:java_version) do - confine :operatingsystem => 'OpenBSD' - has_weight 100 - setcode do - Facter::Util::Resolution.with_env("PATH" => '/usr/local/jdk-1.7.0/jre/bin:/usr/local/jre-1.7.0/bin') do - if Facter::Util::Resolution.which('java') - Facter::Util::Resolution.exec('java -Xmx8m -version 2>&1').lines.first.split(/"/)[1].strip - end - end - end -end - -Facter.add(:java_version) do - confine :operatingsystem => 'Darwin' - has_weight 100 - setcode do - unless /Unable to find any JVMs matching version/ =~ Facter::Util::Resolution.exec('/usr/libexec/java_home --failfast 2>&1') - Facter::Util::Resolution.exec('java -Xmx8m -version 2>&1').lines.first.split(/"/)[1].strip - end - end -end diff --git a/java/manifests/config.pp b/java/manifests/config.pp deleted file mode 100644 index b15d91106..000000000 --- a/java/manifests/config.pp +++ /dev/null @@ -1,37 +0,0 @@ -# On Debian systems, if alternatives are set, manually assign them. -class java::config ( ) { - case $::osfamily { - 'Debian': { - if $java::use_java_alternative != undef and $java::use_java_alternative_path != undef { - exec { 'update-java-alternatives': - path => '/usr/bin:/usr/sbin:/bin:/sbin', - command => "update-java-alternatives --set ${java::use_java_alternative} ${java::jre_flag}", - unless => "test /etc/alternatives/java -ef '${java::use_java_alternative_path}'", - } - } - } - 'RedHat': { - if $java::use_java_alternative != undef and $java::use_java_alternative_path != undef { - # The standard packages install alternatives, custom packages do not - # For the stanard packages java::params needs these added. - if $java::use_java_package_name != $java::default_package_name { - exec { 'create-java-alternatives': - path => '/usr/bin:/usr/sbin:/bin:/sbin', - command => "alternatives --install /usr/bin/java java ${$java::use_java_alternative_path} 20000" , - unless => "alternatives --display java | grep -q ${$java::use_java_alternative_path}", - before => Exec['update-java-alternatives'] - } - } - - exec { 'update-java-alternatives': - path => '/usr/bin:/usr/sbin', - command => "alternatives --set java ${$java::use_java_alternative_path}" , - unless => "test /etc/alternatives/java -ef '${java::use_java_alternative_path}'", - } - } - } - default: { - # Do nothing. - } - } -} diff --git a/java/manifests/init.pp b/java/manifests/init.pp deleted file mode 100644 index 19d3d798d..000000000 --- a/java/manifests/init.pp +++ /dev/null @@ -1,108 +0,0 @@ -# Class: java -# -# This module manages the Java runtime package -# -# Parameters: -# -# [*distribution*] -# The java distribution to install. Can be one of "jdk" or "jre", -# or other platform-specific options where there are multiple -# implementations available (eg: OpenJDK vs Oracle JDK). -# -# -# [*version*] -# The version of java to install. By default, this module simply ensures -# that java is present, and does not require a specific version. -# -# [*package*] -# The name of the java package. This is configurable in case a non-standard -# java package is desired. -# -# [*java_alternative*] -# The name of the java alternative to use on Debian systems. -# "update-java-alternatives -l" will show which choices are available. -# If you specify a particular package, you will almost always also -# want to specify which java_alternative to choose. If you set -# this, you also need to set the path below. -# -# [*java_alternative_path*] -# The path to the "java" command on Debian systems. Since the -# alternatives system makes it difficult to verify which -# alternative is actually enabled, this is required to ensure the -# correct JVM is enabled. -# -# Actions: -# -# Requires: -# -# Sample Usage: -# -class java( - $distribution = 'jdk', - $version = 'present', - $package = undef, - $java_alternative = undef, - $java_alternative_path = undef -) { - include java::params - - validate_re($version, 'present|installed|latest|^[.+_0-9a-zA-Z:-]+$') - - if has_key($java::params::java, $distribution) { - $default_package_name = $java::params::java[$distribution]['package'] - $default_alternative = $java::params::java[$distribution]['alternative'] - $default_alternative_path = $java::params::java[$distribution]['alternative_path'] - $java_home = $java::params::java[$distribution]['java_home'] - } else { - fail("Java distribution ${distribution} is not supported.") - } - - $use_java_package_name = $package ? { - undef => $default_package_name, - default => $package, - } - - ## If $java_alternative is set, use that. - ## Elsif the DEFAULT package is being used, then use $default_alternative. - ## Else undef - $use_java_alternative = $java_alternative ? { - undef => $use_java_package_name ? { - $default_package_name => $default_alternative, - default => undef, - }, - default => $java_alternative, - } - - ## Same logic as $java_alternative above. - $use_java_alternative_path = $java_alternative_path ? { - undef => $use_java_package_name ? { - $default_package_name => $default_alternative_path, - default => undef, - }, - default => $java_alternative_path, - } - - $jre_flag = $use_java_package_name ? { - /headless/ => '--jre-headless', - default => '--jre' - } - - if $::osfamily == 'Debian' { - # Needed for update-java-alternatives - package { 'java-common': - ensure => present, - before => Class['java::config'], - } - } - - anchor { 'java::begin:': } - -> - package { 'java': - ensure => $version, - name => $use_java_package_name, - } - -> - class { 'java::config': } - -> anchor { 'java::end': } - -} diff --git a/java/manifests/params.pp b/java/manifests/params.pp deleted file mode 100644 index 985a62ca9..000000000 --- a/java/manifests/params.pp +++ /dev/null @@ -1,172 +0,0 @@ -# Class: java::params -# -# This class builds a hash of JDK/JRE packages and (for Debian) -# alternatives. For wheezy/precise, we provide Oracle JDK/JRE -# options, even though those are not in the package repositories. -# -# For more info on how to package Oracle JDK/JRE, see the Debian wiki: -# http://wiki.debian.org/JavaPackage -# -# Because the alternatives system makes it very difficult to tell -# which Java alternative is enabled, we hard code the path to bin/java -# for the config class to test if it is enabled. -class java::params { - - case $::osfamily { - 'RedHat': { - case $::operatingsystem { - 'RedHat', 'CentOS', 'OracleLinux', 'Scientific', 'OEL': { - if (versioncmp($::operatingsystemrelease, '5.0') < 0) { - $jdk_package = 'java-1.6.0-sun-devel' - $jre_package = 'java-1.6.0-sun' - } - elsif (versioncmp($::operatingsystemrelease, '6.3') < 0) { - $jdk_package = 'java-1.6.0-openjdk-devel' - $jre_package = 'java-1.6.0-openjdk' - } - else { - $jdk_package = 'java-1.7.0-openjdk-devel' - $jre_package = 'java-1.7.0-openjdk' - } - } - 'Fedora': { - if (versioncmp($::operatingsystemrelease, '21') < 0) { - $jdk_package = 'java-1.7.0-openjdk-devel' - $jre_package = 'java-1.7.0-openjdk' - } - else { - $jdk_package = 'java-1.8.0-openjdk-devel' - $jre_package = 'java-1.8.0-openjdk' - } - } - 'Amazon': { - $jdk_package = 'java-1.7.0-openjdk-devel' - $jre_package = 'java-1.7.0-openjdk' - } - default: { fail("unsupported os ${::operatingsystem}") } - } - $java = { - 'jdk' => { 'package' => $jdk_package, }, - 'jre' => { 'package' => $jre_package, }, - } - } - 'Debian': { - case $::lsbdistcodename { - 'lenny', 'squeeze', 'lucid', 'natty': { - $java = { - 'jdk' => { - 'package' => 'openjdk-6-jdk', - 'alternative' => "java-6-openjdk-${::architecture}", - 'alternative_path' => '/usr/lib/jvm/java-6-openjdk/jre/bin/java', - 'java_home' => '/usr/lib/jvm/java-6-openjdk/jre/', - }, - 'jre' => { - 'package' => 'openjdk-6-jre-headless', - 'alternative' => "java-6-openjdk-${::architecture}", - 'alternative_path' => '/usr/lib/jvm/java-6-openjdk/jre/bin/java', - 'java_home' => '/usr/lib/jvm/java-6-openjdk/jre/', - }, - 'sun-jre' => { - 'package' => 'sun-java6-jre', - 'alternative' => 'java-6-sun', - 'alternative_path' => '/usr/lib/jvm/java-6-sun/jre/bin/java', - 'java_home' => '/usr/lib/jvm/java-6-sun/jre/', - }, - 'sun-jdk' => { - 'package' => 'sun-java6-jdk', - 'alternative' => 'java-6-sun', - 'alternative_path' => '/usr/lib/jvm/java-6-sun/jre/bin/java', - 'java_home' => '/usr/lib/jvm/java-6-sun/jre/', - }, - } - } - 'wheezy', 'jessie', 'precise','quantal','raring','saucy', 'trusty', 'utopic': { - $java = { - 'jdk' => { - 'package' => 'openjdk-7-jdk', - 'alternative' => "java-1.7.0-openjdk-${::architecture}", - 'alternative_path' => "/usr/lib/jvm/java-1.7.0-openjdk-${::architecture}/bin/java", - 'java_home' => "/usr/lib/jvm/java-1.7.0-openjdk-${::architecture}/", - }, - 'jre' => { - 'package' => 'openjdk-7-jre-headless', - 'alternative' => "java-1.7.0-openjdk-${::architecture}", - 'alternative_path' => "/usr/lib/jvm/java-1.7.0-openjdk-${::architecture}/bin/java", - 'java_home' => "/usr/lib/jvm/java-1.7.0-openjdk-${::architecture}/", - }, - 'oracle-jre' => { - 'package' => 'oracle-j2re1.7', - 'alternative' => 'j2re1.7-oracle', - 'alternative_path' => '/usr/lib/jvm/j2re1.7-oracle/bin/java', - 'java_home' => '/usr/lib/jvm/j2re1.7-oracle/', - }, - 'oracle-jdk' => { - 'package' => 'oracle-j2sdk1.7', - 'alternative' => 'j2sdk1.7-oracle', - 'alternative_path' => '/usr/lib/jvm/j2sdk1.7-oracle/jre/bin/java', - 'java_home' => '/usr/lib/jvm/j2sdk1.7-oracle/jre/', - }, - } - } - 'vivid': { - $java = { - 'jdk' => { - 'package' => 'openjdk-8-jdk', - 'alternative' => "java-1.8.0-openjdk-${::architecture}", - 'alternative_path' => "/usr/lib/jvm/java-1.8.0-openjdk-${::architecture}/bin/java", - 'java_home' => "/usr/lib/jvm/java-1.8.0-openjdk-${::architecture}/", - }, - 'jre' => { - 'package' => 'openjdk-8-jre-headless', - 'alternative' => "java-1.8.0-openjdk-${::architecture}", - 'alternative_path' => "/usr/lib/jvm/java-1.8.0-openjdk-${::architecture}/bin/java", - 'java_home' => "/usr/lib/jvm/java-1.8.0-openjdk-${::architecture}/", - } - } - } - default: { fail("unsupported release ${::lsbdistcodename}") } - } - } - 'OpenBSD': { - $java = { - 'jdk' => { 'package' => 'jdk', }, - 'jre' => { 'package' => 'jre', }, - } - } - 'Solaris': { - $java = { - 'jdk' => { 'package' => 'developer/java/jdk-7', }, - 'jre' => { 'package' => 'runtime/java/jre-7', }, - } - } - 'Suse': { - case $::operatingsystem { - 'SLES': { - case $::operatingsystemmajrelease{ - default: { - $jdk_package = 'java-1_6_0-ibm-devel' - $jre_package = 'java-1_6_0-ibm' - } - '12': { - $jdk_package = 'java-1_7_0-openjdk-devel' - $jre_package = 'java-1_7_0-openjdk' - } - } - } - 'OpenSuSE': { - $jdk_package = 'java-1_7_0-openjdk-devel' - $jre_package = 'java-1_7_0-openjdk' - } - default: { - $jdk_package = 'java-1_6_0-ibm-devel' - $jre_package = 'java-1_6_0-ibm' - } - } - $java = { - 'jdk' => { 'package' => $jdk_package, }, - 'jre' => { 'package' => $jre_package, }, - } - } - default: { fail("unsupported platform ${::osfamily}") } - } -} diff --git a/java/metadata.json b/java/metadata.json deleted file mode 100644 index 287a43e56..000000000 --- a/java/metadata.json +++ /dev/null @@ -1,91 +0,0 @@ -{ - "name": "puppetlabs-java", - "version": "1.4.2", - "author": "puppetlabs", - "summary": "Installs the correct Java package on various platforms.", - "license": "Apache-2.0", - "source": "git://github.com/puppetlabs/puppetlabs-java", - "project_page": "https://github.com/puppetlabs/puppetlabs-java", - "issues_url": "https://tickets.puppetlabs.com/browse/MODULES", - "operatingsystem_support": [ - { - "operatingsystem": "RedHat", - "operatingsystemrelease": [ - "5", - "6", - "7" - ] - }, - { - "operatingsystem": "CentOS", - "operatingsystemrelease": [ - "5", - "6", - "7" - ] - }, - { - "operatingsystem": "OracleLinux", - "operatingsystemrelease": [ - "6", - "7" - ] - }, - { - "operatingsystem": "Scientific", - "operatingsystemrelease": [ - "5", - "6" - ] - }, - { - "operatingsystem": "Fedora", - "operatingsystemrelease": [ - "20", - "21", - "22" - ] - }, - { - "operatingsystem": "Debian", - "operatingsystemrelease": [ - "6", - "7" - ] - }, - { - "operatingsystem": "Ubuntu", - "operatingsystemrelease": [ - "10.04", - "12.04", - "14.04" - ] - }, - { - "operatingsystem": "SLES", - "operatingsystemrelease": [ - "11 SP1", - "12" - ] - }, - { - "operatingsystem": "Solaris", - "operatingsystemrelease": [ - "11" - ] - } - ], - "requirements": [ - { - "name": "pe", - "version_requirement": ">= 3.0.0 < 2015.3.0" - }, - { - "name": "puppet", - "version_requirement": ">= 3.0.0 < 5.0.0" - } - ], - "dependencies": [ - {"name":"puppetlabs/stdlib","version_requirement":">= 2.4.0 < 5.0.0"} - ] -} diff --git a/java/spec/acceptance/install_spec.rb b/java/spec/acceptance/install_spec.rb deleted file mode 100644 index cd6364fdb..000000000 --- a/java/spec/acceptance/install_spec.rb +++ /dev/null @@ -1,219 +0,0 @@ -require 'spec_helper_acceptance' - -#RedHat, CentOS, Scientific, Oracle prior to 5.0 : Sun Java JDK/JRE 1.6 -#RedHat, CentOS, Scientific, Oracle 5.0 < x < 6.3 : OpenJDK Java JDK/JRE 1.6 -#RedHat, CentOS, Scientific, Oracle after 6.3 : OpenJDK Java JDK/JRE 1.7 -#Debian 5/6 & Ubuntu 10.04/11.04 : OpenJDK Java JDK/JRE 1.6 or Sun Java JDK/JRE 1.6 -#Debian 7/Jesse & Ubuntu 12.04 - 14.04 : OpenJDK Java JDK/JRE 1.7 or Oracle Java JDK/JRE 1.6 -#Solaris (what versions?) : Java JDK/JRE 1.7 -#OpenSuSE : OpenJDK Java JDK/JRE 1.7 -#SLES : IBM Java JDK/JRE 1.6 - -# C14677 -# C14678 -# C14679 -# C14680 -# C14681 -# C14682 -# C14684 -# C14687 -# C14692 -# C14696 -# C14697 -# C14700 check on solaris 11 -# C14701 check on sles 11 -# C14703 -# C14723 Where is oracle linux 5? -# C14724 Where is oracle linux 5? -# C14771 Where is redhat 7? Centos 7? -describe "installing java", :unless => UNSUPPORTED_PLATFORMS.include?(fact('osfamily')) do - describe "jre" do - it 'should install jre' do - pp = <<-EOS - class { 'java': - distribution => 'jre', - } - EOS - - # With the version of java that ships with pe on debian wheezy, update-alternatives - # throws an error on the first run due to missing alternative for policytool. It still - # updates the alternatives for java - if fact('operatingsystem') == 'Debian' and fact('lsbdistcodename') == 'wheezy' - apply_manifest(pp) - else - apply_manifest(pp, :catch_failures => true) - end - apply_manifest(pp, :catch_changes => true) - end - end - describe "jdk" do - it 'should install jdk' do - pp = <<-EOS - class { 'java': } - EOS - - apply_manifest(pp, :catch_failures => true) - apply_manifest(pp, :catch_changes => true) - end - end -end -# C14686 -describe 'sun', :if => (fact('operatingsystem') == 'Debian' and fact('operatingsystemrelease').match(/(5|6)/)) do - before :all do - pp = <<-EOS - file_line { 'non-free source': - path => '/etc/apt/sources.list', - match => "deb http://osmirror.delivery.puppetlabs.net/debian/ ${::lsbdistcodename} main", - line => "deb http://osmirror.delivery.puppetlabs.net/debian/ ${::lsbdistcodename} main non-free", - } - EOS - apply_manifest(pp) - shell('apt-get update') - shell('echo "sun-java6-jdk shared/accepted-sun-dlj-v1-1 select true" | debconf-set-selections') - shell('echo "sun-java6-jre shared/accepted-sun-dlj-v1-1 select true" | debconf-set-selections') - end - describe 'jre' do - it 'should install sun-jre' do - pp = <<-EOS - class { 'java': - distribution => 'sun-jre', - } - EOS - - apply_manifest(pp, :catch_failures => true) - apply_manifest(pp, :catch_changes => true) - end - end - describe 'jdk' do - it 'should install sun-jdk' do - pp = <<-EOS - class { 'java': - distribution => 'sun-jdk', - } - EOS - - apply_manifest(pp, :catch_failures => true) - apply_manifest(pp, :catch_changes => true) - end - end -end - -# C14704 -# C14705 -# C15006 -describe 'oracle', :if => ( - (fact('operatingsystem') == 'Debian') and (fact('operatingsystemrelease').match(/^7/)) or - (fact('operatingsystem') == 'Ubuntu') and (fact('operatingsystemrelease').match(/^12\.04/)) or - (fact('operatingsystem') == 'Ubuntu') and (fact('operatingsystemrelease').match(/^14\.04/)) -) do - # not supported - # The package is not available from any sources, but if a customer - # custom-builds the package using java-package and adds it to a local - # repository, that is the intention of this version ability - describe 'jre' do - it 'should install oracle-jre' do - pp = <<-EOS - class { 'java': - distribution => 'oracle-jre', - } - EOS - - apply_manifest(pp, :expect_failures => true) - end - end - describe 'jdk' do - it 'should install oracle-jdk' do - pp = <<-EOS - class { 'java': - distribution => 'oracle-jdk', - } - EOS - - apply_manifest(pp, :expect_failures => true) - end - end -end - -describe 'failure cases' do - # C14711 - it 'should fail to install java with an incorrect version' do - pp = <<-EOS - class { 'java': - version => '14.5', - } - EOS - - apply_manifest(pp, :expect_failures => true) - end - - # C14712 - it 'should fail to install java with a blank version' do - pp = <<-EOS - class { 'java': - version => '', - } - EOS - - apply_manifest(pp, :expect_failures => true) - end - - # C14713 - it 'should fail to install java with an incorrect distribution' do - pp = <<-EOS - class { 'java': - distribution => 'xyz', - } - EOS - - apply_manifest(pp, :expect_failures => true) - end - - # C14714 - it 'should fail to install java with a blank distribution' do - pp = <<-EOS - class { 'java': - distribution => '', - } - EOS - - apply_manifest(pp, :expect_failures => true) - end - - # C14715 - it 'should fail to install java with an incorrect package' do - pp = <<-EOS - class { 'java': - package => 'xyz', - } - EOS - - apply_manifest(pp, :expect_failures => true) - end - # C14715 - it 'should fail to install java with an incorrect package' do - pp = <<-EOS - class { 'java': - package => 'xyz', - } - EOS - - apply_manifest(pp, :expect_failures => true) - end - # C14717 - # C14719 - # C14725 - it 'should fail on debian or RHEL when passed fake java_alternative and path' do - pp = <<-EOS - class { 'java': - java_alternative => 'whatever', - java_alternative_path => '/whatever', - } - EOS - - if fact('osfamily') == 'Debian' or fact('osfamily') == 'RedHat' - apply_manifest(pp, :expect_failures => true) - else - apply_manifest(pp, :catch_failures => true) - end - end -end diff --git a/java/spec/acceptance/nodesets/centos-5-vcloud.yml b/java/spec/acceptance/nodesets/centos-5-vcloud.yml deleted file mode 100644 index 377d0eec5..000000000 --- a/java/spec/acceptance/nodesets/centos-5-vcloud.yml +++ /dev/null @@ -1,15 +0,0 @@ -HOSTS: - 'centos-5-vcloud': - roles: - - master - platform: el-5-x86_64 - hypervisor: vcloud - template: centos-5-x86_64 -CONFIG: - type: foss - ssh: - keys: "~/.ssh/id_rsa-acceptance" - datastore: instance0 - folder: Delivery/Quality Assurance/Enterprise/Dynamic - resourcepool: delivery/Quality Assurance/Enterprise/Dynamic - pooling_api: http://vcloud.delivery.puppetlabs.net/ diff --git a/java/spec/acceptance/nodesets/centos-59-x64-pe.yml b/java/spec/acceptance/nodesets/centos-59-x64-pe.yml deleted file mode 100644 index 3a6470bea..000000000 --- a/java/spec/acceptance/nodesets/centos-59-x64-pe.yml +++ /dev/null @@ -1,12 +0,0 @@ -HOSTS: - centos-59-x64: - roles: - - master - - database - - console - platform: el-5-x86_64 - box : centos-59-x64-vbox4210-nocm - box_url : http://puppet-vagrant-boxes.puppetlabs.com/centos-59-x64-vbox4210-nocm.box - hypervisor : vagrant -CONFIG: - type: pe diff --git a/java/spec/acceptance/nodesets/centos-59-x64.yml b/java/spec/acceptance/nodesets/centos-59-x64.yml deleted file mode 100644 index 2ad90b86a..000000000 --- a/java/spec/acceptance/nodesets/centos-59-x64.yml +++ /dev/null @@ -1,10 +0,0 @@ -HOSTS: - centos-59-x64: - roles: - - master - platform: el-5-x86_64 - box : centos-59-x64-vbox4210-nocm - box_url : http://puppet-vagrant-boxes.puppetlabs.com/centos-59-x64-vbox4210-nocm.box - hypervisor : vagrant -CONFIG: - type: git diff --git a/java/spec/acceptance/nodesets/centos-6-vcloud.yml b/java/spec/acceptance/nodesets/centos-6-vcloud.yml deleted file mode 100644 index ca9c1d329..000000000 --- a/java/spec/acceptance/nodesets/centos-6-vcloud.yml +++ /dev/null @@ -1,15 +0,0 @@ -HOSTS: - 'centos-6-vcloud': - roles: - - master - platform: el-6-x86_64 - hypervisor: vcloud - template: centos-6-x86_64 -CONFIG: - type: foss - ssh: - keys: "~/.ssh/id_rsa-acceptance" - datastore: instance0 - folder: Delivery/Quality Assurance/Enterprise/Dynamic - resourcepool: delivery/Quality Assurance/Enterprise/Dynamic - pooling_api: http://vcloud.delivery.puppetlabs.net/ diff --git a/java/spec/acceptance/nodesets/centos-64-x64-fusion.yml b/java/spec/acceptance/nodesets/centos-64-x64-fusion.yml deleted file mode 100644 index d5166735e..000000000 --- a/java/spec/acceptance/nodesets/centos-64-x64-fusion.yml +++ /dev/null @@ -1,10 +0,0 @@ -HOSTS: - centos-64-x64: - roles: - - master - platform: el-6-x86_64 - box : centos-64-x64-fusion503-nocm - box_url : http://puppet-vagrant-boxes.puppetlabs.com/centos-64-x64-fusion503-nocm.box - hypervisor : fusion -CONFIG: - type: foss diff --git a/java/spec/acceptance/nodesets/centos-64-x64-pe.yml b/java/spec/acceptance/nodesets/centos-64-x64-pe.yml deleted file mode 100644 index 7d9242f1b..000000000 --- a/java/spec/acceptance/nodesets/centos-64-x64-pe.yml +++ /dev/null @@ -1,12 +0,0 @@ -HOSTS: - centos-64-x64: - roles: - - master - - database - - dashboard - platform: el-6-x86_64 - box : centos-64-x64-vbox4210-nocm - box_url : http://puppet-vagrant-boxes.puppetlabs.com/centos-64-x64-vbox4210-nocm.box - hypervisor : vagrant -CONFIG: - type: pe diff --git a/java/spec/acceptance/nodesets/centos-64-x64.yml b/java/spec/acceptance/nodesets/centos-64-x64.yml deleted file mode 100644 index 05540ed8c..000000000 --- a/java/spec/acceptance/nodesets/centos-64-x64.yml +++ /dev/null @@ -1,10 +0,0 @@ -HOSTS: - centos-64-x64: - roles: - - master - platform: el-6-x86_64 - box : centos-64-x64-vbox4210-nocm - box_url : http://puppet-vagrant-boxes.puppetlabs.com/centos-64-x64-vbox4210-nocm.box - hypervisor : vagrant -CONFIG: - type: foss diff --git a/java/spec/acceptance/nodesets/centos-65-x64.yml b/java/spec/acceptance/nodesets/centos-65-x64.yml deleted file mode 100644 index 4e2cb809e..000000000 --- a/java/spec/acceptance/nodesets/centos-65-x64.yml +++ /dev/null @@ -1,10 +0,0 @@ -HOSTS: - centos-65-x64: - roles: - - master - platform: el-6-x86_64 - box : centos-65-x64-vbox436-nocm - box_url : http://puppet-vagrant-boxes.puppetlabs.com/centos-65-x64-virtualbox-nocm.box - hypervisor : vagrant -CONFIG: - type: foss diff --git a/java/spec/acceptance/nodesets/centos-7-vcloud.yml b/java/spec/acceptance/nodesets/centos-7-vcloud.yml deleted file mode 100644 index 1cecb6b28..000000000 --- a/java/spec/acceptance/nodesets/centos-7-vcloud.yml +++ /dev/null @@ -1,15 +0,0 @@ -HOSTS: - 'centos-7-vcloud': - roles: - - master - platform: el-7-x86_64 - hypervisor: vcloud - template: centos-7-x86_64 -CONFIG: - type: foss - ssh: - keys: "~/.ssh/id_rsa-acceptance" - datastore: instance0 - folder: Delivery/Quality Assurance/Enterprise/Dynamic - resourcepool: delivery/Quality Assurance/Enterprise/Dynamic - pooling_api: http://vcloud.delivery.puppetlabs.net/ diff --git a/java/spec/acceptance/nodesets/debian-6-vcloud.yml b/java/spec/acceptance/nodesets/debian-6-vcloud.yml deleted file mode 100644 index 658c7d4c0..000000000 --- a/java/spec/acceptance/nodesets/debian-6-vcloud.yml +++ /dev/null @@ -1,15 +0,0 @@ -HOSTS: - 'debian-6-amd64': - roles: - - master - platform: debian-6-amd64 - hypervisor: vcloud - template: debian-6-x86_64 -CONFIG: - type: foss - ssh: - keys: "~/.ssh/id_rsa-acceptance" - datastore: instance0 - folder: Delivery/Quality Assurance/Enterprise/Dynamic - resourcepool: delivery/Quality Assurance/Enterprise/Dynamic - pooling_api: http://vcloud.delivery.puppetlabs.net/ diff --git a/java/spec/acceptance/nodesets/debian-607-x64.yml b/java/spec/acceptance/nodesets/debian-607-x64.yml deleted file mode 100644 index 4c8be42d0..000000000 --- a/java/spec/acceptance/nodesets/debian-607-x64.yml +++ /dev/null @@ -1,10 +0,0 @@ -HOSTS: - debian-607-x64: - roles: - - master - platform: debian-6-amd64 - box : debian-607-x64-vbox4210-nocm - box_url : http://puppet-vagrant-boxes.puppetlabs.com/debian-607-x64-vbox4210-nocm.box - hypervisor : vagrant -CONFIG: - type: git diff --git a/java/spec/acceptance/nodesets/debian-7-vcloud.yml b/java/spec/acceptance/nodesets/debian-7-vcloud.yml deleted file mode 100644 index 9323473e3..000000000 --- a/java/spec/acceptance/nodesets/debian-7-vcloud.yml +++ /dev/null @@ -1,15 +0,0 @@ -HOSTS: - 'debian-7-amd64': - roles: - - master - platform: debian-7-amd64 - hypervisor: vcloud - template: debian-7-x86_64 -CONFIG: - type: foss - ssh: - keys: "~/.ssh/id_rsa-acceptance" - datastore: instance0 - folder: Delivery/Quality Assurance/Enterprise/Dynamic - resourcepool: delivery/Quality Assurance/Enterprise/Dynamic - pooling_api: http://vcloud.delivery.puppetlabs.net/ diff --git a/java/spec/acceptance/nodesets/debian-70rc1-x64.yml b/java/spec/acceptance/nodesets/debian-70rc1-x64.yml deleted file mode 100644 index 19181c123..000000000 --- a/java/spec/acceptance/nodesets/debian-70rc1-x64.yml +++ /dev/null @@ -1,10 +0,0 @@ -HOSTS: - debian-70rc1-x64: - roles: - - master - platform: debian-7-amd64 - box : debian-70rc1-x64-vbox4210-nocm - box_url : http://puppet-vagrant-boxes.puppetlabs.com/debian-70rc1-x64-vbox4210-nocm.box - hypervisor : vagrant -CONFIG: - type: git diff --git a/java/spec/acceptance/nodesets/default.yml b/java/spec/acceptance/nodesets/default.yml deleted file mode 100644 index 05540ed8c..000000000 --- a/java/spec/acceptance/nodesets/default.yml +++ /dev/null @@ -1,10 +0,0 @@ -HOSTS: - centos-64-x64: - roles: - - master - platform: el-6-x86_64 - box : centos-64-x64-vbox4210-nocm - box_url : http://puppet-vagrant-boxes.puppetlabs.com/centos-64-x64-vbox4210-nocm.box - hypervisor : vagrant -CONFIG: - type: foss diff --git a/java/spec/acceptance/nodesets/fedora-18-x64.yml b/java/spec/acceptance/nodesets/fedora-18-x64.yml deleted file mode 100644 index 624b53716..000000000 --- a/java/spec/acceptance/nodesets/fedora-18-x64.yml +++ /dev/null @@ -1,10 +0,0 @@ -HOSTS: - fedora-18-x64: - roles: - - master - platform: fedora-18-x86_64 - box : fedora-18-x64-vbox4210-nocm - box_url : http://puppet-vagrant-boxes.puppetlabs.com/fedora-18-x64-vbox4210-nocm.box - hypervisor : vagrant -CONFIG: - type: git diff --git a/java/spec/acceptance/nodesets/redhat-7-vcloud.yml b/java/spec/acceptance/nodesets/redhat-7-vcloud.yml deleted file mode 100644 index cf8f79a97..000000000 --- a/java/spec/acceptance/nodesets/redhat-7-vcloud.yml +++ /dev/null @@ -1,15 +0,0 @@ -HOSTS: - 'redhat-7-vcloud': - roles: - - master - platform: el-7-x86_64 - hypervisor: vcloud - template: redhat-7-x86_64 -CONFIG: - type: foss - ssh: - keys: "~/.ssh/id_rsa-acceptance" - datastore: instance0 - folder: Delivery/Quality Assurance/Enterprise/Dynamic - resourcepool: delivery/Quality Assurance/Enterprise/Dynamic - pooling_api: http://vcloud.delivery.puppetlabs.net/ diff --git a/java/spec/acceptance/nodesets/sles-11-vcloud.yml b/java/spec/acceptance/nodesets/sles-11-vcloud.yml deleted file mode 100644 index 3f6114a56..000000000 --- a/java/spec/acceptance/nodesets/sles-11-vcloud.yml +++ /dev/null @@ -1,16 +0,0 @@ -HOSTS: - 'sles-11-vcloud': - roles: - - master - platform: sles-11-x86_64 - hypervisor: vcloud - template: sles-11-x86_64 - -CONFIG: - type: foss - ssh: - keys: "~/.ssh/id_rsa-acceptance" - datastore: instance0 - folder: Delivery/Quality Assurance/Enterprise/Dynamic - resourcepool: delivery/Quality Assurance/Enterprise/Dynamic - pooling_api: http://vcloud.delivery.puppetlabs.net/ diff --git a/java/spec/acceptance/nodesets/sles-11sp1-x64.yml b/java/spec/acceptance/nodesets/sles-11sp1-x64.yml deleted file mode 100644 index 554c37a50..000000000 --- a/java/spec/acceptance/nodesets/sles-11sp1-x64.yml +++ /dev/null @@ -1,10 +0,0 @@ -HOSTS: - sles-11sp1-x64: - roles: - - master - platform: sles-11-x86_64 - box : sles-11sp1-x64-vbox4210-nocm - box_url : http://puppet-vagrant-boxes.puppetlabs.com/sles-11sp1-x64-vbox4210-nocm.box - hypervisor : vagrant -CONFIG: - type: git diff --git a/java/spec/acceptance/nodesets/solaris-11-vcloud.yml b/java/spec/acceptance/nodesets/solaris-11-vcloud.yml deleted file mode 100644 index f3912ab2d..000000000 --- a/java/spec/acceptance/nodesets/solaris-11-vcloud.yml +++ /dev/null @@ -1,15 +0,0 @@ -HOSTS: - 'solaris-11-vcloud': - roles: - - master - platform: solaris-11-i386 - hypervisor: vcloud - template: solaris-11-x86_64 -CONFIG: - type: foss - ssh: - keys: "~/.ssh/id_rsa-acceptance" - datastore: instance0 - folder: Delivery/Quality Assurance/Enterprise/Dynamic - resourcepool: delivery/Quality Assurance/Enterprise/Dynamic - pooling_api: http://vcloud.delivery.puppetlabs.net/ diff --git a/java/spec/acceptance/nodesets/ubuntu-1004-vcloud.yml b/java/spec/acceptance/nodesets/ubuntu-1004-vcloud.yml deleted file mode 100644 index 19a918f54..000000000 --- a/java/spec/acceptance/nodesets/ubuntu-1004-vcloud.yml +++ /dev/null @@ -1,15 +0,0 @@ -HOSTS: - 'ubuntu-1004-amd64': - roles: - - master - platform: ubuntu-10.04-amd64 - hypervisor: vcloud - template: ubuntu-1004-x86_64 -CONFIG: - type: foss - ssh: - keys: "~/.ssh/id_rsa-acceptance" - datastore: instance0 - folder: Delivery/Quality Assurance/Enterprise/Dynamic - resourcepool: delivery/Quality Assurance/Enterprise/Dynamic - pooling_api: http://vcloud.delivery.puppetlabs.net/ diff --git a/java/spec/acceptance/nodesets/ubuntu-1404-vcloud.yml b/java/spec/acceptance/nodesets/ubuntu-1404-vcloud.yml deleted file mode 100644 index d84b18e50..000000000 --- a/java/spec/acceptance/nodesets/ubuntu-1404-vcloud.yml +++ /dev/null @@ -1,15 +0,0 @@ -HOSTS: - 'ubuntu-1404-amd64': - roles: - - master - platform: ubuntu-14.04-amd64 - hypervisor: vcloud - template: ubuntu-1404-x86_64 -CONFIG: - type: foss - ssh: - keys: "~/.ssh/id_rsa-acceptance" - datastore: instance0 - folder: Delivery/Quality Assurance/Enterprise/Dynamic - resourcepool: delivery/Quality Assurance/Enterprise/Dynamic - pooling_api: http://vcloud.delivery.puppetlabs.net/ diff --git a/java/spec/acceptance/nodesets/ubuntu-server-10044-x64.yml b/java/spec/acceptance/nodesets/ubuntu-server-10044-x64.yml deleted file mode 100644 index 5ca1514e4..000000000 --- a/java/spec/acceptance/nodesets/ubuntu-server-10044-x64.yml +++ /dev/null @@ -1,10 +0,0 @@ -HOSTS: - ubuntu-server-10044-x64: - roles: - - master - platform: ubuntu-10.04-amd64 - box : ubuntu-server-10044-x64-vbox4210-nocm - box_url : http://puppet-vagrant-boxes.puppetlabs.com/ubuntu-server-10044-x64-vbox4210-nocm.box - hypervisor : vagrant -CONFIG: - type: foss diff --git a/java/spec/acceptance/nodesets/ubuntu-server-12042-x64.yml b/java/spec/acceptance/nodesets/ubuntu-server-12042-x64.yml deleted file mode 100644 index d065b304f..000000000 --- a/java/spec/acceptance/nodesets/ubuntu-server-12042-x64.yml +++ /dev/null @@ -1,10 +0,0 @@ -HOSTS: - ubuntu-server-12042-x64: - roles: - - master - platform: ubuntu-12.04-amd64 - box : ubuntu-server-12042-x64-vbox4210-nocm - box_url : http://puppet-vagrant-boxes.puppetlabs.com/ubuntu-server-12042-x64-vbox4210-nocm.box - hypervisor : vagrant -CONFIG: - type: foss diff --git a/java/spec/acceptance/nodesets/ubuntu-server-1404-x64.yml b/java/spec/acceptance/nodesets/ubuntu-server-1404-x64.yml deleted file mode 100644 index cba1cd04c..000000000 --- a/java/spec/acceptance/nodesets/ubuntu-server-1404-x64.yml +++ /dev/null @@ -1,11 +0,0 @@ -HOSTS: - ubuntu-server-1404-x64: - roles: - - master - platform: ubuntu-14.04-amd64 - box : puppetlabs/ubuntu-14.04-64-nocm - box_url : https://vagrantcloud.com/puppetlabs/ubuntu-14.04-64-nocm - hypervisor : vagrant -CONFIG: - log_level : debug - type: git diff --git a/java/spec/acceptance/nodesets/ubuntu-server-1504-x64.yml b/java/spec/acceptance/nodesets/ubuntu-server-1504-x64.yml deleted file mode 100644 index ee3f0249c..000000000 --- a/java/spec/acceptance/nodesets/ubuntu-server-1504-x64.yml +++ /dev/null @@ -1,11 +0,0 @@ -HOSTS: - ubuntu-server-1504-x64: - roles: - - master - platform: ubuntu-15.04-amd64 - box : puppetlabs/ubuntu-15.04-64-nocm - box_url : https://vagrantcloud.com/puppetlabs/ubuntu-15.04-64-nocm - hypervisor : vagrant -CONFIG: - log_level : debug - type: git diff --git a/java/spec/classes/java_spec.rb b/java/spec/classes/java_spec.rb deleted file mode 100644 index d44bedb69..000000000 --- a/java/spec/classes/java_spec.rb +++ /dev/null @@ -1,211 +0,0 @@ -require 'spec_helper' - -describe 'java', :type => :class do - - context 'select openjdk for Centos 5.8' do - let(:facts) { {:osfamily => 'RedHat', :operatingsystem => 'Centos', :operatingsystemrelease => '5.8'} } - it { should contain_package('java').with_name('java-1.6.0-openjdk-devel') } - end - - context 'select openjdk for Centos 6.3' do - let(:facts) { {:osfamily => 'RedHat', :operatingsystem => 'Centos', :operatingsystemrelease => '6.3'} } - it { should contain_package('java').with_name('java-1.7.0-openjdk-devel') } - end - - context 'select openjdk for Centos 6.2' do - let(:facts) { {:osfamily => 'RedHat', :operatingsystem => 'Centos', :operatingsystemrelease => '6.2'} } - it { should contain_package('java').with_name('java-1.6.0-openjdk-devel') } - it { should_not contain_exec('update-java-alternatives') } - end - - context 'select Oracle JRE with alternatives for Centos 6.3' do - let(:facts) { {:osfamily => 'RedHat', :operatingsystem => 'Centos', :operatingsystemrelease => '6.3'} } - let(:params) { { 'package' => 'jre', 'java_alternative' => '/usr/bin/java', 'java_alternative_path' => '/usr/java/jre1.7.0_67/bin/java'} } - it { should contain_package('java').with_name('jre') } - it { should contain_exec('create-java-alternatives').with_command('alternatives --install /usr/bin/java java /usr/java/jre1.7.0_67/bin/java 20000') } - it { should contain_exec('update-java-alternatives').with_command('alternatives --set java /usr/java/jre1.7.0_67/bin/java') } - end - - context 'select openjdk for Fedora 20' do - let(:facts) { {:osfamily => 'RedHat', :operatingsystem => 'Fedora', :operatingsystemrelease => '20'} } - it { should contain_package('java').with_name('java-1.7.0-openjdk-devel') } - end - - context 'select openjdk for Fedora 21' do - let(:facts) { {:osfamily => 'RedHat', :operatingsystem => 'Fedora', :operatingsystemrelease => '21'} } - it { should contain_package('java').with_name('java-1.8.0-openjdk-devel') } - end - - context 'select passed value for Fedora 20' do - let(:facts) { {:osfamily => 'RedHat', :operatingsystem => 'Fedora', :operatingsystemrelease => '20'} } - let(:params) { { 'distribution' => 'jre' } } - it { should contain_package('java').with_name('java-1.7.0-openjdk') } - end - - context 'select passed value for Fedora 21' do - let(:facts) { {:osfamily => 'RedHat', :operatingsystem => 'Fedora', :operatingsystemrelease => '21'} } - let(:params) { { 'distribution' => 'jre' } } - it { should contain_package('java').with_name('java-1.8.0-openjdk') } - end - - context 'select passed value for Centos 5.3' do - let(:facts) { {:osfamily => 'RedHat', :operatingsystem => 'Centos', :operatingsystemrelease => '5.3'} } - let(:params) { { 'package' => 'jdk' } } - it { should contain_package('java').with_name('jdk') } - it { should_not contain_exec('update-java-alternatives') } - end - - context 'select default for Centos 5.3' do - let(:facts) { {:osfamily => 'RedHat', :operatingsystem => 'Centos', :operatingsystemrelease => '5.3'} } - it { should contain_package('java').with_name('java-1.6.0-openjdk-devel') } - it { should_not contain_exec('update-java-alternatives') } - end - - context 'select default for Debian Wheezy' do - let(:facts) { {:osfamily => 'Debian', :operatingsystem => 'Debian', :lsbdistcodename => 'wheezy', :operatingsystemrelease => '7.1', :architecture => 'amd64',} } - it { should contain_package('java').with_name('openjdk-7-jdk') } - it { should contain_exec('update-java-alternatives').with_command('update-java-alternatives --set java-1.7.0-openjdk-amd64 --jre') } - end - - context 'select Oracle JRE for Debian Wheezy' do - let(:facts) { {:osfamily => 'Debian', :operatingsystem => 'Debian', :lsbdistcodename => 'wheezy', :operatingsystemrelease => '7.1', :architecture => 'amd64',} } - let(:params) { { 'distribution' => 'oracle-jre' } } - it { should contain_package('java').with_name('oracle-j2re1.7') } - it { should contain_exec('update-java-alternatives').with_command('update-java-alternatives --set j2re1.7-oracle --jre') } - end - - context 'select OpenJDK JRE for Debian Wheezy' do - let(:facts) { {:osfamily => 'Debian', :operatingsystem => 'Debian', :lsbdistcodename => 'wheezy', :operatingsystemrelease => '7.1', :architecture => 'amd64',} } - let(:params) { { 'distribution' => 'jre' } } - it { should contain_package('java').with_name('openjdk-7-jre-headless') } - it { should contain_exec('update-java-alternatives').with_command('update-java-alternatives --set java-1.7.0-openjdk-amd64 --jre-headless') } - end - - context 'select default for Debian Squeeze' do - let(:facts) { {:osfamily => 'Debian', :operatingsystem => 'Debian', :lsbdistcodename => 'squeeze', :operatingsystemrelease => '6.0.5', :architecture => 'amd64',} } - it { should contain_package('java').with_name('openjdk-6-jdk') } - it { should contain_exec('update-java-alternatives').with_command('update-java-alternatives --set java-6-openjdk-amd64 --jre') } - end - - context 'select Oracle JRE for Debian Squeeze' do - let(:facts) { {:osfamily => 'Debian', :operatingsystem => 'Debian', :lsbdistcodename => 'squeeze', :operatingsystemrelease => '6.0.5', :architecture => 'amd64',} } - let(:params) { { 'distribution' => 'sun-jre', } } - it { should contain_package('java').with_name('sun-java6-jre') } - it { should contain_exec('update-java-alternatives').with_command('update-java-alternatives --set java-6-sun --jre') } - end - - context 'select OpenJDK JRE for Debian Squeeze' do - let(:facts) { {:osfamily => 'Debian', :operatingsystem => 'Debian', :lsbdistcodename => 'squeeze', :operatingsystemrelease => '6.0.5', :architecture => 'amd64',} } - let(:params) { { 'distribution' => 'jre', } } - it { should contain_package('java').with_name('openjdk-6-jre-headless') } - it { should contain_exec('update-java-alternatives').with_command('update-java-alternatives --set java-6-openjdk-amd64 --jre-headless') } - end - - context 'select random alternative for Debian Wheezy' do - let(:facts) { {:osfamily => 'Debian', :operatingsystem => 'Debian', :lsbdistcodename => 'wheezy', :operatingsystemrelease => '7.1', :architecture => 'amd64',} } - let(:params) { { 'java_alternative' => 'bananafish' } } - it { should contain_package('java').with_name('openjdk-7-jdk') } - it { should contain_exec('update-java-alternatives').with_command('update-java-alternatives --set bananafish --jre') } - end - - context 'select jdk for Ubuntu Vivid (15.04)' do - let(:facts) { {:osfamily => 'Debian', :operatingsystem => 'Ubuntu', :lsbdistcodename => 'vivid', :operatingsystemrelease => '15.04', :architecture => 'amd64',} } - let(:params) { { 'distribution' => 'jdk' } } - it { should contain_package('java').with_name('openjdk-8-jdk') } - end - - context 'select jre for Ubuntu Vivid (15.04)' do - let(:facts) { {:osfamily => 'Debian', :operatingsystem => 'Ubuntu', :lsbdistcodename => 'vivid', :operatingsystemrelease => '15.04', :architecture => 'amd64',} } - let(:params) { { 'distribution' => 'jre' } } - it { should contain_package('java').with_name('openjdk-8-jre-headless') } - end - - context 'select openjdk for Amazon Linux' do - let(:facts) { {:osfamily => 'RedHat', :operatingsystem => 'Amazon', :operatingsystemrelease => '3.4.43-43.43.amzn1.x86_64'} } - it { should contain_package('java').with_name('java-1.7.0-openjdk-devel') } - end - - context 'select passed value for Amazon Linux' do - let(:facts) { {:osfamily => 'RedHat', :operatingsystem => 'Amazon', :operatingsystemrelease => '5.3.4.43-43.43.amzn1.x86_64'} } - let(:params) { { 'distribution' => 'jre' } } - it { should contain_package('java').with_name('java-1.7.0-openjdk') } - end - - context 'select openjdk for Oracle Linux' do - let(:facts) { {:osfamily => 'RedHat', :operatingsystem => 'OracleLinux', :operatingsystemrelease => '6.4'} } - it { should contain_package('java').with_name('java-1.7.0-openjdk-devel') } - end - - context 'select openjdk for Oracle Linux 6.2' do - let(:facts) { {:osfamily => 'RedHat', :operatingsystem => 'OracleLinux', :operatingsystemrelease => '6.2'} } - it { should contain_package('java').with_name('java-1.6.0-openjdk-devel') } - end - - context 'select passed value for Oracle Linux' do - let(:facts) { {:osfamily => 'RedHat', :operatingsystem => 'OracleLinux', :operatingsystemrelease => '6.3'} } - let(:params) { { 'distribution' => 'jre' } } - it { should contain_package('java').with_name('java-1.7.0-openjdk') } - end - - context 'select passed value for Scientific Linux' do - let(:facts) { {:osfamily => 'RedHat', :operatingsystem => 'Scientific', :operatingsystemrelease => '6.4'} } - let(:params) { { 'distribution' => 'jre' } } - it { should contain_package('java').with_name('java-1.7.0-openjdk') } - end - - context 'select default for OpenSUSE 12.3' do - let(:facts) { {:osfamily => 'Suse', :operatingsystem => 'OpenSUSE', :operatingsystemrelease => '12.3'}} - it { should contain_package('java').with_name('java-1_7_0-openjdk-devel')} - end - - context 'select jdk for OpenBSD' do - let(:facts) { {:osfamily => 'OpenBSD'} } - it { should contain_package('java').with_name('jdk') } - end - - context 'select jre for OpenBSD' do - let(:facts) { {:osfamily => 'OpenBSD'} } - let(:params) { { 'distribution' => 'jre' } } - it { should contain_package('java').with_name('jre') } - end - - describe 'incompatible OSs' do - [ - { - # C14706 - :osfamily => 'windows', - :operatingsystem => 'windows', - :operatingsystemrelease => '8.1', - }, - { - # C14707 - :osfamily => 'Darwin', - :operatingsystem => 'Darwin', - :operatingsystemrelease => '13.3.0', - }, - { - # C14708 - :osfamily => 'AIX', - :operatingsystem => 'AIX', - :operatingsystemrelease => '7100-02-00-000', - }, - { - # C14708 - :osfamily => 'AIX', - :operatingsystem => 'AIX', - :operatingsystemrelease => '6100-07-04-1216', - }, - { - # C14708 - :osfamily => 'AIX', - :operatingsystem => 'AIX', - :operatingsystemrelease => '5300-12-01-1016', - }, - ].each do |facts| - let(:facts) { facts } - it "should fail on #{facts[:operatingsystem]} #{facts[:operatingsystemrelease]}" do - expect { catalogue }.to raise_error Puppet::Error, /unsupported platform/ - end - end - end -end diff --git a/java/spec/spec.opts b/java/spec/spec.opts deleted file mode 100644 index 91cd6427e..000000000 --- a/java/spec/spec.opts +++ /dev/null @@ -1,6 +0,0 @@ ---format -s ---colour ---loadby -mtime ---backtrace diff --git a/java/spec/spec_helper.rb b/java/spec/spec_helper.rb deleted file mode 100644 index 145dcf566..000000000 --- a/java/spec/spec_helper.rb +++ /dev/null @@ -1,6 +0,0 @@ -require 'puppetlabs_spec_helper/module_spec_helper' - -RSpec.configure do |c| - # declare an exclusion filter for the tests using with_env on facter 1.6, as the function is not available on 1.6 - c.filter_run_excluding :with_env => true if Facter.version =~ /^1\.6\./ -end diff --git a/java/spec/spec_helper_acceptance.rb b/java/spec/spec_helper_acceptance.rb deleted file mode 100644 index 7b378af1f..000000000 --- a/java/spec/spec_helper_acceptance.rb +++ /dev/null @@ -1,43 +0,0 @@ -require 'beaker-rspec' -require 'beaker/puppet_install_helper' - -run_puppet_install_helper - -UNSUPPORTED_PLATFORMS = [ "Darwin", "windows" ] - -unless ENV["RS_PROVISION"] == "no" or ENV["BEAKER_provision"] == "no" - hosts.each do |host| - if host['platform'] =~ /sles-1/i || host['platform'] =~ /solaris-1/i - get_stdlib = <<-stdlib - package{'wget':} - exec{'download': - command => "wget -P /root/ https://forgeapi.puppetlabs.com/v3/files/puppetlabs-stdlib-4.3.2.tar.gz --no-check-certificate", - path => ['/opt/csw/bin/','/usr/bin/'] - } - stdlib - apply_manifest_on(host, get_stdlib) - # have to use force otherwise it checks ssl cert even though it is a local file - on host, puppet('module install /root/puppetlabs-stdlib-4.3.2.tar.gz --force') - else - on host, puppet("module install puppetlabs-stdlib") - # For test support - on host, puppet("module install puppetlabs-apt") - end - end -end - -RSpec.configure do |c| - # Project root - proj_root = File.expand_path(File.join(File.dirname(__FILE__), "..")) - - # Readable test descriptions - c.formatter = :documentation - - # Configure all nodes in nodeset - c.before :suite do - # Install module - hosts.each do |host| - copy_module_to(host, :source => proj_root, :module_name => "java") - end - end -end diff --git a/java/spec/unit/facter/java_major_version_spec.rb b/java/spec/unit/facter/java_major_version_spec.rb deleted file mode 100644 index 5c830814a..000000000 --- a/java/spec/unit/facter/java_major_version_spec.rb +++ /dev/null @@ -1,27 +0,0 @@ -require "spec_helper" - -describe Facter::Util::Fact do - before { - Facter.clear - } - - describe "java_major_version" do - context 'returns major version when java_version fact present' do - before :each do - Facter.fact(:java_version).stubs(:value).returns('1.7.0_71') - end - it do - expect(Facter.fact(:java_major_version).value).to eq("7") - end - end - - context 'returns nil when java not present' do - before :each do - Facter.fact(:java_version).stubs(:value).returns(nil) - end - it do - expect(Facter.fact(:java_major_version).value).to be_nil - end - end - end -end diff --git a/java/spec/unit/facter/java_patch_level_spec.rb b/java/spec/unit/facter/java_patch_level_spec.rb deleted file mode 100644 index 5f99eab9c..000000000 --- a/java/spec/unit/facter/java_patch_level_spec.rb +++ /dev/null @@ -1,31 +0,0 @@ -require "spec_helper" - -describe Facter::Util::Fact do - before { - Facter.clear - } - - describe "java_patch_level" do - context "if java is installed" do - context 'returns java patch version extracted from java_version fact' do - before :each do - Facter.fact(:java_version).stubs(:value).returns('1.7.0_71') - end - it do - expect(Facter.fact(:java_patch_level).value).to eq("71") - end - end - end - - context "if java is not installed" do - context 'returns nil' do - before :each do - Facter.fact(:java_version).stubs(:value).returns(nil) - end - it do - expect(Facter.fact(:java_patch_level).value).to be_nil - end - end - end - end -end diff --git a/java/spec/unit/facter/java_version_spec.rb b/java/spec/unit/facter/java_version_spec.rb deleted file mode 100644 index 7d1aa1bd8..000000000 --- a/java/spec/unit/facter/java_version_spec.rb +++ /dev/null @@ -1,92 +0,0 @@ -require "spec_helper" - -describe Facter::Util::Fact do - before { - Facter.clear - } - - describe "java_version" do - context 'returns java version when java present' do - context 'on OpenBSD', :with_env => true do - before do - Facter.fact(:operatingsystem).stubs(:value).returns("OpenBSD") - end - let(:facts) { {:operatingsystem => 'OpenBSD'} } - it do - java_version_output = <<-EOS -openjdk version "1.7.0_71" -OpenJDK Runtime Environment (build 1.7.0_71-b14) -OpenJDK 64-Bit Server VM (build 24.71-b01, mixed mode) - EOS - Facter::Util::Resolution.expects(:which).with("java").returns('/usr/local/jdk-1.7.0/jre/bin/java') - Facter::Util::Resolution.expects(:exec).with("java -Xmx8m -version 2>&1").returns(java_version_output) - expect(Facter.value(:java_version)).to eq("1.7.0_71") - end - end - context 'on Darwin' do - before do - Facter.fact(:operatingsystem).stubs(:value).returns("Darwin") - end - let(:facts) { {:operatingsystem => 'Darwin'} } - it do - java_version_output = <<-EOS -java version "1.7.0_71" -Java(TM) SE Runtime Environment (build 1.7.0_71-b14) -Java HotSpot(TM) 64-Bit Server VM (build 24.71-b01, mixed mode) - EOS - Facter::Util::Resolution.expects(:exec).with("/usr/libexec/java_home --failfast 2>&1").returns("/Library/Java/JavaVirtualMachines/jdk1.7.0_71.jdk/Contents/Home") - Facter::Util::Resolution.expects(:exec).with("java -Xmx8m -version 2>&1").returns(java_version_output) - Facter.value(:java_version).should == "1.7.0_71" - end - end - context 'on other systems' do - before do - Facter.fact(:operatingsystem).stubs(:value).returns("MyOS") - end - let(:facts) { {:operatingsystem => 'MyOS'} } - it do - java_version_output = <<-EOS -java version "1.7.0_71" -Java(TM) SE Runtime Environment (build 1.7.0_71-b14) -Java HotSpot(TM) 64-Bit Server VM (build 24.71-b01, mixed mode) - EOS - Facter::Util::Resolution.expects(:exec).with("java -Xmx8m -version 2>&1").returns(java_version_output) - expect(Facter.value(:java_version)).to eq("1.7.0_71") - end - end - end - - context 'returns nil when java not present' do - context 'on OpenBSD', :with_env => true do - before do - Facter.fact(:operatingsystem).stubs(:value).returns("OpenBSD") - end - let(:facts) { {:operatingsystem => 'OpenBSD'} } - it do - Facter::Util::Resolution.stubs(:exec) - expect(Facter.value(:java_version)).to be_nil - end - end - context 'on Darwin' do - before do - Facter.fact(:operatingsystem).stubs(:value).returns("Darwin") - end - let(:facts) { {:operatingsystem => 'Darwin'} } - it do - Facter::Util::Resolution.expects(:exec).at_least(1).with("/usr/libexec/java_home --failfast 2>&1").returns('Unable to find any JVMs matching version "(null)".') - Facter.value(:java_version).should be_nil - end - end - context 'on other systems' do - before do - Facter.fact(:operatingsystem).stubs(:value).returns("MyOS") - end - let(:facts) { {:operatingsystem => 'MyOS'} } - it do - Facter::Util::Resolution.expects(:which).at_least(1).with("java").returns(false) - expect(Facter.value(:java_version)).to be_nil - end - end - end - end -end diff --git a/java/tests/alternative.pp b/java/tests/alternative.pp deleted file mode 100644 index f361db6c6..000000000 --- a/java/tests/alternative.pp +++ /dev/null @@ -1,5 +0,0 @@ -class { 'java': - package => 'jdk-8u25-linux-x64', - java_alternative => 'jdk1.8.0_25', - java_alternative_path => '/usr/java/jdk1.8.0_25/jre/bin/java' -} diff --git a/java/tests/init.pp b/java/tests/init.pp deleted file mode 100644 index bdd923e51..000000000 --- a/java/tests/init.pp +++ /dev/null @@ -1,4 +0,0 @@ -class { 'java': - distribution => 'jdk', - version => 'latest', -} diff --git a/kafka/.fixtures.yml b/kafka/.fixtures.yml deleted file mode 100644 index 16a384bca..000000000 --- a/kafka/.fixtures.yml +++ /dev/null @@ -1,6 +0,0 @@ -fixtures: - repositories: - stdlib: "https://github.com/puppetlabs/puppetlabs-stdlib.git" - java: "https://github.com/puppetlabs/puppetlabs-java.git" - symlinks: - kafka: "#{source_dir}" \ No newline at end of file diff --git a/kafka/.gitignore b/kafka/.gitignore deleted file mode 100644 index 90d24b276..000000000 --- a/kafka/.gitignore +++ /dev/null @@ -1,9 +0,0 @@ -pkg/ -Gemfile.lock -vendor/ -spec/fixtures/ -.vagrant/ -.bundle/ -coverage/ -*.iml -.idea/ diff --git a/kafka/.rspec b/kafka/.rspec deleted file mode 100644 index 210a1d6b1..000000000 --- a/kafka/.rspec +++ /dev/null @@ -1,2 +0,0 @@ ---format documentation ---color \ No newline at end of file diff --git a/kafka/.sync.yml b/kafka/.sync.yml deleted file mode 100644 index adecb2ebd..000000000 --- a/kafka/.sync.yml +++ /dev/null @@ -1,7 +0,0 @@ ---- -spec/spec_helper_acceptance.rb: - dependencies: - - puppetlabs-stdlib - - puppetlabs-java -spec/acceptance/nodesets/windows-2008R2-serverstandard-x64.yml: - unmanaged: true diff --git a/kafka/.travis.yml b/kafka/.travis.yml deleted file mode 100644 index 6200a6569..000000000 --- a/kafka/.travis.yml +++ /dev/null @@ -1,31 +0,0 @@ -notifications: - email: false -language: ruby -bundler_args: --without development system_tests -sudo: false -before_install: rm Gemfile.lock || true -script: bundle exec rake test -matrix: - include: - - rvm: 1.8.7 - env: PUPPET_GEM_VERSION="~> 3.0" FACTER_GEM_VERSION="~> 1.7.0" - - rvm: 1.9.3 - env: PUPPET_GEM_VERSION="~> 3.0" - - rvm: 2.0.0 - env: PUPPET_GEM_VERSION="~> 3.0" - - rvm: 2.0.0 - env: PUPPET_GEM_VERSION="~> 3.0" FUTURE_PARSER="yes" - - rvm: 2.1.0 - env: PUPPET_GEM_VERSION="~> 3.0" STRICT_VARIABLES=yes FUTURE_PARSER="yes" - -deploy: - provider: puppetforge - user: puppet - password: - secure: "j/Db/NnuJUwyFWGVwZEciC/0Xrhaes647UK49ZnlZTjUppUeTsqY/rKE8Pc4jpiW8DsfeGijCYP1O02tquH+KSKSwiwxIBjbToFjhNNJ6Qgh0DGIR29VZkiyirh5ZkK1yLMx9Ciyn8opwOXHqTRMk6JwAY05Gux1sD2T7Eu2c4w=" - on: - tags: true - # all_branches is required to use tags - all_branches: true - # Only publish if our main Ruby target builds - rvm: 1.9.3 diff --git a/kafka/CHANGELOG.md b/kafka/CHANGELOG.md deleted file mode 100644 index 8d068146b..000000000 --- a/kafka/CHANGELOG.md +++ /dev/null @@ -1,45 +0,0 @@ -##2014-10-10 - Release 1.0.0 -###Summary - -This release adds a number of new features and fixes lots of idempotency issues. -The main additions with this release are support for installing and configuring consumers, producers and mirrors - -####Features - -- added support for adding topics -- added support for managing consumers, producers, and mirrors -- improved documentation -- improved testing - -####Bugfixes - -- updated install_dir to /opt -- fixing install_dir symlink -- fixing idempotency issue in kafka server.properties -- fixing idempotency issue with untar-ing kafka package -- fixing bug in service restart - -##2014-06-02 - Release 0.2.1 -###Summary - - This is a bugfix release to fix conflict with wget dependency - -####Bugfixes - - - Fixing conflict with maestrodev/wget in how it is installed causing issue with duplicate resource. - -##2014-06-02 - Release 0.2.0 -###Summary - - This release fixed some bugs with the kafka service and refactored the code in preparation of supporting things other than the broker. - -####Features - - refactoring of the kafka installation - -####Bugfixes - - fixing issue with kafka service not starting correctly. - -##2014-05-27 - Release 0.1.0 -###Summary - - Initial release. Support for the installation and configuration of a kafka broker diff --git a/kafka/CONTRIBUTING.md b/kafka/CONTRIBUTING.md deleted file mode 100644 index e1288478a..000000000 --- a/kafka/CONTRIBUTING.md +++ /dev/null @@ -1,234 +0,0 @@ -Checklist (and a short version for the impatient) -================================================= - - * Commits: - - - Make commits of logical units. - - - Check for unnecessary whitespace with "git diff --check" before - committing. - - - Commit using Unix line endings (check the settings around "crlf" in - git-config(1)). - - - Do not check in commented out code or unneeded files. - - - The first line of the commit message should be a short - description (50 characters is the soft limit, excluding ticket - number(s)), and should skip the full stop. - - - Associate the issue in the message. The first line should include - the issue number in the form "(#XXXX) Rest of message". - - - The body should provide a meaningful commit message, which: - - - uses the imperative, present tense: "change", not "changed" or - "changes". - - - includes motivation for the change, and contrasts its - implementation with the previous behavior. - - - Make sure that you have tests for the bug you are fixing, or - feature you are adding. - - - Make sure the test suites passes after your commit: - `bundle exec rspec spec/acceptance` More information on [testing](#Testing) below - - - When introducing a new feature, make sure it is properly - documented in the README.md - - * Submission: - - * Pre-requisites: - - - Sign the [Contributor License Agreement](https://cla.puppetlabs.com/) - - - Make sure you have a [GitHub account](https://github.com/join) - - - [Create a ticket](http://projects.puppetlabs.com/projects/modules/issues/new), or [watch the ticket](http://projects.puppetlabs.com/projects/modules/issues) you are patching for. - - * Preferred method: - - - Fork the repository on GitHub. - - - Push your changes to a topic branch in your fork of the - repository. (the format ticket/1234-short_description_of_change is - usually preferred for this project). - - - Submit a pull request to the repository in the puppetlabs - organization. - -The long version -================ - - 1. Make separate commits for logically separate changes. - - Please break your commits down into logically consistent units - which include new or changed tests relevant to the rest of the - change. The goal of doing this is to make the diff easier to - read for whoever is reviewing your code. In general, the easier - your diff is to read, the more likely someone will be happy to - review it and get it into the code base. - - If you are going to refactor a piece of code, please do so as a - separate commit from your feature or bug fix changes. - - We also really appreciate changes that include tests to make - sure the bug is not re-introduced, and that the feature is not - accidentally broken. - - Describe the technical detail of the change(s). If your - description starts to get too long, that is a good sign that you - probably need to split up your commit into more finely grained - pieces. - - Commits which plainly describe the things which help - reviewers check the patch and future developers understand the - code are much more likely to be merged in with a minimum of - bike-shedding or requested changes. Ideally, the commit message - would include information, and be in a form suitable for - inclusion in the release notes for the version of Puppet that - includes them. - - Please also check that you are not introducing any trailing - whitespace or other "whitespace errors". You can do this by - running "git diff --check" on your changes before you commit. - - 2. Sign the Contributor License Agreement - - Before we can accept your changes, we do need a signed Puppet - Labs Contributor License Agreement (CLA). - - You can access the CLA via the [Contributor License Agreement link](https://cla.puppetlabs.com/) - - If you have any questions about the CLA, please feel free to - contact Puppet Labs via email at cla-submissions@puppetlabs.com. - - 3. Sending your patches - - To submit your changes via a GitHub pull request, we _highly_ - recommend that you have them on a topic branch, instead of - directly on "master". - It makes things much easier to keep track of, especially if - you decide to work on another thing before your first change - is merged in. - - GitHub has some pretty good - [general documentation](http://help.github.com/) on using - their site. They also have documentation on - [creating pull requests](http://help.github.com/send-pull-requests/). - - In general, after pushing your topic branch up to your - repository on GitHub, you can switch to the branch in the - GitHub UI and click "Pull Request" towards the top of the page - in order to open a pull request. - - - 4. Update the related GitHub issue. - - If there is a GitHub issue associated with the change you - submitted, then you should update the ticket to include the - location of your branch, along with any other commentary you - may wish to make. - -Testing -======= - -Getting Started ---------------- - -Our puppet modules provide [`Gemfile`](./Gemfile)s which can tell a ruby -package manager such as [bundler](http://bundler.io/) what Ruby packages, -or Gems, are required to build, develop, and test this software. - -Please make sure you have [bundler installed](http://bundler.io/#getting-started) -on your system, then use it to install all dependencies needed for this project, -by running - -```shell -% bundle install -Fetching gem metadata from https://rubygems.org/........ -Fetching gem metadata from https://rubygems.org/.. -Using rake (10.1.0) -Using builder (3.2.2) --- 8><-- many more --><8 -- -Using rspec-system-puppet (2.2.0) -Using serverspec (0.6.3) -Using rspec-system-serverspec (1.0.0) -Using bundler (1.3.5) -Your bundle is complete! -Use `bundle show [gemname]` to see where a bundled gem is installed. -``` - -NOTE some systems may require you to run this command with sudo. - -If you already have those gems installed, make sure they are up-to-date: - -```shell -% bundle update -``` - -With all dependencies in place and up-to-date we can now run the tests: - -```shell -% rake spec -``` - -This will execute all the [rspec tests](http://rspec-puppet.com/) tests -under [spec/defines](./spec/defines), [spec/classes](./spec/classes), -and so on. rspec tests may have the same kind of dependencies as the -module they are testing. While the module defines in its [Modulefile](./Modulefile), -rspec tests define them in [.fixtures.yml](./fixtures.yml). - -Some puppet modules also come with [beaker](https://github.com/puppetlabs/beaker) -tests. These tests spin up a virtual machine under -[VirtualBox](https://www.virtualbox.org/)) with, controlling it with -[Vagrant](http://www.vagrantup.com/) to actually simulate scripted test -scenarios. In order to run these, you will need both of those tools -installed on your system. - -You can run them by issuing the following command - -```shell -% rake spec_clean -% rspec spec/acceptance -``` - -This will now download a pre-fabricated image configured in the [default node-set](./spec/acceptance/nodesets/default.yml), -install puppet, copy this module and install its dependencies per [spec/spec_helper_acceptance.rb](./spec/spec_helper_acceptance.rb) -and then run all the tests under [spec/acceptance](./spec/acceptance). - -Writing Tests -------------- - -XXX getting started writing tests. - -If you have commit access to the repository -=========================================== - -Even if you have commit access to the repository, you will still need to -go through the process above, and have someone else review and merge -in your changes. The rule is that all changes must be reviewed by a -developer on the project (that did not write the code) to ensure that -all changes go through a code review process. - -Having someone other than the author of the topic branch recorded as -performing the merge is the record that they performed the code -review. - - -Additional Resources -==================== - -* [Getting additional help](http://projects.puppetlabs.com/projects/puppet/wiki/Getting_Help) - -* [Writing tests](http://projects.puppetlabs.com/projects/puppet/wiki/Development_Writing_Tests) - -* [Patchwork](https://patchwork.puppetlabs.com) - -* [Contributor License Agreement](https://projects.puppetlabs.com/contributor_licenses/sign) - -* [General GitHub documentation](http://help.github.com/) - -* [GitHub pull request documentation](http://help.github.com/send-pull-requests/) - diff --git a/kafka/Gemfile b/kafka/Gemfile deleted file mode 100644 index 7e5f4ca88..000000000 --- a/kafka/Gemfile +++ /dev/null @@ -1,37 +0,0 @@ -# Copyright 2014 Puppet Community -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -source "https://rubygems.org" - -group :test do - gem "rake" - gem "puppet", ENV['PUPPET_VERSION'] || '~> 3.7.0' - gem "rspec-puppet", :git => 'https://github.com/rodjek/rspec-puppet.git' - gem "puppetlabs_spec_helper" - gem "metadata-json-lint" - gem "rspec-puppet-facts" - gem "rspec", "< 3.2.0", { "platforms" => ["ruby_18"] } -end - -group :development do - gem "travis" - gem "travis-lint" - gem "puppet-blacksmith" - gem "guard-rake" -end - -group :system_tests do - gem "beaker" - gem "beaker-rspec" -end diff --git a/kafka/Guardfile b/kafka/Guardfile deleted file mode 100644 index fd50602a0..000000000 --- a/kafka/Guardfile +++ /dev/null @@ -1,5 +0,0 @@ -notification :off - -guard 'rake', :task => 'test' do - watch(%r{^manifests\/(.+)\.pp$}) -end diff --git a/kafka/LICENSE b/kafka/LICENSE deleted file mode 100644 index c3178c422..000000000 --- a/kafka/LICENSE +++ /dev/null @@ -1,21 +0,0 @@ -Copyright (c) 2014 OpenTable, Inc. - -Permission is hereby granted, free of charge, to any person obtaining -a copy of this software and associated documentation files (the -"Software"), to deal in the Software without restriction, including -without limitation the rights to use, copy, modify, merge, publish, -distribute, sublicense, and/or sell copies of the Software, and to -permit persons to whom the Software is furnished to do so, subject to -the following conditions: - -The above copyright notice and this permission notice shall be -included in all copies or substantial portions of the Software. - -THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, -EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF -MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. -IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY -CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, -TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE -SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. - diff --git a/kafka/README.md b/kafka/README.md deleted file mode 100644 index 447de0fa5..000000000 --- a/kafka/README.md +++ /dev/null @@ -1,135 +0,0 @@ -####Table of Contents - -1. [Overview](#overview) -2. [Module Description - What the module does and why it is useful](#module-description) -3. [Setup - The basics of getting started with kafka](#setup) - * [What kafka affects](#what-kafka-affects) - * [Setup requirements](#setup-requirements) - * [Beginning with kafka](#beginning-with-kafka) -4. [Usage - Configuration options and additional functionality](#usage) -5. [Reference - An under-the-hood peek at what the module is doing and how](#reference) -5. [Limitations - OS compatibility, etc.](#limitations) -6. [Development - Guide for contributing to the module](#development) - -##Overview - -The kafka module for managing the installation and configuration of [Apache Kafka](http://kafka.apache.org) - -[![Build -Status](https://secure.travis-ci.org/puppet-community/puppet-kafka.png)](https://secure.travis-ci.org/puppet-community/puppet-kafka.png) - -##Module Description - -The Kafka module for managing the installation and configuration of Apache Kafka: it's brokers, producers and consumers. - -##Setup - -###What kafka affects - -Installs the Kafka package and creates a new service. - -###Beginning with Kafka - -To successfully install Kafka using this module you need to have Apache Zookeeper already running at localhost:2181. You can specify another Zookeeper host:port configuration using the config hash of the kafka:broker class. - -The default configuration installs Kafka 0.8.2.1 binaries with Scala 2.10 - -```puppet - class { 'kafka': } -``` - -If you want a Kafka broker server that connects to zookeeper listenting on port 2181: - -```puppet - class { 'kafka::broker': - config => { 'broker.id' => '0', 'zookeeper.connect' => 'localhost:2181' } - } -``` - -##Usage - -You can specify different Kafka binaries packages versions to install. Please take a look at the different Scala and Kafka versions combinations at the [Apache Kafka Website](http://kafka.apache.org/downloads.html) - -### Installing Kafka version 0.8.2.2 with scala 2.10 - -We first install the binary package with: - -```puppet - class { 'kafka': - version => '0.8.2.2', - scala_version => '2.10' - } -``` - -Then we set a minimal Kafka broker configuration with: - -```puppet - class { 'kafka::broker': - config => { 'broker.id' => '0', 'zookeeper.connect' => 'localhost:2181' } - } -``` - -###Classes and Defined Types - -####Class: `kafka` -One of the primary classes of the kafka module. This class will install the kafka binaries - -**Parameters within `kafka`:** -#####`version` -The version of kafka that should be installed. -#####`scala_version` -The scala version what kafka was built with. -#####`install_dir` -The directory to install kafka to. -#####`mirror_url` -The url where the kafka is downloaded from. -#####`config` -A hash of the configuration options. -#####`install_java` -Install java if it's not already installed. - -####Class: `kafka::broker` -One of the primary classes of the kafka module. This class will install a kafka broker. - -**Parameters within `kafka::broker`:** -#####`version` -The version of kafka that should be installed. -#####`scala_version` -The scala version what kafka was built with. -#####`install_dir` -The directory to install kafka to. -#####`mirror_url` -The url where the kafka is downloaded from. -#####`config` -A hash of the configuration options. -#####`install_java` -Install java if it's not already installed. - -##Reference - -###Classes -####Public Classes -* [`kafka`](#class-kafka-broker): Guides the basic installation of kafka binaries -* [`kafka::broker`](#class-kafka-broker): Guides the basic installation of a kafka broker - -####Private Classes -* [`kafka::broker::config`] Manages all the default configuration of the kafka application -* [`kafka::broker::install`] Manages the installation of the kafka packages -* [`kafka::broker::service`] Manages the kafka server service - -##Limitations - -This module is tested on the following platforms: - -* CentOS 5 -* CentOS 6 -* Ubuntu 12.04 -* Ubuntu 14.04 - -It is tested with the OSS version of Puppet only. - -##Development - -###Contributing - -Please read CONTRIBUTING.md for full details on contributing to this project. diff --git a/kafka/Rakefile b/kafka/Rakefile deleted file mode 100644 index 8a5af6a32..000000000 --- a/kafka/Rakefile +++ /dev/null @@ -1,55 +0,0 @@ -# Copyright 2014 Puppet Community -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -require 'puppetlabs_spec_helper/rake_tasks' -require 'puppet-lint/tasks/puppet-lint' -require 'puppet-syntax/tasks/puppet-syntax' - -# These two gems aren't always present, for instance -# on Travis with --without development -begin - require 'puppet_blacksmith/rake_tasks' -rescue LoadError -end - -PuppetLint.configuration.relative = true -PuppetLint.configuration.send("disable_80chars") -PuppetLint.configuration.log_format = "%{path}:%{linenumber}:%{check}:%{KIND}:%{message}" -PuppetLint.configuration.fail_on_warnings = true - -# Forsake support for Puppet 2.6.2 for the benefit of cleaner code. -# http://puppet-lint.com/checks/class_parameter_defaults/ -PuppetLint.configuration.send('disable_class_parameter_defaults') -# http://puppet-lint.com/checks/class_inherits_from_params_class/ -PuppetLint.configuration.send('disable_class_inherits_from_params_class') - -exclude_paths = [ - "pkg/**/*", - "vendor/**/*", - "spec/**/*", -] -PuppetLint.configuration.ignore_paths = exclude_paths -PuppetSyntax.exclude_paths = exclude_paths - -desc "Run acceptance tests" -RSpec::Core::RakeTask.new(:acceptance) do |t| - t.pattern = 'spec/acceptance' -end - -desc "Run syntax, lint, and spec tests." -task :test => [ - :syntax, - :lint, - :spec, -] diff --git a/kafka/manifests/broker.pp b/kafka/manifests/broker.pp deleted file mode 100644 index 40d0f7e84..000000000 --- a/kafka/manifests/broker.pp +++ /dev/null @@ -1,73 +0,0 @@ -# Author:: Liam Bennett (mailto:lbennett@opentable.com) -# Copyright:: Copyright (c) 2013 OpenTable Inc -# License:: MIT - -# == Class: kafka::broker -# -# This class will install kafka with the broker role. -# -# === Requirements/Dependencies -# -# Currently requires the puppetlabs/stdlib module on the Puppet Forge in -# order to validate much of the the provided configuration. -# -# === Parameters -# -# [*version*] -# The version of kafka that should be installed. -# -# [*scala_version*] -# The scala version what kafka was built with. -# -# [*install_dir*] -# The directory to install kafka to. -# -# [*mirror_url*] -# The url where the kafka is downloaded from. -# -# [*config*] -# A hash of the configuration options. -# -# [*install_java*] -# Install java if it's not already installed. -# -# [*package_dir*] -# The directory to install kafka. -# -# [*service_restart*] -# Boolean, if the configuration files should trigger a service restart -# -# === Examples -# -# Create a single broker instance which talks to a local zookeeper instance. -# -# class { 'kafka::broker': -# config => { 'broker.id' => '0', 'zookeeper.connect' => 'localhost:2181' } -# } -# -class kafka::broker ( - $version = $kafka::params::version, - $scala_version = $kafka::params::scala_version, - $install_dir = $kafka::params::install_dir, - $mirror_url = $kafka::params::mirror_url, - $config = $kafka::params::broker_config_defaults, - $install_java = $kafka::params::install_java, - $package_dir = $kafka::params::package_dir, - $service_restart = $kafka::params::service_restart -) inherits kafka::params { - - validate_re($::osfamily, 'RedHat|Debian\b', "${::operatingsystem} not supported") - #validate_re($version, '\d+\.\d+\.\d+\.*\d*', "${version} does not match semver") - #validate_re($scala_version, '\d+\.\d+\.\d+\.*\d*', "${version} does not match semver") - #validate_absolute_path($install_dir) - validate_re($mirror_url, '^(https?:\/\/)?([\da-z\.-]+)\.([a-z\.]{2,6})([\/\w \.-]*)*\/?$', "${mirror_url} is not a valid url") - validate_hash($config) - validate_bool($install_java) - validate_absolute_path($package_dir) - validate_bool($service_restart) - - class { 'kafka::broker::install': } -> - class { 'kafka::broker::config': } -> - class { 'kafka::broker::service': } -> - Class['kafka::broker'] -} diff --git a/kafka/manifests/broker/config.pp b/kafka/manifests/broker/config.pp deleted file mode 100644 index 9dbd47fbd..000000000 --- a/kafka/manifests/broker/config.pp +++ /dev/null @@ -1,35 +0,0 @@ -# Author:: Liam Bennett (mailto:lbennett@opentable.com) -# Copyright:: Copyright (c) 2013 OpenTable Inc -# License:: MIT - -# == Class: kafka::broker::config -# -# This private class is meant to be called from `kafka::broker`. -# It manages the broker config files -# -class kafka::broker::config( - $install_dir = $kafka::broker::install_dir, - $service_restart = $kafka::broker::service_restart -) { - - if $caller_module_name != $module_name { - fail("Use of private class ${name} by ${caller_module_name}") - } - - $server_config = deep_merge($kafka::params::broker_config_defaults, $kafka::broker::config) - - $config_notify = $service_restart ? { - true => Service['kafka'], - false => undef - } - - file { '/opt/kafka/config/server.properties': - owner => 'kafka', - group => 'kafka', - mode => '0644', - alias => 'kafka-cfg', - require => [ Exec['untar-kafka'], File['/opt/kafka'] ], - content => template('kafka/server.properties.erb'), - notify => $config_notify - } -} diff --git a/kafka/manifests/broker/install.pp b/kafka/manifests/broker/install.pp deleted file mode 100644 index fefe2eeeb..000000000 --- a/kafka/manifests/broker/install.pp +++ /dev/null @@ -1,26 +0,0 @@ -# Author:: Liam Bennett (mailto:lbennett@opentable.com) -# Copyright:: Copyright (c) 2013 OpenTable Inc -# License:: MIT - -# == Class: kafka::broker::install -# -# This private class is meant to be called from `kafka::broker`. -# It downloads the package and installs it. -# -class kafka::broker::install { - - if $caller_module_name != $module_name { - fail("Use of private class ${name} by ${caller_module_name}") - } - - if !defined(Class['::kafka']) { - class { '::kafka': - version => $kafka::broker::version, - scala_version => $kafka::broker::scala_version, - install_dir => $kafka::broker::install_dir, - mirror_url => $kafka::broker::mirror_url, - install_java => $kafka::broker::install_java, - package_dir => $kafka::broker::package_dir - } - } -} diff --git a/kafka/manifests/broker/service.pp b/kafka/manifests/broker/service.pp deleted file mode 100644 index a0e0970c8..000000000 --- a/kafka/manifests/broker/service.pp +++ /dev/null @@ -1,30 +0,0 @@ -# Author:: Liam Bennett (mailto:lbennett@opentable.com) -# Copyright:: Copyright (c) 2013 OpenTable Inc -# License:: MIT - -# == Class: kafka::broker::service -# -# This private class is meant to be called from `kafka::broker`. -# It manages the kafka service -# -class kafka::broker::service { - - if $caller_module_name != $module_name { - fail("Use of private class ${name} by ${caller_module_name}") - } - - file { '/etc/init.d/kafka': - ensure => present, - mode => '0755', - content => template('kafka/init.erb') - } - - service { 'kafka': - ensure => running, - enable => true, - hasstatus => true, - hasrestart => true, - require => File['/etc/init.d/kafka'] - } - -} diff --git a/kafka/manifests/broker/topic.pp b/kafka/manifests/broker/topic.pp deleted file mode 100644 index bcde4452b..000000000 --- a/kafka/manifests/broker/topic.pp +++ /dev/null @@ -1,23 +0,0 @@ -# Author:: Liam Bennett (mailto:lbennett@opentable.com) -# Copyright:: Copyright (c) 2013 OpenTable Inc -# License:: MIT - -# == Define: kafka::broker::topic -# -# This private class is meant to be called from `kafka::broker`. -# It manages the creation of topics on the kafka broker -# -define kafka::broker::topic( - $ensure = '', - $zookeeper = '', - $replication_factor = 1, - $partitions = 1 -) { - - if $ensure == 'present' { - exec { "create topic ${name}": - command => "/opt/kafka/bin/kafka-topics.sh --create --zookeeper '${zookeeper}' --replication-factor ${replication_factor} --partitions ${partitions} --topic ${name}", - unless => "/bin/bash -c \"if [[ \\\"`/opt/kafka/bin/kafka-topics.sh --list --zookeeper '${zookeeper}' ${name}`\\\" == *${name}* ]]; then exit 0; else exit 1; fi\"" - } - } -} diff --git a/kafka/manifests/consumer.pp b/kafka/manifests/consumer.pp deleted file mode 100644 index a65da4425..000000000 --- a/kafka/manifests/consumer.pp +++ /dev/null @@ -1,69 +0,0 @@ -# Author:: Liam Bennett (mailto:lbennett@opentable.com) -# Copyright:: Copyright (c) 2013 OpenTable Inc -# License:: MIT - -# == Class: kafka::consumer -# -# This class will install kafka with the consumer role. -# -# === Requirements/Dependencies -# -# Currently requires the puppetlabs/stdlib module on the Puppet Forge in -# order to validate much of the the provided configuration. -# -# === Parameters -# -# [*version*] -# The version of kafka that should be installed. -# -# [*scala_version*] -# The scala version what kafka was built with. -# -# [*install_dir*] -# The directory to install kafka to. -# -# [*mirror_url*] -# The url where the kafka is downloaded from. -# -# [*config*] -# A hash of the consumer configuration options. -# -# [*install_java*] -# Install java if it's not already installed. -# -# [*package_dir*] -# The directory to install kafka. -# -# [*service_restart*] -# Boolean, if the configuration files should trigger a service restart -# -# === Examples -# -# Create the consumer service connecting to a local zookeeper -# -# class { 'kafka::consumer': -# config => { 'client.id' => '0', 'zookeeper.connect' => 'localhost:2181' } -# } -class kafka::consumer ( - $version = $kafka::params::version, - $scala_version = $kafka::params::scala_version, - $install_dir = $kafka::params::install_dir, - $mirror_url = $kafka::params::mirror_url, - $config = $kafka::params::consumer_config_defaults, - $install_java = $kafka::params::install_java, - $package_dir = $kafka::params::package_dir, - $service_restart = $kafka::params::service_restart -) inherits kafka::params { - - validate_re($::osfamily, 'RedHat|Debian\b', "${::operatingsystem} not supported") - validate_absolute_path($install_dir) - validate_re($mirror_url, '^(https?:\/\/)?([\da-z\.-]+)\.([a-z\.]{2,6})([\/\w \.-]*)*\/?$', "${mirror_url} is not a valid url") - validate_bool($install_java) - validate_absolute_path($package_dir) - validate_bool($service_restart) - - class { 'kafka::consumer::install': } -> - class { 'kafka::consumer::config': } -> - class { 'kafka::consumer::service': } -> - Class['kafka::consumer'] -} diff --git a/kafka/manifests/consumer/config.pp b/kafka/manifests/consumer/config.pp deleted file mode 100644 index 053afc442..000000000 --- a/kafka/manifests/consumer/config.pp +++ /dev/null @@ -1,30 +0,0 @@ -# Author:: Liam Bennett (mailto:lbennett@opentable.com) -# Copyright:: Copyright (c) 2013 OpenTable Inc -# License:: MIT - -# == Class: kafka::consumer::config -# -# This private class is meant to be called from `kafka::consumer`. -# It manages the consumer config files -# -define kafka::consumer::config( - $config = {}, - $service_restart = $kafka::consumer::service_restart -) { - - $consumer_config = deep_merge($kafka::params::consumer_config_defaults, $config) - - $config_notify = $service_restart ? { - true => Service['kafka'], - false => undef - } - - file { "/opt/kafka/config/${name}.properties": - ensure => present, - mode => '0755', - content => template('kafka/consumer.properties.erb'), - require => File['/opt/kafka/config'], - notify => $config_notify - } - -} diff --git a/kafka/manifests/consumer/install.pp b/kafka/manifests/consumer/install.pp deleted file mode 100644 index e0c74e589..000000000 --- a/kafka/manifests/consumer/install.pp +++ /dev/null @@ -1,26 +0,0 @@ -# Author:: Liam Bennett (mailto:lbennett@opentable.com) -# Copyright:: Copyright (c) 2013 OpenTable Inc -# License:: MIT - -# == Class: kafka::consumer::install -# -# This private class is meant to be called from `kafka::consumer`. -# It downloads the package and installs it. -# -class kafka::consumer::install { - - if $caller_module_name != $module_name { - fail("Use of private class ${name} by ${caller_module_name}") - } - - if !defined(Class['::kafka']) { - class { '::kafka': - version => $kafka::consumer::version, - scala_version => $kafka::consumer::scala_version, - install_dir => $kafka::consumer::install_dir, - mirror_url => $kafka::consumer::mirror_url, - install_java => $kafka::consumer::install_java, - package_dir => $kafka::consumer::package_dir - } - } -} diff --git a/kafka/manifests/consumer/service.pp b/kafka/manifests/consumer/service.pp deleted file mode 100644 index 65dbece16..000000000 --- a/kafka/manifests/consumer/service.pp +++ /dev/null @@ -1,33 +0,0 @@ -# Author:: Liam Bennett (mailto:lbennett@opentable.com) -# Copyright:: Copyright (c) 2013 OpenTable Inc -# License:: MIT - -# == Class: kafka::consumer::service -# -# This private class is meant to be called from `kafka::consumer`. -# It manages the kafka-consumer service -# -class kafka::consumer::service( - $config = $kafka::params::consumer_service_config -) { - - if $caller_module_name != $module_name { - fail("Use of private class ${name} by ${caller_module_name}") - } - - $consumer_service_config = deep_merge($config, $kafka::params::consumer_service_config) - - file { '/etc/init.d/kafka-consumer': - ensure => present, - mode => '0755', - content => template('kafka/consumer.init.erb') - } - - service { 'kafka-consumer': - ensure => running, - enable => true, - hasstatus => true, - hasrestart => true, - require => File['/etc/init.d/kafka-consumer'] - } -} diff --git a/kafka/manifests/init.pp b/kafka/manifests/init.pp deleted file mode 100644 index c2aba32db..000000000 --- a/kafka/manifests/init.pp +++ /dev/null @@ -1,132 +0,0 @@ -# Author:: Liam Bennett (mailto:lbennett@opentable.com) -# Copyright:: Copyright (c) 2013 OpenTable Inc -# License:: MIT - -# == Class: kafka -# -# This class will install kafka binaries -# -# === Requirements/Dependencies -# -# Currently requires the puppetlabs/stdlib module on the Puppet Forge in -# order to validate much of the the provided configuration. -# -# === Parameters -# -# [*version*] -# The version of kafka that should be installed. -# -# [*scala_version*] -# The scala version what kafka was built with. -# -# [*install_dir*] -# The directory to install kafka to. -# -# [*mirror_url*] -# The url where the kafka is downloaded from. -# -# [*install_java*] -# Install java if it's not already installed. -# -# [*package_dir*] -# The directory to install kafka. -# -# === Examples -# -# -class kafka ( - $version = $kafka::params::version, - $scala_version = $kafka::params::scala_version, - $install_dir = '', - $mirror_url = $kafka::params::mirror_url, - $install_java = $kafka::params::install_java, - $package_dir = $kafka::params::package_dir -) inherits kafka::params { - - validate_re($::osfamily, 'RedHat|Debian\b', "${::operatingsystem} not supported") - #validate_re($version, '\d+\.\d+\.\d+\.*\d*', "${version} does not match semver") - #validate_re($scala_version, '\d+\.\d+\.\d+\.*\d*', "${version} does not match semver") - #validate_absolute_path($install_dir) - validate_re($mirror_url, '^(https?:\/\/)?([\da-z\.-]+)\.([a-z\.]{2,6})([\/\w \.-]*)*\/?$', "${mirror_url} is not a valid url") - validate_bool($install_java) - validate_absolute_path($package_dir) - - $basefilename = "kafka_${scala_version}-${version}.tgz" - $basename = regsubst($basefilename, '(.+)\.tgz$', '\1') - $package_url = "${mirror_url}/kafka/${version}/${basefilename}" - - if $install_dir == '' { - $install_directory = "/opt/kafka-${scala_version}-${version}" - } else { - $install_directory = $install_dir - } - - if $install_java { - class { 'java': - distribution => 'jdk' - } - } - - if ! defined(Package['wget']) { - package {'wget': - ensure => present - } - } - - group { 'kafka': - ensure => present - } - - user { 'kafka': - ensure => present, - shell => '/bin/bash', - require => Group['kafka'] - } - - file { $package_dir: - ensure => 'directory', - owner => 'kafka', - group => 'kafka' - } - - file { $install_directory: - ensure => directory, - owner => 'kafka', - group => 'kafka', - alias => 'kafka-app-dir' - } - - file { '/opt/kafka': - ensure => link, - target => $install_directory - } - - file { '/opt/kafka/config': - ensure => directory, - owner => 'kafka', - group => 'kafka', - require => File['/opt/kafka'] - } - - file { '/var/log/kafka': - ensure => directory, - owner => 'kafka', - group => 'kafka' - } - - exec { 'download-kafka-package': - command => "wget -O ${package_dir}/${basefilename} ${package_url} 2> /dev/null", - path => ['/usr/bin', '/bin'], - creates => "${package_dir}/${basefilename}", - require => [ File[$package_dir], Package['wget'] ] - } - - exec { 'untar-kafka-package': - command => "tar xfvz ${package_dir}/${basefilename} -C ${install_directory} --strip-components=1", - creates => "${install_directory}/LICENSE", - alias => 'untar-kafka', - require => [ Exec['download-kafka-package'], File['kafka-app-dir'] ], - user => 'kafka', - path => ['/bin', '/usr/bin', '/usr/sbin'] - } -} diff --git a/kafka/manifests/mirror.pp b/kafka/manifests/mirror.pp deleted file mode 100644 index 799412895..000000000 --- a/kafka/manifests/mirror.pp +++ /dev/null @@ -1,74 +0,0 @@ -# Author:: Liam Bennett (mailto:lbennett@opentable.com) -# Copyright:: Copyright (c) 2013 OpenTable Inc -# License:: MIT - -# == Class: kafka::mirror -# -# This class will install kafka with the mirror role. -# -# === Requirements/Dependencies -# -# Currently requires the puppetlabs/stdlib module on the Puppet Forge in -# order to validate much of the the provided configuration. -# -# === Parameters -# -# [*version*] -# The version of kafka that should be installed. -# -# [*scala_version*] -# The scala version what kafka was built with. -# -# [*install_dir*] -# The directory to install kafka to. -# -# [*mirror_url*] -# The url where the kafka is downloaded from. -# -# [*consumer_config*] -# A hash of the consumer configuration options. -# -# [*producer_config*] -# A hash of the producer configuration options. -# -# [*install_java*] -# Install java if it's not already installed. -# -# [*package_dir*] -# The directory to install kafka. -# -# [*service_restart*] -# Boolean, if the configuration files should trigger a service restart -# -# === Examples -# -# Create the mirror service connecting to a local zookeeper -# -# class { 'kafka::mirror': -# consumer_config => { 'client.id' => '0', 'zookeeper.connect' => 'localhost:2181' } -# } -# -class kafka::mirror ( - $version = $kafka::params::version, - $scala_version = $kafka::params::scala_version, - $install_dir = $kafka::params::install_dir, - $mirror_url = $kafka::params::mirror_url, - $consumer_config = $kafka::params::consumer_config_defaults, - $producer_config = $kafka::params::producer_config_defaults, - $install_java = $kafka::params::install_java, - $package_dir = $kafka::params::package_dir, - $service_restart = $kafka::params::service_restart -) inherits kafka::params { - - validate_re($::osfamily, 'RedHat|Debian\b', "${::operatingsystem} not supported") - validate_absolute_path($install_dir) - validate_re($mirror_url, '^(https?:\/\/)?([\da-z\.-]+)\.([a-z\.]{2,6})([\/\w \.-]*)*\/?$', "${mirror_url} is not a valid url") - validate_bool($install_java) - validate_absolute_path($package_dir) - validate_bool($service_restart) - - class { 'kafka::mirror::install': } -> - class { 'kafka::mirror::config': } -> - class { 'kafka::mirror::service': } -> - Class['kafka::mirror'] -} diff --git a/kafka/manifests/mirror/config.pp b/kafka/manifests/mirror/config.pp deleted file mode 100644 index f3170451b..000000000 --- a/kafka/manifests/mirror/config.pp +++ /dev/null @@ -1,26 +0,0 @@ -# Author:: Liam Bennett (mailto:lbennett@opentable.com) -# Copyright:: Copyright (c) 2013 OpenTable Inc -# License:: MIT - -# == Class: kafka::mirror::config -# -# This private class is meant to be called from `kafka::mirror`. -# It manages the mirror-maker config files -# -class kafka::mirror::config( - $consumer_config = $kafka::mirror::consumer_config, - $producer_config = $kafka::mirror::producer_config, - $service_restart = $kafka::mirror::service_restart -) { - - if $caller_module_name != $module_name { - fail("Use of private class ${name} by ${caller_module_name}") - } - - class { 'kafka::producer::config': - config => $producer_config, - service_restart => $service_restart - } - - create_resources('kafka::consumer::config', $consumer_config) -} diff --git a/kafka/manifests/mirror/install.pp b/kafka/manifests/mirror/install.pp deleted file mode 100644 index 31e5fb850..000000000 --- a/kafka/manifests/mirror/install.pp +++ /dev/null @@ -1,26 +0,0 @@ -# Author:: Liam Bennett (mailto:lbennett@opentable.com) -# Copyright:: Copyright (c) 2013 OpenTable Inc -# License:: MIT - -# == Class: kafka::mirror::install -# -# This private class is meant to be called from `kafka::mirror`. -# It downloads the package and installs it. -# -class kafka::mirror::install { - - if $caller_module_name != $module_name { - fail("Use of private class ${name} by ${caller_module_name}") - } - - if !defined(Class['::kafka']) { - class { '::kafka': - version => $kafka::mirror::version, - scala_version => $kafka::mirror::scala_version, - install_dir => $kafka::mirror::install_dir, - mirror_url => $kafka::mirror::mirror_url, - install_java => $kafka::mirror::install_java, - package_dir => $kafka::mirror::package_dir - } - } -} diff --git a/kafka/manifests/mirror/service.pp b/kafka/manifests/mirror/service.pp deleted file mode 100644 index 1cb7c1dcf..000000000 --- a/kafka/manifests/mirror/service.pp +++ /dev/null @@ -1,36 +0,0 @@ -# Author:: Liam Bennett (mailto:lbennett@opentable.com) -# Copyright:: Copyright (c) 2013 OpenTable Inc -# License:: MIT - -# == Class: kafka::mirror::service -# -# This private class is meant to be called from `kafka::mirror`. -# It manages the kafka-mirror service -# -class kafka::mirror::service( - $consumer_configs = $kafka::params::consumer_configs, - $num_streams = $kafka::params::num_streams, - $producer_config = $kafka::params::producer_config, - $num_producers = $kafka::params::num_producers, - $whitelist = $kafka::params::whitelist, - $blacklist = $kafka::params::blacklist -) { - - if $caller_module_name != $module_name { - fail("Use of private class ${name} by ${caller_module_name}") - } - - file { '/etc/init.d/kafka-mirror': - ensure => present, - mode => '0755', - content => template('kafka/mirror.init.erb') - } - - service { 'kafka-mirror': - ensure => running, - enable => true, - hasstatus => true, - hasrestart => true, - require => File['/etc/init.d/kafka-mirror'] - } -} diff --git a/kafka/manifests/params.pp b/kafka/manifests/params.pp deleted file mode 100644 index 233552ae8..000000000 --- a/kafka/manifests/params.pp +++ /dev/null @@ -1,187 +0,0 @@ -# Author:: Liam Bennett (mailto:lbennett@opentable.com) -# Copyright:: Copyright (c) 2013 OpenTable Inc -# License:: MIT - -# == Class kafka::params -# -# This class is meant to be called from kafka::broker -# It sets variables according to platform -# -class kafka::params { - $datastore = '/var/kafka' - $package_dir = '/var/lib/kafka' - $mirror_url = 'http://mirrors.ukfast.co.uk/sites/ftp.apache.org' - $version = '0.8.2.1' - $scala_version = '2.10' - $install_java = true - $install_dir = "/opt/kafka-${scala_version}-${version}" - - $service_restart = true - - #http://kafka.apache.org/documentation.html#brokerconfigs - $broker_config_defaults = { - 'broker.id' => '0', - 'log.dirs' => '/tmp/kafka-logs', - 'port' => '6667', - 'zookeeper.connect' => '', - 'message.max.bytes' => '1000000', - 'num.network.threads' => '3', - 'num.io.threads' => '8', - 'background.threads' => '4', - 'queued.max.requests' => '500', - 'host.name' => '', - 'advertised.host.name' => '', - 'advertised.port' => '', - 'socket.send.buffer.bytes' => '102400', - 'socket.receive.buffer.bytes' => '102400', - 'socket.request.max.bytes' => '104857600', - 'num.partitions' => '1', - 'log.segment.bytes' => '1073741824', - 'log.roll.hours' => '168', - 'log.cleanup.policy' => 'delete', - 'log.retention.hours' => '168', - 'log.retention.minutes' => '10080', - 'log.retention.bytes' => '-1', - 'log.retention.check.interval.ms' => '300000', - 'log.cleaner.enable' => false, - 'log.cleaner.threads' => '1', - 'log.cleaner.io.max.bytes.per.second' => '', - 'log.cleaner.dedupe.buffer.size' => '524288000', - 'log.cleaner.io.buffer.size' => '524288', - 'log.cleaner.io.buffer.load.factor' => '0.9', - 'log.cleaner.backoff.ms' => '15000', - 'log.cleaner.min.cleanable.ratio' => '0.5', - 'log.cleaner.delete.retention.ms' => '86400000', - 'log.index.size.max.bytes' => '10485760', - 'log.index.interval.bytes' => '4096', - 'log.flush.interval.messages' => '', - 'log.flush.scheduler.interval.ms' => '3000', - 'log.flush.interval.ms' => '', - 'log.delete.delay.ms' => '60000', - 'log.flush.offset.checkpoint.interval.ms' => '60000', - 'auto.create.topics.enable' => true, - 'controller.socket.timeout.ms' => '30000', - 'controller.message.queue.size' => '10', - 'default.replication.factor' => '1', - 'replica.lag.time.max.ms' => '10000', - 'replica.lag.max.messages' => '4000', - 'replica.socket.timeout.ms' => '301000', - 'replica.socket.receive.buffer.bytes' => '641024', - 'replica.fetch.max.bytes' => '10241024', - 'replica.fetch.wait.max.ms' => '500', - 'replica.fetch.min.bytes' => '1', - 'num.replica.fetchers' => '1', - 'replica.high.watermark.checkpoint.interval.ms' => '5000', - 'fetch.purgatory.purge.interval.requests' => '10000', - 'producer.purgatory.purge.interval.requests' => '10000', - 'zookeeper.session.timeout.ms' => '6000', - 'zookeeper.connection.timeout.ms' => '6000', - 'zookeeper.sync.time.ms' => '2000', - 'controlled.shutdown.enable' => true, - 'controlled.shutdown.max.retries' => '3', - 'controlled.shutdown.retry.backoff.ms' => '5000', - 'auto.leader.rebalance.enable' => true, - 'leader.imbalance.per.broker.percentage' => '10', - 'leader.imbalance.check.interval.seconds' => '300', - 'offset.metadata.max.bytes' => '1024' - } - - #http://kafka.apache.org/documentation.html#consumerconfigs - $consumer_config_defaults = { - 'group.id' => '', - 'zookeeper.connect' => '', - 'consumer.id' => '', - 'socket.timeout.ms' => '30000', - 'socket.receive.buffer.bytes' => '65536', - 'fetch.message.max.bytes' => '1048576', - 'auto.commit.enable' => true, - 'auto.commit.interval.ms' => '10000', - 'queued.max.message.chunks' => '10', - 'rebalance.max.retries' => '4', - 'fetch.min.bytes' => '1', - 'fetch.wait.max.ms' => '100', - 'rebalance.backoff.ms' => '2000', - 'refresh.leader.backoff.ms' => '200', - 'auto.offset.reset' => 'largest', - 'consumer.timeout.ms' => '-1', - 'client.id' => '', - 'zookeeper.session.timeout.ms' => '6000', - 'zookeeper.connection.timeout.ms' => '6000', - 'zookeeper.sync.time.ms' => '2000' - } - - #http://kafka.apache.org/documentation.html#producerconfigs - $producer_config_defaults = { - 'metadata.broker.list' => '', - 'request.required.acks' => '0', - 'request.timeout.ms' => '10000', - 'producer.type' => 'sync', - 'serializer.class' => 'kafka.serializer.DefaultEncoder', - 'key.serializer.class' => '', - 'partitioner.class' => 'kafka.producer.DefaultPartitioner', - 'compression.codec' => 'none', - 'compressed.topics' => '', - 'message.send.max.retries' => '3', - 'retry.backoff.ms' => '100', - 'topic.metadata.refresh.interval.ms' => '600000', - 'queue.buffering.max.ms' => '5000', - 'queue.buffering.max.messages' => '10000', - 'queue.enqueue.timeout.ms' => '-1', - 'batch.num.messages' => '200', - 'send.buffer.bytes' => '102400', - 'client.id' => '' - } - - #https://cwiki.apache.org/confluence/pages/viewpage.action?pageId=27846330 - #https://kafka.apache.org/documentation.html#basic_ops_mirror_maker - $consumer_configs = ['/opt/kafka/config/consumer-1.properties'] - $producer_config = '/opt/kafka/config/producer.properties' - $num_streams = 2 - $num_producers = 1 - $whitelist = '.*' - $blacklist = '' - - $consumer_service_config = { - 'autocommit.interval.ms' => '60000', - 'blacklist' => '', - 'consumer-timeout-ms' => '-1', - 'csv-reporter-enabled' => '', - 'fetch-size' => '1048576', - 'formatter' => 'kafka.consumer.DefaultMessageFormatter', - 'from-beginning' => '', - 'group' => 'console-consumer-53705', - 'max-messages' => '', - 'max-wait-ms' => '100', - 'metrics-dir' => '', - 'min-fetch-bytes' => '1', - 'property' => '', - 'refresh-leader-backoff-ms' => '200', - 'skip-message-on-error' => '', - 'socket-buffer-size' => '2097152', - 'socket-timeout-ms' => '30000', - 'topic' => '', - 'whitelist' => '', - 'zookeeper' => '' - } - - $producer_service_config = { - 'batch-size' => '200', - 'broker-list' => '', - 'compress' => '', - 'key-serializer' => 'kafka.serializer.StringEncoder', - 'line-reader' => 'kafka.producer.ConsoleProducer$LineMessageReader', - 'message-send-max-retries' => '3', - 'property' => '', - 'queue-enqueuetimeout-ms' => '2147483647', - 'queue-size' => '10000', - 'request-required-acks' => '0', - 'request-timeout-ms' => '1500', - 'retry-backoff-ms' => '100', - 'socket-buffer-size' => '102400', - 'sync' => '', - 'timeout' => '1000', - 'topic' => '', - 'value-serializer' => 'kafka.serializer.StringEncoder' - } - -} diff --git a/kafka/manifests/producer.pp b/kafka/manifests/producer.pp deleted file mode 100644 index 1f79fafe8..000000000 --- a/kafka/manifests/producer.pp +++ /dev/null @@ -1,70 +0,0 @@ -# Author:: Liam Bennett (mailto:lbennett@opentable.com) -# Copyright:: Copyright (c) 2013 OpenTable Inc -# License:: MIT - -# == Class: kafka::producer -# -# This class will install kafka with the producer role. -# -# === Requirements/Dependencies -# -# Currently requires the puppetlabs/stdlib module on the Puppet Forge in -# order to validate much of the the provided configuration. -# -# === Parameters -# -# [*version*] -# The version of kafka that should be installed. -# -# [*scala_version*] -# The scala version what kafka was built with. -# -# [*install_dir*] -# The directory to install kafka to. -# -# [*mirror_url*] -# The url where the kafka is downloaded from. -# -# [*config*] -# A hash of the producer configuration options. -# -# [*install_java*] -# Install java if it's not already installed. -# -# [*package_dir*] -# The directory to install kafka. -# -# [*service_restart*] -# Boolean, if the configuration files should trigger a service restart -# -# === Examples -# -# Create the producer service connecting to a local zookeeper -# -# class { 'kafka::producer': -# config => { 'client.id' => '0', 'zookeeper.connect' => 'localhost:2181' } -# } -# -class kafka::producer ( - $version = $kafka::params::version, - $scala_version = $kafka::params::scala_version, - $install_dir = $kafka::params::install_dir, - $mirror_url = $kafka::params::mirror_url, - $config = $kafka::params::producer_config_defaults, - $install_java = $kafka::params::install_java, - $package_dir = $kafka::params::package_dir, - $service_restart = $kafka::params::service_restart -) inherits kafka::params { - - validate_re($::osfamily, 'RedHat|Debian\b', "${::operatingsystem} not supported") - validate_absolute_path($install_dir) - validate_re($mirror_url, '^(https?:\/\/)?([\da-z\.-]+)\.([a-z\.]{2,6})([\/\w \.-]*)*\/?$', "${mirror_url} is not a valid url") - validate_bool($install_java) - validate_absolute_path($package_dir) - validate_bool($service_restart) - - class { 'kafka::producer::install': } -> - class { 'kafka::producer::config': } -> - class { 'kafka::producer::service': } -> - Class['kafka::producer'] -} diff --git a/kafka/manifests/producer/config.pp b/kafka/manifests/producer/config.pp deleted file mode 100644 index 0ae651f91..000000000 --- a/kafka/manifests/producer/config.pp +++ /dev/null @@ -1,30 +0,0 @@ -# Author:: Liam Bennett (mailto:lbennett@opentable.com) -# Copyright:: Copyright (c) 2013 OpenTable Inc -# License:: MIT - -# == Class: kafka::producer::config -# -# This private class is meant to be called from `kafka::producer`. -# It manages the producer config files -# -class kafka::producer::config( - $config = {}, - $service_restart = $kafka::producer::service_restart -) { - - $producer_config = deep_merge($kafka::params::producer_config_defaults, $config) - - $config_notify = $service_restart ? { - true => Service['kafka'], - false => undef - } - - file { '/opt/kafka/config/producer.properties': - ensure => present, - mode => '0755', - content => template('kafka/producer.properties.erb'), - require => File['/opt/kafka/config'], - notify => $config_notify - } - -} diff --git a/kafka/manifests/producer/install.pp b/kafka/manifests/producer/install.pp deleted file mode 100644 index fab885209..000000000 --- a/kafka/manifests/producer/install.pp +++ /dev/null @@ -1,26 +0,0 @@ -# Author:: Liam Bennett (mailto:lbennett@opentable.com) -# Copyright:: Copyright (c) 2013 OpenTable Inc -# License:: MIT - -# == Class: kafka::producer::install -# -# This private class is meant to be called from `kafka::producer`. -# It downloads the package and installs it. -# -class kafka::producer::install { - - if $caller_module_name != $module_name { - fail("Use of private class ${name} by ${caller_module_name}") - } - - if !defined(Class['::kafka']) { - class { '::kafka': - version => $kafka::producer::version, - scala_version => $kafka::producer::scala_version, - install_dir => $kafka::producer::install_dir, - mirror_url => $kafka::producer::producer_url, - install_java => $kafka::producer::install_java, - package_dir => $kafka::producer::package_dir - } - } -} diff --git a/kafka/manifests/producer/service.pp b/kafka/manifests/producer/service.pp deleted file mode 100644 index 82e7df16a..000000000 --- a/kafka/manifests/producer/service.pp +++ /dev/null @@ -1,33 +0,0 @@ -# Author:: Liam Bennett (mailto:lbennett@opentable.com) -# Copyright:: Copyright (c) 2013 OpenTable Inc -# License:: MIT - -# == Class: kafka::producer::service -# -# This private class is meant to be called from `kafka::producer`. -# It manages the kafka-producer service -# -class kafka::producer::service( - $config = $kafka::params::producer_service_config -) { - - if $caller_module_name != $module_name { - fail("Use of private class ${name} by ${caller_module_name}") - } - - $producer_service_config = deep_merge($config, $kafka::params::producer_service_config) - - file { '/etc/init.d/kafka-producer': - ensure => present, - mode => '0755', - content => template('kafka/producer.init.erb') - } - - service { 'kafka-producer': - ensure => running, - enable => true, - hasstatus => true, - hasrestart => true, - require => File['/etc/init.d/kafka-producer'] - } -} diff --git a/kafka/metadata.json b/kafka/metadata.json deleted file mode 100644 index 010e67391..000000000 --- a/kafka/metadata.json +++ /dev/null @@ -1,36 +0,0 @@ -{ - "name": "puppet-kafka", - "version": "1.0.1", - "author": "puppet", - "license": "Apache 2.0", - "summary": "Module for managing apache kafka", - "source": "https://github.com/puppet-community/puppet-kafka", - "project_page": "https://github.com/puppet-community/puppet-kafka", - "issues_url": "https://github.com/puppet-community/puppet-kafka/issues", - "tags": ["apache","kafka"], - "operatingsystem_support": [ - { - "operatingsystem": "RedHat", - "operatingsystemrelease": ["5.0","6.0"] - }, - { "operatingsystem": "CentOS", - "operatingsystemrelease": ["5.0","6.0"] - }, - { "operatingsystem": "Debian", - "operatingsystemrelease": ["6.0","7.0"] - }, - { "operatingsystem": "Ubuntu", - "operatingsystemrelease": ["12.04","14.04"] - } - ], - "dependencies": [ - { - "name": "puppetlabs/stdlib", - "version_requirement": ">= 3.0.0 <5.0.0" - }, - { - "name": "puppetlabs/java", - "version_requirement": ">= 1.4.1 <2.0.0" - } - ] -} diff --git a/kafka/spec/acceptance/broker_spec.rb b/kafka/spec/acceptance/broker_spec.rb deleted file mode 100644 index 9b60c9243..000000000 --- a/kafka/spec/acceptance/broker_spec.rb +++ /dev/null @@ -1,79 +0,0 @@ -require 'spec_helper_acceptance' - -describe 'kafka::broker class' do - - context 'default parameters' do - # Using puppet_apply as a helper - it 'should work with no errors' do - if fact('osfamily') == 'RedHat' - pp = <<-EOS - class { 'java': - distribution => 'jre', - } -> - - class {'zookeeper': - packages => ['zookeeper', 'zookeeper-server'], - service_name => 'zookeeper-server', - initialize_datastore => true, - repo => 'cloudera', - } - EOS - - apply_manifest(pp, :catch_failures => true) - else - pp = <<-EOS - class { 'java': - distribution => 'jre', - } -> - - class {'zookeeper': - } - EOS - - apply_manifest(pp, :catch_failures => true) - end - - pp = <<-EOS - class { 'kafka::broker': - config => { 'broker.id' => '0', 'zookeeper.connect' => 'localhost:2181' } - } - EOS - - # Run it twice and test for idempotency - apply_manifest(pp, :catch_failures => true) - apply_manifest(pp, :catch_changes => true) - end - - describe user('kafka') do - it { should exist } - end - - describe group('kafka') do - it { should exist } - end - - describe file('/opt/kafka') do - it { should be_linked_to('/opt/kafka-2.10-0.8.2.1') } - end - - describe file('/opt/kafka/bin/kafka-server-start.sh') do - it { should be_file } - end - - describe file('/opt/kafka/config/server.properties') do - it { should be_file } - its(:content) { should match /broker\.id=0/ } - its(:content) { should match /log\.dirs=\/tmp\/kafka-logs/ } - its(:content) { should match /port=6667/ } - end - - describe file('/etc/init.d/kafka') do - it { should be_file } - end - - describe service('kafka') do - it { should be_running } - end - - end -end diff --git a/kafka/spec/acceptance/kafka_spec.rb b/kafka/spec/acceptance/kafka_spec.rb deleted file mode 100644 index efa6ae1ac..000000000 --- a/kafka/spec/acceptance/kafka_spec.rb +++ /dev/null @@ -1,44 +0,0 @@ -require 'spec_helper_acceptance' - -describe 'kafka class' do - - context 'default parameters' do - it 'should work with no errors' do - if fact('osfamily') == 'RedHat' - pp = <<-EOS - class { 'java': - distribution => 'jre', - } -> - - class {'zookeeper': - packages => ['zookeeper', 'zookeeper-server'], - service_name => 'zookeeper-server', - initialize_datastore => true, - repo => 'cloudera', - } - EOS - - apply_manifest(pp, :catch_failures => true) - else - pp = <<-EOS - class { 'java': - distribution => 'jre', - } -> - - class {'zookeeper': - } - EOS - - apply_manifest(pp, :catch_failures => true) - end - - pp = <<-EOS - class { 'kafka': } - EOS - - # Run it twice and test for idempotency - apply_manifest(pp, :catch_failures => true) - apply_manifest(pp, :catch_changes => true) - end - end -end diff --git a/kafka/spec/acceptance/nodesets/centos-511-x64.yml b/kafka/spec/acceptance/nodesets/centos-511-x64.yml deleted file mode 100644 index 6e8860981..000000000 --- a/kafka/spec/acceptance/nodesets/centos-511-x64.yml +++ /dev/null @@ -1,11 +0,0 @@ -HOSTS: - centos-511-x64: - roles: - - master - platform: el-5-x86_64 - box: puppetlabs/centos-5.11-64-nocm - box_url: puppetlabs/centos-5.11-64-nocm - hypervisor: vagrant -CONFIG: - log_level: verbose - type: git diff --git a/kafka/spec/acceptance/nodesets/centos-66-x64.yml b/kafka/spec/acceptance/nodesets/centos-66-x64.yml deleted file mode 100644 index a0c60d73f..000000000 --- a/kafka/spec/acceptance/nodesets/centos-66-x64.yml +++ /dev/null @@ -1,10 +0,0 @@ -HOSTS: - centos-66-x64: - roles: - - master - platform: el-6-x86_64 - box : puppetlabs/centos-6.6-64-nocm - box_url : puppetlabs/centos-6.6-64-nocm - hypervisor : vagrant -CONFIG: - type: foss diff --git a/kafka/spec/acceptance/nodesets/ubuntu-1204-x64.yml b/kafka/spec/acceptance/nodesets/ubuntu-1204-x64.yml deleted file mode 100644 index 78286c582..000000000 --- a/kafka/spec/acceptance/nodesets/ubuntu-1204-x64.yml +++ /dev/null @@ -1,10 +0,0 @@ -HOSTS: - ubuntu-1204-x64: - roles: - - master - platform: ubuntu-12.04-amd64 - box: puppetlabs/ubuntu-12.04-64-nocm - box_url: puppetlabs/ubuntu-12.04-64-nocm - hypervisor: vagrant -CONFIG: - type: foss diff --git a/kafka/spec/acceptance/nodesets/ubuntu-1404-x64.yml b/kafka/spec/acceptance/nodesets/ubuntu-1404-x64.yml deleted file mode 100644 index 7f61aa47a..000000000 --- a/kafka/spec/acceptance/nodesets/ubuntu-1404-x64.yml +++ /dev/null @@ -1,11 +0,0 @@ -HOSTS: - ubuntu-1404-x64: - roles: - - master - platform: ubuntu-14.04-amd64 - box: puppetlabs/ubuntu-14.04-64-nocm - box_url: puppetlabs/ubuntu-14.04-64-nocm - hypervisor: vagrant -CONFIG: - log_level: debug - type: git diff --git a/kafka/spec/classes/broker_spec.rb b/kafka/spec/classes/broker_spec.rb deleted file mode 100644 index 65749e198..000000000 --- a/kafka/spec/classes/broker_spec.rb +++ /dev/null @@ -1,84 +0,0 @@ -require 'spec_helper' - -describe 'kafka::broker' do - context 'supported operating systems' do - describe "kafka class without any parameters on Debian" do - let(:params) {{ }} - let(:facts) {{ - :osfamily => 'Debian', - :operatingsystem => 'ubuntu', - :operatingsystemrelease => '14.04', - :lsbdistcodename => 'lucid', - :architecture => 'amd64' - }} - - #it { should compile.with_all_deps } - - it { should contain_class('kafka::broker::install').that_comes_before('kafka::broker::config') } - it { should contain_class('kafka::broker::config').that_comes_before('kafka::broker::service') } - - it { should contain_class('java') } - - it { should contain_user('kafka') } - it { should contain_group('kafka') } - - it { should contain_exec('download-kafka-package') } - it { should contain_exec('untar-kafka-package') } - - it { should contain_file('/opt/kafka').with('ensure' => 'link') } - - it { should contain_file('/etc/init.d/kafka') } - - it { should contain_file('/opt/kafka/config/server.properties').that_notifies('Service[kafka]') } - - - it { should contain_file('/var/log/kafka').with('ensure' => 'directory') } - - it { should contain_service('kafka') } - end - - describe "kafka class without any parameters on RedHat" do - let(:params) {{ }} - let(:facts) {{ - :osfamily => 'RedHat', - :operatingsystem => 'centos', - :operatingsystemrelease => '6', - :architecture => 'amd64' - }} - - #it { should compile.with_all_deps } - - it { should contain_class('kafka::broker::install').that_comes_before('kafka::broker::config') } - it { should contain_class('kafka::broker::config').that_comes_before('kafka::broker::service') } - - it { should contain_class('java') } - - it { should contain_user('kafka') } - it { should contain_group('kafka') } - - it { should contain_exec('download-kafka-package') } - it { should contain_exec('untar-kafka-package') } - - it { should contain_file('/opt/kafka').with('ensure' => 'link') } - - it { should contain_file('/etc/init.d/kafka') } - - it { should contain_file('/opt/kafka/config/server.properties') } - it { should contain_file('/var/log/kafka').with('ensure' => 'directory') } - - it { should contain_service('kafka') } - end - end - - context 'unsupported operating system' do - describe 'kafka class without any parameters on Solaris/Nexenta' do - let(:facts) {{ - :osfamily => 'Solaris', - :operatingsystem => 'Nexenta', - :architecture => 'amd64' - }} - - it { expect { should contain_package('kafka') }.to raise_error(Puppet::Error, /Nexenta not supported/) } - end - end -end diff --git a/kafka/spec/classes/coverage_spec.rb b/kafka/spec/classes/coverage_spec.rb deleted file mode 100644 index 12513b83c..000000000 --- a/kafka/spec/classes/coverage_spec.rb +++ /dev/null @@ -1 +0,0 @@ -at_exit { RSpec::Puppet::Coverage.report! } diff --git a/kafka/spec/spec.opts b/kafka/spec/spec.opts deleted file mode 100644 index 91cd6427e..000000000 --- a/kafka/spec/spec.opts +++ /dev/null @@ -1,6 +0,0 @@ ---format -s ---colour ---loadby -mtime ---backtrace diff --git a/kafka/spec/spec_helper.rb b/kafka/spec/spec_helper.rb deleted file mode 100644 index 2c6f56649..000000000 --- a/kafka/spec/spec_helper.rb +++ /dev/null @@ -1 +0,0 @@ -require 'puppetlabs_spec_helper/module_spec_helper' diff --git a/kafka/spec/spec_helper_acceptance.rb b/kafka/spec/spec_helper_acceptance.rb deleted file mode 100644 index 6ea523191..000000000 --- a/kafka/spec/spec_helper_acceptance.rb +++ /dev/null @@ -1,29 +0,0 @@ -require 'beaker-rspec' - -unless ENV['RS_PROVISION'] == 'no' or ENV['BEAKER_provision'] == 'no' - foss_opts = { :default_action => 'gem_install' } - - install_puppet( foss_opts ) -end - -RSpec.configure do |c| - proj_root = File.expand_path(File.join(File.dirname(__FILE__), '..')) - - c.formatter = :documentation - - c.before :suite do - hosts.each do |host| - c.host = host - - path = (File.expand_path(File.dirname(__FILE__)+'/../')).split('/') - name = path[path.length-1].split('-')[1] - - copy_module_to(host, :source => proj_root, :module_name => name) - - on host, puppet('module install puppetlabs-stdlib --version 4.5.1'), { :acceptable_exit_codes => [0] } - on host, puppet('module install puppetlabs-java --version 1.3.0'), { :acceptable_exit_codes => [0] } - on host, puppet('module install deric-zookeeper --version 0.3.5'), { :acceptable_exit_codes => [0] } - - end - end -end diff --git a/kafka/templates/consumer.init.erb b/kafka/templates/consumer.init.erb deleted file mode 100644 index fe606c8b8..000000000 --- a/kafka/templates/consumer.init.erb +++ /dev/null @@ -1,85 +0,0 @@ -#!/bin/sh - -NAME=kafka-consumer -PID_FILE=/var/run/$NAME.pid - -DAEMON="/opt/kafka/bin/kafka-console-consumer.sh" -DAEMON_OPTS="<%- @consumer_service_config.sort.each do |k,v| -%> --<%= k -%><%= v %><%- end -%>" - -start() { - if [ -f $PID_FILE ] - then - PID=`cat $PID_FILE` - if [ -z "`ps -ef | awk '{print $2}' | grep "^$PID$"`" ]; then - echo "\n$PID_FILE exists, process is already running" - exit 0 - else - echo "\n$PID_FILE exists but the process is not running. Deleting $PID_FILE and re-trying" - rm -f $PID_FILE - start - fi - else - exec $DAEMON $DAEMON_OPTS >> /var/log/kafka/consumer.log 2>&1 & - sleep 2 - PID=`ps ax | grep -E '[k]afka-console-consumer' | awk '{print $1}'` - echo $PID > $PID_FILE; - echo "\n$NAME started" - fi -} - -stop() { - if [ ! -f $PID_FILE ] - then - echo "\n$PID_FILE does not exist, process is not running" - return 1 - else - kill `cat $PID_FILE`; - rm -f $PID_FILE; - echo "\n$NAME stopped" - return 0 - fi -} - -status() { - if [ -f $PID_FILE ] - then - PID=`cat $PID_FILE` - if [ -z "`ps -ef | awk '{print $2}' | grep "^$PID$"`" ] - then - echo "$NAME stopped but pid file exists" - exit 1 - else - echo "$NAME running with pid $PID" - exit 0 - fi - else - echo "$NAME stopped" - exit 1 - fi -} - -case "$1" in - status) - status - ;; - start) - echo -n "Starting daemon: "$NAME - start - ;; - stop) - echo -n "Stopping daemon: "$NAME - stop - ;; - restart) - echo -n "Restarting daemon: "$NAME - stop - sleep 2 - start - ;; - - *) - echo "Usage: "$1" {status|start|stop|restart}" - exit 1 -esac - -exit 0 diff --git a/kafka/templates/consumer.properties.erb b/kafka/templates/consumer.properties.erb deleted file mode 100644 index ad14efa5e..000000000 --- a/kafka/templates/consumer.properties.erb +++ /dev/null @@ -1,9 +0,0 @@ -# Note: This file is managed by Puppet. -# -# See: http://kafka.apache.org/documentation.html#consumerconfigs for more details -<%- @consumer_config.sort.each do |k,v| - if v.to_s.strip.length != 0 -%> -<%= k %>=<%= v %> -<%- end -end --%> diff --git a/kafka/templates/init.erb b/kafka/templates/init.erb deleted file mode 100644 index da9bfc2e7..000000000 --- a/kafka/templates/init.erb +++ /dev/null @@ -1,98 +0,0 @@ -#!/bin/sh -# -# Init file for Apache Kafka -# -# chkconfig: 35 85 15 -# description: Apache Kafka is a distributed publish-subscribe messaging system -# pidfile: /var/run/kafka.pid - -NAME=kafka -PID_FILE=/var/run/$NAME.pid -KAFKA_USER=kafka - -DAEMON="/opt/kafka/bin/kafka-server-start.sh" -DAEMON_OPTS="/opt/kafka/config/server.properties" - -export KAFKA_JMX_OPTS="-Dcom.sun.management.jmxremote -Dcom.sun.management.jmxremote.authenticate=false -Dcom.sun.management.jmxremote.ssl=false -Dcom.sun.management.jmxremote.port=9990" - -start() { - ulimit -n 65536 - ulimit -s 10240 - ulimit -c unlimited - if [ -f $PID_FILE ] - then - PID=`cat $PID_FILE` - if [ ! -z "`ps -ef | awk '{print $2}' | grep "^$PID$"`" ] - then - echo "$PID_FILE exists, process is already running" - exit 0 - else - echo "$PID_FILE exists but the process is not running. Deleting $PID_FILE and re-trying" - rm -f $PID_FILE - start - fi - else - /sbin/runuser $KAFKA_USER -c "KAFKA_JMX_OPTS=\"$KAFKA_JMX_OPTS\" $DAEMON $DAEMON_OPTS > /var/log/kafka/server.out 2> /var/log/kafka/server.err &" - sleep 2 - PID=`ps ax | grep -E '[k]afka.Kafka' | awk '{print $1}'` - echo $PID > $PID_FILE; - echo "$NAME started" - fi -} - -stop() { - if [ ! -f $PID_FILE ] - then - echo "$PID_FILE does not exist, process is not running" - return 1 - else - kill `cat $PID_FILE`; - rm -f $PID_FILE; - echo "$NAME stopped" - return 0 - fi -} - -status() { - if [ -f $PID_FILE ] - then - PID=`cat $PID_FILE` - if [ -z "`ps -ef | awk '{print $2}' | grep "^$PID$"`" ] - then - echo "$NAME stopped but pid file exists" - exit 1 - else - echo "$NAME running with pid $PID" - exit 0 - fi - else - echo "$NAME stopped" - exit 1 - fi -} - -case "$1" in - status) - status - ;; - start) - echo "Starting daemon: "$NAME - start - ;; - stop) - echo "Stopping daemon: "$NAME - stop - ;; - restart) - echo "Restarting daemon: "$NAME - stop - sleep 2 - start - ;; - - *) - echo "Usage: "$1" {status|start|stop|restart}" - exit 1 -esac - -exit 0 diff --git a/kafka/templates/mirror.init.erb b/kafka/templates/mirror.init.erb deleted file mode 100644 index c735b142e..000000000 --- a/kafka/templates/mirror.init.erb +++ /dev/null @@ -1,88 +0,0 @@ -#!/bin/sh - -NAME=kafka-mirror -PID_FILE=/var/run/$NAME.pid - -DAEMON="/opt/kafka/bin/kafka-run-class.sh" -DAEMON_OPTS="kafka.tools.MirrorMaker <%- @consumer_config.sort.each do |c| -%> --consumer.config /opt/kafka/config/<%= c[0] -%>.properties<%- end -%> --num.streams <%= @num_streams -%> --producer.config <%= @producer_config -%> --num.producers <%= num_producers -%><%- if !@whitelist.eql?('') -%> --whitelist=\"<%= @whitelist -%>\"<%- end %><%- if !@blacklist.eql?('') -%> --blacklist=\"<%= @blacklist -%>\"<%- end -%>" - -start() { - ulimit -n 65536 - ulimit -s 10240 - ulimit -c unlimited - if [ -f $PID_FILE ] - then - PID=`cat $PID_FILE` - if [ -z "`ps -ef | awk '{print $2}' | grep "^$PID$"`" ]; then - echo "\n$PID_FILE exists, process is already running" - exit 0 - else - echo "\n$PID_FILE exists but the process is not running. Deleting $PID_FILE and re-trying" - rm -f $PID_FILE - start - fi - else - exec $DAEMON $DAEMON_OPTS >> /var/log/kafka/mirror.log 2>&1 & - sleep 2 - PID=`ps ax | grep -E '[k]afka.tools.MirrorMaker' | awk '{print $1}'` - echo $PID > $PID_FILE; - echo "\n$NAME started" - fi -} - -stop() { - if [ ! -f $PID_FILE ] - then - echo "\n$PID_FILE does not exist, process is not running" - return 1 - else - kill `cat $PID_FILE`; - rm -f $PID_FILE; - echo "\n$NAME stopped" - return 0 - fi -} - -status() { - if [ -f $PID_FILE ] - then - PID=`cat $PID_FILE` - if [ -z "`ps -ef | awk '{print $2}' | grep "^$PID$"`" ] - then - echo "$NAME stopped but pid file exists" - exit 1 - else - echo "$NAME running with pid $PID" - exit 0 - fi - else - echo "$NAME stopped" - exit 1 - fi -} - -case "$1" in - status) - status - ;; - start) - echo -n "Starting daemon: "$NAME - start - ;; - stop) - echo -n "Stopping daemon: "$NAME - stop - ;; - restart) - echo -n "Restarting daemon: "$NAME - stop - sleep 2 - start - ;; - - *) - echo "Usage: "$1" {status|start|stop|restart}" - exit 1 -esac - -exit 0 diff --git a/kafka/templates/producer.properties.erb b/kafka/templates/producer.properties.erb deleted file mode 100644 index f244fdae8..000000000 --- a/kafka/templates/producer.properties.erb +++ /dev/null @@ -1,9 +0,0 @@ -# Note: This file is managed by Puppet. -# -# See: http://kafka.apache.org/documentation.html#producerconfigs for more details -<%- @producer_config.sort.each do |k,v| - if v.to_s.strip.length != 0 -%> -<%= k %>=<%= v %> -<%- end -end --%> diff --git a/kafka/templates/server.properties.erb b/kafka/templates/server.properties.erb deleted file mode 100644 index 47f6e9f8b..000000000 --- a/kafka/templates/server.properties.erb +++ /dev/null @@ -1,9 +0,0 @@ -# Note: This file is managed by Puppet. -# -# See: http://kafka.apache.org/documentation.html#brokerconfigs for more details -<%- @server_config.sort.map do |k,v| - if v.to_s.strip.length != 0 %> -<%= k %>=<%= v %> -<%- end -end -%> diff --git a/keepalived/.fixtures.yml b/keepalived/.fixtures.yml deleted file mode 100644 index 634302fcd..000000000 --- a/keepalived/.fixtures.yml +++ /dev/null @@ -1,7 +0,0 @@ -fixtures: - repositories: - "concat": - repo: "git://github.com/puppetlabs/puppetlabs-concat.git" - ref: '1.0.0' - symlinks: - "keepalived": "#{source_dir}" diff --git a/keepalived/.gitignore b/keepalived/.gitignore deleted file mode 100644 index 66ebfdbf3..000000000 --- a/keepalived/.gitignore +++ /dev/null @@ -1,2 +0,0 @@ -pkg -*~ diff --git a/keepalived/Gemfile b/keepalived/Gemfile deleted file mode 100644 index 3d6545e57..000000000 --- a/keepalived/Gemfile +++ /dev/null @@ -1,15 +0,0 @@ -source 'https://rubygems.org' - -group :development, :test do - gem 'rake', :require => false - gem 'puppetlabs_spec_helper', :require => false - gem 'puppet-lint', :require => false -end - -if puppetversion = ENV['PUPPET_GEM_VERSION'] - gem 'puppet', puppetversion, :require => false -else - gem 'puppet', :require => false -end - -# vim:ft=ruby diff --git a/keepalived/LICENSE b/keepalived/LICENSE deleted file mode 100644 index 435dd9d4a..000000000 --- a/keepalived/LICENSE +++ /dev/null @@ -1,13 +0,0 @@ - Copyright 2012 Bruno LEON - - Licensed under the Apache License, Version 2.0 (the "License"); - you may not use this file except in compliance with the License. - You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - - Unless required by applicable law or agreed to in writing, software - distributed under the License is distributed on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - See the License for the specific language governing permissions and - limitations under the License. diff --git a/keepalived/Modulefile b/keepalived/Modulefile deleted file mode 100644 index 3d2be7872..000000000 --- a/keepalived/Modulefile +++ /dev/null @@ -1,10 +0,0 @@ -name 'unyonsys-keepalived' -version '0.0.2' -author 'Bruno LEON' -license 'Apache License, Version 2.0' -summary 'Keepalived module' -description 'Manage keepalived instances' -project_page 'https://github.com/Unyonsys/puppet-module-keepalived/' - -## Add dependencies, if any: -dependency 'puppetlabs/concat', '>=1.0.0 <2.0.0' diff --git a/keepalived/README.md b/keepalived/README.md deleted file mode 100644 index 90aba3bed..000000000 --- a/keepalived/README.md +++ /dev/null @@ -1,56 +0,0 @@ -keepalived - -This is the keepalived module. - -License -------- - -Apache2 - -Contact -------- - -bruno.leon@unyonsys.com - -Parameters -========== - -[*notification_email_to*] = [ "root@${domain}" ] - An array of emails to send notifications to - -[*notification_email_from*] = "keepalived@${domain}" - The source adress of notification messages - -[*smtp_server*] = 'localhost' - The SMTP server to use to send notifications. - -[*smtp_connect_timeout*] = '30' - The SMTP server to use to send notifications. - -[*router_id*] = $::hostname - The router_id identifies us on the network. - -Variables -========= - -[*$keepalived::variables::keepalived_conf*] - Path to keepalived.conf configuration file - -Examples -======== - - class { keepalived: } - keepalived::instance { '50': - interface => 'eth0', - virtual_ips => [ '192.168.200.17 dev eth0' ], - state => hiera( "keepalived_50_state" ), - priority => hiera( "keepalived_50_priority" ), - } - -Developement -============ - -You can run the test-suite with the following commands: - - bundle exec rake spec - bundle exec rake lint diff --git a/keepalived/Rakefile b/keepalived/Rakefile deleted file mode 100644 index 4c2b2ed07..000000000 --- a/keepalived/Rakefile +++ /dev/null @@ -1,6 +0,0 @@ -require 'puppetlabs_spec_helper/rake_tasks' -require 'puppet-lint/tasks/puppet-lint' - -PuppetLint.configuration.fail_on_warnings = true -PuppetLint.configuration.send('disable_80chars') -PuppetLint.configuration.send('disable_class_parameter_defaults') diff --git a/keepalived/manifests/config.pp b/keepalived/manifests/config.pp deleted file mode 100644 index 763727262..000000000 --- a/keepalived/manifests/config.pp +++ /dev/null @@ -1,19 +0,0 @@ -class keepalived::config ( - $notification_email_to, - $notification_email_from, - $smtp_server, - $smtp_connect_timeout, - $router_id, - $static_ipaddress -) { - - concat { $keepalived::variables::keepalived_conf: - warn => true, - } - - concat::fragment { 'global_config': - target => $keepalived::variables::keepalived_conf, - content => template( "${module_name}/global_config.erb" ), - order => '01', - } -} diff --git a/keepalived/manifests/init.pp b/keepalived/manifests/init.pp deleted file mode 100644 index aa3ff25fd..000000000 --- a/keepalived/manifests/init.pp +++ /dev/null @@ -1,69 +0,0 @@ -# == Class: keepalived -# -# This class setup the basis for keeapalive, knowingly package installation -# and some global variables. -# -# The keepalived::instance define depends on this class. -# -# === Parameters -# -# [*notification_email_to*] = [ "root@${domain}" ] -# An array of emails to send notifications to -# -# [*notification_from*] = "keepalived@${domain}" -# The source adress of notification messages -# -# [*smtp_server*] = 'localhost' -# The SMTP server to use to send notifications. -# -# [*smtp_connect_timeout*] = '30' -# The SMTP server to use to send notifications. -# -# [*router_id*] = $::hostname -# The router_id identifies us on the network. -# -# === Variables -# -# [*$keepalived::variables::keepalived_conf*] -# Path to keepalived.conf configuration file -# -# === Examples -# -# class { keepalived: } -# -# === Authors -# -# Author Name -# -# === Copyright -# -# Copyright 2012 Bruno LEON, unless otherwise noted. -# -class keepalived ( - $notification_email_to = [ "root@${::domain}" ], - $notification_email_from = "keepalived@${::domain}", - $smtp_server = 'localhost', - $smtp_connect_timeout = '30', - $router_id = $::hostname, - $static_ipaddress = [], -) { - - Class[ "${module_name}::install" ] -> - Class[ "${module_name}::config" ] ~> - Class[ "${module_name}::service" ] - - include "${module_name}::variables" - include "${module_name}::install" - class { "${module_name}::config": - notification_email_to => $keepalived::notification_email_to, - notification_email_from => $keepalived::notification_email_from, - smtp_server => $keepalived::smtp_server, - smtp_connect_timeout => $keepalived::smtp_connect_timeout, - router_id => $keepalived::router_id, - static_ipaddress => $keepalived::static_ipaddress, - } - include "${module_name}::service" - - $keepalived_instance = hiera('keepalived::instance', {} ) - create_resources('keepalived::instance', $keepalived_instance ) -} diff --git a/keepalived/manifests/install.pp b/keepalived/manifests/install.pp deleted file mode 100644 index 5f4a50c20..000000000 --- a/keepalived/manifests/install.pp +++ /dev/null @@ -1,5 +0,0 @@ -class keepalived::install { - package { 'keepalived': - ensure => present, - } -} diff --git a/keepalived/manifests/instance.pp b/keepalived/manifests/instance.pp deleted file mode 100644 index 94e5150da..000000000 --- a/keepalived/manifests/instance.pp +++ /dev/null @@ -1,35 +0,0 @@ -define keepalived::instance ( - $interface, - $virtual_ips, - $state, - $priority, - $track_script = [], - $notify = undef, - $notify_master = undef, - $notify_backup = undef, - $notify_fault = undef, - $smtp_alert = false, - $nopreempt = false, - $advert_int = '1', - $auth_type = undef, - $auth_pass = undef, - $virtual_router_id = $name, - $virtual_routes = [], -) { - - validate_array( $virtual_ips, - $track_script, - $virtual_routes ) - - include keepalived::variables - - Keepalived::Vrrp_script[ $track_script ] -> Keepalived::Instance[ $name ] - - concat::fragment { "keepalived_${name}": - target => $keepalived::variables::keepalived_conf, - content => template( 'keepalived/keepalived_instance.erb' ), - order => '50', - notify => Class[ 'keepalived::service' ], - require => Class[ 'keepalived::install' ], - } -} diff --git a/keepalived/manifests/service.pp b/keepalived/manifests/service.pp deleted file mode 100644 index 770797070..000000000 --- a/keepalived/manifests/service.pp +++ /dev/null @@ -1,8 +0,0 @@ -class keepalived::service { - service { 'keepalived': - ensure => running, - enable => true, - hasstatus => false, - pattern => 'keepalived', - } -} diff --git a/keepalived/manifests/variables.pp b/keepalived/manifests/variables.pp deleted file mode 100644 index 386c04f22..000000000 --- a/keepalived/manifests/variables.pp +++ /dev/null @@ -1,3 +0,0 @@ -class keepalived::variables { - $keepalived_conf = '/etc/keepalived/keepalived.conf' -} diff --git a/keepalived/manifests/vrrp_script.pp b/keepalived/manifests/vrrp_script.pp deleted file mode 100644 index 82b6f2539..000000000 --- a/keepalived/manifests/vrrp_script.pp +++ /dev/null @@ -1,28 +0,0 @@ -define keepalived::vrrp_script ( - $name_is_process = false, - $script = undef, - $interval = '2', - $weight = '2', -) { - - include keepalived::variables - - if (! $name_is_process) and (! $script) { - fail('You must pass either name_is_process or script.') - } - if ($name_is_process) and ($script) { - fail('You must pass either name_is_process or script, not both.') - } - $script_real = $name_is_process ? { - true => "killall -0 ${name}", - false => $script, - } - - concat::fragment { "keepalived_vrrp_script_${name}": - target => $keepalived::variables::keepalived_conf, - content => template( 'keepalived/keepalived_vrrp_script.erb' ), - order => '20', - notify => Class[ 'keepalived::service' ], - require => Class[ 'keepalived::install' ], - } -} diff --git a/keepalived/templates/global_config.erb b/keepalived/templates/global_config.erb deleted file mode 100644 index 81982cca3..000000000 --- a/keepalived/templates/global_config.erb +++ /dev/null @@ -1,17 +0,0 @@ -global_defs { - notification_email { - <% notification_email_to.each do |email| -%> - <%= email %> - <% end -%>} - notification_email_from <%= @notification_email_from %> - smtp_server <%= @smtp_server %> - smtp_connect_timeout <%= @smtp_connect_timeout %> - router_id <%= @router_id %> -} - -static_ipaddress { - <% @static_ipaddress.each do |vip| -%> - <%= vip %> - <% end %> -} - diff --git a/keepalived/templates/keepalived_instance.erb b/keepalived/templates/keepalived_instance.erb deleted file mode 100644 index 9bbc5ef45..000000000 --- a/keepalived/templates/keepalived_instance.erb +++ /dev/null @@ -1,58 +0,0 @@ -vrrp_instance <%= @name %> { - virtual_router_id <%= @virtual_router_id %> - - # Advert interval - advert_int <%= @advert_int %> - - # for electing MASTER, highest priority wins. - priority <%= @priority %> - state <%= @state %> - - interface <%= @interface %> - - virtual_ipaddress { -<% if @virtual_ips.is_a? Hash then -%> -<% @virtual_ips.each do |vip, label| -%> - <%= vip -%> label <%= @interface -%>:<%= label %> - <% end %> - <% else %> - <% @virtual_ips.uniq.each do |vip| -%> - <%= vip %> -<% end -%> -<% end -%> - } - -<% if @virtual_routes.length > 0 then -%> - virtual_routes { -<% @virtual_routes.each do |vroute| -%> - <%= vroute %> -<% end -%> - } -<% end -%> -<% if @track_script.length > 0 then -%> - track_script { -<% @track_script.each do |script| -%> - <%= script %> -<% end -%> - } -<% end -%> -<% if @auth_type and @auth_pass then -%> - authentication { - auth_type <%= @auth_type %> - auth_pass <%= @auth_pass %> - } -<% end -%> - -<% if @notify then -%> - notify <%= @notify %> -<% end -%> -<% if @notify_master then -%> - notify_master <%= @notify_master %> -<% end -%> -<% if @notify_backup then -%> - notify_backup <%= @notify_backup %> -<% end -%> - -<% if @smtp_alert then -%>smtp_alert<% end %> -<% if @nopreempt then -%>nopreempt<% end %> -} diff --git a/keepalived/templates/keepalived_vrrp_script.erb b/keepalived/templates/keepalived_vrrp_script.erb deleted file mode 100644 index b522461fd..000000000 --- a/keepalived/templates/keepalived_vrrp_script.erb +++ /dev/null @@ -1,5 +0,0 @@ -vrrp_script <%= @name %> { - script "<%= @script_real %>" - interval <%= @interval %> - weight <%= @weight %> -} diff --git a/keepalived/tests/init.pp b/keepalived/tests/init.pp deleted file mode 100644 index e7166d4d4..000000000 --- a/keepalived/tests/init.pp +++ /dev/null @@ -1,11 +0,0 @@ -# The baseline for module testing used by Puppet Labs is that each manifest -# should have a corresponding test manifest that declares that class or defined -# type. -# -# Tests are then run by using puppet apply --noop (to check for compilation errors -# and view a log of events) or by fully applying the test in a virtual environment -# (to compare the resulting system state to the desired state). -# -# Learn more about module testing here: http://docs.puppetlabs.com/guides/tests_smoke.html -# -include keepalived diff --git a/keystone/.gitignore b/keystone/.gitignore deleted file mode 100644 index 61092bdaf..000000000 --- a/keystone/.gitignore +++ /dev/null @@ -1,15 +0,0 @@ -pkg/ -Gemfile.lock -vendor/ -spec/fixtures/ -.vagrant/ -.bundle/ -coverage/ -.idea/ -*.swp -*.iml -openstack/ - -# Files created by releasenotes build -releasenotes/build -.tox diff --git a/keystone/.gitreview b/keystone/.gitreview deleted file mode 100644 index 00c185c77..000000000 --- a/keystone/.gitreview +++ /dev/null @@ -1,5 +0,0 @@ -[gerrit] -host=review.openstack.org -port=29418 -project=openstack/puppet-keystone.git -defaultbranch=stable/mitaka diff --git a/keystone/.sync.yml b/keystone/.sync.yml deleted file mode 100644 index 0912631ba..000000000 --- a/keystone/.sync.yml +++ /dev/null @@ -1,3 +0,0 @@ ---- -spec/spec_helper.rb: - unmanaged: true diff --git a/keystone/CHANGELOG.md b/keystone/CHANGELOG.md deleted file mode 100644 index f2425b764..000000000 --- a/keystone/CHANGELOG.md +++ /dev/null @@ -1,340 +0,0 @@ -## 8.0.0 and beyond - -From 8.0.0 release and beyond, release notes are published on -[docs.openstack.org](http://docs.openstack.org/releasenotes/puppet-keystone/). - -## 8.0.0 and beyond - -From 8.0.0 release and beyond, release notes are published on -[docs.openstack.org](http://docs.openstack.org/releasenotes/puppet-keystone/). - - -##2015-11-24 - 7.0.0 -###Summary - -This is a backwards-incompatible major release for OpenStack Liberty. - -####Backwards-incompatible changes -- move openstackclient install to keystone::client -- add composite namevar for tenant, user, user_role (see examples/*.pp and - documentation) -- remove deprecated mysql_module -- deletes tenant parameter from keystone_user (it was deprecated) - -####Features -- add support for RabbitMQ connection heartbeat -- add tag to package and service resources -- validate service_identity resources -- add an ability to manage use_stderr parameter -- clarify the origin of provider warning messages -- reflect provider change in puppet-openstacklib -- adding wsgi log formatting -- if running eventlet, send deprecation warning -- authentication URLs and endpoint clarity re-factor -- add additional memcache configuration options -- add custom fragment to vhost -- keystone_endpoint provider for Keystone v3 api -- db: use postgresql lib class for psycopg package -- replace indirection calls which should help speed up performance - when you have many users, tenants, and role assignments -- put all the logging related parameters to the logging class -- K2K federation support -- domain checking to deprecate no domain name usage: - (all Keystone domain scoped resources should have a domain specified - e.g. keystone_user { 'name': domain => 'some_domain' } ) -- allow customization of db sync command line -- introduce keystone::db class -- endpoints can be APIs version-less -- keystone_endpoint match service by name/type. - -####Bugfixes -- fix module install reference -- rely on autorequire for config resource ordering -- use Ubuntu provided wsgi.py for keystone.wsgi -- fix default domain -- fix *_workers config settings -- wsgi: make sure keystone service is stopped before starting httpd - -####Maintenance -- acceptance: bump to Liberty release -- initial msync run for all Puppet OpenStack modules -- acceptance/eventlet: make sure apache is stopped -- try to use zuul-cloner to prepare fixtures - -##2015-10-15 - 6.1.0 -###Summary - -This is a features and bugfixes release in the Kilo series. - -####Features -- Allow to change archive destination -- admin_user_domain and admin_project_domain can now be equal - - -####Bugfixes -- Allow to use the wrong resource name for Keystone_user and Keystone_tenant -- Allow to use the wrong value for default_domain_id -- Fixes get_section for future use -- Domain name from id lookups return empty -- Fixes get_section for future use -- WSGI: use real service name in restart_keystone Exec -- v3: make sure default domain is created before any other resource -- Use an Anchor when service is managed - -####Maintenance -- Authentication URLs and endpoint clarity re-factor -- Purely cosmetic change on keystone provider -- Fix rspec 3.x syntax -- acceptance: run keystone in a WSGI server -- acceptance: checkout stable/kilo puppet modules - - -##2015-07-08 - 6.0.0 -###Summary - -This is a backwards-incompatible major release for OpenStack Kilo. - -####Backwards-incompatible changes -- Remove deprecated parameters -- MySQL: change default MySQL collate to utf8_general_ci -- Move openstackclient to openstacklib - -####Features -- Puppet 4.x support -- Support Keystone v3 API -- Allow disabling or delaying the token_flush cron -- Migrate postgresql backend to use openstacklib::db::postgresql -- Add max_token_size optional parameter -- Add admin_workers and public_workers configuration options -- Add support for LDAP connection pools -- Add a package ensure for openstackclient -- Enable setting the revoke/token driver -- Add manage_service feature -- Makes distinct use of url vs auth_url -- Create a sync_db boolean for Keystone -- LDAP: add support to configure credential driver -- Support notification_format -- Allow custom file source for wsgi scripts -- Decouple sync_db from enabled -- Add support for Fernet Tokens - -####Bugfixes -- Crontab: ensure the script is run with bash shell -- Copy latest keystone.py from Keystone upstream -- Fix deprecated LDAP config options -- Fix service keystone conflict when running in apache - -####Maintenance -- Acceptance tests with Beaker -- Fix spec tests for RSpec 3.x and Puppet 4.x -- Restructures authentication for resource providers - -##2015-06-17 - 5.1.0 -###Summary - -This is a features and bugfixes release in the Juno series. - -####Features -- Allow disabling or delaying the token_flush cron -- Use openstackclient for keystone_* providers -- Switch to TLSv1 -- Handle missing project/tenant when using ldap backend -- Add support for LDAP connection pools -- Support the ldap user_enabled_invert parameter -- Tag packages with 'openstack' -- Add ::keystone::policy class for policy management -- New option replace_password for keystone_user -- Set WSGI process display-name -- Add native types for keystone paste configuration - -####Bugfixes -- crontab: ensure the script is run with shell -- service_identity: add user/role ordering -- Fix password check for SSL endpoints -- Add require json for to_json dependency -- Sync keystone.py with upstream to function with Juno -- Allow Keystone to be queried when using IPv6 ::0 - -####Maintenance -* spec: pin rspec-puppet to 1.0.1 -* Pin puppetlabs-concat to 1.2.1 in fixtures -* Update .gitreview file for project rename - -##2014-11-24 - 5.0.0 -###Summary - -This is a backwards-incompatible major release for OpenStack Juno. - -####Backwards-incompatible changes -- Update token driver, logging, and ldap config parameters for Juno -- Make UUID the default token provider -- Migrate the keystone::db::mysql class to use openstacklib::db::mysql, adding - dependency on openstacklib - -####Features -- Change admin_roles parameter to accept an array in order to configure - multiple admin roles -- Add new parameters to keystone class to configure pki signing -- Add parameters to control whether to configure users -- Deprecate the mysql_module parameter -- Enable setting cert and key paths for PKI token signing -- Add parameters for SSL communication between keystone and rabbitmq -- Add parameter ignore_default_tenant to keystone::role::admin -- Add parameter service_provider to keystone class -- Add parameters for service validation to keystone class - -####Bugfixes -- Install python-ldappool package for ldap -- Change keystone class to inherit from keystone::params -- Change pki_setup to run regardless of token provider -- Stop managing _member_ role since it is created automatically -- Stop overriding token_flush log file -- Change the usage of admin_endpoint to not include the API version -- Allow keystone_user_role to accept email as username -- Add ability to set up keystone using Apache mod_wsgi -- Make keystone_user_role idempotent -- Install python-memcache when using token driver memcache - -##2014-10-16 - 4.2.0 -###Summary - -This is a feature and bugfix release in the Icehouse series. - -####Features -- Add class for extended logging options -- Add parameters to set tenant descriptions - -####Bugfixes -- Fix rabbit password leaking -- Fix keystone user authorization error handling - -##2014-06-19 - 4.1.0 -###Summary - -This is a feature and bugfix release in the Icehouse series. - -####Features -- Add token flushing with cron - -####Bugfixes -- Update database api for consistency with other projects -- Fix admin_token with secret parameter -- Fix deprecated catalog driver - -##2014-05-05 - 4.0.0 -###Summary - -This is a major release for OpenStack Icehouse but contains no API-breaking -changes. - -####Features -* Add template_file parameter to specify catalog -* Add keystone::config to handle additional custom options -* Add notification parameters -* Add support for puppetlabs-mysql 2.2 and greater - -####Bugfixes -- Fix deprecated sql section header in keystone.conf -- Fix deprecated bind_host parameter -- Fix example for native type keystone_service -- Fix LDAP module bugs -- Fix variable for host_access dependency -- Reduce default token duration to one hour - -##2014-04-15 - 3.2.0 -###Summary - -This is a feature and bugfix release in the Havana series. - -####Features -- Add ability to configure any catalog driver - -####Bugfixes -- Ensure log_file is absent when using syslog - -##2014-03-28 - 3.1.1 -###Summary - -This is a bugfix release in the Havana series. - -####Bugfixes -- Fix inconsistent variable for mysql allowed hosts - -##2014-03-26 - 3.1.0 -###Summary - -This is a feature and bugfix release in the Havana series. - -####Features -- Add ability to disable pki_setup -- Add log_dir param, with option to disable -- Add support to enable SSL - -####Bugfixes -- Load tenant un-lazily if needed -- Update endpoint argument -- Remove setting of Keystone endpoint by default -- Relax regex when keystone refuses connections - -##2014-01-16 - 3.0.0 -###Summary - -This is a backwards-incompatible major release for OpenStack Havana. - -####Backwards-incompatible changes -- Move db_sync to its own class -- Remove creation of Member role -- Switch from signing/format to token/provider - -####Features -- Create memcache_servers option to allow for multiple cache servers -- Enable serving Keystone from Apache mod_wsgi -- Improve performance of Keystone providers -- Update endpoints to support paths and ssl -- Add support for token expiration parameter - -####Bugfixes -- Fix duplicated keystone endpoints -- Refactor keystone_endpoint to use prefetch and flush paradigm - -##2013-10-07 - 2.2.0 -###Summary - -This is a feature and bugfix release in the Grizzly series. - -####Features -- Optimized tenant and user queries -- Added syslog support -- Added support for token driver backend - -####Bugfixes -- Various bug and lint fixes - -##2013-08-06 - 2.1.0 -###Summary - -This is a bugfix release in the Grizzly series. - -####Bugfixes -- Fix allowed_hosts contitional statement -- Select keystone endpoint based on SSL setting -- Improve tenant_hash usage in keystone_tenant -- Various cleanup and bug fixes - -####Maintenance -- Pin dependencies - -##2013-06-18 - 2.0.0 -###Summary - -Initial release on StackForge. - -####Backwards-incompatible changes - -####Features -- keystone_user can be used to change passwords -- service tenant name now configurable -- keystone_user is now idempotent - -####Bugfixes -- Various cleanups and bug fixes diff --git a/keystone/Gemfile b/keystone/Gemfile deleted file mode 100644 index 5728ff7e7..000000000 --- a/keystone/Gemfile +++ /dev/null @@ -1,22 +0,0 @@ -source ENV['GEM_SOURCE'] || "https://rubygems.org" - -group :development, :test, :system_tests do - gem 'puppet-openstack_spec_helper', - :git => 'https://git.openstack.org/openstack/puppet-openstack_spec_helper', - :branch => 'stable/mitaka', - :require => false -end - -if facterversion = ENV['FACTER_GEM_VERSION'] - gem 'facter', facterversion, :require => false -else - gem 'facter', :require => false -end - -if puppetversion = ENV['PUPPET_GEM_VERSION'] - gem 'puppet', puppetversion, :require => false -else - gem 'puppet', :require => false -end - -# vim:ft=ruby diff --git a/keystone/LICENSE b/keystone/LICENSE deleted file mode 100644 index 88a11a0e7..000000000 --- a/keystone/LICENSE +++ /dev/null @@ -1,13 +0,0 @@ -Copyright 2012 OpenStack Foundation - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. diff --git a/keystone/README.md b/keystone/README.md deleted file mode 100644 index d6c816887..000000000 --- a/keystone/README.md +++ /dev/null @@ -1,322 +0,0 @@ -keystone -======= - -#### Table of Contents - -1. [Overview - What is the keystone module?](#overview) -2. [Module Description - What does the module do?](#module-description) -3. [Setup - The basics of getting started with keystone](#setup) -4. [Implementation - An under-the-hood peek at what the module is doing](#implementation) -5. [Limitations - OS compatibility, etc.](#limitations) -6. [Development - Guide for contributing to the module](#development) -7. [Contributors - Those with commits](#contributors) - -Overview --------- - -The keystone module is a part of [OpenStack](https://github.com/openstack), an effort by the OpenStack infrastructure team to provide continuous integration testing and code review for OpenStack and OpenStack community projects as part of the core software. The module itself is used to flexibly configure and manage the identity service for OpenStack. - -Module Description ------------------- - -The keystone module is a thorough attempt to make Puppet capable of managing the entirety of keystone. This includes manifests to provision region specific endpoint and database connections. Types are shipped as part of the keystone module to assist in manipulation of configuration files. - -This module is tested in combination with other modules needed to build and leverage an entire OpenStack software stack. - -Setup ------ - -**What the keystone module affects** - -* [Keystone](http://docs.openstack.org/developer/keystone/), the identity service for OpenStack. - -### Installing keystone - - puppet module install openstack/keystone - -### Beginning with keystone - -To utilize the keystone module's functionality you will need to declare multiple resources. This is not an exhaustive list of all the components needed, we recommend you consult and understand the [core openstack](http://docs.openstack.org) documentation. - -**Define a keystone node** - -```puppet -class { 'keystone': - verbose => True, - catalog_type => 'sql', - admin_token => 'random_uuid', - database_connection => 'mysql://keystone_admin:super_secret_db_password@openstack-controller.example.com/keystone', -} - -# Adds the admin credential to keystone. -class { 'keystone::roles::admin': - email => 'admin@example.com', - password => 'super_secret', -} - -# Installs the service user endpoint. -class { 'keystone::endpoint': - public_url => 'http://10.16.0.101:5000/v2.0', - admin_url => 'http://10.16.1.101:35357/v2.0', - internal_url => 'http://10.16.2.101:5000/v2.0', - region => 'example-1', -} - -# Remove the admin_token_auth paste pipeline. -# After the first puppet run this requires setting keystone v3 -# admin credentials via /root/openrc or as environment variables. -include keystone::disable_admin_token_auth -``` - -**Leveraging the Native Types** - -Keystone ships with a collection of native types that can be used to interact with the data stored in keystone. The following, related to user management could live throughout your Puppet code base. They even support puppet's ability to introspect the current environment much the same as `puppet resource user`, `puppet resource keystone_tenant` will print out all the currently stored tenants and their parameters. - -```puppet -keystone_tenant { 'openstack': - ensure => present, - enabled => True, -} -keystone_user { 'openstack': - ensure => present, - enabled => True, -} -keystone_role { 'admin': - ensure => present, -} -keystone_user_role { 'admin@openstack': - roles => ['admin', 'superawesomedude'], - ensure => present -} -``` - -These two will seldom be used outside openstack related classes, like nova or cinder. These are modified examples from Class['nova::keystone::auth']. - -```puppet -# Setup the nova keystone service -keystone_service { 'nova': - ensure => present, - type => 'compute', - description => 'OpenStack Compute Service', -} - -``` - -Services can also be written with the type as a suffix: - -```puppet -keystone_service { 'nova::type': - ensure => present, - description => 'OpenStack Compute Service', -} - - -# Setup nova keystone endpoint -keystone_endpoint { 'example-1-west/nova': - ensure => present, - type => 'compute', - public_url => "http://127.0.0.1:8774/v2/%(tenant_id)s", - admin_url => "http://127.0.0.1:8774/v2/%(tenant_id)s", - internal_url => "http://127.0.0.1:8774/v2/%(tenant_id)s", -} -``` - -Endpoints can also be written with the type as a suffix: - -```puppet -keystone_endpoint { 'example-1-west/nova::compute': - ensure => present, - public_url => "http://127.0.0.1:8774/v2/%(tenant_id)s", - admin_url => "http://127.0.0.1:8774/v2/%(tenant_id)s", - internal_url => "http://127.0.0.1:8774/v2/%(tenant_id)s", -} -``` - -Defining an endpoint without the type is supported in Liberty release -for backward compatibility, but will be dropped in Mitaka, as this can -lead to corruption of the endpoint database if omitted. See [this -bug](https://bugs.launchpad.net/puppet-keystone/+bug/1506996) - -**Setting up a database for keystone** - -A keystone database can be configured separately from the keystone services. - -If one needs to actually install a fresh database they have the choice of mysql or postgres. Use the mysql::server or postgreql::server classes to do this setup, and then the Class['keystone::db::mysql'] or Class['keystone::db::postgresql'] for adding the databases and users that will be needed by keystone. - -* For mysql - -```puppet -class { 'mysql::server': } - -class { 'keystone::db::mysql': - password => 'super_secret_db_password', - allowed_hosts => '%', -} -``` - -* For postgresql - -```puppet -class { 'postgresql::server': } - -class { 'keystone::db::postgresql': password => 'super_secret_db_password', } -``` - -**About Keystone V3 syntax in keystone_user/keystone_tenant/keystone_user_role** - -A complete description of the syntax available for those resources are -in `examples/user_project_user_role_composite_namevar.pp` - -**About Keystone V3 and default domain** - -***For users*** - -With Keystone V3, domains made their appearance. For backward -compatibility a default domain is defined in the `keystone.conf` file. -All the V2 resources are then assigned to this default domain. The -default domain id is by default `default` associated with the name -`Default`. - -What it means is that this user: - -```puppet -keystone_user { 'my_non_full_qualified_user': - ensure => present -} -``` - -will be assigned to the `Default` domain. - -The same is true for `keystone_tenant` and `keystone_user_role`: - -```puppet -keystone_tenant { 'project_one': - ensure => present -} - -keystone_user_role { 'user_one@project_one': - ensure => present, - roles => ['admin'] -} -``` - -will be assigned to the `Default` domain. - -Now, you can change the default domain if you want. But then the -puppet resource you defined will *have* to be fully qualified. - -So, for instance, if you change the default domain to be -`my_new_default`, then you'll have to do: - -```puppet -keystone_user { 'full_qualified_user::my_new_default': - ensure => present -} -keystone_tenant { 'project_one::my_new_default': - ensure => present -} - -keystone_user_role { 'user_one::my_new_default@project_one::my_new_default': - ensure => present, - roles => ['admin'] -} -``` - -as the module will *always* assign a resource without domain to -the `Default` domain. - -A deprecation warning will be visible in the log when you have -changed the default domain id and used an non fully qualified name for -your resource. - -In Mitaka, a deprecation warning will be displayed any time -you use a non fully qualified resource. - -After Mitaka all the resources will have to be fully qualified. - -***For developers*** - -Other modules can try to find user/tenant resources using Puppet's -indirection. The rule for the name of the resources are: - - 1. fully qualified if domain is not 'Default'; - 2. short form if domain is 'Default' - -This is for backward compatibility. - -Note that, as stated above, the 'Default' domain is hardcoded. It is -not related to the real default domain which can be set to something -else. But then again, you will have to set the fully qualified name. - -You can check `spec/acceptance/default_domain_spec.rb` to see an -example of the behavior described here. - -Implementation --------------- - -### keystone - -keystone is a combination of Puppet manifest and ruby code to delivery configuration and extra functionality through types and providers. - -### Types - -#### keystone_config - -The `keystone_config` provider is a children of the ini_setting provider. It allows one to write an entry in the `/etc/keystone/keystone.conf` file. - -```puppet -keystone_config { 'DEFAULT/verbose' : - value => true, -} -``` - -This will write `verbose=true` in the `[DEFAULT]` section. - -##### name - -Section/setting name to manage from `keystone.conf` - -##### value - -The value of the setting to be defined. - -##### secret - -Whether to hide the value from Puppet logs. Defaults to `false`. - -##### ensure_absent_val - -If value is equal to ensure_absent_val then the resource will behave as if `ensure => absent` was specified. Defaults to `` - -Limitations ------------- - -* All the keystone types use the CLI tools and so need to be run on the keystone node. - -### Upgrade warning - -* If you've setup OpenStack using previous versions of this module you need to be aware that it used UUID as the default for the token_format parameter but now defaults to PKI. If you're using this module to manage a Grizzly OpenStack deployment that was set up using a development release of the modules or are attempting an upgrade from Folsom then you'll need to make sure you set the token_format to UUID at classification time. - -Beaker-Rspec ------------- - -This module has beaker-rspec tests - -To run: - -``shell -bundle install -bundle exec rspec spec/acceptance -`` - -Development ------------ - -Developer documentation for the entire puppet-openstack project. - -* https://wiki.openstack.org/wiki/Puppet-openstack#Developer_documentation - -Contributors ------------- - -* https://github.com/openstack/puppet-keystone/graphs/contributors diff --git a/keystone/Rakefile b/keystone/Rakefile deleted file mode 100644 index 168d10814..000000000 --- a/keystone/Rakefile +++ /dev/null @@ -1 +0,0 @@ -require 'puppet-openstack_spec_helper/rake_tasks' diff --git a/keystone/examples/apache_dropin.pp b/keystone/examples/apache_dropin.pp deleted file mode 100644 index 5ed29264f..000000000 --- a/keystone/examples/apache_dropin.pp +++ /dev/null @@ -1,49 +0,0 @@ -# Example using apache to serve keystone -# -# To be sure everything is working, run: -# $ export OS_USERNAME=admin -# $ export OS_PASSWORD=ChangeMe -# $ export OS_TENANT_NAME=openstack -# $ export OS_AUTH_URL=http://keystone.local/keystone/main/v2.0 -# $ keystone catalog -# Service: identity -# +-------------+----------------------------------------------+ -# | Property | Value | -# +-------------+----------------------------------------------+ -# | adminURL | http://keystone.local:80/keystone/admin/v2.0 | -# | id | 4f0f55f6789d4c73a53c51f991559b72 | -# | internalURL | http://keystone.local:80/keystone/main/v2.0 | -# | publicURL | http://keystone.local:80/keystone/main/v2.0 | -# | region | RegionOne | -# +-------------+----------------------------------------------+ -# - -Exec { logoutput => 'on_failure' } - -class { '::mysql::server': } -class { '::keystone::db::mysql': - password => 'keystone', -} -class { '::keystone': - verbose => true, - debug => true, - database_connection => 'mysql://keystone:keystone@127.0.0.1/keystone', - catalog_type => 'sql', - admin_token => 'admin_token', - enabled => false, -} -class { '::keystone::roles::admin': - email => 'test@puppetlabs.com', - password => 'ChangeMe', -} -class { '::keystone::endpoint': - public_url => "https://${::fqdn}:5000/", - admin_url => "https://${::fqdn}:35357/", -} - -keystone_config { 'ssl/enable': value => true } - -include ::apache -class { '::keystone::wsgi::apache': - ssl => true -} diff --git a/keystone/examples/apache_with_paths.pp b/keystone/examples/apache_with_paths.pp deleted file mode 100644 index 8b0fc699c..000000000 --- a/keystone/examples/apache_with_paths.pp +++ /dev/null @@ -1,54 +0,0 @@ -# Example using apache to serve keystone -# -# To be sure everything is working, run: -# $ export OS_USERNAME=admin -# $ export OS_PASSWORD=ChangeMe -# $ export OS_TENANT_NAME=openstack -# $ export OS_AUTH_URL=http://keystone.local/keystone/main/v2.0 -# $ keystone catalog -# Service: identity -# +-------------+----------------------------------------------+ -# | Property | Value | -# +-------------+----------------------------------------------+ -# | adminURL | http://keystone.local:80/keystone/admin/v2.0 | -# | id | 4f0f55f6789d4c73a53c51f991559b72 | -# | internalURL | http://keystone.local:80/keystone/main/v2.0 | -# | publicURL | http://keystone.local:80/keystone/main/v2.0 | -# | region | RegionOne | -# +-------------+----------------------------------------------+ -# - -Exec { logoutput => 'on_failure' } - -class { '::mysql::server': } -class { '::keystone::db::mysql': - password => 'keystone', -} -class { '::keystone': - verbose => true, - debug => true, - database_connection => 'mysql://keystone_admin:keystone@127.0.0.1/keystone', - catalog_type => 'sql', - admin_token => 'admin_token', - enabled => true, -} -class { '::keystone::cron::token_flush': } -class { '::keystone::roles::admin': - email => 'test@puppetlabs.com', - password => 'ChangeMe', -} -class { '::keystone::endpoint': - public_url => "https://${::fqdn}:443/main/", - admin_url => "https://${::fqdn}:443/admin/", -} - -keystone_config { 'ssl/enable': ensure => absent } - -include ::apache -class { '::keystone::wsgi::apache': - ssl => true, - public_port => 443, - admin_port => 443, - public_path => '/main/', - admin_path => '/admin/' -} diff --git a/keystone/examples/k2k_sp_shib.pp b/keystone/examples/k2k_sp_shib.pp deleted file mode 100644 index b1a9f1642..000000000 --- a/keystone/examples/k2k_sp_shib.pp +++ /dev/null @@ -1,72 +0,0 @@ -# Example to configure Keystone as Service Provider for -# K2K Federation. -# -# To be sure everything is working, run: -# $ export OS_USERNAME=admin -# $ export OS_PASSWORD=ChangeMe -# $ export OS_TENANT_NAME=openstack -# $ export OS_AUTH_URL=http://keystone.local/keystone/main/v2.0 -# $ keystone catalog -# Service: identity -# +-------------+----------------------------------------------+ -# | Property | Value | -# +-------------+----------------------------------------------+ -# | adminURL | http://keystone.local:80/keystone/admin/v2.0 | -# | id | 4f0f55f6789d4c73a53c51f991559b72 | -# | internalURL | http://keystone.local:80/keystone/main/v2.0 | -# | publicURL | http://keystone.local:80/keystone/main/v2.0 | -# | region | RegionOne | -# +-------------+----------------------------------------------+ -# - -Exec { logoutput => 'on_failure' } - -# Note: The yumrepo part is only necessary if you are using RedHat. -# Yumrepo begin -yumrepo { 'shibboleth': - name => 'Shibboleth', - baseurl => 'http://download.opensuse.org/repositories/security:/shibboleth/CentOS_7/', - descr => 'Shibboleth repo for RedHat', - gpgcheck => 1, - gpgkey => 'http://download.opensuse.org/repositories/security:/shibboleth/CentOS_7/repodata/repomd.xml.key', - enabled => 1, - require => Anchor['openstack_extras_redhat'] -} - -Yumrepo['shibboleth'] -> Class['::keystone::federation::shibboleth'] -# Yumrepo end - -class { '::mysql::server': } -class { '::keystone::db::mysql': - password => 'keystone', -} - -class { '::keystone': - verbose => true, - debug => true, - database_connection => 'mysql://keystone:keystone@127.0.0.1/keystone', - catalog_type => 'sql', - admin_token => 'admin_token', - enabled => false, -} - -class { '::keystone::roles::admin': - email => 'test@puppetlabs.com', - password => 'ChangeMe', -} - -class { '::keystone::endpoint': - public_url => "https://${::fqdn}:5000/", - admin_url => "https://${::fqdn}:35357/", -} - -keystone_config { 'ssl/enable': value => true } - -include ::apache -class { '::keystone::wsgi::apache': - ssl => true -} - -class { '::keystone::federation::shibboleth': - methods => 'password, token, oauth1, saml2', -} diff --git a/keystone/examples/ldap_backend.pp b/keystone/examples/ldap_backend.pp deleted file mode 100644 index 5c5b7f1bc..000000000 --- a/keystone/examples/ldap_backend.pp +++ /dev/null @@ -1,133 +0,0 @@ -class { '::keystone': - verbose => true, - debug => true, - database_connection => 'mysql://keystone:keystone@127.0.0.1/keystone', - admin_token => 'admin_token', - enabled => true, - # helper for using domains - using_domain_config => true -} - -# Ensure this matches what is in LDAP or keystone will try to recreate -# the admin user -class { '::keystone::roles::admin': - email => 'test@example.com', - password => 'ChangeMe', - admin_user_domain => 'domain_1', - admin_project_domain => 'domain_1', - service_project_domain => 'domain_1', -} - -# Waiting to have keystone::roles::admin being a define instead of a -# class to make the admin for domain_2. -keystone_domain { 'domain_2': ensure => present } - -keystone::ldap_backend { 'domain_1': - url => 'ldap://ldap.example.com:389', - user => 'uid=bind,cn=users,cn=accounts,dc=example,dc=com', - password => 'SecretPass', - suffix => 'dc=example,dc=com', - query_scope => 'sub', - user_tree_dn => 'cn=users,cn=accounts,dc=example,dc=com', - user_id_attribute => 'uid', - user_name_attribute => 'uid', - user_mail_attribute => 'mail', - user_allow_create => 'False', - user_allow_update => 'False', - user_allow_delete => 'False', - user_enabled_emulation => 'True', - user_enabled_emulation_dn => 'cn=openstack-enabled,cn=groups,cn=accounts,dc=example,dc=com', - group_tree_dn => 'ou=groups,ou=openstack,dc=example,dc=com', - group_objectclass => 'organizationalRole', - group_id_attribute => 'cn', - group_name_attribute => 'cn', - group_member_attribute => 'RoleOccupant', - group_desc_attribute => 'description', - group_allow_create => 'True', - group_allow_update => 'True', - group_allow_delete => 'True', - project_tree_dn => 'ou=projects,ou=openstack,dc=example,dc=com', - project_objectclass => 'organizationalUnit', - project_id_attribute => 'ou', - project_member_attribute => 'member', - project_name_attribute => 'ou', - project_desc_attribute => 'description', - project_allow_create => 'True', - project_allow_update => 'True', - project_allow_delete => 'True', - project_enabled_emulation => 'True', - project_enabled_emulation_dn => 'cn=enabled,ou=openstack,dc=example,dc=com', - role_tree_dn => 'ou=roles,ou=openstack,dc=example,dc=com', - role_objectclass => 'organizationalRole', - role_id_attribute => 'cn', - role_name_attribute => 'cn', - role_member_attribute => 'roleOccupant', - role_allow_create => 'True', - role_allow_update => 'True', - role_allow_delete => 'True', - identity_driver => 'ldap', - use_tls => 'True', - tls_cacertfile => '/etc/ssl/certs/ca-certificates.crt', - tls_req_cert => 'demand', - use_pool => 'True', - use_auth_pool => 'True', - pool_size => 5, - auth_pool_size => 5, - pool_retry_max => 3, - pool_connection_timeout => 120, -} - -keystone::ldap_backend { 'domain_2': - url => 'ldap://ldap.example_2.com:389', - user => 'uid=bind,cn=users,cn=accounts,dc=example_2,dc=com', - password => 'SecretPass', - suffix => 'dc=example_2,dc=com', - query_scope => 'sub', - user_tree_dn => 'cn=users,cn=accounts,dc=example_2,dc=com', - user_id_attribute => 'uid', - user_name_attribute => 'uid', - user_mail_attribute => 'mail', - user_allow_create => 'False', - user_allow_update => 'False', - user_allow_delete => 'False', - user_enabled_emulation => 'True', - user_enabled_emulation_dn => 'cn=openstack-enabled,cn=groups,cn=accounts,dc=example_2,dc=com', - group_tree_dn => 'ou=groups,ou=openstack,dc=example_2,dc=com', - group_objectclass => 'organizationalRole', - group_id_attribute => 'cn', - group_name_attribute => 'cn', - group_member_attribute => 'RoleOccupant', - group_desc_attribute => 'description', - group_allow_create => 'True', - group_allow_update => 'True', - group_allow_delete => 'True', - project_tree_dn => 'ou=projects,ou=openstack,dc=example_2,dc=com', - project_objectclass => 'organizationalUnit', - project_id_attribute => 'ou', - project_member_attribute => 'member', - project_name_attribute => 'ou', - project_desc_attribute => 'description', - project_allow_create => 'True', - project_allow_update => 'True', - project_allow_delete => 'True', - project_enabled_emulation => 'True', - project_enabled_emulation_dn => 'cn=enabled,ou=openstack,dc=example_2,dc=com', - role_tree_dn => 'ou=roles,ou=openstack,dc=example_2,dc=com', - role_objectclass => 'organizationalRole', - role_id_attribute => 'cn', - role_name_attribute => 'cn', - role_member_attribute => 'roleOccupant', - role_allow_create => 'True', - role_allow_update => 'True', - role_allow_delete => 'True', - identity_driver => 'ldap', - use_tls => 'True', - tls_cacertfile => '/etc/ssl/certs/ca-certificates.crt', - tls_req_cert => 'demand', - use_pool => 'True', - use_auth_pool => 'True', - pool_size => 5, - auth_pool_size => 5, - pool_retry_max => 3, - pool_connection_timeout => 120, -} diff --git a/keystone/examples/ldap_full.pp b/keystone/examples/ldap_full.pp deleted file mode 100644 index 4f61b7fe4..000000000 --- a/keystone/examples/ldap_full.pp +++ /dev/null @@ -1,71 +0,0 @@ -# A full example from a real deployment that allows Keystone to modify -# everything except users, uses enabled_emulation, and ldaps - -# Ensure this matches what is in LDAP or keystone will try to recreate -# the admin user -class { '::keystone::roles::admin': - email => 'test@example.com', - password => 'ChangeMe', -} - -# You can test this connection with ldapsearch first to ensure it works. -# LDAP configurations are *highly* dependent on your setup and this file -# will need to be tweaked. This sample talks to ldap.example.com, here is -# an example of ldapsearch that will search users on this box: -# ldapsearch -v -x -H 'ldap://example.com:389' -D \ -# "uid=bind,cn=users,cn=accounts,dc=example,dc=com" -w SecretPass \ -# -b cn=users,cn=accounts,dc=example,dc=com -class { '::keystone:ldap': - url => 'ldap://ldap.example.com:389', - user => 'uid=bind,cn=users,cn=accounts,dc=example,dc=com', - password => 'SecretPass', - suffix => 'dc=example,dc=com', - query_scope => 'sub', - user_tree_dn => 'cn=users,cn=accounts,dc=example,dc=com', - user_id_attribute => 'uid', - user_name_attribute => 'uid', - user_mail_attribute => 'mail', - user_allow_create => 'False', - user_allow_update => 'False', - user_allow_delete => 'False', - user_enabled_emulation => 'True', - user_enabled_emulation_dn => 'cn=openstack-enabled,cn=groups,cn=accounts,dc=example,dc=com', - group_tree_dn => 'ou=groups,ou=openstack,dc=example,dc=com', - group_objectclass => 'organizationalRole', - group_id_attribute => 'cn', - group_name_attribute => 'cn', - group_member_attribute => 'RoleOccupant', - group_desc_attribute => 'description', - group_allow_create => 'True', - group_allow_update => 'True', - group_allow_delete => 'True', - project_tree_dn => 'ou=projects,ou=openstack,dc=example,dc=com', - project_objectclass => 'organizationalUnit', - project_id_attribute => 'ou', - project_member_attribute => 'member', - project_name_attribute => 'ou', - project_desc_attribute => 'description', - project_allow_create => 'True', - project_allow_update => 'True', - project_allow_delete => 'True', - project_enabled_emulation => 'True', - project_enabled_emulation_dn => 'cn=enabled,ou=openstack,dc=example,dc=com', - role_tree_dn => 'ou=roles,ou=openstack,dc=example,dc=com', - role_objectclass => 'organizationalRole', - role_id_attribute => 'cn', - role_name_attribute => 'cn', - role_member_attribute => 'roleOccupant', - role_allow_create => 'True', - role_allow_update => 'True', - role_allow_delete => 'True', - identity_driver => 'ldap', - use_tls => 'True', - tls_cacertfile => '/etc/ssl/certs/ca-certificates.crt', - tls_req_cert => 'demand', - use_pool => 'True', - use_auth_pool => 'True', - pool_size => 5, - auth_pool_size => 5, - pool_retry_max => 3, - pool_connection_timeout => 120, -} diff --git a/keystone/examples/ldap_identity.pp b/keystone/examples/ldap_identity.pp deleted file mode 100644 index 506ef3b24..000000000 --- a/keystone/examples/ldap_identity.pp +++ /dev/null @@ -1,28 +0,0 @@ -# Example using LDAP to manage user identity only. -# This setup will not allow changes to users. - -# Ensure this matches what is in LDAP or keystone will try to recreate -# the admin user -class { '::keystone::roles::admin': - email => 'test@example.com', - password => 'ChangeMe', -} - -# You can test this connection with ldapsearch first to ensure it works. -# This was tested against a FreeIPA box, you will likely need to change the -# attributes to match your configuration. -class { '::keystone:ldap': - identity_driver => 'ldap', - url => 'ldap://ldap.example.com:389', - user => 'uid=bind,cn=users,cn=accounts,dc=example,dc=com', - password => 'SecretPass', - suffix => 'dc=example,dc=com', - query_scope => 'sub', - user_tree_dn => 'cn=users,cn=accounts,dc=example,dc=com', - user_id_attribute => 'uid', - user_name_attribute => 'uid', - user_mail_attribute => 'mail', - user_allow_create => 'False', - user_allow_update => 'False', - user_allow_delete => 'False' -} diff --git a/keystone/examples/user_project_user_role_composite_namevar.pp b/keystone/examples/user_project_user_role_composite_namevar.pp deleted file mode 100644 index d8a2f6f27..000000000 --- a/keystone/examples/user_project_user_role_composite_namevar.pp +++ /dev/null @@ -1,156 +0,0 @@ -# Examples of the new interface to user, project (tenant), and -# user_role. -# -# The new interface does not rely on a unique title scheme and offers -# the possibility to pass required arguments as parameters. Old -# interface with everything defined in the title is still supported, -# but the parsing is more consistent and less error prone (on the -# coding side). Puppet will find matching resource irrespective of -# how you create it. - -# For user you have those choices -keystone_user { 'user_one': - ensure => present, - domain => 'domain_one', -} - -# is identical to - -keystone_user { 'user_one::domain_one': ensure => present } - -# Note, that parameter override title paring. So: -keystone_user { 'user_one::domain_two': - ensure => present, - domain => 'domain_one' -} - -# will create the user in the domain_one, not domain_two. - -# This led to the meaningless title feature. This can be helpful for -# manifest/hiera created by another program for instance, where the -# title could be some random id: - -keystone_user { 'meanlinglesstitle': - ensure => present, - user => 'user_one', - domain => 'domain_one' -} - -# This works for user, project and, with a twist, for user_role, where -# the title must always have some form. See below. - -# For project: - -keystone_tenant { 'project_one': - ensure => present, - domain => 'domain_one' -} - -# is identical to - -keystone_project { 'project_one::domain_one': ensure => present } - -# For user_role: - -# 1: for associating a role to an user in a project scope. -keystone_user_role { 'user_one::project_one': - ensure => present, - user_domain => 'domain_one', - project_domain => 'domain_two', - roles => ['admin'] -} - -# all the way to -keystone_user_role { 'user_one::domain_one@project_one::domain_two': - ensure => present, - roles => ['admin'] -} -# and all combinations in between. - -# Note that parameter override the title parsing, so: -keystone_user_role { 'user_one::domain_one@project_one::domain_one': - ensure => present, - project_domain => 'domain_two', - roles => ['admin'] -} - -# will match the project project_one::domain_two, not -# project_one::domain_one. It is also true for keystone_user and -# keystone_tenant. - -# You cannot define: -keystone_user_role { 'user_one': - ensure => present, - user_domain => 'domain_one', - project => 'project_one', - project_domain => 'domain_two', - roles => ['admin'] -} - -# this will trigger an error. You need the '::' - -# 2: for associating a role to an user in a domain scope. -keystone_user_role { 'user_one@::domain': - ensure => present, - user_domain => 'domain_one', - roles => ['admin'] -} - -# is identical to -keystone_user_role { 'user_one::domain_one@::domain_one': - ensure => present, - roles => ['admin'] -} - -# But, you cannot define: -keystone_user_role { 'meaningless_title': - ensure => present, - user => 'user_one', - user_domain => 'domain_one', - domain => 'domain_one', - roles => ['admin'] -} - -# this will trigger an error, you need the '::@' - -# But, there is a way to have meaningless title for user_role. - -# 1: user role to project. -keystone_user_role { 'meaningless::meaningless': - ensure => present, - user => 'user_one', - user_domain => 'domain_one', - project => 'project_one', - project_domain => 'domain_one', - roles => ['admin'] -} - -# 2: user role to domain -keystone_user_role { 'meaningless::@meaningless': - ensure => present, - user => 'user_one', - user_domain => 'domain_one', - domain => 'project_one', - roles => ['admin'] -} - -# Finally it should be noted that specifying an domain and a project -# scope at the same time is an error. -keystone_user_role { 'user_one@::domain_one': - ensure => present, - user_domain => 'domain_one', - project => 'project_one', - project_domain => 'domain_two', - roles => ['admin'] -} -# is an error, and will trigger one. - - -# NOTE: for the all examples above to work you have to define: -keystone_domain { 'domain_one': - ensure => present -} - -keystone_domain { 'domain_two': - ensure => present -} diff --git a/keystone/examples/v3_basic.pp b/keystone/examples/v3_basic.pp deleted file mode 100644 index 5777d2b5b..000000000 --- a/keystone/examples/v3_basic.pp +++ /dev/null @@ -1,47 +0,0 @@ -# Example using v3 domains. The admin user is created in the domain -# named 'admin_domain', and assigned the role 'admin' in the 'admin' -# project in the domain 'admin_domain'. The keystone service account is -# created in default domain, and assigned the -# role 'admin' in the project 'services' in the default domain. -# NOTE: Until all of the other services support using Keystone v3 -# with keystone_authtoken middleware that supports v3, they cannot -# specify a domain for authentication, and so have to be in the -# default domain. -# -# To be sure everything is working, run: -# $ export OS_IDENTITY_API_VERSION=3 -# $ export OS_USERNAME=admin -# $ export OS_USER_DOMAIN_NAME=admin_domain -# $ export OS_PASSWORD=ChangeMe -# $ export OS_PROJECT_NAME=admin -# $ export OS_PROJECT_DOMAIN_NAME=admin_domain -# $ export OS_AUTH_URL=http://keystone.local:35357/v3 -# $ openstack user list -# - -Exec { logoutput => 'on_failure' } - - -class { '::mysql::server': } -class { '::keystone::db::mysql': - password => 'keystone', -} -class { '::keystone': - verbose => true, - debug => true, - database_connection => 'mysql://keystone:keystone@127.0.0.1/keystone', - admin_token => 'admin_token', - enabled => true, -} -class { '::keystone::roles::admin': - email => 'test@example.tld', - password => 'a_big_secret', - admin => 'admin', # username - admin_tenant => 'admin', # project name - admin_user_domain => 'admin', # domain for user - admin_tenant_domain => 'admin', # domain for project -} -class { '::keystone::endpoint': - public_url => 'http://127.0.0.1:5000/', - admin_url => 'http://127.0.0.1:35357/', -} diff --git a/keystone/examples/v3_domain_configuration.pp b/keystone/examples/v3_domain_configuration.pp deleted file mode 100644 index 6b6e4d9a6..000000000 --- a/keystone/examples/v3_domain_configuration.pp +++ /dev/null @@ -1,40 +0,0 @@ -# Example using v3 domain configuration. This setup a directory where -# the domain configurations will be and adjust the keystone. -# For the rest of the configuration check v3_basic.pp. -# - -Exec { logoutput => 'on_failure' } - -class { '::mysql::server': } -class { '::keystone::db::mysql': - password => 'keystone', -} -class { '::keystone': - verbose => true, - debug => true, - database_connection => 'mysql://keystone:keystone@192.168.1.1/keystone', - admin_token => 'admin_token', - enabled => true, - # The domain configuration setup at keystone level - using_domain_config => true, -} -class { '::keystone::roles::admin': - email => 'test@example.tld', - password => 'a_big_secret', -} -class { '::keystone::endpoint': - public_url => 'http://192.168.1.1:5000/', - admin_url => 'http://192.168.1.1:35357/', -} - -# Creates the /etc/keystone/domains/keystone.my_domain.conf file and -# notifies keystone service -keystone_domain_config { - 'my_domain::ldap/url': value => 'ldap://ldapservice.my_org.com'; - 'my_domain::ldap/user': value => 'cn=Manager,dc=openstack,dc=org'; - 'my_domain::ldap/password': value => 'mysecret'; - 'my_domain::ldap/suffix': value => 'dc=openstack,dc=org'; - 'my_domain::ldap/group_tree_dn': value => 'ou=UserGroups,dc=openstack,dc=org'; - 'my_domain::ldap/user_tree_dn': value => 'ou=Users,dc=openstack,dc=org'; - 'my_domain::ldap/user_mail_attribute': value => 'mail'; -} diff --git a/keystone/ext/keystone_test.rb b/keystone/ext/keystone_test.rb deleted file mode 100644 index ed944bedd..000000000 --- a/keystone/ext/keystone_test.rb +++ /dev/null @@ -1,55 +0,0 @@ -#!/usr/bin/env ruby -# this script verifies that keystone has -# been successfully installed using the instructions -# found here: http://keystone.openstack.org/configuration.html - -begin - require 'rubygems' -rescue - puts 'Could not require rubygems. This assumes puppet is not installed as a gem' -end -require 'open3' -require 'fileutils' -require 'puppet' - -username='admin' -password='admin_password' -# required to get a real services catalog -tenant='openstack' - -# shared secret -service_token='service_token' - -def run_command(cmd) - Open3.popen3(cmd) do |stdin, stdout, stderr| - begin - stdout = stdout.read - puts "Response from token request:#{stdout}" - return stdout - rescue Exception => e - puts "Request failed, this sh*t is borked :( : details: #{e}" - exit 1 - end - end -end - -puts `puppet apply -e "package {curl: ensure => present }"` - -get_token = %(curl -d '{"auth":{"passwordCredentials":{"username": "#{username}", "password": "#{password}"}}}' -H "Content-type: application/json" http://localhost:35357/v2.0/tokens) -token = nil - -puts "Running auth command: #{get_token}" -token = PSON.load(run_command(get_token))["access"]["token"]["id"] - -if token - puts "We were able to retrieve a token" - puts token - verify_token = "curl -H 'X-Auth-Token: #{service_token}' http://localhost:35357/v2.0/tokens/#{token}" - puts 'verifying token' - run_command(verify_token) - ['endpoints', 'tenants', 'users'].each do |x| - puts "getting #{x}" - get_keystone_data = "curl -H 'X-Auth-Token: #{service_token}' http://localhost:35357/v2.0/#{x}" - run_command(get_keystone_data) - end -end diff --git a/keystone/ext/keystone_test_v3.rb b/keystone/ext/keystone_test_v3.rb deleted file mode 100644 index 0d7550e32..000000000 --- a/keystone/ext/keystone_test_v3.rb +++ /dev/null @@ -1,64 +0,0 @@ -#!/usr/bin/env ruby -# this script verifies that keystone has -# been successfully installed using the instructions -# found here: http://keystone.openstack.org/configuration.html -# and can use the v3 api http://developer.openstack.org/api-ref-identity-v3.html - -begin - require 'rubygems' -rescue - puts 'Could not require rubygems. This assumes puppet is not installed as a gem' -end -require 'open3' -require 'fileutils' -require 'puppet' -require 'pp' - -username='admin' -password='a_big_secret' -# required to get a real services catalog -project='openstack' -user_domain='admin' -project_domain='admin' - -# shared secret -service_token='admin_token' - -def run_command(cmd) - Open3.popen3(cmd) do |stdin, stdout, stderr| - begin - stdout = stdout.read - puts "Response from token request:#{stdout}" - return stdout - rescue Exception => e - puts "Request failed, this sh*t is borked :( : details: #{e}" - exit 1 - end - end -end - -puts `puppet apply -e "package {curl: ensure => present }"` -get_token = %(curl -D - -d '{"auth":{"identity":{"methods":["password"],"password":{"user":{"domain":{"name":"#{user_domain}"},"name":"#{username}","password": "#{password}"}}},"scope":{"project":{"domain":{"name":"#{project_domain}"},"name": "#{project}"}}}}' -H "Content-type: application/json" http://localhost:35357/v3/auth/tokens) -token = nil - -puts "Running auth command: #{get_token}" -rawoutput = run_command(get_token) -if rawoutput =~ /X-Subject-Token: ([\w]+)/ - token = $1 -else - puts "No token in output! #{rawoutput}" - exit 1 -end - -if token - puts "We were able to retrieve a token" - puts token - verify_token = "curl -H 'X-Auth-Token: #{service_token}' 'X-Subject-Token: #{token}' http://localhost:35357/v3/auth/tokens" - puts 'verifying token' - run_command(verify_token) - ['endpoints', 'projects', 'users'].each do |x| - puts "getting #{x}" - get_keystone_data = "curl -H 'X-Auth-Token: #{token}' http://localhost:35357/v3/#{x}" - pp PSON.load(run_command(get_keystone_data)) - end -end diff --git a/keystone/lib/puppet/provider/keystone.rb b/keystone/lib/puppet/provider/keystone.rb deleted file mode 100644 index 3bb4251d4..000000000 --- a/keystone/lib/puppet/provider/keystone.rb +++ /dev/null @@ -1,288 +0,0 @@ -require 'puppet/util/inifile' -require 'puppet/provider/openstack' -require 'puppet/provider/openstack/auth' -require 'puppet/provider/openstack/credentials' -require 'puppet/provider/keystone/util' - -class Puppet::Provider::Keystone < Puppet::Provider::Openstack - - extend Puppet::Provider::Openstack::Auth - - INI_FILENAME = '/etc/keystone/keystone.conf' - DEFAULT_DOMAIN = 'Default' - - @@default_domain_id = nil - - def self.admin_endpoint - @admin_endpoint ||= get_admin_endpoint - end - - def self.admin_token - @admin_token ||= get_admin_token - end - - def self.clean_host(host) - host ||= '127.0.0.1' - case host - when '0.0.0.0' - return '127.0.0.1' - when '::0' - return '[::1]' - else - # if ipv6, make sure ip address has brackets - LP#1541512 - if host.include?(':') and !host.include?(']') - return "[" + host + "]" - else - return host - end - end - end - - def self.default_domain_from_ini_file - default_domain_from_conf = Puppet::Resource.indirection - .find('Keystone_config/identity/default_domain_id') - if default_domain_from_conf[:ensure] == :present - # get from ini file - default_domain_from_conf[:value] - else - nil - end - rescue - nil - end - - def self.default_domain_id - if @@default_domain_id - # cached - @@default_domain_id - else - @@default_domain_id = default_domain_from_ini_file - end - @@default_domain_id = @@default_domain_id.nil? ? 'default' : @@default_domain_id - end - - def self.default_domain_changed - default_domain_id != 'default' - end - - def self.default_domain_deprecation_message - 'Support for a resource without the domain ' \ - 'set is deprecated in Liberty cycle. ' \ - 'It will be dropped in the M-cycle. ' \ - "Currently using '#{default_domain}' as default domain name " \ - "while the default domain id is '#{default_domain_id}'." - end - - def self.default_domain - DEFAULT_DOMAIN - end - - def self.resource_to_name(domain, name, check_for_default = true) - raise Puppet::Error, "Domain cannot be nil for project '#{name}'. " \ - 'Please report a bug.' if domain.nil? - join_str = '::' - name_display = [name] - unless check_for_default && domain == default_domain - name_display << domain - end - name_display.join(join_str) - end - - def self.name_to_resource(name) - uniq = name.split('::') - if uniq.count == 1 - uniq.insert(0, default_domain) - else - uniq.reverse! - end - uniq - end - - # Prefix with default domain if missing from the name. - def self.make_full_name(name) - resource_to_name(*name_to_resource(name), false) - end - -# def self.roles_assignement_for_userid(user_id) -# unless @role_assignement_table -# @role_assignement_table = request('role assignment', 'list') -# end -# roles_id = [] -# @role_assignement_table.each do |row| -# roles_id << row[:role] if row[:user] == user_id -# end -# roles_id -# end - - def self.user_id_from_name_and_domain_name(name, domain_name) - @users_name ||= {} - id_str = "#{name}_#{domain_name}" - unless @users_name.keys.include?(id_str) - user = fetch_user(name, domain_name) - err("Could not find user with name [#{name}] and domain [#{domain_name}]") unless user - @users_name[id_str] = user[:id] - end - @users_name[id_str] - end - - def self.project_id_from_name_and_domain_name(name, domain_name) - @projects_name ||= {} - id_str = "#{name}_#{domain_name}" - unless @projects_name.keys.include?(id_str) - project = fetch_project(name, domain_name) - err("Could not find project with name [#{name}] and domain [#{domain_name}]") unless project - @projects_name[id_str] = project[:id] - end - @projects_name[id_str] - end - - def self.domain_name_from_id(id) - unless @domain_hash - list = request('domain', 'list') - @domain_hash = Hash[list.collect{|domain| [domain[:id], domain[:name]]}] - end - unless @domain_hash.include?(id) - name = request('domain', 'show', id)[:name] - err("Could not find domain with id [#{id}]") unless name - @domain_hash[id] = name - end - @domain_hash[id] - end - - def self.domain_id_from_name(name) - unless @domain_hash_name - list = request('domain', 'list') - @domain_hash_name = Hash[list.collect{|domain| [domain[:name], domain[:id]]}] - end - unless @domain_hash_name.include?(name) - id = request('domain', 'show', name)[:id] - err("Could not find domain with name [#{name}]") unless id - @domain_hash_name[name] = id - end - @domain_hash_name[name] - end - - def self.fetch_project(name, domain) - domain ||= default_domain - request('project', 'show', [name, '--domain', domain]) - rescue Puppet::ExecutionFailure => e - raise e unless e.message =~ /No project with a name or ID/ - end - - def self.fetch_user(name, domain) - domain ||= default_domain - request('user', 'show', [name, '--domain', domain]) - rescue Puppet::ExecutionFailure => e - raise e unless e.message =~ /No user with a name or ID/ - end - - def self.get_admin_endpoint - endpoint = nil - if keystone_file - if url = get_section('DEFAULT', 'admin_endpoint') - endpoint = url.chomp('/') - else - admin_port = get_section('DEFAULT', 'admin_port') || '35357' - host = clean_host(get_section('DEFAULT', 'admin_bind_host')) - protocol = ssl? ? 'https' : 'http' - endpoint = "#{protocol}://#{host}:#{admin_port}" - end - end - return endpoint - end - - def self.get_admin_token - get_section('DEFAULT', 'admin_token') - end - - def self.get_auth_url - auth_url = nil - if ENV['OS_AUTH_URL'] - auth_url = ENV['OS_AUTH_URL'].dup - elsif auth_url = get_os_vars_from_rcfile(rc_filename)['OS_AUTH_URL'] - else - auth_url = admin_endpoint - end - return auth_url - end - - def self.get_section(group, name) - if keystone_file && keystone_file[group] && keystone_file[group][name] - return keystone_file[group][name].strip - end - return nil - end - - def self.get_service_url - service_url = nil - if ENV['OS_URL'] - service_url = ENV['OS_URL'].dup - elsif admin_endpoint - service_url = admin_endpoint - service_url << "/v#{@credentials.version}" - end - return service_url - end - - def self.ini_filename - INI_FILENAME - end - - def self.keystone_file - return @keystone_file if @keystone_file - if File.exists?(ini_filename) - @keystone_file = Puppet::Util::IniConfig::File.new - @keystone_file.read(ini_filename) - @keystone_file - end - end - - def self.request(service, action, properties=nil) - super - rescue Puppet::Error::OpenstackAuthInputError, Puppet::Error::OpenstackUnauthorizedError => error - request_by_service_token(service, action, error, properties) - end - - def self.request_by_service_token(service, action, error, properties=nil) - properties ||= [] - @credentials.token = admin_token - @credentials.url = service_url - raise error unless @credentials.service_token_set? - Puppet::Provider::Openstack.request(service, action, properties, @credentials) - end - - def self.service_url - @service_url ||= get_service_url - end - - def self.set_domain_for_name(name, domain_name) - if domain_name.nil? || domain_name.empty? - raise(Puppet::Error, "Missing domain name for resource #{name}") - end - domain_id = self.domain_id_from_name(domain_name) - case domain_id - when default_domain_id - name - when nil - name - else - name << "::#{domain_name}" - end - end - - def self.ssl? - if keystone_file && keystone_file['ssl'] && keystone_file['ssl']['enable'] && keystone_file['ssl']['enable'].strip.downcase == 'true' - return true - end - return false - end - - # Helper functions to use on the pre-validated enabled field - def bool_to_sym(bool) - bool == true ? :true : :false - end - - def sym_to_bool(sym) - sym == :true ? true : false - end -end diff --git a/keystone/lib/puppet/provider/keystone/util.rb b/keystone/lib/puppet/provider/keystone/util.rb deleted file mode 100644 index 7eadf98b9..000000000 --- a/keystone/lib/puppet/provider/keystone/util.rb +++ /dev/null @@ -1,25 +0,0 @@ -module Util - # Splits the rightmost part of a string using '::' as delimiter - # Returns an array of both parts or nil if either is empty. - # An empty rightmost part is ignored and converted as 'string::' => 'string' - # - # Examples: - # "foo" -> ["foo", nil] - # "foo::" -> ["foo", nil] - # "foo::bar" -> ["foo", "bar"] - # "foo::bar::" -> ["foo", "bar"] - # "::foo" -> [nil, "foo"] - # "::foo::" -> [nil, "foo"] - # "foo::bar::baz" -> ["foo::bar", "baz"] - # "foo::bar::baz::" -> ["foo::bar", "baz"] - # - def self.split_domain(str) - left, right = nil, nil - unless str.nil? - left, delimiter, right = str.gsub(/::$/, '').rpartition('::') - left, right = right, nil if delimiter.empty? - left = nil if left.empty? - end - return [left, right] - end -end diff --git a/keystone/lib/puppet/provider/keystone_config/ini_setting.rb b/keystone/lib/puppet/provider/keystone_config/ini_setting.rb deleted file mode 100644 index 3c2b1d272..000000000 --- a/keystone/lib/puppet/provider/keystone_config/ini_setting.rb +++ /dev/null @@ -1,10 +0,0 @@ -Puppet::Type.type(:keystone_config).provide( - :ini_setting, - :parent => Puppet::Type.type(:openstack_config).provider(:ini_setting) -) do - - def self.file_path - '/etc/keystone/keystone.conf' - end - -end diff --git a/keystone/lib/puppet/provider/keystone_domain/openstack.rb b/keystone/lib/puppet/provider/keystone_domain/openstack.rb deleted file mode 100644 index 465f8cbc9..000000000 --- a/keystone/lib/puppet/provider/keystone_domain/openstack.rb +++ /dev/null @@ -1,166 +0,0 @@ -require 'puppet/provider/keystone' -require 'puppet/util/inifile' - -Puppet::Type.type(:keystone_domain).provide( - :openstack, - :parent => Puppet::Provider::Keystone -) do - - desc 'Provider that manages keystone domains' - - @credentials = Puppet::Provider::Openstack::CredentialsV3.new - - def initialize(value={}) - super(value) - @property_flush = {} - end - - def self.do_not_manage - @do_not_manage - end - - def self.do_not_manage=(value) - @do_not_manage = value - end - - def create - if self.class.do_not_manage - fail("Not managing Keystone_domain[#{@resource[:name]}] due to earlier Keystone API failures.") - end - properties = [resource[:name]] - if resource[:enabled] == :true - properties << '--enable' - elsif resource[:enabled] == :false - properties << '--disable' - end - if resource[:description] - properties << '--description' - properties << resource[:description] - end - @property_hash = self.class.request('domain', 'create', properties) - @property_hash[:is_default] = sym_to_bool(resource[:is_default]) - @property_hash[:ensure] = :present - ensure_default_domain(true) - end - - def exists? - @property_hash[:ensure] == :present - end - - def destroy - if self.class.do_not_manage - fail("Not managing Keystone_domain[#{@resource[:name]}] due to earlier Keystone API failures.") - end - # have to disable first - Keystone does not allow you to delete an - # enabled domain - self.class.request('domain', 'set', [resource[:name], '--disable']) - self.class.request('domain', 'delete', resource[:name]) - @property_hash[:ensure] = :absent - ensure_default_domain(false, true) - @property_hash.clear - end - - mk_resource_methods - - def enabled=(value) - @property_flush[:enabled] = value - end - - def enabled - bool_to_sym(@property_hash[:enabled]) - end - - def description=(value) - if self.class.do_not_manage - fail("Not managing Keystone_domain[#{@resource[:name]}] due to earlier Keystone API failures.") - end - @property_flush[:description] = value - end - - def is_default - bool_to_sym(@property_hash[:is_default]) - end - - def is_default=(value) - if self.class.do_not_manage - fail("Not managing Keystone_domain[#{@resource[:name]}] due to earlier Keystone API failures.") - end - @property_flush[:is_default] = value - end - - def ensure_default_domain(create, destroy=false, value=nil) - if self.class.do_not_manage - fail("Not managing Keystone_domain[#{@resource[:name]}] due to earlier Keystone API failures.") - end - curid = self.class.default_domain_id - default = (is_default == :true) - entry = keystone_conf_default_domain_id_entry(id) - if (default && create) || (!default && (value == :true)) - # new default domain, or making existing domain the default domain - if curid != id - entry.create - end - elsif (default && destroy) || (default && (value == :false)) - # removing default domain, or making this domain not the default - if curid == id - entry.destroy - end - end - self.class.default_domain_id = id - end - - def self.instances - self.do_not_manage = true - list = request('domain', 'list').collect do |domain| - new( - :name => domain[:name], - :ensure => :present, - :enabled => domain[:enabled].downcase.chomp == 'true' ? true : false, - :description => domain[:description], - :id => domain[:id], - :is_default => domain[:id] == default_domain_id - ) - end - self.do_not_manage = false - list - end - - def self.prefetch(resources) - domains = instances - resources.keys.each do |name| - if provider = domains.find { |domain| domain.name == name } - resources[name].provider = provider - end - end - end - - def flush - options = [] - if @property_flush && !@property_flush.empty? - options << '--enable' if @property_flush[:enabled] == :true - options << '--disable' if @property_flush[:enabled] == :false - if @property_flush[:description] - options << '--description' << resource[:description] - end - self.class.request('domain', 'set', [resource[:name]] + options) unless options.empty? - if @property_flush[:is_default] - ensure_default_domain(false, false, @property_flush[:is_default]) - end - @property_flush.clear - end - end - - private - - def keystone_conf_default_domain_id_entry(newid) - conf = Puppet::Type::Keystone_config - .new(:title => 'identity/default_domain_id', :value => newid) - entry = Puppet::Type.type(:keystone_config).provider(:ini_setting) - .new(conf) - entry - end - - def self.default_domain_id=(value) - class_variable_set(:@@default_domain_id, value) - end -end diff --git a/keystone/lib/puppet/provider/keystone_domain_config/openstack.rb b/keystone/lib/puppet/provider/keystone_domain_config/openstack.rb deleted file mode 100644 index 7f6ec1a12..000000000 --- a/keystone/lib/puppet/provider/keystone_domain_config/openstack.rb +++ /dev/null @@ -1,108 +0,0 @@ -Puppet::Type.type(:keystone_domain_config).provide( - :openstack, - :parent => Puppet::Type.type(:openstack_config).provider(:ini_setting) -) do - - class Puppet::Error::OpenstackMissingDomainName < Puppet::Error; end - class Puppet::Error::OpenstackMissingDomainDir < Puppet::Error; end - - # return the first which is defined: - # 1. the value defined in the catalog (@base_dir) - # 2. the value defined in the keystone.conf file - # 3. the default value '/etc/keystone/domains' - def self.base_dir - return @base_dir if @base_dir - base_dir = Puppet::Resource.indirection - .find('Keystone_config/identity/domain_config_dir')[:value] - if base_dir == :absent - '/etc/keystone/domains' - else - base_dir - end - end - - def self.find_domain_conf(catalog) - catalog.resources.find do |r| - # better than is_a? here because symbol - # Puppet::Type::Keystone_config may not be defined. - r.class.to_s == 'Puppet::Type::Keystone_config' && - r.name == 'identity/domain_config_dir' - end - end - - # Use the prefetch hook to check if the keystone_config - # identity/domain_config_dir is changed in the same catalog. This - # avoid to have to run puppet twice to get the right domain config - # file changed. Note, prefetch is the only time we can have acces - # to the catalog from the provider. - def self.prefetch(resources) - catalog = resources.values.first.catalog - resource_dir = find_domain_conf(catalog) - @base_dir = resource_dir.nil? ? nil : resource_dir[:value] - end - - def self.base_dir_exists? - base_dir_resource = Puppet::Resource.indirection - .find("file/#{base_dir}")[:ensure] - base_dir_resource == :directory ? true : false - end - - def create - unless self.class.base_dir_exists? - raise(Puppet::Error::OpenstackMissingDomainDir, - "You must create the #{self.class.base_dir} directory " \ - 'for keystone domain configuration.') - end - super - end - - # Do not provide self.file_path method. We need to create instance - # with different file paths, so we cannot have the same path for all - # the instances. This force us to redefine the instances class - # method. - def self.instances - resources = [] - Dir.glob(File.join(base_dir,'keystone.*.conf')).each do |domain_conf_file| - domain = domain_conf_file.gsub(/^.*\/keystone\.(.*)\.conf$/, '\1') - ini_file = Puppet::Util::IniFile.new(domain_conf_file, '=') - ini_file.section_names.each do |section_name| - ini_file.get_settings(section_name).each do |setting, value| - resources.push( - new( - :name => "#{domain}::#{section_name}/#{setting}", - :value => value, - :ensure => :present - ) - ) - end - end - end - resources - end - - def path - File.join(self.class.base_dir, 'keystone.' + domain + '.conf') - end - - # This avoid to have only one file for all the instances. - alias_method :file_path, :path - - def domain - if !@domain.nil? - @domain - else - result = name.partition('::') - if (result[1] == '' && result[2] == '') || result[0] == '' - raise(Puppet::Error::OpenstackMissingDomainName, - 'You must provide a domain name in the name of the resource ' \ - '::
/. It cannot be empty.') - else - @domain = result[0] - end - end - end - - def section - @section ||= super.sub(domain + '::', '') - end -end diff --git a/keystone/lib/puppet/provider/keystone_endpoint/openstack.rb b/keystone/lib/puppet/provider/keystone_endpoint/openstack.rb deleted file mode 100644 index 1bca791ed..000000000 --- a/keystone/lib/puppet/provider/keystone_endpoint/openstack.rb +++ /dev/null @@ -1,296 +0,0 @@ -require 'puppet/provider/keystone' - -Puppet::Type.type(:keystone_endpoint).provide( - :openstack, - :parent => Puppet::Provider::Keystone -) do - - desc "Provider to manage keystone endpoints." - - include PuppetX::Keystone::CompositeNamevar::Helpers - - attr_accessor :property_hash, :property_flush - - @endpoints = nil - @services = nil - @credentials = Puppet::Provider::Openstack::CredentialsV3.new - @do_not_manage = false - - def initialize(value={}) - super(value) - @property_flush = {} - end - - def self.do_not_manage - @do_not_manage - end - - def self.do_not_manage=(value) - @do_not_manage = value - end - - def create - if self.class.do_not_manage - fail("Not managing Keystone_endpoint[#{@resource[:name]}] due to earlier Keystone API failures.") - end - name = resource[:name] - region = resource[:region] - type = resource[:type] - type = self.class.type_from_service(name) unless set?(:type) - @property_hash[:type] = type - ids = [] - s_id = service_id - created = false - [:admin_url, :internal_url, :public_url].each do |scope| - if resource[scope] - created = true - ids << endpoint_create(s_id, region, scope.to_s.sub(/_url$/, ''), - resource[scope])[:id] - end - end - if created - @property_hash[:id] = ids.join(',') - @property_hash[:ensure] = :present - else - warning('Specifying a keystone_endpoint without an ' \ - 'admin_url/public_url/internal_url ' \ - "won't create the endpoint at all, despite what Puppet is saying.") - @property_hash[:ensure] = :absent - end - end - - def destroy - if self.class.do_not_manage - fail("Not managing Keystone_endpoint[#{@resource[:name]}] due to earlier Keystone API failures.") - end - ids = @property_hash[:id].split(',') - ids.each do |id| - self.class.request('endpoint', 'delete', id) - end - @property_hash.clear - end - - def exists? - @property_hash[:ensure] == :present - end - - mk_resource_methods - - def public_url=(value) - if self.class.do_not_manage - fail("Not managing Keystone_endpoint[#{@resource[:name]}] due to earlier Keystone API failures.") - end - @property_flush[:public_url] = value - end - - def internal_url=(value) - if self.class.do_not_manage - fail("Not managing Keystone_endpoint[#{@resource[:name]}] due to earlier Keystone API failures.") - end - @property_flush[:internal_url] = value - end - - def admin_url=(value) - if self.class.do_not_manage - fail("Not managing Keystone_endpoint[#{@resource[:name]}] due to earlier Keystone API failures.") - end - @property_flush[:admin_url] = value - end - - def region=(_) - fail(Puppet::Error, "Updating the endpoint's region is not currently supported.") - end - - def self.instances - names = [] - list = [] - endpoints.each do |current| - name = transform_name(current[:region], current[:service_name], current[:service_type]) - unless names.include?(name) - names << name - endpoint = { :name => name, current[:interface].to_sym => current } - endpoints.each do |ep_osc| - if (ep_osc[:id] != current[:id]) && - (ep_osc[:service_name] == current[:service_name]) && - (ep_osc[:service_type] == current[:service_type]) && - (ep_osc[:region] == current[:region]) - endpoint.merge!(ep_osc[:interface].to_sym => ep_osc) - end - end - list << endpoint - end - end - list.collect do |endpoint| - new( - :name => endpoint[:name], - :ensure => :present, - :id => make_id(endpoint), - :region => get_region(endpoint), - :admin_url => get_url(endpoint, :admin), - :internal_url => get_url(endpoint, :internal), - :public_url => get_url(endpoint, :public) - ) - end - end - - def self.prefetch(resources) - prefetch_composite(resources) do |sorted_namevars| - name = sorted_namevars[0] - region = sorted_namevars[1] - type = sorted_namevars[2] - transform_name(region, name, type) - end - end - - def flush - if property_flush && property_hash[:id] - scopes = [:admin_url, :internal_url, :public_url] - ids = Hash[scopes.zip(property_hash[:id].split(','))] - scopes.each do |scope| - if property_flush[scope] - if ids[scope].nil? || ids[scope].empty? - ids[scope] = endpoint_create(service_id, resource[:region], - scope.to_s.sub(/_url$/, ''), - property_flush[scope])[:id] - else - self.class.request('endpoint', - 'set', - [ids[scope], - "--url=#{resource[scope]}"]) - end - end - end - @property_hash = resource.to_hash - @property_hash[:id] = scopes.map { |s| ids[s] }.join(',') - @property_hash[:ensure] = :present - end - end - - private - - def endpoint_create(name, region, interface, url) - properties = [name, interface, url, '--region', region] - self.class.request('endpoint', 'create', properties) - end - - private - - def self.endpoints - return @endpoints unless @endpoints.nil? - prev_do_not_manage = self.do_not_manage - self.do_not_manage = true - @endpoints = request('endpoint', 'list') - self.do_not_manage = prev_do_not_manage - @endpoints - end - - def self.endpoints=(value) - @endpoints = value - end - - def self.services - return @services unless @services.nil? - prev_do_not_manage = self.do_not_manage - self.do_not_manage = true - @services = request('service', 'list') - self.do_not_manage = prev_do_not_manage - @services - end - - def self.services=(value) - @services = value - end - - def self.endpoint_from_region_name(region, name) - endpoints.find_all { |e| e[:region] == region && e[:service_name] == name } - .map { |e| e[:service_type] }.uniq - end - - def self.type_from_service(name) - types = services.find_all { |s| s[:name] == name }.map { |e| e[:type] }.uniq - if types.count == 1 - types[0] - else - # We don't fail here as it can happen during a ensure => absent. - PuppetX::Keystone::CompositeNamevar::Unset - end - end - - def self.service_type(services, region, name) - nbr_of_services = services.count - err_msg = ["endpoint matching #{region}/#{name}:"] - type = nil - - case - when nbr_of_services == 1 - type = services[0] - when nbr_of_services > 1 - err_msg += [endpoint_from_region_name(region, name).join(' ')] - when nbr_of_services < 1 - # Then we try to get the type by service name. - type = type_from_service(name) - end - - if !type.nil? - type - else - fail(Puppet::Error, 'Cannot get the correct endpoint type: ' \ - "#{err_msg.join(' ')}") - end - end - - def self.transform_name(region, name, type) - if type == PuppetX::Keystone::CompositeNamevar::Unset - type = service_type(endpoint_from_region_name(region, name), region, name) - end - if type == PuppetX::Keystone::CompositeNamevar::Unset - Puppet.debug("Could not find the type for endpoint #{region}/#{name}") - "#{region}/#{name}" - else - "#{region}/#{name}::#{type}" - end - end - - def self.make_id(endpoint) - id_str = '' - id_sep = '' - [:admin, :internal, :public].each do |type| - id_str += "#{id_sep}#{endpoint[type][:id]}" if endpoint[type] - id_sep = ',' - end - id_str - end - - def self.get_region(endpoint) - type = [:admin, :internal, :public].detect { |t| endpoint.key? t } - type ? endpoint[type][:region] : '' - end - - def self.get_url(endpoint, type, default='') - endpoint[type][:url] rescue default - end - - def service_id - # Reset the cache. - self.class.services = nil - name = resource[:name] - type = resource[:type] - - services = self.class.services.find_all { |s| s[:name] == name } - service = services.find { |s| s[:type] == type } - service_id = '' - if service.nil? && services.count == 1 - # For backward comptatibility, match the service by name only. - service_id = services[0][:id] - else - # Math the service by id. - service_id = service[:id] if service - end - if service_id.nil? || service_id.empty? - title = self.class.transform_name(resource[:region], resource[:name], resource[:type]) - fail(Puppet::Error, "Cannot find service associated with #{title}") - end - - service_id - end -end diff --git a/keystone/lib/puppet/provider/keystone_identity_provider/openstack.rb b/keystone/lib/puppet/provider/keystone_identity_provider/openstack.rb deleted file mode 100644 index 1db71088d..000000000 --- a/keystone/lib/puppet/provider/keystone_identity_provider/openstack.rb +++ /dev/null @@ -1,157 +0,0 @@ -require 'json' -require 'puppet/provider/keystone' - -class Puppet::Error::OpenstackDuplicateRemoteId < Puppet::Error; end - -Puppet::Type.type(:keystone_identity_provider).provide( - :openstack, - :parent => Puppet::Provider::Keystone -) do - - desc 'Provider to manage keystone identity provider.' - - @credentials = Puppet::Provider::Openstack::CredentialsV3.new - - mk_resource_methods - - def create - properties = [] - remote_ids = [] - remote_id_file = [] - option_enable = '--enable' - - remote_ids += resource[:remote_ids] if resource[:remote_ids] - - remote_id_file += ['--remote-id-file', resource[:remote_id_file]] if - resource[:remote_id_file] - - properties += self.class.remote_ids_cli(remote_ids) - properties += remote_id_file - - option_enable = '--disable' if resource[:enabled] == :false - properties << option_enable - - properties += ['--description', resource[:description]] if - resource[:description] - properties << resource[:name] - - @property_hash = self.class.request('identity provider', - 'create', - properties) - - rescue Puppet::ExecutionFailure => e - if e.message =~ - /openstack Conflict occurred attempting to store identity_provider/ - raise(Puppet::Error::OpenstackDuplicateRemoteId, - 'One of the remote-id of this resource is already ' \ - 'registered by another identity provider: ' \ - "#{e.message}") - else - raise e - end - else - @property_hash[:ensure] = :present - end - - def destroy - self.class.request('identity provider', 'delete', id) - @property_hash.clear - end - - def exists? - @property_hash[:ensure] == :present - end - - def self.instances - list = request('identity provider', 'list') - list.collect do |identity_provider| - - current_resource = - request('identity provider', 'show', identity_provider[:id]) - new( - :name => identity_provider[:id], - :id => identity_provider[:id], - :description => identity_provider[:description], - :enabled => identity_provider[:enabled].downcase.chomp == 'true' ? true : false, - :remote_ids => clean_remote_ids(current_resource[:remote_ids]), - :ensure => :present - ) - end - end - - def self.prefetch(resources) - identity_providers = instances - resources.keys.each do |name| - if provider = identity_providers.find { |existing| existing.name == name } - resources[name].provider = provider - end - end - end - - # puppetlabs/PUP-1470: to be removed when puppet 3.5 is no longer supported. - def enabled - if @property_hash[:enabled].nil? - :absent - else - @property_hash[:enabled] - end - end - - def enabled=(value) - options = value == :false ? ['--disable'] : ['--enable'] - options << id - self.class.request('identity provider', 'set', options) - end - - def remote_ids=(value) - options = [] - options += self.class.remote_ids_cli(value) - self.class.request('identity provider', 'set', options + [id]) unless - options.empty? - end - - def remote_id_file=(value) - options = ['--remote-id-file', value] - self.class.request('identity provider', 'set', options + [id]) - end - - def remote_id_file - remote_ids - end - - # bug/python-openstackclient/1478995: when fixed, parsing will be done by OSC. - def self.clean_remote_ids(remote_ids) - version = request('--version', '').sub(/openstack\s+/i, '').strip - if Gem::Version.new(version) < Gem::Version.new('1.9.0') - clean_remote_ids_old(remote_ids) - else - remote_ids.split(',').map(&:strip) - end - end - - def self.clean_remote_ids_old(remote_ids) - remote_ids_clean = [] - if remote_ids != '[]' - python_array_of_unicode_string = %r/ - u # the u character - (?["']) # followed by a delimiter - (? # which holds the value - .+? # composed of non-delimiter - ) - (\k) # ended by the delimiter - /x - remote_ids_clean = JSON.parse(remote_ids.gsub( - python_array_of_unicode_string, - '"\k"')) - end - rescue JSON::ParserError - raise(Puppet::Error, - "Could not parse #{remote_ids} into a valid structure. " \ - 'Please submit a bug report.') - else - remote_ids_clean - end - def self.remote_ids_cli(remote_ids) - remote_ids.map { |e| ['--remote-id', e.to_s] }.flatten - end -end diff --git a/keystone/lib/puppet/provider/keystone_paste_ini/ini_setting.rb b/keystone/lib/puppet/provider/keystone_paste_ini/ini_setting.rb deleted file mode 100644 index 23a47af65..000000000 --- a/keystone/lib/puppet/provider/keystone_paste_ini/ini_setting.rb +++ /dev/null @@ -1,27 +0,0 @@ -Puppet::Type.type(:keystone_paste_ini).provide( - :ini_setting, - :parent => Puppet::Type.type(:ini_setting).provider(:ruby) -) do - - def section - resource[:name].split('/', 2).first - end - - def setting - resource[:name].split('/', 2).last - end - - def separator - '=' - end - - def self.file_path - '/etc/keystone/keystone-paste.ini' - end - - # this needs to be removed. This has been replaced with the class method - def file_path - self.class.file_path - end - -end diff --git a/keystone/lib/puppet/provider/keystone_role/openstack.rb b/keystone/lib/puppet/provider/keystone_role/openstack.rb deleted file mode 100644 index b002178db..000000000 --- a/keystone/lib/puppet/provider/keystone_role/openstack.rb +++ /dev/null @@ -1,71 +0,0 @@ -require 'puppet/provider/keystone' - -Puppet::Type.type(:keystone_role).provide( - :openstack, - :parent => Puppet::Provider::Keystone -) do - - desc 'Provider for keystone roles.' - - @credentials = Puppet::Provider::Openstack::CredentialsV3.new - - def initialize(value={}) - super(value) - @property_flush = {} - end - - def self.do_not_manage - @do_not_manage - end - - def self.do_not_manage=(value) - @do_not_manage = value - end - - def create - if self.class.do_not_manage - fail("Not managing Keystone_role[#{@resource[:name]}] due to earlier Keystone API failures.") - end - self.class.request('role', 'create', name) - @property_hash[:ensure] = :present - end - - def destroy - if self.class.do_not_manage - fail("Not managing Keystone_role[#{@resource[:name]}] due to earlier Keystone API failures.") - end - self.class.request('role', 'delete', @property_hash[:id]) - @property_hash.clear - end - - def exists? - @property_hash[:ensure] == :present - end - - def id - @property_hash[:id] - end - - def self.instances - self.do_not_manage = true - list = request('role', 'list') - reallist = list.collect do |role| - new( - :name => role[:name], - :ensure => :present, - :id => role[:id] - ) - end - self.do_not_manage = false - reallist - end - - def self.prefetch(resources) - roles = instances - resources.keys.each do |name| - if provider = roles.find{ |role| role.name == name } - resources[name].provider = provider - end - end - end -end diff --git a/keystone/lib/puppet/provider/keystone_service/openstack.rb b/keystone/lib/puppet/provider/keystone_service/openstack.rb deleted file mode 100644 index e49a40218..000000000 --- a/keystone/lib/puppet/provider/keystone_service/openstack.rb +++ /dev/null @@ -1,104 +0,0 @@ -require 'puppet/provider/keystone' - -Puppet::Type.type(:keystone_service).provide( - :openstack, - :parent => Puppet::Provider::Keystone -) do - - desc "Provider to manage keystone services." - - @credentials = Puppet::Provider::Openstack::CredentialsV3.new - - include PuppetX::Keystone::CompositeNamevar::Helpers - - def initialize(value = {}) - super(value) - @property_flush = {} - end - - def self.do_not_manage - @do_not_manage - end - - def self.do_not_manage=(value) - @do_not_manage = value - end - - def create - if self.class.do_not_manage - fail("Not managing Keystone_service[#{@resource[:name]}] due to earlier Keystone API failures.") - end - properties = [resource[:type]] - properties << '--name' << resource[:name] - if resource[:description] - properties << '--description' << resource[:description] - end - created = self.class.request('service', 'create', properties) - @property_hash[:ensure] = :present - @property_hash[:type] = resource[:type] - @property_hash[:id] = created[:id] - @property_hash[:description] = resource[:description] - end - - def destroy - if self.class.do_not_manage - fail("Not managing Keystone_service[#{@resource[:name]}] due to earlier Keystone API failures.") - end - self.class.request('service', 'delete', @property_hash[:id]) - @property_hash.clear - end - - def exists? - @property_hash[:ensure] == :present - end - - mk_resource_methods - - def description=(value) - if self.class.do_not_manage - fail("Not managing Keystone_service[#{@resource[:name]}] due to earlier Keystone API failures.") - end - @property_flush[:description] = value - end - - def type=(value) - if self.class.do_not_manage - fail("Not managing Keystone_service[#{@resource[:name]}] due to earlier Keystone API failures.") - end - @property_flush[:type] = value - end - - def self.instances - self.do_not_manage = true - list = request('service', 'list', '--long') - reallist = list.collect do |service| - new( - :name => resource_to_name(service[:type], service[:name], false), - :ensure => :present, - :type => service[:type], - :description => service[:description], - :id => service[:id] - ) - end - self.do_not_manage = false - reallist - end - - def self.prefetch(resources) - prefetch_composite(resources) do |sorted_namevars| - name = sorted_namevars[0] - type = sorted_namevars[1] - resource_to_name(type, name, false) - end - end - - def flush - options = [] - if @property_flush && !@property_flush.empty? - options << "--description=#{resource[:description]}" if @property_flush[:description] - options << "--type=#{resource[:type]}" if @property_flush[:type] - self.class.request('service', 'set', [@property_hash[:id]] + options) unless options.empty? - @property_flush.clear - end - end -end diff --git a/keystone/lib/puppet/provider/keystone_tenant/openstack.rb b/keystone/lib/puppet/provider/keystone_tenant/openstack.rb deleted file mode 100644 index 2dea4a4d8..000000000 --- a/keystone/lib/puppet/provider/keystone_tenant/openstack.rb +++ /dev/null @@ -1,132 +0,0 @@ -require 'puppet/provider/keystone' - -Puppet::Type.type(:keystone_tenant).provide( - :openstack, - :parent => Puppet::Provider::Keystone -) do - - desc "Provider to manage keystone tenants/projects." - - @credentials = Puppet::Provider::Openstack::CredentialsV3.new - - include PuppetX::Keystone::CompositeNamevar::Helpers - - def initialize(value={}) - super(value) - @property_flush = {} - end - - def self.do_not_manage - @do_not_manage - end - - def self.do_not_manage=(value) - @do_not_manage = value - end - - def create - if self.class.do_not_manage - fail("Not managing Keystone_tenant[#{@resource[:name]}] due to earlier Keystone API failures.") - end - properties = [resource[:name]] - if resource[:enabled] == :true - properties << '--enable' - elsif resource[:enabled] == :false - properties << '--disable' - end - if resource[:description] - properties << '--description' - properties << resource[:description] - end - properties << '--domain' - properties << resource[:domain] - - @property_hash = self.class.request('project', 'create', properties) - @property_hash[:name] = resource[:name] - @property_hash[:domain] = resource[:domain] - @property_hash[:ensure] = :present - rescue Puppet::ExecutionFailure => e - if e.message =~ /No domain with a name or ID of/ - raise(Puppet::Error, "No project #{resource[:name]} with domain #{resource[:domain]} found") - else - raise - end - end - - mk_resource_methods - - def exists? - @property_hash[:ensure] == :present - end - - def destroy - if self.class.do_not_manage - fail("Not managing Keystone_tenant[#{@resource[:name]}] due to earlier Keystone API failures.") - end - self.class.request('project', 'delete', id) - @property_hash.clear - end - - def enabled=(value) - if self.class.do_not_manage - fail("Not managing Keystone_tenant[#{@resource[:name]}] due to earlier Keystone API failures.") - end - @property_flush[:enabled] = value - end - - def enabled - bool_to_sym(@property_hash[:enabled]) - end - - def description=(value) - if self.class.do_not_manage - fail("Not managing Keystone_tenant[#{@resource[:name]}] due to earlier Keystone API failures.") - end - @property_flush[:description] = value - end - - def self.instances - if default_domain_changed - warning(default_domain_deprecation_message) - end - self.do_not_manage = true - projects = request('project', 'list', '--long') - list = projects.collect do |project| - domain_name = domain_name_from_id(project[:domain_id]) - new( - :name => resource_to_name(domain_name, project[:name]), - :ensure => :present, - :enabled => project[:enabled].downcase.chomp == 'true' ? true : false, - :description => project[:description], - :domain => domain_name, - :domain_id => project[:domain_id], - :id => project[:id] - ) - end - self.do_not_manage = false - list - end - - def self.prefetch(resources) - prefetch_composite(resources) do |sorted_namevars| - domain = sorted_namevars[0] - name = sorted_namevars[1] - resource_to_name(domain, name) - end - end - - def flush - options = [] - if @property_flush && !@property_flush.empty? - case @property_flush[:enabled] - when :true - options << '--enable' - when :false - options << '--disable' - end - (options << "--description=#{resource[:description]}") if @property_flush[:description] - self.class.request('project', 'set', [id] + options) unless options.empty? - @property_flush.clear - end - end -end diff --git a/keystone/lib/puppet/provider/keystone_user/openstack.rb b/keystone/lib/puppet/provider/keystone_user/openstack.rb deleted file mode 100644 index 76a29a37b..000000000 --- a/keystone/lib/puppet/provider/keystone_user/openstack.rb +++ /dev/null @@ -1,175 +0,0 @@ -require 'puppet/provider/keystone' - -Puppet::Type.type(:keystone_user).provide( - :openstack, - :parent => Puppet::Provider::Keystone -) do - - desc "Provider to manage keystone users." - - @credentials = Puppet::Provider::Openstack::CredentialsV3.new - - include PuppetX::Keystone::CompositeNamevar::Helpers - - def initialize(value={}) - super(value) - @property_flush = {} - end - - def self.do_not_manage - @do_not_manage - end - - def self.do_not_manage=(value) - @do_not_manage = value - end - - def create - if self.class.do_not_manage - fail("Not managing Keystone_user[#{@resource[:name]}] due to earlier Keystone API failures.") - end - user_name, user_domain = resource[:name], resource[:domain] - properties = [user_name] - if resource[:enabled] == :true - properties << '--enable' - elsif resource[:enabled] == :false - properties << '--disable' - end - if resource[:password] - properties << '--password' << resource[:password] - end - if resource[:email] - properties << '--email' << resource[:email] - end - if user_domain - properties << '--domain' - properties << user_domain - end - @property_hash = self.class.request('user', 'create', properties) - @property_hash[:name] = resource[:name] - @property_hash[:domain] = user_domain - @property_hash[:ensure] = :present - end - - def destroy - self.class.request('user', 'delete', id) - @property_hash.clear - end - - def flush - options = [] - if @property_flush && !@property_flush.empty? - options << '--enable' if @property_flush[:enabled] == :true - options << '--disable' if @property_flush[:enabled] == :false - # There is a --description flag for the set command, but it does not work if the value is empty - options << '--password' << resource[:password] if @property_flush[:password] - options << '--email' << resource[:email] if @property_flush[:email] - # project handled in tenant= separately - unless options.empty? - options << id - self.class.request('user', 'set', options) - end - @property_flush.clear - end - end - - mk_resource_methods - - def exists? - return true if @property_hash[:ensure] == :present - domain_name = self.class.domain_id_from_name(resource[:domain]) - self.class.request_without_retry do - @property_hash = - self.class.fetch_user(resource[:name], domain_name) - @property_hash ||= {} - end - # This can happen in bad LDAP mapping - @property_hash[:enabled] = 'true' if @property_hash[:enabled].nil? - - return false if @property_hash.nil? || @property_hash[:id].nil? - true - end - - # Types properties - def enabled - is_enabled = @property_hash[:enabled].downcase.chomp == 'true' ? true : false - bool_to_sym(is_enabled) - end - - def enabled=(value) - @property_flush[:enabled] = value - end - - def email=(value) - @property_flush[:email] = value - end - - def password - passwd = nil - return passwd if resource[:password] == nil - if resource[:enabled] == :false || resource[:replace_password] == :false - # Unchanged password - passwd = resource[:password] - else - # Password validation - credentials = Puppet::Provider::Openstack::CredentialsV3.new - unless credentials.auth_url = self.class.get_auth_url - raise(Puppet::Error::OpenstackAuthInputError, "Could not find authentication url to validate user's password.") - end - credentials.password = resource[:password] - credentials.user_id = id - - # NOTE: The only reason we use username is so that the openstack provider - # will know we are doing v3password auth - otherwise, it is not used. The - # user_id uniquely identifies the user including domain. - credentials.username = resource[:name] - # Need to specify a project id to get a project scoped token. List - # all of the projects for the user, and use the id from the first one. - projects = self.class.request('project', 'list', ['--user', id, '--long']) - if projects && projects[0] && projects[0][:id] - credentials.project_id = projects[0][:id] - else - # last chance - try a domain scoped token - credentials.domain_name = domain - end - - credentials.identity_api_version = '2' if credentials.auth_url =~ /v2\.0\/?$/ - - begin - token = Puppet::Provider::Openstack.request('token', 'issue', ['--format', 'value'], credentials) - rescue Puppet::Error::OpenstackUnauthorizedError - # password is invalid - else - passwd = resource[:password] unless token.empty? - end - end - return passwd - end - - def password=(value) - if self.class.do_not_manage - fail("Not managing Keystone_user[#{@resource[:name]}] due to earlier Keystone API failures.") - end - @property_flush[:password] = value - end - - def replace_password - @property_hash[:replace_password] - end - - def replace_password=(value) - if self.class.do_not_manage - fail("Not managing Keystone_user[#{@resource[:name]}] due to earlier Keystone API failures.") - end - @property_flush[:replace_password] = value - end - - def domain - @property_hash[:domain] - end - - def domain_id - @property_hash[:domain_id] - end - -end diff --git a/keystone/lib/puppet/provider/keystone_user_role/openstack.rb b/keystone/lib/puppet/provider/keystone_user_role/openstack.rb deleted file mode 100644 index c96cb4597..000000000 --- a/keystone/lib/puppet/provider/keystone_user_role/openstack.rb +++ /dev/null @@ -1,112 +0,0 @@ -require 'puppet/provider/keystone' -require 'puppet/provider/keystone/util' -require 'puppet_x/keystone/composite_namevar' - -Puppet::Type.type(:keystone_user_role).provide( - :openstack, - :parent => Puppet::Provider::Keystone -) do - desc "Provider to manage keystone role assignments to users." - - include PuppetX::Keystone::CompositeNamevar::Helpers - - @credentials = Puppet::Provider::Openstack::CredentialsV3.new - - def initialize(value={}) - super(value) - @property_flush = {} - end - - def self.do_not_manage - @do_not_manage - end - - def self.do_not_manage=(value) - @do_not_manage = value - end - - def create - if resource[:roles] - options = properties - resource[:roles].each do |role| - self.class.request('role', 'add', [role] + options) - end - end - end - - def destroy - if @property_hash[:roles] - options = properties - @property_hash[:roles].each do |role| - self.class.request('role', 'remove', [role] + options) - end - end - @property_hash[:ensure] = :absent - end - - def exists? - roles_db = self.class.request('role', 'list', properties) - @property_hash[:name] = resource[:name] - if roles_db.empty? - @property_hash[:ensure] = :absent - else - @property_hash[:ensure] = :present - @property_hash[:roles] = roles_db.collect do |role| - role[:name] - end - end - return @property_hash[:ensure] == :present - end - - mk_resource_methods - - # Don't want :absent - [:user, :user_domain, :project, :project_domain, :domain].each do |attr| - define_method(attr) do - @property_hash[attr] ||= resource[attr] - end - end - - def roles=(value) - current_roles = roles - # determine the roles to be added and removed - remove = current_roles - Array(value) - add = Array(value) - current_roles - add.each do |role_name| - self.class.request('role', 'add', [role_name] + properties) - end - remove.each do |role_name| - self.class.request('role', 'remove', [role_name] + properties) - end - end - - private - - def properties - return @properties if @properties - properties = [] - if set?(:project) - properties << '--project' << get_project_id - elsif set?(:domain) - properties << '--domain' << domain - else - raise(Puppet::Error, 'No project or domain specified for role') - end - properties << '--user' << get_user_id - @properties = properties - end - - def get_user_id - id = self.class.user_id_from_name_and_domain_name(user, user_domain) - raise(Puppet::Error, "No user #{user} with domain #{user_domain} found") if id.nil? - id - end - - def get_project_id - id = self.class.project_id_from_name_and_domain_name(project, project_domain) - if id.nil? - raise(Puppet::Error, "No project #{project} with domain #{project_domain} found") - end - id - end -end diff --git a/keystone/lib/puppet/type/keystone_config.rb b/keystone/lib/puppet/type/keystone_config.rb deleted file mode 100644 index 9dc4f3c46..000000000 --- a/keystone/lib/puppet/type/keystone_config.rb +++ /dev/null @@ -1,12 +0,0 @@ -Puppet::Type.newtype(:keystone_config) do - - require File.expand_path(File.join( - File.dirname(__FILE__), '..', '..', - 'puppet_x', 'keystone_config', 'ini_setting')) - # mixin, shared with keystone_domain_config until this one moves on - # to openstack cli - extend PuppetX::KeystoneConfig::IniSetting - - create_parameters - -end diff --git a/keystone/lib/puppet/type/keystone_domain.rb b/keystone/lib/puppet/type/keystone_domain.rb deleted file mode 100644 index b23e4e613..000000000 --- a/keystone/lib/puppet/type/keystone_domain.rb +++ /dev/null @@ -1,52 +0,0 @@ -# LP#1408531 -File.expand_path('../..', File.dirname(__FILE__)).tap { |dir| $LOAD_PATH.unshift(dir) unless $LOAD_PATH.include?(dir) } -File.expand_path('../../../../openstacklib/lib', File.dirname(__FILE__)).tap { |dir| $LOAD_PATH.unshift(dir) unless $LOAD_PATH.include?(dir) } - -Puppet::Type.newtype(:keystone_domain) do - - desc <<-EOT - This type can be used to manage - keystone domains. - EOT - - ensurable - - newparam(:name, :namevar => true) do - newvalues(/\w+/) - end - - newproperty(:enabled) do - newvalues(/(t|T)rue/, /(f|F)alse/, true, false ) - defaultto(true) - munge do |value| - value.to_s.downcase.to_sym - end - end - - newproperty(:description) - - newproperty(:is_default) do - desc <<-EOT - If this is true, this is the default domain used for v2.0 requests when the domain - is not specified, or used by v3 providers if no other domain is specified. The id - of this domain will be written to the keystone config identity/default_domain_id - value. - EOT - newvalues(/(t|T)rue/, /(f|F)alse/, true, false ) - defaultto(false) - munge do |value| - value.to_s.downcase.to_sym - end - end - - newproperty(:id) do - validate do |v| - raise(Puppet::Error, 'This is a read only property') - end - end - - # we should not do anything until the keystone service is started - autorequire(:anchor) do - ['keystone::service::end'] - end -end diff --git a/keystone/lib/puppet/type/keystone_domain_config.rb b/keystone/lib/puppet/type/keystone_domain_config.rb deleted file mode 100644 index 08d6524ce..000000000 --- a/keystone/lib/puppet/type/keystone_domain_config.rb +++ /dev/null @@ -1,36 +0,0 @@ -Puppet::Type.newtype(:keystone_domain_config) do - - require File.expand_path(File.join( - File.dirname(__FILE__), '..', '..', - 'puppet_x', 'keystone_config', 'ini_setting')) - # mixin, shared with keystone_domain_config until this one moves on - # to openstack cli - extend PuppetX::KeystoneConfig::IniSetting - - def initialize(*args) - super - # latest version of puppet got autonotify, but 3.8.2 doesn't so - # use this. - keystone_service = 'Service[keystone]' - self[:notify] = [keystone_service] if !catalog.nil? && - catalog.resource(keystone_service) - end - - create_parameters - - # if one declare the domain directory as a resource, this will - # create a soft dependancy with it. - autorequire(:file) do - currently_defined = provider.class.find_domain_conf(catalog) - # we use the catalog and fall back to provider.self.base_dir (see - # its comment). Note at this time the @base_dir in - # provider.class.base_dir will always be false as self.prefetch - # hasn't run yet. - currently_defined.nil? ? [provider.class.base_dir] : [currently_defined[:value]] - end - - # if the keystone configuration is changed we require it - autorequire(:keystone_config) do - ['identity/domain_config_dir'] - end -end diff --git a/keystone/lib/puppet/type/keystone_endpoint.rb b/keystone/lib/puppet/type/keystone_endpoint.rb deleted file mode 100644 index 8566c3254..000000000 --- a/keystone/lib/puppet/type/keystone_endpoint.rb +++ /dev/null @@ -1,98 +0,0 @@ -# LP#1408531 -File.expand_path('../..', File.dirname(__FILE__)).tap { |dir| $LOAD_PATH.unshift(dir) unless $LOAD_PATH.include?(dir) } -File.expand_path('../../../../openstacklib/lib', File.dirname(__FILE__)).tap { |dir| $LOAD_PATH.unshift(dir) unless $LOAD_PATH.include?(dir) } -require 'puppet_x/keystone/composite_namevar' -require 'puppet_x/keystone/type' - -Puppet::Type.newtype(:keystone_endpoint) do - - desc 'Type for managing keystone endpoints.' - - include PuppetX::Keystone::CompositeNamevar::Helpers - ensurable - - newparam(:name, :namevar => true) - - newproperty(:id) do - include PuppetX::Keystone::Type::ReadOnly - end - - newparam(:region) do - isnamevar - include PuppetX::Keystone::Type::Required - end - - newparam(:type) do - isnamevar - defaultto do - deprecation_msg = 'Support for a endpoint without the type ' \ - 'set is deprecated in Liberty. ' \ - 'It will be dropped in Mitaka.' - warning(deprecation_msg) - PuppetX::Keystone::CompositeNamevar::Unset - end - end - - newproperty(:public_url) - - newproperty(:internal_url) - - newproperty(:admin_url) - - # we should not do anything until the keystone service is started - autorequire(:anchor) do - ['keystone::service::end'] - end - - autorequire(:keystone_service) do - if parameter_set?(:type) - "#{name}::#{self[:type]}" - else - title = catalog.resources - .find_all { |e| e.type == :keystone_service && e[:name] == name } - .map { |e| e.title }.uniq - if title.count == 1 - title - else - warning("Couldn't find the type of the domain to require using #{name}") - name - end - end - end - - def self.title_patterns - name = PuppetX::Keystone::CompositeNamevar.not_two_colon_regex - type = Regexp.new(/.+/) - region = Regexp.new(/[^\/]+/) - [ - [ - /^(#{region})\/(#{name})::(#{type})$/, - [ - [:region], - [:name], - [:type] - ] - ], - [ - /^(#{region})\/(#{name})$/, - [ - [:region], - [:name] - ] - ], - [ - /^(#{name})::(#{type})$/, - [ - [:name], - [:type] - ] - ], - [ - /^(#{name})$/, - [ - [:name] - ] - ] - ] - end -end diff --git a/keystone/lib/puppet/type/keystone_identity_provider.rb b/keystone/lib/puppet/type/keystone_identity_provider.rb deleted file mode 100644 index 0da5b8cbc..000000000 --- a/keystone/lib/puppet/type/keystone_identity_provider.rb +++ /dev/null @@ -1,98 +0,0 @@ -# LP#1408531 -File.expand_path('../..', File.dirname(__FILE__)).tap { |dir| $LOAD_PATH.unshift(dir) unless $LOAD_PATH.include?(dir) } -File.expand_path('../../../../openstacklib/lib', File.dirname(__FILE__)).tap { |dir| $LOAD_PATH.unshift(dir) unless $LOAD_PATH.include?(dir) } - -require 'puppet/provider/keystone/util' - -Puppet::Type.newtype(:keystone_identity_provider) do - - desc 'Type for managing identity provider.' - - ensurable - - newparam(:name, :namevar => true) do - newvalues(/\S+/) - end - - newproperty(:enabled) do - newvalues(/^(t|T)rue$/, /^(f|F)alse$/, true, false) - def insync?(is) - is.to_s.downcase.to_sym == should.to_s.downcase.to_sym - end - defaultto(true) - munge do |value| - value.to_s.downcase.to_sym - end - end - - newproperty(:description) do - desc 'Description of the identity server.' - newvalues(nil, /\S+/) - def insync?(is) - if should != is - raise(Puppet::Error, - 'The description cannot be changed ' \ - "from #{should} to #{is}") - end - true - end - end - - newproperty(:remote_ids, :array_matching => :all) do - def insync?(is) - # remote_ids and remote_id_file are mutually exclusive. - return true unless resource.parameters[:remote_id_file].nil? - - is.map(&:to_s).sort == should.map(&:to_s).sort - end - defaultto([]) - validate do |v| - if idx = v.to_s.index('"') - raise(Puppet::ResourceError, - 'rfc3986#section-2: remote id cannot have a double quote' \ - ": #{v} at position #{idx}" - ) - end - if v.to_s.match(/\s/) - raise(Puppet::ResourceError, - "Remote id cannot have space in it: '#{v}'" - ) - end - end - munge(&:to_s) - end - - newproperty(:remote_id_file) do - validate do |v| - unless resource.parameters[:remote_ids].nil? - raise(Puppet::ResourceError, - 'Cannot have both remote_ids and remote_id_file') - end - unless Pathname.new(v).absolute? - raise(Puppet::ResourceError, - "You must specify an absolute path name not '#{v}'.") - end - end - - def insync?(is) - ids_in_file = File.readlines(should).map(&:strip).delete_if(&:empty?) - ids_in_file.sort == is.sort - end - end - - newproperty(:id) do - validate do - raise(Puppet::Error, 'This is a read only property') - end - end - - autorequire(:file) do - if self[:remote_id_file] && Pathname.new(self[:remote_id_file]).absolute? - self[:remote_id_file] - end - end - - autorequire(:anchor) do - ['keystone::service::end'] - end -end diff --git a/keystone/lib/puppet/type/keystone_paste_ini.rb b/keystone/lib/puppet/type/keystone_paste_ini.rb deleted file mode 100644 index f2fc81eb2..000000000 --- a/keystone/lib/puppet/type/keystone_paste_ini.rb +++ /dev/null @@ -1,47 +0,0 @@ -Puppet::Type.newtype(:keystone_paste_ini) do - - ensurable - - newparam(:name, :namevar => true) do - desc 'Section/setting name to manage from keystone/keystone-paste.ini' - newvalues(/\S+\/\S+/) - end - - newproperty(:value) do - desc 'The value of the setting to be defined.' - munge do |value| - value = value.to_s.strip - value.capitalize! if value =~ /^(true|false)$/i - value - end - - def is_to_s( currentvalue ) - if resource.secret? - return '[old secret redacted]' - else - return currentvalue - end - end - - def should_to_s( newvalue ) - if resource.secret? - return '[new secret redacted]' - else - return newvalue - end - end - end - - newparam(:secret, :boolean => true) do - desc 'Whether to hide the value from Puppet logs. Defaults to `false`.' - - newvalues(:true, :false) - - defaultto false - end - - autorequire(:package) do - 'keystone' - end - -end diff --git a/keystone/lib/puppet/type/keystone_role.rb b/keystone/lib/puppet/type/keystone_role.rb deleted file mode 100644 index c4e50bbe3..000000000 --- a/keystone/lib/puppet/type/keystone_role.rb +++ /dev/null @@ -1,28 +0,0 @@ -# LP#1408531 -File.expand_path('../..', File.dirname(__FILE__)).tap { |dir| $LOAD_PATH.unshift(dir) unless $LOAD_PATH.include?(dir) } -File.expand_path('../../../../openstacklib/lib', File.dirname(__FILE__)).tap { |dir| $LOAD_PATH.unshift(dir) unless $LOAD_PATH.include?(dir) } - -Puppet::Type.newtype(:keystone_role) do - - desc <<-EOT - This is currently used to model the creation of - keystone roles. - EOT - - ensurable - - newparam(:name, :namevar => true) do - newvalues(/\S+/) - end - - newproperty(:id) do - validate do |v| - raise(Puppet::Error, 'This is a read only property') - end - end - - # we should not do anything until the keystone service is started - autorequire(:anchor) do - ['keystone::service::end'] - end -end diff --git a/keystone/lib/puppet/type/keystone_service.rb b/keystone/lib/puppet/type/keystone_service.rb deleted file mode 100644 index 5cc53239c..000000000 --- a/keystone/lib/puppet/type/keystone_service.rb +++ /dev/null @@ -1,44 +0,0 @@ -# LP#1408531 -File.expand_path('../..', File.dirname(__FILE__)).tap { |dir| $LOAD_PATH.unshift(dir) unless $LOAD_PATH.include?(dir) } -File.expand_path('../../../../openstacklib/lib', File.dirname(__FILE__)).tap { |dir| $LOAD_PATH.unshift(dir) unless $LOAD_PATH.include?(dir) } -require 'puppet_x/keystone/composite_namevar' -require 'puppet_x/keystone/type' - -Puppet::Type.newtype(:keystone_service) do - - desc 'This type can be used to manage keystone services.' - - ensurable - - newparam(:name, :namevar => true) do - desc 'The name of the service.' - newvalues(/\S+/) - end - - newproperty(:id) do - include PuppetX::Keystone::Type::ReadOnly - end - - newparam(:type) do - isnamevar - desc 'The type of service' - include PuppetX::Keystone::Type::Required - end - - newproperty(:description) do - desc 'A description of the service.' - defaultto('') - end - - # This ensures the service is started and therefore the keystone - # config is configured IF we need them for authentication. - # If there is no keystone config, authentication credentials - # need to come from another source. - autorequire(:anchor) do - ['keystone::service::end'] - end - - def self.title_patterns - PuppetX::Keystone::CompositeNamevar.basic_split_title_patterns(:name, :type) - end -end diff --git a/keystone/lib/puppet/type/keystone_tenant.rb b/keystone/lib/puppet/type/keystone_tenant.rb deleted file mode 100644 index 0b532a1cb..000000000 --- a/keystone/lib/puppet/type/keystone_tenant.rb +++ /dev/null @@ -1,68 +0,0 @@ -# LP#1408531 -File.expand_path('../..', File.dirname(__FILE__)).tap { |dir| $LOAD_PATH.unshift(dir) unless $LOAD_PATH.include?(dir) } -File.expand_path('../../../../openstacklib/lib', File.dirname(__FILE__)).tap { |dir| $LOAD_PATH.unshift(dir) unless $LOAD_PATH.include?(dir) } -require 'puppet/provider/keystone/util' -require 'puppet_x/keystone/composite_namevar' -require 'puppet_x/keystone/type' - -Puppet::Type.newtype(:keystone_tenant) do - - desc 'This type can be used to manage keystone tenants.' - - ensurable - - newparam(:name, :namevar => true) do - desc 'The name of the tenant.' - newvalues(/\w+/) - end - - newproperty(:enabled) do - desc 'Whether the tenant should be enabled. Defaults to true.' - newvalues(/(t|T)rue/, /(f|F)alse/, true, false ) - defaultto(true) - munge do |value| - value.to_s.downcase.to_sym - end - end - - newproperty(:description) do - desc 'A description of the tenant.' - end - - newproperty(:id) do - desc 'Read-only property of the tenant.' - validate do |v| - raise(Puppet::Error, 'This is a read only property') - end - end - - newparam(:domain) do - desc 'Domain for tenant.' - isnamevar - include PuppetX::Keystone::Type::DefaultDomain - end - - autorequire(:keystone_domain) do - default_domain = catalog.resources.find do |r| - r.class.to_s == 'Puppet::Type::Keystone_domain' && - r[:is_default] == :true && - r[:ensure] == :present - end - rv = [self[:domain]] - # Only used to display the deprecation warning. - rv << default_domain.name unless default_domain.nil? - rv - end - - # This ensures the service is started and therefore the keystone - # config is configured IF we need them for authentication. - # If there is no keystone config, authentication credentials - # need to come from another source. - autorequire(:anchor) do - ['keystone::service::end', 'default_domain_created'] - end - - def self.title_patterns - PuppetX::Keystone::CompositeNamevar.basic_split_title_patterns(:name, :domain) - end -end diff --git a/keystone/lib/puppet/type/keystone_user.rb b/keystone/lib/puppet/type/keystone_user.rb deleted file mode 100644 index 7d1bec2e5..000000000 --- a/keystone/lib/puppet/type/keystone_user.rb +++ /dev/null @@ -1,89 +0,0 @@ -# LP#1408531 -File.expand_path('../..', File.dirname(__FILE__)).tap { |dir| $LOAD_PATH.unshift(dir) unless $LOAD_PATH.include?(dir) } -File.expand_path('../../../../openstacklib/lib', File.dirname(__FILE__)).tap { |dir| $LOAD_PATH.unshift(dir) unless $LOAD_PATH.include?(dir) } - -require 'puppet/provider/keystone/util' -require 'puppet_x/keystone/composite_namevar' -require 'puppet_x/keystone/type' - -Puppet::Type.newtype(:keystone_user) do - - desc 'Type for managing keystone users.' - - ensurable - - newparam(:name, :namevar => true) do - newvalues(/\S+/) - end - - newproperty(:enabled) do - newvalues(/(t|T)rue/, /(f|F)alse/, true, false) - defaultto(true) - munge do |value| - value.to_s.downcase.to_sym - end - end - - newproperty(:password) do - newvalues(/\S+/) - def change_to_s(currentvalue, newvalue) - if currentvalue == :absent - return 'created password' - else - return 'changed password' - end - end - - def is_to_s( currentvalue ) - return '[old password redacted]' - end - - def should_to_s( newvalue ) - return '[new password redacted]' - end - end - - newproperty(:email) do - newvalues(/^(\S+@\S+)|$/) - end - - newproperty(:id) do - validate do |v| - raise(Puppet::Error, 'This is a read only property') - end - end - - newparam(:replace_password) do - newvalues(/(t|T)rue/, /(f|F)alse/, true, false) - defaultto(true) - munge do |value| - value.to_s.downcase.to_sym - end - end - - newparam(:domain) do - isnamevar - include PuppetX::Keystone::Type::DefaultDomain - end - - autorequire(:keystone_domain) do - default_domain = catalog.resources.find do |r| - r.class.to_s == 'Puppet::Type::Keystone_domain' && - r[:is_default] == :true && - r[:ensure] == :present - end - rv = [self[:domain]] - # Only used to display the deprecation warning. - rv << default_domain.name unless default_domain.nil? - rv - end - - # we should not do anything until the keystone service is started - autorequire(:anchor) do - ['keystone::service::end', 'default_domain_created'] - end - - def self.title_patterns - PuppetX::Keystone::CompositeNamevar.basic_split_title_patterns(:name, :domain) - end -end diff --git a/keystone/lib/puppet/type/keystone_user_role.rb b/keystone/lib/puppet/type/keystone_user_role.rb deleted file mode 100644 index a18aa16b9..000000000 --- a/keystone/lib/puppet/type/keystone_user_role.rb +++ /dev/null @@ -1,177 +0,0 @@ -# LP#1408531 -File.expand_path('../..', File.dirname(__FILE__)).tap { |dir| $LOAD_PATH.unshift(dir) unless $LOAD_PATH.include?(dir) } -File.expand_path('../../../../openstacklib/lib', File.dirname(__FILE__)).tap { |dir| $LOAD_PATH.unshift(dir) unless $LOAD_PATH.include?(dir) } - -require 'puppet/provider/keystone/util' -require 'puppet_x/keystone/composite_namevar' -require 'puppet_x/keystone/type' - -Puppet::Type.newtype(:keystone_user_role) do - - desc <<-EOT - This is currently used to model the creation of keystone users - roles. - - User roles are an assignment of a role to a user on a certain - tenant. The combination of all of these attributes is unique. - - The resource's name can be specified like this: - - @ - - which means the user is required. Project and domain are mutually - exclusive. User_domain and project_domain are optional. - - "user_domain" and "project_domain" resources default to the name - of the "Keystone_domain" resource which has the "is_default" - property set to true in the current catalog, or to "Default" if - such resource doesn't exist in the catalog. - - EOT - - include PuppetX::Keystone::CompositeNamevar::Helpers - ensurable - - newparam(:name, :namevar => true) - - [:user, :project].each do |p| - newparam(p) do - isnamevar - defaultto PuppetX::Keystone::CompositeNamevar::Unset - end - end - - [:user_domain, :project_domain].each do |p| - newparam(p) do - isnamevar - include PuppetX::Keystone::Type::DefaultDomain - end - end - - newparam(:domain) do - isnamevar - defaultto PuppetX::Keystone::CompositeNamevar::Unset - validate do |v| - if !resource.parameters[:project].nil? && - resource.parameters[:project].value != PuppetX::Keystone::CompositeNamevar::Unset && - v != PuppetX::Keystone::CompositeNamevar::Unset - raise(Puppet::ResourceError, - 'Cannot define both project and domain for a role.') - end - end - end - - newproperty(:roles, :array_matching => :all) do - def insync?(is) - return false unless is.is_a? Array - # order of roles does not matter - is.sort == should.sort - end - end - - autorequire(:keystone_user) do - # Pass through title parsing for matching resource. - [provider.class.resource_to_name(self[:user_domain], self[:user], false)] - end - - autorequire(:keystone_tenant) do - rv = [] - unless parameter_set?(:domain) - # Pass through title parsing for matching resource. - rv << provider.class.resource_to_name(self[:project_domain], - self[:project], false) - end - rv - end - - autorequire(:keystone_role) do - self[:roles] - end - - autorequire(:keystone_domain) do - default_domain = catalog.resources.find do |r| - r.class.to_s == 'Puppet::Type::Keystone_domain' && - r[:is_default] == :true && - r[:ensure] == :present - end - rv = [self[:user_domain]] - rv << self[:project_domain] if parameter_set?(:project_domain) - rv << self[:domain] if parameter_set?(:domain) - # Only used to display the deprecation warning. - rv << default_domain.name unless default_domain.nil? - rv - end - - # we should not do anything until the keystone service is started - autorequire(:anchor) do - ['keystone::service::end'] - end - - def self.title_patterns - user = PuppetX::Keystone::CompositeNamevar.not_two_colon_regex - project_domain = user - domain = user - user_domain = Regexp.new(/(?:[^:@]|:[^:@])+/) - project = user_domain - unset = ->(_) { PuppetX::Keystone::CompositeNamevar::Unset } - [ - [ - # fully qualified user with fully qualified project - /^(#{user})::(#{user_domain})@(#{project})::(#{project_domain})$/, - [ - [:user], - [:user_domain], - [:project], - [:project_domain] - ] - ], - # fully qualified user with domain - [ - /^(#{user})::(#{user_domain})@::(#{domain})($)/, - [ - [:user], - [:user_domain], - [:domain], - # Don't want to have project_domain set to default, while - # not used. - [:project_domain, unset] - ] - ], - # fully qualified user with project - [ - /^(#{user})::(#{user_domain})@(#{project})$/, - [ - [:user], - [:user_domain], - [:project] - ] - ], - # user with fully qualified project - [ - /^(#{user})@(#{project})::(#{project_domain})$/, - [ - [:user], - [:project], - [:project_domain] - ] - ], - # user with domain - [ - /^(#{user})@::(#{domain})($)/, - [ - [:user], - [:domain], - [:project_domain, unset] - ] - ], - # user with project - [ - /^(#{user})@(#{project})$/, - [ - [:user], - [:project] - ] - ] - ] - end -end diff --git a/keystone/lib/puppet_x/keystone/composite_namevar.rb b/keystone/lib/puppet_x/keystone/composite_namevar.rb deleted file mode 100644 index a5ff43184..000000000 --- a/keystone/lib/puppet_x/keystone/composite_namevar.rb +++ /dev/null @@ -1,71 +0,0 @@ -# Cherry pick PUP-1073 from puppetlabs: support of composite namevar for alias. -if Gem::Version.new(Puppet.version.sub(/\(Puppet Enterprise .*/i, '').strip) < Gem::Version.new('4.0.0') - Puppet::Resource::Catalog.class_eval do - def create_resource_aliases(resource) - # Skip creating aliases and checking collisions for non-isomorphic resources. - return unless resource.respond_to?(:isomorphic?) and resource.isomorphic? - # Add an alias if the uniqueness key is valid and not the - # title, which has already been checked. - ukey = resource.uniqueness_key - if ukey.any? and ukey != [resource.title] - self.alias(resource, ukey) - end - end - end - Puppet::Resource.class_eval do - def uniqueness_key - # Temporary kludge to deal with inconsistent use patterns; ensure we don't return nil for namevar/:name - h = self.to_hash - name = h[namevar] || h[:name] || self.name - h[namevar] ||= name - h[:name] ||= name - h.values_at(*key_attributes.sort_by { |k| k.to_s }) - end - end -end - -require 'puppet_x/keystone/composite_namevar/helpers' - -module PuppetX - module Keystone - module CompositeNamevar - - class Unset; end - - def self.not_two_colon_regex - # Anything but 2 consecutive colons. - Regexp.new(/(?:[^:]|:[^:])+/) - end - - def self.basic_split_title_patterns(prefix, suffix, separator = '::', *regexps) - associated_regexps = [] - if regexps.empty? and separator == '::' - associated_regexps += [not_two_colon_regex, not_two_colon_regex] - else - if regexps.count != 2 - raise(Puppet::DevError, 'You must provide two regexps') - else - associated_regexps += regexps - end - end - prefix_re = associated_regexps[0] - suffix_re = associated_regexps[1] - [ - [ - /^(#{prefix_re})#{separator}(#{suffix_re})$/, - [ - [prefix], - [suffix] - ] - ], - [ - /^(#{prefix_re})$/, - [ - [prefix] - ] - ] - ] - end - end - end -end diff --git a/keystone/lib/puppet_x/keystone/composite_namevar/helpers.rb b/keystone/lib/puppet_x/keystone/composite_namevar/helpers.rb deleted file mode 100644 index 35895946e..000000000 --- a/keystone/lib/puppet_x/keystone/composite_namevar/helpers.rb +++ /dev/null @@ -1,27 +0,0 @@ -require 'puppet_x/keystone/composite_namevar/helpers/utilities' - -module PuppetX - module Keystone - module CompositeNamevar - module Helpers - def set?(param, argument = nil) - value = nil - if argument.nil? - value = send(param.to_sym) - else - value = send(param.to_sym, argument) - end - value != PuppetX::Keystone::CompositeNamevar::Unset - end - - def parameter_set?(key) - set?(:'[]', key.to_sym) - end - - def self.included(klass) - klass.extend Utilities if klass.to_s.match(/Provider/) - end - end - end - end -end diff --git a/keystone/lib/puppet_x/keystone/composite_namevar/helpers/utilities.rb b/keystone/lib/puppet_x/keystone/composite_namevar/helpers/utilities.rb deleted file mode 100644 index 708625b8a..000000000 --- a/keystone/lib/puppet_x/keystone/composite_namevar/helpers/utilities.rb +++ /dev/null @@ -1,44 +0,0 @@ -module PuppetX - module Keystone - module CompositeNamevar - module Helpers - module Utilities - def prefetch_composite(resources) - # cannot trust puppet for correct resources with semantic title - res = resources.values.first - catalog = res.catalog - klass = res.class - required_resources = catalog.resources.find_all do |e| - e.class.to_s == klass.to_s - end - - # hash catalog resource by uniq key - required_res = Hash[required_resources.map(&:uniqueness_key) - .zip(required_resources)] - # This is the sort order returned by uniqueness_key. - namevars_ordered = resource_type.key_attributes.map(&:to_s).sort - existings = instances - # uniqueness_key sort by lexical order of the key attributes - required_res.each do |res_key, resource| - provider = existings.find do |existing| - if block_given? - # transformation is done on the name using namevar, - # so we let the user transform it the correct way. - res_transformed_namevar = yield(res_key) - # name in self.instance is assumed to have the same - # transformation than the one given by the user. - exist_transformed_namevar = existing.name - res_transformed_namevar == exist_transformed_namevar - else - res_key == namevars_ordered - .map { |namevar| existing.send(namevar) } - end - end - resource.provider = provider if provider - end - end - end - end - end - end -end diff --git a/keystone/lib/puppet_x/keystone/type.rb b/keystone/lib/puppet_x/keystone/type.rb deleted file mode 100644 index 7e1ab19df..000000000 --- a/keystone/lib/puppet_x/keystone/type.rb +++ /dev/null @@ -1,3 +0,0 @@ -require 'puppet_x/keystone/type/default_domain' -require 'puppet_x/keystone/type/required' -require 'puppet_x/keystone/type/read_only' diff --git a/keystone/lib/puppet_x/keystone/type/default_domain.rb b/keystone/lib/puppet_x/keystone/type/default_domain.rb deleted file mode 100644 index 0bdbcb560..000000000 --- a/keystone/lib/puppet_x/keystone/type/default_domain.rb +++ /dev/null @@ -1,15 +0,0 @@ -module PuppetX - module Keystone - module Type - module DefaultDomain - def self.included(klass) - klass.class_eval do - defaultto do - Puppet::Provider::Keystone.default_domain - end - end - end - end - end - end -end diff --git a/keystone/lib/puppet_x/keystone/type/read_only.rb b/keystone/lib/puppet_x/keystone/type/read_only.rb deleted file mode 100644 index 2479fd8d0..000000000 --- a/keystone/lib/puppet_x/keystone/type/read_only.rb +++ /dev/null @@ -1,15 +0,0 @@ -module PuppetX - module Keystone - module Type - module ReadOnly - def self.included(klass) - klass.class_eval do - validate do |_| - fail(ArgumentError, 'Read-only property.') - end - end - end - end - end - end -end diff --git a/keystone/lib/puppet_x/keystone/type/required.rb b/keystone/lib/puppet_x/keystone/type/required.rb deleted file mode 100644 index 13ae26f40..000000000 --- a/keystone/lib/puppet_x/keystone/type/required.rb +++ /dev/null @@ -1,23 +0,0 @@ -module PuppetX - module Keystone - module Type - module Required - def self.included(klass) - klass.class_eval do - defaultto do - custom = '' - if respond_to?(:required_custom_message) - custom = send(:required_custom_message) - end - fail(Puppet::ResourceError, - "#{custom}" \ - "Parameter #{name} failed on " \ - "#{resource.class.to_s.split('::')[-1]}[#{resource.name}]: " \ - 'Required parameter.') - end - end - end - end - end - end -end diff --git a/keystone/lib/puppet_x/keystone_config/ini_setting.rb b/keystone/lib/puppet_x/keystone_config/ini_setting.rb deleted file mode 100644 index 35357352b..000000000 --- a/keystone/lib/puppet_x/keystone_config/ini_setting.rb +++ /dev/null @@ -1,61 +0,0 @@ -module PuppetX - module KeystoneConfig - # Mixin for shared code between keystone_config and - # keystone_domain_config. This can be reincluded directly to - # keystone_config when openstackcli supports domain configuration and - # keystone_domain_config is refactored. - module IniSetting - def create_parameters - ensurable - - newparam(:name, :namevar => true) do - desc 'Section/setting name to manage from keystone.conf' - newvalues(/\S+\/\S+/) - end - - newproperty(:value) do - desc 'The value of the setting to be defined.' - munge do |value| - value = value.to_s.strip - value.capitalize! if value =~ /^(true|false)$/i - value - end - newvalues(/^[\S ]*$/) - - def is_to_s( currentvalue ) - if resource.secret? - return '[old secret redacted]' - else - return currentvalue - end - end - - def should_to_s( newvalue ) - if resource.secret? - return '[new secret redacted]' - else - return newvalue - end - end - end - - newparam(:secret, :boolean => true) do - desc 'Whether to hide the value from Puppet logs. Defaults to `false`.' - - newvalues(:true, :false) - - defaultto false - end - - newparam(:ensure_absent_val) do - desc 'A value that is specified as the value property will behave as if ensure => absent was specified' - defaultto('') - end - - autorequire(:package) do - 'keystone' - end - end - end - end -end diff --git a/keystone/manifests/client.pp b/keystone/manifests/client.pp deleted file mode 100644 index 056eb1de9..000000000 --- a/keystone/manifests/client.pp +++ /dev/null @@ -1,29 +0,0 @@ -# == Class: keystone::client -# -# Installs Keystone client. -# -# === Parameters -# -# [*client_package_name*] -# (optional) The name of python keystone client package -# Defaults to $keystone::params::client_package_name -# -# [*ensure*] -# (optional) Ensure state of the package. -# Defaults to 'present'. -# -class keystone::client ( - $client_package_name = $keystone::params::client_package_name, - $ensure = 'present' -) inherits keystone::params { - - include ::keystone::deps - - package { 'python-keystoneclient': - ensure => $ensure, - name => $client_package_name, - tag => 'openstack', - } - - include '::openstacklib::openstackclient' -} diff --git a/keystone/manifests/config.pp b/keystone/manifests/config.pp deleted file mode 100644 index 63871c154..000000000 --- a/keystone/manifests/config.pp +++ /dev/null @@ -1,38 +0,0 @@ -# == Class: keystone::config -# -# This class is used to manage arbitrary keystone configurations. -# -# === Parameters -# -# [*keystone_config*] -# (optional) Allow configuration of arbitrary keystone configurations. -# The value is an hash of keystone_config resources. Example: -# { 'DEFAULT/foo' => { value => 'fooValue'}, -# 'DEFAULT/bar' => { value => 'barValue'} -# } -# In yaml format, Example: -# keystone_config: -# DEFAULT/foo: -# value: fooValue -# DEFAULT/bar: -# value: barValue -# -# [*keystone_paste_ini*] -# (optional) Allow configuration of /etc/keystone/keystone-paste.ini options. -# -# NOTE: The configuration MUST NOT be already handled by this module -# or Puppet catalog compilation will fail with duplicate resources. -# -class keystone::config ( - $keystone_config = {}, - $keystone_paste_ini = {}, -) { - - include ::keystone::deps - - validate_hash($keystone_config) - validate_hash($keystone_paste_ini) - - create_resources('keystone_config', $keystone_config) - create_resources('keystone_paste_ini', $keystone_paste_ini) -} diff --git a/keystone/manifests/cron/token_flush.pp b/keystone/manifests/cron/token_flush.pp deleted file mode 100644 index c987e1289..000000000 --- a/keystone/manifests/cron/token_flush.pp +++ /dev/null @@ -1,88 +0,0 @@ -# -# Copyright (C) 2014 eNovance SAS -# -# Author: Emilien Macchi -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. You may obtain -# a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the -# License for the specific language governing permissions and limitations -# under the License. -# -# == Class: keystone::cron::token_flush -# -# Installs a cron job to purge expired tokens. -# -# === Parameters -# -# [*ensure*] -# (optional) Defaults to present. -# Valid values are present, absent. -# -# [*minute*] -# (optional) Defaults to '1'. -# -# [*hour*] -# (optional) Defaults to '0'. -# -# [*monthday*] -# (optional) Defaults to '*'. -# -# [*month*] -# (optional) Defaults to '*'. -# -# [*weekday*] -# (optional) Defaults to '*'. -# -# [*maxdelay*] -# (optional) Seconds. Defaults to 0. Should be a positive integer. -# Induces a random delay before running the cronjob to avoid running all -# cron jobs at the same time on all hosts this job is configured. -# -# [*destination*] -# (optional) Path to file to which rows should be archived -# Defaults to '/var/log/keystone/keystone-tokenflush.log'. -# -# [*user*] -# (optional) Defaults to 'keystone'. -# Allow to run the crontab on behalf any user. -# -class keystone::cron::token_flush ( - $ensure = present, - $minute = 1, - $hour = 0, - $monthday = '*', - $month = '*', - $weekday = '*', - $maxdelay = 0, - $destination = '/var/log/keystone/keystone-tokenflush.log', - $user = 'keystone', -) { - - include ::keystone::deps - - if $maxdelay == 0 { - $sleep = '' - } else { - $sleep = "sleep `expr \${RANDOM} \\% ${maxdelay}`; " - } - - cron { 'keystone-manage token_flush': - ensure => $ensure, - command => "${sleep}keystone-manage token_flush >>${destination} 2>&1", - environment => 'PATH=/bin:/usr/bin:/usr/sbin SHELL=/bin/sh', - user => $user, - minute => $minute, - hour => $hour, - monthday => $monthday, - month => $month, - weekday => $weekday, - require => Package['keystone'], - } -} diff --git a/keystone/manifests/db.pp b/keystone/manifests/db.pp deleted file mode 100644 index b331cbcb4..000000000 --- a/keystone/manifests/db.pp +++ /dev/null @@ -1,102 +0,0 @@ -# class: keystone::db -# -# Configure the Keystone database -# -# === Parameters -# -# [*database_connection*] -# Url used to connect to database. -# (Optional) Defaults to 'sqlite:////var/lib/keystone/keystone.sqlite'. -# -# [*database_idle_timeout*] -# Timeout when db connections should be reaped. -# (Optional) Defaults to $::os_service_default -# -# [*database_max_retries*] -# Maximum number of database connection retries during startup. -# Setting -1 implies an infinite retry count. -# (Optional) Defaults to $::os_service_default -# -# [*database_retry_interval*] -# Interval between retries of opening a database connection. -# (Optional) Defaults to $::os_service_default -# -# [*database_min_pool_size*] -# Minimum number of SQL connections to keep open in a pool. -# (Optional) Defaults to $::os_service_default -# -# [*database_max_pool_size*] -# Maximum number of SQL connections to keep open in a pool. -# (Optional) Defaults to $::os_service_default -# -# [*database_max_overflow*] -# If set, use this value for max_overflow with sqlalchemy. -# (Optional) Defaults to $::os_service_default -# -class keystone::db ( - $database_connection = 'sqlite:////var/lib/keystone/keystone.sqlite', - $database_idle_timeout = $::os_service_default, - $database_min_pool_size = $::os_service_default, - $database_max_pool_size = $::os_service_default, - $database_max_retries = $::os_service_default, - $database_retry_interval = $::os_service_default, - $database_max_overflow = $::os_service_default, -) { - - include ::keystone::deps - include ::keystone::params - - # NOTE(spredzy): In order to keep backward compatibility we rely on the pick function - # to use keystone:: if keystone::db:: isn't specified. - $database_connection_real = pick($::keystone::database_connection, $database_connection) - $database_idle_timeout_real = pick($::keystone::database_idle_timeout, $database_idle_timeout) - $database_min_pool_size_real = pick($::keystone::database_min_pool_size, $database_min_pool_size) - $database_max_pool_size_real = pick($::keystone::database_max_pool_size, $database_max_pool_size) - $database_max_retries_real = pick($::keystone::database_max_retries, $database_max_retries) - $database_retry_interval_real = pick($::keystone::database_retry_interval, $database_retry_interval) - $database_max_overflow_real = pick($::keystone::database_max_overflow, $database_max_overflow) - - validate_re($database_connection_real, - '^(sqlite|mysql(\+pymysql)?|postgresql):\/\/(\S+:\S+@\S+\/\S+)?') - - case $database_connection_real { - /^mysql(\+pymysql)?:\/\//: { - require 'mysql::bindings' - require 'mysql::bindings::python' - if $database_connection_real =~ /^mysql\+pymysql/ { - $backend_package = $::keystone::params::pymysql_package_name - } else { - $backend_package = false - } - } - /^postgresql:\/\//: { - $backend_package = false - require 'postgresql::lib::python' - } - /^sqlite:\/\//: { - $backend_package = $::keystone::params::sqlite_package_name - } - default: { - fail('Unsupported backend configured') - } - } - - if $backend_package and !defined(Package[$backend_package]) { - package {'keystone-backend-package': - ensure => present, - name => $backend_package, - tag => ['openstack', 'keystone-package'], - } - } - - keystone_config { - 'database/connection': value => $database_connection_real, secret => true; - 'database/idle_timeout': value => $database_idle_timeout_real; - 'database/min_pool_size': value => $database_min_pool_size_real; - 'database/max_retries': value => $database_max_retries_real; - 'database/retry_interval': value => $database_retry_interval_real; - 'database/max_pool_size': value => $database_max_pool_size_real; - 'database/max_overflow': value => $database_max_overflow_real; - } - -} diff --git a/keystone/manifests/db/mysql.pp b/keystone/manifests/db/mysql.pp deleted file mode 100644 index 2e0e882d8..000000000 --- a/keystone/manifests/db/mysql.pp +++ /dev/null @@ -1,78 +0,0 @@ -# The keystone::db::mysql class implements mysql backend for keystone -# -# This class can be used to create tables, users and grant -# privilege for a mysql keystone database. -# -# == parameters -# -# [*password*] -# (Mandatory) Password to connect to the database. -# Defaults to 'false'. -# -# [*dbname*] -# (Optional) Name of the database. -# Defaults to 'keystone'. -# -# [*user*] -# (Optional) User to connect to the database. -# Defaults to 'keystone'. -# -# [*host*] -# (Optional) The default source host user is allowed to connect from. -# Defaults to '127.0.0.1' -# -# [*allowed_hosts*] -# (Optional) Other hosts the user is allowed to connect from. -# Defaults to 'undef'. -# -# [*charset*] -# (Optional) The database charset. -# Defaults to 'utf8' -# -# [*collate*] -# (Optional) The database collate. -# Only used with mysql modules >= 2.2. -# Defaults to 'utf8_general_ci' -# -# === Deprecated Parameters -# -# == Dependencies -# Class['mysql::server'] -# -# == Examples -# == Authors -# -# Dan Bode dan@puppetlabs.com -# -# == Copyright -# -# Copyright 2012 Puppetlabs Inc, unless otherwise noted. -# -class keystone::db::mysql( - $password, - $dbname = 'keystone', - $user = 'keystone', - $host = '127.0.0.1', - $charset = 'utf8', - $collate = 'utf8_general_ci', - $allowed_hosts = undef -) { - - include ::keystone::deps - - validate_string($password) - - ::openstacklib::db::mysql { 'keystone': - user => $user, - password_hash => mysql_password($password), - dbname => $dbname, - host => $host, - charset => $charset, - collate => $collate, - allowed_hosts => $allowed_hosts, - } - - Anchor['keystone::db::begin'] - ~> Class['keystone::db::mysql'] - ~> Anchor['keystone::db::end'] -} diff --git a/keystone/manifests/db/postgresql.pp b/keystone/manifests/db/postgresql.pp deleted file mode 100644 index b05fb124a..000000000 --- a/keystone/manifests/db/postgresql.pp +++ /dev/null @@ -1,58 +0,0 @@ -# == Class: keystone::db::postgresql -# -# Class that configures postgresql for keystone -# Requires the Puppetlabs postgresql module. -# -# == Authors -# -# Stackforge Contributors puppet-openstack@puppetlabs.com -# Etienne Pelletier epelletier@morphlabs.com -# -# == Copyright -# -# Copyright 2013-2014 Stackforge Contributors -# Copyright 2012 Etienne Pelletier, unless otherwise noted. -# -# === Parameters -# -# [*password*] -# (Required) Password to connect to the database. -# -# [*dbname*] -# (Optional) Name of the database. -# Defaults to 'keystone'. -# -# [*user*] -# (Optional) User to connect to the database. -# Defaults to 'keystone'. -# -# [*encoding*] -# (Optional) The charset to use for the database. -# Default to undef. -# -# [*privileges*] -# (Optional) Privileges given to the database user. -# Default to 'ALL' -# -class keystone::db::postgresql( - $password, - $dbname = 'keystone', - $user = 'keystone', - $encoding = undef, - $privileges = 'ALL', -) { - - include ::keystone::deps - - ::openstacklib::db::postgresql { 'keystone': - password_hash => postgresql_password($user, $password), - dbname => $dbname, - user => $user, - encoding => $encoding, - privileges => $privileges, - } - - Anchor['keystone::db::begin'] - ~> Class['keystone::db::postgresql'] - ~> Anchor['keystone::db::end'] -} diff --git a/keystone/manifests/db/sync.pp b/keystone/manifests/db/sync.pp deleted file mode 100644 index fd966568d..000000000 --- a/keystone/manifests/db/sync.pp +++ /dev/null @@ -1,32 +0,0 @@ -# -# Class to execute "keystone-manage db_sync -# -# == Parameters -# -# [*extra_params*] -# (optional) String of extra command line parameters to append -# to the keystone-manage db_sync command. These will be -# inserted in the command line between 'keystone-manage' and -# 'db_sync' in the command line. -# Defaults to '' -# -class keystone::db::sync( - $extra_params = undef, -) { - - include ::keystone::deps - - exec { 'keystone-manage db_sync': - command => "keystone-manage ${extra_params} db_sync", - path => '/usr/bin', - user => 'keystone', - refreshonly => true, - subscribe => [ - Anchor['keystone::install::end'], - Anchor['keystone::config::end'], - Anchor['keystone::dbsync::begin'] - ], - notify => Anchor['keystone::dbsync::end'], - tag => 'keystone-exec', - } -} diff --git a/keystone/manifests/deps.pp b/keystone/manifests/deps.pp deleted file mode 100644 index 27a16a2ec..000000000 --- a/keystone/manifests/deps.pp +++ /dev/null @@ -1,74 +0,0 @@ -# == Class: keystone::deps -# -# keystone anchors and dependency management -# -class keystone::deps { - # Setup anchors for install, config and service phases of the module. These - # anchors allow external modules to hook the begin and end of any of these - # phases. Package or service management can also be replaced by ensuring the - # package is absent or turning off service management and having the - # replacement depend on the appropriate anchors. When applicable, end tags - # should be notified so that subscribers can determine if installation, - # config or service state changed and act on that if needed. - anchor { 'keystone::install::begin': } - -> Package<| tag == 'keystone-package'|> - ~> anchor { 'keystone::install::end': } - -> anchor { 'keystone::config::begin': } - -> Keystone_config<||> - ~> anchor { 'keystone::config::end': } - -> anchor { 'keystone::db::begin': } - -> anchor { 'keystone::db::end': } - ~> anchor { 'keystone::dbsync::begin': } - -> anchor { 'keystone::dbsync::end': } - ~> anchor { 'keystone::service::begin': } - ~> Service<| tag == 'keystone-service' |> - ~> anchor { 'keystone::service::end': } - - # paste-api.ini config should occur in the config block also. - Anchor['keystone::config::begin'] - -> Keystone_paste_ini<||> - ~> Anchor['keystone::config::end'] - - # policy config should occur in the config block also. - Anchor['keystone::config::begin'] - -> Openstacklib::Policy::Base<||> - ~> Anchor['keystone::config::end'] - - # Support packages need to be installed in the install phase, but we don't - # put them in the chain above because we don't want any false dependencies - # between packages with the keystone-package tag and the keystone-support-package - # tag. Note: the package resources here will have a 'before' relationshop on - # the keystone::install::end anchor. The line between keystone-support-package and - # keystone-package should be whether or not keystone services would need to be - # restarted if the package state was changed. - Anchor['keystone::install::begin'] - -> Package<| tag == 'keystone-support-package'|> - -> Anchor['keystone::install::end'] - - # We need openstackclient before marking service end so that keystone - # will have clients available to create resources. This tag handles the - # openstackclient but indirectly since the client is not available in - # all catalogs that don't need the client class (like many spec tests) - Package<| tag == 'openstack'|> - ~> Anchor['keystone::service::end'] - - # The following resources need to be provisioned after the service is up. - Anchor['keystone::service::end'] - -> Keystone_domain<||> - Anchor['keystone::service::end'] - -> Keystone_endpoint<||> - Anchor['keystone::service::end'] - -> Keystone_role<||> - Anchor['keystone::service::end'] - -> Keystone_service<||> - Anchor['keystone::service::end'] - -> Keystone_tenant<||> - Anchor['keystone::service::end'] - -> Keystone_user<||> - Anchor['keystone::service::end'] - -> Keystone_user_role<||> - - # Installation or config changes will always restart services. - Anchor['keystone::install::end'] ~> Anchor['keystone::service::begin'] - Anchor['keystone::config::end'] ~> Anchor['keystone::service::begin'] -} diff --git a/keystone/manifests/disable_admin_token_auth.pp b/keystone/manifests/disable_admin_token_auth.pp deleted file mode 100644 index 8e7c64b72..000000000 --- a/keystone/manifests/disable_admin_token_auth.pp +++ /dev/null @@ -1,48 +0,0 @@ -# -# Class to manage and secure the keystone-paste.ini pipeline configuration. -# -# The keystone module uses the admin_token parameter in keystone.conf to -# bootstrap the basic setup of an admin user, project, and domain. However, the -# admin_token provides an easy vector of attack for production keystone -# installations. Including this class will remove the admin_token_auth -# from the paste pipeline to improve security. After this class is run, -# future puppet runs must have an openrc file with valid keystone v3 -# admin credentials in /root/openrc available, or else must be run with -# valid keystone v3 credentials set as environment variables. -# -class keystone::disable_admin_token_auth { - - Keystone::Resource::Service_identity<||> -> Class['::keystone::disable_admin_token_auth'] - - Ini_subsetting { - require => Class['keystone::roles::admin'], - } - - if $::keystone::manage_service and $::keystone::enabled { - Ini_subsetting { - notify => Exec['restart_keystone'], - } - } - - ini_subsetting { 'public_api/admin_token_auth': - ensure => absent, - path => '/etc/keystone/keystone-paste.ini', - section => 'pipeline:public_api', - setting => 'pipeline', - subsetting => 'admin_token_auth', - } - ini_subsetting { 'admin_api/admin_token_auth': - ensure => absent, - path => '/etc/keystone/keystone-paste.ini', - section => 'pipeline:admin_api', - setting => 'pipeline', - subsetting => 'admin_token_auth', - } - ini_subsetting { 'api_v3/admin_token_auth': - ensure => absent, - path => '/etc/keystone/keystone-paste.ini', - section => 'pipeline:api_v3', - setting => 'pipeline', - subsetting => 'admin_token_auth', - } -} diff --git a/keystone/manifests/endpoint.pp b/keystone/manifests/endpoint.pp deleted file mode 100644 index 2cc91b748..000000000 --- a/keystone/manifests/endpoint.pp +++ /dev/null @@ -1,114 +0,0 @@ -# == Class: keystone::endpoint -# -# Creates the auth endpoints for keystone -# -# === Parameters -# -# [*public_url*] -# (optional) Public url for keystone endpoint. -# Defaults to 'http://127.0.0.1:5000' -# This url should *not* contain any version or trailing '/'. -# -# [*internal_url*] -# (optional) Internal url for keystone endpoint. -# Defaults to $public_url -# This url should *not* contain any version or trailing '/'. -# -# [*admin_url*] -# (optional) Admin url for keystone endpoint. -# Defaults to 'http://127.0.0.1:35357' -# This url should *not* contain any version or trailing '/'. -# -# [*region*] -# (optional) Region for endpoint. (Defaults to 'RegionOne') -# -# [*user_domain*] -# (Optional) Domain for $auth_name -# Defaults to undef (use the keystone server default domain) -# -# [*project_domain*] -# (Optional) Domain for $tenant (project) -# Defaults to undef (use the keystone server default domain) -# -# [*default_domain*] -# (Optional) Domain for $auth_name and $tenant (project) -# If keystone_user_domain is not specified, use $keystone_default_domain -# If keystone_project_domain is not specified, use $keystone_default_domain -# Defaults to undef -# -# [*version*] -# (optional) API version for endpoint. -# Defaults to 'v2.0'. Valid values are 'v2.0', 'v3', or the empty string ''. -# If the version is set to the empty string (''), then it won't be -# used. This is the expected behaviour since Keystone V3 handles API versions -# from the context. -# -# === Examples -# -# class { 'keystone::endpoint': -# public_url => 'https://154.10.10.23:5000', -# internal_url => 'https://11.0.1.7:5000', -# admin_url => 'https://10.0.1.7:35357', -# } -# -class keystone::endpoint ( - $public_url = 'http://127.0.0.1:5000', - $internal_url = undef, - $admin_url = 'http://127.0.0.1:35357', - $region = 'RegionOne', - $user_domain = undef, - $project_domain = undef, - $default_domain = undef, - $version = 'unset', # defaults to 'v2.0' if unset by user -) { - - include ::keystone::deps - - if $version == 'unset' { - # $version will be set to empty '' once tempest & all openstack clients - # actually support versionless endpoints. - # See ongoing work in Tempest: - # https://review.openstack.org/#/q/status:open+project:openstack/tempest-lib+branch:master+topic:bug/1530181 - # Until that, we need to set a version by default. - $_version = 'v2.0' - } else { - $_version = $version - } - if empty($_version) { - $admin_url_real = $admin_url - $public_url_real = $public_url - - if $internal_url { - $internal_url_real = $internal_url - } - else { - $internal_url_real = $public_url - } - } - else { - $public_url_real = "${public_url}/${_version}" - $admin_url_real = "${admin_url}/${_version}" - - if $internal_url { - $internal_url_real = "${internal_url}/${_version}" - } - else { - $internal_url_real = "${public_url}/${_version}" - } - } - - keystone::resource::service_identity { 'keystone': - configure_user => false, - configure_user_role => false, - service_type => 'identity', - service_description => 'OpenStack Identity Service', - public_url => $public_url_real, - admin_url => $admin_url_real, - internal_url => $internal_url_real, - region => $region, - user_domain => $user_domain, - project_domain => $project_domain, - default_domain => $default_domain, - } - Keystone::Resource::Service_identity['keystone'] -> File<| tag == 'openrc' |> -} diff --git a/keystone/manifests/federation/identity_provider.pp b/keystone/manifests/federation/identity_provider.pp deleted file mode 100644 index 5a92c8316..000000000 --- a/keystone/manifests/federation/identity_provider.pp +++ /dev/null @@ -1,152 +0,0 @@ -# == class: keystone::federation::identity_provider -# -# == Parameters -# -# [*certfile*] -# (Required) Path of the certfile for SAML signing. The path can not -# contain a comma. (string value). -# Defaults to $::keystone::ssl_ca_certs value. -# -# [*keyfile*] -# (Required) Path of the keyfile for SAML signing. The path can not -# contain a comma (string value). -# Defaults to $::keystone::ssl_ca_key value. -# -# [*idp_entity_id*] -# (Required) Entity ID value for unique Identity Provider identification -# (string value). -# -# [*idp_sso_endpoint*] -# (Required) Identity Provider Single-Sign-On service value (string value). -# -# [*idp_metadata_path*] -# (Required) Path to the Identity Provider Metadata file (string value). -# -# [*idp_organization_name*] -# (Optional) Organization name the installation belongs to (string value). -# Defaults to 'undef'. -# -# [*idp_organization_display_name*] -# (Optional) Organization name to be displayed (string value). -# Defaults to 'undef'. -# -# [*idp_organization_url*] -# (Optional) URL of the organization (string value). -# Defaults to 'undef'. -# -# [*idp_contact_company*] -# (Optional) Company of contact person (string value). -# Defaults to 'undef'. -# -# [*idp_contact_name*] -# (Optional) Given name of contact person (string value). -# Defaults to 'undef'. -# -# [*idp_contact_surname*] -# (Optional) Surname of contact person (string value). -# Defaults to 'undef'. -# -# [*idp_contact_email*] -# (Optional) Email address of contact person (string value). -# Defaults to 'undef'. -# -# [*idp_contact_telephone*] -# (Optional) Telephone number of contact person (string value). -# Defaults to 'undef'. -# -# [*idp_contact_type*] -# (Optional) Contact type. Allowed values are: technical, support, -# administrative billing, and other (string value). -# Defaults to 'undef'. -# -# [*user*] -# (Optional) User with access to keystone files. (string value) -# Defaults to 'keystone'. -# -# [*package_ensure*] -# (optional) Desired ensure state of packages. -# accepts latest or specific versions. -# Defaults to present. -# -# == Dependencies -# == Examples -# == Authors -# -# Iury Gregory iurygregory@gmail.com -# -# == Copyright -# -# Copyright 2013 eNovance -# -class keystone::federation::identity_provider( - $idp_entity_id, - $idp_sso_endpoint, - $idp_metadata_path, - $certfile = $::keystone::ssl_ca_certs, - $keyfile = $::keystone::ssl_ca_key, - $user = 'keystone', - $idp_organization_name = undef, - $idp_organization_display_name = undef, - $idp_organization_url = undef, - $idp_contact_company = undef, - $idp_contact_name = undef, - $idp_contact_surname = undef, - $idp_contact_email = undef, - $idp_contact_telephone = undef, - $idp_contact_type = undef, - $package_ensure = present, -) { - - include ::keystone::deps - include ::keystone::params - - if $::keystone::service_name != 'httpd' { - fail ('Keystone need to be running under Apache for Federation work.') - } - - ensure_packages(['xmlsec1','python-pysaml2'], { - ensure => $package_ensure, - tag => 'keystone-support-package', - }) - - keystone_config { - 'saml/certfile': value => $certfile; - 'saml/keyfile': value => $keyfile; - 'saml/idp_entity_id': value => $idp_entity_id; - 'saml/idp_sso_endpoint': value => $idp_sso_endpoint; - 'saml/idp_metadata_path': value => $idp_metadata_path; - 'saml/idp_organization_name': value => $idp_organization_name; - 'saml/idp_organization_display_name': value => $idp_organization_display_name; - 'saml/idp_organization_url': value => $idp_organization_url; - 'saml/idp_contact_company': value => $idp_contact_company; - 'saml/idp_contact_name': value => $idp_contact_name; - 'saml/idp_contact_surname': value => $idp_contact_surname; - 'saml/idp_contact_email': value => $idp_contact_email; - 'saml/idp_contact_telephone': value => $idp_contact_telephone; - } - - if $idp_contact_type and !($idp_contact_type in ['technical','support','administrative','billing','other']) { - fail('Allowed values for idp_contact_type are: technical, support, administrative, billing and other') - } else{ - keystone_config { - 'saml/idp_contact_type': value => $idp_contact_type; - } - } - - exec {'saml_idp_metadata': - path => '/usr/bin', - user => "${user}", - command => "keystone-manage saml_idp_metadata > ${idp_metadata_path}", - creates => $idp_metadata_path, - subscribe => Anchor['keystone::config::end'], - notify => Anchor['keystone::service::end'], - tag => 'keystone-exec', - } - - file { $idp_metadata_path: - ensure => present, - mode => '0600', - owner => "${user}", - } - -} diff --git a/keystone/manifests/federation/mellon.pp b/keystone/manifests/federation/mellon.pp deleted file mode 100644 index ee51bb65f..000000000 --- a/keystone/manifests/federation/mellon.pp +++ /dev/null @@ -1,114 +0,0 @@ -# == class: keystone::federation::mellon -# -# == Parameters -# -# [*methods*] -# A list of methods used for authentication separated by comma or an array. -# The allowed values are: 'external', 'password', 'token', 'oauth1', 'saml2' -# (Required) (string or array value). -# Note: The external value should be dropped to avoid problems. -# -# [*idp_name*] -# The name name associated with the IdP in Keystone. -# (Required) String value. -# -# [*protocol_name*] -# The name for your protocol associated with the IdP. -# (Required) String value. -# -# [*admin_port*] -# A boolean value to ensure that you want to configure K2K Federation -# using Keystone VirtualHost on port 35357. -# (Optional) Defaults to false. -# -# [*main_port*] -# A boolean value to ensure that you want to configure K2K Federation -# using Keystone VirtualHost on port 5000. -# (Optional) Defaults to true. -# -# [*module_plugin*] -# The plugin for authentication acording to the choice made with protocol and -# module. -# (Optional) Defaults to 'keystone.auth.plugins.mapped.Mapped' (string value) -# -# [*template_order*] -# This number indicates the order for the concat::fragment that will apply -# the shibboleth configuration to Keystone VirtualHost. The value should -# The value should be greater than 330 an less then 999, according to: -# https://github.com/puppetlabs/puppetlabs-apache/blob/master/manifests/vhost.pp -# The value 330 corresponds to the order for concat::fragment "${name}-filters" -# and "${name}-limits". -# The value 999 corresponds to the order for concat::fragment "${name}-file_footer". -# (Optional) Defaults to 331. -# -# [*package_ensure*] -# (optional) Desired ensure state of packages. -# accepts latest or specific versions. -# Defaults to present. -# -class keystone::federation::mellon ( - $methods, - $idp_name, - $protocol_name, - $admin_port = false, - $main_port = true, - $module_plugin = 'keystone.auth.plugins.mapped.Mapped', - $template_order = 331, - $package_ensure = present, -) { - - include ::apache - include ::keystone::deps - include ::keystone::params - - # Note: if puppet-apache modify these values, this needs to be updated - if $template_order <= 330 or $template_order >= 999 { - fail('The template order should be greater than 330 and less than 999.') - } - - if ('external' in $methods ) { - fail('The external method should be dropped to avoid any interference with some Apache + Mellon SP setups, where a REMOTE_USER env variable is always set, even as an empty value.') - } - - if !('saml2' in $methods ) { - fail('Methods should contain saml2 as one of the auth methods.') - }else{ - if ($module_plugin != 'keystone.auth.plugins.mapped.Mapped') { - fail('The plugin for saml and mellon should be keystone.auth.plugins.mapped.Mapped') - } - } - - validate_bool($admin_port) - validate_bool($main_port) - - if( !$admin_port and !$main_port){ - fail('No VirtualHost port to configure, please choose at least one.') - } - - keystone_config { - 'auth/methods': value => join(any2array($methods),','); - 'auth/saml2': value => $module_plugin; - } - - ensure_packages([$::keystone::params::mellon_package_name], { - ensure => $package_ensure, - tag => 'keystone-support-package', - }) - - if $admin_port { - concat::fragment { 'configure_mellon_on_port_35357': - target => "${keystone::wsgi::apache::priority}-keystone_wsgi_admin.conf", - content => template('keystone/mellon.conf.erb'), - order => $template_order, - } - } - - if $main_port { - concat::fragment { 'configure_mellon_on_port_5000': - target => "${keystone::wsgi::apache::priority}-keystone_wsgi_main.conf", - content => template('keystone/mellon.conf.erb'), - order => $template_order, - } - } - -} diff --git a/keystone/manifests/federation/shibboleth.pp b/keystone/manifests/federation/shibboleth.pp deleted file mode 100644 index ab57216bd..000000000 --- a/keystone/manifests/federation/shibboleth.pp +++ /dev/null @@ -1,137 +0,0 @@ -# == class: keystone::federation::shibboleth -# -# == Parameters -# -# [*admin_port*] -# A boolean value to ensure that you want to configure K2K Federation -# using Keystone VirtualHost on port 35357. -# (Optional) Defaults to false. -# -# [*main_port*] -# A boolean value to ensure that you want to configure K2K Federation -# using Keystone VirtualHost on port 5000. -# (Optional) Defaults to true. -# -# [*methods*] -# A list of methods used for authentication separated by comma or an array. -# The allowed values are: 'external', 'password', 'token', 'oauth1', 'saml2' -# (Required) (string or array value). -# Note: The external value should be dropped to avoid problems. -# -# [*module_plugin*] -# The plugin for authentication according to the choice made with protocol and -# module. -# (Optional) Defaults to 'keystone.auth.plugins.mapped.Mapped' (string value) -# -# [*suppress_warning*] -# A boolean value to disable the warning about not installing shibboleth on RedHat. -# (Optional) Defaults to false. -# -# [*template_order*] -# This number indicates the order for the concat::fragment that will apply -# the shibboleth configuration to Keystone VirtualHost. The value should -# The value should be greater than 330 and less than 999, according to: -# https://github.com/puppetlabs/puppetlabs-apache/blob/master/manifests/vhost.pp -# The value 330 corresponds to the order for concat::fragment "${name}-filters" -# and "${name}-limits". -# The value 999 corresponds to the order for concat::fragment "${name}-file_footer". -# (Optional) Defaults to 331. -# -# [*yum_repo_name*] -# This is the name of repo where one can find the shibboleth package on rhel -# platform. See the note below. For instance this snippet would enable the -# full configuration on RedHat platform: -# -# yumrepo { 'shibboleth': -# name => 'Shibboleth', -# baseurl => 'http://download.opensuse.org/repositories/security:/shibboleth/CentOS_7/', -# descr => 'Shibboleth repo for RedHat', -# gpgcheck => 1, -# gpgkey => 'http://download.opensuse.org/repositories/security:/shibboleth/CentOS_7/repodata/repomd.xml.key', -# enabled => 1, -# require => Anchor['openstack_extras_redhat'] -# } -# -# == Note about Redhat osfamily -# According to puppet-apache we need to enable a new repo, but in puppet-openstack -# we won't enable any external third party repo. -# http://wiki.aaf.edu.au/tech-info/sp-install-guide. We provide some helpers but -# as the packaging is lacking official support, we cannot guaranty it will work. -# -class keystone::federation::shibboleth( - $methods, - $admin_port = false, - $main_port = true, - $module_plugin = 'keystone.auth.plugins.mapped.Mapped', - $suppress_warning = false, - $template_order = 331, - $yum_repo_name = 'shibboleth' -) { - - include ::apache - include ::keystone::deps - - # Note: if puppet-apache modify these values, this needs to be updated - if $template_order <= 330 or $template_order >= 999 { - fail('The template order should be greater than 330 and less than 999.') - } - - if ('external' in $methods ) { - fail('The external method should be dropped to avoid any interference with some Apache + Shibboleth SP setups, where a REMOTE_USER env variable is always set, even as an empty value.') - } - - if !('saml2' in $methods ) { - fail('Methods should contain saml2 as one of the auth methods.') - }else{ - if ($module_plugin != 'keystone.auth.plugins.mapped.Mapped') { - fail('The plugin for saml and shibboleth should be keystone.auth.plugins.mapped.Mapped') - } - } - - validate_bool($admin_port) - validate_bool($main_port) - validate_bool($suppress_warning) - - if( !$admin_port and !$main_port){ - fail('No VirtualHost port to configure, please choose at least one.') - } - - keystone_config { - 'auth/methods': value => join(any2array($methods),','); - 'auth/saml2': value => $module_plugin; - } - - if $::osfamily == 'Debian' or ($::osfamily == 'RedHat' and (defined(Yumrepo[$yum_repo_name])) or defined(Package['shibboleth'])) { - if $::osfamily == 'RedHat' { - warning('The platform is not officially supported, use at your own risk. Check manifest documentation for more.') - apache::mod { 'shib2': - id => 'mod_shib', - path => '/usr/lib64/shibboleth/mod_shib_24.so' - } - } else { - class { '::apache::mod::shib': } - } - - if $admin_port { - concat::fragment { 'configure_shibboleth_on_port_35357': - target => "${keystone::wsgi::apache::priority}-keystone_wsgi_admin.conf", - content => template('keystone/shibboleth.conf.erb'), - order => $template_order, - } - } - - if $main_port { - concat::fragment { 'configure_shibboleth_on_port_5000': - target => "${keystone::wsgi::apache::priority}-keystone_wsgi_main.conf", - content => template('keystone/shibboleth.conf.erb'), - order => $template_order, - } - } - } elsif $::osfamily == 'Redhat' { - if !$suppress_warning { - warning( 'Can not configure Shibboleth in Apache on RedHat OS.Read the Note on this federation/shibboleth.pp' ) - } - } else { - fail('Unsupported platform') - } -} diff --git a/keystone/manifests/init.pp b/keystone/manifests/init.pp deleted file mode 100644 index a3ac8b6b5..000000000 --- a/keystone/manifests/init.pp +++ /dev/null @@ -1,1040 +0,0 @@ -# -# Module for managing keystone config. -# -# == Parameters -# -# [*package_ensure*] -# (optional) Desired ensure state of packages. -# accepts latest or specific versions. -# Defaults to present. -# -# [*client_package_ensure*] -# (optional) Desired ensure state of the client package. -# accepts latest or specific versions. -# Defaults to present. -# -# [*public_port*] -# (optional) Port that keystone binds to. -# Defaults to '5000' -# -# [*admin_port*] -# (optional) Port that can be used for admin tasks. -# Defaults to '35357' -# -# [*admin_token*] -# Admin token that can be used to authenticate as a keystone -# admin. Required. -# -# [*verbose*] -# (optional) Rather keystone should log at verbose level. -# Defaults to undef. -# -# [*debug*] -# (optional) Rather keystone should log at debug level. -# Defaults to undef. -# -# [*use_syslog*] -# (optional) Use syslog for logging. -# Defaults to undef. -# -# [*use_stderr*] -# (optional) Use stderr for logging -# Defaults to undef. -# -# [*log_facility*] -# (optional) Syslog facility to receive log lines. -# Defaults to undef. -# -# [*catalog_type*] -# (optional) Type of catalog that keystone uses to store endpoints,services. -# Defaults to sql. (Also accepts template) -# -# [*catalog_driver*] -# (optional) Catalog driver used by Keystone to store endpoints and services. -# Setting this value will override and ignore catalog_type. -# Defaults to false. -# -# [*catalog_template_file*] -# (optional) Path to the catalog used if catalog_type equals 'template'. -# Defaults to '/etc/keystone/default_catalog.templates' -# -# [*token_provider*] -# (optional) Format keystone uses for tokens. -# Defaults to 'uuid' -# Supports PKI, PKIZ, Fernet, and UUID. -# -# [*token_driver*] -# (optional) Driver to use for managing tokens. -# Defaults to 'sql' -# -# [*token_expiration*] -# (optional) Amount of time a token should remain valid (seconds). -# Defaults to 3600 (1 hour). -# -# [*revoke_driver*] -# (optional) Driver for token revocation. -# Defaults to $::os_service_default -# -# [*revoke_by_id*] -# (optional) Revoke token by token identifier. -# Setting revoke_by_id to true enables various forms of enumerating tokens. -# These enumerations are processed to determine the list of tokens to revoke. -# Only disable if you are switching to using the Revoke extension with a backend -# other than KVS, which stores events in memory. -# Defaults to true. -# -# [*cache_dir*] -# (optional) Directory created when token_provider is pki. This folder is not -# created unless enable_pki_setup is set to True. -# Defaults to /var/cache/keystone. -# -# [*memcache_servers*] -# (optional) List of memcache servers as a comma separated string of -# 'server:port,server:port' or an array of servers ['server:port', -# 'server:port']. -# Used with token_driver 'memcache'. -# This configures the memcache/servers for keystone and is used as a default -# for $cache_memcache_servers if it is not specified. -# Defaults to $::os_service_default -# -# [*cache_backend*] -# (optional) Dogpile.cache backend module. It is recommended that Memcache with pooling -# (keystone.cache.memcache_pool) or Redis (dogpile.cache.redis) be used in production. -# This has no effects unless 'memcache_servers' is set. -# Defaults to $::os_service_default -# -# [*cache_backend_argument*] -# (optional) List of arguments in format of argname:value supplied to the backend module. -# Specify this option once per argument to be passed to the dogpile.cache backend. -# This has no effects unless 'memcache_servers' is set. -# Default to $::os_service_default -# -# [*cache_enabled*] -# (optional) Setting this will enable the caching backend for Keystone. -# For legacy purposes, this will be enabled automatically enabled if it is -# not provided and $memcache_servers (or $cache_memcache_servers) is set and -# cache_backend is provided as well. -# Defaults to $::os_service_default -# -# [*cache_memcache_servers*] -# (optional) List of memcache servers to be used with the caching backend to -# configure cache/memcache_servers. -# Specified as a comma separated string of 'server:port,server:port' or an -# array of servers ['server:port', 'server:port']. -# By default this will be set to the memcache_servers if that is configured -# and this is left unconfigured. -# Default to $::os_service_default -# -# [*debug_cache_backend*] -# (optional) Extra debugging from the cache backend (cache keys, get/set/delete calls). -# This has no effects unless 'memcache_servers' is set. -# Default to $::os_service_default -# -# [*token_caching*] -# (optional) Toggle for token system caching. This has no effects unless 'memcache_servers' is set. -# Default to $::os_service_default -# -# [*manage_service*] -# (Optional) If Puppet should manage service startup / shutdown. -# Defaults to true. -# -# [*enabled*] -# (optional) If the keystone services should be enabled. -# Default to true. -# -# [*database_connection*] -# (optional) Url used to connect to database. -# Defaults to undef. -# -# [*database_idle_timeout*] -# (optional) Timeout when db connections should be reaped. -# Defaults to undef. -# -# [*database_max_retries*] -# (optional) Maximum number of database connection retries during startup. -# Setting -1 implies an infinite retry count. -# (Defaults to undef) -# -# [*database_retry_interval*] -# (optional) Interval between retries of opening a database connection. -# (Defaults to undef) -# -# [*database_min_pool_size*] -# (optional) Minimum number of SQL connections to keep open in a pool. -# Defaults to: undef -# -# [*database_max_pool_size*] -# (optional) Maximum number of SQL connections to keep open in a pool. -# Defaults to: undef -# -# [*database_max_overflow*] -# (optional) If set, use this value for max_overflow with sqlalchemy. -# Defaults to: undef -# -# [*enable_pki_setup*] -# (optional) Enable call to pki_setup to generate the cert for signing pki tokens and -# revocation lists if it doesn't already exist. This generates a cert and key stored in file -# locations based on the signing_certfile and signing_keyfile paramters below. If you are -# providing your own signing cert, make this false. -# Default to false. -# -# [*signing_certfile*] -# (optional) Location of the cert file for signing pki tokens and revocation lists. -# Note that if this file already exists (i.e. you are providing your own signing cert), -# the file will not be overwritten, even if enable_pki_setup is set to true. -# Default: /etc/keystone/ssl/certs/signing_cert.pem -# -# [*signing_keyfile*] -# (optional) Location of the key file for signing pki tokens and revocation lists. -# Note that if this file already exists (i.e. you are providing your own signing cert), the file -# will not be overwritten, even if enable_pki_setup is set to true. -# Default: /etc/keystone/ssl/private/signing_key.pem -# -# [*signing_ca_certs*] -# (optional) Use this CA certs file along with signing_certfile/signing_keyfile for -# signing pki tokens and revocation lists. -# Default: /etc/keystone/ssl/certs/ca.pem -# -# [*signing_ca_key*] -# (optional) Use this CA key file along with signing_certfile/signing_keyfile for signing -# pki tokens and revocation lists. -# Default: /etc/keystone/ssl/private/cakey.pem -# -# [*signing_cert_subject*] -# (optional) Certificate subject (auto generated certificate) for token signing. -# Defaults to '/C=US/ST=Unset/L=Unset/O=Unset/CN=www.example.com' -# -# [*signing_key_size*] -# (optional) Key size (in bits) for token signing cert (auto generated certificate) -# Defaults to 2048 -# -# [*rabbit_host*] -# (optional) Location of rabbitmq installation. -# Defaults to $::os_service_default -# -# [*rabbit_port*] -# (optional) Port for rabbitmq instance. -# Defaults to $::os_service_default -# -# [*rabbit_hosts*] -# (optional) Location of rabbitmq installation. -# Defaults to $::os_service_default -# -# [*rabbit_ha_queues*] -# (Optional) Use HA queues in RabbitMQ. -# Defaults to undef. -# -# [*rabbit_password*] -# (optional) Password used to connect to rabbitmq. -# Defaults to $::os_service_default -# -# [*rabbit_userid*] -# (optional) User used to connect to rabbitmq. -# Defaults to $::os_service_default -# -# [*rabbit_virtual_host*] -# (optional) The RabbitMQ virtual host. -# Defaults to $::os_service_default -# -# [*rabbit_heartbeat_timeout_threshold*] -# (optional) Number of seconds after which the RabbitMQ broker is considered -# down if the heartbeat keepalive fails. Any value >0 enables heartbeats. -# Heartbeating helps to ensure the TCP connection to RabbitMQ isn't silently -# closed, resulting in missed or lost messages from the queue. -# (Requires kombu >= 3.0.7 and amqp >= 1.4.0) -# Defaults to $::os_service_default -# -# [*rabbit_heartbeat_rate*] -# (optional) How often during the rabbit_heartbeat_timeout_threshold period to -# check the heartbeat on RabbitMQ connection. (i.e. rabbit_heartbeat_rate=2 -# when rabbit_heartbeat_timeout_threshold=60, the heartbeat will be checked -# every 30 seconds. -# Defaults to $::os_service_default -# -# [*rabbit_use_ssl*] -# (optional) Connect over SSL for RabbitMQ -# Defaults to $::os_serice_default -# -# [*kombu_ssl_ca_certs*] -# (optional) SSL certification authority file (valid only if SSL enabled). -# Defaults to $::os_service_default -# -# [*kombu_ssl_certfile*] -# (optional) SSL cert file (valid only if SSL enabled). -# Defaults to $::os_service_default -# -# [*kombu_ssl_keyfile*] -# (optional) SSL key file (valid only if SSL enabled). -# Defaults to $::os_service_default -# -# [*kombu_ssl_version*] -# (optional) SSL version to use (valid only if SSL enabled). -# Valid values are TLSv1, SSLv23 and SSLv3. SSLv2 may be -# available on some distributions. -# Defaults to $::os_service_default -# -# [*notification_driver*] -# RPC driver. Not enabled by default -# Defaults to $::os_service_default -# -# [*notification_topics*] -# (optional) AMQP topics to publish to when using the RPC notification driver. -# Default to $::os_service_default -# -# [*notification_format*] -# Format for the notifications. Valid values are 'basic' and 'cadf'. -# Default to undef -# -# [*control_exchange*] -# (optional) AMQP exchange to connect to if using RabbitMQ or Qpid -# Default to $::os_service_default -# -# [*public_bind_host*] -# (optional) The IP address of the public network interface to listen on -# Default to '0.0.0.0'. -# -# [*admin_bind_host*] -# (optional) The IP address of the public network interface to listen on -# Default to '0.0.0.0'. -# -# [*log_dir*] -# (optional) Directory where logs should be stored -# If set to boolean false, it will not log to any directory -# Defaults to undef. -# -# [*log_file*] -# (optional) Where to log -# Defaults to undef. -# -# [*public_endpoint*] -# (optional) The base public endpoint URL for keystone that are -# advertised to clients (NOTE: this does NOT affect how -# keystone listens for connections) (string value) -# If set to false, no public_endpoint will be defined in keystone.conf. -# Sample value: 'http://localhost:5000/' -# Defaults to $::os_service_default -# -# [*admin_endpoint*] -# (optional) The base admin endpoint URL for keystone that are -# advertised to clients (NOTE: this does NOT affect how keystone listens -# for connections) (string value) -# If set to false, no admin_endpoint will be defined in keystone.conf. -# Sample value: 'http://localhost:35357/' -# Defaults to $::os_service_default -# -# [*enable_ssl*] -# (optional) Toggle for SSL support on the keystone eventlet servers. -# (boolean value) -# Defaults to false -# -# [*ssl_certfile*] -# (optional) Path of the certfile for SSL. (string value) -# Defaults to '/etc/keystone/ssl/certs/keystone.pem' -# -# [*ssl_keyfile*] -# (optional) Path of the keyfile for SSL. (string value) -# Defaults to '/etc/keystone/ssl/private/keystonekey.pem' -# -# [*ssl_ca_certs*] -# (optional) Path of the ca cert file for SSL. (string value) -# Defaults to '/etc/keystone/ssl/certs/ca.pem' -# -# [*ssl_ca_key*] -# (optional) Path of the CA key file for SSL (string value) -# Defaults to '/etc/keystone/ssl/private/cakey.pem' -# -# [*ssl_cert_subject*] -# (optional) SSL Certificate Subject (auto generated certificate) -# (string value) -# Defaults to '/C=US/ST=Unset/L=Unset/O=Unset/CN=localhost' -# -# [*validate_service*] -# (optional) Whether to validate keystone connections after -# the service is started. -# Defaults to false -# -# [*validate_insecure*] -# (optional) Whether to validate keystone connections -# using the --insecure option with keystone client. -# Defaults to false -# -# [*validate_cacert*] -# (optional) Whether to validate keystone connections -# using the specified argument with the --os-cacert option -# with keystone client. -# Defaults to undef -# -# [*validate_auth_url*] -# (optional) The url to validate keystone against -# Defaults to undef -# -# [*service_provider*] -# (optional) Provider, that can be used for keystone service. -# Default value defined in keystone::params for given operation system. -# If you use Pacemaker or another Cluster Resource Manager, you can make -# custom service provider for changing start/stop/status behavior of service, -# and set it here. -# -# [*service_name*] -# (optional) Name of the service that will be providing the -# server functionality of keystone. For example, the default -# is just 'keystone', which means keystone will be run as a -# standalone eventlet service, and will able to be managed -# separately by the operating system's service manager. For -# example, you will be able to use -# service openstack-keystone restart -# to restart the service. -# If the value is 'httpd', this means keystone will be a web -# service, and you must use another class to configure that -# web service. For example, after calling class {'keystone'...} -# use class { 'keystone::wsgi::apache'...} to make keystone be -# a web app using apache mod_wsgi. -# Defaults to '$::keystone::params::service_name' -# NOTE: validate_service only applies if the default value is used. -# -# [*paste_config*] -# (optional) Name of the paste configuration file that defines the -# available pipelines. (string value) -# Defaults to $::os_service_default -# -# [*max_token_size*] -# (optional) maximum allowable Keystone token size -# Defaults to $::os_service_default -# -# [*admin_workers*] -# (optional) The number of worker processes to serve the admin eventlet application. -# This option is deprecated along with eventlet and will be removed in M. -# This setting has no affect when using WSGI. -# Defaults to max($::processorcount, 2) -# -# [*public_workers*] -# (optional) The number of worker processes to serve the public eventlet application. -# This option is deprecated along with eventlet and will be removed in M. -# This setting has no affect when using WSGI. -# Defaults to max($::processorcount, 2) -# -# [*sync_db*] -# (Optional) Run db sync on the node. -# Defaults to true -# -# [*enable_fernet_setup*] -# (Optional) Setup keystone for fernet tokens. This is typically only -# run on a single node, then the keys are replicated to the other nodes -# in a cluster. You would typically also pair this with a fernet token -# provider setting. -# Defaults to false -# -# [*fernet_key_repository*] -# (Optional) Location for the fernet key repository. This value must -# be set if enable_fernet_setup is set to true. -# Defaults to '/etc/keystone/fernet-keys' -# -# [*fernet_max_active_keys*] -# (Optional) Number of maximum active Fernet keys. Integer > 0. -# Defaults to $::os_service_default -# -# [*enable_bootstrap*] -# (Optional) Enable keystone bootstrapping. -# Per upstream Keystone Mitaka commit 7b7fea7a3fe7677981fbf9bac5121bc15601163 -# keystone no longer creates the default domain during the db_sync. This -# domain is used as the domain for any users created using the legacy v2.0 -# API. This option to true will automatically bootstrap the default domain -# user by running 'keystone-manage bootstrap'. -# Defaults to true - -# [*default_domain*] -# (optional) When Keystone v3 support is enabled, v2 clients will need -# to have a domain assigned for certain operations. For example, -# doing a user create operation must have a domain associated with it. -# This is the domain which will be used if a domain is needed and not -# explicitly set in the request. Using this means that you will have -# to add it to every user/tenant/user_role you create, as without a domain -# qualification those resources goes into "Default" domain. See README. -# Defaults to undef (will use built-in Keystone default) -# -# [*memcache_dead_retry*] -# (optional) Number of seconds memcached server is considered dead before it -# is tried again. This is used for the cache memcache_dead_retry and the -# memcache dead_retry values. -# Defaults to $::os_service_default -# -# [*memcache_socket_timeout*] -# (optional) Timeout in seconds for every call to a server. -# Defaults to $::os_service_default -# -# [*memcache_pool_maxsize*] -# (optional) Max total number of open connections to every memcached server. -# Defaults to $::os_service_default -# -# [*memcache_pool_unused_timeout*] -# (optional) Number of seconds a connection to memcached is held unused in -# the pool before it is closed. -# Defaults to $::os_service_default -# -# [*policy_driver*] -# Policy backend driver. (string value) -# Defaults to $::os_service_default. -# -# [*using_domain_config*] -# (optional) Eases the use of the keystone_domain_config resource type. -# It ensures that a directory for holding the domain configuration is present -# and the associated configuration in keystone.conf is set up right. -# Defaults to false -# -# [*domain_config_directory*] -# (optional) Specify a domain configuration directory. -# For this to work the using_domain_config must be set to true. Raise an -# error if it's not the case. -# Defaults to '/etc/keystone/domains' -# -# [*keystone_user*] -# (optional) Specify the keystone system user to be used with keystone-manage. -# Defaults to 'keystone' -# -# [*keystone_group*] -# (optional) Specify the keystone system group to be used with keystone-manage. -# Defaults to 'keystone' -# -# [*manage_policyrcd*] -# (optional) Whether to manage the policy-rc.d on debian based systems to -# prevent keystone eventlet from auto-starting on package install. -# Defaults to false -# -# == Dependencies -# None -# -# == Examples -# -# class { 'keystone': -# log_verbose => 'True', -# admin_token => 'my_special_token', -# } -# -# OR -# -# class { 'keystone': -# ... -# service_name => 'httpd', -# ... -# } -# class { 'keystone::wsgi::apache': -# ... -# } -# -# == Authors -# -# Dan Bode dan@puppetlabs.com -# -# == Copyright -# -# Copyright 2012 Puppetlabs Inc, unless otherwise noted. -# -class keystone( - $admin_token, - $package_ensure = 'present', - $client_package_ensure = 'present', - $public_bind_host = '0.0.0.0', - $admin_bind_host = '0.0.0.0', - $public_port = '5000', - $admin_port = '35357', - $verbose = undef, - $debug = undef, - $log_dir = undef, - $log_file = undef, - $use_syslog = undef, - $use_stderr = undef, - $log_facility = undef, - $catalog_type = 'sql', - $catalog_driver = false, - $catalog_template_file = '/etc/keystone/default_catalog.templates', - $token_provider = 'uuid', - $token_driver = 'sql', - $token_expiration = 3600, - $revoke_driver = $::os_service_default, - $revoke_by_id = true, - $public_endpoint = $::os_service_default, - $admin_endpoint = $::os_service_default, - $enable_ssl = false, - $ssl_certfile = '/etc/keystone/ssl/certs/keystone.pem', - $ssl_keyfile = '/etc/keystone/ssl/private/keystonekey.pem', - $ssl_ca_certs = '/etc/keystone/ssl/certs/ca.pem', - $ssl_ca_key = '/etc/keystone/ssl/private/cakey.pem', - $ssl_cert_subject = '/C=US/ST=Unset/L=Unset/O=Unset/CN=localhost', - $cache_dir = '/var/cache/keystone', - $memcache_servers = $::os_service_default, - $manage_service = true, - $cache_backend = $::os_service_default, - $cache_backend_argument = $::os_service_default, - $cache_enabled = $::os_service_default, - $cache_memcache_servers = $::os_service_default, - $debug_cache_backend = $::os_service_default, - $token_caching = $::os_service_default, - $enabled = true, - $database_connection = undef, - $database_idle_timeout = undef, - $database_max_retries = undef, - $database_retry_interval = undef, - $database_min_pool_size = undef, - $database_max_pool_size = undef, - $database_max_overflow = undef, - $enable_pki_setup = false, - $signing_certfile = '/etc/keystone/ssl/certs/signing_cert.pem', - $signing_keyfile = '/etc/keystone/ssl/private/signing_key.pem', - $signing_ca_certs = '/etc/keystone/ssl/certs/ca.pem', - $signing_ca_key = '/etc/keystone/ssl/private/cakey.pem', - $signing_cert_subject = '/C=US/ST=Unset/L=Unset/O=Unset/CN=www.example.com', - $signing_key_size = 2048, - $rabbit_host = $::os_service_default, - $rabbit_hosts = $::os_service_default, - $rabbit_password = $::os_service_default, - $rabbit_port = $::os_service_default, - $rabbit_userid = $::os_service_default, - $rabbit_virtual_host = $::os_service_default, - $rabbit_heartbeat_timeout_threshold = $::os_service_default, - $rabbit_heartbeat_rate = $::os_service_default, - $rabbit_use_ssl = $::os_service_default, - $rabbit_ha_queues = undef, - $kombu_ssl_ca_certs = $::os_service_default, - $kombu_ssl_certfile = $::os_service_default, - $kombu_ssl_keyfile = $::os_service_default, - $kombu_ssl_version = $::os_service_default, - $notification_driver = $::os_service_default, - $notification_topics = $::os_service_default, - $notification_format = $::os_service_default, - $control_exchange = $::os_service_default, - $validate_service = false, - $validate_insecure = false, - $validate_auth_url = false, - $validate_cacert = undef, - $paste_config = $::os_service_default, - $service_provider = $::keystone::params::service_provider, - $service_name = $::keystone::params::service_name, - $max_token_size = $::os_service_default, - $sync_db = true, - $enable_fernet_setup = false, - $fernet_key_repository = '/etc/keystone/fernet-keys', - $fernet_max_active_keys = $::os_service_default, - $default_domain = undef, - $enable_bootstrap = true, - $memcache_dead_retry = $::os_service_default, - $memcache_socket_timeout = $::os_service_default, - $memcache_pool_maxsize = $::os_service_default, - $memcache_pool_unused_timeout = $::os_service_default, - $policy_driver = $::os_service_default, - $using_domain_config = false, - $domain_config_directory = '/etc/keystone/domains', - $keystone_user = $::keystone::params::keystone_user, - $keystone_group = $::keystone::params::keystone_group, - $manage_policyrcd = false, - # DEPRECATED PARAMETERS - $admin_workers = max($::processorcount, 2), - $public_workers = max($::processorcount, 2), -) inherits keystone::params { - - include ::keystone::deps - include ::keystone::logging - - if ! $catalog_driver { - validate_re($catalog_type, 'template|sql') - } - - if ($admin_endpoint and 'v2.0' in $admin_endpoint) { - warning('Version string /v2.0/ should not be included in keystone::admin_endpoint') - } - - if ($public_endpoint and 'v2.0' in $public_endpoint) { - warning('Version string /v2.0/ should not be included in keystone::public_endpoint') - } - - if ! is_service_default($rabbit_use_ssl) and !$rabbit_use_ssl { - if ! is_service_default($kombu_ssl_ca_certs) and ($kombu_ssl_ca_certs) { - fail('The kombu_ssl_ca_certs parameter requires rabbit_use_ssl to be set to true') - } - if ! is_service_default($kombu_ssl_certfile) and ($kombu_ssl_certfile) { - fail('The kombu_ssl_certfile parameter requires rabbit_use_ssl to be set to true') - } - if ! is_service_default($kombu_ssl_keyfile) and ($kombu_ssl_keyfile) { - fail('The kombu_ssl_keyfile parameter requires rabbit_use_ssl to be set to true') - } - } - - if $manage_policyrcd { - # openstacklib policy_rcd only affects debian based systems. - Policy_rcd <| title == 'keystone' |> -> Package['keystone'] - Policy_rcd['apache2'] -> Package['httpd'] - $policy_services = ['keystone', 'apache2'] - ensure_resource('policy_rcd', $policy_services, { ensure => present, 'set_code' => '101' }) - } - - include ::keystone::db - include ::keystone::params - - package { 'keystone': - ensure => $package_ensure, - name => $::keystone::params::package_name, - tag => ['openstack', 'keystone-package'], - } - if $client_package_ensure == 'present' { - include '::keystone::client' - } else { - class { '::keystone::client': - ensure => $client_package_ensure, - } - } - - keystone_config { - 'DEFAULT/admin_token': value => $admin_token, secret => true; - 'DEFAULT/public_bind_host': value => $public_bind_host; - 'DEFAULT/admin_bind_host': value => $admin_bind_host; - 'DEFAULT/public_port': value => $public_port; - 'DEFAULT/admin_port': value => $admin_port; - 'paste_deploy/config_file': value => $paste_config; - } - - # Endpoint configuration - keystone_config { - 'DEFAULT/public_endpoint': value => $public_endpoint; - 'DEFAULT/admin_endpoint': value => $admin_endpoint; - } - - # requirements for memcache token driver - if ($token_driver =~ /memcache/ ) { - ensure_packages('python-memcache', { - ensure => present, - name => $::keystone::params::python_memcache_package_name, - tag => ['openstack'], - }) - } - - keystone_config { - 'token/driver': value => $token_driver; - 'token/expiration': value => $token_expiration; - } - - keystone_config { - 'revoke/driver': value => $revoke_driver; - } - - keystone_config { - 'policy/driver': value => $policy_driver; - } - - # ssl config - if ($enable_ssl) { - keystone_config { - 'ssl/enable': value => true; - 'ssl/certfile': value => $ssl_certfile; - 'ssl/keyfile': value => $ssl_keyfile; - 'ssl/ca_certs': value => $ssl_ca_certs; - 'ssl/ca_key': value => $ssl_ca_key; - 'ssl/cert_subject': value => $ssl_cert_subject; - } - } else { - keystone_config { - 'ssl/enable': value => false; - } - } - - if !is_service_default($memcache_servers) or !is_service_default($cache_memcache_servers) { - Service<| title == 'memcached' |> -> Anchor['keystone::service::begin'] - } - - # TODO(aschultz): remove in N cycle - if is_service_default($cache_memcache_servers) and !is_service_default($memcache_servers) { - warning('The keystone module now provides a $cache_memcache_servers to be used with caching. Please specify it separately to configure cache/memcache_servers for keystone. This backwards compatibility will be removed in the N cycle.') - $cache_memcache_servers_real = $memcache_servers - } else { - $cache_memcache_servers_real = $cache_memcache_servers - } - - # TODO(aschultz): remove in N cycle - if is_service_default($cache_enabled) and (!is_service_default($memcache_servers) or !is_service_default($cache_memcache_servers_real)) and !is_service_default($cache_backend) { - warning('cache_enabled has been added to control weither or not to enable caching. Please specify it separately to configure caching. We have enabled caching as a backwards compatibility that will be removed in the N cycle') - $cache_enabled_real = true - } else { - $cache_enabled_real = $cache_enabled - } - - keystone_config { - 'cache/backend': value => $cache_backend; - 'cache/backend_argument': value => join(any2array($cache_backend_argument), ','); - 'cache/debug_cache_backend': value => $debug_cache_backend; - 'cache/enabled': value => $cache_enabled_real; - 'cache/memcache_dead_retry': value => $memcache_dead_retry; - 'cache/memcache_pool_maxsize': value => $memcache_pool_maxsize; - 'cache/memcache_pool_unused_timeout': value => $memcache_pool_unused_timeout; - 'cache/memcache_servers': value => join(any2array($cache_memcache_servers_real), ','); - 'cache/memcache_socket_timeout': value => $memcache_socket_timeout; - 'memcache/dead_retry': value => $memcache_dead_retry; - 'memcache/pool_maxsize': value => $memcache_pool_maxsize; - 'memcache/pool_unused_timeout': value => $memcache_pool_unused_timeout; - 'memcache/servers': value => join(any2array($memcache_servers), ','); - 'memcache/socket_timeout': value => $memcache_socket_timeout; - 'token/caching': value => $token_caching; - } - - # configure based on the catalog backend - if $catalog_driver { - $catalog_driver_real = $catalog_driver - } - elsif ($catalog_type == 'template') { - $catalog_driver_real = 'templated' - } - elsif ($catalog_type == 'sql') { - $catalog_driver_real = 'sql' - } - - keystone_config { - 'catalog/driver': value => $catalog_driver_real; - 'catalog/template_file': value => $catalog_template_file; - } - - # Set the signing key/cert configuration values. - keystone_config { - 'signing/certfile': value => $signing_certfile; - 'signing/keyfile': value => $signing_keyfile; - 'signing/ca_certs': value => $signing_ca_certs; - 'signing/ca_key': value => $signing_ca_key; - 'signing/cert_subject': value => $signing_cert_subject; - 'signing/key_size': value => $signing_key_size; - } - - # Only do pki_setup if we were asked to do so. This is needed - # regardless of the token provider since token revocation lists - # are always signed. - if $enable_pki_setup { - # Create cache directory used for signing. - file { $cache_dir: - ensure => directory, - } - - exec { 'keystone-manage pki_setup': - command => "keystone-manage pki_setup --keystone-user ${keystone_user} --keystone-group ${keystone_group}", - path => '/usr/bin', - refreshonly => true, - creates => $signing_keyfile, - notify => Anchor['keystone::service::begin'], - subscribe => [Anchor['keystone::install::end'], Anchor['keystone::config::end']], - tag => 'keystone-exec', - } - } - - keystone_config { - 'token/provider': value => $token_provider; - 'DEFAULT/max_token_size': value => $max_token_size; - 'DEFAULT/notification_driver': value => $notification_driver; - 'DEFAULT/notification_topics': value => $notification_topics; - 'DEFAULT/notification_format': value => $notification_format; - 'DEFAULT/control_exchange': value => $control_exchange; - } - - if ! is_service_default($rabbit_hosts) and $rabbit_hosts { - keystone_config { - 'oslo_messaging_rabbit/rabbit_hosts': value => join($rabbit_hosts, ','); - } - } else { - keystone_config { - 'oslo_messaging_rabbit/rabbit_host': value => $rabbit_host; - 'oslo_messaging_rabbit/rabbit_port': value => $rabbit_port; - 'oslo_messaging_rabbit/rabbit_hosts': ensure => absent; - } - } - - if $rabbit_ha_queues != undef { - keystone_config { 'oslo_messaging_rabbit/rabbit_ha_queues': value => $rabbit_ha_queues } - } else { - if ! is_service_default($rabbit_hosts) and $rabbit_hosts { - keystone_config { 'oslo_messaging_rabbit/rabbit_ha_queues': value => true } - } else { - keystone_config { 'oslo_messaging_rabbit/rabbit_ha_queues': value => false } - } - } - - keystone_config { - 'oslo_messaging_rabbit/rabbit_use_ssl': value => $rabbit_use_ssl; - 'oslo_messaging_rabbit/rabbit_password': value => $rabbit_password, secret => true; - 'oslo_messaging_rabbit/rabbit_userid': value => $rabbit_userid; - 'oslo_messaging_rabbit/rabbit_virtual_host': value => $rabbit_virtual_host; - 'oslo_messaging_rabbit/heartbeat_timeout_threshold': value => $rabbit_heartbeat_timeout_threshold; - 'oslo_messaging_rabbit/heartbeat_rate': value => $rabbit_heartbeat_rate; - 'oslo_messaging_rabbit/kombu_ssl_ca_certs': value => $kombu_ssl_ca_certs; - 'oslo_messaging_rabbit/kombu_ssl_certfile': value => $kombu_ssl_certfile; - 'oslo_messaging_rabbit/kombu_ssl_keyfile': value => $kombu_ssl_keyfile; - 'oslo_messaging_rabbit/kombu_ssl_version': value => $kombu_ssl_version; - } - - keystone_config { - 'eventlet_server/admin_workers': value => $admin_workers; - 'eventlet_server/public_workers': value => $public_workers; - } - - if $manage_service { - if $enabled { - $service_ensure = 'running' - } else { - $service_ensure = 'stopped' - } - } else { - warning('Execution of db_sync does not depend on $enabled anymore. Please use sync_db instead.') - } - - if $service_name == $::keystone::params::service_name { - $service_name_real = $::keystone::params::service_name - if $validate_service { - if $validate_auth_url { - $v_auth_url = $validate_auth_url - } else { - $v_auth_url = $admin_endpoint - } - - class { '::keystone::service': - ensure => $service_ensure, - service_name => $service_name, - enable => $enabled, - hasstatus => true, - hasrestart => true, - provider => $service_provider, - validate => true, - admin_endpoint => $v_auth_url, - admin_token => $admin_token, - insecure => $validate_insecure, - cacert => $validate_cacert, - } - } else { - class { '::keystone::service': - ensure => $service_ensure, - service_name => $service_name, - enable => $enabled, - hasstatus => true, - hasrestart => true, - provider => $service_provider, - validate => false, - } - } - warning('Keystone under Eventlet has been deprecated during the Kilo cycle. Support for deploying under eventlet will be dropped as of the M-release of OpenStack.') - } elsif $service_name == 'httpd' { - include ::apache::params - class { '::keystone::service': - ensure => 'stopped', - service_name => $::keystone::params::service_name, - enable => false, - provider => $service_provider, - validate => false, - } - $service_name_real = $::apache::params::service_name - # leave this here because Ubuntu packages will start Keystone and we need it stopped - # before apache can run - Service['keystone'] -> Service[$service_name_real] - } else { - fail('Invalid service_name. Either keystone/openstack-keystone for running as a standalone service, or httpd for being run by a httpd server') - } - - if $sync_db { - include ::keystone::db::sync - } - - # Fernet tokens support - if $enable_fernet_setup { - validate_string($fernet_key_repository) - exec { 'keystone-manage fernet_setup': - command => "keystone-manage fernet_setup --keystone-user ${keystone_user} --keystone-group ${keystone_group}", - path => '/usr/bin', - refreshonly => true, - creates => "${fernet_key_repository}/0", - notify => Anchor['keystone::service::begin'], - subscribe => [Anchor['keystone::install::end'], Anchor['keystone::config::end']], - tag => 'keystone-exec', - } - } - - if $fernet_key_repository { - keystone_config { - 'fernet_tokens/key_repository': value => $fernet_key_repository; - } - } else { - keystone_config { - 'fernet_tokens/key_repository': ensure => absent; - } - } - - keystone_config { - 'token/revoke_by_id': value => $revoke_by_id; - 'fernet_tokens/max_active_keys': value => $fernet_max_active_keys; - } - - # Update this code when https://bugs.launchpad.net/keystone/+bug/1472285 is addressed. - # 1/ Keystone needs to be started before creating the default domain - # 2/ Once the default domain is created, we can query Keystone to get the default domain ID - # 3/ The Keystone_domain provider has in charge of doing the query and configure keystone.conf - # 4/ After such a change, we need to restart Keystone service. - # restart_keystone exec is doing 4/, it restart Keystone if we have a new default domain setted - # and if we manage the service to be enabled. - if $manage_service and $enabled { - exec { 'restart_keystone': - path => ['/usr/sbin', '/usr/bin', '/sbin', '/bin/'], - command => "service ${service_name_real} restart", - refreshonly => true, - } - } - - if $default_domain { - keystone_domain { $default_domain: - ensure => present, - enabled => true, - is_default => true, - require => Service[$service_name], - notify => Exec['restart_keystone'], - } - anchor { 'default_domain_created': - require => Keystone_domain[$default_domain], - } - } - if $domain_config_directory != '/etc/keystone/domains' and !$using_domain_config { - fail('You must activate domain configuration using "using_domain_config" parameter to keystone class.') - } - - if $enable_bootstrap { - # this requires the database to be up and running and configured - # and is only run once, so we don't need to notify the service - exec { 'keystone-manage bootstrap': - command => "keystone-manage bootstrap --bootstrap-password ${admin_token}", - path => '/usr/bin', - refreshonly => true, - notify => Anchor['keystone::service::begin'], - subscribe => Anchor['keystone::dbsync::end'], - tag => 'keystone-exec', - } - } - - if $using_domain_config { - validate_absolute_path($domain_config_directory) - # Better than ensure resource. We don't want to conflict with any - # user definition even if they don't match exactly our parameters. - # The error catching mechanism in the provider will remind them if - # they did something silly, like defining a file rather than a - # directory. For the permission it's their choice. - if (!defined(File[$domain_config_directory])) { - file { $domain_config_directory: - ensure => directory, - owner => 'keystone', - group => 'keystone', - mode => '0750', - notify => Service[$service_name], - require => Anchor['keystone::install::end'], - } - } - # Here we want the creation to fail if the user has created those - # resources with different values. That means that the user - # wrongly uses using_domain_config parameter. - ensure_resource( - 'keystone_config', - 'identity/domain_specific_drivers_enabled', - {'value' => true} - ) - ensure_resource( - 'keystone_config', - 'identity/domain_config_dir', - {'value' => $domain_config_directory} - ) - } -} diff --git a/keystone/manifests/ldap.pp b/keystone/manifests/ldap.pp deleted file mode 100644 index 4dab4fb6c..000000000 --- a/keystone/manifests/ldap.pp +++ /dev/null @@ -1,563 +0,0 @@ -# == class: keystone::ldap -# -# Implements ldap configuration for keystone. -# -# === parameters: -# -# [*url*] -# URL for connecting to the LDAP server. (string value) -# Defaults to 'undef' -# -# [*user*] -# User BindDN to query the LDAP server. (string value) -# Defaults to 'undef' -# -# [*password*] -# Password for the BindDN to query the LDAP server. (string value) -# Defaults to 'undef' -# -# [*suffix*] -# LDAP server suffix (string value) -# Defaults to 'undef' -# -# [*query_scope*] -# The LDAP scope for queries, this can be either "one" -# (onelevel/singleLevel) or "sub" (subtree/wholeSubtree). (string value) -# Defaults to 'undef' -# -# [*page_size*] -# Maximum results per page; a value of zero ("0") disables paging. (integer value) -# Defaults to 'undef' -# -# [*user_tree_dn*] -# Search base for users. (string value) -# Defaults to 'undef' -# -# [*user_filter*] -# LDAP search filter for users. (string value) -# Defaults to 'undef' -# -# [*user_objectclass*] -# LDAP objectclass for users. (string value) -# Defaults to 'undef' -# -# [*user_id_attribute*] -# LDAP attribute mapped to user id. WARNING: must not be a multivalued attribute. (string value) -# Defaults to 'undef' -# -# [*user_name_attribute*] -# LDAP attribute mapped to user name. (string value) -# Defaults to 'undef' -# -# [*user_mail_attribute*] -# LDAP attribute mapped to user email. (string value) -# -# [*user_enabled_attribute*] -# LDAP attribute mapped to user enabled flag. (string value) -# Defaults to 'undef' -# -# [*user_enabled_mask*] -# Bitmask integer to indicate the bit that the enabled value is stored in if -# the LDAP server represents "enabled" as a bit on an integer rather than a -# boolean. A value of "0" indicates the mask is not used. If this is not set -# to "0" the typical value is "2". This is typically used when -# "user_enabled_attribute = userAccountControl". (integer value) -# Defaults to 'undef' -# -# [*user_enabled_default*] -# Default value to enable users. This should match an appropriate int value -# if the LDAP server uses non-boolean (bitmask) values to indicate if a user -# is enabled or disabled. If this is not set to "True" the typical value is -# "512". This is typically used when "user_enabled_attribute = -# userAccountControl". (string value) -# Defaults to 'undef' -# -# [*user_enabled_invert*] -# Invert the meaning of the boolean enabled values. Some LDAP servers use a -# boolean lock attribute where "true" means an account is disabled. Setting -# "user_enabled_invert = true" will allow these lock attributes to be used. -# This setting will have no effect if "user_enabled_mask" or -# "user_enabled_emulation" settings are in use. (boolean value) -# Defaults to 'undef' -# -# [*user_attribute_ignore*] -# List of attributes stripped off the user on update. (list value) -# Defaults to 'undef' -# -# [*user_default_project_id_attribute*] -# LDAP attribute mapped to default_project_id for users. (string value) -# Defaults to 'undef' -# -# [*user_allow_create*] -# Allow user creation in LDAP backend. (boolean value) -# Defaults to 'undef' -# -# [*user_allow_update*] -# Allow user updates in LDAP backend. (boolean value) -# Defaults to 'undef' -# -# [*user_allow_delete*] -# Allow user deletion in LDAP backend. (boolean value) -# Defaults to 'undef' -# -# [*user_pass_attribute*] -# LDAP attribute mapped to password. (string value) -# Defaults to 'undef' -# -# [*user_enabled_emulation*] -# If true, Keystone uses an alternative method to determine if -# a user is enabled or not by checking if they are a member of -# the "user_enabled_emulation_dn" group. (boolean value) -# Defaults to 'undef' -# -# [*user_enabled_emulation_dn*] -# DN of the group entry to hold enabled users when using enabled emulation. -# (string value) -# Defaults to 'undef' -# -# [*user_additional_attribute_mapping*] -# List of additional LDAP attributes used for mapping -# additional attribute mappings for users. Attribute mapping -# format is :, where ldap_attr is the -# attribute in the LDAP entry and user_attr is the Identity -# API attribute. (list value) -# Defaults to 'undef' -# -# [*project_tree_dn*] -# Search base for projects (string value) -# Defaults to 'undef' -# -# [*project_filter*] -# LDAP search filter for projects. (string value) -# Defaults to 'undef' -# -# [*project_objectclass*] -# LDAP objectclass for projects. (string value) -# Defaults to 'undef' -# -# [*project_id_attribute*] -# LDAP attribute mapped to project id. (string value) -# Defaults to 'undef' -# -# [*project_member_attribute*] -# LDAP attribute mapped to project membership for user. (string value) -# Defaults to 'undef' -# -# [*project_name_attribute*] -# LDAP attribute mapped to project name. (string value) -# Defaults to 'undef' -# -# [*project_desc_attribute*] -# LDAP attribute mapped to project description. (string value) -# Defaults to 'undef' -# -# [*project_enabled_attribute*] -# LDAP attribute mapped to project enabled. (string value) -# Defaults to 'undef' -# -# [*project_domain_id_attribute*] -# LDAP attribute mapped to project domain_id. (string value) -# Defaults to 'undef' -# -# [*project_attribute_ignore*] -# List of attributes stripped off the project on update. (list value) -# Defaults to 'undef' -# -# [*project_allow_create*] -# Allow project creation in LDAP backend. (boolean value) -# Defaults to 'undef' -# -# [*project_allow_update*] -# Allow project update in LDAP backend. (boolean value) -# Defaults to 'undef' -# -# [*project_allow_delete*] -# Allow project deletion in LDAP backend. (boolean value) -# Defaults to 'undef' -# -# [*project_enabled_emulation*] -# If true, Keystone uses an alternative method to determine if -# a project is enabled or not by checking if they are a member -# of the "project_enabled_emulation_dn" group. (boolean value) -# Defaults to 'undef' -# -# [*project_enabled_emulation_dn*] -# DN of the group entry to hold enabled projects when using -# enabled emulation. (string value) -# Defaults to 'undef' -# -# [*project_additional_attribute_mapping*] -# Additional attribute mappings for projects. Attribute -# mapping format is :, where ldap_attr -# is the attribute in the LDAP entry and user_attr is the -# Identity API attribute. (list value) -# Defaults to 'undef' -# -# [*role_tree_dn*] -# Search base for roles. (string value) -# Defaults to 'undef' -# -# [*role_filter*] -# LDAP search filter for roles. (string value) -# Defaults to 'undef' -# -# [*role_objectclass*] -# LDAP objectclass for roles. (string value) -# Defaults to 'undef' -# -# [*role_id_attribute*] -# LDAP attribute mapped to role id. (string value) -# Defaults to 'undef' -# -# [*role_name_attribute*] -# LDAP attribute mapped to role name. (string value) -# Defaults to 'undef' -# -# [*role_member_attribute*] -# LDAP attribute mapped to role membership. (string value) -# Defaults to 'undef' -# -# [*role_attribute_ignore*] -# List of attributes stripped off the role on update. (list value) -# Defaults to 'undef' -# -# [*role_allow_create*] -# Allow role creation in LDAP backend. (boolean value) -# Defaults to 'undef' -# -# [*role_allow_update*] -# Allow role update in LDAP backend. (boolean value) -# Defaults to 'undef' -# -# [*role_allow_delete*] -# Allow role deletion in LDAP backend. (boolean value) -# Defaults to 'undef' -# -# [*role_additional_attribute_mapping*] -# Additional attribute mappings for roles. Attribute mapping -# format is :, where ldap_attr is the -# attribute in the LDAP entry and user_attr is the Identity -# API attribute. (list value) -# Defaults to 'undef' -# -# [*group_tree_dn*] -# Search base for groups. (string value) -# Defaults to 'undef' -# -# [*group_filter*] -# LDAP search filter for groups. (string value) -# Defaults to 'undef' -# -# [*group_objectclass*] -# LDAP objectclass for groups. (string value) -# Defaults to 'undef' -# -# [*group_id_attribute*] -# LDAP attribute mapped to group id. (string value) -# Defaults to 'undef' -# -# [*group_name_attribute*] -# LDAP attribute mapped to group name. (string value) -# Defaults to 'undef' -# -# [*group_member_attribute*] -# LDAP attribute mapped to show group membership. (string value) -# Defaults to 'undef' -# -# [*group_desc_attribute*] -# LDAP attribute mapped to group description. (string value) -# Defaults to 'undef' -# -# [*group_attribute_ignore*] -# List of attributes stripped off the group on update. (list value) -# Defaults to 'undef' -# -# [*group_allow_create*] -# Allow group creation in LDAP backend. (boolean value) -# Defaults to 'undef' -# -# [*group_allow_update*] -# Allow group update in LDAP backend. (boolean value) -# Defaults to 'undef' -# -# [*group_allow_delete*] -# Allow group deletion in LDAP backend. (boolean value) -# Defaults to 'undef' -# -# [*group_additional_attribute_mapping*] -# Additional attribute mappings for groups. Attribute mapping -# format is :, where ldap_attr is the -# attribute in the LDAP entry and user_attr is the Identity -# API attribute. (list value) -# Defaults to 'undef' -# -# [*use_tls*] -# Enable TLS for communicating with LDAP servers. (boolean value) -# Defaults to 'undef' -# -# [*tls_cacertfile*] -# CA certificate file path for communicating with LDAP servers. (string value) -# Defaults to 'undef' -# -# [*tls_cacertdir*] -# CA certificate directory path for communicating with LDAP servers. (string value) -# Defaults to 'undef' -# -# [*tls_req_cert*] -# Valid options for tls_req_cert are demand, never, and allow. (string value) -# Defaults to 'undef' -# -# [*identity_driver*] -# Identity backend driver. (string value) -# Defaults to 'undef' -# -# [*credential_driver*] -# Credential backend driver. (string value) -# Defaults to 'undef' -# -# [*assignment_driver*] -# Assignment backend driver. (string value) -# Defaults to 'undef' -# -# [*use_pool*] -# Enable LDAP connection pooling. (boolean value) -# Defaults to false -# -# [*pool_size*] -# Connection pool size. (integer value) -# Defaults to '10' -# -# [*pool_retry_max*] -# Maximum count of reconnect trials. (integer value) -# Defaults to '3' -# -# [*pool_retry_delay*] -# Time span in seconds to wait between two reconnect trials. (floating point value) -# Defaults to '0.1' -# -# [*pool_connection_timeout*] -# Connector timeout in seconds. Value -1 indicates indefinite wait for response. (integer value) -# Defaults to '-1' -# -# [*pool_connection_lifetime*] -# Connection lifetime in seconds. (integer value) -# Defaults to '600' -# -# [*use_auth_pool*] -# Enable LDAP connection pooling for end user authentication. -# If use_pool is disabled, then this setting is meaningless and is not used at all. (boolean value) -# Defaults to false -# -# [*auth_pool_size*] -# End user auth connection pool size. (integer value) -# Defaults to '100' -# -# [*auth_pool_connection_lifetime*] -# End user auth connection lifetime in seconds. (integer value) -# Defaults to '60' -# -# [*package_ensure*] -# (optional) Desired ensure state of packages. -# accepts latest or specific versions. -# Defaults to present. -# -# [*manage_packages*] -# (optional) Whether or not this module should manage -# LDAP support packages. -# Defaults to true. -# -# === DEPRECATED group/name -# -# == Dependencies -# == Examples -# == Authors -# -# Dan Bode dan@puppetlabs.com -# Matt Fischer matt@mattfischer.com -# -# == Copyright -# -# Copyright 2012 Puppetlabs Inc, unless otherwise noted. -# -class keystone::ldap( - $url = undef, - $user = undef, - $password = undef, - $suffix = undef, - $query_scope = undef, - $page_size = undef, - $user_tree_dn = undef, - $user_filter = undef, - $user_objectclass = undef, - $user_id_attribute = undef, - $user_name_attribute = undef, - $user_mail_attribute = undef, - $user_enabled_attribute = undef, - $user_enabled_mask = undef, - $user_enabled_default = undef, - $user_enabled_invert = undef, - $user_attribute_ignore = undef, - $user_default_project_id_attribute = undef, - $user_allow_create = undef, - $user_allow_update = undef, - $user_allow_delete = undef, - $user_pass_attribute = undef, - $user_enabled_emulation = undef, - $user_enabled_emulation_dn = undef, - $user_additional_attribute_mapping = undef, - $project_tree_dn = undef, - $project_filter = undef, - $project_objectclass = undef, - $project_id_attribute = undef, - $project_member_attribute = undef, - $project_desc_attribute = undef, - $project_name_attribute = undef, - $project_enabled_attribute = undef, - $project_domain_id_attribute = undef, - $project_attribute_ignore = undef, - $project_allow_create = undef, - $project_allow_update = undef, - $project_allow_delete = undef, - $project_enabled_emulation = undef, - $project_enabled_emulation_dn = undef, - $project_additional_attribute_mapping= undef, - $role_tree_dn = undef, - $role_filter = undef, - $role_objectclass = undef, - $role_id_attribute = undef, - $role_name_attribute = undef, - $role_member_attribute = undef, - $role_attribute_ignore = undef, - $role_allow_create = undef, - $role_allow_update = undef, - $role_allow_delete = undef, - $role_additional_attribute_mapping = undef, - $group_tree_dn = undef, - $group_filter = undef, - $group_objectclass = undef, - $group_id_attribute = undef, - $group_name_attribute = undef, - $group_member_attribute = undef, - $group_desc_attribute = undef, - $group_attribute_ignore = undef, - $group_allow_create = undef, - $group_allow_update = undef, - $group_allow_delete = undef, - $group_additional_attribute_mapping = undef, - $use_tls = undef, - $tls_cacertdir = undef, - $tls_cacertfile = undef, - $tls_req_cert = undef, - $identity_driver = undef, - $assignment_driver = undef, - $credential_driver = undef, - $use_pool = false, - $pool_size = 10, - $pool_retry_max = 3, - $pool_retry_delay = 0.1, - $pool_connection_timeout = -1, - $pool_connection_lifetime = 600, - $use_auth_pool = false, - $auth_pool_size = 100, - $auth_pool_connection_lifetime = 60, - $package_ensure = present, - $manage_packages = true, -) { - - include ::keystone::deps - - if $manage_packages { - $ldap_packages = ['python-ldap', 'python-ldappool'] - ensure_resource('package', $ldap_packages, { ensure => $package_ensure, - tag => 'keystone-package' }) - } - - if ($tls_cacertdir != undef) { - file { $tls_cacertdir: - ensure => directory - } - } - - keystone_config { - 'ldap/url': value => $url; - 'ldap/user': value => $user; - 'ldap/password': value => $password, secret => true; - 'ldap/suffix': value => $suffix; - 'ldap/query_scope': value => $query_scope; - 'ldap/page_size': value => $page_size; - 'ldap/user_tree_dn': value => $user_tree_dn; - 'ldap/user_filter': value => $user_filter; - 'ldap/user_objectclass': value => $user_objectclass; - 'ldap/user_id_attribute': value => $user_id_attribute; - 'ldap/user_name_attribute': value => $user_name_attribute; - 'ldap/user_mail_attribute': value => $user_mail_attribute; - 'ldap/user_enabled_attribute': value => $user_enabled_attribute; - 'ldap/user_enabled_mask': value => $user_enabled_mask; - 'ldap/user_enabled_default': value => $user_enabled_default; - 'ldap/user_enabled_invert': value => $user_enabled_invert; - 'ldap/user_attribute_ignore': value => $user_attribute_ignore; - 'ldap/user_default_project_id_attribute': value => $user_default_project_id_attribute; - 'ldap/user_allow_create': value => $user_allow_create; - 'ldap/user_allow_update': value => $user_allow_update; - 'ldap/user_allow_delete': value => $user_allow_delete; - 'ldap/user_pass_attribute': value => $user_pass_attribute; - 'ldap/user_enabled_emulation': value => $user_enabled_emulation; - 'ldap/user_enabled_emulation_dn': value => $user_enabled_emulation_dn; - 'ldap/user_additional_attribute_mapping': value => $user_additional_attribute_mapping; - 'ldap/project_tree_dn': value => $project_tree_dn; - 'ldap/project_filter': value => $project_filter; - 'ldap/project_objectclass': value => $project_objectclass; - 'ldap/project_id_attribute': value => $project_id_attribute; - 'ldap/project_member_attribute': value => $project_member_attribute; - 'ldap/project_desc_attribute': value => $project_desc_attribute; - 'ldap/project_name_attribute': value => $project_name_attribute; - 'ldap/project_enabled_attribute': value => $project_enabled_attribute; - 'ldap/project_attribute_ignore': value => $project_attribute_ignore; - 'ldap/project_domain_id_attribute': value => $project_domain_id_attribute; - 'ldap/project_allow_create': value => $project_allow_create; - 'ldap/project_allow_update': value => $project_allow_update; - 'ldap/project_allow_delete': value => $project_allow_delete; - 'ldap/project_enabled_emulation': value => $project_enabled_emulation; - 'ldap/project_enabled_emulation_dn': value => $project_enabled_emulation_dn; - 'ldap/project_additional_attribute_mapping': value => $project_additional_attribute_mapping; - 'ldap/role_tree_dn': value => $role_tree_dn; - 'ldap/role_filter': value => $role_filter; - 'ldap/role_objectclass': value => $role_objectclass; - 'ldap/role_id_attribute': value => $role_id_attribute; - 'ldap/role_name_attribute': value => $role_name_attribute; - 'ldap/role_member_attribute': value => $role_member_attribute; - 'ldap/role_attribute_ignore': value => $role_attribute_ignore; - 'ldap/role_allow_create': value => $role_allow_create; - 'ldap/role_allow_update': value => $role_allow_update; - 'ldap/role_allow_delete': value => $role_allow_delete; - 'ldap/role_additional_attribute_mapping': value => $role_additional_attribute_mapping; - 'ldap/group_tree_dn': value => $group_tree_dn; - 'ldap/group_filter': value => $group_filter; - 'ldap/group_objectclass': value => $group_objectclass; - 'ldap/group_id_attribute': value => $group_id_attribute; - 'ldap/group_name_attribute': value => $group_name_attribute; - 'ldap/group_member_attribute': value => $group_member_attribute; - 'ldap/group_desc_attribute': value => $group_desc_attribute; - 'ldap/group_attribute_ignore': value => $group_attribute_ignore; - 'ldap/group_allow_create': value => $group_allow_create; - 'ldap/group_allow_update': value => $group_allow_update; - 'ldap/group_allow_delete': value => $group_allow_delete; - 'ldap/group_additional_attribute_mapping': value => $group_additional_attribute_mapping; - 'ldap/use_tls': value => $use_tls; - 'ldap/tls_cacertdir': value => $tls_cacertdir; - 'ldap/tls_cacertfile': value => $tls_cacertfile; - 'ldap/tls_req_cert': value => $tls_req_cert; - 'ldap/use_pool': value => $use_pool; - 'ldap/pool_size': value => $pool_size; - 'ldap/pool_retry_max': value => $pool_retry_max; - 'ldap/pool_retry_delay': value => $pool_retry_delay; - 'ldap/pool_connection_timeout': value => $pool_connection_timeout; - 'ldap/pool_connection_lifetime': value => $pool_connection_lifetime; - 'ldap/use_auth_pool': value => $use_auth_pool; - 'ldap/auth_pool_size': value => $auth_pool_size; - 'ldap/auth_pool_connection_lifetime': value => $auth_pool_connection_lifetime; - 'identity/driver': value => $identity_driver; - 'credential/driver': value => $credential_driver; - 'assignment/driver': value => $assignment_driver; - } -} diff --git a/keystone/manifests/ldap_backend.pp b/keystone/manifests/ldap_backend.pp deleted file mode 100644 index 999e1603c..000000000 --- a/keystone/manifests/ldap_backend.pp +++ /dev/null @@ -1,577 +0,0 @@ -# == define: keystone::ldap_backend -# -# Implements ldap configuration for keystone. -# -# === parameters: -# [*name*] -# The ldap backend domain's name. (string value) -# No default. -# -# [*url*] -# URL for connecting to the LDAP server. (string value) -# Defaults to 'undef' -# -# [*user*] -# User BindDN to query the LDAP server. (string value) -# Defaults to 'undef' -# -# [*password*] -# Password for the BindDN to query the LDAP server. (string value) -# Defaults to 'undef' -# -# [*suffix*] -# LDAP server suffix (string value) -# Defaults to 'undef' -# -# [*query_scope*] -# The LDAP scope for queries, this can be either "one" -# (onelevel/singleLevel) or "sub" (subtree/wholeSubtree). (string value) -# Defaults to 'undef' -# -# [*page_size*] -# Maximum results per page; a value of zero ("0") disables paging. (integer value) -# Defaults to 'undef' -# -# [*user_tree_dn*] -# Search base for users. (string value) -# Defaults to 'undef' -# -# [*user_filter*] -# LDAP search filter for users. (string value) -# Defaults to 'undef' -# -# [*user_objectclass*] -# LDAP objectclass for users. (string value) -# Defaults to 'undef' -# -# [*user_id_attribute*] -# LDAP attribute mapped to user id. WARNING: must not be a multivalued attribute. (string value) -# Defaults to 'undef' -# -# [*user_name_attribute*] -# LDAP attribute mapped to user name. (string value) -# Defaults to 'undef' -# -# [*user_mail_attribute*] -# LDAP attribute mapped to user email. (string value) -# -# [*user_enabled_attribute*] -# LDAP attribute mapped to user enabled flag. (string value) -# Defaults to 'undef' -# -# [*user_enabled_mask*] -# Bitmask integer to indicate the bit that the enabled value is stored in if -# the LDAP server represents "enabled" as a bit on an integer rather than a -# boolean. A value of "0" indicates the mask is not used. If this is not set -# to "0" the typical value is "2". This is typically used when -# "user_enabled_attribute = userAccountControl". (integer value) -# Defaults to 'undef' -# -# [*user_enabled_default*] -# Default value to enable users. This should match an appropriate int value -# if the LDAP server uses non-boolean (bitmask) values to indicate if a user -# is enabled or disabled. If this is not set to "True" the typical value is -# "512". This is typically used when "user_enabled_attribute = -# userAccountControl". (string value) -# Defaults to 'undef' -# -# [*user_enabled_invert*] -# Invert the meaning of the boolean enabled values. Some LDAP servers use a -# boolean lock attribute where "true" means an account is disabled. Setting -# "user_enabled_invert = true" will allow these lock attributes to be used. -# This setting will have no effect if "user_enabled_mask" or -# "user_enabled_emulation" settings are in use. (boolean value) -# Defaults to 'undef' -# -# [*user_attribute_ignore*] -# List of attributes stripped off the user on update. (list value) -# Defaults to 'undef' -# -# [*user_default_project_id_attribute*] -# LDAP attribute mapped to default_project_id for users. (string value) -# Defaults to 'undef' -# -# [*user_allow_create*] -# Allow user creation in LDAP backend. (boolean value) -# Defaults to 'undef' -# -# [*user_allow_update*] -# Allow user updates in LDAP backend. (boolean value) -# Defaults to 'undef' -# -# [*user_allow_delete*] -# Allow user deletion in LDAP backend. (boolean value) -# Defaults to 'undef' -# -# [*user_pass_attribute*] -# LDAP attribute mapped to password. (string value) -# Defaults to 'undef' -# -# [*user_enabled_emulation*] -# If true, Keystone uses an alternative method to determine if -# a user is enabled or not by checking if they are a member of -# the "user_enabled_emulation_dn" group. (boolean value) -# Defaults to 'undef' -# -# [*user_enabled_emulation_dn*] -# DN of the group entry to hold enabled users when using enabled emulation. -# (string value) -# Defaults to 'undef' -# -# [*user_additional_attribute_mapping*] -# List of additional LDAP attributes used for mapping -# additional attribute mappings for users. Attribute mapping -# format is :, where ldap_attr is the -# attribute in the LDAP entry and user_attr is the Identity -# API attribute. (list value) -# Defaults to 'undef' -# -# [*project_tree_dn*] -# Search base for projects (string value) -# Defaults to 'undef' -# -# [*project_filter*] -# LDAP search filter for projects. (string value) -# Defaults to 'undef' -# -# [*project_objectclass*] -# LDAP objectclass for projects. (string value) -# Defaults to 'undef' -# -# [*project_id_attribute*] -# LDAP attribute mapped to project id. (string value) -# Defaults to 'undef' -# -# [*project_member_attribute*] -# LDAP attribute mapped to project membership for user. (string value) -# Defaults to 'undef' -# -# [*project_name_attribute*] -# LDAP attribute mapped to project name. (string value) -# Defaults to 'undef' -# -# [*project_desc_attribute*] -# LDAP attribute mapped to project description. (string value) -# Defaults to 'undef' -# -# [*project_enabled_attribute*] -# LDAP attribute mapped to project enabled. (string value) -# Defaults to 'undef' -# -# [*project_domain_id_attribute*] -# LDAP attribute mapped to project domain_id. (string value) -# Defaults to 'undef' -# -# [*project_attribute_ignore*] -# List of attributes stripped off the project on update. (list value) -# Defaults to 'undef' -# -# [*project_allow_create*] -# Allow project creation in LDAP backend. (boolean value) -# Defaults to 'undef' -# -# [*project_allow_update*] -# Allow project update in LDAP backend. (boolean value) -# Defaults to 'undef' -# -# [*project_allow_delete*] -# Allow project deletion in LDAP backend. (boolean value) -# Defaults to 'undef' -# -# [*project_enabled_emulation*] -# If true, Keystone uses an alternative method to determine if -# a project is enabled or not by checking if they are a member -# of the "project_enabled_emulation_dn" group. (boolean value) -# Defaults to 'undef' -# -# [*project_enabled_emulation_dn*] -# DN of the group entry to hold enabled projects when using -# enabled emulation. (string value) -# Defaults to 'undef' -# -# [*project_additional_attribute_mapping*] -# Additional attribute mappings for projects. Attribute -# mapping format is :, where ldap_attr -# is the attribute in the LDAP entry and user_attr is the -# Identity API attribute. (list value) -# Defaults to 'undef' -# -# [*role_tree_dn*] -# Search base for roles. (string value) -# Defaults to 'undef' -# -# [*role_filter*] -# LDAP search filter for roles. (string value) -# Defaults to 'undef' -# -# [*role_objectclass*] -# LDAP objectclass for roles. (string value) -# Defaults to 'undef' -# -# [*role_id_attribute*] -# LDAP attribute mapped to role id. (string value) -# Defaults to 'undef' -# -# [*role_name_attribute*] -# LDAP attribute mapped to role name. (string value) -# Defaults to 'undef' -# -# [*role_member_attribute*] -# LDAP attribute mapped to role membership. (string value) -# Defaults to 'undef' -# -# [*role_attribute_ignore*] -# List of attributes stripped off the role on update. (list value) -# Defaults to 'undef' -# -# [*role_allow_create*] -# Allow role creation in LDAP backend. (boolean value) -# Defaults to 'undef' -# -# [*role_allow_update*] -# Allow role update in LDAP backend. (boolean value) -# Defaults to 'undef' -# -# [*role_allow_delete*] -# Allow role deletion in LDAP backend. (boolean value) -# Defaults to 'undef' -# -# [*role_additional_attribute_mapping*] -# Additional attribute mappings for roles. Attribute mapping -# format is :, where ldap_attr is the -# attribute in the LDAP entry and user_attr is the Identity -# API attribute. (list value) -# Defaults to 'undef' -# -# [*group_tree_dn*] -# Search base for groups. (string value) -# Defaults to 'undef' -# -# [*group_filter*] -# LDAP search filter for groups. (string value) -# Defaults to 'undef' -# -# [*group_objectclass*] -# LDAP objectclass for groups. (string value) -# Defaults to 'undef' -# -# [*group_id_attribute*] -# LDAP attribute mapped to group id. (string value) -# Defaults to 'undef' -# -# [*group_name_attribute*] -# LDAP attribute mapped to group name. (string value) -# Defaults to 'undef' -# -# [*group_member_attribute*] -# LDAP attribute mapped to show group membership. (string value) -# Defaults to 'undef' -# -# [*group_desc_attribute*] -# LDAP attribute mapped to group description. (string value) -# Defaults to 'undef' -# -# [*group_attribute_ignore*] -# List of attributes stripped off the group on update. (list value) -# Defaults to 'undef' -# -# [*group_allow_create*] -# Allow group creation in LDAP backend. (boolean value) -# Defaults to 'undef' -# -# [*group_allow_update*] -# Allow group update in LDAP backend. (boolean value) -# Defaults to 'undef' -# -# [*group_allow_delete*] -# Allow group deletion in LDAP backend. (boolean value) -# Defaults to 'undef' -# -# [*group_additional_attribute_mapping*] -# Additional attribute mappings for groups. Attribute mapping -# format is :, where ldap_attr is the -# attribute in the LDAP entry and user_attr is the Identity -# API attribute. (list value) -# Defaults to 'undef' -# -# [*use_tls*] -# Enable TLS for communicating with LDAP servers. (boolean value) -# Defaults to 'undef' -# -# [*tls_cacertfile*] -# CA certificate file path for communicating with LDAP servers. (string value) -# Defaults to 'undef' -# -# [*tls_cacertdir*] -# CA certificate directory path for communicating with LDAP servers. (string value) -# Defaults to 'undef' -# -# [*tls_req_cert*] -# Valid options for tls_req_cert are demand, never, and allow. (string value) -# Defaults to 'undef' -# -# [*identity_driver*] -# Identity backend driver. (string value) -# Defaults to 'ldap' -# -# [*credential_driver*] -# Credential backend driver. (string value) -# Defaults to 'undef' -# -# [*assignment_driver*] -# Assignment backend driver. (string value) -# Defaults to 'undef' -# -# [*use_pool*] -# Enable LDAP connection pooling. (boolean value) -# Defaults to false -# -# [*pool_size*] -# Connection pool size. (integer value) -# Defaults to '10' -# -# [*pool_retry_max*] -# Maximum count of reconnect trials. (integer value) -# Defaults to '3' -# -# [*pool_retry_delay*] -# Time span in seconds to wait between two reconnect trials. (floating point value) -# Defaults to '0.1' -# -# [*pool_connection_timeout*] -# Connector timeout in seconds. Value -1 indicates indefinite wait for response. (integer value) -# Defaults to '-1' -# -# [*pool_connection_lifetime*] -# Connection lifetime in seconds. (integer value) -# Defaults to '600' -# -# [*use_auth_pool*] -# Enable LDAP connection pooling for end user authentication. -# If use_pool is disabled, then this setting is meaningless and is not used at all. (boolean value) -# Defaults to false -# -# [*auth_pool_size*] -# End user auth connection pool size. (integer value) -# Defaults to '100' -# -# [*auth_pool_connection_lifetime*] -# End user auth connection lifetime in seconds. (integer value) -# Defaults to '60' -# -# [*package_ensure*] -# (optional) Desired ensure state of packages. -# accepts latest or specific versions. -# Defaults to present. -# -# [*manage_packages*] -# (optional) Whether or not this module should manage -# LDAP support packages. -# Defaults to true. -# -# === DEPRECATED group/name -# -# == Dependencies -# == Examples -define keystone::ldap_backend( - $url = undef, - $user = undef, - $password = undef, - $suffix = undef, - $query_scope = undef, - $page_size = undef, - $user_tree_dn = undef, - $user_filter = undef, - $user_objectclass = undef, - $user_id_attribute = undef, - $user_name_attribute = undef, - $user_mail_attribute = undef, - $user_enabled_attribute = undef, - $user_enabled_mask = undef, - $user_enabled_default = undef, - $user_enabled_invert = undef, - $user_attribute_ignore = undef, - $user_default_project_id_attribute = undef, - $user_allow_create = undef, - $user_allow_update = undef, - $user_allow_delete = undef, - $user_pass_attribute = undef, - $user_enabled_emulation = undef, - $user_enabled_emulation_dn = undef, - $user_additional_attribute_mapping = undef, - $project_tree_dn = undef, - $project_filter = undef, - $project_objectclass = undef, - $project_id_attribute = undef, - $project_member_attribute = undef, - $project_desc_attribute = undef, - $project_name_attribute = undef, - $project_enabled_attribute = undef, - $project_domain_id_attribute = undef, - $project_attribute_ignore = undef, - $project_allow_create = undef, - $project_allow_update = undef, - $project_allow_delete = undef, - $project_enabled_emulation = undef, - $project_enabled_emulation_dn = undef, - $project_additional_attribute_mapping= undef, - $role_tree_dn = undef, - $role_filter = undef, - $role_objectclass = undef, - $role_id_attribute = undef, - $role_name_attribute = undef, - $role_member_attribute = undef, - $role_attribute_ignore = undef, - $role_allow_create = undef, - $role_allow_update = undef, - $role_allow_delete = undef, - $role_additional_attribute_mapping = undef, - $group_tree_dn = undef, - $group_filter = undef, - $group_objectclass = undef, - $group_id_attribute = undef, - $group_name_attribute = undef, - $group_member_attribute = undef, - $group_desc_attribute = undef, - $group_attribute_ignore = undef, - $group_allow_create = undef, - $group_allow_update = undef, - $group_allow_delete = undef, - $group_additional_attribute_mapping = undef, - $use_tls = undef, - $tls_cacertdir = undef, - $tls_cacertfile = undef, - $tls_req_cert = undef, - $identity_driver = 'ldap', - $assignment_driver = undef, - $credential_driver = undef, - $use_pool = false, - $pool_size = 10, - $pool_retry_max = 3, - $pool_retry_delay = 0.1, - $pool_connection_timeout = -1, - $pool_connection_lifetime = 600, - $use_auth_pool = false, - $auth_pool_size = 100, - $auth_pool_connection_lifetime = 60, - $package_ensure = present, - $manage_packages = true, -) { - - include ::keystone::deps - - $domain_enabled = getparam(Keystone_config['identity/domain_specific_drivers_enabled'], 'value') - $domain_dir_enabled = getparam(Keystone_config['identity/domain_config_dir'], 'value') - $err_msg = "You should add \"using_domain_config => true\" parameter to your Keystone class, got \"${domain_enabled}\" for identity/domain_specific_drivers_enabled and \"${domain_dir_enabled}\" for identity/domain_config_dir" - - if(bool2num($domain_enabled) == 0) { - fail($err_msg) - } - validate_re($domain_dir_enabled, '^/.+', $err_msg) - - if (!defined(File[$domain_dir_enabled])) { - ensure_resource('file', $domain_dir_enabled, { - ensure => directory, - owner => 'keystone', - group => 'keystone', - mode => '0750', - }) - } - - $domain = $name - - if $manage_packages { - $ldap_packages = ['python-ldap', 'python-ldappool'] - ensure_resource('package', $ldap_packages, { - ensure => $package_ensure, - tag => ['openstack', 'keystone-package'], - }) - } - - if ($tls_cacertdir != undef) { - ensure_resource('file', $tls_cacertdir, { ensure => directory }) - } - - keystone_domain_config { - "${domain}::ldap/url": value => $url; - "${domain}::ldap/user": value => $user; - "${domain}::ldap/password": value => $password, secret => true; - "${domain}::ldap/suffix": value => $suffix; - "${domain}::ldap/query_scope": value => $query_scope; - "${domain}::ldap/page_size": value => $page_size; - "${domain}::ldap/user_tree_dn": value => $user_tree_dn; - "${domain}::ldap/user_filter": value => $user_filter; - "${domain}::ldap/user_objectclass": value => $user_objectclass; - "${domain}::ldap/user_id_attribute": value => $user_id_attribute; - "${domain}::ldap/user_name_attribute": value => $user_name_attribute; - "${domain}::ldap/user_mail_attribute": value => $user_mail_attribute; - "${domain}::ldap/user_enabled_attribute": value => $user_enabled_attribute; - "${domain}::ldap/user_enabled_mask": value => $user_enabled_mask; - "${domain}::ldap/user_enabled_default": value => $user_enabled_default; - "${domain}::ldap/user_enabled_invert": value => $user_enabled_invert; - "${domain}::ldap/user_attribute_ignore": value => $user_attribute_ignore; - "${domain}::ldap/user_default_project_id_attribute": value => $user_default_project_id_attribute; - "${domain}::ldap/user_allow_create": value => $user_allow_create; - "${domain}::ldap/user_allow_update": value => $user_allow_update; - "${domain}::ldap/user_allow_delete": value => $user_allow_delete; - "${domain}::ldap/user_pass_attribute": value => $user_pass_attribute; - "${domain}::ldap/user_enabled_emulation": value => $user_enabled_emulation; - "${domain}::ldap/user_enabled_emulation_dn": value => $user_enabled_emulation_dn; - "${domain}::ldap/user_additional_attribute_mapping": value => $user_additional_attribute_mapping; - "${domain}::ldap/project_tree_dn": value => $project_tree_dn; - "${domain}::ldap/project_filter": value => $project_filter; - "${domain}::ldap/project_objectclass": value => $project_objectclass; - "${domain}::ldap/project_id_attribute": value => $project_id_attribute; - "${domain}::ldap/project_member_attribute": value => $project_member_attribute; - "${domain}::ldap/project_desc_attribute": value => $project_desc_attribute; - "${domain}::ldap/project_name_attribute": value => $project_name_attribute; - "${domain}::ldap/project_enabled_attribute": value => $project_enabled_attribute; - "${domain}::ldap/project_attribute_ignore": value => $project_attribute_ignore; - "${domain}::ldap/project_domain_id_attribute": value => $project_domain_id_attribute; - "${domain}::ldap/project_allow_create": value => $project_allow_create; - "${domain}::ldap/project_allow_update": value => $project_allow_update; - "${domain}::ldap/project_allow_delete": value => $project_allow_delete; - "${domain}::ldap/project_enabled_emulation": value => $project_enabled_emulation; - "${domain}::ldap/project_enabled_emulation_dn": value => $project_enabled_emulation_dn; - "${domain}::ldap/project_additional_attribute_mapping": value => $project_additional_attribute_mapping; - "${domain}::ldap/role_tree_dn": value => $role_tree_dn; - "${domain}::ldap/role_filter": value => $role_filter; - "${domain}::ldap/role_objectclass": value => $role_objectclass; - "${domain}::ldap/role_id_attribute": value => $role_id_attribute; - "${domain}::ldap/role_name_attribute": value => $role_name_attribute; - "${domain}::ldap/role_member_attribute": value => $role_member_attribute; - "${domain}::ldap/role_attribute_ignore": value => $role_attribute_ignore; - "${domain}::ldap/role_allow_create": value => $role_allow_create; - "${domain}::ldap/role_allow_update": value => $role_allow_update; - "${domain}::ldap/role_allow_delete": value => $role_allow_delete; - "${domain}::ldap/role_additional_attribute_mapping": value => $role_additional_attribute_mapping; - "${domain}::ldap/group_tree_dn": value => $group_tree_dn; - "${domain}::ldap/group_filter": value => $group_filter; - "${domain}::ldap/group_objectclass": value => $group_objectclass; - "${domain}::ldap/group_id_attribute": value => $group_id_attribute; - "${domain}::ldap/group_name_attribute": value => $group_name_attribute; - "${domain}::ldap/group_member_attribute": value => $group_member_attribute; - "${domain}::ldap/group_desc_attribute": value => $group_desc_attribute; - "${domain}::ldap/group_attribute_ignore": value => $group_attribute_ignore; - "${domain}::ldap/group_allow_create": value => $group_allow_create; - "${domain}::ldap/group_allow_update": value => $group_allow_update; - "${domain}::ldap/group_allow_delete": value => $group_allow_delete; - "${domain}::ldap/group_additional_attribute_mapping": value => $group_additional_attribute_mapping; - "${domain}::ldap/use_tls": value => $use_tls; - "${domain}::ldap/tls_cacertdir": value => $tls_cacertdir; - "${domain}::ldap/tls_cacertfile": value => $tls_cacertfile; - "${domain}::ldap/tls_req_cert": value => $tls_req_cert; - "${domain}::ldap/use_pool": value => $use_pool; - "${domain}::ldap/pool_size": value => $pool_size; - "${domain}::ldap/pool_retry_max": value => $pool_retry_max; - "${domain}::ldap/pool_retry_delay": value => $pool_retry_delay; - "${domain}::ldap/pool_connection_timeout": value => $pool_connection_timeout; - "${domain}::ldap/pool_connection_lifetime": value => $pool_connection_lifetime; - "${domain}::ldap/use_auth_pool": value => $use_auth_pool; - "${domain}::ldap/auth_pool_size": value => $auth_pool_size; - "${domain}::ldap/auth_pool_connection_lifetime": value => $auth_pool_connection_lifetime; - "${domain}::identity/driver": value => $identity_driver; - "${domain}::credential/driver": value => $credential_driver; - "${domain}::assignment/driver": value => $assignment_driver; - } -} diff --git a/keystone/manifests/logging.pp b/keystone/manifests/logging.pp deleted file mode 100644 index 37320a23b..000000000 --- a/keystone/manifests/logging.pp +++ /dev/null @@ -1,160 +0,0 @@ -# Class keystone::logging -# -# keystone logging configuration -# -# == parameters -# -# [*verbose*] -# (Optional) Should the daemons log verbose messages -# Defaults to $::os_service_default -# -# [*debug*] -# (Optional) Should the daemons log debug messages -# Defaults to $::os_service_default -# -# [*use_syslog*] -# (Optional) Use syslog for logging. -# Defaults to $::os_service_default -# -# [*use_stderr*] -# (optional) Use stderr for logging -# Defaults to $::os_service_default -# -# [*log_facility*] -# (Optional) Syslog facility to receive log lines. -# Defaults to $::os_service_default -# -# [*log_dir*] -# (optional) Directory where logs should be stored. -# If set to boolean false, it will not log to any directory. -# Defaults to '/var/log/keystone' -# -# [*log_file*] -# (optional) File where logs should be stored. -# Defaults to $::os_service_default -# -# [*logging_context_format_string*] -# (optional) Format string to use for log messages with context. -# Defaults to $::os_service_default -# Example: '%(asctime)s.%(msecs)03d %(process)d %(levelname)s %(name)s\ -# [%(request_id)s %(user_identity)s] %(instance)s%(message)s' -# -# [*logging_default_format_string*] -# (optional) Format string to use for log messages without context. -# Defaults to $::os_service_default -# Example: '%(asctime)s.%(msecs)03d %(process)d %(levelname)s %(name)s\ -# [-] %(instance)s%(message)s' -# -# [*logging_debug_format_suffix*] -# (optional) Formatted data to append to log format when level is DEBUG. -# Defaults to $::os_service_default -# Example: '%(funcName)s %(pathname)s:%(lineno)d' -# -# [*logging_exception_prefix*] -# (optional) Prefix each line of exception output with this format. -# Defaults to $::os_service_default -# Example: '%(asctime)s.%(msecs)03d %(process)d TRACE %(name)s %(instance)s' -# -# [*log_config_append*] -# The name of an additional logging configuration file. -# Defaults to $::os_service_default -# See https://docs.python.org/2/howto/logging.html -# -# [*default_log_levels*] -# (optional) Hash of logger (keys) and level (values) pairs. -# Defaults to $::os_service_default -# Example: -# { 'amqp' => 'WARN', 'amqplib' => 'WARN', 'boto' => 'WARN', -# 'qpid' => 'WARN', 'sqlalchemy' => 'WARN', 'suds' => 'INFO', -# 'oslo.messaging' => 'INFO', 'iso8601' => 'WARN', -# 'requests.packages.urllib3.connectionpool' => 'WARN', -# 'urllib3.connectionpool' => 'WARN', -# 'websocket' => 'WARN', 'keystonemiddleware' => 'WARN', -# 'routes.middleware' => 'WARN', stevedore => 'WARN' } -# -# [*publish_errors*] -# (optional) Publish error events (boolean value). -# Defaults to $::os_service_default -# -# [*fatal_deprecations*] -# (optional) Make deprecations fatal (boolean value) -# Defaults to $::os_service_default -# -# [*instance_format*] -# (optional) If an instance is passed with the log message, format it -# like this (string value). -# Defaults to $::os_service_default -# Example: '[instance: %(uuid)s] ' -# -# [*instance_uuid_format*] -# (optional) If an instance UUID is passed with the log message, format -# it like this (string value). -# Defaults to $::os_service_default -# Example: instance_uuid_format='[instance: %(uuid)s] ' -# -# [*log_date_format*] -# (optional) Format string for %%(asctime)s in log records. -# Defaults to $::os_service_default -# Example: 'Y-%m-%d %H:%M:%S' - -class keystone::logging( - $use_syslog = $::os_service_default, - $use_stderr = $::os_service_default, - $log_facility = $::os_service_default, - $log_dir = '/var/log/keystone', - $log_file = $::os_service_default, - $verbose = $::os_service_default, - $debug = $::os_service_default, - $logging_context_format_string = $::os_service_default, - $logging_default_format_string = $::os_service_default, - $logging_debug_format_suffix = $::os_service_default, - $logging_exception_prefix = $::os_service_default, - $log_config_append = $::os_service_default, - $default_log_levels = $::os_service_default, - $publish_errors = $::os_service_default, - $fatal_deprecations = $::os_service_default, - $instance_format = $::os_service_default, - $instance_uuid_format = $::os_service_default, - $log_date_format = $::os_service_default, -) { - - include ::keystone::deps - - # NOTE(spredzy): In order to keep backward compatibility we rely on the pick function - # to use keystone:: first then keystone::logging::. - $use_syslog_real = pick($::keystone::use_syslog,$use_syslog) - $use_stderr_real = pick($::keystone::use_stderr,$use_stderr) - $log_facility_real = pick($::keystone::log_facility,$log_facility) - $log_dir_real = pick($::keystone::log_dir,$log_dir) - $log_file_real = pick($::keystone::log_file,$log_file) - $verbose_real = pick($::keystone::verbose,$verbose) - $debug_real = pick($::keystone::debug,$debug) - - if is_service_default($default_log_levels) { - $default_log_levels_real = $default_log_levels - } else { - $default_log_levels_real = join(sort(join_keys_to_values($default_log_levels, '=')), ',') - } - - keystone_config { - 'DEFAULT/use_syslog' : value => $use_syslog_real; - 'DEFAULT/use_stderr' : value => $use_stderr_real; - 'DEFAULT/syslog_log_facility' : value => $log_facility_real; - 'DEFAULT/log_dir' : value => $log_dir_real; - 'DEFAULT/log_file': value => $log_file_real; - 'DEFAULT/verbose' : value => $verbose_real; - 'DEFAULT/debug' : value => $debug_real; - 'DEFAULT/default_log_levels' : value => $default_log_levels_real; - 'DEFAULT/logging_context_format_string' : value => $logging_context_format_string; - 'DEFAULT/logging_default_format_string' : value => $logging_default_format_string; - 'DEFAULT/logging_debug_format_suffix' : value => $logging_debug_format_suffix; - 'DEFAULT/logging_exception_prefix' : value => $logging_exception_prefix; - 'DEFAULT/log_config_append' : value => $log_config_append; - 'DEFAULT/publish_errors' : value => $publish_errors; - 'DEFAULT/fatal_deprecations' : value => $fatal_deprecations; - 'DEFAULT/instance_format' : value => $instance_format; - 'DEFAULT/instance_uuid_format' : value => $instance_uuid_format; - 'DEFAULT/log_date_format' : value => $log_date_format; - } - -} diff --git a/keystone/manifests/params.pp b/keystone/manifests/params.pp deleted file mode 100644 index f8c14f699..000000000 --- a/keystone/manifests/params.pp +++ /dev/null @@ -1,39 +0,0 @@ -# -# This class contains the platform differences for keystone -# -class keystone::params { - $client_package_name = 'python-keystone' - $keystone_user = 'keystone' - $keystone_group = 'keystone' - $keystone_wsgi_admin_script_path = '/usr/bin/keystone-wsgi-admin' - $keystone_wsgi_public_script_path = '/usr/bin/keystone-wsgi-public' - case $::osfamily { - 'Debian': { - $package_name = 'keystone' - $service_name = 'keystone' - $keystone_wsgi_script_path = '/usr/lib/cgi-bin/keystone' - $python_memcache_package_name = 'python-memcache' - $sqlite_package_name = 'python-pysqlite2' - $pymysql_package_name = 'python-pymysql' - $mellon_package_name = 'libapache2-mod-auth-mellon' - case $::operatingsystem { - 'Debian': { - $service_provider = undef - } - default: { - $service_provider = 'upstart' - } - } - } - 'RedHat': { - $package_name = 'openstack-keystone' - $service_name = 'openstack-keystone' - $keystone_wsgi_script_path = '/var/www/cgi-bin/keystone' - $python_memcache_package_name = 'python-memcached' - $sqlite_package_name = undef - $service_provider = undef - $pymysql_package_name = undef - $mellon_package_name = 'mod_auth_mellon' - } - } -} diff --git a/keystone/manifests/policy.pp b/keystone/manifests/policy.pp deleted file mode 100644 index 65e2f301d..000000000 --- a/keystone/manifests/policy.pp +++ /dev/null @@ -1,41 +0,0 @@ -# == Class: keystone::policy -# -# Configure the keystone policies -# -# === Parameters -# -# [*policies*] -# (optional) Set of policies to configure for keystone -# Example : -# { -# 'keystone-context_is_admin' => { -# 'key' => 'context_is_admin', -# 'value' => 'true' -# }, -# 'keystone-default' => { -# 'key' => 'default', -# 'value' => 'rule:admin_or_owner' -# } -# } -# Defaults to empty hash. -# -# [*policy_path*] -# (optional) Path to the nova policy.json file -# Defaults to /etc/keystone/policy.json -# -class keystone::policy ( - $policies = {}, - $policy_path = '/etc/keystone/policy.json', -) { - - include ::keystone::deps - - validate_hash($policies) - - Openstacklib::Policy::Base { - file_path => $policy_path, - } - - create_resources('openstacklib::policy::base', $policies) - -} diff --git a/keystone/manifests/python.pp b/keystone/manifests/python.pp deleted file mode 100644 index a46a018e3..000000000 --- a/keystone/manifests/python.pp +++ /dev/null @@ -1,21 +0,0 @@ -# == Class keystone::python -# -# installs client python libraries for keystone -# -# === Parameters: -# -# [*client_package_name*] -# (optional) The name of python keystone client package -# Defaults to $keystone::params::client_package_name -# -# [*ensure*] -# (optional) The state for the keystone client package -# Defaults to 'present' -# -class keystone::python ( - $client_package_name = $keystone::params::client_package_name, - $ensure = 'present' -) inherits keystone::params { - - warning('This class is deprecated, has no effect, and will be removed in Newton') -} diff --git a/keystone/manifests/resource/authtoken.pp b/keystone/manifests/resource/authtoken.pp deleted file mode 100644 index a67be9541..000000000 --- a/keystone/manifests/resource/authtoken.pp +++ /dev/null @@ -1,255 +0,0 @@ -# == Definition: keystone::resource::authtoken -# -# This resource configures Keystone authentication resources for an OpenStack -# service. It will manage the [keystone_authtoken] section in the given -# config resource. It supports all of the authentication parameters specified -# at http://www.jamielennox.net/blog/2015/02/17/loading-authentication-plugins/ -# with the addition of the default domain for user and project. -# -# The username and project_name parameters may be given in the form -# "name::domainname". The authtoken resource will use the domains in -# the following order: -# 1) The given domain parameter (user_domain_name or project_domain_name) -# 2) The domain given as the "::domainname" part of username or project_name -# 3) The default_domain_name -# -# For example, instead of doing this:: -# -# glance_api_config { -# 'keystone_authtoken/admin_tenant_name': value => $keystone_tenant; -# 'keystone_authtoken/admin_user' : value => $keystone_user; -# 'keystone_authtoken/admin_password' : value => $keystone_password; -# secret => true; -# ... -# } -# -# manifests should do this instead:: -# -# keystone::resource::authtoken { 'glance_api_config': -# username => $keystone_user, -# password => $keystone_password, -# auth_url => $real_identity_uri, -# project_name => $keystone_tenant, -# user_domain_name => $keystone_user_domain, -# project_domain_name => $keystone_project_domain, -# default_domain_name => $keystone_default_domain, -# cacert => $ca_file, -# ... -# } -# -# The use of `keystone::resource::authtoken` makes it easy to avoid mistakes, -# and makes it easier to support some of the newer authentication types coming -# with Keystone Kilo and later, such as Kerberos, Federation, etc. -# -# == Parameters: -# -# [*name*] -# The name of the resource corresponding to the config file. For example, -# keystone::resource::authtoken { 'glance_api_config': ... } -# Where 'glance_api_config' is the name of the resource used to manage -# the glance api configuration. -# string; required -# -# [*username*] -# The name of the service user; -# string; required -# -# [*password*] -# Password to create for the service user; -# string; required -# -# [*auth_url*] -# The URL to use for authentication. -# string; required -# -# [*auth_plugin*] -# The plugin to use for authentication. -# string; optional: default to 'password' -# -# [*user_id*] -# The ID of the service user; -# string; optional: default to undef -# -# [*user_domain_name*] -# (Optional) Name of domain for $username -# Defaults to undef -# -# [*user_domain_id*] -# (Optional) ID of domain for $username -# Defaults to undef -# -# [*project_name*] -# Service project name; -# string; optional: default to undef -# -# [*project_id*] -# Service project ID; -# string; optional: default to undef -# -# [*project_domain_name*] -# (Optional) Name of domain for $project_name -# Defaults to undef -# -# [*project_domain_id*] -# (Optional) ID of domain for $project_name -# Defaults to undef -# -# [*domain_name*] -# (Optional) Use this for auth to obtain a domain-scoped token. -# If using this option, do not specify $project_name or $project_id. -# Defaults to undef -# -# [*domain_id*] -# (Optional) Use this for auth to obtain a domain-scoped token. -# If using this option, do not specify $project_name or $project_id. -# Defaults to undef -# -# [*default_domain_name*] -# (Optional) Name of domain for $username and $project_name -# If user_domain_name is not specified, use $default_domain_name -# If project_domain_name is not specified, use $default_domain_name -# Defaults to undef -# -# [*default_domain_id*] -# (Optional) ID of domain for $user_id and $project_id -# If user_domain_id is not specified, use $default_domain_id -# If project_domain_id is not specified, use $default_domain_id -# Defaults to undef -# -# [*trust_id*] -# (Optional) Trust ID -# Defaults to undef -# -# [*cacert*] -# (Optional) CA certificate file for TLS (https) -# Defaults to undef -# -# [*cert*] -# (Optional) Certificate file for TLS (https) -# Defaults to undef -# -# [*key*] -# (Optional) Key file for TLS (https) -# Defaults to undef -# -# [*insecure*] -# If true, explicitly allow TLS without checking server cert against any -# certificate authorities. WARNING: not recommended. Use with caution. -# boolean; Defaults to false (which means be secure) -# -define keystone::resource::authtoken( - $username, - $password, - $auth_url, - $auth_plugin = 'password', - $user_id = undef, - $user_domain_name = undef, - $user_domain_id = undef, - $project_name = undef, - $project_id = undef, - $project_domain_name = undef, - $project_domain_id = undef, - $domain_name = undef, - $domain_id = undef, - $default_domain_name = undef, - $default_domain_id = undef, - $trust_id = undef, - $cacert = undef, - $cert = undef, - $key = undef, - $insecure = false, -) { - - include ::keystone::deps - - if !$project_name and !$project_id and !$domain_name and !$domain_id { - fail('Must specify either a project (project_name or project_id, for a project scoped token) or a domain (domain_name or domain_id, for a domain scoped token)') - } - - if ($project_name or $project_id) and ($domain_name or $domain_id) { - fail('Cannot specify both a project (project_name or project_id) and a domain (domain_name or domain_id)') - } - - $user_and_domain_array = split($username, '::') - $real_username = $user_and_domain_array[0] - $real_user_domain_name = pick($user_domain_name, $user_and_domain_array[1], $default_domain_name, '__nodomain__') - - $project_and_domain_array = split($project_name, '::') - $real_project_name = $project_and_domain_array[0] - $real_project_domain_name = pick($project_domain_name, $project_and_domain_array[1], $default_domain_name, '__nodomain__') - - create_resources($name, {'keystone_authtoken/auth_plugin' => {'value' => $auth_plugin}}) - create_resources($name, {'keystone_authtoken/auth_url' => {'value' => $auth_url}}) - create_resources($name, {'keystone_authtoken/username' => {'value' => $real_username}}) - create_resources($name, {'keystone_authtoken/password' => {'value' => $password, 'secret' => true}}) - if $user_id { - create_resources($name, {'keystone_authtoken/user_id' => {'value' => $user_id}}) - } else { - create_resources($name, {'keystone_authtoken/user_id' => {'ensure' => 'absent'}}) - } - if $real_user_domain_name == '__nodomain__' { - create_resources($name, {'keystone_authtoken/user_domain_name' => {'ensure' => 'absent'}}) - } else { - create_resources($name, {'keystone_authtoken/user_domain_name' => {'value' => $real_user_domain_name}}) - } - if $user_domain_id { - create_resources($name, {'keystone_authtoken/user_domain_id' => {'value' => $user_domain_id}}) - } elsif $default_domain_id { - create_resources($name, {'keystone_authtoken/user_domain_id' => {'value' => $default_domain_id}}) - } else { - create_resources($name, {'keystone_authtoken/user_domain_id' => {'ensure' => 'absent'}}) - } - if $project_name { - create_resources($name, {'keystone_authtoken/project_name' => {'value' => $real_project_name}}) - } else { - create_resources($name, {'keystone_authtoken/project_name' => {'ensure' => 'absent'}}) - } - if $project_id { - create_resources($name, {'keystone_authtoken/project_id' => {'value' => $project_id}}) - } else { - create_resources($name, {'keystone_authtoken/project_id' => {'ensure' => 'absent'}}) - } - if $real_project_domain_name == '__nodomain__' { - create_resources($name, {'keystone_authtoken/project_domain_name' => {'ensure' => 'absent'}}) - } else { - create_resources($name, {'keystone_authtoken/project_domain_name' => {'value' => $real_project_domain_name}}) - } - if $project_domain_id { - create_resources($name, {'keystone_authtoken/project_domain_id' => {'value' => $project_domain_id}}) - } elsif $default_domain_id { - create_resources($name, {'keystone_authtoken/project_domain_id' => {'value' => $default_domain_id}}) - } else { - create_resources($name, {'keystone_authtoken/project_domain_id' => {'ensure' => 'absent'}}) - } - if $domain_name { - create_resources($name, {'keystone_authtoken/domain_name' => {'value' => $domain_name}}) - } else { - create_resources($name, {'keystone_authtoken/domain_name' => {'ensure' => 'absent'}}) - } - if $domain_id { - create_resources($name, {'keystone_authtoken/domain_id' => {'value' => $domain_id}}) - } else { - create_resources($name, {'keystone_authtoken/domain_id' => {'ensure' => 'absent'}}) - } - if $trust_id { - create_resources($name, {'keystone_authtoken/trust_id' => {'value' => $trust_id}}) - } else { - create_resources($name, {'keystone_authtoken/trust_id' => {'ensure' => 'absent'}}) - } - if $cacert { - create_resources($name, {'keystone_authtoken/cacert' => {'value' => $cacert}}) - } else { - create_resources($name, {'keystone_authtoken/cacert' => {'ensure' => 'absent'}}) - } - if $cert { - create_resources($name, {'keystone_authtoken/cert' => {'value' => $cert}}) - } else { - create_resources($name, {'keystone_authtoken/cert' => {'ensure' => 'absent'}}) - } - if $key { - create_resources($name, {'keystone_authtoken/key' => {'value' => $key}}) - } else { - create_resources($name, {'keystone_authtoken/key' => {'ensure' => 'absent'}}) - } - create_resources($name, {'keystone_authtoken/insecure' => {'value' => $insecure}}) -} diff --git a/keystone/manifests/resource/service_identity.pp b/keystone/manifests/resource/service_identity.pp deleted file mode 100644 index 906401f9a..000000000 --- a/keystone/manifests/resource/service_identity.pp +++ /dev/null @@ -1,216 +0,0 @@ -# -# Copyright (C) 2014 eNovance SAS -# -# Author: Emilien Macchi -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. You may obtain -# a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the -# License for the specific language governing permissions and limitations -# under the License. -# -# == Definition: keystone::resource::service_identity -# -# This resource configures Keystone resources for an OpenStack service. -# -# == Parameters: -# -# [*ensure*] -# Ensure parameter for the types used in resource. -# string; optional: default to 'present' -# -# [*password*] -# Password to create for the service user; -# string; required -# -# [*auth_name*] -# The name of the service user; -# string; optional; default to the $title of the resource, i.e. 'nova' -# -# [*service_name*] -# Name of the service; -# string; required -# -# [*service_type*] -# Type of the service; -# string; required -# -# [*service_description*] -# Description of the service; -# string; optional: default to '$name service' -# -# [*public_url*] -# Public endpoint URL; -# string; required -# -# [*internal_url*] -# Internal endpoint URL; -# string; required -# -# [*admin_url*] -# Admin endpoint URL; -# string; required -# -# [*region*] -# Endpoint region; -# string; optional: default to 'RegionOne' -# -# [*tenant*] -# Service tenant; -# string; optional: default to 'services' -# -# [*ignore_default_tenant*] -# Ignore setting the default tenant value when the user is created. -# string; optional: default to false -# -# [*roles*] -# List of roles; -# string; optional: default to ['admin'] -# -# [*email*] -# Service email; -# string; optional: default to '$auth_name@localhost' -# -# [*configure_endpoint*] -# Whether to create the endpoint. -# string; optional: default to True -# -# [*configure_user*] -# Whether to create the user. -# string; optional: default to True -# -# [*configure_user_role*] -# Whether to create the user role. -# string; optional: default to True -# -# [*configure_service*] -# Whether to create the service. -# string; optional: default to True -# -# [*user_domain*] -# (Optional) Domain for $auth_name -# Defaults to undef (use the keystone server default domain) -# -# [*project_domain*] -# (Optional) Domain for $tenant (project) -# Defaults to undef (use the keystone server default domain) -# -# [*default_domain*] -# (Optional) Domain for $auth_name and $tenant (project) -# If keystone_user_domain is not specified, use $keystone_default_domain -# If keystone_project_domain is not specified, use $keystone_default_domain -# Defaults to undef -# -define keystone::resource::service_identity( - $ensure = 'present', - $admin_url = false, - $internal_url = false, - $password = false, - $public_url = false, - $service_type = false, - $auth_name = $name, - $configure_endpoint = true, - $configure_user = true, - $configure_user_role = true, - $configure_service = true, - $email = "${name}@localhost", - $region = 'RegionOne', - $service_name = undef, - $service_description = "${name} service", - $tenant = 'services', - $ignore_default_tenant = false, - $roles = ['admin'], - $user_domain = undef, - $project_domain = undef, - $default_domain = undef, -) { - - include ::keystone::deps - - validate_re($ensure, ['^present$', '^absent$'], 'Valid values for ensure parameter are present or absent') - - if $service_name == undef { - $service_name_real = $auth_name - } else { - $service_name_real = $service_name - } - - if $user_domain == undef { - $user_domain_real = $default_domain - } else { - $user_domain_real = $user_domain - } - - if $configure_user { - if $user_domain_real { - # We have to use ensure_resource here and hope for the best, because we have - # no way to know if the $user_domain is the same domain passed as the - # $default_domain parameter to class keystone. - ensure_resource('keystone_domain', $user_domain_real, { - 'ensure' => $ensure, - 'enabled' => true, - }) - } - ensure_resource('keystone_user', $auth_name, { - 'ensure' => $ensure, - 'enabled' => true, - 'password' => $password, - 'email' => $email, - 'domain' => $user_domain_real, - }) - if ! $password { - warning("No password had been set for ${auth_name} user.") - } - } - - if $configure_user_role { - ensure_resource('keystone_user_role', "${auth_name}@${tenant}", { - 'ensure' => $ensure, - 'roles' => $roles, - }) - } - - if $configure_service { - if $service_type { - ensure_resource('keystone_service', "${service_name_real}::${service_type}", { - 'ensure' => $ensure, - 'description' => $service_description, - }) - } else { - fail ('When configuring a service, you need to set the service_type parameter.') - } - } - - if $configure_endpoint { - if $service_type { - if $public_url and $admin_url and $internal_url { - ensure_resource('keystone_endpoint', "${region}/${service_name_real}::${service_type}", { - 'ensure' => $ensure, - 'public_url' => $public_url, - 'admin_url' => $admin_url, - 'internal_url' => $internal_url, - }) - } else { - fail ('When configuring an endpoint, you need to set the _url parameters.') - } - } else { - if $public_url and $admin_url and $internal_url { - ensure_resource('keystone_endpoint', "${region}/${service_name_real}", { - 'ensure' => $ensure, - 'public_url' => $public_url, - 'admin_url' => $admin_url, - 'internal_url' => $internal_url, - }) - } else { - fail ('When configuring an endpoint, you need to set the _url parameters.') - } - warning('Defining a endpoint without the type is supported in Liberty and will be dropped in Mitaka. See https://bugs.launchpad.net/puppet-keystone/+bug/1506996') - } - } -} diff --git a/keystone/manifests/roles/admin.pp b/keystone/manifests/roles/admin.pp deleted file mode 100644 index e632b07d7..000000000 --- a/keystone/manifests/roles/admin.pp +++ /dev/null @@ -1,136 +0,0 @@ -# == Class: keystone::roles::admin -# -# This class implements some reasonable admin defaults for keystone. -# -# It creates the following keystone objects: -# * service tenant (tenant used by all service users) -# * "admin" tenant (defaults to "openstack") -# * admin user (that defaults to the "admin" tenant) -# * admin role -# * adds admin role to admin user on the "admin" tenant -# -# === Parameters: -# -# [*email*] -# The email address for the admin. Required. -# -# [*password*] -# The admin password. Required. -# -# [*admin_roles*] -# The list of the roles with admin privileges. Optional. -# Defaults to ['admin']. -# -# [*admin_tenant*] -# The name of the tenant to be used for admin privileges. Optional. -# Defaults to openstack. -# -# [*service_tenant*] -# The name of service keystone tenant. Optional. -# Defaults to 'services'. -# -# [*admin*] -# Admin user. Optional. -# Defaults to admin. -# -# [*admin_tenant_desc*] -# Optional. Description for admin tenant, -# Defaults to 'admin tenant' -# -# [*service_tenant_desc*] -# Optional. Description for admin tenant, -# Defaults to 'Tenant for the openstack services' -# -# [*configure_user*] -# Optional. Should the admin user be created? -# Defaults to 'true'. -# -# [*configure_user_role*] -# Optional. Should the admin role be configured for the admin user? -# Defaults to 'true'. -# -# [*admin_user_domain*] -# Optional. Domain of the admin user -# Defaults to undef (undef will resolve to class keystone $default_domain) -# -# [*admin_project_domain*] -# Optional. Domain of the admin tenant -# Defaults to undef (undef will resolve to class keystone $default_domain) -# -# [*service_project_domain*] -# Optional. Domain for $service_tenant -# Defaults to undef (undef will resolve to class keystone $default_domain) -# -# == Dependencies -# == Examples -# == Authors -# -# Dan Bode dan@puppetlabs.com -# -# == Copyright -# -# Copyright 2012 Puppetlabs Inc, unless otherwise noted. -# -class keystone::roles::admin( - $email, - $password, - $admin = 'admin', - $admin_tenant = 'openstack', - $admin_roles = ['admin'], - $service_tenant = 'services', - $admin_tenant_desc = 'admin tenant', - $service_tenant_desc = 'Tenant for the openstack services', - $configure_user = true, - $configure_user_role = true, - $admin_user_domain = undef, - $admin_project_domain = undef, - $service_project_domain = undef, -) { - - include ::keystone::deps - - $domains = unique(delete_undef_values([ $admin_user_domain, $admin_project_domain, $service_project_domain])) - keystone_domain { $domains: - ensure => present, - enabled => true, - } - - keystone_tenant { $service_tenant: - ensure => present, - enabled => true, - description => $service_tenant_desc, - domain => $service_project_domain, - } - - keystone_tenant { $admin_tenant: - ensure => present, - enabled => true, - description => $admin_tenant_desc, - domain => $admin_project_domain, - } - - keystone_role { 'admin': - ensure => present, - } - - if $configure_user { - keystone_user { $admin: - ensure => present, - enabled => true, - email => $email, - password => $password, - domain => $admin_user_domain, - } - } - - if $configure_user_role { - keystone_user_role { "${admin}@${admin_tenant}": - ensure => present, - user_domain => $admin_user_domain, - project_domain => $admin_project_domain, - roles => $admin_roles, - } - Keystone_user_role["${admin}@${admin_tenant}"] -> File<| tag == 'openrc' |> - } - -} diff --git a/keystone/manifests/service.pp b/keystone/manifests/service.pp deleted file mode 100644 index 974baeec0..000000000 --- a/keystone/manifests/service.pp +++ /dev/null @@ -1,121 +0,0 @@ -# == Class keystone::service -# -# Encapsulates the keystone service to a class. -# This allows resources that require keystone to -# require this class, which can optionally -# validate that the service can actually accept -# connections. -# -# === Parameters -# -# [*ensure*] -# (optional) The desired state of the keystone service -# Defaults to undef -# -# [*service_name*] -# (optional) The name of the keystone service -# Defaults to $::keystone::params::service_name -# -# [*enable*] -# (optional) Whether to enable the keystone service -# Defaults to true -# -# [*hasstatus*] -# (optional) Whether the keystone service has status -# Defaults to true -# -# [*hasrestart*] -# (optional) Whether the keystone service has restart -# Defaults to true -# -# [*provider*] -# (optional) Provider for keystone service -# Defaults to $::keystone::params::service_provider -# -# [*validate*] -# (optional) Whether to validate the service is working after any service refreshes -# Defaults to false -# -# [*admin_token*] -# (optional) The admin token to use for validation -# Defaults to undef -# -# [*admin_endpoint*] -# (optional) The admin endpont to use for validation -# Defaults to 'http://localhost:35357/v2.0' -# -# [*retries*] -# (optional) Number of times to retry validation -# Defaults to 10 -# -# [*delay*] -# (optional) Number of seconds between validation attempts -# Defaults to 2 -# -# [*insecure*] -# (optional) Whether to validate keystone connections -# using the --insecure option with keystone client. -# Defaults to false -# -# [*cacert*] -# (optional) Whether to validate keystone connections -# using the specified argument with the --os-cacert option -# with keystone client. -# Defaults to undef -# -class keystone::service( - $ensure = undef, - $service_name = $::keystone::params::service_name, - $enable = true, - $hasstatus = true, - $hasrestart = true, - $provider = $::keystone::params::service_provider, - $validate = false, - $admin_token = undef, - $admin_endpoint = 'http://localhost:35357/v2.0', - $retries = 10, - $delay = 2, - $insecure = false, - $cacert = undef, -) { - - include ::keystone::deps - include ::keystone::params - - service { 'keystone': - ensure => $ensure, - name => $service_name, - enable => $enable, - hasstatus => $hasstatus, - hasrestart => $hasrestart, - provider => $provider, - tag => 'keystone-service', - } - - if $insecure { - $insecure_s = '--insecure' - } else { - $insecure_s = '' - } - - if $cacert { - $cacert_s = "--os-cacert ${cacert}" - } else { - $cacert_s = '' - } - - if $validate and $admin_token and $admin_endpoint { - $cmd = "openstack --os-auth-url ${admin_endpoint} --os-token ${admin_token} ${insecure_s} ${cacert_s} user list" - $catch = 'name' - exec { 'validate_keystone_connection': - path => '/usr/bin:/bin:/usr/sbin:/sbin', - provider => shell, - command => $cmd, - subscribe => Service['keystone'], - refreshonly => true, - tries => $retries, - try_sleep => $delay, - notify => Anchor['keystone::service::end'], - } - } -} diff --git a/keystone/manifests/wsgi/apache.pp b/keystone/manifests/wsgi/apache.pp deleted file mode 100644 index a0601d162..000000000 --- a/keystone/manifests/wsgi/apache.pp +++ /dev/null @@ -1,367 +0,0 @@ -# -# Class to serve keystone with apache mod_wsgi in place of keystone service -# -# Serving keystone from apache is the recommended way to go for production -# systems as the current keystone implementation is not multi-processor aware, -# thus limiting the performance for concurrent accesses. -# -# See the following URIs for reference: -# https://etherpad.openstack.org/havana-keystone-performance -# http://adam.younglogic.com/2012/03/keystone-should-move-to-apache-httpd/ -# -# When using this class you should disable your keystone service. -# -# == Parameters -# -# [*servername*] -# The servername for the virtualhost. -# Optional. Defaults to $::fqdn -# -# [*public_port*] -# The public port. -# Optional. Defaults to 5000 -# -# [*admin_port*] -# The admin port. -# Optional. Defaults to 35357 -# -# [*bind_host*] -# The host/ip address Apache will listen on. -# Optional. Defaults to undef (listen on all ip addresses). -# -# [*admin_bind_host*] -# The host/ip address Apache will listen on for admin API connections. -# Optional. Defaults to undef or bind_host if only that setting is used. -# -# [*public_path*] -# The prefix for the public endpoint. -# Optional. Defaults to '/' -# -# [*admin_path*] -# The prefix for the admin endpoint. -# Optional. Defaults to '/' -# -# [*ssl*] -# Use ssl ? (boolean) -# Optional. Defaults to true -# -# [*workers*] -# Number of WSGI workers to spawn. -# Optional. Defaults to 1 -# -# [*ssl_cert*] -# (optional) Path to SSL certificate -# Default to apache::vhost 'ssl_*' defaults. -# -# [*ssl_key*] -# (optional) Path to SSL key -# Default to apache::vhost 'ssl_*' defaults. -# -# [*ssl_chain*] -# (optional) SSL chain -# Default to apache::vhost 'ssl_*' defaults. -# -# [*ssl_ca*] -# (optional) Path to SSL certificate authority -# Default to apache::vhost 'ssl_*' defaults. -# -# [*ssl_crl_path*] -# (optional) Path to SSL certificate revocation list -# Default to apache::vhost 'ssl_*' defaults. -# -# [*ssl_crl*] -# (optional) SSL certificate revocation list name -# Default to apache::vhost 'ssl_*' defaults. -# -# [*ssl_certs_dir*] -# apache::vhost ssl parameters. -# Optional. Default to apache::vhost 'ssl_*' defaults. -# -# [*priority*] -# (optional) The priority for the vhost. -# Defaults to '10' -# -# [*threads*] -# (optional) The number of threads for the vhost. -# Defaults to $::processorcount -# -# [*wsgi_application_group*] -# (optional) The application group of the WSGI script. -# Defaults to '%{GLOBAL}' -# -# [*wsgi_pass_authorization*] -# (optional) Whether HTTP authorisation headers are passed through to a WSGI -# script when the equivalent HTTP request headers are present. -# Defaults to 'On' -# -# [*wsgi_script_ensure*] -# (optional) File ensure parameter for wsgi scripts. -# Defaults to undef. -# -# [*wsgi_admin_script_source*] -# (optional) Wsgi script source for the admin endpoint. If set to undef -# $::keystone::params::keystone_wsgi_admin_script_path is used. This source -# is copied to the apache cgi-bin path as keystone-admin. -# Defaults to undef. -# -# [*wsgi_public_script_source*] -# (optional) Wsgi script source for the public endpoint. If set to undef -# $::keystone::params::keystone_wsgi_public_script_path is used. This source -# is copied to the apache cgi-bin path as keystone-admin. -# Defaults to undef. -# -# [*access_log_format*] -# The log format for the virtualhost. -# Optional. Defaults to false. -# -# [*headers*] -# (optional) Headers for the vhost. -# Defaults to undef. -# -# [*vhost_custom_fragment*] -# (optional) Passes a string of custom configuration -# directives to be placed at the end of the vhost configuration. -# Defaults to undef. -# -# [*wsgi_chunked_request*] -# (optional) apache::vhost wsgi_chunked_request parameter. -# Defaults to undef -# -# DEPRECATED OPTIONS -# -# [*wsgi_script_source*] -# (optional) Wsgi script source. -# Defaults to undef. -# -# == Dependencies -# -# requires Class['apache'] & Class['keystone'] -# -# == Examples -# -# include apache -# -# class { 'keystone::wsgi::apache': } -# -# == Note about ports & paths -# -# When using same port for both endpoints (443 anyone ?), you *MUST* use two -# different public_path & admin_path ! -# -# == Authors -# -# Francois Charlier -# -# == Copyright -# -# Copyright 2013 eNovance -# -class keystone::wsgi::apache ( - $servername = $::fqdn, - $public_port = 5000, - $admin_port = 35357, - $bind_host = undef, - $admin_bind_host = undef, - $public_path = '/', - $admin_path = '/', - $ssl = true, - $workers = 1, - $ssl_cert = undef, - $ssl_key = undef, - $ssl_chain = undef, - $ssl_ca = undef, - $ssl_crl_path = undef, - $ssl_crl = undef, - $ssl_certs_dir = undef, - $threads = $::processorcount, - $priority = '10', - $wsgi_application_group = '%{GLOBAL}', - $wsgi_pass_authorization = 'On', - $wsgi_chunked_request = undef, - $wsgi_admin_script_source = undef, - $wsgi_public_script_source = undef, - $wsgi_script_ensure = undef, - $access_log_format = false, - $headers = undef, - $vhost_custom_fragment = undef, - #DEPRECATED - $wsgi_script_source = undef, -) { - - include ::keystone::deps - include ::keystone::params - include ::apache - include ::apache::mod::wsgi - if $ssl { - include ::apache::mod::ssl - } - - # The httpd package is untagged, but needs to have ordering enforced, - # so handle it here rather than in the deps class. - Anchor['keystone::install::begin'] - -> Package['httpd'] - -> Anchor['keystone::install::end'] - - # Configure apache during the config phase - Anchor['keystone::config::begin'] - -> Apache::Vhost<||> - ~> Anchor['keystone::config::end'] - - # Start the service during the service phase - Anchor['keystone::service::begin'] - -> Service['httpd'] - -> Anchor['keystone::service::end'] - - # Notify the service when config changes - Anchor['keystone::config::end'] - ~> Service['httpd'] - - ## Sanitize parameters - - # Ensure there's no trailing '/' except if this is also the only character - $public_path_real = regsubst($public_path, '(^/.*)/$', '\1') - # Ensure there's no trailing '/' except if this is also the only character - $admin_path_real = regsubst($admin_path, '(^/.*)/$', '\1') - - if $public_port == $admin_port and $public_path_real == $admin_path_real { - fail('When using the same port for public & private endpoints, public_path and admin_path should be different.') - } - - file { $::keystone::params::keystone_wsgi_script_path: - ensure => directory, - owner => 'keystone', - group => 'keystone', - mode => '0755', - require => Anchor['keystone::install::end'], - } - - - $wsgi_file_target = $wsgi_script_ensure ? { - 'link' => 'target', - default => 'source' - } - - $wsgi_file_defaults = { - 'ensure' => $wsgi_script_ensure, - 'owner' => 'keystone', - 'group' => 'keystone', - 'mode' => '0644', - 'require' => File[$::keystone::params::keystone_wsgi_script_path], - } - - if $wsgi_script_source { - warning('The single wsgi script source has been deprecated as part of the Mitaka cycle, please switch to $wsgi_admin_script_source and $wsgi_public_script_source') - $wsgi_admin_source = $wsgi_script_source - $wsgi_public_source = $wsgi_script_source - } else { - $wsgi_admin_source = $::keystone::params::keystone_wsgi_admin_script_path - $wsgi_public_source = $::keystone::params::keystone_wsgi_public_script_path - } - - $wsgi_files = { - 'keystone_wsgi_admin' => { - 'path' => "${::keystone::params::keystone_wsgi_script_path}/keystone-admin", - "${wsgi_file_target}" => $wsgi_admin_source, - }, - 'keystone_wsgi_main' => { - 'path' => "${::keystone::params::keystone_wsgi_script_path}/keystone-public", - "${wsgi_file_target}" => $wsgi_public_source, - }, - } - - create_resources('file', $wsgi_files, $wsgi_file_defaults) - - $wsgi_daemon_process_options_main = { - user => 'keystone', - group => 'keystone', - processes => $workers, - threads => $threads, - display-name => 'keystone-main', - } - - $wsgi_daemon_process_options_admin = { - user => 'keystone', - group => 'keystone', - processes => $workers, - threads => $threads, - display-name => 'keystone-admin', - } - - $wsgi_script_aliases_main = hash([$public_path_real,"${::keystone::params::keystone_wsgi_script_path}/keystone-public"]) - $wsgi_script_aliases_admin = hash([$admin_path_real, "${::keystone::params::keystone_wsgi_script_path}/keystone-admin"]) - - if $public_port == $admin_port { - $wsgi_script_aliases_main_real = merge($wsgi_script_aliases_main, $wsgi_script_aliases_admin) - } else { - $wsgi_script_aliases_main_real = $wsgi_script_aliases_main - } - - if $admin_bind_host { - $real_admin_bind_host = $admin_bind_host - } else { - # backwards compat before we had admin_bind_host - $real_admin_bind_host = $bind_host - } - - ::apache::vhost { 'keystone_wsgi_main': - ensure => 'present', - servername => $servername, - ip => $bind_host, - port => $public_port, - docroot => $::keystone::params::keystone_wsgi_script_path, - docroot_owner => 'keystone', - docroot_group => 'keystone', - priority => $priority, - ssl => $ssl, - ssl_cert => $ssl_cert, - ssl_key => $ssl_key, - ssl_chain => $ssl_chain, - ssl_ca => $ssl_ca, - ssl_crl_path => $ssl_crl_path, - ssl_crl => $ssl_crl, - ssl_certs_dir => $ssl_certs_dir, - wsgi_daemon_process => 'keystone_main', - wsgi_daemon_process_options => $wsgi_daemon_process_options_main, - wsgi_process_group => 'keystone_main', - wsgi_script_aliases => $wsgi_script_aliases_main_real, - wsgi_application_group => $wsgi_application_group, - wsgi_pass_authorization => $wsgi_pass_authorization, - headers => $headers, - custom_fragment => $vhost_custom_fragment, - wsgi_chunked_request => $wsgi_chunked_request, - require => File['keystone_wsgi_main'], - access_log_format => $access_log_format, - } - - if $public_port != $admin_port { - ::apache::vhost { 'keystone_wsgi_admin': - ensure => 'present', - servername => $servername, - ip => $real_admin_bind_host, - port => $admin_port, - docroot => $::keystone::params::keystone_wsgi_script_path, - docroot_owner => 'keystone', - docroot_group => 'keystone', - priority => $priority, - ssl => $ssl, - ssl_cert => $ssl_cert, - ssl_key => $ssl_key, - ssl_chain => $ssl_chain, - ssl_ca => $ssl_ca, - ssl_crl_path => $ssl_crl_path, - ssl_crl => $ssl_crl, - ssl_certs_dir => $ssl_certs_dir, - wsgi_daemon_process => 'keystone_admin', - wsgi_daemon_process_options => $wsgi_daemon_process_options_admin, - wsgi_process_group => 'keystone_admin', - wsgi_script_aliases => $wsgi_script_aliases_admin, - wsgi_application_group => $wsgi_application_group, - wsgi_pass_authorization => $wsgi_pass_authorization, - headers => $headers, - custom_fragment => $vhost_custom_fragment, - wsgi_chunked_request => $wsgi_chunked_request, - require => File['keystone_wsgi_admin'], - access_log_format => $access_log_format, - } - } -} diff --git a/keystone/metadata.json b/keystone/metadata.json deleted file mode 100644 index d57496cb1..000000000 --- a/keystone/metadata.json +++ /dev/null @@ -1,31 +0,0 @@ -{ - "name": "openstack-keystone", - "version": "8.2.0", - "author": "Puppet Labs and OpenStack Contributors", - "summary": "Puppet module for OpenStack Keystone", - "license": "Apache-2.0", - "source": "git://github.com/openstack/puppet-keystone.git", - "project_page": "https://launchpad.net/puppet-keystone", - "issues_url": "https://bugs.launchpad.net/puppet-keystone", - "requirements": [ - { "name": "pe", "version_requirement": ">= 3.2.0 <= 2016.1.0" }, - { "name": "puppet", "version_requirement": ">= 3.0.0 < 5.0.0" } - ], - "operatingsystem_support": [ - { - "operatingsystem": "RedHat", - "operatingsystemrelease": ["7"] - }, - { - "operatingsystem": "Ubuntu", - "operatingsystemrelease": ["14.04"] - } - ], - "description": "Installs and configures OpenStack Keystone (Identity).", - "dependencies": [ - { "name": "puppetlabs/apache", "version_requirement": ">=1.8.0 <2.0.0" }, - { "name": "puppetlabs/inifile", "version_requirement": ">=1.4.0 <2.0.0" }, - { "name": "puppetlabs/stdlib", "version_requirement": ">=4.9.0 <5.0.0" }, - { "name": "openstack/openstacklib", "version_requirement": ">=8.2.0 <9.0.0 " } - ] -} diff --git a/keystone/releasenotes/notes/deprecated_ldap-02957eb56827ead5.yaml b/keystone/releasenotes/notes/deprecated_ldap-02957eb56827ead5.yaml deleted file mode 100644 index ab6d53076..000000000 --- a/keystone/releasenotes/notes/deprecated_ldap-02957eb56827ead5.yaml +++ /dev/null @@ -1,3 +0,0 @@ ---- -deprecations: - - Remove deprecated tenant LDAP parameters. diff --git a/keystone/releasenotes/notes/disable_admin_token_auth-b82d0aca80d1f091.yaml b/keystone/releasenotes/notes/disable_admin_token_auth-b82d0aca80d1f091.yaml deleted file mode 100644 index 64c844d7f..000000000 --- a/keystone/releasenotes/notes/disable_admin_token_auth-b82d0aca80d1f091.yaml +++ /dev/null @@ -1,6 +0,0 @@ ---- -prelude: > -features: - - Add keystone::disable_admin_token_auth class - Allow to disable admin_token (highly recommended by Keystone team) after an - initial bootstrap. diff --git a/keystone/releasenotes/notes/ensure_parameter_service_identity_resource-610076e4902c23ec.yaml b/keystone/releasenotes/notes/ensure_parameter_service_identity_resource-610076e4902c23ec.yaml deleted file mode 100644 index c756a9c03..000000000 --- a/keystone/releasenotes/notes/ensure_parameter_service_identity_resource-610076e4902c23ec.yaml +++ /dev/null @@ -1,3 +0,0 @@ ---- -features: - - Ensure parameter was added to service identity resource to allow control of keystone types within resource. diff --git a/keystone/releasenotes/notes/federation_with_mellon-2f8229c1464b2e0e.yaml b/keystone/releasenotes/notes/federation_with_mellon-2f8229c1464b2e0e.yaml deleted file mode 100644 index 681332574..000000000 --- a/keystone/releasenotes/notes/federation_with_mellon-2f8229c1464b2e0e.yaml +++ /dev/null @@ -1,3 +0,0 @@ ---- -features: - - Federation support for Mellon. diff --git a/keystone/releasenotes/notes/fix-cache-configs-a3972486723f1d99.yaml b/keystone/releasenotes/notes/fix-cache-configs-a3972486723f1d99.yaml deleted file mode 100644 index 679312380..000000000 --- a/keystone/releasenotes/notes/fix-cache-configs-a3972486723f1d99.yaml +++ /dev/null @@ -1,5 +0,0 @@ ---- -fixes: - - Fixes `bug 1523393 - `__ so we're - able to correctly configure cache memcache servers options for Keystone. diff --git a/keystone/releasenotes/notes/fix_admin-fee6e76089c07a42.yaml b/keystone/releasenotes/notes/fix_admin-fee6e76089c07a42.yaml deleted file mode 100644 index ee6fb3327..000000000 --- a/keystone/releasenotes/notes/fix_admin-fee6e76089c07a42.yaml +++ /dev/null @@ -1,5 +0,0 @@ ---- -fixes: - - Fixes `bug 1533913 - `__ so - admin user role is applied in admin_project_domain and admin_user_domain. diff --git a/keystone/releasenotes/notes/fix_endpoint_region-0fa0d89061ebaf12.yaml b/keystone/releasenotes/notes/fix_endpoint_region-0fa0d89061ebaf12.yaml deleted file mode 100644 index 1443a78ba..000000000 --- a/keystone/releasenotes/notes/fix_endpoint_region-0fa0d89061ebaf12.yaml +++ /dev/null @@ -1,5 +0,0 @@ ---- -fixes: - - Fixes `bug 1535939 - `__ so - endpoint provider take the regions in account. diff --git a/keystone/releasenotes/notes/fix_endpoint_update_when_missing-4cd73e06a8ac30f7.yaml b/keystone/releasenotes/notes/fix_endpoint_update_when_missing-4cd73e06a8ac30f7.yaml deleted file mode 100644 index a2432e380..000000000 --- a/keystone/releasenotes/notes/fix_endpoint_update_when_missing-4cd73e06a8ac30f7.yaml +++ /dev/null @@ -1,6 +0,0 @@ ---- -fixes: - - Fixes `bug 1559013 - `__ so - update of a keystone_endpoint does not recreate all endpoints when - one or two network endpoint are missing. diff --git a/keystone/releasenotes/notes/fix_openrc_v2-64049769daf57b65.yaml b/keystone/releasenotes/notes/fix_openrc_v2-64049769daf57b65.yaml deleted file mode 100644 index 8d7e4919f..000000000 --- a/keystone/releasenotes/notes/fix_openrc_v2-64049769daf57b65.yaml +++ /dev/null @@ -1,6 +0,0 @@ ---- -fixes: - - Fixes `bug 1522541 - `__ so when - /root/openrc is present and has a v2 auth_url, the Keystone_user - resource will not fail to check credentials. diff --git a/keystone/releasenotes/notes/hash_domains-d6a867466bcf324b.yaml b/keystone/releasenotes/notes/hash_domains-d6a867466bcf324b.yaml deleted file mode 100644 index afa141443..000000000 --- a/keystone/releasenotes/notes/hash_domains-d6a867466bcf324b.yaml +++ /dev/null @@ -1,4 +0,0 @@ ---- -fixes: - - Hash domains by name. - Improving performances of providers when managing lot of resources in the same domain (users and projects). diff --git a/keystone/releasenotes/notes/ipv6_provider-796b60badd356e59.yaml b/keystone/releasenotes/notes/ipv6_provider-796b60badd356e59.yaml deleted file mode 100644 index 15bf1982d..000000000 --- a/keystone/releasenotes/notes/ipv6_provider-796b60badd356e59.yaml +++ /dev/null @@ -1,3 +0,0 @@ ---- -fixes: - - Sanitize providers for IPv6 by making sure the IP has brackets when needed. diff --git a/keystone/releasenotes/notes/keystone-wsgi-scripts-0d772d1f9f2d6c57.yaml b/keystone/releasenotes/notes/keystone-wsgi-scripts-0d772d1f9f2d6c57.yaml deleted file mode 100644 index 0080c2896..000000000 --- a/keystone/releasenotes/notes/keystone-wsgi-scripts-0d772d1f9f2d6c57.yaml +++ /dev/null @@ -1,11 +0,0 @@ ---- -deprecations: - - The single wsgi script for both the keystone admin and - public endpoints have been deprecated upstream. As such, - our support of a single wsgi script for keystone is also - deprecated. -other: - - Add support for the newer admin and public wsgi scripts - for keystone. Also added is the ability to provide a custom - script for each of these. By default, the module will leverage - scripts provided by the keystone package. diff --git a/keystone/releasenotes/notes/keystone_bootstrap-4bf00198001d3350.yaml b/keystone/releasenotes/notes/keystone_bootstrap-4bf00198001d3350.yaml deleted file mode 100644 index b4b449276..000000000 --- a/keystone/releasenotes/notes/keystone_bootstrap-4bf00198001d3350.yaml +++ /dev/null @@ -1,6 +0,0 @@ ---- -features: - - Run keystone-manage bootstrap - Per upstream Keystone Mitaka commit 7b7fea7a3fe7677981fbf9bac5121bc15601163 - keystone no longer creates the default domain during the db_sync. - This feature enables by default the usage of keystone-manage bootstrap. diff --git a/keystone/releasenotes/notes/keystone_hooks_support-2c9e8b09bdbd1b5b.yaml b/keystone/releasenotes/notes/keystone_hooks_support-2c9e8b09bdbd1b5b.yaml deleted file mode 100644 index 409c04d49..000000000 --- a/keystone/releasenotes/notes/keystone_hooks_support-2c9e8b09bdbd1b5b.yaml +++ /dev/null @@ -1,5 +0,0 @@ ---- -features: - - moves all dependencies to an external class. - This allows keystone to be installed and managed - via external mechanisms like venvs or docker. diff --git a/keystone/releasenotes/notes/keystone_identity_provider-9b6f6b3ad70c60f3.yaml b/keystone/releasenotes/notes/keystone_identity_provider-9b6f6b3ad70c60f3.yaml deleted file mode 100644 index 37d77da52..000000000 --- a/keystone/releasenotes/notes/keystone_identity_provider-9b6f6b3ad70c60f3.yaml +++ /dev/null @@ -1,6 +0,0 @@ ---- -features: - - Resource keystone_identity_provider for Keystone, used for Identity - Federation. The remote-id parameter is missing from openstack client - Kilo release on most distributions so this provider will work starting - with Liberty. diff --git a/keystone/releasenotes/notes/keystone_python_depr-80fa804d9cd242c5.yaml b/keystone/releasenotes/notes/keystone_python_depr-80fa804d9cd242c5.yaml deleted file mode 100644 index e8e8b96a3..000000000 --- a/keystone/releasenotes/notes/keystone_python_depr-80fa804d9cd242c5.yaml +++ /dev/null @@ -1,3 +0,0 @@ ---- -deprecations: - - keystone::python class is deprecated, please use keystone::client. diff --git a/keystone/releasenotes/notes/manage_ldap_packages-3b739e338f3e59c2.yaml b/keystone/releasenotes/notes/manage_ldap_packages-3b739e338f3e59c2.yaml deleted file mode 100644 index 8c60624f0..000000000 --- a/keystone/releasenotes/notes/manage_ldap_packages-3b739e338f3e59c2.yaml +++ /dev/null @@ -1,7 +0,0 @@ ---- -features: - - Add the ability to manage LDAP support packages - or not. In some instances you may not want this - module installing the LDAP support packages even - if you are using LDAP with keystone. The default - behavior will be no change from before. diff --git a/keystone/releasenotes/notes/mitaka-dece9d43a565e6cb.yaml b/keystone/releasenotes/notes/mitaka-dece9d43a565e6cb.yaml deleted file mode 100644 index 0058470ba..000000000 --- a/keystone/releasenotes/notes/mitaka-dece9d43a565e6cb.yaml +++ /dev/null @@ -1,3 +0,0 @@ ---- -prelude: > - This is the first Mitaka release for puppet-keystone module. diff --git a/keystone/releasenotes/notes/multi_domain_configuration-32dc8cbef450f1d6.yaml b/keystone/releasenotes/notes/multi_domain_configuration-32dc8cbef450f1d6.yaml deleted file mode 100644 index bc310430d..000000000 --- a/keystone/releasenotes/notes/multi_domain_configuration-32dc8cbef450f1d6.yaml +++ /dev/null @@ -1,5 +0,0 @@ ---- -features: - - Add keystone domain specific configuration. - Adds a provider able to configure multiple domains and two parameters in - keystone class to setup a working multi-domains configuration. diff --git a/keystone/releasenotes/notes/multi_ldap-975858a46dd622a6.yaml b/keystone/releasenotes/notes/multi_ldap-975858a46dd622a6.yaml deleted file mode 100644 index aa67390c7..000000000 --- a/keystone/releasenotes/notes/multi_ldap-975858a46dd622a6.yaml +++ /dev/null @@ -1,5 +0,0 @@ ---- -features: - - Support for multiple ldap backend. - It enables users to inject multiple ldap backend configurations into - keystone. diff --git a/keystone/releasenotes/notes/os_service_default-9caeeb340d4bb303.yaml b/keystone/releasenotes/notes/os_service_default-9caeeb340d4bb303.yaml deleted file mode 100644 index 84bb317bf..000000000 --- a/keystone/releasenotes/notes/os_service_default-9caeeb340d4bb303.yaml +++ /dev/null @@ -1,5 +0,0 @@ ---- -upgrade: - - Usage of $::os_service_default function in init, db and logging classes. - It will make sure that some Keystone parameters are using OpenStack - default values. diff --git a/keystone/releasenotes/notes/policy_driver-c991dd693d2336fc.yaml b/keystone/releasenotes/notes/policy_driver-c991dd693d2336fc.yaml deleted file mode 100644 index da1f65927..000000000 --- a/keystone/releasenotes/notes/policy_driver-c991dd693d2336fc.yaml +++ /dev/null @@ -1,6 +0,0 @@ ---- -features: - - Add policy driver option for Keystone. - This option allows to configure the policy backend driver - in the keystone.policy namespace. - New parameter is policy/driver, using Keystone default value. diff --git a/keystone/releasenotes/notes/policy_rc_d_keystone_eventlet-2dc65eb3d27f8969.yaml b/keystone/releasenotes/notes/policy_rc_d_keystone_eventlet-2dc65eb3d27f8969.yaml deleted file mode 100644 index 4408d94de..000000000 --- a/keystone/releasenotes/notes/policy_rc_d_keystone_eventlet-2dc65eb3d27f8969.yaml +++ /dev/null @@ -1,7 +0,0 @@ ---- -features: - - Provides bool to determine if policy-rc.d should be managed - for keystone eventlet service. -issues: - - Keystone eventlet service is auto-started on debian based - systems on package install. diff --git a/keystone/releasenotes/notes/remove_unused_class-0615d6744896ad97.yaml b/keystone/releasenotes/notes/remove_unused_class-0615d6744896ad97.yaml deleted file mode 100644 index 5d397d895..000000000 --- a/keystone/releasenotes/notes/remove_unused_class-0615d6744896ad97.yaml +++ /dev/null @@ -1,3 +0,0 @@ ---- -deprecations: - - Remove unused and broken keystone::dev::install class. diff --git a/keystone/releasenotes/notes/stop_posix_and_files-930ee921d0ebead2.yaml b/keystone/releasenotes/notes/stop_posix_and_files-930ee921d0ebead2.yaml deleted file mode 100644 index 5b28041d0..000000000 --- a/keystone/releasenotes/notes/stop_posix_and_files-930ee921d0ebead2.yaml +++ /dev/null @@ -1,4 +0,0 @@ ---- -features: - - The module no longer manages POSIX users/groups, file and directory, that are already managed - by packaging. diff --git a/keystone/releasenotes/notes/support_multi_domain-bd04f18aa7913eaa.yaml b/keystone/releasenotes/notes/support_multi_domain-bd04f18aa7913eaa.yaml deleted file mode 100644 index dfd40b660..000000000 --- a/keystone/releasenotes/notes/support_multi_domain-bd04f18aa7913eaa.yaml +++ /dev/null @@ -1,21 +0,0 @@ ---- -prelude: > - Support for multi-domain has been added. You can configure LDAP - identity drivers along with the sql, and have multi-domain - working. -features: - - Support for multi-domain; - - Remove prefetch in keystone_user/keystone_user_role -upgrade: - - The prefetch and associated instances class function removal - could impact users that somehow use the command `puppet resource - keystone_user` or `puppet resource keystone_user_role` in - production. Those commands won't work anymore. Directly use - the associated `openstack` commands to get the same effect. -fixes: - - Fixes `bug 1554555 - `__ so - openstack cli provider needs to pass domain in v3 calls - - Fixes `bug 1485508 - `__ so - when domain_specific_drivers_enabled=True keystone_user provider fails. diff --git a/keystone/releasenotes/notes/use-reno-1caaec4ba5aa4285.yaml b/keystone/releasenotes/notes/use-reno-1caaec4ba5aa4285.yaml deleted file mode 100644 index 41cef2f11..000000000 --- a/keystone/releasenotes/notes/use-reno-1caaec4ba5aa4285.yaml +++ /dev/null @@ -1,4 +0,0 @@ ---- -features: - - Release notes are no longer maintained by hand, we now use the reno tool to - manage them. diff --git a/keystone/releasenotes/source/_static/.placeholder b/keystone/releasenotes/source/_static/.placeholder deleted file mode 100644 index e69de29bb..000000000 diff --git a/keystone/releasenotes/source/conf.py b/keystone/releasenotes/source/conf.py deleted file mode 100644 index e5d642431..000000000 --- a/keystone/releasenotes/source/conf.py +++ /dev/null @@ -1,259 +0,0 @@ -# -*- coding: utf-8 -*- -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or -# implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -# If extensions (or modules to document with autodoc) are in another directory, -# add these directories to sys.path here. If the directory is relative to the -# documentation root, use os.path.abspath to make it absolute, like shown here. -#sys.path.insert(0, os.path.abspath('.')) - -# -- General configuration ------------------------------------------------ - -# If your documentation needs a minimal Sphinx version, state it here. -#needs_sphinx = '1.0' - -# Add any Sphinx extension module names here, as strings. They can be -# extensions coming with Sphinx (named 'sphinx.ext.*') or your custom -# ones. -extensions = [ - 'oslosphinx', - 'reno.sphinxext', -] - -# Add any paths that contain templates here, relative to this directory. -templates_path = ['_templates'] - -# The suffix of source filenames. -source_suffix = '.rst' - -# The encoding of source files. -#source_encoding = 'utf-8-sig' - -# The master toctree document. -master_doc = 'index' - -# General information about the project. -project = u'puppet-keystone Release Notes' -copyright = u'2016, Puppet OpenStack Developers' - -# The version info for the project you're documenting, acts as replacement for -# |version| and |release|, also used in various other places throughout the -# built documents. -# -# The short X.Y version. -version = '8.2.0' -# The full version, including alpha/beta/rc tags. -release = '8.2.0' - -# The language for content autogenerated by Sphinx. Refer to documentation -# for a list of supported languages. -#language = None - -# There are two options for replacing |today|: either, you set today to some -# non-false value, then it is used: -#today = '' -# Else, today_fmt is used as the format for a strftime call. -#today_fmt = '%B %d, %Y' - -# List of patterns, relative to source directory, that match files and -# directories to ignore when looking for source files. -exclude_patterns = [] - -# The reST default role (used for this markup: `text`) to use for all -# documents. -#default_role = None - -# If true, '()' will be appended to :func: etc. cross-reference text. -#add_function_parentheses = True - -# If true, the current module name will be prepended to all description -# unit titles (such as .. function::). -#add_module_names = True - -# If true, sectionauthor and moduleauthor directives will be shown in the -# output. They are ignored by default. -#show_authors = False - -# The name of the Pygments (syntax highlighting) style to use. -pygments_style = 'sphinx' - -# A list of ignored prefixes for module index sorting. -#modindex_common_prefix = [] - -# If true, keep warnings as "system message" paragraphs in the built documents. -#keep_warnings = False - - -# -- Options for HTML output ---------------------------------------------- - -# The theme to use for HTML and HTML Help pages. See the documentation for -# a list of builtin themes. -html_theme = 'default' - -# Theme options are theme-specific and customize the look and feel of a theme -# further. For a list of options available for each theme, see the -# documentation. -#html_theme_options = {} - -# Add any paths that contain custom themes here, relative to this directory. -#html_theme_path = [] - -# The name for this set of Sphinx documents. If None, it defaults to -# " v documentation". -#html_title = None - -# A shorter title for the navigation bar. Default is the same as html_title. -#html_short_title = None - -# The name of an image file (relative to this directory) to place at the top -# of the sidebar. -#html_logo = None - -# The name of an image file (within the static path) to use as favicon of the -# docs. This file should be a Windows icon file (.ico) being 16x16 or 32x32 -# pixels large. -#html_favicon = None - -# Add any paths that contain custom static files (such as style sheets) here, -# relative to this directory. They are copied after the builtin static files, -# so a file named "default.css" will overwrite the builtin "default.css". -html_static_path = ['_static'] - -# Add any extra paths that contain custom files (such as robots.txt or -# .htaccess) here, relative to this directory. These files are copied -# directly to the root of the documentation. -#html_extra_path = [] - -# If not '', a 'Last updated on:' timestamp is inserted at every page bottom, -# using the given strftime format. -#html_last_updated_fmt = '%b %d, %Y' - -# If true, SmartyPants will be used to convert quotes and dashes to -# typographically correct entities. -#html_use_smartypants = True - -# Custom sidebar templates, maps document names to template names. -#html_sidebars = {} - -# Additional templates that should be rendered to pages, maps page names to -# template names. -#html_additional_pages = {} - -# If false, no module index is generated. -#html_domain_indices = True - -# If false, no index is generated. -#html_use_index = True - -# If true, the index is split into individual pages for each letter. -#html_split_index = False - -# If true, links to the reST sources are added to the pages. -#html_show_sourcelink = True - -# If true, "Created using Sphinx" is shown in the HTML footer. Default is True. -#html_show_sphinx = True - -# If true, "(C) Copyright ..." is shown in the HTML footer. Default is True. -#html_show_copyright = True - -# If true, an OpenSearch description file will be output, and all pages will -# contain a tag referring to it. The value of this option must be the -# base URL from which the finished HTML is served. -#html_use_opensearch = '' - -# This is the file name suffix for HTML files (e.g. ".xhtml"). -#html_file_suffix = None - -# Output file base name for HTML help builder. -htmlhelp_basename = 'puppet-keystoneReleaseNotesdoc' - - -# -- Options for LaTeX output --------------------------------------------- - -latex_elements = { -# The paper size ('letterpaper' or 'a4paper'). -#'papersize': 'letterpaper', - -# The font size ('10pt', '11pt' or '12pt'). -#'pointsize': '10pt', - -# Additional stuff for the LaTeX preamble. -#'preamble': '', -} - -# Grouping the document tree into LaTeX files. List of tuples -# (source start file, target name, title, -# author, documentclass [howto, manual, or own class]). -latex_documents = [ - ('index', 'puppet-keystoneReleaseNotes.tex', u'puppet-keystone Release Notes Documentation', - u'2016, Puppet OpenStack Developers', 'manual'), -] - -# The name of an image file (relative to this directory) to place at the top of -# the title page. -#latex_logo = None - -# For "manual" documents, if this is true, then toplevel headings are parts, -# not chapters. -#latex_use_parts = False - -# If true, show page references after internal links. -#latex_show_pagerefs = False - -# If true, show URL addresses after external links. -#latex_show_urls = False - -# Documents to append as an appendix to all manuals. -#latex_appendices = [] - -# If false, no module index is generated. -#latex_domain_indices = True - - -# -- Options for manual page output --------------------------------------- - -# One entry per manual page. List of tuples -# (source start file, name, description, authors, manual section). -man_pages = [ - ('index', 'puppet-keystonereleasenotes', u'puppet-keystone Release Notes Documentation', - [u'2016, Puppet OpenStack Developers'], 1) -] - -# If true, show URL addresses after external links. -#man_show_urls = False - - -# -- Options for Texinfo output ------------------------------------------- - -# Grouping the document tree into Texinfo files. List of tuples -# (source start file, target name, title, author, -# dir menu entry, description, category) -texinfo_documents = [ - ('index', 'puppet-keystoneReleaseNotes', u'puppet-keystone Release Notes Documentation', - u'2016, Puppet OpenStack Developers', 'puppet-keystoneReleaseNotes', 'One line description of project.', - 'Miscellaneous'), -] - -# Documents to append as an appendix to all manuals. -#texinfo_appendices = [] - -# If false, no module index is generated. -#texinfo_domain_indices = True - -# How to display URL addresses: 'footnote', 'no', or 'inline'. -#texinfo_show_urls = 'footnote' - -# If true, do not generate a @detailmenu in the "Top" node's menu. -#texinfo_no_detailmenu = False diff --git a/keystone/releasenotes/source/index.rst b/keystone/releasenotes/source/index.rst deleted file mode 100644 index e9095b29c..000000000 --- a/keystone/releasenotes/source/index.rst +++ /dev/null @@ -1,18 +0,0 @@ -========================================= -Welcome to puppet-keystone Release Notes! -========================================= - -Contents -======== - -.. toctree:: - :maxdepth: 2 - - unreleased - - -Indices and tables -================== - -* :ref:`genindex` -* :ref:`search` diff --git a/keystone/releasenotes/source/unreleased.rst b/keystone/releasenotes/source/unreleased.rst deleted file mode 100644 index 2334dd5cf..000000000 --- a/keystone/releasenotes/source/unreleased.rst +++ /dev/null @@ -1,5 +0,0 @@ -============================== - Current Series Release Notes -============================== - - .. release-notes:: diff --git a/keystone/setup.cfg b/keystone/setup.cfg deleted file mode 100644 index 7aeef541f..000000000 --- a/keystone/setup.cfg +++ /dev/null @@ -1,13 +0,0 @@ -[metadata] -name = puppet-keystone -summary = Puppet module for OpenStack Keystone -description-file = - README.md -author = Puppet Labs and OpenStack Contributors -author-email = openstack-dev@lists.openstack.org -home-page = http://www.openstack.org/ -classifier = - Intended Audience :: Developers - Intended Audience :: System Administrators - License :: OSI Approved :: Apache Software License - Operating System :: POSIX :: Linux diff --git a/keystone/setup.py b/keystone/setup.py deleted file mode 100644 index 70c2b3f32..000000000 --- a/keystone/setup.py +++ /dev/null @@ -1,22 +0,0 @@ -#!/usr/bin/env python -# Copyright (c) 2013 Hewlett-Packard Development Company, L.P. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or -# implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# THIS FILE IS MANAGED BY THE GLOBAL REQUIREMENTS REPO - DO NOT EDIT -import setuptools - -setuptools.setup( - setup_requires=['pbr'], - pbr=True) diff --git a/keystone/spec/acceptance/keystone_wsgi_apache_spec.rb b/keystone/spec/acceptance/keystone_wsgi_apache_spec.rb deleted file mode 100644 index 4f03322a6..000000000 --- a/keystone/spec/acceptance/keystone_wsgi_apache_spec.rb +++ /dev/null @@ -1,470 +0,0 @@ -require 'spec_helper_acceptance' - -describe 'keystone server running with Apache/WSGI with resources' do - - context 'default parameters' do - - it 'should work with no errors' do - pp= <<-EOS - include ::openstack_integration - include ::openstack_integration::repos - include ::openstack_integration::mysql - include ::openstack_integration::keystone - - ::keystone::resource::service_identity { 'beaker-ci': - service_type => 'beaker', - service_description => 'beaker service', - service_name => 'beaker', - password => 'secret', - public_url => 'http://127.0.0.1:1234', - admin_url => 'http://127.0.0.1:1234', - internal_url => 'http://127.0.0.1:1234', - } - # v3 admin - # we don't use ::keystone::roles::admin but still create resources manually: - keystone_domain { 'admin_domain': - ensure => present, - enabled => true, - description => 'Domain for admin v3 users', - } - keystone_domain { 'service_domain': - ensure => present, - enabled => true, - description => 'Domain for admin v3 users', - } - keystone_tenant { 'servicesv3::service_domain': - ensure => present, - enabled => true, - description => 'Tenant for the openstack services', - } - keystone_tenant { 'openstackv3::admin_domain': - ensure => present, - enabled => true, - description => 'admin tenant', - } - keystone_user { 'adminv3::admin_domain': - ensure => present, - enabled => true, - email => 'test@example.tld', - password => 'a_big_secret', - } - keystone_user_role { 'adminv3::admin_domain@openstackv3::admin_domain': - ensure => present, - roles => ['admin'], - } - # service user exists only in the service_domain - must - # use v3 api - ::keystone::resource::service_identity { 'beaker-civ3::service_domain': - service_type => 'beakerv3', - service_description => 'beakerv3 service', - service_name => 'beakerv3', - password => 'secret', - tenant => 'servicesv3::service_domain', - public_url => 'http://127.0.0.1:1234/v3', - admin_url => 'http://127.0.0.1:1234/v3', - internal_url => 'http://127.0.0.1:1234/v3', - user_domain => 'service_domain', - project_domain => 'service_domain', - } - EOS - - # Run it twice and test for idempotency - apply_manifest(pp, :catch_failures => true) - apply_manifest(pp, :catch_changes => true) - end - - describe port(5000) do - it { is_expected.to be_listening } - end - - describe port(35357) do - it { is_expected.to be_listening } - end - - describe cron do - it { is_expected.to have_entry('1 0 * * * keystone-manage token_flush >>/var/log/keystone/keystone-tokenflush.log 2>&1').with_user('keystone') } - end - - shared_examples_for 'keystone user/tenant/service/role/endpoint resources using v2 API' do |auth_creds| - it 'should find users in the default domain' do - shell("openstack #{auth_creds} --os-auth-url http://127.0.0.1:5000/v2.0 --os-identity-api-version 2 user list") do |r| - expect(r.stdout).to match(/admin/) - expect(r.stderr).to be_empty - end - end - it 'should find tenants in the default domain' do - shell("openstack #{auth_creds} --os-auth-url http://127.0.0.1:5000/v2.0 --os-identity-api-version 2 project list") do |r| - expect(r.stdout).to match(/openstack/) - expect(r.stderr).to be_empty - end - end - it 'should find beaker service' do - shell("openstack #{auth_creds} --os-auth-url http://127.0.0.1:5000/v2.0 --os-identity-api-version 2 service list") do |r| - expect(r.stdout).to match(/beaker/) - expect(r.stderr).to be_empty - end - end - it 'should find admin role' do - shell("openstack #{auth_creds} --os-auth-url http://127.0.0.1:5000/v2.0 --os-identity-api-version 2 role list") do |r| - expect(r.stdout).to match(/admin/) - expect(r.stderr).to be_empty - end - end - it 'should find beaker endpoints' do - shell("openstack #{auth_creds} --os-auth-url http://127.0.0.1:5000/v2.0 --os-identity-api-version 2 endpoint list --long") do |r| - expect(r.stdout).to match(/1234/) - expect(r.stderr).to be_empty - end - end - end - shared_examples_for 'keystone user/tenant/service/role/endpoint resources using v3 API' do |auth_creds| - it 'should find beaker user' do - shell("openstack #{auth_creds} --os-auth-url http://127.0.0.1:5000/v3 --os-identity-api-version 3 user list") do |r| - expect(r.stdout).to match(/beaker/) - expect(r.stderr).to be_empty - end - end - it 'should find services tenant' do - shell("openstack #{auth_creds} --os-auth-url http://127.0.0.1:5000/v3 --os-identity-api-version 3 project list") do |r| - expect(r.stdout).to match(/services/) - expect(r.stderr).to be_empty - end - end - it 'should find beaker service' do - shell("openstack #{auth_creds} --os-auth-url http://127.0.0.1:5000/v3 --os-identity-api-version 3 service list") do |r| - expect(r.stdout).to match(/beaker/) - expect(r.stderr).to be_empty - end - end - it 'should find admin role' do - shell("openstack #{auth_creds} --os-auth-url http://127.0.0.1:5000/v3 --os-identity-api-version 3 role list") do |r| - expect(r.stdout).to match(/admin/) - expect(r.stderr).to be_empty - end - end - it 'should find beaker endpoints' do - shell("openstack #{auth_creds} --os-auth-url http://127.0.0.1:5000/v3 --os-identity-api-version 3 endpoint list") do |r| - expect(r.stdout).to match(/1234/) - expect(r.stderr).to be_empty - end - end - end - describe 'with v2 admin with v2 credentials' do - include_examples 'keystone user/tenant/service/role/endpoint resources using v2 API', - '--os-username admin --os-password a_big_secret --os-project-name openstack' - end - describe 'with v2 service with v2 credentials' do - include_examples 'keystone user/tenant/service/role/endpoint resources using v2 API', - '--os-username beaker-ci --os-password secret --os-project-name services' - end - describe 'with v2 admin with v3 credentials' do - include_examples 'keystone user/tenant/service/role/endpoint resources using v3 API', - '--os-username admin --os-password a_big_secret --os-project-name openstack --os-user-domain-name Default --os-project-domain-name Default' - end - describe "with v2 service with v3 credentials" do - include_examples 'keystone user/tenant/service/role/endpoint resources using v3 API', - '--os-username beaker-ci --os-password secret --os-project-name services --os-user-domain-name Default --os-project-domain-name Default' - end - describe 'with v3 admin with v3 credentials' do - include_examples 'keystone user/tenant/service/role/endpoint resources using v3 API', - '--os-username adminv3 --os-password a_big_secret --os-project-name openstackv3' \ - ' --os-user-domain-name admin_domain --os-project-domain-name admin_domain' - - end - describe "with v3 service with v3 credentials" do - include_examples 'keystone user/tenant/service/role/endpoint resources using v3 API', - '--os-username beaker-civ3 --os-password secret --os-project-name servicesv3 --os-user-domain-name service_domain --os-project-domain-name service_domain' - - end - end - describe 'composite namevar quick test' do - context 'similar resources different naming' do - let(:pp) do - <<-EOM - keystone_tenant { 'openstackv3': - ensure => present, - enabled => true, - description => 'admin tenant', - domain => 'admin_domain' - } - keystone_user { 'adminv3::useless_when_the_domain_is_set': - ensure => present, - enabled => true, - email => 'test@example.tld', - password => 'a_big_secret', - domain => 'admin_domain' - } - keystone_user_role { 'adminv3::admin_domain@openstackv3::admin_domain': - ensure => present, - roles => ['admin'], - } - EOM - end - it 'should not do any modification' do - apply_manifest(pp, :catch_changes => true) - end - end - end - describe 'composite namevar for keystone_service' do - let(:pp) do - <<-EOM - keystone_service { 'service_1::type_1': ensure => present } - keystone_service { 'service_1': type => 'type_2', ensure => present } - EOM - end - it 'should be possible to create two services different only by their type' do - apply_manifest(pp, :catch_failures => true) - apply_manifest(pp, :catch_changes => true) - end - end - - describe 'composite namevar for keystone_service and keystone_endpoint' do - let(:pp) do - <<-EOM - keystone_service { 'service_1::type_1': ensure => present } - keystone_service { 'service_1': type => 'type_2', ensure => present } - keystone_endpoint { 'RegionOne/service_1::type_2': - ensure => present, - public_url => 'http://public_service1_type2', - internal_url => 'http://internal_service1_type2', - admin_url => 'http://admin_service1_type2' - } - keystone_endpoint { 'service_1': - ensure => present, - region => 'RegionOne', - type => 'type_1', - public_url => 'http://public_service1_type1/', - internal_url => 'http://internal_service1_type1/', - admin_url => 'http://admin_service1_type1/' - } - EOM - end - it 'should be possible to create two services different only by their type' do - apply_manifest(pp, :catch_failures => true) - apply_manifest(pp, :catch_changes => true) - end - describe 'puppet service are created' do - it 'for service' do - shell('puppet resource keystone_service') do |result| - expect(result.stdout) - .to include_regexp([/keystone_service { 'service_1::type_1':/, - /keystone_service { 'service_1::type_2':/]) - end - end - end - describe 'puppet endpoints are created' do - it 'for service' do - shell('puppet resource keystone_endpoint') do |result| - expect(result.stdout) - .to include_regexp([/keystone_endpoint { 'RegionOne\/service_1::type_1':/, - /keystone_endpoint { 'RegionOne\/service_1::type_2':/]) - end - end - end - end - - context '#keystone_domain_config' do - # make sure everything is clean before playing the manifest - shared_examples 'clean_domain_configuration', :clean_domain_cfg => true do - before(:context) do - hosts.each do |host| - on host, 'rm -rf /etc/keystone/domains >/dev/null 2>&1' - on host, 'rm -rf /tmp/keystone.*.conf >/dev/null 2>&1' - end - end - end - - context 'one domain configuration', :clean_domain_cfg => true do - context 'simple use case' do - it_behaves_like 'puppet_apply_success', <<-EOM - file { '/etc/keystone/domains': ensure => directory } - keystone_domain_config { 'services::ldap/url': - value => 'http://auth.com/1', - } - EOM - - context '/etc/keystone/domains/keystone.services.conf' do - # the idiom - - # note: cannot use neither instance variable nor let on - # parameter for shared_example - it_behaves_like 'a_valid_configuration', <<-EOC - -[ldap] -url=http://auth.com/1 -EOC - end - end - - context 'with a non default identity/domain_config_dir' do - it_behaves_like 'puppet_apply_success', <<-EOM - keystone_config { 'identity/domain_config_dir': value => '/tmp' } - keystone_domain_config { 'services::ldap/url': - value => 'http://auth.com/1', - } - EOM - - context '/tmp/keystone.services.conf' do - it_behaves_like 'a_valid_configuration', <<-EOC - -[ldap] -url=http://auth.com/1 -EOC - end - end - end - - context 'with a multiple configurations', :clean_domain_cfg => true do - it_behaves_like 'puppet_apply_success', <<-EOM - file { '/etc/keystone/domains': ensure => directory } - keystone_config { 'identity/domain_config_dir': value => '/etc/keystone/domains' } - keystone_domain_config { 'services::ldap/url': - value => 'http://auth.com/1', - } - keystone_domain_config { 'services::http/url': - value => 'http://auth.com/2', - } - keystone_domain_config { 'external::ldap/url': - value => 'http://ext-auth.com/1', - } - EOM - - describe command('puppet resource keystone_domain_config') do - its(:exit_status) { is_expected.to eq(0) } - its(:stdout) { is_expected.to eq(< 'present', - value => 'http://ext-auth.com/1', -} -keystone_domain_config { 'services::http/url': - ensure => 'present', - value => 'http://auth.com/2', -} -keystone_domain_config { 'services::ldap/url': - ensure => 'present', - value => 'http://auth.com/1', -} -EOO - end - - describe '/etc/keystone/domains/keystone.services.conf' do - it_behaves_like 'a_valid_configuration', < true } - keystone_domain_config { 'services::ldap/url': - value => 'http://auth.com/1', - } - EOM - - context '/etc/keystone/domains/keystone.services.conf' do - it_behaves_like 'a_valid_configuration', <<-EOC - -[http] - -[ldap] -url=http://auth.com/1 -EOC - end - end - context '#ldap_backend', :clean_domain_cfg => true do - context 'manifest' do - let(:pp) do - <<-EOM - class { '::openstack_integration::keystone': - default_domain => 'default_domain', - using_domain_config => true, - } - keystone_domain { 'domain_1_ldap_backend': ensure => present } - keystone_domain { 'domain_2_ldap_backend': ensure => present } - keystone::ldap_backend { 'domain_1_ldap_backend': - url => 'ldap://foo', - user => 'cn=foo,dc=example,dc=com', - identity_driver => 'ldap', - } - keystone::ldap_backend { 'domain_2_ldap_backend': - url => 'ldap://bar', - user => 'cn=bar,dc=test,dc=com', - identity_driver => 'ldap', - } - EOM - end - it 'should apply the manifest correctly' do - apply_manifest(pp, :accept_all_exit_codes => true) - # Cannot really test it as keystone will try to connect to - # the ldap backend when it restarts. But the ldap server - # which doesn't exit. The next "test" clean everything up - # to have a working keystone again. - - # TODO: Sould we add a working ldap server ? - end - context '/etc/keystone/domains/keystone.domain_1_ldap_backend.conf' do - it_behaves_like 'a_valid_configuration', <<-EOC - -[ldap] -use_pool=False -pool_retry_delay=0.1 -url=ldap://foo -auth_pool_size=100 -auth_pool_connection_lifetime=60 -user=cn=foo,dc=example,dc=com -pool_connection_timeout=-1 -use_auth_pool=False -pool_connection_lifetime=600 -pool_size=10 -pool_retry_max=3 -EOC - end - - context '/etc/keystone/domains/keystone.domain_2_ldap_backend.conf' do - it_behaves_like 'a_valid_configuration', <<-EOC - -[ldap] -pool_retry_delay=0.1 -url=ldap://bar -user=cn=bar,dc=test,dc=com -use_pool=False -pool_retry_max=3 -pool_size=10 -auth_pool_size=100 -auth_pool_connection_lifetime=60 -use_auth_pool=False -pool_connection_lifetime=600 -pool_connection_timeout=-1 -EOC - end - end - context 'clean up', :clean_domain_cfg => true do - # we must revert the changes as ldap backend is not fully - # functional and are "domain read only". All subsequent tests - # will fail without this. - it_behaves_like 'puppet_apply_success', <<-EOM - keystone_config { - 'identity/driver': value => 'sql'; - 'credential/driver': ensure => absent; - 'assignment/driver': ensure => absent; - 'identity/domain_specific_drivers_enabled': ensure => absent; - 'identity/domain_config_dir': ensure => absent; - } - EOM - end - end - end -end diff --git a/keystone/spec/acceptance/nodesets/centos-70-x64.yml b/keystone/spec/acceptance/nodesets/centos-70-x64.yml deleted file mode 100644 index 5f097e9fe..000000000 --- a/keystone/spec/acceptance/nodesets/centos-70-x64.yml +++ /dev/null @@ -1,11 +0,0 @@ -HOSTS: - centos-server-70-x64: - roles: - - master - platform: el-7-x86_64 - box: puppetlabs/centos-7.0-64-nocm - box_url: https://vagrantcloud.com/puppetlabs/centos-7.0-64-nocm - hypervisor: vagrant -CONFIG: - log_level: debug - type: foss diff --git a/keystone/spec/acceptance/nodesets/default.yml b/keystone/spec/acceptance/nodesets/default.yml deleted file mode 100644 index 486b6a34e..000000000 --- a/keystone/spec/acceptance/nodesets/default.yml +++ /dev/null @@ -1,10 +0,0 @@ -HOSTS: - ubuntu-server-14.04-amd64: - roles: - - master - platform: ubuntu-14.04-amd64 - box: puppetlabs/ubuntu-14.04-64-nocm - box_url: https://vagrantcloud.com/puppetlabs/ubuntu-14.04-64-nocm - hypervisor: vagrant -CONFIG: - type: foss diff --git a/keystone/spec/acceptance/nodesets/nodepool-centos7.yml b/keystone/spec/acceptance/nodesets/nodepool-centos7.yml deleted file mode 100644 index c55287420..000000000 --- a/keystone/spec/acceptance/nodesets/nodepool-centos7.yml +++ /dev/null @@ -1,10 +0,0 @@ -HOSTS: - centos-70-x64: - roles: - - master - platform: el-7-x86_64 - hypervisor: none - ip: 127.0.0.1 -CONFIG: - type: foss - set_env: false diff --git a/keystone/spec/acceptance/nodesets/nodepool-trusty.yml b/keystone/spec/acceptance/nodesets/nodepool-trusty.yml deleted file mode 100644 index 9fc624e24..000000000 --- a/keystone/spec/acceptance/nodesets/nodepool-trusty.yml +++ /dev/null @@ -1,10 +0,0 @@ -HOSTS: - ubuntu-14.04-amd64: - roles: - - master - platform: ubuntu-14.04-amd64 - hypervisor: none - ip: 127.0.0.1 -CONFIG: - type: foss - set_env: false diff --git a/keystone/spec/acceptance/nodesets/ubuntu-server-1404-x64.yml b/keystone/spec/acceptance/nodesets/ubuntu-server-1404-x64.yml deleted file mode 100644 index 8001929b2..000000000 --- a/keystone/spec/acceptance/nodesets/ubuntu-server-1404-x64.yml +++ /dev/null @@ -1,11 +0,0 @@ -HOSTS: - ubuntu-server-14.04-amd64: - roles: - - master - platform: ubuntu-14.04-amd64 - box: puppetlabs/ubuntu-14.04-64-nocm - box_url: https://vagrantcloud.com/puppetlabs/ubuntu-14.04-64-nocm - hypervisor: vagrant -CONFIG: - log_level: debug - type: foss diff --git a/keystone/spec/classes/keystone_client_spec.rb b/keystone/spec/classes/keystone_client_spec.rb deleted file mode 100644 index 0b24b2c2c..000000000 --- a/keystone/spec/classes/keystone_client_spec.rb +++ /dev/null @@ -1,26 +0,0 @@ -require 'spec_helper' - -describe 'keystone::client' do - - describe "with default parameters" do - it { is_expected.to contain_package('python-keystoneclient').with( - 'ensure' => 'present', - 'tag' => 'openstack' - ) } - it { is_expected.to contain_package('python-openstackclient').with( - 'ensure' => 'present', - 'tag' => 'openstack', - ) } - end - - describe "with specified version" do - let :params do - {:ensure => '2013.1'} - end - - it { is_expected.to contain_package('python-keystoneclient').with( - 'ensure' => '2013.1', - 'tag' => 'openstack' - ) } - end -end diff --git a/keystone/spec/classes/keystone_cron_token_flush_spec.rb b/keystone/spec/classes/keystone_cron_token_flush_spec.rb deleted file mode 100644 index 0f9dc63d8..000000000 --- a/keystone/spec/classes/keystone_cron_token_flush_spec.rb +++ /dev/null @@ -1,105 +0,0 @@ -require 'spec_helper' - -describe 'keystone::cron::token_flush' do - - let :facts do - @default_facts.merge({ :osfamily => 'Debian' }) - end - - let :params do - { :ensure => 'present', - :minute => 1, - :hour => 0, - :monthday => '*', - :month => '*', - :weekday => '*', - :maxdelay => 0, - :destination => '/var/log/keystone/keystone-tokenflush.log' } - end - - describe 'with default parameters' do - it 'configures a cron' do - is_expected.to contain_cron('keystone-manage token_flush').with( - :ensure => params[:ensure], - :command => "keystone-manage token_flush >>#{params[:destination]} 2>&1", - :environment => 'PATH=/bin:/usr/bin:/usr/sbin SHELL=/bin/sh', - :user => 'keystone', - :minute => params[:minute], - :hour => params[:hour], - :monthday => params[:monthday], - :month => params[:month], - :weekday => params[:weekday], - :require => 'Package[keystone]', - ) - end - end - - describe 'when specifying a maxdelay param' do - before :each do - params.merge!( - :maxdelay => 600 - ) - end - - it 'configures a cron with delay' do - is_expected.to contain_cron('keystone-manage token_flush').with( - :ensure => params[:ensure], - :command => "sleep `expr ${RANDOM} \\% #{params[:maxdelay]}`; keystone-manage token_flush >>#{params[:destination]} 2>&1", - :environment => 'PATH=/bin:/usr/bin:/usr/sbin SHELL=/bin/sh', - :user => 'keystone', - :minute => params[:minute], - :hour => params[:hour], - :monthday => params[:monthday], - :month => params[:month], - :weekday => params[:weekday], - :require => 'Package[keystone]', - ) - end - end - - describe 'when specifying a user param' do - let :params do - { - :user => 'keystonecustom' - } - end - - it 'configures a cron with delay' do - is_expected.to contain_cron('keystone-manage token_flush').with( - :ensure => 'present', - :command => 'keystone-manage token_flush >>/var/log/keystone/keystone-tokenflush.log 2>&1', - :environment => 'PATH=/bin:/usr/bin:/usr/sbin SHELL=/bin/sh', - :user => 'keystonecustom', - :minute => 1, - :hour => 0, - :monthday => '*', - :month => '*', - :weekday => '*', - :require => 'Package[keystone]', - ) - end - end - - describe 'when disabling cron job' do - before :each do - params.merge!( - :ensure => 'absent' - ) - end - - it 'configures a cron with delay' do - is_expected.to contain_cron('keystone-manage token_flush').with( - :ensure => params[:ensure], - :command => "keystone-manage token_flush >>#{params[:destination]} 2>&1", - :environment => 'PATH=/bin:/usr/bin:/usr/sbin SHELL=/bin/sh', - :user => 'keystone', - :minute => params[:minute], - :hour => params[:hour], - :monthday => params[:monthday], - :month => params[:month], - :weekday => params[:weekday], - :require => 'Package[keystone]', - ) - end - end -end diff --git a/keystone/spec/classes/keystone_db_mysql_spec.rb b/keystone/spec/classes/keystone_db_mysql_spec.rb deleted file mode 100644 index 3de968dab..000000000 --- a/keystone/spec/classes/keystone_db_mysql_spec.rb +++ /dev/null @@ -1,92 +0,0 @@ -require 'spec_helper' - -describe 'keystone::db::mysql' do - - let :pre_condition do - [ - 'include mysql::server', - 'include keystone::db::sync' - ] - end - - let :facts do - @default_facts.merge({ :osfamily => 'Debian' }) - end - - let :params do - { - :password => 'keystone_default_password', - } - end - - describe 'with only required params' do - it { is_expected.to contain_openstacklib__db__mysql('keystone').with( - :user => 'keystone', - :password_hash => '*B552157B14BCEDDCEAA06767A012F31BDAA9CE3D', - :dbname => 'keystone', - :host => '127.0.0.1', - :charset => 'utf8', - :collate => 'utf8_general_ci', - )} - end - - describe "overriding allowed_hosts param to array" do - let :params do - { - :password => 'keystonepass', - :allowed_hosts => ['127.0.0.1','%'] - } - end - - it { is_expected.to contain_openstacklib__db__mysql('keystone').with( - :user => 'keystone', - :password_hash => '*706BFA85E15D0C1D8467D0D81D784F6A04CE4ABB', - :dbname => 'keystone', - :host => '127.0.0.1', - :charset => 'utf8', - :collate => 'utf8_general_ci', - :allowed_hosts => ['127.0.0.1','%'], - )} - - end - describe "overriding allowed_hosts param to string" do - let :params do - { - :password => 'keystonepass2', - :allowed_hosts => '192.168.1.1' - } - end - - it { is_expected.to contain_openstacklib__db__mysql('keystone').with( - :user => 'keystone', - :password_hash => '*47651CDAAB340A79CC838378072877FFFBF0B239', - :dbname => 'keystone', - :host => '127.0.0.1', - :charset => 'utf8', - :collate => 'utf8_general_ci', - :allowed_hosts => '192.168.1.1', - )} - - end - - describe "overriding allowed_hosts param equals to host param " do - let :params do - { - :password => 'keystonepass2', - :allowed_hosts => '127.0.0.1' - } - end - - it { is_expected.to contain_openstacklib__db__mysql('keystone').with( - :user => 'keystone', - :password_hash => '*47651CDAAB340A79CC838378072877FFFBF0B239', - :dbname => 'keystone', - :host => '127.0.0.1', - :charset => 'utf8', - :collate => 'utf8_general_ci', - :allowed_hosts => '127.0.0.1', - )} - - end - -end diff --git a/keystone/spec/classes/keystone_db_postgresql_spec.rb b/keystone/spec/classes/keystone_db_postgresql_spec.rb deleted file mode 100644 index 388a9f41d..000000000 --- a/keystone/spec/classes/keystone_db_postgresql_spec.rb +++ /dev/null @@ -1,58 +0,0 @@ -require 'spec_helper' - -describe 'keystone::db::postgresql' do - - let :req_params do - { :password => 'pw' } - end - - let :pre_condition do - 'include postgresql::server' - end - - context 'on a RedHat osfamily' do - let :facts do - @default_facts.merge({ - :osfamily => 'RedHat', - :operatingsystemrelease => '7.0', - :concat_basedir => '/var/lib/puppet/concat' - }) - end - - context 'with only required parameters' do - let :params do - req_params - end - - it { is_expected.to contain_postgresql__server__db('keystone').with( - :user => 'keystone', - :password => 'md5c530c33636c58ae83ca933f39319273e' - )} - end - - end - - context 'on a Debian osfamily' do - let :facts do - @default_facts.merge({ - :operatingsystemrelease => '7.8', - :operatingsystem => 'Debian', - :osfamily => 'Debian', - :concat_basedir => '/var/lib/puppet/concat' - }) - end - - context 'with only required parameters' do - let :params do - req_params - end - - it { is_expected.to contain_postgresql__server__db('keystone').with( - :user => 'keystone', - :password => 'md5c530c33636c58ae83ca933f39319273e' - )} - end - - end - -end diff --git a/keystone/spec/classes/keystone_db_spec.rb b/keystone/spec/classes/keystone_db_spec.rb deleted file mode 100644 index 2bcfb9e18..000000000 --- a/keystone/spec/classes/keystone_db_spec.rb +++ /dev/null @@ -1,118 +0,0 @@ -require 'spec_helper' - -describe 'keystone::db' do - - shared_examples 'keystone::db' do - - context 'with default parameters' do - - it { is_expected.to contain_keystone_config('database/connection').with_value('sqlite:////var/lib/keystone/keystone.sqlite').with_secret(true) } - it { is_expected.to contain_keystone_config('database/idle_timeout').with_value('') } - it { is_expected.to contain_keystone_config('database/min_pool_size').with_value('') } - it { is_expected.to contain_keystone_config('database/max_pool_size').with_value('') } - it { is_expected.to contain_keystone_config('database/max_overflow').with_value('') } - it { is_expected.to contain_keystone_config('database/max_retries').with_value('') } - it { is_expected.to contain_keystone_config('database/retry_interval').with_value('') } - - end - - context 'with specific parameters' do - let :params do - { :database_connection => 'mysql+pymysql://keystone:keystone@localhost/keystone', - :database_idle_timeout => '3601', - :database_min_pool_size => '2', - :database_max_pool_size => '21', - :database_max_retries => '11', - :database_max_overflow => '21', - :database_retry_interval => '11', } - end - - it { is_expected.to contain_keystone_config('database/connection').with_value('mysql+pymysql://keystone:keystone@localhost/keystone').with_secret(true) } - it { is_expected.to contain_keystone_config('database/idle_timeout').with_value('3601') } - it { is_expected.to contain_keystone_config('database/min_pool_size').with_value('2') } - it { is_expected.to contain_keystone_config('database/max_retries').with_value('11') } - it { is_expected.to contain_keystone_config('database/max_pool_size').with_value('21') } - it { is_expected.to contain_keystone_config('database/max_overflow').with_value('21') } - it { is_expected.to contain_keystone_config('database/retry_interval').with_value('11') } - end - - context 'with MySQL-python library as backend package' do - let :params do - { :database_connection => 'mysql://keystone:keystone@localhost/keystone' } - end - - it { is_expected.to contain_package('python-mysqldb').with(:ensure => 'present') } - end - - context 'with postgresql backend' do - let :params do - { :database_connection => 'postgresql://keystone:keystone@localhost/keystone', } - end - - it 'install the proper backend package' do - is_expected.to contain_package('python-psycopg2').with(:ensure => 'present') - end - - end - - context 'with incorrect database_connection string' do - let :params do - { :database_connection => 'redis://keystone:keystone@localhost/keystone', } - end - - it_raises 'a Puppet::Error', /validate_re/ - end - - context 'with incorrect pymysql database_connection string' do - let :params do - { :database_connection => 'foo+pymysql://keystone:keystone@localhost/keystone', } - end - - it_raises 'a Puppet::Error', /validate_re/ - end - - end - - context 'on Debian platforms' do - let :facts do - @default_facts.merge({ :osfamily => 'Debian', - :operatingsystem => 'Debian', - :operatingsystemrelease => 'jessie', - }) - end - - it_configures 'keystone::db' - - context 'using pymysql driver' do - let :params do - { :database_connection => 'mysql+pymysql://keystone:keystone@localhost/keystone', } - end - - it 'install the proper backend package' do - is_expected.to contain_package('keystone-backend-package').with( - :ensure => 'present', - :name => 'python-pymysql', - :tag => ['openstack', 'keystone-package'] - ) - end - end - end - - context 'on Redhat platforms' do - let :facts do - @default_facts.merge({ :osfamily => 'RedHat', - :operatingsystemrelease => '7.1', - }) - end - - it_configures 'keystone::db' - - context 'using pymysql driver' do - let :params do - { :database_connection => 'mysql+pymysql://keystone:keystone@localhost/keystone', } - end - it { is_expected.not_to contain_package('keystone-backend-package') } - end - end - -end diff --git a/keystone/spec/classes/keystone_db_sync_spec.rb b/keystone/spec/classes/keystone_db_sync_spec.rb deleted file mode 100644 index ccc0af3bf..000000000 --- a/keystone/spec/classes/keystone_db_sync_spec.rb +++ /dev/null @@ -1,37 +0,0 @@ -require 'spec_helper' - -describe 'keystone::db::sync' do - - describe 'with only required params' do - it { - is_expected.to contain_exec('keystone-manage db_sync').with( - :command => 'keystone-manage db_sync', - :refreshonly => true, - :subscribe => ['Anchor[keystone::install::end]', - 'Anchor[keystone::config::end]', - 'Anchor[keystone::dbsync::begin]'], - :notify => 'Anchor[keystone::dbsync::end]', - ) - } - end - - describe "overriding extra_params" do - let :params do - { - :extra_params => '--config-file /etc/keystone/keystone.conf', - } - end - - it { - is_expected.to contain_exec('keystone-manage db_sync').with( - :command => 'keystone-manage --config-file /etc/keystone/keystone.conf db_sync', - :refreshonly => true, - :subscribe => ['Anchor[keystone::install::end]', - 'Anchor[keystone::config::end]', - 'Anchor[keystone::dbsync::begin]'], - :notify => 'Anchor[keystone::dbsync::end]', - ) - } - end - -end diff --git a/keystone/spec/classes/keystone_deps_spec.rb b/keystone/spec/classes/keystone_deps_spec.rb deleted file mode 100644 index 354981c3d..000000000 --- a/keystone/spec/classes/keystone_deps_spec.rb +++ /dev/null @@ -1,17 +0,0 @@ -require 'spec_helper' - -describe 'keystone::deps' do - - it 'set up the anchors' do - is_expected.to contain_anchor('keystone::install::begin') - is_expected.to contain_anchor('keystone::install::end') - is_expected.to contain_anchor('keystone::config::begin') - is_expected.to contain_anchor('keystone::config::end') - is_expected.to contain_anchor('keystone::db::begin') - is_expected.to contain_anchor('keystone::db::end') - is_expected.to contain_anchor('keystone::dbsync::begin') - is_expected.to contain_anchor('keystone::dbsync::end') - is_expected.to contain_anchor('keystone::service::begin') - is_expected.to contain_anchor('keystone::service::end') - end -end diff --git a/keystone/spec/classes/keystone_disable_admin_token_auth_spec.rb b/keystone/spec/classes/keystone_disable_admin_token_auth_spec.rb deleted file mode 100644 index a8d141cae..000000000 --- a/keystone/spec/classes/keystone_disable_admin_token_auth_spec.rb +++ /dev/null @@ -1,15 +0,0 @@ -require 'spec_helper' - -describe 'keystone::disable_admin_token_auth' do - let :facts do - @default_facts.merge(:osfamily => 'Debian') - end - - let :pre_condition do - 'class { "keystone": admin_token => "secret", }' - end - - it { is_expected.to contain_ini_subsetting('public_api/admin_token_auth') } - it { is_expected.to contain_ini_subsetting('admin_api/admin_token_auth') } - it { is_expected.to contain_ini_subsetting('api_v3/admin_token_auth') } -end diff --git a/keystone/spec/classes/keystone_endpoint_spec.rb b/keystone/spec/classes/keystone_endpoint_spec.rb deleted file mode 100644 index efc71eb4f..000000000 --- a/keystone/spec/classes/keystone_endpoint_spec.rb +++ /dev/null @@ -1,84 +0,0 @@ -require 'spec_helper' - -describe 'keystone::endpoint' do - - it { is_expected.to contain_keystone_service('keystone::identity').with( - :ensure => 'present', - :description => 'OpenStack Identity Service' - )} - - describe 'with default parameters' do - it { is_expected.to contain_keystone_endpoint('RegionOne/keystone::identity').with( - :ensure => 'present', - :public_url => 'http://127.0.0.1:5000/v2.0', - :admin_url => 'http://127.0.0.1:35357/v2.0', - :internal_url => 'http://127.0.0.1:5000/v2.0', - :region => 'RegionOne' - )} - end - - describe 'with overridden parameters' do - - let :params do - { :version => 'v42.6', - :public_url => 'https://identity.some.tld/the/main/endpoint', - :admin_url => 'https://identity-int.some.tld/some/admin/endpoint', - :internal_url => 'https://identity-int.some.tld/some/internal/endpoint', - :region => 'East' - } - end - - it { is_expected.to contain_keystone_endpoint('East/keystone::identity').with( - :ensure => 'present', - :public_url => 'https://identity.some.tld/the/main/endpoint/v42.6', - :admin_url => 'https://identity-int.some.tld/some/admin/endpoint/v42.6', - :internal_url => 'https://identity-int.some.tld/some/internal/endpoint/v42.6', - :region => 'East' - )} - end - - describe 'without a version' do - # We need to test empty value '' to override the default value, using undef - # cannot un-set classes parameters. - let :params do - { :version => '' } - end - - it { is_expected.to contain_keystone_endpoint('RegionOne/keystone::identity').with( - :ensure => 'present', - :public_url => 'http://127.0.0.1:5000', - :admin_url => 'http://127.0.0.1:35357', - :internal_url => 'http://127.0.0.1:5000' - )} - end - - describe 'without internal_url parameter' do - - let :params do - { :public_url => 'https://identity.some.tld/the/main/endpoint' } - end - - it 'internal_url should default to public_url' do - is_expected.to contain_keystone_endpoint('RegionOne/keystone::identity').with( - :ensure => 'present', - :public_url => 'https://identity.some.tld/the/main/endpoint/v2.0', - :internal_url => 'https://identity.some.tld/the/main/endpoint/v2.0' - ) - end - end - - describe 'with domain parameters' do - - let :params do - { :user_domain => 'userdomain', - :project_domain => 'projectdomain', - :default_domain => 'defaultdomain' } - end - - it { is_expected.to contain_keystone__resource__service_identity('keystone').with( - :user_domain => 'userdomain', - :project_domain => 'projectdomain', - :default_domain => 'defaultdomain' - )} - end -end diff --git a/keystone/spec/classes/keystone_federation_identity_provider_spec.rb b/keystone/spec/classes/keystone_federation_identity_provider_spec.rb deleted file mode 100644 index 1b82f92ee..000000000 --- a/keystone/spec/classes/keystone_federation_identity_provider_spec.rb +++ /dev/null @@ -1,111 +0,0 @@ -require 'spec_helper' - -describe 'keystone::federation::identity_provider' do - - let :pre_condition do - "class { 'keystone': - admin_tokend => 'dummy', - service_name => 'httpd', - enable_ssl=> true }" - end - - let :params do - { :user => 'keystone', - :certfile => '/etc/keystone/ssl/certs/signing_cert.pem', - :keyfile => '/etc/keystone/ssl/private/signing_key.pem', - :idp_entity_id => 'https://keystone.example.com/v3/OS-FEDERATION/saml2/idp', - :idp_sso_endpoint => 'https://keystone.example.com/v3/OS-FEDERATION/saml2/sso', - :idp_metadata_path => '/etc/keystone/saml2_idp_metadata.xml' } - end - - let :optional_params do - { :idp_organization_name => 'ExampleCompany', - :idp_organization_display_name => 'Example', - :idp_organization_url => 'www.example.com', - :idp_contact_company => 'someone', - :idp_contact_name => 'name', - :idp_contact_surname => 'surname', - :idp_contact_email => 'name@example.com', - :idp_contact_telephone => '+55000000000', - :idp_contact_type => 'other' } - end - - shared_examples_for 'keystone federation identity provider' do - - it { is_expected.to contain_class('keystone::params') } - - context 'keystone not running under apache' do - let :pre_condition do - "class { 'keystone': - admin_tokend => 'dummy', - service_name => 'keystone', - enable_ssl=> true }" - end - - it_raises 'a Puppet::Error', /Keystone need to be running under Apache for Federation work./ - end - - it 'should have' do - is_expected.to contain_package('xmlsec1').with( - :ensure => 'present', - ) - is_expected.to contain_package('python-pysaml2').with( - :ensure => 'present', - ) - end - - it 'should configure keystone.conf' do - is_expected.to contain_keystone_config('saml/certfile').with_value(params[:certfile]) - is_expected.to contain_keystone_config('saml/keyfile').with_value(params[:keyfile]) - is_expected.to contain_keystone_config('saml/idp_entity_id').with_value(params[:idp_entity_id]) - is_expected.to contain_keystone_config('saml/idp_sso_endpoint').with_value(params[:idp_sso_endpoint]) - is_expected.to contain_keystone_config('saml/idp_metadata_path').with_value(params[:idp_metadata_path]) - end - - it { is_expected.to contain_exec('saml_idp_metadata').with( - :command => "keystone-manage saml_idp_metadata > #{params[:idp_metadata_path]}", - :creates => "#{params[:idp_metadata_path]}", - ) } - - it 'creates saml idp metadata file' do - is_expected.to contain_file("#{params[:idp_metadata_path]}").with( - :ensure => 'present', - :mode => '0600', - :owner => 'keystone', - ) - end - - context 'configure Keystone with optional params' do - before :each do - params.merge!(optional_params) - end - - it 'should configure keystone.conf' do - is_expected.to contain_keystone_config('saml/certfile').with_value(params[:certfile]) - is_expected.to contain_keystone_config('saml/keyfile').with_value(params[:keyfile]) - is_expected.to contain_keystone_config('saml/idp_entity_id').with_value(params[:idp_entity_id]) - is_expected.to contain_keystone_config('saml/idp_sso_endpoint').with_value(params[:idp_sso_endpoint]) - is_expected.to contain_keystone_config('saml/idp_metadata_path').with_value(params[:idp_metadata_path]) - is_expected.to contain_keystone_config('saml/idp_organization_name').with_value(params[:idp_organization_name]) - is_expected.to contain_keystone_config('saml/idp_organization_display_name').with_value(params[:idp_organization_display_name]) - is_expected.to contain_keystone_config('saml/idp_organization_url').with_value(params[:idp_organization_url]) - is_expected.to contain_keystone_config('saml/idp_contact_company').with_value(params[:idp_contact_company]) - is_expected.to contain_keystone_config('saml/idp_contact_name').with_value(params[:idp_contact_name]) - is_expected.to contain_keystone_config('saml/idp_contact_surname').with_value(params[:idp_contact_surname]) - is_expected.to contain_keystone_config('saml/idp_contact_email').with_value(params[:idp_contact_email]) - is_expected.to contain_keystone_config('saml/idp_contact_telephone').with_value(params[:idp_contact_telephone]) - is_expected.to contain_keystone_config('saml/idp_contact_type').with_value(params[:idp_contact_type]) - end - end - - context 'with invalid values for idp_contact_type' do - before do - params.merge!(:idp_contact_type => 'foobar') - end - - it_raises 'a Puppet::Error', /Allowed values for idp_contact_type are: technical, support, administrative, billing and other/ - end - - end - -end diff --git a/keystone/spec/classes/keystone_federation_mellon_spec.rb b/keystone/spec/classes/keystone_federation_mellon_spec.rb deleted file mode 100644 index 05802552c..000000000 --- a/keystone/spec/classes/keystone_federation_mellon_spec.rb +++ /dev/null @@ -1,115 +0,0 @@ -require 'spec_helper' - -describe 'keystone::federation::mellon' do - - let(:pre_condition) do - <<-EOS - include apache - - class { 'keystone::wsgi::apache': } - EOS - end - - let :params do - { :methods => 'password, token, saml2', - :idp_name => 'myidp', - :protocol_name => 'saml2', - :template_order => 331, - } - end - - context 'with invalid params' do - before do - params.merge!({:methods => 'external, password, token, oauth1'}) - it_raises 'a Puppet::Error', /The external method should be dropped to avoid any interference with some Apache + Mellon SP setups, where a REMOTE_USER env variable is always set, even as an empty value./ - end - - before do - params.merge!({:methods => 'password, token, oauth1'}) - it_raises 'a Puppet::Error', /Methods should contain saml2 as one of the auth methods./ - end - - before do - params.merge!({:methods => 'password, token, oauth1, saml2', - :module_plugin => 'keystone.auth.plugins'}) - it_raises 'a Puppet::Error', /The plugin for saml and mellon should be keystone.auth.plugins.mapped.Mapped/ - end - - before do - params.merge!({:admin_port => false, - :main_port => false}) - it_raises 'a Puppet::Error', /No VirtualHost port to configure, please choose at least one./ - end - - before do - params.merge!({:template_port => 330}) - it_raises 'a Puppet::Error', /The template order should be greater than 330 and less than 999./ - end - - before do - params.merge!({:template_port => 999}) - it_raises 'a Puppet::Error', /The template order should be greater than 330 and less than 999./ - end - end - - shared_examples 'Federation Mellon' do - context 'with only required parameters' do - it 'should have basic params for mellon in Keystone configuration' do - is_expected.to contain_keystone_config('auth/methods').with_value('password, token, saml2') - is_expected.to contain_keystone_config('auth/saml2').with_value('keystone.auth.plugins.mapped.Mapped') - end - - it { is_expected.to contain_concat__fragment('configure_mellon_on_port_5000').with({ - # This need to change if priority is changed in keystone::wsgi::apache - :target => "10-keystone_wsgi_main.conf", - :order => params[:template_order], - })} - end - - context 'with override default parameters' do - before do - params.merge!({ - :admin_port => true }) - end - - it 'should have basic params for mellon in Keystone configuration' do - is_expected.to contain_keystone_config('auth/methods').with_value('password, token, saml2') - is_expected.to contain_keystone_config('auth/saml2').with_value('keystone.auth.plugins.mapped.Mapped') - end - - it { is_expected.to contain_concat__fragment('configure_mellon_on_port_5000').with({ - # This need to change if priority is changed in keystone::wsgi::apache - :target => "10-keystone_wsgi_main.conf", - :order => params[:template_order], - })} - - it { is_expected.to contain_concat__fragment('configure_mellon_on_port_35357').with({ - # This need to change if priority is changed in keystone::wsgi::apache - :target => "10-keystone_wsgi_admin.conf", - :order => params[:template_order], - })} - end - end - - on_supported_os({ - :supported_os => OSDefaults.get_supported_os - }).each do |os,facts| - context "on #{os}" do - let (:facts) do - facts.merge(OSDefaults.get_facts({ - :concat_basedir => '/var/lib/puppet/concat' - })) - end - - it_behaves_like 'Federation Mellon' - - case [:osfamily] - when 'Debian' - it { is_expected.to contain_package('libapache2-mod-auth-mellon') } - when 'RedHat' - it { is_expected.to contain_package('mod_auth_mellon') } - end - end - end -end - diff --git a/keystone/spec/classes/keystone_federation_shibboleth.rb b/keystone/spec/classes/keystone_federation_shibboleth.rb deleted file mode 100644 index 7f0d4ba18..000000000 --- a/keystone/spec/classes/keystone_federation_shibboleth.rb +++ /dev/null @@ -1,114 +0,0 @@ -require 'spec_helper' - -describe 'keystone::federation::shibboleth' do - - describe 'with invalid params' do - before do - params.merge!(:methods => 'external, password, token, oauth1') - end - - it_raises 'a Puppet::Error', /The external method should be dropped to avoid any interference with some Apache + Shibboleth SP setups, where a REMOTE_USER env variable is always set, even as an empty value./ - - before do - params.merge!(:methods => 'password, token, oauth1') - end - - it_raises 'a Puppet::Error', /Methods should contain saml2 as one of the auth methods./ - - before do - params.merge!(:methods => 'password, token, oauth1, saml2', - :module_plugin => 'keystone.auth.plugins') - end - - it_raises 'a Puppet:Error', /The plugin for saml and shibboleth should be keystone.auth.plugins.mapped.Mapped/ - - before do - params.merge!(:admin_port => false, - :main_port => false) - end - - it_raises 'a Puppet:Error', /No VirtualHost port to configure, please choose at least one./ - - befode do - params.merge!(:template_port => 330) - end - - it_raises 'a Puppet:Error', /The template order should be greater than 330 and less than 999./ - - befode do - params.merge!(:template_port => 999) - end - - it_raises 'a Puppet:Error', /The template order should be greater than 330 and less than 999./ - end - - context 'on a RedHat osfamily' do - let :facts do - { :osfamily => 'RedHat', - :operatingsystemrelease => '7.0', - :concat_basedir => '/var/lib/puppet/concat' } - end - - context 'with only required parameters' do - let :params do - { :methods => 'password, token, saml2' } - end - - it 'should have basic params for shibboleth in Keystone configuration' do - is_expected.to contain_keystone_config('auth/methods').with_value('password, token, saml2') - is_expected.to contain_keystone_config('auth/saml2').with_value('keystone.auth.plugins.mapped.Mapped') - end - end - - end - - context 'on a Debian osfamily' do - let :facts do - { :osfamily => 'Debian', - :operatingsystemrelease => '7.8', - :concat_basedir => '/var/lib/puppet/concat' } - end - - context 'with only required parameters' do - let :params do - { :methods => 'password, token, saml2' } - end - - it 'should have basic params for shibboleth in Keystone configuration' do - is_expected.to contain_keystone_config('auth/methods').with_value('password, token, saml2') - is_expected.to contain_keystone_config('auth/saml2').with_value('keystone.auth.plugins.mapped.Mapped') - end - - it { is_expected.to contain_concat__fragment('configure_shibboleth_on_port_5000').with({ - :target => "${keystone::wsgi::apache::priority}-keystone_wsgi_main.conf", - :order => params[:template_order], - })} - end - - context 'with override default parameters' do - let :params do - { :methods => 'password, token, saml2', - :admin_port => true } - end - - it 'should have basic params for shibboleth in Keystone configuration' do - is_expected.to contain_keystone_config('auth/methods').with_value('password, token, saml2') - is_expected.to contain_keystone_config('auth/saml2').with_value('keystone.auth.plugins.mapped.Mapped') - end - - it { is_expected.to contain_class('apache::mod::shib') } - - it { is_expected.to contain_concat__fragment('configure_shibboleth_on_port_5000').with({ - :target => "${keystone::wsgi::apache::priority}-keystone_wsgi_main.conf", - :order => params[:template_order], - })} - - it { is_expected.to contain_concat__fragment('configure_shibboleth_on_port_35357').with({ - :target => "${keystone::wsgi::apache::priority}-keystone_wsgi_admin.conf", - :order => params[:template_order], - })} - end - - end - -end diff --git a/keystone/spec/classes/keystone_ldap_spec.rb b/keystone/spec/classes/keystone_ldap_spec.rb deleted file mode 100644 index b03886c5c..000000000 --- a/keystone/spec/classes/keystone_ldap_spec.rb +++ /dev/null @@ -1,195 +0,0 @@ -require 'spec_helper' - -describe 'keystone::ldap' do - describe 'with basic params' do - let :params do - { - :url => 'ldap://foo', - :user => 'cn=foo,dc=example,dc=com', - :password => 'abcdefg', - :suffix => 'dc=example,dc=com', - :query_scope => 'sub', - :page_size => '50', - :user_tree_dn => 'cn=users,dc=example,dc=com', - :user_filter => '(memberOf=cn=openstack,cn=groups,cn=accounts,dc=example,dc=com)', - :user_objectclass => 'inetUser', - :user_id_attribute => 'uid', - :user_name_attribute => 'cn', - :user_mail_attribute => 'mail', - :user_enabled_attribute => 'UserAccountControl', - :user_enabled_mask => '2', - :user_enabled_default => '512', - :user_enabled_invert => 'False', - :user_attribute_ignore => '', - :user_default_project_id_attribute => 'defaultProject', - :user_allow_create => 'False', - :user_allow_update => 'False', - :user_allow_delete => 'False', - :user_pass_attribute => 'krbPassword', - :user_enabled_emulation => 'True', - :user_enabled_emulation_dn => 'cn=openstack-enabled,cn=groups,cn=accounts,dc=example,dc=com', - :user_additional_attribute_mapping => 'description:name, gecos:name', - :project_tree_dn => 'ou=projects,ou=openstack,dc=example,dc=com', - :project_filter => '', - :project_objectclass => 'organizationalUnit', - :project_id_attribute => 'ou', - :project_member_attribute => 'member', - :project_desc_attribute => 'description', - :project_name_attribute => 'ou', - :project_enabled_attribute => 'enabled', - :project_domain_id_attribute => 'businessCategory', - :project_attribute_ignore => '', - :project_allow_create => 'True', - :project_allow_update => 'True', - :project_allow_delete => 'True', - :project_enabled_emulation => 'False', - :project_enabled_emulation_dn => 'True', - :project_additional_attribute_mapping => 'cn=enabled,ou=openstack,dc=example,dc=com', - :role_tree_dn => 'ou=roles,ou=openstack,dc=example,dc=com', - :role_filter => '', - :role_objectclass => 'organizationalRole', - :role_id_attribute => 'cn', - :role_name_attribute => 'ou', - :role_member_attribute => 'roleOccupant', - :role_attribute_ignore => 'description', - :role_allow_create => 'True', - :role_allow_update => 'True', - :role_allow_delete => 'True', - :role_additional_attribute_mapping => '', - :group_tree_dn => 'ou=groups,ou=openstack,dc=example,dc=com', - :group_filter => 'cn=enabled-groups,cn=groups,cn=accounts,dc=example,dc=com', - :group_objectclass => 'organizationalRole', - :group_id_attribute => 'cn', - :group_name_attribute => 'cn', - :group_member_attribute => 'roleOccupant', - :group_desc_attribute => 'description', - :group_attribute_ignore => '', - :group_allow_create => 'False', - :group_allow_update => 'False', - :group_allow_delete => 'False', - :group_additional_attribute_mapping => '', - :use_tls => 'False', - :tls_cacertdir => '/etc/ssl/certs/', - :tls_cacertfile => '/etc/ssl/certs/ca-certificates.crt', - :tls_req_cert => 'demand', - :identity_driver => 'ldap', - :use_pool => 'True', - :pool_size => 20, - :pool_retry_max => 2, - :pool_retry_delay => 0.2, - :pool_connection_timeout => 222, - :pool_connection_lifetime => 222, - :use_auth_pool => 'True', - :auth_pool_size => 20, - :auth_pool_connection_lifetime => 200, - } - end - it { is_expected.to contain_package('python-ldap') } - it { is_expected.to contain_package('python-ldappool') } - it 'should have basic params' do - # basic params - is_expected.to contain_keystone_config('ldap/url').with_value('ldap://foo') - is_expected.to contain_keystone_config('ldap/user').with_value('cn=foo,dc=example,dc=com') - is_expected.to contain_keystone_config('ldap/password').with_value('abcdefg').with_secret(true) - is_expected.to contain_keystone_config('ldap/suffix').with_value('dc=example,dc=com') - is_expected.to contain_keystone_config('ldap/query_scope').with_value('sub') - is_expected.to contain_keystone_config('ldap/page_size').with_value('50') - - # users - is_expected.to contain_keystone_config('ldap/user_tree_dn').with_value('cn=users,dc=example,dc=com') - is_expected.to contain_keystone_config('ldap/user_filter').with_value('(memberOf=cn=openstack,cn=groups,cn=accounts,dc=example,dc=com)') - is_expected.to contain_keystone_config('ldap/user_objectclass').with_value('inetUser') - is_expected.to contain_keystone_config('ldap/user_id_attribute').with_value('uid') - is_expected.to contain_keystone_config('ldap/user_name_attribute').with_value('cn') - is_expected.to contain_keystone_config('ldap/user_mail_attribute').with_value('mail') - is_expected.to contain_keystone_config('ldap/user_enabled_attribute').with_value('UserAccountControl') - is_expected.to contain_keystone_config('ldap/user_enabled_mask').with_value('2') - is_expected.to contain_keystone_config('ldap/user_enabled_default').with_value('512') - is_expected.to contain_keystone_config('ldap/user_enabled_invert').with_value('False') - is_expected.to contain_keystone_config('ldap/user_attribute_ignore').with_value('') - is_expected.to contain_keystone_config('ldap/user_default_project_id_attribute').with_value('defaultProject') - is_expected.to contain_keystone_config('ldap/user_tree_dn').with_value('cn=users,dc=example,dc=com') - is_expected.to contain_keystone_config('ldap/user_allow_create').with_value('False') - is_expected.to contain_keystone_config('ldap/user_allow_update').with_value('False') - is_expected.to contain_keystone_config('ldap/user_allow_delete').with_value('False') - is_expected.to contain_keystone_config('ldap/user_pass_attribute').with_value('krbPassword') - is_expected.to contain_keystone_config('ldap/user_enabled_emulation').with_value('True') - is_expected.to contain_keystone_config('ldap/user_enabled_emulation_dn').with_value('cn=openstack-enabled,cn=groups,cn=accounts,dc=example,dc=com') - is_expected.to contain_keystone_config('ldap/user_additional_attribute_mapping').with_value('description:name, gecos:name') - - # projects - is_expected.to contain_keystone_config('ldap/project_tree_dn').with_value('ou=projects,ou=openstack,dc=example,dc=com') - is_expected.to contain_keystone_config('ldap/project_filter').with_value('') - is_expected.to contain_keystone_config('ldap/project_objectclass').with_value('organizationalUnit') - is_expected.to contain_keystone_config('ldap/project_id_attribute').with_value('ou') - is_expected.to contain_keystone_config('ldap/project_member_attribute').with_value('member') - is_expected.to contain_keystone_config('ldap/project_desc_attribute').with_value('description') - is_expected.to contain_keystone_config('ldap/project_name_attribute').with_value('ou') - is_expected.to contain_keystone_config('ldap/project_enabled_attribute').with_value('enabled') - is_expected.to contain_keystone_config('ldap/project_domain_id_attribute').with_value('businessCategory') - is_expected.to contain_keystone_config('ldap/project_attribute_ignore').with_value('') - is_expected.to contain_keystone_config('ldap/project_allow_create').with_value('True') - is_expected.to contain_keystone_config('ldap/project_allow_update').with_value('True') - is_expected.to contain_keystone_config('ldap/project_allow_delete').with_value('True') - is_expected.to contain_keystone_config('ldap/project_enabled_emulation').with_value('False') - is_expected.to contain_keystone_config('ldap/project_enabled_emulation_dn').with_value('True') - is_expected.to contain_keystone_config('ldap/project_additional_attribute_mapping').with_value('cn=enabled,ou=openstack,dc=example,dc=com') - - # roles - is_expected.to contain_keystone_config('ldap/role_tree_dn').with_value('ou=roles,ou=openstack,dc=example,dc=com') - is_expected.to contain_keystone_config('ldap/role_filter').with_value('') - is_expected.to contain_keystone_config('ldap/role_objectclass').with_value('organizationalRole') - is_expected.to contain_keystone_config('ldap/role_id_attribute').with_value('cn') - is_expected.to contain_keystone_config('ldap/role_name_attribute').with_value('ou') - is_expected.to contain_keystone_config('ldap/role_member_attribute').with_value('roleOccupant') - is_expected.to contain_keystone_config('ldap/role_attribute_ignore').with_value('description') - is_expected.to contain_keystone_config('ldap/role_allow_create').with_value('True') - is_expected.to contain_keystone_config('ldap/role_allow_update').with_value('True') - is_expected.to contain_keystone_config('ldap/role_allow_delete').with_value('True') - is_expected.to contain_keystone_config('ldap/role_additional_attribute_mapping').with_value('') - - # groups - is_expected.to contain_keystone_config('ldap/group_tree_dn').with_value('ou=groups,ou=openstack,dc=example,dc=com') - is_expected.to contain_keystone_config('ldap/group_filter').with_value('cn=enabled-groups,cn=groups,cn=accounts,dc=example,dc=com') - is_expected.to contain_keystone_config('ldap/group_objectclass').with_value('organizationalRole') - is_expected.to contain_keystone_config('ldap/group_id_attribute').with_value('cn') - is_expected.to contain_keystone_config('ldap/group_member_attribute').with_value('roleOccupant') - is_expected.to contain_keystone_config('ldap/group_desc_attribute').with_value('description') - is_expected.to contain_keystone_config('ldap/group_name_attribute').with_value('cn') - is_expected.to contain_keystone_config('ldap/group_attribute_ignore').with_value('') - is_expected.to contain_keystone_config('ldap/group_allow_create').with_value('False') - is_expected.to contain_keystone_config('ldap/group_allow_update').with_value('False') - is_expected.to contain_keystone_config('ldap/group_allow_delete').with_value('False') - is_expected.to contain_keystone_config('ldap/group_additional_attribute_mapping').with_value('') - - # tls - is_expected.to contain_keystone_config('ldap/use_tls').with_value('False') - is_expected.to contain_keystone_config('ldap/tls_cacertdir').with_value('/etc/ssl/certs/') - is_expected.to contain_keystone_config('ldap/tls_cacertfile').with_value('/etc/ssl/certs/ca-certificates.crt') - is_expected.to contain_keystone_config('ldap/tls_req_cert').with_value('demand') - - # ldap pooling - is_expected.to contain_keystone_config('ldap/use_pool').with_value('True') - is_expected.to contain_keystone_config('ldap/pool_size').with_value('20') - is_expected.to contain_keystone_config('ldap/pool_retry_max').with_value('2') - is_expected.to contain_keystone_config('ldap/pool_retry_delay').with_value('0.2') - is_expected.to contain_keystone_config('ldap/pool_connection_timeout').with_value('222') - is_expected.to contain_keystone_config('ldap/pool_connection_lifetime').with_value('222') - is_expected.to contain_keystone_config('ldap/use_auth_pool').with_value('True') - is_expected.to contain_keystone_config('ldap/auth_pool_size').with_value('20') - is_expected.to contain_keystone_config('ldap/auth_pool_connection_lifetime').with_value('200') - - # drivers - is_expected.to contain_keystone_config('identity/driver').with_value('ldap') - end - end - - describe 'with packages unmanaged' do - let :params do - { :manage_packages => false } - end - it { is_expected.to_not contain_package('python-ldap') } - it { is_expected.to_not contain_package('python-ldappool') } - end - -end diff --git a/keystone/spec/classes/keystone_logging_spec.rb b/keystone/spec/classes/keystone_logging_spec.rb deleted file mode 100644 index d82558d47..000000000 --- a/keystone/spec/classes/keystone_logging_spec.rb +++ /dev/null @@ -1,146 +0,0 @@ -require 'spec_helper' - -describe 'keystone::logging' do - - let :params do - { - } - end - - let :log_params do - { - :logging_context_format_string => '%(asctime)s.%(msecs)03d %(process)d %(levelname)s %(name)s [%(request_id)s %(user_identity)s] %(instance)s%(message)s', - :logging_default_format_string => '%(asctime)s.%(msecs)03d %(process)d %(levelname)s %(name)s [-] %(instance)s%(message)s', - :logging_debug_format_suffix => '%(funcName)s %(pathname)s:%(lineno)d', - :logging_exception_prefix => '%(asctime)s.%(msecs)03d %(process)d TRACE %(name)s %(instance)s', - :log_config_append => '/etc/keystone/logging.conf', - :publish_errors => true, - :default_log_levels => { - 'amqp' => 'WARN', 'amqplib' => 'WARN', 'boto' => 'WARN', - 'qpid' => 'WARN', 'sqlalchemy' => 'WARN', 'suds' => 'INFO', - 'iso8601' => 'WARN', - 'requests.packages.urllib3.connectionpool' => 'WARN' }, - :fatal_deprecations => true, - :instance_format => '[instance: %(uuid)s] ', - :instance_uuid_format => '[instance: %(uuid)s] ', - :log_date_format => '%Y-%m-%d %H:%M:%S', - :use_syslog => true, - :use_stderr => false, - :log_facility => 'LOG_FOO', - :log_dir => '/var/log', - :log_file => '/var/tmp/keystone_random.log', - :verbose => true, - :debug => true, - } - end - - shared_examples 'basic default logging settings' do - it 'configures glance logging settins with default values' do - is_expected.to contain_keystone_config('DEFAULT/use_syslog').with(:value => '') - is_expected.to contain_keystone_config('DEFAULT/use_stderr').with(:value => '') - is_expected.to contain_keystone_config('DEFAULT/log_dir').with(:value => '/var/log/keystone') - is_expected.to contain_keystone_config('DEFAULT/log_file').with(:value => '') - is_expected.to contain_keystone_config('DEFAULT/verbose').with(:value => '') - is_expected.to contain_keystone_config('DEFAULT/debug').with(:value => '') - end - end - - shared_examples 'basic non-default logging settings' do - it 'configures glance logging settins with non-default values' do - is_expected.to contain_keystone_config('DEFAULT/use_syslog').with(:value => 'true') - is_expected.to contain_keystone_config('DEFAULT/use_stderr').with(:value => 'false') - is_expected.to contain_keystone_config('DEFAULT/syslog_log_facility').with(:value => 'LOG_FOO') - is_expected.to contain_keystone_config('DEFAULT/log_dir').with(:value => '/var/log') - is_expected.to contain_keystone_config('DEFAULT/log_file').with(:value => '/var/tmp/keystone_random.log') - is_expected.to contain_keystone_config('DEFAULT/verbose').with(:value => 'true') - is_expected.to contain_keystone_config('DEFAULT/debug').with(:value => 'true') - end - end - - shared_examples_for 'keystone-logging' do - - context 'with basic logging options and default settings' do - it_configures 'basic default logging settings' - end - - context 'with basic logging options and non-default settings' do - before { params.merge!( log_params ) } - it_configures 'basic non-default logging settings' - end - - context 'with extended logging options' do - before { params.merge!( log_params ) } - it_configures 'logging params set' - end - - context 'without extended logging options' do - it_configures 'logging params unset' - end - - end - - shared_examples_for 'logging params set' do - it 'enables logging params' do - is_expected.to contain_keystone_config('DEFAULT/logging_context_format_string').with_value( - '%(asctime)s.%(msecs)03d %(process)d %(levelname)s %(name)s [%(request_id)s %(user_identity)s] %(instance)s%(message)s') - - is_expected.to contain_keystone_config('DEFAULT/logging_default_format_string').with_value( - '%(asctime)s.%(msecs)03d %(process)d %(levelname)s %(name)s [-] %(instance)s%(message)s') - - is_expected.to contain_keystone_config('DEFAULT/logging_debug_format_suffix').with_value( - '%(funcName)s %(pathname)s:%(lineno)d') - - is_expected.to contain_keystone_config('DEFAULT/logging_exception_prefix').with_value( - '%(asctime)s.%(msecs)03d %(process)d TRACE %(name)s %(instance)s') - - is_expected.to contain_keystone_config('DEFAULT/log_config_append').with_value( - '/etc/keystone/logging.conf') - is_expected.to contain_keystone_config('DEFAULT/publish_errors').with_value( - true) - - is_expected.to contain_keystone_config('DEFAULT/default_log_levels').with_value( - 'amqp=WARN,amqplib=WARN,boto=WARN,iso8601=WARN,qpid=WARN,requests.packages.urllib3.connectionpool=WARN,sqlalchemy=WARN,suds=INFO') - - is_expected.to contain_keystone_config('DEFAULT/fatal_deprecations').with_value( - true) - - is_expected.to contain_keystone_config('DEFAULT/instance_format').with_value( - '[instance: %(uuid)s] ') - - is_expected.to contain_keystone_config('DEFAULT/instance_uuid_format').with_value( - '[instance: %(uuid)s] ') - - is_expected.to contain_keystone_config('DEFAULT/log_date_format').with_value( - '%Y-%m-%d %H:%M:%S') - end - end - - - shared_examples_for 'logging params unset' do - [ :logging_context_format_string, :logging_default_format_string, - :logging_debug_format_suffix, :logging_exception_prefix, - :log_config_append, :publish_errors, - :default_log_levels, :fatal_deprecations, - :instance_format, :instance_uuid_format, - :log_date_format, ].each { |param| - it { is_expected.to contain_keystone_config("DEFAULT/#{param}").with_value('') } - } - end - - context 'on Debian platforms' do - let :facts do - @default_facts.merge({ :osfamily => 'Debian' }) - end - - it_configures 'keystone-logging' - end - - context 'on RedHat platforms' do - let :facts do - @default_facts.merge({ :osfamily => 'RedHat' }) - end - - it_configures 'keystone-logging' - end - -end diff --git a/keystone/spec/classes/keystone_policy_spec.rb b/keystone/spec/classes/keystone_policy_spec.rb deleted file mode 100644 index 1414df6fb..000000000 --- a/keystone/spec/classes/keystone_policy_spec.rb +++ /dev/null @@ -1,41 +0,0 @@ -require 'spec_helper' - -describe 'keystone::policy' do - - shared_examples_for 'keystone policies' do - let :params do - { - :policy_path => '/etc/keystone/policy.json', - :policies => { - 'context_is_admin' => { - 'key' => 'context_is_admin', - 'value' => 'foo:bar' - } - } - } - end - - it 'set up the policies' do - is_expected.to contain_openstacklib__policy__base('context_is_admin').with({ - :key => 'context_is_admin', - :value => 'foo:bar' - }) - end - end - - context 'on Debian platforms' do - let :facts do - @default_facts.merge({ :osfamily => 'Debian' }) - end - - it_configures 'keystone policies' - end - - context 'on RedHat platforms' do - let :facts do - @default_facts.merge({ :osfamily => 'RedHat' }) - end - - it_configures 'keystone policies' - end -end diff --git a/keystone/spec/classes/keystone_roles_admin_spec.rb b/keystone/spec/classes/keystone_roles_admin_spec.rb deleted file mode 100644 index f55bd721a..000000000 --- a/keystone/spec/classes/keystone_roles_admin_spec.rb +++ /dev/null @@ -1,196 +0,0 @@ -require 'spec_helper' -describe 'keystone::roles::admin' do - - describe 'with only the required params set' do - - let :params do - { - :email => 'foo@bar', - :password => 'ChangeMe', - :service_tenant => 'services' - } - end - - it { is_expected.to contain_keystone_tenant('services').with( - :ensure => 'present', - :enabled => true, - :description => 'Tenant for the openstack services' - )} - it { is_expected.to contain_keystone_tenant('openstack').with( - :ensure => 'present', - :enabled => true, - :description => 'admin tenant' - )} - it { is_expected.to contain_keystone_user('admin').with( - :ensure => 'present', - :enabled => true, - :email => 'foo@bar', - :password => 'ChangeMe', - )} - it { is_expected.to contain_keystone_role('admin').with_ensure('present') } - it { is_expected.to contain_keystone_user_role('admin@openstack').with( - :roles => ['admin'], - :ensure => 'present', - :user_domain => nil, - :project_domain => nil, - )} - - end - - describe 'when overriding optional params' do - - let :params do - { - :admin => 'admin', - :email => 'foo@baz', - :password => 'foo', - :admin_tenant => 'admin', - :admin_roles => ['admin', 'heat_stack_owner'], - :service_tenant => 'foobar', - :admin_tenant_desc => 'admin something else', - :service_tenant_desc => 'foobar description', - } - end - - it { is_expected.to contain_keystone_tenant('foobar').with( - :ensure => 'present', - :enabled => true, - :description => 'foobar description' - )} - it { is_expected.to contain_keystone_tenant('admin').with( - :ensure => 'present', - :enabled => true, - :description => 'admin something else' - )} - it { is_expected.to contain_keystone_user('admin').with( - :ensure => 'present', - :enabled => true, - :email => 'foo@baz', - :password => 'foo', - )} - it { is_expected.to contain_keystone_user_role('admin@admin').with( - :roles => ['admin', 'heat_stack_owner'], - :ensure => 'present', - :user_domain => nil, - :project_domain => nil, - )} - - end - - describe 'when disabling user configuration' do - before do - let :params do - { - :configure_user => false - } - end - - it { is_expected.to_not contain_keystone_user('keystone') } - it { is_expected.to contain_keystone_user_role('keystone@openstack') } - end - end - - describe 'when disabling user and role configuration' do - before do - let :params do - { - :configure_user => false, - :configure_user_role => false - } - end - - it { is_expected.to_not contain_keystone_user('keystone') } - it { is_expected.to_not contain_keystone_user_role('keystone@openstack') } - end - end - - describe 'when specifying admin_user_domain and admin_project_domain' do - let :params do - { - :email => 'foo@bar', - :password => 'ChangeMe', - :admin_tenant => 'admin_tenant', - :admin_user_domain => 'admin_user_domain', - :admin_project_domain => 'admin_project_domain', - } - end - it { is_expected.to contain_keystone_user('admin').with( - :domain => 'admin_user_domain', - )} - it { is_expected.to contain_keystone_tenant('admin_tenant').with(:domain => 'admin_project_domain') } - it { is_expected.to contain_keystone_domain('admin_user_domain') } - it { is_expected.to contain_keystone_domain('admin_project_domain') } - it { is_expected.to contain_keystone_user_role('admin@admin_tenant').with( - :roles => ['admin'], - :ensure => 'present', - :user_domain => 'admin_user_domain', - :project_domain => 'admin_project_domain', - )} - - end - - describe 'when specifying admin_user_domain and admin_project_domain' do - let :params do - { - :email => 'foo@bar', - :password => 'ChangeMe', - :admin_tenant => 'admin_tenant::admin_project_domain', - :admin_user_domain => 'admin_user_domain', - :admin_project_domain => 'admin_project_domain', - } - end - it { is_expected.to contain_keystone_user('admin').with( - :domain => 'admin_user_domain', - )} - it { is_expected.to contain_keystone_tenant('admin_tenant::admin_project_domain').with(:domain => 'admin_project_domain') } - it { is_expected.to contain_keystone_domain('admin_user_domain') } - it { is_expected.to contain_keystone_domain('admin_project_domain') } - it { is_expected.to contain_keystone_user_role('admin@admin_tenant::admin_project_domain').with( - :roles => ['admin'], - :ensure => 'present', - :user_domain => 'admin_user_domain', - :project_domain => 'admin_project_domain', - )} - - end - - describe 'when specifying a service domain' do - let :params do - { - :email => 'foo@bar', - :password => 'ChangeMe', - :service_tenant => 'service_project', - :service_project_domain => 'service_domain' - } - end - it { is_expected.to contain_keystone_tenant('service_project').with(:domain => 'service_domain') } - it { is_expected.to contain_keystone_domain('service_domain') } - - end - - describe 'when specifying a service domain and service tenant domain' do - let :params do - { - :email => 'foo@bar', - :password => 'ChangeMe', - :service_tenant => 'service_project::service_domain', - :service_project_domain => 'service_domain' - } - end - it { is_expected.to contain_keystone_tenant('service_project::service_domain').with(:domain => 'service_domain') } - it { is_expected.to contain_keystone_domain('service_domain') } - - end - - describe 'when admin_user_domain and admin_project_domain are equal' do - let :params do - { - :email => 'foo@bar', - :password => 'ChangeMe', - :admin_user_domain => 'admin_domain', - :admin_project_domain => 'admin_domain', - } - end - it { is_expected.to contain_keystone_domain('admin_domain') } - end -end diff --git a/keystone/spec/classes/keystone_service_spec.rb b/keystone/spec/classes/keystone_service_spec.rb deleted file mode 100644 index ea69e1923..000000000 --- a/keystone/spec/classes/keystone_service_spec.rb +++ /dev/null @@ -1,33 +0,0 @@ -require 'spec_helper' - -describe 'keystone::service' do - - describe "with default parameters" do - it { is_expected.to contain_service('keystone').with( - :ensure => nil, - :enable => true, - :hasstatus => true, - :hasrestart => true, - :tag => 'keystone-service', - ) } - it { is_expected.to_not contain_exec('validate_keystone_connection') } - end - - describe "with validation on" do - let :params do - { - :validate => 'true', - :admin_token => 'admintoken' - } - end - - it { is_expected.to contain_service('keystone').with( - :ensure => nil, - :enable => true, - :hasstatus => true, - :hasrestart => true, - :tag => 'keystone-service', - ) } - it { is_expected.to contain_exec('validate_keystone_connection') } - end -end diff --git a/keystone/spec/classes/keystone_spec.rb b/keystone/spec/classes/keystone_spec.rb deleted file mode 100644 index c9afc5e74..000000000 --- a/keystone/spec/classes/keystone_spec.rb +++ /dev/null @@ -1,1039 +0,0 @@ -require 'spec_helper' - -describe 'keystone' do - - let :global_facts do - { - :processorcount => 42, - :concat_basedir => '/var/lib/puppet/concat', - :fqdn => 'some.host.tld' - } - end - - let :facts do - @default_facts.merge(global_facts.merge({ - :osfamily => 'Debian', - :operatingsystem => 'Debian', - :operatingsystemrelease => '7.0', - :processorcount => '1' - })) - end - - default_params = { - 'admin_token' => 'service_token', - 'package_ensure' => 'present', - 'client_package_ensure' => 'present', - 'public_bind_host' => '0.0.0.0', - 'admin_bind_host' => '0.0.0.0', - 'public_port' => '5000', - 'admin_port' => '35357', - 'verbose' => false, - 'debug' => false, - 'use_stderr' => true, - 'catalog_type' => 'sql', - 'catalog_driver' => false, - 'token_provider' => 'uuid', - 'token_driver' => 'sql', - 'revoke_driver' => 'sql', - 'revoke_by_id' => true, - 'cache_dir' => '/var/cache/keystone', - 'memcache_servers' => '', - 'cache_backend' => '', - 'cache_backend_argument' => '', - 'cache_enabled' => '', - 'cache_memcache_servers' => '', - 'enable_ssl' => false, - 'ssl_certfile' => '/etc/keystone/ssl/certs/keystone.pem', - 'ssl_keyfile' => '/etc/keystone/ssl/private/keystonekey.pem', - 'ssl_ca_certs' => '/etc/keystone/ssl/certs/ca.pem', - 'ssl_ca_key' => '/etc/keystone/ssl/private/cakey.pem', - 'ssl_cert_subject' => '/C=US/ST=Unset/L=Unset/O=Unset/CN=localhost', - 'enabled' => true, - 'manage_service' => true, - 'database_connection' => 'sqlite:////var/lib/keystone/keystone.db', - 'database_idle_timeout' => '200', - 'enable_pki_setup' => false, - 'signing_certfile' => '/etc/keystone/ssl/certs/signing_cert.pem', - 'signing_keyfile' => '/etc/keystone/ssl/private/signing_key.pem', - 'signing_ca_certs' => '/etc/keystone/ssl/certs/ca.pem', - 'signing_ca_key' => '/etc/keystone/ssl/private/cakey.pem', - 'rabbit_host' => '', - 'rabbit_password' => '', - 'rabbit_userid' => '', - 'rabbit_heartbeat_timeout_threshold' => '', - 'rabbit_heartbeat_rate' => '', - 'admin_workers' => 20, - 'public_workers' => 20, - 'paste_config' => '', - 'sync_db' => true, - } - - override_params = { - 'package_ensure' => 'latest', - 'client_package_ensure' => 'latest', - 'public_bind_host' => '0.0.0.0', - 'admin_bind_host' => '0.0.0.0', - 'public_port' => '5001', - 'admin_port' => '35358', - 'admin_token' => 'service_token_override', - 'verbose' => true, - 'debug' => true, - 'use_stderr' => false, - 'catalog_type' => 'template', - 'token_provider' => 'uuid', - 'token_driver' => 'kvs', - 'revoke_driver' => 'kvs', - 'revoke_by_id' => false, - 'public_endpoint' => 'https://localhost:5000/v2.0/', - 'admin_endpoint' => 'https://localhost:35357/v2.0/', - 'enable_ssl' => true, - 'ssl_certfile' => '/etc/keystone/ssl/certs/keystone.pem', - 'ssl_keyfile' => '/etc/keystone/ssl/private/keystonekey.pem', - 'ssl_ca_certs' => '/etc/keystone/ssl/certs/ca.pem', - 'ssl_ca_key' => '/etc/keystone/ssl/private/cakey.pem', - 'ssl_cert_subject' => '/C=US/ST=Unset/L=Unset/O=Unset/CN=localhost', - 'enabled' => false, - 'manage_service' => true, - 'database_connection' => 'mysql://a:b@c/d', - 'database_idle_timeout' => '300', - 'enable_pki_setup' => true, - 'signing_certfile' => '/etc/keystone/ssl/certs/signing_cert.pem', - 'signing_keyfile' => '/etc/keystone/ssl/private/signing_key.pem', - 'signing_ca_certs' => '/etc/keystone/ssl/certs/ca.pem', - 'signing_ca_key' => '/etc/keystone/ssl/private/cakey.pem', - 'rabbit_host' => '127.0.0.1', - 'rabbit_password' => 'openstack', - 'rabbit_userid' => 'admin', - 'rabbit_heartbeat_timeout_threshold' => '60', - 'rabbit_heartbeat_rate' => '10', - 'rabbit_ha_queues' => true, - 'default_domain' => 'other_domain', - 'paste_config' => '/usr/share/keystone/keystone-paste.ini', - 'using_domain_config' => false - } - - httpd_params = {'service_name' => 'httpd'}.merge(default_params) - - shared_examples_for 'core keystone examples' do |param_hash| - it { is_expected.to contain_class('keystone::logging') } - it { is_expected.to contain_class('keystone::params') } - - it { is_expected.to contain_package('keystone').with( - 'ensure' => param_hash['package_ensure'], - 'tag' => ['openstack', 'keystone-package'], - ) } - - it { is_expected.to contain_class('keystone::client').with( - 'ensure' => param_hash['client_package_ensure'], - ) } - - it 'should synchronize the db if $sync_db is true' do - if param_hash['sync_db'] - is_expected.to contain_exec('keystone-manage db_sync').with( - :command => 'keystone-manage db_sync', - :user => 'keystone', - :refreshonly => true, - :subscribe => ['Anchor[keystone::install::end]', - 'Anchor[keystone::config::end]', - 'Anchor[keystone::dbsync::begin]'], - :notify => 'Anchor[keystone::dbsync::end]', - ) - end - end - - it 'should bootstrap $enable_bootstrap is true' do - if param_hash['enable_bootstrap'] - is_expected.to contain_exec('keystone-manage bootstrap').with( - :command => 'keystone-manage bootstrap --bootstrap-password service_token', - :user => 'keystone', - :refreshonly => true - ) - end - end - - it 'should contain correct config' do - [ - 'public_bind_host', - 'admin_bind_host', - 'public_port', - 'admin_port', - 'verbose', - 'debug', - 'use_stderr' - ].each do |config| - is_expected.to contain_keystone_config("DEFAULT/#{config}").with_value(param_hash[config]) - end - end - - it 'should contain correct admin_token config' do - is_expected.to contain_keystone_config('DEFAULT/admin_token').with_value(param_hash['admin_token']).with_secret(true) - end - - it 'should contain correct mysql config' do - is_expected.to contain_keystone_config('database/idle_timeout').with_value(param_hash['database_idle_timeout']) - is_expected.to contain_keystone_config('database/connection').with_value(param_hash['database_connection']).with_secret(true) - end - - it { is_expected.to contain_keystone_config('token/provider').with_value( - param_hash['token_provider'] - ) } - - it 'should contain correct token driver' do - is_expected.to contain_keystone_config('token/driver').with_value(param_hash['token_driver']) - end - - it 'should contain correct revoke driver' do - is_expected.to contain_keystone_config('revoke/driver').with_value(param_hash['revoke_driver']) - end - - it 'should contain default revoke_by_id value ' do - is_expected.to contain_keystone_config('token/revoke_by_id').with_value(param_hash['revoke_by_id']) - end - - it 'should contain default paste_config' do - is_expected.to contain_keystone_config('paste_deploy/config_file').with_value(param_hash['paste_config']) - end - - it 'should ensure proper setting of admin_endpoint and public_endpoint' do - if param_hash['admin_endpoint'] - is_expected.to contain_keystone_config('DEFAULT/admin_endpoint').with_value(param_hash['admin_endpoint']) - else - is_expected.to contain_keystone_config('DEFAULT/admin_endpoint').with_value('') - end - if param_hash['public_endpoint'] - is_expected.to contain_keystone_config('DEFAULT/public_endpoint').with_value(param_hash['public_endpoint']) - else - is_expected.to contain_keystone_config('DEFAULT/public_endpoint').with_value('') - end - end - - it 'should contain correct rabbit_password' do - is_expected.to contain_keystone_config('oslo_messaging_rabbit/rabbit_password').with_value(param_hash['rabbit_password']).with_secret(true) - end - - it 'should contain correct rabbit heartbeat configuration' do - is_expected.to contain_keystone_config('oslo_messaging_rabbit/heartbeat_timeout_threshold').with_value(param_hash['rabbit_heartbeat_timeout_threshold']) - is_expected.to contain_keystone_config('oslo_messaging_rabbit/heartbeat_rate').with_value(param_hash['rabbit_heartbeat_rate']) - end - - it 'should remove max_token_size param by default' do - is_expected.to contain_keystone_config('DEFAULT/max_token_size').with_value('') - end - - it 'should ensure proper setting of admin_workers and public_workers' do - if param_hash['admin_workers'] - is_expected.to contain_keystone_config('eventlet_server/admin_workers').with_value(param_hash['admin_workers']) - else - is_expected.to contain_keystone_config('eventlet_server/admin_workers').with_value('2') - end - if param_hash['public_workers'] - is_expected.to contain_keystone_config('eventlet_server/public_workers').with_value(param_hash['public_workers']) - else - is_expected.to contain_keystone_config('eventlet_server/public_workers').with_value('2') - end - end - - it 'should ensure rabbit_ha_queues' do - if param_hash['rabbit_ha_queues'] - is_expected.to contain_keystone_config('oslo_messaging_rabbit/rabbit_ha_queues').with_value(param_hash['rabbit_ha_queues']) - else - is_expected.to contain_keystone_config('oslo_messaging_rabbit/rabbit_ha_queues').with_value(false) - end - - end - - if param_hash['default_domain'] - it { is_expected.to contain_keystone_domain(param_hash['default_domain']).with(:is_default => true) } - it { is_expected.to contain_anchor('default_domain_created') } - end - end - - [default_params, override_params].each do |param_hash| - describe "when #{param_hash == default_params ? "using default" : "specifying"} class parameters for service" do - - let :params do - param_hash - end - - it_configures 'core keystone examples', param_hash - - it { is_expected.to contain_service('keystone').with( - 'ensure' => (param_hash['manage_service'] && param_hash['enabled']) ? 'running' : 'stopped', - 'enable' => param_hash['enabled'], - 'hasstatus' => true, - 'hasrestart' => true, - 'tag' => 'keystone-service', - ) } - - it { is_expected.to contain_anchor('keystone::service::end') } - - end - end - - shared_examples_for "when using default class parameters for httpd" do - let :params do - httpd_params - end - - let :pre_condition do - 'include ::keystone::wsgi::apache' - end - - it_configures 'core keystone examples', httpd_params - - it do - expect { - is_expected.to contain_service(platform_parameters[:service_name]).with('ensure' => 'running') - }.to raise_error(RSpec::Expectations::ExpectationNotMetError, /expected that the catalogue would contain Service\[#{platform_parameters[:service_name]}\]/) - end - - it { is_expected.to contain_class('keystone::service').with( - 'ensure' => 'stopped', - 'service_name' => platform_parameters[:service_name], - 'enable' => false, - 'validate' => false - )} - it { is_expected.to contain_service('httpd').with_before(/Anchor\[keystone::service::end\]/) } - it { is_expected.to contain_exec('restart_keystone').with( - 'command' => "service #{platform_parameters[:httpd_service_name]} restart", - ) } - end - - describe 'when using invalid service name for keystone' do - let (:params) { {'service_name' => 'foo'}.merge(default_params) } - - it_raises 'a Puppet::Error', /Invalid service_name/ - end - - describe 'with disabled service managing' do - let :params do - { :admin_token => 'service_token', - :manage_service => false, - :enabled => false } - end - - it { is_expected.to contain_service('keystone').with( - 'ensure' => nil, - 'enable' => false, - 'hasstatus' => true, - 'hasrestart' => true - ) } - it { is_expected.to contain_anchor('keystone::service::end') } - end - - describe 'when configuring signing token provider' do - - describe 'when configuring as UUID' do - let :params do - { - 'admin_token' => 'service_token', - 'token_provider' => 'keystone.token.providers.uuid.Provider' - } - end - - describe 'pki_setup is disabled by default' do - it { is_expected.to_not contain_exec('keystone-manage pki_setup') } - it { is_expected.to_not contain_file('/var/cache/keystone').with_ensure('directory') } - end - end - - describe 'when configuring as PKI' do - let :params do - { - 'enable_pki_setup' => true, - 'admin_token' => 'service_token', - 'token_provider' => 'pki' - } - end - - it { is_expected.to contain_file('/var/cache/keystone').with_ensure('directory') } - - describe 'when overriding the cache dir' do - before do - params.merge!(:cache_dir => '/var/lib/cache/keystone') - end - it { is_expected.to contain_file('/var/lib/cache/keystone') } - end - - it { is_expected.to contain_exec('keystone-manage pki_setup').with( - :command => 'keystone-manage pki_setup --keystone-user keystone --keystone-group keystone', - :creates => '/etc/keystone/ssl/private/signing_key.pem' - ) } - it { is_expected.to contain_file('/var/cache/keystone').with_ensure('directory') } - - describe 'when overriding the cache dir' do - before do - params.merge!(:cache_dir => '/var/lib/cache/keystone') - end - it { is_expected.to contain_file('/var/lib/cache/keystone') } - end - end - - describe 'when configuring PKI signing cert paths with UUID and with pki_setup disabled' do - let :params do - { - 'admin_token' => 'service_token', - 'token_provider' => 'uuid', - 'enable_pki_setup' => false, - 'signing_certfile' => 'signing_certfile', - 'signing_keyfile' => 'signing_keyfile', - 'signing_ca_certs' => 'signing_ca_certs', - 'signing_ca_key' => 'signing_ca_key', - 'signing_cert_subject' => 'signing_cert_subject', - 'signing_key_size' => 2048 - } - end - - it { is_expected.to_not contain_exec('keystone-manage pki_setup') } - - it 'should contain correct PKI certfile config' do - is_expected.to contain_keystone_config('signing/certfile').with_value('signing_certfile') - end - - it 'should contain correct PKI keyfile config' do - is_expected.to contain_keystone_config('signing/keyfile').with_value('signing_keyfile') - end - - it 'should contain correct PKI ca_certs config' do - is_expected.to contain_keystone_config('signing/ca_certs').with_value('signing_ca_certs') - end - - it 'should contain correct PKI ca_key config' do - is_expected.to contain_keystone_config('signing/ca_key').with_value('signing_ca_key') - end - - it 'should contain correct PKI cert_subject config' do - is_expected.to contain_keystone_config('signing/cert_subject').with_value('signing_cert_subject') - end - - it 'should contain correct PKI key_size config' do - is_expected.to contain_keystone_config('signing/key_size').with_value('2048') - end - end - - describe 'when configuring PKI signing cert paths with pki_setup disabled' do - let :params do - { - 'admin_token' => 'service_token', - 'token_provider' => 'pki', - 'enable_pki_setup' => false, - 'signing_certfile' => 'signing_certfile', - 'signing_keyfile' => 'signing_keyfile', - 'signing_ca_certs' => 'signing_ca_certs', - 'signing_ca_key' => 'signing_ca_key', - 'signing_cert_subject' => 'signing_cert_subject', - 'signing_key_size' => 2048 - } - end - - it { is_expected.to_not contain_exec('keystone-manage pki_setup') } - - it 'should contain correct PKI certfile config' do - is_expected.to contain_keystone_config('signing/certfile').with_value('signing_certfile') - end - - it 'should contain correct PKI keyfile config' do - is_expected.to contain_keystone_config('signing/keyfile').with_value('signing_keyfile') - end - - it 'should contain correct PKI ca_certs config' do - is_expected.to contain_keystone_config('signing/ca_certs').with_value('signing_ca_certs') - end - - it 'should contain correct PKI ca_key config' do - is_expected.to contain_keystone_config('signing/ca_key').with_value('signing_ca_key') - end - - it 'should contain correct PKI cert_subject config' do - is_expected.to contain_keystone_config('signing/cert_subject').with_value('signing_cert_subject') - end - - it 'should contain correct PKI key_size config' do - is_expected.to contain_keystone_config('signing/key_size').with_value('2048') - end - end - - describe 'with invalid catalog_type' do - let :params do - { :admin_token => 'service_token', - :catalog_type => 'invalid' } - end - - it_raises "a Puppet::Error", /validate_re\(\): "invalid" does not match "template|sql"/ - end - - describe 'when configuring catalog driver' do - let :params do - { :admin_token => 'service_token', - :catalog_driver => 'alien' } - end - - it { is_expected.to contain_keystone_config('catalog/driver').with_value(params[:catalog_driver]) } - end - end - - describe 'when configuring token expiration' do - let :params do - { - 'admin_token' => 'service_token', - 'token_expiration' => '42', - } - end - - it { is_expected.to contain_keystone_config("token/expiration").with_value('42') } - end - - describe 'when not configuring token expiration' do - let :params do - { - 'admin_token' => 'service_token', - } - end - - it { is_expected.to contain_keystone_config("token/expiration").with_value('3600') } - end - - describe 'when sync_db is set to false' do - let :params do - { - 'admin_token' => 'service_token', - 'sync_db' => false, - } - end - - it { is_expected.not_to contain_exec('keystone-manage db_sync') } - end - - describe 'when enable_bootstrap is set to false' do - let :params do - { - 'admin_token' => 'service_token', - 'enable_bootstrap' => false, - } - end - - it { is_expected.not_to contain_exec('keystone-manage bootstrap') } - end - - describe 'configure memcache servers if set' do - let :params do - { - 'admin_token' => 'service_token', - 'memcache_servers' => [ 'SERVER1:11211', 'SERVER2:11211' ], - 'token_driver' => 'memcache', - 'cache_backend' => 'dogpile.cache.memcached', - 'cache_backend_argument' => ['url:SERVER1:12211'], - 'memcache_dead_retry' => '60', - 'memcache_socket_timeout' => '2', - 'memcache_pool_maxsize' => '1000', - 'memcache_pool_unused_timeout' => '60', - } - end - - it { is_expected.to contain_keystone_config("memcache/servers").with_value('SERVER1:11211,SERVER2:11211') } - it { is_expected.to contain_keystone_config('cache/enabled').with_value(true) } - it { is_expected.to contain_keystone_config('token/caching').with_value('') } - it { is_expected.to contain_keystone_config('cache/backend').with_value('dogpile.cache.memcached') } - it { is_expected.to contain_keystone_config('cache/backend_argument').with_value('url:SERVER1:12211') } - it { is_expected.to contain_keystone_config('memcache/dead_retry').with_value('60') } - it { is_expected.to contain_keystone_config('memcache/socket_timeout').with_value('2') } - it { is_expected.to contain_keystone_config('memcache/pool_maxsize').with_value('1000') } - it { is_expected.to contain_keystone_config('memcache/pool_unused_timeout').with_value('60') } - it { is_expected.to contain_keystone_config('cache/memcache_dead_retry').with_value('60') } - it { is_expected.to contain_keystone_config('cache/memcache_socket_timeout').with_value('2') } - it { is_expected.to contain_keystone_config('cache/memcache_pool_maxsize').with_value('1000') } - it { is_expected.to contain_keystone_config('cache/memcache_pool_unused_timeout').with_value('60') } - it { is_expected.to contain_keystone_config('cache/memcache_servers').with_value('SERVER1:11211,SERVER2:11211') } - it { is_expected.to contain_package('python-memcache').with( - :name => 'python-memcache', - :ensure => 'present' - ) } - end - - describe 'configure cache memcache servers if set' do - let :params do - { - 'admin_token' => 'service_token', - 'memcache_servers' => [ 'SERVER1:11211', 'SERVER2:11211' ], - 'token_driver' => 'memcache', - 'cache_backend' => 'dogpile.cache.memcached', - 'cache_backend_argument' => ['url:SERVER3:12211'], - 'cache_memcache_servers' => [ 'SERVER3:11211', 'SERVER4:11211' ], - 'memcache_dead_retry' => '60', - 'memcache_socket_timeout' => '2', - 'memcache_pool_maxsize' => '1000', - 'memcache_pool_unused_timeout' => '60', - } - end - - it { is_expected.to contain_keystone_config("memcache/servers").with_value('SERVER1:11211,SERVER2:11211') } - it { is_expected.to contain_keystone_config('cache/enabled').with_value(true) } - it { is_expected.to contain_keystone_config('token/caching').with_value('') } - it { is_expected.to contain_keystone_config('cache/backend').with_value('dogpile.cache.memcached') } - it { is_expected.to contain_keystone_config('cache/backend_argument').with_value('url:SERVER3:12211') } - it { is_expected.to contain_keystone_config('memcache/dead_retry').with_value('60') } - it { is_expected.to contain_keystone_config('memcache/socket_timeout').with_value('2') } - it { is_expected.to contain_keystone_config('memcache/pool_maxsize').with_value('1000') } - it { is_expected.to contain_keystone_config('memcache/pool_unused_timeout').with_value('60') } - it { is_expected.to contain_keystone_config('cache/memcache_dead_retry').with_value('60') } - it { is_expected.to contain_keystone_config('cache/memcache_socket_timeout').with_value('2') } - it { is_expected.to contain_keystone_config('cache/memcache_pool_maxsize').with_value('1000') } - it { is_expected.to contain_keystone_config('cache/memcache_pool_unused_timeout').with_value('60') } - it { is_expected.to contain_keystone_config('cache/memcache_servers').with_value('SERVER3:11211,SERVER4:11211') } - it { is_expected.to contain_package('python-memcache').with( - :name => 'python-memcache', - :ensure => 'present' - ) } - end - - describe 'configure cache enabled if set' do - let :params do - { - 'admin_token' => 'service_token', - 'memcache_servers' => [ 'SERVER1:11211', 'SERVER2:11211' ], - 'token_driver' => 'memcache', - 'cache_backend' => 'dogpile.cache.memcached', - 'cache_backend_argument' => ['url:SERVER3:12211'], - 'cache_enabled' => false, - 'cache_memcache_servers' => [ 'SERVER3:11211', 'SERVER4:11211' ], - 'memcache_dead_retry' => '60', - 'memcache_socket_timeout' => '2', - 'memcache_pool_maxsize' => '1000', - 'memcache_pool_unused_timeout' => '60', - } - end - - it { is_expected.to contain_keystone_config("memcache/servers").with_value('SERVER1:11211,SERVER2:11211') } - it { is_expected.to contain_keystone_config('cache/enabled').with_value(false) } - it { is_expected.to contain_keystone_config('token/caching').with_value('') } - it { is_expected.to contain_keystone_config('cache/backend').with_value('dogpile.cache.memcached') } - it { is_expected.to contain_keystone_config('cache/backend_argument').with_value('url:SERVER3:12211') } - it { is_expected.to contain_keystone_config('memcache/dead_retry').with_value('60') } - it { is_expected.to contain_keystone_config('memcache/socket_timeout').with_value('2') } - it { is_expected.to contain_keystone_config('memcache/pool_maxsize').with_value('1000') } - it { is_expected.to contain_keystone_config('memcache/pool_unused_timeout').with_value('60') } - it { is_expected.to contain_keystone_config('cache/memcache_dead_retry').with_value('60') } - it { is_expected.to contain_keystone_config('cache/memcache_socket_timeout').with_value('2') } - it { is_expected.to contain_keystone_config('cache/memcache_pool_maxsize').with_value('1000') } - it { is_expected.to contain_keystone_config('cache/memcache_pool_unused_timeout').with_value('60') } - it { is_expected.to contain_keystone_config('cache/memcache_servers').with_value('SERVER3:11211,SERVER4:11211') } - it { is_expected.to contain_package('python-memcache').with( - :name => 'python-memcache', - :ensure => 'present' - ) } - end - - describe 'configure memcache servers with a string' do - let :params do - default_params.merge({ - 'memcache_servers' => 'SERVER1:11211,SERVER2:11211', - 'cache_memcache_servers' => 'SERVER3:11211,SERVER4:11211' - }) - end - - it { is_expected.to contain_keystone_config("memcache/servers").with_value('SERVER1:11211,SERVER2:11211') } - it { is_expected.to contain_keystone_config('cache/memcache_servers').with_value('SERVER3:11211,SERVER4:11211') } - end - - - describe 'do not configure memcache servers when not set' do - let :params do - default_params - end - - it { is_expected.to contain_keystone_config("cache/enabled").with_value('') } - it { is_expected.to contain_keystone_config("token/caching").with_value('') } - it { is_expected.to contain_keystone_config("cache/backend").with_value('') } - it { is_expected.to contain_keystone_config("cache/backend_argument").with_value('') } - it { is_expected.to contain_keystone_config("cache/debug_cache_backend").with_value('') } - it { is_expected.to contain_keystone_config("memcache/servers").with_value('') } - it { is_expected.to contain_keystone_config('memcache/dead_retry').with_value('') } - it { is_expected.to contain_keystone_config('memcache/pool_maxsize').with_value('') } - it { is_expected.to contain_keystone_config('memcache/pool_unused_timeout').with_value('') } - it { is_expected.to contain_keystone_config('cache/memcache_dead_retry').with_value('') } - it { is_expected.to contain_keystone_config('cache/memcache_socket_timeout').with_value('') } - it { is_expected.to contain_keystone_config('cache/memcache_pool_maxsize').with_value('') } - it { is_expected.to contain_keystone_config('cache/memcache_pool_unused_timeout').with_value('') } - it { is_expected.to contain_keystone_config('cache/memcache_servers').with_value('') } - end - - describe 'when enabling SSL' do - let :params do - { - 'admin_token' => 'service_token', - 'enable_ssl' => true, - 'public_endpoint' => 'https://localhost:5000/v2.0/', - 'admin_endpoint' => 'https://localhost:35357/v2.0/', - } - end - it {is_expected.to contain_keystone_config('ssl/enable').with_value(true)} - it {is_expected.to contain_keystone_config('ssl/certfile').with_value('/etc/keystone/ssl/certs/keystone.pem')} - it {is_expected.to contain_keystone_config('ssl/keyfile').with_value('/etc/keystone/ssl/private/keystonekey.pem')} - it {is_expected.to contain_keystone_config('ssl/ca_certs').with_value('/etc/keystone/ssl/certs/ca.pem')} - it {is_expected.to contain_keystone_config('ssl/ca_key').with_value('/etc/keystone/ssl/private/cakey.pem')} - it {is_expected.to contain_keystone_config('ssl/cert_subject').with_value('/C=US/ST=Unset/L=Unset/O=Unset/CN=localhost')} - it {is_expected.to contain_keystone_config('DEFAULT/public_endpoint').with_value('https://localhost:5000/v2.0/')} - it {is_expected.to contain_keystone_config('DEFAULT/admin_endpoint').with_value('https://localhost:35357/v2.0/')} - end - describe 'when disabling SSL' do - let :params do - { - 'admin_token' => 'service_token', - 'enable_ssl' => false, - } - end - it {is_expected.to contain_keystone_config('ssl/enable').with_value(false)} - it {is_expected.to contain_keystone_config('DEFAULT/public_endpoint').with_value('')} - it {is_expected.to contain_keystone_config('DEFAULT/admin_endpoint').with_value('')} - end - describe 'not setting notification settings by default' do - let :params do - default_params - end - - it { is_expected.to contain_keystone_config('DEFAULT/notification_driver').with_value('') } - it { is_expected.to contain_keystone_config('DEFAULT/notification_topics').with_value('') } - it { is_expected.to contain_keystone_config('DEFAULT/notification_format').with_value('') } - it { is_expected.to contain_keystone_config('DEFAULT/control_exchange').with_value('') } - end - - describe 'with RabbitMQ communication SSLed' do - let :params do - default_params.merge!({ - :rabbit_use_ssl => true, - :kombu_ssl_ca_certs => '/path/to/ssl/ca/certs', - :kombu_ssl_certfile => '/path/to/ssl/cert/file', - :kombu_ssl_keyfile => '/path/to/ssl/keyfile', - :kombu_ssl_version => 'TLSv1' - }) - end - - it do - is_expected.to contain_keystone_config('oslo_messaging_rabbit/rabbit_use_ssl').with_value('true') - is_expected.to contain_keystone_config('oslo_messaging_rabbit/kombu_ssl_ca_certs').with_value('/path/to/ssl/ca/certs') - is_expected.to contain_keystone_config('oslo_messaging_rabbit/kombu_ssl_certfile').with_value('/path/to/ssl/cert/file') - is_expected.to contain_keystone_config('oslo_messaging_rabbit/kombu_ssl_keyfile').with_value('/path/to/ssl/keyfile') - is_expected.to contain_keystone_config('oslo_messaging_rabbit/kombu_ssl_version').with_value('TLSv1') - end - end - - describe 'with RabbitMQ communication not SSLed' do - let :params do - default_params.merge!({ - :rabbit_use_ssl => '', - :kombu_ssl_ca_certs => '', - :kombu_ssl_certfile => '', - :kombu_ssl_keyfile => '', - :kombu_ssl_version => '' - }) - end - - it do - is_expected.to contain_keystone_config('oslo_messaging_rabbit/rabbit_use_ssl').with_value('') - is_expected.to contain_keystone_config('oslo_messaging_rabbit/kombu_ssl_ca_certs').with_value('') - is_expected.to contain_keystone_config('oslo_messaging_rabbit/kombu_ssl_certfile').with_value('') - is_expected.to contain_keystone_config('oslo_messaging_rabbit/kombu_ssl_keyfile').with_value('') - is_expected.to contain_keystone_config('oslo_messaging_rabbit/kombu_ssl_version').with_value('') - end - end - - describe 'when configuring max_token_size' do - let :params do - default_params.merge({:max_token_size => '16384' }) - end - - it { is_expected.to contain_keystone_config('DEFAULT/max_token_size').with_value(params[:max_token_size]) } - end - - describe 'setting notification settings' do - let :params do - default_params.merge({ - :notification_driver => 'keystone.openstack.common.notifier.rpc_notifier', - :notification_topics => 'notifications', - :notification_format => 'cadf', - :control_exchange => 'keystone' - }) - end - - it { is_expected.to contain_keystone_config('DEFAULT/notification_driver').with_value('keystone.openstack.common.notifier.rpc_notifier') } - it { is_expected.to contain_keystone_config('DEFAULT/notification_topics').with_value('notifications') } - it { is_expected.to contain_keystone_config('DEFAULT/notification_format').with_value('cadf') } - it { is_expected.to contain_keystone_config('DEFAULT/control_exchange').with_value('keystone') } - end - - describe 'setting sql policy driver' do - let :params do - default_params.merge({:policy_driver => 'sql' }) - end - - it { is_expected.to contain_keystone_config('policy/driver').with_value('sql') } - end - - describe 'setting sql (default) catalog' do - let :params do - default_params - end - - it { is_expected.to contain_keystone_config('catalog/driver').with_value('sql') } - end - - describe 'setting default template catalog' do - let :params do - { - :admin_token => 'service_token', - :catalog_type => 'template' - } - end - - it { is_expected.to contain_keystone_config('catalog/driver').with_value('templated') } - it { is_expected.to contain_keystone_config('catalog/template_file').with_value('/etc/keystone/default_catalog.templates') } - end - - describe 'with overridden validation_auth_url' do - let :params do - { - :admin_token => 'service_token', - :validate_service => true, - :validate_auth_url => 'http://some.host:35357/v2.0', - :admin_endpoint => 'http://some.host:35357' - } - end - - it { is_expected.to contain_keystone_config('DEFAULT/admin_endpoint').with_value('http://some.host:35357') } - it { is_expected.to contain_class('keystone::service').with( - 'validate' => true, - 'admin_endpoint' => 'http://some.host:35357/v2.0' - )} - end - - describe 'with service validation' do - let :params do - { - :admin_token => 'service_token', - :validate_service => true, - :admin_endpoint => 'http://some.host:35357' - } - end - - it { is_expected.to contain_class('keystone::service').with( - 'validate' => true, - 'admin_endpoint' => 'http://some.host:35357' - )} - end - - describe 'setting another template catalog' do - let :params do - { - :admin_token => 'service_token', - :catalog_type => 'template', - :catalog_template_file => '/some/template_file' - } - end - - it { is_expected.to contain_keystone_config('catalog/driver').with_value('templated') } - it { is_expected.to contain_keystone_config('catalog/template_file').with_value('/some/template_file') } - end - - describe 'setting service_provider' do - let :facts do - @default_facts.merge(global_facts.merge({ - :osfamily => 'RedHat', - :operatingsystemrelease => '6.0' - })) - end - - describe 'with default service_provider' do - let :params do - { 'admin_token' => 'service_token' } - end - - it { is_expected.to contain_service('keystone').with( - :provider => nil - )} - end - - describe 'with overrided service_provider' do - let :params do - { - 'admin_token' => 'service_token', - 'service_provider' => 'pacemaker' - } - end - - it { is_expected.to contain_service('keystone').with( - :provider => 'pacemaker' - )} - end - end - - describe 'when using fernet tokens' do - describe 'when enabling fernet_setup' do - let :params do - default_params.merge({ - 'enable_fernet_setup' => true, - 'fernet_max_active_keys' => 5, - 'revoke_by_id' => false, - 'keystone_user' => 'keystone', - 'keystone_group' => 'keystone' - }) - end - - it { is_expected.to contain_exec('keystone-manage fernet_setup').with( - :command => 'keystone-manage fernet_setup --keystone-user keystone --keystone-group keystone', - :creates => '/etc/keystone/fernet-keys/0' - ) } - it { is_expected.to contain_keystone_config('fernet_tokens/max_active_keys').with_value(5)} - it { is_expected.to contain_keystone_config('token/revoke_by_id').with_value(false)} - end - - describe 'when overriding the fernet key directory' do - let :params do - default_params.merge({ - 'enable_fernet_setup' => true, - 'fernet_key_repository' => '/var/lib/fernet-keys', - }) - end - it { is_expected.to contain_exec('keystone-manage fernet_setup').with( - :creates => '/var/lib/fernet-keys/0' - ) } - - end - end - - shared_examples_for "when configuring default domain" do - describe 'with default domain and eventlet service is managed and enabled' do - let :params do - default_params.merge({ - 'default_domain'=> 'test', - }) - end - it { is_expected.to contain_exec('restart_keystone').with( - 'command' => "service #{platform_parameters[:service_name]} restart", - ) } - it { is_expected.to contain_anchor('default_domain_created') } - end - describe 'with default domain and wsgi service is managed and enabled' do - let :pre_condition do - 'include ::apache' - end - let :params do - default_params.merge({ - 'default_domain'=> 'test', - 'service_name' => 'httpd', - }) - end - it { is_expected.to contain_anchor('default_domain_created') } - end - describe 'with default domain and service is not managed' do - let :params do - default_params.merge({ - 'default_domain' => 'test', - 'manage_service' => false, - }) - end - it { is_expected.to_not contain_exec('restart_keystone') } - it { is_expected.to contain_anchor('default_domain_created') } - end - end - - context 'on RedHat platforms' do - let :facts do - @default_facts.merge(global_facts.merge({ - :osfamily => 'RedHat', - :operatingsystemrelease => '7.0' - })) - end - - let :platform_parameters do - { - :service_name => 'openstack-keystone', - :httpd_service_name => 'httpd', - } - end - - it_configures 'when using default class parameters for httpd' - it_configures 'when configuring default domain' - end - - context 'on Debian platforms' do - let :facts do - @default_facts.merge(global_facts.merge({ - :osfamily => 'Debian', - :operatingsystem => 'Debian', - :operatingsystemrelease => '7.0' - })) - end - - let :platform_parameters do - { - :service_name => 'keystone', - :httpd_service_name => 'apache2', - } - end - - it_configures 'when using default class parameters for httpd' - it_configures 'when configuring default domain' - end - - describe "when configuring using_domain_config" do - describe 'with default config' do - let :params do - default_params - end - it { is_expected.to_not contain_file('/etc/keystone/domains') } - end - describe 'when using domain config' do - let :params do - default_params.merge({ - 'using_domain_config'=> true, - }) - end - it { is_expected.to contain_file('/etc/keystone/domains').with( - 'ensure' => "directory", - ) } - it { is_expected - .to contain_keystone_config('identity/domain_specific_drivers_enabled') - .with('value' => true, - ) } - it { is_expected - .to contain_keystone_config('identity/domain_config_dir') - .with('value' => '/etc/keystone/domains', - ) } - end - describe 'when using domain config and a wrong directory' do - let :params do - default_params.merge({ - 'using_domain_config'=> true, - 'domain_config_directory' => 'this/is/not/an/absolute/path' - }) - end - it 'should raise an error' do - expect { should contain_file('/etc/keystone/domains') } - .to raise_error(Puppet::Error, %r(this/is/not/an/absolute/path" is not)) - end - end - describe 'when setting domain directory and not using domain config' do - let :params do - default_params.merge({ - 'using_domain_config'=> false, - 'domain_config_directory' => '/this/is/an/absolute/path' - }) - end - it 'should raise an error' do - expect { should contain_file('/etc/keystone/domains') } - .to raise_error(Puppet::Error, %r(You must activate domain)) - end - end - describe 'when setting domain directory and using domain config' do - let :params do - default_params.merge({ - 'using_domain_config'=> true, - 'domain_config_directory' => '/this/is/an/absolute/path' - }) - end - it { is_expected.to contain_file('/this/is/an/absolute/path').with( - 'ensure' => "directory", - ) } - end - end -end diff --git a/keystone/spec/classes/keystone_wsgi_apache_spec.rb b/keystone/spec/classes/keystone_wsgi_apache_spec.rb deleted file mode 100644 index 502bd6c5d..000000000 --- a/keystone/spec/classes/keystone_wsgi_apache_spec.rb +++ /dev/null @@ -1,357 +0,0 @@ -require 'spec_helper' - -describe 'keystone::wsgi::apache' do - - let :global_facts do - { - :processorcount => 42, - :concat_basedir => '/var/lib/puppet/concat', - :fqdn => 'some.host.tld' - } - end - - let :pre_condition do - [ - 'class { keystone: admin_token => "dummy", service_name => "httpd", enable_ssl => true }' - ] - end - - shared_examples_for 'apache serving keystone with mod_wsgi' do - it { is_expected.to contain_service('httpd').with_name(platform_parameters[:httpd_service_name]) } - it { is_expected.to contain_class('keystone::params') } - it { is_expected.to contain_class('apache') } - it { is_expected.to contain_class('apache::mod::wsgi') } - it { is_expected.to contain_class('keystone::db::sync') } - - describe 'with default parameters' do - - it { is_expected.to contain_file("#{platform_parameters[:wsgi_script_path]}").with( - 'ensure' => 'directory', - 'owner' => 'keystone', - 'group' => 'keystone', - 'require' => 'Anchor[keystone::install::end]', - )} - - it { is_expected.to contain_file('keystone_wsgi_admin').with( - 'ensure' => 'file', - 'path' => "#{platform_parameters[:wsgi_script_path]}/keystone-admin", - 'source' => platform_parameters[:wsgi_admin_script_source], - 'owner' => 'keystone', - 'group' => 'keystone', - 'mode' => '0644', - 'require' => "File[#{platform_parameters[:wsgi_script_path]}]", - )} - - it { is_expected.to contain_file('keystone_wsgi_main').with( - 'ensure' => 'file', - 'path' => "#{platform_parameters[:wsgi_script_path]}/keystone-public", - 'source' => platform_parameters[:wsgi_public_script_source], - 'owner' => 'keystone', - 'group' => 'keystone', - 'mode' => '0644', - 'require' => "File[#{platform_parameters[:wsgi_script_path]}]", - )} - - it { is_expected.to contain_apache__vhost('keystone_wsgi_admin').with( - 'servername' => 'some.host.tld', - 'ip' => nil, - 'port' => '35357', - 'docroot' => "#{platform_parameters[:wsgi_script_path]}", - 'docroot_owner' => 'keystone', - 'docroot_group' => 'keystone', - 'ssl' => 'true', - 'wsgi_daemon_process' => 'keystone_admin', - 'wsgi_daemon_process_options' => { - 'user' => 'keystone', - 'group' => 'keystone', - 'processes' => '1', - 'threads' => '42', - 'display-name' => 'keystone-admin', - }, - 'wsgi_process_group' => 'keystone_admin', - 'wsgi_script_aliases' => { '/' => "#{platform_parameters[:wsgi_script_path]}/keystone-admin" }, - 'wsgi_application_group' => '%{GLOBAL}', - 'wsgi_pass_authorization' => 'On', - 'headers' => nil, - 'require' => 'File[keystone_wsgi_admin]', - 'access_log_format' => false, - )} - - it { is_expected.to contain_apache__vhost('keystone_wsgi_main').with( - 'servername' => 'some.host.tld', - 'ip' => nil, - 'port' => '5000', - 'docroot' => "#{platform_parameters[:wsgi_script_path]}", - 'docroot_owner' => 'keystone', - 'docroot_group' => 'keystone', - 'ssl' => 'true', - 'wsgi_daemon_process' => 'keystone_main', - 'wsgi_daemon_process_options' => { - 'user' => 'keystone', - 'group' => 'keystone', - 'processes' => '1', - 'threads' => '42', - 'display-name' => 'keystone-main', - }, - 'wsgi_process_group' => 'keystone_main', - 'wsgi_script_aliases' => { '/' => "#{platform_parameters[:wsgi_script_path]}/main" }, - 'wsgi_application_group' => '%{GLOBAL}', - 'wsgi_pass_authorization' => 'On', - 'headers' => nil, - 'require' => 'File[keystone_wsgi_main]', - 'access_log_format' => false, - )} - it { is_expected.to contain_file("#{platform_parameters[:httpd_ports_file]}") } - end - - describe 'when overriding parameters using different ports' do - let :params do - { - :servername => 'dummy.host', - :bind_host => '10.42.51.1', - :admin_bind_host => '10.42.51.2', - :public_port => 12345, - :admin_port => 4142, - :ssl => false, - :workers => 37, - :vhost_custom_fragment => 'LimitRequestFieldSize 81900' - } - end - - it { is_expected.to contain_apache__vhost('keystone_wsgi_admin').with( - 'servername' => 'dummy.host', - 'ip' => '10.42.51.2', - 'port' => '4142', - 'docroot' => "#{platform_parameters[:wsgi_script_path]}", - 'docroot_owner' => 'keystone', - 'docroot_group' => 'keystone', - 'ssl' => 'false', - 'wsgi_daemon_process' => 'keystone_admin', - 'wsgi_daemon_process_options' => { - 'user' => 'keystone', - 'group' => 'keystone', - 'processes' => '37', - 'threads' => '42', - 'display-name' => 'keystone-admin', - }, - 'wsgi_process_group' => 'keystone_admin', - 'wsgi_script_aliases' => { '/' => "#{platform_parameters[:wsgi_script_path]}/keystone-admin" }, - 'wsgi_application_group' => '%{GLOBAL}', - 'wsgi_pass_authorization' => 'On', - 'require' => 'File[keystone_wsgi_admin]', - 'custom_fragment' => 'LimitRequestFieldSize 81900' - )} - - it { is_expected.to contain_apache__vhost('keystone_wsgi_main').with( - 'servername' => 'dummy.host', - 'ip' => '10.42.51.1', - 'port' => '12345', - 'docroot' => "#{platform_parameters[:wsgi_script_path]}", - 'docroot_owner' => 'keystone', - 'docroot_group' => 'keystone', - 'ssl' => 'false', - 'wsgi_daemon_process' => 'keystone_main', - 'wsgi_daemon_process_options' => { - 'user' => 'keystone', - 'group' => 'keystone', - 'processes' => '37', - 'threads' => '42', - 'display-name' => 'keystone-main', - }, - 'wsgi_process_group' => 'keystone_main', - 'wsgi_script_aliases' => { '/' => "#{platform_parameters[:wsgi_script_path]}/main" }, - 'wsgi_application_group' => '%{GLOBAL}', - 'wsgi_pass_authorization' => 'On', - 'require' => 'File[keystone_wsgi_main]', - 'custom_fragment' => 'LimitRequestFieldSize 81900' - )} - - it { is_expected.to contain_file("#{platform_parameters[:httpd_ports_file]}") } - end - - describe 'when admin_bind_host is not set default to bind_host' do - let :params do - { - :servername => 'dummy.host', - :bind_host => '10.42.51.1', - :public_port => 12345, - :admin_port => 4142, - :ssl => false, - :workers => 37, - :vhost_custom_fragment => 'LimitRequestFieldSize 81900' - } - end - - it { is_expected.to contain_apache__vhost('keystone_wsgi_admin').with( - 'ip' => '10.42.51.1' - )} - - it { is_expected.to contain_apache__vhost('keystone_wsgi_main').with( - 'ip' => '10.42.51.1' - )} - - it { is_expected.to contain_file("#{platform_parameters[:httpd_ports_file]}") } - end - - - - - describe 'when overriding parameters using same port' do - let :params do - { - :servername => 'dummy.host', - :public_port => 4242, - :admin_port => 4242, - :public_path => '/main/endpoint/', - :admin_path => '/admin/endpoint/', - :ssl => true, - :workers => 37, - } - end - - it { is_expected.to_not contain_apache__vhost('keystone_wsgi_admin') } - - it { is_expected.to contain_apache__vhost('keystone_wsgi_main').with( - 'servername' => 'dummy.host', - 'ip' => nil, - 'port' => '4242', - 'docroot' => "#{platform_parameters[:wsgi_script_path]}", - 'docroot_owner' => 'keystone', - 'docroot_group' => 'keystone', - 'ssl' => 'true', - 'wsgi_daemon_process' => 'keystone_main', - 'wsgi_daemon_process_options' => { - 'user' => 'keystone', - 'group' => 'keystone', - 'processes' => '37', - 'threads' => '42', - 'display-name' => 'keystone-main', - }, - 'wsgi_process_group' => 'keystone_main', - 'wsgi_script_aliases' => { - '/main/endpoint' => "#{platform_parameters[:wsgi_script_path]}/keystone-public", - '/admin/endpoint' => "#{platform_parameters[:wsgi_script_path]}/keystone-admin" - }, - 'wsgi_application_group' => '%{GLOBAL}', - 'wsgi_pass_authorization' => 'On', - 'require' => 'File[keystone_wsgi_main]' - )} - end - - describe 'when overriding parameters using same port and same path' do - let :params do - { - :servername => 'dummy.host', - :public_port => 4242, - :admin_port => 4242, - :public_path => '/endpoint/', - :admin_path => '/endpoint/', - :ssl => true, - :workers => 37, - } - end - - it_raises 'a Puppet::Error', /When using the same port for public & private endpoints, public_path and admin_path should be different\./ - end - - describe 'when overriding default apache logging' do - let :params do - { - :servername => 'dummy.host', - :access_log_format => 'foo', - } - end - it { is_expected.to contain_apache__vhost('keystone_wsgi_main').with( - 'servername' => 'dummy.host', - 'access_log_format' => 'foo', - )} - end - - describe 'when overriding parameters using symlink and custom file source' do - let :params do - { - :wsgi_script_ensure => 'link', - :wsgi_script_source => '/opt/keystone/httpd/keystone.py', - } - end - - it { is_expected.to contain_file('keystone_wsgi_admin').with( - 'ensure' => 'link', - 'path' => "#{platform_parameters[:wsgi_script_path]}/keystone-admin", - 'target' => '/opt/keystone/httpd/keystone.py', - 'owner' => 'keystone', - 'group' => 'keystone', - 'mode' => '0644', - 'require' => "File[#{platform_parameters[:wsgi_script_path]}]", - )} - - it { is_expected.to contain_file('keystone_wsgi_main').with( - 'ensure' => 'link', - 'path' => "#{platform_parameters[:wsgi_script_path]}/keystone-public", - 'target' => '/opt/keystone/httpd/keystone.py', - 'owner' => 'keystone', - 'group' => 'keystone', - 'mode' => '0644', - 'require' => "File[#{platform_parameters[:wsgi_script_path]}]", - )} - end - - describe 'when overriding parameters using wsgi chunked request' do - let :params do - { - :wsgi_chunked_request => 'On' - } - end - - it { is_expected.to contain_apache__vhost('keystone_wsgi_admin').with( - 'wsgi_chunked_request' => 'On' - )} - it { is_expected.to contain_apache__vhost('keystone_wsgi_main').with( - 'wsgi_chunked_request' => 'On' - )} - end - - describe 'when overriding parameters using additional headers' do - let :params do - { - :headers => 'set X-Frame-Options "DENY"' - } - end - - it { is_expected.to contain_apache__vhost('keystone_wsgi_admin').with( - 'headers' => 'set X-Frame-Options "DENY"' - )} - it { is_expected.to contain_apache__vhost('keystone_wsgi_main').with( - 'headers' => 'set X-Frame-Options "DENY"' - )} - end - end - - on_supported_os({ - }).each do |os,facts| - let (:facts) do - facts.merge!(OSDefaults.get_facts({})) - end - - let(:platform_params) do - case facts[:osfamily] - when 'Debian' - { - :httpd_service_name => 'apache2', - :httpd_ports_file => '/etc/apache2/ports.conf', - :wsgi_script_path => '/usr/lib/cgi-bin/keystone', - :wsgi_admin_script_source => '/usr/bin/keystone-wsgi-admin', - :wsgi_public_script_source => '/usr/bin/keystone-wsgi-public' - } - when 'RedHat' - { - :httpd_service_name => 'httpd', - :httpd_ports_file => '/etc/httpd/conf/ports.conf', - :wsgi_script_path => '/var/www/cgi-bin/keystone', - :wsgi_admin_script_source => '/usr/bin/keystone-wsgi-admin', - :wsgi_public_script_source => '/usr/bin/keystone-wsgi-public' - } - end - end - end -end diff --git a/keystone/spec/defines/keystone_ldap_backend_spec.rb b/keystone/spec/defines/keystone_ldap_backend_spec.rb deleted file mode 100644 index ddd0d9683..000000000 --- a/keystone/spec/defines/keystone_ldap_backend_spec.rb +++ /dev/null @@ -1,241 +0,0 @@ -require 'spec_helper' - -describe 'keystone::ldap_backend' do - describe 'Using Default domain' do - let(:title) { 'Default' } - let(:pre_condition) do - <<-EOM - keystone_config {'identity/domain_specific_drivers_enabled': value => true} - keystone_config {'identity/domain_config_dir': value => '/etc/keystone/domains'} - file {'/etc/keystone/keystone.conf': ensure => present } - EOM - end - describe 'with basic params' do - let :params do - { - :url => 'ldap://foo', - :user => 'cn=foo,dc=example,dc=com', - :password => 'abcdefg', - :suffix => 'dc=example,dc=com', - :query_scope => 'sub', - :page_size => '50', - :user_tree_dn => 'cn=users,dc=example,dc=com', - :user_filter => '(memberOf=cn=openstack,cn=groups,cn=accounts,dc=example,dc=com)', - :user_objectclass => 'inetUser', - :user_id_attribute => 'uid', - :user_name_attribute => 'cn', - :user_mail_attribute => 'mail', - :user_enabled_attribute => 'UserAccountControl', - :user_enabled_mask => '2', - :user_enabled_default => '512', - :user_enabled_invert => 'False', - :user_attribute_ignore => '', - :user_default_project_id_attribute => 'defaultProject', - :user_allow_create => 'False', - :user_allow_update => 'False', - :user_allow_delete => 'False', - :user_pass_attribute => 'krbPassword', - :user_enabled_emulation => 'True', - :user_enabled_emulation_dn => 'cn=openstack-enabled,cn=groups,cn=accounts,dc=example,dc=com', - :user_additional_attribute_mapping => 'description:name, gecos:name', - :project_tree_dn => 'ou=projects,ou=openstack,dc=example,dc=com', - :project_filter => '', - :project_objectclass => 'organizationalUnit', - :project_id_attribute => 'ou', - :project_member_attribute => 'member', - :project_desc_attribute => 'description', - :project_name_attribute => 'ou', - :project_enabled_attribute => 'enabled', - :project_domain_id_attribute => 'businessCategory', - :project_attribute_ignore => '', - :project_allow_create => 'True', - :project_allow_update => 'True', - :project_allow_delete => 'True', - :project_enabled_emulation => 'False', - :project_enabled_emulation_dn => 'True', - :project_additional_attribute_mapping => 'cn=enabled,ou=openstack,dc=example,dc=com', - :role_tree_dn => 'ou=roles,ou=openstack,dc=example,dc=com', - :role_filter => '', - :role_objectclass => 'organizationalRole', - :role_id_attribute => 'cn', - :role_name_attribute => 'ou', - :role_member_attribute => 'roleOccupant', - :role_attribute_ignore => 'description', - :role_allow_create => 'True', - :role_allow_update => 'True', - :role_allow_delete => 'True', - :role_additional_attribute_mapping => '', - :group_tree_dn => 'ou=groups,ou=openstack,dc=example,dc=com', - :group_filter => 'cn=enabled-groups,cn=groups,cn=accounts,dc=example,dc=com', - :group_objectclass => 'organizationalRole', - :group_id_attribute => 'cn', - :group_name_attribute => 'cn', - :group_member_attribute => 'roleOccupant', - :group_desc_attribute => 'description', - :group_attribute_ignore => '', - :group_allow_create => 'False', - :group_allow_update => 'False', - :group_allow_delete => 'False', - :group_additional_attribute_mapping => '', - :use_tls => 'False', - :tls_cacertdir => '/etc/ssl/certs/', - :tls_cacertfile => '/etc/ssl/certs/ca-certificates.crt', - :tls_req_cert => 'demand', - :identity_driver => 'ldap', - :use_pool => 'True', - :pool_size => 20, - :pool_retry_max => 2, - :pool_retry_delay => 0.2, - :pool_connection_timeout => 222, - :pool_connection_lifetime => 222, - :use_auth_pool => 'True', - :auth_pool_size => 20, - :auth_pool_connection_lifetime => 200, - } - end - it { is_expected.to contain_package('python-ldap') } - it { is_expected.to contain_package('python-ldappool') } - it 'should have basic params' do - # basic params - is_expected.to contain_keystone_domain_config('Default::ldap/url').with_value('ldap://foo') - is_expected.to contain_keystone_domain_config('Default::ldap/user').with_value('cn=foo,dc=example,dc=com') - is_expected.to contain_keystone_domain_config('Default::ldap/password').with_value('abcdefg').with_secret(true) - is_expected.to contain_keystone_domain_config('Default::ldap/suffix').with_value('dc=example,dc=com') - is_expected.to contain_keystone_domain_config('Default::ldap/query_scope').with_value('sub') - is_expected.to contain_keystone_domain_config('Default::ldap/page_size').with_value('50') - - # users - is_expected.to contain_keystone_domain_config('Default::ldap/user_tree_dn').with_value('cn=users,dc=example,dc=com') - is_expected.to contain_keystone_domain_config('Default::ldap/user_filter').with_value('(memberOf=cn=openstack,cn=groups,cn=accounts,dc=example,dc=com)') - is_expected.to contain_keystone_domain_config('Default::ldap/user_objectclass').with_value('inetUser') - is_expected.to contain_keystone_domain_config('Default::ldap/user_id_attribute').with_value('uid') - is_expected.to contain_keystone_domain_config('Default::ldap/user_name_attribute').with_value('cn') - is_expected.to contain_keystone_domain_config('Default::ldap/user_mail_attribute').with_value('mail') - is_expected.to contain_keystone_domain_config('Default::ldap/user_enabled_attribute').with_value('UserAccountControl') - is_expected.to contain_keystone_domain_config('Default::ldap/user_enabled_mask').with_value('2') - is_expected.to contain_keystone_domain_config('Default::ldap/user_enabled_default').with_value('512') - is_expected.to contain_keystone_domain_config('Default::ldap/user_enabled_invert').with_value('False') - is_expected.to contain_keystone_domain_config('Default::ldap/user_attribute_ignore').with_value('') - is_expected.to contain_keystone_domain_config('Default::ldap/user_default_project_id_attribute').with_value('defaultProject') - is_expected.to contain_keystone_domain_config('Default::ldap/user_tree_dn').with_value('cn=users,dc=example,dc=com') - is_expected.to contain_keystone_domain_config('Default::ldap/user_allow_create').with_value('False') - is_expected.to contain_keystone_domain_config('Default::ldap/user_allow_update').with_value('False') - is_expected.to contain_keystone_domain_config('Default::ldap/user_allow_delete').with_value('False') - is_expected.to contain_keystone_domain_config('Default::ldap/user_pass_attribute').with_value('krbPassword') - is_expected.to contain_keystone_domain_config('Default::ldap/user_enabled_emulation').with_value('True') - is_expected.to contain_keystone_domain_config('Default::ldap/user_enabled_emulation_dn').with_value('cn=openstack-enabled,cn=groups,cn=accounts,dc=example,dc=com') - is_expected.to contain_keystone_domain_config('Default::ldap/user_additional_attribute_mapping').with_value('description:name, gecos:name') - - # projects - is_expected.to contain_keystone_domain_config('Default::ldap/project_tree_dn').with_value('ou=projects,ou=openstack,dc=example,dc=com') - is_expected.to contain_keystone_domain_config('Default::ldap/project_filter').with_value('') - is_expected.to contain_keystone_domain_config('Default::ldap/project_objectclass').with_value('organizationalUnit') - is_expected.to contain_keystone_domain_config('Default::ldap/project_id_attribute').with_value('ou') - is_expected.to contain_keystone_domain_config('Default::ldap/project_member_attribute').with_value('member') - is_expected.to contain_keystone_domain_config('Default::ldap/project_desc_attribute').with_value('description') - is_expected.to contain_keystone_domain_config('Default::ldap/project_name_attribute').with_value('ou') - is_expected.to contain_keystone_domain_config('Default::ldap/project_enabled_attribute').with_value('enabled') - is_expected.to contain_keystone_domain_config('Default::ldap/project_domain_id_attribute').with_value('businessCategory') - is_expected.to contain_keystone_domain_config('Default::ldap/project_attribute_ignore').with_value('') - is_expected.to contain_keystone_domain_config('Default::ldap/project_allow_create').with_value('True') - is_expected.to contain_keystone_domain_config('Default::ldap/project_allow_update').with_value('True') - is_expected.to contain_keystone_domain_config('Default::ldap/project_allow_delete').with_value('True') - is_expected.to contain_keystone_domain_config('Default::ldap/project_enabled_emulation').with_value('False') - is_expected.to contain_keystone_domain_config('Default::ldap/project_enabled_emulation_dn').with_value('True') - is_expected.to contain_keystone_domain_config('Default::ldap/project_additional_attribute_mapping').with_value('cn=enabled,ou=openstack,dc=example,dc=com') - - # roles - is_expected.to contain_keystone_domain_config('Default::ldap/role_tree_dn').with_value('ou=roles,ou=openstack,dc=example,dc=com') - is_expected.to contain_keystone_domain_config('Default::ldap/role_filter').with_value('') - is_expected.to contain_keystone_domain_config('Default::ldap/role_objectclass').with_value('organizationalRole') - is_expected.to contain_keystone_domain_config('Default::ldap/role_id_attribute').with_value('cn') - is_expected.to contain_keystone_domain_config('Default::ldap/role_name_attribute').with_value('ou') - is_expected.to contain_keystone_domain_config('Default::ldap/role_member_attribute').with_value('roleOccupant') - is_expected.to contain_keystone_domain_config('Default::ldap/role_attribute_ignore').with_value('description') - is_expected.to contain_keystone_domain_config('Default::ldap/role_allow_create').with_value('True') - is_expected.to contain_keystone_domain_config('Default::ldap/role_allow_update').with_value('True') - is_expected.to contain_keystone_domain_config('Default::ldap/role_allow_delete').with_value('True') - is_expected.to contain_keystone_domain_config('Default::ldap/role_additional_attribute_mapping').with_value('') - - # groups - is_expected.to contain_keystone_domain_config('Default::ldap/group_tree_dn').with_value('ou=groups,ou=openstack,dc=example,dc=com') - is_expected.to contain_keystone_domain_config('Default::ldap/group_filter').with_value('cn=enabled-groups,cn=groups,cn=accounts,dc=example,dc=com') - is_expected.to contain_keystone_domain_config('Default::ldap/group_objectclass').with_value('organizationalRole') - is_expected.to contain_keystone_domain_config('Default::ldap/group_id_attribute').with_value('cn') - is_expected.to contain_keystone_domain_config('Default::ldap/group_member_attribute').with_value('roleOccupant') - is_expected.to contain_keystone_domain_config('Default::ldap/group_desc_attribute').with_value('description') - is_expected.to contain_keystone_domain_config('Default::ldap/group_name_attribute').with_value('cn') - is_expected.to contain_keystone_domain_config('Default::ldap/group_attribute_ignore').with_value('') - is_expected.to contain_keystone_domain_config('Default::ldap/group_allow_create').with_value('False') - is_expected.to contain_keystone_domain_config('Default::ldap/group_allow_update').with_value('False') - is_expected.to contain_keystone_domain_config('Default::ldap/group_allow_delete').with_value('False') - is_expected.to contain_keystone_domain_config('Default::ldap/group_additional_attribute_mapping').with_value('') - - # tls - is_expected.to contain_keystone_domain_config('Default::ldap/use_tls').with_value('False') - is_expected.to contain_keystone_domain_config('Default::ldap/tls_cacertdir').with_value('/etc/ssl/certs/') - is_expected.to contain_keystone_domain_config('Default::ldap/tls_cacertfile').with_value('/etc/ssl/certs/ca-certificates.crt') - is_expected.to contain_keystone_domain_config('Default::ldap/tls_req_cert').with_value('demand') - - # ldap pooling - is_expected.to contain_keystone_domain_config('Default::ldap/use_pool').with_value('True') - is_expected.to contain_keystone_domain_config('Default::ldap/pool_size').with_value('20') - is_expected.to contain_keystone_domain_config('Default::ldap/pool_retry_max').with_value('2') - is_expected.to contain_keystone_domain_config('Default::ldap/pool_retry_delay').with_value('0.2') - is_expected.to contain_keystone_domain_config('Default::ldap/pool_connection_timeout').with_value('222') - is_expected.to contain_keystone_domain_config('Default::ldap/pool_connection_lifetime').with_value('222') - is_expected.to contain_keystone_domain_config('Default::ldap/use_auth_pool').with_value('True') - is_expected.to contain_keystone_domain_config('Default::ldap/auth_pool_size').with_value('20') - is_expected.to contain_keystone_domain_config('Default::ldap/auth_pool_connection_lifetime').with_value('200') - - # drivers - is_expected.to contain_keystone_domain_config('Default::identity/driver').with_value('ldap') - end - end - end - - describe 'Using non Default domain' do - let(:title) { 'foobar' } - let :params do - { - :url => 'ldap://foo', - :user => 'cn=foo,dc=example,dc=com' - } - end - let(:pre_condition) do - <<-EOM - keystone_config {'identity/domain_specific_drivers_enabled': value => true} - keystone_config {'identity/domain_config_dir': value => '/etc/keystone/domains'} - file {'/etc/keystone/keystone.conf': ensure => present } - EOM - end - it 'should use the domain from the title' do - is_expected.to contain_keystone_domain_config('foobar::ldap/url').with_value('ldap://foo') - is_expected.to contain_keystone_domain_config('foobar::ldap/user').with_value('cn=foo,dc=example,dc=com') - end - end - - describe 'checks' do - let(:title) { 'domain' } - context 'Missing identity/domain_specific_drivers_enabled' do - let(:pre_condition) do - <<-EOM - keystone_config {'identity/domain_config_dir': value => '/etc/keystone/domains'} - file {'/etc/keystone/keystone.conf': ensure => present } - EOM - end - it_raises 'a Puppet::Error', /You should add/ - end - - context 'Missing identity/domain_config_dir' do - let(:pre_condition) do - <<-EOM - keystone_config {'identity/domain_specific_drivers_enabled': value => true} - file {'/etc/keystone/keystone.conf': ensure => present } - EOM - end - it_raises 'a Puppet::Error', /You should add/ - end - - end -end diff --git a/keystone/spec/defines/keystone_resource_authtoken_spec.rb b/keystone/spec/defines/keystone_resource_authtoken_spec.rb deleted file mode 100644 index 83673ed2c..000000000 --- a/keystone/spec/defines/keystone_resource_authtoken_spec.rb +++ /dev/null @@ -1,198 +0,0 @@ -require 'spec_helper' - -describe 'keystone::resource::authtoken' do - - let (:title) { 'keystone_config' } - - let :required_params do - { :username => 'keystone', - :password => 'secret', - :auth_url => 'http://127.0.0.1:35357/', - :project_name => 'services' } - end - - shared_examples 'shared examples' do - - context 'with only required parameters' do - let :params do - required_params - end - - it { is_expected.to contain_keystone_config('keystone_authtoken/username').with( - :value => 'keystone', - )} - - it { is_expected.to contain_keystone_config('keystone_authtoken/user_id').with( - :ensure => 'absent', - )} - - it { is_expected.to contain_keystone_config('keystone_authtoken/password').with( - :value => 'secret', - :secret => true, - )} - - it { is_expected.to contain_keystone_config('keystone_authtoken/auth_plugin').with( - :value => 'password', - )} - - it { is_expected.to contain_keystone_config('keystone_authtoken/auth_url').with( - :value => 'http://127.0.0.1:35357/', - )} - - it { is_expected.to contain_keystone_config('keystone_authtoken/project_name').with( - :value => 'services', - )} - - it { is_expected.to contain_keystone_config('keystone_authtoken/project_id').with( - :ensure => 'absent', - )} - - it { is_expected.to contain_keystone_config('keystone_authtoken/user_domain_name').with( - :ensure => 'absent', - )} - - it { is_expected.to contain_keystone_config('keystone_authtoken/project_domain_name').with( - :ensure => 'absent', - )} - - it { is_expected.to contain_keystone_config('keystone_authtoken/user_domain_id').with( - :ensure => 'absent', - )} - - it { is_expected.to contain_keystone_config('keystone_authtoken/project_domain_id').with( - :ensure => 'absent', - )} - - it { is_expected.to contain_keystone_config('keystone_authtoken/domain_name').with( - :ensure => 'absent', - )} - - it { is_expected.to contain_keystone_config('keystone_authtoken/domain_id').with( - :ensure => 'absent', - )} - - it { is_expected.to contain_keystone_config('keystone_authtoken/trust_id').with( - :ensure => 'absent', - )} - - it { is_expected.to contain_keystone_config('keystone_authtoken/cacert').with( - :ensure => 'absent', - )} - - it { is_expected.to contain_keystone_config('keystone_authtoken/cert').with( - :ensure => 'absent', - )} - - it { is_expected.to contain_keystone_config('keystone_authtoken/key').with( - :ensure => 'absent', - )} - - it { is_expected.to contain_keystone_config('keystone_authtoken/insecure').with( - :value => 'false', - )} - - end - - context 'when omitting a required parameter password' do - let :params do - required_params.delete(:password) - end - it { expect { is_expected.to raise_error(Puppet::Error) } } - end - - context 'when specifying auth_url' do - let :params do - required_params.merge({:auth_url => 'https://host:11111/v3/'}) - end - it { is_expected.to contain_keystone_config('keystone_authtoken/auth_url').with( - :value => 'https://host:11111/v3/', - )} - - end - - context 'when specifying project and scope_domain' do - let :params do - required_params.merge({:domain_name => 'domain'}) - end - it { expect { is_expected.to raise_error(Puppet::Error, 'Cannot specify both a project (project_name or project_id) and a domain (domain_name or domain_id)') } } - end - - context 'when specifying neither project nor domain' do - let :params do - required_params.delete(:project_name) - end - it { expect { is_expected.to raise_error(Puppet::Error, 'Must specify either a project (project_name or project_id, for a project scoped token) or a domain (domain_name or domain_id, for a domain scoped token)') } } - end - - context 'when specifying domain in name' do - let :params do - required_params.merge({ - :username => 'keystone::userdomain', - :project_name => 'services::projdomain', - :default_domain_name => 'shouldnotuse' - }) - end - it { is_expected.to contain_keystone_config('keystone_authtoken/user_domain_name').with( - :value => 'userdomain', - )} - - it { is_expected.to contain_keystone_config('keystone_authtoken/project_domain_name').with( - :value => 'projdomain', - )} - - end - - context 'when specifying domain in parameters' do - let :params do - required_params.merge({ - :username => 'keystone::userdomain', - :user_domain_name => 'realuserdomain', - :project_name => 'services::projdomain', - :project_domain_name => 'realprojectdomain', - :default_domain_name => 'shouldnotuse' - }) - end - it { is_expected.to contain_keystone_config('keystone_authtoken/user_domain_name').with( - :value => 'realuserdomain', - )} - - it { is_expected.to contain_keystone_config('keystone_authtoken/project_domain_name').with( - :value => 'realprojectdomain', - )} - - end - - context 'when specifying only default domain' do - let :params do - required_params.merge({ - :default_domain_name => 'defaultdomain' - }) - end - it { is_expected.to contain_keystone_config('keystone_authtoken/user_domain_name').with( - :value => 'defaultdomain', - )} - - it { is_expected.to contain_keystone_config('keystone_authtoken/project_domain_name').with( - :value => 'defaultdomain', - )} - - end - - end - - context 'on a Debian osfamily' do - let :facts do - @default_facts.merge({ :osfamily => "Debian" }) - end - - include_examples 'shared examples' - end - - context 'on a RedHat osfamily' do - let :facts do - @default_facts.merge({ :osfamily => 'RedHat' }) - end - - include_examples 'shared examples' - end -end diff --git a/keystone/spec/defines/keystone_resource_service_identity_spec.rb b/keystone/spec/defines/keystone_resource_service_identity_spec.rb deleted file mode 100644 index a01bc4f01..000000000 --- a/keystone/spec/defines/keystone_resource_service_identity_spec.rb +++ /dev/null @@ -1,227 +0,0 @@ -# -# Copyright (C) 2014 eNovance SAS -# -# Author: Emilien Macchi -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. You may obtain -# a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the -# License for the specific language governing permissions and limitations -# under the License. - -require 'spec_helper' - -describe 'keystone::resource::service_identity' do - - let (:title) { 'neutron' } - - let :required_params do - { :password => 'secrete', - :service_type => 'network', - :admin_url => 'http://192.168.0.1:9696', - :internal_url => 'http://10.0.0.1:9696', - :public_url => 'http://7.7.7.7:9696' } - end - - shared_examples 'keystone::resource::service_identity examples' do - - context 'with only required parameters' do - let :params do - required_params - end - - it { is_expected.to contain_keystone_user(title).with( - :ensure => 'present', - :password => 'secrete', - :email => 'neutron@localhost', - )} - - it { is_expected.to contain_keystone_user_role("#{title}@services").with( - :ensure => 'present', - :roles => ['admin'], - )} - - it { is_expected.to contain_keystone_service("#{title}::network").with( - :ensure => 'present', - :description => 'neutron service', - )} - - it { is_expected.to contain_keystone_endpoint("RegionOne/#{title}::network").with( - :ensure => 'present', - :public_url => 'http://7.7.7.7:9696', - :internal_url => 'http://10.0.0.1:9696', - :admin_url => 'http://192.168.0.1:9696', - :region => 'RegionOne', - )} - end - - context 'with ensure set to absent' do - let :params do - required_params.merge(:ensure => 'absent') - end - - it { is_expected.to contain_keystone_user(title).with( - :ensure => 'absent', - :password => 'secrete', - :email => 'neutron@localhost', - )} - - it { is_expected.to contain_keystone_user_role("#{title}@services").with( - :ensure => 'absent', - :roles => ['admin'], - )} - - it { is_expected.to contain_keystone_service("#{title}::network").with( - :ensure => 'absent', - :description => 'neutron service', - )} - - it { is_expected.to contain_keystone_endpoint("RegionOne/#{title}::network").with( - :ensure => 'absent', - :public_url => 'http://7.7.7.7:9696', - :internal_url => 'http://10.0.0.1:9696', - :admin_url => 'http://192.168.0.1:9696', - :region => 'RegionOne', - )} - - end - - context 'with bad ensure parameter value' do - let :params do - required_params.merge(:ensure => 'badvalue') - end - - it { is_expected.to raise_error Puppet::Error, /Valid values for ensure parameter are present or absent/ } - end - - context 'when explicitly setting an region' do - let :params do - required_params.merge( - :region => 'East', - ) - end - it { is_expected.to contain_keystone_endpoint("East/#{title}::network").with( - :ensure => 'present', - :public_url => 'http://7.7.7.7:9696', - :internal_url => 'http://10.0.0.1:9696', - :admin_url => 'http://192.168.0.1:9696', - :region => 'East', - )} - end - - context 'when trying to create an endpoint without service_type (will be dropped in Mitaka)' do - let :params do - required_params.merge( - :configure_service => false, - :service_type => false, - ) - end - it { is_expected.to contain_keystone_endpoint("RegionOne/#{title}").with( - :ensure => 'present', - :public_url => 'http://7.7.7.7:9696', - :internal_url => 'http://10.0.0.1:9696', - :admin_url => 'http://192.168.0.1:9696', - )} - end - - context 'when trying to create a service without service_type' do - let :params do - required_params.delete(:service_type) - required_params - end - it_raises 'a Puppet::Error', /When configuring a service, you need to set the service_type parameter/ - end - - context 'when trying to create an endpoint without url' do - let :params do - required_params.delete(:public_url) - required_params - end - it_raises 'a Puppet::Error', /When configuring an endpoint, you need to set the _url parameters/ - end - - context 'with user domain' do - let :params do - required_params.merge({:user_domain => 'userdomain'}) - end - it { is_expected.to contain_keystone_domain('userdomain').with( - :ensure => 'present', - )} - it { is_expected.to contain_keystone_user(title).with( - :ensure => 'present', - :password => 'secrete', - :email => 'neutron@localhost', - :domain => 'userdomain', - )} - it { is_expected.to contain_keystone_user_role("#{title}@services").with( - :ensure => 'present', - :roles => ['admin'], - )} - end - - context 'with user and project domain' do - let :params do - required_params.merge({ - :user_domain => 'userdomain', - :project_domain => 'projdomain', - }) - end - it { is_expected.to contain_keystone_user(title).with( - :ensure => 'present', - :password => 'secrete', - :email => 'neutron@localhost', - :domain => 'userdomain', - )} - it { is_expected.to contain_keystone_domain('userdomain').with( - :ensure => 'present', - )} - it { is_expected.to contain_keystone_user_role("#{title}@services").with( - :ensure => 'present', - :roles => ['admin'], - )} - end - context 'with default domain only' do - let :params do - required_params.merge({ - :default_domain => 'defaultdomain', - }) - end - it { is_expected.to contain_keystone_user(title).with( - :ensure => 'present', - :password => 'secrete', - :email => 'neutron@localhost', - :domain => 'defaultdomain', - )} - it { is_expected.to contain_keystone_domain('defaultdomain').with( - :ensure => 'present', - )} - it { is_expected.to contain_keystone_user_role("#{title}@services").with( - :ensure => 'present', - :roles => ['admin'], - )} - end - - end - - context 'on a Debian osfamily' do - let :facts do - @default_facts.merge({ :osfamily => "Debian" }) - end - - include_examples 'keystone::resource::service_identity examples' - end - - context 'on a RedHat osfamily' do - let :facts do - @default_facts.merge({ :osfamily => 'RedHat' }) - end - - include_examples 'keystone::resource::service_identity examples' - end -end diff --git a/keystone/spec/shared_examples.rb b/keystone/spec/shared_examples.rb deleted file mode 100644 index 855b7b10c..000000000 --- a/keystone/spec/shared_examples.rb +++ /dev/null @@ -1,129 +0,0 @@ -shared_examples_for "a Puppet::Error" do |description| - it "with message matching #{description.inspect}" do - expect { is_expected.to have_class_count(1) }.to raise_error(Puppet::Error, description) - end -end - -shared_examples_for 'parse title correctly' do |result| - let(:title) do |example| - example.metadata[:example_group][:description] - end - let(:resource) { described_class.new(:title => title) } - it 'should parse this title correctly' do - expect(resource.to_hash).to include(result) - end -end - -shared_examples_for 'croak on the title' do - let(:title) do |example| - example.metadata[:example_group][:description] - end - let(:resource) { described_class.new(:title => title) } - it 'croak on the title' do - expect { resource }.to raise_error(Puppet::Error, /No set of title patterns matched the title/) - end -end - -shared_examples_for 'croak on the required parameter' do |attr| - let(:title) do |example| - example.metadata[:example_group][:description] - end - prefix = attr.is_a?(String) ? attr : '' - - let(:resource) { described_class.new(:title => title) } - it 'croak on the missing required parameter' do - expect { resource } - .to raise_error(Puppet::ResourceError, "#{prefix} Required parameter.") - end -end - -shared_examples_for 'croak on read-only parameter' do |resource| - prefix = resource.delete(:_prefix) - it 'should raise an error' do - expect { described_class.new(resource) } - .to raise_error(Puppet::ResourceError, "#{prefix} Read-only property.") - end -end - -shared_examples_for 'succeed with the required parameters' do |extra_params| - let(:title) do |example| - example.metadata[:example_group][:description] - end - extra_params_to_merge = extra_params || {} - let(:resource) { described_class.new({ :title => title }.merge(extra_params_to_merge)) } - it 'has all required parameters' do - expect { resource }.not_to raise_error - end -end - -# Let resources to [, , , ..., ] -shared_examples_for 'autorequire the correct resources' do - let(:catalog) { Puppet::Resource::Catalog.new } - it 'should autorequire correctly' do - resource = resources[0] - resources_good = resources[1...resources.count-1] - catalog.add_resource(*resources) - - dependency = resource.autorequire - expect(dependency.size).to eq(resources_good.count) - resources_good.each_with_index do |good, idx| - expect(dependency[idx].target).to eq(resource) - expect(dependency[idx].source).to eq(good) - end - end -end - -# Let resources to [, ] -shared_examples_for 'prefetch the resources' do - it 'should correctly prefetch the existing resource' do - existing = resources[0] - non_existing = resources[1] - resource = mock - r = [] - r << existing - - catalog = Puppet::Resource::Catalog.new - r.each { |res| catalog.add_resource(res) } - m_value = mock - m_first = mock - resource.expects(:values).returns(m_value) - m_value.expects(:first).returns(m_first) - m_first.expects(:catalog).returns(catalog) - m_first.expects(:class).returns(described_class.resource_type) - described_class.prefetch(resource) - - # found and not found - expect(existing.provider.ensure).to eq(:present) - expect(non_existing.provider.ensure).to eq(:absent) - end -end - -# attribute [Array[Hash]] -# - the first hash are the expected result -# - second are the combination of attributes you want to test -# The provider must be build from ressource_attrs -# see examples in keystone_{user/user_role/tenant/service} -shared_examples_for 'create the correct resource' do |attributes| - expected_results = attributes.shift['expected_results'] - attributes.each do |attribute| - context 'test' do - let(:resource_attrs) { attribute.values[0] } - it "should correctly create the resource when #{attribute.keys[0]}" do - provider.create - expect(provider.exists?).to be_truthy - expected_results.each do |key, value| - expect(provider.send(key)).to eq(value) - end - end - end - end -end - -# Let resources to [, ] -shared_examples_for 'detect duplicate resource' do - let(:catalog) { Puppet::Resource::Catalog.new } - it 'should detect the duplicate' do - expect { catalog.add_resource(resources[0]) }.not_to raise_error - expect { catalog.add_resource(resources[1]) }.to raise_error(ArgumentError,/Cannot alias/) - end -end diff --git a/keystone/spec/shared_examples_acceptance.rb b/keystone/spec/shared_examples_acceptance.rb deleted file mode 100644 index 91eddba7a..000000000 --- a/keystone/spec/shared_examples_acceptance.rb +++ /dev/null @@ -1,34 +0,0 @@ -# Test a normal puppet run with idempotency. -shared_examples_for 'puppet_apply_success' do |manifest| - it 'should apply the manifest without error' do - apply_manifest(manifest, :catch_failures => true) - end - it 'should be idempotent' do - apply_manifest(manifest, :catch_changes => true) - end -end - -# Check that a file exists and its content match the one given as -# argument. The argument can be a multiline string or an array of -# regexp. -# -# To use it encapsulate it in a context whose name is the file to -# test. -shared_examples 'a_valid_configuration' do |config_content| - let(:configuration_file) do |example| - # see the idiom it leads to later in this file - example.metadata[:example_group][:parent_example_group][:description] - end - subject { file(configuration_file) } - it { is_expected.to be_file } - it { is_expected.to exist } - content = nil - if config_content.is_a?(Array) - content = config_content - else - content = config_content.split("\n").map { |l| Regexp.quote(l) } - end - it 'content should be valid' do - expect(subject.content).to include_regexp(content) - end -end diff --git a/keystone/spec/spec.opts b/keystone/spec/spec.opts deleted file mode 100644 index 91cd6427e..000000000 --- a/keystone/spec/spec.opts +++ /dev/null @@ -1,6 +0,0 @@ ---format -s ---colour ---loadby -mtime ---backtrace diff --git a/keystone/spec/spec_helper.rb b/keystone/spec/spec_helper.rb deleted file mode 100644 index 3c86612cc..000000000 --- a/keystone/spec/spec_helper.rb +++ /dev/null @@ -1,47 +0,0 @@ -# Load libraries from openstacklib here to simulate how they live together in a real puppet run (for provider unit tests) -$LOAD_PATH.push(File.join(File.dirname(__FILE__), 'fixtures', 'modules', 'openstacklib', 'lib')) -require 'puppetlabs_spec_helper/module_spec_helper' -require 'shared_examples' -require 'webmock/rspec' - -require 'puppet-openstack_spec_helper/defaults' -require 'rspec-puppet-facts' -include RspecPuppetFacts - -# LP1492636 - Cohabitation of compile matcher and webmock -WebMock.disable_net_connect!(:allow => "169.254.169.254") - -RSpec.configure do |c| - c.alias_it_should_behave_like_to :it_configures, 'configures' - c.alias_it_should_behave_like_to :it_raises, 'raises' - # TODO(aschultz): remove this after all tests converted to use OSDefaults - # instead of referencing @default_facts - c.before :each do - @default_facts = OSDefaults.get_facts - end -end - -RSpec::Matchers.define :be_absent do - match do |actual| - actual == :absent - end -end - -at_exit { RSpec::Puppet::Coverage.report! } - -def setup_provider_tests - Puppet::Provider::Keystone.class_exec do - def self.reset - @admin_endpoint = nil - @tenant_hash = nil - @admin_token = nil - @keystone_file = nil - Puppet::Provider::Keystone.class_variable_set('@@default_domain_id', nil) - @domain_hash = nil - @users_name = nil - @projects_name = nil - end - end -end - -Dir[File.dirname(__FILE__) + '/support/**/*.rb'].each { |f| require f } diff --git a/keystone/spec/spec_helper_acceptance.rb b/keystone/spec/spec_helper_acceptance.rb deleted file mode 100644 index 9196bc99b..000000000 --- a/keystone/spec/spec_helper_acceptance.rb +++ /dev/null @@ -1 +0,0 @@ -require 'puppet-openstack_spec_helper/beaker_spec_helper' diff --git a/keystone/spec/unit/provider/keystone/util_spec.rb b/keystone/spec/unit/provider/keystone/util_spec.rb deleted file mode 100644 index 25f7b236d..000000000 --- a/keystone/spec/unit/provider/keystone/util_spec.rb +++ /dev/null @@ -1,29 +0,0 @@ -require 'puppet' -require 'spec_helper' -require 'puppet/provider/keystone' -require 'puppet/provider/keystone/util' - -describe "split_domain method" do - it 'should handle nil and empty strings' do - expect(Util.split_domain('')).to eq([nil, nil]) - expect(Util.split_domain(nil)).to eq([nil, nil]) - end - it 'should return name and no domain' do - expect(Util.split_domain('foo')).to eq(['foo', nil]) - expect(Util.split_domain('foo::')).to eq(['foo', nil]) - end - it 'should return name and domain' do - expect(Util.split_domain('foo::bar')).to eq(['foo', 'bar']) - expect(Util.split_domain('foo::bar::')).to eq(['foo', 'bar']) - expect(Util.split_domain('::foo::bar')).to eq(['::foo', 'bar']) - expect(Util.split_domain('::foo::bar::')).to eq(['::foo', 'bar']) - expect(Util.split_domain('foo::bar::baz')).to eq(['foo::bar', 'baz']) - expect(Util.split_domain('foo::bar::baz::')).to eq(['foo::bar', 'baz']) - expect(Util.split_domain('::foo::bar::baz')).to eq(['::foo::bar', 'baz']) - expect(Util.split_domain('::foo::bar::baz::')).to eq(['::foo::bar', 'baz']) - end - it 'should return domain only' do - expect(Util.split_domain('::foo')).to eq([nil, 'foo']) - expect(Util.split_domain('::foo::')).to eq([nil, 'foo']) - end -end diff --git a/keystone/spec/unit/provider/keystone_config/ini_setting_spec.rb b/keystone/spec/unit/provider/keystone_config/ini_setting_spec.rb deleted file mode 100644 index 8a9e32ee8..000000000 --- a/keystone/spec/unit/provider/keystone_config/ini_setting_spec.rb +++ /dev/null @@ -1,57 +0,0 @@ -# -# these tests are a little concerning b/c they are hacking around the -# modulepath, so these tests will not catch issues that may eventually arise -# related to loading these plugins. -# I could not, for the life of me, figure out how to programatcally set the modulepath -$LOAD_PATH.push( - File.join( - File.dirname(__FILE__), - '..', - '..', - '..', - 'fixtures', - 'modules', - 'inifile', - 'lib') -) -require 'spec_helper' -provider_class = Puppet::Type.type(:keystone_config).provider(:ini_setting) -describe provider_class do - - it 'should default to the default setting when no other one is specified' do - resource = Puppet::Type::Keystone_config.new( - {:name => 'DEFAULT/foo', :value => 'bar'} - ) - provider = provider_class.new(resource) - expect(provider.section).to eq('DEFAULT') - expect(provider.setting).to eq('foo') - end - - it 'should allow setting to be set explicitly' do - resource = Puppet::Type::Keystone_config.new( - {:name => 'dude/foo', :value => 'bar'} - ) - provider = provider_class.new(resource) - expect(provider.section).to eq('dude') - expect(provider.setting).to eq('foo') - end - - it 'should ensure absent when is specified as a value' do - resource = Puppet::Type::Keystone_config.new( - {:name => 'dude/foo', :value => ''} - ) - provider = provider_class.new(resource) - provider.exists? - expect(resource[:ensure]).to eq :absent - end - - it 'should ensure absent when value matches ensure_absent_val' do - resource = Puppet::Type::Keystone_config.new( - {:name => 'dude/foo', :value => 'foo', :ensure_absent_val => 'foo' } - ) - provider = provider_class.new(resource) - provider.exists? - expect(resource[:ensure]).to eq :absent - end - -end diff --git a/keystone/spec/unit/provider/keystone_domain/openstack_spec.rb b/keystone/spec/unit/provider/keystone_domain/openstack_spec.rb deleted file mode 100644 index a344d2603..000000000 --- a/keystone/spec/unit/provider/keystone_domain/openstack_spec.rb +++ /dev/null @@ -1,173 +0,0 @@ -require 'puppet' -require 'spec_helper' -require 'puppet/provider/keystone_domain/openstack' - -setup_provider_tests - -describe Puppet::Type.type(:keystone_domain).provider(:openstack) do - - let(:set_env) do - ENV['OS_USERNAME'] = 'test' - ENV['OS_PASSWORD'] = 'abc123' - ENV['OS_PROJECT_NAME'] = 'test' - ENV['OS_AUTH_URL'] = 'http://127.0.0.1:35357/v2.0' - end - - describe 'when managing a domain' do - - let(:domain_attrs) do - { - :name => 'domain_one', - :description => 'Domain One', - :ensure => 'present', - :enabled => 'True' - } - end - - let(:resource) do - Puppet::Type::Keystone_domain.new(domain_attrs) - end - - let(:provider) do - described_class.new(resource) - end - - let(:another_class) do - class AnotherKlass < Puppet::Provider::Keystone - @credentials = Puppet::Provider::Openstack::CredentialsV3.new - end - AnotherKlass - end - - before :each do - set_env - end - - after :each do - described_class.reset - another_class.reset - end - - describe '#create' do - it 'creates a domain' do - entry = mock - provider.expects(:keystone_conf_default_domain_id_entry).returns(entry) - - described_class.expects(:openstack) - .with('domain', 'create', '--format', 'shell', ['domain_one', '--enable', '--description', 'Domain One']) - .returns('id="1cb05cfed7c24279be884ba4f6520262" -name="domain_one" -description="Domain One" -enabled=True -') - provider.create - expect(provider.exists?).to be_truthy - end - end - - describe '#destroy' do - it 'destroys a domain' do - entry = mock - provider.expects(:keystone_conf_default_domain_id_entry).returns(entry) - described_class.expects(:openstack) - .with('domain', 'set', ['domain_one', '--disable']) - described_class.expects(:openstack) - .with('domain', 'delete', 'domain_one') - - provider.destroy - expect(provider.exists?).to be_falsey - end - - end - - describe '#instances' do - it 'finds every domain' do - described_class.expects(:openstack) - .with('domain', 'list', '--quiet', '--format', 'csv', []) - .returns('"ID","Name","Description","Enabled" -"1cb05cfed7c24279be884ba4f6520262","domain_one","Domain One",True -') - instances = described_class.instances - expect(instances.count).to eq(1) - end - end - - describe '#create default' do - let(:domain_attrs) do - { - :name => 'new_default', - :description => 'New default domain.', - :ensure => 'present', - :enabled => 'True', - :is_default => 'True' - } - end - - context 'default_domain_id defined in keystone.conf' do - it 'creates a default domain' do - described_class.expects(:openstack) - .with('domain', 'create', '--format', 'shell', - ['new_default', '--enable', '--description', 'New default domain.']) - .returns('id="1cb05cfed7c24279be884ba4f6520262" -name="domain_one" -description="Domain One" -enabled=True -') - entry = mock - provider.expects(:keystone_conf_default_domain_id_entry).returns(entry) - entry.expects(:create).returns(nil) - provider.create - expect(provider.exists?).to be_truthy - end - end - end - - describe '#destroy default' do - it 'destroys a default domain' do - entry = mock - provider.expects(:keystone_conf_default_domain_id_entry).returns(entry) - - described_class.expects(:default_domain_id).returns('1cb05cfed7c24279be884ba4f6520262') - provider.expects(:is_default).returns(:true) - provider.expects(:id).times(3).returns('1cb05cfed7c24279be884ba4f6520262') - - described_class.expects(:openstack) - .with('domain', 'set', ['domain_one', '--disable']) - described_class.expects(:openstack) - .with('domain', 'delete', 'domain_one') - entry.expects(:destroy) - provider.destroy - expect(provider.exists?).to be_falsey - end - end - - describe '#flush' do - let(:domain_attrs) do - { - :name => 'domain_one', - :description => 'new description', - :ensure => 'present', - :enabled => 'True', - :is_default => 'False' - } - end - - it 'changes the description' do - described_class.expects(:openstack) - .with('domain', 'set', ['domain_one', '--description', 'new description']) - provider.description = 'new description' - provider.flush - end - - it 'changes is_default' do - entry = mock - provider.expects(:keystone_conf_default_domain_id_entry).returns(entry) - provider.expects(:id).times(3).returns('current_default_domain') - entry.expects(:create) - - provider.is_default=(:true) - provider.flush - end - end - end -end diff --git a/keystone/spec/unit/provider/keystone_domain_config/openstack_spec.rb b/keystone/spec/unit/provider/keystone_domain_config/openstack_spec.rb deleted file mode 100644 index d50036717..000000000 --- a/keystone/spec/unit/provider/keystone_domain_config/openstack_spec.rb +++ /dev/null @@ -1,139 +0,0 @@ -# -# these tests are a little concerning b/c they are hacking around the -# modulepath, so these tests will not catch issues that may eventually arise -# related to loading these plugins. -# I could not, for the life of me, figure out how to programatcally set the modulepath -$LOAD_PATH.push( - File.join( - File.dirname(__FILE__), - '..', - '..', - '..', - 'fixtures', - 'modules', - 'inifile', - 'lib') -) -require 'spec_helper' -provider_class = Puppet::Type.type(:keystone_domain_config).provider(:openstack) - -describe provider_class do - - include PuppetlabsSpec::Files - let(:tmpfile) { tmpfilename('keystone.conf') } - - context '#interface' do - it 'should configure a domain file if the name has :: delimiter' do - resource = Puppet::Type::Keystone_domain_config.new( - { :name => 'bar::dude/foo', :value => 'blahh' } - ) - provider = provider_class.new(resource) - expect(provider.path).to eq('/etc/keystone/domains/keystone.bar.conf') - expect(provider.section).to eq('dude') - expect(provider.setting).to eq('foo') - end - - it "should raise an error if the configuration directory doesn't exist" do - resource = Puppet::Type::Keystone_domain_config.new( - { :name => 'bar::dude/foo', :value => 'blahh' } - ) - expect { provider_class.new(resource).create } - .to raise_error(Puppet::Error::OpenstackMissingDomainDir) - end - end - - context '#create' do - before(:example) do - # This is created just to get access to the ini_file. - config = Puppet::Type::Keystone_config.new({ - :name => 'identity/domain_config_dir', - :value => '/tmp' - }) - config_provider = Puppet::Type.type(:keystone_config) - .provider(:ini_setting) - keystone_config = config_provider.new(config) - keystone_config.class.expects(:file_path).at_least_once.returns(tmpfile) - keystone_config.create - - @domain = Puppet::Type::Keystone_domain_config.new( - { :name => 'bar::dude/foo', :value => 'blahh' } - ) - @domain_provider = provider_class.new(@domain) - end - - after(:example) do - Dir.glob('/tmp/keystone.*.conf').each do |tmp_conf| - File.delete(tmp_conf) - end - end - - context 'correct name definition' do - it 'should adjust the domain path if it is modified with Keystone_config' do - expect(@domain_provider.file_path) - .to eq('/tmp/keystone.bar.conf') - end - - it 'should fill a domain configuration correctly' do - expect { @domain_provider.create }.not_to raise_error - expect(File).to exist('/tmp/keystone.bar.conf') - expect(File.read('/tmp/keystone.bar.conf')) - .to eq(' -[dude] -foo=blahh -') - end - - it 'should fill multiple domain configurations correctly' do - baz_domain = Puppet::Type::Keystone_domain_config.new( - { :name => 'baz::duck/go', :value => 'where' } - ) - baz_domain_provider = provider_class.new(baz_domain) - - expect { @domain_provider.create }.not_to raise_error - expect { baz_domain_provider.create }.not_to raise_error - - expect(File).to exist('/tmp/keystone.bar.conf') - expect(File).to exist('/tmp/keystone.baz.conf') - - expect(File.read('/tmp/keystone.bar.conf')) - .to eq(' -[dude] -foo=blahh -') - - expect(File.read('/tmp/keystone.baz.conf')) - .to eq(' -[duck] -go=where -') - end - - it 'should find the instance' do - @domain_provider.create - instances = @domain_provider.class.instances - expect(instances.count).to eq(1) - expect( - instances[0].instance_variable_get('@property_hash')[:name] - ).to eq('bar::dude/foo') - end - end - - context 'invalid name definition' do - it 'should raise an error if no domain is given' do - resource = Puppet::Type::Keystone_domain_config.new( - { :name => 'dude/foo', :value => 'blahh' } - ) - expect { provider_class.new(resource).create } - .to raise_error(Puppet::Error::OpenstackMissingDomainName) - end - - it 'should raise an error if an empty domain is given' do - resource = Puppet::Type::Keystone_domain_config.new( - { :name => '::dude/foo', :value => 'blahh' } - ) - expect { provider_class.new(resource).create } - .to raise_error(Puppet::Error::OpenstackMissingDomainName) - end - end - end -end diff --git a/keystone/spec/unit/provider/keystone_endpoint/openstack_spec.rb b/keystone/spec/unit/provider/keystone_endpoint/openstack_spec.rb deleted file mode 100644 index f4c1b5bcf..000000000 --- a/keystone/spec/unit/provider/keystone_endpoint/openstack_spec.rb +++ /dev/null @@ -1,392 +0,0 @@ -require 'puppet' -require 'spec_helper' -require 'puppet/provider/keystone_endpoint/openstack' - -describe Puppet::Type.type(:keystone_endpoint).provider(:openstack) do - - let(:set_env) do - ENV['OS_USERNAME'] = 'test' - ENV['OS_PASSWORD'] = 'abc123' - ENV['OS_PROJECT_NAME'] = 'test' - ENV['OS_AUTH_URL'] = 'http://127.0.0.1:5000' - end - - describe 'when managing an endpoint' do - - let(:endpoint_attrs) do - { - :title => 'region/endpoint', - :ensure => 'present', - :public_url => 'http://127.0.0.1:5000', - :internal_url => 'http://127.0.0.1:5001', - :admin_url => 'http://127.0.0.1:5002' - } - end - - let(:resource) do - Puppet::Type::Keystone_endpoint.new(endpoint_attrs) - end - - let(:provider) do - described_class.new(resource) - end - - before(:each) do - set_env - described_class.endpoints = nil - described_class.services = nil - end - - describe '#create' do - before(:each) do - described_class.expects(:openstack) - .with('endpoint', 'create', '--format', 'shell', - ['service_id1', 'admin', 'http://127.0.0.1:5002', '--region', 'region']) - .returns('admin_url="http://127.0.0.1:5002" -id="endpoint1_id" -region="region" -') - described_class.expects(:openstack) - .with('endpoint', 'create', '--format', 'shell', - ['service_id1', 'internal', 'http://127.0.0.1:5001', '--region', 'region']) - .returns('internal_url="http://127.0.0.1:5001" -id="endpoint2_id" -region="region" -') - described_class.expects(:openstack) - .with('endpoint', 'create', '--format', 'shell', - ['service_id1', 'public', 'http://127.0.0.1:5000', '--region', 'region']) - .returns('public_url="http://127.0.0.1:5000" -id="endpoint3_id" -region="region" -') - described_class.expects(:openstack) - .with('service', 'list', '--quiet', '--format', 'csv', []) - .returns('"ID","Name","Type" -"service_id1","endpoint","type_one" -') - end - context 'without the type' do - it 'creates an endpoint' do - provider.create - expect(provider.exists?).to be_truthy - expect(provider.id).to eq('endpoint1_id,endpoint2_id,endpoint3_id') - end - end - context 'with the type' do - let(:endpoint_attrs) do - { - :title => 'region/endpoint', - :ensure => 'present', - :public_url => 'http://127.0.0.1:5000', - :internal_url => 'http://127.0.0.1:5001', - :admin_url => 'http://127.0.0.1:5002', - :type => 'type_one' - } - end - - it 'creates an endpoint' do - provider.create - expect(provider.exists?).to be_truthy - expect(provider.id).to eq('endpoint1_id,endpoint2_id,endpoint3_id') - end - end - end - - describe '#destroy' do - it 'destroys an endpoint' do - provider.instance_variable_get('@property_hash')[:id] = 'endpoint1_id,endpoint2_id,endpoint3_id' - described_class.expects(:openstack) - .with('endpoint', 'delete', 'endpoint1_id') - described_class.expects(:openstack) - .with('endpoint', 'delete', 'endpoint2_id') - described_class.expects(:openstack) - .with('endpoint', 'delete', 'endpoint3_id') - provider.destroy - expect(provider.exists?).to be_falsey - end - end - - describe '#exists' do - context 'when tenant does not exist' do - subject(:response) do - provider.exists? - end - - it { is_expected.to be_falsey } - end - end - - describe '#instances' do - context 'basic' do - it 'finds every tenant' do - described_class.expects(:openstack) - .with('endpoint', 'list', '--quiet', '--format', 'csv', []) - .returns('"ID","Region","Service Name","Service Type","Enabled","Interface","URL" -"endpoint1_id","RegionOne","keystone","identity",True,"admin","http://127.0.0.1:5002" -"endpoint2_id","RegionOne","keystone","identity",True,"internal","https://127.0.0.1:5001" -"endpoint3_id","RegionOne","keystone","identity",True,"public","https://127.0.0.1:5000" -') - instances = described_class.instances - expect(instances.count).to eq(1) - end - end - context 'many different region' do - it 'should not mix up the endpoints' do - described_class.expects(:openstack) - .with('endpoint', 'list', '--quiet', '--format', 'csv', []) - .returns('"ID","Region","Service Name","Service Type","Enabled","Interface","URL" -"endpoint1_id","RegionOne","keystone","identity",True,"admin","http://One-127.0.0.1:5002" -"endpoint2_id","RegionOne","keystone","identity",True,"internal","https://One-127.0.0.1:5001" -"endpoint3_id","RegionOne","keystone","identity",True,"public","https://One-127.0.0.1:5000" -"endpoint4_id","RegionTwo","keystone","identity",True,"admin","http://Two-127.0.0.1:5002" -"endpoint5_id","RegionTwo","keystone","identity",True,"internal","https://Two-127.0.0.1:5001" -"endpoint6_id","RegionTwo","keystone","identity",True,"public","https://Two-127.0.0.1:5000" -"endpoint7_id","RegionThree","keystone","identity",True,"admin","http://Three-127.0.0.1:5002" -"endpoint8_id","RegionThree","keystone","identity",True,"internal","https://Three-127.0.0.1:5001" -"endpoint9_id","RegionThree","keystone","identity",True,"public","https://Three-127.0.0.1:5000" -"endpoint10_id","RegionFour","keystone","identity",True,"admin","http://Four-127.0.0.1:5002" -"endpoint11_id","RegionFour","keystone","identity",True,"internal","https://Four-127.0.0.1:5001" -"endpoint12_id","RegionFour","keystone","identity",True,"public","https://Four-127.0.0.1:5000" -"endpoint13_id","RegionFive","keystone","identity",True,"admin","http://Five-127.0.0.1:5002" -"endpoint14_id","RegionFive","keystone","identity",True,"internal","https://Five-127.0.0.1:5001" -"endpoint15_id","RegionFive","keystone","identity",True,"public","https://Five-127.0.0.1:5000" -"endpoint16_id","RegionSix","keystone","identity",True,"admin","http://Six-127.0.0.1:5002" -"endpoint17_id","RegionSix","keystone","identity",True,"internal","https://Six-127.0.0.1:5001" -"endpoint18_id","RegionSix","keystone","identity",True,"public","https://Six-127.0.0.1:5000" -"endpoint19_id","RegionSeven","keystone","identity",True,"admin","http://Seven-127.0.0.1:5002" -"endpoint20_id","RegionSeven","keystone","identity",True,"internal","https://Seven-127.0.0.1:5001" -"endpoint21_id","RegionSeven","keystone","identity",True,"public","https://Seven-127.0.0.1:5000" -') - instances = described_class.instances - expect(instances).to have_array_of_instances_hash([ - {:name=>"RegionOne/keystone::identity", - :ensure=>:present, - :id=>"endpoint1_id,endpoint2_id,endpoint3_id", - :region=>"RegionOne", - :admin_url=>"http://One-127.0.0.1:5002", - :internal_url=>"https://One-127.0.0.1:5001", - :public_url=>"https://One-127.0.0.1:5000"}, - {:name=>"RegionTwo/keystone::identity", - :ensure=>:present, - :id=>"endpoint4_id,endpoint5_id,endpoint6_id", - :region=>"RegionTwo", - :admin_url=>"http://Two-127.0.0.1:5002", - :internal_url=>"https://Two-127.0.0.1:5001", - :public_url=>"https://Two-127.0.0.1:5000"}, - {:name=>"RegionThree/keystone::identity", - :ensure=>:present, - :id=>"endpoint7_id,endpoint8_id,endpoint9_id", - :region=>"RegionThree", - :admin_url=>"http://Three-127.0.0.1:5002", - :internal_url=>"https://Three-127.0.0.1:5001", - :public_url=>"https://Three-127.0.0.1:5000"}, - {:name=>"RegionFour/keystone::identity", - :ensure=>:present, - :id=>"endpoint10_id,endpoint11_id,endpoint12_id", - :region=>"RegionFour", - :admin_url=>"http://Four-127.0.0.1:5002", - :internal_url=>"https://Four-127.0.0.1:5001", - :public_url=>"https://Four-127.0.0.1:5000"}, - {:name=>"RegionFive/keystone::identity", - :ensure=>:present, - :id=>"endpoint13_id,endpoint14_id,endpoint15_id", - :region=>"RegionFive", - :admin_url=>"http://Five-127.0.0.1:5002", - :internal_url=>"https://Five-127.0.0.1:5001", - :public_url=>"https://Five-127.0.0.1:5000"}, - {:name=>"RegionSix/keystone::identity", - :ensure=>:present, - :id=>"endpoint16_id,endpoint17_id,endpoint18_id", - :region=>"RegionSix", - :admin_url=>"http://Six-127.0.0.1:5002", - :internal_url=>"https://Six-127.0.0.1:5001", - :public_url=>"https://Six-127.0.0.1:5000"}, - {:name=>"RegionSeven/keystone::identity", - :ensure=>:present, - :id=>"endpoint19_id,endpoint20_id,endpoint21_id", - :region=>"RegionSeven", - :admin_url=>"http://Seven-127.0.0.1:5002", - :internal_url=>"https://Seven-127.0.0.1:5001", - :public_url=>"https://Seven-127.0.0.1:5000"}]) - end - end - end - - describe '#prefetch' do - context 'working: fq or nfq and matching resource' do - before(:each) do - described_class.expects(:openstack) - .with('endpoint', 'list', '--quiet', '--format', 'csv', []) - .returns('"ID","Region","Service Name","Service Type","Enabled","Interface","URL" -"endpoint1_id","RegionOne","keystone","identity",True,"admin","http://127.0.0.1:5002" -"endpoint2_id","RegionOne","keystone","identity",True,"internal","https://127.0.0.1:5001" -"endpoint3_id","RegionOne","keystone","identity",True,"public","https://127.0.0.1:5000" -') - end - context '#fq resource in title' do - let(:resources) do - [Puppet::Type.type(:keystone_endpoint).new(:title => 'RegionOne/keystone::identity', :ensure => :present), - Puppet::Type.type(:keystone_endpoint).new(:title => 'RegionOne/keystone::identityv3', :ensure => :present)] - end - include_examples 'prefetch the resources' - end - context '#fq resource' do - let(:resources) do - [Puppet::Type.type(:keystone_endpoint).new(:title => 'keystone', :region => 'RegionOne', :type => 'identity', :ensure => :present), - Puppet::Type.type(:keystone_endpoint).new(:title => 'RegionOne/keystone::identityv3', :ensure => :present)] - end - include_examples 'prefetch the resources' - end - context '#nfq resource in title matching existing endpoint' do - let(:resources) do - [Puppet::Type.type(:keystone_endpoint).new(:title => 'RegionOne/keystone', :ensure => :present), - Puppet::Type.type(:keystone_endpoint).new(:title => 'RegionOne/keystone::identityv3', :ensure => :present)] - end - include_examples 'prefetch the resources' - end - context '#nfq resource matching existing endpoint' do - let(:resources) do - [Puppet::Type.type(:keystone_endpoint).new(:title => 'keystone', :region => 'RegionOne', :ensure => :present), - Puppet::Type.type(:keystone_endpoint).new(:title => 'RegionOne/keystone::identityv3', :ensure => :present)] - end - include_examples 'prefetch the resources' - end - end - - context 'not working' do - context 'too many type' do - before(:each) do - described_class.expects(:openstack) - .with('endpoint', 'list', '--quiet', '--format', 'csv', []) - .returns('"ID","Region","Service Name","Service Type","Enabled","Interface","URL" -"endpoint1_id","RegionOne","keystone","identity",True,"admin","http://127.0.0.1:5002" -"endpoint2_id","RegionOne","keystone","identity",True,"internal","https://127.0.0.1:5001" -"endpoint3_id","RegionOne","keystone","identity",True,"public","https://127.0.0.1:5000" -"endpoint4_id","RegionOne","keystone","identityv3",True,"admin","http://127.0.0.1:5002" -"endpoint5_id","RegionOne","keystone","identityv3",True,"internal","https://127.0.0.1:5001" -"endpoint6_id","RegionOne","keystone","identityv3",True,"public","https://127.0.0.1:5000" -') - end - it "should fail as it's not possible to get the right type here" do - existing = Puppet::Type.type(:keystone_endpoint) - .new(:title => 'RegionOne/keystone', :ensure => :present) - resource = mock - r = [] - r << existing - - catalog = Puppet::Resource::Catalog.new - r.each { |res| catalog.add_resource(res) } - m_value = mock - m_first = mock - resource.expects(:values).returns(m_value) - m_value.expects(:first).returns(m_first) - m_first.expects(:catalog).returns(catalog) - m_first.expects(:class).returns(described_class.resource_type) - expect { described_class.prefetch(resource) } - .to raise_error(Puppet::Error, - /endpoint matching RegionOne\/keystone: identity identityv3/) - end - end - end - - context 'not any type but existing service' do - before(:each) do - described_class.expects(:openstack) - .with('endpoint', 'list', '--quiet', '--format', 'csv', []) - .returns('"ID","Region","Service Name","Service Type","Enabled","Interface","URL" -"endpoint1_id","RegionOne","keystone","identity",True,"admin","http://127.0.0.1:5002" -"endpoint2_id","RegionOne","keystone","identity",True,"internal","https://127.0.0.1:5001" -"endpoint3_id","RegionOne","keystone","identity",True,"public","https://127.0.0.1:5000" -') - described_class.expects(:openstack) - .with('service', 'list', '--quiet', '--format', 'csv', []) - .returns('"ID","Name","Type" -"service1_id","keystonev3","identity" -') - end - it 'should be successful' do - existing = Puppet::Type.type(:keystone_endpoint) - .new(:title => 'RegionOne/keystonev3', :ensure => :present) - resource = mock - r = [] - r << existing - - catalog = Puppet::Resource::Catalog.new - r.each { |res| catalog.add_resource(res) } - m_value = mock - m_first = mock - resource.expects(:values).returns(m_value) - m_value.expects(:first).returns(m_first) - m_first.expects(:catalog).returns(catalog) - m_first.expects(:class).returns(described_class.resource_type) - - expect { described_class.prefetch(resource) }.not_to raise_error - expect(existing.provider.ensure).to eq(:absent) - end - end - end - - describe '#flush' do - let(:endpoint_attrs) do - { - :title => 'region/service_1', - :ensure => 'present', - :public_url => 'http://127.0.0.1:5000', - :internal_url => 'http://127.0.0.1:5001', - :admin_url => 'http://127.0.0.1:4999', - :type => 'service_type1' - } - end - context '#update a missing endpoint' do - it 'creates an endpoint' do - described_class.expects(:openstack) - .with('endpoint', 'create', '--format', 'shell', - ['service_id_1', 'admin', 'http://127.0.0.1:4999', - '--region', 'region']) - .returns(<<-eoo -enabled="True" -id="endpoint1_id" -interface="internal" -region="None" -region_id="None" -service_id="service_id_1" -service_name="service_1" -service_type="service_type1" -url="http://127.0.0.1:5001" - eoo - ) - - provider.expects(:property_flush) - .times(5) - .returns({:admin_url => 'http://127.0.0.1:4999'}) - provider.expects(:property_hash) - .twice - .returns({:id => ',endpoint2_id,endpoint3_id'}) - provider.expects(:service_id) - .returns('service_id_1') - provider.flush - expect(provider.exists?).to be_truthy - expect(provider.id).to eq('endpoint1_id,endpoint2_id,endpoint3_id') - end - end - - context 'adjust a url' do - it 'update the url' do - described_class.expects(:openstack) - .with('endpoint', 'set', - ['endpoint1_id', '--url=http://127.0.0.1:4999']) - provider.expects(:property_flush) - .times(4) - .returns({:admin_url => 'http://127.0.0.1:4999'}) - provider.expects(:property_hash) - .twice - .returns({:id => 'endpoint1_id,endpoint2_id,endpoint3_id'}) - provider.flush - expect(provider.exists?).to be_truthy - expect(provider.id).to eq('endpoint1_id,endpoint2_id,endpoint3_id') - end - end - end - end -end diff --git a/keystone/spec/unit/provider/keystone_identity_provider/openstack_spec.rb b/keystone/spec/unit/provider/keystone_identity_provider/openstack_spec.rb deleted file mode 100644 index e2159cfc2..000000000 --- a/keystone/spec/unit/provider/keystone_identity_provider/openstack_spec.rb +++ /dev/null @@ -1,298 +0,0 @@ -require 'puppet' -require 'spec_helper' -require 'puppet/provider/keystone_identity_provider/openstack' - -describe Puppet::Type.type(:keystone_identity_provider).provider(:openstack) do - let(:set_env) do - ENV['OS_USERNAME'] = 'test' - ENV['OS_PASSWORD'] = 'abc123' - ENV['OS_PROJECT_NAME'] = 'test' - ENV['OS_AUTH_URL'] = 'http://127.0.0.1:5000/v3' - end - - let(:id_provider_attrs) do - { - :name => 'idp_one', - :enabled => true, - :description => 'Nice id provider', - :remote_ids => ['entityid_idp1', 'http://entityid_idp2/saml/meta', 3], - :ensure => :present - } - end - - let(:resource) do - Puppet::Type::Keystone_identity_provider.new(id_provider_attrs) - end - - let(:provider) { described_class.new(resource) } - - before(:example) { set_env } - describe '#create success' do - it 'creates an identity provider' do - described_class.expects(:openstack) - .with( - 'identity provider', 'create', - '--format', 'shell', [ - '--remote-id', 'entityid_idp1', - '--remote-id', 'http://entityid_idp2/saml/meta', - '--remote-id', '3', - '--enable', - '--description', 'Nice id provider', - 'idp_one' - ] - ) - .once - .returns( - <<-EOR -description="Nice id provider" -enabled="True" -id="idp_one" -remote_ids="[u'entityid_idp1', u'http://entityid_idp2/saml/meta', u'3']" -EOR - ) - provider.create - expect(provider.exists?).to be_truthy - end - end - describe '#create failure' do - it 'fails with an helpfull message when hitting remote-id duplicate.' do - described_class.expects(:openstack) - .with( - 'identity provider', 'create', - '--format', 'shell', [ - '--remote-id', 'entityid_idp1', - '--remote-id', 'http://entityid_idp2/saml/meta', - '--remote-id', '3', - '--enable', - '--description', 'Nice id provider', - 'idp_one' - ] - ) - .once - .raises(Puppet::ExecutionFailure, - 'openstack Conflict occurred attempting to' \ - ' store identity_provider') - expect { provider.create } - .to raise_error(Puppet::Error::OpenstackDuplicateRemoteId) - end - end - - describe '#create with a remote-id-file' do - let(:id_provider_attrs) do - { - :name => 'idp_one', - :enabled => true, - :description => 'Nice id provider', - :remote_id_file => '/tmp/remoteids', - :ensure => :present - } - end - it 'create a resource whit remote id in a file' do - described_class.expects(:openstack) - .with( - 'identity provider', 'create', - '--format', 'shell', [ - '--remote-id-file', '/tmp/remoteids', - '--enable', - '--description', 'Nice id provider', - 'idp_one' - ] - ) - .once - .returns( - <<-EOR -description="Nice id provider" -enabled="True" -id="idp_one" -remote_ids="[u'entityid_idp1', u'http://entityid_idp2/saml/meta', u'3']" -EOR - ) - provider.create - expect(provider.exists?).to be_truthy - - end - end - - describe '#destroy' do - it 'destroy an identity provider' do - provider.instance_variable_get('@property_hash')[:id] = 'idp_one' - described_class.expects(:openstack) - .with( - 'identity provider', 'delete', 'idp_one' - ) - provider.destroy - expect(provider.exists?).to be_falsy - end - end - - describe '#instances' do - it 'finds every identity provider' do - described_class.expects(:openstack) - .with( - 'identity provider', 'list', - '--quiet', '--format', 'csv', [] - ) - .once - .returns( - <<-EOR -"ID","Enabled","Description" -"idp_one",True,"" -"idp_two",False,"Idp two description" -EOR - ) - described_class.expects(:openstack) - .with( - 'identity provider', 'show', - '--format', 'shell', 'idp_one' - ) - .once - .returns( - <<-EOR -description="None" -enabled="True" -id="idp_one" -remote_ids="[u'entityid_idp1', u'http://entityid_idp2/saml/meta', u'3']" -EOR - ) - described_class.expects(:openstack) - .with( - 'identity provider', 'show', - '--format', 'shell', 'idp_two' - ) - .once - .returns( - <<-EOR -description="Idp two description" -enabled="False" -id="idp_two" -remote_ids="[]" -EOR - ) - described_class.expects(:openstack) - .with('--version', '', []) - .twice - .returns("openstack 1.7.0\n") - instances = - Puppet::Type::Keystone_identity_provider::ProviderOpenstack.instances - expect(instances.count).to eq(2) - expect(instances[0].description).to be_empty - expect(instances[1].enabled).to be_falsy - end - end - - describe '#update' do - context 'remote_ids' do - it 'changes the remote_ids' do - provider.expects(:id).returns('1234') - described_class.expects(:openstack) - .with( - 'identity provider', 'set', - [ - '--remote-id', 'entityid_idp1', - '--remote-id', 'http://entityid_idp2/saml/meta', - '1234' - ] - ) - .once - provider.remote_ids = ['entityid_idp1', 'http://entityid_idp2/saml/meta'] - end - end - context 'with remote_id_file' do - it 'changes the remote_id_file' do - provider.expects(:id).returns('1234') - described_class.expects(:openstack) - .with( - 'identity provider', 'set', - ['--remote-id-file', '/tmp/new_file', '1234'] - ) - .once - provider.remote_id_file = '/tmp/new_file' - end - end - context 'enabled' do - it 'changes the enable to true' do - provider.expects(:id).returns('1234') - described_class.expects(:openstack) - .with( - 'identity provider', 'set', - ['--enable', '1234'] - ) - .once - provider.enabled = :true - end - it 'changes the enable to false' do - provider.expects(:id).returns('1234') - described_class.expects(:openstack) - .with( - 'identity provider', 'set', - ['--disable', '1234'] - ) - .once - provider.enabled = :false - end - end - end - - describe '#prefetch' do - let(:resources_catalog) { { 'idp_one' => provider } } - let(:found_resource) do - existing = described_class.new - existing.instance_variable_set('@property_hash', - :name => 'idp_one', - :id => 'idp_one', - :description => '', - :enabled => true, - :remote_ids => [ - 'entityid_idp1', - 'http://entityid_idp2/saml/meta', - '3'], - :ensure => :present - ) - existing - end - it 'fill the resource with the right provider' do - described_class.expects(:instances) - .once - .returns([found_resource]) - expect(resources_catalog['idp_one'].provider).to be_absent - described_class.prefetch(resources_catalog) - expect(resources_catalog['idp_one'].provider).not_to be_absent - end - end - - describe '#clean_remote_ids' do - context 'before python-openstackclient/+bug/1478995' do - let(:edge_cases_remote_ids) do - { - %q|[u'http://remoteid?id=idp_one&name=ldap', u"http://remoteid_2?id='idp'"]| => - ['http://remoteid?id=idp_one&name=ldap', "http://remoteid_2?id='idp'"], - %q|[u'http://remoteid?id=idp_one&name=ldap']| => ['http://remoteid?id=idp_one&name=ldap'] - } - end - it 'should handle tricky cases' do - described_class.expects(:openstack) - .with('--version', '', []) - .twice - .returns("openstack 1.7.0\n") - edge_cases_remote_ids.each do |edge_case, solution| - expect(described_class.clean_remote_ids(edge_case)).to eq(solution) - end - end - end - context 'after python-openstackclient/+bug/1478995' do - let(:remote_ids) do - [ - "http://remoteid?id=idp_one&name=ldap, http://remoteid_2?id='idp'", - ['http://remoteid?id=idp_one&name=ldap', "http://remoteid_2?id='idp'"] - ] - end - it 'should handle the new output' do - described_class.expects(:openstack) - .with('--version', '', []) - .once - .returns("openstack 1.9.0\n") - expect(described_class.clean_remote_ids(remote_ids[0])).to eq(remote_ids[1]) - end - end - end -end diff --git a/keystone/spec/unit/provider/keystone_paste_ini/ini_setting_spec.rb b/keystone/spec/unit/provider/keystone_paste_ini/ini_setting_spec.rb deleted file mode 100644 index 56379487f..000000000 --- a/keystone/spec/unit/provider/keystone_paste_ini/ini_setting_spec.rb +++ /dev/null @@ -1,29 +0,0 @@ -# -# these tests are a little concerning b/c they are hacking around the -# modulepath, so these tests will not catch issues that may eventually arise -# related to loading these plugins. -# I could not, for the life of me, figure out how to programatcally set the modulepath -$LOAD_PATH.push( - File.join( - File.dirname(__FILE__), - '..', - '..', - '..', - 'fixtures', - 'modules', - 'inifile', - 'lib') -) -require 'spec_helper' -provider_class = Puppet::Type.type(:keystone_paste_ini).provider(:ini_setting) -describe provider_class do - - it 'should allow setting to be set explicitly' do - resource = Puppet::Type::Keystone_paste_ini.new( - {:name => 'dude/foo', :value => 'bar'} - ) - provider = provider_class.new(resource) - expect(provider.section).to eq('dude') - expect(provider.setting).to eq('foo') - end -end diff --git a/keystone/spec/unit/provider/keystone_role/openstack_spec.rb b/keystone/spec/unit/provider/keystone_role/openstack_spec.rb deleted file mode 100644 index b36a8f1b6..000000000 --- a/keystone/spec/unit/provider/keystone_role/openstack_spec.rb +++ /dev/null @@ -1,78 +0,0 @@ -require 'puppet' -require 'spec_helper' -require 'puppet/provider/keystone_role/openstack' - -provider_class = Puppet::Type.type(:keystone_role).provider(:openstack) - -describe provider_class do - - let(:set_env) do - ENV['OS_USERNAME'] = 'test' - ENV['OS_PASSWORD'] = 'abc123' - ENV['OS_PROJECT_NAME'] = 'test' - ENV['OS_AUTH_URL'] = 'http://127.0.0.1:5000' - end - - before(:each) do - set_env - end - - describe 'when creating a role' do - let(:role_attrs) do - { - :name => 'foo', - :ensure => 'present', - } - end - - let(:resource) do - Puppet::Type::Keystone_role.new(role_attrs) - end - - let(:provider) do - provider_class.new(resource) - end - - describe '#create' do - it 'creates a role' do - provider.class.expects(:openstack) - .with('role', 'create', '--format', 'shell', 'foo') - .returns('name="foo"') - provider.create - expect(provider.exists?).to be_truthy - end - end - - describe '#destroy' do - it 'destroys a role' do - provider.class.expects(:openstack) - .with('role', 'delete', []) - provider.destroy - expect(provider.exists?).to be_falsey - end - - end - - describe '#exists' do - context 'when role does not exist' do - subject(:response) do - response = provider.exists? - end - it { is_expected.to be_falsey } - end - end - - describe '#instances' do - it 'finds every role' do - provider.class.expects(:openstack) - .with('role', 'list', '--quiet', '--format', 'csv', []) - .returns('"ID","Name" -"1cb05cfed7c24279be884ba4f6520262","foo" -' - ) - instances = Puppet::Type::Keystone_role::ProviderOpenstack.instances - expect(instances.count).to eq(1) - end - end - end -end diff --git a/keystone/spec/unit/provider/keystone_service/openstack_spec.rb b/keystone/spec/unit/provider/keystone_service/openstack_spec.rb deleted file mode 100644 index 7e426adb7..000000000 --- a/keystone/spec/unit/provider/keystone_service/openstack_spec.rb +++ /dev/null @@ -1,135 +0,0 @@ -require 'puppet' -require 'spec_helper' -require 'puppet/provider/keystone_service/openstack' - -provider_class = Puppet::Type.type(:keystone_service).provider(:openstack) - -describe provider_class do - - let(:set_env) do - ENV['OS_USERNAME'] = 'test' - ENV['OS_PASSWORD'] = 'abc123' - ENV['OS_PROJECT_NAME'] = 'test' - ENV['OS_AUTH_URL'] = 'http://127.0.0.1:5000/v3' - end - - before(:each) do - set_env - end - - describe 'when managing service' do - - let(:resource_attrs) do - { - :name => 'service_one', - :description => 'Service One', - :ensure => 'present', - :type => 'type_one' - } - end - - let(:resource) do - Puppet::Type::Keystone_service.new(resource_attrs) - end - - let(:provider) do - provider_class.new(resource) - end - - describe '#create' do - before(:each) do - provider_class.expects(:openstack) - .with('service', 'create', '--format', 'shell', - ['type_one', '--name', 'service_one', '--description', 'Service One']) - .returns('description="Service One" -enabled="True" -id="8f0dd4c0abc44240998fbb3f5089ecbf" -name="service_one" -type="type_one" -') - end - include_examples 'create the correct resource', [ - { - 'expected_results' => { - :type => 'type_one', - :id => '8f0dd4c0abc44240998fbb3f5089ecbf', - :name => 'service_one', - :description => 'Service One' - } - }, - { - 'type in title' => { - :title => 'service_one::type_one', - :description => 'Service One' - } - }, - { - 'type in parameter' => { - :title => 'service_one', - :type => 'type_one', - :description => 'Service One' - } - } - ] - - end - describe '#destroy' do - it 'destroys a service' do - provider_class.expects(:openstack) - .with('service', 'delete', []) - provider.destroy - expect(provider.exists?).to be_falsey - end - - context 'when service does not exist' do - subject(:response) do - provider.exists? - end - it { is_expected.to be_falsey } - end - end - - describe '#instances' do - it 'finds every service' do - provider_class.expects(:openstack) - .with('service', 'list', '--quiet', '--format', 'csv', '--long') - .returns('"ID","Name","Type","Description" -"8f0dd4c0abc44240998fbb3f5089ecbf","service_one","type_one","Service One" -') - instances = provider_class.instances - expect(instances.count).to eq(1) - end - end - end - - context '#prefetch' do - before(:each) do - # This call done by self.instance in prefetch in what make the - # resource exists. - provider_class.expects(:openstack) - .with('service', 'list', '--quiet', '--format', 'csv', '--long') - .returns('"ID","Name","Type","Description" -"8f0dd4c0abc44240998fbb3f5089ecbf","service_1","type_1","" -') - end - let(:service_1) do - Puppet::Type::Keystone_service.new(:title => 'service_1::type_1') - end - let(:service_2) do - Puppet::Type::Keystone_service.new(:title => 'service_1', :type => 'type_2') - end - let(:resources) { [service_1, service_2] } - include_examples 'prefetch the resources' - end - - context 'duplicate detection' do - let(:service_1) do - Puppet::Type::Keystone_service.new(:title => 'service_1::type_1') - end - let(:service_2) do - Puppet::Type::Keystone_service.new(:title => 'service_1', :type => 'type_1') - end - let(:resources) { [service_1, service_2] } - include_examples 'detect duplicate resource' - end -end diff --git a/keystone/spec/unit/provider/keystone_spec.rb b/keystone/spec/unit/provider/keystone_spec.rb deleted file mode 100644 index 955099226..000000000 --- a/keystone/spec/unit/provider/keystone_spec.rb +++ /dev/null @@ -1,396 +0,0 @@ -require 'puppet' -require 'spec_helper' -require 'puppet/provider/keystone' -require 'tempfile' - -setup_provider_tests - -klass = Puppet::Provider::Keystone - -class Puppet::Provider::Keystone - @credentials = Puppet::Provider::Openstack::CredentialsV3.new -end - -describe Puppet::Provider::Keystone do - let(:set_env) do - ENV['OS_USERNAME'] = 'test' - ENV['OS_PASSWORD'] = 'abc123' - ENV['OS_PROJECT_NAME'] = 'test' - ENV['OS_AUTH_URL'] = 'http://127.0.0.1:35357/v3' - end - - let(:another_class) do - class AnotherKlass < Puppet::Provider::Keystone - @credentials = Puppet::Provider::Openstack::CredentialsV3.new - end - AnotherKlass - end - - before(:each) { set_env } - - after :each do - klass.reset - another_class.reset - end - - describe '#domain_id_from_name' do - it 'should list all domains when requesting a domain name from an ID' do - klass.expects(:openstack) - .with('domain', 'list', '--quiet', '--format', 'csv', []) - .returns('"ID","Name","Enabled","Description" -"someid","SomeName",True,"default domain" -') - expect(klass.domain_id_from_name('SomeName')).to eq('someid') - end - it 'should lookup a domain when not found in the hash' do - klass.expects(:openstack) - .with('domain', 'show', '--format', 'shell', 'NewName') - .returns(' -name="NewName" -id="newid" -') - expect(klass.domain_id_from_name('NewName')).to eq('newid') - end - it 'should print an error when there is no such domain' do - klass.expects(:openstack) - .with('domain', 'show', '--format', 'shell', 'doesnotexist') - .returns(' -') - klass.expects(:err) - .with('Could not find domain with name [doesnotexist]') - expect(klass.domain_id_from_name('doesnotexist')).to eq(nil) - end - end - - describe '#ssl?' do - it 'should be false if there is no keystone file' do - File.expects(:exists?).with("/etc/keystone/keystone.conf").returns(false) - expect(klass.ssl?).to be_falsey - end - - it 'should be false if ssl is not configured in keystone file' do - mock = {} - File.expects(:exists?).with("/etc/keystone/keystone.conf").returns(true) - Puppet::Util::IniConfig::File.expects(:new).returns(mock) - mock.expects(:read).with('/etc/keystone/keystone.conf') - expect(klass.ssl?).to be_falsey - end - - it 'should be false if ssl is configured and disable in keystone file' do - mock = {'ssl' => {'enable' => 'False'}} - File.expects(:exists?).with("/etc/keystone/keystone.conf").returns(true) - Puppet::Util::IniConfig::File.expects(:new).returns(mock) - mock.expects(:read).with('/etc/keystone/keystone.conf') - expect(klass.ssl?).to be_falsey - end - - it 'should be true if ssl is configured and enabled in keystone file' do - mock = {'ssl' => {'enable' => 'True'}} - File.expects(:exists?).with("/etc/keystone/keystone.conf").returns(true) - Puppet::Util::IniConfig::File.expects(:new).returns(mock) - mock.expects(:read).with('/etc/keystone/keystone.conf') - expect(klass.ssl?).to be_truthy - end - end - - describe '#fetch_project' do - let(:set_env) do - ENV['OS_USERNAME'] = 'test' - ENV['OS_PASSWORD'] = 'abc123' - ENV['OS_PROJECT_NAME'] = 'test' - ENV['OS_AUTH_URL'] = 'http://127.0.0.1:35357/v3' - end - - before(:each) do - set_env - end - - it 'should be false if the project does not exist' do - klass.expects(:request_timeout).returns(0) - klass.expects(:openstack) - .with('project', 'show', '--format', 'shell', ['no_project', '--domain', 'Default']) - .times(2) - .raises(Puppet::ExecutionFailure, "Execution of '/usr/bin/openstack project show --format shell no_project' returned 1: No project with a name or ID of 'no_project' exists.") - expect(klass.fetch_project('no_project', 'Default')).to be_falsey - end - - it 'should return the project' do - klass.expects(:openstack) - .with('project', 'show', '--format', 'shell', ['The Project', '--domain', 'Default']) - .returns(' -name="The Project" -id="the_project_id" -') - expect(klass.fetch_project('The Project', 'Default')).to eq({:name=>"The Project", :id=>"the_project_id"}) - end - end - - describe '#fetch_user' do - let(:set_env) do - ENV['OS_USERNAME'] = 'test' - ENV['OS_PASSWORD'] = 'abc123' - ENV['OS_PROJECT_NAME'] = 'test' - ENV['OS_AUTH_URL'] = 'http://127.0.0.1:35357/v3' - end - - before(:each) do - set_env - end - - it 'should be false if the user does not exist' do - klass.expects(:request_timeout).returns(0) - klass.expects(:openstack) - .with('user', 'show', '--format', 'shell', ['no_user', '--domain', 'Default']) - .times(2) - .raises(Puppet::ExecutionFailure, "Execution of '/usr/bin/openstack user show --format shell no_user' returned 1: No user with a name or ID of 'no_user' exists.") - expect(klass.fetch_user('no_user', 'Default')).to be_falsey - end - - it 'should return the user' do - klass.expects(:openstack) - .with('user', 'show', '--format', 'shell', ['The User', '--domain', 'Default']) - .returns(' -name="The User" -id="the_user_id" -') - expect(klass.fetch_user('The User', 'Default')).to eq({:name=>"The User", :id=>"the_user_id"}) - end - end - - describe '#get_admin_endpoint' do - it 'should return nothing if there is no keystone config file' do - expect(klass.get_admin_endpoint).to be_nil - end - - it 'should use the admin_endpoint from keystone config file with no trailing slash' do - mock = {'DEFAULT' => {'admin_endpoint' => 'https://keystone.example.com/'}} - File.expects(:exists?).with("/etc/keystone/keystone.conf").returns(true) - Puppet::Util::IniConfig::File.expects(:new).returns(mock) - mock.expects(:read).with('/etc/keystone/keystone.conf') - expect(klass.get_admin_endpoint).to eq('https://keystone.example.com') - end - - it 'should use the specified bind_host in the admin endpoint' do - mock = {'DEFAULT' => {'admin_bind_host' => '192.168.56.210', 'admin_port' => '5001' }} - File.expects(:exists?).with("/etc/keystone/keystone.conf").returns(true) - Puppet::Util::IniConfig::File.expects(:new).returns(mock) - mock.expects(:read).with('/etc/keystone/keystone.conf') - expect(klass.get_admin_endpoint).to eq('http://192.168.56.210:5001') - end - - it 'should use localhost in the admin endpoint if bind_host is 0.0.0.0' do - mock = {'DEFAULT' => { 'admin_bind_host' => '0.0.0.0', 'admin_port' => '5001' }} - File.expects(:exists?).with("/etc/keystone/keystone.conf").returns(true) - Puppet::Util::IniConfig::File.expects(:new).returns(mock) - mock.expects(:read).with('/etc/keystone/keystone.conf') - expect(klass.get_admin_endpoint).to eq('http://127.0.0.1:5001') - end - - it 'should use [::1] in the admin endpoint if bind_host is ::0' do - mock = {'DEFAULT' => { 'admin_bind_host' => '::0', 'admin_port' => '5001' }} - File.expects(:exists?).with("/etc/keystone/keystone.conf").returns(true) - Puppet::Util::IniConfig::File.expects(:new).returns(mock) - mock.expects(:read).with('/etc/keystone/keystone.conf') - expect(klass.get_admin_endpoint).to eq('http://[::1]:5001') - end - - it 'should use [2620:52:0:23a9::25] in the admin endpoint if bind_host is 2620:52:0:23a9::25' do - mock = {'DEFAULT' => { 'admin_bind_host' => '2620:52:0:23a9::25', 'admin_port' => '5001' }} - File.expects(:exists?).with("/etc/keystone/keystone.conf").returns(true) - Puppet::Util::IniConfig::File.expects(:new).returns(mock) - mock.expects(:read).with('/etc/keystone/keystone.conf') - expect(klass.get_admin_endpoint).to eq('http://[2620:52:0:23a9::25]:5001') - end - - it 'should use localhost in the admin endpoint if bind_host is unspecified' do - mock = {'DEFAULT' => { 'admin_port' => '5001' }} - File.expects(:exists?).with("/etc/keystone/keystone.conf").returns(true) - Puppet::Util::IniConfig::File.expects(:new).returns(mock) - mock.expects(:read).with('/etc/keystone/keystone.conf') - expect(klass.get_admin_endpoint).to eq('http://127.0.0.1:5001') - end - - it 'should use https if ssl is enabled' do - mock = {'DEFAULT' => {'admin_bind_host' => '192.168.56.210', 'admin_port' => '5001' }, 'ssl' => {'enable' => 'True'}} - File.expects(:exists?).with("/etc/keystone/keystone.conf").returns(true) - Puppet::Util::IniConfig::File.expects(:new).returns(mock) - mock.expects(:read).with('/etc/keystone/keystone.conf') - expect(klass.get_admin_endpoint).to eq('https://192.168.56.210:5001') - end - - it 'should use http if ssl is disabled' do - mock = {'DEFAULT' => {'admin_bind_host' => '192.168.56.210', 'admin_port' => '5001' }, 'ssl' => {'enable' => 'False'}} - File.expects(:exists?).with("/etc/keystone/keystone.conf").returns(true) - Puppet::Util::IniConfig::File.expects(:new).returns(mock) - mock.expects(:read).with('/etc/keystone/keystone.conf') - expect(klass.get_admin_endpoint).to eq('http://192.168.56.210:5001') - end - end - - describe '#get_auth_url' do - it 'should return nothing when OS_AUTH_URL is no defined in either the environment or the openrc file and there is no keystone configuration file' do - home = ENV['HOME'] - ENV.clear - File.expects(:exists?).with("#{home}/openrc").returns(false) - File.expects(:exists?).with('/root/openrc').returns(false) - File.expects(:exists?).with("/etc/keystone/keystone.conf").returns(false) - expect(klass.get_auth_url).to be_nil - end - - it 'should return the OS_AUTH_URL from the environment' do - ENV.clear - ENV['OS_AUTH_URL'] = 'http://127.0.0.1:5001' - expect(klass.get_auth_url).to eq('http://127.0.0.1:5001') - end - - it 'should return the OS_AUTH_URL from the openrc file when there is no OS_AUTH_URL in the environment' do - home = ENV['HOME'] - ENV.clear - mock = {'OS_AUTH_URL' => 'http://127.0.0.1:5001'} - klass.expects(:get_os_vars_from_rcfile).with("#{home}/openrc").returns(mock) - expect(klass.get_auth_url).to eq('http://127.0.0.1:5001') - end - - it 'should use admin_endpoint when nothing else is available' do - ENV.clear - mock = 'http://127.0.0.1:5001' - klass.expects(:admin_endpoint).returns(mock) - expect(klass.get_auth_url).to eq('http://127.0.0.1:5001') - end - end - - describe '#get_service_url when retrieving the security token' do - it 'should return nothing when OS_URL is not defined in environment' do - ENV.clear - expect(klass.get_service_url).to be_nil - end - - it 'should return the OS_URL from the environment' do - ENV['OS_URL'] = 'http://127.0.0.1:5001/v3' - expect(klass.get_service_url).to eq('http://127.0.0.1:5001/v3') - end - - it 'should use admin_endpoint with the API version number' do - ENV.clear - mock = 'http://127.0.0.1:5001' - klass.expects(:admin_endpoint).twice.returns(mock) - expect(klass.get_service_url).to eq('http://127.0.0.1:5001/v3') - end - end - - describe '#set_domain_for_name' do - it 'should raise an error if the domain is not provided' do - expect do - klass.set_domain_for_name('name', nil) - end.to raise_error(Puppet::Error, /Missing domain name for resource/) - end - - it 'should return the name only when the provided domain is the default domain id' do - klass.expects(:default_domain_id) - .returns('default') - klass.expects(:openstack) - .with('domain', 'show', '--format', 'shell', 'Default') - .returns(' -name="Default" -id="default" -') - expect(klass.set_domain_for_name('name', 'Default')).to eq('name') - end - - it 'should return the name and domain when the provided domain is not the default domain id' do - klass.expects(:default_domain_id) - .returns('default') - klass.expects(:openstack) - .with('domain', 'show', '--format', 'shell', 'Other Domain') - .returns(' -name="Other Domain" -id="other_domain_id" -') - expect(klass.set_domain_for_name('name', 'Other Domain')).to eq('name::Other Domain') - end - - it 'should return the name only if the domain cannot be fetched' do - klass.expects(:default_domain_id) - .returns('default') - klass.expects(:openstack) - .with('domain', 'show', '--format', 'shell', 'Unknown Domain') - .returns('') - expect(klass.set_domain_for_name('name', 'Unknown Domain')).to eq('name') - end - end - - describe 'when retrieving the security token' do - it 'should return nothing if there is no keystone config file' do - File.expects(:exists?).with("/etc/keystone/keystone.conf").returns(false) - expect(klass.get_admin_token).to be_nil - end - - it 'should return nothing if the keystone config file does not have a DEFAULT section' do - mock = {} - File.expects(:exists?).with("/etc/keystone/keystone.conf").returns(true) - Puppet::Util::IniConfig::File.expects(:new).returns(mock) - mock.expects(:read).with('/etc/keystone/keystone.conf') - expect(klass.get_admin_token).to be_nil - end - - it 'should fail if the keystone config file does not contain an admin token' do - mock = {'DEFAULT' => {'not_a_token' => 'foo'}} - File.expects(:exists?).with("/etc/keystone/keystone.conf").returns(true) - Puppet::Util::IniConfig::File.expects(:new).returns(mock) - mock.expects(:read).with('/etc/keystone/keystone.conf') - expect(klass.get_admin_token).to be_nil - end - - it 'should parse the admin token if it is in the config file' do - mock = {'DEFAULT' => {'admin_token' => 'foo'}} - File.expects(:exists?).with("/etc/keystone/keystone.conf").returns(true) - Puppet::Util::IniConfig::File.expects(:new).returns(mock) - mock.expects(:read).with('/etc/keystone/keystone.conf') - expect(klass.get_admin_token).to eq('foo') - end - end - - describe 'when using domains' do - before(:each) do - set_env - end - - it 'should list all domains when requesting a domain name from an ID' do - klass.expects(:openstack) - .with('domain', 'list', '--quiet', '--format', 'csv', []) - .returns('"ID","Name","Enabled","Description" -"somename","SomeName",True,"default domain" -') - expect(klass.domain_name_from_id('somename')).to eq('SomeName') - end - it 'should lookup a domain when not found in the hash' do - klass.expects(:openstack) - .with('domain', 'list', '--quiet', '--format', 'csv', []) - .returns('"ID","Name","Enabled","Description" -"somename","SomeName",True,"default domain" -') - klass.expects(:openstack) - .with('domain', 'show', '--format', 'shell', 'another') - .returns(' -name="AnOther" -id="another" -') - expect(klass.domain_name_from_id('somename')).to eq('SomeName') - expect(klass.domain_name_from_id('another')).to eq('AnOther') - end - it 'should print an error when there is no such domain' do - klass.expects(:openstack) - .with('domain', 'list', '--quiet', '--format', 'csv', []) - .returns('"ID","Name","Enabled","Description" -"somename","SomeName",True,"default domain" -') - klass.expects(:openstack) - .with('domain', 'show', '--format', 'shell', 'doesnotexist') - .returns(' -') - klass.expects(:err) - .with('Could not find domain with id [doesnotexist]') - expect(klass.domain_name_from_id('doesnotexist')).to eq(nil) - end - end -end diff --git a/keystone/spec/unit/provider/keystone_tenant/openstack_spec.rb b/keystone/spec/unit/provider/keystone_tenant/openstack_spec.rb deleted file mode 100644 index ce2532342..000000000 --- a/keystone/spec/unit/provider/keystone_tenant/openstack_spec.rb +++ /dev/null @@ -1,271 +0,0 @@ -require 'puppet' -require 'spec_helper' -require 'puppet/provider/keystone_tenant/openstack' - -setup_provider_tests - -provider_class = Puppet::Type.type(:keystone_tenant).provider(:openstack) - -describe provider_class do - - after :each do - provider_class.reset - end - - let(:resource_attrs) do - { - :name => 'project_one', - :description => 'Project One', - :ensure => 'present', - :enabled => 'True' - } - end - - let(:resource) do - Puppet::Type::Keystone_tenant.new(resource_attrs) - end - - let(:provider) do - provider_class.new(resource) - end - - def before_hook(domainlist, provider_class) - if domainlist - provider_class.expects(:openstack).once - .with('domain', 'list', '--quiet', '--format', 'csv', []) - .returns('"ID","Name","Enabled","Description" -"domain_one_id","domain_one",True,"project_one domain" -"domain_two_id","domain_two",True,"domain_two domain" -"another_domain_id","another_domain",True,"another domain" -"disabled_domain_id","disabled_domain",False,"disabled domain" -"default","Default",True,"the default domain" -') - end - end - - before :each, :domainlist => true do - before_hook(true, provider_class) - end - - before :each, :domainlist => false do - before_hook(false, provider_class) - end - - let(:set_env) do - ENV['OS_USERNAME'] = 'test' - ENV['OS_PASSWORD'] = 'abc123' - ENV['OS_PROJECT_NAME'] = 'test' - ENV['OS_AUTH_URL'] = 'http://127.0.0.1:35357/v3' - end - - before(:each) do - set_env - end - - describe 'when managing a tenant' do - - describe '#create', :domainlist => false do - it 'creates a tenant' do - provider.class.expects(:openstack) - .with('project', 'create', '--format', 'shell', ['project_one', '--enable', '--description', 'Project One', '--domain', 'Default']) - .returns('description="Project One" -enabled="True" -name="project_one" -id="project_one" -domain_id="domain_one_id" -') - provider.create - expect(provider.exists?).to be_truthy - end - end - - describe '#destroy', :domainlist => false do - it 'destroys a tenant' do - provider.instance_variable_get('@property_hash')[:id] = 'my-project-id' - provider.class.expects(:openstack) - .with('project', 'delete', 'my-project-id') - provider.destroy - expect(provider.exists?).to be_falsey - end - end - - context 'when tenant does not exist', :domainlist => false do - it 'exists? should be false' do - expect(provider.exists?).to be_falsey - end - end - - describe '#instances', :domainlist => true do - it 'finds every tenant' do - provider_class.expects(:openstack) - .with('project', 'list', '--quiet', '--format', 'csv', '--long') - .returns('"ID","Name","Domain ID","Description","Enabled" -"1cb05cfed7c24279be884ba4f6520262","project_one","domain_one_id","Project One",True -"2cb05cfed7c24279be884ba4f6520262","project_one","domain_two_id","Project One, domain Two",True -') - instances = provider.class.instances - expect(instances[0].name).to eq('project_one::domain_one') - expect(instances[0].domain).to eq('domain_one') - expect(instances[1].name).to eq('project_one::domain_two') - expect(instances[1].domain).to eq('domain_two') - end - end - - describe '#prefetch' do - before(:each) do - provider_class.expects(:domain_name_from_id).with('default').returns('Default') - provider_class.expects(:domain_name_from_id).with('domain_two_id').returns('domain_two') - # There are one for self.instance and one for each Puppet::Type.type calls. - provider.class.expects(:openstack) - .with('project', 'list', '--quiet', '--format', 'csv', '--long') - .returns('"ID","Name","Domain ID","Description","Enabled" -"1cb05cfed7c24279be884ba4f6520262","project_one","default","A project",True -"2cb05cfed7c24279be884ba4f6520262","project_one","domain_two_id","A domain_two",True -') - end - let(:resources) do - [Puppet::Type.type(:keystone_tenant).new(:title => 'project_one', :ensure => :absent), - Puppet::Type.type(:keystone_tenant).new(:title => 'non_existant', :ensure => :absent)] - end - include_examples 'prefetch the resources' - end - - describe '#flush' do - context '.enable' do - describe '-> false' do - it 'properly set enable to false' do - provider_class.expects(:openstack) - .with('project', 'set', ['37b7086693ec482389799da5dc546fa4', '--disable']) - .returns('""') - provider.expects(:id).returns('37b7086693ec482389799da5dc546fa4') - provider.enabled = :false - provider.flush - end - end - describe '-> true' do - it 'properly set enable to true' do - provider_class.expects(:openstack) - .with('project', 'set', ['37b7086693ec482389799da5dc546fa4', '--enable']) - .returns('""') - provider.expects(:id).returns('37b7086693ec482389799da5dc546fa4') - provider.enabled = :true - provider.flush - end - end - end - context '.description' do - it 'change the description' do - provider_class.expects(:openstack) - .with('project', 'set', ['37b7086693ec482389799da5dc546fa4', - '--description=new description']) - .returns('""') - provider.expects(:id).returns('37b7086693ec482389799da5dc546fa4') - provider.expects(:resource).returns(:description => 'new description') - provider.description = 'new description' - provider.flush - end - end - context '.enable/description' do - it 'properly change the enable and the description' do - provider_class.expects(:openstack) - .with('project', 'set', ['37b7086693ec482389799da5dc546fa4', '--disable', - '--description=new description']) - .returns('""') - provider.expects(:id).returns('37b7086693ec482389799da5dc546fa4') - provider.expects(:resource).returns(:description => 'new description') - provider.enabled = :false - provider.description = 'new description' - provider.flush - end - end - end - end - - context 'when managing a tenant using v3 domain' do - describe '#create' do - describe 'with domain in resource', :domainlist => false do - before(:each) do - provider_class.expects(:openstack) - .with('project', 'create', '--format', 'shell', ['project_one', '--enable', '--description', 'Project One', '--domain', 'domain_one']) - .returns('description="Project One" -enabled="True" -name="project_one" -id="project-id" -domain_id="domain_one_id" -') - end - include_examples 'create the correct resource', [ - { - 'expected_results' => { - :domain => 'domain_one', - :id => 'project-id', - :name => 'project_one' - } - }, - { - 'domain in parameter' => { - :name => 'project_one', - :description => 'Project One', - :ensure => 'present', - :enabled => 'True', - :domain => 'domain_one' - } - }, - { - 'domain in title' => { - :title => 'project_one::domain_one', - :description => 'Project One', - :ensure => 'present', - :enabled => 'True' - } - }, - { - 'domain in parameter override domain in title' => { - :title => 'project_one::domain_two', - :description => 'Project One', - :ensure => 'present', - :enabled => 'True', - :domain => 'domain_one' - } - } - ] - end - end - - describe '#prefetch' do - before(:each) do - provider_class.expects(:domain_name_from_id) - .with('domain_one_id').returns('domain_one') - provider_class.expects(:domain_name_from_id) - .with('domain_two_id').returns('domain_two') - provider_class.expects(:openstack) - .with('project', 'list', '--quiet', '--format', 'csv', '--long') - .returns('"ID","Name","Domain ID","Description","Enabled" -"1cb05cfed7c24279be884ba4f6520262","name","domain_one_id","A project_one",True -"2cb05cfed7c24279be884ba4f6520262","project_one","domain_two_id","A domain_two",True -') - end - let(:resources) do - [ - Puppet::Type.type(:keystone_tenant) - .new(:title => 'name::domain_one', :ensure => :absent), - Puppet::Type.type(:keystone_tenant) - .new(:title => 'noex::domain_one', :ensure => :absent) - ] - end - include_examples 'prefetch the resources' - end - - context 'different name, identical resource' do - let(:resources) do - [ - Puppet::Type.type(:keystone_tenant) - .new(:title => 'name::domain_one', :ensure => :present), - Puppet::Type.type(:keystone_tenant) - .new(:title => 'name', :domain => 'domain_one', :ensure => :present) - ] - end - include_examples 'detect duplicate resource' - end - end -end diff --git a/keystone/spec/unit/provider/keystone_user/openstack_spec.rb b/keystone/spec/unit/provider/keystone_user/openstack_spec.rb deleted file mode 100644 index 6357ef859..000000000 --- a/keystone/spec/unit/provider/keystone_user/openstack_spec.rb +++ /dev/null @@ -1,341 +0,0 @@ -require 'puppet' -require 'spec_helper' -require 'puppet/provider/keystone_user/openstack' -require 'puppet/provider/openstack' - -setup_provider_tests - -describe Puppet::Type.type(:keystone_user).provider(:openstack) do - - let(:set_env) do - ENV['OS_USERNAME'] = 'test' - ENV['OS_PASSWORD'] = 'abc123' - ENV['OS_PROJECT_NAME'] = 'test' - ENV['OS_AUTH_URL'] = 'http://127.0.0.1:5000' - end - - after :each do - described_class.reset - Puppet::Type.type(:keystone_tenant).provider(:openstack).reset - end - - let(:resource_attrs) do - { - :name => 'user1', - :ensure => :present, - :enabled => 'True', - :password => 'secret', - :email => 'user1@example.com', - :domain => 'domain1' - } - end - - let(:resource) do - Puppet::Type::Keystone_user.new(resource_attrs) - end - - let(:provider) do - described_class.new(resource) - end - - before(:each) { set_env } - - describe 'when managing a user' do - describe '#create' do - it 'creates a user' do - described_class.expects(:openstack) - .with('user', 'create', '--format', 'shell', ['user1', '--enable', '--password', 'secret', '--email', 'user1@example.com', '--domain', 'domain1']) - .returns('email="user1@example.com" -enabled="True" -id="user1_id" -name="user1" -username="user1" -') - provider.create - expect(provider.exists?).to be_truthy - end - end - - describe '#destroy' do - it 'destroys a user' do - provider.expects(:id).returns('my-user-id') - described_class.expects(:openstack) - .with('user', 'delete', 'my-user-id') - provider.destroy - end - end - - describe '#exists' do - context 'when user does not exist' do - it 'should detect it' do - described_class.expects(:openstack) - .with('domain', 'list', '--quiet', '--format', 'csv', []) - .returns('"ID","Name","Enabled","Description" -"default","Default",True,"default" -"domain1_id","domain1",True,"domain1" -"domain2_id","domain2",True,"domain2" -"domain3_id","domain3",True,"domain3" -') - described_class.expects(:openstack) - .with('user', 'show', '--format', 'shell', - ['user1', '--domain', 'domain1_id']) - .returns('') - expect(provider.exists?).to be_falsey - end - end - end - - describe '#flush' do - context '.enable' do - describe '-> false' do - it 'properly set enable to false' do - described_class.expects(:openstack) - .with('user', 'set', ['--disable', '37b7086693ec482389799da5dc546fa4']) - .returns('""') - provider.expects(:id).returns('37b7086693ec482389799da5dc546fa4') - provider.enabled = :false - provider.flush - end - end - describe '-> true' do - it 'properly set enable to true' do - described_class.expects(:openstack) - .with('user', 'set', ['--enable', '37b7086693ec482389799da5dc546fa4']) - .returns('""') - provider.expects(:id).returns('37b7086693ec482389799da5dc546fa4') - provider.enabled = :true - provider.flush - end - end - end - context '.email' do - it 'change the mail' do - described_class.expects(:openstack) - .with('user', 'set', ['--email', 'new email', - '37b7086693ec482389799da5dc546fa4']) - .returns('""') - provider.expects(:id).returns('37b7086693ec482389799da5dc546fa4') - provider.expects(:resource).returns(:email => 'new email') - provider.email = 'new email' - provider.flush - end - end - end - end - - describe '#password' do - let(:resource_attrs) do - { - :name => 'user_one', - :ensure => 'present', - :enabled => 'True', - :password => 'pass_one', - :email => 'user_one@example.com', - :domain => 'domain1' - } - end - - let(:resource) do - Puppet::Type::Keystone_user.new(resource_attrs) - end - - let :provider do - described_class.new(resource) - end - - it 'checks the password' do - mock_creds = Puppet::Provider::Openstack::CredentialsV3.new - mock_creds.auth_url = 'http://127.0.0.1:5000' - mock_creds.password = 'pass_one' - mock_creds.username = 'user_one' - mock_creds.user_id = 'project1_id' - mock_creds.project_id = 'project-id-1' - Puppet::Provider::Openstack::CredentialsV3.expects(:new).returns(mock_creds) - - described_class.expects(:openstack) - .with('project', 'list', '--quiet', '--format', 'csv', - ['--user', 'user1_id', '--long']) - .returns('"ID","Name","Domain ID","Description","Enabled" -"project-id-1","domain_one","domain1_id","Domain One",True -') - Puppet::Provider::Openstack.expects(:openstack) - .with('token', 'issue', ['--format', 'value']) - .returns('2015-05-14T04:06:05Z -e664a386befa4a30878dcef20e79f167 -8dce2ae9ecd34c199d2877bf319a3d06 -ac43ec53d5a74a0b9f51523ae41a29f0 -') - provider.expects(:id).times(2).returns('user1_id') - password = provider.password - expect(password).to eq('pass_one') - end - - it 'fails the password check' do - described_class.expects(:openstack) - .with('project', 'list', '--quiet', '--format', 'csv', - ['--user', 'user1_id', '--long']) - .returns('"ID","Name","Domain ID","Description","Enabled" -"project-id-1","domain_one","domain1_id","Domain One",True -') - Puppet::Provider::Openstack.expects(:openstack) - .with('token', 'issue', ['--format', 'value']) - .raises(Puppet::ExecutionFailure, 'HTTP 401 invalid authentication') - provider.expects(:id).times(2).returns('user1_id') - password = provider.password - expect(password).to eq(nil) - end - - it 'checks the password with domain scoped token' do - provider.expects(:id).twice.returns('project1_id') - provider.expects(:domain).returns('domain1') - mock_creds = Puppet::Provider::Openstack::CredentialsV3.new - mock_creds.auth_url = 'http://127.0.0.1:5000' - mock_creds.password = 'foo' - mock_creds.username = 'foo' - mock_creds.user_id = 'project1_id' - mock_creds.domain_name = 'domain1' - Puppet::Provider::Openstack::CredentialsV3.expects(:new).returns(mock_creds) - described_class.expects(:openstack) - .with('project', 'list', '--quiet', '--format', 'csv', - ['--user', 'project1_id', '--long']) - .returns('"ID","Name","Domain ID","Description","Enabled" -') - Puppet::Provider::Openstack.expects(:openstack) - .with('token', 'issue', ['--format', 'value']) - .returns('2015-05-14T04:06:05Z -e664a386befa4a30878dcef20e79f167 -8dce2ae9ecd34c199d2877bf319a3d06 -ac43ec53d5a74a0b9f51523ae41a29f0 -') - password = provider.password - expect(password).to eq('pass_one') - end - end - - describe 'when updating a user with unmanaged password' do - - describe 'when updating a user with unmanaged password' do - - let(:resource_attrs) do - { - :name => 'user1', - :ensure => 'present', - :enabled => 'True', - :password => 'secret', - :replace_password => 'False', - :email => 'user1@example.com', - :domain => 'domain1' - } - end - - let(:resource) do - Puppet::Type::Keystone_user.new(resource_attrs) - end - - let :provider do - described_class.new(resource) - end - - it 'should not try to check password' do - expect(provider.password).to eq('secret') - end - end - end - - describe 'when managing an user using v3 domains' do - describe '#create' do - context 'domain provided' do - before(:each) do - described_class.expects(:openstack) - .with('user', 'create', '--format', 'shell', ['user1', '--enable', '--password', 'secret', '--email', 'user1@example.com', '--domain', 'domain1']) - .returns('email="user1@example.com" -enabled="True" -id="user1_id" -name="user1" -username="user1" -') - end - include_examples 'create the correct resource', [ - { - 'expected_results' => { - :id => 'user1_id', - :name => 'user1', - :domain => 'domain1' - } - }, - { - 'domain in parameter' => { - :name => 'user1', - :ensure => 'present', - :enabled => 'True', - :password => 'secret', - :email => 'user1@example.com', - :domain => 'domain1' - } - }, - { - 'domain in title' => { - :title => 'user1::domain1', - :ensure => 'present', - :enabled => 'True', - :password => 'secret', - :email => 'user1@example.com' - } - }, - { - 'domain in parameter override domain in title' => { - :title => 'user1::foobar', - :ensure => 'present', - :enabled => 'True', - :password => 'secret', - :email => 'user1@example.com', - :domain => 'domain1' - } - } - ] - end - context 'domain not provided' do - before(:each) do - described_class.expects(:openstack) - .with('user', 'create', '--format', 'shell', ['user1', '--enable', '--password', 'secret', '--email', 'user1@example.com', '--domain', 'Default']) - .returns('email="user1@example.com" -enabled="True" -id="user1_id" -name="user1" -username="user1" -') - end - include_examples 'create the correct resource', [ - { - 'expected_results' => { - :domain => 'Default', - :id => 'user1_id', - :name => 'user1', - } - }, - { - 'domain in parameter' => { - :name => 'user1', - :ensure => 'present', - :enabled => 'True', - :password => 'secret', - :email => 'user1@example.com' - } - } - ] - end - end - - context 'different name, identical resource' do - let(:resources) do - [ - Puppet::Type.type(:keystone_user) - .new(:title => 'name::domain_one', :ensure => :present), - Puppet::Type.type(:keystone_user) - .new(:title => 'name', :domain => 'domain_one', :ensure => :present) - ] - end - include_examples 'detect duplicate resource' - end - end -end diff --git a/keystone/spec/unit/provider/keystone_user_role/openstack_spec.rb b/keystone/spec/unit/provider/keystone_user_role/openstack_spec.rb deleted file mode 100644 index 9178b80a5..000000000 --- a/keystone/spec/unit/provider/keystone_user_role/openstack_spec.rb +++ /dev/null @@ -1,218 +0,0 @@ -require 'puppet' -require 'spec_helper' -require 'puppet/provider/keystone_user_role/openstack' - -setup_provider_tests - -describe Puppet::Type.type(:keystone_user_role).provider(:openstack) do - - let(:set_env) do - ENV['OS_USERNAME'] = 'test' - ENV['OS_PASSWORD'] = 'abc123' - ENV['OS_PROJECT_NAME'] = 'test' - ENV['OS_AUTH_URL'] = 'http://127.0.0.1:5000' - end - - before(:each) { set_env } - - after(:each) { described_class.reset } - - describe 'when managing a user\'s role' do - let(:resource_attrs) do - { - :title => 'user1::domain1@project1::domain1', - :ensure => 'present', - :roles => %w(role1 role2) - } - end - - let(:resource) do - Puppet::Type::Keystone_user_role.new(resource_attrs) - end - - let(:provider) do - described_class.new(resource) - end - - describe '#create' do - before(:each) do - - described_class.expects(:openstack) - .with('role', 'list', '--quiet', '--format', 'csv', - ['--project', 'project1_id', '--user', 'user1_id']) - .returns('"ID","Name","Project","User" -"role1_id","role1","project1","user1" -"role2_id","role2","project1","user1" -') - described_class.expects(:openstack) - .with('role', 'add', - ['role1', '--project', 'project1_id', '--user', 'user1_id']) - described_class.expects(:openstack) - .with('role', 'add', - ['role2', '--project', 'project1_id', '--user', 'user1_id']) - described_class.expects(:openstack) - .with('project', 'show', '--format', 'shell', - ['project1', '--domain', 'domain1']) - .returns('name="project1" -id="project1_id" -') - described_class.expects(:openstack) - .with('user', 'show', '--format', 'shell', - ['user1', '--domain', 'domain1']) - .returns('name="user1" -id="user1_id" -') - end - include_examples 'create the correct resource', [ - { - 'expected_results' => {} - }, - { - 'all in the title' => { - :title => 'user1::domain1@project1::domain1', - :ensure => 'present', - :roles => %w(role1 role2) - } - }, - { - 'user complete and project in the params' => { - :title => 'user1::domain1@project1', - :ensure => 'present', - :project_domain => 'domain1', - :roles => %w(role1 role2) - } - }, - { - 'user and project in the params' => { - :title => 'user1@project1', - :ensure => 'present', - :project_domain => 'domain1', - :user_domain => 'domain1', - :roles => %w(role1 role2) - } - }, - { - 'project complet and user in the params' => { - :title => 'user1@project1::domain1', - :ensure => 'present', - :user_domain => 'domain1', - :roles => %w(role1 role2) - } - } - ] - end - - describe '#destroy' do - it 'removes all the roles from a user' do - provider.instance_variable_get('@property_hash')[:roles] = ['role1', 'role2'] - described_class.expects(:openstack) - .with('role', 'remove', - ['role1', '--project', 'project1_id', '--user', 'user1_id']) - described_class.expects(:openstack) - .with('role', 'remove', - ['role2', '--project', 'project1_id', '--user', 'user1_id']) - described_class.expects(:openstack) - .with('project', 'show', '--format', 'shell', - ['project1', '--domain', 'domain1']) - .returns('name="project1" -id="project1_id" -') - described_class.expects(:openstack) - .with('user', 'show', '--format', 'shell', - ['user1', '--domain', 'domain1']) - .returns('name="user1" -id="user1_id" -') - described_class.expects(:openstack) - .with('role', 'list', '--quiet', '--format', 'csv', - ['--project', 'project1_id', '--user', 'user1_id']) - .returns('"ID","Name","Project","User" -') - provider.destroy - expect(provider.exists?).to be_falsey - end - end - - describe '#exists' do - subject(:response) do - described_class.expects(:openstack) - .with('role', 'list', '--quiet', '--format', 'csv', - ['--project', 'project1_id', '--user', 'user1_id']) - .returns('"ID","Name","Project","User" -"role1_id","role1","project1","user1" -"role2_id","role2","project1","user1" -') - described_class.expects(:openstack) - .with('project', 'show', '--format', 'shell', - ['project1', '--domain', 'domain1']) - .returns('name="project1" -id="project1_id" -') - described_class.expects(:openstack) - .with('user', 'show', '--format', 'shell', - ['user1', '--domain', 'domain1']) - .returns('name="user1" -id="user1_id" -') - provider.exists? - end - - it { is_expected.to be_truthy } - end - - describe '#roles=' do - let(:resource_attrs) do - { - :title => 'user_one@project_one', - :ensure => 'present', - :roles => %w(one two) - } - end - - it 'applies new roles' do - provider.expects(:roles).returns(%w(role_one role_two)) - described_class.expects(:openstack) - .with('role', 'remove', - ['role_one', '--project', 'project1_id', '--user', 'user1_id']) - described_class.expects(:openstack) - .with('role', 'remove', - ['role_two', '--project', 'project1_id', '--user', 'user1_id']) - described_class.expects(:openstack) - .with('role', 'add', - ['one', '--project', 'project1_id', '--user', 'user1_id']) - described_class.expects(:openstack) - .with('role', 'add', - ['two', '--project', 'project1_id', '--user', 'user1_id']) - described_class.expects(:openstack) - .with('project', 'show', '--format', 'shell', - ['project_one', '--domain', 'Default']) - .returns('name="project_one" -id="project1_id" -') - described_class.expects(:openstack) - .with('user', 'show', '--format', 'shell', - ['user_one', '--domain', 'Default']) - .returns('name="role_one" -id="user1_id" -') - provider.roles = %w(one two) - end - end - - context 'different name, identical resource' do - let(:resources) do - [ - Puppet::Type.type(:keystone_user_role) - .new(:title => 'user::domain_user@project::domain_project', - :ensure => :present), - Puppet::Type.type(:keystone_user_role) - .new(:title => 'user@project', - :user_domain => 'domain_user', - :project_domain => 'domain_project', - :ensure => :present) - ] - end - include_examples 'detect duplicate resource' - end - end -end diff --git a/keystone/spec/unit/type/keystone_config_spec.rb b/keystone/spec/unit/type/keystone_config_spec.rb deleted file mode 100644 index 8c128dd41..000000000 --- a/keystone/spec/unit/type/keystone_config_spec.rb +++ /dev/null @@ -1,32 +0,0 @@ -require 'spec_helper' -# this hack is required for now to ensure that the path is set up correctly -# to retrive the parent provider -$LOAD_PATH.push( - File.join( - File.dirname(__FILE__), - '..', - '..', - 'fixtures', - 'modules', - 'inifile', - 'lib') -) -require 'puppet' -require 'puppet/type/keystone_config' - -describe 'Puppet::Type.type(:keystone_config)' do - before :each do - @keystone_config = Puppet::Type.type(:keystone_config).new(:name => 'DEFAULT/foo', :value => 'bar') - end - - it 'should autorequire the package that install the file' do - catalog = Puppet::Resource::Catalog.new - package = Puppet::Type.type(:package).new(:name => 'keystone') - catalog.add_resource package, @keystone_config - dependency = @keystone_config.autorequire - expect(dependency.size).to eq(1) - expect(dependency[0].target).to eq(@keystone_config) - expect(dependency[0].source).to eq(package) - end - -end diff --git a/keystone/spec/unit/type/keystone_domain_config_spec.rb b/keystone/spec/unit/type/keystone_domain_config_spec.rb deleted file mode 100644 index 28eeeac15..000000000 --- a/keystone/spec/unit/type/keystone_domain_config_spec.rb +++ /dev/null @@ -1,35 +0,0 @@ -require 'puppet' -require 'puppet/type/keystone_domain_config' - -describe 'Puppet::Type.type(:keystone_domain_config)' do - let(:keystone_domain_config) do - Puppet::Type.type(:keystone_domain_config) - .new(:name => 'service::DEFAULT/foo', :value => 'bar') - end - - let(:catalog) { Puppet::Resource::Catalog.new } - - it 'should autorequire the directory holding the configurations' do - directory = Puppet::Type.type(:file).new( - :name => '/etc/keystone/domains', - :ensure => 'directory' - ) - catalog.add_resource directory, keystone_domain_config - dependency = keystone_domain_config.autorequire - expect(dependency.size).to eq(1) - expect(dependency[0].target).to eq(keystone_domain_config) - expect(dependency[0].source).to eq(directory) - end - - it 'should autorequire the keystone_config identity/domain_config_dir' do - keystone_config = Puppet::Type.type(:keystone_config).new( - :name => 'identity/domain_config_dir', - :value => '/tmp' - ) - catalog.add_resource keystone_config, keystone_domain_config - dependency = keystone_domain_config.autorequire - expect(dependency.size).to eq(1) - expect(dependency[0].target).to eq(keystone_domain_config) - expect(dependency[0].source).to eq(keystone_config) - end -end diff --git a/keystone/spec/unit/type/keystone_endpoint_spec.rb b/keystone/spec/unit/type/keystone_endpoint_spec.rb deleted file mode 100644 index d13d0bb41..000000000 --- a/keystone/spec/unit/type/keystone_endpoint_spec.rb +++ /dev/null @@ -1,60 +0,0 @@ -require 'spec_helper' -require 'puppet' -require 'puppet/type/keystone_endpoint' - -describe Puppet::Type.type(:keystone_endpoint) do - - describe 'region_one/endpoint_name::type_one' do - include_examples 'parse title correctly', - :name => 'endpoint_name', - :region => 'region_one', - :type => 'type_one' - end - - describe 'new_endpoint_without_region::type' do - include_examples 'croak on the required parameter', - 'Parameter region failed on Keystone_endpoint[new_endpoint_without_region]:' - end - - describe '#autorequire' do - let(:service_one) do - Puppet::Type.type(:keystone_service).new(:title => 'service_one', :type => 'type_one') - end - - let(:service_two) do - Puppet::Type.type(:keystone_service).new(:title => 'service_one::type_two') - end - - let(:service_three) do - Puppet::Type.type(:keystone_service).new(:title => 'service_two::type_one') - end - - context 'domain autorequire from title' do - let(:endpoint) do - Puppet::Type.type(:keystone_endpoint).new(:title => 'region_one/service_one::type_one') - end - describe 'should require the correct domain' do - let(:resources) { [endpoint, service_one, service_two] } - include_examples 'autorequire the correct resources' - end - end - context 'domain autorequire from title without type (to be removed at Mitaka)' do - let(:endpoint) do - Puppet::Type.type(:keystone_endpoint).new(:title => 'region_one/service_one') - end - describe 'should require the correct domain' do - let(:resources) { [endpoint, service_one, service_two] } - include_examples 'autorequire the correct resources' - end - end - context 'domain autorequire from title without type on fq service name (to be removed at Mitaka)' do - let(:endpoint) do - Puppet::Type.type(:keystone_endpoint).new(:title => 'region_one/service_two') - end - describe 'should require the correct domain' do - let(:resources) { [endpoint, service_three, service_one] } - include_examples 'autorequire the correct resources' - end - end - end -end diff --git a/keystone/spec/unit/type/keystone_identity_provider_spec.rb b/keystone/spec/unit/type/keystone_identity_provider_spec.rb deleted file mode 100644 index c1db02bb9..000000000 --- a/keystone/spec/unit/type/keystone_identity_provider_spec.rb +++ /dev/null @@ -1,123 +0,0 @@ -require 'spec_helper' -require 'puppet' -require 'puppet/type/keystone_identity_provider' - -describe Puppet::Type.type(:keystone_identity_provider) do - - let(:service_provider) do - Puppet::Type.type(:keystone_identity_provider).new( - :name => 'foo', - :remote_ids => ['remoteid_idp1', 'http://remoteid_idp2/saml/meta', 3], - :description => 'Original description' - ) - end - - describe '#remote-ids property' do - it 'should be in sync with unsorted array of remote-ids' do - remote_ids = service_provider.parameter('remote_ids') - expect(remote_ids.insync?( - ['http://remoteid_idp2/saml/meta', 3, 'remoteid_idp1'])).to be_truthy - end - - it 'should not allow an id with space in it' do - expect do - @service_provider = Puppet::Type.type(:keystone_identity_provider).new( - :name => 'foo', - :remote_ids => ['remote id one'] - ) - end.to raise_error(Puppet::ResourceError, - /Remote id cannot have space in it/) - end - - it 'should not allow an id with double quote in it' do - expect do - @service_provider = Puppet::Type.type(:keystone_identity_provider).new( - :name => 'foo', - :remote_ids => ['http://remoteone?id="foo"'] - ) - end.to raise_error(Puppet::ResourceError, - /double quote: http:\/\/remoteone\?id="foo" at position 20/) - end - end - - describe '#description property' do - it "Can't be modified" do - description = service_provider.parameter('description') - expect do - description.insync?('New description') - end.to raise_error( - Puppet::Error, - /^The description cannot be changed from Original description to New description$/ - ) - end - end - - describe '#remote_id_file' do - context 'remote_id_file and remote_ids are both set' do - it 'must fail' do - expect do - @service_provider = Puppet::Type.type(:keystone_identity_provider).new( - :name => 'foo', - :remote_ids => ['remoteone'], - :remote_id_file => '/tmp/remote_ids' - ) - end.to raise_error(Puppet::ResourceError, - /Cannot have both remote_ids and remote_id_file/) - end - end - context 'remote_id_file is not an absolute path' do - it 'must raise a error' do - expect do - @service_provider = Puppet::Type.type(:keystone_identity_provider).new( - :name => 'foo', - :remote_id_file => 'tmp/remote_ids' - ) - end.to raise_error(Puppet::ResourceError, - /You must specify an absolute path name not 'tmp\/remote_ids'/) - end - end - - context 'remote_id_file is in sync relative to the ids in the file' do - let(:service_provider) do - Puppet::Type.type(:keystone_identity_provider).new( - :name => 'foo', - :remote_id_file => '/tmp/remote_ids' - ) - end - it 'must be in sync' do - File.expects(:readlines).with('/tmp/remote_ids').once - .returns([' remoteids', '', 'http://secondids ', ' ']) - remote_id_file = service_provider.parameter('remote_id_file') - expect(remote_id_file.insync?( - ['http://secondids', 'remoteids'])).to be_truthy - end - end - end - - describe '#autorequire' do - let(:file_good) do - Puppet::Type.type(:file).new( - :name => '/tmp/remote-ids', - :ensure => :present - ) - end - let(:file_bad) do - Puppet::Type.type(:file).new( - :name => '/tmp/another-file', - :ensure => :present - ) - end - let(:service_provider) do - Puppet::Type.type(:keystone_identity_provider).new( - :name => 'foo', - :remote_id_file => '/tmp/remote-ids', - :description => 'Original description' - ) - end - - describe 'should autorequire the correct file' do - let(:resources) { [service_provider, file_good, file_bad] } - include_examples 'autorequire the correct resources' - end - end -end diff --git a/keystone/spec/unit/type/keystone_paste_ini_spec.rb b/keystone/spec/unit/type/keystone_paste_ini_spec.rb deleted file mode 100644 index 0cf8b6c1a..000000000 --- a/keystone/spec/unit/type/keystone_paste_ini_spec.rb +++ /dev/null @@ -1,34 +0,0 @@ -require 'spec_helper' -# this hack is required for now to ensure that the path is set up correctly -# to retrive the parent provider -$LOAD_PATH.push( - File.join( - File.dirname(__FILE__), - '..', - '..', - 'fixtures', - 'modules', - 'inifile', - 'lib') -) -require 'puppet/type/keystone_paste_ini' -describe 'Puppet::Type.type(:keystone_paste_ini)' do - before :each do - @keystone_paste_ini = Puppet::Type.type(:keystone_paste_ini).new(:name => 'DEFAULT/foo', :value => 'bar') - end - it 'should accept a valid value' do - @keystone_paste_ini[:value] = 'bar' - expect(@keystone_paste_ini[:value]).to eq('bar') - end - - it 'should autorequire the package that install the file' do - catalog = Puppet::Resource::Catalog.new - package = Puppet::Type.type(:package).new(:name => 'keystone') - catalog.add_resource package, @keystone_paste_ini - dependency = @keystone_paste_ini.autorequire - expect(dependency.size).to eq(1) - expect(dependency[0].target).to eq(@keystone_paste_ini) - expect(dependency[0].source).to eq(package) - end - -end diff --git a/keystone/spec/unit/type/keystone_service_spec.rb b/keystone/spec/unit/type/keystone_service_spec.rb deleted file mode 100644 index a27b96b9d..000000000 --- a/keystone/spec/unit/type/keystone_service_spec.rb +++ /dev/null @@ -1,32 +0,0 @@ -require 'spec_helper' -require 'puppet' -require 'puppet/type/keystone_service' - -describe Puppet::Type.type(:keystone_service) do - - let(:project) do - Puppet::Type.type(:keystone_service).new( - :id => 'blah', - :name => 'foo', - :type => 'foo-type' - ) - end - - include_examples 'croak on read-only parameter', - :title => 'service::type', :id => '12345', - :_prefix => 'Parameter id failed on Keystone_service[service::type]:' - - describe 'service::type' do - include_examples 'parse title correctly', :name => 'service', :type => 'type' - end - - describe 'new_service_without_type' do - include_examples 'croak on the required parameter', - 'Parameter type failed on Keystone_service[new_service_without_type]:' - end - - describe 'new_service_with_type_as_parameter' do - include_examples 'succeed with the required parameters', :type => 'type' - end - -end diff --git a/keystone/spec/unit/type/keystone_tenant_spec.rb b/keystone/spec/unit/type/keystone_tenant_spec.rb deleted file mode 100644 index 3bcc4d03c..000000000 --- a/keystone/spec/unit/type/keystone_tenant_spec.rb +++ /dev/null @@ -1,62 +0,0 @@ -require 'spec_helper' -require 'puppet' -require 'puppet/type/keystone_tenant' - -describe Puppet::Type.type(:keystone_tenant) do - - let(:project) do - Puppet::Type.type(:keystone_tenant).new( - :id => 'blah', - :name => 'project', - :domain => 'domain_project' - ) - end - - it 'should not accept id property' do - expect { project }.to raise_error(Puppet::Error, - /This is a read only property/) - end - - describe 'name::domain' do - include_examples 'parse title correctly', - :name => 'name', - :domain => 'domain' - end - describe 'name' do - include_examples 'parse title correctly', - :name => 'name', :domain => 'Default' - end - describe 'name::domain::extra' do - include_examples 'croak on the title' - end - - describe '#autorequire' do - let(:domain_good) do - Puppet::Type.type(:keystone_domain).new(:title => 'domain_project') - end - - let(:domain_bad) do - Puppet::Type.type(:keystone_domain).new(:title => 'another_domain') - end - - context 'domain autorequire from title' do - let(:project) do - Puppet::Type.type(:keystone_tenant).new(:title => 'tenant::domain_project') - end - describe 'should require the correct domain' do - let(:resources) { [project, domain_good, domain_bad] } - include_examples 'autorequire the correct resources' - end - end - context 'domain autorequire from parameter' do - let(:project) do - Puppet::Type.type(:keystone_tenant).new(:title => 'tenant', - :domain => 'domain_project') - end - describe 'should require the correct domain' do - let(:resources) { [project, domain_good, domain_bad] } - include_examples 'autorequire the correct resources' - end - end - end -end diff --git a/keystone/spec/unit/type/keystone_user_role_spec.rb b/keystone/spec/unit/type/keystone_user_role_spec.rb deleted file mode 100644 index b0db462e4..000000000 --- a/keystone/spec/unit/type/keystone_user_role_spec.rb +++ /dev/null @@ -1,200 +0,0 @@ -require 'spec_helper' -require 'puppet' -require 'puppet/type/keystone_user_role' - -describe Puppet::Type.type(:keystone_user_role) do - - before :each do - @user_roles = Puppet::Type.type(:keystone_user_role).new( - :title => 'foo@bar', - :roles => ['a', 'b'] - ) - - @roles = @user_roles.parameter('roles') - end - - it 'should not be in sync for' do - expect(@roles.insync?(['a', 'b', 'c'])).to be false - expect(@roles.insync?('a')).to be false - expect(@roles.insync?(['a'])).to be false - expect(@roles.insync?(nil)).to be false - end - - it 'should be in sync for' do - expect(@roles.insync?(['a', 'b'])).to be true - expect(@roles.insync?(['b', 'a'])).to be true - end - - ['user', 'user@REALM', 'us:er'].each do |user| - describe "#{user}::user_domain@project::project_domain" do - include_examples 'parse title correctly', - :user => user, - :user_domain => 'user_domain', - :project => 'project', - :project_domain => 'project_domain', - :domain => PuppetX::Keystone::CompositeNamevar::Unset - end - - describe "#{user}::user_domain@::domain" do - include_examples 'parse title correctly', - :user => user, - :user_domain => 'user_domain', - :project => PuppetX::Keystone::CompositeNamevar::Unset, - :project_domain => PuppetX::Keystone::CompositeNamevar::Unset, - :domain => 'domain' - end - - describe "#{user}::user_domain@project" do - include_examples 'parse title correctly', - :user => user, - :user_domain => 'user_domain', - :project => 'project', - :project_domain => 'Default', - :domain => PuppetX::Keystone::CompositeNamevar::Unset - end - - describe "#{user}@project::project_domain" do - include_examples 'parse title correctly', - :user => user, - :user_domain => 'Default', - :project => 'project', - :project_domain => 'project_domain', - :domain => PuppetX::Keystone::CompositeNamevar::Unset - end - - describe "#{user}@::domain" do - include_examples 'parse title correctly', - :user => user, - :user_domain => 'Default', - :project => PuppetX::Keystone::CompositeNamevar::Unset, - :project_domain => PuppetX::Keystone::CompositeNamevar::Unset, - :domain => 'domain' - end - - describe "#{user}@project" do - include_examples 'parse title correctly', - :user => user, - :user_domain => 'Default', - :project => 'project', - :project_domain => 'Default', - :domain => PuppetX::Keystone::CompositeNamevar::Unset - end - - describe "#{user}@proj:ect" do - include_examples 'parse title correctly', - :user => user, - :user_domain => 'Default', - :project => 'proj:ect', - :project_domain => 'Default', - :domain => PuppetX::Keystone::CompositeNamevar::Unset - end - end - describe 'name::domain::foo@project' do - include_examples 'croak on the title' - end - describe 'name::dom@ain@project' do - include_examples 'croak on the title' - end - describe 'name::domain@' do - include_examples 'croak on the title' - end - describe 'name::domain@project::' do - include_examples 'croak on the title' - end - describe '@project:project_domain' do - include_examples 'croak on the title' - end - - describe '#autorequire' do - let(:project_good) do - Puppet::Type.type(:keystone_tenant).new(:title => 'bar') - end - let(:project_good_ml) do - Puppet::Type.type(:keystone_tenant).new(:title => 'blah', - :name => 'bar') - end - let(:project_good_fq) do - Puppet::Type.type(:keystone_tenant).new(:title => 'bar::Default') - end - let(:project_bad) do - Puppet::Type.type(:keystone_tenant).new(:title => 'bar::other_domain') - end - let(:user_good) do - Puppet::Type.type(:keystone_user).new(:title => 'foo') - end - let(:user_good_ml) do - Puppet::Type.type(:keystone_user).new(:title => 'blah', - :name => 'foo') - end - let(:user_good_fq) do - Puppet::Type.type(:keystone_user).new(:title => 'foo::Default') - end - let(:user_bad) do - Puppet::Type.type(:keystone_user).new(:title => 'foo::other_domain') - end - let(:domain) do - Puppet::Type.type(:keystone_domain).new(:title => 'bar') - end - - context 'tenant' do - describe 'normal tenant title' do - let(:resources) { [@user_roles, project_good, project_bad] } - include_examples 'autorequire the correct resources', - :default_domain => 2 - end - - describe 'meaningless tenant title' do - let(:resources) { [@user_roles, project_good_ml, project_bad] } - include_examples 'autorequire the correct resources', - :default_domain => 1 - end - - describe 'meaningless tenant title' do - let(:resources) { [@user_roles, project_good_fq, project_bad] } - include_examples 'autorequire the correct resources', - :default_domain => 1 - end - end - - context 'domain' do - it 'should not autorequire any tenant' do - catalog.add_resource @user_roles, domain - dependency = @user_roles.autorequire - expect(dependency.size).to eq(0) - end - let(:resources) { [@user_roles, project_good, project_bad] } - include_examples 'autorequire the correct resources' - end - - context 'user' do - describe 'normal user title' do - let(:resources) { [@user_roles, user_good, user_bad] } - include_examples 'autorequire the correct resources' - end - describe 'meaningless user title' do - let(:resources) { [@user_roles, user_good_ml, user_bad] } - include_examples 'autorequire the correct resources' - end - - describe 'fq user title' do - let(:resources) { [@user_roles, user_good_fq, user_bad] } - include_examples 'autorequire the correct resources' - end - end - end - - describe 'parameter conflict' do - let(:user_roles) do - Puppet::Type.type(:keystone_user_role).new( - :title => 'user@::domain', - :project => 'project', - :roles => %w(a b) - ) - end - let(:domain) { user_roles.parameter('domain') } - - it 'should not allow domain and project at the same time' do - expect { domain.validate }.to raise_error(Puppet::ResourceError, /Cannot define both project and domain/) - end - end -end diff --git a/keystone/spec/unit/type/keystone_user_spec.rb b/keystone/spec/unit/type/keystone_user_spec.rb deleted file mode 100644 index a4528afff..000000000 --- a/keystone/spec/unit/type/keystone_user_spec.rb +++ /dev/null @@ -1,50 +0,0 @@ -require 'spec_helper' -require 'puppet' -require 'puppet/type/keystone_user' - -describe Puppet::Type.type(:keystone_user) do - - describe 'name::domain' do - include_examples 'parse title correctly', - :name => 'name', :domain => 'domain' - end - describe 'name' do - include_examples 'parse title correctly', - :name => 'name', :domain => 'Default' - end - describe 'name::domain::foo' do - include_examples 'croak on the title' - end - - describe '#autorequire' do - let(:domain_good) do - Puppet::Type.type(:keystone_domain).new(:title => 'domain_user') - end - - let(:domain_bad) do - Puppet::Type.type(:keystone_domain).new(:title => 'another_domain') - end - - context 'domain autorequire from title' do - let(:user) do - Puppet::Type.type(:keystone_user).new(:title => 'foo::domain_user') - end - describe 'should require the correct domain' do - let(:resources) { [user, domain_good, domain_bad] } - include_examples 'autorequire the correct resources' - end - end - context 'domain autorequire from parameter' do - let(:user) do - Puppet::Type.type(:keystone_user).new( - :title => 'foo', - :domain => 'domain_user' - ) - end - describe 'should require the correct domain' do - let(:resources) { [user, domain_good, domain_bad] } - include_examples 'autorequire the correct resources' - end - end - end -end diff --git a/keystone/templates/mellon.conf.erb b/keystone/templates/mellon.conf.erb deleted file mode 100644 index 259bcd824..000000000 --- a/keystone/templates/mellon.conf.erb +++ /dev/null @@ -1,16 +0,0 @@ - WSGIScriptAliasMatch ^(/v3/OS-FEDERATION/identity_providers/.*?/protocols/.*?/auth)$ <%= scope['keystone::params::keystone_wsgi_script_path'] -%>/$1 - - - MellonEnable "info" - MellonSPPrivateKeyFile <%= scope['apache::mod_dir']-%>/mellon/http_keystone.fqdn.key - MellonSPCertFile <%= scope['apache::mod_dir']-%>/mellon/http_keystone.fqdn.cert - MellonSPMetadataFile <%= scope['apache::mod_dir']-%>/mellon/http_keystone.fqdn.xml - MellonIdPMetadataFile <%= scope['apache::mod_dir']-%>/mellon/idp-metadata.xml - MellonEndpointPath /v3/OS-FEDERATION/identity_providers/<%= scope['keystone::federation::mellon::idp_name']-%>/protocols/<%= scope['keystone::federation::mellon::protocol_name']-%>/auth/mellon - MellonIdP "IDP" - - - /protocols/<%= scope['keystone::federation::mellon::protocol_name']-%>/auth> - AuthType "Mellon" - MellonEnable "auth" - diff --git a/keystone/templates/shibboleth.conf.erb b/keystone/templates/shibboleth.conf.erb deleted file mode 100644 index 23bc0d326..000000000 --- a/keystone/templates/shibboleth.conf.erb +++ /dev/null @@ -1,12 +0,0 @@ - WSGIScriptAliasMatch ^(/v3/OS-FEDERATION/identity_providers/.*?/protocols/.*?/auth)$ <%= scope['keystone::params::keystone_wsgi_script_path'] -%>/$1 - - - SetHandler shib - - - - ShibRequestSetting requireSession 1 - AuthType shibboleth - ShibExportAssertion Off - Require valid-user - diff --git a/keystone/test-requirements.txt b/keystone/test-requirements.txt deleted file mode 100644 index bedd66690..000000000 --- a/keystone/test-requirements.txt +++ /dev/null @@ -1,4 +0,0 @@ -# this is required for the docs build jobs -sphinx!=1.2.0,!=1.3b1,<1.3,>=1.1.2 -oslosphinx>=2.5.0 # Apache-2.0 -reno>=0.1.1 # Apache-2.0 diff --git a/keystone/tests/site.pp b/keystone/tests/site.pp deleted file mode 100644 index c3a3fbb90..000000000 --- a/keystone/tests/site.pp +++ /dev/null @@ -1,68 +0,0 @@ -Exec { logoutput => 'on_failure' } - -package { 'curl': ensure => present } - -# example of how to build a single node -# keystone instance backed by sqlite -# with all of the default admin roles -node 'keystone_sqlite' { - class { '::keystone': - verbose => true, - debug => true, - catalog_type => 'sql', - admin_token => 'admin_token', - } - class { '::keystone::roles::admin': - email => 'example@abc.com', - password => 'ChangeMe', - } - class { '::keystone::endpoint': - public_url => "http://${::fqdn}:5000/", - admin_url => "http://${::fqdn}:35357/", - } -} - -node keystone_mysql { - class { '::mysql::server': } - class { '::keystone::db::mysql': - password => 'keystone', - } - class { '::keystone': - verbose => true, - debug => true, - database_connection => 'mysql://keystone:keystone@127.0.0.1/keystone', - catalog_type => 'sql', - admin_token => 'admin_token', - } - class { '::keystone::roles::admin': - email => 'test@puppetlabs.com', - password => 'ChangeMe', - } -} - - -# keystone with mysql on another node -node keystone { - class { '::keystone': - verbose => true, - debug => true, - database_connection => 'mysql://keystone:password@127.0.0.1/keystone', - catalog_type => 'sql', - admin_token => 'admin_token', - } - class { '::keystone::db::mysql': - password => 'keystone', - } - class { '::keystone::roles::admin': - email => 'example@abc.com', - password => 'ChangeMe', - } - class { '::keystone::endpoint': - public_url => "http://${::fqdn}:5000/", - admin_url => "http://${::fqdn}:35357/", - } -} - -node default { - fail("could not find a matching node entry for ${clientcert}") -} diff --git a/keystone/tox.ini b/keystone/tox.ini deleted file mode 100644 index aea06c84f..000000000 --- a/keystone/tox.ini +++ /dev/null @@ -1,8 +0,0 @@ -[tox] -minversion = 1.6 -skipsdist = True -envlist = releasenotes - -[testenv:releasenotes] -deps = -rtest-requirements.txt -commands = sphinx-build -a -E -W -d releasenotes/build/doctrees -b html releasenotes/source releasenotes/build/html diff --git a/kibana3/.fixtures.yml b/kibana3/.fixtures.yml deleted file mode 100644 index d1f8e775c..000000000 --- a/kibana3/.fixtures.yml +++ /dev/null @@ -1,19 +0,0 @@ -fixtures: - forge_modules: - apache: - repo: 'puppetlabs/apache' - ref: '1.6.0' - concat: - repo: 'puppetlabs/concat' - ref: '1.2.4' - git: - repo: 'puppetlabs/git' - ref: '0.4.0' - stdlib: - repo: 'puppetlabs/stdlib' - ref: '4.9.0' - vcsrepo: - repo: 'puppetlabs/vcsrepo' - ref: '1.3.1' - symlinks: - kibana3: "#{source_dir}" diff --git a/kibana3/.gitignore b/kibana3/.gitignore deleted file mode 100644 index 51e0ece52..000000000 --- a/kibana3/.gitignore +++ /dev/null @@ -1,7 +0,0 @@ -spec/fixtures -pkg -.vagrant -.rspec_system -.*.sw? -.bundle -Gemfile.lock diff --git a/kibana3/.ruby-gemset b/kibana3/.ruby-gemset deleted file mode 100644 index cff7f32e6..000000000 --- a/kibana3/.ruby-gemset +++ /dev/null @@ -1 +0,0 @@ -kibana3 diff --git a/kibana3/.ruby-version b/kibana3/.ruby-version deleted file mode 100644 index 314a6ed8c..000000000 --- a/kibana3/.ruby-version +++ /dev/null @@ -1 +0,0 @@ -ruby-2.1.1 diff --git a/kibana3/.travis.yml b/kibana3/.travis.yml deleted file mode 100644 index 71709a599..000000000 --- a/kibana3/.travis.yml +++ /dev/null @@ -1,49 +0,0 @@ ---- -notifications: - email: - - alejandro@ideasftw.com -language: ruby -bundler_args: --without development -before_install: rm Gemfile.lock || true -rvm: - - 1.9.3 - - 2.0.0 - - 2.1.0 - - 2.1.6 -script: bundle exec rake test -env: - - PUPPET_VERSION="~> 3.1.0" - - PUPPET_VERSION="~> 3.2.0" - - PUPPET_VERSION="~> 3.3.0" - - PUPPET_VERSION="~> 3.4.0" - - PUPPET_VERSION="~> 3.5.0" - - PUPPET_VERSION="~> 3.6.0" - - PUPPET_VERSION="~> 3.8.0" - - PUPPET_VERSION="~> 4.0.0" - - PUPPET_VERSION="~> 4.2.0" -matrix: - exclude: - - rvm: 1.9.3 - env: PUPPET_VERSION="~> 4.0.0" - - rvm: 1.9.3 - env: PUPPET_VERSION="~> 4.2.0" - - rvm: 2.0.0 - env: PUPPET_VERSION="~> 3.1.0" - - rvm: 2.0.0 - env: PUPPET_VERSION="~> 4.0.0" - - rvm: 2.0.0 - env: PUPPET_VERSION="~> 4.2.0" - - rvm: 2.1.0 - env: PUPPET_VERSION="~> 3.1.0" - - rvm: 2.1.0 - env: PUPPET_VERSION="~> 3.2.0" - - rvm: 2.1.0 - env: PUPPET_VERSION="~> 3.3.0" - - rvm: 2.1.0 - env: PUPPET_VERSION="~> 3.4.0" - - rvm: 2.1.6 - env: PUPPET_VERSION="~> 3.1.0" - - rvm: 2.1.6 - env: PUPPET_VERSION="~> 3.2.0" - - rvm: 2.1.6 - env: PUPPET_VERSION="~> 3.3.0" diff --git a/kibana3/CHANGELOG.md b/kibana3/CHANGELOG.md deleted file mode 100644 index 749894d8e..000000000 --- a/kibana3/CHANGELOG.md +++ /dev/null @@ -1,20 +0,0 @@ -## Change Log -### v0.0.4 (2015-01-06) -- updated testing harness -- added 2 new parameters: - 1. manage_git_repository - 2. ws_servername -- added anchor pattern -- various under the hood enhancements - -### v0.0.3 (2014-05-07) -- Changed default kibana3 release from tag name to tag commit hash -- Changed default kibana3 version from 3.0.0 to 3.0.1 -- Updated documentation - -### v0.0.2 (2014-03-25) -- Changed doc_root in apache::vhost if managed_ws => true -- Disabled default_vhost id managed_ws => true - -### v0.0.1 (2014-03-23) -- initial commit diff --git a/kibana3/Gemfile b/kibana3/Gemfile deleted file mode 100644 index eaba31a8f..000000000 --- a/kibana3/Gemfile +++ /dev/null @@ -1,21 +0,0 @@ -source 'https://rubygems.org' - -group :test do - gem "rake" - gem "puppet", ENV['PUPPET_VERSION'] || '~> 3.4.0' - gem "puppet-lint" - gem "rspec-puppet" - gem "puppet-syntax" - gem "puppetlabs_spec_helper" -end - -group :development do - gem "travis" - gem "travis-lint" - gem "beaker" - gem "jwt", "~> 0.1.4" - gem "beaker-rspec" - gem "vagrant-wrapper" - gem "puppet-blacksmith" - gem "guard-rake" -end diff --git a/kibana3/LICENSE b/kibana3/LICENSE deleted file mode 100644 index c4cf7b1b2..000000000 --- a/kibana3/LICENSE +++ /dev/null @@ -1,13 +0,0 @@ -Copyright 2014 Alejandro Figueroa - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. diff --git a/kibana3/Modulefile b/kibana3/Modulefile deleted file mode 100644 index 7fd0162c0..000000000 --- a/kibana3/Modulefile +++ /dev/null @@ -1,12 +0,0 @@ -name 'thejandroman-kibana3' -version '0.0.4' -source 'https://github.com/thejandroman/puppet-kibana3' -author 'thejandroman' -license 'Apache License, Version 2.0' -summary 'Installs and configures kibana3.' -description 'The kibana3 puppet module allows one to setup and configure the kibana3 interface to Logstash and ElasticSearch.' -project_page 'https://github.com/thejandroman/puppet-kibana3' -dependency 'puppetlabs/git', '>= 0.0.3' -dependency 'puppetlabs/vcsrepo', '>= 0.2.0' -dependency 'puppetlabs/apache', '>= 1.0.1' -dependency 'puppetlabs/stdlib', '>= 3.2.1' diff --git a/kibana3/README.md b/kibana3/README.md deleted file mode 100644 index b801ab4b7..000000000 --- a/kibana3/README.md +++ /dev/null @@ -1,157 +0,0 @@ -#kibana3 [![Build Status](https://travis-ci.org/thejandroman/puppet-kibana3.svg?branch=master)](https://travis-ci.org/thejandroman/puppet-kibana3) - -####Table of Contents - -1. [Overview](#overview) -2. [Module Description](#module-description) -3. [Setup](#setup) - * [Examples](#examples) -4. [Usage](#usage) - * [Classes](#classes) - * [kibana3](#class-kibana3) -5. [Limitiations](#limitations) -6. [Contributing](#contributing) -7. [License](#license) - -##Overview -The kibana3 puppet module allows one to setup and configure the [kibana3](http://www.elasticsearch.org/overview/kibana/) interface to Logstash and ElasticSearch. - -##Module Description -This module should cover all configuration options for kibana3 v3.0.0. - -This module checks out the [kibana3 source](https://github.com/elasticsearch/kibana) directly from github and requires git to be installed. By default this module will install git via the [puppetlabs/git](https://github.com/puppetlabs/puppetlabs-git) module. This behavior can be disabled. - -Kibana3 requires a webserver to serve its content. By default this module will install apache via the [puppetlabs/apache](https://github.com/puppetlabs/puppetlabs-apache) module. This behavior can be disabled. - -##Setup -Kibana3 can be installed with a base configuration with `include kibana3` with default configuration options. To disable managing of git or apache see options below. - -This module also provides for a way to uninstall via the `ensure` parameter. If `ensure => 'absent'` is specified and `manage_ws => true` and/or `manage_git => true` is specified, the respective module's packages and configs will also be uninstalled. - -###Examples -To install kibana3 accepting all default options: -```puppet - include kibana3 -``` -To specify a specific elasticsearch host to kibana3: -```puppet - class { - 'kibana3': - config_es_port => '9201', - config_es_protocol => 'https', - config_es_server => 'es.my.domain', - } -``` -To manage webserver configuration outside of the kibana3 module: -```puppet - class { - 'kibana3': - manage_ws => false, - } -``` - -## Usage -###Classes -####Class: `kibana3` -#####`ensure` -**Data Type:** _string_ -**Default:** _present_ -Set to 'absent' to uninstall. Beware, if `manage_git` or `manage_ws` are set to true their respective module's packages and configs will also be uninstalled. - -#####`config_default_route` -**Data Type:** _string_ -**Default:** _/dashboard/file/default.json_ -This is the default landing page when you don't specify a dashboard to load. You can specify files, scripts or saved dashboards here. For example, if you had saved a dashboard called 'WebLogs' to elasticsearch you might -use: `config_default_route => '/dashboard/elasticsearch/WebLogs',` - -#####`config_es_port` -**Data Type:** _string_ -**Default:** _9200_ -The port of the elasticsearch server. Because kibana3 is browser based this must be accessible from the browser loading kibana3. - -#####`config_es_protocol` -**Data Type:** _string_ -**Default:** _http_ -The protocol (http/https) of the elasticsearch server. Because kibana3 is browser based this must be accessible from the browser loading kibana3. - -#####`config_es_server` -**Data Type:** _string_ -**Default:** _"+window.location.hostname+"_ -The FQDN of the elasticsearch server. Because kibana3 is browser based this must be accessible from the browser loading kibana3. - -#####`config_kibana_index` -**Data Type:** _string_ -**Default:** _kibana-int_ -The default ES index to use for storing Kibana specific object such as stored dashboards. - -#####`config_panel_names` -**Data Type:** _array_ -**Default:** _['histogram','map','goal','table','filtering','timepicker','text','hits','column','trends','bettermap','query','terms','stats','sparklines']_ -An array of panel modules available. Panels will only be loaded when they are defined in the dashboard, but this list is used in the "add panel" interface. - -#####`k3_folder_owner` -**Data Type:** _string_ -**Default:** _undef_ -The owner of the kibana3 install located at `k3_install_folder`. If `k3_folder_owner` remains 'undef' it defaults to one of two case: - * if `manage_ws => false` then `k3_folder_owner => 'root'` - * if `manage_ws => true` then `k3_folder_owner => $::apache::params::user` - -#####`k3_install_folder` -**Data Type:** _string_ -**Default:** _/opt/kibana3_ -The folder to install kibana3 into. - -#####`k3_release` -**Data Type:** _string_ -**Default:** _a50a913 (v3.0.1)_ -A tag or branch from the [kibana3](https://github.com/elasticsearch/kibana) repo. Note that you should use the commit hash instead of the tag name (see [issue #5](https://github.com/thejandroman/kibana3/issues/5)) or puppet will overwrite the config.js file. - -##### `k3_clone_url` -**Data Type:** _string_ -**Default:** _https://github.com/elasticsearch/kibana.git_ -URL for the kibana3 git repo. - -#####`manage_git` -**Data Type:** _bool_ -**Default:** _true_ -Should the module manage git. - -#####`manage_ws` -**Data Type:** _bool_ -**Default:** _true_ -Should the module manage the webserver. - -#####`manage_git_repository` -**Data Type:** _bool_ -**Default:** _true_ -Should the module manage kibana3 git repository. - -#####`ws_servername` -**Data Type:** _string_ -**Default:** _kibana3_ -Change the default servername for the apache vhost. Only taken into account if `manage_ws => true`. - -#####`ws_port` -**Data Type:** _string_ -**Default:** _80_ -Change the default port for the webserver to a custom value. Only taken into account if `manage_ws => true`. - -#####`ws_default_vhost` -**Data Type:** _bool_ -**Default:** _false_ -Attempt to make the Kibana vhost the default. Useful when setting up a dedicated Kibana server. Only taken into account if `manage_ws => true`. - -#####`ws_extras` -**Data Type:** _hash_ -**Default:** _{}_ -Specify extras option for the vhost configuration. Only taken into account if `manage_ws => true`. - -##Limitations - * Tested and built on Ubuntu 12.04. - * Tested with Kibana v3.0.0. - -##Contributing -Pull requests are welcome. Please document and include rspec tests. - -##License -See [LICENSE](https://github.com/thejandroman/kibana3/blob/master/LICENSE) file. diff --git a/kibana3/Rakefile b/kibana3/Rakefile deleted file mode 100644 index 01cbaca17..000000000 --- a/kibana3/Rakefile +++ /dev/null @@ -1,32 +0,0 @@ -require 'puppetlabs_spec_helper/rake_tasks' -require 'puppet-syntax/tasks/puppet-syntax' -require 'puppet-lint/tasks/puppet-lint' - -begin - require 'puppet_blacksmith/rake_tasks' -rescue LoadError -end - -PuppetLint.configuration.send('disable_80chars') -PuppetLint.configuration.send('disable_class_inherits_from_params_class') -PuppetLint.configuration.fail_on_warnings = true - -exclude_paths = [ - "pkg/**/*", - "vendor/**/*", - "spec/**/*", -] -PuppetLint.configuration.ignore_paths = exclude_paths -PuppetSyntax.exclude_paths = exclude_paths - -desc "Run acceptance tests" -RSpec::Core::RakeTask.new(:acceptance) do |t| - t.pattern = 'spec/acceptance' -end - -desc "Run syntax, lint, and spec tests." -task :test => [ - :syntax, - :lint, - :spec, -] diff --git a/kibana3/manifests/config.pp b/kibana3/manifests/config.pp deleted file mode 100644 index c1dddfe4b..000000000 --- a/kibana3/manifests/config.pp +++ /dev/null @@ -1,21 +0,0 @@ -# = Private class: kibana3::config -# -# Author: Alejandro Figueroa -class kibana3::config inherits kibana3 { - if $::kibana3::manage_ws { - file { - "${::kibana3::k3_install_folder}/src/config.js": - ensure => present, - content => template('kibana3/config.js.erb'), - owner => $::kibana3::install::_ws_user, - notify => Class['::Apache::Service'], - } - } else { - file { - "${::kibana3::k3_install_folder}/src/config.js": - ensure => present, - content => template('kibana3/config.js.erb'), - owner => $::kibana3::install::_ws_user, - } - } -} diff --git a/kibana3/manifests/init.pp b/kibana3/manifests/init.pp deleted file mode 100644 index 74d381779..000000000 --- a/kibana3/manifests/init.pp +++ /dev/null @@ -1,141 +0,0 @@ -# == Public class: kibana3 -# -# Installs and configures kibana3. -# -# === Parameters -# [*ensure*] -# Set to 'absent' to uninstall. Beware, if $manage_git or $manage_ws are set -# to 'true' their respective modules will also be set to 'absent'. -# -# [*config_default_route*] -# This is the default landing page when you don't specify a dashboard to -# load. You can specify files, scripts or saved dashboards here. For example, -# if you had saved a dashboard called `WebLogs' to elasticsearch you might -# use: -# default_route => '/dashboard/elasticsearch/WebLogs', -# -# [*config_es_port*] -# The port of the elasticsearch server. Because kibana3 is browser based -# this must be accessible from the browser loading kibana3. -# -# [*config_es_protocol*] -# The protocol (http/https) of the elasticsearch server. Because kibana3 is -# browser based this must be accessible from the browser loading kibana3. -# -# [*config_es_server*] -# The FQDN of the elasticsearch server. Because kibana3 is browser based -# this must be accessible from the browser loading kibana3. -# -# [*config_kibana_index*] -# The default ES index to use for storing Kibana specific object such as -# stored dashboards. -# -# [*config_panel_names*] -# An array of panel modules available. Panels will only be loaded when they -# are defined in the dashboard, but this list is used in the "add panel" -# interface. -# -# [*k3_folder_owner*] -# The owner of the kibana3 install located at $k3_install_folder. -# -# [*k3_install_folder*] -# The folder to install kibana3 into. -# -# [*k3_release*] -# A tag or branch from the kibana3 git repo. Note that you should use the -# commit hash instead of the tag name (see issue #5) or puppet will overwrite -# the config.js file. -# -# [*k3_clone_url*] -# URL for the kibana3 git repo. -# -# [*manage_git*] -# Should the module manage git. -# -# [*manage_git_repository*] -# Should the module manage the kibana3 git repository. -# -# [*manage_ws*] -# Should the module manage the webserver. -# -# [*ws_servername*] -# Specify the virtual host servername . Only taken -# into account if manage_ws => true. -# -# [*ws_port*] -# Change the default port for the webserver to a custom value. Only taken -# into account if manage_ws => true. -# -# [*ws_extras*] -# Hash of option to pass to the apache::vhost resource -# Only taken into account if manage_ws => true. -# Defaults to {} -# -# === Examples -# -# class { 'kibana3': -# servers => [ 'pool.ntp.org', 'ntp.local.company.com' ], -# } -# -# === Authors -# -# Alejandro Figueroa -# -# === Copyright -# -# Copyright 2014 Alejandro Figueroa, unless otherwise noted. -# -class kibana3 ( - $ensure = $::kibana3::params::ensure, - - $config_default_route = $::kibana3::params::config_default_route, - $config_es_port = $::kibana3::params::config_es_port, - $config_es_protocol = $::kibana3::params::config_es_protocol, - $config_es_server = $::kibana3::params::config_es_server, - $config_kibana_index = $::kibana3::params::config_kibana_index, - $config_panel_names = $::kibana3::params::config_panel_names, - - $k3_folder_owner = $::kibana3::params::k3_folder_owner, - $k3_install_folder = $::kibana3::params::k3_install_folder, - $k3_release = $::kibana3::params::k3_release, - $k3_clone_url = $::kibana3::params::k3_clone_url, - - $manage_git = $::kibana3::params::manage_git, - $manage_git_repository = $::kibana3::params::manage_git_repository, - - $manage_ws = $::kibana3::params::manage_ws, - $ws_servername = $::kibana3::params::ws_servername, - $ws_port = $::kibana3::params::ws_port, - $ws_default_vhost = $::kibana3::params::ws_default_vhost, - $ws_extras = $::kibana3::params::ws_extras, - -) inherits kibana3::params { - - validate_string($ensure,$config_default_route,$config_es_port, - $config_es_protocol,$config_es_server,$config_kibana_index, - $k3_folder_owner,$k3_install_folder,$k3_release,$k3_clone_url, - $ws_port) - - validate_bool($manage_git,$manage_ws,$manage_git_repository, - $ws_default_vhost) - - validate_array($config_panel_names) - - validate_hash($ws_extras) - - case $ensure { - 'present': { - anchor { 'kibana3::begin': } -> - class { 'kibana3::install': } -> - class { 'kibana3::config': } -> - anchor { 'kibana3::end': } - } - 'absent': { - class { 'kibana3::uninstall': } - } - default: { - fail("${ensure} is not supported for ensure. - Allowed values are 'present' and 'absent'.") - } - } -} diff --git a/kibana3/manifests/install.pp b/kibana3/manifests/install.pp deleted file mode 100644 index 712971af7..000000000 --- a/kibana3/manifests/install.pp +++ /dev/null @@ -1,49 +0,0 @@ -# = Private class: kibana3::install -# -# Author: Alejandro Figueroa -class kibana3::install { - if $::kibana3::manage_git { - require 'git' - } - - if $::kibana3::k3_folder_owner { - $_ws_user = $::kibana3::k3_folder_owner - } elsif $::kibana3::manage_ws { - $_ws_user = $::apache::params::user - } else { - $_ws_user = 'root' - } - - if $::kibana3::manage_ws { - - if $::kibana3::manage_git_repository { - Vcsrepo[$::kibana3::k3_install_folder] -> Apache::Vhost['kibana3'] - } - - include ::apache - - $base_options = { - 'servername' => $::kibana3::ws_servername, - 'port' => $::kibana3::ws_port, - 'default_vhost' => $::kibana3::ws_default_vhost, - 'docroot' => "${::kibana3::k3_install_folder}/src", - 'docroot_owner' => $_ws_user, - } - - $merged_options = merge($base_options, $::kibana3::ws_extras) - $vhost_configuration = hash(['kibana3', $merged_options]) - create_resources('apache::vhost', $vhost_configuration, { 'notify' => 'Service[httpd]' }) - - } - - if $::kibana3::manage_git_repository { - vcsrepo { - $::kibana3::k3_install_folder: - ensure => present, - provider => git, - source => $::kibana3::k3_clone_url, - revision => $::kibana3::k3_release, - owner => $_ws_user, - } - } -} diff --git a/kibana3/manifests/params.pp b/kibana3/manifests/params.pp deleted file mode 100644 index d346fe180..000000000 --- a/kibana3/manifests/params.pp +++ /dev/null @@ -1,46 +0,0 @@ -# = Private class: kibana3::params -# -# Author: Alejandro Figueroa -class kibana3::params { - $ensure = 'present' - - $config_default_route = '/dashboard/file/default.json' - $config_es_port = '9200' - $config_es_protocol = 'http' - $config_es_server = '"+window.location.hostname+"' - $config_kibana_index = 'kibana-int' - $config_panel_names = [ - 'histogram', - 'map', - 'goal', - 'table', - 'filtering', - 'timepicker', - 'text', - 'hits', - 'column', - 'trends', - 'bettermap', - 'query', - 'terms', - 'stats', - 'sparklines' - ] - - # If $k3_folder_owner remains 'undef' it defaults to one of two case: - # if $manage_ws = 'false'; $k3_folder_owner = 'root' - # if $manage_ws = 'true'; $k3_folder_owner = $::apache::params::user - $k3_folder_owner = undef - $k3_install_folder = '/opt/kibana3' - $k3_release = 'a50a913' - $k3_clone_url = 'https://github.com/elasticsearch/kibana.git' - - $manage_git = true - $manage_git_repository = true - - $manage_ws = true - $ws_servername = $::fqdn - $ws_port = '80' - $ws_default_vhost = false - $ws_extras = {} -} diff --git a/kibana3/manifests/uninstall.pp b/kibana3/manifests/uninstall.pp deleted file mode 100644 index 73d8cf31e..000000000 --- a/kibana3/manifests/uninstall.pp +++ /dev/null @@ -1,34 +0,0 @@ -# = Private class: kibana3::uninstall -# -# Author: Alejandro Figueroa -class kibana3::uninstall { - if $::kibana3::manage_git { - package { - 'git': - ensure => absent, - } - } - - if $::kibana3::manage_ws { - class { - 'apache': - package_ensure => absent, - } - - apache::vhost { - 'kibana3': - ensure => absent, - docroot => "${::kibana3::k3_install_folder}/src", - } - } - - file { - $::kibana3::k3_install_folder: - ensure => absent, - } - - file { - "${::kibana3::k3_install_folder}/src/config.js": - ensure => absent, - } -} diff --git a/kibana3/metadata.json b/kibana3/metadata.json deleted file mode 100644 index 44aea733b..000000000 --- a/kibana3/metadata.json +++ /dev/null @@ -1,42 +0,0 @@ -{ - "name": "thejandroman-kibana3", - "version": "0.0.4", - "author": "thejandroman", - "license": "Apache-2.0", - "summary": "Installs and configures kibana3.", - "source": "https://github.com/thejandroman/puppet-kibana3", - "dependencies": [ - { - "name": "puppetlabs/git", - "version_requirement": "0.x" - }, - { - "name": "puppetlabs/vcsrepo", - "version_requirement": ">=0.1.0 <=1.3.1" - }, - { - "name": "puppetlabs/apache", - "version_requirement": ">=0.10.0 <=1.6.0" - }, - { - "name": "puppetlabs/stdlib", - "version_requirement": ">=3.2.0 <5.0.0" - } - ], - "project_page": "https://github.com/thejandroman/puppet-kibana3", - "issues_url": "https://github.com/thejandroman/puppet-kibana3/issues", - "operatingsystem_support": [ - { - "operatingsystem": "Ubuntu", - "operatingsystemrelease": [ - "12.04" - ] - } - ], - "requirements": [ - { - "name": "puppet", - "version_requirement": "3.x" - } - ] -} diff --git a/kibana3/spec/acceptance/class_spec.rb b/kibana3/spec/acceptance/class_spec.rb deleted file mode 100644 index cb5e8584c..000000000 --- a/kibana3/spec/acceptance/class_spec.rb +++ /dev/null @@ -1,26 +0,0 @@ -require 'spec_helper_acceptance' - -describe 'thejandroman-kibana3 class' do - - context 'default parameters' do - # Using puppet_apply as a helper - it 'should work with no errors' do - pp = <<-EOS - class { 'kibana3': } - EOS - - # Run it twice and test for idempotency - expect(apply_manifest(pp).exit_code).to_not eq(1) - expect(apply_manifest(pp).exit_code).to eq(0) - end - - describe package('thejandroman-kibana3') do - it { should be_installed } - end - - describe service('thejandroman-kibana3') do - it { should be_enabled } - it { should be_running } - end - end -end diff --git a/kibana3/spec/acceptance/nodesets/centos-64-x64.yml b/kibana3/spec/acceptance/nodesets/centos-64-x64.yml deleted file mode 100644 index d19aa6951..000000000 --- a/kibana3/spec/acceptance/nodesets/centos-64-x64.yml +++ /dev/null @@ -1,11 +0,0 @@ -HOSTS: - centos-64-x64: - roles: - - master - platform: el-6-x86_64 - box : centos-64-x64-vbox4210-nocm - box_url : http://puppet-vagrant-boxes.puppetlabs.com/centos-64-x64-vbox4210-nocm.box - hypervisor : vagrant -CONFIG: - log_level: verbose - type: foss diff --git a/kibana3/spec/acceptance/nodesets/default.yml b/kibana3/spec/acceptance/nodesets/default.yml deleted file mode 100644 index b392dab75..000000000 --- a/kibana3/spec/acceptance/nodesets/default.yml +++ /dev/null @@ -1,12 +0,0 @@ -HOSTS: - ubuntu-server-12042-x64: - roles: - - master - platform: ubuntu-server-12.04-amd64 - box: ubuntu-server-12042-x64-vbox4210-nocm - box_url: http://puppet-vagrant-boxes.puppetlabs.com/ubuntu-server-12042-x64-vbox4210-nocm.box - hypervisor: vagrant - -CONFIG: - log_level: verbose - type: foss diff --git a/kibana3/spec/acceptance/nodesets/ubuntu-server-12042-x64.yml b/kibana3/spec/acceptance/nodesets/ubuntu-server-12042-x64.yml deleted file mode 100644 index b392dab75..000000000 --- a/kibana3/spec/acceptance/nodesets/ubuntu-server-12042-x64.yml +++ /dev/null @@ -1,12 +0,0 @@ -HOSTS: - ubuntu-server-12042-x64: - roles: - - master - platform: ubuntu-server-12.04-amd64 - box: ubuntu-server-12042-x64-vbox4210-nocm - box_url: http://puppet-vagrant-boxes.puppetlabs.com/ubuntu-server-12042-x64-vbox4210-nocm.box - hypervisor: vagrant - -CONFIG: - log_level: verbose - type: foss diff --git a/kibana3/spec/classes/config_spec.rb b/kibana3/spec/classes/config_spec.rb deleted file mode 100644 index c5e1bdc9e..000000000 --- a/kibana3/spec/classes/config_spec.rb +++ /dev/null @@ -1,137 +0,0 @@ -require 'spec_helper' - -describe 'kibana3', :type => :class do - ['Debian', 'RedHat'].each do |system| - let :facts do - { - :concat_basedir => '/dne', - :osfamily => system, - :operatingsystemrelease => '12.04', - :fqdn => 'kibana3', - } - end - - describe "config on #{system}" do - context 'with defaults' do - it { should compile } - it { should contain_file('/opt/kibana3/src/config.js') \ - .with_content(/^\s*elasticsearch: \"http:\/\/\"\+window\.location\.hostname\+\":9200\",$/) \ - .with_content(/^\s*default_route: '\/dashboard\/file\/default\.json',$/) \ - .with_content(/^\s*kibana_index: \"kibana-int\",$/) \ - .with_content(/^\s*panel_names: \[\s*'histogram',\s*'map',\s*'goal',\s*'table',\s*'filtering',\s*'timepicker',\s*'text',\s*'hits',\s*'column',\s*'trends',\s*'bettermap',\s*'query',\s*'terms',\s*'stats',\s*'sparklines',\s*\]$/) \ - .that_notifies('Class[Apache::Service]') - } - end - - context 'without webserver' do - let (:params) {{ :manage_ws => false }} - it { should compile } - it { should contain_file('/opt/kibana3/src/config.js') \ - .with_owner('root') \ - .with_content(/^\s*elasticsearch: \"http:\/\/\"\+window\.location\.hostname\+\":9200\",$/) \ - .with_content(/^\s*default_route: '\/dashboard\/file\/default\.json',$/) \ - .with_content(/^\s*kibana_index: \"kibana-int\",$/) \ - .with_content(/^\s*panel_names: \[\s*'histogram',\s*'map',\s*'goal',\s*'table',\s*'filtering',\s*'timepicker',\s*'text',\s*'hits',\s*'column',\s*'trends',\s*'bettermap',\s*'query',\s*'terms',\s*'stats',\s*'sparklines',\s*\]$/) - } - end - - context 'with non-standard install folder' do - let (:params) {{ :k3_install_folder => '/tmp/kibana3' }} - it { should compile } - it { should contain_file('/tmp/kibana3/src/config.js') \ - .with_content(/^\s*elasticsearch: \"http:\/\/\"\+window\.location\.hostname\+\":9200\",$/) \ - .with_content(/^\s*default_route: '\/dashboard\/file\/default\.json',$/) \ - .with_content(/^\s*kibana_index: \"kibana-int\",$/) \ - .with_content(/^\s*panel_names: \[\s*'histogram',\s*'map',\s*'goal',\s*'table',\s*'filtering',\s*'timepicker',\s*'text',\s*'hits',\s*'column',\s*'trends',\s*'bettermap',\s*'query',\s*'terms',\s*'stats',\s*'sparklines',\s*\]$/) \ - .that_notifies('Class[Apache::Service]') - } - end - - context 'with folder owner' do - let (:params) {{ :k3_folder_owner => 'foo' }} - it { should compile } - it { should contain_file('/opt/kibana3/src/config.js') \ - .with_owner('foo') \ - .with_content(/^\s*elasticsearch: \"http:\/\/\"\+window\.location\.hostname\+\":9200\",$/) \ - .with_content(/^\s*default_route: '\/dashboard\/file\/default\.json',$/) \ - .with_content(/^\s*kibana_index: \"kibana-int\",$/) \ - .with_content(/^\s*panel_names: \[\s*'histogram',\s*'map',\s*'goal',\s*'table',\s*'filtering',\s*'timepicker',\s*'text',\s*'hits',\s*'column',\s*'trends',\s*'bettermap',\s*'query',\s*'terms',\s*'stats',\s*'sparklines',\s*\]$/) \ - .that_notifies('Class[Apache::Service]') - } - end - - context 'with non-standard default route' do - let (:params) {{ :config_default_route => '/dashboard/file/foo.json' }} - it { should compile } - it { should contain_file('/opt/kibana3/src/config.js') \ - .with_content(/^\s*elasticsearch: \"http:\/\/\"\+window\.location\.hostname\+\":9200\",$/) \ - .with_content(/^\s*default_route: '\/dashboard\/file\/foo\.json',$/) \ - .with_content(/^\s*kibana_index: \"kibana-int\",$/) \ - .with_content(/^\s*panel_names: \[\s*'histogram',\s*'map',\s*'goal',\s*'table',\s*'filtering',\s*'timepicker',\s*'text',\s*'hits',\s*'column',\s*'trends',\s*'bettermap',\s*'query',\s*'terms',\s*'stats',\s*'sparklines',\s*\]$/) \ - .that_notifies('Class[Apache::Service]') - } - end - - context 'with non-standard elasticsearch port' do - let (:params) {{ :config_es_port => '8081' }} - it { should compile } - it { should contain_file('/opt/kibana3/src/config.js') \ - .with_content(/^\s*elasticsearch: \"http:\/\/\"\+window\.location\.hostname\+\":8081\",$/) \ - .with_content(/^\s*default_route: '\/dashboard\/file\/default\.json',$/) \ - .with_content(/^\s*kibana_index: \"kibana-int\",$/) \ - .with_content(/^\s*panel_names: \[\s*'histogram',\s*'map',\s*'goal',\s*'table',\s*'filtering',\s*'timepicker',\s*'text',\s*'hits',\s*'column',\s*'trends',\s*'bettermap',\s*'query',\s*'terms',\s*'stats',\s*'sparklines',\s*\]$/) \ - .that_notifies('Class[Apache::Service]') - } - end - - context 'with non-standard elasticsearch protocol' do - let (:params) {{ :config_es_protocol => 'https' }} - it { should compile } - it { should contain_file('/opt/kibana3/src/config.js') \ - .with_content(/^\s*elasticsearch: \"https:\/\/\"\+window\.location\.hostname\+\":9200\",$/) \ - .with_content(/^\s*default_route: '\/dashboard\/file\/default\.json',$/) \ - .with_content(/^\s*kibana_index: \"kibana-int\",$/) \ - .with_content(/^\s*panel_names: \[\s*'histogram',\s*'map',\s*'goal',\s*'table',\s*'filtering',\s*'timepicker',\s*'text',\s*'hits',\s*'column',\s*'trends',\s*'bettermap',\s*'query',\s*'terms',\s*'stats',\s*'sparklines',\s*\]$/) \ - .that_notifies('Class[Apache::Service]') - } - end - - context 'with non-standard elasticsearch server' do - let (:params) {{ :config_es_server => 'localhost' }} - it { should compile } - it { should contain_file('/opt/kibana3/src/config.js') \ - .with_content(/^\s*elasticsearch: \"http:\/\/\localhost:9200\",$/) \ - .with_content(/^\s*default_route: '\/dashboard\/file\/default\.json',$/) \ - .with_content(/^\s*kibana_index: \"kibana-int\",$/) \ - .with_content(/^\s*panel_names: \[\s*'histogram',\s*'map',\s*'goal',\s*'table',\s*'filtering',\s*'timepicker',\s*'text',\s*'hits',\s*'column',\s*'trends',\s*'bettermap',\s*'query',\s*'terms',\s*'stats',\s*'sparklines',\s*\]$/) \ - .that_notifies('Class[Apache::Service]') - } - end - - context 'with non-standard kibana index' do - let (:params) {{ :config_kibana_index => 'kibana-index' }} - it { should compile } - it { should contain_file('/opt/kibana3/src/config.js') \ - .with_content(/^\s*elasticsearch: \"http:\/\/\"\+window\.location\.hostname\+\":9200\",$/) \ - .with_content(/^\s*default_route: '\/dashboard\/file\/default\.json',$/) \ - .with_content(/^\s*kibana_index: \"kibana-index\",$/) \ - .with_content(/^\s*panel_names: \[\s*'histogram',\s*'map',\s*'goal',\s*'table',\s*'filtering',\s*'timepicker',\s*'text',\s*'hits',\s*'column',\s*'trends',\s*'bettermap',\s*'query',\s*'terms',\s*'stats',\s*'sparklines',\s*\]$/) \ - .that_notifies('Class[Apache::Service]') - } - end - - context 'with non-standard panel names' do - let (:params) {{ :config_panel_names => ['test1','test2'] }} - it { should compile } - it { should contain_file('/opt/kibana3/src/config.js') \ - .with_content(/^\s*elasticsearch: \"http:\/\/\"\+window\.location\.hostname\+\":9200\",$/) \ - .with_content(/^\s*default_route: '\/dashboard\/file\/default\.json',$/) \ - .with_content(/^\s*kibana_index: \"kibana-int\",$/) \ - .with_content(/^\s*panel_names: \[\s*'test1',\s*'test2',\s*\]$/) \ - .that_notifies('Class[Apache::Service]') - } - end - end - - end -end diff --git a/kibana3/spec/classes/coverage_spec.rb b/kibana3/spec/classes/coverage_spec.rb deleted file mode 100644 index 12513b83c..000000000 --- a/kibana3/spec/classes/coverage_spec.rb +++ /dev/null @@ -1 +0,0 @@ -at_exit { RSpec::Puppet::Coverage.report! } diff --git a/kibana3/spec/classes/init_spec.rb b/kibana3/spec/classes/init_spec.rb deleted file mode 100644 index 6afd4e0d2..000000000 --- a/kibana3/spec/classes/init_spec.rb +++ /dev/null @@ -1,53 +0,0 @@ -require 'spec_helper' - -describe 'kibana3', :type => :class do - ['Debian', 'RedHat'].each do |system| - let :facts do - { - :concat_basedir => '/dne', - :osfamily => system, - :operatingsystemrelease => '12.04', - :fqdn => 'kibana3', - } - end - - describe "init on #{system}" do - context 'with defaults' do - it { should compile } - it { should contain_class 'kibana3::params' } - it { should contain_anchor('kibana3::begin') \ - .that_comes_before('Class[kibana3::install]') - } - it { should contain_class('kibana3::install') \ - .that_comes_before('Class[kibana3::config]') - } - it { should contain_class('kibana3::config') \ - .that_comes_before('Anchor[kibana3::end]') - } - it { should contain_anchor 'kibana3::end'} - it { should_not contain_class 'kibana3::uninstall' } - end - - context 'with ensure absent' do - let (:params) {{ :ensure => 'absent' }} - it { should compile } - it { should contain_class 'kibana3::params' } - it { should_not contain_anchor 'kibana3::begin' } - it { should_not contain_class 'kibana3::install' } - it { should_not contain_class 'kibana3::config' } - it { should_not contain_anchor 'kibana3::end' } - it { should contain_class 'kibana3::uninstall' } - end - - context 'with unsupported ensure' do - let (:params) {{ :ensure => 'foobar' }} - it do - expect { - should compile - }.to raise_error - end - end - end - - end -end diff --git a/kibana3/spec/classes/install_spec.rb b/kibana3/spec/classes/install_spec.rb deleted file mode 100644 index 2ea35f8cc..000000000 --- a/kibana3/spec/classes/install_spec.rb +++ /dev/null @@ -1,160 +0,0 @@ -require 'spec_helper' - -describe 'kibana3', :type => :class do - ['Debian', 'RedHat'].each do |system| - let :facts do - { - :concat_basedir => '/dne', - :osfamily => system, - :operatingsystemrelease => '12.04', - :fqdn => 'kibana3', - } - end - - describe "install on #{system}" do - context 'with defaults' do - it { should compile } - it { should contain_class('git') } - it { should contain_class('apache') } - it { should contain_vcsrepo('/opt/kibana3') \ - .with_source('https://github.com/elasticsearch/kibana.git') \ - .with_revision('a50a913') } - it { should contain_apache__vhost('kibana3') \ - .with( - 'port' => '80', - 'docroot' => '/opt/kibana3/src' - ) } - end - - context 'without git' do - let (:params) {{ :manage_git => false }} - it { should compile } - it { should_not contain_class('git') } - it { should contain_class('apache') } - it { should contain_vcsrepo('/opt/kibana3') \ - .with_source('https://github.com/elasticsearch/kibana.git') \ - .with_revision('a50a913') } - it { should contain_apache__vhost('kibana3') \ - .with( - 'port' => '80', - 'docroot' => '/opt/kibana3/src' - ) } - end - - context 'without webserver' do - let (:params) {{ :manage_ws => false }} - it { should compile } - it { should contain_class('git') } - it { should_not contain_class('apache') } - it { should contain_vcsrepo('/opt/kibana3') \ - .with( - 'source' => 'https://github.com/elasticsearch/kibana.git', - 'revision' => 'a50a913', - 'owner' => 'root' - ) } - it { should_not contain_apache__vhost('kibana3') } - end - - context 'with folder owner' do - let (:params) {{ :k3_folder_owner => 'foo' }} - it { should compile } - it { should contain_class('git') } - it { should contain_class('apache') } - it { should contain_vcsrepo('/opt/kibana3') \ - .with( - 'source' => 'https://github.com/elasticsearch/kibana.git', - 'revision' => 'a50a913', - 'owner' => 'foo' - ) } - it { should contain_apache__vhost('kibana3') \ - .with( - 'port' => '80', - 'docroot' => '/opt/kibana3/src', - 'docroot_owner' => 'foo' - ) } - end - - context 'with non-standard install folder' do - let (:params) {{ :k3_install_folder => '/tmp/kibana3' }} - it { should compile } - it { should contain_class('git') } - it { should contain_class('apache') } - it { should contain_vcsrepo('/tmp/kibana3') \ - .with_source('https://github.com/elasticsearch/kibana.git') \ - .with_revision('a50a913') } - it { should contain_apache__vhost('kibana3') \ - .with( - 'port' => '80', - 'docroot' => '/tmp/kibana3/src' - ) } - end - - context 'with non-standard release' do - let (:params) {{ :k3_release => '3a485aa' }} - it { should compile } - it { should contain_class('git') } - it { should contain_class('apache') } - it { should contain_vcsrepo('/opt/kibana3') \ - .with_source('https://github.com/elasticsearch/kibana.git') \ - .with_revision('3a485aa') } - it { should contain_apache__vhost('kibana3') \ - .with( - 'port' => '80', - 'docroot' => '/opt/kibana3/src' - ) } - end - - context 'with non-standard clone url' do - let (:params) {{ :k3_clone_url => 'http://git.io/hXZlwA' }} - it { should compile } - it { should contain_class('git') } - it { should contain_class('apache') } - it { should contain_vcsrepo('/opt/kibana3') \ - .with_source('http://git.io/hXZlwA') \ - .with_revision('a50a913') } - end - - context 'with non-standard clone url and no webserver' do - let (:params) {{ :k3_clone_url => 'http://git.io/hXZlwA', :manage_ws => false }} - it { should compile } - it { should contain_class('git') } - it { should_not contain_class('apache') } - it { should contain_vcsrepo('/opt/kibana3') \ - .with_source('http://git.io/hXZlwA') \ - .with_revision('a50a913') } - end - - context 'with non-standard port' do - let (:params) {{ :ws_port => '8080' }} - it { should compile } - it { should contain_class('git') } - it { should contain_class('apache') } - it { should contain_vcsrepo('/opt/kibana3') \ - .with_source('https://github.com/elasticsearch/kibana.git') \ - .with_revision('a50a913') } - it { should contain_apache__vhost('kibana3') \ - .with( - 'port' => '8080', - 'docroot' => '/opt/kibana3/src' - ) } - end - - context 'with apache default_vhost set to true' do - let (:params) {{ :ws_default_vhost => true }} - it { should contain_class('apache') } - it { should contain_apache__vhost('kibana3') \ - .with( - 'port' => '80', - 'docroot' => '/opt/kibana3/src', - 'default_vhost' => true - ) } - end - - context 'with manage_git_repository set to false' do - let (:params) {{ :manage_git_repository => false }} - it { should_not contain_vcsrepo('/opt/kibana3') } - end - end - - end -end diff --git a/kibana3/spec/classes/params_spec.rb b/kibana3/spec/classes/params_spec.rb deleted file mode 100644 index b3f757c0e..000000000 --- a/kibana3/spec/classes/params_spec.rb +++ /dev/null @@ -1,8 +0,0 @@ -require 'spec_helper' - -describe 'kibana3::params', :type => :class do - context 'with defaults' do - it { should compile } - it { should have_resource_count(0) } - end -end diff --git a/kibana3/spec/classes/uninstall_spec.rb b/kibana3/spec/classes/uninstall_spec.rb deleted file mode 100644 index 5bb52a397..000000000 --- a/kibana3/spec/classes/uninstall_spec.rb +++ /dev/null @@ -1,96 +0,0 @@ -require 'spec_helper' - -describe 'kibana3', :type => :class do - ['Debian', 'RedHat'].each do |system| - let :facts do - { - :concat_basedir => '/dne', - :osfamily => system, - :operatingsystemrelease => '12.04', - } - end - - describe "uninstall on #{system}" do - context 'with defaults' do - let (:params) {{ :ensure => 'absent' }} - it { should compile } - it { should contain_package('git') \ - .with_ensure('absent') - } - it { should contain_class('apache') \ - .with_package_ensure('absent') - } - it { should contain_apache__vhost('kibana3') \ - .with( - 'ensure' => 'absent', - 'docroot' => '/opt/kibana3/src' - ) } - it { should contain_file('/opt/kibana3') \ - .with_ensure('absent') - } - it { should contain_file('/opt/kibana3/src/config.js') \ - .with_ensure('absent') - } - end - - context 'without git' do - let (:params) {{ :ensure => 'absent', :manage_git => false }} - it { should compile } - it { should_not contain_package('git') } - it { should contain_class('apache') \ - .with_package_ensure('absent') - } - it { should contain_apache__vhost('kibana3') \ - .with( - 'ensure' => 'absent', - 'docroot' => '/opt/kibana3/src' - ) } - it { should contain_file('/opt/kibana3') \ - .with_ensure('absent') - } - it { should contain_file('/opt/kibana3/src/config.js') \ - .with_ensure('absent') - } - end - - context 'without webserver' do - let (:params) {{ :ensure => 'absent', :manage_ws => false }} - it { should compile } - it { should contain_package('git') \ - .with_ensure('absent') - } - it { should_not contain_class('apache') } - it { should_not contain_apache__vhost('kibana3') } - it { should contain_file('/opt/kibana3') \ - .with_ensure('absent') - } - it { should contain_file('/opt/kibana3/src/config.js') \ - .with_ensure('absent') - } - end - - context 'with non-standard install folder' do - let (:params) {{ :ensure => 'absent', :k3_install_folder => '/tmp/kibana3' }} - it { should compile } - it { should contain_package('git') \ - .with_ensure('absent') - } - it { should contain_class('apache') \ - .with_package_ensure('absent') - } - it { should contain_apache__vhost('kibana3') \ - .with( - 'ensure' => 'absent', - 'docroot' => '/tmp/kibana3/src' - ) } - it { should contain_file('/tmp/kibana3') \ - .with_ensure('absent') - } - it { should contain_file('/tmp/kibana3/src/config.js') \ - .with_ensure('absent') - } - end - end - - end -end diff --git a/kibana3/spec/spec_helper.rb b/kibana3/spec/spec_helper.rb deleted file mode 100644 index dc7e9f4a0..000000000 --- a/kibana3/spec/spec_helper.rb +++ /dev/null @@ -1,2 +0,0 @@ -require 'rubygems' -require 'puppetlabs_spec_helper/module_spec_helper' diff --git a/kibana3/spec/spec_helper_acceptance.rb b/kibana3/spec/spec_helper_acceptance.rb deleted file mode 100644 index 614d4a675..000000000 --- a/kibana3/spec/spec_helper_acceptance.rb +++ /dev/null @@ -1,24 +0,0 @@ -require 'beaker-rspec/spec_helper' -require 'beaker-rspec/helpers/serverspec' - -hosts.each do |host| - # Install Puppet - install_puppet -end - -RSpec.configure do |c| - # Project root - proj_root = File.expand_path(File.join(File.dirname(__FILE__), '..')) - - # Readable test descriptions - c.formatter = :documentation - - # Configure all nodes in nodeset - c.before :suite do - # Install module and dependencies - puppet_module_install(:source => proj_root, :module_name => 'thejandroman-kibana3') - hosts.each do |host| - on host, puppet('module', 'install', 'puppetlabs-stdlib'), { :acceptable_exit_codes => [0,1] } - end - end -end diff --git a/kibana3/templates/config.js.erb b/kibana3/templates/config.js.erb deleted file mode 100644 index 3ae15e8e5..000000000 --- a/kibana3/templates/config.js.erb +++ /dev/null @@ -1,23 +0,0 @@ -/** Managed by Puppet -Do not modify by hand -**/ - -define(['settings'], -function (Settings) { - "use strict"; - - return new Settings({ - - elasticsearch: "<%= scope['::kibana3::config_es_protocol'] %>://<%= scope['::kibana3::config_es_server'] %>:<%= scope['::kibana3::config_es_port'] %>", - - default_route: '<%= scope['::kibana3::config_default_route'] %>', - - kibana_index: "<%= scope['::kibana3::config_kibana_index'] %>", - - panel_names: [ - <%- scope['::kibana3::config_panel_names'].each do |cpn| -%> - '<%= cpn %>', - <%- end -%> - ] - }); -}); diff --git a/kibana3/tests/init.pp b/kibana3/tests/init.pp deleted file mode 100644 index 32ca78bfa..000000000 --- a/kibana3/tests/init.pp +++ /dev/null @@ -1,12 +0,0 @@ -# The baseline for module testing used by Puppet Labs is that each manifest -# should have a corresponding test manifest that declares that class or defined -# type. -# -# Tests are then run by using puppet apply --noop (to check for compilation -# errors and view a log of events) or by fully applying the test in a virtual -# environment (to compare the resulting system state to the desired state). -# -# Learn more about module testing here: -# http://docs.puppetlabs.com/guides/tests_smoke.html -# -include kibana3 diff --git a/kmod/.fixtures.yml b/kmod/.fixtures.yml deleted file mode 100644 index f172a1973..000000000 --- a/kmod/.fixtures.yml +++ /dev/null @@ -1,5 +0,0 @@ -fixtures: - repositories: - "stdlib": "git://github.com/puppetlabs/puppetlabs-stdlib.git" - symlinks: - "kmod": "#{source_dir}" diff --git a/kmod/.gitignore b/kmod/.gitignore deleted file mode 100644 index 65839fa01..000000000 --- a/kmod/.gitignore +++ /dev/null @@ -1,10 +0,0 @@ -pkg/ -Gemfile.lock -vendor/ -spec/fixtures/ -.vagrant/ -.bundle/ -coverage/ -log/ -.*.swp -*~ diff --git a/kmod/.puppet-lint.rc b/kmod/.puppet-lint.rc deleted file mode 100644 index d8f5c59ef..000000000 --- a/kmod/.puppet-lint.rc +++ /dev/null @@ -1,5 +0,0 @@ ---fail-on-warnings ---relative ---no-80chars ---no-documentation ---no-class_inherits_from_params_class-check diff --git a/kmod/.sync.yml b/kmod/.sync.yml deleted file mode 100644 index d62948585..000000000 --- a/kmod/.sync.yml +++ /dev/null @@ -1,3 +0,0 @@ ---- -.travis.yml: - forge_password: "QvaBWqv7ZaB34BzONHPxZy+1OW+eBP4dZmhDobAVFD20kOP4O4QHdCe9kS3y3JRXrNW3wuiuegNzoKb+JvqQrZPQF3Ea0DO4uCPVrnVbrnmGC0p7v2VDA1tsb2snnSMa5mC6+3wYMwS27zRSQ7vN3AwDKMdp/jcPbTEpnv/+314=" diff --git a/kmod/.travis.yml b/kmod/.travis.yml deleted file mode 100644 index e5397c5b7..000000000 --- a/kmod/.travis.yml +++ /dev/null @@ -1,32 +0,0 @@ ---- -language: ruby -sudo: false -cache: bundler -bundler_args: --without system_tests -script: ["bundle exec rake validate", "bundle exec rake lint", "bundle exec rake spec SPEC_OPTS='--format documentation'", "bundle exec rake metadata"] -matrix: - fast_finish: true - include: - - rvm: 1.8.7 - env: PUPPET_GEM_VERSION="~> 3.0" FACTER_GEM_VERSION="~> 1.7.0" - - rvm: 1.9.3 - env: PUPPET_GEM_VERSION="~> 3.0" - - rvm: 2.0.0 - env: PUPPET_GEM_VERSION="~> 3.0" - - rvm: 2.0.0 - env: PUPPET_GEM_VERSION="~> 3.0" FUTURE_PARSER="yes" - - rvm: 2.1.6 - env: PUPPET_GEM_VERSION="~> 4.0" -notifications: - email: false -deploy: - provider: puppetforge - user: camptocamp - password: - secure: "QvaBWqv7ZaB34BzONHPxZy+1OW+eBP4dZmhDobAVFD20kOP4O4QHdCe9kS3y3JRXrNW3wuiuegNzoKb+JvqQrZPQF3Ea0DO4uCPVrnVbrnmGC0p7v2VDA1tsb2snnSMa5mC6+3wYMwS27zRSQ7vN3AwDKMdp/jcPbTEpnv/+314=" - on: - tags: true - # all_branches is required to use tags - all_branches: true - # Only publish if our main Ruby target builds - rvm: 1.9.3 diff --git a/kmod/CHANGELOG.md b/kmod/CHANGELOG.md deleted file mode 100644 index 54daf6d69..000000000 --- a/kmod/CHANGELOG.md +++ /dev/null @@ -1,81 +0,0 @@ -## 2015-08-27 - Release 2.1.0 - -Add minimal SuSE support - -## 2015-08-21 - Release 2.0.11 - -Use docker for acceptance tests - -## 2015-06-26 - Release 2.0.10 - -Fix strict_variables activation with rspec-puppet 2.2 - -## 2015-05-28 - Release 2.0.9 - -Add beaker_spec_helper to Gemfile - -## 2015-05-26 - Release 2.0.8 - -Use random application order in nodeset - -## 2015-05-26 - Release 2.0.7 - -add utopic & vivid nodesets - -## 2015-05-25 - Release 2.0.6 - -Don't allow failure on Puppet 4 - -## 2015-05-13 - Release 2.0.5 - -Add puppet-lint-file_source_rights-check gem - -## 2015-05-12 - Release 2.0.4 - -Don't pin beaker - -## 2015-04-27 - Release 2.0.3 - -Add nodeset ubuntu-12.04-x86_64-openstack - -## 2015-04-18 - Release 2.0.2 - -- Add beaker nodeset - -## 2015-04-15 - Release 2.0.1 - -- Fix kmod::install's file class parameter's default - -## 2015-04-03 - Release 2.0.0 - -- Add kmod::option and refactored everything to use kmod::setting -- removed obsolete generic.pp - -## 2015-03-24 - Release 1.0.6 - -- Lint - -## 2015-01-19 - Release 1.0.5 - -- Fix relative class inclusions - -## 2015-01-07 - Release 1.0.4 - -- Fix unquoted strings in cases - -## 2014-12-16 - Release 1.0.1 - -- Fix for future parser - -## 2014-10-20 - Release 1.0.0 - -- Setup automatic Forge releases - -## 2014-07-02 - Release 0.1.1 - -- Fix deprecation warnings, #22 - -## 2014-07-02 - Release 0.1.0 - -- Add unit tests -- Various improvements diff --git a/kmod/Gemfile b/kmod/Gemfile deleted file mode 100644 index 0cb59337f..000000000 --- a/kmod/Gemfile +++ /dev/null @@ -1,47 +0,0 @@ -source ENV['GEM_SOURCE'] || "https://rubygems.org" - -group :development, :unit_tests do - gem 'rake', :require => false - gem 'rspec', '< 3.2', :require => false if RUBY_VERSION =~ /^1.8/ - gem 'rspec-puppet', :require => false - gem 'puppetlabs_spec_helper', :require => false - gem 'metadata-json-lint', :require => false - gem 'puppet-lint', :require => false - gem 'puppet-lint-unquoted_string-check', :require => false - gem 'puppet-lint-empty_string-check', :require => false - gem 'puppet-lint-spaceship_operator_without_tag-check', :require => false - gem 'puppet-lint-variable_contains_upcase', :require => false - gem 'puppet-lint-absolute_classname-check', :require => false - gem 'puppet-lint-undef_in_function-check', :require => false - gem 'puppet-lint-leading_zero-check', :require => false - gem 'puppet-lint-trailing_comma-check', :require => false - gem 'puppet-lint-file_ensure-check', :require => false - gem 'puppet-lint-version_comparison-check', :require => false - gem 'puppet-lint-fileserver-check', :require => false - gem 'puppet-lint-file_source_rights-check', :require => false - gem 'puppet-lint-alias-check', :require => false - gem 'rspec-puppet-facts', :require => false - gem 'github_changelog_generator', :require => false, :git => 'https://github.com/raphink/github-changelog-generator.git', :branch => 'dev/all_patches' if RUBY_VERSION !~ /^1.8/ - gem 'puppet-blacksmith', :require => false if RUBY_VERSION !~ /^1.8/ -end - -group :system_tests do - gem 'beaker', :require => false - gem 'beaker-rspec', :require => false - gem 'beaker_spec_helper', :require => false - gem 'serverspec', :require => false -end - -if facterversion = ENV['FACTER_GEM_VERSION'] - gem 'facter', facterversion, :require => false -else - gem 'facter', :require => false -end - -if puppetversion = ENV['PUPPET_GEM_VERSION'] - gem 'puppet', puppetversion, :require => false -else - gem 'puppet', :require => false -end - -# vim:ft=ruby diff --git a/kmod/LICENSE b/kmod/LICENSE deleted file mode 100644 index 8d968b6cb..000000000 --- a/kmod/LICENSE +++ /dev/null @@ -1,201 +0,0 @@ - Apache License - Version 2.0, January 2004 - http://www.apache.org/licenses/ - - TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION - - 1. Definitions. - - "License" shall mean the terms and conditions for use, reproduction, - and distribution as defined by Sections 1 through 9 of this document. - - "Licensor" shall mean the copyright owner or entity authorized by - the copyright owner that is granting the License. - - "Legal Entity" shall mean the union of the acting entity and all - other entities that control, are controlled by, or are under common - control with that entity. For the purposes of this definition, - "control" means (i) the power, direct or indirect, to cause the - direction or management of such entity, whether by contract or - otherwise, or (ii) ownership of fifty percent (50%) or more of the - outstanding shares, or (iii) beneficial ownership of such entity. - - "You" (or "Your") shall mean an individual or Legal Entity - exercising permissions granted by this License. - - "Source" form shall mean the preferred form for making modifications, - including but not limited to software source code, documentation - source, and configuration files. - - "Object" form shall mean any form resulting from mechanical - transformation or translation of a Source form, including but - not limited to compiled object code, generated documentation, - and conversions to other media types. - - "Work" shall mean the work of authorship, whether in Source or - Object form, made available under the License, as indicated by a - copyright notice that is included in or attached to the work - (an example is provided in the Appendix below). - - "Derivative Works" shall mean any work, whether in Source or Object - form, that is based on (or derived from) the Work and for which the - editorial revisions, annotations, elaborations, or other modifications - represent, as a whole, an original work of authorship. For the purposes - of this License, Derivative Works shall not include works that remain - separable from, or merely link (or bind by name) to the interfaces of, - the Work and Derivative Works thereof. - - "Contribution" shall mean any work of authorship, including - the original version of the Work and any modifications or additions - to that Work or Derivative Works thereof, that is intentionally - submitted to Licensor for inclusion in the Work by the copyright owner - or by an individual or Legal Entity authorized to submit on behalf of - the copyright owner. For the purposes of this definition, "submitted" - means any form of electronic, verbal, or written communication sent - to the Licensor or its representatives, including but not limited to - communication on electronic mailing lists, source code control systems, - and issue tracking systems that are managed by, or on behalf of, the - Licensor for the purpose of discussing and improving the Work, but - excluding communication that is conspicuously marked or otherwise - designated in writing by the copyright owner as "Not a Contribution." - - "Contributor" shall mean Licensor and any individual or Legal Entity - on behalf of whom a Contribution has been received by Licensor and - subsequently incorporated within the Work. - - 2. Grant of Copyright License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - copyright license to reproduce, prepare Derivative Works of, - publicly display, publicly perform, sublicense, and distribute the - Work and such Derivative Works in Source or Object form. - - 3. Grant of Patent License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - (except as stated in this section) patent license to make, have made, - use, offer to sell, sell, import, and otherwise transfer the Work, - where such license applies only to those patent claims licensable - by such Contributor that are necessarily infringed by their - Contribution(s) alone or by combination of their Contribution(s) - with the Work to which such Contribution(s) was submitted. If You - institute patent litigation against any entity (including a - cross-claim or counterclaim in a lawsuit) alleging that the Work - or a Contribution incorporated within the Work constitutes direct - or contributory patent infringement, then any patent licenses - granted to You under this License for that Work shall terminate - as of the date such litigation is filed. - - 4. Redistribution. You may reproduce and distribute copies of the - Work or Derivative Works thereof in any medium, with or without - modifications, and in Source or Object form, provided that You - meet the following conditions: - - (a) You must give any other recipients of the Work or - Derivative Works a copy of this License; and - - (b) You must cause any modified files to carry prominent notices - stating that You changed the files; and - - (c) You must retain, in the Source form of any Derivative Works - that You distribute, all copyright, patent, trademark, and - attribution notices from the Source form of the Work, - excluding those notices that do not pertain to any part of - the Derivative Works; and - - (d) If the Work includes a "NOTICE" text file as part of its - distribution, then any Derivative Works that You distribute must - include a readable copy of the attribution notices contained - within such NOTICE file, excluding those notices that do not - pertain to any part of the Derivative Works, in at least one - of the following places: within a NOTICE text file distributed - as part of the Derivative Works; within the Source form or - documentation, if provided along with the Derivative Works; or, - within a display generated by the Derivative Works, if and - wherever such third-party notices normally appear. The contents - of the NOTICE file are for informational purposes only and - do not modify the License. You may add Your own attribution - notices within Derivative Works that You distribute, alongside - or as an addendum to the NOTICE text from the Work, provided - that such additional attribution notices cannot be construed - as modifying the License. - - You may add Your own copyright statement to Your modifications and - may provide additional or different license terms and conditions - for use, reproduction, or distribution of Your modifications, or - for any such Derivative Works as a whole, provided Your use, - reproduction, and distribution of the Work otherwise complies with - the conditions stated in this License. - - 5. Submission of Contributions. Unless You explicitly state otherwise, - any Contribution intentionally submitted for inclusion in the Work - by You to the Licensor shall be under the terms and conditions of - this License, without any additional terms or conditions. - Notwithstanding the above, nothing herein shall supersede or modify - the terms of any separate license agreement you may have executed - with Licensor regarding such Contributions. - - 6. Trademarks. This License does not grant permission to use the trade - names, trademarks, service marks, or product names of the Licensor, - except as required for reasonable and customary use in describing the - origin of the Work and reproducing the content of the NOTICE file. - - 7. Disclaimer of Warranty. Unless required by applicable law or - agreed to in writing, Licensor provides the Work (and each - Contributor provides its Contributions) on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or - implied, including, without limitation, any warranties or conditions - of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A - PARTICULAR PURPOSE. You are solely responsible for determining the - appropriateness of using or redistributing the Work and assume any - risks associated with Your exercise of permissions under this License. - - 8. Limitation of Liability. In no event and under no legal theory, - whether in tort (including negligence), contract, or otherwise, - unless required by applicable law (such as deliberate and grossly - negligent acts) or agreed to in writing, shall any Contributor be - liable to You for damages, including any direct, indirect, special, - incidental, or consequential damages of any character arising as a - result of this License or out of the use or inability to use the - Work (including but not limited to damages for loss of goodwill, - work stoppage, computer failure or malfunction, or any and all - other commercial damages or losses), even if such Contributor - has been advised of the possibility of such damages. - - 9. Accepting Warranty or Additional Liability. While redistributing - the Work or Derivative Works thereof, You may choose to offer, - and charge a fee for, acceptance of support, warranty, indemnity, - or other liability obligations and/or rights consistent with this - License. However, in accepting such obligations, You may act only - on Your own behalf and on Your sole responsibility, not on behalf - of any other Contributor, and only if You agree to indemnify, - defend, and hold each Contributor harmless for any liability - incurred by, or claims asserted against, such Contributor by reason - of your accepting any such warranty or additional liability. - - END OF TERMS AND CONDITIONS - - APPENDIX: How to apply the Apache License to your work. - - To apply the Apache License to your work, attach the following - boilerplate notice, with the fields enclosed by brackets "[]" - replaced with your own identifying information. (Don't include - the brackets!) The text should be enclosed in the appropriate - comment syntax for the file format. We also recommend that a - file or class name and description of purpose be included on the - same "printed page" as the copyright notice for easier - identification within third-party archives. - - Copyright [yyyy] [name of copyright owner] - - Licensed under the Apache License, Version 2.0 (the "License"); - you may not use this file except in compliance with the License. - You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - - Unless required by applicable law or agreed to in writing, software - distributed under the License is distributed on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - See the License for the specific language governing permissions and - limitations under the License. diff --git a/kmod/README.md b/kmod/README.md deleted file mode 100644 index 5b378dbae..000000000 --- a/kmod/README.md +++ /dev/null @@ -1,116 +0,0 @@ -# Kmod Puppet module - -[![Puppet Forge Version](http://img.shields.io/puppetforge/v/camptocamp/kmod.svg)](https://forge.puppetlabs.com/camptocamp/kmod) -[![Puppet Forge Downloads](http://img.shields.io/puppetforge/dt/camptocamp/kmod.svg)](https://forge.puppetlabs.com/camptocamp/kmod) -[![Build Status](https://img.shields.io/travis/camptocamp/puppet-kmod/master.svg)](https://travis-ci.org/camptocamp/puppet-kmod) -[![Puppet Forge Endorsement](https://img.shields.io/puppetforge/e/camptocamp/kmod.svg)](https://forge.puppetlabs.com/camptocamp/kmod) -[![Gemnasium](https://img.shields.io/gemnasium/camptocamp/puppet-kmod.svg)](https://gemnasium.com/camptocamp/puppet-kmod) -[![By Camptocamp](https://img.shields.io/badge/by-camptocamp-fb7047.svg)](http://www.camptocamp.com) - -## Description - -This module provides definitions to manipulate modprobe.conf (5) stanzas: - - * kmod::alias - * kmod::install - * kmod::blacklist - -It depends on Augeas with the modprobe lens. - -## Usage - -This module has five main defined types: - - * kmod::load - * kmod::alias - * kmod::option - * kmod::install - * kmod::blacklist - - -### kmod::load - -Loads a module using modprobe and manages persistent modules in /etc/sysconfig/modules - -```puppet - kmod::load { 'mymodule': } -``` - -### kmod::alias - -Adds an alias to modprobe.conf, by default `/etc/modprobe.d/.conf` is assumed for a filename. - -```puppet - kmod::alias { 'bond0': - modulename => 'bonding', - } -``` - -Params: -* `modulename`: Name of the module to alias -* `aliasname`: Name of the alias (defaults to the resource title) -* `file`: File to write to (see above default) - -### kmod::option - -Adds an option to modprobe.conf - -```puppet - kmod::option { 'bond0 mode': - module => 'bond0', - option => 'mode', - value => '1', - } - - kmod::option { 'bond0': - option => 'mode', - value => '1', - } -``` - -Params: -* `option`: Name of the parameter to add -* `value`: Value of the parameter -* `module`: Name of the module (if ommited, the resource title is used) -* `file`: File to write to (defaults to `/etc/modprobe.d/.conf`) - -### kmod::blacklist - -Manages modprobe blacklist entries. Blacklist entries prevents module aliases from being used, -but would not prevent the module from being loaded. -To prevent a module from being loaded use `kmod::install` - -```puppet - kmod::blacklist { 'foo': } -``` - -Params: -* `file`: File to write to, defaults to `/etc/modprobe.d/blacklist.conf` - -### kmod::install - -Manage modprobe install entries - -```puppet - kmod::install { 'pcspkr': } -``` - -If you want to ensure that module can't be loaded at all you can do the following: -```puppet - kmod::install { 'dccp': command => '/bin/false' } -``` - -Params: -* `file`: File to write to (defaults to `/etc/modprobe.d/.conf`) -* `command`: (optional) command associated with the install, defaults to `/bin/true` - - - -## Contributing - -Please report bugs and feature request using [GitHub issue -tracker](https://github.com/camptocamp/puppet-kmod/issues). - -For pull requests, it is very much appreciated to check your Puppet manifest -with [puppet-lint](https://github.com/camptocamp/puppet-kmod/issues) to follow the recommended Puppet style guidelines from the -[Puppet Labs style guide](http://docs.puppetlabs.com/guides/style_guide.html). diff --git a/kmod/Rakefile b/kmod/Rakefile deleted file mode 100644 index adcac180c..000000000 --- a/kmod/Rakefile +++ /dev/null @@ -1,23 +0,0 @@ -require 'puppetlabs_spec_helper/rake_tasks' -require 'puppet-lint/tasks/puppet-lint' - -Rake::Task[:lint].clear -PuppetLint::RakeTask.new :lint do |config| - config.ignore_paths = ["spec/**/*.pp", "pkg/**/*.pp", "vendor/**/*.pp"] - config.disable_checks = ['80chars'] - config.fail_on_warnings = true -end - -PuppetSyntax.exclude_paths = ["spec/fixtures/**/*.pp", "vendor/**/*"] - -# Publishing tasks -unless RUBY_VERSION =~ /^1\.8/ - require 'puppet_blacksmith' - require 'puppet_blacksmith/rake_tasks' - require 'github_changelog_generator/task' - GitHubChangelogGenerator::RakeTask.new :changelog do |config| - m = Blacksmith::Modulefile.new - config.future_release = m.version - config.release_url = "https://forge.puppetlabs.com/#{m.author}/#{m.name}/%s" - end -end diff --git a/kmod/manifests/alias.pp b/kmod/manifests/alias.pp deleted file mode 100644 index dcdb974f7..000000000 --- a/kmod/manifests/alias.pp +++ /dev/null @@ -1,26 +0,0 @@ -# = Define: kmod::alias -# -# == Example -# -# kmod::alias { 'bond0': -# alias => 'bonding', -# } -# -define kmod::alias( - $source, - $ensure = 'present', - $file = "/etc/modprobe.d/${name}.conf", - $aliasname = $name, -) { - - include ::kmod - - kmod::setting { "kmod::alias ${title}": - module => $aliasname, - file => $file, - category => 'alias', - option => 'modulename', - value => $source, - } - -} diff --git a/kmod/manifests/blacklist.pp b/kmod/manifests/blacklist.pp deleted file mode 100644 index 1dddddaa3..000000000 --- a/kmod/manifests/blacklist.pp +++ /dev/null @@ -1,27 +0,0 @@ -# -# == Definition: kmod::blacklist -# -# Set a kernel module as blacklisted. -# -# Parameters: -# - *ensure*: present/absent; -# - *file*: optionally, set the file where the stanza is written. -# -# Example usage: -# -# kmod::blacklist { 'pcspkr': } -# -define kmod::blacklist( - $ensure=present, - $file='/etc/modprobe.d/blacklist.conf', -) { - - - kmod::setting { "kmod::blacklist ${title}": - ensure => $ensure, - module => $name, - file => $file, - category => 'blacklist', - } - -} diff --git a/kmod/manifests/init.pp b/kmod/manifests/init.pp deleted file mode 100644 index 14da62ba0..000000000 --- a/kmod/manifests/init.pp +++ /dev/null @@ -1,21 +0,0 @@ -# -# == Class: kmod -# -# Ensures a couple of mandatory files are present before managing their -# content. -# -# -class kmod { - - if versioncmp($::augeasversion, '0.9.0') < 0 { - fail('Augeas 0.10.0 or higher required') - } - file { '/etc/modprobe.d': ensure => directory } - - file { [ - '/etc/modprobe.d/modprobe.conf', - '/etc/modprobe.d/aliases.conf', - '/etc/modprobe.d/blacklist.conf', - ]: ensure => file, - } -} diff --git a/kmod/manifests/install.pp b/kmod/manifests/install.pp deleted file mode 100644 index 8f6bb74c0..000000000 --- a/kmod/manifests/install.pp +++ /dev/null @@ -1,30 +0,0 @@ -# -# == Definition: kmod::install -# -# Set a kernel module as installed. -# -# Parameters: -# - *ensure*: present/absent; -# - *command*: optionally, set the command associated with the kernel module; -# - *file*: optionally, set the file where the stanza is written. -# -# Example usage: -# -# kmod::install { 'pcspkr': } -# -define kmod::install( - $ensure=present, - $command='/bin/true', - $file="/etc/modprobe.d/${name}.conf", -) { - - kmod::setting { "kmod::install ${title}": - ensure => $ensure, - module => $name, - file => $file, - category => 'install', - option => 'command', - value => $command, - } - -} diff --git a/kmod/manifests/load.pp b/kmod/manifests/load.pp deleted file mode 100644 index 07525681b..000000000 --- a/kmod/manifests/load.pp +++ /dev/null @@ -1,87 +0,0 @@ -# -# == Definition: kmod::load -# -# Manage a kernel module in /etc/modules. -# -# Parameters: -# - *ensure*: present/absent; -# - *file*: optionally, set the file where the stanza is written. -# -# Example usage: -# -# kmod::load { 'sha256': } -# -define kmod::load( - $ensure=present, - $file='/etc/modules', -) { - - case $ensure { - 'present': { - case $::osfamily { - 'Debian': { - $changes = "clear '${name}'" - } - 'Suse': { - $changes = "set MODULES_LOADED_ON_BOOT/value[.='${name}'] '${name}'" - } - default: { } - } - - exec { "modprobe ${name}": - path => '/bin:/sbin:/usr/bin:/usr/sbin', - unless => "egrep -q '^${name} ' /proc/modules", - } - } - - 'absent': { - case $::osfamily { - 'Debian': { - $changes = "rm '${name}'" - } - 'Suse': { - $changes = "rm MODULES_LOADED_ON_BOOT/value[.='${name}']" - } - default: { } - } - - exec { "modprobe -r ${name}": - path => '/bin:/sbin:/usr/bin:/usr/sbin', - onlyif => "egrep -q '^${name} ' /proc/modules", - } - } - - default: { fail "${module_name}: unknown ensure value ${ensure}" } - } - - case $::osfamily { - 'Debian': { - augeas {"Manage ${name} in ${file}": - incl => $file, - lens => 'Modules.lns', - changes => $changes, - } - } - 'RedHat': { - file { "/etc/sysconfig/modules/${name}.modules": - ensure => $ensure, - mode => '0755', - content => template('kmod/redhat.modprobe.erb'), - } - } - 'Suse': { - $kernelfile = $file ? { - '/etc/modules' => '/etc/sysconfig/kernel', - default => $file, - } - augeas { "sysconfig_kernel_MODULES_LOADED_ON_BOOT_${name}": - lens => 'Shellvars_list.lns', - incl => $kernelfile, - changes => $changes, - } - } - default: { - fail "${module_name}: Unknown OS family ${::osfamily}" - } - } -} diff --git a/kmod/manifests/option.pp b/kmod/manifests/option.pp deleted file mode 100644 index 8597138f6..000000000 --- a/kmod/manifests/option.pp +++ /dev/null @@ -1,35 +0,0 @@ -# = Define: kmod::alias -# -# == Example -# -# kmod::option { 'bond0': -# option => 'bonding', -# } -# -define kmod::option( - $option, - $value, - $module = $name, - $ensure = 'present', - $file = undef, -) { - - include ::kmod - - $target_file = $file ? { - undef => "/etc/modprobe.d/${module}.conf", - default => $file, - } - - - kmod::setting { "kmod::option ${title}": - ensure => $ensure, - module => $module, - category => 'options', - file => $target_file, - option => $option, - value => $value, - } - -} - diff --git a/kmod/manifests/setting.pp b/kmod/manifests/setting.pp deleted file mode 100644 index b554d1646..000000000 --- a/kmod/manifests/setting.pp +++ /dev/null @@ -1,45 +0,0 @@ -# = Define: kmod::setting -# -# == Example -# -# -define kmod::setting( - $file, - $category, - $option = undef, - $value = undef, - $module = $name, - $ensure = 'present', -) { - - include ::kmod - - ensure_resource('file', $file, { 'ensure' => 'file'} ) - case $ensure { - 'present': { - if $option { - $changes = [ - "set ${category}[. = '${module}'] ${module}", - "set ${category}[. = '${module}']/${option} ${value}", - ] - } else { - $changes = [ - "set ${category}[. = '${module}'] ${module}", - ] - } - } - - 'absent': { - $changes = "rm ${category}[. = '${module}']" - } - - default: { fail ( "unknown ensure value ${ensure}" ) } - } - - augeas { "kmod::setting ${title} ${module}": - incl => $file, - lens => 'Modprobe.lns', - changes => $changes, - require => File[$file], - } -} diff --git a/kmod/metadata.json b/kmod/metadata.json deleted file mode 100644 index 25cb4b183..000000000 --- a/kmod/metadata.json +++ /dev/null @@ -1,44 +0,0 @@ -{ - "name": "camptocamp-kmod", - "version": "2.1.0", - "author": "camptocamp", - "summary": "Manage Linux kernel modules with Puppet", - "license": "Apache-2.0", - "source": "https://github.com/camptocamp/puppet-kmod", - "project_page": "https://github.com/camptocamp/puppet-kmod", - "issues_url": "https://github.com/camptocamp/puppet-kmod/issues", - "description": "Manage Linux kernel modules with Puppet", - "dependencies": [ - - ], - "operatingsystem_support": [ - { - "operatingsystem": "Debian", - "operatingsystemrelease": [ - "6", - "7" - ] - }, - { - "operatingsystem": "Ubuntu", - "operatingsystemrelease": [ - "12.04", - "14.04" - ] - }, - { - "operatingsystem": "SLES", - "operatingsystemrelease": [ - "11" - ] - }, - { - "operatingsystem": "RedHat", - "operatingsystemrelease": [ - "5", - "6", - "7" - ] - } - ] -} diff --git a/kmod/spec/acceptance/nodesets/centos-5-x86_64-docker.yml b/kmod/spec/acceptance/nodesets/centos-5-x86_64-docker.yml deleted file mode 100644 index 679afb04d..000000000 --- a/kmod/spec/acceptance/nodesets/centos-5-x86_64-docker.yml +++ /dev/null @@ -1,15 +0,0 @@ -HOSTS: - centos-5-x64: - default_apply_opts: - order: random - strict_variables: - platform: el-5-x86_64 - hypervisor : docker - image: centos:5 - docker_preserve_image: true - docker_cmd: '["/sbin/init"]' - docker_image_commands: - - 'yum install -y crontabs tar wget' -CONFIG: - type: foss - log_level: debug diff --git a/kmod/spec/acceptance/nodesets/centos-6-x86_64-docker.yml b/kmod/spec/acceptance/nodesets/centos-6-x86_64-docker.yml deleted file mode 100644 index 9cab03d08..000000000 --- a/kmod/spec/acceptance/nodesets/centos-6-x86_64-docker.yml +++ /dev/null @@ -1,15 +0,0 @@ -HOSTS: - centos-6-x64: - default_apply_opts: - order: random - strict_variables: - platform: el-6-x86_64 - hypervisor : docker - image: centos:6 - docker_preserve_image: true - docker_cmd: '["/sbin/init"]' - docker_image_commands: - - 'yum install -y crontabs tar wget' -CONFIG: - type: foss - log_level: debug diff --git a/kmod/spec/acceptance/nodesets/centos-6-x86_64-openstack.yml b/kmod/spec/acceptance/nodesets/centos-6-x86_64-openstack.yml deleted file mode 100644 index e325b9e90..000000000 --- a/kmod/spec/acceptance/nodesets/centos-6-x86_64-openstack.yml +++ /dev/null @@ -1,14 +0,0 @@ -HOSTS: - centos-6-x64: - default_apply_opts: - order: random - strict_variables: - platform: el-6-x86_64 - hypervisor : openstack - flavor: m1.small - image: centos-6-latest - user: root -CONFIG: - type: foss - log_level: debug - openstack_network: default diff --git a/kmod/spec/acceptance/nodesets/centos-6-x86_64-vagrant.yml b/kmod/spec/acceptance/nodesets/centos-6-x86_64-vagrant.yml deleted file mode 100644 index f06036ecc..000000000 --- a/kmod/spec/acceptance/nodesets/centos-6-x86_64-vagrant.yml +++ /dev/null @@ -1,11 +0,0 @@ -HOSTS: - centos-6-x64: - default_apply_opts: - order: random - strict_variables: - platform: el-6-x86_64 - hypervisor : vagrant - box : camptocamp/centos-6-x86_64 -CONFIG: - type: foss - log_level: debug diff --git a/kmod/spec/acceptance/nodesets/centos-7-x86_64-docker.yml b/kmod/spec/acceptance/nodesets/centos-7-x86_64-docker.yml deleted file mode 100644 index 0bc972711..000000000 --- a/kmod/spec/acceptance/nodesets/centos-7-x86_64-docker.yml +++ /dev/null @@ -1,15 +0,0 @@ -HOSTS: - centos-7-x64: - default_apply_opts: - order: random - strict_variables: - platform: el-7-x86_64 - hypervisor : docker - image: centos:7 - docker_preserve_image: true - docker_cmd: '["/usr/sbin/init"]' - docker_image_commands: - - 'yum install -y crontabs tar wget' -CONFIG: - type: foss - log_level: debug diff --git a/kmod/spec/acceptance/nodesets/centos-7-x86_64-openstack.yml b/kmod/spec/acceptance/nodesets/centos-7-x86_64-openstack.yml deleted file mode 100644 index 9003c8678..000000000 --- a/kmod/spec/acceptance/nodesets/centos-7-x86_64-openstack.yml +++ /dev/null @@ -1,14 +0,0 @@ -HOSTS: - centos-7-x64: - default_apply_opts: - order: random - strict_variables: - platform: el-7-x86_64 - hypervisor : openstack - flavor: m1.small - image: centos-7-latest - user: centos -CONFIG: - type: foss - log_level: debug - openstack_network: default diff --git a/kmod/spec/acceptance/nodesets/centos-7-x86_64-vagrant.yml b/kmod/spec/acceptance/nodesets/centos-7-x86_64-vagrant.yml deleted file mode 100644 index 95402e546..000000000 --- a/kmod/spec/acceptance/nodesets/centos-7-x86_64-vagrant.yml +++ /dev/null @@ -1,11 +0,0 @@ -HOSTS: - centos-7-x64: - default_apply_opts: - order: random - strict_variables: - platform: el-7-x86_64 - hypervisor : vagrant - box : camptocamp/centos-7-x86_64 -CONFIG: - type: foss - log_level: debug diff --git a/kmod/spec/acceptance/nodesets/debian-6-x86_64-docker.yml b/kmod/spec/acceptance/nodesets/debian-6-x86_64-docker.yml deleted file mode 100644 index 359dae7dc..000000000 --- a/kmod/spec/acceptance/nodesets/debian-6-x86_64-docker.yml +++ /dev/null @@ -1,15 +0,0 @@ -HOSTS: - debian-6-x64: - default_apply_opts: - order: random - strict_variables: - platform: debian-6-amd64 - hypervisor : docker - image: debian:6 - docker_preserve_image: true - docker_cmd: '["/sbin/init"]' - docker_image_commands: - - 'apt-get install -y wget' -CONFIG: - type: foss - log_level: debug diff --git a/kmod/spec/acceptance/nodesets/debian-6-x86_64-openstack.yml b/kmod/spec/acceptance/nodesets/debian-6-x86_64-openstack.yml deleted file mode 100644 index c6c192fe4..000000000 --- a/kmod/spec/acceptance/nodesets/debian-6-x86_64-openstack.yml +++ /dev/null @@ -1,14 +0,0 @@ -HOSTS: - debian-6-x64: - default_apply_opts: - order: random - strict_variables: - platform: debian-6-amd64 - hypervisor : openstack - flavor: m1.small - image: debian-6-latest - user: debian -CONFIG: - type: foss - log_level: debug - openstack_network: default diff --git a/kmod/spec/acceptance/nodesets/debian-6-x86_64-vagrant.yml b/kmod/spec/acceptance/nodesets/debian-6-x86_64-vagrant.yml deleted file mode 100644 index 03db0fa76..000000000 --- a/kmod/spec/acceptance/nodesets/debian-6-x86_64-vagrant.yml +++ /dev/null @@ -1,11 +0,0 @@ -HOSTS: - debian-6-x64: - default_apply_opts: - order: random - strict_variables: - platform: debian-6-amd64 - hypervisor : vagrant - box : puppetlabs/debian-6.0.10-64-nocm -CONFIG: - type: foss - log_level: debug diff --git a/kmod/spec/acceptance/nodesets/debian-7-x86_64-docker.yml b/kmod/spec/acceptance/nodesets/debian-7-x86_64-docker.yml deleted file mode 100644 index fc11f5748..000000000 --- a/kmod/spec/acceptance/nodesets/debian-7-x86_64-docker.yml +++ /dev/null @@ -1,15 +0,0 @@ -HOSTS: - debian-7-x64: - default_apply_opts: - order: random - strict_variables: - platform: debian-7-amd64 - hypervisor : docker - image: debian:7 - docker_preserve_image: true - docker_cmd: '["/sbin/init"]' - docker_image_commands: - - 'apt-get install -y cron wget' -CONFIG: - type: foss - log_level: debug diff --git a/kmod/spec/acceptance/nodesets/debian-7-x86_64-openstack.yml b/kmod/spec/acceptance/nodesets/debian-7-x86_64-openstack.yml deleted file mode 100644 index 017b4c743..000000000 --- a/kmod/spec/acceptance/nodesets/debian-7-x86_64-openstack.yml +++ /dev/null @@ -1,14 +0,0 @@ -HOSTS: - debian-7-x64: - default_apply_opts: - order: random - strict_variables: - platform: debian-7-amd64 - hypervisor : openstack - flavor: m1.small - image: debian-7-latest - user: debian -CONFIG: - type: foss - log_level: debug - openstack_network: default diff --git a/kmod/spec/acceptance/nodesets/debian-7-x86_64-vagrant.yml b/kmod/spec/acceptance/nodesets/debian-7-x86_64-vagrant.yml deleted file mode 100644 index 8ed1264df..000000000 --- a/kmod/spec/acceptance/nodesets/debian-7-x86_64-vagrant.yml +++ /dev/null @@ -1,11 +0,0 @@ -HOSTS: - debian-7-x64: - default_apply_opts: - order: random - strict_variables: - platform: debian-7-amd64 - hypervisor : vagrant - box : camptocamp/debian-7-amd64 -CONFIG: - type: foss - log_level: debug diff --git a/kmod/spec/acceptance/nodesets/debian-8-x86_64-docker.yml b/kmod/spec/acceptance/nodesets/debian-8-x86_64-docker.yml deleted file mode 100644 index 86a55e156..000000000 --- a/kmod/spec/acceptance/nodesets/debian-8-x86_64-docker.yml +++ /dev/null @@ -1,15 +0,0 @@ -HOSTS: - debian-8-x64: - default_apply_opts: - order: random - strict_variables: - platform: debian-8-amd64 - hypervisor : docker - image: debian:8 - docker_preserve_image: true - docker_cmd: '["/sbin/init"]' - docker_image_commands: - - 'apt-get install -y cron wget' -CONFIG: - type: foss - log_level: debug diff --git a/kmod/spec/acceptance/nodesets/debian-8-x86_64-openstack.yml b/kmod/spec/acceptance/nodesets/debian-8-x86_64-openstack.yml deleted file mode 100644 index 003b6f4bd..000000000 --- a/kmod/spec/acceptance/nodesets/debian-8-x86_64-openstack.yml +++ /dev/null @@ -1,14 +0,0 @@ -HOSTS: - debian-8-x64: - default_apply_opts: - order: random - strict_variables: - platform: debian-8-amd64 - hypervisor : openstack - flavor: m1.small - image: debian-8-latest - user: debian -CONFIG: - type: foss - log_level: debug - openstack_network: default diff --git a/kmod/spec/acceptance/nodesets/debian-8-x86_64-vagrant.yml b/kmod/spec/acceptance/nodesets/debian-8-x86_64-vagrant.yml deleted file mode 100644 index 5cc7f0c5a..000000000 --- a/kmod/spec/acceptance/nodesets/debian-8-x86_64-vagrant.yml +++ /dev/null @@ -1,11 +0,0 @@ -HOSTS: - debian-8-x64: - default_apply_opts: - order: random - strict_variables: - platform: debian-8-amd64 - hypervisor : vagrant - box : camptocamp/debian-8-amd64 -CONFIG: - type: foss - log_level: debug diff --git a/kmod/spec/acceptance/nodesets/ubuntu-10.04-x86_64-docker.yml b/kmod/spec/acceptance/nodesets/ubuntu-10.04-x86_64-docker.yml deleted file mode 100644 index 933dee605..000000000 --- a/kmod/spec/acceptance/nodesets/ubuntu-10.04-x86_64-docker.yml +++ /dev/null @@ -1,13 +0,0 @@ -HOSTS: - ubuntu-1004-x64: - default_apply_opts: - order: random - strict_variables: - platform: ubuntu-10.04-amd64 - hypervisor : docker - image: ubuntu:10.04 - # This stops the image from being deleted on completion, speeding up the process. - docker_preserve_image: true -CONFIG: - type: foss - log_level: debug diff --git a/kmod/spec/acceptance/nodesets/ubuntu-12.04-x86_64-docker.yml b/kmod/spec/acceptance/nodesets/ubuntu-12.04-x86_64-docker.yml deleted file mode 100644 index f0ec72b86..000000000 --- a/kmod/spec/acceptance/nodesets/ubuntu-12.04-x86_64-docker.yml +++ /dev/null @@ -1,15 +0,0 @@ -HOSTS: - ubuntu-1204-x64: - default_apply_opts: - order: random - strict_variables: - platform: ubuntu-12.04-amd64 - hypervisor : docker - image: ubuntu:12.04 - docker_preserve_image: true - docker_cmd: '["/sbin/init"]' - docker_image_commands: - - 'apt-get install -y wget' -CONFIG: - type: foss - log_level: debug diff --git a/kmod/spec/acceptance/nodesets/ubuntu-12.04-x86_64-openstack.yml b/kmod/spec/acceptance/nodesets/ubuntu-12.04-x86_64-openstack.yml deleted file mode 100644 index f81b04b74..000000000 --- a/kmod/spec/acceptance/nodesets/ubuntu-12.04-x86_64-openstack.yml +++ /dev/null @@ -1,14 +0,0 @@ -HOSTS: - ubuntu-1204-x64: - default_apply_opts: - order: random - strict_variables: - platform: ubuntu-12.04-amd64 - hypervisor : openstack - flavor: m1.small - image: ubuntu-1204-latest - user: ubuntu -CONFIG: - type: foss - log_level: debug - openstack_network: default diff --git a/kmod/spec/acceptance/nodesets/ubuntu-14.04-x86_64-docker.yml b/kmod/spec/acceptance/nodesets/ubuntu-14.04-x86_64-docker.yml deleted file mode 100644 index 6fb9281e5..000000000 --- a/kmod/spec/acceptance/nodesets/ubuntu-14.04-x86_64-docker.yml +++ /dev/null @@ -1,15 +0,0 @@ -HOSTS: - ubuntu-1404-x64: - default_apply_opts: - order: random - strict_variables: - platform: ubuntu-14.04-amd64 - hypervisor : docker - image: ubuntu:14.04 - docker_preserve_image: true - docker_cmd: '["/sbin/init"]' - docker_image_commands: - - 'apt-get install -y wget' -CONFIG: - type: foss - log_level: debug diff --git a/kmod/spec/acceptance/nodesets/ubuntu-14.04-x86_64-openstack.yml b/kmod/spec/acceptance/nodesets/ubuntu-14.04-x86_64-openstack.yml deleted file mode 100644 index 2eeb912d9..000000000 --- a/kmod/spec/acceptance/nodesets/ubuntu-14.04-x86_64-openstack.yml +++ /dev/null @@ -1,14 +0,0 @@ -HOSTS: - ubuntu-1404-x64: - default_apply_opts: - order: random - strict_variables: - platform: ubuntu-14.04-amd64 - hypervisor : openstack - flavor: m1.small - image: ubuntu-1404-latest - user: ubuntu -CONFIG: - type: foss - log_level: debug - openstack_network: default diff --git a/kmod/spec/acceptance/nodesets/ubuntu-14.04-x86_64-vagrant.yml b/kmod/spec/acceptance/nodesets/ubuntu-14.04-x86_64-vagrant.yml deleted file mode 100644 index 3b3769539..000000000 --- a/kmod/spec/acceptance/nodesets/ubuntu-14.04-x86_64-vagrant.yml +++ /dev/null @@ -1,11 +0,0 @@ -HOSTS: - ubuntu-1404-x64: - default_apply_opts: - order: random - strict_variables: - platform: ubuntu-14.04-amd64 - hypervisor : vagrant - box : puppetlabs/ubuntu-14.04-64-nocm -CONFIG: - type: foss - log_level: debug diff --git a/kmod/spec/acceptance/nodesets/ubuntu-14.10-x86_64-docker.yml b/kmod/spec/acceptance/nodesets/ubuntu-14.10-x86_64-docker.yml deleted file mode 100644 index 2be425c54..000000000 --- a/kmod/spec/acceptance/nodesets/ubuntu-14.10-x86_64-docker.yml +++ /dev/null @@ -1,15 +0,0 @@ -HOSTS: - ubuntu-1410-x64: - default_apply_opts: - order: random - strict_variables: - platform: ubuntu-14.10-amd64 - hypervisor : docker - image: ubuntu:14.10 - docker_preserve_image: true - docker_cmd: '["/sbin/init"]' - docker_image_commands: - - 'apt-get install -y wget' -CONFIG: - type: foss - log_level: debug diff --git a/kmod/spec/acceptance/nodesets/ubuntu-14.10-x86_64-openstack.yml b/kmod/spec/acceptance/nodesets/ubuntu-14.10-x86_64-openstack.yml deleted file mode 100644 index 58a2acd26..000000000 --- a/kmod/spec/acceptance/nodesets/ubuntu-14.10-x86_64-openstack.yml +++ /dev/null @@ -1,14 +0,0 @@ -HOSTS: - ubuntu-1410-x64: - default_apply_opts: - order: random - strict_variables: - platform: ubuntu-14.10-amd64 - hypervisor : openstack - flavor: m1.small - image: ubuntu-1410-latest - user: ubuntu -CONFIG: - type: foss - log_level: debug - openstack_network: default diff --git a/kmod/spec/acceptance/nodesets/ubuntu-15.04-x86_64-docker.yml b/kmod/spec/acceptance/nodesets/ubuntu-15.04-x86_64-docker.yml deleted file mode 100644 index caed722c2..000000000 --- a/kmod/spec/acceptance/nodesets/ubuntu-15.04-x86_64-docker.yml +++ /dev/null @@ -1,15 +0,0 @@ -HOSTS: - ubuntu-1504-x64: - default_apply_opts: - order: random - strict_variables: - platform: ubuntu-15.04-amd64 - hypervisor : docker - image: ubuntu:15.04 - docker_preserve_image: true - docker_cmd: '["/sbin/init"]' - docker_image_commands: - - 'apt-get install -y wget' -CONFIG: - type: foss - log_level: debug diff --git a/kmod/spec/acceptance/nodesets/ubuntu-15.04-x86_64-openstack.yml b/kmod/spec/acceptance/nodesets/ubuntu-15.04-x86_64-openstack.yml deleted file mode 100644 index 22ef76c4e..000000000 --- a/kmod/spec/acceptance/nodesets/ubuntu-15.04-x86_64-openstack.yml +++ /dev/null @@ -1,14 +0,0 @@ -HOSTS: - ubuntu-1504-x64: - default_apply_opts: - order: random - strict_variables: - platform: ubuntu-15.04-amd64 - hypervisor : openstack - flavor: m1.small - image: ubuntu-1504-latest - user: ubuntu -CONFIG: - type: foss - log_level: debug - openstack_network: default diff --git a/kmod/spec/classes/kmod_spec.rb b/kmod/spec/classes/kmod_spec.rb deleted file mode 100644 index f37f8c096..000000000 --- a/kmod/spec/classes/kmod_spec.rb +++ /dev/null @@ -1,26 +0,0 @@ -require 'spec_helper' - -describe 'kmod', :type => :class do - - on_supported_os.each do |os, facts| - context "on #{os} with augeas 0.8.9" do - let(:facts) do facts.merge({:augeasversion => '0.8.9'}) end - it do - expect { - should compile - }.to raise_error(/Augeas 0.10.0 or higher required/) - end - end - context "on #{os}" do - let(:facts) do - facts.merge( { :augeasversion => '1.2.0' } ) - end - - it { should contain_class('kmod') } - it { should contain_file('/etc/modprobe.d').with({ 'ensure' => 'directory' }) } - ['modprobe.conf','aliases.conf','blacklist.conf'].each do |file| - it { should contain_file("/etc/modprobe.d/#{file}").with({ 'ensure' => 'file' }) } - end - end - end -end diff --git a/kmod/spec/defines/kmod_alias_spec.rb b/kmod/spec/defines/kmod_alias_spec.rb deleted file mode 100644 index 298009e40..000000000 --- a/kmod/spec/defines/kmod_alias_spec.rb +++ /dev/null @@ -1,42 +0,0 @@ -require 'spec_helper' - -describe 'kmod::alias', :type => :define do - let(:title) { 'foo' } - - on_supported_os.each do |os, facts| - context "on #{os}" do - let(:facts) do - facts.merge( {:augeasversion => '1.2.0'} ) - end - - let(:default_params) do { :source =>'bar', :file => '/baz' } end - - context 'when a file is specified' do - let(:params) do default_params end - it { should contain_kmod__alias('foo') } - it { should contain_kmod__setting('kmod::alias foo') .with({ - 'ensure' => 'present', - 'module' => 'foo', - 'file' => '/baz', - 'category' => 'alias', - 'option' => 'modulename', - 'value' => 'bar' - }) } - end - - context 'when a file is specified and an aliasname' do - let(:params) do default_params.merge!({ :aliasname => 'tango' }) end - it { should contain_kmod__alias('foo') } - it { should contain_kmod__setting('kmod::alias foo') .with({ - 'ensure' => 'present', - 'module' => 'tango', - 'file' => '/baz', - 'category' => 'alias', - 'option' => 'modulename', - 'value' => 'bar' - }) } - end - - end - end -end diff --git a/kmod/spec/defines/kmod_blacklist_spec.rb b/kmod/spec/defines/kmod_blacklist_spec.rb deleted file mode 100644 index 908eebd65..000000000 --- a/kmod/spec/defines/kmod_blacklist_spec.rb +++ /dev/null @@ -1,49 +0,0 @@ -require 'spec_helper' - -describe 'kmod::blacklist', :type => :define do - let(:title) { 'foo' } - - on_supported_os.each do |os, facts| - context "on #{os}" do - let(:facts) do - facts.merge({ - :augeasversion => '1.2.0', - }) - end - - context 'when ensure is set to present' do - let(:params) do { :ensure => 'present', :file => '/bar/baz' } end - it { should contain_kmod__blacklist('foo') } - it { should contain_kmod__setting('kmod::blacklist foo').with({ - 'ensure' => 'present', - 'category' => 'blacklist', - 'module' => 'foo', - 'file' => '/bar/baz' - }) } - end - - - context 'when file is not specified' do - let(:params) do { :ensure => 'present' } end - it { should contain_kmod__blacklist('foo') } - it { should contain_kmod__setting('kmod::blacklist foo').with({ - 'ensure' => 'present', - 'category' => 'blacklist', - 'module' => 'foo', - 'file' => '/etc/modprobe.d/blacklist.conf' - }) } - end - - context 'when ensure is set to absent' do - let(:params) do { :ensure => 'absent', :file => '/bar/baz' } end - it { should contain_kmod__blacklist('foo') } - it { should contain_kmod__setting('kmod::blacklist foo').with({ - 'ensure' => 'absent', - 'category' => 'blacklist', - 'module' => 'foo', - 'file' => '/bar/baz' - }) } - end - end - end -end diff --git a/kmod/spec/defines/kmod_install_spec.rb b/kmod/spec/defines/kmod_install_spec.rb deleted file mode 100644 index a8937ccf9..000000000 --- a/kmod/spec/defines/kmod_install_spec.rb +++ /dev/null @@ -1,26 +0,0 @@ -require 'spec_helper' - -describe 'kmod::install', :type => :define do - let(:title) { 'foo' } - - on_supported_os.each do |os, facts| - context "on #{os}" do - let(:facts) do - facts.merge({ - :augeasversion => '1.2.0', - }) - end - - let(:params) do { :ensure => 'present', :command => '/bin/true', :file => '/etc/modprobe.d/modprobe.conf' } end - it { should contain_kmod__install('foo') } - it { should contain_kmod__setting('kmod::install foo').with({ - 'ensure' => 'present', - 'category' => 'install', - 'module' => 'foo', - 'option' => 'command', - 'value' => '/bin/true', - 'file' => '/etc/modprobe.d/modprobe.conf' - }) } - end - end -end diff --git a/kmod/spec/defines/kmod_load_spec.rb b/kmod/spec/defines/kmod_load_spec.rb deleted file mode 100644 index 0e124b23e..000000000 --- a/kmod/spec/defines/kmod_load_spec.rb +++ /dev/null @@ -1,67 +0,0 @@ -require 'spec_helper' - -describe 'kmod::load', :type => :define do - let(:title) { 'foo' } - - on_supported_os.each do |os, facts| - context "on #{os}" do - let(:facts) do - facts.merge( { :augeasversion => '1.2.0' } ) - end - - context 'with ensure set to present' do - let(:params) do { :ensure => 'present', :file => '/foo/bar' } end - it { should contain_kmod__load('foo') } - it { should contain_exec('modprobe foo').with({'unless' => "egrep -q '^foo ' /proc/modules"}) } - - case facts[:osfamily] - when 'Debian' - it { should contain_augeas('Manage foo in /foo/bar').with({ - 'incl' => '/foo/bar', - 'lens' => 'Modules.lns', - 'changes' => "clear 'foo'" - }) } - when 'Suse' - it { should contain_augeas('sysconfig_kernel_MODULES_LOADED_ON_BOOT_foo').with({ - 'incl' => '/foo/bar', - 'lens' => 'Shellvars_list.lns', - 'changes' => "set MODULES_LOADED_ON_BOOT/value[.='foo'] 'foo'" - }) } - when 'RedHat' - it { should contain_file('/etc/sysconfig/modules/foo.modules').with({ - 'ensure' => 'present', - 'mode' => '0755', - 'content' => /exec \/sbin\/modprobe foo > \/dev\/null 2>&1/ - })} - end - end - - context 'with ensure set to absent' do - let(:params) do { :ensure => 'absent', :file => '/foo/bar' } end - it { should contain_kmod__load('foo') } - it { should contain_exec('modprobe -r foo').with({ 'onlyif' => "egrep -q '^foo ' /proc/modules" }) } - - case facts[:osfamily] - when 'Debian' - it { should contain_augeas('Manage foo in /foo/bar').with({ - 'incl' => '/foo/bar', - 'lens' => 'Modules.lns', - 'changes' => "rm 'foo'" - })} - when 'Suse' - it { should contain_augeas('sysconfig_kernel_MODULES_LOADED_ON_BOOT_foo').with({ - 'incl' => '/foo/bar', - 'lens' => 'Shellvars_list.lns', - 'changes' => "rm MODULES_LOADED_ON_BOOT/value[.='foo']" - }) } - when 'RedHat' - it { should contain_file('/etc/sysconfig/modules/foo.modules').with({ - 'ensure' => 'absent', - 'mode' => '0755', - 'content' => /exec \/sbin\/modprobe foo > \/dev\/null 2>&1/ - })} - end - end - end - end -end diff --git a/kmod/spec/defines/kmod_setting_spec.rb b/kmod/spec/defines/kmod_setting_spec.rb deleted file mode 100644 index 5f3673427..000000000 --- a/kmod/spec/defines/kmod_setting_spec.rb +++ /dev/null @@ -1,40 +0,0 @@ -require 'spec_helper' - -describe 'kmod::setting', :type => :define do - let(:title) { 'foo' } - - on_supported_os.each do |os, facts| - context "on #{os}" do - let(:facts) do - facts.merge({ - :augeasversion => '1.2.0', - }) - end - - let(:default_params) do { :file => 'modprobe.conf' } end - let(:params) do default_params end - - context 'add an alias' do - let(:params) do default_params.merge({ :category => 'alias', :option => 'modulename', :value => 'tango' }) end - it { should contain_kmod__setting('foo')} - it { should contain_augeas('kmod::setting foo foo').with({ - 'incl' => 'modprobe.conf', - 'lens' => 'Modprobe.lns', - 'changes' => [ "set alias[. = 'foo'] foo", "set alias[. = 'foo']/modulename tango" ], - 'require' => 'File[modprobe.conf]' - })} - end - context 'add a blacklist' do - let(:params) do { :file => '/etc/modprobe.d/blacklist.conf', :category => 'blacklist' } end - it { should contain_kmod__setting('foo')} - it { should contain_augeas('kmod::setting foo foo').with({ - 'incl' => '/etc/modprobe.d/blacklist.conf', - 'lens' => 'Modprobe.lns', - 'changes' => [ "set blacklist[. = 'foo'] foo" ], - 'require' => 'File[/etc/modprobe.d/blacklist.conf]' - })} - end - - end - end -end diff --git a/kmod/spec/spec.opts b/kmod/spec/spec.opts deleted file mode 100644 index 91cd6427e..000000000 --- a/kmod/spec/spec.opts +++ /dev/null @@ -1,6 +0,0 @@ ---format -s ---colour ---loadby -mtime ---backtrace diff --git a/kmod/spec/spec_helper.rb b/kmod/spec/spec_helper.rb deleted file mode 100644 index 94d30d5ce..000000000 --- a/kmod/spec/spec_helper.rb +++ /dev/null @@ -1,42 +0,0 @@ -require 'puppetlabs_spec_helper/module_spec_helper' -require 'rspec-puppet-facts' -include RspecPuppetFacts - - -RSpec.configure do |c| - c.include PuppetlabsSpec::Files - - c.before :each do - # Store any environment variables away to be restored later - @old_env = {} - ENV.each_key {|k| @old_env[k] = ENV[k]} - - c.strict_variables = Gem::Version.new(Puppet.version) >= Gem::Version.new('3.5') - Puppet.features.stubs(:root?).returns(true) - end - - c.after :each do - PuppetlabsSpec::Files.cleanup - end -end - -require 'pathname' -dir = Pathname.new(__FILE__).parent -Puppet[:modulepath] = File.join(dir, 'fixtures', 'modules') - -# There's no real need to make this version dependent, but it helps find -# regressions in Puppet -# -# 1. Workaround for issue #16277 where default settings aren't initialised from -# a spec and so the libdir is never initialised (3.0.x) -# 2. Workaround for 2.7.20 that now only loads types for the current node -# environment (#13858) so Puppet[:modulepath] seems to get ignored -# 3. Workaround for 3.5 where context hasn't been configured yet, -# ticket https://tickets.puppetlabs.com/browse/MODULES-823 -# -ver = Gem::Version.new(Puppet.version.split('-').first) -if Gem::Requirement.new("~> 2.7.20") =~ ver || Gem::Requirement.new("~> 3.0.0") =~ ver || Gem::Requirement.new("~> 3.5") =~ ver || Gem::Requirement.new("~> 4.0") - puts "augeasproviders: setting Puppet[:libdir] to work around broken type autoloading" - # libdir is only a single dir, so it can only workaround loading of one external module - Puppet[:libdir] = "#{Puppet[:modulepath]}/augeasproviders_core/lib" -end diff --git a/kmod/templates/redhat.modprobe.erb b/kmod/templates/redhat.modprobe.erb deleted file mode 100644 index 389df3418..000000000 --- a/kmod/templates/redhat.modprobe.erb +++ /dev/null @@ -1,5 +0,0 @@ -#!/bin/sh - -# file managed by puppet - -exec /sbin/modprobe <%= @name %> > /dev/null 2>&1 diff --git a/manila/.gitignore b/manila/.gitignore deleted file mode 100644 index 61092bdaf..000000000 --- a/manila/.gitignore +++ /dev/null @@ -1,15 +0,0 @@ -pkg/ -Gemfile.lock -vendor/ -spec/fixtures/ -.vagrant/ -.bundle/ -coverage/ -.idea/ -*.swp -*.iml -openstack/ - -# Files created by releasenotes build -releasenotes/build -.tox diff --git a/manila/.gitreview b/manila/.gitreview deleted file mode 100644 index c60fb000a..000000000 --- a/manila/.gitreview +++ /dev/null @@ -1,5 +0,0 @@ -[gerrit] -host=review.openstack.org -port=29418 -project=openstack/puppet-manila.git -defaultbranch=stable/mitaka diff --git a/manila/CHANGELOG.md b/manila/CHANGELOG.md deleted file mode 100644 index 74d76efac..000000000 --- a/manila/CHANGELOG.md +++ /dev/null @@ -1,51 +0,0 @@ -## 8.0.0 and beyond - -From 8.0.0 release and beyond, release notes are published on -[docs.openstack.org](http://docs.openstack.org/releasenotes/puppet-manila/). - -##2015-11-25 - 7.0.0 -###Summary - -This is a backwards-incompatible major release for OpenStack Liberty. - -####Backwards-incompatible changes -- rabbitmq: do not manage rabbitmq service anymore -- move qpid settings to oslo_messaging_qpid section - -####Features -- keystone/auth: make service description configurable -- add related parameters to manila::quota -- add tag to package and service resources -- add support to configure GlusterFS drivers with Manila shares -- reflect provider change in puppet-openstacklib -- put all the logging related parameters to the logging class -- simplify rpc_backend parameter -- add options to enable Manila to run with NFS-Ganesha backend -- introduce manila::db class -- db: Use postgresql lib class for psycopg package -- add related parameters to oslo_messaging_amqp section - -####Bugfixes -- rely on autorequire for config resource ordering -- api: require ::keystone::python - -####Maintenance -- acceptance: enable debug & verbosity for OpenStack logs -- initial msync run for all Puppet OpenStack modules -- fix rspec 3.x syntax -- try to use zuul-cloner to prepare fixtures -- remove class_parameter_defaults puppet-lint check -- acceptance: use common bits from puppet-openstack-integration - -##2015-10-10 - 6.1.0 -### Summary - -This is a maintenance release in the Kilo series. - -####Maintenance -- acceptance: checkout stable/kilo puppet modules - -##2015-07-08 - 6.0.0 -###Summary - -- Initial release of the puppet-manila module diff --git a/manila/Gemfile b/manila/Gemfile deleted file mode 100644 index 5728ff7e7..000000000 --- a/manila/Gemfile +++ /dev/null @@ -1,22 +0,0 @@ -source ENV['GEM_SOURCE'] || "https://rubygems.org" - -group :development, :test, :system_tests do - gem 'puppet-openstack_spec_helper', - :git => 'https://git.openstack.org/openstack/puppet-openstack_spec_helper', - :branch => 'stable/mitaka', - :require => false -end - -if facterversion = ENV['FACTER_GEM_VERSION'] - gem 'facter', facterversion, :require => false -else - gem 'facter', :require => false -end - -if puppetversion = ENV['PUPPET_GEM_VERSION'] - gem 'puppet', puppetversion, :require => false -else - gem 'puppet', :require => false -end - -# vim:ft=ruby diff --git a/manila/LICENSE b/manila/LICENSE deleted file mode 100644 index 88a11a0e7..000000000 --- a/manila/LICENSE +++ /dev/null @@ -1,13 +0,0 @@ -Copyright 2012 OpenStack Foundation - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. diff --git a/manila/README.md b/manila/README.md deleted file mode 100644 index 4078c4c2f..000000000 --- a/manila/README.md +++ /dev/null @@ -1,100 +0,0 @@ -manila -======= - -#### Table of Contents - -1. [Overview - What is the manila module?](#overview) -2. [Module Description - What does the module do?](#module-description) -3. [Setup - The basics of getting started with manila](#setup) -4. [Implementation - An under-the-hood peek at what the module is doing](#implementation) -5. [Development - Guide for contributing to the module](#development) -6. [Contributors - Those with commits](#contributors) - -Overview --------- - -The manila module is part of [OpenStack](https://github.com/openstack), an effort by the OpenStack infrastructure team to provide continuous integration testing and code review for OpenStack and OpenStack community projects as part of the core software. The module itself is used to flexibly configure and manage the file system service for OpenStack. - -Module Description ------------------- - -The manila module is a thorough attempt to make Puppet capable of managing the entirety of manila. This includes manifests to provision such things as keystone endpoints, RPC configurations specific to manila, and database connections. - -This module is tested in combination with other modules needed to build and leverage an entire OpenStack software stack. - -Setup ------ - -**What the manila module affects** - -* [Manila](https://wiki.openstack.org/wiki/Manila), the file system service for OpenStack. - -### Installing manila - - puppet module install openstack/manila - -### Beginning with manila - -To utilize the manila module's functionality you will need to declare multiple resources. [TODO: add example] - - -Implementation --------------- - -### manila - -manila is a combination of Puppet manifests and ruby code to delivery configuration and extra functionality through types and providers. - -### Types - -#### manila_config - -The `manila_config` provider is a children of the ini_setting provider. It allows one to write an entry in the `/etc/manila/manila.conf` file. - -```puppet -manila_config { 'DEFAULT/verbose' : - value => true, -} -``` - -This will write `verbose=true` in the `[DEFAULT]` section. - -##### name - -Section/setting name to manage from `manila.conf` - -##### value - -The value of the setting to be defined. - -##### secret - -Whether to hide the value from Puppet logs. Defaults to `false`. - -##### ensure_absent_val - -If value is equal to ensure_absent_val then the resource will behave as if `ensure => absent` was specified. Defaults to `` - -Beaker-Rspec ------------- - -This module has beaker-rspec tests - -To run: - -``shell -bundle install -bundle exec rspec spec/acceptance -`` - -Development ------------ - -Developer documentation for the entire puppet-openstack project. - -* https://wiki.openstack.org/wiki/Puppet-openstack#Developer_documentation - -Contributors ------------- - -* https://github.com/openstack/puppet-manila/graphs/contributors diff --git a/manila/Rakefile b/manila/Rakefile deleted file mode 100644 index 168d10814..000000000 --- a/manila/Rakefile +++ /dev/null @@ -1 +0,0 @@ -require 'puppet-openstack_spec_helper/rake_tasks' diff --git a/manila/lib/puppet/provider/manila_api_paste_ini/ini_setting.rb b/manila/lib/puppet/provider/manila_api_paste_ini/ini_setting.rb deleted file mode 100644 index de4c35c86..000000000 --- a/manila/lib/puppet/provider/manila_api_paste_ini/ini_setting.rb +++ /dev/null @@ -1,10 +0,0 @@ -Puppet::Type.type(:manila_api_paste_ini).provide( - :ini_setting, - :parent => Puppet::Type.type(:openstack_config).provider(:ini_setting) -) do - - def self.file_path - '/etc/manila/api-paste.ini' - end - -end diff --git a/manila/lib/puppet/provider/manila_config/ini_setting.rb b/manila/lib/puppet/provider/manila_config/ini_setting.rb deleted file mode 100644 index 988966861..000000000 --- a/manila/lib/puppet/provider/manila_config/ini_setting.rb +++ /dev/null @@ -1,10 +0,0 @@ -Puppet::Type.type(:manila_config).provide( - :ini_setting, - :parent => Puppet::Type.type(:openstack_config).provider(:ini_setting) -) do - - def self.file_path - '/etc/manila/manila.conf' - end - -end diff --git a/manila/lib/puppet/type/manila_api_paste_ini.rb b/manila/lib/puppet/type/manila_api_paste_ini.rb deleted file mode 100644 index 85c5db985..000000000 --- a/manila/lib/puppet/type/manila_api_paste_ini.rb +++ /dev/null @@ -1,52 +0,0 @@ -Puppet::Type.newtype(:manila_api_paste_ini) do - - ensurable - - newparam(:name, :namevar => true) do - desc 'Section/setting name to manage from /etc/manila/api-paste.ini' - newvalues(/\S+\/\S+/) - end - - newproperty(:value) do - desc 'The value of the setting to be defined.' - munge do |value| - value = value.to_s.strip - value.capitalize! if value =~ /^(true|false)$/i - value - end - - def is_to_s( currentvalue ) - if resource.secret? - return '[old secret redacted]' - else - return currentvalue - end - end - - def should_to_s( newvalue ) - if resource.secret? - return '[new secret redacted]' - else - return newvalue - end - end - end - - newparam(:secret, :boolean => true) do - desc 'Whether to hide the value from Puppet logs. Defaults to `false`.' - - newvalues(:true, :false) - - defaultto false - end - - newparam(:ensure_absent_val) do - desc 'A value that is specified as the value property will behave as if ensure => absent was specified' - defaultto('') - end - - autorequire(:package) do - 'manila' - end - -end diff --git a/manila/lib/puppet/type/manila_config.rb b/manila/lib/puppet/type/manila_config.rb deleted file mode 100644 index 8fa8d0895..000000000 --- a/manila/lib/puppet/type/manila_config.rb +++ /dev/null @@ -1,53 +0,0 @@ -Puppet::Type.newtype(:manila_config) do - - ensurable - - newparam(:name, :namevar => true) do - desc 'Section/setting name to manage from manila.conf' - newvalues(/\S+\/\S+/) - end - - newproperty(:value) do - desc 'The value of the setting to be defined.' - munge do |value| - value = value.to_s.strip - value.capitalize! if value =~ /^(true|false)$/i - value - end - newvalues(/^[\S ]*$/) - - def is_to_s( currentvalue ) - if resource.secret? - return '[old secret redacted]' - else - return currentvalue - end - end - - def should_to_s( newvalue ) - if resource.secret? - return '[new secret redacted]' - else - return newvalue - end - end - end - - newparam(:secret, :boolean => true) do - desc 'Whether to hide the value from Puppet logs. Defaults to `false`.' - - newvalues(:true, :false) - - defaultto false - end - - newparam(:ensure_absent_val) do - desc 'A value that is specified as the value property will behave as if ensure => absent was specified' - defaultto('') - end - - autorequire(:package) do - 'manila' - end - -end diff --git a/manila/manifests/api.pp b/manila/manifests/api.pp deleted file mode 100644 index 68a021506..000000000 --- a/manila/manifests/api.pp +++ /dev/null @@ -1,196 +0,0 @@ -# == Class: manila::api -# -# Setup and configure the manila API endpoint -# -# === Parameters -# -# [*keystone_password*] -# The password to use for authentication (keystone) -# -# [*keystone_enabled*] -# (optional) Use keystone for authentification -# Defaults to true -# -# [*keystone_tenant*] -# (optional) The tenant of the auth user -# Defaults to services -# -# [*keystone_user*] -# (optional) The name of the auth user -# Defaults to manila -# -# [*keystone_auth_host*] -# (optional) The keystone host -# Defaults to localhost -# -# [*keystone_auth_port*] -# (optional) The keystone auth port -# Defaults to 35357 -# -# [*keystone_auth_protocol*] -# (optional) The protocol used to access the auth host -# Defaults to http. -# -# [*os_region_name*] -# (optional) Some operations require manila to make API requests -# to Nova. This sets the keystone region to be used for these -# requests. For example, boot-from-share. -# Defaults to undef. -# -# [*keystone_auth_admin_prefix*] -# (optional) The admin_prefix used to admin endpoint of the auth host -# This allow admin auth URIs like http://auth_host:35357/keystone. -# (where '/keystone' is the admin prefix) -# Defaults to false for empty. If defined, should be a string with a -# leading '/' and no trailing '/'. -# -# [*keystone_auth_uri*] -# (Optional) Public Identity API endpoint. -# Defaults to false. -# -# [*service_port*] -# (optional) The manila api port -# Defaults to 5000 -# -# [*package_ensure*] -# (optional) The state of the package -# Defaults to present -# -# [*bind_host*] -# (optional) The manila api bind address -# Defaults to 0.0.0.0 -# -# [*enabled*] -# (optional) The state of the service -# Defaults to true -# -# [*manage_service*] -# (optional) Whether to start/stop the service -# Defaults to true -# -# [*ratelimits*] -# (optional) The state of the service -# Defaults to undef. If undefined the default ratelimiting values are used. -# -# [*ratelimits_factory*] -# (optional) Factory to use for ratelimiting -# Defaults to 'manila.api.v1.limits:RateLimitingMiddleware.factory' -# -class manila::api ( - $keystone_password, - $keystone_enabled = true, - $keystone_tenant = 'services', - $keystone_user = 'manila', - $keystone_auth_host = 'localhost', - $keystone_auth_port = '35357', - $keystone_auth_protocol = 'http', - $keystone_auth_admin_prefix = false, - $keystone_auth_uri = false, - $os_region_name = undef, - $service_port = '5000', - $package_ensure = 'present', - $bind_host = '0.0.0.0', - $enabled = true, - $manage_service = true, - $ratelimits = undef, - $ratelimits_factory = - 'manila.api.v1.limits:RateLimitingMiddleware.factory' -) { - - include ::manila::params - require ::keystone::python - - Manila_config<||> ~> Service['manila-api'] - Manila_api_paste_ini<||> ~> Service['manila-api'] - - if $::manila::params::api_package { - Package['manila-api'] -> Service['manila-api'] - package { 'manila-api': - ensure => $package_ensure, - name => $::manila::params::api_package, - tag => ['openstack', 'manila-package'], - } - } - - if $enabled { - - Manila_config<||> ~> Exec['manila-manage db_sync'] - - exec { 'manila-manage db_sync': - command => $::manila::params::db_sync_command, - path => '/usr/bin', - user => 'manila', - refreshonly => true, - logoutput => 'on_failure', - require => Package['manila'], - } - if $manage_service { - $ensure = 'running' - } - } else { - if $manage_service { - $ensure = 'stopped' - } - } - - service { 'manila-api': - ensure => $ensure, - name => $::manila::params::api_service, - enable => $enabled, - hasstatus => true, - require => Package['manila'], - tag => 'manila-service', - } - - manila_config { - 'DEFAULT/osapi_share_listen': value => $bind_host, - } - - if $os_region_name { - manila_config { - 'DEFAULT/os_region_name': value => $os_region_name; - } - } - - if $keystone_auth_uri { - manila_api_paste_ini { 'filter:authtoken/auth_uri': value => $keystone_auth_uri; } - } else { - manila_api_paste_ini { 'filter:authtoken/auth_uri': value => "${keystone_auth_protocol}://${keystone_auth_host}:${service_port}/"; } - } - - if $keystone_enabled { - manila_config { - 'DEFAULT/auth_strategy': value => 'keystone' ; - } - manila_api_paste_ini { - 'filter:authtoken/service_protocol': value => $keystone_auth_protocol; - 'filter:authtoken/service_host': value => $keystone_auth_host; - 'filter:authtoken/service_port': value => $service_port; - 'filter:authtoken/auth_protocol': value => $keystone_auth_protocol; - 'filter:authtoken/auth_host': value => $keystone_auth_host; - 'filter:authtoken/auth_port': value => $keystone_auth_port; - 'filter:authtoken/admin_tenant_name': value => $keystone_tenant; - 'filter:authtoken/admin_user': value => $keystone_user; - 'filter:authtoken/admin_password': value => $keystone_password, secret => true; - } - - if ($ratelimits != undef) { - manila_api_paste_ini { - 'filter:ratelimit/paste.filter_factory': value => $ratelimits_factory; - 'filter:ratelimit/limits': value => $ratelimits; - } - } - - if $keystone_auth_admin_prefix { - validate_re($keystone_auth_admin_prefix, '^(/.+[^/])?$') - manila_api_paste_ini { - 'filter:authtoken/auth_admin_prefix': value => $keystone_auth_admin_prefix; - } - } else { - manila_api_paste_ini { - 'filter:authtoken/auth_admin_prefix': ensure => absent; - } - } - } - -} diff --git a/manila/manifests/backend/generic.pp b/manila/manifests/backend/generic.pp deleted file mode 100644 index ec815f7ad..000000000 --- a/manila/manifests/backend/generic.pp +++ /dev/null @@ -1,111 +0,0 @@ -# ==define manila::backend::generic -# -# ===Parameters -# -# [*driver_handles_share_servers*] -# (required) Denotes whether the driver should handle the responsibility of -# managing share servers. This must be set to false if the driver is to -# operate without managing share servers. -# -# [*share_backend_name*] -# (optional) Name of the backend in manila.conf that -# these settings will reside in -# -# [*smb_template_config_path*] -# (optional) Path to smb config. -# Defaults to: $state_path/smb.conf -# -# [*volume_name_template*] -# (optional) Volume name template. -# Defaults to: manila-share-%s -# -# [*volume_snapshot_name_template*] -# (optional) Volume snapshot name template. -# Defaults to: manila-snapshot-%s -# -# [*share_mount_path*] -# (optional) Parent path in service instance where shares will be mounted. -# Defaults to: /shares -# -# [*max_time_to_create_volume*] -# (optional) Maximum time to wait for creating cinder volume. -# Defaults to: 180 -# -# [*max_time_to_attach*] -# (optional) Maximum time to wait for attaching cinder volume. -# Defaults to: 120 -# -# [*service_instance_smb_config_path*] -# (optional) Path to smb config in service instance. -# Defaults to: $share_mount_path/smb.conf -# -# [*share_volume_fstype*] -# (optional) Filesystem type of the share volume. -# Choices: 'ext4', 'ext3' -# Defaults to: ext4 -# -# [*share_helpers*] -# (optional) Specify list of share export helpers. -# Defaults to: ['CIFS=manila.share.drivers.generic.CIFSHelper', -# 'NFS=manila.share.drivers.generic.NFSHelper'] -# -# [*cinder_volume_type*] -# (optional) Name or id of cinder volume type which will be used for all -# volumes created by driver. -# -# [*delete_share_server_with_last_share*] -# (optional) With this option is set to True share server willbe deleted -# on deletion of last share. -# Defaults to: False -# -# [*unmanage_remove_access_rules*] -# (optional) If set to True, then manila will deny access and remove all -# access rules on share unmanage. If set to False - nothing will be changed. -# Defaults to: False -# -# [*automatic_share_server_cleanup*] -# (optional) If set to True, then Manila will delete all share servers which -# were unused more than specified time. If set to False, automatic deletion -# of share servers will be disabled. -# Defaults to: True -# -define manila::backend::generic ( - $driver_handles_share_servers, - $share_backend_name = $name, - $smb_template_config_path = '$state_path/smb.conf', - $volume_name_template = 'manila-share-%s', - $volume_snapshot_name_template = 'manila-snapshot-%s', - $share_mount_path = '/shares', - $max_time_to_create_volume = 180, - $max_time_to_attach = 120, - $service_instance_smb_config_path = '$share_mount_path/smb.conf', - $share_volume_fstype = 'ext4', - $share_helpers = ['CIFS=manila.share.drivers.generic.CIFSHelper', - 'NFS=manila.share.drivers.generic.NFSHelper'], - $cinder_volume_type = undef, - $delete_share_server_with_last_share = 'False', - $unmanage_remove_access_rules = 'False', - $automatic_share_server_cleanup = 'True', -) { - - $share_driver = 'manila.share.drivers.generic.GenericShareDriver' - - manila_config { - "${name}/driver_handles_share_servers": value => $driver_handles_share_servers; - "${name}/share_backend_name": value => $share_backend_name; - "${name}/share_driver": value => $share_driver; - "${name}/smb_template_config_path": value => $smb_template_config_path; - "${name}/volume_name_template": value => $volume_name_template; - "${name}/volume_snapshot_name_template": value => $volume_snapshot_name_template; - "${name}/share_mount_path": value => $share_mount_path; - "${name}/max_time_to_create_volume": value => $max_time_to_create_volume; - "${name}/max_time_to_attach": value => $max_time_to_attach; - "${name}/service_instance_smb_config_path": value => $service_instance_smb_config_path; - "${name}/share_volume_fstype": value => $share_volume_fstype; - "${name}/share_helpers": value => join($share_helpers, ','); - "${name}/cinder_volume_type": value => $cinder_volume_type; - "${name}/delete_share_server_with_last_share": value => $delete_share_server_with_last_share; - "${name}/unmanage_remove_access_rules": value => $unmanage_remove_access_rules; - "${name}/automatic_share_server_cleanup": value => $automatic_share_server_cleanup; - } -} diff --git a/manila/manifests/backend/glusterfs.pp b/manila/manifests/backend/glusterfs.pp deleted file mode 100644 index 848eae346..000000000 --- a/manila/manifests/backend/glusterfs.pp +++ /dev/null @@ -1,39 +0,0 @@ -# -# == Class: manila::backend::glusterfs -# -# Configures Manila to use GlusterFS as a share driver -# -# === Parameters -# [*share_backend_name*] -# (optional) Name of the backend in manila.conf that -# these settings will reside in -# -# [*glusterfs_volumes_config*] -# (required) File with the list of Gluster volumes that can be used to -# create shares -# Default to: /etc/manila/glusterfs_volumes -# -# [*glusterfs_mount_point_base*] -# (optional) Base dir containing mount points for Gluster volumes. -# Defaults to: $state_path/mnt -# -# === Examples -# manila::backend::glusterfs { 'myGluster': -# glusterfs_shares = ['192.168.1.1:/shares'], -# } -# -define manila::backend::glusterfs ( - $share_backend_name = $name, - $glusterfs_volumes_config = '/etc/manila/glusterfs_volumes', - $glusterfs_mount_point_base = '$state_path/mnt', -) { - - $share_driver = 'manila.share.drivers.glusterfs.GlusterfsShareDriver' - - manila_config { - "${name}/share_backend_name": value => $share_backend_name; - "${name}/share_driver": value => $share_driver; - "${name}/glusterfs_volumes_config": value => $glusterfs_volumes_config; - "${name}/glusterfs_mount_point_base": value => $glusterfs_mount_point_base; - } -} diff --git a/manila/manifests/backend/glusternative.pp b/manila/manifests/backend/glusternative.pp deleted file mode 100644 index fe30400b1..000000000 --- a/manila/manifests/backend/glusternative.pp +++ /dev/null @@ -1,52 +0,0 @@ -# -# == define: manila::backend::glusternative -# -# Configures Manila to use GlusterFS native as a share driver -# -# === Parameters -# [*share_backend_name*] -# (optional) Name of the backend in manila.conf that -# these settings will reside in -# -# [*glusterfs_servers*] -# (required) List of GlusterFS servers that can be used to create shares. -# Each GlusterFS server should be of the form [remoteuser@], and -# they are assumed to belong to distinct Gluster clusters. -# -# [*glusterfs_native_path_to_private_key*] -# (required) Path of Manila host's private SSH key file. -# -# [*glusterfs_volume_pattern*] -# (required) Regular expression template used to filter GlusterFS volumes for -# share creation. -# -# [*package_ensure*] -# (optional) Ensure state for package. Defaults to 'present'. -# -define manila::backend::glusternative ( - $glusterfs_servers, - $glusterfs_native_path_to_private_key, - $glusterfs_volume_pattern, - $share_backend_name = $name, - $package_ensure = 'present', -) { - - include ::manila::params - - $share_driver = 'manila.share.drivers.glusterfs_native.GlusterfsNativeShareDriver' - - manila_config { - "${share_backend_name}/share_backend_name": value => $share_backend_name; - "${share_backend_name}/share_driver": value => $share_driver; - "${share_backend_name}/glusterfs_servers": value => $glusterfs_servers; - "${share_backend_name}/glusterfs_native_path_to_private_key": value => $glusterfs_native_path_to_private_key; - "${share_backend_name}/glusterfs_volume_pattern": value => $glusterfs_volume_pattern; - } - - package { $::manila::params::gluster_package_name: - ensure => $package_ensure, - } - package { $::manila::params::gluster_client_package_name: - ensure => $package_ensure, - } -} diff --git a/manila/manifests/backend/glusternfs.pp b/manila/manifests/backend/glusternfs.pp deleted file mode 100644 index 1e1ecc340..000000000 --- a/manila/manifests/backend/glusternfs.pp +++ /dev/null @@ -1,65 +0,0 @@ -# -# == define: manila::backend::glusternfs -# -# Configures Manila to use GlusteFS NFS (Ganesha/GlusterNFS) as a share driver -# -# Currently Red Hat is the only supported platform, due to lack of packages -# other platforms are not yet supported. -# -# === Parameters -# [*glusterfs_target*] -# (required) Specifies the GlusterFS volume to be mounted on the Manila host. -# It is of the form [remoteuser@]:/. -# -# [*glusterfs_mount_point_base*] -# (required) Base directory containing mount points for Gluster volumes. -# -# [*glusterfs_nfs_server_type*] -# (required) Type of NFS server that mediate access to the Gluster volumes -# (Gluster or Ganesha). -# Default: Gluster -# -# [*glusterfs_path_to_private_key*] -# (required) Path of Manila host's private SSH key file. -# -# [*glusterfs_ganesha_server_ip*] -# (required) Remote Ganesha server node's IP address. -# -# [*share_backend_name*] -# (optional) Backend name in manila.conf where these settings will reside in. -# -# [*package_ensure*] -# (optional) Ensure state for package. Defaults to 'present'. -# - -define manila::backend::glusternfs ( - $glusterfs_target, - $glusterfs_mount_point_base, - $glusterfs_nfs_server_type, - $glusterfs_path_to_private_key, - $glusterfs_ganesha_server_ip, - $share_backend_name = $name, - $package_ensure = 'present', -) { - - include ::manila::params - - $share_driver = 'manila.share.drivers.glusterfs.GlusterfsShareDriver' - - manila_config { - "${share_backend_name}/share_backend_name": value => $share_backend_name; - "${share_backend_name}/share_driver": value => $share_driver; - "${share_backend_name}/glusterfs_target": value => $glusterfs_target; - "${share_backend_name}/glusterfs_mount_point_base": value => $glusterfs_mount_point_base; - "${share_backend_name}/glusterfs_nfs_server_type": value => $glusterfs_nfs_server_type; - "${share_backend_name}/glusterfs_path_to_private_key": value => $glusterfs_path_to_private_key; - "${share_backend_name}/glusterfs_ganesha_server_ip": value => $glusterfs_ganesha_server_ip; - } - - package { $::manila::params::gluster_package_name: - ensure => $package_ensure, - } - package { $::manila::params::gluster_client_package_name: - ensure => $package_ensure, - } -} diff --git a/manila/manifests/backend/netapp.pp b/manila/manifests/backend/netapp.pp deleted file mode 100644 index 978779983..000000000 --- a/manila/manifests/backend/netapp.pp +++ /dev/null @@ -1,145 +0,0 @@ -# == define: manila::backend::netapp -# -# Configures Manila to use the NetApp unified share driver -# Compatible for multiple backends -# -# === Parameters -# -# [*driver_handles_share_servers*] -# (required) Denotes whether the driver should handle the responsibility of -# managing share servers. This must be set to false if the driver is to -# operate without managing share servers. -# -# [*netapp_login*] -# (required) Administrative user account name used to access the storage -# system. -# -# [*netapp_password*] -# (required) Password for the administrative user account specified in the -# netapp_login parameter. -# -# [*netapp_server_hostname*] -# (required) The hostname (or IP address) for the storage system. -# -# [*share_backend_name*] -# (optional) Name of the backend in manila.conf that -# these settings will reside in -# -# [*netapp_transport_type*] -# (optional) The transport protocol used when communicating with -# the storage system or proxy server. Valid values are -# http or https. -# Defaults to http -# -# [*netapp_storage_family*] -# (optional) The storage family type used on the storage system; valid -# values are ontap_cluster for clustered Data ONTAP. -# Defaults to ontap_cluster -# -# [*netapp_server_port*] -# (optional) The TCP port to use for communication with the storage system -# or proxy server. If not specified, Data ONTAP drivers will use 80 for HTTP -# and 443 for HTTPS. -# -# [*netapp_volume_name_template*] -# (optional) NetApp volume name template. -# Defaults to share_%(share_id)s -# -# [*netapp_vserver*] -# (optional) This option specifies the storage virtual machine (previously -# called a Vserver) name on the storage cluster on which provisioning of -# shared file systems should occur. This option only applies -# when the option driver_handles_share_servers is set to False. -# -# [*netapp_vserver_name_template*] -# (optional) Name template to use for new vserver. This option only applies -# when the option driver_handles_share_servers is set to True. -# Defaults to os_%s -# -# [*netapp_lif_name_template*] -# (optional) Logical interface (LIF) name template. This option only applies -# when the option driver_handles_share_servers is set to True. -# Defaults to os_%(net_allocation_id)s -# -# [*netapp_aggregate_name_search_pattern*] -# (optional) Pattern for searching available aggregates -# for provisioning. -# Defaults to (.*) -# -# [*netapp_root_volume_aggregate*] -# (optional) Name of aggregate to create root volume on. This option only -# applies when the option driver_handles_share_servers is set to True. -# -# [*netapp_root_volume_name*] -# (optional) Root volume name. This option only applies when the option -# driver_handles_share_servers is set to True. -# Defaults to root -# -# [*netapp_port_name_search_pattern*] -# (optional) Pattern for overriding the selection of network ports on which -# to create Vserver LIFs. -# Defaults to (.*) -# -# [*netapp_trace_flags*] -# (optional) This option is a comma-separated list of options (valid values -# include method and api) that controls which trace info is written to the -# Manila logs when the debug level is set to True -# -# === Examples -# -# manila::backend::netapp { 'myBackend': -# driver_handles_share_servers => true, -# netapp_login => 'clusterAdmin', -# netapp_password => 'password', -# netapp_server_hostname => 'netapp.mycorp.com', -# netapp_storage_family => 'ontap_cluster', -# netapp_transport_type => 'https', -# } - -define manila::backend::netapp ( - $driver_handles_share_servers, - $netapp_login, - $netapp_password, - $netapp_server_hostname, - $share_backend_name = $name, - $netapp_transport_type = 'http', - $netapp_storage_family = 'ontap_cluster', - $netapp_server_port = undef, - $netapp_volume_name_template = 'share_%(share_id)s', - $netapp_vserver = undef, - $netapp_vserver_name_template = 'os_%s', - $netapp_lif_name_template = 'os_%(net_allocation_id)s', - $netapp_aggregate_name_search_pattern = '(.*)', - $netapp_root_volume_aggregate = undef, - $netapp_root_volume_name = 'root', - $netapp_port_name_search_pattern = '(.*)', - $netapp_trace_flags = undef, -) { - - validate_string($netapp_password) - - $netapp_share_driver = 'manila.share.drivers.netapp.common.NetAppDriver' - - manila_config { - "${share_backend_name}/share_driver": value => $netapp_share_driver; - "${share_backend_name}/driver_handles_share_servers": value => $driver_handles_share_servers; - "${share_backend_name}/netapp_login": value => $netapp_login; - "${share_backend_name}/netapp_password": value => $netapp_password, secret => true; - "${share_backend_name}/netapp_server_hostname": value => $netapp_server_hostname; - "${share_backend_name}/share_backend_name": value => $share_backend_name; - "${share_backend_name}/netapp_transport_type": value => $netapp_transport_type; - "${share_backend_name}/netapp_storage_family": value => $netapp_storage_family; - "${share_backend_name}/netapp_server_port": value => $netapp_server_port; - "${share_backend_name}/netapp_volume_name_template": value => $netapp_volume_name_template; - "${share_backend_name}/netapp_vserver": value => $netapp_vserver; - "${share_backend_name}/netapp_vserver_name_template": value => $netapp_vserver_name_template; - "${share_backend_name}/netapp_lif_name_template": value => $netapp_lif_name_template; - "${share_backend_name}/netapp_aggregate_name_search_pattern": value => $netapp_aggregate_name_search_pattern; - "${share_backend_name}/netapp_root_volume_aggregate": value => $netapp_root_volume_aggregate; - "${share_backend_name}/netapp_root_volume_name": value => $netapp_root_volume_name; - "${share_backend_name}/netapp_port_name_search_pattern": value => $netapp_port_name_search_pattern; - "${share_backend_name}/netapp_trace_flags": value => $netapp_trace_flags; - } - - package { 'nfs-utils': ensure => present } -} diff --git a/manila/manifests/backends.pp b/manila/manifests/backends.pp deleted file mode 100644 index 841cc5882..000000000 --- a/manila/manifests/backends.pp +++ /dev/null @@ -1,22 +0,0 @@ -# == Class: manila::backends -# -# Class to set the enabled_backends list -# -# === Parameters -# -# [*enabled_share_backends*] -# (Required) a list of ini sections to enable. -# This should contain names used in ceph::backend::* resources. -# Example: ['share1', 'share2', 'sata3'] -# -# Author: Andrew Woodward -class manila::backends ( - $enabled_share_backends = undef -) { - - # Maybe this could be extended to dynamically find the enabled names - manila_config { - 'DEFAULT/enabled_share_backends': value => join($enabled_share_backends, ','); - } - -} diff --git a/manila/manifests/client.pp b/manila/manifests/client.pp deleted file mode 100644 index 6ff77a9e9..000000000 --- a/manila/manifests/client.pp +++ /dev/null @@ -1,20 +0,0 @@ -# == Class: manila::client -# -# Installs Manila python client. -# -# === Parameters -# -# [*package_ensure*] -# Ensure state for package. Defaults to 'present'. -# -class manila::client ( - $package_ensure = 'present' -) { - - include ::manila::params - - package { 'python-manilaclient': - ensure => $package_ensure, - name => $::manila::params::client_package, - } -} diff --git a/manila/manifests/compute/nova.pp b/manila/manifests/compute/nova.pp deleted file mode 100644 index 909b8200c..000000000 --- a/manila/manifests/compute/nova.pp +++ /dev/null @@ -1,59 +0,0 @@ -# == Class: manila::nova -# -# Setup and configure Nova communication -# -# === Parameters -# -# [*nova_catalog_info*] -# (optional) Info to match when looking for nova in the service -# catalog. Format is : separated values of the form: -# :: -# -# [*nova_catalog_admin_info*] -# (optional) Same as nova_catalog_info, but for admin endpoint. -# -# [*os_region_name*] -# (optional) region name of this node -# -# [*nova_ca_certificates_file*] -# (optional) Location of ca certificates file to use for nova client -# requests. -# -# [*nova_api_insecure*] -# (optional) Allow to perform insecure SSL requests to nova -# -# [*nova_admin_username*] -# (optional) Nova admin username -# -# [*nova_admin_password*] -# (optional) Nova admin password -# -# [*nova_admin_tenant_name*] -# (optional) Nova admin tenant name -# -# [*nova_admin_auth_url*] -# (optional) Identity service url -# - -class manila::compute::nova ( - $nova_catalog_info = 'compute:nova:publicURL', - $nova_catalog_admin_info = 'compute:nova:adminURL', - $nova_ca_certificates_file = undef, - $nova_api_insecure = false, - $nova_admin_username = 'nova', - $nova_admin_password = undef, - $nova_admin_tenant_name = 'service', - $nova_admin_auth_url = 'http://localhost:5000/v2.0', -) { - -manila_config { - 'DEFAULT/nova_catalog_info': value => $nova_catalog_info; - 'DEFAULT/nova_catalog_admin_info': value => $nova_catalog_admin_info; - 'DEFAULT/nova_ca_certificates_file':value => $nova_ca_certificates_file; - 'DEFAULT/nova_api_insecure': value => $nova_api_insecure; - 'DEFAULT/nova_admin_username': value => $nova_admin_username; - 'DEFAULT/nova_admin_password': value => $nova_admin_password; - 'DEFAULT/nova_admin_tenant_name': value => $nova_admin_tenant_name; - 'DEFAULT/nova_admin_auth_url': value => $nova_admin_auth_url; - } -} diff --git a/manila/manifests/config.pp b/manila/manifests/config.pp deleted file mode 100644 index 8fd390198..000000000 --- a/manila/manifests/config.pp +++ /dev/null @@ -1,39 +0,0 @@ -# == Class: manila::config -# -# This class is used to manage arbitrary manila configurations. -# -# === Parameters -# -# [*xxx_config*] -# (optional) Allow configuration of arbitrary manila configurations. -# The value is an hash of xxx_config resources. Example: -# { 'DEFAULT/foo' => { value => 'fooValue'}, -# 'DEFAULT/bar' => { value => 'barValue'} -# } -# -# In yaml format, Example: -# xxx_config: -# DEFAULT/foo: -# value: fooValue -# DEFAULT/bar: -# value: barValue -# -# [*manila_config*] -# (optional) Allow configuration of manila.conf configurations. -# -# [*api_paste_ini_config*] -# (optional) Allow configuration of /etc/manila/api-paste.ini configurations. -# -# NOTE: The configuration MUST NOT be already handled by this module -# or Puppet catalog compilation will fail with duplicate resources. -# -class manila::config ( - $manila_config = {}, - $api_paste_ini_config = {}, -) { - validate_hash($manila_config) - validate_hash($api_paste_ini_config) - - create_resources('manila_config', $manila_config) - create_resources('manila_api_paste_ini', $api_paste_ini_config) -} diff --git a/manila/manifests/db.pp b/manila/manifests/db.pp deleted file mode 100644 index dfdc5b19e..000000000 --- a/manila/manifests/db.pp +++ /dev/null @@ -1,101 +0,0 @@ -# == Class: manila::db -# -# Configure the Manila database -# -# === Parameters -# -# [*database_connection*] -# Url used to connect to database. -# (Optional) Defaults to 'sqlite:////var/lib/manila/manila.sqlite'. -# -# [*database_idle_timeout*] -# Timeout when db connections should be reaped. -# (Optional) Defaults to $::os_service_default -# -# [*database_min_pool_size*] -# Minimum number of SQL connections to keep open in a pool. -# (Optional) Defaults to $::os_service_default -# -# [*database_max_pool_size*] -# Maximum number of SQL connections to keep open in a pool. -# (Optional) Defaults to $::os_service_default -# -# [*database_max_retries*] -# Maximum db connection retries during startup. -# Setting -1 implies an infinite retry count. -# (Optional) Defaults to $::os_service_default -# -# [*database_retry_interval*] -# Interval between retries of opening a sql connection. -# (Optional) Defaults to $::os_service_default -# -# [*database_max_overflow*] -# If set, use this value for max_overflow with sqlalchemy. -# (Optional) Defaults to $::os_service_default -# -class manila::db ( - $database_connection = 'sqlite:////var/lib/manila/manila.sqlite', - $database_idle_timeout = $::os_service_default, - $database_min_pool_size = $::os_service_default, - $database_max_pool_size = $::os_service_default, - $database_max_retries = $::os_service_default, - $database_retry_interval = $::os_service_default, - $database_max_overflow = $::os_service_default, -) { - - include ::manila::params - - # NOTE(spredzy): In order to keep backward compatibility we rely on the pick function - # to use manila:: if manila::db:: isn't specified. - $database_connection_real = pick($::manila::sql_connection, $database_connection) - $database_idle_timeout_real = pick($::manila::sql_idle_timeout, $database_idle_timeout) - $database_min_pool_size_real = pick($::manila::database_min_pool_size, $database_min_pool_size) - $database_max_pool_size_real = pick($::manila::database_max_pool_size, $database_max_pool_size) - $database_max_retries_real = pick($::manila::database_max_retries, $database_max_retries) - $database_retry_interval_real = pick($::manila::database_retry_interval, $database_retry_interval) - $database_max_overflow_real = pick($::manila::database_max_overflow, $database_max_overflow) - - validate_re($database_connection_real, - '^(sqlite|mysql(\+pymysql)?|postgresql):\/\/(\S+:\S+@\S+\/\S+)?') - - case $database_connection_real { - /^mysql(\+pymysql)?:\/\//: { - require 'mysql::bindings' - require 'mysql::bindings::python' - if $database_connection_real =~ /^mysql\+pymysql/ { - $backend_package = $::manila::params::pymysql_package_name - } else { - $backend_package = false - } - } - /^postgresql:\/\//: { - $backend_package = false - require 'postgresql::lib::python' - } - /^sqlite:\/\//: { - $backend_package = $::manila::params::sqlite_package_name - } - default: { - fail('Unsupported backend configured') - } - } - - if $backend_package and !defined(Package[$backend_package]) { - package {'manila-backend-package': - ensure => present, - name => $backend_package, - tag => 'openstack', - } - } - - manila_config { - 'database/connection': value => $database_connection_real, secret => true; - 'database/idle_timeout': value => $database_idle_timeout_real; - 'database/min_pool_size': value => $database_min_pool_size_real; - 'database/max_retries': value => $database_max_retries_real; - 'database/retry_interval': value => $database_retry_interval_real; - 'database/max_pool_size': value => $database_max_pool_size_real; - 'database/max_overflow': value => $database_max_overflow_real; - } - -} diff --git a/manila/manifests/db/mysql.pp b/manila/manifests/db/mysql.pp deleted file mode 100644 index 18a9baa14..000000000 --- a/manila/manifests/db/mysql.pp +++ /dev/null @@ -1,65 +0,0 @@ -# The manila::db::mysql class creates a MySQL database for manila. -# It must be used on the MySQL server -# -# == Parameters -# -# [*password*] -# password to connect to the database. Mandatory. -# -# [*dbname*] -# name of the database. Optional. Defaults to manila. -# -# [*user*] -# user to connect to the database. Optional. Defaults to manila. -# -# [*host*] -# the default source host user is allowed to connect from. -# Optional. Defaults to 'localhost' -# -# [*allowed_hosts*] -# other hosts the user is allowd to connect from. -# Optional. Defaults to undef. -# -# [*charset*] -# the database charset. Optional. Defaults to 'utf8' -# -# [*collate*] -# the database collation. Optional. Defaults to 'utf8_general_ci' -# -# [*cluster_id*] -# (Optional) The cluster id. -# Defaults to 'localzone'. -# -# [*mysql_module*] -# (optional) Deprecated. Does nothing. -# -class manila::db::mysql ( - $password, - $dbname = 'manila', - $user = 'manila', - $host = '127.0.0.1', - $allowed_hosts = undef, - $charset = 'utf8', - $collate = 'utf8_general_ci', - $cluster_id = 'localzone', - $mysql_module = undef, -) { - - if $mysql_module { - warning('The mysql_module parameter is deprecated. The latest 2.x mysql module will be used.') - } - - validate_string($password) - - ::openstacklib::db::mysql { 'manila': - user => $user, - password_hash => mysql_password($password), - dbname => $dbname, - host => $host, - charset => $charset, - collate => $collate, - allowed_hosts => $allowed_hosts, - } - - ::Openstacklib::Db::Mysql['manila'] ~> Exec<| title == 'manila-manage db_sync' |> -} diff --git a/manila/manifests/db/postgresql.pp b/manila/manifests/db/postgresql.pp deleted file mode 100644 index ac8b726b6..000000000 --- a/manila/manifests/db/postgresql.pp +++ /dev/null @@ -1,45 +0,0 @@ -# == Class: manila::db::postgresql -# -# Class that configures postgresql for manila -# Requires the Puppetlabs postgresql module. -# -# === Parameters -# -# [*password*] -# (Required) Password to connect to the database. -# -# [*dbname*] -# (Optional) Name of the database. -# Defaults to 'manila'. -# -# [*user*] -# (Optional) User to connect to the database. -# Defaults to 'manila'. -# -# [*encoding*] -# (Optional) The charset to use for the database. -# Default to undef. -# -# [*privileges*] -# (Optional) Privileges given to the database user. -# Default to 'ALL' -# -class manila::db::postgresql( - $password, - $dbname = 'manila', - $user = 'manila', - $encoding = undef, - $privileges = 'ALL', -) { - - ::openstacklib::db::postgresql { 'manila': - password_hash => postgresql_password($user, $password), - dbname => $dbname, - user => $user, - encoding => $encoding, - privileges => $privileges, - } - - ::Openstacklib::Db::Postgresql['manila'] ~> Exec<| title == 'manila-manage db_sync' |> - -} diff --git a/manila/manifests/db/sync.pp b/manila/manifests/db/sync.pp deleted file mode 100644 index 7ece0f159..000000000 --- a/manila/manifests/db/sync.pp +++ /dev/null @@ -1,14 +0,0 @@ -# -class manila::db::sync { - - include ::manila::params - - exec { 'manila-manage db_sync': - command => $::manila::params::db_sync_command, - path => '/usr/bin', - user => 'manila', - refreshonly => true, - require => [File[$::manila::params::manila_conf], Class['manila']], - logoutput => 'on_failure', - } -} diff --git a/manila/manifests/ganesha.pp b/manila/manifests/ganesha.pp deleted file mode 100644 index cf0ac38cf..000000000 --- a/manila/manifests/ganesha.pp +++ /dev/null @@ -1,58 +0,0 @@ -# -# == Class: manila::ganesha -# -# Class to set NFS Ganesha options for share drivers -# -# === Parameters -# [*ganesha_config_dir*] -# (required) Directory where Ganesha config files are stored. -# Defaults to /etc/ganesha -# -# [*ganesha_config_path*] -# (required) Path to main Ganesha config file. -# Defaults to $ganesha_config_dir/ganesha.conf -# -# [*ganesha_service_name*] -# (required) Name of the ganesha nfs service. -# Defaults to ganesha.nfsd -# -# [*ganesha_db_path*] -# (required) Location of Ganesha database file (Ganesha module only). -# Defaults to $state_path/manila-ganesha.db -# -# [*ganesha_export_dir*] -# (required) Path to directory containing Ganesha export configuration. -# (Ganesha module only.) -# Defaults to $ganesha_config_dir/export.d -# -# [*ganesha_export_template_dir*] -# (required) Path to directory containing Ganesha export block templates. -# (Ganesha module only.) -# Defaults to /etc/manila/ganesha-export-templ.d -# -class manila::ganesha ( - $ganesha_config_dir = '/etc/ganesha', - $ganesha_config_path = '/etc/ganesha/ganesha.conf', - $ganesha_service_name = 'ganesha.nfsd', - $ganesha_db_path = '$state_path/manila-ganesha.db', - $ganesha_export_dir = '/etc/ganesha/export.d', - $ganesha_export_template_dir = '/etc/manila/ganesha-export-templ.d', -) { - - manila_config { - 'DEFAULT/ganesha_config_dir': value => $ganesha_config_dir; - 'DEFAULT/ganesha_config_path': value => $ganesha_config_path; - 'DEFAULT/ganesha_service_name': value => $ganesha_service_name; - 'DEFAULT/ganesha_db_path': value => $ganesha_db_path; - 'DEFAULT/ganesha_export_dir': value => $ganesha_export_dir; - 'DEFAULT/ganesha_export_template_dir': value => $ganesha_export_template_dir; - } - - if ($::osfamily == 'RedHat') { - package { 'nfs-ganesha': - ensure => present - } - } else { - warning("Unsupported osfamily ${::osfamily}, Red Hat is the only supported platform.") - } -} diff --git a/manila/manifests/init.pp b/manila/manifests/init.pp deleted file mode 100644 index 34c1a8164..000000000 --- a/manila/manifests/init.pp +++ /dev/null @@ -1,521 +0,0 @@ -# Class: manila -# -# == Parameters -# -# [*sql_connection*] -# Url used to connect to database. -# (Optional) Defaults to undef. -# -# [*sql_idle_timeout*] -# Timeout when db connections should be reaped. -# (Optional) Defaults to undef. -# -# [*database_retry_interval*] -# (optional) Interval between retries of opening a database connection. -# (Defaults to undef) -# -# [*database_min_pool_size*] -# (optional) Minimum number of SQL connections to keep open in a pool. -# Defaults to undef. -# -# [*database_max_pool_size*] -# (optional) Maximum number of SQL connections to keep open in a pool. -# Defaults to undef. -# -# [*database_max_retries*] -# Maximum db connection retries during startup. -# Setting -1 implies an infinite retry count. -# (Optional) Defaults to undef. -# -# [*database_max_overflow*] -# (optional) If set, use this value for max_overflow with sqlalchemy. -# Defaults to undef. -# -# [*state_path*] -# (optional) Directory for storing state. -# Defaults to '/var/lib/manila' -# -# [*control_exchange*] -# (Optional) The default exchange under which topics are scope. -# Defaults to 'openstack'. -# -# [*rpc_backend*] -# (Optional) Use these options to configure the RabbitMQ message system. -# Defaults to 'rabbit' -# -# [*package_ensure*] -# (Optional) Ensure state for package. -# Defaults to 'present' -# -# [*notification_driver*] -# (optional) Driver or drivers to handle sending notifications. -# Defaults to 'messaging' -# -# [*rabbit_host*] -# (Optional) IP or hostname of the rabbit server. -# Defaults to '127.0.0.1' -# -# [*rabbit_port*] -# (Optional) Port of the rabbit server. -# Defaults to 5672. -# -# [*rabbit_hosts*] -# (Optional) Array of host:port (used with HA queues). -# If defined, will remove rabbit_host & rabbit_port parameters from config -# Defaults to undef. -# -# [*rabbit_userid*] -# (Optional) User to connect to the rabbit server. -# Defaults to 'guest' -# -# [*rabbit_password*] -# (Optional) Password to connect to the rabbit_server. -# Defaults to empty. -# -# [*rabbit_virtual_host*] -# (Optional) Virtual_host to use. -# Defaults to '/' -# -# [*rabbit_ha_queues*] -# (optional) Use HA queues in RabbitMQ (x-ha-policy: all). -# Defaults to undef -# -# [*rabbit_use_ssl*] -# (Optional) Connect over SSL for RabbitMQ. -# Defaults to false -# -# [*kombu_ssl_ca_certs*] -# (optional) SSL certification authority file (valid only if SSL enabled). -# Defaults to undef -# -# [*kombu_ssl_certfile*] -# (optional) SSL cert file (valid only if SSL enabled). -# Defaults to undef -# -# [*kombu_ssl_keyfile*] -# (optional) SSL key file (valid only if SSL enabled). -# Defaults to undef -# -# [*kombu_ssl_version*] -# (optional) SSL version to use (valid only if SSL enabled). -# Valid values are TLSv1, SSLv23 and SSLv3. SSLv2 may be -# available on some distributions. -# Defaults to 'TLSv1' -# -# [*amqp_durable_queues*] -# Use durable queues in amqp. -# (Optional) Defaults to false. -# -# [*use_stderr*] -# (optional) Use stderr for logging -# Defaults to undef -# -# [*use_syslog*] -# Use syslog for logging. -# (Optional) Defaults to false. -# -# [*log_facility*] -# Syslog facility to receive log lines. -# (Optional) Defaults to LOG_USER. -# -# [*log_dir*] -# (optional) Directory where logs should be stored. -# If set to boolean false, it will not log to any directory. -# Defaults to '/var/log/manila' -# -# [*use_ssl*] -# (optional) Enable SSL on the API server -# Defaults to false, not set -# -# [*cert_file*] -# (optinal) Certificate file to use when starting API server securely -# Defaults to false, not set -# -# [*key_file*] -# (optional) Private key file to use when starting API server securely -# Defaults to false, not set -# -# [*ca_file*] -# (optional) CA certificate file to use to verify connecting clients -# Defaults to false, not set_ -# -# [*verbose*] -# (Optional) Should the daemons log verbose messages -# Defaults to false -# -# [*debug*] -# (Optional) Should the daemons log debug messages -# Defaults to false -# -# [*api_paste_config*] -# (Optional) Allow Configuration of /etc/manila/api-paste.ini. -# -# [*storage_availability_zone*] -# (optional) Availability zone of the node. -# Defaults to 'nova' -# -# [*rootwrap_config*] -# (optional) Path to the rootwrap configuration file to use for -# running commands as root -# -# [*lock_path*] -# (optional) Location to store Manila locks -# Defaults to '/tmp/manila/manila_locks' -# -# [*amqp_server_request_prefix*] -# address prefix used when sending to a specific server -# Defaults to 'exclusive' -# -# [*amqp_broadcast_prefix*] -# address prefix used when broadcasting to all servers -# Defaults to 'broadcast' -# -# [*amqp_group_request_prefix*] -# address prefix when sending to any server in group -# Defaults to 'unicast' -# -# [*amqp_container_name*] -# Name for the AMQP container -# Defaults to guest -# -# [*amqp_idle_timeout*] -# Timeout for inactive connections (in seconds) -# Defaults to 0 -# -# [*amqp_trace*] -# Debug: dump AMQP frames to stdout -# Defaults to false -# -# [*amqp_ssl_ca_file*] -# (optional) CA certificate PEM file to verify server certificate -# Defaults to undef -# -# [*amqp_ssl_cert_file*] -# (optional) Identifying certificate PEM file to present to clients -# Defaults to undef -# -# [*amqp_ssl_key_file*] -# (optional) Private key PEM file used to sign cert_file certificate -# Defaults to undef -# -# [*amqp_ssl_key_password*] -# (optional) Password for decrypting ssl_key_file (if encrypted) -# Defaults to undef -# -# [*amqp_allow_insecure_clients*] -# (optional) Accept clients using either SSL or plain TCP -# Defaults to false -# -# DEPRECATED PARAMETERS -# -# [*qpid_hostname*] -# (Optional) hostname of the qpid server. -# Defaults to undef. -# -# [*qpid_port*] -# (Optional) Port of the qpid server. -# Defaults to undef. -# -# [*qpid_username*] -# (Optional) User to connect to the qpid server. -# Defaults to undef. -# -# [*qpid_password*] -# (Optional) Password to connect to the qpid_server. -# Defaults to undef. -# -# [*qpid_heartbeat*] -# (Optional) Seconds between connection keepalive heartbeats. -# Defaults to undef. -# -# [*qpid_protocol*] -# (Optional) Transport to use, either 'tcp' or 'ssl'. -# Defaults to undef. -# -# [*qpid_tcp_nodelay*] -# (Optional) Whether to disable the Nagle algorithm. -# Defaults to undef. -# -# [*qpid_reconnect*] -# (Optional) Enable the experimental use of reconnect on connection -# lost. -# Defaults to undef. -# -# [*qpid_reconnect_timeout*] -# (Optional) How long to wait before considering a reconnect attempt -# to have failed. This value should not be longer than rpc_response_timeout. -# Defaults to undef. -# -# [*qpid_reconnect_limit*] -# (Optional) Limit of reconnect on connection lost. -# Defaults to undef. -# -# [*qpid_reconnect_interval*] -# (Optional) Interval between retries of opening a qpid connection. (integer -# value) -# Defaults to undef. -# -# [*qpid_reconnect_interval_min*] -# (Optional) Minimal interval between retries of opening a qpid connection. (integer -# value) -# Defaults to undef. -# -# [*qpid_reconnect_interval_max*] -# (Optional) Miximal interval between retries of opening a qpid connection. (integer -# value) -# Defaults to undef. -# -# [*qpid_sasl_mechanisms*] -# (Optional) Enable one or more SASL mechanisms. -# Defaults to undef. -# -class manila ( - $sql_connection = undef, - $sql_idle_timeout = undef, - $database_max_retries = undef, - $database_retry_interval = undef, - $database_min_pool_size = undef, - $database_max_pool_size = undef, - $database_max_overflow = undef, - $rpc_backend = 'rabbit', - $control_exchange = 'openstack', - $notification_driver = 'messaging', - $rabbit_host = '127.0.0.1', - $rabbit_port = 5672, - $rabbit_hosts = undef, - $rabbit_virtual_host = '/', - $rabbit_userid = 'guest', - $rabbit_password = false, - $rabbit_ha_queues = undef, - $rabbit_use_ssl = false, - $kombu_ssl_ca_certs = undef, - $kombu_ssl_certfile = undef, - $kombu_ssl_keyfile = undef, - $kombu_ssl_version = 'TLSv1', - $amqp_durable_queues = false, - $package_ensure = 'present', - $use_ssl = false, - $ca_file = false, - $cert_file = false, - $key_file = false, - $api_paste_config = '/etc/manila/api-paste.ini', - $use_stderr = undef, - $use_syslog = undef, - $log_facility = undef, - $log_dir = undef, - $verbose = undef, - $debug = undef, - $storage_availability_zone = 'nova', - $rootwrap_config = '/etc/manila/rootwrap.conf', - $state_path = '/var/lib/manila', - $lock_path = '/tmp/manila/manila_locks', - $amqp_server_request_prefix = 'exclusive', - $amqp_broadcast_prefix = 'broadcast', - $amqp_group_request_prefix = 'unicast', - $amqp_container_name = 'guest', - $amqp_idle_timeout = '0', - $amqp_trace = false, - $amqp_allow_insecure_clients = false, - $amqp_ssl_ca_file = undef, - $amqp_ssl_cert_file = undef, - $amqp_ssl_key_file = undef, - $amqp_ssl_key_password = undef, - # DEPRECATED PARAMETERS - $qpid_hostname = undef, - $qpid_port = undef, - $qpid_username = undef, - $qpid_password = undef, - $qpid_sasl_mechanisms = undef, - $qpid_reconnect = undef, - $qpid_reconnect_timeout = undef, - $qpid_reconnect_limit = undef, - $qpid_reconnect_interval_min = undef, - $qpid_reconnect_interval_max = undef, - $qpid_reconnect_interval = undef, - $qpid_heartbeat = undef, - $qpid_protocol = undef, - $qpid_tcp_nodelay = undef, -) { - - include ::manila::db - include ::manila::logging - include ::manila::params - - if $use_ssl { - if !$cert_file { - fail('The cert_file parameter is required when use_ssl is set to true') - } - if !$key_file { - fail('The key_file parameter is required when use_ssl is set to true') - } - } - - if $kombu_ssl_ca_certs and !$rabbit_use_ssl { - fail('The kombu_ssl_ca_certs parameter requires rabbit_use_ssl to be set to true') - } - if $kombu_ssl_certfile and !$rabbit_use_ssl { - fail('The kombu_ssl_certfile parameter requires rabbit_use_ssl to be set to true') - } - if $kombu_ssl_keyfile and !$rabbit_use_ssl { - fail('The kombu_ssl_keyfile parameter requires rabbit_use_ssl to be set to true') - } - if ($kombu_ssl_certfile and !$kombu_ssl_keyfile) or ($kombu_ssl_keyfile and !$kombu_ssl_certfile) { - fail('The kombu_ssl_certfile and kombu_ssl_keyfile parameters must be used together') - } - - # this anchor is used to simplify the graph between manila components by - # allowing a resource to serve as a point where the configuration of manila begins - anchor { 'manila-start': } - - package { 'manila': - ensure => $package_ensure, - name => $::manila::params::package_name, - require => Anchor['manila-start'], - tag => ['openstack', 'manila-package'], - } - - if $rpc_backend == 'manila.openstack.common.rpc.impl_kombu' or $rpc_backend == 'rabbit' { - - if ! $rabbit_password { - fail('Please specify a rabbit_password parameter.') - } - - manila_config { - 'oslo_messaging_rabbit/rabbit_password': value => $rabbit_password, secret => true; - 'oslo_messaging_rabbit/rabbit_userid': value => $rabbit_userid; - 'oslo_messaging_rabbit/rabbit_virtual_host': value => $rabbit_virtual_host; - 'oslo_messaging_rabbit/rabbit_use_ssl': value => $rabbit_use_ssl; - 'DEFAULT/control_exchange': value => $control_exchange; - 'oslo_messaging_rabbit/amqp_durable_queues': value => $amqp_durable_queues; - } - - if $rabbit_hosts { - manila_config { 'oslo_messaging_rabbit/rabbit_hosts': value => join($rabbit_hosts, ',') } - } else { - manila_config { 'oslo_messaging_rabbit/rabbit_host': value => $rabbit_host } - manila_config { 'oslo_messaging_rabbit/rabbit_port': value => $rabbit_port } - manila_config { 'oslo_messaging_rabbit/rabbit_hosts': value => "${rabbit_host}:${rabbit_port}" } - } - - if $rabbit_ha_queues == undef { - if size($rabbit_hosts) > 1 { - manila_config { 'oslo_messaging_rabbit/rabbit_ha_queues': value => true } - } else { - manila_config { 'oslo_messaging_rabbit/rabbit_ha_queues': value => false } - } - } else { - manila_config { 'oslo_messaging_rabbit/rabbit_ha_queues': value => $rabbit_ha_queues } - } - - if $rabbit_use_ssl { - - if $kombu_ssl_ca_certs { - manila_config { 'oslo_messaging_rabbit/kombu_ssl_ca_certs': value => $kombu_ssl_ca_certs; } - } else { - manila_config { 'oslo_messaging_rabbit/kombu_ssl_ca_certs': ensure => absent; } - } - - if $kombu_ssl_certfile or $kombu_ssl_keyfile { - manila_config { - 'oslo_messaging_rabbit/kombu_ssl_certfile': value => $kombu_ssl_certfile; - 'oslo_messaging_rabbit/kombu_ssl_keyfile': value => $kombu_ssl_keyfile; - } - } else { - manila_config { - 'oslo_messaging_rabbit/kombu_ssl_certfile': ensure => absent; - 'oslo_messaging_rabbit/kombu_ssl_keyfile': ensure => absent; - } - } - - if $kombu_ssl_version { - manila_config { 'oslo_messaging_rabbit/kombu_ssl_version': value => $kombu_ssl_version; } - } else { - manila_config { 'oslo_messaging_rabbit/kombu_ssl_version': ensure => absent; } - } - - } else { - manila_config { - 'oslo_messaging_rabbit/kombu_ssl_ca_certs': ensure => absent; - 'oslo_messaging_rabbit/kombu_ssl_certfile': ensure => absent; - 'oslo_messaging_rabbit/kombu_ssl_keyfile': ensure => absent; - 'oslo_messaging_rabbit/kombu_ssl_version': ensure => absent; - } - } - - } - - if $rpc_backend == 'manila.openstack.common.rpc.impl_qpid' or $rpc_backend == 'qpid' { - warning('Qpidd\'s driver was removed from Oslo.messaging in Mitaka release') - } - - - manila_config { - 'oslo_messaging_amqp/server_request_prefix': value => $amqp_server_request_prefix; - 'oslo_messaging_amqp/broadcast_prefix': value => $amqp_broadcast_prefix; - 'oslo_messaging_amqp/group_request_prefix': value => $amqp_group_request_prefix; - 'oslo_messaging_amqp/container_name': value => $amqp_container_name; - 'oslo_messaging_amqp/idle_timeout': value => $amqp_idle_timeout; - 'oslo_messaging_amqp/trace': value => $amqp_trace; - 'oslo_messaging_amqp/allow_insecure_clients': value => $amqp_allow_insecure_clients, - } - - - if $amqp_ssl_ca_file { - manila_config { 'oslo_messaging_amqp/ssl_ca_file': value => $amqp_ssl_ca_file; } - } else { - manila_config { 'oslo_messaging_amqp/ssl_ca_file': ensure => absent; } - } - - if $amqp_ssl_key_password { - manila_config { 'oslo_messaging_amqp/ssl_key_password': value => $amqp_ssl_key_password; } - } else { - manila_config { 'oslo_messaging_amqp/ssl_key_password': ensure => absent; } - } - - if $amqp_ssl_cert_file { - manila_config { 'oslo_messaging_amqp/ssl_cert_file': value => $amqp_ssl_cert_file; } - } else { - manila_config { 'oslo_messaging_amqp/ssl_cert_file': ensure => absent; } - } - - if $amqp_ssl_key_file { - manila_config { 'oslo_messaging_amqp/ssl_key_file': value => $amqp_ssl_key_file; } - } else { - manila_config { 'oslo_messaging_amqp/ssl_key_file': ensure => absent; } - } - - - manila_config { - 'DEFAULT/api_paste_config': value => $api_paste_config; - 'DEFAULT/rpc_backend': value => $rpc_backend; - 'DEFAULT/storage_availability_zone': value => $storage_availability_zone; - 'DEFAULT/rootwrap_config': value => $rootwrap_config; - 'DEFAULT/notification_driver': value => $notification_driver; - 'DEFAULT/state_path': value => $state_path; - 'oslo_concurrency/lock_path': value => $lock_path; - } - - # SSL Options - if $use_ssl { - manila_config { - 'DEFAULT/ssl_cert_file' : value => $cert_file; - 'DEFAULT/ssl_key_file' : value => $key_file; - } - if $ca_file { - manila_config { 'DEFAULT/ssl_ca_file' : - value => $ca_file, - } - } else { - manila_config { 'DEFAULT/ssl_ca_file' : - ensure => absent, - } - } - } else { - manila_config { - 'DEFAULT/ssl_cert_file' : ensure => absent; - 'DEFAULT/ssl_key_file' : ensure => absent; - 'DEFAULT/ssl_ca_file' : ensure => absent; - } - } - -} diff --git a/manila/manifests/keystone/auth.pp b/manila/manifests/keystone/auth.pp deleted file mode 100644 index 677ebd6ef..000000000 --- a/manila/manifests/keystone/auth.pp +++ /dev/null @@ -1,261 +0,0 @@ -# == Class: manila::keystone::auth -# -# Configures Manila user, service and endpoint in Keystone. -# -# === Parameters -# -# [*password*] -# Password for Manila user. Required. -# -# [*email*] -# Email for Manila user. Optional. Defaults to 'manila@localhost'. -# -# [*auth_name*] -# Username for Manila service. Optional. Defaults to 'manila'. -# -# [*configure_endpoint*] -# Should Manila endpoint be configured? Optional. Defaults to 'true'. -# API v1 endpoint should be enabled in Icehouse for compatibility with Nova. -# -# [*service_type*] -# Type of service. Optional. Defaults to 'share'. -# -# [*service_description*] -# Description for keystone service. Optional. Defaults to 'Manila Service'. -# -# [*region*] -# Region for endpoint. Optional. Defaults to 'RegionOne'. -# -# [*tenant*] -# Tenant for Manila user. Optional. Defaults to 'services'. -# -# [*public_url*] -# (optional) The endpoint's public url. (Defaults to 'http://127.0.0.1:8786/v1/%(tenant_id)s') -# This url should *not* contain any trailing '/'. -# -# [*admin_url*] -# (optional) The endpoint's admin url. (Defaults to 'http://127.0.0.1:8786/v1/%(tenant_id)s') -# This url should *not* contain any trailing '/'. -# -# [*internal_url*] -# (optional) The endpoint's internal url. (Defaults to 'http://127.0.0.1:8786/v1/%(tenant_id)s') -# This url should *not* contain any trailing '/'. -# -# [*password_v2*] -# Password for Manila v2 user. Optional. Defaults to undef. -# -# [*email_v2*] -# Email for Manila v2 user. Optional. Defaults to 'manilav2@localhost'. -# -# [*auth_name_v2*] -# Username for Manila v2 service. Optional. Defaults to 'manilav2'. -# -# [*configure_endpoint_v2*] -# Should Manila v2 endpoint be configured? Optional. Defaults to 'true'. -# -# [*service_type_v2*] -# Type of service v2. Optional. Defaults to 'sharev2'. -# -# [*service_description_v2*] -# Description for keystone service v2. Optional. Defaults to 'Manila Service v2'. -# -# [*public_url_v2*] -# (optional) The v2 endpoint's public url. (Defaults to 'http://127.0.0.1:8786/v2/%(tenant_id)s') -# This url should *not* contain any trailing '/'. -# -# [*admin_url_v2*] -# (optional) The endpoint's admin url. (Defaults to 'http://127.0.0.1:8786/v2/%(tenant_id)s') -# This url should *not* contain any trailing '/'. -# -# [*internal_url_v2*] -# (optional) The endpoint's internal url. (Defaults to 'http://127.0.0.1:8786/v2/%(tenant_id)s') -# This url should *not* contain any trailing '/'. -# -# [*share_version*] -# (optional) DEPRECATED: Use public_url, internal_url and admin_url instead. -# API version endpoint. (Defaults to 'v1') -# Setting this parameter overrides public_url, internal_url and admin_url parameters. -# -# [*port*] -# (optional) DEPRECATED: Use public_url, internal_url and admin_url instead. -# Default port for endpoints. (Defaults to 8786) -# Setting this parameter overrides public_url, internal_url and admin_url parameters. -# -# [*public_protocol*] -# (optional) DEPRECATED: Use public_url instead. -# Protocol for public endpoint. (Defaults to 'http') -# Setting this parameter overrides public_url parameter. -# -# [*public_address*] -# (optional) DEPRECATED: Use public_url instead. -# Public address for endpoint. (Defaults to '127.0.0.1') -# Setting this parameter overrides public_url parameter. -# -# [*internal_protocol*] -# (optional) DEPRECATED: Use internal_url instead. -# Protocol for internal endpoint. (Defaults to 'http') -# Setting this parameter overrides internal_url parameter. -# -# [*internal_address*] -# (optional) DEPRECATED: Use internal_url instead. -# Internal address for endpoint. (Defaults to '127.0.0.1') -# Setting this parameter overrides internal_url parameter. -# -# [*admin_protocol*] -# (optional) DEPRECATED: Use admin_url instead. -# Protocol for admin endpoint. (Defaults to 'http') -# Setting this parameter overrides admin_url parameter. -# -# [*admin_address*] -# (optional) DEPRECATED: Use admin_url instead. -# Admin address for endpoint. (Defaults to '127.0.0.1') -# Setting this parameter overrides admin_url parameter. -# -# === Deprecation notes -# -# If any value is provided for public_protocol, public_address or port parameters, -# public_url will be completely ignored. The same applies for internal and admin parameters. -# -# === Examples -# -# class { 'manila::keystone::auth': -# public_url => 'https://10.0.0.10:8786/v1/%(tenant_id)s', -# internal_url => 'https://10.0.0.11:8786/v1/%(tenant_id)s', -# admin_url => 'https://10.0.0.11:8786/v1/%(tenant_id)s', -# } -# -class manila::keystone::auth ( - $password, - $password_v2 = undef, - $auth_name_v2 = 'manilav2', - $auth_name = 'manila', - $email = 'manila@localhost', - $email_v2 = 'manilav2@localhost', - $tenant = 'services', - $configure_endpoint = true, - $configure_endpoint_v2 = true, - $service_type = 'share', - $service_type_v2 = 'sharev2', - $service_description = 'Manila Service', - $service_description_v2 = 'Manila Service v2', - $region = 'RegionOne', - $public_url = 'http://127.0.0.1:8786/v1/%(tenant_id)s', - $public_url_v2 = 'http://127.0.0.1:8786/v2/%(tenant_id)s', - $admin_url = 'http://127.0.0.1:8786/v1/%(tenant_id)s', - $admin_url_v2 = 'http://127.0.0.1:8786/v2/%(tenant_id)s', - $internal_url = 'http://127.0.0.1:8786/v1/%(tenant_id)s', - $internal_url_v2 = 'http://127.0.0.1:8786/v2/%(tenant_id)s', - # DEPRECATED PARAMETERS - $share_version = undef, - $port = undef, - $public_protocol = undef, - $public_address = undef, - $internal_protocol = undef, - $internal_address = undef, - $admin_protocol = undef, - $admin_address = undef, -) { - - # for interface backward compatibility, we can't enforce to set a new parameter - # so we take 'password' parameter by default but allow to override it. - if ! $password_v2 { - $password_v2_real = $password - } else { - $password_v2_real = $password_v2 - } - - if $share_version { - warning('The share_version parameter is deprecated, use public_url, internal_url and admin_url instead.') - } - - if $port { - warning('The port parameter is deprecated, use public_url, internal_url and admin_url instead.') - } - - if $public_protocol { - warning('The public_protocol parameter is deprecated, use public_url instead.') - } - - if $internal_protocol { - warning('The internal_protocol parameter is deprecated, use internal_url instead.') - } - - if $admin_protocol { - warning('The admin_protocol parameter is deprecated, use admin_url instead.') - } - - if $public_address { - warning('The public_address parameter is deprecated, use public_url instead.') - } - - if $internal_address { - warning('The internal_address parameter is deprecated, use internal_url instead.') - } - - if $admin_address { - warning('The admin_address parameter is deprecated, use admin_url instead.') - } - - if ($public_protocol or $public_address or $port or $share_version) { - $public_url_real = sprintf('%s://%s:%s/%s/%%(tenant_id)s', - pick($public_protocol, 'http'), - pick($public_address, '127.0.0.1'), - pick($port, '8786'), - pick($share_version, 'v1')) - } else { - $public_url_real = $public_url - } - - if ($admin_protocol or $admin_address or $port or $share_version) { - $admin_url_real = sprintf('%s://%s:%s/%s/%%(tenant_id)s', - pick($admin_protocol, 'http'), - pick($admin_address, '127.0.0.1'), - pick($port, '8786'), - pick($share_version, 'v1')) - } else { - $admin_url_real = $admin_url - } - - if ($internal_protocol or $internal_address or $port or $share_version) { - $internal_url_real = sprintf('%s://%s:%s/%s/%%(tenant_id)s', - pick($internal_protocol, 'http'), - pick($internal_address, '127.0.0.1'), - pick($port, '8786'), - pick($share_version, 'v1')) - } else { - $internal_url_real = $internal_url - } - - Keystone_user_role["${auth_name}@${tenant}"] ~> Service <| name == 'manila-api' |> - Keystone_user_role["${auth_name_v2}@${tenant}"] ~> Service <| name == 'manila-api' |> - - keystone::resource::service_identity { $auth_name: - configure_user => true, - configure_user_role => true, - configure_endpoint => $configure_endpoint, - service_type => $service_type, - service_description => $service_description, - region => $region, - password => $password, - email => $email, - tenant => $tenant, - public_url => $public_url_real, - admin_url => $admin_url_real, - internal_url => $internal_url_real, - } - - keystone::resource::service_identity { $auth_name_v2: - configure_user => true, - configure_user_role => true, - configure_endpoint => $configure_endpoint_v2, - service_type => $service_type_v2, - service_description => $service_description_v2, - region => $region, - password => $password_v2_real, - email => $email_v2, - tenant => $tenant, - public_url => $public_url_v2, - admin_url => $admin_url_v2, - internal_url => $internal_url_v2, - } -} diff --git a/manila/manifests/logging.pp b/manila/manifests/logging.pp deleted file mode 100644 index 9fd0a6f7e..000000000 --- a/manila/manifests/logging.pp +++ /dev/null @@ -1,152 +0,0 @@ -# Class manila::logging -# -# manila logging configuration -# -# == parameters -# -# [*verbose*] -# (Optional) Should the daemons log verbose messages -# Defaults to $::os_service_default -# -# [*debug*] -# (Optional) Should the daemons log debug messages -# Defaults to $::os_service_default -# -# [*use_syslog*] -# (Optional) Use syslog for logging. -# Defaults to $::os_service_default -# -# [*use_stderr*] -# (optional) Use stderr for logging -# Defaults to $::os_service_default -# -# [*log_facility*] -# (Optional) Syslog facility to receive log lines. -# Defaults to $::os_service_default -# -# [*log_dir*] -# (optional) Directory where logs should be stored. -# If set to boolean false, it will not log to any directory. -# Defaults to '/var/log/manila' -# -# [*logging_context_format_string*] -# (optional) Format string to use for log messages with context. -# Defaults to $::os_service_default -# Example: '%(asctime)s.%(msecs)03d %(process)d %(levelname)s %(name)s\ -# [%(request_id)s %(user_identity)s] %(instance)s%(message)s' -# -# [*logging_default_format_string*] -# (optional) Format string to use for log messages without context. -# Defaults to $::os_service_default -# Example: '%(asctime)s.%(msecs)03d %(process)d %(levelname)s %(name)s\ -# [-] %(instance)s%(message)s' -# -# [*logging_debug_format_suffix*] -# (optional) Formatted data to append to log format when level is DEBUG. -# Defaults to $::os_service_default -# Example: '%(funcName)s %(pathname)s:%(lineno)d' -# -# [*logging_exception_prefix*] -# (optional) Prefix each line of exception output with this format. -# Defaults to $::os_service_default -# Example: '%(asctime)s.%(msecs)03d %(process)d TRACE %(name)s %(instance)s' -# -# [*log_config_append*] -# The name of an additional logging configuration file. -# Defaults to $::os_service_default -# See https://docs.python.org/2/howto/logging.html -# -# [*default_log_levels*] -# (optional) Hash of logger (keys) and level (values) pairs. -# Defaults to $::os_service_default -# Example: -# { 'amqp' => 'WARN', 'amqplib' => 'WARN', 'boto' => 'WARN', -# 'qpid' => 'WARN', 'sqlalchemy' => 'WARN', 'suds' => 'INFO', -# 'iso8601' => 'WARN', -# 'requests.packages.urllib3.connectionpool' => 'WARN' } -# -# [*publish_errors*] -# (optional) Publish error events (boolean value). -# Defaults to $::os_service_default -# -# [*fatal_deprecations*] -# (optional) Make deprecations fatal (boolean value) -# Defaults to $::os_service_default -# -# [*instance_format*] -# (optional) If an instance is passed with the log message, format it -# like this (string value). -# Defaults to $::os_service_default -# Example: '[instance: %(uuid)s] ' -# -# [*instance_uuid_format*] -# (optional) If an instance UUID is passed with the log message, format -# it like this (string value). -# Defaults to $::os_service_default -# Example: instance_uuid_format='[instance: %(uuid)s] ' -# -# [*log_date_format*] -# (optional) Format string for %%(asctime)s in log records. -# Defaults to $::os_service_default -# Example: 'Y-%m-%d %H:%M:%S' - -class manila::logging( - $use_syslog = $::os_service_default, - $use_stderr = $::os_service_default, - $log_facility = $::os_service_default, - $log_dir = '/var/log/manila', - $verbose = $::os_service_default, - $debug = $::os_service_default, - $logging_context_format_string = $::os_service_default, - $logging_default_format_string = $::os_service_default, - $logging_debug_format_suffix = $::os_service_default, - $logging_exception_prefix = $::os_service_default, - $log_config_append = $::os_service_default, - $default_log_levels = $::os_service_default, - $publish_errors = $::os_service_default, - $fatal_deprecations = $::os_service_default, - $instance_format = $::os_service_default, - $instance_uuid_format = $::os_service_default, - $log_date_format = $::os_service_default, -) { - - # NOTE(spredzy): In order to keep backward compatibility we rely on the pick function - # to use manila:: first then manila::logging::. - $use_syslog_real = pick($::manila::use_syslog,$use_syslog) - $use_stderr_real = pick($::manila::use_stderr,$use_stderr) - $log_facility_real = pick($::manila::log_facility,$log_facility) - $log_dir_real = pick($::manila::log_dir,$log_dir) - $verbose_real = pick($::manila::verbose,$verbose) - $debug_real = pick($::manila::debug,$debug) - - if is_service_default($default_log_levels) { - $default_log_levels_real = $default_log_levels - } else { - $default_log_levels_real = join(sort(join_keys_to_values($default_log_levels, '=')), ',') - } - - manila_config { - 'DEFAULT/debug' : value => $debug_real; - 'DEFAULT/verbose' : value => $verbose_real; - 'DEFAULT/use_stderr' : value => $use_stderr_real; - 'DEFAULT/use_syslog' : value => $use_syslog_real; - 'DEFAULT/log_dir' : value => $log_dir_real; - 'DEFAULT/syslog_log_facility': value => $log_facility_real; - } - - manila_config { - 'DEFAULT/logging_context_format_string': value => $logging_context_format_string; - 'DEFAULT/logging_default_format_string': value => $logging_default_format_string; - 'DEFAULT/logging_debug_format_suffix': value => $logging_debug_format_suffix; - 'DEFAULT/logging_exception_prefix': value => $logging_exception_prefix; - 'DEFAULT/log_config_append': value => $log_config_append; - 'DEFAULT/default_log_levels': value => $default_log_levels_real; - 'DEFAULT/publish_errors': value => $publish_errors; - 'DEFAULT/fatal_deprecations': value => $fatal_deprecations; - 'DEFAULT/instance_format': value => $instance_format; - 'DEFAULT/instance_uuid_format': value => $instance_uuid_format; - 'DEFAULT/log_date_format': value => $log_date_format; - } - - -} diff --git a/manila/manifests/network/neutron.pp b/manila/manifests/network/neutron.pp deleted file mode 100644 index ff685eb05..000000000 --- a/manila/manifests/network/neutron.pp +++ /dev/null @@ -1,68 +0,0 @@ -# == class: manila::network::neutron -# -# Setup and configure Neutron communication -# -# === Parameters -# -# [*neutron_url*] -# (optional) URL for connecting to neutron -# -# [*neutron_url_timeout*] -# (optional) timeout value for connecting to neutron in seconds -# -# [*neutron_admin_username*] -# (optional) username for connecting to neutron in admin context -# -# [*neutron_admin_password*] -# (optional) password for connecting to neutron in admin context -# -# [*neutron_admin_tenant_name*] -# (optional) Tenant name for connecting to neutron in admin context -# -# [*neutron_region_name*] -# (optional) region name for connecting to neutron in admin context -# -# [*neutron_admin_auth_url*] -# (optional) auth url for connecting to neutron in admin context -# -# [*neutron_api_insecure*] -# (optional) if set, ignore any SSL validation issues -# -# [*neutron_auth_strategy*] -# (optional) auth strategy for connecting to -# neutron in admin context -# -# [*neutron_ca_certificates_file*] -# (optional) Location of ca certificates file to use for -# neutron client requests. -# - -class manila::network::neutron ( - $neutron_url = 'http://127.0.0.1:9696', - $neutron_url_timeout = 30, - $neutron_admin_username = 'neutron', - $neutron_admin_password = undef, - $neutron_admin_tenant_name = 'service', - $neutron_region_name = undef, - $neutron_admin_auth_url = 'http://localhost:5000/v2.0', - $neutron_api_insecure = false, - $neutron_auth_strategy = 'keystone', - $neutron_ca_certificates_file = undef, -) { - - $neutron_plugin_name = 'manila.network.neutron.neutron_network_plugin.NeutronNetworkPlugin' - - manila_config { - 'DEFAULT/network_api_class': value => $neutron_plugin_name; - 'DEFAULT/neutron_url': value => $neutron_url; - 'DEFAULT/neutron_url_timeout': value => $neutron_url_timeout; - 'DEFAULT/neutron_admin_username': value => $neutron_admin_username; - 'DEFAULT/neutron_admin_password': value => $neutron_admin_password; - 'DEFAULT/neutron_admin_tenant_name': value => $neutron_admin_tenant_name; - 'DEFAULT/neutron_region_name': value => $neutron_region_name; - 'DEFAULT/neutron_admin_auth_url': value => $neutron_admin_auth_url; - 'DEFAULT/neutron_api_insecure': value => $neutron_api_insecure; - 'DEFAULT/neutron_auth_strategy': value => $neutron_auth_strategy; - 'DEFAULT/neutron_ca_certificates_file': value => $neutron_ca_certificates_file; - } -} diff --git a/manila/manifests/network/neutron_single_network.pp b/manila/manifests/network/neutron_single_network.pp deleted file mode 100644 index e76163079..000000000 --- a/manila/manifests/network/neutron_single_network.pp +++ /dev/null @@ -1,31 +0,0 @@ -# == define: manila::network::neutron_single_network -# -# Setup and configure the Neutron single network plugin -# -# === Parameters -# -# [*neutron_net_id*] -# (required) Default Neutron network that will be used for share server -# creation. This opt is used only with -# class 'NeutronSingleNetworkPlugin'. -# -# [*neutron_subnet_id*] -# (required) Default Neutron subnet that will be used for share server -# creation. Should be assigned to network defined in opt -# 'neutron_net_id'. This opt is used only with -# class 'NeutronSingleNetworkPlugin'. -# - -define manila::network::neutron_single_network ( - $neutron_net_id, - $neutron_subnet_id, -) { - - $neutron_single_plugin_name = 'manila.network.neutron.neutron_network_plugin.NeutronSingleNetworkPlugin' - - manila_config { - "${name}/network_api_class": value => $neutron_single_plugin_name; - "${name}/neutron_net_id": value => $neutron_net_id; - "${name}/neutron_subnet_id": value => $neutron_subnet_id; - } -} diff --git a/manila/manifests/network/nova_network.pp b/manila/manifests/network/nova_network.pp deleted file mode 100644 index 39740a5a8..000000000 --- a/manila/manifests/network/nova_network.pp +++ /dev/null @@ -1,12 +0,0 @@ -# == define: manila::network::nova_network -# -# Setup and configure Nova Networking communication -# - -define manila::network::nova_network () { - $nova_net_plugin_name = 'manila.network.nova_network_plugin.NovaNetworkPlugin' - - manila_config { - "${name}/network_api_class": value => $nova_net_plugin_name; - } -} diff --git a/manila/manifests/network/nova_single_network.pp b/manila/manifests/network/nova_single_network.pp deleted file mode 100644 index 143be3b21..000000000 --- a/manila/manifests/network/nova_single_network.pp +++ /dev/null @@ -1,22 +0,0 @@ -# == define: manila::network::nova_single_network -# -# Setup and configure Nova Networking communication with a single network -# -# === Parameters -# -# [*nova_single_network_plugin_net_id*] -# (required) Default Nova network that will be used for share servers. -# This opt is used only with class 'NovaSingleNetworkPlugin'. -# - -define manila::network::nova_single_network ( - $nova_single_network_plugin_net_id, -) { - - $nova_single_net_plugin_name = 'manila.network.nova_network_plugin.NovaSingleNetworkPlugin' - - manila_config { - "${name}/network_api_class": value => $nova_single_net_plugin_name; - "${name}/nova_single_network_plugin_net_id": value => $nova_single_network_plugin_net_id; - } -} diff --git a/manila/manifests/network/standalone.pp b/manila/manifests/network/standalone.pp deleted file mode 100644 index 5b288f1bc..000000000 --- a/manila/manifests/network/standalone.pp +++ /dev/null @@ -1,51 +0,0 @@ -# == define: manila::network::standalone -# -# Setup and configure Manila standalone network communication -# -# === Parameters -# -# [*standalone_network_plugin_gateway*] -# (required) Gateway IPv4 address that should be used. Required -# -# [*standalone_network_plugin_mask*] -# (required) Network mask that will be used. Can be either decimal -# like '24' or binary like '255.255.255.0'. Required. -# -# [*standalone_network_plugin_segmentation_id*] -# (optional) Set it if network has segmentation (VLAN, VXLAN, etc...). -# It will be assigned to share-network and share drivers will be -# able to use this for network interfaces within provisioned -# share servers. Optional. Example: 1001 -# -# [*standalone_network_plugin_allowed_ip_ranges*] -# (optional) Can be IP address, range of IP addresses or list of addresses -# or ranges. Contains addresses from IP network that are allowed -# to be used. If empty, then will be assumed that all host -# addresses from network can be used. Optional. -# Examples: 10.0.0.10 or 10.0.0.10-10.0.0.20 or -# 10.0.0.10-10.0.0.20,10.0.0.30-10.0.0.40,10.0.0.50 -# -# [*standalone_network_plugin_ip_version*] -# (optional) IP version of network. Optional. -# Allowed values are '4' and '6'. Default value is '4'. -# - -define manila::network::standalone ( - $standalone_network_plugin_gateway, - $standalone_network_plugin_mask, - $standalone_network_plugin_segmentation_id = undef, - $standalone_network_plugin_allowed_ip_ranges = undef, - $standalone_network_plugin_ip_version = '4', -) { - - $standalone_plugin_name = 'manila.network.standalone_network_plugin.StandaloneNetworkPlugin' - - manila_config { - "${name}/network_api_class": value => $standalone_plugin_name; - "${name}/standalone_network_plugin_gateway": value => $standalone_network_plugin_gateway; - "${name}/standalone_network_plugin_mask": value => $standalone_network_plugin_mask; - "${name}/standalone_network_plugin_segmentation_id": value => $standalone_network_plugin_segmentation_id; - "${name}/standalone_network_plugin_allowed_ip_ranges": value => $standalone_network_plugin_allowed_ip_ranges; - "${name}/standalone_network_plugin_ip_version": value => $standalone_network_plugin_ip_version; - } -} diff --git a/manila/manifests/params.pp b/manila/manifests/params.pp deleted file mode 100644 index ef3c92b8f..000000000 --- a/manila/manifests/params.pp +++ /dev/null @@ -1,56 +0,0 @@ -# -class manila::params { - - $manila_conf = '/etc/manila/manila.conf' - $manila_paste_api_ini = '/etc/manila/api-paste.ini' - - if $::osfamily == 'Debian' { - $package_name = 'manila-common' - $client_package = 'python-manilaclient' - $api_package = 'manila-api' - $api_service = 'manila-api' - $scheduler_package = 'manila-scheduler' - $scheduler_service = 'manila-scheduler' - $share_package = 'manila-share' - $share_service = 'manila-share' - $db_sync_command = 'manila-manage db sync' - $tgt_package_name = 'tgt' - $tgt_service_name = 'tgt' - $ceph_init_override = '/etc/init/manila-share.override' - $iscsi_helper = 'tgtadm' - $lio_package_name = 'targetcli' - $gluster_client_package_name = 'glusterfs-client' - $gluster_package_name = 'glusterfs-common' - $sqlite_package_name = 'python-pysqlite2' - $pymysql_package_name = 'python-pymysql' - - } elsif($::osfamily == 'RedHat') { - - $package_name = 'openstack-manila' - $client_package = 'python-manilaclient' - $api_package = false - $api_service = 'openstack-manila-api' - $scheduler_package = false - $scheduler_service = 'openstack-manila-scheduler' - $share_package = 'openstack-manila-share' - $share_service = 'openstack-manila-share' - $db_sync_command = 'manila-manage db sync' - $tgt_package_name = 'scsi-target-utils' - $tgt_service_name = 'tgtd' - $ceph_init_override = '/etc/sysconfig/openstack-manila-share' - $lio_package_name = 'targetcli' - $gluster_client_package_name = 'glusterfs-fuse' - $gluster_package_name = 'glusterfs' - $sqlite_package_name = undef - $pymysql_package_name = undef - - if $::operatingsystem == 'RedHat' and (versioncmp($::operatingsystemmajrelease, '7') >= 0) { - $iscsi_helper = 'lioadm' - } else { - $iscsi_helper = 'tgtadm' - } - - } else { - fail("unsupported osfamily ${::osfamily}, currently Debian and Redhat are the only supported platforms") - } -} diff --git a/manila/manifests/qpid.pp b/manila/manifests/qpid.pp deleted file mode 100644 index 6bc7bd461..000000000 --- a/manila/manifests/qpid.pp +++ /dev/null @@ -1,35 +0,0 @@ -# == Class: manila::qpid -# -# Deprecated class for installing qpid server for manila -# -# === Parameters -# -# [*enabled*] -# (Optional) Whether to enable the service -# Defaults to undef. -# -# [*user*] -# (Optional) The user to create in qpid -# Defaults to undef. -# -# [*password*] -# (Optional) The password to create for the user -# Defaults to undef. -# -# [*file*] -# (Optional) Sasl file for the user -# Defaults to undef. -# -# [*realm*] -# (Optional) Realm for the user -# Defaults to undef. -# -class manila::qpid ( - $enabled = undef, - $user = undef, - $password = undef, - $file = undef, - $realm = undef -) { - warning('Qpid driver is removed from Oslo.messaging in the Mitaka release') -} diff --git a/manila/manifests/quota.pp b/manila/manifests/quota.pp deleted file mode 100644 index 274a8e685..000000000 --- a/manila/manifests/quota.pp +++ /dev/null @@ -1,64 +0,0 @@ -# == Class: manila::quota -# -# Setup and configure Manila quotas. -# -# === Parameters -# -# [*quota_shares*] -# (optional) Number of shares allowed per project. Defaults to 10. -# -# [*quota_snapshots*] -# (optional) Number of share snapshots allowed per project. Defaults to 10. -# -# [*quota_gigabytes*] -# (optional) Number of share gigabytes (snapshots are also included) -# allowed per project. Defaults to 1000. -# -# [*quota_driver*] -# (optional) Default driver to use for quota checks. -# Defaults to 'manila.quota.DbQuotaDriver'. -# -# [*quota_snapshot_gigabytes*] -# (optional) Number of snapshot gigabytes allowed per project. -# Defaults to 1000. -# -# [*quota_share_networks*] -# (optional) Number of share-networks allowed per project. -# Defaults to 10. -# -# [*reservation_expire*] -# (optional) Number of seconds until a reservation expires. -# Defaults to 86400. -# -# [*until_refresh*] -# (optional) Count of reservations until usage is refreshed. -# Defaults to 0. -# -# [*max_age*] -# (optional) Number of seconds between subsequent usage refreshes. -# Defaults to 0. -# -class manila::quota ( - $quota_shares = 10, - $quota_snapshots = 10, - $quota_gigabytes = 1000, - $quota_driver = 'manila.quota.DbQuotaDriver', - $quota_snapshot_gigabytes = 1000, - $quota_share_networks = 10, - $reservation_expire = 86400, - $until_refresh = 0, - $max_age = 0, -) { - - manila_config { - 'DEFAULT/quota_shares': value => $quota_shares; - 'DEFAULT/quota_snapshots': value => $quota_snapshots; - 'DEFAULT/quota_gigabytes': value => $quota_gigabytes; - 'DEFAULT/quota_driver': value => $quota_driver; - 'DEFAULT/quota_snapshot_gigabytes': value => $quota_snapshot_gigabytes; - 'DEFAULT/quota_share_networks': value => $quota_share_networks; - 'DEFAULT/reservation_expire': value => $reservation_expire; - 'DEFAULT/until_refresh': value => $until_refresh; - 'DEFAULT/max_age': value => $max_age; - } -} diff --git a/manila/manifests/rabbitmq.pp b/manila/manifests/rabbitmq.pp deleted file mode 100644 index f7fd13bf7..000000000 --- a/manila/manifests/rabbitmq.pp +++ /dev/null @@ -1,62 +0,0 @@ -# == Class: manila::rabbitmq -# -# Installs and manages rabbitmq server for manila -# -# == Parameters: -# -# [*userid*] -# (optional) The username to use when connecting to Rabbit -# Defaults to 'guest' -# -# [*password*] -# (optional) The password to use when connecting to Rabbit -# Defaults to 'guest' -# -# [*port*] -# (optional) Deprecated. The port to use when connecting to Rabbit -# This parameter keeps backward compatibility when we used to manage -# RabbitMQ service. -# Defaults to '5672' -# -# [*virtual_host*] -# (optional) The virtual host to use when connecting to Rabbit -# Defaults to '/' -# -# [*enabled*] -# (optional) Deprecated. Whether to enable the Rabbit resources -# This parameter keeps backward compatibility when we used to manage -# RabbitMQ service. -# Defaults to true -# -class manila::rabbitmq( - $userid = 'guest', - $password = 'guest', - $virtual_host = '/', - # DEPRECATED PARAMETER - $enabled = true, - $port = '5672', -) { - - if ($enabled) { - if $userid == 'guest' { - $delete_guest_user = false - } else { - $delete_guest_user = true - rabbitmq_user { $userid: - admin => true, - password => $password, - provider => 'rabbitmqctl', - } - # I need to figure out the appropriate permissions - rabbitmq_user_permissions { "${userid}@${virtual_host}": - configure_permission => '.*', - write_permission => '.*', - read_permission => '.*', - provider => 'rabbitmqctl', - }->Anchor<| title == 'manila-start' |> - } - rabbitmq_vhost { $virtual_host: - provider => 'rabbitmqctl', - } - } -} diff --git a/manila/manifests/scheduler.pp b/manila/manifests/scheduler.pp deleted file mode 100644 index 58c1dfed7..000000000 --- a/manila/manifests/scheduler.pp +++ /dev/null @@ -1,67 +0,0 @@ -# == Class: manila::scheduler -# -# Install and manage Manila scheduler. -# -# === Parameters -# -# [*scheduler_driver*] -# (Optional) Description -# Defaults to false. -# -# [*package_ensure*] -# (Optional) The state of the scheduler package -# Defaults to 'present'. -# -# [*enabled*] -# (Optional) Whether to run the scheduler service -# Defaults to true. -# -# [*manage_service*] -# (Optional) Whether to start/stop the service -# Defaults to true. -# -class manila::scheduler ( - $scheduler_driver = false, - $package_ensure = 'present', - $enabled = true, - $manage_service = true -) { - - include ::manila::params - - Manila_config<||> ~> Service['manila-scheduler'] - Manila_api_paste_ini<||> ~> Service['manila-scheduler'] - Exec<| title == 'manila-manage db_sync' |> ~> Service['manila-scheduler'] - - if $scheduler_driver { - manila_config { - 'DEFAULT/scheduler_driver': value => $scheduler_driver; - } - } - - if $::manila::params::scheduler_package { - Package['manila-scheduler'] -> Service['manila-scheduler'] - package { 'manila-scheduler': - ensure => $package_ensure, - name => $::manila::params::scheduler_package, - tag => ['openstack', 'manila-package'], - } - } - - if $manage_service { - if $enabled { - $ensure = 'running' - } else { - $ensure = 'stopped' - } - } - - service { 'manila-scheduler': - ensure => $ensure, - name => $::manila::params::scheduler_service, - enable => $enabled, - hasstatus => true, - require => Package['manila'], - tag => 'manila-service', - } -} diff --git a/manila/manifests/service_instance.pp b/manila/manifests/service_instance.pp deleted file mode 100644 index aeb58665e..000000000 --- a/manila/manifests/service_instance.pp +++ /dev/null @@ -1,129 +0,0 @@ -# ==define manila::service_instance -# -# ===Parameters -# -# [*service_image_name*] -# (optional) Name of image in glance, that will be used to create -# service instance. -# Defaults to: 'manila-service-image' -# -# [*service_image_location*] -# (required) URL or pathname to the service image. This will be -# loaded into Glance. -# -# [*service_instance_name_template*] -# (optional) Name of service instance. -# Defaults to: 'manila_service_instance_%s' -# -# [*service_instance_user*] -# (required) User in service instance. -# -# [*service_instance_password*] -# (required) Password to service instance user. -# -# [*manila_service_keypair_name*] -# (optional) Name of keypair that will be created and used -# for service instance. -# Defaults to: 'manila-service' -# -# [*path_to_public_key*] -# (optional) Path to hosts public key. -# Defaults to: '~/.ssh/id_rsa.pub' -# -# [*path_to_private_key*] -# (optional) Path to hosts private key. -# Defaults to: '~/.ssh/id_rsa' -# -# [*max_time_to_build_instance*] -# (optional) Maximum time to wait for creating service instance. -# Defaults to: 300 -# -# [*service_instance_security_group*] -# (optional) Name of security group, that will be used for -# service instance creation. -# Defaults to: 'manila-service' -# -# [*service_instance_flavor_id*] -# (optional) ID of flavor, that will be used for service instance -# creation. -# Defaults to: 1 -# -# [*service_network_name*] -# (optional) Name of manila service network. -# Defaults to: 'manila_service_network' -# -# [*service_network_cidr*] -# (optional) CIDR of manila service network. -# Defaults to: '10.254.0.0/16' -# -# [*service_network_division_mask*] -# (optional) This mask is used for dividing service network into -# subnets, IP capacity of subnet with this mask directly -# defines possible amount of created service VMs -# per tenant's subnet. -# Defaults to: 28 -# -# [*interface_driver*] -# (optional) Vif driver. -# Defaults to: 'manila.network.linux.interface.OVSInterfaceDriver' -# -# [*connect_share_server_to_tenant_network*] -# (optional) Attach share server directly to share network. -# Defaults to: false -# -# [*service_instance_network_helper_type*] -# Allowed values are nova, neutron -# Defaults to: neutron - -define manila::service_instance ( - $service_image_name = 'manila-service-image', - $service_image_location = undef, - $service_instance_name_template = 'manila_service_instance_%s', - $service_instance_user = undef, - $service_instance_password = undef, - $manila_service_keypair_name = 'manila-service', - $path_to_public_key = '~/.ssh/id_rsa.pub', - $path_to_private_key = '~/.ssh/id_rsa', - $max_time_to_build_instance = 300, - $service_instance_security_group = 'manila-service', - $service_instance_flavor_id = 1, - $service_network_name = 'manila_service_network', - $service_network_cidr = '10.254.0.0/16', - $service_network_division_mask = 28, - $interface_driver = 'manila.network.linux.interface.OVSInterfaceDriver', - $connect_share_server_to_tenant_network = false, - $service_instance_network_helper_type = 'neutron', - -) { - if $service_image_location { - glance_image { $service_image_name: - ensure => present, - is_public => 'yes', - container_format => 'bare', - disk_format => 'qcow2', - source => $service_image_location, - } - } - else { - fail('Missing required parameter service_image_location') - } - - manila_config { - "${name}/service_image_name": value => $service_image_name; - "${name}/service_instance_name_template": value => $service_instance_name_template; - "${name}/service_instance_user": value => $service_instance_user; - "${name}/service_instance_password": value => $service_instance_password; - "${name}/manila_service_keypair_name": value => $manila_service_keypair_name; - "${name}/path_to_public_key": value => $path_to_public_key; - "${name}/path_to_private_key": value => $path_to_private_key; - "${name}/max_time_to_build_instance": value => $max_time_to_build_instance; - "${name}/service_instance_security_group": value => $service_instance_security_group; - "${name}/service_instance_flavor_id": value => $service_instance_flavor_id; - "${name}/service_network_name": value => $service_network_name; - "${name}/service_network_cidr": value => $service_network_cidr; - "${name}/service_network_division_mask": value => $service_network_division_mask; - "${name}/interface_driver": value => $interface_driver; - "${name}/connect_share_server_to_tenant_network": value => $connect_share_server_to_tenant_network; - "${name}/service_instance_network_helper_type": value => $service_instance_network_helper_type; - } -} diff --git a/manila/manifests/share.pp b/manila/manifests/share.pp deleted file mode 100644 index 46b15cf77..000000000 --- a/manila/manifests/share.pp +++ /dev/null @@ -1,56 +0,0 @@ -# == Class: manila::share -# -# === Parameters -# -# [*package_ensure*] -# (Optional) Ensure State for package -# Defaults to 'present'. -# -# [*enabled*] -# (Optional) Should the service be enabled -# Defaults to true. -# -# [*manage_service*] -# (Optional) Whether the service should be managed by Puppet -# Defaults to true. -# -# $share_name_template = share-%s -class manila::share ( - $package_ensure = 'present', - $enabled = true, - $manage_service = true -) { - - include ::manila::params - - Manila_config<||> ~> Service['manila-share'] - Manila_api_paste_ini<||> ~> Service['manila-share'] - Exec<| title == 'manila-manage db_sync' |> ~> Service['manila-share'] - - if $::manila::params::share_package { - Package['manila'] -> Package['manila-share'] - Package['manila-share'] -> Service['manila-share'] - package { 'manila-share': - ensure => $package_ensure, - name => $::manila::params::share_package, - tag => ['openstack', 'manila-package'], - } - } - - if $manage_service { - if $enabled { - $ensure = 'running' - } else { - $ensure = 'stopped' - } - } - - service { 'manila-share': - ensure => $ensure, - name => $::manila::params::share_service, - enable => $enabled, - hasstatus => true, - require => Package['manila'], - tag => 'manila-service', - } -} diff --git a/manila/manifests/share/generic.pp b/manila/manifests/share/generic.pp deleted file mode 100644 index 2fa315ff5..000000000 --- a/manila/manifests/share/generic.pp +++ /dev/null @@ -1,103 +0,0 @@ -# == Class: manila::share::generic -# -# Configures Manila to use the generic share driver -# -# ===Parameters -# [*driver_handles_share_servers*] -# (required) Denotes whether the driver should handle the responsibility of -# managing share servers. This must be set to false if the driver is to -# operate without managing share servers. -# -# [*smb_template_config_path*] -# (optional) Path to smb config. -# Defaults to: $state_path/smb.conf -# -# [*volume_name_template*] -# (optional) Volume name template. -# Defaults to: manila-share-%s -# -# [*volume_snapshot_name_template*] -# (optional) Volume snapshot name template. -# Defaults to: manila-snapshot-%s -# -# [*share_mount_path*] -# (optional) Parent path in service instance where shares will be mounted. -# Defaults to: /shares -# -# [*max_time_to_create_volume*] -# (optional) Maximum time to wait for creating cinder volume. -# Defaults to: 180 -# -# [*max_time_to_attach*] -# (optional) Maximum time to wait for attaching cinder volume. -# Defaults to: 120 -# -# [*service_instance_smb_config_path*] -# (optional) Path to smb config in service instance. -# Defaults to: $share_mount_path/smb.conf -# -# [*share_volume_fstype*] -# (optional) Filesystem type of the share volume. -# Choices: 'ext4', 'ext3' -# Defaults to: ext4 -# -# [*share_helpers*] -# (optional) Specify list of share export helpers. -# Defaults to: ['CIFS=manila.share.drivers.generic.CIFSHelper', -# 'NFS=manila.share.drivers.generic.NFSHelper'] -# -# [*cinder_volume_type*] -# (optional) Name or id of cinder volume type which will be used for all -# volumes created by driver. -# -# [*delete_share_server_with_last_share*] -# (optional) With this option is set to True share server willbe deleted -# on deletion of last share. -# Defaults to: False -# -# [*unmanage_remove_access_rules*] -# (optional) If set to True, then manila will deny access and remove all -# access rules on share unmanage. If set to False - nothing will be changed. -# Defaults to: False -# -# [*automatic_share_server_cleanup*] -# (optional) If set to True, then Manila will delete all share servers which -# were unused more than specified time. If set to False, automatic deletion -# of share servers will be disabled. -# Defaults to: True - -class manila::share::generic ( - $driver_handles_share_servers, - $smb_template_config_path = '$state_path/smb.conf', - $volume_name_template = 'manila-share-%s', - $volume_snapshot_name_template = 'manila-snapshot-%s', - $share_mount_path = '/shares', - $max_time_to_create_volume = 180, - $max_time_to_attach = 120, - $service_instance_smb_config_path = '$share_mount_path/smb.conf', - $share_volume_fstype = 'ext4', - $share_helpers = ['CIFS=manila.share.drivers.generic.CIFSHelper', - 'NFS=manila.share.drivers.generic.NFSHelper'], - $cinder_volume_type = undef, - $delete_share_server_with_last_share = 'False', - $unmanage_remove_access_rules = 'False', - $automatic_share_server_cleanup = 'True', -) { - - manila::backend::generic { 'DEFAULT': - driver_handles_share_servers => $driver_handles_share_servers, - smb_template_config_path => $smb_template_config_path, - volume_name_template => $volume_name_template, - volume_snapshot_name_template => $volume_snapshot_name_template, - share_mount_path => $share_mount_path, - max_time_to_create_volume => $max_time_to_create_volume, - max_time_to_attach => $max_time_to_attach, - service_instance_smb_config_path => $service_instance_smb_config_path, - share_helpers => $share_helpers, - share_volume_fstype => $share_volume_fstype, - cinder_volume_type => $cinder_volume_type, - delete_share_server_with_last_share => $delete_share_server_with_last_share, - unmanage_remove_access_rules => $unmanage_remove_access_rules, - automatic_share_server_cleanup => $automatic_share_server_cleanup, - } -} diff --git a/manila/manifests/share/glusterfs.pp b/manila/manifests/share/glusterfs.pp deleted file mode 100644 index 309db4a67..000000000 --- a/manila/manifests/share/glusterfs.pp +++ /dev/null @@ -1,30 +0,0 @@ -# -# == Class: manila::share::glusterfs -# -# Configures Manila to use GlusterFS as a share driver -# -# === Parameters -# -# [*glusterfs_volumes_config*] -# (required) File with the list of Gluster volumes that can -# be used to create shares -# -# [*glusterfs_mount_point_base*] -# Base dir containing mount points for Gluster volumes. -# -# === Examples -# -# class { 'manila::share::glusterfs': -# glusterfs_shares = ['192.168.1.1:/shares'], -# } -# -class manila::share::glusterfs ( - $glusterfs_volumes_config = '/etc/manila/glusterfs_volumes', - $glusterfs_mount_point_base = '$state_path/mnt', -) { - - manila::backend::glusterfs { 'DEFAULT': - glusterfs_volumes_config => $glusterfs_volumes_config, - glusterfs_mount_point_base => $glusterfs_mount_point_base, - } -} diff --git a/manila/manifests/share/netapp.pp b/manila/manifests/share/netapp.pp deleted file mode 100644 index a89e0f8ac..000000000 --- a/manila/manifests/share/netapp.pp +++ /dev/null @@ -1,130 +0,0 @@ -# == Class: manila::share::netapp -# -# Configures Manila to use the NetApp share driver -# -# === Parameters -# [*driver_handles_share_servers*] -# (required) Denotes whether the driver should handle the responsibility of -# managing share servers. This must be set to false if the driver is to -# operate without managing share servers. -# -# [*netapp_login*] -# (required) Administrative user account name used to access the storage -# system. -# -# [*netapp_password*] -# (required) Password for the administrative user account specified in the -# netapp_login parameter. -# -# [*netapp_server_hostname*] -# (required) The hostname (or IP address) for the storage system. -# -# [*netapp_transport_type*] -# (optional) The transport protocol used when communicating with -# the storage system or proxy server. Valid values are -# http or https. -# Defaults to http -# -# [*netapp_storage_family*] -# (optional) The storage family type used on the storage system; valid -# values are ontap_cluster for clustered Data ONTAP. -# Defaults to ontap_cluster -# -# [*netapp_server_port*] -# (optional) The TCP port to use for communication with the storage system -# or proxy server. If not specified, Data ONTAP drivers will use 80 for HTTP -# and 443 for HTTPS. -# -# [*netapp_volume_name_template*] -# (optional) NetApp volume name template. -# Defaults to share_%(share_id)s -# -# [*netapp_vserver*] -# (optional) This option specifies the storage virtual machine (previously -# called a Vserver) name on the storage cluster on which provisioning of -# shared file systems should occur. This option only applies -# when the option driver_handles_share_servers is set to False. -# -# [*netapp_vserver_name_template*] -# (optional) Name template to use for new vserver. This option only applies -# when the option driver_handles_share_servers is set to True. -# Defaults to os_%s -# -# [*netapp_lif_name_template*] -# (optional) Logical interface (LIF) name template. This option only applies -# when the option driver_handles_share_servers is set to True. -# Defaults to os_%(net_allocation_id)s -# -# [*netapp_aggregate_name_search_pattern*] -# (optional) Pattern for searching available aggregates -# for provisioning. -# Defaults to (.*) -# -# [*netapp_root_volume_aggregate*] -# (optional) Name of aggregate to create root volume on. This option only -# applies when the option driver_handles_share_servers is set to True. -# -# [*netapp_root_volume_name*] -# (optional) Root volume name. This option only applies when the option -# driver_handles_share_servers is set to True. -# Defaults to root -# -# [*netapp_port_name_search_pattern*] -# (optional) Pattern for overriding the selection of network ports on which -# to create Vserver LIFs. -# Defaults to (.*) -# -# [*netapp_trace_flags*] -# (optional) This option is a comma-separated list of options (valid values -# include method and api) that controls which trace info is written to the -# Manila logs when the debug level is set to True -# -# === Examples -# class { 'manila::share::netapp': -# driver_handles_share_servers => true, -# netapp_login => 'clusterAdmin', -# netapp_password => 'password', -# netapp_server_hostname => 'netapp.mycorp.com', -# netapp_storage_family => 'ontap_cluster', -# netapp_transport_type => 'https', -# } -# - -class manila::share::netapp ( - $driver_handles_share_servers, - $netapp_login, - $netapp_password, - $netapp_server_hostname, - $netapp_transport_type = 'http', - $netapp_storage_family = 'ontap_cluster', - $netapp_server_port = undef, - $netapp_volume_name_template = 'share_%(share_id)s', - $netapp_vserver = undef, - $netapp_vserver_name_template = 'os_%s', - $netapp_lif_name_template = 'os_%(net_allocation_id)s', - $netapp_aggregate_name_search_pattern = '(.*)', - $netapp_root_volume_aggregate = undef, - $netapp_root_volume_name = 'root', - $netapp_port_name_search_pattern = '(.*)', - $netapp_trace_flags = undef, -) { - - manila::backend::netapp { 'DEFAULT': - driver_handles_share_servers => $driver_handles_share_servers, - netapp_login => $netapp_login, - netapp_password => $netapp_password, - netapp_server_hostname => $netapp_server_hostname, - netapp_transport_type => $netapp_transport_type, - netapp_storage_family => $netapp_storage_family, - netapp_server_port => $netapp_server_port, - netapp_volume_name_template => $netapp_volume_name_template, - netapp_vserver => $netapp_vserver, - netapp_vserver_name_template => $netapp_vserver_name_template, - netapp_lif_name_template => $netapp_lif_name_template, - netapp_aggregate_name_search_pattern => $netapp_aggregate_name_search_pattern, - netapp_root_volume_aggregate => $netapp_root_volume_aggregate, - netapp_root_volume_name => $netapp_root_volume_name, - netapp_port_name_search_pattern => $netapp_port_name_search_pattern, - netapp_trace_flags => $netapp_trace_flags, - } -} diff --git a/manila/manifests/type.pp b/manila/manifests/type.pp deleted file mode 100644 index ee0b6fa9a..000000000 --- a/manila/manifests/type.pp +++ /dev/null @@ -1,87 +0,0 @@ -# ==Define: manila::type -# -# Creates manila type and assigns backends. -# -# === Parameters -# -# [*os_password*] -# (required) The keystone tenant:username password. -# -# [*driver_handles_share_servers*] -# (required) If the driver handles share servers. -# -# [*set_key*] -# (optional) Must be used with set_value. Accepts a single string be used -# as the key in type_set -# -# [*set_value*] -# (optional) Accepts list of strings or singular string. A list of values -# passed to type_set -# -# [*os_tenant_name*] -# (optional) The keystone tenant name. Defaults to 'admin'. -# -# [*os_username*] -# (optional) The keystone user name. Defaults to 'admin. -# -# [*os_auth_url*] -# (optional) The keystone auth url. Defaults to 'http://127.0.0.1:5000/v2.0/'. -# -# [*os_region_name*] -# (optional) The keystone region name. Default is unset. -# -# Author: Andrew Woodward - -define manila::type ( - $os_password, - $driver_handles_share_servers, - $set_key = undef, - $set_value = undef, - $os_tenant_name = 'admin', - $os_username = 'admin', - $os_auth_url = 'http://127.0.0.1:5000/v2.0/', - $os_region_name = undef, - ) { - - $volume_name = $name - - include ::manila::client - -# TODO: (xarses) This should be moved to a ruby provider so that among other -# reasons, the credential discovery magic can occur like in neutron. - - $manila_env = [ - "OS_TENANT_NAME=${os_tenant_name}", - "OS_USERNAME=${os_username}", - "OS_PASSWORD=${os_password}", - "OS_AUTH_URL=${os_auth_url}", - ] - - if $os_region_name { - $region_env = ["OS_REGION_NAME=${os_region_name}"] - } - else { - $region_env = [] - } - - exec {"manila type-create ${volume_name} ${driver_handles_share_servers}": - command => "manila type-create ${volume_name} ${driver_handles_share_servers}", - unless => "manila type-list | grep ${volume_name}", - environment => concat($manila_env, $region_env), - require => Package['python-manilaclient'], - path => ['/usr/bin', '/bin'], - } - - if ($set_value and $set_key) { - Exec["manila type-create ${volume_name} ${driver_handles_share_servers}"] -> - manila::type_set { $set_value: - type => $volume_name, - key => $set_key, - os_password => $os_password, - os_tenant_name => $os_tenant_name, - os_username => $os_username, - os_auth_url => $os_auth_url, - os_region_name => $os_region_name, - } - } -} diff --git a/manila/manifests/type_set.pp b/manila/manifests/type_set.pp deleted file mode 100644 index f14d990ee..000000000 --- a/manila/manifests/type_set.pp +++ /dev/null @@ -1,66 +0,0 @@ -# ==Define: manila::type_set -# -# Assigns keys after the share type is set. -# -# === Parameters -# -# [*os_password*] -# (required) The keystone tenant:username password. -# -# [*type*] -# (required) Accepts single name of type to set. -# -# [*key*] -# (required) the key name that we are setting the value for. -# -# [*os_tenant_name*] -# (optional) The keystone tenant name. Defaults to 'admin'. -# -# [*os_username*] -# (optional) The keystone user name. Defaults to 'admin. -# -# [*os_auth_url*] -# (optional) The keystone auth url. Defaults to 'http://127.0.0.1:5000/v2.0/'. -# -# [*os_region_name*] -# (optional) The keystone region name. Default is unset. -# -# Author: Andrew Woodward - - -define manila::type_set ( - $type, - $key, - $os_password, - $os_tenant_name = 'admin', - $os_username = 'admin', - $os_auth_url = 'http://127.0.0.1:5000/v2.0/', - $os_region_name = undef, - ) { - - include ::manila::client - -# TODO: (xarses) This should be moved to a ruby provider so that among other -# reasons, the credential discovery magic can occur like in neutron. - - $manila_env = [ - "OS_TENANT_NAME=${os_tenant_name}", - "OS_USERNAME=${os_username}", - "OS_PASSWORD=${os_password}", - "OS_AUTH_URL=${os_auth_url}", - ] - - if $os_region_name { - $region_env = ["OS_REGION_NAME=${os_region_name}"] - } - else { - $region_env = [] - } - - exec {"manila type-key ${type} set ${key}=${name}": - path => ['/usr/bin', '/bin'], - command => "manila type-key ${type} set ${key}=${name}", - environment => concat($manila_env, $region_env), - require => Package['python-manilaclient'], - } -} diff --git a/manila/manifests/volume/cinder.pp b/manila/manifests/volume/cinder.pp deleted file mode 100644 index ba01c926d..000000000 --- a/manila/manifests/volume/cinder.pp +++ /dev/null @@ -1,65 +0,0 @@ -# == Class: manila::cinder -# -# Setup and configure Cinder communication -# -# === Parameters -# -# [*cinder_catalog_info*] -# (optional) Info to match when looking for cinder in the service -# catalog. Format is : separated values of the form: -# :: -# -# [*os_region_name*] -# (optional) region name of this node -# -# [*cinder_ca_certificates_file*] -# (optional) Location of ca certificates file to use for cinder -# client requests. -# -# [*cinder_http_retries*] -# (optional) Number of cinderclient retries on failed http calls -# -# [*cinder_api_insecure*] -# (optional) Allow to perform insecure SSL requests to cinder -# -# [*cinder_cross_az_attach*] -# (optional) Allow attach between instance and volume in different -# availability zones. -# -# [*cinder_admin_username*] -# (optional) Cinder admin username -# -# [*cinder_admin_password*] -# (optional) Cinder admin password -# -# [*cinder_admin_tenant_name*] -# (optional) Cinder admin tenant name -# -# [*cinder_admin_auth_url*] -# (optional) Identity service url -# - -class manila::volume::cinder ( - $cinder_catalog_info = 'volume:cinder:publicURL', - $cinder_ca_certificates_file = undef, - $cinder_http_retries = 3, - $cinder_api_insecure = false, - $cinder_cross_az_attach = true, - $cinder_admin_username = 'cinder', - $cinder_admin_password = undef, - $cinder_admin_tenant_name = 'service', - $cinder_admin_auth_url = 'http://localhost:5000/v2.0', -) { - -manila_config { - 'DEFAULT/cinder_catalog_info': value => $cinder_catalog_info; - 'DEFAULT/cinder_ca_certificates_file': value => $cinder_ca_certificates_file; - 'DEFAULT/cinder_http_retries': value => $cinder_http_retries; - 'DEFAULT/cinder_api_insecure': value => $cinder_api_insecure; - 'DEFAULT/cinder_cross_az_attach': value => $cinder_cross_az_attach; - 'DEFAULT/cinder_admin_username': value => $cinder_admin_username; - 'DEFAULT/cinder_admin_password': value => $cinder_admin_password; - 'DEFAULT/cinder_admin_tenant_name': value => $cinder_admin_tenant_name; - 'DEFAULT/cinder_admin_auth_url': value => $cinder_admin_auth_url; - } -} diff --git a/manila/metadata.json b/manila/metadata.json deleted file mode 100644 index a3f46433e..000000000 --- a/manila/metadata.json +++ /dev/null @@ -1,33 +0,0 @@ -{ - "name": "openstack-manila", - "version": "8.1.0", - "author": "NetApp and OpenStack Contributors", - "summary": "Puppet module for OpenStack Manila", - "license": "Apache-2.0", - "source": "git://github.com/openstack/puppet-manila.git", - "project_page": "https://launchpad.net/puppet-manila", - "issues_url": "https://bugs.launchpad.net/puppet-manila", - "requirements": [ - { "name": "pe", "version_requirement": ">= 3.2.0 <= 2016.1.0" }, - { "name": "puppet", "version_requirement": ">= 3.0.0 < 5.0.0" } - ], - "operatingsystem_support": [ - { - "operatingsystem": "RedHat", - "operatingsystemrelease": ["7"] - }, - { - "operatingsystem": "Ubuntu", - "operatingsystemrelease": ["14.04"] - } - ], - "description": "Installs and configures OpenStack Manila (Shared Filesystems).", - "dependencies": [ - { "name": "puppetlabs/inifile", "version_requirement": ">=1.4.0 <2.0.0" }, - { "name": "openstack/keystone", "version_requirement": ">=8.1.0 <9.0.0" }, - { "name": "openstack/glance", "version_requirement": ">=8.1.0 <9.0.0" }, - { "name": "puppetlabs/rabbitmq", "version_requirement": ">=5.3.1 <6.0.0" }, - { "name": "puppetlabs/stdlib", "version_requirement": ">=4.9.0 <5.0.0" }, - { "name": "openstack/openstacklib", "version_requirement": ">=8.1.0 <9.0.0" } - ] -} diff --git a/manila/releasenotes/notes/mitaka-dece9d43a565e6cb.yaml b/manila/releasenotes/notes/mitaka-dece9d43a565e6cb.yaml deleted file mode 100644 index 734845b23..000000000 --- a/manila/releasenotes/notes/mitaka-dece9d43a565e6cb.yaml +++ /dev/null @@ -1,3 +0,0 @@ ---- -prelude: > - This is the first Mitaka release for puppet-manila module. diff --git a/manila/releasenotes/notes/pymysql-e57bf1f0289dd426.yaml b/manila/releasenotes/notes/pymysql-e57bf1f0289dd426.yaml deleted file mode 100644 index 3556c0c8c..000000000 --- a/manila/releasenotes/notes/pymysql-e57bf1f0289dd426.yaml +++ /dev/null @@ -1,3 +0,0 @@ ---- -features: - - Support of PyMySQL driver for MySQL backend. diff --git a/manila/releasenotes/notes/remove_posix-d1f775df21874348.yaml b/manila/releasenotes/notes/remove_posix-d1f775df21874348.yaml deleted file mode 100644 index 2930cc25f..000000000 --- a/manila/releasenotes/notes/remove_posix-d1f775df21874348.yaml +++ /dev/null @@ -1,4 +0,0 @@ ---- -other: - - Remove all Puppet resources that manage Users, Groups, and File modes - because upstream packaging already manages them. diff --git a/manila/releasenotes/notes/remove_qpid-0b446db43fdea617.yaml b/manila/releasenotes/notes/remove_qpid-0b446db43fdea617.yaml deleted file mode 100644 index c59a436d3..000000000 --- a/manila/releasenotes/notes/remove_qpid-0b446db43fdea617.yaml +++ /dev/null @@ -1,5 +0,0 @@ ---- -deprecations: - - Remove QPID messaging support. - Qpid messaging driver is removed from oslo.messaging so we won't support - anymore. diff --git a/manila/releasenotes/notes/use-reno-1caaec4ba5aa4285.yaml b/manila/releasenotes/notes/use-reno-1caaec4ba5aa4285.yaml deleted file mode 100644 index 41cef2f11..000000000 --- a/manila/releasenotes/notes/use-reno-1caaec4ba5aa4285.yaml +++ /dev/null @@ -1,4 +0,0 @@ ---- -features: - - Release notes are no longer maintained by hand, we now use the reno tool to - manage them. diff --git a/manila/releasenotes/source/_static/.placeholder b/manila/releasenotes/source/_static/.placeholder deleted file mode 100644 index e69de29bb..000000000 diff --git a/manila/releasenotes/source/conf.py b/manila/releasenotes/source/conf.py deleted file mode 100644 index 10f78b66a..000000000 --- a/manila/releasenotes/source/conf.py +++ /dev/null @@ -1,259 +0,0 @@ -# -*- coding: utf-8 -*- -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or -# implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -# If extensions (or modules to document with autodoc) are in another directory, -# add these directories to sys.path here. If the directory is relative to the -# documentation root, use os.path.abspath to make it absolute, like shown here. -#sys.path.insert(0, os.path.abspath('.')) - -# -- General configuration ------------------------------------------------ - -# If your documentation needs a minimal Sphinx version, state it here. -#needs_sphinx = '1.0' - -# Add any Sphinx extension module names here, as strings. They can be -# extensions coming with Sphinx (named 'sphinx.ext.*') or your custom -# ones. -extensions = [ - 'oslosphinx', - 'reno.sphinxext', -] - -# Add any paths that contain templates here, relative to this directory. -templates_path = ['_templates'] - -# The suffix of source filenames. -source_suffix = '.rst' - -# The encoding of source files. -#source_encoding = 'utf-8-sig' - -# The master toctree document. -master_doc = 'index' - -# General information about the project. -project = u'puppet-manila Release Notes' -copyright = u'2016, Puppet OpenStack Developers' - -# The version info for the project you're documenting, acts as replacement for -# |version| and |release|, also used in various other places throughout the -# built documents. -# -# The short X.Y version. -version = '8.1.0' -# The full version, including alpha/beta/rc tags. -release = '8.1.0' - -# The language for content autogenerated by Sphinx. Refer to documentation -# for a list of supported languages. -#language = None - -# There are two options for replacing |today|: either, you set today to some -# non-false value, then it is used: -#today = '' -# Else, today_fmt is used as the format for a strftime call. -#today_fmt = '%B %d, %Y' - -# List of patterns, relative to source directory, that match files and -# directories to ignore when looking for source files. -exclude_patterns = [] - -# The reST default role (used for this markup: `text`) to use for all -# documents. -#default_role = None - -# If true, '()' will be appended to :func: etc. cross-reference text. -#add_function_parentheses = True - -# If true, the current module name will be prepended to all description -# unit titles (such as .. function::). -#add_module_names = True - -# If true, sectionauthor and moduleauthor directives will be shown in the -# output. They are ignored by default. -#show_authors = False - -# The name of the Pygments (syntax highlighting) style to use. -pygments_style = 'sphinx' - -# A list of ignored prefixes for module index sorting. -#modindex_common_prefix = [] - -# If true, keep warnings as "system message" paragraphs in the built documents. -#keep_warnings = False - - -# -- Options for HTML output ---------------------------------------------- - -# The theme to use for HTML and HTML Help pages. See the documentation for -# a list of builtin themes. -html_theme = 'default' - -# Theme options are theme-specific and customize the look and feel of a theme -# further. For a list of options available for each theme, see the -# documentation. -#html_theme_options = {} - -# Add any paths that contain custom themes here, relative to this directory. -#html_theme_path = [] - -# The name for this set of Sphinx documents. If None, it defaults to -# " v documentation". -#html_title = None - -# A shorter title for the navigation bar. Default is the same as html_title. -#html_short_title = None - -# The name of an image file (relative to this directory) to place at the top -# of the sidebar. -#html_logo = None - -# The name of an image file (within the static path) to use as favicon of the -# docs. This file should be a Windows icon file (.ico) being 16x16 or 32x32 -# pixels large. -#html_favicon = None - -# Add any paths that contain custom static files (such as style sheets) here, -# relative to this directory. They are copied after the builtin static files, -# so a file named "default.css" will overwrite the builtin "default.css". -html_static_path = ['_static'] - -# Add any extra paths that contain custom files (such as robots.txt or -# .htaccess) here, relative to this directory. These files are copied -# directly to the root of the documentation. -#html_extra_path = [] - -# If not '', a 'Last updated on:' timestamp is inserted at every page bottom, -# using the given strftime format. -#html_last_updated_fmt = '%b %d, %Y' - -# If true, SmartyPants will be used to convert quotes and dashes to -# typographically correct entities. -#html_use_smartypants = True - -# Custom sidebar templates, maps document names to template names. -#html_sidebars = {} - -# Additional templates that should be rendered to pages, maps page names to -# template names. -#html_additional_pages = {} - -# If false, no module index is generated. -#html_domain_indices = True - -# If false, no index is generated. -#html_use_index = True - -# If true, the index is split into individual pages for each letter. -#html_split_index = False - -# If true, links to the reST sources are added to the pages. -#html_show_sourcelink = True - -# If true, "Created using Sphinx" is shown in the HTML footer. Default is True. -#html_show_sphinx = True - -# If true, "(C) Copyright ..." is shown in the HTML footer. Default is True. -#html_show_copyright = True - -# If true, an OpenSearch description file will be output, and all pages will -# contain a tag referring to it. The value of this option must be the -# base URL from which the finished HTML is served. -#html_use_opensearch = '' - -# This is the file name suffix for HTML files (e.g. ".xhtml"). -#html_file_suffix = None - -# Output file base name for HTML help builder. -htmlhelp_basename = 'puppet-manilaReleaseNotesdoc' - - -# -- Options for LaTeX output --------------------------------------------- - -latex_elements = { -# The paper size ('letterpaper' or 'a4paper'). -#'papersize': 'letterpaper', - -# The font size ('10pt', '11pt' or '12pt'). -#'pointsize': '10pt', - -# Additional stuff for the LaTeX preamble. -#'preamble': '', -} - -# Grouping the document tree into LaTeX files. List of tuples -# (source start file, target name, title, -# author, documentclass [howto, manual, or own class]). -latex_documents = [ - ('index', 'puppet-manilaReleaseNotes.tex', u'puppet-manila Release Notes Documentation', - u'2016, Puppet OpenStack Developers', 'manual'), -] - -# The name of an image file (relative to this directory) to place at the top of -# the title page. -#latex_logo = None - -# For "manual" documents, if this is true, then toplevel headings are parts, -# not chapters. -#latex_use_parts = False - -# If true, show page references after internal links. -#latex_show_pagerefs = False - -# If true, show URL addresses after external links. -#latex_show_urls = False - -# Documents to append as an appendix to all manuals. -#latex_appendices = [] - -# If false, no module index is generated. -#latex_domain_indices = True - - -# -- Options for manual page output --------------------------------------- - -# One entry per manual page. List of tuples -# (source start file, name, description, authors, manual section). -man_pages = [ - ('index', 'puppet-manilareleasenotes', u'puppet-manila Release Notes Documentation', - [u'2016, Puppet OpenStack Developers'], 1) -] - -# If true, show URL addresses after external links. -#man_show_urls = False - - -# -- Options for Texinfo output ------------------------------------------- - -# Grouping the document tree into Texinfo files. List of tuples -# (source start file, target name, title, author, -# dir menu entry, description, category) -texinfo_documents = [ - ('index', 'puppet-manilaReleaseNotes', u'puppet-manila Release Notes Documentation', - u'2016, Puppet OpenStack Developers', 'puppet-manilaReleaseNotes', 'One line description of project.', - 'Miscellaneous'), -] - -# Documents to append as an appendix to all manuals. -#texinfo_appendices = [] - -# If false, no module index is generated. -#texinfo_domain_indices = True - -# How to display URL addresses: 'footnote', 'no', or 'inline'. -#texinfo_show_urls = 'footnote' - -# If true, do not generate a @detailmenu in the "Top" node's menu. -#texinfo_no_detailmenu = False diff --git a/manila/releasenotes/source/index.rst b/manila/releasenotes/source/index.rst deleted file mode 100644 index 86d7fe310..000000000 --- a/manila/releasenotes/source/index.rst +++ /dev/null @@ -1,19 +0,0 @@ -======================================= -Welcome to puppet-manila Release Notes! -======================================= - -Contents -======== - -.. toctree:: - :maxdepth: 2 - - mitaka - unreleased - - -Indices and tables -================== - -* :ref:`genindex` -* :ref:`search` diff --git a/manila/releasenotes/source/mitaka.rst b/manila/releasenotes/source/mitaka.rst deleted file mode 100644 index 97ab8d1d3..000000000 --- a/manila/releasenotes/source/mitaka.rst +++ /dev/null @@ -1,6 +0,0 @@ -============================ - Mitaka Series Release Notes -============================ - -.. release-notes:: - :branch: origin/stable/mitaka diff --git a/manila/releasenotes/source/unreleased.rst b/manila/releasenotes/source/unreleased.rst deleted file mode 100644 index 2334dd5cf..000000000 --- a/manila/releasenotes/source/unreleased.rst +++ /dev/null @@ -1,5 +0,0 @@ -============================== - Current Series Release Notes -============================== - - .. release-notes:: diff --git a/manila/setup.cfg b/manila/setup.cfg deleted file mode 100644 index 662c1ee0d..000000000 --- a/manila/setup.cfg +++ /dev/null @@ -1,13 +0,0 @@ -[metadata] -name = puppet-manila -summary = Puppet module for OpenStack Manila -description-file = - README.md -author = Puppet Labs and OpenStack Contributors -author-email = openstack-dev@lists.openstack.org -home-page = http://www.openstack.org/ -classifier = - Intended Audience :: Developers - Intended Audience :: System Administrators - License :: OSI Approved :: Apache Software License - Operating System :: POSIX :: Linux diff --git a/manila/setup.py b/manila/setup.py deleted file mode 100644 index 70c2b3f32..000000000 --- a/manila/setup.py +++ /dev/null @@ -1,22 +0,0 @@ -#!/usr/bin/env python -# Copyright (c) 2013 Hewlett-Packard Development Company, L.P. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or -# implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# THIS FILE IS MANAGED BY THE GLOBAL REQUIREMENTS REPO - DO NOT EDIT -import setuptools - -setuptools.setup( - setup_requires=['pbr'], - pbr=True) diff --git a/manila/spec/acceptance/basic_manila_spec.rb b/manila/spec/acceptance/basic_manila_spec.rb deleted file mode 100644 index 7fb6b3fde..000000000 --- a/manila/spec/acceptance/basic_manila_spec.rb +++ /dev/null @@ -1,73 +0,0 @@ -require 'spec_helper_acceptance' - -describe 'basic manila' do - - context 'default parameters' do - - it 'should work with no errors' do - pp= <<-EOS - include ::openstack_integration - include ::openstack_integration::repos - include ::openstack_integration::rabbitmq - include ::openstack_integration::mysql - include ::openstack_integration::keystone - - rabbitmq_user { 'manila': - admin => true, - password => 'an_even_bigger_secret', - provider => 'rabbitmqctl', - require => Class['rabbitmq'], - } - - rabbitmq_user_permissions { 'manila@/': - configure_permission => '.*', - write_permission => '.*', - read_permission => '.*', - provider => 'rabbitmqctl', - require => Class['rabbitmq'], - } - - # Manila resources - class { '::manila': - sql_connection => 'mysql+pymysql://manila:a_big_secret@127.0.0.1/manila?charset=utf8', - rabbit_userid => 'manila', - rabbit_password => 'an_even_bigger_secret', - rabbit_host => '127.0.0.1', - debug => true, - verbose => true, - } - class { '::manila::db::mysql': - password => 'a_big_secret', - } - class { '::manila::keystone::auth': - password => 'a_big_secret', - password_v2 => 'a_big_secret', - } - class { '::manila::client': } - class { '::manila::compute::nova': } - class { '::manila::network::neutron': } - class { '::manila::volume::cinder': } - class { '::manila::api': - keystone_password => 'a_big_secret', - } - class { '::manila::scheduler': } - - # NFS-Ganesha backend. Currently this feature is only for RHEL systems - # because Debian/Ubuntu systems do not have nfs-ganesha package yet. - class { '::manila::ganesha': } - - # missing: backends, share, service_instance - EOS - - - # Run it twice and test for idempotency - apply_manifest(pp, :catch_failures => true) - apply_manifest(pp, :catch_changes => true) - end - - describe port(8786) do - it { is_expected.to be_listening.with('tcp') } - end - - end -end diff --git a/manila/spec/acceptance/manila_config_spec.rb b/manila/spec/acceptance/manila_config_spec.rb deleted file mode 100644 index d2c2ad4ce..000000000 --- a/manila/spec/acceptance/manila_config_spec.rb +++ /dev/null @@ -1,58 +0,0 @@ -require 'spec_helper_acceptance' - -describe 'basic manila_config resource' do - - context 'default parameters' do - - it 'should work with no errors' do - pp= <<-EOS - Exec { logoutput => 'on_failure' } - - File <||> -> Manila_config <||> - - file { '/etc/manila' : - ensure => directory, - } - file { '/etc/manila/manila.conf' : - ensure => file, - } - - manila_config { 'DEFAULT/thisshouldexist' : - value => 'foo', - } - - manila_config { 'DEFAULT/thisshouldnotexist' : - value => '', - } - - manila_config { 'DEFAULT/thisshouldexist2' : - value => '', - ensure_absent_val => 'toto', - } - - manila_config { 'DEFAULT/thisshouldnotexist2' : - value => 'toto', - ensure_absent_val => 'toto', - } - EOS - - - # Run it twice and test for idempotency - apply_manifest(pp, :catch_failures => true) - apply_manifest(pp, :catch_changes => true) - end - - describe file('/etc/manila/manila.conf') do - it { is_expected.to exist } - it { is_expected.to contain('thisshouldexist=foo') } - it { is_expected.to contain('thisshouldexist2=') } - - describe '#content' do - subject { super().content } - it { is_expected.to_not match /thisshouldnotexist/ } - end - end - - - end -end diff --git a/manila/spec/acceptance/nodesets/centos-70-x64.yml b/manila/spec/acceptance/nodesets/centos-70-x64.yml deleted file mode 100644 index 5f097e9fe..000000000 --- a/manila/spec/acceptance/nodesets/centos-70-x64.yml +++ /dev/null @@ -1,11 +0,0 @@ -HOSTS: - centos-server-70-x64: - roles: - - master - platform: el-7-x86_64 - box: puppetlabs/centos-7.0-64-nocm - box_url: https://vagrantcloud.com/puppetlabs/centos-7.0-64-nocm - hypervisor: vagrant -CONFIG: - log_level: debug - type: foss diff --git a/manila/spec/acceptance/nodesets/default.yml b/manila/spec/acceptance/nodesets/default.yml deleted file mode 100644 index 486b6a34e..000000000 --- a/manila/spec/acceptance/nodesets/default.yml +++ /dev/null @@ -1,10 +0,0 @@ -HOSTS: - ubuntu-server-14.04-amd64: - roles: - - master - platform: ubuntu-14.04-amd64 - box: puppetlabs/ubuntu-14.04-64-nocm - box_url: https://vagrantcloud.com/puppetlabs/ubuntu-14.04-64-nocm - hypervisor: vagrant -CONFIG: - type: foss diff --git a/manila/spec/acceptance/nodesets/nodepool-centos7.yml b/manila/spec/acceptance/nodesets/nodepool-centos7.yml deleted file mode 100644 index c55287420..000000000 --- a/manila/spec/acceptance/nodesets/nodepool-centos7.yml +++ /dev/null @@ -1,10 +0,0 @@ -HOSTS: - centos-70-x64: - roles: - - master - platform: el-7-x86_64 - hypervisor: none - ip: 127.0.0.1 -CONFIG: - type: foss - set_env: false diff --git a/manila/spec/acceptance/nodesets/nodepool-trusty.yml b/manila/spec/acceptance/nodesets/nodepool-trusty.yml deleted file mode 100644 index 9fc624e24..000000000 --- a/manila/spec/acceptance/nodesets/nodepool-trusty.yml +++ /dev/null @@ -1,10 +0,0 @@ -HOSTS: - ubuntu-14.04-amd64: - roles: - - master - platform: ubuntu-14.04-amd64 - hypervisor: none - ip: 127.0.0.1 -CONFIG: - type: foss - set_env: false diff --git a/manila/spec/acceptance/nodesets/ubuntu-server-1404-x64.yml b/manila/spec/acceptance/nodesets/ubuntu-server-1404-x64.yml deleted file mode 100644 index 8001929b2..000000000 --- a/manila/spec/acceptance/nodesets/ubuntu-server-1404-x64.yml +++ /dev/null @@ -1,11 +0,0 @@ -HOSTS: - ubuntu-server-14.04-amd64: - roles: - - master - platform: ubuntu-14.04-amd64 - box: puppetlabs/ubuntu-14.04-64-nocm - box_url: https://vagrantcloud.com/puppetlabs/ubuntu-14.04-64-nocm - hypervisor: vagrant -CONFIG: - log_level: debug - type: foss diff --git a/manila/spec/classes/manila_api_spec.rb b/manila/spec/classes/manila_api_spec.rb deleted file mode 100644 index d0c19529f..000000000 --- a/manila/spec/classes/manila_api_spec.rb +++ /dev/null @@ -1,145 +0,0 @@ -require 'spec_helper' - -describe 'manila::api' do - - let :req_params do - {:keystone_password => 'foo'} - end - let :facts do - @default_facts.merge({:osfamily => 'Debian'}) - end - - describe 'with only required params' do - let :params do - req_params - end - - it { is_expected.to contain_service('manila-api').with( - 'hasstatus' => true, - 'ensure' => 'running', - 'tag' => 'manila-service', - )} - - it 'should configure manila api correctly' do - is_expected.to contain_manila_config('DEFAULT/auth_strategy').with(:value => 'keystone') - is_expected.to contain_manila_config('DEFAULT/osapi_share_listen').with(:value => '0.0.0.0') - is_expected.to contain_manila_api_paste_ini('filter:authtoken/service_protocol').with(:value => 'http') - is_expected.to contain_manila_api_paste_ini('filter:authtoken/service_host').with(:value => 'localhost') - is_expected.to contain_manila_api_paste_ini('filter:authtoken/service_port').with(:value => '5000') - is_expected.to contain_manila_api_paste_ini('filter:authtoken/auth_protocol').with(:value => 'http') - is_expected.to contain_manila_api_paste_ini('filter:authtoken/auth_host').with(:value => 'localhost') - is_expected.to contain_manila_api_paste_ini('filter:authtoken/auth_port').with(:value => '35357') - is_expected.to contain_manila_api_paste_ini('filter:authtoken/auth_admin_prefix').with(:ensure => 'absent') - is_expected.to contain_manila_api_paste_ini('filter:authtoken/admin_tenant_name').with(:value => 'services') - is_expected.to contain_manila_api_paste_ini('filter:authtoken/admin_user').with(:value => 'manila') - is_expected.to contain_manila_api_paste_ini('filter:authtoken/admin_password').with( - :value => 'foo', - :secret => true - ) - is_expected.to contain_manila_api_paste_ini('filter:authtoken/auth_uri').with(:value => 'http://localhost:5000/') - - is_expected.to_not contain_manila_config('DEFAULT/os_region_name') - end - end - - describe 'with a custom region for nova' do - let :params do - req_params.merge({'os_region_name' => 'MyRegion'}) - end - it 'should configure the region for nova' do - is_expected.to contain_manila_config('DEFAULT/os_region_name').with( - :value => 'MyRegion' - ) - end - end - - describe 'with custom auth_uri' do - let :params do - req_params.merge({'keystone_auth_uri' => 'http://foo.bar:8080/v2.0/'}) - end - it 'should configure manila auth_uri correctly' do - is_expected.to contain_manila_api_paste_ini('filter:authtoken/auth_uri').with( - :value => 'http://foo.bar:8080/v2.0/' - ) - end - end - - describe 'with only required params' do - let :params do - req_params.merge({'bind_host' => '192.168.1.3'}) - end - it 'should configure manila api correctly' do - is_expected.to contain_manila_config('DEFAULT/osapi_share_listen').with( - :value => '192.168.1.3' - ) - end - end - - [ '/keystone', '/keystone/admin' ].each do |keystone_auth_admin_prefix| - describe "with keystone_auth_admin_prefix containing correct value #{keystone_auth_admin_prefix}" do - let :params do - { - :keystone_auth_admin_prefix => keystone_auth_admin_prefix, - :keystone_password => 'dummy' - } - end - - it { is_expected.to contain_manila_api_paste_ini('filter:authtoken/auth_admin_prefix').with( - :value => keystone_auth_admin_prefix - )} - end - end - - [ - '/keystone/', - 'keystone/', - 'keystone', - '/keystone/admin/', - 'keystone/admin/', - 'keystone/admin' - ].each do |keystone_auth_admin_prefix| - describe "with keystone_auth_admin_prefix containing incorrect value #{keystone_auth_admin_prefix}" do - let :params do - { - :keystone_auth_admin_prefix => keystone_auth_admin_prefix, - :keystone_password => 'dummy' - } - end - - it { expect { is_expected.to contain_manila_api_paste_ini('filter:authtoken/auth_admin_prefix') }.to \ - raise_error(Puppet::Error, /validate_re\(\): "#{keystone_auth_admin_prefix}" does not match/) } - end - end - - describe 'with enabled false' do - let :params do - req_params.merge({'enabled' => false}) - end - it 'should stop the service' do - is_expected.to contain_service('manila-api').with_ensure('stopped') - end - it 'should contain db_sync exec' do - is_expected.to_not contain_exec('manila-manage db_sync') - end - end - - describe 'with manage_service false' do - let :params do - req_params.merge({'manage_service' => false}) - end - it 'should not change the state of the service' do - is_expected.to contain_service('manila-api').without_ensure - end - end - - describe 'with ratelimits' do - let :params do - req_params.merge({ :ratelimits => '(GET, "*", .*, 100, MINUTE);(POST, "*", .*, 200, MINUTE)' }) - end - - it { is_expected.to contain_manila_api_paste_ini('filter:ratelimit/limits').with( - :value => '(GET, "*", .*, 100, MINUTE);(POST, "*", .*, 200, MINUTE)' - )} - end - -end diff --git a/manila/spec/classes/manila_backends_spec.rb b/manila/spec/classes/manila_backends_spec.rb deleted file mode 100644 index 0e5310f3a..000000000 --- a/manila/spec/classes/manila_backends_spec.rb +++ /dev/null @@ -1,69 +0,0 @@ -# -# Copyright (C) 2014 eNovance SAS -# -# Author: Emilien Macchi -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. You may obtain -# a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the -# License for the specific language governing permissions and limitations -# under the License. -# -# Unit tests for manila::backends class -# - -require 'spec_helper' - -describe 'manila::backends' do - - let :default_params do - {} - end - - let :params do - {} - end - - shared_examples_for 'manila backends' do - - let :p do - default_params.merge(params) - end - - context 'configure manila with default parameters' do - before :each do - params.merge!( - :enabled_share_backends => ['lowcost', 'regular', 'premium'] - ) - end - - it 'configures manila.conf with default params' do - is_expected.to contain_manila_config('DEFAULT/enabled_share_backends').with_value(p[:enabled_share_backends].join(',')) - end - end - - end - - context 'on Debian platforms' do - let :facts do - @default_facts.merge({ :osfamily => 'Debian' }) - end - - it_configures 'manila backends' - end - - context 'on RedHat platforms' do - let :facts do - @default_facts.merge({ :osfamily => 'RedHat' }) - end - - it_configures 'manila backends' - end - -end diff --git a/manila/spec/classes/manila_client_spec.rb b/manila/spec/classes/manila_client_spec.rb deleted file mode 100644 index e5d0a223b..000000000 --- a/manila/spec/classes/manila_client_spec.rb +++ /dev/null @@ -1,14 +0,0 @@ -require 'spec_helper' - -describe 'manila::client' do - it { is_expected.to contain_package('python-manilaclient').with_ensure('present') } - let :facts do - @default_facts.merge({:osfamily => 'Debian'}) - end - context 'with params' do - let :params do - {:package_ensure => 'latest'} - end - it { is_expected.to contain_package('python-manilaclient').with_ensure('latest') } - end -end diff --git a/manila/spec/classes/manila_db_mysql_spec.rb b/manila/spec/classes/manila_db_mysql_spec.rb deleted file mode 100644 index c4eeb43be..000000000 --- a/manila/spec/classes/manila_db_mysql_spec.rb +++ /dev/null @@ -1,58 +0,0 @@ -require 'spec_helper' - -describe 'manila::db::mysql' do - - let :req_params do - {:password => 'pw', - } - end - - let :facts do - @default_facts.merge({:osfamily => 'Debian'}) - end - - let :pre_condition do - 'include mysql::server' - end - - describe 'with only required params' do - let :params do - req_params - end - it { is_expected.to contain_openstacklib__db__mysql('manila').with( - :user => 'manila', - :password_hash => '*D821809F681A40A6E379B50D0463EFAE20BDD122', - :host => '127.0.0.1', - :charset => 'utf8', - :collate => 'utf8_general_ci', - ) } - end - describe "overriding allowed_hosts param to array" do - let :params do - { - :password => 'manilapass', - :allowed_hosts => ['127.0.0.1','%'] - } - end - - end - describe "overriding allowed_hosts param to string" do - let :params do - { - :password => 'manilapass2', - :allowed_hosts => '192.168.1.1' - } - end - - end - - describe "overriding allowed_hosts param equals to host param " do - let :params do - { - :password => 'manilapass2', - :allowed_hosts => '127.0.0.1' - } - end - - end -end diff --git a/manila/spec/classes/manila_db_postgresql_spec.rb b/manila/spec/classes/manila_db_postgresql_spec.rb deleted file mode 100644 index 5bdb3091a..000000000 --- a/manila/spec/classes/manila_db_postgresql_spec.rb +++ /dev/null @@ -1,58 +0,0 @@ -require 'spec_helper' - -describe 'manila::db::postgresql' do - - let :req_params do - { :password => 'pw' } - end - - let :pre_condition do - 'include postgresql::server' - end - - context 'on a RedHat osfamily' do - let :facts do - @default_facts.merge({ - :osfamily => 'RedHat', - :operatingsystemrelease => '7.0', - :concat_basedir => '/var/lib/puppet/concat' - }) - end - - context 'with only required parameters' do - let :params do - req_params - end - - it { is_expected.to contain_postgresql__server__db('manila').with( - :user => 'manila', - :password => 'md5b15a47e3dd847f86827b328466426faf' - )} - end - - end - - context 'on a Debian osfamily' do - let :facts do - @default_facts.merge({ - :operatingsystemrelease => '7.8', - :operatingsystem => 'Debian', - :osfamily => 'Debian', - :concat_basedir => '/var/lib/puppet/concat' - }) - end - - context 'with only required parameters' do - let :params do - req_params - end - - it { is_expected.to contain_postgresql__server__db('manila').with( - :user => 'manila', - :password => 'md5b15a47e3dd847f86827b328466426faf' - )} - end - - end - -end diff --git a/manila/spec/classes/manila_db_spec.rb b/manila/spec/classes/manila_db_spec.rb deleted file mode 100644 index d9a1bad8f..000000000 --- a/manila/spec/classes/manila_db_spec.rb +++ /dev/null @@ -1,114 +0,0 @@ -require 'spec_helper' - -describe 'manila::db' do - - shared_examples 'manila::db' do - - context 'with default parameters' do - - it { is_expected.to contain_manila_config('database/connection').with_value('sqlite:////var/lib/manila/manila.sqlite').with_secret(true) } - it { is_expected.to contain_manila_config('database/idle_timeout').with_value('') } - it { is_expected.to contain_manila_config('database/min_pool_size').with_value('') } - it { is_expected.to contain_manila_config('database/max_pool_size').with_value('') } - it { is_expected.to contain_manila_config('database/max_overflow').with_value('') } - it { is_expected.to contain_manila_config('database/max_retries').with_value('') } - it { is_expected.to contain_manila_config('database/retry_interval').with_value('') } - - end - - context 'with specific parameters' do - let :params do - { :database_connection => 'mysql+pymysql://manila:manila@localhost/manila', - :database_idle_timeout => '3601', - :database_min_pool_size => '2', - :database_max_pool_size => '21', - :database_max_retries => '11', - :database_max_overflow => '21', - :database_retry_interval => '11', } - end - - it { is_expected.to contain_manila_config('database/connection').with_value('mysql+pymysql://manila:manila@localhost/manila').with_secret(true) } - it { is_expected.to contain_manila_config('database/idle_timeout').with_value('3601') } - it { is_expected.to contain_manila_config('database/min_pool_size').with_value('2') } - it { is_expected.to contain_manila_config('database/max_retries').with_value('11') } - it { is_expected.to contain_manila_config('database/max_pool_size').with_value('21') } - it { is_expected.to contain_manila_config('database/max_overflow').with_value('21') } - it { is_expected.to contain_manila_config('database/retry_interval').with_value('11') } - - end - - context 'with MySQL-python library as backend package' do - let :params do - { :database_connection => 'mysql://manila:manila@localhost/manila' } - end - - it { is_expected.to contain_manila_config('database/connection').with_value('mysql://manila:manila@localhost/manila').with_secret(true) } - end - - context 'with postgresql backend' do - let :params do - { :database_connection => 'postgresql://manila:manila@localhost/manila', } - end - - it 'install the proper backend package' do - is_expected.to contain_package('python-psycopg2').with(:ensure => 'present') - end - - end - - context 'with incorrect database_connection string' do - let :params do - { :database_connection => 'redis://manila:manila@localhost/manila', } - end - - it_raises 'a Puppet::Error', /validate_re/ - end - - context 'with incorrect database_connection string' do - let :params do - { :database_connection => 'foo+pymysql://manila:manila@localhost/manila', } - end - - it_raises 'a Puppet::Error', /validate_re/ - end - - end - - context 'on Debian platforms' do - let :facts do - @default_facts.merge({ :osfamily => 'Debian', - :operatingsystem => 'Debian', - :operatingsystemrelease => 'jessie', - }) - end - - it_configures 'manila::db' - - context 'using pymysql driver' do - let :params do - { :database_connection => 'mysql+pymysql://manila:manila@localhost/manila' } - end - - it { is_expected.to contain_package('manila-backend-package').with({ :ensure => 'present', :name => 'python-pymysql' }) } - end - end - - context 'on Redhat platforms' do - let :facts do - @default_facts.merge({ :osfamily => 'RedHat', - :operatingsystemrelease => '7.1', - }) - end - - it_configures 'manila::db' - - context 'using pymysql driver' do - let :params do - { :database_connection => 'mysql+pymysql://manila:manila@localhost/manila' } - end - - it { is_expected.not_to contain_package('manila-backend-package') } - end - end - -end diff --git a/manila/spec/classes/manila_db_sync_spec.rb b/manila/spec/classes/manila_db_sync_spec.rb deleted file mode 100644 index 36790f816..000000000 --- a/manila/spec/classes/manila_db_sync_spec.rb +++ /dev/null @@ -1,16 +0,0 @@ -require 'spec_helper' - -describe 'manila::db::sync' do - - let :facts do - @default_facts.merge({:osfamily => 'Debian'}) - end - it { is_expected.to contain_exec('manila-manage db_sync').with( - :command => 'manila-manage db sync', - :path => '/usr/bin', - :user => 'manila', - :refreshonly => true, - :logoutput => 'on_failure' - ) } - -end diff --git a/manila/spec/classes/manila_ganesha_spec.rb b/manila/spec/classes/manila_ganesha_spec.rb deleted file mode 100644 index 6d5c29448..000000000 --- a/manila/spec/classes/manila_ganesha_spec.rb +++ /dev/null @@ -1,35 +0,0 @@ -require 'spec_helper' - -describe 'manila::ganesha' do - - shared_examples_for 'manila NFS Ganesha options for share drivers' do - let :params do - { - :ganesha_config_dir => '/etc/ganesha', - :ganesha_config_path => '/etc/ganesha/ganesha.conf', - :ganesha_service_name => 'ganesha.nfsd', - :ganesha_db_path => '$state_path/manila-ganesha.db', - :ganesha_export_dir => '/etc/ganesha/export.d', - :ganesha_export_template_dir => '/etc/manila/ganesha-export-templ.d', - } - end - - it 'Adds NFS Ganesha options to the share drivers' do - params.each_pair do |config,value| - is_expected.to contain_manila_config("DEFAULT/#{config}").with_value(value) - end - end - - it { is_expected.to contain_package('nfs-ganesha').with( - :name => 'nfs-ganesha', - :ensure => 'present', - ) } - - context 'on Red Hat platforms' do - let :facts do - @default_facts.merge({:osfamily => 'RedHat'}) - end - it_configures 'manila NFS Ganesha options for share drivers' - end - end -end diff --git a/manila/spec/classes/manila_keystone_auth_spec.rb b/manila/spec/classes/manila_keystone_auth_spec.rb deleted file mode 100644 index 2027e54c3..000000000 --- a/manila/spec/classes/manila_keystone_auth_spec.rb +++ /dev/null @@ -1,118 +0,0 @@ -require 'spec_helper' - -describe 'manila::keystone::auth' do - - let :params do - {:password => 'pw', - :password_v2 => 'pw2'} - end - - describe 'with only required params' do - - it 'should contain auth info' do - - is_expected.to contain_keystone_user('manila').with( - :ensure => 'present', - :password => 'pw', - :email => 'manila@localhost', - ) - is_expected.to contain_keystone_user_role('manila@services').with( - :ensure => 'present', - :roles => ['admin'] - ) - is_expected.to contain_keystone_service('manila::share').with( - :ensure => 'present', - :description => 'Manila Service' - ) - - is_expected.to contain_keystone_user('manilav2').with( - :ensure => 'present', - :password => 'pw2', - :email => 'manilav2@localhost', - ) - is_expected.to contain_keystone_user_role('manilav2@services').with( - :ensure => 'present', - :roles => ['admin'] - ) - is_expected.to contain_keystone_service('manilav2::sharev2').with( - :ensure => 'present', - :description => 'Manila Service v2' - ) - - end - it { is_expected.to contain_keystone_endpoint('RegionOne/manila::share').with( - :ensure => 'present', - :public_url => 'http://127.0.0.1:8786/v1/%(tenant_id)s', - :admin_url => 'http://127.0.0.1:8786/v1/%(tenant_id)s', - :internal_url => 'http://127.0.0.1:8786/v1/%(tenant_id)s' - ) } - it { is_expected.to contain_keystone_endpoint('RegionOne/manilav2::sharev2').with( - :ensure => 'present', - :public_url => 'http://127.0.0.1:8786/v2/%(tenant_id)s', - :admin_url => 'http://127.0.0.1:8786/v2/%(tenant_id)s', - :internal_url => 'http://127.0.0.1:8786/v2/%(tenant_id)s' - ) } - - end - - context 'when overriding endpoint parameters' do - before do - params.merge!( - :region => 'RegionThree', - :public_url => 'https://10.0.42.1:4242/v42/%(tenant_id)s', - :admin_url => 'https://10.0.42.2:4242/v42/%(tenant_id)s', - :internal_url => 'https://10.0.42.3:4242/v42/%(tenant_id)s', - :public_url_v2 => 'https://10.0.42.1:4242/v43/%(tenant_id)s', - :admin_url_v2 => 'https://10.0.42.2:4242/v43/%(tenant_id)s', - :internal_url_v2 => 'https://10.0.42.3:4242/v43/%(tenant_id)s' - ) - end - - it { is_expected.to contain_keystone_endpoint('RegionThree/manila::share').with( - :ensure => 'present', - :public_url => 'https://10.0.42.1:4242/v42/%(tenant_id)s', - :admin_url => 'https://10.0.42.2:4242/v42/%(tenant_id)s', - :internal_url => 'https://10.0.42.3:4242/v42/%(tenant_id)s' - )} - it { is_expected.to contain_keystone_endpoint('RegionThree/manilav2::sharev2').with( - :ensure => 'present', - :public_url => 'https://10.0.42.1:4242/v43/%(tenant_id)s', - :admin_url => 'https://10.0.42.2:4242/v43/%(tenant_id)s', - :internal_url => 'https://10.0.42.3:4242/v43/%(tenant_id)s' - )} - end - - context 'when deprecated endpoint parameters' do - before do - params.merge!( - :public_address => '10.0.42.1', - :admin_address => '10.0.42.2', - :internal_address => '10.0.42.3', - :region => 'RegionThree', - :port => '4242', - :admin_protocol => 'https', - :internal_protocol => 'https', - :public_protocol => 'https', - :share_version => 'v42' - ) - end - - it { is_expected.to contain_keystone_endpoint('RegionThree/manila::share').with( - :ensure => 'present', - :public_url => 'https://10.0.42.1:4242/v42/%(tenant_id)s', - :admin_url => 'https://10.0.42.2:4242/v42/%(tenant_id)s', - :internal_url => 'https://10.0.42.3:4242/v42/%(tenant_id)s' - )} - end - - describe 'when endpoint should not be configured' do - before do - params.merge!( - :configure_endpoint => false, - :configure_endpoint_v2 => false - ) - end - it { is_expected.to_not contain_keystone_endpoint('RegionOne/manila::share') } - it { is_expected.to_not contain_keystone_endpoint('RegionOne/manilav2::sharev2') } - end -end diff --git a/manila/spec/classes/manila_logging_spec.rb b/manila/spec/classes/manila_logging_spec.rb deleted file mode 100644 index a0102e4ee..000000000 --- a/manila/spec/classes/manila_logging_spec.rb +++ /dev/null @@ -1,143 +0,0 @@ -require 'spec_helper' - -describe 'manila::logging' do - - let :params do - { - } - end - - let :log_params do - { - :logging_context_format_string => '%(asctime)s.%(msecs)03d %(process)d %(levelname)s %(name)s [%(request_id)s %(user_identity)s] %(instance)s%(message)s', - :logging_default_format_string => '%(asctime)s.%(msecs)03d %(process)d %(levelname)s %(name)s [-] %(instance)s%(message)s', - :logging_debug_format_suffix => '%(funcName)s %(pathname)s:%(lineno)d', - :logging_exception_prefix => '%(asctime)s.%(msecs)03d %(process)d TRACE %(name)s %(instance)s', - :log_config_append => '/etc/manila/logging.conf', - :publish_errors => true, - :default_log_levels => { - 'amqp' => 'WARN', 'amqplib' => 'WARN', 'boto' => 'WARN', - 'qpid' => 'WARN', 'sqlalchemy' => 'WARN', 'suds' => 'INFO', - 'iso8601' => 'WARN', - 'requests.packages.urllib3.connectionpool' => 'WARN' }, - :fatal_deprecations => true, - :instance_format => '[instance: %(uuid)s] ', - :instance_uuid_format => '[instance: %(uuid)s] ', - :log_date_format => '%Y-%m-%d %H:%M:%S', - :use_syslog => true, - :use_stderr => false, - :log_facility => 'LOG_FOO', - :log_dir => '/var/log', - :verbose => true, - :debug => true, - } - end - - shared_examples_for 'manila-logging' do - - context 'with basic logging options and default settings' do - it_configures 'basic default logging settings' - end - - context 'with basic logging options and non-default settings' do - before { params.merge!( log_params ) } - it_configures 'basic non-default logging settings' - end - - context 'with extended logging options' do - before { params.merge!( log_params ) } - it_configures 'logging params set' - end - - context 'without extended logging options' do - it_configures 'logging params unset' - end - - end - - shared_examples 'basic default logging settings' do - it 'configures manila logging settings with default values' do - is_expected.to contain_manila_config('DEFAULT/use_syslog').with(:value => '') - is_expected.to contain_manila_config('DEFAULT/use_stderr').with(:value => '') - is_expected.to contain_manila_config('DEFAULT/log_dir').with(:value => '/var/log/manila') - is_expected.to contain_manila_config('DEFAULT/verbose').with(:value => '') - is_expected.to contain_manila_config('DEFAULT/debug').with(:value => '') - end - end - - shared_examples 'basic non-default logging settings' do - it 'configures manila logging settings with non-default values' do - is_expected.to contain_manila_config('DEFAULT/use_syslog').with(:value => 'true') - is_expected.to contain_manila_config('DEFAULT/use_stderr').with(:value => 'false') - is_expected.to contain_manila_config('DEFAULT/syslog_log_facility').with(:value => 'LOG_FOO') - is_expected.to contain_manila_config('DEFAULT/log_dir').with(:value => '/var/log') - is_expected.to contain_manila_config('DEFAULT/verbose').with(:value => 'true') - is_expected.to contain_manila_config('DEFAULT/debug').with(:value => 'true') - end - end - - shared_examples_for 'logging params set' do - it 'enables logging params' do - is_expected.to contain_manila_config('DEFAULT/logging_context_format_string').with_value( - '%(asctime)s.%(msecs)03d %(process)d %(levelname)s %(name)s [%(request_id)s %(user_identity)s] %(instance)s%(message)s') - - is_expected.to contain_manila_config('DEFAULT/logging_default_format_string').with_value( - '%(asctime)s.%(msecs)03d %(process)d %(levelname)s %(name)s [-] %(instance)s%(message)s') - - is_expected.to contain_manila_config('DEFAULT/logging_debug_format_suffix').with_value( - '%(funcName)s %(pathname)s:%(lineno)d') - - is_expected.to contain_manila_config('DEFAULT/logging_exception_prefix').with_value( - '%(asctime)s.%(msecs)03d %(process)d TRACE %(name)s %(instance)s') - - is_expected.to contain_manila_config('DEFAULT/log_config_append').with_value( - '/etc/manila/logging.conf') - is_expected.to contain_manila_config('DEFAULT/publish_errors').with_value( - true) - - is_expected.to contain_manila_config('DEFAULT/default_log_levels').with_value( - 'amqp=WARN,amqplib=WARN,boto=WARN,iso8601=WARN,qpid=WARN,requests.packages.urllib3.connectionpool=WARN,sqlalchemy=WARN,suds=INFO') - - is_expected.to contain_manila_config('DEFAULT/fatal_deprecations').with_value( - true) - - is_expected.to contain_manila_config('DEFAULT/instance_format').with_value( - '[instance: %(uuid)s] ') - - is_expected.to contain_manila_config('DEFAULT/instance_uuid_format').with_value( - '[instance: %(uuid)s] ') - - is_expected.to contain_manila_config('DEFAULT/log_date_format').with_value( - '%Y-%m-%d %H:%M:%S') - end - end - - - shared_examples_for 'logging params unset' do - [ :logging_context_format_string, :logging_default_format_string, - :logging_debug_format_suffix, :logging_exception_prefix, - :log_config_append, :publish_errors, - :default_log_levels, :fatal_deprecations, - :instance_format, :instance_uuid_format, - :log_date_format, ].each { |param| - it { is_expected.to contain_manila_config("DEFAULT/#{param}").with_value('') } - } - end - - context 'on Debian platforms' do - let :facts do - @default_facts.merge({ :osfamily => 'Debian' }) - end - - it_configures 'manila-logging' - end - - context 'on RedHat platforms' do - let :facts do - @default_facts.merge({ :osfamily => 'RedHat' }) - end - - it_configures 'manila-logging' - end - -end diff --git a/manila/spec/classes/manila_network_neutron_spec.rb b/manila/spec/classes/manila_network_neutron_spec.rb deleted file mode 100644 index 727b74daf..000000000 --- a/manila/spec/classes/manila_network_neutron_spec.rb +++ /dev/null @@ -1,55 +0,0 @@ -require 'spec_helper' - -describe 'manila::network::neutron' do - - let :params do - { - :neutron_admin_username => 'neutron', - :neutron_admin_password => 'password', - :neutron_admin_tenant_name => 'service', - :neutron_region_name => 'nova', - :neutron_ca_certificates_file => '/etc/neutron/ca-certificates', - } - end - - let :default_params do - { - :neutron_url => 'http://127.0.0.1:9696', - :neutron_url_timeout => 30, - :neutron_admin_tenant_name => 'service', - :neutron_admin_auth_url => 'http://localhost:5000/v2.0', - :neutron_api_insecure => false, - :neutron_auth_strategy => 'keystone', - } - end - - - shared_examples_for 'neutron network plugin' do - let :params_hash do - default_params.merge(params) - end - - it 'configures neutron network plugin' do - - is_expected.to contain_manila_config("DEFAULT/network_api_class").with_value( - 'manila.network.neutron.neutron_network_plugin.NeutronNetworkPlugin') - - params_hash.each_pair do |config,value| - is_expected.to contain_manila_config("DEFAULT/#{config}").with_value( value ) - end - end - end - - - context 'with default parameters' do - before do - params = {} - end - - it_configures 'neutron network plugin' - end - - context 'with provided parameters' do - it_configures 'neutron network plugin' - end -end diff --git a/manila/spec/classes/manila_params_spec.rb b/manila/spec/classes/manila_params_spec.rb deleted file mode 100644 index 28cc30d3d..000000000 --- a/manila/spec/classes/manila_params_spec.rb +++ /dev/null @@ -1,12 +0,0 @@ -require 'spec_helper' - -describe 'manila::params' do - - let :facts do - @default_facts.merge({:osfamily => 'Debian'}) - end - it 'should compile' do - subject - end - -end diff --git a/manila/spec/classes/manila_quota_spec.rb b/manila/spec/classes/manila_quota_spec.rb deleted file mode 100644 index 6801c0c31..000000000 --- a/manila/spec/classes/manila_quota_spec.rb +++ /dev/null @@ -1,60 +0,0 @@ -require 'spec_helper' - -describe 'manila::quota' do - - describe 'with default parameters' do - it 'contains default values' do - is_expected.to contain_manila_config('DEFAULT/quota_shares').with( - :value => 10) - is_expected.to contain_manila_config('DEFAULT/quota_snapshots').with( - :value => 10) - is_expected.to contain_manila_config('DEFAULT/quota_gigabytes').with( - :value => 1000) - is_expected.to contain_manila_config('DEFAULT/quota_driver').with( - :value => 'manila.quota.DbQuotaDriver') - is_expected.to contain_manila_config('DEFAULT/quota_snapshot_gigabytes').with( - :value => 1000) - is_expected.to contain_manila_config('DEFAULT/quota_share_networks').with( - :value => 10) - is_expected.to contain_manila_config('DEFAULT/reservation_expire').with( - :value => 86400) - is_expected.to contain_manila_config('DEFAULT/until_refresh').with( - :value => 0) - is_expected.to contain_manila_config('DEFAULT/max_age').with( - :value => 0) - end - end - - describe 'with overridden parameters' do - let :params do - { :quota_shares => 1000, - :quota_snapshots => 1000, - :quota_gigabytes => 100000, - :quota_snapshot_gigabytes => 10000, - :quota_share_networks => 100, - :reservation_expire => 864000, - :until_refresh => 10, - :max_age => 10,} - end - it 'contains overrided values' do - is_expected.to contain_manila_config('DEFAULT/quota_shares').with( - :value => 1000) - is_expected.to contain_manila_config('DEFAULT/quota_snapshots').with( - :value => 1000) - is_expected.to contain_manila_config('DEFAULT/quota_gigabytes').with( - :value => 100000) - is_expected.to contain_manila_config('DEFAULT/quota_driver').with( - :value => 'manila.quota.DbQuotaDriver') - is_expected.to contain_manila_config('DEFAULT/quota_snapshot_gigabytes').with( - :value => 10000) - is_expected.to contain_manila_config('DEFAULT/quota_share_networks').with( - :value => 100) - is_expected.to contain_manila_config('DEFAULT/reservation_expire').with( - :value => 864000) - is_expected.to contain_manila_config('DEFAULT/until_refresh').with( - :value => 10) - is_expected.to contain_manila_config('DEFAULT/max_age').with( - :value => 10) - end - end -end diff --git a/manila/spec/classes/manila_rabbitmq_spec.rb b/manila/spec/classes/manila_rabbitmq_spec.rb deleted file mode 100644 index c96b5f08e..000000000 --- a/manila/spec/classes/manila_rabbitmq_spec.rb +++ /dev/null @@ -1,69 +0,0 @@ -require 'spec_helper' - -describe 'manila::rabbitmq' do - - let :facts do - @default_facts.merge({ :puppetversion => '2.7', - :osfamily => 'Debian', - }) - end - - describe 'with defaults' do - - it 'should contain all of the default resources' do - - is_expected.to contain_rabbitmq_vhost('/').with( - :provider => 'rabbitmqctl' - ) - end - - end - - describe 'when a rabbitmq user is specified' do - - let :params do - { - :userid => 'dan', - :password => 'pass' - } - end - - it 'should contain user and permissions' do - - is_expected.to contain_rabbitmq_user('dan').with( - :admin => true, - :password => 'pass', - :provider => 'rabbitmqctl' - ) - - is_expected.to contain_rabbitmq_user_permissions('dan@/').with( - :configure_permission => '.*', - :write_permission => '.*', - :read_permission => '.*', - :provider => 'rabbitmqctl' - ) - - end - - end - - describe 'when disabled' do - let :params do - { - :userid => 'dan', - :password => 'pass', - :enabled => false - } - end - - it 'should be disabled' do - - is_expected.to_not contain_rabbitmq_user('dan') - is_expected.to_not contain_rabbitmq_user_permissions('dan@/') - is_expected.to_not contain_rabbitmq_vhost('/') - - end - end - - -end diff --git a/manila/spec/classes/manila_scheduler_spec.rb b/manila/spec/classes/manila_scheduler_spec.rb deleted file mode 100644 index d5cb523d6..000000000 --- a/manila/spec/classes/manila_scheduler_spec.rb +++ /dev/null @@ -1,84 +0,0 @@ -require 'spec_helper' - -describe 'manila::scheduler' do - - describe 'on debian platforms' do - - let :facts do - @default_facts.merge({ :osfamily => 'Debian' }) - end - - describe 'with default parameters' do - - it { is_expected.to contain_class('manila::params') } - - it { is_expected.to contain_package('manila-scheduler').with( - :name => 'manila-scheduler', - :ensure => 'present', - :before => ["Service[manila-scheduler]"], - :tag => ['openstack', 'manila-package'], - ) } - - it { is_expected.to contain_service('manila-scheduler').with( - :name => 'manila-scheduler', - :enable => true, - :ensure => 'running', - :require => 'Package[manila]', - :hasstatus => true, - :tag => 'manila-service', - ) } - end - - describe 'with parameters' do - - let :params do - { :scheduler_driver => 'manila.scheduler.filter_scheduler.FilterScheduler', - :package_ensure => 'present' - } - end - - it { is_expected.to contain_manila_config('DEFAULT/scheduler_driver').with_value('manila.scheduler.filter_scheduler.FilterScheduler') } - it { is_expected.to contain_package('manila-scheduler').with_ensure('present') } - end - - describe 'with manage_service false' do - let :params do - { 'manage_service' => false - } - end - it 'should not change the state of the service' do - is_expected.to contain_service('manila-scheduler').without_ensure - end - end - end - - - describe 'on rhel platforms' do - - let :facts do - @default_facts.merge({ :osfamily => 'RedHat' }) - end - - describe 'with default parameters' do - - it { is_expected.to contain_class('manila::params') } - - it { is_expected.to contain_service('manila-scheduler').with( - :name => 'openstack-manila-scheduler', - :enable => true, - :ensure => 'running', - :require => 'Package[manila]', - :tag => 'manila-service', - ) } - end - - describe 'with parameters' do - - let :params do - { :scheduler_driver => 'manila.scheduler.filter_scheduler.FilterScheduler' } - end - - it { is_expected.to contain_manila_config('DEFAULT/scheduler_driver').with_value('manila.scheduler.filter_scheduler.FilterScheduler') } - end - end -end diff --git a/manila/spec/classes/manila_share_generic_spec.rb b/manila/spec/classes/manila_share_generic_spec.rb deleted file mode 100644 index b1f54217f..000000000 --- a/manila/spec/classes/manila_share_generic_spec.rb +++ /dev/null @@ -1,35 +0,0 @@ -require 'spec_helper' - -describe 'manila::share::generic' do - - let :params do - { - :driver_handles_share_servers => true, - :smb_template_config_path => '$state_path/smb.conf', - :volume_name_template => 'manila-share-%s', - :volume_snapshot_name_template => 'manila-snapshot-%s', - :share_mount_path => '/shares', - :max_time_to_create_volume => 180, - :max_time_to_attach => 120, - :service_instance_smb_config_path => '$share_mount_path/smb.conf', - :share_volume_fstype => 'ext4', - :cinder_volume_type => 'gold', - :delete_share_server_with_last_share => 'True', - :unmanage_remove_access_rules => 'True', - :automatic_share_server_cleanup => 'False', - } - end - - describe 'generic share driver' do - it 'configures generic share driver' do - is_expected.to contain_manila_config('DEFAULT/share_driver').with_value( - 'manila.share.drivers.generic.GenericShareDriver') - is_expected.to contain_manila_config('DEFAULT/share_helpers').with_value( - 'CIFS=manila.share.drivers.generic.CIFSHelper,'\ - 'NFS=manila.share.drivers.generic.NFSHelper') - params.each_pair do |config,value| - is_expected.to contain_manila_config("DEFAULT/#{config}").with_value( value ) - end - end - end -end diff --git a/manila/spec/classes/manila_share_glusterfs_spec.rb b/manila/spec/classes/manila_share_glusterfs_spec.rb deleted file mode 100644 index 70d194d21..000000000 --- a/manila/spec/classes/manila_share_glusterfs_spec.rb +++ /dev/null @@ -1,40 +0,0 @@ -require 'spec_helper' - -describe 'manila::share::glusterfs' do - - shared_examples_for 'glusterfs share driver' do - let :params do - { - :glusterfs_volumes_config => '/etc/manila/glusterfs_volumes', - :glusterfs_mount_point_base => '$state_path/mnt', - } - end - - it 'configures glusterfs share driver' do - is_expected.to contain_manila_config('DEFAULT/share_driver').with_value( - 'manila.share.drivers.glusterfs.GlusterfsShareDriver') - is_expected.to contain_manila_config('DEFAULT/glusterfs_volumes_config').with_value( - '/etc/manila/glusterfs_volumes') - is_expected.to contain_manila_config('DEFAULT/glusterfs_mount_point_base').with_value( - '$state_path/mnt') - end - - end - - context 'on Debian platforms' do - let :facts do - @default_facts.merge({ :osfamily => 'Debian' }) - end - - it_configures 'glusterfs share driver' - end - - context 'on RedHat platforms' do - let :facts do - @default_facts.merge({ :osfamily => 'RedHat' }) - end - - it_configures 'glusterfs share driver' - end - -end diff --git a/manila/spec/classes/manila_share_netapp_spec.rb b/manila/spec/classes/manila_share_netapp_spec.rb deleted file mode 100644 index 17e89763f..000000000 --- a/manila/spec/classes/manila_share_netapp_spec.rb +++ /dev/null @@ -1,63 +0,0 @@ -require 'spec_helper' - -describe 'manila::share::netapp' do - - let :params do - { - :driver_handles_share_servers => true, - :netapp_login => 'netapp', - :netapp_password => 'password', - :netapp_server_hostname => '127.0.0.2', - :netapp_server_port => '443', - :netapp_vserver => 'manilasvm', - :netapp_root_volume_aggregate => 'aggr1', - :netapp_trace_flags => 'method,api', - } - end - - let :default_params do - { - :netapp_transport_type => 'http', - :netapp_storage_family => 'ontap_cluster', - :netapp_volume_name_template => 'share_%(share_id)s', - :netapp_vserver_name_template => 'os_%s', - :netapp_lif_name_template => 'os_%(net_allocation_id)s', - :netapp_aggregate_name_search_pattern => '(.*)', - :netapp_root_volume_name => 'root', - :netapp_port_name_search_pattern => '(.*)', - } - end - - - shared_examples_for 'netapp share driver' do - let :params_hash do - default_params.merge(params) - end - - it 'configures netapp share driver' do - is_expected.to contain_manila_config('DEFAULT/share_driver').with_value( - 'manila.share.drivers.netapp.common.NetAppDriver') - params_hash.each_pair do |config,value| - is_expected.to contain_manila_config("DEFAULT/#{config}").with_value( value ) - end - end - - it 'marks netapp_password as secret' do - is_expected.to contain_manila_config('DEFAULT/netapp_password').with_secret( true ) - end - end - - - context 'with default parameters' do - before do - params = {} - end - - it_configures 'netapp share driver' - end - - context 'with provided parameters' do - it_configures 'netapp share driver' - end - -end diff --git a/manila/spec/classes/manila_share_spec.rb b/manila/spec/classes/manila_share_spec.rb deleted file mode 100644 index fea08001b..000000000 --- a/manila/spec/classes/manila_share_spec.rb +++ /dev/null @@ -1,54 +0,0 @@ -require 'spec_helper' - -describe 'manila::share' do - - shared_examples_for 'manila-share' do - let :pre_condition do - 'class { "manila": rabbit_password => "fpp", sql_connection => "mysql://a:b@c/d" }' - end - - it { is_expected.to contain_package('manila-share').with( - :name => platform_params[:package_name], - :ensure => 'present', - :tag => ['openstack', 'manila-package'], - ) } - it { is_expected.to contain_service('manila-share').with( - 'hasstatus' => true, - 'tag' => 'manila-service', - )} - - describe 'with manage_service false' do - let :params do - { 'manage_service' => false } - end - it 'should not change the state of the service' do - is_expected.to contain_service('manila-share').without_ensure - end - end - end - - context 'on Debian platforms' do - let :facts do - @default_facts.merge({ :osfamily => 'Debian' }) - end - - let :platform_params do - { :package_name => 'manila-share' } - end - - it_configures 'manila-share' - end - - context 'on RedHat platforms' do - let :facts do - @default_facts.merge({ :osfamily => 'RedHat' }) - end - - let :platform_params do - { :package_name => 'openstack-manila-share' } - end - - it_configures 'manila-share' - end - -end diff --git a/manila/spec/classes/manila_spec.rb b/manila/spec/classes/manila_spec.rb deleted file mode 100644 index c0b567509..000000000 --- a/manila/spec/classes/manila_spec.rb +++ /dev/null @@ -1,322 +0,0 @@ -require 'spec_helper' -describe 'manila' do - let :req_params do - {:rabbit_password => 'guest', :sql_connection => 'mysql+pymysql://user:password@host/database'} - end - - let :facts do - @default_facts.merge({:osfamily => 'Debian'}) - end - - describe 'with only required params' do - let :params do - req_params - end - - it { is_expected.to contain_class('manila::logging') } - it { is_expected.to contain_class('manila::params') } - - it 'should contain default config' do - is_expected.to contain_manila_config('DEFAULT/rpc_backend').with( - :value => 'rabbit' - ) - is_expected.to contain_manila_config('DEFAULT/notification_driver').with( - :value => 'messaging' - ) - is_expected.to contain_manila_config('DEFAULT/control_exchange').with( - :value => 'openstack' - ) - is_expected.to contain_manila_config('oslo_messaging_rabbit/rabbit_password').with( - :value => 'guest', - :secret => true - ) - is_expected.to contain_manila_config('oslo_messaging_rabbit/rabbit_host').with( - :value => '127.0.0.1' - ) - is_expected.to contain_manila_config('oslo_messaging_rabbit/rabbit_port').with( - :value => '5672' - ) - is_expected.to contain_manila_config('oslo_messaging_rabbit/rabbit_hosts').with( - :value => '127.0.0.1:5672' - ) - is_expected.to contain_manila_config('oslo_messaging_rabbit/rabbit_ha_queues').with( - :value => false - ) - is_expected.to contain_manila_config('oslo_messaging_rabbit/rabbit_virtual_host').with( - :value => '/' - ) - is_expected.to contain_manila_config('oslo_messaging_rabbit/rabbit_userid').with( - :value => 'guest' - ) - is_expected.to contain_manila_config('DEFAULT/verbose').with( - :value => '' - ) - is_expected.to contain_manila_config('DEFAULT/debug').with( - :value => '' - ) - is_expected.to contain_manila_config('DEFAULT/storage_availability_zone').with( - :value => 'nova' - ) - is_expected.to contain_manila_config('DEFAULT/api_paste_config').with( - :value => '/etc/manila/api-paste.ini' - ) - is_expected.to contain_manila_config('DEFAULT/rootwrap_config').with( - :value => '/etc/manila/rootwrap.conf' - ) - is_expected.to contain_manila_config('DEFAULT/state_path').with( - :value => '/var/lib/manila' - ) - is_expected.to contain_manila_config('oslo_concurrency/lock_path').with( - :value => '/tmp/manila/manila_locks' - ) - is_expected.to contain_manila_config('DEFAULT/log_dir').with(:value => '/var/log/manila') - end - end - - describe 'with modified rabbit_hosts' do - let :params do - req_params.merge({'rabbit_hosts' => ['rabbit1:5672', 'rabbit2:5672']}) - end - - it 'should contain many' do - is_expected.to_not contain_manila_config('oslo_messaging_rabbit/rabbit_host') - is_expected.to_not contain_manila_config('oslo_messaging_rabbit/rabbit_port') - is_expected.to contain_manila_config('oslo_messaging_rabbit/rabbit_hosts').with( - :value => 'rabbit1:5672,rabbit2:5672' - ) - is_expected.to contain_manila_config('oslo_messaging_rabbit/rabbit_ha_queues').with( - :value => true - ) - end - end - - describe 'with a single rabbit_hosts entry' do - let :params do - req_params.merge({'rabbit_hosts' => ['rabbit1:5672']}) - end - - it 'should contain many' do - is_expected.to_not contain_manila_config('oslo_messaging_rabbit/rabbit_host') - is_expected.to_not contain_manila_config('oslo_messaging_rabbit/rabbit_port') - is_expected.to contain_manila_config('oslo_messaging_rabbit/rabbit_hosts').with( - :value => 'rabbit1:5672' - ) - is_expected.to contain_manila_config('oslo_messaging_rabbit/rabbit_ha_queues').with( - :value => false - ) - end - end - - describe 'a single rabbit_host with enable ha queues' do - let :params do - req_params.merge({'rabbit_ha_queues' => true}) - end - - it 'should contain rabbit_ha_queues' do - is_expected.to contain_manila_config('oslo_messaging_rabbit/rabbit_ha_queues').with( - :value => true - ) - end - end - - describe 'with SSL enabled' do - let :params do - req_params.merge!({ - :rabbit_use_ssl => true, - :kombu_ssl_ca_certs => '/path/to/ssl/ca/certs', - :kombu_ssl_certfile => '/path/to/ssl/cert/file', - :kombu_ssl_keyfile => '/path/to/ssl/keyfile', - :kombu_ssl_version => 'TLSv1' - }) - end - - it do - is_expected.to contain_manila_config('oslo_messaging_rabbit/rabbit_use_ssl').with_value(true) - is_expected.to contain_manila_config('oslo_messaging_rabbit/kombu_ssl_ca_certs').with_value('/path/to/ssl/ca/certs') - is_expected.to contain_manila_config('oslo_messaging_rabbit/kombu_ssl_certfile').with_value('/path/to/ssl/cert/file') - is_expected.to contain_manila_config('oslo_messaging_rabbit/kombu_ssl_keyfile').with_value('/path/to/ssl/keyfile') - is_expected.to contain_manila_config('oslo_messaging_rabbit/kombu_ssl_version').with_value('TLSv1') - end - end - - describe 'with SSL enabled without kombu' do - let :params do - req_params.merge!({ - :rabbit_use_ssl => true, - }) - end - - it do - is_expected.to contain_manila_config('oslo_messaging_rabbit/rabbit_use_ssl').with_value(true) - is_expected.to contain_manila_config('oslo_messaging_rabbit/kombu_ssl_ca_certs').with_ensure('absent') - is_expected.to contain_manila_config('oslo_messaging_rabbit/kombu_ssl_certfile').with_ensure('absent') - is_expected.to contain_manila_config('oslo_messaging_rabbit/kombu_ssl_keyfile').with_ensure('absent') - is_expected.to contain_manila_config('oslo_messaging_rabbit/kombu_ssl_version').with_value('TLSv1') - end - end - - describe 'with SSL disabled' do - let :params do - req_params.merge!({ - :rabbit_use_ssl => false, - :kombu_ssl_version => 'TLSv1' - }) - end - - it do - is_expected.to contain_manila_config('oslo_messaging_rabbit/rabbit_use_ssl').with_value(false) - is_expected.to contain_manila_config('oslo_messaging_rabbit/kombu_ssl_ca_certs').with_ensure('absent') - is_expected.to contain_manila_config('oslo_messaging_rabbit/kombu_ssl_certfile').with_ensure('absent') - is_expected.to contain_manila_config('oslo_messaging_rabbit/kombu_ssl_keyfile').with_ensure('absent') - is_expected.to contain_manila_config('oslo_messaging_rabbit/kombu_ssl_version').with_ensure('absent') - end - end - - describe 'with amqp_durable_queues disabled' do - let :params do - req_params - end - - it { is_expected.to contain_manila_config('oslo_messaging_rabbit/amqp_durable_queues').with_value(false) } - end - - describe 'with amqp_durable_queues enabled' do - let :params do - req_params.merge({ - :amqp_durable_queues => true, - }) - end - - it { is_expected.to contain_manila_config('oslo_messaging_rabbit/amqp_durable_queues').with_value(true) } - end - - describe 'with sqlite' do - let :params do - { - :sql_connection => 'sqlite:////var/lib/manila/manila.sqlite', - :rabbit_password => 'guest', - } - end - - it { is_expected.to_not contain_class('mysql::python') } - it { is_expected.to_not contain_class('mysql::bindings') } - it { is_expected.to_not contain_class('mysql::bindings::python') } - end - - describe 'with SSL socket options set' do - let :params do - { - :use_ssl => true, - :cert_file => '/path/to/cert', - :ca_file => '/path/to/ca', - :key_file => '/path/to/key', - :rabbit_password => 'guest', - } - end - - it { is_expected.to contain_manila_config('DEFAULT/ssl_ca_file').with_value('/path/to/ca') } - it { is_expected.to contain_manila_config('DEFAULT/ssl_cert_file').with_value('/path/to/cert') } - it { is_expected.to contain_manila_config('DEFAULT/ssl_key_file').with_value('/path/to/key') } - end - - describe 'with SSL socket options set to false' do - let :params do - { - :use_ssl => false, - :cert_file => false, - :ca_file => false, - :key_file => false, - :rabbit_password => 'guest', - } - end - - it { is_expected.to contain_manila_config('DEFAULT/ssl_ca_file').with_ensure('absent') } - it { is_expected.to contain_manila_config('DEFAULT/ssl_cert_file').with_ensure('absent') } - it { is_expected.to contain_manila_config('DEFAULT/ssl_key_file').with_ensure('absent') } - end - - describe 'with SSL socket options set wrongly configured' do - let :params do - { - :use_ssl => true, - :ca_file => '/path/to/ca', - :key_file => '/path/to/key', - :rabbit_password => 'guest', - } - end - - it_raises 'a Puppet::Error', /The cert_file parameter is required when use_ssl is set to true/ - end - - describe 'with amqp rpc supplied' do - - let :params do - { - :sql_connection => 'mysql+pymysql://user:password@host/database', - :rpc_backend => 'zmq', - } - end - - it { is_expected.to contain_manila_config('DEFAULT/rpc_backend').with_value('zmq') } - it { is_expected.to contain_manila_config('oslo_messaging_amqp/server_request_prefix').with_value('exclusive') } - it { is_expected.to contain_manila_config('oslo_messaging_amqp/broadcast_prefix').with_value('broadcast') } - it { is_expected.to contain_manila_config('oslo_messaging_amqp/group_request_prefix').with_value('unicast') } - it { is_expected.to contain_manila_config('oslo_messaging_amqp/container_name').with_value('guest') } - it { is_expected.to contain_manila_config('oslo_messaging_amqp/idle_timeout').with_value('0') } - it { is_expected.to contain_manila_config('oslo_messaging_amqp/trace').with_value(false) } - it { is_expected.to contain_manila_config('oslo_messaging_amqp/allow_insecure_clients').with_value(false) } - end - - describe 'with amqp SSL disable' do - let :params do - { - :rabbit_password => 'guest', - } - end - - it do - is_expected.to contain_manila_config('oslo_messaging_amqp/ssl_key_password').with_ensure('absent') - is_expected.to contain_manila_config('oslo_messaging_amqp/ssl_ca_file').with_ensure('absent') - is_expected.to contain_manila_config('oslo_messaging_amqp/ssl_cert_file').with_ensure('absent') - is_expected.to contain_manila_config('oslo_messaging_amqp/ssl_key_file').with_ensure('absent') - end - end - - describe 'with amqp SSL enabled' do - let :params do - { - :rabbit_password => 'guest', - :amqp_ssl_ca_file => '/path/to/ssl/ca/certs', - :amqp_ssl_cert_file => '/path/to/ssl/cert/file', - :amqp_ssl_key_file => '/path/to/ssl/keyfile', - :amqp_ssl_key_password => 'guest', - } - end - - it do - is_expected.to contain_manila_config('oslo_messaging_amqp/ssl_key_password').with_value('guest') - is_expected.to contain_manila_config('oslo_messaging_amqp/ssl_ca_file').with_value('/path/to/ssl/ca/certs') - is_expected.to contain_manila_config('oslo_messaging_amqp/ssl_cert_file').with_value('/path/to/ssl/cert/file') - is_expected.to contain_manila_config('oslo_messaging_amqp/ssl_key_file').with_value('/path/to/ssl/keyfile') - end - end - - describe 'with amqp SSL enabled without amqp_ssl_key_password' do - let :params do - { - :rabbit_password => 'guest', - :amqp_ssl_ca_file => '/path/to/ssl/ca/certs', - :amqp_ssl_cert_file => '/path/to/ssl/cert/file', - :amqp_ssl_key_file => '/path/to/ssl/keyfile', - } - end - - it do - is_expected.to contain_manila_config('oslo_messaging_amqp/ssl_key_password').with_ensure('absent') - is_expected.to contain_manila_config('oslo_messaging_amqp/ssl_ca_file').with_value('/path/to/ssl/ca/certs') - is_expected.to contain_manila_config('oslo_messaging_amqp/ssl_cert_file').with_value('/path/to/ssl/cert/file') - is_expected.to contain_manila_config('oslo_messaging_amqp/ssl_key_file').with_value('/path/to/ssl/keyfile') - end - end - -end diff --git a/manila/spec/defines/manila_backend_generic_spec.rb b/manila/spec/defines/manila_backend_generic_spec.rb deleted file mode 100644 index e404db736..000000000 --- a/manila/spec/defines/manila_backend_generic_spec.rb +++ /dev/null @@ -1,37 +0,0 @@ -require 'spec_helper' - -describe 'manila::backend::generic' do - - let(:title) {'hippo'} - - let :params do - { - :driver_handles_share_servers => true, - :smb_template_config_path => '$state_path/smb.conf', - :volume_name_template => 'manila-share-%s', - :volume_snapshot_name_template => 'manila-snapshot-%s', - :share_mount_path => '/shares', - :max_time_to_create_volume => 180, - :max_time_to_attach => 120, - :service_instance_smb_config_path => '$share_mount_path/smb.conf', - :share_volume_fstype => 'ext4', - :cinder_volume_type => 'gold', - } - end - - describe 'generic share driver' do - - it 'configures generic share driver' do - is_expected.to contain_manila_config('hippo/share_backend_name').with( - :value => 'hippo') - is_expected.to contain_manila_config('hippo/share_driver').with_value( - 'manila.share.drivers.generic.GenericShareDriver') - is_expected.to contain_manila_config('hippo/share_helpers').with_value( - 'CIFS=manila.share.drivers.generic.CIFSHelper,'\ - 'NFS=manila.share.drivers.generic.NFSHelper') - params.each_pair do |config,value| - is_expected.to contain_manila_config("hippo/#{config}").with_value( value ) - end - end - end -end diff --git a/manila/spec/defines/manila_backend_glusterfs_spec.rb b/manila/spec/defines/manila_backend_glusterfs_spec.rb deleted file mode 100644 index 10d1f8bf5..000000000 --- a/manila/spec/defines/manila_backend_glusterfs_spec.rb +++ /dev/null @@ -1,43 +0,0 @@ -require 'spec_helper' - -describe 'manila::backend::glusterfs' do - - shared_examples_for 'glusterfs share driver' do - let(:title) {'mygluster'} - - let :params do - { - :glusterfs_volumes_config => '/etc/manila/glusterfs_volumes', - :glusterfs_mount_point_base => '$state_path/mnt', - } - end - - it 'configures glusterfs share driver' do - is_expected.to contain_manila_config('mygluster/share_backend_name').with_value( - 'mygluster') - is_expected.to contain_manila_config('mygluster/share_driver').with_value( - 'manila.share.drivers.glusterfs.GlusterfsShareDriver') - is_expected.to contain_manila_config('mygluster/glusterfs_volumes_config').with_value( - '/etc/manila/glusterfs_volumes') - is_expected.to contain_manila_config('mygluster/glusterfs_mount_point_base').with_value( - '$state_path/mnt') - end - end - - context 'on Debian platforms' do - let :facts do - @default_facts.merge({ :osfamily => 'Debian' }) - end - - it_configures 'glusterfs share driver' - end - - context 'on RedHat platforms' do - let :facts do - @default_facts.merge({ :osfamily => 'RedHat' }) - end - - it_configures 'glusterfs share driver' - end - -end diff --git a/manila/spec/defines/manila_backend_glusternative_spec.rb b/manila/spec/defines/manila_backend_glusternative_spec.rb deleted file mode 100644 index 982776340..000000000 --- a/manila/spec/defines/manila_backend_glusternative_spec.rb +++ /dev/null @@ -1,45 +0,0 @@ -require 'spec_helper' - -describe 'manila::backend::glusternative' do - - shared_examples_for 'glusternative volume driver' do - let(:title) {'fuse'} - - let :params do - { - :glusterfs_servers => 'remoteuser@volserver', - :glusterfs_native_path_to_private_key => '/etc/glusterfs/glusterfs.pem', - :glusterfs_volume_pattern => 'manila-share-volume-\d+$', - } - end - - describe 'glusternative share driver' do - it 'configures glusterfs fuse/native share driver' do - is_expected.to contain_manila_config('fuse/share_backend_name').with( - :value => 'fuse') - is_expected.to contain_manila_config('fuse/share_driver').with_value( - 'manila.share.drivers.glusterfs_native.GlusterfsNativeShareDriver') - params.each_pair do |config,value| - is_expected.to contain_manila_config("fuse/#{config}").with_value( value ) - end - end - end - end - - context 'on Debian platforms' do - let :facts do - @default_facts.merge({ :osfamily => 'Debian' }) - end - - it_configures 'glusternative volume driver' - end - - context 'on RedHat platforms' do - let :facts do - @default_facts.merge({ :osfamily => 'RedHat' }) - end - - it_configures 'glusternative volume driver' - end - -end diff --git a/manila/spec/defines/manila_backend_glusternfs_spec.rb b/manila/spec/defines/manila_backend_glusternfs_spec.rb deleted file mode 100644 index 8681e4eb3..000000000 --- a/manila/spec/defines/manila_backend_glusternfs_spec.rb +++ /dev/null @@ -1,47 +0,0 @@ -require 'spec_helper' - -describe 'manila::backend::glusternfs' do - - shared_examples_for 'glusternfs volume driver' do - let(:title) {'gnfs'} - - let :params do - { - :glusterfs_target => 'remoteuser@volserver:volid', - :glusterfs_mount_point_base => '$state_path/mnt', - :glusterfs_nfs_server_type => 'gluster', - :glusterfs_path_to_private_key => '/etc/glusterfs/glusterfs.pem', - :glusterfs_ganesha_server_ip => '127.0.0.1', - } - end - - describe 'glusternfs share driver' do - it 'configures gluster nfs/ganesha share driver' do - is_expected.to contain_manila_config('gnfs/share_backend_name').with( - :value => 'gnfs') - is_expected.to contain_manila_config('gnfs/share_driver').with_value( - 'manila.share.drivers.glusterfs.GlusterfsShareDriver') - params.each_pair do |config,value| - is_expected.to contain_manila_config("gnfs/#{config}").with_value( value ) - end - end - end - end - - context 'on Debian platforms' do - let :facts do - @default_facts.merge({ :osfamily => 'Debian' }) - end - - it_configures 'glusternfs volume driver' - end - - context 'on RedHat platforms' do - let :facts do - @default_facts.merge({ :osfamily => 'RedHat' }) - end - - it_configures 'glusternfs volume driver' - end - -end diff --git a/manila/spec/defines/manila_backend_netapp_spec.rb b/manila/spec/defines/manila_backend_netapp_spec.rb deleted file mode 100644 index d4dd5819b..000000000 --- a/manila/spec/defines/manila_backend_netapp_spec.rb +++ /dev/null @@ -1,74 +0,0 @@ -require 'spec_helper' - -describe 'manila::backend::netapp' do - - let(:title) {'mynetapp'} - - let :params do - { - :driver_handles_share_servers => true, - :netapp_login => 'netapp', - :netapp_password => 'password', - :netapp_server_hostname => '127.0.0.2', - :netapp_server_port => '443', - :netapp_vserver => 'manilasvm', - :netapp_root_volume_aggregate => 'aggr1', - :netapp_trace_flags => 'method,api', - } - end - - let :default_params do - { - :netapp_transport_type => 'http', - :netapp_storage_family => 'ontap_cluster', - :netapp_volume_name_template => 'share_%(share_id)s', - :netapp_vserver_name_template => 'os_%s', - :netapp_lif_name_template => 'os_%(net_allocation_id)s', - :netapp_aggregate_name_search_pattern => '(.*)', - :netapp_root_volume_name => 'root', - :netapp_port_name_search_pattern => '(.*)', - } - end - - shared_examples_for 'netapp share driver' do - let :params_hash do - default_params.merge(params) - end - - it 'configures netapp share driver' do - is_expected.to contain_manila_config("mynetapp/share_driver").with_value( - 'manila.share.drivers.netapp.common.NetAppDriver') - params_hash.each_pair do |config,value| - is_expected.to contain_manila_config("mynetapp/#{config}").with_value( value ) - end - end - - it 'marks netapp_password as secret' do - is_expected.to contain_manila_config("mynetapp/netapp_password").with_secret( true ) - end - end - - - context 'with default parameters' do - before do - params = {} - end - - it_configures 'netapp share driver' - end - - context 'with provided parameters' do - it_configures 'netapp share driver' - end - - context 'with share server config' do - before do - params.merge!({ - :netapp_password => true, - }) - end - - it { is_expected.to raise_error(Puppet::Error, /true is not a string. It looks to be a TrueClass/) } - end - -end diff --git a/manila/spec/defines/manila_network_neutron_single_network_spec.rb b/manila/spec/defines/manila_network_neutron_single_network_spec.rb deleted file mode 100644 index c57a0b0ed..000000000 --- a/manila/spec/defines/manila_network_neutron_single_network_spec.rb +++ /dev/null @@ -1,24 +0,0 @@ -require 'spec_helper' - -describe 'manila::network::neutron_single_network' do - let("title") {'neutronsingle'} - - let :params do - { - :neutron_net_id => 'abcdef', - :neutron_subnet_id => 'ghijkl', - } - end - - context 'with provided parameters' do - it 'configures neutron single network plugin' do - - is_expected.to contain_manila_config("neutronsingle/network_api_class").with_value( - 'manila.network.neutron.neutron_network_plugin.NeutronSingleNetworkPlugin') - - params.each_pair do |config,value| - is_expected.to contain_manila_config("neutronsingle/#{config}").with_value( value ) - end - end - end -end diff --git a/manila/spec/defines/manila_network_nova_network_spec.rb b/manila/spec/defines/manila_network_nova_network_spec.rb deleted file mode 100644 index 5d579eb21..000000000 --- a/manila/spec/defines/manila_network_nova_network_spec.rb +++ /dev/null @@ -1,14 +0,0 @@ -require 'spec_helper' - -describe 'manila::network::nova_network' do - let("title") {'novanet'} - - context 'with provided parameters' do - it 'configures nova network plugin' do - - is_expected.to contain_manila_config("novanet/network_api_class").with_value( - 'manila.network.nova_network_plugin.NovaNetworkPlugin') - - end - end -end diff --git a/manila/spec/defines/manila_network_nova_single_network_spec.rb b/manila/spec/defines/manila_network_nova_single_network_spec.rb deleted file mode 100644 index 785f99b25..000000000 --- a/manila/spec/defines/manila_network_nova_single_network_spec.rb +++ /dev/null @@ -1,23 +0,0 @@ -require 'spec_helper' - -describe 'manila::network::nova_single_network' do - let("title") {'novasinglenet'} - - let :params do - { - :nova_single_network_plugin_net_id => 'abcdef', - } - end - - context 'with provided parameters' do - it 'configures nova network plugin' do - - is_expected.to contain_manila_config("novasinglenet/network_api_class").with_value( - 'manila.network.nova_network_plugin.NovaSingleNetworkPlugin') - - params.each_pair do |config,value| - is_expected.to contain_manila_config("novasinglenet/#{config}").with_value( value ) - end - end - end -end diff --git a/manila/spec/defines/manila_network_standalone_spec.rb b/manila/spec/defines/manila_network_standalone_spec.rb deleted file mode 100644 index 626eedc43..000000000 --- a/manila/spec/defines/manila_network_standalone_spec.rb +++ /dev/null @@ -1,50 +0,0 @@ -require 'spec_helper' - -describe 'manila::network::standalone' do - let("title") {'standalone'} - - let :params do - { - :standalone_network_plugin_gateway => '192.168.1.1', - :standalone_network_plugin_mask => '255.255.255.0', - :standalone_network_plugin_segmentation_id => '1001', - :standalone_network_plugin_allowed_ip_ranges => '10.0.0.10-10.0.0.20', - } - end - - let :default_params do - { - :standalone_network_plugin_ip_version => '4', - } - end - - - shared_examples_for 'standalone network plugin' do - let :params_hash do - default_params.merge(params) - end - - it 'configures standalone network plugin' do - - is_expected.to contain_manila_config("standalone/network_api_class").with_value( - 'manila.network.standalone_network_plugin.StandaloneNetworkPlugin') - - params_hash.each_pair do |config,value| - is_expected.to contain_manila_config("standalone/#{config}").with_value( value ) - end - end - end - - - context 'with default parameters' do - before do - params = {} - end - - it_configures 'standalone network plugin' - end - - context 'with provided parameters' do - it_configures 'standalone network plugin' - end -end diff --git a/manila/spec/defines/manila_service_instance_spec.rb b/manila/spec/defines/manila_service_instance_spec.rb deleted file mode 100644 index 968b4b0e6..000000000 --- a/manila/spec/defines/manila_service_instance_spec.rb +++ /dev/null @@ -1,53 +0,0 @@ -require 'spec_helper' - -describe 'manila::service_instance' do - - let(:title) {'DEFAULT'} - - let :params do - { - :service_instance_name_template => 'manila_service_instance_%s', - :service_instance_user => 'user1', - :service_instance_password => 'pass1', - :manila_service_keypair_name => 'manila-service', - :path_to_public_key => '~/.ssh/id_rsa.pub', - :path_to_private_key => '~/.ssh/id_rsa', - :max_time_to_build_instance => 300, - :service_instance_security_group => 'manila-service', - :service_instance_flavor_id => 1, - :service_network_name => 'manila_service_network', - :service_network_cidr => '10.254.0.0/16', - :service_network_division_mask => 28, - :interface_driver => 'manila.network.linux.interface.OVSInterfaceDriver', - :connect_share_server_to_tenant_network => false, - :service_instance_network_helper_type => 'neutron', - } - end - - context 'with default parameters' do - it 'configures service instance' do - expect { - params.each_pair do |config,value| - is_expected.to contain_manila_config("DEFAULT/#{config}").with_value( value ) - end - }.to raise_error(Puppet::Error, /Missing required parameter service_image_location/) - end - end - - context 'with service image provided' do - let (:req_params) { params.merge!({ - :service_image_name => 'manila-service-image', - :service_image_location => 'http://example.com/manila_service_image.iso', - }) } - - it 'creates Glance image' do - is_expected.to contain_glance_image(req_params[:service_image_name]).with( - :ensure => 'present', - :is_public => 'yes', - :container_format => 'bare', - :disk_format => 'qcow2', - :source => req_params[:service_image_location] - ) - end - end -end diff --git a/manila/spec/defines/manila_type_set_spec.rb b/manila/spec/defines/manila_type_set_spec.rb deleted file mode 100644 index b1b5def3e..000000000 --- a/manila/spec/defines/manila_type_set_spec.rb +++ /dev/null @@ -1,49 +0,0 @@ -#Author: Andrew Woodward - -require 'spec_helper' - -describe 'manila::type_set' do - - shared_examples_for 'manila types' do - - let(:title) {'hippo'} - - let :params do - { - :type => 'sith', - :key => 'monchichi', - :os_password => 'asdf', - :os_tenant_name => 'admin', - :os_username => 'admin', - :os_auth_url => 'http://127.127.127.1:5000/v2.0/', - } - end - - it 'should have its execs' do - is_expected.to contain_exec('manila type-key sith set monchichi=hippo').with( - :command => 'manila type-key sith set monchichi=hippo', - :environment => [ - 'OS_TENANT_NAME=admin', - 'OS_USERNAME=admin', - 'OS_PASSWORD=asdf', - 'OS_AUTH_URL=http://127.127.127.1:5000/v2.0/'], - :require => 'Package[python-manilaclient]') - end - end - - context 'on Debian platforms' do - let :facts do - @default_facts.merge({ :osfamily => 'Debian' }) - end - - it_configures 'manila types' - end - - context 'on RedHat platforms' do - let :facts do - @default_facts.merge({ :osfamily => 'RedHat' }) - end - - it_configures 'manila types' - end -end diff --git a/manila/spec/defines/manila_type_spec.rb b/manila/spec/defines/manila_type_spec.rb deleted file mode 100644 index ecfca2f53..000000000 --- a/manila/spec/defines/manila_type_spec.rb +++ /dev/null @@ -1,53 +0,0 @@ -#Author: Andrew Woodward - -require 'spec_helper' - -describe 'manila::type' do - - shared_examples_for 'manila types' do - - let(:title) {'hippo'} - - let :params do - { - :set_value => ['name1','name2'], - :set_key => 'volume_backend_name', - :os_password => 'asdf', - :os_tenant_name => 'admin', - :os_username => 'admin', - :os_auth_url => 'http://127.127.127.1:5000/v2.0/', - :driver_handles_share_servers => 'true', - } - end - - it 'should have its execs' do - is_expected.to contain_exec('manila type-create hippo true').with( - :command => 'manila type-create hippo true', - :environment => [ - 'OS_TENANT_NAME=admin', - 'OS_USERNAME=admin', - 'OS_PASSWORD=asdf', - 'OS_AUTH_URL=http://127.127.127.1:5000/v2.0/'], - :unless => 'manila type-list | grep hippo', - :require => 'Package[python-manilaclient]') - is_expected.to contain_exec('manila type-key hippo set volume_backend_name=name1') - is_expected.to contain_exec('manila type-key hippo set volume_backend_name=name2') - end - end - - context 'on Debian platforms' do - let :facts do - @default_facts.merge({ :osfamily => 'Debian' }) - end - - it_configures 'manila types' - end - - context 'on RedHat platforms' do - let :facts do - @default_facts.merge({ :osfamily => 'RedHat' }) - end - - it_configures 'manila types' - end -end diff --git a/manila/spec/shared_examples.rb b/manila/spec/shared_examples.rb deleted file mode 100644 index fec0eacc9..000000000 --- a/manila/spec/shared_examples.rb +++ /dev/null @@ -1,5 +0,0 @@ -shared_examples_for "a Puppet::Error" do |description| - it "with message matching #{description.inspect}" do - expect { is_expected.to have_class_count(1) }.to raise_error(Puppet::Error, description) - end -end diff --git a/manila/spec/spec_helper.rb b/manila/spec/spec_helper.rb deleted file mode 100644 index be3811cf2..000000000 --- a/manila/spec/spec_helper.rb +++ /dev/null @@ -1,18 +0,0 @@ -require 'puppetlabs_spec_helper/module_spec_helper' -require 'shared_examples' - -require 'puppet-openstack_spec_helper/defaults' -require 'rspec-puppet-facts' -include RspecPuppetFacts - -RSpec.configure do |c| - c.alias_it_should_behave_like_to :it_configures, 'configures' - c.alias_it_should_behave_like_to :it_raises, 'raises' - # TODO(aschultz): remove this after all tests converted to use OSDefaults - # instead of referencing @default_facts - c.before :each do - @default_facts = OSDefaults.get_facts - end -end - -at_exit { RSpec::Puppet::Coverage.report! } diff --git a/manila/spec/spec_helper_acceptance.rb b/manila/spec/spec_helper_acceptance.rb deleted file mode 100644 index 9196bc99b..000000000 --- a/manila/spec/spec_helper_acceptance.rb +++ /dev/null @@ -1 +0,0 @@ -require 'puppet-openstack_spec_helper/beaker_spec_helper' diff --git a/manila/spec/unit/provider/manila_config/ini_setting_spec.rb b/manila/spec/unit/provider/manila_config/ini_setting_spec.rb deleted file mode 100644 index 117bf1635..000000000 --- a/manila/spec/unit/provider/manila_config/ini_setting_spec.rb +++ /dev/null @@ -1,72 +0,0 @@ -$LOAD_PATH.push( - File.join( - File.dirname(__FILE__), - '..', - '..', - '..', - 'fixtures', - 'modules', - 'inifile', - 'lib') -) -$LOAD_PATH.push( - File.join( - File.dirname(__FILE__), - '..', - '..', - '..', - 'fixtures', - 'modules', - 'openstacklib', - 'lib') -) - -require 'spec_helper' - -provider_class = Puppet::Type.type(:manila_config).provider(:ini_setting) - -describe provider_class do - - it 'should default to the default setting when no other one is specified' do - resource = Puppet::Type::Manila_config.new( - { - :name => 'DEFAULT/foo', - :value => 'bar' - } - ) - provider = provider_class.new(resource) - expect(provider.section).to eq('DEFAULT') - expect(provider.setting).to eq('foo') - end - - it 'should allow setting to be set explicitly' do - resource = Puppet::Type::Manila_config.new( - { - :name => 'dude/foo', - :value => 'bar' - } - ) - provider = provider_class.new(resource) - expect(provider.section).to eq('dude') - expect(provider.setting).to eq('foo') - end - - it 'should ensure absent when is specified as a value' do - resource = Puppet::Type::Manila_config.new( - {:name => 'dude/foo', :value => ''} - ) - provider = provider_class.new(resource) - provider.exists? - expect(resource[:ensure]).to eq :absent - end - - it 'should ensure absent when value matches ensure_absent_val' do - resource = Puppet::Type::Manila_config.new( - {:name => 'dude/foo', :value => 'foo', :ensure_absent_val => 'foo' } - ) - provider = provider_class.new(resource) - provider.exists? - expect(resource[:ensure]).to eq :absent - end - -end diff --git a/manila/spec/unit/type/manila_config_spec.rb b/manila/spec/unit/type/manila_config_spec.rb deleted file mode 100644 index 5c24eebe0..000000000 --- a/manila/spec/unit/type/manila_config_spec.rb +++ /dev/null @@ -1,19 +0,0 @@ -require 'puppet' -require 'puppet/type/manila_config' - -describe 'Puppet::Type.type(:manila_config)' do - before :each do - @manila_config = Puppet::Type.type(:manila_config).new(:name => 'DEFAULT/foo', :value => 'bar') - end - - it 'should autorequire the package that install the file' do - catalog = Puppet::Resource::Catalog.new - package = Puppet::Type.type(:package).new(:name => 'manila') - catalog.add_resource package, @manila_config - dependency = @manila_config.autorequire - expect(dependency.size).to eq(1) - expect(dependency[0].target).to eq(@manila_config) - expect(dependency[0].source).to eq(package) - end - -end diff --git a/manila/test-requirements.txt b/manila/test-requirements.txt deleted file mode 100644 index bedd66690..000000000 --- a/manila/test-requirements.txt +++ /dev/null @@ -1,4 +0,0 @@ -# this is required for the docs build jobs -sphinx!=1.2.0,!=1.3b1,<1.3,>=1.1.2 -oslosphinx>=2.5.0 # Apache-2.0 -reno>=0.1.1 # Apache-2.0 diff --git a/manila/tox.ini b/manila/tox.ini deleted file mode 100644 index aea06c84f..000000000 --- a/manila/tox.ini +++ /dev/null @@ -1,8 +0,0 @@ -[tox] -minversion = 1.6 -skipsdist = True -envlist = releasenotes - -[testenv:releasenotes] -deps = -rtest-requirements.txt -commands = sphinx-build -a -E -W -d releasenotes/build/doctrees -b html releasenotes/source releasenotes/build/html diff --git a/memcached/.fixtures.yml b/memcached/.fixtures.yml deleted file mode 100644 index 21aa9ebf9..000000000 --- a/memcached/.fixtures.yml +++ /dev/null @@ -1,10 +0,0 @@ -fixtures: - repositories: - 'firewall': - repo: 'git://github.com/puppetlabs/puppetlabs-firewall.git' - ref: '0.1.0' - 'stdlib': - repo: 'git://github.com/puppetlabs/puppetlabs-stdlib.git' - ref: '3.2.0' - symlinks: - memcached: "#{source_dir}" diff --git a/memcached/.gitattributes b/memcached/.gitattributes deleted file mode 100644 index 78640e123..000000000 --- a/memcached/.gitattributes +++ /dev/null @@ -1,2 +0,0 @@ -# Enforce Linux line-endings for template files on every operating system. -*.erb text eol=lf diff --git a/memcached/.gitignore b/memcached/.gitignore deleted file mode 100644 index 43d6b1e08..000000000 --- a/memcached/.gitignore +++ /dev/null @@ -1,5 +0,0 @@ -pkg/ -*.swp -.forge-releng/ -Gemfile.lock -vendor/ diff --git a/memcached/.travis.yml b/memcached/.travis.yml deleted file mode 100644 index 8e14c541f..000000000 --- a/memcached/.travis.yml +++ /dev/null @@ -1,38 +0,0 @@ ---- -branches: - only: - - master -language: ruby -bundler_args: --without development -script: 'bundle exec rake validate && bundle exec rake lint && SPEC_OPTS="--format documentation" bundle exec rake spec' -after_success: - - git clone -q git://github.com/puppetlabs/ghpublisher.git .forge-releng - - .forge-releng/publish -rvm: - - 1.8.7 - - 1.9.3 -env: - matrix: - - PUPPET_GEM_VERSION="~> 2.7.0" - - PUPPET_GEM_VERSION="~> 3.0.0" - - PUPPET_GEM_VERSION="~> 3.1.0" - - PUPPET_GEM_VERSION="~> 3.2.0" - - PUPPET_GEM_VERSION="~> 3.3.0" - - PUPPET_GEM_VERSION="~> 3.4.0" - global: - - PUBLISHER_LOGIN=saz - - secure: |- - KHycFEf0ALVjITczYG0pcfk912muQkbJiGzKa5yyC8C9ppDW+dTYgDQu8AO1KXFHzds - NUASY2XNjrJNv27w7A2eMp88qU1ID1s8CWALph4fuxGcM/HoPw9q8sldJ9/sHGlY9Ye - DEeIvgt9qkwKtG/kb7dN7la42nv5fffWE95OU= -matrix: - include: - - rvm: 2.0.0 - env: PUPPET_GEM_VERSION="~> 3.2.0" - - rvm: 2.0.0 - env: PUPPET_GEM_VERSION="~> 3.3.0" - - rvm: 1.8.7 - env: PUPPET_GEM_VERSION="~> 2.6.0" -notifications: - email: false -gemfile: Gemfile diff --git a/memcached/Gemfile b/memcached/Gemfile deleted file mode 100644 index 087b51f83..000000000 --- a/memcached/Gemfile +++ /dev/null @@ -1,9 +0,0 @@ -source "https://rubygems.org" - -puppetversion = ENV.key?('PUPPET_VERSION') ? "= #{ENV['PUPPET_VERSION']}" : ['>= 3.3'] -gem 'puppet', puppetversion -gem 'puppetlabs_spec_helper', '>= 0.1.0' -gem 'rspec', '< 3.2.0', {"platforms"=>["ruby_18"]} -gem 'puppet-lint', '>= 0.3.2' -gem 'facter', '>= 1.7.0', "< 1.8.0" -gem 'rspec-puppet', '=1.0.1' diff --git a/memcached/LICENSE b/memcached/LICENSE deleted file mode 100644 index 7c6618932..000000000 --- a/memcached/LICENSE +++ /dev/null @@ -1,14 +0,0 @@ - Copyright 2011 Steffen Zieger - Copyright 2014 Garrett Honeycutt - - Licensed under the Apache License, Version 2.0 (the "License"); - you may not use this file except in compliance with the License. - You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - - Unless required by applicable law or agreed to in writing, software - distributed under the License is distributed on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - See the License for the specific language governing permissions and - limitations under the License. diff --git a/memcached/README-DEVELOPER b/memcached/README-DEVELOPER deleted file mode 100644 index e6c4dab93..000000000 --- a/memcached/README-DEVELOPER +++ /dev/null @@ -1,9 +0,0 @@ -In order to run tests: - - puppet and facter must be installed and available in Ruby's LOADPATH - - the latest revision of rspec-puppet must be installed - - rake, and rspec2 must be install - - - the name of the module directory needs to be memcached - -to run all tests: - rake spec diff --git a/memcached/README.md b/memcached/README.md deleted file mode 100644 index 7218b3e18..000000000 --- a/memcached/README.md +++ /dev/null @@ -1,52 +0,0 @@ -# puppet-memcached [![Build Status](https://secure.travis-ci.org/saz/puppet-memcached.png)](http://travis-ci.org/saz/puppet-memcached) - -Manage memcached via Puppet - -## Show some love -If you find this module useful, send some bitcoins to 1Na3YFUmdxKxJLiuRXQYJU2kiNqA3KY2j9 - -## How to use - -### Use roughly 90% of memory - -```ruby - class { 'memcached': } -``` - -### Set a fixed memory limit in MB - -```ruby - class { 'memcached': - max_memory => 2048 - } -``` - -### Use 12% of available memory - -```ruby - class { 'memcached': - max_memory => '12%' - } -``` - -### Other class parameters - -* $package_ensure = 'present' -* $logfile = '/var/log/memcached.log' -* $pidfile = '/var/run/memcached.pid' (Debian family only, set to false to disable pidfile) -* $max_memory = false -* $item_size = false -* $lock_memory = false (WARNING: good if used intelligently, google for -k key) -* $listen_ip = '0.0.0.0' -* $tcp_port = 11211 -* $udp_port = 11211 -* $manage_firewall = false -* $user = '' (OS specific setting, see params.pp) -* $max_connections = 8192 -* $verbosity = undef -* $unix_socket = undef -* $install_dev = false (TRUE if 'libmemcached-dev' package should be installed) -* $processorcount = $::processorcount -* $service_restart = true (restart service after configuration changes, false to prevent restarts) -* $use_sasl = false (start memcached with SASL support) -* $large_mem_pages = false (try to use large memory pages) diff --git a/memcached/Rakefile b/memcached/Rakefile deleted file mode 100644 index 06f1ab4fb..000000000 --- a/memcached/Rakefile +++ /dev/null @@ -1,19 +0,0 @@ -require 'rubygems' -require 'puppetlabs_spec_helper/rake_tasks' -require 'puppet-lint/tasks/puppet-lint' -PuppetLint.configuration.send('disable_80chars') -PuppetLint.configuration.relative = true -PuppetLint.configuration.ignore_paths = ["spec/**/*.pp", "pkg/**/*.pp"] - -desc "Run puppet in noop mode and check for syntax errors." -task :validate do - Dir['manifests/**/*.pp'].each do |manifest| - sh "puppet parser validate --noop #{manifest}" - end - Dir['spec/**/*.rb','lib/**/*.rb'].each do |ruby_file| - sh "ruby -c #{ruby_file}" unless ruby_file =~ /spec\/fixtures/ - end - Dir['templates/**/*.erb'].each do |template| - sh "erb -P -x -T '-' #{template} | ruby -c" - end -end diff --git a/memcached/lib/puppet/parser/functions/memcached_max_memory.rb b/memcached/lib/puppet/parser/functions/memcached_max_memory.rb deleted file mode 100644 index fac25fdb3..000000000 --- a/memcached/lib/puppet/parser/functions/memcached_max_memory.rb +++ /dev/null @@ -1,38 +0,0 @@ -module Puppet::Parser::Functions - newfunction(:memcached_max_memory, :type => :rvalue, :doc => <<-EOS - Calculate max_memory size from fact 'memsize' and passed argument. - EOS - ) do |arguments| - - raise(Puppet::ParseError, "memcached_max_memory(): " + - "Wrong number of arguments given " + - "(#{arguments.size} for 1)") if arguments.size != 1 - - arg = arguments[0] - memsize = lookupvar('memorysize') - - if arg and !arg.to_s.end_with?('%') - result_in_mb = arg.to_i - else - max_memory_percent = arg ? arg : '95%' - - # Taken from puppetlabs-stdlib to_bytes() function - value,prefix = */([0-9.e+-]*)\s*([^bB]?)/.match(memsize)[1,2] - - value = value.to_f - case prefix - when '' then value = value - when 'k' then value *= (1<<10) - when 'M' then value *= (1<<20) - when 'G' then value *= (1<<30) - when 'T' then value *= (1<<40) - when 'E' then value *= (1<<50) - else raise Puppet::ParseError, "memcached_max_memory(): Unknown prefix #{prefix}" - end - value = value.to_i - result_in_mb = ( (value / (1 << 20) ) * (max_memory_percent.to_f / 100.0) ).floor - end - - return result_in_mb - end -end diff --git a/memcached/manifests/init.pp b/memcached/manifests/init.pp deleted file mode 100644 index 761efcb0e..000000000 --- a/memcached/manifests/init.pp +++ /dev/null @@ -1,123 +0,0 @@ -# == Class: memcached -# -# Manage memcached -# -# == Parameters -# [* syslog *] -# Boolean. -# If true will pipe output to /bin/logger, sends to syslog. -# -class memcached ( - $package_ensure = 'present', - $service_manage = true, - $logfile = $::memcached::params::logfile, - $syslog = false, - $pidfile = '/var/run/memcached.pid', - $manage_firewall = false, - $max_memory = false, - $item_size = false, - $lock_memory = false, - $listen_ip = '0.0.0.0', - $tcp_port = 11211, - $udp_port = 11211, - $user = $::memcached::params::user, - $max_connections = '8192', - $verbosity = undef, - $unix_socket = undef, - $install_dev = false, - $processorcount = $::processorcount, - $service_restart = true, - $auto_removal = false, - $use_sasl = false, - $use_registry = $::memcached::params::use_registry, - $registry_key = 'HKLM\System\CurrentControlSet\services\memcached\ImagePath', - $large_mem_pages = false -) inherits memcached::params { - - # validate type and convert string to boolean if necessary - if is_string($manage_firewall) { - $manage_firewall_bool = str2bool($manage_firewall) - } else { - $manage_firewall_bool = $manage_firewall - } - validate_bool($manage_firewall_bool) - validate_bool($service_restart) - validate_bool($service_manage) - - validate_bool($syslog) - - # Logging to syslog and file are mutually exclusive - # Fail if both options are defined - if $syslog and str2bool($logfile) { - fail 'Define either syslog or logfile as logging destinations but not both.' - } - - if $package_ensure == 'absent' { - $service_ensure = 'stopped' - $service_enable = false - } else { - $service_ensure = 'running' - $service_enable = true - } - - package { $memcached::params::package_name: - ensure => $package_ensure, - provider => $memcached::params::package_provider - } - - if $install_dev { - package { $memcached::params::dev_package_name: - ensure => $package_ensure, - require => Package[$memcached::params::package_name] - } - } - - if $manage_firewall_bool == true { - firewall { "100_tcp_${tcp_port}_for_memcached": - port => $tcp_port, - proto => 'tcp', - action => 'accept', - } - - firewall { "100_udp_${udp_port}_for_memcached": - port => $udp_port, - proto => 'udp', - action => 'accept', - } - } - - if $service_restart and $service_manage { - $service_notify_real = Service[$memcached::params::service_name] - } else { - $service_notify_real = undef - } - - if ( $memcached::params::config_file ) { - file { $memcached::params::config_file: - owner => 'root', - group => 'root', - mode => '0644', - content => template($memcached::params::config_tmpl), - require => Package[$memcached::params::package_name], - notify => $service_notify_real, - } - } - - if $service_manage { - service { $memcached::params::service_name: - ensure => $service_ensure, - enable => $service_enable, - hasrestart => true, - hasstatus => $memcached::params::service_hasstatus, - } - } - - if $use_registry { - registry_value{ $registry_key: - ensure => 'present', - type => 'string', - data => template($memcached::params::config_tmpl), - notify => $service_notify_real, - } - } -} diff --git a/memcached/manifests/params.pp b/memcached/manifests/params.pp deleted file mode 100644 index 1469a4b4d..000000000 --- a/memcached/manifests/params.pp +++ /dev/null @@ -1,61 +0,0 @@ -# == Class: memcached::params -# -class memcached::params { - case $::osfamily { - 'Debian': { - $package_name = 'memcached' - $package_provider = undef - $service_name = 'memcached' - $service_hasstatus = false - $dev_package_name = 'libmemcached-dev' - $config_file = '/etc/memcached.conf' - $config_tmpl = "${module_name}/memcached.conf.erb" - $user = 'nobody' - $logfile = '/var/log/memcached.log' - $use_registry = false - } - /RedHat|Suse/: { - $package_name = 'memcached' - $package_provider = undef - $service_name = 'memcached' - $service_hasstatus = true - $dev_package_name = 'libmemcached-devel' - $config_file = '/etc/sysconfig/memcached' - $config_tmpl = "${module_name}/memcached_sysconfig.erb" - $user = 'memcached' - $logfile = '/var/log/memcached.log' - $use_registry = false - } - /windows/: { - $package_name = 'memcached' - $package_provider = 'chocolatey' - $service_name = 'memcached' - $service_hasstatus = true - $dev_package_name = 'libmemcached-devel' - $config_file = undef - $config_tmpl = "${module_name}/memcached_windows.erb" - $user = 'BUILTIN\Administrators' - $logfile = undef - $use_registry = true - } - default: { - case $::operatingsystem { - 'Amazon': { - $package_name = 'memcached' - $package_provider = undef - $service_name = 'memcached' - $service_hasstatus = true - $dev_package_name = 'libmemcached-devel' - $config_file = '/etc/sysconfig/memcached' - $config_tmpl = "${module_name}/memcached_sysconfig.erb" - $user = 'memcached' - $logfile = '/var/log/memcached.log' - $use_registry = false - } - default: { - fail("Unsupported platform: ${::osfamily}/${::operatingsystem}") - } - } - } - } -} diff --git a/memcached/metadata.json b/memcached/metadata.json deleted file mode 100644 index 4fe51f780..000000000 --- a/memcached/metadata.json +++ /dev/null @@ -1,48 +0,0 @@ -{ - "operatingsystem_support": [ - { - "operatingsystem": "RedHat" - }, - { - "operatingsystem": "CentOS" - }, - { - "operatingsystem": "OracleLinux" - }, - { - "operatingsystem": "Scientific" - }, - { - "operatingsystem": "Debian" - }, - { - "operatingsystem": "Ubuntu" - }, - { - "operatingsystem": "Windows" - } - ], - "requirements": [ - { - "name": "pe", - "version_requirement": ">= 3.2.0 < 3.4.0" - }, - { - "name": "puppet", - "version_requirement": "3.x" - } - ], - "name": "saz-memcached", - "version": "2.8.1", - "author": "saz", - "summary": "Manage memcached via Puppet", - "license": "Apache License, Version 2.0", - "source": "git://github.com/saz/puppet-memcached.git", - "project_page": "https://github.com/saz/puppet-memcached", - "issues_url": "https://github.com/saz/puppet-memcached/issues", - "description": "Manage memcached via Puppet", - "dependencies": [ - {"name":"puppetlabs/stdlib","version_requirement":">= 3.2.0"}, - {"name":"puppetlabs/firewall","version_requirement":">= 0.1.0"} - ] -} diff --git a/memcached/spec/classes/memcached_spec.rb b/memcached/spec/classes/memcached_spec.rb deleted file mode 100644 index d8f2981c8..000000000 --- a/memcached/spec/classes/memcached_spec.rb +++ /dev/null @@ -1,231 +0,0 @@ -require 'spec_helper' -describe 'memcached' do - - describe 'with manage_firewall parameter' do - ['Debian','RedHat'].each do |osfam| - context "on osfamily #{osfam}" do - let(:facts) do - { :osfamily => osfam, - :memorysize => '1000 MB', - :processorcount => '1', - } - end - - ['true',true].each do |value| - context "set to #{value}" do - let(:params) { { :manage_firewall => value } } - - it { should contain_class('memcached') } - - it { should contain_firewall('100_tcp_11211_for_memcached') } - it { should contain_firewall('100_udp_11211_for_memcached') } - end - end - - ['false',false].each do |value| - context "set to #{value}" do - let(:params) { { :manage_firewall => value } } - - it { should contain_class('memcached') } - - it { should_not contain_firewall('100_tcp_11211_for_memcached') } - it { should_not contain_firewall('100_udp_11211_for_memcached') } - end - end - - context 'set to an invalid type (array)' do - let(:params) { { :manage_firewall => ['invalid','type'] } } - - it do - expect { - should contain_class('memcached') - }.to raise_error(Puppet::Error) - end - end - end - end - end - - let :default_params do - { - :package_ensure => 'present', - :logfile => '/var/log/memcached.log', - :max_memory => false, - :item_size => false, - :lock_memory => false, - :listen_ip => '0.0.0.0', - :tcp_port => '11211', - :udp_port => '11211', - :user => 'nobody', - :max_connections => '8192', - :install_dev => false, - :processorcount => 1, - :use_sasl => false, - :large_mem_pages => false, - } - end - - [ {}, - { - :package_ensure => 'latest', - :logfile => '/var/log/memcached.log', - :max_memory => '2', - :item_size => false, - :lock_memory => true, - :listen_ip => '127.0.0.1', - :tcp_port => '11212', - :udp_port => '11213', - :user => 'somebdy', - :max_connections => '8193', - :verbosity => 'vvv', - :processorcount => 3, - :use_sasl => true, - :large_mem_pages => true, - }, - { - :package_ensure => 'present', - :logfile => '/var/log/memcached.log', - :max_memory => '20%', - :lock_memory => false, - :listen_ip => '127.0.0.1', - :tcp_port => '11212', - :udp_port => '11213', - :user => 'somebdy', - :max_connections => '8193', - :verbosity => 'vvv', - :install_dev => true, - :processorcount => 1 - }, - { - :listen_ip => '', - }, - { - :pidfile => false, - }, - { - :pidfile => '/var/log/memcached.pid', - }, - { - :package_ensure => 'absent', - :install_dev => true - }, - { - :service_manage => false - } - ].each do |param_set| - describe "when #{param_set == {} ? "using default" : "specifying"} class parameters" do - - let :param_hash do - default_params.merge(param_set) - end - - let :params do - param_set - end - - ['Debian'].each do |osfamily| - - let :facts do - { - :osfamily => osfamily, - :memorysize => '1000 MB', - :processorcount => '1', - } - end - - describe "on supported osfamily: #{osfamily}" do - - it { should contain_class("memcached::params") } - - it { should contain_package("memcached").with_ensure(param_hash[:package_ensure]) } - - it { should_not contain_firewall('100_tcp_11211_for_memcached') } - it { should_not contain_firewall('100_udp_11211_for_memcached') } - - it { - if param_hash[:install_dev] - should contain_package("libmemcached-dev").with_ensure(param_hash[:package_ensure]) - end - } - - it { should contain_file("/etc/memcached.conf").with( - 'owner' => 'root', - 'group' => 'root' - )} - - it { - if param_hash[:service_manage] == false - should_not contain_service('memcached') - elsif param_hash[:package_ensure] == 'absent' - should contain_service("memcached").with( - 'ensure' => 'stopped', - 'enable' => false - ) - else - should contain_service("memcached").with( - 'ensure' => 'running', - 'enable' => true, - 'hasrestart' => true, - 'hasstatus' => false - ) - end - } - - it 'should compile the template based on the class parameters' do - content = param_value( - subject, - 'file', - '/etc/memcached.conf', - 'content' - ) - expected_lines = [ - "logfile #{param_hash[:logfile]}", - "-p #{param_hash[:tcp_port]}", - "-U #{param_hash[:udp_port]}", - "-u #{param_hash[:user]}", - "-c #{param_hash[:max_connections]}", - "-t #{param_hash[:processorcount]}" - ] - if(param_hash[:max_memory]) - if(param_hash[:max_memory].end_with?('%')) - expected_lines.push("-m 200") - else - expected_lines.push("-m #{param_hash[:max_memory]}") - end - else - expected_lines.push("-m 950") - end - if(param_hash[:listen_ip] != '') - expected_lines.push("-l #{param_hash[:listen_ip]}") - end - if(param_hash[:lock_memory]) - expected_lines.push("-k") - end - if(param_hash[:pidfile]) - expected_lines.push("-P #{param_hash[:pidfile]}") - end - if(param_hash[:verbosity]) - expected_lines.push("-vvv") - end - if(param_hash[:use_sasl]) - expected_lines.push("-S") - end - if(param_hash[:large_mem_pages]) - expected_lines.push("-L") - end - (content.split("\n") & expected_lines).should =~ expected_lines - end - end - end - ['Redhat'].each do |osfamily| - describe 'on supported platform' do - it 'should fail' do - - end - end - end - end - end -end - -# vim: expandtab shiftwidth=2 softtabstop=2 diff --git a/memcached/spec/spec.opts b/memcached/spec/spec.opts deleted file mode 100644 index 91cd6427e..000000000 --- a/memcached/spec/spec.opts +++ /dev/null @@ -1,6 +0,0 @@ ---format -s ---colour ---loadby -mtime ---backtrace diff --git a/memcached/spec/spec_helper.rb b/memcached/spec/spec_helper.rb deleted file mode 100644 index dc7e9f4a0..000000000 --- a/memcached/spec/spec_helper.rb +++ /dev/null @@ -1,2 +0,0 @@ -require 'rubygems' -require 'puppetlabs_spec_helper/module_spec_helper' diff --git a/memcached/templates/memcached.conf.erb b/memcached/templates/memcached.conf.erb deleted file mode 100644 index 0dae0bcf7..000000000 --- a/memcached/templates/memcached.conf.erb +++ /dev/null @@ -1,72 +0,0 @@ -# File managed by puppet - -# Run memcached as a daemon. --d - -<% if @pidfile -%> -# pidfile --P <%= @pidfile %> -<% end -%> - -# Log memcached's output -logfile <%= @logfile -%> - -<% if @verbosity -%> -# Verbosity --<%= @verbosity %> -<% end -%> - -# Use MB memory max to use for object storage. -<% Puppet::Parser::Functions.function('memcached_max_memory') -%> --m <%= scope.function_memcached_max_memory([@max_memory]) %> - -<% if @lock_memory -%> -# Lock down all paged memory. There is a limit on how much memory you may lock. --k -<% end -%> - -<% if @use_sasl -%> -# Start with SASL support --S -<% end -%> - -<% if @unix_socket -%> -# UNIX socket path to listen on --s <%= @unix_socket %> -<% else -%> - -<% if @listen_ip != '' -%> -# IP to listen on --l <%= @listen_ip %> -<% end -%> - -# TCP port to listen on --p <%= @tcp_port %> - -# UDP port to listen on --U <%= @udp_port %> -<% end -%> - -# Run daemon as user --u <%= @user %> - -<% if @large_mem_pages -%> -# Try to use large memory pages (if available) --L -<% end -%> - -# Limit the number of simultaneous incoming connections. --c <%= @max_connections %> - -# Number of threads to use to process incoming requests. --t <%= @processorcount %> - -<% if @item_size -%> -# Override the default size of each slab page --I <%= @item_size %> -<% end -%> - -<% if @auto_removal -%> -# Disable automatic removal of items from the cache when out of memory --M -<% end -%> diff --git a/memcached/templates/memcached_sysconfig.erb b/memcached/templates/memcached_sysconfig.erb deleted file mode 100644 index 825d46061..000000000 --- a/memcached/templates/memcached_sysconfig.erb +++ /dev/null @@ -1,57 +0,0 @@ -<%- -result = [] -if @verbosity - result << '-' + @verbosity.to_s -end -if @lock_memory - result << '-k' -end -if @listen_ip - result << '-l ' + @listen_ip -end -if @udp_port - result << '-U ' + @udp_port.to_s -end -if @item_size - result << '-I ' + @item_size.to_s -end -result << '-t ' + @processorcount.to_s - -# log to syslog via logger -if @syslog && @logfile.empty? - result << '2>&1 |/bin/logger &' -# log to log file -elsif !@logfile.empty? && !@syslog - result << '>> ' + @logfile + ' 2>&1' -end --%> -<%- if scope['osfamily'] != 'Suse' -%> -PORT="<%= @tcp_port %>" -USER="<%= @user %>" -MAXCONN="<%= @max_connections %>" -<% Puppet::Parser::Functions.function('memcached_max_memory') -%> -CACHESIZE="<%= scope.function_memcached_max_memory([@max_memory]) %>" -OPTIONS="<%= result.join(' ') %>" -<%- else -%> -MEMCACHED_PARAMS="<%= result.join(' ') %>" - -## Path: Network/WWW/Memcached -## Description: username memcached should run as -## Type: string -## Default: "memcached" -## Config: memcached -# -# username memcached should run as -# -MEMCACHED_USER="<%= @user %>" - -## Path: Network/WWW/Memcached -## Description: group memcached should be run as -## Type: string -## Default: "memcached" -## Config: memcached -# -# group memcached should be run as -# -MEMCACHED_GROUP="<%= @user %>" -<%- end -%> diff --git a/memcached/templates/memcached_windows.erb b/memcached/templates/memcached_windows.erb deleted file mode 100644 index 3964f2a91..000000000 --- a/memcached/templates/memcached_windows.erb +++ /dev/null @@ -1,28 +0,0 @@ -<%- -result = [] -if @verbosity - result << '-' + @verbosity.to_s -end -if @lock_memory - result << '-k' -end -if @listen_ip - result << '-l ' + @listen_ip -end -if @tcp_port - result << '-p ' + @tcp_port.to_s -end -if @udp_port - result << '-U ' + @udp_port.to_s -end -if @item_size - result << '-I ' + @item_size.to_s -end -result << '-t ' + @processorcount -if @max_connections - result << '-c ' + @max_connections -end -if @logfile - result << '>> ' + @logfile + ' 2>&1' -end -%> -c:\memcached\memcached.exe -d runservice <%= result.join(' ') %> diff --git a/memcached/tests/init.pp b/memcached/tests/init.pp deleted file mode 100644 index 22eecc327..000000000 --- a/memcached/tests/init.pp +++ /dev/null @@ -1 +0,0 @@ -include memcached diff --git a/midonet/.fixtures.yml b/midonet/.fixtures.yml deleted file mode 100644 index 1bce9d02d..000000000 --- a/midonet/.fixtures.yml +++ /dev/null @@ -1,12 +0,0 @@ -fixtures: - forge_modules: - apt: - repo: "puppetlabs-apt" - ref: "1.8.0" - stdlib: "puppetlabs-stdlib" - inifile: "puppetlabs-inifile" - zookeeper: "deric-zookeeper" - cassandra: "midonet-cassandra" - datacat: "richardc-datacat" - java: "puppetlabs-java" - module_data: "ripienaar-module_data" diff --git a/midonet/.gitignore b/midonet/.gitignore deleted file mode 100644 index 9ee5483f2..000000000 --- a/midonet/.gitignore +++ /dev/null @@ -1,59 +0,0 @@ -*.gem -*.rbc -/.config -/coverage/ -/InstalledFiles -**/pkg/ -/spec/reports/ -/spec/fixtures/modules/* -/spec/fixtures/manifests/* -/test/tmp/ -/test/version_tmp/ -/tmp/ - -## Specific to RubyMotion: -.dat* -.repl_history -build/ - -## Documentation cache and generated files: -/.yardoc/ -/_yardoc/ -/doc/ -/rdoc/ - -## Environment normalisation: -/.bundle/ -/lib/bundler/man/ - -# for a library or gem, you might want to ignore these files since the code is -# intended to run in multiple environments; otherwise, check them in: -Gemfile.lock -Puppetfile.lock -# .ruby-version -# .ruby-gemset - -# unless supporting rvm < 1.11.0 or doing something fancy, ignore this: -.rvmrc - -# DS_Store -*/.DS_Store - -# Configuration files for cloud9.io -*/.c9/ - -# Kitchen files -.kitchen/ - -# Librarian files -.librarian/ -.tmp/ - -# Vim files -**.swp - -# Ignore vagrant-generated files -.vagrant - -# Beaker -log/ diff --git a/midonet/.gitreview b/midonet/.gitreview deleted file mode 100644 index e3a441674..000000000 --- a/midonet/.gitreview +++ /dev/null @@ -1,4 +0,0 @@ -[gerrit] -host=review.gerrithub.io -port=29418 -project=midonet/puppet-midonet.git diff --git a/midonet/CONTRIBUTING.md b/midonet/CONTRIBUTING.md deleted file mode 100644 index 0b1241386..000000000 --- a/midonet/CONTRIBUTING.md +++ /dev/null @@ -1,5 +0,0 @@ -Contribute with Puppet-MidoNet -============================== - -Check out on [Development Section of README](./README.md#Development) to see -how to develop and contribute to this project. diff --git a/midonet/Gemfile b/midonet/Gemfile deleted file mode 100644 index 73312c2f9..000000000 --- a/midonet/Gemfile +++ /dev/null @@ -1,49 +0,0 @@ -source ENV['GEM_SOURCE'] || 'https://rubygems.org' - -def location_for(place, fake_version = nil) - if place =~ /^(git:[^#]*)#(.*)/ - [fake_version, { :git => $1, :branch => $2, :require => false }].compact - elsif place =~ /^file:\/\/(.*)/ - ['>= 0', { :path => File.expand_path($1), :require => false }] - else - [place, { :require => false }] - end -end - -group :development, :unit_tests do - gem 'rspec-puppet', '~> 2.1', :require => false - gem 'rspec-core', '3.1.7', :require => false - gem 'puppetlabs_spec_helper', '>= 0.1.0', :require => false - gem 'puppet-lint', '>= 0.3.2', :require => false - gem 'metadata-json-lint', :require => false - gem 'faraday', :require => false -end - -group :system_tests do - - if beaker_version = ENV['BEAKER_VERSION'] - gem 'beaker', *location_for(beaker_version) - end - if beaker_rspec_version = ENV['BEAKER_RSPEC_VERSION'] - gem 'beaker-rspec', *location_for(beaker_rspec_version) - else - gem 'beaker-rspec', :require => false - end - - gem 'serverspec', :require => false - gem 'beaker-puppet_install_helper', :require => false -end - -if facterversion = ENV['FACTER_GEM_VERSION'] - gem 'facter', facterversion, :require => false -else - gem 'facter', :require => false -end - -if puppetversion = ENV['PUPPET_GEM_VERSION'] - gem 'puppet', puppetversion, :require => false -else - gem 'puppet', :require => false -end - -# vim:ft=ruby diff --git a/midonet/Puppetfile b/midonet/Puppetfile deleted file mode 100644 index 6ac6b8909..000000000 --- a/midonet/Puppetfile +++ /dev/null @@ -1,15 +0,0 @@ -#!/usr/bin/env ruby -#^syntax detection - -forge "https://forgeapi.puppetlabs.com" - -metadata - -mod 'midonet-zookeeper', - :git => 'http://github.com/midonet/puppet-zookeeper', - :ref => 'master' - -mod 'midonet-cassandra', - :git => 'http://github.com/midonet/puppet-cassandra', - :ref => 'master' - diff --git a/midonet/README.md b/midonet/README.md deleted file mode 100644 index 50abc6b42..000000000 --- a/midonet/README.md +++ /dev/null @@ -1,412 +0,0 @@ -# MidoNet - -NOTE: This repository master now lives in [Openstack's -github](https://github.com/openstack/puppet-midonet) - -#### Table of Contents - -1. [Overview](#overview) -2. [Module Description](#module-description) -3. [Setup](#setup) - * [What MidoNet affects](#what-midonet-affects) - * [Beginning with MidoNet](#beginning-with-midonet) -4. [Usage](#usage) -5. [Reference](#reference) - * [Classes](#classes) - * [Types](#types) -6. [Limitations - OS compatibility, etc.](#limitations) -7. [Development - Guide for contributing to the module](#development) - -## Overview - -Puppet module for install MidoNet components. - -## Module Description - -MidoNet is an Apache licensed production grade network virtualization software -for Infrastructure-as-a-Service (IaaS) clouds. This module provides the puppet -manifests to install all the components to deploy easily MidoNet in a -production environment. - -To know all the components and how they relate each other, check out [midonet -reference architecture -docs](http://docs.midonet.org/docs/latest/reference-architecture/content/index.html) - -## Setup - -### What MidoNet affects - -* This module affects the repository sources of the target system as well as - new packages and their configuration files. - -### Beginning with MidoNet - -To install the last stable release of MidoNet OSS, just include the -MidoNet class in your Puppet manifest: - - include midonet - -That will deploy a full MidoNet installation (repos, cassandra, zookeeper, -agent, MidoNet API and MidoNet CLI) in the target host, which is quite -useless deployment, since MidoNet is a network controller ready to be scalable -and distributed. However, for testing its features and demo purposes, it can -be useful. - -## Usage - -To use this module in a more advanced way, please check out the -[reference](#reference) section of this document. It is worth to highlight that -all the input variables have already a default input value, in a yaml document. -(We use R.I.Piennar [module data](https://www.devco.net/archives/2013/12/08/better-puppet-modules-using-hiera-data.php)) -To leverage this feature, please add the following in your `/etc/puppet/hiera.yaml` -(or the Hiera configuration file that you are using): - - --- - :backends: - - yaml - - module_data - :yaml: - :datadirs: - - /var/lib/hiera - :logger: console - -Any variable that you may use in your class declaration will override the -defaults in `/etc/puppet/modules/midonet/data`, so you will only need to define -the variables that you want to override. - -## Reference - -### Classes - -#### MidoNet Repository - -MidoNet Repository adds MidoNet's repos into target system. By default it installs -last released version of MidoNet: - -To install other releases than the last default's MidoNet OSS, you can override the -default's midonet\_repository atributes by a resource-like declaration: - - class { 'midonet_repository': - midonet_repo => 'http://repo.midonet.org/midonet/v2014.11', - midonet_openstack_repo => 'http://repo.midonet.org/openstack', - midonet_thirdparty_repo => 'http://repo.midonet.org/misc', - midonet_key => '50F18FCF', - midonet_stage => 'stable', - midonet_key_url => 'http://repo.midonet.org/packages.midokura.key', - openstack_release => 'juno' - } - -or use a YAML file using the same attributes, accessible from Hiera: - - midonet_repository::midonet_repo: 'http://repo.midonet.org/midonet/v2014.11' - midonet_repository::midonet_openstack_repo: 'http://repo.midonet.org/openstack' - midonet_repository::midonet_thirdparty_repo: 'http://repo.midonet.org/misc' - midonet_repository::midonet_key: '50F18FCF' - midonet_repository::midonet_stage: 'stable' - midonet_repository::midonet_key_url: 'http://repo.midonet.org/packages.midokura.key' - midonet_repository::openstack_release: 'juno' - - -#### MidoNet Agent - -MidoNet Agent is the Openvswitch datapath controller and must run in all the Hypervisor hosts. - -The easiest way to run the class is: - - include midonet::midonet_agent - -This call assumes that there is a zookeeper instance and a cassandra instance -running in the target machine, and will configure the midonet-agent to -connect to them. - -This is a quite naive deployment, just for demo purposes. A more realistic one -would be: - - class {'midonet::midonet_agent': - cassandra_seeds => ['host1', 'host2', 'host3'], - zk_servers => [{'ip' => 'host1', 'port' => '2183'}, - {'ip' => 'host2', 'port' => '2181'}] - } - -Please note that Zookeeper port's value is not mandatory and it's already defaulted to 2181 - -You can alternatively use the Hiera's yaml style: - - midonet::midonet_agent::zk_servers: - - ip: 'host1' - port: 2183 - - ip: 'host2' - port: 2181 - midonet::midonet_agent::cassandra_seeds: - - 'host1' - - 'host2' - - 'host3' - -Note: midonet\_agent class already makes a call to midonet\_agent::install. -This class allows to choose whether you want it to install and manage Java, or -use an existing installations instead. - -For this purpose a param has been added and its value has been defaulted to -'true'. Should you want to manage the Java installation from another puppet -module and avoid duplicated class declaration, change the value to 'false': - - class { 'midonet::midonet_agent::install': - install_java => false - } - -You can alternatively use the Hiera's yaml style: - - midonet::midonet_agent::install::install_java: false - -#### MidoNet API - -MidoNet API is the REST service where third-party software can connect to -control the virtual network. A single instance of it can be enough. - -The easiest way to run this class is: - - include midonet::midonet_api - -This call assumes that there is a zookeeper running in the target host and the -module will spawn a midonet\_api without keystone authentication. - -This is a quite naive deployment, just for demo purposes. A more realistic one -would be: - - class {'midonet::midonet_api': - zk_servers => [{'ip' => 'host1', 'port' => '2183'}, - {'ip' => 'host2', 'port' => '2181'}], - keystone_auth => true, - vtep => true, - api_ip => '92.234.12.4', - keystone_host => '92.234.12.9', - keystone_port => '35357', # Note: (35357 is already the default) - keystone_admin_token => 'arrakis', - keystone_tenant_name => 'other-than-services' # Note: ('services' by default) - } - -You can alternatively use the Hiera's yaml style: - - midonet::midonet_api::zk_servers: - - ip: 'host1' - port: 2183 - - ip: 'host2' - port: 2181 - midonet::midonet_api::vtep: true - midonet::midonet_api::keystone_auth: true - midonet::midonet_api::api_ip: '92.234.12.4' - midonet::midonet_api::keystone_host: '92.234.12.9' - midonet::midonet_api::keystone_port: 35357 - midonet::midonet_api::keystone_admin_token: 'arrakis' - midonet::midonet_api::keystone_tenant_name: 'other-than-services' - -Please note that Zookeeper port is not mandatory and defaulted to 2181. - -Note: midonet\_api class already makes a call to midonet\_api::install. This -class allows you to choose whether you want it to install and manage Tomcat and -Java, or use existing installations of both instead. - -For this purpose 2 parameters have been added and their values have been -defaulted to 'true'. Should you want to manage Tomcat and Java installation -from another puppet module and avoid duplicated class declaration, change the -values to 'false': - - class { 'midonet::midonet_api::install': - install_java => false, - manage_app_server => false - } - -You can alternatively use the Hiera's yaml style: - - midonet::midonet_api::install::install_java: false - midonet::midonet_api::install::manage_app_server: false - -#### MidoNet CLI - -Install the MidoNetCLI this way: - - include midonet::midonet_cli - -Module does not configure the ~/.midonetrc file that `python-midonetclient` -needs to run. Please, check out how to configure the MidoNet client -[here](http://docs.midonet.org/docs/latest/quick-start-guide/rhel-7_juno-rdo/content/_midonet_cli_installation.html) - -#### Neutron Plugin - -Install and configure MidoNet Neutron Plugin. Please note that manifest does -install Neutron (because it is a requirement of 'python-neutron-plugin-midonet' -package) but it does not configure it nor run it. It just configure the specific -MidoNet plugin files. It is supposed to be deployed along any existing puppet -module that configures Neutron, such as [puppetlabs/neutron](https://forge.puppetlabs.com/puppetlabs/neutron/4.1.0) - -The easiest way to run this class is: - - include midonet::neutron_plugin - -Although it is quite useless: it assumes that there is a Neutron server already -configured and a MidoNet API running at localhost with Mock authentication. - -A more advanced call would be: - - class {'midonet::neutron_plugin': - midonet_api_ip => '23.123.5.32', - username => 'neutron', - password => '32kjaxT0k3na', - project_id => 'service' - } - -You can alternatively use the Hiera's yaml style: - - midonet::neutron_plugin::midonet_api_ip: '23.213.5.32' - midonet::neutron_plugin::username: 'neutron' - midonet::neutron_plugin::password: '32.kjaxT0k3na' - midonet::neutron_plugin::midonet_api_ip: 'service' - -### Types - -#### MidoNet Host Registry ### - -MidoNet defines Tunnel Zones as groups of hosts capable to send packages to -each other using networking tunnels from which we can create Virtual Networks -on the overlay. - -Each host that runs [#MidoNet Agent] should be part of at least one Tunnel Zone -to send packets in the overlay to the rest of hosts of the Tunnel Zone. The -type `midonet_host_registry` allows you to register the host. - -A [#MidoNet API] should already been deployed before and the [#MidoNet Agent] -should be running in the host we are registering. - -This is the way to use it: - - midonet_host_registry {$::fqdn: - $ensure => present, - $midonet_api_url => 'http://controller:8080', - $username => 'admin', - $password => 'admin', - $tenant_name => 'admin', - $underlay_ip_address => '123.23.43.2' - $tunnelzone_name => 'tzone0', - $tunnelzone_type => 'gre' - } - -Notes: - - * **midonet\_api\_url**, **username**, **password**, **tenant\_\name**: - Credentials to authenticate to Keystone through the MidoNet API service. - **tenant\_name** is defaulted to **admin** and is not mandatory. - * **underlay\_ip\_address**: Physical interface from where the packets will be - tunneled. - * **tunnelzone\_name**: Name of the Tunnel Zone. If the Tunnel Zone is does - not exist, the provider will create it. Defaulted to *tzone0*, so is not - mandatory to use this attribute unless you care too much about names or you - want more than one Tunnel Zone. - * **tunnelzone\_type**: Type of the tunnel. You can choose between *gre* and - *vxlan*. Defaulted to 'gre'. - - More info at MidoNet - [docs|http://docs.midonet.org/docs/latest/quick-start-guide/ubuntu-1404_kilo/content/_midonet_host_registration.html] - -#### MidoNet Gateway #### - -This capability allows a Host that runs MidoNet to be declared as the gateway -of the installation and provide the necessary steps to put the packages from -the underlay to the overlay and viceversa. MidoNet needs to bind a Host -interface to *MidoNet Provider Router*, which is the router on top of the -Virtual Infrastructure. - -Then, MidoNet starts BGP sessions to advertise the routes that manages and be -accessible from the Internet. - -This is the way to use it: - - midonet_gateway {$::fqdn: - ensure => present, - midonet_api_url => 'http://controller:8080', - username => 'admin', - password => 'admin', - tenant_name => 'admin', - interface => 'eth1', - local_as => '64512', - bgp_port => { 'port_address' => '198.51.100.2', 'net_prefix' => '198.51.100.0', 'net_length' => '30'}, - remote_peers => [ { 'as' => '64513', 'ip' => '198.51.100.1' }, - { 'as' => '64513', 'ip' => '203.0.113.1' } ], - advertise_net => [ { 'net_prefix' => '192.0.2.0', 'net_length' => '24' } ] - } - -More info at MidoNet -[docs|http://docs.midonet.org/docs/latest/quick-start-guide/ubuntu-1404_kilo/content/bgp_uplink_configuration.html] - - * **midonet\_api\_url**, **username**, **password**, **tenant\_\name**: - Credentials to authenticate to Keystone through the MidoNet API service. - **tenant\_name** is defaulted to **admin** and is not mandatory. - * **interface**: Host Interface where the gateway port of the *MidoNet - Provider Router* will be binded. - * **local_as**: Local Autonomous System of MidoNet deployment. - * **bgp_port**: Information about the port that will be created on *MidoNet - Provider Router* and will serve as the gateway of the virtual - infrastructure. - * **remote_peers**: List of uplink peers to establish BGP connections to. - * **advertise_net**: List of Network that will be advertised on from MidoNet - on the BGP sessions. - - -## Limitations - -This module supports: - - * Ubuntu 14.04 - * CentOS 6.6 - * CentOS 7 - -This module has been tested in Puppet 3.7.3 version, but we believe that it -should work without problems in any Puppet 3.x version. - -## Development - -We happily will accept patches and new ideas to improve this module. - -Check out current bugs or open new ones on JIRA project: - - https://midonet.atlassian.net/projects/PUP - -Feel free to assign an empty one to yourself! - -Clone MidoNet's puppet repo in: - - git clone https://github.com/midonet/puppet-midonet.git - -and send patches via: - - git review - -You can see the state of the patch in: - - https://review.gerrithub.io/#/q/status:open+project:midonet/puppet-midonet - -We are using a Gerrit's rebase-based branching policy. So please, submit a -single commit per change. If a commit has been rejected, do the changes you -need to do and squash your changes with the previous patch: - - git commit --amend - -We are using beaker for integration testing, puppet-lint for syntax code -convention and rspec por unit testing. To test the module before send a patch, -we recommend to use [bundle](http://bundler.io/) to install the dependencies: - - $ gem install bundle $ cd $ bundle install - -And then run the syntax, unit, and smoke tests. - - $ rake lint $ rake spec $ rake beaker - -**Puppet-midonet** uses Docker as the backend provisioner for beaker, so to -have Docker installed is mandatory. - -Ping us on **#installers** channel on http://midonet.atlassian.org - -## Release Notes - -* v2015.1.0: Initial manifests -* v2015.6.0: Adding `midonet_cli`, `midonet_host_registry` and - `midonet_gateway` types. diff --git a/midonet/Rakefile b/midonet/Rakefile deleted file mode 100644 index de4d50824..000000000 --- a/midonet/Rakefile +++ /dev/null @@ -1,8 +0,0 @@ -require 'puppetlabs_spec_helper/rake_tasks' -require 'puppet-lint/tasks/puppet-lint' - -PuppetLint.configuration.fail_on_warnings = true -PuppetLint.configuration.send('relative') -PuppetLint.configuration.send('disable_80chars') -PuppetLint.configuration.send('disable_autoloader_layout') -PuppetLint.configuration.ignore_paths = ["spec/**/*.pp", "pkg/**/*.pp"] diff --git a/midonet/data/common.yaml b/midonet/data/common.yaml deleted file mode 100644 index 356b26878..000000000 --- a/midonet/data/common.yaml +++ /dev/null @@ -1,16 +0,0 @@ -# Zookeeper-based attributes -midonet::zookeeper::servers: - - id: 1 - host: 'localhost' -midonet::zookeeper::server_id: '1' - -# Cassandra-based attributes -midonet::cassandra::seeds: - - 'localhost' -midonet::cassandra::seed_address: 'localhost' - -# Choose whether to manage Tomcat and Java installation (true) or use an -# existing installation instead (false). -midonet::midonet_agent::install::install_java: true -midonet::midonet_api::install::manage_app_server: true -midonet::midonet_api::install::install_java: true diff --git a/midonet/data/hiera.yaml b/midonet/data/hiera.yaml deleted file mode 100644 index 76f32b867..000000000 --- a/midonet/data/hiera.yaml +++ /dev/null @@ -1,9 +0,0 @@ ---- -:backends: - - yaml - - module_data -:hierarchy: - - osfamily/%{::osfamily}/%{::lsbmajdistrelease} - - osfamily/%{::osfamily}/%{::lsbdistrelease} - - osfamily/%{::osfamily}/common - - common diff --git a/midonet/data/osfamily/Debian/12.04.yaml b/midonet/data/osfamily/Debian/12.04.yaml deleted file mode 100644 index a00bde2a6..000000000 --- a/midonet/data/osfamily/Debian/12.04.yaml +++ /dev/null @@ -1,3 +0,0 @@ ---- # Repository-based attributes -midonet::repository::midonet_openstack_repo: 'http://repo.midonet.org/openstack-icehouse' -midonet::repository::openstack_release: 'icehouse' diff --git a/midonet/data/osfamily/Debian/14.04.yaml b/midonet/data/osfamily/Debian/14.04.yaml deleted file mode 100644 index 11782f555..000000000 --- a/midonet/data/osfamily/Debian/14.04.yaml +++ /dev/null @@ -1,4 +0,0 @@ ---- -# Repository-based attributes -midonet::repository::midonet_openstack_repo: "http://repo.midonet.org/openstack-juno" -midonet::repository::openstack_release: 'juno' diff --git a/midonet/data/osfamily/Debian/common.yaml b/midonet/data/osfamily/Debian/common.yaml deleted file mode 100644 index 3f3fbaea9..000000000 --- a/midonet/data/osfamily/Debian/common.yaml +++ /dev/null @@ -1,33 +0,0 @@ ---- -# Repository-based attributes -midonet::repository::midonet_repo: 'http://repo.midonet.org/midonet/v2015.06' -midonet::repository::midonet_thirdparty_repo: 'http://repo.midonet.org/misc' -midonet::repository::midonet_key: '35FEEF2BAD40EA777D0C5BA6FCE340D250F18FCF' -midonet::repository::midonet_stage: 'stable' -midonet::repository::midonet_key_url: 'http://repo.midonet.org/packages.midokura.key' - -# Midonet Host Agent-based attributes -midonet::midonet_agent::zk_servers: - - ip: 'localhost' - port: 2181 -midonet::midonet_agent::cassandra_seeds: - - 'localhost' - -# Midonet API-based attributes -midonet::midonet_api::zk_servers: - - ip: 'localhost' - port: 2181 -midonet::midonet_api::keystone_auth: false -midonet::midonet_api::vtep: false -midonet::midonet_api::tomcat_package: 'tomcat7' -midonet::midonet_api::catalina_base: '/var/lib/tomcat7' - -# Neutron Plugin based attributes -midonet::neutron_plugin::midonet_api_ip: 'localhost' -midonet::neutron_plugin::username: 'fake_user' -midonet::neutron_plugin::password: 'fake_password' -midonet::neutron_plugin::project_id: 'service' - -midonet::cassandra::conf_dir: '/etc/cassandra' -midonet::cassandra::pid_dir: '/var/run/cassandra' -midonet::cassandra::service_path: '/usr/sbin' diff --git a/midonet/data/osfamily/RedHat/6.yaml b/midonet/data/osfamily/RedHat/6.yaml deleted file mode 100644 index cd6ff80d8..000000000 --- a/midonet/data/osfamily/RedHat/6.yaml +++ /dev/null @@ -1,4 +0,0 @@ ---- -# Repository-based attributes -midonet::repository::midonet_openstack_repo: 'http://repo.midonet.org/openstack-icehouse/RHEL' -midonet::repository::openstack_release: 'icehouse' diff --git a/midonet/data/osfamily/RedHat/7.yaml b/midonet/data/osfamily/RedHat/7.yaml deleted file mode 100644 index 4e755b3a5..000000000 --- a/midonet/data/osfamily/RedHat/7.yaml +++ /dev/null @@ -1,10 +0,0 @@ ---- -# Repository-based attributes -midonet::repository::midonet_openstack_repo: 'http://repo.midonet.org/openstack-juno/RHEL' -midonet::repository::openstack_release: 'juno' -# Temporary source for faraday package and dependencies until it gets included -# in EPEL repositories -midonet::faraday_package: 'ruby193-rubygem-faraday' -midonet::faraday_url: 'http://yum.theforeman.org/nightly/el7/x86_64/ruby193-rubygem-faraday-0.9.1-1.el7.noarch.rpm' -midonet::multipart_post_package: 'ruby193-rubygem-multipart-post' -midonet::multipart_post_url: 'http://yum.theforeman.org/nightly/el7/x86_64/ruby193-rubygem-multipart-post-1.2.0-2.el7.noarch.rpm' diff --git a/midonet/data/osfamily/RedHat/common.yaml b/midonet/data/osfamily/RedHat/common.yaml deleted file mode 100644 index 4386b21fc..000000000 --- a/midonet/data/osfamily/RedHat/common.yaml +++ /dev/null @@ -1,43 +0,0 @@ ---- -# Repository-based attributes -midonet::repository::midonet_distro_repo: true -midonet::repository::midonet_epel_repo: true -midonet::repository::midonet_repo: 'http://repo.midonet.org/midonet/v2015.06/RHEL' -midonet::repository::midonet_thirdparty_repo: 'http://repo.midonet.org/misc/RHEL' -midonet::repository::midonet_stage: 'stable' -midonet::repository::midonet_key_url: 'http://repo.midonet.org/packages.midokura.key' -midonet::repository::midonet_openstack_repo: 'http://repo.midonet.org/openstack-juno/RHEL' -midonet::repository::openstack_release: 'juno' - -# Midonet Host Agent-based attributes -midonet::midonet_agent::zk_servers: - - ip: 'localhost' - port: 2181 -midonet::midonet_agent::cassandra_seeds: - - 'localhost' - -# Midonet API-based attributes -midonet::midonet_api::zk_servers: - - ip: 'localhost' - port: 2181 -midonet::midonet_api::keystone_auth: false -midonet::midonet_api::vtep: false -midonet::midonet_api::tomcat_package: 'tomcat' -midonet::midonet_api::catalina_base: '/usr/share/tomcat' - -# Neutron Plugin based attributes -midonet::neutron_plugin::midonet_api_ip: 'localhost' -midonet::neutron_plugin::username: 'fake_user' -midonet::neutron_plugin::password: 'fake_password' -midonet::neutron_plugin::project_id: 'service' - -midonet::cassandra::pid_dir: '/var/run/cassandra' -midonet::cassandra::conf_dir: '/etc/cassandra/default.conf' -midonet::cassandra::service_path: '/sbin' - -# Temporary source for faraday package and dependencies until it gets included -# in EPEL repositories -midonet::faraday_package: 'ruby193-rubygem-faraday' -midonet::faraday_url: 'http://yum.theforeman.org/nightly/el7/x86_64/ruby193-rubygem-faraday-0.9.1-1.el7.noarch.rpm' -midonet::multipart_post_package: 'ruby193-rubygem-multipart-post' -midonet::multipart_post_url: 'http://yum.theforeman.org/nightly/el7/x86_64/ruby193-rubygem-multipart-post-1.2.0-2.el7.noarch.rpm' diff --git a/midonet/files/midonet-api/midonet-api.xml b/midonet/files/midonet-api/midonet-api.xml deleted file mode 100644 index 1d337b3be..000000000 --- a/midonet/files/midonet-api/midonet-api.xml +++ /dev/null @@ -1,6 +0,0 @@ - diff --git a/midonet/lib/puppet/feature/faraday.rb b/midonet/lib/puppet/feature/faraday.rb deleted file mode 100644 index cae8fb909..000000000 --- a/midonet/lib/puppet/feature/faraday.rb +++ /dev/null @@ -1 +0,0 @@ -Puppet.features.add(:faraday, :libs => ["faraday"]) diff --git a/midonet/lib/puppet/parser/functions/zookeeper_servers.rb b/midonet/lib/puppet/parser/functions/zookeeper_servers.rb deleted file mode 100644 index 37e492a09..000000000 --- a/midonet/lib/puppet/parser/functions/zookeeper_servers.rb +++ /dev/null @@ -1,28 +0,0 @@ -# Copyright 2015 Midokura SARL, Inc. -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. You may obtain -# a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the -# License for the specific language governing permissions and limitations -# under the License. -require 'logger' - -module Puppet::Parser::Functions - newfunction(:zookeeper_servers, :type => :rvalue - ) do |argv| - - servers = argv[0] - if servers.class == Hash - servers = Array.new(1, servers) - end - servers = servers.sort_by{|server| server['id']} - return servers.map { |hash| hash['host'] } - end - -end diff --git a/midonet/lib/puppet/provider/midonet_client_conf/ini_setting.rb b/midonet/lib/puppet/provider/midonet_client_conf/ini_setting.rb deleted file mode 100644 index be29a022b..000000000 --- a/midonet/lib/puppet/provider/midonet_client_conf/ini_setting.rb +++ /dev/null @@ -1,21 +0,0 @@ -Puppet::Type.type(:midonet_client_conf).provide( - :ini_setting, - :parent => Puppet::Type.type(:ini_setting).provider(:ruby) -) do - - def section - resource[:name].split('/', 2).first - end - - def setting - resource[:name].split('/', 2).last - end - - def setparator - '=' - end - - def file_path - '/root/.midonetrc' - end -end diff --git a/midonet/lib/puppet/provider/midonet_gateway/midonet_api_caller.rb b/midonet/lib/puppet/provider/midonet_gateway/midonet_api_caller.rb deleted file mode 100644 index 1a0abeefb..000000000 --- a/midonet/lib/puppet/provider/midonet_gateway/midonet_api_caller.rb +++ /dev/null @@ -1,309 +0,0 @@ -if RUBY_VERSION == '1.8.7' - require 'rubygems' -end - -require 'uri' -require 'faraday' -require 'json' - -Puppet::Type.type(:midonet_gateway).provide(:midonet_api_caller) do - - def create - define_connection(resource[:midonet_api_url]) - # For each remote BGP peer, create a virtual port on - # the MidoNet Provider Router that is going to be used - # for the BGP communication. Connection to midonet api - # is assumed - - router_id = call_get_provider_router()[0]['id'] - - message = Hash.new - message['portAddress'] = resource[:bgp_port]["port_address"] - message['networkAddress'] = resource[:bgp_port]["net_prefix"] - message['networkLength'] = resource[:bgp_port]["net_length"].to_i - message['type'] = "Router" - - port = call_create_uplink_port(router_id, message) - port_id = port[0]['id'] - - # Configure BGP on the virtual ports. Port is - # assumed created - remote_peers = resource[:remote_peers] - if remote_peers.class == Hash - remote_peers = [remote_peers] - end - remote_peers.each do |rp| - message = Hash.new - message['localAS'] = resource[:local_as] - message['peerAS'] = rp["as"] - message['peerAddr'] = rp["ip"] - - call_add_bgp_to_port(port_id, message) - end - - # Add route for 'MidoNet Provider Router' uplink port - message = Hash.new - message['type'] = "Normal" - message['srcNetworkAddr'] = "0.0.0.0" - message['srcNetworkLength'] = 0 - message['dstNetworkAddr'] = resource[:bgp_port]["net_prefix"] - message['dstNetworkLength'] = resource[:bgp_port]["net_length"].to_i - message['weight'] = 100 - message['nextHopPort'] = port_id - - call_add_route_for_uplink_port(router_id, message) - - # In order to provide external connectivity for hosted - # virtual machines, the floating IP network has to be - # advertised to the BGP peers. BGP connection is assumed created - bgp_connections = call_get_bgp_connections(port_id) - - #TODO(carmela): make this modification more elegant... or whatever - advertise_networks = resource[:advertise_net] - if advertise_networks.class == Hash - advertise_networks = [advertise_networks] - end - bgp_connections.each do |bgp_c| - advertise_networks.each do |net| - message = Hash.new - message['nwPrefix'] = net["net_prefix"] - message['prefixLength'] = net["net_length"] - - bgp_id = bgp_c["id"] - call_advertise_route_to_bgp(bgp_id, message) - end - end - - # Bind the MidoNet Provider Router’s virtual ports to - # the physical network interfaces on the Gateway Nodes. - # Host and port are assumed created. Interface name should - # be an string - host_id = call_get_host()[0]['id'] - - message = Hash.new - message['interfaceName'] = resource[:interface] - message['portId'] = port_id - - call_bind_port_to_interface(host_id, message) - - # Configure a stateful port group - spg = call_get_stateful_port_group() - if spg.empty? - message = Hash.new - message['name'] = "uplink-spg" - message['stateful'] = "true" - message['tenantId'] = call_get_tenant() - - spg = call_create_stateful_port_group(message) - end - - # Add the ports to the port group - message = Hash.new - message['portId'] = port_id - - call_add_ports_to_port_group(spg[0]["id"], message) - end - - def destroy - define_connection(resource[:midonet_api_url]) - - router_id = call_get_provider_router()[0]['id'] - port_address = resource[:bgp_port]['port_address'] - - port = call_get_uplink_port(router_id, port_address) - port_id = port[0]["id"] - - # Delete the stateful port group - # TODO(carmela): delete only in case is the last port on the port group - # port_group_id = call_get_stateful_port_group()[0]['id'] - # call_delete_stateful_port_group(port_group_id) - - # Delete uplink port - call_delete_uplink_port(port_id) - end - - def exists? - define_connection(resource[:midonet_api_url]) - - router = call_get_provider_router() - if router.empty? - raise 'MidoNet Provider Router does not exist. We cannot create uplink ports' - end - - host = call_get_host() - if host.empty? - raise 'There is no MidoNet agent running on this host' - end - - uplink_port = call_get_uplink_port(router[0]['id'], resource[:bgp_port]['port_address']) - if uplink_port.empty? - return false - end - - return true - end - - def define_connection(url) - - @connection = Faraday.new(:url => url, - :ssl => { :verify =>false }) do |builder| - builder.request(:retry, { - :max => 5, - :interval => 0.05, - :exceptions => [ - Faraday::Error::TimeoutError, - Faraday::ConnectionFailed, - Errno::ETIMEDOUT, - 'Timeout::Error', - ], - }) - builder.request(:basic_auth, resource[:username], resource[:password]) - builder.adapter(:net_http) - end - - @connection.headers['X-Auth-Token'] = call_get_token() - end - - def call_get_token() - res = @connection.get do |req| - req.url "/midonet-api/login" - end - return JSON.parse(res.body)['key'] - end - - def call_get_tenant() - res = @connection.get do |req| - req.url "/midonet-api/tenants" - end - return JSON.parse(res.body)[0]['id'] - end - - def call_get_provider_router() - res = @connection.get do |req| - req.url "/midonet-api/routers" - end - output = JSON.parse(res.body) - return output.select { |name| name['name'] == resource[:router]} - end - - def call_get_stateful_port_group() - res = @connection.get do |req| - req.url "/midonet-api/port_groups" - end - output = JSON.parse(res.body) - return output.select { |name| name['name'] == 'uplink-spg'} - - end - - def call_get_uplink_port(router_id, port_address) - res = @connection.get do |req| - req.url "/midonet-api/routers/#{router_id}/ports" - end - output = JSON.parse(res.body) - return output.select { |port| port['portAddress'] == port_address } - - end - - def call_get_host() - res = @connection.get do |req| - req.url "/midonet-api/hosts" - end - output = JSON.parse(res.body) - return output.select{ |host| host['name'] == resource[:hostname].to_s } - end - - def call_create_uplink_port(router_id, message) - res = @connection.post do |req| - req.url "/midonet-api/routers/#{router_id}/ports" - req.headers['Content-Type'] = "application/vnd.org.midonet.Port-v2+json" - req.body = message.to_json - end - return call_get_uplink_port(router_id, message["portAddress"]) - end - - def call_delete_uplink_port(port_id) - res = @connection.delete do |req| - req.url "/midonet-api/ports/#{port_id}" - end - end - - def call_add_bgp_to_port(port_id, message) - res = @connection.post do |req| - req.url "/midonet-api/ports/#{port_id}/bgps" - req.headers['Content-Type'] = "application/vnd.org.midonet.Bgp-v1+json" - req.body = message.to_json - end - end - - def call_add_route_for_uplink_port(router_id, message) - res = @connection.post do |req| - req.url "/midonet-api/routers/#{router_id}/routes" - req.headers['Content-Type'] = "application/vnd.org.midonet.Route-v1+json" - req.body = message.to_json - end - end - - def call_get_bgp_connections(port_id) - res = @connection.get do |req| - req.url "/midonet-api/ports/#{port_id}/bgps" - end - output = JSON.parse(res.body) - return output - end - - def call_advertise_route_to_bgp(bgp_id, message) - res = @connection.post do |req| - req.url "/midonet-api/bgps/#{bgp_id}/ad_routes" - req.headers['Content-Type'] = "application/vnd.org.midonet.AdRoute-v1+json" - req.body = message.to_json - end - end - - def call_bind_port_to_interface(host_id, message) - res = @connection.post do |req| - req.url "/midonet-api/hosts/#{host_id}/ports" - req.headers['Content-Type'] = "application/vnd.org.midonet.HostInterfacePort-v1+json" - req.body = message.to_json - end - end - - def call_create_stateful_port_group(message) - res = @connection.post do |req| - req.url "/midonet-api/port_groups" - req.headers['Content-Type'] = "application/vnd.org.midonet.PortGroup-v1+json" - req.body = message.to_json - end - return call_get_stateful_port_group() - end - - def call_add_ports_to_port_group(port_group_id, message) - res = @connection.post do |req| - req.url "/midonet-api/port_groups/#{port_group_id}/ports" - req.headers['Content-Type'] = "application/vnd.org.midonet.PortGroupPort-v1+json" - req.body = message.to_json - end - end - - def call_delete_stateful_port_group(port_group_id) - res = @connection.delete do |req| - req.url "/midonet-api/port_groups/#{port_group_id}" - end - end - - private :call_add_bgp_to_port - :call_add_ports_to_port_group - :call_add_route_for_uplink_port - :call_advertise_route_to_bgp - :call_bind_port_to_interface - :call_create_stateful_port_group - :call_create_uplink_port - :call_delete_stateful_port_group - :call_delete_uplink_port - :call_get_bgp_connections - :call_get_host - :call_get_stateful_port_group - :call_get_provider_router - :call_get_tenant - :call_get_uplink_port - :define_connection -end diff --git a/midonet/lib/puppet/provider/midonet_host_registry/midonet_api_caller.rb b/midonet/lib/puppet/provider/midonet_host_registry/midonet_api_caller.rb deleted file mode 100644 index 21112e3c0..000000000 --- a/midonet/lib/puppet/provider/midonet_host_registry/midonet_api_caller.rb +++ /dev/null @@ -1,206 +0,0 @@ -if RUBY_VERSION == '1.8.7' - require 'rubygems' -end - -require 'uri' -require 'faraday' if Puppet.features.faraday? -require 'json' - -Puppet::Type.type(:midonet_host_registry).provide(:midonet_api_caller) do - - confine :feature => :faraday - - def create - define_connection(resource[:midonet_api_url]) - tz = call_get_tunnelzone() - if tz.empty? - # Tunnel zone does not exist. It should. Then - # create a tunnelzone with current values. Note - # the exists? applies at the host in a given - # tunnelzone, so it is fair to create a tunnelzone - message = Hash.new - message['name'] = resource[:tunnelzone_name] - message['type'] = resource[:tunnelzone_type] - tz = call_create_tunnelzone(message) - tz_id = tz[0]['id'] - else - tz_type = tz[0]['type'] - if tz_type != resource[:tunnelzone_type].to_s - raise "Tunnel zone already exists in type #{tz[0]['type']} whereas you are associating a host in a type #{resource[:tunnelzone_type]}" - else - tz_id = tz[0]['id'] - end - end - - host = call_get_host() - if host.empty? - raise 'Midonet agent does not run on the host you are trying to register' - else - host_id = host[0]['id'] - end - - host_id = host[0]['id'] - - message = Hash.new - message['hostId'] = "#{host_id}" - message['ipAddress'] = "#{resource[:underlay_ip_address]}" - - call_create_tunnelzone_host(tz_id, message) - end - - def destroy - define_connection(resource[:midonet_api_url]) - - tz = call_get_tunnelzone() - if tz.empty? - return - end - tz_id = tz[0]['id'] - - host = call_get_host() - if host.empty? - return - end - host_id = host[0]['id'] - - reg_host = call_get_tunnelzone_host(tz_id, host_id) - if reg_host.empty? - return - end - - # Delete host from tunnelzone - call_delete_tunnelzone_host(tz_id, host_id) - - # We can delete the tunnelzone if no host registered left - if call_get_tunnelzone_hosts(tz_id).empty? - call_delete_tunnelzone(tz_id) - end - - end - - def exists? - define_connection(resource[:midonet_api_url]) - - tz = call_get_tunnelzone() - if tz.empty? - return false - end - tz_id = tz[0]['id'] - - host = call_get_host() - if host.empty? - return false - end - host_id = host[0]['id'] - - reg_host = call_get_tunnelzone_host(tz_id, host_id) - if reg_host.empty? - return false - end - - return true - end - - def define_connection(url) - - @connection = Faraday.new(:url => url, - :ssl => { :verify =>false }) do |builder| - builder.request(:retry, { - :max => 5, - :interval => 0.05, - :exceptions => [ - Faraday::Error::TimeoutError, - Faraday::ConnectionFailed, - Errno::ETIMEDOUT, - 'Timeout::Error', - ], - }) - builder.request(:basic_auth, resource[:username], resource[:password]) - builder.adapter(:net_http) - end - - @connection.headers['X-Auth-Token'] = call_get_token() - end - - def call_get_token() - res = @connection.get do |req| - req.url "/midonet-api/login" - end - return JSON.parse(res.body)['key'] - end - - def call_get_tunnelzone() - res = @connection.get do |req| - req.url "/midonet-api/tunnel_zones" - end - - output = JSON.parse(res.body) - return output.select{ |tz| tz['name'] == resource[:tunnelzone_name].to_s } - end - - def call_get_host() - res = @connection.get do |req| - req.url "/midonet-api/hosts" - end - - output = JSON.parse(res.body) - return output.select{ |host| host['name'] == resource[:hostname].to_s } - end - - def call_create_tunnelzone(message) - - res = @connection.post do |req| - req.url "/midonet-api/tunnel_zones" - req.headers['Content-Type'] = "application/vnd.org.midonet.TunnelZone-v1+json" - req.body = message.to_json - end - - return call_get_tunnelzone() - - end - - def call_create_tunnelzone_host(tz_id, message) - - res = @connection.post do |req| - req.url "/midonet-api/tunnel_zones/#{tz_id}/hosts" - req.headers['Content-Type'] = "application/vnd.org.midonet.TunnelZoneHost-v1+json" - req.body = message.to_json - end - end - - def call_get_tunnelzone_hosts(tz_id) - res = @connection.get do |req| - req.url "/midonet-api/tunnel_zones/#{tz_id}/hosts" - end - - return JSON.parse(res.body) - end - - def call_get_tunnelzone_host(tz_id, host_id) - return call_get_tunnelzone_hosts(tz_id).select{ |host| host['id'] == host_id } - end - - - def call_delete_tunnelzone(tz_id) - res = @connection.delete do |req| - req.url "/midonet-api/tunnel_zones/#{tz_id}" - end - end - - def call_delete_tunnelzone_host(tz_id, host_id) - res = @connection.delete do |req| - req.url "/midonet-api/tunnel_zones/#{tz_id}/hosts/#{host_id}" - end - end - - private :call_create_tunnelzone, - :call_create_tunnelzone_host, - :call_delete_tunnelzone, - :call_delete_tunnelzone_host, - :call_get_host, - :call_get_tunnelzone, - :call_get_tunnelzone_host, - :call_get_tunnelzone_hosts, - :define_connection - -end diff --git a/midonet/lib/puppet/type/midonet_client_conf.rb b/midonet/lib/puppet/type/midonet_client_conf.rb deleted file mode 100644 index c6f081add..000000000 --- a/midonet/lib/puppet/type/midonet_client_conf.rb +++ /dev/null @@ -1,29 +0,0 @@ -Puppet::Type.newtype(:midonet_client_conf) do - - ensurable - - newparam(:name, :namevar => true) do - desc 'Section/setting name to manage from .midonetrc' - newvalues(/\S+\/\S+/) - end - - autorequire(:package) do ['python-midonetclient'] end - - newproperty(:value) do - desc 'The value of the setting to be defined.' - munge do |value| - value = value.to_s.strip - value.capitalize! if value =~ /^(true|false)$/i - value - end - - def is_to_s( currentvalue ) - return currentvalue - end - - def should_to_s( newvalue ) - return newvalue - end - end - -end diff --git a/midonet/lib/puppet/type/midonet_gateway.rb b/midonet/lib/puppet/type/midonet_gateway.rb deleted file mode 100644 index 199564f24..000000000 --- a/midonet/lib/puppet/type/midonet_gateway.rb +++ /dev/null @@ -1,159 +0,0 @@ -require 'uri' -require 'facter' - -Puppet::Type.newtype(:midonet_gateway) do - @doc = %q{BGP Uplink Configuration - - Example: - - midonet_gateway {'hostname': - midonet_api_url => 'http://controller:8080', - username => 'admin', - password => 'admin', - tenant_name => 'admin', - interface => 'eth1', - local_as => '64512', - bgp_port => { 'port_address' => '198.51.100.2', 'net_prefix' => '198.51.100.0', 'net_length' => '30'}, - remote_peers => [ { 'as' => '64513', 'ip' => '198.51.100.1' }, - { 'as' => '64513', 'ip' => '203.0.113.1' } ], - advertise_net => [ { 'net_prefix' => '192.0.2.0', 'net_length' => '24' } ] - } - } - - ensurable - - autorequire(:package) do ['midolman'] end - - newparam(:hostname, :namevar => true) do - desc 'Hostname of the host that will act as gateway in a MidoNet managed cloud' - # Regex obtained from StackOverflow question: - # http://stackoverflow.com/questions/1418423/the-hostname-regex - validate do |value| - unless value =~ /^(?=.{1,255}$)[0-9A-Za-z](?:(?:[0-9A-Za-z]|-){0,61}[0-9A-Za-z])?(?:\.[0-9A-Za-z](?:(?:[0-9A-Za-z]|-){0,61}[0-9A-Za-z])?)*\.?$/ - raise ArgumentError, "'%s' is not a valid hostname" % value - end - end - end - - newparam(:midonet_api_url) do - desc 'MidoNet API endpoint to connect to' - validate do |value| - unless value =~ /\A#{URI::regexp(['http', 'https'])}\z/ - raise ArgumentError, "'%s' is not a valid URI" % value - end - end - end - - newparam(:username) do - desc 'Username of the admin user in keystone' - defaultto 'admin' - validate do |value| - unless value =~ /\w+$/ - raise ArgumentError, "'%s' is not a valid username" % value - end - end - end - - newparam(:password) do - desc 'Password of the admin user in keystone' - defaultto 'admin' - validate do |value| - unless value =~ /\w+$/ - raise ArgumentError, "'%s' is not a valid password" % value - end - end - end - - newparam(:tenant_name) do - desc 'Tenant name of the admin user' - defaultto 'admin' - validate do |value| - unless value =~ /\w+$/ - raise ArgumentError, "'%s' is not a tenant name" % value - end - end - end - - newparam(:interface) do - desc "Physical interface where the MidoNet Provider Router's port is binded to" - defaultto 'eth0' - validate do |value| - unless value =~ /\w+$/ - raise ArgumentError, "'%s' is not a valid interface" % value - end - end - end - - newparam(:local_as) do - desc "Local AS number" - validate do |value| - unless value =~ /\d+/ - raise ArgumentError, "'%s' is not a valid AS" % value - end - end - end - - newparam(:remote_peers) do - desc "#to be filled" - defaultto [] - validate do |value| - if value.class == Hash - value = [value] - end - value.each do |rp| - unless rp["as"] =~ /\d+/ - raise ArgumentError, "'%s' is not a valid AS name" % rp["as"] - end - unless rp["ip"] =~ /^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])$/ - raise ArgumentError, "'%s' is not a valid IP address" % rp["ip"] - end - end - end - end - - newparam(:bgp_port) do - desc "#to be filled" - validate do |value| - [:port_address, :net_prefix, :net_length].all? {|key| value.key? key} - unless value["port_address"] =~ /^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])$/ - raise ArgumentError, "'%s' is not a valid IP address" % value["port_address"] - end - unless value["net_prefix"] =~ /^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])$/ - raise ArgumentError, "'%s' is not a valid IPv4 network address" % value["net_prefix"] - end - unless value["net_length"] =~ /\d{2}/ - raise ArgumentError, "'%s' is not a valid network prefix length" % value["net_length"] - end - end - end - - newparam(:router) do - desc "The MidoNet's internal Provider router that acts as the gateway router of the cloud" - defaultto 'MidoNet Provider Router' - validate do |value| - unless value =~ /\w+$/ - raise ArgumentError, "'%s' is not a valid router name" % value - end - end - end - - newparam(:advertise_net) do - desc 'Floating IP network to be avertised to the BGP peers' - defaultto [] - validate do |value| - if value.class == Hash - value = [value] - end - value.each do |an| - unless an["net_prefix"] =~ /^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])$/ - raise ArgumentError, "'%s' is not a valid IPv4 network address" % an["net_prefix"] - end - unless an["net_length"] =~ /\d{2}/ - raise ArgumentError, "'%s' is not a valid network prefix length" % an["net_length"] - end - end - end - end - -end - diff --git a/midonet/lib/puppet/type/midonet_host_registry.rb b/midonet/lib/puppet/type/midonet_host_registry.rb deleted file mode 100644 index 11554ccca..000000000 --- a/midonet/lib/puppet/type/midonet_host_registry.rb +++ /dev/null @@ -1,95 +0,0 @@ -require 'uri' -require 'facter' - -Puppet::Type.newtype(:midonet_host_registry) do - @doc = %q{Register a Host to a MidoNet tunnel zone - through the MidoNet API - - Example: - - midonet_host_registry {'hostname': - $midonet_api_url => 'http://controller:8080', - $username => 'admin', - $password => 'admin', - $underlay_ip_address => '123.23.43.2' - } - } - ensurable - - newparam(:hostname, :namevar => true) do - desc 'Hostname of the host that wants to register in MidoNet cloud' - # Regex obtained from StackOverflow question: - # http://stackoverflow.com/questions/1418423/the-hostname-regex - validate do |value| - unless value =~ /^(?=.{1,255}$)[0-9A-Za-z](?:(?:[0-9A-Za-z]|-){0,61}[0-9A-Za-z])?(?:\.[0-9A-Za-z](?:(?:[0-9A-Za-z]|-){0,61}[0-9A-Za-z])?)*\.?$/ - raise ArgumentError, "'%s' is not a valid hostname" % value - end - end - end - - newparam(:tunnelzone_name) do - desc 'Name of the tunnelzone. If it does not exist, it creates one' - defaultto :'tzone0' - validate do |value| - unless value =~ /\w+/ - raise ArgumentError, "'%s' is not a valid tunnelzone name" % value - end - end - end - - newparam(:tunnelzone_type) do - desc 'Network technology to use when creating the tunnel' - defaultto 'gre' - newvalues('gre', 'vxlan') - end - - newparam(:midonet_api_url) do - desc 'MidoNet API endpoint to connect to' - validate do |value| - unless value =~ /\A#{URI::regexp(['http', 'https'])}\z/ - raise ArgumentError, "'%s' is not a valid URI" % value - end - end - end - - newparam(:username) do - desc 'Username of the admin user in keystone' - validate do |value| - unless value =~ /\w+/ - raise ArgumentError, "'%s' is not a valid username" % value - end - end - end - - newparam(:password) do - desc 'Password of the admin user in keystone' - validate do |value| - unless value =~ /\w+/ - raise ArgumentError, "'%s' is not a valid password" % value - end - end - end - - newparam(:tenant_name) do - desc 'Tenant name of the admin user' - defaultto :'admin' - validate do |value| - unless value =~ /\w+/ - raise ArgumentError, "'%s' is not a tenant name" % value - end - end - end - - newparam(:underlay_ip_address) do - desc "IP address that will be used to as the underlay layer to - create the tunnels. It will take the fact $ipaddress by - default" - defaultto Facter['ipaddress'].value - validate do |value| - unless value =~ /^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])$/ - raise ArgumentError, "'%s' is not a valid IPv4 address" % value - end - end - end - -end diff --git a/midonet/manifests/cassandra.pp b/midonet/manifests/cassandra.pp deleted file mode 100644 index 5302c5441..000000000 --- a/midonet/manifests/cassandra.pp +++ /dev/null @@ -1,130 +0,0 @@ -# == Class: ::midonet::cassandra -# -# Install and run the cassandra component -# -# === Parameters -# -# [*seeds*] -# Full list of cassandra seeds that belong to a cluster. -# [*seed_address*] -# IP address to bind for this instance. (Must belong to the -# seeders list. -# [*storage_port*] -# Inter-node cluster communication port (defaulted to 7000). -# [*ssl_storage_port*] -# SSL Inter-node cluster communication port (defaulted to 7001). -# [*client_port*] -# Cassandra client port (defaulted to 9042). -# [*client_port_thrift*] -# Cassandra client port thrift (defaulted to 9160). -# -# -# === Examples -# -# * The easiest way to run the class is: -# -# include ::cassandra -# -# And a cassandra single-machine cluster will be installed, binding the -# 'localhost' address. -# -# * Run a single-machine cluster but binding a hostname or another address -# would be: -# -# class {'::midonet::cassandra': -# seeds => ['192.168.2.2'], -# seed_address => '192.168.2.2', -# storage_port => 7000, -# ssl_storage_port => 7001, -# client_port => 9042, -# client_port_thrift => 9042, -# } -# -# * All the ports must be configured the same in all the nodes in the cluster. -# -# * For cluster of nodes, use the same 'seeds' value, but change the -# seed_address of each node: -# -# - On node1 -# class {'::midonet::cassandra': -# seeds => ['node_1', 'node_2', 'node_3'], -# seed_address => 'node_1' -# storage_port => 7000, -# ssl_storage_port => 7001, -# client_port => 9042, -# client_port_thrift => 9042, -# } -# - On node2 -# class {'::midonet::cassandra': -# seeds => ['node_1', 'node_2', 'node_3'], -# seed_address => 'node_2' -# storage_port => 7000, -# ssl_storage_port => 7001, -# client_port => 9042, -# client_port_thrift => 9042, -# } -# - On node3 -# class {'::midonet::cassandra': -# seeds => ['node_1', 'node_2', 'node_3'], -# seed_address => 'node_3' -# storage_port => 7000, -# ssl_storage_port => 7001, -# client_port => 9042, -# client_port_thrift => 9042, -# } -# -# NOTE: node_X can be either hostnames or ip addresses -# You can alternatively use the Hiera.yaml style: -# -# ::midonet::cassandra::seeds: -# - node_1 -# - node_2 -# - node_3 -# ::midonet::cassandra::seed_address: 'node_1' -# -# === Authors -# -# Midonet (http://midonet.org) -# -# === Copyright -# -# Copyright (c) 2015 Midokura SARL, All Rights Reserved. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -class midonet::cassandra ( - $seeds, - $seed_address, - $storage_port = '7000', - $ssl_storage_port = '7001', - $client_port = '9042', - $client_port_thrift = '9160', - $conf_dir, - $pid_dir, - $service_path) -{ - - class {'::cassandra': - seeds => $seeds, - seed_address => $seed_address, - storage_port => $storage_port, - ssl_storage_port => $ssl_storage_port, - client_port => $client_port, - client_port_thrift => $client_port_thrift, - conf_dir => $conf_dir, - pid_dir => $pid_dir, - service_path => $service_path - } - -} diff --git a/midonet/manifests/init.pp b/midonet/manifests/init.pp deleted file mode 100644 index 242caea1b..000000000 --- a/midonet/manifests/init.pp +++ /dev/null @@ -1,100 +0,0 @@ -# == Class: midonet -# -# Install all the midonet modules in a single machine with all -# the default parameters. -# -# == Examples -# -# The only way to call this class is using the include reserved word: -# -# include midonet -# -# To more advanced usage of the midonet puppet module, check out the -# documentation for the midonet's modules: -# -# - midonet::repository -# - midonet::cassandra -# - midonet::zookeeper -# - midonet::midonet_agent -# - midonet::midonet_api -# - midonet::midonet_cli -# - midonet::neutron_plugin -# -# === Authors -# -# Midonet (http://midonet.org) -# -# === Copyright -# -# Copyright (c) 2015 Midokura SARL, All Rights Reserved. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -class midonet { - - # Add zookeeper - class {'::midonet::zookeeper': } - - # Add cassandra - class {'::midonet::cassandra': } - - # Add midonet-agent - class { 'midonet::midonet_agent': - zk_servers => [{ - 'ip' => $::ipaddress} - ], - require => [Class['::midonet::cassandra'], Class['::midonet::zookeeper']] - } - - # Add midonet-api - class {'midonet::midonet_api': - zk_servers => [{'ip' => $::ipaddress}] - } - - # Add midonet-cli - class {'midonet::midonet_cli':} - -# TODO(carmela): This workaround has been added in order to be able to handle -# dependencies on the custom providers. Currently there's no official faraday -# package for RHEL-based. We are working on getting it included in EPEL repos. -# Detailed info: https://midonet.atlassian.net/browse/PUP-30 - - if ! defined(Package["hiera('midonet::faraday', 'ruby-faraday')"]) { - if $::osfamily == 'RedHat' { - package { "hiera('midonet::multipart', 'rubygem-multipart-post')": - ensure => present, - source => "hiera('midonet::multipart_post_url'" - } -> - package { "hiera('midonet::faraday', 'ruby-faraday')": - ensure => present, - source => "hiera('midonet::faraday_url')" - } - } - else { - package { 'ruby-faraday': - ensure => present, - before => Midonet_host_registry[$::hostname] - } - } - } - - - # Register the host - midonet_host_registry { $::hostname: - ensure => present, - midonet_api_url => 'http://127.0.0.1:8080', - username => 'admin', - password => 'admin', - require => Class['midonet::midonet_agent'] - } -} diff --git a/midonet/manifests/midonet_agent.pp b/midonet/manifests/midonet_agent.pp deleted file mode 100644 index 98794879d..000000000 --- a/midonet/manifests/midonet_agent.pp +++ /dev/null @@ -1,75 +0,0 @@ -# == Class: midonet::midonet_agent -# -# Install and run midonet_agent -# -# === Parameters -# -# [*zk_servers*] -# List of hash [{ip, port}] Zookeeper instances that run in cluster. -# [*cassandra_seeds] -# List of [ip] cassandra instances that run in cluster. -# -# === Examples -# -# The easiest way to run the class is: -# -# include midonet::midonet_agent -# -# This call assumes that there is a zookeeper instance and a cassandra instance -# running in the target machine, and will configure the midonet-agent to -# connect to them. -# -# This is a quite naive deployment, just for demo purposes. A more realistic one -# would be: -# -# class {'midonet::midonet_agent': -# zk_servers => [{'ip' => 'host1', -# 'port' => '2183'}, -# {'ip' => 'host2'}], -# cassandra_seeds => ['host1', 'host2', 'host3'] -# } -# -# Please note that Zookeeper port is not mandatory and defaulted to 2181 -# -# You can alternatively use the Hiera.yaml style: -# -# midonet::midonet_agent::zk_servers: -# - ip: 'host1' -# port: 2183 -# - ip: 'host2' -# midonet::midonet_agent::cassandra_seeds: -# - 'host1' -# - 'host2' -# - 'host3' -# -# === Authors -# -# Midonet (http://midonet.org) -# -# === Copyright -# -# Copyright (c) 2015 Midokura SARL, All Rights Reserved. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -class midonet::midonet_agent($zk_servers, $cassandra_seeds) { - - class {'midonet::midonet_agent::install': - } - - class {'midonet::midonet_agent::run': - zk_servers => $zk_servers, - cs_seeds => $cassandra_seeds - } -} diff --git a/midonet/manifests/midonet_agent/install.pp b/midonet/manifests/midonet_agent/install.pp deleted file mode 100644 index 92ac5a276..000000000 --- a/midonet/manifests/midonet_agent/install.pp +++ /dev/null @@ -1,42 +0,0 @@ -# == Class: midonet::midonet_agent::install -# Check out the midonet::midonet-agent class for a full understanding of -# how to use the midonet_agent resource -# -# === Authors -# -# Midonet (http://midonet.org) -# -# === Copyright -# -# Copyright (c) 2015 Midokura SARL, All Rights Reserved. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -class midonet::midonet_agent::install ( - $install_java = true -) { - - if ($install_java == true) { - if ! defined(Class['java']) { - class { 'java': - distribution => 'jre', - } - } - } - - package {'midolman': - ensure => present, - } - -} - diff --git a/midonet/manifests/midonet_agent/run.pp b/midonet/manifests/midonet_agent/run.pp deleted file mode 100644 index 8823a9dcd..000000000 --- a/midonet/manifests/midonet_agent/run.pp +++ /dev/null @@ -1,38 +0,0 @@ -# == Class: midonet::midonet_agent::run -# Check out the midonet::midonet_agent class for a full understanding of -# how to use the midonet_agent resource -# -# === Authors -# -# Midonet (http://midonet.org) -# -# === Copyright -# -# Copyright (c) 2015 Midokura SARL, All Rights Reserved. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -class midonet::midonet_agent::run ( - $zk_servers, - $cs_seeds) { - - file {'/etc/midolman/midolman.conf': - ensure => present, - content => template('midonet/midonet-agent/midolman.conf.erb'), - require => Package['midolman'] - } ~> - - service {'midolman': - ensure => running - } -} diff --git a/midonet/manifests/midonet_api.pp b/midonet/manifests/midonet_api.pp deleted file mode 100644 index 86a5368e6..000000000 --- a/midonet/manifests/midonet_api.pp +++ /dev/null @@ -1,125 +0,0 @@ -# == Class: midonet::midonet_api -# -# Install and run midonet_api -# -# === Parameters -# -# [*zk_servers*] -# List of hash [{ip, port}] Zookeeper instances that run in cluster. -# [*keystone_auth*] -# Whether to authenticate the API request through a Keystone service. Default: -# false. -# [*vtep*] -# Whether to enable the vtep service endpoint. Default: false -# [*tomcat_package*] -# The name of the tomcat package to install. The module already inserts a -# value depending on the distribution used. Don't override it unless you know -# what you are doing. -# [*bind_address*] -# Let choose the address to bind instead of all of them -# [*api_ip*] -# Exposed IP address. By default, it exposes the first internet address that -# founds in the host. -# [*api_port*] -# TCP listening port. By default, 8080 -# [*keystone_host*] -# Keystone service endpoint IP. Not used if keystone_auth is false. -# [*keystone_port*] -# Keystone service endpoint port. Not used if keystone_auth is false. -# [*keystone_admin_token*] -# Keystone admin token. Not used if keystone_auth is false. -# [*keystone_tenant_name*] -# Keystone tenant name. 'admin' by default. Not used if keystone_auth is false. -# -# === Examples -# -# The easiest way to run this class is: -# -# include midonet::midonet_api -# -# This call assumes that there is a zookeeper running in the target host and the -# module will spawn a midonet_api without keystone authentication. -# -# This is a quite naive deployment, just for demo purposes. A more realistic one -# would be: -# -# class {'midonet::midonet_api': -# zk_servers => [{'ip' => 'host1', -# 'port' => '2183'}, -# {'ip' => 'host2'}], -# keystone_auth => true, -# vtep => true, -# api_ip => '92.234.12.4', -# keystone_host => '92.234.12.9', -# keystone_port => 35357 (35357 is already the default) -# keystone_admin_token => 'arrakis', -# keystone_tenant_name => 'other-than-admin' ('admin' by default) -# } -# -# You can alternatively use the Hiera.yaml style: -# -# midonet::midonet_api::zk_servers: -# - ip: 'host1' -# port: 2183 -# - ip: 'host2' -# midonet::midonet_api::vtep: true -# midonet::midonet_api::keystone_auth: true -# midonet::midonet_api::api_ip: '92.234.12.4' -# midonet::midonet_api::keystone_host: '92.234.12.9' -# midonet::midonet_api::keystone_port: 35357 -# midonet::midonet_api::keystone_admin_token: 'arrakis' -# midonet::midonet_api::keystone_tenant_name: 'admin' -# -# Please note that Zookeeper port is not mandatory and defaulted to 2181. -# -# === Authors -# -# Midonet (http://midonet.org) -# -# === Copyright -# -# Copyright (c) 2015 Midokura SARL, All Rights Reserved. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -class midonet::midonet_api( - $zk_servers, - $keystone_auth, - $vtep, - $tomcat_package, - $keystone_host=$::ipaddress, - $keystone_port=35357, - $keystone_admin_token=undef, - $keystone_tenant_name='admin', - $api_ip=$::ipaddress, - $api_port='8080', - $bind_address='0.0.0.0', - $catalina_base) { - - class {'midonet::midonet_api::install': } - - class {'midonet::midonet_api::run': - zk_servers => $zk_servers, - keystone_auth => $keystone_auth, - tomcat_package => $tomcat_package, - vtep => $vtep, - api_ip => $api_ip, - api_port => $api_port, - keystone_host => $keystone_host, - keystone_port => $keystone_port, - keystone_admin_token => $keystone_admin_token, - keystone_tenant_name => $keystone_tenant_name, - catalina_base => $catalina_base, - bind_address => $bind_address - } -} diff --git a/midonet/manifests/midonet_api/augeas.pp b/midonet/manifests/midonet_api/augeas.pp deleted file mode 100644 index d1d220db8..000000000 --- a/midonet/manifests/midonet_api/augeas.pp +++ /dev/null @@ -1,29 +0,0 @@ -# == Class: midonet::midonet_api::augeas -# -# Make sure augeas is installed before install tomcat - -class midonet::midonet_api::augeas { - - case $::osfamily { - 'Debian': { - package {'libaugeas-ruby': - ensure => present - } - } - 'RedHat': { - package {'deltarpm': - ensure => present - } -> - package {'augeas': - ensure => present - } -> - package {'augeas-devel': - ensure => present - } -> - exec {'/usr/bin/gem install ruby-augeas': } - } - default: { - fail('Operating System not supported by this module') - } - } -} diff --git a/midonet/manifests/midonet_api/install.pp b/midonet/manifests/midonet_api/install.pp deleted file mode 100644 index aa9ce8d4b..000000000 --- a/midonet/manifests/midonet_api/install.pp +++ /dev/null @@ -1,53 +0,0 @@ -# == Class: midonet::midonet_api::install -# Check out the midonet::midonet_api class for a full understanding of -# how to use the midonet_api resource -# -# === Authors -# -# Midonet (http://midonet.org) -# -# === Copyright -# -# Copyright (c) 2015 Midokura SARL, All Rights Reserved. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -class midonet::midonet_api::install ( - $install_java = true, - $manage_app_server = true -) { - - require midonet::midonet_api::augeas - - if ($manage_app_server == true) { - if ($install_java == true) { - if ! defined(Class['java']) { - class { 'java': - distribution => 'jre', - } -> - - class { 'tomcat': - install_from_source => false, - } - } else { - class { 'tomcat': - install_from_source => false, - } - } - } - } - - package {'midonet-api': - ensure => present, - } -} diff --git a/midonet/manifests/midonet_api/run.pp b/midonet/manifests/midonet_api/run.pp deleted file mode 100644 index eb094125c..000000000 --- a/midonet/manifests/midonet_api/run.pp +++ /dev/null @@ -1,81 +0,0 @@ -# == Class: midonet::midonet_api::run -# Check out the midonet::midonet_api class for a full understanding of -# how to use the midonet_api resource -# -# === Authors -# -# Midonet (http://midonet.org) -# -# === Copyright -# -# Copyright (c) 2015 Midokura SARL, All Rights Reserved. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -class midonet::midonet_api::run ( - $zk_servers, - $keystone_auth, - $vtep, - $tomcat_package, - $api_ip, - $api_port, - $keystone_host, - $keystone_port, - $keystone_admin_token, - $keystone_tenant_name, - $catalina_base, - $bind_address -) { - - tomcat::instance{'midonet-api': - package_name => $tomcat_package, - } -> - - tomcat::config::server::connector {'HTTP/1.1': - port => $api_port, - catalina_base => $catalina_base, - connector_ensure => 'present', - additional_attributes => { - 'address' => $bind_address, - 'connectionTimeout' => '20000', - 'URIEncoding' => 'UTF-8', - 'redirectPort' => '8443', - 'maxHttpHeaderSize' => '65536' - }, - require => Tomcat::Instance['midonet-api'], - notify => Service[$tomcat_package] - } - - file {"/etc/${tomcat_package}/Catalina/localhost/midonet-api.xml": - ensure => present, - source => 'puppet:///modules/midonet/midonet-api/midonet-api.xml', - owner => 'root', - group => 'root', - require => Tomcat::Instance['midonet-api'], - notify => Service[$tomcat_package] - } - - file {'/usr/share/midonet-api/WEB-INF/web.xml': - ensure => present, - content => template('midonet/midonet-api/web.xml.erb'), - require => Package['midonet-api'], - notify => Service[$tomcat_package] - } - - service {$tomcat_package: - ensure => running, - enable => true, - require => [File['/usr/share/midonet-api/WEB-INF/web.xml'], - Tomcat::Config::Server::Connector['HTTP/1.1']] - } -} diff --git a/midonet/manifests/midonet_cli.pp b/midonet/manifests/midonet_cli.pp deleted file mode 100644 index 6a3c889f0..000000000 --- a/midonet/manifests/midonet_cli.pp +++ /dev/null @@ -1,51 +0,0 @@ -# == Class: midonet::midonet_cli -# -# Install midonet_cli -# -# === Parameters -# -# No parameters -# -# === Examples -# -# Just declare the class and the package will be installed -# -# === Authors -# -# Midonet (http://midonet.org) -# -# === Copyright -# -# Copyright (c) 2015 Midokura SARL, All Rights Reserved. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -class midonet::midonet_cli( - $api_endpoint='http://127.0.0.1:8080/midonet-api', - $username='admin', - $password='admin', - $tenant_name='admin', -) { - - package {'python-midonetclient': - ensure => present, - } - - midonet_client_conf { - 'cli/api_url': value => $api_endpoint; - 'cli/username': value => $username; - 'cli/password': value => $password; - 'cli/project_id': value => $tenant_name; - } - -} diff --git a/midonet/manifests/neutron_plugin.pp b/midonet/manifests/neutron_plugin.pp deleted file mode 100644 index 67a91a5fd..000000000 --- a/midonet/manifests/neutron_plugin.pp +++ /dev/null @@ -1,91 +0,0 @@ -# == Class: midonet::neutron_plugin -# -# Install and configure Midonet Neutron Plugin. Please note that manifest does -# install Neutron (because it is a requirement of -# 'python-neutron-plugin-midonet' package) but it does not configure it nor run -# it. It just configure the specific midonet plugin files. It is supposed to be -# deployed along any existing puppet module that configures Neutron, such as -# puppetlabs/neutron -# -# === Parameters -# -# [*midonet_api_ip*] -# IP address of the midonet api service -# [*midonet_api_port*] -# port address of the midonet api service -# [*keystone_username*] -# Username from which midonet api will authenticate against Keystone (use -# neutron service username) -# [*keystone_password*] -# Password from which midonet api will authenticate against Keystone (use -# neutron service password) -# [*keystone_tenant*] -# Tenant from which midonet api will authenticate against Keystone (use -# neutron service tenant) -# [*sync_db*] -# Whether 'midonet-db-manage' should run to create and/or syncrhonize the database -# with MidoNet specific tables. Defaults to false -# -# === Examples -# -# An example call would be: -# -# class {'midonet::neutron_plugin': -# midonet_api_ip => '23.123.5.32', -# midonet_api_port => '8080', -# keystone_username => 'neutron', -# keystone_password => '32kjaxT0k3na', -# keystone_tenant => 'services', -# sync_db => true -# } -# -# You can alternatively use the Hiera's yaml style: -# midonet::neutron_plugin::midonet_api_ip: '23.213.5.32' -# midonet::neutron_plugin::port: '8080' -# midonet::neutron_plugin::keystone_username: 'neutron' -# midonet::neutron_plugin::keystone_password: '32.kjaxT0k3na' -# midonet::neutron_plugin::keystone_tenant: 'services' -# midonet::neutron_plugin::sync_db: true -# -# === Authors -# -# Midonet (http://midonet.org) -# -# === Copyright -# -# Copyright (c) 2015 Midokura SARL, All Rights Reserved. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -class midonet::neutron_plugin ( - $midonet_api_ip = '127.0.0.1', - $midonet_api_port = '8080', - $keystone_username = 'neutron', - $keystone_password = undef, - $keystone_tenant = 'services', - $sync_db = false - ) { - - package {'python-neutron-plugin-midonet': - ensure => present, - } -> - - class {'neutron::plugins::midonet': - midonet_api_ip => $midonet_api_ip, - midonet_api_port => $midonet_api_port, - keystone_username => $keystone_username, - keystone_password => $keystone_password, - keystone_tenant => $keystone_tenant, - sync_db => $sync_db - } -} diff --git a/midonet/manifests/repository.pp b/midonet/manifests/repository.pp deleted file mode 100644 index c5a645b7d..000000000 --- a/midonet/manifests/repository.pp +++ /dev/null @@ -1,133 +0,0 @@ -# == Class: midonet::repository -# -# Prepare the midonet repositories to install packages. -# -# === Parameters -# -# [*midonet_repo*] -# Midonet Repository URL location. Please note the version -# of midonet use to be part of that URL. -# Ex: 'http://repo.midonet.org/midonet/v2014.11' -# [*midonet_openstack_repo*] -# Midonet Repository URL for the Midonet Neutron Plugin. The version use to -# be part of the URL. The package avaiable in this repo (the midonet plugin) -# is released along each OpenStack release (Icehouse, Juno, Kilo...) , not -# the Midonet OSS release. This is why Midonet maintains different repos. -# Ex: 'http://repo.midonet.org/openstack'. -# [*midonet_thirdparty_repo*] -# Third party software pinned for Midonet stability URL. -# Ex: 'http://repo.midonet.org/misc'. -# [*midonet_release*] -# Stage of the package. It can be 'stable', 'testing' or 'unstable'. -# Stable by default. -# [*midoney_key_url*] -# Midonet Key URL path. -# [*midonet_key*] -# Midonet GPG key for validate packages. Only override it if you use a -# different fork of Midonet. -# [*manage_distro_repo*} -# Choose whether or not to manage the distros' OpenStack repositories (e.g. RDO). -# Defaults to true -# [*manage_epel_repo*] -# Choose whether or not to manage EPEL under CentOS. -# Defaults to true -# === Examples -# -# The easiest way to run the class is: -# -# include midonet::repository -# -# And puppet will configure the system to use the latest stable version -# of MidoNet OSS. -# -# To install other releases than the last default's Midonet OSS, you can -# override the default's midonet_repository atributes by a resource-like -# declaration: -# -# class { 'midonet::repository': -# midonet_repo => 'http://repo.midonet.org/midonet/v2014.11', -# midonet_openstack_repo => 'http://repo.midonet.org/openstack', -# midonet_thirdparty_repo => 'http://repo.midonet.org/misc', -# midonet_key => '50F18FCF', -# midonet_stage => 'stable', -# midonet_key_url => 'http://repo.midonet.org/packages.midokura.key', -# manage_distro_repo => true, -# manage_epel_repo => true, -# openstack_release => 'juno' -# } -# -# or use a YAML file using the same attributes, accessible from Hiera: -# -# midonet::repository::midonet_repo: 'http://repo.midonet.org/midonet/v2014.11' -# midonet::repository::midonet_openstack_repo: 'http://repo.midonet.org/openstack' -# midonet::repository::midonet_thirdparty_repo: 'http://repo.midonet.org/misc' -# midonet::repository::midonet_key: '50F18FCF' -# midonet::repository::midonet_stage: 'stable' -# midonet::repository::midonet_key_url: 'http://repo.midonet.org/packages.midokura.key' -# midonet::repository::midonet_distro_repo: true -# midonet::repository::midonet_epel_repo: true -# midonet::repository::openstack_release: 'juno' -# -# -# === Authors -# -# Midonet (http://midonet.org) -# -# === Copyright -# -# Copyright (c) 2015 Midokura SARL, All Rights Reserved. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -class midonet::repository ( - $midonet_repo, - $midonet_openstack_repo, - $midonet_thirdparty_repo, - $midonet_stage, - $midonet_key_url, - $midonet_key=unset, - $manage_distro_repo=true, - $manage_epel_repo=true, - $openstack_release,) { - - case $::osfamily { - 'Debian': { - class {'midonet::repository::ubuntu': - midonet_repo => $midonet_repo, - midonet_openstack_repo => $midonet_openstack_repo, - midonet_thirdparty_repo => $midonet_thirdparty_repo, - midonet_stage => $midonet_stage, - midonet_key_url => $midonet_key_url, - midonet_key => $midonet_key, - openstack_release => $openstack_release - } - } - - 'RedHat': { - class {'midonet::repository::centos': - midonet_repo => $midonet_repo, - midonet_openstack_repo => $midonet_openstack_repo, - midonet_thirdparty_repo => $midonet_thirdparty_repo, - midonet_stage => $midonet_stage, - midonet_key_url => $midonet_key_url, - manage_distro_repo => $manage_distro_repo, - manage_epel_repo => $manage_epel_repo, - openstack_release => $openstack_release - } - } - - default: { - fail('Operating System not supported by this module') - } - } -} diff --git a/midonet/manifests/repository/centos.pp b/midonet/manifests/repository/centos.pp deleted file mode 100644 index da1d103db..000000000 --- a/midonet/manifests/repository/centos.pp +++ /dev/null @@ -1,84 +0,0 @@ -# == Class: midonet::repository::centos -# NOTE: don't use this class, use midonet::repository(::init) instead -# -# === Authors -# -# Midonet (http://midonet.org) -# -# === Copyright -# -# Copyright (c) 2015 Midokura SARL, All Rights Reserved. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -class midonet::repository::centos ( - $midonet_repo, - $midonet_openstack_repo, - $midonet_thirdparty_repo, - $midonet_stage, - $midonet_key_url, - $manage_distro_repo, - $manage_epel_repo, - $openstack_release) - { - # Adding repository for CentOS - notice('Adding midonet sources for RedHat-like distribution') - if ($::operatingsystemmajrelease == 6 or - $::operatingsystemmajrelease == 7) { - - yumrepo { 'midonet': - baseurl => "${midonet_repo}/${::operatingsystemmajrelease}/${midonet_stage}", - descr => 'Midonet base repo', - enabled => 1, - gpgcheck => 1, - gpgkey => $midonet_key_url, - timeout => 60 - } - - yumrepo { 'midonet-openstack-integration': - baseurl => "${midonet_openstack_repo}/${::operatingsystemmajrelease}/${midonet_stage}", - descr => 'Midonet OS plugin repo', - enabled => 1, - gpgcheck => 1, - gpgkey => $midonet_key_url, - timeout => 60 - } - - if $manage_epel_repo == true { - package { 'epel-release': - ensure => installed - } - } - - if $manage_distro_repo == true { - package { 'rdo-release': - ensure => installed, - source => "https://repos.fedorapeople.org/repos/openstack/openstack-${openstack_release}/rdo-release-${openstack_release}.rpm", - provider => 'rpm' - } - } - - exec {'update-midonet-repos': - command => '/usr/bin/yum clean all && /usr/bin/yum makecache' - } - - Yumrepo<| |> -> Exec<| command == 'update-midonet-repos' |> - Package<| |> -> Exec<| command == 'update-midonet-repos' |> - } - else - { - fail("RedHat/CentOS version ${::operatingsystemmajrelease} - not supported") - } - } diff --git a/midonet/manifests/repository/ubuntu.pp b/midonet/manifests/repository/ubuntu.pp deleted file mode 100644 index be1e97ec7..000000000 --- a/midonet/manifests/repository/ubuntu.pp +++ /dev/null @@ -1,81 +0,0 @@ -# == Class: midonet::repository::ubuntu -# NOTE: don't use this class, use midonet::repository(::init) instead -# -# === Authors -# -# Midonet (http://midonet.org) -# -# === Copyright -# -# Copyright (c) 2015 Midokura SARL, All Rights Reserved. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -class midonet::repository::ubuntu ( - $midonet_repo, - $midonet_stage, - $midonet_openstack_repo, - $midonet_thirdparty_repo, - $midonet_key, - $midonet_key_url, - $openstack_release) - { - # Adding repository for ubuntu - notice('Adding midonet sources for Debian-like distribution') - if $::lsbdistrelease == '14.04' or $::lsbdistrelease == '12.04' { - if $::lsbdistrelease == '12.04' and $openstack_release == 'juno' { - fail ('Ubuntu 12.04 only supports icehouse') - } - notice('Adding midonet sources for Debian-like distribution') - - include apt - include apt::update - - # Update the package list each time a package is defined. That takes - # time, but it ensures it will not fail for out of date repository info - # Exec['apt_update'] -> Package<| |> - - apt::source {'midonet': - comment => 'Midonet apt repository', - location => $midonet_repo, - release => $midonet_stage, - key => $midonet_key, - key_source => $midonet_key_url, - include_src => false, - } - - apt::source {'midonet-openstack-integration': - comment => 'Midonet apt plugin repository', - location => $midonet_openstack_repo, - release => $midonet_stage, - include_src => false, - } - - # Dummy exec to wrap apt_update - exec {'update-midonet-repos': - command => '/bin/true', - require => [Exec['apt_update'], - Apt::Source['midonet'], - Apt::Source['midonet-openstack-integration']] - - } - - Apt::Source<| |> -> Exec<| command == 'update-midonet-repos' |> - - } - else - { - fail("${::lsbdistid} ${::lsbdistrelease} version not supported") - } - } diff --git a/midonet/manifests/zookeeper.pp b/midonet/manifests/zookeeper.pp deleted file mode 100644 index ee34d3f02..000000000 --- a/midonet/manifests/zookeeper.pp +++ /dev/null @@ -1,103 +0,0 @@ -# == Class: ::midonet::zookeeper -# -# Install and run the zookeeper module. -# -# === Parameters -# -# [*servers*] -# Full list of ZooKeeper servers that run in the same cluster. -# [*server_id*] -# Identifier of this ZooKeeper server in the cluster. -# [*client_ip*] -# IP address from where the ZooKeeper listen client requests -# -# === Examples -# -# The easiest way to run the class is: -# -# include ::midonet::zookeeper -# -# And puppet will install a local zookeeper without cluster. For a -# clustered zookeeper, the way you have to define your puppet site, is: -# -# -# ... on Node1 -# -# class {'::midonet::zookeeper': -# servers => [{'id' => 1 -# 'host' => 'node_1'}, -# {'id' => 2, -# 'host' => 'node_2'}, -# {'id' => 3, -# 'host' => 'node_3'}], -# server_id => 1} -# -# ... on Node2 -# -# class {'::midonet::zookeeper': -# servers => [{'id' => 1 -# 'host' => 'node_1'}, -# {'id' => 2, -# 'host' => 'node_2'}, -# {'id' => 3, -# 'host' => 'node_3'}], -# server_id => 2} -# -# ... on Node3 -# -# class {'::midonet::zookeeper': -# servers => [{'id' => 1, -# 'host' => 'node_1'}, -# {'id' => 2, -# 'host' => 'node_2'}, -# {'id' => 3, -# 'host' => 'node_3'}], -# server_id => 3} -# -# defining the same servers for each puppet node, but using a different -# server_id for each one. NOTE: node_X can be hostnames or IP addresses. -# -# you can alternatively use the Hiera.yaml style -# -# ::midonet::zookeeper::servers: -# - id: 1 -# host: 'node_1' -# - id: 2 -# host: 'node_2' -# - id: 3 -# host: 'node_3' -# ::midonet::zookeeper::server_id: '1' -# -# This module is a passthrough to already existent 'deric-zookeeper' -# https://forge.puppetlabs.com/deric/zookeeper -# -# === Authors -# -# Midonet (http://midonet.org) -# -# === Copyright -# -# Copyright (c) 2015 Midokura SARL, All Rights Reserved. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -class midonet::zookeeper($servers, $server_id, $client_ip=$::ipaddress_eth0) { - - class {'::zookeeper': - servers => zookeeper_servers($servers), - id => $server_id, - cfg_dir => '/etc/zookeeper', - client_ip => $client_ip - } -} diff --git a/midonet/metadata.json b/midonet/metadata.json deleted file mode 100644 index 6701551a5..000000000 --- a/midonet/metadata.json +++ /dev/null @@ -1,31 +0,0 @@ -{ - "name": "midonet-midonet", - "version": "2015.6.0", - "author": "MidoNet", - "summary": "Configure and install MidoNet components", - "license": "Apache-2.0", - "source": "https://github.com/midonet/puppet-midonet", - "project_page": "https://github.com/midonet/puppet-midonet", - "issues_url": "https://midonet.atlassian.net/projects/PUP", - "dependencies": [ - { "name":"ripienaar-module_data","version_requirement":">=0.0.3" }, - { "name":"puppetlabs-inifile", "version_requirement": ">=1.0.0 <2.0.0" }, - { "name":"deric-zookeeper","version_requirement":">=0.3.9" }, - { "name":"midonet-cassandra","version_requirement":">=1.0.0" }, - { "name":"puppetlabs-apt","version_requirement":">=1.7.0 <2.0.0" }, - { "name":"puppetlabs-java","version_requirement":">=1.3.0" }, - { "name":"puppetlabs-tomcat","version_requirement":">=1.2.0" }, - { "name":"puppetlabs-stdlib","version_requirement":">= 4.2.0 < 5.0.0" } - ], - "tags": ["openstack", "sdn", "midonet"], - "operatingsystem_support": [ - { - "operatingsystem": "RedHat", - "operatingsystemrelease": [ "6.5", "6.6", "7.0" ] - }, - { - "operatingsystem": "Ubuntu", - "operatingsystemrelease": ["14.04"] - } - ] -} diff --git a/midonet/spec/acceptance/midonet_spec.rb b/midonet/spec/acceptance/midonet_spec.rb deleted file mode 100644 index e8d337961..000000000 --- a/midonet/spec/acceptance/midonet_spec.rb +++ /dev/null @@ -1,33 +0,0 @@ -require 'spec_helper_acceptance' - -describe 'midonet all-in-one' do - - context 'default parameters' do - it 'should work with no errors' do - pp = <<-EOS - if empty($::augeasversion) { - $augeasversion = '1.0.0' - } - class { 'midonet': } -> - exec { "/sbin/ip tuntap add mode tap testgateway": } -> - exec { "/usr/bin/midonet-cli -e 'create router name \\"MidoNet Provider Router\\"'": } -> - midonet_gateway { $::hostname: - ensure => present, - midonet_api_url => 'http://127.0.0.1:8080/midonet-api', - username => 'admin', - password => 'admin', - interface => 'testgateway', - local_as => '64512', - bgp_port => {'port_address' => '198.51.100.2', 'net_prefix' => '198.51.100.0', 'net_length' => '30'}, - remote_peers => [{ 'as' => '64513', 'ip' => '198.51.100.1'}, - { 'as' => '64513', 'ip' => '203.0.113.1'}], - advertise_net => [{ 'net_prefix' => '192.0.2.0', 'net_length' => '24' }] - } - EOS - - # Run it twice for test the idempotency - apply_manifest(pp) - apply_manifest(pp) - end - end -end diff --git a/midonet/spec/acceptance/nodesets/centos-70-x64.yml b/midonet/spec/acceptance/nodesets/centos-70-x64.yml deleted file mode 100644 index f3e3938ad..000000000 --- a/midonet/spec/acceptance/nodesets/centos-70-x64.yml +++ /dev/null @@ -1,8 +0,0 @@ -HOSTS: - centos-70-x64: - platform: centos-70-x64 - image: midonet/centos:centos7 - hypervisor: docker - docker_cmd: '["/sbin/init"]' -CONFIG: - type: foss diff --git a/midonet/spec/acceptance/nodesets/default.yml b/midonet/spec/acceptance/nodesets/default.yml deleted file mode 100644 index 082ec4c27..000000000 --- a/midonet/spec/acceptance/nodesets/default.yml +++ /dev/null @@ -1,8 +0,0 @@ -HOSTS: - ubuntu-14-04: - platform: ubuntu-14.04-x64 - image: midonet/ubuntu:14.04 - hypervisor: docker - docker_cmd: '["/sbin/init"]' -CONFIG: - type: foss diff --git a/midonet/spec/acceptance/nodesets/ubuntu-server-1404-x64.yml b/midonet/spec/acceptance/nodesets/ubuntu-server-1404-x64.yml deleted file mode 100644 index ca062de2d..000000000 --- a/midonet/spec/acceptance/nodesets/ubuntu-server-1404-x64.yml +++ /dev/null @@ -1,8 +0,0 @@ -HOSTS: - ubuntu-14-04: - platform: ubuntu-14.04-x64 - image: midonet/ubuntu:14.04 - hypervisor: docker - docker_cmd: '["/sbin/init"]' -CONFIG: - type: foss diff --git a/midonet/spec/classes/midonet_cassandra_spec.rb b/midonet/spec/classes/midonet_cassandra_spec.rb deleted file mode 100644 index 232ea2112..000000000 --- a/midonet/spec/classes/midonet_cassandra_spec.rb +++ /dev/null @@ -1,76 +0,0 @@ -require 'spec_helper' - -describe 'midonet::cassandra' do - - let :params do - { - :seeds => ['192.168.7.2', '192.168.7.3', '192.168.7.4'], - :seed_address => '192.168.7.2' - } - end - - shared_examples_for 'cluster cassandra' do - - - before do - params.merge!(os_params) - end - - it 'should call cassandra module properly' do - is_expected.to contain_class('cassandra').with({ - 'seeds' => params[:seeds], - 'seed_address' => params[:seed_address], - 'storage_port' => '7000', - 'ssl_storage_port' => '7001', - 'client_port' => '9042', - 'client_port_thrift' => '9160' - }) - end - end - - context 'on Debian' do - let :facts do - { - :osfamily => 'Debian', - :operatingsystem => 'Ubuntu', - :lsbdistrelease => '14.04', - :lsbdistid => 'Ubuntu', - :lsbdistcodename => 'trusty', - :ipaddress => '127.0.0.1', - :hostname => 'test.puppet' - } - end - - let :os_params do - { - :pid_dir => '/var/run/cassandra', - :conf_dir => '/etc/cassandra', - :service_path => '/usr/sbin' - } - end - - it_configures 'cluster cassandra' - end - - context 'on RedHat' do - let :facts do - { - :osfamily => 'RedHat', - :operatingsystem => 'CentOS', - :operatingsystemmajrelease => 7, - :ipaddress => '127.0.0.1', - :hostname => 'test.puppet' - } - end - - let :os_params do - { - :pid_dir => '/var/run/cassandra', - :conf_dir => '/etc/cassandra/default.conf', - :service_path => '/sbin' - } - end - - it_configures 'cluster cassandra' - end -end diff --git a/midonet/spec/classes/midonet_client_spec.rb b/midonet/spec/classes/midonet_client_spec.rb deleted file mode 100644 index 9df8fdd2b..000000000 --- a/midonet/spec/classes/midonet_client_spec.rb +++ /dev/null @@ -1,68 +0,0 @@ -require 'spec_helper' - -describe 'midonet::midonet_cli' do - - let :pre_condition do - "class {'midonet::repository': - midonet_repo => 'fake', - midonet_openstack_repo => 'fake', - midonet_thirdparty_repo => 'fake', - midonet_stage => 'fake', - openstack_release => 'fake', - midonet_key => '35FEEF2BAD40EA777D0C5BA6FCE340D250F18FCF', - midonet_key_url => 'http://repo.midonet.org/packages.midokura.com' - }" - end - - let :default_params do - { - :api_endpoint => 'http://87.23.43.2:8080/midonet-api', - :username => 'midonet', - :password => 'dummy', - :tenant_name => 'midonet' - } - end - - shared_examples_for 'midonet client' do - let :params do - {} - end - - before do - params.merge!(default_params) - end - - it 'should have the package installed' do - is_expected.to contain_package('python-midonetclient') - end - - it 'should create .midonetrc file' do - is_expected.to contain_midonet_client_conf('cli/api_url').with_value(params[:api_endpoint]) - is_expected.to contain_midonet_client_conf('cli/username').with_value(params[:username]) - is_expected.to contain_midonet_client_conf('cli/password').with_value(params[:password]) - is_expected.to contain_midonet_client_conf('cli/project_id').with_value(params[:tenant_name]) - end - end - - context 'on Debian' do - let :facts do - { - :osfamily => 'Debian', - :lsbdistrelease => '14.04', - :lsbdistid => 'Ubuntu' - } - end - it_configures 'midonet client' - end - - context 'on RedHat' do - let :facts do - { - :osfamily => 'RedHat', - :operatingsystemmajrelease => 7, - } - end - it_configures 'midonet client' - end - -end diff --git a/midonet/spec/classes/midonet_zookeeper_spec.rb b/midonet/spec/classes/midonet_zookeeper_spec.rb deleted file mode 100644 index 73f8b766d..000000000 --- a/midonet/spec/classes/midonet_zookeeper_spec.rb +++ /dev/null @@ -1,58 +0,0 @@ -require 'spec_helper' - -describe 'midonet::zookeeper' do - - shared_examples_for 'cluster zookeeper' do - let :params do - { - :servers => [{"id" => 1, "host" => 'node_1'}, - {"id" => 3, "host" => 'node_2'}, - {"id" => 2, "host" => 'node_3'}], - :server_id => 3 - } - end - - let :zookeeper_params do - { - # Please note the output is sorted by input 'ids' - :servers => ['node_1', 'node_3', 'node_2'], - :id => 3 - } - end - - it 'should call deric/zookeeper properly' do - is_expected.to contain_class('zookeeper').with({ - 'servers' => zookeeper_params[:servers], - 'id' => zookeeper_params[:id], - 'client_ip' => '127.0.0.1' - }) - end - end - - context 'on Debian' do - let :facts do - { - :osfamily => 'Debian', - :operatingsystem => 'Ubuntu', - :lsbdistrelease => '14.04', - :lsbdistid => 'Ubuntu', - :ipaddress => '127.0.0.1', - :hostname => 'test.puppet' - } - end - it_configures 'cluster zookeeper' - end - - context 'on RedHat' do - let :facts do - { - :osfamily => 'RedHat', - :operatingsystemmajrelease => 7, - :ipaddress => '127.0.0.1', - :hostname => 'test.puppet' - } - end - it_configures 'cluster zookeeper' - end - -end diff --git a/midonet/spec/functions/zookeeper_servers_spec.rb b/midonet/spec/functions/zookeeper_servers_spec.rb deleted file mode 100644 index a30f91330..000000000 --- a/midonet/spec/functions/zookeeper_servers_spec.rb +++ /dev/null @@ -1,13 +0,0 @@ -require 'spec_helper' - -input = [{'id' => '1', 'host' => 'host1'}, - {'id' => '2', 'host' => 'host2'}] -output = ['host1', 'host2'] - -input2 = {'id' => '1', 'host' => 'host1'} -output2 = ['host1'] - -describe 'zookeeper_servers' do - it { is_expected.to run.with_params(input).and_return(output) } - it { is_expected.to run.with_params(input2).and_return(output2) } -end diff --git a/midonet/spec/spec.opts b/midonet/spec/spec.opts deleted file mode 100644 index 91cd6427e..000000000 --- a/midonet/spec/spec.opts +++ /dev/null @@ -1,6 +0,0 @@ ---format -s ---colour ---loadby -mtime ---backtrace diff --git a/midonet/spec/spec_helper.rb b/midonet/spec/spec_helper.rb deleted file mode 100644 index b74f0a3f6..000000000 --- a/midonet/spec/spec_helper.rb +++ /dev/null @@ -1,23 +0,0 @@ -require 'rspec-puppet' -require 'puppetlabs_spec_helper/module_spec_helper' - - -fixture_path = File.expand_path(File.join(__FILE__, '..', 'fixtures')) - -RSpec.configure do |c| - c.alias_it_should_behave_like_to :it_configures, 'configures' - c.alias_it_should_behave_like_to :it_raises, 'raises' - c.module_path = File.join(fixture_path, 'modules') - c.manifest_dir = File.join(fixture_path, 'manifests') - c.mock_with :rspec do |mock_c| - mock_c = :expect - end -end - -def make_site_pp(pp, path = File.join(master['puppetpath'], 'manifests')) - on master, "mkdir -p #{path}" - create_remote_file(master, File.join(path, "site.pp"), pp) - on master, "chown -R #{master['user']}:#{master['group']} #{path}" - on master, "chmod -R 0755 #{path}" - on master, "service #{master['puppetservice']} restart" -end diff --git a/midonet/spec/spec_helper_acceptance.rb b/midonet/spec/spec_helper_acceptance.rb deleted file mode 100644 index f599f6017..000000000 --- a/midonet/spec/spec_helper_acceptance.rb +++ /dev/null @@ -1,35 +0,0 @@ -require 'beaker-rspec' -require 'beaker/puppet_install_helper' - -run_puppet_install_helper - -UNSUPPORTED_PLATFORMS = ['Suse','windows','AIX','Solaris'] - -RSpec.configure do |c| - # Project root - proj_root = File.expand_path(File.join(File.dirname(__FILE__), '..')) - - # Readable test descriptions - c.formatter = :documentation - - # Configure all nodes in nodeset - c.before :suite do - # Install module and dependencies - hosts.each do |host| - copy_module_to(host, :source => proj_root, :module_name => 'midonet') - scp_to(host, proj_root + '/data/hiera.yaml', "#{default['puppetpath']}/hiera.yaml") - on host, 'mkdir -p /var/lib/hiera' - scp_to(host, proj_root + '/data/common.yaml', "/var/lib/hiera") - scp_to(host, proj_root + '/data/osfamily', "/var/lib/hiera") - - on host, puppet('module install ripienaar-module_data'), {:acceptable_exit_codes => [0,1] } - on host, puppet('module install puppetlabs-stdlib --version 4.5.0'), { :acceptable_exit_codes => [0,1] } - on host, puppet('module install deric-zookeeper'), {:acceptable_exit_codes => [0,1] } - on host, puppet('module install midonet-cassandra'), {:acceptable_exit_codes => [0,1] } - on host, puppet('module install puppetlabs-inifile'), {:acceptable_exit_codes => [0,1] } - on host, puppet('module install puppetlabs-apt'), {:acceptable_exit_codes => [0,1] } - on host, puppet('module install puppetlabs-java'), {:acceptable_exit_codes => [0,1] } - on host, puppet('module install puppetlabs-tomcat'), {:acceptable_exit_codes => [0,1] } - end - end -end diff --git a/midonet/spec/unit/puppet/provider/midonet_gateway/midonet_api_caller_spec.rb b/midonet/spec/unit/puppet/provider/midonet_gateway/midonet_api_caller_spec.rb deleted file mode 100644 index d70eec749..000000000 --- a/midonet/spec/unit/puppet/provider/midonet_gateway/midonet_api_caller_spec.rb +++ /dev/null @@ -1,158 +0,0 @@ -require 'spec_helper' - -describe Puppet::Type.type(:midonet_gateway).provider(:midonet_api_caller) do - - let(:provider) { described_class.new(resource) } - - let(:resource) { Puppet::Type.type(:midonet_gateway).new( - { - :ensure => :present, - :hostname => 'compute.midonet', - :midonet_api_url => 'http://controller:8080', - :username => 'admin', - :password => 'admin', - :interface => 'eth0', - :local_as => '64512', - :bgp_port => { 'port_address' => '198.51.100.2', 'net_prefix' => '198.51.100.0', 'net_length' => '30' }, - :remote_peers => [ { 'as' => '64513', 'ip' => '198.51.100.1' }, - { 'as' => '64513', 'ip' => '203.0.113.1' } ], - :advertise_net => [ { 'net_prefix' => '192.0.2.0', 'net_length' => '24' } ] - } - )} - - describe 'BGP configuration happy path' do - # - Create virtual ports for each remote BGP peer - # - Configure BGP on the virtual ports or remove config if needed - # - Advertise routes - # - Bind virtual ports to physical network interfaces - # - Configure stateful port group and delete it if needed - # - Add ports to the port group and remove them if needed - - let(:routers) { - [ - { - "id" => "e6a53892-03bf-4f16-8212-e4d76ad204e3", - "name" => "MidoNet Provider Router" - } - ] - } - - let(:ports) { - [ - { - "hostId" => "b3f2f63e-02a6-459a-af0f-44eeac441a09", - "interfaceName" => "eth0", - "id" => "20b169b1-ec0a-4639-8479-44b63e016935" - } - ] - } - - let(:bgps) { - [ - { - "id" => "4a5e4356-3417-4c60-9cf8-7516aedb7067", - "localAS" => "64512", - "peerAS" => "64513", - "peerAddr" => "198.51.100.1", - "portId" => "f9e61b88-0a26-4d56-8f47-eb5da37225e0" - } - ] - } - - let(:port_groups) { - [ - { - "id" => "711401b7-bf6f-4afd-8ab2-94b4342a0310", - "name" => "uplink-spg", - "stateful" => "true" - } - ] - } - - let(:hosts) { - [ - { - "id" => "b3f2f63e-02a6-459a-af0f-44eeac441a09", - "name" => "compute.midonet" - } - ] - } - - let(:tenants) { - [ - { - "id" => "4486908d-8e15-4f01-b3b4-86f9def0fa04", - "name" => "4486908d-8e15-4f01-b3b4-86f9def0fa04" - } - ] - } - - before :each do - allow(provider).to receive(:call_create_uplink_port).and_return(ports) - allow(provider).to receive(:call_get_provider_router).and_return(routers) - allow(provider).to receive(:call_get_host_id).and_return(hosts[0]['id']) - allow(provider).to receive(:call_get_host).and_return(hosts) - allow(provider).to receive(:call_add_bgp_to_port) - allow(provider).to receive(:call_get_bgp_connections).and_return(bgps) - allow(provider).to receive(:call_advertise_route_to_bgp) - allow(provider).to receive(:call_bind_port_to_interface) - allow(provider).to receive(:call_get_stateful_port_group).and_return(port_groups) - allow(provider).to receive(:call_add_ports_to_port_group) - allow(provider).to receive(:call_delete_uplink_port).and_return(ports) - allow(provider).to receive(:call_unbind_port_from_interface) - allow(provider).to receive(:call_remove_ports_from_port_group) - allow(provider).to receive(:call_get_uplink_port).and_return(ports) - allow(provider).to receive(:call_add_route_for_uplink_port) - allow(provider).to receive(:call_get_token).and_return('thisisafaketoken') - allow(provider).to receive(:call_get_tenant).and_return(tenants) - end - - it 'creates virtual ports for each remote BGP peer, advertises routes, - binds virtual ports, configures stateful port group and adds ports to it' do - # Expectations over the 'create' call - expect(provider).to receive(:call_get_provider_router) - expect(provider).to receive(:call_create_uplink_port).with(routers[0]['id'], {'portAddress' => resource[:bgp_port]['port_address'], - 'networkAddress' => resource[:bgp_port]['net_prefix'], - 'networkLength' => resource[:bgp_port]['net_length'].to_i, - 'type' => 'Router'}) - expect(provider).to receive(:call_get_bgp_connections).with(ports[0]['id']) - expect(provider).to receive(:call_add_bgp_to_port).with(ports[0]['id'], {'localAS' => resource[:local_as], - 'peerAS' => resource[:remote_peers][0]['as'], - 'peerAddr' => resource[:remote_peers][0]['ip']}).once - expect(provider).to receive(:call_add_bgp_to_port).with(ports[0]['id'], {'localAS' => resource[:local_as], - 'peerAS' => resource[:remote_peers][1]['as'], - 'peerAddr' => resource[:remote_peers][1]['ip']}).once - expect(provider).to receive(:call_add_route_for_uplink_port).with(routers[0]['id'], {'type' => 'Normal', - 'srcNetworkAddr' => '0.0.0.0', - 'srcNetworkLength' => 0, - 'dstNetworkAddr' => resource[:bgp_port]['net_prefix'], - 'dstNetworkLength' => resource[:bgp_port]['net_length'].to_i, - 'weight' => 100, - 'nextHopPort' => ports[0]['id']}) - expect(provider).to receive(:call_advertise_route_to_bgp).with(bgps[0]['id'], {'nwPrefix' => resource[:advertise_net][0]['net_prefix'], - 'prefixLength' => resource[:advertise_net][0]['net_length']}).once - expect(provider).to receive(:call_bind_port_to_interface).with(hosts[0]['id'], {'interfaceName' => resource[:interface], - 'portId' => '20b169b1-ec0a-4639-8479-44b63e016935'}) - expect(provider).not_to receive(:call_create_stateful_port_group) - expect(provider).to receive(:call_get_stateful_port_group) - expect(provider).to receive(:call_add_ports_to_port_group).with(port_groups[0]['id'], {'portId' => '20b169b1-ec0a-4639-8479-44b63e016935'}) - provider.create - end - - it 'deletes uplink port, port_group, and unconfigures BGP' do - # Expectations over the 'destroy' call - expect(provider).to receive(:call_get_provider_router) - expect(provider).to receive(:call_get_uplink_port) - expect(provider).to receive(:call_delete_uplink_port).with(ports[0]['id']) - provider.destroy - end - - it 'exists with default method returns' do - # Expectations over the 'exists' call - expect(provider).to receive(:call_get_provider_router).and_return(routers) - expect(provider).to receive(:call_get_host).and_return(hosts) - expect(provider).to receive(:call_get_uplink_port).with(routers[0]['id'], resource[:bgp_port]['port_address']).and_return(ports) - expect(provider.exists?).to eq true - end - end -end diff --git a/midonet/spec/unit/puppet/provider/midonet_host_registry/midonet_api_caller_spec.rb b/midonet/spec/unit/puppet/provider/midonet_host_registry/midonet_api_caller_spec.rb deleted file mode 100644 index 38950f17d..000000000 --- a/midonet/spec/unit/puppet/provider/midonet_host_registry/midonet_api_caller_spec.rb +++ /dev/null @@ -1,262 +0,0 @@ -require 'spec_helper' - -describe Puppet::Type.type(:midonet_host_registry).provider(:midonet_api_caller) do - - let(:provider) { described_class.new(resource) } - - let(:resource) { Puppet::Type.type(:midonet_host_registry).new( - { - :ensure => :present, - :hostname => 'compute.midonet', - :midonet_api_url => 'http://controller:8080', - :username => 'username', - :password => 'password', - :tunnelzone_name => 'tzone1', - :underlay_ip_address => '172.10.0.10' - } - )} - - describe 'host registry happy path' do - # - Single tunnelzone zones - # - Host registered - # - Allow to be created, and deleted - # - Tunnel zone should be deleted after the host deletion - - let(:tzones) { - [ - { - "name" => "tzone1", - "id" => "bd69f96a-005b-4d58-9f6c-b8dd9fbb6339", - "type" => "gre" - } - ] - } - - let(:hosts) { - [ - { - "id" => "04f7361c-4cb8-4cda-a50f-1744fd8b7851", - "name" => "compute.midonet" - } - ] - } - - before :each do - allow(provider).to receive(:call_get_tunnelzone).and_return(tzones) - allow(provider).to receive(:call_get_host).and_return(hosts) - allow(provider).to receive(:call_create_tunnelzone_host) - allow(provider).to receive(:call_get_tunnelzone_host).and_return(hosts) - allow(provider).to receive(:call_delete_tunnelzone_host) - allow(provider).to receive(:call_get_tunnelzone_hosts).and_return([]) - allow(provider).to receive(:call_delete_tunnelzone) - allow(provider).to receive(:call_get_token).and_return('thisisafaketoken') - end - - it 'registers the host successfully' do - # Expectations over 'create' call - expect(provider).to receive(:call_create_tunnelzone_host).with(tzones[0]['id'], {'hostId' => '04f7361c-4cb8-4cda-a50f-1744fd8b7851', 'ipAddress' => '172.10.0.10'}) - expect(provider).to receive(:call_get_tunnelzone) - expect(provider).not_to receive(:call_create_tunnelzone) - expect(provider).to receive(:call_get_host) - provider.create - end - - it 'unregisters the host successfully' do - # Expectations over the 'destroy' call - expect(provider).to receive(:call_get_tunnelzone) - expect(provider).to receive(:call_get_host) - expect(provider).to receive(:call_get_tunnelzone_hosts).with(tzones[0]['id']) - expect(provider).to receive(:call_delete_tunnelzone) - provider.destroy - end - - end - - describe 'when no tunnelzones' do - let(:hosts) { - [ - { - "id" => "04f7361c-4cb8-4cda-a50f-1744fd8b7851", - "name" => "compute.midonet" - } - ] - } - - let(:tzones) { - [ - { - "name" => "tzone1", - "id" => "bd69f96a-005b-4d58-9f6c-b8dd9fbb6339", - "type" => "gre" - } - ] - } - - it 'creates the tunnelzone and the host' do - allow(provider).to receive(:call_get_tunnelzone).and_return([]) - allow(provider).to receive(:call_create_tunnelzone).and_return(tzones) - allow(provider).to receive(:call_get_host).and_return(hosts) - allow(provider).to receive(:call_create_tunnelzone_host) - allow(provider).to receive(:call_get_token).and_return('thisisafaketoken') - - expect(provider).to receive(:call_create_tunnelzone).once - expect(provider.exists?).to eq false - - provider.create - end - end - - describe 'unregister not the last host in tunnelzone' do - let(:tzones) { - [ - { - "name" => "tzone1", - "id" => "bd69f96a-005b-4d58-9f6c-b8dd9fbb6339", - "type" => "gre" - } - ] - } - - let(:host_to_unregister) { - [ - { - "id" => "04f7361c-4cb8-4cda-a50f-1744fd8b7851", - "name" => "compute.midonet" - } - ] - } - - let(:host_left_in_tunnelzone) { - [ - { - "id" => "04f7361c-4cb8-4cda-a50f-1744fd8b7852", - "name" => "compute2.midonet" - } - ] - } - - it 'should not call the tunnelzone deletion' do - # Preparing the rest responses - allow(provider).to receive(:call_get_tunnelzone).and_return(tzones) - allow(provider).to receive(:call_get_host).and_return(host_to_unregister) - allow(provider).to receive(:call_delete_tunnelzone_host) - allow(provider).to receive(:call_get_tunnelzone_host).and_return(host_to_unregister) - allow(provider).to receive(:call_get_tunnelzone_hosts).and_return(host_left_in_tunnelzone) - allow(provider).to receive(:call_get_token).and_return('thisisafaketoken') - - # Set the behaviour expectations - expect(provider).to receive(:call_delete_tunnelzone_host).with(tzones[0]['id'], host_to_unregister[0]['id']) - expect(provider).not_to receive(:call_delete_tunnelzone) - - provider.destroy - end - end - - describe 'try to register a host without midonet-agent' do - let(:tzones) { - [ - { - "name" => "tzone1", - "id" => "bd69f96a-005b-4d58-9f6c-b8dd9fbb6339", - "type" => "gre" - } - ] - } - - it 'should raise an exception' do - # Preparing the rest responses - allow(provider).to receive(:call_get_tunnelzone).and_return(tzones) - allow(provider).to receive(:call_get_host).and_return([]) - allow(provider).to receive(:call_get_token).and_return('thisisafaketoken') - expect { - provider.create - }.to raise_error(RuntimeError) - end - end - - describe 'try to register a host with wrong tunnelzone type' do - let(:tzones) { - [ - { - "name" => "tzone1", - "id" => "bd69f96a-005b-4d58-9f6c-b8dd9fbb6339", - "type" => "vxlan" # Resource is 'gre' and current one is 'vxlan' - } - ] - } - - it 'should raise an exception' do - allow(provider).to receive(:call_get_tunnelzone).and_return(tzones) - allow(provider).to receive(:call_get_token).and_return('thisisafaketoken') - expect { - provider.create - }.to raise_error(RuntimeError) - end - end - - describe 'try to unregister a host that belongs to a tunnelzone that does not exist' do - it 'should not fail' do - allow(provider).to receive(:call_get_tunnelzone).and_return([]) - allow(provider).to receive(:call_get_token).and_return('thisisafaketoken') - expect(provider).not_to receive(:call_delete_tunnelzone_host) - provider.destroy - end - end - - describe 'try to unregister a host that does not exist' do - let(:tzones) { - [ - { - "name" => "tzone1", - "id" => "bd69f96a-005b-4d58-9f6c-b8dd9fbb6339", - "type" => "gre" - } - ] - } - - it 'should not fail' do - allow(provider).to receive(:call_get_tunnelzone).and_return(tzones) - allow(provider).to receive(:call_get_host).and_return([]) - allow(provider).to receive(:call_get_token).and_return('thisisafaketoken') - - expect(provider).not_to receive(:call_delete_tunnelzone_host) - - provider.destroy - end - end - - describe 'try to unregister a host that does not belong to a tunnelzone' do - let(:tzones) { - [ - { - "name" => "tzone1", - "id" => "bd69f96a-005b-4d58-9f6c-b8dd9fbb6339", - "type" => "gre" - } - ] - } - - let(:hosts) { - [ - { - "id" => "04f7361c-4cb8-4cda-a50f-1744fd8b7851", - "name" => "compute.midonet" - } - ] - } - - it 'should not fail' do - allow(provider).to receive(:call_get_tunnelzone).and_return(tzones) - allow(provider).to receive(:call_get_host).and_return(hosts) - allow(provider).to receive(:call_get_tunnelzone_host).and_return([]) - allow(provider).to receive(:call_get_token).and_return('thisisafaketoken') - - expect(provider).to receive(:call_get_tunnelzone).once - expect(provider).to receive(:call_get_host).once - expect(provider).to receive(:call_get_tunnelzone_host).once.with(tzones[0]['id'], hosts[0]['id']) - - provider.destroy - end - end - -end diff --git a/midonet/spec/unit/puppet/type/midonet_gateway_spec.rb b/midonet/spec/unit/puppet/type/midonet_gateway_spec.rb deleted file mode 100644 index 44345edba..000000000 --- a/midonet/spec/unit/puppet/type/midonet_gateway_spec.rb +++ /dev/null @@ -1,174 +0,0 @@ -require 'spec_helper' -require 'puppet' -require 'puppet/type/midonet_gateway' -require 'facter' - -describe Puppet::Type::type(:midonet_gateway) do - - context 'on default values' do - let(:resource) do - Puppet::Type::type(:midonet_gateway).new( - :hostname => Facter['hostname'].value, - :midonet_api_url => 'http://controller:8080/midonet-api', - :username => 'admin', - :password => 'admin', - :interface => 'eth0', - :local_as => '64512', - :bgp_port => { 'port_address' => '198.51.100.2', 'net_prefix' => '198.51.100.0', 'net_length' => '30'}, - :remote_peers => [ { 'as' => '64513', 'ip' => '198.51.100.1' }, - { 'as' => '64513', 'ip' => '203.0.113.1' } ], - :advertise_net => [ { 'net_prefix' => '192.0.2.0', 'net_length' => '24' } ]) - - end - - it 'assign the default values' do - expect(resource[:username]).to eq 'admin' - expect(resource[:password]).to eq 'admin' - expect(resource[:tenant_name]).to eq 'admin' - expect(resource[:interface]).to eq 'eth0' - expect(resource[:router]).to eq 'MidoNet Provider Router' - end - end - - context 'on invalid hostname' do - it do - expect { - Puppet::Type.type(:midonet_gateway).new( - :hostname => '_invalid_hostname.local', - :midonet_api_url => 'http://87.23.43.2:8080/midonet-api', - :username => 'admin', - :password => 'admin') - }.to raise_error(Puppet::ResourceError) - end - end - - context 'on invalid api url' do - it do - expect { - Puppet::Type.type(:midonet_gateway).new( - :hostname => Facter['hostname'].value, - :midonet_api_url => '87.23.43.2:8080/midonet-api', - :username => 'admin', - :password => 'admin') - }.to raise_error(Puppet::ResourceError) - end - end - - context 'on tenant_name valid value' do - let(:resource) do - Puppet::Type.type(:midonet_gateway).new( - :hostname => Facter['hostname'].value, - :midonet_api_url => 'http://87.23.43.2:8080/midonet-api', - :username => 'admin', - :password => 'admin', - :tenant_name => 'midokura') - end - - it 'assign to it' do - expect(resource[:tenant_name]).to eq 'midokura' - end - end - - context 'on valid interface name' do - let(:resource) do - Puppet::Type.type(:midonet_gateway).new( - :hostname => Facter['hostname'].value, - :midonet_api_url => 'http://87.23.43.2:8080/midonet-api', - :username => 'admin', - :password => 'admin', - :interface => 'eth0') - end - - it 'assign to it' do - expect(resource[:interface]).to eq 'eth0' - end - end - - context 'on valid local AS name' do - let(:resource) do - Puppet::Type.type(:midonet_gateway).new( - :hostname => Facter['hostname'].value, - :midonet_api_url => 'http://87.23.43.2:8080/midonet-api', - :username => 'admin', - :password => 'admin', - :local_as => '64512') - end - - it 'assign to it' do - expect(resource[:local_as]).to eq '64512' - end - end - - context 'on invalid local AS name' do - it do - expect { - Puppet::Type.type(:midonet_gateway).new( - :hostname => Facter['hostname'].value, - :midonet_api_url => 'http://87.23.43.2:8080/midonet-api', - :username => 'admin', - :password => 'admin', - :local_as => 'fake') - }.to raise_error(Puppet::ResourceError) - end - end - - context 'on invalid BGP port' do - it do - expect { - Puppet::Type.type(:midonet_gateway).new( - :hostname => Facter['hostname'].value, - :midonet_api_url => 'http://87.23.43.2:8080/midonet-api', - :username => 'admin', - :password => 'admin', - :bgp_port => { 'port_address' => '_198.51.100.2', - 'net_prefix' => '198.51.100.0', - 'net_length' => '30' }) - }.to raise_error(Puppet::ResourceError) - end - end - - context 'on invalid remote BGP peers AS name and IP' do - it do - expect { - Puppet::Type.type(:midonet_gateway).new( - :hostname => Facter['hostname'].value, - :midonet_api_url => 'http://87.23.43.2:8080/midonet-api', - :username => 'admin', - :password => 'admin', - :remote_peers => [ { 'as' => 'fake', - 'ip' => '_198.51.100.1' } ]) - }.to raise_error(Puppet::ResourceError) - end - end - - context 'on valid router name' do - let(:resource) do - Puppet::Type.type(:midonet_gateway).new( - :hostname => Facter['hostname'].value, - :midonet_api_url => 'http://87.23.43.2:8080/midonet-api', - :username => 'admin', - :password => 'admin', - :router => 'MidoNet Provider Router') - end - - it 'assign to it' do - expect(resource[:router]).to eq 'MidoNet Provider Router' - end - end - - context 'on invalid advertise network' do - it do - expect { - Puppet::Type.type(:midonet_gateway).new( - :hostname => Facter['hostname'].value, - :midonet_api_url => 'http://87.23.43.2:8080/midonet-api', - :username => 'admin', - :password => 'admin', - :advertise_net => [ { 'net_prefix' => '_192.0.2.0', - 'net_length' => '24' } ] ) - }.to raise_error(Puppet::ResourceError) - end - end - -end - diff --git a/midonet/spec/unit/puppet/type/midonet_host_registry_spec.rb b/midonet/spec/unit/puppet/type/midonet_host_registry_spec.rb deleted file mode 100644 index 7f36425d0..000000000 --- a/midonet/spec/unit/puppet/type/midonet_host_registry_spec.rb +++ /dev/null @@ -1,151 +0,0 @@ -require 'spec_helper' -require 'puppet' -require 'puppet/type/midonet_host_registry' -require 'facter' - -describe Puppet::Type::type(:midonet_host_registry) do - - context 'on default values' do - let(:resource) do - Puppet::Type.type(:midonet_host_registry).new( - :hostname => Facter['hostname'].value, - :midonet_api_url => 'http://87.23.43.2:8080/midonet-api', - :username => 'admin', - :password => 'admin') - end - - it 'assign the default values' do - expect(resource[:tenant_name]).to eq :'admin' - expect(resource[:underlay_ip_address]).to eq Facter['ipaddress'].value - expect(resource[:tunnelzone_name]).to eq :'tzone0' - expect(resource[:tunnelzone_type]).to eq :'gre' - end - end - - context 'on invalid hostname' do - it do - expect { - Puppet::Type.type(:midonet_host_registry).new( - :hostname => '_invalid_hostname.local', - :midonet_api_url => 'http://87.23.43.2:8080/midonet-api', - :username => 'admin', - :password => 'admin') - }.to raise_error(Puppet::ResourceError) - end - end - - context 'on invalid api url' do - it do - expect { - Puppet::Type.type(:midonet_host_registry).new( - :hostname => Facter['hostname'].value, - :midonet_api_url => '87.23.43.2:8080/midonet-api', - :username => 'admin', - :password => 'admin') - }.to raise_error(Puppet::ResourceError) - end - end - - context 'on tenant_name valid value' do - let(:resource) do - Puppet::Type.type(:midonet_host_registry).new( - :hostname => Facter['hostname'].value, - :midonet_api_url => 'http://87.23.43.2:8080/midonet-api', - :username => 'admin', - :password => 'admin', - :tenant_name => 'midokura') - end - - it 'assign to it' do - expect(resource[:tenant_name]).to eq 'midokura' - end - end - - context 'on tunnelzone valid name' do - let(:resource) do - Puppet::Type.type(:midonet_host_registry).new( - :hostname => Facter['hostname'].value, - :midonet_api_url => 'http://87.23.43.2:8080/midonet-api', - :username => 'admin', - :password => 'admin', - :tunnelzone_name => 'tzoneee') - end - - it 'assign to it' do - expect(resource[:tunnelzone_name]).to eq 'tzoneee' - end - end - - context 'on tunnelzone valid type gre' do - let(:resource) do - Puppet::Type.type(:midonet_host_registry).new( - :hostname => Facter['hostname'].value, - :midonet_api_url => 'http://87.23.43.2:8080/midonet-api', - :username => 'admin', - :password => 'admin', - :tunnelzone_type => 'gre') - end - - it 'assign to it' do - expect(resource[:tunnelzone_type]).to eq :'gre' - end - end - - context 'on tunnelzone valid type vxlan' do - let(:resource) do - Puppet::Type.type(:midonet_host_registry).new( - :hostname => Facter['hostname'].value, - :midonet_api_url => 'http://87.23.43.2:8080/midonet-api', - :username => 'admin', - :password => 'admin', - :tunnelzone_type => 'vxlan') - end - - it 'assign to it' do - expect(resource[:tunnelzone_type]).to eq :'vxlan' - end - end - - context 'on tunnelzone valid type foo' do - it do - expect { - Puppet::Type.type(:midonet_host_registry).new( - :hostname => Facter['hostname'].value, - :midonet_api_url => 'http://87.23.43.2:8080/midonet-api', - :username => 'admin', - :password => 'admin', - :tunnelzone_type => 'foo') - }.to raise_error(Puppet::ResourceError) - end - end - - context 'on underlay_ip_address valid IP' do - let(:resource) do - Puppet::Type.type(:midonet_host_registry).new( - :hostname => Facter['hostname'].value, - :midonet_api_url => 'http://87.23.43.2:8080/midonet-api', - :username => 'admin', - :password => 'admin', - :underlay_ip_address => '76.3.176.129') - end - - it 'assign it properly' do - expect(resource[:underlay_ip_address]).to eq '76.3.176.129' - end - end - - context 'on underlay_ip_address invalid IP' do - - it do - expect { - Puppet::Type.type(:midonet_host_registry).new( - :hostname => Facter['hostname'].value, - :midonet_api_url => 'http://87.23.43.2:8080/midonet-api', - :username => 'admin', - :password => 'admin', - :underlay_ip_address => '76.3.280.129') - }.to raise_error(Puppet::ResourceError) - end - - end -end diff --git a/midonet/templates/midonet-agent/midolman.conf.erb b/midonet/templates/midonet-agent/midolman.conf.erb deleted file mode 100644 index 1648ea58c..000000000 --- a/midonet/templates/midonet-agent/midolman.conf.erb +++ /dev/null @@ -1,168 +0,0 @@ -# Copyright 2014-15 Midokura SARL -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Midolman configuration file - -[zookeeper] -<%- zkarr = Array.new -%> -<%- @zk_servers.each do |s| -%> - <%- zkarr.push("#{s['ip']}:#{s['port'] ||= 2181 }") -%> -<%- end -%> -zookeeper_hosts = <%= zkarr.join(",") %> -session_timeout = 30000 -midolman_root_key = /midonet/v1 -session_gracetime = 30000 - -[cassandra] -# The minimum recommended cassandra setup is a 3-node cluster with a -# replication factor of 3. Midolman uses Quorum as consistency policy, which -# would translate to 2 in the suggested setup. -# -# Refer to the docs/cassandra-cache.md documentation for more specific details -servers = <%= @cs_seeds.join(",") %> -# DO CHANGE THIS, recommended value is 3 -replication_factor = 1 -cluster = midonet - -[bridge] -mac_port_mapping_expire_millis = 15000 - -[arptable] -arp_retry_interval_seconds = 10 -arp_timeout_seconds = 60 -arp_stale_seconds = 1800 -arp_expiration_seconds = 3600 - -[midolman] -disconnected_ttl_seconds = 30 -control_interface = eth0 -cache_type = cassandra -check_flow_expiration_interval = 10000 #millis -# top_level_actor_supervisor = resume -top_level_actor_supervisor = crash -# after requesting an update to the kernel if a flow with idle expiration set -# has less then idle_flow_tolerance_interval to live, we expire it -# idle_flow_tolerance_interval = 10000 - -# bgpd options - -# path to directory containing bgpd binary, default is /usr/sbin -#bgpd_binary = /usr/sbin # for RHEL -#bgpd_binary = /usr/lib/quagga/ # for ubuntu - -# path to directory containing bgpd.conf configuration file for bgpd -#bgpd_config = /etc/quagga # default value - -# number of threads dedicated to packet processing -simulation_threads = 1 - -# number of datapath output channels -output_channels = 1 - -# threading model for datapath input channels. There is one channel per port. -# Allowed values are: -# + one_to_many: use one thread to service all ports -# + one_to_one: use one thread to service each port -input_channel_threading = one_to_many - -# dashboard, experimental -enable_dashboard=false -jetty_xml=/etc/midolman/jetty/etc/jetty.xml - -# location of the exterior vxlan vport uuid to vni key map (as a json object) -#uuid_vni_json_mapping_file=/etc/midolman/uuidtovni.json - -[host] -# This file holds the host UUID across reboots. It is created when -# midolman is first executed in the host, by default it will be stored -# in /etc/midolman/ -#properties_file = /etc/midolman/host_uuid.properties -wait_time_between_scans = 5000 # 5 * 1000 millis - -[datapath] - -# This option specifies the value of the udp port used for vxlan tunnelling -# to peer vteps. By default it is set to the standardized vxlan udp port value -# which is 4789. -#vxlan_vtep_udp_port = 4789 - -# This option specifies the value of the udp port used for vxlan tunnelling -# of overlay traffic from midolman hosts to other midolman hosts. The value -# needs to be the same across the cluster. It also needs to be different from -# the vxlan_vtep_udp_port value. -vxlan_overlay_udp_port = 6677 - -# Maximum number of flows a given datapath will be able to contain. -max_flow_count = 20000 -# Maximum number of wildcard flows a given datapath will be able to contain. -max_wildcard_flow_count = 20000 -# Midolman uses a pool of reusable buffers to send requests to the -# datapath. The options below tune the pool's size and that of its -# buffers. One pool is created for each output channel, the settings -# defined here will apply to each of those pools. -# max_size: maximum number of buffers to hold in the pool. When the -# pool is empty (all buffers are in use) and has reached -# its maximum size, temporary buffers will be allocated. -send_buffer_pool_max_size = 2048 -# initial_size: initial number of buffers to allocate in the pool -send_buffer_pool_initial_size = 2048 -# buf_size_kb: size of each buffer, in kb. Maximum total pool size would thus -# be: max_size * buf_size_kb. Beware that the buffer size puts a -# limit on the packet size that Midolman can send. In a network -# jumbo frames, adjust the size so that one buffer will accomodate -# a whole frame plus enough room for the flow's actions. -send_buffer_pool_buf_size_kb = 8 - -# How many datapath messages to process in each batch, increasing througput -# by reducing synchronization costs. Too high a value may hurt latency. -msgs_per_batch = 200 - - -# Midolman limits the amount of packets in flight in the system at any -# given time. This prevents its internal queues from growing infinitely. -# Additionally, midolman ensures that its processing capacity is shared -# fairly among ports connected to the datapath. This, for example, -# would prevent a single VM from setting up new flows at a rate that -# would starve other VMs in the system. -# -# This behaviour is achieved by routing packets that miss the datapath -# flow table and rise to userspace through a Hierarchical Token Bucket. -# This HTB is set up in such a way such that tunnel ports will get 50% -# of the resources, and the remaining 50% is shared fairly among all -# other ports (typically, VMs). -# -# The rate at which the buckets are refilled is automatic and dynamic. -# However the size of the buckets at each stage of the HTB can be tuned -# through the settings below, increasing a bucket size will increase the -# burstiness at which traffic can be queued before new tokens become -# available. -# -# Bucket size is measured in packets. - -# global_incoming_burts_capacity: size of the root bucket in the HTB. -global_incoming_burst_capacity = 128 - -# tunnel_incoming_burst_capacity: bucket size for tunnel ports (GRE, VxLAN) -tunnel_incoming_burst_capacity = 64 - -# vm_incoming_burst_capacity: bucket size for VM ports -vm_incoming_burst_capacity = 16 - -# vtep_incoming_burst_capacity: bucket size for VTEP (VxLAN) ports. -vtep_incoming_burst_capacity = 64 - -[haproxy_health_monitor] -# Health monitor is disabled by default. Please change the following value to -# true to activate it. -Health_monitor_enable = false diff --git a/midonet/templates/midonet-api/keystone_config.xml.erb b/midonet/templates/midonet-api/keystone_config.xml.erb deleted file mode 100644 index 3ed17bbf7..000000000 --- a/midonet/templates/midonet-api/keystone_config.xml.erb +++ /dev/null @@ -1,24 +0,0 @@ - - - keystone-service_protocol - http - - - keystone-service_host - <%= @keystone_host %> - - - keystone-service_port - <%= @keystone_port %> - - - keystone-admin_token - <%= @keystone_admin_token %> - - - - keystone-tenant_name - <%= @keystone_tenant_name %> - diff --git a/midonet/templates/midonet-api/mockauth_config.xml.erb b/midonet/templates/midonet-api/mockauth_config.xml.erb deleted file mode 100644 index 4e42c1381..000000000 --- a/midonet/templates/midonet-api/mockauth_config.xml.erb +++ /dev/null @@ -1,14 +0,0 @@ - - - - mock_auth-admin_token - 999888777666 - - - mock_auth-tenant_admin_token - 999888777666 - - - mock_auth-tenant_user_token - 999888777666 - diff --git a/midonet/templates/midonet-api/web.xml.erb b/midonet/templates/midonet-api/web.xml.erb deleted file mode 100644 index eaea7edb0..000000000 --- a/midonet/templates/midonet-api/web.xml.erb +++ /dev/null @@ -1,110 +0,0 @@ - - - - MidoNet API - - - - - rest_api-base_uri - http://<%= @api_ip %>:<%= @api_port %>/midonet-api - - - - - cors-access_control_allow_origin - * - - - cors-access_control_allow_headers - Origin, X-Auth-Token, Content-Type, Accept, Authorization - - - cors-access_control_allow_methods - GET, POST, PUT, DELETE, OPTIONS - - - cors-access_control_expose_headers - Location - - - - - auth-auth_provider - - <%- if @keystone_auth -%> - org.midonet.api.auth.keystone.v2_0.KeystoneService - <%- else -%> - org.midonet.api.auth.MockAuthService - <%- end -%> - - - auth-admin_role - admin - - - <%- if @keystone_auth -%> - <%= scope.function_template(['midonet/midonet-api/keystone_config.xml.erb']) %> - <%- else -%> - <%= scope.function_template(['midonet/midonet-api/mockauth_config.xml.erb']) %> - <%- end -%> - - - - - zookeeper-use_mock - false - - - zookeeper-zookeeper_hosts - -<%- zkarr = Array.new -%> -<%- @zk_servers.each do |s| -%> - <%- zkarr.push("#{s['ip']}:#{s['port'] ||= 2181 }") -%> -<%- end -%> - <%= zkarr.join(",") %> - - - zookeeper-session_timeout - 30000 - - - zookeeper-midolman_root_key - /midonet/v1 - - - zookeeper-curator_enabled - true - - - - - midobrain-vxgw_enabled - <%= @vtep %> - - - - - - - org.midonet.api.servlet.JerseyGuiceServletContextListener - - - - - - - Guice Filter - com.google.inject.servlet.GuiceFilter - - - Guice Filter - /* - - - diff --git a/midonet/templates/neutron_plugin/midonet.ini.erb b/midonet/templates/neutron_plugin/midonet.ini.erb deleted file mode 100644 index e5355d9de..000000000 --- a/midonet/templates/neutron_plugin/midonet.ini.erb +++ /dev/null @@ -1,5 +0,0 @@ -[MIDONET] -midonet_uri = http://<%= @midonet_api_ip %>:8080/midonet-api -username = <%= @username %> -password = <%= @password %> -project_id = <%= @project_id %> diff --git a/midonet/templates/zookeeper/zoo.cfg.erb b/midonet/templates/zookeeper/zoo.cfg.erb deleted file mode 100644 index 5ddcfa2da..000000000 --- a/midonet/templates/zookeeper/zoo.cfg.erb +++ /dev/null @@ -1,19 +0,0 @@ -# The number of milliseconds of each tick -tickTime=2000 -# The number of ticks that the initial -# synchronization phase can take -initLimit=10 -# The number of ticks that can pass between -# sending a request and getting an acknowledgement -syncLimit=5 -# the directory where the snapshot is stored. -dataDir=<%= @data_dir %> -# the port at which the clients will connect -clientPort=2181 - -# specify all zookeeper servers -# The fist port is used by followers to connect to the leader -# The second one is used for leader election -<% @servers.each do |s| %> -<%="server.#{s['id']}=#{s['host']}:#{s['peer_port'] ||= 2888}:#{s['lead_port'] || 3888}" %> -<% end %> diff --git a/midonet/templates/zookeeper/zookeeper-env.sh.erb b/midonet/templates/zookeeper/zookeeper-env.sh.erb deleted file mode 100644 index 4338f6aab..000000000 --- a/midonet/templates/zookeeper/zookeeper-env.sh.erb +++ /dev/null @@ -1,2 +0,0 @@ -export JAVA_HOME=<%= @java_home %> -export ZOO_LOG_DIR=/var/log/zookeeper diff --git a/mistral/.gitignore b/mistral/.gitignore deleted file mode 100644 index 61092bdaf..000000000 --- a/mistral/.gitignore +++ /dev/null @@ -1,15 +0,0 @@ -pkg/ -Gemfile.lock -vendor/ -spec/fixtures/ -.vagrant/ -.bundle/ -coverage/ -.idea/ -*.swp -*.iml -openstack/ - -# Files created by releasenotes build -releasenotes/build -.tox diff --git a/mistral/.gitreview b/mistral/.gitreview deleted file mode 100644 index d917e4634..000000000 --- a/mistral/.gitreview +++ /dev/null @@ -1,5 +0,0 @@ -[gerrit] -host=review.openstack.org -port=29418 -project=openstack/puppet-mistral.git -defaultbranch=stable/mitaka diff --git a/mistral/CHANGELOG.md b/mistral/CHANGELOG.md deleted file mode 100644 index 79a2e55a7..000000000 --- a/mistral/CHANGELOG.md +++ /dev/null @@ -1,5 +0,0 @@ -## 8.0.0 and beyond - -From 8.0.0 release and beyond, release notes are published on -[docs.openstack.org](http://docs.openstack.org/releasenotes/puppet-mistral/). - diff --git a/mistral/Gemfile b/mistral/Gemfile deleted file mode 100644 index 5728ff7e7..000000000 --- a/mistral/Gemfile +++ /dev/null @@ -1,22 +0,0 @@ -source ENV['GEM_SOURCE'] || "https://rubygems.org" - -group :development, :test, :system_tests do - gem 'puppet-openstack_spec_helper', - :git => 'https://git.openstack.org/openstack/puppet-openstack_spec_helper', - :branch => 'stable/mitaka', - :require => false -end - -if facterversion = ENV['FACTER_GEM_VERSION'] - gem 'facter', facterversion, :require => false -else - gem 'facter', :require => false -end - -if puppetversion = ENV['PUPPET_GEM_VERSION'] - gem 'puppet', puppetversion, :require => false -else - gem 'puppet', :require => false -end - -# vim:ft=ruby diff --git a/mistral/LICENSE b/mistral/LICENSE deleted file mode 100644 index 8c06f5ea0..000000000 --- a/mistral/LICENSE +++ /dev/null @@ -1,13 +0,0 @@ -Copyright 2015 OpenStack Foundation - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. diff --git a/mistral/README.md b/mistral/README.md deleted file mode 100644 index 9c547599b..000000000 --- a/mistral/README.md +++ /dev/null @@ -1,97 +0,0 @@ -mistral -====== - -#### Table of Contents - -1. [Overview - What is the mistral module?](#overview) -2. [Module Description - What does the module do?](#module-description) -3. [Setup - The basics of getting started with mistral](#setup) -4. [Implementation - An under-the-hood peek at what the module is doing](#implementation) -5. [Limitations - OS compatibility, etc.] -6. [Development - Guide for contributing to the module](#development) -7. [Contributors - Those with commits](#contributors) - -Overview --------- - -The Mistral module itself is a workflow service for OpenStack cloud. - -Module Description ------------------- - -The mistral module is an attempt to make Puppet capable of managing the -entirety of mistral. - -Setup ------ - -### Beginning with mistral - -To use the mistral module's functionality you will need to declare multiple -resources. This is not an exhaustive list of all the components needed; we -recommend you consult and understand the -[core of openstack](http://docs.openstack.org) documentation. - - -Implementation --------------- - -### Mistral - -puppet-mistral is a combination of Puppet manifests and ruby code to deliver -configuration and extra functionality through types and providers. - -### Types - -#### mistral_config - -The `mistral_config` provider is a children of the ini_setting provider. It allows one to write an entry in the `/etc/mistral/mistral.conf` file. - -```puppet -mistral_config { 'DEFAULT/verbose' : - value => true, -} -``` - -This will write `verbose=true` in the `[DEFAULT]` section. - -##### name - -Section/setting name to manage from `mistral.conf` - -##### value - -The value of the setting to be defined. - -##### secret - -Whether to hide the value from Puppet logs. Defaults to `false`. - -##### ensure_absent_val - -If value is equal to ensure_absent_val then the resource will behave as if `ensure => absent` was specified. Defaults to `` - - -Beaker-Rspec ------------- - -This module has beaker-rspec tests - -To run: - -``shell -bundle install -bundle exec rspec spec/acceptance -`` - -Development ------------ - -Developer documentation for the entire puppet-openstack project. - -* https://wiki.openstack.org/wiki/Puppet#Developer_documentation - -Contributors ------------- - -* https://github.com/openstack/puppet-mistral/graphs/contributors diff --git a/mistral/Rakefile b/mistral/Rakefile deleted file mode 100644 index 168d10814..000000000 --- a/mistral/Rakefile +++ /dev/null @@ -1 +0,0 @@ -require 'puppet-openstack_spec_helper/rake_tasks' diff --git a/mistral/lib/puppet/provider/mistral_config/ini_setting.rb b/mistral/lib/puppet/provider/mistral_config/ini_setting.rb deleted file mode 100644 index 2437633b0..000000000 --- a/mistral/lib/puppet/provider/mistral_config/ini_setting.rb +++ /dev/null @@ -1,10 +0,0 @@ -Puppet::Type.type(:mistral_config).provide( - :ini_setting, - :parent => Puppet::Type.type(:openstack_config).provider(:ini_setting) -) do - - def self.file_path - '/etc/mistral/mistral.conf' - end - -end diff --git a/mistral/lib/puppet/type/mistral_config.rb b/mistral/lib/puppet/type/mistral_config.rb deleted file mode 100644 index 2447dc349..000000000 --- a/mistral/lib/puppet/type/mistral_config.rb +++ /dev/null @@ -1,53 +0,0 @@ -Puppet::Type.newtype(:mistral_config) do - - ensurable - - newparam(:name, :namevar => true) do - desc 'Section/setting name to manage from /etc/mistral/mistral.conf' - newvalues(/\S+\/\S+/) - end - - newproperty(:value) do - desc 'The value of the setting to be defined.' - munge do |value| - value = value.to_s.strip - value.capitalize! if value =~ /^(true|false)$/i - value - end - newvalues(/^[\S ]*$/) - - def is_to_s( currentvalue ) - if resource.secret? - return '[old secret redacted]' - else - return currentvalue - end - end - - def should_to_s( newvalue ) - if resource.secret? - return '[new secret redacted]' - else - return newvalue - end - end - end - - newparam(:secret, :boolean => true) do - desc 'Whether to hide the value from Puppet logs. Defaults to `false`.' - - newvalues(:true, :false) - - defaultto false - end - - newparam(:ensure_absent_val) do - desc 'A value that is specified as the value property will behave as if ensure => absent was specified' - defaultto('') - end - - autorequire(:package) do - 'mistral-common' - end - -end diff --git a/mistral/manifests/api.pp b/mistral/manifests/api.pp deleted file mode 100644 index abd1c8513..000000000 --- a/mistral/manifests/api.pp +++ /dev/null @@ -1,106 +0,0 @@ -# == Class: mistral::api -# -# Installs & configure the Mistral API service -# -# === Parameters -# [*package_ensure*] -# (Optional) Ensure state for package. -# Defaults to present -# -# [*enabled*] -# (optional) Should the service be enabled. -# Defaults to 'true'. -# -# [*manage_service*] -# (optional) Whether the service should be managed by Puppet. -# Defaults to 'true'. -# -# [*bind_host*] -# (Optional) Address to bind the server. Useful when -# selecting a particular network interface. -# Defaults to $::os_service_default. -# -# [*bind_port*] -# (Optional) The port on which the server will listen. -# Defaults to $::os_service_default. -# -# [*allow_action_execution_deletion*] -# (Optional) Enables the ability to delete action_execution which has no -# relationship with workflows. (boolean value). -# Defaults to $::os_service_default. -# -# [*service_name*] -# (optional) Name of the service that will be providing the -# server functionality of mistral-api. -# If the value is 'httpd', this means mistral-api will be a web -# service, and you must use another class to configure that -# web service. For example, use class { 'mistral::wsgi::apache'...} -# to make mistral-api be a web app using apache mod_wsgi. -# Defaults to '$::mistral::params::api_service_name' -# -class mistral::api ( - $package_ensure = present, - $manage_service = true, - $enabled = true, - $bind_host = $::os_service_default, - $bind_port = $::os_service_default, - $allow_action_execution_deletion = $::os_service_default, - $service_name = $::mistral::params::api_service_name, -) inherits mistral::params { - - include ::mistral::params - include ::mistral::policy - - Mistral_config<||> ~> Service[$service_name] - Class['mistral::policy'] ~> Service[$service_name] - Package['mistral-api'] -> Class['mistral::policy'] - Package['mistral-api'] -> Service[$service_name] - Package['mistral-api'] -> Service['mistral-api'] - - package { 'mistral-api': - ensure => $package_ensure, - name => $::mistral::params::api_package_name, - tag => ['openstack', 'mistral-package'], - } - - if $manage_service { - if $enabled { - $service_ensure = 'running' - } else { - $service_ensure = 'stopped' - } - } - - if $service_name == $::mistral::params::api_service_name { - service { 'mistral-api': - ensure => $service_ensure, - name => $::mistral::params::api_service_name, - enable => $enabled, - hasstatus => true, - hasrestart => true, - tag => 'mistral-service', - } - } elsif $service_name == 'httpd' { - include ::apache::params - service { 'mistral-api': - ensure => 'stopped', - name => $::mistral::params::api_service_name, - enable => false, - tag => 'mistral-service', - } - Class['mistral::db'] -> Service[$service_name] - Service <<| title == 'httpd' |>> { tag +> 'mistral-service' } - - # we need to make sure mistral-api s stopped before trying to start apache - Service['mistral-api'] -> Service[$service_name] - } else { - fail('Invalid service_name. Either mistral/openstack-mistral-api for running as a standalone service, or httpd for being run by a httpd server') - } - - mistral_config { - 'api/host' : value => $bind_host; - 'api/port' : value => $bind_port; - 'api/allow_action_execution_deletion' : value => $allow_action_execution_deletion; - } - -} diff --git a/mistral/manifests/client.pp b/mistral/manifests/client.pp deleted file mode 100644 index 4fb064fb4..000000000 --- a/mistral/manifests/client.pp +++ /dev/null @@ -1,20 +0,0 @@ -# == Class: mistral::client -# -# Installs mistral python client. -# -# === Parameters -# -# [*package_ensure*] -# Ensure state for package. Defaults to 'present'. -# -class mistral::client( - $package_ensure = 'present' -) { - - include ::mistral::params - - package { 'python-mistralclient': - ensure => $package_ensure, - name => $::mistral::params::client_package, - } -} diff --git a/mistral/manifests/config.pp b/mistral/manifests/config.pp deleted file mode 100644 index c00504fa7..000000000 --- a/mistral/manifests/config.pp +++ /dev/null @@ -1,30 +0,0 @@ -# == Class: mistral::config -# -# This class is used to manage arbitrary mistral configurations. -# -# === Parameters -# -# [*mistral_config*] -# (optional) Allow configuration of arbitrary mistral configurations. -# The value is an hash of mistral_config resources. Example: -# { 'DEFAULT/foo' => { value => 'fooValue'}, -# 'DEFAULT/bar' => { value => 'barValue'} -# } -# In yaml format, Example: -# mistral_config: -# DEFAULT/foo: -# value: fooValue -# DEFAULT/bar: -# value: barValue -# -# NOTE: The configuration MUST NOT be already handled by this module -# or Puppet catalog compilation will fail with duplicate resources. -# -class mistral::config ( - $mistral_config = {}, -) { - - validate_hash($mistral_config) - - create_resources('mistral_config', $mistral_config) -} diff --git a/mistral/manifests/db.pp b/mistral/manifests/db.pp deleted file mode 100644 index ca13f7570..000000000 --- a/mistral/manifests/db.pp +++ /dev/null @@ -1,101 +0,0 @@ -# == Class: mistral::db -# -# Configure the Mistral database -# -# === Parameters -# -# [*database_connection*] -# Url used to connect to database. -# (Optional) Defaults to 'sqlite:////var/lib/mistral/mistral.sqlite' -# -# [*database_idle_timeout*] -# Timeout when db connections should be reaped. -# (Optional) Defaults to $::os_service_default -# -# [*database_min_pool_size*] -# Minimum number of SQL connections to keep open in a pool. -# (Optional) Defaults to $::os_service_default -# -# [*database_max_pool_size*] -# Maximum number of SQL connections to keep open in a pool. -# (Optional) Defaults to $::os_service_default -# -# [*database_max_retries*] -# Maximum db connection retries during startup. -# Setting -1 implies an infinite retry count. -# (Optional) Defaults to $::os_service_default -# -# [*database_retry_interval*] -# Interval between retries of opening a sql connection. -# (Optional) Defaults to $::os_service_default -# -# [*database_max_overflow*] -# If set, use this value for max_overflow with sqlalchemy. -# (Optional) Defaults to $::os_service_default -# -class mistral::db ( - $database_connection = 'sqlite:////var/lib/mistral/mistral.sqlite', - $database_idle_timeout = $::os_service_default, - $database_min_pool_size = $::os_service_default, - $database_max_pool_size = $::os_service_default, - $database_max_retries = $::os_service_default, - $database_retry_interval = $::os_service_default, - $database_max_overflow = $::os_service_default, -) { - - include ::mistral::params - - # NOTE(spredzy): In order to keep backward compatibility we rely on the pick function - # to use mistral:: if mistral::db:: isn't specified. - $database_connection_real = pick($::mistral::database_connection,$database_connection) - $database_idle_timeout_real = pick($::mistral::database_idle_timeout,$database_idle_timeout) - $database_min_pool_size_real = pick($::mistral::database_min_pool_size,$database_min_pool_size) - $database_max_pool_size_real = pick($::mistral::database_max_pool_size,$database_max_pool_size) - $database_max_retries_real = pick($::mistral::database_max_retries,$database_max_retries) - $database_retry_interval_real = pick($::mistral::database_retry_interval,$database_retry_interval) - $database_max_overflow_real = pick($::mistral::database_max_overflow,$database_max_overflow) - - validate_re($database_connection_real, - '^(sqlite|mysql(\+pymysql)?|postgresql):\/\/(\S+:\S+@\S+\/\S+)?') - - case $database_connection_real { - /^mysql(\+pymysql)?:\/\//: { - require 'mysql::bindings' - require 'mysql::bindings::python' - if $database_connection_real =~ /^mysql\+pymysql/ { - $backend_package = $::mistral::params::pymysql_package_name - } else { - $backend_package = false - } - } - /^postgresql:\/\//: { - $backend_package = false - require 'postgresql::lib::python' - } - /^sqlite:\/\//: { - $backend_package = $::mistral::params::sqlite_package_name - } - default: { - fail('Unsupported backend configured') - } - } - - if $backend_package and !defined(Package[$backend_package]) { - package {'mistral-backend-package': - ensure => present, - name => $backend_package, - tag => 'openstack', - } - } - - mistral_config { - 'database/connection': value => $database_connection_real, secret => true; - 'database/idle_timeout': value => $database_idle_timeout_real; - 'database/min_pool_size': value => $database_min_pool_size_real; - 'database/max_retries': value => $database_max_retries_real; - 'database/retry_interval': value => $database_retry_interval_real; - 'database/max_pool_size': value => $database_max_pool_size_real; - 'database/max_overflow': value => $database_max_overflow_real; - } - -} diff --git a/mistral/manifests/db/mysql.pp b/mistral/manifests/db/mysql.pp deleted file mode 100644 index 3941f0f22..000000000 --- a/mistral/manifests/db/mysql.pp +++ /dev/null @@ -1,73 +0,0 @@ -# The mistral::db::mysql class implements mysql backend for mistral -# -# This class can be used to create tables, users and grant -# privilege for a mysql mistral database. -# -# == parameters -# -# [*password*] -# (Mandatory) Password to connect to the database. -# Defaults to 'false'. -# -# [*dbname*] -# (Optional) Name of the database. -# Defaults to 'mistral'. -# -# [*user*] -# (Optional) User to connect to the database. -# Defaults to 'mistral'. -# -# [*host*] -# (Optional) The default source host user is allowed to connect from. -# Defaults to '127.0.0.1' -# -# [*allowed_hosts*] -# (Optional) Other hosts the user is allowed to connect from. -# Defaults to 'undef'. -# -# [*charset*] -# (Optional) The database charset. -# Defaults to 'utf8' -# -# [*collate*] -# (Optional) The database collate. -# Only used with mysql modules >= 2.2. -# Defaults to 'utf8_general_ci' -# -# [*listening_service*] -# The name that will be called from the mysql machine -# Defaults to 'mistral_db'. -# -# == Dependencies -# Class['mysql::server'] -# -# == Examples -# -# == Authors -# -# == Copyright -# -class mistral::db::mysql( - $password, - $listening_service = 'mistral_db', - $dbname = 'mistral', - $user = 'mistral', - $host = '127.0.0.1', - $charset = 'utf8', - $collate = 'utf8_general_ci', - $allowed_hosts = undef -) { - - validate_string($password) - - ::openstacklib::db::mysql { 'mistral': - user => $user, - password_hash => mysql_password($password), - dbname => $dbname, - host => $host, - charset => $charset, - collate => $collate, - allowed_hosts => $allowed_hosts, - } - -} diff --git a/mistral/manifests/db/postgresql.pp b/mistral/manifests/db/postgresql.pp deleted file mode 100644 index 7851c7004..000000000 --- a/mistral/manifests/db/postgresql.pp +++ /dev/null @@ -1,55 +0,0 @@ -# == Class: mistral::db::postgresql -# -# Class that configures postgresql for mistral -# Requires the Puppetlabs postgresql module. -# -# === Parameters -# -# [*password*] -# (Required) Password to connect to the database. -# -# [*dbname*] -# (Optional) Name of the database. -# Defaults to 'mistral'. -# -# [*user*] -# (Optional) User to connect to the database. -# Defaults to 'mistral'. -# -# [*encoding*] -# (Optional) The charset to use for the database. -# Default to undef. -# -# [*privileges*] -# (Optional) Privileges given to the database user. -# Default to 'ALL' -# -# == Dependencies -# -# == Examples -# -# == Authors -# -# == Copyright -# -class mistral::db::postgresql( - $password, - $dbname = 'mistral', - $user = 'mistral', - $encoding = undef, - $privileges = 'ALL', -) { - - Class['mistral::db::postgresql'] -> Service<| title == 'mistral' |> - - ::openstacklib::db::postgresql { 'mistral': - password_hash => postgresql_password($user, $password), - dbname => $dbname, - user => $user, - encoding => $encoding, - privileges => $privileges, - } - - ::Openstacklib::Db::Postgresql['mistral'] ~> Exec<| title == 'mistral-db-sync' |> - -} diff --git a/mistral/manifests/db/sync.pp b/mistral/manifests/db/sync.pp deleted file mode 100644 index e64c065d9..000000000 --- a/mistral/manifests/db/sync.pp +++ /dev/null @@ -1,34 +0,0 @@ -# -# Class to execute "mistral-db-manage 'upgrade head' and 'populate'" -# -class mistral::db::sync { - - include ::mistral::params - - Package<| tag =='mistral-common' |> ~> Exec['mistral-db-sync'] - Exec['mistral-db-sync'] ~> Service<| tag == 'mistral-service' |> - Mistral_config <||> -> Exec['mistral-db-sync'] - Mistral_config <| title == 'database/connection' |> ~> Exec['mistral-db-sync'] - - exec { 'mistral-db-sync': - command => $::mistral::params::db_sync_command, - path => '/usr/bin', - user => 'mistral', - logoutput => on_failure, - refreshonly => true, - } - - Exec['mistral-db-sync'] -> Exec['mistral-db-populate'] - Package<| tag =='mistral-common' |> ~> Exec['mistral-db-populate'] - Exec['mistral-db-populate'] ~> Service<| tag == 'mistral-service' |> - Mistral_config <||> -> Exec['mistral-db-populate'] - Mistral_config <| title == 'database/connection' |> ~> Exec['mistral-db-populate'] - exec { 'mistral-db-populate': - command => $::mistral::params::db_populate_command, - path => '/usr/bin', - user => 'mistral', - logoutput => on_failure, - refreshonly => true, - } - -} diff --git a/mistral/manifests/engine.pp b/mistral/manifests/engine.pp deleted file mode 100644 index 56bbd6d93..000000000 --- a/mistral/manifests/engine.pp +++ /dev/null @@ -1,78 +0,0 @@ -# == Class: mistral::engine -# -# Installs & configure the Mistral Engine service -# -# === Parameters -# [*package_ensure*] -# (Optional) Ensure state for package. -# Defaults to present -# -# [*enabled*] -# (optional) Should the service be enabled. -# Defaults to 'true'. -# -# [*manage_service*] -# (optional) Whether the service should be managed by Puppet. -# Defaults to 'true'. -# -# [*host*] -# (Optional) Name of the engine node. This can be an opaque identifier. -# It is not necessarily a hostname, FQDN, or IP address. (string value) -# Defaults to $::os_service_default. -# -# [*topic*] -# (Optional) The message topic that the engine listens on. -# Defaults to $::os_service_default. -# -# [*version*] -# (Optional) The version of the engine. (string value) -# Defaults to $::os_service_default. -# -# [*execution_field_size_limit_kb*] -# (Optional) The default maximum size in KB of large text fields -# of runtime execution objects. Use -1 for no limit. -# Defaults to $::os_service_default. -# -class mistral::engine ( - $package_ensure = present, - $manage_service = true, - $enabled = true, - $host = $::os_service_default, - $topic = $::os_service_default, - $version = $::os_service_default, - $execution_field_size_limit_kb = $::os_service_default, -) { - - include ::mistral::params - - package { 'mistral-engine': - ensure => $package_ensure, - name => $::mistral::params::engine_package_name, - tag => ['openstack', 'mistral-package'], - } - - if $manage_service { - if $enabled { - $service_ensure = 'running' - } else { - $service_ensure = 'stopped' - } - } - - service { 'mistral-engine': - ensure => $service_ensure, - name => $::mistral::params::engine_service_name, - enable => $enabled, - hasstatus => true, - hasrestart => true, - tag => 'mistral-service', - } - - mistral_config { - 'engine/host' : value => $host; - 'engine/topic' : value => $topic; - 'engine/version' : value => $version; - 'engine/execution_field_size_limit_kb' : value => $execution_field_size_limit_kb; - } - -} diff --git a/mistral/manifests/executor.pp b/mistral/manifests/executor.pp deleted file mode 100644 index 29d115a46..000000000 --- a/mistral/manifests/executor.pp +++ /dev/null @@ -1,89 +0,0 @@ -# == Class: mistral::executor -# -# Installs & configure the Mistral Engine service -# -# === Parameters -# [*package_ensure*] -# (Optional) Ensure state for package. -# Defaults to present -# -# [*enabled*] -# (optional) Should the service be enabled. -# Defaults to 'true'. -# -# [*manage_service*] -# (optional) Whether the service should be managed by Puppet. -# Defaults to 'true'. -# -# [*host*] -# (Optional) Name of the executor node. This can be an opaque identifier. -# It is not necessarily a hostname, FQDN, or IP address. (string value) -# Defaults to $::os_service_default. -# -# [*topic*] -# (Optional) The message topic that the executor listens on. (string value) -# Defaults to $::os_service_default. -# -# [*version*] -# (Optional) The version of the executor. (string value) -# Defaults to $::os_service_default. -# -# [*evaluation_interval*] -# (Optional) How often will the executions be evaluated -# (in minutes). For example for value 120 the interval -# will be 2 hours (every 2 hours). -# Defaults to $::os_service_default. -# -# [*older_than*] -# (Optional) Evaluate from which time remove executions in minutes. -# For example when older_than = 60, remove all executions -# that finished a 60 minutes ago or more. -# Minimum value is 1. -# Note that only final state execution will remove (SUCCESS/ERROR). -# Defaults to $::os_service_default. -# -class mistral::executor ( - $package_ensure = present, - $manage_service = true, - $enabled = true, - $host = $::os_service_default, - $topic = $::os_service_default, - $version = $::os_service_default, - $evaluation_interval = $::os_service_default, - $older_than = $::os_service_default, -) { - - include ::mistral::params - - package { 'mistral-executor': - ensure => $package_ensure, - name => $::mistral::params::executor_package_name, - tag => ['openstack', 'mistral-package'], - } - - if $manage_service { - if $enabled { - $service_ensure = 'running' - } else { - $service_ensure = 'stopped' - } - } - - service { 'mistral-executor': - ensure => $service_ensure, - name => $::mistral::params::executor_service_name, - enable => $enabled, - hasstatus => true, - hasrestart => true, - tag => 'mistral-service', - } - - mistral_config { - 'executor/host' : value => $host; - 'executor/topic' : value => $topic; - 'executor/version' : value => $version; - 'execution_expiration_policy/evaluation_interval' : value => $evaluation_interval; - 'execution_expiration_policy/older_than' : value => $older_than; - } - -} diff --git a/mistral/manifests/init.pp b/mistral/manifests/init.pp deleted file mode 100644 index 1c2b13831..000000000 --- a/mistral/manifests/init.pp +++ /dev/null @@ -1,293 +0,0 @@ -# == Class: mistral -# -# Mistral base package & configuration -# -# === Parameters -# [*package_ensure*] -# (Optional) Ensure state for package. -# Defaults to 'present'. -# -# [*rpc_backend*] -# (optional) The rpc backend. -# Defaults to 'rabbit'. -# -# [*auth_uri*] -# (optional) Specifies the public Identity URI for Mistral to use. -# Default 'http://localhost:5000/v2.0/'. -# -# [*identity_uri*] -# (optional) Specifies the admin Identity URI for Mistral to use. -# Default 'http://localhost:35357/'. -# -# [*keystone_user*] -# (optional) The name of the auth user -# Defaults to 'mistral'. -# -# [*keystone_tenant*] -# (optional) The tenant of the auth user -# Defaults to 'services'. -# -# [*keystone_password*] -# (required) The password of the auth user. -# -# [*log_dir*] -# (optional) Directory where logs should be stored. -# If set to boolean false or the $::os_service_default, it will not log to -# any directory. -# Defaults to '/var/log/mistral'. -# -# [*use_syslog*] -# (Optional) Use syslog for logging. -# Defaults to undef. -# -# [*use_stderr*] -# (optional) Use stderr for logging -# Defaults to undef. -# -# [*log_facility*] -# (Optional) Syslog facility to receive log lines. -# Defaults to undef. -# -# [*verbose*] -# (Optional) Should the daemons log verbose messages -# Defaults to undef. -# -# [*debug*] -# (Optional) Should the daemons log debug messages -# Defaults to undef. -# -# [*database_connection*] -# (optional) Url used to connect to database. -# Defaults to undef. -# -# [*database_idle_timeout*] -# Timeout when db connections should be reaped. -# (Optional) Defaults to undef. -# -# [*database_min_pool_size*] -# Minimum number of SQL connections to keep open in a pool. -# (Optional) Defaults to undef. -# -# [*database_max_pool_size*] -# Maximum number of SQL connections to keep open in a pool. -# (Optional) Defaults to undef. -# -# [*database_max_retries*] -# Maximum db connection retries during startup. -# Setting -1 implies an infinite retry count. -# (Optional) Defaults to undef. -# -# [*database_retry_interval*] -# Interval between retries of opening a sql connection. -# (Optional) Defaults to underf. -# -# [*database_max_overflow*] -# If set, use this value for max_overflow with sqlalchemy. -# (Optional) Defaults to undef. -# -# [*rabbit_host*] -# (Optional) IP or hostname of the rabbit server. -# Defaults to '127.0.0.1' -# -# [*rabbit_port*] -# (Optional) Port of the rabbit server. -# Defaults to 5672. -# -# [*rabbit_hosts*] -# (Optional) Array of host:port (used with HA queues). -# If defined, will remove rabbit_host & rabbit_port parameters from config -# Defaults to undef. -# -# [*rabbit_userid*] -# (Optional) User to connect to the rabbit server. -# Defaults to 'guest' -# -# [*rabbit_password*] -# (Required) Password to connect to the rabbit_server. -# Defaults to empty. Required if using the Rabbit (kombu) -# backend. -# -# [*rabbit_virtual_host*] -# (Optional) Virtual_host to use. -# Defaults to '/' -# -# [*rabbit_ha_queues*] -# (optional) Use HA queues in RabbitMQ (x-ha-policy: all). -# Defaults to undef -# -# [*rabbit_heartbeat_timeout_threshold*] -# (optional) Number of seconds after which the RabbitMQ broker is considered -# down if the heartbeat keepalive fails. Any value >0 enables heartbeats. -# Heartbeating helps to ensure the TCP connection to RabbitMQ isn't silently -# closed, resulting in missed or lost messages from the queue. -# (Requires kombu >= 3.0.7 and amqp >= 1.4.0) -# Defaults to 0 -# -# [*rabbit_heartbeat_rate*] -# (optional) How often during the rabbit_heartbeat_timeout_threshold period to -# check the heartbeat on RabbitMQ connection. (i.e. rabbit_heartbeat_rate=2 -# when rabbit_heartbeat_timeout_threshold=60, the heartbeat will be checked -# every 30 seconds. -# Defaults to 2 -# -# [*rabbit_use_ssl*] -# (optional) Connect over SSL for RabbitMQ -# Defaults to false -# -# [*report_interval*] -# (optional) Interval, in seconds, between nodes reporting state to -# datastore (integer value). -# Defaults to $::os_service_default -# -# [*service_down_time*] -# (optional) Maximum time since last check-in for a service to be -# considered up (integer value). -# Defaults to $::os_service_default -# -# [*kombu_ssl_ca_certs*] -# (optional) SSL certification authority file (valid only if SSL enabled). -# Defaults to $::os_service_default -# -# [*kombu_ssl_certfile*] -# (optional) SSL cert file (valid only if SSL enabled). -# Defaults to $::os_service_default -# -# [*kombu_ssl_keyfile*] -# (optional) SSL key file (valid only if SSL enabled). -# Defaults to $::os_service_default -# -# [*kombu_ssl_version*] -# (optional) SSL version to use (valid only if SSL enabled). -# Valid values are TLSv1, SSLv23 and SSLv3. SSLv2 may be -# available on some distributions. -# Defaults to $::os_service_default -# -# [*kombu_reconnect_delay*] -# (optional) How long to wait before reconnecting in response to an AMQP -# consumer cancel notification. -# Defaults to $::os_service_default -# -# [*amqp_durable_queues*] -# Use durable queues in amqp. -# (Optional) Defaults to false. -# -# [*control_exchange*] -# (Optional) -# Defaults to 'openstack'. -# -# [*coordination_backend_url*] -# (optional) The backend URL to be used for coordination. -# Defaults to $::os_service_default -# -# [*coordination_heartbeat_interval*] -# (optional) Number of seconds between heartbeats for coordination. -# Defaults to $::os_service_default -# -class mistral( - $keystone_password, - $keystone_user = 'mistral', - $keystone_tenant = 'services', - $package_ensure = 'present', - $database_connection = undef, - $rpc_backend = 'rabbit', - $auth_uri = 'http://localhost:5000/', - $identity_uri = 'http://localhost:35357/', - $control_exchange = 'openstack', - $rabbit_host = '127.0.0.1', - $rabbit_port = 5672, - $rabbit_hosts = undef, - $rabbit_virtual_host = '/', - $rabbit_ha_queues = undef, - $rabbit_heartbeat_timeout_threshold = 0, - $rabbit_heartbeat_rate = 2, - $rabbit_userid = 'guest', - $rabbit_password = false, - $rabbit_use_ssl = false, - $service_down_time = $::os_service_default, - $report_interval = $::os_service_default, - $kombu_ssl_ca_certs = $::os_service_default, - $kombu_ssl_certfile = $::os_service_default, - $kombu_ssl_keyfile = $::os_service_default, - $kombu_ssl_version = $::os_service_default, - $kombu_reconnect_delay = $::os_service_default, - $amqp_durable_queues = false, - $use_syslog = undef, - $use_stderr = undef, - $log_dir = '/var/log/mistral', - $log_facility = undef, - $verbose = undef, - $debug = undef, - $coordination_backend_url = $::os_service_default, - $coordination_heartbeat_interval = $::os_service_default, -){ - include ::mistral::params - - include ::mistral::db - include ::mistral::logging - - validate_string($keystone_password) - - package { 'mistral-common': - ensure => $package_ensure, - name => $::mistral::params::common_package_name, - tag => ['openstack', 'mistral-package'], - } - - mistral_config { - 'DEFAULT/rpc_backend': value => $rpc_backend; - 'keystone_authtoken/auth_uri': value => $auth_uri; - 'keystone_authtoken/identity_uri': value => $identity_uri; - 'keystone_authtoken/admin_user': value => $keystone_user; - 'keystone_authtoken/admin_password': value => $keystone_password; - 'keystone_authtoken/admin_tenant_name': value => $keystone_tenant; - 'coordination/backend_url': value => $coordination_backend_url; - 'coordination/heartbeat_interval': value => $coordination_heartbeat_interval; - 'DEFAULT/control_exchange': value => $control_exchange; - 'DEFAULT/report_interval': value => $report_interval; - 'DEFAULT/service_down_time': value => $service_down_time; - } - - if $rpc_backend == 'rabbit' { - - if ! $rabbit_password { - fail('Please specify a rabbit_password parameter.') - } - - mistral_config { - 'oslo_messaging_rabbit/rabbit_password': value => $rabbit_password, secret => true; - 'oslo_messaging_rabbit/rabbit_userid': value => $rabbit_userid; - 'oslo_messaging_rabbit/rabbit_virtual_host': value => $rabbit_virtual_host; - 'oslo_messaging_rabbit/rabbit_use_ssl': value => $rabbit_use_ssl; - 'oslo_messaging_rabbit/kombu_ssl_version': value => $kombu_ssl_version; - 'oslo_messaging_rabbit/kombu_ssl_ca_certs': value => $kombu_ssl_ca_certs; - 'oslo_messaging_rabbit/kombu_ssl_certfile': value => $kombu_ssl_certfile; - 'oslo_messaging_rabbit/kombu_ssl_keyfile': value => $kombu_ssl_keyfile; - 'oslo_messaging_rabbit/kombu_reconnect_delay': value => $kombu_reconnect_delay; - 'oslo_messaging_rabbit/heartbeat_timeout_threshold': value => $rabbit_heartbeat_timeout_threshold; - 'oslo_messaging_rabbit/heartbeat_rate': value => $rabbit_heartbeat_rate; - 'oslo_messaging_rabbit/amqp_durable_queues': value => $amqp_durable_queues; - } - - if $rabbit_hosts { - mistral_config { 'oslo_messaging_rabbit/rabbit_hosts': value => join(any2array($rabbit_hosts), ',') } - mistral_config { 'oslo_messaging_rabbit/rabbit_host': ensure => absent } - mistral_config { 'oslo_messaging_rabbit/rabbit_port': ensure => absent } - } else { - mistral_config { 'oslo_messaging_rabbit/rabbit_host': value => $rabbit_host } - mistral_config { 'oslo_messaging_rabbit/rabbit_port': value => $rabbit_port } - mistral_config { 'oslo_messaging_rabbit/rabbit_hosts': value => "${rabbit_host}:${rabbit_port}" } - } - - # By default rabbit_ha_queues is undef - if $rabbit_ha_queues == undef { - if size($rabbit_hosts) > 1 { - mistral_config { 'oslo_messaging_rabbit/rabbit_ha_queues': value => true } - } else { - mistral_config { 'oslo_messaging_rabbit/rabbit_ha_queues': value => false } - } - } else { - mistral_config { 'oslo_messaging_rabbit/rabbit_ha_queues': value => $rabbit_ha_queues } - } - - } -} diff --git a/mistral/manifests/keystone/auth.pp b/mistral/manifests/keystone/auth.pp deleted file mode 100644 index d16cd6ad7..000000000 --- a/mistral/manifests/keystone/auth.pp +++ /dev/null @@ -1,100 +0,0 @@ -# == Class: mistral::keystone::auth -# -# Configures mistral user, service and endpoint in Keystone. -# -# === Parameters -# -# [*password*] -# (required) Password for mistral user. -# -# [*auth_name*] -# Username for mistral service. Defaults to 'mistral'. -# -# [*email*] -# Email for mistral user. Defaults to 'mistral@localhost'. -# -# [*tenant*] -# Tenant for mistral user. Defaults to 'services'. -# -# [*configure_endpoint*] -# Should mistral endpoint be configured? Defaults to 'true'. -# -# [*configure_user*] -# (Optional) Should the service user be configured? -# Defaults to 'true'. -# -# [*service_type*] -# Type of service. Defaults to 'workflowv2'. -# -# [*public_url*] -# (optional) The endpoint's public url. -# (Defaults to 'http://127.0.0.1:8989:/v2') -# -# [*internal_url*] -# (optional) The endpoint's internal url. -# (Defaults to 'http://127.0.0.1:8989/v2') -# -# [*admin_url*] -# (optional) The endpoint's admin url. -# (Defaults to 'http://127.0.0.1:8989/v2') -# -# [*region*] -# Region for endpoint. Defaults to 'RegionOne'. -# -# [*service_name*] -# (optional) Name of the service. -# Defaults to the value of auth_name. -# -# [*configure_service*] -# Should mistral service be configured? Defaults to 'true'. -# -# [*service_description*] -# (optional) Description for keystone service. -# Defaults to 'Openstack workflow Service'. - -# [*configure_user_role*] -# (optional) Whether to configure the admin role for the service user. -# Defaults to true -# -class mistral::keystone::auth( - $password, - $email = 'mistral@localhost', - $auth_name = 'mistral', - $service_name = undef, - $service_type = 'workflowv2', - $public_url = 'http://127.0.0.1:8989/v2', - $admin_url = 'http://127.0.0.1:8989/v2', - $internal_url = 'http://127.0.0.1:8989/v2', - $region = 'RegionOne', - $tenant = 'services', - $configure_endpoint = true, - $configure_service = true, - $configure_user = true, - $configure_user_role = true, - $service_description = 'OpenStack Workflow Service', -) { - - validate_string($password) - - if $service_name == undef { - $real_service_name = $auth_name - } else { - $real_service_name = $service_name - } - - keystone::resource::service_identity { $auth_name: - configure_user => $configure_user, - configure_user_role => $configure_user_role, - configure_endpoint => $configure_endpoint, - service_type => $service_type, - service_description => $service_description, - service_name => $real_service_name, - region => $region, - password => $password, - email => $email, - tenant => $tenant, - public_url => $public_url, - admin_url => $admin_url, - internal_url => $internal_url, - } -} diff --git a/mistral/manifests/logging.pp b/mistral/manifests/logging.pp deleted file mode 100644 index 0bec8eaa8..000000000 --- a/mistral/manifests/logging.pp +++ /dev/null @@ -1,149 +0,0 @@ -# == Class: mistral::logging -# -# Mistral logging configuration -# -# === Parameters -# -# [*verbose*] -# (Optional) Should the daemons log verbose messages -# Defaults to $::os_service_default -# -# [*debug*] -# (Optional) Should the daemons log debug messages -# Defaults to $::os_service_default -# -# [*use_syslog*] -# (Optional) Use syslog for logging. -# Defaults to $::os_service_default -# -# [*use_stderr*] -# (optional) Use stderr for logging -# Defaults to $::os_service_default -# -# [*log_facility*] -# (Optional) Syslog facility to receive log lines. -# Defaults to $::os_service_default -# -# [*log_dir*] -# (optional) Directory where logs should be stored. -# If set to boolean false or $::os_service_default, it will not log to any -# directory. -# Defaults to '/var/log/mistral' -# -# [*logging_context_format_string*] -# (Optional) Format string to use for log messages with context. -# Defaults to $::os_service_default -# Example: '%(asctime)s.%(msecs)03d %(process)d %(levelname)s %(name)s\ -# [%(request_id)s %(user_identity)s] %(instance)s%(message)s' -# -# [*logging_default_format_string*] -# (Optional) Format string to use for log messages without context. -# Defaults to $::os_service_default -# Example: '%(asctime)s.%(msecs)03d %(process)d %(levelname)s %(name)s\ -# [-] %(instance)s%(message)s' -# -# [*logging_debug_format_suffix*] -# (Optional) Formatted data to append to log format when level is DEBUG. -# Defaults to $::os_service_default -# Example: '%(funcName)s %(pathname)s:%(lineno)d' -# -# [*logging_exception_prefix*] -# (Optional) Prefix each line of exception output with this format. -# Defaults to $::os_service_default -# Example: '%(asctime)s.%(msecs)03d %(process)d TRACE %(name)s %(instance)s' -# -# [*log_config_append*] -# The name of an additional logging configuration file. -# Defaults to $::os_service_default -# See https://docs.python.org/2/howto/logging.html -# -# [*default_log_levels*] -# (optional) Hash of logger (keys) and level (values) pairs. -# Defaults to $::os_service_default. -# Example: -# { 'amqp' => 'WARN', 'amqplib' => 'WARN', 'boto' => 'WARN', -# 'qpid' => 'WARN', 'sqlalchemy' => 'WARN', 'suds' => 'INFO', -# 'iso8601' => 'WARN', -# 'requests.packages.urllib3.connectionpool' => 'WARN' } -# -# [*publish_errors*] -# (optional) Publish error events (boolean value). -# Defaults to $::os_service_default -# -# [*fatal_deprecations*] -# (optional) Make deprecations fatal (boolean value) -# Defaults to $::os_service_default -# -# [*instance_format*] -# (optional) If an instance is passed with the log message, format it -# like this (string value). -# Defaults to $::os_service_default -# Example: '[instance: %(uuid)s] ' -# -# [*instance_uuid_format*] -# (optional) If an instance UUID is passed with the log message, format -# it like this (string value). -# Defaults to $::os_service_default -# Example: instance_uuid_format='[instance: %(uuid)s] ' -# -# [*log_date_format*] -# (optional) Format string for %%(asctime)s in log records. -# Defaults to $::os_service_default -# Example: 'Y-%m-%d %H:%M:%S' -# -class mistral::logging( - $use_syslog = $::os_service_default, - $use_stderr = $::os_service_default, - $log_facility = $::os_service_default, - $log_dir = '/var/log/mistral', - $verbose = $::os_service_default, - $debug = $::os_service_default, - $logging_context_format_string = $::os_service_default, - $logging_default_format_string = $::os_service_default, - $logging_debug_format_suffix = $::os_service_default, - $logging_exception_prefix = $::os_service_default, - $log_config_append = $::os_service_default, - $default_log_levels = $::os_service_default, - $publish_errors = $::os_service_default, - $fatal_deprecations = $::os_service_default, - $instance_format = $::os_service_default, - $instance_uuid_format = $::os_service_default, - $log_date_format = $::os_service_default, -) { - - # NOTE(spredzy): In order to keep backward compatibility we rely on the pick function - # to use mistral:: if mistral::logging:: isn't specified. - $use_syslog_real = pick($::mistral::use_syslog,$use_syslog) - $use_stderr_real = pick($::mistral::use_stderr,$use_stderr) - $log_facility_real = pick($::mistral::log_facility,$log_facility) - $log_dir_real = pick($::mistral::log_dir,$log_dir) - $verbose_real = pick($::mistral::verbose,$verbose) - $debug_real = pick($::mistral::debug,$debug) - - if is_service_default($default_log_levels) { - $default_log_levels_real = $default_log_levels - } else { - $default_log_levels_real = join(sort(join_keys_to_values($default_log_levels, '=')), ',') - } - - mistral_config { - 'DEFAULT/use_syslog' : value => $use_syslog_real; - 'DEFAULT/use_stderr' : value => $use_stderr_real; - 'DEFAULT/syslog_log_facility' : value => $log_facility_real; - 'DEFAULT/log_dir' : value => $log_dir_real; - 'DEFAULT/verbose' : value => $verbose_real; - 'DEFAULT/debug' : value => $debug_real; - 'DEFAULT/default_log_levels' : value => $default_log_levels_real; - 'DEFAULT/logging_context_format_string' : value => $logging_context_format_string; - 'DEFAULT/logging_default_format_string' : value => $logging_default_format_string; - 'DEFAULT/logging_debug_format_suffix' : value => $logging_debug_format_suffix; - 'DEFAULT/logging_exception_prefix' : value => $logging_exception_prefix; - 'DEFAULT/log_config_append' : value => $log_config_append; - 'DEFAULT/publish_errors' : value => $publish_errors; - 'DEFAULT/fatal_deprecations' : value => $fatal_deprecations; - 'DEFAULT/instance_format' : value => $instance_format; - 'DEFAULT/instance_uuid_format' : value => $instance_uuid_format; - 'DEFAULT/log_date_format' : value => $log_date_format; - } - -} diff --git a/mistral/manifests/params.pp b/mistral/manifests/params.pp deleted file mode 100644 index fbda3cdbd..000000000 --- a/mistral/manifests/params.pp +++ /dev/null @@ -1,42 +0,0 @@ -# == Class: mistral::params -# -# Parameters for puppet-mistral -# -class mistral::params { - - $client_package = 'python-mistralclient' - $db_sync_command = 'mistral-db-manage --config-file=/etc/mistral/mistral.conf upgrade head' - $db_populate_command = 'mistral-db-manage --config-file=/etc/mistral/mistral.conf populate' - - case $::osfamily { - 'RedHat': { - $common_package_name = 'openstack-mistral-common' - $api_package_name = 'openstack-mistral-api' - $api_service_name = 'openstack-mistral-api' - $engine_package_name = 'openstack-mistral-engine' - $engine_service_name = 'openstack-mistral-engine' - $executor_package_name = 'openstack-mistral-executor' - $executor_service_name = 'openstack-mistral-executor' - $mistral_wsgi_script_path = '/var/www/cgi-bin/mistral' - $mistral_wsgi_script_source = '/usr/lib/python2.7/site-packages/mistral/api/wsgi.py' - $pymysql_package_name = undef - } - 'Debian': { - $common_package_name = 'mistral' - $api_package_name = 'mistral-api' - $api_service_name = 'mistral-api' - $engine_package_name = 'mistral-engine' - $engine_service_name = 'mistral-engine' - $executor_package_name = 'mistral-executor' - $executor_service_name = 'mistral-executor' - $mistral_wsgi_script_path = '/usr/lib/cgi-bin/mistral' - $mistral_wsgi_script_source = '/usr/share/mistral-common/wsgi.py' - $pymysql_package_name = 'python-pymysql' - } - default: { - fail("Unsupported osfamily: ${::osfamily} operatingsystem: \ - ${::operatingsystem}, module ${module_name} only support osfamily \ - RedHat and Debian") - } - } -} diff --git a/mistral/manifests/policy.pp b/mistral/manifests/policy.pp deleted file mode 100644 index 730582778..000000000 --- a/mistral/manifests/policy.pp +++ /dev/null @@ -1,39 +0,0 @@ -# == Class: mistral::policy -# -# Configure the mistral policies -# -# === Parameters -# -# [*policies*] -# (optional) Set of policies to configure for mistral -# Example : -# { -# 'mistral-context_is_admin' => { -# 'key' => 'context_is_admin', -# 'value' => 'true' -# }, -# 'mistral-default' => { -# 'key' => 'default', -# 'value' => 'rule:admin_or_owner' -# } -# } -# Defaults to empty hash. -# -# [*policy_path*] -# (optional) Path to the nova policy.json file -# Defaults to /etc/mistral/policy.json -# -class mistral::policy ( - $policies = {}, - $policy_path = '/etc/mistral/policy.json', -) { - - validate_hash($policies) - - Openstacklib::Policy::Base { - file_path => $policy_path, - } - - create_resources('openstacklib::policy::base', $policies) - -} diff --git a/mistral/manifests/wsgi/apache.pp b/mistral/manifests/wsgi/apache.pp deleted file mode 100644 index 1cc6d59b1..000000000 --- a/mistral/manifests/wsgi/apache.pp +++ /dev/null @@ -1,128 +0,0 @@ -# -# Copyright (C) 2015 eNovance SAS -# -# Author: Emilien Macchi -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. You may obtain -# a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the -# License for the specific language governing permissions and limitations -# under the License. -# -# Class to serve mistral API with apache mod_wsgi in place of mistral-api service. -# -# Serving mistral API from apache is the recommended way to go for production -# because of limited performance for concurrent accesses when running eventlet. -# -# When using this class you should disable your mistral-api service. -# -# == Parameters -# -# [*servername*] -# The servername for the virtualhost. -# Optional. Defaults to $::fqdn -# -# [*port*] -# The port. -# Optional. Defaults to 8989 -# -# [*bind_host*] -# The host/ip address Apache will listen on. -# Optional. Defaults to undef (listen on all ip addresses). -# -# [*path*] -# The prefix for the endpoint. -# Optional. Defaults to '/' -# -# [*ssl*] -# Use ssl ? (boolean) -# Optional. Defaults to true -# -# [*workers*] -# Number of WSGI workers to spawn. -# Optional. Defaults to 1 -# -# [*priority*] -# (optional) The priority for the vhost. -# Defaults to '10' -# -# [*threads*] -# (optional) The number of threads for the vhost. -# Defaults to $::processorcount -# -# [*ssl_cert*] -# [*ssl_key*] -# [*ssl_chain*] -# [*ssl_ca*] -# [*ssl_crl_path*] -# [*ssl_crl*] -# [*ssl_certs_dir*] -# apache::vhost ssl parameters. -# Optional. Default to apache::vhost 'ssl_*' defaults. -# -# == Dependencies -# -# requires Class['apache'] & Class['mistral'] -# -# == Examples -# -# include apache -# -# class { 'mistral::wsgi::apache': } -# -class mistral::wsgi::apache ( - $servername = $::fqdn, - $port = 8989, - $bind_host = undef, - $path = '/', - $ssl = true, - $workers = 1, - $ssl_cert = undef, - $ssl_key = undef, - $ssl_chain = undef, - $ssl_ca = undef, - $ssl_crl_path = undef, - $ssl_crl = undef, - $ssl_certs_dir = undef, - $threads = $::processorcount, - $priority = '10', -) { - - include ::mistral::params - include ::apache - include ::apache::mod::wsgi - if $ssl { - include ::apache::mod::ssl - } - - ::openstacklib::wsgi::apache { 'mistral_wsgi': - bind_host => $bind_host, - bind_port => $port, - group => 'mistral', - path => $path, - priority => $priority, - servername => $servername, - ssl => $ssl, - ssl_ca => $ssl_ca, - ssl_cert => $ssl_cert, - ssl_certs_dir => $ssl_certs_dir, - ssl_chain => $ssl_chain, - ssl_crl => $ssl_crl, - ssl_crl_path => $ssl_crl_path, - ssl_key => $ssl_key, - threads => $threads, - user => 'mistral', - workers => $workers, - wsgi_daemon_process => 'mistral', - wsgi_process_group => 'mistral', - wsgi_script_dir => $::mistral::params::mistral_wsgi_script_path, - wsgi_script_file => 'app', - wsgi_script_source => $::mistral::params::mistral_wsgi_script_source, - } -} diff --git a/mistral/metadata.json b/mistral/metadata.json deleted file mode 100644 index 6ce6f947c..000000000 --- a/mistral/metadata.json +++ /dev/null @@ -1,35 +0,0 @@ -{ - "name": "openstack-mistral", - "version": "8.1.0", - "author": "OpenStack Contributors", - "summary": "Puppet module for OpenStack mistral", - "license": "Apache-2.0", - "source": "git://github.com/openstack/puppet-mistral.git", - "project_page": "https://launchpad.net/puppet-mistral", - "issues_url": "https://bugs.launchpad.net/puppet-mistral", - "description": "Installs and configures OpenStack mistral.", - "operatingsystem_support": [ - { - "operatingsystem": "Debian", - "operatingsystemrelease": ["8"] - }, - { - "operatingsystem": "Fedora", - "operatingsystemrelease": ["21","22"] - }, - { - "operatingsystem": "RedHat", - "operatingsystemrelease": ["7"] - }, - { - "operatingsystem": "Ubuntu", - "operatingsystemrelease": ["14.04"] - } - ], - "dependencies": [ - { "name": "puppetlabs/apache", "version_requirement": ">=1.0.0 <2.0.0" }, - { "name": "puppetlabs/inifile", "version_requirement": ">=1.0.0 <2.0.0" }, - { "name": "puppetlabs/stdlib", "version_requirement": ">= 4.0.0 <5.0.0" }, - { "name": "openstack/openstacklib", "version_requirement": ">=8.1.0 <9.0.0" } - ] -} diff --git a/mistral/releasenotes/notes/first_release-d4c9a7d326ead137.yaml b/mistral/releasenotes/notes/first_release-d4c9a7d326ead137.yaml deleted file mode 100644 index e7432001b..000000000 --- a/mistral/releasenotes/notes/first_release-d4c9a7d326ead137.yaml +++ /dev/null @@ -1,9 +0,0 @@ ---- -prelude: > - This is the first release of puppet-mistral module. - -features: - - Allow to deploy Mistral API, Engine and Executor. - - Manage Keystone resources for Mistral. - - Allow to deploy Mistral API in WSGI with Apache. - - Manage Mistral database. diff --git a/mistral/releasenotes/notes/mitaka-dece9d43a565e6cb.yaml b/mistral/releasenotes/notes/mitaka-dece9d43a565e6cb.yaml deleted file mode 100644 index a536060dd..000000000 --- a/mistral/releasenotes/notes/mitaka-dece9d43a565e6cb.yaml +++ /dev/null @@ -1,3 +0,0 @@ ---- -prelude: > - This is the first Mitaka release for puppet-mistral module. diff --git a/mistral/releasenotes/notes/use-reno-1caaec4ba5aa4285.yaml b/mistral/releasenotes/notes/use-reno-1caaec4ba5aa4285.yaml deleted file mode 100644 index 41cef2f11..000000000 --- a/mistral/releasenotes/notes/use-reno-1caaec4ba5aa4285.yaml +++ /dev/null @@ -1,4 +0,0 @@ ---- -features: - - Release notes are no longer maintained by hand, we now use the reno tool to - manage them. diff --git a/mistral/releasenotes/source/_static/.placeholder b/mistral/releasenotes/source/_static/.placeholder deleted file mode 100644 index e69de29bb..000000000 diff --git a/mistral/releasenotes/source/conf.py b/mistral/releasenotes/source/conf.py deleted file mode 100644 index 7b251abe6..000000000 --- a/mistral/releasenotes/source/conf.py +++ /dev/null @@ -1,259 +0,0 @@ -# -*- coding: utf-8 -*- -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or -# implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -# If extensions (or modules to document with autodoc) are in another directory, -# add these directories to sys.path here. If the directory is relative to the -# documentation root, use os.path.abspath to make it absolute, like shown here. -#sys.path.insert(0, os.path.abspath('.')) - -# -- General configuration ------------------------------------------------ - -# If your documentation needs a minimal Sphinx version, state it here. -#needs_sphinx = '1.0' - -# Add any Sphinx extension module names here, as strings. They can be -# extensions coming with Sphinx (named 'sphinx.ext.*') or your custom -# ones. -extensions = [ - 'oslosphinx', - 'reno.sphinxext', -] - -# Add any paths that contain templates here, relative to this directory. -templates_path = ['_templates'] - -# The suffix of source filenames. -source_suffix = '.rst' - -# The encoding of source files. -#source_encoding = 'utf-8-sig' - -# The master toctree document. -master_doc = 'index' - -# General information about the project. -project = u'puppet-mistral Release Notes' -copyright = u'2016, Puppet OpenStack Developers' - -# The version info for the project you're documenting, acts as replacement for -# |version| and |release|, also used in various other places throughout the -# built documents. -# -# The short X.Y version. -version = '8.1.0' -# The full version, including alpha/beta/rc tags. -release = '8.1.0' - -# The language for content autogenerated by Sphinx. Refer to documentation -# for a list of supported languages. -#language = None - -# There are two options for replacing |today|: either, you set today to some -# non-false value, then it is used: -#today = '' -# Else, today_fmt is used as the format for a strftime call. -#today_fmt = '%B %d, %Y' - -# List of patterns, relative to source directory, that match files and -# directories to ignore when looking for source files. -exclude_patterns = [] - -# The reST default role (used for this markup: `text`) to use for all -# documents. -#default_role = None - -# If true, '()' will be appended to :func: etc. cross-reference text. -#add_function_parentheses = True - -# If true, the current module name will be prepended to all description -# unit titles (such as .. function::). -#add_module_names = True - -# If true, sectionauthor and moduleauthor directives will be shown in the -# output. They are ignored by default. -#show_authors = False - -# The name of the Pygments (syntax highlighting) style to use. -pygments_style = 'sphinx' - -# A list of ignored prefixes for module index sorting. -#modindex_common_prefix = [] - -# If true, keep warnings as "system message" paragraphs in the built documents. -#keep_warnings = False - - -# -- Options for HTML output ---------------------------------------------- - -# The theme to use for HTML and HTML Help pages. See the documentation for -# a list of builtin themes. -html_theme = 'default' - -# Theme options are theme-specific and customize the look and feel of a theme -# further. For a list of options available for each theme, see the -# documentation. -#html_theme_options = {} - -# Add any paths that contain custom themes here, relative to this directory. -#html_theme_path = [] - -# The name for this set of Sphinx documents. If None, it defaults to -# " v documentation". -#html_title = None - -# A shorter title for the navigation bar. Default is the same as html_title. -#html_short_title = None - -# The name of an image file (relative to this directory) to place at the top -# of the sidebar. -#html_logo = None - -# The name of an image file (within the static path) to use as favicon of the -# docs. This file should be a Windows icon file (.ico) being 16x16 or 32x32 -# pixels large. -#html_favicon = None - -# Add any paths that contain custom static files (such as style sheets) here, -# relative to this directory. They are copied after the builtin static files, -# so a file named "default.css" will overwrite the builtin "default.css". -html_static_path = ['_static'] - -# Add any extra paths that contain custom files (such as robots.txt or -# .htaccess) here, relative to this directory. These files are copied -# directly to the root of the documentation. -#html_extra_path = [] - -# If not '', a 'Last updated on:' timestamp is inserted at every page bottom, -# using the given strftime format. -#html_last_updated_fmt = '%b %d, %Y' - -# If true, SmartyPants will be used to convert quotes and dashes to -# typographically correct entities. -#html_use_smartypants = True - -# Custom sidebar templates, maps document names to template names. -#html_sidebars = {} - -# Additional templates that should be rendered to pages, maps page names to -# template names. -#html_additional_pages = {} - -# If false, no module index is generated. -#html_domain_indices = True - -# If false, no index is generated. -#html_use_index = True - -# If true, the index is split into individual pages for each letter. -#html_split_index = False - -# If true, links to the reST sources are added to the pages. -#html_show_sourcelink = True - -# If true, "Created using Sphinx" is shown in the HTML footer. Default is True. -#html_show_sphinx = True - -# If true, "(C) Copyright ..." is shown in the HTML footer. Default is True. -#html_show_copyright = True - -# If true, an OpenSearch description file will be output, and all pages will -# contain a tag referring to it. The value of this option must be the -# base URL from which the finished HTML is served. -#html_use_opensearch = '' - -# This is the file name suffix for HTML files (e.g. ".xhtml"). -#html_file_suffix = None - -# Output file base name for HTML help builder. -htmlhelp_basename = 'puppet-mistralReleaseNotesdoc' - - -# -- Options for LaTeX output --------------------------------------------- - -latex_elements = { -# The paper size ('letterpaper' or 'a4paper'). -#'papersize': 'letterpaper', - -# The font size ('10pt', '11pt' or '12pt'). -#'pointsize': '10pt', - -# Additional stuff for the LaTeX preamble. -#'preamble': '', -} - -# Grouping the document tree into LaTeX files. List of tuples -# (source start file, target name, title, -# author, documentclass [howto, manual, or own class]). -latex_documents = [ - ('index', 'puppet-mistralReleaseNotes.tex', u'puppet-mistral Release Notes Documentation', - u'2016, Puppet OpenStack Developers', 'manual'), -] - -# The name of an image file (relative to this directory) to place at the top of -# the title page. -#latex_logo = None - -# For "manual" documents, if this is true, then toplevel headings are parts, -# not chapters. -#latex_use_parts = False - -# If true, show page references after internal links. -#latex_show_pagerefs = False - -# If true, show URL addresses after external links. -#latex_show_urls = False - -# Documents to append as an appendix to all manuals. -#latex_appendices = [] - -# If false, no module index is generated. -#latex_domain_indices = True - - -# -- Options for manual page output --------------------------------------- - -# One entry per manual page. List of tuples -# (source start file, name, description, authors, manual section). -man_pages = [ - ('index', 'puppet-mistralreleasenotes', u'puppet-mistral Release Notes Documentation', - [u'2016, Puppet OpenStack Developers'], 1) -] - -# If true, show URL addresses after external links. -#man_show_urls = False - - -# -- Options for Texinfo output ------------------------------------------- - -# Grouping the document tree into Texinfo files. List of tuples -# (source start file, target name, title, author, -# dir menu entry, description, category) -texinfo_documents = [ - ('index', 'puppet-mistralReleaseNotes', u'puppet-mistral Release Notes Documentation', - u'2016, Puppet OpenStack Developers', 'puppet-mistralReleaseNotes', 'One line description of project.', - 'Miscellaneous'), -] - -# Documents to append as an appendix to all manuals. -#texinfo_appendices = [] - -# If false, no module index is generated. -#texinfo_domain_indices = True - -# How to display URL addresses: 'footnote', 'no', or 'inline'. -#texinfo_show_urls = 'footnote' - -# If true, do not generate a @detailmenu in the "Top" node's menu. -#texinfo_no_detailmenu = False diff --git a/mistral/releasenotes/source/index.rst b/mistral/releasenotes/source/index.rst deleted file mode 100644 index 5404ac7f5..000000000 --- a/mistral/releasenotes/source/index.rst +++ /dev/null @@ -1,19 +0,0 @@ -======================================== -Welcome to puppet-mistral Release Notes! -======================================== - -Contents -======== - -.. toctree:: - :maxdepth: 2 - - mitaka - unreleased - - -Indices and tables -================== - -* :ref:`genindex` -* :ref:`search` diff --git a/mistral/releasenotes/source/mitaka.rst b/mistral/releasenotes/source/mitaka.rst deleted file mode 100644 index 97ab8d1d3..000000000 --- a/mistral/releasenotes/source/mitaka.rst +++ /dev/null @@ -1,6 +0,0 @@ -============================ - Mitaka Series Release Notes -============================ - -.. release-notes:: - :branch: origin/stable/mitaka diff --git a/mistral/releasenotes/source/unreleased.rst b/mistral/releasenotes/source/unreleased.rst deleted file mode 100644 index 2334dd5cf..000000000 --- a/mistral/releasenotes/source/unreleased.rst +++ /dev/null @@ -1,5 +0,0 @@ -============================== - Current Series Release Notes -============================== - - .. release-notes:: diff --git a/mistral/setup.cfg b/mistral/setup.cfg deleted file mode 100644 index 298667d9f..000000000 --- a/mistral/setup.cfg +++ /dev/null @@ -1,13 +0,0 @@ -[metadata] -name = puppet-mistral -summary = Puppet module for OpenStack Mistral -description-file = - README.md -author = Puppet Labs and OpenStack Contributors -author-email = openstack-dev@lists.openstack.org -home-page = http://www.openstack.org/ -classifier = - Intended Audience :: Developers - Intended Audience :: System Administrators - License :: OSI Approved :: Apache Software License - Operating System :: POSIX :: Linux diff --git a/mistral/setup.py b/mistral/setup.py deleted file mode 100644 index 70c2b3f32..000000000 --- a/mistral/setup.py +++ /dev/null @@ -1,22 +0,0 @@ -#!/usr/bin/env python -# Copyright (c) 2013 Hewlett-Packard Development Company, L.P. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or -# implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# THIS FILE IS MANAGED BY THE GLOBAL REQUIREMENTS REPO - DO NOT EDIT -import setuptools - -setuptools.setup( - setup_requires=['pbr'], - pbr=True) diff --git a/mistral/spec/acceptance/basic_mistral_spec.rb b/mistral/spec/acceptance/basic_mistral_spec.rb deleted file mode 100644 index 552e80a30..000000000 --- a/mistral/spec/acceptance/basic_mistral_spec.rb +++ /dev/null @@ -1,80 +0,0 @@ -require 'spec_helper_acceptance' - -describe 'basic mistral' do - - context 'default parameters' do - - it 'should work with no errors' do - pp= <<-EOS - include ::openstack_integration - include ::openstack_integration::repos - include ::openstack_integration::rabbitmq - include ::openstack_integration::mysql - include ::openstack_integration::keystone - - rabbitmq_user { 'mistral': - admin => true, - password => 'an_even_bigger_secret', - provider => 'rabbitmqctl', - require => Class['rabbitmq'], - } - - rabbitmq_user_permissions { 'mistral@/': - configure_permission => '.*', - write_permission => '.*', - read_permission => '.*', - provider => 'rabbitmqctl', - require => Class['rabbitmq'], - } - - # Mistral resources - case $::osfamily { - 'Debian': { - warning('Mistral is not yet packaged on Ubuntu systems.') - } - 'RedHat': { - class { '::mistral': - database_connection => 'mysql+pymysql://mistral:a_big_secret@127.0.0.1/mistral?charset=utf8', - keystone_password => 'a_big_secret', - rabbit_userid => 'mistral', - rabbit_password => 'an_even_bigger_secret', - rabbit_host => '127.0.0.1', - debug => true, - verbose => true, - } - class { '::mistral::keystone::auth': - password => 'a_big_secret', - } - class { '::mistral::db::mysql': - password => 'a_big_secret', - } - class { '::mistral::api': - service_name => 'httpd', - } - include ::apache - class { '::mistral::wsgi::apache': - ssl => false, - } - class { '::mistral::client': } - class { '::mistral::engine': } - class { '::mistral::executor': } - class { '::mistral::db::sync': } - } - } - EOS - - - # Run it twice and test for idempotency - apply_manifest(pp, :catch_failures => true) - apply_manifest(pp, :catch_changes => true) - end - - if os[:family].casecmp('RedHat') == 0 - describe port(8989) do - it { is_expected.to be_listening } - end - end - - end - -end diff --git a/mistral/spec/acceptance/nodesets/centos-70-x64.yml b/mistral/spec/acceptance/nodesets/centos-70-x64.yml deleted file mode 100644 index 5f097e9fe..000000000 --- a/mistral/spec/acceptance/nodesets/centos-70-x64.yml +++ /dev/null @@ -1,11 +0,0 @@ -HOSTS: - centos-server-70-x64: - roles: - - master - platform: el-7-x86_64 - box: puppetlabs/centos-7.0-64-nocm - box_url: https://vagrantcloud.com/puppetlabs/centos-7.0-64-nocm - hypervisor: vagrant -CONFIG: - log_level: debug - type: foss diff --git a/mistral/spec/acceptance/nodesets/default.yml b/mistral/spec/acceptance/nodesets/default.yml deleted file mode 100644 index 486b6a34e..000000000 --- a/mistral/spec/acceptance/nodesets/default.yml +++ /dev/null @@ -1,10 +0,0 @@ -HOSTS: - ubuntu-server-14.04-amd64: - roles: - - master - platform: ubuntu-14.04-amd64 - box: puppetlabs/ubuntu-14.04-64-nocm - box_url: https://vagrantcloud.com/puppetlabs/ubuntu-14.04-64-nocm - hypervisor: vagrant -CONFIG: - type: foss diff --git a/mistral/spec/acceptance/nodesets/nodepool-centos7.yml b/mistral/spec/acceptance/nodesets/nodepool-centos7.yml deleted file mode 100644 index c55287420..000000000 --- a/mistral/spec/acceptance/nodesets/nodepool-centos7.yml +++ /dev/null @@ -1,10 +0,0 @@ -HOSTS: - centos-70-x64: - roles: - - master - platform: el-7-x86_64 - hypervisor: none - ip: 127.0.0.1 -CONFIG: - type: foss - set_env: false diff --git a/mistral/spec/acceptance/nodesets/nodepool-trusty.yml b/mistral/spec/acceptance/nodesets/nodepool-trusty.yml deleted file mode 100644 index 9fc624e24..000000000 --- a/mistral/spec/acceptance/nodesets/nodepool-trusty.yml +++ /dev/null @@ -1,10 +0,0 @@ -HOSTS: - ubuntu-14.04-amd64: - roles: - - master - platform: ubuntu-14.04-amd64 - hypervisor: none - ip: 127.0.0.1 -CONFIG: - type: foss - set_env: false diff --git a/mistral/spec/acceptance/nodesets/ubuntu-server-1404-x64.yml b/mistral/spec/acceptance/nodesets/ubuntu-server-1404-x64.yml deleted file mode 100644 index 8001929b2..000000000 --- a/mistral/spec/acceptance/nodesets/ubuntu-server-1404-x64.yml +++ /dev/null @@ -1,11 +0,0 @@ -HOSTS: - ubuntu-server-14.04-amd64: - roles: - - master - platform: ubuntu-14.04-amd64 - box: puppetlabs/ubuntu-14.04-64-nocm - box_url: https://vagrantcloud.com/puppetlabs/ubuntu-14.04-64-nocm - hypervisor: vagrant -CONFIG: - log_level: debug - type: foss diff --git a/mistral/spec/classes/mistral_api_spec.rb b/mistral/spec/classes/mistral_api_spec.rb deleted file mode 100644 index 858fc7ab9..000000000 --- a/mistral/spec/classes/mistral_api_spec.rb +++ /dev/null @@ -1,139 +0,0 @@ -require 'spec_helper' - -describe 'mistral::api' do - - let :params do - { :enabled => true, - :manage_service => true, - :bind_host => '127.0.0.1', - :bind_port => '1234', - :allow_action_execution_deletion => false} - end - - shared_examples_for 'mistral-api' do - - context 'config params' do - - it { is_expected.to contain_class('mistral::params') } - it { is_expected.to contain_class('mistral::policy') } - - it { is_expected.to contain_mistral_config('api/host').with_value( params[:bind_host] ) } - it { is_expected.to contain_mistral_config('api/port').with_value( params[:bind_port] ) } - it { is_expected.to contain_mistral_config('api/allow_action_execution_deletion').with_value( params[:allow_action_execution_deletion] ) } - - end - - [{:enabled => true}, {:enabled => false}].each do |param_hash| - context "when service should be #{param_hash[:enabled] ? 'enabled' : 'disabled'}" do - before do - params.merge!(param_hash) - end - - it 'configures mistral-api service' do - - is_expected.to contain_service('mistral-api').with( - :ensure => (params[:manage_service] && params[:enabled]) ? 'running' : 'stopped', - :name => platform_params[:api_service_name], - :enable => params[:enabled], - :hasstatus => true, - :hasrestart => true, - :tag => 'mistral-service', - ) - is_expected.to contain_service('mistral-api').that_subscribes_to(nil) - end - end - end - - context 'with disabled service managing' do - before do - params.merge!({ - :manage_service => false, - :enabled => false }) - end - - it 'configures mistral-api service' do - - is_expected.to contain_service('mistral-api').with( - :ensure => nil, - :name => platform_params[:api_service_name], - :enable => false, - :hasstatus => true, - :hasrestart => true, - :tag => 'mistral-service', - ) - is_expected.to contain_service('mistral-api').that_subscribes_to(nil) - end - end - - context 'when running mistral-api in wsgi' do - before do - params.merge!({ :service_name => 'httpd' }) - end - - let :pre_condition do - "include ::apache - include ::mistral::db - class { '::mistral': - keystone_password => 'foo', - rabbit_password => 'bar', - }" - end - - it 'configures mistral-api service with Apache' do - is_expected.to contain_service('mistral-api').with( - :ensure => 'stopped', - :name => platform_params[:api_service_name], - :enable => false, - :tag => ['mistral-service'], - ) - end - end - - context 'when service_name is not valid' do - before do - params.merge!({ :service_name => 'foobar' }) - end - - it_raises 'a Puppet::Error', /Invalid service_name/ - end - end - - context 'on Debian platforms' do - let :facts do - @default_facts.merge({ - :osfamily => 'Debian', - :operatingsystem => 'Debian', - :operatingsystemrelease => '8.0', - :concat_basedir => '/var/lib/puppet/concat', - :fqdn => 'some.host.tld', - :processorcount => 2, - }) - end - - let :platform_params do - { :api_service_name => 'mistral-api' } - end - - it_configures 'mistral-api' - end - - context 'on RedHat platforms' do - let :facts do - @default_facts.merge({ - :osfamily => 'RedHat', - :operatingsystem => 'RedHat', - :operatingsystemrelease => '7.1', - :fqdn => 'some.host.tld', - :concat_basedir => '/var/lib/puppet/concat', - :processorcount => 2, - }) - end - - let :platform_params do - { :api_service_name => 'openstack-mistral-api' } - end - - it_configures 'mistral-api' - end - -end diff --git a/mistral/spec/classes/mistral_config_spec.rb b/mistral/spec/classes/mistral_config_spec.rb deleted file mode 100644 index ad012a14c..000000000 --- a/mistral/spec/classes/mistral_config_spec.rb +++ /dev/null @@ -1,20 +0,0 @@ -require 'spec_helper' - -describe 'mistral::config' do - - let :params do - { :mistral_config => { - 'DEFAULT/foo' => { 'value' => 'fooValue' }, - 'DEFAULT/bar' => { 'value' => 'barValue' }, - 'DEFAULT/baz' => { 'ensure' => 'absent' } - } - } - end - - it 'configures arbitrary mistral configurations' do - is_expected.to contain_mistral_config('DEFAULT/foo').with_value('fooValue') - is_expected.to contain_mistral_config('DEFAULT/bar').with_value('barValue') - is_expected.to contain_mistral_config('DEFAULT/baz').with_ensure('absent') - end - -end \ No newline at end of file diff --git a/mistral/spec/classes/mistral_db_mysql_spec.rb b/mistral/spec/classes/mistral_db_mysql_spec.rb deleted file mode 100644 index 110a33697..000000000 --- a/mistral/spec/classes/mistral_db_mysql_spec.rb +++ /dev/null @@ -1,62 +0,0 @@ -require 'spec_helper' - -describe 'mistral::db::mysql' do - - let :pre_condition do - [ - 'include mysql::server', - 'include mistral::db::sync' - ] - end - - let :facts do - { :osfamily => 'Debian' } - end - - let :params do - { - 'password' => 'fooboozoo_default_password', - } - end - - describe 'with only required params' do - it { is_expected.to contain_openstacklib__db__mysql('mistral').with( - 'user' => 'mistral', - 'password_hash' => '*3DDF34A86854A312A8E2C65B506E21C91800D206', - 'dbname' => 'mistral', - 'host' => '127.0.0.1', - 'charset' => 'utf8', - :collate => 'utf8_general_ci', - )} - end - - describe "overriding allowed_hosts param to array" do - let :params do - { - :password => 'mistralpass', - :allowed_hosts => ['127.0.0.1','%'] - } - end - - end - describe "overriding allowed_hosts param to string" do - let :params do - { - :password => 'mistralpass2', - :allowed_hosts => '192.168.1.1' - } - end - - end - - describe "overriding allowed_hosts param equals to host param " do - let :params do - { - :password => 'mistralpass2', - :allowed_hosts => '127.0.0.1' - } - end - - end - -end diff --git a/mistral/spec/classes/mistral_db_postgresql_spec.rb b/mistral/spec/classes/mistral_db_postgresql_spec.rb deleted file mode 100644 index 495a3409d..000000000 --- a/mistral/spec/classes/mistral_db_postgresql_spec.rb +++ /dev/null @@ -1,58 +0,0 @@ -require 'spec_helper' - -describe 'mistral::db::postgresql' do - - let :req_params do - { :password => 'pw' } - end - - let :pre_condition do - 'include postgresql::server' - end - - context 'on a RedHat osfamily' do - let :facts do - { - :osfamily => 'RedHat', - :operatingsystemrelease => '7.0', - :concat_basedir => '/var/lib/puppet/concat' - } - end - - context 'with only required parameters' do - let :params do - req_params - end - - it { is_expected.to contain_postgresql__server__db('mistral').with( - :user => 'mistral', - :password => 'md56cc4a9db977897a441d3a498a5d94fce' - )} - end - - end - - context 'on a Debian osfamily' do - let :facts do - { - :operatingsystemrelease => '7.8', - :operatingsystem => 'Debian', - :osfamily => 'Debian', - :concat_basedir => '/var/lib/puppet/concat' - } - end - - context 'with only required parameters' do - let :params do - req_params - end - - it { is_expected.to contain_postgresql__server__db('mistral').with( - :user => 'mistral', - :password => 'md56cc4a9db977897a441d3a498a5d94fce' - )} - end - - end - -end diff --git a/mistral/spec/classes/mistral_db_spec.rb b/mistral/spec/classes/mistral_db_spec.rb deleted file mode 100644 index 1169e63d3..000000000 --- a/mistral/spec/classes/mistral_db_spec.rb +++ /dev/null @@ -1,115 +0,0 @@ -require 'spec_helper' - -describe 'mistral::db' do - - shared_examples 'mistral::db' do - - context 'with default parameters' do - - it { is_expected.to contain_mistral_config('database/connection').with_value('sqlite:////var/lib/mistral/mistral.sqlite').with_secret(true) } - it { is_expected.to contain_mistral_config('database/idle_timeout').with_value('') } - it { is_expected.to contain_mistral_config('database/min_pool_size').with_value('') } - it { is_expected.to contain_mistral_config('database/max_retries').with_value('') } - it { is_expected.to contain_mistral_config('database/retry_interval').with_value('') } - - end - - context 'with specific parameters' do - let :params do - { :database_connection => 'mysql+pymysql://mistral:mistral@localhost/mistral', - :database_idle_timeout => '3601', - :database_min_pool_size => '2', - :database_max_retries => '11', - :database_retry_interval => '11', } - end - - it { is_expected.to contain_mistral_config('database/connection').with_value('mysql+pymysql://mistral:mistral@localhost/mistral').with_secret(true) } - it { is_expected.to contain_mistral_config('database/idle_timeout').with_value('3601') } - it { is_expected.to contain_mistral_config('database/min_pool_size').with_value('2') } - it { is_expected.to contain_mistral_config('database/max_retries').with_value('11') } - it { is_expected.to contain_mistral_config('database/retry_interval').with_value('11') } - end - - context 'with postgresql backend' do - let :params do - { :database_connection => 'postgresql://mistral:mistral@localhost/mistral', } - end - - it 'install the proper backend package' do - is_expected.to contain_package('python-psycopg2').with(:ensure => 'present') - end - - end - - context 'with MySQL-python library as backend package' do - let :params do - { :database_connection => 'mysql://mistral:mistral@localhost/mistral', } - end - - it { is_expected.to contain_package('python-mysqldb').with(:ensure => 'present') } - end - - context 'with incorrect database_connection string' do - let :params do - { :database_connection => 'redis://mistral:mistral@localhost/mistral', } - end - - it_raises 'a Puppet::Error', /validate_re/ - end - - context 'with incorrect pymysql database_connection string' do - let :params do - { :database_connection => 'foo+pymysql://mistral:mistral@localhost/mistral', } - end - - it_raises 'a Puppet::Error', /validate_re/ - end - - end - - context 'on Debian platforms' do - let :facts do - OSDefaults.get_facts({ - :osfamily => 'Debian', - :operatingsystem => 'Debian', - :operatingsystemrelease => 'jessie' - }) - end - - it_configures 'mistral::db' - - context 'using pymysql driver' do - let :params do - { :database_connection => 'mysql+pymysql://mistral:mistral@localhost/mistral', } - end - - it 'install the proper backend package' do - is_expected.to contain_package('mistral-backend-package').with( - :ensure => 'present', - :name => 'python-pymysql', - :tag => 'openstack' - ) - end - end - end - - context 'on Redhat platforms' do - let :facts do - OSDefaults.get_facts({ - :osfamily => 'RedHat', - :operatingsystemrelease => '7.1', - }) - end - - it_configures 'mistral::db' - - context 'using pymysql driver' do - let :params do - { :database_connection => 'mysql+pymysql://mistral:mistral@localhost/mistral', } - end - - it { is_expected.not_to contain_package('mistral-backend-package') } - end - end - -end diff --git a/mistral/spec/classes/mistral_db_sync_spec.rb b/mistral/spec/classes/mistral_db_sync_spec.rb deleted file mode 100644 index a64c0402e..000000000 --- a/mistral/spec/classes/mistral_db_sync_spec.rb +++ /dev/null @@ -1,53 +0,0 @@ -require 'spec_helper' - -describe 'mistral::db::sync' do - - shared_examples_for 'mistral-db-sync' do - - it 'runs mistral-db-manage upgrade head' do - - is_expected.to contain_exec('mistral-db-sync').with( - :command => 'mistral-db-manage --config-file=/etc/mistral/mistral.conf upgrade head', - :path => '/usr/bin', - :user => 'mistral', - :refreshonly => 'true', - :logoutput => 'on_failure' - ) - - is_expected.to contain_exec('mistral-db-populate').with( - :command => 'mistral-db-manage --config-file=/etc/mistral/mistral.conf populate', - :path => '/usr/bin', - :user => 'mistral', - :refreshonly => 'true', - :logoutput => 'on_failure' - ) - - end - - end - - context 'on a RedHat osfamily' do - let :facts do - { - :osfamily => 'RedHat', - :operatingsystemrelease => '7.0', - :concat_basedir => '/var/lib/puppet/concat' - } - end - - it_configures 'mistral-db-sync' - end - - context 'on a Debian osfamily' do - let :facts do - { - :operatingsystemrelease => '8.0', - :osfamily => 'Debian', - :concat_basedir => '/var/lib/puppet/concat' - } - end - - it_configures 'mistral-db-sync' - end - -end diff --git a/mistral/spec/classes/mistral_engine_spec.rb b/mistral/spec/classes/mistral_engine_spec.rb deleted file mode 100644 index 75adf71ed..000000000 --- a/mistral/spec/classes/mistral_engine_spec.rb +++ /dev/null @@ -1,95 +0,0 @@ -require 'spec_helper' - -describe 'mistral::engine' do - - let :params do - { :enabled => true, - :manage_service => true, - :host => 'foo_host', - :topic => 'foo_topic', - :version => '1.0', - :execution_field_size_limit_kb => '1234'} - end - - shared_examples_for 'mistral-engine' do - - context 'config params' do - - it { is_expected.to contain_class('mistral::params') } - - it { is_expected.to contain_mistral_config('engine/host').with_value( params[:host] ) } - it { is_expected.to contain_mistral_config('engine/topic').with_value( params[:topic] ) } - it { is_expected.to contain_mistral_config('engine/version').with_value( params[:version] ) } - it { is_expected.to contain_mistral_config('engine/execution_field_size_limit_kb').with_value( params[:execution_field_size_limit_kb] ) } - - end - - [{:enabled => true}, {:enabled => false}].each do |param_hash| - context "when service should be #{param_hash[:enabled] ? 'enabled' : 'disabled'}" do - before do - params.merge!(param_hash) - end - - it 'configures mistral-engine service' do - - is_expected.to contain_service('mistral-engine').with( - :ensure => (params[:manage_service] && params[:enabled]) ? 'running' : 'stopped', - :name => platform_params[:engine_service_name], - :enable => params[:enabled], - :hasstatus => true, - :hasrestart => true, - :tag => 'mistral-service', - ) - is_expected.to contain_service('mistral-engine').that_subscribes_to(nil) - end - end - end - - context 'with disabled service managing' do - before do - params.merge!({ - :manage_service => false, - :enabled => false }) - end - - it 'configures mistral-engine service' do - - is_expected.to contain_service('mistral-engine').with( - :ensure => nil, - :name => platform_params[:engine_service_name], - :enable => false, - :hasstatus => true, - :hasrestart => true, - :tag => 'mistral-service', - ) - is_expected.to contain_service('mistral-engine').that_subscribes_to(nil) - end - end - - end - - context 'on Debian platforms' do - let :facts do - { :osfamily => 'Debian' } - end - - let :platform_params do - { :engine_service_name => 'mistral-engine' } - end - - it_configures 'mistral-engine' - end - - context 'on RedHat platforms' do - let :facts do - { :osfamily => 'RedHat' } - end - - let :platform_params do - { :engine_service_name => 'openstack-mistral-engine' } - end - - it_configures 'mistral-engine' - end - -end diff --git a/mistral/spec/classes/mistral_executor_spec.rb b/mistral/spec/classes/mistral_executor_spec.rb deleted file mode 100644 index 0e587f015..000000000 --- a/mistral/spec/classes/mistral_executor_spec.rb +++ /dev/null @@ -1,97 +0,0 @@ -require 'spec_helper' - -describe 'mistral::executor' do - - let :params do - { :enabled => true, - :manage_service => true, - :host => true, - :topic => true, - :version => true, - :evaluation_interval => 1234, - :older_than => 60} - end - - shared_examples_for 'mistral-executor' do - - context 'config params' do - - it { is_expected.to contain_class('mistral::params') } - - it { is_expected.to contain_mistral_config('executor/host').with_value( params[:host] ) } - it { is_expected.to contain_mistral_config('executor/topic').with_value( params[:topic] ) } - it { is_expected.to contain_mistral_config('executor/version').with_value( params[:version] ) } - it { is_expected.to contain_mistral_config('execution_expiration_policy/evaluation_interval').with_value( params[:evaluation_interval] ) } - it { is_expected.to contain_mistral_config('execution_expiration_policy/older_than').with_value( params[:older_than] ) } - - end - - [{:enabled => true}, {:enabled => false}].each do |param_hash| - context "when service should be #{param_hash[:enabled] ? 'enabled' : 'disabled'}" do - before do - params.merge!(param_hash) - end - - it 'configures mistral-executor service' do - - is_expected.to contain_service('mistral-executor').with( - :ensure => (params[:manage_service] && params[:enabled]) ? 'running' : 'stopped', - :name => platform_params[:executor_service_name], - :enable => params[:enabled], - :hasstatus => true, - :hasrestart => true, - :tag => 'mistral-service', - ) - is_expected.to contain_service('mistral-executor').that_subscribes_to(nil) - end - end - end - - context 'with disabled service managing' do - before do - params.merge!({ - :manage_service => false, - :enabled => false }) - end - - it 'configures mistral-executor service' do - - is_expected.to contain_service('mistral-executor').with( - :ensure => nil, - :name => platform_params[:executor_service_name], - :enable => false, - :hasstatus => true, - :hasrestart => true, - :tag => 'mistral-service', - ) - is_expected.to contain_service('mistral-executor').that_subscribes_to(nil) - end - end - - end - - context 'on Debian platforms' do - let :facts do - { :osfamily => 'Debian' } - end - - let :platform_params do - { :executor_service_name => 'mistral-executor' } - end - - it_configures 'mistral-executor' - end - - context 'on RedHat platforms' do - let :facts do - { :osfamily => 'RedHat' } - end - - let :platform_params do - { :executor_service_name => 'openstack-mistral-executor' } - end - - it_configures 'mistral-executor' - end - -end diff --git a/mistral/spec/classes/mistral_init_spec.rb b/mistral/spec/classes/mistral_init_spec.rb deleted file mode 100644 index fd574658d..000000000 --- a/mistral/spec/classes/mistral_init_spec.rb +++ /dev/null @@ -1,211 +0,0 @@ -require 'spec_helper' -describe 'mistral' do - let :req_params do - { - :rabbit_password => 'guest', - :database_connection => 'mysql://user:password@host/database', - :keystone_password => 'foo', - } - end - - let :facts do - OSDefaults.get_facts({ - :osfamily => 'Debian', - :operatingsystem => 'Debian', - :operatingsystemrelease => 'jessie', - }) - end - - describe 'with only required params' do - let :params do - req_params - end - - it { is_expected.to contain_class('mistral::logging') } - it { is_expected.to contain_class('mistral::params') } - it { is_expected.to contain_class('mysql::bindings::python') } - - it 'should contain default config' do - is_expected.to contain_mistral_config('DEFAULT/rpc_backend').with(:value => 'rabbit') - is_expected.to contain_mistral_config('DEFAULT/control_exchange').with(:value => 'openstack') - is_expected.to contain_mistral_config('DEFAULT/report_interval').with(:value => '') - is_expected.to contain_mistral_config('DEFAULT/service_down_time').with(:value => '') - is_expected.to contain_mistral_config('oslo_messaging_rabbit/rabbit_password').with(:value => 'guest', :secret => true) - is_expected.to contain_mistral_config('oslo_messaging_rabbit/rabbit_host').with(:value => '127.0.0.1') - is_expected.to contain_mistral_config('oslo_messaging_rabbit/rabbit_port').with(:value => '5672') - is_expected.to contain_mistral_config('oslo_messaging_rabbit/rabbit_hosts').with(:value => '127.0.0.1:5672') - is_expected.to contain_mistral_config('oslo_messaging_rabbit/rabbit_ha_queues').with(:value => false) - is_expected.to contain_mistral_config('oslo_messaging_rabbit/rabbit_virtual_host').with(:value => '/') - is_expected.to contain_mistral_config('oslo_messaging_rabbit/heartbeat_timeout_threshold').with_value('0') - is_expected.to contain_mistral_config('oslo_messaging_rabbit/heartbeat_rate').with_value('2') - is_expected.to contain_mistral_config('oslo_messaging_rabbit/rabbit_userid').with(:value => 'guest') - is_expected.to contain_mistral_config('oslo_messaging_rabbit/kombu_reconnect_delay').with(:value => '') - is_expected.to contain_mistral_config('coordination/backend_url').with(:value => '') - is_expected.to contain_mistral_config('coordination/heartbeat_interval').with(:value => '') - is_expected.to contain_mistral_config('keystone_authtoken/auth_uri').with( - :value => 'http://localhost:5000/' - ) - is_expected.to contain_mistral_config('keystone_authtoken/identity_uri').with( - :value => 'http://localhost:35357/' - ) - is_expected.to contain_mistral_config('keystone_authtoken/admin_tenant_name').with( - :value => 'services' - ) - is_expected.to contain_mistral_config('keystone_authtoken/admin_user').with( - :value => 'mistral' - ) - is_expected.to contain_mistral_config('keystone_authtoken/admin_password').with( - :value => 'foo' - ) - end - - end - describe 'with modified rabbit_hosts' do - let :params do - req_params.merge({'rabbit_hosts' => ['rabbit1:5672', 'rabbit2:5672']}) - end - - it 'should contain many' do - is_expected.to contain_mistral_config('oslo_messaging_rabbit/rabbit_host').with(:value => nil) - is_expected.to contain_mistral_config('oslo_messaging_rabbit/rabbit_port').with(:value => nil) - is_expected.to contain_mistral_config('oslo_messaging_rabbit/rabbit_hosts').with(:value => 'rabbit1:5672,rabbit2:5672') - is_expected.to contain_mistral_config('oslo_messaging_rabbit/rabbit_ha_queues').with(:value => true) - end - end - - describe 'with a single rabbit_hosts entry' do - let :params do - req_params.merge({'rabbit_hosts' => ['rabbit1:5672']}) - end - - it 'should contain many' do - is_expected.to contain_mistral_config('oslo_messaging_rabbit/rabbit_host').with(:value => nil) - is_expected.to contain_mistral_config('oslo_messaging_rabbit/rabbit_port').with(:value => nil) - is_expected.to contain_mistral_config('oslo_messaging_rabbit/rabbit_hosts').with(:value => 'rabbit1:5672') - is_expected.to contain_mistral_config('oslo_messaging_rabbit/rabbit_ha_queues').with(:value => false) - end - end - - describe 'a single rabbit_host with enable ha queues' do - let :params do - req_params.merge({'rabbit_ha_queues' => true}) - end - - it 'should contain rabbit_ha_queues' do - is_expected.to contain_mistral_config('oslo_messaging_rabbit/rabbit_ha_queues').with(:value => true) - end - end - - describe 'with rabbitmq heartbeats' do - let :params do - req_params.merge({'rabbit_heartbeat_timeout_threshold' => '60', 'rabbit_heartbeat_rate' => '10'}) - end - - it 'should contain heartbeat config' do - is_expected.to contain_mistral_config('oslo_messaging_rabbit/heartbeat_timeout_threshold').with_value('60') - is_expected.to contain_mistral_config('oslo_messaging_rabbit/heartbeat_rate').with_value('10') - end - end - - describe 'with SSL enabled with kombu' do - let :params do - req_params.merge!({ - :rabbit_use_ssl => true, - :kombu_ssl_ca_certs => '/path/to/ssl/ca/certs', - :kombu_ssl_certfile => '/path/to/ssl/cert/file', - :kombu_ssl_keyfile => '/path/to/ssl/keyfile', - :kombu_ssl_version => 'TLSv1' - }) - end - - it do - is_expected.to contain_mistral_config('oslo_messaging_rabbit/rabbit_use_ssl').with_value('true') - is_expected.to contain_mistral_config('oslo_messaging_rabbit/kombu_ssl_ca_certs').with_value('/path/to/ssl/ca/certs') - is_expected.to contain_mistral_config('oslo_messaging_rabbit/kombu_ssl_certfile').with_value('/path/to/ssl/cert/file') - is_expected.to contain_mistral_config('oslo_messaging_rabbit/kombu_ssl_keyfile').with_value('/path/to/ssl/keyfile') - is_expected.to contain_mistral_config('oslo_messaging_rabbit/kombu_ssl_version').with_value('TLSv1') - end - end - - describe 'with SSL enabled without kombu' do - let :params do - req_params.merge!({ - :rabbit_use_ssl => true, - }) - end - - it do - is_expected.to contain_mistral_config('oslo_messaging_rabbit/rabbit_use_ssl').with_value('true') - is_expected.to contain_mistral_config('oslo_messaging_rabbit/kombu_ssl_ca_certs').with_value('') - is_expected.to contain_mistral_config('oslo_messaging_rabbit/kombu_ssl_certfile').with_value('') - is_expected.to contain_mistral_config('oslo_messaging_rabbit/kombu_ssl_keyfile').with_value('') - is_expected.to contain_mistral_config('oslo_messaging_rabbit/kombu_ssl_version').with_value('') - end - end - - describe 'with SSL disabled' do - let :params do - req_params.merge!({ - :rabbit_use_ssl => false, - :kombu_ssl_ca_certs => '', - :kombu_ssl_certfile => '', - :kombu_ssl_keyfile => '', - :kombu_ssl_version => '' - }) - end - - it do - is_expected.to contain_mistral_config('oslo_messaging_rabbit/rabbit_use_ssl').with_value('false') - is_expected.to contain_mistral_config('oslo_messaging_rabbit/kombu_ssl_ca_certs').with_value('') - is_expected.to contain_mistral_config('oslo_messaging_rabbit/kombu_ssl_certfile').with_value('') - is_expected.to contain_mistral_config('oslo_messaging_rabbit/kombu_ssl_keyfile').with_value('') - is_expected.to contain_mistral_config('oslo_messaging_rabbit/kombu_ssl_version').with_value('') - end - end - - describe 'with amqp_durable_queues disabled' do - let :params do - req_params - end - - it { is_expected.to contain_mistral_config('oslo_messaging_rabbit/amqp_durable_queues').with_value(false) } - end - - describe 'with amqp_durable_queues enabled' do - let :params do - req_params.merge({ - :amqp_durable_queues => true, - }) - end - - it { is_expected.to contain_mistral_config('oslo_messaging_rabbit/amqp_durable_queues').with_value(true) } - end - - describe 'with postgresql' do - let :params do - req_params.merge({ - :database_connection => 'postgresql://user:drowssap@host/database', - :rabbit_password => 'guest', - }) - end - - it { is_expected.to_not contain_class('mysql::python') } - it { is_expected.to_not contain_class('mysql::bindings') } - it { is_expected.to_not contain_class('mysql::bindings::python') } - end - - describe 'with coordination' do - let :params do - req_params.merge({ - :coordination_backend_url => 'redis://127.0.0.1', - :coordination_heartbeat_interval => '10.0', - }) - end - - it 'should contain coordination config' do - is_expected.to contain_mistral_config('coordination/backend_url').with(:value => 'redis://127.0.0.1') - is_expected.to contain_mistral_config('coordination/heartbeat_interval').with(:value => '10.0') - end - end - -end diff --git a/mistral/spec/classes/mistral_keystone_auth_spec.rb b/mistral/spec/classes/mistral_keystone_auth_spec.rb deleted file mode 100644 index 7a5763f0c..000000000 --- a/mistral/spec/classes/mistral_keystone_auth_spec.rb +++ /dev/null @@ -1,104 +0,0 @@ -# -# Unit tests for mistral::keystone::auth -# - -require 'spec_helper' - -describe 'mistral::keystone::auth' do - - let :facts do - { :osfamily => 'Debian' } - end - - describe 'with default class parameters' do - let :params do - { :password => 'mistral_password', - :tenant => 'services' } - end - - it { is_expected.to contain_keystone_user('mistral').with( - :ensure => 'present', - :password => 'mistral_password', - ) } - - it { is_expected.to contain_keystone_user_role('mistral@services').with( - :ensure => 'present', - :roles => ['admin'] - )} - - it { is_expected.to contain_keystone_service('mistral::workflowv2').with( - :ensure => 'present', - :description => 'OpenStack Workflow Service' - ) } - - it { is_expected.to contain_keystone_endpoint('RegionOne/mistral::workflowv2').with( - :ensure => 'present', - :public_url => "http://127.0.0.1:8989/v2", - :admin_url => "http://127.0.0.1:8989/v2", - :internal_url => "http://127.0.0.1:8989/v2" - ) } - end - - describe 'when overriding auth name' do - let :params do - { :password => 'foo', - :auth_name => 'mistraly' } - end - - it { is_expected.to contain_keystone_user('mistraly') } - it { is_expected.to contain_keystone_user_role('mistraly@services') } - it { is_expected.to contain_keystone_service('mistraly::workflowv2') } - it { is_expected.to contain_keystone_endpoint('RegionOne/mistraly::workflowv2') } - end - - describe 'when overriding service name' do - let :params do - { :service_name => 'mistral_service', - :auth_name => 'mistral', - :password => 'mistral_password' } - end - - it { is_expected.to contain_keystone_user('mistral') } - it { is_expected.to contain_keystone_user_role('mistral@services') } - it { is_expected.to contain_keystone_service('mistral_service::workflowv2') } - it { is_expected.to contain_keystone_endpoint('RegionOne/mistral_service::workflowv2') } - end - - describe 'when disabling user configuration' do - - let :params do - { - :password => 'mistral_password', - :configure_user => false - } - end - - it { is_expected.not_to contain_keystone_user('mistral') } - it { is_expected.to contain_keystone_user_role('mistral@services') } - it { is_expected.to contain_keystone_service('mistral::workflowv2').with( - :ensure => 'present', - :description => 'OpenStack Workflow Service' - ) } - - end - - describe 'when disabling user and user role configuration' do - - let :params do - { - :password => 'mistral_password', - :configure_user => false, - :configure_user_role => false - } - end - - it { is_expected.not_to contain_keystone_user('mistral') } - it { is_expected.not_to contain_keystone_user_role('mistral@services') } - it { is_expected.to contain_keystone_service('mistral::workflowv2').with( - :ensure => 'present', - :description => 'OpenStack Workflow Service' - ) } - - end - -end diff --git a/mistral/spec/classes/mistral_logging_spec.rb b/mistral/spec/classes/mistral_logging_spec.rb deleted file mode 100644 index d707d537b..000000000 --- a/mistral/spec/classes/mistral_logging_spec.rb +++ /dev/null @@ -1,124 +0,0 @@ -require 'spec_helper' - -describe 'mistral::logging' do - - let :params do - { - } - end - - let :log_params do - { - :logging_context_format_string => '%(asctime)s.%(msecs)03d %(process)d %(levelname)s %(name)s [%(request_id)s %(user_identity)s] %(instance)s%(message)s', - :logging_default_format_string => '%(asctime)s.%(msecs)03d %(process)d %(levelname)s %(name)s [-] %(instance)s%(message)s', - :logging_debug_format_suffix => '%(funcName)s %(pathname)s:%(lineno)d', - :logging_exception_prefix => '%(asctime)s.%(msecs)03d %(process)d TRACE %(name)s %(instance)s', - :log_config_append => '/etc/mistral/logging.conf', - :publish_errors => true, - :default_log_levels => { - 'amqp' => 'WARN', 'amqplib' => 'WARN', 'boto' => 'WARN', - 'qpid' => 'WARN', 'sqlalchemy' => 'WARN', 'suds' => 'INFO', - 'iso8601' => 'WARN', - 'requests.packages.urllib3.connectionpool' => 'WARN' }, - :fatal_deprecations => true, - :instance_format => '[instance: %(uuid)s] ', - :instance_uuid_format => '[instance: %(uuid)s] ', - :log_date_format => '%Y-%m-%d %H:%M:%S', - :use_syslog => false, - :use_stderr => false, - :log_facility => 'LOG_USER', - :log_dir => '/var/log', - :verbose => true, - :debug => true, - } - end - - shared_examples_for 'mistral-logging' do - - context 'with basic logging options and default settings' do - it_configures 'basic default logging settings' - end - - context 'with basic logging options and non-default settings' do - before { params.merge!( log_params ) } - it_configures 'basic non-default logging settings' - end - - context 'with extended logging options' do - before { params.merge!( log_params ) } - it_configures 'logging params set' - end - - end - - shared_examples 'basic default logging settings' do - it 'configures mistral logging settins with default values' do - is_expected.to contain_mistral_config('DEFAULT/use_syslog').with(:value => '') - is_expected.to contain_mistral_config('DEFAULT/use_stderr').with(:value => '') - is_expected.to contain_mistral_config('DEFAULT/syslog_log_facility').with(:value => '') - is_expected.to contain_mistral_config('DEFAULT/log_dir').with(:value => '/var/log/mistral') - is_expected.to contain_mistral_config('DEFAULT/verbose').with(:value => '') - is_expected.to contain_mistral_config('DEFAULT/debug').with(:value => '') - end - end - - shared_examples 'basic non-default logging settings' do - it 'configures mistral logging settins with non-default values' do - is_expected.to contain_mistral_config('DEFAULT/use_syslog').with(:value => 'false') - is_expected.to contain_mistral_config('DEFAULT/use_stderr').with(:value => 'false') - is_expected.to contain_mistral_config('DEFAULT/syslog_log_facility').with(:value => 'LOG_USER') - is_expected.to contain_mistral_config('DEFAULT/log_dir').with(:value => '/var/log') - is_expected.to contain_mistral_config('DEFAULT/verbose').with(:value => 'true') - is_expected.to contain_mistral_config('DEFAULT/debug').with(:value => 'true') - end - end - - shared_examples_for 'logging params set' do - it 'enables logging params' do - is_expected.to contain_mistral_config('DEFAULT/logging_context_format_string').with_value( - '%(asctime)s.%(msecs)03d %(process)d %(levelname)s %(name)s [%(request_id)s %(user_identity)s] %(instance)s%(message)s') - - is_expected.to contain_mistral_config('DEFAULT/logging_default_format_string').with_value( - '%(asctime)s.%(msecs)03d %(process)d %(levelname)s %(name)s [-] %(instance)s%(message)s') - - is_expected.to contain_mistral_config('DEFAULT/logging_debug_format_suffix').with_value( - '%(funcName)s %(pathname)s:%(lineno)d') - - is_expected.to contain_mistral_config('DEFAULT/logging_exception_prefix').with_value( - '%(asctime)s.%(msecs)03d %(process)d TRACE %(name)s %(instance)s') - - is_expected.to contain_mistral_config('DEFAULT/log_config_append').with_value( - '/etc/mistral/logging.conf') - is_expected.to contain_mistral_config('DEFAULT/publish_errors').with_value( - true) - - is_expected.to contain_mistral_config('DEFAULT/default_log_levels').with_value( - 'amqp=WARN,amqplib=WARN,boto=WARN,iso8601=WARN,qpid=WARN,requests.packages.urllib3.connectionpool=WARN,sqlalchemy=WARN,suds=INFO') - - is_expected.to contain_mistral_config('DEFAULT/fatal_deprecations').with_value( - true) - - is_expected.to contain_mistral_config('DEFAULT/instance_format').with_value( - '[instance: %(uuid)s] ') - - is_expected.to contain_mistral_config('DEFAULT/instance_uuid_format').with_value( - '[instance: %(uuid)s] ') - - is_expected.to contain_mistral_config('DEFAULT/log_date_format').with_value( - '%Y-%m-%d %H:%M:%S') - end - end - - on_supported_os({ - :supported_os => OSDefaults.get_supported_os - }).each do |os,facts| - context "on #{os}" do - let (:facts) do - facts.merge(OSDefaults.get_facts({:processorcount => 8})) - end - - it_configures 'mistral-logging' - end - end - -end diff --git a/mistral/spec/classes/mistral_policy_spec.rb b/mistral/spec/classes/mistral_policy_spec.rb deleted file mode 100644 index 09c1a589c..000000000 --- a/mistral/spec/classes/mistral_policy_spec.rb +++ /dev/null @@ -1,41 +0,0 @@ -require 'spec_helper' - -describe 'mistral::policy' do - - shared_examples_for 'mistral policies' do - let :params do - { - :policy_path => '/etc/mistral/policy.json', - :policies => { - 'context_is_admin' => { - 'key' => 'context_is_admin', - 'value' => 'foo:bar' - } - } - } - end - - it 'set up the policies' do - is_expected.to contain_openstacklib__policy__base('context_is_admin').with({ - :key => 'context_is_admin', - :value => 'foo:bar' - }) - end - end - - context 'on Debian platforms' do - let :facts do - { :osfamily => 'Debian' } - end - - it_configures 'mistral policies' - end - - context 'on RedHat platforms' do - let :facts do - { :osfamily => 'RedHat' } - end - - it_configures 'mistral policies' - end -end diff --git a/mistral/spec/classes/mistral_wsgi_apache_spec.rb b/mistral/spec/classes/mistral_wsgi_apache_spec.rb deleted file mode 100644 index 65a59d3e0..000000000 --- a/mistral/spec/classes/mistral_wsgi_apache_spec.rb +++ /dev/null @@ -1,124 +0,0 @@ -require 'spec_helper' - -describe 'mistral::wsgi::apache' do - - let :global_facts do - @default_facts.merge({ - :processorcount => 42, - :concat_basedir => '/var/lib/puppet/concat', - :fqdn => 'some.host.tld', - }) - end - - shared_examples_for 'apache serving mistral with mod_wsgi' do - it { is_expected.to contain_service('httpd').with_name(platform_parameters[:httpd_service_name]) } - it { is_expected.to contain_class('mistral::params') } - it { is_expected.to contain_class('apache') } - it { is_expected.to contain_class('apache::mod::wsgi') } - - describe 'with default parameters' do - - it { is_expected.to contain_file("#{platform_parameters[:wsgi_script_path]}").with( - 'ensure' => 'directory', - 'owner' => 'mistral', - 'group' => 'mistral', - 'require' => 'Package[httpd]' - )} - - - it { is_expected.to contain_file('mistral_wsgi').with( - 'ensure' => 'file', - 'path' => "#{platform_parameters[:wsgi_script_path]}/app", - 'source' => platform_parameters[:wsgi_script_source], - 'owner' => 'mistral', - 'group' => 'mistral', - 'mode' => '0644' - )} - it { is_expected.to contain_file('mistral_wsgi').that_requires("File[#{platform_parameters[:wsgi_script_path]}]") } - - it { is_expected.to contain_apache__vhost('mistral_wsgi').with( - 'servername' => 'some.host.tld', - 'ip' => nil, - 'port' => '8989', - 'docroot' => "#{platform_parameters[:wsgi_script_path]}", - 'docroot_owner' => 'mistral', - 'docroot_group' => 'mistral', - 'ssl' => 'true', - 'wsgi_daemon_process' => 'mistral', - 'wsgi_process_group' => 'mistral', - 'wsgi_script_aliases' => { '/' => "#{platform_parameters[:wsgi_script_path]}/app" }, - 'require' => 'File[mistral_wsgi]' - )} - it { is_expected.to contain_file("#{platform_parameters[:httpd_ports_file]}") } - end - - describe 'when overriding parameters using different ports' do - let :params do - { - :servername => 'dummy.host', - :bind_host => '10.42.51.1', - :port => 12345, - :ssl => false, - :workers => 37, - } - end - - it { is_expected.to contain_apache__vhost('mistral_wsgi').with( - 'servername' => 'dummy.host', - 'ip' => '10.42.51.1', - 'port' => '12345', - 'docroot' => "#{platform_parameters[:wsgi_script_path]}", - 'docroot_owner' => 'mistral', - 'docroot_group' => 'mistral', - 'ssl' => 'false', - 'wsgi_daemon_process' => 'mistral', - 'wsgi_process_group' => 'mistral', - 'wsgi_script_aliases' => { '/' => "#{platform_parameters[:wsgi_script_path]}/app" }, - 'require' => 'File[mistral_wsgi]' - )} - - it { is_expected.to contain_file("#{platform_parameters[:httpd_ports_file]}") } - end - end - - context 'on RedHat platforms' do - let :facts do - global_facts.merge({ - :osfamily => 'RedHat', - :operatingsystemrelease => '7.0' - }) - end - - let :platform_parameters do - { - :httpd_service_name => 'httpd', - :httpd_ports_file => '/etc/httpd/conf/ports.conf', - :wsgi_script_path => '/var/www/cgi-bin/mistral', - :wsgi_script_source => '/usr/lib/python2.7/site-packages/mistral/api/wsgi.py' - } - end - - it_configures 'apache serving mistral with mod_wsgi' - end - - context 'on Debian platforms' do - let :facts do - global_facts.merge({ - :osfamily => 'Debian', - :operatingsystem => 'Debian', - :operatingsystemrelease => '7.0' - }) - end - - let :platform_parameters do - { - :httpd_service_name => 'apache2', - :httpd_ports_file => '/etc/apache2/ports.conf', - :wsgi_script_path => '/usr/lib/cgi-bin/mistral', - :wsgi_script_source => '/usr/share/mistral-common/wsgi.py' - } - end - - it_configures 'apache serving mistral with mod_wsgi' - end -end diff --git a/mistral/spec/shared_examples.rb b/mistral/spec/shared_examples.rb deleted file mode 100644 index fec0eacc9..000000000 --- a/mistral/spec/shared_examples.rb +++ /dev/null @@ -1,5 +0,0 @@ -shared_examples_for "a Puppet::Error" do |description| - it "with message matching #{description.inspect}" do - expect { is_expected.to have_class_count(1) }.to raise_error(Puppet::Error, description) - end -end diff --git a/mistral/spec/spec_helper.rb b/mistral/spec/spec_helper.rb deleted file mode 100644 index be3811cf2..000000000 --- a/mistral/spec/spec_helper.rb +++ /dev/null @@ -1,18 +0,0 @@ -require 'puppetlabs_spec_helper/module_spec_helper' -require 'shared_examples' - -require 'puppet-openstack_spec_helper/defaults' -require 'rspec-puppet-facts' -include RspecPuppetFacts - -RSpec.configure do |c| - c.alias_it_should_behave_like_to :it_configures, 'configures' - c.alias_it_should_behave_like_to :it_raises, 'raises' - # TODO(aschultz): remove this after all tests converted to use OSDefaults - # instead of referencing @default_facts - c.before :each do - @default_facts = OSDefaults.get_facts - end -end - -at_exit { RSpec::Puppet::Coverage.report! } diff --git a/mistral/spec/spec_helper_acceptance.rb b/mistral/spec/spec_helper_acceptance.rb deleted file mode 100644 index 9196bc99b..000000000 --- a/mistral/spec/spec_helper_acceptance.rb +++ /dev/null @@ -1 +0,0 @@ -require 'puppet-openstack_spec_helper/beaker_spec_helper' diff --git a/mistral/spec/unit/provider/mistral_config/ini_setting_spec.rb b/mistral/spec/unit/provider/mistral_config/ini_setting_spec.rb deleted file mode 100644 index 1b60aa33a..000000000 --- a/mistral/spec/unit/provider/mistral_config/ini_setting_spec.rb +++ /dev/null @@ -1,68 +0,0 @@ -# these tests are a little concerning b/c they are hacking around the -# modulepath, so these tests will not catch issues that may eventually arise -# related to loading these plugins. -# I could not, for the life of me, figure out how to programatcally set the modulepath -$LOAD_PATH.push( - File.join( - File.dirname(__FILE__), - '..', - '..', - '..', - 'fixtures', - 'modules', - 'inifile', - 'lib') -) -$LOAD_PATH.push( - File.join( - File.dirname(__FILE__), - '..', - '..', - '..', - 'fixtures', - 'modules', - 'openstacklib', - 'lib') -) - -require 'spec_helper' -provider_class = Puppet::Type.type(:mistral_config).provider(:ini_setting) -describe provider_class do - - it 'should default to the default setting when no other one is specified' do - resource = Puppet::Type::Mistral_config.new( - {:name => 'DEFAULT/foo', :value => 'bar'} - ) - provider = provider_class.new(resource) - expect(provider.section).to eq('DEFAULT') - expect(provider.setting).to eq('foo') - end - - it 'should allow setting to be set explicitly' do - resource = Puppet::Type::Mistral_config.new( - {:name => 'dude/foo', :value => 'bar'} - ) - provider = provider_class.new(resource) - expect(provider.section).to eq('dude') - expect(provider.setting).to eq('foo') - end - - it 'should ensure absent when is specified as a value' do - resource = Puppet::Type::Mistral_config.new( - {:name => 'dude/foo', :value => ''} - ) - provider = provider_class.new(resource) - provider.exists? - expect(resource[:ensure]).to eq :absent - end - - it 'should ensure absent when value matches ensure_absent_val' do - resource = Puppet::Type::Mistral_config.new( - {:name => 'dude/foo', :value => 'foo', :ensure_absent_val => 'foo' } - ) - provider = provider_class.new(resource) - provider.exists? - expect(resource[:ensure]).to eq :absent - end - -end diff --git a/mistral/spec/unit/type/mistral_config_spec.rb b/mistral/spec/unit/type/mistral_config_spec.rb deleted file mode 100644 index 7e21a3f56..000000000 --- a/mistral/spec/unit/type/mistral_config_spec.rb +++ /dev/null @@ -1,52 +0,0 @@ -require 'puppet' -require 'puppet/type/mistral_config' -describe 'Puppet::Type.type(:mistral_config)' do - before :each do - @mistral_config = Puppet::Type.type(:mistral_config).new(:name => 'DEFAULT/foo', :value => 'bar') - end - - it 'should require a name' do - expect { - Puppet::Type.type(:mistral_config).new({}) - }.to raise_error(Puppet::Error, 'Title or name must be provided') - end - - it 'should not expect a name with whitespace' do - expect { - Puppet::Type.type(:mistral_config).new(:name => 'f oo') - }.to raise_error(Puppet::Error, /Parameter name failed/) - end - - it 'should fail when there is no section' do - expect { - Puppet::Type.type(:mistral_config).new(:name => 'foo') - }.to raise_error(Puppet::Error, /Parameter name failed/) - end - - it 'should not require a value when ensure is absent' do - Puppet::Type.type(:mistral_config).new(:name => 'DEFAULT/foo', :ensure => :absent) - end - - it 'should accept a valid value' do - @mistral_config[:value] = 'bar' - expect(@mistral_config[:value]).to eq('bar') - end - - it 'should not accept a value with whitespace' do - @mistral_config[:value] = 'b ar' - expect(@mistral_config[:value]).to eq('b ar') - end - - it 'should accept valid ensure values' do - @mistral_config[:ensure] = :present - expect(@mistral_config[:ensure]).to eq(:present) - @mistral_config[:ensure] = :absent - expect(@mistral_config[:ensure]).to eq(:absent) - end - - it 'should not accept invalid ensure values' do - expect { - @mistral_config[:ensure] = :latest - }.to raise_error(Puppet::Error, /Invalid value/) - end -end diff --git a/mistral/templates/openstack-mistral-api.service.erb b/mistral/templates/openstack-mistral-api.service.erb deleted file mode 100644 index 30fac129b..000000000 --- a/mistral/templates/openstack-mistral-api.service.erb +++ /dev/null @@ -1,12 +0,0 @@ -[Unit] -Description=OpenStack workflow service (code-named Mistral) -After=syslog.target network.target - -[Service] -Type=simple -Restart=always -User=mistral -ExecStart=/usr/bin/mistral-server --server api --config-file <%= @conf_file %> --log-file <%= @log_file %> - -[Install] -WantedBy=multi-user.target diff --git a/mistral/templates/openstack-mistral-engine.service.erb b/mistral/templates/openstack-mistral-engine.service.erb deleted file mode 100644 index 307a5a7b8..000000000 --- a/mistral/templates/openstack-mistral-engine.service.erb +++ /dev/null @@ -1,12 +0,0 @@ -[Unit] -Description=OpenStack workflow service (code-named Mistral) -After=syslog.target network.target - -[Service] -Type=simple -Restart=always -User=mistral -ExecStart=/usr/bin/mistral-server --server engine --config-file <%= @conf_file %> --log-file <%= @log_file %> - -[Install] -WantedBy=multi-user.target diff --git a/mistral/templates/openstack-mistral-executor.service.erb b/mistral/templates/openstack-mistral-executor.service.erb deleted file mode 100644 index 4161040ae..000000000 --- a/mistral/templates/openstack-mistral-executor.service.erb +++ /dev/null @@ -1,12 +0,0 @@ -[Unit] -Description=OpenStack workflow service (code-named Mistral) -After=syslog.target network.target - -[Service] -Type=simple -Restart=always -User=mistral -ExecStart=/usr/bin/mistral-server --server executor --config-file <%= @conf_file %> --log-file <%= @log_file %> - -[Install] -WantedBy=multi-user.target diff --git a/mistral/test-requirements.txt b/mistral/test-requirements.txt deleted file mode 100644 index bedd66690..000000000 --- a/mistral/test-requirements.txt +++ /dev/null @@ -1,4 +0,0 @@ -# this is required for the docs build jobs -sphinx!=1.2.0,!=1.3b1,<1.3,>=1.1.2 -oslosphinx>=2.5.0 # Apache-2.0 -reno>=0.1.1 # Apache-2.0 diff --git a/mistral/tests/init.pp b/mistral/tests/init.pp deleted file mode 100644 index a121f5e6e..000000000 --- a/mistral/tests/init.pp +++ /dev/null @@ -1,12 +0,0 @@ -# The baseline for module testing used by Puppet Labs is that each manifest -# should have a corresponding test manifest that declares that class or defined -# type. -# -# Tests are then run by using puppet apply --noop (to check for compilation -# errors and view a log of events) or by fully applying the test in a virtual -# environment (to compare the resulting system state to the desired state). -# -# Learn more about module testing here: -# http://docs.puppetlabs.com/guides/tests_smoke.html -# -include ::mistral diff --git a/mistral/tox.ini b/mistral/tox.ini deleted file mode 100644 index aea06c84f..000000000 --- a/mistral/tox.ini +++ /dev/null @@ -1,8 +0,0 @@ -[tox] -minversion = 1.6 -skipsdist = True -envlist = releasenotes - -[testenv:releasenotes] -deps = -rtest-requirements.txt -commands = sphinx-build -a -E -W -d releasenotes/build/doctrees -b html releasenotes/source releasenotes/build/html diff --git a/module-collectd/.fixtures.yml b/module-collectd/.fixtures.yml deleted file mode 100644 index 99067d889..000000000 --- a/module-collectd/.fixtures.yml +++ /dev/null @@ -1,9 +0,0 @@ -fixtures: - repositories: - stdlib: - repo: 'git://github.com/puppetlabs/puppetlabs-stdlib' - concat: - repo: 'git://github.com/puppetlabs/puppetlabs-concat' - ref: '1.2.1' - symlinks: - 'collectd': "#{source_dir}" diff --git a/module-collectd/.gitignore b/module-collectd/.gitignore deleted file mode 100644 index adc1241ef..000000000 --- a/module-collectd/.gitignore +++ /dev/null @@ -1,7 +0,0 @@ -.*.sw? -pkg -spec/fixtures/manifests -spec/fixtures/modules -.rspec_system -.vagrant -Gemfile.lock diff --git a/module-collectd/.nodeset.yml b/module-collectd/.nodeset.yml deleted file mode 100644 index ab474cf25..000000000 --- a/module-collectd/.nodeset.yml +++ /dev/null @@ -1,11 +0,0 @@ ---- -default_set: 'ubuntu-server-12042-x64' -sets: - 'centos-64-x64': - nodes: - "main.foo.vm": - prefab: 'centos-64-x64' - 'ubuntu-server-12042-x64': - nodes: - "main.foo.vm": - prefab: 'ubuntu-server-12042-x64' diff --git a/module-collectd/.rubocop.yml b/module-collectd/.rubocop.yml deleted file mode 100644 index c9518fb6f..000000000 --- a/module-collectd/.rubocop.yml +++ /dev/null @@ -1,17 +0,0 @@ -AllCops: - Exclude: - - vendor/**/* - - pkg/**/* - - spec/fixtures/**/* - -# Configuration parameters: AllowURI, URISchemes. -Metrics/LineLength: - Max: 400 - -# dealbreaker: -Style/TrailingComma: - Enabled: false - -# we still support ruby 1.8 -Style/HashSyntax: - Enabled: false diff --git a/module-collectd/.sync.yml b/module-collectd/.sync.yml deleted file mode 100644 index 29cf02798..000000000 --- a/module-collectd/.sync.yml +++ /dev/null @@ -1,5 +0,0 @@ ---- -.travis.yml: - secure: "FAK3Izs5bSZyblGvcFnGWm0exZV5+v9pbwfRDD2oihWxX3U3pArGW+3XcwcJfLQgrUYBsOTmHC8yPjlgTBYeIt/5pvg9X+3jwNgeto6kozpI/nvAq4NtcHhzxRejuPELhFYeXZ3hEw0w+v/ZRo2cNLwI0LLpiWEDvCMZN1CJ2RY=" -spec/spec_helper.rb: - unmanaged: true diff --git a/module-collectd/.travis.yml b/module-collectd/.travis.yml deleted file mode 100644 index 75b4acfa5..000000000 --- a/module-collectd/.travis.yml +++ /dev/null @@ -1,34 +0,0 @@ ---- -notifications: - email: false -sudo: false -language: ruby -cache: bundler -bundler_args: --without system_tests -before_install: rm Gemfile.lock || true -script: - - 'bundle exec rake $CHECK' -matrix: - fast_finish: true - include: - - rvm: 1.9.3 - env: PUPPET_VERSION="~> 3.0" STRICT_VARIABLES="yes" CHECK=test - - rvm: 2.1.6 - env: PUPPET_VERSION="~> 3.0" STRICT_VARIABLES="yes" CHECK=test - - rvm: 2.1.6 - env: PUPPET_VERSION="~> 4.0" STRICT_VARIABLES="yes" CHECK=test - - rvm: 2.2.3 - env: PUPPET_VERSION="~> 4.0" STRICT_VARIABLES="yes" CHECK=test - - rvm: 2.2.3 - env: PUPPET_VERSION="~> 4.0" STRICT_VARIABLES="yes" CHECK=rubocop -deploy: - provider: puppetforge - user: puppet - password: - secure: "FAK3Izs5bSZyblGvcFnGWm0exZV5+v9pbwfRDD2oihWxX3U3pArGW+3XcwcJfLQgrUYBsOTmHC8yPjlgTBYeIt/5pvg9X+3jwNgeto6kozpI/nvAq4NtcHhzxRejuPELhFYeXZ3hEw0w+v/ZRo2cNLwI0LLpiWEDvCMZN1CJ2RY=" - on: - tags: true - # all_branches is required to use tags - all_branches: true - # Only publish if our main Ruby target builds - rvm: 1.9.3 diff --git a/module-collectd/CHANGELOG.md b/module-collectd/CHANGELOG.md deleted file mode 100644 index 6084001c8..000000000 --- a/module-collectd/CHANGELOG.md +++ /dev/null @@ -1,470 +0,0 @@ -## 2015-09-03 Release 4.2.0 - -### New features - -* Add support for types.db -* Add plugin::netlink -* Add collectd::plugin::ceph -* Add support for the new AllPortsSummary option -* plugin/mysql: Add innodbstats and slavenotifications -* plugin/snmp: Remove sorting of Values option in data block -* plugin/snmp: Support InstancePrefix, Scale and Shift options -* plugin/logfile: Add support for PrintSeverity option (fix #317) -* plugin/exec: Exec plugin can also be used with a parameterized class. - -### Bug fixes - -* plugin/snmp: Check if Table option is defined - -## 2015-08-05 Release 4.1.2 - -Fix .travis.yml so that deploys work, better - -## 2015-08-05 Release 4.1.1 - -Fix .travis.yml so that deploys work - -## 2015-08-05 Release 4.1.0 - -This module now lives on the puppet community github organization. - -### New features - -* Add option to not install collectd-iptables on centos 6 -* Allow iptables chains parameter to be an array -* Support UdevNameAttr attribute on disk plugin (fixes #300) - -## 2015-07-26 Release 4.0.0 - -### Backwards-incompatible changes: - -* Exec plugin was renamed from collectd::plugin::exec to collectd::plugin::exec::cmd to support multiple execs -* Write_graphite was renamed from collectd::plugin::write_graphite to collectd::plugin::write_graphite::carbon to supports multiple carbon backends - -### New features - -* Support for the aggregation, chain, and protocols plugins -* Swap and Memory plugins now support ValuesAbsolute and ValuesPercentage -* OpenVPN plugin now supports multiple statusfiles - -### Bug fixes - -* Fixed bug preventing multiple instances of curl_json -* Fixed write_http plugin on RedHat - -## 2015-06-16 Release 3.4.0 - -### Backwards-incompatible changes: - -* Implement support for mupltiple Python modules - -### Bug fixes - -* snmp/host.pp validate_re validate on string -* quote reserved word type in tail.pp - -### New features - -* add new cpu plugin options introduced in collectd 5.5 -* Added absent timers for statsd module. - -### Testing enhancements - -* Add ruby 2.2.0 to TravisCI -* Add puppet4 to .travis and update ruby to 2.1.6 -* Add metadata-json-lint gem - -## 2015-04-22 Release 3.3.0 - -### Backwards-incompatible changes: - -* Drop Ruby 1.8.7 support -* Package collectd-python is no longer available in EPEL - -### Features: - -* Allow disable forwarding in network::server - -### Bugs/Maint: - -* Fix permission on MySQL plugin file -* Only set LogSendErrors option if collectd version >= 5.4. -* CreateFiles/CreateFilesAsync expect boolean values - -## 2015-01-24 Release 3.2.0 - -### Backwards-incompatible changes: - -There are no known backwards compat changes, please add them to the -CHANGELOG if you find one. - -### Summary: - -The release adds support for 4 new plugins and adds redhat package -support to a large number of plugins. - -### New Plugins: - -* collectd::plugin::genericjmx -* collectd::plugin::java -* collectd::plugin::target_v5upgrade -* collectd::plugin::lvm - -### Features: - -* plugin/rrdcached: Add CollectStatistics option -* plugin/ntpd: Add IncludeUnitID option - -### Bugs/Maint: - -* Update metadata for more PE versions -* plugin/perl: changed exec in provider 'false' case -* plugin/varnish: package resouce ensure param passed -* plugin/postgresql: add package for redhat systems -* plugin/write_riemann: add package for redhat systems -* plugin/write_http: add package for redhat systems -* plugin/snmp: add package for redhat systems -* plugin/sensors: add package for redhat systems -* plugin/python: add package for redhat systems -* plugin/ping: add package for redhat systems -* plugin/perl: add package for redhat systems -* plugin/nginx: add package for redhat systems -* plugin/mysql: add package for redhat systems -* plugin/iptables: add package for redhat systems -* plugin/curl_json: add package for redhat systems -* plugin/curl: add package for redhat systems -* plugin/amqp: add package for redhat systems -* plugin/bind: add package for redhat systems - -## 2014-12-26 Release 3.1.0 - -### Backwards-incompatible changes: - -There are no known backwards compat changes, please add them to the -CHANGELOG if you find one. - -### Summary: - -This release introduces support for 3 new plugins, new parameters for existing -plugins, bugfixes, doc improvments and basic acceptance tests with beaker. - -### New Plugins: - -* Add conntrack module -* Add cpufreq plugin -* Add collectd::plugin::zfs_arc - -### Features: - -* filecount: support all options -* plugin::python introduce ensure parameter -* Make plugins passing the $interval parameter -* Support LogSendErrors on the write_graphite plugin -* curl: fix handling of some parameters -* curl_json: Support reading from a unix socket -* Adding support for WriteQueueLimitLow & WriteQueueLimitHigh, which were added in collectd 5.4 - -### Bugs/Maint: - -* Lintian fixes -* Ensure variable using 'false' will be interpreted. -* Cleaning the now redundant LoadPlugin declaration -* Uses the LoadPlugin syntax with bracket when supported -* Fix Puppet deprecation warning -* Add "" to Hostname -* Double quote the csv plugin DataDir. -* write_http: StoreRates is a bool, not a string -* curl : 'MeasureResponseTime' needs exactly one boolean argument -* Add collectd-apache package needed on RedHat -* Variables in templates should use @-notation - -### Tests: - -* Basic acceptance test with beaker -* Add rspec test to ensure the bracket syntax is using when available -* Fix travis by using plabs gemfile - -### Docs: - -* Add conntrack to README.md -* Add cpufreq plugin doc -* README.md: Fixed example entropy snippet. - -## 2014-10-04 Release 3.0.1 - -### Backwards-incompatible changes: - -none - -### Summary: - -Bug fix release - -### Features: - -* Add support for manually specifying the hostname - -### Bugs: - -* Add dependency for python plugins -* Set default value of chains to be hash -* Sort snmp data and hosts hash - -## 2014-08-25 Release 3.0.0 - -### Backwards-incompatible changes: - -* Make sure plugin_conf_dir is not world readable -* Full rewrite of the network plugin -* Rewrite of postgresql module to allow invocation by defined types - -### Summary: - -This release adds multiple new plugins and improvements - -### Features: - -* Varnish plugin improvments -* Add the ability to customize package name. -* Add write_http plugin -* Add statsd plugin -* Add plugin logfile -* Add curl plugin -* Add support for sensors plugin -* Add support for perl plugins -* Allow custom Include directives -* Add valuesabsolute and valuespercentage to df plugin - -### Bugs: - -* Issue 164: syslog plugin needs to be loaded as first plugin -* notify the collectd service when purging plugins -* add collectd-rrdtool package needed for RedHat -* sort python.conf options hash - -## 2014-04-14 Release 2.1.0 - -### Summary: - -This release adds Gentoo osfamily support and minor plugin changes - -### Features: - -- adding Gentoo support -- tcpconn plugin: $localports and $remoteports can me left undef if $listening is not set -- unixsock plugin: Implement the "DeleteSocket" option. -- add reportreserved parameter for df plugin - - -## 2014-04-14 Release 2.0.1 - -### Summary: - -Fix issue with metadata.json preventing Forge uploads - -## 2014-04-14 Release 2.0.0 - -### Summary: - -This release adds support for several new plugins and contains -some backwards-incompatible code refactors. - -### Backwards-incompatible changes: - -- Storerates=true is now the default for the Graphite plugin -- Deprecate write_network plugin, use network plugin instead -- Make sure plugin configs are not world readable. -- Handle plugin order with collectd::plugin resource type - (all collectd plugins config files will be renumbered from - 00-$name.conf to 10-$name.conf) - -### Features: - -- New plugins CSV, uptime, users, entropy, varnish, redis, - contextswitch, cpu, nfs, vmem, libvirt -- Add socket parameter to mysql plugin -- Add reportbytes to swap plugin -- Add SeparateInstances setting to write_graphite plugin -- Add metadata.json for Forge search support - -### Bugs: - -- Fix port parameter quotes in memcached plugin -- Fix collectd conf dir path parameter assignment -- Fix processes plugin configuration -- Force ReportReserved to true in df plugin - -## 2014-01-18 Release 1.1.0 - -### Summary: - -This release adds support for new plugins and fixes multiple bugs in -several plugin configurations. - -### Features: - -- Added load plugin -- Added memory plugin -- Added rrdtool plugin -- Added swap plugin -- Initial version of PostgreSQL plugin -- Add protocol paramter to write_graphite plugin -- add tests for network module -- Support pre-4.7 network configs. - -### Bugs: - -- Fix bug that always creates notification in exec on empty params -- fix typo in apache plugin manifest -- Make sure that plugins are always loaded before their configuration -- Add version check around emitting Protocol config -- mysql: use double quotes according to version -- Allow for alphanumeric collectd version numbers -- (gh-85) Fix null versioncmp bug in plugin templates -- (gh-69) Fix package name on RedHat - -## 2013-12-17 Release 1.0.2 - -### Summary: - -This release adds the AMQP plugin and a collectd version fact. - -### Features: - -- Add AMQP plugin -- Add class parameter typesdb -- Use collectd::params::root_group instead of fixed group name -- Add collectd version fact - -## 2013-12-04 Release 1.0.1 - -### Summary: - -This release introduces Archlinux osfamily support and support for -three new plugins ping, rrdcached, and processes. - -### Features: - - - Initial version of rrdcached plugin - - Add configurable processes plugin - - Add quotes for string values in network plugin - - Add ping plugin - - Add support for Archlinux - - Allow to set all write_graphite options. - -### Bugs: - - - Fixed missing double quotes in unixsock plugin template - - Added comma to syntax error in bind.pp - -## 2013-10-20 Release 1.0.0 - -### Summary: - -This release breaks some backwards compatibility -on some plugins where they improperly used strings instead of -booleans parameters. This release also includes osfamily -support for SUSE and FreeBSB and support for four new plugins. - -### Backwards-incompatible changes: - - - Plugins that use to accept strings now use booleans - for a more consistent interface across the various plugins - - The main collectd config file now only includes *.conf files - to allow plugin specific files to be placed in the conf.d - directory. - - The mysql plugin now supports multiple databases via the - collectd::plugin::mysql::database define. This change breaks - backwards compatiblity on the mysql plugin. - -### Features: - - - osfamily support for SUSE - - osfamily support for FreeBSD - - tail plugin - - exec plugin - - python plugin - - write_riemann plugin - -## 2013-09-27 Release 0.1.0 - -### Summary: - -Add curl_json and apache plugin - -### Backwards-incompatible changes: - - - The write_network plugin now accepts a hash of servers - -### Features: - - - Add curl_json plugin - - Added collectd package version parameter - - Add apache plugin - -0.0.5 - pdxcat/collectd - 2013/09/24 - - 6adca9a add ntpd plugin - ab55fb4 Added tcpconns plugin and example for it in README - 677ff72 Adding a new generic write_network plugin define - 8cdd8b7 Added memcached plugin and example for it in README - c3e4a02 Added examples to README for filecount, SNMP and unixsock - f798c84 Added support for file count plugin - 66f7392 Added support for SNMP and bumped stdlib dependency version to 3.0.0 - 7118450 Added support for unix socket plugin - a062b11 Fixed source URL - 1b214a2 Add testing docs to README - -0.0.4 - pdxcat/collectd - 2013/08/26 - - 9f3f0f6 Add bind plugin to readme - f052087 Add bind plugin - fc0c4c1 Add basic rspec-system test - 0b2ec92 Fix README formatting issues - 71dcad0 Add configurable plugins to the README - 72b9f17 Add test for file_line - 7eae468 Add buildstatus to the README - b2cb208 Add travis.yml file - 8cc16a8 Add purge_config enabled test - 26683f0 Add spec test for collectd class - 3f30650 Add spec helper files - 0bee1d7 Add nginx plugin - e2d558a Fix network plugin config syntax - 79d8a68 Add network plugin - c1085d7 Merge pull request #5 from agenticarus/newer-stdlib - 88678bf Depend on newer version of stdlib - 7dd9aaa added colorz to the README - 628ed78 Added configuration for StoreRates and Port. - -0.0.3 - pdxcat/collectd - 2013/05/27 - - f51660f Fixed test for collectd::plugin::irq - 3019516 Added default field in selector for making syntax checkers happy. - 39859e7 Added stdlib dependency for file_line - -0.0.2 - pdxcat/collectd - 2013/05/09 - - 185e16f Modifications for following puppetlabs style guide and add smoke tests for interface, irq and iptables - d68275f Added interface, irq and iptables support. Untested though. - b8312cc Added use of scope.lookupvar, allow configuration of threads and option to choose between hostname and fqdn - -0.0.1 - pdxcat/collectd - 2013/02/06 - - 8c64104 Add interval and timeout parameters - e48288d Add redhat support to the collectd module. - b6e3649 Add readme, module, and license files to collectd module. - fb6b92f Fix bug in collectd::plugin define - 4096cca Add purge_config option to collectd class - 2a2974c Add purge option to collectd class - 8acbef3 Add syslog plugin - 137c919 Add ensure option for collectd::plugin - 3406430 Fix plugins with wrong metaparams - 315af94 Add collectd::plugin define for unconfigured plugins - c085ebc Change include plugin file to include conf.d - 171bddd Template openvpn plugin and parameterize the class - 09c4df5 Add mysql plugin to collectd. - 36f3465 Add disk plugin to collectd. - 1e27a29 Fix collectd service subscription to conf file. - 15f1ea7 Add Solaris collectd parameters - c013e73 Add collectd df plugin support - 9cac9c4 Add collectd support. diff --git a/module-collectd/CONTRIBUTING.md b/module-collectd/CONTRIBUTING.md deleted file mode 100644 index 34ebfff09..000000000 --- a/module-collectd/CONTRIBUTING.md +++ /dev/null @@ -1,83 +0,0 @@ -This module has grown over time based on a range of contributions from -people using it. If you follow these contributing guidelines your patch -will likely make it into a release a little quicker. - - -## Contributing - -1. Fork the repo. - -1. Create a separate branch for your change. - -1. Run the tests. We only take pull requests with passing tests, and - documentation. - -1. Add a test for your change. Only refactoring and documentation - changes require no new tests. If you are adding functionality - or fixing a bug, please add a test. - -1. Squash your commits down into logical components. Make sure to rebase - against the current master. - -1. Push the branch to your fork and submit a pull request. - -Please be prepared to repeat some of these steps as our contributors review -your code. - -## Dependencies - -The testing and development tools have a bunch of dependencies, -all managed by [bundler](http://bundler.io/) according to the -[Puppet support matrix](http://docs.puppetlabs.com/guides/platforms.html#ruby-versions). - -By default the tests use a baseline version of Puppet. - -If you have Ruby 2.x or want a specific version of Puppet, -you must set an environment variable such as: - - export PUPPET_VERSION="~> 4.2.0" - -Install the dependencies like so... - - bundle install - -## Syntax and style - -The test suite will run [Puppet Lint](http://puppet-lint.com/) and -[Puppet Syntax](https://github.com/gds-operations/puppet-syntax) to -check various syntax and style things. You can run these locally with: - - bundle exec rake test - -## Running the unit tests - -The unit test suite covers most of the code, as mentioned above please -add tests if you're adding new functionality. If you've not used -[rspec-puppet](http://rspec-puppet.com/) before then feel free to ask -about how best to test your new feature. To run your specific spec test -you can pass it to `SPEC`: - - bundle exec rake spec SPEC=spec/foo_spec.rb - -## Integration tests - -The unit tests just check the code runs, not that it does exactly what -we want on a real machine. For that we're using -[beaker](https://github.com/puppetlabs/beaker). - -This fires up a new virtual machine (using vagrant) and runs a series of -simple tests against it after applying the module. You can run this -with: - - bundle exec rake acceptance - -This will run the tests on an Ubuntu 12.04 virtual machine. You can also -run the integration tests against Centos 6.5 with. - - RS_SET=centos-64-x64 bundle exec rake acceptances - -If you don't want to have to recreate the virtual machine every time you -can use `BEAKER_DESTROY=no` and `BEAKER_PROVISION=no`. On the first run you will -at least need `BEAKER_PROVISION` set to yes (the default). The Vagrantfile -for the created virtual machines will be in `.vagrant/beaker_vagrant_fies`. - diff --git a/module-collectd/Gemfile b/module-collectd/Gemfile deleted file mode 100644 index cd5c7d575..000000000 --- a/module-collectd/Gemfile +++ /dev/null @@ -1,38 +0,0 @@ -# Copyright 2015 Puppet Community -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -source 'https://rubygems.org' - -group :test do - gem 'rake' - gem 'puppet', ENV['PUPPET_VERSION'] || '~> 3.8.0' - gem 'rspec-puppet', git: 'https://github.com/rodjek/rspec-puppet.git' - gem 'puppetlabs_spec_helper' - gem 'metadata-json-lint' - gem 'rspec-puppet-facts' - gem 'rspec' - gem 'puppet-blacksmith' - gem 'rubocop' -end - -group :development do - gem 'travis' - gem 'travis-lint' - gem 'guard-rake' -end - -group :system_tests do - gem 'beaker' - gem 'beaker-rspec' -end diff --git a/module-collectd/LICENSE b/module-collectd/LICENSE deleted file mode 100644 index c383fee91..000000000 --- a/module-collectd/LICENSE +++ /dev/null @@ -1,17 +0,0 @@ -Puppet Collectd Module - -Copyright (C) 2013 Computer Action Team - -The Computer Action Team can be contacted at: support@cat.pdx.edu - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. diff --git a/module-collectd/README.md b/module-collectd/README.md deleted file mode 100644 index 9a36256b5..000000000 --- a/module-collectd/README.md +++ /dev/null @@ -1,1508 +0,0 @@ -Collectd module for Puppet -========================== - -[![Puppet Forge](http://img.shields.io/puppetforge/v/puppet/collectd.svg)](https://forge.puppetlabs.com/puppet/collectd) [![Build Status](https://travis-ci.org/puppet-community/puppet-collectd.png?branch=master)](https://travis-ci.org/puppet-community/puppet-collectd) - -Description ------------ - -Puppet module for configuring collectd and plugins. - -Usage ------ - -The simplest use case is to use all of the configurations in -the default collectd.conf file shipped with collectd. This can -be done by simply including the class: - -```puppet -include collectd -``` - -Collectd is most useful when configured with customized plugins. -This is accomplished by removing the default collectd.conf file -and replacing it with a file that includes all alternative -configurations. Configure a node with the following class -declaration: - -```puppet -class { '::collectd': - purge => true, - recurse => true, - purge_config => true, - minimum_version => '5.4', -} -``` - -Set purge, recurse, and purge_config to true in order to override -the default configurations shipped in collectd.conf and use -custom configurations stored in conf.d. From here you can set up -additional plugins as shown below. - -Specifying the version or minimum_version of collectd as shown above reduces the need for -two puppet runs to coverge. See [Puppet needs two runs to correctly write my conf, why?](#puppet-needs-two-runs-to-correctly-write-my-conf,-why?) below. - -Hiera example in YAML of passing install_options to the package resouce for managing the -collectd package. This parameter must be an array. - -``` -collectd::package_install_options: - - '--nogpgcheck' -``` - - -Simple Plugins --------------- - -Example of how to load plugins with no additional configuration: - -```puppet -collectd::plugin { 'battery': } -``` - -where 'battery' is the name of the plugin. - -Configurable Plugins ------------------- - -Parameters will vary widely between plugins. See the collectd -documentation for each plugin for configurable attributes. - -* `aggregation` (see [collectd::plugin::aggregation](#class-collectdpluginaggregation) below) -* `amqp` (see [collectd::plugin::amqp](#class-collectdpluginamqp) below) -* `apache` (see [collectd::plugin::apache](#class-collectdpluginapache) below) -* `bind` (see [collectd::plugin::bind](#class-collectdpluginbind) below) -* `ceph` (see [collectd::plugin::ceph](#class-ceph) below) -* `chain` (see [collectd::plugin::chain](#class-chain) below) -* `conntrack` (see [collectd::plugin::conntrack](#class-conntrack) below) -* `cpu` (see [collectd::plugin::cpu](#class-collectdplugincpu) below) -* `cpufreq` (see [collectd::plugin::cpufreq](#class-collectdplugincpufreq) below) -* `csv` (see [collectd::plugin::csv](#class-collectdplugincsv) below) -* `curl` (see [collectd::plugin::curl](#class-collectdplugincurl) below) -* `curl_json` (see [collectd::plugin::curl_json](#class-collectdplugincurl_json) below) -* `dbi` (see [collectd::plugin::dbi](#class-collectdplugindbi) below) -* `df` (see [collectd::plugin::df](#class-collectdplugindf) below) -* `disk` (see [collectd::plugin::disk](#class-collectdplugindisk) below) -* `dns` (see [collectd::plugin::dns](#class-collectdplugindns) below) -* `entropy` (see [collectd::plugin::entropy](#class-collectdpluginentropy) below) -* `exec` (see [collectd::plugin::exec](#class-collectdpluginexec) below) -* `filecount` (see [collectd::plugin::filecount](#class-collectdpluginfilecount) below) -* `filter` (see [collectd::plugin::filter](#class-collectdpluginfilter) below) -* `genericjmx` (see [collectd::plugin::genericjmx](#class-collectdplugingenericjmx) below) -* `interface` (see [collectd::plugin::interface](#class-collectdplugininterface) below) -* `iptables` (see [collectd::plugin::iptables](#class-collectdpluginiptables) below) -* `irq` (see [collectd::plugin::irq](#class-collectdpluginirq) below) -* `java` (see [collectd::plugin::java](#class-collectdpluginjava) below) -* `load` (see [collectd::plugin::load](#class-collectdpluginload) below) -* `logfile` (see [collectd::plugin::logfile](#class-collectdpluginlogfile) below) -* `libvirt` (see [collectd::plugin::libvirt](#class-collectdpluginlibvirt) below) -* `lvm` (see [collectd::plugin::lvm](#class-collectdpluginlvm) below) -* `memcached`(see [collectd::plugin::memcached](#class-collectdpluginmemcached) below ) -* `memory`(see [collectd::plugin::memory](#class-collectdpluginmemory) below ) -* `mongodb`(see [collectd::plugin::mongodb](#class-collectdpluginmongodb) below ) -* `mysql` (see [collectd::plugin::mysql](#class-collectdpluginmysql) below) -* `netlink` (see [collectd::plugin::netlink](#class-collectdpluginnetlink) below) -* `network` (see [collectd::plugin::network](#class-collectdpluginnetwork) below) -* `nfs` (see [collectd::plugin::nfs](#class-collectdpluginnfs) below) -* `nginx` (see [collectd::plugin::nginx](#class-collectdpluginnginx) below) -* `ntpd` (see [collectd::plugin::ntpd](#class-collectdpluginntpd) below) -* `openvpn` (see [collectd::plugin::openvpn](#class-collectdpluginopenvpn) below) -* `perl` (see [collectd::plugin::perl](#class-collectdpluginperl) below) -* `ping` (see [collectd::plugin::ping](#class-collectdpluginping) below) -* `postgresql` (see [collectd::plugin::postgresql](#class-collectdpluginpostgresql) below) -* `processes` (see [collectd::plugin:processes](#class-collectdpluginprocesses) below) -* `protocols` (see [collectd::plugin:protocols](#class-collectdpluginprotocols) below) -* `python` (see [collectd::plugin::python](#class-collectdpluginpython) below) -* `redis` (see [collectd::plugin::redis](#class-collectdpluginredis) below) -* `rrdcached` (see [collectd::plugin::rrdcached](#class-collectdpluginrrdcached) below) -* `rrdtool` (see [collectd::plugin::rrdtool](#class-collectdpluginrrdtool) below) -* `sensors` (see [collectd::plugin::sensors](#class-collectdpluginsensors) below) -* `snmp` (see [collectd::plugin::snmp](#class-collectdpluginsnmp) below) -* `statsd` (see [collectd::plugin::statsd](#class-collectdpluginstatsd) below) -* `swap` (see [collectd::plugin::swap](#class-collectdpluginswap) below) -* `syslog` (see [collectd::plugin::syslog](#class-collectdpluginsyslog) below) -* `tail` (see [collectd::plugin::tail](#class-collectdplugintail) below) -* `target_v5upgrade` (see [collectd::plugin::target_v5upgrade](#class-collectdplugintarget_v5upgrade) below) -* `tcpconns` (see [collectd::plugin::tcpconns](#class-collectdplugintcpconns) below) -* `unixsock` (see [collectd::plugin::unixsock](#class-collectdpluginunixsock) below) -* `uptime` (see [collectd::plugin::uptime](#class-collectdpluginuptime) below) -* `users` (see [collectd::plugin::users](#class-collectdpluginusers) below) -* `varnish` (see [collectd::plugin::varnish](#class-collectdpluginvarnish) below) -* `vmem` (see [collectd::plugin::vmem](#class-collectdpluginvmem) below) -* `write_graphite` (see [collectd::plugin::write_graphite](#class-collectdpluginwrite_graphite) below) -* `write_http` (see [collectd::plugin::write_http](#class-collectdpluginwrite_http) below) -* `write_network` (see [collectd::plugin::write_network](#class-collectdpluginwrite_network) below) -* `write_riemann` (see [collectd::plugin::write_riemann](#class-collectdpluginwrite_riemann) below) -* `write_sensu` (see [collectd::plugin::write_sensu](#class-collectdpluginwrite_sensu) below) -* `zfs_arc` (see [collectd::plugin::zfs_arc](#class-collectdpluginzfs_arc) below) - -####Class: `collectd::plugin::aggregation` - -```puppet -collectd::plugin::aggregation::aggregator { - cpu': - plugin => 'cpu', - type => 'cpu', - groupby => ["Host", "TypeInstance",], - calculateaverage => true, -} -``` - -You can as well configure this plugin with a parameterized class : - -```puppet -class { 'collectd::plugin::aggregation': - aggregators => { - cpu' => { - plugin => 'cpu', - type => 'cpu', - groupby => ["Host", "TypeInstance",], - calculateaverage => true, - }, - }, -} -``` - -####Class: `collectd::plugin::amqp` - -```puppet -class { 'collectd::plugin::amqp': - amqphost => '127.0.0.1', - amqpvhost => 'myvirtualhost', - graphiteprefix => 'collectdmetrics', - amqppersistent => true, -} -``` - -####Class: `collectd::plugin::apache` - -```puppet -class { 'collectd::plugin::apache': - instances => { - 'apache80' => { - 'url' => 'http://localhost/mod_status?auto', 'user' => 'collectd', 'password' => 'hoh2Coo6' - }, - 'lighttpd8080' => { - 'url' => 'http://localhost:8080/mod_status?auto' - } - }, -} -``` - -####Class: `collectd::plugin::bind` - -```puppet -class { 'collectd::plugin::bind': - url => 'http://localhost:8053/', -} -``` - -####Class: `collectd::plugin::ceph` - -```puppet -class { 'collectd::plugin::ceph': - osds => [ 'osd.0', 'osd.1', 'osd.2'], -} -``` - -####Class: `collectd::plugin::chain` - -```puppet -class { 'collectd::plugin::chain': - chainname => "PostCache", - defaulttarget => "write", - rules => [ - { - 'match' => { - 'type' => 'regex', - 'matches' => { - 'Plugin' => "^cpu$", - 'PluginInstance' => "^[0-9]+$", - }, - }, - 'targets' => [ - { - 'type' => "write", - 'attributes' => { - "Plugin" => "aggregation", - }, - }, - { - 'type' => "stop", - }, - ], - }, - ], - } -``` - -####Class: `collectd::plugin::conntrack` - -```puppet -class { 'collectd::plugin::conntrack': -} - - -``` - -####Class: `collectd::plugin::cpu` - - * `reportbystate` available from collectd version >= 5.5 - * `reportbycpu` available from collectd version >= 5.5 - * `valuespercentage` available from collectd version >= 5.5 - - See [collectd plugin_cpu documentation](https://collectd.org/documentation/manpages/collectd.conf.5.shtml#plugin_cpu) for more details. - -```puppet -class { 'collectd::plugin::cpu': - reportbystate => true, - reportbycpu => true, - valuespercentage => true, -} - - -``` -####Class: `collectd::plugin::cpufreq` - -```puppet -class { 'collectd::plugin::cpufreq': -} -``` - -####Class: `collectd::plugin::csv` - -```puppet -class { 'collectd::plugin::csv': - datadir => '/etc/collectd/var/lib/collectd/csv', - storerates => false, -} -``` - -####Class: `collectd::plugin::curl` - -```puppet -collectd::plugin::curl::page { - 'stock_quotes': - url => 'http://finance.google.com/finance?q=NYSE%3AAMD', - user => 'foo', - password => 'bar', - matches => [ - { - 'dstype' => 'GaugeAverage', - 'instance' => 'AMD', - 'regex' => ']*> *([0-9]*\\.[0-9]+) *', - 'type' => 'stock_value', - }], -} -``` - -You can as well configure this plugin with a parameterized class : - -```puppet -class { 'collectd::plugin::curl': - pages => { - 'stock_GM' => { - url => 'http://finance.google.com/finance?q=NYSE%3AGM', - user => 'foo', - password => 'bar', - matches => [ - { - 'dstype' => 'GaugeAverage', - 'instance' => 'AMD', - 'regex' => ']*> *([0-9]*\\.[0-9]+) *', - 'type' => 'stock_value', - }, - ], - }, - }, -} -``` - -####Class: `collectd::plugin::curl_json` - -```puppet -collectd::plugin::curl_json { - 'rabbitmq_overview': - url => 'http://localhost:55672/api/overview', - instance => 'rabbitmq_overview', - keys => { - 'message_stats/publish' => {'type' => 'gauge'}, - } -} -``` - -####Class: `collectd::plugin::dbi` - -```puppet -collectd::plugin::dbi::database{'monitoring_node1': - driver => 'mysql', - driveroption => { - 'host' => 'hostname', - 'username' => 'user', - 'password' => 'password', - 'dbname' => 'monitoring' - }, - query => ['log_delay'], -} -collectd::plugin::dbi::query{'log_delay': - statement => 'SELECT * FROM log_delay_repli;', - results => [{ - type => 'gauge', - instanceprefix => 'log_delay', - instancesfrom => 'inet_server_port', - valuesfrom => 'log_delay', - }], -} -``` - -You can as well configure this plugin as a parameterized class : - -```puppet -class { 'collectd::plugin::dbi': - package => 'libdbd-mysql', - databases => { - 'monitoring_node1' => { - driver => 'mysql', - driveroption => { - 'host' => 'hostname', - 'username' => 'user', - 'password' => 'password', - 'dbname' => 'monitoring' - }, - query => ['log_delay'], - } - }, -} -``` - -####Class: `collectd::plugin::df` - -```puppet -class { 'collectd::plugin::df': - mountpoints => ['/u'], - fstypes => ['nfs','tmpfs','autofs','gpfs','proc','devpts'], - ignoreselected => true, -} -``` - -####Class: `collectd::plugin::disk` - -```puppet -class { 'collectd::plugin::disk': - disks => ['/^dm/'], - ignoreselected => true, - udevnameattr => 'DM_NAME', -} -``` - -####Class: `collectd::plugin::dns` - -```puppet -class { 'collectd::plugin::dns': -} -``` - -##### Parameters: - -See collectd [documentation](https://collectd.org/documentation/manpages/collectd.conf.5.shtml#plugin_dns). - -ensure ------- -Optional. String that must be 'present' or 'absent'. - -- *Default*: 'present' - -ignoresource ------------- -Optional. String of IP address to ignore. - -- *Default*: undef - -interface ---------- -String of interface to use. May be interface identifier such as 'eth0' or 'any'. - -- *Default*: 'any' - -interval --------- -Numeric for interval in seconds. Changing this can be a disaster. Consult the documentation. - -- *Default*: undef - -manage_package --------------- -Boolean to determine if system package for collectd's dns plugin should be -managed. If set to true, you must specify the package name for any unsupported -OS. - -- *Default*: false - -package_name ------------- -String for name of package. A value of 'USE_DEFAULTS' will set the value based -on the platform. This is necessary when setting manage_package on an -unsupported platform. - -- *Default*: 'USE_DEFAULTS' - -selectnumericquerytypes ------------------------ -Boolean for SelectNumericQueryTypes configuration option. - -- *Default*: true - -####Class: `collectd::plugin::entropy` - -```puppet -class { 'collectd::plugin::entropy': -} -``` - -####Class: `collectd::plugin::exec` - -```puppet -collectd::plugin::exec::cmd { - 'dummy': - user => nobody, - group => nogroup, - exec => ["/bin/echo", "PUTVAL myhost/foo/gauge-flat N:1"], -} - -``` -You can also configure this plugin with a parameterized class: -```puppet -class { 'collectd::plugin::exec': - commands => { - 'dummy1' => { - user => nobody, - group => nogroup, - exec => ["/bin/echo", "PUTVAL myhost/foo/gauge-flat1 N:1"], - }, - 'dummy2' => { - user => nobody, - group => nogroup, - exec => ["/bin/echo", "PUTVAL myhost/foo/gauge-flat2 N:1"], - }, - } -} -``` - -####Class: `collectd::plugin::filecount` - -```puppet -collectd::plugin::filecount::directory {'foodir': - path => '/path/to/dir', - pattern => '*.conf', - mtime => '-5m', - recursive => true, - includehidden => false -} - -``` -You can also configure this plugin with a parameterized class: -```puppet -class { 'collectd::plugin::filecount': - directories => { - 'foodir' => { - 'path' => '/path/to/dir', - 'pattern' => '*.conf', - 'mtime' => '-5m', - 'recursive' => true, - 'includehidden' => false - }, - }, -} -``` -For backwards compatibility: -```puppet -class { 'collectd::plugin::filecount': - directories => { - 'active' => '/var/spool/postfix/active', - 'incoming' => '/var/spool/postfix/incoming' - }, -} -``` - -#### Class: `collectd::plugin::filter` - -The filter plugin implements the powerful filter configuration of collectd. For further details have a look on the [collectd manpage](https://collectd.org/documentation/manpages/collectd.conf.5.shtml#filter_configuration). - -##### Parameters: - -* `ensure` (`"ensure"`,`"absent"`): Ob absent it will remove all references of the filter plugins. `Note`: The Chain config needs to be purged by the chain define. -* `precachechain` (String): The Name of the default Pre Chain. -* `postcachechain` (String): The Name of the default Post Chain. - -##### Examples: - -###### Overwrite default chains: -```puppet -class { 'collectd::plugin::filter': - ensure => 'present', - precachechain => 'PreChain', - postcachechain => 'PostChain', -} -``` - -###### Full Example: - -This Example will rename the hostname of the mysql plugin. - -```puppet -include collectd::plugin::filter - -# define default chains with default target -collectd::plugin::filter::chain { 'PreChain': - target => 'return' -} -collectd::plugin::filter::chain { 'PostChain': - target => 'write' -} - -# create a third chain, -$chainname = 'MyAweseomeChain' -collectd::plugin::filter::chain { $chainname: - ensure => present, - target => 'return' -} - -# add a new rule to chain -$rulename = 'MyAweseomeRule' -collectd::plugin::filter::rule { $rulename: - chain => $chainname, -} - -# add a new match rule, match metrics of the mysql plugin -collectd::plugin::filter::match { "Match mysql plugin": - chain => $chainname, - rule => $rulename, - plugin => 'regex', - options => { - 'Plugin' => '^mysql', - } -} - -#rewrite hostname -collectd::plugin::filter::target{ "overwrite hostname": - chain => $chainname, - rule => $rulename, - plugin => 'set', - options => { - 'Host' => 'hostname.domain', - }, -} - -# hook the configured chain in the prechain -collectd::plugin::filter::target{ "1_prechain_jump_${chainname}": - chain => 'PreChain', - plugin => 'jump', - options => { - 'Chain' => $chainname, - }, -} -``` - -#### Define: `collectd::plugin::filter::chain` - -This define will create a new chain, which is required by targets, matches and rules. - -##### Parameters: - -* `ensure` (`"ensure"`,`"absent"`): When set to absent it will remove the chain with all assigned rules, targets and matches. -* `target` (`'notification','replace','set','return','stop','write','jump'`): Optional. Set default target if no target has been applied. Strongly recommend for default chains. -* `target_options` (Hash): If target is specified, pass optional hash to define. - -##### Example: -see [collectd::plugin::filter](#class-collectdpluginfilter) above - -#### Define: `collectd::plugin::filter::rule` - -This define will add a new rule to a specific chain - -##### Parameters: - -* `chain` (String): Assign to this chain. - -##### Example: -see [collectd::plugin::filter](#class-collectdpluginfilter) above - -#### Define: `collectd::plugin::filter::target` - -This define will add a target to a chain or rule. - -##### Parameters: - -* `chain` (String): Assign to this chain. -* `plugin` (`'notification','replace','set','return','stop','write','jump'`): The plugin of the target. -* `options` (Hash): Optional parameters of the target plugin. -* `rule` (String): Optional. Assign to this rule. If not present, target will be applied at the end of chain without rule matching. - -##### Example: -see [collectd::plugin::filter](#class-collectdpluginfilter) above - -#### Define: `collectd::plugin::filter::match` - -This define will add a match rule. - -##### Parameters: - -* `chain` (String): Assign to this chain. -* `rule` (String): Assign to this rule. -* `plugin` (`'regex','timediff','value','empty_counter','hashed'`): The plugin of the match. -* `options` (Hash): Optional parameters of the match plugin. - -##### Example: -see [collectd::plugin::filter](#class-collectdpluginfilter) above - -####Class: `collectd::plugin::genericjmx` - -```puppet -include collectd::plugin::genericjmx - -collectd::plugin::genericjmx::mbean { - 'garbage_collector': - object_name => 'java.lang:type=GarbageCollector,*', - instance_prefix => 'gc-', - instance_from => 'name', - values => [ - { - type => 'invocations', - table => false, - attribute => 'CollectionCount', - }, - { - type => 'total_time_in_ms', - instance_prefix => 'collection_time', - table => false, - attribute => 'CollectionTime', - }, - ]; -} - -collectd::plugin::genericjmx::connection { - 'java_app': - host => $fqdn, - service_url => 'service:jmx:rmi:///jndi/rmi://localhost:3637/jmxrmi', - collect => [ 'memory-heap', 'memory-nonheap','garbage_collector' ], -} - -``` - -####Class: `collectd::plugin::interface` - -```puppet -class { 'collectd::plugin::interface': - interfaces => ['lo'], - ignoreselected => true -} -``` - -####Class: `collectd::plugin::irq` - -```puppet -class { 'collectd::plugin::irq': - irqs => ['7', '23'], - ignoreselected => true, -} -``` - -####Class: `collectd::plugin::iptables` - -```puppet -class { 'collectd::plugin::iptables': - chains => { - 'nat' => 'In_SSH', - 'filter' => 'HTTP' - }, -} -``` - -####Class: `collectd::plugin::java` - -```puppet -class { 'collectd::plugin::java': } -``` - -####Class: `collectd::plugin::load` - -```puppet -class { 'collectd::plugin::load': -} -``` - -####Class: `collectd::plugin::logfile` - -```puppet -class { 'collectd::plugin::logfile': - log_level => 'warning', - log_file => '/var/log/collected.log' -} -``` - -####Class: `collectd::plugin::libvirt` - -The interface_format parameter was introduced in collectd 5.0 and will -therefore be ignored (with a warning) when specified with older versions. - -```puppet -class { 'collectd::plugin::libvirt': - connection => 'qemu:///system', - interface_format => 'address' -} -``` - -####Class: `collectd::plugin::lvm` - -```puppet -class { 'collectd::plugin::lvm': } -``` - -####Class: `collectd::plugin::memcached` - -```puppet -class { 'collectd::plugin::memcached': - host => '192.168.122.1', - port => 11211, -} -``` - -####Class: `collectd::plugin::memory` - -```puppet -class { 'collectd::plugin::memory': -} -``` - -####Class: `collectd::plugin::mysql` - -```puppet -collectd::plugin::mysql::database { 'betadase': - host => 'localhost', - username => 'stahmna', - password => 'secret', - port => '3306', - masterstats => true, -} -``` - -####Class: `collectd::plugin::mongodb` - -```puppet -class { 'collectd::plugin::mongodb': - db_user => 'admin', - db_pass => 'adminpass', -} -``` - -##### Parameters: - -ensure ------- -Optional. String that must be 'present' or 'absent'. - -- *Default*: 'present' - -interval --------- -Optional. Number of seconds that collectd pauses between data collection. - -- *Default*: undef - -db_host -------- -Optional. String that holds the IP of the MongoDB server. - -- *Default*: '127.0.0.1' - -db_user -------- -Required. String that specifies the user name of an account that can log into MongoDB - - -db_pass -------- -Required. String that specifies the password of an account that can log into MongoDB - -configured_dbs --------------- -Optional. Array of Strings that lists the databases that should be monitored in addition to the "admin" database. - -db_port -------- -Required if the configured_dbs parameter is set. Unused otherwise. Integer that specifies with port MongoDB listens on. - -```puppet -class { 'collectd::plugin::mongodb': - db_host => '127.0.0.1', - db_user => 'foo', - db_pass => 'bar', - db_port => '27017', - configured_dbs => ['database', 'names'], - collectd_dir => '/collectd/module/path', -} -``` - -####Class: `collectd::plugin::netlink` - -```puppet -class { 'collectd::plugin::netlink': - interfaces => ['eth0', 'eth1'], - verboseinterfaces => ['ppp0'], - qdiscs => ['"eth0" "pfifo_fast-1:0"', '"ppp0"'], - classes => ['"ppp0" "htb-1:10"'], - filters => ['"ppp0" "u32-1:0"'], - ignoreselected => false, -} -``` - -####Class: `collectd::plugin::network` - -```puppet -collectd::plugin::network::server{'hostname': - port => 25826, -} - -collectd::plugin::network::listener{'hostname': - port => 25826, -} -``` - -You can as well configure this plugin with a parameterized class : - -```puppet -class { 'collectd::plugin::network': - timetolive => '70', - maxpacketsize => '42', - forward => false, - reportstats => true, - servers => { 'hostname' => { - 'port' => '25826', - 'interface' => 'eth0', - 'securitylevel' => '', - 'username' => 'foo', - 'password' => 'bar',}, - }, - listeners => { 'hostname' => { - 'port' => '25826', - 'interface' => 'eth0', - 'securitylevel' => '', - 'authfile' => '/etc/collectd/passwd',}, - }, -} -``` - -####Class: `collectd::plugin::nfs` - -```puppet -class { 'collectd::plugin::nfs': -} -``` - -####Class: `collectd::plugin::nginx` - -```puppet -class { 'collectd::plugin::nginx': - url => 'https://localhost:8433', - user => 'stats', - password => 'uleePi4A', -} -``` - -####Class: `collectd::plugin::ntpd` - -```puppet -class { 'collectd::plugin::ntpd': - host => 'localhost', - port => 123, - reverselookups => false, - includeunitid => false, -} -``` - -####Class: `collectd::plugin::openvpn` - - * `statusfile` (String or Array) Status file(s) to collect data from. (Default `/etc/openvpn/openvpn-status.log`) - * `improvednamingschema` (Bool) When enabled, the filename of the status file will be used as plugin instance and the client's "common name" will be used as type instance. This is required when reading multiple status files. (Default: `false`) - * `collectcompression` Sets whether or not statistics about the compression used by OpenVPN should be collected. This information is only available in single mode. (Default `true`) - * `collectindividualusers` Sets whether or not traffic information is collected for each connected client individually. If set to false, currently no traffic data is collected at all because aggregating this data in a save manner is tricky. (Default `true`) - * `collectusercount` When enabled, the number of currently connected clients or users is collected. This is especially interesting when CollectIndividualUsers is disabled, but can be configured independently from that option. (Default `false`) - -Watch multiple `statusfile`s: - -```puppet -class { 'collectd::plugin::openvpn': - statusfile => [ '/etc/openvpn/openvpn-status-tcp.log', '/etc/openvpn/openvpn-status-udp.log' ], - collectindividualusers => false, - collectusercount => true, -} -``` - -Watch the single default `statusfile`: - -```puppet -class { 'collectd::plugin::openvpn': - collectindividualusers => false, - collectusercount => true, -} -``` - - -####Class: `collectd::plugin::perl` - -This class has no parameters and will load the actual perl plugin. -It will be automatically included if any `perl::plugin` is defined. - -#####Example: -```puppet -include collectd::plugin::perl -``` - -####Define: `collectd::plugin::perl::plugin` - -This define will load a new perl plugin. - -#####Parameters: - -* `module` (String): name of perl module to load (mandatory) -* `enable_debugger` (False or String): whether to load the perl debugger. See *collectd-perl* manpage for more details. -* `include_dir` (String or Array): directories to add to *@INC* -* `provider` (`"package"`,`"cpan"`,`"file"` or `false`): method to get the plugin code -* `source` (String): this parameter is consumed by the provider to infer the source of the plugin code -* `destination (String or false): path to plugin code if `provider` is `file`. Ignored otherwise. -* `order` (String containing numbers): order in which the plugin should be loaded. Defaults to `"00"` -* `config` (Hash): plugin configuration in form of a hash. This will be converted to a suitable structure understood by *liboconfig* which is the *collectd* configuration parser. Defaults to `{}` - -#####Examples: - -######Using a preinstalled plugin: -```puppet -collectd::plugin::perl::plugin { 'foo': - module => 'Collectd::Plugins::Foo', - enable_debugger => "", - include_dir => '/usr/lib/collectd/perl5/lib', -} -``` - -######Using a plugin from a file from *source*: -```puppet -collectd::plugin::perl::plugin { 'baz': - module => 'Collectd::Plugins::Baz', - provider => 'file', - source => 'puppet:///modules/myorg/baz_collectd.pm', - destination => '/path/to/my/perl5/modules' -} -``` - -######Using a plugin from cpan (requires the [puppet cpan module](https://forge.puppetlabs.com/meltwater/cpan)): -```puppet -collectd::plugin::perl::plugin { - 'openafs_vos': - module => 'Collectd::Plugins::OpenAFS::VOS', - provider => 'cpan', - source => 'Collectd::Plugins::OpenAFS', - config => {'VosBin' => '/usr/afsws/etc/vos'}, -} -``` - -######Using a plugin from package source: -```puppet -collectd::plugin::perl::plugin { - 'bar': - module => 'Collectd::Plugins::Bar', - provider => 'package', - source => 'perl-Collectd-Plugins-Bar', - config => {'foo' => 'bar'}, -} -``` - -####Class: `collectd::plugin::ping` - -```puppet -collectd::plugin::ping { - 'example': - hosts => ['example.com'], -} -``` - -####Class: `collectd::plugin::postgresql` - -```puppet -collectd::plugin::postgresql::database{'monitoring_node1': - name => 'monitoring', - port => '5433', - instance => 'node1', - host => 'localhost', - user => 'collectd', - password => 'collectd', - query => 'log_delay', -} -collectd::plugin::postgresql::query{'log_delay': - statement => 'SELECT * FROM log_delay_repli;', - results => [{ - type => 'gauge', - instanceprefix => 'log_delay', - instancesfrom => 'inet_server_port', - valuesfrom => 'log_delay', - }], -} -collectd::plugin::postgresql::writer{'sqlstore': - statement => 'SELECT collectd_insert($1, $2, $3, $4, $5, $6, $7, $8, $9);', - storerates => 'true', -} -``` - -You can as well configure this plugin as a parameterized class : - -```puppet -class { 'collectd::plugin::postgresql': - databases => { - 'postgres' => { - 'host' => '/var/run/postgresql/', - 'user' => 'postgres', - 'password' => 'postgres', - 'sslmode' => 'disable', - 'query' => [ 'query_plans', 'queries', 'table_states', 'disk_io' ], - }, - 'devdb' => { - 'host' => 'host.example.com', - 'port' => '5432', - 'user' => 'postgres', - 'password' => 'secret', - 'sslmode' => 'prefer', - } - } -} -``` - -####Class: `collectd::plugin::processes` - -You can either specify processes / process matches at once: - -```puppet -class { 'collectd::plugin::processes': - processes => ['process1', 'process2'], - process_matches => [ - { name => 'process-all', regex => 'process.*' } - ], -} -``` - -Or define single processes / process matches: -```puppet -collectd::plugin::processes::process { 'collectd' : } -``` - -```puppet -collectd::plugin::processes::processmatch { 'elasticsearch' : - regex => '.*java.*org.elasticsearch.bootstrap.Elasticsearch' -} -``` - -####Class: `collectd::plugin::protocols` - - * `values` is an array of `Protocol` names, `Protocol:ValueName` pairs, or a regex - * see `/proc/net/netstat` and `/proc/net/snmp` for a list of `Protocol` targets - - See [collectd.conf documentation] (https://collectd.org/documentation/manpages/collectd.conf.5.shtml#plugin_protocols) for details - -```puppet -class { 'collectd::plugin::protocols': - values => ['/^Tcp:*/', '/^Udp:*/', 'Icmp:InErrors' ], - ignoreselected => false, -} -``` - -####Class: `collectd::plugin::python` - - * `modulepaths` is an array of paths where will be Collectd looking for Python modules, Puppet will ensure that each of specified directories exists and it is owned by `root` (and `chmod 0750`). If you don't specify any `modulepaths` a default value for given distribution will be used. - * `modules` a Hash containing configuration of Python modules, where the key is the module name - * `globals` Unlike most other plugins, this one should set `Globals true`. This will cause collectd to export the name of all objects in the Python interpreter for all plugins to see. If you don't do this or your platform does not support it, the embedded interpreter will start anyway but you won't be able to load certain Python modules, e.g. "time". - * `interactive` when `true` it will launch an interactive Python interpreter that reads from and writes to the terminal (default: `false`) - * `logtraces` if a Python script throws an exception it will be logged by collectd with the name of the exception and the message (default: `false`) - - See [collectd-python documentation](https://collectd.org/documentation/manpages/collectd-python.5.shtml) for more details. - -NOTE: Since `v3.4.0` the syntax of this plugin has changed. Make sure to update your existing configuration. Now you can specify multiple Python modules at once: - -```puppet -class { 'collectd::plugin::python': - modulepaths => ['/usr/share/collectd/python'], - modules => { - 'elasticsearch' => { - 'script_source' => 'puppet:///modules/myorg/elasticsearch_collectd_python.py', - 'config' => {'Cluster' => 'elasticsearch'}, - }, - 'another-module' => { - 'config' => {'Verbose' => 'true'}, - } - } - logtraces => true, - interactive => false -} -``` -When `script_source` provided, a file called `{module}.py` will be created in `$modulepath/$module.py`. - -Or define single module: - -```puppet -collectd::plugin::python::module {'zk-collectd': - script_source => 'puppet:///modules/myorg/zk-collectd.py', - config => { - 'Hosts' => "localhost:2181" - } -} -``` - -Each plugin might use different `modulepath`, however make sure that all paths are included in `collectd::plugin::python` variable `modulepaths`. If no `modulepath` is specified, OS default will be used. - -```puppet -collectd::plugin::python::module {'my-module': - modulepath => '/var/share/collectd', - script_source => 'puppet:///modules/myorg/my-module.py', - config => { - 'Key' => "value" - } -} -``` - -####Class: `collectd::plugin::redis` - -```puppet -class { 'collectd::plugin::redis': - nodes => { - 'node1' => { - 'host' => 'localhost', - }, - 'node2' => { - 'host' => 'node2.example.com', - 'port' => '6380', - 'timeout' => 3000, - } - } -} -``` - -####Class: `collectd::plugin::rrdcached` - -```puppet -class { 'collectd::plugin::rrdcached': - daemonaddress => 'unix:/var/run/rrdcached.sock', - datadir => '/var/lib/rrdcached/db/collectd', -} -``` - -####Class: `collectd::plugin::rrdtool` - -```puppet -class { 'collectd::plugin::rrdtool': - datadir => '/var/lib/collectd/rrd', - createfilesasync => false, - rrarows => 1200, - rratimespan => [3600, 86400, 604800, 2678400, 31622400], - xff => 0.1, - cacheflush => 900, - cachetimeout => 120, - writespersecond => 50 -} -``` - -####Class: `collectd::plugin::sensors` - -```puppet -class {'collectd::plugin::sensors': - ignoreselected => false, -} -``` - -####Class: `collectd::plugin::snmp` - -```puppet -class {'collectd::plugin::snmp': - data => { - amavis_incoming_messages => { - 'Type' => 'counter', - 'Table' => false, - 'Instance' => 'amavis.inMsgs', - 'Values' => ['AMAVIS-MIB::inMsgs.0'] - } - }, - hosts => { - debianvm => { - 'Address' => '127.0.0.1', - 'Version' => 2, - 'Community' => 'public', - 'Collect' => ['amavis_incoming_messages'], - 'Interval' => 10 - } - }, -} -``` - -####Class: `collectd::plugin::statsd` - -```puppet -class { 'collectd::plugin::statsd': - host => '0.0.0.0', - port => 8125, - deletecounters => false, - deletetimers => false, - deletegauges => false, - deletesets => false, - timerpercentile => 50, -} -``` - -####Class: `collectd::plugin::swap` - -```puppet -class { 'collectd::plugin::swap': - reportbydevice => false, - reportbytes => true -} -``` - -####Class: `collectd::plugin::syslog` - -```puppet -class { 'collectd::plugin::syslog': - log_level => 'warning' -} -``` - -####Class: `collectd::plugin::target_v5upgrade` - -```puppet -class { 'collectd::plugin::target_v5upgrade': -} -``` - -####Class: `collectd::plugin::tcpconns` - -```puppet -class { 'collectd::plugin::tcpconns': - localports => ['25', '12026'], - remoteports => ['25'], - listening => false, -} -``` -####Class: `collectd::plugin::tail` - -```puppet -collectd::plugin::tail::file { 'exim-log': - filename => '/var/log/exim4/mainlog', - instance => 'exim', - matches => [ - { - regex => 'S=([1-9][0-9]*)', - dstype => 'CounterAdd', - type => 'ipt_bytes', - instance => 'total', - }, - { - regex => '\\', - dstype => 'CounterInc', - type => 'counter', - instance => 'local_user', - } - ] -} -``` - -####Class: `collectd::plugin::unixsock` - -```puppet -class {'collectd::plugin::unixsock': - socketfile => '/var/run/collectd-sock', - socketgroup => 'nagios', - socketperms => '0770', - deletesocket => false, -} -``` - -####Class: `collectd::plugin::uptime` - -```puppet -class {'collectd::plugin::uptime': -} -``` - -####Class: `collectd::plugin::users` -```puppet -class {'collectd::plugin::users': -} -``` - -####Class: `collectd::plugin::varnish` - -```puppet -class { 'collectd::plugin::varnish': - instances => { - 'instanceName' => { - 'CollectCache' => 'true', - 'CollectBackend' => 'true', - 'CollectConnections' => 'true', - 'CollectSHM' => 'true', - 'CollectESI' => 'false', - 'CollectFetch' => 'true', - 'CollectHCB' => 'false', - 'CollectTotals' => 'true', - 'CollectWorkers' => 'true', - } - }, -} -``` - -####Class: `collectd::plugin::vmem` - -```puppet -class { 'collectd::plugin::vmem': - verbose => true, -} -``` - -####Class: `collectd::plugin::write_graphite` - -The `write_graphite` plugin writes data to Graphite, an open-source metrics storage and graphing project. -```puppet -collectd::plugin::write_graphite::carbon {'my_graphite': - graphitehost => 'graphite.example.org', - graphiteport => 2003, - graphiteprefix => '', - protocol => 'tcp' -} -``` - -You can define multiple Graphite backends where will be metrics send. Each backend should have unique title: - -```puppet -collectd::plugin::write_graphite::carbon {'secondary_graphite': - graphitehost => 'graphite.example.org', - graphiteport => 2004, - graphiteprefix => '', - protocol => 'udp', - escapecharacter => '_', - alwaysappendds => true, - storerates => true, - separateinstances => false, - logsenderrors => true -} -``` - -####Class: `collectd::plugin::write_http` - -```puppet -class { 'collectd::plugin::write_http': - urls => { - 'collect1.example.org' => { 'format' => 'JSON' }, - 'collect2.example.org' => {}, - } -} -``` - -####Class: `collectd::plugin::write_network` - -**Deprecated** - -```puppet -class { 'collectd::plugin::write_network': - servers => { - 'collect1.example.org' => { 'serverport' => '25826' }, - 'collect2.example.org' => { 'serverport' => '25826' } - } -} -``` - -####Class: `collectd::plugin::write_riemann` - -```puppet -class { 'collectd::plugin::write_riemann': - riemann_host => 'riemann.example.org', - riemann_port => 5555, -} -``` - -####Class: `collectd::plugin::write_sensu` - -```puppet -class { 'collectd::plugin::write_sensu': - riemann_host => 'sensu.example.org', - riemann_port => 3030, -} -``` - -####Class: `collectd::plugin::zfs_arc` - -```puppet -class { 'collectd::plugin::zfs_arc': -} -``` - -types.db --------- - -Collectd needs to know how to handle each collected datapoint. -For this it uses a database file called [`types.db`](https://collectd.org/documentation/manpages/types.db.5.shtml) - -Those files can be created using the `collectd::typesdb` and `collectd::type` -define resources. - -```puppet -$db = '/etc/collectd/types.db' -collectd::typesdb { $db: } - -collectd::type { "response_size-${db}": - target => $db, - ds_type => 'ABSOLUTE', - min => 0, - max => 10000000, - ds_name => 'value', -} - -class { 'collectd': - typesdb => [ - '/usr/share/collectd/types.db', - $typesdb, - ], -} -``` - - -##Limitations - -See metadata.json for supported platforms - -##Known issues - -###Puppet needs two runs to correctly write my conf, why? - -Some plugins will need two runs of Puppet to fully generate the configuration for collectd. See [this issue](https://github.com/pdxcat/puppet-module-collectd/issues/162). -This can be avoided by specifying an explicit version (`$version`) or a minimum version (`$minimum_version`) for the collectd class. e.g. Setting either of these to 1.2.3 will -make this module assume on the first run (when the fact responsible to provide the collectd version is not yet available) that your systems are running collectd 1.2.3 -and generate the configuration accordingly. - -##Development - -### Running tests - -This project contains tests for [rspec-puppet](http://rspec-puppet.com/). - -Quickstart: - -```bash -gem install bundler -bundle install -bundle exec rake lint -bundle exec rake validate -bundle exec rake spec SPEC_OPTS='--format documentation' -``` - -### Version scoping - -Some plugins or some options in plugins are only available for recent versions of collectd. - -This module shall not use unsupported configuration directives. Look at [templates/loadplugin.conf.erb](https://github.com/puppet-community/puppet-collectd/blob/master/templates/loadplugin.conf.erb) for a hands-on example. - -Please make use of the search by branch/tags on the collectd github to see when a function has been first released. - -Reading the [collectd.conf.pod](https://github.com/collectd/collectd/blob/master/src/collectd.conf.pod) file is good, validating the presence of the code in the .c files is even better. diff --git a/module-collectd/Rakefile b/module-collectd/Rakefile deleted file mode 100644 index dd2d17fc2..000000000 --- a/module-collectd/Rakefile +++ /dev/null @@ -1,73 +0,0 @@ -# Copyright 2015 Puppet Community -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -require 'puppetlabs_spec_helper/rake_tasks' -require 'puppet-lint/tasks/puppet-lint' -require 'puppet-syntax/tasks/puppet-syntax' -require 'metadata-json-lint/rake_task' -require 'puppet_blacksmith/rake_tasks' -require 'rubocop/rake_task' - -RuboCop::RakeTask.new - -PuppetLint.configuration.relative = true -PuppetLint.configuration.send('disable_80chars') -PuppetLint.configuration.log_format = '%{path}:%{linenumber}:%{check}:%{KIND}:%{message}' -PuppetLint.configuration.fail_on_warnings = true - -# Forsake support for Puppet 2.6.2 for the benefit of cleaner code. -# http://puppet-lint.com/checks/class_parameter_defaults/ -PuppetLint.configuration.send('disable_class_parameter_defaults') -# http://puppet-lint.com/checks/class_inherits_from_params_class/ -PuppetLint.configuration.send('disable_class_inherits_from_params_class') - -exclude_paths = [ - 'pkg/**/*', - 'vendor/**/*', - 'spec/**/*' -] -PuppetLint.configuration.ignore_paths = exclude_paths -PuppetSyntax.exclude_paths = exclude_paths - -desc 'Run acceptance tests' -RSpec::Core::RakeTask.new(:acceptance) do |t| - t.pattern = 'spec/acceptance' -end - -desc 'Run metadata_lint, lint, syntax, and spec tests.' -task test: [ - :metadata_lint, - :lint, - :syntax, - :spec, -] - -Blacksmith::RakeTask.new do |t| - t.build = false # do not build the module nor push it to the Forge - # just do the tagging [:clean, :tag, :bump_commit] -end - -desc 'Offload release process to Travis.' -task travis_release: [ - :check_changelog, # check that the changelog contains an entry for the current release - :"module:release", # do everything except build / push to forge, travis will do that for us -] - -desc 'Check Changelog.' -task :check_changelog do - v = Blacksmith::Modulefile.new.version - if File.readlines('CHANGELOG.md').grep(/Releasing #{v}/).size == 0 - fail "Unable to find a CHANGELOG.md entry for the #{v} release." - end -end diff --git a/module-collectd/files/tests/Foo.pm b/module-collectd/files/tests/Foo.pm deleted file mode 100644 index e69de29bb..000000000 diff --git a/module-collectd/lib/facter/collectd_real_version.rb b/module-collectd/lib/facter/collectd_real_version.rb deleted file mode 100644 index 3cd853d9f..000000000 --- a/module-collectd/lib/facter/collectd_real_version.rb +++ /dev/null @@ -1,16 +0,0 @@ -# Fact: collectd_real_version -# -# Purpose: Retrieve collectd version if installed -# -# Resolution: -# -# Caveats: not well tested -# -Facter.add(:collectd_real_version) do - setcode do - if Facter::Util::Resolution.which('collectd') - collectd_help = Facter::Util::Resolution.exec('collectd -h') - %r{^collectd ([\w\.]+), http://collectd\.org/}.match(collectd_help)[1] - end - end -end diff --git a/module-collectd/lib/puppet/parser/functions/collectd_convert_processmatch.rb b/module-collectd/lib/puppet/parser/functions/collectd_convert_processmatch.rb deleted file mode 100644 index 09ddb6494..000000000 --- a/module-collectd/lib/puppet/parser/functions/collectd_convert_processmatch.rb +++ /dev/null @@ -1,28 +0,0 @@ -Puppet::Parser::Functions.newfunction(:collectd_convert_processmatch, :type => :rvalue, :arity => 1, :doc => <<-ENDDOC - Converts the array from the old style to define process matches in the - processes plugin into a create_resources compatible hash which - can be used with the new style define. - - Example: - [ { 'name' => 'foo', 'regex' => '.*' } , { 'name' => 'bar', 'regex' => '[0-9]+' } ] - will be converted to - { 'foo' => { 'regex' => '.*' } , 'bar' => { 'regex' => '[0-9]+' } } - ENDDOC - ) do |args| - if args.size != 1 - fail(Puppet::ParseError, 'convert_process_match_array(): Needs exactly one argument') - end - - parray = args[0] - unless parray.is_a?(Array) - fail(Puppet::ParseError, 'convert_process_match_array(): Needs an array as argument') - end - - phash = {} - - parray.each do |p| - phash[p['name']] = { 'regex' => p['regex'] } - end - - return phash -end diff --git a/module-collectd/manifests/config.pp b/module-collectd/manifests/config.pp deleted file mode 100644 index b34a573ba..000000000 --- a/module-collectd/manifests/config.pp +++ /dev/null @@ -1,57 +0,0 @@ -# private -class collectd::config ( - $config_file = $collectd::config_file, - $plugin_conf_dir = $collectd::plugin_conf_dir, - $root_group = $collectd::root_group, - $recurse = $collectd::recurse, - $fqdnlookup = $collectd::fqdnlookup, - $collectd_hostname = $collectd::collectd_hostname, - $interval = $collectd::interval, - $include = $collectd::include, - $purge = $collectd::purge, - $purge_config = $collectd::purge_config, - $threads = $collectd::threads, - $timeout = $collectd::timeout, - $typesdb = $collectd::typesdb, - $write_queue_limit_high = $collectd::write_queue_limit_high, - $write_queue_limit_low = $collectd::write_queue_limit_low, - $internal_stats = $collectd::internal_stats, - $collectd_version = $collectd::collectd_version, -) { - - $conf_content = $purge_config ? { - true => template('collectd/collectd.conf.erb'), - default => undef, - } - - file { 'collectd.conf': - path => $config_file, - content => $conf_content, - } - - if $purge_config != true { - # former include of conf_d directory - file_line { 'include_conf_d': - ensure => absent, - line => "Include \"${plugin_conf_dir}/\"", - path => $config_file, - } - # include (conf_d directory)/*.conf - file_line { 'include_conf_d_dot_conf': - ensure => present, - line => "Include \"${plugin_conf_dir}/*.conf\"", - path => $config_file, - } - } - - file { 'collectd.d': - ensure => directory, - path => $plugin_conf_dir, - mode => '0750', - owner => 'root', - group => $root_group, - purge => $purge, - recurse => $recurse, - } - -} diff --git a/module-collectd/manifests/init.pp b/module-collectd/manifests/init.pp deleted file mode 100644 index 37fdf768b..000000000 --- a/module-collectd/manifests/init.pp +++ /dev/null @@ -1,50 +0,0 @@ -# -class collectd ( - $fqdnlookup = $collectd::params::fqdnlookup, - $collectd_hostname = $collectd::params::collectd_hostname, - $interval = $collectd::params::interval, - $include = $collectd::params::include, - $internal_stats = $collectd::params::internal_stats, - $purge = $collectd::params::purge, - $purge_config = $collectd::params::purge_config, - $recurse = $collectd::params::recurse, - $threads = $collectd::params::threads, - $timeout = $collectd::params::timeout, - $typesdb = $collectd::params::typesdb, - $write_queue_limit_high = $collectd::params::write_queue_limit_high, - $write_queue_limit_low = $collectd::params::write_queue_limit_low, - $config_file = $collectd::params::config_file, - $package_provider = $collectd::params::provider, - $package_install_options = $collectd::params::package_install_options, - $package_name = $collectd::params::package, - $plugin_conf_dir = $collectd::params::plugin_conf_dir, - $root_group = $collectd::params::root_group, - $version = $collectd::params::version, - $service_name = $collectd::params::service_name, - $service_ensure = $collectd::params::service_ensure, - $service_enable = $collectd::params::service_enable, - $minimum_version = $collectd::params::minimum_version, - $manage_package = $collectd::params::manage_package, -) inherits collectd::params { - - validate_bool($purge_config, $fqdnlookup) - validate_array($include, $typesdb) - - # Version for templates - $collectd_version = pick( - $::collectd_real_version, # Fact takes precedence - regsubst( - regsubst($version,'^(absent|held|installed|latest|present|purged)$', ''), # standard package resource ensure value? - strip and return undef - '^\d+(?:\.\d+){1.2}', '\0'), # specific package version? return only semantic version parts - $minimum_version, - '1.0') - - class { 'collectd::install': - package_install_options => $package_install_options, - } -> - class { 'collectd::config': - collectd_version => $collectd_version, - } ~> - class { 'collectd::service': } - -} diff --git a/module-collectd/manifests/install.pp b/module-collectd/manifests/install.pp deleted file mode 100644 index ac528cbb3..000000000 --- a/module-collectd/manifests/install.pp +++ /dev/null @@ -1,21 +0,0 @@ -class collectd::install ( - $version = $collectd::version, - $package_name = $collectd::package_name, - $package_provider = $collectd::package_provider, - $package_install_options = $collectd::params::package_install_options, - $manage_package = $collectd::manage_package, -) { - - if $package_install_options != undef { - validate_array($package_install_options) - } - - if $manage_package { - package { $package_name: - ensure => $version, - name => $package_name, - provider => $package_provider, - install_options => $package_install_options, - } - } -} diff --git a/module-collectd/manifests/params.pp b/module-collectd/manifests/params.pp deleted file mode 100644 index 744bb02a3..000000000 --- a/module-collectd/manifests/params.pp +++ /dev/null @@ -1,107 +0,0 @@ -# -class collectd::params { - - $fqdnlookup = true - $collectd_hostname = $::hostname - $interval = 10 - $include = [] - $internal_stats = false - $purge = undef - $purge_config = false - $recurse = undef - $threads = 5 - $timeout = 2 - $typesdb = [] - $write_queue_limit_high = undef - $write_queue_limit_low = undef - $version = installed - $service_ensure = running - $service_enable = true - $minimum_version = undef - $manage_package = true - $package_install_options = undef - - case $::osfamily { - 'Debian': { - $package = 'collectd' - $provider = 'apt' - $collectd_dir = '/etc/collectd' - $plugin_conf_dir = "${collectd_dir}/conf.d" - $service_name = 'collectd' - $config_file = "${collectd_dir}/collectd.conf" - $root_group = 'root' - $java_dir = '/usr/share/collectd/java' - $python_dir = '/usr/share/collectd/python' - } - 'Solaris': { - $package = 'CSWcollectd' - $provider = 'pkgutil' - $collectd_dir = '/etc/opt/csw/collectd.d' - $plugin_conf_dir = $collectd_dir - $service_name = 'cswcollectd' - $config_file = '/etc/opt/csw/collectd.conf' - $root_group = 'root' - $java_dir = undef - $python_dir = '/opt/csw/share/collectd/python' - } - 'Redhat': { - $package = 'collectd' - $provider = 'yum' - $collectd_dir = '/etc/collectd.d' - $plugin_conf_dir = $collectd_dir - $service_name = 'collectd' - $config_file = '/etc/collectd.conf' - $root_group = 'root' - $java_dir = '/usr/share/collectd/java' - $python_dir = '/usr/share/collectd/python' - } - 'Suse': { - $package = 'collectd' - $provider = 'zypper' - $collectd_dir = '/etc/collectd' - $plugin_conf_dir = $collectd_dir - $service_name = 'collectd' - $config_file = '/etc/collectd.conf' - $root_group = 'root' - $java_dir = undef - $python_dir = '/usr/share/collectd/python' - } - 'FreeBSD': { - $package = 'collectd5' - $provider = undef - $collectd_dir = '/usr/local/etc/collectd' - $plugin_conf_dir = $collectd_dir - $service_name = 'collectd' - $config_file = '/usr/local/etc/collectd.conf' - $root_group = 'wheel' - $java_dir = undef - $python_dir = '/usr/local/share/collectd/python' - } - 'Archlinux': { - $package = 'collectd' - $provider = undef - $collectd_dir = '/etc/collectd.d' - $plugin_conf_dir = $collectd_dir - $service_name = 'collectd' - $config_file = '/etc/collectd.conf' - $root_group = 'wheel' - $java_dir = undef - $python_dir = '/usr/share/collectd/python' - } - 'Gentoo': { - $package = 'app-admin/collectd' - $provider = 'portage' - $collectd_dir = '/etc/collectd.d' - $plugin_conf_dir = $collectd_dir - $service_name = 'collectd' - $config_file = '/etc/collectd.conf' - $root_group = 'collectd' - $java_dir = undef - $python_dir = '/usr/share/collectd/python' - } - - default: { - fail("${::osfamily} is not supported.") - } - } -} diff --git a/module-collectd/manifests/plugin.pp b/module-collectd/manifests/plugin.pp deleted file mode 100644 index 76d411235..000000000 --- a/module-collectd/manifests/plugin.pp +++ /dev/null @@ -1,42 +0,0 @@ -# -define collectd::plugin ( - $ensure = 'present', - $content = undef, - $order = '10', - $globals = false, - $interval = undef, - $plugin = $name -) { - - include collectd::params - $conf_dir = $collectd::params::plugin_conf_dir - $root_group = $collectd::params::root_group - - file { "${plugin}.load": - ensure => $ensure, - path => "${conf_dir}/${order}-${plugin}.conf", - owner => root, - group => $root_group, - mode => '0640', - content => template('collectd/loadplugin.conf.erb'), - notify => Service['collectd'], - } - - # Older versions of this module didn't use the "00-" prefix. - # Delete those potentially left over files just to be sure. - file { "older_${plugin}.load": - ensure => absent, - path => "${conf_dir}/${plugin}.conf", - notify => Service['collectd'], - } - - # Older versions of this module use the "00-" prefix by default. - # Delete those potentially left over files just to be sure. - if $order != '00' { - file { "old_${plugin}.load": - ensure => absent, - path => "${conf_dir}/00-${plugin}.conf", - notify => Service['collectd'], - } - } -} diff --git a/module-collectd/manifests/plugin/aggregation.pp b/module-collectd/manifests/plugin/aggregation.pp deleted file mode 100644 index 953bebdc8..000000000 --- a/module-collectd/manifests/plugin/aggregation.pp +++ /dev/null @@ -1,16 +0,0 @@ -# -class collectd::plugin::aggregation ( - $ensure = present, - $interval = undef, - $aggregators = { }, -) { - - collectd::plugin {'aggregation': - ensure => $ensure, - interval => $interval, - } - $defaults = { - 'ensure' => $ensure - } - create_resources(collectd::plugin::aggregation::aggregator, $aggregators, $defaults) -} diff --git a/module-collectd/manifests/plugin/aggregation/aggregator.pp b/module-collectd/manifests/plugin/aggregation/aggregator.pp deleted file mode 100644 index 2fd087953..000000000 --- a/module-collectd/manifests/plugin/aggregation/aggregator.pp +++ /dev/null @@ -1,34 +0,0 @@ -# -define collectd::plugin::aggregation::aggregator ( - $ensure = 'present', - $host = undef, - $plugin = undef, - $plugininstance = undef, - $type = undef, - $typeinstance = undef, - $sethost = undef, - $setplugin = undef, - $setplugininstance = undef, - $settypeinstance = undef, - $groupby = [], - $calculatesum = undef, - $calculatenum = undef, - $calculateaverage = undef, - $calculateminimum = undef, - $calculatemaximum = undef, - $calculatestddev = undef, -) { - include collectd::params - include collectd::plugin::aggregation - - $conf_dir = $collectd::params::plugin_conf_dir - - file { "${conf_dir}/aggregator-${name}.conf": - ensure => $ensure, - mode => '0640', - owner => 'root', - group => $collectd::params::root_group, - content => template('collectd/plugin/aggregation-aggregator.conf.erb'), - notify => Service['collectd'], - } -} diff --git a/module-collectd/manifests/plugin/amqp.pp b/module-collectd/manifests/plugin/amqp.pp deleted file mode 100644 index 3b327bf98..000000000 --- a/module-collectd/manifests/plugin/amqp.pp +++ /dev/null @@ -1,33 +0,0 @@ -# https://collectd.org/wiki/index.php/Plugin:AMQP -class collectd::plugin::amqp ( - $ensure = present, - $manage_package = $true, - $amqphost = 'localhost', - $amqpport = 5672, - $amqpvhost = 'graphite', - $amqpuser = 'graphite', - $amqppass = 'graphite', - $amqpformat = 'Graphite', - $amqpexchange = 'metrics', - $amqppersistent = true, - $graphiteprefix = 'collectd.', - $escapecharacter = '_', - $interval = undef, -) { - - validate_bool($amqppersistent) - - if $::osfamily == 'Redhat' { - if $manage_package { - package { 'collectd-amqp': - ensure => $ensure, - } - } - } - - collectd::plugin {'amqp': - ensure => $ensure, - content => template('collectd/plugin/amqp.conf.erb'), - interval => $interval, - } -} diff --git a/module-collectd/manifests/plugin/apache.pp b/module-collectd/manifests/plugin/apache.pp deleted file mode 100644 index e99f15791..000000000 --- a/module-collectd/manifests/plugin/apache.pp +++ /dev/null @@ -1,30 +0,0 @@ -# https://collectd.org/wiki/index.php/Plugin:Apache -class collectd::plugin::apache ( - $ensure = present, - $manage_package = $true, - $instances = { 'localhost' => { 'url' => 'http://localhost/mod_status?auto' } }, - $interval = undef, - $package_install_options = $collectd::package_install_options, -) { - - validate_hash($instances) - - if $package_install_options != undef { - validate_array($package_install_options) - } - - if $::osfamily == 'RedHat' { - if $manage_package { - package { 'collectd-apache': - ensure => $ensure, - install_options => $package_install_options, - } - } - } - - collectd::plugin {'apache': - ensure => $ensure, - content => template('collectd/plugin/apache.conf.erb'), - interval => $interval, - } -} diff --git a/module-collectd/manifests/plugin/bind.pp b/module-collectd/manifests/plugin/bind.pp deleted file mode 100644 index 8084c8560..000000000 --- a/module-collectd/manifests/plugin/bind.pp +++ /dev/null @@ -1,41 +0,0 @@ -# https://collectd.org/wiki/index.php/Plugin:BIND -class collectd::plugin::bind ( - $url, - $ensure = present, - $manage_package = $true, - $memorystats = true, - $opcodes = true, - $parsetime = false, - $qtypes = true, - $resolverstats = false, - $serverstats = true, - $zonemaintstats = true, - $views = [], - $interval = undef, -) { - - validate_bool( - $memorystats, - $opcodes, - $parsetime, - $qtypes, - $resolverstats, - $serverstats, - $zonemaintstats, - ) - validate_array($views) - - if $::osfamily == 'Redhat' { - if $manage_package { - package { 'collectd-bind': - ensure => $ensure, - } - } - } - - collectd::plugin {'bind': - ensure => $ensure, - content => template('collectd/plugin/bind.conf.erb'), - interval => $interval, - } -} diff --git a/module-collectd/manifests/plugin/ceph.pp b/module-collectd/manifests/plugin/ceph.pp deleted file mode 100644 index b1f5083d9..000000000 --- a/module-collectd/manifests/plugin/ceph.pp +++ /dev/null @@ -1,41 +0,0 @@ -#== Class: collectd::plugin::ceph -# -# Class to manage ceph plugin for collectd -# === Parameters -# [*ensure*] -# ensure param for collectd::plugin type -# -# [*osds*] -# array of osds to create config for -# example: ['osd.1', 'osd.2', 'osd.3'] -# -# [*longrunavglatency*] If enabled, latency values(sum,count pairs) are -# calculated as the long run average - average since the ceph daemon was -# started = (sum / count). i When disabled, latency values are calculated as -# the average since the last collection = (sum_now - sum_last) / (count_now - -# count_last). -# -# [*convertspecialmetrictypes*} -# If enabled, special metrics (metrics that differ in type from similar -# counters) are converted to the type of those similar counters. This -# currently only applies to filestore.journal_wr_bytes which is a counter for -# OSD daemons. The ceph schema reports this metric type as a sum,count pair i -# while similar counters are treated as derive types. When converted, the sum -# is used as the counter value and is treated as a derive type. When -# disabled, all metrics are treated as the types received from the ceph -# schema. -# -class collectd::plugin::ceph ( - $ensure = present, - $longrunavglatency = false, - $convertspecialmetrictypes = true, - $osds, -) { - - validate_array($osds) - - collectd::plugin {'ceph': - ensure => $ensure, - content => template('collectd/plugin/ceph.conf.erb'), - } -} diff --git a/module-collectd/manifests/plugin/chain.pp b/module-collectd/manifests/plugin/chain.pp deleted file mode 100644 index 0024acb92..000000000 --- a/module-collectd/manifests/plugin/chain.pp +++ /dev/null @@ -1,20 +0,0 @@ -# -class collectd::plugin::chain ( - $chainname = 'Main', - $ensure = 'present', - $defaulttarget = 'write', - $rules = [] -) { - include collectd::params - - $conf_dir = $collectd::params::plugin_conf_dir - - file { "${conf_dir}/99-chain-${chainname}.conf": - ensure => $ensure, - mode => '0640', - owner => 'root', - group => $collectd::params::root_group, - content => template('collectd/plugin/chain.conf.erb'), - notify => Service['collectd'], - } -} diff --git a/module-collectd/manifests/plugin/conntrack.pp b/module-collectd/manifests/plugin/conntrack.pp deleted file mode 100644 index 76030434d..000000000 --- a/module-collectd/manifests/plugin/conntrack.pp +++ /dev/null @@ -1,8 +0,0 @@ -# https://collectd.org/wiki/index.php/Plugin:ConnTrack -class collectd::plugin::conntrack ( - $ensure = present, -) { - collectd::plugin {'conntrack': - ensure => $ensure - } -} diff --git a/module-collectd/manifests/plugin/contextswitch.pp b/module-collectd/manifests/plugin/contextswitch.pp deleted file mode 100644 index 1c3d7f6df..000000000 --- a/module-collectd/manifests/plugin/contextswitch.pp +++ /dev/null @@ -1,10 +0,0 @@ -# https://collectd.org/wiki/index.php/Plugin:ContextSwitch -class collectd::plugin::contextswitch ( - $ensure = present, - $interval = undef, -) { - collectd::plugin {'contextswitch': - ensure => $ensure, - interval => $interval, - } -} diff --git a/module-collectd/manifests/plugin/cpu.pp b/module-collectd/manifests/plugin/cpu.pp deleted file mode 100644 index 3f8a0a94b..000000000 --- a/module-collectd/manifests/plugin/cpu.pp +++ /dev/null @@ -1,21 +0,0 @@ -# https://collectd.org/wiki/index.php/Plugin:CPU -class collectd::plugin::cpu ( - $ensure = present, - $reportbystate = true, - $reportbycpu = true, - $valuespercentage = false, - $interval = undef, -) { - - validate_bool( - $reportbystate, - $reportbycpu, - $valuespercentage, - ) - - collectd::plugin {'cpu': - ensure => $ensure, - content => template('collectd/plugin/cpu.conf.erb'), - interval => $interval, - } -} diff --git a/module-collectd/manifests/plugin/cpufreq.pp b/module-collectd/manifests/plugin/cpufreq.pp deleted file mode 100644 index ff90048a5..000000000 --- a/module-collectd/manifests/plugin/cpufreq.pp +++ /dev/null @@ -1,8 +0,0 @@ -# https://collectd.org/wiki/index.php/Plugin:CPUFreq -class collectd::plugin::cpufreq ( - $ensure = present, -) { - collectd::plugin {'cpufreq': - ensure => $ensure - } -} diff --git a/module-collectd/manifests/plugin/csv.pp b/module-collectd/manifests/plugin/csv.pp deleted file mode 100644 index ac1f9c33e..000000000 --- a/module-collectd/manifests/plugin/csv.pp +++ /dev/null @@ -1,14 +0,0 @@ -# https://collectd.org/wiki/index.php/Plugin:CSV -class collectd::plugin::csv ( - $ensure = present, - $datadir = '/etc/collectd/var/lib/collectd/csv', - $interval = undef, - $storerates = false -) { - - collectd::plugin {'csv': - ensure => $ensure, - content => template('collectd/plugin/csv.conf.erb'), - interval => $interval, - } -} diff --git a/module-collectd/manifests/plugin/curl.pp b/module-collectd/manifests/plugin/curl.pp deleted file mode 100644 index 49797570b..000000000 --- a/module-collectd/manifests/plugin/curl.pp +++ /dev/null @@ -1,25 +0,0 @@ -# -class collectd::plugin::curl ( - $ensure = present, - $manage_package = $true, - $interval = undef, - $pages = { }, -) { - - if $::osfamily == 'Redhat' { - if $manage_package { - package { 'collectd-curl': - ensure => $ensure, - } - } - } - - collectd::plugin {'curl': - ensure => $ensure, - interval => $interval, - } - $defaults = { - 'ensure' => $ensure - } - create_resources(collectd::plugin::curl::page, $pages, $defaults) -} diff --git a/module-collectd/manifests/plugin/curl/page.pp b/module-collectd/manifests/plugin/curl/page.pp deleted file mode 100644 index d91c06d73..000000000 --- a/module-collectd/manifests/plugin/curl/page.pp +++ /dev/null @@ -1,35 +0,0 @@ -# -define collectd::plugin::curl::page ( - $ensure = 'present', - $url = undef, - $user = undef, - $password = undef, - $verifypeer = undef, - $verifyhost = undef, - $cacert = undef, - $header = undef, - $post = undef, - $measureresponsetime = undef, - $matches = undef, - $plugininstance = $name, # You can have multiple with the same name. -) { - include collectd::params - include collectd::plugin::curl - - $conf_dir = $collectd::params::plugin_conf_dir - - validate_string($url) - - if $matches != undef { - validate_array($matches) - } - - file { "${conf_dir}/curl-${name}.conf": - ensure => $ensure, - mode => '0640', - owner => 'root', - group => $collectd::params::root_group, - content => template('collectd/plugin/curl-page.conf.erb'), - notify => Service['collectd'], - } -} diff --git a/module-collectd/manifests/plugin/curl_json.pp b/module-collectd/manifests/plugin/curl_json.pp deleted file mode 100644 index db7bf2c15..000000000 --- a/module-collectd/manifests/plugin/curl_json.pp +++ /dev/null @@ -1,37 +0,0 @@ -# See http://collectd.org/documentation/manpages/collectd.conf.5.shtml#plugin_curl_json -define collectd::plugin::curl_json ( - $url, - $instance, - $keys, - $ensure = present, - $user = undef, - $password = undef, - $order = '10', -) { - - include collectd::params - validate_hash($keys) - - if $::osfamily == 'Redhat' { - ensure_packages('collectd-curl_json') - } - - $conf_dir = $collectd::params::plugin_conf_dir - - # This is deprecated file naming ensuring old style file removed, and should be removed in next major relese - file { "${name}.load-deprecated": - ensure => absent, - path => "${conf_dir}/${name}.conf", - } - # End deprecation - - file { - "${name}.load": - path => "${conf_dir}/${order}-${name}.conf", - owner => 'root', - group => $collectd::params::root_group, - mode => '0640', - content => template('collectd/curl_json.conf.erb'), - notify => Service['collectd'], - } -} diff --git a/module-collectd/manifests/plugin/dbi.pp b/module-collectd/manifests/plugin/dbi.pp deleted file mode 100644 index 508976265..000000000 --- a/module-collectd/manifests/plugin/dbi.pp +++ /dev/null @@ -1,53 +0,0 @@ -# https://collectd.org/wiki/index.php/Plugin:DBI -class collectd::plugin::dbi ( - $ensure = present, - $databases = { }, - $queries = { }, - $packages = undef, - $interval = undef, -) { - include collectd::params - - if $::osfamily == 'Redhat' { - package { 'collectd-dbi': - ensure => $ensure, - } - } - - #manage additional packages such like db driver: libdbi-mysql - if $packages { - package { $packages: - ensure => $ensure, - } - } - - collectd::plugin {'dbi': - ensure => $ensure, - interval => $interval, - } - - concat{"${collectd::params::plugin_conf_dir}/dbi-config.conf": - ensure => $ensure, - mode => '0640', - owner => 'root', - group => $collectd::params::root_group, - notify => Service['collectd'], - ensure_newline => true, - } - concat::fragment{'collectd_plugin_dbi_conf_header': - order => '00', - content => '', - target => "${collectd::params::plugin_conf_dir}/dbi-config.conf", - } - concat::fragment{'collectd_plugin_dbi_conf_footer': - order => '99', - content => '', - target => "${collectd::params::plugin_conf_dir}/dbi-config.conf", - } - - $defaults = { - 'ensure' => $ensure - } - create_resources(collectd::plugin::dbi::database, $databases, $defaults) - create_resources(collectd::plugin::dbi::query, $queries, $defaults) -} diff --git a/module-collectd/manifests/plugin/dbi/database.pp b/module-collectd/manifests/plugin/dbi/database.pp deleted file mode 100644 index b4994f19d..000000000 --- a/module-collectd/manifests/plugin/dbi/database.pp +++ /dev/null @@ -1,24 +0,0 @@ -# database allows you to create blocks with the same name of database, -# -define collectd::plugin::dbi::database ( - $driver, - $ensure = 'present', - $host = undef, - $driveroption = {}, - $selectdb = undef, - $query = [], -){ - include collectd::params - include collectd::plugin::dbi - - validate_string($driver) - validate_hash($driveroption) - validate_array($query) - - concat::fragment{"collectd_plugin_dbi_conf_db_${title}": - ensure => $ensure, - order => '50', - target => "${collectd::params::plugin_conf_dir}/dbi-config.conf", - content => template('collectd/plugin/dbi/database.conf.erb'), - } -} diff --git a/module-collectd/manifests/plugin/dbi/query.pp b/module-collectd/manifests/plugin/dbi/query.pp deleted file mode 100644 index de868514e..000000000 --- a/module-collectd/manifests/plugin/dbi/query.pp +++ /dev/null @@ -1,21 +0,0 @@ -# -define collectd::plugin::dbi::query ( - $statement, - $ensure = 'present', - $results = [{}], - $minversion = undef, - $maxversion = undef, -){ - include collectd::params - include collectd::plugin::dbi - - validate_string($statement) - validate_array($results) - - concat::fragment{"collectd_plugin_dbi_conf_query_${title}": - ensure => $ensure, - order => '30', - target => "${collectd::params::plugin_conf_dir}/dbi-config.conf", - content => template('collectd/plugin/dbi/query.conf.erb'), - } -} diff --git a/module-collectd/manifests/plugin/df.pp b/module-collectd/manifests/plugin/df.pp deleted file mode 100644 index 228b2f577..000000000 --- a/module-collectd/manifests/plugin/df.pp +++ /dev/null @@ -1,33 +0,0 @@ -# https://collectd.org/wiki/index.php/Plugin:DF -class collectd::plugin::df ( - $ensure = present, - $fstypes = [], - $ignoreselected = false, - $interval = undef, - $mountpoints = [], - $reportbydevice = false, - $reportinodes = true, - $reportreserved = true, - $valuesabsolute = true, - $valuespercentage = false, -) { - - validate_array( - $fstypes, - $mountpoints, - ) - validate_bool( - $ignoreselected, - $reportbydevice, - $reportinodes, - $reportreserved, - $valuesabsolute, - $valuespercentage, - ) - - collectd::plugin {'df': - ensure => $ensure, - content => template('collectd/plugin/df.conf.erb'), - interval => $interval, - } -} diff --git a/module-collectd/manifests/plugin/disk.pp b/module-collectd/manifests/plugin/disk.pp deleted file mode 100644 index c805c0c21..000000000 --- a/module-collectd/manifests/plugin/disk.pp +++ /dev/null @@ -1,18 +0,0 @@ -# https://collectd.org/wiki/index.php/Plugin:Disk -class collectd::plugin::disk ( - $ensure = present, - $disks = [], - $ignoreselected = false, - $interval = undef, - $udevnameattr = undef, -) { - - validate_array($disks) - validate_bool($ignoreselected) - - collectd::plugin {'disk': - ensure => $ensure, - content => template('collectd/plugin/disk.conf.erb'), - interval => $interval, - } -} diff --git a/module-collectd/manifests/plugin/dns.pp b/module-collectd/manifests/plugin/dns.pp deleted file mode 100644 index 72ef28c78..000000000 --- a/module-collectd/manifests/plugin/dns.pp +++ /dev/null @@ -1,71 +0,0 @@ -# Class: collectd::plugin::dns -# -class collectd::plugin::dns ( - $ensure = 'present', - $ignoresource = undef, - $interface = 'any', - $interval = undef, - $manage_package = false, - $package_name = 'USE_DEFAULTS', - $selectnumericquerytypes = true, -) { - - validate_re($ensure,'^(present)|(absent)$', - "collectd::plugin::dns::ensure is <${ensure}> and must be either 'present' or 'absent'.") - - if ( $ignoresource != undef ) and ( is_ip_address($ignoresource) == false ) { - fail("collectd::plugin::dns::ignoresource is <${ignoresource}> and must be a valid IP address.") - } - - validate_string($interface) - - if $interval != undef { - validate_numeric($interval) - } - - if is_string($selectnumericquerytypes) == true { - $selectnumericquerytypes_real = str2bool($selectnumericquerytypes) - } else { - $selectnumericquerytypes_real = $selectnumericquerytypes - } - validate_bool($selectnumericquerytypes_real) - - if is_string($manage_package) == true { - $manage_package_real = str2bool($manage_package) - } else { - $manage_package_real = $manage_package - } - validate_bool($manage_package_real) - - if $manage_package_real == true { - - if $::osfamily == 'RedHat' { - $default_package_name = 'collectd-dns' - } else { - # This will cause the catalog to fail if package_name is not specified - $default_package_name = 'USE_DEFAULTS' - } - - if $package_name == 'USE_DEFAULTS' { - $package_name_real = $default_package_name - } else { - $package_name_real = $package_name - } - validate_string($package_name_real) - - if $package_name_real == 'USE_DEFAULTS' { - fail("collectd::plugin::dns::package_name must be specified when using an unsupported OS. Supported osfamily is RedHat. Detected is <${::osfamily}>.") - } - - package { 'collectd-dns': - ensure => $ensure, - name => $package_name_real, - } - } - - collectd::plugin { 'dns': - ensure => $ensure, - content => template('collectd/plugin/dns.conf.erb'), - interval => $interval, - } -} diff --git a/module-collectd/manifests/plugin/entropy.pp b/module-collectd/manifests/plugin/entropy.pp deleted file mode 100644 index 5588495a3..000000000 --- a/module-collectd/manifests/plugin/entropy.pp +++ /dev/null @@ -1,11 +0,0 @@ -# https://collectd.org/wiki/index.php/Plugin:Entropy -class collectd::plugin::entropy ( - $ensure = present, - $interval = undef, -) { - - collectd::plugin {'entropy': - ensure => $ensure, - interval => $interval, - } -} diff --git a/module-collectd/manifests/plugin/exec.pp b/module-collectd/manifests/plugin/exec.pp deleted file mode 100644 index d3fa4eb87..000000000 --- a/module-collectd/manifests/plugin/exec.pp +++ /dev/null @@ -1,44 +0,0 @@ -# See http://collectd.org/documentation/manpages/collectd.conf.5.shtml#plugin_exec -class collectd::plugin::exec ( - $commands = {}, - $interval = undef, - $ensure = present, - $globals = false, -) { - include collectd::params - - validate_hash($commands) - validate_bool($globals) - - collectd::plugin {'exec': - ensure => $ensure, - globals => $globals, - interval => $interval, - } - - # should be loaded after global plugin configuration - $exec_conf = "${collectd::params::plugin_conf_dir}/exec-config.conf" - - concat{ $exec_conf: - ensure => $ensure, - mode => '0640', - owner => 'root', - group => $collectd::params::root_group, - notify => Service['collectd'], - ensure_newline => true, - } - - concat::fragment{'collectd_plugin_exec_conf_header': - order => '00', - content => '', - target => $exec_conf, - } - - concat::fragment{'collectd_plugin_exec_conf_footer': - order => '99', - content => '', - target => $exec_conf, - } - - create_resources(collectd::plugin::exec::cmd, $commands) -} \ No newline at end of file diff --git a/module-collectd/manifests/plugin/exec/cmd.pp b/module-collectd/manifests/plugin/exec/cmd.pp deleted file mode 100644 index cd44113fe..000000000 --- a/module-collectd/manifests/plugin/exec/cmd.pp +++ /dev/null @@ -1,29 +0,0 @@ -define collectd::plugin::exec::cmd ( - $user, - $group, - $exec = [], - $notification_exec = [], - $ensure = present, -) { - include collectd::params - include collectd::plugin::exec - - validate_array($exec) - validate_array($notification_exec) - - $conf_dir = $collectd::params::plugin_conf_dir - - # This is deprecated file naming ensuring old style file removed, and should be removed in next major relese - file { "${name}.load-deprecated": - ensure => absent, - path => "${conf_dir}/${name}.conf", - } - # End deprecation - - concat::fragment{"collectd_plugin_exec_conf_${title}": - ensure => $ensure, - order => '50', # somewhere between header and footer - target => $collectd::plugin::exec::exec_conf, - content => template('collectd/plugin/exec/cmd.conf.erb'), - } -} diff --git a/module-collectd/manifests/plugin/filecount.pp b/module-collectd/manifests/plugin/filecount.pp deleted file mode 100644 index a06c0463a..000000000 --- a/module-collectd/manifests/plugin/filecount.pp +++ /dev/null @@ -1,25 +0,0 @@ -# https://collectd.org/wiki/index.php/Plugin:FileCount -class collectd::plugin::filecount ( - $ensure = present, - $directories = {}, - $interval = undef, -) { - validate_hash($directories) - - # We support two formats for directories: - # - new: hash for create_resources collectd::plugin::filecount::directory - # - old: backward compatibility, simple instance => path hash - $values = values($directories) - if size($values) > 0 and is_hash($values[0]) { - $content = undef - create_resources(collectd::plugin::filecount::directory, $directories, {ensure => $ensure}) - } else { - $content = template('collectd/plugin/filecount.conf.erb') - } - - collectd::plugin {'filecount': - ensure => $ensure, - content => $content, - interval => $interval, - } -} diff --git a/module-collectd/manifests/plugin/filecount/directory.pp b/module-collectd/manifests/plugin/filecount/directory.pp deleted file mode 100644 index dacb5561c..000000000 --- a/module-collectd/manifests/plugin/filecount/directory.pp +++ /dev/null @@ -1,27 +0,0 @@ -# https://collectd.org/wiki/index.php/Plugin:FileCount -define collectd::plugin::filecount::directory ( - $ensure = present, - $instance = $name, - $path = undef, - $pattern = undef, - $mtime = undef, - $size = undef, - $recursive = undef, - $includehidden = undef -) { - include collectd::params - include collectd::plugin::filecount - - $conf_dir = $collectd::params::plugin_conf_dir - - validate_string($path) - - file { "${conf_dir}/15-filecount-${name}.conf": - ensure => $ensure, - mode => '0640', - owner => 'root', - group => $collectd::params::root_group, - content => template('collectd/plugin/filecount-directory.conf.erb'), - notify => Service['collectd'], - } -} diff --git a/module-collectd/manifests/plugin/filter.pp b/module-collectd/manifests/plugin/filter.pp deleted file mode 100644 index e0963a7aa..000000000 --- a/module-collectd/manifests/plugin/filter.pp +++ /dev/null @@ -1,28 +0,0 @@ -# https://collectd.org/wiki/index.php/Chains -class collectd::plugin::filter ( - $ensure = 'present', - $precachechain = 'PreChain', - $postcachechain = 'PostChain', -) { - include collectd::params - - $plugin_matches = ['regex','timediff','value','empty_counter','hashed'] - $plugin_targets = ['notification','replace','set'] - $conf_file = "${collectd::params::plugin_conf_dir}/01-filter.conf" - - file { $conf_file: - ensure => $ensure, - owner => 'root', - group => $collectd::params::root_group, - mode => '0644', - content => "PreCacheChain \"${precachechain}\"\nPostCacheChain \"${postcachechain}\"\n\n", - notify => Service['collectd'], - } - - unless $ensure == 'present' { - #kick all filter specifc plugins - ensure_resource('collectd::plugin', prefix($plugin_matches,'match_'), {'ensure' => 'absent', 'order' => '02'} ) - ensure_resource('collectd::plugin', prefix($plugin_targets,'target_'), {'ensure' => 'absent', 'order' => '02'} ) - } - -} diff --git a/module-collectd/manifests/plugin/filter/chain.pp b/module-collectd/manifests/plugin/filter/chain.pp deleted file mode 100644 index 04030c523..000000000 --- a/module-collectd/manifests/plugin/filter/chain.pp +++ /dev/null @@ -1,44 +0,0 @@ -# https://collectd.org/wiki/index.php/Chains -define collectd::plugin::filter::chain ( - $ensure = 'present', - $target = undef, - $target_options = undef, -) { - include collectd::params - include collectd::plugin::filter - - $conf_file = "${collectd::params::plugin_conf_dir}/filter-chain-${title}.conf" - - concat{ $conf_file: - ensure => $ensure, - mode => '0640', - owner => 'root', - group => $collectd::params::root_group, - notify => Service['collectd'], - ensure_newline => true, - } - - if $ensure == 'present' { - concat::fragment{ "${conf_file}_${title}_head": - order => '00', - content => "", - target => $conf_file, - } - - concat::fragment{ "${conf_file}_${title}_footer": - order => '99', - content => '', - target => $conf_file, - } - - #add simple target if provided at the end - if $target { - collectd::plugin::filter::target{ "z_chain-${title}-target": - chain => $title, - plugin => $target, - rule => undef, - options => $target_options - } - } - } -} diff --git a/module-collectd/manifests/plugin/filter/match.pp b/module-collectd/manifests/plugin/filter/match.pp deleted file mode 100644 index 4a0f78671..000000000 --- a/module-collectd/manifests/plugin/filter/match.pp +++ /dev/null @@ -1,26 +0,0 @@ -# https://collectd.org/wiki/index.php/Chains -define collectd::plugin::filter::match ( - $chain, - $rule, - $plugin, - $options = undef, -) { - include collectd::params - include collectd::plugin::filter - - unless $plugin in $collectd::plugin::filter::plugin_matches { - fail("Unknown match plugin '${plugin}' provided") - } - - ensure_resource('collectd::plugin', "match_${plugin}", {'order' => '02'} ) - - $fragment_order = "10_${rule}_1_${title}" - $conf_file = "${collectd::params::plugin_conf_dir}/filter-chain-${chain}.conf" - - concat::fragment{ "${conf_file}_${fragment_order}": - order => $fragment_order, - content => template('collectd/plugin/filter/match.erb'), - target => $conf_file, - } - -} diff --git a/module-collectd/manifests/plugin/filter/rule.pp b/module-collectd/manifests/plugin/filter/rule.pp deleted file mode 100644 index c755ca39f..000000000 --- a/module-collectd/manifests/plugin/filter/rule.pp +++ /dev/null @@ -1,23 +0,0 @@ -# https://collectd.org/wiki/index.php/Chains -define collectd::plugin::filter::rule ( - $chain, -) { - include collectd::params - include collectd::plugin::filter - - $fragment_order = "10_${title}" - $conf_file = "${collectd::params::plugin_conf_dir}/filter-chain-${chain}.conf" - - concat::fragment{ "${conf_file}_${fragment_order}_0": - order => "${fragment_order}_0", - content => " ", - target => $conf_file, - } - - concat::fragment{ "${conf_file}_${fragment_order}_99": - order => "${fragment_order}_99", - content => ' ', - target => $conf_file, - } - -} diff --git a/module-collectd/manifests/plugin/filter/target.pp b/module-collectd/manifests/plugin/filter/target.pp deleted file mode 100644 index 5b1b53bd6..000000000 --- a/module-collectd/manifests/plugin/filter/target.pp +++ /dev/null @@ -1,40 +0,0 @@ -# https://collectd.org/wiki/index.php/Chains -define collectd::plugin::filter::target ( - $chain, - $plugin, - $options = undef, - $rule = undef, -) { - include collectd::params - include collectd::plugin::filter - - unless $plugin in ['return','stop','write', 'jump'] or $plugin in $collectd::plugin::filter::plugin_targets { - fail("Unknown rule plugin '${plugin}' provided") - } - - # Load plugins - if $plugin in $collectd::plugin::filter::plugin_targets { - $order = 30 - ensure_resource('collectd::plugin', "target_${plugin}", {'order' => '02'} ) - } else { - # Built in plugins - $order = 50 - } - - if $rule { - # create target in rule - $fragment_order = "10_${rule}_${order}_${title}" - } else { - # create target after rules in chain - $fragment_order = "20_${order}_${title}" - } - - $conf_file = "${collectd::params::plugin_conf_dir}/filter-chain-${chain}.conf" - - concat::fragment{ "${conf_file}_${fragment_order}": - order => $fragment_order, - content => template('collectd/plugin/filter/target.erb'), - target => $conf_file, - } - -} diff --git a/module-collectd/manifests/plugin/genericjmx.pp b/module-collectd/manifests/plugin/genericjmx.pp deleted file mode 100644 index 5db8e89db..000000000 --- a/module-collectd/manifests/plugin/genericjmx.pp +++ /dev/null @@ -1,29 +0,0 @@ -# https://collectd.org/wiki/index.php/Plugin:GenericJMX -class collectd::plugin::genericjmx ( - $jvmarg = [], -) { - include collectd - include collectd::params - include collectd::plugin::java - $class_path = "${collectd::params::java_dir}/collectd-api.jar:${collectd::params::java_dir}/generic-jmx.jar" - $config_file = "${collectd::params::plugin_conf_dir}/15-genericjmx.conf" - - concat { $config_file: - mode => '0640', - owner => 'root', - group => $collectd::params::root_group, - notify => Service['collectd'], - ensure_newline => true, - } - concat::fragment { - 'collectd_plugin_genericjmx_conf_header': - order => '00', - content => template('collectd/plugin/genericjmx.conf.header.erb'), - target => $config_file; - 'collectd_plugin_genericjmx_conf_footer': - order => '99', - content => " \n\n", - target => $config_file; - } - -} diff --git a/module-collectd/manifests/plugin/genericjmx/connection.pp b/module-collectd/manifests/plugin/genericjmx/connection.pp deleted file mode 100644 index b08432e37..000000000 --- a/module-collectd/manifests/plugin/genericjmx/connection.pp +++ /dev/null @@ -1,16 +0,0 @@ -# https://collectd.org/wiki/index.php/Plugin:GenericJMX -define collectd::plugin::genericjmx::connection ( - $collect, - $service_url, - $host = $name, - $user = undef, - $password = undef, - $instance_prefix = undef, -) { - include collectd::plugin::genericjmx - concat::fragment { "collectd_plugin_genericjmx_conf_${name}": - order => 20, - content => template('collectd/plugin/genericjmx/connection.conf.erb'), - target => $collectd::plugin::genericjmx::config_file; - } -} diff --git a/module-collectd/manifests/plugin/genericjmx/mbean.pp b/module-collectd/manifests/plugin/genericjmx/mbean.pp deleted file mode 100644 index 98aa2d33d..000000000 --- a/module-collectd/manifests/plugin/genericjmx/mbean.pp +++ /dev/null @@ -1,17 +0,0 @@ -# https://collectd.org/wiki/index.php/Plugin:GenericJMX -define collectd::plugin::genericjmx::mbean ( - $object_name, - $values, - $instance_prefix = undef, - $instance_from = undef, -) { - include collectd::plugin::genericjmx - validate_array($values) - - concat::fragment { - "collectd_plugin_genericjmx_conf_${name}": - order => '10', - content => template('collectd/plugin/genericjmx/mbean.conf.erb'), - target => $collectd::plugin::genericjmx::config_file; - } -} diff --git a/module-collectd/manifests/plugin/interface.pp b/module-collectd/manifests/plugin/interface.pp deleted file mode 100644 index 0db3e75f0..000000000 --- a/module-collectd/manifests/plugin/interface.pp +++ /dev/null @@ -1,17 +0,0 @@ -# https://collectd.org/wiki/index.php/Plugin:Interface -class collectd::plugin::interface ( - $ensure = present, - $interfaces = [], - $ignoreselected = false, - $interval = undef, -) { - - validate_array($interfaces) - validate_bool($ignoreselected) - - collectd::plugin {'interface': - ensure => $ensure, - content => template('collectd/plugin/interface.conf.erb'), - interval => $interval, - } -} diff --git a/module-collectd/manifests/plugin/iptables.pp b/module-collectd/manifests/plugin/iptables.pp deleted file mode 100644 index bac12635f..000000000 --- a/module-collectd/manifests/plugin/iptables.pp +++ /dev/null @@ -1,24 +0,0 @@ -# https://collectd.org/wiki/index.php/Plugin:IPTables -class collectd::plugin::iptables ( - $ensure = present, - $ensure_package = present, - $manage_package = $true, - $chains = {}, - $interval = undef, -) { - validate_hash($chains) - - if $::osfamily == 'Redhat' { - if $manage_package { - package { 'collectd-iptables': - ensure => $ensure_package, - } - } - } - - collectd::plugin {'iptables': - ensure => $ensure, - content => template('collectd/plugin/iptables.conf.erb'), - interval => $interval, - } -} diff --git a/module-collectd/manifests/plugin/irq.pp b/module-collectd/manifests/plugin/irq.pp deleted file mode 100644 index 2cb533efe..000000000 --- a/module-collectd/manifests/plugin/irq.pp +++ /dev/null @@ -1,16 +0,0 @@ -# https://collectd.org/wiki/index.php/Plugin:IRQ -class collectd::plugin::irq ( - $ensure = present, - $irqs = [], - $ignoreselected = false, - $interval = undef, -) { - validate_array($irqs) - validate_bool($ignoreselected) - - collectd::plugin {'irq': - ensure => $ensure, - content => template('collectd/plugin/irq.conf.erb'), - interval => $interval, - } -} diff --git a/module-collectd/manifests/plugin/java.pp b/module-collectd/manifests/plugin/java.pp deleted file mode 100644 index 1ef6960ca..000000000 --- a/module-collectd/manifests/plugin/java.pp +++ /dev/null @@ -1,12 +0,0 @@ -# https://collectd.org/wiki/index.php/Plugin:Java -class collectd::plugin::java ( - $ensure = present, - $jvmarg = [], - $interval = undef, -) { - collectd::plugin { 'java': - ensure => $ensure, - content => template('collectd/plugin/java.conf.erb'), - interval => $interval, - } -} diff --git a/module-collectd/manifests/plugin/libvirt.pp b/module-collectd/manifests/plugin/libvirt.pp deleted file mode 100644 index b9b4a0497..000000000 --- a/module-collectd/manifests/plugin/libvirt.pp +++ /dev/null @@ -1,38 +0,0 @@ -# https://collectd.org/wiki/index.php/Plugin:libvirt -class collectd::plugin::libvirt ( - $connection, - $ensure = present, - $manage_package = $true, - $refresh_interval = undef, - $domain = undef, - $block_device = undef, - $interface_device = undef, - $ignore_selected = undef, - $hostname_format = undef, - $interface_format = undef, - $interval = undef, -) { - validate_string($connection) - - if $refresh_interval != undef { validate_re($refresh_interval, '^\d+$') } - if $domain != undef { validate_string($domain) } - if $block_device != undef { validate_string($block_device) } - if $interface_device != undef { validate_string($interface_device) } - if $ignore_selected != undef { validate_bool($ignore_selected) } - if $hostname_format != undef { validate_string($hostname_format) } - if $interface_format != undef { validate_string($interface_format) } - - if $::osfamily == 'RedHat' { - if $manage_package { - package { 'collectd-virt': - ensure => $ensure, - } - } - } - - collectd::plugin { 'libvirt': - ensure => $ensure, - content => template('collectd/plugin/libvirt.conf.erb'), - interval => $interval, - } -} diff --git a/module-collectd/manifests/plugin/load.pp b/module-collectd/manifests/plugin/load.pp deleted file mode 100644 index d79bcf281..000000000 --- a/module-collectd/manifests/plugin/load.pp +++ /dev/null @@ -1,10 +0,0 @@ -# https://collectd.org/wiki/index.php/Plugin:Load -class collectd::plugin::load ( - $ensure = present, - $interval = undef, -) { - collectd::plugin {'load': - ensure => $ensure, - interval => $interval, - } -} diff --git a/module-collectd/manifests/plugin/logfile.pp b/module-collectd/manifests/plugin/logfile.pp deleted file mode 100644 index e0e19fe6f..000000000 --- a/module-collectd/manifests/plugin/logfile.pp +++ /dev/null @@ -1,18 +0,0 @@ -# https://collectd.org/wiki/index.php/Plugin:LogFile -class collectd::plugin::logfile ( - $ensure = present, - $interval = undef, - $log_level = 'info', - $log_file = '/var/log/collectd.log', - $log_timestamp = true, - $print_severity = false -) { - collectd::plugin { 'logfile': - ensure => $ensure, - content => template('collectd/plugin/logfile.conf.erb'), - interval => $interval, - # Load logging plugin first - # https://github.com/puppet-community/puppet-collectd/pull/166#issuecomment-50591413 - order => '05', - } -} diff --git a/module-collectd/manifests/plugin/lvm.pp b/module-collectd/manifests/plugin/lvm.pp deleted file mode 100644 index 73789d835..000000000 --- a/module-collectd/manifests/plugin/lvm.pp +++ /dev/null @@ -1,20 +0,0 @@ -# https://collectd.org/wiki/index.php/Plugin:LVM -class collectd::plugin::lvm ( - $ensure = present, - $manage_package = $true, - $interval = undef, -) { - - if $::osfamily == 'Redhat' { - if $manage_package { - package { 'collectd-lvm': - ensure => $ensure, - } - } - } - - collectd::plugin {'lvm': - ensure => $ensure, - interval => $interval, - } -} diff --git a/module-collectd/manifests/plugin/memcached.pp b/module-collectd/manifests/plugin/memcached.pp deleted file mode 100644 index 1e360958f..000000000 --- a/module-collectd/manifests/plugin/memcached.pp +++ /dev/null @@ -1,13 +0,0 @@ -# https://collectd.org/wiki/index.php/Plugin:memcached -class collectd::plugin::memcached ( - $ensure = present, - $host = '127.0.0.1', - $interval = undef, - $port = 11211, -) { - collectd::plugin {'memcached': - ensure => $ensure, - content => template('collectd/plugin/memcached.conf.erb'), - interval => $interval, - } -} diff --git a/module-collectd/manifests/plugin/memory.pp b/module-collectd/manifests/plugin/memory.pp deleted file mode 100644 index 0e083dc15..000000000 --- a/module-collectd/manifests/plugin/memory.pp +++ /dev/null @@ -1,19 +0,0 @@ -# https://collectd.org/wiki/index.php/Plugin:Memory -class collectd::plugin::memory ( - $ensure = present, - $valuesabsolute = true, - $valuespercentage = false, - $interval = undef, -) { - - validate_bool( - $valuesabsolute, - $valuespercentage, - ) - - collectd::plugin {'memory': - ensure => $ensure, - content => template('collectd/plugin/memory.conf.erb'), - interval => $interval, - } -} diff --git a/module-collectd/manifests/plugin/mongodb.pp b/module-collectd/manifests/plugin/mongodb.pp deleted file mode 100644 index 58fb42528..000000000 --- a/module-collectd/manifests/plugin/mongodb.pp +++ /dev/null @@ -1,43 +0,0 @@ -# Class: collectd::plugin::mongodb -# -class collectd::plugin::mongodb ( - $ensure = 'present', - $interval = undef, - $db_host = '127.0.0.1', - $db_user = undef, - $db_pass = undef, - $db_port = undef, - $configured_dbs = undef, - $collectd_dir = '/usr/lib/collectd', -) { - - validate_re($ensure,'^(present)|(absent)$', - "collectd::plugin::mongodb::ensure is <${ensure}> and must be either 'present' or 'absent'.") - - if $interval != undef { - validate_numeric($interval) - } - - if $configured_dbs != undef { - validate_array($configured_dbs) - if ( $db_port == undef ) { fail('db_port is undefined, but must be set if configured_dbs is set.') } - validate_string($db_port) - } - - if ( $db_host != undef ) and ( is_ip_address($db_host) == false ) { - fail("collectd::plugin::mongodb::db_host is <${db_host}> and must be a valid IP address.") - } - - if $db_user == undef { - fail('collectd::plugin::mongodb::db_user is and must be a mongodb username') - } - elsif $db_pass == undef { - fail("collectd::plugin::mongodb::db_pass is , please specify the password for db user: ${db_user}") - } - - collectd::plugin { 'mongodb': - ensure => $ensure, - content => template('collectd/plugin/mongodb.conf.erb'), - interval => $interval, - } -} diff --git a/module-collectd/manifests/plugin/mysql.pp b/module-collectd/manifests/plugin/mysql.pp deleted file mode 100644 index 3ae75a129..000000000 --- a/module-collectd/manifests/plugin/mysql.pp +++ /dev/null @@ -1,20 +0,0 @@ -# MySQL plugin -# https://collectd.org/wiki/index.php/Plugin:MySQL -class collectd::plugin::mysql ( - $ensure = present, - $manage_package = $true, - $interval = undef, -){ - - if $::osfamily == 'Redhat' { - if $manage_package { - package { 'collectd-mysql': - ensure => $ensure, - } - } - } - - collectd::plugin { 'mysql': - interval => $interval, - } -} diff --git a/module-collectd/manifests/plugin/mysql/database.pp b/module-collectd/manifests/plugin/mysql/database.pp deleted file mode 100644 index 902e25f71..000000000 --- a/module-collectd/manifests/plugin/mysql/database.pp +++ /dev/null @@ -1,43 +0,0 @@ -# -define collectd::plugin::mysql::database ( - $ensure = 'present', - $database = $name, - $host = 'UNSET', - $username = 'UNSET', - $password = 'UNSET', - $port = '3306', - $masterstats = false, - $slavestats = false, - $socket = undef, - $innodbstats = undef, - $slavenotifications = undef, -) { - include collectd::params - include collectd::plugin::mysql - - $conf_dir = $collectd::params::plugin_conf_dir - - validate_string($database, $host, $username, $password, $port) - validate_bool($masterstats, $slavestats) - if $socket { - validate_string($socket) - } - - if $innodbstats != undef { - validate_bool($innodbstats) - } - - if $slavenotifications != undef { - validate_bool($slavenotifications) - } - - file { "${name}.conf": - ensure => $ensure, - path => "${conf_dir}/mysql-${name}.conf", - mode => '0640', - owner => 'root', - group => $collectd::params::root_group, - content => template('collectd/mysql-database.conf.erb'), - notify => Service['collectd'], - } -} diff --git a/module-collectd/manifests/plugin/netlink.pp b/module-collectd/manifests/plugin/netlink.pp deleted file mode 100644 index 719ab43dd..000000000 --- a/module-collectd/manifests/plugin/netlink.pp +++ /dev/null @@ -1,30 +0,0 @@ -# https://collectd.org/wiki/index.php/Plugin:Netlink -class collectd::plugin::netlink ( - $ensure = present, - $manage_package = true, - $interfaces = [], - $verboseinterfaces = [], - $qdiscs = [], - $classes = [], - $filters = [], - $ignoreselected = false, - $interval = undef, -) { - - validate_array($interfaces, $verboseinterfaces, $qdiscs, $classes, $filters) - validate_bool($ignoreselected) - - if $::osfamily == 'Redhat' { - if $manage_package { - package { 'collectd-netlink': - ensure => $ensure, - } - } - } - - collectd::plugin {'netlink': - ensure => $ensure, - content => template('collectd/plugin/netlink.conf.erb'), - interval => $interval, - } -} diff --git a/module-collectd/manifests/plugin/network.pp b/module-collectd/manifests/plugin/network.pp deleted file mode 100644 index d3bed9511..000000000 --- a/module-collectd/manifests/plugin/network.pp +++ /dev/null @@ -1,29 +0,0 @@ -# https://collectd.org/wiki/index.php/Plugin:Network -class collectd::plugin::network ( - $ensure = present, - $timetolive = undef, - $maxpacketsize = undef, - $forward = undef, - $interval = undef, - $reportstats = undef, - $listeners = { }, - $servers = { }, -) { - if $timetolive { - validate_re($timetolive, '[0-9]+') - } - if $maxpacketsize { - validate_re($maxpacketsize, '[0-9]+') - } - - collectd::plugin {'network': - ensure => $ensure, - content => template('collectd/plugin/network.conf.erb'), - interval => $interval, - } - $defaults = { - 'ensure' => $ensure - } - create_resources(collectd::plugin::network::listener, $listeners, $defaults) - create_resources(collectd::plugin::network::server, $servers, $defaults) -} diff --git a/module-collectd/manifests/plugin/network/listener.pp b/module-collectd/manifests/plugin/network/listener.pp deleted file mode 100644 index 836300dec..000000000 --- a/module-collectd/manifests/plugin/network/listener.pp +++ /dev/null @@ -1,24 +0,0 @@ -# -define collectd::plugin::network::listener ( - $ensure = 'present', - $authfile = undef, - $port = undef, - $securitylevel = undef, - $interface = undef, -) { - include collectd::params - include collectd::plugin::network - - $conf_dir = $collectd::params::plugin_conf_dir - - validate_string($name) - - file { "${conf_dir}/network-listener-${name}.conf": - ensure => $ensure, - mode => '0640', - owner => 'root', - group => $collectd::params::root_group, - content => template('collectd/plugin/network/listener.conf.erb'), - notify => Service['collectd'], - } -} diff --git a/module-collectd/manifests/plugin/network/server.pp b/module-collectd/manifests/plugin/network/server.pp deleted file mode 100644 index c271b5e31..000000000 --- a/module-collectd/manifests/plugin/network/server.pp +++ /dev/null @@ -1,26 +0,0 @@ -# -define collectd::plugin::network::server ( - $ensure = 'present', - $username = undef, - $password = undef, - $port = undef, - $securitylevel = undef, - $interface = undef, - $forward = undef, -) { - include collectd::params - include collectd::plugin::network - - $conf_dir = $collectd::params::plugin_conf_dir - - validate_string($name) - - file { "${conf_dir}/network-server-${name}.conf": - ensure => $ensure, - mode => '0640', - owner => 'root', - group => $collectd::params::root_group, - content => template('collectd/plugin/network/server.conf.erb'), - notify => Service['collectd'], - } -} diff --git a/module-collectd/manifests/plugin/nfs.pp b/module-collectd/manifests/plugin/nfs.pp deleted file mode 100644 index a9c72582c..000000000 --- a/module-collectd/manifests/plugin/nfs.pp +++ /dev/null @@ -1,10 +0,0 @@ -# https://collectd.org/wiki/index.php/Plugin:NFS -class collectd::plugin::nfs ( - $ensure = present, - $interval = undef, -) { - collectd::plugin {'nfs': - ensure => $ensure, - interval => $interval, - } -} diff --git a/module-collectd/manifests/plugin/nginx.pp b/module-collectd/manifests/plugin/nginx.pp deleted file mode 100644 index efe484a0e..000000000 --- a/module-collectd/manifests/plugin/nginx.pp +++ /dev/null @@ -1,27 +0,0 @@ -# https://collectd.org/wiki/index.php/Plugin:nginx -class collectd::plugin::nginx ( - $url, - $manage_package = $true, - $ensure = present, - $user = undef, - $password = undef, - $verifypeer = undef, - $verifyhost = undef, - $cacert = undef, - $interval = undef, -) { - - if $::osfamily == 'Redhat' { - if $manage_package { - package { 'collectd-nginx': - ensure => $ensure, - } - } - } - - collectd::plugin {'nginx': - ensure => $ensure, - content => template('collectd/plugin/nginx.conf.erb'), - interval => $interval, - } -} diff --git a/module-collectd/manifests/plugin/ntpd.pp b/module-collectd/manifests/plugin/ntpd.pp deleted file mode 100644 index e0d21f0b1..000000000 --- a/module-collectd/manifests/plugin/ntpd.pp +++ /dev/null @@ -1,15 +0,0 @@ -# https://collectd.org/wiki/index.php/Plugin:NTPd -class collectd::plugin::ntpd ( - $ensure = present, - $host = 'localhost', - $port = 123, - $reverselookups = false, - $includeunitid = false, - $interval = undef, -) { - collectd::plugin {'ntpd': - ensure => $ensure, - content => template('collectd/plugin/ntpd.conf.erb'), - interval => $interval, - } -} diff --git a/module-collectd/manifests/plugin/openvpn.pp b/module-collectd/manifests/plugin/openvpn.pp deleted file mode 100644 index 41c7d17d1..000000000 --- a/module-collectd/manifests/plugin/openvpn.pp +++ /dev/null @@ -1,32 +0,0 @@ -# https://collectd.org/wiki/index.php/Plugin:OpenVPN -class collectd::plugin::openvpn ( - $ensure = present, - $statusfile = '/etc/openvpn/openvpn-status.log', - $improvednamingschema = false, - $collectcompression = true, - $collectindividualusers = true, - $collectusercount = false, - $interval = undef, -) { - if is_string($statusfile) { - validate_absolute_path($statusfile) - $statusfiles = [ $statusfile ] - } elsif is_array($statusfile) { - $statusfiles = $statusfile - } else { - fail("statusfile must be either array or string: ${statusfile}") - } - - validate_bool( - $improvednamingschema, - $collectcompression, - $collectindividualusers, - $collectusercount, - ) - - collectd::plugin {'openvpn': - ensure => $ensure, - content => template('collectd/plugin/openvpn.conf.erb'), - interval => $interval, - } -} diff --git a/module-collectd/manifests/plugin/perl.pp b/module-collectd/manifests/plugin/perl.pp deleted file mode 100644 index 6ec0d1b0b..000000000 --- a/module-collectd/manifests/plugin/perl.pp +++ /dev/null @@ -1,35 +0,0 @@ -# See http://collectd.org/documentation/manpages/collectd-perl.5.shtml -class collectd::plugin::perl ( - $ensure = present, - $manage_package = $true, - $interval = undef, - $order = 20 -) -{ - include collectd::params - $conf_dir = $collectd::params::plugin_conf_dir - - if $::osfamily == 'Redhat' { - if $manage_package { - package { 'collectd-perl': - ensure => $ensure, - } - } - } - - collectd::plugin { 'perl': - ensure => $ensure, - globals => true, - interval => $interval, - order => $order, - content => template('collectd/plugin/perl.conf.erb'), - } - - file { "${conf_dir}/perl": - ensure => directory, - mode => '0755', - owner => $collectd::params::root_user, - group => $collectd::params::root_group, - } -} - diff --git a/module-collectd/manifests/plugin/perl/plugin.pp b/module-collectd/manifests/plugin/perl/plugin.pp deleted file mode 100644 index 8c3f21e61..000000000 --- a/module-collectd/manifests/plugin/perl/plugin.pp +++ /dev/null @@ -1,85 +0,0 @@ -# -define collectd::plugin::perl::plugin ( - $module, - $manage_package = true, - $enable_debugger = false, - $include_dir = false, - $provider = false, - $source = false, - $destination = false, - $order = '01', - $config = {}, -) { - include collectd::params - if ! defined(Class['Collectd::Plugin::Perl']) { - include collectd::plugin::perl - } - - validate_hash($config) - validate_re($order, '\d+') - if $enable_debugger { - validate_string($enable_debugger) - } - if $include_dir { - if is_string($include_dir) { - $include_dirs = [ $include_dir ] - } elsif is_array($include_dir) { - $include_dirs = $include_dir - } else { - fail("include_dir must be either array or string: ${include_dir}") - } - } else { - $include_dirs = [] - } - - $conf_dir = $collectd::params::plugin_conf_dir - $base_filename = $collectd::plugin::perl::filename - $filename = "${conf_dir}/perl/plugin-${order}_${name}.conf" - - file { $filename: - owner => $collectd::params::root_user, - group => $collectd::params::root_group, - mode => '0644', - content => template('collectd/plugin/perl/plugin.erb'), - } - - case $provider { - 'package': { - validate_string($source) - if $manage_package { - package { $source: - require => Collectd::Plugin['perl'], - } - } - } - 'cpan': { - validate_string($source) - include cpan - cpan { $source: - require => Collectd::Plugin['perl'], - } - } - 'file': { - validate_string($source) - validate_string($destination) - file { "collectd_plugin_perl_${name}.pm": - path => "${destination}/${module}.pm", - mode => '0644', - source => $source, - require => Collectd::Plugin['perl'], - } - } - false: { - # this will fail if perl collectd plugin module is not installed - $include_dirs_prefixed = prefix($include_dirs, '-I') - $include_dirs_prefixed_joined = join($include_dirs_prefixed,' ') - exec { "perl ${include_dirs_prefixed_joined} -e 'my\$m=shift;eval\"use \$m\";exit!exists\$INC{\$m=~s!::!/!gr.\".pm\"}' ${module}": - path => $::path - } - } - default: { - fail("Unsupported provider: ${provider}. Use 'package', 'cpan', - 'file' or false.") - } - } -} diff --git a/module-collectd/manifests/plugin/ping.pp b/module-collectd/manifests/plugin/ping.pp deleted file mode 100644 index 1c47355ff..000000000 --- a/module-collectd/manifests/plugin/ping.pp +++ /dev/null @@ -1,30 +0,0 @@ -# See http://collectd.org/documentation/manpages/collectd.conf.5.shtml#plugin_ping -class collectd::plugin::ping ( - $hosts, - $ensure = present, - $manage_package = true, - $interval = undef, - $timeout = undef, - $ttl = undef, - $source_address = undef, - $device = undef, - $max_missed = undef, -) { - include collectd::params - - validate_array($hosts) - - if $::osfamily == 'Redhat' { - if $manage_package { - package { 'collectd-ping': - ensure => $ensure, - } - } - } - - collectd::plugin { 'ping': - ensure => $ensure, - interval => $interval, - content => template('collectd/plugin/ping.conf.erb'), - } -} diff --git a/module-collectd/manifests/plugin/postgresql.pp b/module-collectd/manifests/plugin/postgresql.pp deleted file mode 100644 index 964b96359..000000000 --- a/module-collectd/manifests/plugin/postgresql.pp +++ /dev/null @@ -1,50 +0,0 @@ -# https://collectd.org/wiki/index.php/Plugin:PostgreSQL -class collectd::plugin::postgresql ( - $ensure = present, - $manage_package = $true, - $databases = { }, - $interval = undef, - $queries = { }, - $writers = { }, -) { - include collectd::params - - if $::osfamily == 'Redhat' { - if $manage_package { - package { 'collectd-postgresql': - ensure => $ensure, - } - } - } - - collectd::plugin {'postgresql': - ensure => $ensure, - interval => $interval, - } - - concat{"${collectd::params::plugin_conf_dir}/postgresql-config.conf": - ensure => $ensure, - mode => '0640', - owner => 'root', - group => $collectd::params::root_group, - notify => Service['collectd'], - ensure_newline => true, - } - concat::fragment{'collectd_plugin_postgresql_conf_header': - order => '00', - content => '', - target => "${collectd::params::plugin_conf_dir}/postgresql-config.conf", - } - concat::fragment{'collectd_plugin_postgresql_conf_footer': - order => '99', - content => '', - target => "${collectd::params::plugin_conf_dir}/postgresql-config.conf", - } - - $defaults = { - 'ensure' => $ensure - } - create_resources(collectd::plugin::postgresql::database, $databases, $defaults) - create_resources(collectd::plugin::postgresql::query, $queries, $defaults) - create_resources(collectd::plugin::postgresql::writer, $writers, $defaults) -} diff --git a/module-collectd/manifests/plugin/postgresql/database.pp b/module-collectd/manifests/plugin/postgresql/database.pp deleted file mode 100644 index 67eb06bc9..000000000 --- a/module-collectd/manifests/plugin/postgresql/database.pp +++ /dev/null @@ -1,27 +0,0 @@ -# databasename allows you to create blocks with the same name of database, -# useful if you have multiple instances of different version of pg -define collectd::plugin::postgresql::database ( - $ensure = 'present', - $host = undef, - $databasename = $name, - $port = undef, - $user = undef, - $password = undef, - $sslmode = undef, - $query = [], - $interval = undef, - $instance = undef, - $krbsrvname = undef, - $writer = undef, - $service = undef, -){ - include collectd::params - include collectd::plugin::postgresql - - concat::fragment{"collectd_plugin_postgresql_conf_db_${title}": - ensure => $ensure, - order => '50', - target => "${collectd::params::plugin_conf_dir}/postgresql-config.conf", - content => template('collectd/plugin/postgresql/database.conf.erb'), - } -} diff --git a/module-collectd/manifests/plugin/postgresql/query.pp b/module-collectd/manifests/plugin/postgresql/query.pp deleted file mode 100644 index dc2168aee..000000000 --- a/module-collectd/manifests/plugin/postgresql/query.pp +++ /dev/null @@ -1,22 +0,0 @@ -# -define collectd::plugin::postgresql::query ( - $ensure = 'present', - $statement = undef, - $params = [], - $results = [{}], - $minversion = undef, - $maxversion = undef, -){ - include collectd::params - include collectd::plugin::postgresql - - validate_string($statement) - validate_array($params, $results) - - concat::fragment{"collectd_plugin_postgresql_conf_query_${title}": - ensure => $ensure, - order => '30', - target => "${collectd::params::plugin_conf_dir}/postgresql-config.conf", - content => template('collectd/plugin/postgresql/query.conf.erb'), - } -} diff --git a/module-collectd/manifests/plugin/postgresql/writer.pp b/module-collectd/manifests/plugin/postgresql/writer.pp deleted file mode 100644 index 3fb61ff2a..000000000 --- a/module-collectd/manifests/plugin/postgresql/writer.pp +++ /dev/null @@ -1,18 +0,0 @@ -# -define collectd::plugin::postgresql::writer ( - $ensure = 'present', - $statement = undef, - $storerates = undef, -){ - include collectd::params - include collectd::plugin::postgresql - - validate_string($statement) - - concat::fragment{"collectd_plugin_postgresql_conf_writer_${title}": - ensure => $ensure, - order => '40', - target => "${collectd::params::plugin_conf_dir}/postgresql-config.conf", - content => template('collectd/plugin/postgresql/writer.conf.erb'), - } -} diff --git a/module-collectd/manifests/plugin/processes.pp b/module-collectd/manifests/plugin/processes.pp deleted file mode 100644 index e0be261de..000000000 --- a/module-collectd/manifests/plugin/processes.pp +++ /dev/null @@ -1,60 +0,0 @@ -# See http://collectd.org/documentation/manpages/collectd.conf.5.shtml#plugin_processes -class collectd::plugin::processes ( - $ensure = present, - $order = 10, - $interval = undef, - $processes = undef, - $process_matches = undef, -) { - if $processes { validate_array($processes) } - if $process_matches { validate_array($process_matches) } - - include collectd::params - - collectd::plugin {'processes': - ensure => $ensure, - order => $order, - interval => $interval, - } - - if ( $processes or $process_matches ) { - $process_config_ensure = present - } else { - $process_config_ensure = absent - } - - concat{"${collectd::params::plugin_conf_dir}/processes-config.conf": - ensure => $process_config_ensure, - mode => '0640', - owner => 'root', - group => $collectd::params::root_group, - notify => Service['collectd'], - ensure_newline => true, - } - concat::fragment{'collectd_plugin_processes_conf_header': - ensure => $process_config_ensure, - order => '00', - content => '', - target => "${collectd::params::plugin_conf_dir}/processes-config.conf", - } - concat::fragment{'collectd_plugin_processes_conf_footer': - ensure => $process_config_ensure, - order => '99', - content => '', - target => "${collectd::params::plugin_conf_dir}/processes-config.conf", - } - - if $processes { - collectd::plugin::processes::process { $processes : } - } - if $process_matches { - $process_matches_resources = collectd_convert_processmatch($process_matches) - $defaults = { 'ensure' => $ensure } - create_resources( - collectd::plugin::processes::processmatch, - $process_matches_resources, - $defaults - ) - } - -} diff --git a/module-collectd/manifests/plugin/processes/process.pp b/module-collectd/manifests/plugin/processes/process.pp deleted file mode 100644 index f2cac9035..000000000 --- a/module-collectd/manifests/plugin/processes/process.pp +++ /dev/null @@ -1,16 +0,0 @@ -define collectd::plugin::processes::process ( - $process = $name, - $ensure = 'present' -){ - - include collectd::plugin::processes - include collectd::params - - concat::fragment{"collectd_plugin_processes_conf_process_${process}": - ensure => $ensure, - order => '50', - content => "Process \"${process}\"\n", - target => "${collectd::params::plugin_conf_dir}/processes-config.conf" - } - -} diff --git a/module-collectd/manifests/plugin/processes/processmatch.pp b/module-collectd/manifests/plugin/processes/processmatch.pp deleted file mode 100644 index d524091ea..000000000 --- a/module-collectd/manifests/plugin/processes/processmatch.pp +++ /dev/null @@ -1,17 +0,0 @@ -define collectd::plugin::processes::processmatch ( - $regex, - $ensure = 'present', - $matchname = $name -){ - - include collectd::plugin::processes - include collectd::params - - concat::fragment{"collectd_plugin_processes_conf_processmatch_${matchname}": - ensure => $ensure, - order => '51', - content => "ProcessMatch \"${matchname}\" \"${regex}\"\n", - target => "${collectd::params::plugin_conf_dir}/processes-config.conf" - } - -} diff --git a/module-collectd/manifests/plugin/protocols.pp b/module-collectd/manifests/plugin/protocols.pp deleted file mode 100644 index 81d8fd0bc..000000000 --- a/module-collectd/manifests/plugin/protocols.pp +++ /dev/null @@ -1,19 +0,0 @@ -# See http://collectd.org/documentation/manpages/collectd.conf.5.shtml#plugin_protocols -class collectd::plugin::protocols ( - $ensure = present, - $ignoreselected = false, - $values = [] -) { - - validate_array( - $values, - ) - validate_bool( - $ignoreselected, - ) - - collectd::plugin {'protocols': - ensure => $ensure, - content => template('collectd/plugin/protocols.conf.erb'), - } -} diff --git a/module-collectd/manifests/plugin/python.pp b/module-collectd/manifests/plugin/python.pp deleted file mode 100644 index 1b38cfb9c..000000000 --- a/module-collectd/manifests/plugin/python.pp +++ /dev/null @@ -1,81 +0,0 @@ -# See http://collectd.org/documentation/manpages/collectd.conf.5.shtml#plugin_python -class collectd::plugin::python ( - $modulepaths = [], - $ensure = present, - $modules = {}, - # Unlike most other plugins, this one should set "Globals true". This will cause collectd - # to export the name of all objects in the Python interpreter for all plugins to see. - $globals = true, - $order = '10', - $interval = undef, - # Python 2 defaults to 'ascii' and Python 3 to 'utf-8' - $encoding = undef, - $interactive = false, - $logtraces = false, -) { - include collectd::params - - validate_hash($modules) - validate_bool($interactive) - validate_bool($logtraces) - validate_bool($globals) - validate_array($modulepaths) - - $module_dirs = empty($modulepaths) ? { - true => [$collectd::params::python_dir], - # use paths provided by the user - false => $modulepaths - } - - collectd::plugin {'python': - ensure => $ensure, - interval => $interval, - order => $order, - globals => $globals, - } - - $ensure_modulepath = $ensure ? { - 'absent' => $ensure, - default => 'directory', - } - - ensure_resource('file', $module_dirs, - { - 'ensure' => $ensure_modulepath, - 'mode' => '0750', - 'owner' => 'root', - 'group' => $collectd::params::root_group, - 'require' => Package[$collectd::params::package] - } - ) - - # should be loaded after global plugin configuration - $python_conf = "${collectd::params::plugin_conf_dir}/python-config.conf" - - concat{ $python_conf: - ensure => $ensure, - mode => '0640', - owner => 'root', - group => $collectd::params::root_group, - notify => Service['collectd'], - ensure_newline => true, - } - - concat::fragment{'collectd_plugin_python_conf_header': - order => '00', - content => template('collectd/plugin/python/header.conf.erb'), - target => $python_conf, - } - - concat::fragment{'collectd_plugin_python_conf_footer': - order => '99', - content => '', - target => $python_conf, - } - - $defaults = { - 'ensure' => $ensure, - 'modulepath' => $module_dirs[0], - } - create_resources(collectd::plugin::python::module, $modules, $defaults) -} diff --git a/module-collectd/manifests/plugin/python/module.pp b/module-collectd/manifests/plugin/python/module.pp deleted file mode 100644 index 94a92bc2f..000000000 --- a/module-collectd/manifests/plugin/python/module.pp +++ /dev/null @@ -1,39 +0,0 @@ -# Single module definition -define collectd::plugin::python::module ( - $config, - $modulepath = undef, - $script_source = undef, - $module = $title, - $ensure = 'present', -){ - include collectd::params - include collectd::plugin::python - - validate_hash($config) - - $module_dir = $modulepath ? { - undef => $collectd::params::python_dir, - default => $modulepath - } - validate_absolute_path($module_dir) - - if $script_source { - file { "${module}.script": - ensure => $ensure, - path => "${module_dir}/${module}.py", - owner => 'root', - group => $collectd::params::root_group, - mode => '0640', - source => $script_source, - require => File[$module_dir], - notify => Service['collectd'], - } - } - - concat::fragment{"collectd_plugin_python_conf_${module}": - ensure => $ensure, - order => '50', # somewhere between header and footer - target => $collectd::plugin::python::python_conf, - content => template('collectd/plugin/python/module.conf.erb'), - } -} diff --git a/module-collectd/manifests/plugin/redis.pp b/module-collectd/manifests/plugin/redis.pp deleted file mode 100644 index eee54b4ea..000000000 --- a/module-collectd/manifests/plugin/redis.pp +++ /dev/null @@ -1,20 +0,0 @@ -# https://collectd.org/wiki/index.php/Plugin:Redis -class collectd::plugin::redis ( - $ensure = 'present', - $interval = undef, - $nodes = { 'redis' => { - 'host' => 'localhost', - 'port' => '6379', - 'timeout' => 2000, - } - }, -) { - - validate_hash($nodes) - - collectd::plugin {'redis': - ensure => $ensure, - content => template('collectd/plugin/redis.conf.erb'), - interval => $interval, - } -} diff --git a/module-collectd/manifests/plugin/rrdcached.pp b/module-collectd/manifests/plugin/rrdcached.pp deleted file mode 100644 index 2f175a63e..000000000 --- a/module-collectd/manifests/plugin/rrdcached.pp +++ /dev/null @@ -1,24 +0,0 @@ -# https://collectd.org/wiki/index.php/Rrdcached -class collectd::plugin::rrdcached ( - $ensure = present, - $daemonaddress = 'unix:/tmp/rrdcached.sock', - $datadir = '/var/lib/rrdcached/db/collectd', - $createfiles = true, - $createfilesasync = false, - $stepsize = undef, - $heartbeat = undef, - $interval = undef, - $rrarows = undef, - $rratimespan = [], - $xff = undef, - $collectstatistics = undef, -) { - validate_array($rratimespan) - validate_bool($createfiles, $createfilesasync) - - collectd::plugin {'rrdcached': - ensure => $ensure, - content => template('collectd/plugin/rrdcached.conf.erb'), - interval => $interval, - } -} diff --git a/module-collectd/manifests/plugin/rrdtool.pp b/module-collectd/manifests/plugin/rrdtool.pp deleted file mode 100644 index c00fdef58..000000000 --- a/module-collectd/manifests/plugin/rrdtool.pp +++ /dev/null @@ -1,60 +0,0 @@ -# https://collectd.org/wiki/index.php/Plugin:RRDtool -class collectd::plugin::rrdtool ( - $ensure = present, - $manage_package = true, - $datadir = '/var/lib/collectd/rrd', - $createfilesasync = false, - $interval = undef, - $rrarows = 1200, - $rratimespan = [3600, 86400, 604800, 2678400, 31622400], - $xff = 0.1, - $cacheflush = 900, - $cachetimeout = 120, - $writespersecond = 50 -) { - validate_string( - $datadir - ) - - validate_bool( - $createfilesasync - ) - - if $rrarows and ! is_integer($rrarows) { - fail('rrarows must be an integer!') - } - - validate_array( - $rratimespan - ) - - if $xff and ! is_float($xff) { - fail('xff must be a float!') - } - - if $cacheflush and ! is_integer($cacheflush) { - fail('cacheflush must be an integer!') - } - - if $cachetimeout and ! is_integer($cachetimeout) { - fail('cachetimeout must be an integer!') - } - - if $writespersecond and ! is_integer($writespersecond) { - fail('writespersecond must be an integer!') - } - - if $::osfamily == 'RedHat' { - if $manage_package { - package { 'collectd-rrdtool': - ensure => $ensure, - } - } - } - - collectd::plugin {'rrdtool': - ensure => $ensure, - content => template('collectd/plugin/rrdtool.conf.erb'), - interval => $interval, - } -} diff --git a/module-collectd/manifests/plugin/sensors.pp b/module-collectd/manifests/plugin/sensors.pp deleted file mode 100644 index 1197b64db..000000000 --- a/module-collectd/manifests/plugin/sensors.pp +++ /dev/null @@ -1,24 +0,0 @@ -# https://collectd.org/wiki/index.php/Plugin:Sensors -class collectd::plugin::sensors ( - $ensure = present, - $manage_package = $true, - $sensorconfigfile = undef, - $sensor = undef, - $ignoreselected = undef, - $interval = undef, -) { - - if $::osfamily == 'Redhat' { - if $manage_package { - package { 'collectd-sensors': - ensure => $ensure, - } - } - } - - collectd::plugin {'sensors': - ensure => $ensure, - content => template('collectd/plugin/sensors.conf.erb'), - interval => $interval, - } -} diff --git a/module-collectd/manifests/plugin/snmp.pp b/module-collectd/manifests/plugin/snmp.pp deleted file mode 100644 index a2a6a2b76..000000000 --- a/module-collectd/manifests/plugin/snmp.pp +++ /dev/null @@ -1,22 +0,0 @@ -# https://collectd.org/wiki/index.php/Plugin:SNMP -class collectd::plugin::snmp ( - $ensure = present, - $manage_package = $true, - $data = {}, - $hosts = {}, - $interval = undef, -) { - if $::osfamily == 'Redhat' { - if $manage_package { - package { 'collectd-snmp': - ensure => $ensure, - } - } - } - - collectd::plugin {'snmp': - ensure => $ensure, - content => template('collectd/plugin/snmp.conf.erb'), - interval => $interval, - } -} diff --git a/module-collectd/manifests/plugin/snmp/data.pp b/module-collectd/manifests/plugin/snmp/data.pp deleted file mode 100644 index be1691be8..000000000 --- a/module-collectd/manifests/plugin/snmp/data.pp +++ /dev/null @@ -1,29 +0,0 @@ -# https://collectd.org/wiki/index.php/Plugin:SNMP -define collectd::plugin::snmp::data ( - $instance, - $type, - $values, - $ensure = present, - $instanceprefix = undef, - $scale = undef, - $shift = undef, - $table = false, -) { - include collectd - include collectd::plugin::snmp - - $table_bool = str2bool($table) - - $conf_dir = $collectd::params::plugin_conf_dir - $root_group = $collectd::params::root_group - - file { "snmp-data-${name}.conf": - ensure => $ensure, - path => "${conf_dir}/15-snmp-data-${name}.conf", - owner => 'root', - group => $root_group, - mode => '0640', - content => template('collectd/plugin/snmp/data.conf.erb'), - notify => Service['collectd']; - } -} diff --git a/module-collectd/manifests/plugin/snmp/host.pp b/module-collectd/manifests/plugin/snmp/host.pp deleted file mode 100644 index 7438e4e68..000000000 --- a/module-collectd/manifests/plugin/snmp/host.pp +++ /dev/null @@ -1,27 +0,0 @@ -# https://collectd.org/wiki/index.php/Plugin:SNMP -define collectd::plugin::snmp::host ( - $collect, - $ensure = present, - $address = $name, - $version = '1', - $community = 'public', - $interval = undef, -) { - include collectd - include collectd::plugin::snmp - - validate_re($version, '^[12]$', 'only snmp versions 1 and 2 are supported') - - $conf_dir = $collectd::params::plugin_conf_dir - $root_group = $collectd::params::root_group - - file { "snmp-host-${name}.conf": - ensure => $ensure, - path => "${conf_dir}/25-snmp-host-${name}.conf", - owner => 'root', - group => $root_group, - mode => '0640', - content => template('collectd/plugin/snmp/host.conf.erb'), - notify => Service['collectd']; - } -} diff --git a/module-collectd/manifests/plugin/statsd.pp b/module-collectd/manifests/plugin/statsd.pp deleted file mode 100644 index e54c5bab7..000000000 --- a/module-collectd/manifests/plugin/statsd.pp +++ /dev/null @@ -1,23 +0,0 @@ -# https://collectd.org/wiki/index.php/Plugin:StatsD -class collectd::plugin::statsd ( - $ensure = present, - $host = undef, - $port = undef, - $deletecounters = undef, - $deletetimers = undef, - $deletegauges = undef, - $deletesets = undef, - $interval = undef, - $timerpercentile = undef, - $timerlower = undef, - $timerupper = undef, - $timersum = undef, - $timercount = undef, -) { - - collectd::plugin {'statsd': - ensure => $ensure, - content => template('collectd/plugin/statsd.conf.erb'), - interval => $interval, - } -} diff --git a/module-collectd/manifests/plugin/swap.pp b/module-collectd/manifests/plugin/swap.pp deleted file mode 100644 index 60c0ae48f..000000000 --- a/module-collectd/manifests/plugin/swap.pp +++ /dev/null @@ -1,22 +0,0 @@ -# https://collectd.org/wiki/index.php/Plugin:Swap -class collectd::plugin::swap ( - $ensure = present, - $interval = undef, - $reportbydevice = false, - $reportbytes = true, - $valuesabsolute = true, - $valuespercentage = false, -) { - validate_bool( - $reportbydevice, - $reportbytes, - $valuesabsolute, - $valuespercentage - ) - - collectd::plugin {'swap': - ensure => $ensure, - content => template('collectd/plugin/swap.conf.erb'), - interval => $interval, - } -} diff --git a/module-collectd/manifests/plugin/syslog.pp b/module-collectd/manifests/plugin/syslog.pp deleted file mode 100644 index 494c29a92..000000000 --- a/module-collectd/manifests/plugin/syslog.pp +++ /dev/null @@ -1,16 +0,0 @@ -# https://collectd.org/wiki/index.php/Plugin:SysLog -class collectd::plugin::syslog ( - $ensure = present, - $interval = undef, - $log_level = 'info' -) { - - collectd::plugin {'syslog': - ensure => $ensure, - content => template('collectd/plugin/syslog.conf.erb'), - interval => $interval, - # Load logging plugin first - # https://github.com/puppet-community/puppet-collectd/pull/166#issuecomment-50591413 - order => '05', - } -} diff --git a/module-collectd/manifests/plugin/tail.pp b/module-collectd/manifests/plugin/tail.pp deleted file mode 100644 index cead3f41c..000000000 --- a/module-collectd/manifests/plugin/tail.pp +++ /dev/null @@ -1,10 +0,0 @@ -# Tail plugin -# https://collectd.org/wiki/index.php/Plugin:Tail -class collectd::plugin::tail ( - $interval = undef, -){ - collectd::plugin { 'tail': - interval => $interval, - } -} - diff --git a/module-collectd/manifests/plugin/tail/file.pp b/module-collectd/manifests/plugin/tail/file.pp deleted file mode 100644 index d307182eb..000000000 --- a/module-collectd/manifests/plugin/tail/file.pp +++ /dev/null @@ -1,27 +0,0 @@ -# -define collectd::plugin::tail::file ( - $filename, - $instance, - $matches, - $ensure = 'present', -) { - include collectd::params - include collectd::plugin::tail - - $conf_dir = $collectd::params::plugin_conf_dir - - validate_absolute_path($filename) - validate_string($instance) - validate_array($matches) - validate_hash($matches[0]) - - file { "${name}.conf": - ensure => $ensure, - path => "${conf_dir}/tail-${name}.conf", - mode => '0644', - owner => 'root', - group => $collectd::params::root_group, - content => template('collectd/tail-file.conf.erb'), - notify => Service['collectd'], - } -} diff --git a/module-collectd/manifests/plugin/target_v5upgrade.pp b/module-collectd/manifests/plugin/target_v5upgrade.pp deleted file mode 100644 index 310d5c428..000000000 --- a/module-collectd/manifests/plugin/target_v5upgrade.pp +++ /dev/null @@ -1,10 +0,0 @@ -# https://collectd.org/wiki/index.php/Target:v5_upgrade -class collectd::plugin::target_v5upgrade ( - $ensure = present, -) { - collectd::plugin {'target_v5upgrade': - ensure => $ensure, - content => template('collectd/plugin/target_v5upgrade.conf.erb'), - order => '06', - } -} diff --git a/module-collectd/manifests/plugin/tcpconns.pp b/module-collectd/manifests/plugin/tcpconns.pp deleted file mode 100644 index 77e691e08..000000000 --- a/module-collectd/manifests/plugin/tcpconns.pp +++ /dev/null @@ -1,28 +0,0 @@ -# https://collectd.org/wiki/index.php/Plugin:TCPConns -class collectd::plugin::tcpconns ( - $localports = undef, - $remoteports = undef, - $listening = undef, - $interval = undef, - $allportssummary = undef, - $ensure = present -) { - - if $localports { - validate_array($localports) - } - - if $remoteports { - validate_array($remoteports) - } - - if $allportssummary { - validate_bool($allportssummary) - } - - collectd::plugin {'tcpconns': - ensure => $ensure, - content => template('collectd/plugin/tcpconns.conf.erb'), - interval => $interval, - } -} diff --git a/module-collectd/manifests/plugin/unixsock.pp b/module-collectd/manifests/plugin/unixsock.pp deleted file mode 100644 index 511a82bc2..000000000 --- a/module-collectd/manifests/plugin/unixsock.pp +++ /dev/null @@ -1,17 +0,0 @@ -# https://collectd.org/wiki/index.php/Plugin:UnixSock -class collectd::plugin::unixsock ( - $socketfile = '/var/run/collectd-socket', - $socketgroup = 'collectd', - $socketperms = '0770', - $deletesocket = false, - $ensure = present, - $interval = undef, -) { - validate_absolute_path($socketfile) - - collectd::plugin {'unixsock': - ensure => $ensure, - content => template('collectd/plugin/unixsock.conf.erb'), - interval => $interval, - } -} diff --git a/module-collectd/manifests/plugin/uptime.pp b/module-collectd/manifests/plugin/uptime.pp deleted file mode 100644 index 9c847876b..000000000 --- a/module-collectd/manifests/plugin/uptime.pp +++ /dev/null @@ -1,10 +0,0 @@ -# https://collectd.org/wiki/index.php/Plugin:Uptime -class collectd::plugin::uptime ( - $ensure = present, - $interval = undef, -) { - collectd::plugin {'uptime': - ensure => $ensure, - interval => $interval, - } -} diff --git a/module-collectd/manifests/plugin/users.pp b/module-collectd/manifests/plugin/users.pp deleted file mode 100644 index 7ad1b081b..000000000 --- a/module-collectd/manifests/plugin/users.pp +++ /dev/null @@ -1,11 +0,0 @@ -# https://collectd.org/wiki/index.php/Plugin:Users -class collectd::plugin::users ( - $ensure = present, - $interval = undef, -) { - - collectd::plugin {'users': - ensure => $ensure, - interval => $interval, - } -} diff --git a/module-collectd/manifests/plugin/varnish.pp b/module-collectd/manifests/plugin/varnish.pp deleted file mode 100644 index 2edfd07f0..000000000 --- a/module-collectd/manifests/plugin/varnish.pp +++ /dev/null @@ -1,28 +0,0 @@ -# https://collectd.org/wiki/index.php/Plugin:Varnish -class collectd::plugin::varnish ( - $ensure = present, - $manage_package = $true, - $instances = { - 'localhost' => { - } - }, - $interval = undef, -) { - include collectd::params - - validate_hash($instances) - - if $::osfamily == 'Redhat' { - if $manage_package { - package { 'collectd-varnish': - ensure => $ensure, - } - } - } - - collectd::plugin {'varnish': - ensure => $ensure, - content => template('collectd/plugin/varnish.conf.erb'), - interval => $interval, - } -} diff --git a/module-collectd/manifests/plugin/vmem.pp b/module-collectd/manifests/plugin/vmem.pp deleted file mode 100644 index b68328ecb..000000000 --- a/module-collectd/manifests/plugin/vmem.pp +++ /dev/null @@ -1,12 +0,0 @@ -# https://collectd.org/wiki/index.php/Plugin:vmem -class collectd::plugin::vmem ( - $ensure = present, - $interval = undef, - $verbose = false, -) { - collectd::plugin {'vmem': - ensure => $ensure, - content => template('collectd/plugin/vmem.conf.erb'), - interval => $interval, - } -} diff --git a/module-collectd/manifests/plugin/write_graphite.pp b/module-collectd/manifests/plugin/write_graphite.pp deleted file mode 100644 index a87f56dec..000000000 --- a/module-collectd/manifests/plugin/write_graphite.pp +++ /dev/null @@ -1,44 +0,0 @@ -# https://collectd.org/wiki/index.php/Graphite -class collectd::plugin::write_graphite ( - $carbons = {}, - $carbon_defaults = {}, - $interval = undef, - $ensure = present, - $globals = false, -) { - include collectd::params - - validate_hash($carbons) - - collectd::plugin {'write_graphite': - ensure => $ensure, - globals => $globals, - interval => $interval, - } - - # should be loaded after global plugin configuration - $graphite_conf = "${collectd::params::plugin_conf_dir}/write_graphite-config.conf" - - concat{ $graphite_conf: - ensure => $ensure, - mode => '0640', - owner => 'root', - group => $collectd::params::root_group, - notify => Service['collectd'], - ensure_newline => true, - } - - concat::fragment{'collectd_plugin_write_graphite_conf_header': - order => '00', - content => '', - target => $graphite_conf, - } - - concat::fragment{'collectd_plugin_write_graphite_conf_footer': - order => '99', - content => '', - target => $graphite_conf, - } - - create_resources(collectd::plugin::write_graphite::carbon, $carbons, $carbon_defaults) -} diff --git a/module-collectd/manifests/plugin/write_graphite/carbon.pp b/module-collectd/manifests/plugin/write_graphite/carbon.pp deleted file mode 100644 index 78d46d2ad..000000000 --- a/module-collectd/manifests/plugin/write_graphite/carbon.pp +++ /dev/null @@ -1,30 +0,0 @@ -# a single graphite backend -define collectd::plugin::write_graphite::carbon ( - $ensure = present, - $graphitehost = 'localhost', - $graphiteport = 2003, - $storerates = true, - $graphiteprefix = 'collectd.', - $graphitepostfix = undef, - $interval = undef, - $escapecharacter = '_', - $alwaysappendds = false, - $protocol = 'tcp', - $separateinstances = false, - $logsenderrors = true, -){ - include collectd::params - include collectd::plugin::write_graphite - - validate_bool($storerates) - validate_bool($alwaysappendds) - validate_bool($separateinstances) - validate_bool($logsenderrors) - - concat::fragment{"collectd_plugin_write_graphite_conf_${title}_${protocol}_${graphiteport}": - ensure => $ensure, - order => '50', # somewhere between header and footer - target => $collectd::plugin::write_graphite::graphite_conf, - content => template('collectd/plugin/write_graphite/carbon.conf.erb'), - } -} diff --git a/module-collectd/manifests/plugin/write_http.pp b/module-collectd/manifests/plugin/write_http.pp deleted file mode 100644 index 3497071bf..000000000 --- a/module-collectd/manifests/plugin/write_http.pp +++ /dev/null @@ -1,15 +0,0 @@ -# https://collectd.org/wiki/index.php/Plugin:Write_HTTP -class collectd::plugin::write_http ( - $ensure = present, - $interval = undef, - $urls = {}, -) { - - validate_hash($urls) - - collectd::plugin {'write_http': - ensure => $ensure, - content => template('collectd/plugin/write_http.conf.erb'), - interval => $interval, - } -} diff --git a/module-collectd/manifests/plugin/write_network.pp b/module-collectd/manifests/plugin/write_network.pp deleted file mode 100644 index ead5b412f..000000000 --- a/module-collectd/manifests/plugin/write_network.pp +++ /dev/null @@ -1,22 +0,0 @@ -# A define to make a generic network output for collectd -class collectd::plugin::write_network ( - $ensure = 'present', - $servers = { 'localhost' => { 'serverport' => '25826' } }, -) { - - warning('Deprecated. This class may be removed in the future. Use collectd::plugin::network instead.') - - validate_hash($servers) - - $servernames = keys($servers) - if empty($servernames) { - fail('servers cannot be empty') - } - $servername = $servernames[0] - $serverport = $servers[$servername]['serverport'] - - class { 'collectd::plugin::network': - server => $servername, - serverport => $serverport, - } -} diff --git a/module-collectd/manifests/plugin/write_riemann.pp b/module-collectd/manifests/plugin/write_riemann.pp deleted file mode 100644 index dbdf85604..000000000 --- a/module-collectd/manifests/plugin/write_riemann.pp +++ /dev/null @@ -1,28 +0,0 @@ -# https://collectd.org/wiki/index.php/Plugin:Write_Riemann -class collectd::plugin::write_riemann ( - $ensure = present, - $manage_package = $true, - $riemann_host = 'localhost', - $riemann_port = 5555, - $protocol = 'UDP', - $store_rates = false, - $always_append_ds = false, - $interval = undef, -) { - validate_bool($store_rates) - validate_bool($always_append_ds) - - if $::osfamily == 'Redhat' { - if $manage_package { - package { 'collectd-write_riemann': - ensure => $ensure, - } - } - } - - collectd::plugin {'write_riemann': - ensure => $ensure, - content => template('collectd/plugin/write_riemann.conf.erb'), - interval => $interval, - } -} diff --git a/module-collectd/manifests/plugin/write_sensu.pp b/module-collectd/manifests/plugin/write_sensu.pp deleted file mode 100644 index 1488fd08b..000000000 --- a/module-collectd/manifests/plugin/write_sensu.pp +++ /dev/null @@ -1,31 +0,0 @@ -# https://collectd.org/wiki/index.php/Plugin:Write_Riemann -class collectd::plugin::write_sensu ( - $ensure = present, - $manage_package = $true, - $sensu_host = 'localhost', - $sensu_port = 3030, - $store_rates = false, - $always_append_ds = false, - $interval = undef, - $metrics = false, - $metrics_handler = 'example_metric_handler', - $notifications = false, - $notifs_handler = 'example_notification_handler', -) { - validate_bool($store_rates) - validate_bool($always_append_ds) - - if $::osfamily == 'Redhat' { - if $manage_package { - package { 'collectd-write_sensu': - ensure => $ensure, - } - } - } - - collectd::plugin {'write_sensu': - ensure => $ensure, - content => template('collectd/plugin/write_sensu.conf.erb'), - interval => $interval, - } -} diff --git a/module-collectd/manifests/plugin/zfs_arc.pp b/module-collectd/manifests/plugin/zfs_arc.pp deleted file mode 100644 index 1065e3cb6..000000000 --- a/module-collectd/manifests/plugin/zfs_arc.pp +++ /dev/null @@ -1,8 +0,0 @@ -# https://collectd.org/wiki/index.php/Plugin:ZFS_ARC -class collectd::plugin::zfs_arc ( - $ensure = present, -) { - collectd::plugin {'zfs_arc': - ensure => $ensure - } -} diff --git a/module-collectd/manifests/service.pp b/module-collectd/manifests/service.pp deleted file mode 100644 index 197537e0d..000000000 --- a/module-collectd/manifests/service.pp +++ /dev/null @@ -1,13 +0,0 @@ -class collectd::service ( - $service_name = $collectd::service_name, - $service_ensure = $collectd::service_ensure, - $service_enable = $collectd::service_enable, -) { - - service { 'collectd': - ensure => $service_ensure, - name => $service_name, - enable => $service_enable, - } - -} diff --git a/module-collectd/manifests/type.pp b/module-collectd/manifests/type.pp deleted file mode 100644 index c81e4a196..000000000 --- a/module-collectd/manifests/type.pp +++ /dev/null @@ -1,30 +0,0 @@ -define collectd::type ( - $target, - $ds_type, - $ds = $title, - $min = 'U', - $max = 'U', - $ds_name = 'value', -) { - validate_string($ds_name) - $upper_ds_type = upcase($ds_type) - - validate_re($upper_ds_type, - ['^ABSOLUTE$', '^COUNTER$', '^DERIVE$', '^GAUGE$']) - - if $min != 'U' { - validate_numeric($min) - } - - if $max != 'U' { - validate_numeric($max) - } - - $content = "${ds}\t${ds_name}:${upper_ds_type}:${min}:${max}" - - concat::fragment { "${target}/${ds}": - content => $content, - target => $target, - order => $ds, - } -} diff --git a/module-collectd/manifests/typesdb.pp b/module-collectd/manifests/typesdb.pp deleted file mode 100644 index 7022c2eb9..000000000 --- a/module-collectd/manifests/typesdb.pp +++ /dev/null @@ -1,16 +0,0 @@ -define collectd::typesdb ( - $path = $title, -) { - include collectd::params - - - concat { $path: - ensure => present, - owner => 'root', - group => $collectd::params::root_group, - mode => '0640', - ensure_newline => true, - force => true, - notify => Service['collectd'], - } -} diff --git a/module-collectd/metadata.json b/module-collectd/metadata.json deleted file mode 100644 index 3dbeb21ce..000000000 --- a/module-collectd/metadata.json +++ /dev/null @@ -1,91 +0,0 @@ -{ - "operatingsystem_support": [ - { - "operatingsystem": "RedHat", - "operatingsystemrelease": [ - "5", - "6", - "7" - ] - }, - { - "operatingsystem": "CentOS", - "operatingsystemrelease": [ - "5", - "6", - "7" - ] - }, - { - "operatingsystem": "OracleLinux", - "operatingsystemrelease": [ - "5", - "6", - "7" - ] - }, - { - "operatingsystem": "Scientific", - "operatingsystemrelease": [ - "5", - "6", - "7" - ] - }, - { - "operatingsystem": "Debian", - "operatingsystemrelease": [ - "6", - "7" - ] - }, - { - "operatingsystem": "Ubuntu", - "operatingsystemrelease": [ - "12.04", - "14.04" - ] - }, - { - "operatingsystem": "Gentoo" - }, - { - "operatingsystem": "FreeBSD" - }, - { - "operatingsystem": "Solaris" - }, - { - "operatingsystem": "Archlinux" - } - ], - "requirements": [ - { - "name": "pe", - "version_requirement": ">= 3.2.0" - }, - { - "name": "puppet", - "version_requirement": ">= 3.2.0" - } - ], - "name": "puppet-collectd", - "version": "4.2.0", - "source": "https://github.com/puppet-community/puppet-collectd", - "author": "puppetcommunity", - "license": "Apache-2.0", - "summary": "Puppet module for Collectd", - "project_page": "https://github.com/puppet-community/puppet-collectd", - "issues_url": "https://github.com/puppet-community/puppet-collectd/issues", - "tags": ["collectd", "puppet-community"], - "dependencies": [ - { - "name": "puppetlabs/stdlib", - "version_requirement": ">= 3.2.0" - }, - { - "name": "puppetlabs/concat", - "version_requirement": ">= 1.0.4" - } - ] -} diff --git a/module-collectd/spec/acceptance/class_spec.rb b/module-collectd/spec/acceptance/class_spec.rb deleted file mode 100644 index 6fb7dea8d..000000000 --- a/module-collectd/spec/acceptance/class_spec.rb +++ /dev/null @@ -1,24 +0,0 @@ -require 'spec_helper_acceptance' - -describe 'collectd class' do - context 'default parameters' do - # Using puppet_apply as a helper - it 'should work idempotently with no errors' do - pp = <<-EOS - class { 'collectd': } - EOS - - # Run it twice and test for idempotency - apply_manifest(pp, :catch_failures => true) - apply_manifest(pp, :catch_changes => true) - end - - describe package('collectd') do - it { should be_installed } - end - - describe service('collectd') do - it { should be_running } - end - end -end diff --git a/module-collectd/spec/acceptance/nodesets/centos-59-x64.yml b/module-collectd/spec/acceptance/nodesets/centos-59-x64.yml deleted file mode 100644 index 2ad90b86a..000000000 --- a/module-collectd/spec/acceptance/nodesets/centos-59-x64.yml +++ /dev/null @@ -1,10 +0,0 @@ -HOSTS: - centos-59-x64: - roles: - - master - platform: el-5-x86_64 - box : centos-59-x64-vbox4210-nocm - box_url : http://puppet-vagrant-boxes.puppetlabs.com/centos-59-x64-vbox4210-nocm.box - hypervisor : vagrant -CONFIG: - type: git diff --git a/module-collectd/spec/acceptance/nodesets/centos-64-x64-pe.yml b/module-collectd/spec/acceptance/nodesets/centos-64-x64-pe.yml deleted file mode 100644 index 7d9242f1b..000000000 --- a/module-collectd/spec/acceptance/nodesets/centos-64-x64-pe.yml +++ /dev/null @@ -1,12 +0,0 @@ -HOSTS: - centos-64-x64: - roles: - - master - - database - - dashboard - platform: el-6-x86_64 - box : centos-64-x64-vbox4210-nocm - box_url : http://puppet-vagrant-boxes.puppetlabs.com/centos-64-x64-vbox4210-nocm.box - hypervisor : vagrant -CONFIG: - type: pe diff --git a/module-collectd/spec/acceptance/nodesets/centos-64-x64.yml b/module-collectd/spec/acceptance/nodesets/centos-64-x64.yml deleted file mode 100644 index d19aa6951..000000000 --- a/module-collectd/spec/acceptance/nodesets/centos-64-x64.yml +++ /dev/null @@ -1,11 +0,0 @@ -HOSTS: - centos-64-x64: - roles: - - master - platform: el-6-x86_64 - box : centos-64-x64-vbox4210-nocm - box_url : http://puppet-vagrant-boxes.puppetlabs.com/centos-64-x64-vbox4210-nocm.box - hypervisor : vagrant -CONFIG: - log_level: verbose - type: foss diff --git a/module-collectd/spec/acceptance/nodesets/centos-65-x64.yml b/module-collectd/spec/acceptance/nodesets/centos-65-x64.yml deleted file mode 100644 index 4e2cb809e..000000000 --- a/module-collectd/spec/acceptance/nodesets/centos-65-x64.yml +++ /dev/null @@ -1,10 +0,0 @@ -HOSTS: - centos-65-x64: - roles: - - master - platform: el-6-x86_64 - box : centos-65-x64-vbox436-nocm - box_url : http://puppet-vagrant-boxes.puppetlabs.com/centos-65-x64-virtualbox-nocm.box - hypervisor : vagrant -CONFIG: - type: foss diff --git a/module-collectd/spec/acceptance/nodesets/default.yml b/module-collectd/spec/acceptance/nodesets/default.yml deleted file mode 100644 index b392dab75..000000000 --- a/module-collectd/spec/acceptance/nodesets/default.yml +++ /dev/null @@ -1,12 +0,0 @@ -HOSTS: - ubuntu-server-12042-x64: - roles: - - master - platform: ubuntu-server-12.04-amd64 - box: ubuntu-server-12042-x64-vbox4210-nocm - box_url: http://puppet-vagrant-boxes.puppetlabs.com/ubuntu-server-12042-x64-vbox4210-nocm.box - hypervisor: vagrant - -CONFIG: - log_level: verbose - type: foss diff --git a/module-collectd/spec/acceptance/nodesets/ubuntu-server-10044-x64.yml b/module-collectd/spec/acceptance/nodesets/ubuntu-server-10044-x64.yml deleted file mode 100644 index 5ca1514e4..000000000 --- a/module-collectd/spec/acceptance/nodesets/ubuntu-server-10044-x64.yml +++ /dev/null @@ -1,10 +0,0 @@ -HOSTS: - ubuntu-server-10044-x64: - roles: - - master - platform: ubuntu-10.04-amd64 - box : ubuntu-server-10044-x64-vbox4210-nocm - box_url : http://puppet-vagrant-boxes.puppetlabs.com/ubuntu-server-10044-x64-vbox4210-nocm.box - hypervisor : vagrant -CONFIG: - type: foss diff --git a/module-collectd/spec/acceptance/nodesets/ubuntu-server-12042-x64.yml b/module-collectd/spec/acceptance/nodesets/ubuntu-server-12042-x64.yml deleted file mode 100644 index d065b304f..000000000 --- a/module-collectd/spec/acceptance/nodesets/ubuntu-server-12042-x64.yml +++ /dev/null @@ -1,10 +0,0 @@ -HOSTS: - ubuntu-server-12042-x64: - roles: - - master - platform: ubuntu-12.04-amd64 - box : ubuntu-server-12042-x64-vbox4210-nocm - box_url : http://puppet-vagrant-boxes.puppetlabs.com/ubuntu-server-12042-x64-vbox4210-nocm.box - hypervisor : vagrant -CONFIG: - type: foss diff --git a/module-collectd/spec/acceptance/nodesets/ubuntu-server-1404-x64.yml b/module-collectd/spec/acceptance/nodesets/ubuntu-server-1404-x64.yml deleted file mode 100644 index cba1cd04c..000000000 --- a/module-collectd/spec/acceptance/nodesets/ubuntu-server-1404-x64.yml +++ /dev/null @@ -1,11 +0,0 @@ -HOSTS: - ubuntu-server-1404-x64: - roles: - - master - platform: ubuntu-14.04-amd64 - box : puppetlabs/ubuntu-14.04-64-nocm - box_url : https://vagrantcloud.com/puppetlabs/ubuntu-14.04-64-nocm - hypervisor : vagrant -CONFIG: - log_level : debug - type: git diff --git a/module-collectd/spec/classes/collectd_init_spec.rb b/module-collectd/spec/classes/collectd_init_spec.rb deleted file mode 100644 index 71540e155..000000000 --- a/module-collectd/spec/classes/collectd_init_spec.rb +++ /dev/null @@ -1,118 +0,0 @@ -require 'spec_helper' - -describe 'collectd' do - let :facts do - { :osfamily => 'RedHat' } - end - - it { should contain_package('collectd').with_ensure('installed') } - it { should contain_package('collectd').with_install_options(nil) } - it { should contain_service('collectd').with_ensure('running') } - it { should contain_file('collectd.conf').without_content } - it { should contain_file('collectd.d').with_ensure('directory') } - it { should contain_file_line('include_conf_d') } - it { is_expected.to contain_class('collectd::install').that_comes_before('Class[collectd::config]') } - it { is_expected.to contain_class('collectd::config').that_notifies('Class[collectd::service]') } - it { is_expected.to contain_class('collectd::service') } - - context 'with collectd::install::package_install_options' do - context 'set to a valid array' do - let :params do - { :package_install_options => ['--nogpgcheck'] } - end - - it { should contain_package('collectd').with_install_options(['--nogpgcheck']) } - end - - context 'set to an invalid value (non-array)' do - let :params do - { :package_install_options => 'not_an_array' } - end - - it 'should fail' do - expect do - should contain_class('collectd') - end.to raise_error(Puppet::Error, /is not an Array/) - end - end - end - - context 'on non supported operating systems' do - let(:facts) { { :osfamily => 'foo' } } - - it 'should fail' do - should compile.and_raise_error(/foo is not supported/) - end - end - - context 'when purge_config is enabled' do - let(:params) { { :purge_config => true } } - - it { is_expected.to contain_file('collectd.conf').with_content(/FQDNLookup true/) } - it { is_expected.to contain_file('collectd.conf').with_content(/Interval/) } - it { is_expected.to contain_file('collectd.conf').with_content(/Timeout/) } - it { is_expected.to contain_file('collectd.conf').with_content(/ReadThreads/) } - it { is_expected.to contain_file('collectd.conf').without_content(/^TypesDB/) } - it { is_expected.to contain_file('collectd.conf').without_content(/^WriteQueueLimitLow/) } - it { is_expected.to contain_file('collectd.conf').without_content(/^WriteQueueLimitHigh/) } - it { is_expected.to contain_file('collectd.conf').without_content(/^CollectInternalStats/) } - it { should_not contain_file_line('include_conf_d') } - it do - should contain_file('collectd.conf').with_content(/^# Generated by Puppet$/) - end - - context 'with fqdnlookup => false' do - let(:params) { { :purge_config => true, :fqdnlookup => false } } - it { is_expected.to contain_file('collectd.conf').with_content(/^FQDNLookup false/) } - end - - context 'with typesdb => ["/path/to/types.db"]' do - let(:params) { { :purge_config => true, :typesdb => ['/path/to/types.db'] } } - it { is_expected.to contain_file('collectd.conf').with_content(%r{^TypesDB "/path/to/types.db"}) } - end - - context 'with write_queue_limit_low => 100' do - let(:params) { { :purge_config => true, :write_queue_limit_low => '100' } } - it { is_expected.to contain_file('collectd.conf').with_content(/^WriteQueueLimitLow 100/) } - end - - context 'with write_queue_limit_high => 100' do - let(:params) { { :purge_config => true, :write_queue_limit_high => '100' } } - it { is_expected.to contain_file('collectd.conf').with_content(/^WriteQueueLimitHigh 100/) } - end - - context 'with include => ["/some/include/path"]' do - let(:params) { { :purge_config => true, :include => ['/some/include/path'] } } - it { is_expected.to contain_file('collectd.conf').with_content(%r{^Include "/some/include/path"}) } - end - - context 'with internal_stats => true' do - context 'with collectd_real_version = 5.5' do - let(:facts) { { :osfamily => 'RedHat', :collectd_real_version => '5.5' } } - let(:params) { { :purge_config => true, :internal_stats => true } } - it { is_expected.to contain_file('collectd.conf').without_content(/^CollectInternalStats/) } - end - - context 'with collectd_real_version = 5.6' do - let(:facts) { { :osfamily => 'RedHat', :collectd_real_version => '5.6' } } - let(:params) { { :purge_config => true, :internal_stats => true } } - it { is_expected.to contain_file('collectd.conf').with_content(/^CollectInternalStats true/) } - end - end - end - - context 'when custom package_name is set' do - let(:params) { { :package_name => 'collectd-core' } } - it { should contain_package('collectd-core').with_ensure('installed') } - end - - context 'when manage_package is false' do - let(:params) { { :manage_package => false } } - it { should_not contain_package('collectd') } - end - - context 'when manage_package is true' do - let(:params) { { :manage_package => true } } - it { should contain_package('collectd').with_ensure('installed') } - end -end diff --git a/module-collectd/spec/classes/collectd_plugin_ceph_spec.rb b/module-collectd/spec/classes/collectd_plugin_ceph_spec.rb deleted file mode 100644 index 7779ee972..000000000 --- a/module-collectd/spec/classes/collectd_plugin_ceph_spec.rb +++ /dev/null @@ -1,52 +0,0 @@ -require 'spec_helper' - -describe 'collectd::plugin::ceph', :type => :class do - let :facts do - { :osfamily => 'RedHat' } - end - - context ':ensure => present and :osds => [ \'osd.0\, \osd.1\, \osd.2\]' do - let :params do - { :osds => ['osd.0', 'osd.1', 'osd.2'] } - end - content = < - LongRunAvgLatency false - ConvertSpecialMetricTypes true - - - SocketPath "/var/run/ceph/ceph-osd.0.asok" - - - SocketPath "/var/run/ceph/ceph-osd.1.asok" - - - SocketPath "/var/run/ceph/ceph-osd.2.asok" - - - -EOS - it 'Will create /etc/collectd.d/10-ceph.conf' do - should contain_collectd__plugin('ceph').with_content(content) - end - end - - context ':ensure => absent' do - let :params do - { :osds => ['osd.0', 'osd.1', 'osd.2'], :ensure => 'absent' } - end - it 'Will not create /etc/collectd.d/10-ceph.conf' do - should contain_file('ceph.load').with(:ensure => 'absent', - :path => '/etc/collectd.d/10-ceph.conf',) - end - end - - context ':ceph is not an array' do - let :params do - { :osds => 'osd.0' } - end - it 'Will raise an error about :osds being a String' do - should compile.and_raise_error(/String/) - end - end -end diff --git a/module-collectd/spec/classes/collectd_plugin_cpu_spec.rb b/module-collectd/spec/classes/collectd_plugin_cpu_spec.rb deleted file mode 100644 index 148dbe446..000000000 --- a/module-collectd/spec/classes/collectd_plugin_cpu_spec.rb +++ /dev/null @@ -1,79 +0,0 @@ -require 'spec_helper' - -describe 'collectd::plugin::cpu', :type => :class do - let :facts do - { :osfamily => 'RedHat' } - end - - context ':ensure => present' do - context ':ensure => present and collectd version < 5.5' do - it 'Will create /etc/collectd.d/10-cpu.conf to load the plugin' do - should contain_file('cpu.load').with(:ensure => 'present', - :path => '/etc/collectd.d/10-cpu.conf', - :content => /LoadPlugin cpu/,) - end - - it 'Will not include ReportByState in /etc/collectd.d/10-cpu.conf' do - should_not contain_file('cpu.load').with_content(/ReportByState/) - end - - it 'Will not include ReportByCpu in /etc/collectd.d/10-cpu.conf' do - should_not contain_file('cpu.load').with_content(/ReportByCpu/) - end - - it 'Will not include ValuesPercentage in /etc/collectd.d/10-cpu.conf' do - should_not contain_file('cpu.load').with_content(/ValuesPercentage/) - end - end - - context 'cpu options should be set with collectd 5.5' do - let :facts do - { :osfamily => 'RedHat', - :collectd_version => '5.5', - } - end - let :params do - { :reportbystate => false, - :reportbycpu => false, - :valuespercentage => true, - } - end - - it 'Will include ReportByState in /etc/collectd.d/10-cpu.conf' do - should contain_file('cpu.load').with_content(/ReportByState = false/) - end - - it 'Will include ReportByCpu in /etc/collectd.d/10-cpu.conf' do - should contain_file('cpu.load').with_content(/ReportByCpu = false/) - end - - it 'Will include ValuesPercentage in /etc/collectd.d/10-cpu.conf' do - should contain_file('cpu.load').with_content(/ValuesPercentage = true/) - end - end - end - - context 'default parameters are not booleans' do - let :params do - { :reportbystate => 'string_a', - :reportbycpu => 'string_b', - :valuespercentage => 'string_c', - } - end - - it 'Will raise an error about parameters not being boolean' do - should compile.and_raise_error(/bool/) - end - end - - context ':ensure => absent' do - let :params do - { :ensure => 'absent' } - end - it 'Will remove /etc/collectd.d/10-cpu.conf' do - should contain_file('cpu.load').with(:ensure => 'absent', - :path => '/etc/collectd.d/10-cpu.conf', - :content => /LoadPlugin cpu/,) - end - end -end diff --git a/module-collectd/spec/classes/collectd_plugin_curl_spec.rb b/module-collectd/spec/classes/collectd_plugin_curl_spec.rb deleted file mode 100644 index 8e2e5e82c..000000000 --- a/module-collectd/spec/classes/collectd_plugin_curl_spec.rb +++ /dev/null @@ -1,85 +0,0 @@ -require 'spec_helper' - -describe 'collectd::plugin::curl', :type => :class do - context ':ensure => present, default params' do - let :facts do - { :osfamily => 'RedHat' } - end - it 'Will create /etc/collectd.d/10-curl.conf' do - should contain_file('curl.load').with(:ensure => 'present', - :path => '/etc/collectd.d/10-curl.conf', - :content => /\#\ Generated by Puppet\nLoadPlugin curl\n\n/,) - end - end - - context ':ensure => present, creating two pages' do - let :facts do - { :osfamily => 'Debian' } - end - let :params do - { - :ensure => 'present', - :pages => { - 'stocks_ILD' => { - 'url' => 'http://finance.google.com/finance?q=EPA%3AILD', - 'user' => 'foo', - 'password' => 'bar', - 'matches' => [ - { - 'dstype' => 'GaugeAverage', - 'instance' => 'ILD', - 'regex' => ']*> *([0-9]*\\.[0-9]+) *', - 'type' => 'stock_value', - } - ] - }, - } - } - end - - it 'Will create /etc/collectd.d/conf.d/curl-stocks_ILD.conf and /etc/collectd/conf.d/curl-stocks_GM.conf' do - should contain_file('/etc/collectd/conf.d/curl-stocks_ILD.conf').with(:ensure => 'present', - :path => '/etc/collectd/conf.d/curl-stocks_ILD.conf', - :content => "\n \n URL \"http://finance.google.com/finance?q=EPA%3AILD\"\n User \"foo\"\n Password \"bar\"\n \n Regex \"]*> *([0-9]*\\.[0-9]+) *\"\n DSType \"GaugeAverage\"\n Type \"stock_value\"\n Instance \"ILD\"\n \n\n \n\n",) - end - end - - context ':ensure => present, verifypeer => false, verifyhost => \'false\', measureresponsetime => true, matches empty' do - let :facts do - { :osfamily => 'Debian' } - end - let :params do - { - :ensure => 'present', - :pages => { - 'selfsigned_ssl' => { - 'url' => 'https://some.selfsigned.ssl.site/', - 'verifypeer' => false, - 'verifyhost' => 'false', - 'measureresponsetime' => true, - }, - } - } - end - - it 'Will create /etc/collectd.d/conf.d/curl-selfsigned_ssl.conf' do - should contain_file('/etc/collectd/conf.d/curl-selfsigned_ssl.conf').with(:ensure => 'present', - :path => '/etc/collectd/conf.d/curl-selfsigned_ssl.conf', - :content => "\n \n URL \"https://some.selfsigned.ssl.site/\"\n VerifyPeer false\n VerifyHost false\n MeasureResponseTime true\n \n\n",) - end - end - - context ':ensure => absent' do - let :facts do - { :osfamily => 'RedHat' } - end - let :params do - { :ensure => 'absent' } - end - - it 'Will not create /etc/collectd.d/10-curl.conf' do - should contain_file('curl.load').with(:ensure => 'absent', - :path => '/etc/collectd.d/10-curl.conf',) - end - end -end diff --git a/module-collectd/spec/classes/collectd_plugin_dbi_spec.rb b/module-collectd/spec/classes/collectd_plugin_dbi_spec.rb deleted file mode 100644 index c258a4751..000000000 --- a/module-collectd/spec/classes/collectd_plugin_dbi_spec.rb +++ /dev/null @@ -1,70 +0,0 @@ -require 'spec_helper' - -describe 'collectd::plugin::dbi', :type => :class do - let :facts do - { - :osfamily => 'Debian', - :concat_basedir => tmpfilename('collectd-dbi'), - :id => 'root', - :kernel => 'Linux', - :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', - :collectd_version => '5.0' - } - end - - context ':ensure => present and default parameters' do - it 'Will create /etc/collectd/conf.d/10-dbi.conf to load the plugin' do - should contain_file('dbi.load').with(:ensure => 'present', - :path => '/etc/collectd/conf.d/10-dbi.conf', - :content => /LoadPlugin dbi/,) - end - it 'Will create /etc/collectd.d/dbi-config.conf' do - should contain_concat__fragment('collectd_plugin_dbi_conf_header').with(:content => //,) - end - end - - context ':ensure => present and create a db with a query' do - let(:params) do - { - :databases => { - 'mydatabase' => { - 'host' => 'localhost', - 'driver' => 'mysql', - 'driveroption' => { - 'host' => 'db.example.com', - 'username' => 'dbuser', - 'password' => 'dbpasswd' - }, - 'selectdb' => 'db', - 'query' => %w(disk_io log_delay), - }, - }, - :queries => { - 'log_delay' => { - 'statement' => 'SELECT * FROM log_delay_repli;', - 'results' => [{ - 'type' => 'gauge', - 'instanceprefix' => 'log_delay', - 'instancesfrom' => %w(inet_server_port inet_server_host), - 'valuesfrom' => 'log_delay', - }], - } - } - } - end - - it 'Will create /etc/collectd.d/dbi-config.conf' do - should contain_concat__fragment('collectd_plugin_dbi_conf_db_mydatabase').with(:content => /Driver \"mysql\"\n/,) - should contain_concat__fragment('collectd_plugin_dbi_conf_db_mydatabase').with(:content => /Host \"localhost\"\n/,) - should contain_concat__fragment('collectd_plugin_dbi_conf_db_mydatabase').with(:content => /Query \"disk_io\"\n/,) - should contain_concat__fragment('collectd_plugin_dbi_conf_db_mydatabase').with(:content => /DriverOption \"host\" \"db\.example\.com\"\n/,) - should contain_concat__fragment('collectd_plugin_dbi_conf_db_mydatabase').with(:content => /DriverOption \"username\" \"dbuser\"\n/,) - should contain_concat__fragment('collectd_plugin_dbi_conf_db_mydatabase').with(:content => /DriverOption \"password\" \"dbpasswd\"\n/,) - - should contain_concat__fragment('collectd_plugin_dbi_conf_query_log_delay').with(:content => /Statement \"SELECT \* FROM log_delay_repli;\"\n/,) - should contain_concat__fragment('collectd_plugin_dbi_conf_query_log_delay').with(:content => /\n/,) - should contain_concat__fragment('collectd_plugin_dbi_conf_query_log_delay').with(:content => /InstancesFrom \"inet_server_port\" \"inet_server_host\"\n/,) - should contain_concat__fragment('collectd_plugin_dbi_conf_query_log_delay').with(:content => /ValuesFrom \"log_delay\"\n/,) - end - end -end diff --git a/module-collectd/spec/classes/collectd_plugin_disk_spec.rb b/module-collectd/spec/classes/collectd_plugin_disk_spec.rb deleted file mode 100644 index fc2f38a84..000000000 --- a/module-collectd/spec/classes/collectd_plugin_disk_spec.rb +++ /dev/null @@ -1,68 +0,0 @@ -require 'spec_helper' - -describe 'collectd::plugin::disk', :type => :class do - let :facts do - { :osfamily => 'RedHat' } - end - - context ':ensure => present and :disks => [\'sda\']' do - let :params do - { :disks => ['sda'] } - end - it 'Will create /etc/collectd.d/10-disk.conf' do - should contain_file('disk.load').with(:ensure => 'present', - :path => '/etc/collectd.d/10-disk.conf', - :content => /Disk "sda"/,) - end - end - - context ':ensure => absent' do - let :params do - { :disks => ['sda'], :ensure => 'absent' } - end - it 'Will not create /etc/collectd.d/10-disk.conf' do - should contain_file('disk.load').with(:ensure => 'absent', - :path => '/etc/collectd.d/10-disk.conf',) - end - end - - context ':disks is not an array' do - let :params do - { :disks => 'sda' } - end - it 'Will raise an error about :disks being a String' do - should compile.and_raise_error(/String/) - end - end - - context ':udevnameattr on collectd < 5.5' do - let :params do - { :udevnameattr => 'DM_NAME' } - end - let :facts do - { :osfamily => 'RedHat', - :collectd_version => '5.4', - } - end - it 'Will not include the setting' do - should contain_file('disk.load').with(:ensure => 'present', - :path => '/etc/collectd.d/10-disk.conf',).without_content(/UdevNameAttr DM_NAME/) - end - end - - context ':udevnameattr on collectd >= 5.5' do - let :params do - { :udevnameattr => 'DM_NAME' } - end - let :facts do - { :osfamily => 'RedHat', - :collectd_version => '5.5', - } - end - it 'Will include the setting' do - should contain_file('disk.load').with(:ensure => 'present', - :path => '/etc/collectd.d/10-disk.conf', - :content => /UdevNameAttr DM_NAME/,) - end - end -end diff --git a/module-collectd/spec/classes/collectd_plugin_dns_spec.rb b/module-collectd/spec/classes/collectd_plugin_dns_spec.rb deleted file mode 100644 index 41aa237f9..000000000 --- a/module-collectd/spec/classes/collectd_plugin_dns_spec.rb +++ /dev/null @@ -1,243 +0,0 @@ -require 'spec_helper' - -describe 'collectd::plugin::dns' do - let :facts do - { :collectd_version => '5.2', - :osfamily => 'RedHat', - } - end - - context 'with default values for all parameters' do - it { should contain_class('collectd::plugin::dns') } - - it do - should contain_file('dns.load').with( - 'ensure' => 'present', - ) - end - - default_fixture = File.read(fixtures('plugins/dns.conf.default')) - it { should contain_file('dns.load').with_content(default_fixture) } - - it { should_not contain_package('collectd-dns') } - end - - describe 'with ensure parameter' do - %w(present absent).each do |value| - context "set to a valid value of #{value}" do - let :params do - { :ensure => value } - end - - it do - should contain_file('dns.load').with( - 'ensure' => value, - ) - end - end - end - - context 'set to an invalid value' do - let :params do - { :ensure => 'invalid' } - end - - it 'should fail' do - expect do - should contain_class('collectd::plugin::dns') - end.to raise_error(Puppet::Error, /collectd::plugin::dns::ensure is and must be either 'present' or 'absent'\./) - end - end - end - - describe 'with ignoresource parameter' do - context 'set to a valid IP address' do - let :params do - { :ignoresource => '10.10.10.10' } - end - - ignoresource_fixture = File.read(fixtures('plugins/dns.conf.ignoresource')) - it { should contain_file('dns.load').with_content(ignoresource_fixture) } - end - - context 'set to undef' do - it { should contain_file('dns.load').without_content(/IgnoreSource\s+10\.10\.10\.10/) } - end - - context 'set to an invalid value' do - let :params do - { :ignoresource => 'not_an_ip' } - end - - it 'should fail' do - expect do - should contain_class('collectd::plugin::dns') - end.to raise_error(Puppet::Error, /collectd::plugin::dns::ignoresource is and must be a valid IP address\./) - end - end - end - - describe 'with interface parameter' do - context 'set to a valid value' do - let :params do - { :interface => 'eth0' } - end - - interface_fixture = File.read(fixtures('plugins/dns.conf.interface')) - it { should contain_file('dns.load').with_content(interface_fixture) } - end - - context 'set to an invalid value (non-string)' do - let :params do - { :interface => %w(not a string) } - end - - it 'should fail' do - expect do - should contain_class('collectd::plugin::dns') - end.to raise_error(Puppet::Error, /is not a string/) - end - end - end - - describe 'with interval parameter' do - ['10.0', '3600'].each do |value| - context "set to a valid numeric of #{value}" do - let :params do - { :interval => value } - end - - it { should contain_file('dns.load').with_content(/\s*Interval\s+#{Regexp.escape(value)}/) } - end - end - - context 'set to an invalid value' do - let :params do - { :interval => 'invalid' } - end - - it 'should fail' do - expect do - should contain_class('collectd::plugin::dns') - end.to raise_error(Puppet::Error, /Expected first argument to be a Numeric or Array, got String/) - end - end - end - - describe 'with selectnumericquerytypes parameter' do - ['true', true, 'false', false].each do |value| - context "set to valid value of #{value}" do - let :params do - { :selectnumericquerytypes => value } - end - - it { should contain_file('dns.load').with_content(/\s*SelectNumericQueryTypes\s+#{Regexp.escape(value.to_s)}/) } - end - end - - context 'set to an invalid value (non-boolean and non-stringified boolean)' do - let :params do - { :selectnumericquerytypes => 'invalid' } - end - - it 'should fail' do - expect do - should contain_class('collectd::plugin::dns') - end.to raise_error(Puppet::Error, /Unknown type of boolean/) - end - end - end - - describe 'with manage_package parameter' do - ['true', true].each do |value| - context "set to #{value}" do - %w(present absent).each do |ensure_value| - context "and ensure set to #{ensure_value}" do - let :params do - { :ensure => ensure_value, - :manage_package => value, - } - end - - it do - should contain_package('collectd-dns').with( - 'ensure' => ensure_value, - ) - end - end - end - end - - context 'on an unsupported platform and package_name is not specified' do - let :facts do - { :osfamily => 'Solaris' } - end - - let :params do - { :manage_package => true, - :package_name => 'USE_DEFAULTS', - } - end - - it 'should fail' do - expect do - should contain_class('collectd::plugin::dns') - end.to raise_error(Puppet::Error, /collectd::plugin::dns::package_name must be specified when using an unsupported OS. Supported osfamily is RedHat\. Detected is \./) - end - end - - context 'on a supported platform and package_name is specified' do - context 'as a valid string' do - let :params do - { :manage_package => true, - :package_name => 'custom-collectd-dns', - } - end - - it do - should contain_package('collectd-dns').with( - 'ensure' => 'present', - 'name' => 'custom-collectd-dns', - ) - end - end - - context 'as a non-valid entry (non-string)' do - let :params do - { :manage_package => true, - :package_name => true, - } - end - - it 'should fail' do - expect do - should contain_class('collectd::plugin::dns') - end.to raise_error(Puppet::Error, /is not a string/) - end - end - end - end - - ['false', false].each do |value| - context "seto to #{value}" do - let :params do - { :manage_package => value } - end - - it { should_not contain_package('collectd-dns') } - end - end - - context 'set to an invalid value (non-boolean and non-stringified boolean)' do - let :params do - { :manage_package => 'invalid' } - end - - it 'should fail' do - expect do - should contain_class('collectd::plugin::dns') - end.to raise_error(Puppet::Error, /Unknown type of boolean/) - end - end - end -end diff --git a/module-collectd/spec/classes/collectd_plugin_exec_spec.rb b/module-collectd/spec/classes/collectd_plugin_exec_spec.rb deleted file mode 100644 index 281d91c6a..000000000 --- a/module-collectd/spec/classes/collectd_plugin_exec_spec.rb +++ /dev/null @@ -1,71 +0,0 @@ -require 'spec_helper' - -describe 'collectd::plugin::exec', :type => :class do - let :facts do - { - :osfamily => 'Debian', - :concat_basedir => tmpfilename('collectd-exec'), - :id => 'root', - :kernel => 'Linux', - :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', - :collectd_version => '5.0' - } - end - - context 'single command' do - let :params do - { - :commands => { 'hello' => - { 'user' => 'nobody', 'group' => 'users', 'exec' => ['/bin/echo', 'hello world'] } - }, - } - end - - it 'Will create /etc/collectd.d/conf.d/exec-config.conf' do - should contain_concat__fragment('collectd_plugin_exec_conf_header') - .with(:content => //, - :target => '/etc/collectd/conf.d/exec-config.conf', - :order => '00') - end - - it 'Will create /etc/collectd.d/conf.d/exec-config' do - should contain_concat__fragment('collectd_plugin_exec_conf_footer') - .with(:content => %r{}, - :target => '/etc/collectd/conf.d/exec-config.conf', - :order => '99') - end - - it 'includes exec statement' do - should contain_concat__fragment('collectd_plugin_exec_conf_hello') - .with(:content => %r{Exec "nobody:users" "/bin/echo" "hello world"}, - :target => '/etc/collectd/conf.d/exec-config.conf',) - end - end - - context 'multiple commands' do - let :params do - { - :commands => { - 'hello' => { 'user' => 'nobody', 'group' => 'users', - 'exec' => ['/bin/echo', 'hello world'] - }, - 'my_date' => { 'user' => 'nobody', 'group' => 'users', - 'exec' => ['/bin/date'] - } - }, - } - end - - it 'includes echo statement' do - should contain_concat__fragment('collectd_plugin_exec_conf_hello') - .with(:content => %r{Exec "nobody:users" "/bin/echo" "hello world"}, - :target => '/etc/collectd/conf.d/exec-config.conf',) - end - - it 'includes date statement' do - should contain_concat__fragment('collectd_plugin_exec_conf_my_date') - .with(:content => %r{Exec "nobody:users" "/bin/date"}, - :target => '/etc/collectd/conf.d/exec-config.conf',) - end - end -end diff --git a/module-collectd/spec/classes/collectd_plugin_filecount_spec.rb b/module-collectd/spec/classes/collectd_plugin_filecount_spec.rb deleted file mode 100644 index e45a6a0ca..000000000 --- a/module-collectd/spec/classes/collectd_plugin_filecount_spec.rb +++ /dev/null @@ -1,67 +0,0 @@ -require 'spec_helper' - -describe 'collectd::plugin::filecount', :type => :class do - let :facts do - { :osfamily => 'RedHat' } - end - - context ':ensure => present and :directories => { \'active\' => \'/var/spool/postfix/active\' }' do - let :params do - { :directories => { 'active' => '/var/spool/postfix/active' } } - end - it 'Will create /etc/collectd.d/10-filecount.conf' do - should contain_file('filecount.load') - .with(:ensure => 'present', - :path => '/etc/collectd.d/10-filecount.conf', - :content => %r{Directory "/var/spool/postfix/active"},) - end - end - - context 'new :directories format' do - let :params do - { :directories => { 'foodir' => { - 'path' => '/path/to/dir', - 'pattern' => '*.conf', - 'mtime' => '-5m', - 'recursive' => true, - 'includehidden' => false, - } } } - end - it 'Will create foodir collectd::plugin::filecount::directory resource' do - should contain_collectd__plugin__filecount__directory('foodir') - .with(:ensure => 'present', - :path => '/path/to/dir', - :pattern => '*.conf', - :mtime => '-5m', - :recursive => true, - :includehidden => false,) - end - end - - context ':ensure => absent' do - let :params do - { :directories => { 'active' => '/var/spool/postfix/active' }, :ensure => 'absent' } - end - it 'Will not create /etc/collectd.d/10-filecount.conf' do - should contain_file('filecount.load') - .with(:ensure => 'absent', - :path => '/etc/collectd.d/10-filecount.conf',) - end - end - - context ':directories is not hash' do - let :params do - { :directories => '/var/spool/postfix/active' } - end - it 'Will raise an error about :directories being a String' do - should compile.and_raise_error(/String/) - end - end - - context ':directories is empty' do - it 'Will not create an empty block' do - should contain_file('filecount.load') - .without_content(//) - end - end -end diff --git a/module-collectd/spec/classes/collectd_plugin_filter_spec.rb b/module-collectd/spec/classes/collectd_plugin_filter_spec.rb deleted file mode 100644 index 342bca2ba..000000000 --- a/module-collectd/spec/classes/collectd_plugin_filter_spec.rb +++ /dev/null @@ -1,61 +0,0 @@ -require 'spec_helper' - -describe 'collectd::plugin::filter', type: :class do - let :facts do - { - osfamily: 'Debian', - concat_basedir: tmpfilename('collectd-filter'), - id: 'root', - kernel: 'Linux', - path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', - collectd_version: '5.0' - } - end - context ':ensure => present and default parameters' do - it 'Will create /etc/collectd/conf.d/01-filter.conf to set the default Chains' do - should contain_file('/etc/collectd/conf.d/01-filter.conf').with(ensure: 'present', - path: '/etc/collectd/conf.d/01-filter.conf', - content: /PreCacheChain \"PreChain\"\nPostCacheChain \"PostChain\"/) - end - end - - context ':ensure => present and custom parameters' do - let(:params) do - { - ensure: 'present', - precachechain: 'MyPreChain', - postcachechain: 'MyPostChain' - } - end - it 'Will create /etc/collectd/conf.d/01-filter.conf to set the default Chains' do - should contain_file('/etc/collectd/conf.d/01-filter.conf').with(ensure: 'present', - path: '/etc/collectd/conf.d/01-filter.conf', - content: /PreCacheChain \"MyPreChain\"\nPostCacheChain \"MyPostChain\"/) - end - end - - context ':ensure => absent' do - let(:params) do - { ensure: 'absent' } - end - - it 'Will remove /etc/collectd/conf.d/01-filter.conf' do - should contain_file('/etc/collectd/conf.d/01-filter.conf').with(ensure: 'absent', - path: '/etc/collectd/conf.d/01-filter.conf') - end - - it 'Will remove loads of match plugins for filter' do - should contain_file('match_regex.load').with(ensure: 'absent', path: '/etc/collectd/conf.d/02-match_regex.conf') - should contain_file('match_timediff.load').with(ensure: 'absent', path: '/etc/collectd/conf.d/02-match_timediff.conf') - should contain_file('match_value.load').with(ensure: 'absent', path: '/etc/collectd/conf.d/02-match_value.conf') - should contain_file('match_empty_counter.load').with(ensure: 'absent', path: '/etc/collectd/conf.d/02-match_empty_counter.conf') - should contain_file('match_hashed.load').with(ensure: 'absent', path: '/etc/collectd/conf.d/02-match_hashed.conf') - end - - it 'Will remove loads of target plugins for filter' do - should contain_file('target_notification.load').with(ensure: 'absent', path: '/etc/collectd/conf.d/02-target_notification.conf') - should contain_file('target_replace.load').with(ensure: 'absent', path: '/etc/collectd/conf.d/02-target_replace.conf') - should contain_file('target_set.load').with(ensure: 'absent', path: '/etc/collectd/conf.d/02-target_set.conf') - end - end -end diff --git a/module-collectd/spec/classes/collectd_plugin_genericjmx_spec.rb b/module-collectd/spec/classes/collectd_plugin_genericjmx_spec.rb deleted file mode 100644 index 7747aff23..000000000 --- a/module-collectd/spec/classes/collectd_plugin_genericjmx_spec.rb +++ /dev/null @@ -1,70 +0,0 @@ -require 'spec_helper' - -describe 'collectd::plugin::genericjmx', :type => :class do - let(:facts) do - { - :osfamily => 'Debian', - :id => 'root', - :concat_basedir => tmpfilename('collectd-genericjmx'), - :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', - } - end - - let(:config_filename) { '/etc/collectd/conf.d/15-genericjmx.conf' } - - context 'defaults' do - it 'will include the java plugin' do - should contain_class('collectd::plugin::java') - end - - it 'will load the genericjmx plugin' do - should contain_concat(config_filename) - .with(:ensure => 'present', - :mode => '0640', - :owner => 'root', - :group => 'root', - :ensure_newline => true) - end - - it { should contain_concat(config_filename).that_notifies('Service[collectd]') } - - it do - should contain_concat__fragment('collectd_plugin_genericjmx_conf_header') - .with(:order => '00', - :target => config_filename, - :content => /.+LoadPlugin "org\.collectd\.java\.GenericJMX".+/m) - end - - it do - should contain_concat__fragment('collectd_plugin_genericjmx_conf_footer') - .with(:order => '99', - :target => config_filename, - :content => %r{.+}m,) - end - end - - context 'jvmarg parameter array' do - let(:params) { { :jvmarg => %w( foo bar baz ) } } - it 'should have multiple jvmarg parameters' do - should contain_concat__fragment('collectd_plugin_genericjmx_conf_header') - .with_content(/JVMArg "foo".*JVMArg "bar".*JVMArg "baz"/m) - end - end - - context 'jvmarg parameter string' do - let(:params) { { :jvmarg => 'bat' } } - it 'should have one jvmarg parameter' do - should contain_concat__fragment('collectd_plugin_genericjmx_conf_header').with_content(/JVMArg "bat"/) - end - it 'should have ONLY one jvmarg parameter other than classpath' do - should contain_concat__fragment('collectd_plugin_genericjmx_conf_header').without_content(/(.*JVMArg.*){3,}/m) - end - end - - context 'jvmarg parameter empty' do - let(:params) { { :jvmarg => [] } } - it 'should not have any jvmarg parameters other than classpath' do - should contain_concat__fragment('collectd_plugin_genericjmx_conf_header').without_content(/(.*JVMArg.*){2,}/m) - end - end -end diff --git a/module-collectd/spec/classes/collectd_plugin_interface_spec.rb b/module-collectd/spec/classes/collectd_plugin_interface_spec.rb deleted file mode 100644 index 51b99f4f6..000000000 --- a/module-collectd/spec/classes/collectd_plugin_interface_spec.rb +++ /dev/null @@ -1,37 +0,0 @@ -require 'spec_helper' - -describe 'collectd::plugin::interface', :type => :class do - let :facts do - { :osfamily => 'RedHat' } - end - - context ':ensure => present and :interfaces => [\'eth0\']' do - let :params do - { :interfaces => ['eth0'] } - end - it 'Will create /etc/collectd.d/10-interface.conf' do - should contain_file('interface.load').with(:ensure => 'present', - :path => '/etc/collectd.d/10-interface.conf', - :content => /Interface "eth0"/,) - end - end - - context ':ensure => absent' do - let :params do - { :interfaces => ['eth0'], :ensure => 'absent' } - end - it 'Will not create /etc/collectd.d/10-interface.conf' do - should contain_file('interface.load').with(:ensure => 'absent', - :path => '/etc/collectd.d/10-interface.conf',) - end - end - - context ':interfaces is not an array' do - let :params do - { :interfaces => 'eth0' } - end - it 'Will raise an error about :interfaces being a String' do - should compile.and_raise_error(/String/) - end - end -end diff --git a/module-collectd/spec/classes/collectd_plugin_iptables_spec.rb b/module-collectd/spec/classes/collectd_plugin_iptables_spec.rb deleted file mode 100644 index 81da08330..000000000 --- a/module-collectd/spec/classes/collectd_plugin_iptables_spec.rb +++ /dev/null @@ -1,53 +0,0 @@ -require 'spec_helper' - -describe 'collectd::plugin::iptables', :type => :class do - let :facts do - { :osfamily => 'RedHat' } - end - - context ':ensure => present and :chains => { \'nat\' => \'In_SSH\' }' do - let :params do - { :chains => { 'nat' => 'In_SSH' } } - end - it 'Will create /etc/collectd.d/10-iptables.conf' do - should contain_file('iptables.load').with(:ensure => 'present', - :path => '/etc/collectd.d/10-iptables.conf', - :content => /Chain nat In_SSH/,) - end - end - - context ':ensure => present and :chains has two chains from the same table' do - let :params do - { :chains => { - 'filter' => %w(INPUT OUTPUT), - } } - end - it 'Will create /etc/collectd.d/10-iptables.conf' do - should contain_file('iptables.load').with(:ensure => 'present', - :path => '/etc/collectd.d/10-iptables.conf', - :content => /Chain filter INPUT/,) - should contain_file('iptables.load').with(:ensure => 'present', - :path => '/etc/collectd.d/10-iptables.conf', - :content => /Chain filter OUTPUT/,) - end - end - - context ':ensure => absent' do - let :params do - { :chains => { 'nat' => 'In_SSH' }, :ensure => 'absent' } - end - it 'Will not create /etc/collectd.d/10-iptables.conf' do - should contain_file('iptables.load').with(:ensure => 'absent', - :path => '/etc/collectd.d/10-iptables.conf',) - end - end - - context ':chains is not a hash' do - let :params do - { :chains => %w(nat In_SSH) } - end - it 'Will raise an error about :chains being an Array' do - should compile.and_raise_error(/Array/) - end - end -end diff --git a/module-collectd/spec/classes/collectd_plugin_irq_spec.rb b/module-collectd/spec/classes/collectd_plugin_irq_spec.rb deleted file mode 100644 index 5511f5adb..000000000 --- a/module-collectd/spec/classes/collectd_plugin_irq_spec.rb +++ /dev/null @@ -1,37 +0,0 @@ -require 'spec_helper' - -describe 'collectd::plugin::irq', :type => :class do - let :facts do - { :osfamily => 'RedHat' } - end - - context ':ensure => present and :irqs => [90,91,92]' do - let :params do - { :irqs => [90, 91, 92] } - end - it 'Will create /etc/collectd.d/10-irq.conf' do - should contain_file('irq.load').with(:ensure => 'present', - :path => '/etc/collectd.d/10-irq.conf', - :content => /Irq \"90\"\n.+Irq \"91\"\n.+Irq \"92\"/m,) - end - end - - context ':ensure => absent' do - let :params do - { :irqs => [90, 91, 92], :ensure => 'absent' } - end - it 'Will not create /etc/collectd.d/10-irq.conf' do - should contain_file('irq.load').with(:ensure => 'absent', - :path => '/etc/collectd.d/10-irq.conf',) - end - end - - context ':disks is not an array' do - let :params do - { :irqs => '90,91,92' } - end - it 'Will raise an error about :irqs being a String' do - should compile.and_raise_error(/String/) - end - end -end diff --git a/module-collectd/spec/classes/collectd_plugin_java_spec.rb b/module-collectd/spec/classes/collectd_plugin_java_spec.rb deleted file mode 100644 index 8b7be6468..000000000 --- a/module-collectd/spec/classes/collectd_plugin_java_spec.rb +++ /dev/null @@ -1,68 +0,0 @@ -require 'spec_helper' - -describe 'collectd::plugin::java', :type => :class do - let :facts do - { :osfamily => 'RedHat' } - end - - context ':ensure => present, defaults' do - it 'Will load the plugin' do - should contain_collectd__plugin('java').with(:ensure => 'present',) - end - end - - context ':ensure => absent' do - let(:params) do - { - :ensure => 'absent', - } - end - - it 'will not load the plugin' do - should contain_collectd__plugin('java').with(:ensure => 'absent') - end - end - - context 'jvmarg parameter array' do - let(:params) do - { - :jvmarg => %w( foo bar baz ) - } - end - - it 'will have multiple jvmarg parameters' do - should contain_collectd__plugin('java').with_content(/JVMArg "foo".+JVMArg "bar".+JVMArg "baz"/m) - end - end - - context 'jvmarg parameter string' do - let(:params) do - { - :jvmarg => 'bat' - } - end - - it 'will have a JVMArg parameter' do - should contain_collectd__plugin('java').with_content(/JVMArg "bat"/) - end - - it 'will only have one JVMArg parameter' do - should contain_collectd__plugin('java').without_content(/(.*JVMArg.*){2,}/m) - end - end - - context 'jvmarg parameter empty' do - let(:params) do - { - :jvmarg => [], - } - end - - it 'will not have a stanza' do - should contain_collectd__plugin('java').without_content(//) - end - it 'will not have any jvmarg parameters' do - should contain_collectd__plugin('java').without_content(/JVMArg/) - end - end -end diff --git a/module-collectd/spec/classes/collectd_plugin_libvirt_spec.rb b/module-collectd/spec/classes/collectd_plugin_libvirt_spec.rb deleted file mode 100644 index 3593a3e10..000000000 --- a/module-collectd/spec/classes/collectd_plugin_libvirt_spec.rb +++ /dev/null @@ -1,37 +0,0 @@ -require 'spec_helper' - -describe 'collectd::plugin::libvirt', :type => :class do - context 'interface_format in libvirt.conf' do - let :params do - { :connection => 'qemu:///system', - :interface_format => 'address', - } - end - - context 'with collectd_version < 5.0' do - let :facts do - { :osfamily => 'Debian', - :collectd_version => '4.10.1', - } - end - - it 'should be ignored' do - should contain_file('libvirt.load') - .without_content(/.*InterfaceFormat \"address\".*/) - end - end - - context 'with collectd_version >= 5.0' do - let :facts do - { :osfamily => 'Debian', - :collectd_version => '5.0.0', - } - end - - it 'should be included' do - should contain_file('libvirt.load') - .with_content(/.*InterfaceFormat \"address\".*/) - end - end - end -end diff --git a/module-collectd/spec/classes/collectd_plugin_logfile_spec.rb b/module-collectd/spec/classes/collectd_plugin_logfile_spec.rb deleted file mode 100644 index dc14322a9..000000000 --- a/module-collectd/spec/classes/collectd_plugin_logfile_spec.rb +++ /dev/null @@ -1,75 +0,0 @@ -require 'spec_helper' - -describe 'collectd::plugin::logfile', :type => :class do - context ':ensure => present, default params' do - let :facts do - { :osfamily => 'RedHat' } - end - - it 'Will create /etc/collectd.d/05-logfile.conf' do - should contain_file('logfile.load').with(:ensure => 'present', - :path => '/etc/collectd.d/05-logfile.conf',).without_content(/PrintSeverity/) - end - end - - context ':ensure => present, specific params, collectd version 4.9' do - let :facts do - { :osfamily => 'Redhat', - :collectd_version => '4.9.0' - } - end - let :params do - { :print_severity => true } - end - - it 'Will create /etc/collectd.d/05-logfile.conf for collectd < 4.10' do - should contain_file('logfile.load').with(:ensure => 'present', - :path => '/etc/collectd.d/05-logfile.conf',).without_content(/PrintSeverity/) - end - end - - context ':ensure => present, default params, collectd version 4.10' do - let :facts do - { :osfamily => 'Redhat', - :collectd_version => '4.10.0' - } - end - - it 'Will create /etc/collectd.d/05-logfile.conf for collectd >= 4.10' do - should contain_file('logfile.load').with(:ensure => 'present', - :path => '/etc/collectd.d/05-logfile.conf', - :content => /PrintSeverity false/) - end - end - - context ':ensure => present, specific params, collectd version 4.10' do - let :facts do - { :osfamily => 'Redhat', - :collectd_version => '4.10.0' - } - end - let :params do - { :print_severity => true } - end - - it 'Will create /etc/collectd.d/05-logfile.conf for collectd >= 4.10' do - should contain_file('logfile.load').with(:ensure => 'present', - :path => '/etc/collectd.d/05-logfile.conf', - :content => /PrintSeverity true/) - end - end - - context ':ensure => absent' do - let :facts do - { :osfamily => 'RedHat' } - end - let :params do - { :ensure => 'absent' } - end - - it 'Will not create /etc/collectd.d/05-logfile.conf' do - should contain_file('logfile.load').with(:ensure => 'absent', - :path => '/etc/collectd.d/05-logfile.conf',) - end - end -end diff --git a/module-collectd/spec/classes/collectd_plugin_memcached_spec.rb b/module-collectd/spec/classes/collectd_plugin_memcached_spec.rb deleted file mode 100644 index a725fffe0..000000000 --- a/module-collectd/spec/classes/collectd_plugin_memcached_spec.rb +++ /dev/null @@ -1,25 +0,0 @@ -require 'spec_helper' - -describe 'collectd::plugin::memcached', :type => :class do - let :facts do - { :osfamily => 'RedHat' } - end - - context ':ensure => present, default host and port' do - it 'Will create /etc/collectd.d/memcached.conf' do - should contain_file('memcached.load').with(:ensure => 'present', - :path => '/etc/collectd.d/10-memcached.conf', - :content => /Host "127.0.0.1"\n.+Port 11211/,) - end - end - - context ':ensure => absent' do - let :params do - { :ensure => 'absent' } - end - it 'Will not create /etc/collectd.d/memcached.conf' do - should contain_file('memcached.load').with(:ensure => 'absent', - :path => '/etc/collectd.d/10-memcached.conf',) - end - end -end diff --git a/module-collectd/spec/classes/collectd_plugin_memory_spec.rb b/module-collectd/spec/classes/collectd_plugin_memory_spec.rb deleted file mode 100644 index b30bd9742..000000000 --- a/module-collectd/spec/classes/collectd_plugin_memory_spec.rb +++ /dev/null @@ -1,60 +0,0 @@ -require 'spec_helper' - -describe 'collectd::plugin::memory', :type => :class do - context ':ensure => present, default params' do - let :facts do - { :osfamily => 'RedHat' } - end - it 'Will create /etc/collectd.d/10-memory.conf' do - should contain_file('memory.load').with(:ensure => 'present', - :path => '/etc/collectd.d/10-memory.conf', - :content => /LoadPlugin memory/,) - end - end - - context ':ensure => present, specific params, collectd version 5.4.2' do - let :facts do - { :osfamily => 'Redhat', - :collectd_version => '5.4.2' - } - end - - it 'Will create /etc/collectd.d/10-memory.conf for collectd < 5.5' do - should contain_file('memory.load').with(:ensure => 'present', - :path => '/etc/collectd.d/10-memory.conf', - :content => /LoadPlugin memory/,) - end - - it 'Will not include ValuesPercentage in /etc/collectd.d/10-memory.conf' do - should_not contain_file('memory.load').with_content(/ValuesPercentage/) - end - end - - context ':ensure => present, specific params, collectd version 5.5.0' do - let :facts do - { :osfamily => 'Redhat', - :collectd_version => '5.5.0' - } - end - - it 'Will create /etc/collectd.d/10-memory.conf for collectd >= 5.5' do - should contain_file('memory.load').with(:ensure => 'present', - :path => '/etc/collectd.d/10-memory.conf', - :content => "# Generated by Puppet\n\n Globals false\n\n\n\n ValuesAbsolute = true\n ValuesPercentage = false\n\n\n",) - end - end - - context ':ensure => absent' do - let :facts do - { :osfamily => 'RedHat' } - end - let :params do - { :ensure => 'absent' } - end - - it 'Will not create /etc/collectd.d/10-memory.conf' do - should contain_file('memory.load').with(:ensure => 'absent', - :path => '/etc/collectd.d/10-memory.conf',) - end - end -end diff --git a/module-collectd/spec/classes/collectd_plugin_mongodb_spec.rb b/module-collectd/spec/classes/collectd_plugin_mongodb_spec.rb deleted file mode 100644 index 5c29341f6..000000000 --- a/module-collectd/spec/classes/collectd_plugin_mongodb_spec.rb +++ /dev/null @@ -1,202 +0,0 @@ -require 'spec_helper' - -describe 'collectd::plugin::mongodb' do - let :facts do - { :collectd_version => '5.2', - :osfamily => 'RedHat', - } - end - - let :default_params do - { :db_user => 'test_user', - :db_pass => 'password', - } - end - - context 'with default values for all parameters' do - let :params do - default_params - end - - it { should contain_class('collectd::plugin::mongodb') } - - it do - should contain_file('mongodb.load').with( - 'ensure' => 'present', - ) - end - - default_fixture = File.read(fixtures('plugins/mongodb.conf.default')) - it { should contain_file('mongodb.load').with_content(default_fixture) } - end - - describe 'with ensure parameter' do - %w(present absent).each do |value| - context "set to a valid value of #{value}" do - let :params do - default_params.merge(:ensure => "#{value}",) - end - - it do - should contain_file('mongodb.load').with( - 'ensure' => value, - ) - end - end - end - - context 'set to an invalid value' do - let :params do - default_params.merge(:ensure => 'invalid',) - end - - it 'should fail' do - expect do - should contain_class('collectd::plugin::mongodb') - end.to raise_error(Puppet::Error, /collectd::plugin::mongodb::ensure is and must be either 'present' or 'absent'\./) - end - end - end - - describe 'with interval parameter' do - ['10.0', '3600'].each do |value| - context "set to a valid numeric of #{value}" do - let(:params) do - default_params.merge(:interval => "#{value}",) - end - - it { should contain_file('mongodb.load').with_content(/\s*Interval\s+#{Regexp.escape(value)}/) } - end - end - - context 'set to an invalid value' do - let :params do - default_params.merge(:interval => 'invalid',) - end - - it 'should fail' do - expect do - should contain_class('collectd::plugin::mongodb') - end.to raise_error(Puppet::Error, /Expected first argument to be a Numeric or Array, got String/) - end - end - end - - describe 'with db_host parameter' do - context 'set to a valid IP' do - let :params do - default_params.merge(:db_host => '127.0.0.1',) - end - - hostdb_fixture = File.read(fixtures('plugins/mongodb.conf.hostdb')) - it { should contain_file('mongodb.load').with_content(hostdb_fixture) } - end - - %w('127001', nil).each do |value| - context 'set to and invalid IP' do - let :params do - default_params.merge(:db_host => "#{value}",) - end - - it 'should fail' do - expect do - should contain_class('collectd::plugin::mongodb') - end.to raise_error(Puppet::Error, /must be a valid IP address/) - end - end - end - end - - describe 'with db_user parameter' do - context 'set to a valid user name' do - let :params do - default_params.merge(:db_user => 'test_user',) - end - - confdb_fixture = File.read(fixtures('plugins/mongodb.conf.db_user')) - it { should contain_file('mongodb.load').with_content(confdb_fixture) } - end - - context 'undefined' do - let :params do - { :db_pass => 'password', - } - end - - it 'should fail' do - expect do - should contain_class('collectd::plugin::mongodb') - end.to raise_error(Puppet::Error, /is and must be a mongodb username/) - end - end - end - - describe 'with db_pass parameter' do - context 'set to a valid password' do - let :params do - default_params.merge(:db_pass => 'foo',) - end - - dbpass_fixture = File.read(fixtures('plugins/mongodb.conf.db_pass')) - it { should contain_file('mongodb.load').with_content(dbpass_fixture) } - end - - context 'undefined' do - let :params do - { :db_user => 'test_user', - } - end - - it 'should fail' do - expect do - should contain_class('collectd::plugin::mongodb') - end.to raise_error(Puppet::Error, /collectd::plugin::mongodb::db_pass is /) - end - end - end - - describe 'with configured_dbs parameter' do - context 'set to a valid value with db_port defined and a single db' do - let :params do - default_params.merge(:configured_dbs => [25], - :db_port => '8080',) - end - - dbport_single_fixture = File.read(fixtures('plugins/mongodb.conf.configured_dbs_single')) - it { should contain_file('mongodb.load').with_content(dbport_single_fixture) } - end - - context 'set to a valid value with db_port defined and multiple DBs' do - let :params do - default_params.merge(:configured_dbs => [25, 26], - :db_port => '8080',) - end - - dbport_multi_fixture = File.read(fixtures('plugins/mongodb.conf.configured_dbs_multiple')) - it { should contain_file('mongodb.load').with_content(dbport_multi_fixture) } - end - - context 'set to a valid value with db_port undefined' do - let :params do - default_params.merge(:configured_dbs => [25],) - end - - it 'should fail' do - expect do - should contain_class('collectd::plugin::mongodb') - end.to raise_error(Puppet::Error, /db_port is undefined/) - end - end - end - - describe 'with collectd_dir parameter' do - context 'defined' do - let :params do - default_params.merge(:collectd_dir => '/tmp/collectd_test_dir',) - end - - collectddir_fixture = File.read(fixtures('plugins/mongodb.conf.collectddir')) - it { should contain_file('mongodb.load').with_content(collectddir_fixture) } - end - end -end diff --git a/module-collectd/spec/classes/collectd_plugin_netlink_spec.rb b/module-collectd/spec/classes/collectd_plugin_netlink_spec.rb deleted file mode 100644 index 835a61a96..000000000 --- a/module-collectd/spec/classes/collectd_plugin_netlink_spec.rb +++ /dev/null @@ -1,63 +0,0 @@ -require 'spec_helper' - -describe 'collectd::plugin::netlink', :type => :class do - let :facts do - { :osfamily => 'RedHat' } - end - - context ':ensure => present, specific params' do - let :params do - { - :interfaces => %w(eth0 eth1), - :verboseinterfaces => ['ppp0'], - :qdiscs => ['"eth0" "pfifo_fast-1:0"', '"ppp0"'], - :classes => ['"ppp0" "htb-1:10"'], - :filters => ['"ppp0" "u32-1:0"'], - :ignoreselected => false, - - } - end - it 'Will create /etc/collectd.d/10-netlink.conf' do - should contain_file('netlink.load').with(:ensure => 'present', - :path => '/etc/collectd.d/10-netlink.conf',) - end - it { should contain_file('netlink.load').with_content(/^$/) } - it { should contain_file('netlink.load').with_content(/^ Interface "eth0"$/) } - it { should contain_file('netlink.load').with_content(/^ Interface "eth1"$/) } - it { should contain_file('netlink.load').with_content(/^ VerboseInterface "ppp0"$/) } - it { should contain_file('netlink.load').with_content(/^ QDisc "eth0" "pfifo_fast-1:0"$/) } - it { should contain_file('netlink.load').with_content(/^ QDisc "ppp0"$/) } - it { should contain_file('netlink.load').with_content(/^ Class "ppp0" "htb-1:10"$/) } - it { should contain_file('netlink.load').with_content(/^ Filter "ppp0" "u32-1:0"$/) } - it { should contain_file('netlink.load').with_content(/^ IgnoreSelected false$/) } - it do - should contain_package('collectd-netlink').with( - :ensure => 'present' - ) - end - end - - context ':ensure => absent' do - let :params do - { :interfaces => ['eth0'], :ensure => 'absent' } - end - it 'Will not create /etc/collectd.d/10-netlink.conf' do - should contain_file('netlink.load').with(:ensure => 'absent', - :path => '/etc/collectd.d/10-netlink.conf',) - end - it do - should contain_package('collectd-netlink').with( - :ensure => 'absent' - ) - end - end - - context ':interfaces is not an array' do - let :params do - { :interfaces => 'eth0' } - end - it 'Will raise an error about :interfaces being a String' do - should compile.and_raise_error(/String/) - end - end -end diff --git a/module-collectd/spec/classes/collectd_plugin_network_spec.rb b/module-collectd/spec/classes/collectd_plugin_network_spec.rb deleted file mode 100644 index 063b5f237..000000000 --- a/module-collectd/spec/classes/collectd_plugin_network_spec.rb +++ /dev/null @@ -1,15 +0,0 @@ -require 'spec_helper' - -describe 'collectd::plugin::network', :type => :class do - context ':ensure => present, default params' do - let :facts do - { :osfamily => 'RedHat' } - end - it 'Will create /etc/collectd.d/10-network.conf' do - should contain_file('network.load') - .with(:ensure => 'present', - :path => '/etc/collectd.d/10-network.conf', - :content => %r{# Generated by Puppet\nLoadPlugin network\n\n\n \n\n},) - end - end -end diff --git a/module-collectd/spec/classes/collectd_plugin_openvpn_spec.rb b/module-collectd/spec/classes/collectd_plugin_openvpn_spec.rb deleted file mode 100644 index efc3bc30d..000000000 --- a/module-collectd/spec/classes/collectd_plugin_openvpn_spec.rb +++ /dev/null @@ -1,161 +0,0 @@ -require 'spec_helper' - -describe 'collectd::plugin::openvpn', :type => :class do - ###################################################################### - # Default param validation, compilation succeeds - - context ':ensure => present, default params' do - let :facts do - { :osfamily => 'RedHat', - :collectd_version => '5.4', - } - end - - it 'Will create /etc/collectd.d/10-openvpn.conf' do - should contain_file('openvpn.load').with(:ensure => 'present', - :path => '/etc/collectd.d/10-openvpn.conf', - :content => "#\ Generated by Puppet\n\n Globals false\n\n\n\n StatusFile \"/etc/openvpn/openvpn-status.log\"\n ImprovedNamingSchema false\n CollectCompression true\n CollectIndividualUsers true\n CollectUserCount false\n\n\n",) - end - end - - context ':statusfile param is an array' do - let :facts do - { :osfamily => 'RedHat', - :collectd_version => '5.4', - } - end - - let :params do - { :statusfile => ['/etc/openvpn/openvpn-tcp.status', '/etc/openvpn/openvpn-udp.status'] } - end - - it 'Will create /etc/collectd.d/10-openvpn.conf with two :statusfile params' do - should contain_file('openvpn.load').with(:ensure => 'present', - :path => '/etc/collectd.d/10-openvpn.conf', - :content => "#\ Generated by Puppet\n\n Globals false\n\n\n\n StatusFile \"/etc/openvpn/openvpn-tcp.status\"\n StatusFile \"/etc/openvpn/openvpn-udp.status\"\n ImprovedNamingSchema false\n CollectCompression true\n CollectIndividualUsers true\n CollectUserCount false\n\n\n",) - end - end - - ###################################################################### - # Remaining parameter validation, compilation fails - - context ':statusfile is a string but not an absolute path' do - let :facts do - { :osfamily => 'RedHat', - :collectd_version => '5.4', - } - end - - let :params do - { :statusfile => 'megafrobber' } - end - - it 'Will raise an error about :statusfile not being an absolute path' do - should compile.and_raise_error(/"megafrobber" is not an absolute path./) - end - end - - context ':statusfile param is not a string or array' do - let :facts do - { :osfamily => 'RedHat', - :collectd_version => '5.4', - } - end - - let :params do - { :statusfile => true } - end - - it 'Will raise an error about :statusfile not being a string or array' do - should compile.and_raise_error(/array or string:/) - end - end - - context ':improvednamingschema is not a bool' do - let :facts do - { :osfamily => 'RedHat', - :collectd_version => '5.4' } - end - let :params do - { :improvednamingschema => 'true' } - end - - it 'Will raise an error about :improvednamingschema not being a boolean' do - should compile.and_raise_error(/"true" is not a boolean. It looks to be a String/) - end - end - - context ':collectcompression is not a bool' do - let :facts do - { :osfamily => 'RedHat', - :collectd_version => '5.4' } - end - let :params do - { :collectcompression => 'true' } - end - - it 'Will raise an error about :collectcompression not being a boolean' do - should compile.and_raise_error(/"true" is not a boolean. It looks to be a String/) - end - end - - context ':collectindividualusers is not a bool' do - let :facts do - { :osfamily => 'RedHat', - :collectd_version => '5.4' } - end - let :params do - { :collectindividualusers => 'true' } - end - - it 'Will raise an error about :collectindividualusers not being a boolean' do - should compile.and_raise_error(/"true" is not a boolean. It looks to be a String/) - end - end - - context ':collectusercount is not a bool' do - let :facts do - { :osfamily => 'RedHat', - :collectd_version => '5.4' } - end - let :params do - { :collectusercount => 'true' } - end - - it 'Will raise an error about :collectusercount not being a boolean' do - should compile.and_raise_error(/"true" is not a boolean. It looks to be a String/) - end - end - - context ':interval is not default and is an integer' do - let :facts do - { :osfamily => 'RedHat', - :collectd_version => '5.4' } - end - let :params do - { :interval => 15 } - end - - it 'Will create /etc/collectd.d/10-openvpn.conf' do - should contain_file('openvpn.load').with(:ensure => 'present', - :path => '/etc/collectd.d/10-openvpn.conf', - :content => /^ Interval 15/,) - end - end - - context ':ensure => absent' do - let :facts do - { :osfamily => 'RedHat', - :collectd_version => '5.4', - } - end - let :params do - { :ensure => 'absent' } - end - - it 'Will not create /etc/collectd.d/10-openvpn.conf' do - should contain_file('openvpn.load').with(:ensure => 'absent', - :path => '/etc/collectd.d/10-openvpn.conf',) - end - end -end diff --git a/module-collectd/spec/classes/collectd_plugin_ping_spec.rb b/module-collectd/spec/classes/collectd_plugin_ping_spec.rb deleted file mode 100644 index 8b0e466c2..000000000 --- a/module-collectd/spec/classes/collectd_plugin_ping_spec.rb +++ /dev/null @@ -1,52 +0,0 @@ -require 'spec_helper' - -describe 'collectd::plugin::ping' do - let :facts do - { :osfamily => 'RedHat' } - end - - context ':hosts => [\'google.com\']' do - let :params do - { :hosts => ['google.com'] } - end - it 'Will create /etc/collectd.d/10-ping.conf' do - should contain_file('ping.load').with(:ensure => 'present', - :path => '/etc/collectd.d/10-ping.conf', - :content => /Host "google.com"/,) - end - end - - context ':hosts => [\'google.com\', \'puppetlabs.com\']' do - let :params do - { :hosts => ['google.com', 'puppetlabs.com'] } - end - it 'Will create /etc/collectd.d/10-ping.conf' do - should contain_file('ping.load').with(:ensure => 'present', - :path => '/etc/collectd.d/10-ping.conf' - ).with_content( - /Host "google.com"/ - ).with_content( - /Host "puppetlabs.com"/ - ) - end - end - - context ':ensure => absent' do - let :params do - { :hosts => ['google.com'], :ensure => 'absent' } - end - it 'Will not create /etc/collectd.d/10-ping.conf' do - should contain_file('ping.load').with(:ensure => 'absent', - :path => '/etc/collectd.d/10-ping.conf',) - end - end - - context ':hosts is not an array' do - let :params do - { :hosts => 'google.com' } - end - it 'Will raise an error about :interfaces being a String' do - should compile.and_raise_error(/String/) - end - end -end diff --git a/module-collectd/spec/classes/collectd_plugin_postgresql_spec.rb b/module-collectd/spec/classes/collectd_plugin_postgresql_spec.rb deleted file mode 100644 index 5a7dce3f0..000000000 --- a/module-collectd/spec/classes/collectd_plugin_postgresql_spec.rb +++ /dev/null @@ -1,98 +0,0 @@ -require 'spec_helper' - -describe 'collectd::plugin::postgresql', :type => :class do - let :facts do - { - :osfamily => 'RedHat', - :concat_basedir => tmpfilename('collectd-postgresql'), - :id => 'root', - :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', - } - end - - context ':ensure => present and default parameters' do - it 'Will create /etc/collectd.d/01-postgresql.conf to load the plugin' do - should contain_file('postgresql.load').with(:ensure => 'present', - :path => '/etc/collectd.d/10-postgresql.conf', - :content => /LoadPlugin postgresql/,) - end - it 'Will create /etc/collectd.d/postgresql-config.conf' do - should contain_concat__fragment('collectd_plugin_postgresql_conf_header').with(:content => //,) - end - end - context ':ensure => present and create a db with a custom query' do - let(:params) do - { - :databases => { - 'postgres' => { - 'host' => 'localhost', - 'user' => 'postgres', - 'password' => 'postgres', - 'sslmode' => 'disable', - 'query' => %w(disk_io log_delay), - }, - }, - :queries => { - 'log_delay' => { - 'statement' => 'SELECT * FROM log_delay_repli;', - 'results' => [{ - 'type' => 'gauge', - 'instanceprefix' => 'log_delay', - 'instancesfrom' => 'inet_server_port', - 'valuesfrom' => 'log_delay', - }], - } - }, - :writers => { - 'sqlstore' => { - 'statement' => 'SELECT collectd_insert($1, $2, $3, $4, $5, $6, $7, $8, $9);', - 'storerates' => true, - } - } - } - end - it 'Will create /etc/collectd.d/postgresql-config.conf' do - should contain_concat__fragment('collectd_plugin_postgresql_conf_db_postgres').with(:content => /Host \"localhost\"/,) - should contain_concat__fragment('collectd_plugin_postgresql_conf_db_postgres').with(:content => /Query \"disk_io\"/,) - should contain_concat__fragment('collectd_plugin_postgresql_conf_query_log_delay').with(:content => /Statement \"SELECT \* FROM log_delay_repli;\"\n/,) - should contain_concat__fragment('collectd_plugin_postgresql_conf_query_log_delay').with(:content => /\n/,) - should contain_concat__fragment('collectd_plugin_postgresql_conf_writer_sqlstore').with(:content => /\n/,) - end - end - - context ':ensure => present and pool two db with the same name on different ports' do - let(:params) do - { - :databases => { - 'postgres_port_5432' => { - 'instance' => 'postgres', - 'host' => 'localhost', - 'user' => 'postgres', - 'password' => 'postgres', - 'port' => '5432', - 'sslmode' => 'disable', - 'query' => %w(disk_io log_delay), - }, - 'postgres_port_5433' => { - 'instance' => 'postgres', - 'host' => 'localhost', - 'user' => 'postgres', - 'password' => 'postgres', - 'port' => '5433', - 'sslmode' => 'disable', - 'query' => %w(disk_io log_delay), - - }, - }, - } - end - it 'Will create /etc/collectd.d/postgresql-config.conf dsfd ' do - should contain_concat__fragment('collectd_plugin_postgresql_conf_db_postgres_port_5432').with( - :content => /Instance \"postgres\"/, - ) - should contain_concat__fragment('collectd_plugin_postgresql_conf_db_postgres_port_5433').with( - :content => /Instance \"postgres\"/, - ) - end - end -end diff --git a/module-collectd/spec/classes/collectd_plugin_processes_spec.rb b/module-collectd/spec/classes/collectd_plugin_processes_spec.rb deleted file mode 100644 index bb6ad7578..000000000 --- a/module-collectd/spec/classes/collectd_plugin_processes_spec.rb +++ /dev/null @@ -1,39 +0,0 @@ -require 'spec_helper' - -describe 'collectd::plugin::processes', :type => :class do - let :facts do - { - :osfamily => 'Debian', - :concat_basedir => tmpfilename('collectd-processes'), - :id => 'root', - :kernel => 'Linux', - :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', - :collectd_version => '5.0' - } - end - - context ':ensure => present' do - context ':ensure => present and default parameters' do - it 'Will create /etc/collectd/conf.d/10-processes.conf to load the plugin' do - should contain_file('processes.load') - .with(:ensure => 'present', - :path => '/etc/collectd/conf.d/10-processes.conf', - :content => /LoadPlugin processes/,) - end - - it 'Will create /etc/collectd.d/conf.d/processes-config.conf' do - should contain_concat__fragment('collectd_plugin_processes_conf_header') - .with(:content => //, - :target => '/etc/collectd/conf.d/processes-config.conf', - :order => '00') - end - - it 'Will create /etc/collectd.d/conf.d/processes-config.conf' do - should contain_concat__fragment('collectd_plugin_processes_conf_footer') - .with(:content => %r{}, - :target => '/etc/collectd/conf.d/processes-config.conf', - :order => '99') - end - end - end -end diff --git a/module-collectd/spec/classes/collectd_plugin_protocols_spec.rb b/module-collectd/spec/classes/collectd_plugin_protocols_spec.rb deleted file mode 100644 index 7b1be740c..000000000 --- a/module-collectd/spec/classes/collectd_plugin_protocols_spec.rb +++ /dev/null @@ -1,42 +0,0 @@ -require 'spec_helper' - -describe 'collectd::plugin::protocols', :type => :class do - let :facts do - { :osfamily => 'RedHat' } - end - - context ':ensure => present, default params' do - it 'Will create /etc/collectd.d/10-protocols.conf' do - should contain_file('protocols.load') - .with(:ensure => 'present', - :path => '/etc/collectd.d/10-protocols.conf', - :content => //,) - end - end - - context ':ensure => present, specific params' do - let :params do - { :values => %w(protocol1 protocol2), - } - end - - it 'Will create /etc/collectd.d/10-protocols.conf' do - should contain_file('protocols.load') - .with(:ensure => 'present', - :path => '/etc/collectd.d/10-protocols.conf', - :content => %r{\n\s*Value "protocol1"\n\s*Value "protocol2"\n},) - end - end - - context ':ensure => absent' do - let :params do - { :ensure => 'absent' } - end - - it 'Will not create /etc/collectd.d/10-protocols.conf' do - should contain_file('protocols.load') - .with(:ensure => 'absent', - :path => '/etc/collectd.d/10-protocols.conf',) - end - end -end diff --git a/module-collectd/spec/classes/collectd_plugin_python_spec.rb b/module-collectd/spec/classes/collectd_plugin_python_spec.rb deleted file mode 100644 index cefcb6b91..000000000 --- a/module-collectd/spec/classes/collectd_plugin_python_spec.rb +++ /dev/null @@ -1,222 +0,0 @@ -require 'spec_helper' - -describe 'collectd::plugin::python', :type => :class do - let :facts do - { - :osfamily => 'Debian', - :concat_basedir => tmpfilename('collectd-python'), - :id => 'root', - :kernel => 'Linux', - :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', - :collectd_version => '5.0' - } - end - - context ':ensure => present' do - context ':ensure => present and default parameters' do - it 'ensures that $modulepaths exits' do - should contain_file('/usr/share/collectd/python').with(:ensure => 'directory') - end - - it 'Will create /etc/collectd/conf.d/10-python.conf to load the plugin' do - should contain_file('python.load').with(:ensure => 'present', - :path => '/etc/collectd/conf.d/10-python.conf', - :content => /LoadPlugin python/,) - end - - it 'Will create /etc/collectd.d/conf.d/python-config.conf' do - should contain_concat__fragment('collectd_plugin_python_conf_header') - .with(:content => //, - :target => '/etc/collectd/conf.d/python-config.conf', - :order => '00') - end - - it 'set default Python module path' do - should contain_concat__fragment('collectd_plugin_python_conf_header') - .with(:content => %r{ModulePath "/usr/share/collectd/python"}, - :target => '/etc/collectd/conf.d/python-config.conf',) - end - - it 'Will create /etc/collectd.d/conf.d/python-config.conf' do - should contain_concat__fragment('collectd_plugin_python_conf_footer') - .with(:content => %r{}, - :target => '/etc/collectd/conf.d/python-config.conf', - :order => '99') - end - end - - context ':ensure => present and multiple $modulepaths' do - let :params do - { - :modulepaths => ['/tmp/', '/data/'] - } - end - it 'will ensure the two directories are here' do - should contain_file('/tmp/') - should contain_file('/data/') - end - it 'will set two modulepath in the module conf' do - should contain_concat__fragment('collectd_plugin_python_conf_header').with( - :content => %r{ModulePath "/tmp/"}, - :target => '/etc/collectd/conf.d/python-config.conf',) - should contain_concat__fragment('collectd_plugin_python_conf_header').with( - :content => %r{ModulePath "/data/"}, - :target => '/etc/collectd/conf.d/python-config.conf',) - end - end - - context ':ensure => present and configure elasticsearch module' do - let :params do - { - :modules => { - 'elasticsearch' => { - 'script_source' => 'puppet:///modules/myorg/elasticsearch_collectd_python.py', - 'config' => { 'Cluster' => 'ES-clust' } - }, - 'foo' => { - 'config' => { 'Verbose' => true, 'Bar' => '"bar"' } - } - } - } - end - - it 'imports elasticsearch module' do - should contain_concat__fragment('collectd_plugin_python_conf_elasticsearch') - .with(:content => /Import "elasticsearch"/, - :target => '/etc/collectd/conf.d/python-config.conf',) - end - - it 'includes elasticsearch module configuration' do - should contain_concat__fragment('collectd_plugin_python_conf_elasticsearch') - .with(:content => //, - :target => '/etc/collectd/conf.d/python-config.conf',) - end - - it 'includes elasticsearch Cluster name' do - should contain_concat__fragment('collectd_plugin_python_conf_elasticsearch') - .with(:content => /Cluster ES-clust/, - :target => '/etc/collectd/conf.d/python-config.conf',) - end - - it 'created collectd plugin file' do - should contain_file('elasticsearch.script') - .with(:ensure => 'present', - :path => '/usr/share/collectd/python/elasticsearch.py',) - end - - # test foo module - it 'imports foo module' do - should contain_concat__fragment('collectd_plugin_python_conf_foo') - .with(:content => /Import "foo"/, - :target => '/etc/collectd/conf.d/python-config.conf',) - end - - it 'includes foo module configuration' do - should contain_concat__fragment('collectd_plugin_python_conf_foo') - .with(:content => //, - :target => '/etc/collectd/conf.d/python-config.conf',) - should contain_concat__fragment('collectd_plugin_python_conf_foo').with(:content => /Verbose true/,) - should contain_concat__fragment('collectd_plugin_python_conf_foo').with(:content => /Bar "bar"/,) - end - end - - context 'allow changing module path' do - let :params do - { - :modulepaths => ['/var/lib/collectd/python', '/usr/collectd'], - :modules => { - 'elasticsearch' => { - 'script_source' => 'puppet:///modules/myorg/elasticsearch_collectd_python.py', - 'config' => { 'Cluster' => 'ES-clust' }, - 'modulepath' => '/var/lib/collectd/python', - } - } - } - end - - it 'ensures that each directory on $modulepaths exits' do - should contain_file('/var/lib/collectd/python').with(:ensure => 'directory') - - should contain_file('/usr/collectd').with(:ensure => 'directory') - end - - it 'set default Python module paths' do - should contain_concat__fragment('collectd_plugin_python_conf_header') - .with(:content => %r{ModulePath "/var/lib/collectd/python"}, - :target => '/etc/collectd/conf.d/python-config.conf',) - - should contain_concat__fragment('collectd_plugin_python_conf_header').with(:content => %r{ModulePath "/usr/collectd"},) - - should contain_concat__fragment('collectd_plugin_python_conf_header').with(:content => %r{ModulePath "/var/lib/collectd/python"},) - end - - it 'created collectd plugin file' do - should contain_file('elasticsearch.script') - .with(:ensure => 'present', - :path => '/var/lib/collectd/python/elasticsearch.py',) - end - end - end - - context 'change globals parameter' do - let :params do - { - :globals => false - } - end - - it 'will change $globals settings' do - should contain_file('python.load') - .with(:ensure => 'present', - :path => '/etc/collectd/conf.d/10-python.conf', - :content => /Globals false/,) - end - end - - context 'allow passing shared options for all modules' do - let :params do - { - :logtraces => true, - :interactive => true, - :encoding => 'utf-8', - } - end - - it 'sets options' do - should contain_concat__fragment('collectd_plugin_python_conf_header').with(:content => /LogTraces true/,) - - should contain_concat__fragment('collectd_plugin_python_conf_header').with(:content => /Interactive true/,) - - should contain_concat__fragment('collectd_plugin_python_conf_header').with(:content => /Encoding utf-8/,) - end - end - - context ':ensure => absent' do - let(:title) { 'elasticsearch' } - let :params do - { - :ensure => 'absent', - :modules => { - 'elasticsearch' => { - 'script_source' => 'puppet:///modules/myorg/elasticsearch_collectd_python.py', - 'config' => { 'Cluster' => 'ES-clust' } - } - } - } - end - - it 'will remove /etc/collectd/conf.d/10-python.conf' do - should contain_file('python.load') - .with(:ensure => 'absent', - :path => '/etc/collectd/conf.d/10-python.conf', - :content => /LoadPlugin python/,) - end - - it 'won\'t create /etc/collectd.d/conf.d/python-config.conf (no modules defined)' do - should_not contain_concat__fragment('collectd_plugin_python_conf_header') - .with(:ensure => 'absent', - :target => '/etc/collectd/conf.d/python-config.conf', - :order => '00') - end - end -end diff --git a/module-collectd/spec/classes/collectd_plugin_redis_spec.rb b/module-collectd/spec/classes/collectd_plugin_redis_spec.rb deleted file mode 100644 index 213cff099..000000000 --- a/module-collectd/spec/classes/collectd_plugin_redis_spec.rb +++ /dev/null @@ -1,30 +0,0 @@ -require 'spec_helper' - -describe 'collectd::plugin::redis', :type => :class do - context ':ensure => present, default params' do - let :facts do - { :osfamily => 'RedHat' } - end - it 'Will create /etc/collectd.d/10-redis.conf' do - should contain_file('redis.load') - .with(:ensure => 'present', - :path => '/etc/collectd.d/10-redis.conf', - :content => %r{# Generated by Puppet\nLoadPlugin redis\n\n\n \n Host "localhost"\n Port "6379"\n Timeout 2000\n \n\n},) - end - end - - context ':ensure => absent' do - let :facts do - { :osfamily => 'RedHat' } - end - let :params do - { :ensure => 'absent' } - end - - it 'Will not create /etc/collectd.d/10-redis.conf' do - should contain_file('redis.load') - .with(:ensure => 'absent', - :path => '/etc/collectd.d/10-redis.conf',) - end - end -end diff --git a/module-collectd/spec/classes/collectd_plugin_rrdtool_spec.rb b/module-collectd/spec/classes/collectd_plugin_rrdtool_spec.rb deleted file mode 100644 index 060e6346d..000000000 --- a/module-collectd/spec/classes/collectd_plugin_rrdtool_spec.rb +++ /dev/null @@ -1,33 +0,0 @@ -require 'spec_helper' - -describe 'collectd::plugin::rrdtool', :type => :class do - let :facts do - { :osfamily => 'RedHat' } - end - - context ':ensure => present, default args' do - it 'Will create /etc/collectd.d/10-rrdtool.conf' do - should contain_file('rrdtool.load') - .with(:ensure => 'present', - :path => '/etc/collectd.d/10-rrdtool.conf', - :content => %r{DataDir "/var/lib/collectd/rrd},) - end - - it do - should contain_package('collectd-rrdtool').with( - :ensure => 'present' - ) - end - end - - context ':ensure => absent' do - let :params do - { :ensure => 'absent' } - end - it 'Will not create /etc/collectd.d/10-rrdtool.conf' do - should contain_file('rrdtool.load') - .with(:ensure => 'absent', - :path => '/etc/collectd.d/10-rrdtool.conf',) - end - end -end diff --git a/module-collectd/spec/classes/collectd_plugin_snmp_spec.rb b/module-collectd/spec/classes/collectd_plugin_snmp_spec.rb deleted file mode 100644 index e5a4d7e9a..000000000 --- a/module-collectd/spec/classes/collectd_plugin_snmp_spec.rb +++ /dev/null @@ -1,65 +0,0 @@ -require 'spec_helper' - -describe 'collectd::plugin::snmp', :type => :class do - let :facts do - { :osfamily => 'RedHat' } - end - - context ':ensure => present and dataset for AMAVIS-MIB::inMsgs.0' do - let :params do - { - :data => { - 'amavis_incoming_messages' => { - 'Type' => 'counter', - 'Table' => false, - 'Instance' => 'amavis.inMsgs', - 'Values' => ['AMAVIS-MIB::inMsgs.0'] - } - }, - :hosts => { - 'scan04' => { - 'Address' => '127.0.0.1', - 'Version' => 2, - 'Community' => 'public', - 'Collect' => ['amavis_incoming_messages'], - 'Interval' => 10 - } - }, - } - end - it 'Will create /etc/collectd.d/10-snmp.conf' do - should contain_file('snmp.load').with(:ensure => 'present', - :path => '/etc/collectd.d/10-snmp.conf', - :content => /Data "amavis_incoming_messages".+Instance "amavis.inMsgs".+Host "scan04".+Community "public"/m,) - end - end - - context ':ensure => absent' do - let :params do - { - :ensure => 'absent', - :data => { - 'amavis_incoming_messages' => { - 'Type' => 'counter', - 'Table' => false, - 'Instance' => 'amavis.inMsgs', - 'Values' => ['AMAVIS-MIB::inMsgs.0'] - } - }, - :hosts => { - 'scan04' => { - 'Address' => '127.0.0.1', - 'Version' => 2, - 'Community' => 'public', - 'Collect' => ['amavis_incoming_messages'], - 'Interval' => 10 - } - }, - } - end - it 'Will not create /etc/collectd.d/10-snmp.conf' do - should contain_file('snmp.load').with(:ensure => 'absent', - :path => '/etc/collectd.d/10-snmp.conf',) - end - end -end diff --git a/module-collectd/spec/classes/collectd_plugin_swap_spec.rb b/module-collectd/spec/classes/collectd_plugin_swap_spec.rb deleted file mode 100644 index ccfcc4dc0..000000000 --- a/module-collectd/spec/classes/collectd_plugin_swap_spec.rb +++ /dev/null @@ -1,75 +0,0 @@ -require 'spec_helper' - -describe 'collectd::plugin::swap', :type => :class do - context ':ensure => present, default params' do - let :facts do - { :osfamily => 'RedHat' } - end - it 'Will create /etc/collectd.d/10-swap.conf' do - should contain_file('swap.load') - .with(:ensure => 'present', - :path => '/etc/collectd.d/10-swap.conf', - :content => %r{# Generated by Puppet\nLoadPlugin swap\n\n\n ReportByDevice false\n\n},) - end - end - - context ':ensure => present, specific params, collectd version 5.0' do - let :facts do - { :osfamily => 'Redhat', - :collectd_version => '5.0' - } - end - - it 'Will create /etc/collectd.d/10-swap.conf for collectd < 5.2' do - should contain_file('swap.load') - .with(:ensure => 'present', - :path => '/etc/collectd.d/10-swap.conf', - :content => "# Generated by Puppet\n\n Globals false\n\n\n\n ReportByDevice false\n\n\n",) - end - end - - context ':ensure => present, specific params, collectd version 5.2.0' do - let :facts do - { :osfamily => 'Redhat', - :collectd_version => '5.2.0' - } - end - - it 'Will create /etc/collectd.d/10-swap.conf for collectd >= 5.2' do - should contain_file('swap.load') - .with(:ensure => 'present', - :path => '/etc/collectd.d/10-swap.conf', - :content => "# Generated by Puppet\n\n Globals false\n\n\n\n ReportByDevice false\n ReportBytes true\n\n\n",) - end - end - - context ':ensure => present, specific params, collectd version 5.5.0' do - let :facts do - { :osfamily => 'Redhat', - :collectd_version => '5.5.0' - } - end - - it 'Will create /etc/collectd.d/10-swap.conf for collectd >= 5.5' do - should contain_file('swap.load') - .with(:ensure => 'present', - :path => '/etc/collectd.d/10-swap.conf', - :content => "# Generated by Puppet\n\n Globals false\n\n\n\n ReportByDevice false\n ReportBytes true\n ValuesAbsolute = true\n ValuesPercentage = false\n\n\n",) - end - end - - context ':ensure => absent' do - let :facts do - { :osfamily => 'RedHat' } - end - let :params do - { :ensure => 'absent' } - end - - it 'Will not create /etc/collectd.d/10-swap.conf' do - should contain_file('swap.load') - .with(:ensure => 'absent', - :path => '/etc/collectd.d/10-swap.conf',) - end - end -end diff --git a/module-collectd/spec/classes/collectd_plugin_tcpconns_spec.rb b/module-collectd/spec/classes/collectd_plugin_tcpconns_spec.rb deleted file mode 100644 index 48865e108..000000000 --- a/module-collectd/spec/classes/collectd_plugin_tcpconns_spec.rb +++ /dev/null @@ -1,92 +0,0 @@ -require 'spec_helper' - -describe 'collectd::plugin::tcpconns', :type => :class do - let :facts do - { :osfamily => 'RedHat' } - end - - context ':ensure => present and :localports => [22,25]' do - let :params do - { :localports => [22, 25] } - end - it 'Will create /etc/collectd.d/10-tcpconns.conf' do - should contain_file('tcpconns.load').with(:ensure => 'present', - :path => '/etc/collectd.d/10-tcpconns.conf', - :content => /LocalPort "22".+LocalPort "25"/m,) - end - end - - context ':ensure => present, :localports => [22,25] and :remoteports => [3306]' do - let :params do - { :localports => [22, 25], :remoteports => [3306] } - end - it 'Will create /etc/collectd.d/10-tcpconns.conf' do - should contain_file('tcpconns.load').with(:ensure => 'present', - :path => '/etc/collectd.d/10-tcpconns.conf', - :content => /LocalPort "22".+LocalPort "25".+RemotePort "3306"/m,) - end - end - - context ':ensure => absent' do - let :params do - { :localports => [22], :ensure => 'absent' } - end - it 'Will not create /etc/collectd.d/10-tcpconns.conf' do - should contain_file('tcpconns.load').with(:ensure => 'absent', - :path => '/etc/collectd.d/10-tcpconns.conf',) - end - end - - context ':localports is not an array' do - let :params do - { :localports => '22' } - end - it 'Will raise an error about :localports being a String' do - should compile.and_raise_error(/String/) - end - end - - context ':remoteports is not an array' do - let :params do - { :remoteports => '22' } - end - it 'Will raise an error about :remoteports being a String' do - should compile.and_raise_error(/String/) - end - end - - context ':allportssummary is not a boolean' do - let :params do - { :allportssummary => 'aString' } - end - it 'Will raise an error about :allportssummary being a String' do - expect { should.to raise_error(Puppet::Error, /String/) } - end - end - - context ':allportssummary => true with collectd_version < 5.5.0' do - let :facts do - { :osfamily => 'RedHat', :collectd_version => '5.4.1' } - end - let :params do - { :ensure => 'present', :allportssummary => true } - end - - it 'Should not include AllPortsSummary in /etc/collectd.d/10-tcpconns.conf' do - should contain_file('tcpconns.load').without_content(/AllPortsSummary/) - end - end - - context ':allportssummary => true with collectd_version = 5.5.0' do - let :facts do - { :osfamily => 'RedHat', :collectd_version => '5.5.0' } - end - let :params do - { :ensure => 'present', :allportssummary => true } - end - - it 'Should include AllPortsSummary in /etc/collectd.d/10-tcpconns.conf' do - should contain_file('tcpconns.load').with_content(/AllPortsSummary true/) - end - end -end diff --git a/module-collectd/spec/classes/collectd_plugin_unixsock_spec.rb b/module-collectd/spec/classes/collectd_plugin_unixsock_spec.rb deleted file mode 100644 index 26ef7e75f..000000000 --- a/module-collectd/spec/classes/collectd_plugin_unixsock_spec.rb +++ /dev/null @@ -1,36 +0,0 @@ -require 'spec_helper' - -describe 'collectd::plugin::unixsock', :type => :class do - let :facts do - { :osfamily => 'RedHat' } - end - - context ':ensure => present and default parameters' do - it 'Will create /etc/collectd.d/10-unixsock.conf' do - should contain_file('unixsock.load') - .with(:ensure => 'present', - :path => '/etc/collectd.d/10-unixsock.conf', - :content => %r{SocketFile "/var/run/collectd-socket".+SocketGroup "collectd".+SocketPerms "0770"}m,) - end - end - - context ':ensure => absent' do - let :params do - { :ensure => 'absent' } - end - it 'Will not create /etc/collectd.d/10-unixsock.conf' do - should contain_file('unixsock.load') - .with(:ensure => 'absent', - :path => '/etc/collectd.d/10-unixsock.conf',) - end - end - - context ':socketfile is not an absolute path' do - let :params do - { :socketfile => 'var/run/socket' } - end - it 'Will raise an error about :socketfile' do - should compile.and_raise_error(/absolute path/) - end - end -end diff --git a/module-collectd/spec/classes/collectd_plugin_varnish_spec.rb b/module-collectd/spec/classes/collectd_plugin_varnish_spec.rb deleted file mode 100644 index 9724bbfb3..000000000 --- a/module-collectd/spec/classes/collectd_plugin_varnish_spec.rb +++ /dev/null @@ -1,87 +0,0 @@ -require 'spec_helper' - -describe 'collectd::plugin::varnish', :type => :class do - context 'When the version is not 5.4' do - let :facts do - { :osfamily => 'RedHat', - :collectd_version => '5.3', - } - end - let :params do - {} - end - it 'should render the template with the default values' do - content = < - - - -EOS - should contain_collectd__plugin('varnish').with_content(content) - end - end - context 'When the version is nil' do - let :facts do - { :osfamily => 'RedHat', - :collectd_version => nil, - } - end - let :params do - {} - end - it 'should render the template with the default values' do - content = < - - - -EOS - should contain_collectd__plugin('varnish').with_content(content) - end - end - - context 'When the version is 5.4' do - let :facts do - { :osfamily => 'RedHat', - :collectd_version => '5.4', - } - end - context 'when there are no params given' do - let :params do - {} - end - it 'should render the template with the default values' do - content = < - - - -EOS - should contain_collectd__plugin('varnish').with_content(content) - end - end - context 'when there are params given' do - let :params do - { - 'instances' => { - 'warble' => { - 'BATMAN' => true, - 'Robin' => false - } - } - } - end - it 'should render the template with the values passed in the params' do - content = < - - BATMAN true - Robin false - - -EOS - should contain_collectd__plugin('varnish').with_content(content) - end - end - end -end diff --git a/module-collectd/spec/classes/collectd_plugin_write_graphite_spec.rb b/module-collectd/spec/classes/collectd_plugin_write_graphite_spec.rb deleted file mode 100644 index 45e59dd1b..000000000 --- a/module-collectd/spec/classes/collectd_plugin_write_graphite_spec.rb +++ /dev/null @@ -1,105 +0,0 @@ -require 'spec_helper' - -describe 'collectd::plugin::write_graphite', :type => :class do - let :facts do - { - :osfamily => 'Debian', - :concat_basedir => tmpfilename('collectd-write_graphite'), - :id => 'root', - :kernel => 'Linux', - :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', - :collectd_version => '5.0' - } - end - - context 'single carbon writer' do - let :params do - { - :carbons => { 'graphite' => {} }, - } - end - - it 'Will create /etc/collectd.d/conf.d/write_graphite-config.conf' do - should contain_concat__fragment('collectd_plugin_write_graphite_conf_header') - .with(:content => //, - :target => '/etc/collectd/conf.d/write_graphite-config.conf', - :order => '00') - end - - it 'Will create /etc/collectd.d/conf.d/write_graphite-config' do - should contain_concat__fragment('collectd_plugin_write_graphite_conf_footer') - .with(:content => %r{}, - :target => '/etc/collectd/conf.d/write_graphite-config.conf', - :order => '99') - end - - it 'includes carbon configuration' do - should contain_concat__fragment('collectd_plugin_write_graphite_conf_graphite_tcp_2003') - .with(:content => //, - :target => '/etc/collectd/conf.d/write_graphite-config.conf',) - - should contain_concat__fragment('collectd_plugin_write_graphite_conf_graphite_tcp_2003') - .with(:content => /Host "localhost"/,) - - should contain_concat__fragment('collectd_plugin_write_graphite_conf_graphite_tcp_2003') - .with(:content => /Port "2003"/,) - end - end - - context 'multiple carbon writers, collectd <= 5.2' do - let :params do - { - :carbons => { - 'graphite_one' => { 'graphitehost' => '192.168.1.1', 'graphiteport' => 2004 }, - 'graphite_two' => { 'graphitehost' => '192.168.1.2', 'graphiteport' => 2005 }, - }, - } - end - - it 'includes graphite_one configuration' do - should contain_concat__fragment('collectd_plugin_write_graphite_conf_graphite_one_tcp_2004') - .with(:content => //, - :target => '/etc/collectd/conf.d/write_graphite-config.conf',) - - should contain_concat__fragment('collectd_plugin_write_graphite_conf_graphite_one_tcp_2004').with(:content => /Host "192.168.1.1"/,) - - should contain_concat__fragment('collectd_plugin_write_graphite_conf_graphite_one_tcp_2004').with(:content => /Port "2004"/,) - end - - it 'includes graphite_two configuration' do - should contain_concat__fragment('collectd_plugin_write_graphite_conf_graphite_two_tcp_2005') - .with(:content => //, - :target => '/etc/collectd/conf.d/write_graphite-config.conf',) - - should contain_concat__fragment('collectd_plugin_write_graphite_conf_graphite_two_tcp_2005') - .with(:content => /Host "192.168.1.2"/,) - - should contain_concat__fragment('collectd_plugin_write_graphite_conf_graphite_two_tcp_2005') - .with(:content => /Port "2005"/,) - end - end - - context 'collectd >= 5.3' do - let :facts do - { - :osfamily => 'Debian', - :concat_basedir => tmpfilename('collectd-write_graphite'), - :id => 'root', - :kernel => 'Linux', - :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', - :collectd_version => '5.3' - } - end - let :params do - { - :carbons => { 'graphite' => {} }, - } - end - - it 'includes syntax' do - should contain_concat__fragment('collectd_plugin_write_graphite_conf_graphite_tcp_2003') - .with(:content => //, - :target => '/etc/collectd/conf.d/write_graphite-config.conf',) - end - end -end diff --git a/module-collectd/spec/classes/collectd_plugin_zfs_arc_spec.rb b/module-collectd/spec/classes/collectd_plugin_zfs_arc_spec.rb deleted file mode 100644 index f4c180898..000000000 --- a/module-collectd/spec/classes/collectd_plugin_zfs_arc_spec.rb +++ /dev/null @@ -1,28 +0,0 @@ -require 'spec_helper' - -describe 'collectd::plugin::zfs_arc', :type => :class do - context ':ensure => present' do - let :facts do - { :osfamily => 'FreeBSD' } - end - it 'Will create 10-zfs_arc.conf' do - should contain_file('zfs_arc.load').with(:ensure => 'present', - :path => '/usr/local/etc/collectd/10-zfs_arc.conf', - :content => /\#\ Generated by Puppet\nLoadPlugin zfs_arc\n/,) - end - end - - context ':ensure => absent' do - let :facts do - { :osfamily => 'FreeBSD' } - end - let :params do - { :ensure => 'absent' } - end - - it 'Will not create 10-zfs_arc.conf' do - should contain_file('zfs_arc.load').with(:ensure => 'absent', - :path => '/usr/local/etc/collectd/10-zfs_arc.conf',) - end - end -end diff --git a/module-collectd/spec/classes/test_collectd_version_spec.rb b/module-collectd/spec/classes/test_collectd_version_spec.rb deleted file mode 100644 index 01deb153c..000000000 --- a/module-collectd/spec/classes/test_collectd_version_spec.rb +++ /dev/null @@ -1,58 +0,0 @@ -require 'spec_helper' - -describe 'test::collectd_version' do - let :facts do - { :osfamily => 'RedHat' } - end - - it { should compile } - - context 'when no explicit value is specified' do - it { should contain_file('collectd_version.tmp').with_content(/^1\.0$/) } - end - - context 'when minimum_version is specified' do - let :params do - { - :version => 'installed', - :minimum_version => '5.4', - } - end - it { should contain_file('collectd_version.tmp').with_content(/^5\.4$/) } - end - - context 'when version is explicit and greater than minimum_version' do - let :params do - { - :version => '5.6.3', - :minimum_version => '5.4', - } - end - it { should contain_file('collectd_version.tmp').with_content(/^5\.6\.3$/) } - end - - context 'when version is explicit and less than minimum_version' do - let :params do - { - :version => '5.3', - :minimum_version => '5.4', - } - end - it { should contain_file('collectd_version.tmp').with_content(/^5\.3$/) } - end - - context 'when collectd_real_version is available' do - let :facts do - { - :osfamily => 'Redhat', - :collectd_real_version => '5.6', - } - end - let :params do - { - :minimum_version => '5.4' - } - end - it { should contain_file('collectd_version.tmp').with_content(/^5\.6$/) } - end -end diff --git a/module-collectd/spec/defines/collectd_plugin_curl_page_spec.rb b/module-collectd/spec/defines/collectd_plugin_curl_page_spec.rb deleted file mode 100644 index 7254766c6..000000000 --- a/module-collectd/spec/defines/collectd_plugin_curl_page_spec.rb +++ /dev/null @@ -1,20 +0,0 @@ -require 'spec_helper' - -describe 'collectd::plugin::curl::page', :type => :define do - let :facts do - { :osfamily => 'Debian' } - end - - context 'simple case' do - let(:title) { 'test' } - let :params do - { - :url => 'http://www.example.com/query', - :matches => [{ 'regex' => 'SPAM \\(Score: (-?[0-9]+\\.[0-9]+)\\)', 'dstype' => 'CounterAdd', 'type' => 'counter' }], - } - end - it 'Will create /etc/collectd/conf.d/curl-test.conf' do - should contain_file('/etc/collectd/conf.d/curl-test.conf').with_content("\n \n URL \"http://www.example.com/query\"\n \n Regex \"SPAM \\(Score: (-?[0-9]+\\.[0-9]+)\\)\"\n DSType \"CounterAdd\"\n Type \"counter\"\n \n\n \n\n") - end - end -end diff --git a/module-collectd/spec/defines/collectd_plugin_exec_cmd_spec.rb b/module-collectd/spec/defines/collectd_plugin_exec_cmd_spec.rb deleted file mode 100644 index 0fa75e8c2..000000000 --- a/module-collectd/spec/defines/collectd_plugin_exec_cmd_spec.rb +++ /dev/null @@ -1,44 +0,0 @@ -require 'spec_helper' - -describe 'collectd::plugin::exec::cmd', :type => :define do - let :facts do - { - :osfamily => 'Debian', - :id => 'root', - :concat_basedir => tmpfilename('collectd-exec'), - :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', - } - end - - context 'define a command' do - let(:title) { 'whoami' } - let :params do - { - :user => 'www-data', - :group => 'users', - :exec => ['whoami', '--help'] - } - end - - it 'executes whoami command' do - should contain_concat__fragment('collectd_plugin_exec_conf_whoami').with(:content => /Exec "www-data:users" "whoami" "--help"/, - :target => '/etc/collectd/conf.d/exec-config.conf',) - end - end - - context 'define a notification' do - let(:title) { 'whoami' } - let :params do - { - :user => 'www-data', - :group => 'users', - :notification_exec => ['whoami', '--help'] - } - end - - it 'executes whoami command' do - should contain_concat__fragment('collectd_plugin_exec_conf_whoami').with(:content => /NotificationExec "www-data:users" "whoami" "--help"/, - :target => '/etc/collectd/conf.d/exec-config.conf',) - end - end -end diff --git a/module-collectd/spec/defines/collectd_plugin_filecount_directory_spec.rb b/module-collectd/spec/defines/collectd_plugin_filecount_directory_spec.rb deleted file mode 100644 index e6508d85b..000000000 --- a/module-collectd/spec/defines/collectd_plugin_filecount_directory_spec.rb +++ /dev/null @@ -1,63 +0,0 @@ -require 'spec_helper' - -describe 'collectd::plugin::filecount::directory', :type => :define do - let :facts do - { :osfamily => 'Debian' } - end - - context 'simple case' do - let(:title) { 'test' } - let :params do - { - :path => '/var/tmp/test', - } - end - it 'Will create /etc/collectd/conf.d/15-filecount-test.conf' do - should contain_file('/etc/collectd/conf.d/15-filecount-test.conf').with_content("\n \n Instance \"test\"\n \n\n") - end - end - - context 'advanced case' do - let(:title) { 'test' } - let :params do - { - :path => '/path/to/dir', - :pattern => '*.conf', - :mtime => '-5m', - :recursive => true, - :includehidden => false, - } - end - it 'Will create /etc/collectd/conf.d/15-filecount-test.conf' do - should contain_file('/etc/collectd/conf.d/15-filecount-test.conf').with_content("\n \n Instance \"test\"\n Name \"*.conf\"\n MTime \"-5m\"\n Recursive true\n IncludeHidden false\n \n\n") - end - end - - context 'recursive and includehidden false' do - let(:title) { 'test' } - let :params do - { - :path => '/var/tmp/test', - :recursive => false, - :includehidden => false, - } - end - it 'Will create /etc/collectd/conf.d/15-filecount-test.conf' do - should contain_file('/etc/collectd/conf.d/15-filecount-test.conf').with_content("\n \n Instance \"test\"\n Recursive false\n IncludeHidden false\n \n\n") - end - end - - context 'ensure => absent' do - let(:title) { 'test' } - let :params do - { - :ensure => 'absent', - :path => '/var/tmp/test', - } - end - it 'Will create /etc/collectd/conf.d/15-filecount-test.conf' do - should contain_file('/etc/collectd/conf.d/15-filecount-test.conf').with(:ensure => 'absent', - :path => '/etc/collectd/conf.d/15-filecount-test.conf',) - end - end -end diff --git a/module-collectd/spec/defines/collectd_plugin_filter_chain_spec.rb b/module-collectd/spec/defines/collectd_plugin_filter_chain_spec.rb deleted file mode 100644 index 9ca6ab6a7..000000000 --- a/module-collectd/spec/defines/collectd_plugin_filter_chain_spec.rb +++ /dev/null @@ -1,67 +0,0 @@ -require 'spec_helper' - -describe 'collectd::plugin::filter::chain', type: :define do - let :facts do - { - osfamily: 'Debian', - concat_basedir: tmpfilename('collectd-filter'), - id: 'root', - kernel: 'Linux', - path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', - collectd_version: '5.0' - } - end - - context ':ensure => present and default parameters' do - let(:title) { 'MyChain' } - it 'Will create /etc/collectd/conf.d/filter-chain-MyChain.conf' do - should contain_concat('/etc/collectd/conf.d/filter-chain-MyChain.conf').with(ensure: 'present') - should contain_concat__fragment('/etc/collectd/conf.d/filter-chain-MyChain.conf_MyChain_head').with( - order: '00', - content: '', - target: '/etc/collectd/conf.d/filter-chain-MyChain.conf' - ) - should contain_concat__fragment('/etc/collectd/conf.d/filter-chain-MyChain.conf_MyChain_footer').with( - order: '99', - content: '', - target: '/etc/collectd/conf.d/filter-chain-MyChain.conf' - ) - end - it { should_not contain_collectd__plugin__filter__target('z_chain-MyChain-target') } - end - - context ':ensure => present and set a default target' do - let(:title) { 'MyChain' } - let(:params) do - { - target: 'set', - target_options: { - 'PluginInstance' => 'coretemp', - 'TypeInstance' => 'core3' - } - } - end - it 'Will add a default target with plugin set and options' do - should contain_collectd__plugin__filter__target('z_chain-MyChain-target').with( - chain: 'MyChain', - plugin: 'set', - options: { - 'PluginInstance' => 'coretemp', - 'TypeInstance' => 'core3' - } - ) - end - end - - context ':ensure => absent' do - let(:title) { 'MyChain' } - let(:params) do - { - ensure: 'absent' - } - end - it 'Will remove file /etc/collectd/conf.d/filter-chain-MyChain.conf' do - should contain_concat('/etc/collectd/conf.d/filter-chain-MyChain.conf').with(ensure: 'absent') - end - end -end diff --git a/module-collectd/spec/defines/collectd_plugin_filter_match_spec.rb b/module-collectd/spec/defines/collectd_plugin_filter_match_spec.rb deleted file mode 100644 index 1b5e36a2f..000000000 --- a/module-collectd/spec/defines/collectd_plugin_filter_match_spec.rb +++ /dev/null @@ -1,58 +0,0 @@ -require 'spec_helper' - -describe 'collectd::plugin::filter::match', type: :define do - let :facts do - { - osfamily: 'Debian', - concat_basedir: tmpfilename('collectd-filter'), - id: 'root', - kernel: 'Linux', - path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', - collectd_version: '5.0' - } - end - - let(:title) { 'MyMatch' } - let(:default_params) { { chain: 'MyChain', rule: 'MyRule' } } - let(:concat_fragment_target) { '/etc/collectd/conf.d/filter-chain-MyChain.conf' } - let(:concat_fragment_order) { '10_MyRule_1_MyMatch' } - let(:concat_fragment_name) { '/etc/collectd/conf.d/filter-chain-MyChain.conf_10_MyRule_1_MyMatch' } - - context 'Add match regex to rule with options' do - let(:params) do - default_params.merge(plugin: 'regex', - options: { - 'Host' => 'customer[0-9]+', - 'Plugin' => '^foobar$' - }) - end - it 'Will ensure that plugin is loaded' do - should contain_collectd__plugin('match_regex').with(order: '02') - end - it 'Will add match to rule' do - should contain_concat__fragment(concat_fragment_name).with( - order: concat_fragment_order, - target: concat_fragment_target - ) - should contain_concat__fragment(concat_fragment_name).with(content: //) - should contain_concat__fragment(concat_fragment_name).with(content: /Host "customer\[0-9\]\+"/) - should contain_concat__fragment(concat_fragment_name).with(content: /Plugin "\^foobar\$"/) - end - end - - context 'Add match empty_counter to rule without options' do - let(:params) do - default_params.merge(plugin: 'empty_counter') - end - it 'Will ensure that plugin is loaded' do - should contain_collectd__plugin('match_empty_counter').with(order: '02') - end - it 'Will add match to rule' do - should contain_concat__fragment(concat_fragment_name).with( - order: concat_fragment_order, - target: concat_fragment_target - ) - should contain_concat__fragment(concat_fragment_name).with(content: /Match "empty_counter"/) - end - end -end diff --git a/module-collectd/spec/defines/collectd_plugin_filter_rule_spec.rb b/module-collectd/spec/defines/collectd_plugin_filter_rule_spec.rb deleted file mode 100644 index 0b20925e2..000000000 --- a/module-collectd/spec/defines/collectd_plugin_filter_rule_spec.rb +++ /dev/null @@ -1,32 +0,0 @@ -require 'spec_helper' - -describe 'collectd::plugin::filter::rule', type: :define do - let :facts do - { - osfamily: 'Debian', - concat_basedir: tmpfilename('collectd-filter'), - id: 'root', - kernel: 'Linux', - path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', - collectd_version: '5.0' - } - end - - let(:title) { 'MyRule' } - let(:params) { { chain: 'MyChain' } } - - context 'Add rule' do - it 'create header and footer of rule' do - should contain_concat__fragment('/etc/collectd/conf.d/filter-chain-MyChain.conf_10_MyRule_0').with( - order: '10_MyRule_0', - content: ' ', - target: '/etc/collectd/conf.d/filter-chain-MyChain.conf' - ) - should contain_concat__fragment('/etc/collectd/conf.d/filter-chain-MyChain.conf_10_MyRule_99').with( - order: '10_MyRule_99', - content: ' ', - target: '/etc/collectd/conf.d/filter-chain-MyChain.conf' - ) - end - end -end diff --git a/module-collectd/spec/defines/collectd_plugin_filter_target_spec.rb b/module-collectd/spec/defines/collectd_plugin_filter_target_spec.rb deleted file mode 100644 index f82283397..000000000 --- a/module-collectd/spec/defines/collectd_plugin_filter_target_spec.rb +++ /dev/null @@ -1,61 +0,0 @@ -require 'spec_helper' - -describe 'collectd::plugin::filter::target', type: :define do - let :facts do - { - osfamily: 'Debian', - concat_basedir: tmpfilename('collectd-filter'), - id: 'root', - kernel: 'Linux', - path: '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', - collectd_version: '5.0' - } - end - - let(:title) { 'MyTarget' } - let(:default_params) { { chain: 'MyChain' } } - let(:concat_fragment_target) { '/etc/collectd/conf.d/filter-chain-MyChain.conf' } - - context 'Add target set to rule with options' do - let(:concat_fragment_order) { '10_MyRule_30_MyTarget' } - let(:concat_fragment_name) { '/etc/collectd/conf.d/filter-chain-MyChain.conf_10_MyRule_30_MyTarget' } - let(:params) do - default_params.merge(plugin: 'set', - rule: 'MyRule', - options: { - 'PluginInstance' => 'coretemp', - 'TypeInstance' => 'core3' - }) - end - it 'Will ensure that plugin is loaded' do - should contain_collectd__plugin('target_set').with(order: '02') - end - it 'Will add target to rule' do - should contain_concat__fragment(concat_fragment_name).with( - order: concat_fragment_order, - target: concat_fragment_target - ) - should contain_concat__fragment(concat_fragment_name).with(content: //) - should contain_concat__fragment(concat_fragment_name).with(content: /PluginInstance "coretemp"/) - should contain_concat__fragment(concat_fragment_name).with(content: /TypeInstance "core3"/) - end - end - - context 'Add builtin target return without rule to chain' do - let(:concat_fragment_order) { '20_50_MyTarget' } - let(:concat_fragment_name) { '/etc/collectd/conf.d/filter-chain-MyChain.conf_20_50_MyTarget' } - let(:params) do - default_params.merge(plugin: 'return') - end - it 'Builtin plugin should not be tried to load' do - should_not contain_collectd__plugin('target_return') - end - it 'Will add target to chain' do - should contain_concat__fragment(concat_fragment_name).with( - order: concat_fragment_order, - target: concat_fragment_target - ) - should contain_concat__fragment(concat_fragment_name).with(content: /Target "return"/) - end - end -end diff --git a/module-collectd/spec/defines/collectd_plugin_genericjmx_connection_spec.rb b/module-collectd/spec/defines/collectd_plugin_genericjmx_connection_spec.rb deleted file mode 100644 index 8f9669968..000000000 --- a/module-collectd/spec/defines/collectd_plugin_genericjmx_connection_spec.rb +++ /dev/null @@ -1,92 +0,0 @@ -require 'spec_helper' - -describe 'collectd::plugin::genericjmx::connection', :type => :define do - let(:facts) do - { - :osfamily => 'Debian', - :id => 'root', - :concat_basedir => tmpfilename('collectd-genericjmx-connection'), - :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', - } - end - - let(:config_filename) { '/etc/collectd/conf.d/15-genericjmx.conf' } - - let(:default_params) do - { - :service_url => 'foo:bar:baz', - } - end - - let(:title) { 'foo.example.com' } - let(:concat_fragment_name) { 'collectd_plugin_genericjmx_conf_foo.example.com' } - - context 'required params' do - let(:params) do - default_params.merge(:collect => [],) - end - - it 'provides a Connection concat fragment' do - should contain_concat__fragment(concat_fragment_name).with(:target => config_filename, - :order => '20',) - end - - it { should contain_concat__fragment(concat_fragment_name).with_content(%r{.*}m) } - it { should contain_concat__fragment(concat_fragment_name).with_content(/Host "foo\.example\.com"/) } - it { should contain_concat__fragment(concat_fragment_name).with_content(/ServiceURL "foo:bar:baz"/) } - it { should contain_concat__fragment(concat_fragment_name).without_content(/User/) } - it { should contain_concat__fragment(concat_fragment_name).without_content(/Password/) } - it { should contain_concat__fragment(concat_fragment_name).without_content(/InstancePrefix/) } - end - - context 'hostname override' do - let(:params) do - default_params.merge(:host => 'bar.example.com', - :collect => [],) - end - - it 'provides a Connection concat fragment' do - should contain_concat__fragment(concat_fragment_name).with(:target => config_filename, - :order => '20',) - end - - it { should contain_concat__fragment(concat_fragment_name).with_content(/Host "bar\.example\.com"/) } - end - - context 'collect array' do - let(:params) do - default_params.merge(:collect => %w( foo bar baz )) - end - - it { should contain_concat__fragment(concat_fragment_name).with_content(/Collect "foo".*Collect "bar".*Collect "baz"/m) } - end - - context 'collect string' do - let(:params) do - default_params.merge(:collect => 'bat') - end - - it { should contain_concat__fragment(concat_fragment_name).with_content(/Collect "bat"/) } - it { should contain_concat__fragment(concat_fragment_name).without_content(/(.*Collect.*){2,}/m) } - end - - context 'username and password' do - let(:params) do - default_params.merge(:user => 'alice', - :password => 'aoeuhtns', - :collect => [],) - end - - it { should contain_concat__fragment(concat_fragment_name).with_content(/User "alice"/) } - it { should contain_concat__fragment(concat_fragment_name).with_content(/Password "aoeuhtns"/) } - end - - context 'instance_prefix 'do - let(:params) do - default_params.merge(:instance_prefix => 'bat', - :collect => [],) - end - - it { should contain_concat__fragment(concat_fragment_name).with_content(/InstancePrefix "bat"/) } - end -end diff --git a/module-collectd/spec/defines/collectd_plugin_genericjmx_mbean_spec.rb b/module-collectd/spec/defines/collectd_plugin_genericjmx_mbean_spec.rb deleted file mode 100644 index 020168faf..000000000 --- a/module-collectd/spec/defines/collectd_plugin_genericjmx_mbean_spec.rb +++ /dev/null @@ -1,148 +0,0 @@ -require 'spec_helper' - -describe 'collectd::plugin::genericjmx::mbean', :type => :define do - let(:facts) do - { - :osfamily => 'Debian', - :id => 'root', - :concat_basedir => tmpfilename('collectd-genericjmx-mbean'), - :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', - } - end - - let(:config_filename) { '/etc/collectd/conf.d/15-genericjmx.conf' } - - let(:default_params) do - { - :object_name => 'bar', - :values => [], - } - end - - let(:title) { 'foo' } - let(:concat_fragment_name) { 'collectd_plugin_genericjmx_conf_foo' } - - # empty values array is technically not valid, but we'll test those cases later - context 'defaults' do - let(:params) { default_params } - it 'provides an MBean stanza concat fragment' do - should contain_concat__fragment(concat_fragment_name).with(:target => config_filename, - :order => '10',) - end - - it { should contain_concat__fragment(concat_fragment_name).with_content(%r{\s+ObjectName "bar".+}m) } - it { should contain_concat__fragment(concat_fragment_name).without_content(/InstancePrefix/) } - it { should contain_concat__fragment(concat_fragment_name).without_content(/InstanceFrom/) } - end - - context 'instance_prefix set' do - let(:params) do - default_params.merge(:instance_prefix => 'baz') - end - - it { should contain_concat__fragment(concat_fragment_name).with_content(/InstancePrefix "baz"/) } - end - - context 'instance_from array' do - let(:params) do - default_params.merge(:instance_from => %w( foo bar baz )) - end - - it { should contain_concat__fragment(concat_fragment_name).with_content(/InstanceFrom "foo"\s+InstanceFrom "bar"\s+InstanceFrom "baz"/) } - end - - context 'instance_from string' do - let(:params) do - default_params.merge(:instance_from => 'bat') - end - - it { should contain_concat__fragment(concat_fragment_name).with_content(/InstanceFrom "bat"/) } - it { should contain_concat__fragment(concat_fragment_name).without_content(/(.*InstanceFrom.*){2,}/) } - end - - let(:default_values_args) do - { - 'type' => 'foo', - 'attribute' => 'bar' - } - end - - # testing the Value template section is going to be messy - context 'value section defaults' do - let(:params) do - default_params.merge(:values => [default_values_args]) - end - - it 'should have a value stanza' do - should contain_concat__fragment(concat_fragment_name).with_content(%r{.*}m) - end - - it 'should have only one value stanza' do - should contain_concat__fragment(concat_fragment_name).without_content(/(.*.*){2,}/) - end - - it { should contain_concat__fragment(concat_fragment_name).with_content(/Type "foo"/) } - it { should contain_concat__fragment(concat_fragment_name).with_content(/Table false/) } - it { should contain_concat__fragment(concat_fragment_name).with_content(/Attribute "bar"/) } - it { should contain_concat__fragment(concat_fragment_name).without_content(/InstancePrefix/) } - it { should contain_concat__fragment(concat_fragment_name).without_content(/InstanceFrom/) } - end - - context 'value section instance_prefix set' do - let(:params) do - default_params.merge(:values => [default_values_args.merge('instance_prefix' => 'baz',)]) - end - - it { should contain_concat__fragment(concat_fragment_name).with_content(/InstancePrefix "baz"/) } - it { should contain_concat__fragment(concat_fragment_name).without_content(/InstanceFrom/) } - end - - context 'value section instance_from array' do - let(:params) do - default_params.merge(:values => [default_values_args.merge('instance_from' => %w( alice bob carol ))]) - end - - it { should contain_concat__fragment(concat_fragment_name).with_content(/InstanceFrom "alice"/) } - it { should contain_concat__fragment(concat_fragment_name).with_content(/InstanceFrom "bob"/) } - it { should contain_concat__fragment(concat_fragment_name).with_content(/InstanceFrom "carol"/) } - it { should contain_concat__fragment(concat_fragment_name).without_content(/InstancePrefix/) } - end - - context 'value section instance_from string' do - let(:params) do - default_params.merge(:values => [default_values_args.merge('instance_from' => 'dave',)]) - end - - it { should contain_concat__fragment(concat_fragment_name).with_content(/InstanceFrom "dave"/) } - it { should contain_concat__fragment(concat_fragment_name).without_content(/(.*InstancePrefix.*){2,}/) } - it { should contain_concat__fragment(concat_fragment_name).without_content(/InstancePrefix/) } - end - - context 'value section table true-like' do - ['true', true].each do |truthy| - let(:params) do - default_params.merge(:values => [default_values_args.merge('table' => truthy)]) - end - - it { should contain_concat__fragment(concat_fragment_name).with_content(/Table true/) } - end - end - - context 'value section table false-like' do - ['false', false].each do |truthy| - let(:params) do - default_params.merge(:values => [default_values_args.merge('table' => truthy)]) - end - - it { should contain_concat__fragment(concat_fragment_name).with_content(/Table false/) } - end - end - - context 'multiple values' do - let(:params) do - default_params.merge(:values => [default_values_args, default_values_args]) - end - - it { should contain_concat__fragment(concat_fragment_name).with_content(%r{(.*.*.*){2}}m) } - end -end diff --git a/module-collectd/spec/defines/collectd_plugin_mysql_database_spec.rb b/module-collectd/spec/defines/collectd_plugin_mysql_database_spec.rb deleted file mode 100644 index 8d4c8ba36..000000000 --- a/module-collectd/spec/defines/collectd_plugin_mysql_database_spec.rb +++ /dev/null @@ -1,24 +0,0 @@ -require 'spec_helper' - -describe 'collectd::plugin::mysql::database', :type => :define do - let :facts do - { :osfamily => 'Debian' } - end - - context ':socket => /var/run/mysqld/mysqld.sock, custom socket' do - let(:title) { 'test' } - let :params do - { :socket => '/var/run/mysqld/mysqld.sock' } - end - it 'Will create /etc/collectd/conf.d/mysql-test.conf' do - should contain_file('test.conf').with_content(%r{Socket "/var/run/mysqld/mysqld\.sock"$}) - end - end - - context 'no custom socket' do - let(:title) { 'test' } - it 'Will create /etc/collectd/conf.d/mysql-test.conf' do - should contain_file('test.conf').without_content(/Socket/) - end - end -end diff --git a/module-collectd/spec/defines/collectd_plugin_network_listener.rb b/module-collectd/spec/defines/collectd_plugin_network_listener.rb deleted file mode 100644 index bc4d0a14a..000000000 --- a/module-collectd/spec/defines/collectd_plugin_network_listener.rb +++ /dev/null @@ -1,20 +0,0 @@ -require 'spec_helper' - -describe 'collectd::plugin::network::listener', :type => :define do - let :facts do - { :osfamily => 'Debian' } - end - - context 'simple case' do - let(:title) { 'test' } - let :params do - { - :url => 'http://www.example.com/query', - :matches => [{ 'regex' => 'SPAM \\(Score: (-?[0-9]+\\.[0-9]+)\\)', 'dstype' => 'CounterAdd', 'type' => 'counter' }], - } - end - it 'Will create /etc/collectd/conf.d/curl-test.conf' do - should contain_file('/etc/collectd/conf.d/curl-test.conf').with_content("\n \n URL \"http://www.example.com/query\"\n \n Regex \"SPAM \\(Score: (-?[0-9]+\\.[0-9]+)\\)\"\n DSType \"CounterAdd\"\n Type \"counter\"\n \n\n \n\n") - end - end -end diff --git a/module-collectd/spec/defines/collectd_plugin_network_listener_spec.rb b/module-collectd/spec/defines/collectd_plugin_network_listener_spec.rb deleted file mode 100644 index b34e789c2..000000000 --- a/module-collectd/spec/defines/collectd_plugin_network_listener_spec.rb +++ /dev/null @@ -1,47 +0,0 @@ -require 'spec_helper' - -describe 'collectd::plugin::network::listener', :type => :define do - context ':ensure => present, collectd version 4.6' do - let :facts do - { - :osfamily => 'Redhat', - :collectd_version => '4.6' - } - end - let(:title) { 'mylistener' } - let :params do - { - :port => '1234', - } - end - - it 'Will create /etc/collectd.d/network-listener-mylistener.conf for collectd < 4.7' do - should contain_file('/etc/collectd.d/network-listener-mylistener.conf') - .with(:ensure => 'present', - :path => '/etc/collectd.d/network-listener-mylistener.conf', - :content => "\n Listen \"mylistener\" \"1234\"\n\n",) - end - end - - context ':ensure => present, collectd version 5.1.0' do - let :facts do - { - :osfamily => 'Redhat', - :collectd_version => '5.1.0' - } - end - let(:title) { 'mylistener' } - let :params do - { - :port => '1234', - } - end - - it 'Will create /etc/collectd.d/network-listener-mylistener.conf for collectd >= 4.7' do - should contain_file('/etc/collectd.d/network-listener-mylistener.conf') - .with(:ensure => 'present', - :path => '/etc/collectd.d/network-listener-mylistener.conf', - :content => "\n \n\n \n\n",) - end - end -end diff --git a/module-collectd/spec/defines/collectd_plugin_network_server_spec.rb b/module-collectd/spec/defines/collectd_plugin_network_server_spec.rb deleted file mode 100644 index 923cc126d..000000000 --- a/module-collectd/spec/defines/collectd_plugin_network_server_spec.rb +++ /dev/null @@ -1,47 +0,0 @@ -require 'spec_helper' - -describe 'collectd::plugin::network::server', :type => :define do - context ':ensure => present, create one complex server, collectd 5.1.0' do - let :facts do - { - :osfamily => 'Redhat', - :collectd_version => '5.1.0' - } - end - let(:title) { 'node1' } - let :params do - { - :port => '1234', - :interface => 'eth0', - :securitylevel => 'Encrypt', - :username => 'foo', - :password => 'bar', - } - end - - it 'Will create /etc/collectd.d/network-server-node1.conf for collectd >= 4.7' do - should contain_file('/etc/collectd.d/network-server-node1.conf') - .with(:ensure => 'present', - :path => '/etc/collectd.d/network-server-node1.conf', - :content => "\n \n SecurityLevel \"Encrypt\"\n Username \"foo\"\n Password \"bar\"\n Interface \"eth0\"\n\n \n\n",) - end - end - - context ':ensure => absent' do - let :facts do - { - :osfamily => 'RedHat' - } - end - let(:title) { 'node1' } - let :params do - { - :ensure => 'absent' - } - end - - it 'Will not create /etc/collectd.d/network-server-node1.conf' do - should contain_file('/etc/collectd.d/network-server-node1.conf').with(:ensure => 'absent',) - end - end -end diff --git a/module-collectd/spec/defines/collectd_plugin_python_module_spec.rb b/module-collectd/spec/defines/collectd_plugin_python_module_spec.rb deleted file mode 100644 index d6c9a14f7..000000000 --- a/module-collectd/spec/defines/collectd_plugin_python_module_spec.rb +++ /dev/null @@ -1,84 +0,0 @@ -require 'spec_helper' - -describe 'collectd::plugin::python::module', :type => :define do - let :facts do - { - :osfamily => 'Debian', - :id => 'root', - :concat_basedir => tmpfilename('collectd-python'), - :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', - } - end - - context 'spam module' do - let(:title) { 'spam' } - let :params do - { - :config => { 'spam' => '"wonderful" "lovely"' }, - :modulepath => '/var/lib/collectd/python', - } - end - - it 'imports spam module' do - should contain_concat__fragment('collectd_plugin_python_conf_spam') - .with(:content => /Import "spam"/, - :target => '/etc/collectd/conf.d/python-config.conf',) - end - - it 'includes spam module configuration' do - should contain_concat__fragment('collectd_plugin_python_conf_spam') - .with(:content => //, - :target => '/etc/collectd/conf.d/python-config.conf',) - - should contain_concat__fragment('collectd_plugin_python_conf_spam') - .with(:content => /spam "wonderful" "lovely"/,) - end - - it 'Will create /etc/collectd.d/conf.d/python-config.conf' do - should contain_concat__fragment('collectd_plugin_python_conf_header') - .with(:content => //, - :target => '/etc/collectd/conf.d/python-config.conf', - :order => '00') - end - - it 'set default Python module path' do - should contain_concat__fragment('collectd_plugin_python_conf_header') - .with(:content => %r{ModulePath "/usr/share/collectd/python"}, - :target => '/etc/collectd/conf.d/python-config.conf',) - end - - it 'Will create /etc/collectd.d/conf.d/python-config.conf' do - should contain_concat__fragment('collectd_plugin_python_conf_footer') - .with(:content => %r{}, - :target => '/etc/collectd/conf.d/python-config.conf', - :order => '99') - end - end - - context 'module without modulepath' do - let(:title) { 'foo' } - let :params do - { - :script_source => 'puppet:///modules/myorg/foo.py', - :config => { 'bar' => 'baz' }, - } - end - - it 'imports foo module' do - should contain_concat__fragment('collectd_plugin_python_conf_foo').with(:content => /Import "foo"/, - :target => '/etc/collectd/conf.d/python-config.conf',) - end - - it 'includes foo module configuration' do - should contain_concat__fragment('collectd_plugin_python_conf_foo').with(:content => //, - :target => '/etc/collectd/conf.d/python-config.conf',) - - should contain_concat__fragment('collectd_plugin_python_conf_foo').with(:content => /bar baz/,) - end - - it 'created collectd plugin file on Debian default path' do - should contain_file('foo.script').with(:ensure => 'present', - :path => '/usr/share/collectd/python/foo.py',) - end - end -end diff --git a/module-collectd/spec/defines/collectd_plugin_snmp_data_spec.rb b/module-collectd/spec/defines/collectd_plugin_snmp_data_spec.rb deleted file mode 100644 index cc24f791f..000000000 --- a/module-collectd/spec/defines/collectd_plugin_snmp_data_spec.rb +++ /dev/null @@ -1,69 +0,0 @@ -require 'spec_helper' - -describe 'collectd::plugin::snmp::data', :type => :define do - let :facts do - { :osfamily => 'Debian' } - end - - let(:title) { 'foo' } - let(:required_params) do - { - :type => 'bar', - :instance => 'baz', - :values => 'bat', - } - end - - let(:filename) { 'snmp-data-foo.conf' } - - context 'required params' do - let(:params) { required_params } - - it do - should contain_file(filename).with( - :ensure => 'present', - :path => '/etc/collectd/conf.d/15-snmp-data-foo.conf' - ) - end - - it { should contain_file('snmp-data-foo.conf').that_notifies('Service[collectd]') } - it { should contain_file('snmp-data-foo.conf').with_content(//) } - it { should contain_file('snmp-data-foo.conf').with_content(//) } - it { should contain_file('snmp-data-foo.conf').with_content(/Type "bar"/) } - it { should contain_file('snmp-data-foo.conf').with_content(/Instance "baz"/) } - end - - context 'values is an array' do - let(:params) do - required_params.merge(:values => %w( foo bar baz )) - end - it { should contain_file('snmp-data-foo.conf').with_content(/Values "foo" "bar" "baz"/) } - end - - context 'values is just a string' do - let(:params) do - required_params.merge(:values => 'bat') - end - it { should contain_file('snmp-data-foo.conf').with_content(/Values "bat"/) } - end - - context 'table is true' do - let(:params) do - { - :table => true - }.merge(required_params) - end - - it { should contain_file('snmp-data-foo.conf').with_content(/Table true/) } - end - - context 'table is false' do - let(:params) do - { - :table => false - }.merge(required_params) - end - - it { should contain_file('snmp-data-foo.conf').with_content(/Table false/) } - end -end diff --git a/module-collectd/spec/defines/collectd_plugin_snmp_host_spec.rb b/module-collectd/spec/defines/collectd_plugin_snmp_host_spec.rb deleted file mode 100644 index 37a57f34c..000000000 --- a/module-collectd/spec/defines/collectd_plugin_snmp_host_spec.rb +++ /dev/null @@ -1,66 +0,0 @@ -require 'spec_helper' - -describe 'collectd::plugin::snmp::host', :type => :define do - let :facts do - { :osfamily => 'Debian' } - end - - let(:title) { 'foo.example.com' } - let(:required_params) do - { - :collect => 'foo' - } - end - - let(:filename) { 'snmp-host-foo.example.com.conf' } - - context 'default params' do - let(:params) { required_params } - - it do - should contain_file(filename).with( - :ensure => 'present', - :path => '/etc/collectd/conf.d/25-snmp-host-foo.example.com.conf' - ) - end - - it { should contain_file(filename).that_notifies('Service[collectd]') } - it { should contain_file(filename).with_content(//) } - it { should contain_file(filename).with_content(//) } - it { should contain_file(filename).with_content(/Address "foo\.example\.com"/) } - it { should contain_file(filename).with_content(/Version 1/) } - it { should contain_file(filename).with_content(/Community "public"/) } - it { should contain_file(filename).without_content(/Interval \d+/) } - end - - context 'all params set' do - let(:params) do - required_params.merge(:address => 'bar.example.com', - :version => '2', - :community => 'opensesame', - :interval => '30',) - end - it { should contain_file(filename).with_content(/Address "bar\.example\.com"/) } - it { should contain_file(filename).with_content(/Version 2/) } - it { should contain_file(filename).with_content(/Community "opensesame"/) } - it { should contain_file(filename).with_content(/Interval 30/) } - end - - context 'collect is an array' do - let(:params) do - { - :collect => %w( foo bar baz ) - } - end - it { should contain_file(filename).with_content(/Collect "foo" "bar" "baz"/) } - end - - context 'collect is just a string' do - let(:params) do - { - :collect => 'bat' - } - end - it { should contain_file(filename).with_content(/Collect "bat"/) } - end -end diff --git a/module-collectd/spec/defines/collectd_plugin_spec.rb b/module-collectd/spec/defines/collectd_plugin_spec.rb deleted file mode 100644 index af27524cf..000000000 --- a/module-collectd/spec/defines/collectd_plugin_spec.rb +++ /dev/null @@ -1,31 +0,0 @@ -require 'spec_helper' - -describe 'collectd::plugin', :type => :define do - context 'loading a plugin on collectd <= 4.9.4' do - let(:title) { 'test' } - let :facts do - { - :collectd_version => '5.3', - :osfamily => 'Debian', - } - end - - it 'Will create /etc/collectd/conf.d/10-test.conf with the LoadPlugin syntax with brackets' do - should contain_file('test.load').with_content(/ 4.9.3' do - let(:title) { 'test' } - let :facts do - { - :collectd_version => '4.9.3', - :osfamily => 'Debian', - } - end - - it 'Will create /etc/collectd/conf.d/10-test.conf with the LoadPlugin syntax without brackets' do - should contain_file('test.load').without_content(/ :define do - let :facts do - { - :osfamily => 'Debian', - :id => 'root', - :concat_basedir => tmpfilename('collectd-graphite'), - :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', - } - end - - context 'protocol should not be include with version < 5.4' do - let(:title) { 'graphite_udp' } - let :facts do - { :osfamily => 'RedHat', - :collectd_version => '5.3', - :concat_basedir => tmpfilename('collectd-graphite'), - } - end - let :params do - { :protocol => 'udp', - } - end - - it 'Should not include protocol in /etc/collectd.d/write_graphite.conf for collectd < 5.4' do - should_not contain_concat__fragment( - 'collectd_plugin_write_graphite_conf_localhost_2003' - ).with_content(/.*Protocol \"udp\".*/) - end - end - - context 'protocol should be include with version >= 5.4' do - let(:title) { 'wg' } - let :facts do - { :osfamily => 'RedHat', - :collectd_version => '5.4', - :concat_basedir => tmpfilename('collectd-graphite'), - } - end - let :params do - { - :protocol => 'udp', - } - end - - it 'Should include protocol in /etc/collectd.d/write_graphite.conf for collectd >= 5.4' do - should contain_concat__fragment( - 'collectd_plugin_write_graphite_conf_wg_udp_2003' - ).with_content(/.*Protocol \"udp\".*/) - end - - it 'uses Node definition' do - should contain_concat__fragment('collectd_plugin_write_graphite_conf_wg_udp_2003').with(:content => //, - :target => '/etc/collectd.d/write_graphite-config.conf',) - end - end - - context 'default configuration (undefined collectd version)' do - let(:title) { 'graphite_default' } - - it 'includes carbon configuration' do - should contain_concat__fragment('collectd_plugin_write_graphite_conf_graphite_default_tcp_2003').with(:content => //, - :target => '/etc/collectd/conf.d/write_graphite-config.conf',) - - should contain_concat__fragment('collectd_plugin_write_graphite_conf_graphite_default_tcp_2003').with(:content => /Host "localhost"/,) - - should contain_concat__fragment('collectd_plugin_write_graphite_conf_graphite_default_tcp_2003').with(:content => /Port "2003"/,) - end - end -end diff --git a/module-collectd/spec/defines/collectd_type_spec.rb b/module-collectd/spec/defines/collectd_type_spec.rb deleted file mode 100644 index 41b58dba6..000000000 --- a/module-collectd/spec/defines/collectd_type_spec.rb +++ /dev/null @@ -1,30 +0,0 @@ -require 'spec_helper' - -describe 'collectd::type', :type => :define do - let :facts do - { - :osfamily => 'Debian', - :id => 'root', - :concat_basedir => tmpfilename('collectd-type'), - :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', - } - end - - context 'define a type' do - let(:title) { 'index' } - let :params do - { - :target => '/etc/collectd/types.db', - :ds_type => 'ABSOLUTE', - :min => 4, - :max => 5, - :ds_name => 'some_name', - } - end - - it 'creates an entry' do - should contain_concat__fragment('/etc/collectd/types.db/index').with(:target => '/etc/collectd/types.db', - :content => "index\tsome_name:ABSOLUTE:4:5",) - end - end -end diff --git a/module-collectd/spec/defines/collectd_typesdb_spec.rb b/module-collectd/spec/defines/collectd_typesdb_spec.rb deleted file mode 100644 index 33b8a5e7a..000000000 --- a/module-collectd/spec/defines/collectd_typesdb_spec.rb +++ /dev/null @@ -1,21 +0,0 @@ -require 'spec_helper' - -describe 'collectd::typesdb', :type => :define do - let :facts do - { - :osfamily => 'Debian', - :id => 'root', - :concat_basedir => tmpfilename('collectd-typesdb'), - :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', - } - end - - context 'without any types' do - let(:title) { '/etc/collectd/types.db' } - - it 'should contain empty types.db' do - should contain_concat('/etc/collectd/types.db') - should contain_file('/etc/collectd/types.db') - end - end -end diff --git a/module-collectd/spec/fixtures/facts/collectd_help b/module-collectd/spec/fixtures/facts/collectd_help deleted file mode 100644 index f08df4352..000000000 --- a/module-collectd/spec/fixtures/facts/collectd_help +++ /dev/null @@ -1,22 +0,0 @@ -Usage: collectd [OPTIONS] - -Available options: - General: - -C Configuration file. - Default: /etc/collectd/collectd.conf - -t Test config and exit. - -T Test plugin read and exit. - -P PID-file. - Default: /var/run/collectd.pid - -f Don't fork to the background. - -h Display help (this message) - -Builtin defaults: - Config file /etc/collectd/collectd.conf - PID file /var/run/collectd.pid - Plugin directory /usr/lib/collectd - Data directory /var/lib/collectd - -collectd 5.1.0, http://collectd.org/ -by Florian octo Forster -for contributions see `AUTHORS' diff --git a/module-collectd/spec/fixtures/facts/collectd_help_git b/module-collectd/spec/fixtures/facts/collectd_help_git deleted file mode 100644 index bc51a9455..000000000 --- a/module-collectd/spec/fixtures/facts/collectd_help_git +++ /dev/null @@ -1,22 +0,0 @@ -Usage: collectd [OPTIONS] - -Available options: - General: - -C Configuration file. - Default: /etc/collectd/collectd.conf - -t Test config and exit. - -T Test plugin read and exit. - -P PID-file. - Default: /var/run/collectd.pid - -f Don't fork to the background. - -h Display help (this message) - -Builtin defaults: - Config file /etc/collectd/collectd.conf - PID file /var/run/collectd.pid - Plugin directory /usr/lib/collectd - Data directory /var/lib/collectd - -collectd 5.1.0.git, http://collectd.org/ -by Florian octo Forster -for contributions see `AUTHORS' diff --git a/module-collectd/spec/fixtures/modules/test/manifests/collectd_version.pp b/module-collectd/spec/fixtures/modules/test/manifests/collectd_version.pp deleted file mode 100644 index 31a0e10b1..000000000 --- a/module-collectd/spec/fixtures/modules/test/manifests/collectd_version.pp +++ /dev/null @@ -1,19 +0,0 @@ -# class used solely to test the collectd_version expansion in init.pp -# Note that fact collectd_real_version is also used by init.pp -# Write the generated value to a template so we can test it -class test::collectd_version( - $version = undef, - $minimum_version = undef, -) { - class { '::collectd': - version => $version, - minimum_version => $minimum_version, - } - - file { 'collectd_version.tmp': - ensure => file, - path => '/tmp/collectd_version.tmp', - content => template('test/collectd_version.tmp.erb'), - require => Class['Collectd'], - } -} diff --git a/module-collectd/spec/fixtures/modules/test/templates/collectd_version.tmp.erb b/module-collectd/spec/fixtures/modules/test/templates/collectd_version.tmp.erb deleted file mode 100644 index 5a540b7b3..000000000 --- a/module-collectd/spec/fixtures/modules/test/templates/collectd_version.tmp.erb +++ /dev/null @@ -1 +0,0 @@ -<%= scope.lookupvar('::collectd::collectd_version') %> diff --git a/module-collectd/spec/fixtures/plugins/dns.conf.default b/module-collectd/spec/fixtures/plugins/dns.conf.default deleted file mode 100644 index 71e053380..000000000 --- a/module-collectd/spec/fixtures/plugins/dns.conf.default +++ /dev/null @@ -1,10 +0,0 @@ -# Generated by Puppet - - Globals false - - - - Interface "any" - SelectNumericQueryTypes true - - diff --git a/module-collectd/spec/fixtures/plugins/dns.conf.ignoresource b/module-collectd/spec/fixtures/plugins/dns.conf.ignoresource deleted file mode 100644 index c5c885fc8..000000000 --- a/module-collectd/spec/fixtures/plugins/dns.conf.ignoresource +++ /dev/null @@ -1,11 +0,0 @@ -# Generated by Puppet - - Globals false - - - - Interface "any" - IgnoreSource 10.10.10.10 - SelectNumericQueryTypes true - - diff --git a/module-collectd/spec/fixtures/plugins/dns.conf.interface b/module-collectd/spec/fixtures/plugins/dns.conf.interface deleted file mode 100644 index 8178906e8..000000000 --- a/module-collectd/spec/fixtures/plugins/dns.conf.interface +++ /dev/null @@ -1,10 +0,0 @@ -# Generated by Puppet - - Globals false - - - - Interface "eth0" - SelectNumericQueryTypes true - - diff --git a/module-collectd/spec/fixtures/plugins/mongodb.conf.collectddir b/module-collectd/spec/fixtures/plugins/mongodb.conf.collectddir deleted file mode 100644 index 2684ea522..000000000 --- a/module-collectd/spec/fixtures/plugins/mongodb.conf.collectddir +++ /dev/null @@ -1,15 +0,0 @@ -# Generated by Puppet - - Globals false - - - - ModulePath /tmp/collectd_test_dir - Import 'mongodb' - - Host "127.0.0.1" - User "test_user" - Password "password" - - - diff --git a/module-collectd/spec/fixtures/plugins/mongodb.conf.configured_dbs_multiple b/module-collectd/spec/fixtures/plugins/mongodb.conf.configured_dbs_multiple deleted file mode 100644 index 4c8a1b2aa..000000000 --- a/module-collectd/spec/fixtures/plugins/mongodb.conf.configured_dbs_multiple +++ /dev/null @@ -1,17 +0,0 @@ -# Generated by Puppet - - Globals false - - - - ModulePath /usr/lib/collectd - Import 'mongodb' - - Host "127.0.0.1" - User "test_user" - Password "password" - Port "8080" - Database "admin" "25" "26" - - - diff --git a/module-collectd/spec/fixtures/plugins/mongodb.conf.configured_dbs_single b/module-collectd/spec/fixtures/plugins/mongodb.conf.configured_dbs_single deleted file mode 100644 index e54d97b2b..000000000 --- a/module-collectd/spec/fixtures/plugins/mongodb.conf.configured_dbs_single +++ /dev/null @@ -1,17 +0,0 @@ -# Generated by Puppet - - Globals false - - - - ModulePath /usr/lib/collectd - Import 'mongodb' - - Host "127.0.0.1" - User "test_user" - Password "password" - Port "8080" - Database "admin" "25" - - - diff --git a/module-collectd/spec/fixtures/plugins/mongodb.conf.db_pass b/module-collectd/spec/fixtures/plugins/mongodb.conf.db_pass deleted file mode 100644 index c1db00c73..000000000 --- a/module-collectd/spec/fixtures/plugins/mongodb.conf.db_pass +++ /dev/null @@ -1,15 +0,0 @@ -# Generated by Puppet - - Globals false - - - - ModulePath /usr/lib/collectd - Import 'mongodb' - - Host "127.0.0.1" - User "test_user" - Password "foo" - - - diff --git a/module-collectd/spec/fixtures/plugins/mongodb.conf.db_user b/module-collectd/spec/fixtures/plugins/mongodb.conf.db_user deleted file mode 100644 index 0b2419cf1..000000000 --- a/module-collectd/spec/fixtures/plugins/mongodb.conf.db_user +++ /dev/null @@ -1,15 +0,0 @@ -# Generated by Puppet - - Globals false - - - - ModulePath /usr/lib/collectd - Import 'mongodb' - - Host "127.0.0.1" - User "test_user" - Password "password" - - - diff --git a/module-collectd/spec/fixtures/plugins/mongodb.conf.default b/module-collectd/spec/fixtures/plugins/mongodb.conf.default deleted file mode 100644 index 0b2419cf1..000000000 --- a/module-collectd/spec/fixtures/plugins/mongodb.conf.default +++ /dev/null @@ -1,15 +0,0 @@ -# Generated by Puppet - - Globals false - - - - ModulePath /usr/lib/collectd - Import 'mongodb' - - Host "127.0.0.1" - User "test_user" - Password "password" - - - diff --git a/module-collectd/spec/fixtures/plugins/mongodb.conf.hostdb b/module-collectd/spec/fixtures/plugins/mongodb.conf.hostdb deleted file mode 100644 index 0b2419cf1..000000000 --- a/module-collectd/spec/fixtures/plugins/mongodb.conf.hostdb +++ /dev/null @@ -1,15 +0,0 @@ -# Generated by Puppet - - Globals false - - - - ModulePath /usr/lib/collectd - Import 'mongodb' - - Host "127.0.0.1" - User "test_user" - Password "password" - - - diff --git a/module-collectd/spec/spec.opts b/module-collectd/spec/spec.opts deleted file mode 100644 index 91cd6427e..000000000 --- a/module-collectd/spec/spec.opts +++ /dev/null @@ -1,6 +0,0 @@ ---format -s ---colour ---loadby -mtime ---backtrace diff --git a/module-collectd/spec/spec_helper.rb b/module-collectd/spec/spec_helper.rb deleted file mode 100644 index f85a4298d..000000000 --- a/module-collectd/spec/spec_helper.rb +++ /dev/null @@ -1,22 +0,0 @@ -require 'puppetlabs_spec_helper/module_spec_helper' - -RSpec.configure do |c| - c.include PuppetlabsSpec::Files - - c.before :each do - # Ensure that we don't accidentally cache facts and environment - # between test cases. - Facter::Util::Loader.any_instance.stubs(:load_all) - Facter.clear - Facter.clear_messages - - # Store any environment variables away to be restored later - @old_env = {} - ENV.each_key { |k| @old_env[k] = ENV[k] } - - Puppet.settings[:strict_variables] = true if ENV['STRICT_VARIABLES'] == 'yes' - end - c.after :each do - PuppetlabsSpec::Files.cleanup - end -end diff --git a/module-collectd/spec/spec_helper_acceptance.rb b/module-collectd/spec/spec_helper_acceptance.rb deleted file mode 100644 index b92ed4b3a..000000000 --- a/module-collectd/spec/spec_helper_acceptance.rb +++ /dev/null @@ -1,25 +0,0 @@ -require 'beaker-rspec/spec_helper' -require 'beaker-rspec/helpers/serverspec' - -hosts.each do |_host| - # Install Puppet - install_puppet -end - -RSpec.configure do |c| - # Project root - proj_root = File.expand_path(File.join(File.dirname(__FILE__), '..')) - - # Readable test descriptions - c.formatter = :documentation - - # Configure all nodes in nodeset - c.before :suite do - # Install module and dependencies - puppet_module_install(:source => proj_root, :module_name => 'collectd') - hosts.each do |host| - on host, puppet('module', 'install', 'puppetlabs-stdlib'), :acceptable_exit_codes => [0] - on host, puppet('module', 'install', 'puppetlabs-concat'), :acceptable_exit_codes => [0] - end - end -end diff --git a/module-collectd/spec/unit/collectd_real_version_spec.rb b/module-collectd/spec/unit/collectd_real_version_spec.rb deleted file mode 100644 index 2abb47f6c..000000000 --- a/module-collectd/spec/unit/collectd_real_version_spec.rb +++ /dev/null @@ -1,20 +0,0 @@ -require 'spec_helper' - -describe 'collectd_real_version', :type => :fact do - before { Facter.clear } - after { Facter.clear } - - it 'should be 5.1.0 according to output' do - Facter::Util::Resolution.stubs(:which).with('collectd').returns('/usr/sbin/collectd') - sample_collectd_help = File.read(fixtures('facts', 'collectd_help')) - Facter::Util::Resolution.stubs(:exec).with('collectd -h').returns(sample_collectd_help) - expect(Facter.fact(:collectd_real_version).value).to eq('5.1.0') - end - - it 'should be 5.1.0.git according to output' do - Facter::Util::Resolution.stubs(:which).with('collectd').returns('/usr/sbin/collectd') - sample_collectd_help_git = File.read(fixtures('facts', 'collectd_help_git')) - Facter::Util::Resolution.stubs(:exec).with('collectd -h').returns(sample_collectd_help_git) - expect(Facter.fact(:collectd_real_version).value).to eq('5.1.0.git') - end -end diff --git a/module-collectd/templates/collectd.conf.erb b/module-collectd/templates/collectd.conf.erb deleted file mode 100644 index 6ad507361..000000000 --- a/module-collectd/templates/collectd.conf.erb +++ /dev/null @@ -1,31 +0,0 @@ -# Generated by Puppet -<% unless @fqdnlookup %> -Hostname "<%= @collectd_hostname %>" -FQDNLookup false -<% else %> -#Hostname localhost -FQDNLookup true -<% end %> -#BaseDir "/var/lib/collectd" -#PluginDir "/usr/lib/collectd" -<% if @typesdb and not @typesdb.empty? -%> -TypesDB<% @typesdb.each do |path| -%> "<%= path %>"<% end %> -<% else -%> -#TypesDB "/usr/share/collectd/types.db" "/etc/collectd/my_types.db" -<% end -%> -<% if @write_queue_limit_high -%> -WriteQueueLimitHigh <%= @write_queue_limit_high %> -<% end -%> -<% if @write_queue_limit_low -%> -WriteQueueLimitLow <%= @write_queue_limit_low %> -<% end -%> -Interval <%= @interval %> -Timeout <%= @timeout %> -ReadThreads <%= @threads %> -Include "<%= @plugin_conf_dir %>/*.conf" -<% @include.each do |obj| -%> -Include "<%= obj %>" -<% end -%> -<% if @internal_stats && @collectd_version && scope.function_versioncmp([@collectd_version, '5.5']) > 0 -%> -CollectInternalStats true -<% end -%> diff --git a/module-collectd/templates/curl_json.conf.erb b/module-collectd/templates/curl_json.conf.erb deleted file mode 100644 index 675354080..000000000 --- a/module-collectd/templates/curl_json.conf.erb +++ /dev/null @@ -1,28 +0,0 @@ -# Generated by Puppet -LoadPlugin "curl_json" - - -<%- if @url.start_with? '/' -%> - "> -<%- else -%> - "> -<%- end -%> - Instance "<%= @instance %>" - -<% if @user %> - User "<%= @user %>" - Password "<%= @password %>" -<% end %> - -<% @keys.sort.each do |key,keydata| %> - "> - Type "<%= keydata['type'] %>" - -<% end -%> - -<%- if @url.start_with? '/' -%> - -<%- else -%> - -<%- end -%> - diff --git a/module-collectd/templates/loadplugin.conf.erb b/module-collectd/templates/loadplugin.conf.erb deleted file mode 100644 index d9203dc93..000000000 --- a/module-collectd/templates/loadplugin.conf.erb +++ /dev/null @@ -1,13 +0,0 @@ -# Generated by Puppet -<% if @collectd_version and (scope.function_versioncmp([@collectd_version, '4.9.4']) >= 0) -%> -> - Globals <%= @globals %> -<% if @interval and @collectd_version and (scope.function_versioncmp([@collectd_version, '5.2']) >= 0) -%> - Interval <%= @interval %> -<% end -%> - -<% else -%> -LoadPlugin <%= @plugin %> -<% end -%> - -<%= @content %> diff --git a/module-collectd/templates/mysql-database.conf.erb b/module-collectd/templates/mysql-database.conf.erb deleted file mode 100644 index e98f3214d..000000000 --- a/module-collectd/templates/mysql-database.conf.erb +++ /dev/null @@ -1,25 +0,0 @@ -# Generated by Puppet - - - "> - Host "<%= @host %>" - User "<%= @username %>" - Password "<%= @password %>" -<% if @collectd_version and (scope.function_versioncmp([@collectd_version, '5.0']) >= 0) -%> - Port "<%= @port %>" -<% else -%> - Port <%= @port %> -<% end -%> - MasterStats <%= @masterstats %> - SlaveStats <%= @slavestats %> -<%- if @socket -%> - Socket "<%= @socket %>" -<%- end -%> -<%- if not @innodbstats.nil? -%> - InnodbStats <%= @innodbstats %> -<%- end -%> -<%- if not @slavenotifications.nil? -%> - SlaveNotifications <%= @slavenotifications %> -<%- end -%> - - diff --git a/module-collectd/templates/plugin/aggregation-aggregator.conf.erb b/module-collectd/templates/plugin/aggregation-aggregator.conf.erb deleted file mode 100644 index bad586055..000000000 --- a/module-collectd/templates/plugin/aggregation-aggregator.conf.erb +++ /dev/null @@ -1,55 +0,0 @@ - - -<% unless @host.nil? -%> - Host "<%= @host %>" -<% end -%> -<% unless @plugin.nil? -%> - Plugin "<%= @plugin %>" -<% end -%> -<% unless @plugininstance.nil? -%> - PluginInstance "<%= @plugininstance %>" -<% end -%> -<% unless @type.nil? -%> - Type "<%= @type %>" -<% end -%> -<% unless @typeinstance.nil? -%> - TypeInstance "<%= @typeinstance %>" -<% end -%> - -<% unless @sethost.nil? -%> - SetHost "<%= @sethost %>" -<% end -%> -<% unless @setplugin.nil? -%> - SetPlugin "<%= @setplugin %>" -<% end -%> -<% unless @setplugininstance.nil? -%> - SetPluginInstance "<%= @setplugininstance %>" -<% end -%> -<% unless @settypeinstance.nil? -%> - SetTypeInstance "<%= @settypeinstance %>" -<% end -%> - -<% @groupby.each do |groupby| -%> - GroupBy "<%= groupby %>" -<% end -%> - -<% unless @calculatesum.nil? -%> - CalculateSum <%= @calculatesum %> -<% end -%> -<% unless @calculatenum.nil? -%> - CalculateNum <%= @calculatenum %> -<% end -%> -<% unless @calculateaverage.nil? -%> - CalculateAverage <%= @calculateaverage %> -<% end -%> -<% unless @calculateminimum.nil? -%> - CalculateMinimum <%= @calculateminimum %> -<% end -%> -<% unless @calculatemaximum.nil? -%> - CalculateMaximum <%= @calculatemaximum %> -<% end -%> -<% unless @calculatestddev.nil? -%> - CalculateStddev <%= @calculatestddev %> -<% end -%> - - diff --git a/module-collectd/templates/plugin/amqp.conf.erb b/module-collectd/templates/plugin/amqp.conf.erb deleted file mode 100644 index 8abd75058..000000000 --- a/module-collectd/templates/plugin/amqp.conf.erb +++ /dev/null @@ -1,14 +0,0 @@ - - - Host "<%= @amqphost %>" - Port "<%= @amqpport %>" - VHost "<%= @amqpvhost%>" - User "<%= @amqpuser %>" - Password "<%= @amqppass %>" - Format "<%= @amqpformat %>" - Exchange "<%= @amqpexchange %>" - Persistent <%= @amqppersistent %> - GraphitePrefix "<%= @graphiteprefix %>" - GraphiteEscapeChar "<%= @escapecharacter %>" - - diff --git a/module-collectd/templates/plugin/apache.conf.erb b/module-collectd/templates/plugin/apache.conf.erb deleted file mode 100644 index d4231363a..000000000 --- a/module-collectd/templates/plugin/apache.conf.erb +++ /dev/null @@ -1,22 +0,0 @@ - -<% @instances.each do |name,values| -%> - "> - URL "<%= values['url'] %>" -<% if values['user'] -%> - User "<%= values['user'] %>" -<% end -%> -<% if values['password'] -%> - Password "<%= values['password'] %>" -<% end -%> -<% unless values['verifypeer'].nil? -%> - VerifyPeer "<%= values['verifypeer'] %>" -<% end -%> -<% unless values['verifyhost'].nil? -%> - VerifyHost "<%= values['verifyhost'] %>" -<% end -%> -<% if values['cacert'] -%> - CACert "<%= values['cacert'] %>" -<% end -%> - -<% end -%> - diff --git a/module-collectd/templates/plugin/bind.conf.erb b/module-collectd/templates/plugin/bind.conf.erb deleted file mode 100644 index 877257c2e..000000000 --- a/module-collectd/templates/plugin/bind.conf.erb +++ /dev/null @@ -1,28 +0,0 @@ - - URL "<%= @url %>" - ParseTime <%= @parsetime %> - OpCodes <%= @opcodes %> - QTypes <%= @qtypes %> - ServerStats <%= @serverstats %> - ZoneMaintStats <%= @zonemaintstats %> - ResolverStats <%= @resolverstats %> - MemoryStats <%= @memorystats %> -<% @views.each do |view| -%> - "> -<% unless view['qtypes'].nil? -%> - QTypes <%= view['qtypes'] %> -<% end -%> -<% unless view['resolverstats'].nil? -%> - ResolverStats <%= view['resolverstats'] %> -<% end -%> -<% unless view['cacherrsets'].nil? -%> - CacheRRSets <%= view['cacherrsets'] %> -<% end -%> -<% if view['zones'] -%> -<% view['zones'].each do |zone| -%> - Zone "<%= zone %>" -<% end -%> -<% end -%> - -<% end -%> - diff --git a/module-collectd/templates/plugin/ceph.conf.erb b/module-collectd/templates/plugin/ceph.conf.erb deleted file mode 100644 index c092f66d5..000000000 --- a/module-collectd/templates/plugin/ceph.conf.erb +++ /dev/null @@ -1,11 +0,0 @@ - - LongRunAvgLatency <%= @longrunavglatency %> - ConvertSpecialMetricTypes <%= @convertspecialmetrictypes %> - -<% @osds.each do |osd| -%> - "> - SocketPath "/var/run/ceph/ceph-<%= osd %>.asok" - -<% end -%> - - diff --git a/module-collectd/templates/plugin/chain.conf.erb b/module-collectd/templates/plugin/chain.conf.erb deleted file mode 100644 index 53f0956f2..000000000 --- a/module-collectd/templates/plugin/chain.conf.erb +++ /dev/null @@ -1,23 +0,0 @@ -"> -<% @rules.each do |rule| -%> - - "> -<% rule['match']["matches"].each do |key, value| -%> - <%= key %> "<%= value %>" -<% end -%> - -<% rule['targets'].each do |target| -%> -<% if target['attributes'].nil? -%> - Target "<%= target['type'] %>" -<% else -%> - "> -<% target['attributes'].each do |key, value| -%> - <%= key %> "<%= value %>" -<% end -%> - -<% end -%> -<% end -%> - -<% end -%> - Target "<%= @defaulttarget %>" - diff --git a/module-collectd/templates/plugin/cpu.conf.erb b/module-collectd/templates/plugin/cpu.conf.erb deleted file mode 100644 index 68c3b5f53..000000000 --- a/module-collectd/templates/plugin/cpu.conf.erb +++ /dev/null @@ -1,7 +0,0 @@ -<% if @collectd_version and (scope.function_versioncmp([@collectd_version, '5.5']) >= 0) -%> - - ReportByState = <%= @reportbystate %> - ReportByCpu = <%= @reportbycpu %> - ValuesPercentage = <%= @valuespercentage %> - -<% end -%> diff --git a/module-collectd/templates/plugin/csv.conf.erb b/module-collectd/templates/plugin/csv.conf.erb deleted file mode 100644 index 6b20f5b95..000000000 --- a/module-collectd/templates/plugin/csv.conf.erb +++ /dev/null @@ -1,4 +0,0 @@ - - DataDir "<%= @datadir %>" - StoreRates <%= @storerates %> - diff --git a/module-collectd/templates/plugin/curl-page.conf.erb b/module-collectd/templates/plugin/curl-page.conf.erb deleted file mode 100644 index 3caf4b011..000000000 --- a/module-collectd/templates/plugin/curl-page.conf.erb +++ /dev/null @@ -1,32 +0,0 @@ - - "> - URL "<%= @url %>" -<% if @user -%> - User "<%= @user %>" -<% end -%> -<% if @password -%> - Password "<%= @password %>" -<% end -%> -<% unless @verifypeer.nil? -%> - VerifyPeer <%= @verifypeer %> -<% end -%> -<% unless @verifyhost.nil? -%> - VerifyHost <%= @verifyhost %> -<% end -%> -<% if @cacert -%> - CACert "<%= @cacert %>" -<% end -%> -<% if @header and @collectd_version and (scope.function_versioncmp([@collectd_version, '5.3']) >= 0) -%> - Header "<%= @header %>" -<% end -%> -<% if @post and @collectd_version and (scope.function_versioncmp([@collectd_version, '5.3']) >= 0) -%> - Post "<%= @post %>" -<% end -%> -<% unless @measureresponsetime.nil? -%> - MeasureResponseTime <%= @measureresponsetime %> -<% end -%> -<% if @matches -%> -<%= scope.function_template(["collectd/plugin/match.tpl.erb"]) %> -<% end -%> - - diff --git a/module-collectd/templates/plugin/dbi/database.conf.erb b/module-collectd/templates/plugin/dbi/database.conf.erb deleted file mode 100644 index 6e7aed570..000000000 --- a/module-collectd/templates/plugin/dbi/database.conf.erb +++ /dev/null @@ -1,15 +0,0 @@ - "> - Driver "<%= @driver %>" -<% @driveroption.each do |key, value| -%> - DriverOption "<%= key %>" "<%= value %>" -<% end -%> -<% if @selectdb -%> - SelectDB "<%= @selectdb %>" -<% end -%> -<% if @host -%> - Host "<%= @host %>" -<% end -%> -<% @query.each do |query| -%> - Query "<%= query %>" -<% end -%> - diff --git a/module-collectd/templates/plugin/dbi/query.conf.erb b/module-collectd/templates/plugin/dbi/query.conf.erb deleted file mode 100644 index 56421fce8..000000000 --- a/module-collectd/templates/plugin/dbi/query.conf.erb +++ /dev/null @@ -1,36 +0,0 @@ - > - Statement "<%= @statement %>" -<% if @minversion -%> - MinVersion <%= @minversion %> -<% end -%> -<% if @maxversion -%> - MaxVersion <%= @maxversion %> -<% end -%> -<% @results.each do |result| -%> - - Type "<%= result['type'] %>" -<% if result['instanceprefix'] -%> - InstancePrefix "<%= result['instanceprefix'] %>" -<% end -%> -<% if result['instancesfrom'] -%> -<% if result['instancesfrom'].kind_of?(Array) -%> - InstancesFrom <%= result['instancesfrom'].flatten.map {|entry| "\"#{entry}\""}.join(' ') %> -<% else -%> - InstancesFrom "<%= result['instancesfrom'] %>" -<% end -%> -<% end -%> -<% if result['metadatafrom'] -%> -<% if result['metadatafrom'].kind_of?(Array) -%> - InstancesFrom <%= result['metadatafrom'].flatten.map {|entry| "\"#{entry}\""}.join(' ') %> -<% else -%> - MetadataFrom "<%= result['metadatafrom'] %>" -<% end -%> -<% end -%> -<% if result['valuesfrom'].kind_of?(Array) -%> - ValuesFrom <%= result['valuesfrom'].flatten.map {|entry| "\"#{entry}\""}.join(' ') %> -<% else -%> - ValuesFrom "<%= result['valuesfrom'] %>" -<% end -%> - -<% end -%> - diff --git a/module-collectd/templates/plugin/df.conf.erb b/module-collectd/templates/plugin/df.conf.erb deleted file mode 100644 index 8f1ef1492..000000000 --- a/module-collectd/templates/plugin/df.conf.erb +++ /dev/null @@ -1,16 +0,0 @@ - -<% @mountpoints.each do |mp| -%> - MountPoint "<%= mp %>" -<% end -%> -<% @fstypes.each do |fs| -%> - FSType "<%= fs %>" -<% end -%> - IgnoreSelected <%= @ignoreselected %> - ReportByDevice <%= @reportbydevice %> - ReportInodes <%= @reportinodes %> - ReportReserved <%= @reportreserved %> -<% if @collectd_version and (scope.function_versioncmp([@collectd_version, '5.4']) >= 0) -%> - ValuesAbsolute <%= @valuesabsolute %> - ValuesPercentage <%= @valuespercentage %> -<% end -%> - diff --git a/module-collectd/templates/plugin/disk.conf.erb b/module-collectd/templates/plugin/disk.conf.erb deleted file mode 100644 index 3d92ecf2a..000000000 --- a/module-collectd/templates/plugin/disk.conf.erb +++ /dev/null @@ -1,9 +0,0 @@ - -<% @disks.each do |disk| -%> - Disk "<%=disk %>" -<% end -%> - IgnoreSelected <%= @ignoreselected %> -<% if @udevnameattr and @collectd_version and (scope.function_versioncmp([@collectd_version, '5.5']) >= 0) -%> - UdevNameAttr <%= @udevnameattr %> -<% end -%> - diff --git a/module-collectd/templates/plugin/dns.conf.erb b/module-collectd/templates/plugin/dns.conf.erb deleted file mode 100644 index 0dea8295e..000000000 --- a/module-collectd/templates/plugin/dns.conf.erb +++ /dev/null @@ -1,7 +0,0 @@ - - Interface "<%= @interface %>" -<% if @ignoresource -%> - IgnoreSource <%= @ignoresource %> -<%- end -%> - SelectNumericQueryTypes <%= @selectnumericquerytypes_real %> - diff --git a/module-collectd/templates/plugin/exec/cmd.conf.erb b/module-collectd/templates/plugin/exec/cmd.conf.erb deleted file mode 100644 index 80ee69f94..000000000 --- a/module-collectd/templates/plugin/exec/cmd.conf.erb +++ /dev/null @@ -1,6 +0,0 @@ -<%- unless @exec.empty? -%> - Exec "<%= @user %>:<%= @group %>" "<%= @exec.join('" "') %>" -<%- end -%> -<%- unless @notification_exec.empty? -%> - NotificationExec "<%= @user %>:<%= @group %>" "<%= @notification_exec.join('" "') %>" -<%- end -%> \ No newline at end of file diff --git a/module-collectd/templates/plugin/filecount-directory.conf.erb b/module-collectd/templates/plugin/filecount-directory.conf.erb deleted file mode 100644 index 529e103ce..000000000 --- a/module-collectd/templates/plugin/filecount-directory.conf.erb +++ /dev/null @@ -1,20 +0,0 @@ - - "> - Instance "<%= @instance %>" -<% if @pattern -%> - Name "<%= @pattern %>" -<% end -%> -<% if @mtime -%> - MTime "<%= @mtime %>" -<% end -%> -<% if @size -%> - Size "<%= @size %>" -<% end -%> -<% unless @recursive.nil? -%> - Recursive <%= @recursive %> -<% end -%> -<% unless @includehidden.nil? -%> - IncludeHidden <%= @includehidden %> -<% end -%> - - diff --git a/module-collectd/templates/plugin/filecount.conf.erb b/module-collectd/templates/plugin/filecount.conf.erb deleted file mode 100644 index b9672e518..000000000 --- a/module-collectd/templates/plugin/filecount.conf.erb +++ /dev/null @@ -1,15 +0,0 @@ -<%- unless @directories.empty? -%> - -<% @directories.each_pair do |key,val| -%> -<% if val.is_a? Array -%> - "> - Instance "<%= val['instance'] %>" - -<% else -%> - "> - Instance "<%= key %>" - -<% end -%> -<% end -%> - -<%- end -%> diff --git a/module-collectd/templates/plugin/filter/match.erb b/module-collectd/templates/plugin/filter/match.erb deleted file mode 100644 index 8f7d7d50d..000000000 --- a/module-collectd/templates/plugin/filter/match.erb +++ /dev/null @@ -1,15 +0,0 @@ -<% if @options.nil? -%> - Match "<%= @plugin %>" -<% else -%> - "> -<% @options.each do |key, value| -%> -<% if value.kind_of?(String) -%> - <%= key %> "<%= value %>" -<% elsif value.kind_of?(Integer) or value.kind_of?(TrueClass) or value.kind_of?(FalseClass) -%> - <%= key %> <%= value %> -<% elsif value.kind_of?(Array) -%> - <%= key %> <%= value.flatten.map {|entry| "\"#{entry}\""}.join(' ') %> -<% end -%> -<% end -%> - -<% end -%> diff --git a/module-collectd/templates/plugin/filter/target.erb b/module-collectd/templates/plugin/filter/target.erb deleted file mode 100644 index a53b0da5e..000000000 --- a/module-collectd/templates/plugin/filter/target.erb +++ /dev/null @@ -1,15 +0,0 @@ -<% if @options.nil? -%> - Target "<%= @plugin %>" -<% else -%> - "> -<% @options.each do |key, value| -%> -<% if value.kind_of?(String) -%> - <%= key %> "<%= value %>" -<% elsif value.kind_of?(Integer) or value.kind_of?(TrueClass) or value.kind_of?(FalseClass) -%> - <%= key %> <%= value %> -<% elsif value.kind_of?(Array) -%> - <%= key %> <%= value.flatten.map {|entry| "\"#{entry}\""}.join(' ') %> -<% end -%> -<% end -%> - -<% end -%> diff --git a/module-collectd/templates/plugin/genericjmx.conf.header.erb b/module-collectd/templates/plugin/genericjmx.conf.header.erb deleted file mode 100644 index 1a8ec7fc9..000000000 --- a/module-collectd/templates/plugin/genericjmx.conf.header.erb +++ /dev/null @@ -1,8 +0,0 @@ - - JVMArg "-Djava.class.path=<%= @class_path %>" -<% Array(@jvmarg).each do |jvmarg| -%> - JVMArg "<%= jvmarg %>" -<% end -%> - - LoadPlugin "org.collectd.java.GenericJMX" - diff --git a/module-collectd/templates/plugin/genericjmx/connection.conf.erb b/module-collectd/templates/plugin/genericjmx/connection.conf.erb deleted file mode 100644 index ea32ce9df..000000000 --- a/module-collectd/templates/plugin/genericjmx/connection.conf.erb +++ /dev/null @@ -1,16 +0,0 @@ - - Host "<%= @host %>" - ServiceURL "<%= @service_url %>" - <% Array(@collect).each do |collect| -%> - Collect "<%= collect %>" - <% end -%> - <% if @user -%> - User "<%= @user %>" - <% end -%> - <% if @password -%> - Password "<%= @password %>" - <% end -%> - <% if @instance_prefix -%> - InstancePrefix "<%= @instance_prefix %>" - <% end -%> - diff --git a/module-collectd/templates/plugin/genericjmx/mbean.conf.erb b/module-collectd/templates/plugin/genericjmx/mbean.conf.erb deleted file mode 100644 index cced7724a..000000000 --- a/module-collectd/templates/plugin/genericjmx/mbean.conf.erb +++ /dev/null @@ -1,27 +0,0 @@ -"> - ObjectName "<%= @object_name %>" - <% if @instance_prefix -%> - InstancePrefix "<%= @instance_prefix %>" - <% end -%> - <% if @instance_from -%> - <% Array(@instance_from).each do |instance_from_item| -%> - InstanceFrom "<%= instance_from_item %>" - <% end -%> - <% end -%> - - <% @values.each do |value| -%> - - Type "<%= value['type'] %>" - <% if value['instance_prefix'] -%> - InstancePrefix "<%= value['instance_prefix'] %>" - <% end -%> - <% if value['instance_from'] -%> - <% Array(value['instance_from']).each do |instance_from_item| -%> - InstanceFrom "<%= instance_from_item %>" - <% end -%> - <% end -%> - Table <%= scope.function_str2bool([value['table'] || false ]) ? 'true' : 'false' %> - Attribute "<%= value['attribute'] %>" - - <% end -%> - diff --git a/module-collectd/templates/plugin/interface.conf.erb b/module-collectd/templates/plugin/interface.conf.erb deleted file mode 100644 index e9ca4af77..000000000 --- a/module-collectd/templates/plugin/interface.conf.erb +++ /dev/null @@ -1,6 +0,0 @@ - -<% @interfaces.each do |interface| -%> - Interface "<%=interface %>" -<% end -%> - IgnoreSelected <%= @ignoreselected %> - diff --git a/module-collectd/templates/plugin/iptables.conf.erb b/module-collectd/templates/plugin/iptables.conf.erb deleted file mode 100644 index 9aae7e3f2..000000000 --- a/module-collectd/templates/plugin/iptables.conf.erb +++ /dev/null @@ -1,9 +0,0 @@ -<% if @chains -%> - -<% @chains.each_pair do |table,chains| - Array(chains).each do |chain| -%> - Chain <%= table %> <%= chain %> -<% end -%> -<% end -%> - -<% end -%> diff --git a/module-collectd/templates/plugin/irq.conf.erb b/module-collectd/templates/plugin/irq.conf.erb deleted file mode 100644 index 18ef64fd1..000000000 --- a/module-collectd/templates/plugin/irq.conf.erb +++ /dev/null @@ -1,6 +0,0 @@ - -<% @irqs.each do |irq| -%> - Irq "<%=irq %>" -<% end -%> - IgnoreSelected <%= @ignoreselected %> - diff --git a/module-collectd/templates/plugin/java.conf.erb b/module-collectd/templates/plugin/java.conf.erb deleted file mode 100644 index 0ab321810..000000000 --- a/module-collectd/templates/plugin/java.conf.erb +++ /dev/null @@ -1,7 +0,0 @@ -<% if !Array(@jvmarg).empty? -%> - - <% Array(@jvmarg).each do |arg| -%> - JVMArg "<%= arg %>" - <% end -%> - -<% end -%> diff --git a/module-collectd/templates/plugin/libvirt.conf.erb b/module-collectd/templates/plugin/libvirt.conf.erb deleted file mode 100644 index fa6fa6569..000000000 --- a/module-collectd/templates/plugin/libvirt.conf.erb +++ /dev/null @@ -1,28 +0,0 @@ - - Connection "<%= @connection %>" -<% if @refresh_interval != nil -%> - RefreshInterval <%= @refresh_interval %> -<% end -%> -<% if @domain != nil -%> - Domain "<%= @domain %>" -<% end -%> -<% if @block_device != nil -%> - BlockDevice "<%= @block_device %>" -<% end -%> -<% if @interface_device != nil -%> - InterfaceDevice "<%= @interface_device %>" -<% end -%> -<% if @ignore_selected != nil -%> - IgnoreSelected <%= @ignore_selected %> -<% end -%> -<% if @hostname_format != nil -%> - HostnameFormat "<%= @hostname_format %>" -<% end -%> -<% if @interface_format != nil - if @collectd_version and (scope.function_versioncmp([@collectd_version, '5']) >= 0) -%> - InterfaceFormat "<%= @interface_format %>" -<% else - scope.function_warning(['ignoring interface_format parameter because collectd_version is < 5 or undefined']) - end - end -%> - diff --git a/module-collectd/templates/plugin/logfile.conf.erb b/module-collectd/templates/plugin/logfile.conf.erb deleted file mode 100644 index be00123c3..000000000 --- a/module-collectd/templates/plugin/logfile.conf.erb +++ /dev/null @@ -1,8 +0,0 @@ - - LogLevel <%= @log_level %> - File "<%= @log_file %>" - Timestamp <%= @log_timestamp %> -<% if @collectd_version and (scope.function_versioncmp([@collectd_version, '4.10']) >= 0) -%> - PrintSeverity <%= @print_severity %> -<% end -%> - diff --git a/module-collectd/templates/plugin/match.tpl.erb b/module-collectd/templates/plugin/match.tpl.erb deleted file mode 100644 index 7bbddc483..000000000 --- a/module-collectd/templates/plugin/match.tpl.erb +++ /dev/null @@ -1,13 +0,0 @@ -<% @matches.each do |match| -%> - - Regex "<%= match['regex'] %>" -<% unless match['excluderegex'].nil? -%> - ExcludeRegex "<%= match['excluderegex'] %>" -<% end -%> - DSType "<%= match['dstype'] %>" - Type "<%= match['type'] %>" -<% if match['instance'] -%> - Instance "<%= match['instance'] %>" -<% end -%> - -<% end -%> diff --git a/module-collectd/templates/plugin/memcached.conf.erb b/module-collectd/templates/plugin/memcached.conf.erb deleted file mode 100644 index 86cf03ac3..000000000 --- a/module-collectd/templates/plugin/memcached.conf.erb +++ /dev/null @@ -1,4 +0,0 @@ - - Host "<%= @host %>" - Port <%= @port %> - diff --git a/module-collectd/templates/plugin/memory.conf.erb b/module-collectd/templates/plugin/memory.conf.erb deleted file mode 100644 index 899e4e0c8..000000000 --- a/module-collectd/templates/plugin/memory.conf.erb +++ /dev/null @@ -1,6 +0,0 @@ -<% if @collectd_version and (scope.function_versioncmp([@collectd_version, '5.5']) >= 0) -%> - - ValuesAbsolute = <%= @valuesabsolute %> - ValuesPercentage = <%= @valuespercentage %> - -<% end -%> diff --git a/module-collectd/templates/plugin/mongodb.conf.erb b/module-collectd/templates/plugin/mongodb.conf.erb deleted file mode 100644 index 10ef2ec1b..000000000 --- a/module-collectd/templates/plugin/mongodb.conf.erb +++ /dev/null @@ -1,15 +0,0 @@ - - ModulePath <%= @collectd_dir %> - Import 'mongodb' - - Host "<%= @db_host %>" - User "<%= @db_user %>" - Password "<%= @db_pass %>" -<% if @configured_dbs -%> - Port "<%= @db_port %>" -<% end -%> -<% if @configured_dbs -%> - Database "admin" <%= @configured_dbs.map {|d| "\"#{d}\"" }.join(' ') %> -<% end -%> - - diff --git a/module-collectd/templates/plugin/netlink.conf.erb b/module-collectd/templates/plugin/netlink.conf.erb deleted file mode 100644 index 5021e6ca0..000000000 --- a/module-collectd/templates/plugin/netlink.conf.erb +++ /dev/null @@ -1,18 +0,0 @@ - -<% @interfaces.each do |interface| -%> - Interface "<%= interface %>" -<% end -%> -<% @verboseinterfaces.each do |verboseinterface| -%> - VerboseInterface "<%= verboseinterface %>" -<% end -%> -<% @qdiscs.each do |qdisc| -%> - QDisc <%= qdisc %> -<% end -%> -<% @classes.each do |c| -%> - Class <%= c %> -<% end -%> -<% @filters.each do |filter| -%> - Filter <%= filter %> -<% end -%> - IgnoreSelected <%= @ignoreselected %> - diff --git a/module-collectd/templates/plugin/network.conf.erb b/module-collectd/templates/plugin/network.conf.erb deleted file mode 100644 index f7439b84f..000000000 --- a/module-collectd/templates/plugin/network.conf.erb +++ /dev/null @@ -1,15 +0,0 @@ - -<% if @timetolive -%> - TimeToLive <%= @timetolive %> -<% end -%> -<% if @maxpacketsize -%> - MaxPacketSize <%= @maxpacketsize %> -<% end -%> -<% unless @forward.nil? -%> - Forward "<%= @forward %>" -<% end -%> -<% unless @reportstats.nil? -%> - ReportStats "<%= @reportstats %>" -<% end -%> - - diff --git a/module-collectd/templates/plugin/network/listener.conf.erb b/module-collectd/templates/plugin/network/listener.conf.erb deleted file mode 100644 index e1d310ed4..000000000 --- a/module-collectd/templates/plugin/network/listener.conf.erb +++ /dev/null @@ -1,17 +0,0 @@ - -<% if @collectd_version and (scope.function_versioncmp([@collectd_version, '4.7']) >= 0) -%> - " "<%= @port %>"> -<% if @securitylevel -%> - SecurityLevel "<%= @securitylevel %>" -<% end -%> -<% if @authfile -%> - AuthFile "<%= @authfile %>" -<% end -%> -<% if @interface -%> - Interface "<%= @interface %>" -<% end %> - -<% else -%> - Listen "<%= @name %>" "<%= @port %>" -<% end -%> - diff --git a/module-collectd/templates/plugin/network/server.conf.erb b/module-collectd/templates/plugin/network/server.conf.erb deleted file mode 100644 index 417bf0674..000000000 --- a/module-collectd/templates/plugin/network/server.conf.erb +++ /dev/null @@ -1,23 +0,0 @@ - -<% if @collectd_version and (scope.function_versioncmp([@collectd_version, '4.7']) >= 0) -%> - " "<%= @port %>"> -<% if @securitylevel -%> - SecurityLevel "<%= @securitylevel %>" -<% end -%> -<% if @username -%> - Username "<%= @username %>" -<% end -%> -<% if @password -%> - Password "<%= @password %>" -<% end -%> -<% if @interface -%> - Interface "<%= @interface %>" -<% end %> - -<% else -%> - Server "<%= @name %>" "<%= @port %>" -<% end -%> -<% if ! @forward.nil? -%> - Forward <%= @forward %> -<% end -%> - diff --git a/module-collectd/templates/plugin/nginx.conf.erb b/module-collectd/templates/plugin/nginx.conf.erb deleted file mode 100644 index 66e90ea27..000000000 --- a/module-collectd/templates/plugin/nginx.conf.erb +++ /dev/null @@ -1,18 +0,0 @@ - - URL "<%= @url %>" -<% if @user -%> - User "<%= @user %>" -<% end -%> -<% if @password -%> - Password "<%= @password %>" -<% end -%> -<% unless @verifypeer.nil? -%> - VerifyPeer <%= @verifypeer %> -<% end -%> -<% unless @verifyhost.nil? -%> - VerifyHost <%= @verifyhost %> -<% end -%> -<% if @cacert -%> - CACert "<%= @cacert %>" -<% end -%> - diff --git a/module-collectd/templates/plugin/ntpd.conf.erb b/module-collectd/templates/plugin/ntpd.conf.erb deleted file mode 100644 index 881534671..000000000 --- a/module-collectd/templates/plugin/ntpd.conf.erb +++ /dev/null @@ -1,8 +0,0 @@ - - Host "<%= @host %>" - Port "<%= @port %>" - ReverseLookups <%= @reverselookups %> -<% if @collectd_version and scope.function_versioncmp([@collectd_version, '5.2']) > 0 -%> - IncludeUnitID <%= @includeunitid %> -<% end -%> - diff --git a/module-collectd/templates/plugin/openvpn.conf.erb b/module-collectd/templates/plugin/openvpn.conf.erb deleted file mode 100644 index ae416bc6d..000000000 --- a/module-collectd/templates/plugin/openvpn.conf.erb +++ /dev/null @@ -1,9 +0,0 @@ - -<% @statusfiles.each do |sf| -%> - StatusFile "<%= sf %>" -<% end -%> - ImprovedNamingSchema <%= @improvednamingschema %> - CollectCompression <%= @collectcompression %> - CollectIndividualUsers <%= @collectindividualusers %> - CollectUserCount <%= @collectusercount %> - diff --git a/module-collectd/templates/plugin/perl.conf.erb b/module-collectd/templates/plugin/perl.conf.erb deleted file mode 100644 index ac33d21e6..000000000 --- a/module-collectd/templates/plugin/perl.conf.erb +++ /dev/null @@ -1,2 +0,0 @@ -Include "<%= @conf_dir %>/perl/*.conf" - diff --git a/module-collectd/templates/plugin/perl/plugin.erb b/module-collectd/templates/plugin/perl/plugin.erb deleted file mode 100644 index a0a4e0a68..000000000 --- a/module-collectd/templates/plugin/perl/plugin.erb +++ /dev/null @@ -1,48 +0,0 @@ - -<% if @enable_debugger -%> - EnableDebugger "<% @enable_debugger %>" -<% end -%> -<% if @include_dir -%> -<% @include_dirs.each do |dir| -%> - IncludeDir "<%= dir %>" -<% end -%> -<% end -%> - LoadPlugin "<%= @module %>" -<% if ! @config.empty? -%> - "> -<% @config.each do |key,value| -%> -<% if value.is_a?(Array) -%> -<% value.each do |v| -%> - <%= key %> "<%= v %>" -<% end -%> -<% elsif value.is_a?(Hash) -%> - <<%=key%>> -<% value.each do |k,v| -%> -<% if v.is_a?(String) -%> - <%=k%> "<%=v%>" -<% elsif v.is_a?(Array) -%> -<% v.each do |l| -%> - <%= k %> "<%= l %>" -<% end -%> -<% elsif v.is_a?(Hash) -%> - <<%=k%>> -<% v.each do |i,j| -%> -<% if j.is_a?(Array) -%> -<% j.each do |k| -%> - <%=i%> "<%=k%>" -<% end -%> -<% else -%> - <%=i%> "<%=j%>" -<% end -%> -<% end -%> - > -<% end -%> -<% end -%> - > -<% else -%> - <%= key -%> "<%= value -%>" -<% end -%> -<% end -%> - -<% end -%> - diff --git a/module-collectd/templates/plugin/ping.conf.erb b/module-collectd/templates/plugin/ping.conf.erb deleted file mode 100644 index b1ed394c7..000000000 --- a/module-collectd/templates/plugin/ping.conf.erb +++ /dev/null @@ -1,23 +0,0 @@ - -<% @hosts.each do |host| -%> - Host "<%= host %>" -<% end -%> -<% if @interval %> - Interval "<%= @interval %>" -<% end -%> -<% if @timeout %> - Timeout "<%= @timeout %>" -<% end -%> -<% if @ttl %> - TTL "<%= @ttl %>" -<% end -%> -<% if @source_address %> - SourceAddress "<%= @source_address %>" -<% end -%> -<% if @device %> - Device "<%= @device %>" -<% end -%> -<% if @max_missed %> - MaxMissed "<%= @max_missed %>" -<% end -%> - diff --git a/module-collectd/templates/plugin/postgresql/database.conf.erb b/module-collectd/templates/plugin/postgresql/database.conf.erb deleted file mode 100644 index 9e1f5c7fa..000000000 --- a/module-collectd/templates/plugin/postgresql/database.conf.erb +++ /dev/null @@ -1,35 +0,0 @@ - "> -<% if @host -%> - Host "<%= @host %>" -<% end -%> -<% if @port -%> - Port "<%= @port %>" -<% end -%> -<% if @user -%> - User "<%= @user %>" -<% end -%> -<% if @password -%> - Password "<%= @password %>" -<% end -%> -<% if @interval -%> - Interval "<%= @interval %>" -<% end -%> -<% if @instance -%> - Instance "<%= @instance %>" -<% end -%> -<% if @service -%> - Service "<%= @service %>" -<% end -%> -<% if @krbsrvname -%> - KRBSrvName "<%= @krbsrvname %>" -<% end -%> -<% if @sslmode -%> - SSLMode "<%= @sslmode %>" -<% end -%> -<% if @writer -%> - Writer "<%= @writer %>" -<% end -%> -<% @query.each do |query| -%> - Query "<%= query %>" -<% end -%> - \ No newline at end of file diff --git a/module-collectd/templates/plugin/postgresql/query.conf.erb b/module-collectd/templates/plugin/postgresql/query.conf.erb deleted file mode 100644 index 145cdb4a9..000000000 --- a/module-collectd/templates/plugin/postgresql/query.conf.erb +++ /dev/null @@ -1,24 +0,0 @@ - > - Statement "<%= @statement %>" -<% @params.each do |param| -%> - Param "<%= @param %>" -<% end -%> -<% if @minversion -%> - MinVersion <%= @minversion %> -<% end -%> -<% if @maxversion -%> - MaxVersion <%= @maxversion %> -<% end -%> -<% @results.each do |result| -%> - - Type "<%= result['type'] %>" -<% if result['instanceprefix'] -%> - InstancePrefix "<%= result['instanceprefix'] %>" -<% end -%> -<% if result['instancesfrom'] -%> - InstancesFrom "<%= result['instancesfrom'] %>" -<% end -%> - ValuesFrom "<%= result['valuesfrom'] %>" - -<% end -%> - \ No newline at end of file diff --git a/module-collectd/templates/plugin/postgresql/writer.conf.erb b/module-collectd/templates/plugin/postgresql/writer.conf.erb deleted file mode 100644 index 1c6dbe857..000000000 --- a/module-collectd/templates/plugin/postgresql/writer.conf.erb +++ /dev/null @@ -1,6 +0,0 @@ - > - Statement "<%= @statement %>" -<% unless @storerates.nil? -%> - StoreRates <%= @storerates %> -<% end -%> - diff --git a/module-collectd/templates/plugin/protocols.conf.erb b/module-collectd/templates/plugin/protocols.conf.erb deleted file mode 100644 index acdee21ca..000000000 --- a/module-collectd/templates/plugin/protocols.conf.erb +++ /dev/null @@ -1,16 +0,0 @@ -<% if @values -%> - -<% -if @values - @values.each do |value| --%> - Value "<%= value %>" -<% - end -end --%> -<% if @ignore_selected != nil -%> - IgnoreSelected <%= @ignore_selected %> -<% end -%> - -<% end -%> diff --git a/module-collectd/templates/plugin/python/header.conf.erb b/module-collectd/templates/plugin/python/header.conf.erb deleted file mode 100644 index 3dbaad6b6..000000000 --- a/module-collectd/templates/plugin/python/header.conf.erb +++ /dev/null @@ -1,10 +0,0 @@ -# Generated by Puppet - -<% @module_dirs.sort.each do |path| -%> - ModulePath "<%= path %>" -<% end -%> -<% if @encoding -%> - Encoding <%= @encoding %> -<% end -%> - LogTraces <%= @logtraces %> - Interactive <%= @interactive %> diff --git a/module-collectd/templates/plugin/python/module.conf.erb b/module-collectd/templates/plugin/python/module.conf.erb deleted file mode 100644 index fabcf895e..000000000 --- a/module-collectd/templates/plugin/python/module.conf.erb +++ /dev/null @@ -1,7 +0,0 @@ - Import "<%= @module %>" - - "> - <%- @config.sort.each do |key,value| -%> - <%= key %> <%= value %> - <%- end -%> - diff --git a/module-collectd/templates/plugin/redis.conf.erb b/module-collectd/templates/plugin/redis.conf.erb deleted file mode 100644 index 7594ccf60..000000000 --- a/module-collectd/templates/plugin/redis.conf.erb +++ /dev/null @@ -1,17 +0,0 @@ -<% if @nodes -%> - -<% @nodes.each do |name,params| -%> - "> -<% if params['host'] -%> - Host "<%= params['host'] %>" -<% end -%> -<% if params['port'] -%> - Port "<%= params['port'] %>" -<% end -%> -<% if params['timeout'] -%> - Timeout <%= params['timeout'] %> -<% end -%> - -<% end -%> - -<% end -%> diff --git a/module-collectd/templates/plugin/rrdcached.conf.erb b/module-collectd/templates/plugin/rrdcached.conf.erb deleted file mode 100644 index 92917a88f..000000000 --- a/module-collectd/templates/plugin/rrdcached.conf.erb +++ /dev/null @@ -1,28 +0,0 @@ - - DaemonAddress "<%= @daemonaddress %>" - DataDir "<%= @datadir %>" -<% unless @createfiles.nil? -%> - CreateFiles <%= @createfiles %> -<% end -%> -<% unless @createfilesasync.nil? -%> - CreateFilesAsync <%= @createfilesasync %> -<% end -%> -<% if @stepsize -%> - StepSize "<%= @stepsize %>" -<% end -%> -<% if @heartbeat -%> - HeartBeat "<%= @heartbeat %>" -<% end -%> -<% if @rrarows -%> - RRARows "<%= @rrarows %>" -<% end -%> -<% @rratimespan.each do |timespan| -%> - RRATimespan "<%= timespan %>" -<% end -%> -<% if @xff -%> - XFF "<%= @xff %>" -<% end -%> -<% unless @collectstatistics.nil? -%> - CollectStatistics "<%= @collectstatistics %>" -<% end -%> - diff --git a/module-collectd/templates/plugin/rrdtool.conf.erb b/module-collectd/templates/plugin/rrdtool.conf.erb deleted file mode 100644 index 657b74191..000000000 --- a/module-collectd/templates/plugin/rrdtool.conf.erb +++ /dev/null @@ -1,12 +0,0 @@ - - DataDir "<%= @datadir %>" - CreateFilesAsync <%= @createfilesasync %> - RRARows <%= @rrarows %> -<% @rratimespan.each do |timespan| -%> - RRATimeSpan <%= timespan %> -<% end -%> - XFF <%= @xff %> - CacheFlush <%= @cacheflush %> - CacheTimeout <%= @cachetimeout %> - WritesPerSecond <%= @writespersecond %> - diff --git a/module-collectd/templates/plugin/sensors.conf.erb b/module-collectd/templates/plugin/sensors.conf.erb deleted file mode 100644 index 6a7dacc8a..000000000 --- a/module-collectd/templates/plugin/sensors.conf.erb +++ /dev/null @@ -1,13 +0,0 @@ - -<% if @sensorconfigfile -%> - SensorConfigFile "<%= @sensorconfigfile %>" -<% end -%> -<% if @sensors -%> -<% @sensors.each do |sensor| -%> - Sensor "<%= @sensor %>" -<% end -%> -<% end -%> -<% unless @ignoreselected.nil? -%> - IgnoreSelected "<%= @ignoreselected %>" -<% end -%> - diff --git a/module-collectd/templates/plugin/snmp.conf.erb b/module-collectd/templates/plugin/snmp.conf.erb deleted file mode 100644 index 39f65cf3f..000000000 --- a/module-collectd/templates/plugin/snmp.conf.erb +++ /dev/null @@ -1,32 +0,0 @@ -<% if @data or @hosts -%> - -<% @data.sort_by {|k,v| k}.each do |key,val| -%> - "> - Type "<%= val['Type'] %>" -<% if val['Table'] -%> - Table <%= val['Table'] %> -<% end -%> - Instance "<%= val['Instance'] %>" -<% if val['InstancePrefix'] -%> - InstancePrefix "<%= val['InstancePrefix'] %>" -<% end -%> - Values <% Array(val['Values']).each do |x| -%>"<%= x %>" <% end %> -<% if val['Scale'] -%> - Scale <%= val['Scale'] %> -<% end -%> -<% if val['Shift'] -%> - Shift <%= val['Shift'] %> -<% end -%> - -<% end -%> -<% @hosts.sort_by {|k,v| k}.each do |key,val| -%> - "> - Address "<%= val['Address'] %>" - Version <%= val['Version'] %> - Community "<%= val['Community'] %>" - Collect <% Array(val['Collect']).sort.each do |x| -%>"<%= x -%>" <% end %> - Interval <%= val['Interval'] %> - -<% end -%> - -<% end -%> diff --git a/module-collectd/templates/plugin/snmp/data.conf.erb b/module-collectd/templates/plugin/snmp/data.conf.erb deleted file mode 100644 index ca2ba6d58..000000000 --- a/module-collectd/templates/plugin/snmp/data.conf.erb +++ /dev/null @@ -1,17 +0,0 @@ - - "> - Type "<%= @type %>" - Table <%= @table_bool ? 'true' : 'false' %> - Instance "<%= @instance %>" -<% if @instanceprefix -%> - InstancePrefix "<%= @instanceprefix %>" -<% end -%> - Values <%= Array(@values).map { |x| %Q{"#{x}"} }.join(' ') %> -<% if @scale -%> - Scale <%= @scale %> -<% end -%> -<% if @shift -%> - Shift <%= @shift %> -<% end -%> - - diff --git a/module-collectd/templates/plugin/snmp/host.conf.erb b/module-collectd/templates/plugin/snmp/host.conf.erb deleted file mode 100644 index fc91cd02c..000000000 --- a/module-collectd/templates/plugin/snmp/host.conf.erb +++ /dev/null @@ -1,11 +0,0 @@ - - "> - Address "<%= @address %>" - Version <%= @version %> - Community "<%= @community %>" - Collect <%= Array(@collect).map { |x| %Q{"#{x}"} }.join(' ') %> - <%- if !@interval.nil? -%> - Interval <%= @interval %> - <%- end -%> - - diff --git a/module-collectd/templates/plugin/statsd.conf.erb b/module-collectd/templates/plugin/statsd.conf.erb deleted file mode 100644 index b9b5673c8..000000000 --- a/module-collectd/templates/plugin/statsd.conf.erb +++ /dev/null @@ -1,35 +0,0 @@ - -<% if @host -%> - Host "<%= @host %>" -<% end -%> -<% if @port -%> - Port <%= @port %> -<% end -%> -<% unless @deletecounters.nil? -%> - DeleteCounters <%= @deletecounters %> -<% end -%> -<% unless @deletetimers.nil? -%> - DeleteTimers <%= @deletetimers %> -<% end -%> -<% unless @deletegauges.nil? -%> - DeleteGauges <%= @deletegauges %> -<% end -%> -<% unless @deletesets.nil? -%> - Deletesets <%= @deletesets %> -<% end -%> -<% if @timerpercentile -%> - TimerPercentile <%= @timerpercentile %> -<% end -%> -<% if @timerupper -%> - TimerUpper <%= @timerupper %> -<% end -%> -<% if @timerlower -%> - TimerLower <%= @timerlower %> -<% end -%> -<% if @timersum -%> - TimerSum <%= @timersum %> -<% end -%> -<% if @timercount -%> - TimerCount <%= @timercount %> -<% end -%> - diff --git a/module-collectd/templates/plugin/swap.conf.erb b/module-collectd/templates/plugin/swap.conf.erb deleted file mode 100644 index ff1047535..000000000 --- a/module-collectd/templates/plugin/swap.conf.erb +++ /dev/null @@ -1,10 +0,0 @@ - - ReportByDevice <%= @reportbydevice %> -<% if @collectd_version and scope.function_versioncmp([@collectd_version, '5.2']) > 0 -%> - ReportBytes <%= @reportbytes %> -<% end -%> -<% if @collectd_version and scope.function_versioncmp([@collectd_version, '5.5']) > 0 -%> - ValuesAbsolute = <%= @valuesabsolute %> - ValuesPercentage = <%= @valuespercentage %> -<% end -%> - diff --git a/module-collectd/templates/plugin/syslog.conf.erb b/module-collectd/templates/plugin/syslog.conf.erb deleted file mode 100644 index af92b61e5..000000000 --- a/module-collectd/templates/plugin/syslog.conf.erb +++ /dev/null @@ -1,3 +0,0 @@ - - LogLevel <%= @log_level %> - diff --git a/module-collectd/templates/plugin/target_v5upgrade.conf.erb b/module-collectd/templates/plugin/target_v5upgrade.conf.erb deleted file mode 100644 index 271d671ba..000000000 --- a/module-collectd/templates/plugin/target_v5upgrade.conf.erb +++ /dev/null @@ -1,3 +0,0 @@ - - Target "v5upgrade" - diff --git a/module-collectd/templates/plugin/tcpconns.conf.erb b/module-collectd/templates/plugin/tcpconns.conf.erb deleted file mode 100644 index 687bb63be..000000000 --- a/module-collectd/templates/plugin/tcpconns.conf.erb +++ /dev/null @@ -1,19 +0,0 @@ - - -<% if @listening -%> - ListeningPorts <%= @listening %> -<% end -%> -<% if @localports -%> -<% @localports.each do |localport| -%> - LocalPort "<%= localport %>" -<% end -%> -<% end -%> -<% if @remoteports -%> -<% @remoteports.each do |remoteport| -%> - RemotePort "<%= remoteport %>" -<% end -%> -<% end -%> -<% if @allportssummary and @collectd_version and (scope.function_versioncmp([@collectd_version, '5.5.0']) >= 0) -%> - AllPortsSummary <%= @allportssummary %> -<% end -%> - diff --git a/module-collectd/templates/plugin/unixsock.conf.erb b/module-collectd/templates/plugin/unixsock.conf.erb deleted file mode 100644 index 844d7e727..000000000 --- a/module-collectd/templates/plugin/unixsock.conf.erb +++ /dev/null @@ -1,8 +0,0 @@ - - SocketFile "<%= @socketfile %>" - SocketGroup "<%= @socketgroup %>" - SocketPerms "<%= @socketperms %>" -<% if @collectd_version and (scope.function_versioncmp([@collectd_version, '5']) >= 0) -%> - DeleteSocket "<%= @deletesocket %>" -<% end -%> - diff --git a/module-collectd/templates/plugin/varnish.conf.erb b/module-collectd/templates/plugin/varnish.conf.erb deleted file mode 100644 index da5b89c57..000000000 --- a/module-collectd/templates/plugin/varnish.conf.erb +++ /dev/null @@ -1,9 +0,0 @@ - -<% @instances.each do |instance,params| -%> - "> -<% params.sort.each do |k,v| -%> - <%= k %> <%= v %> -<% end -%> - -<% end -%> - diff --git a/module-collectd/templates/plugin/vmem.conf.erb b/module-collectd/templates/plugin/vmem.conf.erb deleted file mode 100644 index 9582d1a06..000000000 --- a/module-collectd/templates/plugin/vmem.conf.erb +++ /dev/null @@ -1,3 +0,0 @@ - - Verbose <%= @verbose %> - diff --git a/module-collectd/templates/plugin/write_graphite/carbon.conf.erb b/module-collectd/templates/plugin/write_graphite/carbon.conf.erb deleted file mode 100644 index 5094a1135..000000000 --- a/module-collectd/templates/plugin/write_graphite/carbon.conf.erb +++ /dev/null @@ -1,24 +0,0 @@ -<%- if @collectd_version and (scope.function_versioncmp([@collectd_version, '5.3']) >= 0) -%> -"> -<%- else -%> - -<%- end -%> - Host "<%= @graphitehost %>" - Port "<%= @graphiteport %>" - Prefix "<%= @graphiteprefix %>" -<%- if @graphitepostfix -%> - Postfix "<%= @graphitepostfix %>" -<%- end -%> - EscapeCharacter "<%= @escapecharacter %>" - StoreRates <%= @storerates %> - AlwaysAppendDS <%= @alwaysappendds %> - SeparateInstances <%= @separateinstances %> -<%- if @collectd_version and (scope.function_versioncmp([@collectd_version, '5.4']) >= 0) -%> - LogSendErrors <%= @logsenderrors %> - Protocol "<%= @protocol %>" -<%- end -%> -<%- if @collectd_version and (scope.function_versioncmp([@collectd_version, '5.3']) >= 0) -%> - -<%- else -%> - -<%- end -%> diff --git a/module-collectd/templates/plugin/write_http.conf.erb b/module-collectd/templates/plugin/write_http.conf.erb deleted file mode 100644 index 281698989..000000000 --- a/module-collectd/templates/plugin/write_http.conf.erb +++ /dev/null @@ -1,27 +0,0 @@ - -<% @urls.each do |name,values| -%> - "> -<% if values['user'] -%> - User "<%= values['user'] %>" -<% end -%> -<% if values['password'] -%> - Password "<%= values['password'] %>" -<% end -%> -<% unless values['verifypeer'].nil? -%> - VerifyPeer "<%= values['verifypeer'] %>" -<% end -%> -<% unless values['verifyhost'].nil? -%> - VerifyHost "<%= values['verifyhost'] %>" -<% end -%> -<% if values['cacert'] -%> - CACert "<%= values['cacert'] %>" -<% end -%> -<% if values['format'] -%> - Format "<%= values['format'] %>" -<% end -%> -<% if values['storerates'] -%> - StoreRates <%= values['storerates'] %> -<% end -%> - -<% end -%> - diff --git a/module-collectd/templates/plugin/write_riemann.conf.erb b/module-collectd/templates/plugin/write_riemann.conf.erb deleted file mode 100644 index b8b2b3fa7..000000000 --- a/module-collectd/templates/plugin/write_riemann.conf.erb +++ /dev/null @@ -1,9 +0,0 @@ - - - Host "<%= @riemann_host %>" - Port "<%= @riemann_port %>" - Protocol <%= @protocol %> - StoreRates <%= @store_rates %> - AlwaysAppendDS <%= @always_append_ds %> - - diff --git a/module-collectd/templates/plugin/write_sensu.conf.erb b/module-collectd/templates/plugin/write_sensu.conf.erb deleted file mode 100644 index f5e46c84f..000000000 --- a/module-collectd/templates/plugin/write_sensu.conf.erb +++ /dev/null @@ -1,26 +0,0 @@ -LoadPlugin "write_sensu" - - Attribute "production" "true" - Tag "appserver" - - Host "<%= @sensu_host %>" - Port "<%= @sensu_port %>" - EventServicePrefix "collectd/" - Separator "/" - StoreRates <%= @store_rates %> - AlwaysAppendDS <%= @always_append_ds %> - # Optionally specify Sensu handlers - Metrics <%= @metrics %> - <%- if @metrics -%> - MetricHandler "<%= @metrics_handler %>" - <%- else -%> - #MetricHandler "<%= @metrics_handler %>" - <%- end -%> - Notifications <%= @notifications %> - <%- if @notifications -%> - NotificationHandler "<%= @notifs_handler %>" - <%- else -%> - #NotificationHandler "<%= @notifs_handler %>" - <%- end -%> - - \ No newline at end of file diff --git a/module-collectd/templates/tail-file.conf.erb b/module-collectd/templates/tail-file.conf.erb deleted file mode 100644 index 157d6de88..000000000 --- a/module-collectd/templates/tail-file.conf.erb +++ /dev/null @@ -1,15 +0,0 @@ -# Generated by Puppet - - - "> - Instance "<%= @instance %>" -<% @matches.each do |match| -%> - - Regex "<%= match['regex'] %>" - DSType "<%= match['dstype'] %>" - Type "<%= match['type'] %>" - Instance "<%= match['instance'] %>" - -<% end -%> - - diff --git a/module-collectd/tests/init.pp b/module-collectd/tests/init.pp deleted file mode 100644 index 4b0a87df7..000000000 --- a/module-collectd/tests/init.pp +++ /dev/null @@ -1 +0,0 @@ -include collectd diff --git a/module-collectd/tests/plugin.pp b/module-collectd/tests/plugin.pp deleted file mode 100644 index d3ebf8491..000000000 --- a/module-collectd/tests/plugin.pp +++ /dev/null @@ -1,19 +0,0 @@ -include collectd - -collectd::plugin { 'load': - ensure => 'present', -} - -collectd::plugin { 'battery': } -collectd::plugin { 'cpu': } -collectd::plugin { 'df': } -collectd::plugin { 'disk': } -collectd::plugin { 'entropy': } -collectd::plugin { 'interface': } -collectd::plugin { 'irq': } -collectd::plugin { 'iptables': } -collectd::plugin { 'memory': } -collectd::plugin { 'processes': } -collectd::plugin { 'swap': } -collectd::plugin { 'users': } -collects::plugin { 'cpufreq': } diff --git a/module-collectd/tests/plugins/ceph.pp b/module-collectd/tests/plugins/ceph.pp deleted file mode 100644 index c0670ad0f..000000000 --- a/module-collectd/tests/plugins/ceph.pp +++ /dev/null @@ -1,7 +0,0 @@ -include collectd - -class { 'collectd::plugin::ceph': - osds => [ 'osd.0', 'osd.1', 'osd.2'], -} - - diff --git a/module-collectd/tests/plugins/df.pp b/module-collectd/tests/plugins/df.pp deleted file mode 100644 index 1d9cb3282..000000000 --- a/module-collectd/tests/plugins/df.pp +++ /dev/null @@ -1,7 +0,0 @@ -include collectd - -class { 'collectd::plugin::df': - mountpoints => ['/u'], - fstypes => ['nfs', 'tmpfs','autofs','gpfs','proc','devpts'], - ignoreselected => true, -} diff --git a/module-collectd/tests/plugins/disk.pp b/module-collectd/tests/plugins/disk.pp deleted file mode 100644 index 763b88f28..000000000 --- a/module-collectd/tests/plugins/disk.pp +++ /dev/null @@ -1,6 +0,0 @@ -include collectd - -class { 'collectd::plugin::disk': - disks => ['/^dm/'], - ignoreselected => true, -} diff --git a/module-collectd/tests/plugins/filecount.pp b/module-collectd/tests/plugins/filecount.pp deleted file mode 100644 index 24c73f3e7..000000000 --- a/module-collectd/tests/plugins/filecount.pp +++ /dev/null @@ -1,20 +0,0 @@ -include collectd - -class { 'collectd::plugin::filecount': - directories => { - 'active' => '/var/spool/postfix/active', - 'incoming' => '/var/spool/postfix/incoming' - }, -} - -collectd::plugin::filecount::directory {'foodir': - path => '/path/to/dir' -} - -collectd::plugin::filecount::directory {'aborted-uploads': - path => '/var/spool/foo/upload', - pattern => '.part.*', - mtime => '5m', - recursive => true, - includehidden => true -} diff --git a/module-collectd/tests/plugins/graphite.pp b/module-collectd/tests/plugins/graphite.pp deleted file mode 100644 index 5e98ca44c..000000000 --- a/module-collectd/tests/plugins/graphite.pp +++ /dev/null @@ -1,5 +0,0 @@ -include collectd - -class { 'collectd::plugin::write_graphite': - graphitehost => 'graphite.cat.pdx.edu', -} diff --git a/module-collectd/tests/plugins/interface.pp b/module-collectd/tests/plugins/interface.pp deleted file mode 100644 index f01264a33..000000000 --- a/module-collectd/tests/plugins/interface.pp +++ /dev/null @@ -1,6 +0,0 @@ -include collectd - -class { 'collectd::plugin::interface': - interfaces => ['eth0', 'eth1'], - ignoreselected => true, -} diff --git a/module-collectd/tests/plugins/iptables.pp b/module-collectd/tests/plugins/iptables.pp deleted file mode 100644 index e1fec41d7..000000000 --- a/module-collectd/tests/plugins/iptables.pp +++ /dev/null @@ -1,8 +0,0 @@ -include collectd - -class { 'collectd::plugin::iptables': - chains => { - 'nat' => 'In_SSH', - 'filter' => 'HTTP' - }, -} diff --git a/module-collectd/tests/plugins/irq.pp b/module-collectd/tests/plugins/irq.pp deleted file mode 100644 index 14065d294..000000000 --- a/module-collectd/tests/plugins/irq.pp +++ /dev/null @@ -1,6 +0,0 @@ -include collectd - -class { 'collectd::plugin::irq': - irqs => ['7', '23'], - ignoreselected => true, -} diff --git a/module-collectd/tests/plugins/logfile.pp b/module-collectd/tests/plugins/logfile.pp deleted file mode 100644 index 4ee60e733..000000000 --- a/module-collectd/tests/plugins/logfile.pp +++ /dev/null @@ -1,5 +0,0 @@ -include collectd - -class { 'collectd::plugin::logfile': - log_level => 'debug', -} diff --git a/module-collectd/tests/plugins/memcached.pp b/module-collectd/tests/plugins/memcached.pp deleted file mode 100644 index 59c6d6adf..000000000 --- a/module-collectd/tests/plugins/memcached.pp +++ /dev/null @@ -1,7 +0,0 @@ -include collectd - -class { 'collectd::plugin::memcached': - host => '192.168.122.1', - port => '11211', -} - diff --git a/module-collectd/tests/plugins/mysql.pp b/module-collectd/tests/plugins/mysql.pp deleted file mode 100644 index 7eafd4f6b..000000000 --- a/module-collectd/tests/plugins/mysql.pp +++ /dev/null @@ -1,8 +0,0 @@ -include collectd - -collectd::plugin::mysql::database { 'puppetdb': - host => 'localhost', - username => 'stahmna', - password => 'yermom', - port => '3306', -} diff --git a/module-collectd/tests/plugins/netlink.pp b/module-collectd/tests/plugins/netlink.pp deleted file mode 100644 index 4a397d5eb..000000000 --- a/module-collectd/tests/plugins/netlink.pp +++ /dev/null @@ -1,10 +0,0 @@ -include collectd - -class { 'collectd::plugin::netlink': - interfaces => ['eth0', 'eth1'], - verboseinterfaces => ['ppp0'], - qdiscs => ['"eth0" "pfifo_fast-1:0"', '"ppp0"'], - classes => ['"ppp0" "htb-1:10"'], - filters => ['"ppp0" "u32-1:0"'], - ignoreselected => false, -} diff --git a/module-collectd/tests/plugins/network.pp b/module-collectd/tests/plugins/network.pp deleted file mode 100644 index 57da26ad8..000000000 --- a/module-collectd/tests/plugins/network.pp +++ /dev/null @@ -1,4 +0,0 @@ -class { 'collectd::plugin::network': - listen => 'mylistener', - listenport => '1234', -} diff --git a/module-collectd/tests/plugins/openvpn.pp b/module-collectd/tests/plugins/openvpn.pp deleted file mode 100644 index 285ecec8c..000000000 --- a/module-collectd/tests/plugins/openvpn.pp +++ /dev/null @@ -1,6 +0,0 @@ -include collectd - -class { 'collectd::plugin::openvpn': - collectindividualusers => false, - collectusercount => true, -} diff --git a/module-collectd/tests/plugins/perl.pp b/module-collectd/tests/plugins/perl.pp deleted file mode 100644 index cf5c1554e..000000000 --- a/module-collectd/tests/plugins/perl.pp +++ /dev/null @@ -1,54 +0,0 @@ -class { 'collectd': - purge_config => true, - purge => true, - recurse => true, -} - -class { 'collectd::plugin::perl': - order => 42 -} - -collectd::plugin::perl::plugin { 'foo': - include_dir => '/tmp', - module => 'Collectd::Plugins::Foo', - provider => 'file', - source => 'puppet:///modules/collectd/tests/Foo.pm', - destination => '/tmp', - order => 99, - config => { - 'foo' => 'bar', - 'key' => [ 'val1', 'val2' ], - } -} - -collectd::plugin::perl::plugin { 'bar': - module => 'B', - enable_debugger => 'DProf', - include_dir => ['/tmp', '/tmp/lib' ] -} - -#collectd::plugin::perl { -# 'openafs_vos': -# module => 'Collectd::Plugins::OpenAFS::VOS', -# provider => 'cpan', -# source => 'Collectd::Plugins::OpenAFS', -# config => {'VosBin' => '/usr/afsws/etc/vos'}, -#} - -collectd::plugin::perl::plugin { - 'baar': - module => 'Collectd::Plugins::Bar', - provider => 'package', - source => 'perl-Collectd-Plugins-Bar', - config => { - 'foo' => 'bar', - 'more' => { - 'complex' => 'structure', - 'no' => [ 'a', 'b' ], - 'yes' => { - 'last' => 'level', - 'and' => [ 'array' , 'thing' ] - }, - }, - }, -} diff --git a/module-collectd/tests/plugins/processes.pp b/module-collectd/tests/plugins/processes.pp deleted file mode 100644 index e333e4dd3..000000000 --- a/module-collectd/tests/plugins/processes.pp +++ /dev/null @@ -1,9 +0,0 @@ -include collectd - -class { 'collectd::plugin::processes': - processes => [ 'process1', 'process2' ], - process_matches => [ - { name => 'process-all', - regex => 'process[0-9]' }, - ], -} diff --git a/module-collectd/tests/plugins/snmp.pp b/module-collectd/tests/plugins/snmp.pp deleted file mode 100644 index 330cbf0a3..000000000 --- a/module-collectd/tests/plugins/snmp.pp +++ /dev/null @@ -1,22 +0,0 @@ -include collectd - -class {'collectd::plugin::snmp': - data => { - amavis_incoming_messages => { - 'Type' => 'counter', - 'Table' => false, - 'Instance' => 'amavis.inMsgs', - 'Values' => ['AMAVIS-MIB::inMsgs.0'] - } - }, - hosts => { - scan04 => { - 'Address' => '127.0.0.1', - 'Version' => 2, - 'Community' => 'public', - 'Collect' => ['amavis_incoming_messages'], - 'Interval' => 10 - } - }, -} - diff --git a/module-collectd/tests/plugins/syslog.pp b/module-collectd/tests/plugins/syslog.pp deleted file mode 100644 index c3e3c9f3d..000000000 --- a/module-collectd/tests/plugins/syslog.pp +++ /dev/null @@ -1,5 +0,0 @@ -include collectd - -class { 'collectd::plugin::syslog': - log_level => 'debug', -} diff --git a/module-collectd/tests/plugins/tail.pp b/module-collectd/tests/plugins/tail.pp deleted file mode 100644 index 26d749a6b..000000000 --- a/module-collectd/tests/plugins/tail.pp +++ /dev/null @@ -1,33 +0,0 @@ -include collectd - -collectd::plugin::tail::file { 'exim-log': - filename => '/var/log/exim4/mainlog', - instance => 'exim', - matches => [ - { - 'regex' => 'S=([1-9][0-9]*)', - 'dstype' => 'CounterAdd', - 'type' => 'ipt_bytes', - 'instance' => 'total', - }, - { - 'regex' => '\\', - 'dstype' => 'CounterInc', - 'type' => 'counter', - 'instance' => 'local_user', - } - ] -} - -collectd::plugin::tail::file { 'auth-log': - filename => '/var/log/auth.log', - instance => 'auth', - matches => [ - { - 'regex' => '\\', - 'dstype' => 'CounterInc', - 'type' => 'counter', - 'instance' => 'auth-publickey', - } - ] -} diff --git a/module-collectd/tests/plugins/tcpconns.pp b/module-collectd/tests/plugins/tcpconns.pp deleted file mode 100644 index bfdf1c561..000000000 --- a/module-collectd/tests/plugins/tcpconns.pp +++ /dev/null @@ -1,7 +0,0 @@ -include collectd - -class { 'collectd::plugin::tcpconns': - localports => ['25', '12026'], - remoteports => ['25'], - listening => false, -} diff --git a/module-collectd/tests/plugins/unixsock.pp b/module-collectd/tests/plugins/unixsock.pp deleted file mode 100644 index 0ecb72208..000000000 --- a/module-collectd/tests/plugins/unixsock.pp +++ /dev/null @@ -1,6 +0,0 @@ -include collectd - -class { 'collectd::plugin::unixsock': - socketfile => '/var/run/collectd-sock', - socketgroup => 'nagios', -} diff --git a/module-collectd/tests/purge.pp b/module-collectd/tests/purge.pp deleted file mode 100644 index c68e6db68..000000000 --- a/module-collectd/tests/purge.pp +++ /dev/null @@ -1,4 +0,0 @@ -class { 'collectd': - purge => true, - recurse => true, -} diff --git a/module-collectd/tests/purge_config.pp b/module-collectd/tests/purge_config.pp deleted file mode 100644 index 858dcc403..000000000 --- a/module-collectd/tests/purge_config.pp +++ /dev/null @@ -1,21 +0,0 @@ -class { 'collectd': - purge => true, - recurse => true, - purge_config => true, -} - - -collectd::plugin { 'battery': } -collectd::plugin { 'cpu': } -collectd::plugin { 'df': } -collectd::plugin { 'disk': } -collectd::plugin { 'entropy': } -collectd::plugin { 'interface': } -collectd::plugin { 'irq': } -collectd::plugin { 'iptables': } -collectd::plugin { 'load': } -collectd::plugin { 'memory': } -collectd::plugin { 'processes': } -collectd::plugin { 'swap': } -collectd::plugin { 'users': } - diff --git a/module-collectd/tests/typesdb.pp b/module-collectd/tests/typesdb.pp deleted file mode 100644 index 278ae7505..000000000 --- a/module-collectd/tests/typesdb.pp +++ /dev/null @@ -1,22 +0,0 @@ -$typesdb = '/etc/collectd/types.db' - -class { 'collectd': - typesdb => [ - $typesdb, - ], -} - -collectd::typesdb { $typesdb: } -collectd::type { - 'bytes': - target => $typesdb, - ds_type => 'GAUGE', - min => 0; - 'absolute': - target => $typesdb, - ds => 'absolute', - ds_type => 'ABSOLUTE', - ds_name => 'value', - min => '0', - max => 'U'; -} diff --git a/module-data/.gitignore b/module-data/.gitignore deleted file mode 100644 index d8fe4fa70..000000000 --- a/module-data/.gitignore +++ /dev/null @@ -1 +0,0 @@ -/.project diff --git a/module-data/Modulefile b/module-data/Modulefile deleted file mode 100644 index 976df9ccb..000000000 --- a/module-data/Modulefile +++ /dev/null @@ -1,6 +0,0 @@ -name 'ripienaar-module_data' -version '0.0.4' -description 'A hiera backend to allow the use of data while writing sharable modules' -project_page 'https://github.com/ripienaar/puppet-module-data' -license 'ASL 2.0' -author 'R.I.Pienaar ' diff --git a/module-data/README.md b/module-data/README.md deleted file mode 100644 index d1409ecb9..000000000 --- a/module-data/README.md +++ /dev/null @@ -1,61 +0,0 @@ -What? -===== - -While hiera does a decent job of separating code and data for users -it is quite difficult for module authors to use hiera to create reusable -modules. This is because the puppet backend is optional and even when -it is loaded the module author cannot influence the hierarchy. - -With this commit we add a new module_data backend that loads data from -within a module and allow the module author to set a hierarchy for this -data. - -The goal of this backend is to allow module authors to specify true -module default data in their modules but still allow users to override -the data using the standard method - especially useful with the puppet 3 -hiera integration. - -This backend is always loaded as the least important tier in the -hierarchy - unless a user choose to put it somewhere specific, but this -backend will always be enabled. - -Given a module layout: - - your_module - ├── data - │ ├── hiera.yaml - │ └── osfamily - │ ├── Debian.yaml - │ └── RedHat.yaml - └── manifests - └── init.pp - -The hiera.yaml is optional in this example it would be: - - --- - :hierarchy: - - osfamily/%{::osfamily} - - common - -But when no hiera.yaml exist in the module, the default would be: - - --- - :hierarchy: - - common - -The data directory is then a standard Hiera data store. - -Status? -------- - -This is but a first stab at turning my old pull request for ticket 16856 -into a standalone module that any > 3.0.0 Puppet user can depend on to -get this essential feature. - -Some more testing is needed, sanity checking for support versions etc so -consider this a early feedback-saught release - -Contact? --------- - -R.I.Pienaar / rip@devco.net / @ripienaar / http://devco.net diff --git a/module-data/lib/hiera/backend/module_data_backend.rb b/module-data/lib/hiera/backend/module_data_backend.rb deleted file mode 100644 index 4dabd02f4..000000000 --- a/module-data/lib/hiera/backend/module_data_backend.rb +++ /dev/null @@ -1,100 +0,0 @@ -class Hiera - module Backend - class Module_data_backend - def initialize(cache=nil) - require 'yaml' - require 'hiera/filecache' - - Hiera.debug("Hiera Module Data backend starting") - - @cache = cache || Filecache.new - end - - def load_module_config(module_name, environment) - default_config = {:hierarchy => ["common"]} - - mod = Puppet::Module.find(module_name, environment) || Puppet::Module.find(module_name) - - return default_config unless mod - - path = mod.path - module_config = File.join(path, "data", "hiera.yaml") - config = {} - - if File.exist?(module_config) - Hiera.debug("Reading config from %s file" % module_config) - config = load_data(module_config) - end - - config["path"] = path - - default_config.merge(config) - end - - def load_data(path) - return {} unless File.exist?(path) - - @cache.read(path, Hash, {}) do |data| - if path.end_with? "/hiera.yaml" - YAML.load(data, :deserialize_symbols => true) - else - YAML.load(data) - end - end - end - - def lookup(key, scope, order_override, resolution_type) - answer = nil - - Hiera.debug("Looking up %s in Module Data backend" % key) - - module_name = begin - scope["module_name"] - rescue Puppet::ParseError # Gets thrown if not in a module and strict_variables = true - end - - unless module_name - Hiera.debug("Skipping Module Data backend as this does not look like a module") - return answer - end - - config = load_module_config(scope["module_name"], scope["::environment"]) - unless config["path"] - Hiera.debug("Could not find a path to the module '%s' in environment '%s'" % [scope["module_name"], scope["::environment"]]) - return answer - end - - config[:hierarchy].insert(0, order_override) if order_override - config[:hierarchy].each do |source| - source = File.join(config["path"], "data", "%s.yaml" % Backend.parse_string(source, scope)) - - Hiera.debug("Looking for data in source %s" % source) - data = load_data(source) - - raise("Data loaded from %s should be a hash but got %s" % [source, data.class]) unless data.is_a?(Hash) - - next if data.empty? - next unless data.include?(key) - - new_answer = Backend.parse_answer(data[key], scope) - case resolution_type - when :array - raise("Hiera type mismatch: expected Array and got %s" % new_answer.class) unless (new_answer.kind_of?(Array) || new_answer.kind_of?(String)) - answer ||= [] - answer << new_answer - - when :hash - raise("Hiera type mismatch: expected Hash and got %s" % new_answer.class) unless new_answer.kind_of?(Hash) - answer ||= {} - answer = Backend.merge_answer(new_answer, answer) - else - answer = new_answer - break - end - end - - return answer - end - end - end -end diff --git a/module-data/lib/puppet/indirector/data_binding/hiera.rb b/module-data/lib/puppet/indirector/data_binding/hiera.rb deleted file mode 100644 index df8c8ba6b..000000000 --- a/module-data/lib/puppet/indirector/data_binding/hiera.rb +++ /dev/null @@ -1,75 +0,0 @@ -require "hiera" -require "hiera/config" -require "hiera/scope" - -begin - require 'puppet/indirector/hiera' -rescue LoadError => e - begin - require "puppet/indirector/code" - rescue LoadError => e - $stderr.puts "Couldn't require either of puppet/indirector/{hiera,code}!" - end -end - - -class Hiera::Config - class << self - alias :old_load :load unless respond_to?(:old_load) - - def load(source) - old_load(source) - - @config[:backends] << "module_data" unless @config[:backends].include?("module_data") - - @config - end - end -end - -class Puppet::DataBinding::Hiera < Puppet::Indirector::Code - desc "Retrieve data using Hiera." - - def initialize(*args) - if ! Puppet.features.hiera? - raise "Hiera terminus not supported without hiera library" - end - super - end - - if defined?(::Psych::SyntaxError) - DataBindingExceptions = [::StandardError, ::Psych::SyntaxError] - else - DataBindingExceptions = [::StandardError] - end - - def find(request) - hiera.lookup(request.key, nil, Hiera::Scope.new(request.options[:variables]), nil, nil) - rescue *DataBindingExceptions => detail - raise Puppet::DataBinding::LookupError.new(detail.message, detail) - end - - private - - def self.hiera_config - hiera_config = Puppet.settings[:hiera_config] - config = {} - - if File.exist?(hiera_config) - config = Hiera::Config.load(hiera_config) - else - Puppet.warning "Config file #{hiera_config} not found, using Hiera defaults" - end - - config[:logger] = 'puppet' - config - end - - def self.hiera - @hiera ||= Hiera.new(:config => hiera_config) - end - - def hiera - self.class.hiera - end -end diff --git a/module-data/metadata.json b/module-data/metadata.json deleted file mode 100644 index 44df666d8..000000000 --- a/module-data/metadata.json +++ /dev/null @@ -1,10 +0,0 @@ -{ - "author": "R.I.Pienaar ", - "license": "ASL 2.0", - "name": "ripienaar-module_data", - "project_page": "https://github.com/ripienaar/puppet-module-data", - "source": "https://github.com/ripienaar/puppet-module-data.git", - "summary": "A hiera backend to allow the use of data while writing sharable modules", - "version": "0.4.0", - "dependencies": [] -} diff --git a/mongodb/.fixtures.yml b/mongodb/.fixtures.yml deleted file mode 100644 index 5ef41aa6b..000000000 --- a/mongodb/.fixtures.yml +++ /dev/null @@ -1,8 +0,0 @@ -fixtures: - repositories: - "stdlib": "git://github.com/puppetlabs/puppetlabs-stdlib.git" - "apt": - repo: "git://github.com/puppetlabs/puppetlabs-apt.git" - branch: "1.8.x" - symlinks: - "mongodb": "#{source_dir}" diff --git a/mongodb/.gitattributes b/mongodb/.gitattributes deleted file mode 100644 index 900ea0cbb..000000000 --- a/mongodb/.gitattributes +++ /dev/null @@ -1,5 +0,0 @@ -#This file is generated by ModuleSync, do not edit. -*.rb eol=lf -*.erb eol=lf -*.pp eol=lf -*.sh eol=lf diff --git a/mongodb/.gitignore b/mongodb/.gitignore deleted file mode 100644 index dd126f2fb..000000000 --- a/mongodb/.gitignore +++ /dev/null @@ -1,11 +0,0 @@ -#This file is generated by ModuleSync, do not edit. -pkg/ -Gemfile.lock -vendor/ -spec/fixtures/ -.vagrant/ -.bundle/ -coverage/ -log/ -.idea/ -*.iml diff --git a/mongodb/.nodeset.yml b/mongodb/.nodeset.yml deleted file mode 100644 index 767f9cd2f..000000000 --- a/mongodb/.nodeset.yml +++ /dev/null @@ -1,31 +0,0 @@ ---- -default_set: 'centos-64-x64' -sets: - 'centos-59-x64': - nodes: - "main.foo.vm": - prefab: 'centos-59-x64' - 'centos-64-x64': - nodes: - "main.foo.vm": - prefab: 'centos-64-x64' - 'fedora-18-x64': - nodes: - "main.foo.vm": - prefab: 'fedora-18-x64' - 'debian-607-x64': - nodes: - "main.foo.vm": - prefab: 'debian-607-x64' - 'debian-70rc1-x64': - nodes: - "main.foo.vm": - prefab: 'debian-70rc1-x64' - 'ubuntu-server-10044-x64': - nodes: - "main.foo.vm": - prefab: 'ubuntu-server-10044-x64' - 'ubuntu-server-12042-x64': - nodes: - "main.foo.vm": - prefab: 'ubuntu-server-12042-x64' diff --git a/mongodb/.rspec b/mongodb/.rspec deleted file mode 100644 index 16f9cdb01..000000000 --- a/mongodb/.rspec +++ /dev/null @@ -1,2 +0,0 @@ ---color ---format documentation diff --git a/mongodb/.travis.yml b/mongodb/.travis.yml deleted file mode 100644 index 588fb5b00..000000000 --- a/mongodb/.travis.yml +++ /dev/null @@ -1,20 +0,0 @@ -#This file is generated by ModuleSync, do not edit. ---- -sudo: false -language: ruby -cache: bundler -bundler_args: --without system_tests -script: "bundle exec rake validate lint spec" -matrix: - fast_finish: true - include: - - rvm: 2.1.6 - env: PUPPET_GEM_VERSION="~> 4.0" STRICT_VARIABLES="yes" - - rvm: 2.1.5 - env: PUPPET_GEM_VERSION="~> 3.0" FUTURE_PARSER="yes" - - rvm: 2.1.5 - env: PUPPET_GEM_VERSION="~> 3.0" - - rvm: 1.9.3 - env: PUPPET_GEM_VERSION="~> 3.0" -notifications: - email: false diff --git a/mongodb/CHANGELOG.md b/mongodb/CHANGELOG.md deleted file mode 100644 index 1d9c29c7a..000000000 --- a/mongodb/CHANGELOG.md +++ /dev/null @@ -1,153 +0,0 @@ -## 2016-02-08 - Release 0.12.0 -### Summary -There are a number of bugfixes and features added in this release including, mongo db 3 engine support, ipv6 support and repo and yum improvements. - -#### Features -- Distinguish between repo and package mgmt -- Immplement retries for MongoDB shell commands -- Initiate replica set creation from localhost if auth is enabled -- Added specific service provider for Debian -- mongo db 3 engine selection support -- added an option to set a custom repository location -- Improve support for MongoDB authentication and replicaset -- Add yum proxy options -- Enable IPv6 in mongodb provider - -#### Bugfixes -- Fix mongodb_user username => name -- ensure that the client install does not start before the repo setup -- Fix replset not working on mongo 3.x -- Prealloc setting needs to be negated -- Add mongoDB >=3.x new yum repo location -- Add pidfilepath to globals when used in params -- Normalize spacing in template -- Switch to comparing current roles value with @property -- Fix versioncmp when version is undef -- Do not add blank parameter in ipv4 -- Apply module sync - -## 2015-06-22 - Release 0.11.0 -### Summary - -#### Features -- Add arbiter support to to `mongodb_replset` -- Add `mongod_service_manage`, `mongos_service_manage`, and `ipv6` to `mongodb::globals` -- Add `service_manage`, `unitxsocketprefix`, `pidfilepath`, `logpath`, `fork`, `bind_ip`, `port`, and `restart` to `mongodb::mongos` class -- Add `key`, `ipv6`, `service_manage`, and `restart` to `mongodb::server` class -- Allow mongodb\_conn\_validator to take an array of nodes via composite namevar - -#### Bugfixes -- Update to long apt repo key and bump compatibility to include apt 2 -- Fix `nohttpinterface` on >= 2.6 -- Fix connection validation when bind\_ip is 0.0.0.0 -- Fix mongodb\_conn\_validator to use default port in shard mode - -##2015-01-13 - Release 0.10.0 -###Summary - -This release adds a number of significant features and several bug fixes. - -####Features -- Adds support for sharding -- Adds support for RHEL 7 -- Adds rudimentary support for SSL configuration -- Adds support for the enterprise repository - -####Bugfixes -- Fixes support for running on non-default ports -- Fixes the idempotency of password setting (for mongo 2.6) - -##2014-11-25 - Release 0.9.0 -###Summary - -This release has a number of new parameters, support for 2.6, improved providers, and several bugfixes. - -####Features -- New parameters: `mongodb::globals` - - `$service_ensure` - - `$service_enable` -- New parameters: `mongodb` - - `$quiet` -- New parameters: `mongodb::server` - - `$service_ensure` - - `$service_enable` - - `$quiet` - - `$config_content` -- Support for mongodb 2.6 -- Reimplement `mongodb_user` and `mongodb_database` provider -- Added `mongodb_conn_validator` type - -####Bugfixes -- Use hkp for the apt keyserver -- Fix mongodb database existance check -- Fix `$server_package_name` problem (MODULES-690) -- Make sure `pidfilepath` doesn't have any spaces -- Providers need the client command before they can work (MODULES-1285) - -##2014-05-27 - Release 0.8.0 -###Summary - -This feature features a rewritten mongodb_replset{} provider, includes several -important bugfixes, ruby 1.8 support, and two new features. - -####Features -- Rewritten mongodb_replset{}, featuring puppet resource support, prefetching, -and flushing. -- Add Ruby 1.8 compatibility. -- Adds `syslog`, allowing you to configure mongodb to send all logging to the hosts syslog. -- Add mongodb::replset, a wrapper class for hiera users. -- Improved testing! - -####Bugfixes -- Fixes the package names to work since 10gen renamed them again. -- Fix provider name in the README. -- Disallow `nojournal` and `journal` to be set at the same time. -- Changed - to = for versioned install on Ubuntu. - -##2014-1-29 - Release 0.7.0 -###Summary - -Added Replica Set Type and Provider - -##2014-1-17 - Release 0.6.0 -###Summary - -Added support for installing MongoDB client on -RHEL family systems. - -##2014-01-10 Release 0.5.0 -###Summary - -Added types for providers for Mongo users and databases. - -##2013-12 Release 0.4.0 - -Major refactoring of the MongoDB module. Includes a new 'mongodb::globals' -that consolidates many shared parameters into one location. This is an -API-breaking release in anticipation of a 1.0 release. - -##2013-10-31 - Release 0.3.0 -###Summary - -Adds a number of parameters and fixes some platform -specific bugs in module deployment. - -##2013-09-25 - Release 0.2.0 -###Summary - -This release fixes a duplicate parameter. - -####Bugfixes -- Fix a duplicated parameter. - -##2012-07-13 - Release 0.1.0 -- Add support for RHEL/CentOS -- Change default mongodb install location to OS repo - -##2012-05-29 - Release 0.0.2 -- Fix Modulefile typo. -- Remove repo pin. -- Update spec tests and add travis support. - -##2012-05-03 - Release 0.0.1 -- Initial Release. diff --git a/mongodb/CONTRIBUTING.md b/mongodb/CONTRIBUTING.md deleted file mode 100644 index bfeaa701c..000000000 --- a/mongodb/CONTRIBUTING.md +++ /dev/null @@ -1,220 +0,0 @@ -Checklist (and a short version for the impatient) -================================================= - - * Commits: - - - Make commits of logical units. - - - Check for unnecessary whitespace with "git diff --check" before - committing. - - - Commit using Unix line endings (check the settings around "crlf" in - git-config(1)). - - - Do not check in commented out code or unneeded files. - - - The first line of the commit message should be a short - description (50 characters is the soft limit, excluding ticket - number(s)), and should skip the full stop. - - - Associate the issue in the message. The first line should include - the issue number in the form "(#XXXX) Rest of message". - - - The body should provide a meaningful commit message, which: - - - uses the imperative, present tense: "change", not "changed" or - "changes". - - - includes motivation for the change, and contrasts its - implementation with the previous behavior. - - - Make sure that you have tests for the bug you are fixing, or - feature you are adding. - - - Make sure the test suites passes after your commit: - `bundle exec rspec spec/acceptance` More information on [testing](#Testing) below - - - When introducing a new feature, make sure it is properly - documented in the README.md - - * Submission: - - * Pre-requisites: - - - Make sure you have a [GitHub account](https://github.com/join) - - - [Create a ticket](https://tickets.puppetlabs.com/secure/CreateIssue!default.jspa), or [watch the ticket](https://tickets.puppetlabs.com/browse/) you are patching for. - - * Preferred method: - - - Fork the repository on GitHub. - - - Push your changes to a topic branch in your fork of the - repository. (the format ticket/1234-short_description_of_change is - usually preferred for this project). - - - Submit a pull request to the repository in the puppetlabs - organization. - -The long version -================ - - 1. Make separate commits for logically separate changes. - - Please break your commits down into logically consistent units - which include new or changed tests relevant to the rest of the - change. The goal of doing this is to make the diff easier to - read for whoever is reviewing your code. In general, the easier - your diff is to read, the more likely someone will be happy to - review it and get it into the code base. - - If you are going to refactor a piece of code, please do so as a - separate commit from your feature or bug fix changes. - - We also really appreciate changes that include tests to make - sure the bug is not re-introduced, and that the feature is not - accidentally broken. - - Describe the technical detail of the change(s). If your - description starts to get too long, that is a good sign that you - probably need to split up your commit into more finely grained - pieces. - - Commits which plainly describe the things which help - reviewers check the patch and future developers understand the - code are much more likely to be merged in with a minimum of - bike-shedding or requested changes. Ideally, the commit message - would include information, and be in a form suitable for - inclusion in the release notes for the version of Puppet that - includes them. - - Please also check that you are not introducing any trailing - whitespace or other "whitespace errors". You can do this by - running "git diff --check" on your changes before you commit. - - 2. Sending your patches - - To submit your changes via a GitHub pull request, we _highly_ - recommend that you have them on a topic branch, instead of - directly on "master". - It makes things much easier to keep track of, especially if - you decide to work on another thing before your first change - is merged in. - - GitHub has some pretty good - [general documentation](http://help.github.com/) on using - their site. They also have documentation on - [creating pull requests](http://help.github.com/send-pull-requests/). - - In general, after pushing your topic branch up to your - repository on GitHub, you can switch to the branch in the - GitHub UI and click "Pull Request" towards the top of the page - in order to open a pull request. - - - 3. Update the related GitHub issue. - - If there is a GitHub issue associated with the change you - submitted, then you should update the ticket to include the - location of your branch, along with any other commentary you - may wish to make. - -Testing -======= - -Getting Started ---------------- - -Our puppet modules provide [`Gemfile`](./Gemfile)s which can tell a ruby -package manager such as [bundler](http://bundler.io/) what Ruby packages, -or Gems, are required to build, develop, and test this software. - -Please make sure you have [bundler installed](http://bundler.io/#getting-started) -on your system, then use it to install all dependencies needed for this project, -by running - -```shell -% bundle install -Fetching gem metadata from https://rubygems.org/........ -Fetching gem metadata from https://rubygems.org/.. -Using rake (10.1.0) -Using builder (3.2.2) --- 8><-- many more --><8 -- -Using rspec-system-puppet (2.2.0) -Using serverspec (0.6.3) -Using rspec-system-serverspec (1.0.0) -Using bundler (1.3.5) -Your bundle is complete! -Use `bundle show [gemname]` to see where a bundled gem is installed. -``` - -NOTE some systems may require you to run this command with sudo. - -If you already have those gems installed, make sure they are up-to-date: - -```shell -% bundle update -``` - -With all dependencies in place and up-to-date we can now run the tests: - -```shell -% bundle exec rake spec -``` - -This will execute all the [rspec tests](http://rspec-puppet.com/) tests -under [spec/defines](./spec/defines), [spec/classes](./spec/classes), -and so on. rspec tests may have the same kind of dependencies as the -module they are testing. While the module defines in its [Modulefile](./Modulefile), -rspec tests define them in [.fixtures.yml](./fixtures.yml). - -Some puppet modules also come with [beaker](https://github.com/puppetlabs/beaker) -tests. These tests spin up a virtual machine under -[VirtualBox](https://www.virtualbox.org/)) with, controlling it with -[Vagrant](http://www.vagrantup.com/) to actually simulate scripted test -scenarios. In order to run these, you will need both of those tools -installed on your system. - -You can run them by issuing the following command - -```shell -% bundle exec rake spec_clean -% bundle exec rspec spec/acceptance -``` - -This will now download a pre-fabricated image configured in the [default node-set](./spec/acceptance/nodesets/default.yml), -install puppet, copy this module and install its dependencies per [spec/spec_helper_acceptance.rb](./spec/spec_helper_acceptance.rb) -and then run all the tests under [spec/acceptance](./spec/acceptance). - -Writing Tests -------------- - -XXX getting started writing tests. - -If you have commit access to the repository -=========================================== - -Even if you have commit access to the repository, you will still need to -go through the process above, and have someone else review and merge -in your changes. The rule is that all changes must be reviewed by a -developer on the project (that did not write the code) to ensure that -all changes go through a code review process. - -Having someone other than the author of the topic branch recorded as -performing the merge is the record that they performed the code -review. - - -Additional Resources -==================== - -* [Getting additional help](http://puppetlabs.com/community/get-help) - -* [Writing tests](http://projects.puppetlabs.com/projects/puppet/wiki/Development_Writing_Tests) - -* [Patchwork](https://patchwork.puppetlabs.com) - -* [General GitHub documentation](http://help.github.com/) - -* [GitHub pull request documentation](http://help.github.com/send-pull-requests/) - diff --git a/mongodb/Gemfile b/mongodb/Gemfile deleted file mode 100644 index e490bc9b9..000000000 --- a/mongodb/Gemfile +++ /dev/null @@ -1,39 +0,0 @@ -#This file is generated by ModuleSync, do not edit. - -source ENV['GEM_SOURCE'] || "https://rubygems.org" - -def location_for(place, version = nil) - if place =~ /^(git[:@][^#]*)#(.*)/ - [version, { :git => $1, :branch => $2, :require => false}].compact - elsif place =~ /^file:\/\/(.*)/ - ['>= 0', { :path => File.expand_path($1), :require => false}] - else - [place, version, { :require => false}].compact - end -end - -group :development, :unit_tests do - gem 'json', :require => false - gem 'metadata-json-lint', :require => false - gem 'puppet_facts', :require => false - gem 'puppet-blacksmith', :require => false - gem 'puppetlabs_spec_helper', :require => false - gem 'rspec-puppet', '>= 2.3.2', :require => false - gem 'simplecov', :require => false -end -group :system_tests do - gem 'beaker-rspec', *location_for(ENV['BEAKER_RSPEC_VERSION'] || '>= 3.4') - gem 'beaker', *location_for(ENV['BEAKER_VERSION']) - gem 'serverspec', :require => false - gem 'beaker-puppet_install_helper', :require => false - gem 'master_manipulator', :require => false - gem 'beaker-hostgenerator', *location_for(ENV['BEAKER_HOSTGENERATOR_VERSION']) -end - -gem 'facter', *location_for(ENV['FACTER_GEM_VERSION']) -gem 'puppet', *location_for(ENV['PUPPET_GEM_VERSION']) - - -if File.exists? "#{__FILE__}.local" - eval(File.read("#{__FILE__}.local"), binding) -end diff --git a/mongodb/LICENSE b/mongodb/LICENSE deleted file mode 100644 index d64569567..000000000 --- a/mongodb/LICENSE +++ /dev/null @@ -1,202 +0,0 @@ - - Apache License - Version 2.0, January 2004 - http://www.apache.org/licenses/ - - TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION - - 1. Definitions. - - "License" shall mean the terms and conditions for use, reproduction, - and distribution as defined by Sections 1 through 9 of this document. - - "Licensor" shall mean the copyright owner or entity authorized by - the copyright owner that is granting the License. - - "Legal Entity" shall mean the union of the acting entity and all - other entities that control, are controlled by, or are under common - control with that entity. For the purposes of this definition, - "control" means (i) the power, direct or indirect, to cause the - direction or management of such entity, whether by contract or - otherwise, or (ii) ownership of fifty percent (50%) or more of the - outstanding shares, or (iii) beneficial ownership of such entity. - - "You" (or "Your") shall mean an individual or Legal Entity - exercising permissions granted by this License. - - "Source" form shall mean the preferred form for making modifications, - including but not limited to software source code, documentation - source, and configuration files. - - "Object" form shall mean any form resulting from mechanical - transformation or translation of a Source form, including but - not limited to compiled object code, generated documentation, - and conversions to other media types. - - "Work" shall mean the work of authorship, whether in Source or - Object form, made available under the License, as indicated by a - copyright notice that is included in or attached to the work - (an example is provided in the Appendix below). - - "Derivative Works" shall mean any work, whether in Source or Object - form, that is based on (or derived from) the Work and for which the - editorial revisions, annotations, elaborations, or other modifications - represent, as a whole, an original work of authorship. For the purposes - of this License, Derivative Works shall not include works that remain - separable from, or merely link (or bind by name) to the interfaces of, - the Work and Derivative Works thereof. - - "Contribution" shall mean any work of authorship, including - the original version of the Work and any modifications or additions - to that Work or Derivative Works thereof, that is intentionally - submitted to Licensor for inclusion in the Work by the copyright owner - or by an individual or Legal Entity authorized to submit on behalf of - the copyright owner. For the purposes of this definition, "submitted" - means any form of electronic, verbal, or written communication sent - to the Licensor or its representatives, including but not limited to - communication on electronic mailing lists, source code control systems, - and issue tracking systems that are managed by, or on behalf of, the - Licensor for the purpose of discussing and improving the Work, but - excluding communication that is conspicuously marked or otherwise - designated in writing by the copyright owner as "Not a Contribution." - - "Contributor" shall mean Licensor and any individual or Legal Entity - on behalf of whom a Contribution has been received by Licensor and - subsequently incorporated within the Work. - - 2. Grant of Copyright License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - copyright license to reproduce, prepare Derivative Works of, - publicly display, publicly perform, sublicense, and distribute the - Work and such Derivative Works in Source or Object form. - - 3. Grant of Patent License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - (except as stated in this section) patent license to make, have made, - use, offer to sell, sell, import, and otherwise transfer the Work, - where such license applies only to those patent claims licensable - by such Contributor that are necessarily infringed by their - Contribution(s) alone or by combination of their Contribution(s) - with the Work to which such Contribution(s) was submitted. If You - institute patent litigation against any entity (including a - cross-claim or counterclaim in a lawsuit) alleging that the Work - or a Contribution incorporated within the Work constitutes direct - or contributory patent infringement, then any patent licenses - granted to You under this License for that Work shall terminate - as of the date such litigation is filed. - - 4. Redistribution. You may reproduce and distribute copies of the - Work or Derivative Works thereof in any medium, with or without - modifications, and in Source or Object form, provided that You - meet the following conditions: - - (a) You must give any other recipients of the Work or - Derivative Works a copy of this License; and - - (b) You must cause any modified files to carry prominent notices - stating that You changed the files; and - - (c) You must retain, in the Source form of any Derivative Works - that You distribute, all copyright, patent, trademark, and - attribution notices from the Source form of the Work, - excluding those notices that do not pertain to any part of - the Derivative Works; and - - (d) If the Work includes a "NOTICE" text file as part of its - distribution, then any Derivative Works that You distribute must - include a readable copy of the attribution notices contained - within such NOTICE file, excluding those notices that do not - pertain to any part of the Derivative Works, in at least one - of the following places: within a NOTICE text file distributed - as part of the Derivative Works; within the Source form or - documentation, if provided along with the Derivative Works; or, - within a display generated by the Derivative Works, if and - wherever such third-party notices normally appear. The contents - of the NOTICE file are for informational purposes only and - do not modify the License. You may add Your own attribution - notices within Derivative Works that You distribute, alongside - or as an addendum to the NOTICE text from the Work, provided - that such additional attribution notices cannot be construed - as modifying the License. - - You may add Your own copyright statement to Your modifications and - may provide additional or different license terms and conditions - for use, reproduction, or distribution of Your modifications, or - for any such Derivative Works as a whole, provided Your use, - reproduction, and distribution of the Work otherwise complies with - the conditions stated in this License. - - 5. Submission of Contributions. Unless You explicitly state otherwise, - any Contribution intentionally submitted for inclusion in the Work - by You to the Licensor shall be under the terms and conditions of - this License, without any additional terms or conditions. - Notwithstanding the above, nothing herein shall supersede or modify - the terms of any separate license agreement you may have executed - with Licensor regarding such Contributions. - - 6. Trademarks. This License does not grant permission to use the trade - names, trademarks, service marks, or product names of the Licensor, - except as required for reasonable and customary use in describing the - origin of the Work and reproducing the content of the NOTICE file. - - 7. Disclaimer of Warranty. Unless required by applicable law or - agreed to in writing, Licensor provides the Work (and each - Contributor provides its Contributions) on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or - implied, including, without limitation, any warranties or conditions - of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A - PARTICULAR PURPOSE. You are solely responsible for determining the - appropriateness of using or redistributing the Work and assume any - risks associated with Your exercise of permissions under this License. - - 8. Limitation of Liability. In no event and under no legal theory, - whether in tort (including negligence), contract, or otherwise, - unless required by applicable law (such as deliberate and grossly - negligent acts) or agreed to in writing, shall any Contributor be - liable to You for damages, including any direct, indirect, special, - incidental, or consequential damages of any character arising as a - result of this License or out of the use or inability to use the - Work (including but not limited to damages for loss of goodwill, - work stoppage, computer failure or malfunction, or any and all - other commercial damages or losses), even if such Contributor - has been advised of the possibility of such damages. - - 9. Accepting Warranty or Additional Liability. While redistributing - the Work or Derivative Works thereof, You may choose to offer, - and charge a fee for, acceptance of support, warranty, indemnity, - or other liability obligations and/or rights consistent with this - License. However, in accepting such obligations, You may act only - on Your own behalf and on Your sole responsibility, not on behalf - of any other Contributor, and only if You agree to indemnify, - defend, and hold each Contributor harmless for any liability - incurred by, or claims asserted against, such Contributor by reason - of your accepting any such warranty or additional liability. - - END OF TERMS AND CONDITIONS - - APPENDIX: How to apply the Apache License to your work. - - To apply the Apache License to your work, attach the following - boilerplate notice, with the fields enclosed by brackets "[]" - replaced with your own identifying information. (Don't include - the brackets!) The text should be enclosed in the appropriate - comment syntax for the file format. We also recommend that a - file or class name and description of purpose be included on the - same "printed page" as the copyright notice for easier - identification within third-party archives. - - Copyright [yyyy] [name of copyright owner] - - Licensed under the Apache License, Version 2.0 (the "License"); - you may not use this file except in compliance with the License. - You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - - Unless required by applicable law or agreed to in writing, software - distributed under the License is distributed on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - See the License for the specific language governing permissions and - limitations under the License. diff --git a/mongodb/NOTICE b/mongodb/NOTICE deleted file mode 100644 index 09b00bde8..000000000 --- a/mongodb/NOTICE +++ /dev/null @@ -1,18 +0,0 @@ -mongodb puppet module - -Copyright (C) 2012-2016 Puppet Labs, Inc. - -Puppet Labs can be contacted at: info@puppetlabs.com - - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. diff --git a/mongodb/README.md b/mongodb/README.md deleted file mode 100644 index 780b1d40b..000000000 --- a/mongodb/README.md +++ /dev/null @@ -1,746 +0,0 @@ -# mongodb puppet module - -[![Build Status](https://travis-ci.org/puppetlabs/puppetlabs-mongodb.png?branch=master)](https://travis-ci.org/puppetlabs/puppetlabs-mongodb) - -####Table of Contents - -1. [Overview] (#overview) -2. [Module Description - What does the module do?](#module-description) -3. [Setup - The basics of getting started with mongodb](#setup) -4. [Usage - Configuration options and additional functionality](#usage) -5. [Reference - An under-the-hood peek at what the module is doing and how](#reference) -6. [Limitations - OS compatibility, etc.] (#limitations) -7. [Development - Guide for contributing to the module] (#development) - -## Overview - -Installs MongoDB on RHEL/Ubuntu/Debian from OS repo, or alternatively from -10gen repository [installation documentation](http://www.mongodb.org/display/DOCS/Ubuntu+and+Debian+packages). - -### Deprecation Warning ### - -This module is still in beta which means the API is subject to change in -backwards incompatible ways. If your project depends on an old API, please pin -your dependencies to the necessary version to ensure your environments don't break. - -The current module design is undergoing review for potential 1.0 release. We welcome -any feedback with regard to the APIs and patterns used in this release. - -##Module Description - -The MongoDB module manages mongod server installation and configuration of the -mongod daemon. For the time being it supports only a single MongoDB server -instance, without sharding functionality. - -For the 0.5 release, the MongoDB module now supports database and user types. - -For the 0.6 release, the MongoDB module now supports basic replicaset features -(initiating a replicaset and adding members, but without specific options). - -## Setup - -###What MongoDB affects - -* MongoDB package. -* MongoDB configuration files. -* MongoDB service. -* MongoDB client. -* MongoDB sharding support (mongos) -* 10gen/mongodb apt/yum repository. - -###Beginning with MongoDB - -If you just want a server installation with the default options you can run -`include '::mongodb::server'`. If you need to customize configuration -options you need to do the following: - -```puppet -class {'::mongodb::server': - port => 27018, - verbose => true, -} -``` - -For Red Hat family systems, the client can be installed in a similar fashion: - -```puppet -class {'::mongodb::client':} -``` - -Note that for Debian/Ubuntu family systems the client is installed with the -server. Using the client class will by default install the server. - -If one plans to configure sharding for a Mongo deployment, the module offer -the `mongos` installation. `mongos` can be installed the following way : - -```puppet -class {'::mongodb::mongos' : - configdb => ['configsvr1.example.com:27018'], -} -``` - -Although most distros come with a prepacked MongoDB server we recommend to -use the 10gen/MongoDB software repository, because most of the current OS -packages are outdated and not appropriate for a production environment. -To install MongoDB from 10gen repository: - -```puppet -class {'::mongodb::globals': - manage_package_repo => true, -}-> -class {'::mongodb::client': } -> -class {'::mongodb::server': } -``` - -If you don't want to use the 10gen/MongoDB software repository or the OS packages, -you can point the module to a custom one. -To install MongoDB from a custom repository: - -```puppet -class {'::mongodb::globals': - manage_package_repo => true, - repo_location => 'http://example.com/repo' -}-> -class {'::mongodb::server': }-> -class {'::mongodb::client': } -``` - -Having a local copy of MongoDB repository (that is managed by your private modules) -you can still enjoy the charms of `mongodb::params` that manage packages. -To disable managing of repository, but still enable managing packages: - -```puppet -class {'::mongodb::globals': - manage_package_repo => false, - manage_package => true, -}-> -class {'::mongodb::server': }-> -class {'::mongodb::client': } -``` - -## Usage - -Most of the interaction for the server is done via `mongodb::server`. For -more options please have a look at [mongodb::server](#class-mongodbserver). -Also in this version we introduced `mongodb::globals`, which is meant more -for future implementation, where you can configure the main settings for -this module in a global way, to be used by other classes and defined resources. -On its own it does nothing. - -### Create MongoDB database - -To install MongoDB server, create database "testdb" and user "user1" with password "pass1". - -```puppet -class {'::mongodb::server': - auth => true, -} - -mongodb::db { 'testdb': - user => 'user1', - password_hash => 'a15fbfca5e3a758be80ceaf42458bcd8', -} -``` -Parameter 'password_hash' is hex encoded md5 hash of "user1:mongo:pass1". -Unsafe plain text password could be used with 'password' parameter instead of 'password_hash'. - -## Reference - -### Classes - -####Public classes -* `mongodb::server`: Installs and configure MongoDB -* `mongodb::client`: Installs the MongoDB client shell (for Red Hat family systems) -* `mongodb::globals`: Configure main settings in a global way -* `mongodb::mongos`: Installs and configure Mongos server (for sharding support) - -####Private classes -* `mongodb::repo`: Manage 10gen/MongoDB software repository -* `mongodb::repo::apt`: Manage Debian/Ubuntu apt 10gen/MongoDB repository -* `mongodb::repo::yum`: Manage Redhat/CentOS apt 10gen/MongoDB repository -* `mongodb::server::config`: Configures MongoDB configuration files -* `mongodb::server::install`: Install MongoDB software packages -* `mongodb::server::service`: Manages service -* `mongodb::client::install`: Installs the MongoDB client software package -* `mongodb::mongos::config`: Configures Mongos configuration files -* `mongodb::mongos::install`: Install Mongos software packages -* `mongodb::mongos::service`: Manages Mongos service - -####Class: mongodb::globals -*Note:* most server specific defaults should be overridden in the `mongodb::server` -class. This class should only be used if you are using a non-standard OS or -if you are changing elements such as `version` or `manage_package_repo` that -can only be changed here. - -This class allows you to configure the main settings for this module in a -global way, to be used by the other classes and defined resources. On its -own it does nothing. - -#####`server_package_name` -This setting can be used to override the default MongoDB server package -name. If not specified, the module will use whatever package name is the -default for your OS distro. - -#####`service_name` -This setting can be used to override the default MongoDB service name. If not -specified, the module will use whatever service name is the default for your OS distro. - -#####`service_provider` -This setting can be used to override the default MongoDB service provider. If -not specified, the module will use whatever service provider is the default for -your OS distro. - -#####`service_status` -This setting can be used to override the default status check command for -your MongoDB service. If not specified, the module will use whatever service -name is the default for your OS distro. - -##### `mongod_service_manage` -This setting can be used to override the default management of the mongod service. -By default the module will manage the mongod process. - -##### `mongos_service_manage` -This setting can be used to override the default management of the mongos service. -By default the module will manage the mongos process. - -#####`user` -This setting can be used to override the default MongoDB user and owner of the -service and related files in the file system. If not specified, the module will -use the default for your OS distro. - -#####`group` -This setting can be used to override the default MongoDB user group to be used -for related files in the file system. If not specified, the module will use -the default for your OS distro. - -#####`ipv6` -This setting is used to configure MongoDB to turn on ipv6 support. If not specified -and ipv6 address is passed to MongoDB bind_ip it will just fail. - -#####`bind_ip` -This setting can be used to configure MonogDB process to bind to and listen -for connections from applications on this address. If not specified, the -module will use the default for your OS distro. -*Note:* This value should be passed as an array. - -#####`version` -The version of MonogDB to install/manage. This is a simple way of providing -a specific version such as '2.2' or '2.4' for example. If not specified, -the module will use the default for your OS distro. - -#####`repo_location` -This setting can be used to override the default MongoDB repository location. -If not specified, the module will use the default repository for your OS distro. - -#####`repo_proxy` -This will allow you to set a proxy for your repository in case you are behind a corporate firewall. Currently this is only supported with yum repositories - -#####`proxy_username` -This sets the username for the proxyserver, should authentication be required - -#####`proxy_password` -This sets the password for the proxyserver, should authentication be required - -####Class: mongodb::server - -Most of the parameters manipulate the mongod.conf file. - -For more details about configuration parameters consult the -[MongoDB Configuration File Options](http://docs.mongodb.org/manual/reference/configuration-options/). - -#####`ensure` -Used to ensure that the package is installed and the service is running, or that the package is absent/purged and the service is stopped. Valid values are true/false/present/absent/purged. - -#####`config` -Path of the config file. If not specified, the module will use the default -for your OS distro. - -#####`dbpath` -Set this value to designate a directory for the mongod instance to store -it's data. If not specified, the module will use the default for your OS distro. - -#####`pidfilepath` -Specify a file location to hold the PID or process ID of the mongod process. -If not specified, the module will use the default for your OS distro. - -#####`logpath` -Specify the path to a file name for the log file that will hold all diagnostic -logging information. Unless specified, mongod will output all log information -to the standard output. - -#####`ipv6` -This setting has to be true to configure MongoDB to turn on ipv6 support. If not specified -and ipv6 address is passed to MongoDB bind_ip it will just fail. - -#####`bind_ip` -Set this option to configure the mongod or mongos process to bind to and listen -for connections from applications on this address. If not specified, the module -will use the default for your OS distro. Example: bind_ip=['127.0.0.1', '192.168.0.3'] -*Note*: bind_ip accepts an array as a value. - -#####`logappend` -Set to true to add new entries to the end of the logfile rather than overwriting -the content of the log when the process restarts. Default: True - -#####`fork` -Set to true to fork server process at launch time. The default setting depends on -the operating system. - -#####`port` -Specifies a TCP port for the server instance to listen for client connections. -Default: 27017 - -#####`journal` -Set to true to enable operation journaling to ensure write durability and -data consistency. Default: on 64-bit systems true and on 32-bit systems false - -#####`nojournal` -Set nojournal = true to disable durability journaling. By default, mongod -enables journaling in 64-bit versions after v2.0. -Default: on 64-bit systems false and on 32-bit systems true - -*Note*: You must use journal to enable journaling on 32-bit systems. - -#####`smallfiles` -Set to true to modify MongoDB to use a smaller default data file size. -Specifically, smallfiles reduces the initial size for data files and -limits them to 512 megabytes. Default: false - -#####`cpu` -Set to true to force mongod to report every four seconds CPU utilization -and the amount of time that the processor waits for I/O operations to -complete (i.e. I/O wait.) Default: false - -#####`auth` -Set to true to enable database authentication for users connecting from -remote hosts. If no users exist, the localhost interface will continue -to have access to the database until you create the first user. -Default: false - -#####`noauth` -Disable authentication. Currently the default. Exists for future compatibility - and clarity. - -#####`verbose` -Increases the amount of internal reporting returned on standard output or in -the log file generated by `logpath`. Default: false - -#####`verbositylevel` -MongoDB has the following levels of verbosity: v, vv, vvv, vvvv and vvvvv. -Default: None - -#####`objcheck` -Forces the mongod to validate all requests from clients upon receipt to ensure -that clients never insert invalid documents into the database. -Default: on v2.4 default to true and on earlier version to false - -#####`quota` -Set to true to enable a maximum limit for the number of data files each database -can have. The default quota is 8 data files, when quota is true. Default: false - -#####`quotafiles` -Modify limit on the number of data files per database. This option requires the -`quota` setting. Default: 8 - -#####`diaglog` -Creates a very verbose diagnostic log for troubleshooting and recording various -errors. Valid values: 0, 1, 2, 3 and 7. -For more information please refer to [MongoDB Configuration File Options](http://docs.mongodb.org/manual/reference/configuration-options/). - -#####`directoryperdb` -Set to true to modify the storage pattern of the data directory to store each -database’s files in a distinct folder. Default: false - -#####`profile` -Modify this value to changes the level of database profiling, which inserts -information about operation performance into output of mongod or the -log file if specified by `logpath`. - -#####`maxconns` -Specifies a value to set the maximum number of simultaneous connections -that MongoDB will accept. Default: depends on system (i.e. ulimit and file descriptor) -limits. Unless set, MongoDB will not limit its own connections. - -#####`oplog_size` -Specifies a maximum size in megabytes for the replication operation log -(e.g. oplog.) mongod creates an oplog based on the maximum amount of space -available. For 64-bit systems, the oplog is typically 5% of available disk space. - -#####`nohints` -Ignore query hints. Default: None - -#####`nohttpinterface` -Set to true to disable the HTTP interface. This command will override the rest -and disable the HTTP interface if you specify both. Default: false - -#####`noscripting` -Set noscripting = true to disable the scripting engine. Default: false - -#####`notablescan` -Set notablescan = true to forbid operations that require a table scan. Default: false - -#####`noprealloc` -Set noprealloc = true to disable the preallocation of data files. This will shorten -the start up time in some cases, but can cause significant performance penalties -during normal operations. Default: false - -#####`nssize` -Use this setting to control the default size for all newly created namespace -files (i.e .ns). Default: 16 - -#####`mms_token` -MMS token for mms monitoring. Default: None - -#####`mms_name` -MMS identifier for mms monitoring. Default: None - -#####`mms_interval` -MMS interval for mms monitoring. Default: None - -#####`configsvr` -Use this setting to enable config server mode for mongod. - -#####`shardsvr` -Use this setting to enable shard server mode for mongod. - -#####`replset` -Use this setting to configure replication with replica sets. Specify a replica -set name as an argument to this set. All hosts must have the same set name. - -#####`replset_members` -An array of member hosts for the replica set. -Mutually exclusive with `replset_config` param. - -#####`replset_config` -A hash that is used to configure the replica set. -Mutually exclusive with `replset_members` param. - -```puppet -class mongodb::server { - replset => 'rsmain', - replset_config => { 'rsmain' => { ensure => present, members => ['host1:27017', 'host2:27017', 'host3:27017'] } } - -} -``` - -#####`rest` -Set to true to enable a simple REST interface. Default: false - -#####`quiet` -Runs the mongod or mongos instance in a quiet mode that attempts to limit the -amount of output. This option suppresses : "output from database commands, including drop, dropIndexes, diagLogging, validate, and clean", "replication activity", "connection accepted events" and "connection closed events". -Default: false - -> For production systems this option is **not** recommended as it may make tracking -problems during particular connections much more difficult. - -#####`slowms` -Sets the threshold for mongod to consider a query “slow” for the database profiler. -Default: 100 ms - -#####`keyfile` -Specify the path to a key file to store authentication information. This option -is only useful for the connection between replica set members. Default: None - -#####'key' -Specify the key contained within the keyfile. This option -is only useful for the connection between replica set members. Default: None - -#####`master` -Set to true to configure the current instance to act as master instance in a -replication configuration. Default: False *Note*: deprecated – use replica sets - -#####`set_parameter` -Specify extra configuration file parameters (i.e. -textSearchEnabled=true). Default: None - -#####`syslog` -Sends all logging output to the host’s syslog system rather than to standard -output or a log file. Default: None -*Important*: You cannot use syslog with logpath. - -#####`slave` -Set to true to configure the current instance to act as slave instance in a -replication configuration. Default: false -*Note*: deprecated – use replica sets - -#####`only` -Used with the slave option, only specifies only a single database to -replicate. Default: <> -*Note*: deprecated – use replica sets - -#####`source` -Used with the slave setting to specify the master instance from which -this slave instance will replicate. Default: <> -*Note*: deprecated – use replica sets - -#####`ssl` -Set to true to enable ssl. Default: <> -*Important*: You need to have ssl_key and ssl_ca set as well and files -need to pre-exist on node. - -#####`ssl_key` -Default: <> - -#####`ssl_ca` -Default: <> - -#####`service_manage` -Whether or not the MongoDB service resource should be part of the catalog. -Default: true - -#####`storage_engine` -Only needed for MongoDB 3.x versions, where it's possible to select the -'wiredTiger' engine in addition to the default 'mmapv1' engine. If not set, the -config is left out and mongo will default to 'mmapv1'. -You should not set this for MongoDB versions < 3.x - -#####`restart` -Specifies whether the service should be restarted on config changes. Default: 'true' - -#####`create_admin` -Allows to create admin user for admin database. -Redefine these parameters if needed: - -#####`admin_username` -Administrator user name - -#####`admin_password` -Administrator user password - -#####`admin_roles` -Administrator user roles - -#####`store_creds` -Store admin credentials in mongorc.js file. Uses with `create_admin` parameter - - -####Class: mongodb::mongos -class. This class should only be used if you want to implement sharding within -your mongodb deployment. - -This class allows you to configure the mongos daemon (responsible for routing) -on your platform. - -#####`ensure` -Used to ensure that the package is installed and the service is running, or that the package is absent/purged and the service is stopped. Valid values are true/false/present/absent/purged. - -#####`config` -Path of the config file. If not specified, the module will use the default -for your OS distro. - -#####`config_content` -Path to the config template if the default doesn't match one needs. - -#####`configdb` -Array of the config servers IP addresses the mongos should connect to. - -#####`service_manage` -Whether or not the MongoDB sharding service resource should be part of the catalog. -Default: true - -#####`service_name` -This setting can be used to override the default Mongos service name. If not -specified, the module will use whatever service name is the default for your OS distro. - -#####`service_provider` -This setting can be used to override the default Mongos service provider. If -not specified, the module will use whatever service provider is the default for -your OS distro. - -#####`service_status` -This setting can be used to override the default status check command for -your Mongos service. If not specified, the module will use whatever service -name is the default for your OS distro. - -#####`service_enable` -This setting can be used to specify if the service should be enable at boot - -#####`service_ensure` -This setting can be used to specify if the service should be running - -#####`package_ensure` -This setting can be used to specify if puppet should install the package or not - -#####`package_name` -This setting can be used to specify the name of the package that should be installed. -If not specified, the module will use whatever service name is the default for your OS distro. - -#####`restart` -Specifies whether the service should be restarted on config changes. Default: 'true' - -### Definitions - -#### Definition: mongodb:db - -Creates database with user. Resource title used as database name. - -#####`user` -Name of the user for database - -#####`password_hash` -Hex encoded md5 hash of "$username:mongo:$password". -For more information please refer to [MongoDB Authentication Process](http://docs.mongodb.org/meta-driver/latest/legacy/implement-authentication-in-driver/#authentication-process). - -#####`password` -Plain-text user password (will be hashed) - -#####`roles` -Array with user roles. Default: ['dbAdmin'] - -### Providers - -#### Provider: mongodb_database -'mongodb_database' can be used to create and manage databases within MongoDB. - -```puppet -mongodb_database { testdb: - ensure => present, - tries => 10, - require => Class['mongodb::server'], -} -``` -#####`tries` -The maximum amount of two second tries to wait MongoDB startup. Default: 10 - - -#### Provider: mongodb_user -'mongodb_user' can be used to create and manage users within MongoDB database. - -*Note:* if replica set is enabled, replica initialization has to come before -any user operations. - -```puppet -mongodb_user { testuser: - name => 'testuser', - ensure => present, - password_hash => mongodb_password('testuser', 'p@ssw0rd'), - database => testdb, - roles => ['readWrite', 'dbAdmin'], - tries => 10, - require => Class['mongodb::server'], -} -``` -#####`username` -Name of the mongodb user. - -#####`password_hash` -Hex encoded md5 hash of "$username:mongo:$password". - -#####`database` -Name of database. It will be created, if not exists. - -#####`roles` -Array with user roles. Default: ['dbAdmin'] - -#####`tries` -The maximum amount of two second tries to wait MongoDB startup. Default: 10 - -#### Provider: mongodb_replset -'mongodb_replset' can be used to create and manage MongoDB replicasets. - -```puppet -mongodb_replset { rsmain: - ensure => present, - members => ['host1:27017', 'host2:27017', 'host3:27017'] -} -``` - -Ideally the ```mongodb_replset``` resource will be declared on the initial -desired primary node (arbitrarily the first of the list) and this node will be -processed once the secondary nodes are up. This will ensure all the nodes are -in the first configuration of the replicaset, else it will require running -puppet again to add them. - -#####`members` -Array of 'host:port' of the replicaset members. - -It currently only adds members without options. - -#### Provider: mongodb_shard -'mongodb_shard' can be used to create and manage MongoDB shards. -*Note:* Removing a shard is not yet supported. Shard can only be added. - -```puppet -mongodb_shard { 'rsmain': - member => 'rsmain/host1:27017', - keys => [{'rsmain.foo' => {'name' => 1}}], -} -``` -#####`member` -Member of the shard in the form; - -* [hostname] -* [hostname]:[port] -* [replica-set-name]/[hostname] -* [replica-set-name]/[hostname]:port - -#####`keys` -Sharding keys for a specific database. This variable should be an array -of sharding keys. - -## Limitations - -This module has been tested on: - -* Debian 7.* (Wheezy) -* Debian 6.* (squeeze) -* Ubuntu 12.04.2 (precise) -* Ubuntu 10.04.4 LTS (lucid) -* RHEL 5/6/7 -* CentOS 5/6/7 - -For a full list of tested operating systems please have a look at the [.nodeset.xml](https://github.com/puppetlabs/puppetlabs-mongodb/blob/master/.nodeset.yml) definition. - -This module should support `service_ensure` separate from the `ensure` value on `Class[mongodb::server]` but it does not yet. - -### Apt module support - -While this module supports both 1.x and 2.x versions of the puppetlabs-apt module, it does not support puppetlabs-apt 2.0.0 or 2.0.1. - -## Development - -Puppet Labs modules on the Puppet Forge are open projects, and community -contributions are essential for keeping them great. We can’t access the -huge number of platforms and myriad of hardware, software, and deployment -configurations that Puppet is intended to serve. - -We want to keep it as easy as possible to contribute changes so that our -modules work in your environment. There are a few guidelines that we need -contributors to follow so that we can have a chance of keeping on top of things. - -You can read the complete module contribution guide [on the Puppet Labs wiki.](http://projects.puppetlabs.com/projects/module-site/wiki/Module_contributing) - -### Testing - -There are two types of tests distributed with this module. Unit tests with -rspec-puppet and system tests using rspec-system. - - -unit tests should be run under Bundler with the gem versions as specified -in the Gemfile. To install the necessary gems: - - bundle install --path=vendor - -Test setup and teardown is handled with rake tasks, so the -supported way of running tests is with - - bundle exec rake spec - - -For system test you will also need to install vagrant > 1.3.x and virtualbox > 4.2.10. -To run the system tests - - bundle exec rake spec:system - -To run the tests on different operating systems, see the sets available in [.nodeset.xml](https://github.com/puppetlabs/puppetlabs-mongodb/blob/master/.nodeset.yml) -and run the specific set with the following syntax: - - RSPEC_SET=ubuntu-server-12042-x64 bundle exec rake spec:system - -### Authors - -We would like to thank everyone who has contributed issues and pull requests to this module. -A complete list of contributors can be found on the -[GitHub Contributor Graph](https://github.com/puppetlabs/puppetlabs-mongodb/graphs/contributors) -for the [puppetlabs-mongodb module](https://github.com/puppetlabs/puppetlabs-mongodb). diff --git a/mongodb/Rakefile b/mongodb/Rakefile deleted file mode 100644 index 7e9a13d5d..000000000 --- a/mongodb/Rakefile +++ /dev/null @@ -1,42 +0,0 @@ -require 'puppet_blacksmith/rake_tasks' -require 'puppet-lint/tasks/puppet-lint' -require 'puppetlabs_spec_helper/rake_tasks' - -PuppetLint.configuration.fail_on_warnings = true -PuppetLint.configuration.send('relative') -PuppetLint.configuration.send('disable_80chars') -PuppetLint.configuration.send('disable_class_inherits_from_params_class') -PuppetLint.configuration.send('disable_documentation') -PuppetLint.configuration.send('disable_single_quote_string_with_variables') -PuppetLint.configuration.ignore_paths = ["spec/**/*.pp", "pkg/**/*.pp"] - -desc 'Generate pooler nodesets' -task :gen_nodeset do - require 'beaker-hostgenerator' - require 'securerandom' - require 'fileutils' - - agent_target = ENV['TEST_TARGET'] - if ! agent_target - STDERR.puts 'TEST_TARGET environment variable is not set' - STDERR.puts 'setting to default value of "redhat-64default."' - agent_target = 'redhat-64default.' - end - - master_target = ENV['MASTER_TEST_TARGET'] - if ! master_target - STDERR.puts 'MASTER_TEST_TARGET environment variable is not set' - STDERR.puts 'setting to default value of "redhat7-64mdcl"' - master_target = 'redhat7-64mdcl' - end - - targets = "#{master_target}-#{agent_target}" - cli = BeakerHostGenerator::CLI.new([targets]) - nodeset_dir = "tmp/nodesets" - nodeset = "#{nodeset_dir}/#{targets}-#{SecureRandom.uuid}.yaml" - FileUtils.mkdir_p(nodeset_dir) - File.open(nodeset, 'w') do |fh| - fh.print(cli.execute) - end - puts nodeset -end diff --git a/mongodb/lib/puppet/parser/functions/mongodb_password.rb b/mongodb/lib/puppet/parser/functions/mongodb_password.rb deleted file mode 100644 index e61bcb9da..000000000 --- a/mongodb/lib/puppet/parser/functions/mongodb_password.rb +++ /dev/null @@ -1,14 +0,0 @@ -require 'digest/md5' - -module Puppet::Parser::Functions - newfunction(:mongodb_password, :type => :rvalue, :doc => <<-EOS - Returns the mongodb password hash from the clear text password. - EOS - ) do |args| - - raise(Puppet::ParseError, 'mongodb_password(): Wrong number of arguments ' + - "given (#{args.size} for 2)") if args.size != 2 - - Digest::MD5.hexdigest("#{args[0]}:mongo:#{args[1]}") - end -end diff --git a/mongodb/lib/puppet/provider/mongodb.rb b/mongodb/lib/puppet/provider/mongodb.rb deleted file mode 100644 index f501d6217..000000000 --- a/mongodb/lib/puppet/provider/mongodb.rb +++ /dev/null @@ -1,196 +0,0 @@ -require 'yaml' -require 'json' -class Puppet::Provider::Mongodb < Puppet::Provider - - # Without initvars commands won't work. - initvars - commands :mongo => 'mongo' - - # Optional defaults file - def self.mongorc_file - if File.file?("#{Facter.value(:root_home)}/.mongorc.js") - "load('#{Facter.value(:root_home)}/.mongorc.js'); " - else - nil - end - end - - def mongorc_file - self.class.mongorc_file - end - - def self.get_mongod_conf_file - if File.exists? '/etc/mongod.conf' - file = '/etc/mongod.conf' - else - file = '/etc/mongodb.conf' - end - file - end - - def self.ipv6_is_enabled - file = get_mongod_conf_file - config = YAML.load_file(file) - if config.kind_of?(Hash) - ipv6 = config['net.ipv6'] - else # It has to be a key-value store - config = {} - File.readlines(file).collect do |line| - k,v = line.split('=') - config[k.rstrip] = v.lstrip.chomp if k and v - end - ipv6 = config['ipv6'] - end - ipv6 - end - - def self.mongo_cmd(db, host, cmd) - if ipv6_is_enabled - out = mongo([db, '--quiet', '--ipv6', '--host', host, '--eval', cmd]) - else - out = mongo([db, '--quiet', '--host', host, '--eval', cmd]) - end - end - - def self.get_conn_string - file = get_mongod_conf_file - # The mongo conf is probably a key-value store, even though 2.6 is - # supposed to use YAML, because the config template is applied - # based on $::mongodb::globals::version which is the user will not - # necessarily set. This attempts to get the port from both types of - # config files. - config = YAML.load_file(file) - if config.kind_of?(Hash) # Using a valid YAML file for mongo 2.6 - bindip = config['net.bindIp'] - port = config['net.port'] - shardsvr = config['sharding.clusterRole'] - confsvr = config['sharding.clusterRole'] - else # It has to be a key-value config file - config = {} - File.readlines(file).collect do |line| - k,v = line.split('=') - config[k.rstrip] = v.lstrip.chomp if k and v - end - bindip = config['bind_ip'] - port = config['port'] - shardsvr = config['shardsvr'] - confsvr = config['confsvr'] - end - - if bindip - first_ip_in_list = bindip.split(',').first - case first_ip_in_list - when '0.0.0.0' - ip_real = '127.0.0.1' - when /\[?::0\]?/ - ip_real = '::1' - else - ip_real = first_ip_in_list - end - end - - if port - port_real = port - elsif !port and (confsvr.eql? 'configsvr' or confsvr.eql? 'true') - port_real = 27019 - elsif !port and (shardsvr.eql? 'shardsvr' or shardsvr.eql? 'true') - port_real = 27018 - else - port_real = 27017 - end - - "#{ip_real}:#{port_real}" - end - - def self.db_ismaster - cmd_ismaster = 'printjson(db.isMaster())' - if mongorc_file - cmd_ismaster = mongorc_file + cmd_ismaster - end - db = 'admin' - out = mongo_cmd(db, get_conn_string, cmd_ismaster) - out.gsub!(/ObjectId\(([^)]*)\)/, '\1') - out.gsub!(/ISODate\((.+?)\)/, '\1 ') - out.gsub!(/^Error\:.+/, '') - res = JSON.parse out - - return res['ismaster'] - end - - def db_ismaster - self.class.db_ismaster - end - - def self.auth_enabled - auth_enabled = false - file = get_mongod_conf_file - config = YAML.load_file(file) - if config.kind_of?(Hash) - auth_enabled = config['security.authorization'] - else # It has to be a key-value store - config = {} - File.readlines(file).collect do |line| - k,v = line.split('=') - config[k.rstrip] = v.lstrip.chomp if k and v - end - auth_enabled = config['auth'] - end - return auth_enabled - end - - # Mongo Command Wrapper - def self.mongo_eval(cmd, db = 'admin', retries = 10, host = nil) - retry_count = retries - retry_sleep = 3 - if mongorc_file - cmd = mongorc_file + cmd - end - - out = nil - retry_count.times do |n| - begin - if host - out = mongo_cmd(db, host, cmd) - else - out = mongo_cmd(db, get_conn_string, cmd) - end - rescue => e - Puppet.debug "Request failed: '#{e.message}' Retry: '#{n}'" - sleep retry_sleep - next - end - break - end - - if !out - raise Puppet::ExecutionFailure, "Could not evalute MongoDB shell command: #{cmd}" - end - - out.gsub!(/ObjectId\(([^)]*)\)/, '\1') - out.gsub!(/^Error\:.+/, '') - out - end - - def mongo_eval(cmd, db = 'admin', retries = 10, host = nil) - self.class.mongo_eval(cmd, db, retries, host) - end - - # Mongo Version checker - def self.mongo_version - @@mongo_version ||= self.mongo_eval('db.version()') - end - - def mongo_version - self.class.mongo_version - end - - def self.mongo_24? - v = self.mongo_version - ! v[/^2\.4\./].nil? - end - - def mongo_24? - self.class.mongo_24? - end - -end diff --git a/mongodb/lib/puppet/provider/mongodb_conn_validator/tcp_port.rb b/mongodb/lib/puppet/provider/mongodb_conn_validator/tcp_port.rb deleted file mode 100644 index e220ae51c..000000000 --- a/mongodb/lib/puppet/provider/mongodb_conn_validator/tcp_port.rb +++ /dev/null @@ -1,53 +0,0 @@ -$LOAD_PATH.unshift(File.join(File.dirname(__FILE__),"..","..","..")) -require 'puppet/util/mongodb_validator' - -# This file contains a provider for the resource type `mongodb_conn_validator`, -# which validates the mongodb connection by attempting an https connection. - -Puppet::Type.type(:mongodb_conn_validator).provide(:tcp_port) do - desc "A provider for the resource type `mongodb_conn_validator`, - which validates the mongodb connection by attempting an https - connection to the mongodb server. Uses the puppet SSL certificate - setup from the local puppet environment to authenticate." - - def exists? - start_time = Time.now - timeout = resource[:timeout] - - success = validator.attempt_connection - - while success == false && ((Time.now - start_time) < timeout) - # It can take several seconds for the mongodb server to start up; - # especially on the first install. Therefore, our first connection attempt - # may fail. Here we have somewhat arbitrarily chosen to retry every 4 - # seconds until the configurable timeout has expired. - Puppet.debug("Failed to connect to mongodb; sleeping 4 seconds before retry") - sleep 4 - success = validator.attempt_connection - end - - if success - Puppet.debug("Connected to mongodb in #{Time.now - start_time} seconds.") - else - Puppet.notice("Failed to connect to mongodb within timeout window of #{timeout} seconds; giving up.") - end - - success - end - - def create - # If `#create` is called, that means that `#exists?` returned false, which - # means that the connection could not be established... so we need to - # cause a failure here. - raise Puppet::Error, "Unable to connect to mongodb server! (#{@validator.mongodb_server}:#{@validator.mongodb_port})" - end - - private - - # @api private - def validator - @validator ||= Puppet::Util::MongodbValidator.new(resource[:name], resource[:server], resource[:port]) - end - -end - diff --git a/mongodb/lib/puppet/provider/mongodb_database/mongodb.rb b/mongodb/lib/puppet/provider/mongodb_database/mongodb.rb deleted file mode 100644 index 895276b0a..000000000 --- a/mongodb/lib/puppet/provider/mongodb_database/mongodb.rb +++ /dev/null @@ -1,48 +0,0 @@ -require File.expand_path(File.join(File.dirname(__FILE__), '..', 'mongodb')) -Puppet::Type.type(:mongodb_database).provide(:mongodb, :parent => Puppet::Provider::Mongodb) do - - desc "Manages MongoDB database." - - defaultfor :kernel => 'Linux' - - def self.instances - require 'json' - dbs = JSON.parse mongo_eval('printjson(db.getMongo().getDBs())') - - dbs['databases'].collect do |db| - new(:name => db['name'], - :ensure => :present) - end - end - - # Assign prefetched dbs based on name. - def self.prefetch(resources) - dbs = instances - resources.keys.each do |name| - if provider = dbs.find { |db| db.name == name } - resources[name].provider = provider - end - end - end - - def create - if db_ismaster - mongo_eval('db.dummyData.insert({"created_by_puppet": 1})', @resource[:name]) - else - Puppet.warning 'Database creation is available only from master host' - end - end - - def destroy - if db_ismaster - mongo_eval('db.dropDatabase()', @resource[:name]) - else - Puppet.warning 'Database removal is available only from master host' - end - end - - def exists? - !(@property_hash[:ensure] == :absent or @property_hash[:ensure].nil?) - end - -end diff --git a/mongodb/lib/puppet/provider/mongodb_replset/mongo.rb b/mongodb/lib/puppet/provider/mongodb_replset/mongo.rb deleted file mode 100644 index 035849e14..000000000 --- a/mongodb/lib/puppet/provider/mongodb_replset/mongo.rb +++ /dev/null @@ -1,280 +0,0 @@ -# -# Author: François Charlier -# - -require File.expand_path(File.join(File.dirname(__FILE__), '..', 'mongodb')) -Puppet::Type.type(:mongodb_replset).provide(:mongo, :parent => Puppet::Provider::Mongodb) do - - desc "Manage hosts members for a replicaset." - - confine :true => - begin - require 'json' - true - rescue LoadError - false - end - - mk_resource_methods - - def initialize(resource={}) - super(resource) - @property_flush = {} - end - - def members=(hosts) - @property_flush[:members] = hosts - end - - def self.instances - instance = get_replset_properties - if instance - # There can only be one replset per node - [new(instance)] - else - [] - end - end - - def self.prefetch(resources) - instances.each do |prov| - if resource = resources[prov.name] - resource.provider = prov - end - end - end - - def exists? - @property_hash[:ensure] == :present - end - - def create - @property_flush[:ensure] = :present - @property_flush[:members] = resource.should(:members) - end - - def destroy - @property_flush[:ensure] = :absent - end - - def flush - set_members - @property_hash = self.class.get_replset_properties - end - - private - - def db_ismaster(host) - mongo_command('db.isMaster()', host) - end - - def rs_initiate(conf, master) - if auth_enabled - return mongo_command("rs.initiate(#{conf})", initialize_host) - else - return mongo_command("rs.initiate(#{conf})", master) - end - end - - def rs_status(host) - mongo_command('rs.status()', host) - end - - def rs_add(host, master) - mongo_command("rs.add('#{host}')", master) - end - - def rs_remove(host, master) - mongo_command("rs.remove('#{host}')", master) - end - - def rs_arbiter - @resource[:arbiter] - end - - def rs_add_arbiter(host, master) - mongo_command("rs.addArb('#{host}')", master) - end - - def auth_enabled - self.class.auth_enabled - end - - def initialize_host - @resource[:initialize_host] - end - - def master_host(hosts) - hosts.each do |host| - status = db_ismaster(host) - if status.has_key?('primary') - return status['primary'] - end - end - false - end - - def self.get_replset_properties - conn_string = get_conn_string - output = mongo_command('rs.conf()', conn_string) - if output['members'] - members = output['members'].collect do |val| - val['host'] - end - props = { - :name => output['_id'], - :ensure => :present, - :members => members, - :provider => :mongo, - } - else - props = nil - end - Puppet.debug("MongoDB replset properties: #{props.inspect}") - props - end - - def alive_members(hosts) - alive = [] - hosts.select do |host| - begin - Puppet.debug "Checking replicaset member #{host} ..." - status = rs_status(host) - if status.has_key?('errmsg') and status['errmsg'] == 'not running with --replSet' - raise Puppet::Error, "Can't configure replicaset #{self.name}, host #{host} is not supposed to be part of a replicaset." - end - - if auth_enabled and status.has_key?('errmsg') and (status['errmsg'].include? "unauthorized" or status['errmsg'].include? "not authorized") - Puppet.warning "Host #{host} is available, but you are unauthorized because of authentication is enabled: #{auth_enabled}" - alive.push(host) - end - - if status.has_key?('set') - if status['set'] != self.name - raise Puppet::Error, "Can't configure replicaset #{self.name}, host #{host} is already part of another replicaset." - end - - # This node is alive and supposed to be a member of our set - Puppet.debug "Host #{host} is available for replset #{status['set']}" - alive.push(host) - elsif status.has_key?('info') - Puppet.debug "Host #{host} is alive but unconfigured: #{status['info']}" - alive.push(host) - end - rescue Puppet::ExecutionFailure - Puppet.warning "Can't connect to replicaset member #{host}." - end - end - return alive - end - - def set_members - if @property_flush[:ensure] == :absent - # TODO: I don't know how to remove a node from a replset; unimplemented - #Puppet.debug "Removing all members from replset #{self.name}" - #@property_hash[:members].collect do |member| - # rs_remove(member, master_host(@property_hash[:members])) - #end - return - end - - if ! @property_flush[:members].empty? - # Find the alive members so we don't try to add dead members to the replset - alive_hosts = alive_members(@property_flush[:members]) - dead_hosts = @property_flush[:members] - alive_hosts - Puppet.debug "Alive members: #{alive_hosts.inspect}" - Puppet.debug "Dead members: #{dead_hosts.inspect}" unless dead_hosts.empty? - raise Puppet::Error, "Can't connect to any member of replicaset #{self.name}." if alive_hosts.empty? - else - alive_hosts = [] - end - - if @property_flush[:ensure] == :present and @property_hash[:ensure] != :present and !master_host(alive_hosts) - Puppet.debug "Initializing the replset #{self.name}" - - # Create a replset configuration - hostconf = alive_hosts.each_with_index.map do |host,id| - arbiter_conf = "" - if rs_arbiter == host - arbiter_conf = ", arbiterOnly: \"true\"" - end - "{ _id: #{id}, host: \"#{host}\"#{arbiter_conf} }" - end.join(',') - conf = "{ _id: \"#{self.name}\", members: [ #{hostconf} ] }" - - # Set replset members with the first host as the master - output = rs_initiate(conf, alive_hosts[0]) - if output['ok'] == 0 - raise Puppet::Error, "rs.initiate() failed for replicaset #{self.name}: #{output['errmsg']}" - end - - # Check that the replicaset has finished initialization - retry_limit = 10 - retry_sleep = 3 - - retry_limit.times do |n| - begin - if db_ismaster(alive_hosts[0])['ismaster'] - Puppet.debug 'Replica set initialization has successfully ended' - return - else - Puppet.debug "Wainting for replica initialization. Retry: #{n}" - sleep retry_sleep - next - end - end - end - raise Puppet::Error, "rs.initiate() failed for replicaset #{self.name}: host #{alive_hosts[0]} didn't become master" - - else - # Add members to an existing replset - Puppet.debug "Adding member to existing replset #{self.name}" - if master = master_host(alive_hosts) - master_data = db_ismaster(master) - current_hosts = master_data['hosts'] - current_hosts = current_hosts + master_data['arbiters'] if master_data.has_key?('arbiters') - Puppet.debug "Current Hosts are: #{current_hosts.inspect}" - newhosts = alive_hosts - current_hosts - Puppet.debug "New Hosts are: #{newhosts.inspect}" - newhosts.each do |host| - output = {} - if rs_arbiter == host - output = rs_add_arbiter(host, master) - else - output = rs_add(host, master) - end - if output['ok'] == 0 - raise Puppet::Error, "rs.add() failed to add host to replicaset #{self.name}: #{output['errmsg']}" - end - end - else - raise Puppet::Error, "Can't find master host for replicaset #{self.name}." - end - end - end - - def mongo_command(command, host, retries=4) - self.class.mongo_command(command, host, retries) - end - - def self.mongo_command(command, host=nil, retries=4) - begin - output = mongo_eval("printjson(#{command})", 'admin', retries, host) - rescue Puppet::ExecutionFailure => e - Puppet.debug "Got an exception: #{e}" - raise - end - - # Dirty hack to remove JavaScript objects - output.gsub!(/ISODate\((.+?)\)/, '\1 ') - output.gsub!(/Timestamp\((.+?)\)/, '[\1]') - - #Hack to avoid non-json empty sets - output = "{}" if output == "null\n" - - # Parse the JSON output and return - JSON.parse(output) - - end - -end diff --git a/mongodb/lib/puppet/provider/mongodb_shard/mongo.rb b/mongodb/lib/puppet/provider/mongodb_shard/mongo.rb deleted file mode 100644 index f745f0015..000000000 --- a/mongodb/lib/puppet/provider/mongodb_shard/mongo.rb +++ /dev/null @@ -1,236 +0,0 @@ -require File.expand_path(File.join(File.dirname(__FILE__), '..', 'mongodb')) -Puppet::Type.type(:mongodb_shard).provide(:mongo, :parent => Puppet::Provider::Mongodb ) do - - desc "Manage mongodb sharding." - - confine :true => - begin - require 'json' - true - rescue LoadError - false - end - - mk_resource_methods - - commands :mongo => 'mongo' - - def initialize(value={}) - super(value) - @property_flush = {} - end - - def destroy - @property_flush[:ensure] = :absent - end - - def create - @property_flush[:ensure] = :present - @property_flush[:member] = resource.should(:member) - @property_flush[:keys] = resource.should(:keys) - end - - def sh_addshard member - return mongo_command("sh.addShard(\"#{member}\")", '127.0.0.1:27017') - end - - def sh_shardcollection shard_key - collection = shard_key.keys.first - keys = shard_key.values.first.collect do |key, value| - "\"#{key}\": #{value.to_s}" - end - - return mongo_command("sh.shardCollection(\"#{collection}\", {#{keys.join(',')}})", '127.0.0.1:27017') - end - - def sh_enablesharding member - return mongo_command("sh.enableSharding(\"#{member}\")", '127.0.0.1:27017') - end - - def self.prefetch(resources) - instances.each do |prov| - if resource = resources[prov.name] - resource.provider = prov - end - end - end - - def flush - set_member - @property_hash = self.class.get_shard_properties(resource[:name]) - end - - def set_member - if @property_flush[:ensure] == :absent - # a shard can't be removed easily at this time - return - end - - if @property_flush[:ensure] == :present and @property_hash[:ensure] != :present - Puppet.debug "Adding the shard #{self.name}" - output = sh_addshard(@property_flush[:member]) - if output['ok'] == 0 - raise Puppet::Error, "sh.addShard() failed for shard #{self.name}: #{output['errmsg']}" - end - output = sh_enablesharding(self.name) - if output['ok'] == 0 - raise Puppet::Error, "sh.enableSharding() failed for shard #{self.name}: #{output['errmsg']}" - end - if @property_flush[:keys] - @property_flush[:keys].each do |key| - output = sh_shardcollection(key) - if output['ok'] == 0 - raise Puppet::Error, "sh.shardCollection() failed for shard #{self.name}: #{output['errmsg']}" - end - end - end - end - end - - - def self.instances - instances = get_shards_properties.collect do |shard| - new (shard) - end - end - - def self.get_shard_collection_details obj, shard_name - collection_array = [] - obj.each do |database| - if database['_id'].eql? shard_name and ! database['shards'].nil? - collection_array = database['shards'].collect do |collection| - { collection.keys.first => collection.values.first['shardkey']} - end - end - end - collection_array - end - - def self.get_shard_properties shard - properties = {} - output = mongo_command('sh.status()') - output['shards'].each do |s| - if s['_id'] == shard - properties = { - :name => s['_id'], - :ensure => :present, - :member => s['host'], - :keys => get_shard_collection_details(output['databases'], s['_id']), - :provider => :mongo, - } - end - end - properties - end - - def self.get_shards_properties - output = mongo_command('sh.status()') - if output['shards'].size > 0 - properties = output['shards'].collect do |shard| - { - :name => shard['_id'], - :ensure => :present, - :member => shard['host'], - :keys => get_shard_collection_details(output['databases'], shard['_id']), - :provider => :mongo, - } - end - else - properties = [] - end - Puppet.debug("MongoDB shard properties: #{properties.inspect}") - properties - end - - def exists? - @property_hash[:ensure] == :present - end - - def mongo_command(command, host, retries=4) - self.class.mongo_command(command,host,retries) - end - - def self.mongo_command(command, host=nil, retries=4) - # Allow waiting for mongod to become ready - # Wait for 2 seconds initially and double the delay at each retry - wait = 2 - begin - args = Array.new - args << '--quiet' - args << ['--host',host] if host - args << ['--eval',"printjson(#{command})"] - output = mongo(args.flatten) - rescue Puppet::ExecutionFailure => e - if e =~ /Error: couldn't connect to server/ and wait <= 2**max_wait - info("Waiting #{wait} seconds for mongod to become available") - sleep wait - wait *= 2 - retry - else - raise - end - end - - # NOTE (spredzy) : sh.status() - # does not return a json stream - # we jsonify it so it is easier - # to parse and deal with it - if command == 'sh.status()' - myarr = output.split("\n") - myarr.shift - myarr.pop - myarr.pop - final_stream = [] - prev_line = nil - in_shard_list = 0 - in_chunk = 0 - myarr.each do |line| - line.gsub!(/sharding version:/, '{ "sharding version":') - line.gsub!(/shards:/, ',"shards":[') - line.gsub!(/databases:/, '], "databases":[') - line.gsub!(/"clusterId" : ObjectId\("(.*)"\)/, '"clusterId" : "ObjectId(\'\1\')"') - line.gsub!(/\{ "_id" :/, ",{ \"_id\" :") if /_id/ =~ prev_line - # Modification for shard - line = '' if line =~ /on :.*Timestamp/ - if line =~ /_id/ and in_shard_list == 1 - in_shard_list = 0 - last_line = final_stream.pop.strip - proper_line = "#{last_line}]}," - final_stream << proper_line - end - if line =~ /shard key/ and in_shard_list == 1 - shard_name = final_stream.pop.strip - proper_line = ",{\"#{shard_name}\":" - final_stream << proper_line - end - if line =~ /shard key/ and in_shard_list == 0 - in_shard_list = 1 - shard_name = final_stream.pop.strip - id_line = "#{final_stream.pop[0..-2]}, \"shards\": " - proper_line = "[{\"#{shard_name}\":" - final_stream << id_line - final_stream << proper_line - end - if in_chunk == 1 - in_chunk = 0 - line = "\"#{line.strip}\"}}" - end - if line =~ /chunks/ and in_chunk == 0 - in_chunk = 1 - end - line.gsub!(/shard key/, '{"shard key"') - line.gsub!(/chunks/, ',"chunks"') - final_stream << line if line.size > 0 - prev_line = line - end - final_stream << ' ] }' if in_shard_list == 1 - final_stream << ' ] }' - output = final_stream.join("\n") - end - - #Hack to avoid non-json empty sets - output = "{}" if output == "null\n" - output.gsub!(/\s*/, '') - JSON.parse(output) - end -end diff --git a/mongodb/lib/puppet/provider/mongodb_user/mongodb.rb b/mongodb/lib/puppet/provider/mongodb_user/mongodb.rb deleted file mode 100644 index e8c33dc2b..000000000 --- a/mongodb/lib/puppet/provider/mongodb_user/mongodb.rb +++ /dev/null @@ -1,160 +0,0 @@ -require File.expand_path(File.join(File.dirname(__FILE__), '..', 'mongodb')) -Puppet::Type.type(:mongodb_user).provide(:mongodb, :parent => Puppet::Provider::Mongodb) do - - desc "Manage users for a MongoDB database." - - defaultfor :kernel => 'Linux' - - def self.instances - require 'json' - - if db_ismaster - if mongo_24? - dbs = JSON.parse mongo_eval('printjson(db.getMongo().getDBs()["databases"].map(function(db){return db["name"]}))') || 'admin' - - allusers = [] - - dbs.each do |db| - users = JSON.parse mongo_eval('printjson(db.system.users.find().toArray())', db) - - allusers += users.collect do |user| - new(:name => user['_id'], - :ensure => :present, - :username => user['user'], - :database => db, - :roles => user['roles'].sort, - :password_hash => user['pwd']) - end - end - return allusers - else - users = JSON.parse mongo_eval('printjson(db.system.users.find().toArray())') - - users.collect do |user| - new(:name => user['_id'], - :ensure => :present, - :username => user['user'], - :database => user['db'], - :roles => from_roles(user['roles'], user['db']), - :password_hash => user['credentials']['MONGODB-CR']) - end - end - else - Puppet.warning 'User info is available only from master host' - return [] - end - end - - # Assign prefetched users based on username and database, not on id and name - def self.prefetch(resources) - users = instances - resources.each do |name, resource| - if provider = users.find { |user| user.username == resource[:username] and user.database == resource[:database] } - resources[name].provider = provider - end - end - end - - mk_resource_methods - - def create - if db_ismaster - if mongo_24? - user = { - :user => @resource[:username], - :pwd => @resource[:password_hash], - :roles => @resource[:roles] - } - - mongo_eval("db.addUser(#{user.to_json})", @resource[:database]) - else - cmd_json=<<-EOS.gsub(/^\s*/, '').gsub(/$\n/, '') - { - "createUser": "#{@resource[:username]}", - "pwd": "#{@resource[:password_hash]}", - "customData": {"createdBy": "Puppet Mongodb_user['#{@resource[:name]}']"}, - "roles": #{@resource[:roles].to_json}, - "digestPassword": false - } - EOS - - mongo_eval("db.runCommand(#{cmd_json})", @resource[:database]) - end - - @property_hash[:ensure] = :present - @property_hash[:username] = @resource[:username] - @property_hash[:database] = @resource[:database] - @property_hash[:password_hash] = '' - @property_hash[:roles] = @resource[:roles] - - exists? ? (return true) : (return false) - else - Puppet.warning 'User creation is available only from master host' - end - end - - - def destroy - if db_ismaster - if mongo_24? - mongo_eval("db.removeUser('#{@resource[:username]}')") - else - mongo_eval("db.dropUser('#{@resource[:username]}')") - end - else - mongo_eval("db.dropUser('#{@resource[:username]}')") - end - end - - def exists? - !(@property_hash[:ensure] == :absent or @property_hash[:ensure].nil?) - end - - def password_hash=(value) - if db_ismaster - cmd_json=<<-EOS.gsub(/^\s*/, '').gsub(/$\n/, '') - { - "updateUser": "#{@resource[:username]}", - "pwd": "#{@resource[:password_hash]}", - "digestPassword": false - } - EOS - mongo_eval("db.runCommand(#{cmd_json})", @resource[:database]) - else - Puppet.warning 'User password operations are available only from master host' - end - end - - def roles=(roles) - if db_ismaster - if mongo_24? - mongo_eval("db.system.users.update({user:'#{@resource[:username]}'}, { $set: {roles: #{@resource[:roles].to_json}}})") - else - grant = roles-@property_hash[:roles] - if grant.length > 0 - mongo_eval("db.getSiblingDB('#{@resource[:database]}').grantRolesToUser('#{@resource[:username]}', #{grant. to_json})") - end - - revoke = @property_hash[:roles]-roles - if revoke.length > 0 - mongo_eval("db.getSiblingDB('#{@resource[:database]}').revokeRolesFromUser('#{@resource[:username]}', #{revoke.to_json})") - end - end - else - Puppet.warning 'User roles operations are available only from master host' - end - end - - private - - def self.from_roles(roles, db) - roles.map do |entry| - if entry['db'] == db - entry['role'] - else - "#{entry['role']}@#{entry['db']}" - end - end.sort - end - -end diff --git a/mongodb/lib/puppet/type/mongodb_conn_validator.rb b/mongodb/lib/puppet/type/mongodb_conn_validator.rb deleted file mode 100644 index 9158ef346..000000000 --- a/mongodb/lib/puppet/type/mongodb_conn_validator.rb +++ /dev/null @@ -1,45 +0,0 @@ -Puppet::Type.newtype(:mongodb_conn_validator) do - - @doc = "Verify that a connection can be successfully established between a node - and the mongodb server. Its primary use is as a precondition to - prevent configuration changes from being applied if the mongodb - server cannot be reached, but it could potentially be used for other - purposes such as monitoring." - - ensurable do - defaultvalues - defaultto :present - end - - newparam(:name, :namevar => true) do - desc 'An arbitrary name used as the identity of the resource. It can also be the connection string to test (ie. 127.0.0.1:27017)' - end - - newparam(:server) do - desc 'An array containing DNS names or IP addresses of the server where mongodb should be running.' - defaultto '127.0.0.1' - munge do |value| - Array(value).first - end - end - - newparam(:port) do - desc 'The port that the mongodb server should be listening on.' - defaultto '27017' - end - - newparam(:timeout) do - desc 'The max number of seconds that the validator should wait before giving up and deciding that puppetdb is not running; defaults to 60 seconds.' - defaultto 60 - - validate do |value| - # This will raise an error if the string is not convertible to an integer - Integer(value) - end - - munge do |value| - Integer(value) - end - end - -end diff --git a/mongodb/lib/puppet/type/mongodb_database.rb b/mongodb/lib/puppet/type/mongodb_database.rb deleted file mode 100644 index 8be5f2e0a..000000000 --- a/mongodb/lib/puppet/type/mongodb_database.rb +++ /dev/null @@ -1,27 +0,0 @@ -Puppet::Type.newtype(:mongodb_database) do - @doc = "Manage MongoDB databases." - - ensurable - - newparam(:name, :namevar=>true) do - desc "The name of the database." - newvalues(/^\w+$/) - end - - newparam(:tries) do - desc "The maximum amount of two second tries to wait MongoDB startup." - defaultto 10 - newvalues(/^\d+$/) - munge do |value| - Integer(value) - end - end - - autorequire(:package) do - 'mongodb_client' - end - - autorequire(:service) do - 'mongodb' - end -end diff --git a/mongodb/lib/puppet/type/mongodb_replset.rb b/mongodb/lib/puppet/type/mongodb_replset.rb deleted file mode 100644 index 3717b2439..000000000 --- a/mongodb/lib/puppet/type/mongodb_replset.rb +++ /dev/null @@ -1,44 +0,0 @@ -# -# Author: François Charlier -# - -Puppet::Type.newtype(:mongodb_replset) do - @doc = "Manage a MongoDB replicaSet" - - ensurable do - defaultto :present - - newvalue(:present) do - provider.create - end - end - - newparam(:name) do - desc "The name of the replicaSet" - end - - newparam(:arbiter) do - desc "The replicaSet arbiter" - end - - newparam(:initialize_host) do - desc "Host to use for Replicaset initialization" - defaultto '127.0.0.1' - end - - newproperty(:members, :array_matching => :all) do - desc "The replicaSet members" - - def insync?(is) - is.sort == should.sort - end - end - - autorequire(:package) do - 'mongodb_client' - end - - autorequire(:service) do - 'mongodb' - end -end diff --git a/mongodb/lib/puppet/type/mongodb_shard.rb b/mongodb/lib/puppet/type/mongodb_shard.rb deleted file mode 100644 index b903a8496..000000000 --- a/mongodb/lib/puppet/type/mongodb_shard.rb +++ /dev/null @@ -1,39 +0,0 @@ -# -# Author: Emilien Macchi -# - -Puppet::Type.newtype(:mongodb_shard) do - @doc = "Manage a MongoDB Shard" - - ensurable do - defaultto :present - - newvalue(:present) do - provider.create - end - end - - newparam(:name) do - desc "The name of the shard" - end - - newproperty(:member) do - desc "The shard member" - end - - newproperty(:keys, :array_matching => :all) do - desc "The sharding keys" - - def insync?(is) - is.sort == should.sort - end - end - - autorequire(:package) do - 'mongodb_client' - end - - autorequire(:service) do - 'mongodb' - end -end diff --git a/mongodb/lib/puppet/type/mongodb_user.rb b/mongodb/lib/puppet/type/mongodb_user.rb deleted file mode 100644 index aee39efdf..000000000 --- a/mongodb/lib/puppet/type/mongodb_user.rb +++ /dev/null @@ -1,68 +0,0 @@ -Puppet::Type.newtype(:mongodb_user) do - @doc = 'Manage a MongoDB user. This includes management of users password as well as privileges.' - - ensurable - - def initialize(*args) - super - # Sort roles array before comparison. - self[:roles] = Array(self[:roles]).sort! - end - - newparam(:name, :namevar=>true) do - desc "The name of the resource." - end - - newproperty(:username) do - desc "The name of the user." - defaultto { @resource[:name] } - end - - newproperty(:database) do - desc "The user's target database." - defaultto do - fail("Parameter 'database' must be set") if provider.database == :absent - end - newvalues(/^\w+$/) - end - - newparam(:tries) do - desc "The maximum amount of two second tries to wait MongoDB startup." - defaultto 10 - newvalues(/^\d+$/) - munge do |value| - Integer(value) - end - end - - newproperty(:roles, :array_matching => :all) do - desc "The user's roles." - defaultto ['dbAdmin'] - newvalue(/^\w+$/) - - # Pretty output for arrays. - def should_to_s(value) - value.inspect - end - - def is_to_s(value) - value.inspect - end - end - - newproperty(:password_hash) do - desc "The password hash of the user. Use mongodb_password() for creating hash." - defaultto do - fail("Property 'password_hash' must be set. Use mongodb_password() for creating hash.") if provider.database == :absent - end - newvalue(/^\w+$/) - end - - autorequire(:package) do - 'mongodb_client' - end - - autorequire(:service) do - 'mongodb' - end -end diff --git a/mongodb/lib/puppet/util/mongodb_validator.rb b/mongodb/lib/puppet/util/mongodb_validator.rb deleted file mode 100644 index 58fe9429d..000000000 --- a/mongodb/lib/puppet/util/mongodb_validator.rb +++ /dev/null @@ -1,49 +0,0 @@ -require 'socket' -require 'timeout' -require 'ipaddr' -require 'uri' - -module Puppet - module Util - class MongodbValidator - attr_reader :mongodb_server - attr_reader :mongodb_port - - def initialize(mongodb_resource_name, mongodb_server, mongodb_port) - begin - # NOTE (spredzy) : By relying on the uri module - # we rely on its well tested interface to parse - # both IPv4 and IPv6 based URL with a port specified. - # Unfortunately URI needs a scheme, hence the http - # string here to make the string URI compliant. - uri = URI("http://#{mongodb_resource_name}") - @mongodb_server = IPAddr.new(uri.host).to_s - @mongodb_port = uri.port - rescue - @mongodb_server = IPAddr.new(mongodb_server).to_s - @mongodb_port = mongodb_port - end - end - - # Utility method; attempts to make an https connection to the mongodb server. - # This is abstracted out into a method so that it can be called multiple times - # for retry attempts. - # - # @return true if the connection is successful, false otherwise. - def attempt_connection - Timeout::timeout(Puppet[:configtimeout]) do - begin - TCPSocket.new(@mongodb_server, @mongodb_port).close - true - rescue Errno::ECONNREFUSED, Errno::EHOSTUNREACH => e - Puppet.debug "Unable to connect to mongodb server (#{@mongodb_server}:#{@mongodb_port}): #{e.message}" - false - end - end - rescue Timeout::Error - false - end - end - end -end - diff --git a/mongodb/manifests/client.pp b/mongodb/manifests/client.pp deleted file mode 100644 index 63a800c50..000000000 --- a/mongodb/manifests/client.pp +++ /dev/null @@ -1,18 +0,0 @@ -# Class for installing a MongoDB client shell (CLI). -# -# == Parameters -# -# [ensure] Desired ensure state of the package. Optional. -# Defaults to 'true' -# -# [package_name] Name of the package to install the client from. Default -# is repository dependent. -# -class mongodb::client ( - $ensure = $mongodb::params::package_ensure_client, - $package_name = $mongodb::params::client_package_name, -) inherits mongodb::params { - anchor { '::mongodb::client::start': } -> - class { '::mongodb::client::install': } -> - anchor { '::mongodb::client::end': } -} diff --git a/mongodb/manifests/client/install.pp b/mongodb/manifests/client/install.pp deleted file mode 100644 index f63efc1e6..000000000 --- a/mongodb/manifests/client/install.pp +++ /dev/null @@ -1,28 +0,0 @@ -# PRIVATE CLASS: do not call directly -class mongodb::client::install { - $package_ensure = $mongodb::client::ensure - $package_name = $mongodb::client::package_name - - case $package_ensure { - true: { - $my_package_ensure = 'present' - } - false: { - $my_package_ensure = 'purged' - } - 'absent': { - $my_package_ensure = 'purged' - } - default: { - $my_package_ensure = $package_ensure - } - } - - if $package_name { - package { 'mongodb_client': - ensure => $my_package_ensure, - name => $package_name, - tag => 'mongodb', - } - } -} diff --git a/mongodb/manifests/db.pp b/mongodb/manifests/db.pp deleted file mode 100644 index 3cc3eedb5..000000000 --- a/mongodb/manifests/db.pp +++ /dev/null @@ -1,43 +0,0 @@ -# == Class: mongodb::db -# -# Class for creating mongodb databases and users. -# -# == Parameters -# -# user - Database username. -# password_hash - Hashed password. Hex encoded md5 hash of "$username:mongo:$password". -# password - Plain text user password. This is UNSAFE, use 'password_hash' unstead. -# roles (default: ['dbAdmin']) - array with user roles. -# tries (default: 10) - The maximum amount of two second tries to wait MongoDB startup. -# -define mongodb::db ( - $user, - $password_hash = false, - $password = false, - $roles = ['dbAdmin'], - $tries = 10, -) { - - mongodb_database { $name: - ensure => present, - tries => $tries - } - - if $password_hash { - $hash = $password_hash - } elsif $password { - $hash = mongodb_password($user, $password) - } else { - fail("Parameter 'password_hash' or 'password' should be provided to mongodb::db.") - } - - mongodb_user { "User ${user} on db ${name}": - ensure => present, - password_hash => $hash, - username => $user, - database => $name, - roles => $roles, - require => Mongodb_database[$name], - } - -} diff --git a/mongodb/manifests/globals.pp b/mongodb/manifests/globals.pp deleted file mode 100644 index 85f418b0b..000000000 --- a/mongodb/manifests/globals.pp +++ /dev/null @@ -1,48 +0,0 @@ -# Class for setting cross-class global overrides. See README.md for more -# details. - -class mongodb::globals ( - $server_package_name = undef, - $client_package_name = undef, - $mongos_package_name = undef, - - $mongod_service_manage = undef, - $service_enable = undef, - $service_ensure = undef, - $service_name = undef, - $mongos_service_manage = undef, - $mongos_service_enable = undef, - $mongos_service_ensure = undef, - $mongos_service_status = undef, - $mongos_service_name = undef, - $service_provider = undef, - $service_status = undef, - - $user = undef, - $group = undef, - $ipv6 = undef, - $bind_ip = undef, - - $version = undef, - - $manage_package_repo = undef, - $manage_package = undef, - $repo_proxy = undef, - $proxy_username = undef, - $proxy_password = undef, - - $repo_location = undef, - $use_enterprise_repo = undef, - - $pidfilepath = undef, -) { - - # Setup of the repo only makes sense globally, so we are doing it here. - if($manage_package_repo) { - class { '::mongodb::repo': - ensure => present, - repo_location => $repo_location, - proxy => $repo_proxy, - } - } -} diff --git a/mongodb/manifests/init.pp b/mongodb/manifests/init.pp deleted file mode 100644 index 3b805945f..000000000 --- a/mongodb/manifests/init.pp +++ /dev/null @@ -1,145 +0,0 @@ -# == Class: mongodb -# -# Direct use of this class is deprecated. Please use mongodb::server -# -# Manage mongodb installations on RHEL, CentOS, Debian and Ubuntu - either -# installing from the 10Gen repo or from EPEL in the case of EL systems. -# -# === Parameters -# -# enable_10gen (default: false) - Whether or not to set up 10gen software repositories -# init (auto discovered) - override init (sysv or upstart) for Debian derivatives -# location - override apt location configuration for Debian derivatives -# packagename (auto discovered) - override the package name -# servicename (auto discovered) - override the service name -# service-enable (default: true) - Enable the service and ensure it is running -# -# === Examples -# -# To install with defaults from the distribution packages on any system: -# include mongodb -# -# To install from 10gen on a EL server -# class { 'mongodb': -# enable_10gen => true, -# } -# -# === Authors -# -# Craig Dunn -# -# === Copyright -# -# Copyright 2013 PuppetLabs -# - -class mongodb ( - # Deprecated parameters - $enable_10gen = undef, - - $init = $mongodb::params::service_provider, - $packagename = undef, - $version = undef, - $servicename = $mongodb::params::service_name, - $service_enable = true, #deprecated - $logpath = $mongodb::params::logpath, - $logappend = true, - $fork = $mongodb::params::fork, - $port = undef, - $dbpath = $mongodb::params::dbpath, - $journal = undef, - $nojournal = undef, - $smallfiles = undef, - $cpu = undef, - $noauth = undef, - $auth = undef, - $verbose = undef, - $objcheck = undef, - $quota = undef, - $oplog = undef, #deprecated it's on if replica set - $oplog_size = undef, - $nohints = undef, - $nohttpinterface = undef, - $noscripting = undef, - $notablescan = undef, - $noprealloc = undef, - $nssize = undef, - $mms_token = undef, - $mms_name = undef, - $mms_interval = undef, - $slave = undef, - $only = undef, - $master = undef, - $source = undef, - $configsvr = undef, - $shardsvr = undef, - $replset = undef, - $rest = undef, - $quiet = undef, - $slowms = undef, - $keyfile = undef, - $key = undef, - $ipv6 = undef, - $bind_ip = undef, - $pidfilepath = undef -) inherits mongodb::params { - - if $enable_10gen { - fail("Parameter enable_10gen is no longer supported. Please use class { 'mongodb::globals': manage_package_repo => true }") - } - - if $version { - fail("Parameter version is no longer supported. Please use class { 'mongodb::globals': version => VERSION }") - } - - if $oplog { - fail('Parameter is no longer supported. On replica set Oplog is enabled by default.') - } - - notify { 'An attempt has been made below to automatically apply your custom - settings to mongodb::server. Please verify this works in a safe test - environment.': } - - class { '::mongodb::server': - package_name => $packagename, - logpath => $logpath, - logappend => $logappend, - fork => $fork, - port => $port, - dbpath => $dbpath, - journal => $journal, - nojournal => $nojournal, - smallfiles => $smallfiles, - cpu => $cpu, - noauth => $noauth, - verbose => $verbose, - objcheck => $objcheck, - quota => $quota, - oplog_size => $oplog_size, - nohints => $nohints, - nohttpinterface => $nohttpinterface, - noscripting => $noscripting, - notablescan => $notablescan, - noprealloc => $noprealloc, - nssize => $nssize, - mms_token => $mms_token, - mms_name => $mms_name, - mms_interval => $mms_interval, - slave => $slave, - only => $only, - master => $master, - source => $source, - configsvr => $configsvr, - shardsvr => $shardsvr, - replset => $replset, - rest => $rest, - quiet => $quiet, - slowms => $slowms, - keyfile => $keyfile, - key => $key, - ipv6 => $ipv6, - bind_ip => $bind_ip, - pidfilepath => $pidfilepath, - } - -} diff --git a/mongodb/manifests/mongos.pp b/mongodb/manifests/mongos.pp deleted file mode 100644 index d5aa62da9..000000000 --- a/mongodb/manifests/mongos.pp +++ /dev/null @@ -1,48 +0,0 @@ -# This installs a Mongo Shard daemon. See README.md for more details. -class mongodb::mongos ( - $ensure = $mongodb::params::mongos_ensure, - $config = $mongodb::params::mongos_config, - $config_content = undef, - $configdb = $mongodb::params::mongos_configdb, - $service_manage = $mongodb::params::mongos_service_manage, - $service_provider = $mongodb::params::mongos_service_provider, - $service_name = $mongodb::params::mongos_service_name, - $service_enable = $mongodb::params::mongos_service_enable, - $service_ensure = $mongodb::params::mongos_service_ensure, - $service_status = $mongodb::params::mongos_service_status, - $package_ensure = $mongodb::params::package_ensure_mongos, - $package_name = $mongodb::params::mongos_package_name, - $unixsocketprefix = $mongodb::params::mongos_unixsocketprefix, - $pidfilepath = $mongodb::params::mongos_pidfilepath, - $logpath = $mongodb::params::mongos_logpath, - $fork = $mongodb::params::mongos_fork, - $bind_ip = undef, - $port = undef, - $restart = $mongodb::params::mongos_restart, -) inherits mongodb::params { - - if ($ensure == 'present' or $ensure == true) { - if $restart { - anchor { 'mongodb::mongos::start': }-> - class { 'mongodb::mongos::install': }-> - # If $restart is true, notify the service on config changes (~>) - class { 'mongodb::mongos::config': }~> - class { 'mongodb::mongos::service': }-> - anchor { 'mongodb::mongos::end': } - } else { - anchor { 'mongodb::mongos::start': }-> - class { 'mongodb::mongos::install': }-> - # If $restart is false, config changes won't restart the service (->) - class { 'mongodb::mongos::config': }-> - class { 'mongodb::mongos::service': }-> - anchor { 'mongodb::mongos::end': } - } - } else { - anchor { 'mongodb::mongos::start': }-> - class { '::mongodb::mongos::service': }-> - class { '::mongodb::mongos::config': }-> - class { '::mongodb::mongos::install': }-> - anchor { 'mongodb::mongos::end': } - } - -} diff --git a/mongodb/manifests/mongos/config.pp b/mongodb/manifests/mongos/config.pp deleted file mode 100644 index 1b9bc2341..000000000 --- a/mongodb/manifests/mongos/config.pp +++ /dev/null @@ -1,27 +0,0 @@ -# PRIVATE CLASS: do not call directly -class mongodb::mongos::config ( - $ensure = $mongodb::mongos::ensure, - $config = $mongodb::mongos::config, - $config_content = $mongodb::mongos::config_content, - $configdb = $mongodb::mongos::configdb, -) { - - if ($ensure == 'present' or $ensure == true) { - - #Pick which config content to use - if $config_content { - $config_content_real = $config_content - } else { - $config_content_real = template('mongodb/mongodb-shard.conf.erb') - } - - file { $config: - content => $config_content_real, - owner => 'root', - group => 'root', - mode => '0644', - } - - } - -} diff --git a/mongodb/manifests/mongos/install.pp b/mongodb/manifests/mongos/install.pp deleted file mode 100644 index e9285af71..000000000 --- a/mongodb/manifests/mongos/install.pp +++ /dev/null @@ -1,32 +0,0 @@ -# PRIVATE CLASS: do not call directly -class mongodb::mongos::install ( - $package_ensure = $mongodb::mongos::package_ensure, - $package_name = $mongodb::mongos::package_name, -) { - - case $package_ensure { - true: { - $my_package_ensure = 'present' - } - false: { - $my_package_ensure = 'absent' - } - 'absent': { - $my_package_ensure = 'absent' - } - 'purged': { - $my_package_ensure = 'purged' - } - default: { - $my_package_ensure = $package_ensure - } - } - - if !defined(Package[$package_name]) { - package { 'mongodb_mongos': - ensure => $my_package_ensure, - name => $package_name, - } - } - -} diff --git a/mongodb/manifests/mongos/service.pp b/mongodb/manifests/mongos/service.pp deleted file mode 100644 index 552fcaf5e..000000000 --- a/mongodb/manifests/mongos/service.pp +++ /dev/null @@ -1,72 +0,0 @@ -# PRIVATE CLASS: do not call directly -class mongodb::mongos::service ( - $service_manage = $mongodb::mongos::service_manage, - $service_name = $mongodb::mongos::service_name, - $service_enable = $mongodb::mongos::service_enable, - $service_ensure = $mongodb::mongos::service_ensure, - $service_status = $mongodb::mongos::service_status, - $service_provider = $mongodb::mongos::service_provider, - $bind_ip = $mongodb::mongos::bind_ip, - $port = $mongodb::mongos::port, -) { - - $service_ensure_real = $service_ensure ? { - 'absent' => false, - 'purged' => false, - 'stopped' => false, - default => true - } - - if $port { - $port_real = $port - } else { - $port_real = '27017' - } - - if $bind_ip == '0.0.0.0' { - $bind_ip_real = '127.0.0.1' - } else { - $bind_ip_real = $bind_ip - } - - if $::osfamily == 'RedHat' { - file { '/etc/sysconfig/mongos' : - ensure => file, - owner => 'root', - group => 'root', - mode => '0755', - content => 'OPTIONS="--quiet -f /etc/mongodb-shard.conf"', - before => Service['mongos'], - } - } - - file { '/etc/init.d/mongos' : - ensure => file, - content => template("mongodb/mongos/${::osfamily}/mongos.erb"), - owner => 'root', - group => 'root', - mode => '0755', - before => Service['mongos'], - } - - if $service_manage { - service { 'mongos': - ensure => $service_ensure_real, - name => $service_name, - enable => $service_enable, - provider => $service_provider, - hasstatus => true, - status => $service_status, - } - - if $service_ensure_real { - mongodb_conn_validator { 'mongos': - server => $bind_ip_real, - port => $port_real, - timeout => '240', - require => Service['mongos'], - } - } - } - -} diff --git a/mongodb/manifests/params.pp b/mongodb/manifests/params.pp deleted file mode 100644 index 7f47765b4..000000000 --- a/mongodb/manifests/params.pp +++ /dev/null @@ -1,214 +0,0 @@ -# PRIVATE CLASS: do not use directly -class mongodb::params inherits mongodb::globals { - $ensure = true - $mongos_ensure = true - $ipv6 = undef - $service_manage = pick($mongodb::globals::mongod_service_manage, true) - $service_enable = pick($mongodb::globals::service_enable, true) - $service_ensure = pick($mongodb::globals::service_ensure, 'running') - $service_status = $mongodb::globals::service_status - $restart = true - $create_admin = false - $admin_username = 'admin' - $store_creds = false - $rcfile = "${::root_home}/.mongorc.js" - - $mongos_service_manage = pick($mongodb::globals::mongos_service_manage, true) - $mongos_service_enable = pick($mongodb::globals::mongos_service_enable, true) - $mongos_service_ensure = pick($mongodb::globals::mongos_service_ensure, 'running') - $mongos_service_status = $mongodb::globals::mongos_service_status - $mongos_configdb = '127.0.0.1:27019' - $mongos_restart = true - - $manage_package = pick($mongodb::globals::manage_package, $mongodb::globals::manage_package_repo, false) - - $version = $::mongodb::globals::version - - # Amazon Linux's OS Family is 'Linux', operating system 'Amazon'. - case $::osfamily { - 'RedHat', 'Linux': { - - if $manage_package { - $user = pick($::mongodb::globals::user, 'mongod') - $group = pick($::mongodb::globals::group, 'mongod') - if ($version == undef) { - $server_package_name = pick($::mongodb::globals::server_package_name, 'mongodb-org-server') - $client_package_name = pick($::mongodb::globals::client_package_name, 'mongodb-org-shell') - $mongos_package_name = pick($::mongodb::globals::mongos_package_name, 'mongodb-org-mongos') - $package_ensure = true - $package_ensure_client = true - $package_ensure_mongos = true - } else { - # check if the version is greater than 2.6 - if $version and (versioncmp($version, '2.6.0') >= 0) { - $server_package_name = pick($::mongodb::globals::server_package_name, 'mongodb-org-server') - $client_package_name = pick($::mongodb::globals::client_package_name, 'mongodb-org-shell') - $mongos_package_name = pick($::mongodb::globals::mongos_package_name, 'mongodb-org-mongos') - $package_ensure = $version - $package_ensure_client = $version - $package_ensure_mongos = $version - } else { - $server_package_name = pick($::mongodb::globals::server_package_name, 'mongodb-10gen') - $client_package_name = pick($::mongodb::globals::client_package_name, 'mongodb-10gen') - $mongos_package_name = pick($::mongodb::globals::mongos_package_name, 'mongodb-10gen') - $package_ensure = $version - $package_ensure_client = $version #this is still needed in case they are only installing the client - $package_ensure_mongos = $version - } - } - $service_name = pick($::mongodb::globals::service_name, 'mongod') - $mongos_service_name = pick($::mongodb::globals::mongos_service_name, 'mongos') - $config = '/etc/mongod.conf' - $mongos_config = '/etc/mongodb-shard.conf' - $dbpath = '/var/lib/mongodb' - $logpath = '/var/log/mongodb/mongod.log' - $pidfilepath = '/var/run/mongodb/mongod.pid' - $bind_ip = pick($::mongodb::globals::bind_ip, ['127.0.0.1']) - $fork = true - $mongos_pidfilepath = undef - $mongos_unixsocketprefix = undef - $mongos_logpath = undef - $mongos_fork = undef - } else { - # RedHat/CentOS doesn't come with a prepacked mongodb - # so we assume that you are using EPEL repository. - if ($version == undef) { - $package_ensure = true - $package_ensure_client = true - $package_ensure_mongos = true - } else { - $package_ensure = $version - $package_ensure_client = $version - $package_ensure_mongos = $version - } - $user = pick($::mongodb::globals::user, 'mongodb') - $group = pick($::mongodb::globals::group, 'mongodb') - $server_package_name = pick($::mongodb::globals::server_package_name, 'mongodb-server') - $client_package_name = pick($::mongodb::globals::client_package_name, 'mongodb') - $mongos_package_name = pick($::mongodb::globals::mongos_package_name, 'mongodb-server') - $service_name = pick($::mongodb::globals::service_name, 'mongod') - $dbpath = '/var/lib/mongodb' - $logpath = '/var/log/mongodb/mongodb.log' - $bind_ip = pick($::mongodb::globals::bind_ip, ['127.0.0.1']) - if ($::operatingsystem == 'fedora' and versioncmp($::operatingsystemrelease, '22') >= 0 or - $::operatingsystem != 'fedora' and versioncmp($::operatingsystemrelease, '7.0') >= 0) { - $config = '/etc/mongod.conf' - $mongos_config = '/etc/mongos.conf' - $pidfilepath = '/var/run/mongodb/mongod.pid' - $mongos_pidfilepath = '/var/run/mongodb/mongos.pid' - $mongos_unixsocketprefix = '/var/run/mongodb' - $mongos_logpath = '/var/log/mongodb/mongodb-shard.log' - $mongos_fork = true - } else { - $config = '/etc/mongodb.conf' - $mongos_config = '/etc/mongodb-shard.conf' - $pidfilepath = '/var/run/mongodb/mongodb.pid' - $mongos_pidfilepath = undef - $mongos_unixsocketprefix = undef - $mongos_logpath = undef - $mongos_fork = undef - } - $fork = true - $journal = true - } - } - 'Debian': { - if $manage_package { - $user = pick($::mongodb::globals::user, 'mongodb') - $group = pick($::mongodb::globals::group, 'mongodb') - if ($version == undef) { - $server_package_name = pick($::mongodb::globals::server_package_name, 'mongodb-org-server') - $client_package_name = pick($::mongodb::globals::client_package_name, 'mongodb-org-shell') - $mongos_package_name = pick($::mongodb::globals::mongos_package_name, 'mongodb-org-mongos') - $package_ensure = true - $package_ensure_client = true - $package_ensure_mongos = true - $service_name = pick($::mongodb::globals::service_name, 'mongod') - $config = '/etc/mongod.conf' - } else { - # check if the version is greater than 2.6 - if $version and (versioncmp($version, '2.6.0') >= 0) { - $server_package_name = pick($::mongodb::globals::server_package_name, 'mongodb-org-server') - $client_package_name = pick($::mongodb::globals::client_package_name, 'mongodb-org-shell') - $mongos_package_name = pick($::mongodb::globals::mongos_package_name, 'mongodb-org-mongos') - $package_ensure = $version - $package_ensure_client = $version - $package_ensure_mongos = $version - $service_name = pick($::mongodb::globals::service_name, 'mongod') - $config = '/etc/mongod.conf' - } else { - $server_package_name = pick($::mongodb::globals::server_package_name, 'mongodb-10gen') - $client_package_name = pick($::mongodb::globals::client_package_name, 'mongodb-10gen') - $mongos_package_name = pick($::mongodb::globals::mongos_package_name, 'mongodb-10gen') - $package_ensure = $version - $package_ensure_client = $version #this is still needed in case they are only installing the client - $service_name = pick($::mongodb::globals::service_name, 'mongodb') - $config = '/etc/mongodb.conf' - } - } - $mongos_service_name = pick($::mongodb::globals::mongos_service_name, 'mongos') - $mongos_config = '/etc/mongodb-shard.conf' - $dbpath = '/var/lib/mongodb' - $logpath = '/var/log/mongodb/mongodb.log' - $pidfilepath = '/var/run/mongod.pid' - $bind_ip = pick($::mongodb::globals::bind_ip, ['127.0.0.1']) - } else { - # although we are living in a free world, - # I would not recommend to use the prepacked - # mongodb server on Ubuntu 12.04 or Debian 6/7, - # because its really outdated - if ($version == undef) { - $package_ensure = true - $package_ensure_client = true - $package_ensure_mongos = true - } else { - $package_ensure = $version - $package_ensure_client = $version - $package_ensure_mongos = $version - } - $user = pick($::mongodb::globals::user, 'mongodb') - $group = pick($::mongodb::globals::group, 'mongodb') - $server_package_name = pick($::mongodb::globals::server_package_name, 'mongodb-server') - $client_package_name = $::mongodb::globals::client_package_name - $mongos_package_name = pick($::mongodb::globals::mongos_package_name, 'mongodb-server') - $service_name = pick($::mongodb::globals::service_name, 'mongodb') - $mongos_service_name = pick($::mongodb::globals::mongos_service_name, 'mongos') - $config = '/etc/mongodb.conf' - $mongos_config = '/etc/mongodb-shard.conf' - $dbpath = '/var/lib/mongodb' - $logpath = '/var/log/mongodb/mongodb.log' - $bind_ip = pick($::mongodb::globals::bind_ip, ['127.0.0.1']) - $pidfilepath = $::mongodb::globals::pidfilepath - } - # avoid using fork because of the init scripts design - $fork = undef - $journal = undef - $mongos_pidfilepath = undef - $mongos_unixsocketprefix = undef - $mongos_logpath = undef - $mongos_fork = undef - } - default: { - fail("Osfamily ${::osfamily} and ${::operatingsystem} is not supported") - } - } - - case $::operatingsystem { - 'Debian': { - case $::operatingsystemmajrelease { - '8': { - $service_provider = pick($service_provider, 'systemd') - } - default: { - $service_provider = pick($service_provider, 'debian') - } - } - } - 'Ubuntu': { - $service_provider = pick($service_provider, 'upstart') - } - default: { - $service_provider = undef - } - } -} diff --git a/mongodb/manifests/replset.pp b/mongodb/manifests/replset.pp deleted file mode 100644 index 0c6cc2929..000000000 --- a/mongodb/manifests/replset.pp +++ /dev/null @@ -1,15 +0,0 @@ -# Wrapper class useful for hiera based deployments - -class mongodb::replset( - $sets = undef -) { - - if $sets { - create_resources(mongodb_replset, $sets) - } - - # Order replset before any DB's and shard config - Mongodb_replset <| |> -> Mongodb_database <| |> - Mongodb_replset <| |> -> Mongodb_shard <| |> - Mongodb_replset <| |> -> Mongodb_user <| |> -} diff --git a/mongodb/manifests/repo.pp b/mongodb/manifests/repo.pp deleted file mode 100644 index aa9a99e33..000000000 --- a/mongodb/manifests/repo.pp +++ /dev/null @@ -1,58 +0,0 @@ -# PRIVATE CLASS: do not use directly -class mongodb::repo ( - $ensure = $mongodb::params::ensure, - $version = $mongodb::params::version, - $repo_location = undef, - $proxy = undef, - $proxy_username = undef, - $proxy_password = undef, -) inherits mongodb::params { - case $::osfamily { - 'RedHat', 'Linux': { - if ($repo_location != undef){ - $location = $repo_location - $description = 'MongoDB Custom Repository' - } elsif $mongodb::globals::use_enterprise_repo == true { - $location = 'https://repo.mongodb.com/yum/redhat/$releasever/mongodb-enterprise/stable/$basearch/' - $description = 'MongoDB Enterprise Repository' - } - elsif $version and (versioncmp($version, '3.0.0') >= 0) { - $mongover = split($version, '[.]') - $location = $::architecture ? { - 'x86_64' => "http://repo.mongodb.org/yum/redhat/${::operatingsystemmajrelease}/mongodb-org/${mongover[0]}.${mongover[1]}/x86_64/", - default => undef - } - } - else { - $location = $::architecture ? { - 'x86_64' => 'http://downloads-distro.mongodb.org/repo/redhat/os/x86_64/', - 'i686' => 'http://downloads-distro.mongodb.org/repo/redhat/os/i686/', - 'i386' => 'http://downloads-distro.mongodb.org/repo/redhat/os/i686/', - default => undef - } - $description = 'MongoDB/10gen Repository' - } - - class { '::mongodb::repo::yum': } - } - - 'Debian': { - if ($repo_location != undef){ - $location = $repo_location - }else{ - $location = $::operatingsystem ? { - 'Debian' => 'http://downloads-distro.mongodb.org/repo/debian-sysvinit', - 'Ubuntu' => 'http://downloads-distro.mongodb.org/repo/ubuntu-upstart', - default => undef - } - } - class { '::mongodb::repo::apt': } - } - - default: { - if($ensure == 'present' or $ensure == true) { - fail("Unsupported managed repository for osfamily: ${::osfamily}, operatingsystem: ${::operatingsystem}, module ${module_name} currently only supports managing repos for osfamily RedHat, Debian and Ubuntu") - } - } - } -} diff --git a/mongodb/manifests/repo/apt.pp b/mongodb/manifests/repo/apt.pp deleted file mode 100644 index eff08ca50..000000000 --- a/mongodb/manifests/repo/apt.pp +++ /dev/null @@ -1,25 +0,0 @@ -# PRIVATE CLASS: do not use directly -class mongodb::repo::apt inherits mongodb::repo { - # we try to follow/reproduce the instruction - # from http://docs.mongodb.org/manual/tutorial/install-mongodb-on-ubuntu/ - - include ::apt - - if($::mongodb::repo::ensure == 'present' or $::mongodb::repo::ensure == true) { - apt::source { 'mongodb': - location => $::mongodb::repo::location, - release => 'dist', - repos => '10gen', - key => '492EAFE8CD016A07919F1D2B9ECBEC467F0CEB10', - key_server => 'hkp://keyserver.ubuntu.com:80', - include_src => false, - } - - Apt::Source['mongodb']->Package<|tag == 'mongodb'|> - } - else { - apt::source { 'mongodb': - ensure => absent, - } - } -} diff --git a/mongodb/manifests/repo/yum.pp b/mongodb/manifests/repo/yum.pp deleted file mode 100644 index 6046e9a3e..000000000 --- a/mongodb/manifests/repo/yum.pp +++ /dev/null @@ -1,23 +0,0 @@ -# PRIVATE CLASS: do not use directly -class mongodb::repo::yum inherits mongodb::repo { - # We try to follow/reproduce the instruction - # http://docs.mongodb.org/manual/tutorial/install-mongodb-on-red-hat-centos-or-fedora-linux/ - - if($::mongodb::repo::ensure == 'present' or $::mongodb::repo::ensure == true) { - yumrepo { 'mongodb': - descr => $::mongodb::repo::description, - baseurl => $::mongodb::repo::location, - gpgcheck => '0', - enabled => '1', - proxy => $::mongodb::repo::proxy, - proxy_username => $::mongodb::repo::proxy_username, - proxy_password => $::mongodb::repo::proxy_password, - } - Yumrepo['mongodb'] -> Package<|tag == 'mongodb'|> - } - else { - yumrepo { 'mongodb': - enabled => absent, - } - } -} diff --git a/mongodb/manifests/server.pp b/mongodb/manifests/server.pp deleted file mode 100644 index e51668e2f..000000000 --- a/mongodb/manifests/server.pp +++ /dev/null @@ -1,175 +0,0 @@ -# This installs a MongoDB server. See README.md for more details. -class mongodb::server ( - $ensure = $mongodb::params::ensure, - - $user = $mongodb::params::user, - $group = $mongodb::params::group, - - $config = $mongodb::params::config, - $dbpath = $mongodb::params::dbpath, - $pidfilepath = $mongodb::params::pidfilepath, - $rcfile = $mongodb::params::rcfile, - - $service_manage = $mongodb::params::service_manage, - $service_provider = $mongodb::params::service_provider, - $service_name = $mongodb::params::service_name, - $service_enable = $mongodb::params::service_enable, - $service_ensure = $mongodb::params::service_ensure, - $service_status = $mongodb::params::service_status, - - $package_ensure = $mongodb::params::package_ensure, - $package_name = $mongodb::params::server_package_name, - - $logpath = $mongodb::params::logpath, - $bind_ip = $mongodb::params::bind_ip, - $ipv6 = undef, - $logappend = true, - $fork = $mongodb::params::fork, - $port = undef, - $journal = $mongodb::params::journal, - $nojournal = undef, - $smallfiles = undef, - $cpu = undef, - $auth = false, - $noauth = undef, - $verbose = undef, - $verbositylevel = undef, - $objcheck = undef, - $quota = undef, - $quotafiles = undef, - $diaglog = undef, - $directoryperdb = undef, - $profile = undef, - $maxconns = undef, - $oplog_size = undef, - $nohints = undef, - $nohttpinterface = undef, - $noscripting = undef, - $notablescan = undef, - $noprealloc = undef, - $nssize = undef, - $mms_token = undef, - $mms_name = undef, - $mms_interval = undef, - $replset = undef, - $replset_config = undef, - $replset_members = undef, - $configsvr = undef, - $shardsvr = undef, - $rest = undef, - $quiet = undef, - $slowms = undef, - $keyfile = undef, - $key = undef, - $set_parameter = undef, - $syslog = undef, - $config_content = undef, - $ssl = undef, - $ssl_key = undef, - $ssl_ca = undef, - $restart = $mongodb::params::restart, - $storage_engine = undef, - - $create_admin = $mongodb::params::create_admin, - $admin_username = $mongodb::params::admin_username, - $admin_password = undef, - $store_creds = $mongodb::params::store_creds, - $admin_roles = ['userAdmin', 'readWrite', 'dbAdmin', - 'dbAdminAnyDatabase', 'readAnyDatabase', - 'readWriteAnyDatabase', 'userAdminAnyDatabase', - 'clusterAdmin', 'clusterManager', 'clusterMonitor', - 'hostManager', 'root', 'restore'], - - # Deprecated parameters - $master = undef, - $slave = undef, - $only = undef, - $source = undef, -) inherits mongodb::params { - - - if $ssl { - validate_string($ssl_key, $ssl_ca) - } - - if ($ensure == 'present' or $ensure == true) { - if $restart { - anchor { 'mongodb::server::start': }-> - class { 'mongodb::server::install': }-> - # If $restart is true, notify the service on config changes (~>) - class { 'mongodb::server::config': }~> - class { 'mongodb::server::service': }-> - anchor { 'mongodb::server::end': } - } else { - anchor { 'mongodb::server::start': }-> - class { 'mongodb::server::install': }-> - # If $restart is false, config changes won't restart the service (->) - class { 'mongodb::server::config': }-> - class { 'mongodb::server::service': }-> - anchor { 'mongodb::server::end': } - } - } else { - anchor { 'mongodb::server::start': }-> - class { '::mongodb::server::service': }-> - class { '::mongodb::server::config': }-> - class { '::mongodb::server::install': }-> - anchor { 'mongodb::server::end': } - } - - if $create_admin { - validate_string($admin_password) - - mongodb::db { 'admin': - user => $admin_username, - password => $admin_password, - roles => $admin_roles - } - - # Make sure it runs at the correct point - Anchor['mongodb::server::end'] -> Mongodb::Db['admin'] - - # Make sure it runs before other DB creation - Mongodb::Db['admin'] -> Mongodb::Db <| title != 'admin' |> - } - - # Set-up replicasets - if $replset { - # Check that we've got either a members array or a replset_config hash - if $replset_members and $replset_config { - fail('You can provide either replset_members or replset_config, not both.') - } elsif !$replset_members and !$replset_config { - # No members or config provided. Warn about it. - warning('Replset specified, but no replset_members or replset_config provided.') - } else { - if $replset_config { - validate_hash($replset_config) - - # Copy it to REAL value - $replset_config_REAL = $replset_config - - } else { - validate_array($replset_members) - - # Build up a config hash - $replset_config_REAL = { - "${replset}" => { - 'ensure' => 'present', - 'members' => $replset_members - } - } - } - - # Wrap the replset class - class { 'mongodb::replset': - sets => $replset_config_REAL - } - Anchor['mongodb::server::end'] -> Class['mongodb::replset'] - - # Make sure that the ordering is correct - if $create_admin { - Class['mongodb::replset'] -> Mongodb::Db['admin'] - } - - } - } -} diff --git a/mongodb/manifests/server/config.pp b/mongodb/manifests/server/config.pp deleted file mode 100644 index 3b5e6e0c4..000000000 --- a/mongodb/manifests/server/config.pp +++ /dev/null @@ -1,242 +0,0 @@ -# PRIVATE CLASS: do not call directly -class mongodb::server::config { - $ensure = $mongodb::server::ensure - $user = $mongodb::server::user - $group = $mongodb::server::group - $config = $mongodb::server::config - $config_content = $mongodb::server::config_content - - $dbpath = $mongodb::server::dbpath - $pidfilepath = $mongodb::server::pidfilepath - $logpath = $mongodb::server::logpath - $logappend = $mongodb::server::logappend - $fork = $mongodb::server::fork - $port = $mongodb::server::port - $journal = $mongodb::server::journal - $nojournal = $mongodb::server::nojournal - $smallfiles = $mongodb::server::smallfiles - $cpu = $mongodb::server::cpu - $auth = $mongodb::server::auth - $noath = $mongodb::server::noauth - $create_admin = $mongodb::server::create_admin - $admin_username = $mongodb::server::admin_username - $admin_password = $mongodb::server::admin_password - $store_creds = $mongodb::server::store_creds - $rcfile = $mongodb::server::rcfile - $verbose = $mongodb::server::verbose - $verbositylevel = $mongodb::server::verbositylevel - $objcheck = $mongodb::server::objcheck - $quota = $mongodb::server::quota - $quotafiles = $mongodb::server::quotafiles - $diaglog = $mongodb::server::diaglog - $oplog_size = $mongodb::server::oplog_size - $nohints = $mongodb::server::nohints - $nohttpinterface = $mongodb::server::nohttpinterface - $noscripting = $mongodb::server::noscripting - $notablescan = $mongodb::server::notablescan - $noprealloc = $mongodb::server::noprealloc - $nssize = $mongodb::server::nssize - $mms_token = $mongodb::server::mms_token - $mms_name = $mongodb::server::mms_name - $mms_interval = $mongodb::server::mms_interval - $master = $mongodb::server::master - $slave = $mongodb::server::slave - $only = $mongodb::server::only - $source = $mongodb::server::source - $configsvr = $mongodb::server::configsvr - $shardsvr = $mongodb::server::shardsvr - $replset = $mongodb::server::replset - $rest = $mongodb::server::rest - $quiet = $mongodb::server::quiet - $slowms = $mongodb::server::slowms - $keyfile = $mongodb::server::keyfile - $key = $mongodb::server::key - $ipv6 = $mongodb::server::ipv6 - $bind_ip = $mongodb::server::bind_ip - $directoryperdb = $mongodb::server::directoryperdb - $profile = $mongodb::server::profile - $set_parameter = $mongodb::server::set_parameter - $syslog = $mongodb::server::syslog - $ssl = $mongodb::server::ssl - $ssl_key = $mongodb::server::ssl_key - $ssl_ca = $mongodb::server::ssl_ca - $storage_engine = $mongodb::server::storage_engine - $version = $mongodb::server::version - - File { - owner => $user, - group => $group, - } - - if ($logpath and $syslog) { fail('You cannot use syslog with logpath')} - - if ($ensure == 'present' or $ensure == true) { - - # Exists for future compatibility and clarity. - if $auth { - $noauth = false - } - else { - $noauth = true - } - if $keyfile and $key { - validate_string($key) - validate_re($key,'.{6}') - file { $keyfile: - content => $key, - owner => $user, - group => $group, - mode => '0400', - } - } - - if empty($storage_engine) { - $storage_engine_internal = undef - } else { - $storage_engine_internal = $storage_engine - } - - - #Pick which config content to use - if $config_content { - $cfg_content = $config_content - } elsif $version and (versioncmp($version, '2.6.0') >= 0) { - # Template uses: - # - $auth - # - $bind_ip - # - $configsvr - # - $dbpath - # - $directoryperdb - # - $fork - # - $ipv6 - # - $jounal - # - $keyfile - # - $logappend - # - $logpath - # - $maxconns - # - $nohttpinteface - # - $nojournal - # - $noprealloc - # - $noscripting - # - $nssize - # - $objcheck - # - $oplog_size - # - $pidfilepath - # - $port - # - $profile - # - $quota - # - $quotafiles - # - $replset - # - $rest - # - $set_parameter - # - $shardsvr - # - $slowms - # - $smallfiles - # - $syslog - # - $verbose - # - $verbositylevel - $cfg_content = template('mongodb/mongodb.conf.2.6.erb') - } else { - # Fall back to oldest most basic config - # Template uses: - # - $auth - # - $bind_ip - # - $configsvr - # - $cpu - # - $dbpath - # - $diaglog - # - $directoryperdb - # - $fork - # - $ipv6 - # - $jounal - # - $keyfile - # - $logappend - # - $logpath - # - $master - # - $maxconns - # - $mms_interval - # - $mms_name - # - $mms_token - # - $noauth - # - $nohints - # - $nohttpinteface - # - $nojournal - # - $noprealloc - # - $noscripting - # - $notablescan - # - $nssize - # - $objcheck - # - $only - # - $oplog_size - # - $pidfilepath - # - $port - # - $profile - # - $quiet - # - $quota - # - $quotafiles - # - $replset - # - $rest - # - $set_parameter - # - $shardsvr - # - $slave - # - $slowms - # - $smallfiles - # - $source - # - $ssl - # - $ssl_ca - # - $ssl_key - # - storage_engine_internal - # - $syslog - # - $verbose - # - $verbositylevel - $cfg_content = template('mongodb/mongodb.conf.erb') - } - - file { $config: - content => $cfg_content, - owner => 'root', - group => 'root', - mode => '0644', - } - - file { $dbpath: - ensure => directory, - mode => '0755', - owner => $user, - group => $group, - require => File[$config] - } - - if $pidfilepath { - file { $pidfilepath: - ensure => file, - mode => '0644', - owner => $user, - group => $group, - } - } - } else { - file { $dbpath: - ensure => absent, - force => true, - backup => false, - } - file { $config: - ensure => absent - } - } - - if $auth and $store_creds { - file { $rcfile: - ensure => present, - content => template('mongodb/mongorc.js.erb'), - owner => 'root', - group => 'root', - mode => '0644' - } - } else { - file { $rcfile: - ensure => absent - } - } -} diff --git a/mongodb/manifests/server/install.pp b/mongodb/manifests/server/install.pp deleted file mode 100644 index 8adc24de4..000000000 --- a/mongodb/manifests/server/install.pp +++ /dev/null @@ -1,34 +0,0 @@ -# PRIVATE CLASS: do not call directly -class mongodb::server::install { - $package_ensure = $mongodb::server::package_ensure - $package_name = $mongodb::server::package_name - - case $package_ensure { - true: { - $my_package_ensure = 'present' - $file_ensure = 'directory' - } - false: { - $my_package_ensure = 'absent' - $file_ensure = 'absent' - } - 'absent': { - $my_package_ensure = 'absent' - $file_ensure = 'absent' - } - 'purged': { - $my_package_ensure = 'purged' - $file_ensure = 'absent' - } - default: { - $my_package_ensure = $package_ensure - $file_ensure = 'present' - } - } - - package { 'mongodb_server': - ensure => $my_package_ensure, - name => $package_name, - tag => 'mongodb', - } -} diff --git a/mongodb/manifests/server/service.pp b/mongodb/manifests/server/service.pp deleted file mode 100644 index 3411b236c..000000000 --- a/mongodb/manifests/server/service.pp +++ /dev/null @@ -1,59 +0,0 @@ -# PRIVATE CLASS: do not call directly -class mongodb::server::service { - $ensure = $mongodb::server::service_ensure - $service_manage = $mongodb::server::service_manage - $service_enable = $mongodb::server::service_enable - $service_name = $mongodb::server::service_name - $service_provider = $mongodb::server::service_provider - $service_status = $mongodb::server::service_status - $bind_ip = $mongodb::server::bind_ip - $port = $mongodb::server::port - $configsvr = $mongodb::server::configsvr - $shardsvr = $mongodb::server::shardsvr - - if !$port { - if $configsvr { - $port_real = 27019 - } elsif $shardsvr { - $port_real = 27018 - } else { - $port_real = 27017 - } - } else { - $port_real = $port - } - - if $bind_ip == '0.0.0.0' { - $bind_ip_real = '127.0.0.1' - } else { - $bind_ip_real = $bind_ip - } - - $service_ensure = $ensure ? { - 'absent' => false, - 'purged' => false, - 'stopped' => false, - default => true - } - - if $service_manage { - service { 'mongodb': - ensure => $service_ensure, - name => $service_name, - enable => $service_enable, - provider => $service_provider, - hasstatus => true, - status => $service_status, - } - - if $service_ensure { - mongodb_conn_validator { 'mongodb': - server => $bind_ip_real, - port => $port_real, - timeout => '240', - require => Service['mongodb'], - } - } - } - -} diff --git a/mongodb/manifests/shardsvr.pp b/mongodb/manifests/shardsvr.pp deleted file mode 100644 index e8adbbffe..000000000 --- a/mongodb/manifests/shardsvr.pp +++ /dev/null @@ -1,11 +0,0 @@ -# Wrapper class useful for hiera based deployments - -class mongodb::shardsvr( - $shards = undef -) { - - if $shards { - create_resources(mongodb_shard, $shards) - } - -} diff --git a/mongodb/metadata.json b/mongodb/metadata.json deleted file mode 100644 index 4812fa5d4..000000000 --- a/mongodb/metadata.json +++ /dev/null @@ -1,46 +0,0 @@ -{ - "name": "puppetlabs-mongodb", - "version": "0.12.0", - "author": "puppetlabs", - "summary": "Installs MongoDB on RHEL/Ubuntu/Debian.", - "license": "Apache-2.0", - "source": "https://github.com/puppetlabs/puppetlabs-mongodb", - "project_page": "https://github.com/puppetlabs/puppetlabs-mongodb", - "issues_url": "https://tickets.puppetlabs.com/browse/MODULES", - "operatingsystem_support": [ - { - "operatingsystem": "RedHat", - "operatingsystemrelease": [ - "5", - "6", - "7" - ] - }, - { - "operatingsystem": "CentOS", - "operatingsystemrelease": [ - "5", - "6", - "7" - ] - }, - { - "operatingsystem": "Debian", - "operatingsystemrelease": [ - "6", - "7" - ] - }, - { - "operatingsystem": "Ubuntu", - "operatingsystemrelease": [ - "10.04", - "12.04" - ] - } - ], - "dependencies": [ - {"name":"puppetlabs/apt","version_requirement":">= 1.0.0 <3.0.0"}, - {"name":"puppetlabs/stdlib","version_requirement":">= 2.2.0 <5.0.0"} - ] -} diff --git a/mongodb/spec/acceptance/database_spec.rb b/mongodb/spec/acceptance/database_spec.rb deleted file mode 100644 index d5f0e1321..000000000 --- a/mongodb/spec/acceptance/database_spec.rb +++ /dev/null @@ -1,101 +0,0 @@ -require 'spec_helper_acceptance' - -describe 'mongodb_database' do - case fact('osfamily') - when 'RedHat' - version = "'2.6.6-1'" - when 'Debian' - version = "'2.6.6'" - end - shared_examples 'normal tests' do |tengen, version| - context "when manage_package_repo is #{tengen} and version is #{version}" do - describe 'creating a database' do - context 'with default port' do - after :all do - puts "XXX uninstalls mongodb because changing the port with tengen doesn't work because they have a crappy init script" - pp = <<-EOS - class {'mongodb::globals': manage_package_repo => #{tengen}, } - -> class { 'mongodb::server': - ensure => absent, - package_ensure => absent, - service_ensure => stopped, - service_enable => false - } - -> class { 'mongodb::client': ensure => absent, } - EOS - apply_manifest(pp, :catch_failures => true) - end - it 'should compile with no errors' do - pp = <<-EOS - class { 'mongodb::globals': manage_package_repo => #{tengen}, version => #{version.nil? ? 'undef' : version} } - -> class { 'mongodb::server': } - -> class { 'mongodb::client': } - -> mongodb::db { 'testdb1': - user => 'testuser', - password => 'testpass', - } - -> mongodb::db { 'testdb2': - user => 'testuser', - password => 'testpass', - } - EOS - apply_manifest(pp, :catch_failures => true) - end - pending("setting password is broken, non idempotent") do - apply_manifest(pp, :catch_changes => true) - end - it 'should create the databases' do - shell("mongo testdb1 --eval 'printjson(db.getMongo().getDBs())'") - shell("mongo testdb2 --eval 'printjson(db.getMongo().getDBs())'") - end - end - - # MODULES-878 - context 'with custom port' do - after :all do - puts "XXX uninstalls mongodb because changing the port with tengen doesn't work because they have a crappy init script" - pp = <<-EOS - class {'mongodb::globals': manage_package_repo => #{tengen}, } - -> class { 'mongodb::server': - ensure => absent, - package_ensure => absent, - service_ensure => stopped, - service_enable => false - } - -> class { 'mongodb::client': ensure => absent, } - EOS - apply_manifest(pp, :catch_failures => true) - end - it 'should work with no errors' do - pp = <<-EOS - class { 'mongodb::globals': manage_package_repo => #{tengen}, } - -> class { 'mongodb::server': port => 27018 } - -> class { 'mongodb::client': } - -> mongodb::db { 'testdb1': - user => 'testuser', - password => 'testpass', - } - -> mongodb::db { 'testdb2': - user => 'testuser', - password => 'testpass', - } - EOS - - apply_manifest(pp, :catch_failures => true) - end - pending("setting password is broken, non idempotent") do - apply_manifest(pp, :catch_changes => true) - end - it 'should create the database' do - shell("mongo testdb1 --port 27018 --eval 'printjson(db.getMongo().getDBs())'") - shell("mongo testdb2 --port 27018 --eval 'printjson(db.getMongo().getDBs())'") - end - end - end - end - end - - it_behaves_like 'normal tests', false, nil - it_behaves_like 'normal tests', true, nil # This will give a key-value config file even though the version will be 2.6 - it_behaves_like 'normal tests', true, version # This will give the YAML config file for 2.6 -end diff --git a/mongodb/spec/acceptance/mongos_spec.rb b/mongodb/spec/acceptance/mongos_spec.rb deleted file mode 100644 index cea72f127..000000000 --- a/mongodb/spec/acceptance/mongos_spec.rb +++ /dev/null @@ -1,110 +0,0 @@ -require 'spec_helper_acceptance' - -describe 'mongodb::mongos class' do - - shared_examples 'normal tests' do |tengen| - if tengen - package_name = 'mongodb-org-mongos' - else - package_name = 'mongodb-server' - end - service_name = 'mongos' - config_file = '/etc/mongodb-shard.conf' - - client_name = 'mongo --version' - - context "default parameters with 10gen => #{tengen}" do - after :all do - if tengen - puts "XXX uninstalls mongodb and mongos because changing the port with tengen doesn't work because they have a crappy init script" - pp = <<-EOS - class {'mongodb::globals': manage_package_repo => #{tengen}, } - -> class { 'mongodb::server': - ensure => absent, - package_ensure => absent, - service_ensure => stopped, - service_enable => false - } - -> class { 'mongodb::client': ensure => absent, } - -> class { 'mongodb::mongos': - ensure => absent, - package_ensure => absent, - service_ensure => stopped, - service_enable => false - } - EOS - apply_manifest(pp, :catch_failures => true) - end - end - - it 'should work with no errors' do - pp = <<-EOS - class { 'mongodb::globals': manage_package_repo => #{tengen}, - } -> class { 'mongodb::server': - configsvr => true, - } - -> class { 'mongodb::client': } - -> class { 'mongodb::mongos': - configdb => ['127.0.0.1:27019'], - } - EOS - - apply_manifest(pp, :catch_failures => true) - apply_manifest(pp, :catch_changes => true) - end - - describe package(package_name) do - it { is_expected.to be_installed } - end - - describe file(config_file) do - it { is_expected.to be_file } - end - - describe service(service_name) do - it { is_expected.to be_enabled } - it { is_expected.to be_running } - end - - describe port(27017) do - it { is_expected.to be_listening } - end - - describe port(27019) do - it { is_expected.to be_listening } - end - - describe command(client_name) do - describe '#exit_status' do - subject { super().exit_status } - it { is_expected.to eq 0 } - end - end - end - - describe "uninstalling with 10gen => #{tengen}" do - it 'uninstalls mongodb' do - pp = <<-EOS - class {'mongodb::globals': manage_package_repo => #{tengen}, } - -> class { 'mongodb::server': - ensure => absent, - package_ensure => absent, - service_ensure => stopped, - service_enable => false - } - -> class { 'mongodb::client': ensure => absent, } - -> class { 'mongodb::mongos': - ensure => absent, - package_ensure => absent, - service_ensure => stopped, - service_enable => false - } - EOS - apply_manifest(pp, :catch_failures => true) - end - end - end - - it_behaves_like 'normal tests', false - it_behaves_like 'normal tests', true -end diff --git a/mongodb/spec/acceptance/nodesets/centos-59-x64.yml b/mongodb/spec/acceptance/nodesets/centos-59-x64.yml deleted file mode 100644 index 2ad90b86a..000000000 --- a/mongodb/spec/acceptance/nodesets/centos-59-x64.yml +++ /dev/null @@ -1,10 +0,0 @@ -HOSTS: - centos-59-x64: - roles: - - master - platform: el-5-x86_64 - box : centos-59-x64-vbox4210-nocm - box_url : http://puppet-vagrant-boxes.puppetlabs.com/centos-59-x64-vbox4210-nocm.box - hypervisor : vagrant -CONFIG: - type: git diff --git a/mongodb/spec/acceptance/nodesets/centos-6-vcloud.yml b/mongodb/spec/acceptance/nodesets/centos-6-vcloud.yml deleted file mode 100644 index ae19ee77c..000000000 --- a/mongodb/spec/acceptance/nodesets/centos-6-vcloud.yml +++ /dev/null @@ -1,21 +0,0 @@ -HOSTS: - 'master': - roles: - - master - platform: el-6-x86_64 - hypervisor: vcloud - template: centos-6-x86_64 - 'slave': - roles: - - slave - platform: el-6-x86_64 - hypervisor: vcloud - template: centos-6-x86_64 -CONFIG: - type: foss - ssh: - keys: "~/.ssh/id_rsa-acceptance" - datastore: instance0 - folder: Delivery/Quality Assurance/Enterprise/Dynamic - resourcepool: delivery/Quality Assurance/Enterprise/Dynamic - pooling_api: http://vcloud.delivery.puppetlabs.net/ diff --git a/mongodb/spec/acceptance/nodesets/centos-64-x64-pe.yml b/mongodb/spec/acceptance/nodesets/centos-64-x64-pe.yml deleted file mode 100644 index 7d9242f1b..000000000 --- a/mongodb/spec/acceptance/nodesets/centos-64-x64-pe.yml +++ /dev/null @@ -1,12 +0,0 @@ -HOSTS: - centos-64-x64: - roles: - - master - - database - - dashboard - platform: el-6-x86_64 - box : centos-64-x64-vbox4210-nocm - box_url : http://puppet-vagrant-boxes.puppetlabs.com/centos-64-x64-vbox4210-nocm.box - hypervisor : vagrant -CONFIG: - type: pe diff --git a/mongodb/spec/acceptance/nodesets/centos-64-x64.yml b/mongodb/spec/acceptance/nodesets/centos-64-x64.yml deleted file mode 100644 index 05540ed8c..000000000 --- a/mongodb/spec/acceptance/nodesets/centos-64-x64.yml +++ /dev/null @@ -1,10 +0,0 @@ -HOSTS: - centos-64-x64: - roles: - - master - platform: el-6-x86_64 - box : centos-64-x64-vbox4210-nocm - box_url : http://puppet-vagrant-boxes.puppetlabs.com/centos-64-x64-vbox4210-nocm.box - hypervisor : vagrant -CONFIG: - type: foss diff --git a/mongodb/spec/acceptance/nodesets/centos-65-x64.yml b/mongodb/spec/acceptance/nodesets/centos-65-x64.yml deleted file mode 100644 index 4e2cb809e..000000000 --- a/mongodb/spec/acceptance/nodesets/centos-65-x64.yml +++ /dev/null @@ -1,10 +0,0 @@ -HOSTS: - centos-65-x64: - roles: - - master - platform: el-6-x86_64 - box : centos-65-x64-vbox436-nocm - box_url : http://puppet-vagrant-boxes.puppetlabs.com/centos-65-x64-virtualbox-nocm.box - hypervisor : vagrant -CONFIG: - type: foss diff --git a/mongodb/spec/acceptance/nodesets/centos-7-vcloud.yml b/mongodb/spec/acceptance/nodesets/centos-7-vcloud.yml deleted file mode 100644 index 1cecb6b28..000000000 --- a/mongodb/spec/acceptance/nodesets/centos-7-vcloud.yml +++ /dev/null @@ -1,15 +0,0 @@ -HOSTS: - 'centos-7-vcloud': - roles: - - master - platform: el-7-x86_64 - hypervisor: vcloud - template: centos-7-x86_64 -CONFIG: - type: foss - ssh: - keys: "~/.ssh/id_rsa-acceptance" - datastore: instance0 - folder: Delivery/Quality Assurance/Enterprise/Dynamic - resourcepool: delivery/Quality Assurance/Enterprise/Dynamic - pooling_api: http://vcloud.delivery.puppetlabs.net/ diff --git a/mongodb/spec/acceptance/nodesets/centos-7-x64.yml b/mongodb/spec/acceptance/nodesets/centos-7-x64.yml deleted file mode 100644 index 983238cfc..000000000 --- a/mongodb/spec/acceptance/nodesets/centos-7-x64.yml +++ /dev/null @@ -1,9 +0,0 @@ -HOSTS: - centos-7-x64: - roles: - - master - platform: el-7-x86_64 - box : puppetlabs/centos-7.0-64-nocm - hypervisor : vagrant -CONFIG: - type: foss diff --git a/mongodb/spec/acceptance/nodesets/debian-607-x64.yml b/mongodb/spec/acceptance/nodesets/debian-607-x64.yml deleted file mode 100644 index 4668f5f9d..000000000 --- a/mongodb/spec/acceptance/nodesets/debian-607-x64.yml +++ /dev/null @@ -1,10 +0,0 @@ -HOSTS: - debian-607-x64: - roles: - - master - platform: debian-6-amd64 - box : debian-607-x64-vbox4210-nocm - box_url : http://puppet-vagrant-boxes.puppetlabs.com/debian-607-x64-vbox4210-nocm.box - hypervisor : vagrant -CONFIG: - type: git \ No newline at end of file diff --git a/mongodb/spec/acceptance/nodesets/debian-70rc1-x64.yml b/mongodb/spec/acceptance/nodesets/debian-70rc1-x64.yml deleted file mode 100644 index 750d299eb..000000000 --- a/mongodb/spec/acceptance/nodesets/debian-70rc1-x64.yml +++ /dev/null @@ -1,10 +0,0 @@ -HOSTS: - debian-70rc1-x64: - roles: - - master - platform: debian-7-amd64 - box : debian-70rc1-x64-vbox4210-nocm - box_url : http://puppet-vagrant-boxes.puppetlabs.com/debian-70rc1-x64-vbox4210-nocm.box - hypervisor : vagrant -CONFIG: - type: git \ No newline at end of file diff --git a/mongodb/spec/acceptance/nodesets/default.yml b/mongodb/spec/acceptance/nodesets/default.yml deleted file mode 100644 index 4e2cb809e..000000000 --- a/mongodb/spec/acceptance/nodesets/default.yml +++ /dev/null @@ -1,10 +0,0 @@ -HOSTS: - centos-65-x64: - roles: - - master - platform: el-6-x86_64 - box : centos-65-x64-vbox436-nocm - box_url : http://puppet-vagrant-boxes.puppetlabs.com/centos-65-x64-virtualbox-nocm.box - hypervisor : vagrant -CONFIG: - type: foss diff --git a/mongodb/spec/acceptance/nodesets/fedora-18-x64.yml b/mongodb/spec/acceptance/nodesets/fedora-18-x64.yml deleted file mode 100644 index 136164983..000000000 --- a/mongodb/spec/acceptance/nodesets/fedora-18-x64.yml +++ /dev/null @@ -1,10 +0,0 @@ -HOSTS: - fedora-18-x64: - roles: - - master - platform: fedora-18-x86_64 - box : fedora-18-x64-vbox4210-nocm - box_url : http://puppet-vagrant-boxes.puppetlabs.com/fedora-18-x64-vbox4210-nocm.box - hypervisor : vagrant -CONFIG: - type: foss diff --git a/mongodb/spec/acceptance/nodesets/multi-centos-6-vcloud.yml b/mongodb/spec/acceptance/nodesets/multi-centos-6-vcloud.yml deleted file mode 100644 index ae19ee77c..000000000 --- a/mongodb/spec/acceptance/nodesets/multi-centos-6-vcloud.yml +++ /dev/null @@ -1,21 +0,0 @@ -HOSTS: - 'master': - roles: - - master - platform: el-6-x86_64 - hypervisor: vcloud - template: centos-6-x86_64 - 'slave': - roles: - - slave - platform: el-6-x86_64 - hypervisor: vcloud - template: centos-6-x86_64 -CONFIG: - type: foss - ssh: - keys: "~/.ssh/id_rsa-acceptance" - datastore: instance0 - folder: Delivery/Quality Assurance/Enterprise/Dynamic - resourcepool: delivery/Quality Assurance/Enterprise/Dynamic - pooling_api: http://vcloud.delivery.puppetlabs.net/ diff --git a/mongodb/spec/acceptance/nodesets/multi-centos-64-x64.yml b/mongodb/spec/acceptance/nodesets/multi-centos-64-x64.yml deleted file mode 100644 index 5bcd4779d..000000000 --- a/mongodb/spec/acceptance/nodesets/multi-centos-64-x64.yml +++ /dev/null @@ -1,17 +0,0 @@ -HOSTS: - 'master': - roles: - - master - platform: el-6-x86_64 - hypervisor : vagrant - box : centos-64-x64-vbox4210-nocm - box_url : http://puppet-vagrant-boxes.puppetlabs.com/centos-64-x64-vbox4210-nocm.box - 'slave': - roles: - - master - platform: el-6-x86_64 - hypervisor : vagrant - box : centos-64-x64-vbox4210-nocm - box_url : http://puppet-vagrant-boxes.puppetlabs.com/centos-64-x64-vbox4210-nocm.box -CONFIG: - type: foss diff --git a/mongodb/spec/acceptance/nodesets/multi-centos-7-vcloud.yml b/mongodb/spec/acceptance/nodesets/multi-centos-7-vcloud.yml deleted file mode 100644 index a7adb1674..000000000 --- a/mongodb/spec/acceptance/nodesets/multi-centos-7-vcloud.yml +++ /dev/null @@ -1,21 +0,0 @@ -HOSTS: - 'master': - roles: - - master - platform: el-7-x86_64 - hypervisor: vcloud - template: centos-7-x86_64 - 'slave': - roles: - - slave - platform: el-7-x86_64 - hypervisor: vcloud - template: centos-7-x86_64 -CONFIG: - type: foss - ssh: - keys: "~/.ssh/id_rsa-acceptance" - datastore: instance0 - folder: Delivery/Quality Assurance/Enterprise/Dynamic - resourcepool: delivery/Quality Assurance/Enterprise/Dynamic - pooling_api: http://vcloud.delivery.puppetlabs.net/ diff --git a/mongodb/spec/acceptance/nodesets/multi-centos-7-x64.yml b/mongodb/spec/acceptance/nodesets/multi-centos-7-x64.yml deleted file mode 100644 index 877ccbbad..000000000 --- a/mongodb/spec/acceptance/nodesets/multi-centos-7-x64.yml +++ /dev/null @@ -1,15 +0,0 @@ -HOSTS: - 'master': - roles: - - master - platform: el-7-x86_64 - hypervisor : vagrant - box : puppetlabs/centos-7.0-64-nocm - 'slave': - roles: - - slave - platform: el-7-x86_64 - hypervisor : vagrant - box : puppetlabs/centos-7.0-64-nocm -CONFIG: - type: foss diff --git a/mongodb/spec/acceptance/nodesets/sles-11-x64.yml b/mongodb/spec/acceptance/nodesets/sles-11-x64.yml deleted file mode 100644 index 41abe2135..000000000 --- a/mongodb/spec/acceptance/nodesets/sles-11-x64.yml +++ /dev/null @@ -1,10 +0,0 @@ -HOSTS: - sles-11-x64.local: - roles: - - master - platform: sles-11-x64 - box : sles-11sp1-x64-vbox4210-nocm - box_url : http://puppet-vagrant-boxes.puppetlabs.com/sles-11sp1-x64-vbox4210-nocm.box - hypervisor : vagrant -CONFIG: - type: foss diff --git a/mongodb/spec/acceptance/nodesets/ubuntu-server-10044-x64.yml b/mongodb/spec/acceptance/nodesets/ubuntu-server-10044-x64.yml deleted file mode 100644 index 5ca1514e4..000000000 --- a/mongodb/spec/acceptance/nodesets/ubuntu-server-10044-x64.yml +++ /dev/null @@ -1,10 +0,0 @@ -HOSTS: - ubuntu-server-10044-x64: - roles: - - master - platform: ubuntu-10.04-amd64 - box : ubuntu-server-10044-x64-vbox4210-nocm - box_url : http://puppet-vagrant-boxes.puppetlabs.com/ubuntu-server-10044-x64-vbox4210-nocm.box - hypervisor : vagrant -CONFIG: - type: foss diff --git a/mongodb/spec/acceptance/nodesets/ubuntu-server-12042-x64.yml b/mongodb/spec/acceptance/nodesets/ubuntu-server-12042-x64.yml deleted file mode 100644 index d065b304f..000000000 --- a/mongodb/spec/acceptance/nodesets/ubuntu-server-12042-x64.yml +++ /dev/null @@ -1,10 +0,0 @@ -HOSTS: - ubuntu-server-12042-x64: - roles: - - master - platform: ubuntu-12.04-amd64 - box : ubuntu-server-12042-x64-vbox4210-nocm - box_url : http://puppet-vagrant-boxes.puppetlabs.com/ubuntu-server-12042-x64-vbox4210-nocm.box - hypervisor : vagrant -CONFIG: - type: foss diff --git a/mongodb/spec/acceptance/nodesets/ubuntu-server-1404-x64.yml b/mongodb/spec/acceptance/nodesets/ubuntu-server-1404-x64.yml deleted file mode 100644 index cba1cd04c..000000000 --- a/mongodb/spec/acceptance/nodesets/ubuntu-server-1404-x64.yml +++ /dev/null @@ -1,11 +0,0 @@ -HOSTS: - ubuntu-server-1404-x64: - roles: - - master - platform: ubuntu-14.04-amd64 - box : puppetlabs/ubuntu-14.04-64-nocm - box_url : https://vagrantcloud.com/puppetlabs/ubuntu-14.04-64-nocm - hypervisor : vagrant -CONFIG: - log_level : debug - type: git diff --git a/mongodb/spec/acceptance/replset_spec.rb b/mongodb/spec/acceptance/replset_spec.rb deleted file mode 100644 index 84896706b..000000000 --- a/mongodb/spec/acceptance/replset_spec.rb +++ /dev/null @@ -1,202 +0,0 @@ -require 'spec_helper_acceptance' - -if hosts.length > 1 - describe 'mongodb_replset resource' do - after :all do - # Have to drop the DB to disable replsets for further testing - on hosts, %{mongo local --verbose --eval 'db.dropDatabase()'} - - pp = <<-EOS - class { 'mongodb::globals': } - -> class { 'mongodb::server': - ensure => absent, - package_ensure => absent, - service_ensure => stopped - } - if $::osfamily == 'RedHat' { - class { 'mongodb::client': - ensure => absent - } - } - EOS - - apply_manifest_on(hosts.reverse, pp, :catch_failures => true) - end - - it 'configures mongo on both nodes' do - pp = <<-EOS - class { 'mongodb::globals': } - -> class { 'mongodb::server': - bind_ip => '0.0.0.0', - replset => 'test', - } - if $::osfamily == 'RedHat' { - class { 'mongodb::client': } - } - EOS - - apply_manifest_on(hosts.reverse, pp, :catch_failures => true) - apply_manifest_on(hosts.reverse, pp, :catch_changes => true) - end - - it 'sets up the replset with puppet' do - pp = <<-EOS - mongodb_replset { 'test': - members => [#{hosts.collect{|x|"'#{x}:27017'"}.join(',')}], - } - EOS - apply_manifest_on(hosts_as('master'), pp, :catch_failures => true) - on(hosts_as('master'), 'mongo --quiet --eval "printjson(rs.conf())"') do |r| - expect(r.stdout).to match /#{hosts[0]}:27017/ - expect(r.stdout).to match /#{hosts[1]}:27017/ - end - end - - it 'inserts data on the master' do - sleep(30) - on hosts_as('master'), %{mongo --verbose --eval 'db.test.save({name:"test1",value:"some value"})'} - end - - it 'checks the data on the master' do - on hosts_as('master'), %{mongo --verbose --eval 'printjson(db.test.findOne({name:"test1"}))'} do |r| - expect(r.stdout).to match /some value/ - end - end - - it 'checks the data on the slave' do - sleep(10) - on hosts_as('slave'), %{mongo --verbose --eval 'rs.slaveOk(); printjson(db.test.findOne({name:"test1"}))'} do |r| - expect(r.stdout).to match /some value/ - end - end - end - - describe 'mongodb_replset resource with auth => true' do - after :all do - # Have to drop the DB to disable replsets for further testing - on hosts, %{mongo local --verbose --eval 'db.dropDatabase()'} - - pp = <<-EOS - class { 'mongodb::globals': } - -> class { 'mongodb::server': - ensure => absent, - package_ensure => absent, - service_ensure => stopped - } - if $::osfamily == 'RedHat' { - class { 'mongodb::client': - ensure => absent - } - } - EOS - - apply_manifest_on(hosts.reverse, pp, :catch_failures => true) - end - - it 'configures mongo on both nodes' do - pp = <<-EOS - class { 'mongodb::globals': - version => '2.6.9-1', - manage_package_repo => true - } -> - class { 'mongodb::server': - admin_username => 'admin', - admin_password => 'password', - auth => true, - bind_ip => '0.0.0.0', - replset => 'test', - keyfile => '/var/lib/mongodb/mongodb-keyfile', - key => '+dxlTrury7xtD0FRqFf3YWGnKqWAtlyauuemxuYuyz9POPUuX1Uj3chGU8MFMHa7 -UxASqex7NLMALQXHL+Th4T3dyb6kMZD7KiMcJObO4M+JLiX9drcTiifsDEgGMi7G -vYn3pWSm5TTDrHJw7RNWfMHw3sHk0muGQcO+0dWv3sDJ6SiU8yOKRtYcTEA15GbP -ReDZuHFy1T1qhk5NIt6pTtPGsZKSm2wAWIOa2f2IXvpeQHhjxP8aDFb3fQaCAqOD -R7hrimqq0Nickfe8RLA89iPXyadr/YeNBB7w7rySatQBzwIbBUVGNNA5cxCkwyx9 -E5of3xi7GL9xNxhQ8l0JEpofd4H0y0TOfFDIEjc7cOnYlKAHzBgog4OcFSILgUaF -kHuTMtv0pj+MMkW2HkeXETNII9XE1+JiZgHY08G7yFEJy87ttUoeKmpbI6spFz5U -4K0amj+N6SOwXaS8uwp6kCqay0ERJLnw+7dKNKZIZdGCrrBxcZ7wmR/wLYrxvHhZ -QpeXTxgD5ebwCR0cf3Xnb5ql5G/HHKZDq8LTFHwELNh23URGPY7K7uK+IF6jSEhq -V2H3HnWV9teuuJ5he9BB/pLnyfjft6KUUqE9HbaGlX0f3YBk/0T3S2ESN4jnfRTQ -ysAKvQ6NasXkzqXktu8X4fS5QNqrFyqKBZSWxttfJBKXnT0TxamCKLRx4AgQglYo -3KRoyfxXx6G+AjP1frDJxFAFEIgEFqRk/FFuT/y9LpU+3cXYX1Gt6wEatgmnBM3K -g+Bybk5qHv1b7M8Tv9/I/BRXcpLHeIkMICMY8sVPGmP8xzL1L3i0cws8p5h0zPBa -YG/QX0BmltAni8owgymFuyJgvr/gaRX4WHbKFD+9nKpqJ3ocuVNuCDsxDqLsJEME -nc1ohyB0lNt8lHf1U00mtgDSV3fwo5LkwhRi6d+bDBTL/C6MZETMLdyCqDlTdUWG -YXIsJ0gYcu9XG3mx10LbdPJvxSMg' - - } - if $::osfamily == 'RedHat' { - include mongodb::client - } - EOS - - apply_manifest_on(hosts.reverse, pp, :catch_failures => true) - apply_manifest_on(hosts.reverse, pp, :catch_changes => true) - end - - it 'sets up the replset with puppet' do - pp = <<-EOS - class { 'mongodb::globals': - version => '2.6.9-1', - manage_package_repo => true - } -> - class { 'mongodb::server': - create_admin => true, - admin_username => 'admin', - admin_password => 'password', - auth => true, - bind_ip => '0.0.0.0', - replset => 'test', - keyfile => '/var/lib/mongodb/mongodb-keyfile', - key => '+dxlTrury7xtD0FRqFf3YWGnKqWAtlyauuemxuYuyz9POPUuX1Uj3chGU8MFMHa7 -UxASqex7NLMALQXHL+Th4T3dyb6kMZD7KiMcJObO4M+JLiX9drcTiifsDEgGMi7G -vYn3pWSm5TTDrHJw7RNWfMHw3sHk0muGQcO+0dWv3sDJ6SiU8yOKRtYcTEA15GbP -ReDZuHFy1T1qhk5NIt6pTtPGsZKSm2wAWIOa2f2IXvpeQHhjxP8aDFb3fQaCAqOD -R7hrimqq0Nickfe8RLA89iPXyadr/YeNBB7w7rySatQBzwIbBUVGNNA5cxCkwyx9 -E5of3xi7GL9xNxhQ8l0JEpofd4H0y0TOfFDIEjc7cOnYlKAHzBgog4OcFSILgUaF -kHuTMtv0pj+MMkW2HkeXETNII9XE1+JiZgHY08G7yFEJy87ttUoeKmpbI6spFz5U -4K0amj+N6SOwXaS8uwp6kCqay0ERJLnw+7dKNKZIZdGCrrBxcZ7wmR/wLYrxvHhZ -QpeXTxgD5ebwCR0cf3Xnb5ql5G/HHKZDq8LTFHwELNh23URGPY7K7uK+IF6jSEhq -V2H3HnWV9teuuJ5he9BB/pLnyfjft6KUUqE9HbaGlX0f3YBk/0T3S2ESN4jnfRTQ -ysAKvQ6NasXkzqXktu8X4fS5QNqrFyqKBZSWxttfJBKXnT0TxamCKLRx4AgQglYo -3KRoyfxXx6G+AjP1frDJxFAFEIgEFqRk/FFuT/y9LpU+3cXYX1Gt6wEatgmnBM3K -g+Bybk5qHv1b7M8Tv9/I/BRXcpLHeIkMICMY8sVPGmP8xzL1L3i0cws8p5h0zPBa -YG/QX0BmltAni8owgymFuyJgvr/gaRX4WHbKFD+9nKpqJ3ocuVNuCDsxDqLsJEME -nc1ohyB0lNt8lHf1U00mtgDSV3fwo5LkwhRi6d+bDBTL/C6MZETMLdyCqDlTdUWG -YXIsJ0gYcu9XG3mx10LbdPJvxSMg' - } - if $::osfamily == 'RedHat' { - include mongodb::client - } - mongodb_replset { 'test': - auth_enabled => true, - members => [#{hosts.collect{|x|"'#{x}:27017'"}.join(',')}], - before => Mongodb_user['admin'] - } - EOS - apply_manifest_on(hosts_as('master'), pp, :catch_failures => true) - apply_manifest_on(hosts_as('master'), pp, :catch_changes => true) - on(hosts_as('master'), 'mongo --quiet --eval "load(\'/root/.mongorc.js\');printjson(rs.conf())"') do |r| - expect(r.stdout).to match /#{hosts[0]}:27017/ - expect(r.stdout).to match /#{hosts[1]}:27017/ - end - end - - it 'inserts data on the master' do - sleep(30) - on hosts_as('master'), %{mongo test --verbose --eval 'load("/root/.mongorc.js");db.dummyData.insert({"created_by_puppet": 1})'} - end - - it 'checks the data on the master' do - on hosts_as('master'), %{mongo test --verbose --eval 'load("/root/.mongorc.js");printjson(db.dummyData.findOne())'} do |r| - expect(r.stdout).to match /created_by_puppet/ - end - end - - it 'checks the data on the slave' do - sleep(10) - on hosts_as('slave'), %{mongo test --verbose --eval 'load("/root/.mongorc.js");rs.slaveOk();printjson(db.dummyData.findOne())'} do |r| - expect(r.stdout).to match /created_by_puppet/ - end - end - end -end diff --git a/mongodb/spec/acceptance/server_spec.rb b/mongodb/spec/acceptance/server_spec.rb deleted file mode 100644 index a8dee974e..000000000 --- a/mongodb/spec/acceptance/server_spec.rb +++ /dev/null @@ -1,235 +0,0 @@ -require 'spec_helper_acceptance' - -describe 'mongodb::server class' do - - shared_examples 'normal tests' do |tengen| - if tengen - case fact('osfamily') - when 'RedHat' - package_name = 'mongodb-org-server' - service_name = 'mongod' - config_file = '/etc/mongod.conf' - when 'Debian' - package_name = 'mongodb-org-server' - service_name = 'mongod' - config_file = '/etc/mongod.conf' - end - else - case fact('osfamily') - when 'RedHat' - package_name = 'mongodb-server' - service_name = 'mongod' - config_file = '/etc/mongodb.conf' - when 'Debian' - package_name = 'mongodb-server' - service_name = 'mongodb' - config_file = '/etc/mongodb.conf' - end - end - - client_name = 'mongo --version' - - context "default parameters with 10gen => #{tengen}" do - after :all do - if tengen - puts "XXX uninstalls mongodb because changing the port with tengen doesn't work because they have a crappy init script" - pp = <<-EOS - class {'mongodb::globals': manage_package_repo => #{tengen}, } - -> class { 'mongodb::server': - ensure => absent, - package_ensure => absent, - service_ensure => stopped, - service_enable => false - } - -> class { 'mongodb::client': ensure => absent, } - EOS - apply_manifest(pp, :catch_failures => true) - end - end - - it 'should work with no errors' do - pp = <<-EOS - class { 'mongodb::globals': manage_package_repo => #{tengen}, } - -> class { 'mongodb::server': } - -> class { 'mongodb::client': } - EOS - - apply_manifest(pp, :catch_failures => true) - apply_manifest(pp, :catch_changes => true) - end - - describe package(package_name) do - it { is_expected.to be_installed } - end - - describe file(config_file) do - it { is_expected.to be_file } - end - - describe service(service_name) do - it { is_expected.to be_enabled } - it { is_expected.to be_running } - end - - describe port(27017) do - it { is_expected.to be_listening } - end - - describe command(client_name) do - describe '#exit_status' do - subject { super().exit_status } - it { is_expected.to eq 0 } - end - end - end - - context "test using custom port and 10gen => #{tengen}" do - it 'change port to 27018' do - pp = <<-EOS - class { 'mongodb::globals': manage_package_repo => #{tengen}, } - -> class { 'mongodb::server': port => 27018, } - -> class { 'mongodb::client': } - EOS - - apply_manifest(pp, :catch_failures => true) - apply_manifest(pp, :catch_changes => true) - end - - describe port(27018) do - it { is_expected.to be_listening } - end - end - - describe "uninstalling with 10gen => #{tengen}" do - it 'uninstalls mongodb' do - pp = <<-EOS - class {'mongodb::globals': manage_package_repo => #{tengen}, } - -> class { 'mongodb::server': - ensure => absent, - package_ensure => absent, - service_ensure => stopped, - service_enable => false - } - -> class { 'mongodb::client': ensure => absent, } - EOS - apply_manifest(pp, :catch_failures => true) - end - end - end - - shared_examples 'auth tests' do |tengen| - if tengen - case fact('osfamily') - when 'RedHat' - package_name = 'mongodb-org-server' - service_name = 'mongod' - config_file = '/etc/mongod.conf' - when 'Debian' - package_name = 'mongodb-org-server' - service_name = 'mongod' - config_file = '/etc/mongod.conf' - end - else - case fact('osfamily') - when 'RedHat' - package_name = 'mongodb-server' - service_name = 'mongod' - config_file = '/etc/mongodb.conf' - when 'Debian' - package_name = 'mongodb-server' - service_name = 'mongodb' - config_file = '/etc/mongodb.conf' - end - end - - client_name = 'mongo --version' - - auth_enabled = 'mongo --quiet --eval "db.serverCmdLineOpts().code"' - admin_login = "mongo admin --quiet --eval \"load('/root/.mongorc.js');printjson(db.getUser('admin')['customData'])\"" - - context "default parameters with 10gen => #{tengen} and auth => true" do - it 'should work with no errors with authentication enabled' do - pp = <<-EOS - class { 'mongodb::globals': manage_package_repo => #{tengen}, } - -> class { 'mongodb::server': - auth => true, - create_admin => true, - store_creds => true, - admin_username => 'admin', - admin_password => 'password' - } - class { 'mongodb::client': } - EOS - - apply_manifest(pp, :catch_failures => true) - apply_manifest(pp, :catch_changes => true) - end - - describe package(package_name) do - it { is_expected.to be_installed } - end - - describe file(config_file) do - it { is_expected.to be_file } - end - - describe service(service_name) do - it { is_expected.to be_enabled } - it { is_expected.to be_running } - end - - describe port(27017) do - it { is_expected.to be_listening } - end - - describe command(auth_enabled) do - describe '#stdout' do - subject { super().stdout.strip } - it { is_expected.to eq "13" } - end - end - - describe file('/root/.mongorc.js') do - it { is_expected.to be_file } - it { is_expected.to be_owned_by 'root' } - it { is_expected.to be_grouped_into 'root' } - it { is_expected.to be_mode 644 } - it { is_expected.to contain 'db.auth(\'admin\', \'password\')' } - end - - describe command(admin_login) do - describe '#stdout' do - subject { super().stdout.strip } - it { is_expected.to match "{ \"createdBy\" : \"Puppet Mongodb_user['User admin on db admin']\" }"} - end - end - - describe command(client_name) do - describe '#exit_status' do - subject { super().exit_status } - it { is_expected.to eq 0 } - end - end - end - - describe "uninstalling with 10gen => #{tengen}" do - it 'uninstalls mongodb' do - pp = <<-EOS - class {'mongodb::globals': manage_package_repo => #{tengen}, } - -> class { 'mongodb::server': - ensure => absent, - package_ensure => absent, - service_ensure => stopped, - service_enable => false - } - -> class { 'mongodb::client': ensure => absent, } - EOS - apply_manifest(pp, :catch_failures => true) - end - end - end - - it_behaves_like 'normal tests', false - it_behaves_like 'normal tests', true - it_behaves_like 'auth tests', true -end diff --git a/mongodb/spec/acceptance/sharding_spec.rb b/mongodb/spec/acceptance/sharding_spec.rb deleted file mode 100644 index c51f2f2a4..000000000 --- a/mongodb/spec/acceptance/sharding_spec.rb +++ /dev/null @@ -1,55 +0,0 @@ -require 'spec_helper_acceptance' - -if hosts.length > 1 - describe 'mongodb_shard resource' do - - it 'configures the shard server' do - pp = <<-EOS - class { 'mongodb::globals': } - -> class { 'mongodb::server': - bind_ip => '0.0.0.0', - replset => 'foo', - shardsvr => true, - }-> - mongodb_replset { 'foo' : - members => ["shard:27018"], - } - if $::osfamily == 'RedHat' { - class { 'mongodb::client': } - } - EOS - - apply_manifest_on(hosts_as('shard'), pp, :catch_failures => true) - apply_manifest_on(hosts_as('shard'), pp, :catch_changes => true) - end - - it 'configures the router server' do - pp = <<-EOS - class { 'mongodb::globals': } - -> class { 'mongodb::server': - bind_ip => '0.0.0.0', - configsvr => true, - } -> - class { 'mongodb::mongos' : - configdb => ["router:27019"], - } -> - exec { '/bin/sleep 20' : - } -> - mongodb_shard { 'foo': - member => 'foo/shard:27018', - keys => [{'foo.toto' => {'name' => 1}}] - } - if $::osfamily == 'RedHat' { - class { 'mongodb::client': } - } - EOS - - apply_manifest_on(hosts_as('router'), pp, :catch_failures => true) - on(hosts_as('router'), 'mongo --quiet --eval "printjson(sh.status())"') do |r| - expect(r.stdout).to match /foo\/shard:27018/ - expect(r.stdout).to match /foo\.toto/ - end - end - - end -end diff --git a/mongodb/spec/acceptance/user_spec.rb b/mongodb/spec/acceptance/user_spec.rb deleted file mode 100644 index 3e200939e..000000000 --- a/mongodb/spec/acceptance/user_spec.rb +++ /dev/null @@ -1,99 +0,0 @@ -require 'spec_helper_acceptance' - -describe 'mongodb_database' do - case fact('osfamily') - when 'RedHat' - version = "'2.6.6-1'" - when 'Debian' - version = "'2.6.6'" - end - shared_examples 'normal tests' do |version| - context "when version is #{version.nil? ? 'nil' : version}" do - describe 'creating a database' do - context 'with default port' do - after :all do - puts "XXX uninstalls mongodb because changing the port with tengen doesn't work because they have a crappy init script" - pp = <<-EOS - class {'mongodb::globals': manage_package_repo => true, } - -> class { 'mongodb::server': - ensure => absent, - package_ensure => absent, - service_ensure => stopped, - service_enable => false - } - -> class { 'mongodb::client': ensure => absent, } - EOS - apply_manifest(pp, :catch_failures => true) - end - it 'should compile with no errors' do - pp = <<-EOS - class { 'mongodb::globals': manage_package_repo => true, version => #{version.nil? ? 'undef' : version} } - -> class { 'mongodb::server': } - -> class { 'mongodb::client': } - -> mongodb_database { 'testdb': ensure => present } - -> - mongodb_user {'testuser': - ensure => present, - password_hash => mongodb_password('testuser', 'passw0rd'), - database => 'testdb', - } - EOS - - apply_manifest(pp, :catch_failures => true) - apply_manifest(pp, :catch_changes => true) - end - - it 'should create the user' do - shell("mongo testdb --quiet --eval 'db.auth(\"testuser\",\"passw0rd\")'") do |r| - expect(r.stdout.chomp).to eq("1") - end - end - end - - # MODULES-878 - context 'with custom port' do - after :all do - puts "XXX uninstalls mongodb because changing the port with tengen doesn't work because they have a crappy init script" - pp = <<-EOS - class {'mongodb::globals': manage_package_repo => true, } - -> class { 'mongodb::server': - ensure => absent, - package_ensure => absent, - service_ensure => stopped, - service_enable => false - } - -> class { 'mongodb::client': ensure => absent, } - EOS - apply_manifest(pp, :catch_failures => true) - end - it 'should work with no errors' do - pp = <<-EOS - class { 'mongodb::globals': manage_package_repo => true, } - -> class { 'mongodb::server': port => 27018 } - -> class { 'mongodb::client': } - -> mongodb_database { 'testdb': ensure => present } - -> - mongodb_user {'testuser': - ensure => present, - password_hash => mongodb_password('testuser', 'passw0rd'), - database => 'testdb', - } - EOS - - apply_manifest(pp, :catch_failures => true) - apply_manifest(pp, :catch_changes => true) - end - - it 'should create the user' do - shell("mongo testdb --quiet --port 27018 --eval 'db.auth(\"testuser\",\"passw0rd\")'") do |r| - expect(r.stdout.chomp).to eq("1") - end - end - end - end - end - end - - it_behaves_like 'normal tests', nil # This will give a key-value config file even though the version will be 2.6 - it_behaves_like 'normal tests', version # This will give the YAML config file for 2.6 -end diff --git a/mongodb/spec/classes/client_install_spec.rb b/mongodb/spec/classes/client_install_spec.rb deleted file mode 100644 index 8f0ea9739..000000000 --- a/mongodb/spec/classes/client_install_spec.rb +++ /dev/null @@ -1,13 +0,0 @@ -require 'spec_helper' - -describe 'mongodb::client::install', :type => :class do - describe 'it should create package' do - let(:pre_condition) { ["class mongodb::client { $ensure = true $package_name = 'mongodb' }", "include mongodb::client"]} - it { - is_expected.to contain_package('mongodb_client').with({ - :ensure => 'present', - :name => 'mongodb', - }) - } - end -end diff --git a/mongodb/spec/classes/mongos_config_spec.rb b/mongodb/spec/classes/mongos_config_spec.rb deleted file mode 100644 index d99875900..000000000 --- a/mongodb/spec/classes/mongos_config_spec.rb +++ /dev/null @@ -1,23 +0,0 @@ -require 'spec_helper' - -describe 'mongodb::mongos::config' do - - describe 'it should create mongos configuration file' do - - let :facts do - { - :osfamily => 'Debian', - :operatingsystem => 'Debian', - } - end - - let :pre_condition do - "class { 'mongodb::mongos': }" - end - - it { - is_expected.to contain_file('/etc/mongodb-shard.conf') - } - end - -end diff --git a/mongodb/spec/classes/mongos_install_spec.rb b/mongodb/spec/classes/mongos_install_spec.rb deleted file mode 100644 index 74104082c..000000000 --- a/mongodb/spec/classes/mongos_install_spec.rb +++ /dev/null @@ -1,29 +0,0 @@ -require 'spec_helper' - -describe 'mongodb::mongos::install', :type => :class do - - describe 'it should include package' do - - let :facts do - { - :osfamily => 'Debian', - :operatingsystem => 'Debian', - } - end - - let :pre_condition do - "class { 'mongodb::mongos': - configdb => ['127.0.0.1:27019'], - package_name => 'mongo-foo', - }" - end - - it { - is_expected.to contain_package('mongodb_mongos').with({ - :ensure => 'present', - :name => 'mongo-foo', - }) - } - end - -end diff --git a/mongodb/spec/classes/mongos_service_spec.rb b/mongodb/spec/classes/mongos_service_spec.rb deleted file mode 100644 index 41730d0c8..000000000 --- a/mongodb/spec/classes/mongos_service_spec.rb +++ /dev/null @@ -1,104 +0,0 @@ -require 'spec_helper' - -describe 'mongodb::mongos::service', :type => :class do - - context 'on Debian with service_manage set to true' do - let :facts do - { - :osfamily => 'Debian', - :operatingsystem => 'Debian', - :operatingsystemrelease => '7.0', - } - end - - let :pre_condition do - "class { 'mongodb::mongos': - configdb => ['127.0.0.1:27019'], - }" - end - - describe 'include init script' do - it { is_expected.to contain_file('/etc/init.d/mongos') } - end - - describe 'configure the mongos service' do - it { is_expected.to contain_service('mongos') } - end - - end - - context 'on Debian with service_manage set to false' do - let :facts do - { - :osfamily => 'Debian', - :operatingsystem => 'Debian', - :operatingsystemrelease => '7.0', - } - end - - let :pre_condition do - "class { 'mongodb::mongos': - configdb => ['127.0.0.1:27019'], - service_manage => false, - }" - end - - describe 'configure the mongos service' do - it { should_not contain_service('mongos') } - end - - end - - context 'on RedHat with service_manage set to true' do - let :facts do - { - :osfamily => 'RedHat', - :operatingsystem => 'RedHat', - :operatingsystemrelease => '7.0', - } - end - - let :pre_condition do - "class { 'mongodb::mongos': - configdb => ['127.0.0.1:27019'], - }" - end - - describe 'include mongos sysconfig file' do - it { is_expected.to contain_file('/etc/sysconfig/mongos') } - end - - describe 'include init script' do - it { is_expected.to contain_file('/etc/init.d/mongos') } - end - - describe 'configure the mongos service' do - it { is_expected.to contain_service('mongos') } - end - - end - - context 'on RedHat with service_manage set to false' do - let :facts do - { - :osfamily => 'RedHat', - :operatingsystem => 'RedHat', - :operatingsystemrelease => '7.0', - } - end - - let :pre_condition do - "class { 'mongodb::mongos': - configdb => ['127.0.0.1:27019'], - service_manage => false, - }" - end - - describe 'configure the mongos service' do - it { should_not contain_service('mongos') } - end - - end - - -end diff --git a/mongodb/spec/classes/mongos_spec.rb b/mongodb/spec/classes/mongos_spec.rb deleted file mode 100644 index 0e6d7b32c..000000000 --- a/mongodb/spec/classes/mongos_spec.rb +++ /dev/null @@ -1,30 +0,0 @@ -require 'spec_helper' - -describe 'mongodb::mongos' do - let :facts do - { - :osfamily => 'Debian', - :operatingsystem => 'Debian', - } - end - - let :params do - { - :configdb => ['127.0.0.1:27019'] - } - end - - context 'with defaults' do - it { is_expected.to contain_class('mongodb::mongos::install') } - it { is_expected.to contain_class('mongodb::mongos::config') } - it { is_expected.to contain_class('mongodb::mongos::service') } - end - - context 'when deploying on Solaris' do - let :facts do - { :osfamily => 'Solaris' } - end - it { expect { is_expected.to raise_error(Puppet::Error) } } - end - -end diff --git a/mongodb/spec/classes/repo_spec.rb b/mongodb/spec/classes/repo_spec.rb deleted file mode 100644 index 79e14a5cd..000000000 --- a/mongodb/spec/classes/repo_spec.rb +++ /dev/null @@ -1,61 +0,0 @@ -require 'spec_helper' - -describe 'mongodb::repo', :type => :class do - - context 'when deploying on Debian' do - let :facts do - { - :osfamily => 'Debian', - :operatingsystem => 'Debian', - :operatingsystemrelease => '7.0', - :lsbdistid => 'Debian', - } - end - - it { - is_expected.to contain_class('mongodb::repo::apt') - } - end - - context 'when deploying on CentOS' do - let :facts do - { - :osfamily => 'RedHat', - :operatingsystem => 'CentOS', - :operatingsystemrelease => '7.0', - } - end - - it { - is_expected.to contain_class('mongodb::repo::yum') - } - end - - context 'when yumrepo has a proxy set' do - let :facts do - { - :osfamily => 'RedHat', - :operatingsystem => 'RedHat', - :operatingsystemrelease => '7.0', - } - end - let :params do - { - :proxy => 'http://proxy-server:8080', - :proxy_username => 'proxyuser1', - :proxy_password => 'proxypassword1', - } - end - it { - is_expected.to contain_class('mongodb::repo::yum') - } - it do - should contain_yumrepo('mongodb').with({ - 'enabled' => '1', - 'proxy' => 'http://proxy-server:8080', - 'proxy_username' => 'proxyuser1', - 'proxy_password' => 'proxypassword1', - }) - end - end -end diff --git a/mongodb/spec/classes/server_config_spec.rb b/mongodb/spec/classes/server_config_spec.rb deleted file mode 100644 index e630fc12d..000000000 --- a/mongodb/spec/classes/server_config_spec.rb +++ /dev/null @@ -1,159 +0,0 @@ -require 'spec_helper' - -describe 'mongodb::server::config', :type => :class do - - describe 'with preseted variables' do - let(:pre_condition) { ["class mongodb::server { $config = '/etc/mongod.conf' $dbpath = '/var/lib/mongo' $rcfile = '/root/.mongorc.js' }", "include mongodb::server"]} - - it { - is_expected.to contain_file('/etc/mongod.conf') - } - - end - - describe 'with default values' do - let(:pre_condition) {[ "class mongodb::server { $config = '/etc/mongod.conf' $dbpath = '/var/lib/mongo' $create_admin = false $rcfile = '/root/.mongorc.js' $store_creds = true $ensure = present $user = 'mongod' $group = 'mongod' $port = 29017 $bind_ip = ['0.0.0.0'] $fork = true $logpath ='/var/log/mongo/mongod.log' $logappend = true }", "include mongodb::server" ]} - - it { - is_expected.to contain_file('/etc/mongod.conf').with({ - :mode => '0644', - :owner => 'root', - :group => 'root' - }) - - is_expected.to contain_file('/etc/mongod.conf').with_content(/^dbpath=\/var\/lib\/mongo/) - is_expected.to contain_file('/etc/mongod.conf').with_content(/bind_ip\s=\s0\.0\.0\.0/) - is_expected.to contain_file('/etc/mongod.conf').with_content(/^port = 29017$/) - is_expected.to contain_file('/etc/mongod.conf').with_content(/^logappend=true/) - is_expected.to contain_file('/etc/mongod.conf').with_content(/^logpath=\/var\/log\/mongo\/mongod\.log/) - is_expected.to contain_file('/etc/mongod.conf').with_content(/^fork=true/) - - is_expected.to contain_file('/root/.mongorc.js').with({ :ensure => 'absent' }) - } - end - - describe 'with absent ensure' do - let(:pre_condition) { ["class mongodb::server { $config = '/etc/mongod.conf' $dbpath = '/var/lib/mongo' $rcfile = '/root/.mongorc.js' $ensure = absent }", "include mongodb::server"]} - - it { - is_expected.to contain_file('/etc/mongod.conf').with({ :ensure => 'absent' }) - } - - end - - describe 'when specifying storage_engine' do - let(:pre_condition) { ["class mongodb::server { $config = '/etc/mongod.conf' $dbpath = '/var/lib/mongo' $rcfile = '/root/.monogrc.js' $ensure = present $version='3.0.3' $storage_engine = 'SomeEngine' $storage_engine_internal = 'SomeEngine' $user = 'mongod' $group = 'mongod' $port = 29017 $bind_ip = ['0.0.0.0'] $fork = true $logpath ='/var/log/mongo/mongod.log' $logappend = true}", "include mongodb::server"]} - - it { - is_expected.to contain_file('/etc/mongod.conf').with_content(/storage.engine:\sSomeEngine/) - } - end - - describe 'with specific bind_ip values and ipv6' do - let(:pre_condition) { ["class mongodb::server { $config = '/etc/mongod.conf' $dbpath = '/var/lib/mongo' $rcfile = '/root/.mongorc.js' $ensure = present $bind_ip = ['127.0.0.1', 'fd00:beef:dead:55::143'] $ipv6 = true }", "include mongodb::server"]} - - it { - is_expected.to contain_file('/etc/mongod.conf').with_content(/bind_ip\s=\s127\.0\.0\.1\,fd00:beef:dead:55::143/) - is_expected.to contain_file('/etc/mongod.conf').with_content(/ipv6=true/) - } - end - - describe 'with specific bind_ip values' do - let(:pre_condition) { ["class mongodb::server { $config = '/etc/mongod.conf' $dbpath = '/var/lib/mongo' $rcfile = '/root/.mongorc.js' $ensure = present $bind_ip = ['127.0.0.1', '10.1.1.13']}", "include mongodb::server"]} - - it { - is_expected.to contain_file('/etc/mongod.conf').with_content(/bind_ip\s=\s127\.0\.0\.1\,10\.1\.1\.13/) - } - end - - describe 'when specifying auth to true' do - let(:pre_condition) { ["class mongodb::server { $config = '/etc/mongod.conf' $auth = true $dbpath = '/var/lib/mongo' $rcfile = '/root/.mongorc.js' $ensure = present }", "include mongodb::server"]} - - it { - is_expected.to contain_file('/etc/mongod.conf').with_content(/^auth=true/) - is_expected.to contain_file('/root/.mongorc.js') - } - end - - describe 'when specifying set_parameter value' do - let(:pre_condition) { ["class mongodb::server { $config = '/etc/mongod.conf' $set_parameter = 'textSearchEnable=true' $dbpath = '/var/lib/mongo' $rcfile = '/root/.mongorc.js' $ensure = present }", "include mongodb::server"]} - - it { - is_expected.to contain_file('/etc/mongod.conf').with_content(/^setParameter = textSearchEnable=true/) - } - end - - describe 'with journal:' do - context 'on true with i686 architecture' do - let(:pre_condition) { ["class mongodb::server { $config = '/etc/mongod.conf' $dbpath = '/var/lib/mongo' $rcfile = '/root/.mongorc.js' $ensure = present $journal = true }", "include mongodb::server"]} - let (:facts) { { :architecture => 'i686' } } - - it { - is_expected.to contain_file('/etc/mongod.conf').with_content(/^journal = true/) - } - end - end - - # check nested quota and quotafiles - describe 'with quota to' do - - context 'true and without quotafiles' do - let(:pre_condition) { ["class mongodb::server { $config = '/etc/mongod.conf' $dbpath = '/var/lib/mongo' $rcfile = '/root/.mongorc.js' $ensure = present $quota = true }", "include mongodb::server"]} - it { - is_expected.to contain_file('/etc/mongod.conf').with_content(/^quota = true/) - } - end - - context 'true and with quotafiles' do - let(:pre_condition) { ["class mongodb::server { $config = '/etc/mongod.conf' $dbpath = '/var/lib/mongo' $rcfile = '/root/.mongorc.js' $ensure = present $quota = true $quotafiles = 1 }", "include mongodb::server"]} - - it { - is_expected.to contain_file('/etc/mongod.conf').with_content(/quota = true/) - is_expected.to contain_file('/etc/mongod.conf').with_content(/quotaFiles = 1/) - } - end - end - - describe 'when specifying syslog value' do - context 'it should be set to true' do - let(:pre_condition) { ["class mongodb::server { $config = '/etc/mongod.conf' $dbpath = '/var/lib/mongo' $rcfile = '/root/.mongorc.js' $ensure = present $syslog = true }", "include mongodb::server"]} - - it { - is_expected.to contain_file('/etc/mongod.conf').with_content(/^syslog = true/) - } - end - - context 'if logpath is also set an error should be raised' do - let(:pre_condition) { ["class mongodb::server { $config = '/etc/mongod.conf' $dbpath = '/var/lib/mongo' $rcfile = '/root/.mongorc.js' $ensure = present $syslog = true $logpath ='/var/log/mongo/mongod.log' }", "include mongodb::server"]} - - it { - expect { is_expected.to contain_file('/etc/mongod.conf') }.to raise_error(Puppet::Error, /You cannot use syslog with logpath/) - } - end - - end - - describe 'with store_creds' do - context 'true' do - let(:pre_condition) { ["class mongodb::server { $admin_username = 'admin' $admin_password = 'password' $auth = true $store_creds = true $config = '/etc/mongod.conf' $dbpath = '/var/lib/mongo' $rcfile = '/root/.mongorc.js' $ensure = present }", "include mongodb::server"]} - - it { - is_expected.to contain_file('/root/.mongorc.js'). - with_ensure('present'). - with_owner('root'). - with_group('root'). - with_mode('0644'). - with_content(/db.auth\('admin', 'password'\)/) - } - end - - context 'false' do - let(:pre_condition) { ["class mongodb::server { $config = '/etc/mongod.conf' $dbpath = '/var/lib/mongo' $rcfile = '/root/.mongorc.js' $ensure = present $store_creds = false }", "include mongodb::server"]} - - it { - is_expected.to contain_file('/root/.mongorc.js').with_ensure('absent') - } - end - end - -end diff --git a/mongodb/spec/classes/server_install_spec.rb b/mongodb/spec/classes/server_install_spec.rb deleted file mode 100644 index f0c41408e..000000000 --- a/mongodb/spec/classes/server_install_spec.rb +++ /dev/null @@ -1,16 +0,0 @@ -require 'spec_helper' - -describe 'mongodb::server::install', :type => :class do - - describe 'it should create package and dbpath file' do - let(:pre_condition) { ["class mongodb::server { $package_ensure = true $dbpath = '/var/lib/mongo' $user = 'mongodb' $package_name = 'mongodb-server' }", "include mongodb::server"]} - - it { - is_expected.to contain_package('mongodb_server').with({ - :ensure => 'present', - :name => 'mongodb-server', - }) - } - end - -end diff --git a/mongodb/spec/classes/server_spec.rb b/mongodb/spec/classes/server_spec.rb deleted file mode 100644 index 15f34dee1..000000000 --- a/mongodb/spec/classes/server_spec.rb +++ /dev/null @@ -1,161 +0,0 @@ -require 'spec_helper' - -describe 'mongodb::server' do - let :facts do - { - :osfamily => 'Debian', - :operatingsystem => 'Debian', - } - end - - context 'with defaults' do - it { is_expected.to compile.with_all_deps } - it { is_expected.to contain_class('mongodb::server::install'). - that_comes_before('Class[mongodb::server::config]') } - it { is_expected.to contain_class('mongodb::server::config'). - that_notifies('Class[mongodb::server::service]') } - it { is_expected.to contain_class('mongodb::server::service') } - end - - context 'with create_admin => true' do - let(:params) do - { - :create_admin => true, - :admin_username => 'admin', - :admin_password => 'password' - } - end - it { is_expected.to compile.with_all_deps } - it { is_expected.to contain_class('mongodb::server::install'). - that_comes_before('Class[mongodb::server::config]') } - it { is_expected.to contain_class('mongodb::server::config'). - that_notifies('Class[mongodb::server::service]') } - it { is_expected.to contain_class('mongodb::server::service') } - - it { - is_expected.to contain_mongodb__db('admin').with({ - 'user' => 'admin', - 'password' => 'password', - 'roles' => ["userAdmin", "readWrite", "dbAdmin", "dbAdminAnyDatabase", - "readAnyDatabase", "readWriteAnyDatabase", "userAdminAnyDatabase", - "clusterAdmin", "clusterManager", "clusterMonitor", "hostManager", - "root", "restore"] - }).that_requires('Anchor[mongodb::server::end]') - } - end - - context 'when deploying on Solaris' do - let :facts do - { :osfamily => 'Solaris' } - end - it { expect { is_expected.to raise_error(Puppet::Error) } } - end - - context 'setting nohttpinterface' do - it "isn't set when undef" do - is_expected.to_not contain_file('/etc/mongodb.conf').with_content(/nohttpinterface/) - end - context "sets nohttpinterface to true when true" do - let(:params) do - { :nohttpinterface => true, } - end - it { is_expected.to contain_file('/etc/mongodb.conf').with_content(/nohttpinterface = true/) } - end - context "sets nohttpinterface to false when false" do - let(:params) do - { :nohttpinterface => false, } - end - it { is_expected.to contain_file('/etc/mongodb.conf').with_content(/nohttpinterface = false/) } - end - context "on >= 2.6" do - let(:pre_condition) do - "class { 'mongodb::globals': version => '2.6.6', }" - end - it "isn't set when undef" do - is_expected.to_not contain_file('/etc/mongodb.conf').with_content(/net\.http\.enabled/) - end - context "sets net.http.enabled false when true" do - let(:params) do - { :nohttpinterface => true, } - end - it { is_expected.to contain_file('/etc/mongodb.conf').with_content(/net\.http\.enabled: false/) } - end - context "sets net.http.enabled true when false" do - let(:params) do - { :nohttpinterface => false, } - end - it { is_expected.to contain_file('/etc/mongodb.conf').with_content(/net\.http\.enabled: true/) } - end - end - end - - context 'when setting up replicasets' do - context 'should fail if providing both replica_sets and replset_members' do - let(:params) do - { - :replset => 'rsTest', - :replset_members => [ - 'mongo1:27017', - 'mongo2:27017', - 'mongo3:27017' - ], - :replica_sets => {} - } - end - - it { expect { is_expected.to raise_error(/Puppet::Error: You can provide either replset_members or replica_sets, not both/) } } - end - - context 'should setup using replica_sets hash' do - let(:rsConf) do - { - 'rsTest' => { - 'members' => [ - 'mongo1:27017', - 'mongo2:27017', - 'mongo3:27017', - ], - 'arbiter' => 'mongo3:27017' - } - } - end - - let(:params) do - { - :replset => 'rsTest', - :replset_config => rsConf - } - end - - it { is_expected.to contain_class('mongodb::replset').with_sets(rsConf) } - end - - context 'should setup using replset_members' do - let(:rsConf) do - { - 'rsTest' => { - 'ensure' => 'present', - 'members' => [ - 'mongo1:27017', - 'mongo2:27017', - 'mongo3:27017' - ] - } - } - end - - let(:params) do - { - :replset => 'rsTest', - :replset_members => [ - 'mongo1:27017', - 'mongo2:27017', - 'mongo3:27017' - ] - } - end - - it { is_expected.to contain_class('mongodb::replset').with_sets(rsConf) } - end - end -end diff --git a/mongodb/spec/defines/db_spec.rb b/mongodb/spec/defines/db_spec.rb deleted file mode 100644 index 4d1746b5c..000000000 --- a/mongodb/spec/defines/db_spec.rb +++ /dev/null @@ -1,40 +0,0 @@ -require 'spec_helper' - -describe 'mongodb::db', :type => :define do - let(:title) { 'testdb' } - - let(:params) { - { 'user' => 'testuser', - 'password' => 'testpass', - } - } - - it 'should contain mongodb_database with mongodb::server requirement' do - is_expected.to contain_mongodb_database('testdb') - end - - it 'should contain mongodb_user with mongodb_database requirement' do - is_expected.to contain_mongodb_user('User testuser on db testdb').with({ - 'username' => 'testuser', - 'database' => 'testdb', - 'require' => 'Mongodb_database[testdb]', - }) - end - - it 'should contain mongodb_user with proper roles' do - params.merge!({'roles' => ['testrole1', 'testrole2']}) - is_expected.to contain_mongodb_user('User testuser on db testdb')\ - .with_roles(["testrole1", "testrole2"]) - end - - it 'should prefer password_hash instead of password' do - params.merge!({'password_hash' => 'securehash'}) - is_expected.to contain_mongodb_user('User testuser on db testdb')\ - .with_password_hash('securehash') - end - - it 'should contain mongodb_database with proper tries param' do - params.merge!({'tries' => 5}) - is_expected.to contain_mongodb_database('testdb').with_tries(5) - end -end diff --git a/mongodb/spec/spec.opts b/mongodb/spec/spec.opts deleted file mode 100644 index 91cd6427e..000000000 --- a/mongodb/spec/spec.opts +++ /dev/null @@ -1,6 +0,0 @@ ---format -s ---colour ---loadby -mtime ---backtrace diff --git a/mongodb/spec/spec_helper.rb b/mongodb/spec/spec_helper.rb deleted file mode 100644 index 22d5d689f..000000000 --- a/mongodb/spec/spec_helper.rb +++ /dev/null @@ -1,8 +0,0 @@ -#This file is generated by ModuleSync, do not edit. -require 'puppetlabs_spec_helper/module_spec_helper' - -# put local configuration and setup into spec_helper_local -begin - require 'spec_helper_local' -rescue LoadError -end diff --git a/mongodb/spec/spec_helper_acceptance.rb b/mongodb/spec/spec_helper_acceptance.rb deleted file mode 100755 index 5e2af52b9..000000000 --- a/mongodb/spec/spec_helper_acceptance.rb +++ /dev/null @@ -1,44 +0,0 @@ -#! /usr/bin/env ruby -S rspec -require 'beaker-rspec' - -UNSUPPORTED_PLATFORMS = [] - -unless ENV['RS_PROVISION'] == 'no' or ENV['BEAKER_provision'] == 'no' - if hosts.first.is_pe? - install_pe - on hosts, 'mkdir -p /etc/puppetlabs/facter/facts.d' - else - install_puppet - on hosts, 'mkdir -p /etc/facter/facts.d' - on hosts, '/bin/touch /etc/puppet/hiera.yaml' - end - hosts.each do |host| - on host, "mkdir -p #{host['distmoduledir']}" - end -end - -RSpec.configure do |c| - # Project root - proj_root = File.expand_path(File.join(File.dirname(__FILE__), '..')) - - # Readable test descriptions - c.formatter = :documentation - - # Configure all nodes in nodeset - c.before :suite do - hosts.each do |host| - copy_module_to(host, :source => proj_root, :module_name => 'mongodb') - end - on hosts, 'puppet module install puppetlabs-stdlib' - on hosts, 'puppet module install puppetlabs-apt' - case fact('osfamily') - when 'RedHat' - on hosts, 'puppet module install stahnma-epel' - apply_manifest_on hosts, 'include epel' - if fact('operatingsystemrelease') =~ /^7/ - on hosts, 'yum install -y iptables-services' - end - on hosts, 'service iptables stop' - end - end -end diff --git a/mongodb/spec/spec_helper_local.rb b/mongodb/spec/spec_helper_local.rb deleted file mode 100644 index e35501c56..000000000 --- a/mongodb/spec/spec_helper_local.rb +++ /dev/null @@ -1,3 +0,0 @@ -RSpec.configure do |config| - config.mock_with :rspec -end diff --git a/mongodb/spec/spec_helper_system.rb b/mongodb/spec/spec_helper_system.rb deleted file mode 100644 index 7e2c48fb5..000000000 --- a/mongodb/spec/spec_helper_system.rb +++ /dev/null @@ -1,34 +0,0 @@ -require 'rspec-system/spec_helper' -require 'rspec-system-puppet/helpers' -require 'rspec-system-serverspec/helpers' - -include RSpecSystemPuppet::Helpers -include Serverspec::Helper::RSpecSystem -include Serverspec::Helper::DetectOS - -RSpec.configure do |c| - # Project root - proj_root = File.expand_path(File.join(File.dirname(__FILE__), '..')) - - # Enable colour - c.tty = true - - c.include RSpecSystemPuppet::Helpers - - # This is where we 'setup' the nodes before running our tests - c.before :suite do - # Install puppet - puppet_install - - # Install modules and dependencies - puppet_module_install(:source => proj_root, :module_name => 'mongodb') - shell('puppet module install puppetlabs-stdlib') - shell('puppet module install puppetlabs-apt') - - case node.facts['osfamily'] - when 'RedHat' - shell('puppet module install stahnma-epel') - puppet_apply('include epel') - end - end -end diff --git a/mongodb/spec/system/basic_spec.rb b/mongodb/spec/system/basic_spec.rb deleted file mode 100644 index 300835635..000000000 --- a/mongodb/spec/system/basic_spec.rb +++ /dev/null @@ -1,10 +0,0 @@ -require 'spec_helper_system' - -describe 'basic tests:' do - # Using puppet_apply as a subject - context puppet_apply 'notice("foo")' do - its(:stdout) { should =~ /foo/ } - its(:stderr) { should be_empty } - its(:exit_code) { should be_zero } - end -end diff --git a/mongodb/spec/system/server_10gen_spec.rb b/mongodb/spec/system/server_10gen_spec.rb deleted file mode 100644 index a9a6b86d3..000000000 --- a/mongodb/spec/system/server_10gen_spec.rb +++ /dev/null @@ -1,77 +0,0 @@ -require 'spec_helper_system' - -describe 'mongodb::server: with 10gen repo' do - - case node.facts['osfamily'] - when 'RedHat' - package_name = 'mongo-10gen-server' - service_name = 'mongod' - config_file = '/etc/mongod.conf' - when 'Debian' - package_name = 'mongodb-10gen' - service_name = 'mongodb' - config_file = '/etc/mongodb.conf' - end - - context 'default parameters' do - it 'should work with no errors' do - pp = <<-EOS - class { 'mongodb::globals': manage_package_repo => true }-> - class { 'mongodb::server': } - EOS - - puppet_apply(pp) do |r| - r.exit_code.should == 2 - r.refresh - r.exit_code.should == 0 - end - end - - describe package(package_name) do - it { should be_installed } - end - - describe file(config_file) do - it { should be_file } - end - - describe service(service_name) do - it { should be_enabled } - it { should be_running } - end - - describe port(27017) do - it do - should be_listening - end - end - end - - context 'test using custom port' do - - it 'change port to 27018' do - pp = <<-EOS - class { 'mongodb::globals': manage_package_repo => true }-> - class { 'mongodb::server': port => 27018 } - EOS - - puppet_apply(pp) do |r| - r.exit_code.should == 2 - r.refresh - r.exit_code.should == 0 - end - end - - describe port(27018) do - it { should be_listening } - end - end - - describe 'cleanup' do - it 'uninstalls mongodb' do - puppet_apply("class {'mongodb::globals': manage_package_repo => true }-> class { 'mongodb::server': ensure => false }") do |r| - r.exit_code.should_not == 1 - end - end - end -end diff --git a/mongodb/spec/system/server_distro_spec.rb b/mongodb/spec/system/server_distro_spec.rb deleted file mode 100644 index 6ed97d088..000000000 --- a/mongodb/spec/system/server_distro_spec.rb +++ /dev/null @@ -1,71 +0,0 @@ -begin -require 'spec_helper_system' - -describe 'mongodb::server:' do - - case node.facts['osfamily'] - when 'RedHat' - package_name = 'mongodb-server' - service_name = 'mongod' - config_file = '/etc/mongodb.conf' - when 'Debian' - package_name = 'mongodb-server' - service_name = 'mongodb' - config_file = '/etc/mongodb.conf' - end - - context 'default parameters' do - it 'should work with no errors' do - pp = <<-EOS - class { 'mongodb::server': } - EOS - - puppet_apply(pp) do |r| - r.exit_code.should == 2 - r.refresh - r.exit_code.should == 0 - end - end - - describe package(package_name) do - it { should be_installed } - end - - describe file(config_file) do - it { should be_file } - end - - describe service(service_name) do - it { should be_enabled } - it { should be_running } - end - - describe port(27017) do - it do - sleep(20) - should be_listening - end - end - end - - context 'test using custom port' do - it 'change port to 27018' do - pp = <<-EOS - class { 'mongodb::server': port => 27018 } - EOS - - puppet_apply(pp) do |r| - r.exit_code.should == 2 - r.refresh - r.exit_code.should == 0 - end - end - - describe port(27018) do - it { should be_listening } - end - - end -end - -end diff --git a/mongodb/spec/unit/mongodb_password_spec.rb b/mongodb/spec/unit/mongodb_password_spec.rb deleted file mode 100644 index 0b92fc308..000000000 --- a/mongodb/spec/unit/mongodb_password_spec.rb +++ /dev/null @@ -1,27 +0,0 @@ -require 'spec_helper' - -describe 'the mongodb_password function' do - before :all do - Puppet::Parser::Functions.autoloader.loadall - end - - let(:scope) { PuppetlabsSpec::PuppetInternals.scope } - - it 'should exist' do - expect(Puppet::Parser::Functions.function('mongodb_password')).to eq('function_mongodb_password') - end - - it 'should raise a ParseError if there no arguments' do - expect { scope.function_mongodb_password([]) }.to( raise_error(Puppet::ParseError)) - end - - it 'should raise a ParseError if there is more than 2 arguments' do - expect { scope.function_mongodb_password(%w(foo bar baz)) }.to( raise_error(Puppet::ParseError)) - end - - it 'should convert password into a hash' do - result = scope.function_mongodb_password(%w(user pass)) - expect(result).to(eq('e0c4a7b97d4db31f5014e9694e567d6b')) - end - -end diff --git a/mongodb/spec/unit/puppet/provider/mongodb_database/mongodb_spec.rb b/mongodb/spec/unit/puppet/provider/mongodb_database/mongodb_spec.rb deleted file mode 100644 index e8cfe9c8e..000000000 --- a/mongodb/spec/unit/puppet/provider/mongodb_database/mongodb_spec.rb +++ /dev/null @@ -1,72 +0,0 @@ -require 'spec_helper' -require 'tempfile' - -describe Puppet::Type.type(:mongodb_database).provider(:mongodb) do - - let(:raw_dbs) { - { - "databases" => [ - { - "name" => "admin", - "sizeOnDisk" => 83886080, - "empty" => false - }, { - "name" => "local", - "sizeOnDisk" => 83886080, - "empty" => false - } - ], - "totalSize" => 251658240, - "ok" => 1 - }.to_json - } - - let(:parsed_dbs) { %w(admin local) } - - let(:resource) { Puppet::Type.type(:mongodb_database).new( - { :ensure => :present, - :name => 'new_database', - :provider => described_class.name - } - )} - - let(:provider) { resource.provider } - - before :each do - tmp = Tempfile.new('test') - @mongodconffile = tmp.path - allow(provider.class).to receive(:get_mongod_conf_file).and_return(@mongodconffile) - provider.class.stubs(:mongo_eval).with('printjson(db.getMongo().getDBs())').returns(raw_dbs) - allow(provider.class).to receive(:db_ismaster).and_return(true) - end - - let(:instance) { provider.class.instances.first } - - describe 'self.instances' do - it 'returns an array of dbs' do - dbs = provider.class.instances.collect {|x| x.name } - expect(parsed_dbs).to match_array(dbs) - end - end - - describe 'create' do - it 'makes a database' do - provider.expects(:mongo_eval) - provider.create - end - end - - describe 'destroy' do - it 'removes a database' do - provider.expects(:mongo_eval) - provider.destroy - end - end - - describe 'exists?' do - it 'checks if database exists' do - instance.exists? - end - end - -end diff --git a/mongodb/spec/unit/puppet/provider/mongodb_replset/mongodb_spec.rb b/mongodb/spec/unit/puppet/provider/mongodb_replset/mongodb_spec.rb deleted file mode 100644 index b52c1249b..000000000 --- a/mongodb/spec/unit/puppet/provider/mongodb_replset/mongodb_spec.rb +++ /dev/null @@ -1,197 +0,0 @@ -# -# Authors: Emilien Macchi -# Francois Charlier -# - -require 'spec_helper' -require 'tempfile' - -describe Puppet::Type.type(:mongodb_replset).provider(:mongo) do - - valid_members = ['mongo1:27017', 'mongo2:27017', 'mongo3:27017'] - - let(:resource) { Puppet::Type.type(:mongodb_replset).new( - { :ensure => :present, - :name => 'rs_test', - :members => valid_members, - :provider => :mongo - } - )} - - let(:resources) { { 'rs_test' => resource } } - let(:provider) { described_class.new(resource) } - - describe '#create' do - before :each do - tmp = Tempfile.new('test') - @mongodconffile = tmp.path - allow(provider.class).to receive(:get_mongod_conf_file).and_return(@mongodconffile) - allow(provider.class).to receive(:mongo).and_return(< "Config now saved locally. Should come online in about a minute.", - "ok" => 1, - }) - allow(provider).to receive(:db_ismaster).and_return('{"ismaster" : true}') - provider.create - provider.flush - end - - it 'should create a replicaset with arbiter' do - allow(provider.class).to receive(:get_replset_properties) - allow(provider).to receive(:alive_members).and_return(valid_members) - allow(provider).to receive(:master_host).and_return(false) - allow(provider).to receive(:rs_arbiter).and_return('mongo3:27017') - expect(provider).to receive('rs_initiate').with("{ _id: \"rs_test\", members: [ { _id: 0, host: \"mongo1:27017\" },{ _id: 1, host: \"mongo2:27017\" },{ _id: 2, host: \"mongo3:27017\", arbiterOnly: \"true\" } ] }", "mongo1:27017").and_return({ - "info" => "Config now saved locally. Should come online in about a minute.", - "ok" => 1, - }) - allow(provider).to receive(:db_ismaster).and_return('{"ismaster" : true}') - provider.create - provider.flush - end - end - - describe '#exists?' do - before :each do - tmp = Tempfile.new('test') - @mongodconffile = tmp.path - allow(provider.class).to receive(:get_mongod_conf_file).and_return(@mongodconffile) - end - - describe 'when the replicaset does not exist' do - it 'returns false' do - allow(provider.class).to receive(:mongo_eval).and_return(< 'rs_test' }) - expect(provider).to receive('rs_add').twice.and_return({ 'ok' => 1 }) - provider.members=(valid_members) - provider.flush - end - - it 'raises an error when the master host is not available' do - allow(provider).to receive(:rs_status).and_return({ "set" => "rs_test" }) - allow(provider).to receive(:db_ismaster).and_return({ "primary" => false }) - provider.members=(valid_members) - expect { provider.flush }.to raise_error(Puppet::Error, "Can't find master host for replicaset #{resource[:name]}.") - end - - it 'raises an error when at least one member is not running with --replSet' do - allow(provider).to receive(:rs_status).and_return({ "ok" => 0, "errmsg" => "not running with --replSet" }) - provider.members=(valid_members) - expect { provider.flush }.to raise_error(Puppet::Error, /is not supposed to be part of a replicaset\.$/) - end - - it 'raises an error when at least one member is configured with another replicaset name' do - allow(provider).to receive(:rs_status).and_return({ "set" => "rs_another" }) - provider.members=(valid_members) - expect { provider.flush }.to raise_error(Puppet::Error, /is already part of another replicaset\.$/) - end - - it 'raises an error when no member is available' do - allow(provider.class).to receive(:mongo_command).and_raise(Puppet::ExecutionFailure, < :present, - :name => 'rs_test', - :member => 'rs_test/mongo1:27018', - :keys => [], - :provider => :mongo - } - ) - end - - let(:provider) { resource.provider } - let(:instance) { provider.class.instances.first } - - let(:parsed_shards) { %w(rs_test) } - - let(:raw_shards) do - { - "sharding version" => { - "_id" => 1, - "version" => 4, - "minCompatibleVersion" => 4, - "currentVersion" => 5, - "clusterId" => "ObjectId(\'548e9110f3aca177c94c5e49\')" - }, - "shards" => [ - { "_id" => "rs_test", "host" => "rs_test/mongo1:27018" } - ], - "databases" => [ - { "_id" => "admin", "partitioned" => false, "primary" => "config" }, - { "_id" => "test", "partitioned" => false, "primary" => "rs_test" }, - { "_id" => "rs_test", "partitioned" => true, "primary" => "rs_test" } - ] - } - end - - before :each do - provider.class.stubs(:mongo_command).with('sh.status()').returns(raw_shards) - end - - describe 'self.instances' do - - it 'should create a shard' do - shards = provider.class.instances.collect { |x| x.name } - expect(parsed_shards).to match_array(shards) - end - - end - - describe '#create' do - it 'makes a shard' do - provider.expects('sh_addshard').with("rs_test/mongo1:27018").returns( - { "shardAdded" => "rs_test", - "ok" => 1 } - ) - provider.expects('sh_enablesharding').with("rs_test").returns( - { "ok" => 1 } - ) - provider.create - provider.flush - end - end - - describe 'destroy' do - it 'removes a shard' do - end - end - - describe 'exists?' do - it 'checks if shard exists' do - instance.exists? - end - end - -end diff --git a/mongodb/spec/unit/puppet/provider/mongodb_user/mongodb_spec.rb b/mongodb/spec/unit/puppet/provider/mongodb_user/mongodb_spec.rb deleted file mode 100644 index 13bb6db25..000000000 --- a/mongodb/spec/unit/puppet/provider/mongodb_user/mongodb_spec.rb +++ /dev/null @@ -1,142 +0,0 @@ -require 'spec_helper' -require 'json' -require 'tempfile' - -describe Puppet::Type.type(:mongodb_user).provider(:mongodb) do - - let(:raw_users) do - [ - { '_id' => 'admin.root', 'user' => 'root', 'db' => 'admin', 'credentials' => { 'MONGODB-CR' => 'pass' }, 'roles' => [ { 'role' => 'role2', 'db' => 'admin' }, { 'role' => 'role1', 'db' => 'admin' } ] } - ].to_json - end - - let(:parsed_users) { %w(root) } - - let(:resource) { Puppet::Type.type(:mongodb_user).new( - { :ensure => :present, - :name => 'new_user', - :database => 'new_database', - :password_hash => 'pass', - :roles => ['role1', 'role2'], - :provider => described_class.name - } - )} - - let(:provider) { resource.provider } - - before :each do - tmp = Tempfile.new('test') - @mongodconffile = tmp.path - allow(provider.class).to receive(:get_mongod_conf_file).and_return(@mongodconffile) - provider.class.stubs(:mongo_eval).with('printjson(db.system.users.find().toArray())').returns(raw_users) - provider.class.stubs(:mongo_version).returns('2.6.x') - allow(provider.class).to receive(:db_ismaster).and_return(true) - end - - let(:instance) { provider.class.instances.first } - - describe 'self.instances' do - it 'returns an array of users' do - usernames = provider.class.instances.collect {|x| x.username } - expect(parsed_users).to match_array(usernames) - end - end - - describe 'empty self.instances from slave' do - it 'doesn`t retrun array of users' do - allow(provider.class).to receive(:db_ismaster).and_return(false) - expect(provider.class.instances).to match_array([]) - end - end - - - describe 'create' do - it 'creates a user' do - cmd_json=<<-EOS.gsub(/^\s*/, '').gsub(/$\n/, '') - { - "createUser": "new_user", - "pwd": "pass", - "customData": {"createdBy": "Puppet Mongodb_user['new_user']"}, - "roles": ["role1","role2"], - "digestPassword": false - } - EOS - - provider.expects(:mongo_eval).with("db.runCommand(#{cmd_json})", 'new_database') - provider.create - end - end - - describe 'destroy' do - it 'removes a user' do - provider.expects(:mongo_eval).with("db.dropUser('new_user')") - provider.destroy - end - end - - describe 'exists?' do - it 'checks if user exists' do - expect(provider.exists?).to eql false - end - end - - describe 'password_hash' do - it 'returns a password_hash' do - expect(instance.password_hash).to eq("pass") - end - end - - describe 'password_hash=' do - it 'changes a password_hash' do - cmd_json=<<-EOS.gsub(/^\s*/, '').gsub(/$\n/, '') - { - "updateUser": "new_user", - "pwd": "pass", - "digestPassword": false - } - EOS - provider.expects(:mongo_eval). - with("db.runCommand(#{cmd_json})", 'new_database') - provider.password_hash=("newpass") - end - end - - describe 'roles' do - it 'returns a sorted roles' do - expect(instance.roles).to eq(['role1', 'role2']) - end - end - - describe 'roles=' do - it 'changes nothing' do - resource.provider.set(:name => 'new_user', :ensure => :present, :roles => ['role1','role2']) - provider.expects(:mongo_eval).times(0) - provider.roles=(['role1', 'role2']) - end - - it 'grant a role' do - resource.provider.set(:name => 'new_user', :ensure => :present, :roles => ['role1','role2']) - provider.expects(:mongo_eval). - with("db.getSiblingDB('new_database').grantRolesToUser('new_user', [\"role3\"])") - provider.roles=(['role1', 'role2', 'role3']) - end - - it 'revokes a role' do - resource.provider.set(:name => 'new_user', :ensure => :present, :roles => ['role1','role2']) - provider.expects(:mongo_eval). - with("db.getSiblingDB('new_database').revokeRolesFromUser('new_user', [\"role1\"])") - provider.roles=(['role2']) - end - - it 'exchanges a role' do - resource.provider.set(:name => 'new_user', :ensure => :present, :roles => ['role1','role2']) - provider.expects(:mongo_eval). - with("db.getSiblingDB('new_database').revokeRolesFromUser('new_user', [\"role1\"])") - provider.expects(:mongo_eval). - with("db.getSiblingDB('new_database').grantRolesToUser('new_user', [\"role3\"])") - - provider.roles=(['role2', 'role3']) - end - end - -end diff --git a/mongodb/spec/unit/puppet/type/mongodb_database_spec.rb b/mongodb/spec/unit/puppet/type/mongodb_database_spec.rb deleted file mode 100644 index 693996676..000000000 --- a/mongodb/spec/unit/puppet/type/mongodb_database_spec.rb +++ /dev/null @@ -1,24 +0,0 @@ -require 'puppet' -require 'puppet/type/mongodb_database' -describe Puppet::Type.type(:mongodb_database) do - - before :each do - @db = Puppet::Type.type(:mongodb_database).new(:name => 'test') - end - - it 'should accept a database name' do - expect(@db[:name]).to eq('test') - end - - it 'should accept a tries parameter' do - @db[:tries] = 5 - expect(@db[:tries]).to eq(5) - end - - it 'should require a name' do - expect { - Puppet::Type.type(:mongodb_database).new({}) - }.to raise_error(Puppet::Error, 'Title or name must be provided') - end - -end diff --git a/mongodb/spec/unit/puppet/type/mongodb_replset_spec.rb b/mongodb/spec/unit/puppet/type/mongodb_replset_spec.rb deleted file mode 100644 index 43fb8a8e4..000000000 --- a/mongodb/spec/unit/puppet/type/mongodb_replset_spec.rb +++ /dev/null @@ -1,28 +0,0 @@ -# -# Author: Emilien Macchi -# - -require 'puppet' -require 'puppet/type/mongodb_replset' -describe Puppet::Type.type(:mongodb_replset) do - - before :each do - @replset = Puppet::Type.type(:mongodb_replset).new(:name => 'test') - end - - it 'should accept a replica set name' do - expect(@replset[:name]).to eq('test') - end - - it 'should accept a members array' do - @replset[:members] = ['mongo1:27017', 'mongo2:27017'] - expect(@replset[:members]).to eq(['mongo1:27017', 'mongo2:27017']) - end - - it 'should require a name' do - expect { - Puppet::Type.type(:mongodb_replset).new({}) - }.to raise_error(Puppet::Error, 'Title or name must be provided') - end - -end diff --git a/mongodb/spec/unit/puppet/type/mongodb_shard_spec.rb b/mongodb/spec/unit/puppet/type/mongodb_shard_spec.rb deleted file mode 100644 index 206a58fc6..000000000 --- a/mongodb/spec/unit/puppet/type/mongodb_shard_spec.rb +++ /dev/null @@ -1,29 +0,0 @@ -require 'puppet' -require 'puppet/type/mongodb_shard' -describe Puppet::Type.type(:mongodb_shard) do - - before :each do - @shard = Puppet::Type.type(:mongodb_shard).new(:name => 'test') - end - - it 'should accept a shard name' do - expect(@shard[:name]).to eq('test') - end - - it 'should accept a member' do - @shard[:member] = 'rs_test/mongo1:27017' - expect(@shard[:member]).to eq('rs_test/mongo1:27017') - end - - it 'should accept a keys array' do - @shard[:keys] = [{'foo.bar' => {'name' => 1}}] - expect(@shard[:keys]).to eq([{'foo.bar' => {'name' => 1}}]) - end - - it 'should require a name' do - expect { - Puppet::Type.type(:mongodb_shard).new({}) - }.to raise_error(Puppet::Error, 'Title or name must be provided') - end - -end diff --git a/mongodb/spec/unit/puppet/type/mongodb_user_spec.rb b/mongodb/spec/unit/puppet/type/mongodb_user_spec.rb deleted file mode 100644 index 26a8c496b..000000000 --- a/mongodb/spec/unit/puppet/type/mongodb_user_spec.rb +++ /dev/null @@ -1,67 +0,0 @@ -require 'puppet' -require 'puppet/type/mongodb_user' -describe Puppet::Type.type(:mongodb_user) do - - before :each do - @user = Puppet::Type.type(:mongodb_user).new( - :name => 'test', - :database => 'testdb', - :password_hash => 'pass') - end - - it 'should accept a user name' do - expect(@user[:name]).to eq('test') - end - - it 'should accept a database name' do - expect(@user[:database]).to eq('testdb') - end - - it 'should accept a tries parameter' do - @user[:tries] = 5 - expect(@user[:tries]).to eq(5) - end - - it 'should accept a password' do - @user[:password_hash] = 'foo' - expect(@user[:password_hash]).to eq('foo') - end - - it 'should use default role' do - expect(@user[:roles]).to eq(['dbAdmin']) - end - - it 'should accept a roles array' do - @user[:roles] = ['role1', 'role2'] - expect(@user[:roles]).to eq(['role1', 'role2']) - end - - it 'should require a name' do - expect { - Puppet::Type.type(:mongodb_user).new({}) - }.to raise_error(Puppet::Error, 'Title or name must be provided') - end - - it 'should require a database' do - expect { - Puppet::Type.type(:mongodb_user).new({:name => 'test', :password_hash => 'pass'}) - }.to raise_error(Puppet::Error, 'Parameter \'database\' must be set') - end - - it 'should require a password_hash' do - expect { - Puppet::Type.type(:mongodb_user).new({:name => 'test', :database => 'testdb'}) - }.to raise_error(Puppet::Error, 'Property \'password_hash\' must be set. Use mongodb_password() for creating hash.') - end - - it 'should sort roles' do - # Reinitialize type with explicit unsorted roles. - @user = Puppet::Type.type(:mongodb_user).new( - :name => 'test', - :database => 'testdb', - :password_hash => 'pass', - :roles => ['b', 'a']) - expect(@user[:roles]).to eq(['a', 'b']) - end - -end diff --git a/mongodb/templates/mongodb-shard.conf.erb b/mongodb/templates/mongodb-shard.conf.erb deleted file mode 100644 index 5825ddc44..000000000 --- a/mongodb/templates/mongodb-shard.conf.erb +++ /dev/null @@ -1,21 +0,0 @@ -<% if @configdb -%> -configdb = <%= Array(@configdb).join(',') %> -<% end -%> -<% if @bind_ip -%> -bind_ip = <%= @bind_ip %> -<% end -%> -<% if @port -%> -port = <%= @port %> -<% end -%> -<% if @fork -%> -fork = <%= @fork %> -<% end -%> -<% if @pidfilepath -%> -pidfilepath = <%= @pidfilepath %> -<% end -%> -<% if @logpath -%> -logpath = <%= @logpath %> -<% end -%> -<% if @unixsocketprefix -%> -unixSocketPrefix = <%= @unixsocketprefix %> -<% end -%> diff --git a/mongodb/templates/mongodb.conf.2.6.erb b/mongodb/templates/mongodb.conf.2.6.erb deleted file mode 100644 index 0f1775562..000000000 --- a/mongodb/templates/mongodb.conf.2.6.erb +++ /dev/null @@ -1,137 +0,0 @@ -#mongo.conf - generated from Puppet - -#System Log - -<% if @logpath -%> -systemLog.path: <%= @logpath %> -systemLog.destination: file -<% if @logappend -%> -systemLog.logAppend: <%= @logappend %> -<% end -%> -<% elsif @syslog -%> -systemLog.destination: syslog -<% end -%> -<% if @verbose -%> -systemLog.quiet: false -<% else -%> -systemLog.quiet: true -<% end -%> -<% if @verbositylevel == "v" -%> -systemLog.verbosity: 1 -<% elsif @verbositylevel == "vv" -%> -systemLog.verbosity: 2 -<% elsif @verbositylevel == "vvv" -%> -systemLog.verbosity: 3 -<% elsif @verbositylevel == "vvvv" -%> -systemLog.verbosity: 4 -<% elsif @verbositylevel == "vvvvv" -%> -systemLog.verbosity: 5 -<% end -%> - -#Process Management -<% if @fork -%> -processManagement.fork: <%= @fork %> -<% end -%> -<% if @pidfilepath -%> -processManagement.pidFilePath: <%= @pidfilepath %> -<% end -%> - -#Storage -storage.dbPath: <%= @dbpath %> -<% if @nojournal -%> -storage.journal.enabled: false -<% elsif @journal -%> -storage.journal.enabled: true -<% end -%> -<% if @noprealloc -%> -storage.preallocDataFiles: <%= !@noprealloc %> -<% end -%> -<% if @nssize -%> -storage.nsSize: <%= @nssize %> -<% end -%> -<% if @directoryperdb -%> -storage.directoryPerDB: <%= @directoryperdb %> -<% end -%> -<% if @smallfiles -%> -storage.smallFiles: <%= @smallfiles %> -<% end -%> -<% if @quota -%> -storage.quota.enforced: <%= @quota %> -<% if @quotafiles -%> -storage.quota.maxFilesPerDB: <%= @quotafiles %> -<% end -%> -<% end -%> -<% if @storage_engine_internal -%> -storage.engine: <%= @storage_engine_internal %> -<% end -%> - - -#Security -<% if @auth -%> -security.authorization: enabled -<% else -%> -security.authorization: disabled -<% end -%> -<% if @keyfile -%> -security.keyFile: <%= @keyfile %> -<% end -%> -<% if @noscripting -%> -security.javascriptEnabled: <%= @noscripting %> -<% end -%> - - -#Net -<% if @ipv6 -%> -net.ipv6=<%= @ipv6 %> -<% end -%> -<% if @bind_ip -%> -net.bindIp: <%= Array(@bind_ip).join(',') %> -<% end -%> -<% if @port -%> -net.port: <%= @port %> -<% end -%> -<% if @objcheck -%> -net.wireObjectCheck: <%= @objcheck %> -<% end -%> -<% if @rest -%> -net.http.RESTInterfaceEnabled: true -<% end -%> -<% if @maxconns -%> -net.maxIncomingConnections: <%= @maxconns %> -<% end -%> -<% if ! @nohttpinterface.nil? -%> -net.http.enabled: <%= ! @nohttpinterface %> -<% end -%> - -#Replication -<% if @replset -%> -replication.replSetName: <%= @replset %> -<% end -%> -<% if @oplog_size -%> -replication.oplogSizeMB: <%= @oplog_size %> -<% end -%> - -#Sharding -<% if @configsvr -%> -sharding.clusterRole: configsvr -<% end -%> -<% if @shardsvr -%> -sharding.clusterRole: shardsvr -<% end -%> - -#Operation Profiling -<% if @profile == "0" -%> -operationProfiling.mode: off -<% elsif @profile == "1" -%> -operationProfiling.mode: slowOp -<% elsif @profile == "2" -%> -operationProfiling.mode: all -<% end -%> -<% if @slowms -%> -operationProfiling.slowOpThresholdMs: <%= @slowms %> -<% end -%> - - -<% if @set_parameter -%> -setParameter: <%= @set_parameter %> -<% end -%> diff --git a/mongodb/templates/mongodb.conf.erb b/mongodb/templates/mongodb.conf.erb deleted file mode 100644 index 35ecc2ea7..000000000 --- a/mongodb/templates/mongodb.conf.erb +++ /dev/null @@ -1,190 +0,0 @@ -# mongo.conf - generated from Puppet - - -<% if @logpath -%> -#where to log -logpath=<%= @logpath %> -<% if @logappend -%> -logappend=<%= @logappend %> -<% end -%> -<% end -%> -<% if @ipv6 -%> -ipv6=<%= @ipv6 %> -<% end -%> -<% if @bind_ip -%> -# Set this option to configure the mongod or mongos process to bind to and -# listen for connections from applications on this address. -# You may concatenate a list of comma separated values to bind mongod to multiple IP addresses. -bind_ip = <%= Array(@bind_ip).join(',') %> -<% end -%> -<% if @fork -%> -# fork and run in background -fork=<%= @fork %> -<% end -%> -<% if @port -%> -port = <%= @port %> -<% end -%> -dbpath=<%= @dbpath %> -<% if @pidfilepath -%> -# location of pidfile -pidfilepath=<%= @pidfilepath %> -<% end -%> -<% if @nojournal and not @journal -%> -# Disables write-ahead journaling -nojournal = <%= @nojournal %> -<% end -%> -<% if @journal and not @nojournal -%> -# Enables journaling -journal = <%= @journal %> -<% end -%> -<% if @cpu -%> -# Enables periodic logging of CPU utilization and I/O wait -cpu = <%= @cpu %> -<% end -%> -# Turn on/off security. Off is currently the default -<% if @noauth and not @auth -%> -noauth=<%= @noauth %> -<% end -%> -<% if @auth and not @noauth -%> -auth=<%= @auth %> -<% end -%> -<% if @verbose -%> -# Verbose logging output. -verbose = <%= @verbose %> -<% end -%> -<% if @verbositylevel -%> -<%= @verbositylevel -%> = true -<% end -%> -<% if @objcheck -%> -# Inspect all client data for validity on receipt (useful for -# developing drivers) -objcheck = <%= @objcheck %> -<% end -%> -<% if @maxconns -%> -maxConns = <%= @maxconns %> -<% end -%> -<% if @quota -%> -# Enable db quota management -quota = <%= @quota %> -<% if @quotafiles -%> -quotaFiles = <%= @quotafiles %> -<% end -%> -<% end -%> -<% if @diaglog -%> -# Set oplogging level where n is -# 0=off (default) -# 1=W -# 2=R -# 3=both -# 7=W+some reads -diaglog = <%= @diaglog %> -<% end -%> -<% if @oplog_size -%> -# Specifies a maximum size in megabytes for the replication operation log -oplogSize = <%= @oplog_size %> -<% end -%> -<% if @nohints -%> -# Ignore query hints -nohints = <%= @nohints %> -<% end -%> -<% if ! @nohttpinterface.nil? -%> -# Disable the HTTP interface (Defaults to localhost:27018). -nohttpinterface = <%= @nohttpinterface %> -<% end -%> -<% if @noscripting -%> -# Turns off server-side scripting. This will result in greatly limited -# functionality -noscripting = <%= @noscripting %> -<% end -%> -<% if @notablescan -%> -# Turns off table scans. Any query that would do a table scan fails. -notablescan = <%= @notablescan %> -<% end -%> -<% if @noprealloc -%> -# Disable data file preallocation. -noprealloc = <%= @noprealloc %> -<% end -%> -<% if @nssize -%> -# Specify .ns file size for new databases in megabytes. -nssize = <%= @nssize %> -<% end -%> -<% if @mms_token -%> -# Accout token for Mongo monitoring server. -mms-token = <%= @mms_token %> -<% end -%> -<% if @mms_name -%> -# Server name for Mongo monitoring server. -mms-name = <%= @mms_name %> -<% end -%> -<% if @mms_interval -%> -# Ping interval for Mongo monitoring server. -mms-interval = <%= @mms_interval %> -<% end -%> -<% if @slave -%> -slave = <%= @slave %> -<% end -%> -<% if @source -%> -source = <%= @source %> -<% end -%> -<% if @only -%> -# Slave only: specify a single database to replicate -only = <%= @only %> -<% end -%> -<% if @master -%> -master = <%= @master %> -<% end -%> -<% if @directoryperdb -%> -# Alters the storage pattern of the data directory to store each database -# files in a distinct folder. -directoryperdb = <%= @directoryperdb %> -<% end -%> -<% if @configsvr -%> -# Is the mongod instance a configuration server -configsvr = <%= @configsvr %> -<% end -%> -<% if @shardsvr -%> -# Is the mongod instance a shard server -shardsvr = <%= @shardsvr %> -<% end -%> -<% if @replset -%> -# Configure ReplicaSet membership -replSet = <%= @replset %> -<% end -%> -<% if @smallfiles -%> -# Use a smaller default data file size. -smallfiles = <%= @smallfiles %> -<% end -%> -<% if @rest -%> -# Enable rest API (disabled by default) -rest = <%= @rest %> -<% end -%> -<% if @profile -%> -# Modify this value to changes the level of database profiling, which inserts -# information about operation performance into output of mongod or the log file. -#0 = Off. No profiling. default -#1 = On. Only includes slow operations. -#2 = On. Includes all operations. -profile = <%= @profile %> -<% end -%> -<% if @slowms -%> -# Sets the threshold in milliseconds for mongod to consider a query slow for the profiler. -slowms = <%= @slowms %> -<% end -%> -<% if @keyfile -%> -# Specify the path to a key file to store authentication information. -keyFile = <%= @keyfile %> -<% end -%> -<% if @set_parameter -%> -setParameter = <%= @set_parameter %> -<% end -%> -<% if @syslog -%> -syslog = <%= @syslog %> -<% end -%> -<% if @quiet -%> -quiet = <%= @quiet %> -<% end -%> -<% if @ssl -%> -sslOnNormalPorts = true -sslPEMKeyFile = <%= @ssl_key %> -sslCAFile = <%= @ssl_ca %> -<% end -%> diff --git a/mongodb/templates/mongorc.js.erb b/mongodb/templates/mongorc.js.erb deleted file mode 100644 index d9b46c39b..000000000 --- a/mongodb/templates/mongorc.js.erb +++ /dev/null @@ -1,27 +0,0 @@ -function authRequired() { - try { - if (db.serverCmdLineOpts().code == 13) { - return true; - } - return false; - } - catch (err) { - return false; - } -} - -if (authRequired()) { - try { -<% if @replset -%> - rs.slaveOk() -<% end -%> - var prev_db = db - db = db.getSiblingDB('admin') - db.auth('<%= @admin_username %>', '<%= @admin_password %>') - db = db.getSiblingDB(prev_db) - } - catch (err) { - // This isn't catching authentication errors as I'd expect... - return; - } -} diff --git a/mongodb/templates/mongos/Debian/mongos.erb b/mongodb/templates/mongos/Debian/mongos.erb deleted file mode 100644 index 98dada202..000000000 --- a/mongodb/templates/mongos/Debian/mongos.erb +++ /dev/null @@ -1,266 +0,0 @@ -#!/bin/sh -# -# init.d script with LSB support. -# -# Copyright (c) 2007 Javier Fernandez-Sanguino -# -# This is free software; you may redistribute it and/or modify -# it under the terms of the GNU General Public License as -# published by the Free Software Foundation; either version 2, -# or (at your option) any later version. -# -# This is distributed in the hope that it will be useful, but -# WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License with -# the Debian operating system, in /usr/share/common-licenses/GPL; if -# not, write to the Free Software Foundation, Inc., 59 Temple Place, -# Suite 330, Boston, MA 02111-1307 USA -# -### BEGIN INIT INFO -# Provides: mongos -# Required-Start: $network $local_fs $remote_fs -# Required-Stop: $network $local_fs $remote_fs -# Should-Start: $named -# Should-Stop: -# Default-Start: 2 3 4 5 -# Default-Stop: 0 1 6 -# Short-Description: An object/document-oriented database -# Description: MongoDB is a high-performance, open source, schema-free -# document-oriented data store that's easy to deploy, manage -# and use. It's network accessible, written in C++ and offers -# the following features: -# -# * Collection oriented storage - easy storage of object- -# style data -# * Full index support, including on inner objects -# * Query profiling -# * Replication and fail-over support -# * Efficient storage of binary data including large -# objects (e.g. videos) -# * Automatic partitioning for cloud-level scalability -# -# High performance, scalability, and reasonable depth of -# functionality are the goals for the project. -### END INIT INFO - -PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin -DAEMON=/usr/bin/mongos -DESC=database - -NAME=mongos -# Defaults. Can be overridden by the /etc/default/$NAME -# Other configuration options are located in $CONF file. See here for more: -# http://dochub.mongodb.org/core/configurationoptions -CONF=/etc/mongodb-shard.conf -PIDFILE=/var/run/$NAME.pid -ENABLE_MONGOD=yes - -# Include mongodb defaults if available -if [ -f /etc/default/$NAME ] ; then - . /etc/default/$NAME -fi - -# Handle NUMA access to CPUs (SERVER-3574) -# This verifies the existence of numactl as well as testing that the command works -NUMACTL_ARGS="--interleave=all" -if which numactl >/dev/null 2>/dev/null && numactl $NUMACTL_ARGS ls / >/dev/null 2>/dev/null -then - NUMACTL="`which numactl` -- $NUMACTL_ARGS" - DAEMON_OPTS=${DAEMON_OPTS:-"--config $CONF"} -else - NUMACTL="" - DAEMON_OPTS="-- "${DAEMON_OPTS:-"--config $CONF"} -fi - -if test ! -x $DAEMON; then - echo "Could not find $DAEMON" - exit 0 -fi - -if test "x$ENABLE_MONGOD" != "xyes"; then - exit 0 -fi - -. /lib/lsb/init-functions - -STARTTIME=1 -DIETIME=10 # Time to wait for the server to die, in seconds - # If this value is set too low you might not - # let some servers to die gracefully and - # 'restart' will not work - -DAEMONUSER=${DAEMONUSER:-mongodb} - -set -e - -running_pid() { -# Check if a given process pid's cmdline matches a given name - pid=$1 - name=$2 - [ -z "$pid" ] && return 1 - [ ! -d /proc/$pid ] && return 1 - cmd=`cat /proc/$pid/cmdline | tr "\000" "\n"|head -n 1 |cut -d : -f 1` - # Is this the expected server - [ "$cmd" != "$name" ] && return 1 - return 0 -} - -running() { -# Check if the process is running looking at /proc -# (works for all users) - - # No pidfile, probably no daemon present - [ ! -f "$PIDFILE" ] && return 1 - pid=`cat $PIDFILE` - running_pid $pid $DAEMON || return 1 - return 0 -} - -start_server() { - # Recommended ulimit values for mongod or mongos - # See http://docs.mongodb.org/manual/reference/ulimit/#recommended-settings - # - ulimit -f unlimited - ulimit -t unlimited - ulimit -v unlimited - ulimit -n 64000 - ulimit -m unlimited - - # In dash, ulimit takes -p for maximum user processes - # In bash, it's -u - if readlink /proc/$$/exe | grep -q dash - then - ulimit -p 32000 - else - ulimit -u 32000 - fi - - # Start the process using the wrapper - start-stop-daemon --background --start --quiet --pidfile $PIDFILE \ - --make-pidfile --chuid $DAEMONUSER \ - --exec $NUMACTL $DAEMON $DAEMON_OPTS - errcode=$? - return $errcode -} - -stop_server() { -# Stop the process using the wrapper - start-stop-daemon --stop --quiet --pidfile $PIDFILE \ - --retry 300 \ - --user $DAEMONUSER \ - --exec $DAEMON - errcode=$? - return $errcode -} - -force_stop() { -# Force the process to die killing it manually - [ ! -e "$PIDFILE" ] && return - if running ; then - kill -15 $pid - # Is it really dead? - sleep "$DIETIME"s - if running ; then - kill -9 $pid - sleep "$DIETIME"s - if running ; then - echo "Cannot kill $NAME (pid=$pid)!" - exit 1 - fi - fi - fi - rm -f $PIDFILE -} - - -case "$1" in - start) - log_daemon_msg "Starting $DESC" "$NAME" - # Check if it's running first - if running ; then - log_progress_msg "apparently already running" - log_end_msg 0 - exit 0 - fi - if start_server ; then - # NOTE: Some servers might die some time after they start, - # this code will detect this issue if STARTTIME is set - # to a reasonable value - [ -n "$STARTTIME" ] && sleep $STARTTIME # Wait some time - if running ; then - # It's ok, the server started and is running - log_end_msg 0 - else - # It is not running after we did start - log_end_msg 1 - fi - else - # Either we could not start it - log_end_msg 1 - fi - ;; - stop) - log_daemon_msg "Stopping $DESC" "$NAME" - if running ; then - # Only stop the server if we see it running - errcode=0 - stop_server || errcode=$? - log_end_msg $errcode - else - # If it's not running don't do anything - log_progress_msg "apparently not running" - log_end_msg 0 - exit 0 - fi - ;; - force-stop) - # First try to stop gracefully the program - $0 stop - if running; then - # If it's still running try to kill it more forcefully - log_daemon_msg "Stopping (force) $DESC" "$NAME" - errcode=0 - force_stop || errcode=$? - log_end_msg $errcode - fi - ;; - restart|force-reload) - log_daemon_msg "Restarting $DESC" "$NAME" - errcode=0 - stop_server || errcode=$? - # Wait some sensible amount, some server need this - [ -n "$DIETIME" ] && sleep $DIETIME - start_server || errcode=$? - [ -n "$STARTTIME" ] && sleep $STARTTIME - running || errcode=$? - log_end_msg $errcode - ;; - status) - - log_daemon_msg "Checking status of $DESC" "$NAME" - if running ; then - log_progress_msg "running" - log_end_msg 0 - else - log_progress_msg "apparently not running" - log_end_msg 1 - exit 1 - fi - ;; - # MongoDB can't reload its configuration. - reload) - log_warning_msg "Reloading $NAME daemon: not implemented, as the daemon" - log_warning_msg "cannot re-read the config file (use restart)." - ;; - - *) - N=/etc/init.d/$NAME - echo "Usage: $N {start|stop|force-stop|restart|force-reload|status}" >&2 - exit 1 - ;; -esac - -exit 0 diff --git a/mongodb/templates/mongos/RedHat/mongos.erb b/mongodb/templates/mongos/RedHat/mongos.erb deleted file mode 100644 index 757175b5a..000000000 --- a/mongodb/templates/mongos/RedHat/mongos.erb +++ /dev/null @@ -1,106 +0,0 @@ -#!/bin/bash - -# mongos - Startup script for mongos - -# chkconfig: 35 85 15 -# description: Mongo Router Process for sharding -# processname: mongos -# config: /etc/mongodb-shard.conf -# pidfile: /var/run/mongodb/mongos.pid - -. /etc/rc.d/init.d/functions - -# mongos will read mongodb-shard.conf for configuration settings - -# Add variable to support multiple instances of mongos -# The instance name is by default the name of this init script -# In this way another instance can be created by just copying this init script -# and creating a config file with the same name and a .conf extension -# For Example: -# /etc/init.d/mongos2 -# /etc/mongos2.conf -# Optionally also create a sysconfig file to override env variables below -# /etc/sysconfig/mongos2 -INSTANCE=`basename $0` - -# By default OPTIONS just points to the /etc/mongod.conf config file -# This can be overriden in /etc/sysconfig/mongod -OPTIONS=" -f /etc/mongodb-shard.conf" - -PID_PATH=/var/run/mongodb -PID_FILE=${PID_PATH}/${INSTANCE}.pid -MONGO_BIN=/usr/bin/mongos -MONGO_USER=<%=@user%> -MONGO_GROUP=<%=@group%> -MONGO_ULIMIT=12000 -MONGO_LOCK_FILE=/var/lock/subsys/${INSTANCE} - -# Source sysconfig options so that above values can be overriden -SYSCONFIG="/etc/sysconfig/${INSTANCE}" -if [ -f "$SYSCONFIG" ]; then - . "$SYSCONFIG" || true -fi - -# Create mongo pids path if it does not exist -if [ ! -d "${PID_PATH}" ]; then - mkdir -p "${PID_PATH}" - chown "${MONGO_USER}:${MONGO_GROUP}" "${PID_PATH}" -fi - -start() -{ - echo -n $"Starting ${INSTANCE}: " - ulimit -n $MONGO_ULIMIT - touch ${PID_FILE} - touch '/var/log/mongodb/mongodb-shard.log' - chown "${MONGO_USER}:${MONGO_GROUP}" "${PID_FILE}" - chown "${MONGO_USER}:${MONGO_GROUP}" '/var/log/mongodb/mongodb-shard.log' - daemon --user "$MONGO_USER" --pidfile $PID_FILE "$MONGO_BIN $OPTIONS --pidfilepath=$PID_FILE >>/var/log/mongodb/mongodb-shard.log 2>&1 &" - RETVAL=$? - echo - [ $RETVAL -eq 0 ] && touch $MONGO_LOCK_FILE - return $RETVAL -} - -stop() -{ - echo -n $"Stopping ${INSTANCE}: " - killproc -p $PID_FILE -t30 -TERM $MONGO_BIN - RETVAL=$? - echo - [ $RETVAL -eq 0 ] && rm -f $MONGO_LOCK_FILE - [ $RETVAL -eq 0 ] && rm -f $PID_FILE - return $RETVAL -} - -restart () { - stop - # TODO need to wait for process to stop before continuing - start -} - -RETVAL=0 - -case "$1" in - start) - start - ;; - stop) - stop - ;; - restart|reload|force-reload) - restart - ;; - condrestart) - [ -f $MONGO_LOCK_FILE ] && restart || : - ;; - status) - status -p $PID_FILE $MONGO_BIN - RETVAL=$? - ;; - *) - echo "Usage: $0 {start|stop|status|restart|reload|force-reload|condrestart}" - RETVAL=1 -esac - -exit $RETVAL diff --git a/mongodb/tests/client.pp b/mongodb/tests/client.pp deleted file mode 100644 index 061c8c106..000000000 --- a/mongodb/tests/client.pp +++ /dev/null @@ -1,2 +0,0 @@ -class { '::mongodb::globals': manage_package_repo => true }-> -class { '::mongodb::client': } diff --git a/mongodb/tests/globals.pp b/mongodb/tests/globals.pp deleted file mode 100644 index 1de72bc7b..000000000 --- a/mongodb/tests/globals.pp +++ /dev/null @@ -1,3 +0,0 @@ -class { '::mongodb::globals': - manage_package_repo => true -} diff --git a/mongodb/tests/init.pp b/mongodb/tests/init.pp deleted file mode 100644 index aac044ee0..000000000 --- a/mongodb/tests/init.pp +++ /dev/null @@ -1 +0,0 @@ -class { '::mongodb': } diff --git a/mongodb/tests/replicaset.pp b/mongodb/tests/replicaset.pp deleted file mode 100644 index 61aa721b7..000000000 --- a/mongodb/tests/replicaset.pp +++ /dev/null @@ -1,14 +0,0 @@ -node default { - class { '::mongodb::globals': - manage_package_repo => true - } -> - class { '::mongodb::server': - smallfiles => true, - bind_ip => ['0.0.0.0'], - replset => 'rsmain' - } - mongodb_replset{'rsmain': - members => ['mongo1:27017', 'mongo2:27017', 'mongo3:27017' ], - arbiter => 'mongo3:27017', - } -} diff --git a/mongodb/tests/server.pp b/mongodb/tests/server.pp deleted file mode 100644 index 32d123067..000000000 --- a/mongodb/tests/server.pp +++ /dev/null @@ -1,2 +0,0 @@ -class { '::mongodb::globals': manage_package_repo => true }-> -class { '::mongodb::server': } diff --git a/mongodb/tests/sharding.pp b/mongodb/tests/sharding.pp deleted file mode 100644 index 0470ae8b5..000000000 --- a/mongodb/tests/sharding.pp +++ /dev/null @@ -1,59 +0,0 @@ -node 'mongos' { - - class {'::mongodb::globals': - manage_package_repo => true, - }-> - class {'::mongodb::server': - configsvr => true, - bind_ip => $::ipaddress, - }-> - class {'::mongodb::client': - }-> - class {'::mongodb::mongos': - configdb => ["${::ipaddress}:27019"], - }-> - mongodb_shard { 'rs1' : - member => 'rs1/mongod1:27018', - keys => [{ - 'rs1.foo' => { - 'name' => 1 - } - }], - } - -} - -node 'mongod1' { - - class {'::mongodb::globals': - manage_package_repo => true, - }-> - class {'::mongodb::server': - shardsvr => true, - replset => 'rs1', - bind_ip => $::ipaddress, - }-> - class {'::mongodb::client': - } - mongodb_replset{'rs1': - members => ['mongod1:27018', 'mongod2:27018'], - } -} - -node 'mongod2' { - - class {'::mongodb::globals': - manage_package_repo => true, - }-> - class {'::mongodb::server': - shardsvr => true, - replset => 'rs1', - bind_ip => $::ipaddress, - }-> - class {'::mongodb::client': - } - mongodb_replset{'rs1': - members => ['mongod1:27018', 'mongod2:27018'], - } - -} diff --git a/mysql/.fixtures.yml b/mysql/.fixtures.yml deleted file mode 100644 index 10a951d8b..000000000 --- a/mysql/.fixtures.yml +++ /dev/null @@ -1,6 +0,0 @@ -fixtures: - repositories: - "stdlib": "https://github.com/puppetlabs/puppetlabs-stdlib" - "staging": "https://github.com/nanliu/puppet-staging" - symlinks: - "mysql": "#{source_dir}" diff --git a/mysql/.geppetto-rc.json b/mysql/.geppetto-rc.json deleted file mode 100644 index 7df232989..000000000 --- a/mysql/.geppetto-rc.json +++ /dev/null @@ -1,9 +0,0 @@ -{ - "excludes": [ - "**/contrib/**", - "**/examples/**", - "**/tests/**", - "**/spec/**", - "**/pkg/**" - ] -} diff --git a/mysql/.gitattributes b/mysql/.gitattributes deleted file mode 100644 index 900ea0cbb..000000000 --- a/mysql/.gitattributes +++ /dev/null @@ -1,5 +0,0 @@ -#This file is generated by ModuleSync, do not edit. -*.rb eol=lf -*.erb eol=lf -*.pp eol=lf -*.sh eol=lf diff --git a/mysql/.gitignore b/mysql/.gitignore deleted file mode 100644 index dd126f2fb..000000000 --- a/mysql/.gitignore +++ /dev/null @@ -1,11 +0,0 @@ -#This file is generated by ModuleSync, do not edit. -pkg/ -Gemfile.lock -vendor/ -spec/fixtures/ -.vagrant/ -.bundle/ -coverage/ -log/ -.idea/ -*.iml diff --git a/mysql/.nodeset.yml b/mysql/.nodeset.yml deleted file mode 100644 index 767f9cd2f..000000000 --- a/mysql/.nodeset.yml +++ /dev/null @@ -1,31 +0,0 @@ ---- -default_set: 'centos-64-x64' -sets: - 'centos-59-x64': - nodes: - "main.foo.vm": - prefab: 'centos-59-x64' - 'centos-64-x64': - nodes: - "main.foo.vm": - prefab: 'centos-64-x64' - 'fedora-18-x64': - nodes: - "main.foo.vm": - prefab: 'fedora-18-x64' - 'debian-607-x64': - nodes: - "main.foo.vm": - prefab: 'debian-607-x64' - 'debian-70rc1-x64': - nodes: - "main.foo.vm": - prefab: 'debian-70rc1-x64' - 'ubuntu-server-10044-x64': - nodes: - "main.foo.vm": - prefab: 'ubuntu-server-10044-x64' - 'ubuntu-server-12042-x64': - nodes: - "main.foo.vm": - prefab: 'ubuntu-server-12042-x64' diff --git a/mysql/.rspec b/mysql/.rspec deleted file mode 100644 index 16f9cdb01..000000000 --- a/mysql/.rspec +++ /dev/null @@ -1,2 +0,0 @@ ---color ---format documentation diff --git a/mysql/.sync.yml b/mysql/.sync.yml deleted file mode 100644 index 80e321eb0..000000000 --- a/mysql/.sync.yml +++ /dev/null @@ -1,5 +0,0 @@ ---- -Gemfile: - optional: - ':development, :unit_tests': - - gem: rspec-puppet-facts diff --git a/mysql/.travis.yml b/mysql/.travis.yml deleted file mode 100644 index 588fb5b00..000000000 --- a/mysql/.travis.yml +++ /dev/null @@ -1,20 +0,0 @@ -#This file is generated by ModuleSync, do not edit. ---- -sudo: false -language: ruby -cache: bundler -bundler_args: --without system_tests -script: "bundle exec rake validate lint spec" -matrix: - fast_finish: true - include: - - rvm: 2.1.6 - env: PUPPET_GEM_VERSION="~> 4.0" STRICT_VARIABLES="yes" - - rvm: 2.1.5 - env: PUPPET_GEM_VERSION="~> 3.0" FUTURE_PARSER="yes" - - rvm: 2.1.5 - env: PUPPET_GEM_VERSION="~> 3.0" - - rvm: 1.9.3 - env: PUPPET_GEM_VERSION="~> 3.0" -notifications: - email: false diff --git a/mysql/CHANGELOG.md b/mysql/CHANGELOG.md deleted file mode 100644 index 00dd4635e..000000000 --- a/mysql/CHANGELOG.md +++ /dev/null @@ -1,658 +0,0 @@ -## Supported Release 3.6.2 -###Summary - -Small release for support of newer PE versions. This increments the version of PE in the metadata.json file. - -## 2015-09-22 - Supported Release 3.6.1 -### Summary -This is a security and bugfix release that fixes incorrect username truncation in the munge for the mysql_user type, incorrect function used in `mysql::server::backup` and fixes compatibility issues with PE 3.3.x. - -#### Bugfixes -- Loosen the regex in mysql_user munging so the username is not unintentionally truncated. -- Use `warning()` not `warn()` -- Metadata had inadvertantly dropped 3.3.x support -- Some 3.3.x compatibility issues in `mysqltuner` were corrected - -## 2015-08-10 - Supported Release 3.6.0 -### Summary -This release adds the ability to use mysql::db and `mysql_*` types against unmanaged or external mysql instances. - -#### Features -- Add ability to use mysql::db WITHOUT mysql::server (ie, externally) -- Add prescript attribute to mysql::server::backup for xtrabackup -- Add postscript ability to xtrabackup provider. - -#### Bugfixes -- Fix default root passwords blocking puppet on mysql 5.8 -- Fix service dependency when package_manage is false -- Fix selinux permissions on my.cnf - -##2015-07-23 - Supported Release 3.5.0 -###Summary -A small release to add explicit support to newer Puppet versions and accumulated patches. - -####Features/Improvements -- Start running tests against puppet 4 -- Support longer usernames on newer MariaDB versions -- Add parameters for Solaris 11 and 12 - -####Bugfixes -- Fix references to the mysql-server package -- mysql_server_id doesn't throw and error on machines without macaddress - -##2015-05-19 - Supported Release 3.4.0 -###Summary -This release includes the addition of extra facts, OpenBSD compatibility, and a number of other features, improvements and bug fixes. - -####Features/Improvements -- Added server_id fact which includes mac address for better uniqueness -- Added OpenBSD compatibility, only for 'OpenBSD -current' (due to the recent switch to mariadb) -- Added a $mysql_group parameter, and use that instead of the $root_group parameter to define the group membership of the mysql error log file. -- Updated tests for rspec-puppet 2 and future parser -- Further acceptance testing improvements -- MODULES-1928 - allow log-error to be undef -- Split package installation and database install -- README wording improvements -- Added options for including/excluding triggers and routines -- Made the 'TRIGGER' privilege of mysqldump backups depend on whether or not we are actually backing up triggers -- Cleaned up the privilege assignment in the mysqldump backup script -- Add a fact for capturing the mysql version installed - -####Bugfixes -- mysql backup: fix regression in mysql_user call -- Set service_ensure to undef, in the case of an unmanaged service -- README Typos fixed -- Bugfix on Xtrabackup crons -- Fixed a permission problem that was preventing triggers from being backed up -- MODULES-1981: Revoke and grant difference of old and new privileges -- Fix an issue were we assume triggers work -- Change default for mysql::server::backup to ignore_triggers = false - -####Deprecations -mysql::server::old_root_password property - -##2015-03-03 - Supported Release 3.3.0 -###Summary -This release includes major README updates, the addition of backup providers, and a fix for managing the log-bin directory. - -####Features -- Add package_manage parameters to `mysql::server` and `mysql::client` (MODULES-1143) -- README improvements -- Add `mysqldump`, `mysqlbackup`, and `xtrabackup` backup providers. - -####Bugfixes -- log-error overrides were not being properly used (MODULES-1804) -- check for full path for log-bin to stop puppet from managing file '.' - -##2015-02-09 - Supported Release 3.2.0 -###Summary -This release includes several new features and bugfixes, including support for various plugins, making the output from mysql_password more consistent when input is empty and improved username validation. - -####Features -- Add type and provider to manage plugins -- Add support for authentication plugins -- Add support for mysql_install_db on freebsd -- Add `create_root_user` and `create_root_my_cnf` parameters to `mysql::server` - -####Bugfixes -- Remove dependency on stdlib >= 4.1.0 (MODULES-1759) -- Make grant autorequire user -- Remove invalid parameter 'provider' from mysql_user instance (MODULES-1731) -- Return empty string for empty input in mysql_password -- Fix `mysql::account_security` when fqdn==localhost -- Update username validation (MODULES-1520) -- Future parser fix in params.pp -- Fix package name for debian 8 -- Don't start the service until the server package is installed and the config file is in place -- Test fixes -- Lint fixes - -##2014-12-16 - Supported Release 3.1.0 -###Summary - -This release includes several new features, including SLES12 support, and a number of bug fixes. - -####Notes - -`mysql::server::mysqltuner` has been refactored to fetch the mysqltuner script from github by default. If you are running on a non-network-connected system, you will need to download that file and have it available to your node at a path specified by the `source` parameter to the `mysqltuner` class. - -####Features -- Add support for install_options for all package resources (MODULES-1484) -- Add log-bin directory creation -- Allow mysql::db to import multiple files (MODULES-1338) -- SLES12 support -- Improved identifier quoting detections -- Reworked `mysql::server::mysqltuner` so that we are no longer packaging the script as it is licensed under the GPL. - -####Bugfixes -- Fix regression in username validation -- Proper containment for mysql::client in mysql::db -- Support quoted usernames of length 15 and 16 chars - -##2014-11-11 - Supported Release 3.0.0 -###Summary - -Added several new features including MariaDB support and future parser - -####Backwards-incompatible Changes -* Remove the deprecated `database`, `database_user`, and `database_grant` resources. The correct resources to use are `mysql`, `mysql_user`, and `mysql_grant` respectively. - -####Features -* Add MariaDB Support -* The mysqltuner perl script has been updated to 1.3.0 based on work at http://github.com/major/MySQLTuner-perl -* Add future parse support, fixed issues with undef to empty string -* Pass the backup credentials to 'SHOW DATABASES' -* Ability to specify the Includedir for `mysql::server` -* `mysql::db` now has an import\_timeout feature that defaults to 300 -* The `mysql` class has been removed -* `mysql::server` now takes an `override_options` hash that will affect the installation -* Ability to install both dev and client dev - -####BugFix -* `mysql::server::backup` now passes `ensure` param to the nested `mysql_grant` -* `mysql::server::service` now properly requires the presence of the `log_error` file -* `mysql::config` now occurs before `mysql::server::install_db` correctly - -##2014-07-15 - Supported Release 2.3.1 -###Summary - -This release merely updates metadata.json so the module can be uninstalled and -upgraded via the puppet module command. - -##2014-05-14 - Supported Release 2.3.0 - -This release primarily adds support for RHEL7 and Ubuntu 14.04 but it -also adds a couple of new parameters to allow for further customization, -as well as ensuring backups can backup stored procedures properly. - -####Features -Added `execpath` to allow a custom executable path for non-standard mysql installations. -Added `dbname` to mysql::db and use ensure_resource to create the resource. -Added support for RHEL7 and Fedora Rawhide. -Added support for Ubuntu 14.04. -Create a warning for if you disable SSL. -Ensure the error logfile is owned by MySQL. -Disable ssl on FreeBSD. -Add PROCESS privilege for backups. - -####Bugfixes - -####Known Bugs -* No known bugs - -##2014-03-04 - Supported Release 2.2.3 -###Summary - -This is a supported release. This release removes a testing symlink that can -cause trouble on systems where /var is on a seperate filesystem from the -modulepath. - -####Features -####Bugfixes -####Known Bugs -* No known bugs - -##2014-03-04 - Supported Release 2.2.2 -###Summary -This is a supported release. Mostly comprised of enhanced testing, plus a -bugfix for Suse. - -####Bugfixes -- PHP bindings on Suse -- Test fixes - -####Known Bugs -* No known bugs - -##2014-02-19 - Version 2.2.1 - -###Summary - -Minor release that repairs mysql_database{} so that it sees the correct -collation settings (it was only checking the global mysql ones, not the -actual database and constantly setting it over and over since January 22nd). - -Also fixes a bunch of tests on various platforms. - - -##2014-02-13 - Version 2.2.0 - -###Summary - -####Features -- Add `backupdirmode`, `backupdirowner`, `backupdirgroup` to - mysql::server::backup to allow customizing the mysqlbackupdir. -- Support multiple options of the same name, allowing you to - do 'replicate-do-db' => ['base1', 'base2', 'base3'] in order to get three - lines of replicate-do-db = base1, replicate-do-db = base2 etc. - -####Bugfixes -- Fix `restart` so it actually stops mysql restarting if set to false. -- DRY out the defaults_file functionality in the providers. -- mysql_grant fixed to work with root@localhost/@. -- mysql_grant fixed for WITH MAX_QUERIES_PER_HOUR -- mysql_grant fixed so revoking all privileges accounts for GRANT OPTION -- mysql_grant fixed to remove duplicate privileges. -- mysql_grant fixed to handle PROCEDURES when removing privileges. -- mysql_database won't try to create existing databases, breaking replication. -- bind_address renamed bind-address in 'mysqld' options. -- key_buffer renamed to key_buffer_size. -- log_error renamed to log-error. -- pid_file renamed to pid-file. -- Ensure mysql::server:root_password runs before mysql::server::backup -- Fix options_override -> override_options in the README. -- Extensively rewrite the README to be accurate and awesome. -- Move to requiring stdlib 3.2.0, shipped in PE3.0 -- Add many new tests. - - -##2013-11-13 - Version 2.1.0 - -###Summary - -The most important changes in 2.1.0 are improvements to the my.cnf creation, -as well as providers. Setting options to = true strips them to be just the -key name itself, which is required for some options. - -The provider updates fix a number of bugs, from lowercase privileges to -deprecation warnings. - -Last, the new hiera integration functionality should make it easier to -externalize all your grants, users, and, databases. Another great set of -community submissions helped to make this release. - -####Features -- Some options can not take a argument. Gets rid of the '= true' when an -option is set to true. -- Easier hiera integration: Add hash parameters to mysql::server to allow -specifying grants, users, and databases. - -####Bugfixes -- Fix an issue with lowercase privileges in mysql_grant{} causing them to be reapplied needlessly. -- Changed defaults-file to defaults-extra-file in providers. -- Ensure /root/.my.cnf is 0600 and root owned. -- database_user deprecation warning was incorrect. -- Add anchor pattern for client.pp -- Documentation improvements. -- Various test fixes. - - -##2013-10-21 - Version 2.0.1 - -###Summary - -This is a bugfix release to handle an issue where unsorted mysql_grant{} -privileges could cause Puppet to incorrectly reapply the permissions on -each run. - -####Bugfixes -- Mysql_grant now sorts privileges in the type and provider for comparison. -- Comment and test tweak for PE3.1. - - -##2013-10-14 - Version 2.0.0 - -###Summary - -(Previously detailed in the changelog for 2.0.0-rc1) - -This module has been completely refactored and works significantly different. -The changes are broad and touch almost every piece of the module. - -See the README.md for full details of all changes and syntax. -Please remain on 1.0.0 if you don't have time to fully test this in dev. - -* mysql::server, mysql::client, and mysql::bindings are the primary interface -classes. -* mysql::server takes an `override_options` parameter to set my.cnf options, -with the hash format: { 'section' => { 'thing' => 'value' }} -* mysql attempts backwards compatibility by forwarding all parameters to -mysql::server. - - -##2013-10-09 - Version 2.0.0-rc5 - -###Summary - -Hopefully the final rc! Further fixes to mysql_grant (stripping out the -cleverness so we match a much wider range of input.) - -####Bugfixes -- Make mysql_grant accept '.*'@'.*' in terms of input for user@host. - - -##2013-10-09 - Version 2.0.0-rc4 - -###Summary - -Bugfixes to mysql_grant and mysql_user form the bulk of this rc, as well as -ensuring that values in the override_options hash that contain a value of '' -are created as just "key" in the conf rather than "key =" or "key = false". - -####Bugfixes -- Improve mysql_grant to work with IPv6 addresses (both long and short). -- Ensure @host users work as well as user@host users. -- Updated my.cnf template to support items with no values. - - -##2013-10-07 - Version 2.0.0-rc3 - -###Summary -Fix mysql::server::monitor's use of mysql_user{}. - -####Bugfixes -- Fix myql::server::monitor's use of mysql_user{} to grant the proper -permissions. Add specs as well. (Thanks to treydock!) - - -##2013-10-03 - Version 2.0.0-rc2 - -###Summary -Bugfixes - -####Bugfixes -- Fix a duplicate parameter in mysql::server - - -##2013-10-03 - Version 2.0.0-rc1 - -###Summary - -This module has been completely refactored and works significantly different. -The changes are broad and touch almost every piece of the module. - -See the README.md for full details of all changes and syntax. -Please remain on 1.0.0 if you don't have time to fully test this in dev. - -* mysql::server, mysql::client, and mysql::bindings are the primary interface -classes. -* mysql::server takes an `override_options` parameter to set my.cnf options, -with the hash format: { 'section' => { 'thing' => 'value' }} -* mysql attempts backwards compatibility by forwarding all parameters to -mysql::server. - ---- -##2013-09-23 - Version 1.0.0 - -###Summary - -This release introduces a number of new type/providers, to eventually -replace the database_ ones. The module has been converted to call the -new providers rather than the previous ones as they have a number of -fixes, additional options, and work with puppet resource. - -This 1.0.0 release precedes a large refactoring that will be released -almost immediately after as 2.0.0. - -####Features -- Added mysql_grant, mysql_database, and mysql_user. -- Add `mysql::bindings` class and refactor all other bindings to be contained underneath mysql::bindings:: namespace. -- Added support to back up specified databases only with 'mysqlbackup' parameter. -- Add option to mysql::backup to set the backup script to perform a mysqldump on each database to its own file - -####Bugfixes -- Update my.cnf.pass.erb to allow custom socket support -- Add environment variable for .my.cnf in mysql::db. -- Add HOME environment variable for .my.cnf to mysqladmin command when -(re)setting root password - ---- -##2013-07-15 - Version 0.9.0 -####Features -- Add `mysql::backup::backuprotate` parameter -- Add `mysql::backup::delete_before_dump` parameter -- Add `max_user_connections` attribute to `database_user` type - -####Bugfixes -- Add client package dependency for `mysql::db` -- Remove duplicate `expire_logs_days` and `max_binlog_size` settings -- Make root's `.my.cnf` file path dynamic -- Update pidfile path for Suse variants -- Fixes for lint - -##2013-07-05 - Version 0.8.1 -####Bugfixes - - Fix a typo in the Fedora 19 support. - -##2013-07-01 - Version 0.8.0 -####Features - - mysql::perl class to install perl-DBD-mysql. - - minor improvements to the providers to improve reliability - - Install the MariaDB packages on Fedora 19 instead of MySQL. - - Add new `mysql` class parameters: - - `max_connections`: The maximum number of allowed connections. - - `manage_config_file`: Opt out of puppetized control of my.cnf. - - `ft_min_word_len`: Fine tune the full text search. - - `ft_max_word_len`: Fine tune the full text search. - - Add new `mysql` class performance tuning parameters: - - `key_buffer` - - `thread_stack` - - `thread_cache_size` - - `myisam-recover` - - `query_cache_limit` - - `query_cache_size` - - `max_connections` - - `tmp_table_size` - - `table_open_cache` - - `long_query_time` - - Add new `mysql` class replication parameters: - - `server_id` - - `sql_log_bin` - - `log_bin` - - `max_binlog_size` - - `binlog_do_db` - - `expire_logs_days` - - `log_bin_trust_function_creators` - - `replicate_ignore_table` - - `replicate_wild_do_table` - - `replicate_wild_ignore_table` - - `expire_logs_days` - - `max_binlog_size` - -####Bugfixes - - No longer restart MySQL when /root/.my.cnf changes. - - Ensure mysql::config runs before any mysql::db defines. - -##2013-06-26 - Version 0.7.1 -####Bugfixes -- Single-quote password for special characters -- Update travis testing for puppet 3.2.x and missing Bundler gems - -##2013-06-25 - Version 0.7.0 -This is a maintenance release for community bugfixes and exposing -configuration variables. - -* Add new `mysql` class parameters: - - `basedir`: The base directory mysql uses - - `bind_address`: The IP mysql binds to - - `client_package_name`: The name of the mysql client package - - `config_file`: The location of the server config file - - `config_template`: The template to use to generate my.cnf - - `datadir`: The directory MySQL's datafiles are stored - - `default_engine`: The default engine to use for tables - - `etc_root_password`: Whether or not to add the mysql root password to - /etc/my.cnf - - `java_package_name`: The name of the java package containing the java - connector - - `log_error`: Where to log errors - - `manage_service`: Boolean dictating if mysql::server should manage the - service - - `max_allowed_packet`: Maximum network packet size mysqld will accept - - `old_root_password`: Previous root user password - - `php_package_name`: The name of the phpmysql package to install - - `pidfile`: The location mysql will expect the pidfile to be - - `port`: The port mysql listens on - - `purge_conf_dir`: Value fed to recurse and purge parameters of the - /etc/mysql/conf.d resource - - `python_package_name`: The name of the python mysql package to install - - `restart`: Whether to restart mysqld - - `root_group`: Use specified group for root-owned files - - `root_password`: The root MySQL password to use - - `ruby_package_name`: The name of the ruby mysql package to install - - `ruby_package_provider`: The installation suite to use when installing the - ruby package - - `server_package_name`: The name of the server package to install - - `service_name`: The name of the service to start - - `service_provider`: The name of the service provider - - `socket`: The location of the MySQL server socket file - - `ssl_ca`: The location of the SSL CA Cert - - `ssl_cert`: The location of the SSL Certificate to use - - `ssl_key`: The SSL key to use - - `ssl`: Whether or not to enable ssl - - `tmpdir`: The directory MySQL's tmpfiles are stored -* Deprecate `mysql::package_name` parameter in favor of -`mysql::client_package_name` -* Fix local variable template deprecation -* Fix dependency ordering in `mysql::db` -* Fix ANSI quoting in queries -* Fix travis support (but still messy) -* Fix typos - -##2013-01-11 - Version 0.6.1 -* Fix providers when /root/.my.cnf is absent - -##2013-01-09 - Version 0.6.0 -* Add `mysql::server::config` define for specific config directives -* Add `mysql::php` class for php support -* Add `backupcompress` parameter to `mysql::backup` -* Add `restart` parameter to `mysql::config` -* Add `purge_conf_dir` parameter to `mysql::config` -* Add `manage_service` parameter to `mysql::server` -* Add syslog logging support via the `log_error` parameter -* Add initial SuSE support -* Fix remove non-localhost root user when fqdn != hostname -* Fix dependency in `mysql::server::monitor` -* Fix .my.cnf path for root user and root password -* Fix ipv6 support for users -* Fix / update various spec tests -* Fix typos -* Fix lint warnings - -##2012-08-23 - Version 0.5.0 -* Add puppetlabs/stdlib as requirement -* Add validation for mysql privs in provider -* Add `pidfile` parameter to mysql::config -* Add `ensure` parameter to mysql::db -* Add Amazon linux support -* Change `bind_address` parameter to be optional in my.cnf template -* Fix quoting root passwords - -##2012-07-24 - Version 0.4.0 -* Fix various bugs regarding database names -* FreeBSD support -* Allow specifying the storage engine -* Add a backup class -* Add a security class to purge default accounts - -##2012-05-03 - Version 0.3.0 -* 14218 Query the database for available privileges -* Add mysql::java class for java connector installation -* Use correct error log location on different distros -* Fix set_mysql_rootpw to properly depend on my.cnf - -##2012-04-11 - Version 0.2.0 - -##2012-03-19 - William Van Hevelingen -* (#13203) Add ssl support (f7e0ea5) - -##2012-03-18 - Nan Liu -* Travis ci before script needs success exit code. (0ea463b) - -##2012-03-18 - Nan Liu -* Fix Puppet 2.6 compilation issues. (9ebbbc4) - -##2012-03-16 - Nan Liu -* Add travis.ci for testing multiple puppet versions. (33c72ef) - -##2012-03-15 - William Van Hevelingen -* (#13163) Datadir should be configurable (f353fc6) - -##2012-03-16 - Nan Liu -* Document create_resources dependency. (558a59c) - -##2012-03-16 - Nan Liu -* Fix spec test issues related to error message. (eff79b5) - -##2012-03-16 - Nan Liu -* Fix mysql service on Ubuntu. (72da2c5) - -##2012-03-16 - Dan Bode -* Add more spec test coverage (55e399d) - -##2012-03-16 - Nan Liu -* (#11963) Fix spec test due to path changes. (1700349) - -##2012-03-07 - François Charlier -* Add a test to check path for 'mysqld-restart' (b14c7d1) - -##2012-03-07 - François Charlier -* Fix path for 'mysqld-restart' (1a9ae6b) - -##2012-03-15 - Dan Bode -* Add rspec-puppet tests for mysql::config (907331a) - -##2012-03-15 - Dan Bode -* Moved class dependency between sever and config to server (da62ad6) - -##2012-03-14 - Dan Bode -* Notify mysql restart from set_mysql_rootpw exec (0832a2c) - -##2012-03-15 - Nan Liu -* Add documentation related to osfamily fact. (8265d28) - -##2012-03-14 - Dan Bode -* Mention osfamily value in failure message (e472d3b) - -##2012-03-14 - Dan Bode -* Fix bug when querying for all database users (015490c) - -##2012-02-09 - Nan Liu -* Major refactor of mysql module. (b1f90fd) - -##2012-01-11 - Justin Ellison -* Ruby and Python's MySQL libraries are named differently on different distros. (1e926b4) - -##2012-01-11 - Justin Ellison -* Per @ghoneycutt, we should fail explicitly and explain why. (09af083) - -##2012-01-11 - Justin Ellison -* Removing duplicate declaration (7513d03) - -##2012-01-10 - Justin Ellison -* Use socket value from params class instead of hardcoding. (663e97c) - -##2012-01-10 - Justin Ellison -* Instead of hardcoding the config file target, pull it from mysql::params (031a47d) - -##2012-01-10 - Justin Ellison -* Moved $socket to within the case to toggle between distros. Added a $config_file variable to allow per-distro config file destinations. (360eacd) - -##2012-01-10 - Justin Ellison -* Pretty sure this is a bug, 99% of Linux distros out there won't ever hit the default. (3462e6b) - -##2012-02-09 - William Van Hevelingen -* Changed the README to use markdown (3b7dfeb) - -##2012-02-04 - Daniel Black -* (#12412) mysqltuner.pl update (b809e6f) - -##2011-11-17 - Matthias Pigulla -* (#11363) Add two missing privileges to grant: event_priv, trigger_priv (d15c9d1) - -##2011-12-20 - Jeff McCune -* (minor) Fixup typos in Modulefile metadata (a0ed6a1) - -##2011-12-19 - Carl Caum -* Only notify Exec to import sql if sql is given (0783c74) - -##2011-12-19 - Carl Caum -* (#11508) Only load sql_scripts on DB creation (e3b9fd9) - -##2011-12-13 - Justin Ellison -* Require not needed due to implicit dependencies (3058feb) - -##2011-12-13 - Justin Ellison -* Bug #11375: puppetlabs-mysql fails on CentOS/RHEL (a557b8d) - -##2011-06-03 - Dan Bode - 0.0.1 -* initial commit diff --git a/mysql/CONTRIBUTING.md b/mysql/CONTRIBUTING.md deleted file mode 100644 index bfeaa701c..000000000 --- a/mysql/CONTRIBUTING.md +++ /dev/null @@ -1,220 +0,0 @@ -Checklist (and a short version for the impatient) -================================================= - - * Commits: - - - Make commits of logical units. - - - Check for unnecessary whitespace with "git diff --check" before - committing. - - - Commit using Unix line endings (check the settings around "crlf" in - git-config(1)). - - - Do not check in commented out code or unneeded files. - - - The first line of the commit message should be a short - description (50 characters is the soft limit, excluding ticket - number(s)), and should skip the full stop. - - - Associate the issue in the message. The first line should include - the issue number in the form "(#XXXX) Rest of message". - - - The body should provide a meaningful commit message, which: - - - uses the imperative, present tense: "change", not "changed" or - "changes". - - - includes motivation for the change, and contrasts its - implementation with the previous behavior. - - - Make sure that you have tests for the bug you are fixing, or - feature you are adding. - - - Make sure the test suites passes after your commit: - `bundle exec rspec spec/acceptance` More information on [testing](#Testing) below - - - When introducing a new feature, make sure it is properly - documented in the README.md - - * Submission: - - * Pre-requisites: - - - Make sure you have a [GitHub account](https://github.com/join) - - - [Create a ticket](https://tickets.puppetlabs.com/secure/CreateIssue!default.jspa), or [watch the ticket](https://tickets.puppetlabs.com/browse/) you are patching for. - - * Preferred method: - - - Fork the repository on GitHub. - - - Push your changes to a topic branch in your fork of the - repository. (the format ticket/1234-short_description_of_change is - usually preferred for this project). - - - Submit a pull request to the repository in the puppetlabs - organization. - -The long version -================ - - 1. Make separate commits for logically separate changes. - - Please break your commits down into logically consistent units - which include new or changed tests relevant to the rest of the - change. The goal of doing this is to make the diff easier to - read for whoever is reviewing your code. In general, the easier - your diff is to read, the more likely someone will be happy to - review it and get it into the code base. - - If you are going to refactor a piece of code, please do so as a - separate commit from your feature or bug fix changes. - - We also really appreciate changes that include tests to make - sure the bug is not re-introduced, and that the feature is not - accidentally broken. - - Describe the technical detail of the change(s). If your - description starts to get too long, that is a good sign that you - probably need to split up your commit into more finely grained - pieces. - - Commits which plainly describe the things which help - reviewers check the patch and future developers understand the - code are much more likely to be merged in with a minimum of - bike-shedding or requested changes. Ideally, the commit message - would include information, and be in a form suitable for - inclusion in the release notes for the version of Puppet that - includes them. - - Please also check that you are not introducing any trailing - whitespace or other "whitespace errors". You can do this by - running "git diff --check" on your changes before you commit. - - 2. Sending your patches - - To submit your changes via a GitHub pull request, we _highly_ - recommend that you have them on a topic branch, instead of - directly on "master". - It makes things much easier to keep track of, especially if - you decide to work on another thing before your first change - is merged in. - - GitHub has some pretty good - [general documentation](http://help.github.com/) on using - their site. They also have documentation on - [creating pull requests](http://help.github.com/send-pull-requests/). - - In general, after pushing your topic branch up to your - repository on GitHub, you can switch to the branch in the - GitHub UI and click "Pull Request" towards the top of the page - in order to open a pull request. - - - 3. Update the related GitHub issue. - - If there is a GitHub issue associated with the change you - submitted, then you should update the ticket to include the - location of your branch, along with any other commentary you - may wish to make. - -Testing -======= - -Getting Started ---------------- - -Our puppet modules provide [`Gemfile`](./Gemfile)s which can tell a ruby -package manager such as [bundler](http://bundler.io/) what Ruby packages, -or Gems, are required to build, develop, and test this software. - -Please make sure you have [bundler installed](http://bundler.io/#getting-started) -on your system, then use it to install all dependencies needed for this project, -by running - -```shell -% bundle install -Fetching gem metadata from https://rubygems.org/........ -Fetching gem metadata from https://rubygems.org/.. -Using rake (10.1.0) -Using builder (3.2.2) --- 8><-- many more --><8 -- -Using rspec-system-puppet (2.2.0) -Using serverspec (0.6.3) -Using rspec-system-serverspec (1.0.0) -Using bundler (1.3.5) -Your bundle is complete! -Use `bundle show [gemname]` to see where a bundled gem is installed. -``` - -NOTE some systems may require you to run this command with sudo. - -If you already have those gems installed, make sure they are up-to-date: - -```shell -% bundle update -``` - -With all dependencies in place and up-to-date we can now run the tests: - -```shell -% bundle exec rake spec -``` - -This will execute all the [rspec tests](http://rspec-puppet.com/) tests -under [spec/defines](./spec/defines), [spec/classes](./spec/classes), -and so on. rspec tests may have the same kind of dependencies as the -module they are testing. While the module defines in its [Modulefile](./Modulefile), -rspec tests define them in [.fixtures.yml](./fixtures.yml). - -Some puppet modules also come with [beaker](https://github.com/puppetlabs/beaker) -tests. These tests spin up a virtual machine under -[VirtualBox](https://www.virtualbox.org/)) with, controlling it with -[Vagrant](http://www.vagrantup.com/) to actually simulate scripted test -scenarios. In order to run these, you will need both of those tools -installed on your system. - -You can run them by issuing the following command - -```shell -% bundle exec rake spec_clean -% bundle exec rspec spec/acceptance -``` - -This will now download a pre-fabricated image configured in the [default node-set](./spec/acceptance/nodesets/default.yml), -install puppet, copy this module and install its dependencies per [spec/spec_helper_acceptance.rb](./spec/spec_helper_acceptance.rb) -and then run all the tests under [spec/acceptance](./spec/acceptance). - -Writing Tests -------------- - -XXX getting started writing tests. - -If you have commit access to the repository -=========================================== - -Even if you have commit access to the repository, you will still need to -go through the process above, and have someone else review and merge -in your changes. The rule is that all changes must be reviewed by a -developer on the project (that did not write the code) to ensure that -all changes go through a code review process. - -Having someone other than the author of the topic branch recorded as -performing the merge is the record that they performed the code -review. - - -Additional Resources -==================== - -* [Getting additional help](http://puppetlabs.com/community/get-help) - -* [Writing tests](http://projects.puppetlabs.com/projects/puppet/wiki/Development_Writing_Tests) - -* [Patchwork](https://patchwork.puppetlabs.com) - -* [General GitHub documentation](http://help.github.com/) - -* [GitHub pull request documentation](http://help.github.com/send-pull-requests/) - diff --git a/mysql/Gemfile b/mysql/Gemfile deleted file mode 100644 index efe167ce7..000000000 --- a/mysql/Gemfile +++ /dev/null @@ -1,40 +0,0 @@ -#This file is generated by ModuleSync, do not edit. - -source ENV['GEM_SOURCE'] || "https://rubygems.org" - -def location_for(place, version = nil) - if place =~ /^(git[:@][^#]*)#(.*)/ - [version, { :git => $1, :branch => $2, :require => false}].compact - elsif place =~ /^file:\/\/(.*)/ - ['>= 0', { :path => File.expand_path($1), :require => false}] - else - [place, version, { :require => false}].compact - end -end - -group :development, :unit_tests do - gem 'json', :require => false - gem 'metadata-json-lint', :require => false - gem 'puppet_facts', :require => false - gem 'puppet-blacksmith', :require => false - gem 'puppetlabs_spec_helper', :require => false - gem 'rspec-puppet', '>= 2.3.2', :require => false - gem 'simplecov', :require => false - gem 'rspec-puppet-facts', :require => false -end -group :system_tests do - gem 'beaker-rspec', *location_for(ENV['BEAKER_RSPEC_VERSION'] || '>= 3.4') - gem 'beaker', *location_for(ENV['BEAKER_VERSION']) - gem 'serverspec', :require => false - gem 'beaker-puppet_install_helper', :require => false - gem 'master_manipulator', :require => false - gem 'beaker-hostgenerator', *location_for(ENV['BEAKER_HOSTGENERATOR_VERSION']) -end - -gem 'facter', *location_for(ENV['FACTER_GEM_VERSION']) -gem 'puppet', *location_for(ENV['PUPPET_GEM_VERSION']) - - -if File.exists? "#{__FILE__}.local" - eval(File.read("#{__FILE__}.local"), binding) -end diff --git a/mysql/LICENSE b/mysql/LICENSE deleted file mode 100644 index d64569567..000000000 --- a/mysql/LICENSE +++ /dev/null @@ -1,202 +0,0 @@ - - Apache License - Version 2.0, January 2004 - http://www.apache.org/licenses/ - - TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION - - 1. Definitions. - - "License" shall mean the terms and conditions for use, reproduction, - and distribution as defined by Sections 1 through 9 of this document. - - "Licensor" shall mean the copyright owner or entity authorized by - the copyright owner that is granting the License. - - "Legal Entity" shall mean the union of the acting entity and all - other entities that control, are controlled by, or are under common - control with that entity. For the purposes of this definition, - "control" means (i) the power, direct or indirect, to cause the - direction or management of such entity, whether by contract or - otherwise, or (ii) ownership of fifty percent (50%) or more of the - outstanding shares, or (iii) beneficial ownership of such entity. - - "You" (or "Your") shall mean an individual or Legal Entity - exercising permissions granted by this License. - - "Source" form shall mean the preferred form for making modifications, - including but not limited to software source code, documentation - source, and configuration files. - - "Object" form shall mean any form resulting from mechanical - transformation or translation of a Source form, including but - not limited to compiled object code, generated documentation, - and conversions to other media types. - - "Work" shall mean the work of authorship, whether in Source or - Object form, made available under the License, as indicated by a - copyright notice that is included in or attached to the work - (an example is provided in the Appendix below). - - "Derivative Works" shall mean any work, whether in Source or Object - form, that is based on (or derived from) the Work and for which the - editorial revisions, annotations, elaborations, or other modifications - represent, as a whole, an original work of authorship. For the purposes - of this License, Derivative Works shall not include works that remain - separable from, or merely link (or bind by name) to the interfaces of, - the Work and Derivative Works thereof. - - "Contribution" shall mean any work of authorship, including - the original version of the Work and any modifications or additions - to that Work or Derivative Works thereof, that is intentionally - submitted to Licensor for inclusion in the Work by the copyright owner - or by an individual or Legal Entity authorized to submit on behalf of - the copyright owner. For the purposes of this definition, "submitted" - means any form of electronic, verbal, or written communication sent - to the Licensor or its representatives, including but not limited to - communication on electronic mailing lists, source code control systems, - and issue tracking systems that are managed by, or on behalf of, the - Licensor for the purpose of discussing and improving the Work, but - excluding communication that is conspicuously marked or otherwise - designated in writing by the copyright owner as "Not a Contribution." - - "Contributor" shall mean Licensor and any individual or Legal Entity - on behalf of whom a Contribution has been received by Licensor and - subsequently incorporated within the Work. - - 2. Grant of Copyright License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - copyright license to reproduce, prepare Derivative Works of, - publicly display, publicly perform, sublicense, and distribute the - Work and such Derivative Works in Source or Object form. - - 3. Grant of Patent License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - (except as stated in this section) patent license to make, have made, - use, offer to sell, sell, import, and otherwise transfer the Work, - where such license applies only to those patent claims licensable - by such Contributor that are necessarily infringed by their - Contribution(s) alone or by combination of their Contribution(s) - with the Work to which such Contribution(s) was submitted. If You - institute patent litigation against any entity (including a - cross-claim or counterclaim in a lawsuit) alleging that the Work - or a Contribution incorporated within the Work constitutes direct - or contributory patent infringement, then any patent licenses - granted to You under this License for that Work shall terminate - as of the date such litigation is filed. - - 4. Redistribution. You may reproduce and distribute copies of the - Work or Derivative Works thereof in any medium, with or without - modifications, and in Source or Object form, provided that You - meet the following conditions: - - (a) You must give any other recipients of the Work or - Derivative Works a copy of this License; and - - (b) You must cause any modified files to carry prominent notices - stating that You changed the files; and - - (c) You must retain, in the Source form of any Derivative Works - that You distribute, all copyright, patent, trademark, and - attribution notices from the Source form of the Work, - excluding those notices that do not pertain to any part of - the Derivative Works; and - - (d) If the Work includes a "NOTICE" text file as part of its - distribution, then any Derivative Works that You distribute must - include a readable copy of the attribution notices contained - within such NOTICE file, excluding those notices that do not - pertain to any part of the Derivative Works, in at least one - of the following places: within a NOTICE text file distributed - as part of the Derivative Works; within the Source form or - documentation, if provided along with the Derivative Works; or, - within a display generated by the Derivative Works, if and - wherever such third-party notices normally appear. The contents - of the NOTICE file are for informational purposes only and - do not modify the License. You may add Your own attribution - notices within Derivative Works that You distribute, alongside - or as an addendum to the NOTICE text from the Work, provided - that such additional attribution notices cannot be construed - as modifying the License. - - You may add Your own copyright statement to Your modifications and - may provide additional or different license terms and conditions - for use, reproduction, or distribution of Your modifications, or - for any such Derivative Works as a whole, provided Your use, - reproduction, and distribution of the Work otherwise complies with - the conditions stated in this License. - - 5. Submission of Contributions. Unless You explicitly state otherwise, - any Contribution intentionally submitted for inclusion in the Work - by You to the Licensor shall be under the terms and conditions of - this License, without any additional terms or conditions. - Notwithstanding the above, nothing herein shall supersede or modify - the terms of any separate license agreement you may have executed - with Licensor regarding such Contributions. - - 6. Trademarks. This License does not grant permission to use the trade - names, trademarks, service marks, or product names of the Licensor, - except as required for reasonable and customary use in describing the - origin of the Work and reproducing the content of the NOTICE file. - - 7. Disclaimer of Warranty. Unless required by applicable law or - agreed to in writing, Licensor provides the Work (and each - Contributor provides its Contributions) on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or - implied, including, without limitation, any warranties or conditions - of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A - PARTICULAR PURPOSE. You are solely responsible for determining the - appropriateness of using or redistributing the Work and assume any - risks associated with Your exercise of permissions under this License. - - 8. Limitation of Liability. In no event and under no legal theory, - whether in tort (including negligence), contract, or otherwise, - unless required by applicable law (such as deliberate and grossly - negligent acts) or agreed to in writing, shall any Contributor be - liable to You for damages, including any direct, indirect, special, - incidental, or consequential damages of any character arising as a - result of this License or out of the use or inability to use the - Work (including but not limited to damages for loss of goodwill, - work stoppage, computer failure or malfunction, or any and all - other commercial damages or losses), even if such Contributor - has been advised of the possibility of such damages. - - 9. Accepting Warranty or Additional Liability. While redistributing - the Work or Derivative Works thereof, You may choose to offer, - and charge a fee for, acceptance of support, warranty, indemnity, - or other liability obligations and/or rights consistent with this - License. However, in accepting such obligations, You may act only - on Your own behalf and on Your sole responsibility, not on behalf - of any other Contributor, and only if You agree to indemnify, - defend, and hold each Contributor harmless for any liability - incurred by, or claims asserted against, such Contributor by reason - of your accepting any such warranty or additional liability. - - END OF TERMS AND CONDITIONS - - APPENDIX: How to apply the Apache License to your work. - - To apply the Apache License to your work, attach the following - boilerplate notice, with the fields enclosed by brackets "[]" - replaced with your own identifying information. (Don't include - the brackets!) The text should be enclosed in the appropriate - comment syntax for the file format. We also recommend that a - file or class name and description of purpose be included on the - same "printed page" as the copyright notice for easier - identification within third-party archives. - - Copyright [yyyy] [name of copyright owner] - - Licensed under the Apache License, Version 2.0 (the "License"); - you may not use this file except in compliance with the License. - You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - - Unless required by applicable law or agreed to in writing, software - distributed under the License is distributed on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - See the License for the specific language governing permissions and - limitations under the License. diff --git a/mysql/NOTICE b/mysql/NOTICE deleted file mode 100644 index caaa8f4ff..000000000 --- a/mysql/NOTICE +++ /dev/null @@ -1,18 +0,0 @@ -mysql puppet module - -Copyright (C) 2013-2016 Puppet Labs, Inc. - -Puppet Labs can be contacted at: info@puppetlabs.com - - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. diff --git a/mysql/README.md b/mysql/README.md deleted file mode 100644 index e0d767177..000000000 --- a/mysql/README.md +++ /dev/null @@ -1,874 +0,0 @@ -# mysql - -#### Table of Contents - -1. [Module Description - What the module does and why it is useful](#module-description) -2. [Backwards compatibility information](#backwards-compatibility) -3. [Setup - The basics of getting started with mysql](#setup) - * [Beginning with mysql](#beginning-with-mysql) -4. [Usage - Configuration options and additional functionality](#usage) - * [Customizing Server Options](#customizing-server-options) - * [Creating a Database](#creating-a-database) - * [Custom Configuration](#custom-configuration) -5. [Reference - An under-the-hood peek at what the module is doing and how](#reference) -6. [Limitations - OS compatibility, etc.](#limitations) -7. [Development - Guide for contributing to the module](#development) - -## Module Description - -The MySQL module installs, configures, and manages the MySQL service. - -The MySQL module manages both the installation and configuration of MySQL, as well as extending Puppet to allow management of MySQL resources, such as databases, users, and grants. - -## Setup - -### Beginning with MySQL - -If you want a server installed with the default options you can run -`include '::mysql::server'`. - -If you need to customize options, such as the root -password or `/etc/my.cnf` settings, then you must also pass in an override hash: - -~~~ -class { '::mysql::server': - root_password => 'strongpassword', - remove_default_accounts => true, - override_options => $override_options -} -~~~ - -See [**Customizing Server Options**](#customizing-server-options) below for examples of the hash structure for $override_options`. - -## Usage - -All interaction for the server is done via `mysql::server`. To install the client, use `mysql::client`. To install bindings, use `mysql::bindings`. - -### Customizing Server Options - -The hash structure for overrides in `mysql::server` can be structured like a hash in the my.cnf file, so: - -~~~ -$override_options = { - 'section' => { - 'item' => 'thing', - } -} -~~~ - -For items that you would traditionally represent as - -~~~ -[section] -thing = X -~~~ - -you can make an entry like `thing => true`, `thing => value`, or `thing => "` in the hash. Alternatively, you can pass an array, as `thing => ['value', 'value2']`, or list each `thing => value` separately on separate lines. - -MySQL doesn't care if 'thing' is alone or set to a value; it happily accepts both. To keep an option out of the my.cnf file --- e.g., when using `override_options` to revert to a default value --- you can pass `thing => undef`. - -If an option needs multiple instances, you can pass an array. For example, - -~~~ -$override_options = { - 'mysqld' => { - 'replicate-do-db' => ['base1', 'base2'], - } -} -~~~ - -produces - -~~~ -[mysqld] -replicate-do-db = base1 -replicate-do-db = base2 -~~~ - -To implement version specific parameters you can use [mysqld-5.5] syntax which is only read by MySQL version 5.5. This allows one config for different versions of MySQL. - -### Creating a database - -To use `mysql::db` to create a database with a user and assign some privileges: - -~~~ -mysql::db { 'mydb': - user => 'myuser', - password => 'mypass', - host => 'localhost', - grant => ['SELECT', 'UPDATE'], -} -~~~ - -Or to use a different resource name with exported resources: - -~~~ - @@mysql::db { "mydb_${fqdn}": - user => 'myuser', - password => 'mypass', - dbname => 'mydb', - host => ${fqdn}, - grant => ['SELECT', 'UPDATE'], - tag => $domain, -} -~~~ - -Then you can collect it on the remote DB server: - -~~~ -Mysql::Db <<| tag == $domain |>> -~~~ - -If you set the sql param to a file when creating a database, the file gets imported into the new database. - -For large sql files, you should raise the $import_timeout parameter, set by default to 300 seconds. - -~~~ -mysql::db { 'mydb': - user => 'myuser', - password => 'mypass', - host => 'localhost', - grant => ['SELECT', 'UPDATE'], - sql => '/path/to/sqlfile', - import_timeout => 900, -} -~~~ - -### Custom Configuration - -To add custom MySQL configuration, drop additional files into -`includedir`. Dropping files into `includedir` allows you to override settings or add additional ones, which is helpful if you choose not to use `override_options` in `mysql::server`. The `includedir` location is by default set to /etc/mysql/conf.d. - -### Working with an existing server - -You can use the MySQL module to instantiate databases and -users on an existing MySQL server. For this to work, you need an -appropriate `.my.cnf` in `root`'s home directory containing the remote -server address and credentials. For example: - - [client] - user=root - host=localhost - password=secret - -When working with a remote server, do *not* use the -`mysql::server` class in your Puppet manifests. - -### Using passwords - -As well as inputting passwords as plain text you can input them as hashes. For example: - -~~~ -mysql::db { 'mydb': - user => 'myuser', - password => '*6C8989366EAF75BB670AD8EA7A7FC1176A95CEF4', - host => 'localhost', - grant => ['SELECT', 'UPDATE'], -} -~~~ - -## Reference - -### Classes - -#### Public classes - -* [`mysql::server`](#mysqlserver): Installs and configures MySQL. -* [`mysql::server::monitor`](#mysqlservermonitor): Sets up a monitoring user. -* [`mysql::server::mysqltuner`](#mysqlservermysqltuner): Installs MySQL tuner script. -* [`mysql::server::backup`](#mysqlserverbackup): Sets up MySQL backups via cron. -* [`mysql::bindings`](#mysqlbindings): Installs various MySQL language bindings. -* [`mysql::client`](#mysqlclient): Installs MySQL client (for non-servers). - -#### Private classes - -* `mysql::server::install`: Installs packages. -* `mysql::server::installdb`: Implements setup of mysqld data directory (e.g. /var/lib/mysql) -* `mysql::server::config`: Configures MYSQL. -* `mysql::server::service`: Manages service. -* `mysql::server::account_security`: Deletes default MySQL accounts. -* `mysql::server::root_password`: Sets MySQL root password. -* `mysql::server::providers`: Creates users, grants, and databases. -* `mysql::bindings::client_dev`: Installs MySQL client development package. -* `mysql::bindings::daemon_dev`: Installs MySQL daemon development package. -* `mysql::bindings::java`: Installs Java bindings. -* `mysql::bindings::perl`: Installs Perl bindings. -* `mysql::bindings::php`: Installs PHP bindings. -* `mysql::bindings::python`: Installs Python bindings. -* `mysql::bindings::ruby`: Installs Ruby bindings. -* `mysql::client::install`: Installs MySQL client. -* `mysql::backup::mysqldump`: Implements mysqldump backups. -* `mysql::backup::mysqlbackup`: Implements backups with Oracle MySQL Enterprise Backup. -* `mysql::backup::xtrabackup`: Implements backups with XtraBackup from Percona. - -### Parameters - -#### mysql::server - -##### `create_root_user` - -Specify whether root user should be created. Valid values are 'true', 'false'. Defaults to 'true'. - -This is useful for a cluster setup with Galera. The root user has to -be created only once. `create_root_user` can be set to 'true' on one node while -it is set to 'false' on the remaining nodes. - -##### `create_root_my_cnf` - -If set to 'true', creates `/root/.my.cnf`. Valid values are 'true', 'false'. Defaults to 'true'. - -`create_root_my_cnf` allows creation of `/root/.my.cnf` independently of `create_root_user`. This can be used for a cluster setup with Galera where you want `/root/.my.cnf` to exist on all nodes. - -##### `root_password` - -The MySQL root password. Puppet attempts to set the root password and update `/root/.my.cnf` with it. - -This is required if `create_root_user` or `create_root_my_cnf` are 'true'. If `root_password` is 'UNSET', then `create_root_user` and `create_root_my_cnf` are assumed to be false --- that is, the MySQL root user and `/root/.my.cnf` are not created. - -Password changes are supported; however, the old password must be set in `/root/.my.cnf`. Effectively, Puppet uses the old password, configured in `/root/my.cnf`, to set the new password in MySQL, and then updates `/root/.my.cnf` with the new password. - -##### `old_root_password` - -This parameter no longer does anything. It exists only for backwards compatibility. See the `root_password` parameter above for details on changing the root password. - -##### `override_options` - -The hash of override options to pass into MySQL. Structured like a hash in the my.cnf file: - -~~~ -$override_options = { - 'section' => { - 'item' => 'thing', - } -} -~~~ - -See [**Customizing Server Options**](#customizing-server-options) above for usage details. - -##### `config_file` - -The location, as a path, of the MySQL configuration file. - -##### `manage_config_file` - -Whether the MySQL configuration file should be managed. Valid values are 'true', 'false'. Defaults to 'true'. - -##### `includedir` -The location, as a path, of !includedir for custom configuration overrides. - -##### `install_options` -Pass [install_options](https://docs.puppetlabs.com/references/latest/type.html#package-attribute-install_options) array to managed package resources. You must pass the appropriate options for the specified package manager. - -##### `purge_conf_dir` - -Whether the `includedir` directory should be purged. Valid values are 'true', 'false'. Defaults to 'false'. - -##### `restart` - -Whether the service should be restarted when things change. Valid values are 'true', 'false'. Defaults to 'false'. - -##### `root_group` - -The name of the group used for root. Can be a group name or a group ID. See more about the [`group` file attribute](https://docs.puppetlabs.com/references/latest/type.html#file-attribute-group). - -##### `mysql_group` - -The name of the group of the MySQL daemon user. Can be a group name or a group ID. See more about the [`group` file attribute](https://docs.puppetlabs.com/references/latest/type.html#file-attribute-group). - -##### `package_ensure` - -Whether the package exists or should be a specific version. Valid values are 'present', 'absent', or 'x.y.z'. Defaults to 'present'. - -##### `package_manage` - -Whether to manage the MySQL server package. Defaults to true. - -##### `package_name` - -The name of the MySQL server package to install. - -##### `remove_default_accounts` - -Specify whether to automatically include `mysql::server::account_security`. Valid values are 'true', 'false'. Defaults to 'false'. - -##### `service_enabled` - -Specify whether the service should be enabled. Valid values are 'true', 'false'. Defaults to 'true'. - -##### `service_manage` - -Specify whether the service should be managed. Valid values are 'true', 'false'. Defaults to 'true'. - -##### `service_name` - -The name of the MySQL server service. Defaults are OS dependent, defined in params.pp. - -##### `service_provider` - -The provider to use to manage the service. For Ubuntu, defaults to 'upstart'; otherwise, default is undefined. - -##### `users` - -Optional hash of users to create, which are passed to [mysql_user](#mysql_user). - -~~~ -users => { - 'someuser@localhost' => { - ensure => 'present', - max_connections_per_hour => '0', - max_queries_per_hour => '0', - max_updates_per_hour => '0', - max_user_connections => '0', - password_hash => '*F3A2A51A9B0F2BE2468926B4132313728C250DBF', - }, -} -~~~ - -##### `grants` - -Optional hash of grants, which are passed to [mysql_grant](#mysql_grant). - -~~~ -grants => { - 'someuser@localhost/somedb.*' => { - ensure => 'present', - options => ['GRANT'], - privileges => ['SELECT', 'INSERT', 'UPDATE', 'DELETE'], - table => 'somedb.*', - user => 'someuser@localhost', - }, -} -~~~ - -##### `databases` - -Optional hash of databases to create, which are passed to [mysql_database](#mysql_database). - -~~~ -databases => { - 'somedb' => { - ensure => 'present', - charset => 'utf8', - }, -} -~~~ - -#### mysql::server::backup - -##### `backupuser` - -MySQL user to create for backups. - -##### `backuppassword` - -MySQL user password for backups. - -##### `backupdir` - -Directory in which to store backups. - -##### `backupdirmode` - -Permissions applied to the backup directory. This parameter is passed directly -to the `file` resource. - -##### `backupdirowner` - -Owner for the backup directory. This parameter is passed directly to the `file` -resource. - -##### `backupdirgroup` - -Group owner for the backup directory. This parameter is passed directly to the -`file` resource. - -##### `backupcompress` - -Whether backups should be compressed. Valid values are 'true', 'false'. Defaults to 'true'. - -##### `backuprotate` - -How many days to keep backups. Valid value is an integer. Defaults to '30'. - -##### `delete_before_dump` - -Whether to delete old .sql files before backing up. Setting to 'true' deletes old files before backing up, while setting to 'false' deletes them after backup. Valid values are 'true', 'false'. Defaults to 'false'. - -##### `backupdatabases` - -Specify an array of databases to back up. - -##### `file_per_database` - -Whether a separate file be used per database. Valid values are 'true', 'false'. Defaults to 'false'. - -##### `include_routines` - -Whether or not to include routines for each database when doing a `file_per_database` backup. Defaults to `false`. - -##### `include_triggers` - -Whether or not to include triggers for each database when doing a `file_per_database` backup. Defaults to `false`. - -##### `ensure` - -Allows you to remove the backup scripts. Valid values are 'present', 'absent'. Defaults to 'present'. - -##### `execpath` - -Allows you to set a custom PATH should your MySQL installation be non-standard places. Defaults to `/usr/bin:/usr/sbin:/bin:/sbin`. - -##### `time` - -An array of two elements to set the backup time. Allows ['23', '5'] (i.e., 23:05) or ['3', '45'] (i.e., 03:45) for HH:MM times. - -##### `postscript` - -A script that is executed when the backup is finished. This could be used to (r)sync the backup to a central store. This script can be either a single line that is directly executed or a number of lines supplied as an array. It could also be one or more externally managed (executable) files. - -##### `prescript` - -A script that is executed before the backup begins. - -##### `provider` - -Sets the server backup implementation. Valid values are: - -* `mysqldump`: Implements backups with mysqldump. Backup type: Logical. This is the default value. -* `mysqlbackup`: Implements backups with MySQL Enterprise Backup from Oracle. Backup type: Physical. To use this type of backup, you'll need the `meb` package, which is available in RPM and TAR formats from Oracle. For Ubuntu, you can use [meb-deb](https://github.com/dveeden/meb-deb) to create a package from an official tarball. -* `xtrabackup`: Implements backups with XtraBackup from Percona. Backup type: Physical. - -#### mysql::server::monitor - -##### `mysql_monitor_username` - -The username to create for MySQL monitoring. - -##### `mysql_monitor_password` - -The password to create for MySQL monitoring. - -##### `mysql_monitor_hostname` - -The hostname from which the monitoring user requests are allowed access. - -#### mysql::server::mysqltuner - -**Note**: If you're using this class on a non-network-connected system, you must download the mysqltuner.pl script and have it hosted somewhere accessible via `http(s)://`, `puppet://`, `ftp://`, or a fully qualified file path. - -##### `ensure` - -Ensures that the resource exists. Valid values are `present`, `absent`. Defaults to `present`. - -##### `version` - -The version to install from the major/MySQLTuner-perl github repository. Must be a valid tag. Defaults to 'v1.3.0'. - -##### `source` - -Parameter to optionally specify the source. If not specified, defaults to `https://github.com/major/MySQLTuner-perl/raw/${version}/mysqltuner.pl` - -#### mysql::bindings - -##### `client_dev` - -Specify whether `::mysql::bindings::client_dev` should be included. Valid values are true', 'false'. Defaults to 'false'. - -##### `daemon_dev` - -Specify whether `::mysql::bindings::daemon_dev` should be included. Valid values are 'true', 'false'. Defaults to 'false'. - -##### `java_enable` - -Specify whether `::mysql::bindings::java` should be included. Valid values are 'true', 'false'. Defaults to 'false'. - -##### `perl_enable` - -Specify whether `mysql::bindings::perl` should be included. Valid values are 'true', 'false'. Defaults to 'false'. - -##### `php_enable` - -Specify whether `mysql::bindings::php` should be included. Valid values are 'true', 'false'. Defaults to 'false'. - -##### `python_enable` - -Specify whether `mysql::bindings::python` should be included. Valid values are 'true', 'false'. Defaults to 'false'. - -##### `ruby_enable` - -Specify whether `mysql::bindings::ruby` should be included. Valid values are 'true', 'false'. Defaults to 'false'. - -##### `install_options` - -Pass `install_options` array to managed package resources. You must pass the [appropriate options](https://docs.puppetlabs.com/references/latest/type.html#package-attribute-install_options) for the package manager(s). - -##### `client_dev_package_ensure` - -Whether the package should be present, absent, or a specific version. Valid values are 'present', 'absent', or 'x.y.z'. Only applies if `client_dev => true`. - -##### `client_dev_package_name` - -The name of the client_dev package to install. Only applies if `client_dev => true`. - -##### `client_dev_package_provider` - -The provider to use to install the client_dev package. Only applies if `client_dev => true`. - -##### `daemon_dev_package_ensure` - -Whether the package should be present, absent, or a specific version. Valid values are 'present', 'absent', or 'x.y.z'. Only applies if `daemon_dev => true`. - -##### `daemon_dev_package_name` - -The name of the daemon_dev package to install. Only applies if `daemon_dev => true`. - -##### `daemon_dev_package_provider` - -The provider to use to install the daemon_dev package. Only applies if `daemon_dev => true`. - -##### `java_package_ensure` - -Whether the package should be present, absent, or a specific version. Valid values are 'present', 'absent', or 'x.y.z'. Only applies if `java_enable => true`. - -##### `java_package_name` - -The name of the Java package to install. Only applies if `java_enable => true`. - -##### `java_package_provider` - -The provider to use to install the Java package. Only applies if `java_enable => true`. - -##### `perl_package_ensure` - -Whether the package should be present, absent, or a specific version. Valid values are 'present', 'absent', or 'x.y.z'. Only applies if `perl_enable => true`. - -##### `perl_package_name` - -The name of the Perl package to install. Only applies if `perl_enable => true`. - -##### `perl_package_provider` - -The provider to use to install the Perl package. Only applies if `perl_enable => true`. - -##### `php_package_ensure` - -Whether the package should be present, absent, or a specific version. Valid values are 'present', 'absent', or 'x.y.z'. Only applies if `php_enable => true`. - -##### `php_package_name` - -The name of the PHP package to install. Only applies if `php_enable => true`. - -##### `python_package_ensure` - -Whether the package should be present, absent, or a specific version. Valid values are 'present', 'absent', or 'x.y.z'. Only applies if `python_enable => true`. - -##### `python_package_name` - -The name of the Python package to install. Only applies if `python_enable => true`. - -##### `python_package_provider` - -The provider to use to install the PHP package. Only applies if `python_enable => true`. - -##### `ruby_package_ensure` - -Whether the package should be present, absent, or a specific version. Valid values are 'present', 'absent', or 'x.y.z'. Only applies if `ruby_enable => true`. - -##### `ruby_package_name` - -The name of the Ruby package to install. Only applies if `ruby_enable => true`. - -##### `ruby_package_provider` - -What provider should be used to install the package. - -#### mysql::client - -##### `bindings_enable` - -Whether to automatically install all bindings. Valid values are 'true', 'false'. Default to 'false'. - -##### `install_options` -Array of install options for managed package resources. You must pass the appropriate options for the package manager. - -##### `package_ensure` - -Whether the MySQL package should be present, absent, or a specific version. Valid values are 'present', 'absent', or 'x.y.z'. - -##### `package_manage` - -Whether to manage the MySQL client package. Defaults to true. - -##### `package_name` - -The name of the MySQL client package to install. - -### Defines - -#### mysql::db - -~~~ -mysql_database { 'information_schema': - ensure => 'present', - charset => 'utf8', - collate => 'utf8_swedish_ci', -} -mysql_database { 'mysql': - ensure => 'present', - charset => 'latin1', - collate => 'latin1_swedish_ci', -} -~~~ - -##### `user` - -The user for the database you're creating. - -##### `password` - -The password for $user for the database you're creating. - -##### `dbname` - -The name of the database to create. Defaults to $name. - -##### `charset` - -The character set for the database. Defaults to 'utf8'. - -##### `collate` - -The collation for the database. Defaults to 'utf8_general_ci'. - -##### `host` - -The host to use as part of user@host for grants. Defaults to 'localhost'. - -##### `grant` - -The privileges to be granted for user@host on the database. Defaults to 'ALL'. - -##### `sql` - -The path to the sqlfile you want to execute. This can be single file specified as string, or it can be an array of strings. Defaults to undef. - -##### `enforce_sql` - -Specify whether executing the sqlfiles should happen on every run. If set to 'false', sqlfiles only run once. Valid values are 'true', 'false'. Defaults to 'false'. - -##### `ensure` - -Specify whether to create the database. Valid values are 'present', 'absent'. Defaults to 'present'. - -##### `import_timeout` - -Timeout, in seconds, for loading the sqlfiles. Defaults to '300'. - -### Types - -#### mysql_database - -`mysql_database` creates and manages databases within MySQL. - -##### `ensure` - -Whether the resource is present. Valid values are 'present', 'absent'. Defaults to 'present'. - -##### `name` - -The name of the MySQL database to manage. - -##### `charset` - -The CHARACTER SET setting for the database. Defaults to ':utf8'. - -##### `collate` - -The COLLATE setting for the database. Defaults to ':utf8_general_ci'. - -#### mysql_user - -Creates and manages user grants within MySQL. - -~~~ -mysql_user { 'root@127.0.0.1': - ensure => 'present', - max_connections_per_hour => '0', - max_queries_per_hour => '0', - max_updates_per_hour => '0', - max_user_connections => '0', -} -~~~ - -You can also specify an authentication plugin. - -~~~ -mysql_user{ 'myuser'@'localhost': - ensure => 'present', - plugin => 'unix_socket', -} -~~~ - -##### `name` - -The name of the user, as 'username@hostname' or username@hostname. - -##### `password_hash` - -The user's password hash of the user. Use mysql_password() for creating such a hash. - -##### `max_user_connections` - -Maximum concurrent connections for the user. Must be an integer value. A value of '0' specifies no (or global) limit. - -##### `max_connections_per_hour` - -Maximum connections per hour for the user. Must be an integer value. A value of '0' specifies no (or global) limit. - -##### `max_queries_per_hour` - -Maximum queries per hour for the user. Must be an integer value. A value of '0' specifies no (or global) limit. - -##### `max_updates_per_hour` - -Maximum updates per hour for the user. Must be an integer value. A value of '0' specifies no (or global) limit. - - -#### mysql_grant - -`mysql_grant` creates grant permissions to access databases within -MySQL. To create grant permissions to access databases with MySQL, use it you must create the title of the resource as shown below, -following the pattern of `username@hostname/database.table`: - -~~~ -mysql_grant { 'root@localhost/*.*': - ensure => 'present', - options => ['GRANT'], - privileges => ['ALL'], - table => '*.*', - user => 'root@localhost', -} -~~~ - -It is possible to specify privileges down to the column level: - -~~~ -mysql_grant { 'root@localhost/mysql.user': - ensure => 'present', - privileges => ['SELECT (Host, User)'], - table => 'mysql.user', - user => 'root@localhost', -} -~~~ - -##### `ensure` - -Whether the resource is present. Valid values are 'present', 'absent'. Defaults to 'present'. - -##### `name` - -Name to describe the grant. Must in a 'user/table' format. - -##### `privileges` - -Privileges to grant the user. - -##### `table` - -The table to which privileges are applied. - -##### `user` - -User to whom privileges are granted. - -##### `options` - -MySQL options to grant. Optional. - -#### mysql_plugin - -`mysql_plugin` can be used to load plugins into the MySQL Server. - -~~~ -mysql_plugin { 'auth_socket': - ensure => 'present', - soname => 'auth_socket.so', -} -~~~ - -##### `ensure` - -Whether the resource is present. Valid values are 'present', 'absent'. Defaults to 'present'. - -##### `name` - -The name of the MySQL plugin to manage. - -##### `soname` - -The library file name. - -#### `mysql_datadir` - -Initializes the MySQL data directory with version specific code. Pre MySQL 5.7.6 -it uses mysql_install_db. After MySQL 5.7.6 it uses mysqld --initialize-insecure. - -Insecure initialization is needed, as mysqld version 5.7 introduced "secure by default" mode. -This means MySQL generates a random password and writes it to STDOUT. This means puppet -can never accesss the database server afterwards, as no credencials are available. - -This type is an internal type and should not be called directly. - -### Facts - -#### `mysql_version` - -Determines the MySQL version by parsing the output from `mysql --version` - -#### `mysql_server_id` - -Generates a unique id, based on the node's MAC address, which can be used as -`server_id`. This fact will *always* return `0` on nodes that have only -loopback interfaces. Because those nodes aren't connected to the outside world, this shouldn't cause any conflicts. - -## Limitations - -This module has been tested on: - -* RedHat Enterprise Linux 5, 6, 7 -* Debian 6, 7 -* CentOS 5, 6, 7 -* Ubuntu 10.04, 12.04, 14.04 -* Scientific Linux 5, 6 -* SLES 11 - -Testing on other platforms has been minimal and cannot be guaranteed. - -## Development - -Puppet Labs modules on the Puppet Forge are open projects, and community -contributions are essential for keeping them great. We can't access the -huge number of platforms and myriad of hardware, software, and deployment -configurations that Puppet is intended to serve. - -We want to keep it as easy as possible to contribute changes so that our -modules work in your environment. There are a few guidelines that we need -contributors to follow so that we can have a chance of keeping on top of things. - -Check out our the complete [module contribution guide](https://docs.puppetlabs.com/forge/contributing.html). - -### Authors - -This module is based on work by David Schmitt. The following contributors have contributed to this module (beyond Puppet Labs): - -* Larry Ludwig -* Christian G. Warden -* Daniel Black -* Justin Ellison -* Lowe Schmidt -* Matthias Pigulla -* William Van Hevelingen -* Michael Arnold -* Chris Weyl -* Daniël van Eeden - diff --git a/mysql/Rakefile b/mysql/Rakefile deleted file mode 100644 index 7e9a13d5d..000000000 --- a/mysql/Rakefile +++ /dev/null @@ -1,42 +0,0 @@ -require 'puppet_blacksmith/rake_tasks' -require 'puppet-lint/tasks/puppet-lint' -require 'puppetlabs_spec_helper/rake_tasks' - -PuppetLint.configuration.fail_on_warnings = true -PuppetLint.configuration.send('relative') -PuppetLint.configuration.send('disable_80chars') -PuppetLint.configuration.send('disable_class_inherits_from_params_class') -PuppetLint.configuration.send('disable_documentation') -PuppetLint.configuration.send('disable_single_quote_string_with_variables') -PuppetLint.configuration.ignore_paths = ["spec/**/*.pp", "pkg/**/*.pp"] - -desc 'Generate pooler nodesets' -task :gen_nodeset do - require 'beaker-hostgenerator' - require 'securerandom' - require 'fileutils' - - agent_target = ENV['TEST_TARGET'] - if ! agent_target - STDERR.puts 'TEST_TARGET environment variable is not set' - STDERR.puts 'setting to default value of "redhat-64default."' - agent_target = 'redhat-64default.' - end - - master_target = ENV['MASTER_TEST_TARGET'] - if ! master_target - STDERR.puts 'MASTER_TEST_TARGET environment variable is not set' - STDERR.puts 'setting to default value of "redhat7-64mdcl"' - master_target = 'redhat7-64mdcl' - end - - targets = "#{master_target}-#{agent_target}" - cli = BeakerHostGenerator::CLI.new([targets]) - nodeset_dir = "tmp/nodesets" - nodeset = "#{nodeset_dir}/#{targets}-#{SecureRandom.uuid}.yaml" - FileUtils.mkdir_p(nodeset_dir) - File.open(nodeset, 'w') do |fh| - fh.print(cli.execute) - end - puts nodeset -end diff --git a/mysql/TODO b/mysql/TODO deleted file mode 100644 index 391329393..000000000 --- a/mysql/TODO +++ /dev/null @@ -1,8 +0,0 @@ -The best that I can tell is that this code traces back to David Schmitt. It has been forked many times since then :) - -1. you cannot add databases to an instance that has a root password -2. you have to specify username as USER@BLAH or it cannot be found -3. mysql_grant does not complain if user does not exist -4. Needs support for pre-seeding on debian -5. the types may need to take user/password -6. rather or not to configure /etc/.my.cnf should be configurable diff --git a/mysql/examples/backup.pp b/mysql/examples/backup.pp deleted file mode 100644 index 4bdf8043b..000000000 --- a/mysql/examples/backup.pp +++ /dev/null @@ -1,9 +0,0 @@ -class { 'mysql::server': - root_password => 'password' -} - -class { 'mysql::server::backup': - backupuser => 'myuser', - backuppassword => 'mypassword', - backupdir => '/tmp/backups', -} diff --git a/mysql/examples/bindings.pp b/mysql/examples/bindings.pp deleted file mode 100644 index e4e325c61..000000000 --- a/mysql/examples/bindings.pp +++ /dev/null @@ -1,3 +0,0 @@ -class { 'mysql::bindings': - php_enable => true, -} diff --git a/mysql/examples/java.pp b/mysql/examples/java.pp deleted file mode 100644 index 0fc009a6d..000000000 --- a/mysql/examples/java.pp +++ /dev/null @@ -1 +0,0 @@ -class { 'mysql::java':} diff --git a/mysql/examples/mysql_database.pp b/mysql/examples/mysql_database.pp deleted file mode 100644 index 47a328cff..000000000 --- a/mysql/examples/mysql_database.pp +++ /dev/null @@ -1,17 +0,0 @@ -class { 'mysql::server': - root_password => 'password' -} -mysql::db{ ['test1', 'test2', 'test3']: - ensure => present, - charset => 'utf8', - require => Class['mysql::server'], -} -mysql::db{ 'test4': - ensure => present, - charset => 'latin1', -} -mysql::db{ 'test5': - ensure => present, - charset => 'binary', - collate => 'binary', -} diff --git a/mysql/examples/mysql_db.pp b/mysql/examples/mysql_db.pp deleted file mode 100644 index 43c619f8d..000000000 --- a/mysql/examples/mysql_db.pp +++ /dev/null @@ -1,17 +0,0 @@ -class { 'mysql::server': - root_password => 'password' -} -mysql::db { 'mydb': - user => 'myuser', - password => 'mypass', - host => 'localhost', - grant => ['SELECT', 'UPDATE'], -} -mysql::db { "mydb_${fqdn}": - user => 'myuser', - password => 'mypass', - dbname => 'mydb', - host => $::fqdn, - grant => ['SELECT', 'UPDATE'], - tag => $domain, -} diff --git a/mysql/examples/mysql_grant.pp b/mysql/examples/mysql_grant.pp deleted file mode 100644 index 20fe78d6a..000000000 --- a/mysql/examples/mysql_grant.pp +++ /dev/null @@ -1,5 +0,0 @@ -mysql_grant{'test1@localhost/redmine.*': - user => 'test1@localhost', - table => 'redmine.*', - privileges => ['UPDATE'], -} diff --git a/mysql/examples/mysql_plugin.pp b/mysql/examples/mysql_plugin.pp deleted file mode 100644 index d80275972..000000000 --- a/mysql/examples/mysql_plugin.pp +++ /dev/null @@ -1,23 +0,0 @@ -class { 'mysql::server': - root_password => 'password' -} - -$validate_password_soname = $::osfamily ? { - windows => 'validate_password.dll', - default => 'validate_password.so' -} - -mysql::plugin { 'validate_password': - ensure => present, - soname => $validate_password_soname, -} - -$auth_socket_soname = $::osfamily ? { - windows => 'auth_socket.dll', - default => 'auth_socket.so' -} - -mysql::plugin { 'auth_socket': - ensure => present, - soname => $auth_socket_soname, -} diff --git a/mysql/examples/mysql_user.pp b/mysql/examples/mysql_user.pp deleted file mode 100644 index c47186866..000000000 --- a/mysql/examples/mysql_user.pp +++ /dev/null @@ -1,32 +0,0 @@ -$mysql_root_pw = 'password' - -class { 'mysql::server': - root_password => 'password', -} - -mysql_user{ 'redmine@localhost': - ensure => present, - password_hash => mysql_password('redmine'), - require => Class['mysql::server'], -} - -mysql_user{ 'dan@localhost': - ensure => present, - password_hash => mysql_password('blah') -} - -mysql_user{ 'dan@%': - ensure => present, - password_hash => mysql_password('blah'), -} - -mysql_user{ 'socketplugin@%': - ensure => present, - plugin => 'unix_socket', -} - -mysql_user{ 'socketplugin@%': - ensure => present, - password_hash => mysql_password('blah'), - plugin => 'mysql_native_password', -} diff --git a/mysql/examples/perl.pp b/mysql/examples/perl.pp deleted file mode 100644 index 1bbd3ab2f..000000000 --- a/mysql/examples/perl.pp +++ /dev/null @@ -1 +0,0 @@ -include mysql::bindings::perl diff --git a/mysql/examples/python.pp b/mysql/examples/python.pp deleted file mode 100644 index 49ddddb60..000000000 --- a/mysql/examples/python.pp +++ /dev/null @@ -1 +0,0 @@ -class { 'mysql::bindings::python':} diff --git a/mysql/examples/ruby.pp b/mysql/examples/ruby.pp deleted file mode 100644 index 671725630..000000000 --- a/mysql/examples/ruby.pp +++ /dev/null @@ -1 +0,0 @@ -include mysql::bindings::ruby diff --git a/mysql/examples/server.pp b/mysql/examples/server.pp deleted file mode 100644 index 8afdd00d2..000000000 --- a/mysql/examples/server.pp +++ /dev/null @@ -1,3 +0,0 @@ -class { 'mysql::server': - root_password => 'password', -} diff --git a/mysql/examples/server/account_security.pp b/mysql/examples/server/account_security.pp deleted file mode 100644 index cb59f4f64..000000000 --- a/mysql/examples/server/account_security.pp +++ /dev/null @@ -1,4 +0,0 @@ -class { 'mysql::server': - root_password => 'password', -} -class { 'mysql::server::account_security': } diff --git a/mysql/examples/server/config.pp b/mysql/examples/server/config.pp deleted file mode 100644 index 2cde11b0b..000000000 --- a/mysql/examples/server/config.pp +++ /dev/null @@ -1,3 +0,0 @@ -mysql::server::config { 'testfile': - -} diff --git a/mysql/lib/facter/mysql_server_id.rb b/mysql/lib/facter/mysql_server_id.rb deleted file mode 100644 index df0052f40..000000000 --- a/mysql/lib/facter/mysql_server_id.rb +++ /dev/null @@ -1,9 +0,0 @@ -def get_mysql_id - Facter.value(:macaddress).split(':').inject(0) { |total,value| (total << 6) + value.hex } -end - -Facter.add("mysql_server_id") do - setcode do - get_mysql_id rescue nil - end -end diff --git a/mysql/lib/facter/mysql_version.rb b/mysql/lib/facter/mysql_version.rb deleted file mode 100644 index 62fba6156..000000000 --- a/mysql/lib/facter/mysql_version.rb +++ /dev/null @@ -1,8 +0,0 @@ -Facter.add("mysql_version") do - setcode do - mysql_ver = Facter::Util::Resolution.exec('mysql --version') - if mysql_ver - mysql_ver.match(/\d+\.\d+\.\d+/)[0] - end - end -end diff --git a/mysql/lib/puppet/parser/functions/mysql_deepmerge.rb b/mysql/lib/puppet/parser/functions/mysql_deepmerge.rb deleted file mode 100644 index aca9c7a3d..000000000 --- a/mysql/lib/puppet/parser/functions/mysql_deepmerge.rb +++ /dev/null @@ -1,58 +0,0 @@ -module Puppet::Parser::Functions - newfunction(:mysql_deepmerge, :type => :rvalue, :doc => <<-'ENDHEREDOC') do |args| - Recursively merges two or more hashes together and returns the resulting hash. - - For example: - - $hash1 = {'one' => 1, 'two' => 2, 'three' => { 'four' => 4 } } - $hash2 = {'two' => 'dos', 'three' => { 'five' => 5 } } - $merged_hash = mysql_deepmerge($hash1, $hash2) - # The resulting hash is equivalent to: - # $merged_hash = { 'one' => 1, 'two' => 'dos', 'three' => { 'four' => 4, 'five' => 5 } } - - When there is a duplicate key that is a hash, they are recursively merged. - When there is a duplicate key that is not a hash, the key in the rightmost hash will "win." - When there are conficting uses of dashes and underscores in two keys (which mysql would otherwise equate), - the rightmost style will win. - - ENDHEREDOC - - if args.length < 2 - raise Puppet::ParseError, ("mysql_deepmerge(): wrong number of arguments (#{args.length}; must be at least 2)") - end - - result = Hash.new - args.each do |arg| - next if arg.is_a? String and arg.empty? # empty string is synonym for puppet's undef - # If the argument was not a hash, skip it. - unless arg.is_a?(Hash) - raise Puppet::ParseError, "mysql_deepmerge: unexpected argument type #{arg.class}, only expects hash arguments" - end - - # Now we have to traverse our hash assigning our non-hash values - # to the matching keys in our result while following our hash values - # and repeating the process. - overlay( result, arg ) - end - return( result ) - end -end - -def has_normalized!(hash, key) - return true if hash.has_key?( key ) - return false unless key.match(/-|_/) - other_key = key.include?('-') ? key.gsub( '-', '_' ) : key.gsub( '_', '-' ) - return false unless hash.has_key?( other_key ) - hash[key] = hash.delete( other_key ) - return true; -end - -def overlay( hash1, hash2 ) - hash2.each do |key, value| - if(has_normalized!( hash1, key ) and value.is_a?(Hash) and hash1[key].is_a?(Hash)) - overlay( hash1[key], value ) - else - hash1[key] = value - end - end -end diff --git a/mysql/lib/puppet/parser/functions/mysql_dirname.rb b/mysql/lib/puppet/parser/functions/mysql_dirname.rb deleted file mode 100644 index 5d0ef5557..000000000 --- a/mysql/lib/puppet/parser/functions/mysql_dirname.rb +++ /dev/null @@ -1,15 +0,0 @@ -module Puppet::Parser::Functions - newfunction(:mysql_dirname, :type => :rvalue, :doc => <<-EOS - Returns the dirname of a path. - EOS - ) do |arguments| - - raise(Puppet::ParseError, "mysql_dirname(): Wrong number of arguments " + - "given (#{arguments.size} for 1)") if arguments.size < 1 - - path = arguments[0] - return File.dirname(path) - end -end - -# vim: set ts=2 sw=2 et : diff --git a/mysql/lib/puppet/parser/functions/mysql_password.rb b/mysql/lib/puppet/parser/functions/mysql_password.rb deleted file mode 100644 index 74d7fa8cc..000000000 --- a/mysql/lib/puppet/parser/functions/mysql_password.rb +++ /dev/null @@ -1,17 +0,0 @@ -# hash a string as mysql's "PASSWORD()" function would do it -require 'digest/sha1' - -module Puppet::Parser::Functions - newfunction(:mysql_password, :type => :rvalue, :doc => <<-EOS - Returns the mysql password hash from the clear text password. - EOS - ) do |args| - - raise(Puppet::ParseError, 'mysql_password(): Wrong number of arguments ' + - "given (#{args.size} for 1)") if args.size != 1 - - return '' if args[0].empty? - return args[0] if args[0] =~ /\*[A-F0-9]{40}$/ - '*' + Digest::SHA1.hexdigest(Digest::SHA1.digest(args[0])).upcase - end -end diff --git a/mysql/lib/puppet/parser/functions/mysql_strip_hash.rb b/mysql/lib/puppet/parser/functions/mysql_strip_hash.rb deleted file mode 100644 index 8e850d02a..000000000 --- a/mysql/lib/puppet/parser/functions/mysql_strip_hash.rb +++ /dev/null @@ -1,21 +0,0 @@ -module Puppet::Parser::Functions - newfunction(:mysql_strip_hash, :type => :rvalue, :arity => 1, :doc => <<-EOS -TEMPORARY FUNCTION: EXPIRES 2014-03-10 -When given a hash this function strips out all blank entries. -EOS - ) do |args| - - hash = args[0] - unless hash.is_a?(Hash) - raise(Puppet::ParseError, 'mysql_strip_hash(): Requires hash to work with') - end - - # Filter out all the top level blanks. - hash.reject{|k,v| v == ''}.each do |k,v| - if v.is_a?(Hash) - v.reject!{|ki,vi| vi == '' } - end - end - - end -end diff --git a/mysql/lib/puppet/parser/functions/mysql_table_exists.rb b/mysql/lib/puppet/parser/functions/mysql_table_exists.rb deleted file mode 100644 index ff089d85b..000000000 --- a/mysql/lib/puppet/parser/functions/mysql_table_exists.rb +++ /dev/null @@ -1,30 +0,0 @@ -module Puppet::Parser::Functions - newfunction(:mysql_table_exists, :type => :rvalue, :doc => <<-EOS - Check if table exists in database. - - For example: - - mysql_table_exists('*.*') or mysql_table_exists('example_database.*') always return true - mysql_table_exists('example_db.example_table') check existence table `example_table` in `example_database` - - EOS - ) do |args| - - return raise(Puppet::ParseError, - "mysql_table_exists() accept 1 argument - table string like 'database_name.table_name'") unless (args.size == 1 and match = args[0].match(/(.*)\.(.*)/)) - - db_name, table_name = match.captures - return true if (db_name.eql?('*') or table_name.eql?('*')) ## *.* is valid table string, but we shouldn't check it for existence - query = "SELECT TABLE_NAME FROM information_schema.tables WHERE TABLE_NAME = '#{table_name}' AND TABLE_SCHEMA = '#{db_name}';" - %x{mysql #{defaults_file} -NBe #{query}}.strip.eql?(table_name) - - end -end - -def defaults_file - if File.file?("#{Facter.value(:root_home)}/.my.cnf") - "--defaults-extra-file=#{Facter.value(:root_home)}/.my.cnf" - else - nil - end -end \ No newline at end of file diff --git a/mysql/lib/puppet/provider/mysql.rb b/mysql/lib/puppet/provider/mysql.rb deleted file mode 100644 index cf76f13af..000000000 --- a/mysql/lib/puppet/provider/mysql.rb +++ /dev/null @@ -1,109 +0,0 @@ -class Puppet::Provider::Mysql < Puppet::Provider - - # Without initvars commands won't work. - initvars - - # Make sure we find mysqld on CentOS - ENV['PATH']=ENV['PATH'] + ':/usr/libexec' - - commands :mysql => 'mysql' - commands :mysqld => 'mysqld' - commands :mysqladmin => 'mysqladmin' - - # Optional defaults file - def self.defaults_file - if File.file?("#{Facter.value(:root_home)}/.my.cnf") - "--defaults-extra-file=#{Facter.value(:root_home)}/.my.cnf" - else - nil - end - end - - def self.mysqld_type - # find the mysql "dialect" like mariadb / mysql etc. - mysqld_version_string.scan(/\s\(mariadb/i) { return "mariadb" } - mysqld_version_string.scan(/\s\(mysql/i) { return "mysql" } - mysqld_version_string.scan(/\s\(percona/i) { return "percona" } - nil - end - - def mysqld_type - self.class.mysqld_type - end - - def self.mysqld_version_string - # we cache the result ... - return @mysqld_version_string unless @mysqld_version_string.nil? - @mysqld_version_string = mysqld(['-V'].compact) - return @mysqld_version_string - end - - def mysqld_version_string - self.class.mysqld_version_string - end - - def self.mysqld_version - # note: be prepared for '5.7.6-rc-log' etc results - # versioncmp detects 5.7.6-log to be newer then 5.7.6 - # this is why we need the trimming. - mysqld_version_string.scan(/\d+\.\d+\.\d+/).first unless mysqld_version_string.nil? - end - - def mysqld_version - self.class.mysqld_version - end - - def defaults_file - self.class.defaults_file - end - - def self.users - mysql([defaults_file, '-NBe', "SELECT CONCAT(User, '@',Host) AS User FROM mysql.user"].compact).split("\n") - end - - # Take root@localhost and munge it to 'root'@'localhost' - def self.cmd_user(user) - "'#{user.sub('@', "'@'")}'" - end - - # Take root.* and return ON `root`.* - def self.cmd_table(table) - table_string = '' - - # We can't escape *.* so special case this. - if table == '*.*' - table_string << '*.*' - # Special case also for PROCEDURES - elsif table.start_with?('PROCEDURE ') - table_string << table.sub(/^PROCEDURE (.*)(\..*)/, 'PROCEDURE `\1`\2') - else - table_string << table.sub(/^(.*)(\..*)/, '`\1`\2') - end - table_string - end - - def self.cmd_privs(privileges) - if privileges.include?('ALL') - return 'ALL PRIVILEGES' - else - priv_string = '' - privileges.each do |priv| - priv_string << "#{priv}, " - end - end - # Remove trailing , from the last element. - priv_string.sub(/, $/, '') - end - - # Take in potential options and build up a query string with them. - def self.cmd_options(options) - option_string = '' - options.each do |opt| - if opt == 'GRANT' - option_string << ' WITH GRANT OPTION' - end - end - option_string - end - -end diff --git a/mysql/lib/puppet/provider/mysql_database/mysql.rb b/mysql/lib/puppet/provider/mysql_database/mysql.rb deleted file mode 100644 index 4587c1882..000000000 --- a/mysql/lib/puppet/provider/mysql_database/mysql.rb +++ /dev/null @@ -1,68 +0,0 @@ -require File.expand_path(File.join(File.dirname(__FILE__), '..', 'mysql')) -Puppet::Type.type(:mysql_database).provide(:mysql, :parent => Puppet::Provider::Mysql) do - desc 'Manages MySQL databases.' - - commands :mysql => 'mysql' - - def self.instances - mysql([defaults_file, '-NBe', 'show databases'].compact).split("\n").collect do |name| - attributes = {} - mysql([defaults_file, '-NBe', "show variables like '%_database'", name].compact).split("\n").each do |line| - k,v = line.split(/\s/) - attributes[k] = v - end - new(:name => name, - :ensure => :present, - :charset => attributes['character_set_database'], - :collate => attributes['collation_database'] - ) - end - end - - # We iterate over each mysql_database entry in the catalog and compare it against - # the contents of the property_hash generated by self.instances - def self.prefetch(resources) - databases = instances - resources.keys.each do |database| - if provider = databases.find { |db| db.name == database } - resources[database].provider = provider - end - end - end - - def create - mysql([defaults_file, '-NBe', "create database if not exists `#{@resource[:name]}` character set `#{@resource[:charset]}` collate `#{@resource[:collate]}`"].compact) - - @property_hash[:ensure] = :present - @property_hash[:charset] = @resource[:charset] - @property_hash[:collate] = @resource[:collate] - - exists? ? (return true) : (return false) - end - - def destroy - mysql([defaults_file, '-NBe', "drop database if exists `#{@resource[:name]}`"].compact) - - @property_hash.clear - exists? ? (return false) : (return true) - end - - def exists? - @property_hash[:ensure] == :present || false - end - - mk_resource_methods - - def charset=(value) - mysql([defaults_file, '-NBe', "alter database `#{resource[:name]}` CHARACTER SET #{value}"].compact) - @property_hash[:charset] = value - charset == value ? (return true) : (return false) - end - - def collate=(value) - mysql([defaults_file, '-NBe', "alter database `#{resource[:name]}` COLLATE #{value}"].compact) - @property_hash[:collate] = value - collate == value ? (return true) : (return false) - end - -end diff --git a/mysql/lib/puppet/provider/mysql_datadir/mysql.rb b/mysql/lib/puppet/provider/mysql_datadir/mysql.rb deleted file mode 100644 index c90d9753c..000000000 --- a/mysql/lib/puppet/provider/mysql_datadir/mysql.rb +++ /dev/null @@ -1,70 +0,0 @@ -require File.expand_path(File.join(File.dirname(__FILE__), '..', 'mysql')) -Puppet::Type.type(:mysql_datadir).provide(:mysql, :parent => Puppet::Provider::Mysql) do - - desc 'manage data directories for mysql instances' - - initvars - - # Make sure we find mysqld on CentOS - ENV['PATH']=ENV['PATH'] + ':/usr/libexec' - - commands :mysqld => 'mysqld' - commands :mysql_install_db => 'mysql_install_db' - - def create - name = @resource[:name] - insecure = @resource.value(:insecure) || true - defaults_extra_file = @resource.value(:defaults_extra_file) - user = @resource.value(:user) || "mysql" - basedir = @resource.value(:basedir) || "/usr" - datadir = @resource.value(:datadir) || @resource[:name] - - unless defaults_extra_file.nil? - if File.exist?(defaults_extra_file) - defaults_extra_file="--defaults-extra-file=#{defaults_extra_file}" - else - raise ArgumentError, "Defaults-extra-file #{defaults_extra_file} is missing" - end - end - - if insecure == true - initialize="--initialize-insecure" - else - initialize="--initialize" - end - - if mysqld_version.nil? - debug("Installing MySQL data directory with mysql_install_db --basedir=#{basedir} #{defaults_extra_file} --datadir=#{datadir} --user=#{user}") - mysql_install_db(["--basedir=#{basedir}",defaults_extra_file, "--datadir=#{datadir}", "--user=#{user}"].compact) - else - if mysqld_type == "mysql" and Puppet::Util::Package.versioncmp(mysqld_version, '5.7.6') >= 0 - debug("Initializing MySQL data directory >= 5.7.6 with 'mysqld #{defaults_extra_file} #{initialize} --basedir=#{basedir} --datadir=#{datadir} --user=#{user}'") - mysqld([defaults_extra_file,initialize,"--basedir=#{basedir}","--datadir=#{datadir}", "--user=#{user}", "--log_error=/var/tmp/mysqld_initialize.log"].compact) - else - debug("Installing MySQL data directory with mysql_install_db --basedir=#{basedir} #{defaults_extra_file} --datadir=#{datadir} --user=#{user}") - mysql_install_db(["--basedir=#{basedir}",defaults_extra_file, "--datadir=#{datadir}", "--user=#{user}"].compact) - end - end - - exists? - end - - def destroy - name = @resource[:name] - raise ArgumentError, "ERROR: Resource can not be removed" - end - - def exists? - datadir = @resource[:datadir] - File.directory?("#{datadir}/mysql") - end - - ## - ## MySQL datadir properties - ## - - # Generates method for all properties of the property_hash - mk_resource_methods - -end - diff --git a/mysql/lib/puppet/provider/mysql_grant/mysql.rb b/mysql/lib/puppet/provider/mysql_grant/mysql.rb deleted file mode 100644 index 47f2a3f9a..000000000 --- a/mysql/lib/puppet/provider/mysql_grant/mysql.rb +++ /dev/null @@ -1,172 +0,0 @@ -require File.expand_path(File.join(File.dirname(__FILE__), '..', 'mysql')) -Puppet::Type.type(:mysql_grant).provide(:mysql, :parent => Puppet::Provider::Mysql) do - - desc 'Set grants for users in MySQL.' - - def self.instances - instances = [] - users.select{ |user| user =~ /.+@/ }.collect do |user| - user_string = self.cmd_user(user) - query = "SHOW GRANTS FOR #{user_string};" - begin - grants = mysql([defaults_file, "-NBe", query].compact) - rescue Puppet::ExecutionFailure => e - # Silently ignore users with no grants. Can happen e.g. if user is - # defined with fqdn and server is run with skip-name-resolve. Example: - # Default root user created by mysql_install_db on a host with fqdn - # of myhost.mydomain.my: root@myhost.mydomain.my, when MySQL is started - # with --skip-name-resolve. - if e.inspect =~ /There is no such grant defined for user/ - next - else - raise Puppet::Error, "#mysql had an error -> #{e.inspect}" - end - end - # Once we have the list of grants generate entries for each. - grants.each_line do |grant| - # Match the munges we do in the type. - munged_grant = grant.delete("'").delete("`").delete('"') - # Matching: GRANT (SELECT, UPDATE) PRIVILEGES ON (*.*) TO ('root')@('127.0.0.1') (WITH GRANT OPTION) - if match = munged_grant.match(/^GRANT\s(.+)\sON\s(.+)\sTO\s(.*)@(.*?)(\s.*)?$/) - privileges, table, user, host, rest = match.captures - table.gsub!('\\\\', '\\') - - # split on ',' if it is not a non-'('-containing string followed by a - # closing parenthesis ')'-char - e.g. only split comma separated elements not in - # parentheses - stripped_privileges = privileges.strip.split(/\s*,\s*(?![^(]*\))/).map do |priv| - # split and sort the column_privileges in the parentheses and rejoin - if priv.include?('(') - type, col=priv.strip.split(/\s+|\b/,2) - type.upcase + " (" + col.slice(1...-1).strip.split(/\s*,\s*/).sort.join(', ') + ")" - else - # Once we split privileges up on the , we need to make sure we - # shortern ALL PRIVILEGES to just all. - priv == 'ALL PRIVILEGES' ? 'ALL' : priv.strip - end - end - # Same here, but to remove OPTION leaving just GRANT. - options = ['GRANT'] if rest.match(/WITH\sGRANT\sOPTION/) - # fix double backslash that MySQL prints, so resources match - table.gsub!("\\\\", "\\") - # We need to return an array of instances so capture these - instances << new( - :name => "#{user}@#{host}/#{table}", - :ensure => :present, - :privileges => stripped_privileges.sort, - :table => table, - :user => "#{user}@#{host}", - :options => options - ) - end - end - end - return instances - end - - def self.prefetch(resources) - users = instances - resources.keys.each do |name| - if provider = users.find { |user| user.name == name } - resources[name].provider = provider - end - end - end - - def grant(user, table, privileges, options) - user_string = self.class.cmd_user(user) - priv_string = self.class.cmd_privs(privileges) - table_string = self.class.cmd_table(table) - query = "GRANT #{priv_string}" - query << " ON #{table_string}" - query << " TO #{user_string}" - query << self.class.cmd_options(options) unless options.nil? - mysql([defaults_file, '-e', query].compact) - end - - def create - grant(@resource[:user], @resource[:table], @resource[:privileges], @resource[:options]) - - @property_hash[:ensure] = :present - @property_hash[:table] = @resource[:table] - @property_hash[:user] = @resource[:user] - @property_hash[:options] = @resource[:options] if @resource[:options] - @property_hash[:privileges] = @resource[:privileges] - - exists? ? (return true) : (return false) - end - - def revoke(user, table, revoke_privileges = ['ALL']) - user_string = self.class.cmd_user(user) - table_string = self.class.cmd_table(table) - priv_string = self.class.cmd_privs(revoke_privileges) - # revoke grant option needs to be a extra query, because - # "REVOKE ALL PRIVILEGES, GRANT OPTION [..]" is only valid mysql syntax - # if no ON clause is used. - # It hast to be executed before "REVOKE ALL [..]" since a GRANT has to - # exist to be executed successfully - if revoke_privileges.include? 'ALL' - query = "REVOKE GRANT OPTION ON #{table_string} FROM #{user_string}" - mysql([defaults_file, '-e', query].compact) - end - query = "REVOKE #{priv_string} ON #{table_string} FROM #{user_string}" - mysql([defaults_file, '-e', query].compact) - end - - def destroy - # if the user was dropped, it'll have been removed from the user hash - # as the grants are alraedy removed by the DROP statement - if self.class.users.include? @property_hash[:user] - revoke(@property_hash[:user], @property_hash[:table]) - end - @property_hash.clear - - exists? ? (return false) : (return true) - end - - def exists? - @property_hash[:ensure] == :present || false - end - - def flush - @property_hash.clear - mysql([defaults_file, '-NBe', 'FLUSH PRIVILEGES'].compact) - end - - mk_resource_methods - - def diff_privileges(privileges_old, privileges_new) - diff = {:revoke => Array.new, :grant => Array.new} - if privileges_old.include? 'ALL' - diff[:revoke] = privileges_old - diff[:grant] = privileges_new - elsif privileges_new.include? 'ALL' - diff[:grant] = privileges_new - else - diff[:revoke] = privileges_old - privileges_new - diff[:grant] = privileges_new - privileges_old - end - return diff - end - - def privileges=(privileges) - diff = diff_privileges(@property_hash[:privileges], privileges) - if not diff[:revoke].empty? - revoke(@property_hash[:user], @property_hash[:table], diff[:revoke]) - end - if not diff[:grant].empty? - grant(@property_hash[:user], @property_hash[:table], diff[:grant], @property_hash[:options]) - end - @property_hash[:privileges] = privileges - self.privileges - end - - def options=(options) - revoke(@property_hash[:user], @property_hash[:table]) - grant(@property_hash[:user], @property_hash[:table], @property_hash[:privileges], options) - @property_hash[:options] = options - - self.options - end - -end diff --git a/mysql/lib/puppet/provider/mysql_plugin/mysql.rb b/mysql/lib/puppet/provider/mysql_plugin/mysql.rb deleted file mode 100644 index 2cb640bd8..000000000 --- a/mysql/lib/puppet/provider/mysql_plugin/mysql.rb +++ /dev/null @@ -1,53 +0,0 @@ -require File.expand_path(File.join(File.dirname(__FILE__), '..', 'mysql')) -Puppet::Type.type(:mysql_plugin).provide(:mysql, :parent => Puppet::Provider::Mysql) do - desc 'Manages MySQL plugins.' - - commands :mysql => 'mysql' - - def self.instances - mysql([defaults_file, '-NBe', 'show plugins'].compact).split("\n").collect do |line| - name, status, type, library, license = line.split(/\t/) - new(:name => name, - :ensure => :present, - :soname => library - ) - end - end - - # We iterate over each mysql_plugin entry in the catalog and compare it against - # the contents of the property_hash generated by self.instances - def self.prefetch(resources) - plugins = instances - resources.keys.each do |plugin| - if provider = plugins.find { |pl| pl.name == plugin } - resources[plugin].provider = provider - end - end - end - - def create - # Use plugin_name.so as soname if it's not specified. This won't work on windows as - # there it should be plugin_name.dll - @resource[:soname].nil? ? (soname=@resource[:name] + '.so') : (soname=@resource[:soname]) - mysql([defaults_file, '-NBe', "install plugin #{@resource[:name]} soname '#{soname}'"].compact) - - @property_hash[:ensure] = :present - @property_hash[:soname] = @resource[:soname] - - exists? ? (return true) : (return false) - end - - def destroy - mysql([defaults_file, '-NBe', "uninstall plugin #{@resource[:name]}"].compact) - - @property_hash.clear - exists? ? (return false) : (return true) - end - - def exists? - @property_hash[:ensure] == :present || false - end - - mk_resource_methods - -end diff --git a/mysql/lib/puppet/provider/mysql_user/mysql.rb b/mysql/lib/puppet/provider/mysql_user/mysql.rb deleted file mode 100644 index bc4014f41..000000000 --- a/mysql/lib/puppet/provider/mysql_user/mysql.rb +++ /dev/null @@ -1,155 +0,0 @@ -require File.expand_path(File.join(File.dirname(__FILE__), '..', 'mysql')) -Puppet::Type.type(:mysql_user).provide(:mysql, :parent => Puppet::Provider::Mysql) do - - desc 'manage users for a mysql database.' - commands :mysql => 'mysql' - - # Build a property_hash containing all the discovered information about MySQL - # users. - def self.instances - users = mysql([defaults_file, '-NBe', - "SELECT CONCAT(User, '@',Host) AS User FROM mysql.user"].compact).split("\n") - # To reduce the number of calls to MySQL we collect all the properties in - # one big swoop. - users.collect do |name| - if mysqld_version.nil? - ## Default ... - query = "SELECT MAX_USER_CONNECTIONS, MAX_CONNECTIONS, MAX_QUESTIONS, MAX_UPDATES, PASSWORD /*!50508 , PLUGIN */ FROM mysql.user WHERE CONCAT(user, '@', host) = '#{name}'" - else - if mysqld_type == "mysql" and Puppet::Util::Package.versioncmp(mysqld_version, '5.7.6') >= 0 - query = "SELECT MAX_USER_CONNECTIONS, MAX_CONNECTIONS, MAX_QUESTIONS, MAX_UPDATES, AUTHENTICATION_STRING, PLUGIN FROM mysql.user WHERE CONCAT(user, '@', host) = '#{name}'" - else - query = "SELECT MAX_USER_CONNECTIONS, MAX_CONNECTIONS, MAX_QUESTIONS, MAX_UPDATES, PASSWORD /*!50508 , PLUGIN */ FROM mysql.user WHERE CONCAT(user, '@', host) = '#{name}'" - end - end - @max_user_connections, @max_connections_per_hour, @max_queries_per_hour, - @max_updates_per_hour, @password, @plugin = mysql([defaults_file, "-NBe", query].compact).split(/\s/) - - new(:name => name, - :ensure => :present, - :password_hash => @password, - :plugin => @plugin, - :max_user_connections => @max_user_connections, - :max_connections_per_hour => @max_connections_per_hour, - :max_queries_per_hour => @max_queries_per_hour, - :max_updates_per_hour => @max_updates_per_hour - ) - end - end - - # We iterate over each mysql_user entry in the catalog and compare it against - # the contents of the property_hash generated by self.instances - def self.prefetch(resources) - users = instances - resources.keys.each do |name| - if provider = users.find { |user| user.name == name } - resources[name].provider = provider - end - end - end - - def create - merged_name = @resource[:name].sub('@', "'@'") - password_hash = @resource.value(:password_hash) - plugin = @resource.value(:plugin) - max_user_connections = @resource.value(:max_user_connections) || 0 - max_connections_per_hour = @resource.value(:max_connections_per_hour) || 0 - max_queries_per_hour = @resource.value(:max_queries_per_hour) || 0 - max_updates_per_hour = @resource.value(:max_updates_per_hour) || 0 - - # Use CREATE USER to be compatible with NO_AUTO_CREATE_USER sql_mode - # This is also required if you want to specify a authentication plugin - if !plugin.nil? - if plugin == 'sha256_password' and !password_hash.nil? - mysql([defaults_file, '-e', "CREATE USER '#{merged_name}' IDENTIFIED WITH '#{plugin}' AS '#{password_hash}'"].compact) - else - mysql([defaults_file, '-e', "CREATE USER '#{merged_name}' IDENTIFIED WITH '#{plugin}'"].compact) - end - @property_hash[:ensure] = :present - @property_hash[:plugin] = plugin - else - mysql([defaults_file, '-e', "CREATE USER '#{merged_name}' IDENTIFIED BY PASSWORD '#{password_hash}'"].compact) - @property_hash[:ensure] = :present - @property_hash[:password_hash] = password_hash - end - mysql([defaults_file, '-e', "GRANT USAGE ON *.* TO '#{merged_name}' WITH MAX_USER_CONNECTIONS #{max_user_connections} MAX_CONNECTIONS_PER_HOUR #{max_connections_per_hour} MAX_QUERIES_PER_HOUR #{max_queries_per_hour} MAX_UPDATES_PER_HOUR #{max_updates_per_hour}"].compact) - @property_hash[:max_user_connections] = max_user_connections - @property_hash[:max_connections_per_hour] = max_connections_per_hour - @property_hash[:max_queries_per_hour] = max_queries_per_hour - @property_hash[:max_updates_per_hour] = max_updates_per_hour - - exists? ? (return true) : (return false) - end - - def destroy - merged_name = @resource[:name].sub('@', "'@'") - mysql([defaults_file, '-e', "DROP USER '#{merged_name}'"].compact) - - @property_hash.clear - exists? ? (return false) : (return true) - end - - def exists? - @property_hash[:ensure] == :present || false - end - - ## - ## MySQL user properties - ## - - # Generates method for all properties of the property_hash - mk_resource_methods - - def password_hash=(string) - merged_name = self.class.cmd_user(@resource[:name]) - - # We have a fact for the mysql version ... - if mysqld_version.nil? - # default ... if mysqld_version does not work - mysql([defaults_file, '-e', "SET PASSWORD FOR #{merged_name} = '#{string}'"].compact) - else - # Version >= 5.7.6 (many password related changes) - if mysqld_type == "mysql" and Puppet::Util::Package.versioncmp(mysqld_version, '5.7.6') >= 0 - if string.match(/^\*/) - mysql([defaults_file, '-e', "ALTER USER #{merged_name} IDENTIFIED WITH mysql_native_password AS '#{string}'"].compact) - else - raise ArgumentError, "Only mysql_native_password (*ABCD...XXX) hashes are supported" - end - else - # older versions - mysql([defaults_file, '-e', "SET PASSWORD FOR #{merged_name} = '#{string}'"].compact) - end - end - - password_hash == string ? (return true) : (return false) - end - - def max_user_connections=(int) - merged_name = self.class.cmd_user(@resource[:name]) - mysql([defaults_file, '-e', "GRANT USAGE ON *.* TO #{merged_name} WITH MAX_USER_CONNECTIONS #{int}"].compact).chomp - - max_user_connections == int ? (return true) : (return false) - end - - def max_connections_per_hour=(int) - merged_name = self.class.cmd_user(@resource[:name]) - mysql([defaults_file, '-e', "GRANT USAGE ON *.* TO #{merged_name} WITH MAX_CONNECTIONS_PER_HOUR #{int}"].compact).chomp - - max_connections_per_hour == int ? (return true) : (return false) - end - - def max_queries_per_hour=(int) - merged_name = self.class.cmd_user(@resource[:name]) - mysql([defaults_file, '-e', "GRANT USAGE ON *.* TO #{merged_name} WITH MAX_QUERIES_PER_HOUR #{int}"].compact).chomp - - max_queries_per_hour == int ? (return true) : (return false) - end - - def max_updates_per_hour=(int) - merged_name = self.class.cmd_user(@resource[:name]) - mysql([defaults_file, '-e', "GRANT USAGE ON *.* TO #{merged_name} WITH MAX_UPDATES_PER_HOUR #{int}"].compact).chomp - - max_updates_per_hour == int ? (return true) : (return false) - end - -end diff --git a/mysql/lib/puppet/type/mysql_database.rb b/mysql/lib/puppet/type/mysql_database.rb deleted file mode 100644 index 1f94d5f88..000000000 --- a/mysql/lib/puppet/type/mysql_database.rb +++ /dev/null @@ -1,25 +0,0 @@ -Puppet::Type.newtype(:mysql_database) do - @doc = 'Manage MySQL databases.' - - ensurable - - autorequire(:file) { '/root/.my.cnf' } - autorequire(:class) { 'mysql::server' } - - newparam(:name, :namevar => true) do - desc 'The name of the MySQL database to manage.' - end - - newproperty(:charset) do - desc 'The CHARACTER SET setting for the database' - defaultto :utf8 - newvalue(/^\S+$/) - end - - newproperty(:collate) do - desc 'The COLLATE setting for the database' - defaultto :utf8_general_ci - newvalue(/^\S+$/) - end - -end diff --git a/mysql/lib/puppet/type/mysql_datadir.rb b/mysql/lib/puppet/type/mysql_datadir.rb deleted file mode 100644 index 156b82766..000000000 --- a/mysql/lib/puppet/type/mysql_datadir.rb +++ /dev/null @@ -1,30 +0,0 @@ -Puppet::Type.newtype(:mysql_datadir) do - @doc = 'Manage MySQL datadirs with mysql_install_db OR mysqld (5.7.6 and above).' - - ensurable - - autorequire(:package) { 'mysql-server' } - - newparam(:datadir, :namevar => true) do - desc "The datadir name" - end - - newparam(:basedir) do - desc 'The basedir name, default /usr.' - newvalues(/^\//) - end - - newparam(:user) do - desc 'The user for the directory default mysql (name, not uid).' - end - - newparam(:defaults_extra_file) do - desc "MySQL defaults-extra-file with absolute path (*.cnf)." - newvalues(/^\/.*\.cnf$/) - end - - newparam(:insecure, :boolean => true) do - desc "Insecure initialization (needed for 5.7.6++)." - end - -end diff --git a/mysql/lib/puppet/type/mysql_grant.rb b/mysql/lib/puppet/type/mysql_grant.rb deleted file mode 100644 index 999100a0c..000000000 --- a/mysql/lib/puppet/type/mysql_grant.rb +++ /dev/null @@ -1,101 +0,0 @@ -# This has to be a separate type to enable collecting -Puppet::Type.newtype(:mysql_grant) do - @doc = "Manage a MySQL user's rights." - ensurable - - autorequire(:file) { '/root/.my.cnf' } - autorequire(:mysql_user) { self[:user] } - - def initialize(*args) - super - # Forcibly munge any privilege with 'ALL' in the array to exist of just - # 'ALL'. This can't be done in the munge in the property as that iterates - # over the array and there's no way to replace the entire array before it's - # returned to the provider. - if self[:ensure] == :present and Array(self[:privileges]).count > 1 and self[:privileges].to_s.include?('ALL') - self[:privileges] = 'ALL' - end - # Sort the privileges array in order to ensure the comparision in the provider - # self.instances method match. Otherwise this causes it to keep resetting the - # privileges. - self[:privileges] = Array(self[:privileges]).map{ |priv| - # split and sort the column_privileges in the parentheses and rejoin - if priv.include?('(') - type, col=priv.strip.split(/\s+|\b/,2) - type.upcase + " (" + col.slice(1...-1).strip.split(/\s*,\s*/).sort.join(', ') + ")" - else - priv.strip.upcase - end - }.uniq.reject{|k| k == 'GRANT' or k == 'GRANT OPTION'}.sort! - end - - validate do - fail('privileges parameter is required.') if self[:ensure] == :present and self[:privileges].nil? - fail('table parameter is required.') if self[:ensure] == :present and self[:table].nil? - fail('user parameter is required.') if self[:ensure] == :present and self[:user].nil? - fail('name must match user and table parameters') if self[:name] != "#{self[:user]}/#{self[:table]}" - end - - newparam(:name, :namevar => true) do - desc 'Name to describe the grant.' - - munge do |value| - value.delete("'") - end - end - - newproperty(:privileges, :array_matching => :all) do - desc 'Privileges for user' - end - - newproperty(:table) do - desc 'Table to apply privileges to.' - - munge do |value| - value.delete("`") - end - - newvalues(/.*\..*/,/@/) - end - - newproperty(:user) do - desc 'User to operate on.' - validate do |value| - # http://dev.mysql.com/doc/refman/5.5/en/identifiers.html - # If at least one special char is used, string must be quoted - - # http://stackoverflow.com/questions/8055727/negating-a-backreference-in-regular-expressions/8057827#8057827 - if matches = /^(['`"])((?!\1).)*\1@([\w%\.:\-\/]+)$/.match(value) - user_part = matches[2] - host_part = matches[3] - elsif matches = /^([0-9a-zA-Z$_]*)@([\w%\.:\-\/]+)$/.match(value) - user_part = matches[1] - host_part = matches[2] - elsif matches = /^((?!['`"]).*[^0-9a-zA-Z$_].*)@(.+)$/.match(value) - user_part = matches[1] - host_part = matches[2] - else - raise(ArgumentError, "Invalid database user #{value}") - end - - mysql_version = Facter.value(:mysql_version) - unless mysql_version.nil? - if Puppet::Util::Package.versioncmp(mysql_version, '10.0.0') < 0 and user_part.size > 16 - raise(ArgumentError, 'MySQL usernames are limited to a maximum of 16 characters') - elsif Puppet::Util::Package.versioncmp(mysql_version, '10.0.0') > 0 and user_part.size > 80 - raise(ArgumentError, 'MySQL usernames are limited to a maximum of 80 characters') - end - end - end - - munge do |value| - matches = /^((['`"]?).*\2)@(.+)$/.match(value) - "#{matches[1]}@#{matches[3].downcase}" - end - end - - newproperty(:options, :array_matching => :all) do - desc 'Options to grant.' - end - -end diff --git a/mysql/lib/puppet/type/mysql_plugin.rb b/mysql/lib/puppet/type/mysql_plugin.rb deleted file mode 100644 index e8279209f..000000000 --- a/mysql/lib/puppet/type/mysql_plugin.rb +++ /dev/null @@ -1,17 +0,0 @@ -Puppet::Type.newtype(:mysql_plugin) do - @doc = 'Manage MySQL plugins.' - - ensurable - - autorequire(:file) { '/root/.my.cnf' } - - newparam(:name, :namevar => true) do - desc 'The name of the MySQL plugin to manage.' - end - - newproperty(:soname) do - desc 'The name of the library' - newvalue(/^\w+\.\w+$/) - end - -end diff --git a/mysql/lib/puppet/type/mysql_user.rb b/mysql/lib/puppet/type/mysql_user.rb deleted file mode 100644 index 94f36858b..000000000 --- a/mysql/lib/puppet/type/mysql_user.rb +++ /dev/null @@ -1,76 +0,0 @@ -# This has to be a separate type to enable collecting -Puppet::Type.newtype(:mysql_user) do - @doc = 'Manage a MySQL user. This includes management of users password as well as privileges.' - - ensurable - - autorequire(:file) { '/root/.my.cnf' } - autorequire(:class) { 'mysql::server' } - - newparam(:name, :namevar => true) do - desc "The name of the user. This uses the 'username@hostname' or username@hostname." - validate do |value| - # http://dev.mysql.com/doc/refman/5.5/en/identifiers.html - # If at least one special char is used, string must be quoted - - # http://stackoverflow.com/questions/8055727/negating-a-backreference-in-regular-expressions/8057827#8057827 - if matches = /^(['`"])((?:(?!\1).)*)\1@([\w%\.:\-\/]+)$/.match(value) - user_part = matches[2] - host_part = matches[3] - elsif matches = /^([0-9a-zA-Z$_]*)@([\w%\.:\-\/]+)$/.match(value) - user_part = matches[1] - host_part = matches[2] - elsif matches = /^((?!['`"]).*[^0-9a-zA-Z$_].*)@(.+)$/.match(value) - user_part = matches[1] - host_part = matches[2] - else - raise(ArgumentError, "Invalid database user #{value}") - end - - mysql_version = Facter.value(:mysql_version) - unless mysql_version.nil? - if Puppet::Util::Package.versioncmp(mysql_version, '10.0.0') < 0 and user_part.size > 16 - raise(ArgumentError, 'MySQL usernames are limited to a maximum of 16 characters') - elsif Puppet::Util::Package.versioncmp(mysql_version, '10.0.0') > 0 and user_part.size > 80 - raise(ArgumentError, 'MySQL usernames are limited to a maximum of 80 characters') - end - end - end - - munge do |value| - matches = /^((['`"]?).*\2)@(.+)$/.match(value) - "#{matches[1]}@#{matches[3].downcase}" - end - end - - newproperty(:password_hash) do - desc 'The password hash of the user. Use mysql_password() for creating such a hash.' - newvalue(/\w*/) - end - - newproperty(:plugin) do - desc 'The authentication plugin of the user.' - newvalue(/\w+/) - end - - newproperty(:max_user_connections) do - desc "Max concurrent connections for the user. 0 means no (or global) limit." - newvalue(/\d+/) - end - - newproperty(:max_connections_per_hour) do - desc "Max connections per hour for the user. 0 means no (or global) limit." - newvalue(/\d+/) - end - - newproperty(:max_queries_per_hour) do - desc "Max queries per hour for the user. 0 means no (or global) limit." - newvalue(/\d+/) - end - - newproperty(:max_updates_per_hour) do - desc "Max updates per hour for the user. 0 means no (or global) limit." - newvalue(/\d+/) - end - -end diff --git a/mysql/manifests/backup/mysqlbackup.pp b/mysql/manifests/backup/mysqlbackup.pp deleted file mode 100644 index 320a780b3..000000000 --- a/mysql/manifests/backup/mysqlbackup.pp +++ /dev/null @@ -1,105 +0,0 @@ -# See README.me for usage. -class mysql::backup::mysqlbackup ( - $backupuser = '', - $backuppassword = '', - $backupdir = '', - $backupdirmode = '0700', - $backupdirowner = 'root', - $backupdirgroup = $mysql::params::root_group, - $backupcompress = true, - $backuprotate = 30, - $ignore_events = true, - $delete_before_dump = false, - $backupdatabases = [], - $file_per_database = false, - $include_triggers = true, - $include_routines = false, - $ensure = 'present', - $time = ['23', '5'], - $prescript = false, - $postscript = false, - $execpath = '/usr/bin:/usr/sbin:/bin:/sbin', -) { - - mysql_user { "${backupuser}@localhost": - ensure => $ensure, - password_hash => mysql_password($backuppassword), - require => Class['mysql::server::root_password'], - } - - package { 'meb': - ensure => $ensure, - } - - # http://dev.mysql.com/doc/mysql-enterprise-backup/3.11/en/mysqlbackup.privileges.html - mysql_grant { "${backupuser}@localhost/*.*": - ensure => $ensure, - user => "${backupuser}@localhost", - table => '*.*', - privileges => [ 'RELOAD', 'SUPER', 'REPLICATION CLIENT' ], - require => Mysql_user["${backupuser}@localhost"], - } - - mysql_grant { "${backupuser}@localhost/mysql.backup_progress": - ensure => $ensure, - user => "${backupuser}@localhost", - table => 'mysql.backup_progress', - privileges => [ 'CREATE', 'INSERT', 'DROP', 'UPDATE' ], - require => Mysql_user["${backupuser}@localhost"], - } - - mysql_grant { "${backupuser}@localhost/mysql.backup_history": - ensure => $ensure, - user => "${backupuser}@localhost", - table => 'mysql.backup_history', - privileges => [ 'CREATE', 'INSERT', 'SELECT', 'DROP', 'UPDATE' ], - require => Mysql_user["${backupuser}@localhost"], - } - - cron { 'mysqlbackup-weekly': - ensure => $ensure, - command => 'mysqlbackup backup', - user => 'root', - hour => $time[0], - minute => $time[1], - weekday => '0', - require => Package['meb'], - } - - cron { 'mysqlbackup-daily': - ensure => $ensure, - command => 'mysqlbackup --incremental backup', - user => 'root', - hour => $time[0], - minute => $time[1], - weekday => '1-6', - require => Package['meb'], - } - - $default_options = { - 'mysqlbackup' => { - 'backup-dir' => $backupdir, - 'with-timestamp' => true, - 'incremental_base' => 'history:last_backup', - 'incremental_backup_dir' => $backupdir, - 'user' => $backupuser, - 'password' => $backuppassword, - } - } - $options = mysql_deepmerge($default_options, $mysql::server::override_options) - - file { 'mysqlbackup-config-file': - path => '/etc/mysql/conf.d/meb.cnf', - content => template('mysql/meb.cnf.erb'), - mode => '0600', - } - - file { 'mysqlbackupdir': - ensure => 'directory', - path => $backupdir, - mode => $backupdirmode, - owner => $backupdirowner, - group => $backupdirgroup, - } - -} diff --git a/mysql/manifests/backup/mysqldump.pp b/mysql/manifests/backup/mysqldump.pp deleted file mode 100644 index 543476d8b..000000000 --- a/mysql/manifests/backup/mysqldump.pp +++ /dev/null @@ -1,70 +0,0 @@ -# See README.me for usage. -class mysql::backup::mysqldump ( - $backupuser = '', - $backuppassword = '', - $backupdir = '', - $backupdirmode = '0700', - $backupdirowner = 'root', - $backupdirgroup = $mysql::params::root_group, - $backupcompress = true, - $backuprotate = 30, - $ignore_events = true, - $delete_before_dump = false, - $backupdatabases = [], - $file_per_database = false, - $include_triggers = false, - $include_routines = false, - $ensure = 'present', - $time = ['23', '5'], - $prescript = false, - $postscript = false, - $execpath = '/usr/bin:/usr/sbin:/bin:/sbin', -) { - - mysql_user { "${backupuser}@localhost": - ensure => $ensure, - password_hash => mysql_password($backuppassword), - require => Class['mysql::server::root_password'], - } - - if $include_triggers { - $privs = [ 'SELECT', 'RELOAD', 'LOCK TABLES', 'SHOW VIEW', 'PROCESS', 'TRIGGER' ] - } else { - $privs = [ 'SELECT', 'RELOAD', 'LOCK TABLES', 'SHOW VIEW', 'PROCESS' ] - } - - mysql_grant { "${backupuser}@localhost/*.*": - ensure => $ensure, - user => "${backupuser}@localhost", - table => '*.*', - privileges => $privs, - require => Mysql_user["${backupuser}@localhost"], - } - - cron { 'mysql-backup': - ensure => $ensure, - command => '/usr/local/sbin/mysqlbackup.sh', - user => 'root', - hour => $time[0], - minute => $time[1], - require => File['mysqlbackup.sh'], - } - - file { 'mysqlbackup.sh': - ensure => $ensure, - path => '/usr/local/sbin/mysqlbackup.sh', - mode => '0700', - owner => 'root', - group => $mysql::params::root_group, - content => template('mysql/mysqlbackup.sh.erb'), - } - - file { 'mysqlbackupdir': - ensure => 'directory', - path => $backupdir, - mode => $backupdirmode, - owner => $backupdirowner, - group => $backupdirgroup, - } - -} diff --git a/mysql/manifests/backup/xtrabackup.pp b/mysql/manifests/backup/xtrabackup.pp deleted file mode 100644 index e82fad47a..000000000 --- a/mysql/manifests/backup/xtrabackup.pp +++ /dev/null @@ -1,65 +0,0 @@ -# See README.me for usage. -class mysql::backup::xtrabackup ( - $backupuser = '', - $backuppassword = '', - $backupdir = '', - $backupmethod = 'mysqldump', - $backupdirmode = '0700', - $backupdirowner = 'root', - $backupdirgroup = $mysql::params::root_group, - $backupcompress = true, - $backuprotate = 30, - $ignore_events = true, - $delete_before_dump = false, - $backupdatabases = [], - $file_per_database = false, - $include_triggers = true, - $include_routines = false, - $ensure = 'present', - $time = ['23', '5'], - $prescript = false, - $postscript = false, - $execpath = '/usr/bin:/usr/sbin:/bin:/sbin', -) { - - package{ 'percona-xtrabackup': - ensure => $ensure, - } - - cron { 'xtrabackup-weekly': - ensure => $ensure, - command => "/usr/local/sbin/xtrabackup.sh ${backupdir}", - user => 'root', - hour => $time[0], - minute => $time[1], - weekday => '0', - require => Package['percona-xtrabackup'], - } - - cron { 'xtrabackup-daily': - ensure => $ensure, - command => "/usr/local/sbin/xtrabackup.sh --incremental ${backupdir}", - user => 'root', - hour => $time[0], - minute => $time[1], - weekday => '1-6', - require => Package['percona-xtrabackup'], - } - - file { 'mysqlbackupdir': - ensure => 'directory', - path => $backupdir, - mode => $backupdirmode, - owner => $backupdirowner, - group => $backupdirgroup, - } - - file { 'xtrabackup.sh': - ensure => $ensure, - path => '/usr/local/sbin/xtrabackup.sh', - mode => '0700', - owner => 'root', - group => $mysql::params::root_group, - content => template('mysql/xtrabackup.sh.erb'), - } -} diff --git a/mysql/manifests/bindings.pp b/mysql/manifests/bindings.pp deleted file mode 100644 index fa7b870ff..000000000 --- a/mysql/manifests/bindings.pp +++ /dev/null @@ -1,57 +0,0 @@ -# See README.md. -class mysql::bindings ( - $install_options = undef, - # Boolean to determine if we should include the classes. - $java_enable = false, - $perl_enable = false, - $php_enable = false, - $python_enable = false, - $ruby_enable = false, - $client_dev = false, - $daemon_dev = false, - # Settings for the various classes. - $java_package_ensure = $mysql::params::java_package_ensure, - $java_package_name = $mysql::params::java_package_name, - $java_package_provider = $mysql::params::java_package_provider, - $perl_package_ensure = $mysql::params::perl_package_ensure, - $perl_package_name = $mysql::params::perl_package_name, - $perl_package_provider = $mysql::params::perl_package_provider, - $php_package_ensure = $mysql::params::php_package_ensure, - $php_package_name = $mysql::params::php_package_name, - $php_package_provider = $mysql::params::php_package_provider, - $python_package_ensure = $mysql::params::python_package_ensure, - $python_package_name = $mysql::params::python_package_name, - $python_package_provider = $mysql::params::python_package_provider, - $ruby_package_ensure = $mysql::params::ruby_package_ensure, - $ruby_package_name = $mysql::params::ruby_package_name, - $ruby_package_provider = $mysql::params::ruby_package_provider, - $client_dev_package_ensure = $mysql::params::client_dev_package_ensure, - $client_dev_package_name = $mysql::params::client_dev_package_name, - $client_dev_package_provider = $mysql::params::client_dev_package_provider, - $daemon_dev_package_ensure = $mysql::params::daemon_dev_package_ensure, - $daemon_dev_package_name = $mysql::params::daemon_dev_package_name, - $daemon_dev_package_provider = $mysql::params::daemon_dev_package_provider -) inherits mysql::params { - - case $::osfamily { - 'Archlinux': { - if $java_enable { fail("::mysql::bindings::java cannot be managed by puppet on ${::osfamily} as it is not in official repositories. Please disable java mysql binding.") } - if $perl_enable { include '::mysql::bindings::perl' } - if $php_enable { warning("::mysql::bindings::php does not need to be managed by puppet on ${::osfamily} as it is included in mysql package by default.") } - if $python_enable { include '::mysql::bindings::python' } - if $ruby_enable { fail("::mysql::bindings::ruby cannot be managed by puppet on ${::osfamily} as it is not in official repositories. Please disable ruby mysql binding.") } - } - - default: { - if $java_enable { include '::mysql::bindings::java' } - if $perl_enable { include '::mysql::bindings::perl' } - if $php_enable { include '::mysql::bindings::php' } - if $python_enable { include '::mysql::bindings::python' } - if $ruby_enable { include '::mysql::bindings::ruby' } - } - } - - if $client_dev { include '::mysql::bindings::client_dev' } - if $daemon_dev { include '::mysql::bindings::daemon_dev' } - -} diff --git a/mysql/manifests/bindings/client_dev.pp b/mysql/manifests/bindings/client_dev.pp deleted file mode 100644 index ee3c2fedd..000000000 --- a/mysql/manifests/bindings/client_dev.pp +++ /dev/null @@ -1,15 +0,0 @@ -# Private class -class mysql::bindings::client_dev { - - if $mysql::bindings::client_dev_package_name { - package { 'mysql-client_dev': - ensure => $mysql::bindings::client_dev_package_ensure, - install_options => $mysql::bindings::install_options, - name => $mysql::bindings::client_dev_package_name, - provider => $mysql::bindings::client_dev_package_provider, - } - } else { - warning("No MySQL client development package configured for ${::operatingsystem}.") - } - -} diff --git a/mysql/manifests/bindings/daemon_dev.pp b/mysql/manifests/bindings/daemon_dev.pp deleted file mode 100644 index 051535893..000000000 --- a/mysql/manifests/bindings/daemon_dev.pp +++ /dev/null @@ -1,15 +0,0 @@ -# Private class -class mysql::bindings::daemon_dev { - - if $mysql::bindings::daemon_dev_package_name { - package { 'mysql-daemon_dev': - ensure => $mysql::bindings::daemon_dev_package_ensure, - install_options => $mysql::bindings::install_options, - name => $mysql::bindings::daemon_dev_package_name, - provider => $mysql::bindings::daemon_dev_package_provider, - } - } else { - warning("No MySQL daemon development package configured for ${::operatingsystem}.") - } - -} diff --git a/mysql/manifests/bindings/java.pp b/mysql/manifests/bindings/java.pp deleted file mode 100644 index db93ac282..000000000 --- a/mysql/manifests/bindings/java.pp +++ /dev/null @@ -1,11 +0,0 @@ -# Private class -class mysql::bindings::java { - - package { 'mysql-connector-java': - ensure => $mysql::bindings::java_package_ensure, - install_options => $mysql::bindings::install_options, - name => $mysql::bindings::java_package_name, - provider => $mysql::bindings::java_package_provider, - } - -} diff --git a/mysql/manifests/bindings/perl.pp b/mysql/manifests/bindings/perl.pp deleted file mode 100644 index 99d429c46..000000000 --- a/mysql/manifests/bindings/perl.pp +++ /dev/null @@ -1,11 +0,0 @@ -# Private class -class mysql::bindings::perl { - - package{ 'perl_mysql': - ensure => $mysql::bindings::perl_package_ensure, - install_options => $mysql::bindings::install_options, - name => $mysql::bindings::perl_package_name, - provider => $mysql::bindings::perl_package_provider, - } - -} diff --git a/mysql/manifests/bindings/php.pp b/mysql/manifests/bindings/php.pp deleted file mode 100644 index 9af706962..000000000 --- a/mysql/manifests/bindings/php.pp +++ /dev/null @@ -1,11 +0,0 @@ -# Private class: See README.md -class mysql::bindings::php { - - package { 'php-mysql': - ensure => $mysql::bindings::php_package_ensure, - install_options => $mysql::bindings::install_options, - name => $mysql::bindings::php_package_name, - provider => $mysql::bindings::php_package_provider, - } - -} diff --git a/mysql/manifests/bindings/python.pp b/mysql/manifests/bindings/python.pp deleted file mode 100644 index a44c8fa15..000000000 --- a/mysql/manifests/bindings/python.pp +++ /dev/null @@ -1,11 +0,0 @@ -# Private class -class mysql::bindings::python { - - package { 'python-mysqldb': - ensure => $mysql::bindings::python_package_ensure, - install_options => $mysql::bindings::install_options, - name => $mysql::bindings::python_package_name, - provider => $mysql::bindings::python_package_provider, - } - -} diff --git a/mysql/manifests/bindings/ruby.pp b/mysql/manifests/bindings/ruby.pp deleted file mode 100644 index d431efedc..000000000 --- a/mysql/manifests/bindings/ruby.pp +++ /dev/null @@ -1,11 +0,0 @@ -# Private class -class mysql::bindings::ruby { - - package{ 'ruby_mysql': - ensure => $mysql::bindings::ruby_package_ensure, - install_options => $mysql::bindings::install_options, - name => $mysql::bindings::ruby_package_name, - provider => $mysql::bindings::ruby_package_provider, - } - -} diff --git a/mysql/manifests/client.pp b/mysql/manifests/client.pp deleted file mode 100644 index 3d5d706f9..000000000 --- a/mysql/manifests/client.pp +++ /dev/null @@ -1,29 +0,0 @@ -# -class mysql::client ( - $bindings_enable = $mysql::params::bindings_enable, - $install_options = undef, - $package_ensure = $mysql::params::client_package_ensure, - $package_manage = $mysql::params::client_package_manage, - $package_name = $mysql::params::client_package_name, -) inherits mysql::params { - - include '::mysql::client::install' - - if $bindings_enable { - class { 'mysql::bindings': - java_enable => true, - perl_enable => true, - php_enable => true, - python_enable => true, - ruby_enable => true, - } - } - - - # Anchor pattern workaround to avoid resources of mysql::client::install to - # "float off" outside mysql::client - anchor { 'mysql::client::start': } -> - Class['mysql::client::install'] -> - anchor { 'mysql::client::end': } - -} diff --git a/mysql/manifests/client/install.pp b/mysql/manifests/client/install.pp deleted file mode 100644 index 26e5ec276..000000000 --- a/mysql/manifests/client/install.pp +++ /dev/null @@ -1,14 +0,0 @@ -# See README.md. -class mysql::client::install { - - if $mysql::client::package_manage { - - package { 'mysql_client': - ensure => $mysql::client::package_ensure, - install_options => $mysql::client::install_options, - name => $mysql::client::package_name, - } - - } - -} diff --git a/mysql/manifests/db.pp b/mysql/manifests/db.pp deleted file mode 100644 index c74b64d58..000000000 --- a/mysql/manifests/db.pp +++ /dev/null @@ -1,75 +0,0 @@ -# See README.md for details. -define mysql::db ( - $user, - $password, - $dbname = $name, - $charset = 'utf8', - $collate = 'utf8_general_ci', - $host = 'localhost', - $grant = 'ALL', - $sql = undef, - $enforce_sql = false, - $ensure = 'present', - $import_timeout = 300, -) { - #input validation - validate_re($ensure, '^(present|absent)$', - "${ensure} is not supported for ensure. Allowed values are 'present' and 'absent'.") - $table = "${dbname}.*" - - if !(is_array($sql) or is_string($sql)) { - fail('$sql must be either a string or an array.') - } - - $sql_inputs = join([$sql], ' ') - - include '::mysql::client' - - anchor{"mysql::db_${name}::begin": }-> - Class['::mysql::client']-> - anchor{"mysql::db_${name}::end": } - - $db_resource = { - ensure => $ensure, - charset => $charset, - collate => $collate, - provider => 'mysql', - require => [ Class['mysql::client'] ], - } - ensure_resource('mysql_database', $dbname, $db_resource) - - $user_resource = { - ensure => $ensure, - password_hash => mysql_password($password), - provider => 'mysql', - } - ensure_resource('mysql_user', "${user}@${host}", $user_resource) - - if $ensure == 'present' { - mysql_grant { "${user}@${host}/${table}": - privileges => $grant, - provider => 'mysql', - user => "${user}@${host}", - table => $table, - require => [ - Mysql_database[$dbname], - Mysql_user["${user}@${host}"], - ], - } - - $refresh = ! $enforce_sql - - if $sql { - exec{ "${dbname}-import": - command => "cat ${sql_inputs} | mysql ${dbname}", - logoutput => true, - environment => "HOME=${::root_home}", - refreshonly => $refresh, - path => '/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin', - require => Mysql_grant["${user}@${host}/${table}"], - subscribe => Mysql_database[$dbname], - timeout => $import_timeout, - } - } - } -} diff --git a/mysql/manifests/params.pp b/mysql/manifests/params.pp deleted file mode 100644 index a85187b3b..000000000 --- a/mysql/manifests/params.pp +++ /dev/null @@ -1,438 +0,0 @@ -# Private class: See README.md. -class mysql::params { - - $manage_config_file = true - $purge_conf_dir = false - $restart = false - $root_password = 'UNSET' - $install_secret_file = '/.mysql_secret' - $server_package_ensure = 'present' - $server_package_manage = true - $server_service_manage = true - $server_service_enabled = true - $client_package_ensure = 'present' - $client_package_manage = true - $create_root_user = true - $create_root_my_cnf = true - # mysql::bindings - $bindings_enable = false - $java_package_ensure = 'present' - $java_package_provider = undef - $perl_package_ensure = 'present' - $perl_package_provider = undef - $php_package_ensure = 'present' - $php_package_provider = undef - $python_package_ensure = 'present' - $python_package_provider = undef - $ruby_package_ensure = 'present' - $ruby_package_provider = undef - $client_dev_package_ensure = 'present' - $client_dev_package_provider = undef - $daemon_dev_package_ensure = 'present' - $daemon_dev_package_provider = undef - - - case $::osfamily { - 'RedHat': { - case $::operatingsystem { - 'Fedora': { - if versioncmp($::operatingsystemrelease, '19') >= 0 or $::operatingsystemrelease == 'Rawhide' { - $provider = 'mariadb' - } else { - $provider = 'mysql' - } - } - /^(RedHat|CentOS|Scientific|OracleLinux)$/: { - if versioncmp($::operatingsystemmajrelease, '7') >= 0 { - $provider = 'mariadb' - } else { - $provider = 'mysql' - } - } - default: { - $provider = 'mysql' - } - } - - if $provider == 'mariadb' { - $client_package_name = 'mariadb' - $server_package_name = 'mariadb-server' - $server_service_name = 'mariadb' - $log_error = '/var/log/mariadb/mariadb.log' - $config_file = '/etc/my.cnf.d/server.cnf' - # mariadb package by default has !includedir set in my.cnf to /etc/my.cnf.d - $includedir = undef - $pidfile = '/var/run/mariadb/mariadb.pid' - $daemon_dev_package_name = 'mariadb-devel' - } else { - $client_package_name = 'mysql' - $server_package_name = 'mysql-server' - $server_service_name = 'mysqld' - $log_error = '/var/log/mysqld.log' - $config_file = '/etc/my.cnf' - $includedir = '/etc/my.cnf.d' - $pidfile = '/var/run/mysqld/mysqld.pid' - $daemon_dev_package_name = 'mysql-devel' - } - - $basedir = '/usr' - $datadir = '/var/lib/mysql' - $root_group = 'root' - $mysql_group = 'mysql' - $socket = '/var/lib/mysql/mysql.sock' - $ssl_ca = '/etc/mysql/cacert.pem' - $ssl_cert = '/etc/mysql/server-cert.pem' - $ssl_key = '/etc/mysql/server-key.pem' - $tmpdir = '/tmp' - # mysql::bindings - $java_package_name = 'mysql-connector-java' - $perl_package_name = 'perl-DBD-MySQL' - $php_package_name = 'php-mysql' - $python_package_name = 'MySQL-python' - $ruby_package_name = 'ruby-mysql' - $client_dev_package_name = undef - } - - 'Suse': { - case $::operatingsystem { - 'OpenSuSE': { - if versioncmp( $::operatingsystemmajrelease, '13' ) >= 0 { - $client_package_name = 'mariadb-client' - $server_package_name = 'mariadb' - # First service start fails if this is set. Runs fine without - # it being set, in any case. Leaving it as-is for the mysql. - $basedir = undef - } else { - $client_package_name = 'mysql-community-server-client' - $server_package_name = 'mysql-community-server' - $basedir = '/usr' - } - } - 'SLES','SLED': { - if versioncmp($::operatingsystemrelease, '12') >= 0 { - $client_package_name = 'mariadb-client' - $server_package_name = 'mariadb' - $basedir = undef - } else { - $client_package_name = 'mysql-client' - $server_package_name = 'mysql' - $basedir = '/usr' - } - } - default: { - fail("Unsupported platform: puppetlabs-${module_name} currently doesn't support ${::operatingsystem}") - } - } - $config_file = '/etc/my.cnf' - $includedir = '/etc/my.cnf.d' - $datadir = '/var/lib/mysql' - $log_error = $::operatingsystem ? { - /OpenSuSE/ => '/var/log/mysql/mysqld.log', - /(SLES|SLED)/ => '/var/log/mysqld.log', - } - $pidfile = $::operatingsystem ? { - /OpenSuSE/ => '/var/run/mysql/mysqld.pid', - /(SLES|SLED)/ => '/var/lib/mysql/mysqld.pid', - } - $root_group = 'root' - $mysql_group = 'mysql' - $server_service_name = 'mysql' - $socket = $::operatingsystem ? { - /OpenSuSE/ => '/var/run/mysql/mysql.sock', - /(SLES|SLED)/ => '/var/lib/mysql/mysql.sock', - } - $ssl_ca = '/etc/mysql/cacert.pem' - $ssl_cert = '/etc/mysql/server-cert.pem' - $ssl_key = '/etc/mysql/server-key.pem' - $tmpdir = '/tmp' - # mysql::bindings - $java_package_name = 'mysql-connector-java' - $perl_package_name = 'perl-DBD-mysql' - $php_package_name = 'apache2-mod_php53' - $python_package_name = 'python-mysql' - $ruby_package_name = $::operatingsystem ? { - /OpenSuSE/ => 'rubygem-mysql', - /(SLES|SLED)/ => 'ruby-mysql', - } - $client_dev_package_name = 'libmysqlclient-devel' - $daemon_dev_package_name = 'mysql-devel' - } - - 'Debian': { - $client_package_name = 'mysql-client' - $server_package_name = 'mysql-server' - - $basedir = '/usr' - $config_file = '/etc/mysql/my.cnf' - $includedir = '/etc/mysql/conf.d' - $datadir = '/var/lib/mysql' - $log_error = '/var/log/mysql/error.log' - $pidfile = '/var/run/mysqld/mysqld.pid' - $root_group = 'root' - $mysql_group = 'mysql' - $server_service_name = 'mysql' - $socket = '/var/run/mysqld/mysqld.sock' - $ssl_ca = '/etc/mysql/cacert.pem' - $ssl_cert = '/etc/mysql/server-cert.pem' - $ssl_key = '/etc/mysql/server-key.pem' - $tmpdir = '/tmp' - # mysql::bindings - $java_package_name = 'libmysql-java' - $perl_package_name = 'libdbd-mysql-perl' - $php_package_name = 'php5-mysql' - $python_package_name = 'python-mysqldb' - $ruby_package_name = $::lsbdistcodename ? { - 'trusty' => 'ruby-mysql', - 'jessie' => 'ruby-mysql', - default => 'libmysql-ruby', - } - $client_dev_package_name = 'libmysqlclient-dev' - $daemon_dev_package_name = 'libmysqld-dev' - } - - 'Archlinux': { - $client_package_name = 'mariadb-clients' - $server_package_name = 'mariadb' - $basedir = '/usr' - $config_file = '/etc/mysql/my.cnf' - $datadir = '/var/lib/mysql' - $log_error = '/var/log/mysqld.log' - $pidfile = '/var/run/mysqld/mysqld.pid' - $root_group = 'root' - $mysql_group = 'mysql' - $server_service_name = 'mysqld' - $socket = '/var/lib/mysql/mysql.sock' - $ssl_ca = '/etc/mysql/cacert.pem' - $ssl_cert = '/etc/mysql/server-cert.pem' - $ssl_key = '/etc/mysql/server-key.pem' - $tmpdir = '/tmp' - # mysql::bindings - $java_package_name = 'mysql-connector-java' - $perl_package_name = 'perl-dbd-mysql' - $php_package_name = undef - $python_package_name = 'mysql-python' - $ruby_package_name = 'mysql-ruby' - } - - 'Gentoo': { - $client_package_name = 'virtual/mysql' - $server_package_name = 'virtual/mysql' - $basedir = '/usr' - $config_file = '/etc/mysql/my.cnf' - $datadir = '/var/lib/mysql' - $log_error = '/var/log/mysql/mysqld.err' - $pidfile = '/run/mysqld/mysqld.pid' - $root_group = 'root' - $mysql_group = 'mysql' - $server_service_name = 'mysql' - $socket = '/run/mysqld/mysqld.sock' - $ssl_ca = '/etc/mysql/cacert.pem' - $ssl_cert = '/etc/mysql/server-cert.pem' - $ssl_key = '/etc/mysql/server-key.pem' - $tmpdir = '/tmp' - # mysql::bindings - $java_package_name = 'dev-java/jdbc-mysql' - $perl_package_name = 'dev-perl/DBD-mysql' - $php_package_name = undef - $python_package_name = 'dev-python/mysql-python' - $ruby_package_name = 'dev-ruby/mysql-ruby' - } - - 'FreeBSD': { - $client_package_name = 'databases/mysql56-client' - $server_package_name = 'databases/mysql56-server' - $basedir = '/usr/local' - $config_file = '/usr/local/etc/my.cnf' - $includedir = '/usr/local/etc/my.cnf.d' - $datadir = '/var/db/mysql' - $log_error = '/var/log/mysqld.log' - $pidfile = '/var/run/mysql.pid' - $root_group = 'wheel' - $mysql_group = 'mysql' - $server_service_name = 'mysql-server' - $socket = '/var/db/mysql/mysql.sock' - $ssl_ca = undef - $ssl_cert = undef - $ssl_key = undef - $tmpdir = '/tmp' - # mysql::bindings - $java_package_name = 'databases/mysql-connector-java' - $perl_package_name = 'p5-DBD-mysql' - $php_package_name = 'php5-mysql' - $python_package_name = 'databases/py-MySQLdb' - $ruby_package_name = 'databases/ruby-mysql' - # The libraries installed by these packages are included in client and server packages, no installation required. - $client_dev_package_name = undef - $daemon_dev_package_name = undef - } - - 'OpenBSD': { - $client_package_name = 'mariadb-client' - $server_package_name = 'mariadb-server' - $basedir = '/usr/local' - $config_file = '/etc/my.cnf' - $includedir = undef - $datadir = '/var/mysql' - $log_error = "/var/mysql/${::hostname}.err" - $pidfile = '/var/mysql/mysql.pid' - $root_group = 'wheel' - $mysql_group = '_mysql' - $server_service_name = 'mysqld' - $socket = '/var/run/mysql/mysql.sock' - $ssl_ca = undef - $ssl_cert = undef - $ssl_key = undef - $tmpdir = '/tmp' - # mysql::bindings - $java_package_name = undef - $perl_package_name = 'p5-DBD-mysql' - $php_package_name = 'php-mysql' - $python_package_name = 'py-mysql' - $ruby_package_name = 'ruby-mysql' - # The libraries installed by these packages are included in client and server packages, no installation required. - $client_dev_package_name = undef - $daemon_dev_package_name = undef - } - - 'Solaris': { - $client_package_name = 'database/mysql-55/client' - $server_package_name = 'database/mysql-55' - $basedir = undef - $config_file = '/etc/mysql/5.5/my.cnf' - $datadir = '/var/mysql/5.5/data' - $log_error = "/var/mysql/5.5/data/${::hostname}.err" - $pidfile = "/var/mysql/5.5/data/${::hostname}.pid" - $root_group = 'bin' - $server_service_name = 'application/database/mysql:version_55' - $socket = '/tmp/mysql.sock' - $ssl_ca = undef - $ssl_cert = undef - $ssl_key = undef - $tmpdir = '/tmp' - # mysql::bindings - $java_package_name = undef - $perl_package_name = undef - $php_package_name = 'web/php-53/extension/php-mysql' - $python_package_name = 'library/python/python-mysql' - $ruby_package_name = undef - # The libraries installed by these packages are included in client and server packages, no installation required. - $client_dev_package_name = undef - $daemon_dev_package_name = undef - } - - default: { - case $::operatingsystem { - 'Amazon': { - $client_package_name = 'mysql' - $server_package_name = 'mysql-server' - $basedir = '/usr' - $config_file = '/etc/my.cnf' - $includedir = '/etc/my.cnf.d' - $datadir = '/var/lib/mysql' - $log_error = '/var/log/mysqld.log' - $pidfile = '/var/run/mysqld/mysqld.pid' - $root_group = 'root' - $mysql_group = 'mysql' - $server_service_name = 'mysqld' - $socket = '/var/lib/mysql/mysql.sock' - $ssl_ca = '/etc/mysql/cacert.pem' - $ssl_cert = '/etc/mysql/server-cert.pem' - $ssl_key = '/etc/mysql/server-key.pem' - $tmpdir = '/tmp' - # mysql::bindings - $java_package_name = 'mysql-connector-java' - $perl_package_name = 'perl-DBD-MySQL' - $php_package_name = 'php-mysql' - $python_package_name = 'MySQL-python' - $ruby_package_name = 'ruby-mysql' - # The libraries installed by these packages are included in client and server packages, no installation required. - $client_dev_package_name = undef - $daemon_dev_package_name = undef - } - - default: { - fail("Unsupported platform: puppetlabs-${module_name} currently doesn't support ${::osfamily} or ${::operatingsystem}") - } - } - } - } - - case $::operatingsystem { - 'Ubuntu': { - if versioncmp($::operatingsystemmajrelease, '14.10') > 0 { - $server_service_provider = 'systemd' - } else { - $server_service_provider = 'upstart' - } - } - default: { - $server_service_provider = undef - } - } - - $default_options = { - 'client' => { - 'port' => '3306', - 'socket' => $mysql::params::socket, - }, - 'mysqld_safe' => { - 'nice' => '0', - 'log-error' => $mysql::params::log_error, - 'socket' => $mysql::params::socket, - }, - 'mysqld-5.0' => { - 'myisam-recover' => 'BACKUP', - }, - 'mysqld-5.1' => { - 'myisam-recover' => 'BACKUP', - }, - 'mysqld-5.5' => { - 'myisam-recover' => 'BACKUP', - }, - 'mysqld-5.6' => { - 'myisam-recover-options' => 'BACKUP', - }, - 'mysqld-5.7' => { - 'myisam-recover-options' => 'BACKUP', - }, - 'mysqld' => { - 'basedir' => $mysql::params::basedir, - 'bind-address' => '127.0.0.1', - 'datadir' => $mysql::params::datadir, - 'expire_logs_days' => '10', - 'key_buffer_size' => '16M', - 'log-error' => $mysql::params::log_error, - 'max_allowed_packet' => '16M', - 'max_binlog_size' => '100M', - 'max_connections' => '151', - 'pid-file' => $mysql::params::pidfile, - 'port' => '3306', - 'query_cache_limit' => '1M', - 'query_cache_size' => '16M', - 'skip-external-locking' => true, - 'socket' => $mysql::params::socket, - 'ssl' => false, - 'ssl-ca' => $mysql::params::ssl_ca, - 'ssl-cert' => $mysql::params::ssl_cert, - 'ssl-key' => $mysql::params::ssl_key, - 'ssl-disable' => false, - 'thread_cache_size' => '8', - 'thread_stack' => '256K', - 'tmpdir' => $mysql::params::tmpdir, - 'user' => 'mysql', - }, - 'mysqldump' => { - 'max_allowed_packet' => '16M', - 'quick' => true, - 'quote-names' => true, - }, - 'isamchk' => { - 'key_buffer_size' => '16M', - }, - } - - ## Additional graceful failures - if $::osfamily == 'RedHat' and $::operatingsystemmajrelease == '4' { - fail("Unsupported platform: puppetlabs-${module_name} only supports RedHat 5.0 and beyond") - } -} diff --git a/mysql/manifests/server.pp b/mysql/manifests/server.pp deleted file mode 100644 index 2016bb1e0..000000000 --- a/mysql/manifests/server.pp +++ /dev/null @@ -1,87 +0,0 @@ -# Class: mysql::server: See README.md for documentation. -class mysql::server ( - $config_file = $mysql::params::config_file, - $includedir = $mysql::params::includedir, - $install_options = undef, - $install_secret_file = $mysql::params::install_secret_file, - $manage_config_file = $mysql::params::manage_config_file, - $override_options = {}, - $package_ensure = $mysql::params::server_package_ensure, - $package_manage = $mysql::params::server_package_manage, - $package_name = $mysql::params::server_package_name, - $purge_conf_dir = $mysql::params::purge_conf_dir, - $remove_default_accounts = false, - $restart = $mysql::params::restart, - $root_group = $mysql::params::root_group, - $mysql_group = $mysql::params::mysql_group, - $root_password = $mysql::params::root_password, - $service_enabled = $mysql::params::server_service_enabled, - $service_manage = $mysql::params::server_service_manage, - $service_name = $mysql::params::server_service_name, - $service_provider = $mysql::params::server_service_provider, - $create_root_user = $mysql::params::create_root_user, - $create_root_my_cnf = $mysql::params::create_root_my_cnf, - $users = {}, - $grants = {}, - $databases = {}, - - # Deprecated parameters - $enabled = undef, - $manage_service = undef, - $old_root_password = undef -) inherits mysql::params { - - # Deprecated parameters. - if $enabled { - crit('This parameter has been renamed to service_enabled.') - $real_service_enabled = $enabled - } else { - $real_service_enabled = $service_enabled - } - if $manage_service { - crit('This parameter has been renamed to service_manage.') - $real_service_manage = $manage_service - } else { - $real_service_manage = $service_manage - } - if $old_root_password { - warning('old_root_password is no longer used and will be removed in a future release') - } - - # Create a merged together set of options. Rightmost hashes win over left. - $options = mysql_deepmerge($mysql::params::default_options, $override_options) - - Class['mysql::server::root_password'] -> Mysql::Db <| |> - - include '::mysql::server::install' - include '::mysql::server::config' - include '::mysql::server::installdb' - include '::mysql::server::service' - include '::mysql::server::root_password' - include '::mysql::server::providers' - - if $remove_default_accounts { - class { '::mysql::server::account_security': - require => Anchor['mysql::server::end'], - } - } - - anchor { 'mysql::server::start': } - anchor { 'mysql::server::end': } - - if $restart { - Class['mysql::server::config'] ~> - Class['mysql::server::service'] - } - - Anchor['mysql::server::start'] -> - Class['mysql::server::install'] -> - Class['mysql::server::config'] -> - Class['mysql::server::installdb'] -> - Class['mysql::server::service'] -> - Class['mysql::server::root_password'] -> - Class['mysql::server::providers'] -> - Anchor['mysql::server::end'] - - -} diff --git a/mysql/manifests/server/account_security.pp b/mysql/manifests/server/account_security.pp deleted file mode 100644 index 252572e88..000000000 --- a/mysql/manifests/server/account_security.pp +++ /dev/null @@ -1,39 +0,0 @@ -# See README.md. -class mysql::server::account_security { - mysql_user { - [ 'root@127.0.0.1', - 'root@::1', - '@localhost', - '@%']: - ensure => 'absent', - require => Anchor['mysql::server::end'], - } - if ($::fqdn != 'localhost.localdomain') { - mysql_user { - [ 'root@localhost.localdomain', - '@localhost.localdomain']: - ensure => 'absent', - require => Anchor['mysql::server::end'], - } - } - if ($::fqdn != 'localhost') { - mysql_user { - [ "root@${::fqdn}", - "@${::fqdn}"]: - ensure => 'absent', - require => Anchor['mysql::server::end'], - } - } - if ($::fqdn != $::hostname) { - if ($::hostname != 'localhost') { - mysql_user { ["root@${::hostname}", "@${::hostname}"]: - ensure => 'absent', - require => Anchor['mysql::server::end'], - } - } - } - mysql_database { 'test': - ensure => 'absent', - require => Anchor['mysql::server::end'], - } -} diff --git a/mysql/manifests/server/backup.pp b/mysql/manifests/server/backup.pp deleted file mode 100644 index 2c98284a9..000000000 --- a/mysql/manifests/server/backup.pp +++ /dev/null @@ -1,53 +0,0 @@ -# See README.me for usage. -class mysql::server::backup ( - $backupuser = undef, - $backuppassword = undef, - $backupdir = undef, - $backupdirmode = '0700', - $backupdirowner = 'root', - $backupdirgroup = 'root', - $backupcompress = true, - $backuprotate = 30, - $ignore_events = true, - $delete_before_dump = false, - $backupdatabases = [], - $file_per_database = false, - $include_routines = false, - $include_triggers = false, - $ensure = 'present', - $time = ['23', '5'], - $prescript = false, - $postscript = false, - $execpath = '/usr/bin:/usr/sbin:/bin:/sbin', - $provider = 'mysqldump', -) { - - if $prescript and $provider =~ /(mysqldump|mysqlbackup)/ { - warning("The \$prescript option is not currently implemented for the ${provider} backup provider.") - } - - create_resources('class', { - "mysql::backup::${provider}" => { - 'backupuser' => $backupuser, - 'backuppassword' => $backuppassword, - 'backupdir' => $backupdir, - 'backupdirmode' => $backupdirmode, - 'backupdirowner' => $backupdirowner, - 'backupdirgroup' => $backupdirgroup, - 'backupcompress' => $backupcompress, - 'backuprotate' => $backuprotate, - 'ignore_events' => $ignore_events, - 'delete_before_dump' => $delete_before_dump, - 'backupdatabases' => $backupdatabases, - 'file_per_database' => $file_per_database, - 'include_routines' => $include_routines, - 'include_triggers' => $include_triggers, - 'ensure' => $ensure, - 'time' => $time, - 'prescript' => $prescript, - 'postscript' => $postscript, - 'execpath' => $execpath, - } - }) - -} diff --git a/mysql/manifests/server/config.pp b/mysql/manifests/server/config.pp deleted file mode 100644 index d6c0c8395..000000000 --- a/mysql/manifests/server/config.pp +++ /dev/null @@ -1,52 +0,0 @@ -# See README.me for options. -class mysql::server::config { - - $options = $mysql::server::options - $includedir = $mysql::server::includedir - - File { - owner => 'root', - group => $mysql::server::root_group, - mode => '0400', - } - - if $includedir and $includedir != '' { - file { $includedir: - ensure => directory, - mode => '0755', - recurse => $mysql::server::purge_conf_dir, - purge => $mysql::server::purge_conf_dir, - } - } - - $logbin = pick($options['mysqld']['log-bin'], $options['mysqld']['log_bin'], false) - - if $logbin { - $logbindir = mysql_dirname($logbin) - - #Stop puppet from managing directory if just a filename/prefix is specified - if $logbindir != '.' { - file { $logbindir: - ensure => directory, - mode => '0755', - owner => $options['mysqld']['user'], - group => $options['mysqld']['user'], - } - } - } - - if $mysql::server::manage_config_file { - file { 'mysql-config-file': - path => $mysql::server::config_file, - content => template('mysql/my.cnf.erb'), - mode => '0644', - selinux_ignore_defaults => true, - } - } - - if $options['mysqld']['ssl-disable'] { - notify {'ssl-disable': - message =>'Disabling SSL is evil! You should never ever do this except if you are forced to use a mysql version compiled without SSL support' - } - } -} diff --git a/mysql/manifests/server/install.pp b/mysql/manifests/server/install.pp deleted file mode 100644 index 3b9601def..000000000 --- a/mysql/manifests/server/install.pp +++ /dev/null @@ -1,13 +0,0 @@ -# -class mysql::server::install { - - if $mysql::server::package_manage { - - package { 'mysql-server': - ensure => $mysql::server::package_ensure, - install_options => $mysql::server::install_options, - name => $mysql::server::package_name, - } - } - -} diff --git a/mysql/manifests/server/installdb.pp b/mysql/manifests/server/installdb.pp deleted file mode 100644 index 78e08f521..000000000 --- a/mysql/manifests/server/installdb.pp +++ /dev/null @@ -1,33 +0,0 @@ -# -class mysql::server::installdb { - - if $mysql::server::package_manage { - - # Build the initial databases. - $mysqluser = $mysql::server::options['mysqld']['user'] - $datadir = $mysql::server::options['mysqld']['datadir'] - $basedir = $mysql::server::options['mysqld']['basedir'] - $config_file = $mysql::server::config_file - - if $mysql::server::manage_config_file { - $_config_file=$config_file - } else { - $_config_file=undef - } - - mysql_datadir { $datadir: - ensure => 'present', - datadir => $datadir, - basedir => $basedir, - user => $mysqluser, - defaults_extra_file => $_config_file, - } - - if $mysql::server::restart { - Mysql_datadir[$datadir] { - notify => Class['mysql::server::service'], - } - } - } - -} diff --git a/mysql/manifests/server/monitor.pp b/mysql/manifests/server/monitor.pp deleted file mode 100644 index 6b1860983..000000000 --- a/mysql/manifests/server/monitor.pp +++ /dev/null @@ -1,24 +0,0 @@ -#This is a helper class to add a monitoring user to the database -class mysql::server::monitor ( - $mysql_monitor_username = '', - $mysql_monitor_password = '', - $mysql_monitor_hostname = '' -) { - - Anchor['mysql::server::end'] -> Class['mysql::server::monitor'] - - mysql_user { "${mysql_monitor_username}@${mysql_monitor_hostname}": - ensure => present, - password_hash => mysql_password($mysql_monitor_password), - require => Class['mysql::server::service'], - } - - mysql_grant { "${mysql_monitor_username}@${mysql_monitor_hostname}/*.*": - ensure => present, - user => "${mysql_monitor_username}@${mysql_monitor_hostname}", - table => '*.*', - privileges => [ 'PROCESS', 'SUPER' ], - require => Mysql_user["${mysql_monitor_username}@${mysql_monitor_hostname}"], - } - -} diff --git a/mysql/manifests/server/mysqltuner.pp b/mysql/manifests/server/mysqltuner.pp deleted file mode 100644 index bc5fcadc0..000000000 --- a/mysql/manifests/server/mysqltuner.pp +++ /dev/null @@ -1,52 +0,0 @@ -# -class mysql::server::mysqltuner( - $ensure = 'present', - $version = 'v1.3.0', - $source = undef, -) { - - if $source { - $_version = $source - $_source = $source - } else { - $_version = $version - $_source = "https://github.com/major/MySQLTuner-perl/raw/${version}/mysqltuner.pl" - } - - if $ensure == 'present' { - # $::puppetversion doesn't exist in puppet 4.x so would break strict - # variables - if ! $::settings::strict_variables { - $_puppetversion = $::puppetversion - } else { - # defined only works with puppet >= 3.5.0, so don't use it unless we're - # actually using strict variables - $_puppetversion = defined('$puppetversion') ? { - true => $::puppetversion, - default => undef, - } - } - # see https://tickets.puppetlabs.com/browse/ENTERPRISE-258 - if $_puppetversion and $_puppetversion =~ /Puppet Enterprise/ and versioncmp($_puppetversion, '3.8.0') < 0 { - class { 'staging': - path => '/opt/mysql_staging', - } - } else { - class { 'staging': } - } - - staging::file { "mysqltuner-${_version}": - source => $_source, - } - file { '/usr/local/bin/mysqltuner': - ensure => $ensure, - mode => '0550', - source => "${::staging::path}/mysql/mysqltuner-${_version}", - require => Staging::File["mysqltuner-${_version}"], - } - } else { - file { '/usr/local/bin/mysqltuner': - ensure => $ensure, - } - } -} diff --git a/mysql/manifests/server/providers.pp b/mysql/manifests/server/providers.pp deleted file mode 100644 index b651172fc..000000000 --- a/mysql/manifests/server/providers.pp +++ /dev/null @@ -1,8 +0,0 @@ -# Convenience class to call each of the three providers with the corresponding -# hashes provided in mysql::server. -# See README.md for details. -class mysql::server::providers { - create_resources('mysql_user', $mysql::server::users) - create_resources('mysql_grant', $mysql::server::grants) - create_resources('mysql_database', $mysql::server::databases) -} diff --git a/mysql/manifests/server/root_password.pp b/mysql/manifests/server/root_password.pp deleted file mode 100644 index 9ebc10398..000000000 --- a/mysql/manifests/server/root_password.pp +++ /dev/null @@ -1,46 +0,0 @@ -# -class mysql::server::root_password { - - $options = $mysql::server::options - $secret_file = $mysql::server::install_secret_file - - # New installations of MySQL will configure a default random password for the root user - # with an expiration. No actions can be performed until this password is changed. The - # below exec will remove this default password. If the user has supplied a root - # password it will be set further down with the mysql_user resource. - $rm_pass_cmd = join([ - "mysqladmin -u root --password=\$(grep -o '[^ ]\\+\$' ${secret_file}) password ''", - "rm -f ${secret_file}" - ], ' && ') - exec { 'remove install pass': - command => $rm_pass_cmd, - onlyif => "test -f ${secret_file}", - path => '/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin' - } - - # manage root password if it is set - if $mysql::server::create_root_user == true and $mysql::server::root_password != 'UNSET' { - mysql_user { 'root@localhost': - ensure => present, - password_hash => mysql_password($mysql::server::root_password), - require => Exec['remove install pass'] - } - } - - if $mysql::server::create_root_my_cnf == true and $mysql::server::root_password != 'UNSET' { - file { "${::root_home}/.my.cnf": - content => template('mysql/my.cnf.pass.erb'), - owner => 'root', - mode => '0600', - } - - # show_diff was added with puppet 3.0 - if versioncmp($::puppetversion, '3.0') >= 0 { - File["${::root_home}/.my.cnf"] { show_diff => false } - } - if $mysql::server::create_root_user == true { - Mysql_user['root@localhost'] -> File["${::root_home}/.my.cnf"] - } - } - -} diff --git a/mysql/manifests/server/service.pp b/mysql/manifests/server/service.pp deleted file mode 100644 index 9aa60f1b2..000000000 --- a/mysql/manifests/server/service.pp +++ /dev/null @@ -1,66 +0,0 @@ -# -class mysql::server::service { - $options = $mysql::server::options - - if $mysql::server::real_service_manage { - if $mysql::server::real_service_enabled { - $service_ensure = 'running' - } else { - $service_ensure = 'stopped' - } - } else { - $service_ensure = undef - } - - if $mysql::server::override_options and $mysql::server::override_options['mysqld'] and $mysql::server::override_options['mysqld']['user'] { - $mysqluser = $mysql::server::override_options['mysqld']['user'] - } else { - $mysqluser = $options['mysqld']['user'] - } - - if $options['mysqld']['log-error'] { - file { $options['mysqld']['log-error']: - ensure => present, - owner => $mysqluser, - group => $::mysql::server::mysql_group, - } - } - - if $mysql::server::real_service_manage { - service { 'mysqld': - ensure => $service_ensure, - name => $mysql::server::service_name, - enable => $mysql::server::real_service_enabled, - provider => $mysql::server::service_provider, - } - - # only establish ordering between service and package if - # we're managing the package. - if $mysql::server::package_manage { - Service['mysqld'] { - require => Package['mysql-server'], - } - } - - # only establish ordering between config file and service if - # we're managing the config file. - if $mysql::server::manage_config_file { - File['mysql-config-file'] -> Service['mysqld'] - } - - if $mysql::server::override_options and $mysql::server::override_options['mysqld'] and $mysql::server::override_options['mysqld']['socket'] { - $mysqlsocket = $mysql::server::override_options['mysqld']['socket'] - } else { - $mysqlsocket = $options['mysqld']['socket'] - } - - exec { 'wait_for_mysql_socket_to_open': - command => "test -S ${mysqlsocket}", - unless => "test -S ${mysqlsocket}", - tries => '3', - try_sleep => '10', - require => Service['mysqld'], - path => '/bin:/usr/bin', - } - } -} diff --git a/mysql/metadata.json b/mysql/metadata.json deleted file mode 100644 index 7bafb9e5a..000000000 --- a/mysql/metadata.json +++ /dev/null @@ -1,83 +0,0 @@ -{ - "name": "puppetlabs-mysql", - "version": "3.6.2", - "author": "Puppet Labs", - "summary": "Installs, configures, and manages the MySQL service.", - "license": "Apache-2.0", - "source": "git://github.com/puppetlabs/puppetlabs-mysql.git", - "project_page": "http://github.com/puppetlabs/puppetlabs-mysql", - "issues_url": "https://tickets.puppetlabs.com/browse/MODULES", - "dependencies": [ - {"name":"puppetlabs/stdlib","version_requirement":">= 3.2.0 < 5.0.0"}, - {"name":"nanliu/staging","version_requirement":">= 1.0.1 < 2.0.0"} - ], - "operatingsystem_support": [ - { - "operatingsystem": "RedHat", - "operatingsystemrelease": [ - "5", - "6", - "7" - ] - }, - { - "operatingsystem": "CentOS", - "operatingsystemrelease": [ - "5", - "6", - "7" - ] - }, - { - "operatingsystem": "OracleLinux", - "operatingsystemrelease": [ - "5", - "6", - "7" - ] - }, - { - "operatingsystem": "Scientific", - "operatingsystemrelease": [ - "5", - "6", - "7" - ] - }, - { - "operatingsystem": "SLES", - "operatingsystemrelease": [ - "11 SP1", - "12" - ] - }, - { - "operatingsystem": "Debian", - "operatingsystemrelease": [ - "6", - "7", - "8" - ] - }, - { - "operatingsystem": "Ubuntu", - "operatingsystemrelease": [ - "10.04", - "12.04", - "14.04", - "16.04" - ] - } - ], - "requirements": [ - { - "name": "pe", - "version_requirement": ">= 3.0.0 < 2015.4.0" - }, - { - "name": "puppet", - "version_requirement": ">= 3.0.0 < 5.0.0" - } - ], - "description": "Mysql module" -} diff --git a/mysql/spec/acceptance/mysql_backup_spec.rb b/mysql/spec/acceptance/mysql_backup_spec.rb deleted file mode 100644 index c33fcf5a8..000000000 --- a/mysql/spec/acceptance/mysql_backup_spec.rb +++ /dev/null @@ -1,187 +0,0 @@ -require 'spec_helper_acceptance' -require 'puppet' -require 'puppet/util/package' - -describe 'mysql::server::backup class' do - - def pre_run - apply_manifest("class { 'mysql::server': root_password => 'password' }", :catch_failures => true) - @mysql_version = (on default, 'mysql --version').output.chomp.match(/\d+\.\d+\.\d+/)[0] - end - - def version_is_greater_than(version) - return Puppet::Util::Package.versioncmp(@mysql_version, version) > 0 - end - - context 'should work with no errors' do - it 'when configuring mysql backups' do - pp = <<-EOS - class { 'mysql::server': root_password => 'password' } - mysql::db { [ - 'backup1', - 'backup2' - ]: - user => 'backup', - password => 'secret', - } - - class { 'mysql::server::backup': - backupuser => 'myuser', - backuppassword => 'mypassword', - backupdir => '/tmp/backups', - backupcompress => true, - postscript => [ - 'rm -rf /var/tmp/mysqlbackups', - 'rm -f /var/tmp/mysqlbackups.done', - 'cp -r /tmp/backups /var/tmp/mysqlbackups', - 'touch /var/tmp/mysqlbackups.done', - ], - execpath => '/usr/bin:/usr/sbin:/bin:/sbin:/opt/zimbra/bin', - } - EOS - - apply_manifest(pp, :catch_failures => true) - apply_manifest(pp, :catch_failures => true) - end - end - - describe 'mysqlbackup.sh' do - it 'should run mysqlbackup.sh with no errors' do - shell("/usr/local/sbin/mysqlbackup.sh") do |r| - expect(r.stderr).to eq("") - end - end - - it 'should dump all databases to single file' do - shell('ls -l /tmp/backups/mysql_backup_*-*.sql.bz2 | wc -l') do |r| - expect(r.stdout).to match(/1/) - expect(r.exit_code).to be_zero - end - end - - context 'should create one file per database per run' do - it 'executes mysqlbackup.sh a second time' do - shell('sleep 1') - shell('/usr/local/sbin/mysqlbackup.sh') - end - - it 'creates at least one backup tarball' do - shell('ls -l /tmp/backups/mysql_backup_*-*.sql.bz2 | wc -l') do |r| - expect(r.stdout).to match(/2/) - expect(r.exit_code).to be_zero - end - end - end - end - - context 'with one file per database' do - context 'should work with no errors' do - it 'when configuring mysql backups' do - pp = <<-EOS - class { 'mysql::server': root_password => 'password' } - mysql::db { [ - 'backup1', - 'backup2' - ]: - user => 'backup', - password => 'secret', - } - - class { 'mysql::server::backup': - backupuser => 'myuser', - backuppassword => 'mypassword', - backupdir => '/tmp/backups', - backupcompress => true, - file_per_database => true, - postscript => [ - 'rm -rf /var/tmp/mysqlbackups', - 'rm -f /var/tmp/mysqlbackups.done', - 'cp -r /tmp/backups /var/tmp/mysqlbackups', - 'touch /var/tmp/mysqlbackups.done', - ], - execpath => '/usr/bin:/usr/sbin:/bin:/sbin:/opt/zimbra/bin', - } - EOS - - apply_manifest(pp, :catch_failures => true) - apply_manifest(pp, :catch_failures => true) - end - end - - describe 'mysqlbackup.sh' do - it 'should run mysqlbackup.sh with no errors without root credentials' do - shell("HOME=/tmp/dontreadrootcredentials /usr/local/sbin/mysqlbackup.sh") do |r| - expect(r.stderr).to eq("") - end - end - - it 'should create one file per database' do - ['backup1', 'backup2'].each do |database| - shell("ls -l /tmp/backups/mysql_backup_#{database}_*-*.sql.bz2 | wc -l") do |r| - expect(r.stdout).to match(/1/) - expect(r.exit_code).to be_zero - end - end - end - - context 'should create one file per database per run' do - it 'executes mysqlbackup.sh a second time' do - shell('sleep 1') - shell('HOME=/tmp/dontreadrootcredentials /usr/local/sbin/mysqlbackup.sh') - end - - it 'has one file per database per run' do - ['backup1', 'backup2'].each do |database| - shell("ls -l /tmp/backups/mysql_backup_#{database}_*-*.sql.bz2 | wc -l") do |r| - expect(r.stdout).to match(/2/) - expect(r.exit_code).to be_zero - end - end - end - end - end - end - - context 'with triggers and routines' do - it 'when configuring mysql backups with triggers and routines' do - pre_run - pp = <<-EOS - class { 'mysql::server': root_password => 'password' } - mysql::db { [ - 'backup1', - 'backup2' - ]: - user => 'backup', - password => 'secret', - } - package { 'bzip2': - ensure => present, - } - class { 'mysql::server::backup': - backupuser => 'myuser', - backuppassword => 'mypassword', - backupdir => '/tmp/backups', - backupcompress => true, - file_per_database => true, - include_triggers => #{version_is_greater_than('5.1.5')}, - include_routines => true, - postscript => [ - 'rm -rf /var/tmp/mysqlbackups', - 'rm -f /var/tmp/mysqlbackups.done', - 'cp -r /tmp/backups /var/tmp/mysqlbackups', - 'touch /var/tmp/mysqlbackups.done', - ], - execpath => '/usr/bin:/usr/sbin:/bin:/sbin:/opt/zimbra/bin', - require => Package['bzip2'], - } - EOS - apply_manifest(pp, :catch_failures => true) - end - - it 'should run mysqlbackup.sh with no errors' do - shell("/usr/local/sbin/mysqlbackup.sh") do |r| - expect(r.stderr).to eq("") - end - end - end -end diff --git a/mysql/spec/acceptance/mysql_db_spec.rb b/mysql/spec/acceptance/mysql_db_spec.rb deleted file mode 100644 index 8c571608e..000000000 --- a/mysql/spec/acceptance/mysql_db_spec.rb +++ /dev/null @@ -1,65 +0,0 @@ -require 'spec_helper_acceptance' - -describe 'mysql::db define' do - describe 'creating a database' do - let(:pp) do - <<-EOS - class { 'mysql::server': root_password => 'password' } - mysql::db { 'spec1': - user => 'root1', - password => 'password', - } - EOS - end - it_behaves_like "a idempotent resource" - - describe command("mysql -e 'show databases;'") do - its(:exit_status) { is_expected.to eq 0 } - its(:stdout) { is_expected.to match /^spec1$/ } - end - end - - describe 'creating a database with post-sql' do - let(:pp) do - <<-EOS - class { 'mysql::server': override_options => { 'root_password' => 'password' } } - file { '/tmp/spec.sql': - ensure => file, - content => 'CREATE TABLE table1 (id int);', - before => Mysql::Db['spec2'], - } - mysql::db { 'spec2': - user => 'root1', - password => 'password', - sql => '/tmp/spec.sql', - } - EOS - end - it_behaves_like "a idempotent resource" - - describe command("mysql -e 'show tables;' spec2") do - its(:exit_status) { is_expected.to eq 0 } - its(:stdout) { is_expected.to match /^table1$/ } - end - end - - describe 'creating a database with dbname parameter' do - let(:check_command) { " | grep realdb" } - let(:pp) do - <<-EOS - class { 'mysql::server': override_options => { 'root_password' => 'password' } } - mysql::db { 'spec1': - user => 'root1', - password => 'password', - dbname => 'realdb', - } - EOS - end - it_behaves_like "a idempotent resource" - - describe command("mysql -e 'show databases;'") do - its(:exit_status) { is_expected.to eq 0 } - its(:stdout) { is_expected.to match /^realdb$/ } - end - end -end diff --git a/mysql/spec/acceptance/mysql_server_spec.rb b/mysql/spec/acceptance/mysql_server_spec.rb deleted file mode 100644 index 06ea0ba04..000000000 --- a/mysql/spec/acceptance/mysql_server_spec.rb +++ /dev/null @@ -1,78 +0,0 @@ -require 'spec_helper_acceptance' - -describe 'mysql class' do - describe 'advanced config' do - before(:all) do - @tmpdir = default.tmpdir('mysql') - end - let(:pp) do - <<-EOS - class { 'mysql::server': - config_file => '#{@tmpdir}/my.cnf', - includedir => '#{@tmpdir}/include', - manage_config_file => 'true', - override_options => { 'mysqld' => { 'key_buffer_size' => '32M' }}, - package_ensure => 'present', - purge_conf_dir => 'true', - remove_default_accounts => 'true', - restart => 'true', - root_group => 'root', - root_password => 'test', - service_enabled => 'true', - service_manage => 'true', - users => { - 'someuser@localhost' => { - ensure => 'present', - max_connections_per_hour => '0', - max_queries_per_hour => '0', - max_updates_per_hour => '0', - max_user_connections => '0', - password_hash => '*F3A2A51A9B0F2BE2468926B4132313728C250DBF', - }}, - grants => { - 'someuser@localhost/somedb.*' => { - ensure => 'present', - options => ['GRANT'], - privileges => ['SELECT', 'INSERT', 'UPDATE', 'DELETE'], - table => 'somedb.*', - user => 'someuser@localhost', - }, - }, - databases => { - 'somedb' => { - ensure => 'present', - charset => 'utf8', - }, - } - } - EOS - end - - it_behaves_like "a idempotent resource" - end - - describe 'syslog configuration' do - let(:pp) do - <<-EOS - class { 'mysql::server': - override_options => { 'mysqld' => { 'log-error' => undef }, 'mysqld_safe' => { 'log-error' => false, 'syslog' => true }}, - } - EOS - end - - it_behaves_like "a idempotent resource" - end - - context 'when changing the password' do - let(:password) { 'THE NEW SECRET' } - let(:pp) { "class { 'mysql::server': root_password => '#{password}' }" } - - it 'should not display the password' do - result = apply_manifest(pp, :catch_failures => true) - # this does not actually prove anything, as show_diff in the puppet config defaults to false. - expect(result.stdout).not_to match /#{password}/ - end - - it_behaves_like "a idempotent resource" - end -end diff --git a/mysql/spec/acceptance/nodesets/centos-510-x64.yml b/mysql/spec/acceptance/nodesets/centos-510-x64.yml deleted file mode 100644 index 12c9e7893..000000000 --- a/mysql/spec/acceptance/nodesets/centos-510-x64.yml +++ /dev/null @@ -1,10 +0,0 @@ -HOSTS: - centos-510-x64: - roles: - - master - platform: el-5-x86_64 - box : centos-510-x64-virtualbox-nocm - box_url : http://puppet-vagrant-boxes.puppetlabs.com/centos-510-x64-virtualbox-nocm.box - hypervisor : vagrant -CONFIG: - type: git diff --git a/mysql/spec/acceptance/nodesets/centos-59-x64.yml b/mysql/spec/acceptance/nodesets/centos-59-x64.yml deleted file mode 100644 index 2ad90b86a..000000000 --- a/mysql/spec/acceptance/nodesets/centos-59-x64.yml +++ /dev/null @@ -1,10 +0,0 @@ -HOSTS: - centos-59-x64: - roles: - - master - platform: el-5-x86_64 - box : centos-59-x64-vbox4210-nocm - box_url : http://puppet-vagrant-boxes.puppetlabs.com/centos-59-x64-vbox4210-nocm.box - hypervisor : vagrant -CONFIG: - type: git diff --git a/mysql/spec/acceptance/nodesets/centos-64-x64-pe.yml b/mysql/spec/acceptance/nodesets/centos-64-x64-pe.yml deleted file mode 100644 index 7d9242f1b..000000000 --- a/mysql/spec/acceptance/nodesets/centos-64-x64-pe.yml +++ /dev/null @@ -1,12 +0,0 @@ -HOSTS: - centos-64-x64: - roles: - - master - - database - - dashboard - platform: el-6-x86_64 - box : centos-64-x64-vbox4210-nocm - box_url : http://puppet-vagrant-boxes.puppetlabs.com/centos-64-x64-vbox4210-nocm.box - hypervisor : vagrant -CONFIG: - type: pe diff --git a/mysql/spec/acceptance/nodesets/centos-65-x64.yml b/mysql/spec/acceptance/nodesets/centos-65-x64.yml deleted file mode 100644 index 4e2cb809e..000000000 --- a/mysql/spec/acceptance/nodesets/centos-65-x64.yml +++ /dev/null @@ -1,10 +0,0 @@ -HOSTS: - centos-65-x64: - roles: - - master - platform: el-6-x86_64 - box : centos-65-x64-vbox436-nocm - box_url : http://puppet-vagrant-boxes.puppetlabs.com/centos-65-x64-virtualbox-nocm.box - hypervisor : vagrant -CONFIG: - type: foss diff --git a/mysql/spec/acceptance/nodesets/default.yml b/mysql/spec/acceptance/nodesets/default.yml deleted file mode 100644 index 6505c6ded..000000000 --- a/mysql/spec/acceptance/nodesets/default.yml +++ /dev/null @@ -1,11 +0,0 @@ -HOSTS: - centos-64-x64: - roles: - - master - - default - platform: el-6-x86_64 - box : centos-64-x64-vbox4210-nocm - box_url : http://puppet-vagrant-boxes.puppetlabs.com/centos-64-x64-vbox4210-nocm.box - hypervisor : vagrant -CONFIG: - type: foss diff --git a/mysql/spec/acceptance/nodesets/fedora-18-x64.yml b/mysql/spec/acceptance/nodesets/fedora-18-x64.yml deleted file mode 100644 index 136164983..000000000 --- a/mysql/spec/acceptance/nodesets/fedora-18-x64.yml +++ /dev/null @@ -1,10 +0,0 @@ -HOSTS: - fedora-18-x64: - roles: - - master - platform: fedora-18-x86_64 - box : fedora-18-x64-vbox4210-nocm - box_url : http://puppet-vagrant-boxes.puppetlabs.com/fedora-18-x64-vbox4210-nocm.box - hypervisor : vagrant -CONFIG: - type: foss diff --git a/mysql/spec/acceptance/nodesets/sles-11-x64.yml b/mysql/spec/acceptance/nodesets/sles-11-x64.yml deleted file mode 100644 index 41abe2135..000000000 --- a/mysql/spec/acceptance/nodesets/sles-11-x64.yml +++ /dev/null @@ -1,10 +0,0 @@ -HOSTS: - sles-11-x64.local: - roles: - - master - platform: sles-11-x64 - box : sles-11sp1-x64-vbox4210-nocm - box_url : http://puppet-vagrant-boxes.puppetlabs.com/sles-11sp1-x64-vbox4210-nocm.box - hypervisor : vagrant -CONFIG: - type: foss diff --git a/mysql/spec/acceptance/nodesets/ubuntu-server-10044-x64.yml b/mysql/spec/acceptance/nodesets/ubuntu-server-10044-x64.yml deleted file mode 100644 index 5ca1514e4..000000000 --- a/mysql/spec/acceptance/nodesets/ubuntu-server-10044-x64.yml +++ /dev/null @@ -1,10 +0,0 @@ -HOSTS: - ubuntu-server-10044-x64: - roles: - - master - platform: ubuntu-10.04-amd64 - box : ubuntu-server-10044-x64-vbox4210-nocm - box_url : http://puppet-vagrant-boxes.puppetlabs.com/ubuntu-server-10044-x64-vbox4210-nocm.box - hypervisor : vagrant -CONFIG: - type: foss diff --git a/mysql/spec/acceptance/nodesets/ubuntu-server-12042-x64.yml b/mysql/spec/acceptance/nodesets/ubuntu-server-12042-x64.yml deleted file mode 100644 index d065b304f..000000000 --- a/mysql/spec/acceptance/nodesets/ubuntu-server-12042-x64.yml +++ /dev/null @@ -1,10 +0,0 @@ -HOSTS: - ubuntu-server-12042-x64: - roles: - - master - platform: ubuntu-12.04-amd64 - box : ubuntu-server-12042-x64-vbox4210-nocm - box_url : http://puppet-vagrant-boxes.puppetlabs.com/ubuntu-server-12042-x64-vbox4210-nocm.box - hypervisor : vagrant -CONFIG: - type: foss diff --git a/mysql/spec/acceptance/nodesets/ubuntu-server-1404-x64.yml b/mysql/spec/acceptance/nodesets/ubuntu-server-1404-x64.yml deleted file mode 100644 index cba1cd04c..000000000 --- a/mysql/spec/acceptance/nodesets/ubuntu-server-1404-x64.yml +++ /dev/null @@ -1,11 +0,0 @@ -HOSTS: - ubuntu-server-1404-x64: - roles: - - master - platform: ubuntu-14.04-amd64 - box : puppetlabs/ubuntu-14.04-64-nocm - box_url : https://vagrantcloud.com/puppetlabs/ubuntu-14.04-64-nocm - hypervisor : vagrant -CONFIG: - log_level : debug - type: git diff --git a/mysql/spec/acceptance/types/mysql_database_spec.rb b/mysql/spec/acceptance/types/mysql_database_spec.rb deleted file mode 100644 index b19026ddb..000000000 --- a/mysql/spec/acceptance/types/mysql_database_spec.rb +++ /dev/null @@ -1,64 +0,0 @@ -require 'spec_helper_acceptance' - -describe 'mysql_database' do - describe 'setup' do - it 'should work with no errors' do - pp = <<-EOS - class { 'mysql::server': } - EOS - - apply_manifest(pp, :catch_failures => true) - end - end - - describe 'creating database' do - it 'should work without errors' do - pp = <<-EOS - mysql_database { 'spec_db': - ensure => present, - } - EOS - - apply_manifest(pp, :catch_failures => true) - end - - it 'should find the database' do - shell("mysql -NBe \"SHOW DATABASES LIKE 'spec_db'\"") do |r| - expect(r.stdout).to match(/^spec_db$/) - expect(r.stderr).to be_empty - end - end - end - - describe 'charset and collate' do - it 'should create two db of different types idempotently' do - pp = <<-EOS - mysql_database { 'spec_latin1': - charset => 'latin1', - collate => 'latin1_swedish_ci', - } - mysql_database { 'spec_utf8': - charset => 'utf8', - collate => 'utf8_general_ci', - } - EOS - - apply_manifest(pp, :catch_failures => true) - apply_manifest(pp, :catch_changes => true) - end - - it 'should find latin1 db' do - shell("mysql -NBe \"SHOW VARIABLES LIKE '%_database'\" spec_latin1") do |r| - expect(r.stdout).to match(/^character_set_database\tlatin1\ncollation_database\tlatin1_swedish_ci$/) - expect(r.stderr).to be_empty - end - end - - it 'should find utf8 db' do - shell("mysql -NBe \"SHOW VARIABLES LIKE '%_database'\" spec_utf8") do |r| - expect(r.stdout).to match(/^character_set_database\tutf8\ncollation_database\tutf8_general_ci$/) - expect(r.stderr).to be_empty - end - end - end -end diff --git a/mysql/spec/acceptance/types/mysql_grant_spec.rb b/mysql/spec/acceptance/types/mysql_grant_spec.rb deleted file mode 100644 index d1bfa2573..000000000 --- a/mysql/spec/acceptance/types/mysql_grant_spec.rb +++ /dev/null @@ -1,488 +0,0 @@ -require 'spec_helper_acceptance' - -describe 'mysql_grant' do - - describe 'setup' do - it 'setup mysql::server' do - pp = <<-EOS - class { 'mysql::server': } - EOS - - apply_manifest(pp, :catch_failures => true) - end - end - - describe 'missing privileges for user' do - it 'should fail' do - pp = <<-EOS - mysql_grant { 'test1@tester/test.*': - ensure => 'present', - table => 'test.*', - user => 'test1@tester', - } - EOS - - expect(apply_manifest(pp, :expect_failures => true).stderr).to match(/privileges parameter is required/) - end - - it 'should not find the user' do - expect(shell("mysql -NBe \"SHOW GRANTS FOR test1@tester\"", { :acceptable_exit_codes => 1}).stderr).to match(/There is no such grant defined for user 'test1' on host 'tester'/) - end - end - - describe 'missing table for user' do - it 'should fail' do - pp = <<-EOS - mysql_grant { 'atest@tester/test.*': - ensure => 'present', - user => 'atest@tester', - privileges => ['ALL'], - } - EOS - - apply_manifest(pp, :expect_failures => true) - end - - it 'should not find the user' do - expect(shell("mysql -NBe \"SHOW GRANTS FOR atest@tester\"", {:acceptable_exit_codes => 1}).stderr).to match(/There is no such grant defined for user 'atest' on host 'tester'/) - end - end - - describe 'adding privileges' do - it 'should work without errors' do - pp = <<-EOS - mysql_grant { 'test2@tester/test.*': - ensure => 'present', - table => 'test.*', - user => 'test2@tester', - privileges => ['SELECT', 'UPDATE'], - } - EOS - - apply_manifest(pp, :catch_failures => true) - end - - it 'should find the user' do - shell("mysql -NBe \"SHOW GRANTS FOR test2@tester\"") do |r| - expect(r.stdout).to match(/GRANT SELECT, UPDATE.*TO 'test2'@'tester'/) - expect(r.stderr).to be_empty - end - end - end - - describe 'adding privileges with special character in name' do - it 'should work without errors' do - pp = <<-EOS - mysql_grant { 'test-2@tester/test.*': - ensure => 'present', - table => 'test.*', - user => 'test-2@tester', - privileges => ['SELECT', 'UPDATE'], - } - EOS - - apply_manifest(pp, :catch_failures => true) - end - - it 'should find the user' do - shell("mysql -NBe \"SHOW GRANTS FOR 'test-2'@tester\"") do |r| - expect(r.stdout).to match(/GRANT SELECT, UPDATE.*TO 'test-2'@'tester'/) - expect(r.stderr).to be_empty - end - end - end - - describe 'adding privileges with invalid name' do - it 'should fail' do - pp = <<-EOS - mysql_grant { 'test': - ensure => 'present', - table => 'test.*', - user => 'test2@tester', - privileges => ['SELECT', 'UPDATE'], - } - EOS - - expect(apply_manifest(pp, :expect_failures => true).stderr).to match(/name must match user and table parameters/) - end - end - - describe 'adding option' do - it 'should work without errors' do - pp = <<-EOS - mysql_grant { 'test3@tester/test.*': - ensure => 'present', - table => 'test.*', - user => 'test3@tester', - options => ['GRANT'], - privileges => ['SELECT', 'UPDATE'], - } - EOS - - apply_manifest(pp, :catch_failures => true) - end - - it 'should find the user' do - shell("mysql -NBe \"SHOW GRANTS FOR test3@tester\"") do |r| - expect(r.stdout).to match(/GRANT SELECT, UPDATE ON `test`.* TO 'test3'@'tester' WITH GRANT OPTION$/) - expect(r.stderr).to be_empty - end - end - end - - describe 'adding all privileges without table' do - it 'should fail' do - pp = <<-EOS - mysql_grant { 'test4@tester/test.*': - ensure => 'present', - user => 'test4@tester', - options => ['GRANT'], - privileges => ['SELECT', 'UPDATE', 'ALL'], - } - EOS - - expect(apply_manifest(pp, :expect_failures => true).stderr).to match(/table parameter is required./) - end - end - - describe 'adding all privileges' do - it 'should only try to apply ALL' do - pp = <<-EOS - mysql_grant { 'test4@tester/test.*': - ensure => 'present', - table => 'test.*', - user => 'test4@tester', - options => ['GRANT'], - privileges => ['SELECT', 'UPDATE', 'ALL'], - } - EOS - - apply_manifest(pp, :catch_failures => true) - end - - it 'should find the user' do - shell("mysql -NBe \"SHOW GRANTS FOR test4@tester\"") do |r| - expect(r.stdout).to match(/GRANT ALL PRIVILEGES ON `test`.* TO 'test4'@'tester' WITH GRANT OPTION/) - expect(r.stderr).to be_empty - end - end - end - - # Test combinations of user@host to ensure all cases work. - describe 'short hostname' do - it 'should apply' do - pp = <<-EOS - mysql_grant { 'test@short/test.*': - ensure => 'present', - table => 'test.*', - user => 'test@short', - privileges => 'ALL', - } - mysql_grant { 'test@long.hostname.com/test.*': - ensure => 'present', - table => 'test.*', - user => 'test@long.hostname.com', - privileges => 'ALL', - } - mysql_grant { 'test@192.168.5.6/test.*': - ensure => 'present', - table => 'test.*', - user => 'test@192.168.5.6', - privileges => 'ALL', - } - mysql_grant { 'test@2607:f0d0:1002:0051:0000:0000:0000:0004/test.*': - ensure => 'present', - table => 'test.*', - user => 'test@2607:f0d0:1002:0051:0000:0000:0000:0004', - privileges => 'ALL', - } - mysql_grant { 'test@::1/128/test.*': - ensure => 'present', - table => 'test.*', - user => 'test@::1/128', - privileges => 'ALL', - } - EOS - - apply_manifest(pp, :catch_failures => true) - end - - it 'finds short hostname' do - shell("mysql -NBe \"SHOW GRANTS FOR test@short\"") do |r| - expect(r.stdout).to match(/GRANT ALL PRIVILEGES ON `test`.* TO 'test'@'short'/) - expect(r.stderr).to be_empty - end - end - it 'finds long hostname' do - shell("mysql -NBe \"SHOW GRANTS FOR 'test'@'long.hostname.com'\"") do |r| - expect(r.stdout).to match(/GRANT ALL PRIVILEGES ON `test`.* TO 'test'@'long.hostname.com'/) - expect(r.stderr).to be_empty - end - end - it 'finds ipv4' do - shell("mysql -NBe \"SHOW GRANTS FOR 'test'@'192.168.5.6'\"") do |r| - expect(r.stdout).to match(/GRANT ALL PRIVILEGES ON `test`.* TO 'test'@'192.168.5.6'/) - expect(r.stderr).to be_empty - end - end - it 'finds ipv6' do - shell("mysql -NBe \"SHOW GRANTS FOR 'test'@'2607:f0d0:1002:0051:0000:0000:0000:0004'\"") do |r| - expect(r.stdout).to match(/GRANT ALL PRIVILEGES ON `test`.* TO 'test'@'2607:f0d0:1002:0051:0000:0000:0000:0004'/) - expect(r.stderr).to be_empty - end - end - it 'finds short ipv6' do - shell("mysql -NBe \"SHOW GRANTS FOR 'test'@'::1/128'\"") do |r| - expect(r.stdout).to match(/GRANT ALL PRIVILEGES ON `test`.* TO 'test'@'::1\/128'/) - expect(r.stderr).to be_empty - end - end - end - - describe 'complex test' do - it 'setup mysql::server' do - pp = <<-EOS - $dbSubnet = '10.10.10.%' - - mysql_database { 'foo': - ensure => present, - } - - exec { 'mysql-create-table': - command => '/usr/bin/mysql -NBe "CREATE TABLE foo.bar (name VARCHAR(20))"', - environment => "HOME=${::root_home}", - unless => '/usr/bin/mysql -NBe "SELECT 1 FROM foo.bar LIMIT 1;"', - require => Mysql_database['foo'], - } - - Mysql_grant { - ensure => present, - options => ['GRANT'], - privileges => ['ALL'], - table => '*.*', - require => [ Mysql_database['foo'], Exec['mysql-create-table'] ], - } - - mysql_grant { "user1@${dbSubnet}/*.*": - user => "user1@${dbSubnet}", - } - mysql_grant { "user2@${dbSubnet}/foo.bar": - privileges => ['SELECT', 'INSERT', 'UPDATE'], - user => "user2@${dbSubnet}", - table => 'foo.bar', - } - mysql_grant { "user3@${dbSubnet}/foo.*": - privileges => ['SELECT', 'INSERT', 'UPDATE'], - user => "user3@${dbSubnet}", - table => 'foo.*', - } - mysql_grant { 'web@%/*.*': - user => 'web@%', - } - mysql_grant { "web@${dbSubnet}/*.*": - user => "web@${dbSubnet}", - } - mysql_grant { "web@${fqdn}/*.*": - user => "web@${fqdn}", - } - mysql_grant { 'web@localhost/*.*': - user => 'web@localhost', - } - EOS - - apply_manifest(pp, :catch_failures => true) - apply_manifest(pp, :catch_changes => true) - end - end - - describe 'lower case privileges' do - it 'create ALL privs' do - pp = <<-EOS - mysql_grant { 'lowercase@localhost/*.*': - user => 'lowercase@localhost', - privileges => 'ALL', - table => '*.*', - } - EOS - - apply_manifest(pp, :catch_failures => true) - end - - it 'create lowercase all privs' do - pp = <<-EOS - mysql_grant { 'lowercase@localhost/*.*': - user => 'lowercase@localhost', - privileges => 'all', - table => '*.*', - } - EOS - - expect(apply_manifest(pp, :catch_failures => true).exit_code).to eq(0) - end - end - - describe 'adding procedure privileges' do - it 'should work without errors' do - pp = <<-EOS - mysql_grant { 'test2@tester/PROCEDURE test.simpleproc': - ensure => 'present', - table => 'PROCEDURE test.simpleproc', - user => 'test2@tester', - privileges => ['EXECUTE'], - } - EOS - - apply_manifest(pp, :catch_failures => true) - end - - it 'should find the user' do - shell("mysql -NBe \"SHOW GRANTS FOR test2@tester\"") do |r| - expect(r.stdout).to match(/GRANT EXECUTE ON PROCEDURE `test`.`simpleproc` TO 'test2'@'tester'/) - expect(r.stderr).to be_empty - end - end - end - - describe 'grants with skip-name-resolve specified' do - it 'setup mysql::server' do - pp = <<-EOS - class { 'mysql::server': - override_options => { - 'mysqld' => {'skip-name-resolve' => true} - }, - restart => true, - } - EOS - - apply_manifest(pp, :catch_failures => true) - end - - it 'should apply' do - pp = <<-EOS - mysql_grant { 'test@fqdn.com/test.*': - ensure => 'present', - table => 'test.*', - user => 'test@fqdn.com', - privileges => 'ALL', - } - mysql_grant { 'test@192.168.5.7/test.*': - ensure => 'present', - table => 'test.*', - user => 'test@192.168.5.7', - privileges => 'ALL', - } - EOS - - apply_manifest(pp, :catch_failures => true) - end - - it 'should fail with fqdn' do - expect(shell("mysql -NBe \"SHOW GRANTS FOR test@fqdn.com\"", { :acceptable_exit_codes => 1}).stderr).to match(/There is no such grant defined for user 'test' on host 'fqdn.com'/) - end - it 'finds ipv4' do - shell("mysql -NBe \"SHOW GRANTS FOR 'test'@'192.168.5.7'\"") do |r| - expect(r.stdout).to match(/GRANT ALL PRIVILEGES ON `test`.* TO 'test'@'192.168.5.7'/) - expect(r.stderr).to be_empty - end - end - - it 'should fail to execute while applying' do - pp = <<-EOS - mysql_grant { 'test@fqdn.com/test.*': - ensure => 'present', - table => 'test.*', - user => 'test@fqdn.com', - privileges => 'ALL', - } - EOS - - mysql_cmd = shell('which mysql').stdout.chomp - shell("mv #{mysql_cmd} #{mysql_cmd}.bak") - expect(apply_manifest(pp, :expect_failures => true).stderr).to match(/Command mysql is missing/) - shell("mv #{mysql_cmd}.bak #{mysql_cmd}") - end - - it 'reset mysql::server config' do - pp = <<-EOS - class { 'mysql::server': - restart => true, - } - EOS - - apply_manifest(pp, :catch_failures => true) - end - end - - describe 'adding privileges to specific table' do - # Using puppet_apply as a helper - it 'setup mysql server' do - pp = <<-EOS - class { 'mysql::server': override_options => { 'root_password' => 'password' } } - EOS - - apply_manifest(pp, :catch_failures => true) - end - - it 'creates grant on missing table will fail' do - pp = <<-EOS - mysql_grant { 'test@localhost/grant_spec_db.grant_spec_table': - user => 'test@localhost', - privileges => ['SELECT'], - table => 'grant_spec_db.grant_spec_table', - } - EOS - expect(apply_manifest(pp, :expect_failures => true).stderr).to match(/Table 'grant_spec_db\.grant_spec_table' doesn't exist/) - end - - it 'checks if table exists before grant' do - pp = <<-EOS - if mysql_table_exists('grant_spec_db.grant_spec_table') { - mysql_grant { 'test@localhost/grant_spec_db.grant_spec_table': - user => 'test@localhost', - privileges => 'ALL', - table => 'grant_spec_db.grant_spec_table', - } - } - EOS - apply_manifest(pp, :catch_changes => true) - end - - it 'creates table' do - pp = <<-EOS - file { '/tmp/grant_spec_table.sql': - ensure => file, - content => 'CREATE TABLE grant_spec_table (id int);', - before => Mysql::Db['grant_spec_db'], - } - mysql::db { 'grant_spec_db': - user => 'root1', - password => 'password', - sql => '/tmp/grant_spec_table.sql', - } - EOS - - apply_manifest(pp, :catch_failures => true) - end - - it 'should have the table' do - expect(shell("mysql -e 'show tables;' grant_spec_db|grep grant_spec_table").exit_code).to be_zero - end - - it 'checks if table exists before grant' do - pp = <<-EOS - if mysql_table_exists('grant_spec_db.grant_spec_table') { - mysql_grant { 'test@localhost/grant_spec_db.grant_spec_table': - user => 'test@localhost', - privileges => ['SELECT'], - table => 'grant_spec_db.grant_spec_table', - } - } - EOS - apply_manifest(pp, :catch_failures => true) - apply_manifest(pp, :catch_changes => true) - end - - - end - -end diff --git a/mysql/spec/acceptance/types/mysql_plugin_spec.rb b/mysql/spec/acceptance/types/mysql_plugin_spec.rb deleted file mode 100644 index ccc827c7a..000000000 --- a/mysql/spec/acceptance/types/mysql_plugin_spec.rb +++ /dev/null @@ -1,72 +0,0 @@ -require 'spec_helper_acceptance' - -# Different operating systems (and therefore different versions/forks -# of mysql) have varying levels of support for plugins and have -# different plugins available. Choose a plugin that works or don't try -# to test plugins if not available. -if fact('osfamily') =~ /RedHat/ - if fact('operatingsystemrelease') =~ /^5\./ - plugin = nil # Plugins not supported on mysql on RHEL 5 - elsif fact('operatingsystemrelease') =~ /^6\./ - plugin = 'example' - plugin_lib = 'ha_example.so' - elsif fact('operatingsystemrelease') =~ /^7\./ - plugin = 'pam' - plugin_lib = 'auth_pam.so' - end -elsif fact('osfamily') =~ /Debian/ - if fact('operatingsystem') =~ /Debian/ - if fact('operatingsystemrelease') =~ /^6\./ - # Only available plugin is innodb which is already loaded and not unload- or reload-able - plugin = nil - elsif fact('operatingsystemrelease') =~ /^7\./ - plugin = 'example' - plugin_lib = 'ha_example.so' - end - elsif fact('operatingsystem') =~ /Ubuntu/ - if fact('operatingsystemrelease') =~ /^10\.04/ - # Only available plugin is innodb which is already loaded and not unload- or reload-able - plugin = nil - else - plugin = 'example' - plugin_lib = 'ha_example.so' - end - end -elsif fact('osfamily') =~ /Suse/ - plugin = nil # Plugin library path is broken on Suse http://lists.opensuse.org/opensuse-bugs/2013-08/msg01123.html -end - -describe 'mysql_plugin' do - if plugin # if plugins are supported - describe 'setup' do - it 'should work with no errors' do - pp = <<-EOS - class { 'mysql::server': } - EOS - - apply_manifest(pp, :catch_failures => true) - end - end - - describe 'load plugin' do - it 'should work without errors' do - pp = <<-EOS - mysql_plugin { #{plugin}: - ensure => present, - soname => '#{plugin_lib}', - } - EOS - - apply_manifest(pp, :catch_failures => true) - end - - it 'should find the plugin' do - shell("mysql -NBe \"select plugin_name from information_schema.plugins where plugin_name='#{plugin}'\"") do |r| - expect(r.stdout).to match(/^#{plugin}$/i) - expect(r.stderr).to be_empty - end - end - end - end - -end diff --git a/mysql/spec/acceptance/types/mysql_user_spec.rb b/mysql/spec/acceptance/types/mysql_user_spec.rb deleted file mode 100644 index 565fee3e2..000000000 --- a/mysql/spec/acceptance/types/mysql_user_spec.rb +++ /dev/null @@ -1,86 +0,0 @@ -require 'spec_helper_acceptance' - -describe 'mysql_user' do - describe 'setup' do - it 'should work with no errors' do - pp = <<-EOS - class { 'mysql::server': } - EOS - - apply_manifest(pp, :catch_failures => true) - end - end - - context 'using ashp@localhost' do - describe 'adding user' do - it 'should work without errors' do - pp = <<-EOS - mysql_user { 'ashp@localhost': - password_hash => '6f8c114b58f2ce9e', - } - EOS - - apply_manifest(pp, :catch_failures => true) - end - - it 'should find the user' do - shell("mysql -NBe \"select '1' from mysql.user where CONCAT(user, '@', host) = 'ashp@localhost'\"") do |r| - expect(r.stdout).to match(/^1$/) - expect(r.stderr).to be_empty - end - end - end - end - - context 'using ashp-dash@localhost' do - describe 'adding user' do - it 'should work without errors' do - pp = <<-EOS - mysql_user { 'ashp-dash@localhost': - password_hash => '6f8c114b58f2ce9e', - } - EOS - - apply_manifest(pp, :catch_failures => true) - end - - it 'should find the user' do - shell("mysql -NBe \"select '1' from mysql.user where CONCAT(user, '@', host) = 'ashp-dash@localhost'\"") do |r| - expect(r.stdout).to match(/^1$/) - expect(r.stderr).to be_empty - end - end - end - end - - context 'using ashp@LocalHost' do - describe 'adding user' do - it 'should work without errors' do - pp = <<-EOS - mysql_user { 'ashp@LocalHost': - password_hash => '6f8c114b58f2ce9e', - } - EOS - - apply_manifest(pp, :catch_failures => true) - end - - it 'should find the user' do - shell("mysql -NBe \"select '1' from mysql.user where CONCAT(user, '@', host) = 'ashp@localhost'\"") do |r| - expect(r.stdout).to match(/^1$/) - expect(r.stderr).to be_empty - end - end - end - end - context 'using resource should throw no errors' do - describe 'find users' do - it { - on default, puppet('resource mysql_user'), {:catch_failures => true} do |r| - expect(r.stdout).to_not match(/Error:/) - expect(r.stdout).to_not match(/must be properly quoted, invalid character:/) - end - } - end - end -end diff --git a/mysql/spec/classes/graceful_failures_spec.rb b/mysql/spec/classes/graceful_failures_spec.rb deleted file mode 100644 index 9fb811786..000000000 --- a/mysql/spec/classes/graceful_failures_spec.rb +++ /dev/null @@ -1,19 +0,0 @@ -require 'spec_helper' - -describe 'mysql::server' do - context "on an unsupported OS" do - # fetch any sets of facts to modify them - os, facts = on_supported_os.first - - let(:facts) { - facts.merge({ - :osfamily => 'UNSUPPORTED', - :operatingsystem => 'UNSUPPORTED', - }) - } - - it 'should gracefully fail' do - is_expected.to compile.and_raise_error(/Unsupported platform:/) - end - end -end diff --git a/mysql/spec/classes/mycnf_template_spec.rb b/mysql/spec/classes/mycnf_template_spec.rb deleted file mode 100644 index 9c0c433e1..000000000 --- a/mysql/spec/classes/mycnf_template_spec.rb +++ /dev/null @@ -1,86 +0,0 @@ -require 'spec_helper' - -describe 'mysql::server' do - context 'my.cnf template' do - on_supported_os.each do |os, facts| - context "on #{os}" do - let(:facts) { - facts.merge({ - :root_home => '/root', - }) - } - - context 'normal entry' do - let(:params) {{ :override_options => { 'mysqld' => { 'socket' => '/var/lib/mysql/mysql.sock' } } }} - it do - is_expected.to contain_file('mysql-config-file').with({ - :mode => '0644', - :selinux_ignore_defaults => true, - }).with_content(/socket = \/var\/lib\/mysql\/mysql.sock/) - end - end - - describe 'array entry' do - let(:params) {{ :override_options => { 'mysqld' => { 'replicate-do-db' => ['base1', 'base2'], } }}} - it do - is_expected.to contain_file('mysql-config-file').with_content( - /.*replicate-do-db = base1\nreplicate-do-db = base2.*/ - ) - end - end - - describe 'skip-name-resolve set to an empty string' do - let(:params) {{ :override_options => { 'mysqld' => { 'skip-name-resolve' => '' }}}} - it { is_expected.to contain_file('mysql-config-file').with_content(/^skip-name-resolve$/) } - end - - describe 'ssl set to true' do - let(:params) {{ :override_options => { 'mysqld' => { 'ssl' => true }}}} - it { is_expected.to contain_file('mysql-config-file').with_content(/ssl/) } - it { is_expected.to contain_file('mysql-config-file').without_content(/ssl = true/) } - end - - describe 'ssl set to false' do - let(:params) {{ :override_options => { 'mysqld' => { 'ssl' => false }}}} - it { is_expected.to contain_file('mysql-config-file').with_content(/ssl = false/) } - end - - # ssl-disable (and ssl) are special cased within mysql. - describe 'possibility of disabling ssl completely' do - let(:params) {{ :override_options => { 'mysqld' => { 'ssl' => true, 'ssl-disable' => true }}}} - it { is_expected.to contain_file('mysql-config-file').without_content(/ssl = true/) } - end - - describe 'a non ssl option set to true' do - let(:params) {{ :override_options => { 'mysqld' => { 'test' => true }}}} - it { is_expected.to contain_file('mysql-config-file').with_content(/^test$/) } - it { is_expected.to contain_file('mysql-config-file').without_content(/test = true/) } - end - - context 'with includedir' do - let(:params) {{ :includedir => '/etc/my.cnf.d' }} - it 'makes the directory' do - is_expected.to contain_file('/etc/my.cnf.d').with({ - :ensure => :directory, - :mode => '0755', - }) - end - - it { is_expected.to contain_file('mysql-config-file').with_content(/!includedir/) } - end - - context 'without includedir' do - let(:params) {{ :includedir => '' }} - it 'shouldnt contain the directory' do - is_expected.not_to contain_file('mysql-config-file').with({ - :ensure => :directory, - :mode => '0755', - }) - end - - it { is_expected.to contain_file('mysql-config-file').without_content(/!includedir/) } - end - end - end - end -end diff --git a/mysql/spec/classes/mysql_bindings_spec.rb b/mysql/spec/classes/mysql_bindings_spec.rb deleted file mode 100644 index 066e87635..000000000 --- a/mysql/spec/classes/mysql_bindings_spec.rb +++ /dev/null @@ -1,32 +0,0 @@ -require 'spec_helper' - -describe 'mysql::bindings' do - on_supported_os.each do |os, facts| - context "on #{os}" do - let(:facts) { - facts.merge({ - :root_home => '/root', - }) - } - - let(:params) {{ - 'java_enable' => true, - 'perl_enable' => true, - 'php_enable' => true, - 'python_enable' => true, - 'ruby_enable' => true, - 'client_dev' => true, - 'daemon_dev' => true, - 'client_dev_package_name' => 'libmysqlclient-devel', - 'daemon_dev_package_name' => 'mysql-devel', - }} - - it { is_expected.to contain_package('mysql-connector-java') } - it { is_expected.to contain_package('perl_mysql') } - it { is_expected.to contain_package('python-mysqldb') } - it { is_expected.to contain_package('ruby_mysql') } - it { is_expected.to contain_package('mysql-client_dev') } - it { is_expected.to contain_package('mysql-daemon_dev') } - end - end -end diff --git a/mysql/spec/classes/mysql_client_spec.rb b/mysql/spec/classes/mysql_client_spec.rb deleted file mode 100644 index fdbcc1975..000000000 --- a/mysql/spec/classes/mysql_client_spec.rb +++ /dev/null @@ -1,38 +0,0 @@ -require 'spec_helper' - -describe 'mysql::client' do - on_supported_os.each do |os, facts| - context "on #{os}" do - let(:facts) { - facts.merge({ - :root_home => '/root', - }) - } - - context 'with defaults' do - it { is_expected.not_to contain_class('mysql::bindings') } - it { is_expected.to contain_package('mysql_client') } - end - - context 'with bindings enabled' do - let(:params) {{ :bindings_enable => true }} - - it { is_expected.to contain_class('mysql::bindings') } - it { is_expected.to contain_package('mysql_client') } - end - - context 'with package_manage set to true' do - let(:params) {{ :package_manage => true }} - - it { is_expected.to contain_package('mysql_client') } - end - - context 'with package_manage set to false' do - let(:params) {{ :package_manage => false }} - - it { is_expected.not_to contain_package('mysql_client') } - end - - end - end -end diff --git a/mysql/spec/classes/mysql_server_account_security_spec.rb b/mysql/spec/classes/mysql_server_account_security_spec.rb deleted file mode 100644 index d45c46e27..000000000 --- a/mysql/spec/classes/mysql_server_account_security_spec.rb +++ /dev/null @@ -1,86 +0,0 @@ -require 'spec_helper' - -describe 'mysql::server::account_security' do - on_supported_os.each do |os, facts| - context "on #{os}" do - context "with fqdn==myhost.mydomain" do - let(:facts) { - facts.merge({ - :root_home => '/root', - :fqdn => 'myhost.mydomain', - :hostname => 'myhost', - }) - } - - [ 'root@myhost.mydomain', - 'root@127.0.0.1', - 'root@::1', - '@myhost.mydomain', - '@localhost', - '@%', - ].each do |user| - it "removes Mysql_User[#{user}]" do - is_expected.to contain_mysql_user(user).with_ensure('absent') - end - end - - # When the hostname doesn't match the fqdn we also remove these. - # We don't need to test the inverse as when they match they are - # covered by the above list. - [ 'root@myhost', '@myhost' ].each do |user| - it "removes Mysql_User[#{user}]" do - is_expected.to contain_mysql_user(user).with_ensure('absent') - end - end - - it 'should remove Mysql_database[test]' do - is_expected.to contain_mysql_database('test').with_ensure('absent') - end - end - - context "with fqdn==localhost" do - let(:facts) { - facts.merge({ - :root_home => '/root', - :fqdn => 'localhost', - :hostname => 'localhost', - }) - } - - [ 'root@127.0.0.1', - 'root@::1', - '@localhost', - 'root@localhost.localdomain', - '@localhost.localdomain', - '@%', - ].each do |user| - it "removes Mysql_User[#{user}]" do - is_expected.to contain_mysql_user(user).with_ensure('absent') - end - end - end - - context "with fqdn==localhost.localdomain" do - let(:facts) { - facts.merge({ - :root_home => '/root', - :fqdn => 'localhost.localdomain', - :hostname => 'localhost', - }) - } - - [ 'root@127.0.0.1', - 'root@::1', - '@localhost', - 'root@localhost.localdomain', - '@localhost.localdomain', - '@%', - ].each do |user| - it "removes Mysql_User[#{user}]" do - is_expected.to contain_mysql_user(user).with_ensure('absent') - end - end - end - end - end -end diff --git a/mysql/spec/classes/mysql_server_backup_spec.rb b/mysql/spec/classes/mysql_server_backup_spec.rb deleted file mode 100644 index c1bc3745f..000000000 --- a/mysql/spec/classes/mysql_server_backup_spec.rb +++ /dev/null @@ -1,405 +0,0 @@ -require 'spec_helper' - -describe 'mysql::server::backup' do - on_supported_os.each do |os, facts| - context "on #{os}" do - let(:facts) { - facts.merge({ - :root_home => '/root', - }) - } - - let(:default_params) { - { 'backupuser' => 'testuser', - 'backuppassword' => 'testpass', - 'backupdir' => '/tmp', - 'backuprotate' => '25', - 'delete_before_dump' => true, - 'execpath' => '/usr/bin:/usr/sbin:/bin:/sbin:/opt/zimbra/bin', - } - } - - context 'standard conditions' do - let(:params) { default_params } - - # Cannot use that_requires here, doesn't work on classes. - it { is_expected.to contain_mysql_user('testuser@localhost').with( - :require => 'Class[Mysql::Server::Root_password]') } - - it { is_expected.to contain_mysql_grant('testuser@localhost/*.*').with( - :privileges => ['SELECT', 'RELOAD', 'LOCK TABLES', 'SHOW VIEW', 'PROCESS'] - ).that_requires('Mysql_user[testuser@localhost]') } - - context 'with triggers included' do - let(:params) do - { :include_triggers => true }.merge(default_params) - end - it { is_expected.to contain_mysql_grant('testuser@localhost/*.*').with( - :privileges => ['SELECT', 'RELOAD', 'LOCK TABLES', 'SHOW VIEW', 'PROCESS', 'TRIGGER'] - ).that_requires('Mysql_user[testuser@localhost]') } - end - - it { is_expected.to contain_cron('mysql-backup').with( - :command => '/usr/local/sbin/mysqlbackup.sh', - :ensure => 'present' - )} - - it { is_expected.to contain_file('mysqlbackup.sh').with( - :path => '/usr/local/sbin/mysqlbackup.sh', - :ensure => 'present' - ) } - - it { is_expected.to contain_file('mysqlbackupdir').with( - :path => '/tmp', - :ensure => 'directory' - )} - - it 'should have compression by default' do - is_expected.to contain_file('mysqlbackup.sh').with_content( - /bzcat -zc/ - ) - end - - it 'should skip backing up events table by default' do - is_expected.to contain_file('mysqlbackup.sh').with_content( - /ADDITIONAL_OPTIONS="--ignore-table=mysql.event"/ - ) - end - - it 'should not mention triggers by default because file_per_database is false' do - is_expected.to contain_file('mysqlbackup.sh').without_content( - /.*triggers.*/ - ) - end - - it 'should not mention routines by default because file_per_database is false' do - is_expected.to contain_file('mysqlbackup.sh').without_content( - /.*routines.*/ - ) - end - - it 'should have 25 days of rotation' do - # MySQL counts from 0 - is_expected.to contain_file('mysqlbackup.sh').with_content(/.*ROTATE=24.*/) - end - - it 'should have a standard PATH' do - is_expected.to contain_file('mysqlbackup.sh').with_content(%r{PATH=/usr/bin:/usr/sbin:/bin:/sbin:/opt/zimbra/bin}) - end - end - - context 'custom ownership and mode for backupdir' do - let(:params) do - { :backupdirmode => '0750', - :backupdirowner => 'testuser', - :backupdirgroup => 'testgrp', - }.merge(default_params) - end - - it { is_expected.to contain_file('mysqlbackupdir').with( - :path => '/tmp', - :ensure => 'directory', - :mode => '0750', - :owner => 'testuser', - :group => 'testgrp' - ) } - end - - context 'with compression disabled' do - let(:params) do - { :backupcompress => false }.merge(default_params) - end - - it { is_expected.to contain_file('mysqlbackup.sh').with( - :path => '/usr/local/sbin/mysqlbackup.sh', - :ensure => 'present' - ) } - - it 'should be able to disable compression' do - is_expected.to contain_file('mysqlbackup.sh').without_content( - /.*bzcat -zc.*/ - ) - end - end - - context 'with mysql.events backedup' do - let(:params) do - { :ignore_events => false }.merge(default_params) - end - - it { is_expected.to contain_file('mysqlbackup.sh').with( - :path => '/usr/local/sbin/mysqlbackup.sh', - :ensure => 'present' - ) } - - it 'should be able to backup events table' do - is_expected.to contain_file('mysqlbackup.sh').with_content( - /ADDITIONAL_OPTIONS="--events"/ - ) - end - end - - context 'with database list specified' do - let(:params) do - { :backupdatabases => ['mysql'] }.merge(default_params) - end - - it { is_expected.to contain_file('mysqlbackup.sh').with( - :path => '/usr/local/sbin/mysqlbackup.sh', - :ensure => 'present' - ) - } - - it 'should have a backup file for each database' do - is_expected.to contain_file('mysqlbackup.sh').with_content( - /mysql | bzcat -zc \${DIR}\\\${PREFIX}mysql_`date'/ - ) - end - - it 'should skip backup triggers by default' do - is_expected.to contain_file('mysqlbackup.sh').with_content( - /ADDITIONAL_OPTIONS="\$ADDITIONAL_OPTIONS --skip-triggers"/ - ) - end - - it 'should skip backing up routines by default' do - is_expected.to contain_file('mysqlbackup.sh').with_content( - /ADDITIONAL_OPTIONS="\$ADDITIONAL_OPTIONS --skip-routines"/ - ) - end - - context 'with include_triggers set to true' do - let(:params) do - default_params.merge({ - :backupdatabases => ['mysql'], - :include_triggers => true - }) - end - - it 'should backup triggers when asked' do - is_expected.to contain_file('mysqlbackup.sh').with_content( - /ADDITIONAL_OPTIONS="\$ADDITIONAL_OPTIONS --triggers"/ - ) - end - end - - context 'with include_triggers set to false' do - let(:params) do - default_params.merge({ - :backupdatabases => ['mysql'], - :include_triggers => false - }) - end - - it 'should skip backing up triggers when asked to skip' do - is_expected.to contain_file('mysqlbackup.sh').with_content( - /ADDITIONAL_OPTIONS="\$ADDITIONAL_OPTIONS --skip-triggers"/ - ) - end - end - - context 'with include_routines set to true' do - let(:params) do - default_params.merge({ - :backupdatabases => ['mysql'], - :include_routines => true - }) - end - - it 'should backup routines when asked' do - is_expected.to contain_file('mysqlbackup.sh').with_content( - /ADDITIONAL_OPTIONS="\$ADDITIONAL_OPTIONS --routines"/ - ) - end - end - - context 'with include_routines set to false' do - let(:params) do - default_params.merge({ - :backupdatabases => ['mysql'], - :include_triggers => true - }) - end - - it 'should skip backing up routines when asked to skip' do - is_expected.to contain_file('mysqlbackup.sh').with_content( - /ADDITIONAL_OPTIONS="\$ADDITIONAL_OPTIONS --skip-routines"/ - ) - end - end - end - - context 'with file per database' do - let(:params) do - default_params.merge({ :file_per_database => true }) - end - - it 'should loop through backup all databases' do - is_expected.to contain_file('mysqlbackup.sh').with_content(/.*SHOW DATABASES.*/) - end - - context 'with compression disabled' do - let(:params) do - default_params.merge({ :file_per_database => true, :backupcompress => false }) - end - - it 'should loop through backup all databases without compression' do - is_expected.to contain_file('mysqlbackup.sh').with_content( - /.*SHOW DATABASES.*/ - ) - is_expected.to contain_file('mysqlbackup.sh').without_content( - /.*bzcat -zc.*/ - ) - end - end - - it 'should skip backup triggers by default' do - is_expected.to contain_file('mysqlbackup.sh').with_content( - /ADDITIONAL_OPTIONS="\$ADDITIONAL_OPTIONS --skip-triggers"/ - ) - end - - it 'should skip backing up routines by default' do - is_expected.to contain_file('mysqlbackup.sh').with_content( - /ADDITIONAL_OPTIONS="\$ADDITIONAL_OPTIONS --skip-routines"/ - ) - end - - context 'with include_triggers set to true' do - let(:params) do - default_params.merge({ - :file_per_database => true, - :include_triggers => true - }) - end - - it 'should backup triggers when asked' do - is_expected.to contain_file('mysqlbackup.sh').with_content( - /ADDITIONAL_OPTIONS="\$ADDITIONAL_OPTIONS --triggers"/ - ) - end - end - - context 'with include_triggers set to false' do - let(:params) do - default_params.merge({ - :file_per_database => true, - :include_triggers => false - }) - end - - it 'should skip backing up triggers when asked to skip' do - is_expected.to contain_file('mysqlbackup.sh').with_content( - /ADDITIONAL_OPTIONS="\$ADDITIONAL_OPTIONS --skip-triggers"/ - ) - end - end - - context 'with include_routines set to true' do - let(:params) do - default_params.merge({ - :file_per_database => true, - :include_routines => true - }) - end - - it 'should backup routines when asked' do - is_expected.to contain_file('mysqlbackup.sh').with_content( - /ADDITIONAL_OPTIONS="\$ADDITIONAL_OPTIONS --routines"/ - ) - end - end - - context 'with include_routines set to false' do - let(:params) do - default_params.merge({ - :file_per_database => true, - :include_triggers => true - }) - end - - it 'should skip backing up routines when asked to skip' do - is_expected.to contain_file('mysqlbackup.sh').with_content( - /ADDITIONAL_OPTIONS="\$ADDITIONAL_OPTIONS --skip-routines"/ - ) - end - end - end - - context 'with postscript' do - let(:params) do - default_params.merge({ :postscript => 'rsync -a /tmp backup01.local-lan:' }) - end - - it 'should be add postscript' do - is_expected.to contain_file('mysqlbackup.sh').with_content( - /rsync -a \/tmp backup01.local-lan:/ - ) - end - end - - context 'with postscripts' do - let(:params) do - default_params.merge({ :postscript => [ - 'rsync -a /tmp backup01.local-lan:', - 'rsync -a /tmp backup02.local-lan:', - ]}) - end - - it 'should be add postscript' do - is_expected.to contain_file('mysqlbackup.sh').with_content( - /.*rsync -a \/tmp backup01.local-lan:\n\nrsync -a \/tmp backup02.local-lan:.*/ - ) - end - end - - context 'with the xtrabackup provider' do - let(:params) do - default_params.merge({:provider => 'xtrabackup'}) - end - - it 'should contain the wrapper script' do - is_expected.to contain_file('xtrabackup.sh').with_content( - /^innobackupex\s+"\$@"/ - ) - end - - context 'with prescript defined' do - let(:params) do - default_params.merge({ - :provider => 'xtrabackup', - :prescript => [ - 'rsync -a /tmp backup01.local-lan:', - 'rsync -a /tmp backup02.local-lan:', - ] - }) - end - - it 'should contain the prescript' do - is_expected.to contain_file('xtrabackup.sh').with_content( - /.*rsync -a \/tmp backup01.local-lan:\n\nrsync -a \/tmp backup02.local-lan:.*/ - ) - end - end - - context 'with postscript defined' do - let(:params) do - default_params.merge({ - :provider => 'xtrabackup', - :postscript => [ - 'rsync -a /tmp backup01.local-lan:', - 'rsync -a /tmp backup02.local-lan:', - ] - }) - end - - it 'should contain the prostscript' do - is_expected.to contain_file('xtrabackup.sh').with_content( - /.*rsync -a \/tmp backup01.local-lan:\n\nrsync -a \/tmp backup02.local-lan:.*/ - ) - end - end - end - end - end -end diff --git a/mysql/spec/classes/mysql_server_monitor_spec.rb b/mysql/spec/classes/mysql_server_monitor_spec.rb deleted file mode 100644 index 27fab17d4..000000000 --- a/mysql/spec/classes/mysql_server_monitor_spec.rb +++ /dev/null @@ -1,38 +0,0 @@ -require 'spec_helper' -describe 'mysql::server::monitor' do - on_supported_os.each do |os, facts| - context "on #{os}" do - let(:facts) { - facts.merge({ - :root_home => '/root', - }) - } - - let :pre_condition do - "include 'mysql::server'" - end - - let :default_params do - { - :mysql_monitor_username => 'monitoruser', - :mysql_monitor_password => 'monitorpass', - :mysql_monitor_hostname => 'monitorhost', - } - end - - let :params do - default_params - end - - it { is_expected.to contain_mysql_user('monitoruser@monitorhost')} - - it { is_expected.to contain_mysql_grant('monitoruser@monitorhost/*.*').with( - :ensure => 'present', - :user => 'monitoruser@monitorhost', - :table => '*.*', - :privileges => ["PROCESS", "SUPER"], - :require => 'Mysql_user[monitoruser@monitorhost]' - )} - end - end -end diff --git a/mysql/spec/classes/mysql_server_mysqltuner_spec.rb b/mysql/spec/classes/mysql_server_mysqltuner_spec.rb deleted file mode 100644 index 207246af6..000000000 --- a/mysql/spec/classes/mysql_server_mysqltuner_spec.rb +++ /dev/null @@ -1,45 +0,0 @@ -require 'spec_helper' - -describe 'mysql::server::mysqltuner' do - on_supported_os.each do |os, facts| - context "on #{os}" do - let(:facts) { - facts.merge({ - :root_home => '/root', - }) - } - - context 'ensure => present' do - it { is_expected.to compile } - it { is_expected.to contain_staging__file('mysqltuner-v1.3.0').with({ - :source => 'https://github.com/major/MySQLTuner-perl/raw/v1.3.0/mysqltuner.pl', - }) - } - end - - context 'ensure => absent' do - let(:params) {{ :ensure => 'absent' }} - it { is_expected.to compile } - it { is_expected.to contain_file('/usr/local/bin/mysqltuner').with(:ensure => 'absent') } - end - - context 'custom version' do - let(:params) {{ :version => 'v1.2.0' }} - it { is_expected.to compile } - it { is_expected.to contain_staging__file('mysqltuner-v1.2.0').with({ - :source => 'https://github.com/major/MySQLTuner-perl/raw/v1.2.0/mysqltuner.pl', - }) - } - end - - context 'custom source' do - let(:params) {{ :source => '/tmp/foo' }} - it { is_expected.to compile } - it { is_expected.to contain_staging__file('mysqltuner-/tmp/foo').with({ - :source => '/tmp/foo', - }) - } - end - end - end -end diff --git a/mysql/spec/classes/mysql_server_spec.rb b/mysql/spec/classes/mysql_server_spec.rb deleted file mode 100644 index 6f682888a..000000000 --- a/mysql/spec/classes/mysql_server_spec.rb +++ /dev/null @@ -1,214 +0,0 @@ -require 'spec_helper' - -describe 'mysql::server' do - on_supported_os.each do |os, facts| - context "on #{os}" do - let(:facts) { - facts.merge({ - :root_home => '/root', - }) - } - - context 'with defaults' do - it { is_expected.to contain_class('mysql::server::install') } - it { is_expected.to contain_class('mysql::server::config') } - it { is_expected.to contain_class('mysql::server::service') } - it { is_expected.to contain_class('mysql::server::root_password') } - it { is_expected.to contain_class('mysql::server::providers') } - end - - context 'with remove_default_accounts set' do - let(:params) {{ :remove_default_accounts => true }} - it { is_expected.to contain_class('mysql::server::account_security') } - end - - context 'when not managing config file' do - let(:params) {{ :manage_config_file => false }} - it { is_expected.to compile.with_all_deps } - end - - context 'mysql::server::install' do - it 'contains the package by default' do - is_expected.to contain_package('mysql-server').with({ - :ensure => :present, - }) - end - context 'with package_manage set to true' do - let(:params) {{ :package_manage => true }} - it { is_expected.to contain_package('mysql-server') } - end - context 'with package_manage set to false' do - let(:params) {{ :package_manage => false }} - it { is_expected.not_to contain_package('mysql-server') } - end - context 'with datadir overridden' do - let(:params) {{ :override_options => { 'mysqld' => { 'datadir' => '/tmp' }} }} - it { is_expected.to contain_mysql_datadir('/tmp') } - end - end - - context 'mysql::server::service' do - context 'with defaults' do - it { is_expected.to contain_service('mysqld') } - end - context 'with package_manage set to true' do - let(:params) {{ :package_manage => true }} - it { is_expected.to contain_service('mysqld').that_requires('Package[mysql-server]') } - end - context 'with package_manage set to false' do - let(:params) {{ :package_manage => false }} - it { is_expected.to contain_service('mysqld') } - it { is_expected.not_to contain_service('mysqld').that_requires('Package[mysql-server]') } - end - context 'service_enabled set to false' do - let(:params) {{ :service_enabled => false }} - - it do - is_expected.to contain_service('mysqld').with({ - :ensure => :stopped - }) - end - context 'with package_manage set to true' do - let(:params) {{ :package_manage => true }} - it { is_expected.to contain_package('mysql-server') } - end - context 'with package_manage set to false' do - let(:params) {{ :package_manage => false }} - it { is_expected.not_to contain_package('mysql-server') } - end - context 'with datadir overridden' do - let(:params) {{ :override_options => { 'mysqld' => { 'datadir' => '/tmp' }} }} - it { is_expected.to contain_mysql_datadir('/tmp') } - end - end - context 'with log-error overridden' do - let(:params) {{ :override_options => { 'mysqld' => { 'log-error' => '/tmp/error.log' }} }} - it { is_expected.to contain_file('/tmp/error.log') } - end - end - - context 'mysql::server::root_password' do - describe 'when defaults' do - it { - is_expected.to contain_exec('remove install pass').with( - :command => 'mysqladmin -u root --password=$(grep -o \'[^ ]\\+$\' /.mysql_secret) password \'\' && rm -f /.mysql_secret', - :onlyif => 'test -f /.mysql_secret', - :path => '/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin' - ) - } - it { is_expected.not_to contain_mysql_user('root@localhost') } - it { is_expected.not_to contain_file('/root/.my.cnf') } - end - describe 'when root_password set' do - let(:params) {{:root_password => 'SET' }} - it { is_expected.to contain_mysql_user('root@localhost') } - if Puppet.version.to_f >= 3.0 - it { is_expected.to contain_file('/root/.my.cnf').with(:show_diff => false).that_requires('Mysql_user[root@localhost]') } - else - it { is_expected.to contain_file('/root/.my.cnf').that_requires('Mysql_user[root@localhost]') } - end - end - describe 'when root_password set, create_root_user set to false' do - let(:params) {{ :root_password => 'SET', :create_root_user => false }} - it { is_expected.not_to contain_mysql_user('root@localhost') } - if Puppet.version.to_f >= 3.0 - it { is_expected.to contain_file('/root/.my.cnf').with(:show_diff => false) } - else - it { is_expected.to contain_file('/root/.my.cnf') } - end - end - describe 'when root_password set, create_root_my_cnf set to false' do - let(:params) {{ :root_password => 'SET', :create_root_my_cnf => false }} - it { is_expected.to contain_mysql_user('root@localhost') } - it { is_expected.not_to contain_file('/root/.my.cnf') } - end - describe 'when root_password set, create_root_user and create_root_my_cnf set to false' do - let(:params) {{ :root_password => 'SET', :create_root_user => false, :create_root_my_cnf => false }} - it { is_expected.not_to contain_mysql_user('root@localhost') } - it { is_expected.not_to contain_file('/root/.my.cnf') } - end - describe 'when install_secret_file set to /root/.mysql_secret' do - let(:params) {{ :install_secret_file => '/root/.mysql_secret' }} - it { - is_expected.to contain_exec('remove install pass').with( - :command => 'mysqladmin -u root --password=$(grep -o \'[^ ]\\+$\' /root/.mysql_secret) password \'\' && rm -f /root/.mysql_secret', - :onlyif => 'test -f /root/.mysql_secret' - ) - } - end - end - - context 'mysql::server::providers' do - describe 'with users' do - let(:params) {{:users => { - 'foo@localhost' => { - 'max_connections_per_hour' => '1', - 'max_queries_per_hour' => '2', - 'max_updates_per_hour' => '3', - 'max_user_connections' => '4', - 'password_hash' => '*F3A2A51A9B0F2BE2468926B4132313728C250DBF' - }, - 'foo2@localhost' => {} - }}} - it { is_expected.to contain_mysql_user('foo@localhost').with( - :max_connections_per_hour => '1', - :max_queries_per_hour => '2', - :max_updates_per_hour => '3', - :max_user_connections => '4', - :password_hash => '*F3A2A51A9B0F2BE2468926B4132313728C250DBF' - )} - it { is_expected.to contain_mysql_user('foo2@localhost').with( - :max_connections_per_hour => nil, - :max_queries_per_hour => nil, - :max_updates_per_hour => nil, - :max_user_connections => nil, - :password_hash => nil - )} - end - - describe 'with grants' do - let(:params) {{:grants => { - 'foo@localhost/somedb.*' => { - 'user' => 'foo@localhost', - 'table' => 'somedb.*', - 'privileges' => ["SELECT", "UPDATE"], - 'options' => ["GRANT"], - }, - 'foo2@localhost/*.*' => { - 'user' => 'foo2@localhost', - 'table' => '*.*', - 'privileges' => ["SELECT"], - }, - }}} - it { is_expected.to contain_mysql_grant('foo@localhost/somedb.*').with( - :user => 'foo@localhost', - :table => 'somedb.*', - :privileges => ["SELECT", "UPDATE"], - :options => ["GRANT"] - )} - it { is_expected.to contain_mysql_grant('foo2@localhost/*.*').with( - :user => 'foo2@localhost', - :table => '*.*', - :privileges => ["SELECT"], - :options => nil - )} - end - - describe 'with databases' do - let(:params) {{:databases => { - 'somedb' => { - 'charset' => 'latin1', - 'collate' => 'latin1', - }, - 'somedb2' => {} - }}} - it { is_expected.to contain_mysql_database('somedb').with( - :charset => 'latin1', - :collate => 'latin1' - )} - it { is_expected.to contain_mysql_database('somedb2')} - end - end - end - end -end diff --git a/mysql/spec/defines/mysql_db_spec.rb b/mysql/spec/defines/mysql_db_spec.rb deleted file mode 100644 index 15c00f653..000000000 --- a/mysql/spec/defines/mysql_db_spec.rb +++ /dev/null @@ -1,77 +0,0 @@ -require 'spec_helper' - -describe 'mysql::db', :type => :define do - on_supported_os.each do |os, facts| - context "on #{os}" do - let(:facts) { - facts.merge({ - :root_home => '/root', - }) - } - - let(:title) { 'test_db' } - - let(:params) { - { 'user' => 'testuser', - 'password' => 'testpass', - } - } - - it 'should report an error when ensure is not present or absent' do - params.merge!({'ensure' => 'invalid_val'}) - expect { catalogue }.to raise_error(Puppet::Error, - /invalid_val is not supported for ensure\. Allowed values are 'present' and 'absent'\./) - end - - it 'should not notify the import sql exec if no sql script was provided' do - is_expected.to contain_mysql_database('test_db').without_notify - end - - it 'should subscribe to database if sql script is given' do - params.merge!({'sql' => 'test_sql'}) - is_expected.to contain_exec('test_db-import').with_subscribe('Mysql_database[test_db]') - end - - it 'should only import sql script on creation if not enforcing' do - params.merge!({'sql' => 'test_sql', 'enforce_sql' => false}) - is_expected.to contain_exec('test_db-import').with_refreshonly(true) - end - - it 'should import sql script on creation if enforcing' do - params.merge!({'sql' => 'test_sql', 'enforce_sql' => true}) - is_expected.to contain_exec('test_db-import').with_refreshonly(false) - is_expected.to contain_exec('test_db-import').with_command("cat test_sql | mysql test_db") - end - - it 'should import sql scripts when more than one is specified' do - params.merge!({'sql' => ['test_sql', 'test_2_sql']}) - is_expected.to contain_exec('test_db-import').with_command('cat test_sql test_2_sql | mysql test_db') - end - - it 'should report an error if sql isn\'t a string or an array' do - params.merge!({'sql' => {'foo' => 'test_sql', 'bar' => 'test_2_sql'}}) - expect { catalogue }.to raise_error(Puppet::Error, - /\$sql must be either a string or an array\./) - end - - it 'should not create database and database user' do - params.merge!({'ensure' => 'absent', 'host' => 'localhost'}) - is_expected.to contain_mysql_database('test_db').with_ensure('absent') - is_expected.to contain_mysql_user('testuser@localhost').with_ensure('absent') - end - - it 'should create with an appropriate collate and charset' do - params.merge!({'charset' => 'utf8', 'collate' => 'utf8_danish_ci'}) - is_expected.to contain_mysql_database('test_db').with({ - 'charset' => 'utf8', - 'collate' => 'utf8_danish_ci', - }) - end - - it 'should use dbname parameter as database name instead of name' do - params.merge!({'dbname' => 'real_db'}) - is_expected.to contain_mysql_database('real_db') - end - end - end -end diff --git a/mysql/spec/spec.opts b/mysql/spec/spec.opts deleted file mode 100644 index 91cd6427e..000000000 --- a/mysql/spec/spec.opts +++ /dev/null @@ -1,6 +0,0 @@ ---format -s ---colour ---loadby -mtime ---backtrace diff --git a/mysql/spec/spec_helper.rb b/mysql/spec/spec_helper.rb deleted file mode 100644 index 22d5d689f..000000000 --- a/mysql/spec/spec_helper.rb +++ /dev/null @@ -1,8 +0,0 @@ -#This file is generated by ModuleSync, do not edit. -require 'puppetlabs_spec_helper/module_spec_helper' - -# put local configuration and setup into spec_helper_local -begin - require 'spec_helper_local' -rescue LoadError -end diff --git a/mysql/spec/spec_helper_acceptance.rb b/mysql/spec/spec_helper_acceptance.rb deleted file mode 100644 index d25f6a8b1..000000000 --- a/mysql/spec/spec_helper_acceptance.rb +++ /dev/null @@ -1,65 +0,0 @@ -require 'beaker-rspec' -require 'beaker/puppet_install_helper' - -run_puppet_install_helper - -UNSUPPORTED_PLATFORMS = [ 'Windows', 'Solaris', 'AIX' ] - -RSpec.configure do |c| - # Project root - proj_root = File.expand_path(File.join(File.dirname(__FILE__), '..')) - - # Readable test descriptions - c.formatter = :documentation - - # detect the situation where PUP-5016 is triggered and skip the idempotency tests in that case - # also note how fact('puppetversion') is not available because of PUP-4359 - if fact('osfamily') == 'Debian' && fact('operatingsystemmajrelease') == '8' && shell('puppet --version').stdout =~ /^4\.2/ - c.filter_run_excluding :skip_pup_5016 => true - end - - # Configure all nodes in nodeset - c.before :suite do - # Install module and dependencies - puppet_module_install(:source => proj_root, :module_name => 'mysql') - hosts.each do |host| - # Required for binding tests. - if fact('osfamily') == 'RedHat' - version = fact("operatingsystemmajrelease") - if fact('operatingsystemmajrelease') =~ /7/ || fact('operatingsystem') =~ /Fedora/ - shell("yum install -y bzip2") - end - end - - # Solaris 11 doesn't ship the SSL CA root for the forgeapi server - # therefore we need to use a different way to deploy the module to - # the host - if host['platform'] =~ /solaris-11/i - apply_manifest_on(host, 'package { "git": }') - # PE 3.x and 2015.2 require different locations to install modules - modulepath = host.puppet['modulepath'] - modulepath = modulepath.split(':').first if modulepath - - environmentpath = host.puppet['environmentpath'] - environmentpath = environmentpath.split(':').first if environmentpath - - destdir = modulepath || "#{environmentpath}/production/modules" - on host, "git clone https://github.com/puppetlabs/puppetlabs-stdlib #{destdir}/stdlib && cd #{destdir}/stdlib && git checkout 3.2.0" - on host, "git clone https://github.com/stahnma/puppet-module-epel.git #{destdir}/epel && cd #{destdir}/epel && git checkout 1.0.2" - else - on host, puppet('module','install','puppetlabs-stdlib','--version','3.2.0') - on host, puppet('module','install','stahnma/epel') - end - end - end -end - -shared_examples "a idempotent resource" do - it 'should apply with no errors' do - apply_manifest(pp, :catch_failures => true) - end - - it 'should apply a second time without changes', :skip_pup_5016 do - apply_manifest(pp, :catch_changes => true) - end -end diff --git a/mysql/spec/spec_helper_local.rb b/mysql/spec/spec_helper_local.rb deleted file mode 100644 index 9a86ccd1b..000000000 --- a/mysql/spec/spec_helper_local.rb +++ /dev/null @@ -1,3 +0,0 @@ -require 'rspec-puppet-facts' -include RspecPuppetFacts - diff --git a/mysql/spec/unit/facter/mysql_server_id_spec.rb b/mysql/spec/unit/facter/mysql_server_id_spec.rb deleted file mode 100644 index e82a2bce8..000000000 --- a/mysql/spec/unit/facter/mysql_server_id_spec.rb +++ /dev/null @@ -1,27 +0,0 @@ -require "spec_helper" - -describe Facter::Util::Fact do - before { - Facter.clear - } - - describe "mysql_server_id" do - context "igalic's laptop" do - before :each do - Facter.fact(:macaddress).stubs(:value).returns('3c:97:0e:69:fb:e1') - end - it do - Facter.fact(:mysql_server_id).value.to_s.should == '66961985441' - end - end - - context "node with lo only" do - before :each do - Facter.fact(:macaddress).stubs(:value).returns('00:00:00:00:00:00') - end - it do - Facter.fact(:mysql_server_id).value.to_s.should == '0' - end - end - end -end diff --git a/mysql/spec/unit/facter/mysql_version_spec.rb b/mysql/spec/unit/facter/mysql_version_spec.rb deleted file mode 100644 index 60379f64f..000000000 --- a/mysql/spec/unit/facter/mysql_version_spec.rb +++ /dev/null @@ -1,20 +0,0 @@ -require "spec_helper" - -describe Facter::Util::Fact do - before { - Facter.clear - } - - describe "mysql_version" do - context 'with value' do - before :each do - Facter::Util::Resolution.stubs(:exec).with('mysql --version').returns('mysql Ver 14.12 Distrib 5.0.95, for redhat-linux-gnu (x86_64) using readline 5.1') - end - it { - expect(Facter.fact(:mysql_version).value).to eq('5.0.95') - } - end - - end - -end diff --git a/mysql/spec/unit/puppet/functions/mysql_deepmerge_spec.rb b/mysql/spec/unit/puppet/functions/mysql_deepmerge_spec.rb deleted file mode 100644 index 18cb26bfa..000000000 --- a/mysql/spec/unit/puppet/functions/mysql_deepmerge_spec.rb +++ /dev/null @@ -1,91 +0,0 @@ -#! /usr/bin/env ruby -S rspec - -require 'spec_helper' - -describe Puppet::Parser::Functions.function(:mysql_deepmerge) do - let(:scope) { PuppetlabsSpec::PuppetInternals.scope } - - describe 'when calling mysql_deepmerge from puppet' do - it "should not compile when no arguments are passed" do - skip("Fails on 2.6.x, see bug #15912") if Puppet.version =~ /^2\.6\./ - Puppet[:code] = '$x = mysql_deepmerge()' - expect { - scope.compiler.compile - }.to raise_error(Puppet::ParseError, /wrong number of arguments/) - end - - it "should not compile when 1 argument is passed" do - skip("Fails on 2.6.x, see bug #15912") if Puppet.version =~ /^2\.6\./ - Puppet[:code] = "$my_hash={'one' => 1}\n$x = mysql_deepmerge($my_hash)" - expect { - scope.compiler.compile - }.to raise_error(Puppet::ParseError, /wrong number of arguments/) - end - end - - describe 'when calling mysql_deepmerge on the scope instance' do - it 'should require all parameters are hashes' do - expect { new_hash = scope.function_mysql_deepmerge([{}, '2'])}.to raise_error(Puppet::ParseError, /unexpected argument type String/) - expect { new_hash = scope.function_mysql_deepmerge([{}, 2])}.to raise_error(Puppet::ParseError, /unexpected argument type Fixnum/) - end - - it 'should accept empty strings as puppet undef' do - expect { new_hash = scope.function_mysql_deepmerge([{}, ''])}.not_to raise_error - end - - it 'should be able to mysql_deepmerge two hashes' do - new_hash = scope.function_mysql_deepmerge([{'one' => '1', 'two' => '1'}, {'two' => '2', 'three' => '2'}]) - expect(new_hash['one']).to eq('1') - expect(new_hash['two']).to eq('2') - expect(new_hash['three']).to eq('2') - end - - it 'should mysql_deepmerge multiple hashes' do - hash = scope.function_mysql_deepmerge([{'one' => 1}, {'one' => '2'}, {'one' => '3'}]) - expect(hash['one']).to eq('3') - end - - it 'should accept empty hashes' do - expect(scope.function_mysql_deepmerge([{},{},{}])).to eq({}) - end - - it 'should mysql_deepmerge subhashes' do - hash = scope.function_mysql_deepmerge([{'one' => 1}, {'two' => 2, 'three' => { 'four' => 4 } }]) - expect(hash['one']).to eq(1) - expect(hash['two']).to eq(2) - expect(hash['three']).to eq({ 'four' => 4 }) - end - - it 'should append to subhashes' do - hash = scope.function_mysql_deepmerge([{'one' => { 'two' => 2 } }, { 'one' => { 'three' => 3 } }]) - expect(hash['one']).to eq({ 'two' => 2, 'three' => 3 }) - end - - it 'should append to subhashes 2' do - hash = scope.function_mysql_deepmerge([{'one' => 1, 'two' => 2, 'three' => { 'four' => 4 } }, {'two' => 'dos', 'three' => { 'five' => 5 } }]) - expect(hash['one']).to eq(1) - expect(hash['two']).to eq('dos') - expect(hash['three']).to eq({ 'four' => 4, 'five' => 5 }) - end - - it 'should append to subhashes 3' do - hash = scope.function_mysql_deepmerge([{ 'key1' => { 'a' => 1, 'b' => 2 }, 'key2' => { 'c' => 3 } }, { 'key1' => { 'b' => 99 } }]) - expect(hash['key1']).to eq({ 'a' => 1, 'b' => 99 }) - expect(hash['key2']).to eq({ 'c' => 3 }) - end - - it 'should equate keys mod dash and underscore' do - hash = scope.function_mysql_deepmerge([{ 'a-b-c' => 1 } , { 'a_b_c' => 10 }]) - expect(hash['a_b_c']).to eq(10) - expect(hash).not_to have_key('a-b-c') - end - - it 'should keep style of the last when keys are euqal mod dash and underscore' do - hash = scope.function_mysql_deepmerge([{ 'a-b-c' => 1, 'b_c_d' => { 'c-d-e' => 2, 'e-f-g' => 3 }} , { 'a_b_c' => 10, 'b-c-d' => { 'c_d_e' => 12 } }]) - expect(hash['a_b_c']).to eq(10) - expect(hash).not_to have_key('a-b-c') - expect(hash['b-c-d']).to eq({ 'e-f-g' => 3, 'c_d_e' => 12 }) - expect(hash).not_to have_key('b_c_d') - end - end -end diff --git a/mysql/spec/unit/puppet/functions/mysql_password_spec.rb b/mysql/spec/unit/puppet/functions/mysql_password_spec.rb deleted file mode 100644 index 2d5feea41..000000000 --- a/mysql/spec/unit/puppet/functions/mysql_password_spec.rb +++ /dev/null @@ -1,37 +0,0 @@ -require 'spec_helper' - -describe 'the mysql_password function' do - before :all do - Puppet::Parser::Functions.autoloader.loadall - end - - let(:scope) { PuppetlabsSpec::PuppetInternals.scope } - - it 'should exist' do - expect(Puppet::Parser::Functions.function('mysql_password')).to eq('function_mysql_password') - end - - it 'should raise a ParseError if there is less than 1 arguments' do - expect { scope.function_mysql_password([]) }.to( raise_error(Puppet::ParseError)) - end - - it 'should raise a ParseError if there is more than 1 arguments' do - expect { scope.function_mysql_password(%w(foo bar)) }.to( raise_error(Puppet::ParseError)) - end - - it 'should convert password into a hash' do - result = scope.function_mysql_password(%w(password)) - expect(result).to(eq('*2470C0C06DEE42FD1618BB99005ADCA2EC9D1E19')) - end - - it 'should convert an empty password into a empty string' do - result = scope.function_mysql_password([""]) - expect(result).to(eq('')) - end - - it 'should not convert a password that is already a hash' do - result = scope.function_mysql_password(['*2470C0C06DEE42FD1618BB99005ADCA2EC9D1E19']) - expect(result).to(eq('*2470C0C06DEE42FD1618BB99005ADCA2EC9D1E19')) - end - -end diff --git a/mysql/spec/unit/puppet/functions/mysql_table_exists_spec.rb b/mysql/spec/unit/puppet/functions/mysql_table_exists_spec.rb deleted file mode 100644 index 03fb1cb92..000000000 --- a/mysql/spec/unit/puppet/functions/mysql_table_exists_spec.rb +++ /dev/null @@ -1,26 +0,0 @@ -require 'spec_helper' - -describe 'the mysql_table_exists function' do - before :all do - Puppet::Parser::Functions.autoloader.loadall - end - - let(:scope) { PuppetlabsSpec::PuppetInternals.scope } - - it 'should exist' do - expect(Puppet::Parser::Functions.function('mysql_table_exists')).to eq('function_mysql_table_exists') - end - - it 'should raise a ParseError if there is less than 1 arguments' do - expect { scope.function_mysql_table_exists([]) }.to( raise_error(Puppet::ParseError)) - end - - it 'should raise a ParserError if argument doesn\'t look like database_name.table_name' do - expect { scope.function_mysql_table_exists(['foo_bar']) }.to( raise_error(Puppet::ParseError)) - end - - it 'should raise a ParseError if there is more than 1 arguments' do - expect { scope.function_mysql_table_exists(%w(foo.bar foo.bar)) }.to( raise_error(Puppet::ParseError)) - end - -end \ No newline at end of file diff --git a/mysql/spec/unit/puppet/provider/mysql_database/mysql_spec.rb b/mysql/spec/unit/puppet/provider/mysql_database/mysql_spec.rb deleted file mode 100644 index 465e59dd5..000000000 --- a/mysql/spec/unit/puppet/provider/mysql_database/mysql_spec.rb +++ /dev/null @@ -1,118 +0,0 @@ -require 'spec_helper' - -describe Puppet::Type.type(:mysql_database).provider(:mysql) do - - let(:defaults_file) { '--defaults-extra-file=/root/.my.cnf' } - - let(:raw_databases) do - <<-SQL_OUTPUT -information_schema -mydb -mysql -performance_schema -test - SQL_OUTPUT - end - - let(:parsed_databases) { %w(information_schema mydb mysql performance_schema test) } - - let(:resource) { Puppet::Type.type(:mysql_database).new( - { :ensure => :present, - :charset => 'latin1', - :collate => 'latin1_swedish_ci', - :name => 'new_database', - :provider => described_class.name - } - )} - let(:provider) { resource.provider } - - before :each do - Facter.stubs(:value).with(:root_home).returns('/root') - Puppet::Util.stubs(:which).with('mysql').returns('/usr/bin/mysql') - File.stubs(:file?).with('/root/.my.cnf').returns(true) - provider.class.stubs(:mysql).with([defaults_file, '-NBe', 'show databases']).returns('new_database') - provider.class.stubs(:mysql).with([defaults_file, '-NBe', "show variables like '%_database'", 'new_database']).returns("character_set_database latin1\ncollation_database latin1_swedish_ci\nskip_show_database OFF") - end - - let(:instance) { provider.class.instances.first } - - describe 'self.instances' do - it 'returns an array of databases' do - provider.class.stubs(:mysql).with([defaults_file, '-NBe', 'show databases']).returns(raw_databases) - raw_databases.each_line do |db| - provider.class.stubs(:mysql).with([defaults_file, '-NBe', "show variables like '%_database'", db.chomp]).returns("character_set_database latin1\ncollation_database latin1_swedish_ci\nskip_show_database OFF") - end - databases = provider.class.instances.collect {|x| x.name } - expect(parsed_databases).to match_array(databases) - end - end - - describe 'self.prefetch' do - it 'exists' do - provider.class.instances - provider.class.prefetch({}) - end - end - - describe 'create' do - it 'makes a database' do - provider.expects(:mysql).with([defaults_file, '-NBe', "create database if not exists `#{resource[:name]}` character set `#{resource[:charset]}` collate `#{resource[:collate]}`"]) - provider.expects(:exists?).returns(true) - expect(provider.create).to be_truthy - end - end - - describe 'destroy' do - it 'removes a database if present' do - provider.expects(:mysql).with([defaults_file, '-NBe', "drop database if exists `#{resource[:name]}`"]) - provider.expects(:exists?).returns(false) - expect(provider.destroy).to be_truthy - end - end - - describe 'exists?' do - it 'checks if database exists' do - expect(instance.exists?).to be_truthy - end - end - - describe 'self.defaults_file' do - it 'sets --defaults-extra-file' do - File.stubs(:file?).with('/root/.my.cnf').returns(true) - expect(provider.defaults_file).to eq '--defaults-extra-file=/root/.my.cnf' - end - it 'fails if file missing' do - File.stubs(:file?).with('/root/.my.cnf').returns(false) - expect(provider.defaults_file).to be_nil - end - end - - describe 'charset' do - it 'returns a charset' do - expect(instance.charset).to eq('latin1') - end - end - - describe 'charset=' do - it 'changes the charset' do - provider.expects(:mysql).with([defaults_file, '-NBe', "alter database `#{resource[:name]}` CHARACTER SET blah"]).returns('0') - - provider.charset=('blah') - end - end - - describe 'collate' do - it 'returns a collate' do - expect(instance.collate).to eq('latin1_swedish_ci') - end - end - - describe 'collate=' do - it 'changes the collate' do - provider.expects(:mysql).with([defaults_file, '-NBe', "alter database `#{resource[:name]}` COLLATE blah"]).returns('0') - - provider.collate=('blah') - end - end - -end diff --git a/mysql/spec/unit/puppet/provider/mysql_plugin/mysql_spec.rb b/mysql/spec/unit/puppet/provider/mysql_plugin/mysql_spec.rb deleted file mode 100644 index 340562ff8..000000000 --- a/mysql/spec/unit/puppet/provider/mysql_plugin/mysql_spec.rb +++ /dev/null @@ -1,71 +0,0 @@ -require 'spec_helper' - -describe Puppet::Type.type(:mysql_plugin).provider(:mysql) do - - let(:defaults_file) { '--defaults-extra-file=/root/.my.cnf' } - - let(:resource) { Puppet::Type.type(:mysql_plugin).new( - { :ensure => :present, - :soname => 'auth_socket.so', - :name => 'auth_socket', - :provider => described_class.name - } - )} - let(:provider) { resource.provider } - - before :each do - Facter.stubs(:value).with(:root_home).returns('/root') - Puppet::Util.stubs(:which).with('mysql').returns('/usr/bin/mysql') - File.stubs(:file?).with('/root/.my.cnf').returns(true) - provider.class.stubs(:mysql).with([defaults_file, '-NBe', 'show plugins']).returns('auth_socket ACTIVE AUTHENTICATION auth_socket.so GPL') - end - - let(:instance) { provider.class.instances.first } - - describe 'self.prefetch' do - it 'exists' do - provider.class.instances - provider.class.prefetch({}) - end - end - - describe 'create' do - it 'loads a plugin' do - provider.expects(:mysql).with([defaults_file, '-NBe', "install plugin #{resource[:name]} soname '#{resource[:soname]}'"]) - provider.expects(:exists?).returns(true) - expect(provider.create).to be_truthy - end - end - - describe 'destroy' do - it 'unloads a plugin if present' do - provider.expects(:mysql).with([defaults_file, '-NBe', "uninstall plugin #{resource[:name]}"]) - provider.expects(:exists?).returns(false) - expect(provider.destroy).to be_truthy - end - end - - describe 'exists?' do - it 'checks if plugin exists' do - expect(instance.exists?).to be_truthy - end - end - - describe 'self.defaults_file' do - it 'sets --defaults-extra-file' do - File.stubs(:file?).with('/root/.my.cnf').returns(true) - expect(provider.defaults_file).to eq '--defaults-extra-file=/root/.my.cnf' - end - it 'fails if file missing' do - File.stubs(:file?).with('/root/.my.cnf').returns(false) - expect(provider.defaults_file).to be_nil - end - end - - describe 'soname' do - it 'returns a soname' do - expect(instance.soname).to eq('auth_socket.so') - end - end - -end diff --git a/mysql/spec/unit/puppet/provider/mysql_user/mysql_spec.rb b/mysql/spec/unit/puppet/provider/mysql_user/mysql_spec.rb deleted file mode 100644 index 7eff67fec..000000000 --- a/mysql/spec/unit/puppet/provider/mysql_user/mysql_spec.rb +++ /dev/null @@ -1,299 +0,0 @@ -require 'spec_helper' - -describe Puppet::Type.type(:mysql_user).provider(:mysql) do - - # Output of mysqld -V - mysql_version_string_hash = { - 'mysql-5.5' => - { - :version => '5.5.46', - :string => '/usr/sbin/mysqld Ver 5.5.46-log for Linux on x86_64 (MySQL Community Server (GPL))', - :mysql_type => 'mysql', - }, - 'mysql-5.6' => - { - :version => '5.6.27', - :string => '/usr/sbin/mysqld Ver 5.6.27 for Linux on x86_64 (MySQL Community Server (GPL))', - :mysql_type => 'mysql', - }, - 'mysql-5.7.1' => - { - :version => '5.7.1', - :string => '/usr/sbin/mysqld Ver 5.7.1 for Linux on x86_64 (MySQL Community Server (GPL))', - :mysql_type => 'mysql', - }, - 'mysql-5.7.6' => - { - :version => '5.7.8', - :string => '/usr/sbin/mysqld Ver 5.7.8-rc for Linux on x86_64 (MySQL Community Server (GPL))', - :mysql_type => 'mysql', - }, - 'mariadb-10.0' => - { - :version => '10.0.21', - :string => '/usr/sbin/mysqld Ver 10.0.21-MariaDB for Linux on x86_64 (MariaDB Server)', - :mysql_type => 'mariadb', - }, - 'percona-5.5' => - { - :version => '5.5.39', - :string => 'mysqld Ver 5.5.39-36.0-55 for Linux on x86_64 (Percona XtraDB Cluster (GPL), Release rel36.0, Revision 824, WSREP version 25.11, wsrep_25.11.r4023)', - :mysql_type => 'percona', - }, - } - - let(:defaults_file) { '--defaults-extra-file=/root/.my.cnf' } - let(:newhash) { '*6C8989366EAF75BB670AD8EA7A7FC1176A95CEF5' } - - let(:raw_users) do - <<-SQL_OUTPUT -root@127.0.0.1 -root@::1 -@localhost -debian-sys-maint@localhost -root@localhost -usvn_user@localhost -@vagrant-ubuntu-raring-64 - SQL_OUTPUT - end - - let(:parsed_users) { %w(root@127.0.0.1 root@::1 @localhost debian-sys-maint@localhost root@localhost usvn_user@localhost @vagrant-ubuntu-raring-64) } - - let(:resource) { Puppet::Type.type(:mysql_user).new( - { :ensure => :present, - :password_hash => '*6C8989366EAF75BB670AD8EA7A7FC1176A95CEF4', - :name => 'joe@localhost', - :max_user_connections => '10', - :max_connections_per_hour => '10', - :max_queries_per_hour => '10', - :max_updates_per_hour => '10', - :provider => described_class.name - } - )} - let(:provider) { resource.provider } - - before :each do - # Set up the stubs for an instances call. - Facter.stubs(:value).with(:root_home).returns('/root') - Facter.stubs(:value).with(:mysql_version).returns('5.6.24') - provider.class.instance_variable_set(:@mysqld_version_string, '5.6.24') - Puppet::Util.stubs(:which).with('mysql').returns('/usr/bin/mysql') - Puppet::Util.stubs(:which).with('mysqld').returns('/usr/sbin/mysqld') - File.stubs(:file?).with('/root/.my.cnf').returns(true) - provider.class.stubs(:mysql).with([defaults_file, '-NBe', "SELECT CONCAT(User, '@',Host) AS User FROM mysql.user"]).returns('joe@localhost') - provider.class.stubs(:mysql).with([defaults_file, '-NBe', "SELECT MAX_USER_CONNECTIONS, MAX_CONNECTIONS, MAX_QUESTIONS, MAX_UPDATES, PASSWORD /*!50508 , PLUGIN */ FROM mysql.user WHERE CONCAT(user, '@', host) = 'joe@localhost'"]).returns('10 10 10 10 *6C8989366EAF75BB670AD8EA7A7FC1176A95CEF4') - end - - let(:instance) { provider.class.instances.first } - - describe 'self.instances' do - it 'returns an array of users MySQL 5.5' do - provider.class.instance_variable_set(:@mysqld_version_string, mysql_version_string_hash['mysql-5.5'][:string]) - provider.class.stubs(:mysql).with([defaults_file, '-NBe', "SELECT CONCAT(User, '@',Host) AS User FROM mysql.user"]).returns(raw_users) - parsed_users.each do |user| - provider.class.stubs(:mysql).with([defaults_file, '-NBe', "SELECT MAX_USER_CONNECTIONS, MAX_CONNECTIONS, MAX_QUESTIONS, MAX_UPDATES, PASSWORD /*!50508 , PLUGIN */ FROM mysql.user WHERE CONCAT(user, '@', host) = '#{user}'"]).returns('10 10 10 10 ') - end - - usernames = provider.class.instances.collect {|x| x.name } - expect(parsed_users).to match_array(usernames) - end - it 'returns an array of users MySQL 5.6' do - provider.class.instance_variable_set(:@mysqld_version_string, mysql_version_string_hash['mysql-5.6'][:string]) - provider.class.stubs(:mysql).with([defaults_file, '-NBe', "SELECT CONCAT(User, '@',Host) AS User FROM mysql.user"]).returns(raw_users) - parsed_users.each do |user| - provider.class.stubs(:mysql).with([defaults_file, '-NBe', "SELECT MAX_USER_CONNECTIONS, MAX_CONNECTIONS, MAX_QUESTIONS, MAX_UPDATES, PASSWORD /*!50508 , PLUGIN */ FROM mysql.user WHERE CONCAT(user, '@', host) = '#{user}'"]).returns('10 10 10 10 ') - end - - usernames = provider.class.instances.collect {|x| x.name } - expect(parsed_users).to match_array(usernames) - end - it 'returns an array of users MySQL >= 5.7.0 < 5.7.6' do - provider.class.instance_variable_set(:@mysqld_version_string, mysql_version_string_hash['mysql-5.7.1'][:string]) - provider.class.stubs(:mysql).with([defaults_file, '-NBe', "SELECT CONCAT(User, '@',Host) AS User FROM mysql.user"]).returns(raw_users) - parsed_users.each do |user| - provider.class.stubs(:mysql).with([defaults_file, '-NBe', "SELECT MAX_USER_CONNECTIONS, MAX_CONNECTIONS, MAX_QUESTIONS, MAX_UPDATES, PASSWORD /*!50508 , PLUGIN */ FROM mysql.user WHERE CONCAT(user, '@', host) = '#{user}'"]).returns('10 10 10 10 ') - end - - usernames = provider.class.instances.collect {|x| x.name } - expect(parsed_users).to match_array(usernames) - end - it 'returns an array of users MySQL >= 5.7.6' do - provider.class.instance_variable_set(:@mysqld_version_string, mysql_version_string_hash['mysql-5.7.6'][:string]) - provider.class.stubs(:mysql).with([defaults_file, '-NBe', "SELECT CONCAT(User, '@',Host) AS User FROM mysql.user"]).returns(raw_users) - parsed_users.each do |user| - provider.class.stubs(:mysql).with([defaults_file, '-NBe', "SELECT MAX_USER_CONNECTIONS, MAX_CONNECTIONS, MAX_QUESTIONS, MAX_UPDATES, AUTHENTICATION_STRING, PLUGIN FROM mysql.user WHERE CONCAT(user, '@', host) = '#{user}'"]).returns('10 10 10 10 ') - end - - usernames = provider.class.instances.collect {|x| x.name } - expect(parsed_users).to match_array(usernames) - end - it 'returns an array of users mariadb 10.0' do - provider.class.instance_variable_set(:@mysqld_version_string, mysql_version_string_hash['mariadb-10.0'][:string]) - provider.class.stubs(:mysql).with([defaults_file, '-NBe', "SELECT CONCAT(User, '@',Host) AS User FROM mysql.user"]).returns(raw_users) - parsed_users.each do |user| - provider.class.stubs(:mysql).with([defaults_file, '-NBe', "SELECT MAX_USER_CONNECTIONS, MAX_CONNECTIONS, MAX_QUESTIONS, MAX_UPDATES, PASSWORD /*!50508 , PLUGIN */ FROM mysql.user WHERE CONCAT(user, '@', host) = '#{user}'"]).returns('10 10 10 10 ') - end - - usernames = provider.class.instances.collect {|x| x.name } - expect(parsed_users).to match_array(usernames) - end - it 'returns an array of users percona 5.5' do - provider.class.instance_variable_set(:@mysqld_version_string, mysql_version_string_hash['percona-5.5'][:string]) - provider.class.stubs(:mysql).with([defaults_file, '-NBe', "SELECT CONCAT(User, '@',Host) AS User FROM mysql.user"]).returns(raw_users) - parsed_users.each do |user| - provider.class.stubs(:mysql).with([defaults_file, '-NBe', "SELECT MAX_USER_CONNECTIONS, MAX_CONNECTIONS, MAX_QUESTIONS, MAX_UPDATES, PASSWORD /*!50508 , PLUGIN */ FROM mysql.user WHERE CONCAT(user, '@', host) = '#{user}'"]).returns('10 10 10 10 ') - end - - usernames = provider.class.instances.collect {|x| x.name } - expect(parsed_users).to match_array(usernames) - end - end - - describe 'mysql version and type detection' do - mysql_version_string_hash.each do |name,line| - version=line[:version] - string=line[:string] - mysql_type=line[:mysql_type] - it "detects type '#{mysql_type}' with version '#{version}'" do - provider.class.instance_variable_set(:@mysqld_version_string, string) - expect(provider.mysqld_version).to eq(version) - expect(provider.mysqld_type).to eq(mysql_type) - end - end - end - - describe 'self.prefetch' do - it 'exists' do - provider.class.instances - provider.class.prefetch({}) - end - end - - describe 'create' do - it 'makes a user' do - provider.expects(:mysql).with([defaults_file, '-e', "CREATE USER 'joe'@'localhost' IDENTIFIED BY PASSWORD '*6C8989366EAF75BB670AD8EA7A7FC1176A95CEF4'"]) - provider.expects(:mysql).with([defaults_file, '-e', "GRANT USAGE ON *.* TO 'joe'@'localhost' WITH MAX_USER_CONNECTIONS 10 MAX_CONNECTIONS_PER_HOUR 10 MAX_QUERIES_PER_HOUR 10 MAX_UPDATES_PER_HOUR 10"]) - provider.expects(:exists?).returns(true) - expect(provider.create).to be_truthy - end - end - - describe 'destroy' do - it 'removes a user if present' do - provider.expects(:mysql).with([defaults_file, '-e', "DROP USER 'joe'@'localhost'"]) - provider.expects(:exists?).returns(false) - expect(provider.destroy).to be_truthy - end - end - - describe 'exists?' do - it 'checks if user exists' do - expect(instance.exists?).to be_truthy - end - end - - describe 'self.mysqld_version' do - it 'queries mysql if unset' do - provider.class.instance_variable_set(:@mysqld_version_string, nil) - provider.class.expects(:mysqld).with(['-V']) - expect(provider.mysqld_version).to be_nil - end - it 'returns 5.7.6 for "mysqld Ver 5.7.6 for Linux on x86_64 (MySQL Community Server (GPL))"' do - provider.class.instance_variable_set(:@mysqld_version_string, 'mysqld Ver 5.7.6 for Linux on x86_64 (MySQL Community Server (GPL))') - expect(provider.mysqld_version).to eq '5.7.6' - end - it 'returns 5.7.6 for "mysqld Ver 5.7.6-rc for Linux on x86_64 (MySQL Community Server (GPL))"' do - provider.class.instance_variable_set(:@mysqld_version_string, 'mysqld Ver 5.7.6-rc for Linux on x86_64 (MySQL Community Server (GPL))') - expect(provider.mysqld_version).to eq '5.7.6' - end - it 'detects >= 5.7.6 for 5.7.7-log' do - provider.class.instance_variable_set(:@mysqld_version_string, 'mysqld Ver 5.7.7-log for Linux on x86_64 (MySQL Community Server (GPL))') - expect(Puppet::Util::Package.versioncmp(provider.mysqld_version, '5.7.6')).to be >= 0 - end - it 'detects < 5.7.6 for 5.7.5-log' do - provider.class.instance_variable_set(:@mysqld_version_string, 'mysqld Ver 5.7.5-log for Linux on x86_64 (MySQL Community Server (GPL))') - expect(Puppet::Util::Package.versioncmp(provider.mysqld_version, '5.7.6')).to be < 0 - end - end - - describe 'self.defaults_file' do - it 'sets --defaults-extra-file' do - File.stubs(:file?).with('/root/.my.cnf').returns(true) - expect(provider.defaults_file).to eq '--defaults-extra-file=/root/.my.cnf' - end - it 'fails if file missing' do - File.expects(:file?).with('/root/.my.cnf').returns(false) - expect(provider.defaults_file).to be_nil - end - end - - describe 'password_hash' do - it 'returns a hash' do - expect(instance.password_hash).to eq('*6C8989366EAF75BB670AD8EA7A7FC1176A95CEF4') - end - end - - describe 'password_hash=' do - it 'changes the hash mysql 5.5' do - provider.class.instance_variable_set(:@mysqld_version_string, mysql_version_string_hash['mysql-5.5'][:string]) - provider.expects(:mysql).with([defaults_file, '-e', "SET PASSWORD FOR 'joe'@'localhost' = '*6C8989366EAF75BB670AD8EA7A7FC1176A95CEF5'"]).returns('0') - - provider.expects(:password_hash).returns('*6C8989366EAF75BB670AD8EA7A7FC1176A95CEF5') - provider.password_hash=('*6C8989366EAF75BB670AD8EA7A7FC1176A95CEF5') - end - it 'changes the hash mysql 5.6' do - provider.class.instance_variable_set(:@mysqld_version_string, mysql_version_string_hash['mysql-5.6'][:string]) - provider.expects(:mysql).with([defaults_file, '-e', "SET PASSWORD FOR 'joe'@'localhost' = '*6C8989366EAF75BB670AD8EA7A7FC1176A95CEF5'"]).returns('0') - - provider.expects(:password_hash).returns('*6C8989366EAF75BB670AD8EA7A7FC1176A95CEF5') - provider.password_hash=('*6C8989366EAF75BB670AD8EA7A7FC1176A95CEF5') - end - it 'changes the hash mysql < 5.7.6' do - provider.class.instance_variable_set(:@mysqld_version_string, mysql_version_string_hash['mysql-5.7.1'][:string]) - provider.expects(:mysql).with([defaults_file, '-e', "SET PASSWORD FOR 'joe'@'localhost' = '*6C8989366EAF75BB670AD8EA7A7FC1176A95CEF5'"]).returns('0') - - provider.expects(:password_hash).returns('*6C8989366EAF75BB670AD8EA7A7FC1176A95CEF5') - provider.password_hash=('*6C8989366EAF75BB670AD8EA7A7FC1176A95CEF5') - end - it 'changes the hash MySQL >= 5.7.6' do - provider.class.instance_variable_set(:@mysqld_version_string, mysql_version_string_hash['mysql-5.7.6'][:string]) - provider.expects(:mysql).with([defaults_file, '-e', "ALTER USER 'joe'@'localhost' IDENTIFIED WITH mysql_native_password AS '*6C8989366EAF75BB670AD8EA7A7FC1176A95CEF5'"]).returns('0') - - provider.expects(:password_hash).returns('*6C8989366EAF75BB670AD8EA7A7FC1176A95CEF5') - provider.password_hash=('*6C8989366EAF75BB670AD8EA7A7FC1176A95CEF5') - end - it 'changes the hash mariadb-10.0' do - provider.class.instance_variable_set(:@mysqld_version_string, mysql_version_string_hash['mariadb-10.0'][:string]) - provider.expects(:mysql).with([defaults_file, '-e', "SET PASSWORD FOR 'joe'@'localhost' = '*6C8989366EAF75BB670AD8EA7A7FC1176A95CEF5'"]).returns('0') - - provider.expects(:password_hash).returns('*6C8989366EAF75BB670AD8EA7A7FC1176A95CEF5') - provider.password_hash=('*6C8989366EAF75BB670AD8EA7A7FC1176A95CEF5') - end - it 'changes the hash percona-5.5' do - provider.class.instance_variable_set(:@mysqld_version_string, mysql_version_string_hash['percona-5.5'][:string]) - provider.expects(:mysql).with([defaults_file, '-e', "SET PASSWORD FOR 'joe'@'localhost' = '*6C8989366EAF75BB670AD8EA7A7FC1176A95CEF5'"]).returns('0') - - provider.expects(:password_hash).returns('*6C8989366EAF75BB670AD8EA7A7FC1176A95CEF5') - provider.password_hash=('*6C8989366EAF75BB670AD8EA7A7FC1176A95CEF5') - end - end - - ['max_user_connections', 'max_connections_per_hour', 'max_queries_per_hour', - 'max_updates_per_hour'].each do |property| - - describe property do - it "returns #{property}" do - expect(instance.send("#{property}".to_sym)).to eq('10') - end - end - - describe "#{property}=" do - it "changes #{property}" do - provider.expects(:mysql).with([defaults_file, '-e', "GRANT USAGE ON *.* TO 'joe'@'localhost' WITH #{property.upcase} 42"]).returns('0') - provider.expects(property.to_sym).returns('42') - provider.send("#{property}=".to_sym, '42') - end - end - end - -end diff --git a/mysql/spec/unit/puppet/type/mysql_database_spec.rb b/mysql/spec/unit/puppet/type/mysql_database_spec.rb deleted file mode 100644 index 7897d8109..000000000 --- a/mysql/spec/unit/puppet/type/mysql_database_spec.rb +++ /dev/null @@ -1,29 +0,0 @@ -require 'puppet' -require 'puppet/type/mysql_database' -describe Puppet::Type.type(:mysql_database) do - - before :each do - @user = Puppet::Type.type(:mysql_database).new(:name => 'test', :charset => 'utf8', :collate => 'utf8_blah_ci') - end - - it 'should accept a database name' do - expect(@user[:name]).to eq('test') - end - - it 'should accept a charset' do - @user[:charset] = 'latin1' - expect(@user[:charset]).to eq('latin1') - end - - it 'should accept a collate' do - @user[:collate] = 'latin1_swedish_ci' - expect(@user[:collate]).to eq('latin1_swedish_ci') - end - - it 'should require a name' do - expect { - Puppet::Type.type(:mysql_database).new({}) - }.to raise_error(Puppet::Error, 'Title or name must be provided') - end - -end diff --git a/mysql/spec/unit/puppet/type/mysql_grant_spec.rb b/mysql/spec/unit/puppet/type/mysql_grant_spec.rb deleted file mode 100644 index 9b33058bc..000000000 --- a/mysql/spec/unit/puppet/type/mysql_grant_spec.rb +++ /dev/null @@ -1,74 +0,0 @@ -require 'puppet' -require 'puppet/type/mysql_grant' -describe Puppet::Type.type(:mysql_grant) do - - before :each do - @user = Puppet::Type.type(:mysql_grant).new(:name => 'foo@localhost/*.*', :privileges => ['ALL', 'PROXY'], :table => ['*.*','@'], :user => 'foo@localhost') - end - - it 'should accept a grant name' do - expect(@user[:name]).to eq('foo@localhost/*.*') - end - - it 'should accept ALL privileges' do - @user[:privileges] = 'ALL' - expect(@user[:privileges]).to eq(['ALL']) - end - - it 'should accept PROXY privilege' do - @user[:privileges] = 'PROXY' - expect(@user[:privileges]).to eq(['PROXY']) - end - - it 'should accept a table' do - @user[:table] = '*.*' - expect(@user[:table]).to eq('*.*') - end - - it 'should accept @ for table' do - @user[:table] = '@' - expect(@user[:table]).to eq('@') - end - - it 'should accept a user' do - @user[:user] = 'foo@localhost' - expect(@user[:user]).to eq('foo@localhost') - end - - it 'should require a name' do - expect { - Puppet::Type.type(:mysql_grant).new({}) - }.to raise_error(Puppet::Error, 'Title or name must be provided') - end - - it 'should require the name to match the user and table' do - expect { - Puppet::Type.type(:mysql_grant).new(:name => 'foo', :privileges => ['ALL', 'PROXY'], :table => ['*.*','@'], :user => 'foo@localhost') - }.to raise_error /name must match user and table parameters/ - end - - describe 'it should munge privileges' do - - it 'to just ALL' do - @user = Puppet::Type.type(:mysql_grant).new( - :name => 'foo@localhost/*.*', :table => ['*.*','@'], :user => 'foo@localhost', - :privileges => ['ALL', 'PROXY'] ) - expect(@user[:privileges]).to eq(['ALL']) - end - - it 'to upcase and ordered' do - @user = Puppet::Type.type(:mysql_grant).new( - :name => 'foo@localhost/*.*', :table => ['*.*','@'], :user => 'foo@localhost', - :privileges => ['select', 'Insert'] ) - expect(@user[:privileges]).to eq(['INSERT', 'SELECT']) - end - - it 'ordered including column privileges' do - @user = Puppet::Type.type(:mysql_grant).new( - :name => 'foo@localhost/*.*', :table => ['*.*','@'], :user => 'foo@localhost', - :privileges => ['SELECT(Host,Address)', 'Insert'] ) - expect(@user[:privileges]).to eq(['INSERT', 'SELECT (Address, Host)']) - end - end - -end diff --git a/mysql/spec/unit/puppet/type/mysql_plugin_spec.rb b/mysql/spec/unit/puppet/type/mysql_plugin_spec.rb deleted file mode 100644 index e94c518b7..000000000 --- a/mysql/spec/unit/puppet/type/mysql_plugin_spec.rb +++ /dev/null @@ -1,24 +0,0 @@ -require 'puppet' -require 'puppet/type/mysql_plugin' -describe Puppet::Type.type(:mysql_plugin) do - - before :each do - @plugin = Puppet::Type.type(:mysql_plugin).new(:name => 'test', :soname => 'test.so') - end - - it 'should accept a plugin name' do - expect(@plugin[:name]).to eq('test') - end - - it 'should accept a library name' do - @plugin[:soname] = 'test.so' - expect(@plugin[:soname]).to eq('test.so') - end - - it 'should require a name' do - expect { - Puppet::Type.type(:mysql_plugin).new({}) - }.to raise_error(Puppet::Error, 'Title or name must be provided') - end - -end diff --git a/mysql/spec/unit/puppet/type/mysql_user_spec.rb b/mysql/spec/unit/puppet/type/mysql_user_spec.rb deleted file mode 100644 index 24530d8a3..000000000 --- a/mysql/spec/unit/puppet/type/mysql_user_spec.rb +++ /dev/null @@ -1,131 +0,0 @@ -require 'puppet' -require 'puppet/type/mysql_user' -describe Puppet::Type.type(:mysql_user) do - - context "On MySQL 5.x" do - let(:facts) {{ :mysql_version => '5.6.24' }} - it 'should fail with a long user name' do - expect { - Puppet::Type.type(:mysql_user).new({:name => '12345678901234567@localhost', :password_hash => 'pass'}) - }.to raise_error /MySQL usernames are limited to a maximum of 16 characters/ - end - end - - context "On MariaDB 10.0.0+" do - let(:facts) {{ :mysql_version => '10.0.19' }} - it 'should succeed with a long user name on MariaDB' do - expect { - Puppet::Type.type(:mysql_user).new({:name => '12345678901234567@localhost', :password_hash => 'pass'}) - }.to raise_error /MySQL usernames are limited to a maximum of 16 characters/ - end - end - - it 'should require a name' do - expect { - Puppet::Type.type(:mysql_user).new({}) - }.to raise_error(Puppet::Error, 'Title or name must be provided') - end - - context 'using foo@localhost' do - before :each do - @user = Puppet::Type.type(:mysql_user).new(:name => 'foo@localhost', :password_hash => 'pass') - end - - it 'should accept a user name' do - expect(@user[:name]).to eq('foo@localhost') - end - - it 'should accept a password' do - @user[:password_hash] = 'foo' - expect(@user[:password_hash]).to eq('foo') - end - end - - context 'using foo@LocalHost' do - before :each do - @user = Puppet::Type.type(:mysql_user).new(:name => 'foo@LocalHost', :password_hash => 'pass') - end - - it 'should lowercase the user name' do - expect(@user[:name]).to eq('foo@localhost') - end - end - - context 'using foo@192.168.1.0/255.255.255.0' do - before :each do - @user = Puppet::Type.type(:mysql_user).new(:name => 'foo@192.168.1.0/255.255.255.0', :password_hash => 'pass') - end - - it 'should create the user with the netmask' do - expect(@user[:name]).to eq('foo@192.168.1.0/255.255.255.0') - end - end - - context 'using allo_wed$char@localhost' do - before :each do - @user = Puppet::Type.type(:mysql_user).new(:name => 'allo_wed$char@localhost', :password_hash => 'pass') - end - - it 'should accept a user name' do - expect(@user[:name]).to eq('allo_wed$char@localhost') - end - end - - context 'ensure the default \'debian-sys-main\'@localhost user can be parsed' do - before :each do - @user = Puppet::Type.type(:mysql_user).new(:name => '\'debian-sys-maint\'@localhost', :password_hash => 'pass') - end - - it 'should accept a user name' do - expect(@user[:name]).to eq('\'debian-sys-maint\'@localhost') - end - end - - context 'using a quoted 16 char username' do - let(:facts) {{ :mysql_version => '5.6.24' }} - before :each do - @user = Puppet::Type.type(:mysql_user).new(:name => '"debian-sys-maint"@localhost', :password_hash => 'pass') - end - - it 'should accept a user name' do - expect(@user[:name]).to eq('"debian-sys-maint"@localhost') - end - end - - context 'using a quoted username that is too long ' do - let(:facts) {{ :mysql_version => '5.6.24' }} - it 'should fail with a size error' do - expect { - Puppet::Type.type(:mysql_user).new(:name => '"debian-sys-maint2"@localhost', :password_hash => 'pass') - }.to raise_error /MySQL usernames are limited to a maximum of 16 characters/ - end - end - - context 'using `speci!al#`@localhost' do - before :each do - @user = Puppet::Type.type(:mysql_user).new(:name => '`speci!al#`@localhost', :password_hash => 'pass') - end - - it 'should accept a quoted user name with special chatracters' do - expect(@user[:name]).to eq('`speci!al#`@localhost') - end - end - - context 'using in-valid@localhost' do - before :each do - @user = Puppet::Type.type(:mysql_user).new(:name => 'in-valid@localhost', :password_hash => 'pass') - end - - it 'should accept a user name with special chatracters' do - expect(@user[:name]).to eq('in-valid@localhost') - end - end - - context 'using "misquoted@localhost' do - it 'should fail with a misquoted username is used' do - expect { - Puppet::Type.type(:mysql_user).new(:name => '"misquoted@localhost', :password_hash => 'pass') - }.to raise_error /Invalid database user "misquoted@localhost/ - end - end -end diff --git a/mysql/templates/meb.cnf.erb b/mysql/templates/meb.cnf.erb deleted file mode 100644 index d157af99a..000000000 --- a/mysql/templates/meb.cnf.erb +++ /dev/null @@ -1,18 +0,0 @@ -### MANAGED BY PUPPET ### - -<% @options.sort.map do |k,v| -%> -<% if v.is_a?(Hash) -%> -[<%= k %>] -<% v.sort.map do |ki, vi| -%> -<% if vi == true or v == '' -%> -<%= ki %> -<% elsif vi.is_a?(Array) -%> -<% vi.each do |vii| -%> -<%= ki %> = <%= vii %> -<% end -%> -<% elsif ![nil, '', :undef].include?(vi) -%> -<%= ki %> = <%= vi %> -<% end -%> -<% end -%> -<% end %> -<% end -%> diff --git a/mysql/templates/my.cnf.erb b/mysql/templates/my.cnf.erb deleted file mode 100644 index 7d1f1486b..000000000 --- a/mysql/templates/my.cnf.erb +++ /dev/null @@ -1,24 +0,0 @@ -### MANAGED BY PUPPET ### - -<% @options.sort.map do |k,v| -%> -<% if v.is_a?(Hash) -%> -[<%= k %>] -<% v.sort.map do |ki, vi| -%> -<% if ki == 'ssl-disable' or (ki =~ /^ssl/ and v['ssl-disable'] == true) -%> -<% next %> -<% elsif vi == true or vi == '' -%> -<%= ki %> -<% elsif vi.is_a?(Array) -%> -<% vi.each do |vii| -%> -<%= ki %> = <%= vii %> -<% end -%> -<% elsif ![nil, '', :undef].include?(vi) -%> -<%= ki %> = <%= vi %> -<% end -%> -<% end -%> -<% end %> -<% end -%> - -<% if @includedir and @includedir != '' %> -!includedir <%= @includedir %> -<% end %> diff --git a/mysql/templates/my.cnf.pass.erb b/mysql/templates/my.cnf.pass.erb deleted file mode 100644 index b82cca3f7..000000000 --- a/mysql/templates/my.cnf.pass.erb +++ /dev/null @@ -1,11 +0,0 @@ -### MANAGED BY PUPPET ### - -<% %w(mysql client mysqldump mysqladmin mysqlcheck).each do |section| %> -[<%= section -%>] -user=root -host=localhost -<% unless scope.lookupvar('mysql::server::root_password') == 'UNSET' -%> -password='<%= scope.lookupvar('mysql::server::root_password') %>' -<% end -%> -socket=<%= @options['client']['socket'] %> -<% end %> diff --git a/mysql/templates/mysqlbackup.sh.erb b/mysql/templates/mysqlbackup.sh.erb deleted file mode 100755 index 42464329c..000000000 --- a/mysql/templates/mysqlbackup.sh.erb +++ /dev/null @@ -1,100 +0,0 @@ -<%- if @kernel == 'Linux' -%> -#!/bin/bash -<%- else -%> -#!/bin/sh -<%- end -%> -# -# MySQL Backup Script -# Dumps mysql databases to a file for another backup tool to pick up. -# -# MySQL code: -# GRANT SELECT, RELOAD, LOCK TABLES ON *.* TO 'user'@'localhost' -# IDENTIFIED BY 'password'; -# FLUSH PRIVILEGES; -# -##### START CONFIG ################################################### - -USER=<%= @backupuser %> -PASS='<%= @backuppassword %>' -DIR=<%= @backupdir %> -ROTATE=<%= [ Integer(@backuprotate) - 1, 0 ].max %> - -# Create temporary mysql cnf file. -TMPFILE=`mktemp /tmp/backup.XXXXXX` || exit 1 -echo -e "[client]\npassword=$PASS\nuser=$USER" > $TMPFILE - -PREFIX=mysql_backup_ -<% if @ignore_events %> -ADDITIONAL_OPTIONS="--ignore-table=mysql.event" -<% else %> -ADDITIONAL_OPTIONS="--events" -<% end %> -<%# Only include routines or triggers if we're doing a file per database -%> -<%# backup. This happens if we named databases, or if we explicitly set -%> -<%# file per database mode -%> -<% if !@backupdatabases.empty? || @file_per_database -%> -<% if @include_triggers -%> -ADDITIONAL_OPTIONS="$ADDITIONAL_OPTIONS --triggers" -<% else -%> -ADDITIONAL_OPTIONS="$ADDITIONAL_OPTIONS --skip-triggers" -<% end -%> -<% if @include_routines -%> -ADDITIONAL_OPTIONS="$ADDITIONAL_OPTIONS --routines" -<% else -%> -ADDITIONAL_OPTIONS="$ADDITIONAL_OPTIONS --skip-routines" -<% end -%> -<% end -%> - -##### STOP CONFIG #################################################### -PATH=<%= @execpath %> - - - -<%- if @kernel == 'Linux' -%> -set -o pipefail -<%- end -%> - -cleanup() -{ - find "${DIR}/" -maxdepth 1 -type f -name "${PREFIX}*.sql*" -mtime +${ROTATE} -print0 | xargs -0 -r rm -f -} - -<% if @delete_before_dump -%> -cleanup - -<% end -%> -<% if @backupdatabases.empty? -%> -<% if @file_per_database -%> -mysql --defaults-file=$TMPFILE -s -r -N -e 'SHOW DATABASES' | while read dbname -do - mysqldump --defaults-file=$TMPFILE --opt --flush-logs --single-transaction \ - ${ADDITIONAL_OPTIONS} \ - ${dbname} <% if @backupcompress %>| bzcat -zc <% end %>> ${DIR}/${PREFIX}${dbname}_`date +%Y%m%d-%H%M%S`.sql<% if @backupcompress %>.bz2<% end %> -done -<% else -%> -mysqldump --defaults-file=$TMPFILE --opt --flush-logs --single-transaction \ - ${ADDITIONAL_OPTIONS} \ - --all-databases <% if @backupcompress %>| bzcat -zc <% end %>> ${DIR}/${PREFIX}`date +%Y%m%d-%H%M%S`.sql<% if @backupcompress %>.bz2<% end %> -<% end -%> -<% else -%> -<% @backupdatabases.each do |db| -%> -mysqldump --defaults-file=$TMPFILE --opt --flush-logs --single-transaction \ - ${ADDITIONAL_OPTIONS} \ - <%= db %><% if @backupcompress %>| bzcat -zc <% end %>> ${DIR}/${PREFIX}<%= db %>_`date +%Y%m%d-%H%M%S`.sql<% if @backupcompress %>.bz2<% end %> -<% end -%> -<% end -%> - -<% unless @delete_before_dump -%> -if [ $? -eq 0 ] ; then - cleanup -fi -<% end -%> - -<% if @postscript -%> - <%- [@postscript].flatten.compact.each do |script|%> -<%= script %> - <%- end -%> -<% end -%> - -# Remove temporary file -rm -f $TMPFILE diff --git a/mysql/templates/xtrabackup.sh.erb b/mysql/templates/xtrabackup.sh.erb deleted file mode 100644 index 14493983e..000000000 --- a/mysql/templates/xtrabackup.sh.erb +++ /dev/null @@ -1,21 +0,0 @@ -<%- if @kernel == 'Linux' -%> -#!/bin/bash -<%- else -%> -#!/bin/sh -<%- end -%> -# -# A wrapper for Xtrabackup -# -<% if @prescript -%> - <%- [@prescript].flatten.compact.each do |script| %> -<%= script %> - <%- end -%> -<% end -%> - -innobackupex "$@" - -<% if @postscript -%> - <%- [@postscript].flatten.compact.each do |script| %> -<%= script %> - <%- end -%> -<% end -%> diff --git a/n1k_vsm/.fixtures.yml b/n1k_vsm/.fixtures.yml deleted file mode 100644 index d49a7ae66..000000000 --- a/n1k_vsm/.fixtures.yml +++ /dev/null @@ -1,6 +0,0 @@ -fixtures: - repositories: - 'stdlib': 'git://github.com/puppetlabs/puppetlabs-stdlib.git' - 'vswitch': 'git://github.com/openstack/puppet-vswitch' - symlinks: - "n1k_vsm": "#{source_dir}" diff --git a/n1k_vsm/.gitignore b/n1k_vsm/.gitignore deleted file mode 100644 index d4a93a066..000000000 --- a/n1k_vsm/.gitignore +++ /dev/null @@ -1,4 +0,0 @@ -*.swp -spec/fixtures/modules/* -pkg -Gemfile.lock diff --git a/n1k_vsm/.gitreview b/n1k_vsm/.gitreview deleted file mode 100644 index ce3a11e00..000000000 --- a/n1k_vsm/.gitreview +++ /dev/null @@ -1,4 +0,0 @@ -[gerrit] -host=review.openstack.org -port=29418 -project=openstack/puppet-n1k-vsm.git diff --git a/n1k_vsm/Gemfile b/n1k_vsm/Gemfile deleted file mode 100644 index 6d4ce9a07..000000000 --- a/n1k_vsm/Gemfile +++ /dev/null @@ -1,36 +0,0 @@ -source ENV['GEM_SOURCE'] || "https://rubygems.org" - -group :development, :test do - gem 'puppetlabs_spec_helper', :require => 'false' - gem 'rspec-puppet', '~> 2.2.0', :require => 'false' - gem 'metadata-json-lint', :require => 'false' - gem 'puppet-lint-param-docs', :require => 'false' - gem 'puppet-lint-absolute_classname-check', :require => 'false' - gem 'puppet-lint-absolute_template_path', :require => 'false' - gem 'puppet-lint-trailing_newline-check', :require => 'false' - gem 'puppet-lint-unquoted_string-check', :require => 'false' - gem 'puppet-lint-leading_zero-check', :require => 'false' - gem 'puppet-lint-variable_contains_upcase', :require => 'false' - gem 'puppet-lint-numericvariable', :require => 'false' - gem 'json', :require => 'false' - gem 'webmock', :require => 'false' -end - -group :system_tests do - gem 'beaker-rspec', :require => 'false' - gem 'beaker-puppet_install_helper', :require => 'false' -end - -if facterversion = ENV['FACTER_GEM_VERSION'] - gem 'facter', facterversion, :require => false -else - gem 'facter', :require => false -end - -if puppetversion = ENV['PUPPET_GEM_VERSION'] - gem 'puppet', puppetversion, :require => false -else - gem 'puppet', :require => false -end - -# vim:ft=ruby diff --git a/n1k_vsm/LICENSE b/n1k_vsm/LICENSE deleted file mode 100644 index 67db85882..000000000 --- a/n1k_vsm/LICENSE +++ /dev/null @@ -1,175 +0,0 @@ - - Apache License - Version 2.0, January 2004 - http://www.apache.org/licenses/ - - TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION - - 1. Definitions. - - "License" shall mean the terms and conditions for use, reproduction, - and distribution as defined by Sections 1 through 9 of this document. - - "Licensor" shall mean the copyright owner or entity authorized by - the copyright owner that is granting the License. - - "Legal Entity" shall mean the union of the acting entity and all - other entities that control, are controlled by, or are under common - control with that entity. For the purposes of this definition, - "control" means (i) the power, direct or indirect, to cause the - direction or management of such entity, whether by contract or - otherwise, or (ii) ownership of fifty percent (50%) or more of the - outstanding shares, or (iii) beneficial ownership of such entity. - - "You" (or "Your") shall mean an individual or Legal Entity - exercising permissions granted by this License. - - "Source" form shall mean the preferred form for making modifications, - including but not limited to software source code, documentation - source, and configuration files. - - "Object" form shall mean any form resulting from mechanical - transformation or translation of a Source form, including but - not limited to compiled object code, generated documentation, - and conversions to other media types. - - "Work" shall mean the work of authorship, whether in Source or - Object form, made available under the License, as indicated by a - copyright notice that is included in or attached to the work - (an example is provided in the Appendix below). - - "Derivative Works" shall mean any work, whether in Source or Object - form, that is based on (or derived from) the Work and for which the - editorial revisions, annotations, elaborations, or other modifications - represent, as a whole, an original work of authorship. For the purposes - of this License, Derivative Works shall not include works that remain - separable from, or merely link (or bind by name) to the interfaces of, - the Work and Derivative Works thereof. - - "Contribution" shall mean any work of authorship, including - the original version of the Work and any modifications or additions - to that Work or Derivative Works thereof, that is intentionally - submitted to Licensor for inclusion in the Work by the copyright owner - or by an individual or Legal Entity authorized to submit on behalf of - the copyright owner. For the purposes of this definition, "submitted" - means any form of electronic, verbal, or written communication sent - to the Licensor or its representatives, including but not limited to - communication on electronic mailing lists, source code control systems, - and issue tracking systems that are managed by, or on behalf of, the - Licensor for the purpose of discussing and improving the Work, but - excluding communication that is conspicuously marked or otherwise - designated in writing by the copyright owner as "Not a Contribution." - - "Contributor" shall mean Licensor and any individual or Legal Entity - on behalf of whom a Contribution has been received by Licensor and - subsequently incorporated within the Work. - - 2. Grant of Copyright License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - copyright license to reproduce, prepare Derivative Works of, - publicly display, publicly perform, sublicense, and distribute the - Work and such Derivative Works in Source or Object form. - - 3. Grant of Patent License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - (except as stated in this section) patent license to make, have made, - use, offer to sell, sell, import, and otherwise transfer the Work, - where such license applies only to those patent claims licensable - by such Contributor that are necessarily infringed by their - Contribution(s) alone or by combination of their Contribution(s) - with the Work to which such Contribution(s) was submitted. If You - institute patent litigation against any entity (including a - cross-claim or counterclaim in a lawsuit) alleging that the Work - or a Contribution incorporated within the Work constitutes direct - or contributory patent infringement, then any patent licenses - granted to You under this License for that Work shall terminate - as of the date such litigation is filed. - - 4. Redistribution. You may reproduce and distribute copies of the - Work or Derivative Works thereof in any medium, with or without - modifications, and in Source or Object form, provided that You - meet the following conditions: - - (a) You must give any other recipients of the Work or - Derivative Works a copy of this License; and - - (b) You must cause any modified files to carry prominent notices - stating that You changed the files; and - - (c) You must retain, in the Source form of any Derivative Works - that You distribute, all copyright, patent, trademark, and - attribution notices from the Source form of the Work, - excluding those notices that do not pertain to any part of - the Derivative Works; and - - (d) If the Work includes a "NOTICE" text file as part of its - distribution, then any Derivative Works that You distribute must - include a readable copy of the attribution notices contained - within such NOTICE file, excluding those notices that do not - pertain to any part of the Derivative Works, in at least one - of the following places: within a NOTICE text file distributed - as part of the Derivative Works; within the Source form or - documentation, if provided along with the Derivative Works; or, - within a display generated by the Derivative Works, if and - wherever such third-party notices normally appear. The contents - of the NOTICE file are for informational purposes only and - do not modify the License. You may add Your own attribution - notices within Derivative Works that You distribute, alongside - or as an addendum to the NOTICE text from the Work, provided - that such additional attribution notices cannot be construed - as modifying the License. - - You may add Your own copyright statement to Your modifications and - may provide additional or different license terms and conditions - for use, reproduction, or distribution of Your modifications, or - for any such Derivative Works as a whole, provided Your use, - reproduction, and distribution of the Work otherwise complies with - the conditions stated in this License. - - 5. Submission of Contributions. Unless You explicitly state otherwise, - any Contribution intentionally submitted for inclusion in the Work - by You to the Licensor shall be under the terms and conditions of - this License, without any additional terms or conditions. - Notwithstanding the above, nothing herein shall supersede or modify - the terms of any separate license agreement you may have executed - with Licensor regarding such Contributions. - - 6. Trademarks. This License does not grant permission to use the trade - names, trademarks, service marks, or product names of the Licensor, - except as required for reasonable and customary use in describing the - origin of the Work and reproducing the content of the NOTICE file. - - 7. Disclaimer of Warranty. Unless required by applicable law or - agreed to in writing, Licensor provides the Work (and each - Contributor provides its Contributions) on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or - implied, including, without limitation, any warranties or conditions - of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A - PARTICULAR PURPOSE. You are solely responsible for determining the - appropriateness of using or redistributing the Work and assume any - risks associated with Your exercise of permissions under this License. - - 8. Limitation of Liability. In no event and under no legal theory, - whether in tort (including negligence), contract, or otherwise, - unless required by applicable law (such as deliberate and grossly - negligent acts) or agreed to in writing, shall any Contributor be - liable to You for damages, including any direct, indirect, special, - incidental, or consequential damages of any character arising as a - result of this License or out of the use or inability to use the - Work (including but not limited to damages for loss of goodwill, - work stoppage, computer failure or malfunction, or any and all - other commercial damages or losses), even if such Contributor - has been advised of the possibility of such damages. - - 9. Accepting Warranty or Additional Liability. While redistributing - the Work or Derivative Works thereof, You may choose to offer, - and charge a fee for, acceptance of support, warranty, indemnity, - or other liability obligations and/or rights consistent with this - License. However, in accepting such obligations, You may act only - on Your own behalf and on Your sole responsibility, not on behalf - of any other Contributor, and only if You agree to indemnify, - defend, and hold each Contributor harmless for any liability - incurred by, or claims asserted against, such Contributor by reason - of your accepting any such warranty or additional liability. diff --git a/n1k_vsm/README.md b/n1k_vsm/README.md deleted file mode 100644 index 54f9b892f..000000000 --- a/n1k_vsm/README.md +++ /dev/null @@ -1,4 +0,0 @@ -puppet-n1k-vsm -============== - -VSM deployment code for N1k. diff --git a/n1k_vsm/Rakefile b/n1k_vsm/Rakefile deleted file mode 100644 index f01e55e20..000000000 --- a/n1k_vsm/Rakefile +++ /dev/null @@ -1,7 +0,0 @@ -require 'puppetlabs_spec_helper/rake_tasks' -require 'puppet-lint/tasks/puppet-lint' - -PuppetLint.configuration.fail_on_warnings = true -PuppetLint.configuration.send('disable_80chars') -PuppetLint.configuration.send('disable_class_parameter_defaults') -PuppetLint.configuration.send('disable_autoloader_layout') diff --git a/n1k_vsm/files/n1kv b/n1k_vsm/files/n1kv deleted file mode 100755 index 25c368b77..000000000 --- a/n1k_vsm/files/n1kv +++ /dev/null @@ -1,5 +0,0 @@ -#!/bin/sh - -/etc/init.d/network restart -systemctl start libvirtd.service - diff --git a/n1k_vsm/files/repackiso.py b/n1k_vsm/files/repackiso.py deleted file mode 100755 index 317da1afc..000000000 --- a/n1k_vsm/files/repackiso.py +++ /dev/null @@ -1,145 +0,0 @@ -#!/usr/bin/python -import shutil, tempfile, os, optparse, logging, sys - -usage = "usage: %prog [options]" -parser = optparse.OptionParser(usage=usage) -parser.add_option("-i", "--isofile", help="ISO image", dest="isoimg") -parser.add_option("-d", "--domainid", help="Domain id ", dest="domainid") -parser.add_option("-n", "--vsmname", help="VSM name", dest="vsmname") -parser.add_option("-m", "--mgmtip", help="Management Ip address", dest="mgmtip") -parser.add_option("-s", "--mgmtsubnet", help="Management Subnet", dest="mgmtsubnet") -parser.add_option("-g", "--gateway", help="Management gateway", dest="mgmtgateway") -parser.add_option("-p", "--password", help="Admin account password", dest="adminpasswd") -parser.add_option("-r", "--vsmrole", help="VSM Role, primary ,secondary or standalone", dest="vsmrole") -parser.add_option("-f", "--file", help="Repackaged file", dest="repackediso") -(options, args) = parser.parse_args() - -isoimg = options.isoimg -domainid = int(options.domainid) -vsmname = options.vsmname -mgmtip = options.mgmtip -mgmtsubnet = options.mgmtsubnet -mgmtgateway = options.mgmtgateway -adminpasswd = options.adminpasswd -vsmrole = options.vsmrole -repackediso = options.repackediso - - -class Command(object): - """Run a command and capture it's output string, error string and exit status""" - def __init__(self, command): - self.command = command - - def run(self, shell=True): - import subprocess as sp - process = sp.Popen(self.command, shell = shell, stdout = sp.PIPE, stderr = sp.PIPE) - self.pid = process.pid - self.output, self.error = process.communicate() - self.failed = process.returncode - return self - - @property - def returncode(self): - return self.failed - -def createOvfEnvXmlFile(domain, gateway, hostname, ip, subnet, password, vsm_mode): - #TODO: write a proper xml - ovf_f = tempfile.NamedTemporaryFile(delete=False) - - st = ' \n' - st += ' "/usr/bin/qemu-img create -f raw ${n1k_vsm::diskfile} ${n1k_vsm::disksize}G", - creates => $n1k_vsm::diskfile, - } - - $targetxmlfile = "/var/spool/cisco/vsm/vsm_${n1k_vsm::vsm_role}_deploy.xml" - file { 'File_Target_XML_File': - path => $targetxmlfile, - owner => 'root', - group => 'root', - mode => '0666', - seltype => 'virt_content_t', - content => template('n1k_vsm/vsm_vm.xml.erb'), - require => Exec['Exec_create_disk'], - } - - # Don't start VSM if this is pacemaker controlled deployment - if !($n1k_vsm::pacemaker_control) { - exec { 'Exec_Define_VSM': - command => "/usr/bin/virsh define ${targetxmlfile}", - unless => "/usr/bin/virsh list --all | grep -c ${n1k_vsm::vsmname}", - require => File['File_Target_XML_File'], - } - - exec { 'Exec_Launch_VSM': - command => "/usr/bin/virsh start ${n1k_vsm::vsmname}", - unless => ("/usr/bin/virsh list --all | grep ${n1k_vsm::vsmname} | grep -c running"), - require => Exec['Exec_Define_VSM'], - } - } else { - # For pacemker controlled deployment, set up the secondary VSM as well - # ensure tap interfaces and deploy the vsm - $ctrltap_s = 'vsm-ctrl1' - $mgmttap_s = 'vsm-mgmt1' - $pkttap_s = 'vsm-pkt1' - # Generate MACs - $ctrlmac_s = "52:54:${vmb[0]}${vmb[1]}:${vmb[2]}${vmb[3]}:${vmb[4]}${vmb[5]}:${vmb[6]}4" - $mgmtmac_s = "52:54:${vmb[0]}${vmb[1]}:${vmb[2]}${vmb[3]}:${vmb[4]}${vmb[5]}:${vmb[6]}5" - $pktmac_s = "52:54:${vmb[0]}${vmb[1]}:${vmb[2]}${vmb[3]}:${vmb[4]}${vmb[5]}:${vmb[6]}6" - - exec { 'Exec_create_disk_Secondary': - command => "/usr/bin/qemu-img create -f raw ${n1k_vsm::diskfile_s} ${n1k_vsm::disksize}G", - creates => $n1k_vsm::diskfile_s, - } - - $targetxmlfile_s = "/var/spool/cisco/vsm/vsm_${n1k_vsm::vsm_role_s}_deploy.xml" - file { 'File_Target_XML_File_Secondary': - path => $targetxmlfile_s, - owner => 'root', - group => 'root', - mode => '0666', - seltype => 'virt_content_t', - content => template('n1k_vsm/vsm_vm_secondary.xml.erb'), - require => Exec['Exec_create_disk_Secondary'], - } - } -} diff --git a/n1k_vsm/manifests/init.pp b/n1k_vsm/manifests/init.pp deleted file mode 100644 index ddcd42d00..000000000 --- a/n1k_vsm/manifests/init.pp +++ /dev/null @@ -1,125 +0,0 @@ -# == Class: n1k_vsm -# -# Deploy N1KV VSM as a VM on RHEL7 server. -# Support exists and tested for RedHat. -# (For Ubuntu/Debian platforms few changes and testing pending.) -# -# == Parameters: -# -# [*phy_if_bridge*] -# (required) Physical interface that will be moved to the bridge for mgmt trafic -# -# [*phy_gateway*] -# (required) Default gateway for the mgmt network -# -# [*vsm_role*] -# (required) Role (standalone/primary/secondary) of the Nexus1000v VSM -# -# [*vsm_domain_id*] -# (required) Domain id of the Nexus1000v VSM -# -# [*vsm_admin_passwd*] -# (required) Password of admin user on the Nexus1000v VSM -# -# [*vsm_mgmt_ip*] -# (required) IP of the management interface on the Nexus1000v VSM -# -# [*vsm_mgmt_netmask*] -# (required) IP netmask of the management interface of the Nexus1000v VSM -# -# [*vsm_mgmt_gateway*] -# (required) IP of the default gateway for the management interface of the Nexus1000v VSM -# -# [*n1kv_source*] -# (required) Location where to get the Nexus1000v VSM ISO/RPM package -# -# [*n1kv_version*] -# (required) Version of the Nexus1000v VSM -# -# [*pacemaker_control*] -# (optional) Set to determine if pacemaker will control the VSM. If true will deploy both -# primary and secondary VSMs on all nodes and will not start VSM. Defaults to false and -# thus is optional unless this functionality is being used. -# -# [*existing_bridge*] -# (required) If VSM should be installed behind an existing bridge, this should be set to -# true and the bridge name should be provided in phy_if_bridge. -# -# [*vsm_mac_base*] -# (optional) If set, provides randomization for the MAC addresses for the VSM VM(s). -# Should be a (random) hexadecimal number of at least 7 digits (more is fine). -# -# [*phy_bridge_vlan*] -# (optional) In the case that the management interface is a bridge with a tagged -# uplink port, the VLAN tag for that uplink port can be provided which will -# be applied on the patch port connecting vsm-br and the management bridge. -# -class n1k_vsm( - $n1kv_source = '', - $n1kv_version = 'latest', - $phy_if_bridge = 'enp1s0f0', - $phy_gateway, - $vsm_role = 'primary', - $vsm_domain_id, - $vsm_admin_passwd, - $vsm_mgmt_ip, - $vsm_mgmt_netmask, - $vsm_mgmt_gateway, - $pacemaker_control = false, - $existing_bridge = false, - $vsm_mac_base = '', - $phy_bridge_vlan = 0, -) { - - if($::osfamily != 'Redhat') { - #current support exists for Redhat family. - #Support for Debian will be added soon. - fail("Unsupported osfamily ${::osfamily}") - } - - # Ensure role is set to primary for pacemaker controlled deployment - # Additionally setup the extra variables for the secondary VSM - if ($n1k_vsm::pacemaker_control) { - $vsm_role_s = 'secondary' - $vsmname_s = 'vsm-s' - $imgfile_s = "/var/spool/cisco/vsm/${vsm_role_s}_repacked.iso" - $diskfile_s = "/var/spool/cisco/vsm/${vsm_role_s}_disk" - } - - if ($n1k_vsm::vsm_role == 'primary') or ($n1k_vsm::vsm_role == 'standalone') { - $vsmname = 'vsm-p' - $mgmtip = $vsm_mgmt_ip - $mgmtnetmask = $vsm_mgmt_netmask - $mgmtgateway = $vsm_mgmt_gateway - } else { # secondary - $vsmname = 'vsm-s' - $mgmtip = '0.0.0.0' - $mgmtnetmask = '0.0.0.0' - $mgmtgateway = '0.0.0.0' - } - - $consolepts = 2 - $memory = 4096000 - $vcpu = 2 - $disksize = 4 - $imgfile = "/var/spool/cisco/vsm/${n1k_vsm::vsm_role}_repacked.iso" - $diskfile = "/var/spool/cisco/vsm/${n1k_vsm::vsm_role}_disk" - - #Set bridge name properly - $ovsbridge = 'vsm-br' - - #VSM installation will be done only once. Will not respond to puppet sync - $_check_phy_if_bridge = regsubst($n1k_vsm::phy_if_bridge, '[.:-]+', '_', 'G') - $_phy_mac_addr = inline_template("<%= scope.lookupvar('::macaddress_${_check_phy_if_bridge}') %>") - if $_phy_mac_addr != '' { - include ::n1k_vsm::pkgprep_ovscfg - } - - notify {"Arg: intf ${phy_if_bridge} vsm_role ${vsm_role} domainid ${vsm_domain_id}" : withpath => true} - notify {"ovs ${ovsbridge} vsmname ${n1k_vsm::vsmname}" : withpath => true} - notify {"mgmtip ${n1k_vsm::mgmtip} vsm_mask ${n1k_vsm::mgmtnetmask} vsm_gw ${n1k_vsm::mgmtgateway}": withpath => false} - - include ::n1k_vsm::vsmprep - include ::n1k_vsm::deploy - Class['n1k_vsm::vsmprep'] -> Class['n1k_vsm::deploy'] -} diff --git a/n1k_vsm/manifests/pkgprep_ovscfg.pp b/n1k_vsm/manifests/pkgprep_ovscfg.pp deleted file mode 100644 index 512646da3..000000000 --- a/n1k_vsm/manifests/pkgprep_ovscfg.pp +++ /dev/null @@ -1,186 +0,0 @@ -# == Class: n1k_vsm::pkgprep_ovscfg -# This class prepares the packages and ovs bridge for the VSM VM -# This requires n1k_vsm class to set some environmental variables -# -class n1k_vsm::pkgprep_ovscfg -{ - require ::n1k_vsm - include ::n1k_vsm - - case $::osfamily { - 'RedHat': { - # Order indepedent resources - service { 'Service_network': - ensure => running, - name => 'network', - restart => '/sbin/service network restart || /bin/true', - } - - # VSM dependent packages installation section - package { 'Package_qemu-kvm': - ensure => installed, - name => 'qemu-kvm-rhev', - } - - package {'Package_libvirt': - ensure => installed, - name => 'libvirt', - } - - package { 'Package_libvirt-python': - ensure => installed, - name => 'libvirt-python', - } - - package { 'Package_ebtables': - ensure => installed, - name => 'ebtables', - } - - service { 'Service_libvirtd': - ensure => running, - name => 'libvirtd', - } - - # Virsh network exec configuration section - exec { 'Exec_removenet': - command => '/usr/bin/virsh net-destroy default || /bin/true', - unless => '/usr/bin/virsh net-info default | /bin/grep -c \'Active: .* no\'', - } - - exec { 'Exec_disableautostart': - command => '/usr/bin/virsh net-autostart --disable default || /bin/true', - unless => '/usr/bin/virsh net-info default | /bin/grep -c \'Autostart: .* no\'', - } - - # Ensure OVS is present - require vswitch::ovs - - package { 'genisoimage': - ensure => installed, - name => 'genisoimage', - } - - notify { "Debug br ${n1k_vsm::ovsbridge} intf ${n1k_vsm::phy_if_bridge} ." : withpath => true } - - $_ovsbridge = regsubst($n1k_vsm::ovsbridge, '[.:-]+', '_', 'G') - $_ovsbridge_mac = inline_template("<%= scope.lookupvar('::macaddress_${_ovsbridge}') %>") - - # Check if we've already configured the vsm bridge, skip configuration if so - if ($_ovsbridge_mac == '') { - - #Gather info from the port/bridge including IP if needed - $_phy_if_bridge = regsubst($n1k_vsm::phy_if_bridge, '[.:-]+', '_', 'G') - $_phy_ip_addr = inline_template("<%= scope.lookupvar('::ipaddress_${_phy_if_bridge}') %>") - if $_phy_ip_addr != '' and !($n1k_vsm::existing_bridge) { - $phy_ip_addr = inline_template("<%= scope.lookupvar('::ipaddress_${_phy_if_bridge}') %>") - $phy_ip_mask = inline_template("<%= scope.lookupvar('::netmask_${_phy_if_bridge}') %>") - $gw_intf = $n1k_vsm::phy_gateway - - notify {"ip ${phy_ip_addr} mask ${phy_ip_mask} gw ${n1k_vsm::phy_gateway} gw_dv ${gw_intf}" : withpath => true} - - # Modify Ovs bridge inteface configuation file (including IP) - augeas { 'Augeas_modify_ifcfg-ovsbridge': - name => $n1k_vsm::ovsbridge, - context => "/files/etc/sysconfig/network-scripts/ifcfg-${n1k_vsm::ovsbridge}", - changes => [ - 'set TYPE OVSBridge', - "set DEVICE ${n1k_vsm::ovsbridge}", - 'set DEVICETYPE ovs', - "set OVSREQUIRES ${n1k_vsm::ovsbridge}", - 'set NM_CONTROLLED no', - 'set BOOTPROTO none', - 'set ONBOOT yes', - 'set DEFROUTE yes', - 'set MTU 1500', - "set NAME ${n1k_vsm::ovsbridge}", - "set IPADDR ${phy_ip_addr}", - "set NETMASK ${phy_ip_mask}", - "set GATEWAY ${n1k_vsm::phy_gateway}", - 'set USERCTL no', - ], - } - } elsif ($n1k_vsm::existing_bridge) { - # Modify Ovs bridge inteface configuation file (without IP) - augeas { 'Augeas_modify_ifcfg-ovsbridge': - name => $n1k_vsm::ovsbridge, - context => "/files/etc/sysconfig/network-scripts/ifcfg-${n1k_vsm::ovsbridge}", - changes => [ - 'set TYPE OVSBridge', - "set DEVICE ${n1k_vsm::ovsbridge}", - 'set DEVICETYPE ovs', - "set OVSREQUIRES ${n1k_vsm::ovsbridge}", - 'set NM_CONTROLLED no', - 'set BOOTPROTO none', - 'set ONBOOT yes', - 'set DEFROUTE yes', - 'set MTU 1500', - "set NAME ${n1k_vsm::ovsbridge}", - 'set USERCTL no', - ], - } - } else { - # Error out here due to invalid interface specification - fail('Interface to be bridged for VSM must have IP address') - } - - exec { 'Flap_n1kv_bridge': - command => "/sbin/ifdown ${n1k_vsm::ovsbridge} && /sbin/ifup ${n1k_vsm::ovsbridge}", - require => Augeas['Augeas_modify_ifcfg-ovsbridge'], - } - - if !($n1k_vsm::existing_bridge) { - # If there isn't an existing bridge, the interface is a port, and we - # need to add it to vsm-br - - # Modify Physical Interface config file - augeas { 'Augeas_modify_ifcfg-phy_if_bridge': - name => $n1k_vsm::phy_if_bridge, - context => "/files/etc/sysconfig/network-scripts/ifcfg-${n1k_vsm::phy_if_bridge}", - changes => [ - 'set TYPE OVSPort', - "set DEVICE ${n1k_vsm::phy_if_bridge}", - 'set DEVICETYPE ovs', - "set OVS_BRIDGE ${n1k_vsm::ovsbridge}", - 'set NM_CONTROLLED no', - 'set BOOTPROTO none', - 'set ONBOOT yes', - "set NAME ${n1k_vsm::phy_if_bridge}", - 'set DEFROUTE no', - 'set IPADDR ""', - 'rm NETMASK', - 'rm GATEWAY', - 'set USERCTL no', - ], - } - exec { 'Flap_n1kv_phy_if': - command => "/sbin/ifdown ${n1k_vsm::phy_if_bridge} && /sbin/ifup ${n1k_vsm::phy_if_bridge}", - require => Augeas['Augeas_modify_ifcfg-phy_if_bridge'], - } - } else { - # If there is an existing bridge- create patch ports to connect vsm-br to it - exec { 'Create_patch_port_on_existing_bridge': - command => "/bin/ovs-vsctl --may-exist add-port ${n1k_vsm::phy_if_bridge} ${n1k_vsm::phy_if_bridge}-${n1k_vsm::ovsbridge} -- set Interface ${n1k_vsm::phy_if_bridge}-${n1k_vsm::ovsbridge} type=patch options:peer=${n1k_vsm::ovsbridge}-${n1k_vsm::phy_if_bridge}", - require => Exec['Flap_n1kv_bridge'], - } - exec { 'Create_patch_port_on_vsm_bridge': - command => "/bin/ovs-vsctl --may-exist add-port ${n1k_vsm::ovsbridge} ${n1k_vsm::ovsbridge}-${n1k_vsm::phy_if_bridge} -- set Interface ${n1k_vsm::ovsbridge}-${n1k_vsm::phy_if_bridge} type=patch options:peer=${n1k_vsm::phy_if_bridge}-${n1k_vsm::ovsbridge}", - require => Exec['Flap_n1kv_bridge'], - } - if ($n1k_vsm::phy_bridge_vlan > 0) and ($n1k_vsm::phy_bridge_vlan < 4096) { - exec { 'Tag_patch_port': - command => "/bin/ovs-vsctl set port ${n1k_vsm::phy_if_bridge}-${n1k_vsm::ovsbridge} tag=${n1k_vsm::phy_bridge_vlan}", - require => Exec['Create_patch_port_on_existing_bridge'], - } - } - } - } # endif of if ($_ovsbridge_mac == '') - } - 'Ubuntu': { - } - default: { - # bail out for unsupported OS - fail(": os[${::os}] is not supported") - } - } -} diff --git a/n1k_vsm/manifests/vsmprep.pp b/n1k_vsm/manifests/vsmprep.pp deleted file mode 100644 index f26f9e004..000000000 --- a/n1k_vsm/manifests/vsmprep.pp +++ /dev/null @@ -1,105 +0,0 @@ -# == Class: n1k_vsm::vsmprep -# -# This class prepares the VSM image to be deploy in a server -# This class requires n1k_vsm to set some environmental variables -# -class n1k_vsm::vsmprep -{ - include ::stdlib - require ::n1k_vsm - include ::n1k_vsm - - # prepare vsm folders - ensure_resource('file', '/var/spool/cisco/', { - ensure => directory, - owner => 'root', - group => 'root', - mode => '0664'} - ) - ensure_resource('file', '/var/spool/cisco/vsm', { - ensure => directory, - owner => 'root', - group => 'root', - mode => '0664'} - ) - - #Check source of n1kv-vsm image:yum-repo (or) local file in 'files' directory - if $n1k_vsm::n1kv_source != '' { - if ($n1k_vsm::n1kv_source =~ /^http/) or ($n1k_vsm::n1kv_source =~ /^ftp/) { - $vsmimage_uri = 'repo' - $vsm_path = '/opt/cisco/vsm' - } else { - $vsmimage_uri = 'file' - $vsmtgtimg = "/var/spool/cisco/vsm/${n1k_vsm::n1kv_source}" - $vsm_path = '/var/spool/cisco/vsm' - } - } else { - $vsmimage_uri = 'unspec' - $vsm_path = '/opt/cisco/vsm' - } - - if $vsmimage_uri == 'file' { - #specify location on target-host where image file will be downloaded to. - file { $vsmtgtimg: - owner => 'root', - group => 'root', - mode => '0664', - source => "puppet:///modules/n1k_vsm/${n1k_vsm::n1kv_source}", - require => File['/var/spool/cisco/vsm/'], - } - } else { - if $vsmimage_uri == 'repo' { - #vsm package: 'nexus-1000v-vsm' rpm will be downloaded and installed - #from below repo. - yumrepo { 'cisco-vsm-repo': - baseurl => $n1k_vsm::n1kv_source, - descr => 'Repo for VSM Image', - enabled => 1, - gpgcheck => 1, - gpgkey => "${n1k_vsm::n1kv_source}/RPM-GPG-KEY", - } - } - package {'nexus-1000v-iso': - ensure => 'present', - name => 'nexus-1000v-iso', - provider => 'yum', - } - } - - # copy repackiso.py to local place - file { 'VSM_Repackage_Script': - ensure => present, - path => '/tmp/repackiso.py', - owner => 'root', - group => 'root', - mode => '0774', - source => 'puppet:///modules/n1k_vsm/repackiso.py', - } - - # copy the latest VSM image to known name - if $n1k_vsm::n1kv_version == '' or $n1k_vsm::n1kv_version == 'latest'{ - exec { 'Exec_VSM_Rename': - command => "/bin/cp ${vsm_path}/`/bin/ls ${vsm_path} | /bin/sort -r | /bin/grep -m 1 iso` ${vsm_path}/current-n1000v.iso", - creates => "${vsm_path}/current-n1000v.iso", - } - } else { - exec { 'Exec_VSM_Rename_with_version': - command => "/bin/cp ${vsm_path}/n1000v-dk9.${n1k_vsm::n1kv_version}.iso ${vsm_path}/current-n1000v.iso", - creates => "${vsm_path}/current-n1000v.iso", - } - } - - # Now generate ovf xml file and repackage the iso - exec { 'Exec_VSM_Repackage_Script': - command => "/tmp/repackiso.py -i${vsm_path}/current-n1000v.iso -d${n1k_vsm::vsm_domain_id} -n${n1k_vsm::vsmname} -m${n1k_vsm::mgmtip} -s${n1k_vsm::mgmtnetmask} -g${n1k_vsm::mgmtgateway} -p${n1k_vsm::vsm_admin_passwd} -r${n1k_vsm::vsm_role} -f/var/spool/cisco/vsm/${n1k_vsm::vsm_role}_repacked.iso", - creates => "/var/spool/cisco/vsm/${n1k_vsm::vsm_role}_repacked.iso", - } - - # If we're under pacemaker_control, create a secondary VSM iso as well - if ($n1k_vsm::pacemaker_control) { - exec { 'Exec_VSM_Repackage_Script_secondary': - command => "/tmp/repackiso.py -i${vsm_path}/current-n1000v.iso -d${n1k_vsm::vsm_domain_id} -n${n1k_vsm::vsmname_s} -m${n1k_vsm::mgmtip} -s${n1k_vsm::mgmtnetmask} -g${n1k_vsm::mgmtgateway} -p${n1k_vsm::vsm_admin_passwd} -r${n1k_vsm::vsm_role_s} -f/var/spool/cisco/vsm/${n1k_vsm::vsm_role_s}_repacked.iso", - creates => "/var/spool/cisco/vsm/${n1k_vsm::vsm_role_s}_repacked.iso", - } - } -} diff --git a/n1k_vsm/metadata.json b/n1k_vsm/metadata.json deleted file mode 100644 index a20689865..000000000 --- a/n1k_vsm/metadata.json +++ /dev/null @@ -1,28 +0,0 @@ -{ - "name": "stackforge-n1kv_vsm", - "version": "0.0.2", - "author": "ChingWei Chang, Marga Millet and StackForge Contributors", - "summary": "Puppet module for Cisco Nexus1000v VSM", - "license": "Apache License 2.0", - "source": "git://github.com/stackforge/puppet-n1k-vsm.git", - "project_page": "https://launchpad.net/puppet-n1k-vsm", - "issues_url": "https://bugs.launchpad.net/puppet-n1k-vsm", - "requirements": [ - {"name": "pe","version_requirement": "3.x"}, - {"name": "puppet","version_requirement": "3.x"} - ], - "operatingsystem_support": [ - { - "operatingsystem": "RedHat", - "operatingsystemrelease": ["7"] - }, - { - "operatingsystem": "Ubuntu", - "operatingsystemrelease": ["12.04","14.04"] - } - ], - "description": "Installs and configures the Nexus1000v Virtual Supervisor module.", - "dependencies": [ - { "name": "stackforge/vswitch", "version_requirement": ">=1.0.0 <2.0.0" } - ] -} diff --git a/n1k_vsm/spec/acceptance/nodesets/centos-70-x64.yml b/n1k_vsm/spec/acceptance/nodesets/centos-70-x64.yml deleted file mode 100644 index 5f097e9fe..000000000 --- a/n1k_vsm/spec/acceptance/nodesets/centos-70-x64.yml +++ /dev/null @@ -1,11 +0,0 @@ -HOSTS: - centos-server-70-x64: - roles: - - master - platform: el-7-x86_64 - box: puppetlabs/centos-7.0-64-nocm - box_url: https://vagrantcloud.com/puppetlabs/centos-7.0-64-nocm - hypervisor: vagrant -CONFIG: - log_level: debug - type: foss diff --git a/n1k_vsm/spec/acceptance/nodesets/default.yml b/n1k_vsm/spec/acceptance/nodesets/default.yml deleted file mode 100644 index 3bb3e6264..000000000 --- a/n1k_vsm/spec/acceptance/nodesets/default.yml +++ /dev/null @@ -1,11 +0,0 @@ -HOSTS: - ubuntu-server-1404-x64: - roles: - - master - platform: ubuntu-14.04-amd64 - box: puppetlabs/ubuntu-14.04-64-nocm - box_url: https://vagrantcloud.com/puppetlabs/ubuntu-14.04-64-nocm - hypervisor: vagrant -CONFIG: - log_level: debug - type: git diff --git a/n1k_vsm/spec/acceptance/nodesets/nodepool-centos7.yml b/n1k_vsm/spec/acceptance/nodesets/nodepool-centos7.yml deleted file mode 100644 index c55287420..000000000 --- a/n1k_vsm/spec/acceptance/nodesets/nodepool-centos7.yml +++ /dev/null @@ -1,10 +0,0 @@ -HOSTS: - centos-70-x64: - roles: - - master - platform: el-7-x86_64 - hypervisor: none - ip: 127.0.0.1 -CONFIG: - type: foss - set_env: false diff --git a/n1k_vsm/spec/acceptance/nodesets/nodepool-trusty.yml b/n1k_vsm/spec/acceptance/nodesets/nodepool-trusty.yml deleted file mode 100644 index 7f503cadd..000000000 --- a/n1k_vsm/spec/acceptance/nodesets/nodepool-trusty.yml +++ /dev/null @@ -1,10 +0,0 @@ -HOSTS: - ubuntu-1404-x64: - roles: - - master - platform: ubuntu-14.04-amd64 - hypervisor: none - ip: 127.0.0.1 -CONFIG: - type: foss - set_env: false diff --git a/n1k_vsm/spec/acceptance/nodesets/ubuntu-server-1404-x64.yml b/n1k_vsm/spec/acceptance/nodesets/ubuntu-server-1404-x64.yml deleted file mode 100644 index 3bb3e6264..000000000 --- a/n1k_vsm/spec/acceptance/nodesets/ubuntu-server-1404-x64.yml +++ /dev/null @@ -1,11 +0,0 @@ -HOSTS: - ubuntu-server-1404-x64: - roles: - - master - platform: ubuntu-14.04-amd64 - box: puppetlabs/ubuntu-14.04-64-nocm - box_url: https://vagrantcloud.com/puppetlabs/ubuntu-14.04-64-nocm - hypervisor: vagrant -CONFIG: - log_level: debug - type: git diff --git a/n1k_vsm/spec/classes/n1kv_vsm_deploy_spec.rb b/n1k_vsm/spec/classes/n1kv_vsm_deploy_spec.rb deleted file mode 100644 index f3ff4aee2..000000000 --- a/n1k_vsm/spec/classes/n1kv_vsm_deploy_spec.rb +++ /dev/null @@ -1,156 +0,0 @@ -# -# Copyright (C) 2015 Cisco Systems Inc. -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. You may obtain -# a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the -# License for the specific language governing permissions and limitations -# under the License. -# - -require 'spec_helper' - -describe 'n1k_vsm::deploy' do - - let :params do - { } - end - - shared_examples_for 'n1k vsm deploy' do - - context 'for primary role' do - let :pre_condition do - "class { 'n1k_vsm': - phy_gateway => '1.1.1.3', - vsm_domain_id => '1', - vsm_admin_passwd => 'secrete', - vsm_mgmt_ip => '1.1.1.1', - vsm_mgmt_netmask => '255.255.255.0', - vsm_mgmt_gateway => '1.1.1.2', - vsm_role => 'primary', - pacemaker_control => false, - }" - end - - it 'creates disk' do - is_expected.to contain_exec('Exec_create_disk').with( - 'creates' => '/var/spool/cisco/vsm/primary_disk', - ) - end - - it 'creates xml' do - is_expected.to contain_file('File_Target_XML_File').with( - 'path' => '/var/spool/cisco/vsm/vsm_primary_deploy.xml', - ) - end - - it 'defines vsm' do - is_expected.to contain_exec('Exec_Define_VSM').with( - 'command' => '/usr/bin/virsh define /var/spool/cisco/vsm/vsm_primary_deploy.xml', - ) - end - - it 'launches vsm' do - is_expected.to contain_exec('Exec_Launch_VSM').with( - 'command' => '/usr/bin/virsh start vsm-p', - ) - end - end - - context 'for secondary role' do - let :pre_condition do - "class { 'n1k_vsm': - phy_gateway => '1.1.1.3', - vsm_domain_id => '1', - vsm_admin_passwd => 'secrete', - vsm_mgmt_ip => '1.1.1.1', - vsm_mgmt_netmask => '255.255.255.0', - vsm_mgmt_gateway => '1.1.1.2', - vsm_role => 'secondary', - pacemaker_control => false, - }" - end - - it 'creates disk' do - is_expected.to contain_exec('Exec_create_disk').with( - 'creates' => '/var/spool/cisco/vsm/secondary_disk', - ) - end - - it 'creates xml' do - is_expected.to contain_file('File_Target_XML_File').with( - 'path' => '/var/spool/cisco/vsm/vsm_secondary_deploy.xml', - ) - end - - it 'defines vsm' do - is_expected.to contain_exec('Exec_Define_VSM').with( - 'command' => '/usr/bin/virsh define /var/spool/cisco/vsm/vsm_secondary_deploy.xml', - ) - end - - it 'launches vsm' do - is_expected.to contain_exec('Exec_Launch_VSM').with( - 'command' => '/usr/bin/virsh start vsm-s', - ) - end - end - - context 'for pacemaker controlled' do - let :pre_condition do - "class { 'n1k_vsm': - phy_gateway => '1.1.1.3', - vsm_domain_id => '1', - vsm_admin_passwd => 'secrete', - vsm_mgmt_ip => '1.1.1.1', - vsm_mgmt_netmask => '255.255.255.0', - vsm_mgmt_gateway => '1.1.1.2', - vsm_role => 'primary', - pacemaker_control => true, - }" - end - - it 'creates disk' do - is_expected.to contain_exec('Exec_create_disk').with( - 'creates' => '/var/spool/cisco/vsm/primary_disk', - ) - end - - it 'creates xml' do - is_expected.to contain_file('File_Target_XML_File').with( - 'path' => '/var/spool/cisco/vsm/vsm_primary_deploy.xml', - ) - end - - it 'creates secondary disk' do - is_expected.to contain_exec('Exec_create_disk_Secondary').with( - 'creates' => '/var/spool/cisco/vsm/secondary_disk', - ) - end - - it 'creates secondary xml' do - is_expected.to contain_file('File_Target_XML_File_Secondary').with( - 'path' => '/var/spool/cisco/vsm/vsm_secondary_deploy.xml', - ) - end - - end - - end - - context 'on RedHat platforms' do - let :facts do - { :osfamily => 'RedHat' } - end - - it_configures 'n1k vsm deploy' - end - -end - diff --git a/n1k_vsm/spec/classes/n1kv_vsm_pkgprep_ovscfg_spec.rb b/n1k_vsm/spec/classes/n1kv_vsm_pkgprep_ovscfg_spec.rb deleted file mode 100644 index 3f01a0848..000000000 --- a/n1k_vsm/spec/classes/n1kv_vsm_pkgprep_ovscfg_spec.rb +++ /dev/null @@ -1,292 +0,0 @@ -# -# Copyright (C) 2015 Cisco Systems Inc. -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. You may obtain -# a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the -# License for the specific language governing permissions and limitations -# under the License. -# - -require 'spec_helper' - -describe 'n1k_vsm::pkgprep_ovscfg' do - - let :params do - { } - end - - shared_examples_for 'n1k vsm pkgprep_ovscfg' do - - context 'for default values' do - let :pre_condition do - "class { 'n1k_vsm': - phy_if_bridge => 'eth0', - phy_gateway => '1.1.1.3', - vsm_domain_id => '1', - vsm_admin_passwd => 'secrete', - vsm_mgmt_ip => '1.1.1.1', - vsm_mgmt_netmask => '255.255.255.0', - vsm_mgmt_gateway => '1.1.1.2', - existing_bridge => false, - }" - end - let :facts do - { - :ipaddress_eth0 => '1.1.1.1', - :netmask_eth0 => '255.255.255.0', - :osfamily => 'RedHat' - } - end - - it 'should require vswitch::ovs' do - is_expected.to contain_class('vswitch::ovs') - end - - it 'create ovs bridge' do - is_expected.to contain_augeas('Augeas_modify_ifcfg-ovsbridge').with( - 'name' => 'vsm-br', - 'context' => '/files/etc/sysconfig/network-scripts/ifcfg-vsm-br', - 'changes' => ['set TYPE OVSBridge', - 'set DEVICE vsm-br', - 'set DEVICETYPE ovs', - 'set OVSREQUIRES vsm-br', - 'set NM_CONTROLLED no', - 'set BOOTPROTO none', - 'set ONBOOT yes', - 'set DEFROUTE yes', - 'set MTU 1500', - 'set NAME vsm-br', - 'set IPADDR 1.1.1.1', - 'set NETMASK 255.255.255.0', - 'set GATEWAY 1.1.1.3', - 'set USERCTL no'] - ) - end - - it 'flap bridge' do - is_expected.to contain_exec('Flap_n1kv_bridge').with( - 'command' => '/sbin/ifdown vsm-br && /sbin/ifup vsm-br', - ).that_requires('Augeas[Augeas_modify_ifcfg-ovsbridge]') - end - - it 'attach phy if port to bridge' do - is_expected.to contain_augeas('Augeas_modify_ifcfg-phy_if_bridge').with( - 'name' => 'eth0', - 'context' => '/files/etc/sysconfig/network-scripts/ifcfg-eth0', - ) - end - - it 'flap port' do - is_expected.to contain_exec('Flap_n1kv_phy_if').with( - 'command' => '/sbin/ifdown eth0 && /sbin/ifup eth0', - ).that_requires('Augeas[Augeas_modify_ifcfg-phy_if_bridge]') - end - end - - context 'for existing bridge' do - let :pre_condition do - "class { 'n1k_vsm': - phy_if_bridge => 'br_ex', - phy_gateway => '1.1.1.3', - vsm_domain_id => '1', - vsm_admin_passwd => 'secrete', - vsm_mgmt_ip => '1.1.1.1', - vsm_mgmt_netmask => '255.255.255.0', - vsm_mgmt_gateway => '1.1.1.2', - existing_bridge => true, - }" - end - let :facts do - { - :ipaddress_br_ex => '1.1.1.6', - :osfamily => 'RedHat' - } - end - - it 'should require vswitch::ovs' do - is_expected.to contain_class('vswitch::ovs') - end - - it 'create ovs bridge' do - is_expected.to contain_augeas('Augeas_modify_ifcfg-ovsbridge').with( - 'name' => 'vsm-br', - 'context' => '/files/etc/sysconfig/network-scripts/ifcfg-vsm-br', - 'changes' => ['set TYPE OVSBridge', - 'set DEVICE vsm-br', - 'set DEVICETYPE ovs', - 'set OVSREQUIRES vsm-br', - 'set NM_CONTROLLED no', - 'set BOOTPROTO none', - 'set ONBOOT yes', - 'set DEFROUTE yes', - 'set MTU 1500', - 'set NAME vsm-br', - 'set USERCTL no'] - ) - end - - it 'flap bridge' do - is_expected.to contain_exec('Flap_n1kv_bridge').with( - 'command' => '/sbin/ifdown vsm-br && /sbin/ifup vsm-br', - ).that_requires('Augeas[Augeas_modify_ifcfg-ovsbridge]') - end - - it 'create patch port on existing bridge' do - is_expected.to contain_exec('Create_patch_port_on_existing_bridge').with( - 'command' => '/bin/ovs-vsctl --may-exist add-port br_ex br_ex-vsm-br -- set Interface br_ex-vsm-br type=patch options:peer=vsm-br-br_ex' - ).that_requires('Exec[Flap_n1kv_bridge]') - end - - it 'create patch port on vsm bridge' do - is_expected.to contain_exec('Create_patch_port_on_vsm_bridge').with( - 'command' => '/bin/ovs-vsctl --may-exist add-port vsm-br vsm-br-br_ex -- set Interface vsm-br-br_ex type=patch options:peer=br_ex-vsm-br' - ).that_requires('Exec[Flap_n1kv_bridge]') - end - end - - context 'for existing bridge no ip' do - let :pre_condition do - "class { 'n1k_vsm': - phy_if_bridge => 'br_ex', - phy_gateway => '1.1.1.3', - vsm_domain_id => '1', - vsm_admin_passwd => 'secrete', - vsm_mgmt_ip => '1.1.1.1', - vsm_mgmt_netmask => '255.255.255.0', - vsm_mgmt_gateway => '1.1.1.2', - existing_bridge => true, - }" - end - let :facts do - { - :osfamily => 'RedHat' - } - end - - it 'should require vswitch::ovs' do - is_expected.to contain_class('vswitch::ovs') - end - - it 'create ovs bridge' do - is_expected.to contain_augeas('Augeas_modify_ifcfg-ovsbridge').with( - 'name' => 'vsm-br', - 'context' => '/files/etc/sysconfig/network-scripts/ifcfg-vsm-br', - 'changes' => ['set TYPE OVSBridge', - 'set DEVICE vsm-br', - 'set DEVICETYPE ovs', - 'set OVSREQUIRES vsm-br', - 'set NM_CONTROLLED no', - 'set BOOTPROTO none', - 'set ONBOOT yes', - 'set DEFROUTE yes', - 'set MTU 1500', - 'set NAME vsm-br', - 'set USERCTL no'] - ) - end - - it 'flap bridge' do - is_expected.to contain_exec('Flap_n1kv_bridge').with( - 'command' => '/sbin/ifdown vsm-br && /sbin/ifup vsm-br', - ).that_requires('Augeas[Augeas_modify_ifcfg-ovsbridge]') - end - - it 'create patch port on existing bridge' do - is_expected.to contain_exec('Create_patch_port_on_existing_bridge').with( - 'command' => '/bin/ovs-vsctl --may-exist add-port br_ex br_ex-vsm-br -- set Interface br_ex-vsm-br type=patch options:peer=vsm-br-br_ex' - ).that_requires('Exec[Flap_n1kv_bridge]') - end - - it 'create patch port on vsm bridge' do - is_expected.to contain_exec('Create_patch_port_on_vsm_bridge').with( - 'command' => '/bin/ovs-vsctl --may-exist add-port vsm-br vsm-br-br_ex -- set Interface vsm-br-br_ex type=patch options:peer=br_ex-vsm-br' - ).that_requires('Exec[Flap_n1kv_bridge]') - end - end - - context 'for existing bridge tagged' do - let :pre_condition do - "class { 'n1k_vsm': - phy_if_bridge => 'br_ex', - phy_gateway => '1.1.1.3', - vsm_domain_id => '1', - vsm_admin_passwd => 'secrete', - vsm_mgmt_ip => '1.1.1.1', - vsm_mgmt_netmask => '255.255.255.0', - vsm_mgmt_gateway => '1.1.1.2', - existing_bridge => true, - phy_bridge_vlan => 100, - }" - end - let :facts do - { - :ipaddress_br_ex => '1.1.1.6', - :osfamily => 'RedHat' - } - end - - it 'should require vswitch::ovs' do - is_expected.to contain_class('vswitch::ovs') - end - - it 'create ovs bridge' do - is_expected.to contain_augeas('Augeas_modify_ifcfg-ovsbridge').with( - 'name' => 'vsm-br', - 'context' => '/files/etc/sysconfig/network-scripts/ifcfg-vsm-br', - 'changes' => ['set TYPE OVSBridge', - 'set DEVICE vsm-br', - 'set DEVICETYPE ovs', - 'set OVSREQUIRES vsm-br', - 'set NM_CONTROLLED no', - 'set BOOTPROTO none', - 'set ONBOOT yes', - 'set DEFROUTE yes', - 'set MTU 1500', - 'set NAME vsm-br', - 'set USERCTL no'] - ) - end - - it 'flap bridge' do - is_expected.to contain_exec('Flap_n1kv_bridge').with( - 'command' => '/sbin/ifdown vsm-br && /sbin/ifup vsm-br', - ).that_requires('Augeas[Augeas_modify_ifcfg-ovsbridge]') - end - - it 'create patch port on existing bridge' do - is_expected.to contain_exec('Create_patch_port_on_existing_bridge').with( - 'command' => '/bin/ovs-vsctl --may-exist add-port br_ex br_ex-vsm-br -- set Interface br_ex-vsm-br type=patch options:peer=vsm-br-br_ex' - ).that_requires('Exec[Flap_n1kv_bridge]') - end - - it 'create patch port on vsm bridge' do - is_expected.to contain_exec('Create_patch_port_on_vsm_bridge').with( - 'command' => '/bin/ovs-vsctl --may-exist add-port vsm-br vsm-br-br_ex -- set Interface vsm-br-br_ex type=patch options:peer=br_ex-vsm-br' - ).that_requires('Exec[Flap_n1kv_bridge]') - end - - it 'tag patch port' do - is_expected.to contain_exec('Tag_patch_port').with( - 'command' => '/bin/ovs-vsctl set port br_ex-vsm-br tag=100' - ).that_requires('Exec[Create_patch_port_on_existing_bridge]') - end - end - end - - context 'on RedHat platforms' do - let :facts do - { :osfamily => 'RedHat' } - end - - it_configures 'n1k vsm pkgprep_ovscfg' - end - -end - diff --git a/n1k_vsm/spec/classes/n1kv_vsm_spec.rb b/n1k_vsm/spec/classes/n1kv_vsm_spec.rb deleted file mode 100644 index 564802b6d..000000000 --- a/n1k_vsm/spec/classes/n1kv_vsm_spec.rb +++ /dev/null @@ -1,21 +0,0 @@ -# -# Copyright (C) 2015 eNovance SAS -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. You may obtain -# a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the -# License for the specific language governing permissions and limitations -# under the License. -# - -require 'spec_helper' - -describe 'n1k_vsm' do - -end diff --git a/n1k_vsm/spec/classes/n1kv_vsm_vsmprep_spec.rb b/n1k_vsm/spec/classes/n1kv_vsm_vsmprep_spec.rb deleted file mode 100644 index 84500f718..000000000 --- a/n1k_vsm/spec/classes/n1kv_vsm_vsmprep_spec.rb +++ /dev/null @@ -1,243 +0,0 @@ -# -# Copyright (C) 2015 Cisco Systems Inc. -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. You may obtain -# a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the -# License for the specific language governing permissions and limitations -# under the License. -# - -require 'spec_helper' - -describe 'n1k_vsm::vsmprep' do - - let :params do - { } - end - - shared_examples_for 'n1k vsm prep' do - - context 'get vsm from file' do - let :pre_condition do - "class { 'n1k_vsm': - phy_gateway => '1.1.1.3', - vsm_domain_id => '1', - vsm_admin_passwd => 'secrete', - vsm_mgmt_ip => '1.1.1.1', - vsm_mgmt_netmask => '255.255.255.0', - vsm_mgmt_gateway => '1.1.1.2', - n1kv_version => '5.2.1.SK3.2.2a-1', - n1kv_source => 'vsm_test', - vsm_role => 'primary', - }" - end - - it 'gets vsm from file' do - is_expected.to contain_file('/var/spool/cisco/vsm/vsm_test').with( - 'source' => 'puppet:///modules/n1k_vsm/vsm_test', - ) - end - - it 'runs repackage iso script' do - is_expected.to contain_exec('Exec_VSM_Repackage_Script').with( - :command => '/tmp/repackiso.py -i/var/spool/cisco/vsm/current-n1000v.iso -d1 -nvsm-p -m1.1.1.1 -s255.255.255.0 -g1.1.1.2 -psecrete -rprimary -f/var/spool/cisco/vsm/primary_repacked.iso', - :creates => '/var/spool/cisco/vsm/primary_repacked.iso' - ) - end - end - - context 'get vsm from specified repo' do - let :pre_condition do - "class { 'n1k_vsm': - phy_gateway => '1.1.1.3', - vsm_domain_id => '1', - vsm_admin_passwd => 'secrete', - vsm_mgmt_ip => '1.1.1.1', - vsm_mgmt_netmask => '255.255.255.0', - vsm_mgmt_gateway => '1.1.1.2', - n1kv_version => '5.2.1.SK3.2.2a-1', - n1kv_source => 'http://vsm_test', - vsm_role => 'primary', - }" - end - - it 'configures specified repo' do - is_expected.to contain_yumrepo('cisco-vsm-repo').with( - 'baseurl' => 'http://vsm_test', - 'gpgkey' => 'http://vsm_test/RPM-GPG-KEY' - ) - end - - # Currently we always just check if VSM is present - it 'installs latest n1kv sofware' do - is_expected.to contain_package('nexus-1000v-iso').with( - :ensure => 'present', - ) - end - it 'runs repackage iso script' do - is_expected.to contain_exec('Exec_VSM_Repackage_Script').with( - :command => '/tmp/repackiso.py -i/opt/cisco/vsm/current-n1000v.iso -d1 -nvsm-p -m1.1.1.1 -s255.255.255.0 -g1.1.1.2 -psecrete -rprimary -f/var/spool/cisco/vsm/primary_repacked.iso', - :creates => '/var/spool/cisco/vsm/primary_repacked.iso' - ) - end - end - - context 'get vsm from pre-configured repo' do - let :pre_condition do - "class { 'n1k_vsm': - phy_gateway => '1.1.1.3', - vsm_domain_id => '1', - vsm_admin_passwd => 'secrete', - vsm_mgmt_ip => '1.1.1.1', - vsm_mgmt_netmask => '255.255.255.0', - vsm_mgmt_gateway => '1.1.1.2', - n1kv_version => '5.2.1.SK3.2.2a-1', - vsm_role => 'primary', - }" - end - - # Currently we always just check if VSM is present - it 'installs latest n1kv sofware' do - is_expected.to contain_package('nexus-1000v-iso').with( - :ensure => 'present', - ) - end - - it 'runs repackage iso script' do - is_expected.to contain_exec('Exec_VSM_Repackage_Script').with( - :command => '/tmp/repackiso.py -i/opt/cisco/vsm/current-n1000v.iso -d1 -nvsm-p -m1.1.1.1 -s255.255.255.0 -g1.1.1.2 -psecrete -rprimary -f/var/spool/cisco/vsm/primary_repacked.iso', - :creates => '/var/spool/cisco/vsm/primary_repacked.iso' - ) - end - end - - context 'get vsm from pre-configured repo secondary' do - let :pre_condition do - "class { 'n1k_vsm': - phy_gateway => '1.1.1.3', - vsm_domain_id => '1', - vsm_admin_passwd => 'secrete', - vsm_mgmt_ip => '1.1.1.1', - vsm_mgmt_netmask => '255.255.255.0', - vsm_mgmt_gateway => '1.1.1.2', - n1kv_version => '5.2.1.SK3.2.2a-1', - vsm_role => 'secondary', - }" - end - - # Currently we always just check if VSM is present - it 'installs latest n1kv sofware' do - is_expected.to contain_package('nexus-1000v-iso').with( - :ensure => 'present', - ) - end - - it 'runs repackage iso script' do - is_expected.to contain_exec('Exec_VSM_Repackage_Script').with( - :command => '/tmp/repackiso.py -i/opt/cisco/vsm/current-n1000v.iso -d1 -nvsm-s -m0.0.0.0 -s0.0.0.0 -g0.0.0.0 -psecrete -rsecondary -f/var/spool/cisco/vsm/secondary_repacked.iso', - :creates => '/var/spool/cisco/vsm/secondary_repacked.iso' - ) - end - end - - context 'get vsm from pre-configured repo pacemaker controlled' do - let :pre_condition do - "class { 'n1k_vsm': - phy_gateway => '1.1.1.3', - vsm_domain_id => '1', - vsm_admin_passwd => 'secrete', - vsm_mgmt_ip => '1.1.1.1', - vsm_mgmt_netmask => '255.255.255.0', - vsm_mgmt_gateway => '1.1.1.2', - n1kv_version => '5.2.1.SK3.2.2a-1', - pacemaker_control => true, - }" - end - - # Currently we always just check if VSM is present - it 'installs latest n1kv sofware' do - is_expected.to contain_package('nexus-1000v-iso').with( - :ensure => 'present', - ) - end - - it 'runs rename with version' do - is_expected.to contain_exec('Exec_VSM_Rename_with_version').with( - :command => '/bin/cp /opt/cisco/vsm/n1000v-dk9.5.2.1.SK3.2.2a-1.iso /opt/cisco/vsm/current-n1000v.iso', - :creates => '/opt/cisco/vsm/current-n1000v.iso' - ) - end - - it 'runs repackage iso script' do - is_expected.to contain_exec('Exec_VSM_Repackage_Script').with( - :command => '/tmp/repackiso.py -i/opt/cisco/vsm/current-n1000v.iso -d1 -nvsm-p -m1.1.1.1 -s255.255.255.0 -g1.1.1.2 -psecrete -rprimary -f/var/spool/cisco/vsm/primary_repacked.iso', - :creates => '/var/spool/cisco/vsm/primary_repacked.iso' - ) - end - - it 'runs repackage iso script secondary' do - is_expected.to contain_exec('Exec_VSM_Repackage_Script_secondary').with( - :command => '/tmp/repackiso.py -i/opt/cisco/vsm/current-n1000v.iso -d1 -nvsm-s -m1.1.1.1 -s255.255.255.0 -g1.1.1.2 -psecrete -rsecondary -f/var/spool/cisco/vsm/secondary_repacked.iso', - :creates => '/var/spool/cisco/vsm/secondary_repacked.iso' - ) - end - end - context 'get vsm from pre-configured repo pacemaker controlled latest version' do - let :pre_condition do - "class { 'n1k_vsm': - phy_gateway => '1.1.1.3', - vsm_domain_id => '1', - vsm_admin_passwd => 'secrete', - vsm_mgmt_ip => '1.1.1.1', - vsm_mgmt_netmask => '255.255.255.0', - vsm_mgmt_gateway => '1.1.1.2', - n1kv_version => 'latest', - pacemaker_control => true, - }" - end - - # Currently we always just check if VSM is present - it 'installs latest n1kv sofware' do - is_expected.to contain_package('nexus-1000v-iso').with( - :ensure => 'present', - ) - end - - it 'runs rename without version' do - is_expected.to contain_exec('Exec_VSM_Rename').with( - :creates => '/opt/cisco/vsm/current-n1000v.iso' - ) - end - - it 'runs repackage iso script' do - is_expected.to contain_exec('Exec_VSM_Repackage_Script').with( - :command => '/tmp/repackiso.py -i/opt/cisco/vsm/current-n1000v.iso -d1 -nvsm-p -m1.1.1.1 -s255.255.255.0 -g1.1.1.2 -psecrete -rprimary -f/var/spool/cisco/vsm/primary_repacked.iso', - :creates => '/var/spool/cisco/vsm/primary_repacked.iso' - ) - end - - it 'runs repackage iso script secondary' do - is_expected.to contain_exec('Exec_VSM_Repackage_Script_secondary').with( - :command => '/tmp/repackiso.py -i/opt/cisco/vsm/current-n1000v.iso -d1 -nvsm-s -m1.1.1.1 -s255.255.255.0 -g1.1.1.2 -psecrete -rsecondary -f/var/spool/cisco/vsm/secondary_repacked.iso', - :creates => '/var/spool/cisco/vsm/secondary_repacked.iso' - ) - end - end - end - - context 'on RedHat platforms' do - let :facts do - { :osfamily => 'RedHat' } - end - - it_configures 'n1k vsm prep' - end - -end diff --git a/n1k_vsm/spec/shared_examples.rb b/n1k_vsm/spec/shared_examples.rb deleted file mode 100644 index fec0eacc9..000000000 --- a/n1k_vsm/spec/shared_examples.rb +++ /dev/null @@ -1,5 +0,0 @@ -shared_examples_for "a Puppet::Error" do |description| - it "with message matching #{description.inspect}" do - expect { is_expected.to have_class_count(1) }.to raise_error(Puppet::Error, description) - end -end diff --git a/n1k_vsm/spec/spec_helper.rb b/n1k_vsm/spec/spec_helper.rb deleted file mode 100644 index 700be6a27..000000000 --- a/n1k_vsm/spec/spec_helper.rb +++ /dev/null @@ -1,19 +0,0 @@ -require 'puppetlabs_spec_helper/module_spec_helper' -require 'shared_examples' -require 'webmock/rspec' - -RSpec.configure do |c| - c.alias_it_should_behave_like_to :it_configures, 'configures' - c.alias_it_should_behave_like_to :it_raises, 'raises' - - c.default_facts = { - :kernel => 'Linux', - :concat_basedir => '/var/lib/puppet/concat', - :memorysize => '1000 MB', - :processorcount => '1', - :puppetversion => '3.7.3', - :uniqueid => '123' - } -end - -at_exit { RSpec::Puppet::Coverage.report! } diff --git a/n1k_vsm/spec/spec_helper_acceptance.rb b/n1k_vsm/spec/spec_helper_acceptance.rb deleted file mode 100644 index 429e807c4..000000000 --- a/n1k_vsm/spec/spec_helper_acceptance.rb +++ /dev/null @@ -1,56 +0,0 @@ -require 'beaker-rspec' -require 'beaker/puppet_install_helper' - -run_puppet_install_helper - -RSpec.configure do |c| - # Project root - proj_root = File.expand_path(File.join(File.dirname(__FILE__), '..')) - modname = JSON.parse(open('metadata.json').read)['name'].split('-')[1] - - # Readable test descriptions - c.formatter = :documentation - - # Configure all nodes in nodeset - c.before :suite do - # Install module and dependencies - hosts.each do |host| - - # install git - install_package host, 'git' - - zuul_ref = ENV['ZUUL_REF'] - zuul_branch = ENV['ZUUL_BRANCH'] - zuul_url = ENV['ZUUL_URL'] - - repo = 'openstack/puppet-openstack-integration' - - # Start out with clean moduledir, don't trust r10k to purge it - on host, "rm -rf /etc/puppet/modules/*" - # Install dependent modules via git or zuul - r = on host, "test -e /usr/zuul-env/bin/zuul-cloner", { :acceptable_exit_codes => [0,1] } - if r.exit_code == 0 - zuul_clone_cmd = '/usr/zuul-env/bin/zuul-cloner ' - zuul_clone_cmd += '--cache-dir /opt/git ' - zuul_clone_cmd += "--zuul-ref #{zuul_ref} " - zuul_clone_cmd += "--zuul-branch #{zuul_branch} " - zuul_clone_cmd += "--zuul-url #{zuul_url} " - zuul_clone_cmd += "git://git.openstack.org #{repo}" - on host, zuul_clone_cmd - else - on host, "git clone https://git.openstack.org/#{repo} #{repo}" - end - - on host, "ZUUL_REF=#{zuul_ref} ZUUL_BRANCH=#{zuul_branch} ZUUL_URL=#{zuul_url} bash #{repo}/install_modules.sh" - - # Install the module being tested - on host, "rm -fr /etc/puppet/modules/#{modname}" - puppet_module_install(:source => proj_root, :module_name => modname) - - on host, "rm -fr #{repo}" - - # List modules installed to help with debugging - on host, puppet('module','list'), { :acceptable_exit_codes => 0 } - end - end -end diff --git a/n1k_vsm/templates/vsm_vm.xml.erb b/n1k_vsm/templates/vsm_vm.xml.erb deleted file mode 100644 index 7096724b6..000000000 --- a/n1k_vsm/templates/vsm_vm.xml.erb +++ /dev/null @@ -1,92 +0,0 @@ - - <%= scope.lookupvar('n1k_vsm::vsmname') %> - <%= scope.lookupvar('n1k_vsm::memory') %> - <%= scope.lookupvar('n1k_vsm::vcpu') %> - - - hvm - - - - - - - - destroy - restart - restart - - - /usr/libexec/qemu-kvm - - - '/> - - - - - - '/> - - - - - - -
- - - - '/> - - - - <% if scope.lookupvar('n1k_vsm::pacemaker_control') == true %> - - <% end %> -
- - - - '/> - - - - <% if scope.lookupvar('n1k_vsm::pacemaker_control') == true %> - - <% end %> -
- - - - '/> - - - - <% if scope.lookupvar('n1k_vsm::pacemaker_control') == true %> - - <% end %> -
- - - - - - - - -